From 5313f573502a2849357cf0b60c9bdc45133e2d24 Mon Sep 17 00:00:00 2001 From: Bert-Janp Date: Mon, 17 Jul 2023 21:29:37 +0200 Subject: [PATCH] MISP Initial Commit --- .../MISP-CVE-MetasploitExploits.txt | 8 ++ .../MISP-IP-AbuseCH-IPBlocklist.txt | 21 +++++ .../MISP-IP-BlocklistDE.txt | 12 +++ .../MISP-IP-CINSscore.txt | 12 +++ .../MISP-IP-DiamondFoxPanels.txt | 15 ++++ .../MISP-IP-FeodoIPBlocklist.txt | 13 +++ .../MISP-IP-IPSum-Level1.txt | 12 +++ .../MISP-IP-IPSum-Level2.txt | 12 +++ .../MISP-IP-IPSum-Level3.txt | 12 +++ .../MISP-IP-IPSum-Level4.txt | 12 +++ .../MISP-IP-IPSum-Level5.txt | 12 +++ .../MISP-IP-IPSum-Level6.txt | 12 +++ .../MISP-IP-IPSum-Level7.txt | 12 +++ .../MISP-IP-IPSum-Level8.txt | 12 +++ .../MISP-IP-MiraiSecurity.txt | 12 +++ .../MISP-IP-ProofPoint.txt | 12 +++ .../MISP-MD5-AbuseCH-MalwareMD5.txt | 9 ++ .../MISP-URL-DiamondFoxPanels.txt | 13 +++ MISP/Feeds/README.md | 80 ++++++++++++++++++ MISP/Feeds/Sentinel/README.md | 5 ++ MISP/Images/KQL MISP.png | Bin 0 -> 65784 bytes MISP/LICENSE | 28 ++++++ MISP/README.md | 42 +++++++++ 23 files changed, 378 insertions(+) create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-CVE-MetasploitExploits.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-AbuseCH-IPBlocklist.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-BlocklistDE.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-CINSscore.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-DiamondFoxPanels.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-FeodoIPBlocklist.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level1.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level2.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level3.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level4.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level5.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level6.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level7.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level8.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-MiraiSecurity.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-IP-ProofPoint.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-MD5-AbuseCH-MalwareMD5.txt create mode 100644 MISP/Feeds/Defender For Endpoint/MISP-URL-DiamondFoxPanels.txt create mode 100644 MISP/Feeds/README.md create mode 100644 MISP/Feeds/Sentinel/README.md create mode 100644 MISP/Images/KQL MISP.png create mode 100644 MISP/LICENSE create mode 100644 MISP/README.md diff --git a/MISP/Feeds/Defender For Endpoint/MISP-CVE-MetasploitExploits.txt b/MISP/Feeds/Defender For Endpoint/MISP-CVE-MetasploitExploits.txt new file mode 100644 index 0000000..a81a417 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-CVE-MetasploitExploits.txt @@ -0,0 +1,8 @@ +let MetaSploitExploitsWithAssignedCVE = externaldata(cveid: string)[@"https://feeds.ecrimelabs.net/data/metasploit-cve"] with (format="txt", ignoreFirstRecord=True); +DeviceTvmSoftwareVulnerabilities +| where CveId in~ (MetaSploitExploitsWithAssignedCVE) +| summarize + TotalVulnerabilities = dcount(CveId), + Vulnerabilities = make_set(CveId) + by DeviceName +| sort by TotalVulnerabilities \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-AbuseCH-IPBlocklist.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-AbuseCH-IPBlocklist.txt new file mode 100644 index 0000000..2349ca3 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-AbuseCH-IPBlocklist.txt @@ -0,0 +1,21 @@ +let MISPFeed = externaldata(IP: string)[@"https://feodotracker.abuse.ch/downloads/ipblocklist.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where IP matches regex IPRegex + | distinct IP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder + Timestamp, + ActionType, + RemoteIP, + RemotePort, + LocalPort, + Protocol, + DeviceName, + InitiatingProcessCommandLine, + InitiatingProcessFolderPath \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-BlocklistDE.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-BlocklistDE.txt new file mode 100644 index 0000000..a700e02 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-BlocklistDE.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://lists.blocklist.de/lists/all.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-CINSscore.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-CINSscore.txt new file mode 100644 index 0000000..9656656 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-CINSscore.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://cinsscore.com/list/ci-badguys.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-DiamondFoxPanels.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-DiamondFoxPanels.txt new file mode 100644 index 0000000..7a81a86 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-DiamondFoxPanels.txt @@ -0,0 +1,15 @@ +let MISPFeed = externaldata(Row: string)[@"https://raw.githubusercontent.com/pan-unit42/iocs/master/diamondfox/diamondfox_panels.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + // extract the url or ip from a website https://10.10.10.10/malware.exe will return 10.10.10.10 and https://malicious.zip/malware.exe will return malicious.zip + | extend DomainOrIP = extract(@'//(.*?)/', 1, Row) + | extend DomainOrIPToLower = tolower(DomainOrIP) + | where DomainOrIPToLower matches regex IPRegex + | distinct DomainOrIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-FeodoIPBlocklist.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-FeodoIPBlocklist.txt new file mode 100644 index 0000000..1f5e776 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-FeodoIPBlocklist.txt @@ -0,0 +1,13 @@ +let MISPFeed = externaldata(Row: string)[@"https://feodotracker.abuse.ch/downloads/ipblocklist.csv"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | extend IP = extract(IPRegex, 0, Row) + | where isnotempty(IP) + | distinct IP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level1.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level1.txt new file mode 100644 index 0000000..6e3b66b --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level1.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/1.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level2.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level2.txt new file mode 100644 index 0000000..10bee53 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level2.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/2.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level3.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level3.txt new file mode 100644 index 0000000..d21b720 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level3.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/3.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level4.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level4.txt new file mode 100644 index 0000000..8ad8298 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level4.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/4.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level5.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level5.txt new file mode 100644 index 0000000..469c879 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level5.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/5.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level6.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level6.txt new file mode 100644 index 0000000..9a45493 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level6.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/6.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level7.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level7.txt new file mode 100644 index 0000000..f7b20af --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level7.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/7.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level8.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level8.txt new file mode 100644 index 0000000..39a7fe8 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-IPSum-Level8.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://raw.githubusercontent.com/stamparm/ipsum/master/levels/8.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-MiraiSecurity.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-MiraiSecurity.txt new file mode 100644 index 0000000..454933d --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-MiraiSecurity.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://mirai.security.gives/data/ip_list.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-IP-ProofPoint.txt b/MISP/Feeds/Defender For Endpoint/MISP-IP-ProofPoint.txt new file mode 100644 index 0000000..6cec0e4 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-IP-ProofPoint.txt @@ -0,0 +1,12 @@ +let MISPFeed = externaldata(DestIP: string)[@"https://rules.emergingthreats.net/blockrules/compromised-ips.