1.1
低危
DACN
0.12
FACILE
1.00
IMCLNet
0.70
MFGraph
0.00
反病毒引擎
| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| Alibaba | Trojan:Win32/Lunam.36a83f07 | 20190527 | 0.3.0.5 |
| Avast | Win32:Malware-gen | 20200319 | 18.4.3895.0 |
| Baidu | None | 20190318 | 1.0.0.2 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20190702 | 1.0 |
| Kingsoft | None | 20200319 | 2013.8.14.323 |
| McAfee | GenericRXIE-NA!620534C5D8F3 | 20200319 | 6.0.6.653 |
| Tencent | Trojan.Win32.FakeFolder.pb | 20200319 | 1.0.0.1 |
静态指标
动态指标
该二进制文件可能包含加密或压缩数据,表明使用了打包工具
(3 个事件)
| section | {'name': '.text', 'virtual_address': '0x00001000', 'virtual_size': '0x00022000', 'size_of_data': '0x00005c00', 'entropy': 7.9720032517446535} | entropy | 7.9720032517446535 | description | 发现高熵的节 | |||||||||
| section | {'name': '.rsrc', 'virtual_address': '0x00023000', 'virtual_size': '0x00002000', 'size_of_data': '0x00002000', 'entropy': 7.641001215802067} | entropy | 7.641001215802067 | description | 发现高熵的节 | |||||||||
| entropy | 1.0 | description | 此PE文件的整体熵值较高 | |||||||||||
网络通信
与未执行 DNS 查询的主机进行通信
(2 个事件)
| host | 114.114.114.114 | |||
| host | 8.8.8.8 | |||
文件已被 VirusTotal 上 65 个反病毒引擎识别为恶意
(50 out of 65 个事件)
| ALYac | Dropped:Trojan.Script.418723 |
| APEX | Malicious |
| AVG | Win32:Malware-gen |
| Acronis | suspicious |
| Ad-Aware | Dropped:Trojan.Script.418723 |
| AhnLab-V3 | Trojan/Win32.Lunam.R261674 |
| Alibaba | Trojan:Win32/Lunam.36a83f07 |
| Antiy-AVL | Trojan/Win32.Lunam |
| Arcabit | Trojan.Script.D663A3 |
| Avast | Win32:Malware-gen |
| Avira | TR/Crypt.PEPM.Gen |
| BitDefender | Dropped:Trojan.Script.418723 |
| BitDefenderTheta | AI:Packer.EDAF68DE1E |
| Bkav | W32.AIDetectVM.malware |
| CAT-QuickHeal | Trojan.Lunam |
| CMC | Trojan.Win32.Lunam!O |
| ClamAV | Win.Malware.Lunam-6907440-0 |
| Comodo | TrojWare.Win32.Spy.Agent.1396070@1qn3u3 |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Cybereason | malicious.5d8f3e |
| Cylance | Unsafe |
| Cyren | W32/Hupigon.CB.gen!Eldorado |
| DrWeb | Trojan.PWS.Banker1.30100 |
| ESET-NOD32 | Win32/Otfrem.A |
| Emsisoft | Dropped:Trojan.Script.418723 (B) |
| Endgame | malicious (high confidence) |
| F-Prot | W32/Hupigon.CB.gen!Eldorado |
| F-Secure | Trojan.TR/Crypt.PEPM.Gen |
| FireEye | Generic.mg.620534c5d8f3eb4b |
| Fortinet | W32/Agent.4FE0!tr |
| GData | Dropped:Trojan.Script.418723 |
| Ikarus | Trojan.Win32.Lunam |
| Invincea | heuristic |
| Jiangmin | Trojan/PSW.Lmir.dah |
| K7AntiVirus | Trojan ( 0054dc901 ) |
| K7GW | Trojan ( 0054dc901 ) |
| Kaspersky | Trojan.Win32.Lunam.a |
| Lionic | Trojan.Win32.Lunam.tpLz |
| MAX | malware (ai score=87) |
| Malwarebytes | Spyware.PasswordStealer |
| MaxSecure | Win.MxResIcn.Heur.Gen |
| McAfee | GenericRXIE-NA!620534C5D8F3 |
| McAfee-GW-Edition | BehavesLike.Win32.Generic.fh |
| MicroWorld-eScan | Dropped:Trojan.Script.418723 |
| Microsoft | Trojan:Win32/Lunam |
| NANO-Antivirus | Trojan.Win32.Lunam.foufld |
| Paloalto | generic.ml |
| Panda | Trj/Genetic.gen |
| Qihoo-360 | Win32/Worm.FakeFolder.CU |
| Rising | Trojan.Lunam!1.B819 (CLASSIC) |
二进制图像
288x288
224x224
192x192
160x160
128x128
96x96
64x64
32x32
运行截图
暂无运行截图
该样本运行过程中未生成截图
PE Compile Time
2008-11-16 11:29:47
PE Imphash
09d0478591d4f788cb3e5ea416c25237
Sections
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x00022000 | 0x00005c00 | 7.9720032517446535 |
| .rsrc | 0x00023000 | 0x00002000 | 0x00002000 | 7.641001215802067 |
Resources
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_ICON | 0x00022308 | 0x00000468 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_ICON | 0x00022308 | 0x00000468 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_ICON | 0x00022308 | 0x00000468 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_ICON | 0x00022308 | 0x00000468 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_ICON | 0x00022308 | 0x00000468 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_ICON | 0x00022308 | 0x00000468 | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_GROUP_ICON | 0x00022770 | 0x0000005a | LANG_NEUTRAL | SUBLANG_NEUTRAL | None |
| RT_VERSION | 0x000227d0 | 0x00000264 | LANG_ENGLISH | SUBLANG_ENGLISH_US | None |
Imports
Library kernel32.dll:
• 0x4231e0 LoadLibraryA
• 0x4231e4 GetProcAddress
• 0x4231e8 VirtualAlloc
• 0x4231ec VirtualFree
L!This program cannot be run in DOS mode.
PEC2^O
mbTpEN
:EWB(CO!
P\_!"%
hDB;e@~o
u|KrA/
b^UbUA
#Dzsb2dp&d
I81,xN6`
@Kk\;>d_y
%WzztE+`i[gV[bf1=9
D;kbr7?WY|
Z(PQ.KWUd
IWa+VW
t_%f]l.k+
b7/+Kv=Qg
E\!yP^U,agOPB`
ie}>u!
{xzGG3v0c\>AtUVY
q|^pXK
#il;C2
ktbQo!TZ
.,.Mh!Y!h'.*
q'e1_?m("
Xd'Ziay
n-C/ T
0#ZWT|@KJ
eDtlk1
Vh0y&]!
?j|829J
xT+8v(
$J }ji0
fU^ma2yUf
pnxv=k
CK?K~9f\(%{
H<nO0.g
(b$a,kz"`Hn#[<ms& Q%
A^1.Q>-b
5#IK3&X!%V\q
ixz"SYOY
J^Mf zNun
Ik^-tHS*
[9h?vnqd
J7Vng0
J#H#{]`$RXBPJ
N$Le=F
=8wv-3
s#*Za&DZ9
v?L$4P
v|jhXQ]N'
mGd/VD)=1B
3|P)ST
atgZCU+g
+d0J1I
18pO^l>p3
m'@e'05
LgThHL
D#f{O(J`d"rF
J7urt`Rj
3$+cC9W
yywWm;
Jjex|s
X!#uoK12#
"s@K\}C
?R{,hUUu ikHc
PECompact2
\ugWPw
H%caAp
6m8Nme!6
VR^]RIK5
vdQ_w\|H
y9e!w)n
]oRln uJ
=%8T"mXgbslcoF
$E,+hu
s@B?hqa`
#^|G(!8
x` T"@h
Ozi FzR7
zL)cOx
ba&tqa
J`/O`0
.E]=NQjKnw
1.19_p
vS}pT<*bgN_
WGc.5mIr@`^
/M8@tCL=ge
H:aP%w9iWPs0.,q
2\.vghK>-(au
"hA=1M-
r9W;>-
gigov
0~P<!Az$
#]_E{3o
4{h.6DsN!
+QRKK?t
^**5! <Vg
NZ_R t
s0BRK3.[q#I
gKO3lToa
wW-E&@&A^t&
HEC+X[:
?EXN\GO(?
%OIpMEG
e+.;:?
Y;zVpN
Z'K20Vxq
?%Mh2^G
lXV!QOA,ex
pS@hv;
i'h8Q]g
tM;k/&i
bKz5Bg3
c14=pxh
Y,9}'r=[39dUM{RZ_
QN.KEnB[r
.nyULT6
xl$T&0C6
q]}N:)
Ag7F%TQf|U`
#h7HlV/M
PG3ilpeGA~oLIC,
}r/h{bG~
MCPTl+mj
oD u{VuLR.%
9iXS7b
^#w0N8
QqKrx[1T|>*
+NW{(h
I~+aXHt
uTpNMC
XC6mD.g
a`v\.$J,s[
u<-@pc}]
phusCJH]
o!w-BTy&
i*V&S9
Jtt]{JQ
E*wmc3e(jbtgh(
v-9q[3$uZU
HdOM1x&
8WiNW@
e87@46]
}D~+eLuOf
nAr8ei#v
~K(rAN
(rU)E'
TU?Ho9oJ
b'c4;|
p ~>\\c@WCG{
t[1It/Tl"x
mNP_nw_WUZ
Q;G9%2|v13
;Li[@cc+
bYV/LT
DU=m?M!]
