malicious
Alert.dll
This report is generated from a file or URL submitted to this webservice on March 2nd 2016 05:27:27 (UTC)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Report generated by
Falcon Sandbox v3.30 © Hybrid Analysis
Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.
-
Malicious Indicators 3
-
External Systems
-
Sample was identified as malicious by a large number of Antivirus engines
- details
- 14/55 Antivirus vendors marked sample as malicious (25% detection rate)
- source
- External System
- relevance
- 10/10
-
Sample was identified as malicious by at least one Antivirus engine
- details
-
14/55 Antivirus vendors marked sample as malicious (25% detection rate)
4/41 Antivirus vendors marked sample as malicious (9% detection rate) - source
- External System
- relevance
- 8/10
-
Sample was identified as malicious by a large number of Antivirus engines
-
Hiding 1 Malicious Indicators
- All indicators are available only in the private webservice or standalone version
-
Suspicious Indicators 7
-
Environment Awareness
-
Possibly tries to implement anti-virtualization techniques
- details
- "VP>;tWMh\EPEM}!uEP0uuuuuMM)3j<2MdeEPMKMPEA0ME(M&!t3MM3Mh03FUVM t3*umM uMMP03@^]jYMeEPutVM uJMuMhE@PMuuMh'PMMEpMM'j(1eM^EPu3C]txMulM2MEEPhMEPMMu(jh|,M]EM]&EPG0Mjh|,]ME&Ej90*MueEPu"tIMu=M;EPhMEPMqEMuuuMM9&Aj<2ZMeEPMtMPE-ME%Mot3MM|Mh9.3FVL$5t3%t$ntL$L$P-3@^jMMM)eEPutxMulMMEMEME0^PMUPVMMEMEMM$MM$3jMMMOeEPutvMujMMEMEuMPM}PVMMEMEMM#MM#3j1ejh0M)eEPEPuMM#j1ejh0M=)eEPEPuMM=#ED$VtV^Y^j1AjMYjhHME(eEPEPuYMM"j1ejhHM{(eEPEPuMM{"#E|j1jYjhhME(eEPEPuMM"&j1?ejhhM'eEPEPu8MM!#Ej`'2eMu3Ch]6t~jPMU'hMEB)MEPMEPME(ME7!MPM)MEM]!>EPVEu!EMEP')KPMT)hM(MEP*M]E Ej1ujh0ME]&eEPEPuMM_ ij1uEP3MutMM (uL3FjFu+<Y}3}W<|u+Q|WW4uW;SVWjYt$3+;+Xt$H3@3;_^[j R2ouEPMeP&MMMuPMht?uEP(M3FPuc&MMEE3j02Mu3M]hMEPEPEPEPuE];thMu\MuPSMOuEuMPE0EPEMEoM]MM3@M]MM3j<2MReEPM2jhME3EMMMjx3eM;M3C]tMEP&]|2jSu|EuMEP\&]|tEPhMEwu<ht$MQPME0$MEMMEP%M]Eu|]ME[EbUl$3hF3`EDVh;jj\3P}EPE}PP;uKVjj\PEM3Md" (Indicator: "qemu")
- source
- File/Memory
- relevance
- 4/10
-
Possibly tries to implement anti-virtualization techniques
-
Installation/Persistance
-
Creates/touches files in windows directory
- details
-
"WINWORD.EXE" created file "%WINDIR%\AppPatch\AcSpecfc.DLL"
"WINWORD.EXE" created file "C:\Windows\Globalization\Sorting\sortdefault.nls"
"WINWORD.EXE" created file "C:\Windows\Fonts\staticcache.dat"
"WINWORD.EXE" created file "C:\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll"
"WINWORD.EXE" created file "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll"
"WINWORD.EXE" created file "C:\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll"
"WINWORD.EXE" created file "C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll"
"WINWORD.EXE" created file "C:\Windows\Microsoft.NET\Framework\v2.0.50727\clr.dll"
"WINWORD.EXE" created file "C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll"
"WINWORD.EXE" created file "C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll"
"WINWORD.EXE" created file "C:\Windows\system32\spool\DRIVERS\W32X86\3\mxdwdui.BUD"
"WINWORD.EXE" created file "C:\Windows\system32\spool\DRIVERS\W32X86\3\mxdwdui.gpd"
"WINWORD.EXE" created file "C:\Windows\system32\spool\DRIVERS\W32X86\3\StdNames.gpd"
"WINWORD.EXE" created file "C:\Windows\system32\spool\DRIVERS\W32X86\3\mxdwdui.ini"
"WINWORD.EXE" created file "%LOCALAPPDATA%\Microsoft\Windows\Caches"
"WINWORD.EXE" created file "%LOCALAPPDATA%\Microsoft\Windows\Caches\cversions.1.db"
"WINWORD.EXE" created file "%LOCALAPPDATA%\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000007.db" - source
- API Call
- relevance
- 7/10
-
Creates/touches files in windows directory
-
System Destruction
-
Marks file for deletion
- details
-
"%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE" marked "%TEMP%\tst5267.tmp" for deletion
"%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE" marked "%TEMP%\tst52E5.tmp" for deletion
"%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE" marked "%TEMP%\tst5343.tmp" for deletion
"%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE" marked "%TEMP%\tst53B2.tmp" for deletion
"%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE" marked "%TEMP%\tst5614.tmp" for deletion
"%PROGRAMFILES%\Microsoft Office\Office12\WINWORD.EXE" marked "%TEMP%\tst5683.tmp" for deletion - source
- API Call
- relevance
- 10/10
-
Marks file for deletion
-
Unusual Characteristics
-
Contains embedded string with suspicious keywords
- details
-
Found suspicious keyword "Put" which indicates: "May write to a file (if combined with Open)"
Found suspicious keyword "FindWindow" which indicates: "May enumerate application windows (if combined with Shell.Application object)"
Found suspicious keyword "ShowWindow" which indicates: "May hide the application"
Found suspicious keyword "Windows" which indicates: "May enumerate application windows (if combined with Shell.Application object)"
Found suspicious keyword "Shell" which indicates: "May run an executable file or a system command" - source
- File/Memory
- relevance
- 10/10
-
Installs hooks/patches the running process
- details
-
"WINWORD.EXE" wrote bytes "66142ef9" to virtual address "0x66EDF69C" (part of module "RICHED20.DLL")
"WINWORD.EXE" wrote bytes "e92319a1f1" to virtual address "0x766E3D01" ("SetUnhandledExceptionFilter@KERNEL32.DLL")
"WINWORD.EXE" wrote bytes "b86402fb" to virtual address "0x6A0DEC08" (part of module "WWLIB.DLL")
"WINWORD.EXE" wrote bytes "40539b7758589c77186a9c77653c9d770000000000bf6d760000000056cc6d76000000007cca6d76000000003768b5756a2c9d77d62d9d77000000002069b5750000000029a66d7600000000a48db57500000000f70e6d7600000000" to virtual address "0x761E1000" (part of module "NSI.DLL")
"WINWORD.EXE" wrote bytes "c1e80cfb" to virtual address "0x6922E718" (part of module "OART.DLL")
"WINWORD.EXE" wrote bytes "47c3eef8" to virtual address "0x6865A980" (part of module "MSO.DLL")
"WINWORD.EXE" wrote bytes "2abfd6f8" to virtual address "0x6FF810AC" (part of module "MSPTLS.DLL")
"WINWORD.EXE" wrote bytes "629bb7fb" to virtual address "0x2F0E1634" (part of module "WINWORD.EXE") - source
- Hook Detection
- relevance
- 10/10
-
Contains embedded string with suspicious keywords
-
Hiding 2 Suspicious Indicators
- All indicators are available only in the private webservice or standalone version
-
Informative 5
-
General
-
Contains PDB pathways
- details
-
"d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdb"
"!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~HH:mm:ssdddd, MMMM dd, yyyyMM/dd/yyPMAMDecemberNovemberOctoberSeptemberAugustJulyJuneAprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSun1#QNAN1#INF1#IND1#SNAN_nextafter_logb_yn_y1_y0frexpfmod_hypot_cabsldexpfabssqrtatan2tanhcoshsinhCONOUT$string too longinvalid string positionIEIsProtectedModeURLgdiplus.dll OsC*0[a>On4eJ M-P0%P0)P0%P0%D,3&OP0P0Lr?RJ{,@Qm6t4`#?>;FFFFFFF"hN@Gp44#N-+.{20FP0P0BPO6#\'G7?Fd8+O]hXNW#Fj#\'G7?F3)6{O>`3)6{O>`yK:?OHRSDS8cCER d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdbpuuuuup@u$p@uuuu@p@v$vuXp#@Hv$Xv,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(D|p@wwvtwwwPxlxxy4yyyz ztzzz{T{p{{{4|p@wwtwwp@wwwpBwp@x(x4xwp@xpBwp@xxxxwp@xq@xxxwqBxpBw$q@Py`ytyyxw$q@PyDq@yyyxwDq@yqBxpBwhq@<zLzXzwhq@<zpBwq@zzzwq@zpBwq@{,{8{wq@{pBwq @{{{wq@{p Bwq$@{||wq@{p$BwpBwrP@||||tww}Pxl}r@|,r@|}|tww}PxHr@4}D}P}wHr@4}`r@}}}`r@},rP@|pPBwpPBwHrX@4}pXBw`r\@}tr@~~~wtr@~pBwr@~wr@~pBwr@`p|wr@`pBwrr@r@,sHX`s@H4s4s@TsTs@ts 08ts@ shxs@hss@ss@tL\dt@Ltt@<t<t@`t$4@`t@$xtpxt@p$putLt@t@,<Lt@hxLu@uLu@Hu@,<Lxudt|xu@duu@u0uu@u@L\0uLv|Lv@|v(,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dpv'@u&@',vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dplv @wlv@p Bwvvvvvv v$vPvXv\vvvv vv 08v@ vhx(}v@hv@(}v@(}w@DT(}px,w@`XwxXw@tw8(}tw@w@Td8(}ww@w@w,uuw@x\lx@\Hx@hx@x$4D`x@$x@|`x@x@y@ 0,yL\t(},y@LPy@(}pypy@y@8HHxyxy@xy@zz@x|0z\lt0z@\TzwTz@pz@wz,<Dz@,ztw,z@tz@wz@ wz@,zt{p}{@p,{@}H{}H{@h{HXh}h{@H{}{@{{@y{HXd{@H{@{{@|@,4|HX`4|@HX|X|@||}||@|$4@|@$|p}|@p|@|@}$}@v }hx }@hy8@pvux,{D}$4}D}@d}dt4}d}@dXpHvXpHvXpHvXpHvXpHvXpHvXpHv XpHv$XpHvPXpHvXXpHv\XpHvXpHvXpHvXpHv|pw|pw|pw|pw|pw|pw|pw |pw$|pwr|r|r|pw,r|,r|} (}@}Xhp}@X`r}}}}@}}}@~L\d~@LwD,~},~@v|{h~4DLh~@4~|~@|~~@~$~@~Tdp}~@T@,},@L8H\4}L@8Pyhxt,lLl@,DL@Hu,thy uL@uuuuuuu u$uPuXu\uuuu uP`h@P@@0(8Dh0@(LthL@thhh@(h@Xhth@Xh@(}@@Pd(}@@(}@X(}X@|<L`(}|@<@wTw@HX`@Hx@@<8HP<@8\(}\@x(}x@(8D@(t@t4}@$,@\lt@\44@LL@l4DPll@4@l@}@L\h}@L@@44DL4@4T|LT@|||@$4<@$r@@(8@dhxd@h{}", "!"#$%&'()*+
-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ & ! 0 `9 R} " "!a: S~xHH:mm:ssdddd
MMMM dd
yyyyMM/dd/yyPMAMDecemberNovemberOctoberSeptemberAugustJulyJuneAprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSun1#QNAN1#INF1#IND1#SNAN_nextafter_logb_yn_y1_y0frexpfmod_hypot_cabsldexpfabssqrtatan2tanhcoshsinhCONOUT$string too longinvalid string positionIEIsProtectedModeURLgdiplus.dll OsC*0[a`>On4! e J M-P0 %P0 )P0 %P0 %D
3&OP0 P0 Lr?RJ{
@Qm6t 4`#?>0 ;FFFFFFF"hN@Gp S40 S4 #N-+. {29 0FP0 P0 B9 P0 O6#\'G7x? Fd8+O]ahXNW#FajS#\'G7x? F3)6{O>`3)6{O>`yR K :?0 OH RSDS8cCE R d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdbp u uuuup@ u$p@uuuu@p@v$vuXp#@Hv$Xv,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(D|p@wwvtwwwPxlxxy4yyyz ztzzz{T{p{{{4|p@wwtwwp@wwwpBwp@x(x4xwp@xpBwp@xxxxwp@xq@xxxwqBxpBw$q@Py`ytyyxw$q@PyDq@yyyxwDq@yqBxpBwhq@<zLzXzwhq@<zpBwq@zzzwq@zpBwq@{,{8{wq@{pBwq @R{S{{wq@R{p Bwq$@{||wq@{p$BwpBwrP@||||tww}Pxl}r@|,r@|}|tww}PxHr@4}D}P}wHr@4}`r@}}}`r@},rP@|pPBwpPBwHrX@4}pXBw`r\@}tr@ ~~S~wtr@ ~pBw r@~w r@~pBwr@`p|wr@`pBwr r@r@ , sH X ` s@H 4s 4s@ Ts Ts@ ts 08ts@ Sshx Ss@hs s@s s@tL \ d t@L t t@ <t <t@ `t$4@ `t@$xtp R xt@p$put L t@t@, < L t@h x L u@ u & L u@ Hu@,& <& & L xud& t& |& xu@d& u& & & u@& u& 0 uu@& u@L \ 0 uLv| R S Lv@| v ( ! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dpv'@ u&@! '! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dplv @RSwlv@Rp Bwv v v v v v v $v Pv Xv \v v v v v v `0`8`v@ `vh`x````(9 }v@h`v@````(9 }v@9 9 `(9 }w@D9 T9 (9 }p9 x9 ,w@`9 Xw9 9 9 x9 Xw@9 tw9 RR8R`(9 }tw@9 w@TRdR8R`(9 }wRRSRRRw@RRw@RRRw,uuw@x\l S x@\Hx@S hx@} x$}4}D}`}}x@$}x@|}R}`}}x@}}}x@}}}y@ 0,yL\t`(9 },y@LPy@`(9 }pypy@y@8HHxyx y@xy@z }z@x|}0z\ l t 0z@\ Tz wTz@ pz@ wz, < D z@, zt S w, z@t z@ wz@ wz@, zt {p }{@p ,{@ }H{ }H{@ h{H X h }h{@H { } {@ { " {@ y{H" X" d" " {@H" {@S" " " {" " " {@" |@
4|H X ` 4|@H X| X|@ || }||@ S|$ 4 @ S|@$ |p R }|@p |@ |@ }$}@v9 }hx }@hy8@pvu x}
{ D}"!$"!4"! }D}@"!d}d"!t"!"!4"! }d}@d"!XpHvXpHvXpHvXpHvXpHvXpHvXpHv XpHv$XpHvPXpHvXXpHv\XpHvXpHvXpHvXpHv|pw|pw|pw|pw|pw|pw|pw |pw$|pwr|r|r|pw,r|,r|}S S(S}@S}XShSpS}@XS`r}}SSS}}@S}}}@~L\d~@LwD9 ,~},~@v`| {S" h~4~D~L~h~@4~~|~R~ ~~@|~~~~~~@~~xx$x~@x~Txdxpx}~@Txxxx@x
xx }
@xL8H\4"! }L@8Pyhxt, l L l@ ,D L @Hu,& th y uL @u! u! u! u! u! u! u! u! $u! Pu! Xu! \u! u! u! u! u! P`h@P@ @0 (8Dh0 @(L t hL @th hh @ (h @S XhthS @X h @ (9 } @ @Pd`(9 } @@ (9 }@ X(9 }X@|<L`(9 }|@<SS@wTRwR@HX`@Hx}@ @< 8HP< @8\ `(9 }\ @ x `(9 }x @S (8D S @( t @t 4"! } @ $
@\lt@\44@LL@l4DPll@4 @lSS@ }@L\h}@L @ @4 4DL4 @4T |RLT @|| | @ $4< @$r S @ @& (8 & @d hx d @hR{}" - source
- File/Memory
- relevance
- 1/10
-
Creates mutants
- details
-
"\Sessions\1\BaseNamedObjects\KYIMEShareCachedData.MutexObject.PSPUBWS"
"\Sessions\1\BaseNamedObjects\KYTransactionServer.MutexObject.PSPUBWS"
"\Sessions\1\BaseNamedObjects\Local\MidiMapper_modLongMessage_RefCnt"
"\Sessions\1\BaseNamedObjects\Global\MTX_MSO_Formal1_S-1-5-21-4162757579-3804539371-4239455898-1000"
"\Sessions\1\BaseNamedObjects\Global\MTX_MSO_AdHoc1_S-1-5-21-4162757579-3804539371-4239455898-1000" - source
- Created Mutant
- relevance
- 3/10
-
Loads rich edit control libraries
- details
- "WINWORD.EXE" loaded module "%COMMONPROGRAMFILES%\microsoft shared\OFFICE12\RICHED20.DLL" at 66E80000
- source
- Loaded Module
-
Contains PDB pathways
-
Installation/Persistance
-
Dropped files
- details
-
"opa12.dat.911241580" has type "data"
"~$ert.dll.doc.1303079170" has type "data"
"~WRD0000.doc.1560234626" has type "data"
"~WRD0001.doc.1627343522" has type "data"
"index.dat.1647014572" has type "data"
"~WRD0002.doc.1694452418" has type "data"
"Local Disk (C).LNK.1789590254" has type "MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, System, Directory, ctime=Tue Jul 14 09:07:54 2009, mtime=Wed Mar 2 18:33:22 2016, atime=Wed Mar 2 18:33:22 2016, length=8192, window=hide"
"~WRS{C46BB34F-BEF2-4EF1-BFAA-058F94ECC31A}.tmp.3093106292" has type "FoxPro FPT, blocks size 0, next free block index 218103808, 1st used item "\375""
"~WRS{9C98AD0C-DAC3-4C5C-B311-81CD81463030}.tmp.4237089844" has type "data"
"Alert.dll.LNK.4247930766" has type "MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Mar 2 18:28:59 2016, mtime=Wed Mar 2 18:28:59 2016, atime=Wed Mar 2 20:27:56 2016, length=638560, window=hide" - source
- Binary File
- relevance
- 3/10
-
Dropped files
-
Network Related
-
Found potential URL in binary/memory
- details
-
Pattern match: "https://www.verisign.com/rpa"
Pattern match: "csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0D"
Pattern match: "https://www.verisign.com/rpa0"
Pattern match: "http://ocsp.verisign.com0"
Pattern match: "csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0"
Pattern match: "https://www.verisign.com/cps0*"
Pattern match: "http://logo.verisign.com/vslogo.gif0"
Pattern match: "http://ocsp.verisign.com01"
Pattern match: "http://crl.verisign.com/pca3.crl0"
Pattern match: "AlertServices.asmx/AlertLogin"
Pattern match: "AlertServices.asmx/GetToolbarAlertsInfo"
Pattern match: "AlertServices.asmx/SetAlertUsageRequest"
Pattern match: "http://iealert.conduit-download.com"
Pattern match: "AlertServices.asmx/GetAlertTranslation"
Pattern match: "http://alert.client.conduit.com"
Pattern match: "http://alert.services.conduit.com"
Pattern match: "http://hosting.conduit.com/Alertupdate/update.xml"
Pattern match: "http://hosting.eb.com/Alertupdate/update.xml"
Pattern match: "http://hosting.eb.com/Alertupdate/tbedrs.dll"
Pattern match: "http://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.com" - source
- File/Memory
- relevance
- 10/10
-
Found potential URL in binary/memory
File Details
All Details:
Alert.dll
- Filename
- Alert.dll
- Size
- 624KiB (638560 bytes)
- Type
- pedll executable
- Description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- Architecture
- WINDOWS
- SHA256
- f22e58cdfe94d4a5fbbf2795a743b167ed9923e289e14654631e0077dd306c1d
- MD5
- 6796f6e449f90a543dc3345538acc46f
- SHA1
- 97bccd25561f44e9b13f05f6eef083c9ce9ba529
Resources
- Icon
-
Visualization
- Input File (PortEx)
-
Classification (TrID)
- 55.3% (.AX) DirectShow filter
- 31.9% (.OCX) Windows ActiveX control
- 8.5% (.EXE) Win32 Executable MS Visual C++ (generic)
- 1.8% (.DLL) Win32 Dynamic Link Library (generic)
- 1.2% (.EXE) Win32 Executable (generic)
Screenshots
Loading content, please wait...
Hybrid Analysis
Tip: Click an analysed process below to view more details.
Analysed 1 process in total (System Resource Monitor).
-
WINWORD.EXE
/n /dde
(PID: 3780)
Network Analysis
DNS Requests
No relevant DNS requests were made.
Contacted Hosts
No relevant hosts were contacted.
HTTP Traffic
No relevant HTTP requests were made.
Extracted Strings
! j xR9 uX
Ansi based on Dropped File
(~WRD0000.doc)
! Y9 ^U9 S3W9 9@t3OV89 ;tu9 uuuC99 ju9 uuu49 & t& t& tS9 89 ^_[]j(O& 0 Mu 3M0 ]xPuRuh Vj EPjSuu0 ;t03" PhVAAQQMM9 & 0 ]M9 MEPuEu$9 ;u9 E 9EuEPM & u9M]E;tu$ 3" h
Ansi based on Dropped File
(~WRD0000.doc)
!!0?+?>(,?79
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!!0?+?>(a,?79
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ & ! 0 `9 R} " "!a: S~x & ! 0 `9 R} " "!a: S~x
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ & ! 0 `9 R} " "!a: S~xHH:mm:ssdddd, MMMM dd, yyyyMM/dd/yyPMAMDecemberNovemberOctoberSeptemberAugustJulyJuneAprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSun1#QNAN1#INF1#IND1#SNAN_nextafter_logb_yn_y1_y0frexpfmod_hypot_cabsldexpfabssqrtatan2tanhcoshsinhCONOUT$string too longinvalid string positionIEIsProtectedModeURLgdiplus.dll OsC*0[a`>On4! e J M-P0 %P0 )P0 %P0 %D,3&OP0 P0 Lr?RJ{,@Qm6t 4`#?>0 ;FFFFFFF"hN@Gp S40 S4 #N-+. {29 0FP0 P0 B9 P0 O6#\'G7x? Fd8+O]ahXNW#FajS#\'G7x? F3)6{O>`3)6{O>`yR K :?0 OH RSDS8cCE R d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdbp u uuuup@ u$p@uuuu@p@v$vuXp#@Hv$Xv,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(D|p@wwvtwwwPxlxxy4yyyz ztzzz{T{p{{{4|p@wwtwwp@wwwpBwp@x(x4xwp@xpBwp@xxxxwp@xq@xxxwqBxpBw$q@Py`ytyyxw$q@PyDq@yyyxwDq@yqBxpBwhq@<zLzXzwhq@<zpBwq@zzzwq@zpBwq@{,{8{wq@{pBwq @R{S{{wq@R{p Bwq$@{||wq@{p$BwpBwrP@||||tww}Pxl}r@|,r@|}|tww}PxHr@4}D}P}wHr@4}`r@}}}`r@},rP@|pPBwpPBwHrX@4}pXBw`r\@}tr@ ~~S~wtr@ ~pBw r@~w r@~pBwr@`p|wr@`pBwr r@r@ , sH X ` s@H 4s 4s@ Ts Ts@ ts 08ts@ Sshx Ss@hs s@s s@tL \ d t@L t t@ <t <t@ `t$4@ `t@$xtp R xt@p$put L t@t@, < L t@h x L u@ u & L u@ Hu@,& <& & L xud& t& |& xu@d& u& & & u@& u& 0 uu@& u@L \ 0 uLv| R S Lv@| v ( ! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dpv'@ u&@! '! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dplv @RSwlv@Rp Bwv v v v v v v $v Pv Xv \v v v v v v `0`8`v@ `vh`x````(9 }v@h`v@````(9 }v@9 9 `(9 }w@D9 T9 (9 }p9 x9 ,w@`9 Xw9 9 9 x9 Xw@9 tw9 RR8R`(9 }tw@9 w@TRdR8R`(9 }wRRSRRRw@RRw@RRRw,uuw@x\l S x@\Hx@S hx@} x$}4}D}`}}x@$}x@|}R}`}}x@}}}x@}}}y@ 0,yL\t`(9 },y@LPy@`(9 }pypy@y@8HHxyx y@xy@z }z@x|}0z\ l t 0z@\ Tz wTz@ pz@ wz, < D z@, zt S w, z@t z@ wz@ wz@, zt {p }{@p ,{@ }H{ }H{@ h{H X h }h{@H { } {@ { " {@ y{H" X" d" " {@H" {@S" " " {" " " {@" |@ , 4|H X ` 4|@H X| X|@ || }||@ S|$ 4 @ S|@$ |p R }|@p |@ |@ }$}@v9 }hx }@hy8@pvu x},{ D}"!$"!4"! }D}@"!d}d"!t"!"!4"! }d}@d"!XpHvXpHvXpHvXpHvXpHvXpHvXpHv XpHv$XpHvPXpHvXXpHv\XpHvXpHvXpHvXpHv|pw|pw|pw|pw|pw|pw|pw |pw$|pwr|r|r|pw,r|,r|}S S(S}@S}XShSpS}@XS`r}}SSS}}@S}}}@~L\d~@LwD9 ,~},~@v`| {S" h~4~D~L~h~@4~~|~R~ ~~@|~~~~~~@~~xx$x~@x~Txdxpx}~@Txxxx@x,xx },@xL8H\4"! }L@8Pyhxt, l L l@ ,D L @Hu,& th y uL @u! u! u! u! u! u! u! u! $u! Pu! Xu! \u! u! u! u! u! P`h@P@ @0 (8Dh0 @(L t hL @th hh @ (h @S XhthS @X h @ (9 } @ @Pd`(9 } @@ (9 }@ X(9 }X@|<L`(9 }|@<SS@wTRwR@HX`@Hx}@ @< 8HP< @8\ `(9 }\ @ x `(9 }x @S (8D S @( t @t 4"! } @ $, @\lt@\44@LL@l4DPll@4 @lSS@ }@L\h}@L @ @4 4DL4 @4T |RLT @|| | @ $4< @$r S @ @& (8 & @d hx d @hR{}
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~=SunMonTueWedThuFriSatJanFebMarAprMayJunJulAugSepOctNovDecccsUTF-8UTF-16LEUNICODE IqI`B
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~=SunMonTueWedThuFriSatJanFebMarAprMayJunJulAugSepOctNovDecccsUTF-8UTF-16LEUNICODE IqI`B
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~HH:mm:ssdddd, MMMM dd, yyyyMM/dd/yyPMAMDecemberNovemberOctoberSeptemberAugustJulyJuneAprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSun1#QNAN1#INF1#IND1#SNAN_nextafter_logb_yn_y1_y0frexpfmod_hypot_cabsldexpfabssqrtatan2tanhcoshsinhCONOUT$string too longinvalid string positionIEIsProtectedModeURLgdiplus.dll OsC*0[a>On4eJ M-P0%P0)P0%P0%D,3&OP0P0Lr?RJ{,@Qm6t4`#?>;FFFFFFF"hN@Gp44#N-+.{20FP0P0BPO6#\'G7?Fd8+O]hXNW#Fj#\'G7?F3)6{O>`3)6{O>`yK:?OHRSDS8cCER d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdbpuuuuup@u$p@uuuu@p@v$vuXp#@Hv$Xv,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(D|p@wwvtwwwPxlxxy4yyyz ztzzz{T{p{{{4|p@wwtwwp@wwwpBwp@x(x4xwp@xpBwp@xxxxwp@xq@xxxwqBxpBw$q@Py`ytyyxw$q@PyDq@yyyxwDq@yqBxpBwhq@<zLzXzwhq@<zpBwq@zzzwq@zpBwq@{,{8{wq@{pBwq @{{{wq@{p Bwq$@{||wq@{p$BwpBwrP@||||tww}Pxl}r@|,r@|}|tww}PxHr@4}D}P}wHr@4}`r@}}}`r@},rP@|pPBwpPBwHrX@4}pXBw`r\@}tr@~~~wtr@~pBwr@~wr@~pBwr@`p|wr@`pBwrr@r@,sHX`s@H4s4s@TsTs@ts 08ts@ shxs@hss@ss@tL\dt@Ltt@<t<t@`t$4@`t@$xtpxt@p$putLt@t@,<Lt@hxLu@uLu@Hu@,<Lxudt|xu@duu@u0uu@u@L\0uLv|Lv@|v(,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dpv'@u&@',vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dplv @wlv@p Bwvvvvvv v$vPvXv\vvvv vv 08v@ vhx(}v@hv@(}v@(}w@DT(}px,w@`XwxXw@tw8(}tw@w@Td8(}ww@w@w,uuw@x\lx@\Hx@hx@x$4D`x@$x@|`x@x@y@ 0,yL\t(},y@LPy@(}pypy@y@8HHxyxy@xy@zz@x|0z\lt0z@\TzwTz@pz@wz,<Dz@,ztw,z@tz@wz@ wz@,zt{p}{@p,{@}H{}H{@h{HXh}h{@H{}{@{{@y{HXd{@H{@{{@|@,4|HX`4|@HX|X|@||}||@|$4@|@$|p}|@p|@|@}$}@v }hx }@hy8@pvux,{D}$4}D}@d}dt4}d}@dXpHvXpHvXpHvXpHvXpHvXpHvXpHv XpHv$XpHvPXpHvXXpHv\XpHvXpHvXpHvXpHv|pw|pw|pw|pw|pw|pw|pw |pw$|pwr|r|r|pw,r|,r|} (}@}Xhp}@X`r}}}}@}}}@~L\d~@LwD,~},~@v|{h~4DLh~@4~|~@|~~@~$~@~Tdp}~@T@,},@L8H\4}L@8Pyhxt,lLl@,DL@Hu,thy uL@uuuuuuu u$uPuXu\uuuu uP`h@P@@0(8Dh0@(LthL@thhh@(h@Xhth@Xh@(}@@Pd(}@@(}@X(}X@|<L`(}|@<@wTw@HX`@Hx@@<8HP<@8\(}\@x(}x@(8D@(t@t4}@$,@\lt@\44@LL@l4DPll@4@l@}@L\h}@L@@44DL4@4T|LT@|||@$4<@$r@@(8@dhxd@h{}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!+tHtHu!#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!1Aa 0@`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!9 +tHtHu!9 #
Ansi based on Dropped File
(~WRD0000.doc)
!: ;x=~`wMi@r8 "!dG@IGGGGG
Ansi based on Dropped File
(~WRD0000.doc)
!;=`wMi@r8dG@IGGGGG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!bGotAlertChannelId
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!GetNotificationId
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!hLE?Y9 0 Me& t39 9 EU9 QeEPu@^d& t9 E& u3U9 Vq@9 & ~GEP9 2\e9 M& t9 PD9 M& t9 jPHEPEP9 G\& u9 j9 P^|$V9 u 9 & tP&t$0 ^j@;BD0 Me3}EPq< EP 9 M9 E0 M0 MM0 E0 Ee9 uEPM59 M9 E+E+M9 }9 u+}+u+"!+9 9 +"!j+VEQ]P9 ESpS MMakDV9 v& t9S3jSSvF ^!^#F"jv0 Sjv(v[^V9 v& t3Pjv$F vF!F#F"^9 D$0 A0U9 QQSV9 u9 & tUs& tH9 0 E9 FW9 = 0 EEPs9 E0 9 E0 F9 F0 E9 F0 EEPs9 E0 F9 E0 F_^[9 D$& t9 P9 T$u9 PR\U9 QEPua#EU9 VW9 }W9 Y& ty~t*9 }WujP 9 9 W9 0 ~PTIu9 9 PT~t$Wacv~t9 j9 uW Wlc_^]SV9 39^ W9 |$;~$u+F"<r,F"EWvv0 ^v.YYZ;~(uU`F"<s,~F"F"F"jPSv"jhSvWvF,_^3[39 Vj9 9 jvP@jvYY^jq YYV9 v& th3PPPPPv ^j<@9 PlM9 AueVM2MM$NeAW9 t3V9 t$9 F+Ft$PmlYP9 F+P`lYPv6wS ^_V9 t$W9 & tN9 JtHHu>v9 & t0j9 %9 F9 vPw9 W& tVW _^39D$ j;?9 0 u, 9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
!hLE?YMet3EUQeEPu@^dtEu3UVq@~GEP2\eMtPDMtjPHEPEPG\ujP^|$VutP&t$^j@;BDMe3}EPq<EPMEMMMEEeuEPM5ME+E+M}u+}+u+++j+VEQ]PESpMMakDVvt9S3jSSvF ^!^#F"jv0Sjv(v[^Vvt3Pjv$F vF!F#F"^D$A0UQQSVutUstHEFW=EEPsEEFFEFEEPsEFEF_^[D$tPT$uPR\UQEPua#EUVW}WYty~t*}WujPW~PTIuPT~t$Wcv~tjuWWlc_^]SV39^W|$;~$u+F"<r,F"EWvv^v.YYZ;~(uUF"<s,~F"F"F"jPSv"jhSvWvF,_^3[3VjjvP@jvYY^jqYYVvth3PPPPPv^j<@PlMAueVM2MM$NeAWt3Vt$F+Ft$PmlYPF+P`lYPv6w^_Vt$WtNJtHHu>vt0j%FvPwWtVW_^39D$j;?u,Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!j.% 9 j 3Y9 0 Me& tjVe3Pj5(v0 V9 D$tV Y9 ^U9 9 EV9 ; uXMEP& u.u9 U& uh0 j P 3@"hthj P 3^]U9 }SVW0 M 9 juu$uu }9 ME0 E9 E0 E9 u9 uV|9 EE0 E9 E0 E9 E0 E9 E49 0 eP9 MEPVL9 MEPVuV_^[$j$#9 9 5 hWZauEEM9 'ejhMEPEPENaYYMEE9 0 eP[EPu9 SuMMj0#9 0 }3} 30 u0 E;u;9 ; 9 9E9uRu9 30 E9 ]9 C$+Cs0 E9 C(+C 0 u0 u0 E u0 Eus 9 5Pu0 E9 0 ejhTS0 Ee9 0 ejh|9 9 SM3PPPjzPuh0 E9 VEPu V}t9 M9 uu2u9 9 9 EN3F;! hP 0 M9 g& te)MEP9 E& u9 E9EuEu9 MuV9 uuu9 }h jjWuus ss u9 5WuWWuVt$9 P9 ^U9 QVWu9 AM9 EP9 t?& uu9 {& u-u9 WR 9 <& tu39 0 9 /_^U9 9 E0xu:9 Puj0X/u%9 PVWp,0 Up}EP;jX_^3U9 Vju 9 & u^]% 9 E `-W9 }t(HtHHu_9 jPQ9 & tHP9 >MSU9 RPQ9 9 U9 h9 0 & |Q9 S9 A[Wuuu _
Ansi based on Dropped File
(~WRD0000.doc)
!j.% j 3YMetjVe3Pj5(v0 VD$tV Y^UEV;uXMEPu.uUuhjP3@"hthjP3^]U}SVWMjuu$uu }MEEEEuuV|EEEEEEEE4ePMEPVLMEPVuV_^[$j$#5hWZauEEM'ejhMEPEPENaYYMEEeP[EPuSuMMj0#}3}3uE;u;;9E9uu3E]C$+CsEC(+C uuEuEus5PuEejhTEeejh|M3PPPjzPuhEVEPuV}tMuu2uEN3F;hPMgte)MEPEuE9EuEuMuVuuu}h jjWuus ssu5WuWWuVt$P^UQVWuAMEPt?uu{u-uWR <tu39/_^UE0xu:Puj0X/u%PVWp,Up}EP;jX_^3UVjuu^]%E -W}t(HtHHu_jPQtHP>MSURPQUh|QSA[Wuuu_
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!m_pContainerParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!pAlertHtmlDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!pAlertItem
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!ParseParameters
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!pInstantAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!sg2F<@HqA&<*n,#BH;=aElCd\Pq r3)&ntL'G8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!This program cannot be run in DOS mode.$
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!}wk)@ACy<G BrRsG$ C(3|? S qN[B/}0 /~ :~' S& t :` 9p ANe40?JzB@h~d! /d@E& TP3PRbu*Z`a.z9 `;GIF89a?|k"!]! f b9 o" Cra`i ~ r~ >ned`qa9 vg axc}g}LyO|{: q j a! n !?,xpH,y ci: B ZD@J& } 9 & )D~0!@ ?c,#$?/#
Ansi based on Dropped File
(~WRD0000.doc)
!}wk)@ACy<GBrsG$ C(3|?SqN[B/}0 /~:'St:`9pANe40?JzB@h~d/d@ETP3Pbu*Za.z`;GIF89a?|k]fboCrair>nedqvgcgLyO|{qjan!?,pH,yciB ZD@J&)D~0!@ ?c,#$?/#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!~_9 ^W,PW(0 F& uh V9 ND$tV
Ansi based on Dropped File
(~WRD0000.doc)
!~_^W,PW(FuhVND$tV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
" " 0H P X ` h p x : " h " " " (!$!2!@!N!\!d!n!x! !R! !!!" !!!!"*"2"<"" a"" "" L"""" x"" " ####!#)#1#9#\#d#l#t#" D #x#" #" #" " 8$$$ $($0$S$" hv$ $$" $$$$" $$$" " t%'%1%9%A%d%l%t%" S" x% %%%%" H%%%&
Ansi based on Dropped File
(~WRD0000.doc)
" (" d9A" d" `" " @
Ansi based on Dropped File
(~WRD0000.doc)
" (5" diqy" S" " 4:"*2" dnv~" " " (" x (0S[" ~x" "
Ansi based on Dropped File
(~WRD0000.doc)
" 0(08" t"
Ansi based on Dropped File
(~WRD0000.doc)
" 3@: " e9 "!9 yJBee9 E )U9 M9 |9 #0 M9 9 M}0 |9 }9 ME}0 }|9 jMZ+;|9 10 t" d" J& }3^jY+
Ansi based on Dropped File
(~WRD0000.doc)
" 8?7X`hp" R : " !" " XDLT\d" ! x" >6W" 0" z: " " $,4<" " o_g" " )1" 8T\dl" l" "
Ansi based on Dropped File
(~WRD0000.doc)
" A9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }j3XZ;" 9
Ansi based on Dropped File
(~WRD0000.doc)
" AI" lt" x " <" x" 7?G" ,jrz `" T" #+3;" ^fn" "!" \"
Ansi based on Dropped File
(~WRD0000.doc)
" L08" " [cnv~ }" " p%/7
Ansi based on Dropped File
(~WRD0000.doc)
" R3}M 9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }" 9
Ansi based on Dropped File
(~WRD0000.doc)
" T8@H" " ks{9 " (" x" &.6>F" iqy0 "!" " 2:Bemu" " 4" " $," $OW_go" p a
Ansi based on Dropped File
(~WRD0000.doc)
" {R~m }"!u- \"!& VK Qzxt*~N yI& K&qK"!*Xm
Ansi based on Dropped File
(~WRD0000.doc)
"!! "![G! $a"f}"!`/s(k eb}7W& ~}70{d ~{ }
Ansi based on Dropped File
(~WRD0000.doc)
"!D$tVY9 ^U9 30 ES9 ]V9 uW9 }'}E@ t UEPh! @& & t3@=EPV2%YY& t'Sa9 & u 9 WSV0 E9 VP9 E9 M_^3[~U9 30 EVWu}9 9 Mxu_l@"!3^3U9 ( 30 ES9 ]V9 uW9 }EPh! @& EPh & hpS0 E^$YY& u/EPSN$YY& u9EuEPS9$YY& u
Ansi based on Dropped File
(~WRD0000.doc)
"!jd_9 F
Ansi based on Dropped File
(~WRD0000.doc)
"!MN{j,&M0ueuMuk9 M9 q& t9 ?& uFMM9 k3j,& Mu3M0 ue%;uFMM9 (Mb#;9 M6j-^9 Me3F0 u& u9 5"!9 & te9 Eh0hjj4Ab0 M9 u3;u
Ansi based on Dropped File
(~WRD0000.doc)
"!tVURPEPQ & tf9 E9 M3^ 9 U9 SV9 u3;t9]t8u9 E;t3f0 3^[uM59 E9Xu9 E;tff0 8]t9 E`p3@EPP\:YY& t}9 E9 ~%9M| 39]" RuQVjp & 9 Eu9 M;r 8^t9 8] e9 MapY *8]t9 E`p:39]" Pu9 EjVjp & & :9 U9 juuu]9 U9 9 EuS 3]V3;|; r~ VVVVV"39 9 D@^]9 U9 SVW3jSSu0 ]0 ]
Ansi based on Dropped File
(~WRD0000.doc)
"!V9 t$N9 Fu
Ansi based on Dropped File
(~WRD0000.doc)
""0H P X ` h p x "h " ""(!$!2!@!N!\!d!n!x!!!!!!"!!!!"*"2"<""a"" ""L""""x"""####!#)#1#9#\#d#l#t#"D##"#"#""8$$$ $($0$S$"hv$$$"$$$$"$$$""t%'%1%9%A%d%l%t%""%%%%%"H%%%&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"("d9A"d"""@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"(5"diqy"""4:"*2"dnv~"""("x (0S["~""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"8?7X`hp""!""XDLT\d"">6W"0"z""$,4<" "o_g"")1"8T\dl"l""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"9 E@9 MxVWE P9 E@ PMM E
Ansi based on Dropped File
(~WRD0000.doc)
"about:blank#EBCmd(
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
"AI"lt""<"x"7?G",jrz"T"#+3;"^fn" "\"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"E@MxVWEPE@PMME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"L08""[cnv~""p%/7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"S3t0 ^ ! 9 N0 0 F9 F0 F0 ^0 ]u,3 ;t3@;u
Ansi based on Dropped File
(~WRD0000.doc)
"S3t^NFFF^]u,3 ;t3@;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"T8@H""ks{"("x"&.6>F"iqy""2:Bemu""4""$,"$OW_go"p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#+3;CScspp
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#9 }R0 EjX+E0 E+ES0 E9 0 E0 EEP}9 MjX+E0 }0 E9 }0 ESEP0 }}9 9 9 wj[$9 0 u#ej
Ansi based on Dropped File
(~WRD0000.doc)
#; onclick='
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
#<<<!'5%<<<<<<<6<<<<<<<<<<',.-$*<<<<<<<<<<<8''<<<<<<<<<<<<<1<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<{1h( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
#<<<!'5%<<<<<<<6<<<<<<<<<<',.-$*<<<<<<<<<<<8''<<<<<<<<<<<<<1<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<{1h( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#EjX+EE+ESEEEEP}MjX+E}EESEP}}wj[$u#ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#http://logo.verisign.com/vslogo.gif0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
#M xE@tMMMt} tMEtM`0 u!0 !}9 E9 =SuuEPuuu0 Eum9 M#;u+Et%eSuEuPuuu0 Eu49 69 9 & D0 PPl!Y@!9 uu ;uD9 69 9 & D0 P9 V)!YuX;u
Ansi based on Dropped File
(~WRD0000.doc)
#MxE@tMMMt} tMEtMu!!E=SuuEPuuuEumM#;u+Et%eSuEuPuuuEu46D0 PPl!Y@!uu;uD6D0 PV)!YuX;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$" 09 $I9 r+$& 4$0Dh`F#Gr$" 0I`F#G`FGr$" 0`F#G`FG`FG V$" 0I'9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 09 @HXl9 E^_`FG9 E^_I`FG`FG9 E^_`FG`FG`FG9 E^_U9 WV9 u9 M9 }9 9 ;v; r=tWV;^_u^_]ur*$" 9 r$& $$(Tx#``FG`FGr$" I#``FGr$" #`r$" I9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 (<9 E^_`9 E^_``FG9 E^_I``FG`FG9 E^_t1|9u$r
Ansi based on Dropped File
(~WRD0000.doc)
$" 9 $PI9 r+$& $`F#Gr$" I`F#G`FGr$" `F#G`FG`FG V$" IT\dlt| 9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 9 E^_`FG9 E^_I`FG`FG9 E^_`FG`FG`FG9 E^_9 U9 j
Ansi based on Dropped File
(~WRD0000.doc)
$####,^]UVut5;tP#YF;tP#Yv;5tV#Y^]UVut~F;tPu#YF;tPc#YF;tPQ#YF;tP?#YF;tP-#YF ;tP#Yv$;5tV#Y^]UV3PPPPPPPPUI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$$PIr+$$F#Gr$IF#GFGr$F#GFGFGV$IT\dlt|DDDDDDDDDDDDDD$E^_FGE^_IFGFGE^_FGFGFGE^_Uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$0$Ir+$4$0DhF#Gr$0IF#GFGr$0F#GFGFGV$0I'DDDDDDDDDDDDDD$0@HXlE^_FGE^_IFGFGE^_FGFGFGE^_UWVuM};v;r=tWV;^_u^_]ur*$r$$$(Tx#FGFGr$I#FGr$#r$IDDDDDDDDDDDDDD$(<E^_E^_FGE^_IFGFGE^_t1|9u$r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$E|E|E|L\|L|[B|bU|bZ|E}|bD|L|LD|[D|ED|LD|RichE|PELKN!hpO
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$G@!#9 M)L2+3RH1/&*R=OK"QJR7I'F4B8A(E.D<:>
Ansi based on Dropped File
(~WRD0000.doc)
$G@!#9 M)L2+3RH1/&*R=OK"QJR7I'F4B8A(E.D<:>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$KE%W9\!J40N'#S2>X BVb)8pbC1Dh @
Ansi based on Dropped File
(~WRD0000.doc)
$KE%W9\!J40N'#S2>X BVb)8pbC1Dh@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$O& X`& >, [b\A.! Z
Ansi based on Dropped File
(~WRD0000.doc)
$OX`>, [b\A.!Z
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$S####,^]9 U9 V9 u& t59 ; tP#Y9 F; tP#Y9 v;5 tV #Y^]9 U9 V9 u& t~9 F; tPu#Y9 F; tPc#Y9 F; tPQ#Y9 F; tP?#Y9 F; tP-#Y9 F ; tP#Y9 v$;5 tV#Y^]U9 V3PPPPPPPP9 UI`
Ansi based on Dropped File
(~WRD0000.doc)
$Y0 ]9^uhFPGYY& u0 ]FE09]t9 9 & D8P 9 EE39 }j
Ansi based on Dropped File
(~WRD0000.doc)
$Y]9^uhFPGYYu]FE09]tD8PEE3}j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%& tEEP9 {hDRME$& tF,M 0 FME(h8RM$& 9 e0 E& }u9 H9 & `EP9 sh$RMEf$& uME'\h Y9 0 ME& t~9 3W9 E-& u& t9 j9 9 MV5MET'9 uE9 E;ERSME6'E9 E;ERe3F7V9 NR 9 ^U9 S9 VsW9 U}{9 0 ED 39M0 E~40 Mu9 & t9 j9 E9 E;E|ju9 j1;t-EP9 %
Ansi based on Dropped File
(~WRD0000.doc)
%0 E0 ]9 EMM0 E9 }E;t?9 gg& v4S9 9 & tjVM9 MV9 & u}9 C3g;r39}~59 MW! 9 & t VM& uu9 MFDPVG;}|9 u9 R& & t9 j9 eMM9 ElrjM0 9 MV}j pq9 9 u& u3@79 ,u)EP9 +v,eEP9 MM3qUhhq9 0 ]49 Mt3; P9 ; " EP9 Pyh M0 uD& fMMXE9 M\EUh EP9 E`ME& uMPMYh EP9 /ME& uEPMh E P9 M E}& u|EtPE PMV9 $9utt_j jY9 0 MTE;tj9 9 jEiY9 0 MTE& tE P3Vj0 F5(Es3hEP9 g hDRME& & h 9 &9 0 M0; xM80 EP9uPE
Ansi based on Dropped File
(~WRD0000.doc)
%0;F" p" lt| R " " `5" X" ~ } " <Hdr#r" " #+@: )@
Ansi based on Dropped File
(~WRD0000.doc)
%0;F"p"lt|""`5"X"~"<Hdr#r""#+@)@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%@~% ?-[g9X5dh,]vFKE*nk`0mE%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%E]EMME}E;t?ggv4StjVMMVu}C3g;r39}~5MWt VMuuMFDPVG;}|uRtjeMMElrjMMVjpquu3@7,u)EP+v,eEPMM3qUhhq]4Mt3;P;EPPyhMuDfMMXEM\EUhEPE`MEuMPMYhEP/MEuEPMhE PM E}u|EtPE PMV$9utt_j jYMTE;tjjEiYMTEtE P3VjF5(Es3hEPghDMEh&M0;xM8EP9uPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%s_%sparamjsonParamscmdIdtopicFrom Html Dialog: API_CMD_CLICKED</head>; return false;'#; onclick='}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%tEEP{hDME$tF,M FME(h8M$eEuHEPsh$MEf$uME'\hYMEt~3WE-utjMV5MET'uEE;ESME6'EE;Ee3F7VN^USVsWU}{ED39ME~4MutjEE;E|juj1;t-EP%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%v,%v0$v4$v$v8$v<$@v@$vD$vH$vL$vP$vT$vX$v\$v`$vd$vh$vlz$vpr$vtj$vxb$v|Z$@L$A$6$+$ $$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%v,%v0$v4$v$v8$v<$@v@$vD$vH$vL$vP$vT$vX$v\a$v` $vd`$vh $vlz$vpr$vtj$vxb$v|Z$@ L$ A$6$R+$ $ $
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 Sufguc& W9& ~0 & ~=9 ]WV9 " Y0 & & t0 & 0 9
Ansi based on Dropped File
(~WRD0000.doc)
& 0 }3f9w#k
Ansi based on Dropped File
(~WRD0000.doc)
& ~& EPEP9 0 ]0 ]W9 F 0 E9 F$0 E9]t9 G+0 F 9 G+G0 F$EPEP9 u t59]u09 ]9 E+"!+9 9 E+Ej"!+N jGjuS'9 E+Ej"!+9 9 E+ES"!Sv$+v Gv(PQu 9 "9 +& ~& u 0 E; 9 F0 E9 F0 EEPEP9 0 ]0 ]X9]u9]u9 F 0 E9 F$0 E9]t9 G+0 F 9 G+G0 F$EPEP9 v,uu0 E t(9]u#9 ]9 E+"!h +j9 N juS9 E+Eh S"!Su+u9 9 E+Eu"!+GPQu u9 uu9 9 _^[U9 QS9 V9 uWv9 6uu9 u0 EVu& 0 9 0 Ez9 ~jWuu9Et[9 0 ME0 M
Ansi based on Dropped File
(~WRD0000.doc)
& & 9 MSPMPVMUM& uYuMhHPVMySu9 ME$MEfM]
Ansi based on Dropped File
(~WRD0000.doc)
& & FPM\j0 ]y;Y0 EE;tju9 9 3E9^(tFj K;Y0 EE;tj9 n 39 MP0 H0 x9 N(S5(E/"Pr9 ]& tS& u9 ^<& tjS& t_9 E!9 0 Ejh0 E& t1MQSjJP9 & t9 j9 & uMM[3@MM[37AjiP@9 FPMe[9 N(e& t9 N & t?9 N$& tf0MMJ[@j,&?MKueMvjj5pMMM03@ @j,&?M ueMjj5pMMM 3@G@j,&`?M 3PP5pM0 EaMM
Ansi based on Dropped File
(~WRD0000.doc)
& 0 u3<9 k
Ansi based on Dropped File
(~WRD0000.doc)
& 7& uuh
Ansi based on Dropped File
(~WRD0000.doc)
& 9 0 & 9 C0 & & P0 P& VP5Y9 t!u& PV5YYYfgu& u& PV5YYY >-uF0 V& 0 $s g+ `& & '& & jj0Xf0 & 9 & Qf0 & 0 E& & E& t& @0 tCC"!& @9 Ct"!30 & @t& |& s& 9 9 u3}& 9& ~0 & 9 u!& 9 & & 9 t-9 & "!RPSW{090 9 9 ~N& +F& 0 & 0 tY& t9 90tN9 0@6& u 0 & 9 & & Of8t@@& u+& 0 & & e9 & @t+tj-tj+tj Xf0 & & 9 9 ++& u& Sj 9 & a& Yt& uWSj0& Quu& ~q9 0 & P9 & & SWPRB0 & & ~)S9 & Y9 V& Y| & t& Sj tY9 0 & f& t*9 9 9 3PPPPP2 t
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 ER ~eR9 H0 }fv9 M$9 9 0 9 ;uj+t&-t!;tC}pE~S;! `j +jyHf L9 M$9 9 0 9 ; O; ^9 UG0 }#f9w"}s9 ME*EEf;s9 M$9 9 0 9 ; H+ n- eC}0 }0 } u2Mf;t!f9w }sE9 M*EMf;s0 } f! AjeJ0 MHfwjO+t +t& jQMSjYj>0 }f;tfv+(Hfvf;} t@+J0 Mt+t9 }9 E0 jX9Evs }|E0 E9 EHEaj
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 jYER eRjY"!` 10 u v9 M$9 9 0 9 :uj<+t(<-t$:t<C}<<E~<c}0<e(jJjy` 1 R9 M$9 9 0 9 : T: f9 U0 u<9}s
Ansi based on Dropped File
(~WRD0000.doc)
& ^9 G0 & 9 G0 & R& P 0 PS& SP5dY9 t!u& PS5dYYY gu& u& PS5adYYY ;-uC0 S0 0 $s HH 9 & & '& & k`& Q& 0& & G& M t0 @tGG"!9 G@t"!30 @t& |& s& 9 9 u3}& 9& ~0 & 9 u!& u9 & & 9 t-9 & "!RPSWs090 S9 9 ~NE+F& 0 & 0 tb& t9 90tW9 0@?If8t@@& u+& (& u 0 & 9 & I 8t@& u+& 0 & & \9 & @t2t& -t& +t& & 9 ++& u& Sj [9 & a& Yt& uWSj0& 9 & tf& ~b9 0 & SSPjEP& FPFx.& u(9& t & MSYu9 P& Y|& tWSj & mt&Y9 `& t
Ansi based on Dropped File
(~WRD0000.doc)
& t `VEP 9 u3u 3D343EP9 E3E3;uO@& u9 0 5 0 5 ^_[9 U9 QV9 uV30 E9 FY uN /@t
Ansi based on Dropped File
(~WRD0000.doc)
& t3MM9 `}tj`Y9 9 }M?MEDME`WhM9 PVMTM9 EME|j}l0 EPeM& tMM3`MMEME9 EPhM;PVM! & u*3ME}MEcMM9 9 ujEPeM& t3MMe9 m0 MMEME!uMh9
Ansi based on Dropped File
(~WRD0000.doc)
& t3MM9 MMEMEuMh49 APVMM9 E! MEm j} EP)eM
Ansi based on Dropped File
(~WRD0000.doc)
& t9 & tjj5(w0^_jH&9 39u R9 ;t9p & t,9 9 =0 Vps09 p 0 9 =0 9 ;tp & t9 VpM 9 M9 UR0 uP& 9 ujEjP& 9hY0 EE& t9 dc39 0 ej|9 VE0 Y 9 0 ejVEE s4usE9 9 jg9 3VVdj9 0 ejh 9 9 VVVd9 9 h222LdK<9 jgPjhM VE 9 9 0 E)i9 =Pu0 EPPVuEP9 uuuMER9 u9 =0 9 )E9 0 eP" EP9 9 9 jEPE*j9 9 9 9 Fj+QPv9 RpS 9 MEP5`3& tQ9 9 b9 jp9 jpME9 9 9 H; 9q 9p 9 u9 9 @s0 p 9 9 M0 E9 FU0 E9 RPT& u9 F+0 E9 M9 URPX& u9 F+F9 M+0 E9 EjPu9 uupS 9 jp9 Eee0 E9 E0 E9 9 H9 9 uPMM`jdR&9 9 }3;u39 ;tp & t9 Vp0 Mm9 MQ9 0 uPH& 9 9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
& t9 D3WE0 S" 1Y0 EE& t9 3`WE0 i1Y0 EE& t9 "!3WE0 B1Y0 EE
Ansi based on Dropped File
(~WRD0000.doc)
& t9 Mjh|9 N9 MPM9 MEPM0 uED9 EKtj,dseEP3CM0 ] & t9 Mjh|9 0 ]MMEME" ME9 EPhMPVM9 M& tEPjh|9 lM0 ]EE ME+M]jME^9 EesU9 Q9 Mejh9 Ej4`r9 9 u9 M&~& t
Ansi based on Dropped File
(~WRD0000.doc)
& t9 r3M0 E9 7j"69 0 uR9 3E;t 0 9 ;tm0 9 ;tZ0 9 ;tG0 S9 ;t40 9 ;t!0 9 ;t0 9 ;t0 9 ;tc0 9 ;tP0 <9 ;tP! AY0 }@9 SPl9 ;~9 S9 P9 ;t9SjP 9 ;tPj 0 0 ~}EY}lES}DER}]"!xM9 ,6U9 Q9 Mejh 9 EU9 0SVWE9 Ps@ u u9 uu 9 5PW0 E0 E8t
Ansi based on Dropped File
(~WRD0000.doc)
& t>& uMO3kSWV< & t3M(9 3FV9 t$Wj3WVH]Wh\;t%VhgP 9>u9~u
Ansi based on Dropped File
(~WRD0000.doc)
& tG9 FU9 }V9 tx& tu9 uu =xu9 uut({& tf^]U9 QQV9 9 & u%W9 }& t`0 9 }& t9 0 3@_P}u9 E& t9 N0 9 E& t9 N0 3@-e9 jURURPQ Et9 E0 F9 E0 F3^j& tt$9 sd3U9 ,SV9 }3& u9 E0 9 E0 3W9 F ;~9^$~9 M0 9 F$9 M0 3@9W9^uV~09 r9& uH9^u9 NW80 F9 N;u9 E0 9 E0 3_^[9 u9 }jVW& & 0 0 ~9 = uu9 & tjEPv(d& tYEPju& ~J9 E9]u"!+0 E9 M9 U0 9 E0 9 0 N$9 0 F 9 59]tu9] u ~u19 a& t&EPjv,& t9 E9 M9 U0 9 M0
Ansi based on Dropped File
(~WRD0000.doc)
& th3PPPPP ^U9 VWEP9 EP6 EP6@ EPu9 u & 9 Eu& t3@.& t9 M0 9 E9 +
Ansi based on Dropped File
(~WRD0000.doc)
& tMM 9 ! M ME%MEA9 EPh4MPVM& u+MEMEMM9 }9 uVOj9 G! +Y3<x^9 j M eM]MM9 9 j,D& 9 M eeEP9 PMEMEtM& t@KLMMW9 _ MME!M9 EPhdME PVM& uE@KL9 uMEME! j& EP^eMN& tMM3& MeMEM9 >uMh EPVM]3& u(MEMEMMI9 }FjDm eEP3ECP0 ]ME& t9 Mjh|9 0 ]MME ME ME9 jEPM"PVM & u9 Mjh|9 {0 ]9Mx& tjEPM9 MEPEM0 ]EaMEMEME M]2ME&9 E- jFeEPEP MEw& t$3ME
Ansi based on Dropped File
(~WRD0000.doc)
& uTMMEMEuMh89 PVM" MEMEMM`j`EP`eMP
Ansi based on Dropped File
(~WRD0000.doc)
& z& =s@n '1=E\
Ansi based on Dropped File
(~WRD0000.doc)
& }WSV^[_9 D$PPE.9 D$PPB.t$9 D$9 hSrPU9 V9 u~t*MjEPvMu04M:3^]09 D$j@jP73j ,f}uNjuMVeMM& u9 MM0 MQ3@MC3K-f}u
Ansi based on Dropped File
(~WRD0000.doc)
&0&8&B&J&" p" m&u&}&& &&" &&&" &&&'" <$'" " G'O'W'_'g''" ''''" $'" h(" 1(9(" b(" & (" " p(((((((((((#)-)" R)Z)h)" )"!)" 8)" l)))*" $*" G*" j*" 4*" `*" R*" " *++++@0" x@>+F+N+V+^+f+n+v+~+ +}+ +~+++++" ,
Ansi based on Dropped File
(~WRD0000.doc)
&0&8&B&J&"p"m&u&}&&&&&&"&&&'"<$'""G'O'W'_'g''"''''"$'"h("1(9("b("(" "p(((((((((((#)-)"R)Z)h)"))"8)"l)))*"$*"G*"j*"4*"`*"*""*++++@0"x@>+F+N+V+^+f+n+v+~+++++++++",
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&9 Ej$_U" eEP3CM0 ]& t9 Mjh|9 %jxVM&Mth`V7j`WMthHWjhHMt
Ansi based on Dropped File
(~WRD0000.doc)
'vm_pXmlDoc->save() returned HRESULT = 0x%XCXmlDocument::Savecalling m_pXmlDoc->save(%s)return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())return %d (from LoadW)return FALSE - not using helperStart. bUseHelper=%d wStrXml=%sCXmlDocument::LoadFromBufferreturn %dfailed to read fileException caught. memory size is %d m_pXmlDoc->load() return HRESULT 0x%Xreturn FALSE - file doesn't existreturn FALSE - m_pXmlDoc==NULLCXmlDocument::LoadFromFileStart. wStrFilePath=%s bUseHelper=%d@33End : return FALSE (RegOpenKeyExW returned 0x%X)End : return TRUEEnd : return FALSE (RegQueryValueExW returned 0x%X)Start : root=0x%X key=%s valueName=%sEnd : return FALSE (RegSetValueExW returned 0x%X)End : return FALSE (RegCreateKeyExW returned 0x%X)Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%sCSetupRegW::SetRegEntryStart : root=0x%X key=%sCSetupRegW::IsKeyInRegistryEnd : return %dEnd : return 0 (RegOpenKeyExW returned 0x%X)CSetupRegW::GetRegNamesCountEnd : return_value=%d rc=0x%XEnd : return FALSE (result pointer is NULL)CSetupRegW::GetIntFromRegistryValueEnd : return FALSE (RegCreateKeyW returned 0x%X)Start : root=0x%X key=%s valueName=%s value=%dCSetupRegW::WriteIntToRegistryEnd : return FALSE (RegQueryValueExW dwordType==REG_BINARY)Start : root=0x%X key=%s valueName=%s wStrValue=%sCSetupRegW::GetStringFromRegistryValueEnd : return %d (RegDeleteKeyW returned 0x%X)CSetupRegW::DeleteKeyEnd : return 0x%X (status)CSetupRegW::RegDeleteKeyAndItsSubkeysStart : hKey=0x%X lpSubKey=%sEnd : return FALSE (wStrValue from registry is empty)End : return FALSE (GetStringFromRegistryValue failed)CSetupRegW::GetBoolFromRegistryValueEnd : return %d (from SetRegEntry)Start : root=0x%X key=%s valueName=%s bValue=%dCSetupRegW::SetBoolRegistryValueEnd : return %d (rc==0x%X)Start : root=0x%X path=%s value=%sCSetupRegW::DeleteValueEnd : return FALSE (RegOpenKeyExW returned ox%X)CSetupRegW::GetRegDirectoryKeyNamesStart : hRoot=0x%X wKey=%sEnd : return FALSE (RegEnumKeyExW returned ox%X)CSetupRegW::GetFirstRegDirectoryNameEnd : return FALSEStart : root=0x%X key=%s wStrValName=%s iType=0x%XCSetupRegW::IsValueInRegistryStart : root=0x%X key=%s iType=0x%XCSetupRegW::GetRegNamesStart : root=0x%X key=%s wStrFirstName=%sCSetupRegW::GetRegFirstNameEnd : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)Start : hRoot=0x%X wStrKey=%sCSetupRegW::DeleteRegEntry;$9;xW'M>XmmmXm↓→↑←‾♦♥♣♠ÿþýüûúùø÷öõôóòñðïîíìëêéèçæåäãâáàßÞÝÜÛÚÙØ×ÖÕÔÓÒÑÐÏÎÍÌËÊÉÈÇÆÅÄÃÂÁÀ¿¾½¼»º¹¸·¶µ´³²±°&hibar;¯®­¬«ª©¨¨§&brkbar;¦¥¤£¢¡ ›™—–”“’‘‹‰‡†„‚⁄"CResourceBank::InitB)dBxxemNaGQdac
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'~vm_pXmlDoc->save() returned HRESULT = 0x%XCXmlDocument::Savecalling m_pXmlDoc->save(%s)return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())return %d (from LoadW)return FALSE - not using helperStart. bUseHelper=%d wStrXml=%sCXmlDocument::LoadFromBufferreturn %dfailed to read fileException caught. memory size is %d m_pXmlDoc->load() return HRESULT 0x%Xreturn FALSE - file doesn't existreturn FALSE - m_pXmlDoc==NULLCXmlDocument::LoadFromFileStart. wStrFilePath=%s bUseHelper=%d@x3Rx3End : return FALSE (RegOpenKeyExW returned 0x%X)End : return TRUEEnd : return FALSE (RegQueryValueExW returned 0x%X)Start : root=0x%X key=%s valueName=%sEnd : return FALSE (RegSetValueExW returned 0x%X)End : return FALSE (RegCreateKeyExW returned 0x%X)Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%sCSetupRegW::SetRegEntryStart : root=0x%X key=%sCSetupRegW::IsKeyInRegistryEnd : return %dEnd : return 0 (RegOpenKeyExW returned 0x%X)CSetupRegW::GetRegNamesCountEnd : return_value=%d rc=0x%XEnd : return FALSE (result pointer is NULL)CSetupRegW::GetIntFromRegistryValueEnd : return FALSE (RegCreateKeyW returned 0x%X)Start : root=0x%X key=%s valueName=%s value=%dCSetupRegW::WriteIntToRegistryEnd : return FALSE (RegQueryValueExW dwordType==REG_BINARY)Start : root=0x%X key=%s valueName=%s wStrValue=%sCSetupRegW::GetStringFromRegistryValueEnd : return %d (RegDeleteKeyW returned 0x%X)CSetupRegW::DeleteKeyEnd : return 0x%X (status)CSetupRegW::RegDeleteKeyAndItsSubkeysStart : hKey=0x%X lpSubKey=%sEnd : return FALSE (wStrValue from registry is empty)End : return FALSE (GetStringFromRegistryValue failed)CSetupRegW::GetBoolFromRegistryValueEnd : return %d (from SetRegEntry)Start : root=0x%X key=%s valueName=%s bValue=%dCSetupRegW::SetBoolRegistryValueEnd : return %d (rc==0x%X)Start : root=0x%X path=%s value=%sCSetupRegW::DeleteValueEnd : return FALSE (RegOpenKeyExW returned ox%X)CSetupRegW::GetRegDirectoryKeyNamesStart : hRoot=0x%X wKey=%sEnd : return FALSE (RegEnumKeyExW returned ox%X)CSetupRegW::GetFirstRegDirectoryNameEnd : return FALSEStart : root=0x%X key=%s wStrValName=%s iType=0x%XCSetupRegW::IsValueInRegistryStart : root=0x%X key=%s iType=0x%XCSetupRegW::GetRegNamesStart : root=0x%X key=%s wStrFirstName=%sCSetupRegW::GetRegFirstNameEnd : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)Start : hRoot=0x%X wStrKey=%sCSetupRegW::DeleteRegEntryx;$9;xW'M>: XmmmXxxm↓→↑←‾♦♥♣♠ÿþýüûúùø÷öõôóòñðïîíìëêéèçæåäãâáàßÞÝÜÛÚÙØ×ÖÕÔÓÒÑÐÏÎÍÌËÊÉÈÇÆÅÄÃÂÁÀ¿¾½¼»º¹¸·¶µ´³²±°&hibar;¯®­¬«ª©¨¨§&brkbar;¦¥¤£¢¡ ›™—–”“’‘‹‰‡†„‚⁄"CResourceBank::InitRB ) dB xx emNaG Qd ac
Ansi based on Dropped File
(~WRD0000.doc)
&Ej$_UeEP3CM]tMjh|%jxVM&Mth`V7j`WMthHWjhHMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&M&M%M%M%9 T$B9 JS3" ` M M%M~MM+M%9 T$B9 J 3D" e M5Mw%M3Mg%M_%9 T$B9 J3" " MH<%MX4%M,%MM%M%M%M8%M R*MX$MX$9 T$B9 JR3} L M$xSM$uaY9 T$B9 `t3K l M@ $M0~$Mv$MM f$M^$M0V$9 T$B9 J3 M3$M+$M9 T$B9 J3 " M$9 T$B9 J3 " M#M19 T$B9 J3w " 9 MvP9 M9 M@R9 MlJ9 Mz#M(u"!Yu"!Yu "!Yu"!Yu"!Yuy"!Yuo"!Yue"!Y9 T$B9 J3 9 MO9 M]9 M@9 Ml 9 M"9 T$B9 J3i ` MHuYuY9 T$B9 J32 S Mm"9 T$B9 J3 (0 u9 Y9 T$B9 J3 T MM"M09 T$B9 J3 u3Y9 T$B9 J3 M!M!M!M!M!M!M!M " !9 T$B9 J37 X Mr!Mj!Mb!MZ!9 T$B9 J3d M7!M/!9 T$B9 J3 9 M!9 T$B9 J3 M9 T$B9 J39 MS MR MS MR MS MR~ 9 T$B9 J3@a 9 MD9 T$B9 J3p> u"! YMN MF 9 T$B9 J3 M# u\ YM uJ Y9 T$B9 J3 Mu Y9 M9 T$B9 J3t," Mu" Y9 MM" M-9 T$B9 J3/PP MjMbMZ9 T$B9 J3} M79 E e9 MMMM9 T$B9 J3}Mu" Y9 MMM9 T$B9 J3c}$ M~u YMRM(9 T$B9 JR3&}GMaMYMQMIMM9M19 T$B9 JR3M9 T$B9 J3u, Yu" Yu Y9 M9 T$B9 J3o\M$9 T$B9 J3LmM +MMwMoM"9 T$B9 `|3'MA+9 T$B9 J3RMSMM9 M9 T$B9 J3RD}9 MH9 T$B9 J3& Rp}9 M 29 T$B9 J3bRS}MT9 T$B9 `P31RR}M9 T$B9 JR3R/}9 M 9 T$B9 J39 (}ug YMMMMMMMt& MM9 T$B9 `p3p9 L u Yu Y9 T$B9 J3A9 b9 M9 M~9 M`9 T$B9 J39 #9 M 9 M?9 T$B9 J3`HR9 M9 T$B9 J3`tRM(u" Yu YM9 T$B9 J3o`RM(9 T$B9 J3L`mRM! (9 T$B9 J3)`JR9 Md9 T$B9 J3`<'RM9 T$B9 `p30 hRMw9 T$B9 J30 9 Ml9 T$B9 J3a0 9 uYMMMM9 T$B9 J3U0 v9 M4MM M@xM0pMPhM `MMMHM`SM8M0M(xMh'9 T$B9 `p3T`9 M"9 T$B9 J3 `MpM9 T$B9 J3fD! `MEM`]M M 0 M0@dMnMfM^MVMDNMT
Ansi based on Dropped File
(~WRD0000.doc)
&M&M%M%M%T$BJ3`MM%M~MM+M%T$BJ3DeM5Mw%M3Mg%M_%T$BJ3"MH<%MX4%M,%MM%M%M%M8%M R*MX$MX$T$BJ3LM$xM$uYT$Bt3KlM@$M0~$Mv$MM f$M^$M0V$T$BJ3M3$M+$MT$BJ3M$T$BJ3M#M1T$BJ3wMvPMM@MlJMz#M(uYuYuYuYuYuyYuoYueYT$BJ3MOM]M@MlM"T$BJ3iMHuYuYT$BJ32SMm"T$BJ3(0uYT$BJ3TMM"M0T$BJ3u3YT$BJ3M!M!M!M!M!M!M!M!T$BJ37XMr!Mj!Mb!MZ!T$BJ3dM7!M/!T$BJ3M!T$BJ3MT$BJ3M M M M M M T$BJ3@aMDT$BJ3p>uYMN MF T$BJ3M# u\YM uJYT$BJ3MuYMT$BJ3t,MuYMMM-T$BJ3/PPMjMbMZT$BJ3M7EeMMMMT$BJ3MuYMMMT$BJ3c$MuYMM(T$BJ3&GMaMYMQMIMM9M1T$BJ3MT$BJ3u,Yu"YuYMT$BJ3o\M$T$BJ3LmM+MMwMoM"T$B|3'MA+T$BJ3MMMMT$BJ3DMHT$BJ3pM2T$BJ3bMTT$BP31RMT$BJ3/MT$BJ3(ugYMMMMMMMtMMT$Bp3pLuYuYT$BJ3AbMM~M`T$BJ3#MM?T$BJ3HMT$BJ3tM(u"YuYMT$BJ3oM(T$BJ3LmM(T$BJ3)JMdT$BJ3<'MT$Bp3hMwT$BJ3MlT$BJ3uYMMMMT$BJ3UvM4MMM@xM0pMPhM `MMMHM`M8M0M(xMh'T$Bp3TM"T$BJ3MpMT$BJ3fDMEM`]MM M0@dMnMfM^MVMDNMT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&Oy3 . ! v2f0 x.d %4ku`0 e:Pr~4Ekp!R-U)aR$ $xgL%w,U/$BEjOiI 0 f^$[PT}zhp)SFk ZaJrS}~) XE-)p: wsx -j
Ansi based on Dropped File
(~WRD0000.doc)
&Oy3. v2f.d%4ku`e:Pr4Ekp!-U)aR$$xgL%w,U/$BEjOiI f^$[PTzhp)SFkZJrS}~)XE-)pws -j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&S-`KRkS@4C5|mF.O=30P t.=(DS0n
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&S-`KRRkS@ 4C5|mF& .O=9 30SP t.=(DS0 n
Ansi based on Dropped File
(~WRD0000.doc)
'''___,,,
Ansi based on Image Processing
(screen_0.png)
',:_.__...J..i.n...d...a...w....s....(..S..._.....n...d...a...r..d...t..,'_:_
Ansi based on Image Processing
(screen_0.png)
'_i__kar:a_
Ansi based on Image Processing
(screen_0.png)
'`Th[*zDG;GIF89avhvuxt}y!v,ve*p2#L$ Vr;fjiZlK+aNoX^OAB(6P-M:D&g>=Cm_n%1"[h]k0JT<,8734@GHQtcR/p9E"Q01B#;)~Th;GIF89avhvuxt}y!v,ve*p2#L$ Vr;fjiZlK+aNoX^OAB(6P-M:D&g>=Cm_n%1"[h]k0JT<,8734@GHQtcR/d9\rbNA.uPhPU*1EG;GIF89aovr|rl|^hy}dtqeynrskuphqvj|}jMj!,H A,@<@FtPrP,%>!G(v 3 9`$1\a1\!QxQcYSH1TlLy!a!0P|"nF#-|!A:]XDa*$m(HDSN;GIF89a~q!,H`@"qO)XP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'd____._._.
Ansi based on Image Processing
(screen_0.png)
'tag'MjaXy'M4+G Df$f`O8TrfujIh8y
Ansi based on Dropped File
(~WRD0000.doc)
'tag'MjaXy'M4+G Df$fO8TrfujIh8y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'VeriSign Class 3 Code Signing 2009-2 CA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
'VeriSign Class 3 Code Signing 2009-2 CA0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
((((( H
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
(((((((((((PSPUBWSP
Unicode based on Runtime Data
(WINWORD.EXE
)
(0%+w%lP(HNM$;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
(0%+wx%lP("!HNM$;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
(0=0L0c0w0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
(9 VVVVV^]9 U9 uMd+9 E~EPju9 9 MH }t9 Map9 U9 =Tu9 E9
Ansi based on Dropped File
(~WRD0000.doc)
(no title)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
(P`aR00aM/r&@;GIF89ae!e,eG/-3Qe6]@T8Z<OI&;_:75
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
(P`aRS0 0a M! /r0 &9 : @;GIF89ae: R : "!~Sa!e, eG/- ! 3Qe6 ]@T"!a8Z<OI&;_:75
Ansi based on Dropped File
(~WRD0000.doc)
(VVVVV^]UuMd+E~EPjuMH}tMapU=TuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
(Y9 U9 9 EV4>uP"Y& ujGY6 ^]9 U9 9
Ansi based on Dropped File
(~WRD0000.doc)
(YUEV4>uP"YujGY6^]U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
)x9 M?|9 M 9 M= 9 M\"9 T$B9 J3u
Ansi based on Dropped File
(~WRD0000.doc)
)xM?|MM=M\"T$BJ3u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*" 8|(@+@t+" " 0/l|ds(0s( 0" " 19" D\dl" x" " " ,"" X"
Ansi based on Dropped File
(~WRD0000.doc)
*"8|(@+@t+""0/l|ds(0s(0""19"D\dl"x""",""X"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*6EPEdPEhYYMdE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*F&$W #U8SIEQBZ
Ansi based on Dropped File
(~WRD0000.doc)
*F&$W#U8SIEQBZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*ug1EujP;EtunY@SEPjPjh}ftf:uf\tf/uGGhMWYYu3hMWYYu"hMWYYuhMWYYtxWFSP|]U$EEEtt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*ug9 10 EujP;EtunY9 9 @S0 EPj& Pjh }f& tf:uf\tf/uGGhMWYY& u3hMWYY& u"hMWYY& uhMWYY& tx WFSP|9 ]9 U9 9 $ EEE& tt
Ansi based on Dropped File
(~WRD0000.doc)
+ 70% <<<Obsolete>>>0 0* H
Ansi based on Dropped File
(~WRD0000.doc)
+ 7100* H
Ansi based on Dropped File
(~WRD0000.doc)
+"!+G9 F9 N ;~+"!+uFH9 FWX(39 Nv w7u9
Ansi based on Dropped File
(~WRD0000.doc)
++GFN ;~++uFHFWX(3Nv w7u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+0u+i0g0$+0 http://ocsp.verisign.com0?+0 3http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0U#0 k&p? -5: 0` H B0
Ansi based on Dropped File
(~WRD0000.doc)
+0u+i0g0$+0http://ocsp.verisign.com0?+03http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0U#0k&p?-50`HB0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+70% <<<Obsolete>>>0 0*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+\A;r9 D=9 +0 ]0 3N0 Ut3D
Ansi based on Dropped File
(~WRD0000.doc)
+\A;rD=+]3NUt3D
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+]9 U9 9 E`MSVW30 x9 E30 x9 EC0 xt
Ansi based on Dropped File
(~WRD0000.doc)
+]:0kkkkkkkkk(e\kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk? h( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
+]:0kkkkkkkkk(e\kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk?h( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+]UEMSVW3xE3xECxt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+CHttpManager::ReturnWithErrorCHttpManager::DownloadFileHelperException was throw while downloading [%s]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+H9 0 E9 N,+0 M9 v8j9 E0 F 9 E0 F9 E0 G9 +0 G9 E0 F4WV_^[9 M9 U$& `\} 9 MeMECE}r9 E9 0 N Ht<Ht*H& [9 EG0N0 F 9 Ej\mjX)EWEPEPEPEPJWuuuu(0 F& mmm9 M9 E)M0 E9 M } eMEC0 M r9 M9 E%;& 0 F30 E0 E9FtjX
Ansi based on Dropped File
(~WRD0000.doc)
+HEN,+Mv8jEF EFEG+GEF4WV_^[MU$`\}MeMECE}rENHt<Ht*H[EG0NF Ej\mjX)EWEPEPEPEPJWuuuu(FmmmME)MEM }eMECM rME%;F3EE9FtjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+j<*u~PFFdF$FFFF F$l$FXF\EgEtPQE$M9*\DP<L$ytAt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+M+ME}3}E}+9}U}u}u}};}}}U9U~U+UU9U~U+UU2E2MuPjEPp)E)EEEjEP{3EttQjs0MM+V3jPFFFP5^aU(WEPW5xufVj(3EVP`5EhVEuuEujEEEPu}|^fu33@_UEVPFu3KtSWEPv<5]}+]+}jvSWuuhh|hh39FSWPPSWjjE}jPWWE3CSWvtW=ujPvjjdjv~WWv^_[^UVf\;Fu`vt0EPv<E+EjPE+EPuuvf^|$Vu,\Pvtv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+M9 N?0 M~j?^; 9 J;Ju\ }&9 9 M|80 ]#\D0 \Du39 M9 ]!,O9 MR|8!0 ]u9 ]9 M!K9 ]}9 J9 z0 y9 J9 z0 y 9 M9 y0 J0 z0 Q9 J0 Q9 J;Ju^`LM L}# }u 9 ;9 9 M|D) }u
Ansi based on Dropped File
(~WRD0000.doc)
+MN?M~j?^;J;Ju\ }&M|8]#\D\Du3M]!,OM|8!]u]M!K]}JzyJzyMyJzQJQJ;Ju^LM L}#}u;M|D)}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+t3& x\9 & & pY+t3& x\9 & & wpY+t3& x\9 3& & R9 p;qt~Yp+t3& x\9 & & )pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & "!pY+t3& x\9 & & xpY+t3& x\9 & & WpY+t3& x\9 3& & 29 p;qt~pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & 9 p;qtrpY+t3& x\9 & u}pY+t3& x\9 & u`pY+t3& x\9 & uCpY+t3& x\9 3& u"+; ! $0 9 9 P;QtqQ+t3& xT9 & upQ+t3& xT9 & upQ+t3& xT9 & u: pQ+t3& xT9 3& & v9 P;Qt}Q+t3& xT9 & & NpQ+t3& xT9 & & -pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & ~pQ+t3& xT9 & & }pQ+t3& xT9 3& & X9 P;Qt}Q+t3& xT9 & & 0pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & ^pQ+t3& xT9 3& & 99 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;QtoQ+t3& xT& u6pQ+t3& xT& upQ+t3& xT& t9 @I+t3& xL9 3& u3[S
Ansi based on Dropped File
(~WRD0000.doc)
+t3& x\9 & & pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & p
Ansi based on Dropped File
(~WRD0000.doc)
+t3\pY+t3\3p;qt~pY+t3\p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+t3\pY+t3\wpY+t3\3Rp;qt~Yp+t3\)pY+t3\pY+t3\pY+t3\3p;qt~pY+t3\pY+t3\xpY+t3\WpY+t3\32p;qt~pY+t3\pY+t3\pY+t3\pY+t3\3p;qtrpY+t3\u}pY+t3\u`pY+t3\uCpY+t3\3u"+;$P;QtqQ+t3TupQ+t3TupQ+t3TupQ+t3T3vP;Qt}Q+t3TNpQ+t3T-pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3T}pQ+t3T3XP;Qt}Q+t3T0pQ+t3TpQ+t3TpQ+t3T3P;Qt~Qp+t3TpQ+t3TpQ+t3T^pQ+t3T39P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;QtoQ+t3Tu6pQ+t3TupQ+t3Tt@I+t3L3u3[S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
, CASRb`*\^L p fbdJ
Ansi based on Dropped File
(~WRD0000.doc)
," 4" R-,5,=,E,M,U,`,h,p,x, ,
Ansi based on Dropped File
(~WRD0000.doc)
,"4"-,5,=,E,M,U,`,h,p,x,,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,%5EUeu`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,,,," ," (---" T7-?-G-" j-r-z- -" -" -" <@h" x..." E.M." s.}." 0.." d..." .///" </F/" k/u//" L///" ///" 00" ;0C0" 4i0q0y00" h0" 0" 001" " d,141<1D1L1T1\1 11! 11" S1" " 021112B2J2" Xm2u2}2" R22" " 22222%303" H0 3q3y33" |" 3333344" " d<4D4L4T4\4"
Ansi based on Dropped File
(~WRD0000.doc)
,,,,","(---"T7-?-G-"j-r-z--"-"-"<@h"x..."E.M."s.}."0.."d...".///"</F/"k/u//"L///"///"00";0C0"4i0q0y00"h0"0"001""d,141<1D1L1T1\11111"1""021112B2J2"Xm2u2}2"22"" 22222%303"H3q3y33"|"3333344""d<4D4L4T4\4"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,S_l_numbrum,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,_-__
Ansi based on Image Processing
(screen_0.png)
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,Spal_numbrum,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Ansi based on Image Processing
(screen_0.png)
,.;:|*&/\
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
,0 %5EUeu& " `
Ansi based on Dropped File
(~WRD0000.doc)
,0 3^]9 U9 9 E]9 U9 9 E9
Ansi based on Dropped File
(~WRD0000.doc)
,1XYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
,1XYYYYYYYY4BL;11
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,3^]UE]UE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,CARb`*\^L pfbdJ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,D[B'5R)NE%[JPHZ1W4[< 2KG(*"Y;[!FAUS@T$7[C8-O /6I
Ansi based on Dropped File
(~WRD0000.doc)
,D[B'5R)NE%[JPHZ1W4[< 2KG(*"Y;[!FAUS@T$7[C8-O/6I
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,f9 jp0 MEMM9 jd&9 ^9 E0 E9 E@0 EEPM;eMvjh`ME_}EPEPE@YYMEdEPM}ME[EPME[\9 & thj_jVMMEnPMVMjMRPMME=PMM,PM 9 jEP9 e9 (ME"!! ME! MEZMEu! MEi! MM]! gj,& 9 9 ! & tX9 p& tQ & uH9 9 Pp9 u"M?eM}MM9 ?ijVw0j '
Ansi based on Dropped File
(~WRD0000.doc)
,fjp0MEMMjd&^EEE@EEPM;eMvjh`ME_EPEPE@YYMEdEPMME[EPME[\thj_jVMMEnPMVMjMRPMME=PMM,PMjEPe(MEMEMEZMEuMEiMM]gj,&tXptQuHPpu"M?eM}MM?ijVw0j '
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,g`%^ & vt
Ansi based on Dropped File
(~WRD0000.doc)
,g`%^&vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- ]: t: t]: jhGX39tVE@tH9 t@0 EU.9 E9 9 =t
Ansi based on Dropped File
(~WRD0000.doc)
- ]: t: - ]: : t
Ansi based on Dropped File
(~WRD0000.doc)
- Attempt to initialize the CRT more than once.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- Attempt to use MSIL code from this assembly during native code initialization
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- CRT not initialized
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- floating point support not loaded
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for _onexit/atexit table
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for arguments
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for environment
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for locale information
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for lowio initialization
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for stdio initialization
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for thread data
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- pure virtual function call
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unable to initialize heap
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unable to open console device
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unexpected heap error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unexpected multithread lock error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
--== Logger finished ==--
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
--== Logger initiated ==--
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
-]t t]jhGX39tVE@tH9t@EU.E=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
-_lid.dll.d0c
Ansi based on Image Processing
(screen_0.png)
-F;0|$;rSQRPj0FU;u|drjjdRPj0UF;u|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
-F;9 0|$;rSQRPj0F0 U9 9 ;u& |drjjdRPSj00 UF9 9 ;u& |
Ansi based on Dropped File
(~WRD0000.doc)
-incomplete dynamic bit lengths tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
-N%,9 P;06C59 9 ;GIF89a'!',i)QR2& PP,: B& VkQ(]NA|DR }s <
Ansi based on Dropped File
(~WRD0000.doc)
-N%,P;06C5;GIF89a'!',i)Q2PP,:B&VkQ(]NA|D}s<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
. .~(6Z! UbD{'@! %8I < so #Z0]RB!Rq>=#. 0XR!%& TFD*#qA n@K4X"x' `0 bR0F
Ansi based on Dropped File
(~WRD0000.doc)
. .(6ZUbD{'@%8I<so#Z0]B!q>=#.0XR!%TFD*#qAn@K4X"'`bR0F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.(>?$ &&3?*.?2('?19:!!="7B4'+D F85%%FCA;GIF89a? a {S x"! S: x : "! !?,xpH,Z hnLF C1zH~D (j4,b-: kD
Ansi based on Dropped File
(~WRD0000.doc)
.(>?$&&3?*.?2('?19:!!="7B4'+D F85%%FCA;GIF89a?{x!?,pH,ZhnLFC1zHD(j4,b-kD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
...<program name unknown>Runtime Error!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.9 0 ejh|9 Et*v|vxvt9 N<M8Pu^T9 0 E& u4~p9 t
Ansi based on Dropped File
(~WRD0000.doc)
.9 M9 T$B9 J38M9 T$B9 J3MM@M MMMMLMMMMM0M9 T$B9 J3l9 Jt3bMAMY9 T$B9 J37TXMM.MbM9 T$B9 J3%M#9 T$B9 J3u]YMM
Ansi based on Dropped File
(~WRD0000.doc)
.;\l aat9Gw&sc ;d >jm
Ansi based on Dropped File
(~WRD0000.doc)
.;\l t9Gw≻d>jm
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.?AUIClassFactory@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIConduitAlert2@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIConduitAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIDispatch@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIDocHostUIHandler@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIElementBehavior@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIElementBehaviorFactory@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIHTMLPainter@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIInternetSecurityManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUINewWindowManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleClientSite@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleCommandTarget@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleControlSite@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleInPlaceFrame@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleInPlaceSite@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleInPlaceUIWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIServiceProvider@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIUnknown@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AV__non_rtti_object@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AV_com_error@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_cast@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_exception@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_typeid@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVBitmap@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAbstractAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertAboutBoxDlg@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertALPResponseObject@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertAppManagerFact@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertChannelItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertChannelsList@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertClient@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertDialogChildButton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertDialogChildButtonCheckBox@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlerter@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertExpirationData@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertFeedItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertGui@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertHTMLDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertHTMLDialogBrowserContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertHttpManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertLogger@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertLP@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertOptionsDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertOptionsDialogTitleBar@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertOptionsDialogWindowStyle@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertResourceBank@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertSingletonAllocator@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertTitleBar@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertTrayIcon@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertViewRecentPopUpWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertWindowStyle@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAppManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAppManagerFact@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCArrayPtr@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCArrayStringW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAtlException@ATL@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAutoUpdateThread@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCBaseWnd@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCCabExtractor@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCChildButton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCChildButtonStatic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCClassFactory@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCCommandId@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCConduitAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCCritical@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogChildButton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogChildButtonCheckBox@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogChildButtonStatic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogLineDivider@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDictionary@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDispatcher@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDummyJob@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventAlertClient@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventAlertGui@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventGeneral@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventHttpReply@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventHttpRequest@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventLogger@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventLogic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventQuerySent@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventSingleton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventSingletonGeneral@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventUsage@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCFileHandler@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCGdiPlusBitmap@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCGdiPlusBitmapResource@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCHTMLDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCHTMLDialogBrowserContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCInstantAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCInternationalizationHelper@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJob@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJobDownloadFile@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJobRequestPost@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJson@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonArray@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonBoolean@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonNull@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonNumber@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonObject@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonObjectPairValue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonString@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonValue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLanguagePack@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCListBase@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCListViewCtrl@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLogger@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLoggerWnd@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLogic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLPManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMapPtr@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMapStringPtrW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMovingFrame@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyTitleBar@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyTrayIcon@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyWnd@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCNotificationsFeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCNotificationsItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCPicture@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCPopUpWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCPriorityQueue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCQueryResult@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCQueue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCReferencedSeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRegMonitor@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRegValue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCResourceBank@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRSSAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRSSFeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRSSItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCServiceMapManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSetupRegW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonAllocator@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonLogic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonSeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCStringBufferW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCStringTokenizerW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSyncMapPtr@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSyncMapStringPtrW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCThreadPool@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCTooltip@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCTranslatedKey@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCTrayIconPopUpMenu@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCUnknown@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCUtils@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCVersion@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWebBrowserContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWebBrowserDispatcher@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWindowStyle@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWindowStyledBorder@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCXmlDocument@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCXmlNode@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVGdiplusBase@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVIAlertResultEvents@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVIDefaultTranslationsLoader@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVImage@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVlength_error@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVlogic_error@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVout_of_range@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.Class 3 Public Primary Certification Authority0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.ejh|Et*v|vxvtN<M8Pu^TEu4~pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.MT$BJ38MT$BJ3MM@M MMMMLMMMMM0MT$BJ3lJt3bMAMYT$BJ37TXMM.MbMT$BJ3%M#T$BJ3u]YMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.pA `@+W`<5
Ansi based on Dropped File
(~WRD0000.doc)
.pA`@+W`<5
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.u9 uhhpjM& _t-}t'jhrh`rjus& t
Ansi based on Dropped File
(~WRD0000.doc)
.uuhhpjM_t-}t'jhrh`rjust
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/0M'PhvM &Sh0 ME5E PEPE
Ansi based on Dropped File
(~WRD0000.doc)
/0M'PhvM &ShME5E PEPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/9 B+E9 ;s9 9 ])E0 _ 9 +0 w9 u0 B9 E9 +20 r0 O439 J+M9 B M;s9 E9 E0 _ 9 ++0 w9 u0 J9 +
Ansi based on Dropped File
(~WRD0000.doc)
/B+E;s])E_ +wuBE+2rO43J+MBM;sEE_ ++wuJ+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/ehhhhhhhh"PCM0Lhhhhhhhhhf&QOEhhhhhhhhhh@T#*hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhh! h 4VS_VERSION_INFO?StringFileInfo040904b04CommentsAlert ver 1.0:
Ansi based on Dropped File
(~WRD0000.doc)
/ehhhhhhhh"PCM0Lhhhhhhhhhf&QOEhhhhhhhhhh@T#*hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhhh4VS_VERSION_INFO?StringFileInfo040904b04CommentsAlert ver 1.0:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/ME/MEPM0E/M@0 ]" /9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
/ME/MEPM0E/M@]/Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0 }[4 9 RT&L 2RI &"!e;GIF89apx !p, pFO! i?kp_ Tna: Sj(\N=IXG
Ansi based on Dropped File
(~WRD0000.doc)
0 & 9 x8t`P4UM`8jEPKPY& t:9 4+M3@; j& @SP C& DjS& @P 3PPjMQj@QPC& D 9 & \j& <PVEP9 & (9 4T & )9 & D9 09<0 & 8R j& <PjEP9 & (9 E
Ansi based on Dropped File
(~WRD0000.doc)
0 0 R0 50 = fRfR
Ansi based on Dropped File
(~WRD0000.doc)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0$0,0@0\0`0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0(040X0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0.090@0[0`0h0n0u0{0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 00040D0H0L0P0T0\0t0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 012A22;4U4" 4u5 5 5555w6}66666&7v88y::;& ; ;;<<$<< <<<<f=y==0 ===#>P>m> >-?=???0&000J00001A1b19 12/2@2F2222224*4 4455u6R6777A7 7 7777777883898C8R8X8 8a888!909d9k9999::::[;k;;W<! <<7======>Y>b>n>& > >>>>>>>??/?=?k? ?? ???? .00000,1d111111
Ansi based on Dropped File
(~WRD0000.doc)
0 0H0l0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 1'1:1l1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 79 VP39 M_^3[: 9 D$"!@9 @
Ansi based on Dropped File
(~WRD0000.doc)
0 9 E0 G 9 E0 G9 E0 F9 E9 +VN0 0 W4CWssPCPI9 W40 E9 0 E9 F0 E9 G 0 E9 G0 E9 G0;s+H9 G,+}0 Et3}" D0 9 EnC0 C9 C0 C&} R9 E9 MeMEEE9 C9Er9 & 4#E9 KHm0 E@)E9 E0 M& u9 @0 Cv9 Mt0 K9 @0 CW@u0 K9 H0 CA -} 9 E9 MeMEEE9 C9Er9 & 4#E9 KCm9 )EC0 C9 C0 C&} {9 E9 MeMEEE9 C9Er9 & 4#E9 KHm0 E@)E9 Mt0 C9 A0 Cb@& 30 C9 A} 9 E9 MeMEEE9 C9Er9 & 4#E9 KCm9 )E9 O(9 +C0 E;s9 G,+0 E9 EE0 E;G(r9 E{ & u}9 G,;u9 G09 O(;t9 ;s+H9 G,+& uXu0 W4VW9 W40 E9 G0;s+H9 G,+9 O,0 E;u9 O(9 G0;t9 ;s+H
Ansi based on Dropped File
(~WRD0000.doc)
0 9 EJ0 G49 Ec t9 J+M9 ;s9 E9 B+E9 BhM;s9 9 M0 _ 9 ++0 w9 u0 B9 +0
Ansi based on Dropped File
(~WRD0000.doc)
0 9 G;0u0 0 ^9 G;pu0 X9 C9 9 Q;
Ansi based on Dropped File
(~WRD0000.doc)
0 9] tAPAP_^[]9 U9 juuuuuu]9 U9 9 ESV39 C0 ut ]tS}YtEtjcYv aE jA9 EY#tT=t7=t;ub9 M {LH9 M{, 29 Mz 9 Mzx x E 3t9 W9 }D9 EPQQ$x9 M]}
Ansi based on Dropped File
(~WRD0000.doc)
0 [4RT&L2RI&e;GIF89ap!p,pFOi?kp_Tnj(\N=IXG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0 ];r;u19 h{u
Ansi based on Dropped File
(~WRD0000.doc)
0 ];r;u9 0 ]& u3S:Y9 K0 9 C8t0 p9 C9 0 Ut9 R9 |D#M#u)e9 HD9 9#U#uE9 9 U9 iRD0 M9 LD3#u9 R#Mj _G& }9 M9 T9
Ansi based on Dropped File
(~WRD0000.doc)
0 ];r;u9 h9 S9 ;#U#u
Ansi based on Dropped File
(~WRD0000.doc)
0 ];r;u[{u
Ansi based on Dropped File
(~WRD0000.doc)
0 ]f;Lf;Cf;! 5?f;wK30 E0 E9f9 E}f0 E9 E0 E9 E0 Ef0 }V33f9u H% 0 E\3f;uFEu9Eu9Euf0 Ef;uFEu9Eu9E v0 E}E9 E9 M0 M& ~JM0 MD9 Me9 W
Ansi based on Dropped File
(~WRD0000.doc)
0 AX9 Pt}u9 Px3';uu9 uuuuP|q]U9 S9 ]VW& u3;9 CURP<& t$9 M& t9 S9 R9 ssP<3@_^[]U9 ,VE9 Pv@ & SWu u9 uu 9 =PS0 E~80 Et9 N89 SP<EP9 0 uEPEP9 =& t:9 E30 E;tp & t9 MVVSTs9 MEPEP& u3h VVSuuVVu uSuS_[^j9 9 Rj"!Y& uEM?eMRK}9uw9 t!MMz? Vt$9 t$ t t& u'! 9 9 & t9 9 P|^9 D$& t|$t
Ansi based on Dropped File
(~WRD0000.doc)
0 E#0 UtYjSSu9 #tA9 u9 }+; SjH P$ 0 E& u 9 _^[h uYY0 E& |
Ansi based on Dropped File
(~WRD0000.doc)
0 E,0 E9 E0 EEPjh9 EE9 }0 E0 EEPCv09 }v9 vP`9 }9 jP'+j@,@*39]R-; & u9 !@9 ;tuMem9 0 ]+;0 E0 ]~Gu9 ?& t.MQ9 ,uPFPMEtM9 E& t"E9 E;E|MM
Ansi based on Dropped File
(~WRD0000.doc)
0 E0 ];vnu9 ,B9 ;tSj-&Y9 0 M0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
0 E0 E9 0 }0 }0 }0 };tp & t9 Wp0 M 9 M9 UR0 }P@& jEWPEG9& xhLBY0 EE;t9 39 0 ejh|9 E0 : s49 9 s9 jp9 u3VVPLj9 0 ejh b9 9 VVj9 9 jpP9 u39 9 9 URPP9 9 EPEP9 E9 M;0 M|0 E9 ;tp & t9 Wp0 M 9 M9 U REPD& jEWPE
Ansi based on Dropped File
(~WRD0000.doc)
0 E339uu9u " D|
Ansi based on Dropped File
(~WRD0000.doc)
0 E89 E,+"!+0 E4j0 E<jE0PuDTE0
Ansi based on Dropped File
(~WRD0000.doc)
0 E9 E+E0 Mu9 9 Ps|
Ansi based on Dropped File
(~WRD0000.doc)
0 E9 Q9 Px9 3;~Bj
Ansi based on Dropped File
(~WRD0000.doc)
0 E;t9 j9 E9]|WSW9 _^[j& A33q(f0 E0 }9>u9 A$9 VPQ0& t9 Eu9 a9 69 MQWVP;u0 }9 E9 URP0 }QdhMc u
Ansi based on Dropped File
(~WRD0000.doc)
0 E`9Uu3f0 E9U 9 M 39 E}T0 M ; k9 f9r9 }M]K
Ansi based on Dropped File
(~WRD0000.doc)
0 E`9Uu3f0 E9U 9 M39 E}T0 M; k9 f9r9 }M]K
Ansi based on Dropped File
(~WRD0000.doc)
0 EEPEP9 {
Ansi based on Dropped File
(~WRD0000.doc)
0 Ej%Su0 EP0 E& S9 0 ejh|9 v9 }R9 SuP`MS "!jhP9 MREhESPERPEZYYMREm9 }R9 USRPP9 }REPEP9 E9 M;0 M|0 ER}l9 SPMMSjuP0 E& S9 0 ejh|9 v9 }9 juP`MSjhMRE ESPERPEYYYMRE9 }9 USRPP9 }EPEP9 E9 M;0 M|0 E}l9 jPMMSDu& 9 M9 E;~0 M0 E9 E;E~0 E0 EE
Ansi based on Dropped File
(~WRD0000.doc)
0 Em: }9 ]3tjZttt tt9 #t(=t=t;utut0 U9 395 0 }]9 E yj^ttttt9 `#t* t@t;u@ #@t-t
Ansi based on Dropped File
(~WRD0000.doc)
0 Ep u\9 M`h*j9 EP9 EXE;t9 PQME
Ansi based on Dropped File
(~WRD0000.doc)
0 EP9 0 }9 MSWM>
Ansi based on Dropped File
(~WRD0000.doc)
0 E}9}urE lTtXtCHt/t& uCE9}u:eE09}u%UEu & t3FFf;& 9} FFf> tjVh^lS& & `j XFFf9tf>=& GFFf9tjh^V]O& u
Ansi based on Dropped File
(~WRD0000.doc)
0 F WE,P9 0 ^9 9 vMM,s9 {B4jV A9 9 Ee0 9 E0 9 E0 EP} 9 E$MM0 B U9 V9 ~tWvt<R 9 & tHW& t=EPv< jEPW9 zuEPW& tujv _^9 D$3& ~0 A$j<B0 Q9 T$0 Q*9 D$3& ~0 A(jLB0 Q9 T$0 Q9 D$3& ~0 A,j\B0 Q9 T$0 Q9 D$;Aua|3Vj9 t4PhRhHj0 F?3^U9 V9 9 F& t5~|u/0 EEPEE\ 9 F|0 3^U9 VE9 Pv@ 9 MP}Mj9 O^U9 V9 u& u3}t(9 A8HtHtHtHuGA\Tq ijq pq q,w}t(9 A4HtHtHtHuAL&q;jqBqq(I9 A0Ht=Ht,HtHu}A<9 0 eP9 A{'q9 {jq9 {
Ansi based on Dropped File
(~WRD0000.doc)
0 F0 F0 FP0 E9 E 09 G9 kj7jueeEPu3ECPM0 ] PMERM]J`9 M-9 MhEP0 ]ME"`9 E4kj Mj9 EPM#ue9 MM9 jjHjj9 9 ueu9 s+u9 E9C}9 Mjh|9 ! o& 9 Mjh|9 rZMl3FGPM0 }9 E9 U3f0 p9 KVQQPM9 MEPM0 }E:9 EAjj R2Zi9 j\79 u9 M& tj9 M& tiS a}t*FPjEP9 9 MeP^MM}t+jFVEP9 9 MPE-MM" xijHjh9 ej\ j& }9 v9 MV>.@PEP9 o9 M3EFP0 uM0 uE29 E9iU9 QeVj\9 2Pju9 $9 E^j.+h9 j9bY9 0 M30 E;tu+MPNS hU9 Que}9 M& tPjh|9 m9 EjNgeue~9 Mjh|9 9 6e3@0 E& t9 P9 9 ELhU9 VW9 OH9 VEP9 }MNy_^9 U9 S9 ]V30 u;uVE9 9 MW30 u}9 E
Ansi based on Dropped File
(~WRD0000.doc)
0 H9 F9 M@d9 F0 89 F0 HMF*P9 FhP>j 9 9 FjPM89 MeEP6& u29 M)P9 FhPX9 F@vjLMMU2_V9 9 FW3;u3a9|$t<9~<t9xt@vjL=@vWL;t(F<9~<u3@0 xvjL;t0 ~<_^,SUV9 5` W~S3hPP0 D$,9 =9 U& ShjU9 U0 l$,& ShjU3PPPt$ 9 U0 l$(& D$,PU@ & 0 9 D$,;D$4D$~9 L$40 L$,0 D$49 D$8+D$0j"!Y9 3& " & ~ND$0 D$j]9l$4~.D$0 D$ D$ Pjht$0;l$4|D$L$uSht$t$4P0 D$& & (9 D$_^][,ji9 hMeNL9 FL& 9 j9 P3MM9 [9 U9 QVhMju9 & tFLM9 ^V9 9 F@& tW9 = jjPvjv@_9 F& tPh f9 F& tPfY9 ^&j09 0 ue jdv@9 F@& tPf@MNR VW9 =9 f0jdv@jev@9 F& tP9 Y_^V9 ~0Wu[|$du=~9 }& F,9F,|f,F89 F8;F4|9 v,9 A& t!P9 |$eujv(jdv@_^U9 Vu 9 Y& tbW9 };=uu9 {&uu9 Ru
Ansi based on Dropped File
(~WRD0000.doc)
0 L29 u9 y0 >& u;u9 M;
Ansi based on Dropped File
(~WRD0000.doc)
0 L9 M9 uN0
Ansi based on Dropped File
(~WRD0000.doc)
0 M 0 E9 E 9 E9 Ve
Ansi based on Dropped File
(~WRD0000.doc)
0 Mh xSj!}& 9 u& MdeM
Ansi based on Dropped File
(~WRD0000.doc)
0 MT39}l P9 uh; E9~ <9 N9 P 9 N0 EX9 0 E0;u0 }\9}XtE\9 N9 Pl0 Eh9}\u;u9 MTVa& & M}M40 }}ME}MDE}9 N9 3CE9}\u9}htupPP
Ansi based on Dropped File
(~WRD0000.doc)
0 N$9 Y~& 9 && 9^uv9 NvDv@9 90 F9 N; l9 }0 9 N9 M0 0 F$9 0 F 3@U9 4S9 9 CV3; 9p WV VP0 E 30 u}EPu u9 E@Pu Pu0 E Wu0 Eu9 Eu@uPVVu uE0 }9 Y; 9u u
Ansi based on Dropped File
(~WRD0000.doc)
0 u;q|;skSuuu# Du YPtH"!0 E#0 Uu)
Ansi based on Dropped File
(~WRD0000.doc)
0 uc9 MPcM9 c9 M+WEPbEPMEd& uME&
Ansi based on Dropped File
(~WRD0000.doc)
0 ut}ut9 M0n|9 & [& 8P9 wPM8Er8E
Ansi based on Dropped File
(~WRD0000.doc)
0 x,9 M|jV0 9 M9 PhjV9 ]9 - 8H H " H SHHtyu2Y9 & t69 ;=(u9 uVuP& t9 j9 3JuuWPf|teDMQP [& t9 M& tu9 PHSY& t3u9 u9 VSR$SSY& tRu9 u9 VSR(S}Y& tTu9 u9 VSR,S^Y& Ju9 9 RR}`& .S3Y& tx<ukj_9 uHSt9HtY& u9 VS9 RAY& tu9 V9 RP$Y& tu9 V9 RL
Ansi based on Dropped File
(~WRD0000.doc)
0 X9 G0 9 G }t
Ansi based on Dropped File
(~WRD0000.doc)
0 }0 }0EPEP.EYYuu Euu9 E+E9 M0 F9 E0 F9 E0 F_0 9 ^3[#9 U9 | 30 E9 EV30 E 9 EW30 EGE30 E0 uR0 }S0 u0 u0 u 0 u0 u0 u0 u9u$uVVVVV#/39 Uj0 U^f tftf
Ansi based on Dropped File
(~WRD0000.doc)
0 ~S3A Pjh)hq)hM)h))h-h%h% 3$;" 0 F|9 [^j8g`9 D9 & ~| 9 ]RN0 ~ cN4u~P9 MPeMD9 MEPEPE!!9 k JMk 9Mk (3@N`P0 EWEPM0WEPMES-_N`Dk& F`PMTMEMEjN`ZWEPMWEPMEujSjMExPM Pv| & & r!EME<ME0v9 Rt~tN P MEMM9 EMEMM30 U9 QSV9 u9 N09 ^4W9 }9 G0 E0 M;v9 ^,9 G+;v9 & t
Ansi based on Dropped File
(~WRD0000.doc)
0!0&01060A0F0Q0V0a0f0q0v0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0!030M0b0l0~0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0&0*070
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0.0:0F0R0^0j0v0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0/0J0Q0i0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0@0E0c0w0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"131'2:2k2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0#020U0b0n0v0~0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0(0,00080P0`0d0t0x0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0,040<0D0L0T0`0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0,040<0D0P0t0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$000P0X0d0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0@0X0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0%0+060<0G0M0X0^0i0o0z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0&0-040:0A0H0R0\0f0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0&0/070=0M0Y0b0h0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0'040I0c0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0(0,0@0D0T0X0`0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0(00080@0H0P0X0`0l0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0*1014181<1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0,03080<0@0a0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0,`H809:|@T/R>+!\P4.M^%n|)]1ZgX5+!`x^{`W]A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0,`H~8 09 :|@T/R>+!\P4.M^%Rn|)]1! ZR& gX5+!`x^{`W]A
Ansi based on Dropped File
(~WRD0000.doc)
0.0@0Z0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0.181O1Y1u1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0/1U1\1c1j1q1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
00 RZE!yG"!p! !90
Ansi based on Dropped File
(~WRD0000.doc)
00"0.0:0F0R0^0j0v0 0}0a000000000@1P1111'2222'353u333344_4m44445I5W5 555536A666667+7k7y77788U8c88888?9M99: 999):7:w:& :::;!;a;o;;;;<K<Y<<<<=r= =R====>/>B>>}>: >>???N?! ???0A0~0`00001'171J1b11S111212O2p2}22223-333334H44444[5 55686V6w6" 6666666777#7(757;7I7W7e7s7 7& 7 7 7b8n88899"9H9`9" 9:>:::'; ;;R<<=T==> >>L? ?P(0 01P112x22" 3o44.556x66'7v77"8~88:r: ;:<h<<=r= ==>-?? tJ0
Ansi based on Dropped File
(~WRD0000.doc)
00"0.0:0F0R0^0j0v000000000000@1P1111'2222'353u333344_4m44445I5W5555536A666667+7k7y77788U8c88888?9M99999):7:w::::;!;a;o;;;;<K<Y<<<<=r======>/>B>>>>>???N????0A0~000001'171J1b11111212O2p222223-333334H44444[555686V6w66666666777#7(757;7I7W7e7s77777b8n88899"9H999:>:::';;;R<<=T==>>>L??P(001P112x223o44.556x66'7v77"888:r:;:<h<<=r===>-?? tJ0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000#020U0b0n0v0~0000112333
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000#020U0b0n0v0~0`000112333
Ansi based on Dropped File
(~WRD0000.doc)
0000&0-040:0A0H0R0\0f00/1U1\1c1j1q1x11 11 1a111112222223C3z3R33338444$5H555686^6g6677R777}8888:;;/<d<<<<<="=:=W=t==>;>>>>>>?@?d???