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousIP = materialize ( + MISPFeed + | where DestIP matches regex IPRegex + | distinct DestIP + ); +DeviceNetworkEvents +| where RemoteIP in (MaliciousIP) +| extend GeoIPInfo = geo_info_from_ip_address(RemoteIP) +| extend country = tostring(parse_json(GeoIPInfo).country), state = tostring(parse_json(GeoIPInfo).state), city = tostring(parse_json(GeoIPInfo).city), latitude = tostring(parse_json(GeoIPInfo).latitude), longitude = tostring(parse_json(GeoIPInfo).longitude) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-MD5-AbuseCH-MalwareMD5.txt b/MISP/Feeds/Defender For Endpoint/MISP-MD5-AbuseCH-MalwareMD5.txt new file mode 100644 index 0000000..7fb46b2 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-MD5-AbuseCH-MalwareMD5.txt @@ -0,0 +1,9 @@ +let MISPFeed = externaldata(MD5: string)[@"https://bazaar.abuse.ch/export/txt/md5/recent"] with (format="txt", ignoreFirstRecord=True); +let MD5Regex = '[a-f0-9]{32}'; +let MaliciousMD5 = materialize ( + MISPFeed + | where MD5 matches regex MD5Regex + | distinct MD5 + ); +DeviceFileEvents +| where MD5 has_any (MaliciousMD5) \ No newline at end of file diff --git a/MISP/Feeds/Defender For Endpoint/MISP-URL-DiamondFoxPanels.txt b/MISP/Feeds/Defender For Endpoint/MISP-URL-DiamondFoxPanels.txt new file mode 100644 index 0000000..11c5be9 --- /dev/null +++ b/MISP/Feeds/Defender For Endpoint/MISP-URL-DiamondFoxPanels.txt @@ -0,0 +1,13 @@ +let MISPFeed = externaldata(Row: string)[@"https://raw.githubusercontent.com/pan-unit42/iocs/master/diamondfox/diamondfox_panels.txt"] with (format="txt", ignoreFirstRecord=True); +let IPRegex = '[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}'; +let MaliciousDomain = materialize ( + MISPFeed + // extract the url or ip from a website https://10.10.10.10/malware.exe will return 10.10.10.10 and https://malicious.zip/malware.exe will return malicious.zip + | extend DomainOrIP = extract(@'//(.*?)/', 1, Row) + | extend DomainOrIPToLower = tolower(DomainOrIP) + | where not(DomainOrIPToLower matches regex IPRegex) + | distinct DomainOrIP + ); +DeviceNetworkEvents +| where RemoteIP has_any (MaliciousDomain) +| project-reorder Timestamp, DeviceName, RemoteIP, RemotePort, InitiatingProcessAccountName \ No newline at end of file diff --git a/MISP/Feeds/README.md b/MISP/Feeds/README.md new file mode 100644 index 0000000..497b94e --- /dev/null +++ b/MISP/Feeds/README.md @@ -0,0 +1,80 @@ +# MISP FEEDS + +| Feed Name | Provider | Feed Format | Sentinel | Defender For Endpoint | Notes +| --- | --- | --- | --- | --- | --- | +| [abuse.ch SSL IPBL](https://sslbl.abuse.ch/blacklist/sslblacklist.csv) | abuse.ch | csv | ||| +| [blocklist.de/lists/all.txt](https://lists.blocklist.de/lists/all.txt) | blocklist.de | freetext | | :heavy_check_mark: || +| [blockrules of rules.emergingthreats.net](https://rules.emergingthreats.net/blockrules/compromised-ips.txt) | rules.emergingthreats.net | csv | | :heavy_check_mark: || +| [ci-badguys.txt](https://cinsscore.com/list/ci-badguys.txt) | cinsscore.com | freetext | | :heavy_check_mark: || +| [CIRCL OSINT Feed](https://www.circl.lu/doc/misp/feed-osint) | CIRCL | misp | ||| +| [diamondfox_panels](https://raw.githubusercontent.com/pan-unit42/iocs/master/diamondfox/diamondfox_panels.txt) | pan-unit42 | freetext | | :heavy_check_mark: || +| [DigitalSide Threat-Intel OSINT Feed](https://osint.digitalside.it/Threat-Intel/digitalside-misp-feed/) | osint.digitalside.it | misp | ||| +| [DNS CH TXT version.bind](https://dataplane.org/dnsversion.txt) | dataplane.org | csv | ||| +| [DNS recursion desired IN ANY](https://dataplane.org/dnsrdany.txt) | dataplane.org | csv | ||| +| [DNS recursion desired](https://dataplane.org/dnsrd.txt) | dataplane.org | csv | ||| +| [Feodo IP Blocklist](https://feodotracker.abuse.ch/downloads/ipblocklist.csv) | abuse.ch | csv | | :heavy_check_mark: || +| [firehol_level1](https://raw.githubusercontent.com/ktsaou/blocklist-ipsets/master/firehol_level1.netset) | iplists.firehol.org | freetext | ||| +| [IP protocol 41](https://dataplane.org/proto41.txt) | dataplane.org | csv | ||| +| [ipspamlist](http://www.ipspamlist.com/public_feeds.csv) | ipspamlist | csv | ||| +| [IPsum (aggregation of all feeds) - level 1 - lot of false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/1.txt) | IPsum | freetext | | :heavy_check_mark: || +| [IPsum (aggregation of all feeds) - level 2 - medium false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/2.txt) | IPsum | freetext | | :heavy_check_mark: || +| [IPsum (aggregation of all feeds) - level 3 - low false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/3.txt) | IPsum | freetext | | :heavy_check_mark: || +| [IPsum (aggregation of all feeds) - level 4 - very low false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/4.txt) | IPsum | freetext | | :heavy_check_mark: || +| [IPsum (aggregation of all feeds) - level 5 - ultra false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/5.txt) | IPsum | freetext | | :heavy_check_mark: || +| [IPsum (aggregation of all feeds) - level 6 - no false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/6.txt) | IPsum | freetext | | :heavy_check_mark: || +| [IPsum (aggregation of all feeds) - level 7 - no false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/7.txt) | IPsum | freetext | | :heavy_check_mark: || +| [IPsum (aggregation of all feeds) - level 8 - no false positives](https://raw.githubusercontent.com/stamparm/ipsum/master/levels/8.txt) | IPsum | freetext | | :heavy_check_mark: || +| [malshare.com - current all](https://malshare.com/daily/malshare.current.all.txt) | malshare.com | freetext | ||| +| [malsilo.domain](https://malsilo.gitlab.io/feeds/dumps/domain_list.txt) | MalSilo | csv | ||| +| [malsilo.ipv4](https://malsilo.gitlab.io/feeds/dumps/ip_list.txt) | MalSilo | csv | ||| +| [malsilo.url](https://malsilo.gitlab.io/feeds/dumps/url_list.txt) | MalSilo | csv | ||| +| [Malware Bazaar](https://bazaar.abuse.ch/export/txt/md5/recent/) | abuse.ch | csv | | :heavy_check_mark: || +| [MalwareBazaar](https://bazaar.abuse.ch/downloads/misp/) | abuse.ch | misp | ||| +| [Metasploit exploits with CVE assigned](https://feeds.ecrimelabs.net/data/metasploit-cve) | eCrimeLabs | csv | | :heavy_check_mark: || +| [PhishScore](https://phishstats.info/phish_score.csv) | PhishStats | csv | ||| +| [Phishtank online valid phishing](https://data.phishtank.com/data/online-valid.csv) | Phishtank | csv | ||| +| [pop3gropers](https://home.nuug.no/~peter/pop3gropers.txt) | home.nuug.no | csv | ||| +| [sipinvitation](https://dataplane.org/sipinvitation.txt) | dataplane.org | csv | ||| +| [sipquery](https://dataplane.org/sipquery.txt) | dataplane.org | csv | ||| +| [sipregistration](https://dataplane.org/sipregistration.txt) | dataplane.org | csv | ||| +| [SMTP data](https://dataplane.org/smtpdata.txt) | dataplane.org | csv | ||| +| [SMTP greet](https://dataplane.org/smtpgreet.txt) | dataplane.org | csv | ||| +| [SSH Bruteforce IPs](https://feeds.honeynet.asia/bruteforce/latest-sshbruteforce-unique.csv) | APNIC Community Honeynet Project | csv | ||| +| [sshpwauth.txt](https://dataplane.org/sshpwauth.txt) | dataplane.org | csv | ||| +| [Telnet Bruteforce IPs](https://feeds.honeynet.asia/bruteforce/latest-telnetbruteforce-unique.csv) | APNIC Community Honeynet Project | csv | ||| +| [TELNET login](https://dataplane.org/telnetlogin.txt) | dataplane.org | csv | ||| +| [The Botvrij.eu Data](https://www.botvrij.eu/data/feed-osint) | Botvrij.eu | misp | ||| +| [threatfox indicators of compromise](https://threatfox.abuse.ch/export/csv/recent/) | abuse.ch | csv | ||| +| [Threatfox](https://threatfox.abuse.ch/downloads/misp/) | abuse.ch | misp | ||| +| [Tor ALL nodes](https://www.dan.me.uk/torlist/) | TOR Node List from dan.me.uk | csv | ||| +| [URL Seen in honeypots](https://feeds.honeynet.asia/url/latest-url-unique.csv) | APNIC Community Honeynet Project | freetext | ||| +| [URLHaus Malware URLs](https://urlhaus.abuse.ch/downloads/csv_recent/) | abuse.ch | csv | ||| +| [URLhaus](https://urlhaus.abuse.ch/downloads/misp/) | abuse.ch | misp | ||| +| [VNC RFB](https://dataplane.org/vncrfb.txt) | dataplane.org | csv | ||| + +# Unsupported Feeds: + +Some feeds that are mentioned on [MISPs Feed page](https://www.misp-project.org/feeds/) cannot be implemented in KQL, this is due to various reasons mentioned below. + +| Feed Name | Provider | Reason +| --- | --- | --- | +| [alienvault reputation generic](https://reputation.alienvault.com/reputation.generic) | .alienvault.com | Externaldata(), does not support this datatype.| +| [All current domains belonging to known malicious DGAs](https://osint.bambenekconsulting.com/feeds/dga-feed-high.csv) | osint.bambenekconsulting.com | Commercial licence requried for the feed | +| [blocklist.greensnow.co](https://blocklist.greensnow.co/greensnow.txt) | greensnow.co |Externaldata(), does not support this datatype.| +| [cybercrime-tracker.net - all](https://cybercrime-tracker.net/all.php) | cybercrime-tracker.net | Externaldata(), does not support this datatype.