+@@L4~Ru4
ycr1FJP
/d._]aU IU>2|
/wQ)bAvRw;
*cV!^vgFcu*o
8.t__g
_P}`\nJ
))_c,dQ
'/ZMtQ
krgkLpf
'WC,oj /9
0psH W
'"[<VGs`
,G^`h,x
Gyp.`[
Ilv6Lgqm`x~Z
}oo\sRapWTz
'uwTH"
X8`,fw-
Zj{I# AJ
3G>51D8GvkR
<1V\%H
b.l} 2#,cczg%V
Y_eza^.\/CVj8tg
UsKjSS
nB^ur8E k
.QTcR
w!T4)9tZBlc<,
x,aajYE
[*V^|B)u?
XycA )%
4R5w1g
%!'Y'(
:pBj SqP
PJ2%b6
t6w6Gux
38pq" E
hJVulHWsL<-l_
ht=+?l}3@rrP
} 3;+9
HtU*pM<(
Z\YLGA
t9*YKw
yGMa.%
%J= i:
O"os7?
1xtD/g
j:<^$V%e
mh>iFMk/[o
{CQ0*1w9
4Wr7%x{
<)~@mWV
`Z_IDJAtY<i-i
6t<rzt5<`[5L
E;7]A7JKd|JI
li3@kg
WeN)bJ
>3gJF%Lj
B^L<J#%G*6=lf
Tn#qn)r.0
wX8OZm?
CWsi0>
2NbXy4Ro71!6E
'QXqE6
Tmd7 E!
3q4.p=[);"r
H,u"[
ZPv,@J5!-
?zw! .RrM+<
wQkMS&P'P1
YR|7^RVM0iqC
\bw>_|{
WwbfwBL_m
~(N'5&/q{'9
\~c!{MF z|@m!Qk>C&
L83C^(%=
rN4RE^5wH]
z:wy@NaW:c5Si2h
<9Aj?Q)d77(+
^qyc;03Zet
$ngg b
9i'eZU$!w
M!@/ce8
zr:S;2__Qx9p=`
a"DJe&dS3$)*
f%o9q\
hm1\GY
WO4O0k
)f/q0fP=
e7NhV7xU
+5C9&I
@sEuQr
+w5kV%5
0dV+ghQl0^/
>fBX&D
C.V7zyic,
8/5$DJ~A {D=:D
gb@U+-
TC2F-a=GP
v%ezB&j1Li
!-Ci ~0
)ttg=y|
_ATRPx2
y&Fyuv~^r
bk'+$#*7^'Lz
!rZaz&
^Hmyqk
Ipx &(
4Pxt.$
FHg^BL8YoR
l)"]%l#
/x*_UL'2
NLy`dsf2GK*a,
|i_w<Y[
_H#|Dc
s2xy{`
w"g]P<
0;mfh})b
7CUq]CMC
jV9z)]Jl?
C@EP7$1
f@U2|*lc
Gm18xu
]yJT_}
{pY."h=U
`ZHL~`
1w.7BgpY
Zdp/Rn>
>?i/Ow
apH gV1+PrLd
!i6d@G[
#>BOIr1:%
r>r+HE
wsIAwh<e
/G n6g1.gUij4H^m2
nITgLTmnvt:9
Y0Kb.Pp/8XiQF>+lp
O0jw%#-
Kl$;.jB%
9`R#IA,n
Texk`%
P#qd\lKB
<*sfk;k
.v^Z[$
qz{W(g8i!D7;uM
tVxNg\
Cb(3>
HVpag]Sn?lQ
YEB~0sqq[
:t_]BJ
skX#r[yzum&wL
p5v{9Fo
Yc>#~^q9?
bkGV-}:
r#hKgb\;
<|Kr9%|
m :Cs^W?+6 g{EA23!
aEP0oh3QzLY
H/0\.]
6R]qW>EK
#0 1XiY
@?j&Y($/
0i2nyK\bF
L@8|V,
f.%tS-
iLOls;:
+A'QZ`
wxG]Aa
3yXOq6q;?91q
AVrLMq[+zMOy#w`
vSA'? T
\IT`mN[Q
~,b #*2r
|syW)wH8
A(dXS|
bsl(&o
PmeCv7KjZ:`\}OX
XmO+4V 3UNXko,z0dU*D
IU+NdafDum
S"y"Zh
w{5 pLy
&/LbxVnE{b4
]<l)$E
(j.LF1
'r;W8}
~T$ivBr
:2&< *&Qe,wj7
;@p"Wy)
d?[xn-#|7m0
kd#a`/
ngN`\DO
h2PswM
/}'_$T
O3|yRG
6%6EDS D
f8'F~=8J6=
GvE2Hl+*@A3O'
80sNSor
vda{& f
cjk_T}+j
q#Kc#i^?,
N#>f\xZ-b
rI2"T?m.FS
~![V&8
tvVEUa7d
{M}Ueg
Pv\o(a8E/,3Ky
9ulAnG)n}
s4jCT?!1|
[KLm1&QOkOq
fU8D8*
!1o?|j7* +`5
0=_l,G_L
^dmI^yp`lP%#%
1puvv\
G-QJD@
FAt_;$<o
`dyv'8
S+#NXV
z~E<z/
!1Na>Jq}
~z\qyE
FE8UZ1&&
@+7cs`
E?x]='
ZaOrF~
gYUFwbZlr
q[%FQx
eIS}<[g!
(2,u73
7oFNLqd
g5UVuZ~
:Ig{8m
QD(QI%C'P
-BT=Cg~\
Eh(qB
%&;FX%
2dE~ 4^9
{BQd!,r
uVKc1hg
~R0h[b
+Roj?k3eZ
fU,;j}k~
Qx0d.'
3qwIDblZ%
Nm-Z w
p,tUVv
d2:@nPmD036[l
:12DT*p,Wdyv$e
Jsieoc_
c\Ru~=
=!W+BP
+}eDR.Ml:'X
F={P4{a
:D\r8yA
70L92AoU
$\{gI{
_>/~07
Cu"$i{xE~9P@km7"
chcYp+/'
VvS]D!@.8o5V4+
nU# 6~
uHO>M?C
8N9t=,7
>zLC9[uO
92V'>h1BuZ/%j
bS. *KDg)t0
O7B[(N
U(l'?XsS\/u$Ii
J__B@y
+TWH,2
kernel32.dll
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
m2_ KW7n
OQ?*CT!
8!5@|K
9w}iX=~L<,
Hq]C<.+
?C&i"p
;==$?K@]
v!pc}nw"J
d"qPw,
{ia0dVD
>z%voql
3hKt2?}
8 JQY'
-Y,'/>owL
!DV,8Jb
F3_Jg6
y$O=Vb
2qia_?upw
T\>FND
ModulqHan8
Virtopc>ken*32+
ZPY[z]8@
+>(/P"
H+SlM8!
{BtpyL(+
P/(#vjE#hM!"xV4
!J*YO*AW$^@f;M
D$4HSUVPg
6A|$ l
\8T<>#
v0`Zf#
9hD-*
9$$ ?|
;0xUeN
:@97oJ
+Pz%}T`oe<~Wq
405=QtL
vB*(3H%Iw]
Dd"B7\
(1XdS!a
N~0SvJQ
~}U?_(
90sk$M
sFpRph
cN,4+KQ07!'
A,R?B-
%# |"!
uD3Z~X0
fdb;u}
'nPPCN1tMs
!Z`;h2=2
dT)}&nAH+6J^|
@tKwFQ
B_^/b2
XY^WVi
PO:M9W
,QAj@Rw3:
]F:9Fu
g!{PWQSL}@
i7Xt|H,!
A|Q@,: Zha]oM9%
Nr'`Q6
vq"d4n
9l@L04+
pUWmsvb
{ u.Th}e<cdc
%sy5|lntba6id|SDqLG5d,al
uj'XGvMagB
wP=tfNfExitPL
}~ActNCO;b2!
n$zH[QY9
<$J0dkX2
`t$$|$(3
r+|$(|$
USQWVRW
ZPR3C
Z^_Y[]
[Content_Types].xml
l"%33V
=^i7+-
&0A6l4
dsXgL`
t t4Q+"wa|T\y,N
_rels/.rels
i")c$qU~31jH[{
?6!Y_o
word/_rels/document.xml.rels
E}-;}PBlJ!
`[^^ljNKD8R1d:
4e>K/4V
m^urw2N
:>S!?p8JX
0KDEVK c2P,
word/document.xml\r6
Te9$@v
:lZwN., $.