Ansi based on Dropped File
(~WRD0000.doc)
0000&0-040:0A0H0R0\0f00/1U1\1c1j1q1x11111111112222223C3z333338444$5H555686^6g6677R7778888:;;/<d<<<<<="=:=W=t==>;>>>>>>?@?d???
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000000"0&0*0701*191e111[9x9999::R;s;;;;;;K>????T0k0t112z22444#505>5n558888999"9;|>>T?^?{?????????00!0&01060A0F0Q0V0a0f0q0v000000000000000001111!1(1.141B1111202<2D2o2222222333E3R334c444,5O5u556G6b6}666(7S77778>888'9R999:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000000"0&0*0701*191e111[9x9999::R;s;;;;;;K>????T0k0t112z22444#505>5n5: 58x888999"9;|>>T?^?{?R? ???????00!0&01060A0F0Q0V0a0f0q0v00 0 0 00000000000001111!1(1.141B1111202<2D2o22" 22222333E3R334c444,5O5u556G6b6}666(7S7 7778>888'9R999:
Ansi based on Dropped File
(~WRD0000.doc)
000<0b0z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0012A22;4U44u555555w666666&7v88y::;;;;<<$<<<<<<f=y=====#>P>m>>-?=???0&000J00001A1b112/2@2F2222224*44455u66777A777777777883898C8R8X88888!909d9k9999::::[;k;;W<<<7======>Y>b>n>>>>>>>>>??/?=?k??????? .00000,1d111111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
00_,______8__
Ansi based on Image Processing
(screen_0.png)
01(131<1M1l1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
010UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
040D0H0\0`0p0t0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0638C49DBB8B4CD1B191051E8F325736
Unicode based on Runtime Data
(WINWORD.EXE
)
09 I9 ^V9 9 FW9 |$;Gt
Ansi based on Dropped File
(~WRD0000.doc)
09 n9 7o9 D$ppSWj9 9 \$& t-VSrY9 V9 ?30 w& |f9 Wf0 B@;~^_[U9 }tOV9 uj9 lEPu YY0 F@P9 9 F9 NURjuPQuj9 +^]V9 9 FW9 |$;GtjW9 0_9 ^9 D$Vj
Ansi based on Dropped File
(~WRD0000.doc)
09 }9 ^Vt$9 9 ^Vt$9 9 ^j ?m9 EPM ue9 MM9 m9 D$p|$V9 t19 F& ~HPf\tf/tj/9 t$9 #^|$V9 t19 F& ~HPf\tf/tj\9 t$9 ^j tl9 juM
Ansi based on Dropped File
(~WRD0000.doc)
090521000000Z
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0@0`0h0p0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0_10UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0A1G1X1n1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0B1G1S1X1d1 2<2A2j2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0D0J0q0v0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0D0X0h0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0H 89t >1uA~WwQ@PWV^d3_^[]9 U9 Q9 UBS9 VW% #0 E9 B9 %0 u& t;t<($3;u;u9 Ef9 M0 X0 L<0 ]9 M9 E0 H0 & u9 9 P9 0 P0 & t9 M_^f0 H[9 U9 0 30 E9 ES9 ]V0 EWEPEPYYEPjju9 fa9 u0 CE0 E0 CEPuV~|$& t3PPPPPP9 M_0 s^9 3[F9 VW3H<u0 8h00 7YY& tF$|3@_^$39 S9 VW9 >& t~t
Ansi based on Dropped File
(~WRD0000.doc)
0H89t>1uA~WwQ@PWV^d3_^[]UQUBSVW%#EB%ut;t<($3;u;uEfMXL<]MEHuPPtM_^fH[U03EES]VEWEPEPYYEPjjufauCEECEPuV|$t3PPPPPPM_s^3[FVW3H<u8h07YYtF$|3@_^$3SVW>t~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0I0w0<1i1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0I^VFW|$;Gt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0L0U1 11L2\2c2j2q2x22 22 2333333444T44445R57L7777^88K99::::(;-;L;d;v;{; ;S;;<<<x=== >4?9? ??xO00000)1"!111112C2h334~44
Ansi based on Dropped File
(~WRD0000.doc)
0L0U111L2\2c2j2q2x22222333333444T44445R57L7777^88K99::::(;-;L;d;v;{;;;;<<<x===>4?9???xO00000)1111112C2h33444
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0n7oD$ppSWj\$t-VSrYV?3w|fWfB@;~^_[U}tOVujlEPuYYF@PFNURjuPQuj+^]VFW|$;GtjW0_^D$Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0w,aQ"!mjp5c" d~2y +L|~- d jHqA }mQ& Vlkdzbe`O\lcc=
Ansi based on Dropped File
(~WRD0000.doc)
0w,aQmjp5cd2y+L|~-d jHqA}mQVlkdzbeO\lcc=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0wu< u9]tj+MdjPM}u&SMEEEPM]uMhMuYPMuMF;7VMEP)MEEMEM]EjCueNuEpVD$tVY^ Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0ZE!yGp!9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0}^Vt$^Vt$^j?mEPMueMMmD$p|$Vt1F~HPf\tf/tj/t$#^|$Vt1F~HPf\tf/tj\t$^jtljuM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1 *\#C ;GIF89aYYY x!,~ ;F! G& }}
Ansi based on Dropped File
(~WRD0000.doc)
1 *\#C ;GIF89aYYY!,;FG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1$1(1H1L1P1T1X1d1h1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1(10181@1H1T1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1(141T1\1h1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1,1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1N1R2W2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1T1X1x1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1!1(1.141B1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1#1(13181E1S1Y1f1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1*151;1F1L1W1]1h1n1y1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1,141<1H1l1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$101T1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1D1P1p1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1H1h1p1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1'171J1b1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1'1A1L1\1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1'202<2u2~2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1(1,1014181<1D1\1l1p1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1*zA;u@9 AHt$CQ|`9 T%Cu`9 T&C+"!jRPug 9 E+]PuSujh 0 E& u4PP{1YM9 E;EtPqY9 E& 9 9 E9 E9 3;" 0 E0 L0;t9 Mf9
Ansi based on Dropped File
(~WRD0000.doc)
1*zA;u@AHt$CQ|T%CuT&C+jRPugE+]PuSujhEu4PP{1YME;EtPqYEEE3;EL0;tMf9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1+1F1a1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1+262F2z2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1,10181P1`1d1t1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1,1@1h1=2F2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1,2;2F2W2]2b2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
100217000000Z
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
101@1D1T1X1h1l1t1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
12.2E2V2z2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
12=3.4444455!5+5>5555K666*7s778L8z888299999:Y::::;;;6<w<<=d===2>>>?`???0l^000A1118222$333#444L555.66e778A8}889m99:f:::T;;;:<<<0=d==>`>>?`???@S00071112T222)3f3u3333334C4q444)55555-6[6667=7778879n99:{:::Y;;<J<<<3===/>c>>>>>?P 00.181O1Y1u12A2233334<4q44455<5H5V5]5z55556C6o666/7@77777L8889S9~9999:d::;B;;;<b<<<"=;=h==>+>8>G>X>y>>>>o???`l*000 191K122222P334b67m89@:::::::;(;;;,<<=3=?=L=Y======9>g>s>>>[???ph00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
12=3.4S444455!5+5>5555K666*7s778L8z88829 9999:Y::::;"!;;6<w<<=d===2> >>?`???0l^000A1118222$3 33#444L5 55.66e778A8}889m99:f:::T;;;:<: <<0=d==>`>>?`???@ S0! 0071112T222)3f3u3333334C4q444)5`5555-6[6667=7 778879n99:{:::Y;;<J<: <<3= ==/>c>>>>>R?P 00.181O1Y1u12A22 33334<4q44455<5H5V5]5z55556C6o666/7@77777L8889S9~9999:d::;B;`;;<b<<<"=;=h==>+>8>G>X>y>>>>o?`??`l*0 00 191K12! 2R222P33! 4b67m89@:a:x:::::;(;S;;,<<=3=?=L=Y=x=====9>g>s> >>[???ph00
Ansi based on Dropped File
(~WRD0000.doc)
130329235959Z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
130329235959Z010UIL10
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
130329235959Z0R10UIL10
Ansi based on Dropped File
(~WRD0000.doc)
131<1Y1W2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
141<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
171Z1112j223;3 333%4P44%5q5 555667 7778D8 889*9M9v9"!999*:m::;T;;<B<e<<<<==|===0(0t00081c1}11
Ansi based on Dropped File
(~WRD0000.doc)
171Z1112j223;3333%4P44%5q55556677778D8889*9M9v9999*:m::;T;;<B<e<<<<==|===0(0t00081c111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
19 QWuuS G;~| E9 E;F|3@_^[U9 QSV9 uWv9 = 69 uu9 u0 EVu& )9 0 E9 ^Suu9E 0 M9 E0 ME0 EExAu1
Ansi based on Dropped File
(~WRD0000.doc)
190520235959Z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
190520235959Z010UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1<1C1J1Q1X1_1f1m1t1{1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1[2@3I324
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1Au uS9 ]SuuS C;^0 ]RE9 E;FR3@_^[jd9 0 us3N0 }1@-^<9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
1AuuS]SuuC;^]EE;F3@_^[jdus3N}1@-^<Ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1b9 ( Ph0
Ansi based on Dropped File
(~WRD0000.doc)
1I45:6J6Q6X6_6f6m6t6{6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1L2\2c2j2q2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1N1y1172222222234w4$6F667)88889h:::::::;<;y;;<j===?>n>>>>!?\?001013&3;4V4d444555F5f5u555555Y66666,7H7777?8_889b::;;; <=<y<<<<m=====>->?>K>>F?t??01|11E2N222233%3E4O4f4555666828<8A88885999::y:::::b;o;;;{<<<<<<======>>x????000%0+0001E111111272222333K4l44455'55556667G7U7778G888A99/::;U;q;;;<t<=O=o===>r>j???p000R1s12k3p324K4V4[4445666?6H6R6w66666E7777898N88E999):=:::;<C<<===u>6??S00001&1@11[2@3I32444`5s555J667*7Q7q77777777m899:d:v::::::;;1;;;;<<<<<<,===>`>p>1?K??00P0r001V1111112!2;2f223333334454M4v4444P556&6+626[6k6v6666 7c777.8D888888'9E9y9999:+:S::::;;;<<%<3<<<)=7===U=p===>0>A>J>>?T?h??h0000001%1+1;111_2k222222X3h3o333333334T44L5m5t555F6R6`6g66677778
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1N1y1172222222234w4$6F667)88889h:~::::::;<;y;;<j=& ==?>n> >~>>!?\? 001013&3;4V4d444555F5f5u5 55555Y6 6666,7H7: 777?8_889b:`: ;;; <=<y<<<<m=====>->?>K>>F?t?? }01|11E2N222233%3E4O4f4555666828<8A8 8885999::y: :~:::b;o; ;;{<< <<<<======>>x? ???000%0+0001E1111112722223 33K4l4 4455'55556667G7U77 78G888A9 9/::;U;q;: ;;<t<=O=o="!==>r>j???p000R1s12k3p324K4V4[4445666?6H6R6w6! 6x666E7777898N88E999):=:::;<C<< ===u>6??S00001&1@1 1[2@3I32444`5s5 5~5J6a67*7Q7q7}7777777m899:d:v::::::;;1;;;;0 < <S<<<<,===>`>p>1?K? ?00P0r001V1111112!2;2f223333334454M4v4R444P556&6+626[6k6v6 666 7c777.8D8 88888'9E9y9999:+:S: :S::;;;<<%<3<<<)=7===U=p===>0>A>J>>?T?h??h0000001%1+1;111_2k2S22222X3h3o33a3333334T44L5m5t55~5F6R6`6g66677778
Ansi based on Dropped File
(~WRD0000.doc)
1QWuuG;~|EE;F|3@_^[UQSVuWv=6uuuEVu)E^Suu9EMEMEEExAu1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 2$2(2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 2$2M2s2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 20242D2H2X2\2l2p2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 2@2H2P2X2d2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 464S4^4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2#2)242:2E2K2V2\2g2m2x2~2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2$2(282<2D2\2l2p2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2$2,242<2H2h2t2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2''8$3B)=,*D
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2''8$3B)=,`*D
Ansi based on Dropped File
(~WRD0000.doc)
2(20282@2H2P2X2d2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2(2H2P2X2`2h2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2)2I2^2t2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2,242<2H2h2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2,2H2`2t2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2.2E2V2z222>3O3y3 33404`4f4p4u4 44l55555P6f6o7777888,8d8}8889:;o<<<<8==?>E>K>P>^>q> >>>>>>>>
Ansi based on Dropped File
(~WRD0000.doc)
2.2E2V2z222>3O3y333404`4f4p4u444l55555P6f6o7777888,8d88889:;o<<<<8==?>E>K>P>^>q>>>>>>>>>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
20282@2H2P2X2`2h2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
20282D2l2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
202<2D2o2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
21222222&3q3}33333^4n4t44444 5j5556%6^6666788.8D8_8k899"949Y9b9t99:2:X:~:::::;&;/;L;i;y;~;;;;;;;.<4<k<|<<<<<<<*=U=]===u>??H0O000r1123334!45567!8o88999999:2:x;;=r>001111111111111112W2_2d222233R3W333w4444444{555555555
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
212~22222&3q3}39 3 333^4n4t4~4444 5j5 556%6^6 666788.8D8_8k899"949Y9b9t99:2:X:~:::::;&;/;L;i;y;~;& ;" ;;;;;.<4<k<|<R<" <: <<<<*=U=]=& =a=u>?? H0O0~00r1123334!455"!67!8o8899}9999:2:x;;=r>R001111111111111112W2_2d20 2}2233R3W333w4444444{5! 5 5 5S55555
Ansi based on Dropped File
(~WRD0000.doc)
23 353C3X3g3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
242D2H2X2\2d2|2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
24383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2<2D2P2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2<2X2\2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2a2223U333.4445;5~55-6q6667V777 8K8888,9`999:e::::J;u;;;/<b<<<=`==>\>>>>>>F??? ?000011!2X2{2222S33333J4m4445[555'6d6667>77778(8Y8|889I9999:>:a:::::5;;;$<<<<.=a====><>j>>>>3?b???0020`0000#1v11192d222313h33434y4475z55 6k66667A777;8c8889>9g9999F:::;W;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2a2223U333.4`445;5~55-6q6667V777 8K8 888,9`9 99:e::::J;u;;;/<b<<<=`==>\>>"!>>>>F?0 ?? S?0 00011!2X2{2222S3}3333J4m4445[5}55'6d6667>7 7778(8Y8|8x89I9999:>:a: ::::5;;;$<<<<.=a=x===><>j> >>>3?b?"!??0020`0: 000#1v11192d2 22313h33434y4475z55 6k6 6667A7& 77;8c8~889>9g9a999F:: ::;W;;;
Ansi based on Dropped File
(~WRD0000.doc)
2A2N2X2f2o2y2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2B3O3'414
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2EPuMhxoKtM ^MTE PESE Phh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2k3p324K4V4[4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2MEu*M("& & hM(&0 EX;t9]| EHPM1M(a!PM2jEPM!Pu\MlMm 9 3;~iVE8PM57E9]XuM8{";t*SE8PM((;uSE8PM'9 MxE8P6M8E)F;|;~M^7Eh9 Eh;E`RSM(ME6ME.ME\)M(EP)3F(js~9 9 M!& t
Ansi based on Dropped File
(~WRD0000.doc)
2MEu*M("hM(&EX;t9]|EHPM1M(!PM2jEPM!Pu\MlMm3;~iVE8PM57E9]XuM8{";t*SE8PM((;uSE8PM'MxE8P6M8E)F;|;~M^7EhEh;E`SM(ME6ME.ME\)M(EP)3F(jsM!t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2p"A9K\Lq
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2QYj)QY9 VWP5P 9 t9 & uNhj9 YY& t:V5P 5Y& tjVYYDN0 VoY3W _9 ^9 V9 & ujY9 ^jhB9 u& 9 F$& tP"Y9 F,& tPY9 F4& tPY9 F<& tPY9 F@& tPY9 FD& tPY9 FH& tPY9 F\=]tPYj
Ansi based on Dropped File
(~WRD0000.doc)
2QYj)QYVWP5PtuNhjYYt:V5P5YtjVYYDNVoY3W_^VujY^jhBuF$tP"YF,tPYF4tPYF<tPYF@tPYFDtPYFHtPYF\=]tPYj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2Terms of use at https://www.verisign.com/rpa (c)09100.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2VEPEPS9 EgME
Ansi based on Dropped File
(~WRD0000.doc)
2VEPEPSEgME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2Vt$9 [t$9 g3@^j8139]u3& MJt9 M0 ];0 E0 ]~Y3;0 ]}B9 MSF9 & t& tG4PN4a& }0 ]9 C;]|9 E9Etu9 MPF9 ]9 EC;0 ]|MMs3@E1U9 hSVWj@EjP9 U;j(EjPH;j
Ansi based on Dropped File
(~WRD0000.doc)
2Vt$[t$g3@^j8139]u3MJtM];E]~Y3;]}BMSFttG4PN4}]C;]|E9EtuMPF]EC;]|MMs3@E1UhSVWj@EjPU;j(EjPH;j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2Y0 EE& t9 3WE0 1Y0 EE& t9 k3WE0 1Y0 EE
Ansi based on Dropped File
(~WRD0000.doc)
2YEEt3WE1YEEtk3WE1YEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2~0 EP& uMhx9 oK9 & tM ^9 MTE PESE Phh 9
Ansi based on Dropped File
(~WRD0000.doc)
3 " H%~t6SY9 9 N;x';x}P=6rY9 9x|EPW9 $& StB rf/tf\tf& tf{:uSjSDV{Y3u0 ] 9 9 f& tf/tf\uyAAf& uS& hPLa;ul3f0 & W& P~DS& hNP & PS3PSjPPh@& P0 E } uy99 +3f0 REf/t%f\tf9 lf:& ^W& P& hNP & PjN_<65@YY@u
Ansi based on Dropped File
(~WRD0000.doc)
3 3$3(3,30343
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3$3,3D3T3X3h3l3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3$34383H3L3\3`3h3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3&3+343Q3W3b3g3o3u3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3034383@3X3h3l3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 353C3X3g3 333S4 455P6_68888899%9.949]99999;:K:U:_::: ;;;;B<K<T<R<: <<<<<<==)=9=I=P=W==! ="!=======
Ansi based on Dropped File
(~WRD0000.doc)
3 353C3X3g3333S4455P6_68888899%9.949]99999;:K:U:_:::;;;;B<K<T<<<<<<<<==)=9=I=P=W==========
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3 3@3H3T3t3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3" @@3; W9 ShSVPV_& t}t9 M& tu <^9 [Ul$ 30 & jN0 9 9 9 & WVh
Ansi based on Dropped File
(~WRD0000.doc)
3" @@VhhP9 E& t0 03& 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3" @@Vu hSP}9 E 9 S_^3[9 U9 QQS39@t3VWuuuuhHVj70 ])C9 ;tu9 uuuD0 EEPuu< ;t3" PhVAAQ6jEPjSuu4 u9 $ & t3" ShXV@@P3'h|Vj"!}t& t
Ansi based on Dropped File
(~WRD0000.doc)
3" AA3& P9 Wh(VQu^& t}t& t
Ansi based on Dropped File
(~WRD0000.doc)
3"!uEP9 "!eM'& t3MM[/9 eMMEME9 EPVM& &PWM& u!EEuMVe&PWM9 uMEMEnj9 9 MD'& t
Ansi based on Dropped File
(~WRD0000.doc)
3"3(33393C3O3Z3`3j3v3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3"4=4T4s4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3#0tEPeMyPt3MMWKXE{PUMVtjE uMQP}tEPK$_KX}t6MSNEPEPENtEPMEEW3FOj.hj4vYM3u;tuMuPjuuEPj~X$VM`eEPG)MYMVjbuY/eN LMN0EA/fPNTElXV}D$tVtY^j1cWMMLMeEPuu3MMUj4-YMEt3MQEuPtMjuEPmjVW|$NuSSUnX^$SYt-W\WN3=StCu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3#9 0& tEP9 : eMyP& t3MMW9 KXE{P9 U9 0 MV& t S9 j9 9 E 9 u9 MQ9 P}tEPK$_KX}t6MSNEPEP9 EN& tEP9 : MEEW3FOj.h9 j4vY9 0 M30 u;ta9 u9 M9 0 uPj& u9 9 uEP9 j 9 ~X9 $VM`e9 EPG)MYM9 V9 ~jb9 0 uY/eN LMN0EA/fPNTEl9 XV9 }D$tVtY9 ^j1cW0 MML9 MeEPu& u3MMU9 j4-Y9 0 ME& t"!9 39 MQ9 E0 uP9 & t9 MjuEPm9 j9 9 VW9 |$9 9 N& uSSUnX9 ^$S9 Y& t9 -W9 \WN3=S& tC9 & u
Ansi based on Dropped File
(~WRD0000.doc)
3$3,343<3H3h3t3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3$3D3L3T3\3d3l3t3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3$3D3L3T3\3d3p3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3%3E4O4f4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3%4Q4Z4l4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3& M&ueM& uMMMSJ
Ansi based on Dropped File
(~WRD0000.doc)
3&3;4V4d4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3&u9 uP,u9 P\39Ap" ]j\V>0 M3VVMy9 MVVEP0 u0 u0 u33_& t$EPEPM]! & t9u|9 ]9u|9 }9 MjVEP(& t$EPEPM&! & t;]9 ];}9 }9 MVjEP& t$EPEPM & t;]9 ];}9 }9 EM0 9 EM0 8wy
Ansi based on Dropped File
(~WRD0000.doc)
3&uuP,uP\39Ap]j\V>M3VVMyMVVEPuuu33_t$EPEPM]t9u|]9u|}MjVEP(t$EPEPM&t;]];}}MVjEPt$EPEPMt;]];}}EMEM8wy
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3(30383@3L3l3x3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3)313A3J3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3,383X3`3h3p3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3,3:3C3l3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3-44484<4@4D4H4L4P4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3/M|3VjuMuM;uM;uMMP`VF$UtPfFtPtv^j0ik.ej,^VEjP9EKuMEEEu}MC%5$tjjhsMEEPjh2s3uMM[c.$FU0Vj,EjPr8FME,EEEEPjh9v$^t$t$hq$3@t$jhq$3@VD$tV-Y^USVW39}t@WuWuPPPPQWh(UW^;u3DWjhS$hjN,Wj?Wj5EFEF_^[]VW3NWt$$Ut$~~~~~~B~_^jk,uPU3@~PEkIjPNEiIMA,|$u3W|$u3&Vq9D$st$H3@3^_ jkn+uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
30 E0 E0 E0 E9 E9 3## 0 uf;!f;f;!
Ansi based on Dropped File
(~WRD0000.doc)
30 E0 E3f;uBEu9uu9uu3f0 Ef;u!BCu9su93u0 u0 u0 u0 uS}E9 ES9 M0 M& ~RD0 E C0 E9 E 9 Me9 O4;r;sE}0 wtfE mM}GGESM} f& ~79 }& x+9 u9 Ee9 ?0 u0 Ef& f& Mf& }B9 EtE9 E9 }9 Mm9 EN0 }0 Eu9utfM 9 f9Mw9 M u4}u+e}uef9Muf0 EBfEEEf;r#33f9E0 E 0 EI 0 M;f9 EUf0 E9 E0 E9 E0 Ef0 U3f& eH% e0 E}& <9 EM9 u9 U/E3 3EE33339 } ERf0 f0 G
Ansi based on Dropped File
(~WRD0000.doc)
30 E0 E3f;uBEu9uu9uu3f0 Ef;u!BCu9su93u0 u0 u0 u0 u}E9 E9 M0 MS& ~RD0 EC0 E9 E9 Me9 O4;r;sE}0 wtfEmMS}SGGEM} f& ~79 }& x+9 u9 Ee9 ?0 u0 Ef& f& Mf& }B9 EtE9 E9 }9 Mm9 EN0 }0 Eu9utfM 9 f9Mw9 M u4}u+e}uef9Muf0 EBfEEEf;r#33f9E0 E 0 EI 0 M;f9 EUf0 E9 E0 E9 E0 Ef0 U3f& eH% e0 E}& <9 EM9 u9 U/E 3 3E E 33339 }ERf0 f0 G
Ansi based on Dropped File
(~WRD0000.doc)
30 M0 M0 M0 M9 M9 3 0 u##4
Ansi based on Dropped File
(~WRD0000.doc)
30EP9 G8ehUM:& uhM)& uMMrh EP9 _@PN$EMEGhx9 ?& u3MM)9 kP9 \9 jD9aA/9 9 M& & t
Ansi based on Dropped File
(~WRD0000.doc)
30EPG8ehUM:uhM)uMMrhEP_@PN$EMEGhx?u3MM)kP\jD9aA/Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
30M 3VjuM0 uv M;uM& N ;uMM 9 P9 9 jD9a.9 9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
30M3VjuMuvM;uM&N;uMMPjD9a.Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
31MeEPjjEPMEt6euMME6MM3UQQEWt@VpEPeEtHQPEPEPau@^_j ./}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
31MS9 eEP9 jjEPMSE & t69 0 euMS" 9 ME6MMS0 9 3U9 QQ9 EW9 & t@VpEP9 e9 E& tHQP9 EPEP9 a& u@^_j ./9 9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
33"3@333344%46=6666
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
334444444V5c5}5 555555T6Y6v6}6 66677C7X7t7y77778}8889999: : :;X;{;}<<<>>5>B>U>t>S>>?@01'1A1L1\112222223;3Z3y33333434R4q444445+5J5i50 555556:6Y6x6 66667/7N7m7R77778'8F8e8 888899>9]9|9: 9999:6:U:t: ::::;.;M;l;9 ;;;;<&<E<d<<<<<<===\={=a====>5>T>s> >>>>?-?L?k?`????P0%0D0c0 000001+1F1a1|1 12223h566)656B66677>7*8/8M8b8 888899(9/999::a;;;`<<`=>>>>??g?y? ????` 00000<0b0z0 000000111*131E11h23+3i39 335 5J5p556&6! 66666J7u7`7878D8\88999::S:::,;f;;<<S<_<k<z<z==>5>>@??pp0Y0d011113$3D34o4" 4G5d55X6h667N777)8p8889!9399999/:`:;<<==G==>}>>>>/?;?R?a?j? 50?0f0 0 00"131'2:2k2 20 2222223
Ansi based on Dropped File
(~WRD0000.doc)
334444444V5c5}5555555T6Y6v6666677C7X7t7y77778}8889999:::;X;{;}<<<>>5>B>U>t>>>?@01'1A1L1\112222223;3Z3y33333434R4q444445+5J5i5555556:6Y6x666667/7N7m777778'8F8e8888899>9]9|99999:6:U:t:::::;.;M;l;;;;;<&<E<d<<<<<<===\={=====>5>T>s>>>>>?-?L?k?????P0%0D0c0000001+1F1a1|112223h566)656B66677>7*8/8M8b8888899(9/999::a;;;`<<`=>>>>??g?y?????`00000<0b0z0000000111*131E11h23+3i3335 5J5p556&666666J7u77878D8\88999:::::,;f;;<<S<_<k<z<z==>5>>@??pp0Y0d011113$3D34o44G5d55X6h667N777)8p8889!9399999/:`:;<<==G==>>>>>/?;?R?a?j?50?0f0000"131'2:2k222222223
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
339E 0 E& tI& t\B& u0 U` tU}u< tK<tG& t=P& t# 1Y& t
Ansi based on Dropped File
(~WRD0000.doc)
339EEtIt\BuUtU}u< tK<tGt=Pt#1Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
33@0 F 0 F$Q0 N0 N0 N0 NF,3F0 0 N4F(0 N9 ^V9 9 N& tT
Ansi based on Dropped File
(~WRD0000.doc)
33@F F$QNNNNF,3F0N4F(N^VNtT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
34 434R4^4v4{4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
343<3D3L3T3\3h3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
343L3h3l3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
344=4U4s4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
349 MEP5<M0 ]hxM!& u3MMh9 9 MC<;0 E0 ]}u9 M@9 ; 0 EP9 ;PMEM]MXh\SM& tMj$D-Y9 0 ME;tS9 3W9 ]& t9 MV9 VP;t9 j9 E9 E;ERS3F%j j29 30 ]9 }jhT9 0 ]N0 ]ChT9 0 ]9N$P9 )hT9 hRT9 EP9 e.9 M& t'EPD9 0 ]oP9 MEEPEP9 n& uhdT9 h@T9 9 2U9 QeV9 9 M2& u>!EEPuN& t(9 E& t!9 MP9 M& t9 EP9 Mjh|9 89 E^U9 Qe$Q9 M 9 EV9 D$tVe2Y9 ^jkH19 0 u~9 ,T e^$9 9 h9 EhT9 9 1V9 D$tV1Y9 ^jXFk09 9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
34MEP5<M]hxM!u3MMhMC<;E]uM@;EP;PMEM]MXh\SMtMj$D-YME;tS3W]tMVVP;tjEE;ES3F%j j23]}jhT]N]ChT]9N$P)hThTEPe.Mt'EPD]oPMEEPEPnuhdTh@T2UQeVM2u>!EEPuNt(Et!MPMtEPMjh|8E^UQe$QMEVD$tVe2Y^jkH1u~,Te^$hEhT1VD$tV1Y^jXFk0Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
36uEPeM!t3MM(MMEMjuME+ PVMMEcMEej<xeEP;3CM] tMjh|A.]M5MEMEMEEPMPVMyuMjh|-]`M_PMh0MEPME>PVMkMujh|-EP1M]E'MEYME?M]~'MEr'EyjHjMetMjh|-ZEP3FMutMjh|,MhPMq/MEPD0MuE&Ej439]tP9]tK9]~FjuM,EPEP].MEt!M]z&MMn&3vMME0MEME39]~@E;t0PM(MuMnPMePWM\F;u|MEME%MEM]%MM%3@@jEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
36xuEP9 eM!& t3MM(9 MMEM9 juME+ PVM0 M9 EcMEe: j<xeEP;3CM0 ] & t9 Mjh|9 A.0 ]M5MEMEME9 EPM0 PVMy& u9 Mjh|9 -0 ]`M_PMh0MEPME>PVMk9 M& ujh|9 -EP1M0 ]E'MEYME?M]~'MEr'9 EyjHj S9 9 Me& t9 Mjh|9 -ZEP9 3FM0 u& t9 Mjh|9 ,9 MhPMq/9 MEPD0M0 uE&9 ESj4: 9 39]tP9]tK9]~FjuM,EPEP9 0 ].ME& t!M]z&MMn&3vSMME0MEME39]9 ~@9 E9 ;t0PM(M"!& uMnPMePWM\F;u|MEME%MEM]%MM%3@@jaEP
Ansi based on Dropped File
(~WRD0000.doc)
379 MEP ?M0 ] h\SMp& uMM9 MhdF; MQ9 BwP9 EM]}9 & tMMf9 j9 9 MhDS.F;tpMQ9 cBwP9 EM]"9 ehh9 h9 h9 hh9 hT"!hS9 & 3C]jHj59 30 ]9 ujhT9 0 ] 0 ]ChS9 0 ]oOP9 _hS9 ShS9 GWMhhM0 ]hh9 MhhMhShT"!MMtP9 hS9 h|S9 ME9 5jyj59 0 u,TE~P9 E,e
Ansi based on Dropped File
(~WRD0000.doc)
37MEP?M] h\SMpuMMMhdF;MQBwPEM]}tMMfjMhDS.F;tpMQcBwPEM]"ehhhhhhhTh3C]jHj53]ujhT]]ChS]oOP_hSShSGWMhhM]hhMhhMhhTMMtPhSh|SME5jyj5u,TE~PE,e
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
383@3H3P3X3`3h3p3x3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
39 e& t9 U& t3@9 0 ej\1VUVW| e9 0 eWV0VS$aW|9 VMEVWVMEV|Ee9 & ~\EP|m9 EP$\& t4& tvMAGP
Ansi based on Dropped File
(~WRD0000.doc)
39 MIa& ujh|9 Mn9 MjxV0 ]c;tVM j9 M_PMZpEPM 0 ]
Ansi based on Dropped File
(~WRD0000.doc)
39 O$9 F$9 ]SQPRP0 EEP9 639 0 ];t9 MQ9 RM9 T0 E& vS9 ;u0 ]C;]r9 3;t
Ansi based on Dropped File
(~WRD0000.doc)
394A4T4_4d4t4~4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
39]0 ]0 ]}9 =<u9 MEP M E ME
Ansi based on Dropped File
(~WRD0000.doc)
39]]]=<uMEP MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
39F$PEPeM )& tMM0EP9 }ME ME ME9 EPM%(PM(PVMh& u93ME^MEDME 0MMv09 @9 uj" 9 9 M(& t
Ansi based on Dropped File
(~WRD0000.doc)
39F$PEPeM)tMM0EP}MEMEMEEPM%(PM(PVMhu93ME^MEDME0MMv0@ujM(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
39ttyVVVVVt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3;YNUS3V9@uT9]tO9]tJ9]tE9]t@j0uu;t*WVujuqVV\3;_3^[]ht$t$t$UT3EVu&t3(P%P3PlM3^jM@=@Et"ME-MM-3$EP\u3ME-MM-39E(MP%PM$PuPj[eEPu3FMMQ-YM$P=@Vu+t$t#W3VGTuPVPHt3_3^=@t3 L$I$L$P?$P+YY@j[]e3t*t%u\jWM$PuDP<M#Pu'5PujWM#PuMM>,FD$VtV_Y^VL$q#P^UPl$3Pj`NMlM3\]G$t6M\+3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3;YxNU9 S3V9@uT9]tO9]tJ9]tE9]t@j0uu9 ;t*WVujuqV9 V\3;x_3^[]ht$t$t$U9 T 30 EV9 u9 && t3(& P9 %P3" P9 l9 9 M3^jM@=@Et"ME-MM-3$EP\& u3ME-MM-9 39E(M P%PM$P9 & uPj[eEP& u3FMMQ-9 YM$P 9 =@Vu+9 t$& t#W3VGT& uPVPH& t39 _3^=@t3 9 L$I$9 L$P?$P+YY@j[9 ]e3& t*t%u\jWM$P9 & uDP<M#P9 & u'9 5PujWM#P9 & uMM>,9 FD$V9 tV_Y9 ^V9 9 L$q#P9 ^UPl$ 30 & Pj`NM9 l0 M3\0 ]G$& t6M\+39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3<hsMQP< 9 uP9 %9 E+E3WsWsP9 E+EPuuh h|9 hW 0 ;tWjhP9 5 h~jSj0 9 MM
Ansi based on Dropped File
(~WRD0000.doc)
3<hsMQP<uP%E+E3WsWsPE+EPuuhh|hW;tWjhP5hjSjMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3= 0 MV89 E|^j2]9 }u
Ansi based on Dropped File
(~WRD0000.doc)
3=a~,u3@M#eM~EPVME& u3ME`MM0)9 M2}M9 3E& ~;VEPM0PME,+ME #jjEPMF;|MEs#3Fyj,& 9 M9 Fe& tPMVMt^MM9 9 /"!|$Vt-9 qAr9 9 9T$rr9 9 I;L$v2^9 T$9 V9 p0 29 p ~-u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 BU9 9 M& w3Q Y3seEPM"!h,EPE9 ~U9 9 M& w3k0QR Y30seEPMh,EPE9 U9 9 M& w3P? Y3seEPM}h,EPE9 Vt$9 9 9 ^U9 SVW9 }9 9~sB9 F9 ]+;s9 9 E;s9 ~r9 vPu~Pl& u;]s3;]" _^[]V9 D$tVi Y9 ^V9 pD$tVM Y9 ^j0 9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
3=KEP9 ReS: WM& u
Ansi based on Dropped File
(~WRD0000.doc)
3=KEPReWMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3=MV8E|^j2]}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3=~,u3@M#eMEPVMEu3MEMM0)M2M3E~;VEPM0PME,+ME#jjEPMF;|MEs#3Fyj,&MFetPMVMt^MM/|$Vt-qAr9T$rrI;L$v2^T$Vp2p~-uVrpI^;QuAJ;QuAPBUMw3QY3seEPMh,EPEUMw3k0QY30seEPMh,EPEUMw3P?Y3seEPM}h,EPEVt$^USVW}9~sBF]+;sE;s~rvPu~Plu;]s3;]_^[]VD$tViY^VpD$tVMY^j0uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3?4L4s4z4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3@ ME0 ME}ME9 EPhMPVMZ& u+3FMEXME>MM|
Ansi based on Dropped File
(~WRD0000.doc)
3@@3;WShVPV_t}tMtu<^[Ul$3jNWVh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@@VhhPEt03Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@@VuhSPE_^3[UQQS39@t3VWuuuuhHVj7])C;tuuuuDEEPuu<;t3PhVAAQ6jEPjSuu4u$t3ShXV@@P3'h|Vj}tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@^! &j<'Mej
Ansi based on Dropped File
(~WRD0000.doc)
3@^&j<'Mej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@eyJBeeE )UM|#MM}|}ME}}|jMZ+;|1tdJ}3^jY+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@MEMEMEEPhMPVMZu+3FMEXME>MM|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]EA9 EjppEPQEPEjP & u8Et9 E`p3E#E }t9 Map[9 U9 9 MSV9 u3W9 y;uj^0 0SSSSSS9 & 9]v9 U;~9 3@9Ewj"Y0 9 ;0F~`:tGj0Y@J;9 M;| ?5|
Ansi based on Dropped File
(~WRD0000.doc)
3]EAEjppEPQEPEjP u8EtE`p3E#E}tMap[UMSVu3Wy;uj^0SSSSSS9]vU;~3@9Ewj"Y;0F~:tGj0Y@J;M;|?5|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]MeMfu3MMTu33;|VL$P}^VWhP3@t!h4V<t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]MxeMf& u3MM! 9 9 Tu: 3& 9 3;|" 9 V9 9 L$P9 }^VWhP3@9 & t!h4V<& t
Ansi based on Dropped File
(~WRD0000.doc)
3`M30 }9 MWh9 9 M+PVEPME*M& & jhMtijh9 MtSVh{uM?+PVEPM^PMEME)M& tPME9 MWS#9 & MME3MM9 |9 Vh9 MhVh9 MZMEMuEPME9 M& tEPME3F U9 Q|uMeVh@9 & t.hV<& tMQ& }
Ansi based on Dropped File
(~WRD0000.doc)
3`M3}MWhM+PVEPME*MjhMtijhMtSVh{uM?+PVEPM^PMEME)MtPMEMWS#MME3MM|VhMhVhMZMEMuEPMEMtEPME3FUQ|uMeVh@t.hV<tMQ}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3AA3PWh(VQu^t}tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3ajuM@*eEP9 ME& t3ME7$MM+$9 MMEMEjM9 aPMXPVMM9 E~ME 0 j8l9 }u3MVeM[MEwjuM9 ^)EPEP9 EME& uMPWMEP9 ME& uMPM! PWM~
Ansi based on Dropped File
(~WRD0000.doc)
3APjh)hq)hM)h))h-h%h%3$;F|[^j8gD9~|]NcN4u~PMPeMDMEPEPE!!kJMk9Mk(3@N`PEWEPM0WEPMES-_N`DkF`PMTMEMEjN`ZWEPMWEPMEujSjMEPMPv|r!EME<ME0vt~tNPMEMMEMEMM3UQSVuN0^4W}GEM;v^,G+;vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3D9 MEPh$RM0 ]'& u3MM+9 9 M;0 E}9 MSG9 & EP9 rhRMEe'& t EP9 PNE.2MhRM4'& tEP9 PN$E1M_hRM'& t"EP9 wME"0 M,h9 M&& t$EP9 DPN4ES1ME*ME)C;]R3Fj~fx9 0 uN4R ej
Ansi based on Dropped File
(~WRD0000.doc)
3DMEPh$M]'u3MM+M;EMSGEPrhMEe't EPPNE.2MhM4'tEPPN$E1M_hM't"EPwME"M,hM&t$EPDPN4E1ME*ME)C;]3Fj~fuN4 ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3E0 F,9 E& 39 N,Pu MMajiz9 FXPM9 N,e& u3MM 9 $j9 ji29 FXPMG9 N,e& u3FMMJ9 ,9 V9 ~,u3^9 WP89 N,9 ;_@^V9 9 WPL9 9 9 PP& uY& tU9 W9 P@9 %& u%Ph%j3& t$<u9 W9 PD9 9 P9 W9 PH9 9 P3@3_^9 j] 9 }e& t69 & t$<u9 W9 PD9 9 P9 W9 PH9 9 P9 9 Ph0h%j 3ji9 & u< PMeDN89 PR& t
Ansi based on Dropped File
(~WRD0000.doc)
3EE3f;uBEu9uu9uu3fEf;u!BCu9su93uuuuu}EEMM~RDECEEMeO4;r;sE}wtfEmM}GGEM}f~7}x+uEe?uEffMf}BEtEE}MmEN}Eu9utfMf9MwMu4}u+e}uef9MufEBfEEEf;r#33f9EEEIM;fEUfEEEEEfU3feH%eE}<EMuU/E33EE3333}EffG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3EEEEE3##uf;!f;f;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3EF,E3N,PuMMajizFXPMN,eu3MM$jji2FXPMGN,eu3FMMJ,V~,u3^WP8N,;_@^VWPLPPuYtUWP@%u%Ph%j3t$<uWPDPWPHP3@3_^j]}et6t$<uWPDPWPHPPh0h%j 3jiu<PMeDN8PRt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3etUt3@ej\1VUVW|eeWV0VS$aW|VMEVWVMEV|Ee~\EP|mEP$\t4tvMAGP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3F$PEPeMa*t3MM1EPGjEYMRMEWMEsVM(PM(PWMcME%MEMEI1nj(Couu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3F$PEPSeMa*& t3MM19 EP9 GjEYM9 RMEWMEsVM9 (PM(PWMcM9 E%MEMEI1nj(Co9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
3H%~t6YN;x';x}P=6rY9x|EPW$tBrf/tf\tftf{:uSjSDV{Y3u]ftf/tf\uyAAfuShPLa;ul3fWPDShNPPS3PjPPh@PE}uy9+3fEf/t%f\tf9lf:^WPhNPPjN_<65@YY@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0D
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3ikkkkkM>YU*g'
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3IuEP9 eMa& tMMeMkMEplMERu9 EPhMPVM<& u-3ME;lME!MM_9 Z9 uV9 QD$tVHY9 ^jbG u
Ansi based on Dropped File
(~WRD0000.doc)
3IuEPeMatMMeMkMEplMEuEPhMPVM<u-3ME;lME!MM_ZuVQD$tVHY^jbGu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3j&h\?Y9 0 ME& t3j9 M9 9 Rxzh`S?Y9 0 ME& t?3Mj9 9 }Eh`g?Y9 0 ME& t&
Ansi based on Dropped File
(~WRD0000.doc)
3j&h\?YMEt3jMRxzh`?YMEt?3Mj}Eh`g?YMEt&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3j0AC 9 M eM9 uE& u"MEMMw3 VM-& t3MErMMF9 3@uV9 9 j80 M9 }& 9 Me9 de0 E& ~[u9 ~"!9 & t@^$9 & t9 EP9 9 MV& u9 j9 u9 "!ME9 E;E|MM& jLt0 My9 (d30 E;u3M:M0 ]X9]E0 ]}~u9 9 ;t9]uFPM&;ujF$PEPMq%ME& u>EPM& t.jSSEPND ;tFPNH9]t9 MV MEE9 E;ERbM]MM|3@ j,&9 jMBueFPFXPM-& u!j9 `3MM"9 }t9 +9 S9 A}tu9 um9 3Fj h9 M0}3M0 }0 ~0 ~M0 FM0 FM0 FM0 FN,MM0 F0 ~ 0 ~$0 ~(|9 j,& 9 9 M& t\9 E& tU0 NM0 F&eM53& uj
Ansi based on Dropped File
(~WRD0000.doc)
3j0ACMeMuEu"MEMMw3VM-t3MErMMF3@uVj8M}MedeE~[u~t@^$tEPMVujuMEE;E|MMjLtMy(d3E;u3M:M]X9]E]u;t9]uFPM&;ujF$PEPMq%MEu>EPMt.jSSEPND;tFPNH9]tMVMEEE;EbM]MM|3@j,&jMBueFPFXPM-u!j3MM"}t+A}tuum3FjhM03M}~~MFMFMFMFN,MMF~ ~$~(|j,&Mt\EtUNMF&eM53uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3juM@*eEPMEt3ME7$MM+$MMEMEjMaPMXPVMMEMEj8l}u3MVeM[MEwjuM^)EPEPEMEuMPWMEPMEuMPMPWM~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3juMYZeM\OjEPRt3MMLTuN]PEPR3FU}u35uMVMqj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3jZ0 FQ9 9 FPvW.v0 ~_^9 A& t99 L$V9 4& t,jhwh`rjV& t9 9 R9 j9 ^9 30 H@0 H0 H0 H0 H39At9At9At@9 A& t.y9 Iu9 D$A`3& v
Ansi based on Dropped File
(~WRD0000.doc)
3jZFQFPvW.v~_^At9L$V4t,jhwh`rjVtRj^3H@HHHH39At9At9At@At.yIuD$A`3v
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M Le9 g& uMMpLh9 E9 0 ]& t9 9M0 E'5h\: EP9 E2PMEEME>M 6& u;MP;EP9 EPEP9 PN4EkEME=hEP9 PMEBEME=M'6& uM.60 FhhEP9 PMEEMEj=M5& uE~$P9 D9 :hEP9 8PMEDME =M5& uEPND Dh8 9 & tAh0 MQ9 PMEgDME<ML5& uEPNCDe}w3F9 ]u9 9 & t'EP9 *Mh9 E9E& uEEEteMN< }t"9 9 P9 9 WMQMQMQS9 P& tE9 E;E re& t9 j9 3ME;MMI9 Jj.hY9 0 M30 E;tUdjpL0 Md9 Mp(9 0 MT& oe`0 EP& u`9 MT9 0 ]X& E P9 eh9 7M 9 0 }6;9 & 0& }dh\: 9 9 & 9 EP9 %9 Eu39 M0 }: t[E P9 M E89 udE P9 <E PEP9 PN4E!BME0 :M 0 }~:9 MXhT9 & EP9 9 E29 M0 };: xEP9 O9 ud$P9 ExAM0 }:9 K7AEP h9 Ev6M9 0 }9& 9 0 E\& hY0 EpE& t9 `9 3ep}\0 } Gup9 MX9 & #E@P9 M@E1M@& & h\: 5& tXE0P9 VM0E1& u59 MdE0P~9 MdE0PE PPNhE
Ansi based on Dropped File
(~WRD0000.doc)
3M&ueMuMMMJ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M0 F89 j%9 R9 F8:VWjX9 f0 9 D$9 & t9 83& u
Ansi based on Dropped File
(~WRD0000.doc)
3M7eMyREPuME0 9 M& tEPcMS& t3ME\[MM9 M*EPME,M9 E*jO9 9 M S& t
Ansi based on Dropped File
(~WRD0000.doc)
3M7eMyREPuMEMtEPcMSt3ME\[MMM*EPME,ME*jOMSt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M9 0 eju0 FV" 9 NjY9 0 ME& t3M}0 Ft9 0 eju" 9 Nq4jh[M9 }tvjjPY9 0 Me& tb3M9 0 eju0 F 9 Nj Y9 0 ME& t 3uM9 0 Fj.9 }tgjY9 0 Me& t3M9 0 eju0 F 9 NjY& t` $39 M0 F0 Hj.89 }tJUj;Y9 0 Me& tM3M9 0 eju0 F"! 9 N9 E0 F" j[9 0 uej
Ansi based on Dropped File
(~WRD0000.doc)
3M=jju3M0 u7BM;uM=<;uMM=9 3FV9 D$tVY9 ^j@a 9 Mee9 0 } [Ph&.Sjz9 \& & " M3EuWMv53& tEW 9 0 ePmMj9 E[PMxih.MEek9 0 ejh|9 SiEP PM0 E& 9 u
Ansi based on Dropped File
(~WRD0000.doc)
3M=jju3Mu7BM;uM=<;uMM=3FVD$tVY^j@aMee}[Ph&.Sjz\M3EuWMv53tEWePmMjE[PMxih.MEekejh|SiEPPMEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MejuFVNjYMEt3M}FtejuNq4jh[M}tvjjPYMetb3MejuFNj YMEt3uMFj.}tgjYMet3MejuFNjYt`$3MFHj.8}tJUj;YMetM3MejuFNEFj[uej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MEPhM}%u3MM(M;E}uMwEPEhME8%tEPPNE0MHh`M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MF8j%RF8:VWjXfD$t83u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MIaujh|MnMjxV]c;tVMjM_PMZpEPM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MLeguMMpLhE]t9ME'5h\EPE2PMEEME>M6u;MP;EPEPEPPN4EkEME=hEPPMEBEME=M'6uM.6FhhEPPMEEMEj=M5uE~$PD:hEP8PMEDME =M5uEPNDDh8tAh0MQPMEgDME<ML5uEPNCDe}w3F]ut'EP*MhE9EuEEEteMN<}t"PWMQMQMQSPtEE;Eretj3ME;MMIJj.hYM3E;tUdjpLMdMp(MToe`EPu`MT]XEPeh7M}6;0dh\EP%Eu3M}:t[E PM E8udE P<E PEPPN4E!BME:M }~:MXhTEPE2M};:xEPOud$PEAM}:K7AEPhEv6M}9E\hYEpEt3ep}\}GupMX#E@PM@E1M@h\5tXE0PVM0E1u5MdE0PMdE0PEPPNhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MM3AFFf; @; Sa tVHtGt1
Ansi based on Dropped File
(~WRD0000.doc)
3MM3AFFf;@; S tVHtGt1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MMMMM3u##4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MQEPu39 0 ]& tMMZ9 9 ;tQh
Ansi based on Dropped File
(~WRD0000.doc)
3MQEPu3]tMMZ;tQh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3N<0 },3CNL]N\E}E}EE0 0 ~0 ~|0 0 Fx0 ~0 0 ^p0 ^t0 " x0 ~l0 0 0 0 0 ~0 ~00 ~40 ~80 ~$0 ~(0 ~,0 ~0 ~0 ~ 0 ~0 ~0 9 DjyVC9 0 ufx9 E& t9 j'}E;}E,N\E NLEN<EM9 DjNT"C9 9 Mf& & s& R9 9 & ufj =Y0 Ee& tjs9 ~3M0 EPs@ 9 0 eu9 9 9 suhu}tu9 9 WFC9 D$0 At39A" jSVLB9 30 }9}$ 9}(t~9 F9 ] ;t9 M+MWQ9 M+MQuuPS Gu(9 E+ESu$9 P9 E+EPu9 Eu
Ansi based on Dropped File
(~WRD0000.doc)
3N<},3CNL]N\EEEE~~|Fx^p^t~l~~0~4~8~$~(~,~~~ DjyVCufxEtj'E;E,N\E NLEN<EMDjNT"CMfsufj =YEetjs~3MEPs@eusuhu}tuWFCD$At39AjVLB3}9}$9}(t~F] ;tM+MWQM+MQuuPGu(E+ESu$PE+EPuEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3O$F$]SQPRPEEP63];tMQRMTEvS;u]C;]r3;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3QuEP9 QeM%& t3MM-9 M
Ansi based on Dropped File
(~WRD0000.doc)
3QuEPQeM%t3MM-M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Rf~#u[3fE}QVfEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3sEP9 eMy& t3MM9 MEP9 E}PMEFMEM+& u uM& tME! 3F M!ME& MEBxuMh9 PVM~M9 E" MEME'j@quEPQeMv& t3MM9 q}tjrY9 3MfMEk" ME! ~Wh$M9 PVM{M9 E=" ME# j puEPeM& t3MM59 =qMME MEuMhH9 _PVM-M9 E ME9 jo9 9 MUuEP9 eM(& t3MM 9 "!pM,9 MEM9 ' MECVhlM9 PWM7M9 E ME`jRoEP: eeMME MES9 EPhM=PVM0 & u0 M9 u|p~9 0 uMEd MEJMM9 ojnuEPeeMME
Ansi based on Dropped File
(~WRD0000.doc)
3sEPeMyt3MMMEPEPMEFMEM+u uMtME3FM!ME&MEBuMhPVM~MEMEME'j@quEPQeMvt3MMq}tjrY3MfMEkMEWh$MPVM{ME=ME#jpuEPeMt3MM5=qMMEMEuMhH_PVM-MEMEjoMUuEPeM(t3MMpM,MEM'MECVhlMPWM7MEMEjRoEPeeMMEMEEPhM=PVMuMu|p~uMEdMEJMMojnuEPeeMME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3SjuMYZeM\OjEP9 R& t3MMLT9 uN]9 PEP9 R3FU9 }u35u9 MV9 Mqj
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eM'& t3MM& .9 M&ME+MEGjhM9 %PVM:M9 EME"!j}U9 9 M"!&& t
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eM+& tMM! 2M*ME/MEK9 EPh M)PVM& u-3MEMEMM29 ^9 uj$=9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eMq&& tMM-eM{ME MES9 EPhM%PVML& u-3MEKME1MMo-9 Z9 uj}9 9 M%& t
Ansi based on Dropped File
(~WRD0000.doc)
3uEPeM't3MM.M&ME+MEGjhM%PVM:MEMEj}UM&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEPeM't3MM[/eMMEMEEPVM&PWMu!EEuMVe&PWMuMEMEnjMD't
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEPeM+tMM2M*ME/MEKEPhM)PVMu-3MEMEMM2^uj$=uu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEPeMq&tMM-eM{MEMEEPhM%PVMLu-3MEKME1MMo-ZujM%t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3WMXeWMw0 9 EjW0 ~0 F9 0 F & uMMd9 =@ EPvv 9 Fd9 UjvHvhD+RQQhPjvPj9 !P0 F& u3MMc9 IEPv9 E+E+FP~t0 FHt9 EP9 Fp9 E)FHt9 2EP9 Fp9 E)FH9 \3F9 U9 }+SVW9 te9}t}u|3_^[]9 ]9 u& u9Ft9 9 P`9 NuSW?u& u9Ft9 9 Pd9 N9 U9 BHt
Ansi based on Dropped File
(~WRD0000.doc)
3WMXeWMwEjW~FF uMMd=@EPvv FdUjvHvhD+RQQhPjvPj!PFu3MMcIEPvE+E+FP~tFHtEPFpE)FHt2EPFpE)FH\3FU}+SVWte9}t}u|3_^[]]uu9FtP`NuSW?uu9FtPdNUBHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3wuEP9 weM+& t3MM939 jzYM9 MEMEVh M9 a*PWMM9 EMEj}9 9 MD+& t
Ansi based on Dropped File
(~WRD0000.doc)
3wuEPweM+t3MM93jzYMMEMEVhMa*PWMMEMEj}MD+t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3x9 MESPh RMS0 }" %& u3MMS(9 9 M;0 E0 }}: u9 M9 & wEP9 EhRME8%& tERP9 PNE0MRHh`RM
Ansi based on Dropped File
(~WRD0000.doc)
3XuEP9 XeM(& t3MM09 M}EtjIY9 9 }MMEWh,M9 7'PVMM9 E}MEc& jv9 9 M(& t
Ansi based on Dropped File
(~WRD0000.doc)
3XuEPXeM(t3MM0M}EtjIY}MMEWh,M7'PVMME}MEcjvM(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3YU3EVW}VjPqjPhj)tjY3@M_3^wjWQ!}MEPu3]];tuMM}9u3R;tMQu3FR8Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3YU9 30 EVW9 }V& jPqj& Phj)0 & tjY3@9 M_3^wjWQ!}9 MEPu3 9 0 ]0 ];t9 uMM9 } 9u39 9 9 R;t9 MQu39 FR8M& t
Ansi based on Dropped File
(~WRD0000.doc)
3yVu & tP 9 & tVu M9 '9 MeVWPM& u3MM9 SuM9 j[[x9 Re& t6>t+u9 MQ9 R9 9 juPMM3@MM3xjRw9 j<rY9 0 Me& tjxa30 }0 R& u3Yj8qY9 0 ME& tjx: 30 }0 & tj"9 0 eWhh9 j&9 0 eWh9 j/9 0 eWhX9 j<9 0 eWh9 j>9 0 eWhS9 "!h 9 0 eWhH9 zh 9 0 eWh8n9 [h 9 0 eWh$O9 <h! 9 0 eWh09 h0 9 0 eWh9 h9 9 0 eWh9 h 9 0 eWh9 h 9 0 eWh9 h 9 0 eWh" 9 h 9 0 eWhv9 ch 9 0 eWhW9 Dh 9 0 eWh89 %h"!9 0 eWhx9 h: 9 0 eWhd9 h9 0 eWhT9 h9 0 eWhD9 h9 0 eWh49 `h9 0 eWh$~9 kh9 0 eWh_9 Lh9 0 eWh@9 -S9 0 eWh 9
Ansi based on Dropped File
(~WRD0000.doc)
3yVutPtVuM'MeVWPMu3MMuMj[[xet6>t+uMQRjuPMM3@MM3xjRwj<rYMetjx3}u3Yj8qYMEtjx3}tj"eWhhj&eWhj/eWhXj<eWhj>eWhheWhHzheWh8n[heWh$O<heWh0heWhheWhheWhheWhheWhheWhvcheWhWDheWh8%heWhxheWhdheWhTheWhDheWh4heWh$~kheWh_LheWh@-SeWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Y}9 EME0 EJ0 EEPuhav8u3MM9 #F<3FU$ 30 & PeSV9 \Wj8E jP9 -9 & d9 `h0 EEjPE E0 ] 0 E w-E PShsw8ju 9 9 P_9 ^3[TV9 v8& u^jjhv8^t$q80 U9 uuuuuq8S ]j0Vl!9 ]3VsEPM0 u& & VVj9 =Ps0 EC0 E0 ut09 5Rj
Ansi based on Dropped File
(~WRD0000.doc)
3Y}EMEEJEEPuhav8u3MM#F<3FU$3PeSV\Wj8EjP-d`hEEjPEE]Ew-EPShsw8juP_^3[TVv8u^jjhv8^t$q80Uuuuuuq8]j0Vl!]3VsEPMuVVj=PsECEut05j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Z^SEPeM& tMMfMME~ME*! ~$WhTM0 E PuMF4PhHMyPuM9 MS-9 0 v3& t+ME}ME0 MM9 )FUTjD: X0 MPM( j3hM80 ]jjhMEW9 MPE8PEPE(PEM9 EUM8]J;u#MM(:39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3Z^SEPeMtMMfMME~ME*~$WhTMEPuMF4PhHMyPuMMS-v3t+ME}MEMM)FUTjDXMPM(j3hM8]jjhMEWMPE8PEPE(PEMEUM8]J;u#MM(:3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3}/M| 3VjuM0 u M;uM ;uMM"! 9 P9 `9 V9 9 F$U& tPf9 F& tP& tv^j0ik.9 ej,^VEjP99 E9 K0 u0 ME0 E0 Eu}M0 C%9 5$ & tjjhsM0 EEPjh2s3& uMM[9 c.$FU9 0Vj,EjP9 r89 F9 ME,0 E0 E0 EEPjh9v$ ^t$t$hq$ 3@t$jhq$ 3@V9 "!D$tV-Y9 ^U9 SVW39 9}t@Wu WuPPPPQWh(UW 9 0 ^;u3DWjhS$ hj9 N,Wj9 ?Wj9 59 E0 F9 E0 F9 _^[]VW39 NWt$$Ut$0 ~0 ~0 ~0 ~0 ~0 ~B0 ~_9 ^jak,9 0 uPU3@~P9 0 EkI9 j9 PNEiIM9 A,|$u3W9 |$& u3&Vq9 9D$st$9 H0 3@3^_ jakn+9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
3}MyJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3}Rf~#u[3f0 E}QVfEj
Ansi based on Dropped File
(~WRD0000.doc)
4 4$4(4,4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4$44484<4D4\4l4p4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4$4@4D4H4L4P4T4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4(444X4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 434R4^4v4{44444444455p56P66@7V7i77778q8888*9:7:H:g:::9;;;;;;8<<<=R=Y=u===>>>>???0111111g22F3O3s333333344=4U4s4444445G5\556(606=6b6q66667>77778'828f8l888888899K9]9999w::0;<<=*=]=S23333333333333333333333333333334444L4R4Z4g4{4444(5A5j5o555w607H7M799%:X:::/;|;;;;T<l<<<<<<=!=.=b==4?F?0"0/0J0Q0i0000 444440556d666666666666677
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4 434R4^4v4{49 4444444455p56P66@7V7i77 778q8888*9:7:H:g:::9;;;;;;8<<<=R=Y=u===> >>>??`? 0111111g22F3O3s30 3~3333344=4U4s4444445G5\556(606=6b6q66667>77778'828f8l8! 8 8888899K9]9 999w:R:0;<<=*=]=S20 33 3" 3"!333333333333333333333333334444L4R4Z4g4{49 444(5A5j5o5 55w607H7M799%:X:}::/;|;;;;T<l< <<<<<=!=.=b=0 =4?F?0"0/0J0Q0i0000 444440556d666666666666677
Ansi based on Dropped File
(~WRD0000.doc)
4"4'474f4t4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4#505>5n5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$4,444<4D4L4X4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$404T4t4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$4D4P4p4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(40484@4H4P4X4`4h4t4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(444?4E4P4X4b4p4u4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(484<4@4D4L4d4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(5A5j5o5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4)GZ?C@ JYZA(=K%LXZRT>H/2:ZN".01'6Z-O3+M V5,9 ZP7D!;;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
4)GZ?C@ JYZA(=K%LXZRT>H/2:ZN".01'6Z-O3+MV5,ZP7D!;;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4,5A5U5u5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
404@4D4T4X4\4`4h4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
404`4f4p4u4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
404P4X4`4h4p4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
41'M!:";GIF89a~q!,H A2tP`]8y',@(0! $<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
41R'M!S:0 ";GIF89a` ~ x R} }~ : x 0 }0 9 a q!`,H A2tP`]}8y'},@(& 0! $<
Ansi based on Dropped File
(~WRD0000.doc)
44(444?4E4P4X4b4p4u444 4S4444444444455!5&505<5G5M5\5f5t5y555"!55555555555666%6/696C6M6X6\6a6 X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9 9 99R99 99S9999999999;;;;;0<4< <<S<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S44444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S5555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>S>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3 3 33R33 33S333333333333333333333333344444444 4$4(4,46R6P7T7X7\7`7d7h7l7p7t7x7|7 7 77R77>>>45555555555555566666666(|2 2 25566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8 8 888 88S888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|: :::::::::::d=h=p=t=x=|= = ==R== ==S=============>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S????????????H0L0P0T0X0\0112h7l77 77S7777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|: : ::R:: ::S:::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|= = ==R== ==S===================== > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S4444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|< < <<R<< <<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|: : ::R:: ::S::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|; ; ;;R;; ;;S;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|> > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0 0 00R00 00S000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4 4 44R44 4444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|= = ==>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 222222222233333333 3$3(3,30343R33 33S333p4t4x4|4 4 44R44 4@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????P111111111111111122222222 2$2(2h2l2p2t2x2|2 2 22R22 22S222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555556666666 6$6 6 6666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|5 55 55S5555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7R7S77777777778$8(8,848L8P8h8l8 8 88S8888888888990949L9\9`9d9h9l9t9R9999999999::: :8:H:L:P:X:p:t:R::::::::::;;(;,;0;8;P;T;l;p;;;S;;;;;;;;<<<<0<4<L<P<h<l< < <<S<<<<<<<<<<<======0=@=D=H=P=h=l= = =========>>(>,>D>H>`>d>|>R>> >S>>>>>>>???$?(?@?D?\?l?p?t?|? ?????????? h00(0,0@0D0T0X0`0x00R0S000000000111,10181P1`1d1t1x1 111111111112222242D2H2X2\2d2|2R2222222222233 3034383@3X3h3l3|3 3 3R33333333333344(484<4@4D4L4d4t4x4|4 4S44444444444455(585<5@5D5H5\5`5p5t5|5 55555555566666,606H6X6\6`6t6x66R66 6S666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 7S777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888S888888889999(9,9<9@9P9T9d9h9x9|9R999999999999::::,:0:8:P:`:d:t:x:|: : ::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p< <<<S<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x= ==S========>>>> >0>4>8><>D>\>`>x>>R>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t?R?????????????00040D0H0\0`0p0t0 00R0 000000001111101@1D1T1X1h1l1t1R1S1111111111222$2(282<2D2\2l2p2 2 22R22 2S22222222233 3$3,3D3T3X3h3l3|3 3 333333333334444404@4D4T4X4\4`4h4 44 44444444444455,505@5D5T5X5\5d5|5 5555555555566(6,6@6D6T6X6`6x66R6S666666666677 7074787@7X7h7l7|7 7 7R777777778888$8<8L8P8`8d8t8x8 88888888888899 9$9(9,949L9\9`9p9t9x9|9 99999999999::::(:,:<:@:P:T:d:h:x:|:R::::::::::::;;;;,;0;@;D;T;X;h;l;|; ;; ;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<S<<<<<<<<<<====4=D=H=X=\=d=|=R============>>>>,>0>@>D>L>d>t>x>>R> >>>>>>>>????$?<?L?P?`?d?h?p???S??????????00 00040D0H0L0P0T0\0t0 000S00000000000111(1,1014181<1D1\1l1p1 1 1 11111111111222 20242D2H2X2\2l2p2 2 2 22222222222233 3$34383H3L3\3`3h3 33 33333333334 4$44484<4D4\4l4p4 4 444444444445555 5(5@5P5T5d5h5l5t5R5S55555555556666(686<6L6P6T6X6\6d6|6R66666666666666777$74787H7L7P7T7X7`7x77R7S777777777788808@8D8T8X8`8x88R8S888888888899 90949D9H9P9h9x9|9R99 99S99999999999: :$:4:8:<:D:\:l:p: : :::::::::::::;; ;$;,;D;T;X;h;l;t;R;S;;;;;;;;;;<<,<0<@<D<H<P<h<l< < <<<<<<<<<<=====4=D=H=X=\=`=h= == ============>>,>0>@>D>L>d>t>x>>R>>>>>>>>>>??? ?0?4?<?T?d?h?x?|?R?? ?S????????4000$0(0,00080P0`0d0t0x0|0 0S08889999$9,949<9D9L9T9\9d9l9t9|9 9R99999999::: :D:d:l:t:|: :R: :::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<R<<<<<<=,=4=@=`=h=p=t=x= = =S=====>>> >(>0>8>@>H>P>\>|> >R>>>>>??? ?(?0?<?\?d?p? ???????????t0(00080@0H0P0X0`0l0R0 00000001111$101T1t1|1 1R1 1S11111111111112222$2,242<2H2h2t2 2S222223$3D3L3T3\3d3l3t3|3 3R3 3S3333333333344 4(444X4x4 4444444444445 5(50585D5d5l5t5|5 5R5 55555556666$6,646@6`6l6R66666677 7(747T7\7d7p77S77777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9 999S999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|; ;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x= ========>8>@>H>P>X>`>h>p>x> >>>>>>>>>>>>>?(?0?8?@?H?T?t?|? ?R? ?S????????? 0000D0X0h0|0 0000001 1(10181@1H1T1t1|1 1R1 1S111111122220282D2l2 2222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x4 444S4444445555 5(50585@5H5P5X5d5 5R55555556 6(646T6\6d6p6 66666666667 7,7P7p7x7 777S77777777778888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S88888888888889999$9,949<9D9L9T9\9d9l9t9|9 9R9 9S999999999::,:4:<:H:h:p:x: :::::::;; ;@;H;P;\;|; ;R; ;;;;;;;<<0<8<@<H<P<X<`<h<p<|<S<<<<<<<<<=$=,=4=@=`=h=p=x= =========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t0 0S0000000001$1,141<1H1l1R1 1S1111111111222<2D2P2p2x2 22 22223333$3,343<3H3h3t3 3S33333333484@4H4P4X4`4h4p4x4 4R4444444455,585\5|5 5R5 5S5555555566$6,686X6`6h6p6|6S6666667777$7,787\7|7 7R7 7S7777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|: :R: :S:::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|< <R< <<<<<<<<<<=$=0=P=\=|= =R=====>>> >(>0>8>@>H>P>X>`>l>R> >>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x0 0000000001111 1,1L1T1\1d1l1t1|1 1R11111111222 2@2H2P2X2d2 2222222223(30383@3L3l3x33333334$404T4t4|4 4R4 4S4444444445555<5D5P5p5|5S55555556686D6d6p66S6666777$7,7<7P7\7d7 7R7 7S77777777777778888@8L8p88888888888888899,989X9`9h9t9 9S99999999: :@:L:t::::::::;;;4;<;H;h;p;|;S;;;;;;;;;<$<0<P<X<`<l<R< <S<<<<<<===8=@=L=l=t=|= ======>>>$>H>h>p>x> >>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`0 0000000001111$1H1h1p1x1 11 111111111112(20282@2H2P2X2d2 2R2 2S22222222233343<3D3L3T3\3h3333333333344<4D4P4p4x4 4444444455$505T5t5|5 5R5 5S55555566(60686@6L6l6x666666677747@7`7l7R7 77777778848T8\8d8l8t8|8 888888888999 9D9d9l9t9|9 9R9 9999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l; ;;;;;;;;;;<<<4<@<d< <R< <S<<<<<<<<<<<=<=H=P=h=t= =S======>>>8>@>H>T>t> >>>>>>>?,?4?<?D?L?\?p?|? ???????? 0000@0`0h0p0x0 0000000000001 1(141T1\1h11111111122,242<2H2h2p2x2 222222333 3@3H3T3t3|3 3R333333334(40484@4H4P4X4`4h4t4 4S4444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p6 66666666667 7(70787@7H7P7\7 77777777778888$8,848<8D8L8X8x8 88888888888888899$9,949<9D9L9T9\9d9l9t9 9999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`; ;;;;;;;;;;;;;;;;<<<4<<<H<l<R< <S<<<<<<<<<=,=@=L=T=l=|= =R= =======>>>$>,>8>X>d> >>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1 1R11111120282@2H2P2X2`2h2p2x2 2222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4S444444445 5@5H5T5t5 55555566686X6`6h6p6x6 66 66666777(7H7P7\7|77777778,848<8D8L8T8`8 888S8888889999$9D9L9X9x9 9R999999::(:0:L:l:t:|: :R: :S:::::::::;;,;4;<;H;h;p;|;S;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|= =R=====>>> >(>0>8>D>d>l>t>|> >R> >S>>>>>??(?0?<?d?? ?S?????0(00 0H0l0x0 000000000141<1D1L1T1\1d1l1t1|1 1R1 1S1111111112(2H2P2X2`2h2p2x2 22 222222383@3H3P3X3`3h3p3x3 333S3333334404P4X4`4h4p4x4 44444444455,545<5H5h5p5x5 5555555666$606P6\6|6 6R666666667777(7H7T7t7|7777777778 8(848T8`8 8R888888889(9H9P9X9`9h9p9x9 9R99999999999:$:D:L:X:x: ::::::;;;;$;,;4;@;d; ;R; ;S;;;;;;;<$<0<P<X<`<l<R< <<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>R>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`0 0000001 1@1`1 111122(2H2h2222223383X3x333333334484@4D4\4`4|4 4444S4444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t2 22222343T3t3S33344<4`4x4 444455H5t5x55 555556H6L6l6 666667,7X7p7t77777788H8h8 8888889,9P9l9p999999:,:0:P:T:p:R:::::;,;H;h; ;;;;;;<4<X<|<S<<<== =@=D=d=R=====>,>h>>>>>?,?L?l? ?????? 000L0h0 0S000001 1T1X1x1|1S111112<2X2\2x22S2222343L3h3l3 3S3333444T4|44S444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44444444444444 5S55555555555556666$6,646<6D6L6T6\6d6l6t69 99S999999999999999
Ansi based on Dropped File
(~WRD0002.doc)
44(444?4E4P4X4b4p4u444 4S4444444444455!5&505<5G5M5\5f5t5y555"!55555555555666%6/696C6M6X6\6a6 X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9 9 99R99 99S9999999999;;;;;0<4< <<S<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S44444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S5555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>S>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3 3 33R33 33S333333333333333333333333344444444 4$4(4,46R6P7T7X7\7`7d7h7l7p7t7x7|7 7 77R77>>>45555555555555566666666(|2 2 25566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8 8 888 88S888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|: :::::::::::d=h=p=t=x=|= = ==R== ==S=============>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S????????????H0L0P0T0X0\0112h7l77 77S7777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|: : ::R:: ::S:::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|= = ==R== ==S===================== > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S4444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|< < <<R<< <<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|: : ::R:: ::S::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|; ; ;;R;; ;;S;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|> > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0 0 00R00 00S000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4 4 44R44 4444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|= = ==>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 222222222233333333 3$3(3,30343R33 33S333p4t4x4|4 4 44R44 4@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????P111111111111111122222222 2$2(2h2l2p2t2x2|2 2 22R22 22S222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555556666666 6$6 6 6666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|5 55 55S5555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7R7S77777777778$8(8,848L8P8h8l8 8 88S8888888888990949L9\9`9d9h9l9t9R9999999999::: :8:H:L:P:X:p:t:R::::::::::;;(;,;0;8;P;T;l;p;;;S;;;;;;;;<<<<0<4<L<P<h<l< < <<S<<<<<<<<<<<======0=@=D=H=P=h=l= = =========>>(>,>D>H>`>d>|>R>> >S>>>>>>>???$?(?@?D?\?l?p?t?|? ?????????? h00(0,0@0D0T0X0`0x00R0S000000000111,10181P1`1d1t1x1 111111111112222242D2H2X2\2d2|2R2222222222233 3034383@3X3h3l3|3 3 3R33333333333344(484<4@4D4L4d4t4x4|4 4S44444444444455(585<5@5D5H5\5`5p5t5|5 55555555566666,606H6X6\6`6t6x66R66 6S666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 7S777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888S888888889999(9,9<9@9P9T9d9h9x9|9R999999999999::::,:0:8:P:`:d:t:x:|: : ::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p< <<<S<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x= ==S========>>>> >0>4>8><>D>\>`>x>>R>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t?R?????????????00040D0H0\0`0p0t0 00R0 000000001111101@1D1T1X1h1l1t1R1S1111111111222$2(282<2D2\2l2p2 2 22R22 2S22222222233 3$3,3D3T3X3h3l3|3 3 333333333334444404@4D4T4X4\4`4h4 44 44444444444455,505@5D5T5X5\5d5|5 5555555555566(6,6@6D6T6X6`6x66R6S666666666677 7074787@7X7h7l7|7 7 7R777777778888$8<8L8P8`8d8t8x8 88888888888899 9$9(9,949L9\9`9p9t9x9|9 99999999999::::(:,:<:@:P:T:d:h:x:|:R::::::::::::;;;;,;0;@;D;T;X;h;l;|; ;; ;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<S<<<<<<<<<<====4=D=H=X=\=d=|=R============>>>>,>0>@>D>L>d>t>x>>R> >>>>>>>>????$?<?L?P?`?d?h?p???S??????????00 00040D0H0L0P0T0\0t0 000S00000000000111(1,1014181<1D1\1l1p1 1 1 11111111111222 20242D2H2X2\2l2p2 2 2 22222222222233 3$34383H3L3\3`3h3 33 33333333334 4$44484<4D4\4l4p4 4 444444444445555 5(5@5P5T5d5h5l5t5R5S55555555556666(686<6L6P6T6X6\6d6|6R66666666666666777$74787H7L7P7T7X7`7x77R7S777777777788808@8D8T8X8`8x88R8S888888888899 90949D9H9P9h9x9|9R99 99S99999999999: :$:4:8:<:D:\:l:p: : :::::::::::::;; ;$;,;D;T;X;h;l;t;R;S;;;;;;;;;;<<,<0<@<D<H<P<h<l< < <<<<<<<<<<=====4=D=H=X=\=`=h= == ============>>,>0>@>D>L>d>t>x>>R>>>>>>>>>>??? ?0?4?<?T?d?h?x?|?R?? ?S????????4000$0(0,00080P0`0d0t0x0|0 0S08889999$9,949<9D9L9T9\9d9l9t9|9 9R99999999::: :D:d:l:t:|: :R: :::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<R<<<<<<=,=4=@=`=h=p=t=x= = =S=====>>> >(>0>8>@>H>P>\>|> >R>>>>>??? ?(?0?<?\?d?p? ???????????t0(00080@0H0P0X0`0l0R0 00000001111$101T1t1|1 1R1 1S11111111111112222$2,242<2H2h2t2 2S222223$3D3L3T3\3d3l3t3|3 3R3 3S3333333333344 4(444X4x4 4444444444445 5(50585D5d5l5t5|5 5R5 55555556666$6,646@6`6l6R66666677 7(747T7\7d7p77S77777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9 999S999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|; ;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x= ========>8>@>H>P>X>`>h>p>x> >>>>>>>>>>>>>?(?0?8?@?H?T?t?|? ?R? ?S????????? 0000D0X0h0|0 0000001 1(10181@1H1T1t1|1 1R1 1S111111122220282D2l2 2222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x4 444S4444445555 5(50585@5H5P5X5d5 5R55555556 6(646T6\6d6p6 66666666667 7,7P7p7x7 777S77777777778888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S88888888888889999$9,949<9D9L9T9\9d9l9t9|9 9R9 9S999999999::,:4:<:H:h:p:x: :::::::;; ;@;H;P;\;|; ;R; ;;;;;;;<<0<8<@<H<P<X<`<h<p<|<S<<<<<<<<<=$=,=4=@=`=h=p=x= =========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t0 0S0000000001$1,141<1H1l1R1 1S1111111111222<2D2P2p2x2 22 22223333$3,343<3H3h3t3 3S33333333484@4H4P4X4`4h4p4x4 4R4444444455,585\5|5 5R5 5S5555555566$6,686X6`6h6p6|6S6666667777$7,787\7|7 7R7 7S7777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|: :R: :S:::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|< <R< <<<<<<<<<<=$=0=P=\=|= =R=====>>> >(>0>8>@>H>P>X>`>l>R> >>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x0 0000000001111 1,1L1T1\1d1l1t1|1 1R11111111222 2@2H2P2X2d2 2222222223(30383@3L3l3x33333334$404T4t4|4 4R4 4S4444444445555<5D5P5p5|5S55555556686D6d6p66S6666777$7,7<7P7\7d7 7R7 7S77777777777778888@8L8p88888888888888899,989X9`9h9t9 9S99999999: :@:L:t::::::::;;;4;<;H;h;p;|;S;;;;;;;;;<$<0<P<X<`<l<R< <S<<<<<<===8=@=L=l=t=|= ======>>>$>H>h>p>x> >>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`0 0000000001111$1H1h1p1x1 11 111111111112(20282@2H2P2X2d2 2R2 2S22222222233343<3D3L3T3\3h3333333333344<4D4P4p4x4 4444444455$505T5t5|5 5R5 5S55555566(60686@6L6l6x666666677747@7`7l7R7 77777778848T8\8d8l8t8|8 888888888999 9D9d9l9t9|9 9R9 9999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l; ;;;;;;;;;;<<<4<@<d< <R< <S<<<<<<<<<<<=<=H=P=h=t= =S======>>>8>@>H>T>t> >>>>>>>?,?4?<?D?L?\?p?|? ???????? 0000@0`0h0p0x0 0000000000001 1(141T1\1h11111111122,242<2H2h2p2x2 222222333 3@3H3T3t3|3 3R333333334(40484@4H4P4X4`4h4t4 4S4444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p6 66666666667 7(70787@7H7P7\7 77777777778888$8,848<8D8L8X8x8 88888888888888899$9,949<9D9L9T9\9d9l9t9 9999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`; ;;;;;;;;;;;;;;;;<<<4<<<H<l<R< <S<<<<<<<<<=,=@=L=T=l=|= =R= =======>>>$>,>8>X>d> >>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1 1R11111120282@2H2P2X2`2h2p2x2 2222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4S444444445 5@5H5T5t5 55555566686X6`6h6p6x6 66 66666777(7H7P7\7|77777778,848<8D8L8T8`8 888S8888889999$9D9L9X9x9 9R999999::(:0:L:l:t:|: :R: :S:::::::::;;,;4;<;H;h;p;|;S;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|= =R=====>>> >(>0>8>D>d>l>t>|> >R> >S>>>>>??(?0?<?d?? ?S?????0(00 0H0l0x0 000000000141<1D1L1T1\1d1l1t1|1 1R1 1S1111111112(2H2P2X2`2h2p2x2 22 222222383@3H3P3X3`3h3p3x3 333S3333334404P4X4`4h4p4x4 44444444455,545<5H5h5p5x5 5555555666$606P6\6|6 6R666666667777(7H7T7t7|7777777778 8(848T8`8 8R888888889(9H9P9X9`9h9p9x9 9R99999999999:$:D:L:X:x: ::::::;;;;$;,;4;@;d; ;R; ;S;;;;;;;<$<0<P<X<`<l<R< <<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>R>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`0 0000001 1@1`1 111122(2H2h2222223383X3x333333334484@4D4\4`4|4 4444S4444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t2 22222343T3t3S33344<4`4x4 444455H5t5x55 555556H6L6l6 666667,7X7p7t77777788H8h8 8888889,9P9l9p999999:,:0:P:T:p:R:::::;,;H;h; ;;;;;;<4<X<|<S<<<== =@=D=d=R=====>,>h>>>>>?,?L?l? ?????? 000L0h0 0S000001 1T1X1x1|1S111112<2X2\2x22S2222343L3h3l3 3S3333444T4|44S444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44444444444444 5S55555555555556666$6,646<6D6L6T6\6d6l6t69 99S999999999999999`0 M* H
Ansi based on Dropped File
(~WRD0000.doc)
44(444?4E4P4X4b4p4u44444444444444455!5&505<5G5M5\5f5t5y55555555555555666%6/696C6M6X6\6a6X5\5`5d5h5l5p5t5x5|55555555555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|999999999999999999;;;;;0<4<<<<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4444444444444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|555555555555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|11111111111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|22222222222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|33333333333333333333333333333333344444444 4$4(4,466P7T7X7\7`7d7h7l7p7t7x7|777777>>>45555555555555566666666(|2225566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8888888888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|::::::::::::d=h=p=t=x=|=====================>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|????????????????????H0L0P0T0X0\0112h7l77777777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:::::::::::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=============================>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?????????????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|444444444444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|<<<<<<<<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|::::::::::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|00000000000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|11111111111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|22222222222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4444444444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|55555P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|====>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|222222222222222233333333 3$3(3,303433333333p4t4x4|4444444@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|?????????????P111111111111111122222222 2$2(2h2l2p2t2x2|22222222222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|55555555555555555555556666666 6$666666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|555555555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7777777777778$8(8,848L8P8h8l88888888888888990949L9\9`9d9h9l9t99999999999::: :8:H:L:P:X:p:t:::::::::::;;(;,;0;8;P;T;l;p;;;;;;;;;;;<<<<0<4<L<P<h<l<<<<<<<<<<<<<<<======0=@=D=H=P=h=l===========>>(>,>D>H>`>d>|>>>>>>>>>>>???$?(?@?D?\?l?p?t?|???????????h00(0,0@0D0T0X0`0x000000000000111,10181P1`1d1t1x1111111111112222242D2H2X2\2d2|22222222222233 3034383@3X3h3l3|33333333333333344(484<4@4D4L4d4t4x4|4444444444444455(585<5@5D5H5\5`5p5t5|555555555566666,606H6X6\6`6t6x66666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|77777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888888888889999(9,9<9@9P9T9d9h9x9|9999999999999::::,:0:8:P:`:d:t:x:|::::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p<<<<<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x===========>>>> >0>4>8><>D>\>`>x>>>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t??????????????00040D0H0\0`0p0t0000000000001111101@1D1T1X1h1l1t111111111111222$2(282<2D2\2l2p222222222222222233 3$3,3D3T3X3h3l3|33333333333334444404@4D4T4X4\4`4h44444444444444455,505@5D5T5X5\5d5|55555555555566(6,6@6D6T6X6`6x666666666666677 7074787@7X7h7l7|777777777778888$8<8L8P8`8d8t8x888888888888899 9$9(9,949L9\9`9p9t9x9|999999999999::::(:,:<:@:P:T:d:h:x:|:::::::::::::;;;;,;0;@;D;T;X;h;l;|;;;;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<<<<<<<<<<<====4=D=H=X=\=d=|=============>>>>,>0>@>D>L>d>t>x>>>>>>>>>>>????$?<?L?P?`?d?h?p?????????????00 00040D0H0L0P0T0\0t000000000000000111(1,1014181<1D1\1l1p11111111111111222 20242D2H2X2\2l2p22222222222222233 3$34383H3L3\3`3h33333333333334 4$44484<4D4\4l4p44444444444445555 5(5@5P5T5d5h5l5t5555555555556666(686<6L6P6T6X6\6d6|666666666666666777$74787H7L7P7T7X7`7x777777777777788808@8D8T8X8`8x888888888888899 90949D9H9P9h9x9|9999999999999999: :$:4:8:<:D:\:l:p:::::::::::::::;; ;$;,;D;T;X;h;l;t;;;;;;;;;;;;<<,<0<@<D<H<P<h<l<<<<<<<<<<<<=====4=D=H=X=\=`=h===============>>,>0>@>D>L>d>t>x>>>>>>>>>>>>??? ?0?4?<?T?d?h?x?|????????????4000$0(0,00080P0`0d0t0x0|0008889999$9,949<9D9L9T9\9d9l9t9|9999999999::: :D:d:l:t:|::::::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<<<<<<<=,=4=@=`=h=p=t=x========>>> >(>0>8>@>H>P>\>|>>>>>>>??? ?(?0?<?\?d?p????????????t0(00080@0H0P0X0`0l0000000001111$101T1t1|111111111111111112222$2,242<2H2h2t22222223$3D3L3T3\3d3l3t3|33333333333333344 4(444X4x44444444444445 5(50585D5d5l5t5|55555555556666$6,646@6`6l666666677 7(747T7\7d7p7777777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9999999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|;;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x=========>8>@>H>P>X>`>h>p>x>>>>>>>>>>>>>>?(?0?8?@?H?T?t?|?????????????0000D0X0h0|00000001 1(10181@1H1T1t1|1111111111122220282D2l22222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x44444444445555 5(50585@5H5P5X5d5555555556 6(646T6\6d6p666666666667 7,7P7p7x777777777777778888$8,848<8D8L8T8\8d8l8t8|888888888888888889999$9,949<9D9L9T9\9d9l9t9|9999999999999::,:4:<:H:h:p:x::::::::;; ;@;H;P;\;|;;;;;;;;;;<<0<8<@<H<P<X<`<h<p<|<<<<<<<<<<=$=,=4=@=`=h=p=x==========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t000000000001$1,141<1H1l1111111111111222<2D2P2p2x22222223333$3,343<3H3h3t3333333333484@4H4P4X4`4h4p4x444444444455,585\5|55555555555566$6,686X6`6h6p6|66666667777$7,787\7|77777777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|:::::::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|<<<<<<<<<<<<<=$=0=P=\=|=======>>> >(>0>8>@>H>P>X>`>l>>>>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x00000000001111 1,1L1T1\1d1l1t1|1111111111222 2@2H2P2X2d22222222223(30383@3L3l3x33333334$404T4t4|44444444444445555<5D5P5p5|555555556686D6d6p666666777$7,7<7P7\7d777777777777777778888@8L8p88888888888888899,989X9`9h9t9999999999: :@:L:t::::::::;;;4;<;H;h;p;|;;;;;;;;;;<$<0<P<X<`<l<<<<<<<<<===8=@=L=l=t=|=======>>>$>H>h>p>x>>>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`00000000001111$1H1h1p1x111111111111112(20282@2H2P2X2d222222222222233343<3D3L3T3\3h3333333333344<4D4P4p4x44444444455$505T5t5|555555555566(60686@6L6l6x666666677747@7`7l7777777778848T8\8d8l8t8|8888888888999 9D9d9l9t9|9999999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l;;;;;;;;;;;<<<4<@<d<<<<<<<<<<<<<<<=<=H=P=h=t========>>>8>@>H>T>t>>>>>>>>?,?4?<?D?L?\?p?|?????????0000@0`0h0p0x00000000000001 1(141T1\1h11111111122,242<2H2h2p2x2222222333 3@3H3T3t3|33333333334(40484@4H4P4X4`4h4t444444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p666666666667 7(70787@7H7P7\777777777778888$8,848<8D8L8X8x888888888888888899$9,949<9D9L9T9\9d9l9t99999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`;;;;;;;;;;;;;;;;;<<<4<<<H<l<<<<<<<<<<<<=,=@=L=T=l=|==========>>>$>,>8>X>d>>>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1111111120282@2H2P2X2`2h2p2x22222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4444444445 5@5H5T5t555555566686X6`6h6p6x66666666777(7H7P7\7|77777778,848<8D8L8T8`88888888889999$9D9L9X9x99999999::(:0:L:l:t:|:::::::::::::;;,;4;<;H;h;p;|;;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|=======>>> >(>0>8>D>d>l>t>|>>>>>>>>>??(?0?<?d????????0(00 0H0l0x0000000000141<1D1L1T1\1d1l1t1|11111111111112(2H2P2X2`2h2p2x222222222383@3H3P3X3`3h3p3x33333333334404P4X4`4h4p4x444444444455,545<5H5h5p5x55555555666$606P6\6|66666666667777(7H7T7t7|7777777778 8(848T8`88888888889(9H9P9X9`9h9p9x9999999999999:$:D:L:X:x:::::::;;;;$;,;4;@;d;;;;;;;;;;;<$<0<P<X<`<l<<<<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`00000001 1@1`1111122(2H2h2222223383X3x333333334484@4D4\4`4|444444444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t222222343T3t333344<4`4x4444455H5t5x55555556H6L6l6666667,7X7p7t77777788H8h88888889,9P9l9p999999:,:0:P:T:p::::::;,;H;h;;;;;;;<4<X<|<<<<== =@=D=d======>,>h>>>>>?,?L?l???????000L0h00000001 1T1X1x1|1111112<2X2\2x222222343L3h3l333333444T4|44444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8888888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|444444444444444444555555555555556666$6,646<6D6L6T6\6d6l6t6999999999999999999`0M*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4444444444"$4445
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
45?5R5Y5_5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
484@4D4\4`4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
484@4H4P4X4`4h4p4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
484E4N4f4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4<4D4P4p4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4@5H5]5h5"8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4`4 4a4444444" $4445
Ansi based on Dropped File
(~WRD0000.doc)
4BL;11YYYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4L4R4Z4g4{4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4PI8;?D! 1\xq7RG~MEzaLDD 0w" ;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
4PI8;?D1\q7G~MEzaLDD0w ;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4T & <R& 0& 8<t<u!33f
Ansi based on Dropped File
(~WRD0000.doc)
4T<08<t<u!33f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5(50585@5H5P5X5d5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5(50585D5d5l5t5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5(5@5P5T5d5h5l5t5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5+5C5Y5a5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5@5H5T5t5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5!5&505<5G5M5\5f5t5y5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5#5*595E5R5v5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5$5,545<5D5L5T5\5d5p5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5$505T5t5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5$585F5d5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5&666@6a6f6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5'535?5K5W5c5o5{5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5(585<5@5D5H5\5`5p5t5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5*5:5X5,6g8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5*696B6W6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5+6>6Q6i6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5,505@5D5T5X5\5d5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5,545<5H5h5p5x5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5,585\5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5/5A5L5f5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
505X6\6`6d6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
54585T5X5x5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
555" @5H5P5X5`5" 59 5 5: 55555" 0555556" )61696A6I6Q6@9" 6" 66" 866" l7$7" J7c7k7" ~7}7 7" " p
Ansi based on Dropped File
(~WRD0000.doc)
555"@5H5P5X5`5"55555555"0555556")61696A6I6Q6@9"6"66"866"l7$7"J7c7k7"777""p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5555"5 5a55*696B6W6! 66%717777888%8*8B8H8W8]8l8r8 80 8888889/9n9u9{99:V::=f=! ===;>>>?HN0l0 00151 4u56,7Q719P;T;X;\;`;d;h;l;=(=:=\=n= = ====: >*?@ 0(001V2\223333n4d5l567a77B8H8X889?99S<<?T00
Ansi based on Dropped File
(~WRD0000.doc)
5555"5555*696B6W666%717777888%8*8B8H8W8]8l8r888888889/9n9u9{99:V::=f====;>>>?HN0l0001514u56,7Q719P;T;X;\;`;d;h;l;=(=:=\=n======>*?@ 0(001V2\223333n4d5l56777B8H8X889?99<<?T00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5555;5D5K5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
59?4(?%?7$=?.3))0B&$%+!DF8> -FCA;GIF89aYYYz{xy~w!,*0^E5N[2O8)<?UW@:=+]&#M19P7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5<5D5P5p5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5<5H5V5]5z5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5>5 5 5555556,6;6D666a7o7777788 8889j:S:::::;'; ;;;<"<1<9<e=>> >6>m>>>>>>??