| +| [CyberCure - Blocked URL Feed](https://api.cybercure.ai/feed/get_url?type=csv) | www.cybercure.ai | The remote server returned an error: (405) Method Not Allowed. | +| [CyberCure - Hash Feed](https://api.cybercure.ai/feed/get_hash?type=csv) | www.cybercure.ai | The remote server returned an error: (405) Method Not Allowed. | +| [CyberCure - IP Feed](https://api.cybercure.ai/feed/get_ips?type=csv) | www.cybercure.ai | The remote server returned an error: (405) Method Not Allowed. | +| [Domains from High-Confidence DGA-based C&C Domains Actively Resolving](https://osint.bambenekconsulting.com/feeds/c2-dommasterlist-high.txt) | osint.bambenekconsulting.com | Commercial licence requried for the feed | +| [http://cybercrime-tracker.net gatelist](https://cybercrime-tracker.net/ccamgate.php) | http://cybercrime-tracker.net | Externaldata(), does not support this datatype.| +| [http://cybercrime-tracker.net hashlist](https://cybercrime-tracker.net/ccamlist.php) | [http://cybercrime-tracker.net](http://cybercrime-tracker.net) | Externaldata(), does not support this datatype.| +| [ip-block-list - snort.org](https://snort.org/downloads/ip-block-list) | [https://snort.org](https://snort.org) | Access to persistent storage path 'https://snort.org/downloads/ip-block-list' was denied | +| [IPs from High-Confidence DGA-Based C&Cs Actively Resolving - requires a valid license](https://osint.bambenekconsulting.com/feeds/c2-ipmasterlist-high.txt) | osint.bambenekconsulting.com | Commercial licence requried for the feed | +| [mirai.security.gives](https://mirai.security.gives/data/ip_list.txt) | security.gives | Externaldata() timeout. | +| [Panels Tracker](https://benkow.cc/export.php) | Benkow.cc | Externaldata(), does not support this datatype.| +| [This list contains all browser mining domains - A list to prevent browser mining only](https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_browser.txt?inline=false) | ZeroDot1 - CoinBlockerLists | Read from IStreamSource failed | +| [This list contains all domains - A list for administrators to prevent mining in networks](https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list.txt?inline=false) | ZeroDot1 - CoinBlockerLists | Read from IStreamSource failed | +| [This list contains all optional domains - An additional list for administrators](https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_optional.txt?inline=false) | ZeroDot1 - CoinBlockerLists | Read from IStreamSource failed | +| [Tor exit nodes](https://www.dan.me.uk/torlist/?exit) | dan.me.uk | Data is shared in the ALL Nodes feed, otherwise double data is used | +| [VXvault - URL List](http://vxvault.net/URL_List.php) | VXvault | Externaldata(), does not support this datatype.| +| [OpenPhish url list](https://openphish.com/feed.txt) | openphish.com | Partial query failure: Unable to perform requested operation. (message: 'Error with persistent storage path 'https://openphish.com/feed.txt' (operation 'CreateFileRef'). | \ No newline at end of file diff --git a/MISP/Feeds/Sentinel/README.md b/MISP/Feeds/Sentinel/README.md new file mode 100644 index 0000000..4ffd4d1 --- /dev/null +++ b/MISP/Feeds/Sentinel/README.md @@ -0,0 +1,5 @@ +# Sentinel + +At this moment the Sentinel queries have not been implemented yet. If you want to use queries in Sentinel use the [Defender For Endpoit](../Defender%20For%20Endpoint/) queries and change the Timestamp to TimeGenerated to continue. + +For better results also add a union to include CEF and Syslog events. This will be implemented in later phases as well. \ No newline at end of file diff --git a/MISP/Images/KQL MISP.png b/MISP/Images/KQL MISP.png new file mode 100644 index 0000000000000000000000000000000000000000..45ff20650c03bca8c6bb7316ef22503659e6fbc4 GIT binary patch literal 65784 zcmeFZcT^Nh_b#j$02L5(0!(1$Ob!ajq@J8Z&y0#r&NDqTJrPhbVZxjvWm<%LtR^i&K+13~F}i^k;9IK1gj1B_H5_Z=?1#b`0;|I-G8!eB?C@S`wT8Je7m zrJ!)g2L_*x#^KceX|FLEoc|SwPe&mFhJqHS-WBj7MS%?YK%~T4e8UT&P zrX!;NeWp}n)Oalahlt2b46w%ZpIHESzMlrL3<`o14TE@w$f=b6XY_u9$7^vp|7Wu4 zq;%|mZonbP@Sj?}!Eeza4~&R}klA|w+c;8#Wgx2kuMUyhmj7xE;AqTpwt$2uJET@C z1B;;&_5Tsz)F5O3SNkGF)F?z|LR^kN_i9ER|4oE}fo_;)4>LUTKpN0#q4QC%%J)PPrnF`{@np9FcX&Fo^c**F7Q%Y$%Mwwo5#YyD^zV8wFC$eQ!KPKeD9DD;Ae zvKR!T8nGCvf(5D=E&?8n#amojg2YO8qx@o3WE!@RDC9Dd z0r@CevlGR(k?f+7TS-B4I3lLjYr)cq4lhry7R%WpznkYo(fw|=P#Lfb0Vhr3GRZJV z!~$Td->w9-Xf{rwpc@SwMBNelB_QghQrL8cF`%L#RVpX)-JvCOk+Lyt45|RSL1qY( zh{TY`Y;gOX3Zfe^3RYxDbheB{#32&^0$wf2DyEnPI1esPXuTR*^@G$PwFwBDRf1#In=@r-?%*T6rkM=Kx2PHbIlyxhQ}x!+J!T1o*=y8BL}qF!Xw(#3u--SWLFuKm&pSzd=d@ z)moCmC_>TfI3LZ2F(FZ%O2CVZpqg!_su(h{lJ78knM}~mR$`!l$*b~4;)K|Z*Vz;d ziOZ{X6No;l7iFPX@p3PTEGH2tI+X?yqhRpKSQtgb!xlP^Mx;=^0zN_G2-}G)msaZ_ zz$h_WNoS($CP^5__IraYAw~q7S#B$hZQ?P>L6^lLQ}WPZ5}p7d@}z(r3_#{U0FPFR z+<;m|aS=UAD#uI<(7C7($M3;&xiq$0E5tIzJTzBf7vq#@KZjz|FpPFH>_aoqavV`+ zlUZ3Rht%!%>Rkq=#{l(jG9X_z+s*W-;+JJeG{-i@7AGg{WkB^?ZelhzkgI5m0s%ef1MNlzgg4>CY!b+0t1V6o?BR)t4vUn7rDNP^gNG%?Ni;r` zoum>N^=6rsN5#7ZcApU|Dqf1VPn4&NZV&Hv3Ka*qv@hUBk13+Aehf#>wL8(8W z3sW^=fnKQ+3(;}|AtVANQnA$Ib*r&H&;Yq`VylhmQ7TAszR*oqxXcCyG8+r1@_XD; zhY~CDsC+P2A|x5*ES!d?(Q!h0G?$Ly>o9HYqqfE z3L62BLi^c9M5x#SOPC@OQ-R=XDhqI0Tn>(k7t}}r0vzDVP(c#WO)vyq4u#UMu`@xW z6%+vNAsmIqfkP&zR|dI4Ziks-1B7z1Or*yPopv)Dl)9-w3hlNiRghfJ_ z?`LovYP$^YF|hayHbz5mW7JfiL>=HNX$Aq?CJl&eKBrDB)|?Rl16u9y5yyYl3d4!H9zKT9m=Wl6f6?no%H@1_8ef zFO~%e8XbscqRCXV)gpoe3aJ_^B!Vb^n8o*4*i0uB28dV*mgN#cCQ1kg!wwS2H6h}? z7{82VfVpnF9qsj*>4Gq1a}iv07S|*a6Le}dU1ofeC1e|j3ZoTvasqrb(k$%K@-YyN!j@<k@=Y$7%dv`mW+$CN zXJZ8-2iYevhN)&1*MN31HFAqVLy&V!Fx{YYp=2(fnIs6xymSgok_*YmHVFtEdWnQD z)A&Ft3Tp!+@CS|ZdI=8L!?*E~oD<;6`68i{L6xJ-Zk1cf1JPuUfeFbORHfT!bJ=)! zHC{wk*`+d#F+g|PeQE|oBkB2QE`f-s+;0$}sayn{0cI@)QVMYjElH*0@gSSmLMF;p zG^X7ucS`I^JVC)x5v`H08h(@I&0K;sO$q;lPo0yy@q#Ho4)T#`s-~bx!A=?81D^0-?@~vX8$wYBT z*#MSBvshS25<_LH_->^*;Fl<=UNyz36M4;M55VwqXhMtCMAy6JRxQd+;R9|xlA-AM zJd+vJ@t_bx9zY@8sdgoWM8>(pRFB$0VyfYQOax0YF27r^HyBOAFit1Y%M1~N5=b3d z5l-hZ%kjQ&h@;d}K^bVqbM+j&fDzzP%rdu%Adn&%ECH(_6SOebM4;igYO6~xz;bXA zC>s!lTzV5810h{VWS8Gz5WzGXAcn&#hmfUH`Uq}2ns4-xL77&pCCD&r0Uq*0bft+y z0Hq>{kOxweK>^@aQGqsn21GbO+G$JNT<7%DwZNlz%fH2l2&8z zi3DhymIGjzRE?Z$MJuc@(`FEBFm4Chucr`jdMSdJcs8M5<71!*3Lc6bbgF{H5XoX! zlUY7QxI`OJTanD(3L=;S(9*pDC4^C^18SkoK!R;*te#CYK?sKMh2=)QhD~Fr)CdBi z`mt&}JK}##8=vC_t!9lBG_&+1ebDYxnL!R9AtCZuC{+*=xlO7t-A|!&MP7qSB84n6 zl~Ssp;7BSyV29jzjgsb)Vgd#^M@?a)%{rUG$kC{DRJ4ada?${kCqO_@kcsWpqt#-( z2N0r^4vvTDQMe6sGK9gJ^j1FTkaIw*RwKqUBk8e;uH?}{MFePaOjd(asKY@nH`Afx zyL>JWq!R^Tr5B5^3qhCD%cIl1C^^v~Kr`(KwAAUG9IHhW0DYPO#x7D~y=eZOlkJf@W_$@JRFe?%JCK_;>8TuBlWAakljNTI5-?nm?X4wm1?Zo zt!Ma%JQLd`GSE3jss^uS$TUH;k}i~DRThH4=VhstBAEdbmPO#5jH0!miE1LvjQE^BX{q6C&yZVF!d#VB|)j7bf6o z<`6gHjXH1GY8JvMFeJh`JRT*BEs&9U0c7qGleM8~RxI76uxK4ju00FbYSraY7Wd z$0TqPNi3r#l0cboC~O1=;QWZ$0zqSBS_EPU?J|4CtO&k?luU&1!%(qAhLD7;8q4Mk zibxE4FifTfL;fJ*uSilECQ!lz6(^)1u+VfGnvNj^mH$!(qOe8;VKHJK+9U)70vU;e z*QgA38XaZk(z!N8fI~#X0&7^PiNq`wNTWwcQYyq{L=t0IW+PL{e57RMh)Fg!g@Kmf zaiH48i>M_WaXIAbkXiBS2%#iGMbN+4Xr(CJ$UOkY1$>bSiG_GNz@|G891X~vQVE5` zBBQK$HKT#=+k7^XRl1doUsF&vCWX%hul2-PSwd-P!oHo!v(i2@wQ7ZCAzMhe}E zrVvSPoKVRLn)P~+h(+=v01$*FYQGxN%McM%GMN-GMbh(t&Iku|1`C!QKnI-UFisYN z=~k{zCC~|JD7S!!*aOuZ_BfRi4vT>JFBTW!hmAxdUO@2SWq5)F5eV4AFvThIFx>t~ zE{oMbVmr%EhIH64ONUfwiFhTOEF)16niu){KTPlc2knbSiN!&iS4ftK*;EBxs0)Sv zC3rEY{|D`hnALx1Us$atyKsOAhjwz1wWQjFd_5^>0U^kS(keU}jb5k}YT2-r3R(GD zwhILyqcC#Oex|^x<}pxwX}|_slpq#VY6(OnD@75Vkt9B(r`q%gfx)7SQ9-pAO9t?C z6k0+TAoplS7cF3eK#ZEEQ#gYhA<9apnEXVBjSH~}90@^4Gx70|nBlaAcoGO?vXu&g ziLKMRJan^H$`)BXW|0jSu1O|BGevYf!g*@Jkk9JpivUF31UFiaCj>1fJwnb( zt!gSu9d<~u5s>6k%2kjIPh^rpI3ZP}m-;OT-|HqqN-a(m2(gT66_4ye!7!FDj*zEn zl9e2>PAry0;_)GlSL_c4jgUplV9_~LLC9~3&|6jsLmV*>tKMwUo6R^d6!M5eUJVJt zifIxm$QFeWN-1O)2!wLEloru7-68fn%_5|vlt%)S0HgHqV57`I@+pw5#-c?Mbe@tc zlZf~}EM70Lp#6}a&ed{+I*ZUD_hG#>twMkjlfo=xkT0+~g;cH9#D~lbm>&#U4b*@t zz@kxwMzdT&LpjN0j?v0DvuGx~%%Vh@lN{)D& zJm~P6$Yg>@uhBv%7sa6oSrOyHp(vyP8>Xs-NSetMV!ar<%wSks9$A6Gddus14>=-3gaA*3x3vU8l@7(0O#dIDr4j~Nytv#?4yCY@G6BKeF6cW9)$3~JC|Gm3PUu*~hX5eW`0 zhiQNuW|I!0r_?#01~h)tJdJ9@YTo!s3L<(y~Wa1wQX zo!>`5`6XAZWE3kWIns(DQkKm`V51D6k#@rc}EJP0|?LSdSd* zWBSNUuSg4O96}5~gxs|0DKa}+17d}ypoyiDNZ_E*siHEF;0ORDh^Kalv<}#9RLjg% zw%e0?Bd@4U#W0DwVFAiM2)IfB)IFh(!NqxG2{$5g*HNwWhOXzdZr5xOC20s z&>fZoL0AN`=rjo|#IPtXEsx^S*ifvXOC2Kn<$8w$Peq5A|B`!hvNB}0GHedH7Uy(v zlnk~&>Io@@kUSia3u&&fi^j)s0Igfh0!0>s+{w1c8DyJ;@8@VGQovz1E43mSp9NcZ zDpQCN1cmkxflHT(Wge1QWiwkNJOOgf=^-JT6V)dVN@2gkg}AZCWl~1Qu9XSAc85kA z@L0_zhr%Q`;%Oo&)x_b3upD0~sKa68Y&d{~Hk+F2aAUYuOi1Ik=plt2p}whpP(uo< z1TY$pAo>7WiBr2dDv{J+7ny_}0-q=4NMtq_gMm|%bP^FcNM+GokO9v$Xzh9rm*L=r zJsv5VgVt+81`k@JwXork$LixKC^EW$0RZZt204mV$UH$Xa#j@KjHN=3muO&EL7mCu zMPZ$gKp)va+4?Xw0*pyit_RPA2yP)i|_Pes~# z7&JcC%fae67DuEna$G|+1`sqv|9=5Q$o>DmWq@UjzkcZ{@)ANTHk~31=Da-?dsTmPgO@PwP*wFI`pBS-9mV`8GFP3_L-ejo|+e_n35gz_Xv(=iX_+iHReKP0t(o zXO#Ch(3nqY!hJF3Y=U8Ps!nTMI}+J@()Z+P&a@OQ3rh+@w>!1Z*W6?bx9&6S5mr20jQb(2Nd?f1sX-wo*- z8}V{fHzXD$w8KAS{wID+dXV_wo~~wPg6mTAAMnmP>`HqjeL^L5xZxrWw`i!hF+XKr z{U-CNE8UZtUe2BL;$*tx`Rs>9$Dh?%NY&@l%#{ZM(mvfHVWkzd*wE#_foJ}(sKF&8 z?tOVS=Bxeh1@HUyE2DX7?W1{??8}%<^=k%RRL_s|j$LA0sIUBVARkQe`#zU^DtNVL zPR9jn=e#WC(Jpu6m#*3{iF~~Ofs}#$+lI$x?7|HGH|C{9MIEiz<+>7yW1lWqn^HAv zTFn4M?^O@)Ono(6yloVpv`_|uHbx*xxaNnPQk(`~2 z-oLp~;?KYtN3C;9 ze{^_ocR9^9B{6I2kHd3L?6v%3y*Wu>Ykz2slvIqK`D%W_<@p7NcWp^G#GFWe^}YX% z*r=a_qNv4ROAig#b&0ISq)wfSlfS?G((i2OYkPZxMv~ICdHgoEKO==v3jQ!UOSfgM zMIH$>6M!qZ3o7gKE>M`@*f47=x0K+ETd}DGgJV?gI%J$SaM10I;m;ZUGIwY?bzVm6 z5H;;Qoq|{(oh&^#dBywI+l2X*o8KRNo3nq{74C89RQ0@u`BA~Qzh=DoFm%$u!p?0k zBbIRW+^<^yuO?StSpu84`WrJeYg0XnpY(d!9D5~o!ado>qF2wuS)S0i<`<5hM{6#6 zSI@4S{yUVjXj!mgnqs`KW%I4KYx;2!gH7v&OmoPC*p8>TIVaZkTAE!twtB@cT=75E zM}J*^urz<6tL^YaGh^TNIM%AK-?C0roNA71oz|}9SxeEkX5FJj?6s@NM-sPNmi5C; zYuMU&r0tB=Z7V-bT|c3@?