1.0
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.82
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | TrojanDownloader:Win32/Upatre.561466a4 | 20190527 | 0.3.0.5 |
| Avast | Win32:Evo-gen [Trj] | 20240214 | 23.9.8494.0 |
| Baidu | Win32.Trojan.Kryptik.ke | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20231026 | 1.0 |
| Kingsoft | None | 20230906 | None |
| McAfee | Upatre-FACE!E418C7B56A76 | 20240214 | 6.0.6.653 |
| Tencent | Malware.Win32.Gencirc.10beaf1b | 20240214 | 1.0.0.1 |
静态指标
可执行文件包含未知的 PE 段名称,可能指示打包器(可能是误报)
(1 个事件)
| section | rsrc |
动态指标
网络通信
与未执行 DNS 查询的主机进行通信
(1 个事件)
| host | 114.114.114.114 | |||
文件已被 VirusTotal 上 66 个反病毒引擎识别为恶意
(50 out of 66 个事件)
| ALYac | Trojan.Upatre.EC |
| APEX | Malicious |
| AVG | Win32:Evo-gen [Trj] |
| Acronis | suspicious |
| AhnLab-V3 | Trojan/Win32.Upatre.R155932 |
| Alibaba | TrojanDownloader:Win32/Upatre.561466a4 |
| Antiy-AVL | Trojan[Downloader]/Win32.Upatre.cncx |
| Arcabit | Trojan.Upatre.EC |
| Avast | Win32:Evo-gen [Trj] |
| Avira | TR/Dldr.Upatre.MH |
| Baidu | Win32.Trojan.Kryptik.ke |
| BitDefender | Trojan.Upatre.EC |
| BitDefenderTheta | Gen:NN.ZexaF.36744.fmZ@aGFxA5j |
| Bkav | W32.AIDetectMalware |
| CAT-QuickHeal | TrjnDwnlder.Upatre.MUE.BC3 |
| ClamAV | Win.Packed.Upatre-9858706-0 |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Cylance | unsafe |
| Cynet | Malicious (score: 100) |
| DeepInstinct | MALICIOUS |
| DrWeb | Trojan.DownLoader14.20135 |
| ESET-NOD32 | a variant of Win32/Kryptik.DNYS |
| Elastic | malicious (high confidence) |
| Emsisoft | Trojan.Upatre.EC (B) |
| F-Secure | Trojan.TR/Dldr.Upatre.MH |
| FireEye | Generic.mg.e418c7b56a765ad6 |
| Fortinet | W32/Waski.F!tr |
| GData | Win32.Trojan-Downloader.Upatre.BK |
| Detected | |
| Gridinsoft | Trojan.Win32.Agent.vb!s1 |
| Ikarus | Trojan.Crypt |
| Jiangmin | TrojanDownloader.Upatre.ryc |
| K7AntiVirus | Trojan ( 004d3edb1 ) |
| K7GW | Trojan ( 004d3edb1 ) |
| Kaspersky | Trojan-Downloader.Win32.Upatre.cncx |
| Lionic | Trojan.Win32.Upatre.tntU |
| MAX | malware (ai score=85) |
| Malwarebytes | Crypt.Trojan.Malicious.DDS |
| MaxSecure | Trojan.Upatre.Gen |
| McAfee | Upatre-FACE!E418C7B56A76 |
| MicroWorld-eScan | Trojan.Upatre.EC |
| Microsoft | TrojanDownloader:Win32/Upatre.AK |
| NANO-Antivirus | Trojan.Win32.Dwn.dtlugo |
| Panda | Generic Suspicious |
| Rising | Downloader.Waski!1.A489 (CLASSIC) |
| SUPERAntiSpyware | Trojan.Agent/Gen-Upatre |
| Sangfor | Suspicious.Win32.Save.a |
| SentinelOne | Static AI - Malicious PE |
| Skyhigh | BehavesLike.Win32.Upatre.mh |
| Sophos | Troj/Upatre-LD |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
1997-10-26 05:19:52
PE Imphash
c95f69ea33142e6aac817e4d2ecc4e9c
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x00001250 | 0x00001e00 | 5.501931088352726 |
| .data | 0x00003000 | 0x00003000 | 0x00002c00 | 3.479053602375288 |
| rsrc | 0x00006000 | 0x000069f0 | 0x00006a00 | 5.606301048132516 |
Imports
Library netapi32.dll:
• 0x403000 DsAddressToSiteNamesA
• 0x403004 DsAddressToSiteNamesExA
• 0x403008 DsAddressToSiteNamesExW
• 0x40300c DsAddressToSiteNamesW
• 0x403010 DsDeregisterDnsHostRecordsW
• 0x403014 DsEnumerateDomainTrustsA
• 0x403018 DsEnumerateDomainTrustsW
• 0x40301c DsGetDcCloseW
• 0x403020 DsGetDcNameA
Library oleaut32.dll:
• 0x403028 OleCreateFontIndirect
• 0x40302c OleCreatePictureIndirect
• 0x403030 OleCreatePropertyFrame
• 0x403034 OleCreatePropertyFrameIndirect
• 0x403038 OleIconToCursor
• 0x40303c OleLoadPicture
• 0x403040 OleLoadPictureEx
• 0x403044 OleLoadPictureFile
• 0x403048 OleLoadPictureFileEx
Library REGAPI.dll:
• 0x40305c RegWdQueryA
• 0x403060 RegWdQueryA
• 0x403064 RegWdQueryA
• 0x403068 RegWdQueryA
• 0x40306c RegWdQueryA
• 0x403070 RegWdQueryA
Library msvcrt.dll:
• 0x403078 fopen
Library msvcrt.dll:
• 0x403080 fread
Library kernel32.dll:
• 0x403088 OutputDebugStringW
• 0x40308c IsDebuggerPresent
• 0x403090 MulDiv
• 0x403094 GetTickCount
• 0x403098 GetACP
• 0x40309c LoadLibraryA
• 0x4030a0 FindVolumeClose
• 0x4030a4 GetCommandLineA
Library kernel32.dll:
• 0x4030ac GetWindowsDirectoryA
Library iashlpr.dll:
• 0x4030b4 AllocateAttributes
Library sti.dll:
• 0x4030bc StiCreateInstance
Library REGAPI.dll:
• 0x4030c4 RegWdQueryA
• 0x4030c8 RegWdQueryW
• 0x4030cc RegCdCreateW
• 0x4030d0 RegCdDeleteA
• 0x4030d4 RegCdDeleteW
• 0x4030d8 RegCdEnumerateA
• 0x4030dc RegCdEnumerateW
• 0x4030e0 RegCdQueryA
• 0x4030e4 RegCdQueryW
• 0x4030e8 RegCloseServer
• 0x4030ec RegUserConfigRename
• 0x4030f0 RegOpenServerA
• 0x4030f4 RegPdEnumerateA
L!This program cannot be run in DOS mode
@.data
8G6u(Le
}mp?aUV8ZwnAH]oXR
+]n]XYFed%}
6o4~=1wf
?td81rF
/^2R|f-3`N
iwyWA< 2%3Do6XGm
\jl`>_XbA
=08{!@=
u}m@U];,%2[#r0W
\[$'fCJr;
.]wrVx
rW_S5(
JoewL^e&D?FAa
+^GB6W[
Xqr[5;$
0(-=./F#B
2%.$2?1<@=B
+B/4;(/%9CF?%
+?%3>4-1
.2(5<,=
;(2 2E
&08* )!F
7'*.:1+.