Ansi based on Dropped File
(~WRD0000.doc)
5>555555556,6;6D666a7o77777888889j::::::;';;;;<"<1<9<e=>> >6>m>>>>>>??
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5?5R5Y5_5578"848V8]88W9u9! 999u::::;{;;`<v< <: <<<<<=>B>?hF1j1}1_222X3d333]555@6N6j6x667+7<77'8=8N88899:::;S;;& <<=[>>>8??????p01 1N1R2W244555 5+5C5Y5a555556!6W6c6r6: 777:;3;k;& <<
Ansi based on Dropped File
(~WRD0000.doc)
5?5R5Y5_5578"848V8]88W9u9999u::::;{;;`<v<<<<<<<=>B>?hF1j1}1_222X3d333]555@6N6j6x667+7<77'8=8N88899:::;S;;<<=[>>>8??????p01 1N1R2W244555 5+5C5Y5a555556!6W6c6r6777:;3;k;<<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5@6N6j6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5C6P6Y6y6~6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5Digital ID Class 3 - Microsoft Software Validation v21
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5F6R6`6g6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5lB@l2u\E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5M5Z5 50 5 5"!55C6P6Y6y6~6666789):;D=0`\000}2 33344y4" 444455955
Ansi based on Dropped File
(~WRD0000.doc)
5M5Z555555C6P6Y6y6~6666789):;D=0`\000233344y4444455955
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5w607H7M7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 (aR6Z*R7n E,S & O<A-6.z1br>+nk4& 9 pM>!j-,p:q4Sp< D ==\ D- ,$ lr2p"A9K\Lq Z4,22 L "D4QAU((L7
Ansi based on Dropped File
(~WRD0000.doc)
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6(646T6\6d6p6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6,6L6T6\6d6p6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6!6'60656D6k6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6!6W6c6r6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6,646<6D6L6T6\6d6l6t6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6,646@6`6l6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6,686X6`6h6p6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$606P6\6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6M6a6}6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6%6/696C6M6X6\6a6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6%7*7R7w7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6&6+626[6k6v6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(6,6@6D6T6X6`6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(60686@6L6l6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(606=6b6q6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(686<6L6P6T6X6\6d6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(6:6C6\6j6z6?7q7}7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(6Z*7nE,S& O<A-6.z1br>+nk4pM>!j-,p:q4p<D==\D-,$lr2p"A9K\LqZ4,22L"D4QAU((L7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
6,606H6X6\6`6t6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6,7Q719P;T;X;\;`;d;h;l;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6-696>6p6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
607<7R7n7{7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
66$6M6a6}66667r77 77778$8)8<8{8S888 99:4:9:o::: ;;;<x<3=K=|=9 =>+>@>& >>>>?*?U?j??~???0D00011.1x1111111;2b222~3~3333333144444556S666
Ansi based on Dropped File
(~WRD0000.doc)
66$6M6a6}66667r7777778$8)8<8{8888 99:4:9:o:::;;;<x<3=K=|==>+>@>>>>>?*?U?j?????0D00011.11111111;2b222~33333333144444556S666
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
66-696>6p6|6666607<7R7n7{77E8P888888869]9b9w9999Y:l:q::<l<<<===>:>> ?Q?h???u00I1122244,575{5555555566R667I7N7j7777777
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
66-696>6p6|6}6: 66607<7R7n7{7 7E8P8 88888869]9b9w99 9x9Y:l:q::<l<x<<===>:>> ?Q?h?! ?? u00I1122244,575{5 5a55555566R6 67I7N7j77: 77777
Ansi based on Dropped File
(~WRD0000.doc)
6616N6& 6666666%7*7R7w7S77777$899\<<<@S2345555;5D5K5556-6A6G66A7G7`7f708D8e8k8888<9F9n9! 999
Ansi based on Dropped File
(~WRD0000.doc)
6616N66666666%7*7R7w777777$899\<<<@S2345555;5D5K5556-6A6G66A7G7`7f708D8e8k8888<9F9n9999
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
686D6d6p6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
686X6`6h6p6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
69 9 E"!++0 E+Ej0 EF0 E0 EEP9 v9 jp0 o9}& f3bj,% 9 9 u3;u39 ;tp & t9 Wp0 M9 MQ9 0 }P& & jEWP39& h.Y0 EE;t9 n39 0 ej|9 VE0 ~9 0 ejVEr~s4usE9 9 ji9 3VVpj9 0 ejh 5~9 9 VVV9o9 9 h& xyo9 9 j$9 9 j oK<9 jiP39 9 WEPu9 9 EPEPu9 u9 9 F+9E|0 E9 WuuvQpS 9 E9 MFEPk3;tQ9 9 un9 jp0 3GMMt 9 |
Ansi based on Dropped File
(~WRD0000.doc)
6?6H6R6w6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6A7G7`7f708D8e8k8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6E++E+EjEFEEEPvjp0o9}f3bj,%u3;u3;tptWp0MMQ}PjEWP39h.YEE;tn3ej|VEejVErs4usEji3VVpjejh5VVV9ohyoj$joK<jiP3WEPuEPEPuuF+9E|EWuuvQpEMFEPk3;tQunjp03GMMt|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
6P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6p7t7x7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6PM0 u+PVhMUVhXMEUEPEPS9 E
Ansi based on Dropped File
(~WRD0000.doc)
6PMu+PVhMUVhXMEUEPEPSE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
6{6/7O7?8h8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7(70787@7H7P7\7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7(747T7\7d7p7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7,7P7p7x7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7074787@7X7h7l7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 8-8C8a8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7!7:7R7n7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7!7b7o7{7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7#7(757;7I7W7e7s7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7$7,787\7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7$7,7<7P7\7d7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7$74787H7L7P7T7X7`7x7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7&848B8O8]8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7'737O7[7u7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7(77788>8h8888 91:<:r:::C;k;;<+<=Z=|=>&>: >>>????| 000;1V111n23484E4N4f4`4445o556(6:6C6\6j6z6?7q7}7 77%8V8`8 888-9J9}99&:5:}::;;&;;;<S==K>>?0\0f0q0 0" 00:12S222222
Ansi based on Dropped File
(~WRD0000.doc)
7(77788>8h888891:<:r:::C;k;;<+<=Z=|=>&>>>>????|000;1V111n23484E4N4f44445o556(6:6C6\6j6z6?7q7}777%8V88888-9J9}99&:5:}::;;&;;;<==K>>?0\0f0q0000:12S222222
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7(7H7P7\7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7(7H7T7t7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7,7X7p7t7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
73! h39|mQQ Zv9 =& tK& t?9 9 9 }+jR9 +R9 UERPv u9 uS_^[]j,F"29 M
Ansi based on Dropped File
(~WRD0000.doc)
73h39|mQQZv=tKt?+jR+RUERPvuuS_^[]j,F"2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
747@7`7l7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
77!7b7o7{7 777778)8U88L9\99-:g:r: :0 ::::;%;V;{;;-<;<B<a< < <2=~=R=0?a?w?R? ?"!?????? 0D0J0q0v0 000000001(131<1M1l11 1122@2c223=3374 44.55.6e77)8F8889<::;;<=======#='=+=R=
Ansi based on Dropped File
(~WRD0000.doc)
77!7b7o7{7777778)8U88L9\99-:g:r::::::;%;V;{;;-<;<B<a<<<2=~==0?a?w?????????0D0J0q0v0000000001(131<1M1l111122@2c223=337444.55.6e77)8F8889<::;;<=======#='=+=R=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
77,7>7e7r7z7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7777!7:7R7n778808?8G888888b9r9 99\:a:k:x::::;;,;\;x;;;<>J>>>x>>>>>>?!?(?,?0?4?8?<?@?D?}? ??S??00,03080<0@0a09 0000000000*1014181<1112222 2$2M2s2 22S222222223333v33S3333333-44484<4@4D4H4L4P4a44444@5H5]5h5"8:DR0Y0000A1G1X1n1 1111-2>2& 2223334[445+828:(>?TS1" 2 3445+667Z7s7788808c8: 899]9c9! 999997::;);L;: ;;;<E<! ??\F11222B3O3'41445@5o56{6/7O7?8h88O:/;;)<?< <x<<=p=x=,>i>s>9 >>>?????*0Y0`22K3^3z3R3x333467N7w7 7x77778E:R::& :9 : : ::::::::::::::;;;;$;0;5;E;J;P;V;l;s;;! ; ;~;;;;;;<
Ansi based on Dropped File
(~WRD0000.doc)
7777!7:7R7n778808?8G888888b9r999\:a:k:::::;;,;\;x;;;<>J>>>>>>>>>?!?(?,?0?4?8?<?@?D??????00,03080<0@0a00000000000*1014181<1112222 2$2M2s222222222223333v333333333-44484<4@4D4H4L4P444444@5H5]5h5"8:DR0Y0000A1G1X1n11111-2>22223334[445+828:(>?T123445+667Z7s7788808c8899]9c9999997::;);L;;;;<E<??\F11222B3O3'41445@5o56{6/7O7?8h88O:/;;)<?<<<<=p==,>i>s>>>>?????*0Y0`22K3^3z33333467N7w7777778E:R:::::::::::::::::::;;;;$;0;5;E;J;P;V;l;s;;;;;;;;;;<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
78'828f8l8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
798q8T9b9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7>7*8/8M8b8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7C7X7t7y7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7eMOuMECuEPEPEPME2t<ejh|uEPEePEnE3(jYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7eMOuMECuEPEPEPMSE2& t<9 0 ejh|9 uEPE9 0 ePEn! E 3(jY& t
Ansi based on Dropped File
(~WRD0000.doc)
7F7b7o7t78L8S8Y8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7j"Y0 9 3_^[]9 U9 EPjuuu8: ]9 U9 SV9 u3W9]u;u9]u3_^[];t9 };w6j^0 0SSSSSO9 9]u9 U;u}9 u`
Ansi based on Dropped File
(~WRD0000.doc)
7j"Y3_^[]UEPjuuu8]USVu3W9]u;u9]u3_^[];t};w6j^0SSSSSO9]uU;u}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7n5 B1AX0 5!~XK+ >R @h " z! FKaMj;GIF89a/$ : "!RRRPSaS0 v~0 N r/! I a"! aQRa RPv6"!a`P` : S m/ l/hl/a}PR ` Y B" S" ` : ^& }S o0 _U` aa " Sa zpx:& `9 "!~j RT Sr: p1k/w9" ~x"!f: i! }RxSq/!,/$@*\/! #f @0
Ansi based on Dropped File
(~WRD0000.doc)
7n5B1AX5!~XK+>@h zFKMj;GIF89a/$RPSvNr/IQRPv6Pm/l/hl/PRYBS^So0_Uazpx:jTrp1k/w9fiRq/!,/$@*\/#f@0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7P89:-:<C>G>K>O>S>W>[>_>`/0l0012A2N2X2f2o2y22222223S3334(4p444p5|555555556!6'60656D6k6666778N888K9b9s99:V::::;;>>>>>>>??"?6?<?E?X?|?p010?0D0222222222233 3&3+343Q3W3b3g3o3u33333333333334444 8,8_8889:::;;)<>>>>>>>?F??00.1122222222334444455#5*595E5R5v55555566&6J6y66y8888D9g99999::.:>:P:U::::I;~;;;;;;;<$<-<:<`<{<<<<<<<<<<<== =$=(=,=0=4=8=<=@=D=H=N=Y=q==8>d>>>>?u?????=001448
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7P89:-:<C>G>K>O>S>W>[>_>`/0l0012A2N2X2f2o2y22222223S33: 34(4p444p5|555555556!6'60656D6k6 666778N888K9b9s99:V::::;;>> >>>>>??"?6?<?E?X?|?p010?0D0! 2" 2: 2222222233 3&3+343Q3W3b3g3o3u33 3a3333333333444 4 8,8_8& 889:::;;)<~>>>>>>>?F?? 00.11! 2 22222223x34444455#5*595E5R5v55 555566&6J6y66y8888D9g90 9 999::.:>:P:U::::I;~;;;;;;;<$<-<:<`<{< <9 < <<<<<<<<== =$=(=,=0=4=8=<=@=D=H=N=Y=q==8>d>R>>>?u?`???? =00 1448
Ansi based on Dropped File
(~WRD0000.doc)
7VP3M_^3[D$@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8 8(848T8`8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8 8,8L8T8\8d8p8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8!8%8)8-81858W9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8!909d9k9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8"!'H@xK$
Ansi based on Dropped File
(~WRD0000.doc)
8"848V8]8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8(8,848L8P8h8l8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8)8<8{8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8,848<8D8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8,848<8D8L8T8\8h8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8,848<8D8L8X8x8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8<8L8P8`8d8t8x8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8%8*8B8H8W8]8l8r8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8,848<8D8L8T8`8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8.8D8_8k8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
808@8D8T8X8`8x8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
83898C8R8X8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
848T8\8d8l8t8|8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
849F9a9l9~9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
84Ex9 9Ex|9 }`ME4M]hM00&
Ansi based on Dropped File
(~WRD0000.doc)
84Ex9Ex|}`ME4M]hM00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
869]9b9w9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
87777778DX@ Z" l8t8|8 8" $8" h@_ 8" 99$9" G9" 0p9" \99" 9" :::):" " PO:Z:e:p:{:::" x" :::::;';2;=;" " ` ;;~;t;j;`;;" ;;;" <" 4
Ansi based on Dropped File
(~WRD0000.doc)
87777778DX@Z"l8t8|88"$8"h@_8"99$9"G9"0p9"\99"9":::):""PO:Z:e:p:{:::"x":::::;';2;=;""`;;~;t;j;`;;";;;"<"4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
88+8@8n8! 8" 889999D:: ::::-;9;>;;;;<H<x==>L>b>n>z>#????d0'040I0c0000=11,2;2F2W2]2b22222]55~::::::o;.<G<X<}<<<8=E=J= >>#??????H0N0d0r0! 00M1b11`12222 464S4^46666z9<<>?%?*?n???.030%11R2R3g3 33444I5 5 55566 6R6 66667F7b7o7t7
Ansi based on Dropped File
(~WRD0000.doc)
88+8@8n88889999D::::::-;9;>;;;;<H<==>L>b>n>z>#????d0'040I0c0000=11,2;2F2W2]2b22222]55::::::o;.<G<X<}<<<8=E=J=>>#??????H0N0d0r000M1b1112222 464S4^46666z9<<>?%?*?n???.030%112R3g333444I5555566 6666667F7b7o7t7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
88888!8%8)8-81858W9999:S: :;;N;_; ;;;;
Ansi based on Dropped File
(~WRD0000.doc)
88888!8%8)8-81858W9999:S::;;N;_;;;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8888889/99 99X:^:}::::;=;J;a;{;;`;;" ;;<@<& <<=K=====>?>x>>?? l222e344
Ansi based on Dropped File
(~WRD0000.doc)
8888889/999X:^:}::::;=;J;a;{;;;;;;<@<<<=K=====>?>x>>??l222e344
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
888@8L8p8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
89 M0 9 ^9 U9 (SVuM`9 u3;u*7SSSSS}8]t9 E`pBFFEPjP4m& uEPSSVuYPEVP @8]t9 E`p^[9 U9 jueYY]9 U9 9 ES3VW;t9 };wQ7j^0 0SSSSS9 <9 u;u9 8tBOu;t`
Ansi based on Dropped File
(~WRD0000.doc)
8>8J8[8g8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8]tN9 `L%
Ansi based on Dropped File
(~WRD0000.doc)
8]u!Et9 9 9 D 9 }9 #;u|EtvuXSuEjPuWuu4PP+9 9 9 D 6Y 9 69 9 0 9 _^[jhB0 30 u39 };" ;u: j_0 8VVVVV@9 Y39u" ;t9ut9 E%@t0 uuuuuEP9 i0 EE9 E;tB39 }9ut(9ut9 9 9 D 7 Y9 U9 juuuuu]9 D$9 L$9 L$u9 D$S9 9 D$d$9 D$[9 U9 9 USVW3;t9 ];w}j^0 0WWWWW"9 _^[]9 u;u3f0 9 f99tAAKu;tf0 AAFFf;tKu3;uf0 &j"Y0 9 SV9 D$u9 L$9 D$39 9 D$9 A9 9 \$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN39 ^[QL$+YJQL$+Y49 U9 9 ER]9 U9 5R"!Y& tuY& t3@]3]9 U9 (0
Ansi based on Dropped File
(~WRD0000.doc)
8]u!EtD }#;u|EtvuXSuEjPuWuu4PP+D 6Y6_^[jhB3u3};;uj_8VVVVV@Y39u;t9utE%@tuuuuuEPiEEE;tB3}9ut(9utD 7YUjuuuuu]D$L$L$uD$SD$d$D$[UUSVW3;t];w}j^0WWWWW"_^[]u;u3ff99tAAKu;tfAAFFf;tKu3;uf&j"YSVD$uL$D$3D$A\$T$D$ud$D$r;T$wr;D$vN3^[QL$+YJQL$+Y4UE]U5YtuYt3@]3]U(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8` 0F88Dl wS9@ qH $0<=<q9 % C, `MSQ"! P@ & 01 @ @ "S )T a, $$@)1 @ haP7h0F@<Q
Ansi based on Dropped File
(~WRD0000.doc)
8`0F88DlwS9@qH $0<=<q% C,`MQ"P@&01@@")T a, $$@)1@haP7h0F@<Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8A]ju& YY]U9 W9 }3`E8t39 _9 U9 ( 30 ESV9 uWu9 }M*EP3SSSSWEPEP0 EEVP(Eu+u8]t9 E`pjX/u8]t9 E`pjEuEu8]t9 E`p39 M_^3[ 9 U9 ( 30 ESV9 uWu9 }M)EP3SSSSWEPEP0 EEVP(Eu+u8]t9 E`pjX/u8]t9 E`pjEuEu8]t9 E`p39 M_^3[WVU339 D$}GE9 T$0 D$0 T$9 D$}G9 T$0 D$0 T$u(9 L$9 D$39 9 D$9 9 d$9 9 d$G9 9 L$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN+D$T$3+D$T$My9 9 9 9 9 Ou]^_ @s s9 3 33jvY9 U9 9 E9 M%#Vt1W9 }3;tVV=YY0 ! j_VVVVV0 8v9 _9 uPu& t_=0 V=YY3^]9 U9 htY9 M0 A& t
Ansi based on Dropped File
(~WRD0000.doc)
8A]juYY]UW}3E8t3_U(3ESVuWu}M*EP3SSSSWEPEPEEVP(Eu+u8]tE`pjX/u8]tE`pjEuEu8]tE`p3M_^3[U(3ESVuWu}M)EP3SSSSWEPEPEEVP(Eu+u8]tE`pjX/u8]tE`pjEuEu8]tE`p3M_^3[WVU33D$}GET$D$T$D$}GT$D$T$u(L$D$3D$d$d$GL$T$D$ud$D$r;T$wr;D$vN+D$T$3+D$T$MyOu]^_@s s333jvYUEM%#Vt1W}3;tVV=YYj_VVVVV8v_uPut_=V=YY3^]UhtYMAt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8fME^M UP3GWSL9 ;tP=u#VTVX9 Mt; 9 WMx@MSSM`NEPMECPM@EeME^M@ V;t#VTVX9 Mt; O9 WEE@9 0 tP(gMWEPM" ;tEPME;uEPMPM0E
Ansi based on Dropped File
(~WRD0000.doc)
8fME^M UP3GWSL;tP=u#VTVXMt;WMx@MSSM`NEPMECPM@EeME^M@V;t#VTVXMt;OWEE@tP(gMWEPM;tEPME;uEPMPM0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8K9a9m9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8L8S8Y8 888888N9X99:;+;2;9;@;G;N;U;\;c;j;q;x; ;R; ;;Q>0 ?? ?" ?"!??????????a01<1C1J1Q1X1_1f1m1t1{1 10 1 11112*2/244P4_4"!444.5a5 555-6`6 667!7a77748<8Q8888
Ansi based on Dropped File
(~WRD0000.doc)
8L8S8Y8888888N9X99:;+;2;9;@;G;N;U;\;c;j;q;x;;;;;Q>??????????????a01<1C1J1Q1X1_1f1m1t1{11111112*2/244P4_4444.5a5555-6`6667!7a77748<8Q8888
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8M9T9a9g9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8M^U(SVuM`u3;u*7SSSSS8]tE`pBFFEPjP4muEPSSVuYPEVP@8]tE`p^[UjueYY]UES3VW;t};wQ7j^0SSSSS<u;u8tBOu;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8uB;r9 D$A0 9 D$`0 ySu30yVt&9 q& t9 D$9 ;s9 q9 X; r`B;Qr3^[9 I9 9 9 L9 t$0 @0 3@U9 QSV9 W9 ~3wO0 }9]t\9 F;tQ9 L9 F9 9 |K& t:jhwh`rjW& t9 9 R9 j9 9 F9 M9 d9 }& u9 F49 FY0 ;u& 9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
8uB;rD$AD$`ySu30yVt&qtD$;sqX;r`B;Qr3^[ILt$@3@UQSVW~3wO}9]t\F;tQLF|Kt:jhwh`rjWtRjFMd}uF4FY;uF;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9 9 G9 Wu guf& Z9& ~0 & ~@9 ]V4k`" Y0 & j& t0 & 0 S9
Ansi based on Dropped File
(~WRD0000.doc)
9 EE9 EES9 ]W9 =t9 )PS0 E9 E0 Et }}<~|t }} }}PS }& u=m9EtEEEEhEP}tP}fPS t uS_[^j`U;9 9 E+EM P9 E+EPv9 }3W0 u jW0 E0 E0 u9slt$P0 EEPW us|E u9 P;t@9s|t#9uu9 tEVPWM <EVPWM d0 ;uA9uu9s|t)VVE P9 ;t&EVPWM 10 ;u9sluE+9 L& uuu9 u9 9 }uW uWMM u9 E}:Ul$ 30 El9 ExSVW0 ES9 E|j9 0 E 9 0 E9 =Puj0 EE jPbD~9 & tBhEjP>DjdEPv9 & t<EP9 hE PVEhE P9 *P9 Pu uuu9 ER9 MS0 9 M 9 E0 9 Ml_^3[53pU9 VjEP9 & tEEt9 E+E0 E9 E9 M0 MEt9 E+E0 E9 E9 M0 MjEP9 A^U9 QQeeVEPEP9 uEuEu9 i^U9 QQVEPEP9 u9 uu?^9 30 H0 H0 H0 HV9 ~u9 P9 j9 P^V9 ~uP9 F& t>W9 = jjP9 F& uv& uPjvv_fF^9 A& uP9 A& uP U9 V9 & tEW9 }Wu9 vuuW& t& tV & tV _^]3@VW9 |$9 VjW 0 ~3_@^3@3@3@3@9 D$0 A9 A3+t8HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
9 WWvjPM0 }zMMSV9 *9 D$f,0 F09 ^9 D$0 A,9 D$0 A09 I& tP zU4jP*h9 EPs@ u@ u$0 E4u u@ Pu40 E(30 E9{,tE0]WWMWh0 M0 }E0PEPM~ 9 E0u}@j0 EjEPu4M%MM39 E0sH0 E9 VEPu4 V9 59{t
Ansi based on Dropped File
(~WRD0000.doc)
9 Aaix0<~B$sS/DrPU n aQj71-ROM2& NgUejzd8xEv1 z`]9 fv YI8VAwX1 0 0010UUS10U
Ansi based on Dropped File
(~WRD0000.doc)
9 ! 9 uj~EPeM& uTMMEMEuMh9 PVMMEMEMMjEPZeMJ& t3MM9 MNMESMEouMh9 PVMaM9 E#ME j|~EPeM& tj^MM9 %MMEME9 EPhMHPVM jY& u0 M9 u<}9 0 uMEtMEZvj}EPeM& t3MMl9 t~MMEME(uMh$9 PVMM9 EME j5}EP~eMn& t3MM9 }MrMEwME uMhH9 PVMM9 EGME- j|EPeM& t3MMB9 J}MMEME9 EPhHMmPVM& u!E9 uMEME 9 j|EPMeM=& tj<^MM9 |MBMEGMEc9 EPh MPVM& uE<9 u,;
Ansi based on Dropped File
(~WRD0000.doc)
9 & j9 FhF<jPv`]& & Yv`jW6& @~<)~X ~l9 0 ^0 ~t)e& v!9 EPFpP<YY9 ME9}r9 F|9 N;v9 & v%9 V<`W)F\+)F|0 N0 ~u: & ~dua9 F9 ~;s9 3& v9 N`9 V@;r9 ^WSvPu)~\)~)~~~}0 FP9 F\0 ^& uT9EtO9 EG9 F9 ^0 EFjP9 ~+Wu0 EvP)~\}}0 FP9 F\t4& t0}u6~! v}u&9 E$& t3j X9 E& t9 E[^_U9 V9 >uf~u`uy}ujjju` u<EPuuu3& u9 EP 0 %Y^]U9 30 ES9 ]V9 u& tS ujSX f& 9 9 f/tf\u9 BB
Ansi based on Dropped File
(~WRD0000.doc)
9 & UMFeWMe^& t8MFwDMWE QGPM"BM8MEF9 QWMYMF9 & O4
Ansi based on Dropped File
(~WRD0000.doc)
9 & `p9 & 9 M_^3[=9 :9ke" 9 U9 V9 u& vT%vL%vD%v<%v4%v,%6%%v %v$%v(
Ansi based on Dropped File
(~WRD0000.doc)
9 & `p9 & 9 M_^3[KVI
Ansi based on Dropped File
(~WRD0000.doc)
9 & t#EP9 ZP9 EME59 M9 F)U\j<5H& 0 M\EP<3M0 ]`SMTE9 MlECz9 3;}EPM 9 MlVEPEMDE`MEPh@M >M4hE4PE 9 0 e0PEMT;tsM4& ug9 M\E4PEPPMDEME.MD& u hhMD9 MhEDP9]pu
Ansi based on Dropped File
(~WRD0000.doc)
9 &0 EjREM;Eu
Ansi based on Dropped File
(~WRD0000.doc)
9 '`Th[*zDG;GIF89av h& ! a}x" & v" u S `xSt 0 } } y!v, v & ! 0 `9 & e*p2#L$ Vr;fjiZlK+aNoX^OAB(6P-M:D&g>=C m_n%1"[h]k0JT<,8734@GHQtcR/p0 9E"Q01B#;)~Th} ;GIF89av h& ! a}x" & v" u S `xSt 0 } } y!v, v & ! 0 e*p2#L$ Vr~x~;fjiZlK+aNoX^OAB(6P-M:D~&g>=C m_n%1"[h]k0JT<,8734@~GHQtcR/d9\rbN A R.uR PhP`U*1EG;GIF89a~ov r |rl|^! hyR: 9 }dt aqxeynrsku& p hqxvj& `|9 ! 0 }j: M j!,H A,@<@FtPrP ,%>!G9 (v 3 9 `$1\a1\!QxQcYS H1TlLy!" a!0P |"nF#-|!A:]XDa9 *$m(H DSN;GIF89a` ~ x R} }~ : x 0 }0 9 a q!`,H`@ "qO)X P
Ansi based on Dropped File
(~WRD0000.doc)
9 +j<*9 0 u~PFFdF$FFF F F$l$FXF\ Eg9 E& t9 PQ9 E$M9 9*\DP<9 L$yt9 A& t
Ansi based on Dropped File
(~WRD0000.doc)
9 0 9 @0 F9 ^]9 U9 9 f9M aSuMT9 M9 Q3;u9 EHfw aV9 f9u^s)EPju- & Et99 M9 0 fqMjQjMQPREP & EtE8]t9 Map[9 U9 ju<YY]9 U9 9 f9M aSuMR9 E9 H3;u9 EHxfwaf9Us)EPjui & Et=9 M9 0 fpEjPjEPhQEP & EtE8]t9 Map[9 U9 ju<YY]9 U9 SV33W9u 9 ];u"]]VVVVV9 };tuM 9 E9pu?fArfZw fArfZw CCGGMtBf& t=f;t6EPPEPPCCGGMt
Ansi based on Dropped File
(~WRD0000.doc)
9 0 ejh 7S9 9 VjV:m9 9 j~mK<9 jhP9 u3M9 MQ9 EPM9 E;tEPMg9 9 0 A9 9 @3;" A%RQ9 9 9 9 9 Vl9 9 WEP! s9 }9 w+79 9 EPEPRs9u|0 u9 juVw7pS 9 E9 MGEPri3& tQ9 9 l9 jp0 MEME" 3GMM" 9 j0|%%
Ansi based on Dropped File
(~WRD0000.doc)
9 0 ejhTSh9 N8WWj 9 N8h9 N8j& 9 9 N8PO9 }L[& u1WM
Ansi based on Dropped File
(~WRD0000.doc)
9 0 R0 PMEj9 j>e9 0 u19 N8E& t
Ansi based on Dropped File
(~WRD0000.doc)
9 0 u#~9 j9 EP^9 : 0 E& ~7e& ~!u9 Z#& t9 j9 E9 E;E|ju9 j;*OE*9 E"#
Ansi based on Dropped File
(~WRD0000.doc)
9 0 u9 N30 ];t9 j~9 0 E& ~S9 & t9 j9 C;]|fM9 F@V9 ! & u9 ^V9 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
9 0 uFFdF$FFF F F$lFP$FXF\ |9 G9 WPME"%MJ9 X& t9 0 S9YMZ9 GWPMEPM t}Ev}Eg}E9 EM9 "!l$8l$Rl$}l$ pl$Pkl$^l$ l$Jl$;PJl$+l$$l$l$l$Xl$Pl$l$l$wl$ jl$l$l$l$?l$ l$ \ l$Xrl$el$l$$Vl$Gl$Pl$l$l$!l$ l$ l$xl$" l$l$$l$Xwl$jU9 9 EV3& u
Ansi based on Dropped File
(~WRD0000.doc)
9 0 uhp0 eN" ;~$9 Eu9 Ev9 jX.9 0 uN$ENE]DM9 @0 \V9 9 WP9 & t+9 & tNQ9 I9 j9 NS<@_^U9 QeQ9 MRM9 Ej& .jD/Y9 0 Me& t9 3Mjh(M IjjEP9 E> & u& t9 j9 3MMC9 0 $"!& tt$9 h,j .& 39] 9] M:M0 ]:9 ME& vw9 MSx9 & EPh 9 9 EPh9 #tXMX;& uLM=M=9 MjEPEP#9 MC;r0 ME BMMB3@MEwBMMkB3sV9 D$tVY9 ^|$V9 u3(N$ & th(9 %& tPt$9 ^jP.69 M! ejh|9 MGME89 MEX& hx9 "!9 & hh 9 9 & EPMf& E9 0 ePJ9 5h49 A9 & EP9 & tqM9& ueE9 0 ePJ9 h 9 & t=P9 & t13FME@ME@MM 9 9 M& t9 j3VW9 9 & tV9 #_^j!/9 0 u}^39 0 }DX7MEcN5pMEXjJMX3h9 f0 F$-BM0 ~(0 ~00 ~,ME0 F40 5lM0 ~80 ~<EMEM9 U9 (SV9 E^P9 @7Pv(x & unWj(3EWP9 F(hWEE0 }0 }0 E0 } j0 E9 0 E0 }60 EEP| f;f0 F$_u33@^[jP/ 9 9 u& u39 Hu9 O0& ttnA& ukjmY0 Ee& t9 NQv9 D9 3Mj @Y0 EE& tj9 `39 MPj0 H0 p5(w3@j0! /9 9 E3+ H H H H HtH& 9~, j Y0 E0 };t
Ansi based on Dropped File
(~WRD0000.doc)
9 59?4(?%?7$ =?.3))0B&$%+!DF8> -FCA;GIF89aYYYz { x}x~y : ~ w!, *0^ ! ! E5 N[ : 2O`8)<?UW@:=+]&#M19P7
Ansi based on Dropped File
(~WRD0000.doc)
9 9 +9 M+M0 E0 }3}9 E9 }+9}0 U}9 u0 }9 u0 }9 };}0 }0 }9 U9U~0 U+0 U9 U9U~0 U+U0 U20 E20 M9 9 9 9 uPjEP9 9 p9 )E9 )EEEjEP9 {9 9 3Et9 9 & tQjs0 MM +V9 3jP0 F0 FFP59 ^aU9 (WEPW5"!x & ufVj(3EVP`5 0 E"!h VE0 u0 u0 E0 u j0 E0 EEP0 u0 }| ^f& u33@_U9 9 EV9 P0 F& u39 K& tSWEPv< 5"!9 ]9 }+]+}9 jv9 SWuuh h|9 hh39F SWPPR SWjj0 ER 9 }jPWW0 E 3CSWvtW9 =u9 j9 PvSjjdjv~W Wv 0 ^9 _[^U9 V9 f\;Fu`v& t0EPv< 9 E+EjP9 E+EPuuvS f9 ^|$V9 u,\Pv& tvS
Ansi based on Dropped File
(~WRD0000.doc)
9 9 @9 PR,W U9 V9 u~wW 39 9 @3f89 0 UURP0& |}9 9 It3f0 ^]U9 V9 u~wW 39 9 @3f89 0 UURP4& |}9 9 It3f0 ^]U9 QQ9 ES3V9 ; 9^@u9^D 9 URP0 ]QH& R9 E; URhr0 ]9 P& R9] 9^@tCWjY;t0 X0 9 3Whru9 & tWND/;tWY_9^DtY9 E;F<uQ9^(uLhhpjQ9 EUR0 ]9 P & |!9]tF$Phru9 9 E9 PQ9 E9 PQ9 E9 PQ^[U9 Q}u3& eV9 uW3& u9 q<& tk9}u,9 MQVP|& uf}tQ9 MQV& |}u:9 MQVPH& |,9 E& t%u9 hrP& u3G9 E& t9 PQ9 3_^U9 Qy<t9 A<9 URP & |9 E3U9 QVuEj3P0 u'& tB9 E;t;UR0 u9 P & |9utu9 MFu9 E9 PQ9 3^U9 QQVW39}to9y<tj9 A<UR0 }0 }9 PQH9 ;|Q9 E;t9 URhrP9 9 E;t9 PQ;|)9 E;t"9 u9 VPQ$& |9>t3G9 E9 PQ9 3_^U9 V9 u& u@ 9h|ruKfYY& t9 M& tA3Q0 3Vuu!^]U9 V9 9 F<W3; 9 UR0 }9 PQH& |z9 E;tsURhr0 }9 P& |U9 E;tNUR0 }9 P 9 E;t.9 }9 S9 ]9 R9 RP & |0 ^P0 ~T9 E9 PQ[9 E9 PQ9 E9 PQ_^V9 t$9 & t3&jh9 q" uPh9 _" @@^j>59 9 F<& t(PMmvle\VMMM]V9 t6W?t)h|9 hjN7_^U9 QeWEPu0
Ansi based on Dropped File
(~WRD0000.doc)
9 9 HS3f9 0 ]9 H0 M9 H(;t9 I0 M0 u9 H80 u;tf9u
Ansi based on Dropped File
(~WRD0000.doc)
9 9 W9 REP< EP9 uuuuu hWZajj9 SWj0 EPW0 E9 E@P9 E@P9 EHP9 EHPW uWuWS9 h 3PPWuuPPu uWuW_^[9 D$HuV9 9L$u/&^3U9 V9 u& t"9 FURPl@S& t9 M9 VP\3^]U9 S9 ]V9 ;Pxuuu9 9 Wt_-t9
Ansi based on Dropped File
(~WRD0000.doc)
9 9 }3; 9^8 M9 M0 ]9 jh|9 MERa9 MQ9 EP,;u
Ansi based on Dropped File
(~WRD0000.doc)
9 9$9(9,9094989<9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9 9$9(9,949L9\9`9p9t9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9 90949D9H9P9h9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9 9D9d9l9t9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9 9M}9 Mk9 W\0 DE)v0 EuwdSUY9 ]9 }}tj9YSUYt
Ansi based on Dropped File
(~WRD0000.doc)
9 :"! 2v! /P+pA/M Yd R'<9 gRqt | `r7S Clc|w\sY K0 $B& 'n-?S4o<3
Ansi based on Dropped File
(~WRD0000.doc)
9 ; $SSE(PM3; Mb9 0 MH; hxg0 EL;u*MEM]MM( 9 TM0 ]TL& : uTMf9 ;tv9 ;~k9 ML<`9 MLjh|9 h\9 Nj9 MLV"!d9 ;t>jWhR9 l9 MPWE8PyjE8Ph`R9 ElM8EETMKL9ET eu`9 MH3F_M}
Ansi based on Dropped File
(~WRD0000.doc)
9 ;E~E9t9 0 E0 E9 0 E+0 E3Mu9 2
Ansi based on Dropped File
(~WRD0000.doc)
9 ;t9 1C9 9 6VP*Y9 _^V9 D$tV5*Y9 ^VW9 |$9 & u9 ~;wP9 & t9 3_^U9 QeQ9 M9 EU9 QeQ9 M9 EU9 Qe,Q9 M9 EVj9 9 D$0 FhU9 ^V9 hU+D$tVq)Y9 ^jBT(9 0 u=eNpUfff9 (jk(9 0 upU9 N3@0 E& t9 PfNEM9 `=(V9 D$tV(Y9 ^U9 Qe}VE9 Pu Ut}^f^0 F9 E0 F9 ^U9 Qe}VE9 Pu Utc^L^0 F9 E0 F9 ^je]& tt$9 t$r3jG]& tt$9 t$}3|$V9 u3#)jt$0 FYY9 H`3& ^V9 9 F& tPR vf^U9 SVW9 uEPu 9 3; Su 0 E; Su P 9 ; uj 0 F;tP ;thuSPF:EPWv0 }$& & u=WuY0 F9 EY9 PQ9 F;t9 H0 x;u3@'9 N;t9 j0 ~vR v0 ~3_^[]V9 vxUq\D$tV[9 ^U9 ``Ujlt%9 0 uUe! M9 U}"&U9 QeVE9 PvD\& t0 FjF[& t9 v9 MxU0 H0 p3^V9 U'D$tV%Y9 ^V9 ]D$tV%Y9 ^j! l$9 0 u~9 U;3j
Ansi based on Dropped File
(~WRD0000.doc)
9 ;tSMMTETP9 EMTv; M<WETPE<P9 EM<Wv; 0 ME<PEP9 E0 M,v;tVMM,EE,PEP9 E;tE,PEPEP9 M,EzMEMEM<EMT]MM9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 ;v+A;MXr9 Ex9 3B40 UX! e9 Ut9 U@ " X0 E00 9 Ex0 09 E@& t09 u<9 }00 t& `ELE%M$9 M9 9 J9 U$++0 0 |9 El9 M00 9 E 9EH$3`EH9 M\*E%9 E|9 ED;rE$79 ;E`s= `M$9 +E`9 Mh` PM$9 Md9 <ED9 MH9 E<3+F9 ;EXs9 M09 U$0 9 0 y;EXr39 M9 u<3@3& u33@9 0 u<H#9 9 E@;L& t+]L3F9 HN#u<;t& u0 E@9U8& /EHE,9 EHE;E4}9Ut}4tjjX3[_^PU9 QeV9 ujjv(V 0 E& ujXWSPEPuuujjjjuI9 (uFSLt9 E8u
Ansi based on Dropped File
(~WRD0000.doc)
9 =9 ;}$k9 ~\d99 =9 B;|9 ]9 9 ~d=}uFd^=uFdN= uFd >= uFd& .=uFd =uFd = uFd`vdjY0 ~d`Q9 EY0 F`[_^9 U9 csm9Eu
Ansi based on Dropped File
(~WRD0000.doc)
9 =|PvFj9 & tCvv99 N & t9 W& t9 N 9 WP9 N`& tW& t9 N`9 WP_^jh39 9 Ej Ht\H& MR?veEPMR E9 0 ePE9 M9 EsMMRv9 ~t3@ 9 N& t9 PXh,Y9 0 ME& tf`3vM9 0 F09 Njjjvt:M uME3& QM9 MMfu32jhX19 39^`& NMR)u0 ]3}M0 ]KEPMER; , PMPjhh~M9 %EPEPMREMME)M9 MEa& & 9 MR60 FdM;twEPy& u3j .+Y9 0 ME;tjv3PS5(v-h*Y9 0 ME;tWEPEP"!30 F`9 ME89 MEhM]&>MMRs[1j.v09 f`6j {*Y9 0 Me& tjTu3Pj5(v1j('030 ]9]t0 EM j5M0 ]xEPMEIM]j59]t!MoEPMEE "MNEPMEE"!EEteM?E0 ]tM.MM5 ,0V9 D$tVF0Y9 ^9 D$V& t6y@u09 I & t%9 p& t"vVRVp~99 ~V0Y33@^9 I V& t'9 D$9 p& u3@Vp89 V/Y3^V9 9 N`& tjvjv*^j\R.9 0 }9 u& ~ MqeMR& u9 VW/YMj5MEEPMEK"!M9 E& t9 V/Y"ME~E 9 N9 URP& 9 N9 Pl& eEPMD4P9 M9 M& t9N0 E& 9 MU9 MP9 S9 M& t9 jejj'Y0 EE& t9 N9 Pt9 MPEP39 PME0 EP9 S9 }`u}tV9 E9 O`& tVA& u9 `V-YMEME}MM)p-9 D$V9 & t"~@u9 @N$9 PR& tP9 33@^j)t,0 M9 E3; 9Y@& 9 x; 9Y& 9Y& 9 9 h
Ansi based on Dropped File
(~WRD0000.doc)
9 > >~>>"
Ansi based on Dropped File
(~WRD0000.doc)
9 @& u@]3]9 U9 Ve9 u;ue9 N0 ^]d9 9 H;t9 xu^]&z9 N0 H9 U9 eM39 M0 E9 E0 E9 E@E0 M0 Ed0 EEduQu"z9 9 Ed9 Pd5D$+d$SVW0 (9 3PuEEdPd5D$+d$SVW0 (9 3P0 euEEdPd5D$+d$SVW0 (9 3P0 EuEEdPd5D$+d$SVW0 (9 3P0 E0 euEEd9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 [:&.;GIF89a]}|~9 : Gxt!],& ]] 9VTM 7B;-<]QK'A]>L5/I=S3
Ansi based on Dropped File
(~WRD0000.doc)
9 ]3;u/ [VVVVV; }t9 E`pW9 };u/`[VVVVV }t9 E`p9 E9pu:fArfZw fArfZw CCGGf& t8f;t1MQPMQCPCGGf& tf;t+ }t9 Map_^[9 U9 V3W95Tuo9 };uRZVVVVV0X9 U;tfArfZw fArfZw GGBBf;tf;t+Vuuc_^]9 U9 uMkE9 M9 0 A% }t9 Map9 U9 juYY]9 U9 juYY]9 U9 QSV9 3;uYj^SSSSS0 0H9 W9]wYj^SSSSS0 0$9 39]f0 " @9EwPYj"9 E"w0 ]9 9]t]j-Xf0 NE9 9 E3u0 EvW09 Ef0 AA@30 E9]v;Er;Er3f0 3f0 IIf9 f0 If0 IGG;r3_^[9 U9 }
Ansi based on Dropped File
(~WRD0000.doc)
9 ];GIF89aQ "!x9 } xSx: !Q,~ QQ& '/-#KE< !4H,I=9Q7?+%*Q JPA20Q;>"L61@MO(N
Ansi based on Dropped File
(~WRD0000.doc)
9 `39ttyVVVVV t
Ansi based on Dropped File
(~WRD0000.doc)
9 `ML%;]u }
Ansi based on Dropped File
(~WRD0000.doc)
9 C& tPMu9 ! P^[9 _]& t7& t3V9 0;t(W0 8Y& tVE>Yup}tVYY9 ^3jhEy
Ansi based on Dropped File
(~WRD0000.doc)
9 C& tPMu9 ! P_^[]9 U9 W9 }& SV9 5 W9 ! & tP9 ! & tP9 ! & tP9 ! & tP_PE{h}t9 & tP{t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$0 A4V9 9 F& tQS9 Wp9 =& t9 Fjt$jpv& tD$j51N, QPjv_[^9 D$0 A,9 A& tI,jQjPU9 (SVEP9 9 ]PSx & uhWj(3EWPNhWE0 E0 }0 }0 ]0 } j0 E9 0 E0 } 0 EEP| _f& u33@^[W9 w& t5V9 t$& t)Vw< & tG(9 )9 N9 )N9 F3@3^_|$VW9 =0 9 t%jv~$t=9 F& t6p& t)jjv9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$39 9 D$& t9 L$& t9 I;T$t& u3U9 QQSV9 9 ^& 9 F& x9 V& 9 MW9 9 0 ]9 9rY^3jZ9 Q!}Y0 Et!9 N9 QuPu9 E9 NM9 V0 `9 N0 E0 9 F9 9 M9 U0 9 U0 Q9 N@0 F_^[9 30 H0 H0 9 9 D$;r29 I`9 AV9 9 F& tPYff&^9 D$V9 ;FrQ@~0 FuPVv0 FjP.WP<v9 jW6vWv~ 0 ~_^9 A& tPY& t33@V9 ~u3D& u9 SWx3jZ9 Q9 Y& tWSjvjt$$ _9 [^V9 FP 9 ^Q Q Q9 D$V9 0 & t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$39 D$& txv
Ansi based on Dropped File
(~WRD0000.doc)
9 D$3V9 t$& t&~t 9 N9 P & u9 N9 & t3@3^j<M\a9 E9 H9 eURP& tKM: & u?M[EPMEmEMu[MM$3@[MM3j/0 M9 }& j 1Y0 Ee& tj9 ~]0 EeMjtY0 EE& t9 9 39 MV9 P9 N$Q9 P9 9 0 F PNuN49 M3& v8^D9 MWEP& P9 E5MM)9 MG ;rh0N\#9 EP0 p9 Ej5(DV9 9 W9 |$& t;t 9 F+G_@^V9 9 & uf9 & t9 39 N;HuM9 F^SV9 39u69 F8Xt9 @0 F8Xt<^[9 8Yu9 9 A8Xt0 N9 N;u0 F9 @8Xt9 N8Yu0 F^[U9 9 EVu9 0 9 E0 F9 EN0 Fg`EFF9 ^]VW9 |$W9 H9 G0 F_9 ^SV9 39u! 9 F8Xt^[x9 H8Yu9 9 8Xt0 N9 N;Hu0 F9 @8Xt0 F^[SV9 39u89 F8X!t^[)9 H8Y!u9 9 8X!t0 N9 N;Hu0 F9 @8X!t0 F^[9 D$9 L$;t
Ansi based on Dropped File
(~WRD0000.doc)
9 d}& Fpt"~lt9 pl& uj Y9 ,yj`YeFl9 =Hi0 EEj[Y9 u9 U9 uM.k9 E& ~9 M9 Jf9tAA& u+Hu uPuuu }t9 Map9 U9 f9Eueef9EsE9
Ansi based on Dropped File
(~WRD0000.doc)
9 E 0 w0 W9 M_^3[}$z*>"! 9 U9 t 30 ES9 ]VWu}f9 U9 #0 ]EEEEEEEEEEEE?ER0 Mf& tC-C 9 u9 }f& u/& u+& u'3f;" $
Ansi based on Dropped File
(~WRD0000.doc)
9 E& t3& " Wh,V& PMMR"9 hVj3 j4=N 9 0 ]u9 MPh|Vj39{uh<Vj`3ME0 }uME9 ;uhVjNME9 M93f0 MPMFl9 C9 WPE 9 C9 WP 9 C9 UR9 uP f}te& tPhh|jeEPMEMHM5/jMEi5Ph`h|j eME/M#9 ]39u& 9u : MME9 MhEPE$PM;t6EPjEP9 ?0 E;t29ut-9 0 eu)9 9h4h|jME[ MMu39uh " h|& P9 E1 jBJ" 9 0 ueNfff9 " jkN" 9 0 u9 FE& tP" YfNEM9 }" 9 D$VW9 |$9 & wWJ"!YP0 F5Y0 F& t39Fv`89 N@;Fr_^9 U9 QW39=@t3S9 ]V9 ! P9 Puuh(VjbEPEPWh?WWWuu( ;tPhB9 R& u9 *uDP9 Pjh|9 uWuu4 ;tPhX3" VAAQ3u$ h|Vj3@^[_U9 QVuuhVjSEPjjuu0 & uu$ h|Vjk3@3" PhVAAQL3^U9 QQVWuuhVj#EPj3Wu0 }u0 ;t3" PhhVAAQ3:WWWWEPWWWWWWu8 & uu$ uhDVj9 E_^U$` 30 & S9 & 9 SV9 W9 PWVhSj0 E 0 MU30 E 9Euh@Sj;3MRQjPWV0 9 3;urhE"!WPESEPEPE PWu EuR, 9 ;u#} tj
Ansi based on Dropped File
(~WRD0000.doc)
9 E'P9 MEh"!9 {MP9 kW9 cME}9 MC0 ]E; Jh"!9 7h9 +9 YQj~frP9 0 uuN |e9 9 "QV9 D$tV<QY9 ^j~fP9 0 uuN )9 Eej0 F
Ansi based on Dropped File
(~WRD0000.doc)
9 E)EE C(EP[x0 uAj0 EVC0PM9 CU9 H]E]E]P0 E 9 C9 Hf9 K9 IVVUR0 EEj& } 19 E \$E & } 1\$ET$$PQ9 ~70 E`Wdu9uuuVVuuuuuu uuuu39u_ 3^[U9 (SVWu9 0 E9 F3; 9 }; UR0 ]0 ]9 PQ9 F9 URPQEt'9] u"9 MWQu9 MuSuQ9 wMQ9 MWQuuSuuw7u9 v9 VP 3; 9 Z9 F; 9X Et!u 9 uuuuuuYuM_F(E^xP0 ]Ej0 ESF0PME9 F9 H]E]E]E]P9 9 F9 Hg9 N9 ISSUR0 EEj& } 10 }\$E& } 1\$ET$$PQM~u& uu 3@Xun9tE9] u"EtSu9 uuuuu u 9 uuuuuuu3_^[U9 SVW9 }39 ;u39 F;t& & 9 N9^uF0Pt3vvDv@+59 0 F; 0 9 N0 E9]^$t9 G+0 F 9 G+G0 9N 0 9 ESQ9 0 9 F9 ;~
Ansi based on Dropped File
(~WRD0000.doc)
9 E0 w0 W[9 M_3^` : r 0 u x 9 U9 S39]u `SSSSSS("!V9 uW9 };t!;u0SSSSSS'j0 E;w0 }uEuEBu0 uP0 uU0 E;t4;|"Mx9 EEPSYYt9 E39]\>HH_^[9 U9 S39]u : SSSSS;'[V9 u;t9]w
Ansi based on Dropped File
(~WRD0000.doc)
9 E3SV9 u3W3]0 ]t2uKSh jSjh u9 u3 9 }]EjSSW` " Ej s}Y9 t#}t9 E0 F9 EF^0 F0 ^0 ^*`EF`EF0 ~^0 ^:tjSSW` 0 F9 E0 9 _^[V9 t$& u^ ~tvXVlzY3^9 D$ 8t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 M0 f}uE9 M0 j(Q<A,f9 Ef& u9 Mj3@fu
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 M9 & uKuW<9 & u;P0 E@& t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 PQ9 9 uV9 t$jh29 (& t(jh29 (& tjhS29 r(& t3^3@^|$t|$t33@V3& uhhLtjPhlt,& 9 9 PQ& ^|3@3& t9 PQ& u!!V9 2}9 ^2=tV9 D$tVY9 ^jae eeEPhLtjjhlt,& & 9 EtM& t9 PQ3'9 URuPQM& 9 Eu9 u& t9 PQ9 Vt$9 P9 xP9 ^Ul$ 30 & jRe9 9 3];t0 9 $& t29th9 '& & jh& @SP0 <}h8ESP0 ]k9 "PMu9 E0 ];t9 39 <VQPR9 ;R0 ]9 URh<tPE9 E;t?9 UR<PQ9 ;|;u9 E9 UR@PQ9 ;|;t9 & @0 9 E];t9 PQ;|
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 URPQ 9 E9 PQ9 }uu9 EU9 eVW9 w9 Fw& t9EP9 6f}u9}t3u9 ` ueEP9 MV! 9 E_^9 Mjh|9 ? jAR9 5;E ~w(39u9 G$9 VPQ0& & 9 6MQu0 ]9 VP;|m9 E;tf0 ]9 URP0 ]Qd;|@h$ M> t/jP/Y9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9E(}9 E(0 9 EL& t9 M0 9 EX& t0 8}tuu }tu j9 MEP4MEE0EeMEME3F9 Mjh|9 k0 uME M<Et9 E{cThSh9 30 u0 u30 }0 u0 u0 u0 uVEPEPEPEPEPVjhujh ; EPVVju9 ; uj@ 9 0 }; EPWVju; 9 G0 & l9 G0 & p9 G0 & X9 G0 & \V& TPhVju 0 E;tR0 uVVVVjP| 9 ;t<PJ0 Y0 E;t+SPVVjux & tuuoYY& uEE9 E`39 }9 ];tSt 9utuY;tW ;tSt 9ut
Ansi based on Dropped File
(~WRD0000.doc)
9 E; 9 8X;0 E;|9 E[j@j YY& tV9 M0 *@@
Ansi based on Dropped File
(~WRD0000.doc)
9 E;Eu3MM.9 Lt$jhK9 0 u3N,0 }\ONDEDfj
Ansi based on Dropped File
(~WRD0000.doc)
9 E;Eu3MM9 ]Mj hvLuf9 & t\MeMEPuMuEu& tuMz& t3ME"!MM9 LjUhKu9 & t=MXeEPuMuuN& t
Ansi based on Dropped File
(~WRD0000.doc)
9 E;t0 F3@j d9 }tuuu81<9 & u3Mk;eEPu9 u?& uMMfDMEPME& u^jhx1MJEPEPu9 uER@EM& u&D3MEMMC9 ECMH;P9 j9 Vt$9 jt$jt$ 6" & t0 F3^U9 9 E$V9 & t9 39 M& t9 I3u,Eu(Pu 9 E \$E\$E\$E\$@\$@\$@\$$Q6'& t0 F3^](V9 aD$tVZY9 ^j|=9 {& t9 MY:P9 h9 : MaeM
Ansi based on Dropped File
(~WRD0000.doc)
9 E;t9 R9 U9 $ 30 E9 E9 MSV9 uWP3WWWWQEPEP0 M3q 0 Et
Ansi based on Dropped File
(~WRD0000.doc)
9 E=?sJ9 MsB9 ;r6P9 Y;t)9 UEPWV}9 EH0 53_^[9 U9 0SV9 5W33;u.9 ;t0#Pxu
Ansi based on Dropped File
(~WRD0000.doc)
9 EEEPSYYt"Mx9 EEPS YYt9 E39]f0 D~HH_^[9 U9 uuuuuhR& }]U9 WV9 u9 M9 }9 9 ;v; r=tWV;^_u^_]ur*$" 9 r$& $$(#``FG`FGr$" I#``FGr$" #`r$" I9 xph`XPH9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 9 E^_`9 E^_``FG9 E^_I``FG`FG9 E^_t1|9u$r
Ansi based on Dropped File
(~WRD0000.doc)
9 EEP9 vMM}T9 V9 Q}09 ^0V}@Ul$ 30 & j(co9 & $9 9 0 E9 & (0 E3VPf0 & &
Ansi based on Dropped File
(~WRD0000.doc)
9 EFjHVE0 M9 ]& u3@5Mt9 Ees0 u}jspM9 C$3<9 C j0 EjEP0 Mu}9 u39XtZM;jhxME
Ansi based on Dropped File
(~WRD0000.doc)
9 EH Y]9 E P ]9 U9 9 E8 ;r= w`+PY] P]9 U9 9 M9 E}`QY] P]9 U9 V9 u9 FttvBZf3Y0 0 F0 F^]9 U9 (SV9 uW30 E0 }0 }0 }FFf> tat8rt+wtWWWWW`93S
Ansi based on Dropped File
(~WRD0000.doc)
9 EPEP& } 39& [h0 uE0 uEY0 E0 u;t9 3M9 0 ejh|9 0 .Rs49 9 s9 jf9 u3VVPL9 9 Vh& 9 9 Vha9 9 Vh9 9 V9 9 jK<9 jfPhY0 EE;t9 >3M9 0 ejh|9 0 Sm9 s49 9 Ss9 je9 u3VVPL9 9 SVh9 9 SVh9 9 SVh9 9 SV9 9 Sj_WSK<9 jePhTY0 E0 };t9 Z3M9 0 ej|9 V0 `9 0 ejVE `s49 9 sMh9 u3VV>\j9 0 ejh V`9 9 VVVZ[9 9 h`ada[K<9 hPu9 uf9 9 50 jp9 Sjp9 jpn9 S9 =0 & tp & t
Ansi based on Dropped File
(~WRD0000.doc)
9 EPLWX2Y0 EE& t9 3WE0 R12Y0 EE& t9 3WE0
Ansi based on Dropped File
(~WRD0000.doc)
9 EXEt9 EHE t9 EHE t9 EHE}t9 EHE9 u9 9 E3H1H9 9 E3H1H9 9 E3H1H9 9 E3H1H9 9 E3H#1Hv t9 MIt9 MIt9 MIt9 MI t9 EX9 #t5=t"=t;u)9 E!9 E9 0 9 E9 9 E 9 #t =t;u"9 E 9 E9 9 E9 0 9 E9 M319 EX 9} 9 E9 }t&` 9 E9 EX9 EX`9 E``9 EXP49 H 0 H 9 E9 EX9 EX`9 E9 H`0 H`9 EXPOEPSju4 9 MAt&At&At&At& Yt&9 3+t/HtHtHu( 9 %
Ansi based on Dropped File
(~WRD0000.doc)
9 F& tv9 HF0 F9 FH9 F9 9 F& tM9 HF0 F9 FH9 F9 H9 ;H 0 (FDN9 F@9 F9 ; jX_^][9 9 F9 F& t9 NHF0 F9 0 A9 F9 9 F& t9 HF0 F9 FH9 F9 9 F& ta9 HF0 F9 FH9 F9 9 F& m9 HF0 F9 FH9 F9 H0 N0j=9 F0 (9 FF`4`#9 F3@j
Ansi based on Dropped File
(~WRD0000.doc)
9 F0 U} [& & `9 N,;u"9 F09 V(;t0 Us+H0 E+0 M}uau9 EWV0 F49 N00 E9 F40 E;s9 +EH0 E9 V,+0 U9 V,9Uu9 F(;t0 Es+I0 M+0 U} 9 F9 Me0 E;v0 M9 E9Ev0 EuSunv9 E)EE)E)F& t9 M } peMEC0 Mr9 E%?9 0 F! w! hj Pw(W 0 F& 'mmfK9 M } eMEC0 Mr9 N9 E9 F9 Vm0 `Fm9 F
Ansi based on Dropped File
(~WRD0000.doc)
9 F;Eu3GEWWWjPvHd 9 ;t~0 }uWY0 FE9 F& tPh 9 F0 ^& u3 9 MWjP0 NX9 F0 X9 F9 N@0 H9 F9
Ansi based on Dropped File
(~WRD0000.doc)
9 fjP1& tt$N2^Vt$qj9 jt$9 t$jjD3^V9 N9 P9 ^sV9 7D$tV9Y9 ^Vjj9 9 D$0 F8S9 ^9 AV9 8S D$tV8Y9 ^jf79 0 u^9 @SOeNC|9 W9 EAWN89 Q8j~fl79 0 u@SeNMN8j j779 39]u
Ansi based on Dropped File
(~WRD0000.doc)
9 Fjp_uuuuv ^uuuu ji?9 0 uQeUM9 ?jNT>9 9 }W& u3RjW0 ~9 P9 0 FR\3;u0 N0 N0 M3}EP9 OvE & tEv9 ]9 }+]+}jvSWuuuj{Ph9 P0 F& YMMGGCC~u%j-8Y0 Ee& t9 "!3M0 FvjvSWuuuj9 NPhF9 F9 =jhjp9 9 PXF,jPjvVv^h?zjv 0 F3@N>U9 <V9 q& S9 R W3PPPPPv0 E 9 = & u/ueEPv@ & t%uuuu0 E}t9 F(PPu& t+EPv@ 9 F& tMQp@ 33;uu9 E+E9N t3QjjP9 E+EP0 E9 E+EjjjP9 E+EP(#P9 E+EPQQ0 E9 E+EP9 E+EPjjjju0 E9 juuujju9 }& tjWuu9 tjuv9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
9 Fjupu9 5u& tW_[^V9 D$tV<Y9 ^9 9 L$`0 yt9 A9 PQU9 QV9 >t49 F& t
Ansi based on Dropped File
(~WRD0000.doc)
9 G,+9 E& 59 Me`
Ansi based on Dropped File
(~WRD0000.doc)
9 G,+9 E& e`K
Ansi based on Dropped File
(~WRD0000.doc)
9 h xWjMu9 9MueMM@EPMEM"!uME9EPM-EPjhhME~MQMQPjNPEM9 E& uf}uuh<Wj2MEPME
Ansi based on Dropped File
(~WRD0000.doc)
9 h Y9 0 M30 u;tuuj~J9 M~hWFXPu9 & u& 9 j9 : MEPME%lPNHE^MEW9 M|NP9 ^9 & t@hGY9 0 ME& tuVhS}3u9 PEl9 9 PMM[V9 T9 ^V9 h9 h9 h9 h 9 ^j }9 }9 uWVg& 9 & Sj9 SMf_u69 HPjEP9 )aeP9 ]MMU'9 N& tHvPh9 xR& tjX;h9 cR& tjh9 OR& tjh 9 ;R V9 T
Ansi based on Dropped File
(~WRD0000.doc)
9 h$9 9 O(& zP9 `h$9 `w89 `9 j?]"9 0 ue~89 <%?NXENtE}E~9 E}ENtEfTNtf,}9 jP9 j59 P9 j59 Pf0j
Ansi based on Dropped File
(~WRD0000.doc)
9 H9 U\e9 uVPu9 }WFHtHu4jFPwYYPvSFPwRYYPvSE3@9 e9 U9 }tuSVuV} uuVu ^7uuV9 Ghu@u0 Fu9 KVu(& tVP! ]9 U9 QQV9 u> W t? t9t+>MOCt#u$u uuuuV & & 9 9 }u9 uEPEPVu W0 9 9 E;Es[S;7|G;wB9 G9 O9 H& t yu*X@u"u$9 uu juuuu9 uE9 E;Er[_^9 U9 ,9 MS9 ]9 C= VWEI9 I0 M|;|]9 ucsm9>& ~ & 9 F;t=! t=" & ~& 9 0 u9 RjV0 EvYY& u9>u&~u 9 F;t=! t=" u~u] t|O9 Du30 Y uO39~9 G9 Lhd & u
Ansi based on Dropped File
(~WRD0000.doc)
9 hEPMPMPs Wsus MMi3q!|$+ut$9 P3j! ls 9 0 uUEN E)6MN=!U9 <W9 w8& uSV9 9 3;~F9E~9]& `j8ESP*E9]tEE9]u0 u9 E0 E9 E0 E9 E0 E;u%9]t9 E0 E9]uEPShMw8EPShLw8& t9 E^[_V9 D$tV_ Y9 ^j3PPjPt$V9 9 L$\P9 ^9 & t9 jV9 9 F& t9 N0 H9 F& t9 N0 H|$t9 9 ^9 3U0 H0 H0 H9 AV9 9 F& t19 NW9 x9 F;u9 @0 Ft$0 ~& _ufff^V9 9 F& t19 NW9 x9 F;u9 @0 Ft$Q0 ~& _ufff^9 T$9 D$& u0 A0 A0 Azu0 A9 J0 H0 P9 J& t0 A0 BVj9 !Y& t9 L$``0 3Pv9 : ^V9 9 F& tK;Fut$;;Fut$0+W9 x& u9 xt$9 N0 ~& _ufff^V9 9 FW30 F& tt$9 R& tPpYG~uff9 _^jUV9 D$tV6Y9 ^9 U9 9 EjP ]9 U9 9 E9 Mh@?URE0 E0 MEX#9 U9 9 EV9 9 H0 N9 P9 0 VF& t9 9 QP9 ^]9 U9 VW9 }9 H H H IH 9 M9 ESj Zr9 0;1t|0+t3& x\9 & & ipY+t3& x\9 & & HpY+t3& x\9 & & 'pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & r9 p;qt~pY+t3& x\9 & & IpY+t3& x\9 & & (p
Ansi based on Dropped File
(~WRD0000.doc)
9 HMMEMEj9 0 ejh9 MEZPVME}M9 ESME {jEP;eM+& u2MXEPhMEPMME4MMdn j9! EPeM& tMM+3@2 3CM0 ]EPhM]fPMR& uMEMM9 9 ]jt EPFeM6& t3FMM~9 M;ME@ME\j9 0 ejh9 :MEPVMEM9 EME{j}P EP"!eM0 & tMM
Ansi based on Dropped File
(~WRD0000.doc)
9 HP9 tC& t?W & t40 >%u N@u NhFP\YY& t7F
Ansi based on Dropped File
(~WRD0000.doc)
9 I;t0 M9 HH3;t9 Y9 HX& tf9u9 I& t9 er$fx`u9 @h& t9 URhlrP& }e9 E;G<u9 ! ;Vuh8hjOL9 uMQu9 uuSVP9 [& |}9 E9 9 @t3f0 9 E& t9 PQ9 W _^U9 SVW9 }9 & 9 efxu9 @& t9 URhlrP& }e9 9 @3& tf8u9 @& t9 9 E;F<uSPh8h`j|K9 u9 ~Xt
Ansi based on Dropped File
(~WRD0000.doc)
9 IPt$=U9 SV9 u9 0 E9 FW9 }9 W49 _0 E9 G 0 E9 G0 E9 G0;s+H9 G,+$T= }
Ansi based on Dropped File
(~WRD0000.doc)
9 ix'@2WuYY& u9 MVu& u9 M~un3YFj^ReMp& tMM9x3A9 }EP9 s9 u3MMx9 MhtVj
Ansi based on Dropped File
(~WRD0000.doc)
9 J0 E9t9 F0 E9 E^[U9 W9 9 & u3uue9 URPQ$& |9 E& t0 G9 E9 MS9 ]V9 5 0 E9 M0 E9 Ejw0 ES0 ES0 E 9 ?9 MQSWP(juS3^@[_U9 SV9 u9 F+WP9 9 F+FPNYY9 N9 9 ~9 v0 M0 M3QQQPSuEu0 Uu0 }Pu0 }0 U0 u0 u _^[U9 S30 M9u3VWu 9 u9 }VWu0 E Pu0 E9 M0 EEPu0 ]u0 ]u0 }u0 u#u 9 MuVWSSu& t*9 E9 M0 E0 EEPu0 MSSu0 M9 Muuuu3_@^[U9 W30 M9}u3SWWjWjh u9 tWSS0 EuSX3VPj 9 ; 9 V 0 };tvWMQuPSh& t[9 E;EuSVR EPjV0 }$& & |?9}t:9 uVhsjuu09 E9 PQSX39>" VR VSX3^[_U9 S9 ]V9 & u3EWhx1PS 9 & WS & P 0 E& }WS 9 Wj P0 F WuPB9 =R v eEPjv $& & u*9Et%^ShsjPu0& }#9 E9 PQ~uv v f 33@_^[]j.9 9 N& t9 jjY9 0 Me& t" 3uM9 0 Fb & u9 N& t9 jf33@'j.@9 9 N& t9 jjAY9 0 Me& t " 3Mhx1u9 u0 FF & u9 N& t9 jf33@V9 >t3@^Vhtjjhs,& & |>u3^U9 V9 9 W3;u& t9 ;u3K9 WuPQ& }9 9 PQ0 >S30 }9 9 WURURPQ j| CEu
Ansi based on Dropped File
(~WRD0000.doc)
9 j9 PT39 N& t
Ansi based on Dropped File
(~WRD0000.doc)
9 jf89 N4& tjf4N<ENE{MN{j@B9 9 M@t& & R!E9 9 & tEPu9 y& t9 Eg9 F$e9 89 MEPrPv$ & |B}t<jPY0 Ee& tv09 u3M0 E& t9 Pu9 R 3/j H9 }u3,juM eEP9 MM9 z9 j}N9 9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
9 jf8NlEN<E'NEY5M9 rXV9 ~u3Wvd9 =vvN<9 jP9 rF_^U9 (SWyEP9 Z,9 ]PSx & ugVj(3EVPh VE0 E0 u0 u0 ]0 u V0 E9 0 E0 u+0 EEP| ^f& u33@_[V9 Fh9 F`H9 Nht6Hu&u#vd!Fhv~\u9 j9 ^9 9 ^S9 9 ^V9 9 N8& tt$
Ansi based on Dropped File
(~WRD0000.doc)
9 jf9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
9 jf9 N& t&9 F9 PQf9 N& tf^jT9 0 ueNN$E"!N4ENDEgN\E[9 TjS9 0 uN\ENDEN4EUN$EINE=M9 2<Tj,'WS9 30 }9 ujhTa9 0 }hDa9 0 }Eh a9 ha9 h"!9 9 *P9 h"!9 `h"!9 ~h"!9 rKP9 bh"!9 VhS"!9 J{$9 & u'hR"!9 09 P9 !h|"!9 hp"!9 hd"!9 K4P9 hX"!9 eKD_GT"!& 9 E0 EEPMlhH"!9 EaMP9 `W9 uEPKD9 EP9 `MEzh<"!9 HMP9 8W9 0MEJEKDF9E HeK\0 M9 F& 9 ]EPM0 ]h,"!9 EMOP9 W9 9 MSEP
Ansi based on Dropped File
(~WRD0000.doc)
9 jf^j yu3(9 I9 URP9 MePMM="!3@Dj QZ]9 ~tv9 N9 P& u9 N9 URPe9 MP& M>u9 N9 URPEu-9 N9 URP9 MPEEMM3@3V9 ~W9 |$t9 N9 WPh9 U~t9 N9 WP_^j`Z
Ansi based on Dropped File
(~WRD0000.doc)
9 jf^V9 9 D$0 F^V9 ~t9 L$j 9 N9 ^`^U9 Q9 MSVW9 ue9 9>s}69 M" }t'f*uT9 O;sK9 M@Ps f/u;e3S0Y& u(f/u29 O;s)9 M@PA f*uE9>r}t33@_^[9 ``#V9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
9 jfPM9 Ht$t${Ih )9 39~P& jY9 0 M0 };tl3v@vD9 vH0 ]0 FP l;u3~M+nMEnMEnMEnShXME|EPEPE,/YYMEvShM|EPEPE.YYMEvShM |EPEPE.YYME"!vt /tE^SM;thI|EhP9|E
Ansi based on Dropped File
(~WRD0000.doc)
9 jf} E<)NTE0)M9 d/x9 D$0 jV=~9 9 Ee0 Ft9 E0 Fx9 E0 F|EP} k09 E$MM0 (~ 9 D$0 Q09 0 Q40 A89 D$0 ApU9 9 A& u30MQP< & t9 E& t9 M+M0 9 E& t9 M+M0 3@j
Ansi based on Dropped File
(~WRD0000.doc)
9 jgHY9 U9 VEP9 xW9 ^]xW_" 9 U9 V9 xWL" EtV Y9 ^]9 U9 VW9 }9 G& tGP :t?9 u9 N;tQR-YY& t3$tt9 E9 tttt3@_^]9 U9 9 E9 9 =MOCt=csmu+~3]jh C9 }9 ] s9 s0 u e;ute~;w|9 9 O9 10 uEyt0 shS9 Oteu-Y9 ee9 }9 ]9 u0 u E;utV0 sL9 ]9 u~9 8csmu8xu29 H t! t" uxu3A0 9 3jhC 9 M& t*9csmu"9 A& t9 @& tePq?E38E" 9 eG
Ansi based on Dropped File
(~WRD0000.doc)
9 jI09 0 u}EA}EA}E
Ansi based on Dropped File
(~WRD0000.doc)
9 K9 ju4PPWWWWR Ps0 E, & tsjj9 Su,u4 Su,h WWu4u$u WWu@ uu4u(u49 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 L$S& t3^j 9 9 u& t6}u0M!: eEP9 9 M& uM3!p: Phj_XMM3@ u& t
Ansi based on Dropped File
(~WRD0000.doc)
9 M!^U9 QV9 uWEPVo9 }YY& uEPV\YY9 M& uEPVDYY9 M& uEPV,YY& u9 M9 U0
Ansi based on Dropped File
(~WRD0000.doc)
9 M!_^U9 jju & tuY9 0 M0 E;s0 MSWW~9 Y& uMjX9E V9 E9 M0 M;w0 E9 u+u9 E+;w9 jVu & uRujWSu>GH <Pu |Ku |u |t& }0 E}u9 E9E q^S9 EY_[9 T$9 L$V9 9 0 q9 0 A9 0 A9 N?0 q0 A0 ^U9 XSW9 }30 ];ujaX9 GGVSP7& t0 u*EP7YY& tM}PKtE"!EP7 YY& t0 uEP7lYY& t0 uEP7XYY& t0 uEP7DYY& t0 uEP7tYY& t0 uEPuEP7T& t0 uEP7?YY& t0 uEP7+YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7 YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7xYY& t0 u9 u0 u9]& 9 E;t;;us9 9 ]& v}v7jSPytM+}0 uu`}tZ9 u9 ] ;s9 }tju7& u!EM& v} v7jSutM9 E+9 EE}uz9 ]$& tX9 u9 M(;s0 u0 M& tjP7U& tM& v}(v7juStM}u9 }& tjYu9 E& t9 M0 9 E^_[V9 t$W3;ujaX*9 F$WWWWW0 FWFxPF(PV0 ~3$; 0 N_^V9 t$W3;ujaXF9~ujS9 F@;Ft9 NPNL9 VHWWWWW0 FWFxPF(PL.NV: 3$; 0 N_^U9 Q9 ESV9 uW30 89 E0 89 E0 89 FFxWP63:& tfEP6yYY& t}PKtj"![EP6YY& tEP6YY& tEP6YY& t;u9 F49Eu;ttj"![EP6YY& tEP6YY& t;u9 E;F<tEuj"![EP6YY& t;u9 E;F@tEuj"![EP6 YY& t;u9 E;FDtEuj"![EP6(9 }YY& t& u;~Htj"![9 E8EP6YY& t9 Fx9 MD80 9 E9 M0 9 M9 _^[SUW9 |$33;ujaXMV9 w|;ujaX?9^\u9 FP;FTtj ]9 ;tPo Y0 0 9^@t
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 $& u}~9 j9 P}t9 j9 s89 & ~9 j9 P}t9 j9 KX3Kp3_^[U9 V9 WE~P9 $EPEP9 y$& t%89 E9 P$P9 REPEP9 T$& u_^U9 V9 WE~P9 ,$EPEP9 %$& t u9 aEPEP9 $& u_^VWy9 {9 V9 & tH4& tV9 Ny3_@^j4=ga9 Me~X9 |e0 E& v1u9 $9 & tSMQ& tSNp1E9 E;ErMMt3@aApV9 j
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 & uN$E{MN1Ry5j|Q 49 9 M& & & 9 M& uy!EEPu9 & t9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 W& uNXyNxEYM9 j 89 9 Mh|9 ZNX0 M+~$9 bQ& u4WNV& t'uMQ9 : 9 MeP=`MMX9 M"Q& tL~Tu~49 j9 FT9 Nt& t9 WeEPuN4V& t}tu9 M_9 M 9 MP@Bj$#[9 9 E& u
Ansi based on Dropped File
(~WRD0000.doc)
9 M& u0 uE9]rRFuL@uF9 D9 E+E;Ew1A@u}uFu%9 #9 Q9 R9 `@$#At3_^[9 U9 $9 @9 HMMS9 XVW30 }0 }0 }0 M0 }E0 }; 9 E9 M9 4+E;Ev39 9 M;tQPF)YY& uFu0 u9 E0 E9 F9 0 E9 9 M;tQP)YY& & 0 uF)Y;Eux9 E+E;Ewd }tgG@u}u
Ansi based on Dropped File
(~WRD0000.doc)
9 M9 9hMQMQ9 MVVP$Pj(uWx_& t
Ansi based on Dropped File
(~WRD0000.doc)
9 M9 M9 T$B9 J3 SR2UM }@t 9 T$B9 `<3bS2UM9 T$B9 J3?S2`UMKtM6M8Mbu: YYM}9 MHuYYuwYY9 T$B9 J3R3T9 Ms^9 M9 M9 T$B9 J3 R 3TuYYMC89 T$B9 J3jR39 TMMM" 9 T$B9 J37R4XTuXYMhM`u"!XYMNM7uXY9 T$B9 J3Q(4S9 M9 M 9 M09 T$B9 J3QS4S9 M! 9 Mx9 T$B9 J3tQ4" SMuWY9 T$B9 J3GQ5hSM 9 M! 9 Mxl9 T$B9 J3Q@5/SMIMAM99 T$B9 J3P9 `3P|5RMM9 E e9 M9 T$B9 J3`P5RMX9 T$B9 J 3gP5R|X$ XMRM 9 T$B9 ` 3#P(6DR9 M0[9 T$B9 J3OT6RM8MM(9 T$B9 J3O6Q9 Mg9 M9 M<r9 MljM 9 T$B9 J3~O6xQ9 M9 M9 M<er9 Mlj9 T$B9 J3:O 7[QM,9 T$B9 J3OL78QM3M0 ,9 T$B9 J3N9 `3N 7Q9 M9 MT9 M 9 T$B9 J3N7PM<M,u(UY9 T$B9 J3nN7P9 M9 M9 T$B9 J3CN,8dP9 M~9 T$B9 J3 NX8AP9 MX9 T$B9 J3M 8P9 M29 M'9 T$B9 J3M8O9 M9 M49 MP9 M`9 T$B9 J3 M8OM MMMMM" MMI9 T$B9 `|3$M 9EO9 M9 M49 MPF9 M`;9 Mp+t9 T$B9 J3L 9NM
Ansi based on Dropped File
(~WRD0000.doc)
9 M9 U0 Y0
Ansi based on Dropped File
(~WRD0000.doc)
9 M;t9 jEPEP9 & uR9 ;t9 jP0 9 ;t9 j0 9 };t9 j}Eb }ES }|E
Ansi based on Dropped File
(~WRD0000.doc)
9 M;t9 jEPEP9 : }& uEPP9 0 ]
Ansi based on Dropped File
(~WRD0000.doc)
9 M;t9 jEPEP9 o& uEDP9 0 ]u}
Ansi based on Dropped File
(~WRD0000.doc)
9 M_^3[+9 U9 SV9 u3W9 };u;v9 E;t0 39 E;tvMj^SSSSS0 09 VuMS9 E9X& Sf9 Ef;v6;t;vWSV#L*L9 8]t9 Map_^[;t2;w,}Lj"^SSSSS0 038] y9 E`pm9 E;t8] %9 E`pMQSWVjMQS0 ]p ;t9]& ^9 M;t0 Pz& D; g; _WSVLO9 U9 juuuu|]3PPjPjh@hqd "! "!V9 5XttP|"!ttP^3t@tttt t9 #Vt#t;t;u
Ansi based on Dropped File
(~WRD0000.doc)
9 M`9 M $}9 M9 M9 M9 T$B9 J3imR`oMMSM MRM 9 T$B9 JS3&m9 `3m:oM TML9 T$B9 J3lTo9 M&9 M9 M$9 M49 MD9 T$B9 J3SlxnM
Ansi based on Dropped File
(~WRD0000.doc)
9 M`EF9 U9 M t2}u t ux& tBe > `< t<uFN > }t9 EE0 3C3FA >\t >"u&u}tF 8"u9
Ansi based on Dropped File
(~WRD0000.doc)
9 ME PEPEPE|; nMS& & ^9 ME P: M& & Jjh(7MR2pVA
Ansi based on Dropped File
(~WRD0000.doc)
9 MeEP9 & M & & M0 EEPMMREheMEFEPMRE7nEPMEPMPM<Tju5ShMEvME.FMREeMERMMF3@0hHSj `MM%h Sjx`3"j 4!9 h x WjK`jhXMu 9 ]ueSuEPRNP9 & u& tf;ush<Wj_MM& 9 !Vh xhj9 _v(& tjh5(v(3@^j>e M~u3M0 u"M;uM-3!_9 ;uMM9 9 >M9 E& ~2EPV9 M9 & u
Ansi based on Dropped File
(~WRD0000.doc)
9 MEPVM0 ]EM]ME9 EV9 t$& t[~tU9 N9 P & u9 N9 & t3@79 N9 Pl& t9 L$V;9 Nt$9 P& t
Ansi based on Dropped File
(~WRD0000.doc)
9 Mj2rMM([|jH^9 ]9 u9 0 ]0 ur& t& tj9 q3V'}f '}fVEP9 >zeM*9 W9 kS0 ]eYY0 E& tWY& veE}0 }& E3D=Pu'YY& v;s9 0 }Gr}uE9 9 ]+}0 Eu9 }jEP;Pu& & t}]}0 ]& 9 E`\3E}EWPYY& tWh|'EjP1]EEPuuV1EPE9 ]F0 uWY9 M3;t
Ansi based on Dropped File
(~WRD0000.doc)
9 MoMEtMEjuM9 PVM_MEIME/3Fjtx EPeM& t3FMM@
Ansi based on Dropped File
(~WRD0000.doc)
9 Mp 9 T$B9 J3pLsM MMM9 T$B9 J3p9 `3 prMM9 E e9 MMM9 T$B9 J3CpdrMH~9 EX eX9 MlfM]M`MM0EM=M5M -9 T$B9 J3oqM"!MMMMM9 T$B9 J3 o9 `3wolqM
Ansi based on Dropped File
(~WRD0000.doc)
9 Mv9 u9 ;r3@jQ9 MEPeh($M & u3MM 9 3FU9 Q9 Mejh4$a9 E9 L$h4$jSj9[9 0 ueND$J9 9 r
Ansi based on Dropped File
(~WRD0000.doc)
9 M|9 PQR49stD0 up9 E|9 UpRPEQ@;R9up up9 KnupE\E9 =9s M<e0 ET0 uXEP9 E|9 URPEQHf}
Ansi based on Dropped File
(~WRD0000.doc)
9 N,WK|33@_^U9 }u9
Ansi based on Dropped File
(~WRD0000.doc)
9 N389 N9 V3:9 E_^[9 ]E9 M9csmu)=pWt hpWb& t9 UjRpW9 M#9 E9Xth W9 9 &9 E9 M0 H9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 N38p9 N9 F38`9 E@f& 9 MU0 S9 [0 E0 Mt_I[9 L D 0 E9 0 E& t9 E& |@G9 E9 u }t$9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 N38Z9 N9 V3:J9 E9 H9 9S Rh W9 QL$+#9 %;r
Ansi based on Dropped File
(~WRD0000.doc)
9 P0 9 u#u Suuu# 39 U9 S9 ]V9 u9 & 9 0`A$Wy @tP tBt&tu= I 9
Ansi based on Dropped File
(~WRD0000.doc)
9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & npQ+t3& xT9 & & MpQ+t3& xT9 & & ,pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & x9 P;Qt}Q+t3& xT9 & & PpQ+t3& xT9 & & /pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & Z9 P;Qt~Qp+t3& xT9 & & 1pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & `pQ+t3& xT9 3& & ;I@+ 3& xL9 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & `9 P;Qt}Q+t3& xT9 & & bpQ+t3& xT9 & & ApQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & l9 P;Qt}Q+t3& xT9 & & DpQ+t3& xT9 & & #pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & spQ+t3& xT9 3& & N9 P;Qt~Qp+t3& xT9 & & %Qp+t3& xT9 & & Qp+t3& xT9 & & Qp+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & upQ+t3& xT9 & & TpQ+t3& xT9 3& & /f9 Pf;Q Qp+ 3& xT& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & }pQ+t3& xT9 3& & i9 P;Qt}Q+t3& xT9 & & ApQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & ppQ+t3& xT9 3& & K9 P;Qt}Q+t3& xT9 & & #pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & rpQ+t3& xT9 & & QpQ+t3& xT9 3& & ,9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & upQ+t3& xT9 & & TpQ+t3& xT9 & & 3pQ+t3& xT9 3& & pQ+ 3& xT& 9 9 M9 u+t3& xT9 & & AV+t3& xT9 & & AV+t3& xT9 & & AN+ : 3& xL9 0 9 M9 u+t3& xT9 & uhAV+t3& xT9 & uKAN~9 M9 u+t3& xT9 & u ANp9 E9 M_3_^]*(I"!+}nz: pP\}^2>^9 VjhS 9 9 9 ^9 U9
Ansi based on Dropped File
(~WRD0000.doc)
9 PQ39 E @ ^]jp>9 0 uFF|F<FFFF F$ 9 F,e& t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQ3^]^]`V9 t$& u@ E&htt$P|YY9 L$& t& t 30 >t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe9 M& & -& t3@jB3q,0 ]9u$9 A$9 VPQD;tMMLv3TM0 ]mPM9 }E;t9 39 9 uVQPR;t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe}t3EPMMx9 EPO 3Gj(B9 339u PuM0 u0 uf0 E 9 }0 u;t9 3Pu9 s00 E;u;t9 39 C$9 UR9 uuPQH9 & t9 M& t} uM
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf,9 9 F0& t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf,^39 D$9 L$@y4u@3@ @ V9 9 F,& t9 PQ9 D$0 F,^& t9 PQ9 D$xtt$9 @9 hsP@ @ U9 V39utZhturnYY& tG9 E(tHtHtHtHtu'9 E9p(9 E9p(t9p,u9 EjYf0 f0 H 9 ^]@ U9 VrVumYY& t2VumYY& t#9 EH& tH39 U0
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf0M9 l$l$l$Vl$l$l$8l$ l$l$l$$l$jl$l$l$ Ll$l$! l$$.l$ l$il$l$$l$Kl$l$ VW9 3jF4WPFF|F<FFFF F$ 0 ~(0 ~00 ~D0 ~H 0 ~,0 ~L_9 ^V9 D$tVY9 ^j>9 0 u"3N0 }:+3Cj
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf9 e9 URPQH& |9 E& t0 F3@3^U9 V9 9 MW0 u9 & t3XS9 & tI39^tB9 M0 ]0 ]0 ]Bt9 EPj@ 9 ;tW & uW3[_^}9 tf0 _9 MPVSZJWR EPjW$& & |X}tR9 E9 @9 URhsP& |19 E& t*9 PQ & |9 Eu9 PQ& |E9 E9 PQ9 E9 PQW9 ERji$:9 0 u.eNRR?NlE9 fF9 :ji99 0 uRRNlENE8M9 :AU9 SVW9 7& & u9 SS9 P3;u3u9 QuVVQQhhRSj9 9 & tw3P5"!_9 VVPP9 RjV9 0 ejhR9 l9 ).9 & ~4e& ~%u9 & t9 P9 E9u|9 Qj9 3@_^[]V9 M& ut$Nl`*~9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf<_^jX?9 9 }& u3`9~<u3@V9 E0 & t.MieM$iP9 0 4MMh0 ~<9 WP}t9 S'U9 Q9 MejjEP& 9 Et.& t49 VuuuuuPQ9 9 E& t9 PQ9 ^& t9 PQ@ U9 QV9 Ruc9 E& tAxv;9 9 @& u33e9 URhRrP& |}t9 9 E9 PQW ^j{?l9 uejEP6& tX9 E& tQe9 eURPQ3& |9}tuEu9 uP9 9 E9 PQ9 EM& t9 PQ9 3j?30 ]uEjP0 ];9 E ; 0 ]9 URPEQ;9 ER; 9 M! PMu9 EM9 URhjUR,tVPEQ;|Y}tSu9 Eu9 uujSVuPQu3;9 9 E];t9 PQ9 EM;t9 PQ9 ,u9 E;]t9 PQ9 EM;t9 PQ3j?9 0 u~,FENtE[N\EONES9 EM9 )7U9 uh,tAZYY& u
Ansi based on Dropped File
(~WRD0000.doc)
9 QP3Vt$Q^ 9 D$3 |$u9 D$ 3$ j %9 9 u& t6}u0M_eEP9 9 QM& uMW3_&P MM53@j W[%9 }& } M9 ueEP9 9 & toM9 MQMQ9 EPH& tDME& u89 ujXMf0 PM0 FE" MM0 3@MExMMl3t%U9 QeEPuL& t9 E& t9 MP3@3j1Q$0 M}uE9 u& t>9 ]& t7MMeEP9 9 u9 M& uM3$#URjjUR0 EFX9 h,tPQjYf0 & |}|3@3MMf0 Cy3@9 9 & tRt
Ansi based on Dropped File
(~WRD0000.doc)
9 rru9 N}t0+PVEP9 9 MPEPMEw9 Mt3F U9 Vu'Vu+9 EuhDVP+9 E^]U$! xjh^dP 30 & xSVWPEd0 e9 & x9 x9 x9 xe0 E9 & x9 0 EE~o& t3qee9 J9 0 E>n9 M9 4njhuVPW& 0 E& uY9 u& tP0 e}tu& }tu@$Y9 E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 Ruu(9 ;uE9EG7E0 9EtM& 9& t 39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 Sjp9 & tp & t9 jp9 & tp & t9 jpj,'9 c& 9 E0 & 9 x& W9 7MVeEPv@ & EPWEP9 _9 N8 (0 E3& t 9 ME
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3[)]MM9 T$B9 J3[P)]M 1M9 T$B9 J3V[ )w]M8M8M89 T$B9 J3#[)D]MN]9 T$B9 J3[9 J3Z *]M!]M]M]M]M]M\M\M\M\M\9 T$B9 J39 ZD*\9 M59 M$L9 T$B9 J3ZZ*{\M" MM& 9 T$B9 J3'Z+H\9 MO9 Mgu9 MB9 T$B9 J3Y@+\9 MpO9 M.u9 T$B9 J3Yt+[MMMM9 T$B9 J3& Y+[M9 T$B9 J3bY+[9 MN9 T$B9 J3?Y,`[u_Yu_Y9 T$B9 J3YD,1[9 M N9 MPt9 M+9 T$B9 J3X ,ZuS_YuI_Yu?_Yu5_Y9 T$B9 J3 X,Zu_YMu^Yu^Yu^Y9 T$B9 J3IX,jZ9 My9 M(y9 MD0{9 Md x9 T$B9 J3XT-&Z9 Mxy9 M(59 MDz9 T$B9 J3W-YuH^Y9 T$B9 J3W-Y9 M9 M8"!z9 MXw9 Mtw9 Mw9 Mgz9 MYz9 T$B9 J39W-ZY9 Mc9 M8+z9 MX w9 Mt w9 Mxw9 My9 My9 T$B9 J3V<.XM}wu?]Y9 T$B9 J3~V.X9 T$B9 J3V/XMM-w9 T$B9 J3XV4/yX9 T$B9 J3=VR/^XMv9 T$B9 J3V/;XMJ{9 T$B9 J3U9 J3U/XM(M 9 T$B9 J3U0W9 T$B9 J3U9 `x3aUp0WMMMM9 T$B9 J3_U0 WMJ9MB99 T$B9 J34U0UWM|2M0gM+M+M +M@: +Ml8Mh8Md+M'MMMp*MXF2MS+MP62M9 T$B9 J3 T1VMG:9 T$B9 J3nT1VMM :M"!9 T$B9 J3;T1\V9 M_9 M h9 MZ9 ML9 M>9 T$B9 J3S 2V9 M}_9 M
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3z9 `<39 z|9 M" 9 M9 MPa9 Mta9 T$B9 J3Dze|9 MR" 9 M9 MP"!a9 Mt}a9 M]" 9 T$B9 J3y,|MaM"!a9 T$B9 J3y{u@ Yu6 Yu, Yu" Yu Y9 T$B9 J3wy{9 M@qS9 M\fS9 Mx[SMG9 T$B9 J33yT{uYuYu: Yu Yu! Yu}Y9 T$B9 J3x<zM9 T$B9 J3xz9 M@: 9 M\: 9 Mx: 9 T$B9 J3}x~zM9 9 T$B9 J3Zx
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3|(~M<MMM0 MM9 E e9 M9 T$B9 `,3O|Lp~9 T$B9 J34|9 `S 3'|H~MbMZMRM9 T$B9 J3{D
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3}&M5M-9 E e9 M
Ansi based on Dropped File
(~WRD0000.doc)
9 u& 0 9 0 & u 0 & 9 & & {X HHty+ &HH& a& 0 t0GPh& P& P3& t& `G& & & 0 & 19 0 & t<9 H& t5& 0 t"!+& 0 & PYp eRg}2itmnt$o& : & 0 taU9 70 & & tf9 & f0 9 & 0 & @&
Ansi based on Dropped File
(~WRD0000.doc)
9 u39u3A9 M0 ] RPM99 URhjURh,t0 ]9 P0 ]Q;R9] 9 M30 ]}& tr/9 & ~g3jZ0 ]Qm3Y0 E& ~F39 MWEP9 E9 P9 M0 DMEp 9 MjXf0 G;|MjYUR3URuf0 E}UR3FVjf9 E9 9 h,tuPQ& |0 u& ~#39 E9 D& tPKuuYu9 Ej,5?3SjEPE0 ];t9]tzEP9 E9 URP0 ]Qt;|I9]tDjuM_"!MEnEPEPMEMEWM]L 9 E9 PQEP9 E@V9 tCt:h|9 hjlGhSh ^VW9 9 & tP0R)'F,P9 9 9 F<& t
Ansi based on Dropped File
(~WRD0000.doc)
9 u3}h" V@@PN3jO 9 0 ujvQeN: N$EN4ENHEwNXEkNhE_9 END0 Fx9 E0 F|9 E0 9 n jO! 9 0 uNhE6NXE*NHEN4EN$ENEM9 PjO9 0 ujzPeNxN$E N4E! NHE{NXEoNhEc9 E& u!Fx!F|ND} 9 0 } 9 Hx0 Nx9 H|0 N|9 @D0 FD9 SjOl 9 0 uujOeNf4N(f,f09 j7P% 9 0 u9 }& t9 G3PjOe^9 x3E;uN(0 F,0 F0GGP9 *9 G(0 F(9 G,0 F,9 G00 F04t'h yY0 EE& tw49 }30 F49 g jeP 9 0 u9 N43@0 E& t9 Pf4NE
Ansi based on Dropped File
(~WRD0000.doc)
9 U9 9 M9 V9 uy|9 Q9 I9 429 ^]9 U9 & u
Ansi based on Dropped File
(~WRD0000.doc)
9 u9 M0 EEP 9 !E9 u9 MEP9 !E9 uEP9 9 }9 9 M# M6& & M}EPEPE P9 EF& UM~& & EEPEP9 9 FVPM\EPM[ tQhSj" :ME$ ME ME ME MM & M%9 p& uh~| & & |PEP9 E~& u$hSj:|E``V& |PEP9 y|E`MEb& MEV& MEJ& ME>& MM 2& 3@1h`hHSjx9h4Sjc93U9 VWh xHVj9 :99 ! R& t}t9EuhnuEP9 WwMEPM uh79 M|& u&9 Mh& uhVj83@hVj83_^U9 VuEP9 VvMEPM3 ^9 j "9 MzeEPu9 3& t)MH|& uEP9 |MM9 9 MM 3~jD9 r2hRMneEPM-nh\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 M9 F@,9 F9 @@,9 Fp9 RF9 y, d9 G9 @9 MWS@,C9 E>j`
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 " 9 F@9 F9 @@9 Fp9 L9 zuAB9 9 IA9 9 p,;1u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 ,9 F@ 9 F9 @@ 9 Fp9 F9 y d9 G9 @9 MWS@ H9 ECjD\9 r2hRM\meEPMlh\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 0 9 F@9 F9 @@9 Fp9 )F9 y d9 G9 @9 MWS@9 EU9 QVQ0 e0 eu9 ]9 ^jH0 M9 ] {t2hMkeEPMYkhEPE41M9 zt9 {9 C xt9 9 EH9 9;uv 9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u t9 9 9 9 9 xt0 9 E9 H9Yu} t9 9 G9 9 9 B xt0 Q\0 B9 0 ;Cu9 9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HKQP+YY {& & 9 ;ul9 F xu@VF^9 F xu}9 yu9 H yth9 H yu9 A9 MP@j9 F`NH9 MF9 @V@~ xu@VF79 xu9 H yu"9 yu@9 9 v9 M9 A;x& ?79 yu9 HA9 MP@9 `NH9 MF9 V@Gj9 S Y9 M9 A& vH0 Auuu9 E=jHV0 M9 ] {!t2hMUieEPMhhEPE4MD9 z!t9 {9 C x!t9 9 EH9 9;uv !9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u !t9 9 9 9 9 x!t0 9 E9 H9Yu} !t9 9 G9 9 9 B x!t0 Q\0 B9 0 ;Cu9 !9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HK Q PYY { & & 9 ;ul9 F x u@ VF 9 F x!u}9 y u9 H y th9 H y u9 A 9 MP@ $9 F`N H 9 MF 9 @V@ ~ x u@ VF 9 x!u9 H y u"9 y u@ 9 9 v9 M9 A;x& ?79 y u9 HA 9 MP@ `9 `N H 9 MF 9 V@ ! G j9 0SY9 M9 A& vH0 AuuuW9 EU9 9 EVu9 0 9 E0 F9 EN0 F5f`EF,F-9 ^]Vt$9 g49 ^U9 SVW9 9 G9 p9 E9 MFP9 D}E t9 69 v ~!tWSM }tL9 GW0MEPM t&uSjEP9 L9 9 9 E9 I0 0 H@2Mf9 uuN| tuSu9 E9 M0 0 p@_^[U9 SVW9 9 G9 p9 E9 MFP9 ||E t9 69 v ~tWSMQ }tL9 GW0M=EPM< t&uSjEP9 9 9 9 E9 I0 0 H@2M`9 uuN{ tuSu9 E9 M0 0 p@_^[U9 V9 ~uuvju9 Eg9 FSWV0M EPM t$9 E9 }P9 { Wu9 VvMWEPMV9 } t'9 F9 HWB{ 9 FWp9 j9 EP9 { t89 E0 E9 EM0 E 9 ]WKz t9 C x!W9 tSgug9 MWz tf9 EVv0 E9 EM0 EMEPM9 ] uCP9 z t$9 E9 H y!W9 tPjSju9 EWEP9 9 9 M0 9 @0 A9 _[^j;Z9 0 uQ0 e0 eu9e9 I9 j;%9 0 uQ0 e0 eue9 9 U9 QQV9 9 FV0MEPM t/VvMxEPM~ t9 u9 lOEPM{ u/SW9 }9 ]MlSWEP9 `EPMN t_[u9 uu9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^U9 QQV9 9 FV0MEPM t/VvMEPM t9 u9 rOEPM u/SW9 }9 ]MSWEP9 EPMT t_[u9 uu9 E^jd}jjSe9 YY0 u0 uE& tu9 uuuuA9 u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 89 F@ 9 F9 @@ 9 Fp9 \L9 z uA B 9 9 IA 9 9 p,;1u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 R9 F@,9 F9 @@,9 Fp9 ML9 z,uA,B,9 9 IA,9 9 p,;1u
Ansi based on Dropped File
(~WRD0000.doc)
9 VP3@ ^]9 L$I9 Au9 jP3V9 rf9 ^j+y9 0 u9 Fe& t9 PQfM9 P'j.B9 H~u%jPEY9 0 Me& t3M0 F9 !9 F& t9 PQ9 FVW9 39~tG9 9 _^V9 9 N& tc9 ^V9 l
Ansi based on Dropped File
(~WRD0000.doc)
9 VP3WSFPP
Ansi based on Dropped File
(~WRD0000.doc)
9 Vt$P& t9 WP9 _^j[&9 eEP7 9 EMM0 Fz9 jE}t@MW[uehX'h&h Mv_& u
Ansi based on Dropped File
(~WRD0000.doc)
9 W9 & u!3MSE\
Ansi based on Dropped File
(~WRD0000.doc)
9 X& t9 }t9 E`p9 S9 E~10 ]}EP9 E%PBYY& t`EjE]EY;J*3]EA9 EjpUjRQMQVpEP $& oEtM }t9 Map^[9 U9 =Tu9 EHw ]juYY]9 U9 9 MS3VW;t9 };w Ij^0 0SSSSS99 09 u;u9 `BF:tOu;uYIj"Y0 9 3_^[]W9 |$n$9 9 L$Wt` t=u9 9 ~3t9 A t# ttty
Ansi based on Dropped File
(~WRD0000.doc)
9 X0 ]& u3u`3@ 9 N`0 M9 M0 N`9 H& 9
Ansi based on Dropped File
(~WRD0000.doc)
9 x0 E9t9 F0 E9 E^[U9 QQSV39 0 ]9^t=9 FWUR0 ]9 PQS h9 jZW Pu W0 E_9 F;t9 @;t
Ansi based on Dropped File
(~WRD0000.doc)
9 X0F}~D9 C9 E9 9 `9 [F& }& }u9]|0 ]9 }9 Wj0V }t9 E`p3_^[9 U9 , 30 E9 ESVW9 }j^VMQMQp0~+3;u%SSSSS0 0}9 Z9 E;vu3}- +9 uMQ9 MQP3}- P);tuESVu9 `9 M_^3[ q9 U9 0 30 E9 ESV9 uWj_WMQMQp0*3;ujSSSSS0 8}9 9 M;v9 EH0 E3}- <0u+EPuQW(;tX9 EH9ES|-;E}(:t
Ansi based on Dropped File
(~WRD0000.doc)
9 Y 9 0 $-& 9 U9 V9 uW3;t9}w OjYWWWWW9 0 "!9 3}f0 sOj"SEPP E"!jd[Mj/Xf0 F
Ansi based on Dropped File
(~WRD0000.doc)
9 }& t9 w& tjVe& tWuSV_^[jS;=F9 E3H HH H Ht[Ht0H& h\"@Y9 0 ME& 3h\?Y9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
9 }9 & t"9 QPu9 R$& & WuhWuh 9 }9 & t9 QPu9 R & ugWuhoWuhE9 E]0 E& t,EPu< 9 M9 E9 QPu9 SuR(& uuuWu_^[U9 V9 Vu0u,u(u$u uuuuuu 0 F& u
Ansi based on Dropped File
(~WRD0000.doc)
9 }e'EPu9 uu& uhLMm& u;h9 M=Ph|@Vj0 MM3@hxVjMM3" Rj 9 0 M39=@t30 }=9 ;tu9 uuu>0 EuXuuuh
Ansi based on Dropped File
(~WRD0000.doc)
9"949Y9b9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9$9,949<9D9L9T9\9d9l9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9$9,949<9D9L9T9\9d9l9t9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9$9D9L9X9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9%9.949]9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9& ah` Y0 EE;t9 39 0 ejh|9 E0 s49 9 s9 jr9 uj3VPLj9 0 ejhTS9 9 VVVc9 9 jrPM EP9 E& t<M(BEPME@T;uVuP9 9 PMEB9 9 9 URPP9 9 EPEP9 E9 M0 E9 E9 @0 E9 9 30 EFVEPE
Ansi based on Dropped File
(~WRD0000.doc)
9& xhLY0 EE;t9 39 0 ejh|9 E0 ^s49 9 s9 jq9 u3VVPLj9 0 ejh %9 9 VVj9 9 jqP9 u39 9 9 U RPP9 9 EPEP 9 E9 M;0 M|0 E9} 9 9 9 M9 E;~0 M0 E9 E;E~0 E0 EE
Ansi based on Dropped File
(~WRD0000.doc)
9(9,9<9@9P9T9d9h9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9(9H9P9X9`9h9p9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9,989X9`9h9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9,9P9l9p9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9/9n9u9{9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
90949L9\9`9d9h9l9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
909P9X9`9h9p9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
93tRWh(M.;t@EDPexWh``9t[EDsxP:0E\=}\u7EDPexWh`9tEDsxP:h0ME3}`EDsxP:B0MD>hM0/t6EPMEP+uEPD:ME2M0E2EhEh;EXsh+thxf4Kx*up*u!hh74)P:ulTS2r0MM 23@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
94 TUBI->!D2! WJS g[`37V! ]% 5
Ansi based on Dropped File
(~WRD0000.doc)
94 TUBI->!D2WJSg[`37V]%5
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
989?9F9M9T9[9b9i9p9w9~9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
99 3& tRWh(M.;t@EDP9 0 exWh``99 & t[EDsxP9 :9 0E\=}\u7EDP9 0 exWh`99 & tEDsxP9 :9 h0ME39 }`EDsxP9 9 :9 B0MD>hM0/& t6EP9 MEP+& uEP9 D:ME2M0E2Eh9 Eh;EX sh9 +& thx9 f4Kx*& up9 *& u!hh9 749 )P9 :9 ulTS9 9 R2r0MM 23@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9909T9u9 97:& ::::?;V;n;
Ansi based on Dropped File
(~WRD0000.doc)
9909T9u997:::::?;V;n;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
99?:i::7;q;;;<f<<<="==1>B>N>Z>f>v>>?#?7?V?u?z? ? ?~?????????