L<E,`@
evh.S5Y
n/UX:9`<R
Qp`_4uK@&
d4tjK8*
Eq@#CDGs,W;`lIgx2=
pK}m$g)Q
)5 8XqIEOvL6?
lZm>'Z}bp$V
hS[[+F={n:O|f}
r,0`%Rp
T]%U-%# +<
g99V[H"
8_aI7FA
naa9"3
O|$CO 1
+ ]S pK{%
H=+dBtq
l8]xbDM5
Nv&@o2
R8Vnsl
z_s=5W
%f-@Lc,
YI-%>|A=
R ^O/n`2P
}d$/x&$
;&cb4;B-d[B]2
/|)Y^6
G0??]U
~Q3QP%J
]n8].Hi,iob
word/theme/theme1.xmlYM
c7c;i&%GyFQ
Yl`)YZ J4WN
KtR7,BVYT
w/FDloa0
"6q1h,)
z^[`5P^77]/
~8W1@y
@yoV}i
(&8l+^
c o^sp_N ?>}
L#_S^?
SJzYt=
[CrGjZ
!B DlnA
`5w12}
D8'c'8=Sd{.
xkw [Hn
tto/+V
; dykZ<J
(V|)i$Fs
d6In!,
\o0Sn_d3-k3iL
zY(6i4["
'ri [xA
Q /wb}KpV3I
C2!f^EqM
[lE!pqbUyIGb>+(
;5V+7X
8zC<C7/}KR\/
UjT}6*
word/settings.xmlVn8
}_`:dII:D
vQ @IM
{d"/&W&|
RV-m:j
0C$}_B (!|K^
?8HwP_
[v@je)
eB8/O!*
N%"kI#UW
L!CcKaiNeS
_5S0 &Xhp
N6 eE,vx%N-
DjaSi!
l8_MW7M@/M^
word/fontTable.xml
h @Qd[T
W^zP41J
_vpAmV
- QBpbg
2D9!28
2GouMY
QnQpTaP
"o2?),*"q4 9"qNklL,'e$r
$J#&3(
.!/>iL
word/webSettings.xmln0
6jVj>LZcy
-{ 'eF3
8Yc25,S+
0LDG+Hk5
nE}5' `t
*ib#3ir]
G ?tMmm
1z}:~;
docProps/app.xml
d*57|bUL68
dPRuhs
kB`sGA6(
@4PL)<
X `-=\D
w(P i}D\Ic
QdH{=,J
laZ)Cu:/-
#>xeNfa5/_d`GQlhL
docProps/core.xml
JQ0is;#;DS
v0RAi?
SPPFOqJO,
Q1BO24v
E+=:/=S/:b(C
%)$,N*
word/styles.xml]s
(Y02~6zO
<e{>8WyJ2
b.Y)fBew<j0y E?JyVq
&Xe==<Y*EO:5/e"[c&
ea^wyye\,SVBZhT*4<+H (
l'Yzg~L
8o4lws
A{6>_U
lY 7wP6-S9
I3B$g?
lvXUdb{,/1_
VID[33D
Y %6",
Pwq<nDs<fCs<^Bs<VAs<N@s<
0;{sVtm]6WT
C|hyK%G,I4
%{ c,!n
dPXwh?/I
ANYUSl|*me E%%'b}b5<7
,fxbhFD
Q54v'U54vkhD
Tf[|p=!cz
0|iL;-
z75rR|Z
5VG%5HZJ
/Kq0JIxBGk}+I/
g/Dg{N=da`I*!"e
y<|"??
zz0dpOv
W@&TJ--|
lY?raaTJX
p`Tt'Q3
I7d%O*g
Thom3{v'9
WN/Lx9'
okxXtw1{;#W
x<K[-OD*
8> l{VJb+g$,xwf
gVd >#tu|']h
ZlWGZGu^e<
N? qW~D_A
uSVs(o
V0>dj*
6*DZ?j
"F\f?zz
"fR(Er-
}#aWw#AwH<
) tuGp'tuKj8+W=?~
QRCTp`J
`!Kj%5Ja'
Pzz1xa(~T
Wj\)5.[
g?!Hj\)5.[
'd/&\j\)5.[K
Wj\)5.[
%7<0A\
I?dMM'm
/tYqIoA]?c
Y4yG$mT
xj~ij>~
eQe}tg
[Content_Types].xmlPK
_rels/.relsPK
word/_rels/document.xml.relsPK
word/document.xmlPK
word/theme/theme1.xmlPK
word/settings.xmlPK
word/fontTable.xmlPK
word/webSettings.xmlPK
docProps/app.xmlPK
docProps/core.xmlPK
word/styles.xmlPK4/17/2019
&Photoshop 3.0
Print Info
Resolution
FX Global Lighting Angle
FX Global Altitude
Print Flags
Copyright Flag
Japanese Print Flags
Color Halftone Settings
Color Transfer Settings
Guides
URL overrides
Slices
ICC Untagged Flag
Layer ID Generator Base
New Windows Thumbnail
Rb34rC
UeuF'Vfv7GWgw
B#R3$brCS
dEU6teuFVfv'7GWgw
kRRd8-
cY^Llu;.27,mI!
'M>)cb{1 b}Mx
?F5u62* 1
bw*'i$:bI$
+1[;tRe?/6YON=:jZ
]q42f>;7
mrq3"J
mv{m'~E1*l5
_k]f5>|fllZlfa^/-o W-iqDg7
z/ef;xp ;m
' ;$R-
32?C1Z
`[5mo Qz]x}s
5IzhN{FgU?Akc;f
Fzxuz;
R}}K+]l1
UN;nUq']_!O-`<
*=;l5n.;w_
uL\`jk6=H
kJoOao4 g<_+j
{=[\V5
_g=5ED
Szi$Dvoa
5YzY8b
;4 b\.7f8
re?a5/
o{cy4}o
zM:=ud:ZsF1i27dd
>Pe6HVpv=ijem]
fBX1/$M
pT0[.`;qZ]N>{E
26Vc}[[
kgn??}#,#OsJs:F^
[>iGXkj
tX-}gn+
uI$<\ K2(7kC`lkXG_
-f5"im
8pSpe(
v@%-q p
a PcZ!
S%.0<xL-Eck@=8
:Tlh<b|S
(NJY:I$
Version compatibility info
JPEG Quality
!Adobe
P1A"#$
AQaq"
@Pr3$C%
`]P*uK
G:|NX]v
Y=:*6wRzY
\;> 6<v>|
4Q/~gpJ{6
Xpy%$ZQEHu.[
%oHh<v=8
[_7gZN
]z >x#K
p9CY5.
jy?<=[
t5`VnL_U
AOI]3;u9.^x
SZZ0<]V
Sbfji$Hl
j/7k,b
h[^VTNu(39h
'>'VU+
QZAi<jjS<$
g/Y2*31
--$Mcq/
Y@)~52
2tqZq}G0
7-SSm.
~:V|Z'
d+/_q8
I+oW`"!abp%
I.G08e,J[\Xq2&[{*FhyK
H:YF,}(qu
*BEYa
v89S#ct3$%BA1Q
T!ZEvQOI(D+c
XTf"|
W!f0f%[
*1q"qD
9Qvqnk6Is
;6fBmxogV^QQRqlhR>t
3uY]}cKMIW
e,T[ MpATLU
Y$-Ls)~
V9$7Q_@
OD*1@@
B<B[wZ^-@
!9K9DwB`
R<RL-9ET
c7UAk0
:>f^"FQh
>BAd};MZse
x3##)Uu
F*@`9e
|b1w:dA
Qt}5}l,^3ky : e$|
pST`Ow/
V}o#KJ'`mb7
,ULN`w|uYzR
IR?`1inV
f)`z|H
DJTGb$n
;vQn@2`@@
IPM0L@
@5k`}7
/;OfjmR
,w$~Fcd I(ylzCd
lYyFyN
! {R.o;=
}#mVLKU-k
eB]kul
81;DN1V?S+`
!nZ"Ma "^1nj
IDL\AwVuls
10^P*/=N
>]14*
*5zX0^8`
OXu$E\N0b&v
nm2v5p
ZzJ;j!
HxG#8T)
1e[W>w
5)5O@O
G-Q; ze(#?Mi{N
8q0=e}
hen4@kZ
EPSL5k2
;Hmg{$
@ U,}G
@rOLb&
H.(P4N&m-9JW)
trW<6S
,)U8OgB7kikWk
Rk%:s;P
5(H8(j
"!sa,0z
=FSae7bx5
xUQN?SB
=c-_E{V-
<{B[J6&
sp osPr:
%#C_\\Vpy
RuPfv!
;]&Ps;
Cym9pR@
j8ApL;
~tr@k4
J4Ph.8fJ
Y4\"0w
{j .Lf
gNRBd3e(\9
C~X0r+%S29|>|
s}Dup&E
g.]K@g
pFj94:li.ikqzW0
j:=P6uAr
5NNwS*
qfi- ")slr#C
H !2"*Yzy(.`#\$DF
;1S5r`
&Yw$Th!G
GCCVT~YW`X)NI9l3l[Uo+
~42v",Xz<
.AQas!%]
4UXuk}xWNd
Y.1ms.