#<2WD<}BJe@wenvwL?%-^k*DF);<7W?dREF?ktpg#w_KpMBN( zSy^x*tEDJ&bFEuFvUOeKTdiJ!BuD@LdG7bTqeqVxeE#)w^St!RHXA0kd|YYWSSQ)nY<1^!Oe(0q1q`LEn1lO8dRc(I9mtr;@N*(fn zzHDE|sMNL|M$eRAH>{^mZ%MgP)cY{*Zrm;?_Ntq(Z42I3oQfO_oSCzI&&-p{7A#8~ z|9$Yy`N2T#1i0x@U0tAjwfEN2z;z=-Hd@?#VxZsORK4hR+_%Otr5k4qn)3{}`spvj zb*Lnc_-qkv+SytUIqz3ZO6kJMO zKVG9JgwB~yHGd!I_k9@=)x0z|yLd}m@|>*z`(0Jb7vj3`n_br9yTSdJKfb))_;**~ z+r%5m!wVJw$G0qgH}u5sXVGJ4H%$I|>Wa~}vFq}iXZG}LdpQcxy{_N~s-Krwkanii zif4h0eAEx({k|9YhN#YUPmY~klCw5tkvLiyojb~nJy+>mUjj+eC|z&$)sh}>dfKaG zt@HSlDN}x*x7F3%n0$Ovs^#0mvdObX>^r`B``X~?jd#1W(tiG4HYFL%3B63-f4k6@ zQFCy8%jUvB%X9MKK&?!?Y!l>kb#kj`D5)XiC0z@d~cviHt+r5`HTmwJF`( za(%%Uf786Ix~c7deVth|CMy4-VPzbB<DuCb?+$JEu-g7ExAQfjiq0 z%>JoS1-H;AlMi+E50^h|9GtH^UN6eIwIHn^{%2OVzs7cp%2c`T2Vw)NhTZogddu%y27;E_{Pb2m2pebjksc+G$=bvNJ7p%jPSi4$(5&goz1&0=@G zk-zy?{i1L2GqZ;zHhu#+r=M73;S&w(>U`@4C!KhIvL5<$gQ%;&w>OuizF0Fi{nWKT z@*mnoku;z@_IYmlvy*?aT3_st^K#(f0pCZaCWhz238PM8*FcL~tnrqE$%&Meo7ru8 z&(u85Tz0tal<20_-Nvt|&hFpm##~_a=8g9`f|=O~rK@{SbS%o=_`7CDIS7@DHUhN# z?VH<&!&_$FPOx4$J#6{0q-*9eKkUEq`8^em>+-?3zMn4Ix1nDT{_fJ>r|QZ#^>fm{ z4%>lE9_fY-)MMKGATiqrhYCc^?&!`lY6oy6!I4j|d><2jy!FK%)SvRJbNUOWS@S>iD*Kem zDXy=tFq>H`8}=peYzLtC6@-4}%lh16hTm-YeQr(o> z%nj%0X`(7*4U3l^VS?-pU;CF&o%k_0w*#Slov!#xj8if<1Ki)S-GtT`*~~$YZ|Q(X zyAIz-3Op7sp9wZm23YbmV^8c`cc``N&8OP3KWs1M>C=v%J1u#-G<%1v?a9ZIjTMdi zmKuxEI>j16$zNwD*@#*t8;v0iHgA z*bu&d3VQ4=jiWCqsXy2!mdPr9Shf>C@z?3NFaD9^zpih{W2W}JjK6jFMxTeA&MW{y z2yNH(J{=;pI6Z9sp>YG(3@BL80eA6=W8`P&YDLo>hspy+bd5mUNP|P zsikp)y7#=?%qk5;+fvJ4vNRb3djPYpGl~;3o61{*3kJ^!E?qb}vD2%^;<$qJo(KER ze{uO`p8<_Kkufh^)9?o-o|F32*F4-_e{ECxxPj&9?#nk>NRuZI5~%J-mfvn4>ouKg zv!v?%y6I=9b?jr)k4oaJy6*L*Z6|E~(>m{y`Sa1N$Bj+tFXWRiZQyRA7n_b58`sWT zIsa70L;Y0q&o<7m|bGK6M{X za(<-u*;Dp%Uzt0g-A3!$C9*l?RZ=a~ojX5pyGP+GkHqyNU@!N1JoDS~hE{da<#EMl zs!A8E&onpG(S;MocG%Yu*pdHcdYdzsvu|BEzndz(+x#mNzNG6!U0q_EKlGGf(V$(= zAkFL1Yu@~|s^Y;^a`a(shkPx+f4lydcEURa)mdGpCa>r^Zug8W6#SU!l@v~#W_JpRNQ;zhhul(7q;HEKTcz@y_yP*2C z;r5*)<18A@3g*4fllZxUL~{?pob>IRhDBu_8dkKW7Oz!Y@4u$LV!?vi8lmt=&FUMu zT=HB-^qKs2JY3X-n=bNIKW0HlR)JEYyS)d~F%x!8;^tL({@Q)ORefaqypBvs)$`^) zvAO?nyvlnG=OXB}#Cxjn=*j_lV2Q8i;IfnZ+e}U@Pa^G$f5O{+=Xl1{C zSy+4Dabe#A0qJbQ{ZHN8gi#$A)U@3?M*IErn5fL+wB(XopxazkxJf@eYy1=G)oCN& zIxaBR#IlNtRuLT?Zf1sh7*~z%(;7D>`S9j8Tj!r&zx6VBTHa)pI3>fbm3&^VkNw%D zAU#mCd&Oh0D`IW<1g`*ZFOK=+5OQmpNa{U#uQH z`s9bTwaXYcNcnEtrL7l|G8w;|Fa2`MqNg{fk2?JicKg1{Eazk?!@_huy@3Dfkffg9 z!etekj_RSBpYbVy9h)nBy*QX_som1zh7OCG;C!}xYtj+rgv-a8OHx{<+V-FE?=P(8 zT)nb<^DFkP_y3251uLm1W@5(al&UuUO2lm|Kh$LJrOWAeVwme&f04JzTy>VL zW)0W__c*sp!P)to{HLN#{#`k^OTTsN{cDXexJPlH*SZJZ^l329TM!MCvd#v7_Q`0f zNY`WU!ze z{wYVtR^E*nk@$9TpF@XF{T_rM-%e%j&IMmKEq(cC%;ALlka&16aMJiEov!@#7u<30a866N)a@DKSezSu`uv|a31_Be51P$c zn>>k>4i8Bvd4Fm1E?=;uvG94*cfNTGu%^Ivups%~!wEN4)1!ygUg*bwHJCU*dq_dwA?10qpIyxV}c6P~RcDq4y8aB@)Pf#Bt53>6{J4Qie{Dwlq&cftEIesWaio{61nb{;$q>xRzU zaQPOrbwo|KNC*pSIiK5fFNnvL<;=;hKij%zx}8re+>R{KxB8{y8o$=w(@xkJJ>*do z^H{5r8MPm~?}+B#FMeI{u5Y`9YRsnC!+q(C-$~l8(P?FC)V0ert(=J`H!|YvAn9+3l|GpXWZKm)x2iJh#NTN}OLiY5(Re zgHNtYfKQKFq6_~6aNCwX(!3bOIs5QS&$A!eo&Me2Q002u+J3*Z476YPLtzKf90S%r z-0OYy=~wEG8<+o~z}M~!sX7+!sW|<3+s6XwtXcQ_Rn9#&%2u-Mr2Ync?p^i9`rHps zeiBR4*_qq%>f_(;JRGi_fV{Ty{0~Ipmkm>QdJj5!o)|BFeaQ9w+2WrM?~XY!tLqtn z@iXJZ&1Q3vBBseaV101ilG(IGa~DQRRxB=aesl3-!snao`#?XJu0Q^Jac%jW(Qw`8 zp$C#XWb_)mc-u^QY-ZK;niJ)NHVVyA?-~oTr*Ap+LD_27`)&h|upD!%s%p;B zaGQtJ==k-D!ebkbb}Kx#^_I+2-|Mz?WOUEAX^ByHhFATNjX9ftfArSdX_(hf63xJ@ zv7ws<(>EX7egE>pmXnDB_R@o9Yx}BTbKcA2=m*rNzn-m0&#T$MZv$lP&&ul{$ax^~ z6M^du!IMcs`-4$6qPC+a(z*BkcBJGG=Gb zyDxJF3VQy?{Pp(cj>d|kSue1A>-cyo5mq{rKlJ-{?RW5)W9`6y5}T{&spSPdG8Szo zweLE3y8F$BeUp2=!$?+y>pr|oKHQ6O*vj~IJu&+E>1~HlwCLfr-xKO%mtSsMz%FVv zsup1kFTb1;jP3FH+UqA^|3PKHf6OIMe}2d_f#{r~Ev%e%?eOofUoQQr*5Esy8#TeP~sO^_kA*MV;%c&`L+!f~#{8 zh>p(ul$sL1{B`O64>1L^Hl5xuCjZ%#WYxkk8y?O&eQ&mN)VySD$Lp;s1o4oAF??9n zhq{S7oEh`^!o1k%r7^u7X}AS*v!acYPnve7)b+5RT(~MZ?^sHlx^+=b>mez)j@K7% zm`-~Wl{-cip}v|rE65lGuEcTjzMwRmZ<3p|AondrmY`DGT zqHtx(cxh=v{-&-~Cj(1=e8IwTDU)CJJB(lUyGPKfOK^tlrBnMBI>t;QH}t;I``4Ex z+we)_2tC>&)0!EX*4U~7qPK4QR*Qz+ZONphQyFpK(;o?Y9y5B=us@nQh4*$F`hhj3 zU9UgqaE5tbR;)a*Z_v5uf(;MXU5?Hn@7Qx`yy;v~LyO@_ ztMM)sp?eDHL`JpX;^$pA^1uDscyF4sKm3N2%kC>s-&s;;WS_X&rY!KRoTt{nN=;^kaOOoXC+-Ya}?~r{X1RKkh!IZ?ku{`vWM-)EDlqnLDm!LFuWH z$9FPsUMa4^$$EsZ9o%$ikE7khlXG~*>@}G;IyRN9*}o(@?ijsTbK!2M;EMKTHwM-8 z6xF_Re>-d(pLdPg56_5cV%<<#z|KPpvrRWI5P$y_KPC4>*N1Q4UrhV8X3di|m#0~L za~}geA2lAZa#Q@DAHLDGZNnCgKXFi=2%&2^L z>zcgyFY${k=5rCkebq+EXt#M& z9FF(-Bl>`D^ZKONrj@Sd=;ZpN&wl!b)}?(k_P>o%;`IOg9J?ebW;`cveWDq>E5c=@ z7}sU59bDdyQCz=%VEkBwj?VNI3@pF9YY5ZRsp4pV)QQgh2Q)WMU+XT}GEUqRIgcwo zKlQ`RQb9?saL=fy=D~x?kL_n%cyfvt*jBUj@Y3v4`wFj@sb&*Lu9sL=CQe8>SvEfZ z^W74_99@rE`1RJp$=#}cw|sS98SpbXKP8r$)o<$Uq}qb$sA~9Y&vxP=woS zb%9~s`wUy$>Cm<0Wg`cbGa4X#UgJ^b2W6ncnw15+Emzj=`)l{@@!KXR-%gx=`GShY zNHpJ=`96foOqyl-bIpw8LFKdBSB>gl-&4$t%G}$#VL*YiYgA^RTIPZQG4#a#iD%xu zUjMD-Oy6gg(ep9vyyc>`_t#u5dwTGAg)w)}j`lz51CCyc{=WMc_9wp?yEJ}EFgO< zbu#UFbYtd1TnggqgzE!uIx0q1+<2+z|?()L*_n)S&9KU&T;eFTXRg%LE)wK3on&#iD z3e~P>ecZO+fAgxpYu|ryNK3|f)7yvH;zR9Y4lfyHUc)JV^ge3i_nOdh_I@u&A*817)07M38b`d2iT$Mghv8 zb@=2Z6M%n~CU;nRk2yB?hAn5ymw9QTv^xjfBlphE#WH zFs+*e_Nj$###(H@1|ZA9D~s(qq2HxdyK3b!xto0MMNL0*@z_B9@Qli}qe2YnM@>n2 zKl9lgU%ZQ_?QXZ9jZbawo@73pce|Rr$K)uO|Hyc&`>Z2(-MCeE#J6p$4d?OaKTSA3 zdcq&A&fdI(OB&tj+sN_MQG@z@bBg6-aC?_oZ;P*v?$fEL^tl_qEj020VULWH%JlSI zUn&**x=ebrdYHK2&$KIRcYjRYREy2rgP-uEe5gosiDEE-OCZrrN)+F7qcA$lz9{=t zPNJns(e}rcqdiW4?Ut7KvEc8*?JJjHt^LVZfO$0uf98^KQHQz z$Dd2cTX*ny_l+d)hT&T=E4aVba0V`PQ^zQ^&J0hYrN0oD~k~kg!5A<5kbs z?c>JnE}XusqC>qp`Q*f@)nwFAHx#uOHR8*y4*TjV%Y9G#bK&O&vTY5vReX3did|FJ=KKUA*ODYo5zz)p{u zex&D9d&&J*gD*A`u04SYyIf6vX%T&@t~>N=`Ivh(?`!=#3-ylKS7*FApH(g~4bOyi zm7=yMtNaJ|KDvA~r*FnRQO~MR)uZG4RHS81zL&8s|G~0E?u`Yu>01((-D)YVrB$q5 zIy5o)ZJbcjZF$1>TUVeAb<(wYOOjtL*}ShYbmPmnSuYF6{?csTcdjCD;X-0Y+MtS; zo;a#~OTwPUni(gp3(oWzzhv`s@fmnqbit;Z?1wIGB)am-q^x3g5AO5!U68+`D^2NQ zZu2{5U^!!YqA6iJ_gH+|?S~&;(+dvI%|^~N9x86h*NYXU%t~I#p(K*C^{kh>>kiJE zU%AkjQm(qSaPjzrlkZE0y^_V|Fq9|u8ZUwudbim}S+cLBX&&nIz`E&_=PKA2JUd4= zdY*Pb+2OHU5B2!bF~3|ocqfHH0aj%eVY*E}sH;o<{7<}Odwgm7d7Ns)qnS6}NqfI6 zv%VR8ZT@yFCONhIEpzH>Y<95&_u%Nj@`lld)(h-gW|YW-ea`lN+%5m($Kv(+ggX1})P^W|r_brGb=57?&s=`xKXSNqa-(tF>+T+MEIXBo-ab+K6Z+sg^)Yz= zbJ>O3He_}aNyfc(bV2hNs}p8#)D_jy<^SS!= zt{e+xx07)?q4DIiwUfF(c=*ZXEcyH^V_A0UyRJP%9Um1b2LCUf&VnJ1E?m;MOK|tW zHNgoC?iSqL-8Hzo4DRj{JV0=Q2N>MlA-G%E`R?7_KQPkWr~5rsPgN@kB%lb$8ev~2 z?5UpAC_~JhFe&$UFmlVy)>WtoQ_5*7oan76=sbP2XvbG(?qPD0rfjY9$6T^pnK1#& z{%sEvkFlQ3J{k`HwCHM+@hZ=kdAwheeEH}bO(AgPMv;oe7tbt5A(nHZC6WpCMI(zd z8ih((Y*eL%jc@dl7K-_HI-AEXR6z(uo0UE+joWuO82IbzT~L9Q8LpG- zvc}(Id~z>ZW~U6NJL`rMw0F$BcuYI2)u>jXM5aDXOY$H>QL-8nF(szp& zuupXcNJb*su`|A;hH2?;4 z1YdTa8W0A*0xv>LxcJN&`iVC0Wu` zA@5QJ^>C_nW+&#LN0OW3Qx!t#I(5^K5{va0=ihH9+8l07x@WN@yKD>z@2f+w>5Bq?65_1hbBPRCGpE#5PM8=bUIw zoQ4>9Z6>Sa50X~~_4`}v{kGb}1)IC_Uelo%A?(<8wv$$yGOb3c8FYsYrj0H!(;m!bpniqNWuXXYjFS2pwP(4wms{5C{HGR|*rU3D5piY) z9(~%=r~SQvq|xOQKVWIF5UQenD zmA$`({1&EC0^w>H*@>JPZKjUdvv^vx(g_n@lV%($H9j81AoI;nK7)VH&&i_x4v&d& zpVKCf$q|DAlNN&G8nT?k@y0U`%=J5@wcSslVs{Y~k2mqcg6g4Tgt;#!U(JnXhCDFs zhwGFtkX)G~jz>S+lQD5i@RQuKq)$2wXG{rwLgXrsc>OfH36Q3Y7Oa7L&a|hI%kRL< zVDPDLQ7*Ig;0I|}8Jx(63y?tg-U;p_2saZ+|13yRvU3R=Y&pNok>p~tksf*S8K#cL zsT8kjQo!fWT&#A$TQJ{Vp=FEeK@poiX1!5Zc^UYKxZOz+G2r$oRyz;zMha*48TX4i z##vC_BKQZMi2w$^Ihwxn6K-yIC6=06svs_O1=KNJj4tt4ZX9Nwhh49a^`HeZNxm#P z?+Ey5#=f6!4O|qO2Ar<%KBSrBd#odW`p+*QyBh|&yoj!3Dzd@px2*IDZ!F};ZUD& z1-}b?w4K4cw6p0!c05C3f~P7oD53JWtxX;?S~7F%@&-NWz2!33P^*Dye~H$q3zi)W z|3NZJLe!-WcD_x~bGbbAbbry=H=wkG&QFP~w{!Nx={(yhUGZo?4$I;z50~gA=}{r@ z)|#`N_ShlRsr6E8|5r5G?&N^j>5)+N0vISMZ$ZF1))a__5&}1lK?OWjaBFwaMCPVR z&ajHPIkada+|_%Mu7dj4lz?#b?ABs*9BnDIAtD`G6;!fuJ#vb!)!TNv-f4}M3wrAj zOvGi1)cI*lH7Z_yLwH(2x>lO#d)UfQ)px{S9n}aN5(WM``#<@9RZunc_`;@g)_u&p z-yT+yz0~(QXm0Lv>9p0#*3d&Lj$Ma@1PLplJMnuW0G-DbN^LL!v6LKQNC2!wYZxlb zoYZB41xc-%vV@;{(EvJHb~&Sv(kVIk!Z49UFua;Uvp5adedpT?<5uVp3A95d7i^nj zRhY;iyK(knJ0eeXB@1$;eY^QCS7q~A+k#%Bm^&jOARn)ct_9gn@&>@llv zC2tjH=?9kqpF%13wnl9E_JEmgBPHy-9b1fJ6$(xFg`aeMnI7lW+Q^#AUP?}5%6oON z$XxiI|Gdaggm86Nfd=Hhg`Yo$O4eS$R+g!#h;yjV4apIqjJnX$EoIk@OXR^-C`3AN z!8_8FO6m0Ccl;7Fp8kH9J@M`L(dVa!5|0IPyp<-xuvikTl) zS#5pEM&|M_Ow5Ea=ffvkmVxnKBNlAxCh(_o_~63z$cBI6*e>p$Fq2IQpV(@_y@i_B z@W-$a7cKOKD@N8{k4*rC(yD82-TYo|qQBfd3)G41?P*{>=8(N(@Dx%Y7WDQNs`uUy z`(uX=O0~d(lY)V6tVXTBh<41;a&&~uI?*-dr#z3rA~kYhsg8tKZ@BhCb)%fj$mQKY zh5JsIMNu`#Kucg+4&U&N@1t2L`wu^d`>+AGJu^(NUI$iSfF-9uyugz$0xr-y0yA&M z>=#8mJfhW~g6PLwK3LSV+&+@*Xn*pJ&wSdeM>fm5Fh7BL*H3l7ik%kgrY*G@hE5>x-D0ZlTQ z0l>spp=(A1gKOXAu&l`>Luu!A_J<@5K1Yf-5d%H`CG-8khB3IuO-HvAqjV>H`eOwQ z{m%l&JPOSw&h8`W?cz*y`nTmP*j@FNP;xBZxHJ+MbaVo7K1R+6jK|_$l7Xcy!edyJ zF1R(F-E|MUW3hWH15OQ$ERby*`&AK+wPFR!K=5S_WN$`{^TBnmGdx|ia6TgHfskI{ z{V5@9E-0@0_efKFD%-d5A}Yk~EC>JgouZ6u1!?kU1=O4RA^`54Q@LQM%0I!>CnUK(&?pSkXA`_#VPJ`I}LT|bpO-W6i_2%}F>Qax%E;m>&`vpyKR zghrw&0SW1+Z6rcnZ7@JFF+g}4kzRz_i!0|nBdwh(3<7`OwnL=5AzEbVRoF^RogdI2 z_ag*XR|&v7T^sLO?@AJ;YY@D_>8(HC{MGdsFGVQ7#ULIbLhmyEVfo%9{S0q9awDW&Zw;K>&sR}zU zaq3LVPUYu2a0U46{CA?#ie`F4gE7!whwy}*Cgiou4n=a) z7s~Fr^RHsb%r1BgRF#c<_g%RRVO0&wT6w7v0|1`h+j$7MBd+~DdfZ$;9-q?_*{P42 zeoPL$J~VT&Mx}XZg245CGE^eKU#1Sc0nS?pwH2JwvVnYmYk9=-&*tcW-Y=wGCN?B2 zJs3Gb^6M3Rz_14EX_`dA5JYlssIB)4ugA(i{IlYg1MFm;4DxbJEMGDYg)jU#N&PKy zYBcKxAY!=G!n*cT9euJ@W8|8FkBgw*Q#67vU;O}1w4 zNnmQuYZBsWCr`-Sh|nVcOcptBVrMMPk-|`uj{~1&Q8<3ei~aVq0S~#KCo{Q^4{E0nYFo0# zUJY&Z)o2wY7?29j=ND6FfAW;n2u&Q|{Cewc{vG38U~S&S&Ye?bs7uA@cxb0QHnIB} zjtWe}vsGpyYRn4*n1SfC8UWw>ww_>_y9QJB7{Llw*o^$o1V8jvBj({~r(N_xOb8Kc zacRx+WqZS{pG(Y414LS|w|k~S0TucF4$X`28jbn0q-e3OQ5ps!