Ansi based on Dropped File
(~WRD0000.doc)
99?:i::7;q;;;<f<<<="==1>B>N>Z>f>v>>?#?7?V?u?z????????????
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9;:K:U:_:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9] tAPAP_^[]Ujuuuuuu]UESV3Cut]tS}YtEtjcYvEjAEY#tT=t7=t;ubM{LHM{,2MzMzxxE3tW}DEPQQ$xM]}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]tuEPEPe~uEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]tuEPEPNh~& uEP9 0 ]&
Ansi based on Dropped File
(~WRD0000.doc)
9]tuEPEPNh~uEP]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]tuEPEPuENhP}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]tuEPEP}& uENhP}
Ansi based on Dropped File
(~WRD0000.doc)
9]tuEPEP}e~& uE}P
Ansi based on Dropped File
(~WRD0000.doc)
9]~"9 M9 EI8t@;u9 E+H;E}@0 E ; & 0 ]9] u9 9 @0 E 9 5 39]$SSu" uPu 9 ; ~Cj3Xr7D?=wa9 ;tPbY;t0 E0 ]9] >Wuuuju & 9 5SSWuuu9 0 M; Et)9] ;MuuWuuu;~Ej3Xr9D=w"!9 ;tjPUaY;t9 3;tAuVWuuu& t"SS9]uSSuuuVSu 0 EVBmYu9m9 EYY0 ]0 ]9]u9 9 @0 E9] u9 9 @0 E u[XY0 Eu3!;E SSMQuPu yX0 E;t9 5 SSuPuu0 E;u3~=w8=w9 ;tP?`Y;t9 3;tuSWsCuWuuuu0 E;u3%uEuPWu uW9 0 u#uWlYuuuuuu 9 9]tu^Y9 E;t9EtP^Y9 e_^[9 M3Q29 U9 uMRu(Mu$u uuuuu( }t9 Map9 U9 QQ 30 ESV3W9 ;u:EP3FVhVR& t0 54Pxu
Ansi based on Dropped File
(~WRD0000.doc)
9]~"MEI8t@;uE+H;E}@E;]9] u@E 539]$SSuuPu ;~Cj3Xr7D?=w;tPbY;tE]9]>Wuuuju 5SSWuuuM;Et)9];MuuWuuu;~Ej3Xr9D=w;tjPUaY;t3;tAuVWuuut"SS9]uSSuuuVSu EVBmYu9mEYY]]9]u@E9] u@E u[XYEu3!;E SSMQuPu yXE;t5SSuPuuE;u3~=w8=w;tP?`Y;t3;tuSWsCuWuuuuE;u3%uEuPWu uWu#uWlYuuuuuu9]tu^YE;t9EtP^Ye_^[M3Q2UuMRu(Mu$u uuuuu( }tMapUQQ3ESV3W;u:EP3FVhVt54Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9^ht79^lt2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9A0 A0 AlV9 u9 ;W9 }0 E~9 A;R]Au]Eu]EEAuzEa0 X0 _^3V9 9|t9D$tjt$FPt$F^3V9 N^(WjdP~0W0 F0 F0 0 F0 F0 F0 F0 F ~jXHu_9 ^V9 9 FW3;t9 PQ0 ~9 N;t9 j0 ~9~t0 ~9 ;t9 PQ0 >9 F ;tPR v 0 ~ _^V9 9 & t9 PQ&^hl1 & uP83@U9 Q=|u2eEPhtjjhs,& & |9 E& t9 PQ3@3U9 W39=|u31Vq9>u%WEPVE0 }0 }0 }& t0 >33@^_U9 QQSV39 0 ]9^t=9 FWUR0 ]9 PQS h9 jXW Pu W0 E_9 F;t9 @;t
Ansi based on Dropped File
(~WRD0000.doc)
9AAAlVu;W}E~A;R]Au]Eu]EEAuzEaX_^3V9|t9D$tjt$FPt$F^3VN^(WjdP~0WFFFFFFF jXHu_^VFW3;tPQ~N;tj~9~t~;tPQ>F ;tPv ~ _^VtPQ&^hl1uP83@UQ=|u2eEPhtjjhs,|EtPQ3@3UW39=|u31Vq9>u%WEPVE}}}t>33@^_UQQSV3]9^t=FWUR]PQShjXWPuWE_F;t@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9D$" L|9D$ L{9 V9 tSD$tV#EY9 ^V9 S
Ansi based on Dropped File
(~WRD0000.doc)
9D$L|9D$L{VtD$tV#EY^V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9F8t9 N89 W9 YWY9 N,& tt9 N0& <F9 & u$MWMEWMMEP9 9 N0E& tW9MM7,9 N,& t%s9 v0& t9 & tW9 59 j9 u
Ansi based on Dropped File
(~WRD0000.doc)
9F8tN8WYWYN,ttN0<Fu$MWMEWMMEPN0EtW9MM7,N,t%sv0ttW5ju
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9Fr9 F9 & F9 N$F~rWv$NFQPv0 E& & !F9 F!} A9 MeMUCE9Er9 & 4#E9 NH9 P0 M0 Usm9 )E9 F9 N0 FujXB3 0 M!} 9 MeMUCE9 M9Urm9 & 4#MM9 m9 M)E9 F9 N9 9 U;! }u 9 F9 D39 V0 `AMu0 N9 F9 9F 9 FfWv$MQMQMQMQv9 AQPEE$0 E& & sWuuuuT& v0 Fw(W$YY9 Eu0 F 9 E0 F9 E0 G9 +WG9 E0 V0 F4& VeWv%9 G9 0 E9 F 0 E9 FYY9 N40 E9 F00 M;s+H9 F,+~0 E& &9 @9 Eu0 F 9 E0 FgjGNjuGM}uvw(W$YYuvw(W$9 EGM0 F 9 E0 F9 E0 G9 +jG9 EW0 V0 F4& } u9 EWV0 F49 N40 M9N0t'9 M0 N 9 M0 N9 M0 O9 +0 O9 M0 N4P*jUVVWXZZ
Ansi based on Dropped File
(~WRD0000.doc)
9FrFFN$F~rWv$NFQPvE!FF!}AMeMUCE9Er4#ENHPMUsm)EFNFujXB3M!}MeMUCEM9Urm4#MMmM)EFNU;}uFD3VAMuNF9FFfWv$MQMQMQMQvAQPEE$EsWuuuuTvFw(W$YYEuF EFEG+WGEVF4VeWv%GEF EFYYN4EF0M;s+HF,+~E&@EuF EFgjGNjuGM}uvw(W$YYuvw(W$EGMF EFEG+jGEWVF4}uEWVF4N4M9N0t'MN MNMO+OMN4P*jUVVWXZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9h:l:p:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9h`YEE;t3ejh|Es4sjruj3VPLjejhTVVVcjrPMEPEt<M(BEPME@T;uVuPPMEBURPPEPEPEMEE@E3EFVEPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9hLYEE;t3ejh|E^s4sjqu3VVPLjejh%VVjjqPu3URPPEPEPEM;M|E9}99ME;~MEE;E~EEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9K:X:_:o:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9M}MkW\DE)vEuwdSUY]}}tj9YSUYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9M~39E9 jX_^j$}"Z+9 9 }& t$B;E 9 }0 _'h7%Y9 0 Me& tMA3M}0 & t u9 @uHQ9 }DPCEPv< 9 E
Ansi based on Dropped File
(~WRD0000.doc)
9M~39EjX_^j$"Z+t$B;E_'h7%YMetMA3Mt u@uHQDPCEPv<E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9P9 M9 EUBMM
Ansi based on Dropped File
(~WRD0000.doc)
9UujX]9 M#f;ujf;uEu9Utj3]9 U9 UDz3a9 U3ukEu9Mt]]Au3@3eE tMeJEtVf!u^;t fEEQQQ$"QEQQ$9 E0 ]9 U9 Q: }E9 U9 Q}E9 U9 Q: }9 E9 M#M#E0 EmE9 U9 QQ`Mt
Ansi based on Dropped File
(~WRD0000.doc)
9UujX]M#f;ujf;uEu9Utj3]UUDz3U3ukEu9Mt]]Au3@3eEtMeJEtVf!u^;tfEEQQQ$"QEQQ$E]UQ}EUQ}EUQ}EM#M#EEmEUQQMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9Vy#&sJ03@D |<#L @dP& StiSwl0) #c&a@4) ?("!! lx(``ES &B`z=AD&*+'SL \C)]*m*8T&+$\50&
Ansi based on Dropped File
(~WRD0000.doc)
9Vy#&sJ03@D |<#L@dPtiwl0)#c&@4)?(!l(``E&B`z=AD&*+'L \C)]*m*8T&+$\50
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9zb ! 0! !C
Ansi based on Dropped File
(~WRD0000.doc)
9}ht(h@M ?9}ht9 N9 Pp9 ;|~"MNMERM9 ENMiRMERMER9 N9 UREP$9 N9 9 URP9 MT#EPV3#9uXthM 3G;& R9uh& ME! " ME{" MEo" M Ec" MEW" MDEK" ME?" M4E3" MM'" 39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9}ht(h@M ?9}htNPp;|~"MNMEMENMiMEMENUREP$NURPMT#EPV3#9uXthM3G;9uhMEME{MEoM EcMEWMDEKME?M4E3MM'3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9}u3@O9 N;t9 PXh~2Y9 0 M0 };t`3vM9 0 F*9 NWWWvq39j%89 30 ]9^tMM3@89 N;t9 PX3CMM9 h1Y9 0 ME;t3MQ9 ]0 Fsv9 N! 9 NSSSvj,&79 9 N & tf 9 N& t2 MzeM& u9 NPMMz38V9 t$& tDW9 N9 & ~-S3& ~S9 M& t9 j9 C;|jWj9 S[9 j9 _^V9 ~ tt$9 N t$9 Pd9 N`^& t
Ansi based on Dropped File
(~WRD0000.doc)
9}u3@ON;tPXh~2YM};t`3vMF*NWWWvq39j%83]9^tMM3@8N;tPX3CMMh1YME;t3MQ]FsvNNSSSvj,&7N tf Nt2MzeMuNPMMz38Vt$tDWN~-S3~SMtjC;|jWjS[j_^V~ tt$N t$PdN`^t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9~u9~t3@3_^U9 QeVEPu9 10 F9 E0 9 ^D$V9 tVRY9 ^j89 R9 M9 u9 ]}
Ansi based on Dropped File
(~WRD0000.doc)
9~u9~t3@3_^UQeVEPu1FE^D$VtVRY^j89 RMu]}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
: :$:4:8:<:D:\:l:p:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :8:H:L:P:X:p:t:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :@:L:t:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :D:d:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: MDERMERMERM ERME: RM`ES"MM'3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
: MH# PhPM] 9 MxEP/ME : ME9 : MHE: MEs: MEg: ME[: MEO: M EC: <E"M0]): MX0 u: 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
: YYYYYYYYYYYT
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:$:,:4:<:D:L:T:\:d:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:$:D:L:X:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:,:<:@:P:T:d:h:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:0:8:@:H:T:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:0:L:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(;-;L;d;v;{;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:*\R,U&)4H(F 8DE!X%GJ"2.1O6
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:,:0:8:P:`:d:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:,:0:P:T:p:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:,:4:<:H:h:p:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:.:>:P:U:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:/::::;;#;C;j;p;v;|; ;;;@Xq3333%4b4x44445*5:5X5,6g89x999/:?::::;r;a;<==0>O>n>>?7???P"0700L11<2O2q2222/3U3e3333566>7s7777F8]888888
Ansi based on Dropped File
(~WRD0000.doc)
:/::::;;#;C;j;p;v;|;;;;@Xq3333%4b444445*5:5X5,6g89x999/:?::::;r;;<==0>O>n>>?7???P"0700L11<2O2q2222/3U3e3333566>7s7777F8]888888
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:0:8:@:\:d:l:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:2v/P+pA/M YdR'<9gqt |`r7S Clc|w\sY K$B'n-?4o<3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:3M&-uwjh<M/ud!Exg~Vuxt4MD+EPEwM+PKh<ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:4:<:D:L:T:\:h:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:4:B:X;;;4<}<<===>7>>>c???100012m2 2x2224(4E44555'535?5K5W5c5o5{5! 5 5x55555555 6 6657l777 8-8C8a8 8a888w9! 9R9 9999Q:t:y:" :::;;);.;y;R;;<<'<8<d<<<=/=F===t>>9????XK0 0021s1112233556i667D7}777T88(9& 99\::;;;<<<L==T>>? ?0<001+1I111T22B33(494`4" 4S444(5555L6n6: 6666G7S7\7a777778>8J8[8g8 8888~999:/:::;I;Z;! ;}; ;;;;;;<1<:<@<V<g<a=x======8>H>" >>>> ?;?m? Z1x1S111)2O2k2 29 222]3b3z3333\4a4444445! 5}5S55555&666@6a6f666666677,7>7e7r7z777778P8 8x888849F9a9l9~9 9999::9:D:l:z:;;5;v;~;" ;;;<G<L<w<& <<==B=G=R=: ====>.>V>f>: >>>>>I?T? ????00"0@0E0c0w0000E1i1n1R1111122
Ansi based on Dropped File
(~WRD0000.doc)
:4:B:X;;;4<}<<===>7>>>c???100012m222224(4E44555'535?5K5W5c5o5{5555555555566657l777 8-8C8a88888w9999999Q:t:y::::;;);.;y;;;<<'<8<d<<<=/=F===t>>9????XK00021s1112233556i667D7777T88(999\::;;;<<<L==T>>??0<001+1I111T22B33(494`44444(5555L6n66666G7S7\7777778>8J8[8g88888~999:/:::;I;Z;;;;;;;;;<1<:<@<V<g<=======8>H>>>>> ?;?m? Z1x1111)2O2k22222]3b3z3333\4a44444455555555&666@6a6f666666677,7>7e7r7z777778P88888849F9a9l9~99999::9:D:l:z:;;5;v;~;;;;<G<L<w<<<==B=G======>.>V>f>>>>>>I?T?????00"0@0E0c0w0000E1i1n11111122
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:9 3& M&-& uwjh<M/& ud!Ex9 g& ~Vux9 9 & t4MD+EP9 EwM+PKh<ME
Ansi based on Dropped File
(~WRD0000.doc)
:9:D:l:z:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
::1:A:[:& :g;;H<[<j<s<<<=d===??&?5?B?\?c?w??"!?????? 0!0;0O0 011,1@1h1=2F2x2 22213x3N5}5555556#696 6667x77798q8T9b9: 99999<:L:::;-;[; ;;<5<R<<?==[>b>?L?^?n?S???0
Ansi based on Dropped File
(~WRD0000.doc)
::1:A:[::g;;H<[<j<s<<<=d===??&?5?B?\?c?w????????0!0;0O0011,1@1h1=2F2x2222133N5}5555556#6966667x77798q8T9b999999<:L:::;-;[;;;<5<R<<?==[>b>?L?^?n????0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:\:b: :::::;";r;};! ;;;V=g=o=u=z= ===>>*>6>C>J>>>>?.?=?B?c?h?S??????????PL0
Ansi based on Dropped File
(~WRD0000.doc)
:\:b::::::;";r;};;;;V=g=o=u=z====>>*>6>C>J>>>>?.?=?B?c?h???????????PL0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:d=h=p=t=x=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:DX}'e }:H!w"TQ:eg& ,epE6` 0vXa& VX@uE X}@ *!A%zGp@7f! 0 9`p`|#`*H L6d X 0! <8$ 8" @*j# ! RXbFsOd/S 5%+L1& k& lbFx|b!h <$SDJ'C1fB kx! 1 *+F(SDK' &1 O!! $&
Ansi based on Dropped File
(~WRD0000.doc)
:DX}'e}:H!w"TQ:eg,epE6` 0vXaVX@uEX}@ *!A%zGp@7f9p|#*HL6dX 0<8$8@*j#RXbFsOd/ 5%+L1k&lbF|b!h <$DJ'C1fB kx1*+F(DK'&1O!$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:o;.<G<X<}<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:t tQuW9 V9
Ansi based on Dropped File
(~WRD0000.doc)
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; ;$;,;D;T;X;h;l;t;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; ;(;@;P;T;X;l;p;x;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; ;@;H;P;\;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; return false;'
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
;#;C;j;p;v;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;,;4;<;D;L;T;`;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;,;4;@;d;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;,;P;d;l;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;0;5;E;J;P;V;l;s;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$SSE(PM3;MbMH;hxgEL;u*MEM]MM(TM]TLuTMf;tv;~kML<`MLjh|h\NjMLVd;t>jWhlMPWE8PyjE8Ph`ElM8EETMKL9ETeu`MH3F_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;%;F;K;e;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;&;/;L;i;y;~;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;(;,;0;8;P;T;l;p;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;+;2;9;@;G;N;U;\;c;j;q;x;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;+=/=3=7=;=?=C=G=K=]>w>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;+Eu9 }"!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }9 5 NN9 "!9 0 EyJBjY+3B\& 0 M& & T& |& u@|f9 "!jY# yNFe3+BL& 9 1<;r;sE0 99 M& tL& 9 r3;rs3G0 19 Hy9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
;+Eu9 }"!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }9 5" NN9 "!9 0 EyJBjY+3B\& 0 M& & T& |& u@|f9 "!jY# yNFe3+BL& 9 1<;r;sE0 99 M& tL& 9 r3;rs3G0 19 Hy9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
;+Eu}yJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}5NNEyJBjY+3B\MT|u@|fjY#yNFe3+BL1<;r;sE9MtLr3;rs3G1HyM!E@}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;, )_9kkkk9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;,;0;@;D;T;X;h;l;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;,;4;<;H;h;p;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;,;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;-<;<B<a<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;.<4<k<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;0;8;@;D;L;`;h;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;0;[;;; <<=S= ==9>d>>>?@?c? ???|$0W0a00
Ansi based on Dropped File
(~WRD0000.doc)
;0;[;;;<<=S===9>d>>>?@?c????|$0W000
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;4;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;4;<;H;h;p;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;9}ul9 PP:Y0 _& & :9}thq& uFVSj54 9 & uV9St4VO Y& tvV? YS:30 :|& u{:9 PP+:0 Y9 9 U9 SV9 u9 F9 3 u@t99 FW9 >+& ~,WPV`YP;u9 F y0 FN _9 Ff0 ^9 []9 U9 V9 u& uV5Y/V|Y& tF@tV0 PJ YY3^]jhA 30 }0 }jtY0 }30 u;5`P98t^9 @tVPVx`YY3B0 UP9 9 Ht/9UuPJYtE9}utP/YuE0 }F 39 uP4V`YYE}9 Et9 Ej[sYjhB39uuV
Ansi based on Dropped File
(~WRD0000.doc)
;9}ulPP:Y_:9}thquFVSj54 uV9t4VO YtvV? Y:3:|u{:PP+:YUSVuF3u@t9FW>+~,WPVYP;uFyFN _Ff^[]UVuuV5Y/V|YtF@tVPJYY3^]jhA3}}jtY}3u;5`P98t^@tVPVYY3BUPHt/9UuPJYtE9}utP/YuE}F3uP4VYYE}EtEj[sYjhB39uuV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;;<x<3=K=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;<F<K<_</=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;=;J;a;{;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;_,.,,,,;,;,,
Ansi based on Image Processing
(screen_9.png)
;`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;AuV9 t$W9 & u3@$9 0 tHu9 {
Ansi based on Dropped File
(~WRD0000.doc)
;AuVt$Wu3@$tHu{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;E~E9tEEE+E3Mu2
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;F<uQ9^(uLh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;GIF89a'!',i)Q2PP,:B&VkQ(m]NCP}9A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;GIF89a'!',i)QR2& PP,: B& VkQ(9 m]NCPR }9A
Ansi based on Dropped File
(~WRD0000.doc)
;H<[<j<s<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;kkkkkbBAd6I"ZkkkkkkkK
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;M\& & & M\PM4ohH M8& tP& P9 zPM\EuE
Ansi based on Dropped File
(~WRD0000.doc)
;M\M\PM4ohHM8tPPzPM\EuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;MM:9 M"!ME~ME9 EPhM'2PVM)M9 EmMES& j,OeuEP3CM0 ]2& t9 MeEP@0 ]RM-1MEMEME9 EPhM|1PVM& u
Ansi based on Dropped File
(~WRD0000.doc)
;MM:MMEMEEPhM'2PVM)MEmMESj,OeuEP3CM]2tMeEP@]M-1MEMEMEEPhM|1PVMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;r9 9 Puuct6"!+x& w9 uuuYYujH PL 3 X 8u;
Ansi based on Dropped File
(~WRD0000.doc)
;r;sE}0 _tfm@@M}GGEM}"!f& ~79 }& x+9 E9 Me9 0 E?0 Ef& f& Mf& }B9 EtE9 M9 }9 Um9 MH0 }0 Mu9EtfM 9 f9Mw9 M u4}u+e}uef9Muf0 EFfEEEf;r#33f9E0 E 0 EI 0 M;f9 Euf0 E9 E0 E9 E0 Ef0 u3f& eH% e0 EE9 U9 E9 }f0 t2& +3f0 f9EB" $
Ansi based on Dropped File
(~WRD0000.doc)
;r;sE}0 FtfE mM}9 EFFEM}}f& ~;E u-9 E9 Me9 0 E9 E0 Ef& f& Mf& }B9 EtE9 M9 u9 Um9 MH0 u0 Mu9EtfM 9 f9Mw9 M u4}u+e}uef9Muf0 EGfEEEf; 33f9E0 E 0 EI 0 M3;& {9 M?f; E30 U0 U0 U0 U9 U9 3## 9 4
Ansi based on Dropped File
(~WRD0000.doc)
;r;sE}_tfm@@M}GGEM}f~7}x+EMeE?EffMf}BEtEM}UmMH}Mu9EtfMf9MwMu4}u+e}uef9MufEFfEEEf;r#33f9EEEIM;fEufEEEEEfu3feH%eEEUE}ft2+3ff9EB$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;r;sE}FtfEmM}EFFEM}f~;Eu-EMeEEEffMf}BEtEMuUmMHuMu9EtfMf9MwMu4}u+e}uef9MufEGfEEEf;33f9EEEIM3;{M?f;E3UUUUU3##4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;rPuuct6+xwuuuYYujHPL3X8u;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t1C6VP*Y_^VD$tV5*Y^VW|$u~;wPt3_^UQeQMEUQeQMEUQe,QMEVjD$FhU^VhU+D$tVq)Y^jBT(u=eNpUfff(jk(upUN3@EtPfNEM=(VD$tV(Y^UQe}VEPuUt}^f^FEF^UQe}VEPuUtc^L^FEF^je]tt$t$r3jG]tt$t$3|$Vu3#)jt$FYYH`3^VFtPvf^USVWuEPu3;SuE;SuP;ujF;tP;thuSPF:EPWv}$u=WuYFEYPQF;tHx;u3@'N;tj~vv~3_^[]VvxUq\D$tV[^U``Ujlt%uUeMU}"&UQeVEPvD\tFjF[tvMxUHp3^VU'D$tV%Y^V]D$tV%Y^jl$u~U;3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t30 0 0 0 " f;
Ansi based on Dropped File
(~WRD0000.doc)
;t3MEPh@Vh$9ShsMEMEMEM EMEMDEMEM4EMM3@wj$MutU~tOMXeMLNUREPMEPV#u"ME=MM139uMEPEPMEMMj.!j/YM3u;tuM)Vj83+=sCPhhjFM$euWM\MPMKMPM:EPjhMEEPEPEPjNPEMEEPMM#AVpWt$Ntv6~!t_^T$BV0r0~!uVrpI^;QuAJ;uABT$Vp2p~!uVrpI^;QuAJ;QuAPBAVpWt$Ntv6~t_^T$BV0r0~uVrpI^;QuAJ;uABT$Vp2p~uVrpI^;QuAJ;QuAPBSV39uF8X!t@F8X!t<^[8Y!uA8X!tNN;uF@8X!tN8Y!uF^[D$V&W|$Fu_^UEVuEFENFEF F!^]VND$tVY^jjj8eYYuuEtuuuuumCujYjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t8EM;tzEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t9 9 3ME9 Ph@9 Vh$9 9Sh9 sME ME ME M E ME MDE ME M4E MM 3@wj$0 M9 u& tU~tOMX`eML`9 N9 UREP9 M9 EPV#u"ME= MM1 39u9 MEPEPM9 E MM 9 j.!9 j/Y9 0 M30 u;t0 9 uM9 )V9 j89 3& + 9 =sC9 9 PhhjFM$ e& u9 WM\: 9 M0 PMK: 9 M" 0 PM:: EPjh ME EPEPEPjNPEME EPMM# 9 AV9 pW9 t$N t9 v9 9 6 ~!t9 _^9 T$9 BV9 00 r9 0 ~!u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 B9 T$9 V9 p0 29 p ~!u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 B9 AV9 pW9 t$N t9 v9 9 6 ~t9 _^9 T$9 BV9 00 r9 0 ~u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 B9 T$9 V9 p0 29 p ~u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 BSV9 39u9 F8X!t9 @0 F8X!t<^[9 8Y!u9 9 A8X!t0 N9 N;u0 F9 @8X!t9 N8Y!u0 F^[9 D$V9 &W9 |$0 F& u9 9 0 _9 ^U9 9 EVu9 0 9 E0 F9 EN0 F`EF F!9 ^]V9 ND$tVY9 ^jjj8e9 YY0 u0 uE& tu9 uuuum9 CujYjj
Ansi based on Dropped File
(~WRD0000.doc)
;t9 EEP9 E9 URPEQ ;t(EP;t9 MMu9 n9 E9 PQu9 M wEP;t9 3CV9 9 L$n& t3t$9 L$l9 L$PlP9 f^|$V9 u3t$9 L$~lPt$9 ;^9 & t9 j9 T$9 30 H0 H0 P0 HjB9 0 uveY9 D$;Ar39 I9 9 D$;Ar39 I9 T$9 0 9 A9 T$;s"V9 t$;s9 A9 W9 :0 9 A0 <_^9 T$V9 9 F;r3"9 N+W 9 9PAPQN9 _^V9 9 F9 L$;rA9 VW
Ansi based on Dropped File
(~WRD0000.doc)
;t9 PQMEu9 EE;t9 PQEP9 EE;t9 PQE9 E;ER9 EE;t9 PQ9 EE;t9 PQ9 E;Et9 PQ9 M;tMMgqV9 ~pt/W~9 9 P 0 & tRt9 9 Pj9 _3^j2>N9 9 F<;Euj~9 9 P 30 ;t9~Rt9 9 PS9 " jX0 ~Rf0 EEd9 F<0 ];t9 SURSj?P MEPu9 u& 3~U9 W9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
;t`& 8E9 M;tz`E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
;tEEPEURPEQ ;t(EP;tMMunEPQuMwEP;t3CVL$nt3t$L$lL$PlPf^|$Vu3t$L$lPt$;^tjT$3HHPHjBuveYD$;Ar3ID$;Ar3IT$AT$;s"Vt$;sAW:A<_^T$VF;r3"N+W9PAPQN_^VFL$;rAVW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;tPQMEuEE;tPQEPEE;tPQEE;EEE;tPQEE;tPQE;EtPQM;tMMgqV~pt/W~P ttPj_3^j2>NF<;Euj~P 3;t9tPSjXfEEdF<];tSURSj?PMEPuu3UW}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;tSMMTETPEMTv;M<WETPE<PEM<Wv;ME<PEPEM,v;tVMM,EE,PEPE;tE,PEPEPM,EzMEMEM<EMT]MMMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;tu9 ]9 }EPEPM 3;t,9 C+CMPu& `9 M9 E0 E9 E9 <9 EEVPuM9utxS9 MM0 9 M39D$tPjjP"V9 R0 0 $3@30 00 X0 },0 }L0 }P9 ^Vt$9 Lt9 ^Q9 L$~9 D$0 Pj}U-L9 30 ]9]$ 9]( 9 } & t 9 E+ESP9 E+EPuuvS |MPM hME 9~DtM
Ansi based on Dropped File
(~WRD0000.doc)
;tu]}EPEPM3;t,C+CMPuMEEE<EEVPuM9utMMM39D$tPjjP"VR $3@30X,LP^Vt$Lt^QL$D$Pj}U-L3]9]$9](} t E+ESPE+EPuuv|MPMhME9DtM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;u0& u,hdqCjP3& t
Ansi based on Dropped File
(~WRD0000.doc)
;u0u,hdqCjP3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;u3PblUM0]&t3!VEPh\tj3Vhlt,t3^MWE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;u: 3PblU9 9 M0]&& t3!VEPh\tj3Vhlt,& & t3^9 MWE
Ansi based on Dropped File
(~WRD0000.doc)
;v+A;MXrEx3B4UXeUtU@XE0Ex0E@t0u<}0tELE%M$MJU$++|ElM0E 9EH$3EHM\*E%E|ED;rE$7;E`s=`M$+E`MhPM$Md<EDMHE<3+F;EXsM0U$y;EXr3Mu<3@3u33@u<H#E@;Lt+]L3FHN#u<;tuE@9U8/EHE,EHE;E49Ut}4tjjX3[_^PUQeVujjv(V EujXWSPEPuuujjjjuI(uFLtE8u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;V=g=o=u=z=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;YUOY_YY_,(O(2YY2 |SysPagerTrayNotifyWndShell_TrayWndSTATICEB m_WM_MESAGE_FROM_SYSTEM_TRAY4"App to Open guid: %sAppGuidnameparamsOpenAppCNotificationsFeed::ParseClickActionAction name: %s, FallBackUrl: %sfallback_urlactionMY_XML<XML>MY_XML</XML>click_actionDynamicDialogs4!ServicesIntervalSecErrorCountLastRequestTimeLastResponseTime.txt.zip.eb.ERROR_REPLYComIdtoolbarInprocServer32CLSIDIE_TB_IE_TB_CTEB_TB_NAMEAUTOUPDATEAutoTypeSoftware\EB_TB_NAME\toolbar\settingsSoftware\EB_TB_NAME\toolbar\settings\Updatehttp://hosting.conduit.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/tbedrs.dllhttp://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.comhttp://services.eb.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.qatoolbar.comDllOnUpdateFinish.dllPATHEB_CTIDtbedrs.dll|K;FFJ_DCMC"DJ\M?:/-hencoding=xml ?><?IEIsProtectedModeProcessieframe.dllChangeWindowMessageFilteruser32.dllfirefoxCSecurityAttributes::GetLowIntegritySecurityAttributescatching exceptionS:(ML;;NW;;;LW)#SetLayeredWindowAttributesTrayNotifyWndShell_TrayWndhttp://?-I+I-U+U-B+BUTF-8@q'M>mmmmTr*rp~~lwx;xxxxxx(("zYmDyxymyyusUB)xBxxmG]6fPEI m_WM_GENERAL_EVENTEI m_WM_SINGLETON_EVENTShell.Explorer=;ypDdxl}hXf:^BwDQ0Rnv\ohhA'[hpYhH&1hhhhhhxehh0ffOEP04P0P0P0buttonfacenonealpha(opacity=Y@pv0\XHb:nv4DohhA &hpYh1hhhhhhxlhhNJ5ffNh^BCWebBrowserDispatcher::ConnectAllHtmlEventsConnecting to Window Eventsres://CWebBrowserDispatcher::KillRefreshCheckerTimerCWebBrowserDispatcher::TimerProcidEvent: %d ,pSeed: %d CWebBrowserDispatcher::OnBeforeNavigatepWeb: %d , URL: %sCWebBrowserDispatcher::OnDocumentCompleteCWebBrowserDispatcher::DisconnectAllHtmlEventsCWebBrowserDispatcher::SetRefreshCheckerTimerEB_TimeStamp=Pragma:no-cacheCWebBrowserDispatcher::OnRefreshCheckTimerReady state: %dzlRNhDelementy8'M>x0h^%SOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionSHGetKnownFolderPathshell32.dllSoftware\Microsoft\Windows\CurrentVersion\Authentication\LogonUILastLoggedOnUserProfileImagePathSoftware\Microsoft\Windows NT\CurrentVersion\ProfileListIEGetWriteableHKCUSoftware\AppDataLowAppData\LocalLowwa+THREADID@LoggerWnd@@ExtraData@@TickCount@@ThreadFile@@DebugOnly@,.;:|*&/\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;YUOY_YY_,(O(2YYx2 " |SysPagerTrayNotifyWndShell_TrayWndSTATICEB m_WM_MESAGE_FROM_SYSTEM_TRAY4" " 0 "App to Open guid: %sAppGuidnameparamsOpenAppCNotificationsFeed::ParseClickActionAction name: %s, FallBackUrl: %sfallback_urlactionMY_XML<XML>MY_XML</XML>click_actionDynamicDialogs4 !ServicesIntervalSecErrorCountLastRequestTimeLastResponseTime.txt.zip.eb.ERROR_REPLYComIdtoolbarInprocServer32CLSIDIE_TB_IE_TB_CTEB_TB_NAMEAUTOUPDATEAutoTypeSoftware\EB_TB_NAME\toolbar\settingsSoftware\EB_TB_NAME\toolbar\settings\Updatehttp://hosting.conduit.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/tbedrs.dllhttp://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.comhttp://services.eb.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.qatoolbar.comDllOnUpdateFinish.dllPATHEB_CTIDtbedrs.dll| K;FF J _DCMC"DJ\ M?:/ -hencoding=xml ?><?IEIsProtectedModeProcessieframe.dllChangeWindowMessageFilteruser32.dllfirefoxCSecurityAttributes::GetLowIntegritySecurityAttributescatching exceptionS:(ML;;NW;;;LW)#SetLayeredWindowAttributesTrayNotifyWndShell_TrayWndhttp://?-I+I-U+U-B+BUTF-8@q'M>: mmmxxxmTrS*rxp~~lwx;xxxxxx(("zYmDyxymyy0 usUB ) xB xxmG ]0 0 60 f! 0 "!0 P"!0 EI m_WM_GENERAL_EVENTEI m_WM_SINGLETON_EVENTShell.Explorera! R=a;yR apDdx ala}h~Xaf:^: B xw: DaQ~0aRanva\ ~ ~oh~h~A"! '[ ~h~p~Yh~ ~"!Ha&1h~h~h~h~h~h~x"!eh~h~ ~ ~"! 0 ~ ~"!9 ~RR ffxO E" P0 4P0 P0 P0 buttonfacenonealpha(opacity=Y@p: ~v0\: XH: b:nv4: D ~ ~oh~h~A : & ~h~p~Yh~ ~: `1h~h~h~h~h~h~xalh~h~ ~ ~a N ~ ~aJS5ffx: : Nh~ : x^B xCWebBrowserDispatcher::ConnectAllHtmlEventsConnecting to Window Eventsres://CWebBrowserDispatcher::KillRefreshCheckerTimerCWebBrowserDispatcher::TimerProcidEvent: %d ,pSeed: %d CWebBrowserDispatcher::OnBeforeNavigatepWeb: %d , URL: %sCWebBrowserDispatcher::OnDocumentCompleteCWebBrowserDispatcher::DisconnectAllHtmlEventsCWebBrowserDispatcher::SetRefreshCheckerTimerEB_TimeStamp=Pragma:no-cacheCWebBrowserDispatcher::OnRefreshCheckTimerReady state: %d: zl: RNh~: : R DSelementRSSyS 8 'M>: x0h^%SOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionSHGetKnownFolderPathshell32.dllSoftware\Microsoft\Windows\CurrentVersion\Authentication\LogonUILastLoggedOnUserProfileImagePathSoftware\Microsoft\Windows NT\CurrentVersion\ProfileListIEGetWriteableHKCUSoftware\AppDataLowAppData\LocalLowwa+THREADID@LoggerWnd@@ExtraData@@TickCount@@ThreadFile@@DebugOnly@,.;:|*&/\
Ansi based on Dropped File
(~WRD0000.doc)
< 2KG(*"Y;[!FAUS@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <(<0<8<D<h<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <(<@<P<T<d<h<p<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<"<1<9<e=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<#=.=\=j=s=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<$<-<:<`<{<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<$<0<P<X<`<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<$<4<`<h<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<)=7===U=p=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<+t(<-t$:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<,<0<@<D<H<P<h<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<,<4<<<D<L<T<\<d<l<t<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<.<5<I<P<h<y<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
</alert_result>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</assembly>l*021R1X1111+262F2z2 2223s33_4x44& 55557788,9<999:=:k:~::;0;@;;;5<g<<<==? D0-0;0 0n1k2v22233(333E4U444M5S55C99:;u<????0X00 000z23(3S33334445S678S889t9:::L;<<==>a>n>>\?u????@)0T00 00000@1C222333}334424e4a444575R5" 55T6}6607J7U7 88*9b9 99K:X:_:o::;a;;#<`< <<:=O=: ==2>m>0 >>>>??P 000f11 111172]22i3x3}333"4=4T4s4444444F6777V8[88899::d::8;! ;;;.<5< <<=T===>>U>>>J?" ???`%0V12=2O2q22222!333333"!4~4,5A5U5u5! 5 55L66666677'737O7[7u77S77778]88*9n9z9 9999I:d:;;<Q<<<=\=m=x===='>o>>>?`????p 0]0|0051_11111
Ansi based on Dropped File
(~WRD0000.doc)
</assembly>l*021R1X1111+262F2z22223s33_4x4455557788,9<999:=:k:::;0;@;;;5<g<<<==? D0-0;00n1k2v22233(333E4U444M555C99:;u<????0X0000z23(333334445S678889t9:::L;<<==>a>n>>\?u????@)0T000000@1C222333}334424e4444575555T66607J7U788*9b999K:X:_:o::;a;;#<`<<<:=O===2>m>>>>>??P000f11111172]22i3x3333"4=4T4s4444444F6777V8[88899::d::8;;;;.<5<<<=T===>>U>>>J????`%0V12=2O2q22222!33333344,5A5U5u5555L66666677'737O7[7u7777778]88*9n9z99999I:d:;;<Q<<<=\=m====='>o>>>?`????p 0]0|0051_11111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</author>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</feed_id>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</KEY_ID>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</LANGUAGE_PACK>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</LOCALE>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</requestedPrivileges>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</script></head>); moveNextwindow.external.);
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</security>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</TRANSLATED_KEY>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</TRANSLATED_KEYS>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</TRANSLATION>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</trustInfo>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<0 <W8D0 }& t
Ansi based on Dropped File
(~WRD0000.doc)
<0<4<L<P<h<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<0<8<@<H<P<X<`<h<p<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<0<c<<<<P===!>D>_>>>>?G?j???@x0B0m001t1111-2R2222313}333G445F555-6X66!7q777q8@99:;;<<<=m===>O>}>>>?+?N?q???P0I0w0<1i111122%3`334;4`44445A5d55555+66666-7^7777858h888949g9990:c:::;(;K;z;;;A<<<<Q===>2>M>p>>>>+?V??`@0O000(1K111 2S2223C3|334#4g4445P5s5556G6j6667f7778D8g8889w9999:Z::::-;X;{;;;;"<E<h<<<<<<<<<<<==="=.=9=?=J=P=[=a=l=r=}================>>>>'>->8>>>I>O>Z>`>k>q>|>>>>>>>>>>>>>>>>?
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<0<c<x<<<P===!>D>_> >>>?G?j???@x0B0m001t1 111-2R2& 222313}333G445F555-6X6a6!7q7S77q8@99:; ;<<<=m=~==>O>}>>>?+?N?q? ??PS0I0w0<1i1}11122%3`334;4`44445A5d55555+69 6666-7^7777858h888949g9 990:c:S::;(;K;z;;;A<& <<<Q===>2>M>p>>>>+?V??`@0O000(1K111 2S2223C3|334#4g4445P5s5556G6j6667f7778D8g8 889w9a999:Z:9 :::-;X;{;;;;"<E<h<"!<<<<<<<<<<==="=.=9=?=J=P=[=a=l=r=}==}= =x============>>>>'>->8>>>I>O>Z>`>k>q>|> >> >~>>>>>>>>>>>>?
Ansi based on Dropped File
(~WRD0000.doc)
<1<:<@<V<g<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<1<C<U<g<y<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<3=Y=a=l=s=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<4<8<P<`<d<h<l<p<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<4<<<H<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<4_.hhhhh f
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<8<@<L<l<t<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<" ====&=.=6=Y=a=i=" R=" 0" ===========
Ansi based on Dropped File
(~WRD0000.doc)
<<"====&=.=6=Y=a=i="="0"===========
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<<.<5<I<P<h<y<<<<<<<<<<<<=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<<.<5<I<P<h<y<<`< <a<<<<<<<<=
Ansi based on Dropped File
(~WRD0000.doc)
<<1<C<U<g<y<9 <<<<??e??@,0u000-1`1::; <<<<<=6>?Px0012! 2s4 44444445555 5588.99x; ;;`<d<h<l<p<t<x<|< < <<="=o=>???????????????`h@5: 555b6w668 88*91999:[::$;R;p;;;;;;;;
Ansi based on Dropped File
(~WRD0000.doc)
<<1<C<U<g<y<<<<<??e??@,0u000-11::;<<<<<=6>?Px00122s4444444455555588.99x;;;`<d<h<l<p<t<x<|<<<<="=o=>???????????????`h@5555b6w66888*91999:[::$;R;p;;;;;;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<<<<<<<<<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<<<<<<<<',.-$*<<<<<<<<<<<8''
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<<<<<<<<<<<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<Obsolete>>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<<<w< <R< <~<<<<3=Y=a=l=s======>>>>>>3?H?X?? ?????`0030:0^00000001131<1Y1W2223,3:3C3l3`333333%4Q4Z4l40 4: 44445,5 5566b66666667D7K7" 7777778M8 :::::7<<<=+= = =====O>_>d>|>?9 ?"!??p0!030M0b0l0~00000000142J2_23355555e66666667)7 77788(8.8i8888%9>9G99:
Ansi based on Dropped File
(~WRD0000.doc)
<<<w<<<<<<<<3=Y=a=l=s======>>>>>>3?H?X???????`0030:0^00000001131<1Y1W2223,3:3C3l3333333%4Q4Z4l4444445,55566b66666667D7K77777778M8:::::7<<<=+=======O>_>d>|>????p0!030M0b0l0~00000000142J2_23355555e66666667)777788(8.8i8888%9>9G99:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel> </requestedPrivileges> </security> </trustInfo></assembly>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<`<q<<<#=.=\=j=s==='>4>\>>>>?!?)?6?T?^?g?r??????j00%1R111R2Y222/3444"4'474f4t4445
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<`<q<<<#=.=\=j=s==='>4>\>}> >>?!?)?6?T?^?g?r?! ?}? ???j00%1R111R2Y222/3444"4'474f4t4445
Ansi based on Dropped File
(~WRD0000.doc)
<`chhhhhGD?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<alert_result>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<ALERT_XML><TYPE>ALERT_USAGE</TYPE><MESSAGE><VERSION></VERSION><TYPE></TYPE><DATA></DATA></MESSAGE></ALERT_XML>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<base href="file://%s" />
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<C>G>K>O>S>W>[>_>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<F<K<_</==>|>>,?1?U?Z?t????????pS00011111111Q222222233)313A3J33333333?4L4s4z4425y555555+6>6Q6i6666667=7\7v7778B8Q88888K9a9m9x99999999999:K::::::: ;1;H;;;;<G<s<}<<<<<<<#=7=J===
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<F<K<_</=}=>|>"!>,?1?U?Z?t? ?0 ?a?????pS00011 111111Q2& 2`2 222233)313A3J33333333?4L4s4z4425y59 5 5555+6>6Q6i6}6"!66667=7\7v7: 778B8Q8R8888K9a9m9x9 99a99999999:K: :::::: ;1;H;! ;;;<G<s<}<<<<<<<#=7=J===
Ansi based on Dropped File
(~WRD0000.doc)
<feed_id>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<LANGUAGE_PACK>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<program name unknown>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<PROTOCOL_ID>%s</PROTOCOL_ID>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<qPA' %hW& o fxa^)"=Y
Ansi based on Dropped File
(~WRD0000.doc)
<qPA' %hWo fa^)"=Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<requestedPrivileges>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<S<_<k<z<z=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<script type="text/javascript">function
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<security>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<TRANSLATED_KEY>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<TRANSLATED_KEYS>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<TRANSLATION>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<XML>MY_XML</XML>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( p ~wp xf ! ]n} 0 2'
Ansi based on Dropped File
(~WRD0000.doc)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( pwpf]n2'
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( ~n\&xm{ra0\v}r%7h'e;jbkrgp\]e!} jep\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( ~~a~Rn\ &xS mR9 S{ra 0}"!0 \"!v}ar %7h'ex& ;0 jbk rgp& \a]Se!! } jepa\
Ansi based on Dropped File
(~WRD0000.doc)
= Ah8]SWK& t
Ansi based on Dropped File
(~WRD0000.doc)
= =$=(=,=0=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=(=,=0=4=8=<=@=D=H=N=Y=q=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=,=D=T=X=h=l=p=t=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =(=0=8=@=H=P=\=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =*=1=I=X=_=l=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =@=D=d=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
="=.=9=?=J=P=[=a=l=r=}=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
="=:=W=t=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=#='=+=R=>Y>}>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=$=,=4=<=D=L=X=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=$=,=4=@=`=h=p=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=$=0=P=\=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=(=:=\=n=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=)=9=I=P=W=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=,=4=@=`=h=p=t=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=,=@=L=T=l=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=0=8=D=d=l=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=0=@=D=H=P=h=l=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=0V uX_9 Mp^9 3[:Stj0,9X9 }3;u39 u9 9uS9 f#ujjEP9 QjjEP9 0 ]?jjEP9 E,jSMEgP= jSM0 EPP& jSM0 E9P MMM0 EM]SMM3@ XhR9WD 3D0 urD;uM3PXVuR;uMD9 VuDu=9 j[3W3M0 uUP uMM9 WtPM#P 9 3FjVu9 EeVM9 `WU9 (VWjEPj9 Y3}EPRE(9 Eu9 _^9 U9 SVWujj9 }9 59 SWju0 EuW uuW uWS_^[]9 D$& t9 H9 ;}0 0 PU9 }V9 t uu< & t}t
Ansi based on Dropped File
(~WRD0000.doc)
=0VuX_Mp^3[:Stj0,9X}3;u3u9uSf#ujjEPQjjEP]?jjEPE,jSMEgP=jSMEPP&jSME9PMMMEM]MM3@XhR9WD 3DurD;uM3PXVu;uMDVuDu=j[3W3MuUPuMMWtPM#P3FjVuEeVMWU(VWjEPjY3}EPRE(Eu_^USVWujj}5SWjuEuWuuWuWS_^[]D$tH;}PU}Vt uu<t}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=1>B>N>Z>f>v>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=3=?=L=Y=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=4=D=H=X=\=`=h=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=4=D=H=X=\=d=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=8=@=L=l=t=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=;}$k~\d9=B;|]~d=uFd^=uFdN=uFd>=uFd.=uFd=uFd=uFdvdjY~d`QEYF`[_^Ucsm9Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=<=H=P=h=t=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
== =*=1=I=X=_=l====
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
===;>W>>>>>>>??L????0&0/070=0M0Y0b0h0x00! 0 000000011%1K1X1& 111122*22#353 34 45K5 55566k6667d7" 77!8l8 8888899%989R9
Ansi based on Dropped File
(~WRD0000.doc)
===;>W>>>>>>>??L????0&0/070=0M0Y0b0h0x000000000011%1K1X1111122*22#3533445K555566k6667d777!8l88888899%9899
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=?>E>K>P>^>q>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=[;V)MY-NSPI T*AD(^H
Ansi based on Dropped File
(~WRD0000.doc)
=[;V)MY-NSPIT*AD(^H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=Ah8]SWKt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=O>_>d>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=t& u$t f0 5x T 5P& 5h5X5H58;M& teh 5 YP tHhj9 9 YY& t4V5P 5_Y& tjVyYYDN0 3@$3_^9 U9 VW3u9 Y& u'9vV| ;v9 u9 _^]9 U9 VW3juul9 & u'9vV| ;v9 u9 _^]9 U9 VW3uu9 YY& u,9Et'9vV| ;v9 u9 _^]jh C39 ]3;" ;uWWWWW S=|u8jMY0 }SEMY0 E;t9 s0 u9 uE%9}uSW54 9 9 39 ]9 ujKY9 U9 WW| u0`w& t_]9 U9 eu5X dh]9 U9 hXW0& thHWP<& tu]9 U9 uYujLYj<KY9 U9 V9 9 & t;ur^]9 U9 V9 u3& u9 & t;ur^]9 U9 = Vth V!Y& t
Ansi based on Dropped File
(~WRD0000.doc)
=t33@9 e% eUEeU89 U9 30 E9 ESV3WEN@0 00 p0 p9u F9 9 X9 }9 <9 H9 0 }9 e9 9 ]<0 00 P0 H;r;sE30 89]tr;rs3C0 p& tA0 H9 H9 U3;r;s3F0 X& t@9 MHe?9 <9 P9 9 U0 0 x0 X40 U;r;sE}0 0tO3;rs3B0 H& tC0 XME}! 3&9 H9 0 P9 9 E0 H0 9pt & Xu09 09 xE9 0 04?9 H9 0 p0 H& tf9 Mf0 H
Ansi based on Dropped File
(~WRD0000.doc)
=t33@9 eeE9 Ej9 U9 3S0 E0 E0 ESSX9 5 PSZ+tQ30 E0 ]0 U0 M0 U0 E[Et\& t3@3["!39 U9 VuM3: 9 uPeFPo& YuPYxuFF9 M9 0 9 ``F```F u^8Mt9 E`p9 U9 VuMa9 E`9 u t9 9 `:t@` u`@ t6 et Et@` u9 H 80t9 }9 S`:[uH`
Ansi based on Dropped File
(~WRD0000.doc)
=t33@e%eUEeU8U3EESV3WEN@0pp9uFX}<H}e]<0PH;r;sE389]tr;rs3CptAHHU3;r;s3FXt@MHe?<PUxX4U;r;sE}0tO3;rs3BHtCXME}3&HPEH9ptXu00xE04?HpHtfMfH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=t33@eeEEjU3SEEESX5 PZ+tQ3E]UMUE[Et\t3@3[3UVuM3uPeFPoYuPYxuFFMFFu^8MtE`pUVuMEut:t@u@t6etEt@uH80tS:[uH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=tu$tf5xT5P5h5X5H58;Mteh5YPtHhjYYt4V5P5_YtjVyYYDN3@$3_^UVW3uYu'9vV|;vu_^]UVW3juulu'9vV|;vu_^]UVW3uuYYu,9Et'9vV|;vu_^]jh C3]3;;uWWWWWS=|u8jMY}SEMYE;tsuuE%9}uSW543]ujKYUWW|u0`wt_]Ueu5Xdh]UhXW0thHWP<tu]UuYujLYj<KYUVt;ur^]UVu3ut;ur^]U=VthV!Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=xu9 M%:P9 C9 ^9 uj9 "!PEP9 Mjh19 E=9 t9P9
Ansi based on Dropped File
(~WRD0000.doc)
=xuM%:PC^ujPEPMjh1E=t9P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=|PvFjtCvv9N tWtN WPN`tWtN`WP_^jh3EjHt\HM?veEPMEePEMEsMMv~t3@NtPXh,YMEtf3vMF0Njjjvt:MuME3QMMMfu32jhX139^`NM)u]3}M]KEPMER;,PMPjhhM%EPEPMEMME)MMEM6FdM;twEPyu3j .+YME;tjv3PS5(v-h*YME;tWEPEP3F`ME8MEhM]&>MMs[1j.v0f`6j {*YMetjTu3Pj5(v1j('03]9]tEMj5M]EPMEIM]j59]t!MoEPMEE"MNEPMEEEEteM?E]tM.MM5,0VD$tVF0Y^D$Vt6y@u0I t%pt"vVRVp9V0Y33@^I Vt'D$pu3@Vp8V/Y3^VN`tjvjv*^j\.}u~MqeMRuVW/YMj5MEEPMEKMEtV/Y"ME~ENURPNPleEPMD4PMMt9NEMUMPSMtjejj'YEEtNPtMPEP3PMEEPS}`u}tVEO`tVAuV-YMEMEMM)p-D$Vt"~@u@N$PRtP33@^j)t,ME3;9Y@x;9Y9Yh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >(>0>8>@>H>P>\>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >(>0>8>@>H>P>X>`>l>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >(>0>8>D>d>l>t>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >0>4>8><>D>\>`>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>$>,>8>X>d>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>$>??)?a?n?0 ???? '070`00002)2I2^2t22223#3 333333333
Ansi based on Dropped File
(~WRD0000.doc)
>$>??)?a?n?????'07000002)2I2^2t22223#3333333333
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>$>H>h>p>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>'>->8>>>I>O>Z>`>k>q>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>(>,>D>H>`>d>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>*>6>C>J>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>+>8>G>X>y>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>,>0>@>D>L>d>t>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>,>8>X>`>l>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>,?1?U?Z?t?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>/?;?R?a?j?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>0 :10* H
Ansi based on Dropped File
(~WRD0000.doc)
>0 uf93u >jEPh C PuWS0 EE9 Eu(Y9 U9 j@uu(]=H C \$9 D$% = u<$f9 $ffd$& ~D$f(Vf(f(fs4f~fTVfftL=|}f=2fL$D$f.{$0 T$9 0 T$0 T$0 $ D$~D$ff(f=|%=2fTVXfL$D$VfVfTVf\$D$jhAK9 ]& uurY9 u& uS Y=|& 30 }! `j wY0 }SwY0 E; ~;5lwIVSP|& t0 ]5V\Y0 E;t'9 CH;r9 PSuIS[w0 ESPw9}uH;u3F0 u0 uVW54$ 0 E;t 9 CH;r9 PSuSu4wE.}u1& uF0 uVSj54 9 9 u9 ]juY9 }& & 9=St,V Y& &
Ansi based on Dropped File
(~WRD0000.doc)
>5>B>U>t>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>8>@>H>P>X>`>h>p>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>8>@>H>T>t>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>:>@>\>t>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
><>D>L>T>\>d>p>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>>" ?%?-?" 4P?" ps?" S ?~??" " (?????@tP" `@ @(@K@S@" v@@R@ @" " \@@@@@@@A" (A0A8ACAKAUA}A" AA" AA" PABB" 6B" [BcBkB" }B B~B" (BBB" dB" C" :CSC[CcC" C}C" <CCCC" p" DCD%D-D" $XDPDqDyDD0 D D"!DD" DDDDDDE$E,E" " OEhEpExE EEEEE" `@R" SEEEFFF6F>F" aFiFqF{F" H" FFFFFFFFG" *G2G:GBGJGzG G" D" SGGGGG"
Ansi based on Dropped File
(~WRD0000.doc)
>>"?%?-?"4P?"ps?"???""(?????@tP"`@ @(@K@S@"v@@@@""\@@@@@@@A"(A0A8ACAKAUA}A"AA"AA"PABB"6B"[BcBkB"BBB"(BBB"dB"C":CSC[CcC"CC"<CCCC"p"DCD%D-D"$XDPDqDyDDDDDD"DDDDDDE$E,E"" OEhEpExEEEEEE"`@"EEEFFF6F>F"aFiFqF{F"H"FFFFFFFFG"*G2G:GBGJGzGG"D"GGGGG"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>>:>@>\>t>>?7?A?y??????? 00 0.090@0[0`0h0n0u0{000000000000000000111#1(13181E1S1Y1f1111111'202<2u2~22223$3Q3Z333333394A4T4_4d4t4~4444444444
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>>:>@>\>t>a>?7?A?y??????? 00 0.090@0[0`0h0n0u0{0 000 0S0000000000000111#1(13181E1S1Y1f1 1R11111'202<2u2~2`2223$3Q3Z3! 33333394A4T4_4d4t4~4& 44"!4444444
Ansi based on Dropped File
(~WRD0000.doc)
>>=>V>>>F?O?U??p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>`>p>1?K?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>faarheeUSE SYSTEM CHARSETB)$Bxxwm "EB m_WM_MESAGE_FROM_STATIC_BUTTONCRYPMSCF$\%''4'A'X'FDIDestroyFDIIsCabinetFDICopyFDICreateCabinet.dllincompatible versionbuffer errorinsufficient memorydata errorstream errorfile errorstream endneed dictionary`4T4H484,4443?? unzip 0.15 Copyright 1998 Gilles Vollant `PTsRp0P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>L>b>n>z>#?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>lME2lME&lud9 Mh;tU9 Ml; \ERtAtjj9 M`XVhx*P1up9 =9 ME
Ansi based on Dropped File
(~WRD0000.doc)
>lME2lME&ludMh;tUMl;\ERtAtjjM`XVhx*P1up=ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>openiexplore...EB m_WM_MESAGE_FROM_VIEW_RECENT_WINDOW4G6fHCAutoUpdateThread::ThreadFuncAutoUpdateexception caught.DllRegisterServer`vhSDeleteNoRemoveForceRemoveValBDMS{1D3B35E5-93C0-490d-90CA-153E78A17FF2}INSTANT_ALERT_RESULT_FORCE_HANDLEINSTANT_ALERT_RESULT_TRY_TO_HANDLEINSTANT_ALERT_RESULT_HANDLEMessage not found. Message type: %d, Message Id: %dApp Exists reply, MessageId: %dNumber of params is different from 1No Dspid paramsCConduitAlert::OnPendingNotificationReplyH}`Z$=H<ui';Z>CConduitAlert::RunAlert\:4u<ALERT_XML><TYPE>ALERT_USAGE</TYPE><MESSAGE><VERSION></VERSION><TYPE></TYPE><DATA></DATA></MESSAGE></ALERT_XML>typevaluekeydataTYPE8}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>U9 V9 v& u32EPv@ & t9 E& t9 M+M0 9 E& t9 M+M0 3@^9 D$Pq0 jXf<9 ~xu3P 9 0 ePe9 0 ejh|9 *9 NxM4=V9 : D$tVP=Y9 ^U9 QV9 }{& &
Ansi based on Dropped File
(~WRD0000.doc)
>uf93u >jEPhCPuWSEEEu(YUj@uu(]=HC\$D$%=u<$f$ffd$~D$f(Vf(f(fs4f~fTVfftL=|}f=2fL$D$f.{$T$T$T$$D$~D$ff(f=|%=2fTVXfL$D$VfVfTVf\$D$jhAK]uurYuuSY=|3}jwY}SwYE;;5lwIVSP|t]5V\YE;t'CH;rPSuIS[wESPw9}uH;u3FuuVW54$E;t CH;rPSuSu4wE.}u1uFuVSj54 u]juY}9=t,V Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>UVvu32EPv@tEtM+MEtM+M3@^D$Pq0jXf<~xu3PePeejh|*NxM4=VD$tVP=Y^UQV{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>Y>}>>>>>?)???0.0@0Z0x00"11111I45:6J6Q6X6_6f6m6t6{66666666677N7}7778I8|888989?9F9M9T9[9b9i9p9w9~999999:6:2;a;;P<r<<<==2>p>>>>>>0?T?????x(0=0L0c0w0000B1G1S1X1d1 2<2A2j2222233-4Z444444455I66677P78889^99R:;<W<w<<x==%?@???;0K000001I1e11111222444^5g5m556
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>Y>}>}>"!>>>?)???0.0@0Z0x00"11111I45:6J6Q6X6_6f6m6t6{6 60 66 6666677N7}7778I8|888989?9F9M9T9[9b9i9p9w9~9& 99"!999:6:2;a;;P<r< <<==2>p>>" >>>>0?T? ????x(0=0L0c0w0! 0"!00B1G1S1X1d1 2<2A2j2222233-4Z4`44444455I66677P780 889^99R:;<W<w<<x==%?@???;0K0`00001I1e1! 11112224`44^5g5m556
Ansi based on Dropped File
(~WRD0000.doc)
>~ openiexplore...EB m_WM_MESAGE_FROM_VIEW_RECENT_WINDOW4 G" 0 60 f! H CAutoUpdateThread::ThreadFuncAutoUpdateexception caught.DllRegisterServer `vh~SDeleteNoRemoveForceRemoveValBDMSR {1D3B35E5-93C0-490d-90CA-153E78A17FF2}INSTANT_ALERT_RESULT_FORCE_HANDLEINSTANT_ALERT_RESULT_TRY_TO_HANDLEINSTANT_ALERT_RESULT_HANDLEMessage not found. Message type: %d, Message Id: %dApp Exists reply, MessageId: %dNumber of params is different from 1No Dspid paramsCConduitAlert::OnPendingNotificationReplyH }` Z$= H<ui';Z>CConduitAlert::RunAlert\ : 4 u`<ALERT_XML><TYPE>ALERT_USAGE</TYPE><MESSAGE><VERSION></VERSION><TYPE></TYPE><DATA></DATA></MESSAGE></ALERT_XML>typevaluekeydataTYPE 8! ! }
Ansi based on Dropped File
(~WRD0000.doc)
>~faarheeUSE SYSTEM CHARSETB ) $B xxwm "!"EB m_WM_MESAGE_FROM_STATIC_BUTTONCRYPMSCF$\%''4'A'X'FDIDestroyFDIIsCabinetFDICopyFDICreateCabinet.dllincompatible versionbuffer errorinsufficient memorydata errorstream errorfile errorstream endneed dictionary`4T4~H484,4443~?? unzip 0.15 Copyright 1998 Gilles Vollant `PTsRp0P
Ansi based on Dropped File
(~WRD0000.doc)
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
? ?(?0?<?\?d?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
? ?0?4?<?T?d?h?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?!?(?,?0?4?8?<?@?D?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?!?)?6?T?^?g?r?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?#?7?V?u?z?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?$?(?@?D?\?l?p?t?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?$?<?L?P?`?d?h?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?$?D?L?T?\?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?&?,?7?=?H?P?U?_?k?v?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?&?5?B?\?c?w?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?(?0?8?@?H?T?t?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?(?0?<?d?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?,?0?D?H?X?\?`?d?h?l?t?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?,?4?<?D?L?\?p?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?,?8?<?@?D?H?P?T?`?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?.?=?B?c?h?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?4?<?D?L?T?\?d?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?<?\?d?l?t?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?<?D?L?T?\?d?l?x?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?<?H?h?t?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
??"?6?<?E?X?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
??0???z?0 ???? 0J0Z001p11112223+3m3364U4l40 445/5A5L5f5 566)666z778M9T9a9g9t99P:v:|:0 : :a:x:::6;U;_;& ; ;;+=/=3=7=;=?=C=G=K=]>w>>i??0/0_0}011b1 112q2222333$373S3344F4R4" 44445$585F5d556_6x6666677=7! 778'8v8 8R8888h9x999994:D:X: :;%;F;K;e;;;;;U<<<=A=" ===>^>>?Z? R4011W1i11112+2o2& 222393^3304F4 4" 55.67)7f778 88889999Q:]:::::.;;;;E<<<<<<.= ===%> >>>>>>6?0d0000 1'1:1l11N2233!3n33744:555Z67Y8999999
Ansi based on Dropped File
(~WRD0000.doc)
??0???z?????0J0Z001p11112223+3m3364U4l4445/5A5L5f5566)666z778M9T9a9g9t99P:v:|:::::::6;U;_;;;;+=/=3=7=;=?=C=G=K=]>w>>i??0/0_0011b1112q2222333$373S3344F4R444445$585F5d556_6x6666677=7778'8v888888h9x999994:D:X::;%;F;K;e;;;;;U<<<=A====>^>>?Z? 4011W1i11112+2o2222393^3304F4455.67)7f77888889999Q:]:::::.;;;;E<<<<<<.====%>>>>>>>6?0d0000 1'1:1l11N2233!3n33744:555Z67Y8999999
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
???&?,?7?=?H?P?U?_?k?v?|?! ???~??????????pt0000%0+060<0G0M0X0^0i0o0z0 09 0 0S0000000000001111$1*151;1F1L1W1]1h1n1y11`11: 1111111111112222#2)242:2E2K2V2\2g2m2x2~20 22a2222222222223333"3(33393C3O3Z3`3j3v33! 3 33333333333334
Ansi based on Dropped File
(~WRD0000.doc)
???&?,?7?=?H?P?U?_?k?v?|??????????????pt0000%0+060<0G0M0X0^0i0o0z00000000000000001111$1*151;1F1L1W1]1h1n1y11111111111111112222#2)242:2E2K2V2\2g2m2x2~2222222222222223333"3(33393C3O3Z3`3j3v33333333333333334
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
???0T0+7C77777&848B8O8]8888839j99:.;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
???0T0+7C7~7777&848B8O8]8 8: 88839j99:.;a;
Ansi based on Dropped File
(~WRD0000.doc)
?E8ETE,K$sjuDeTt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?j,Qu40T & t9 & ,@0 & 8P0 & @8ul@t-j^9@u''0 0?@'Y19 (9 D@t9 & 4 8u3$'' 9 & 8+& 0_[9 M3^RjhPB?9 Euo' T'3;|; r!F'0 8,'WWWWW9 9 9 L1tP}Y0 }9 D0tuuu.0 E&&0 8ME9 Eu6Y9 U9 V9 uWV
Ansi based on Dropped File
(~WRD0000.doc)
?j,Qu40Tt,@8P@8ul@t-j^9@u''0?@'Y1(D@t48u3$'' 8+0_[M3^RjhPB?Euo' T'3;|;r!F'8,'WWWWWL1tPY}D0tuuu.E&&8MEEu6YUVuWV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?kkkkkkkf/$&c.kkkkkkHT1PG`8kkkkk%DQ;, )_9kkkk95^2:`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?LV= Q3#M90+[
Ansi based on Dropped File
(~WRD0000.doc)
?LV=Q3#M90+[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?Zd;O n?,eX?# GG?@il7 ?3=Bz ?a w?/L[M " ? S;uDa?g 9E ?$#;1a9 z?aUY~S|_?/ & D?$?9'*?}d|FU>c{#Tw = :zc%C1<!0 8 G ;X ; EB"!u7.:3q#2IZ9! W 2hRxDY,%I-64OSk%Y}~ZW <P"NKeb }-x
Ansi based on Dropped File
(~WRD0000.doc)
?Zd;On?,eX?#GG?@il7?3=Bz?aw?/L[M?S;uD?g9E?$#;1az?aUY~S|_?/D?$?9'*?}d|FU>c{#Tw=:zc%C1<!8G;X;EBu7.:3q#2IZ9W2hRDY,%I-64OSk%Y}ZW<P"NKeb}-
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?{0?->6?4)?#?8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ & Aft#x }u}jPuujxu9 #! rXxtR99u2yr,9Yv'9 Q9 R& tu$Vu uPuuuQ u uu$PuuuQ 3@_^[]jhD9 @x& te3@9 eEM9 @|& tjhD5Y& te3@9 eE}h3lYU9 SQ9 E0 E9 EUu9 M9 m}sVW_^9 ]9 MU9 uQ[s]Y[9 U9 9 E3; tA-rHwj
Ansi based on Dropped File
(~WRD0000.doc)
@ 'S9 \$VhSrS9 t$YY& t& tB <hrSYY& t& t% hrSYY& t& t 30 ?t
Ansi based on Dropped File
(~WRD0000.doc)
@ 8~ )9 f8& fx& jpM]Q9 3f9X0 ]" 0 MM ME"KEPE9 0 ePEaTM =M ;0 E0 ]~uuMK9 ;tYMJEPVM E!M[9 3;~$VMJ;t39] QPM `F;|MEPE9 E;E|9 9]uEPM [MEOM ]0MM J3W j-a9 0 ueNif8f<9 Mj-h9 0 u9 F<e& tPf<NAM9
Ansi based on Dropped File
(~WRD0000.doc)
@ 9 U9 SVW: }9 ]3tjZttt tt9 #t$=t=t;u#tut9 }9 M9 ##0 E; 9
Ansi based on Dropped File
(~WRD0000.doc)
@ @> " h@
Ansi based on Dropped File
(~WRD0000.doc)
@ Aft#x}u}jPuujxu#!rXxtR99u2yr,9Yv'QRtu$Vu uPuuuQ u uu$PuuuQ 3@_^[]jhD@xte3@eEM@|tjhD5Yte3@eE}h3lYUSQEEEUuMm}sVW_^]MUuQ[s]Y[UE3;tA-rHwj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ d~tW 9 39 f9uB|jpML9 ejpMLME0 ?& t!W MEFMMF9 & EPEP9 3V9 FNtFh>fF"!9 ^V9 D$tVY9 ^U9 9 Ewy$& u 9 Mju9 M2]u 9 MzPu9 MCu9 M 6u9 M)9 M@u9 Mu9 M'@ ]$9 q~9 Vh9 ``9 D$ff0 F9 ^V9 |`D$tVY9 ^Vh9 `9 D$ff0 F9 ^V9 2`D$tVxY9 ^Vh9 0 9 D$ff0 F9 ^9 AV9 0 D$tV*Y9 ^j*.
Ansi based on Dropped File
(~WRD0000.doc)
@ h ( #g@ iX mp { | } ~ 0 0 " H ` x "! a : S ~ x8 P h ( @ X p z0 H ` }x 0@P`p 0@P`p 0@P`p
Ansi based on Dropped File
(~WRD0000.doc)
@ JV9 uh,sV sYY& t9 E& HhRsVnsYY& t9 E& HhlsVJsYY& t9 E& Hh\sV&sYY& uhsVsYY& t9 E& H}hSsVrYY& t9 E& ttHqhLsVrYY& t9 E0 [hsVrYY& t9 E& t?H<hsVxrYY& t9 E& t"H$hrV rYY& t9 E& tH 30 9 PQ3
Ansi based on Dropped File
(~WRD0000.doc)
@ SRfI0 rR1#Ax$S;AT: A"!0 1
Ansi based on Dropped File
(~WRD0000.doc)
@ ~& 9 39 f9& 9Y B|WpMN9 WpM0 ]N9 Wp(MEMME"!@& umM@& ua9 uEPEP9 M0 ]M?9 60 EjEPM7?PuM9 EGM]GM0 }G9 'ME GM]RGM0 }GW j .x9 9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
@& D@& DDr9 & H+j& ,PS& HP9 4T & B9 & ,& 8;R:9 & <+& 4;E L 0 & D & 9M M9 (9 D<+4& H;MsF9 " D& DAAf
Ansi based on Dropped File
(~WRD0000.doc)
@'S\$VhrSt$YYttB<hrSYYtt%hrSYYtt3?t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Unicode based on Runtime Data
(WINWORD.EXE
)
@8u@8u+@P0 E9 Y;uVEuVW~V9 _^[9 VW9 ;s9 & t;r_^9 VW9 ;s9 & t;r_^9 U9 39Ej hP4& u]3@|]=|uWS39dW9 =L ~3V9 5hh jv6j54C;d|^5hj54_[54%49 U9 eeSWN@;t
Ansi based on Dropped File
(~WRD0000.doc)
@8u@8u+@PEY;uVEuVW~V_^[VW;st;r_^VW;st;r_^U39EjhP4u]3@|]=|uWS39dW=L~3V5hhjv6j54C;d|^5hj54_[54%4UeeSWN@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@8~)f8fxjpM]Q3f9X]MMME"KEPEePETM =M;E]~uuMK;tYMJEPVME!M[3;~$VMJ;t39]QPMF;|MEPEE;E|9]uEPM[MEOM]0MMJ3Wj-ueNif8f<Mj-huF<etPf<NAM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@9 tI?uDhM7& u3EPMh MEEM& tjME^MERMMF9 N"j#Xg!9 EM0 EzueM#& u9 uMM'9 "MV& tMQu9 j0|%!9 9 EHw?}t9MpeEuP9 9 |& uMM 3`!MP9 MQMQ9 EPT& u/}tMEG9 uEP9 9 & tM& ujh@M}Ev,9 uEP9 9 & uME 9 MQMQ9 PLM9 EMEMM9 j VX9 u9 & & M2zeVM{& EP9 0EPME{M& j/j\%M HPM5f/t
Ansi based on Dropped File
(~WRD0000.doc)
@9E19E"9ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@9U6G8F1MYYYYYY>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
@9}E19}E"9ME
Ansi based on Dropped File
(~WRD0000.doc)
@:^/2B(.|uBV|j3B"_3B&)2B21ECA;GIF89a$!,$`$$Uq,#%;GIF89aR!,R6#zU%gN!'KOQD@h2biXX~;GIF89a/$zyzz{yzzzzyz{y{{{}~z~yyzzy!,/$@*\#FO&#DBIRhP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@:^/R2B(.|uBV|j3B" _3B&)R2B 21ECA;GIF89a$ !,$` " $$Uq,#R%;GIF89aR!,R6#zU%SgN!' KOQRD0 }` @h2: biXX~`;GIF89a/$ z " "!yz9 z { yz SzS~9 "!: ~zSzyz{~y{{{}~ z& & ~ y}" yz : " zy!,/$@*\ ! #FRO &#DB`IR hP!