-:0+;=96"
138=DCC
!*>?-'
://54
?*=:A"7
:&%-"/
/<243&
%-F9;"
(E;!:9
'.%=*B#@9?05
B2@<(1
C+<(B
)+90@
=BF$2D
-?.'6A6,"@!
//%7>; E
*G08*0#0
<.+F &)
E>"7"G
9%=>.'8
C86,B0F
"?4')*2
%C<9)5*
<B2 :F
4E) =;
7*@.;9
%A$A50
*@>>0
))91+B
48;6E@@
D1*D!!-
(A>GD
)D3D#,:
?!&*6
6C E,< #E-(
%&0-?
>=?12= ,=*
E1!/&D
B<.%D177DF
0=;!A8
@)B6D=
7D+!'<D
D-2E*$$7
>;0:D7
>16?+=
DsAddressToSiteNamesA
DsAddressToSiteNamesExA
DsAddressToSiteNamesExW
DsAddressToSiteNamesW
DsDeregisterDnsHostRecordsW
DsEnumerateDomainTrustsA
DsEnumerateDomainTrustsW
DsGetDcCloseW
DsGetDcNameA
netapi32.dll
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPicture
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
oleaut32.dll
PSetupFreeDrvField
PSetupFreeMem
ntprint.DLL
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
RegWdQueryA
REGAPI.dll
msvcrt.dll
msvcrt.dll
OutputDebugStringW
IsDebuggerPresent
MulDiv
GetTickCount
GetACP
LoadLibraryA
FindVolumeClose
GetCommandLineA
kernel32.dll
GetWindowsDirectoryA
kernel32.dll
AllocateAttributes
iashlpr.dll
StiCreateInstance
sti.dll
RegWdQueryA
RegWdQueryW
RegCdCreateW
RegCdDeleteA
RegCdDeleteW
RegCdEnumerateA
RegCdEnumerateW
RegCdQueryA
RegCdQueryW
RegCloseServer
RegUserConfigRename
RegOpenServerA
RegPdEnumerateA
REGAPI.dll
??0CCritSec@@QAE@XZ
??0CDoubleList@@QAE@XZ
msdart.dll
-xGtMn
DM4{`su Jzj
a@@Pr|
fVa~Q@t
m<<Q<<
1WODWJ[
Y~QYLD@jA
`@j@yQj
k@@Zz@A<[
@i@@i@rQj@i@@i@sQo
@oQAs@@
~YA1Qo
@@oQ@QoQl
@@BJ~Qo@Zs
xtp@@RJ~K@AIp
@@ZQo<
<~t<@`t
xtpAo|t
@oQ@J~@QoIAL[
I@I@ztuQ1W+
Z)[;WWJ@ztQ6
@{ttW+WWJW
@ }tO h7l@atuQ
@7l@atQ
@7l@atQ @atQ
@atQ@atQ
WW@{tt@atQ1
W+@atQ
@atQ.
)-@atQ. @}tuQS@atQ @atQ
@atQ@atQ
t7lV~t
;z@A<~tt~tt
e~tt~tu~tb}:
|@@Zs@Zs@R@R@Y:
ZI[@}tW
7QYVZ)p[
;@}tr@ZyQ}tr@ZQ}tr@H@ZQ}trW@SQztr;AIpWxt@
tQ}trv_@
uQztr@p'Qxtr:
;@{tu@zt@}tr
Z)s@K@/QyTv+`@d@`
QO@QN@h
;<pAp<p
I@{ts@}tp@IQ
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level="requireAdministrator" uiAccess="false">
</requestedExecutionLevel>
</requestedPrivileges>
</security>
</trustInfo>
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
</compatibility>
</assembly>
24gssvZz7Wpr
8G6u(Le
}mp?aUV8ZwnAH]oXR
#`"Q2%
Cc))GxTi
@<O$q*)ESZq
xt0PBd{~
hp5ZCz}
X[Eb(dmoXF
fvl>Rs
Sx$i+~$xVg/[X
]?=)qks)
T[j{.8
MYa\u3
g-NB7dYu
<Uo{B6
SsJMj]!
GA tn8TX(e:,42
sX,""B
.ctG\&wLln:
4^9F-Zsj4
s*3SZ"11jVf%*
~h&~}LR
;j`4E#
-XYrGQ
IW|~Y~=
TG,M| kg>{wD]MNe
o&DJ|&
~;S<V`E
o(^E?e
,\ pUPOCp2
,UZ}[amW
Gz=YAWC@e~$]|
1O1%2^
2.s:u dYCgv7z8;.\Yg
F`f8AkI
QC+,nNQ1bt
cU#7uHG-4
=k?( IV
TJ%v+PK
y*tJHjLM
'Z^V\Y[
0DKa{9^!l
5H/EaVA| zH
XV"goyZrI
HeV!;vG~
U> GY0xs9
AbFJ<F
h4qH_]j
mTT%]'@YjxJ3'sX
2Wb_je|
RUz!U&^
NXzntw
J[SE~[
YO`]}W
}%QbVX=pO1
o4t-(0J\
7\QSK>'
4[_~>#9
Cst8sa
J<Ux4El3
=vp2kVkA
GC#%rb/K*$XN+$b~
"a<qg7gX
l)KDYGR_6Cg3COg_'3jG.C16hNm
J2;eKW
:ce~gw
j@U|B.