Llz@2\O
d;}7TspuG2
;:45I
7SmE;V
Krz|_&+>?1U
4)-<Nokn
&e<e_!
hK$elnGZKPD
\s:z|I;RBKFO_`
tsE)cS:
J#n3|:
/%ox${
=1>2?J
71C3\F
q> ~~E
Fpo!a,c
b.,q8)
Tmm1#^!cbB
VD1` Cqs&
pBg2Gh-a
K||oqj]
rU"nGFU;2
>/~vZx;
W@:l>6
dhcI..\<
o|1k,H~'m
D46e/=)CZ
LS<-rQ#-G!%$
@x|o9l-)^%gmyn
zM8djGms!cPJ
h?RZZZO]Zo
~|g$;\[4G/!L
u0]lux
da$ 4M )
VT!o$bdx*u
uB@u>}z?8
D xDU ?u?
y.vL'W
r_y0M?
@he,$,
{,\p!ORvUIJwxwU
W^i@;C
5EMk et'AX/
oMm"JVmO\/
pc.'p{a2%
{/~rW9,
[\.m",+Vk*
\e,DD#Xc(% nue3|zn)qs,Ac--
)|!`GXOI
]o2Oe,
KgiZuhp
?uRi@{@
y\<Wy`V
.ukr.y/&LOy
zhap5Iy>
R S&_k:
cY s5v
*8}(qi[f6`
/G\\%6s^PwS#k`X
+,QecU7
]J=c~<cc!Z
p&dElc|
~]*M:\emOc
11`(iYKY
v^18"r-q.x
7M$F=X
I@{Hhu!A;
:?1E$9NO
*J>=<r
d.U~g]ZJ
-H#$aX]2
zr:m)fA
{c>w2dZM
qL(y
lC2Lvo+
]s\_I=
/GSqW<
TRhOn8
@w?'x<:
INkfy?gy
_NR?MVP-6E#
)Bo>+dVb?.ZnF
VVOGz[9Y2k
iIQVT*J
NT[[iz}<F[s
C)OQj@
]E$/{,
JuNj#RA4Cui5
OJ$K%V8"
OhhG`GAiC]G
SA^x0F;T'
zhhakD
tg*ueUjNld;
!M}ZW[h
iTRtui
Jw~Y](
cONKZB
=G'X2t:
kyT<f8;.
6= vWsZ
\?i+6{z{Yk#!SZ
Tz15@a
=.+>;uMF^
:Smtw#
Wo ~]*
u#BR}O
iF]ETU_
4/20/2019 4/20/2019 4/21/2019 14/24/2019 4/24/2019 4/27/2019
Photoshop 3.0
'File written by Adobe Photoshop 4.0
Rb34rC
UeuF'Vfv7GWgw
B#R3$brCS
dEU6teuFVfv'7GWgw
'File written by Adobe Photoshop 4.0
b$r%C4Scs5D'6
eufv7GWgw8HXhx)9IYiy*:JZjz
Rbr3$4C
'dtU7()
euFVfvGWgw8HXhx9IYiy*:JZjz
4/30/2019 PNG
tEXtSoftware
Adobe ImageReadyqe<
#iTXtXML:com.adobe.xmp
<?xpacket begin="
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.154911, 2013/10/29-11:47:16 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)" xmpMM:InstanceID="xmp.iid:E1D36F5BB9BB11E3B557EB674C8A3D9B" xmpMM:DocumentID="xmp.did:E1D36F5CB9BB11E3B557EB674C8A3D9B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E1D36F59B9BB11E3B557EB674C8A3D9B" stRef:documentID="xmp.did:E1D36F5AB9BB11E3B557EB674C8A3D9B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
IDATxb?
?{zzv]r$L
5/1/2019 15/2/2019 5/2/2019 BM
wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww5/4/2019 5/7/2019 BM
'P'M'''M''
$?-&-,
'''''M
'P'P''P'
M'P'''
'''MM''M'P'
'''M'M
6"***((
'P'M''
*2&((((.
S<;;#
"6*=--2
#;;;;;#
6*----H(.(%B$
#;;;;+$
"*=----
EA;;;+;
*=---=-&%(7
#<;;;;;
K*=-=-%=&%..$
;+++;.;;+
A;;;+;
=---=--*7
A<A<<;;+$$
"*&&&&%=?,,
<A;+<SA
"*=*2*
;<<+;+
**-=-*
A+< + A
#A;++ S
.777?7&%(&
&2?2&2?2*&**"
,*B%%%?%-?7?
%%B-%%>%&B
2.%%B%%II->=>&
2%%B%>%%?>NNI>%
B9O>%%%--NYNN
;::;+
(%9%%9I-?%INN9
7:%..
$(:O:%:.(
::::B%.
%?2-2&=2%
W7&U7&7&7W
$*%---&
*&=-?&*
<<A####
.%?%&,$$
##<A;+<##
$;..$E
$S.;.
$ 7$;S
R$77R77$$
*7%%%%777U7&%,$,$
AA++++
#+++::(
++:::
2%-&2.--
++::%(
#++%:(3
(:%%(3
#+:%O%
*-?*22
*---*-(
2%(A
%%9%2=-&&2%#</
:%>9>9-&29+/A#
(%O>->2
2/####
*"6K"KK6F
&%%%%.$$
%%>>%%
%9B>%%%
(%..2%%&
G##<//
#<<<AV
&&*&,"
//### + +
<<++ #
/##<++
&B%>%.$$
###< +#
(%::(+
%%>>%%7
(B9>>>-B
%%%92%7
,?I2?&
(.%%%%
(((( 3
+((.%9923
(::%:2
.%9%%%
$*.%.
**=*-*.
(%9%>9-%2
B2%>9>>-----
(+.;;:
((( A
,$ ;:$$
(%O%%%.(
+::%999
&%%9?%$$7
%9>>%%.
;;; $
(%B>>>-B
(...?9%9-%?&7"
%I--?&
&&---%-,&,
&B=%&?
<++++
+# <+A<;<< #
####+<+<
$ $#$$$$
....(3
#++;++
, ( $$
*&9>O=
*-92?*
*-9I9-
&->99%&
--9-9-&&"
/#::%9
2I9>9>-&
,2-999-%*
&----&&
6-2*"K
8"*=2**!
+:::%:
(%%%:, $$
(+(%:%.(
%B%B.$
(++(;:+++++(..%(
%%99>I9-%&
,&%%%2&&W*-=I2"
(.2%&2&*&&
H-22(&
++;.+
****---2&-
-9>99&
######+#/
,&=%&,,
+;:.::%%.&
( ((:B%B.%(7
$&(2%%
((%B%-7
?9%%9?
,(%%9>9-
%I9>9-%&
.-%>-9-=7,,
?%99>>-%&&7$
%%%I-I-I-%,
7%B>ZN>?&,
79>YN9=,
7%%II=7$
*&%-922.(
-->>N%9.(
%9ON>>9%-%&
(99O>9%&2-9%-%-2
2%%99B(
%2%B9B
(:..&
%9%%2&
29>9--2
*9N>>2&&*-292
&->N>9--*&2?
*>>--2=&2
292--*
'''''''MP''''
*-*--*"
''''''P'M'P''''
5/10/2019 1BM,
&BR1 Jp
m111\PTu))))n
HHHHzt?333a{s
eAAA@y
}$###x
>+++@iiiiy
d;;;;R
XG99:plIIIIKz
DEEFF`=2222Nd
VWWDWQ '''(Cr
5/11/2019 5/11/2019 BM8h
mmmmmgm
ggmmmmmnsnsn
snnnmm
llnsnsnnsssng
lsssssn
sssssnnnnssmms
ssssnsssn
lnssnnnsnssnsnsm
lsssnssm
lrmssssssnssmnsm
msnnssssmmnlmsssssssssn
nssnssssmmsmm
ssssnssmgnn
llmmmsssssssssnsm
rssssssnnsms
mssssnsssnmms
mnsnsssnsssnsn
lmsssnsssssss
mmlmnssssnssnsssnnm
rmssnnssssss
mmmsssnsnsnssssssmmmnnsnnmm
snssssssnnssssnsmg
mnssnsssssnsssnsnsnssssnnsmm
ssnsssssnnssnssnnsnsmmm
snsssssssnssssnsssnssm
mmmnsssssnnssnssssss
msnsnssnsssnsssnsssnsnnsnsssmmg
mmmmmsnssssnssssnsssnsssnnm
mmsnsssnssnssnsssnnsssm
mmmnsssssssnnsnssnnssssns
msnssssssssssssnssnnm
mmmmgsnssssssssnsssnssss
mmmnssnsnnsnnssnsnsnssssss
mmmmmmmmnssssssnsnsnssssns
mrmmmm
nnssssssnssssnssnsnss
mmssssssnssssssssn
mmnnnsssnsssssssnsnssssssn
mmmmmlmmm
mmmmmmmsssssnsnsssm
mmmnsnsssssssnsssssssssssm
mmmnsnssnssnsssnmmm
mmmmmnnsssnssnssnnssssssnsm
mmmmmmmsnnsssnnssnsmm
mmmmsnssssssssssssmm
mmmnsnsnsssnnmm
mmmmsnsssnsnssnsssmmmmmm
mmmgmsn
gmnmmm
mmmmgm
gmmmnnn
mmmmmn
mmmmsn
mmmnnm
mmnnmnmm
gmmmmnmmsnnnn
mmmnnmn
mmmnmm
mmmgnmmmnmmm
nnnnnnm
mnnnmnmnnsmnmmmm
nnnssmmnnn
nnnnnnn
mnnnnnnnnn
mmsnsnnsg
mmsnnmnnsnm
mnmnmmmnnnn
mmmnsnnnnnnsm
nmnnnnmsn
mmnmnnmmnnmg
mnmnmnnnmmmm
mnnmnnnmnnsnnnm
nmnmmnnmmm
mnmnnmnnnnmnmmmmm
gmmnnnmmsnmmm
nmnnnmnnnmm
mmmmmnmnnmm
mmnnmmnnnnmm
mnmnnnmm
mmmmmmm
nnnnnmmg
gmmnnn
gmmmmmmmmmmmm
mmmmmm
mmmmmmm
5/14/2019 1MZ
L!This program cannot be run in DOS mode.