Ansi based on Dropped File
(~WRD0000.doc)
@@AAL$u3f;@9 D$Pt$9 D$Pt$u9 D$Pt$9 D$Pt$U9 uuuu9 E]U9 uuuu9 E]U9 uuuu9 E]U9 uuuug9 E]jQ=9 0 uN9 "eN"N$E"N4E"NDEY}9 jQ9 0 u9 NDE/N4E{+N$Eo+NEc+MNW+ajdS|9 39]u
Ansi based on Dropped File
(~WRD0000.doc)
@@AAL$u3f;@D$Pt$D$Pt$uD$Pt$D$Pt$UuuuuE]UuuuuE]UuuuuE]UuuuugE]jQ=uN"eN"N$E"N4E"NDEYjQuNDE/N4E{+N$Eo+NEc+MNW+ajd|39]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@@t%PjV ^hP0h$P<& uh{9eS9 u9 }3hPf0 & & P]h& PVjh@Xe& P
Ansi based on Dropped File
(~WRD0000.doc)
@@t%Pjv@ ^VqW9 `9 & ~,S3& ~S9 & tPh C;|jWj9 [_^D$Vjjjj9 PvHd & tPN^9 D$-t+Ht!HtHt
Ansi based on Dropped File
(~WRD0000.doc)
@@t%Pjv@^VqW~,S3~StPhC;|jWj[_^D$VjjjjPvHdtPN^D$-t+Ht!HtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@@t%PjV^hP0h$P<uh{9eSu}3hPfP]hPVjh@XeP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@B u }^t9 E`p9 U9 9 EAz3@]3]9 U9 QQ}uutEPQo9 M9 E0 9 M0 HEPo9 E9 M0 9 U9 juuu]9 V9 & tVU@PVV: ^9 U9 jueYY]9 U9 juYY]9 U9 SVWuM9 }"!3;u+
Ansi based on Dropped File
(~WRD0000.doc)
@B:tOtMu9]u;u9 }u9 EjP\Xx06j"Y0 9 9 U9 QeS9 ]& u3aWru{& vn9 M9 E` tR:QuM`P t<:Qu7`P t&:Qu!`P t:QuE9}r?@IF@I<@I2@I(9 M9 E` t:u@AE9]r3_[+9 U9 9 UV9 ujX0 E0 U;uY5 >5S3;|;5 r'/50 5SSSSSQ9 W<& 9 `Hu40 4jwP0 ]; & 9]t7`@$EHjYtHu9 t0 U9 E0 E9 u!}40 c4SSSSS49 0 M;r0 EuK!Y0 E;u+434hjSSu9 0 D(9 E0 T,9 AHtt`I
Ansi based on Dropped File
(~WRD0000.doc)
@B:tOtMu9]u;u}uEjP\Xx06j"YUQeS]u3Wru{vnMEtR:QuMPt<:Qu7Pt&:Qu!Pt:QuE9}r?@IF@I<@I2@I(MEt:u@AE9]r3_[+UUVujXEU;uY5 >5S3;|;5r'/55SSSSSQW<Hu44jwP];9]t7@$EHjYtHutUEEu!}4c4SSSSS4M;rEuK!YE;u+434hjSSuD(ET,AHttI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Bu}^tE`pUEAz3@]3]UQQ}uutEPQoMEMHEPoEMUjuuu]VtVU@PVV:^UjueYY]UjuYY]USVWuM}3;u+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@D@DDrH+j,PSHP4TB,8;:<+4;EL D9MM(D<+4H;MsFDDAAf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@DebugOnly@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@d~tW3f9uB|jpMLejpMLME?t!WMEFMMFEPEP3VFNtFh>fF^VD$tVY^UEwy$u MjuM2]u MzPuMCuM6uM)M@uMuM'@]$q~Vh`D$ffF^V|D$tVY^VhD$ffF^V2D$tVxY^VhD$ffF^AVD$tV*Y^j*.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ExtraData@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@F^]Uf9MSuMTMQ3;uEHfw aVf9u^s)EPju-Et9MfqMjQjMQPREP EtE8]tMap[Uju<YY]Uf9MSuMEH3;uEHfwaf9Us)EPjuiEt=MfpEjPjEPhQEP EtE8]tMap[Uju<YY]USV33W9u];u"]]VVVVV};tuME9pu?fArfZw fArfZw CCGGMtBft=f;t6EPPEPPCCGGMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@h(#g@iXmp{|}~0H`x 8Ph(@Xpz0H`x 0@P`p 0@P`p 0@P`p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@j%?9 0 ute_9 FD& t4eMQP$& t}ujvDHvDXfDMNY?S9 V9 9 F<W3;tP& tv<Wv,WWWWWWWh~hW P0 F<& t9 = Vjv<h%xjv<3@_^[jlEM>hw(IY3S0 ]8& ;uE9 M;t[MrEPM0 ]MEjjEPEPME0 ]D9 5( 9 = 0 E0 E}t{EPjSSSEP& uhjSEPj t9 uv<& t=Sh5(v<9 5 }tEPESSSEP& uuTuX9]t<& MEM]MMy 3=V9 D$tV=Y9 ^ji<9 FPMW39F0u#9 M0 N,N4QPVh{PP(F00 FDMMW3@f=j<9 0 u^$9 ~S3ND0 }SME0 ~`0 ~d0 ~0 ~0 ~ 0 ~0 ~ME0 F9 j9 0 ~@PND9 jPjX'6Y0 EE;t9 N3M0 FEi9 <V9 9 N& t;h 9 9 Nh , 9 Nh 9 Nh 9 Njdc^jd;0 MMeM~EPMEM0e0 E& uEPMLjEN5Y0 EE& tMQ9 9 3E& t59 & u9 }D9 7SM& P9 9 9 j9 MEaE9 E;E qME#~MM};VW9 |$9 ;~u3@)~ t9 N 9 W& u9 N`& t
Ansi based on Dropped File
(~WRD0000.doc)
@j%?ute_FDt4eMQP$t}ujvDHvDXfDMNY?SVF<W3;tPtv<Wv,WWWWWWWhhWPF<t=Vjv<h%xjv<3@_^[jlEM>hw(IY3S]8;uEM;t[MrEPM]MEjjEPEPME]D5(=EE}t{EPjSSSEPuhjSEPjtuv<t=Sh5(v<5}tEPESSSEPuuTuX9]t<MEM]MMy3=VD$tV=Y^ji<FPMW39F0u#MN,N4QPVh{PP(F0FDMMW3@f=j<u^$S3ND}SME~`~d~~~ ~~MEFj~@PNDjPjX'6YEE;tN3MFEi<VNt;h9Nh,NhNhNjdc^jd;MMeM~EPMEM0eEuEPMLjEN5YEEtMQ3Et5u}D7SMPjMEEE;EqME#~MM};VW|$;~u3@)~ tN WuN`t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@JVuh,sVsYYtEHhsVnsYYtEHhlsVJsYYtEHh\sV&sYYuhsVsYYtEHhsVrYYtEttHqhLsVrYYtE[hsVrYYtEt?H<hsVrYYtEt"H$hrVrYYtEtH 3PQ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@LoggerWnd@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@M E8M0 hM@|5& t5EP9 ME?1& uE^xP9 4@9 5M>hM@65& t6EP9 ME0& uEP}?MEU8M@0 }J8Ep9 Ep;E\ ^h9 0& thx9 :Nx~0& uN9 0& u!~hh9 99 Q/P9 ?9 ]dTV9 9 6}2s& t9 j9 E`9 E`;EP 33@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
@ME8M0hM@|5t5EPME?1uE^xP4@5M>hM@65t6EPME0uEP?MEU8M@}J8EpEp;E\^h0thx:Nx0uN0u!hh9Q/P?]dTV62stjE`E`;EP33@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@PR,WUVu~wW3@3f8UURP0|}It3f^]UVu~wW3@3f8UURP4|}It3f^]UQQES3V;9^@u9^DURP]QHE;URhr]P9]9^@tCWjY;tX3WhrutWND/;tWY_9^DtYE;F<uQ9^(uLhhpjQEUR]P|!9]tF$PhruEPQEPQEPQ^[UQ}u3eVuW3uq<tk9}u,MQVP|uf}tQMQV|}u:MQVPH|,Et%uhrPu3GEtPQ3_^UQy<tA<URP|E3UQVuEj3Pu'tBE;t;URuP|9utuMFuEPQ3^UQQVW39}to9y<tjA<UR}}PQH;|QE;tURhrPE;tPQ;|)E;t"uVPQ$|9>t3GEPQ3_^UVuu@9h|ruKfYYtMtA3Q3Vuu!^]UVF<W3;UR}PQH|zE;tsURhr}P|UE;tNUR}PE;t.}S]RRP|^P~TEPQ[EPQEPQ_^Vt$t3&jhquPh_@@^j>5F<t(PMmvle\VMMM]Vt6W?t)h|hjN7_^UQeWEPu0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@RfIr1#Ax$S;ATA1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Rsvu`L2i]18E Px`ShX87Qc?ExQm>W3Y$:O.)D,4qz')Z^J2VF+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Rsv}u`L2}i]18E Px` S hX87Qc?ExQ& }m>W3Y$:O.)D ,49 qaz')Z^Jx2VF+
Ansi based on Dropped File
(~WRD0000.doc)
@ThreadFile@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@tI?uDhM7u3EPMh MEEMtjME^MERMMFN"j#Xg!EMEzueM#uuMM'"MVtMQu j0|%!EHw?}t9MpeEuP|uMM3!MPMQMQEPTu/}tMEGuEPtMujh@M}Ev,uEPuMEMQMQPLMEMEMMj VXuM2zeVM{EP0EPME{Mj/j\%MHPM5f/t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@TickCount@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@u9 9 3MEt
Ansi based on Dropped File
(~WRD0000.doc)
@u9 E9 #E#;u9 P0 EjY]9 M3 yjZtttt& t9 #t$= t=@t;u
Ansi based on Dropped File
(~WRD0000.doc)
@u@]3]UVeu;ueN^]dH;txu^]&zNHUeM3MEEEE@EMEdEEduQu"zEdPd5D$+d$SVW(3PuEEdPd5D$+d$SVW(3PeuEEdPd5D$+d$SVW(3PEuEEdPd5D$+d$SVW(3PEeuEEdMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@uE#E#;uPEjY]M3yjZttttt#t$= t=@t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@USVW}]3tjZttt tt#t$=t=t;u#tut}M##E;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@|33}jX" eVu}9 5 NN9 "!9 0 ]0 EyJB|& j3Y+@0 M& 9 E& T& |& u@|n9 "!jY# yNFe+3BL& 9 10 u9 19ur"9U& t+eL& 9 r0 u;rsEH9 U0 9 My0 M9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
@|33}jX" eVu}9 5" NN9 "!9 0 ]0 EyJB|& j3Y+@0 M& 9 E& T& |& u@|n9 "!jY# yNFe+3BL& 9 10 u9 19ur"9U& t+eL& 9 r0 u;rsEH9 U0 9 My0 M9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
@|33}jXeVu}5NN]EyJB|j3Y+@MET|u@|njY#yNFe+3BL1u19ur"9Ut+eLru;rsEHUMyMM!E@}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@~3f99YB|WpMNWpM]NWp(MEMME@umM@uauEPEPM]M?6EjEPM7?PuMEGM]GM}G'MEGM]GM}GWj .uu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[:&.;GIF89a]}|~Gt!],]]9VTM7B;-<]QK'A]>L5/I=S3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[<J hhhhhhY%$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[[t[P[$[ZZRZTZ,ZZY pY!xX"WxWyWzWWWxxxxxxxxxxx
Ansi based on Dropped File
(~WRD0000.doc)
[[t[P[$[ZZZTZ,ZZY pY!xX"WxWyWzWWWx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[doc]Alert.dll.LNK=0
Ansi based on Runtime Data
(WINWORD.EXE
)
[f0 <<f0 <r3VVhU
Ansi based on Dropped File
(~WRD0000.doc)
[f0 @@& <& <f0 @@<r9 & H+j& ,PS& HP9 4T & b9 & ,& 8;RZ9 & D+& 4;E ?@9M |9 D<+4j& H^;Ms<9 " DDf
Ansi based on Dropped File
(~WRD0000.doc)
[f<<f<r3VVhU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[f@@<<f@@<rH+j,PSHP4Tb,8;ZD+4;E?@9M|D<+4jH^;Ms<DDf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[G$"f}`/s(keb7W70{d{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[MEEPu9 E;Et9 PQ9 E;]t9 PQ9 EM;t9 PQ3 #jq="9 30 ]EPNP0 ];|_9]tZuM9]t:;tFX3PM9 E9 VURSPE |EP9 E];t9 PQ9 EM;t9 PQ"j ="9 & t6PM 9 Ee& t9 PQ9 E9 jPQ9 EM& t9 PQ"9 L$x3V9 9 & t&^V9 t$t$N}k3^jT>v!9 39]u~D9
Ansi based on Dropped File
(~WRD0000.doc)
[MEEPuE;EtPQE;]tPQEM;tPQ3#jq="3]EPNP];|_9]tZuM9]t:;tFX3PMEVURSPE|EPE];tPQEM;tPQ"j="t6PMEetPQEjPQEMtPQ"L$3Vt&^Vt$t$Nk3^jT>v!39]uD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[MS}0f0 0f0 V9 "!YSY[0f0 F0f0 V9 "!00f0 Ff0 V3_^9 U9 9 E& }]9 U9 SWuM9 E9 }3;t0 8;u+dNSSSSS8]t9 E`p39]t}|}$V70 ]7GGEPjV}& uf-uMf+u7GG9]u3V" Y& tE
Ansi based on Dropped File
(~WRD0000.doc)
[MS}0f0fVYSY[0fF0fV00fFfV3_^UE}]USWuME}3;t8;u+dNSSSSS8]tE`p39]t}|}$V7]7GGEPjVuf-uMf+u7GG9]u3VYtE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
\h0 @9 ;t*hW<;tMQ;u9 E;t0 W89 6Ul$ 30 & j`E9 0 M39 0 }0 ]T& u
Ansi based on Dropped File
(~WRD0000.doc)
\h@;t*hW<;tMQ;uE;tW86Ul$3j`EM3}]Tu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
\InprocServer32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
\StringFileInfo\%04X%04X\%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
\X\|[SUV9 t$3W; .9 F; #9 |$j_u9 0 |$0 \$j
Ansi based on Dropped File
(~WRD0000.doc)
\X\|[SUVt$3W;.F;#9|$j_u|$\$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]$& _9 F& 9 NHF0 F9 0 A9 F9 H 9 t0 (FN9 H;Hv0 (FtN 9 F& 9 NHF0 F9 9 @0 9 Aj3]& t9 \$j
Ansi based on Dropped File
(~WRD0000.doc)
]$_FNHFFAFHt(FNH;Hv(FtNFNHFF@Aj3]t\$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
](9 FWVpp9 u9 F0 (9 F`& u9 & 9 FHQVp9 ]9 Fxt9 F& 9 NHF0 F9 0 A9 F9 9 F& x9 HF0 F9 FH9 F9
Ansi based on Dropped File
(~WRD0000.doc)
](FWVppuF(F`uFHQVp]FxtFNHFFAFFHFFFHF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
])F\N9 \$Oj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]0 )F\N9 9 \$& Oj
Ansi based on Dropped File
(~WRD0000.doc)
]3;u/[VVVVV;}tE`pW};u/`[VVVVV}tE`pE9pu:fArfZw fArfZw CCGGft8f;t1MQPMQCPCGGftf;t+}tMap_^[UV3W95Tuo};uZVVVVV0XU;tfArfZw fArfZw GGBBf;tf;t+Vuuc_^]UuMkEMA%}tMapUjuYY]UjuYY]UQSV3;uYj^SSSSS0HW9]wYj^SSSSS0$39]f@9EwPYj"E"w]9]t]j-XfNEE3uEvW0EfAA@3E9]v;Er;Er3f3fIIffIfIGG;r3_^[U}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]9 M0 }0 E;uMM\9 !u9 o9 E3jZQ$39uY0 <~B9 MV[/9 & t-GPMn9 9 <0 9 9 <39u@PVW9 F;u|3GtV9 }P9 |^jh8$9 u:3CtTMSxaejh MRaESPERP][YYMREg9 }ESP MMSLjSSSj9 k 9 }EPv@ 9 E+E9 }0 EE+}]E5{%E
Ansi based on Dropped File
(~WRD0000.doc)
]9 U9 QQS9 ]VW330 };tG0 }rwjrY 4jrY& u
Ansi based on Dropped File
(~WRD0000.doc)
]:0kkkkkkkkk
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
];GIF89aQ!Q,~QQ&'/-#KE<!4H,I=9Q7?+%*Q JPA20Q;>"L61@MO(N
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
];r;u1h{u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
];r;u]u3S:YKC8tpCUt|D#M#u)eHD9#U#uEUiDMLD3#u#Mj _G}MT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
];r;uhS;#U#u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]]#]1]" `.Z]b]m]x]] ]x]]]" .@." ..^^" $/@#X/" h/x/V^" /y^" /^^" 0@<0" L0\0^___" 04_<_" 0" 01__g_o_w__! __ _x___
Ansi based on Dropped File
(~WRD0000.doc)
]]#]1]"`.Z]b]m]x]]]]]]".@."..^^"$/@#X/"h/x/V^"/y^"/^^"0@<0"L0\0^___"04_<_"0"01__g_o_w________
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]emu}"D ("K"nv~"""P"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]emu}& " " D (" K" nv~" " " P"
Ansi based on Dropped File
(~WRD0000.doc)
]f;Lf;Cf;5?f;wK3EE9fE}fEEEEEf}V33f9uH%E\3f;uFEu9Eu9EufEf;uFEu9Eu9EvE}EEMM~JMMDMeW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]f^vq(I!mwF)jP2AtgQE&M:ol1cBSNib+.;YV*LJT\sZ,hA"P@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]f^vq(I!m~wF)jP2AtgQE&M:ol1cBSNib+.;Y~V*LJT\sZ,hA" P@
Ansi based on Dropped File
(~WRD0000.doc)
]M}E;uMM\!uoE3jZQ$39uY<~BMV[/t-GPMn<<39u@PVWF;u|3GtVP|^jh8$u:3CtTMxejhMaEPEP][YYMEgEPMMLjSSSjk}EPv@E+E}EE+}]E5{%E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]UQQS]VW33};tG}rwjrY4jrYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
^2:`3ikkkkkM>Y
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
^GGPPSP5dYt!uPS5dYYYguuPS5dYYY;-uCS$sHH'kQ0GM t@tGGG@t3@t|su3}9~u!ut-RPSWs09~NE+Ftbt90tW0@?If8t@@u+(uI8t@u+\@t2t-t+t ++uSj [aYtuWSj0tf~bPjEPFPFx.u(9t MYuPY|tWSj mt&Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
^jEPuE uR$ 9} tjX
Ansi based on Dropped File
(~WRD0000.doc)
^jEPuEu$9}tjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
^UQeEPu,l#EVt$ttvjjR@^|$u)Vt$tvYtVR^VD$tVNY^|$Vu3jt$YYPH^jUhLut=M5eEPuMuu"t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_.d,$$$H8! <M@ YUO_YY_,i(^Yx2mxR$xxx S
Ansi based on Dropped File
(~WRD0000.doc)
_.d,$$$H8<M@YUO_YY_,i(^Y2mx$S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_.Ia_'t;ia_'an
Ansi based on Image Processing
(screen_0.png)
_9 Ft 90ujAPQ }t9 E`p3_^[9 U9 , 30 E9 ESVW9 }j^VMQMQp003;uSSSSS0 0'9 o9 E;v9 uu3}- +3;x+MQNQP3}- 3;xQ.;tuESPu9 Vu9 M_^3[v9 U9 juuuuu]9 U9 $VWuME3E0 9}}0 }9 u;u+" j^WWWWW0 0: }t9 E`p9 9}v9 E9EwWj"9 }9 0 E9 G9 S#3;& & & 9 Euju^PSW& t } 9 Map` ;-u-F0F}je $xFV7kYY& L} p@2% 3t-F9 ]0F& $x9 OF3'3u!09 O9 Fu0 U
Ansi based on Dropped File
(~WRD0000.doc)
_=-_---_=l_l\!x
Ansi based on Image Processing
(screen_9.png)
_^[9 U9 QV9 uV 0 E9 FY uGN =@t
Ansi based on Dropped File
(~WRD0000.doc)
_^[UQVuVEFYuGN =@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_^jNSa9 9 ]3E0 u~j[M& t
Ansi based on Dropped File
(~WRD0000.doc)
_^jNSa]3Eu~j[Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_____';_;:
Ansi based on Image Processing
(screen_0.png)
_______:.__--___._
Ansi based on Image Processing
(screen_0.png)
_________
Ansi based on Image Processing
(screen_0.png)
___`" 1%`-`5`" 1" D2X```n`|```````" l2aa" 21a" 2" 43Ta\adala~a ata}aaaaa" |3ab" 3)b1b9b" 3" L4\bfbnbvb bbbbbb" 4bb" 4c'c" 4LcTc_c" (5& cc" c" d5ccc" 5d" 5,d7dBdJd" 6pd" L6 d~dd" x6" 6dddddee(e3e" 7Ye" D7|e e" p7eee" 7eef" 7%f-f" 8Pf" P8sf" |8"!ff" 8ffff" 8" D9!g)g1g9gAgIggg" 9ogzg& gg: ggggg" 9g" :h'h" @:Mh" t:phxh" :" :: hhhhhhhi" 0;" ;#i+i6iAiLiWi i" ;i" ;ii" <iij" L<'j@j" <cjnj" < jSjj" <jj" ,=kk" `=6k>k" =ak" = kk" =k" (>kk" T>l" >+l" >Nl" >ql|l" ?P?X?~P,? ??d& @(@d Iey,=3k" t2#%&~(@(J(')0)@*C" CCF+**--1---& DDdd |2x3333-9I9{FFRjJnJ9 bYfio`
Ansi based on Dropped File
(~WRD0000.doc)
___`"1%`-`5`"1"D2X```n`|``````"l2aa"21a"2"43Ta\adala~aataaaaaa"|3ab"3)b1b9b"3"L4\bfbnbvbbbbbbb"4bb"4c'c"4LcTc_c"(5ccc"d5ccc"5d"5,d7dBdJd"6pd"L6ddd"x6"6dddddee(e3e"7Ye"D7|ee"p7eee"7eef"7%f-f"8Pf"P8sf"|8ff"8ffff"8"D9!g)g1g9gAgIggg"9ogzgggggggg"9g":h'h"@:Mh"t:phxh":":hhhhhhhi"0;";#i+i6iAiLiWii";i";ii"<iij"L<'j@j"<cjnj"<jjj"<jj",=kk"`=6k>k"=ak"=kk"=k"(>kk"T>l">+l">Nl">ql|l"?P?X?~P,???d@(@dIey,=3kt2#%&~(@(J(')0)@*C"CCF+**--1---&DDdd|23333-9I9{FFjJnJbYfio
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
___r___g__
Ansi based on Image Processing
(screen_5.png)
__clrcall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__fastcall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__qq_|_ x___q_qqqqq"q#q$q%q&|qD0@@@@@P@$@@ @4@N@ p+i@]%O@qC)@D@<Ix@oGAkU'9p|B~QCv)/&D(DJzEeF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
__restrict
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__stdcall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__suchanJ
Ansi based on Image Processing
(screen_0.png)
__thiscall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__unaligned
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
_Cun_'__C?_,0
Ansi based on Image Processing
(screen_5.png)
_EI CMyTitleBar ClassEI m_WM_MESSAGE_FROM_TITLE_BARB ) zyxximh<irfdihogmggwl6mB ) zyxximh<irm m=onmggwl6pmB ) zyxximh<irm mapnmggwl6pm`B ) zyxx"rJrmhlrsfdirtogm;qUwl6mxAEI CDialogChildShadowFrame Window ClasstB ) zyxxym~ {}wNzL{BUTTONCChildButton::OnMouseLeftKeyDownm_iLastMouseDownTime: %d8! ! X ,YOUOY_YY_,(O(2YYx2SR~lwx`xxxxxW`((`YRDyxy0 yy0 usU: R8! ! X ~ YOUO _YY ,(O(2YYx2EI CMovingFrame Classnew<base href="file://%s" /><head>onNavigateErrorinversePointerPositionbodyF(k $ , , v =9R dxl F: x^b /O- xw: S8 PtM %nv`Z ~ ~oh~h~AL/"! ~h~p~Yh~ ~8W1h~h~h~h~h~h~x$Fh~h~ ~ ~a ~ ~ ffxO E" x &x4 t" a ~isLocaleRtlwriteDebugStringlogUrlgetDataonclickLinkonSizeChangeisSupportedFunctiononCancelonAcceptgetValueByKey<$(ge Rs" 8{ ge(`3OgeJ]$8NULLnull `\u\/D6U&*truefalse\'M>: ge
Ansi based on Dropped File
(~WRD0000.doc)
_EI CMyTitleBar ClassEI m_WM_MESSAGE_FROM_TITLE_BARB)zyxximh<irfdihogmggwl6mB)zyxximh<irmm=onmggwl6pmB)zyxximh<irmmapnmggwl6pm`B)zyxx"rJrmhlrsfdirtogm;qUwl6mxAEI CDialogChildShadowFrame Window ClasstB)zyxxym~{}wNzL{BUTTONCChildButton::OnMouseLeftKeyDownm_iLastMouseDownTime: %d8X,YOUOY_YY_,(O(2YY2~lwxxxxxxW((YDyxyyyusU8X~YOUO_YY,(O(2YY2EI CMovingFrame Classnew<base href="file://%s" /><head>onNavigateErrorinversePointerPositionbodyF(k$,,v=9dxlFx^b/O-w8PtM%nv`ZohhAL/hpYh8W1hhhhhhx$FhhaffOEx&4tisLocaleRtlwriteDebugStringlogUrlgetDataonclickLinkonSizeChangeisSupportedFunctiononCancelonAcceptgetValueByKey<$(geRs8{ge(`3OgeJ]$8NULLnull`\u\/D6U&*truefalse\'M>ge
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_Ft90ujAPQ}tE`p3_^[U,3EESVW}j^VMQMQp003;uSSSSS0'oE;vuu3}-+3;+MQNQP3}-3;Q.;tuESPuVuM_^3[vUjuuuuu]U$VWuME3E09}}}u;u+j^WWWWW0:}tE`p9}vE9EwWj"}EGS#3;Euju^PSWt}Map;-u-F0F}je$xFV7kYYL}p@2%3t-F]0F$xOF3'3u!0OFuU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_jV(^9 9 Ee0 9 E0 9 E0 EP} C9 E$MM0 ^ 9 D$0 AL9 D$0 9 D$0 j)T]9 Ee0 At9 E0 Ax9 E 0 A|9 E$0 9 E(0 EPMM*4^$j)TM]9 Ee0 9 E0 S9 E 0 9 E$0 9 E(0 EPbMM]$9 D$0 9 I& tP U9 V9 9 N& ~EPEPR& 0 EPv@ & txS9 ^xt9 M+N|+M t9 E+E+E"!+9 N|9 N|Mt9 E+ +E$t9 E+E+E"!+ 9 EjPQ9 N[^U9 V9 9 N& EPEP& "!EPv@ & S9 ~St9 M+}+M&t9 E+E+E"!+9 }9 }Mt9 E+ +E$t9 E+E+E"!+ 9 EjPQ9 N[^U9 V9 v& tIt@WEPv@ jjuuq"9 & tjWvtW_^V9 9 FW9 = & tp& t9 Njjt$&9 F& tp& t9 Njjt$&_^U9 (SVE9 P9 Ps x & ukWj(3EWP e0 E9 C h WE0 }0 }0 E0 } j0 E9 0 E0 }g0 EEP| _f& u33@^[U9 V9 \;Fu`& tBEP< 9 E+EjP9 E+EPuuvS ^U9 V9 & & SWEPv< 9 ]9 }+]+}Vv jvSWuuh h|9 vPh SWjj0 R KSOWjj0 ER 9 }j9 SWW jWtW9 =Sj0 vSjjdj_[^U9 V9 9 N& tu9 uP8& u3#9 N& tu9 uP8& tu9 u0 ^]V9 D$tVlYY9 ^jNTOX9 39s& hORY0 E0 u;t9 z3M0 C30 u}9 0 E0 E9 0 ePs 9 Ks9 j9 u3VVPL9 V9 PX9 9 KVM9 KjmXjNTSW9 39s& hSQY0 E0 u;t9 3M0 C30 u}9 0 E0 E9 0 eP]s 9 Ks9 j9 u3VVPL9 V9 P\9 9 KVa9 KjWj0qTV9 9 }9 W& u
Ansi based on Dropped File
(~WRD0000.doc)
_jV(^EeEEEPCE$MM^ D$ALD$D$j)T]EeAtEAxE A|E$E(EPMM*4^$j)TM]EeEE E$E(EPbMM]$D$ItP UVNEPEPEPv@txS^xtM+N|+M tE+E+E+N|N|MtE++E$tE+E+E+EjPQN[^UVNEPEPEPv@StM++M&tE+E+E+MtE++E$tE+E+E+EjPQN[^UVvtIt@WEPv@jjuuq"tjWvtW_^VFW=tptNjjt$&FtptNjjt$&_^U(SVEPPs xukWj(3EWPeEC hWE}}E}jEE}gEEP|_fu33@^[UV\;Fu`tBEP<E+EjPE+EPuuv^UVSWEPv<]}+]+}Vv jvSWuuhh|vPhSWjjKSOWjjE}jSWWjWtW=Sj0vjjdj_[^UVNtuuP8u3#NtuuP8tuu^]VD$tVlYY^jNTOX39shORYEu;tz3MC3u}EEePs Ksju3VVPLVPXKVMKjmXjNTW39shQYEu;t3MC3u}EEeP]s Ksju3VVPLVP\KVKjWj0qTV}Wu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_MGijWv0 F,vMM3@3U9 D$;At;At;At;At;At33@S9 \$& t<V9 sa9 & ~-W3& ~W9 6 & t9 j9 G;|jVj9 _^[jD0 M39u $9 Ma; 9 MV" 9 ; h,yY9 0 M0 u;t9 MGPNGPN0 EHWNHMu3ECPM0 ]\2PNxEM]
Ansi based on Dropped File
(~WRD0000.doc)
_MGijWvF,vMM3@3UD$;At;At;At;At;At33@S\$t<Vsa~-W3~W6tjG;|jVj_^[jDM39u$Ma;MV;h,yYMu;tMGPNGPNEHWNHMu3ECPM]\2PNxEM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_nextafter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
_S_qq _|_ x_ _R_q _qqqqSq"q# q$q%q&|q D 0@@@@S@P@$@ @ @}4@N@ ~p+i@]%}O@q " C)~@D @<Ix@oR G A& kU'9p|B}~QCv)/ &D(DJz" Ee F
Ansi based on Dropped File
(~WRD0000.doc)
_THREADID.log
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
_TrackMouseEvent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
_yly_L______e
Ansi based on Image Processing
(screen_5.png)
_yly_L_____e
Ansi based on Image Processing
(screen_9.png)
` @PX S;x8Qh(HPTUS+t4Q
Ansi based on Dropped File
(~WRD0000.doc)
` @PXS;x8Qh(HPTUS+t4Q
Ansi based on Dropped File
(~WRD0000.doc)
` 0 wu< u9]tj+MdjPM}u&SMEEEPM0 ]uMhMuYPMuMF;7RV9 MEP)MEEMEM]9 Ej"!C9 0 ueN u9 E9 pV9 D$tV`Y9 ^9 V9 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
` @PXS;x8Qh(HPTUS+t4Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`"!9 9 u& u3_eEPMoej,EjPnuMp9 E0 E9 E0 E9 E0 EEP9 0 uMM9 h9 j`=`0 M9 }3;u
Ansi based on Dropped File
(~WRD0000.doc)
`0 ES& & EST9 & gkMS9 0 M f9r9 }EM0 EP
Ansi based on Dropped File
(~WRD0000.doc)
`8@4@9 ;rE9= |9 = e& ~m9 E9 tVtQ`tKuQ & t<9 u9 4& 9 E9 0 `FhFPa\YY& FECE9}| 39 59 tt N rF& ujX
Ansi based on Dropped File
(~WRD0000.doc)
`8@4@;rE9=|=e~mEtVtQtKuQt<u4EFhFP\YYFECE9}|35ttNrFujX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`9 ^~^9 D$& }|$tt$0|Y39 T$V9 & ~.W9 k!3:9 ~9 k!3z9 & _9 ie9 X]^qq}YY& t3v9 `V9 9 L$PNh" ^9 9 L$i& uVWt$r9 >P9 W_^Vq9 L$W9 >RP9 W_^V9 9 L$#& t3t$dPN% ^}Z}9 `j 6 v9 0 uSeN x MN Cwji^v9 F PMs ueu9 MMs wjiv9 F PM4 ue9 MM9 5 9 vjiu9 F PMueN9 PMM0 vjiu9 F PMueN9 PMMLvjBeu9 0 u`ej
Ansi based on Dropped File
(~WRD0000.doc)
`9 MEF9 M`E
Ansi based on Dropped File
(~WRD0000.doc)
`9 u|_3GWu|P0 E|& hLkY0 E`e& t9 `3W9 0 e`Sh|9 0 ]0 7v9 }9 Wu|P`MP(ShP9 Md0 }a7EPPEdPEYYMdEx19 }9 UPRPPMP0 ]& 1t~MSMPEE(Sh`MdE/7EPPEdPEmYYMdE419 }EPPct9 }h" ~tMPE1MS0 ]M@'M0E'Sh`MdE6E0PEdPEYYMdE0M@E@PMEVM@)& uM@'PM03M0'9 =PhvM@'Sh(`MdE
Ansi based on Dropped File
(~WRD0000.doc)
`=```a9aaabAbabbc1cjcccdRd{ddd>eaeRee
Ansi based on Dropped File
(~WRD0000.doc)
`=```a9aaabAbbbc1cjcccdRd{ddd>eaeee
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`@0 E0 }9 9 9 & DWY& uME9 ECj#Y9 U9 30 EV395 tO= "!uI "!upVMQjMQPx& ug= uPxu0 5 VVjEPjEPV|P 9
Ansi based on Dropped File
(~WRD0000.doc)
`@E}DWYuMEECj#YU3EV395tO=uIupVMQjMQPxug=uPxu5VVjEPjEPV|P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`^^D$}|$tt$0|Y3T$V~.Wk!3:~k!3z_ieX]^qqYYt3v`VL$PNh^L$iuVWt$r>PW_^VqL$W>PW_^VL$#t3t$dPN%^Z`j6vueN xMNCwji^vF PMsueuMMswjivF PM4ueMM5vjiuF PMueNPMMvjiuF PMueNPMMLvjBeuuej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
``0 HV9 9 PD9 j9 PH^V9 9 F& tPf^t$t$t$qV9 v& tt$jv ^t$t$jqq 33j<99 M>ueuMvMM9 G9 Y:j<r9MueuMuLMMF:9 D$0 A9 A3+t8HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
``HVPDjPH^VFtPf^t$t$t$qVvtt$jv^t$t$jqq33j<9M>ueuMvMMGY:j<r9MueuMuLMMF:D$AA3+t8HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`BYnYntancossinmodffloorceilatanexp10acosasinloglog10exppow(null)(null)EEE50P( 8PX700WP `h````xpxxxx Complete Object Locator' Class Hierarchy Descriptor' Base Class Array' Base Class Descriptor at ( Type Descriptor'`local static thread guard'`managed vector copy constructor iterator'`vector vbase copy constructor iterator'`vector copy constructor iterator'`dynamic atexit destructor for '`dynamic initializer for '`eh vector vbase copy constructor iterator'`eh vector copy constructor iterator'`managed vector destructor iterator'`managed vector constructor iterator'`placement delete[] closure'`placement delete closure'`omni callsig' delete[] new[]`local vftable constructor closure'`local vftable'`RTTI`EH`udt returning'`copy constructor closure'`eh vector vbase constructor iterator'`eh vector destructor iterator'`eh vector constructor iterator'`virtual displacement map'`vector vbase constructor iterator'`vector destructor iterator'`vector constructor iterator'`scalar deleting destructor'`default constructor closure'`vector deleting destructor'`vbase destructor'`string'`local static guard'`typeof'`vcall'`vbtable'`vftable'^=|=&=<<=>>=%=/=-=+=*=||&&|^~(),>=><=</->*&+---++*->operator[]!===!<<>> delete new__unaligned__restrict__ptr64__clrcall__fastcall__thiscall__stdcall__pascal__cdecl__based(eeeee ee etehe~` ` ```D``eXe^TePeLeHeDe@e4e0e,e(e$e eeeeeeeeedddddddddddddddddddSddxdldXd8ddccc cxcTc4ccbbbbbbbRb|b`b@bbaaSa a\a8aa``~GetProcessWindowStationGetUserObjectInformationAGetLastActivePopupGetActiveWindowMessageBoxAUSER32.DLL EEE& & & 00 P ('8PW 700PP ( `h`hhhxppwpp ((((( H h(((( H H & ! 0 `9 R} " "!a: S~x
Ansi based on Dropped File
(~WRD0000.doc)
`BYnYntancossinmodffloorceilatanexp10acosasinloglog10exppow(null)(null)EEE50P( 8PX700WP `h````xpxxxx Complete Object Locator' Class Hierarchy Descriptor' Base Class Array' Base Class Descriptor at ( Type Descriptor'`local static thread guard'`managed vector copy constructor iterator'`vector vbase copy constructor iterator'`vector copy constructor iterator'`dynamic atexit destructor for '`dynamic initializer for '`eh vector vbase copy constructor iterator'`eh vector copy constructor iterator'`managed vector destructor iterator'`managed vector constructor iterator'`placement delete[] closure'`placement delete closure'`omni callsig' delete[] new[]`local vftable constructor closure'`local vftable'`RTTI`EH`udt returning'`copy constructor closure'`eh vector vbase constructor iterator'`eh vector destructor iterator'`eh vector constructor iterator'`virtual displacement map'`vector vbase constructor iterator'`vector destructor iterator'`vector constructor iterator'`scalar deleting destructor'`default constructor closure'`vector deleting destructor'`vbase destructor'`string'`local static guard'`typeof'`vcall'`vbtable'`vftable'^=|=&=<<=>>=%=/=-=+=*=||&&|^~(),>=><=</->*&+---++*->operator[]!===!<<>> delete new__unaligned__restrict__ptr64__clrcall__fastcall__thiscall__stdcall__pascal__cdecl__based(eeeeeeeetehe`````D``eXe^TePeLeHeDe@e4e0e,e(e$e eeeeeeeeedddddddddddddddddddddxdldXd8ddccccxcTc4ccbbbbbbbb|b`b@bbaaaa\a8aa``GetProcessWindowStationGetUserObjectInformationAGetLastActivePopupGetActiveWindowMessageBoxAUSER32.DLLEEE00P('8PW700PP (`h`hhhxppwpp ((((( H h(((( H H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`copy constructor closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`default constructor closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`dynamic atexit destructor for '
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`dynamic initializer for '
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`EEBE3NpEN`ENPEN<EN,ENENE$`jD_}Mh,oMQkePMM}Mh Lo?h3EEPMujhMEMEzPMEP/nMQkME3EPMEMEMMF;uk3@3_jH^M3;u3VegE];@uMk;EPfhM]tHEPXjPEM]WhhMtAEPiPERM]2t^hPhM<tFEPiPEM]ith8:MM?EE;E3@7^jhAP]Mu3eeEuMMjEPxeehMkt=EPhMEM&uM-tMFh|Mt=EPhMEMuMtMh`Mt=EP@hMEWMuM|MhDMh8kt@h0kt0MQg,PE!MEh$Ykt]MQgMEMuEP<ME4hMtWxt&MMEE;E3@\MMjX[M3;u3kcE];UuMh;1EP0chM]$t7EPfMEMuM;tGpMFh|Mt?EPMfMEdMuM;tGtM]hMtnh0i;tMQewxPECM0hi;t/MQePEM]zMMgEE;E3@_ZVq,L$V@^QL$L$@QL$L$}@PQL$oL$_@`QL$QL$A@QL$0L$ @L$j<3j<2XMeEPMMPEMEFMM3@AYQL$L$@,QL$L$}@<QL$WL$G@j R2W]jTh5t$jhPMWeESPYYM5ht0jhM#ESPEaYYMM(V@Xj R25W]jht$jhMeESPYYM5hQt0jhMsESPEYYMMxV@lWjV}jh8t-jhHMeEWP8MYYMVs@VxQL$`L$P@QL$?L$/@AtL$3ApL$3A<ALLL$S3W9\$u3VShxthtSt$ q_;tbuQP0t?^,yu1G,Pt"\uWt3@3^_[Vt$hFtjX#h1tjh3@^UQMejh|4EXT$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`EETgkMMf9r}EMEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`eh vector constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector destructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector vbase constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`G u_uEju9 u uEjPu9 uu 9 M_^3[Rp9 U9 9 Eet_EtZfuu uuuu ]atAtu uuuuu0u uuuuuwu uuuuun]9 U9 juuuuuuZ]9 VW36Y0 (r_^9 Vhh3Vg& t
Ansi based on Dropped File
(~WRD0000.doc)
`JPVS3v6Qf& FP^STc~>Rn.}N`QURq1P
Ansi based on Dropped File
(~WRD0000.doc)
`JPVS3v6Qf& FP^Tc~>Rn.}N`QURq1P
Ansi based on Dropped File
(~WRD0000.doc)
`L`9 @30 E=}`RhR@5h & uh=@0 tPSzY0 hSE0j
Ansi based on Dropped File
(~WRD0000.doc)
`local static guard'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local static thread guard'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local vftable'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`managed vector constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`managed vector copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`managed vector destructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`MTEMd9 c4ED9 0 e\PE\SMdF ;tED9 0 e\P\VMdEED9 0 e\P\ WMdEEPM;PMDE
Ansi based on Dropped File
(~WRD0000.doc)
`omni callsig'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`placement delete closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`placement delete[] closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`pM_^3[=:9keUVuvT%vL%vD%v<%v4%v,%6%%v %v$%v(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`pM_^3[KVI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`S`[U9 9 M& w3k$QeY3$seEPMh,EPE9 U9 9 M& w3QY3 seEPMVh,EPE9 XU9 9 M& w39 PY3seEPMh,EPE9 Ulhzj0 Mh9 }x|9 Vh 9 VhP9 Vh(9 Ia3;0 E@RVPEXP9 Vh MX0 ]a9 MXxWSEPPMXE9M]~VhMX"!;0 ElMXR`Vh"!;RJ9 Ml+HPAQE0PMXzM0E & & 9 0 eDVh9 E0P<D<ERM E PS<E; MEl EPj<E~M; eh9 Za& t0 ]l9 MhEDP& <PEPEDahh9 ME& 9 MhEPE PhEPtME" & & VhMVhhMHEEPMHEEh8MHhMHhMHEPMHhMH9]l M hMHE
Ansi based on Dropped File
(~WRD0000.doc)
`scalar deleting destructor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`udt returning'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`uu3_eEPMoej,EjPnuMpEEEEEEEPuMMhj`=`M}3;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`vbase destructor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vbtable'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector deleting destructor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector destructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector vbase constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vftable'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`virtual displacement map'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`XBXb10 & F9b"!` f t!6K
Ansi based on Dropped File
(~WRD0000.doc)
`XBXb1F9b`ft!6K
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`}E}EB}E3NpEN`ENPEN<EN,ENENE$ `jD_9 } 9 Mh, o& MQ9 keP9 MM}9 9 Mh Lo9 & 9 ?h30 E& : EPM0 ujh MEMEzPMEP9 /nMQ9 kME3EP9 MEMEMMF;u k3@3_jH^9 9 M3;u3Veg0 E0 ]; @u9 Mk9 ; EP9 fh M0 ]& tHEP9 XjP9 EM]9 W9 9 & h h M}& tAEP9 iP9 ERM]9 9 2& t^h Ph M<& tFEP9 iP9 EM]i9 9 & th8 9 :MM?E9 E;E 3@7^jhAP]9 9 M& u3ee0 E& u9 MMj9 & EP9 xeeh Mk& t=EP9 hMEM&& uM-& t0 MFh| M& t=EP9 }hMEM& uM& t0 Mh` M& t=EP9 @hMEWM`& uM & |0 MhD M& h8 9 k& t@h0 9 "!k& t0MRQ9 g,P9 E!MRE0 9 h$ 9 Yk& t]MSQ9 }gMSEMS& uESP9 <MSE4h M& tW9 x& t&MME9 E;E 3@\MMjX [9 9 M3;u3kc0 E0 ]; Uu9 Mh9 ; 1EP9 0ch M0 ]$& t7EP9 " fMEM& uM;t0 GpMFh| M& t?EP9 MfMEdM & uM~;t0 GtM]h MR& tnh0 9 i;tMQ9 ewxP9 ECM0h 9 0 i;t/MSQ9 eP9 EMS]z9 MMgE9 E;E 3@_ZVq,9 L$V9 @^Q9 L$9 L$~@Q9 L$9 L$}@PQ9 L$o9 L$_@`Q9 L$Q9 L$A@Q9 L$09 L$ @9 L$j<3j<2XMSeEPM9 MPEMEFMM: 3@AYQ9 L$9 L$~@,Q9 L$9 L$}@9 9 9 <Q9 L$W9 L$G@j R2W9 9 ]j9 Th 9 5& t$jhP9 MWeESPaYYM5h 9 & t0jh M#ESPEaaYYMM(V9 9 S@Xj R25W9 9 ]j9 h 9 & & t$jhMeESP"!YYM5h9 Q& t0jh MsESPE"!YYMMxV9 9 @lWj & V9 9 }j9 h8 9 & t-jhHMeEWP8"!MYYMV9 9 s@VxQ9 L$`9 L$P@Q9 L$?9 L$/@9 At9 L$0 3& x9 9 Ap9 L$0 3& x9 A<9 AL9 L9 L$0 S3W9 9\$u3 VShxthtSt$ q_9 ;tb~9 "!& uQ! P9 0& t?^,9 y& u1G,P9 & t"9 \& uW9 & t3@3^_[V9 t$9 h9 F& tjX#h9 1& tjh9 3@^U9 Q9 Mejh|9 49 EX: 9 T$9 9
Ansi based on Dropped File
(~WRD0000.doc)
a!APY S;y9Qi)0 IPUPS+u5Q
Ansi based on Dropped File
(~WRD0000.doc)
a!APYS;y9Qi)IPUPS+u5Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
a& uf}uuh<hjMNEPMSE(xME"!MM9 3jP
Ansi based on Dropped File
(~WRD0000.doc)
A0Ht=Ht,Ht
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
A9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }j3XZ; 9
Ansi based on Dropped File
(~WRD0000.doc)
A9 0 ueNt}^9 E }N$j
Ansi based on Dropped File
(~WRD0000.doc)
a9 PQ3A9t9 D$V9 && t9 VhP9 ^|$ V9 vt$" F0 9 ^j<(9 0 u 3~P9 0 ]FFdF$FFF F F$l$FXF\ 0 ~~0 ~ 0 ~0 ~0 ~9 (V9 D$tV)Y9 ^9 & t9 PQVjt$9 YYP9 ^Vjt$9 0 YYP9 ^9 ;D$t
Ansi based on Dropped File
(~WRD0000.doc)
A_,_,-.-.----_-
Ansi based on Image Processing
(screen_0.png)
A_A& AAAB@BsBBBBCkC"!CC5DDD4EEEFFF& FGRG`GG_H.IIJKKLxLLMNMRMMM=NkN}NNNO<O_O OOO7PeP*QWQ|QQQRRSNSST)TNTqT TTT/URU}UUUUVyVSVVVWLWoW WWX#XVXXXX"YUYxYYZQZ`ZZZ[9[h[[[/\s\\\?]]]] ^;^^^^^^_D__
Ansi based on Dropped File
(~WRD0000.doc)
A_AAAAB@BsBBBBCkCCC5DDD4EEEFFFFGRGGG_H.IIJKKLLLMNMMMM=NkNNNNO<O_OOOO7PeP*QWQ|QQQRRSNSST)TNTqTTTT/URU}UUUUVyVVVVWLWoWWWX#XVXXXX"YUYxYYZQZZZZ[9[h[[[/\s\\\?]]]] ^;^^^^^^_D__
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Aaix0<~B$s/DrPU nQj71-OM2NgUejzd8xEv1z`]fvYI8VAwX100010UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
aB[(kWyobg"~<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +<<<<</::<<<<<)<<<<;4<<<&9<<03
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
aB[S(kRWyob g"~<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +<<<<</::<<<<<)<<<<;4<<<&9<<03
Ansi based on Dropped File
(~WRD0000.doc)
abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@0 ` y !x@~ @ A[@~QQ^ _j21~,kCh}h}h}h}h} (im0o p}p}@0 x pPSTPDT``?__ (i*kXqTqPqLqHqDq@q8q0q(qqqqppppppppppppppppppppp p|pppdp`p\pPp<p0p . $$$$$$$$$ .5@ ;Zx 0Nm:Yw /Ml &____qq!q_
Ansi based on Dropped File
(~WRD0000.doc)
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@`y!@~ @ A[@~QQ^ _j21~,kChhhhh(im0opp@xpPSTPDT``?__ (i*kXqTqPqLqHqDq@q8q0q(qqqqpppppppppppppppppppppp|pppdp`p\pPp<p0p.$$$$$$$$$.5@ ;Zx0Nm:Yw/Ml&____qq!q_
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
About Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
about:blank
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
aC@AIxC@&B8G4X9D&J,qaM).@N0Z!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
aC@AIxC@S&B8G 4XR9D&J,qaM).@N0Z!
Ansi based on Dropped File
(~WRD0000.doc)
Accept-Encoding:gzip
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Accept-Encoding:gzip,0 U.?AVCJobDownloadFile@@,0 U.?AVCJobRequestPost@@U.?AVCLPManager@@U.?AVCVersion@@U.?AVCPicture@@,0 U.?AVCInternationalizationHelper@@U.?AVCChildButtonStatic@@U.?AVCCabExtractor@@,0 U.?AVCRegMonitor@@U.?AVCSingletonLogic@@,0 U.?AVCWindowStyledBorder@@U.?AVCLoggerWnd@@U.?AVCEventLogger@@U.?AVCTranslatedKey@@U.?AVCLanguagePack@@U.?AVCTooltip@@U.?AVCDictionary@@,0 U.?AVCQueue@@U.?AVCListBase@@U.?AVCPriorityQueue@@U.?AVCEventQuerySent@@U.?AVCQueryResult@@U.?AVImage@Gdiplus@@U.?AVBitmap@Gdiplus@@U.?AVCGdiPlusBitmap@@U.?AVCGdiPlusBitmapResource@@U.?AVCListViewCtrl@@,0 N@D,0 U.?AVtype_info@@,0 U.?AVbad_cast@std@@U.?AVbad_typeid@std@@U.?AV__non_rtti_object@std@@,0 us%,0 ,0 U.?AVbad_exception@std@@
Ansi based on Dropped File
(~WRD0000.doc)
Accept-Encoding:gzip,U.?AVCJobDownloadFile@@,U.?AVCJobRequestPost@@U.?AVCLPManager@@U.?AVCVersion@@U.?AVCPicture@@,U.?AVCInternationalizationHelper@@U.?AVCChildButtonStatic@@U.?AVCCabExtractor@@,U.?AVCRegMonitor@@U.?AVCSingletonLogic@@,U.?AVCWindowStyledBorder@@U.?AVCLoggerWnd@@U.?AVCEventLogger@@U.?AVCTranslatedKey@@U.?AVCLanguagePack@@U.?AVCTooltip@@U.?AVCDictionary@@,U.?AVCQueue@@U.?AVCListBase@@U.?AVCPriorityQueue@@U.?AVCEventQuerySent@@U.?AVCQueryResult@@U.?AVImage@Gdiplus@@U.?AVBitmap@Gdiplus@@U.?AVCGdiPlusBitmap@@U.?AVCGdiPlusBitmapResource@@U.?AVCListViewCtrl@@,N@D,U.?AVtype_info@@,U.?AVbad_cast@std@@U.?AVbad_typeid@std@@U.?AV__non_rtti_object@std@@,us%,,U.?AVbad_exception@std@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Accept-Language
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Accept-Language:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Accept-Language:Accept: */*FIf-None-MatchUser-AgentAccept-LanguagePragmano-cacheAccept*/*Content-Typeapplication/x-www-form-urlencodedGETICOyiICOyipXMLHttpReq->get_responseStream() failed : hRes=0x%XpXMLHttpReq->get_responseText() failed : hRes=0x%Xget response stream failed.Content-LengthGetResponseHeader(Content-Type) failed : hRes=0x%XpXMLHttpReq->send() failed : hRes=0x%XSetHeaders() failedpXMLHttpReq->open() failed : hRes=0x%XPOSTreturn FALSE (CoCreateInstance() failed : hRes=0x%X)CHttpManager::RequestHelperStart : wStrUrl=%s pwStrInput=%sa'M>}zCJobDownloadFileexit [%s]broadcasting [%s]posting singleton event [%s]before posting event [%s]Target file exists [%s]Download succeeded [%s].tmpCJobDownloadFile::Process(R'M>n6ge</EBXML><EBXML>CJobRequestPostafter post - FAILED. Server=%s Form=%safter post. Reply = %sbefore post. Request = %sExit : wStrServer and wStrForm are emptyEnd : m_pQuery==NULLCJobRequestPost::Process|'M>mmmmResourceFiles .4gdiplus.dllBINARY.pngO)\(?333333?zG?333333?o@EI Pop Up Window Class|8<ZYUOY_YY_,((2YY2m$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Accept-Language:Accept: */*FIf-None-MatchUser-AgentAccept-LanguagePragmano-cacheAccept*/*Content-Typeapplication/x-www-form-urlencodedGET}RIC OyiRIC OyipXMLHttpReq->get_responseStream() failed : hRes=0x%XpXMLHttpReq->get_responseText() failed : hRes=0x%Xget response stream failed.Content-LengthGetResponseHeader(Content-Type) failed : hRes=0x%XpXMLHttpReq->send() failed : hRes=0x%XSetHeaders() failedpXMLHttpReq->open() failed : hRes=0x%XPOSTreturn FALSE (CoCreateInstance() failed : hRes=0x%X)CHttpManager::RequestHelperStart : wStrUrl=%s pwStrInput=%sa'M>: }zCJobDownloadFileexit [%s]broadcasting [%s]posting singleton event [%s]before posting event [%s]Target file exists [%s]Download succeeded [%s].tmpCJobDownloadFile::Process(R'M>: n6ge</EBXML><EBXML>CJobRequestPostafter post - FAILED. Server=%s Form=%safter post. Reply = %sbefore post. Request = %sExit : wStrServer and wStrForm are emptyEnd : m_pQuery==NULLCJobRequestPost::Process|}'M>: mmmxxxmResourceFiles .4gdiplus.dllBINARY.png O)\(?333333?zG?333333?o@EI Pop Up Window Class|8! <} ZYUOY_YY_,((2YYx2mxx$xxxx
Ansi based on Dropped File
(~WRD0000.doc)
Accept: */*
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AcceptLanguage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Access violation - no RTTI data!
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Action name: %s, FallBackUrl: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ADVAPI32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
AEAEAEANxEANhEyANXEmANHEaAN4EUAN$EIANE=AMN1A;jJVu^7eN7N$E7N4E7NHE7NXE7NhE7NxE7E7Ex7Ei7E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
after post - FAILED. Server=%s Form=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
after post. Reply = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ajNtEnoEME~<~@MEMEwKjWYVWhOOWjt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ajNtEno}EME0 ~<0 ~@0 MEM0 0 Ew9 KjWYVWhOOWj9 0 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
aKKKKKKKKKKKKK" |L'L2L:LBLJLRL\LdLlLwL
Ansi based on Dropped File
(~WRD0000.doc)
Alekdll-M_cr0s0ftW0rd
Ansi based on Image Processing
(screen_9.png)
Alert ver 1.0
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alert.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Alert0.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alert1.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_ABOUT_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_CHANNEL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_HTML_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_INFO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alert_item
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_LINE1
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_LINE2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_LOGIN
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_OPTIONS_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_RESULT_TYPE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_TRANSLATION_RQ
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_TRANSLATIONS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerter Logic Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertInfoRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertLoginRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AlertReformatURL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts enabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/AlertLogin
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/GetAlertTranslation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/GetToolbarAlertsInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/SetAlertUsageRequest
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertTranslationRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertUsageRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AlertWindowLastUserCloseTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_ABOUT_DIALOG_ALERT_VERSION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_ABOUT_DIALOG_SECOND_PARAGRAPH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_CANCEL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_DESCRIPTION__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_MAIN_MENU_ABOUT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_MAIN_MENU_REFRESH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_MAIN_MENU_SETTINGS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_NO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_OK
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_POP_UP_WINDOW_OF
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_VIEW
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_YES
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_FIRST_PARAGRAPH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_DONT_SHOW_NOTIFICATIONS_FROM_THIS_TYPE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROM
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_TRAY_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_SAMPLE_NOTIFICATION_DESCRIPTION__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_SAMPLE_NOTIFICATION_HEADER
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_SAMPLE_NOTIFICATION_TITLE__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALP_CLIENTS_SERVER_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALP_SERVICES_SERVER_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALPClientsServerName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alpha(opacity=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALPServicesServerName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AM#=Tu%5 }E5t}PjEPjhPYSjuuV9 D$u(9 L$9 D$39 9 D$9 9 d$9 9 d$G9 9 \$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN+D$T$3+D$T$9 9 9 9 9 ^9 U9 SuM=i9 ]C=w9 E9 Xu0 ]}EP9 E%P`nYY& t`EjE]EY
Ansi based on Dropped File
(~WRD0000.doc)
AM#=Tu%5E5tPjEPjhPYSjuuVD$u(L$D$3D$d$d$G\$T$D$ud$D$r;T$wr;D$vN+D$T$3+D$T$^USuM=i]C=wEXu]}EPE%PnYYtEjE]EY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
An application has made an attempt to load the C runtime library incorrectly.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Apartment
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
API_CMD_CLICKED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
App Exists reply, MessageId: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
App to Open guid: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppData\LocalLow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppFromNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
application
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
application/x-www-form-urlencoded
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppNotificationDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppsGuids
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
aPQ3A9tD$V&tVhP^|$Vvt$F^j<(u3~P]FFdF$FFFF F$l$FXF\(VD$tV)Y^tPQVjt$YYP^Vjt$YYP^;D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AueNt}^E}N$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AUTO_UPDATE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AUTOUPDATE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateEnabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateIntervalInHours
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateLastTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateServerName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateServerVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AXPt}uPx3';uuuuuuP|q]US]VWu3;CURP<t$MtSRssP<3@_^[]U,VEPv@SWuuuu=PSE~8EtN8SP<EPuEPEP=t:E3E;tptMVVSTsMEPEPu3h VVSuuVVuuSuS_[^jjYuEM?eMK9uwt!MMz?Vt$t$ttu'!tP|^D$t|$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AyJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}j3XZ;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
azs-iv*XoCg"B$zxskbWn$X
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
azsS-iv*X oSS C`g"B R$zxskbWn$X}
Ansi based on Dropped File
(~WRD0000.doc)
A}EA}EA}E ANxE& ANhEyANXEmANHEaAN4EUAN$EIANE=AMN1A;jJV9 0 u^9 7eN7N$E7N4E7NHE7NXE7NhE7NxE 7}E! 7}Ex7}Ei7}E
Ansi based on Dropped File
(~WRD0000.doc)
b!np#POX%D% 0@/gJA0R1 ON:4Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
b!n~p #POX a%D%R 0@/ ~gJAR0R1 O N0 :4Q
Ansi based on Dropped File
(~WRD0000.doc)
b&Q|O Cvx)l_D9t NS 8cP: NJ}4w* !!"F"i"}"""A#|####8$[$$$%I%|%%&R&&&','o'" '''(D(j(()7)v)))*,*O*r*" ***#+++,,,,-O-`----*.X.& ...!/P/! /// 0N00 0001d111'2R2& 223F333!4d44%5h556Y6t6 667/7s77&8D8R888,9R9{9994:0 ::;E;S;;;<Q<<<<>=q= =>2>M>p>>>?5?X?{???0@[@@
Ansi based on Dropped File
(~WRD0000.doc)
b&Q|OCvx)l_D9tNS8cPNJ}4w* !!"F"i""""A#|####8$[$$$%I%|%%&R&&&','o''''(D(j(()7)v)))*,*O*r****#+++,,,,-O-----*.X....!/P//// 0N00001d111'2R2223F333!4d44%5h556Y6t6667/7s77&8D8888,9R9{9994:::;E;;;;<Q<<<<>=q==>2>M>p>>>?5?X?{???0@[@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
B(;r3_^[]9 U9 jh EhdPSVW 1E3PEd0 eEh*& tU9 E-PhP& t;9 @$E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
B(;r3_^[]Ujh EhdPSVW1E3PEdeEh*tUE-PhPt;@$EMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
B8uSjuo9 E[]9 U9 SVW39}t$9}t9 u;uTDWWWWW3_^[9 M;t3u9Ew9 }}F0 M0 }9 t9 F0 EE& 9 Nt/9 F& t(R9 ;r9 Wu6>)~>+}O;]rO& tVHY& u}}9 t39 u+WuVx YPta9 ;w9 M+;rP9 })9 EVPm_YYt)E9 FK0 E& E& & A9 EN 9 +3uN 9 Ejh(A39ut)9ut$39u" ;u BVVVVV3u Y0 uuuuu=0 EE9 Eu Y9 U9 SV9 uW3;uzBWWWWWBFt7VV9 V3 PF& }9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
B8uSjuoE[]USVW39}t$9}tu;uTDWWWWW3_^[M;t3u9Ew}}FM}tFEENt/Ft(;rWu6>)~>+}O;]rOtVHYu}}t3u+WuVxYPta;wM+;rP})EVPm_YYt)EFKEEAEN +3uN Ejh(A39ut)9ut$39u;u BVVVVV3uYuuuuu=EEEuYUSVuW3;uzBWWWWWBFt7VV V3PF}F;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
B9 Ej0 G4X_^[9 T$& u39 D$VW9 |$ 9 S3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHBN& f[& t23#3xHBOu_^9 L$9 T$3V#9 " xH39 A0 Qi B0 Q3#3" xH^0 A9 D$9 H9 U9 u0Euu`E]U9 9 MVW9 }& u3@} S9Us9 U)UR" 9 9 kYYYYYYYYYY
Ansi based on Dropped File
(~WRD0000.doc)
B_arb_,,t
Ansi based on Image Processing
(screen_0.png)
background-color:#FFFFFE;
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
bad allocation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Bad dynamic_cast!
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
bad exception
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Base Class Array'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Base Class Descriptor at (
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
BB0B^~j_9 u?3f0 EE9 E9 ]9 Me9 EM0 ]0 Eu& }2~(9 E9 ]9 Mm9 EN0 ]0 E& GZ0 ]0 E& }9 U9 Eu}e9 }e9 U9 9 49 U9 E<;r;sF3;rs3B9 & tA9 E00 U;r;sAM4?0 u9 u0 M 09 CM}0 uEKK`K<5}9 MD ;9u0K;]s9 E;]sCf* XD9 ER9 M_^3[v ;0uK;s9 E;s3f0 f9U@"
Ansi based on Dropped File
(~WRD0000.doc)
BB0B^~j_u?3fEEE]MeEM]Eu}2~(E]MmEN]EGZ]EUEu}e}eU4UE<;r;sF3;rs3BtAE0U;r;sAM4?uuM0CM}uEKKK<5}MD;9u0K;]sE;]sCf*XDEM_^3[v;0uK;sE;s3ff9U@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
bClicked = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
BE9 MH0 E;O,u9 O(0 MKL# & u}9 G,;u9 G09 O(;t9 ;s+H9 G,+& uXu0 W4VWF9 W40 E9 G0;s+H9 G,+9 O,0 E;u9 O(9 G0;t9 ;s+H
Ansi based on Dropped File
(~WRD0000.doc)
before post. Request = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
before posting event [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
BeginPaint
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
BEjG4X_^[T$u3D$VW|$S3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHBNf[t23#3xHBOu_^L$T$3V#xH3AQiBQ3#3xH^AD$HUu0EuuE]UMVW}u3@}S9UsU)UkYYYYYYYYYY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BEMHE;O,uO(MKL#u}G,;uG0O(;t;s+HG,+uXuW4VWFW4EG0;s+HG,+O,E;uO(G0;t;s+H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BF$D53.:)C
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BF$D59 3.:)C9 9
Ansi based on Dropped File
(~WRD0000.doc)
BfXw _3 _jY0 & ;! $& C^30 & 0 & 0 & 0 & 0 & 0 & tJt6t%+t& & y j_f*u,0 9 [0 & ?-9 & k
Ansi based on Dropped File
(~WRD0000.doc)
BfXw_3_jY;$C^3 tJt6t%+tyj_f*u,[?-k
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BH#0 E9 j9 E0 G 9 E0 G9 E0 F9 E9 +0 NVW0 W4_^[9 Eu0 G 9 E0 GfFhMjF Mu }v
Ansi based on Dropped File
(~WRD0000.doc)
BH#EjEG EGEFE+NVWW4_^[EuG EGfFhMjFMu}v
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
bh1h2 xa& FC r2B,4L
Ansi based on Dropped File
(~WRD0000.doc)
bh1h2xaFC r2B,4L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
blockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
border:solid 1px #d5d5d5
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
bp/pH*Z0FHN2AppH6Q0(0!,:(P:54
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
bp0 /pH*Z R0FH N 2Ap0 pH 6Q0(0 !,}:(P:54
Ansi based on Dropped File
(~WRD0000.doc)
broadcasting [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
browser_type
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
buffer error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
buttonface
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
C4^1Y@MQ</[8+K&E! %
Ansi based on Dropped File
(~WRD0000.doc)
C4^1Y@MQ</[8+K&E%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
C9 E9E G9 D@u `C9 +E }0 E& & K` xC 3@;]rK@ P& t`0 P& & u
Ansi based on Dropped File
(~WRD0000.doc)
C;]T *Et9 Et;EPR9 M4M8EMEwM EkME_MESM\EGMXENMEMM#9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
C;]T*EtEt;EPM4M8EMEwM EkME_MESM\EGMXENMEMM#Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Cabinet.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CacheIcons
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Cadierung,
Ansi based on Image Processing
(screen_0.png)
Cadierung:
Ansi based on Image Processing
(screen_0.png)
CAlertChannelsList::ProcessOpenAppMessage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertClient::OnTimerUpdateChannels
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::AddAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::CallPushHtmlNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::CallPushNotifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiExecCommand
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOnMessageRead
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOnReady
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOnStartDrag
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOpenAboutDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOpenApp
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiPostMessageToParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiSendUsage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiShowMe
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnNavigationStopped
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::PushNotifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::ShouldStopNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
calling m_pXmlDoc->save(%s)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CallNextHookEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CallWindowProcA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CallWindowProcW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Can not show, size illegal
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
catching exception
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAutoUpdateThread::ThreadFuncAutoUpdate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CC& D0 @0 <t<uR@" Yf;& @& h& 8 t)j
Ansi based on Dropped File
(~WRD0000.doc)
CCD@ <t<uR@Yf;@h8 t)j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CChildButton::OnMouseLeftKeyDown
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CConduitAlert::OnPendingNotificationReply
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CConduitAlert::RunAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CE9EGD@uC+E}EKxC3@;]rK@PtPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CertCloseStore
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertFindCertificateInStore
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertFreeCertificateContext
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertGetNameStringA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertGetNameStringW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ChangeWindowMessageFilter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CharLowerBuffA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
checkboxText
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::DownloadFileHelper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::RequestHelper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::ReturnWithError
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
cj%b9 0 u eN{M9 abAV9 ^D$tVbY9 ^Vjj9 jj9 _^jaEPeM& t3MMZ9 bbMME& MEuMh9 PVMRM9 E& ME j,8#aeEPh3CM0 ]V& t9 Mjha0 ]M[ME MET& MEp}9 EPhMPVMW9 M& tEPjh+M0 ]E& ME4M]ME9 E$aj,8=`eEP 3CM0 ]p& t9 Mjh(0 ]MuMESMEn ME`9 EPhMPVMq9 M& tEPjh(EM0 ]E MENM]ME79 E>`jW_EPeM& t3MM9 `M ME"!MERuMh9 #PVMM9 EiMEO jc^EPeM& tMMf3n_9 MEP9 MhlMuME3& uMEMM9 Fjc2^EP[eMk& tMM3^9 MEPL9 Mh +MfuME& 3& uMENMM~9 Fjc]EPeM& tMMF3N^9 MEP9 Mh: MuME3& uMEMM9 Fj(]9 eEP3CM0 ]C& t9 Mjh|9 ! 0 ]n9 0 ejhnuEP9 @ME& t9 Mjh|9 AMPM9 MEPM0 ]]8ME,9 E3]j4L\9 EPeM& & EP9 "MEd& & M|EPh<ME Ph MhM}h! MljhM_EP|9 WMEP VMShM+EPWMPVMxhMEPhM PVMPMEMEMEMM[j[0 M9 u& 9 M?& & MW9 Me~WEPME& & M8MET9 F$PhTMPSMF4PhHMPSMt9 MW8}t?j9 0 ejhpMEePSME"!& u9 MjWSMEa~MEMMt3@3ZjPY0 M9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
cj%bueN{MbAV^D$tVbY^Vjjjj_^jaEPeMt3MMZbbMMEMEuMhPVMRMEMEj,8#aeEPh3CM]VtMjh]M[MEMETMEpEPhMPVMWMtEPjh+M]EME4M]MEE$aj,8=`eEP3CM]ptMjh(]MuMEMEnMEEPhMPVMqMtEPjh(EM]EMENM]ME7E>`jW_EPeMt3MM`MMEMEuMh#PVMMEiMEOjc^EPeMtMMf3n_MEPMhlMuME3uMEMMFjc2^EP[eMktMM3^MEPLMh+MfuME3uMENMM~Fjc]EPeMtMMF3N^MEPMhMuME3uMEMMFj(]eEP3CM]CtMjh|]nejhnuEP@MEtMjh|AMPMMEPM]]8ME,E3]j4L\EPeMEP"MEdM|EPh<ME PhMhMhMljhM_EP|WMEPVMhM+EPWMPVMxhMEPhMPVMPMEMEMEMM[j[MuM?MWMe~WEPMEM8METF$PhTMPSMF4PhHMPSMtMW8}t?jejhpMEePSMEuMjWME~MEMMt3@3ZjPYMuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CJobDownloadFile
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobDownloadFile::Process
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobRequestPost
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobRequestPost::Process
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Class Name:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Class3CA2048-1-550
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
click_action
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ClientToScreen
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CLogger::Init
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CLogger::~CLogger
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CLogger::~CLogger--== Logger initiated ==--.log_THREADID.logCLogger::Init#rdf:rdfrdfrssPosted (no title)dc:dateenclosurefeedItemIdlinkitemlanguagettlchannelcreatedtext/htmlapplicationentryhrefrdf:RDF wb..*h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CLogger::~CLogger--== Logger initiated ==--.log_THREADID.logCLogger::Init#rdf:rdfrdfrssPosted (no title)dc:dateenclosurefeedItemIdlink~itemlanguagettlchannelcreatedtext/htmlapplicationentryhrefrdf:RDFR ~wb..*h~R ~
Ansi based on Dropped File
(~WRD0000.doc)
CLOGGER_WND_CLASS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CloseHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CLSIDFromString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CNotificationsFeed::ParseClickAction
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CoCreateGuid
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CoCreateInstance
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CoInitialize
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CombineRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
COMCTL32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Community Alerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Community Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CompanyName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CompanyNameConduit Ltd.4FileDescriptionAlert0FileVersion1.1.4.1,InternalNameAlertbLegalCopyrightCopyright Conduit Ltd. 2011.fLegalTrademarksCopyright Conduit Ltd. 2011.4OriginalFilenameAlert$PrivateBuild4,ProductNameAlert4ProductVersion1.1.4.1$SpecialBuild4DVarFileInfo$Translation<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Complete Object Locator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Community Alerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd. 2011.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.1>0<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.1>0<U5Digital ID Class 3 - Microsoft Software Validation v210UConduit Ltd.00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Conduit Ltd.1>0<U5Digital ID Class 3 - Microsoft Software Validation v210UConduit Ltd.0x0
Ansi based on Dropped File
(~WRD0000.doc)
Conduit_Alert_Autoupdate_Mutex
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ConduitAlertMessage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Connecting to Window Events
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Content-Length
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Content-Type
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ConvertStringSecurityDescriptorToSecurityDescriptorA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CopyFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Copyright
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CorExitProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CoTaskMemFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Could not get bShow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CoUninitialize
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CPPVP5Yt!uPV5YYYfguuPV5YYY>-uFV$sg+'jj0XfQfEE t@tCC@Ct3@t|su3}9~u!t-RPSW{09~N+FtYt90tN0@6uOf8t@@u+e@t+tj-tj+tj Xf++uSj YtuWSj0Quu~qPWPB~)YVY| tSj tYft*3PPPPP2t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CPsMMsW3J|$tjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateDialogParamW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateDirectoryW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateFileA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateFontIndirectW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateMutexW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreatePen
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreatePopupMenu
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateRectRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateSolidBrush
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateStreamOnHGlobal
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateWindowExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateWindowExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CRegMonitor::Init
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CRegMonitor::~CRegMonitor
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CResourceBank::Init
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CRYPT32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CryptMsgClose
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CryptMsgGetParam
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CryptQueryObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CSecurityAttributes::GetLowIntegritySecurityAttributes
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteKey
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteRegEntry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetBoolFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetFirstRegDirectoryName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetIntFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegDirectoryKeyNames
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegFirstName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegNames
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegNamesCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetStringFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::IsKeyInRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::IsValueInRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::RegDeleteKeyAndItsSubkeys
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::SetBoolRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::SetRegEntry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::WriteIntToRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::CreateSingletonLogicHWND
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::CreateSingletonLogicThread
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::OnAboutToClose
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::OnMessage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::WorkerThreadRun
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::~CSingletonLogic
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
cT`C! 0 0U00pU i0g0e` H E0V0(+https://www.verisign.com/cps0*+0https://www.verisign.com/rpa0U0m+a0_][0Y0W0Uimage/gif0!00+ }k jH,{.0%#http://logo.verisign.com/vslogo.gif0U%0++04+(0&0$+0 http://ocsp.verisign.com01U*0(0&$" http://crl.verisign.com/pca3.crl0)U"0 010UClass3CA2048-1-550U k&p? -5: 0
Ansi based on Dropped File
(~WRD0000.doc)
cT`C!00U00pU i0g0e`HE0V0(+https://www.verisign.com/cps0*+0https://www.verisign.com/rpa0U0m+a0_][0Y0W0Uimage/gif0!00+kjH,{.0%#http://logo.verisign.com/vslogo.gif0U%0++04+(0&0$+0http://ocsp.verisign.com01U*0(0&$" http://crl.verisign.com/pca3.crl0)U"0 010UClass3CA2048-1-550Uk&p?-50
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CThreadPool::OnJobPreProcess
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CThreadPool::ThreadFunc
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CThreadPool::ThreadFuncImmediate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CThreadPool::Work
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CtPMuP^[_]t7t3V0;t(W8YtVE>YuptVYY^3jhEy
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CtPMuP_^[]UW}SV5WtPtPtPtP_PE{httP{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CurrentVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::ConnectAllHtmlEvents
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::DisconnectAllHtmlEvents
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::KillRefreshCheckerTimer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::OnBeforeNavigate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::OnDocumentComplete
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::OnRefreshCheckTimer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::SetRefreshCheckerTimer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::TimerProc
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CXmlDocument::LoadFromBuffer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CXmlDocument::LoadFromFile
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CXmlDocument::Save
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CZN@#?$" Y[W0P+
Ansi based on Dropped File
(~WRD0000.doc)
CZN@#?$Y[W0P+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$ DP\"!TS|<Rl,RLPRUS#r2Qb" BPZ" TCz:Rj*
Ansi based on Dropped File
(~WRD0000.doc)
d$ DP\TS|<Rl,RLPRUS#r2Qb" BPZ TCz:Rj*
Ansi based on Dropped File
(~WRD0000.doc)
D$3D$tL$tI;T$tu3UQQSV^FVMW]9rY^3jZQ!}YEt!NQuPuENMVNEFMUUQN@F_^[3HHD$;r2IAVFtPYff&^D$V;FrQ@~FuPVvFjP.WP<vjW6vWv ~_^AtPYt33@V~u3DuSWx3jZQYtWSjvjt$$_[^VFP^QQQD$Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$3Vt$t&~t NP uNt3@3^j<M\EHeURPtKMu?M[EPMEmEMu[MM$3@[MM3j/M}j 1YEetj]EeMjtYEEt3MVPN$QPF PNuN4M3v8^DMWEPPE5MM)MG;rh0N\#EPpEj5(DVW|$t;tF+G_@^Vuft3N;HuMF^SV39u6F8Xt@F8Xt<^[8YuA8XtNN;uF@8XtN8YuF^[UEVuEFENFgEFF^]VW|$WHGF_^SV39uF8Xt^[xH8Yu8XtNN;HuF@8XtF^[SV39u8F8X!t^[)H8Y!u8X!tNN;HuF@8X!tF^[D$L$;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$9 huBY9 HjT"G0 M} 9 }9 Y& & j.9 9 9 "(+PVEP9 ej|9 VMsMEkjVMEX9 MEPE& tYE9 0 eP9 MWEP PMEME1M9 MPM~9 MP! MEMEMEMMFjl4F9 9 u& ~,& F9 0 eP<~W9 T" M=eWEP9 *ME2jMENsMR0 EER\jME89 &e0 E& } u9 e[u9 WP0 E:& tX9 EjjP9 0 E xju9 }Mn& u9 MPBPM9PuMjuME9 E;E| M,& & M]jEPMEPuMGM99 3& ~_VEPMEPEPME~& uMPM"!PuM}MEF;|& ~MMETjM MREaMEhMEMMz3@3Dj<wC9 ML9 M30 ]PV9 ;u9 M0 EjEPV9 uEP9 yMEhME'qM9 PVM; MEPHWMEmPVMuMw& uuMWHPVMME3FMEgM]MM\9 uEP9 ;RME
Ansi based on Dropped File
(~WRD0000.doc)
D$A4VFtQSWp=tFjt$jpvtD$j51N,QPjv_[^D$A,AtI,jQjPU(SVEP]PSxuhWj(3EWPNhWEE}}]}jEE}EEP|_fu33@^[Wwt5Vt$t)Vw<tG()N)NF3@3^_|$VW=0t%jv~$t=Ft6pt)jjvFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$DP\TS|<Rl,LPRUS#r2Qb"BPZTCz:Rj*
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$huBYHjT"GM}}Yj."(+PVEPej|VMsMEkjVMEXMEPEtYEePMWEPPMEME1MMPM~MPMEMEMEMMFjl4Fu~,FeP<~WTM=eWEP*ME2jMENsMEE\jME8&eEue[uWPE:tXEjjPEjuMnuMPBPM9PuMjuMEE;E|M,M]jEPMEPuMGM93~_VEPMEPEPMEuMPMPuMMEF;|~MMETjMMEaMEhMEMMz3@3Dj<wCMLM3]PV;uMEjEPVuEPyMEhME'qMPVM;MEPHWMEmPVMuMwuuMWHPVMME3FMEgM]MM\uEP;ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tV/kY9 ^hj9 M`3M0 ]|; <jSjSj<E<;tr9 <;taPV9 9 ;tGMZ;uV9 j : cY9 0 ME;tS3PS0 p5(w<]MMjjH,i0 M9 u& u3@kMejj~WMi9 t#HtHu/9 MWEP7 9 MEP9 uEP9 f(MM3& ij0I~h9 MT3M0 ]1
Ansi based on Dropped File
(~WRD0000.doc)
D$tV/kY^hjM`3M]|;<jSjSj<E<;tr<;taPV;tGMZ;uVj cYME;tS3PSp5(w<]MMjjH,iMuu3@kMejj~WMit#HtHu/MWEP7 MEPuEPf(MM3ij0IhMT3M]1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVEY9 ^V9 Nt^30 F<0 F 0 F$0 F(0 F,0 F40 F00 F80 F@0 FD9 D$0 FH9 ^jiC9 FPM^9 F<30 };t
Ansi based on Dropped File
(~WRD0000.doc)
D$tVEY^VNt^3F<F F$F(F,F4F0F8F@FDD$FH^jiCFPM^F<3};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVY9 ^Vh~9 e^hX9 Y^h9 M^h9 A^hP9 5^h9 )^hX9 ^h9 ^hP9 9 ^h9 ]h 9 ]h9 ]h9 ]hH9 ]h9 ]hp9 ]h9 ]h`9 "!]h`9 ]h(`9 ]h0 9 u]h8}9 i]h}9 ]]h9 Q]h`9 E]h 9 9]h 9 -]hH9 !]h9 ]h9 ]h`9 \h9 \^j.jY9 0 M30 E;tu]9 M9 MPuRj
Ansi based on Dropped File
(~WRD0000.doc)
D$tVY^U3ES]VuW}'}E@tUEPh@t3@=EPV2%YYt'uWSVEVPEM_^3[~U3EVWu}Mxu_l@3^3U(3ES]VuW}EPh@EPh hpSE^$YYu/EPSN$YYu9EuEPS9$YYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVY^Vhe^hXY^hM^hA^hP5^h)^hX^h^hP^h]h]h]h]hH]h]hp]h]h]h]h(]hu]h8i]h]]hQ]h`E]h9]h-]hH!]h]h]h`\h\^j.jYM3E;tu]MMPuRj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D0 & *u&0 9 0 & " 9 & k
Ansi based on Dropped File
(~WRD0000.doc)
D0 & f*u&0 9 [0 & 9 & k
Ansi based on Dropped File
(~WRD0000.doc)
D0 & ItWhtFltw& " f>lu0 xl `f6uf~4u 0 8f3uf~2u0 fd fi fo fu fx fX 9 & R& d/ St~At+tY+t+& & 0 " @0 0 & & & 0& & 0u 9 u& 0 9 [0 & u 0 & 9 & } ` QPRYY& tFF& 9|X + + +& 3F& 0 0 0 & StB& & P9 & & & P& PG& }0 f0 & & 0 & 0 F9 0 & t:9 H& t3& 0 t"!+& 0 & P@fYp eRg}itqnt(o& & & taU9 30 V& 0& tf9 & f0 9 & 0 & @&
Ansi based on Dropped File
(~WRD0000.doc)
D0 & z ItU htD lt w& bS ;luC0 8, `<6u {4uCC 0 <3u {2uCC0 <d <i <o <u <x <X & PPG'Y& `& Yt"9 R`C0 R9 jJd wS AtHHtYHHtHH& & " @0 0 & SE& & 0& 0 & 0u
Ansi based on Dropped File
(~WRD0000.doc)
d7CRDh?=8%@X#Hk<>r4pGu 69
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d7CRDh?=8~x~%@X#Hk<>r4pGu 69
Ansi based on Dropped File
(~WRD0000.doc)
d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdb
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
d;vmhp9 E0 =x[_^tV9 5dW3;u4kP5hW54 ;u3xt9 5dhk5hhAj54$ 0 F;tjh hW0 F;uvW54L : N0 >0 ~d9 F9 _^9 U9 QQ9 M9 ASV9 qW3C& }9 i 0Dj?0 EZ0 @0 @Juj9 hyh W& u p0 U;wC9 +GAH0 @0 P Iu9 U9 EO0 H0 AJ0 H0 Ad~D3G0 ~`FC` 9 ENCux 9 !P9 _^[9 U9 9 M9 ASV9 uW9 }9 +Q9 iRD0 M9 OI;|99 0 M0 ]}U& E;;9 MI0 M?vj?Y0 M9 _;_uC s9 ML!\Du&9 M!9 ML!Su9 M!Y9 O9 _0 Y9 O9 0 y9 M+M}}9 }9 MOL1?vj?_9 ]0 ]9 [0 Y9 ]0 Y0 K9 Y0 K9 Y;YuW`LML s }u9 9 MDD9 }uO 9 MY O 9 U9 MD20 0 L9 UF0 B0 D2<38/9 ])uN0 K\39 uN0 ]0 K?vj?^E& 9 uN?vj?^9 O;OuB s9 t!\Du#9 M!NL!Su9 M!Y9 ]9 O9 w0 q9 w9 O0 q9 uu0 uN?vj?^9 M9 y0 K0 {0 Y9 K0 Y9 K;KuW`LML s }u9 9 M9DD9 }uN 9 My N 9 E0 0 D3@_^[9 U9 d9 Mkh0 MSI VW}M
Ansi based on Dropped File
(~WRD0000.doc)
d;vmhpE=x[_^tV5dW3;u4kP5hW54 ;u3xt5dhk5hhAj54$F;tjh hWF;uvW54LN>~dF_^UQQMASVqW3C}i0Dj?EZ@@JujhyhWupU;wC+GAH@PIuUEOHAJHAdD3GFCENCux!P_^[UMASVuW}+QiDMOI;|9M]UE;;MIM?vj?YM_;_uC sML!\Du&M!ML!uM!YO_YOyM+M}}MOL1?vj?_]][Y]YKYKY;YuWLML s}uMDD }uOMYOUMD2LUFBD2<38/])uNK\3uN]K?vj?^EuN?vj?^O;OuB st!\Du#M!NL!uM!Y]OwqwOquuuN?vj?^MyK{YKYK;KuWLML s}uM9DD }uNMyNED3@_^[UdMkhMSI VW}M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
d@pH$N$ " " D!R$ZC
Ansi based on Dropped File
(~WRD0000.doc)
d@pH$N$" D!R$ZC
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
data error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Datii_0midiirung
Ansi based on Image Processing
(screen_0.png)
Dc3F 0^2PC0$[Ab8 K19'D`1x<aD&k-*DdaP@F #@$pa2$H;SAFha&L>&C,=pwp0hRA
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dddd, MMMM dd, yyyy
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DecodePointer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DefaultShowIconInSystemTray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
defaultValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DefWindowProcA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DefWindowProcW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DeleteCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DeleteFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DeleteObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
description
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DestroyIcon
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DestroyMenu
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DestroyWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
dFpt"~ltpluj Y,yj`YeFl=HiEEj[YuUuM.kE~MJf9tAAu+Hu uPuuu}tMapUf9Eueef9EsE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dhk9 U+Pr;r3]9 U9 9 M9 AV9 uW9 +y9 iRD0 M9 I0 M& S19 0 U9 V0 U9 U0 ]utJ?vj?Z9 K;KuB s9 L!\Du#9 M!JL!Su9 M!Y9 ]9 S9 [9 MM0 Z9 U9 Z9 R0 S0 M9 J?vj?Z9 ]0 ]& +u9 ]j?0 uK^;v9 M9 J0 M;v9 ;t^9 M9 q;qu; s9 !tDLu!9 M!1K!Lu9 M!q9 M9 q9 I0 N9 M9 q9 I0 N9 u9 ]}u; 9 M9 Y0 N0 ^0 q9 N0 q9 N;Nu``LML s% }u9 9 M 9 DD) }uJ 9 MYJ 9 E0 0 D09 E& & 9
Ansi based on Dropped File
(~WRD0000.doc)
dhkU+Pr;r3]UMAVuW+yiDMIMS1UVUU]utJ?vj?ZK;KuB sL!\Du#M!JL!uM!Y]S[MMZUZRSMJ?vj?Z]]+u]j?uK^;vMJM;v;t^Mq;qu; s!tDLu!M!1K!LuM!qMqINMqINu]}u;MYN^qNqN;Nu`LML s%}uMDD)}uJMYJED0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dHpuF;htF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dHpu}FF@puHpF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DialogBoxParamW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Disable Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DisableSources
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DispatchMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DispatchMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
display_time
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DItWhtFltwf>luxl `f6uf~4u8f3uf~2ufdfifofufxfXRd/St~At+tY+t+ @0 0u u [u QPRYYtFF9|X+++3F tBPPPG}fFt:Ht3t+P@fYpegitqnt(otaU3V0 tff@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Djh^V>O& u%jh^VO& & FFf> tf9>& h uESuP! & & 9 E9 M0 H9 M0 x0 80 x0 x0 H_^[jhEY330 }j! Y0 ]30 u;5`P9t[9 9 @uH uAFwFP Y& "!P4VYYP9 @tPVbYYF 9 0 }hj8 Y9
Ansi based on Dropped File
(~WRD0000.doc)
Djh^V>Ou%jh^VOFFf> tf9>huESuPEMHMx8xxH_^[jhEY33}jY]3u;5`P9t[@uHuAFwFPYP4VYYP@tPVbYYF}hj8Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dk9 h+LQHQPG^9 E
Ansi based on Dropped File
(~WRD0000.doc)
dkh+LQHQPG^E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DllCanUnloadNow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllGetClassObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllOnUpdateFinish
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllRegisterServer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllUnregisterServer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
dMEc9 MEP 9 E9 u0 EEP9 9 }9 9 M9 u#3f> #u9hHSj"!MElMElMM"!l%F0 E& 9 u9 PhSj EPEPEP9 & uhEPZ9 & 9 @& jhxthtjP_9 & u
Ansi based on Dropped File
(~WRD0000.doc)
dMEcMEP EuEEP}Mu#3f>#u9hHSj"!MElMElMMl%FEuPhSj EPEPEPuhEPZ@jhxthtjP_u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DOMAIN error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DONT_SHOW_ALERTS_FROM_THIS_FEED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
dont_show_this_type_check_box
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DosDateTimeToFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Download succeeded [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DownloadErrorCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DrawFocusRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DrawIconEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DrawTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DR}c 3F 0^2 P C0R$ ! [Ab8 K 19& 'D`1x<aD&k-*Dd 9 aP@F #@ $pa2$H ;SAFha &L >&C,=pwpaR 0hRA
Ansi based on Dropped File
(~WRD0000.doc)
DW9 0 E EPWEP9 EPWEP9 nEPEPWEP9 =WEP9 W9 9 9 M9 j9 MMVjto'9 39~ z9 Ee Tf 7hto Wqvrt.s& D9 ;u}9 ; PsM :M0 ]xE9 EP9 & "!9 M9 ~xEP9 E& t3;" M PEPQMh;u0jPMZ! ME89 MQMQj9 EME MEBME6M]+MM 95.r;t%P9 lS;tP9 Xj9 A8t-9 VB9 0jsD9 N& t9 F9 PQf^j" '9 9 }& u3S9 & t9 ;EuMl}eWM& t9 jW9 t9 jMM>}3@EV9 9 & u3+9 ;D$ut$9 t$j|$t9 3@^Vt$9 fv9 ^j<2MY8eEPM 99 MPE6! ME~9 Mx& t3MM(89 R9 Mh! 3FV9 D$tV}Y9 ^OjRf9 hqY9 0 Me& ta(3M& t
Ansi based on Dropped File
(~WRD0000.doc)
DWEEPWEPEPWEPnEPEPWEP=WEPWMjMMVjto'39zEeTf7htoWqvrt.sD;u};PsM:M]xE9EPMxEPEt3;MPEPQMh;u0jPMZME8MQMQjEMEMEBME6M]+MM95.r;t%PlS;tPXjA8t-VB0jsDNtFPQf^j'}u3St;EuMleWMtjWtjMM>3@EVu3+;D$ut$t$j|$t3@^Vt$fv^j<2MY8eEPM 9MPE6MEMxt3MM(8Mh3FVD$tVY^OjRfhqYMeta(3Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DynamicDialogs
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DzItUhtDltwbS;luC8, <6u{4uCC<3u{2uCC<d<i<o<u<x<XPPG'YYt"CjJdwSAtHHtYHHtHH @E00u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d}& Hpu 0 9 F;ht9 F9
Ansi based on Dropped File
(~WRD0000.doc)
d}& Hpu}R0 F9 F@puHpF
Ansi based on Dropped File
(~WRD0000.doc)
E PN,Q40 9 9 P<u}Qu9 9 E& |0 FpM9 B& uTE~PP9 Qh9 Q P9 Q^@W9 [Qh9 Qh9 QWN`:QhhPj
Ansi based on Dropped File
(~WRD0000.doc)
E PN,Q4P<uQuE|FpMBuTE~PPQhQPQ^@W[QhQhQWN`:QhhPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
e! P}Ls69 ! 0 ! P}EQ6! P}E;69 ! $0 $9 ! (0 (9 j19 0 uL}E"!,}E`,}E{,M9 kzV9 T9 ^Tj.xh,& : Y9 0 M30 E;th-UPjDd1D9 M\EP(j3hM0 u1MEG#PhM$MVjEPMEWM>9 ;u;MEME +MM +9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
E#UtYjSSu#tAu}+;SjHP$Eu_^[huYYE|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
e%& EP]: TS}=Rm-
Ansi based on Dropped File
(~WRD0000.doc)
e%& EP]aTS}=Rm-
Ansi based on Dropped File
(~WRD0000.doc)
e%EP]TS}=Rm-
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E'PMEh{MPkWcME}MC]E;Jh7h+YQj~frPuuN|e"QVD$tV<QY^j~fPuuN)EejF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E)EE C(EP[xuAjEVC0PMCUH]E]E]PE CHfKIVVUREEj}1E \$E }1\$ET$$PQ~7EWdu9uuuVVuuuuuuuuuu39u_3^[U(SVWuEF3;};UR]]PQFURPQEt'9] u"MWQuMuSuQwMQMWQuuSuuw7uvVP 3;ZF;9XEt!u uuuuuuYuM_F(E^xP]EjESF0PMEFH]E]E]E]PFHgNISSUREEj}1}\$E}1\$ET$$PQM~uuu3@Xun9tE9] u"EtSuuuuuu u uuuuuuu3_^[USVW}3;u3F;tN9^uF0Pt3vvDv@+5F;NE9]^$tG+F G+G9N ESQF;~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E*GE`B:}9 M$9 9 0 9 : ]<+t0 <-t& `}0 u0 uu&M`B:t<9}sE*GM`B:}*0 u<! nj~J0 M` 1 wj! +t HHt& ;j MjY@jo0 u`B:t,1<vJ(` 1 v:} tG+J0 MtHHt9 }9 E0 jX9Ev }|EOE0 E} Yj
Ansi based on Dropped File
(~WRD0000.doc)
E*GEB:}M$:]<+t<-t`}uuu&MB:t<9}sE*GMB:}*u<njJM1wj+t HHt;jMjY@jouB:t,1<vJ(1v:} tG+JMtHHt}EjX9Ev}|EOEE}Yj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E,EEEEPjhEEEEEPCv0vvP`jP'+j@,@*39]-;u!@;tuMem]+;E]~Gu?t.MQ,uPFPMEtMEt"EE;E|MM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E0:+_L.X)AzT&.*\ !R8 C ;H MS Shell Dlg PMv7 OKPj
Ansi based on Dropped File
(~WRD0000.doc)
E0:+_L.X)AzT&.*\!R8C;HMS Shell Dlg PMv7OKPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E1F9 F0 E9Uu9 M9 0 9 `9 O9 0 Mw; 0 UE}~M9 W#U9 M#Elf0f9v9 Mm9 EFMf}0 E0 M}f}|Q9 W#U9 M#E[lfv1F` ft Fu0H;Et` 9u :@}~uj0V u9 E 8u9 }4 $p9 9 WFk3%#+ESYx;r+F
Ansi based on Dropped File
(~WRD0000.doc)
E1FFE9UuMOMw;UE}~MW#UM#Elf0f9vMmEFMf}EM}f}|QW#UM#E[lfv1FftFu0H;Et9u:@}~uj0VuE8u}4$pWFk3%#+ESYx;r+F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E339uu9u D|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E3SVu3W3]]t2uKShjSjhuu3}]EjSSW`Ej s}Yt#}tEFEF^F^^*EFEF~^^:tjSSW`FE_^[Vt$u^~tvXVlzY3^D$8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E4#OkkkkkkkWJVTL!?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
E8E,++E4jE<jE0PuDTE0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E9 M0 3uU9 QVEPu9 uYY& u!EPuYY& u9 M9 U0
Ansi based on Dropped File
(~WRD0000.doc)
e9 u;5lw"jx}YeV Y0 EE9 EjsY9 U9 V9 u! SW9 =$ =4uVjNThAYY|u& t9 3@PuVSY& u& uFVj549 & u.j^9Stu7Y& t9 u{PR0 0IR0 0_9 [V7Y5R3^]hd59 D$0 l$l$+SVW 1E3P0 eu9 EE0 EEd9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
E9E(}E(ELtMEXt8}tuu }tu jMEP4MEE0EeMEME3FMjh|kuMEM<EtE{cThh3uu3}uuuuVEPEPEPEPEPVjhujh;EPVVju;uj@};EPWVju;GlGpGXG\VTPhVjuE;tRuVVVVjP|;t<PJYE;t+SPVVjuxtuuoYYuEEE3}];tSt9utuY;tW;tSt9ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E9tFEE^[UQQSV3]9^t=FWUR]PQShjZWPuWE_F;t@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;8X;E;|E[j@j YYtVM *@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;Eu3MM.Lt$jhKu3N,}\ONDEDfj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;Eu3MM]MjhvLuft\MeMEPuMuEutuMzt3MEMMLjUhKut=MXeEPuMuuNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tF3@j d}tuuu81<u3Mk;eEPuu?uMMfDMEPMEu^jhx1MJEPEPuuER@EMu&D3MEMMCECMH;PjVt$jt$jt$ 6tF3^UE$Vt3MtI3u,Eu(Pu E \$E\$E\$E\$@\$@\$@\$$Q6'tF3^](VD$tVZY^j|={tMY:PhMeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tjE9]|WSW_^[jA33q(fE}9>uA$VPQ0tEua6MQWVP;u}EURP}QdhMcu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tRU$3EEMSVuWP3WWWWQEPEPM3q Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E=?sJMsB;r6PY;t)UEPWV}EH53_^[U0SV5W33;u.;t0#Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
e?E~SSV9 E9 @9 @9 p& ~39 E0 E9 Mq9 P9 GEP_& u
Ansi based on Dropped File
(~WRD0000.doc)
e?E~SSVE@@p~3EEMqPGEP_u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E@PMGPML>PSMd`& t}@u9 MpE0P!M EMLEM0E E`9 E`;EHRM\E=MdE#MEaMEUMEIME=M0 }29 Md0
Ansi based on Dropped File
(~WRD0000.doc)
E@PMGPML>PSMdt}@uMpE0P!M EMLEM0EE`E`;EHM\E=MdE#MEaMEUMEIME=M}2Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E];vnu,B;tSj-&YM];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E]EP Y& t
Ansi based on Dropped File
(~WRD0000.doc)
E_n1u_anJ
Ansi based on Image Processing
(screen_9.png)
E`9Uu3fE9UM3E}TM;kf9r}M]K
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
e`Z9 u9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
EaflfpLj :Kuh@MEfM\feNM,eE~[uMhat?EP7^jtMtPj7PW2LYMju9aEE;E|E~PpbMtPeEPEPbujPE`NtEeNPEeEkMMn`hKj:J@VMe\tt}tMMe3RMMeuvhVMPeuMG$3MMLetPJjiIh@MeM=\MteeuukJjiIh@MdM=\MtddjCYMPe4JUQh@MmdM\xd`j;IEHtwHtRHt0HhBYME:jdBYMEts4nhBYMEtQ\PL~tYhBYMEt)v!hjBYMetX3MtPu2YYHVdD$tVIY^V6D$tVHY^D$VtVHY^jE;Gu^@,^3N\}^NxE^ME~~~,MEMF$N\F(j~~0~4~8PjPNxjPM~~<~EGUVq\/~HEP`^eMtjPMtjEPEPt^ujP^UQeS]EPS\ftFMt?VW+tNu1}t*7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EB m_WM_ALERT_BROADCAST
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_BROADCAST_ALERT_IS_APP_EXISTS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_BROADCAST_OPEN_APP_FROM_ALERT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_BROADCAST_RELEASE_ALL_ALERTS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_MESAGE_FROM_STATIC_BUTTON
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_MESAGE_FROM_SYSTEM_TRAY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_MESAGE_FROM_VIEW_RECENT_WINDOW
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB_TB_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB_TimeStamp=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EDP9 MDEk,& M*EP9 0 exWhE
Ansi based on Dropped File
(~WRD0000.doc)
EDPMDEk,M*EPexWhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EdR9 & uMEKMM9 hh 9 " & t$MQ9 9 MPE@ME9 M
Ansi based on Dropped File
(~WRD0000.doc)
EduMEKMMhht$MQMPE@MEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EE+EMuPs|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEEES]W=t)PSEEEt<~|tPSu=m9EtEEEEhEPtPfPStuS_[^j`U;E+EMPE+EPv}3WujWEEu9slt$PEEPWus|EuP;t@9s|t#9uu9tEVPWM<EVPWMd;uA9uu9s|t)VVEP;t&EVPWM1;u9sluE+Luuuu}uWuWMMuE:Ul$3ElExSVWEE|jEE=PujEEjPbDtBhEjP>DjdEPvt<EPhEPVEhEP*P PuuuuEMMEMl_^3[53pUVjEPtEEtE+EEEMMEtE+EEEMMjEPA^UQQeeVEPEPuEuEui^UQQVEPEPuuu?^3HHHHV~uPjP^V~uPFt>W=jjPFuvuPjvv_fF^AuPAuPUVtEW}WuvuuWttVtV_^]3@VW|$VjW~3_@^3@3@3@3@D$AA3+t8HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEEPSYYt"MxEEPSYYtE39]fD~HH_^[UuuuuuhR}]UWVuM};v;r=tWV;^_u^_]ur*$r$$$(#FGFGr$I#FGr$#r$Ixph`XPHDDDDDDDDDDDDDD$E^_E^_FGE^_IFGFGE^_t1|9u$r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EeH}fvM$;uj+t&-t!;tCpE~;`j+jyHfLM$;O;^UG}#f9w"}sME*EEf;sM$;H+n-eC}}}u2Mf;t!f9w }sEM*EMf;s}fAjeJMHfwjO+t +tjQMjYj>}f;tfv+(Hfvf;} t@+JMt+t}EjX9Evs}|EEEHEaj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEPvMMTVQ}0^0V}@Ul$3j(co$ E(E3VPf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EE}}}};tptWp0MMUR}P@jEWPEG9hLBYEE;t3ejh|Es4sjpu3VVPLjejhbVVjjpPu3URPPEPEPEM;M|E;tptWp0MMUREPDjEWPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EFjHVEM]u3@5MtEesu}jspMC$3<CjEjEPMu}u39XtZM;jhxME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY*EeE@jPEYEY#+}u]}vrGGuPFPSjj*u_wCtM3VjVVt$L$e3jjVW|$v9~s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY*EeE@jPEYEY)}u]}vrGGuPFPSjjFu_wM3Vj!VVwUQVW}9~sRF+;EsE}vPNSVr]Ur]+PUUBPE+QxPF+P[_^jk}uvu'3j[OMmU;s+;w4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY9 *9 E0 e0 E@jPE& Y0 EY)9 }9 u9 ]}vr9 GGuPFPSjj9 Fu9 0 _0 w}9 M3Vj!VVw U9 QVW9 }9 9~sR9 F+;Es0 E}vP9 NSVr9 0 ]0 Ur9 9 ]+P0 U9 UBP9 E+QxP9 F+P9 [_9 ^jk 9 0 }9 uv9 u'3j9 [9 O0 Mm9 U;s+;w4
Ansi based on Dropped File
(~WRD0000.doc)
eFjPYY9 *9 E0 e0 E@jPEY0 EY#+9 }9 u9 ]}vr9 GGuPFPSjj9 *u9 0 _0 wCt9 M3VjVV" t$9 L$e3& S`jj VW9 |$9 v" 9~s
Ansi based on Dropped File
(~WRD0000.doc)
EG EGEFE+VNW4CWssPCPIW4EEFEG EGEG0;s+HG,+}Et3}DEnCCCC&}EMeMEEEC9Er4#EKHmE@)EEMu@CvMtK@CW@uKHCA -}EMeMEEEC9Er4#EKCm)ECCCC&}{EMeMEEEC9Er4#EKHmE@)EMtCACb@3CA}EMeMEEEC9Er4#EKCm)EO(+CE;sG,+EEEE;G(rE{u}G,;uG0O(;t;s+HG,+uXuW4VWW4EG0;s+HG,+O,E;uO(G0;t;s+H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ehhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Ehhhhhhhhhh@T#*
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EHY]E P]UE8;r=w`+PY] P]UME}`QY] P]UVuFttvBZf3YFF^]U(SVuW3E}}}FFf> tat8rt+wtWWWWW`93S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EI CDialogChildShadowFrame Window Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI CMovingFrame Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI CMyTitleBar Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI CWindowStyledBorder Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_ALERT_COPY_DATA_EVENT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_GENERAL_EVENT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_MESSAGE_FROM_TITLE_BAR
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_SINGLETON_EVENT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI Pop Up Window Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
eingelesen
Ansi based on Image Processing
(screen_0.png)
Ej%SuEPESejh|vSuP`MjhPMEhEPEPEZYYMEmURPPEPEPEM;M|ElSPMMjuPESejh|vjuP`MjhMEEPEPEYYYMEURPPEPEPEM;M|EljPMMDuME;~MEE;E~EEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EJG4Ec tJ+M;sEB+EBhM;sM_ ++wuB+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ejh7VjV:mjmK<jhPu3MMQEPME;tEPMgA@3;A%RQVlWEPs}w+7EPEPs9u|ujuVw7pEMGEPri3tQljp0MEME3GMMj0|%%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ejhThN8WWjN8hN8jN8POL[u1WM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eM& t3MMy%9 : MMEME7M9 PVM]M9 EMESjLaEP eM& & t3MM$9 aMaMEM9 sjuMEPVMyM9 ESMEU" j$)"!9 }u
Ansi based on Dropped File
(~WRD0000.doc)
EM3uUQVEPuuYYu!EPuYYuMU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eME ]EPMN=PMPEdME_]SEPPE0PM`; >& xPM->MhE"kxE TMP9 xTWPMhxo;t.MPbTP@9 ;thTW<;tW8VTVX9 Mt;t9 jMhEjxE\M`EMEME
Ansi based on Dropped File
(~WRD0000.doc)
eME]EPMN=PMPEdME_]SEPPE0PM`;>xPM->MhE"kxETMPxTWPMho;t.MPbTP@;thTW<;tW8VTVXMt;tjMhEjxE\M`EMEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EMf}uEMj(Q<A,fEfuMj3@fu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
empty distance tree with lengths
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
empty map
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
eMt3MMy%MMEME7MPVM]MEMEjLEPeMt3MM$MMEMsjuMEPVMyMESMEUj$)}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EMuKuW<u;PE@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Em}]3tjZttt tt#t(=t=t;ututU395}]Eyj^ttttt`#t* t@t;u@#@t-t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Enable Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EnableWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
enclosure
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EncodePointer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
encoding=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : m_pQuery==NULL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d (from SetRegEntry)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d (rc==0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d (RegDeleteKeyW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return 0 (RegOpenKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return 0x%X (status)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (GetStringFromRegistryValue failed)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegCreateKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegCreateKeyW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegEnumKeyExW returned ox%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegOpenKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegOpenKeyExW returned ox%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegQueryValueExW dwordType==REG_BINARY)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegQueryValueExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegSetValueExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (result pointer is NULL)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (wStrValue from registry is empty)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return TRUE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return_value=%d rc=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EndDialog
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EnterCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EnumChildWindows
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EP9 iuEP9 H0 E}tt9 ZPh.SjoWM4& 9 XZPhX.SjF9 0 et*W!lME5WEPM50 E& u0 e9 EPkM5ME0 bMEME529 YPh$.Sjh 0 EE& j9 jJU9 0 }MMEN& tOj9 0 eWTkE9 0 ePE?kME3E9 0 eP"kMF40 E-WEPM40 E& uE9 0 ePjM4MEIe9 } POEh9 0 GD PO$hj8tRY0 EE& t$sY0 EE& tj9 U39 M9 9 EO(0 G49 E0 G,Et)KXPh-Sj99 & tQW9 )G"XPh-SjW9 Tv$& tWj5(v$9 j9 9 MWPh-SjMM&_jaz9 0 uu"e}.W9 EV9 Eu 9 E0 ~g9 ja9 0 u. 9 E& t9 j'9 & t9 j'}E`_}E{_M9 zjb" 9 39x j8" Y0 E0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
EPEPs9 N$9 Fhj"!_9^\t+9 9 } u+Q9 _^[S9 \$VW39 ;u3: 9 S& tt$9 D$W0 F09 D$Pv(0 ^4v$9 WWh WN0 F,}&Ph 9 hWWWWjP0 F h9 9 9 R9 N8;tv,vp9 9 Pp9 9 Pl9 3@_^[y`u9 jjV9 ol& t2W9 |$tu9 9 Pl~`tjj9 ! Wv0 _^U9 QQVEP9 9 M9 U ;u; tR0 Q9 0 P R9 6^9 D$;Adu
Ansi based on Dropped File
(~WRD0000.doc)
EPEPsN$Fhj_9^\t+u+Q_^[S\$VW3;u3Stt$D$WF0D$Pv(^4v$WWhWNF,}&PhhWWWWjPFhN8;tv,vpPpPl3@_^[y`ujjVolt2W|$tuPl~`tjjWv0_^UQQVEPMU;u;tRQP6^D$;Adu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPEPw.YYME>v9 NPWWjoEPak9 NPWWjlEP`k9 NPk9 NPWWjkEPrk9 NPWWjjEPbktE9 .MEuMEuMEuM0 ]u3@U9 QQSVW9 =49 3+FT=v8EP 9 & t/9 NPjuuk9 NP9 & t9 jfP0 FT3& " _^[j7)s9 9 u& u3uj|ml~0oucj gY9 0 M30 u;tV@/3P@oV)j <Y9 0 ME& tj\/3P0 pj5(wD3@3V9 xD$tVY9 ^Ajv)9 0 u=3j
Ansi based on Dropped File
(~WRD0000.doc)
EPEPw.YYME>vNPWWjoEPkNPWWjlEPkNPkNPWWjkEPrkNPWWjjEPbktE.MEuMEuMEuM]u3@UQQSVW=43+FT=v8EPt/NPjuukNPtjfPFT3_^[j7)suu3uj|ml~0oucj gYM3u;tV@/3P@oV)j <YMEtj\/3Ppj5(wD3@3VD$tVY^Ajv)u=3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPEP}39[huEuEYEu;t3Mejh|.s4sjfu3VVPLVhVhVhVjK<jfPhYEE;t>3Mejh|ms4sjeu3VVPLVhVhVhVj_WK<jePhTYE};tZ3Mej|VejVEs4sMhu3VV>\jejhVVVVZ[h`ad[K<hPuuf50jpjpjpn=0tpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPiuEPHE}ttZPh.SjoWM4XZPhX.SjFet*W!lME5WEPM5EueEPkM5MEbMEME52YPh$.SjhEEjjJU}MMENtOjeWTkEePE?kME3EeP"kMF4E-WEPM4EuEePjM4MEIe}POEhGDPO$hj8tYEEt$sYEEtjU3MEO(G4EG,Et)KXPh-Sj9tQW)G"XPh-SjWTv$tWj5(v$jMWPh-SjMM&_jazuu"e.WEVEuE~gjau.Etj'tj'E_E{_Mzjb39j8YE];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ePLs6PEQ6PE;6$$((j1uLE,E,E{,MkzVT^Tj.xh,YM3E;th-UPjDd1DM\EP(j3hMu1MEG#PhM$MVjEPMEWM>;u;MEME+MM+Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPLWX2YEEt3WE12YEEt3WE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPM u9 E9 MPR uMVvMM9 9 E9 I0 0 H^1YVW9 w9 p{9 0 @9 g0 9 6_0 v^VW9 w9 p9 0 @9 g0 9 6_0 v^U9 QVQ0 e0 eu9 9 ^Vt$9 u49 ^4qV9 4qD$tVIY9 ^jP,0 Mh xSjB>}& x9 u& M eM ME 9 MEP9 Ey9 u0 EEP9 9 }9 Y9 M#u>hSj=MEL0 ME@0 MM40 3<EPEPEP9 & tEPEP9 r9 FVPMEPM t9 F9 VPM9 E0 E9 E0 E9 FVPMEPM t
Ansi based on Dropped File
(~WRD0000.doc)
EPME9 EE& t9 3Pjs09 9 & t49 9 uSP$9 E9 UR9 uSPQH9 9 SPEP9 ME& t9 E9 PQ9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
EPMEEEt3Pjs0t4uSP$EURuSPQHSPEPMEtEPQEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEM03F<|$u3jt$tL$t3@US3W9]u3MVSSjSjhuut*;t&EPVE;tE;uVX3^_[E@PE3]sY;uuuSVSEPuV=9]tE}9]u$EPVYY;tu>SPwSEPu>PuhuuXuMV>5V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEME%uTuXSh 6w6M]: MMyj,&y9 MaeME.& t`PvM1>MMFyhx0 M39Y(& MM0 ]b; ,TSSSjj,Ev,; & j9 0 M;tq`Y3;0 E~S9 MWP}9 ;t>VM";t1SM9 EpFjP$VMEhME(G;}|SyYPMl,]MM@xjH@w9 9 M3;tj9 ;t_MM0 ]~VMECM;t$;tSMSjdwwM]uMMxjk8w9 utj >qYY9 0 Me& tj3Pj5(vwj,&vM:9 Me!& uuMu9 M& uuMuMMnwj .! v9 M33;u3 M9 0 u& }S9 MV~& MQ9 / PME! MEM1hTM& t@h@Mk& t*hDRMU& thM?& tF;RdMM|9 vj|xu9 9 M& i9 & ZEP9 }ehM& *h9 P9 Y& & x0 EPxEh`REP9 E& hEP9 E& EPEPEP9 Etohx9 w & t_MhEP9 E: }EPj nYY0 EE& tj9 #3Pj5(wME1ME%MEME
Ansi based on Dropped File
(~WRD0000.doc)
EPMEME%uTuXSh6w6M]MMyj,&yMaeME.tPvM1>MMFyhxM39Y(MM]b;,TSSSjj,Ev,;jM;tqY3;E~SMWP;t>VM";t1SMEpFjP$VMEhME(G;}|SyYPMl,]MM@xjH@wM3;tj;t_MM]VMECM;t$;tSMSjdwwM]uMMxjk8wutj >qYYMetj3Pj5(vwj,&vM:Me!uuMuMuuMuMMnwj .vM33;u3 MuMV~MQ/PMEMEM1hTMt@h@Mkt*hDMUthM?tF;dMM|vj|uMiZEP}ehM*hPYxEPxEh`EPEhEPEEPEPEPEtohxwt_MhEPE}EPj nYYEEtj#3Pj5(wME1ME%MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEq>PM E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEuM9 ]; ww6M3ME0 E;uSh'yj5MR
Ansi based on Dropped File
(~WRD0000.doc)
EPMEuM];ww6M3MEE;uSh'yj5MR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEX& t!SEXPE09 0 e\P0 }X]M`l(ME_TMEST@E2M0E8TEPMSE9 0 e\PEm]M`E'EPMjSE9 0 e\PEC]M`'EDPMMTE
Ansi based on Dropped File
(~WRD0000.doc)
EPMEXt!SEXPE0e\P}X]M`l(ME_TMEST@E2M0E8TEPMSEe\PEm]M`E'EPMjSEe\PEC]M`'EDPMMTE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMuEMPuMVvMMEIH^1YVWwp{@g6_v^VWwp@g6_v^UQVQeeu^Vt$u4^4qV4qD$tVIY^jP,MhSjB>}uMeMMEMEPEyuEEP}YM#u>hSj=MELME@MM43<EPEPEPtEPEPrFVPMEPMtFVPMEEEEFVPMEPMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPPPEPu0MMMq43'0U9 VStVu|YY& t8Vu|YY& t)9 EH& t39 U0
Ansi based on Dropped File
(~WRD0000.doc)
EPPPEPu0MMMq43'0UVtVu|YYt8Vu|YYt)EHt3U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPQuVt$jh2(t(jh2(tjh2r(t3^3@^|$t|$t33@V3uhhLtjPhlt,PQ^|3@3tPQu!!V2^2=tVD$tVY^jaeeeEPhLtjjhlt,EtMtPQ3'URuPQMEuutPQVt$PxP^Ul$3je3];t$t29th'jh@SP<}h8ESP]k"PMuE];t3<VQPR;]URh<tPEE;t?UR<PQ;|;uEUR@PQ;|;t@E];tPQ;|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Epu\M`h*jEPEXE;tPQME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPv0 EY3} 9Euj 9EtPY30 Et
Ansi based on Dropped File
(~WRD0000.doc)
EPvEY3}9Euj9EtPY3Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPWWuEPME0 }9 E9 M0 MMEMEsEPu9 Lu9 EWWMQu0 E9 9 Ppuu9 u9 u9 [HtCtCtuuMMHR3! EjyVD9 0 u,
Ansi based on Dropped File
(~WRD0000.doc)
EPWWuEPME}EMMMEMEsEPuLuEWWMQuEPpuuuu[HtCtCtuuMMHR3EjyVDu,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPY9 M39 U9 4 30 E9 E9 M0 E9 ES0 E9 V0 E9 EW30 M0 }0 };E _9 5MQP9 & t^}uXEPu& tK}uE9 uEuu~9 YF;~[wSD6=w/?9 ;t8-WWuuju9 ;u3PHY;t0 E0 }9}t6PWuvVuuuju& t9 ];tWWuSVuWu & t`0 ][9 9}uWWWWVuWu9 ;t<VjGYY0 E;t+WWVPVuWu;uuY0 }}t9 M0 uY9 Ee_^[9 M3<jhF)30 ]j~ Y0 ]j_0 };=`}W9 P9tD9 @tPYtE|(P9 P P4YP0 G~E9 Ej? Y9 U9 }u3]9 U9 MMtf& tf;uAABB
Ansi based on Dropped File
(~WRD0000.doc)
EPYM3U43EEMEESEVEEW3M}};E_5MQPt^}uXEPutK}uEuEuu~YF;~[wSD6=w/?;t8-WWuuju;u3PHY;tE}9}t6PWuvVuuujut];tWWuSVuWut`][9}uWWWWVuWu;t<VjGYYE;t+WWVPVuWu;uuY}}tMuYEe_^[M3<jhF)3]jY]j_};=`}WP9tD@tPYtE|(P PP4YPGEEj?YU}u3]UMMtftf;uAABB
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EQPx3;~Bj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Error finding notification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Error retrieving notification id
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ERROR_REPLY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ErrorCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ESP9 aMEM03F<9 |$u3jt$St9 L$& t0 3@U9 S3W9 9]u3MVSSjSjh u9 0 ut*;t&EPV9 0 E;t9 E;uVX3^_[0 E@P0 E30 ]s9 Y;uuuSVSEPuV=9]tE}9]u$9 EPV9 YY;tu>SPwSEPu>Puh& uuXu9 MV>& 5V
Ansi based on Dropped File
(~WRD0000.doc)
Et3Wh,VPMM"hVj3j4=N]uMPh|Vj39{uh<Vj3ME}uME;uhVjNMEM93fMPMFlCWPECWPCURuPf}tetPhh|jeEPMEMHM5/jMEi5Ph`h|jeME/M#]39u9uMMEMhEPE$PM;t6EPjEP?E;t29ut-eu)9h4h|jME[ MMu39uh h|PE1jBJueNfffjkNuFEtPYfNEM}D$VW|$wWJYPF5YFt39Fv8N@;Fr_^UQW39=@t3S]VPPuuh(VjbEPEPWh?WWWuu(;tPhBRu*uDPPjh|uWuu4;tPhX3VAAQ3u$h|Vj3@^[_UQVuuhVjEPjjuu0uu$h|Vjk3@3PhVAAQL3^UQQVWuuhVj#EPj3Wu}u0;t3PhhVAAQ3:WWWWEPWWWWWWu8uu$uhDVjE_^U$` 3SVWPWVhSjEMU3E9Euh@Sj;3MQjPWV03;urhEWPEEPEPEPWuEu,;u#}tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EtVY9 ^]9 U9 V9 VEtVY9 ^]9 U9 V9 VEtVyY9 ^]9 U9 V9 uW3;u3e9}uvj^0 0WWWWW9 E9}t9urVuu0uWu9}t9us: vj"Y0 9 jX_^]9 U9 9 EVW3;tG9}uqvj^0 0WWWWW9 )9}t9EsLvj"Y0 9 Puu3_^]9 U9 9 Ef9 @@f& u+EH]9 L$t$` tNu$$9 ~3t9 A t2 t$ttA9 L$+A9 L$+A9 L$+A9 L$+9 U9 9 El]9 U9 ( 30 ESjL& jP& 0 & (& 00 & ,0 & 0 0 " 0 0 0 fR" fRfRfR& fRfRS& 9 EM& 00 & 0 9 I0 & & 0 & 8 j9 < & (P@ & u& ujtYh P 9 M3[)9 U9 5l [Y& t]jvtY]3PPPPP9 U9 9 EVWjY(V}0 E9 E_0 E^& ttE@"!EPuuu4 5$[Y& tj:ujjus9 9 P9 +B9 R& t++9 U9 Q9 @S9 XV3W9 x& v'9 9 M0 E9 ;tDQP+YY& t1F;r3_^[9 @u9 9 M;tQP*YY& tF;r9 E9 U9 9 P3& |9 9 U9 V9 p2^9 ]9 U9 9 @MS9 X3VW9 x0 M0 M0 M0 M; 9 E9 4! +E;Ev29 9 M;tQP_*YY& u9 E& uP9 E0 E9 F0 u0 E9 9 M;tQP-*YY& uuFGY;Eu
Ansi based on Dropped File
(~WRD0000.doc)
EtVY^]UVVEtVY^]UVVEtVyY^]UVuW3;u3e9}uvj^0WWWWWE9}t9urVuu0uWu9}t9usvj"YjX_^]UEVW3;tG9}uqvj^0WWWWW)9}t9EsLvj"YPuu3_^]UEf@@fu+EH]L$t$tNu$$~3tAt2t$ttAL$+AL$+AL$+AL$+UEl]U(3ESjLjP(0,ffffffEM0I8j<(P@uujtYhPM3[)U5l[Yt]jvtY]3PPPPPU EVWjY(V}EE_E^ttE@EPuuu45$[Ytj:ujjusP+BRt++UQ@SXV3Wxv'ME;tDQP+YYt1F;r3_^[@uM;tQP*YYtF;rEUP3|UVp2^]U@MSX3VWxMMMM;E4+E;Ev2M;tQP_*YYuEuPEEFuEM;tQP-*YYuuFGY;Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eu uvHMXB 9;5SM]=];9 ~ Z] TR7a9 Z9 %]0 g" '] nL: `R`%u?q=
Ansi based on Dropped File
(~WRD0000.doc)
eu;5lw"jxYeVYEEEjsYUVuSW=$=4uVjNThAYY|ut3@PuVSYuuFVj54u.j^9tu7Ytu{PR0IR0_[V7Y5R3^]hd5D$l$l$+SVW1E3PeuEEEEdMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EURPQ EPQ}uuEUeVWwFwt9EP6f}u9}t3uueEPMVE_^Mjh|?jA5;Ew(39uG$VPQ06MQu]VP;|mE;tf]URP]Qd;|@h$M>t/jP/YME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
euuvHMXB9;5SM]=];Z] T7aZ%]g']nL R`%u?q=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EVP>YYM_^3[39 A@tyt$IxQPYYuUVMEM>t}^]UG@SVt2u,E+M}C>u&8*u?d}^[]Ux3ES]Vu3W}u%u53PPPPP@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EVPx>YY9 M_^3[ 39 9 A@tyt$Ix9 QPxYYu9 U9 V9 9 M`EM>t}^]9 U9 G@SV9 9 t2u,9 E+`M9 }C>u&& 8*u9 ?d}^[]9 U9 x 30 ES9 ]V9 u3W9 }u0 0 0 & 0 & 0 & 0 & 0 & 0 & 0 & %& u5~ 3PPPPP@ t
Ansi based on Dropped File
(~WRD0000.doc)
EwW[M_3^:r0uU S39]u `SSSSS(VuW};t!;u0SSSSS'jE;w}uEuEBuuPuUE;t4;|"MxEEPSYYtE39]\>HH_^[US39]uSSSSS;'[Vu;t9]w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EwWM_^3[$z*>Ut3ES]VWu}fU#]EEEEEEEEEEEE?EMftC-C u}fu/u+u'3f;$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ExB0T\E#<~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ExB0T\E#R<~}
Ansi based on Dropped File
(~WRD0000.doc)
EXCELFiles
Unicode based on Runtime Data
(WINWORD.EXE
)
exception caught.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Exception caught. memory size is %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Exception was throw while downloading [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ExcludeClipRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
execCommand
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EXEtEHEtEHEtEHEtEHEuE3H1HE3H1HE3H1HE3H1HE3H#1HvtMItMItMItMI tEX#t5=t"=t;u)E!EEE #t =t;u"E EEEM31EX 9} E}t&` EEXEX`E``EXP4H H EEXEX`EH`H`EXPOEPSju4MAt&At&At&At&Yt&3+t/HtHtHu( %
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Exit : wStrServer and wStrForm are empty
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
exit [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ExitProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ExitThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ExpirationTimeSec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Extensions
Unicode based on Runtime Data
(WINWORD.EXE
)
E}9}urE lTtXtCHt/tuCE9}u:eE09}u%UEut3FFf;9}FFf> tjVh^lS`j XFFf9tf>=GFFf9tjh^V]Ou
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E~,P9 9]tu0 ]EPEP9 ~& uEP9 aEPEP9 Z9 =h 9]tuEPEP}5& uE}P@~
Ansi based on Dropped File
(~WRD0000.doc)
E~,P9]tu]EPEP~uEPaEPEPZ=h9]tuEPEP5uEP@~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E~<9 Ejh|9 ME`REP9 E}9 j%9 Pe9 & ~.9 ju9 0 E}P9 E9 E9 S9E|9 M30 ^8`& }! 9 MS{}P9 & tIM~& uRj=Y0 EE& tMQ9 /9 3jMEx}WN$9 MS}PM9 MC;RyM~& u;jY0 EE& tMQ9 }9 3jME}WN$!ME@& MM4& 9 <V9 N$! 9 L$;~t$0 N89 z3^j|_A,9 eM{EPu9 E& u$3ME MM 9 u~$9 D& t9 j9 E9 0 ePEPxMSE9 ue9 & }M/{EPxEjY9 0 ME& tEPu3PV9 EF}t8C9E}0jEY9 0 ME& tEP73PV9 EFMEE9]R_xE" 3FVjXt$9 f0 0 F& u9D$t
Ansi based on Dropped File
(~WRD0000.doc)
E~<Ejh|ME`EPEj%Pe~.juE}PEE9E|M3^8MS{}PtIM~uRj=YEEtMQ/3jMEx}WN$MS}PMMC;yM~u;jYEEtMQ3jME}WN$!ME@MM4<VN$L$;~t$N8z3^j|_A,eM{EPuEu$3MEMMu~$DtjEePEPxMEueM/{EPxEjYMEtEPu3PVEF}t8C9E}0jEYMEtEP73PVEFMEE9]_xE3FVjXt$fFu9D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F 9^$u$j0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
F :t@ OR2X5k`sPQq}`!";5#NS(sh6.uR:(RSx! SMu0
Ansi based on Dropped File
(~WRD0000.doc)
F T>0 ~(9~$uF$d>jjv(V 0 F;uj0 x9 F0 x9 F@9 F@9 F9 @h %B=PV49 N0 A9 FV9xu'YY3_^U9 Q9 Ettt
Ansi based on Dropped File
(~WRD0000.doc)
F T>~(9~$uF$d>jjv(V F;ujxFxF@F@F@h%B=PV4NAFV9xu'YY3_^UQEttt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F"tf 9 N0 0 F9 FfeSj[0 Fu, ;t @;u
Ansi based on Dropped File
(~WRD0000.doc)
F"tfNFFfeSj[Fu, ;t@;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F$9 hHWj
Ansi based on Dropped File
(~WRD0000.doc)
F$9^(uOjD
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
f& tf;t+ }t9 Map_^[9 U9 V3W95Tu39u 9 };uo\VVVVV`9 U;tfArfZw fArfZw GGBBMt
Ansi based on Dropped File
(~WRD0000.doc)
f& uW;t0+9 W& VPh3f0 =& PSo3f0 & & tS& WPpcV& WP& P _uj& PX 9 M^3[NU$,T 30 & S9 VW9 t$ 99 F9 ;tEt6<Y9 N;x};x}P6Y9 9x|<PdYY0 ~EPS69 & 6NY }t3& ~
Ansi based on Dropped File
(~WRD0000.doc)
f0 @@BBf;t&Ku!