]#C`PH
M|?\e.
X~YM,&T
'm0g,. ^
w/7|6s%{b$5rLd
E 1K2ne
AvOfW8#W%
Ed1\\Q"
5s1]oZ)Q]G
KA[o!s
@@.Coe
NhmKJ(/g:
xVQTMQ?
DwKW@G
WQl^o:+.@
?+a`/,.B
]f&xyZ
:412!l."D
vf=5]p[Z3_OX
AzQ{]AGX;
z`&TdQ+
w*j>?2KT9+
hIE=JE4
zZKuM4}
EU)z>z7
|<Qs^]
RROfZB
~zt"H)V
i;]"MNL`X
BiaxvM
kP1?? zR
xW`&Yf"C
`$yXHOA
s$ i3(z
;>ZT@7*"
2(c,')R?,
a?%"R?"
\?' Y?'
^?gizinxov}mq}oopmnlomnp}lrxmvxnt}nqnnqnooornp}np}orpsqtprpsqtpsrvrvtoooyx
' }' }' }%
' }' }' }' }' $
' }' }' }' }' }' }' }' }' }' }' }'
' }' }' }' }' }' }' }' }' }' }
' }' }/'/'/'/'/'/'/'%
( i`?2(
& {NG%
' }' }' }' }' }/'/'/'/'/'/'/'' $
)") ' "
um) '"&!& )#)#)#)#)#)#)#)#)#' }"
}}}xxxxxxxxxxxx}}}
' }' }/'.&/'/'/'/'/'( '
w% *"(")!#
tr,#/ .!)#)#)#)#)#)#)#)#)#)#' }' }xxxpppkkkkkkkkkkkkzzzE
' }' }/'.&.&/'/'/'/') '
[W1 & ,!&
nq% ) (#&$)#)#)#)#)#)#)#)#)#' }' }sssffffffxxxa
' }' }/'.&/'/'/'/'/',"*
C;'!,$*$*$*$*$*$*$-%-%' }' }
' }' }/'.&/'/'/'/'/'+"&
`Y3'-%-%-%-%-%-%-%-%-%' }' }
' }' }/'.&/'/'/'/'/'-$'
.&.&.&.&.&.&.&-%)#' }' }
' }' }/'/'/'/'/'/'/'/&,
# &*A75-)
ts+'1(+')'/'/'/'/'/'/'/'-%)#' }' }
' }' }/'/'/'/'/'/'/'1',
& . |3($
{q4%1$1(/(/(/(/(/(/(/(-%-%-%' }' }
' }' }/'/'/'/'/'/'/'2).
-)0)0)0)0)0)0)-%-%-%' }' }b
' }' }/'/'/'/'/'/'/'/*/ 0&2)4)/!0
. 0)2)2)2)2)2)-%-%-%' }' }
' }' }/'/'/'/'/'/'/'2+/"`brdqcq^B03!2(3*XPoamdpfF80'.)3)3 gerfpkqjsiTL3&4*4*4*4*4*4*-%-%-%' }' }
/'/'/'/'/'/'/'/'/'/'/'4-5+5.3,4-5,5.5+5+5+6)4*2-5.6,3.6,6,3,4-5.3,6,8+8+8+8+8+-%8+' }' }' }$
' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }' }
24gssvZz7Wpr
E 1K2ne
AvOfW8#W%
Ed1\\Q"
<Uo{B6
SsJMj]!
GA tn8TX(e:,42
sX,""B
E 1K2ne
AvOfW8#W%
Ed1\\Q"
5s1]oZ)Q]G
KA[o!s
@@.Coe
NhmKJ(/g:
xVQTMQ?
DwKW@G
<Uo{B6
SsJMj]!
GA tn8TX(e:,42
sX,""B
d[rQi*
g,uuDy
aPVOX)#z<
: us'G
}AP@29
TfdmhZ
k}i^$af:;>
>UJ/|"
5`UW}nc
|$"UUNBf
yANb}m
_/[.0 U]
ZS&upb'4\@<5e;
HUf57
Y).V}
Ne-(lzZ~q
*|K>LT
=rV'pK
i:hgh}t
UMwx@1W
,jpUf:
4`).:L,H/
i?kp5U{Fj
2w \?[
.Rw#\aC
.euUj[: f8
_hHnCE2{S
J%/,@\ _
`X?EHTy
hjy;$W
vbx2?f.<(/n]ZK8(Yp
*iTpooH
{]|ii|
qiV_7
H9}t"<
l1k4Xgg<j
j=zR_=BPm
uAqqnD
D>,6`5
WTR,"m
f V7~Xx
f9Uz.iUh,
a$y)npY
`T@C&q
wKA}H-
Ohp}Y3}
#t*.l1AV#
%=bOYJb}jY
3fIH,~
~!x.5`
XO{JJ"]<d|
[[SFmI
l5LS\Z^|{`&I`
u8#G).dV
jk Y$BNC
7|*\YZ
$v.4'X
+^W-:/jy3
mQdy?8e
!UF >rG=D'r
fPa?j U_
cU&}L8
.M?7SQ
xh@:5-
30PQ`eUv
BZ9jNI\
x* E C0O2qM`
SM`^Giw5
4ltR{H
p#W]4D$y
c`QBcxhWE/,Kk\
>|r8"[
)!$YbP
2_<&c0
8+H {~
FtQUMQxXj
3Q0@N"@#r# \
!3{h5E
*eVJKi
J,+P}$h1n|z*L
>\{hV
n`&7)Q(^e
m6:s#{h^GB
'Y9lNoe5\
0.`@`[Kp{u:*r:G/md]e
UCDd#Oiu
y(Y,N^nYn r.
$b%*)} U[DYhUY/}24|%
qYA7Gq%3
hxK&UL(
X]DQCDe#
]W{aHP!dHr
+,sIw)F>
{v9XZB+S>]f
Q{XYkSX
_<\4C\gN
@U4PEV(
|S'&I/W
ZwH?@m
CU8x@u
?Qh#Ws-
Yix7,*(:)]o3
M PlA(!V;/*
.al{<vG%*ZR73s3hR3FHw4
ww.Xz5l
T2(:>p2$%d
$NFLSr
w=ADPr!R
B- Gvsk#
k:XHFo)
[Exxi\w
,??2]Sge;p'MTLLyI`L
1QoXa$
sMs0C1CD?
~`q$,3c
q~]y)#rB
"<vK#T`e
2PTK}oM/W
dykwdId
;:+]F.