PEC2^O
mbTpEN
:EWB(CO!
P\_!"%
hDB;e@~o
u|KrA/
b^UbUA
#Dzsb2dp&d
I81,xN6`
@Kk\;>d_y
%WzztE+`i[gV[bf1=9
D;kbr7?WY|
Z(PQ.KWUd
IWa+VW
t_%f]l.k+
b7/+Kv=Qg
E\!yP^U,agOPB`
ie}>u!
{xzGG3v0c\>AtUVY
q|^pXK
#il;C2
ktbQo!TZ
.,.Mh!Y!h'.*
q'e1_?m("
Xd'Ziay
n-C/ T
0#ZWT|@KJ
eDtlk1
Vh0y&]!
?j|829J
xT+8v(
$J }ji0
fU^ma2yUf
pnxv=k
CK?K~9f\(%{
H<nO0.g
(b$a,kz"`Hn#[<ms& Q%
A^1.Q>-b
5#IK3&X!%V\q
ixz"SYOY
J^Mf zNun
Ik^-tHS*
[9h?vnqd
J7Vng0
J#H#{]`$RXBPJ
N$Le=F
=8wv-3
s#*Za&DZ9
v?L$4P
v|jhXQ]N'
mGd/VD)=1B
3|P)ST
atgZCU+g
+d0J1I
18pO^l>p3
m'@e'05
LgThHL
D#f{O(J`d"rF
J7urt`Rj
3$+cC9W
yywWm;
Jjex|s
X!#uoK12#
"s@K\}C
?R{,hUUu ikHc
PECompact2
\ugWPw
H%caAp
6m8Nme!6
VR^]RIK5
vdQ_w\|H
y9e!w)n
]oRln uJ
=%8T"mXgbslcoF
$E,+hu
s@B?hqa`
#^|G(!8
x` T"@h
Ozi FzR7
zL)cOx
ba&tqa
J`/O`0
.E]=NQjKnw
1.19_p
vS}pT<*bgN_
WGc.5mIr@`^
/M8@tCL=ge
H:aP%w9iWPs0.,q
2\.vghK>-(au
"hA=1M-
r9W;>-
gigov
0~P<!Az$
#]_E{3o
4{h.6DsN!
+QRKK?t
^**5! <Vg
NZ_R t
s0BRK3.[q#I
gKO3lToa
wW-E&@&A^t&
HEC+X[:
?EXN\GO(?
%OIpMEG
e+.;:?
Y;zVpN
Z'K20Vxq
?%Mh2^G
lXV!QOA,ex
pS@hv;
i'h8Q]g
tM;k/&i
bKz5Bg3
c14=pxh
Y,9}'r=[39dUM{RZ_
QN.KEnB[r
.nyULT6
xl$T&0C6
q]}N:)
Ag7F%TQf|U`
#h7HlV/M
PG3ilpeGA~oLIC,
}r/h{bG~
MCPTl+mj
oD u{VuLR.%
9iXS7b
^#w0N8
QqKrx[1T|>*
+NW{(h
I~+aXHt
uTpNMC
XC6mD.g
a`v\.$J,s[
u<-@pc}]
phusCJH]
o!w-BTy&
i*V&S9
Jtt]{JQ
E*wmc3e(jbtgh(
v-9q[3$uZU
HdOM1x&
8WiNW@
e87@46]
}D~+eLuOf
nAr8ei#v
~K(rAN
(rU)E'
TU?Ho9oJ
b'c4;|
p ~>\\c@WCG{
t[1It/Tl"x
mNP_nw_WUZ
Q;G9%2|v13
;Li[@cc+
bYV/LT
DU=m?M!]
+@@L4~Ru4
ycr1FJP
/d._]aU IU>2|
/wQ)bAvRw;
*cV!^vgFcu*o
8.t__g
_P}`\nJ
))_c,dQ
'/ZMtQ
krgkLpf
'WC,oj /9
0psH W
'"[<VGs`
,G^`h,x
Gyp.`[
Ilv6Lgqm`x~Z
}oo\sRapWTz
'uwTH"
X8`,fw-
Zj{I# AJ
3G>51D8GvkR
<1V\%H
b.l} 2#,cczg%V
Y_eza^.\/CVj8tg
UsKjSS
nB^ur8E k
.QTcR
w!T4)9tZBlc<,
x,aajYE
[*V^|B)u?
XycA )%
4R5w1g
%!'Y'(
:pBj SqP
PJ2%b6
t6w6Gux
38pq" E
hJVulHWsL<-l_
ht=+?l}3@rrP
} 3;+9
HtU*pM<(
Z\YLGA
t9*YKw
yGMa.%
%J= i:
O"os7?
1xtD/g
j:<^$V%e
mh>iFMk/[o
{CQ0*1w9
4Wr7%x{
<)~@mWV
`Z_IDJAtY<i-i
6t<rzt5<`[5L
E;7]A7JKd|JI
li3@kg
WeN)bJ
>3gJF%Lj
B^L<J#%G*6=lf
Tn#qn)r.0
wX8OZm?
CWsi0>
2NbXy4Ro71!6E
'QXqE6
Tmd7 E!
3q4.p=[);"r
H,u"[
ZPv,@J5!-
?zw! .RrM+<
wQkMS&P'P1
YR|7^RVM0iqC
\bw>_|{
WwbfwBL_m
~(N'5&/q{'9
\~c!{MF z|@m!Qk>C&
L83C^(%=
rN4RE^5wH]
z:wy@NaW:c5Si2h
<9Aj?Q)d77(+
^qyc;03Zet
$ngg b
9i'eZU$!w
M!@/ce8
zr:S;2__Qx9p=`
a"DJe&dS3$)*
f%o9q\
hm1\GY
WO4O0k
)f/q0fP=
e7NhV7xU
+5C9&I
@sEuQr
+w5kV%5
0dV+ghQl0^/
>fBX&D
C.V7zyic,
8/5$DJ~A {D=:D
gb@U+-
TC2F-a=GP
v%ezB&j1Li
!-Ci ~0
)ttg=y|
_ATRPx2
y&Fyuv~^r
bk'+$#*7^'Lz
!rZaz&
^Hmyqk
Ipx &(
4Pxt.$
FHg^BL8YoR
l)"]%l#
/x*_UL'2
NLy`dsf2GK*a,
|i_w<Y[
_H#|Dc
s2xy{`
w"g]P<
0;mfh})b
7CUq]CMC
jV9z)]Jl?
C@EP7$1
f@U2|*lc
Gm18xu
]yJT_}
{pY."h=U
`ZHL~`
1w.7BgpY
Zdp/Rn>
>?i/Ow
apH gV1+PrLd
!i6d@G[
#>BOIr1:%
r>r+HE
wsIAwh<e
/G n6g1.gUij4H^m2
nITgLTmnvt:9
Y0Kb.Pp/8XiQF>+lp
O0jw%#-
Kl$;.jB%
9`R#IA,n
Texk`%
P#qd\lKB
<*sfk;k
.v^Z[$
qz{W(g8i!D7;uM
tVxNg\
Cb(3>
HVpag]Sn?lQ
YEB~0sqq[
:t_]BJ
skX#r[yzum&wL
p5v{9Fo
Yc>#~^q9?
bkGV-}:
r#hKgb\;
<|Kr9%|
m :Cs^W?+6 g{EA23!
aEP0oh3QzLY
H/0\.]
6R]qW>EK
#0 1XiY
@?j&Y($/
0i2nyK\bF
L@8|V,
f.%tS-
iLOls;:
+A'QZ`
wxG]Aa
3yXOq6q;?91q
AVrLMq[+zMOy#w`
vSA'? T
\IT`mN[Q
~,b #*2r
|syW)wH8
A(dXS|
bsl(&o
PmeCv7KjZ:`\}OX
XmO+4V 3UNXko,z0dU*D
IU+NdafDum
S"y"Zh
w{5 pLy
&/LbxVnE{b4
]<l)$E
(j.LF1
'r;W8}
~T$ivBr
:2&< *&Qe,wj7
;@p"Wy)
d?[xn-#|7m0
kd#a`/
ngN`\DO
h2PswM
/}'_$T
O3|yRG
6%6EDS D
f8'F~=8J6=
GvE2Hl+*@A3O'
80sNSor
vda{& f
cjk_T}+j
q#Kc#i^?,
N#>f\xZ-b
rI2"T?m.FS
~![V&8
tvVEUa7d
{M}Ueg
Pv\o(a8E/,3Ky
9ulAnG)n}
s4jCT?!1|
[KLm1&QOkOq
fU8D8*
!1o?|j7* +`5
0=_l,G_L
^dmI^yp`lP%#%
1puvv\
G-QJD@
FAt_;$<o
`dyv'8
S+#NXV
z~E<z/
!1Na>Jq}
~z\qyE
FE8UZ1&&
@+7cs`
E?x]='
ZaOrF~
gYUFwbZlr
q[%FQx
eIS}<[g!