Ansi based on Dropped File
(~WRD0000.doc)
f0 @@BBf;tKtMu9}u3f0 ;& t3}u9 MjPf0 DNX^f0 Vj"Y0 9 d9 U9 VWuM9 E9 u3;t0 0;u,rVWWWWW }t9 E`p39}t}|}$9 MS`0 }~~EPjP-9 M9 B& t`G -uM +u`G9 E& RK B$9& u* 0tE
Ansi based on Dropped File
(~WRD0000.doc)
f0 CCC0S3@f;& x3@f0 ;u& t@uhtqQf& tu& u;hlq
Ansi based on Dropped File
(~WRD0000.doc)
f0 F3f0 F9 j
Ansi based on Dropped File
(~WRD0000.doc)
f0 V3f0 V"!j
Ansi based on Dropped File
(~WRD0000.doc)
f0.hMH9 T$B9 J3e\hM%9 T$B9 J3e9 `3egM9 T$B9 J3 e9 `3`egMM9 T$B9 J3_e gM9 T$B9 J3<e]gM 9 T$B9 J3e@:gMT9 T$B9 J3dlg9 M:9 M&9 M$9 M49 MH9 MX9 T$B9 J3Sdf9 M99 T$B9 J3ydaf9 M99 MujY9 T$B9 J3Ad( bf9 Mj99 Mq9 T$B9 J3d\ 4f9 M=9 M,9 Mhy`9 M9 M9 MO`9 MP9 M `9 M%`9 Mn9 MD`9 M|0 9 M9 T$B9 J3Nc oeM0 uiY9 T$B9 J3!c!BeuiY9 T$B9 J3bH!euxiYM-M%9 T$B9 J3b !dM9 T$B9 J3b!du iYuiY9 T$B9 J3ub! d9 Mx9 M,=9 Mh9 M$9 M9 M9 MP9 M 9 M! 9 M9 MDk9 M|]9 MA 9 M3 9 T$B9 J3a"cM(MMG9 T$B9 J3oa9 J3ea" cM(MM9 M9 T$B9 J3*a"Kc9 ML,9 M$Z9 M4O9 MA9 M39 T$B9 J3`#b9 M+9 M$9 M49 M9 M9 M9 T$B9 J3r`h# bM9 T$B9 J3O`#pbufY9 T$B9 J3*`#KbM.s9 T$B9 J3`$(b9 M!9 T$B9 J3_H$bM,9 T$B9 J3_t$aM$2fY9 T$B9 `3}_9 J3 _$aMM9 MM9 T$B9 J3I_$ja9 M 9 T$B9 J3&_%GaM,aMY9 T$B9 J3^L%aMq9 T$B9 J3^x%`Mq9 T$B9 J3^%`M d9 T$B9 J3 ^%`M qMM9 T$B9 J3_^& `9 M)9 M<9 ML 9 M\y9 Mk9 M]9 T$B9 J3]0& `M,:9 T$B9 J3]R&_M9 T$B9 J3]&_Mhx9 T$B9 J 3 ]&_9 M)#9 MMq9 T$B9 J3]] '~_9 M"9 M`9 T$B9 J3,]T'M_M0p9 T$B9 J3] '*_MD9 T$B9 J3\'_M!M9 T$B9 J3\'^MM2MMM9 T$B9 J3x\("!^M\9 T$B9 J3U\X(v^MTMM 9 T$B9 J3"\ (C^M]M,2MMM: M=M59 T$B9 J3[(]Mf2M
Ansi based on Dropped File
(~WRD0000.doc)
f0.hMHT$BJ3e\hM%T$BJ3e3egMT$BJ3e3egMMT$BJ3_egMT$BJ3<e]gMT$BJ3e@:gMTT$BJ3dlgM:M&M$M4MHMXT$BJ3dfM9T$BJ3ydfM9MujYT$BJ3Ad( bfMj9MqT$BJ3d\ 4fM=M,MhyMMMOMPMM%MnMDM|MT$BJ3Nc oeMuiYT$BJ3!c!BeuiYT$BJ3bH!euxiYM-M%T$BJ3b!dMT$BJ3b!du iYuiYT$BJ3ub!dMM,=MhM$MMMPMMMMDkM|]MAM3T$BJ3a"cM(MMGT$BJ3oaJ3ea"cM(MMMT$BJ3*a"KcML,M$ZM4OMAM3T$BJ3`#bM+M$M4MMMT$BJ3r`h#bMT$BJ3O`#pbufYT$BJ3*`#KbM.sT$BJ3`$(bM!T$BJ3_H$bM,T$BJ3_t$aM$2fYT$B3_J3_$aMMMMT$BJ3I_$jaMT$BJ3&_%GaM,aMYT$BJ3^L%aMqT$BJ3^x%`MqT$BJ3^%`MdT$BJ3^%`MqMMT$BJ3_^&`M)M<MLM\yMkM]T$BJ3]0& `M,:T$BJ3]&_MT$BJ3]&_MhT$BJ3]&_M)#MMqT$BJ3]] '~_M"MT$BJ3,]T'M_M0pT$BJ3]'*_MDT$BJ3\'_M!MT$BJ3\'^MM2MMMT$BJ3x\(^M\T$BJ3U\X(v^MTMMT$BJ3"\(C^M]M,2MMMM=M5T$BJ3[(]Mf2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f5fXf~fffQgggh2hUh hhieiiiijHjyjjjkFkikakkkl3lVl! llu" "
Ansi based on Dropped File
(~WRD0000.doc)
f5fXf~fffQgggh2hUhhhieiiiijHjyjjjkFkikkkkl3lVlllu""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F61 FCA;GIF89a? : x " {Sx"!: a"!!?,xpH,`hV:FC ``2xG$y (SY ! a@"
Ansi based on Dropped File
(~WRD0000.doc)
F61 FCA;GIF89a?{x!?,pH,`hV:FC`2G$y(SYa@"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F61 HA;GIF89a? a {S x"! S: x : "! !?,xpH,kac1Z y"@ aH@l
Ansi based on Dropped File
(~WRD0000.doc)
F61 HA;GIF89a?{x!?,pH,kc1Z y"@H@l
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F89^ u$jh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
f8t33@t$t$9 & t3& " I9 & t3@t$t$ YYt$9 AP9 D$p6t$9 z& t3& " I9 & t3@9 It$QYYt$@t$R@t$a@V9 W9 ~& u_^GGP<"!Y& u;~t9 F9 V9 ++BRWP_9 ^: S9 V9 s& t>W3f& t2PY& t& u9 3FFf& u& t3f0 _^9 [S_^[V9 ~t
Ansi based on Dropped File
(~WRD0000.doc)
f8t33@t$t$t3It3@t$t$YYt$APD$p6t$zt3It3@It$QYYt$@t$@t$@VW~u_^GGP<Yu;~tFV++BRWP_^SVst>W3ft2PYtu3FFfut3f_^[S_^[V~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f9 0 fttjfTtdfft^fFtXf, f[ujY9 0 ME;thM_f{& j8Y9 0 ME;t?6jY;t00 x $9 #j Y9 0 ME;t9 M9 VS9 P& t9 MW9 E9 9 j9 f]& E9 ED$V9 #tVY9 ^V9 RD$tVY9 ^V9 D$tVY9 ^V9 #D$tVY9 ^j.9 j8: Y9 0 M30 u;t 9 MV9 9 3jRN9 9 }9 & uaEP3W0 uYY;tLu9 Rf{uCj8&Y9 0 M0 u;t$9 9 MMQW9 P9 & u79 j9 3f[ujY9 0 ME;t59 K& t9 j0 s9 V9 #D$tV0 Y9 ^j/\l9 9 M 9 }0 E9r3@30 u0 u3WuYY; 79 MZ~f"uqj.Y9 0 M0 u;tA9 9 MWu9 P& 9 ~MQ9 P3@}0 Eu9 K0 E& t9 P0 s0 sMM{ #f: f[u/9u "jY9 0 ME; f{u/9u j8oY9 0 ME; e f-tof0rf9vcfttAfTt;fft5fFt/fnt
Ansi based on Dropped File
(~WRD0000.doc)
f9 ^t$0 F& uh j<_a9 0 }30 ]9@tMMEu3Mjh(M{MElEP9 EMM}m& uh(M|MVlPM|Mdm& u+hp(M|M,lPM |h9 M`|EPM}SSSS9 EkP 9 ;u83MEztMEntM]ctMMWt9
Ansi based on Dropped File
(~WRD0000.doc)
f9 Af#E0 E@uMj9 EppEPjEPEjPS& u!E }t9 E`pEM#9 U9 Qf9Eu3f9EsE9
Ansi based on Dropped File
(~WRD0000.doc)
f9fttjfTtdfft^fFtXf,f[ujYME;thM_f{j8YME;t?6jY;t0x$#j YME;tMVSPtMWE9jf]EED$V#tVY^VRD$tVY^VD$tVY^V#D$tVY^j.j8YM3u;tMV3jRN}uaEP3WuYY;tLuRf{uCj8&YMu;t$MMQWPu7j3f[ujYME;t5KtjsV#D$tVY^j/\lM}E9r3@3uu3WuYY;7MZ~f"uqj.YMu;tAMWuP~MQP3@}EuKEtPssMM{#f:f[u/9u"jYME;f{u/9uj8oYME;ef-tof0rf9vcfttAfTt;fft5fFt/fnt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F:t@O2X5k`sPQq}`!";5#N(sh6.u:(RxSMu0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f; " 09 f;rf; v]9 U9 uMVE9 M`U Tu}t9 M9 0 A#E3& t3@ }t9 Map9 U9 jjuja]9 U9 30 ESV3W9 9u8SS3GWhhS& t0 =Pxu
Ansi based on Dropped File
(~WRD0000.doc)
f; 9 f;r+
Ansi based on Dropped File
(~WRD0000.doc)
f; 9 f;rs
Ansi based on Dropped File
(~WRD0000.doc)
f; ef9 f;
Ansi based on Dropped File
(~WRD0000.doc)
f; P9 f; 9
Ansi based on Dropped File
(~WRD0000.doc)
f; P9 f;r]*f; @9 f;rC
Ansi based on Dropped File
(~WRD0000.doc)
f;0f;rf;v]UuMVEMUTu}tMA#E3t3@}tMapUjjuj]U3ESV3W9u8SS3GWhhSt=Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F;7|judYYh WM7h DEP9 ucsm9>& ~& ~9 F;t=! t=" & e9 } EPEPuu W! 9 9 E;E 9 E9;G|9 G0 E9 G0 E& ~l9 F9 @X9 0 E& ~#v9 Pu0 E& uM9EME}(u$9 ]u EuuuuV9 uK9 uE]9 } }t
Ansi based on Dropped File
(~WRD0000.doc)
F;7|judYYhWM7hDEPucsm9>~~F;t=!t="e}EPEPuu WE;EE9;G|GEGE~lF@XE~#vPuEuM9EME}(u$]u EuuuuVuKuE]}}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F;Eu3GEWWWjPvHd;t~}uWYFEFtPhF^u3MWjPNXFXFN@HF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;f;f;! " ?f;w30 u0 u0 u3f;uGEu9uu9uu3f0 Ef;uG@u9pu90t!uuE9 M9 U0 U& ~UL
Ansi based on Dropped File
(~WRD0000.doc)
f;f;f;?f;w3uuu3f;uGEu9uu9uu3fEf;uG@u9pu90t!uuEMUU~UL
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;Pf;r]*f;@f;rC
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;r9 f; C
Ansi based on Dropped File
(~WRD0000.doc)
f;rf9 f; [
Ansi based on Dropped File
(~WRD0000.doc)
f;s+]9 f; s
Ansi based on Dropped File
(~WRD0000.doc)
f;tf;t+Vuuuw_^]9 U9 9 UV9 uWf& tBBFF+t_^& }]~3@]9 U9 SVuM
Ansi based on Dropped File
(~WRD0000.doc)
f;tf;t+Vuuuw_^]UUVuWftBBFF+t_^}]~3@]USVuM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F=7!!3FCA;GIF89ax0 | ]lr9 r }x! p ia ~" v`B0 St~q}WmV gT x{u " pQ a p{R g s " !x, x & ! 0 5We
Ansi based on Dropped File
(~WRD0000.doc)
F=7!!3FCA;GIF89ax|]lrr}xpi~v`Btq}WmVgT{upQp{Rgs!x,x5We
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F=7!!3HA;GIF89a? : x " {Sx"!: a"!!?,xpH,; cYUD ND )|> vc2<Ng!X 0 40?y9 0?-9 >6?4)?#?8
Ansi based on Dropped File
(~WRD0000.doc)
F=7!!3HA;GIF89a?{x!?,pH,;cYUD ND)|>vc2<Ng!X40?y0?->6?4)?#?8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f@@BBf;t&Ku!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f@@BBf;tKtMu9}u3f;t3}uMjPfDNX^fVj"YdUVWuMEu3;t0;u,rVWWWWW}tE`p39}t}|}$MS}~~EPjP-MBtG-uM+uGEKB$9u*0tE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F@u^VLYtt9 9 9 A$u tt9 9 @$ & g3; ]`0 & 0 & 0 & 0 & " P
Ansi based on Dropped File
(~WRD0000.doc)
F@u^VLYttA$utt@$g3;]P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f^t$Fuhj<_}3]9@tMMEu3Mjh(M{MElEPEMMmuh(M|MVlPM|Mdmu+hp(M|M,lPM|hM|EPM}SSSSEkP;u83MEztMEntM]ctMMWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F___'_!_at_.___11a9an
Ansi based on Image Processing
(screen_0.png)
F_rn,_,a1,v,_,r,_a_an
Ansi based on Image Processing
(screen_9.png)
fAf#EE@uMjEppEPjEPEjPSu!E}tE`pEM#UQf9Eu3f9EsE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
failed to read file
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FakeAutoUpdateInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
fallback_url
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
fCCC0S3@f;3@f;ut@uhtqQftuu;hlq
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FDICreate
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FDIDestroy
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FDIIsCabinet
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Feed id: %s, MessageId: %s last request time: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
feedItemId
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FFFPEE0Gkj7jueeEPu3ECPM]PMEM]JM-MhEP]ME"E4kjMjEPM#ueMMjjHjjueus+uE9C}Mjh|oMjh|rZMl3FGPM}EU3fpKVQQPMMEPM}E:EAjj R2Zij\7uMtjMtiSa}t*FPjEPMeP^MM}t+jFVEPMPE-MMijHjhej\j}vMV>.@PEPoM3EFPuMuE2E9iUQeVj\2Pju$E^j.+hj9bYM3E;tu+MPNhUQue}MtPjh|mEjNgeue~Mjh|6e3@EtPELhUVWOHVEPMNy_^US]V3u;uVEMW3u}E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FfxtfXtE.E}u!VO" Y& ufxtfXuGG7GG3u0 U9 V!" Yu)jAXf;wfZvFxfw1Fxfw ;EsM9]r)u;Ev"M}u$9 EOOu"}t9 }e]9 MM0 M7GGuu=t} w& u+9uv&LE"tMEjX" 0 E9 E^& t0 8Et] }t9 E`p9 E_[9 U9 3Puuu9TuhPP]B[$d$3`D$S9 9 T$t`
Ansi based on Dropped File
(~WRD0000.doc)
FfxtfXtE.E}u!VOYufxtfXuGG7GG3uUV!Yu)jAXf;wfZvFfw1Ffw ;EsM9]r)u;Ev"M}u$EOOu"}t}e]MMM7GGuu=t}wu+9uv&LE"tMEjXEE^t8Et]}tE`pE_[U3Puuu9TuhPP]B[$d$3D$ST$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ff|f%xf-tEEE8jYj<hV@=ujYhPUV5T5tt!PtP5Tt'VV0uV{YthVP<tuEE^]jYUV5T5tt!PtP5Tt'VV0uVYthWP<tuEE^]xUu5Tt]PV5Ttu5EYV5Tp^Uuu5Y]PtP5Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FHPN9 WWPMM 3@ j^^)9 uF,PM=e~Hu@ MM?9 uN9 P3|$u@ *9 L$`& tt$9 t$& %@ j,&x9 u& u@ 7f>tW *MeMd9MMf0 F3-V9 t$& u@ A~u69 f8u.& t9 3f9Q" 9 Q9 %@ W ^j,&9 u& u@ 7f>tW *M)eMwMMf0 F3V9 t$& u@ A~u69 f8u.<& t9 3f9Q" 9 Q9 & %@ W ^j,&CM ejuMWuMuXMM}3j,MNeMMM?3j,&Mu3uM0 u,;uFMM9 kj<- 9 9 FH3;tP& u+9 FH;tPWWWWWWWWWh~hW 0 FH9 ]EP9 pM0 }xG& tMMN9 9 { 0 EF(PM0 }jh aMET9 E& tuW& tjWMEPM*GWMbPMM0 EE0 EEPvHjJu& u ME=NME3G:xWMEPMFWMOE~P9 9 F9 }& t<W& t1;}t,M@M0 E1E0 EEPvHjJW& kNEPEP}& uE~P9 8EPEP9 m& tY9 }& tRW& tG;}tBh0MDPMFMM0 ED0 EEPvHjJW& MEMME& 3jLO-2h xVjK9 }& uhVj4@ shVjW M/9 e9 X9 xMiCME]CEPEPWMEY& thMD& u\MD& uPW;u6h`VjjEPEPMjj5pMdXShVjaMEKMEKMM|3jt`-9 u3;u
Ansi based on Dropped File
(~WRD0000.doc)
FHPNWWPMM3@j^^)uF,PM=e~Hu@MM?uNP3|$u@*L$tt$t$%@j,&uu@7f>tW*MeMd9MMfF3-Vt$u@A~u6f8u.t3f9QQ%@W^j,&uu@7f>tW*M)eMwMMfF3Vt$u@A~u6f8u.<t3f9QQ%@W^j,&CMejuMWuMuXMM}3j,MNeMMM?3j,&Mu3uMu,;uFMMkj<-FH3;tPu+FH;tPWWWWWWWWWhhWFH]EPpM}xGtMMN{ EF(PM}jh METEtuWtjWMEPM*GWMbPMMEEEEPvHjJuu ME=NME3G:xWMEPMFWMOE~PF}t<Wt1;}t,M@ME1EEEPvHjJWkNEPEPuE~P8EPEPmtY}tRWtG;}tBh0MDPMFMMEDEEPvHjJWMEMME3jLO-2hVjK}uhVj4@shVjWM/eXxMiCME]CEPEPWMEYthMDu\MDuPW;u6h`VjjEPEPMjj5pMdXShVjaMEKMEKMM|3jt-u3;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fI@``|p! t@ T$G@.textjfh `.rdataN l@@.dataRp*T@.rsrc}~@@.relocN`@Bjt$t$z@U9 QQ9 EHu9 EM"!MU3@U9 ,MjjM0M3U9 PMM7MEPM3M,& t)EPM2PM;M#4EPMg4VM<(3& uVMR)M&& uVM#'VVM>0EPM0 uj:PM1M3M3MT3^U9 30 E9 ES9 ]#V9 uW0 EEPh! @& & t PEPVYY& tjY& t9 9 |9 3& u 9 SuV9 9 VP9 9 M_^3[="!uVSa9 <& t9 N^39"!" U9 ,MdMSMf3Vj9 _D0 9 ^j}9 0 }D0 e9 & tem&M9 -_sUpjX
Ansi based on Dropped File
(~WRD0000.doc)
fI@``|pt@T$G@.textjfh `.rdataNl@@.dataRp*T@.rsrc~@@.relocN`@Bjt$t$z@UQQEHuEMMU3@U,MjjM0M3UPMM7MEPM3M,t)EPM2PM;M#4EPMg4VM<(3uVM)M&uVM#'VVM>0EPMuj:PM1M3M3MT3^U3EES]#VuWEEPh@tPEPVYYtjYt|3uSuVVPM_^3[=uV<tN^39U,MdMSMf3Vj_D^j}}Detem&M-_sUpjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
file error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FileDescription
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FileVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FindClose
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindFirstFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindNextFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindResourceW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindWindowExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindWindowExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindWindowW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
first navigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FirstTimeMessageDisplayed
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FirstTimeStamp
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FirstTimeStampInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
fjP1tt$N2^Vt$qjjt$t$jjD3^VNP^sV7D$tV9Y^VjjD$F8S^AV8SD$tV8Y^jf7u^@SOeNC|WEAWN8Q8j~fl7u@SeNMN8j j7739]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Fjp_uuuuv^uuuuji?uQeUM?jNT>}Wu3RjW~PFR\3;uNNM3}EPOvEtEv]}+]+}jvSWuuuj{PhPFYMMGGCC~u%j-8YEet3MFvjvSWuuujNPhFF=jhjpPXF,jPjvVv^h?zjvF3@N>U<VqSW3PPPPPvE=u/ueEPv@t%uuuuE}tF(PPut+EPv@FtMQp@33;uuE+E9N t3QjjPE+EPEE+EjjjPE+EP(#PE+EPQQEE+EPE+EPjjjjuEjuuujju}tjWuutjuvFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Fjupu5utW_[^VD$tV<Y^L$`ytAPQUQV>t4Ft
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FL0 M(uv(V$9 E(YY_[^9 D$9 D$9 D$59 D$E3U9 9 U9 SV0 E9 BW9 }9 O49 _ 9 w0 E9 G00 M;s+H9 G,+0 E9 E9 & 40 E9 E9 & 40 E9 EM9 Er9 E9 M#0 M& @& =9 4#H0 M& H `H+9 Mt0 M9 4#H0 M9 M+9 EM9 Er9 E9 M#0 MHH+-E@& ^9 M9 4#H0 MH0 M+E0 ]te9 MM9 ]E;ur9 M9 4#]mX9 E)E+9 M9 +9 _(;s\9 O,+;r9 O,+0 M9Mv$)M9 M`A@Mu9 G(`A@Mu9 ]T`9 MA@`A@m`A@Mu`A@`A@m`A@MuH`@+9 MAM0 ]}0 Mr
Ansi based on Dropped File
(~WRD0000.doc)
FLM(uv(V$E(YY_[^D$D$D$5D$E3UUSVEBW}O4_ wEG0M;s+HG,+EE4EE4EEMErEM#M @=4#HMH`H+MtM4#HMM+EMErEM#MHH+-E@^M4#HMHM+E]teMM]E;urM4#]mXE)E+M+_(;s\O,+;rO,+M9Mv$)MMA@MuG(A@Mu]TMA@A@mA@MuA@A@mA@MuH@+MAM]}Mr
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FlsGetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FlsSetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FlushFileBuffers
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
fN& : 9u jY;tN$9 D9utijY;t3 $0 p9utMj Y9 0 ME;tD9 M9 Wu9 P& t0 s9 E9 79 EM39 j9 f}uEf,ujs\?9 0 u3N(0 ]${~D9 E0 ^<0 ^@INdE9 E0 F$9 j9 EP0 ^8 0 ^`9 j\9 0 u$NdENDE.N(E` M9 _j\zqDEP9 eDu& t7j8iY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
fN9ujY;tN$D9utijY;t3$p9utMj YME;tDMWuPtsE97EM3jf}uEf,ujs\?u3N(]${~DE^<^@INdEEF$jEP^8^`j\u$NdENDE.N(E`M_j\zqDEPeDut7j8iYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FontInfoCacheW
Unicode based on Runtime Data
(WINWORD.EXE
)
ForceRemove
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FP-YV0 ^@R Y0 _|9 ^_][9 D$"!j h RP/9 U9 9 Ef9 fff0 M9 f0 E9 Ef0 Mf9 ff0 M9 f0 E3f0 EEPE?Pf0 M\ 9 E9 US9 \$3V9 N}80 0 <0 @;t"WSMt9 GWiSWP0 < _9 ^[VW9 <9 & tPRpY&@9 & tPvpY&_^SVWt$9 DSW~Ws FBf\tf/thSW(_^3[U$ 30 & S9 V9 W9 0 }R19 ;X&tPYO;x8uth0WV 3uE9 9 @0 3f0 F0 0 0 0 0 0 0 $0 (0 ,9 ;X}P+7`Y9 9X|3PPPPSQPEP7EPEPEP7 4& t
Ansi based on Dropped File
(~WRD0000.doc)
FP-YV^@RY_|^_][D$jhRP/UEffffMfEEfMfffMfE3fEEPE?PfM\EUS\$3VN8<@;t"WSMtGWiSWP<_^[VW<tPpY&@tPvpY&_^SVWt$DSW~WsFBf\tf/thSW(_^3[U$3SVW}1;X&tPYO;8uth0WV3uE@3fF $(,;X}P+7`Y9X|3PPPPSQPEP7EPEPEP74t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FPM\j]y;YEE;tju3E9^(tFj K;YEE;tjn3MPHxN(S5(E/"Pr]tSu^<tjSt_E!EjhEt1MQSjJPtjuMM[3@MM[37AjiP@FPMe[N(etN t?N$tf0MMJ[@j,&?MKueMvjj5pMMM03@@j,&?MueMjj5pMMM3@G@j,&`?M3PP5pMEaMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fR fR|fR%xfR-tS9 ES9 EE9 & S 0 & 0 & 8 jYj< hV@ =uj Yh P 9 U9 V5T 9 5t & t!P tP5T & t9 'VV0& uV{Y& thVP<& tu0 E9 E^]j! Y9 U9 V5T 9 5t & t!P tP5T & t9 'VV0& uVY& thWP<& tu0 E9 E^]x 9 U9 u5T t ]P 9 V5T t 9 & u5EY9 V5T p 9 ^9 U9 uu5Y]P tP5Y
Ansi based on Dropped File
(~WRD0000.doc)
FreeEnvironmentStringsA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FreeEnvironmentStringsW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FreeLibrary
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
From Html Dialog:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FtE9 O9 I9 9 @tE$ }t, t(uG}Yt9Eu70 }0 EFu0 uE9] }t9 E& u}t9 E& u3_^[jh@[9 u& u3 e9 9 9 9 @+u+9 H9 IuuuYYVuWuGH& tWY0 EE 30 E9EthlVMh?EP9 E9 9 3= 9 9 eehHVMh ?9 U9 V Y9 pxxY9 M0 Hx9 ^]9 T$9 L$& ti3`D$ ur=tEsW9 r1t+u9 9 9 t& t
Ansi based on Dropped File
(~WRD0000.doc)
FtEOI@tE$}t,t(uG}Yt9Eu7}EFuuE9]}tEu}tEu3_^[jh@[uu3e@+u+HIuuuYYVuWuGHtWYEE3E9EthlVMh?EPE3=eehHVMh?UVYpxxYMHx^]T$L$ti3D$ur=tEsWr1t+utt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ftf;t+}tMap_^[UV3W95Tu39u};uo\VVVVV`U;tfArfZw fArfZw GGBBMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FtvHFFFHFFtMHFFFHFH;H(FDNF@F;jX_^][FFtNHFFAFFtHFFFHFFtHFFFHFFmHFFFHFHN0j=F(FF`4`#F3@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
function myInjectedOnClickFromAlert()execCommand\")()""about:blank#EBCmd(border:solid 1px #d5d5d5background-color:#FFFFFE;pushNotificationsNotificationsCAlertHTMLDialogBrowserContainer::CallPushNotificationspushHtmlNotificationCAlertHTMLDialogBrowserContainer::CallPushHtmlNotificationcheckboxdefaultValuecheckboxTextnotificationUrlnotificationTypeintervallogoUrlnotificationTitleitemIdfeedIdalertIdinitialNotificationinstantsampleinitialpublisheronLinkNavigationCAlertHTMLDialogBrowserContainer::OnNavigationStoppedbClicked = %sh ,!bGotAlertChannelId!pAlert!pAlertItemempty mapParams errorCAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialoguiParamsCount != 4Error retrieving notification id!ParseParameters!pInstantAlertError finding notificationCAlertHTMLDialogBrowserContainer::OnApiExecCommandfirst navigationStop navigation!about:blankiframe unblockedpWebBrowser == m_pWebBrowserCAlertHTMLDialogBrowserContainer::ShouldStopNavigationinvalid map/set<T> iteratorCAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigationuiParamsCount != 2InstantAlert - no need to mark readNotification id: %sInitial notificationCAlertHTMLDialogBrowserContainer::OnApiOnMessageReadCAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigationuiParamsCount != 3SHOW_ALERTS_FROM_THIS_FEEDDONT_SHOW_ALERTS_FROM_THIS_FEED!GetNotificationIdIs check box checked: %sCAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValue0 k $ , , 0 v =0 9R0 dx0 d 0 l F% 0 xmb /O- xw: l0 8 X0 PD0 M %nv00 Z ~ ~oh~h~A0 /"! ~h~p~Yh~ ~0 W1h~h~h~h~h~h~xFh~h~ ~ ~a ~ ~ ffxO E" x &xMr d 7 aa)CAlertHTMLDialogBrowserContainer::PushNotificationsCAlertHTMLDialogBrowserContainer::AddAlertIgnored notificationsetCheckBoxValueonStartDragopenAppunblockFrameNavigationblockFrameNavigationsendUsageopenAboutDialogopenSettingsDialogonMessageReadshowMeonReadyCommunity Alerts ; `alertInfoRequestXml=alertLoginRequestXml=alertTranslationRequestXml=alertUsageRequestXml=T`Q'M>: SmmYxxms9NotificationsHtmlDialogsAppFromNotificationIdleModeAlertALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIPALLP_STR_ID_ALERT_POP_UP_WINDOW_OFALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGSALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_VIEWALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROMALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLEALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAYALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLEDALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONSALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONSALLP_STR_ID_ALERT_MAIN_MENU_ABOUTALLP_STR_ID_ALERT_MAIN_MENU_SETTINGSALLP_STR_ID_ALERT_MAIN_MENU_REFRESH 9 Thanks for adding our NotificationsNotifications bring our latest news right to your desktop!This is a sample notification.CloseofSettingsYou re about to receive a notification that looks
Ansi based on Dropped File
(~WRD0000.doc)
function myInjectedOnClickFromAlert()execCommand\")()""about:blank#EBCmd(border:solid 1px #d5d5d5background-color:#FFFFFE;pushNotificationsNotificationsCAlertHTMLDialogBrowserContainer::CallPushNotificationspushHtmlNotificationCAlertHTMLDialogBrowserContainer::CallPushHtmlNotificationcheckboxdefaultValuecheckboxTextnotificationUrlnotificationTypeintervallogoUrlnotificationTitleitemIdfeedIdalertIdinitialNotificationinstantsampleinitialpublisheronLinkNavigationCAlertHTMLDialogBrowserContainer::OnNavigationStoppedbClicked = %sh,!bGotAlertChannelId!pAlert!pAlertItemempty mapParams errorCAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialoguiParamsCount != 4Error retrieving notification id!ParseParameters!pInstantAlertError finding notificationCAlertHTMLDialogBrowserContainer::OnApiExecCommandfirst navigationStop navigation!about:blankiframe unblockedpWebBrowser == m_pWebBrowserCAlertHTMLDialogBrowserContainer::ShouldStopNavigationinvalid map/set<T> iteratorCAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigationuiParamsCount != 2InstantAlert - no need to mark readNotification id: %sInitial notificationCAlertHTMLDialogBrowserContainer::OnApiOnMessageReadCAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigationuiParamsCount != 3SHOW_ALERTS_FROM_THIS_FEEDDONT_SHOW_ALERTS_FROM_THIS_FEED!GetNotificationIdIs check box checked: %sCAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValuek$,,v=9dxdlF%xmb/O-wl8XPDM%nv0ZohhA/hpYhW1hhhhhhxFhhaffOEx&Mrd7)CAlertHTMLDialogBrowserContainer::PushNotificationsCAlertHTMLDialogBrowserContainer::AddAlertIgnored notificationsetCheckBoxValueonStartDragopenAppunblockFrameNavigationblockFrameNavigationsendUsageopenAboutDialogopenSettingsDialogonMessageReadshowMeonReadyCommunity Alerts ; alertInfoRequestXml=alertLoginRequestXml=alertTranslationRequestXml=alertUsageRequestXml=TQ'M>SmmYms9NotificationsHtmlDialogsAppFromNotificationIdleModeAlertALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIPALLP_STR_ID_ALERT_POP_UP_WINDOW_OFALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGSALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_VIEWALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROMALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLEALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAYALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLEDALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONSALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONSALLP_STR_ID_ALERT_MAIN_MENU_ABOUTALLP_STR_ID_ALERT_MAIN_MENU_SETTINGSALLP_STR_ID_ALERT_MAIN_MENU_REFRESHThanks for adding our NotificationsNotifications bring our latest news right to your desktop!This is a sample notification.CloseofSettingsYou re about to receive a notification that looks
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fuW;t0+WVPh3f=PSo3ftSWPpcVWPP_ujPXM^3[NU$,T3SVWt$9F;tEt6<YN;x};x}P6Y9x|<PdYY~EPS66NY}t3~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FU}[N,;u"F0V(;tUs+HE+M}uauEWVF4N0EF4E;s+EHEV,+UV,9UuF(;tEs+IM+U}FMeE;vME9EvEuSunvE)EE)E)FtM }peMECMrE%?FwhjPw(W F'mmfKM }eMECMrNEFVmFmF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fv& tvjv vff9 ^/
Ansi based on Dropped File
(~WRD0000.doc)
fvtvjvvff^/
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FWE,P^vMM,s{B4jVAEeEEEPE$MMB UV~tWvt<tHWt=EPv<jEPWzuEPWtujv_^D$3A$j<BQT$Q*D$3A(jLBQT$QD$3A,j\BQT$QD$;Aua|3Vjt4PhhHjF?3^UVFt5~|u/EEPEE\F|3^UVEPv@MPMjO^UVuu3}t(A8HtHtHtHuGA\Tq ijq pq q,w}t(A4HtHtHtHuAL&q;jqBqq(IA0Ht=Ht,HtHuA<ePA{'q{jq{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f}9 9 u$E& }( u(9 Eu +EVP9 E+EPu9 Eu
Ansi based on Dropped File
(~WRD0000.doc)
f}u$E}(u(Eu +EVPE+EPuEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
G-I[k,A8)gMD`* v($8TT1aE%
Ansi based on Dropped File
(~WRD0000.doc)
G-I[k,A8)gMD`*v($8TT1aE%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
G9 U9 QeV9 W9 7& uW9 7& txV9 M}H9 E_^jKY9 0 u<ENTENDE>N4E>N$E>NE>MN>j4K9 9 Me19 & u
Ansi based on Dropped File
(~WRD0000.doc)
g9 k gj^0 & ; jY;! $& P30 & 0 & 0 & 0 & 0 & 0 & t tHt4+t$HHt& VK?3 $ *u,0 9 0 & 9 & k
Ansi based on Dropped File
(~WRD0000.doc)
G;0u^G;puXCQ;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
g`IoV|f^
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GAIsProcessorFeaturePresent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GDI32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCloneImage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromFileICM
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromStream
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromStreamICM
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateFromHDC
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateImageAttributes
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDeleteGraphics
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDisposeImage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDisposeImageAttributes
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDrawImageRectRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipGetImageHeight
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipGetImageWidth
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
gdiplus.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdiplusStartup
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipSetImageAttributesColorMatrix
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
get response stream failed.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetActiveWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetAsyncKeyState
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetBkColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetBkMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCapture
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClassInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClassNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClientRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClientRectSetWindowPosInvalidateRectDrawTextW)PtInRectOffsetRectTScreenToClientEClientToScreenGetCursorPospSetCursorLoadCursorAFillRectCallWindowProcW DefWindowProcW GetWindowLongWhCreateWindowExWIsWindowVisibleMoveWindow0 SetParentEndPaintBeginPaintUGetParentCallWindowProcASetWindowLongA0 GetWindowRgn6RegisterClassWGetClassInfoWUnhookWindowsHookExCallNextHookExSetWindowsHookExADestroyIconLoadImageWFindWindowExA~DestroyMenueCreatePopupMenuInsertMenuItemWBGetMenuItemCountTrackPopupMenuySetFocuszSetForegroundWindowUSER32.dll
Ansi based on Dropped File
(~WRD0000.doc)
GetClientRectSetWindowPosInvalidateRectDrawTextW)PtInRectOffsetRectTScreenToClientEClientToScreenGetCursorPospSetCursorLoadCursorAFillRectCallWindowProcWDefWindowProcWGetWindowLongWhCreateWindowExWIsWindowVisibleMoveWindowSetParentEndPaintBeginPaintUGetParentCallWindowProcASetWindowLongAGetWindowRgn6RegisterClassWGetClassInfoWUnhookWindowsHookExCallNextHookExSetWindowsHookExADestroyIconLoadImageWFindWindowExADestroyMenueCreatePopupMenuInsertMenuItemWBGetMenuItemCountTrackPopupMenuySetFocuszSetForegroundWindowUSER32.dll
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GetCommandLineA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetComputerNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleCP
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleOutputCP
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCPInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCursorPos
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDesktopWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDeviceCaps
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDlgItem
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetEnvironmentStrings
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetExitCodeThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileAttributesW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileSize
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileType
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetIconInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastActivePopup
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastError
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastInputInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLayout
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLocalTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLongPathNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMenuItemCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleFileNameA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleHandleA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleHandleW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMonitorInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetObjectA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetParent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcAddress
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessHeap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessMemoryInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetResponseHeader(Content-Type) failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetSecurityDescriptorSacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSidSubAuthority
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSidSubAuthorityCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStartupInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStdHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStockObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStringTypeA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStringTypeW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSysColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSystemMetrics
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTextColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTickCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTokenInformation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetUserObjectInformationA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
getValueByKey
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetVersionExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowLongA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowLongW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowOrgEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GGHHHH'H/H7H?HGHOHWH" tzH& HH: HHHHHHHH
Ansi based on Dropped File
(~WRD0000.doc)
GGHHHH'H/H7H?HGHOHWH"tzHHHHHHHHHHH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GGhPNhG! P}G9 ! 0 ! P}GGPNGG4PN4uG9 GD0 FD! P}]G! P}KGG$PN$?G! P}-GGP9 "GGHPNHGXWNX
Ansi based on Dropped File
(~WRD0000.doc)
GGhPNhGPGPGGPNGG4PN4uGGDFDP]GPKGG$PN$?GP-GGP"GGHPNHGXWNX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
gkgj^;jY;$P3t tHt4+t$HHtVK?3$*u,k
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GlobalAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GlobalFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GlobalLock
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GlobalUnlock
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GP 9 @;r6 &Y|_^=uV9 5|W3& u<=tGVsYt` ujGW9 YY0 =& t9 5|SBVqs9 C >=Yt1jSYY0 & tNVSPx& t3PPPPPs >u5|b" %|'3Y[_^5<" %9 U9 Q9 MS3V0 9 9 U9Et9 ]E0 0 E >"u39E" F0 E<& t`B0 U`PFv2Y& t}t
Ansi based on Dropped File
(~WRD0000.doc)
GP@;r6 &Y|_^=uV5|W3u<=tGVsYtujGWYY=t5|SBVqsC>=Yt1jSYYtNVSPt3PPPPPs>u5|b%|'3Y[_^5<%UQMS3VU9Et]EE>"u39E"FE<tBUPFv2Yt}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GQYaiqy"$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GQYaiqy0 " $
Ansi based on Dropped File
(~WRD0000.doc)
Gu_uEjuuuEjPuuuM_^3[pUEet_EtZfuu uuuu ]atAtu uuuuu0u uuuuuwu uuuuun]UjuuuuuuZ]VW36Y(r_^Vhh3Vgt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GUQeVW7uW7txVMHE_^jKYu<ENTENDE>N4E>N$E>NE>MN>j4KMe1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GWugufZ9~~@]V4kYjt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h 39 9}u9 PhlVjc9}t+9 9 ;~9 ;~PQ9 9 4hxV;WhuhuW +.;uhx9 I3@hRxhjc3$j.#9 h xhjbj 9 0 Me& tj
Ansi based on Dropped File
(~WRD0000.doc)
h 9 ^jfa9 0 uNS0z3N0 }#zj
Ansi based on Dropped File
(~WRD0000.doc)
h 9 ^V9 9 & tP9 v& tVc:Y^QU9 W9 Rt3@ 9 Eu0 ! yh 9 5& }3qVj9 9 -9 & tV9 eSMQhlrV9 & |}u9 MQh\rV9 9 VP& [|}tjuOPuk&33@^_]V9 NP&9 ^W9 |$& u
Ansi based on Dropped File
(~WRD0000.doc)
h c0 ^U9 QuEuP*& }P=9 E|$V9 u&9 ^t$0 & uh U9 SVu9 MEP9 Ku`^`[]V9 VjXt$f0 0 F& u9D$tj
Ansi based on Dropped File
(~WRD0000.doc)
h K[9] EPM 9 MPE`M~9 M;t
Ansi based on Dropped File
(~WRD0000.doc)
h K[9]EPMMPE`MM;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$`s" " BK'aA;GIF89a[x" `,o7oS9,n&k[RP![, [[X >
Ansi based on Dropped File
(~WRD0000.doc)
h$M|3}9 0 ]PEPEPVuu 9 ;u/}/u&EPMw{9 MSEPEPVuud9 V& ?9 ;D$th(t$Q}jD_uMWueMH9 uE& t9 39 ]& t9 39 E9 8RQPW 9 & t9 & t9 9 Lj We9 9 ]& u37eh)hx)S_3F& |0 uhp)h`)S9 C& |0 uthL)h<)S9 $& |0 uMieEP9 M.k& uMjPh)S9 & |0 u9 k& u9 iPh)S9 & |0 u9 M& tdj& u[j9 VMx9 ME: iPMzVMyMiPh(S9 b& |EMEqMMq9 EV9 9 L$9i9 L$P/iPt$9 ^U9 QeVW9 9 M3X& v79 MEPV& t9 E& tHQPu9 9 MF!;r3_@^UpjH_ 0 M`9 ]|9 K3;th|9 P9 hPh -,Vj{%0 }|E|Ph)jWh)0 },& ;}9tAtjjYPhx,VQ9%9 E|M;t9 PQ3M0 gjXf0 E3f0 E9 5EP9 K4E;ti& u9 K4gPME P9 K8E;th& u9 K8gPM "!E@P9 KE;th& u9 KgPM@nhh9 h9 K;tigPM@Hhh,h)M0qM00 }\AgPMl" 9 E-gPMh9 EhE;t9 0 ET0 }T9 El;t9 39 u 9 9 E|u9 9 uTuQPR& }}tAtjjXjh,9 M`P: 9 Mh9 & t|9 Ml& tp9 5E@PE PEPEPM0Eo9 E|M& t9 PQ9 s$9 u`u|9 & ujh+j9 {9 C,& tPu|9 & t9 E|9 9 u@PQ,& }tAtjjXjh++30 ud9 E|9 UdRPEQ(;|9udt9 K ;tud;pjudMtMEeEP9 0 ePjhx)E
Ansi based on Dropped File
(~WRD0000.doc)
h$M|3}]PEPEPVuu;u/}/u&EPMw{MSEPEPVuudV?;D$th(t$Q}jD_uMWueMHuEt3]t3E8RQPW ttLj We]u37eh)hx)S_3F|uhp)h`)SC|uthL)h<)S$|uMieEPM.kuMjPh)S|ukuiPh)S|uMtdju[jVMxMEiPMzVMyMiPh(Sb|EMEqMMqEVL$9iL$P/iPt$^UQeVWM3Xv7MEPVtEtHQPuMF!;r3_@^UpjH_M`]|K3;th|PhPh -,Vj{%}|E|Ph)jWh)},;}9tAtjjYPhx,VQ9%E|M;tPQ3M0gjXfE3fE5EPK4E;tiuK4gPME PK8E;thuK8gPM E@PKE;thuKgPM@nhhhK;tigPM@Hhh,h)M0qM0}\AgPMlE-gPMhEhE;tET}TEl;t3u E|uuTuQPR}}tAtjjXjh,M`PMht|Mltp5E@PE PEPEPM0EoE|MtPQs$u`u|ujh+j{C,tPu|tE|u@PQ,}tAtjjXjh++3udE|UdRPEQ(;|9udtK ;tud;pjudMtMEeEPePjhx)E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$O(zPh$w8j?]"ue~8<%?NXENtEEEENtEfTNtf,jPj5Pj5Pf0j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$sBK'A;GIF89a[,o7o9,n&k[P![,[[X>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$sBK'A;GIF89aZ6[[WwFI)bX!Z,ZZ<9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h%-$X ^jh`C"jSIYe9 u9 N& t/0 E& t9u,9 H0 JPDYv;YfE
Ansi based on Dropped File
(~WRD0000.doc)
h%-$X^jh`C"jIYeuNt/Et9u,HJPDYv;YfE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h(((( H
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
H(H<HRHdHHHHHHI,IGdipFreeGdipAllocGdipDeleteGraphicsdGdipCreateFromHDCGdipCreateImageAttributesGdipDisposeImageAttributeslGdipGetImageWidthGdipGetImageHeightdGdiplusStartupGdipSetImageAttributesColorMatrixGdipDrawImageRectRectGdipDisposeImageGdipCreateBitmapFromFile.GdipCreateBitmapFromFileICMGdipCreateBitmapFromStreamlGdipCreateBitmapFromStreamICMGdipCloneImageO*P$NDT\OTPTHKU$TKVN,W@OW MWNW8NWT$K
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
H(H<HRHdHHHHHHI,IGdipFreeGdipAllocGdipDeleteGraphicsdGdipCreateFromHDCGdipCreateImageAttributesGdipDisposeImageAttributeslGdipGetImageWidthGdipGetImageHeightdGdiplusStartupGdipSetImageAttributesColorMatrixGdipDrawImageRectRectGdipDisposeImageGdipCreateBitmapFromFile.GdipCreateBitmapFromFileICMGdipCreateBitmapFromStreamlGdipCreateBitmapFromStreamICMGdipCloneImageO*P& $NDT\O T PTH& KU$TKVR N,W@O~W & MWNW8NWT$K
Ansi based on Dropped File
(~WRD0000.doc)
h*YYYYYYYYYYZZ" *9ZAZIZ" *lZtZZ" (+ZZ" d+ZZZZ" +[" +1[" ,T[^[" 4,[9 [ [" h,[[[[" ," -[\\\%\J\R\]\h\" 4-}\ \\" x-\" -" .\\\
Ansi based on Dropped File
(~WRD0000.doc)
h*YYYYYYYYYYZZ"*9ZAZIZ"*lZtZZ"(+ZZ"d+ZZZZ"+["+1[",T[^["4,[[["h,[[[[","-[\\\%\J\R\]\h\"4-\\\"x-\"-".\\\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h+ y ?>G}1EO(L{xbx}} {" BhXH(V 0
Ansi based on Dropped File
(~WRD0000.doc)
h+y?>G1EO(L{xb}}{BhXH(V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
H0L0P0T0X0\0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
h39}uPhlVjc9}t+;~;~PQ4hV;WhuhuW+.;uhI3@hhjc3$j.#hhjbj Metj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h3Pj5(D3@]$jv#0 Mh x`SjRb}& 9 u& MeEP9 9 u9 & uhHSj@bMMXj,Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
h3Pj5(D3@]$jv#Mh`Sjb}uMeEPuuhHSj@bMMXj,YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h49 w" 9 u& t#MQ9 P9 EMEj9
Ansi based on Dropped File
(~WRD0000.doc)
h4wut#MQPEMEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h9 $9 s" " BK'aA;GIF89aZa: 6[[RWw"!F! I)bX}!Z, ZZ< 9
Ansi based on Dropped File
(~WRD0000.doc)
h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 }h9 0 eWhS 9 oh9 0 eWhRc9 Ph9 0 eWh|D9 1h9 0 eWhh%9 h9 0 eWhT9 h9 0 eWh@9 h9 0 eWh,9 h9 0 eWh9 h9 0 eWh`9 wh9 0 eWhk9 Xh9 0 eWhL9 9h9 0 eWh-9 h9 0 eWh9 h9 0 eWh9 h9 0 eWhS9 h9 0 eWh9 ~h9 0 eWht 9 h9 0 eWhds9 `h9 0 eWhTT9 Ah9 0 eWh@59 "h9 0 eWh,9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWha9 ! h9 0 eWh{9 hh9 0 eWh\9 Ih9 0 eWh=9 *h9 0 eWh9 h9 0 eWh9 h9 0 eWh 9 h9 0 eWhl9 h9 0 eWhX9 h9 0 eWhD9 ph9 0 eWh4d9 Qh9 0 eWh$E9 2h9 0 eWh&9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 9 xh9 0 eWhl9 Yh9 0 eWh M9 :h9 0 eWh .9 h9 0 eWht9 h9 0 eWh`9 h9 0 eWhL9 h9 0 eWh89 xh9 0 eWh( 9 h9 0 eWht9 ah9 0 eWhU9 Bh9 0 eWh69 #h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWhS: 9 h9 0 eWh|9 ih9 0 eWhx]9 Jh9 0 eWhd>9 +h9 0 eWhT9 h9 0 eWh@9 h9 0 eWh,9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh 9 qh9 0 eWhe9 Rh9 0 eWhF9 3h9 0 eWh'9 h9 0 eWh9 j [S9 0 eWhS9 S9 0 eWhR9 S9 0 eWhx9 S9 0 eWhh"!9 S9 0 eWhX~9 kS9 0 eWhHc9 PS9 0 eWh8H9 5S9 0 eWh(-9 S9 0 eWh9 3@6iU9 SVW9 39 0 ]& ~PEP9 z#9 M;t9]t9 SiY3EPEP9 N& u9]u9 S9 P9 & ~QEP9 ?0 ]!9 M;t9]t9 +WhYEPEP9 N& u9]u9 S9 P_^[jRwg9 0 u3SE
Ansi based on Dropped File
(~WRD0000.doc)
h9 hVvOYVMnh,EP;
Ansi based on Dropped File
(~WRD0000.doc)
H9 t`P9 P9 P9 P9 P39 T$& t"A8t9 A9 0 Q0jL3j O9 30 }9~@uMMx39 9~t
Ansi based on Dropped File
(~WRD0000.doc)
h=}hu0jPMqMEkVEPEP9 EMEqMEkMEkMEakMM}k3@hthSj3wV9 t$W9 & t,~t&V& u9 N9 Pl& tV9 (V9 y_^j S9 MaeEPu9 d& tMyc& uEP9 MMjj09 0 ue6YU9 QVEPEP9 : 9 ^U9 SVW9 9 G9 p9 EFPu9 QYYE t9 69 v ~-tWSMU }tL9 GW0MAEPM@ t&uSjEP9 9 9 9 E9 I0 0 H@5MlL9 uuFP: PYY tuSu9 E9 M0 0 p@_^[j
Ansi based on Dropped File
(~WRD0000.doc)
h=}hu0jPMqMEkVEPEPEMEqMEkMEkMEkMMk3@hthSj3wVt$Wt,~t&VuNPltV(Vy_^jSMaeEPudtMycuEPMMjj0ue6YUQVEPEP^USVWGpEFPuQYYEt6v~-tWSMU}tLGW0MAEPM@t&uSjEPEIH@5MlLuuFPPYYtuSuEMp@_^[j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h[9] REPM[9 MPE9 `Mf9 M;t
Ansi based on Dropped File
(~WRD0000.doc)
h[9]EPM[MPE`MfM;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h^jfuN0z3N}#zj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h^VtPvtVc:Y^QUWt3@Euyh5}3qVj-tVeSMQhlrV|}uMQh\rVVP[|}tjuOPuk&33@^_]VNP&^W|$u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h_pL0iJtg_tt_l
Ansi based on Image Processing
(screen_0.png)
hc^UQuEuP*}P=E|$Vu&^t$uhUSVuMEPKu^[]VVjXt$fFu9D$tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hdMM9 MQ9 EP(& u!h<Sj<ME>j Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
hdMMMQEP(u!h<Sj<ME>j YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HeapAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HeapCreate
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HeapDestroy
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HeapReAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hEPMPMPsWsusMMi3q!|$+ut$P3jls uUEN E)6MN=!U<Ww8uSV3;~F9E~9]j8ESP*E9]tEE9]uuEEEEEE;u%9]tEE9]uEPShMw8EPShLw8tE^[_VD$tV_ Y^j3PPjPt$VL$\P^tjVFtNHFtNH|$t^3UHHHAVFt1NWxF;u@Ft$~_ufff^VFt1NWxF;u@Ft$Q~_ufff^T$D$uAAAzuAJHPJtABVj!YtL$``3Pv^VFtK;Fut$;;Fut$0+Wxuxt$N~_ufff^VFW3Ftt$tPpYG~uff_^jUVD$tV6Y^UEjP]UEMh@?UREEMEX#UEVHNPVFtQP^]UVW}HHHIHMESj Zr0;1t|0+t3\ipY+t3\HpY+t3\'pY+t3\3p;qt~pY+t3\pY+t3\pY+t3\pY+t3\3rp;qt~pY+t3\IpY+t3\(p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
heWhheWhheWhheWhheWhoheWhcPheWh|D1heWhh%heWhTheWh@heWh,heWhheWhwheWhkXheWhL9heWh-heWhheWhheWhheWhheWhtheWhds`heWhTTAheWh@5"heWh,heWhheWhheWhheWhheWh{hheWh\IheWh=*heWhheWhheWhheWhlheWhXheWhDpheWh4dQheWh$E2heWh&heWhheWhheWhheWhheWhxheWhlYheWhM:heWh.heWhtheWh`heWhLheWh8heWh(heWhtaheWhUBheWh6#heWhheWhheWhheWhheWhheWh|iheWhx]JheWhd>+heWhTheWh@heWh,heWhheWhheWhqheWheRheWhF3heWh'heWhj [SeWhSeWhSeWhxSeWhhSeWhX~kSeWhHcPSeWh8H5SeWh(-SeWh3@6iUSVW3]~PEPz#M;t9]tSiY3EPEPNu9]uSP~QEP?]!M;t9]t+WhYEPEPNu9]uSP_^[jRwgu3SE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HFM@dF8FHMF*PFhP>jFjPM8MeEP6u2M)PFhPXF@vjLMMU2_VFW3;u3a9|$t<9~<t9xt@vjL=@vWL;t(F<9~<u3@xvjL;t~<_^,SUV5`WS3hPPD$,=UShjUUl$,ShjU3PPPt$ Ul$(D$,PU@D$,;D$4D$~L$4L$,D$4D$8+D$0jY3~ND$D$j]9l$4~.D$D$ D$ Pjht$0;l$4|D$L$uSht$t$4PD$(D$_^][,jihMeNLFLjP3MM[UQVhMjutFLM^VF@tW=jjPvjv@_FtPhfFtPfY^&j0uejdv@F@tPf@MNVW=f0jdv@jev@FtPY_^V~0Wu[|$du=~F,9F,|f,F8F8;F4|v,At!P|$eujv(jdv@_^UVuYtbW};=uu{&uuRu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hh#MEP9 E`MSWM > h@#MEP9 E`MSWM> h$#MuEP9 Ev`MSWM >q h#MBEP9 EC`MSWM& >> h"MEP9 E`MSWM > h"M! EP9 E0 MSWM! >h"M! EP9 E0 MSWM>h"Mv! EP9 Ew0 SWM0 >vjZ9 0 ue}$L"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , e}LE9 ER 0 9 V9 .D$tVY9 ^#jX3@9 `#V9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
hh#MEPEMSWM>h@#MEPEMSWM>h$#MuEPEvMSWM>qh#MBEPECMSWM>>h"MEPEMSWM>h"MEPEMSWM>h"MEPEMSWM>h"MvEPEwSWM>vjZue$L"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , eLEEV.D$tVY^#jX3@`#VNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hhhhhhhhhhhhhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hhhhhhhhhhhhhhhhhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HHtLHt6Hu$
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hhVvOYVMnh,EP;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM(MMErPMM(aPMSMM9uthhM9uthh M9uthSh xEPEw,P9 & t19 uMEyMEmMM(a9 ia0E(9 0 ePE9 0 ePEu9 uEuS0 E& u3R9 PEP9 RxjS+`9 0 u%3N$0 }N4E}ES}E}E~0 ~0 ~0 ~0 ~ Fh$0 ~t0 ~0 0 ~0 0 0 Fl0 0 0 ~p0 ~D0 ~HFL0 ~P0 ~T0 0 ~\0 ~`0 ~d9 :`jTU_9 0 u9 NE& t$f9 N& t$f}E}E}EN4EN$EM9 $_9 Ah$49 D$0 ADjXf^9 u3Z9 & t 9 0 eP" e9 0 ejh|9 M9 R
Ansi based on Dropped File
(~WRD0000.doc)
hM(MMErPMM(aPMSMM9uthhM9uthhM9uthhxEPEw,Pt1uMEyMEmMM(aia0E(ePEePEuuEuSEu3PEPRxjS+`u%3N$}N4EEEE~~~~~ Fh$~t~~Fl~p~D~HFL~P~T~\~`~d:`jTU_uNEt$fNt$fEEEN4EN$EM$_Ah$4D$ADjXf^u3ZtePeejh|M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM8qtPPzPM\E7E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM;9 MEPFCM0 ]EME`M]9ME99 EjEPeM2& ug9 }|p~MME"ME>WhM9 0PVM2MEMEMM9$j,=9 M/eeEP9 PMEh@ME8MM1& tMM89 MPMEUMEq9 EPhM/PVM*& u0 M9 u|p~9 0 uMEMEqj[EPReM 0& t3MM79 }tj2Y9 9 }MMEMEWh,M9 /PVMM9 EZME@|j}EPeM/& tMMQ79 YeMMEME9 EPh,Mx.PVMEM& t9 uMEx`MERqj,9 9 M@/& t3M-ueeEP9 PME>MEy6MME#ME?9 EPhHM-PVMjxY& u0 M9 u|~9 0 uMEMEMM59 j9 9 M^.& & uEP9 eMd9 uE|~jx^MVMErVhHM9 ,PWMfME*MEMMN5Xj< q9 M,ueEP9 >PME<ME5M -& t3MM49 M ME+MEME: 9 EPhpM,PVMTEM& t%9 uIMEy4ME#q'MEW4MEMj(q9 M+ueEP9 >PME;ME4M ,& t3MM39 M ME9 MEuMhp9 +PVM"!M9 E[MEA j9 9 M+& t
Ansi based on Dropped File
(~WRD0000.doc)
hM;MEPFCM]EMEM]9ME9EjEPeM2ug}|p~MME"ME>WhM0PVM2MEMEMM9$j,=M/eeEP PMEh@ME8MM1tMM8MPMEUMEqEPhM/PVM*uMu|p~uMEMEqj[EPReM0t3MM7}tj2Y}MMEMEWh,M/PVMMEZME@|j}EPeM/tMMQ7YeMMEMEEPh,Mx.PVMEMtuMEMEqj,M@/t3M-ueeEPPME>MEy6MME#ME?EPhHM-PVMjxYuMu|~uMEMEMM5jM^.uEPeMduE|~jx^MVMErVhHM,PWMfME*MEMMN5Xj<qM,ueEP>PME<ME5M-t3MM4MME+MEMEEPhpM,PVMTEMt%uIMEy4ME#q'MEW4MEMj(qM+ueEP>PME;ME4M,t3MM3MMEMEuMhp+PVMME[MEAjM+t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hMH hMHy9 MhEPPhE P~9 E PMHOM E
Ansi based on Dropped File
(~WRD0000.doc)
hMHhMHyMhEPPhEPEPMHOME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HMMEMEjejhMEZPVMEMEME{jEP;eM+u2MXEPhMEPMME4MMdnj9EPeMtMM+3@23CM]EPhM]fPMRuMEMM]jtEPFeM6t3FMMM;ME@ME\jejh:MEPVMEMEME{j}PEPeMtMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hMo9 C(;t
Ansi based on Dropped File
(~WRD0000.doc)
HPtCt?Wt4>%uN@uNhFP\YYt7F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hR<M9 @& u
Ansi based on Dropped File
(~WRD0000.doc)
hS M8q& tP& P9 zPM\E7E
Ansi based on Dropped File
(~WRD0000.doc)
HS3f9]HMH(;tIMuH8u;tf9u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ht#9 p& u
Ansi based on Dropped File
(~WRD0000.doc)
Ht`PPPPP3T$t"A8tAQ0jL3jO3}9~@uMM39~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
http://alert.client.conduit.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://alert.services.conduit.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://crl.verisign.com/pca3.crl0)
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.conduit.com/Alertupdate/update.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.eb.com/Alertupdate/tbedrs.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.eb.com/Alertupdate/update.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://iealert.conduit-download.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://ocsp.verisign.com01
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://ocsp.verisign.com0?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://services.eb.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.qatoolbar.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
https://www.verisign.com/cps0*
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
https://www.verisign.com/rpa0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HtwHtRHt0H
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Hu,h h h0 hQ P 3@3U9 SVWjue9 ]9 & uZ9}u#9 3& tu9 9 P\& SuWuSuuu& t nc9 M;! +wxtitPt?t& & 9 MQ9 EPL9 M0 M9 eMQu9 P@9 9 P 9 PPu9 RT9 S9 PD9 Nt9-t"& 9 M9 SQMQ9 P& 9 Su9 PHu9 MQSu9 PPau9 9 PR9 - (H H HH t[t+-"!t9 URSuQ9 Pu9 9 P$9 39 }QP9 EPEP9 R<9 9 3}QPu9 R49 9 3}QPu9 R09 3}9 0 EEPu< 9 M9 E9 QPu9 WuR8T3}9 0 EEPu< 9 M9 E9 QPu9 WuR,9 9 3}QPu9 R(uSuuu9 G9 E_^[D$V9 tVi4Y9 ^U9 (S9 ]W9 }EPWSx & u\Vj(3EVP.>hVEE0 ]0 }0 u0 u0 u V0 E0 EEP| ^f& u33@_[U9 V9 Vu0u,u(u$u uuuuuu 0 F& u
Ansi based on Dropped File
(~WRD0000.doc)
Hu,h h h0 hQ P 3@3U9 VE9 Pv< & tuEuP & t9 ! 33@^U9 SVu9 5R u3SS0 E9 E;}W9 }9 3+t:It2It*ItItItIu*x%u3Gxtxxx9 0 U9 M+tDIt1ItIuREtk9 E+HQuP9 E+P2EtP9 E+HEt@9 EHEt09 EHQWPR0 Ejuuu u9 E3E}RrC;R"_9 E^[VW9 jw9 9 D$#t$Vjw _9 ^D$V9 tVd8Y9 ^U9 SVWju9 ]9 ;! ! 9 H t|tEat- uD& t
Ansi based on Dropped File
(~WRD0000.doc)
Hu,hhhhQP3@3USVWjue]uZ9}u#3tuP\SuWuSuuutncM;+wxtitPt?t& MQEPLMMeMQuP@P PPuRTSPDNt9-t"MSQMQPSuPHuMQSuPPauPR-(HHHHt[t+-tURSuQPuP$3}QPEPEPR<3}QPuR43}QPuR03}EEPu<MEQPuWuR8T3}EEPu<MEQPuWuR,3}QPuR(uSuuuGE_^[D$VtVi4Y^U(S]W}EPWSxu\Vj(3EVP.>hVEE]}uuuVEEEP|^fu33@_[UVVu0u,u(u$u uuuuuuFu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu,hhhhQP3@3UVEPv<tuEuPt33@^USVu5u3SSEE;W}3+t:It2It*ItItItIu*x%u3GxtxxxUM+tDIt1ItIuREtkE+HQuPE+P2EtPE+HEt@EHEt0EHQWPREjuuuuE3E}rC;"_E^[VWjwD$#t$Vjw_^D$VtVd8Y^USVWju];!Ht|tEat-uDt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu9Ft9 N~t 9 NRuj+9 P@0 U9 SV9 WtwEtlEP EP 9 }+9 ]+~& u& t=EP< 9 E9 M9 Uj+Q9 M+RPQS x_^3[U9 V9 ~ltR9 E0 9 E0 t&EPv@ 9 E+EPG + Y0 9 } u9 uuuu:^j TT9 0 uK3jX3CP9 0 }|0 ~0 40 80 0 $DDD ("!0 ~,0 00 <Rj9 0 ejh"WWW9 W9 @0 ~D0 ~H9 &TV9 |uv& tjjv f9 ^]jTS9 eE,9 0 ePu(uu$9 u 9 uux9 C& t
Ansi based on Dropped File
(~WRD0000.doc)
Hu9FtN~tNRuj+P@USVWtwEtlEPEP}+]+ut=EP<EMUj+QM+RPQx_^3[UV~ltREEt&EPv@E+EPG+Yuuuuu:^jTTuK3jX3CP}|~48 $DDD(,0<Rjejh"WWWW@DH&TV|uvtjjvf^]jTSeE,ePu(uu$u uuxCt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu@bB;j !Y9 0 Me& tj
Ansi based on Dropped File
(~WRD0000.doc)
Hu@bB;j !YMetj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HU\euVPu}WFHtHu4jFPwYYPvSFPwYYPvSE3@eU}tuSVuV} uuVu ^7uuVGhu@uFuKVu(tVP]UQQVu>Wt?t9t+>MOCt#u$u uuuuV}uuEPEPVu WE;Es[S;7|G;wBGOHtyu*X@u"u$uu juuuuuEE;Er[_^U,MS]C=VWEIIM|;|]ucsm9>~ F;t=!t="~ujVEvYYu9>u&~u F;t=!t="u~u]t|ODu3YuO39~GLhdu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HuB;4V,V$9 I,& tVa 9 I0& tV/EV]& t9 j9 ^V9 1N0 @-9 0 @9 0 9 0 If^U9 V9 ~<u'~t!at& t9 E9 ;(uuu+3^];pu
Ansi based on Dropped File
(~WRD0000.doc)
HuB;4V,V$I,tVI0tV/EV]tj^V1N@-@If^UV~<u'~t!attE;(uuu+3^];pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hWjMu9MueMM@EPMEMuME9EPM-EPjhhMEMQMQPjNPEMEuf}uuh<Wj2MEPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hYM3u;tuujJM~hWFXPuujMEPME%lPNHE^MEWM|NP^t@hGYMEtuVh3uPElPMM[VT^Vhhhh^j}uWVgSjMf_u6HPjEP)aeP]MMU'NtHvPhxRtjX;hcRtjhORtjh;RVT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hz9 Me9 MPx9 MU9 T$B9 J3w
Ansi based on Dropped File
(~WRD0000.doc)
hZ9]t$EPM9 MPE#`M]RX3FMM!9 & j.~9 MP& ud9 MP& uX=9 3;tKh Y9 0 M0 u;tVVuVuuuuhS3MVP9 9 9 PV9 R9 D$0 F9 ^D$V9 RtVY9 ^j@j
Ansi based on Dropped File
(~WRD0000.doc)
hZ9]t$EPMMPE#`M]X3FMM!j.MPudMPuX=3;tKhYMu;tVVuVuuuuh3MVPPVD$F^D$VtVY^j@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hZ9]tXEPM9 MPEW`M29 M;t
Ansi based on Dropped File
(~WRD0000.doc)
hZ9]tXEPMMPEW`M2M;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HzMeMPxMUT$BJ3w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h|9 M TEPMS^ThEY0 EE& t E9 0 eP[9 MEPVt3M0 FELRMSE
Ansi based on Dropped File
(~WRD0000.doc)
h|MTEPM^ThEYEEt EeP[MEPVt3MFELRME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
i,ch_nab_a...
