0.9
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.68
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | TrojanDownloader:Win32/Bublik.f39ef58d | 20190527 | 0.3.0.5 |
| Avast | Win32:Crypt-QDX [Trj] | 20200330 | 18.4.3895.0 |
| Baidu | Win32.Trojan-Downloader.Small.av | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20190702 | 1.0 |
| Kingsoft | None | 20200401 | 2013.8.14.323 |
| McAfee | Downloader-FWH!D63E6E2AE3E1 | 20200331 | 6.0.6.653 |
| Tencent | Trojan.Win32.Bublik.bkdm | 20200401 | 1.0.0.1 |
静态指标
动态指标
网络通信
与未执行 DNS 查询的主机进行通信
(1 个事件)
| host | 114.114.114.114 | |||
文件已被 VirusTotal 上 66 个反病毒引擎识别为恶意
(50 out of 66 个事件)
| ALYac | Trojan.GenericKD.1393477 |
| APEX | Malicious |
| AVG | Win32:Crypt-QDX [Trj] |
| Acronis | suspicious |
| Ad-Aware | Trojan.GenericKD.1393477 |
| AhnLab-V3 | Trojan/Win32.Zbot.C216253 |
| Alibaba | TrojanDownloader:Win32/Bublik.f39ef58d |
| Antiy-AVL | Trojan/Win32.Bublik |
| Arcabit | Trojan.Generic.D154345 |
| Avast | Win32:Crypt-QDX [Trj] |
| Avira | HEUR/AGEN.1040611 |
| Baidu | Win32.Trojan-Downloader.Small.av |
| BitDefender | Trojan.GenericKD.1393477 |
| BitDefenderTheta | Gen:NN.ZexaF.34104.hqZ@ayAp0sci |
| Bkav | W32.AIDetectVM.malware |
| CAT-QuickHeal | TrojanDownloader.Upatre.A4 |
| CMC | Trojan.Win32.Bublik!O |
| ClamAV | Win.Downloader.Upatre-5744092-0 |
| Comodo | TrojWare.Win32.TrojanDownloader.Upatre.MAUA@5rueuc |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Cybereason | malicious.ae3e1c |
| Cylance | Unsafe |
| Cyren | W32/Trojan.CSFI-3153 |
| DrWeb | Trojan.DownLoad.64690 |
| ESET-NOD32 | Win32/TrojanDownloader.Small.ABG |
| Emsisoft | Trojan.GenericKD.1393477 (B) |
| Endgame | malicious (high confidence) |
| F-Prot | W32/Trojan3.GLI |
| F-Secure | Heuristic.HEUR/AGEN.1040611 |
| FireEye | Generic.mg.d63e6e2ae3e1ca2b |
| Fortinet | W32/Bublik.AEOV!tr |
| GData | Trojan.GenericKD.1393477 |
| Ikarus | Trojan-Spy.Zbot |
| Invincea | heuristic |
| Jiangmin | Trojan/Bublik.gex |
| K7AntiVirus | Trojan ( 0001140e1 ) |
| K7GW | Trojan ( 0001140e1 ) |
| Kaspersky | Trojan.Win32.Bublik.bkdm |
| Lionic | Trojan.Win32.Generic.lNlt |
| MAX | malware (ai score=83) |
| MaxSecure | Trojan.Upatre.Gen |
| McAfee | Downloader-FWH!D63E6E2AE3E1 |
| McAfee-GW-Edition | BehavesLike.Win32.PWSZbot.ch |
| MicroWorld-eScan | Trojan.GenericKD.1393477 |
| Microsoft | TrojanDownloader:Win32/Upatre.E |
| NANO-Antivirus | Trojan.Win32.Bublik.coezmj |
| Panda | Generic Malware |
| Qihoo-360 | HEUR/QVM20.1.4389.Malware.Gen |
| Rising | Downloader.Small!8.B41 (TFE:dGZlOgV1ZPjVnIwWhA) |
| Sangfor | Malware |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2013-11-11 22:50:45
PE Imphash
93f3c3f7fa917eec6b457a216663e185
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x00000e7a | 0x00001000 | 6.627736516392026 |
| .rdata | 0x00002000 | 0x00000454 | 0x00000600 | 4.661152375082767 |
| .data | 0x00003000 | 0x000000d0 | 0x00000200 | 3.0215210660042207 |
| .rsrc | 0x00004000 | 0x00001f10 | 0x00002000 | 5.210524071213055 |
Resources
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_ICON | 0x00004250 | 0x00001ca8 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
| RT_GROUP_ICON | 0x00005ef8 | 0x00000014 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
| RT_MANIFEST | 0x000040f0 | 0x0000015a | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
Imports
Library USER32.dll:
• 0x402038 GetMessageA
• 0x40203c PostQuitMessage
• 0x402040 DispatchMessageA
• 0x402044 UpdateWindow
• 0x402048 LoadCursorW
• 0x40204c TranslateMessage
• 0x402050 LoadBitmapA
• 0x402054 CreateWindowExA
• 0x402058 RegisterClassExA
• 0x40205c DefWindowProcA
• 0x402060 MessageBoxA
• 0x402064 SendMessageA
• 0x402068 LoadIconA
• 0x40206c PostMessageA
• 0x402070 GetClassLongW
• 0x402074 SetWindowTextW
• 0x402078 ShowWindow
• 0x40207c GetKeyboardState
Library KERNEL32.dll:
• 0x402008 GetProcessHeap
• 0x40200c GetModuleHandleA
• 0x402010 HeapCreate
• 0x402014 HeapFree
• 0x402018 DeleteFileW
• 0x40201c CreateFileW
• 0x402020 HeapReAlloc
• 0x402024 SetFilePointer
• 0x402028 WriteFile
• 0x40202c ReadFile
• 0x402030 HeapAlloc
Library GDI32.dll:
• 0x402000 GetStockObject
L!This program cannot be run in DOS mode.
R:)RSR
RRichR
`.rdata
@.data
USER32.dll
NTDLL.DLL
KERNEL32.dll
GDI32.dll
C/3u+GXMl
h@@E@ 30 33Eh3@
0@hjj 3@ 3 @ E
3@3hhj@@@
@j 00 Eh E@3@ jj0
@h hULV5h @
WWPWWh
t*=L @
3E jE3Eh3@@@@
0 jEhjj
00h0hj@ hEE
h3jjEE@hE
E3@@3j3jEhh
EE0h3Ej j3@hE@E3hE
VWAAf9
uE@ME;ve
E;Es N$
jj@E 03@ 3@@0 hj@ 0jEh0 0
3jE@ 3@3 @@E0jEh
hhj00@@E
E0j @3E0@ j0h3hh
FG3@_^]
j hE@j0j0j0
0E0E3030j0
@3j0 @jhj @
333h0E
jh@0E3j3
0@E@E
NLLl|S
o1NA4+"
Yu<!lmE
N)4~Bq7
y1L^"+"
C"BVul3= <u`*
&NG3B"X
t[iZ1FG3B"
ZChV6^569
b J@u*.1#
q[ c7JA
|6J@"+)=?