%jK:`_h
<%Ag-l
,d"H`(nZ5
0j|}_mf
Bt$pabc3ixWI$i
}M9hB]g[
<q:cx)
)?Y&ew~o
PtX ZYV
-F2$L&?bK{@
taokf_Z
]",!Wn
1ZOO@[G
0z=D#V
IWlL`P`?6G
lUW.>r!t
>yeWF!
`>KLlQ
Zec]o6
)OC5;R\
1=W8M@
`_LQKa
L>qp(w
'PeF@qG
d_U( A>s>"
5hui[Q
ClR$R`
/|n_RJ&
8xJMWW}Q
lTGi`[
z$'[0#S
cNRGMx
p:W.1)
[PW#ExNGI}j1]2VT9z
C0t3 ,^v
15@'B4~
v|ziYXXpH?
v), G_
#O[7syYF
kQR9#5z(5").XI
x[\S}HK|+>;
HU.FDYO<
f}OT%=d(#
X4^v[R
),_\BV`SIy
Kgoo7 XU
'm:f>\
j;cl8$#
bI;T/@1g
WX1J!nK)y>er
01qbZ%#
FeVA15
dur~*l
SYqX^2so
RrBVyQ9v
YJ8IR8J
ySZ~(S%O`I
Vf^)|`
$+n N%5P-qk
h=C bbK
M.@A?MfTqy\n
V3m`1}9Hcb
6XS4}i.f
&`Zw?I5
GoA.4"
\CjW ,{LqH
MPM%`"
+zqd?(0T
ug*nQ'BV:x7$>
zH7sZv2
JQ&=c=i -
{#Hz^SI'a
* R)=(tT<C
~Bi&_X
GZ1"!,bdhfv
Sk:qDk
,c49{g$4h
r8;Rq"{LHA
;qC,hb
;Z]XDg
Zp\OrWYji
aUp,vj!{J
2R^v"\ q
0dK4-6R
kc;}?-m
y $Xya1
fCUvV}n[g
+U"NfH
j-\a&LV
c'.awWD,
q\hHAX
Tc7>6O
0tc*pY)wq4c[(y^
YQ*6q@ r
QzJ:Qz
=94D{{2XN
XRwDJF`
%"dg#W-c
[I H4Tr
om&3_p
F8v>/jkwB
|+H("C5
GhF:p]W!Xz
V%=|jn%6a$@FU?)
'gxZJnz)*3O
UFOXpWA
qS}MY;Gy
sd>+rP([
tw%$Ag&
&##+L`f/4S!}f}
,:N(e`U
c2TNkc_|
^ Nf`I3O:`:y,
{b.MHLI55O
w5J+"z
$*_}0n
?cIw73
HJ+racA
x}]&Vy:,Y
9{k}l)wJ
e//rA0
rR{.Da
_72yKrYa
WV:z`AY
7O~.jd!
,XOB=k3
~N6uLo
7.aSF<
*1x.C92
!pc;.5
D;S0'RH2UF1
HuNb]=0;
?NF)%Efb
;Xujdzr&B
:@t)u3"
,}47UNHc
Pmi-ew]r|`e9<
gpju|vzkA6~}
aPOIX)7`K
DA0FPiCu
r`MD;R
[Y576Gvl4L>0hg
/L_-mSP
:6pwPn_fQZ
{@ D4pD2
ADnKU!i{7i9yS)B
'(qJeT_nm
&Od` /{
!1>rpuKb
{%h:Z`#
7Ug\RU
x$(+PLlk
megF`,
J=aSHT8q+
XxB9pg
:=8!R{{n
wp}l)t&;gF5I)#ep"
q.{d}1}!|i=Q
v#@o!.w+$
2 RffA
|%;/Q1
@;X$gj
Tp^ranf
gS^1!;dZw
\LA>]u)$o
cv6^X2
J/mfdmzsNHXa
H<e!{{
<6j9UZJ
#4;{ir3w
F(i*}Jm<1
d]]&}av
%sc_Kn!%:73Rz@
DuHMV%e
z,x)Qw
>4h,@`
jK)j* SzeB
yaA0V+_a
BU_19I
@"*w*2hWan
1@1Bt|N|
|"iDC(
c\x,.-1uo
;NgEK )
v1X^W7/s
7$4vweF
v7#"_&uhF
2`VB]5
.R+#g>
f|=z,d\
aQENkQ
IhL/)o
)\TDe}k#
@F_ .6{bhd LcX
$:/ fm-,Ke
6~:})oSe
p!]aR&
z ({1PX4XJ@
~JWTCU@Y
tj0t37k
Hf`OB"sUI
_Knxk*|{e
KlxULO
0+lk[O
Xdmh1}-{
b%B/Y38c
w#Cx76:b)@
OY7W_)na'uA)OG)MW|9
W];*n~up
+m4e ~u-
}x#Nd?
SCr"Fim}
J^g^E8?j
(;+DC*Y
WVytl<
ZTi8&Fp51niTuN-
ou{M<p:W
E}t2)Rp+GY
}^pC$3
:=$wXPo f>
48U>>Do
2X!h#n
.@!@~~]X
^'6h3J^U
FmL~/5Yp"
BD h6W
o)%E:<B?v
':GJ9_
zcMh<Lrsxv>
7k,TnJ+ Rt
I}1{4q
Xv-a5Dt
B{o o;/cL]
8ltx{/|FU&*
3\^5wSuRrVN!
GzT()%
lg'ZK.aH
^*km.3,5
,;nV6u
zF>F?x&%ei}ep4xN
Wq&; 9cV\~
3=,/"k[
%80! KrR
=RC{%C%5
<y++_V
ijx'E(U>
zt.U?C
.AiiB7<R,
iVn rZ
=";iSG/({X
3-hN0kH
DA{|I)
FGj:pxI+e
)Py1zq
3*CM3i|ewe
NZnSN>`
GP]5(#
t(ZZV:!1UlCE
byr-}0t1V\u
"`@ti hUW
ZnP@J!`*
G^mADRDpJ
->YV7;^/37a{
f$|/,f
MH|.Az!