`SjRq2UEW!3hlb7 zBRpOq3p#X0t@Y~=uJ0#*O}Ol_5T<6#mS4^Km>z~$in;#Xeqs1} z$oojAAmvom#t1b#%jKm(Aj_*s+lu_07;T0( zGNb*yic%E@=X-)nqR!tG_h^ZIyp}&A?6se?WRpXnZtu>pyGUk!PEKms{`8ci)K{d4 z4IxEr*y534EIw^(Eu*fvJw0rkUH>`E-_WypC8T0Y#^=dYBx?V=fVjI5*)m|fZz8NS zF6lNB!>6hCiNVnEt1nZ;R{=qCQpaLq>jaIzJD$?{%>03I1gO3JJ#3H>~B&d0HDH2+FH&yl!8ZaX_rJ{kp(o9)<268V0o_tyctMo1XYr>eeKMf`TZ54rzk$lPzpT#St`}rf!jrOx}O7*#T z0SR|H^d@EOJ`CrDfj*g|5HBI4`rf3ms7kHkKgeHw%`H0p@^EWLb$JI4{e3NE+nF0%@}Su*`e$L1^By!!NtfDJ)v*dgB==UWz9@ToxK3j2a1pIg zkUb5Of*+h~TcogXGitA|Idhw58mWLSd3r?2A)pw0#4$uGxuc6!<;mjl?_!A`{10vZ1<8IY|E$8u=Hi@zH_pmG_QZrgn?8}V&9 zwQ33Mh44Vv5c>v|cikD5FzpC?h!T0Q;bW${W+C_4cGOMAT0GC4_D0`9W1tdMMp_yX zqLGB>=aaj8d4&ezXpy^(r!q2$85tQR4i8JUw6$RXf-$^|#8d^yovY>vWT|T{BNA75 z#0qPIA%BybVT>oF?_V$!Gk*Q*Vj}aUc4R!+J2$%A5?7b$HLl-Ni%#Z7(}(W~8vbN_ z$`0SNLUlxk-?OVAB#R~}9paKT6Y%f9um?U*Jndix zwo8Zc`~Cp~*@^w*u{9m_s;Uo-k;7&@WcPn&TYKr3W0R@jW&qGYizCcoQrye3`2MnP z@c`~qD^hk!5Uvlo!tA#M!I8BC@wpUbV6^bZ^K|=B{`afnlEi9jPJ)Muq9W+Y$w`?q zRcBJf?(Xj6zkk&~4o!9N@!1V)&DnnVpWC?{W?5AqyX#x&$Ct?X#o>$%{Fr@={B$gb z6o2eX1zzZbNT|fA<|LxVAL51E-tD&?7;pcs$-I4}w=UoYN565V2MUR$iRQM1%-)xAC?l| zXNo0H6$f9pJ_7L4*yuT{EaMhFU9@)_&{iRSu0_ZwT0V?M=$!pSK6n4$6%ENZ{NF1& zI_PNbw4Nf+yNN8&uhW0qa%^TQ3p7NMt~8Vt*us_ezx>ui+NR_ zO*CmnS}J!i%3)rJ#=Rnn?h0KC#zeIxi;bj+8EK~ya81Y(+yL=k`{HTlg-2Xsg$sX= z=uJqV;_U3+#I)PfFbWuqX;Ak}N1&5jjVTAHO6FC$SOT7n{v8-y{rGtK0qcr}Z6%dI z7}n1r_NR?7+L9~(#qIRB4sK+@=iLAZu)cFM!LDU40GM&Pq3{=}#H}M&)Q?ytm=Rg} zGAHf7HV)^TW4FBp@!}FaD^$1y4<7A1v$Okl2e87j?dKxT36f?>xt4hnZ0&|#e}|jR zTQ!q@`$Q-UmudX8JWQ_d|3RlAdzDM;0NEolTK_qgA$pM^_tkF|%G`2Qr8W`_PAX+E zEaG6JiMGw*fBJ@ieOhYs+U9yN9t`L{{wFKz8Hy(>8)GvuC><>&6SU{> zJ5L6pmL~+4{su5g@vmFMj~-wKKEc*^KdcIIEi5R+v|G04ZmfQzo)!#9O~s+n)Gr-G zqUnw#^CVpUSn4|DwzjoZT?5JBqri7P?Z#?1TcUS%cH(B`fAy+g?I|mh>~MBoGi|KA zo8{TFj{JWt0LAO_i1TIlBh!@2b}-_u@W-w2g3Ig)VjDK}#I?er9xiTkxTuY|`oSJ41mk z)GSd*GtDG$ePko5Mpx4V@qvRv6u067G3-iN2S#k-YyKm=Cfh3SbLXv=x2{t6h zJ1^2~L`vfUjuUV*G5-*!c=@z>SI%ql@9o)^tmMw<{Zy;bWlxGly8){AdD1Dhi@yF0 zqh!~_y%RKjE3<=bYBW~O#`ZN@&W>r)iVB?eiFoEd4L~XYgFNDI0!%5cTwg^(Eu_&ZT-kL zPr%B2*MH{$5%noI;Kk-?(#f%}R;L+(37YPtvxE&m>PE}@y&~w3Ca8d$am`d9Hc$%QG8VD^AR!zOz3TfXmy`zXm`3-H8sXc zM=>rGCS)i7)pP8Cf86jYh!LFg*^@VV0nG}jaZcVG&4;Q@^@mAfpK`>IU{6Iuno}nE zv0;SR*l(GTTCBF^e+pJ0xr|(9;R!n3$y7w=yVmMmHQcdA<Ww4iZINBZO7}kA!VH1KY@j}SVya_FKbxtJ z9x5Bq11rIP#@I&05Vj5GssDW1RPwv9@1$=ZXVEjGxBZ}dvdj0zzRRHlg50>l)1be{ zXx|d3|F@W86~%$g=IX>ETj4XA$1rs(9;hrL0e@RhSjCGfX=rZ zEDK*=BhM9!!k^sHZmex?3S4jZKLX5xQcR9NK=W-is_S36cUr98@ub2i7HH;1|XR9&xmT0Iwdkng@rt8Gp z&i-R3V^?T|*;Nm2`k-m!8{!CzEwAm@O(@u-9&(Z+DnF@S`7-2>T5>k1 zrKKHTftZ9ucb?edywGSt-DdK*9s@p;e`sB|VWEwDsODUSh0tqU+mQh9+OL@$8?hPr zerdAp>;^8xdnJNH;$K%Ms7gbi+E2$S{N1jf{&yim!=&Xhh=ojUU5nA)nUu$q=do*p zzSiPfuRR0_hR&GU=1>H_xmd7{`e#DP2yx;3BfPHX$zoe20DYqa+(gPo7Cis4Qg_c8 zi*$c!f4%s%&|6hj?+Hl}x2|dZA{&wM8Gqe;1WKOTY-lN&8PWdWqGuEP&5Ti=3IP-@fX z3C-hzDF+wa?_gsjwyx(f)^EU^$8Fi*o$|u6rcr_z4py8_6ERLS$uQLX(Bh-M1~j}5 z3yIY$Kka-~roJm^W{X1WwbAcvg5r^u*#r^Uku*Bn0$n_dy`Y*)mcV!6a(wg%iqYTR=eCIYy&0^bi~mm=lzXn z_NrLN8s6s81f7#C_N*n;;A}H$ai()m)AE&siS%AEq&wi0-HO2{LM6EQ$v=ps>`!%u ztJh~i)3bh@QdY&YXIndh7yrPT+E53lH9v+SGpT^3c(wZJ_gVq`AKHBD?~u_IQQo-3 z4Pisr`@&jTI*)UM^Vqjv<`xoRg@B1fS(aRx(V<0k>)$tT$t?^7}=zc(cjJ-&i zcl0KGNRCdO2EMW^*6CG{$}-rPba={rMS$FT-4hUUaKs8DUt_9@x|2kh^M1tKrvpv2 zb>GWMDs4ueMIsT_-H^UDZadPE{IaukLaEl*MPtrL-fRbQt==OSqJ(Gz#Vb7Ku@;I*2egkdMSlOBS7f0E4AVfeW|pYZ8ZgT;YnO(m2Z`bd002rT(? z`-s`o)PVqeW@K<6%eC?1EhfY+VF&>mOPEn~` zV2RILso4UyD21(23GuNl^|Z?OR%r@u{DcG{bvintybiu-q zh_Le{_mc5SlLbn3V?(uBSUxtvX=C8yuPu|+78|*jfl8k)dmq+zh{JLEmtyDrxUyfp z-Z4puAvYUpexAhDM+LqC=o^gy@vMd-|u>NOku zd8ayH0H(vaaJS8a)!_1r$Hr80XD>Vjl+UYuRr<7{g6vx^w@4GLd1vUhV^?zYF4}>- z^I07(n~(oWkc3TG9omM%qced=egt$f$!9l4%93YMGzQB81oTCm=^Za93SPn(y&ecR zD9Te++-=3xR^SG=LCtsg^Yxt$SWGBGAoGD+!)yXL1o7=5gZK6~%(LsIRt$ld2szKg z1qwgR>zt_G4!FxoF``@y#7P^>AK6Yj%tuoLAR@&Sa%*fYIozjT`taQh$pB*lh}bv~ zpWjPh=w0-}`-nMV<0eE?!csTMV6BZWXn66pGm!A)0BG{6;$(sC?>HE>BMrR4YB1+p zN?{0qlt5?&4D0V&43yCJ%5FNg??eROZ0>xX7Q9u+^<1^F{kY1!o;`Toz15!t)T9eW zx+4ASId5A_O~{IN0Zd!vx_Z{s(tzzDX=oLgae?EQ4g7 zYDqY{!sa(2(vQgVx9Qqcnm&JHCcJI~qZ6g?;R43jo=j$;Xq&^&{%_k3;ngV^w<^M- z&&`1_A9lhm>47ve)&I&%mcGuqm5IQS@`*QxhOtasCi9suWIL6dE`&t~Gva6<2v#2P zOBHU@TjOjdXB|A^v~~aP$)q+IZeFE+w-d~Gw^&7^Y)0U|{;MeJ!)rqh33jfU7>GJC&d^@@#IVpWA1m zFm9C2dwPwa@5#P}yz;-_T z!Ys)a@P(I*QVg5)f+E8`EL>hpk%uOKB7*gp_+}EN{E}MkrNiBX}I94sdYUKf|`mKUs%_ zkOJwZuBSx5)DE`k1aQD_UG1D^QwNhtQslhq+y7v!1z>Tk+pbps$_EB+1L*DuuWHHPAoBd(D`+?C-_g;urB~y(w>R1-2o;g zNx!7B%eMZrSoAqZ(oUSFyv3Y@wuB0u^8A&FE!qD9C~3BuCa)YOh}Y$Gi8oKXz})#ab3cD{ z;|A(?_RkebA#Lt75X>f9aFj-N$9|5dW13A487aQVfh&;5wn>x%OPiXag$ue-2-t&{ zvNF^3j!zVB-XK*cni`m;aUpH4EqP{*DLW05u@40|=-AdT3eDj0Goue*`;{h1tfT8r z4lyN|$=?IIkn@Li;kpN@5z5Se{&uUdNxF^;bARi|ZUvI2g<*@nA>ut~TTfDN(}LxJ zeY%f{_udY7IG&kxZoy^v8+1OvU@;0RSL^-DNm$YWJ}1@nz(mb%;(O@hVaZvG>0o7? zCt`B0!M6y)LIQejWlCYOoAx7ygEA$CvYtw~R%5`3X9IyGJ@N~DesroY2q?b9d7Z(C zOYS=vf&N%}@4m~H`1NX#9_)GegV)XhrUP6KgUi8+42ndWCXxGc!4jk>Qn^pdiJy*{ zJH7qvFbZBaP`$l#;4`#-PURvh3q4I&d0k!L5MO_EoAQ)fu;6_%7ISe|*~-dK#8?_s zrdW=m_;LKZ(-F1avbxmF_s}jo9;f1A$IeMNZtsYzm`aErQrt!Ni7t7j(lTpi`@h~D zIjxDM2YngMtkNN^7yaF{k|PGjV29X1}=y0rhcRY8PTB=wnP4*!ofM+@n?Ma$|X{J!${Np#>R z*m|Eped-rRkrO+(>Q1Nb>gSCOr|!9`MgzJmij|@pz(aG%%_8XNZ;3(+uq+KelCMXx zZ_Y%A$l)#)`OK@_D(1&Z{h+uMs>do2_QEP($O21qGx~Z@aYq|ho>;^l)E-wWQYy$@ z)!?4TgJv{pG#RP2lu%Ua-#K;_7-33=;&3CCsIDQ6Hx>el9J`ap_WV}Ka+vVH>r_bw zUD}EP>{SiYElF}*s}s|VJCwl?tp*eIKPhLSJ6=0Ufm3c0iOYgCP6P*4s!;f$F|o>g zK)3dEoZnSq>;nSYRjuNoYb{+|hldSF445l9o*ODtx8@u5P}wgPQV3>g095E?qG95Fmk zeTM#JfK#hj-2@K`2W#u2x2Dn5j5uK&vB)<2rbR^9!J2&aOJCOuwGxmcUW+9^#O#pA zRM$=D^ihE#tAV~o_bApIz;mILJg;=uoW`t$Ay>%UT7X-WaEY@)H?J;Dvv{4Neo|!2 z<#0c~G8m2=D!cF~vrl+%ATB0Tm?a^Dy*xJ;3gHD@3(a|Dxl-PqJSppg*`(uAKqtGv zF%xzD&q*Kz$hH}f2d}Qge}F6ayq_{Ikf?IZ{G$syL*I4GaG&4Tao4O~9XV-@o|Xs$ z-=O!h=kYV;cUW>lRLnQyHxt^!%Yu(txa&S0>`k;$^;A0cA|C7?Br;jhs?mWjgHJYCW) zacN*;oq_+cG%-ADiT&pB?;`uF)Hc5Mtn=h7zJcYN!_j>ykatDtmZhZRze>=i3B0?J zT0le3UP&f<;m_Wn46nQ06Ua>7Q9;q+P8PGmcue1pkyPYV>ollI*u+$lfWV&E5rE0o zyRFSql_JJO<7Zp;{EilE@D5LUKRNOZe5P?tlbG&S4?9wFPdn%SPC5REr1)jiq?GcB z$ISJL(M{0rrk0=YZ2OS%wAOIU$9db>EHVBgz?zxdn?G^#eIEEVMuWGMRly1Dd=rch zbY3N8vF6bT*I@HAI(#7~*Pe@adb6OpFp$u*{_(-V*&trvJMyPneh${6yN5@5tCgxF13{TKdDAN&s-3FP_| zT#g{XB2rTCcj(PXVLSdSB*?g<2eQGM=4Hb3$8h)?(tub4f1y}7_+OtRX-KkI= zwL{RnJpP@RC>VOwc3-0BBq2I6FsB+Lk&|oRgSzCrecaMVLWUK&b0V{b;9h`rPYDf? zAV4Fnr;#^*EUDmOiJcY`BKjF)1p{ICW>5y&AJwJDs>9!;}bX5G9u^fX+ml1|0x)pz%LWWw&HRltG{A~fY}pq zX)Ki&>Xy#6Q(ThcGX7?nd1_gn7Q^9v%<}X!{cCBDKJZeiA_t|3Y_x}Q1c^YH0V?hO z#rYap@o9aci+kL3!m6#F_I;ClWgLf+aXW4_m0xcKRJ-E{=)M?<{agR|_6&Bb5=q%!X( zEOr8fiqrG~rd+xBDd4_cCkDnfPYIxY+#7v_4`O^p%PVdzA1mg~T%GPxwOo8)*oIXhf*V_8oIXN0d8UI->$v)Wjj?+CjPA^jbY1!2=R7M48 zxVLp$!0QXYr?{glj^)kz(f%f9lhtH?mRIkq!6it7nmTQa_(Wrd;n$-*d*ok1h+@8> zBrqgYH7Ws+gCArX_p&POzb*Z2NaeOzzHh|dOLNIypT^yYp-Ny^F&0HiLPyvyBaoer zi>KK(D+d4DJDY$^(^p-TE3ciIqaLj@BUwS9L?VDI{S*7)EZSanIA-VqCF3e9R)t5o zFI7D`DEY;^%vWqs)u5Xt0 zN;1S+38XXM+J)ND(a*oJ^X9K>C6Fyj=0&sw*aFfm@>H8di@*3h*!ui^*SMJirLt(J zfDXOK@r)ByX`jV4|t3^Z_UYTWI=3~)!}xn?r?A6>Nn89AmZ51c?j(~OCY3B zV(XS^v~R`*(1lPZW(oXKD^|ID#$Nw*)_Cl4(6wheH5rM4ez3M+A!1}&E;~J-4oxC()^)HCot4jfi$i{fhY)@V+Khib9zyXY<7*n*hb07X|b;09c3P zV}C<`Gn|{&^kr3(=l7}{h#=!erroEsc}Sy;9H(R^*nM0IPEQ+~6#A}(z8;}5$V!7( zj)^!;fraga(03dq&CdK&=kH1rHf(vT(l60ltvNka%IdPL4Xg6<8F#)!d6j83Jx#st zI9R-f=ouU^CUE1?eZx??=H5rCq(UuXFCO)&LNBe!D(?ca8FHCBsdP-7B&jjxfMh(E zzL&)c(9O(^Z^zBf$xVUeIjK{UiGzG0+bs4%czcBv7YHQOxioQp^q0D%Q%hcwC88tJ z+6m0?Rd&$JENdGV2GyAxOHr@(1?E6|{CUOp zAB6%n7djUu&c^c?eE|#L`u*)lcqvS#E3*n1mbe{^d zq36`CAyoJQF>I}$FHTQw)3W=LnlUVTZ8D&BA$DRh*s+v?EfPXb@Mx|D8HsujFDBx{%fCtzj~41|T<`12+X4^}ynt&_Ag&cc(R zVT6_#WKJw+A7rp z=B6@JUKc0hTbBpw43Mc4uQ^T2=Wd7d+>FtWUIyl-40Ag9>!vG0 z_Br!x)05R&L0Czy9e#bY2X&Hig`Qlfd?WVVPetl`Ttme zNv}T|v;0?p(Q8 zL7s!&n_21R-!+x#JFs3LafHWY6``6kP9+?y3{qH_L|BnIa0iyG=$;fc_6SYF4;t!L ztmJT;WJJ0^$`qghTS2)gsOps3urvPmoQ7($$r?g(6tn7Vu4GM!)1j$s%BbG@u0`yi z_eym%2bjo%Ojeo`H0$QsUD zqFCxI@?$T(r!p_!t)fdSI4wD*uw>;PPh0-ZeWfNKpEXDzUleC*k%|5Oz%8UBQ;FZ< zK0x|Bv39{v0CPO;iay{l0qytP6>VZYBa(xPC}0}Y2n~e#0!5M}7eZ0X(S(jqXfy8U zX3sSa_;-K0V26V&P9+;kd!j?~Uk%L016Uk0?LP#n`lpl?8Z3tPuqvjJZ4crV^^C|7 z&~~1|qJq8qPSxWW3C5&lJ%wIbGw(}1`Ee=qa{4#fS*kdJ&&Ec$chKM)HJQ`?HV$xk zu+%`X5%+f2w*h1RrOI#07|?f~-idlJI~CmbH-FYB#+rsx|8kWU#Qj~9f6E1{mVJKdl0IvOw4K`jH$h^i)gf@HPi z;!q+Db-$b$5vv{3xq(phZszZSdRjq*|ECz~2ugV@Su2W=KajAI5Za&9?+ikT!QCHX;z0VKZwnosj0Mh#YC z|6E@v$$sCq_}KlE^RW`GQ!vN{eXu#C5;3baRi~G3$Jlc()?t0U;RnrjFtLjNQlF?7 zqHg-Wg|gx%@_nTu(CU#C3+itDlZaFN#5F%(L~oLu8_S9|ZvjGf5>W~IcU08({S;-U zr~@2lc_KRz=1z;n@JZT}PZ6s@=8bJv8<1k=RNC@y7*J&0UnmK|U8X}Q&o4{8Y)@i( zdQh!0+zAl7al!1C3>zDp*y-1Ko4!~{t8gZV3~2X1N+XUZf04AeyjhHXvfQKW!LorsBLackS z`p@z5xm`(BF@GQwSF`}jeJWc}Fv3@wFezcec-!d9G}&bM`}mt1#MpyLqFW0OCb}{0 zR>+%TWTkOHqQV=0Gx^WDi(7m*{e3~vFsrQen`!ik7StEgIPkIX5^dV^CC} z$Z80pxuWLxs8t!0;lxp}vx#ZRCuQhTQqA9ePqc~BOuARcWX)bCu!O$K&;}3TIB`M; zHjCppev&dqj1n<{La!l7{wMq{taFjW z*K?==*I1^N#i+<76j@VRZio-zk=q*5m+62i=^`9odyUFY0_|Rf)H-|FXf4L9T@Wqv1%E*qB~0CyIyz1Urc@T+ z0Pg7o8y6i9Mpi}tthl+XOQAShJ*v8dji!kwEj^2Qaa_&m59mZbL%v+`YgMeeY&YVM zH9_~2S;`#sje|(85}mj5UyG)U9MibM{SE+KQ58|y3N!2~Ynm!;u~SZ+oL>?p-ZN6s zbS0`g8nPB$V#Fj%v8A@927-(Z-KFXhpf3$x1kbaZUnlA}R^=$l{YZ!`0rQb!}=cDETFAe)<^6 z)KETqI)r06LFPo?s!