NR&}7F\"+3(
=?%r` c7JA
B(e-bH
/3usKXM
C/kG/G
qaWk,)/A
H!WIltI
CE3 +2
w?Xsvr#A
wy04tnM_bi
CE0 *GX
f,3n!-
QHSgy>y
u+-2Mn
[Mrw7o$
eXKE3}
o;<5wi
8"[.?[)/[w+-8
nUeC-3 #22]
w4?e.3neEEl
y-XMo5%H
fnqJYM
~XM=KaXWvB
0tDXM:pgo,
@_='Xo
+Bhj0O-
"9e/3 )-0Ml
l>QH_a
pc%}tCXM}aS
+",blm[
rZFd.NT
},F][Hi6M
zRFa,H\
# @^ZB&=>
HC17jH].
A53&JV@3 33
30 3@ 3 h
h3Ej
3@hEhh3jj33 j3 @3@ hj
0hE hj
j @3 0
h h@j@ hj 3
h3 @ @EE@j3j0@EEhj
h@h 0E0jhE03WSSQ
Iu[[_[+S3EjjhhE@@h3 E00j@3j@30j@E
jEjh330@ 3j30j033
EjE 0 3 h3
3 j300h @0
00 3j
hhj00 E@
}}<?}$}
{}}{}Y5}}
x}|}.}}c*}
}.a}};}} }
static
delivery
button
Gendalf
EH#BM94
X+"B/c]
U44T(C
W "MD:YbY
(:Ia4?a*
GetKeyboardState
GetClassLongW
SetWindowTextW
PostMessageA
LoadIconA
SendMessageA
MessageBoxA
DefWindowProcA
RegisterClassExA
CreateWindowExA
LoadBitmapA
TranslateMessage
LoadCursorW
DispatchMessageA
GetMessageA
PostQuitMessage
ShowWindow
UpdateWindow
USER32.dll
ReadFile
WriteFile
SetFilePointer
HeapReAlloc
CreateFileW
DeleteFileW
HeapFree
HeapCreate
GetModuleHandleA
GetProcessHeap
HeapAlloc
KERNEL32.dll
GetStockObject
GDI32.dll
[T[)GA6OH"\
ZDGBT($
BKc4K`+=GO)#]#
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
F;, {s
LB/#PD
;1TLxr
C9$!lc
F=_We]
-#<50-
kVPVOUOUNUOUOUNUOVOUOVOVOUOVOVP\U_XXQUOVP[UD@
I?qj.#
G<4(kb
xxxtttttt
ODj_j_[P
MCVK/!,
- - - - - - #
j_WLB6
. , - - ,
- / / / / / / %
PCbW`TI<
0!/ / . 3%
/ 1"1"1"1"1"1"0 4%K>REF91!6(K>PC>0/ / 9+M@THH:2#0!1"1"1"0!5'
1"1!1!1!1!1!1!4$2"+
3#4$0 +
3#3#3#3#3#2#7(!
4$F8F8F8F8F8F8>.@1A2B3B3A2A2B3B3B3A3A2B3B3B3B3A2A2A2A2A2@1H9!
L!This program cannot be run in DOS mode.
}&9H9H9H
;HBD8HjQ;Ho[
H9HcH[[.H9I
N8HRich9H
`.rdata
@.data
U_^]3[
VL|$ iGa+
|$ W~T
]_^]3[
D$ Vt$ W
t$$D$(3
5y7_^][
Q3SUl$
t$ VPSm
A;|_^][Y
QVWhHF
D$8L$0
T$HD$D\$<L$,WRPSQVT$0hQF
D$@L$h@
T$D4L$
<(gT$DD$,Rj
PVL$(hPF
T$8L$`B
T$<,L$
][_^L$
L$DD$8
L$,D$8
L$(D$8
T$HQRj
T$HQR1
T$@j=j
L$ D$8
T$(VRD$D
D$ j j
D$ RPz
L$ D$4
L$$D$4
L$(D$4
L$@D$4
_^]3[L$
L$ D$4
L$$D$4
L$(D$4
L$@D$4
L$,_^][d
L$(D$8
L$$D$8
L$DD$8
L$ D$8
T$@j=j
D$(j j
L$,PQm
D$(RPZ
L$@D$4
L$ D$4
L$$D$4
L$(D$4$
_^]3[L$
L$@D$4
L$ D$4
L$$D$4
L$(D$4
L$,_^][d
D$ PD$
D$(N@L$,V<T$4F$D$0N(L$ FD
V,F0D$
u#N@F8QN
3|$!\$ V8N@fQRD$(htSF
3ISQL$(Q
PT$ QRD$,hdSF
SV3W9^D
^H_^3d
S\$4VW
d$ hSF
d$(hSF
D$HT$LSL$ PQRD$P
T$ fD$$3N
PD<$PR
u,D$<t\P
3~I\$<N
F0F4u2j
F4F8u;j
PD$$T$
t$$t$
QSUVWD$@33;D$
t$0SD$
t$0SL$
VQUaD$$
D$0t$,3
PU5t$0
T$<PD$
d$LPD$<
d$`RD$@
PD$$T$
D$$t$
3|$a\$`f3\$
fD$)D$
uH;~8Vt$ `F
PWNhTZF
fArpfZwj
QSUVh^F
D$$RPS
PVL$$T$lQRD$,P
\$<\$@T$D
\$LD$P^F
D$HD$,P
SST$\SR
t*=d%E
L$XQSST$`SR
QSUVWt$
L$$T$(N4RD$
D$,L$0?U
R trhP
|$$;D$
F0F4u2j
F4F8u;j
PSR8D$
_^]3[d
SU-D&E
PL$(SQRn
D$ _^][
VS_^][
QSVWt$
D$ L$$3hP
|$ ;D$
|$4T$0@
|$uD$(T$tfT$