(2,u73
7oFNLqd
g5UVuZ~
:Ig{8m
QD(QI%C'P
-BT=Cg~\
Eh(qB
%&;FX%
2dE~ 4^9
{BQd!,r
uVKc1hg
~R0h[b
+Roj?k3eZ
fU,;j}k~
Qx0d.'
3qwIDblZ%
Nm-Z w
p,tUVv
d2:@nPmD036[l
:12DT*p,Wdyv$e
Jsieoc_
c\Ru~=
=!W+BP
+}eDR.Ml:'X
F={P4{a
:D\r8yA
70L92AoU
$\{gI{
_>/~07
Cu"$i{xE~9P@km7"
chcYp+/'
VvS]D!@.8o5V4+
nU# 6~
uHO>M?C
8N9t=,7
>zLC9[uO
92V'>h1BuZ/%j
bS. *KDg)t0
O7B[(N
U(l'?XsS\/u$Ii
J__B@y
+TWH,2
kernel32.dll
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
m2_ KW7n
OQ?*CT!
8!5@|K
9w}iX=~L<,
Hq]C<.+
?C&i"p
;==$?K@]
v!pc}nw"J
d"qPw,
{ia0dVD
>z%voql
3hKt2?}
8 JQY'
-Y,'/>owL
!DV,8Jb
F3_Jg6
y$O=Vb
2qia_?upw
T\>FND
ModulqHan8
Virtopc>ken*32+
ZPY[z]8@
+>(/P"
H+SlM8!
{BtpyL(+
P/(#vjE#hM!"xV4
!J*YO*AW$^@f;M
D$4HSUVPg
6A|$ l
\8T<>#
v0`Zf#
9hD-*
9$$ ?|
;0xUeN
:@97oJ
+Pz%}T`oe<~Wq
405=QtL
vB*(3H%Iw]
Dd"B7\
(1XdS!a
N~0SvJQ
~}U?_(
90sk$M
sFpRph
cN,4+KQ07!'
A,R?B-
%# |"!
uD3Z~X0
fdb;u}
'nPPCN1tMs
!Z`;h2=2
dT)}&nAH+6J^|
@tKwFQ
B_^/b2
XY^WVi
PO:M9W
,QAj@Rw3:
]F:9Fu
g!{PWQSL}@
i7Xt|H,!
A|Q@,: Zha]oM9%
Nr'`Q6
vq"d4n
9l@L04+
pUWmsvb
{ u.Th}e<cdc
%sy5|lntba6id|SDqLG5d,al
uj'XGvMagB
wP=tfNfExitPL
}~ActNCO;b2!
n$zH[QY9
<$J0dkX2
`t$$|$(3
r+|$(|$
USQWVRW
ZPR3C
Z^_Y[]
[Content_Types].xml
l"%33V
=^i7+-
&0A6l4
dsXgL`
t t4Q+"wa|T\y,N
_rels/.rels
i")c$qU~31jH[{
?6!Y_o
word/_rels/document.xml.rels
E}-;}PBlJ!
`[^^ljNKD8R1d:
4e>K/4V
m^urw2N
:>S!?p8JX
0KDEVK c2P,
word/document.xml\r6
Te9$@v
:lZwN., $.
L<E,`@
evh.S5Y
n/UX:9`<R
Qp`_4uK@&
d4tjK8*
Eq@#CDGs,W;`lIgx2=
pK}m$g)Q
)5 8XqIEOvL6?
lZm>'Z}bp$V
hS[[+F={n:O|f}
r,0`%Rp
T]%U-%# +<
g99V[H"
8_aI7FA
naa9"3
O|$CO 1
+ ]S pK{%
H=+dBtq
l8]xbDM5
Nv&@o2
R8Vnsl
z_s=5W
%f-@Lc,
YI-%>|A=
R ^O/n`2P
}d$/x&$
;&cb4;B-d[B]2
/|)Y^6
G0??]U
~Q3QP%J
]n8].Hi,iob
word/theme/theme1.xmlYM
c7c;i&%GyFQ
Yl`)YZ J4WN
KtR7,BVYT
w/FDloa0
"6q1h,)
z^[`5P^77]/
~8W1@y
@yoV}i
(&8l+^
c o^sp_N ?>}
L#_S^?
SJzYt=
[CrGjZ
!B DlnA
`5w12}
D8'c'8=Sd{.
xkw [Hn
tto/+V
; dykZ<J
(V|)i$Fs
d6In!,
\o0Sn_d3-k3iL
zY(6i4["
'ri [xA
Q /wb}KpV3I
C2!f^EqM
[lE!pqbUyIGb>+(
;5V+7X
8zC<C7/}KR\/
UjT}6*
word/settings.xmlVn8
}_`:dII:D
vQ @IM
{d"/&W&|
RV-m:j
0C$}_B (!|K^
?8HwP_
[v@je)
eB8/O!*
N%"kI#UW
L!CcKaiNeS
_5S0 &Xhp
N6 eE,vx%N-
DjaSi!
l8_MW7M@/M^
word/fontTable.xml
h @Qd[T
W^zP41J
_vpAmV
- QBpbg
2D9!28
2GouMY
QnQpTaP
"o2?),*"q4 9"qNklL,'e$r
$J#&3(
.!/>iL
word/webSettings.xmln0
6jVj>LZcy
-{ 'eF3
8Yc25,S+
0LDG+Hk5
nE}5' `t
*ib#3ir]
G ?tMmm
1z}:~;
docProps/app.xml
d*57|bUL68
dPRuhs
kB`sGA6(
@4PL)<
X `-=\D
w(P i}D\Ic
QdH{=,J
laZ)Cu:/-
#>xeNfa5/_d`GQlhL
docProps/core.xml
JQ0is;#;DS
v0RAi?
SPPFOqJO,
Q1BO24v
E+=:/=S/:b(C
%)$,N*
word/styles.xml]s
(Y02~6zO
<e{>8WyJ2
b.Y)fBew<j0y E?JyVq
&Xe==<Y*EO:5/e"[c&
ea^wyye\,SVBZhT*4<+H (
l'Yzg~L
8o4lws
A{6>_U
lY 7wP6-S9
I3B$g?
lvXUdb{,/1_
VID[33D
Y %6",
Pwq<nDs<fCs<^Bs<VAs<N@s<
0;{sVtm]6WT
C|hyK%G,I4
%{ c,!n
dPXwh?/I
ANYUSl|*me E%%'b}b5<7
,fxbhFD
Q54v'U54vkhD
Tf[|p=!cz
0|iL;-
z75rR|Z
5VG%5HZJ
/Kq0JIxBGk}+I/
g/Dg{N=da`I*!"e
y<|"??
zz0dpOv
W@&TJ--|
lY?raaTJX
p`Tt'Q3
I7d%O*g
Thom3{v'9
WN/Lx9'
okxXtw1{;#W
x<K[-OD*
8> l{VJb+g$,xwf
gVd >#tu|']h
ZlWGZGu^e<
N? qW~D_A
uSVs(o
V0>dj*
6*DZ?j
"F\f?zz
"fR(Er-
}#aWw#AwH<
) tuGp'tuKj8+W=?~
QRCTp`J
`!Kj%5Ja'
Pzz1xa(~T
Wj\)5.[
g?!Hj\)5.[
'd/&\j\)5.[K
Wj\)5.[
%7<0A\
I?dMM'm
/tYqIoA]?c
Y4yG$mT
xj~ij>~
eQe}tg
[Content_Types].xmlPK
_rels/.relsPK
word/_rels/document.xml.relsPK
word/document.xmlPK
word/theme/theme1.xmlPK
word/settings.xmlPK
word/fontTable.xmlPK
word/webSettings.xmlPK
docProps/app.xmlPK
docProps/core.xmlPK
word/styles.xmlPK4/17/2019
&Photoshop 3.0
Print Info
Resolution
FX Global Lighting Angle
FX Global Altitude
Print Flags
Copyright Flag
Japanese Print Flags
Color Halftone Settings
Color Transfer Settings
Guides
URL overrides
Slices
ICC Untagged Flag
Layer ID Generator Base
New Windows Thumbnail
Rb34rC
UeuF'Vfv7GWgw
B#R3$brCS
dEU6teuFVfv'7GWgw
kRRd8-
cY^Llu;.27,mI!