Ansi based on Image Processing
(screen_0.png)
i.._,.._,
Ansi based on Image Processing
(screen_0.png)
I9 ju0& t
Ansi based on Dropped File
(~WRD0000.doc)
I;tMHH3;tYHXtf9uIter$fx`u@htURhlrP}eE;G<u;Vuh8hjOLuMQuuuSVP[|}E@t3fEtPQW_^USVW}efxu@tURhlrP}e@3tf8u@tE;F<uSPh8h`j|Ku~Xt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
I\1]^_/_X__ ]]&^S^|^__Ul$RRV9 u|& u3Ge|SWV9 Y;u0 ]|jWV& t0 ]|EpPVYY& t0 ]|EpPVYY& t0 ]|ElPVYY& t0 ]|EPV& YY& t0 ]|EhPVrYY& t0 ]|9 Eh;Eu}lu}ptE|"!EPVYY& t0 ]|EPVuYY& t0 ]|EPVYY& t0 ]|9 F9 M9 ]8;s
Ansi based on Dropped File
(~WRD0000.doc)
I\1]^_/_X__]]&^S^|^__Ul$Vu|u3Ge|SWVY;u]|jWVt]|EpPVYYt]|EpPVYYt]|ElPVYYt]|EPVYYt]|EhPVrYYt]|Eh;Eu}lu}ptE|EPVYYt]|EPVuYYt]|EPVYYt]|FM]8;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
IAIA0 AA9 Aa0 ]9 U9 30 ESV9 uF@W& 6VYt.VYt"VV<& YY9 `@$$< VYt.VYt"VV<& YY9 `@$$< xV|Yt.VpYt"VdV<& TYY9 @ t]uEjPEPb:& t]39}~0Nx9 `L=9 A0 D=VPYYtG;}|f9 E Fx
Ansi based on Dropped File
(~WRD0000.doc)
IAIAAAAa]U3ESVuF@W6VYt.VYt"VV<YY@$$<VYt.VYt"VV<YY@$$<V|Yt.VpYt"VdV<TYY@t]uEjPEPb:t]39}~0NxL=AD=VPYYtG;}|fE Fx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
id_expiration_timeout_sec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
idEvent: %d ,pSeed: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ieframe.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IEGetWriteableHKCU
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IEIsProtectedModeProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IEIsProtectedModeURL
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
If-None-Match
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
If-None-Match: "
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
iframe unblocked
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Ignored notification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ihMH6MEPhMHVhMEPMEOh`Mu@MxSEP$EPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
iibirprMin
Ansi based on Image Processing
(screen_0.png)
IIDFromString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IITI_IjIuI I9 I IIII
Ansi based on Dropped File
(~WRD0000.doc)
IITI_IjIuIIIIIII
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
iM'Ms=9 T$B9 J3fhMMMM JMRJ9 T$B9 J3~fDxhM}M=MMeM"!9 T$B9 J3;f\h9 MW9 Mk9 T$B9 J3
Ansi based on Dropped File
(~WRD0000.doc)
iM'Ms=T$BJ3fhMMMMJMJT$BJ3~fDhM}M=MMeMT$BJ3;f\hMWMkT$BJ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
image/gif0!0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
iMEiMEiud9 Mh& t9 Ml& RHj<
Ansi based on Dropped File
(~WRD0000.doc)
iMEiMEiudMhtMlRHj<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
incompatible version
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incomplete distance tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incomplete literal/length tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incorrect data check
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incorrect header check
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
inflate 1.1.3 Copyright 1995-1998 Mark Adler
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InflateRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Info_High
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Initial notification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InitializeCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InitializeCriticalSectionAndSpinCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InitializeSecurityDescriptor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
initialNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InprocServer32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InsertMenuItemW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_FORCE_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_TRY_TO_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
instant_alerts_channel
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InstantAlert - no need to mark read
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InstantAlertIds
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
insufficient memory
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InterlockedDecrement
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InterlockedExchange
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InterlockedIncrement
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternalName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InternetCanonicalizeUrlA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetCloseHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetCrackUrlW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetOpenUrlW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetOpenW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetReadFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetSetOptionW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
INTERVAL_HH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INTERVAL_MM
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INTERVAL_SEC
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IntervalSec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Introducing a handy new feature
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
invalid bit length repeat
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid block type
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid distance code
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid literal/length code
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid map/set<T> iterator
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid stored block lengths
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid string position
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid window size
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InvalidateRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
inversePointerPosition
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IPt$=USVuEFW}W4_EG EGEG0;s+HG,+$T=}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Is check box checked: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IsDebuggerPresent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IsFeedModified
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
iShMH6MEPShMHVh MEPMEOh`Mu@9 MxSEP$EPME
Ansi based on Dropped File
(~WRD0000.doc)
isLocaleRtl
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
isSupportedFunction
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IsValidCodePage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IsWindowUnicode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IsWindowVisible
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ix'@2WuYYuMVuuM~un3YFj^eMptMM9x3A}EPsu3MMxMhtVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
i{7*-Xdvx$"ke
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
i}{7 * - Xd ~vRSx$a"ke
Ansi based on Dropped File
(~WRD0000.doc)
J JJ" 0JJJJJK" &K.K6K>KFKNKVK^KfK"
Ansi based on Dropped File
(~WRD0000.doc)
j R:dC`C ujv& vPW& Pjj8#3Sv& WPW& PWvS!DSv& WPW& PhvS $3REt L`Rt L `RR @;rV & x3)& 9 " Z w L` w L ` A;r9 M_3[Rjh`E& y9 d}& Gptlt9 wh& uj OY9 j
Ansi based on Dropped File
(~WRD0000.doc)
j R:dCCujvvPWPjj8#3SvWPWPWvS!DSvWPWPhvS $3EtLtL @;rV3)Z wL wL A;rM_3[Rjh`EydGptltwhuj OYj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j,9 9 M&%& t3Mn#ueeEP9 PME3ME_,M
Ansi based on Dropped File
(~WRD0000.doc)
j,M&%t3Mn#ueeEPPME3ME_,M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j-(9 0 utFh9 Ne& t
Ansi based on Dropped File
(~WRD0000.doc)
j-(utFhNet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j-=m ld \cQkkbal0e& Nb" l{ WeP9 |bI-|ReLXaMQ:t0AJ" =mjiCn4Fg`s-D3_L
Ansi based on Dropped File
(~WRD0000.doc)
j-=mld\cQkkbal0eNbl{WeP|bI-|eLXaMQ:t0AJ=mjiCn4Fg`s-D3_L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j/M9 }hW9 dPMy& th9 o& u]h|9 59 tJMME%PEhHPVMP9 EM& u'0 ME}MM5y3ybMEVMMy3@ 8t9 9 j9 RTV9 u3^t& + ^=@U9 9 E& u
Ansi based on Dropped File
(~WRD0000.doc)
j/M}hWdPMythou]h|5tJMME%PEhHPVMPEMu'ME}MM5y3ybMEVMMy3@8tjRTVu3^t+^=@UEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
J012=3.4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
j2|jj'e9 YY0 u0 uE& tu9 uuuu9 uYjj
Ansi based on Dropped File
(~WRD0000.doc)
j2|jj'eYYuuEtuuuuuuYjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j3Mj~YEE;t4EMEEPESj{5(vN,;t(WxN,v,;tiWx_N,;tyv0;tLKCM4WWME(v0;tHMMv0;tJqj/uN0E?=N E3=NE'=M=&`jD/<M3M]G&;tcu;t\P;tQEPMEF5u+SMSwEjPMEMEM]<MMVW|$tYU2HtHtHHuHN0tAWHH9N0tW?;2tHuN,tzN,tw,_^j0 04MeM*MuI"Mt=.tt1jYMEtF3EM[MM4dV5tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
J6`zA`Ugn1yiFafo%6hRwG"/&U;(Z+j\1,[d&cju
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
J6`zA`Ug}n1yiFRafo%6hR" wG"/&U;( Z+j\19 ~,[d: &cSju
Ansi based on Dropped File
(~WRD0000.doc)
j9 9 3Mj~Y0 EE;t9 49 9 EM0 EEP9 ESj0 {5(v 9 N,;t(Wx9 N,9 v,;tiW9 : x_9 N,;ty9 v0;tL9 KCM4WWME(9 v0;t9 SHMM9 v0;t9 Jqj/`9 0 uN0E?=N E3=NE'=M9 =&9 `jD/<9 M3M0 ]G&;tc9 u;t\9 9 P;tQEP9 MEF5& u+SMSwEjPMEMEM]! <MM& VW9 |$9 & tY9 U2HtHtHHuH9 N0& tAWHH99 N0& tW?9 ;2tHu9 N,& tz9 N,& tw,_^j0 04M! eM*M& uI"M& t=.t& t1jY9 0 ME& tF39 EM[MM4adV9 5t & t
Ansi based on Dropped File
(~WRD0000.doc)
j9 B9 3jEZY0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
j9 c3+9 FPjW! vvWAv}0 ~3@_^ytyt33@& u
Ansi based on Dropped File
(~WRD0000.doc)
j9 Fp_^S9 V9 v& t:9 FW3;t/p& t&9 UUWWWWWv9 FUWWWWWp]_^[U9 VEP9 & ta9 E+EW9 =S jP9 E+EPuuvMEM9 FE& t+p& t9 E+EjP9 E+EPu9 Fup_^S9 VW9 v9 = & tt$jv9 F& tp& tt$9 Fjp_^[SU9 -VW9 v39 = & t9 D$0Cv9 F& tp& t9 D$09 Fp3C_^]9 [SU9 -VW9 v39 =t& tt$9 D$0Cv9 F& tp& tt$9 D$09 Fp3C_^]9 [U9 V9 9 F& tZp& tMSWEP9 Fp@ 9 Fpv09 9 SEPW S9 FWp_[^U9 T 30 ESVWE9 Pv 9 EPv@ v49 WEPS WEPv 9 09 M_^33[t:VW9 =9 v& tv& t3@3_^U9 QEPu#_9 M& t{9 EHHV9 t,Htt$tfuGu9 uP`:u9 uPd-W9 =0 jq9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
j9 ME}ME}MMSr6j'9 0 uel9 0 F^9 9 aV9 D$tVY9 ^j( 9 0 uR ej9 59 G UDhD(P9 EPs@ 9 u9 } uP+u+} WVuP0 ED PuD0 EjjM0 E-ejh M.jjEPuDM@9 CDee$& tjPM.jjEPuDM@}TtEE0Ps< jE0Ps9 9 E0+Eu00 E9 E4+E}9 u89 }<+u0+}40 E$K4Et& & F0 E(jGjT0 E,-C49 0 ePE=& Ta-E@PETPT`:& `9 E@;E,~E,u@MT$9 M(;0 ET|0 MT9 E(9ET~E(uTM@9 M,;0 E@|0 M@9 ET9 M@
Ansi based on Dropped File
(~WRD0000.doc)
j9 S9 39 ! 9 @xM0 F09 ! N(S0 F4! 9 0 ePRhM3Cj0 ]8& S0 E9 ! NQHhQHXQHPM30 F,9]u<& w$& tVS0 x5(w$MMj4AbWh4/M<dW3h /M0 ])dMEU9 MP aM0 E U9 MPa9 9}t_;t[9]u9 MtM9 j+;uE;MV+u9 MPuEPh9 MPEXeME]]M]M0 }]U9 QehD/u9 EV9 : D$tVY9 ^jLab 9 h x0Sj39 u)9uht0Sj9 j YY0 E0 };t9 9 9 } MEP+9 } EPE0MEGU& t!M;U& th 0Sj#9 } 9 P0 E& tP9 p& t=jY0 EE& tu9 3P9 j5(Ep9 } EP}ESPMcj 9 0 ePUeMjE8& M0 EESPh/Sj3jGPEPEPEPM}0 Eu<& }9 0 Gt*ORPh/SjgGP9 )MRPMRPhh/SjG9 30 M0 M;t9 P9 @0 U0 E0 } 9uu& t^39tFG& 9 & tMj$>Y0 EE& t9 x39 M0 H9 O0 HP9 E0 x $`Wwuu9 j9 hHSjMEMEzZMEnZMMbZljb! 9 0 uNTEoN4EN E$ZMN"Vqx9 RR& t38V9 t$9 ah9 a9 L$DQP9 ah9 a3@^jc9 0 u03CNX0 ]E~P9 Xe9 M& t9 SEPEP9 W& u9FTt4E^4P9 We
Ansi based on Dropped File
(~WRD0000.doc)
j9[9 0 uD$eN? #C
Ansi based on Dropped File
(~WRD0000.doc)
j9[uD$eN?#C
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j@pH$R&B ("!F!R,\(!& a#!<BBGlnT!6$B)/}jBVvj4B#btk4B '*3B0 "!32ECA;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
j@pH$R&B(F!R,\(!a#!<BBGlnT!6$B)/}jBVvj4B#btk4B '*3B32ECA;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j]9l$4~.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
j_VVVVV0 8 }t9 E`p9 !9uv9u~9 E39Ewj" }t9 U39ux3:- 9 9 ,9 }?-9 u-s}~F`9 9 E9 9 `38E E}u+]hT]SV 3& t
Ansi based on Dropped File
(~WRD0000.doc)
j_VVVVV8}tE`p!9uv9u~E39Ewj"}tU39u3:-,}?-u-s}~FE38EE}u+]hT]SV3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JanFebMarAprMayJunJulAugSepOctNovDec
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
jB3jEZYEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jc3+FPjWvvWAv}~3@_^ytyt33@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jDI%" 9 9 u3;u3J9 ;tp & t9 Wp0 M9 MQ9 0 }P& jEWP59& h0Y0 EE;t9 l39 0 ej|9 VE0 S9 0 ejVEtSs4usE9 9 jh9 3VVnj
Ansi based on Dropped File
(~WRD0000.doc)
jDI%u3;u3J;tptWp0MMQ}PjEWP59h0YEE;tl3ej|VEejVEts4usEjh3VVnj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JE9tFEE^[UWu3uueURPQ$|EtGEMS]V5EMEEjwESESE?MQSWP(juS3^@[_U SVuF+WPF+FPNYYN~vMM3QQQPSuEuUu}Pu}Uuu_^[US3M9u3VWuu}VWuEPuEMEEPu]u]u}uu#u MuVWSSut*EMEEEPuMSSuMMuuuu3_@^[UW3M9}u3SWWjWjhutWSEuSX3VPj;V};tvWMQuPSht[E;EuSVEPjV}$|?9}t:uVhsjuu0EPQSX39>VVSX3^[_US]Vu3EWhx1PSWSPEWSWjPF WuPB=v eEPjv $u*9Et%^ShsjPu0}#EPQ~uv v f 33@_^[]j.NtjjYMet3uMFbuNtjf33@'j.@NtjjAYMet3Mhx1uuFFuNtjf33@V>t3@^Vhtjjhs,|>u3^UVW3;ut;u3KWuPQ}PQ>S3}WURURPQ j|CEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jEPjAVE& ;t
Ansi based on Dropped File
(~WRD0000.doc)
jEPjAVE;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf8N4tjf4N<ENE{MN{j@BM@t!EtEPuytEgF$e8MEPrPv$|B}t<jPYEetv0u3MEtPuR3/jH}u3,juMeEPMMzjN}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf8NlEN<E'NEY5MrXV~u3Wvd=vvN<jPrF_^U(SWyEPZ,]PSxugVj(3EVPhVEEuu]uVEEu+EEP|^fu33@_[VFhF`HNht6Hu&u#vd!Fhv~\uj^^^VN8tt$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf^jyu3(IURPMePMM=3@Dj QZ]~tvNPuNURPeMPM>uNURPEu-NURPMPEEMM3@3V~W|$tNWPhU~tNWP_^jZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf^VD$F^V~tL$jN^`^UQMSVWue9>s}6M}t'f*uTO;sKM@Psf/u;e3S0Yu(f/u2O;s)M@PAf*uE9>r}t33@_^[``#VNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfE<)NTE0)Md/D$jV=EeFtEFxEF|EPk0E$MM( D$Q0Q4A8D$ApUAu30MQP<tEtM+MEtM+M3@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFhF<jPv`]Yv`jW6@~<)~X~l^~t)ev!EPFpP<YYME9}rF|N;vv%V<W)F\+)F|N~u:~duaF~;s3vNV@;r^WSvPu)~\)~)~~~}FPF\^uT9EtOEGF^EFjP~+WuEvP)~\}}FPF\t4t0}u6~v}u&E$t3jXEtE[^_UV>uf~u`uy}ujjju`u<EPuuu3uEP%Y^]U3ES]VutSujSXff/tf\uBB
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfNt&FPQfNtf^jTueNN$EN4ENDEgN\E[TjSuN\ENDEN4EUN$EINE=M2<Tj,'WS3}ujhT}hD}Eh hh*Phh~hrKPbhVhJ{$u'h0P!h|hphdK4PhXeKD_GTEEEPMlhHEMPWuEPKDEP`MEzh<HMP8W0MEJEKDF9EHeK\MF]EPM]h,EMOPWMSEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFp_^SVvt:FW3;t/pt&UUWWWWWvFUWWWWWp]_^[UVEPtaE+EW=jPE+EPuuvMEMFEt+ptE+EjPE+EPuFup_^SVWv=tt$jvFtptt$Fjp_^[SU-VWv3=tD$0CvFtptD$0Fp3C_^][SU-VWv3=ttt$D$0CvFtptt$D$0Fp3C_^][UVFtZptMSWEPFp@Fpv0SEPWSFWp_[^UT3ESVWEPvEPv@v4WEPSWEPv0M_^33[t:VW=vtvt3@3_^UQEPu#_Mt{EHHVt,Htt$tfuGuuP`:uuPd-W=0jqFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfPMHt$t${Ih)39~PjYM};tl3v@vDvH]FPl;u3M+nMEnMEnMEnShXME|EPEPE,/YYMEvShM|EPEPE.YYMEvShM|EPEPE.YYMEvt /tE^SM;thI|EhP9|E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFxL[uv(V$YY9 [^U9 QQeV9 u(jh v(V 0 E& ujXS9 ]WPEPu$uuhGhFWSu(j0 E(Y& & 9 E8 RuEPu$9 Euu hHhGjuPn(j0 E(Y& u9 E8u;w-uv(V$3Q;uFHM8uF,M't%FM;uFLt
Ansi based on Dropped File
(~WRD0000.doc)
jFxL[uv(V$YY[^UQQeVu(jh v(V EujXS]WPEPu$uuhGhFWSu(jE(YE8uEPu$Euu hHhGjuPn(jE(YuE8u;w-uv(V$3Q;uFHM8uF,M't%FM;uFLt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jgHYUVEPxW^]xW_UVxWLEtVY^]UVW}GtGP:t?uN;tQR-YYt3$ttEtttt3@_^]UE=MOCt=csmu+~3]jhC}]ssue;ute~;w|O1uEytshSOteu-Yee}]uuE;utVsL]u~8csmu8xu2H t!t"uxu3A3jhCMt*9csmu"At@tePq?E38EeG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jhMPEPE YYM]jh8MFhPEPEYYM]uM(MVvMM9j8~39}u3MM}_;E~q;}}}\uMt/uFPMVt;|EEEE;E|;}tMWudEG;|MM3@~j4,}39]u3}OT_E;tM/9]]]uOT;ts9ukh,wYME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jHZ^0 M9 }9 9 ]9 ;IQ9 o9 f"t343FP9 N9 f\uFVj"9 P}9 u9 +VPEP9 0 u~9 }eP9 -: MM" hh`$9 2Rh9 h9 !RX$`9 EjPEP9 q~ME 0 EEPMQ"!juEP9 E<~MEz`PMq`P9 9 ME ME MM jV9 }0 E& `9 E3@j[eqEP9 'ahh`$9 89 MM~ S9 \$VW9 9 V9 :aO0 P9 *aV9 "a_^[U9 QeQ9 M& : 9 Ej9[R9 0 ueNl$^9 j9["9 0 ul$eN #j10 M9 ]9 9 u9 ; Q9 0 f-tf0rf9v3x69 j}9 69 j,9 9 ;ta;t;}9 ;t9 +9 WQEP9 ]S9 ]eP9 MM# O>9 PjI9 EXY3@; txD$D$PY" >9 L$PU9 QeQ9 Ma9 EjXj 9 9 u9 Mj6EP: eM89 jh$M9 M& u!GMZ3@ajh$}9 & u@0 G9 MM*9 3y9 L$th$h$ U9 Qey9 Mjth$h$" 9 E#3jh[9 } RjY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
jHZ^M}];IQof"t343FPNf\uFVj"Pu+VPEPu}eP-MMhh`$2hh!X$EjPEPqMEEEPMQjuEPE<MEzPMqPMEMEMMjV E`E3@j[eqEP'hh`$8MM~S\$VWV:OP*V"_^[UQeQMEj9[RueNl$^j9["ul$eN#j1M]u;Qf-tf0rf9v3x6j}6j,;ta;t;};t+WQEP]]ePMM#O>PjIEXY3@;tD$D$PY>L$PUQeQMEjXjuMj6EPeM8jh$MMu!GMZ3@ajh$u@GMM*3yL$th$h$UQeyMjth$h$E#3jh[}jYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jh}M PEPE YYM]jh8}MFhPEPEYYM]u9 M0 ~(}9 MVv: MM9xj8~39}u3aM9 M0 }_;0 E~q;0 }0 }}\u9 M 9 & t/& uFPMV0 t;~|9 E9 ~0 EE9 E;E|;}t9 MWud 9 EG;|MM 3@~j4,}39]u39 }OT_0 E;tM/9]0 ]0 ]} uOT 9 ;ts9~ukh,wY9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
jI0uEAEAE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jj!V9 |9 ^jUI9 u& t_9 F(+F "!+9 O3GMeh"!Wv$MWvvhGWv$MWvvMMV3JV9 LP3@0 X0 \ T9 ^x9 D$0 X9 D$0 LU9 VEPEP9 9 T <9 MD
Ansi based on Dropped File
(~WRD0000.doc)
jj!V|^jUIut_F(+F +O3GMehWv$MWvvhGWv$MWvvMMV3JVLP3@X\T^D$XD$LUVEPEPT<MD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JJ#J.J9JDJOJZJhJvJ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JJJ"0JJJJJK"&K.K6K>KFKNKVK^KfK"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjjPhOWj0 _^VW39 9=u^X& uUh|9 hPj0 W5"!N,WWWWWWh 9 Phh 0 ;t9 3@3_^9 & tt$PjiJ9 FDPM!ee~`9 !+& ~p& |V9 _& t9 j9 NyMMe" J=u1x& u(V9 t$& tt$Y& t9 V9 R9 j9 ^=W9 ug8& u^V9 t$& tT~uN9 Fuv 9 v9 vPH4u/9 HHu%S9 ^U9 nPvSOt9 USP][^_U9 Q=V9 u6& u-!EEPuNtGh& tuBY& t
Ansi based on Dropped File
(~WRD0000.doc)
jjjPhOWj_^VW39=u^XuUh|hPjW5N,WWWWWWhPhh;t3@3_^tt$PjiJFDPM!ee~`!+~p|V_tjNyMMeJ=u1xu(Vt$tt$YtVRj^=Wug8u^Vt$tT~uNFuv vvPH4u/HHu%S^UnPvSOtUSP][^_UQ=Vu6u-!EEPuNtGhtuBYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjuMSEMS& u
Ansi based on Dropped File
(~WRD0000.doc)
jjv ^U9 V9 & u3!EPv< & tuEuP ^8& t9 D$ 39 L$3@0 jW19 0 ]u30 E0 0 S0 9 E9 ,0 9 u9 E0 9 E0 9 E0 9 E ME0 ME M0 30 9t9 09 9 ;~0 10 M0 0 0 0 EM 9 x1jLW09 0 },39 @0 E& t9 PR&ELM9 "!K19 D$S9 \$V9 W0 9 D$3G0 F09 W0 ~0 ^Px9 9 P|WPt$9 Ss0 F& tjP0 9 _^[39 Su9t9 V9 0RRR9 V8^V9 9 9 L$;uPvjvnYY39 ;tQ9 ^U9 VEPq@ h9 VEPu V3@^j<l/9 jv
Ansi based on Dropped File
(~WRD0000.doc)
jjv _^V9 t$W9 & t-w& t t$9 F9 V9 +R9 V+RPQwS _^U9 V9 v& t1EPv@ & t u9 E+EP9 E+EPuuvS ^t$9 T$9 D$RPV9 D$tViY9 ^Vt$9 NT~)|$tj9 ^U9 SV3S9 0 E9^<tqW9 .9 =Pu0 E9
Ansi based on Dropped File
(~WRD0000.doc)
jjv^UVu3!EPv<tuEuP^8tD$ 3L$3@jW1]u3EE,uEEEE MEMEM39t0;~1MEM1jLW0},3@EtPR&ELMK1D$S\$VWD$3GF0W~^PxP|WPt$SsFtjP0_^[39u9tV0RRRV8^VL$;uPvjvnYY3;tQ^UVEPq@hVEPuV3@^j<l/jv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjv_^Vt$Wt-wt t$FV+RV+RPQw_^UVvt1EPv@t uE+EPE+EPuuv^t$T$D$RPVD$tViY^Vt$NT)|$tj^USV3SE9^<tqW.=PuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jl h^jN0\9 0 uDENE:M9 YwU9 9 ESV9 0 F89 EW0 F(v(9 3WWWWWWh WN 1Ph 9 0 F;u3[9 E9 ( WW0 F,9 EW0 F0WEPWWWv& uPjWWvEP9
Ansi based on Dropped File
(~WRD0000.doc)
jlh^jN0\uDENE:MYwUESVF8EWF(v(3WWWWWWhWN 1PhF;u3[E(WWF,EWF0WEPWWWvuPjWWvEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM"N8EPjejh(N8SSjN8jME*M]MM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM"R9 N8EPj9 0 ejh(a9 N8SSj9 N8jME* M] MM
Ansi based on Dropped File
(~WRD0000.doc)
jM0 ]pM4EMDEMEM EF;RMTEM]DMM 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jM4a}ME0 }p9}ht9WhxtSWv;t"9 MQ9 RH;tM)& uEp9 N9 URP,jhpM ZSE9}Xth`9}0thP
Ansi based on Dropped File
(~WRD0000.doc)
jM4ME}p9}ht9WhxtSWv;t"MQRH;tM)uEpNURP,jhpM ZE9}Xth`9}0thP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM[9 MEP: F;|ME`3F j,&9 E9 @3Wh`thtWP);u3@69 r99 ;tMbVM0 }x& ~3GMMb9 " 9 D$0 9 D$0 Ulh MpbeE`PMf3CM`]E& & 9 ux& 9F M0|M@EpMEdM EXMEL9 N9 U0REP9 NU@9 9 RP9 NU#9 RP& ujME0M E$MEM@EM0]M`EMMa39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jM[MEPF;|ME3Fj,&E@3Wh`thtWP);u3@6r9;tMbVM}x~3GMMb" D$D$UlhMpbeE`PMf3CM`]Eux9FM0|M@EpMEdM EXMELNU0REPNU@RPNU#RPujME0M E$MEM@EM0]M`EMMa3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM]pM4EMDEMEM EF;MTEM]DMMMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jMEujMEijud9 Mh;t9 Ml;tRE@PE PEPEPM0E$j9 E|M;t9 PQ9 E\9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jMEujMEijudMh;tMl;tE@PE PEPEPM0E$jE|M;tPQE\Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jME}ME}MMr6j'uelF^VD$tVY^j(uRej5GUDhD(PEPs@u} uP+u+}WVuPEDPuDEjjME-ejhM.jjEPuDM@CDee$tjPM.jjEPuDM@}TtEE0Ps<jE0PsE0+Eu0EE4+E}u8}<+u0+}4E$K4EtFE(jGjTE,-C4ePE=Ta-E@PETPT:E@;E,~E,u@MT$M(;ET|MTE(9ET~E(uTM@M,;E@|M@ETM@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jMGN8EPMQP<;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jMGR9 N8EP9 MQ9 P<;u
Ansi based on Dropped File
(~WRD0000.doc)
jMTj)9 LX;|MPSEP9 :hP9 E~dME]h 9 dh\9 dMLTP9 dM]wMM\9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jMTj)LX;|MPSEP:hPEdME]hdh\dMLTPdM]wMM\Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Job's URL:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Job's URL: Software\Microsoft\Internet Explorer\InternationalAcceptLanguage%00%%%02x
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jptptjptptjpj,'cExW7MVeEPv@EPWEP_N8 (E3t ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JPVS3v6Qf&FP^Tc~>Rn.N`QURq1P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JS error: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
jS3@xMF0N(SF4ePRhM3Cj]8SENQHhQHXQHPM3F,9]u<w$tVS5(w$MMj4AbWh4/M<dW3h /M])dMEUMPaMEUMPa9}t_;t[9]uMtMj+;uE;MV+uMPuEPhMPEXeME]]M]M}]UQehD/uEVD$tVY^jLbh0Sj39u)9uht0Sjj YYE};tMEP+EPE0MEGUt!M;Uth 0Sj#PEtPpt=jYEEtu3Pj5(EpEPESPMcjePUeMjE8MEESPh/Sj3jGPEPEPEPM}Eu<}Gt*ORPh/SjgGP)MRPMRPhh/SjG3MM;tP@UE9uut^39tFGtMj$>YEEt3MHOHPEx $WwuujhHSjMEMEzZMEnZMMbZljbuNTEoN4EN E$ZMN"VqxRt38Vt$ahaL$DQPaha3@^jcu03CNX]E~PXeMtSEPEPWu9FTt4E^4PWe
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jS^(WS%9 9 YP9 "!SvYY& t>_^[U9 30 EVW9 Ku3E}fjEPujEP9 9 M_3^ V9 D$tVY9 ^V9 N9 ^hji9 FPMue9 nM ji"!9 FPMueu9 MEU9 QV9 FPMzu9 ,M9 9 ^V9 0D$tV,Y9 ^V9 ~D$tVY9 ^V9 3jt$0 F0 F0 9 ^Vt$9 30 F0 F0 9 ^9 D$Vj
Ansi based on Dropped File
(~WRD0000.doc)
jS^(WS%YPSvYYt>_^[U3EVWKu3E}fjEPujEPM_3^VD$tVY^VN^hjiFPMuenMjiFPMueuMEUQVFPMzu,M^V0D$tV,Y^VD$tVY^V3jt$FF^Vt$3FF^D$Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jsonParams
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
jSYY3@_^[]V9 ND$tV*<Y9 ^V9 9 Pp& tCDVP Q\N9 D$fjhzt$0 FQP|9 uP9 ^9 D$V9 & t0 FDVP [N9 D$jhzt$0 FQPFx9 & uP9 ^9 9
Ansi based on Dropped File
(~WRD0000.doc)
jSYY3@_^[]VND$tV*<Y^VPptCDVPQ\ND$fjhzt$FQP|uP^D$VtFDVP[ND$jhzt$FQPFxuP^
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jt$9 G & tt$9 V9 9 ^ajx9 M.Ueh |eMYMF$UU9 Q9 MejhHL9 EU9 Q9 MejhpL9 EU9 Q9 MejhL9 EU9 Q9 Mejh zL9 EjbeM=3ECPM0 ]ME>& t9 Mjh|9 *L0 ]_h MNhHMNMEPME9 M& tEP^Ojh|9 KM0 ]EM]EME 9 EjeEP3CM0 ]&>& t9 Mjh|9 jK0 ]QhMMM/EPMEM9 M& tEPNjh|9 "KM0 ]]ME,E9 E3jLeM3ECPM0 ]SMEp=& t9 Mjh|9 Jh MAM9 MEPNM0 ]]DMEg9 EjeM>3ECPM0 ]ME<& t9 Mjh|9 +Jh ML9 MEP9 MM0 ]]&DME9 E!jN:ee9 MjhSI9 Meh ELL9 EjNee9 ujhS9 Ieh 9 ELhH9 K9 0 j&eEP" 3FM0 u;& t9 Mjh|9 IhMK9 MEPyLM0 uEC9 EjN3eeu#9 MehELK9 EjNeeu9 MehE
Ansi based on Dropped File
(~WRD0000.doc)
jt$9 V89 _^U9 VW9 39 EHHtLHt6Hu$L;u9 3& " A9 L0 E9 MjVVcP$9 MjVUPhh9 MjVBPhLh@VD_^]hR8U\9 uelEj P0 h! YYjEP9 ce}& lt'& pj P* YYj 9 "& pP9 &9 h\U9 QQeEPE #EV9 & u^4+3^j8\[9 M3M0 }A& & M& & j^WSejS0 ~0 ^ ; & WWjv ;ttWEPjh ;t_EPEPEPu0 }0 }0 } ;t=WujvH ;t*MM~9 (hhxj}"!_MM~3[U9 $ 30 EV9 u&3W9 }9EtMWuPL9 & u3+P=u}uWTWX9 9 M_3^;TUl$R 30 EpSVj[h3EVP dEPE } u|Vh MQjP & W9 = EPVVju& u`PzuUuV 9 & tEEPuVju& t+6 `P6 9 = r
Ansi based on Dropped File
(~WRD0000.doc)
jt$Gtt$V^ajxM.Ueh |eMYMF$UUQMejhHLEUQMejhpLEUQMejhLEUQMejh zLEjbeM=3ECPM]ME>tMjh|*L]_hMNhHMNMEPMEMtEP^Ojh|KM]EM]EMEEjeEP3CM]&>tMjh|jK]QhMMM/EPMEMMtEPNjh|"KM]]ME,EE3jLeM3ECPM]MEp=tMjh|JhMAMMEPNM]]DMEgEjeM>3ECPM]ME<tMjh|+JhMLMEPMM]]&DMEE!jN:eeMjhIMehELLEjNeeujhIehELhHKj&eEP3FMu;tMjh|IhMKMEPyLMuECEjN3eeu#MehELKEjNeeuMehE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jt$V8_^UVW3EHHtLHt6Hu$L;u3ALEMjVVcP$MjVUPhhMjVBPhLh@VD_^]h8U\uelEj PhYYjEPce}lt'pj P*YYj "pP&h\UQQeEPE #EVu^4+3^j8\[M3M}AMj^WSejS~^;WWjv;ttWEPjh;t_EPEPEPu}}};t=WujvH;t*MM~(hhxj}_MM~3[U$3EVu&3W}9EtMWuPLu3+P=u}uWTWXM_3^;TUl$3EpSVj[h3EVPdEPE}u|VhMQjP W=EPVVjuu`PzuUuVtEEPuVjut+6P6= r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ju9 0 ejhTS0 E0 } x9 0 ejh|9 0 }kx9 }MWWjj ;t
Ansi based on Dropped File
(~WRD0000.doc)
jU9 QQ}SVW9 u`9 u& tYEP9 9 u0 EEP9 9 p9 M& t#3Fj9 0 R}u9 u9 PX9 3_^[9 0 & t{3@0 3@48t9 T$89 pWYY9 D$ 3jDXx"9 M>9 } e& t*e9 MQWEPxuM%uEjuMjuMEWMQMQMs9 Q9 EP\9 }0 & t9 MQMQ9 P`u 9 Wuuuuu
Ansi based on Dropped File
(~WRD0000.doc)
ju]9 U9 ]9 U9 9 EV9 F& ucOI0 F9 Hl0 9 Hh0 N9 ;
Ansi based on Dropped File
(~WRD0000.doc)
ju]9 U9 SVuME9 ];sT9 M~EPjS9 M
Ansi based on Dropped File
(~WRD0000.doc)
ju]U]UEVFucOIFHlHhN;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ju]USVuME];sTM~EPjSM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juaMPN ljBk9 0 uku39 0 E 0 F0 F0 FP9 }lj s7 ke9Eu9 IjQ9 MQPEPj3CM0 ]uEPMEu9 MEPaM0 ]]ME`9 EkjBk9 0 u 3j
Ansi based on Dropped File
(~WRD0000.doc)
juejhTE}xejh|}kxMWWjj;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juMPNljBkuku3EFFFP}lj s7ke9EuIjQMQPEPj3CM]uEPMEuMEPaM]]MEEkjBku3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jUQQ}SVWu`utYEPuEEPpMt#3Fj}uuPX3_^[t{3@3@48tT$8pWYYD$ 3jDX"M>} et*eMQWEPxuM%uEjuMjuMEWMQMQMsQEP\}tMQMQP`u Wuuuuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juu9 Eu]9 U9 QS3V;uXj^0 0SSSSS(9 9]v39]f0 " @9EwOXj"9 E"w9]0 ]9 ]9 tj-Xf0 9 EwE9 E0 u3QuPS }0 ]9 9 vW0f0 9 MFFA0 M& w& v;Mr9 M3;Mrf0 Wj"Y0 9 39f0 NN9 Ef9 f0 Nf0 N@@0 E;r3^[9 U9 W9 }juuuu_]9 U9 SV9 uW39}u;u9}u3_^[];t9 ];w?Wj^0 0WWWWW9 9}u3f0 9 U;u3f0 }9 u
Ansi based on Dropped File
(~WRD0000.doc)
juu9 M]9 U9 9 E& t8uPY]9 U9 30 ES3V;upFj^SSSSS0 05uW YY;Er9 U9 9 H;u 9 8t`<a|<z, A8u3jpSSjWVQR} 9 $0 M;uE*E9 9MsEj"^;~Ej3Xr9A=w+9 ;tPY;t9 M0 E0 ]9]u
Ansi based on Dropped File
(~WRD0000.doc)
juuEu]UQS3V;uXj^0SSSSS(9]v39]f@9EwOXj"E"w9]]]tj-XfEwEEu3QuPS]vW0fMFFAMwv;MrM3;MrfWj"Y39fNNEffNfN@@E;r3^[UW}juuuu_]USVuW39}u;u9}u3_^[];t];w?Wj^0WWWWW9}u3fU;u3f}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juuM]UEt8uPY]U3ES3V;upFj^SSSSS05uWYY;ErUH;u 8t<a|<z, A8u3jpSSjWVQR$M;uE*E9MsEj"^;~Ej3Xr9A=w+;tPY;tME]9]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jV:YY }& 9 %=! S9 & V0 Y & R0 }$9 M0 RVuuu$G 9 ujVuu v9 ]{v& }& )u$u uSuuuV tT_^[9 U9 Vu9 e0 xW9 ^]9 U9 SVW9 E9 Mcsm" u 9 ;t& t9 #;r
Ansi based on Dropped File
(~WRD0000.doc)
jV:YY}%=!VY}$MVuuu$GujVuuv]{v&})u$u uSuuuV tT_^[UVuexW^]USVWEMcsm"u ;t&t#;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jW9 ][_^W9 Ox~M& t3"9 L$V3`M& ujt$9 9 9 ^_jjc9 0 ue~9 089 EuNxE0 Ft^9 j
Ansi based on Dropped File
(~WRD0000.doc)
jW][_^WOxMt3"L$V3Mujt$^_jjcue~08EuNxEFt^j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jX ; & 0 ]9]u9 9 @0 E9 5 39] SSu" uPu9 ; ~<w4D?=w 9 ;tP[^Y;t9 & ti?PjS AWSuuju& tuPSuR0 ESSj9 EYu39]u9 9 @0 E9]u9 9 @0 Eu|UYu3G;EtSSMQuPuU9 ;t0 uuuuuu9 ;tV\Y9 e_^[9 M3R09 U9 uMPu$Mu uuuuu }t9 Map9 U9 39Ev9 M 9t@A;Er]9 U9 9 EV3;uVVVVV;9 @^]8 `Vj^& u;}9 `jPYYP& ujV0 5`SYYP& ujX^38 P0 |j^3H W9 9 & 9 9 t;t& u0 1 B |_3^xv =tU5P>[Y9 U9 V9 u8 ;r" w9 +Q:N Y
Ansi based on Dropped File
(~WRD0000.doc)
jX00& ;u9 ;u39 f9t@@f9u@@f9u9 5 SSS+S@PWSS0 E0 E;t/PY0 E;t!SSuPuWSS& uu Y0 ]9 ]W9 \t;u 9 ; r8t
Ansi based on Dropped File
(~WRD0000.doc)
jX00;u;u3f9t@@f9u@@f9u5SSS+S@PWSSEE;t/PYE;t!SSuPuWSSuuY]]W\t;u;r8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jX;]9]u@E539] SSuuPu;~<w4D?=w;tP[^Y;tti?PjSAWSuujutuPSuESSjEYu39]u@E9]u@Eu|UYu3G;EtSSMQuPuU;tuuuuuu;tV\Ye_^[M3R0UuMPu$Mu uuuuu}tMapU39EvM9t@A;Er]UEV3;uVVVVV;@^]8`Vj^u;}`jPYYPujV5`YYPujX^38P |j^3HWt;tu1 B|_3^v=tU5P>[YUVu8;r"w+Q:NY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jXj 9 9 }& u=WN )M9 }eEP9 N9 WURPMMy 9
Ansi based on Dropped File
(~WRD0000.doc)
jXj}u=WN)MeEPNWURPMMy
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jY+0 M+MV0 M9 0 M0 MjY+9 E0 M0 UE0 M9 MP0 U|n9 9 j;tEPkwEEP]wE9 9 jPLw9 9 50 jp9 jp3FM E"!MM"!9 9}tg9 & t9 E;E~0 EE
Ansi based on Dropped File
(~WRD0000.doc)
jY+M+MVMMMjY+EMUEMMPU|nj;tEPkwEEP]wEjPLw50jpjp3FMEMM9}tgtE;E~EE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Jy^9 U9 W9 /& tS}t}uu7~Y0 E}t9 G;Er9 O+ESV4A9 uuS & tCC;v^[_]9 +G9 D$9 P9 @RPz9 D$& t
Ansi based on Dropped File
(~WRD0000.doc)
Jy^UW/tS}t}uu7~YE}tG;ErO+ESV4AuuStCC;v^[_]+GD$P@RPzD$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jYEejY1uvM$:uj<+t(<-t$:t<C<<E~<c0<e(jJjy1RM$:T:fUu<9}s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jYVj54L & uZS9 PP
Ansi based on Dropped File
(~WRD0000.doc)
jYVj54LuZSPP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jY|& +39
Ansi based on Dropped File
(~WRD0000.doc)
jY|& +3}tC 9 +
Ansi based on Dropped File
(~WRD0000.doc)
jY|& +3}tC" 9 +
Ansi based on Dropped File
(~WRD0000.doc)
jY|+3}tC+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j}}yEPeM& tMM9 &zMMEME9 EPhMIPVM" EM& t9 u`MEp}wME]ujxEPeM& t3MMo9 wy}tjyY9 9 }MMESMEWhM9 PVM
Ansi based on Dropped File
(~WRD0000.doc)
j}}yEPeMtMM&zMMEMEEPhMIPVMEMtuMEpwME]ujxEPeMt3MMowy}tjyY}MMEMEWhMPVM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
K ~?`,ZD^0RaX(nb:Me!g KqFSx1H1E#7OASA`+S#ZhKx&h},X (<U0 %! y-y ! %ww+f
Ansi based on Dropped File
(~WRD0000.doc)
K& EE9 E;|^[`EjlW teMqj9 Mjj0 s j,h DR9 9 }9 u0 ]e9 G0 EvEP}YY0 E 9 0 E9 R0 E0 9 M0 Re3@0 E0 EuuSuW0 Eeo9 E9 e9 u9 }~ O9 O9 ^e9 E;Fsk9 P;~@;H;9 F9 LQVjWee9 uEE9 E0 E9 }9 u9 E0 Gu}Y9 M0 9 M0 R>csmuB~u<9 F= t=! t=" u$}u}tvY& tuV%YYjhHD30 U9 E9 H; X8Q O9 H;u <9 9 u& xt10 U3CStA9 }wzYY& SVnzYY& 9 G0 9 MQPYY0 9 }9 Ep tH7zYY& SV&zYY& "!w9 EpV& 9 & t|WS9Wu8yYY& taSVyYY& tTwW9 Ep_YYPV9yYY& t)SVyYY& tw yY& tjX" @0 EE9 E3@9 eF30 jhhD79 E t9 ]
Ansi based on Dropped File
(~WRD0000.doc)
K& uSh,1MZM*"EPMEH&9 M& ujh|9 (XM0 ]]"EP`[9 Mjh|9 W0 ]MER9 E9 L1L1V9 0zD$tVY9 ^D$V9 L1tVY9 ^j~f9 0 u~9 X1xHeh|9 9 wS9 X1rQj[eEPXMMJQTj\dmq9 I& t3@=9 0 ejh\1VVM"3M0 u& uFMM9 hRd9 9 ]& t9 z& t
Ansi based on Dropped File
(~WRD0000.doc)
K9 ESjNeeu9 MehEJ9 E]jNveeu'9 MehEJ9 EjN7eeu9 MehEPJ9 EjHj9 9 Me8:& t9 Mjh|9 |G=EP9 9 M3F0 u8PMI9 MEPJM0 uEaA9 EhjHj9 9 Me9& t9 Mjh|9 G<uEP9 L3FhM0 u~I9 MEPQJM0 uE@9 EjHj9 9 MeK9& t9 Mjh|9 FZEP9 a3FM0 u9& t9 Mjh|9 aF9 M7PMH9 MEPIM0 uEW@9 E^j&wueEPP3FM0 u8& t9 Mjh|9 EhMxH9 MEPKIM0 uE?9 EjQ9 M ueEP9 f3CM])8& t$3ME ?MMJ9 }hMG9 MEP0 ]6PM6PM& t9 ]j|p9 MueEP9 ME 7M& u+hxG9 MEPZ6PMQ6PMME>MM}jNeeu9 Meh$EG9 E" jNeeu9 MehHEF9 EVjoe9 M3C0 ]6& t9 Mjh|9 C0 ]}uMWGh9 hME6h9 hM 6hhMt6hhMb6hT"!hSMP6VhM=6VhM/6Vh M!6VhxM6VhpM6hlhdM5h|9 h\M5M3 & ~`VM 4f:t6f.t0f/t*f?t$f\tf*tf<tf>tf|tf"uj_VMS4MF1 ;|MB5& uM4PM D9 MEPEM0 ]]}<ME <9 E0 j hjhM8Beh! M%DMjME: 3Ph M8#MEMM<U9 30 EV9 uh& jPh& P5"!,j9 & uh|9 & P~A9 M9 3^Hj EPs3M0 u3& tMM_;9 gM2P09 joueEP[ME3& t$3ME
Ansi based on Dropped File
(~WRD0000.doc)
KEEE;|^[EjlWteMqjMjjsj,h DR}u]eGEvEPYYE EEMe3@EEuuSuWEeoEeu}~OO^eE;FskP;~@;H;FLQVjWeeuEEEE}uEGuYMM>csmuB~u<F= t=!t="u$}u}tvYtuV%YYjhHD3UEH;X8QOH;u<uxt1U3CStA}wzYYSVnzYYGMQPYY}EptH7zYYSV&zYYwEpVt|W9Wu8yYYtaSVyYYtTwWEp_YYPV9yYYt)SVyYYtwyYtjX@EEE3@eF3jhhD7Et]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KEjNeeuMehEJE]jNveeu'MehEJEjN7eeuMehEPJEjHjMe8:tMjh||G=EPM3Fu8PMIMEPJMuEaAEhjHjMe9tMjh|G<uEPL3FhMu~IMEPQJMuE@EjHjMeK9tMjh|FZEP3FMu9tMjh|aFM7PMHMEPIMuEW@E^j&wueEPP3FMu8tMjh|EhMxHMEPKIMuE?EjQMueEPf3CM])8t$3ME?MMJhMGMEP]6PM6PMt]j|pMueEPME7Mu+hxGMEPZ6PMQ6PMME>MMjNeeuMeh$EGEjNeeuMehHEFEVjoeM3C]6tMjh|C]}uMWGhhME6hhM6hhMt6hhMb6hThMP6VhM=6VhM/6VhM!6VhxM6VhpM6hlhdM5h|h\M5M3~`VM4f:t6f.t0f/t*f?t$f\tf*tf<tf>tf|tf"uj_VMS4MF1;|MB5uM4PMDMEPEM]]<ME<EjhjhM8BehM%DMjME3PhM8#MEMM<U3EVuhjPhP5,juh|P~AM3^HjEPs3Mu3tMM_;gM2P0joueEP[ME3t$3ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
keL-~5,jL&RI6{u-uo]|s<UW|?TS-DpA(S=p,="Z,E;MMJVh}T~~66` wCo*=TU(~YrFGNd"[@ v9AlEWm5x.)2wBXKo6s00eeR&.Y)"\0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
keL-~5R,jL&RI6}{u-uo]|s<U"!W|?T S-D pA(S=p,="Z,: "!E;M M JVh}"!T ~~6 6~` }wCo*=`Tx}Ux(0 ~YrF" GN"!d "[@ v 9AlE Wm5 0 x. )2SwBXKo6`s0 0 eeR&.Y)& "\0
Ansi based on Dropped File
(~WRD0000.doc)
KERNEL32.DLL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
KERNEL32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
KillTimer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Kju4PPWWWWPsE,tsjjSu,u4Su,h WWu4u$u WWu@uu4u(u4Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
kkkkkkkf/
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
KKKKKKKKKKKKK"|L'L2L:LBLJLRL\LdLlLwL
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
kMEkMEkuduMP}p9 uPER`& VMX}Xu/}pt
Ansi based on Dropped File
(~WRD0000.doc)
kMEkMEkuduMP}puPEVMX}Xu/}pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KQ~9 Y& u
Ansi based on Dropped File
(~WRD0000.doc)
kRYevh E>jJRY0 }9 E0 Fl& uH0 Flvl JYE3G9 uj
Ansi based on Dropped File
(~WRD0000.doc)
kRYevhE>jJRY}EFluHFlvl JYE3Guj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KS[cks{ "$#&+3(;C*KS,[c.ks0{2468:<>"A19Z"}"("d
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KS[cks{9 : "$#&+3(;C*KS,[c.ks0{29 4: 68:<>" A19Z" & }~" (" d
Ansi based on Dropped File
(~WRD0000.doc)
KuSh,1MZM*"EPMEH&Mujh|(XM]]"EP[Mjh|W]MEREL1L1V0zD$tVY^D$VL1tVY^j~fu~X1xHeh|wSX1rQj[eEPXMMJQTj\dmqIt3@=ejh\1VVM"3MuuFMMhRd]tzt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
K~?`,ZD^0aX(nb:Me!gKqFSx1H1E#7OASA`+#ZhK&h},X (<U%y-y%ww+f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L! LL LLLL" LL" 0" M&M.M6M>MFMvMM" MM" @Y! " h0MMMMM@#" NN%N-N5NXN`N" N" TN" N" OO" 4O" WO" 8zO" d" OOOOOOO" P"P-P" RPZP" L "
Ansi based on Dropped File
(~WRD0000.doc)
L$t3^jut6}u0M!eEPMuM3!pPhj_XMM3@ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
l& tuu& t3@uuj5hp ]V9 DPv(hE
Ansi based on Dropped File
(~WRD0000.doc)
L1$ ! & _^[u ]%@]9 U9 9 EV3;uVVVVVhjX
Ansi based on Dropped File
(~WRD0000.doc)
L1$!_^[u]%@]UEV3;uVVVVVhjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L1$` a
Ansi based on Dropped File
(~WRD0000.doc)
L1$` ' I 9
Ansi based on Dropped File
(~WRD0000.doc)
L1P`B:}Q0 MS<9[`B:}OMEO ?tEPuEP/9 ES39U}E9UuE9Uu+E=P"=R. `0 E; }
Ansi based on Dropped File
(~WRD0000.doc)
L1PB:}QM<9[B:}OMEO?tEPuEP/E39U}E9UuE9Uu+E=P"=.`E;}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L2uy>u;uM;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L9Pf;sQ0 Mf9! Yf;sJ9 E} 9 MEH 8tEPuEP$Q9 E39US}E9UuE9U u+E=P"=R. `0 E; }
Ansi based on Dropped File
(~WRD0000.doc)
L9Pf;sQMf9Yf;sJE}MEH8tEPuEP$QE39U}E9UuE9Uu+E=P"=.`E;}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L`@3E=}h@5huh=@tPzYhSE0j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LANGUAGE_PACK
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LanguagePack.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LanguagePacks
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LAST_UPDATE_TIME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastCheckTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastDisplayTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastLoggedOnUser
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastRequestTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastResponseTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastUpdateTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LCMapStringA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LCMapStringW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LeaveCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LegalCopyright
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LegalTrademarks
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Lhhhhhhhhhf&QO
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
like this.Introducing a handy new featureThe publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.Version: About NotificationsFeedBackFAQPrivacy PolicyAboutViewShow notifications from:Notification SettingsShow icon in system trayNotifications enabledDisable NotificationsEnable NotificationsAbout...Settings...RefreshCommunity Notifications9 Xx>: 0 mmmxxxmr`NEmConduitAlertMessageCommunity AlertsAlerts/AlertServices.asmx/AlertLoginAlerts/AlertServices.asmx/GetToolbarAlertsInfoAlerts/AlertServices.asmx/SetAlertUsageRequestConduitFeedsSoftwareDataChannelsRegisteredSourcesSourcesHistoryIgnoreNotificationsDataAppsGuids%22%40@%2B%2F%26%2b%2f_><<&&"'CLSID\LastUpdateTime0IntervalLastCheckTimeUpdateFeedIntervalShowStateLastDisplayTimeDownloadErrorCountIsFeedModifiedINSTANT_ALERTConduit_Alert_Autoupdate_MutexAlert1.dllAlert0.dllAlert.dllConduit Ltd.AutoUpdateLastTimeAutoUpdateIntervalInHoursAutoUpdateServerNamehttp://iealert.conduit-download.comAutoUpdateServerVersionFakeAutoUpdateIntervalAutoUpdateEnabledShowAlertsSendUsageEnabledShowIconInSystemTray\StringFileInfo\%04X%04X\%sFileVersionAlertWindowLastUserCloseTimeShowMessageAfterUserCloseIntervalUpdateAllFeedsLastTimeLogMaxFileSizeLogLevelsStringSampleAlertWasShownFirstTimeMessageDisplayedMessageAppearTimeMaxShowedMessagesDefaultShowIconInSystemTrayFirstTimeStampIntervalFirstTimeStampLoginMessageIntervalInMinutesLoginMessageLastCheckTimeLoginMessageLastUpdateTime}{UserIDLocalesLP_CurrentUILocaleAlerts/AlertServices.asmx/GetAlertTranslationLP_LastCheckTimeLP_LastUpdateTimeLP_ReloadIntervalInHoursShowSampleAlertSampleAlertNameLanguagePack.xmlInstantAlertIdsDialogsmain.htmlAlertReformatURLALERT_HTML_DIALOG_MUTEX_NAME<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML><PROTOCOL_ID>%s</PROTOCOL_ID>DisableSourcesxRrXALPClientsServerNamehttp://alert.client.conduit.comALPServicesServerNamehttp://alert.services.conduit.comCacheIconsLanguagePacksLog.xmlThreadingModelApartment\InprocServer32Conduit Community AlertsPathTitleUrlALERT_CHANNELMESSAGEALERT_INFO1 .Update?aid=FaqAlertsPrivacyFeedback\USER_ALERTS_STATUSDISABLEDENABLEDUSER_IDKEY_IDTRANSLATION_KEYSALERT_TRANSLATION_RQEB m_WM_ALERT_BROADCASTR$a~lwM @a;x}~ rrx(("zDyxy"!y0 usU'r#s"! ALERT_OPTIONS_DIALOG_MUTEX_NAMESysTreeView32?@HB ) dB xx emNaG Qdc.}" 0 60 f! ArialTahoma8n'M>: XmmmXxxmLGp: PB ) dB xx emNaG Qd c
Ansi based on Dropped File
(~WRD0000.doc)
like this.Introducing a handy new featureThe publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.Version: About NotificationsFeedBackFAQPrivacy PolicyAboutViewShow notifications from:Notification SettingsShow icon in system trayNotifications enabledDisable NotificationsEnable NotificationsAbout...Settings...RefreshCommunity NotificationsX>mmmmr`NEmConduitAlertMessageCommunity AlertsAlerts/AlertServices.asmx/AlertLoginAlerts/AlertServices.asmx/GetToolbarAlertsInfoAlerts/AlertServices.asmx/SetAlertUsageRequestConduitFeedsSoftwareDataChannelsRegisteredSourcesSourcesHistoryIgnoreNotificationsDataAppsGuids%22%40@%2B%2F%26%2b%2f_><<&&"'CLSID\LastUpdateTime0IntervalLastCheckTimeUpdateFeedIntervalShowStateLastDisplayTimeDownloadErrorCountIsFeedModifiedINSTANT_ALERTConduit_Alert_Autoupdate_MutexAlert1.dllAlert0.dllAlert.dllConduit Ltd.AutoUpdateLastTimeAutoUpdateIntervalInHoursAutoUpdateServerNamehttp://iealert.conduit-download.comAutoUpdateServerVersionFakeAutoUpdateIntervalAutoUpdateEnabledShowAlertsSendUsageEnabledShowIconInSystemTray\StringFileInfo\%04X%04X\%sFileVersionAlertWindowLastUserCloseTimeShowMessageAfterUserCloseIntervalUpdateAllFeedsLastTimeLogMaxFileSizeLogLevelsStringSampleAlertWasShownFirstTimeMessageDisplayedMessageAppearTimeMaxShowedMessagesDefaultShowIconInSystemTrayFirstTimeStampIntervalFirstTimeStampLoginMessageIntervalInMinutesLoginMessageLastCheckTimeLoginMessageLastUpdateTime}{UserIDLocalesLP_CurrentUILocaleAlerts/AlertServices.asmx/GetAlertTranslationLP_LastCheckTimeLP_LastUpdateTimeLP_ReloadIntervalInHoursShowSampleAlertSampleAlertNameLanguagePack.xmlInstantAlertIdsDialogsmain.htmlAlertReformatURLALERT_HTML_DIALOG_MUTEX_NAME<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML><PROTOCOL_ID>%s</PROTOCOL_ID>DisableSourcesxrXALPClientsServerNamehttp://alert.client.conduit.comALPServicesServerNamehttp://alert.services.conduit.comCacheIconsLanguagePacksLog.xmlThreadingModelApartment\InprocServer32Conduit Community AlertsPathTitleUrlALERT_CHANNELMESSAGEALERT_INFO1 .Update?aid=FaqAlertsPrivacyFeedback\USER_ALERTS_STATUSDISABLEDENABLEDUSER_IDKEY_IDTRANSLATION_KEYSALERT_TRANSLATION_RQEB m_WM_ALERT_BROADCAST$~lwM@;x}rrx(("zDyxyyusU'r#sALERT_OPTIONS_DIALOG_MUTEX_NAMESysTreeView32?@HB)dBxxemNaGQdc.6fArialTahoma8n'M>XmmmXmLGpPB)dBxxemNaGQdc
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LLLLLLL"LL"0"M&M.M6M>MFMvMM"MM"@Y! "h0MMMMM@#"NN%N-N5NXN`N" N"TN"N"OO"4O"WO"8zO"d"OOOOOOO"P"P-P" RPZP"L "
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LoadCursorA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadImageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadLibraryA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadLibraryW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadResource
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Local Disk (C).LNK=0[doc]Alert.dll.LNK=0
Ansi based on Runtime Data
(WINWORD.EXE
)
LocalAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LOCALE_NOT_SUPPORTED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LocalFileTimeToFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LocalFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LockResource
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoggerWnd
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LoginMessageIntervalInMinutes
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LoginMessageLastCheckTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LoginMessageLastUpdateTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LogLevelsString
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LogMaxFileSize
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_CurrentUILocale
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_LastCheckTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_LastUpdateTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_ReloadIntervalInHours
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
lPhtM`MPESVEPPM<E9Ph`M`sMPEM|E`P9pEMEM EMEzM@EnM0]cM`EWMM_]UMtMtMj"M{MPrPhu03@]j@eM43CM]lEuMjh|]MQE0gjhMlVMEoM[MEPVE@!MPMMPMEDM]9F;|MEPMEMEPgM]]MEEj,_ejuM3CM]EtMjh|]M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ltuut3@uuj5hp]VDPv(hE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Lx9 M|9 T$B9 J3vl
Ansi based on Dropped File
(~WRD0000.doc)
LxM|T$BJ3vl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
lxPhtM`MPESVEPPM<9 E9xPh`M`sMPE9 M|E`P9pERME M E MEzM@EnM0]cM`EWMM_9 ]U9 9 Mx& t9 Mx& t9 Mj~"9 M{~9 MPr~Phu03@]j@eM43CM0 ]l0 E& u9 Mjh|9 0 ]9 MQ9 9 E9 0gjhMlVMEoM[9 MEPVE@!MPM9 MPMEDM]9F;|" MEPME9 MEPgM0 ]]ME9 Ej,_ejuM3CM0 ]E~& t9 Mjh|9 0 0 ]M
Ansi based on Dropped File
(~WRD0000.doc)
M 4 WVM 0 }/M \& tWWEPuM F" MM a 9 T9 9 <L
Ansi based on Dropped File
(~WRD0000.doc)
M E9 0 ePg9 M MEMEME@MEM]M0 u3@1ME
Ansi based on Dropped File
(~WRD0000.doc)
M Ep\MPEd\M0EX\M@EL\ME@\ME4\M]9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
M Ep\MPEd\M0EX\M@EL\ME@\ME4\M]Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M!^UQVuWEPVo}YYuEPV\YYMuEPVDYYMuEPV,YYuMU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M!_^Ujju tuYME;sMSWWYuMjX9EVEMM;wEu+uE+;wjVuuRujWSu>GH<Pu|Ku|u|t}E}uE9Eq^SEY_[T$L$VqAAN?qA^UXSW}3];ujXGGVSP7tu*EP7YYtM}PKtEEP7YYtuEP7lYYtuEP7XYYtuEP7DYYtuEP7tYYtuEPuEP7TtuEP7?YYtuEP7+YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuuu9]E;t;;us]v}v7jSPytM+}uu`}tZu] ;s}tju7u!EMv} v7jSutME+EE}uz]$tXuM(;suMtjP7UtMv}(v7juStM}u}tjYuEtME^_[Vt$W3;ujX*F$WWWWWFWFxPF(PV~3$;N_^Vt$W3;ujXF9~ujF@;FtNPNLVHWWWWWFWFxPF(PL.NV3$;N_^UQESVuW38E8E8FFxWP63:tfEP6yYYt}PKtj[EP6YYtEP6YYtEP6YYt;uF49Eu;ttj[EP6YYtEP6YYt;uE;F<tEuj[EP6YYt;uE;F@tEuj[EP6YYt;uE;FDtEuj[EP6(}YYtu;~Htj[E8EP6YYtFxMD8EMM_^[SUW|$33;ujXMVw|;ujX?9^\uFP;FTtj];tPoY9^@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M& uUSf/tC0 ]9 E9 URPEQ@9 E;t9 M;t9 39 QP 9 EE
Ansi based on Dropped File
(~WRD0000.doc)
M'S9; Z>&XBK\$:[.=\-Q(2/R*<6)GA%"TE
Ansi based on Dropped File
(~WRD0000.doc)
M'S9;Z>&XBK\$:[.=\-Q(2/R*<6)GA%"TE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M)Mb9 T$B9 J3@"!Ta: M{)M79 T$B9 J3"!6: MP)9 E e9 M8)M/)9 T$B9 J3aM)M)MM(9 T$B9 J3 0aM! M(M& 9 M(9 T$B9 J3[t|aM (MDMJ9 T$B9 J3(IaM(c(M8[(MS(MM"!-M8;(9 T$B9 J3 "!Mn-9 T$B9 J3 0"!MMM'M3-M'u~Y9 T$B9 J 3m T}"!M'M'MNM'ML9 T$B9 J3* K"!Me'M ]'M,MXMLM3M85'ulnYM8#'9 T$B9 J3 M'M&M&MM&9 T$B9 J3 `M&9 E e9 M&MS&MJMP9 T$B9 J3. OMi&MM9 T$B9 J3" 9 T$B9 J3" < M
Ansi based on Dropped File
(~WRD0000.doc)
M)MbT$BJ3@TaM{)M7T$BJ36MP)EeM8)M/)T$BJ3M)M)MM(T$BJ30MM(MM(T$BJ3[t|M(MDMJT$BJ3(IM(c(M8[(MS(MM-M8;(T$BJ3Mn-T$BJ30MMM'M3-M'uYT$BJ3mTM'M'MNM'MLT$BJ3*KMe'M ]'M,MXMLM3M85'ulnYM8#'T$BJ3M'M&M&MM&T$BJ3`M&EeM&M&MJMPT$BJ3.OMi&MMT$BJ3T$BJ3<M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M.9 Mb,9 T$B9 J3SR%~M?,9 T$B9 J3: 9 `3: M,M,M+MM9 T$B9 J3 : M+MzM 9 T$B9 J3^: @9 E e9 M0 +9 T$B9 J3*: lKMe+MM9 T$B9 J3aM2+M*+M"+M9 T$B9 J3aSMM*M*M*M*M*9 T$B9 J3qa SM*MhMS*9 E e9 M *9 T$B9 J3%a FSM`*MMP*9 T$B9 J3"!SM-*MM*M*9 T$B9 J3"!: 9 M9 T$B9 J3 "!0: M)9 E e9 M)Md
Ansi based on Dropped File
(~WRD0000.doc)
M.Mb,T$BJ3%M?,T$BJ33M,M,M+MMT$BJ3M+MzMT$BJ3^@EeM+T$BJ3*lKMe+MMT$BJ3M2+M*+M"+MT$BJ3MM*M*M*M*M*T$BJ3qM*MhM*EeM*T$BJ3%FM`*MMP*T$BJ3M-*MM*M*T$BJ3MT$BJ30M)EeM)Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M0E& u#MM@39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
M0Eu#MM@3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m0uuuuVh;}u;"SSSSS&^[]UQQEVuEEWVEY;uJuMQuP`E;uPtPYD0 EU_^jh@FfHuuEu r3;|;r!c8IWWWWW%L1u&"8WWWWW%[PY}D0tuuuuEU8MMEEUGu YUEVW|Y;sQ<<u5=S]utHtHuSjSjSj3[ _^]UMS3;VW|[;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M1 3$jjZ9 P MM f9 rVW9 jt$9 V{FV9 t$m9 u_^9 D$pt$@U9 T 30 EVj9 [3jNPf0 EEP{uEj(Pua jEP9 u9 M3^kU9 T 30 EVj9 3jNPf0 EEPs{uEj(Puum jEP9 9 M3^jj71p9 0 ueN S`u9 EY9 pV9 VD$tVpY9 ^j/7o9 0 u~9 E3P& v S9 & & t9 j9 9 CP;r9 Ea& M9 '& PpV9 8D$tVlpY9 ^jBOo9 0 u u3u9 0 E 0 F0 F0 F9 ojBo9 0 u 30 E0 F0 F0 F9 E P9 9 oVj9 Kt$9 t$;^Vj9 .t$9 t$^jB n9 0 u) 30 F0 F0 F0 E9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
M13$jjZPMMfrVWjt$V{FVt$mu_^D$pt$@UT3EVj[3jNPfEEP{uEj(PujEPuM3^kUT3EVj3jNPfEEPs{uEj(Puum jEPM3^jj71pueN uEYpVVD$tVpY^j/7ou~E3Pv StjCP;rEaM'PpV8D$tVlpY^jBOouu3uEFFFojBou3EFFFEPoVjKt$t$;^Vj.t$t$^jBnu)3FFFEEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M339 E+0 ] HtHtD& 9 M;t
Ansi based on Dropped File
(~WRD0000.doc)
M33E+]HtHtDM;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m3@m*MMl3j@"v)9 MleVEPMMEjEPMEMEMEMM l3)j@"(9 MPleVEPMME jEPMEFME}MEqMMl3m)j@"(9 MkeVEPMMEjEPMEMEMEMM k3(j"(9 E-tMHtHt
Ansi based on Dropped File
(~WRD0000.doc)
m3@m*MMl3j@"v)MleVEPMMEjEPMEMEMEMMl3)j@"(MPleVEPMMEjEPMEFME}MEqMMl3m)j@"(MkeVEPMMEjEPMEMEMEMMk3(j"(E-tMHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m3Pj5(v030& (U9 (VW9 }9 & t:j(EjP2EPjh>E0 }& t9 E_^j`A#J'9 EPv@ 9 }33;t0 E9 Ehv0 ]0 E0 ]P0 E& M jhHM0 ]~EPEPEiYYM] 3GWE9 0 ePv9 }9 huP`9 }W9 }j69 S0 9 }h"!`9 }Sh: x9 }Sha9 }EPEP9 E9 M9 E+EW0 EE0 M9 }P9 }jX+EE;tdMM3GhvP0 E& MSjhME9EPEPEwhYYME>WE9 0 ePv9 }9 huP`9 }W9 }j9 S0 9 }hxG9 }Sh\9 }Shq9 }EPEP9 E9 M9 E+EW0 EE0 M9 }PR9 }jX+EE;t!MM]hvP0 E& MjhpMEEPEPE9gYYMEWE9 0 ePEv9 } 9 huP`9 } W}9 } j9 S0 9 } h 9 } Sh9 } Sh 39 } EPEP9 M9 E9 } 0 E9 E+EW0 EEPl9 9 }jX+EE;t MMhvP0 E& MjhM EEPE PEeYYM EWE9 0 ePv9 }S9 huP`9 }SW?9 }Sjw9 SS0 9 }ShS9 }SSh~9 }SSh9 }SEPEPJ9 M9 E9 }S0 E9 E+EW0 EEP.`9 }jX+EE;tSMM9 E9 M& P++MQ9 }."jH|#!9 WvP0 E|9 & j9 0 ejSSv9 }9 WuP`M=ejhXM&EPEPEddYYME+9 }9 URPP9 }j}l9 WPMMWvP0 E& : j9 0 ejSav9 }9 WuP`M jhMEjEPEPEcYYMEo9 }9 URPP9 }j}l9 WPMM5?!j.Z 9 j4hY9 0 M30 E;t0
Ansi based on Dropped File
(~WRD0000.doc)
m3Pj5(v030(U(VW}t:j(EjP2EPjh>E}tE_^j`A#J'EPv@33;tEEhv]E]PEMjhHM]~EPEPEiYYM]3GWEePvhuP`Wj6ShShShEPEPEME+EWEEMPjX+EE;tdMM3GhvPEMSjhME9EPEPEwhYYME>WEePvhuP`WjShGSh\ShqEPEPEME+EWEEMPjX+EE;t!MM]hvPEMjhpMEEPEPE9gYYMEWEePEvhuP`W}jShShSh3EPEPMEEE+EWEEPljX+EE;tMMhvPEMjhMEEPEPEeYYMEWEePvhuP`W?jwShShShEPEPJMEEE+EWEEP.jX+EE;tMMEMP++MQ."jH|#!WvPE|jejSSvWuP`M=ejhXM&EPEPEddYYME+URPPjlWPMMWvPEjejSvWuP`MjhMEjEPEPEcYYMEoURPPjlWPMM5?!j.Z j4hYM3E;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M4WVM}/M\tWWEPuMFMMaT<L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M9 E0hlMI-& uh`M'-& tuESu9 uPh : M-& t
Ansi based on Dropped File
(~WRD0000.doc)
M9 EME j,=eEP 3CM0 ]p& t9 Mjh|9 0 ]MMEiMEnME`9 EPhxMPVMq9 M& ujh|9 P EP#M0 ]EMEM]CME79 E>jWEPeM& uTMMEMEuMh9 ;PVMHMEMEiMMj}EPeM& t3MMl9 tMMEME*9 EPhM PVM& u!E9 uMEME9 j.}EPweMg& t3FMM9 }MlMEqME9 EPhMPVM=& uE9 uME4ME! jEPeM& uTMMEMEuMh9 qPVM~MEMExMMjEPIeM9& t3FMM9 M>MECME_9 EPhMPVM& uE9 uMEME! j_REPeM& uTMMEMEuMh9 CPVMPME9 MEqMMRj9 EPeM& t3FMMs9 {RMMEME19 EPhM~
Ansi based on Dropped File
(~WRD0000.doc)
M9 ESME|j,"xeEPg3CM0 ]U& t9 Mjh"!0 ]MMENMESSMEo9 EPh@MPVMV9 M& tEPjh*M0 ]ESMEM](ME9 E#xj<wEP& eMu& t3MM9 wMyME~: MEauMh@9 PVMM9 EN: ME4 Ul$ 30 & j v9 E3P0 u0& ;uthEVPjhEPEP4& ;tKjEPM0 u|9 Vh|MVhxM EP9 0
Ansi based on Dropped File
(~WRD0000.doc)
M9 kjWM0 ulMEl& tVVEPuM/~MMJk/9 <& t9 T$39 9 U9 QVW9 9 & tM9 }|@9E};ue9 D& t)p9 & uEPV@& t9 E& u3_^j$i"p.eM& & juj0 EEjPD9hEPM^PMSPu 9 ]9 }jEm2PM-PM"Pu 9 E9 ;E|9 Eu0 uMM0 .U9 SVWjEjP8h jj9 =Pu0 E9 u9 0 E9 "!j[FF+A9 N+;0 ~%9 F9 PQRPQu 9 F+uuu_^[U9 V9 }9 0 M& SW%30 E& ~m9 MSB& tZx9 "& uL!EEPW}@& t59 E0 EEPjh& tuEuP & uC;]| 3_[^9 E& t0 9 EU9 9 EV9 & t00 EEPjh& tjEP ^V9
Ansi based on Dropped File
(~WRD0000.doc)
M9 N 9 A0& u9 I4& u9 Ax9 A4& u9 @|U9 Q9 A4e9 M& ujh|9 $P9 EV9 UD$tVY9 ^V9 @D$tVY9 ^j*Q~9 0 u@23WN,0 ]LWNhEW}E/W}EW}EwW}PE
Ansi based on Dropped File
(~WRD0000.doc)
M9 T$B9 J3" S~M,MR9 T$B9 J3jS9 ~M,Ma9 T$B9 J3?SH`~Mz,M(
Ansi based on Dropped File
(~WRD0000.doc)
M9hMQMQMVVP$Pj(uWx_t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m: 0uuuuVh;}u;: "SSSSS&^[]9 U9 QQ9 EV9 u0 E9 EWV0 E! Y;ua9 9 JuMQuP` 0 E;uP& tPaY9 9 & D0 9 E9 U_^jh@FfH0 u0 u9 Eua ra9 9 3;|; r!ca0 8IaWWWWW%9 9 9 L1u&"a0 8aWWWWW%9 [PY0 }9 D0tuuuu0 E0 U"!"!0 8MME9 E9 UGu Y9 U9 9 EVW& |Y; sQ9 9 <9 <u5=S9 ]utHtHuSjSjSj 9 0 3["!"! _^]9 U9 9 MS3;VW|[;
Ansi based on Dropped File
(~WRD0000.doc)
M;b#}V>dyt[q~Dwlw+k@hhhhhhhhhhhhhhhhhhhhhhhZ6hhhhhhhhhh\b8KH]Nhhhhhh F3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]<`chhhhhGD?<4_.hhhhh f5aU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M;tjEPEPouEDP]u}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M;tjEPEPu;tjP;tj;tjEbES|E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M;tjEPEP}uEPP]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M<& tsSSM
Ansi based on Dropped File
(~WRD0000.doc)
M= M9 $`Et-FPjEPME~PMEaME EPM}aM9 & uMT`P9 atCMA+HPFVEPMPMEFaME M] :M] ME! 9 U9 V9 39 9 9 S && SWEPv@ 9 }SEPEP$9 ]+]9 }+}9 }SjS
Ansi based on Dropped File
(~WRD0000.doc)
M=M$Et-FPjEPMEPMEMEEPMMuMTPtCMA+HPFVEPMPMEFMEM]:M]MEUV3999&SWEPv@EPEP$]+]}+}jS
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m?6grWJz+{8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\ & & dE\PM
Ansi based on Dropped File
(~WRD0000.doc)
M\;& & E\PMh M87& h & HP9 t}PM\EHE
Ansi based on Dropped File
(~WRD0000.doc)
M\;E\PMhM87hHPt}PM\EHE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\`& uE\PMhh & P9 |PM\EaE
Ansi based on Dropped File
(~WRD0000.doc)
M\C& & E\PMhP M8?& 9 pt30 ET& S9 x9 & h@ 9 s& MLELPh 9 |& t
Ansi based on Dropped File
(~WRD0000.doc)
M\CE\PMhPM8?pt3ETSxh@sMLELPh|t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\M\PMhpM8tPXP~zPM\E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\uE\PMhhP|PM\EaE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\W$M\ZPMh M8NtNxPyPM\ExE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\W& & $M\ZPMh M8N& tN& xP9 yPM\ExE
Ansi based on Dropped File
(~WRD0000.doc)
M^MVMNMFM >M 69 T$B9 J3n9 `3npM9 T$B9 J3nhpMMMMM M29 T$B9 J3]n~pMM9 T$B9 J32n$SpM [vMeu~tYu tY9 T$B9 `|3mhp9 M'9 M, 9 M@9 MP
Ansi based on Dropped File
(~WRD0000.doc)
M^MVMNMFM>M6T$BJ3n3npMT$BJ3nhpMMMMMM2T$BJ3]n~pMMT$BJ32n$SpM[vMeutYutYT$B|3mhpM'M, M@MP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M_^3[+USVu3W};u;vE;t3E;tvMj^SSSSS0VuMSE9XfEf;v6;t;vWSV#L*L8]tMap_^[;t2;w,Lj"^SSSSS038]yE`pmE;t8]%E`pMQSWVjMQS]p;t9]^M;tPzD;g;_WSVLOUjuuuu|]3PPjPjh@hqdV5XttP|ttP^3t@tttt t#Vt#t;t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m_iLastMouseDownTime: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
m_pXmlDoc->load() return HRESULT 0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
m_pXmlDoc->save() returned HRESULT = 0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
M`M$MMMT$BJ3imoMMMMMT$BJ3&m3m:oM TMLT$BJ3lToM&MM$M4MDT$BJ3lxnM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
main.html
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
main_link
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
map/set<T> too long
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Max Display
Unicode based on Runtime Data
(WINWORD.EXE
)
MAX_SHOWED_MESSAGES
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MaxShowedMessages
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MDERMERMERM ERMERM`ES"MM'3@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MdM69 T$B9 `<3! h0 M! 9 T$B9 J3! 0 M0 9 T$B9 J3! 00 MM9M9 T$B9 J3\! l}0 M;MM! 9 T$B9 J3)! J0 MdM MM9 T$B9 `|3 0 9 M9 T$B9 J3 9 M9 T$B9 J3 D9 T$B9 J3! S9 M[9 M9 M$ 9 T$B9 J3N o9 Mw[9 M~9 T$B9 J3 AuSRYMQ9 T$B9 J3& @M.M&9 T$B9 J3& t! MMM9 T$B9 J3" & ! 9 M2S9 MM#Mk9 T$B9 J3W& x! u9 Yu9 Y9 T$B9 J3(& (I! u9 Yua9 YM9 T$B9 J3 d! 9 M,9 M!9 M 9 T$B9 J3 M MM?9 T$B9 J3& Mdu`Y9 T$B9 J3X y 9 MQ9 M9 T$B9 J3* DK Me"M]"MMM9 T$B9 J3 9 Mr0 9 T$B9 J3& 9 Mx9 T$B9 J3& 9 M9 M9 M9 T$B9 J3g& MMaMM `M0 M0zM@r9 T$B9 J3@5& MOMGM9 E e9 M'9 T$B9 J3 M9 T$B9 J3 MMM tM9 E e9 M9 T$B9 J3Q r MRM 9 T$B9 J3& hG MaMYM9 T$B9 J3 MM&9 T$B9 J3M9 E e9 M|>MM9 T$B9 `x3nhDjj& \P 9 T$B9 `X3/9 `3"XCM]MMM9 E e9 M59 T$B9 J3 S M9 E e9 MMMM 9 T$B9 J3 MM9 T$B9 J3W x M 6MM MzMr9 T$B9 `|3 @2 MLMDM<M4M,MdM\M0MLM 9 T$B9 J3RMMM QMMM}9 M9 T$B9 J3StM}MM~MvMn9 T$B9 JR3\1MKMMT M 3M+MD#M4M9 T$B9 J3~ MMMM4MM9 T$B9 J 3j~9 MIMTM<MMM,}9 T$B9 J3~`@ 9 T$B9 J3~% 9 M59 T$B9 J3} 9 E e9 MM9 T$B9 J3}H9 M9 M ~9 T$B9 J3w}|9 M 9 M9 T$B9 J3I}j9 E e9 Mt
Ansi based on Dropped File
(~WRD0000.doc)
MdM6T$B<3hMT$BJ3MT$BJ30MM9MT$BJ3\l}M;MMT$BJ3)JMdMMMT$B|3MT$BJ3MT$BJ3DT$BJ3M[MM$T$BJ3NoMw[M~T$BJ3 AuYMQT$BJ3@M.M&T$BJ3tMMMT$BJ3M2SMM#MkT$BJ3WxuYuYT$BJ3((IuYuYMT$BJ3dM,M!M T$BJ3MMM?T$BJ3MduYT$BJ3XyMQMT$BJ3*DKMe"M]"MMMT$BJ3MrT$BJ3MT$BJ3MMMT$BJ3gMMMM M0M0zM@rT$BJ3@5MOMGMEeM'T$BJ3MT$BJ3MMMtMEeMT$BJ3QrMMT$BJ3&hGMaMYMT$BJ3MM&T$BJ3MEeM|>MMT$Bx3nhDjj\PT$BX3/3"XCM]MMMEeM5T$BJ3MEeMMMMT$BJ3MMT$BJ3WxM6MMMzMrT$B|3@2MLMDM<M4M,MdM\M0MLM T$BJ3MMMQMMM}MT$BJ3StMMM~MvMnT$BJ3\1MKMMTM 3M+MD#M4MT$BJ3~MMMM4MMT$BJ3j~MIMTM<MMM,}T$BJ3~`@T$BJ3~%M5T$BJ3}EeMMT$BJ3}HMM T$BJ3w}|MMT$BJ3I}jEeMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME LM0 uLVhMxRVh`ME"`REPEPS9 E#ME"}LM0 uLVhMQRVh`ME$<REPEPS9 E%qME$@LM0 u5LVh`MRVE&h(`MQEPEPS9 E'#ME&KM0 uKVhMQVh0 ME(QEPEPS9 E)ME(KM0 u"!KVhXMgQVh8}ME*RQEPEPS9 E+! ME*VKM0 uKKVhMQVh}ME,QEPE-EPS9 9ME,KM0 uJVhMPVhME.PEPEPS9 E/ME.JM0 uJVhM}PVh`ME0hPEPEPS9 E1ME0lJM0 uaJVh M/PVh ME2PEPEPS9 E3OE2MJM0 uJVhMOVh ME4OEPEPS9 E5ME4IM0 uIVh8 M OVhHME6~OEPEPS9 E7ME6 IM0 uwIVhMEOVhME80OEPEPS9 E9eME84IM0 u)IVhpMNVhME:NEPEPS9 E;ME:HM0 uHVhMNVh`ME< NEPEPS9 E=ME<HM0 uHVhM[NVhME>FNEPEPS9 E?{ME>JHM0 u?HIj.b9 >u jkY9 0 Me& t30 9 VSW9 289 9 *9 G_^& tt$9 t$9 L$h|9 I& t9 3"!& t
Ansi based on Dropped File
(~WRD0000.doc)
ME LMuLVhMRVhME"REPEPSE#ME"LMuLVhMQRVhME$<REPEPSE%qME$@LMu5LVh`MRVE&h(MQEPEPSE'#ME&KMuKVhMQVhME(QEPEPSE)ME(KMuKVhXMgQVh8ME*RQEPEPSE+ME*VKMuKKVhMQVhME,QEPE-EPS9ME,KMuJVhMPVhME.PEPEPSE/ME.JMuJVhM}PVh`ME0hPEPEPSE1ME0lJMuaJVhM/PVhME2PEPEPSE3OE2MJMuJVhMOVhME4OEPEPSE5ME4IMuIVh8MOVhHME6~OEPEPSE7ME6IMuwIVhMEOVhME80OEPEPSE9eME84IMu)IVhpMNVhME:NEPEPSE;ME:HMuHVhMNVh`ME<NEPEPSE=ME<HMuHVhM[NVhME>FNEPEPSE?{ME>JHMu?HIj.b>u jkYMet3VW28*G_^tt$t$L$h|It3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME#ME"ME"MEMM 3@j4 9 39]tK9]tFjuM& (EPEP9 0 ]0ME& t!M]|"MMp"3xMjuME)(ME& tME1"MESMMEj9 E9 0 ePQ+METPWMEM9 E ME!MEpM]!MM!9 .jP eEP83CM0 ]3MEOM9 ME!EPMEPWMjM" 9 e0 E& ~xuM!9 & t\EPM`*9 EdPMm)j9 0 eu:*ME=PWMEq& ucME E9 E;E|9 Mjh|9 {&0 ]ME%ME:M]=MEm 9 Et 9 MV)M0 ]EJ U9 Q9 Mejh
Ansi based on Dropped File
(~WRD0000.doc)
ME#ME"ME"MEMM3@j439]tK9]tFjuM(EPEP]0MEt!M]|"MMp"3xMjuME)(MEtME1"MEMMEjEePQ+METPWMEMEME!MEpM]!MM!.jPeEP83CM]3MEOMME!EPMEPWMjMeE~xuM!t\EPM`*EdPMm)jeu:*ME=PWMEqucME EE;E|Mjh|{&]ME%ME:M]=MEm EtMV)M]EJ UQMejh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME&EPhlMPVMtuk<<u|N~uMEMEMMnjmuEPeeMXME]MEyEPh$MPVM2u!EuME$ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME&S9 EPhlM PVM& t9 uk<<0 u|N~0 uME MExMM9 njmuEPeeMXME] MEy: 9 EPh$MPVM2& u!E9 uME$ ME
Ansi based on Dropped File
(~WRD0000.doc)
ME/9 & u9 Mjh|9 X0 ] u9 h9 M& u9 MSPh9 9 M& u9 M SPh9 M: EPME"!
Ansi based on Dropped File
(~WRD0000.doc)
ME/uMjh|X]uhMuMPhMuMPhMEPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME0hlMI-uh`M'-tuEuuPhM-t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME4R9 <V9 9 D$tVXY9 ^j@;9 VhMWeVh~MW9 ]EPEPS9 EMEQM0 uQVhMWVhXMEjWEPEPS9 ExMEnQM0 ucQVhpM1WVhMEWEPEPS9 EQME QM0 uQVh\MVVhMEVEPEPS9 EMEPM0 uPVh0M" VVhPME VEPEPS9 EME PM0 uyPVhMGVVhME
Ansi based on Dropped File
(~WRD0000.doc)
ME4R<VD$tVXY^j@;VhMWeVhMW]EPEPSEMEQMuQVhMWVhXMEjWEPEPSEMEnQMucQVhpM1WVhMEWEPEPSEQME QMuQVh\MVVhMEVEPEPSEMEPMuPVh0MVVhPMEVEPEPSEMEPMuyPVhMGVVhME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEePgMMEMEME@MEM]Mu3@1ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MeEPMMEEPMMEheMEFEPME7nEPMEPMPM<Tju5hMEvME.FMEeMERMMF3@0hHSj`MM%h Sjx`3"j4!hWjK`jhXMu ]ueSuEPNPutf;ush<Wj_MM!Vhhj_v(tjh5(v(3@^j>e M~u3Mu"M;uM-3!_;uMM>ME~2EPVMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEfDM0 E
Ansi based on Dropped File
(~WRD0000.doc)
MEFUMt2}u tutBe>< t<uFN>}tEE3C3FA>\t>"u&u}tF8"u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEIMM IVD$tVY^jGuN<!@eN@N$E@N4E?NDE?j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEjEPjEP4hu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEM]aMM}3 Uhj,Y69 M3M0 ]qM;&
Ansi based on Dropped File
(~WRD0000.doc)
MEM]MM3Uhj,Y6M3M]qM;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEME%9 EPh,M #PVM9 uMEMEMM+9 UljHEHP3MH0 ]P$& t#MMH+39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
MEME%EPh,M#PVMuMEMEMM+UljHEHP3MH]P$t#MMH+3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEMEj,=eEP3CM]ptMjh| ]MMEiMEnMEEPhxMPVMqMujh|P EP#M]EMEM]CME7E>jWEPeMuTMMEMEuMh;PVMHMEMEiMMjEPeMt3MMltMMEME*EPhMPVMu!EuMEMEj.EPweMgt3FMMMlMEqMEEPhMPVM=uEuME4MEjEPeMuTMMEMEuMhqPVM~MEMEMMjEPIeM9t3FMMM>MECME_EPhMPVMuEuMEMEj_EPeMuTMMEMEuMhCPVMPMEMEqMMjEPeMt3FMMs{MMEME1EPhM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEMEuMh9 C$PVMPM9 E0 MEo
Ansi based on Dropped File
(~WRD0000.doc)
MEMEuMhC$PVMPMEMEo
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEME|j,"xeEPg3CM]UtMjh]MMENMESMEoEPh@MPVMVMtEPjh*M]EMEM](MEE#xj<wEPeMut3MMwMyME~MEuMh@PVMMENME4Ul$3jvE3Pu0;uthEVPjhEPEP4;tKjEPMu|Vh|MVhxMEP0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
mEMu0 W4VWV9 W49W0t$9 M0 O 9 M0 O9 M0 N9 M9 +0 ^Phj=PP: QQ|RR STTwTU9 ,SV9 u9 V4W9 }9 G9 0 E9 F 0 E9 F0 E9 F00 U;s
Ansi based on Dropped File
(~WRD0000.doc)
mEMuW4VWVW49W0t$MO MOMNM+^Phj=PPQQ|RRSTTwTU,SVuV4W}GEF EFEF0U;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEOM0 uOVhMUVhME UEPEPS9 EMEaOM0 uOVh M]UVhP9 MEHUEPEPS9 E}MELOM0 uAOVh MUVhMETEPEEPS9 /MENM0 uNVhxMTVh METEPEPS9 EMENM0 uNVhDMsTVhME^TEPEPS9 E MEbNM0 uWNVh8M%TVhMETEPEPS9 EEMENM0 uNVh,MSVhHMESEPEPS9 EMEMM0 uMVhM0 SVhMEtSEPEPS9 EMExMM0 umMVhM;SVhpME&SEPEPS9 E[ME*MM0 uMVhMRVhME REPEPS9 E!