T$$RT$$=D#E
3|$0D$
D$lD$pD$th
D$0RPj
T$0QL$0Rj
PQD$d(_F
;yuNU(
L$0PQj
_^]3[h
QSV3W98
QSRVD$$
S\$$UV
d$ hSF
d$(hSF
D$<SL$DPQUD$D
pD$03~ N
D$0;|t
JlBp;t691t
QSUVWt$
L$$T$(N4RD$
SQP(hP
|$$;D$
SVWF(u
ST$ QRD$$
S\$0UVW
d$ hSF
d$(hSF
D$HSL$PPQUD$P ~8V$3
QSW@SS
PD<DPR
~8N$\$$\$ D$$
PSWBSS
D$<3;~ N$+SP
D$<;|;t
L$(_^]d
|$ wv$(c@
|$0|$4Bhh
t*D$(L$$PQQT$
3|$<T$$
T$(D$$L$<T$,PQRRRRRRT$PRT$4D$`D
;sPL$$4V
T$$QR$
;sPL$$4V
T$$QR$
L$44V`
SUVW\$,D$+3
3|$4D$
3;t4L$
T$8t$$L$,RV
SUVL$$W3
3|$0\$,D$
\$ \$$@
3|$,+T$,T$0
S\$$UVWS
d$ hSF
d$(hSF
D$<SL$DPQUD$D"
RT<8RP
pD$03~ N$+j
D$0;|t
;uv l$$T$(RV
HD$$ut$
;t$D$ D$ VPa
;L$ u{
;t(D$ D$ WP
;L$ uL$
t$ +l$$;t$D$ WP
;T$ uL$
T$ L$$
|$(t9+
L$$|$(
l$(t t
+;t4L$$t
L$ ;ut$
tWHu]D$
SUVWL$
;|$(tC3t$
S\$$UVW
d$ hSF
d$(hSF
D$<SL$DPQUD$Dl
RT<8RP
pD$03~ N$+j
D$0;|t
D$ ~(F$~,~0L$ ~8N4~<~@
D$ PD$
WWhD_F
~8~<~@F(PD$
~(~,~0D$
QSUVW333C(;t~K,+
;sdK(L1
C(,0G4{3C8;t:K<+
k,S(;t
4;uK,S,S<L$
;uS<_^K<]T$
QSUVWT
8SUVWl$
93to4;u
m,C4;t
4;ut$LD$
L$LH,jD$
m,C4;t
4;ut$LD$
d$ P$P
SUVW3h_F
L$0\$(3w
D$,j^SL$
T$,j^j
SRV\$,
L$,D$$
L$,D$$
L$,D$$R
_^]3[d
SVWhHF
j^D$,SL$
j^T$,j
D$ SRP
SUVWL$T3h_F
UD$DUL$dPT$,QRT$0D$lUL$<PQUU3URt$H
D$ ;tG
T$@L$\fB
PQL$(T$@j
D$$;t?
@|$eD$H3D$d
3fVVVL$TVT$tD$,QRUP
PT$TQR
L$(Qh?
uTVL$<VT$DQD$PRPD$<L$`VT$DQRVVVPt$\t$|t$tt$lt$h
S\$$UVW
d$ hSF
d$(hSF
D$<SL$DPQUD$D
RT<8RP
pD$03~ N$+j
D$0;|t
D$$3hP
FH^$^(P
|$$;D$
QSVWC(u
C(tC0P!
s<3tF3
|C<UPJ
t'K0t$
{D_^3[Y
S\$$UVWS>
d$ hSF
d$(hSF
D$<SL$DPQUD$D
RT<8RP
D$03~ N$+j
D$0;|t
|$\3;uCD$`t$
|$ L$$T$
L$(\$T
T$<D$8
++PQL$DD$\
T$ t$<+
#SSPQL$@RSSQ
L$(\$T
L$8D$T
L$(\$Tr
L$8D$T}
L$L_^][d
SUVWt$ 3
|$(L$$h
QM`D$,
\$ \$$\$(
;tQP+%
FL;rSf$
pSUV3WU
SWUUV$
T$PPUUR
3|$dfD$Z|$PfD$n
fD$4BMD$t
T$6L$6T$:T$>D$>6
D$pD$4P
Uj(L$xj
L$HT$`,D$Xj
PD$(P~
L$ D$x
SUVWhHF
N4PQT$
D$$RP]
L$ D$,
F$F<F,D$,
L$$_^]3[d
+SU33V
3|$$D$ h
SUVWL$
;|$(tC3t$
S\$$UVW
d$ hSF
d$(hSF
D$<SL$DPQUD$D\
RT<8RP
pD$03~ N$+j
D$0;|t
D$`3|$ah
fL$dD$ D
RPD$P(_F
D$ PD$
M0jxQQ
U0jyR3
E0Hduehp
AdU0Jd
3|$(D$$
+T$8hP
RHdT$<Qj
t$ D$,N0
V0ONZd$s
4;uD$$PW
T$$RV>
t$$;uIVV
;uU4;t
t$$;uC
4D$ H0
3|$\T$Xh
t SWQT$
SUVWhHF
T$ RK
L$ hDkF
D$@P5#
L$DhHF
L$,3\$4D$8D$<D$@xF
RPD$<QPn#
L$DT$4jdQR
D$DL$ P|d
d$ hSF
d$(hSF
D$@L$<PT$ QRWD$D]mT$, 3v^K
;ru93L$
SSSSPQ
d$(R}^
44;u_^[
VWPjft$
Nh~l~p~t
^l^p^tD$
D$$3|$%3fL$$
D$ PL$
SWVL$
SV3WSe
3|$ T$,
L$ Q=[C(K
EpMhRj
3|$ T$,
L$ QZs(K
3|$ T$,
L$ Q1Zs(K
3|$ T$,
L$ QYs(K
3|$ T$,
L$ QKYs(K
3|$ T$${(L$(QRVD$(
|$ uD$ G0D$$G4L$(O8T$ R
3T$,+h
L$ Q|Xt$
3|$ T$,
L$ Q+Xs(K
3|$ T$,
F(t]N,+
;sCV(D$
tTmdS0E(L
d$(P9M
REuP=P
3Flt)Np+
SUVWl$ |$
\$ D$$
PD$(QI
HtBHt!Hu(F
luQVt$ VhkF
SUVW3hHF
3|$-\$,f@
;v%Pj@
>T$(-$ E
D$ RPL$$SQSWSD$D
\$8\$<
s0L$ ;v(
w T$(D$ R$4
PT$$QD$8RPWS;t
L$,QL$
SUVWhHF
L$ RR@
D$ RPC?