!"&uuU
DwXh3@v5*
"=Y)7%tD
YY(Z-w
xqTY=%x
RQcR!^IVncv
qtN?sm9
PgZ"&'/)/e
|28u5K Q
)Bx5|{7
lm!VYxIy~@;4
LMwx!!0]
&~qc9@
`R|pl`
amh{2Eh`E"5Gg!:u
WJRL^`y.
cAi#G!69
o Je#aEF:]z!O%z)>l_?-~
D;,k_q
J}Q\@m
T7buME
|>AqP*FA=3
=Md~A'<
Gru9u(t
x0z{RVG
[$|pZG#t:
g(:2O7
&VvU5_DS
b@:%cS
e'&s5>x
?UAGEng
^h:((EX
])e:$],
tW[O<? j
sSIuwnt
[>I$TS6
TtR%b5Ce`
84S:p_?\
ac+ni@<0
&yH{eKW%
?[ k#Yr_-w
zHA[ B-
rn)x1>3\&%
f(/|{Q|X
C$Q0&}&
2G=vS8
&PcF<LW
vQj!$4q
qy}T\I
X{X.K$
BpmD2"u+/
PVmh^DCZ
>{[44 v
Im`- MU
-p% 1?j<Sb`
}J$LCO
C�:�\�S�T�D�p�d�W�j�F�.�e�x�e�
C�:�\�l�S�U�C�p�P�K�g�.�e�x�e�
C�:�\�T�h�M�H�R�Q�f�B�.�e�x�e�
C�:�\�g�n�g�y�h�Y�l�3�.�e�x�e�
C�:�\�b�U�S�v�d�F�T�K�.�e�x�e�
C�:�\�4�F�v�6�X�z�s�v�.�e�x�e�
C�:�\�I�b�_�4�e�V�9�f�.�e�x�e�
C�:�\�L�d�1�U�w�m�E�c�.�e�x�e�
C�:�\�t�P�E�w�Y�X�S�V�.�e�x�e�
C�:�\�H�D�3�q�a�t�F�0�.�e�x�e�
C�:�\�C�h�R�u�9�0�e�0�.�e�x�e�
C�:�\�K�0�H�c�3�s�Z�H�.�e�x�e�
C�:�\�f�1�R�d�v�c�C�x�.�e�x�e�
C�:�\�N�F�y�M�Q�u�z�u�.�e�x�e�
C�:�\�n�E�r�N�1�o�j�S�.�e�x�e�
C�:�\�6�L�Z�B�d�c�j�_�.�e�x�e�
C�:�\�q�Q�t�T�Y�2�Q�V�.�e�x�e�
C�:�\�t�C�p�G�_�_�J�J�.�e�x�e�
C�:�\�4�4�b�f�1�5�f�1�e�4�c�8�6�6�e�0�4�8�b�5�e�c�f�a�f�c�8�5�1�8�a�6�3�f�d�1�d�e�f�0�d�5�e�f�9�2�1�d�3�9�7�a�8�2�a�1�c�2�3�6�a�6�5�e�
C�:�\�a�9�3�f�7�c�f�3�0�f�9�a�f�3�d�a�d�4�0�1�0�7�1�7�2�4�9�1�4�3�e�a�1�e�9�0�2�e�1�a�e�d�2�5�c�5�a�0�c�2�8�a�a�f�0�c�4�f�d�c�e�e�d�0�
C�:�\�9�5�0�2�5�5�4�e�f�2�0�7�c�e�0�4�7�0�7�b�b�0�d�4�6�e�e�6�e�a�8�c�f�a�2�9�a�5�a�3�8�2�1�c�2�1�6�9�d�0�5�3�8�c�0�d�e�4�1�9�9�2�1�c�
C�:�\�1�1�7�e�a�0�6�1�f�4�b�0�1�8�0�2�5�5�0�f�7�9�1�a�d�a�5�6�0�0�3�b�4�3�5�0�8�a�7�6�8�d�c�e�5�7�2�d�5�9�c�9�5�b�b�b�7�a�1�0�9�4�7�5�
C�:�\�R�a�i�d�e�n�\�G�o�a�t�\�F�T�P�\�S�a�m�p�l�e�\�7�5�7�6�B�0�C�E�9�0�C�3�F�0�5�4�A�A�9�A�2�2�C�4�D�2�1�0�7�E�A�2�.�b�i�n�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�d�d�4�2�3�0�8�8�f�a�a�3�a�8�c�2�1�d�e�7�7�7�e�3�d�b�7�9�a�7�a�1�.�v�i�r�u�s�.�e�x�e�
C�:�\�1�4�4�1�3�8�4�8�e�c�9�f�8�d�4�c�a�d�2�3�6�8�a�e�e�a�a�2�5�e�2�f�d�2�6�4�6�9�8�e�b�e�c�b�3�b�1�2�7�1�d�8�d�3�2�a�f�e�f�5�a�0�8�d�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�8�3�6�f�3�8�4�0�4�1�f�5�c�3�3�b�0�0�0�5�0�b�d�c�8�5�1�d�5�4�7�6�c�e�d�5�e�6�c�8�c�a�0�8�2�b�b�b�c�e�2�2�5�7�c�6�b�e�5�5�a�5�6�1�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�5�b�f�2�5�0�9�5�8�b�1�4�4�7�6�9�e�a�f�1�3�5�5�8�6�3�b�8�6�4�d�1�e�9�8�6�7�a�4�7�9�4�0�d�d�3�7�7�0�7�e�0�8�2�4�1�8�b�6�f�1�6�8�4�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�6�3�b�d�f�c�f�8�a�0�f�1�a�f�4�e�0�9�e�9�b�e�2�c�2�e�0�7�2�2�9�6�2�6�3�d�f�f�0�6�e�4�f�c�3�9�d�5�2�8�0�0�2�0�1�1�7�f�a�2�4�a�2�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�D�o�c�u�m�e�n�t�s� �a�n�d� �S�e�t�t�i�n�g�s�\�A�d�m�i�n�i�s�t�r�a�t�o�r�\�D�e�s�k�t�o�p�\�H�8�Z�s�Z�F�q�R�.�e�x�e�
C�:�\�9�c�9�f�9�7�5�d�8�2�d�4�c�2�7�5�f�8�f�8�d�d�c�3�b�1�1�c�9�4�b�c�a�2�9�3�a�3�1�1�6�0�e�4�e�b�6�4�c�2�f�5�8�b�d�6�f�c�2�9�3�7�1�9�
C�:�\�a�1�6�1�4�2�5�6�a�0�9�d�f�1�d�7�6�2�7�d�b�d�a�9�4�8�4�6�2�a�7�1�3�b�1�5�c�e�0�5�0�f�e�a�c�6�0�f�d�7�b�8�c�a�5�6�7�8�f�b�5�c�a�6�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�5�9�4�4�6�3�9�6�c�a�a�d�1�b�4�3�9�0�e�d�6�3�0�4�4�7�5�7�6�2�4�1�0�e�a�c�e�b�3�1�9�3�0�5�c�e�d�b�e�6�0�8�e�1�e�0�6�5�c�c�5�3�7�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�d�4�e�4�3�e�3�f�a�8�4�9�8�2�3�f�2�f�2�6�c�9�b�f�c�9�b�5�b�5�3�1�d�8�c�8�4�7�2�7�8�8�d�b�2�4�4�e�b�4�5�e�4�b�3�1�b�7�2�c�8�a�3�6�
C�:�\�0�1�c�f�8�e�4�e�e�a�c�7�4�3�c�1�c�c�d�1�9�f�0�6�6�4�d�d�d�b�3�7�4�b�2�d�f�2�7�7�1�7�5�e�a�5�0�c�a�1�b�4�b�b�5�c�a�2�0�d�0�5�0�7�
C�:�\�8�4�a�5�4�7�7�1�6�6�5�4�7�c�2�a�3�6�9�5�c�4�2�8�f�4�7�7�0�a�4�e�2�f�1�0�2�6�4�8�2�e�8�c�8�6�1�5�e�f�c�5�c�8�8�6�6�7�7�2�9�9�8�d�
C�:�\�U�s�e�r�s�\�A�d�m�i�n�i�s�t�r�a�t�o�r�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�N�c�K�m�p�.�e�x�e�
C�:�\�R�a�i�d�e�n�\�G�o�a�t�\�F�T�P�\�S�a�m�p�l�e�\�4�4�9�7�6�F�3�B�F�7�0�7�4�D�1�7�0�8�D�7�E�0�F�A�E�6�2�4�D�5�8�F�.�b�i�n�.�e�x�e�
C�:�\�1�1�f�4�2�9�a�e�0�a�3�a�3�3�f�8�c�8�f�a�2�1�2�9�a�e�c�f�f�1�c�e�6�a�8�a�4�1�c�2�4�9�c�e�7�0�a�d�4�c�5�b�a�9�2�9�8�b�8�b�6�1�9�1�
C�:�\�6�d�4�5�a�2�8�9�c�e�a�3�9�4�1�a�c�f�3�e�c�6�1�f�8�d�7�7�5�8�3�2�8�f�6�b�3�5�e�2�5�8�4�5�8�c�8�4�8�d�4�6�0�5�2�a�8�7�a�c�9�2�d�6�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�7�a�4�8�8�5�f�c�6�3�4�2�3�4�2�8�8�2�8�d�7�b�0�0�e�f�e�f�1�f�8�a�3�0�a�f�3�1�f�5�6�a�1�e�5�9�8�4�a�e�a�f�7�a�9�6�6�f�6�6�7�6�9�3�
C�:�\�R�a�i�d�e�n�\�G�o�a�t�\�F�T�P�\�S�a�m�p�l�e�\�9�F�0�6�8�F�A�C�3�A�7�0�6�4�4�B�E�D�8�6�B�6�C�F�E�1�4�C�6�A�B�3�.�b�i�n�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�0�4�5�8�e�9�b�a�f�5�c�d�7�3�3�e�b�3�b�c�9�0�8�0�0�3�5�8�0�7�8�c�.�v�i�r�u�s�.�e�x�e�
C�:�\�U�s�e�r�s�\�A�d�m�i�n�i�s�t�r�a�t�o�r�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�E�b�Z�S�U�z�h�R�Q�K�.�e�x�e�
C�:�\�e�c�0�5�1�6�7�8�0�9�1�d�5�e�2�7�5�6�7�3�4�4�8�9�4�3�2�a�4�0�a�5�d�0�e�3�b�8�7�a�8�8�f�f�5�9�6�6�a�6�f�2�1�8�5�e�9�6�c�3�d�3�9�2�
C�:�\�a�8�a�0�b�f�1�6�2�e�6�6�9�a�3�a�5�b�7�9�d�b�6�6�d�f�e�e�c�1�6�b�4�e�2�2�3�6�6�8�9�6�d�4�8�d�f�e�7�7�3�6�2�9�5�9�1�d�f�2�d�1�4�6�
C�:�\�b�4�f�f�3�b�9�b�9�7�b�9�3�0�0�8�d�1�f�8�5�8�c�4�a�e�f�3�b�4�f�2�3�6�c�f�9�7�6�e�9�2�a�9�5�7�c�2�8�9�9�3�1�4�8�c�b�e�2�3�a�e�b�c�
C�:�\�a�1�4�7�2�c�2�4�9�0�2�1�b�6�6�e�3�7�d�b�8�a�6�3�e�3�f�2�9�9�c�5�8�c�a�2�c�4�a�9�a�e�7�5�6�3�2�0�5�e�9�2�1�5�4�b�8�4�b�5�d�5�1�c�
C�:�\�3�b�a�a�4�0�c�c�9�9�7�5�7�5�c�4�5�c�2�a�3�9�b�c�7�6�1�1�7�6�7�9�2�3�d�5�d�5�5�c�2�c�1�d�e�5�3�c�a�e�3�6�b�b�7�9�b�a�4�9�9�9�b�8�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�d�3�6�c�e�f�c�e�3�9�2�1�9�3�a�a�e�5�b�1�2�9�e�8�1�9�f�a�9�2�0�6�d�8�7�8�9�2�3�e�5�5�0�2�3�1�6�6�7�b�2�8�2�f�c�a�a�d�e�c�4�e�8�7�
C�:�\�5�3�f�a�b�8�f�8�2�6�8�b�d�d�6�d�3�0�9�5�9�d�9�f�3�3�0�d�5�e�b�9�f�1�1�7�6�6�c�6�3�f�1�3�c�1�e�f�1�2�f�c�1�1�5�f�c�c�1�3�b�b�a�f�
C�:�\�f�a�c�e�7�b�4�b�1�9�1�f�d�b�f�e�7�3�4�0�e�2�9�f�8�6�3�4�2�6�2�0�6�b�c�e�3�b�e�7�d�1�f�a�f�6�2�3�5�3�4�9�8�3�7�d�c�4�4�4�9�6�4�3�
C�:�\�d�0�7�b�9�e�f�d�3�8�0�5�8�b�1�0�7�0�1�9�8�9�e�d�b�b�e�f�1�f�2�d�d�4�9�b�a�0�2�7�f�e�2�f�9�0�2�0�4�6�0�4�e�8�e�f�c�2�3�d�5�9�b�9�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�2�0�6�b�b�2�8�c�3�6�5�9�7�c�2�f�_�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�e�f�9�1�f�2�9�8�4�9�0�6�1�5�8�d�a�a�c�0�7�d�8�9�d�1�4�4�2�1�9�4�3�b�0�d�1�7�f�5�a�c�e�4�7�c�4�6�5�a�0�f�6�9�e�4�3�8�b�6�2�5�4�a�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�5�d�e�2�6�1�8�3�8�5�a�b�8�9�1�0�_�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�2�1�e�6�9�3�0�e�2�6�c�c�e�d�0�2�d�7�a�a�c�e�2�a�b�0�4�5�6�4�5�a�1�f�7�8�7�e�a�2�7�e�8�e�5�4�a�a�8�b�0�6�e�7�f�6�3�5�6�3�f�f�c�d�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�9�2�3�5�6�5�a�8�9�a�6�1�e�0�9�1�_�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�8�f�7�e�8�e�5�1�b�a�7�2�7�9�4�e�7�2�a�8�4�f�9�9�a�d�4�a�6�8�2�0�f�8�a�4�f�9�a�4�0�9�2�6�c�c�1�9�e�9�4�c�b�9�a�3�d�3�b�8�6�a�8�e�
C�:�\�4�7�8�3�7�9�e�1�c�b�8�e�9�b�2�b�8�a�6�4�3�f�5�2�7�a�f�8�7�3�6�c�f�e�6�f�a�c�7�a�9�2�7�0�e�8�6�6�d�7�b�6�a�6�0�0�7�7�9�8�6�2�2�3�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�9�8�7�3�9�c�2�8�9�a�e�d�1�7�1�b�_�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�c�0�8�1�9�c�a�e�c�0�e�6�7�b�0�e�2�0�3�e�8�5�0�0�7�1�3�6�f�8�5�1�6�b�8�0�8�f�0�2�3�e�f�5�b�e�3�6�f�a�3�3�5�4�4�2�e�d�b�8�3�2�d�9�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�e�0�f�7�6�f�9�0�7�9�8�4�b�9�5�3�b�0�8�2�e�4�f�6�8�8�2�e�1�0�9�e�c�e�7�0�c�9�8�9�b�2�8�4�9�8�c�6�4�8�7�9�d�0�5�a�6�2�6�b�2�6�8�7�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�4�5�f�a�d�7�3�3�3�2�4�c�c�e�1�e�1�9�f�a�e�d�4�6�b�6�c�f�d�3�e�8�8�2�4�5�4�0�9�6�6�e�9�5�b�e�0�7�8�1�0�4�7�e�9�4�8�e�8�b�c�3�6�a�
C�:�\�3�8�f�4�3�7�8�9�2�8�b�9�c�d�7�d�b�5�a�e�f�d�a�5�1�9�5�f�6�5�e�0�e�1�8�f�3�7�3�2�4�f�9�5�9�3�f�e�0�f�1�d�b�9�5�e�6�6�9�5�3�a�b�5�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�d�0�5�c�3�0�e�e�b�2�6�5�e�1�5�2�b�c�1�0�f�3�d�b�b�d�c�7�0�2�8�e�b�2�7�1�5�4�f�4�2�8�c�3�4�8�0�c�3�8�b�3�7�e�d�9�8�0�6�a�a�c�f�8�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�9�1�5�c�d�4�3�a�e�4�9�f�e�9�b�5�a�0�c�c�9�d�e�b�3�e�c�f�d�b�1�9�a�b�d�6�6�e�c�a�8�4�c�4�0�8�3�a�5�a�2�b�0�9�c�2�3�3�4�6�b�9�3�e�
C�:�\�d�7�6�a�4�5�4�5�5�c�7�b�f�1�b�1�7�d�e�1�8�1�4�4�6�8�c�e�3�b�b�7�0�6�5�9�b�0�2�b�b�9�0�b�0�e�0�2�c�d�e�6�5�c�2�4�3�f�5�c�3�1�4�0�
C�:�\�0�9�7�0�b�8�2�2�2�7�6�f�2�f�6�0�a�8�0�5�a�d�5�f�d�1�0�1�1�7�9�7�7�d�6�3�5�6�1�1�1�a�e�1�c�d�f�d�6�7�e�e�e�9�b�3�f�1�0�a�a�4�7�4�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�U�s�e�r�s�\�P�e�t�r�a�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�z�a�b�e�r�p�i�t�.�p�e�3�2�
C�:�\�2�5�6�8�5�0�7�b�9�5�e�b�a�5�4�d�9�6�a�2�c�6�c�2�b�8�0�0�f�d�5�b�a�f�a�d�4�e�b�e�2�d�6�e�7�8�6�a�2�0�f�f�8�7�2�e�1�6�2�2�6�f�e�e�
C�:�\�e�e�c�5�1�1�8�2�2�e�d�3�0�9�f�3�9�1�3�0�a�e�5�3�9�e�7�c�9�e�f�e�e�5�6�1�b�e�f�0�3�e�b�4�6�f�1�4�a�b�a�b�6�c�8�2�8�5�c�d�e�f�4�9�
C�:�\�9�d�c�f�f�1�9�6�c�8�4�f�7�2�5�4�d�a�e�d�5�5�0�b�5�4�7�8�2�7�3�5�a�8�0�c�f�3�d�0�8�b�0�7�8�1�8�6�7�1�e�b�8�d�c�0�b�1�4�3�6�2�7�4�
C�:�\�0�4�b�3�9�c�1�b�b�b�8�f�4�1�c�5�5�8�0�b�0�7�2�d�f�3�c�4�f�8�e�6�4�f�e�c�9�4�5�b�2�9�4�4�5�5�8�7�0�8�c�b�c�b�5�d�1�6�1�3�3�f�a�0�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�5�8�8�b�a�2�f�4�2�2�a�a�4�2�3�a�2�c�5�b�c�8�4�7�b�b�1�3�f�4�5�c�f�1�6�c�4�b�f�0�0�3�e�7�a�1�2�1�a�4�0�0�c�c�7�d�5�1�0�c�0�3�9�b�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�0�0�3�5�9�c�5�a�3�5�8�7�b�6�f�7�1�d�d�e�e�c�4�2�1�e�8�6�d�3�0�c�5�d�a�a�5�b�f�b�0�2�9�2�0�a�f�c�2�7�f�1�4�9�a�3�2�c�8�9�f�6�4�c�
C�:�\�4�e�0�e�d�6�8�6�b�9�7�d�e�9�1�8�c�6�d�b�f�5�f�c�f�2�1�2�1�7�9�a�c�6�7�1�6�b�8�f�8�3�e�9�d�4�9�f�b�6�7�c�2�0�0�b�e�c�a�4�f�0�a�2�
C�:�\�e�4�a�1�0�7�d�6�f�1�4�8�a�6�b�6�4�b�3�a�f�a�b�b�b�b�c�e�1�c�c�9�6�3�0�d�7�e�9�7�6�6�b�4�f�7�3�8�a�e�1�5�1�0�2�4�3�3�2�2�a�f�7�0�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�7�e�0�f�c�f�9�a�c�5�d�6�c�7�e�f�1�b�6�3�f�c�2�e�1�b�a�c�0�0�e�f�b�1�4�c�1�3�f�3�0�2�1�b�4�3�3�0�f�6�4�0�5�e�9�3�2�1�9�7�8�1�b�d�
C�:�\�4�9�f�b�d�2�a�e�e�d�c�e�f�1�0�9�0�c�4�a�c�5�8�4�b�4�4�1�2�a�9�f�f�7�d�5�f�3�6�0�d�0�a�7�d�b�a�7�0�8�8�8�3�7�1�9�1�5�2�6�c�6�a�b�
C�:�\�9�d�7�b�9�f�4�5�8�a�c�5�5�3�3�f�9�f�0�1�1�e�1�9�3�1�8�1�e�2�d�f�6�d�d�1�a�2�c�e�d�b�e�5�5�d�2�f�1�0�8�f�7�2�f�8�b�e�5�8�c�4�9�9�
C�:�\�7�5�b�6�4�4�9�d�8�3�2�4�a�4�f�e�3�e�2�2�6�7�6�8�5�4�0�0�9�a�c�5�5�7�9�f�6�f�8�7�e�3�e�6�c�b�0�c�c�a�a�5�3�2�b�4�d�a�5�0�8�a�7�3�
C�:�\�U�s�e�r�s�\�A�d�m�i�n�i�s�t�r�a�t�o�r�\�A�p�p�D�a�t�a�\�L�o�c�a�l�\�T�e�m�p�\�K�z�X�Q�N�w�.�e�x�e�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�d�e�2�7�b�b�f�a�3�4�4�4�7�a�4�a�b�9�7�9�c�f�b�3�2�d�1�e�c�1�a�9�.�v�i�r�u�s�.�e�x�e�
C�:�\�e�d�3�8�4�3�2�4�d�b�2�7�5�8�6�9�4�c�2�a�f�8�3�f�1�9�e�f�7�7�4�f�e�8�e�5�f�3�0�7�4�3�9�7�f�4�c�3�c�6�0�4�4�c�f�1�9�6�a�b�a�2�9�5�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�b�0�a�1�b�8�b�0�d�9�b�9�3�4�4�9�9�1�7�6�e�f�3�1�8�e�3�0�0�a�0�7�9�5�0�a�a�e�4�2�e�8�3�2�7�f�6�d�4�3�1�f�4�e�3�3�2�7�2�f�b�f�b�6�
C�:�\�c�e�c�b�2�9�3�b�1�c�8�0�d�f�6�e�c�d�a�2�9�6�6�a�3�3�d�c�f�2�2�c�7�3�c�a�0�e�5�c�4�2�2�9�2�b�c�8�1�8�c�c�8�a�6�8�c�7�f�2�a�7�8�a�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�3�7�7�2�3�3�3�2�7�1�1�b�a�3�a�6�5�3�8�0�a�f�9�a�c�9�e�5�2�e�a�7�4�0�0�7�7�3�0�2�8�8�c�9�f�d�c�d�1�3�6�9�9�2�4�7�c�e�d�9�e�d�c�d�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�c�4�a�a�3�d�a�d�1�7�4�6�8�f�2�a�b�5�1�5�f�1�7�1�f�e�f�a�f�8�3�5�2�1�6�2�2�d�6�f�c�e�4�9�4�6�f�1�a�2�8�7�3�a�d�e�f�d�2�e�a�6�0�c�
C�:�\�4�1�a�6�f�4�c�7�5�a�a�e�c�3�1�5�6�6�7�c�1�9�1�2�e�3�8�f�9�d�3�6�4�8�3�5�0�2�b�4�5�6�9�0�2�7�1�7�a�5�f�c�2�3�8�0�c�b�8�8�d�6�f�5�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�9�f�4�5�d�8�9�7�d�1�a�2�3�c�9�a�e�6�9�a�c�4�b�f�9�e�4�9�1�7�2�9�8�e�9�5�d�f�f�3�b�e�2�f�1�4�a�9�7�7�3�7�0�f�7�7�4�3�e�d�4�a�5�4�
C�:�\�0�2�d�7�2�d�1�b�e�3�0�5�9�4�5�4�1�c�4�c�7�9�c�5�d�b�3�c�0�5�d�9�3�e�5�0�b�c�2�a�f�3�c�7�c�7�1�d�2�8�3�6�4�d�9�1�f�a�5�3�c�6�a�9�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�6�0�8�a�8�1�1�6�4�3�a�6�7�0�4�7�4�5�2�7�f�9�f�b�6�d�0�5�6�c�9�5�e�0�0�7�a�6�8�3�2�5�0�8�e�5�9�7�2�1�d�d�7�3�b�4�e�e�1�4�7�9�c�d�
C�:�\�U�s�e�r�s�\�a�d�m�i�n�\�D�o�w�n�l�o�a�d�s�\�z�a�b�e�r�p�i�t�.�e�x�e�
C�:�\�8�5�2�6�b�2�6�3�c�b�4�4�1�1�2�5�4�5�9�9�9�6�a�f�a�b�7�8�3�a�e�2�2�d�c�7�0�e�e�6�f�9�1�1�a�7�e�8�0�b�2�8�c�6�e�9�5�0�1�6�e�f�a�6�
Hosts
| IP |
|---|
| 114.114.114.114 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com | A 131.107.255.255 | 131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 56933 | 114.114.114.114 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.