|kY#%z@1;NG6zwS}Uy;8GpVvH~??9rhls4i!)L1FZG)XbeOv zkIO)#QP_t(=KJIbTfFuCQV9MR#B*wB>X4yyKIs#~Xd~1?)U^zvy+M|1Yew(Glgey! zQCPP3t4P*T$m9?e>Vy8nXAQN@`1fW}&xz6c2oWr=XZ*{gXXe|Sl3dUr`Qzo55wufd z`<0NSiFM+6hO)MoS=kDvug!Su-iL#xhbWW-@v-V3H*joDdl>PtgS&X!UlTIEsnTy^ zBNDqB*?fqAVZ;t5C8`khlzX+`D}BkKQ|WvP-nzv>1QEaDk!iQ^ovbouAGdFXy zH`}$@c5RzBY&NFNwr$sB+qQM)J?A=~`!Ltl%>Uti|DKZya;Wvzi(Pizz64>qoog{1 zAMq>x#~mjO|LQC#=CT1;)%>Le32ZG$L56w~cS-h|dd?lAxR8D-0!adn_;6kfR-OiC zdYyB05N#dzVpMxvcrzYRg6$7R!dB z%5igkf>lXOxcID1fhKMoOY{*n?fIJi7sQgk-A;JmheUz>yDE*RYdjLC5=RoKjUi&; z`Jce@%lb+XC!lq;>ME#m;rc>zNNsrCkR+U4p5e>G%dwd@wLUjLZZG5z2MQmMy-s5v z_aJU6ilFm8x`u1At22{Yci!B!DXQJ?+3`MF$p_1&pO81U?vkzGzm)A|}DhP~2%E{l=hyKnulvSlT0gqBDh)x*>CS z4>akdHFntPkFcf;8(adE>vMH8m9y)Z!d?bi0(e*Z%%Em)ne~cErUH$i3Pq(bvemIV zb1SO5Xfqvu{iif_28;2^7CFjmN0|RmKcu}41WY0`f{a{*0M3|9R+L>FWI!fM;6zC9 z(-zc(NKiqG`>%pl*D^>DPPIz(M*OBjgemN!F>zgD*w#S~-2FE3?I#ya-O6CIB^b|9x3i9%thJbf% z#n}#07p^7Xu`TviI27m}GtL{M{LgowADzDn!o zj-XXk%*aK0!nL+!@i=-GmjF}1>j}K3G+i5a`&P;V zt@#w8P+Zc;0mM;<_fNB%B@8|(DP5MQA)@Ei*ZMDnphU)YKF0joeQ&qZbyc}F2Y=gG zG=bNiqD_>4v9K!(+h3yDZxBV8y0P5xe#pQG;c3!CsFYyv^Dt0B9?{S_ZnS%)+rryK z-v!YJQQ<>=mzgy6TM0aa#D^_sw&m`|?MC&K{D_;<#Xrcb-5?5kuMWVo4&>?n=zP5x zTb{)xP{aBYX-q$vHX2FAr=tEv6CKYI&+Ow9tbgU#93=#xxODM?zdr9%E;x|rcKhbv zYPDU3I+N39DaMe-1|-uQJ*{85)~j2V6SdO3sNlUSN;6&NnJMu*CBPoiEOQ5%iA@}-#( zF{5AW9v2n+j3vc)NlX}8zgyJTveqZN2&gb0oHZN*n8Qe2pxreOIq;_^0-w^vh{NhWf}dlTtU#^Qj(;@D3ykR za(n6VpoHB`-L3AHmg^7uGjV)k3iAca>*HxE)YJ>+1N+Up)Zyr-qE&2^p!jI3cs3D; zmX5_xKo)MwU@oEV;#r*JqhGLqZ-~%rdp<8;LBe17v=$YkvVL70Sa8wg3r#$z zQY{3avmfn33{j6$$qWqTQHN7Rf%{le*=W71}f&v@)@JB7wROK4d>23w$ z>%;|*2RAilWLwmO$zHuWWs|#oRD&SXXW8q-%iM8`1F46gK-^{at6 zFedHG7be!=gyGgG`K&IT!f`#STW(HSg@3XOR+RDVg?@xBmN~h#np3H2&X}Wr3aGvm zts%cS;pR9ZP*zt^qMHrqFvQY)GwGgp7~ZLeYV>(5PmwY8n1$f&d*-Jt|2Y=v z;>jHDT2`DAqIpS^GzWv0LM#Nys|2Xy8+^G72Fg zL-G4Mg!iB$0tcTP)eK9T&?u${p9<|ivA0?pY_Q{kMSu~Dv#hOXwHY;{miE)ugZ(RtBbrh!5q(@X12(zM7K(pir4P+8f-@ zb=+Vf%yefc5C7Ij|CafPVH^;s>Qo62GGw0e6Kp?pn8k+&BlXMpxbr)(^xyxv-Zx!mrrE_-Zb z3$yXf^-Lr#P8v8mUfaDalJtMA!X_Y94^hW9*0?@CSMLi4-uNd)Bl`tW8cRx*0c zp#jn2F!+%Sg8(AQ1?2?Hv<{Qtc0QMu_8QA1#z&KxRGec54Bmh$QRlnrhneh0ssUqm zHwuJ6PkD;ca8$!o{D6axELEnYFCfcc=9BmVSs;p`_FOgq*)|T*%!W;csu7 z9DA*r>@?c;Klj#WizwpbA6ZDL#P~I(8Pg|bf&X%8+1+=LTkH_CAKy9z0xulfX>p?> zhKUVHN*{$V6Z}4TR12A%9=zX6xrW!u9ux5zy8HHBFoKx8x?qB|$?-*nt|B^dPn-4K zmnEbr#8bw-sb(Q8jWZy^77YVB_;ina5b~BQT+B+@T~6}sA}1MCD+nDl68Z3~Aby2gi-#ZP1w<|5^kQ{DQNqMrPEj|eqG8>qaWf6DHI?~o37j@|LGDWC!*dY6C2E%(;CtsX2Sy__j!S*Y zB-Wx|kJ0=(t3Iy+MZ6Zll=s2(SUc(pdp>x~k!74+8oB%HwKG8gQI1@K653P$DVqbo zT{1EJ6&Va{gAL>istf&P8W!JyCn3J&1o21h&Qx|T=}tprR0&n2?K@*~eGv=w(m{Dh z8LH>MK+TUca}K>RI1r8@)C}TiP{n8KM&hjogSJ21ID_ta zJU9ngxXmEh2zt3JTc@#GM2~B?OO_I?d}-%Ar+QZ+wlf#3uJrx!)lV{LpKs zYf4C99Q@NjL+1CfDIEJM93|J^cV8%ZV9=3qXFv9SI^yD@G2-OG=u#=15hUT2O$_p@ zXm?z;ED2Y)grH8Ar=e~@iDthFO{*=fsePjlwceCL71yyBD2&$o2H z@8MG^lz2E%p>!~4**xI%;y>0m<_N}Eihs-?9m0||8iPCVEW)PGhcp70*dSYPvsEc{ zDoC!H-eC36qr88l$<7DO#)p&c;Nw;ruz122jC+n-PqR56`64TS1^*!qxzUNY6ju(k5m9lT~%a94P-BL@4iD1b#oueDbZT;kS3?g zUa1D*o581vCb{o5!&Yt}?Y??%ic=eFvw?W(TJHg8<5p8Y(+4K)aqpzF$w9fEt#Z*u^4M|F)TpN}8&K1|GaA zuY&qa2R?!nYz#AEnP*s4Lc+~*f&3pZZ_ zuMrDt(Pl+gCBT=MGJJ0{Hpi1t(X#WlX<~vK)2Srr(K??GGQj74j2cDZUQK+=NS~x` z1+j6beN_JuSs^%y?%K)yH*oQ?r&|^1WA`W0ELOEw1=w{bL|V35{MQp;o5mxsV>@WQ zz2vIU+Pxk?s;Cc1+7C-E6$K#nk#Yvma`*7R-mK;UCzP$kxPs^TeyyX!qE~d->Z0mS z3fT#ogjnoGY1f(EB+{wWSr^Qe>yh8P5#9}8$f$h<$eVB363IcC68@DaD5WP?Pr{xl zaG}Mo9s7aL=3RexvZ%CkEen%F1c!^t)PJaiGY)wofrLA9JM}45WJr(zP>lN{%WgZ{ zlK-onm??f<(E@_~x}>x`vGjyK+OW!?!+a|cVkV#)FzS{U#cYD@TXS#ey#ds{Pw_x$FR){#x{M)Iy*M#?Size>zYz&>Dk%t;) zT5;Jz>cogGw$cq|w8-b+R{`+)0GhJ8A?Pj<=5#;sb4ZO1VJLge$y%z#XtUG%lFMv{ z{c7cNbf$IZrqx$7PV@#BE`M*tAsY1BVHJBm@&^8px%=6IY18D<=odj2U2|5PlzdG( z{0XPwF4ypd(KW*}@~j=?6N&6M&yq~vDS8<(cxg2fzPyUe2F=ZXSvF@&HKTJOV~6~Z zAs5^UR4*27!Rd!&-OOszFp~J_2!-93&xINGE8^KkfLL)6*IqCYy55A^b(lv3uXsPz z2+RLaa9oJ@BAR>SYuC$s)m;{?ip?>_MECvhe7~#QdARc*naHp5n zDBGpa^yPYpH08hZDmvo>I8;Q^{KduarqKc+`7-nr&hj{Y(jkZ?Sf-Om`gs}^K?nIQ zfo8V<{^r(%A1a93k2`j*Vvdq@edpwZH8}?MU?}J6rbh-3XJeobQ8)XOk*-bh5#z?~ zI@eusLk$Hw_1~x#%1OIu;gdB(7cD=h;S_slXAz+eTW`4bPz&H<4X7$Fj?M1yw(?Sp zT6n!XqdQ-X)3%A?d9h8IvyA+1p@>48s3lIJU4)U9daZ)#VC!n;j68x=F#JWOXdY)a zK0LfW`VXhIv&r`zx>7>>Os(Y=Lj>|b`*Tgp)g}iUh~p5O6Z38di?U=M8krWePxqVG z1lXf-jZwLg&aPMK4gECB>@Q)oD#UiNn#}l&K6jR)6kY67a#^i9(62uo^?_U4PrwDh(X|NiQ(`h?Sz#l8?6WxUY zyjLHu7v>;8-w!P8-)|6wQ^!)eVe#S68)U(Sf-x|T7WjI;(optGufFs70qMc$2V4sz zPl#9N%SoAwNS&5$v2}PI41u|pp`1Z|5Cf3tAcYGSx0@098=w`-=pM>8@=K192o=?T z5;vWVAQa;=?Wjy>k7-H&aqZui%d~(MPEaONvd>3*>%kI2vI@MdD(p%iI(|}BC!frW ze2Ybenk-u#bZle@vFu`{el50}k+puhj;W~%Jw1q|4fv}T3s^LRI85UIgh8B^b{j^` z_OeghGYR1eC8C-erVKRUyvK|gPERMm=eBP*ux%50@IyT_*ETq9msi&F9vMI!jK;TE z&$O2nEjsZV4(@>#S6Yu#qC{qhKtm9=pcwj&q&@t7k=UFD(layx*J-`Qo;^u_lzI zNa!e~Vq&${I-u3TaD+uxWh(7CGa?;%$&Q=xTR67mh=1j_&-0G={|464xbBN)rS>m zA8Kl;f7d<|(>Bs$~bHsSpZG*_$z86c#+-gAFjw z8jwlqeMJ5|s@X~5_xg||{I-pjzLkQOPZYY2#{dyd2akt@f*`XXFv;bbMB;!A% z$@&vbZCqwR3EiTg|Jvfs$qZ?9)MG`HFeej;`&S(+?+HGJSzNgKH*ASTzU^5gK^)$I z!!%;TO0H&dRTgmPcLTO9?FSaAU(zi&W*z(;n1kKVPf(22V$1~ypn`7JTr;DkP1wqH zGSy*vKDPSM%-^06tn1I4oay{i_^(Br0D`$`fYvf!hcoli%bK8IeE+r>f~3$vSYo|y zdk#cO8=S)Sx#8la7IY{P-W)DF(^;PL)dp3RFLozOHDX+%pb>r?CWC)jc&wKe@pgRH zE;;cJjx{c|J;Pu?!d8>PJ z(z_1&sZya}ue9iJEXSZE$@M}1$I%ZA7N)=c4P}`;|JuacQ|F`v@qNz&%tu~|#VPTZ zyDTIP-VNY^W6f&Y^qug~_?E(}Hu1`RG@&wYTg%RcH&#H1-?5?XImW3@L#&un7br`* z0;$h6+PObDytZ~ zf}V4Sa?_>0Otza5?VEv+ducwiMp8ONM&BR8la~XCC8^eAc$eUgQ*CI&9-naW*WH(=$M0Tev6QKAh1gv(Tet)0+B!M#vjts}{w`BM4iHoLf=O-hjNs^bJCV z7RjZ#n0}^?a9WENjFD#0HFb&F&09NBt8?q)^DC|_GIbjKG~ke2v5@=QSy!%z+H78! zU!XD)PfDUi-X&;dITC}(4x$#jYthP0g>BV~wX6;MPGI>n*9i#B*RZ+@E zs%{uO+wm0LA^n|b6&B|FD>mu>wE)QYwFsUEXkTdLLH%ND(y^w1nRic!z?U94(yvCL z`v+@J#K+LgBu{)C!SZom;?dKr!l0qxA-tIkE2MC7}7qUb8hn$GOT5aWZ1(?U{_>#8U>*2&{B!|^4-+* z%&8=+>f=s*!SIOD?jWeU#D<9p!Dq*JR>)Oj=*D^m5xEc`+pbJenQ-h&y=j`#+H!(a zCzqZ8@*xL4KEG4tTNfRkok@@t?8CF}m#Mk2fX-DVRDvb-byqd(q;JcBAFI7}$ghk@U_%kjR*Y8lzbIckw(bAmjD1Ma4!UhG5FT6g|1)I;V7H~p~- zPPS#88D`D)d(eidkroES_3NW=;@?&s8S$*!b0IeJr2cNe@4b8jWx{dnNXr{lyb~OO zQT@7Kh)aw-$C#QdF>uW&>+z9ySprR{bV{0`si}JQZb`BRBPBMFpz?DouhD=Ho6Miy1V-Pkjy~7Y0Wa}# z%*mqs=ZSLJoOYmp5|N2?0Rby;)_*P}3kzG^lbr_cRtB;aMBn2AuwYTpfKuF?woA+{ z8MADl$okRZ_zUNH>ZEi z6-E`T{vM^rTWLlij?vjgqt1@T)KFhG0S8+WVHX3bL@?H?mX{!YOsfUMuo45Xa{L~a z)5qbq)seL*?#Y%>%Uye5aEB+jH_JOmo>zWhGuNftLXAZqvLn~#Bo$JRqrC5T90e?5S+Bb5?cv?e+rU6gpEW38oqIejE_JKYE&6eP6ZB5Cm$&AqD)j@jBnQyXn)Lea?{Y&+uJs zu2B@+$Krk33Ql}BN8jnTtsel?lY&lv3?1&u>VmON&KiPRCq`F7-gjRcS{Vu=Y|W<* zs(Fo}(}{yrY?m5it+Dtc7-%OGHx=w-<*AsjT~#gw%gQo23R8qqRMVm|Jr`ZQe!4gE zs2soT6l&8F zkjzM$2T)Wo>oG~aT^8w>{eg;EXJKy2RMF|2K8wV+2c1w>Q(toXG(C&{BfWyz^n=Cp zf;*TMx%Hqz;Bk!wz-#T#vIJk55)#z`CIH6aYh>(QWU@P6L+^7dupDuAepM$pv}(RDQo;^9KzxR* zV7k)hqC9g>`M*2=fQn9pVUKlx-c^xLu}`ffvaMN%w1kTyuHH*Pa@vcN8l9FRr9NM2 zjC*;JEGacP*&M+VdfF26x|@z*_t+57Cj}sgaB?`_1~L13G$99q6+EcJ4(nml&)`Wu zV^tT}|Dmg5$9l@MUDe&(0$8zE;Y+d_c_tj0EaxNc`OKz0L%q2X- zbL3hT^so!&MtQNtJKFvG8Ly_EtBwrTG4k6(|EV#qK;coE6Z5~#Eq^S<8jCrZ z`RZWUS=R4m5J~&juUc>N?G;f*;tS@8C;iyhX02!{OhnUY_FXBld=DS3o#MFycIWw7 zm;I>(0;-B6glDIa^c$8+L=(oWc&Ee1!~`ilIeT}fjCtFNfe4Di4>$7<4iydlzn_5=E!D~kPUGm(r680qi**X#dT zXvV+IAg|FOOTW03EU^qhJF4VEYvB7BCkR8k4Swum&CtLtjx;H_?3##dTp6MZfW;eq zbGjx!OL`)6ydDy&L+n$)DT}b0!-*#-&;5nF>lp=~&7_$o6A;h9z>w&d&2!D>1-_z7 zoy4?mnTLET-`_nA*N6aS_NAqz)-p7NZofk{j^C=XY1i8xm-?;#aA74lYP}(cXC(Z2 z_I~9rOl!*cxr^*np|I4rb`W>eVgnlt%lTn+31= zTvQ@@(~aNk7U7ImBrM3$B%@bktC^4%7t__w)R}b1e=gh4a%<90E1Cg(5!T$M(&$J?mHhEs;tyS^s1_HX{K4149c&y7FqFL z?{>fPhx$1HR^h==IYQ`?9=Ft>gZB5v9#I7A*a0ahJ4{qg5bMJr=+!A1MdJ-9fS017 zFI_MK*ZR!m4!iWWLfVZ@yx;CJHGd503IdFQl?OIlbb**6tzL3SY#>vX1c>+7Lq6fG zZ7{ZEVcJk(LPs;baoB_ymzby5tI(=kY-m?myUD&|Jf}bmTevv>Eq<@j_!3t|J?^QRH%h0a(mDqPGzDpP+oFk8qKQRjt z?;Obe1B`E$r{En6-Rni2=7?-ehDSwTMK8SVD?Ida^*IEO?%be~KGoryOOh-Fpfc>P zBw<@Z@R6_QrA%_ZI|5u!(P$%=B4%xOG^7pd_W3d~V7`?)M0$#oBB`jTb6>hAgQU}b>@ zq5vV!y&UUOC>Y%UQV3DAPXI?33U1RV!l4jcgW}YKHJ2%MTAH#SmSl0i#o`|TE0%xb zyq`q#NbxAgfFMNMZ>ZqY*2`6fG&ZjiJIckeqsbR&^&yR_?Uk|q%g)Wn@K8XO)+35} z3o-Fu*yHR~KiZK73KFAC+suIozp+JYkmW@11EZs6gVFeY+_$OCl7~~FmZH)i-K7WQ z>VjYA(cWNgA7%Gub#CKV{@o_uU_lc82X=+_vP$;|)@F<5m~A31YnxNE=UQy`^I)s= z64_qBD;c-~cM5hpU6Ht&m~6s=0u8d(37cj;pH1h5DRQ_S?-Yuu(rI?Y_Mif@Pk+rv zTh%V3Wv#aZ<2JX#>;UVMD){u3De#A>D@0&`xtZjJum^4hkLR}V;Yjf1f{aS7 zgo^C$!PzY(laH%)ES>P07(>%fDyB=Ok|d}PPALL`HEwb5ejBrcc^|pgKhE(O9{mQ7 z&w@qC&6{roN6x7hP;0&~NF@L*84AwW@Z{9*6jVE+(zz~!-uB?D_Jm$sx7je#s*e2v z8Ovc^OwGO!^~SZ@a3IuFn$6*jHvbanA(*w>$;lxyIQ*ZhVfW=Kt6Hy1X!Ge+Z5OR; zEreRk(7&I3z>{BH0)bO6g-o97#so#a{dz?gTtP&Q*I zI|Z^crInlO-cB`z0Pf6FN`LpUR2h|qa4pWy+w6DvMn(@FUD-y$5_Qa6ZMPK%=5%qV zWoC3PAs}jZRoVy3r(T6GByF0f=ZmwAr4&)HJU#{}bc$Yd{sv&gWiyw$f2y|L1<4duSr@bz_1iU0mWqs3F1E zFUMfjw7HKfAQZm-?p=e~^QYkK>46+YeSg40ka5RBx=sCewo6Ipl&`-+580iEjC%Ed z+#)xJmgnj0JYDa)gd980cGFL-V9Gb|HjfjzjGILGKTq?FiSV?Ixt3c}1zwJB|L3