'M>)cb{1 b}Mx
?F5u62* 1
bw*'i$:bI$
+1[;tRe?/6YON=:jZ
]q42f>;7
mrq3"J
mv{m'~E1*l5
_k]f5>|fllZlfa^/-o W-iqDg7
z/ef;xp ;m
' ;$R-
32?C1Z
`[5mo Qz]x}s
5IzhN{FgU?Akc;f
Fzxuz;
R}}K+]l1
UN;nUq']_!O-`<
*=;l5n.;w_
uL\`jk6=H
kJoOao4 g<_+j
{=[\V5
_g=5ED
Szi$Dvoa
5YzY8b
;4 b\.7f8
re?a5/
o{cy4}o
zM:=ud:ZsF1i27dd
>Pe6HVpv=ijem]
fBX1/$M
pT0[.`;qZ]N>{E
26Vc}[[
kgn??}#,#OsJs:F^
[>iGXkj
tX-}gn+
uI$<\ K2(7kC`lkXG_
-f5"im
8pSpe(
v@%-q p
a PcZ!
S%.0<xL-Eck@=8
:Tlh<b|S
(NJY:I$
Version compatibility info
JPEG Quality
!Adobe
P1A"#$
AQaq"
@Pr3$C%
`]P*uK
G:|NX]v
Y=:*6wRzY
\;> 6<v>|
4Q/~gpJ{6
Xpy%$ZQEHu.[
%oHh<v=8
[_7gZN
]z >x#K
p9CY5.
jy?<=[
t5`VnL_U
AOI]3;u9.^x
SZZ0<]V
Sbfji$Hl
j/7k,b
h[^VTNu(39h
'>'VU+
QZAi<jjS<$
g/Y2*31
--$Mcq/
Y@)~52
2tqZq}G0
7-SSm.
~:V|Z'
d+/_q8
I+oW`"!abp%
I.G08e,J[\Xq2&[{*FhyK
H:YF,}(qu
*BEYa
v89S#ct3$%BA1Q
T!ZEvQOI(D+c
XTf"|
W!f0f%[
*1q"qD
9Qvqnk6Is
;6fBmxogV^QQRqlhR>t
3uY]}cKMIW
e,T[ MpATLU
Y$-Ls)~
V9$7Q_@
OD*1@@
B<B[wZ^-@
!9K9DwB`
R<RL-9ET
c7UAk0
:>f^"FQh
>BAd};MZse
x3##)Uu
F*@`9e
|b1w:dA
Qt}5}l,^3ky : e$|
pST`Ow/
V}o#KJ'`mb7
,ULN`w|uYzR
IR?`1inV
f)`z|H
DJTGb$n
;vQn@2`@@
IPM0L@
@5k`}7
/;OfjmR
,w$~Fcd I(ylzCd
lYyFyN
! {R.o;=
}#mVLKU-k
eB]kul
81;DN1V?S+`
!nZ"Ma "^1nj
IDL\AwVuls
10^P*/=N
>]14*
*5zX0^8`
OXu$E\N0b&v
nm2v5p
ZzJ;j!
HxG#8T)
1e[W>w
5)5O@O
G-Q; ze(#?Mi{N
8q0=e}
hen4@kZ
EPSL5k2
;Hmg{$
@ U,}G
@rOLb&
H.(P4N&m-9JW)
trW<6S
,)U8OgB7kikWk
Rk%:s;P
5(H8(j
"!sa,0z
=FSae7bx5
xUQN?SB
=c-_E{V-
<{B[J6&
sp osPr:
%#C_\\Vpy
RuPfv!
;]&Ps;
Cym9pR@
j8ApL;
~tr@k4
J4Ph.8fJ
Y4\"0w
{j .Lf
gNRBd3e(\9
C~X0r+%S29|>|
s}Dup&E
g.]K@g
pFj94:li.ikqzW0
j:=P6uAr
5NNwS*
qfi- ")slr#C
H !2"*Yzy(.`#\$DF
;1S5r`
&Yw$Th!G
GCCVT~YW`X)NI9l3l[Uo+
~42v",Xz<
.AQas!%]
4UXuk}xWNd
Y.1ms.
Llz@2\O
d;}7TspuG2
;:45I
7SmE;V
Krz|_&+>?1U
4)-<Nokn
&e<e_!
hK$elnGZKPD
\s:z|I;RBKFO_`
tsE)cS:
J#n3|:
/%ox${
=1>2?J
71C3\F
q> ~~E
Fpo!a,c
b.,q8)
Tmm1#^!cbB
VD1` Cqs&
pBg2Gh-a
K||oqj]
rU"nGFU;2
>/~vZx;
W@:l>6
dhcI..\<
o|1k,H~'m
D46e/=)CZ
LS<-rQ#-G!%$
@x|o9l-)^%gmyn
zM8djGms!cPJ
h?RZZZO]Zo
~|g$;\[4G/!L
u0]lux
da$ 4M )
VT!o$bdx*u
uB@u>}z?8
D xDU ?u?
y.vL'W
r_y0M?
@he,$,
{,\p!ORvUIJwxwU
W^i@;C
5EMk et'AX/
oMm"JVmO\/
pc.'p{a2%
{/~rW9,
[\.m",+Vk*
\e,DD#Xc(% nue3|zn)qs,Ac--
)|!`GXOI
]o2Oe,
KgiZuhp
?uRi@{@
y\<Wy`V
.ukr.y/&LOy
zhap5Iy>
R S&_k:
cY s5v
*8}(qi[f6`
/G\\%6s^PwS#k`X
+,QecU7
]J=c~<cc!Z
p&dElc|
~]*M:\emOc
11`(iYKY
v^18"r-q.x
7M$F=X
I@{Hhu!A;
:?1E$9NO
*J>=<r
d.U~g]ZJ
-H#$aX]2
zr:m)fA
{c>w2dZM
qL(y
lC2Lvo+
]s\_I=
/GSqW<
TRhOn8
@w?'x<:
INkfy?gy
_NR?MVP-6E#
)Bo>+dVb?.ZnF
VVOGz[9Y2k
iIQVT*J
NT[[iz}<F[s
C)OQj@
]E$/{,
JuNj#RA4Cui5
OJ$K%V8"
OhhG`GAiC]G
SA^x0F;T'
zhhakD
tg*ueUjNld;
!M}ZW[h
iTRtui
Jw~Y](
cONKZB
=G'X2t:
kyT<f8;.
6= vWsZ
\?i+6{z{Yk#!SZ
Tz15@a
=.+>;uMF^
:Smtw#
Wo ~]*
u#BR}O
iF]ETU_
4/20/2019 4/20/2019 4/21/2019 14/24/2019 4/24/2019 4/27/2019
Photoshop 3.0
'File written by Adobe Photoshop 4.0
Rb34rC
UeuF'Vfv7GWgw
B#R3$brCS
dEU6teuFVfv'7GWgw
'File written by Adobe Photoshop 4.0
b$r%C4Scs5D'6
eufv7GWgw8HXhx)9IYiy*:JZjz
Rbr3$4C
'dtU7()
euFVfvGWgw8HXhx9IYiy*:JZjz
4/30/2019 PNG
tEXtSoftware
Adobe ImageReadyqe<
#iTXtXML:com.adobe.xmp
<?xpacket begin="
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.154911, 2013/10/29-11:47:16 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CC (Macintosh)" xmpMM:InstanceID="xmp.iid:E1D36F5BB9BB11E3B557EB674C8A3D9B" xmpMM:DocumentID="xmp.did:E1D36F5CB9BB11E3B557EB674C8A3D9B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E1D36F59B9BB11E3B557EB674C8A3D9B" stRef:documentID="xmp.did:E1D36F5AB9BB11E3B557EB674C8A3D9B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
IDATxb?
?{zzv]r$L
5/1/2019 15/2/2019 5/2/2019 BM
wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww5/4/2019 5/7/2019 BM
'P'M'''M''
$?-&-,
'''''M
'P'P''P'
M'P'''
'''MM''M'P'
'''M'M
6"***((
'P'M''
*2&((((.
S<;;#
"6*=--2
#;;;;;#
6*----H(.(%B$
#;;;;+$
"*=----
EA;;;+;
*=---=-&%(7
#<;;;;;
K*=-=-%=&%..$
;+++;.;;+
A;;;+;
=---=--*7
A<A<<;;+$$
"*&&&&%=?,,
<A;+<SA
"*=*2*
;<<+;+
**-=-*
A+< + A
#A;++ S
.777?7&%(&
&2?2&2?2*&**"
,*B%%%?%-?7?
%%B-%%>%&B
2.%%B%%II->=>&
2%%B%>%%?>NNI>%
B9O>%%%--NYNN
;::;+
(%9%%9I-?%INN9
7:%..
$(:O:%:.(
::::B%.
%?2-2&=2%
W7&U7&7&7W
$*%---&
*&=-?&*
<<A####
.%?%&,$$
##<A;+<##
$;..$E
$S.;.
$ 7$;S
R$77R77$$
*7%%%%777U7&%,$,$
AA++++
#+++::(
++:::
2%-&2.--
++::%(
#++%:(3
(:%%(3
#+:%O%
*-?*22
*---*-(
2%(A
%%9%2=-&&2%#</
:%>9>9-&29+/A#
(%O>->2
2/####
*"6K"KK6F
&%%%%.$$
%%>>%%
%9B>%%%
(%..2%%&
G##<//
#<<<AV
&&*&,"
//### + +
<<++ #
/##<++
&B%>%.$$
###< +#
(%::(+
%%>>%%7
(B9>>>-B
%%%92%7
,?I2?&
(.%%%%
(((( 3
+((.%9923
(::%:2
.%9%%%
$*.%.