T$(3T$,D$<T$0T$
RL$X\$4\$HD$T
|$8t$$3t
|$8t$$3t
T$$D$(
L$$T$(
;uD$ UPSh
SVWhHF
T$ QR7
L$(RL$0h
D$$ucL$
VWD$dhp[F
L$dhlF
D$$L$"T$ %
QL$"RT$$%
D$$L$"T$ %
PD$"QL$"
D$$L$"T$ %
QL$"RT$$%
L$4t$,
;u`QQP
t$4L$8QV
L$<D$<(
|$`+hHF
j(PVD$ (
L$ V$t
D$<PSe
j\L$ $
L$|D$$H,E
D$|D,E
L$0SQL$4
T$$@,E
D$$hlF
L$$PQ-
T$$PR2-
D$x;t!PC
SL$0^"
SSSSL$ *
T$$L$|L$ B
D$|D,E
jL$$D$|D$ Q
WWD$4U
|$,|$$|$8
QD$$RPL$Hj$Qj
RL$$PQWUj
j0Vl$H
t0D$8PWVj
tNT$4Rh
+T$`$d
@$;D$$
SUVWh?
tkD$(UVh
VS^]L$(W!
VW^[L$
SVW3eu}0
y4t9L$
QSUVW|$
QSUVt$
C 8tIK0
pppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
999999999994
Ebcrr<<<<<<
Fr9:a9
F$345'BBu@P
99999:;Y
t pppp/
#]h9::d:n
0d:::::::::::::::::::::d::@<::::::::
5[7799
}0rat0
}txttt?
C�:�\�U�s�e�r�s�\�J�o�y�c�e�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�R�a�r�$�E�X�0�0�.�9�8�1�\�p�a�y�m�e�n�t�-�h�i�s�t�o�r�y�-�n�9�9�9�8�7�6�5�-�3�4�5�4�3�-�4�3�4�5�.�e�x�e�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�l�l� �U�s�e�r�s�\�S�t�a�r�t� �M�e�n�u�\�P�r�o�g�r�a�m�s�\�S�t�a�r�t�u�p�\�G�i�c�g�s�u�M�e�N�.�e�x�e�
C�:�\�4�6�6�9�f�9�1�b�4�4�f�f�9�9�e�0�2�0�f�8�3�5�1�b�9�5�1�c�6�1�8�b�f�b�1�9�4�3�5�0�c�1�4�0�c�e�b�4�e�a�2�6�3�2�9�5�9�b�6�e�a�5�3�6�
C�:�\�z�o�9�7�t�M�H�Z�.�e�x�e�
C�:�\�V�Y�O�a�T�1�O�7�.�e�x�e�
C�:�\�g�K�W�E�e�5�l�S�.�e�x�e�
C�:�\�a�w�A�B�L�b�V�u�.�e�x�e�
C�:�\�M�n�r�O�7�w�t�E�.�e�x�e�
C�:�\�i�T�9�Q�c�4�p�F�.�e�x�e�
C�:�\�J�A�9�5�P�F�o�n�.�e�x�e�
C�:�\�t�t�k�Y�O�i�D�U�.�e�x�e�
C�:�\�Q�W�5�A�M�O�8�j�.�e�x�e�
C�:�\�g�o�h�F�9�b�2�1�.�e�x�e�
C�:�\�V�W�K�S�E�4�m�2�.�e�x�e�
C�:�\�q�h�B�i�s�k�1�j�.�e�x�e�
C�:�\�7�1�X�f�Y�G�C�_�.�e�x�e�
C�:�\�_�_�n�G�O�8�m�m�.�e�x�e�
C�:�\�I�_�k�K�_�B�c�V�.�e�x�e�
C�:�\�t�m�T�b�Y�k�q�y�.�e�x�e�
C�:�\�w�O�5�A�Y�5�U�W�.�e�x�e�
C�:�\�T�O�I�q�W�f�B�7�.�e�x�e�
C�:�\�K�v�f�0�Q�9�6�m�.�e�x�e�
C�:�\�4�6�x�i�n�7�C�G�.�e�x�e�
C�:�\�i�u�p�k�b�_�Z�o�.�e�x�e�
C�:�\�0�N�u�y�s�q�y�r�.�e�x�e�
C�:�\�p�e�w�g�s�c�v�C�.�e�x�e�
C�:�\�a�3�6�1�c�8�7�6�3�b�e�3�4�4�7�f�0�3�a�1�b�7�0�b�f�4�c�d�f�6�9�3�e�0�6�e�3�7�8�1�f�e�e�9�4�7�e�1�1�d�4�a�3�8�f�6�f�5�1�a�5�6�e�3�
C�:�\�c�7�3�7�8�e�8�5�a�7�0�6�6�d�7�4�e�a�f�4�4�5�a�1�1�7�d�3�0�c�c�9�6�0�4�6�3�e�1�2�b�0�7�7�7�6�2�5�8�a�0�d�7�9�a�7�2�b�d�1�5�1�f�b�
C�:�\�H�_�n�Z�z�H�o�0�.�e�x�e�
C�:�\�b�5�0�T�n�q�R�J�.�e�x�e�
C�:�\�I�q�q�F�S�R�d�0�.�e�x�e�
C�:�\�7�0�o�G�J�x�I�x�.�e�x�e�
C�:�\�L�q�k�5�B�x�s�O�.�e�x�e�
C�:�\�i�Q�J�5�D�M�7�e�.�e�x�e�
C�:�\�I�7�H�l�i�R�0�t�.�e�x�e�
C�:�\�N�1�2�j�t�w�n�_�.�e�x�e�
C�:�\�z�2�g�D�G�G�W�S�.�e�x�e�
C�:�\�U�x�t�f�b�E�o�I�.�e�x�e�
C�:�\�G�l�T�G�B�k�D�V�.�e�x�e�
C�:�\�Z�R�V�O�O�D�x�D�.�e�x�e�
C�:�\�T�F�7�z�c�6�X�u�.�e�x�e�
C�:�\�T�U�W�b�I�0�p�5�.�e�x�e�
C�:�\�o�p�G�r�I�a�u�W�.�e�x�e�
C�:�\�S�g�H�D�f�y�x�l�.�e�x�e�
C�:�\�t�Z�x�Y�3�R�I�Z�.�e�x�e�
C�:�\�u�r�I�4�o�N�c�N�.�e�x�e�
C�:�\�g�o�v�a�7�o�l�f�.�e�x�e�
C�:�\�d�5�O�2�e�N�5�l�.�e�x�e�
C�:�\�u�d�W�V�V�5�q�z�.�e�x�e�
C�:�\�v�H�t�Z�x�N�q�w�.�e�x�e�
C�:�\�w�9�y�R�e�X�5�e�.�e�x�e�
C�:�\�O�I�O�b�a�l�i�V�.�e�x�e�
C�:�\�Y�H�z�Z�7�f�v�X�.�e�x�e�
C�:�\�b�v�G�p�o�z�0�f�.�e�x�e�
C�:�\�7�q�8�O�q�2�s�a�.�e�x�e�
C�:�\�_�u�c�3�z�1�G�L�.�e�x�e�
C�:�\�p�9�B�V�M�f�y�T�.�e�x�e�
C�:�\�s�B�k�F�S�o�f�M�.�e�x�e�
C�:�\�U�p�e�f�u�g�U�U�.�e�x�e�
C�:�\�A�F�e�h�1�6�0�s�.�e�x�e�
C�:�\�c�5�K�U�B�M�t�z�.�e�x�e�
C�:�\�0�O�W�x�y�i�c�D�.�e�x�e�
C�:�\�U�7�P�v�W�y�1�_�.�e�x�e�
C�:�\�x�7�X�v�L�D�9�m�.�e�x�e�
C�:�\�n�r�P�7�A�g�1�x�.�e�x�e�
C�:�\�C�X�D�I�z�n�k�W�.�e�x�e�
C�:�\�9�C�y�k�w�1�k�R�.�e�x�e�
C�:�\�3�d�e�4�1�c�d�a�c�e�5�4�a�3�9�6�3�0�5�5�1�c�5�3�d�b�a�1�e�7�8�e�e�e�4�d�5�b�7�4�7�1�a�2�2�2�6�5�a�7�3�7�3�e�3�7�2�c�8�d�8�7�9�0�
C�:�\�P�U�l�V�p�x�d�5�.�e�x�e�
C�:�\�w�O�w�b�F�l�P�r�.�e�x�e�
C�:�\�k�d�4�o�l�W�E�J�.�e�x�e�
C�:�\�d�f�u�o�9�k�P�F�.�e�x�e�
C�:�\�t�A�L�7�6�e�6�x�.�e�x�e�
C�:�\�9�4�V�V�O�Y�1�l�.�e�x�e�
C�:�\�P�k�K�3�b�X�s�k�.�e�x�e�
C�:�\�v�2�Y�S�D�5�A�n�.�e�x�e�
C�:�\�i�6�_�I�e�8�x�3�.�e�x�e�
C�:�\�W�5�f�A�S�f�H�W�.�e�x�e�
C�:�\�r�y�h�D�k�F�p�H�.�e�x�e�
C�:�\�1�c�F�c�R�_�5�b�.�e�x�e�
C�:�\�4�4�z�h�T�o�3�j�.�e�x�e�
C�:�\�o�E�2�m�D�L�K�M�.�e�x�e�
C�:�\�P�g�0�e�B�Y�H�A�.�e�x�e�
C�:�\�z�J�N�a�h�A�u�_�.�e�x�e�
C�:�\�w�i�8�E�W�D�K�0�.�e�x�e�
C�:�\�a�v�q�E�Y�t�U�E�.�e�x�e�
C�:�\�a�m�B�b�Q�R�l�A�.�e�x�e�
C�:�\�y�h�5�H�7�T�t�5�.�e�x�e�
C�:�\�T�L�c�g�h�w�1�5�.�e�x�e�
C�:�\�e�r�S�2�m�u�G�b�.�e�x�e�
C�:�\�Q�z�u�V�e�T�O�E�.�e�x�e�
C�:�\�L�s�s�s�l�D�k�w�.�e�x�e�
C�:�\�G�X�f�u�4�i�D�n�.�e�x�e�
C�:�\�B�H�_�9�a�u�J�c�.�e�x�e�
C�:�\�H�r�v�m�J�e�D�l�.�e�x�e�
C�:�\�O�6�J�t�M�5�2�R�.�e�x�e�
C�:�\�4�1�f�b�d�d�c�1�a�1�4�3�5�7�9�c�f�9�3�d�7�d�7�1�2�c�4�6�a�3�f�b�c�f�f�2�e�2�8�0�2�8�2�1�d�f�c�2�e�8�4�d�1�f�6�a�1�4�a�5�f�b�3�a�
C�:�\�0�7�2�c�c�8�e�c�0�1�a�e�f�a�f�f�1�3�3�e�d�1�6�b�6�b�1�7�4�7�7�2�5�e�2�3�4�5�5�4�3�f�a�d�4�0�3�6�8�0�8�a�2�8�4�f�f�f�2�6�3�3�3�d�
j�j�j�j�j�j�j�
C�:�\�a�7�c�4�8�4�1�b�0�1�3�6�8�d�3�8�4�b�6�c�c�d�f�8�c�c�3�e�3�9�5�e�4�e�8�2�2�0�7�0�a�6�3�3�b�f�0�b�5�3�0�a�3�b�6�3�3�d�b�5�c�a�c�8�
C�:�\�0�6�6�8�8�e�1�8�b�d�4�7�7�6�3�4�e�0�2�6�a�1�3�8�9�5�7�7�f�7�c�b�2�e�3�b�3�5�4�3�1�c�d�1�8�4�a�1�a�c�2�6�a�7�a�c�0�c�6�6�e�c�0�3�
C�:�\�e�c�1�c�b�c�a�d�5�4�9�3�1�5�4�a�a�4�5�d�5�8�c�a�8�a�d�4�e�4�f�a�b�c�d�1�9�1�7�7�b�f�7�4�2�3�0�4�a�7�0�b�b�c�5�f�0�f�9�c�8�8�8�1�
C�:�\�e�W�f�U�l�C�s�E�.�e�x�e�
c�:�\�2�5�x�m�v�k�\�q�i�3�g�k�s�.�e�x�e�
C�:�\�9�d�e�3�b�4�4�2�b�0�8�7�f�b�1�b�e�1�d�e�8�2�4�0�b�c�1�4�4�c�6�e�1�8�0�4�8�b�3�b�0�7�2�9�c�c�1�5�4�8�0�5�2�8�5�2�9�4�b�4�0�b�9�c�
c�:�\�l�v�y�j�a�k�\�j�k�v�6�p�5�.�e�x�e�
C�:�\�K�3�f�G�7�o�j�O�.�e�x�e�
C�:�\�X�M�D�P�h�t�J�_�.�e�x�e�
C�:�\�e�a�d�4�d�9�9�8�7�c�a�1�0�9�f�5�7�c�4�5�a�e�6�2�a�d�7�8�9�7�5�4�8�8�7�d�7�2�5�9�5�3�7�5�3�e�f�7�f�d�9�e�c�4�f�8�3�b�e�4�a�a�1�7�
C�:�\�0�2�2�7�1�5�a�9�f�1�a�f�3�7�8�c�9�9�3�a�1�d�3�b�e�8�c�a�1�1�e�e�4�8�4�7�6�b�a�8�9�c�b�c�1�6�1�f�9�a�5�9�1�9�8�e�8�7�3�e�d�c�4�1�
C�:�\�4�5�b�3�1�5�2�1�2�e�1�a�d�c�5�8�7�d�9�1�f�b�6�d�e�9�f�4�5�d�1�f�5�4�1�8�1�1�b�b�a�5�1�7�3�d�a�e�9�4�3�7�1�8�8�e�2�c�7�f�f�4�d�3�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�f�4�2�d�e�8�0�5�6�3�f�c�d�9�a�6�c�2�f�f�7�2�e�9�e�c�c�c�6�f�7�c�2�9�1�4�f�1�1�b�c�0�2�c�0�7�8�c�5�0�7�0�c�b�7�6�1�6�7�8�d�9�4�0�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�f�e�8�3�0�6�5�3�4�f�2�b�6�6�b�b�6�f�0�7�9�3�2�c�9�b�2�d�8�0�d�b�a�c�8�f�2�b�b�f�f�5�4�7�5�8�e�c�4�4�5�a�2�e�d�a�6�c�5�a�1�8�3�c�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�2�0�9�3�7�6�9�a�8�9�a�f�d�0�6�9�f�4�c�f�6�9�a�6�6�a�b�a�f�6�5�5�4�8�9�6�7�c�5�9�e�6�e�2�f�6�1�7�f�5�4�8�4�5�c�d�e�6�f�6�7�0�c�7�
C�:�\�b�b�1�4�7�c�1�1�f�e�1�c�e�6�b�f�7�6�1�c�8�b�b�7�a�a�0�b�5�3�4�9�3�e�e�9�7�d�4�8�9�d�4�9�8�d�1�d�4�b�c�8�f�3�4�c�9�2�8�b�f�e�7�3�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�1�8�d�7�1�a�0�3�f�c�4�3�3�6�a�1�_�h�u�r�o�.�e�x�e�
C�:�\�b�a�9�4�4�e�6�0�6�9�e�2�2�6�8�2�e�9�5�9�b�8�3�0�7�f�2�a�f�b�8�b�c�f�d�8�8�c�f�4�1�5�d�8�f�a�3�0�b�9�7�7�f�f�1�8�b�7�8�c�5�5�c�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�d�4�3�1�1�9�1�0�7�2�4�9�2�5�6�0�_�h�u�r�o�.�e�x�e�
C�:�\�a�5�0�0�f�c�9�a�5�0�b�9�f�c�e�1�a�5�0�0�9�8�6�2�2�1�1�7�6�5�3�3�0�b�5�9�6�c�1�6�c�3�5�e�8�d�3�7�f�b�2�c�d�9�1�3�f�d�d�7�8�5�e�a�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�6�d�a�a�9�7�8�3�2�2�6�f�5�5�6�4�_�h�u�r�o�.�e�x�e�
C�:�\�6�9�d�4�8�3�e�6�6�6�1�f�5�7�8�b�0�d�9�e�1�f�5�3�e�4�4�0�2�1�e�7�c�5�1�e�c�b�1�6�3�9�0�5�3�8�7�e�6�a�0�3�3�2�8�0�5�b�4�4�b�a�c�7�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�e�e�c�3�d�e�0�9�7�a�3�3�c�8�7�f�9�6�3�c�d�9�b�a�e�c�f�3�a�5�8�5�c�4�0�e�a�5�b�2�3�1�2�0�6�d�0�4�8�9�9�0�9�8�a�e�a�1�c�b�6�8�4�4�
C�:�\�6�b�a�d�0�2�c�c�5�0�2�4�9�d�9�3�1�0�9�3�2�3�6�f�9�9�8�2�1�8�a�2�7�d�8�a�f�c�c�0�8�f�4�7�6�2�6�a�4�7�2�6�8�7�5�a�d�c�6�3�0�0�8�6�
C�:�\�4�6�5�4�7�d�e�5�d�d�0�c�f�b�8�a�0�5�e�6�b�f�3�6�e�7�f�c�2�3�6�f�3�1�8�1�f�e�6�4�7�3�e�4�2�d�2�6�a�f�2�7�9�f�7�8�8�f�5�b�c�0�3�9�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�c�7�0�e�5�8�c�6�1�c�0�d�4�7�8�6�_�h�u�r�o�.�e�x�e�
C�:�\�4�3�6�6�0�9�c�c�5�5�7�7�4�f�4�1�e�b�0�f�b�1�5�8�2�c�5�a�f�8�4�1�6�7�c�2�1�a�4�8�c�c�7�b�2�5�4�2�a�c�0�1�5�f�0�e�2�1�1�b�b�5�0�b�
C�:�\�a�3�f�1�a�8�2�e�b�d�0�8�8�9�e�7�2�5�8�e�9�d�1�e�4�0�0�d�9�3�3�b�c�7�1�f�c�f�e�3�e�1�8�f�9�2�3�e�0�3�c�2�8�b�d�6�9�8�1�9�f�5�5�7�
C�:�\�a�a�8�9�7�f�b�a�6�3�3�a�b�0�2�9�b�a�6�9�0�3�7�4�f�c�a�9�b�5�5�4�0�c�a�b�9�2�b�7�4�4�e�8�8�e�8�5�c�6�2�0�1�0�6�6�1�e�3�3�8�5�b�c�
C�:�\�1�4�1�a�d�0�7�b�8�1�7�0�2�e�7�7�b�e�b�1�9�2�f�7�3�d�1�b�f�2�f�f�9�d�8�6�5�a�c�2�4�0�c�1�e�1�c�a�0�d�f�e�7�0�9�0�3�4�4�7�7�a�e�a�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�7�c�8�9�a�7�8�b�a�3�f�6�9�9�7�d�_�h�u�r�o�.�e�x�e�
C�:�\�7�a�3�f�d�7�5�1�c�6�5�9�8�3�f�f�8�6�b�7�7�2�9�2�e�1�5�e�1�2�6�1�8�f�8�0�d�f�3�d�5�4�d�3�7�1�1�a�c�8�3�7�f�9�e�1�c�1�e�a�7�7�d�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�9�4�7�b�7�e�6�2�c�7�6�f�6�e�5�6�2�4�7�0�c�5�d�e�d�7�3�0�e�f�f�a�f�3�e�2�8�8�7�6�e�1�9�d�8�c�4�0�2�9�a�8�8�f�7�2�3�1�8�8�d�3�1�a�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�0�7�7�7�0�3�8�6�4�9�3�3�c�c�0�1�4�8�c�f�4�a�3�8�e�a�0�0�6�4�c�1�4�9�6�f�c�c�3�1�e�9�f�a�0�1�a�b�a�5�c�2�f�5�b�4�2�e�f�9�1�6�7�7�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�e�0�d�0�1�1�5�2�6�c�9�1�d�9�4�7�_�h�u�r�o�.�e�x�e�
C�:�\�0�a�a�8�3�4�f�3�7�2�6�d�2�7�7�c�1�b�0�3�f�1�b�4�2�f�7�b�f�e�5�c�0�4�8�c�3�d�c�8�2�d�1�b�5�a�7�5�7�d�f�a�9�4�5�f�e�1�1�4�4�1�8�c�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�f�a�c�2�f�1�e�5�c�e�0�1�f�b�0�f�_�h�u�r�o�.�e�x�e�
C�:�\�e�8�b�9�b�2�4�7�5�e�b�7�6�7�1�f�c�f�c�f�7�e�7�f�f�1�f�6�e�7�a�5�8�7�6�b�0�1�b�a�f�f�9�6�a�e�5�0�7�f�b�7�f�0�d�0�7�2�8�9�5�a�a�b�
C�:�\�c�f�5�2�3�e�9�d�1�e�8�b�d�3�6�7�8�a�5�a�c�5�6�5�d�7�c�7�1�3�1�f�c�9�e�a�6�c�9�f�1�4�6�3�b�b�6�9�6�5�9�f�0�e�e�f�4�2�3�5�b�1�c�c�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�3�5�3�0�6�3�c�f�0�1�a�7�2�1�2�9�f�4�b�3�8�b�e�e�0�c�b�3�3�a�c�9�0�f�1�6�3�a�d�4�7�3�5�4�6�b�f�6�d�6�4�2�5�0�9�f�d�6�2�8�f�d�4�1�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�3�C�9�q�_�U�K�D�.�e�x�e�
C�:�\�f�d�d�7�7�3�2�4�4�1�2�5�a�8�1�6�3�0�a�b�b�6�f�4�6�e�d�e�1�b�c�f�c�4�3�9�7�c�c�7�6�2�b�7�4�1�d�1�8�0�c�5�e�f�9�c�8�d�4�a�d�8�c�8�
C�:�\�2�6�8�9�3�d�7�0�7�8�5�5�a�0�9�9�6�0�6�1�4�2�e�e�1�2�8�c�e�8�3�1�4�3�0�7�2�2�1�f�9�f�c�a�4�b�e�3�9�4�1�d�8�9�a�b�d�3�2�c�1�4�c�4�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�1�c�e�e�f�8�9�d�7�b�f�c�8�a�8�9�4�7�0�4�4�9�5�8�1�4�a�c�e�1�6�5�e�4�0�6�8�c�5�1�6�4�d�b�6�d�6�9�c�5�2�e�e�7�f�e�0�a�3�f�b�b�a�9�
C�:�\�a�2�c�b�c�0�8�0�6�a�e�f�7�e�2�9�9�b�f�3�f�c�e�f�e�b�1�1�9�1�5�e�7�7�d�0�9�e�3�0�4�4�e�0�b�3�8�9�6�a�e�3�1�2�5�8�a�b�3�5�5�b�d�c�
C�:�\�f�2�4�9�5�3�d�c�d�3�2�e�e�7�2�7�d�0�1�c�7�6�1�1�2�6�1�c�2�b�3�9�5�6�2�6�b�c�0�b�1�0�2�d�c�7�0�7�5�f�b�5�e�f�9�4�d�6�4�3�8�f�6�a�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�7�8�5�a�9�f�5�9�8�d�b�f�8�3�d�e�b�0�d�f�a�7�d�e�1�a�6�5�0�6�6�4�6�e�9�6�d�8�4�c�3�f�f�7�b�5�f�1�0�e�8�3�0�e�f�5�a�c�d�8�0�1�5�5�
C�:�\�3�5�1�a�d�7�9�5�6�a�3�2�3�6�9�a�0�f�2�2�8�5�2�a�c�2�d�9�d�3�9�b�c�a�f�4�f�a�b�8�2�2�7�b�3�7�0�1�c�b�0�3�6�8�4�7�b�9�c�4�2�2�a�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�d�4�7�6�2�c�2�f�4�a�7�d�a�f�6�1�_�h�u�r�o�.�e�x�e�
C�:�\�b�e�5�f�f�0�5�8�0�e�c�c�a�8�a�a�3�6�6�2�c�9�e�e�d�9�c�6�b�f�4�8�5�7�6�0�f�4�a�0�7�4�1�e�5�5�1�3�1�3�c�7�1�f�2�e�4�5�3�7�b�4�a�c�
C�:�\�6�d�4�2�9�8�6�8�c�5�4�1�3�3�3�3�3�7�e�7�7�3�f�6�a�2�4�2�a�a�8�c�c�e�c�7�2�4�6�e�9�3�d�0�8�5�7�8�2�4�7�5�8�1�4�d�5�e�5�8�5�e�6�b�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�c�0�f�a�a�7�d�b�3�8�7�f�a�4�a�e�4�c�2�9�2�8�f�c�f�a�8�e�5�e�b�c�9�d�c�8�b�0�0�0�b�5�c�c�f�0�8�f�a�4�c�a�2�3�5�7�2�1�7�a�a�3�f�a�
C�:�\�b�c�c�8�6�5�c�3�b�1�7�f�9�b�d�c�7�e�3�7�d�9�a�b�b�8�a�3�1�3�e�7�3�4�4�b�3�2�9�e�7�e�8�1�6�5�d�6�0�b�e�8�6�f�7�9�2�7�3�d�8�e�2�3�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�x�a�m�b�j�c�x�s�.�e�x�e�
C�:�\�U�s�e�r�s�\�V�i�r�t�u�a�l�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�4�9�f�0�2�a�0�0�f�b�3�7�8�c�6�d�8�e�1�3�6�4�a�9�3�d�8�7�3�f�1�0�2�4�d�2�4�7�0�6�8�0�1�1�e�0�0�b�a�e�3�3�b�3�2�d�c�2�5�d�b�3�3�e�.�e�x�e�
C�:�\�b�0�6�4�8�0�a�4�5�9�0�b�c�9�a�e�e�c�1�0�5�c�1�e�7�e�b�c�8�6�8�a�2�1�e�6�c�f�7�c�8�7�5�9�b�4�0�6�0�a�0�4�a�6�7�6�c�7�a�4�b�f�8�d�
C�:�\�6�5�3�0�2�4�d�d�1�d�9�8�9�f�8�f�2�6�d�1�0�7�f�2�3�5�a�b�d�5�e�c�3�9�d�7�f�b�1�f�c�6�9�7�7�1�2�9�e�5�9�8�3�8�5�b�7�7�6�b�4�a�e�d�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�7�2�5�7�9�f�0�7�2�a�7�9�b�6�a�d�b�a�4�c�a�f�d�c�5�9�9�a�7�2�c�1�e�7�b�5�2�b�f�8�3�3�b�a�e�8�0�5�8�5�9�0�1�a�b�2�5�f�b�c�2�6�6�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�4�2�6�3�8�7�e�0�b�0�4�0�d�9�5�8�3�9�7�f�b�d�9�6�a�e�f�a�4�9�a�8�0�9�6�3�f�f�9�9�9�c�d�3�e�a�e�5�f�d�3�f�0�3�5�3�a�1�1�e�f�7�4�2�
C�:�\�e�a�b�4�9�0�1�6�5�8�b�1�4�6�d�f�9�e�8�6�e�a�7�7�2�d�7�4�c�f�9�c�e�5�2�f�e�5�b�5�7�c�0�7�0�6�5�9�b�7�c�a�4�c�9�8�d�7�e�e�0�1�b�d�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�2�c�4�0�e�2�c�f�5�f�d�5�b�4�e�a�d�b�8�d�7�7�3�c�a�a�1�e�4�1�d�8�7�b�f�9�4�2�d�b�4�8�7�8�6�4�3�5�a�2�4�1�8�7�8�2�6�4�1�9�e�6�5�d�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�U�s�e�r�s�\�V�i�r�t�u�a�l�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�f�3�4�7�0�9�c�3�d�f�d�4�1�0�7�9�1�0�7�0�4�f�b�9�c�1�b�b�a�f�b�1�2�1�e�b�3�3�4�5�2�e�4�4�9�c�6�e�3�5�4�2�3�6�5�b�c�6�9�3�4�5�d�8�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�5�f�f�f�d�7�d�f�8�2�9�d�c�9�8�f�5�8�1�a�e�7�e�b�e�7�c�a�4�e�e�2�1�c�0�9�c�2�7�c�4�f�b�1�a�5�e�d�4�8�f�4�9�1�e�9�8�7�3�4�4�9�3�a�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�3�9�8�b�7�9�b�b�e�1�d�b�2�9�2�f�f�1�d�5�3�6�5�1�3�d�a�d�9�8�3�a�f�3�c�a�4�3�c�d�4�6�a�3�c�3�9�6�0�d�b�4�3�0�a�a�f�b�2�7�9�a�9�c�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�0�f�0�d�3�5�f�7�3�4�5�f�0�b�c�0�2�2�a�3�7�1�3�a�d�9�3�e�e�7�9�d�3�6�5�2�6�9�9�9�a�e�2�3�5�5�7�8�d�3�5�3�b�7�d�0�d�3�a�d�0�2�7�b�
C�:�\�7�0�e�7�f�4�5�f�4�a�4�a�1�e�1�7�b�4�9�9�0�6�e�c�8�9�9�1�8�4�9�5�8�e�f�6�f�e�a�5�c�c�8�4�c�8�9�d�6�6�5�d�9�9�c�8�5�4�2�5�e�a�7�0�
C�:�\�5�b�f�1�c�2�a�3�2�8�e�f�5�e�7�8�c�f�f�2�a�6�0�9�a�7�a�2�e�0�e�7�8�2�7�4�4�e�0�f�9�0�9�1�1�e�e�b�9�f�5�1�6�d�1�6�f�4�9�9�9�8�c�1�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�6�2�4�2�d�3�8�b�4�7�9�e�6�0�8�9�1�e�1�2�f�a�c�6�f�2�f�e�e�a�6�f�f�b�0�f�8�d�b�7�5�3�9�8�5�f�9�a�7�6�0�7�f�d�b�b�e�e�a�c�5�6�2�d�
C�:�\�0�7�3�8�3�b�e�2�3�8�d�b�9�2�9�1�9�4�7�4�0�b�8�d�c�c�8�9�a�1�2�b�4�e�1�0�1�6�a�c�2�2�f�a�1�5�a�e�5�3�9�e�8�1�0�f�9�e�6�9�1�c�f�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�a�7�2�d�2�3�e�0�f�3�3�2�5�c�b�4�e�7�4�2�7�c�2�3�b�c�b�3�a�5�5�8�0�8�0�4�2�a�8�1�d�c�d�d�0�f�e�d�6�4�e�d�6�4�1�3�3�4�9�4�6�e�e�a�
C�:�\�9�f�7�4�7�6�2�d�f�3�a�6�0�0�8�7�6�e�2�6�f�6�f�c�1�b�0�d�e�8�9�0�c�a�2�1�d�2�f�b�8�b�9�a�3�4�8�d�b�2�f�6�1�2�e�a�c�3�b�d�f�1�7�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�b�e�a�2�6�e�9�7�1�1�3�6�8�d�0�f�_�h�u�r�o�.�e�x�e�
C�:�\�8�2�1�9�d�b�6�8�c�2�9�6�1�7�1�a�4�4�d�2�1�9�1�1�4�3�0�a�2�c�5�0�8�5�2�4�7�8�6�e�0�1�0�2�0�9�3�7�9�2�7�5�7�6�9�c�7�f�7�2�d�7�5�5�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�h�u�r�o�.�e�x�e�
C�:�\�0�e�6�2�7�e�d�6�e�9�9�f�5�2�4�2�5�1�3�f�6�a�b�d�8�c�3�0�3�e�e�b�7�6�f�d�f�7�0�c�b�c�2�4�9�b�d�4�e�e�d�c�4�b�4�c�9�3�a�7�3�c�f�4�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�h�u�r�o�.�p�e�3�2�
C�:�\�a�4�9�a�0�6�0�e�4�7�1�8�0�7�9�1�e�5�d�b�7�9�d�2�0�9�4�e�2�8�b�9�f�4�b�2�3�6�f�f�c�6�b�9�2�2�8�2�b�2�6�5�0�6�a�7�0�8�f�9�2�3�1�c�
C�:�\�7�d�4�d�9�9�b�7�9�e�3�c�4�3�e�6�6�b�b�c�b�0�6�f�e�d�1�5�5�f�d�d�e�3�5�1�c�9�b�e�f�4�8�c�f�d�6�c�c�9�2�1�a�4�3�b�1�d�a�7�0�d�e�e�
C�:�\�G�d�B�e�7�j�Q�E�.�e�x�e�
Hosts
| IP |
|---|
| 114.114.114.114 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56933 | 114.114.114.114 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.