*8Ce|X_}&2t{boD{C@2u-fH>sadt0wK8f!(B{nhY z)mn+yUyD`~U1G-hb}VxL#9~2iG&1kUhIj~suHSZc_S?mr=uN`V;c%AfNj{s3ezkx{ zr&e5R`1tOq80JmcE}Wd6-gG&xMO9qFr2*A_^^}3UcmLw(knpNLpL&WWos&-ovvC`D zw20h>!#-dHC=ld9YTgF+ya)r#h!Iou0^aX$o_7D*Y<#gdLvE+@uLb)t4>tb#Uqzik zr5%A8lyv`1CfVl#RS}cev^K$JDp~8$v1?Nq7b;4%uc|oNtHQGDVib z0s+hDUY4UO&+j%o?)myoJwF-az7m`z3S6IK%y7j|H*)6BIxkg_j`7RYZVAnheex6) zWj5+g{XFB<`xYf~4R4F;`IB&%q6_w=aTO#&n%#%+V6gY4jK}xiwf!I`;2$z13Ic4h zn{;<-G#qJneQ?CEaIYdNDEb*NNtj~bU1CB5mHte`{DjINaCVJ6eA8qE*00OEbW(|# zc3AOqoIGne3U8tQvRL?>3NT2#^!G4D;d~;8&z9qLeu8*Jg#&V%XL;fA|0pD5(2W}s z-p|EdIb>UF&*(A-aJKFXX%q6Vh`m~jr;?)yTmi=oSqHQw}0C>jDL&VzFe zm37~$_3mMPB@cc5)w=?pwHoIg1X|02ez5!mT@vUf8ORyc=in!0psiN{;3F6rUV8r; zCn#;Qd{Q)aN?`W6IThP-O0RaYosVD4&3+T@SC+3J!1Vd56P!;mnaAtEbh&lR!863b zw<|L>dVjM+-8Otx*=$R;E$lL+h=Mx>-zk-0rO{VRjk{vJZYFkQ8>W?Nk)`zS@Mbin}6s$Ifx5j z_c5_xj4bl%R^Ov&n+1||8Z^lma{dTxKn^Tq{Q2qchrPrPNQ-OuX0tyX@kKpHoFX3u z@{Jjn%e(G2|J)Vxvvq)3AP`^DdpNd--Sud)_I6UNz-G}tKD>>K?C|O@>oRVmcV*%u zEn!;xYf+BY-$qu%#^(5Gxe#e#OD>K?GxiE@#LmUF*un2@(+-jjCxfA|b_ugS7I*J| zMqa_aSI6@HxbDdy+9RPPSycBRhE{E*GVJ?-SP8C~UUq+hX!et&;q%TGDrVAev-T)? zogb7^n?i;O&+WD|j^>4;s6<#vDTn>k#DBx{AwVUyeS}H*RP4%LCmDkK)jj%DIQLWu z5yNXJ_q9U~Ldo|tiaE4)6yRpbf-+yJ?MJJ!yJH{r*q^{{OpVE*WZ0nU_el$I>g}<6 zi-(Q52FslhRty6<{Tj3_S9ZtGicfA(R%fkG>m7ILbv*Bq`0l3IsXnF6`s5EWUq%xU1?5MdxhLf3kh zG&5?KyaBBlQN*W(3V`@)PkDZR5toy>M=Z78$r0X0 z#O(bArIt!JGlcz=i=ER((7+yD#jT-%55^n~Qp>K~s(Of_K$+eR>i1?C20SI`2IFaV z%w-==XpS8_mlbuT8hv#qCXyrI`R2~YnjxOoRfLKU|X7~ZB6KeI_B&H&@f6}rK zM03;3OxbGEy{lx8S+jDJYaK;@B&y4G^-~h#y57Y#IMr@w3UmVBEI(yiKJu$ijK&^+ zO&wy$55}4!zl+MYRXSAVA;h(CTiqZ7xuk@hz#_L`zR59GP!cZR-S zlw^cG-#&X6a5<1qipG1o`w|cS*1BF1D2 z$97O+R?-nmY!QJdW*Pj5L;HAZ)xu9bXlg#^D;I^**IAhYUbXFD5m~MEyzKkr&o7MR ziT9p=eqsZZfIlLgny+SRpHfAq6tfy6&O8+(ZR*Z>cC#^}!^eA68#H##ufl zA3HkaJ8!QLN2Jx{g17^=rP)eu2=+n~_{KaQPN|b>nmfZ6xv2KXeT0$^ary_6gvW=C z-zjd!Jwjz9;@18iG?A}SM2V1a*5619zixAK-eq;TQ6c_61Xh-;b5YWxjO&25j#s!6wCBmy8C;!xiiQ zB9HJabh_~<{(jgyG2&IHl;DpZyt0BaQ`o8lW-+7lzTeGai@)x(MB?;`9HuyG$=h+B zE*e3&${1~VJFQ>k9C&=T(yUjXKPmQjQWSQl+YHbS<(j>M8G7k15AdW5|Cxj9Kj6vs zd9IW`le|u=fl!Bqdzt!QoL^JmWWUJ>QN$;PukoAb`UdRil=P*EeVg8&lO8b>t)aCu zjlQ|f;~zysJx-}8CWteW-1`$zx7SD~qoDEo`a)ZofyF>TUh)q3+vC5Y>jvZNP(`n_ zAXJ8J-&C{HuG&usQ+Ye2a7s!bVoi(x;M{P7$||(B3DhGFitz0CCSuLthbdgsa=Klb zkY6j#KV2}MbuHlYT_*x`x4sWfuD4KU-vv#Kj|qDMPEbI=R!}>E<${w69xOyj=Fep_T7Wx4 zvPzt^w1j!VV8+ue@uA6hUCmBAFUN7>D0lUmDPX$I!-4m_es-=X-bTavkNKD|W}jdv zIGj|sV0b?4VmmKv;>al!sG1TNkSfauhnn546)8o$ zWj_}s>NVylkrDW(AT#n3X#VS9i@vYP;=`{52(*_2j&#Hjeb`2be~#kBE!o$7b*uy4 zf)|VDrW@tJF(H`T{Dl-3(MKt<%g92M>PoNwo97Gu0PNRM~jrk=2eH)ul0QJH?F#{Rgq<;xZ^#7gqY_c`2h zcaO9P|6j54O?<0zQ8?*Rs8KOK&?K7|KaP|HHJpSjX*%3YAUi1f<|1B)_w?eKy=Xyu zVxMJx9lHEgZGH^u@IEOR)+34MLPA+d1wU?6fM2fiT}g$STx&@pU(sH$GEdKSIB)?y zrWz$D7=90GYG4n$or5Xj$^|_ehkw9`99y`IDA8)KO)}IR@tY&~*Z1Fj`ENZJ|B=#p zg9GRagMJF;LxVvGMUY4T{Ygi?sNTNW9HQQ^HLi*Ya57&87O|r2S52dvhQ|=~-i_O8 z#vs8F!)%Se0IY`GcN6g9)YwaGc{WL1#@Vcg?Gb)O;xI8E^=?mvHazv^mo@V13J$zy z@kl!RulbKe8-|*AUs(2ckS%{+ZTIbi!QQhweoYePFxr(hkN}Oy~7Li}O5( z4HdQ>%g#61?*w}pKAIz>iksRy+7S{naFnbQ5(W0+vy1Yy0)ooBk*X(6{BtMvaAy?O;grO{C%5 z_iJ(h0YaEnD^f$#4?WrKDDVjMbB|V7IhuKvNNtx5c9yx`|EFKhL_wb(Yy9C!pE zBN;=)-1TwqHfl2TZyM9QQx{gmu&|*0RgNA;?6iDWy7*S^%Qyix4MD7~s%qW?r&%wg zHCTqs%%D;JBLXfEuOxU>2l7h}jVgk5cDkhY1rf>*%9L(B;!VqB6Y%7kF~fgHYmg^{ zlZI5zPKn?X804;c1xpuhR&fT4MpB*>@4oJ)DcGe#*>{Cc0xs4>PNPNGv*HYeIHW2A zN|f18td3-Tr(7s?sNak}T#ob9P$}VOekyC0om+>X@*L%%Nj}9o3c7m8N*R@aQUoF^zQ;N!0nk z@+Mvs@Q#fCf{1n9mtnd$xt{_`Iai+`I4`|DEE?4rH`yda?M;SBSX1&xZ(ZyY-zA{BAp{qZ3_r!=JtusjdSxrVq{;P;SZ2#|eul>fV+ zBNprlzM*6F&!F@1X2DX<@dpId`+s;@-RWnDBuA|nEp&mp3KYxo_YXJO`*?7$G4#7v zKl#@q1BFHE=lTzv%6tfryHYqd34y^iLXT@zmIyXbP26i&x@p`V_9aA@I8Y#IDp=%h zdxXLk(b6)8IvJ08erDCeb~-TA`L|B3BMH@`vj3MKNZqb1*t83dvnUrFNwQ^J?YX(i z;58@{sV}PncyZ24Y=*UP&r>+WIU{X0Dfp-dbKdWC9bW)rcLvxPW|l^;hiS~QnO4Ia z7!i{n-B#k-OML?>(K$$)N57o5Kd^N_%l=)tiYKXy?F;;1EK$q*V>8p33iu{DoYV3 zF>w8SD$t_%2QfyrN(g;Zuo7SOzB}|crN(sVlW-MA2^CV zCHTQSID8m6hFTU>m`Sx?G{JS=ut+lk=9&F#v~0<5Ezb{zqce)lZ>Egl5jZ71qpNN^ zNH_e-L;XXyE7617t#!$YHU-7Ld*)Bcc=|V88bx3Ejet+Th6IjF8{17V8lNGI#5?t@ zVKIBAL{&ntsT*&EOKfiFC65&dV9&$WFN4{&R^r)T1U2;O0M{KG1yre<% zX#&bkz^(QE>ElF_dI=XQ&uLebYsuuW3oa@c*&@pM8{G3$kOujtZ##G7%7nhoq;%$s zFM&@l5GGMyDKbN62cOkiMg=K-kcQHf!n1vNcuYGW8R@c}z>-mZ;(vLN%?sXOK17DZU0nWtuE{ zfXhNnL%)W*^Hr%djqsn@^)82#Nns=}VdL3?y5B$mX`yM^9N!zd+QV#9=lR!@Q*hGV z{7=_h_j5v}TT7O7O@+YnHpt#q{y0RkFKP`^@Eaw4szqSOCdabvk-V7vsrk6^ITHpkT@z^ip+`rb6N9Yv^!r61G zldDBdm0$h~+UC&mQ2Ou!aKy}SU1BG3(&6J@##S!Y+s0sU^?)P4S*LsOwS}J#g_(!A zynY1`nx-=ex!ZnTe*Bj5xqSKZczeDG&$>FbV2Q*NkxnvRn{YW_qDuP=cAHQoUN_SJ z4sl%{ID?kE&(eSdUM4LX_$jDZ?ZGPcoiVF?z>%GbOrznme?=-zFQhO4+YXbQ%PUIa zJSlSjE3v1YcOq!%r0Zgkx1dw?{pROuJxAip6<1nxu?z(8g>0KMT_%^=9f2dvdK@;^ z3!~u1wNB>u+0ePUX$ypH3qNc?nBazVZ``$+*g34%b_ni1xWWM;MpSbAe1y6hhn$zk z`R(i&kO0y87K8j-G=$d#CHTY;LJMR5DiYE72>is@X#0J zO@TglOfah_Z_vX<_3;U2yUme`)RQXJXV=*XGC?o^vdKS+v3sN1x2sKpu@^=>qW|oQ z#@QhPna;oovMRZh>qJlZo3?mPe1;w|958?$T$xYGkOCZ_0m(_qtGW(~)014zd&8ON zo5JZPMS=Zbm-r$**CGKa;u=vZV?7UUOdS^_$o2r>>Y~rnIy!)BNEPf(P;6)3A5m%9 z`x~Jad^60vpQ&YX)RTaaI6Bv<(JcMI&1lLra7Ry|TooTg^8iK!(YFBBC^xI~vs3^p zzC{WN{hfRs7mSMruQpbTTxfyz26cT6|AmVuBFU|J?XtbaDVCJOL!%yiry0}_DTuE! zqe1VK&hxlFBXNDL*g!p@Fi|9>mU(d?(G`)r(d}uPv8K}=fL6HTTO{3#RH5cy8uh(m%T${Pl1o%h@OUNDB+&wsO zm<>a91FYZ_kt>d@@w)7Ri$P`BNAOQ9uH$io-{Cr%EKuWTb2r;L-T(wA^4*>Qmpkea z-@!7TWt{zb>!^8(0rZX*=PQ`92g+%T#sE zWYLwm`~JAeLM0lnCw)VClQ1*$_sxzCXDQC_c?tul$c)`$|6!U$=nz0*;+SDVTsF@R znt%dLjxuFv(I2bHUP12dsQyWhi-@LrOMDvytmq5C0g+fxMI0En9g*)2oDkUlo;+S=)sdSCrK81rUztA+t%ABmFNg1sDtmezt}RQ$`$}ai@OC7(t)& zVp0rZQ`aRIu4*H>HIKU$sD=AayEGz%CQ)eir{meiKsXXhlI!Ldy+J4c+r>)XOk2J$ z-+636ud-jEeZB>NsWCFdeh+ekW@lM#v}vaC6Iw2;)3UYZpnF0xQTKj@Fk46WwR8$l zcD*hw-ATmeeNL?!U<&Rc1kpgispS~?ag6*x@dN`MLcE^(XWeDTyFai^|AwiD@m-#Q!S zi#(lL{$aBh-?mXgJ!} zCMMP*L5titYdsG7L-w4>9ABeg_rh4s7WO3~L1hJn{?JX$bkBlJ*zvLN@yE#;d%cFE#{KH%+BMOv+vIoO z;FZ`?N-OcmpWkPTn;M1xO@QHK+j7&N128OGv2S;$k`BM}OBl6BYgy{?-1A92fBS^G z<@AHCp_zkWEIZ$ZtDD{yACDF1YV&>X#6bfD)>)Ct_v|!Lq^jBg$e%v@{vp3Jv$FLh zL5xTgcQg%QZ_MmOYE-fFBzLc{wG>IzUWKqERYY7SkrqZK^I`S*D&-uc;+y$P!&=oU zm$(ln{%FX8l~v)scaEag|70B&Ywcf3eEgRv{Rz$fZ)dCTtz8`9w!mTfU1;IH1s5q- zn1;o5xaCt_$xb593UcRlu5rqjeV?ASc-0qqmEX0<6Qb`oukw#ph7BZ%7}xi!45ZyH!`PPF`tq z=7JECfKq9$d7nCFX4JKuD`@A{iv-LRP@$1G1uA)VEl#LhU^MtjU{P3)+UZyMgsvYb z{VCFFkY~1(zq&M}WbXSZ6Oz%xVKs*ZL*Mg$HvUbF>0Qj(S`abv543JkKzC*`fwJ@&h`1=N&v8dVSPX2VHB&M$;G8q%1wBoYu%;W+p!50qg z964|2{ipR5tJQ$gn&cf_KkaLX>O&#(V^_h{2tKd@dy4;sw})ffHf)y&oDEs)^`rTk zz_!-HCK?OO=zg}9g3WxKwIR#~qayiry@b--9gd0`9u zJyNUj1(_dIYQ~10&5@pT&5Q>sv>*_&M=( z6T7*pzj)>5oIFz2bDhzmvh0Pv?jghxwnw~ktfI_U|x_p0y2t@&;3YLv+^3No_6frmH^ezwBV;Z;Q0ruVWH_|CG&3qX>AswP=Cww!Y3gsse3`L!^9@Yh70w zeDh%PE|B~Ym{>dmM!6kH>+M+jhDr~$Z0ku0&&~*huo9$z@DcaR^b0*s zGXA;%2xN7QYQNgQKCeyrV=c|QkfVr;I(BebyXdH$;qGRnRI6(g$l>>mx>*gWT3`^D zg%g_hw;!}qofP5e=_nZzW%T}CLSz^2k9(5gd?ONw=`H0avlDX59;s8iZLgvQV(3eYEW1%cn;q58j(5r z1%8L$Hqi**C`LuIdM-HESxCG5Gb&~pd1KvPat|j*V6TxG_MLob zvA@5qfqBya3-q5srR4aK4KYuVMU?qH_*GFXN^e%TesR-N@i=xBVUXpEavSRt{Nkdr zmxIROGfKXF5P#%FEZwI(^AMaf;01=h$ye$J@>$;7#sXKe z5dHBDG_0C#sNzOn|JFZNU^HNm*S*6JBk;wGN(rjp1nYM>`cgTLeWzXo3sWhomWTJ^ zwhpR;;Y92LJaL5-|Au%PaDY^KVlu@nUeEEr0tO9&z<2uL@$|wwKSLyn5Uk zs9Z=g&-|pw>~vFLy2I8c+W67i7QpvbpgVANsUY7SyCZM>dl-Ze-0zbPY(qXj)SgJ( za`R4{Xt0{uE?#f`l(w}ynfupdn|Uu{J7T$ED9VNQ@aoTJVD-FLWn0Bw4X)}2MAlf? z^-9?00+15wRiL@~l^+bbz(j5ehmA!>EqMPSEd>mKI3sjr+HspOS&|*AvY>zKai|m zu<;aJmBp3((YFKeFQmH;vhrFDlTLqHY*qV}e*Cq2;$7za*i-P8$2G}E?O{ZnNv3Iy z*L6clWWTuTIrLLt*!?G5$y|l~?jRX%(}%NU4~bGmb3vx+pmSFk{qDH3n6Pz3Sx=Gj zhxnjHMn)^-!huwM?o#5Q`GiU&%$2VS>95-#HwF?mClr|nC-YwAR#vJY@f*B+zY)Dz zy`p1SO@^_c(sW>8QT79e(czKuS80R4N`Kz##$nriA-cCK(kr2VY-?;#ywxc^w&6Z5 zj>Zwx1v{gBnZx%Jcw}>VyYsDw2dAEThG?c^4g*u!5B-sO;;aaf&}X@@p&R-4xT z9c$kkA=z0-$A)MDAsP$jjt| z{QNYaZT;%_cT3HvxFuiF&-60e!Uz++mF&r2010h~RZaV~u+%Zfsa@bsY2x#DBnrOymXE`y6y%>$IY~II=R;!LZMIDD%3xy!X{s zy!5pgXo_*6BLHDa-$l*;@U^;@0pClWz~&Jk$F%GS3=%1`D+WVwaxEJDV<-9NkU&jH zF-@M7S@xK3t^A3I)KE#UN?Bc|(U3L6eR~>fIh2f{{CP%12{RXy8WHVrA|UzaGoi&s zXxyI2@COhN>AZ!x$`e1;&(dVex$<|eTVG9e)sBb1R=FEwjYhsadqR6FenZyf+I4=o zLlrS3`4@44TrTeP8$NASXZuTmY(+golnot)w$!jrH;K!b>3n-^7B-LDPC$4Dge%z+ z>^bU?);;!TieS%7BJWZ-f;|82{!(o8*k=R2i{5CUnKysA-yYa4^r1VxO`q z8$hUJ);<7^g4XE&=ttfJh_-K{aY=k|*S;n9S{F78->{ng`Q~SfNrP+N2YGYm{ttJ~ z*tZwEoQI1|ht+0k;#>p0xi~*nlLClvc=COpp`5H*Y1G_0Htl<6`86snM)0F&{6iq! z*I?g8OJ?4m_^%DGBCfcMt_l~9XmP*GFm88OWMtKuPf^)ZP1q}BnMpm{LAy9ELnhCa zO()6DY?V(Fb+^fK6U8v)cmfe^#Iz4$v+jBvs?OhZM%^7Y99Ns1P5X)lC9_AiTZcm% zRz>>7AvOJJ=5O?(A3hk)ch&r>Pi)*N0Yh)ABw(Mnn!`tO-sW1tqL$o$sbM;T!VoKE z4`X_kK%#4f<@9yI2wx_k+Z;obJHay!JqDnjKdCYSU=aJKLm$i^g^6xJtV8LEa6w*= z#nPvYSRQGvqo3OU?zHixdkumfvG^j{sJLbsh~cu4`U0h_MC~H_N^Au+sBjvuC6~(m z(x#u8b3Bu!YhwWVoya-uQGj*?<-R(~O>FPSOCU8X@udfTy{WeWgmuz*o4yP>i=xel z(zSKTJaOVAQcGYmcknYM@cKWj=R#H*P?HD-9^`NOeD2V(p83o%Syvl0rxw!jN9|BHCbr z40I205^w@or20S;%kGv)oKPn9bQY)9>-?jvpRq<#3({?7AJI4xpJfPnWda2Z<=N*} zkI#5XR?0cYol)NQ ztK>bQ&)EQT4Jfu^O`_3jcKAJ-#s#D_Dq$|21489)Ht;n-OUVApmo$J%0&Klhr@;h2 zfZG^$5nRgYKD@Wy)u@5N4-93Wbqd03fuv!Wv~5VhQc|r2*5dnU*w^AuX-#EVJv~li zX=NnUfL~`N)!~yinnDRvt#!({^U$)9Y!W*j_Vn7=aulORQQO_8KyyPc+hhWG_rcys zP|$ni`tl@qgZzK5#ZTpctjs4jc|{h^hh7Tp#QD$CC@39l;7Bv_`IWl1d)SxHs+o7e zOj8w33phKS6@f5)nyvIUr0+;SxYM{(>g7OawhWPiSkTl%kT)h!TSugn>C(G9$lnH_ z!!X4~q}JYja6mBJmfL31JYK0-8ewr>{p11)>yWB@P|(r_p^PZ5e%;CDt`BJG#?y+> z+ycXb=xNGj&ci{$dfn-SwCvMb#y)Q zF^!9+616j>P3k7kwm+ijewMUEsSG+NF>(&zNNIyg^Hyw#p`im@w@H=#+`W`E#97C} zdh9{!!#2q;944hgA5A_U=7BPT^dlkE-cWs~=rJFBe>LhT1rIZ;PspP&Zc;nh$gT@j zWB-J4>Tnp!%@wlgzQ+A5$`^XmX&3NoDqa&w-@LGq!(Sq=z^LAIo7hIJeh8S_G_1F; zlqK%2h5QIg68%K#S6mVBxunh(_cY`k`0CfKy--!cne+tY_Pr!SM@_T$+1t(MqrY}P zsId>(1us8Wlq+pMQxsJ@z9<@v$7bhCv43kCKRir)1W?GoIjkOdany9|hiVI7Y4wE^ z78OnJ!bx9`%9^i$Ks1}ma?&~oDj3?cE=lCvSPtiB`NwfG7YFmQUtg2jr&zUz_YiC>fm$C6y)Kf zwnslLW8->SC|gDxHpR@)C)@|wnDy#qR#?P6h%Ju#8MV05Sei7V#e4j(Rwf~#XTqrS z-9(O}y;y7>p49m{+7$2V&SG7iNm_&3_AUtQjMpFVXBQHd;K*z=B z$6GyB+Vw;*Mu5~NKK+{+PF|(2)OJvpVUH0KUC!C_)%sC@ZKkA71o6)c2Nc`34$6ih ziQfasAsvihoAdaNm-HhI8HtMX1CyrB@?x<87+fzn4|4i{#}pjK3QB=?>v|i zqvs;5I?(!