**=*-*.
(%9%>9-%2
B2%>9>>-----
(+.;;:
((( A
,$ ;:$$
(%O%%%.(
+::%999
&%%9?%$$7
%9>>%%.
;;; $
(%B>>>-B
(...?9%9-%?&7"
%I--?&
&&---%-,&,
&B=%&?
<++++
+# <+A<;<< #
####+<+<
$ $#$$$$
....(3
#++;++
, ( $$
*&9>O=
*-92?*
*-9I9-
&->99%&
--9-9-&&"
/#::%9
2I9>9>-&
,2-999-%*
&----&&
6-2*"K
8"*=2**!
+:::%:
(%%%:, $$
(+(%:%.(
%B%B.$
(++(;:+++++(..%(
%%99>I9-%&
,&%%%2&&W*-=I2"
(.2%&2&*&&
H-22(&
++;.+
****---2&-
-9>99&
######+#/
,&=%&,,
+;:.::%%.&
( ((:B%B.%(7
$&(2%%
((%B%-7
?9%%9?
,(%%9>9-
%I9>9-%&
.-%>-9-=7,,
?%99>>-%&&7$
%%%I-I-I-%,
7%B>ZN>?&,
79>YN9=,
7%%II=7$
*&%-922.(
-->>N%9.(
%9ON>>9%-%&
(99O>9%&2-9%-%-2
2%%99B(
%2%B9B
(:..&
%9%%2&
29>9--2
*9N>>2&&*-292
&->N>9--*&2?
*>>--2=&2
292--*
'''''''MP''''
*-*--*"
''''''P'M'P''''
5/10/2019 1BM,
&BR1 Jp
m111\PTu))))n
HHHHzt?333a{s
eAAA@y
}$###x
>+++@iiiiy
d;;;;R
XG99:plIIIIKz
DEEFF`=2222Nd
VWWDWQ '''(Cr
5/11/2019 5/11/2019 BM8h
mmmmmgm
ggmmmmmnsnsn
snnnmm
llnsnsnnsssng
lsssssn
sssssnnnnssmms
ssssnsssn
lnssnnnsnssnsnsm
lsssnssm
lrmssssssnssmnsm
msnnssssmmnlmsssssssssn
nssnssssmmsmm
ssssnssmgnn
llmmmsssssssssnsm
rssssssnnsms
mssssnsssnmms
mnsnsssnsssnsn
lmsssnsssssss
mmlmnssssnssnsssnnm
rmssnnssssss
mmmsssnsnsnssssssmmmnnsnnmm
snssssssnnssssnsmg
mnssnsssssnsssnsnsnssssnnsmm
ssnsssssnnssnssnnsnsmmm
snsssssssnssssnsssnssm
mmmnsssssnnssnssssss
msnsnssnsssnsssnsssnsnnsnsssmmg
mmmmmsnssssnssssnsssnsssnnm
mmsnsssnssnssnsssnnsssm
mmmnsssssssnnsnssnnssssns
msnssssssssssssnssnnm
mmmmgsnssssssssnsssnssss
mmmnssnsnnsnnssnsnsnssssss
mmmmmmmmnssssssnsnsnssssns
mrmmmm
nnssssssnssssnssnsnss
mmssssssnssssssssn
mmnnnsssnsssssssnsnssssssn
mmmmmlmmm
mmmmmmmsssssnsnsssm
mmmnsnsssssssnsssssssssssm
mmmnsnssnssnsssnmmm
mmmmmnnsssnssnssnnssssssnsm
mmmmmmmsnnsssnnssnsmm
mmmmsnssssssssssssmm
mmmnsnsnsssnnmm
mmmmsnsssnsnssnsssmmmmmm
mmmgmsn
gmnmmm
mmmmgm
gmmmnnn
mmmmmn
mmmmsn
mmmnnm
mmnnmnmm
gmmmmnmmsnnnn
mmmnnmn
mmmnmm
mmmgnmmmnmmm
nnnnnnm
mnnnmnmnnsmnmmmm
nnnssmmnnn
nnnnnnn
mnnnnnnnnn
mmsnsnnsg
mmsnnmnnsnm
mnmnmmmnnnn
mmmnsnnnnnnsm
nmnnnnmsn
mmnmnnmmnnmg
mnmnmnnnmmmm
mnnmnnnmnnsnnnm
nmnmmnnmmm
mnmnnmnnnnmnmmmmm
gmmnnnmmsnmmm
nmnnnmnnnmm
mmmmmnmnnmm
mmnnmmnnnnmm
mnmnnnmm
mmmmmmm
nnnnnmmg
gmmnnn
gmmmmmmmmmmmm
mmmmmm
mmmmmmm
QCFWYSKMHARLAFTMDAYCDPDNVLLXYAHYJQVDDKWMWZXTODMVQHOWYAKZGPKJEHLDEADLWAOYFHCRBONQYOLNJKXLXXPSVNNBUMGSSHSRYIKKLNWBJSSZQFZBFWIPYYALBWYXPUCHCBPPPRVICZHAAXDBSBDAFSJSLRPZCKMILDLKTZJTTJWTRDUXPIOSWYRPJKVLJAGHSGEPPERRAQLAJLIRGZPORRNBHIKYMYWHJJKNXIQOPDJPXFLFPWXDCSZYFDTACTIFVHTTSPLEYMJQGMJBZKBTPKCSRPHSAJZDKKKDYFDICXMYAQSFGBCKRXTFXXUYCXPOOHXIGGOZQXUOJXGUHUEOJLEOQQRFQRNQSWAOWAWOUVFMKBPTZVBCGRCYEHPXUWCDBHICKJYVGTNPPMEWNTSWYZNREIVBOXSICNBJXTOOMRYUPEHBVWMTIZHWLGFFTIUYFBQKZOWLOZMSGJFBUHXKMGISFGKCABOUUUQJAUODQPPYPQJGLZVADLCCGHPBEUWSDDXYCCQVTRQWCEJDTNAGHKGJTRWVAQBQJBUQWMJRXXASIQFFIUCPKMEXTJTVBDCBEYZDLKHCHQXMUBNRVRITBTYGULZYWAXVJAXNQEPONBFIAUWZCXQYHHPHZWKKUTNXAQELCSUFKXKKQLLKNVNOREOWTEVCFHSUGPNRMAPAFPTHPGPAJPOCFBZXTIYQYUSEJFOUEZDUJSRXDHTOZAMMNCCIXWLXFQZALVARMPTDBNFJAJUMFQAHUJVWMEIDRIMZQXYHMCNBVLONHTHCXFAKSQBBXFBBFYSTIWNRKGOIHMIHZKIQSYCSFIRGLYFATERWSKAZLTFNMKHFVBLMXNERMNYZHBEYHNFPIPCGHZZMBNNYITUETKSXMZHNSGROLAGIITATFDCBZCBLYQHHYFPBDWGCTQNYPHDHFBNVEJJDIVMSPKDXKQBUNSMLJDVGOKQUEVKEVEUUSGEQJDKGYLPIDXNBIPBAJRUULLUXKW
c�o�n�n�e�c�t�e�d�_�m�u�l�t�i�p�l�e�_�b�i�g�
A�d�o�b�e� �P�h�o�t�o�s�h�o�p�
A�d�o�b�e� �P�h�o�t�o�s�h�o�p� �6�.�0�
f�f�f�3�3�f�
c�o�n�n�e�c�t�e�d�_�m�u�l�t�i�p�l�e�_�b�i�g�
A�d�o�b�e� �P�h�o�t�o�s�h�o�p�
A�d�o�b�e� �P�h�o�t�o�s�h�o�p� �6�.�0�
f�f�f�3�3�f�
Hosts
| IP |
|---|
| 114.114.114.114 |
| 8.8.8.8 |
DNS
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| dns.msftncsi.com |
A 131.107.255.255
A 131.107.255.255 |
131.107.255.255 |
| dns.msftncsi.com | AAAA fd3e:4f5a:5b81::1 | 131.107.255.255 |
TCP
No TCP connections recorded.
UDP
| Source | Source Port | Destination | Destination Port |
|---|---|---|---|
| 192.168.56.101 | 53179 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 49642 | 224.0.0.252 | 5355 |
| 192.168.56.101 | 137 | 192.168.56.255 | 137 |
| 192.168.56.101 | 61714 | 114.114.114.114 | 53 |
| 192.168.56.101 | 61714 | 8.8.8.8 | 53 |
| 192.168.56.101 | 56933 | 8.8.8.8 | 53 |
| 192.168.56.101 | 138 | 192.168.56.255 | 138 |
| 192.168.56.101 | 58485 | 114.114.114.114 | 53 |
| 192.168.56.101 | 57665 | 114.114.114.114 | 53 |
HTTP & HTTPS Requests
No HTTP requests performed.
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
Snort Alerts
No Snort Alerts
Sorry! No dropped files.
Sorry! No dropped buffers.