|*BXd7g7~2XWZ*tJYF+Pc0`!t8kyUD+u6H3+KM~3I-$_C+6h+_B5{ySr z`` zYmjivWs3q)Csq#1pJ}8#+d%DFC&@gd%J!EZo74jjD!+eQJX9E*kXaZH3!zxU+@%Tr z7bmsMGwc<0>E&&)us{9B-r<9MYh#rL6Rrn2&nazy4MzPhjdi-uYK)>OEVyrA$lH@i zJAxhxXKu+@HiQ9!yChbZtk1l{vqa>F>?CR`*9wUY!jL;rJMpKPnT#YmgcP-pp3%c5 zzMB?7d(nM-uGwVXI7I9)+zHsv{2&cc>SC%##qukhu$}va&QEOtfyP-tzxg*<#&ZC zn3SZh>z6{){n64g&xG(?j*w*T^Cez~=h+X#T=%`_`rg|zn}Lns;F`UnyYfdOw`A$VehFLPY1;DxVE0qh+U0R_ z@rR`Cig|f1Eb9BKB#wz4QDQc{6TE)2&mY0-Wk%Pn6`**OitO8vfE?Auf6(4WoBJpirh)OMp8(C7dE#O z^88bCa{&3b&j^4)x~lp+gQ-DkzLyyvO?Q^9Q`C8;-wm0s(ec!S#~xN%?Q$qeB6GmuP{B%Bp%Be^bddiHMaR$XkcqZoysO1f*;0% z|Dwl3;{&G_nOFf%^{)c;)Jfw&y{oKB0s< zE3<$`%%YU%tTOGh*+b%AmUiJxi;0Dg5fDX#39xCjr3MGsaJGh!dboDsfALbmq<@qD z?N4!{Dn}d;m#yQ6a#|7|9yD%(;f|l zP-~9cXC=iPQVs`=ZF2G0wEzXl6MUTQhpRkY(ZU};rj}f;&;;q*D6Xe}XawHkt^@lK zQOi%Lxb*8*gzuXC&(4q;$7Rvs9;?-ftvh!PG20WGNWSKp!4B#BcjK*qe>hSiP zUu}NAF2i^z!J036`Jz(@f;#s&N7B{jT9>&pJ(bOEaL_&B+x%*%8*O!_|ARb{K9fJG zPksNlAe&z6jL?c-KTub4bosiS)kaoyvgyD$biqcZx!}a4q@Pj!$O=S|VX`(+`B^NFq_ukEW!Ja7A&L%hI03oVtS`Dev$FY*uMGJwj&w?D?PC zC8S{c!wt2CY0rQPWKp8ilf~0@<~N}XV`OfhPP|Yqpe3(hcb{AXyjPZJ0Kh|%c7ff- zw-D;d=h)g0xaP8|IY~l-_>IR{+Cj*dxVQwg0jnrmZ7v!n^Z2bdy_+J1@f#}pi+;ru zvpTE>rBp=Y=3FXq;ifT>|9Hh?P!d5yUGgt8qgpX*SSyQEu7aArG>Hc>q`Ty=Q;tec zd0&TbHon8nrc>P-$tYMWC=oI?e16kxQBsC6W22l_ihO-(wd z)&>)|7#@;bPoU0TLbP=NSs{l&XQTbLzewRi=mqL7;Rql#qw51(7Nx=!OjG|n$|U1{ zgS8?7F~WBVR#Gqks|4K+x^40bXlp zpe$5O%|gyClrEdcDHNU<+jKTq80%RgxSL5iaYfdHAlG_ltz&(nM@@Nv z=teR+p+LiLv@kOO`85q*0CkF(25M~>bX@}7W-b)H8h`vpKGLmvIs);VWpmR|=O7Iz zC?1?{@DUeiY?rRVJLv->VR69aOLi2gedKz?iKRjV&5d*{I$SP7%q!h@wK6D(vFcv~ zC73RykyQRgu^nI8(ox7J1aqDZG0Z_?-z%IU>V&!WXAy_PydoynhMtcuDD%j4>=@ z3n~juJ9A?K!s|-Sw@RL}L@rPW^;`5^6A(Dj=(+{R^d}x$WUYn&1~{2BJA3mo>TN zoe&n5Rz)tST;1RGqd>KB=`M+qi!}9#Jc)7f7p2(bNK_OQ#?Q3_$RQdbq-g%3+H%<) zB%K7Tl%q_qwn@@~IWfvzq`isgL1l}fl}9TS#>>9qkmFAMn*EWsw|j|drbNrgHE8MM zSj&wB%5HGo;@}wFCBOsgG$XRgEi#Tb89K=@80r4(u1|(c8eN|`Xg$|afnQ|2KPm*< z#(UkU&qv0LEwQ~^QWC@$XPP% zg67L{0@RC%drj(}3Xnqp8yGaZ+U?p5s9Q_y9KmUN?HxP1`G&esO?BqFUubbp+94f| z2F##eoYkW9yZU<&{`rg{IpKi9k3vXZ2!*b%DE)!rREH7J2d!@=FQV`RXt;6V$1i#& z(|xydcOkqM-p$ASozB#X(4T+U<@g61=;*`ydAfPed{6snrX^z~5s8G_w(pOY{HN0O z`6+!amoIg4?XdO|pA!Y(+08*iE>9cr$Cdu1i2TAI&kyVKZ#|FZVp9D@P?ahp+70BM zzu_-yKm_r1^>PURwB4RXXWZEqfJ-BG z>z$nf1B6`d&G35&{vN9~ll=wB8V$vTGgZQ;=qVC$o_5m&tf;XhRgM`-8_H0q?DI4> z%KFTN4{_T~5WKM9s4S=7Ym0KBW5Bm(jVQ#STn>ky&E1A5+AYo@a-Bcx)NbkqKr`wf zVNu)2FrXRPQM5SiPW(`bE#I$PeDkqqb%=x#8y3HY(Gk{RORaj z1B%v1Gd+duylM6jVpBHMdDgJVueDxCNJ&4jsC;JH^y^|6TrVizeE#>IcE+(cv1v4aZTnlj)1S?)BNg+T2tdt%e zeo28L;vg!x2u$kbG*hShWfGcQ|XGgja^ox`@{ zfu6IY!7_IvgM%~Voj)vi{O*Jg{Q#-#N89Iwwv?np>xI)s@8rtd+#rLa87nqiT&MMS1cQs0A4^;#_>w$|1Js{49J5bj@su#PVT?$Nir(QV}3t-#N*Ysf^}LTklf zjXb&$TQm&cB`o@17;KZSk;p78!Iey}H-5e5KPGKh4?Q9#iaIsMN#n1B-A1^Ay7tT3 zq?ul4=3*hEYdbK?aUS$4Y&V9^(Gx_Y3w{4ppq?>Rp`sG*@rn6!ML{paam!;S1H6S^ z-aNv>Q~&F;`Z-pqP${O2?T8Z79eUJD>=|(u9`F0Vzu<3#fBRng8n>^K3ON=Jr~c)O z3jFlqh$1)KVWm~phc;Z?|Dhy4%QPDc1^uqXux)BAO?R6usjBKPE3(5%wQW^&)a`Rt z>d@A6S|kE=by_R%LdNCx-TMO8tp{6WUUtjQYk?x7Ja3e?>|=LFPnMu*f!CQS0TvK{9L4 zi=OxZM^}@wgN24yIT2B6QH`3#KYl0$Kcg^(&i|b;B*#FsXEWpDyeYkGZM=+4`~8c2l08MJeH_6C^C>-lbn)hh8c`YmIom zLGq*gFnRv3ylW8;Ru&s=L)5!2c>a`e z(AO{Uu#lFU=GmE(qW<0bC)HF>I_10zL3NMN+e?Z%9RdpCTGyJD5h#>kT`Ze*MuzZH zmhLmcka8pve1CrJ{CHyw7-u zUdK!CUI=NQxF3%vxoLy1)!jyB8|$oftLPh!^uCDZ6sBkj9N`&1GAou@{{3y#qe?(TIe;>fbK(r6 zS$EZFM5a9hviXnm^ADewK-2$fy;_gt^{OvHrD4oCKi0sDw2^V1fwOU=@5tAoIt(z# zi=*+-zH0XE7)pYj0h9-8r;O&>5e9#eN!k{Jmb1St>M*}W)QiMB{_8Wnu8)=b!d}2O z74+nRbsGGE7^YoB^*Aq@m&-y3@;XpF_}}xSjPu0}E7hWnP8i=XokT}5n&ngo%mp&0 zlnZQ=-F9)>fDbV*r8srm#mE0?tcgv1XI`Rbb?zVv*JjalG*SFaz5C)x(>32|wGfGZ z+lr8Nly4JN(+_W2GgfT$0{h|Mun@(-prz9FT-m4f&Z+WJC*kEwpSO<|g$CkmbSM{x z36&c`WY-eYLFqymu~0m~s&;H7W-@o|tIZdjGx1j)4Q1rb0m}V<;hyG2UrprYl=ji%uP_J5(Tz{7eX*pWNeGb=Bdatt`;NY2 zQP%H;8*PEnB-e0l!;IlhfK-I)u85kWTo5YI<&BlCw1$0-@d7H#N&npvPfcfr3g4^B zdHWTF*VUiq>RQ8=KUlV0+`;RoQuTu~pIgk~7Fnb{i)Sy_RD(iTSI|8;Mj9+d54T(4l9?FRVim&Fb zsK{m|)XSCJg};%^?Gc(cxJ4rex$w)pOnn~g9N5(27V7R4T(vFpn{T#7BTN1xO$sW) zmitp#Kp>^2wbu(GhRQDaBZkxUTgF%xz!2oE9{z~=SUY*2MqV?9BOYvi<6YnK+!OSm zRwtk+WhbCBCL)d)nVO$H`B^L!f_}Hvl~Z}ZSAe0F%Yct^aWZT%U+103h{|sf#xKs%PQD zEQ2TZl2%mRbgtqF%0r^@iAb^`H)8d@mt(3g%`QZeG(?Co+!?^n$CvxR zrei)mhC6Biv!n!9grw;2(pQTd+2=Qm1Fb#DDhfZ@H4==_AH_(Q}@Sk+9r#8Cd+w*<@ zy8hie_N7A0p;}Zx%J`bfXv)Qr_&vaOLjBWr90=n=51 z66G?#dY9yn;EoLyInfa+%gq#m>L2sT5+$q z53Ev3*+b}*g|_i`ikD#*XHL`B83@O}gYve@m1ZiniE6{~-=%HiXVMN)n+|&a1Sw}z z;AJC@(9}1c|JNKlI^3&L6O(4eKNCTnkU`&r`tXHAvQU(vZ?yU^j{7#$zrH|SUFbWl z$wBmn3BA6p@?_iV_~#aXlcevp?;4-?9;r}<0exU50PY%QvYr0aBU&_+=vl#6M_nJs zUi}HRvZ+HvZ^1KxwFe3o#Lq_54p3AFJv}W!DAcV;X+f4~av{JWwE2Qj-&9c8s%k_@ zIes9>*IbYqLjPnd&L}L|KK@VM0$5r~`)bIgiifYEok9qtu^m_PHi1&#TWu6Ix-%x> z$)VhVvvbzFtDYVYff9(9(pag|TI?7~kv5!YLXbjbJp244TyNv5Ejk|QK7QQ_0$~Cg zK@vj3wE2zuH0@9@6_fL2Z`av@o&ePYydIaHFZb`n_j7e+pK_U0V_Sx=g)QCZi##p> zoq7CIi%(|S{PKU=6IESp4^touR-ts+StBVyP$y+FzImnK<&ASk`_%vHWDu(R$FNg4 z&?In3foGeYp^|PjyU|3MKTxXmEFO^=EacSfin)edp6*CX4;WKus5kiO;#eS>O#|0v zm-0P~?QR@*Ro9X|u5jG*;tly;FY3F3S$l^;+~dErXP!v>|-l1;lZTxR6uq>1Yj3TM_>&-QOuR zKF>1$+ZgjOL6NA;vnivW`uBk?z{_)LP^}E2yjhQjLRLt*{d? z*`9!TIzl)yfraboWd{^gr>XaMK8kK-;Zm6+NpMuv9T@P-+~im1eI9@LbjtWwV8X=` z1k2=~u8=^q{~UWgct}I}MVD`u6mutTp0)D+_n-Kq!Ga?sB@uaG(1*}9poUv`ss9<| zazOioIX17K{1<-Opm}y)|MyAHE%L7Nbyw!-*=y77W_7lcFOrk3iK_Sc#J@g0#hNtW zeAGH3O#e*@BHhv9OArOl5KZkzxl!2NK3)=2*@2NorOERrxQ`=phzQ& zfloJ3qAf*fm6~R3dnxtewWBDjbxw;`QGaf;j*s7mR@K(rmqJ(y0J|~pK6A$eW?#Ky zIO1vYK^Rj4)q~Mp)|+E1S#ht6M$s1#dLL8sDyG>1x8!AGe#13%%rG0Nlzi%A%L@lJ zVV#xIArX`(fKaP5{Jy<;8m#|)BmwSPJH^8v@n3)b^Ax3ab-<22Z-R7zhX1EM;Qy@( z0=%HrH_q`t_WD2nVo#>AOJeZfi2tv9ny~^7^omOMfBD_hV@3-oF30co_za%AOEkD|Nqo5{=bp@ALDuY|G&^Cul!>Z@KV^?DXl@kPg!1Fu2jY> G@c#pf70q`5 literal 0 HcmV?d00001 diff --git a/MISP/LICENSE b/MISP/LICENSE new file mode 100644 index 0000000..bddbb87 --- /dev/null +++ b/MISP/LICENSE @@ -0,0 +1,28 @@ +BSD 3-Clause License + +Copyright (c) 2023, Bert-Jan + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/MISP/README.md b/MISP/README.md new file mode 100644 index 0000000..6c4e99c --- /dev/null +++ b/MISP/README.md @@ -0,0 +1,42 @@ +# KQL-MISP +This folder is a KQL MISP implementation. The goal of this folder is to share queries which implement MISP feeds which can be used for detection, threat hunting or enrichment of incidents. No additional infrastructure or sources are needed besides an environment in which you can run KQL. This implementation can be used in Sentinel, Defender For Endpoint and other Log Analytics sources that fit your needs. + +MISP is a "*A threat intelligence platform for sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information.*" [MISP](https://www.misp-project.org/). + +The architecture used is shown below, where this folder provides the pulling of the data from MISP and translates that information into a KQL query. + +![Overview KQL MISP](Images/KQL%20MISP.png "Overview KQL MISP") + +Before you start implementing this solution think about your needs and the value that you want to get out of MISP. This solution offers a limited implementation in comparison to other MISP implementations (see [Other implementations](#Other-implementations)). If you want to implement a subset of the MISP feeds, only query on specific tables or have some fun with queries than this is the solution for you! + +# Implementation +The queries in this folder are divided into two categories: +- Sentinel (& Log Analytics) +- Defender For Endpoint + +The files in each folder represent the queries that can be used to leverage a MISP feed, the query can be copied an be used to create a detection on to hunt for specific activities. The reason why there are two different categories is the difference between the KQL syntax in Sentinel and MDE and the different tables that to search for IOCs. + +# Table usage + +Sentinel and Defender For Endpoint use different tables. In Defender For Endpoint, only tables within the MDE licence are used. In Sentinel more tables are used. If you do not have a table you can simply delete the section of that table and the query will run. The section below lists all tables that are used. + +## Sentinel +- DeviceNetworkEvents +- DeviceFileEvents + +## Defender For Endpoint +- DeviceNetworkEvents +- DeviceFileEvents + +## Contributions + +Contributions to this folder are appreciated! If you have a query which already uses a MISP feed which has not been implemented yet, then feel free to add it to the right folder. If you identify any errors in the queries please reach out, in order for them to be fixed. + +# Other implementations +There are other MISP implementations available for Sentinel, however, in those cases, it is needed to build additional infrastructure to retrieve the information. If you also want to share your information with MISP, then this is not the solution, the sources below also provide information if you want to contribute to MISP. + +- https://www.misp-project.org/2023/04/03/MISP-Sentinel.html/ +- https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/integrating-open-source-threat-feeds-with-misp-and-sentinel/ba-p/1350371 +- https://www.inspark.nl/misp-threat-intelligence-azure-sentinel/ +- https://www.linkedin.com/pulse/how-ingest-misp-iocs-azure-sentinel-using-security-arshad/ +- https://github.com/zolderio/misp-to-sentinel \ No newline at end of file