Ansi based on Dropped File
(~WRD0000.doc)
MEOMuOVhMUVhMEUEPEPSEMEOMuOVhM]UVhPMEHUEPEPSE}MELOMuAOVhMUVhMETEPEEPS/MENMuNVhxMTVhMETEPEPSEMENMuNVhDMsTVhME^TEPEPSEMEbNMuWNVh8M%TVhMETEPEPSEEMENMuNVh,MSVhHMESEPEPSEMEMMuMVhMSVhMEtSEPEPSEMExMMumMVhM;SVhpME&SEPEPSE[ME*MMuMVhMRVhME REPEPSE!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEPEPEPE|;nM^MEPMJjh(7M2pVA
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEPVM]EM]MEEVt$t[~tUNP uNt3@7NPltL$V;Nt$Pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Message not found. Message type: %d, Message Id: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MESSAGE_SHOW_TIME_SS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MessageAppearTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MessageBoxA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MET9 MP]MM3@yjQx9 M PEPu 9 & u
Ansi based on Dropped File
(~WRD0000.doc)
METMP]MM3@yjQxM PEPuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME}IMM IRV9 D$tVY9 ^jG9 9 0 uN<!@eN@N$E@N4E?NDE?j
Ansi based on Dropped File
(~WRD0000.doc)
Mf1uj0j1V@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MH#PhPM]MxEP/MEMEMHEMEsMEgME[MEOM EC<E"M0])MXuMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MhSj!}uMdeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Microsoft Visual C++ Runtime Library
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Mj2rMM([|jH^]u]urttjq3V'}f'}fVEP>zeM*WkS]eYYEtWYveE}}E3D=Pu'YYv;s}Gr}uE]+}Eu}jEP;Put}]}]E\3E}EWPYYtWh|'EjP1]EEPuuV1EPE]FuWYM3;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MkjWMulMEltVVEPuM/~MMJk/<tT$39UQVWtM}|@9E};ueDt)puEPV@tEu3_^j$i"p.eMjujEEjPD9hEPM^PMSPu]}jEm2PM-PM"PuE;E|EuuMM.USVWjEjP8hjj=PuEuEj[FF+AN+;~%FPQRPQuF+uuu_^[UVMSW%3E~mMSBtZx"uL!EEPW@t5EEEPjhtuEuPuC;]|3_[^EtEUEVt0EEPjhtjEP^V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ML2M9 T$B9 J3M!2M2MM9 T$B9 J3tM1M1MRM 9 T$B9 J3p M1M1MQMW9 T$B9 J35VMp1MM$9 T$B9 J38#M=1M51MM9 T$B9 J3|MH1MP6MlMdM(0M0M(6MM0M809 T$B9 J3\}M 09 E e9 M0Mv0M$M*M^09 T$B9 J3!M;0M30MM#0M9 T$B9 J3xhM/MM~9 T$B9 J3`xM/M/MkMq9 T$B9 J3OxpM@MFMz/Mr/Mj/9 T$B9 J3x4-MG/M?/MM//M9 M/9 T$B9 J3~ M.MMM:4M.9 M.9 E e9 M.9 T$B9 J3]~~M.9 E e9 M .Mw.9 T$B9 J3~H:MT.9 E e9 M<.M3.MM9 T$B9 J3lxM.MM9 T$B9 J3 xM 9 T$B9 J3oxM-M-M^MH9 T$B9 J34@UxMo-Mg-9 E e9 MO-MS2M
Ansi based on Dropped File
(~WRD0000.doc)
ML2MT$BJ3M!2M2MMT$BJ3tM1M1MMT$BJ3pM1M1MQMWT$BJ35VMp1MM$T$BJ38#M=1M51MMT$BJ3|MH1MP6MlMdM(0M0M(6MM0M80T$BJ3\}M0EeM0Mv0M$M*M^0T$BJ3!M;0M30MM#0MT$BJ3hM/MMT$BJ3M/M/MkMqT$BJ3OpM@MFMz/Mr/Mj/T$BJ34-MG/M?/MM//MM/T$BJ3M.MMM:4M.M.EeM.T$BJ3]~M.EeM.Mw.T$BJ3H:MT.EeM<.M3.MMT$BJ3lM.MMT$BJ3MT$BJ3oM-M-M^MHT$BJ34@UMo-Mg-EeMO-M2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM.-9 T$B9 J3Sd~M-M-M
Ansi based on Dropped File
(~WRD0000.doc)
MM.-T$BJ3dM-M-M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM0 }: MEMEMEw9 ]C EMthss] EPEPM1%FPPM MPM!EPM M" PM~!MEPME;uTPMMEMEMEMEMEMM{h h!M
Ansi based on Dropped File
(~WRD0000.doc)
MM3@DME3 MEME" fM]MMp3Bj!A9 MzE3P9 0 ];tFM& u:SM tSuESPMEtM]oMME3@MM43<BUljdQA9 MHj3hMX0 ]jh MEEXPEPEHP9 EsM9 EMX];u#MMH39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
MM3@DME3 MEMEfM]MMp3Bj!AMzE3P];tFMu:SMtSuESPMEtM]oMME3@MM43<BUljdQAMHj3hMX]jhMEEXPEPEHPEsMEMX];u#MMH3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM3hhHu63MEMEMEMMxVjEPMMPE MEjFVEPMMPEME_3Fsj&feEP3FMutMjh|h$MMEPYMuEEfj&feEPx3FMuFtMjh|*M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM9 3hhH9 u63MEMEMEMMx9 9 VjEPM9 MPE MEjFVEPM 9 MPEME_3Fsj& feEP3FM0 u& t9 Mjh|9 h$M 9 MEPYM0 uE9 Efj&feEPx3FM0 uF& t9 Mjh|9 `*9 M
Ansi based on Dropped File
(~WRD0000.doc)
MM9 oEP9 hXMEu-& tESP9
Ansi based on Dropped File
(~WRD0000.doc)
MM9 T$B9 J3Doeq9 E e9 MoMf
Ansi based on Dropped File
(~WRD0000.doc)
MM9 |FjPuDWM
Ansi based on Dropped File
(~WRD0000.doc)
MMa3@V0t30W|$t$tWIthhj&3_^WWt.:tWu3@j<uhLMKE$3P]MM3SGWM>Ch<MKEP}MMSWM>Ch MKEPEMMSWM>ChM]KEPE^MMSWM>YChM*KEPE+MMSWM>&ChMJEPELMSWM>BhMJEPELMSWM>BhhMJEPELMSWM>BhXM^JEPE_LMSWM>ZBhM+JEPE,LMSWM>'BhMIEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMa3@V9 0t30W9 |$& t$tWI& thhj&3_^W9 W9 & t.:tW9 u3@j<9 0 uhLMKE$3P9 0 ]MM3SGWM>Ch<MKEP9 0 }MMSWM>Ch MKEP9 E MMSWM>RChM]KEP9 E^MMSWM>YChM*KEP9 E+MMSWM>&ChMJEP9 ELMSWM>BhMJEP9 ELMSWM>BhhM JEP9 E LMSWM>BhXM^JEP9 E_LMSWM>ZBhM+JEP9 E,LMSWM>'BhMIEE
Ansi based on Dropped File
(~WRD0000.doc)
MMH9 PnjimuEPYeMx& t3MM9 nMME MEauMh9 2PVM?M9 Ex ME^ jluEPeM& t3MMp9 xmMME ME,auMh9 aPVMM9 EME j9luEP)eMo& t3MM9 lMsMExME "!uMh9 PVMM9 EHME. j kEP9 MePMMH9 M& t39 Mh3@2ljNKkeeu9 MehEd9 EkjkEP9 Me&PM/M\MEaME}uMu9 PVMqM9 E3MEMMW9 _kjxjEP9 Me PM: MME}ME uMu9 YPVMM9 Ex}ME& MM9 jjiEP 9 MePMM4ME9}MEU M9 PVMM9 E}MEMM59 =jjViEPeMMEME uM9 KPVMM9 E MEwMM9 ijhjj4 & tt$t$t$Pj8h9 EPMehM/uM(M0 EEPMNEP9 Eb}EtVM & uJMREPME\PMSPMauuuh8 MERMEMEMMhjDg9 M@ReEP9 EPME~ME7EPMEPMPMM& u7E%MEME
Ansi based on Dropped File
(~WRD0000.doc)
MMHPnjimuEPYeMt3MMnMMEMEuMh2PVM?MExME^jluEPeMt3MMpxmMMEME,uMhPVMMEMEj9luEP)eMot3MMlMsMExMEuMhPVMMEHME.jkEPMePMMHMt3Mh3@2ljNKkeeuMehEdEkjkEPMe&PM/M\MEaME}uMuPVMqME3MEMMW_kjxjEPMePMMMEMEuMuYPVMMEMEMMjjiEPMePMM4ME9MEUMPVMMEMEMM5=jjViEPeMMEMEuMKPVMMEMEwMMijhjj4tt$t$t$Pj8hEPMehM/uM(MEEPMNEPEb}EtVMuJMEPME\PMSPMuuuh8MEMEMEMMhjDgM@eEPEPME~ME7EPMEPMPMMu7E%MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMjh|9 9 "!9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
MMMML9 T$B9 J3SM{9 T$B9 J3y4aMXuY9 T$B9 J3Lhmu YM!MuLM$mLMeLM4]LMDULMDMLMDELMT"9 T$B9 J3RM-#MLMMLMK9 T$B9 J3SM{,8+M 9 T$B9 `(3cd MBM&9 T$B9 J38YMsKxM`KMXKMPKMHKuY9 T$B9 `t3uYYM9 T$B9 J3(MJM! MX!M\JMJMJM JuTYuTYMxJM8 J8RJJXvJkJx`JUJhJJH?J(4J)JM!JMJ9 T$B9 `3LM <T)u!Y9 T$B9 `83}@~M#9 T$B9 J3Zl{M" WM19 T$B9 J3/P9 MgI9 T$B9 J3*9 MW9 T$B9 J39 MW9 MI9 MI9 M,I9 M<H9 MPH9 M`H9 Mp\9 MH9 MH9 MN9 MSH9 M}H9 M H9 MrH9 MdH9 M,VH9 T$B9 J3M3HM+HM#HMH9 T$B9 J3MGMGMGMG9 T$B9 J3 ,MGMGMGMGMRGMS" G9 T$B9 J37PXMrGMjGMbGMZGMSRG9 T$B9 J39 M/G9 M$G9 M$G9 M4G9 MDYL9 T$B9 J39 E e9 MFMFMFMFMF9 T$B9 J3Q<rMRFM F9 T$B9 J3&GMaFMYFMQFMIFMSAFMR9F|.F9 T$B9 `x3MFMFMEME9 T$B9 J3 89 M%{9 T$B9 J3oduY9 T$B9 J3JkMN9 T$B9 J3'H9 Mq9 T$B9 J3%MuxYunYudY9 T$B9 J3,Muu7Yu-Y9 T$B9 J3Rh9 M9 T$B9 J3f ! MEM"!DM R9 T$B9 J 33T9 M$-9 MD"Mu Y9 T$B9 J3$MIMMDuTY9 T$B9 JR3hM MCMC9 T$B9 J3 MCuY9 T$B9 J3St9 M}C9 T$B9 J30QM~McCM[CMSCMKQM9 T$B9 J3(9 M$9 MD9 T$B9 J3 MR MBu YMy9 T$B9 J3wMRVMsMBMaBMVuYuY9 T$B9 J3 AMnMSB9 E eM;B9 E eM"B9 T$B9 J3 MMMAMAuY9 T$B9 J 3~xuYuY9 T$B9 J3OpM.u,YMM0pAMPhAM@`Aul"!Y9 T$B9 J3$M9 T$B9 J3MAuIY9 T$B9 J3M@M@MRwMM@9 T$B9 J3e MM@9 T$B9 J3:<[MM`m@M0e@M@]@MU@M M@ME@p(MP2@MP*@MP"@MP@9 T$B9 `l3`M9 E e9 M?M?M?M?9 T$B9 J3e M?9 E e9 M?MMw?9 T$B9 J3P:MT?9 T$B9 J3|M1?M9 T$B9 J3uGYu=YM>9 T$B9 J3 MX>M>M0><M >M>MS>M >MR>MH >M|>M t>Ml>Md>M \>9 T$B9 `83M]uoYM$>MSrCMh M>9 T$B9 J3MM=M/CM% M=9 T$B9 J3kRM=M4~=M =MD}=M =M ~=MMn=Mf=M^=up Y9 T$B9 J 3LM1=M)=9 T$B9 J3M\BMRM<9 T$B9 J3uu"!YY9 T$B9 J3otuupYY9 T$B9 J3FgM<My<Mq<Mi<uYuY9 T$B9 J3M 2<M*<M"<M<M<|]A9 T$B9 `x3LM"9 T$B9 J3M"9 T$B9 J3`9 M9 T$B9 J3=<^uu>YY9 T$B9 J3S5MO;9 T$B9 J3M,;MxM 9 T$B9 J3Mt9 T$B9 J3: 0M:M:M:M b9 T$B9 J3`tM: :M :M9 :M:M?9 T$B9 J 3>9 M: 9 M! 9 My9 M9 M9 T$B9 J39 M^: 9 M,9 M9 M9 T$B9 J3uP uYM9M~9uY9 T$B9 J36 WMaMYMQMIMAM9M1M)M!MMMM9 T$B9 J3M8M`M89 T$B9 J3 9 `3s\ M8M!}9 T$B9 J3HiM9 T$B9 J3%FMMX8M9 T$B9 J3M-8ufY9 T$B9 J3,MM7u1Y9 T$B9 J3hMoM7M7M7M79 T$B9 J 3MRnuYM"Mv7uY9 T$B9 J3/9 MV9 T$B9 J3$9 M0M7MSM7uAY9 T$B9 J3HM6M6M6M6M6M6M6M6M: 6M 6M9 6M6M{6Ms6Mk6Mc6M[6MS6MK6MC6M;6M36M+6M#6M6M6M6M6M5M5M5M5M5M5M5M5M5M5M5M5M: 5M 5M9 5M5M{5Ms5Mk5Mc5M[5MS5MK5MC5M;5M35M+5M#5M5M5M5M5M4M4M4M49 T$B9 J3& MB9 T$B9 J3bMaM" 49 E e9 M}4M89 T$B9 J37MQ49 E e9 M94M9 T$B9 J3@MM49 E e9 M39 T$B9 J3}|M39 E e9 M39 T$B9 J3RsMQM& 39 T$B9 J3'HM&MZ39 T$B9 J3M739 E e9 M3M39 T$B9 J3TM2M2M"!Mx9 T$B9 J3}~M29 E e9 M2M 2MEMK9 T$B9 J3)JMd2M\2M
Ansi based on Dropped File
(~WRD0000.doc)
MMMMLT$BJ3M{T$BJ3y4MXuYT$BJ3Lhmu YM!MuLM$mLMeLM4]LMDULMDMLMDELMT"T$BJ3M-#MLMMLMKT$BJ3M{,8+M T$B(3cdMBM&T$BJ38YMsKxM`KMXKMPKMHKuYT$Bt3uYYMT$BJ3(MJMMX!M\JMJMJM JuTYuTYMJM8J8JJXvJkJx`JUJhJJH?J(4J)JM!JMJT$B3LM<T)u!YT$B83}@M#T$BJ3Zl{MWM1T$BJ3/PMgIT$BJ3*MWT$BJ3MWMIMIM,IM<HMPHM`HMp\MHMHMNMHMHMHMrHMdHM,VHT$BJ3M3HM+HM#HMHT$BJ3MGMGMGMGT$BJ3,MGMGMGMGMGMGT$BJ37PXMrGMjGMbGMZGMRGT$BJ3M/GM$GM$GM4GMDYLT$BJ3EeMFMFMFMFMFT$BJ3Q<rMFMFT$BJ3&GMaFMYFMQFMIFMAFM9F|.FT$Bx3MFMFMEMET$BJ38M%{T$BJ3oduYT$BJ3JkMNT$BJ3'HMqT$BJ3%MuxYunYudYT$BJ3,Muu7Yu-YT$BJ3hMT$BJ3fMEMDMRT$BJ33TM$-MD"MuYT$BJ3$MIMMDuTYT$BJ3hMMCMCT$BJ3MCuYT$BJ3StMCT$BJ30QM~McCM[CMSCMKQMT$BJ3(M$MDT$BJ3MMBu YMyT$BJ3wMVMsMBMBMVuYuYT$BJ3 AMnMSBEeM;BEeM"BT$BJ3MMMAMAuYT$BJ3~uYuYT$BJ3OpM.u,YMM0pAMPhAM@`AulYT$BJ3$MT$BJ3MAuIYT$BJ3M@M@MwMM@T$BJ3eMM@T$BJ3:<[MM`m@M0e@M@]@MU@M M@ME@p(MP2@MP*@MP"@MP@T$Bl3`MEeM?M?M?M?T$BJ3eM?EeM?MMw?T$BJ3P:MT?T$BJ3|M1?MT$BJ3uGYu=YM>T$BJ3MX>M>M0><M >M>M>M>M>MH>M|>Mt>Ml>Md>M\>T$B83M]uoYM$>MrCMhM>T$BJ3MM=M/CM%M=T$BJ3kM=M4=M=MD=M=M ~=MMn=Mf=M^=upYT$BJ3LM1=M)=T$BJ3M\BMRM<T$BJ3uuYYT$BJ3otuupYYT$BJ3FgM<My<Mq<Mi<uYuYT$BJ3M2<M*<M"<M<M<|]AT$Bx3LM"T$BJ3M"T$BJ3`MT$BJ3=<^uu>YYT$BJ35MO;T$BJ3M,;MMT$BJ3MtT$BJ30M:M:M:MbT$BJ3`tM:M:M:M:M?T$BJ3>MMMyMMT$BJ3M^M,MMT$BJ3uPuYM9M9uYT$BJ36WMaMYMQMIMAM9M1M)M!MMMMT$BJ3M8MM8T$BJ33s\M8M!T$BJ3HiMT$BJ3%FMMX8MT$BJ3M-8ufYT$BJ3,MM7u1YT$BJ3hMoM7M7M7M7T$BJ3MnuYM"Mv7uYT$BJ3/MVT$BJ3$M0M7MM7uAYT$BJ3HM6M6M6M6M6M6M6M6M6M6M6M6M{6Ms6Mk6Mc6M[6MS6MK6MC6M;6M36M+6M#6M6M6M6M6M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M{5Ms5Mk5Mc5M[5MS5MK5MC5M;5M35M+5M#5M5M5M5M5M4M4M4M4T$BJ3MBT$BJ3bMaM4EeM}4M8T$BJ37MQ4EeM94MT$BJ3@MM4EeM3T$BJ3|M3EeM3T$BJ3RsMQM3T$BJ3'HM&MZ3T$BJ3M73EeM3M3T$BJ3TM2M2MMT$BJ3}M2EeM2M2MEMKT$BJ3)JMd2M\2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMMMMMMMMMMMwT$BJ3l:nMQMFM$;M40MH%MXMhMxMMMMMMM^T$BJ3JkPkmMMwM$lM4aMHVMXKMh@Mx5M'MMMMT$BJ3jlMMM$M4MHMXMhMx|MnM`MRMDM6M(T$BJ3ixkMMM$M4MDMTT$BJ3mikMMMMMMMxMpEeMXT$BJ3h`kM4M,M $MMMMup=oYM@M0MMMT$BJ3thjM tMMMMuxnYM0rMjd_MWMOMDGM?M7T$B`3gXiMMhMT$BJ3giMMT$BJ3xg@i\MMMMMT$BJ3*g\3gd>iMKM(T$BJ3f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMMMMMMxM MM! MMw9 T$B9 J3l:n9 MQ9 MF9 M$;9 M409 MH%9 MX9 Mh9 Mx9 M9 M9 M9 M9 M9 MM^9 T$B9 J3JkPkm9 M 9 Mw9 M$l9 M4a9 MHV9 MXK9 Mh@9 Mx59 M'9 M9 M9 M9 M9 T$B9 J3 jl9 M9 M9 M$9 M49 MH9 MX 9 Mh! 9 Mx|9 Mn9 M`9 MR9 MD9 M69 M(9 T$B9 J3ixk9 M9 M9 M$9 M49 MD9 MT 9 T$B9 J3mi}kMMMMMM MxMp9 E eMX9 T$B9 J3h`kM 4M,M $MMMMup=oYM@M0M MM9 T$B9 J 3th" jM tMSM M RM uxnYM0rMjd_MWMOMDGM?M79 T$B9 ``3gXiMMShM9 T$B9 J3giMM9 T$B9 J3xg@"!i\MMM MM9 T$B9 J3*g9 `\3gd>i9 MK9 M(`9 T$B9 J3f
Ansi based on Dropped File
(~WRD0000.doc)
MMoEPhXMEu-tEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMqMq9 T$B9 J3 L9N9 M9 T$B9 J3tL:" N9 M~9 M,r9 T$B9 J3FLP:gNM79 T$B9 J3#L|:DNM^M9 T$B9 J3K:N9 M"9 M,(9 MDPl9 M`"g9 MtHr9 MM9 T$B9 J3 K:MMEl9 T$B9 J3pK8; M9 Ma9 M,9 MDk9 M`af9 Mtq9 Mq9 T$B9 J3K\;4MMl9 T$B9 J3J;M9 M9 T$B9 J3J;L9 Mj9 M/9 T$B9 J3xJ(<LMMM9 T$B9 J3lJd<L9 E e9 M M}9 T$B9 J30J<QL9 M^9 M$]9 T$B9 J3I< LM:M2ukPY9 T$B9 J3I=K9 E e9 MM9 T$B9 J3}I<=K9 M9 M$9 T$B9 J3]Ip=~KMSM9 T$B9 J32I=SKMm9 T$B9 J3I=0K9 MWd9 M29 T$B9 J3H>JuZOY9 T$B9 J3H0>J9 Mc9 M9 T$B9 J39 Hd>J9 Ma(9 T$B9 J3hH>0 JM9 T$B9 J3EH>fJM 9 T$B9 J3"H>CJ9 Mk9 M _c9 T$B9 J3G?J9 T$B9 J3GCIhbY"!h@QYah@Y"!h/YaSam|h}uHY"!hu HYhYah@Y: hYahYahY<: h@YD: hRY8: h{Y@: hjYL: h@YYT: hHYH: h7YP: h&Y`: h@Yh: hY\: hYd: hYSh@YShYShYSh~YPSh@YXSh|YLShkYTShZYSh@IYSh8YSh'YShYSh@YShYShYSjh|9 SThuWFYhYh@Y4h Yh Y0S:ehuEYhuEYhuEYh9Yxh@(Y hYthY|hYphYh@YhYhYhYS~h@Y~h~Y~hmY~h\Y~h@KY~h:Y~h)Y~hY~h@Y~hY~hY~hYxh@YxhY~hYxhYDxh@YLxhnY@xh]YHxhhLYPxh;YRxh@*Y xhYxhYxhYxh@YxhYxhYxhYh@Yh Yh YhoY$h@^Y,hMY h<Y(h+Yth@Y|hYphYx LShusBYhY0 ahuLBYhYh@"!YhYhwYhfYh@UYhDYh3Yh,jhuAYh jhu}AYh(Y(hTY,j0ihuTAYjh|9 4hv7AYjh|9 hvAYtA`hvAYjhh$v@Yh8EYjh `h.v@Y|xjh2h8v @Yh83YhhhBvP@Yjh,R0hLv3@YSas"!S*SS_l8{ "!!_%e e0et^`~ d \9 \EeTdpddddde*e>eLe^ere e eefe8deeeW ~[[["[@[V[l[`[V,ddddcccccccac`ctcbcPcDc:cVVVVV VxVfVZVPVDV0V$VVVUUU(U<ULUbUvU U UUUUUTTTbc,c]]bbbb b brb`bNb>b]a].bbbbaa]]]^^aaaaRaraZa@a.aaa``````S```z`n```T`B`2`$``_____a_`_~_j_R_@_(___^^^^^^^ ^^8^J^^^r^[[[ ][\\.\:\H\V\l\ \\~\\\\\\](]@]X]p] ^ : " W$fW8fWW*ZZ
Ansi based on Dropped File
(~WRD0000.doc)
MMqMqT$BJ3L9NMT$BJ3tL:NMM,rT$BJ3FLP:gNM7T$BJ3#L|:DNM^MT$BJ3K:NM"M,(MDPlM`"gMtHrMMT$BJ3K:MMElT$BJ3pK8;MMM,MDkM`fMtqMqT$BJ3K\;4MMlT$BJ3J;MMT$BJ3J;LMjM/T$BJ3J(<LMMMT$BJ3lJd<LEeMMT$BJ30J<QLM^M$]T$BJ3I< LM:M2ukPYT$BJ3I=KEeMMT$BJ3I<=KMM$T$BJ3]Ip=~KMMT$BJ32I=SKMmT$BJ3I=0KMWdM2T$BJ3H>JuZOYT$BJ3H0>JMcMT$BJ3Hd>JMa(T$BJ3hH>JMT$BJ3EH>fJMT$BJ3"H>CJMkM _cT$BJ3G?JT$BJ3GCIhbYh@QYh@Yh/Ym|huHYhuHYhYh@YhYhYhY<h@YDhY8h{Y@hjYLh@YYThHYHh7YPh&Y`h@YhhY\hYdhYh@YhYhYhYPh@YXh|YLhkYThZYh@IYh8Yh'YhYh@YhYhYjh|ThuWFYhYh@Y4hYhY0:ehuEYhuEYhuEYh9Yxh@(YhYthY|hYphYh@YhYhYhYh@Yh~YhmYh\Yh@KYh:Yh)YhYh@YhYhYhYh@YhYhYhYDh@YLhnY@h]YHhhLYPh;Yh@*YhYhYhYh@YhYhYhYh@YhYhYhoY$h@^Y,hMY h<Y(h+Yth@Y|hYphYxLhusBYhYahuLBYhYh@YhYhwYhfYh@UYhDYh3Yh,jhuAYhjhuAYh(Y(hTY,j0ihuTAYjh|4hv7AYjh|hvAYtA`hvAYjhh$v@Yh8EYjh`h.v@Y|xjh2h8v@Yh83YhhhBvP@Yjh,R0hLv3@Ys*S_l8{!_%ee0et^`d\\EeTdpddddde*e>eLe^ereeeefe8deeeW[[["[@[V[l[[V,ddddccccccccctcbcPcDc:cVVVVVVxVfVZVPVDV0V$VVVUUU(U<ULUbUvUUUUUUUTTTbc,c]]bbbbbbrb`bNb>b]].bbbbaa]]]^^aaaaaraZa@a.aaa````````z`n```T`B`2`$``_______~_j_R_@_(___^^^^^^^^^8^J^^^r^[[[][\\.\:\H\V\l\\\\\\\\\](]@]X]p]^:W$fW8fWW*ZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMT$BJ3DoeqEeMoMf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMT$BJ3S2UM}@tT$B<3bS2UMT$BJ3?S2`UMKtM6M8MbuYYM}MHuYYuwYYT$BJ3R3TMs^MMT$BJ3R3TuYYMC8T$BJ3jR3TMMMT$BJ37R4XTuXYMhM`uXYMNM7uXYT$BJ3Q(4SMM M0T$BJ3Q4SMMxT$BJ3tQ4SMuWYT$BJ3GQ5hSMMMxlT$BJ3Q@5/SMIMAM9T$BJ3P3P|5RMMEeMT$BJ3P5RMXT$BJ3gP5R|X$XMMT$B 3#P(6DRM0[T$BJ3OT6RM8MM(T$BJ3O6QMgMM<rMljMT$BJ3~O6QMMM<erMljT$BJ3:O 7[QM,T$BJ3OL78QM3M,T$BJ3N3N7QMMTMT$BJ3N7PM<M,u(UYT$BJ3nN7PMMT$BJ3CN,8dPM~T$BJ3 NX8APMXT$BJ3M8PM2M'T$BJ3M8OMM4MPM`T$BJ3M8OMMMMMMMMIT$B|3$M 9EOMM4MPFM`;Mp+tT$BJ3L9NM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM|FjPuDWM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM}MEMEMEw]CEMthss] EPEPM1%FPPM MPM!EPM MPM!MEPME;uTPMMEMEMEMEMEMM{hh!M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MNA0uI4uAxA4u@|UQA4eMujh|$PEVUD$tVY^V@D$tVY^j*Q~u@23WN,]LWNhEWE/WEWEwWPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MN{j,&M0ueuMukMqt?uFMMk3j,&Mu3Mue%;uFMM(Mb#;M6j-^Me3Fuu5teEh0hjj4AbMu3;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MoMEtMEjuMPVM_MEIME/3FjtEPeMt3FMM@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MonitorFromRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MoveFileExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MoveFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MoveWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MPSUS#s3Qc#CP[ TC{;Rk+9 KPWS3w7Qg'! GP_xTc?Ro/OPWS[QYUA]@PXT!\ RZV`PWS[QYUa]`PXT1\0R
Ansi based on Dropped File
(~WRD0000.doc)
MPSUS#s3Qc#CP[ TC{;Rk+9 KPWS3w7Qg'! GP_~Tc?Ro/O`PTsRp0P
Ansi based on Dropped File
(~WRD0000.doc)
MPSUS#s3Qc#CP[TC{;Rk+KPWS3w7Qg'GP_Tc?Ro/O`PTsRp0P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MPSUS#s3Qc#CP[TC{;Rk+KPWS3w7Qg'GP_Tc?Ro/OPWS[QYUA]@PXT!\ RZV`PWS[QYUa]`PXT1\0R
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MpT$BJ3pLsMMMMT$BJ3p3prMMEeMMMT$BJ3CpdrMH~EXeXMlfM]M`MM0EM=M5M -T$BJ3oqMMMMMMT$BJ3o3wolqM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQ3EMEoF;|MSWuE~t3~4>F;Y|WHYxE@MME#>j1<=MeEPSu3MM=EePMEvMmv3@tFVWj=iY+3;_^UTjD <MTM@8ej|VM0 3jChM]MTE0PEPE@PEM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQ9 39 E0 MEoF;| 9 MSWu0 E& ~& t3& ~4& >F;Y|WHYxE@MM9 E#>j1<=9 MeEP9 S& u3MM9 =E9 0 eP9 MEv9 Mmv3@tFVW9 9 9 j9 =iY+3;x_^9 UTjD a<0 MTM@8ej|9 VM0 3jChM]9 MTE0PEPE@PEM9 ]
Ansi based on Dropped File
(~WRD0000.doc)
MQ9 h3Pj5(DMM`3@h Sja3}#jh "0 Mh(Sja}& 9 u& M
Ansi based on Dropped File
(~WRD0000.doc)
MQ9 L 3Vj0 F5(DME! ME! ME! MM! 3@ojx0 Mh x Sj;}& e9 u& ZM @~eM4~ME(~ME~9 ME P09 E
Ansi based on Dropped File
(~WRD0000.doc)
MQh3Pj5(DMM3@h Sja3}#jh"Mh(Sja}uM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQj9 & uE0 EEPjShm4 9 ]9 E0 D& teMQj0 }0 ]9 _^[9 M~9 T$B9 J3u`wYMP,QMd$QMSMPQMdQM@QM0PMdPMMPMdPM PMP9 T$B9 J3n9 MP9 M: P9 M$P9 M4& P9 T$B9 J3'HMbPMZPMRPMJPMBPM:P9 T$B9 JR39 MP9 M9 T$B9 J3MSOMOMROMOMOuY9 T$B9 J3^<M=9 T$B9 J3;\9 M9 T$B9 J36MTMM@OM8O9 T$B9 JR39 M"9 M'9 M8'9 MXGT9 Mp<T9 T$B9 J3 MNMNMNMSNuY9 T$B9 J3Cd9 T$B9 J3(XI9 T$B9 J3
Ansi based on Dropped File
(~WRD0000.doc)
MQj9 & u|9^t,9^t'9 G<8PEu9 M9Hu;x4u
Ansi based on Dropped File
(~WRD0000.doc)
MQjPjNPEM9 EEP9 V9 9 L$u~& u69 L$h& & u$9 L$jhx& u9 & t3@3^jX9 M u3M0 ]0 ;tVWu9 0 ~;tN9 & uCjhM'SNP9 SUREPM9 ],SSuNP9 P9 ;u9 MMj"Y'9 9 u3;tm0 ]M0 ]: 9 MQVEP8;M|9uhMT& uhaMC& u& 0 ! M]u 9 D$V9 && t9 VhP9 ^U9 QQQuML9 M9 E0 9 M0 HjUYY9 39~ 0 ]SjEPNP0 ]; " uMz9 EE;tUR0 ]9 PQ;|^9]tY9 E0 E9 E0 EEPu ;t<0 ]9 E9 URuEuP ;|
Ansi based on Dropped File
(~WRD0000.doc)
MQjPjNPEMEEPVL$uu6L$hu$L$jhxut3@3^jXMu3M];tVWu;tNuCjhM'SNPSUREPM],SSuNPP;uMMj"Y'u3;tm]M]MQVEP8;M|9uhMTuhMCuM]uD$V&tVhP^UQQQuMLMEMHjUYY39]SjEPNP];uMzEE;tUR]PQ;|^9]tYEEEEEPu;t<]EURuEuP;|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQjuEEEPjShm4]EDteMQj}]_^[M~T$BJ3u`wYMP,QMd$QMMPQMdQM@QM0PMdPMMPMdPM PMPT$BJ3nMPMPM$PM4PT$BJ3'HMbPMZPMRPMJPMBPM:PT$BJ3MPMT$BJ3MOMOMOMOMOuYT$BJ3^<M=T$BJ3;\MT$BJ36MTMM@OM8OT$BJ3M"M'M8'MXGTMp<TT$BJ3MNMNMNMNuYT$BJ3CdT$BJ3(XIT$BJ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQju|9^t,9^t'G<8PEuM9Hu;x4u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQL3VjF5(DMEMEMEMM3@ojxMh Sj;}euZM@~eM4~ME(~ME~MEP0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MS Shell Dlg
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
mS?6& grW J" z+{8: }
Ansi based on Dropped File
(~WRD0000.doc)
mscoree.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MsgWaitForMultipleObjects
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MSPMPVMUMuYuMhHPVMySuME$MEfM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT$BJ3M,MT$BJ3jM,MaT$BJ3?H`Mz,M(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT$EM4EMEM$Ej,&{M]v,eM#t)vMF(8jjMjj{YF,MM'{j,&z}uvvMeM/tvMAjjMjh'vvMM{jH2zMj53M]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT0 ~$EM4EMEM$E j,&{9 M]v,eM#& t)vMF(8jjMjj{Y0 F,MM'{j,&z9 }uvvMeM~/& tvMAjjMRjh'vvMM{jH2z9 Mj53M0 ]
Ansi based on Dropped File
(~WRD0000.doc)
MT39}lPuh;E9~<NP NEXE0;u}\9}XtE\NPlEh9}\u;uMTVMM4}MEMDEN3CE9}\u9}htupPP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MTEMdc4EDe\PE\SMdF;tEDe\P\VMdEEDe\P\WMdEEPM;PMDE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEP$u}~jP}tjs8~jP}tjKX3Kp3_^[UVWE~P$EPEPy$t%8EP$PREPEPT$u_^UVWE~P,$EPEP%$t uaEPEP$u_^VWy{ VtH4tVNy3_@^j4=gMe~X|eEv1u$tSMQtSNp1EE;ErMMt3@ApVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEPuN$E{MN1Ry5j|Q4MMuy!EEPutEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEPWuNXyNxEYMj 8Mh|ZNXM+~$bQu4WNVt'uMQMeP=`MMXM"QtL~Tu~4jFTNttWeEPuN4Vt}tuM_MMP@Bj$#[Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MultiByteToWideChar
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MUMQH9 T$B9 J3xq|s9 MR9 T$B9 J3|qsM 9 T$B9 J3Yqzs9 E e9 My Mp Mh M` 9 T$B9 J3
Ansi based on Dropped File
(~WRD0000.doc)
MUMQHT$BJ3q|sMT$BJ3|qsMT$BJ3YqzsEeMyMpMhM`T$BJ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MuuE9]rRFuL@uFDE+E;Ew1A@u}uFu%#QR@$#At3_^[U$@HMMSXVW3}}}M}E};EM4+E;Ev3M;tQPF)YYuFuuEEFEM;tQP)YYuF)Y;EuxE+E;Ewd}tgG@u}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MuUSf/tC]EURPEQ@E;tM;t3QPEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Mvu;r3@jQMEPeh($Mu3MM3FUQMejh4$EL$h4$jj9[ueND$Jr
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
mx,x'_ll'b_
Ansi based on Image Processing
(screen_9.png)
MXE?jEPhT9 T9 QM8& thDh0jE8Ph9 TEP9 X;tjEPhh 9 Tjh|9 RV9 QV9 N9 ;tIM 34& v)WM a;tjPhR9 <TM G3;rux9 MhEl GM .9 ulmj|* 9 >0 M39}u3*M0 }9}tuM9 0 ejh9 EPx!BxExA9 ;~3jZQ: IY9 3& ~iMEPVxECM& t8j7Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
MXE?jEPhTTQM8thDh0jE8PhTEPX;tjEPhhTjh|VQVN;tIM 34v)WM ;tjPh<TM G3;ruxMhElGM .ulmj|* >M39}u3*M}9}tuMejhEPx!BxEA;~3jZQIY3~iMEPVxECMt8j7YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MXEujEPh 9 UEXP9 PME
Ansi based on Dropped File
(~WRD0000.doc)
MXEujEPhUEXPPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
myInjectedOnClickFromAlert()
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MyTerminate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MZ@!L!This program cannot be run in DOS mode.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M|PQR49stDupE|UpRPEQ@;9upupKnupE\E=9sM<eETuXEPE|URPEQHf}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N 0 ]U:9 j9 E0 ^<0 ^40 ^80 ^@P9 Q%SV9 39^@t9 F8;t
Ansi based on Dropped File
(~WRD0000.doc)
N ]U:jE^<^4^8^@PQ%SV39^@tF8;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N {9 MN 79 M& t0
Ansi based on Dropped File
(~WRD0000.doc)
N#!'jXjZ>u#~ES~2e~u!tjE9]|jSj'E #a'SVWL$hDS3~1W tt$RC;}L$hG;|L$h$_^[jM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N#!9 'jXjZ>9 0 u#~9 ES9 & ~2e& ~u9 !& t9 j9 E9]|jSj9 '9 E #a'SVW9 9 L$hDS9 9 3& ~1W9 x & tt$9 9 RC;}9 L$h9 G;|9 L$h$_^[j M
Ansi based on Dropped File
(~WRD0000.doc)
N#p~9 EPf9 j9 E9 kV9 D$tV! Y9 ^U9 QS0 M9 MV 9 u9 9 ;r3@9 MP| f{t3u9 eW;sdVuYY& tg69 ML f"u6j 3Y;t0 x0 x#9 9 Vu9 P& t!9 MWf,u9rS9 E_^[9 j9 3f}uEV3W9 9t$u1jY;t0 p0 p#9 t$9 t$jV9 b_^V3W9 9t$u1jaY;t0 p0 p#9 t$9 t$V9 _^V3W9 9t$u1jY;t0 p0 p#9 t$9 t$V9 _^V3W9 9t$u1jY;t0 p0 p#9 t$9 t$VV9 _^t$& t|$tt$9 3@j \9 }u3/juMueEP9 MM9 `9 t$}& t/W9 |$& u3!V9 p& t9 9 Pt39 F0 3@^_V9 D$tVY9 ^j[0 M9 ]9 9 u0 E9 ;Er3@xP9 f[t3c9 e;EOVS3YY;t69 & f"u"jYY9 0 M0 }; hf- "!f0r
Ansi based on Dropped File
(~WRD0000.doc)
N#p~EPfjEkVD$tVY^UQSMMVu;r3@MP|f{t3ueW;sdVuYYtg6MLf"u6j 3Y;txx#VuPt!MWf,u9rE_^[j3f}uEV3W9t$u1jY;tpp#t$t$jVb_^V3W9t$u1jaY;tpp#t$t$V_^V3W9t$u1jY;tpp#t$t$V_^V3W9t$u1jY;tpp#t$t$VV_^t$t|$tt$3@j\}u3/juMueEPMMt$t/W|$u3!VptPt3F3@^_VD$tVY^j[M]uE;Er3@xPf[t3ce;EOVS3YY;t6f"u"jYYM};hf-f0r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N$Y~&9^uvNvDv@9FN;l}NMF$F 3@U4SCV3;9pWVVPE3u}EPuuE@PuPuE WuEuEu@uPVVuuE}Y;9u u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N,WK|33@_^U}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N,WWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
n1Y& tF9 UFV& tB0 U9 M9 E^[& t 9 U9 S3VW9u1h(VS,0 5;t0 E8u0 u9 UEPSS}
Ansi based on Dropped File
(~WRD0000.doc)
n1YtFUFVtBUME^[t US3VW9u1h(VS,5;tE8uuUEPSS}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N30 F0 F0 F@0 F0 FD0 FH0 F,0 F00 F80 F0 F<F(dF4FL9 ^V9 jv@ 9 L$9t@u
Ansi based on Dropped File
(~WRD0000.doc)
N38NV3:E_^[]EM9csmu)=pWt hpWbtUjRpWM#E9XthW&EMHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N38pNF38`E@fMUS[EMt_I[LDEEtE|@GEu}t$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N38ZNV3:JEH9SRhWQL$+#%;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N3FFF@FFDFHF,F0F8FF<F(dF4FL^Vjv@L$9t@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N8m$x)CWKdmh}H cADKJ|]1J<c8KWn@$1@ %xP?/.k/h,t@,LB/2dp;;CC/B-4/~B3!b:.,YzDJ$8a-`_@D Chclc`'R/#!Faw(@=:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N8m$x9 )CWK& & d mh}H! cADKJ|]1J<c8K0 Wn x@$1@ %`xP?/ .k /h9 ,t@, LB/2dSp;;CC /B-4/~B3!b: .,Y zDJ}$8a - `_@D Ch9 clc`'RR/ #!Faw(@=:
Ansi based on Dropped File
(~WRD0000.doc)
N9 9 v@9 jB+u9 0 u ej M9 `uj6t0 M30 ]9& t9 Mh~ 9 5 SSSSjqSu0 E;w9 Mh~ i@P+ 9 Y;t9 E@PSW 9 ESSuWjpSuM@}3FWM0 u WY9 MEPn M0 u] 9 EuVj9 |$t=W9 |$ut$& xY9 & t"W9 Wt$vv# 0 ~G0 ~_^jCs9 jL}t=uM" ueM?}9 & tjV9 iVtYMMJ _tVWj9 t$9 L$9 & t9 L$9PV9 VXtY_^VW9 |$9 9~tjjW9 _9 ^QU9 SV9 M9 EpMv& MS^`[9 D$9Aw@P V9 9 F@P& t9 F9 Nf9 T$f0 AF9 F9 N3f0 A^S9 \$V9 & tGWSw~Y9 9 uWSE+9 FP)& t9 F9 N+SQ9 NAP~_^[V9 }& t9 Ft$P YY& t+F^V9 a& u,9D$t&9 D$9F~9 Nt$AP{ YY& t+F^V9 "& u 9D$t9 Ft$PH YY& t+F^jCqhEP9 eM9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
n;^iLA`rqg<GK
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
n;^iLA`rqg<GK&
Ansi based on Dropped File
(~WRD0000.doc)
N<E(9 E0 F09 E0 F$0 ~(0 ~,0 ~40 ~89 %U9 9 EVW& t4jYURjuf0 M9 M0 M9 9 uP #E_^U9 Q9 A$e9 URPQ& }39 E|$W9 u39Vw9 {& t9 9 W9 i Wt$9 ~^_U9 QeVW9 w9 z& t9 r9 W9 ! W9 MVy9 9 E_^U9 QeVq(>u9 A$9 VPQ0& t39 69 MQVP #E^j19 Mx9 F$e9 eURP & t3MM~9 u9 Mx}tu3Fj.9 ~8u.jY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
N<E(EF0EF$~(~,~4~8%UEVWt4jYURjufMMMuP#E_^UQA$eURPQ}3E|$Wu39Vw{tWiWt$~^_UQeVWwztrW!WMVyE_^UQeVq(>uA$VPQ0t36MQVP #E^j1MxF$eeURPt3MMuMx}tu3Fj.~8u.jYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N@Cg533@eEIVW>t1t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N@CRg5 33@9 eEI9 VW9 >& t1! t
Ansi based on Dropped File
(~WRD0000.doc)
N],FF1+0 ~(0 ~$0 ~00 ~,N\E0 ~80 ~4 NtE 0 ~<0 ~@0 ^D0 ~H0 ~X0 ~L0 ~P0 ~T0 ~p0 0 0 0 0 0 ~R0 ^l9 A,Ph|rq<53U9 V9 uW9 & th~rb9 efxu9 @& t9 URhlrP& }e9 9 @3& tf8u9 @& t9 u9 Q9 P 9 9 E& t9 PQ9 W _^]U9 V9 u& t;~v59 9 @3f89 0 UURP(& |}9 9 It3f0 W ^] t
Ansi based on Dropped File
(~WRD0000.doc)
N],FF1+~(~$~0~,N\E~8~4NtE~<~@^D~H~X~L~P~T~p^lA,Ph|rq<53UVuWth~rbefxu@tURhlrP}e@3tf8u@tuQP EtPQW_^]UVut;~v5@3f8UURP(|}It3fW^]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N^jcMq3]z;~)~StjC;|jWjM^Xjdsuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NaejN,pNPEfNtEfj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
need dictionary
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
negative_btn
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NeMIMEVEPMEiu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NeMIMSEVEPMSEi& u
Ansi based on Dropped File
(~WRD0000.doc)
NEMNC= V9 yD$tVY Y9 ^jX5<" 0 M39uu3@ 9 MEP! hRM0 u{& uMM9 9 Mx;0 E0 u}_u9 M9 & ;EP9 -hRME & t:EP9 ME& uM9 M0 AME@hRM& 9 e0 E& }u9 i9 & ! ESP9 SPMEp&MSEh RMr& tRj0}Y9 0 ME& t9 3W9 Eo& t9 }V9 DVOX& t9 j9 E9 E;ERVMEZE9 E;ER3Fsy9 D$0 Ar9 Iy9 D$0 Ar9 I3f0 A|$Vt.9 qAr9 9 9T$rr9 9 IH;D$v2^9 T$9 BV9 00 r9 0 ~-u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 BSV9 39u."!9 F8X-t9 @0 F8X-t<^["!9 8Y-u9 9 A8X-t0 N9 N;u0 F9 @8X-t9 N8Y-u0 F^[SV9 39u9 F8X-t^[9 H8Y-u9 9 8X-t0 N9 N;Hu0 F9 @8X-t0 F^[9 D$x9 Pr9 @RPqjV9 D$tV Y9 ^ |$V9 t+~r%|$FW9 8vt$WjP'W Y_t$9 F^ |$V9 t+~r%|$FW9 8vt$WjPW^ Y_t$9 F^U9 VW9 }9 9~s9 F+;Es0 E}v@9 NSVr9 9 r9 +E]PS+QR 9 F+EP9 \[_9 ^]jP9 0 }9 uv9 u%3j9 [9 O0 Mm9 U;sjX+;w4
Ansi based on Dropped File
(~WRD0000.doc)
NEMNC=VyD$tVYY^jX5<M39uu3@MEPhMu{uMMM;Eu_uM;EP-hME t:EPMEuMMAME@hMeEuiEPPMEp&MEhMrtRj0YMEt3WEot}VDVOXtjEE;EVMEZEE;E3FsyD$ArIyD$ArI3fA|$Vt.qAr9T$rrIH;D$v2^T$BV0r0~-uVrpI^;QuAJ;uABSV39u.F8X-t@F8X-t<^[8Y-uA8X-tNN;uF@8X-tN8Y-uF^[SV39uF8X-t^[H8Y-u8X-tNN;HuF@8X-tF^[D$xPr@RPqjVD$tVY^|$Vt+~r%|$FW8vt$WjP'WY_t$F^|$Vt+~r%|$FW8vt$WjPW^Y_t$F^UVW}9~sF+;EsE}v@NSVrr+E]PS+QRF+EP\[_^]jP}uvu%3j[OMmU;sjX+;w4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Ne~^8ENXE NpEv jEjjujEmNpE%NXE%N<E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Nff,9 xj~9 0 u4R~9 E9 & ~2e& ~u9 & t9 j9 E9]|jSj9 9 ENMN2)<xjhW~9 0 u39}u
Ansi based on Dropped File
(~WRD0000.doc)
Nff,ju4~E~2e~utjE9]|jSjENMN2)<jhWu39}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NlE7h1NE"8M0 ~0 ~40 ~00 ~8MEM0 Fdj0 WP0 ~$0 ~(0 ~`0 ~\0 ~h0 0 ~,0 ~X9 j
Ansi based on Dropped File
(~WRD0000.doc)
NlE7h1NE"8M~~4~0~8MEMFdjWP~$~(~`~\~h~,~Xj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
nn,n=nNn_npnn nnnnnnnoo+o<oMojo{oRooooooopp*p;pLp]pnpppppppppqq)q:qKq\qmq~qqqqqqqqrr(r9rJr[rlr}r}rxrrrrrrss's8sNs_sus s ssssssst3tDtUtmt`tttttuuu;uLuVuquR9 f L& KNaua{3c471948-f874-49f5-b338-4f214a2ee0b1}EI m_WM_ALERT_COPY_DATA_EVENTEB m_WM_BROADCAST_RELEASE_ALL_ALERTSEB m_WM_BROADCAST_ALERT_IS_APP_EXISTSEB m_WM_BROADCAST_OPEN_APP_FROM_ALERTbad allocationpu~lwr;xxxVrrx(("zYsDyxy" ry0 usU'r#s.rswALLP_STR_ID_ALERT_ABOUT_DIALOG_SECOND_PARAGRAPHALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_FIRST_PARAGRAPHALLP_STR_ID_ALERT_ABOUT_DIALOG_ALERT_VERSIONALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_TITLEALLP_STR_ID_ALERT_OKALERT_ABOUT_DIALOG_MUTEX_NAMEFALSETRUE,"'d4 "!#TITLEINTERVALURLIDFEED| #FEEDSNOT_MODIFIEDLAST_UPDATE_TIMECHANNEL BBMCfC$T(CHANNELSALERTSS , ,0 ,map/set<T> too longPosting is app exists request. MessageId: %dCAlertChannelsList::ProcessOpenAppMessageFeed id: %s, MessageId: %s last request time: %d8 OALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_TITLEALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_DESCRIPTION__2NO_USAGEALLP_STR_ID_SAMPLE_NOTIFICATION_HEADERALLP_STR_ID_SAMPLE_NOTIFICATION_DESCRIPTION__2ALLP_STR_ID_SAMPLE_NOTIFICATION_TITLE__2LOCALE_NOT_SUPPORTEDMODIFIEDUNSPECIFIED_ERRORTRANSLATED_KEYSRELOAD_INTERVAL_HHFLAGSALERT_TRANSLATIONSINTERVAL_SECNAMEPROTOCOL_VERSIONSERVICESERVICE_MAPVERSIONSERVER_URLINTERVAL_HHAUTO_UPDATEALP_CLIENTS_SERVER_URLALP_SERVICES_SERVER_URLSHOW_SYS_TRAY_ICONMAX_SHOWED_MESSAGESMESSAGE_SHOW_TIME_SSUSER_CLOSE_INTERVAL_MMDATALOCALELUTINTERVAL_MMALERT_LOGINUser is Idle less than a minute :Idle time %dCAlertClient::OnTimerUpdateChannelsUser is Idle more than minute :Idle time %d nS>: iExpirationTimeSecTimeRecieved*jU;UqUUUVCV"!VVVVWW W\W\W\W\W\WxWEX>: T& WW" WWX\k``0 ``a"aCaaSaaaaaabb|ccd4dIdfdmdtddU>: qUgegeOargargsidDon t show me notifications like thisdont_show_this_type_check_boxCancelnegative_btnOKpositive_btnelementstexturlimagewindow_titledisplay_timewidthheightrawcodeALLP_STR_ID_ALERT_YESYESALLP_STR_ID_ALERT_NONOALLP_STR_ID_ALERT_CANCELALLP_STR_ID_NOTIFICATION_DONT_SHOW_NOTIFICATIONS_FROM_THIS_TYPEdefaultieff</alert_result></cmd></ui_arg<ui_arg</arg<arg></id><id><cmd></guid><guid></author></name><name><author></feed_id><feed_id></type>ALERT_RESULT_TYPE<type><alert_result>browser_typeguipubDateguidmain_cmdmain_linkhtmldescriptioncontentid_expiration_timeout_sectimeout_sectitlealert_itemfeedauthorinstant_alerts_channels~lwr;xxxrrx(("zYdrDyxymry0 usU'r#s.rsMS Shell DlgB ) zyxximh<iufdisogmggwl6m B ) zyxx"rJrmhlrufdirtogm;qUwl6muP& }MyTerminateupon termination. memory size: %dAlerter Logic ClassSTATIC& `ALLP_STR_ID_NOTIFICATION_TRAY_ICON_TOOLTIPAppNotificationDialog& ~ x< xxxxxW`((`YRDyxy0 yy0 usU : RJ CAlertHTMLDialogBrowserContainer::OnApiOnReadyStart!m_pContainerParent!pAlertHtmlDialogCan not show, size illegalCAlertHTMLDialogBrowserContainer::OnApiShowMeShowMe(%s)Could not get bShowCAlertHTMLDialogBrowserContainer::OnApiOpenAboutDialoguiParamsCount != 1Param errorCAlertHTMLDialogBrowserContainer::OnApiSendUsageCAlertHTMLDialogBrowserContainer::OnApiOpenAppOpen AppJS error: %sonMessageFromFrameCAlertHTMLDialogBrowserContainer::OnApiPostMessageToParentCAlertHTMLDialogBrowserContainer::OnApiOnStartDragALERT_URLALERT_LINE2ALERT_LINE1ALERT_TITLE
Ansi based on Dropped File
(~WRD0000.doc)
nn,n=nNn_npnnnnnnnnnoo+o<oMojo{oooooooopp*p;pLp]pnpppppppppqq)q:qKq\qmq~qqqqqqqqrr(r9rJr[rlr}rrrrrrrrss's8sNs_sussssssssst3tDtUtmttttttuuu;uLuVuquR9fLKNaua{3c471948-f874-49f5-b338-4f214a2ee0b1}EI m_WM_ALERT_COPY_DATA_EVENTEB m_WM_BROADCAST_RELEASE_ALL_ALERTSEB m_WM_BROADCAST_ALERT_IS_APP_EXISTSEB m_WM_BROADCAST_OPEN_APP_FROM_ALERTbad allocationpu~lwr;xxxVrrx(("zYsDyxyryusU'r#s.rswALLP_STR_ID_ALERT_ABOUT_DIALOG_SECOND_PARAGRAPHALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_FIRST_PARAGRAPHALLP_STR_ID_ALERT_ABOUT_DIALOG_ALERT_VERSIONALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_TITLEALLP_STR_ID_ALERT_OKALERT_ABOUT_DIALOG_MUTEX_NAMEFALSETRUE,"'d4#TITLEINTERVALURLIDFEED|#FEEDSNOT_MODIFIEDLAST_UPDATE_TIMECHANNELBBMCfC$T(CHANNELSALERTS,,0,map/set<T> too longPosting is app exists request. MessageId: %dCAlertChannelsList::ProcessOpenAppMessageFeed id: %s, MessageId: %s last request time: %d8OALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_TITLEALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_DESCRIPTION__2NO_USAGEALLP_STR_ID_SAMPLE_NOTIFICATION_HEADERALLP_STR_ID_SAMPLE_NOTIFICATION_DESCRIPTION__2ALLP_STR_ID_SAMPLE_NOTIFICATION_TITLE__2LOCALE_NOT_SUPPORTEDMODIFIEDUNSPECIFIED_ERRORTRANSLATED_KEYSRELOAD_INTERVAL_HHFLAGSALERT_TRANSLATIONSINTERVAL_SECNAMEPROTOCOL_VERSIONSERVICESERVICE_MAPVERSIONSERVER_URLINTERVAL_HHAUTO_UPDATEALP_CLIENTS_SERVER_URLALP_SERVICES_SERVER_URLSHOW_SYS_TRAY_ICONMAX_SHOWED_MESSAGESMESSAGE_SHOW_TIME_SSUSER_CLOSE_INTERVAL_MMDATALOCALELUTINTERVAL_MMALERT_LOGINUser is Idle less than a minute :Idle time %dCAlertClient::OnTimerUpdateChannelsUser is Idle more than minute :Idle time %dnS>iExpirationTimeSecTimeRecieved*jU;UqUUUVCVVVVVWW W\W\W\W\W\WxWEX>TWWWWX\k````a"aCaaSaaaaaabb|ccd4dIdfdmdtddU>qUgegeOargargsidDon t show me notifications like thisdont_show_this_type_check_boxCancelnegative_btnOKpositive_btnelementstexturlimagewindow_titledisplay_timewidthheightrawcodeALLP_STR_ID_ALERT_YESYESALLP_STR_ID_ALERT_NONOALLP_STR_ID_ALERT_CANCELALLP_STR_ID_NOTIFICATION_DONT_SHOW_NOTIFICATIONS_FROM_THIS_TYPEdefaultieff</alert_result></cmd></ui_arg<ui_arg</arg<arg></id><id><cmd></guid><guid></author></name><name><author></feed_id><feed_id></type>ALERT_RESULT_TYPE<type><alert_result>browser_typeguipubDateguidmain_cmdmain_linkhtmldescriptioncontentid_expiration_timeout_sectimeout_sectitlealert_itemfeedauthorinstant_alerts_channels~lwr;xxxrrx(("zYdrDyxymryusU'r#s.rsMS Shell DlgB)zyxximh<iufdisogmggwl6mB)zyxx"rJrmhlrufdirtogm;qUwl6muP}MyTerminateupon termination. memory size: %dAlerter Logic ClassSTATICALLP_STR_ID_NOTIFICATION_TRAY_ICON_TOOLTIPAppNotificationDialog~x<xxxxxW((YDyxyyyusUJCAlertHTMLDialogBrowserContainer::OnApiOnReadyStart!m_pContainerParent!pAlertHtmlDialogCan not show, size illegalCAlertHTMLDialogBrowserContainer::OnApiShowMeShowMe(%s)Could not get bShowCAlertHTMLDialogBrowserContainer::OnApiOpenAboutDialoguiParamsCount != 1Param errorCAlertHTMLDialogBrowserContainer::OnApiSendUsageCAlertHTMLDialogBrowserContainer::OnApiOpenAppOpen AppJS error: %sonMessageFromFrameCAlertHTMLDialogBrowserContainer::OnApiPostMessageToParentCAlertHTMLDialogBrowserContainer::OnApiOnStartDragALERT_URLALERT_LINE2ALERT_LINE1ALERT_TITLE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
No Dspid params
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NOT_MODIFIED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notification id: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notification Settings
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications bring our latest news right to your desktop!
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications enabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NotificationsData
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NotificationsHtmlDialogs
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
notificationTitle
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
notificationType
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
notificationUrl
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NP9 SP3S9 0 _^[V9 S~D$tVi'Y9 ^jL&MejuMMM3@&V9 t$Vt$t& t9 P& u@!j9 oVt$hYY9 -@^V9 t$& u3V9 & tjXf0 hf0 F3@^Vj9 h5(Dt$9 t$t$^Vh xh xj9 djh 5(D3@^j0"%9 39tG90t?MahjM0 }9 ;t9 9 V%YMM0 <h9 }& 9 u; E0 }P9 9 & u
Ansi based on Dropped File
(~WRD0000.doc)
NPSP3S_^[VD$tVi'Y^jL&MejuMMM3@&Vt$Vt$ttPu@!joVt$hYY-@^Vt$u3VtjXfhfF3@^Vjh5(Dt$t$t$^Vhh jdjh5(D3@^j0"%39tG90t?MahjM};tV%YMM<h9}u;E}Pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NPUAe~9 }9 j9 E9 ,V9 D$tV,,Y9 ^V9 0XU9 ^jk*9 9 E3A`U0 F;s0 N9 F3jZQV63Y0 F9~v.j$Y9 0 Me& t}39 NM0 G;~r9 f+VW9 3`U9~v9 F8t9 & t9 j9 G;~rv5Y_^9 Q9 D$;v9 s3@9 I9 D9 D$;Ar39 I9 t$& tt$9 VW9 39~vW9 & t9 & uG;~rG_^V9 9F^VW9 39~vW9 ^& tt$9 G;~r_^V9 XU1D$tV}*Y9 ^VW3W
Ansi based on Dropped File
(~WRD0000.doc)
NPUAe~jE,VD$tV,,Y^V0XU^jk*E3A`UF;sNF3jZQV63YF9~v.j$YMet3NMG;~rf+VW3`U9~vF8ttjG;~rv5Y_^QD$;vs3@IDD$;Ar3It$tt$VW39~vWtuG;~rG_^V9F^VW39~vW^tt$G;~r_^VXU1D$tV}*Y^VW3W
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NR9 ^jc"!0 MRq39 0 ]z9 ;~)& ~S9 & t9 j9 C;|jWj9 xM9 ^Xajd~s"!9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
NRe~9 ^89 ENXE NpEv 9 j9 E9 j9 9 j" 9 0 uRjEmNpE%NXE%N<E
Ansi based on Dropped File
(~WRD0000.doc)
NTEfh9 j "9 M3;u3aEPxh`M0 u[E& u3hXM[E& u"hHMJE& uh : M(E& t3FMMH9 ! jMXVueMlMMFVPSVqTW9 "!~9 3& ~)S9 a& t9 j9 C;|& ~jWj9 F_^[jHj'9 }39 0 ]f@& t9 Mjh|9 Mh9 K9 u9 MWQ hT"!9 Jt;jh|9 M`M3F9 0 u0 u& ~CS9 >f<ue f>u0 u}tf
Ansi based on Dropped File
(~WRD0000.doc)
NTEfhj"M3;u3aEPxh`Mu[Eu3hXM[Eu"hHMJEuhM(Et3FMMHjMXVueMlMMFVPSVqTW3~)SatjC;|~jWjF_^[jHj'}3]f@tMjh|MhKuMWQhTJt;jh|M`M3Fuu~CS>f<ue f>uu}tf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Number of params is different from 1
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Nv@jB+uuejMuj6tM3]9tMh5SSSSjqSuE;wMhi@P+Y;tE@PSWESSuWjpSuM@3FWMuWYMEPnMu]EuVj|$t=W|$ut$xYt"WWt$vv#~G~_^jCsjL}t=uMueM?tjViVtYMMJ_tVWjt$L$tL$9PVVXtY_^VW|$9~tjjW_^QUSVMEpMvM^[D$9Aw@PVF@PtFNfT$fAFFN3fA^S\$VtGWSw~YuWSE+FP)tFN+SQNAP~_^[VtFt$PYYt+F^Vau,9D$t&D$9F~Nt$AP{YYt+F^V"u 9D$tFt$PHYYt+F^jCqhEPeMMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ObtainUserAgentString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oE`,EQ<EBPLYOV^D$tVuOY^j RXN}u3Mh0]t0MQZePpMMMht]3Ft+MQYEPuMMLNjxMM3;u3=LVE];'uMZ;EPUh\M]t"EP?Y~PPEMhDMt+EPYME^uMeFM=hM_t9EPXME"uM)PM]0hMtKhA\;t"MQvX~`PEMh\PFhMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
OffsetRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
OffsetRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oj,ESPE: EPM o0 }9]u29 E9 M0 EE P9 M ]+hMMh9 DM^jEPuE 9 ME0 EE P`M9 Egj 9 uMq9 Me_PMouEu9 uPMM9 0 g9 j`9 0 uuRe} h-1^9 E ^~9 E^}E^u9 E~nu9 nu} n9 E0 9 E0 9 E 0 9 E$0 9 E(0 9 $j`9 0 uh-}Eaf}E9 f}E|f} EmfM9 lU9 QeQ9 MSo9 EjHji9 30 }9 ]hR-S0 }0 }Gh&9 0 }m9 MQ9 P9 0 }X]P9 mMEe9 haM{3M0 ];t3GMMa9 @u@Ed";u@]3SY9 jEPEP@b#9]~9]S~+Y~S 9 30 ]}SEPj
Ansi based on Dropped File
(~WRD0000.doc)
oj,ESPEEPMo}9]u2EMEEPM]+hMMhDM^jEPuEMEEEPMEgjuMqMe_PMouEuuPMMgj`uuReh-1^E ^E^E^uEnununEEE E$E($j`uh-EfEfE|fEmfMlUQeQMoEjHji3}]h-S}}Gh&}mMQP}X]PmMEehaM{3M];t3GMMa@u@Ed";u@]3SYjEPEP@b#9]~9]S~+Y~S3]}SEPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ol1cBSNib+.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ole32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
OLEAUT32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
onclickLink
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onLinkNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onMessageFromFrame
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onMessageRead
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onNavigateError
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onSizeChange
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onStartDrag
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
openAboutDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
OpenProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
OpenProcessToken
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
openSettingsDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
OriginalFilename
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
OutputDebugStringW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed distance tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed dynamic bit lengths tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed literal/length tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
o}E`},EQ}<EBP L9 YOV9 ^D$tVuOY9 ^j RXN9 }u3 9 Mh0 ]& t0MQ9 ZeP9 pMM9 9 Mhta]3F& t+MQ9 YEP9 0 uMM0 ! L 9 aNjxM9 9 M3;u3=LV0 E0 ]; 'u9 MZ9 ; EP9 Uh\: M0 ]& t"EP9 ?Y~PP9 E" MhD: M: & t+EP9 YME^& uMe0 FM=h: M_& t9EP9 XME"& uM)0 PM] 0h: M& tKha9 A\;t"MSQ9 vX~`P9 EMSha9 \P9 FhaM& t
Ansi based on Dropped File
(~WRD0000.doc)
P 9 ^9 & t
Ansi based on Dropped File
(~WRD0000.doc)
P A"RB& '@L;9L
Ansi based on Dropped File
(~WRD0000.doc)
P$ &^USl$ 30 & Sj(C:htMP30 ]9p& Mp\MEtFEPhthh ME J;tgM!^& u[M(^j.Mhph9 tqM+HPFVEPM|pPMElMEGeM]/SVESPgEP0 u & t9 Eh9 ElMEEM]dMM]9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
P$&^Ul$3j(C:htMP3]9pMp\MEtFEPhthhMEJ;tgM!^u[M(^j.MhphtqM+HPFVEPM|pPMElMEGeM]/VESPgEPutEhElMEEM]dMM]Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P%h^9 I,& t
Ansi based on Dropped File
(~WRD0000.doc)
P& u[}tU9 DHt(f}
Ansi based on Dropped File
(~WRD0000.doc)
P& uE}t?9 DHt }
Ansi based on Dropped File
(~WRD0000.doc)
P&Y_^j8Fs9 9 N<3;tu~ 9 MTNP 9^t& .MM0 ]9^xtKF@PMN^D0 EEPMF]MENPhxMAOM]V9 =}@0 FPM ~`9 PSEP9 VaPME]M]"VhM]M]hM]j9 YPEP9 `9 E=MPM]M]UENPPC]M4N& & 9 MhEPU PMEM0 ]ELhpP9 YY0 };tdjSW"W$;Fp|$WYM0 ]: LhlPBYY9 0 E;t%M*M9 8WjVPWE}tuxYE3ME>M]MMTj 9 }u
Ansi based on Dropped File
(~WRD0000.doc)
P&Y_^j8FsN<3;tu~MTNP9^t.MM]9^xtKF@PMN^DEEPMF]MENPhxMAOM]V=}@FPM~`PSEPVaPME]M]"VhM]M]hM]jYPEP`E=MPM]M]UENPPC]M4NMhEPUPMEM]ELhpPYY};tdjSW"W$;Fp|$WYM]LhlPBYYE;t%M*M8WjVPWE}tuYE3ME>M]MMTj}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P'9 F<& tPXf<_^jeibH9 0 u\Oh x`PSjEi! ~t9 j9 P9 9 hHSj?! }E9 EiN`E]NDEbN,ESM9 : H9 D$;,ut$t$At=u5y(u/t$ $VhPPVj hPVj" ^j iWGMbh x QW3j0 ]c 9 u;tj9 ;t_9 9 P8E& uMu9 u9 uPLEP u& EPt 0 ]SSSEP & hHWj& ;t9 9 P<9 MM0b3gGV9 D$tVGY9 ^jidF9 FDPMya30 ]9uc& uZ9^<uUh xhQWjT& F@PSVhrSS(hHWj0 F<.& 39^<M" M9 *a9 MMa3@FjiE9 =uY& uP9 }& tI9 & tWw5,P,FDPM`eWN`b9 MM`4FjiME9 tLFDPMY`e^`9 Y&& ~"x& |W9 [P9 <W9 r[OyMM6`EV9 ~
Ansi based on Dropped File
(~WRD0000.doc)
P'F<tPXf<_^jeibHu\Oh`PSjEi~tjPhHSj?EEiN`E]NDEbN,EMHD$;,ut$t$At=u5y(u/t$$VhPPVjhPVj^j iWGMbh QW3j]cu;tj;t_P8EuMuuuPLEPuEPt]SSSEPhHWj;tP<MM0b3gGVD$tVGY^jidFFDPMya3]9ucuZ9^<uUhhQWjTF@PSVhrSS(hHWjF<.39^<MM*aMMa3@FjiE=uYuP}tItWw5,P,FDPM`eWN`bMM`4FjiMEtLFDPMY`e^`Y&~"x|W[P<Wr[OyMM6`EV~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P'~x9 j9 P9 ! 9 9 F& tPa9 E\N\E\MN@\/@U9 SV9 uW;O l9 8HH tp#t)8& CuuY& au9 u9 R<muU9 Y& ?u9 uW
Ansi based on Dropped File
(~WRD0000.doc)
P'~xjPFtPaE\N\E\MN@\/@USVuW;Ol8HHtp#t)8CuuYauuR<muUY?uuW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
p0 33V9 HD$tV(Y9 ^|$V9 t"9 D$Nh0 F\Qjjvdvvdvh9 w^V9 9 Fhij"!Y;~9 W3;uG~\u+9 P9 <& _t"vdfhv~\u9 j9 ^U9 SVWE9 Pv< 3~l9 0 ]0 ]0 ]s ;0 E~S9 <0 E9^8t}|j9 %j9 0 E0 E9^hu89 E0 9]tuv 9 N8;t9]t9]t
Ansi based on Dropped File
(~WRD0000.doc)
P0 ]0 ]0 ]0 ]E^TP9 xP9 Pu uuu9 E9 M0 9 E9 M0 _^[U9 VW9 vR 9 W& trEPEP9 ?EPv< 9 Et9 M+M0 M9 M9 U0 Ut9 M+M0 M9 M9 U0 U%PEPW9 \jEP9 _^U9 V9 9 FW3;tAMQP< & t2uEuP & t9~luFl9~lt0 ~lW9 8_3^%8%V9 x 9 ^j~f " 9 0 ueN< MN0 : V9 &jNjNf$f(f,^j--" 9 0 u^9 ej9 P9 " V9 9 jP9 j9 P^jt$X|$t|$t9 `U9 QeEPu+& u9 ERV9 D9 t3^9 F|& u@^WP f|YNp9 #9 _^u3|$tt$Pp & t5t M};" VWt$9 t$9 t$PD$ 9 ujWN49 _^U9 SV9 Wu~49 u9 u9 u9 P9 3Pu9 & u@j[;|9S 3Wu*& t#Sh|3u& uSWSuN9 _^[]VW9 |$9 & 3!9 SWPN9 ;9uN49 WP9 [_^U9 VWu9 u9 uPu49 9 %& tWu9 $9 _^]t$t$t$t$t$t$t$tYt$t$t$U9 QEth u uMj uEuP0& t9 EU9 Wjh jjjhu9 t]VEPuud 9 u& t09 E0 E9 E0 EwEPEPh EPjPWl WX'Vu ^_jf 9 0 uNteNh9 ES9 & j- 0 Me 9 MM[ jfv 9 0 uN33N40 }NPEN`ENpE0 ~|0 S0 Dj0 WPS9 R& ujjY3Y@jjpYY& ut$9 t$t$jjLYY& ut$9 t$9 t$Rjj(YY& ut$9 t$t$t$jjYY9 j U9 MehuM|!uMuXP9 MM9 9 jtQg9 39Rtz9 E+0 } IHH Ht,H& W9 ]hsN` 9{$ ;M2M EME69 }G EMthw w!FPPM !MPM `"w9 GPGPGPM WP9 MEEM
Ansi based on Dropped File
(~WRD0000.doc)
P0 ^8W~ 9 ;~
Ansi based on Dropped File
(~WRD0000.doc)
P0 P9tIh9 PYY& Pu4VYP0 9 P P9 <0 }0 _;tg 0 _0 _0 0 _OE9 :X9 }j Y9 U9 (3S9 ]V9 uW9 }EEEEEEEE9t5L Y9 M;t [ 9 jY+ J J tqJtE& EE_M]Q]]Y& & >" E_M]QE]]YjEE_"!E_]]"0 ME_rE_0 ME_ZE_ tNIt?It0It t& E_aE_ E_ E_xEEE_! : $E_E_E_ ES_}E _& ER_yE _mE _E|_Ex_M]]M]QEY& u!E_^[RR RaRRR7RR!RRRRR%HH39 U9 QQSVV5 %WEYY9 M9 #QQ$f;uUUYY& ~-~u#ESQQ$jMTrVSVEYYdES\$E$jj?6U]EY]YDzVS VEYY" uES\$E$jj.T^[jhFCT9 Eu`3;|; r?SSSSS19 <9 9 LtP
Ansi based on Dropped File
(~WRD0000.doc)
P0 ~<9 N(;t0 ~(9 N 3C;t9 S0 ~ 9 N$;t9 S0 ~$WWjv40 ~80 ^@MMs^9 DjC9 FPM4^30 ]d0 F89^ u$jh=Y9 0 ME;tZ3]0 F 9^$u$j0<Y9 0 ME;tH3]0 F$9^(uOjD<Y9 0 ME;tR3vH9 v ]v$0 F(v,N ;uMM]9 7Cv,9 N( #9 N$PUv,9 N(p#9 N Pe3Cj%BMejMPhhxj(MMBU9 V9 u;5(u}uju& t9 uuVu^]j"!A9 39] &9 N$;t
Ansi based on Dropped File
(~WRD0000.doc)
p033VHD$tV(Y^|$Vt"D$NhF\Qjjvdvvdvhw^VFhijY;~W3;uG~\u+P<_t"vdfhv~\uj^U SVWEPv<3~l]]]s;E~S<E9^8t}|j%jEE9^hu8E9]tuvN8;t9]t9]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P0@U3EjEPhuE`u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P0@}9 U9 30 EjEPhuE`& u
Ansi based on Dropped File
(~WRD0000.doc)
p0jHI0 M9 ] {-t2hMH}eEPMhEPE4 M& 9 z-t9 {9 C x-t9 9 EH9 9;uv -9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u -t9 9 9 9 9 x-t0 9 E9 H9Yu} -t9 9 G9 9 9 B x-t0 Q\0 B9 0 ;Cu9 -9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HK,Q,PYY {,& ,& 9 ;ul9 F x,u@,VF,9 F x-u}9 y,u9 H y,th9 H y,u9 A,9 MP@, ~9 F`N,H,9 MF,9 @V@,~~ x,u@,VF,Q~9 x-u9 H y,u"9 y,u@,9 9 v9 M9 A;x& ?79 y,u9 HA,9 MP@,9 `N,H,9 MF,9 V@,}G,j9 " jSY9 M9 A& vH0 AuuuJ9 EjLxYZ9 E9 }9 ]0 E9 E30 E;u
Ansi based on Dropped File
(~WRD0000.doc)
p0jHIM]{-t2hMHeEPMhEPE4Mz-t{Cx-tEH9;uv-suwMA9Xux9u>~I9u-tx-tEH9Yu}-tGBx-tQ\B;Cu-puw>SKAMI9YuAK9uAKHK,Q,PYY{,,;ulFx,u@,VF,Fx-u}y,uHy,thHy,uA,MP@,~FN,H,MF,@V@,~~x,u@,VF,Q~x-uHy,u"y,u@,vMA;x?7y,uHA,MP@,N,H,MF,V@,}G,jjSYMAvHAuuuJEjLxYZE}]EE3E;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P33SW9 = VjP Sjv_;0 F[t& u0 F9 F^],U9 SV9 5W9 s& u3@WsR 9 W& tEPs< jEPW9 D9 EEE9 EEE9 j9 uu9 P<_^[9 30 H0 H0 H 0 H0 HA0 H$@(0 H@WZa@j.O39 ~t!j8W-Y9 0 Me& t=30 F3VW9 |$W9 & ta~uX9 D$jW0 F0 ~0 F 9 9 P9 9 P9 N& t9 WPL9 9 P9 N& tv(v$v9 Nv9 PL3@_^U9 VE9 Pv@ & t6~$t0Wjjv(uu9 & tjWvtW_^V9 9 N& tf9 N& tf^9 D$0 A9 I& u3IV9 9 N& t9 N^& t`V9 9 N& t^ ~t9 L$Pvp^9 I& tf9 I& t9 I& tjV 19 e~t%u$E9 0 e$P u9 Nuu.MM)2 9 I& tq9 I& tyt9 I9 `P39 I& t9 I& tV9 ~t9 Nt$9 P~t9 N9 ^`^9 I& tt$9 t$P83@\V9 ND$tVx1Y9 ^V9 'F9 D$0 F30 F0 F0 F9 ^Vt$9 9 D$0 F9 ^EVjj9 30 F0 F0 F $9 ^V9 ED$tV1Y9 ^9 D$d$& wvW 9 L$0 3U9 9 E0 Eh$
Ansi based on Dropped File
(~WRD0000.doc)
P33SW=VjPSjv_;F[tuFF^],USV5Wsu3@WsWtEPs<jEPWDEEEEEEjuuP<_^[3HHH HHAH$@(H@WZa@j.O3~t!j8W-YMet=3F3VW|$Wta~uXD$jWF~F PPNtWPLPNtv(v$vNvPL3@_^UVEPv@t6~$t0Wjjv(uutjWvtW_^VNtfNtf^D$AIu3IVNtN^t`VNt^ ~tL$Pvp^ItfItItjV1e~t%u$Ee$PuNuu.MM)2 ItqItytI`P3ItItV~tNt$P~tN^`^Itt$t$P83@\VND$tV1Y^V'FD$F3FFF^Vt$D$F^EVjj3FFF $^VED$tV1Y^D$d$wvWL$3UEEh$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P3BSW9 = VjPSjv_;0 F[t; t;uf9 9 PX9 F^],V9 & t
Ansi based on Dropped File
(~WRD0000.doc)
P3BSW=VjPSjv_;F[t;t;ufPXF^],Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P3V)YD0tW/&Y3_^]jhpBEu% %3;|;r!%8%WWWWWXL1tPtY}D0tuYEY%MEEVuYUVuVYu%MWujuP`uP3tP%YD0 _^]jhBEu$ $3;|;r!$8r$WWWWWL1tP2Y}D0tuuuE$$8MEEu|YU4S3EVW]]E]t]E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P533@^j5f%: 9 u u u 9 =39^d 0 ^ FFSSjj0 Eu0 Euu0 Euu0 Euuuu uuuuuuSu 3juF8N4N0Pu 9^< 9^ht79^lt2 9 0 eP<.9 0 ejh|9 0 ]*v|j5 9 0 eP
Ansi based on Dropped File
(~WRD0000.doc)
P533@^j5f%uuu=39^d^ FFSSjjEuEuuEuuEuuuuuuuuuuSu3juF8N4N0Pu9^<9^ht79^lt2eP<.ejh|]*v|j5eP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P83VPf0 EEP'h& PW,& u%9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
P83VPfEEP'hPW,u%Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P9 3V)9 9 & YD0& tW/&Y3_^]jhpB9 Eu% %}3;|; r!%0 8%WWWWWX9 9 9 L1tPtY0 }9 D0tuY0 EY%ME9 EVuY9 U9 V9 uVRYu%MWujuP` 9 uP3& tP%Y9 9 & D0 9 _^]jhB& 9 Eu$ a$3;|; r!R$0 8r$WWWWW9 9 9 L1tP2RY0 }9 D0tuuu0 E$$0 8ME9 Eu|RY9 U9 4S3E VW9 0 ]]E0 ]t0 ]E
Ansi based on Dropped File
(~WRD0000.doc)
P9 9 _@^VW9 |$9 j9 9 F& t$P9 9 _@^VW9 |$9 j9 9 F& thP9 a9 R_@^VW9 |$9 j9 9 F& t
Ansi based on Dropped File
(~WRD0000.doc)
p9 9 S9 ;#U#u
Ansi based on Dropped File
(~WRD0000.doc)
P9 ;0 E~" ~9 a9 E0 9 0 F(EPN EPN40 F0[`9 n& u9 Ehp9 9 EB}jg[9 0 u3EG9 S& tP89 & tP-}YNpEN`ENPEN4EFMNVU9 V9 D9 t3[~|tWN49 Mhh P9 k9 & 3'}uEPuWv| W9 Y9 _^jjYY& uht$9 t$jjYY& ut$9 t$V9 D9 t3^S3SS YY& & Vj YY& 9^|& }9~S& Wh3@9 =<h3P0 Sh3S0 h3S0 h3S0 0 _9~t9~t9~t;u
Ansi based on Dropped File
(~WRD0000.doc)
P9 d9 V_@^VW9 |$9 j9 j9 F& txP9 09 "_@^j c9 9 Mj/9 N& t"EP9 MePMMR9 M@Od9 I3& t9 (VW9 |$9 j9 9 F& tP9 9 _@^9 `$VW9 |$9 j9 9 F& tHP9 ]9 O_@^,jxXV9 9 L$j\9 F& t!HX& u9 F9 L$XP3@3^9 L$j#9 L$@9 D$9 A& u@9 U9 Q9 Ae9 M& ujh|9 Pm9 EU9 Q9 Ae9 M& ujh|9 P;9 Ejb9 A9 MPLMueMMM9 : 9 b|$W9 u3^jh`thtjt$k& tV9 p9 G& t2& t.N$QH$x& t9 OV_& t3@3^_9 A& u9 $jo=a9 0 ueNMNaj a9 0 uR" }<E},E}ES}E
Ansi based on Dropped File
(~WRD0000.doc)
P9 KMSWM>Ah@MIEP9 EKMSWM>AhM IEP9 E KMSWM>}A9 MUl$ 30 & jPP0 E3ESPEPEPS*T;& hESP9 cMATM0 ]EPME ;u
Ansi based on Dropped File
(~WRD0000.doc)
P9 M0 F ]5SE,P9 0 ~/9 vMM,9 MM,3L4jV(K9 u$eE9 0 e$P.u9 uu`& u3MM9 K D9 9 Pt3FjUJ0 M9 ]& u3@M=es}9 u39~ptWsMvc9~lt9 PPEPsM99Tt0 }9 C3$< 0 M9XtjjEPu9 WWMQs9 Ppu9 M9 su~CtCt
Ansi based on Dropped File
(~WRD0000.doc)
P;E~~aEF(EPN EPN4F0[`nuEhpEBjg[u3EGtP8tP-YNpEN`ENPEN4EFMNVUVD9t3[~|tWN4Mhh Pk3'}uEPuWv|WY_^jjYYuht$t$jjYYut$t$VD9t3^S3SSYYVjYY9^|9Wh3@=<h3Ph3h3h3_9t9t9t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TnpQ+t3TMpQ+t3T,pQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3xP;Qt}Q+t3TPpQ+t3T/pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3ZP;Qt~Qp+t3T1pQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3T`pQ+t3T3;I@+3LP;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TbpQ+t3TApQ+t3T pQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3lP;Qt}Q+t3TDpQ+t3T#pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TspQ+t3T3NP;Qt~Qp+t3T%Qp+t3TQp+t3TQp+t3T3P;Qt}Q+t3TpQ+t3TupQ+t3TTpQ+t3T3/fPf;QQp+3TP;Qt~Qp+t3TpQ+t3TpQ+t3TpQ+t3T3iP;Qt}Q+t3TApQ+t3T pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TppQ+t3T3KP;Qt}Q+t3T#pQ+t3TpQ+t3TpQ+t3T3P;Qt~Qp+t3TpQ+t3TrpQ+t3TQpQ+t3T3,P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TupQ+t3TTpQ+t3T3pQ+t3T3pQ+3TMu+t3TAV+t3TAV+t3TAN+3LMu+t3TuhAV+t3TuKANMu+t3Tu ANpEM_3_^]*(I+nzpP\}^2>^Vjh^U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P<v h h jF ah h j{S9^ t0 ^ TiY0 F$rIi+F$Y=,vbM|vEvM;t!M;t9 9 9 Sh'vvM]4MM }hj,&g9 MeMf,j9 MMKhV9 vvj9 j9 bj9 9 ^j|$ouy39 D$;Au4;Auja&;Auj;Auj;
Ansi based on Dropped File
(~WRD0000.doc)
P<v hhjF h hj{S9^ t^ TiYF$rIi+F$Y=,vbM|vEvM;t!M;tSh'vvM]4MMhj,&gMeMf,jMMKhVvvjjbj^j|$ouy3D$;Au4;Auja&;Auj;Auj;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P]]]]E^TPxPPuuuuEMEM_^[UVWvWtrEPEP?EPv<EtM+MMMUUtM+MMMUU%PEPW\jEP_^UVFW3;tAMQP<t2uEuPt9~luFl9~lt~lW8_3^%8%Vx^j~fueN< MN0 :V&jNjNf$f(f,^j--u^ejPVjPjP^jt$X|$t|$t`UQeEPu+uEVD9t3^F|u@^WPf|YNp#_^u3|$tt$Ppt5tM;VWt$t$t$PD$ujWN4_^USVWu~4uuuP3Puu@j[;|9S3Wu*t#Sh|3uuSWSuN_^[]VW|$3!SWPN;9uN4WP[_^UVWuuuPu4%tWu$_^]t$t$t$t$t$t$t$tYt$t$t$UQEthuuMj uEuP0tEUWjhjjjhut]VEPuudut0EEEEwEPEPhEPjPWlWX'Vu^_jfuNteNhESj-MeMM[jfvuN33N4}NPEN`ENpE~|DjWPRujjY3Y@jjpYYut$t$t$jjLYYut$t$t$Rjj(YYut$t$t$t$jjYY jUMehuM|!uMuXPMMjtQg39tzE+}IHHHt,HW]hsN` 9{$;M2MEME6}GEMthw w!FPPM!MPM"wGPGPGPMWPMEEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P_@^VW|$jFt$P_@^VW|$jFthP_@^VW|$jFt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PA"RB&'@L;9L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Param error
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Params error
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PathFileExistsW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PdV_@^VW|$jjFtxP0"_@^jcMj/Nt"EPMePMMRM@OdI3t(VW|$jFtP_@^`$VW|$jFtHP]O_@^,jxXVL$j\Ft!HXuFL$XP3@3^L$j#L$@D$Au@UQAeMujh|PmEUQAeMujh|P;EjbAMPLMueMMMb|$Wu3^jh`thtjt$ktVpGt2t.N$QH$xtOV_t3@3^_Au$jo=aueNMNajau<E,EEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PeekMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PEP9 MPdPu 9 E& t9 M0 9 E& t9 M0 U9 SV9 W9 e0 E& ~Iu9 f9 EPjhS0 ]& tuEuP & uE9 E;E|3_^[9 E& t9 M0 9 U9 9 EV9 & t00 EEPjhS& tjEPS ^V9 : D$tVY9 ^U9 V9 9 N8W3& tg9 N8u9 9 PEPv@ EPuG9 0 }%9 E_3^j1C0 M3S 9 M9 9]t7! 9 5PWjhM0 Eq9 MEPSSWEP0 ]uWWMMxk9 Ej(,*0 M9 ]& u3P9 u9 uV/jVV0 E e{D0 EtE9 Mj9 M9 mPVM0 Ey9 EexPMs& thRjV 9 Euu}9 u0 EEhP9 /P9 %b9 5 Pu9 Eu9 =uD0 E9 M0Puju0 E k]u0 ]9 ]EP9 P9 a9 ]PSuSuSuS MM*x3@1jO*J9 EPuu9 & 9 } EPjhS0 ]& `9 E9E~9 E9E}t9 }T& |b;}^Mw9 }eWT& t3xPM}& t#9 E& t0 89 E& t0 MMQw3@MM@w3HU9 QQ9 EVW30 8EP9 & tA9~8tu9 N8u9 P& t=EPS WWu9 u& th0 hW P _3^U9 Vju 9 & u^]% 9 Et-SW9 }t7HtHHuRU9 RPQ9 9 & t7u9 SRS9 "MU9 RPQ9 9 E0 Wuuu _[
Ansi based on Dropped File
(~WRD0000.doc)
PEP9 zP9 Pu uu~Pt9 3a|$VWu3@M|$ uh0 j P |$+u'9 D$9 P;Qu9 p9 V9 ppR<3_^jXf9 ~<u3G 9 0 eP,e9 0 ejh|9 E)v|9 N<vxMvt6X"!U9 }VW9 vt;R 9 & tFW& t;EPv< jEPW9 ^jEPW& t
Ansi based on Dropped File
(~WRD0000.doc)
PEPH9 MPPS 9 E_;t9 M0 9 E;t9 M0 9utSV^[h&8xf0 M30 ]ME& & 9](}x3F9u,R 0 ]9] u
Ansi based on Dropped File
(~WRD0000.doc)
PEPHMPPSE_;tME;tM9utSV^[h&8fM3]ME9](3F9u,]9] u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PEPMPdPuEtMEtMUSVWeE~IufEPjh]tuEuPuEE;E|3_^[EtMUEVt0EEPjhtjEP^VD$tVY^UVN8W3tgN8uPEPv@EPuG}%E_3^j1CM3SM9]t75PWjhMEqMEPSSWEP]uWWMMkEj(,*M]u3PuuV/jVVEe{DEtEMjMmPVMEyEexPMsthRjVEuu}uEEhP/P%b5PuEu=uDEM0PujuEk]u]]EPPa]PSuSuSuSMM*x3@1jO*JEPuu}EPjh]E9E~E9E}tT|b;}^MweWTt3xPMt#Et8EtMMQw3@MM@w3HUQQEVW38EPtA9~8tuN8uPt=EPWWuuthhWP_3^UVjuu^]%Et-SW}t7HtHHuRURPQt7uSRS"MURPQEWuuu_[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PEPzPPuuu~Pt3|$VWu3@M|$ uhjP|$+u'D$P;QupVppR<3_^jXf~<u3GeP,eejh|E)v|N<vxMvt6XU}VWvt;tFWt;EPv<jEPW^jEPWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Ph0 {@u0 C9 E j 0 C Y0 E(E& tjs9 p3E0 C& t5EPs@ E<9 0 e(P09 K9 sunE,PKT.9 [M,EX'MM<L'9 TDU9 SVWE9 Pv@ vN(9 F,N$Pjj0 ]PS0 E9 = ju0 EuSuuS9 juuuuuujuuuuuujuuuuuuuuuuv_^[U9 V9 v & tGEPv< & t6uEuP & t"Fj
Ansi based on Dropped File
(~WRD0000.doc)
Ph{@uCE j CYE(Etjsp3ECt5EPs@E<e(P0KsunE,PKT.[M,EX'MM<L'TDUSVWEPv@vN(F,N$Pjj]PSE=juEuSuuSjuuuuuujuuuuuujuuuuuuuuuuv_^[UVvtGEPv<t6uEuPt"Fj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pj:YYt9h8Y9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
Pj:YYt9h8YMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pj=Vjhj;t+HT;~STSPC;|3@_[^j*u399~8j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pji9 FPMue9 " MRVj9 8& 0 9 ^9|%<& 9 30 0 H0 HV9 9 & tPY&^D$V9 tV,Y9 ^V9 NF9 ^V9 N^U9 QV9 FPMF9 vM9 ^VW9 ~W NWu9 _9 ^`_^V9 eD$tV0 Y9 ^9 D$;Ar3PnV9 9 F@P9 F9 N9 T$0 F9 vF^S9 \$V9 9 F;w6W@P9 N9 F+9 QPP`9 F9 L$ 0 F_^[U9 V9 uW9 9 G;sO9 MS;v9 }t0 u;su9 E9]r9 O9 G+QLQP+w[_^]9 A& tt$Pj! jBi9 0 ueja V9 : & uuW9 |$3jZ?Q0 F3jZ9 Q}0 F9 FYY& t9 QjP9 F& t9 QjP0 ~F_^SV9 9 ^W& t39 ~& t,~t&t$k489 4t$o& t9 @3_^[U9 V9 9 F& tHS9 ^& t?~t9Wu"9 49 F49 u%& uu9 uW;9 M0 H_[^]QSUV9 9 n3W;tI9 ~;tB9^t=t$89 9 <(& t%,0 l$l$J& t9 \$& t9 l$9+t& u3_^][Y9 [9 ~9 8+PAPQ#N9 V9 ~WtC9 ~& t<~t6t$A9 N4849 t$B& t9 L$& t9 @0 3@3_^5V9 -|$t=W9 |$ut$Y9 & t"SW9 !t$_Sv0 ^0 >[_^9 D$0pV9 9 @P9 9 F`T$9 9 N^S9 \$V9 & t8~u
Ansi based on Dropped File
(~WRD0000.doc)
PjiFPMueMRVj8^9|%<3HHVtPY&^D$VtV,Y^VNF^VN^UQVFPMFvM^VW~WNWu_^`_^VeD$tVY^D$;Ar3PnVF@PFNT$FvF^S\$VF;w6W@PNF+QPPFL$ F_^[UVuWG;sOMS;v}tu;suE9]rOG+QLQP+w[_^]Att$PjjBiueja VuuW|$3jZ?QF3jZQFFYYtQjPFtQjP~F_^SV^Wt3~t,~t&t$k484t$ot@3_^[UVFtHS^t?~t9Wu"4F4u%uuuW;MH_[^]QSUVn3W;tI~;tB9^t=t$8<(t%,l$l$Jt\$tl$9+tu3_^][Y[~8+PAPQ#NV~WtC~t<~t6t$AN484t$BtL$t@3@3_^5V-|$t=W|$ut$Yt"SW!t$_Sv^>[_^D$0pV@PFT$N^S\$Vt8~u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjS 9 = VjShjS0 9 ;t+HT9 ;~9 }STSP9 C;|3@_[^j*u9 39 9~8 }j
Ansi based on Dropped File
(~WRD0000.doc)
PjV 9 M9 VPD9 M9 WjVP@}t9 E9xt
Ansi based on Dropped File
(~WRD0000.doc)
Pjv MejuMuvMM<3@/|$V9 uAt8~t29 F& t+P& t v & tjvkYYt$9 t$^j(oW.9 9 N& tqe3}EPQ@ & tVMejEPvMq9 E+E9 M+EME"!+++M0 +MM0 }M;(9 =jj9 j30 E9 M0 ~0 .V9 9 }9 9 W9 QPWRR j9 WvtW_^SV9 9 F& t9P& t.|$tjhvv^9 Pt9 0 & tV9 D$tVG.Y9 ^U9 SVWu9 hh9 at~9 9 9 jhs0sP$9 9 j+EPs@ 9 9 9 9 uP9 9 9 RP(9 tijPs_^[j8 Wx,9 M.e9 EPM~9 u3;~0 9 U;~0 9 9 0 };t9 +;E}
Ansi based on Dropped File
(~WRD0000.doc)
PjvMejuMuvMM<3@/|$VuAt8~t2Ft+Pt vtjvkYYt$t$^j(oW.Ntqe3}EPQ@tVMejEPvMqE+EM+EME+++M+MMM;(=jjj3EM.VWQPWRjWvtW_^VFt9Pt.|$tjhvv^PttVD$tVG.Y^USVWuhht~jhs0sP$j+EPs@uPRP(tijPs_^[j8Wx,M.eEPMu3;~U;~};t+;E}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjVMVPDMWjVP@}tE9xt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjYYj9 j4j-j&qxjX'MS
Ansi based on Dropped File
(~WRD0000.doc)
PjYYjj4j-j&qjX'M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
pkeHpPMU! Gxh(@@R 0" 8) ` IJ0I h!P%"L(`#!L+(#*;-4H/A7h=hBhHhMhSh1x5P7@<xBGxMRxXX \ BINARYGIF89anz ~ ~x : yw{ x}!n, nd37 ! Qn>l 6S;a: : .C=BE&b?Vi<0^/@9*J%!\jZ4(O
Ansi based on Dropped File
(~WRD0000.doc)
pkeHpPMUGh(@@R08)`IJ0Ih!P%"L(`#!L+(#*;-4H/A7h=hBhHhMhSh1x5P7@<xBGxMRxXX\BINARYGIF89anz~yw{x!n,nd37Qn>l6S;.C=BE&b?Vi<0^/@9*J%!\jZ4(O
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PKMSWM>Ah@MIEPEKMSWM>AhMIEPEKMSWM>AMUl$3jPPE3ESPEPEPS*T;hEPcMATM]EPME;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Please contact the application's support team for more information.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMEjj>eu1N8Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMF]5SE,P~/vMM,MM,3L4jV(Ku$eEe$P.uuu`u3MMK DPt3FjUJM]u3@M=es}u39~ptWsMvc9~ltPPEPsM99Tt}C3$<M9XtjjEPuWWMQsPpuMsu~CtCt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMh4M9 MEPM0 uEs9 Ezfj(S eeEP3CM0 ]0 MEEPhHME PM 9 M& ujh|9 EPPM0 ]EM]0 ME9 Eej djhlM0 eMPjjL9 & tP=uVTVX3MMg9 oej `d9 M& t3vM9 Me& u9 M0 PEh PFM}& t|9 M\9 MPSPhuMM3@dj$ cEP9eMbMExEP\VMEPMB" 9 MPMBh9 M5EPVMPM" ME9ME! MM!+dj4DcEPeM! MEEP\VME<PM 9 M+PM & uMh9 MEqh|9 MPM/EPVMPM" ME_3FMEPME! MM89 @c3jUb9 0 u: eN 9
Ansi based on Dropped File
(~WRD0000.doc)
PMh4MMEPMuEsEzfj(SeeEP3CM]MEEPhHMEPMMujh|EPPM]EM]MEEejdjhlMeMPjjLtP=uVTVX3MMgoejdMt3vMMeuMPEh PFMt|M\MPSPhuMM3@dj$cEP9eMbMExEP\VMEPMBMPMBhM5EPVMPMME9MEMM!+dj4DcEPeMMEEP\VME<PMM+PMuMhMEqh|MPM/EPVMPMME_3FMEPMEMM8@c3jUbueN
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
positive_btn
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Posting is app exists request. MessageId: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
posting singleton event [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PostMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
postMessageToParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
postMessageToParent {
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PostMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PostThreadMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PP P~PPPPPPPQ
Ansi based on Dropped File
(~WRD0000.doc)
PP9tIh PYYPu4VYP PP<}_;tg___OE:X}jYU(3S]VuW}EEEEEEEE9t5LYM;t[jY+JJtqJtEEE_M]Q]]Y>"E_M]QE]]YjEE_E_]]"ME_rE_ME_ZE_tNIt?It0It tE_E_E_E_xEEE_$E_E_E_E_E_E_yE_mE_E|_Ex_M]]M]QEYu!E_^[7!%HH3UQQSVV5%WEYYM#QQ$f;uUUYY~-~u#ESQQ$jMTrVSVEYYdES\$E$jj?6U]EY]YDzVSVEYY" uES\$E$jj.T^[jhFCTEu`3;|;r?SSSSS1<LtP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PPPPPPPPPPQ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PPPPQWh(U
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PPs0 Ej0 EPs 0 EVs V0 EPs0 E9 C(@Ps$ss 6s ususu9 =}tu}js9 5E
Ansi based on Dropped File
(~WRD0000.doc)
PPsEjEPsEVsVEPsEC(@Ps$ss 6sususu=}tu}js5E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQ3^]^]`Vt$u@E&htt$P|YYL$tt 3>t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQ3E @^]jp>uFF|F<FFFF F$F,et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQeM-t3@jB3q,]9u$A$VPQD;tMMLv3TM]mPM}E;t3uVQPR;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQe}t3EPMMxEPO3Gj(B339uPuMuufE}u;t3Pus0E;u;t3C$URuuPQHtMt}uM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf,^3D$L$@y4u@3@@VF,tPQD$F,^tPQD$xtt$@hsP@@ UV39utZhturnYYtGE(tHtHtHtHtu'E9p(E9p(t9p,uEjYffH^]@ UVrVumYYt2VumYYt#EHtH3U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf0Ml$l$l$Vl$l$l$8l$ l$l$l$$l$jl$l$l$ Ll$l$l$$.l$ l$il$l$$l$Kl$l$VW3jF4WPFF|F<FFFF F$~(~0~D~H ~,~L_^VD$tVY^j>u"3N}:+3Cj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf<_^jX?}u3`9~<u3@VEt.MieM$iP4MMh~<WP}tS'UQMejjEPEt.t4VuuuuuPQEtPQ^tPQ@UQVucEtAxv;@u33eURhrP|}tEPQW^j{?luejEP6tXEtQeeURPQ3|9}tuEuuPEPQEMtPQ3j?3]uEjP];E;]URPEQ;E;MPMuEMURhjUR,tVPEQ;|Y}tSuEuuujSVuPQu3;E];tPQEM;tPQ,uE;]tPQEM;tPQ3j?u~,FENtE[N\EONESEM)7Uuh,tAZYYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQfeURPQH|EtF3@3^UVMWut3XStI39^tBM]]]BtEPj@;tWuW3[_^}tf_MPVSZJWEPjW$|X}tRE@URhsP|1Et*PQ |EuPQ|EEPQEPQWERji$:u.eNR?NlEfF:ji9uRNlENE8M:AUSVW7uSSP3;u3uQuVVQQhhRSjtw3P5_VVPPRjVejhRl).~4e~%utPE9u|Qj3@_^[]VMut$Nl`*~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pragma:no-cache
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Privacy Policy
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PrivateBuild
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ProductFiles
Unicode based on Runtime Data
(WINWORD.EXE
)
ProductName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ProductVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ProfileImagePath
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Program: e+000~PA GAIsProcessorFeaturePresentKERNEL32 }
Ansi based on Dropped File
(~WRD0000.doc)
Program: e+000~PAGAIsProcessorFeaturePresentKERNEL32
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PROTOCOL_VERSION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PSAPI.DLL
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PSC;& M hRMEPM%;uME_ EPMMEB WMjE9 0 ePExE9 0 ePEcMEEM;u=MGP@9 ;t#hTV;thV;tV8MEM EM]}E9 E;ERMMs}! jdh5 9 M59 Me& tMM93A! M/jjuMEM& u
Ansi based on Dropped File
(~WRD0000.doc)
PSC;M hMEPM%;uME_ EPMMEB WMjEePExEePEcMEEM;u=MGP@;t#hTV;thV;tV8MEMEM]EE;EMMs}jdh5M5MetMM93AM/jjuMEMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PtEPklM9 ejVMMMf0 3@ " & t9 9 9 & zjVM3EFP9 0 u& u3MM9 Gf0 U9 S0 M9 MW29 3; V3jZGQ:\9 Y0 u; D?PSV: [!]0 ]0 ]& u9 Mf&uj&Xf0 0 uF3FC0 ]kf;uY}S& tO9 ]9 Mj;Xf0 EPuSq& tf9 Ef0 9 E9 +EFFsPjjV[3f0 FF& tEE9} b}tu9 MuJ[Y^_[V9 9 L$& t33PPPt$9 ^Vt$9 t$9 L$jPt$$9 F^HV9 & u P9 H^U0l$ 30 & 0j$92O0 M9 @9 <39 0 }0 }CPW9 :P9 ; EPjV^9 E0 E& ~}EPWVFSMeEPMj\j/MgE9 0 eP9 MT& uEEPWVaMM7G;}|0 }uEV9 Y9 E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
PtEPklMejVMMMf3@tzjVM3EFPuu3MMGfUSMMW23;V3jZGQ:\Yu;D?PSV[!]]]uMf&uj&XfuF3FC]kf;uY}StO]Mj;XfEPuSqtfEfE+EFFsPjjV[3fFFtEE9}b}tuMuJ[Y^_[VL$t33PPPt$^Vt$t$L$jPt$$F^HVuPH^U0l$30j$92OM@<3}}CPW:P;EPjV^EE~}EPWVFSMeEPMj\j/MgEePMTuEEPWVMM7G;}|}uEVYEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pu#uSuuu#3US]Vu0A$Wy@tPtBt&tu=I
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pu0 EjEWP 9 }hEP49 }P4ai9 = Puj
Ansi based on Dropped File
(~WRD0000.doc)
Pu[}tUDHt(f}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
publisher
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PuD0 ETjE0jPhE0PK$7PK$,rPuD 9 EE80 E09 CH& ~;E8}0 E89 E +CLh +E<K$+E$E<0 E4E0PPK$qPuD }TtuTuDu$9 u9 uDPTh jjuDWVuuuP uuDuuDMMy+9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
PuDETjE0jPhE0PK$7PK$,rPuDEE8E0CH~;E8}E8E +CLh+E<K$+E$E<E4E0PPK$qPuD}TtuTuDu$uuDPTh jjuDWVuuuPuuDuuDMMy+Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PuEjEWPhEP4P4i=Puj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PuE}t?DHt}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
pushHtmlNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pushNotifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PVM"ME]MECMM9 9 j`EPeM
Ansi based on Dropped File
(~WRD0000.doc)
PVM"ME]MECMMjEPeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PVM& uE9 uMEME! j19 EPzeMj& uTM ME9 MEuMh9
Ansi based on Dropped File
(~WRD0000.doc)
PVMM9 EME j.EPweMg& t,MM9 MjMEoME9 9 EPhMPVMD,& u0 M9 u<}9 0 uMEMEqju! EPeM
Ansi based on Dropped File
(~WRD0000.doc)
PVMMEMEj.EPweMgt,MMMjMEoMEEPhMPVMD,uMu<}uMEMEqjuEPeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PVMuEuMEMEj1EPzeMjuTMMEMEuMh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
pWeb: %d , URL: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pWebBrowser == m_pWebBrowser
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Px9 9 PP^V9 W9 & t
Ansi based on Dropped File
(~WRD0000.doc)
pXMLHttpReq->get_responseStream() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->get_responseText() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->open() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->send() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PXN0MMlj ^! 9 9 u& t{9 MQ9 PeM uPh&j& 29 9 P 9 ^@S & tSP ! PMO9 VVEPMEOMM}ji9 }t] & u; PM
Ansi based on Dropped File
(~WRD0000.doc)
PXN0MMlj ^ut{MQPeMuPh&j2P ^@tSPPMOVVEPMEOMM}ji}t]u;PM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PY0 ^9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
PY0 ^_0 ^0 ^0 ^^[9 I& u3
Ansi based on Dropped File
(~WRD0000.doc)
PY^_^^^^[Iu3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PYe9 ~h& tW & u@0 tWYEWjPYE9 ~l& t#WIY;=Htp}t?uWGYEV8Y9 uj
Ansi based on Dropped File
(~WRD0000.doc)
PYe~htWu@tWYEWjPYE~lt#WIY;=Htpt?uWGYEV8Yuj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PYY0 ~0 ~9 _^[]jhHAM39 u3;" ;uAWWWWW: F@t0 ~9 EV Y0 }V*Y0 EE9 uV Y9 U9 SW9 }3;u ASSSSS,fWQ 9_Y0 E}0 _jSP ;0 E|9 Wu+G.9 9 OV9 +0 utA9 U9 u9 " D2 t9 ;s9 :
Ansi based on Dropped File
(~WRD0000.doc)
PYY~~_^[]jhHAM3u3;;uAWWWWWF@t~EVY}V*YEEuVYUSW}3;u ASSSSS,fWQ9_YE}_jSP;E|Wu+G.OV+utAUuD2t;s:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P~<N(;t~(N 3C;tS~ N$;tS~$WWjv4~8^@MMs^DjCFPM4^3]dF89^ u$jh=YME;tZ3]F 9^$u$j0<YME;tH3]F$9^(uOjD<YME;t3vHv ]v$F(v,N;uMM]7Cv,N(#N$PUv,N(p#N Pe3Cj%BMejMPhhxj(MMBUVu;5(u}ujutuuVu^]jA39]&N$;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q !!0 RS6FZ[cgjkpwzz{ ! " "!03:!5,
Ansi based on Dropped File
(~WRD0000.doc)
Q 0 RS6FZ[cgjkpwzz{ ! " "!03:!4,
Ansi based on Dropped File
(~WRD0000.doc)
Q!!6FZ[cgjkpwzz{03:!5,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
q-!PL"5;.Z|=;%X{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q6FZ[cgjkpwzz{03:!4,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q=c5PkAt,@IoA'R.QtE%HX)>_z
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
q` eNl !fK
Ansi based on Dropped File
(~WRD0000.doc)
q` eNl!fK
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QH+"!+P9 PVh 9 ; j& ,P9 +P 5P9 & (9 4T & t,;P0 & @;\9 & D+& 40 & 8;E
Ansi based on Dropped File
(~WRD0000.doc)
QH++PPVh;j,P+P5P(4Tt,;P@;\D+48;E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QP3Vt$Q^D$3|$uD$ 3$ j%ut6}u0M_eEPQMuMW3_&PMM53@j W[%}}MueEPtoMMQMQEPHtDMEu8ujXMfPMFEMM3@MExMMl3t%UQeEPuLtEtMP3@3j1Q$M}uEut>]t7MMeEPuMuM3$#URjjUREFXh,tPQjYf|}|3@3MMfCy3@tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qq$9 |3@^]9 D$SVW& t%9 P;Qu9 P9 R9 ppS<3_^[U9 9 EtVtJt;-t'u9 E;Quf& u
Ansi based on Dropped File
(~WRD0000.doc)
qq$|3@^]D$SVWt%P;QuPRppS<3_^[UEtVtJt;-t'uE;Qufu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QQEQMQ" !rQ" @! QQQ" l!Q" !QQ" !" ,"R&R1R<RJRXRfRtR RR~R
Ansi based on Dropped File
(~WRD0000.doc)
QQEQMQ"!rQ"@!QQQ"l!Q"!QQ"!","R&R1R<RJRXRfRtRRRR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qR Y3U9 VW9 30 u9~u3.9}tu Y0 E;t9 F0 }9 ~SG;sg9 ME<HuW}YY& uW: |GY;r39Et70 E9Etu{ Y0 E9 E+E9 NE9F0 MP9 & u3"!9 ^SD Y9 NA0 E;sxuSE}U9 M9 +F9 u+9 E+VGOPS'}tuuWu3f0 s9 E+ESE9 u9 YY& uS\CY;]r9 9 E[_^U9 VW9 }9 & |m;~wh}u3@_u! Y9 NQ9 0 E& t@9 N9 F+SQ?Q9 MHPqu9 FuP`9 '3@[3_^]V9 & t$9 D$9F~9 Nt$APRYY& t+F^VW9 39~~$W9 ~P YPW9 xG;~|_^VW9 39~~$W9 lP= YPW9 mG;~|_^V9 `& u9 VR9 4f;D$t
Ansi based on Dropped File
(~WRD0000.doc)
QS=c~5Pk}At ,"!@Io A 'R.QtE%H X) >_ z
Ansi based on Dropped File
(~WRD0000.doc)
QSu`9 h Pu`9 MTEP>SEPh`R9 EPSVtV9 )NV9 J9 & u93MEM EMEExMM@9 9 Mh3-0& v89 MhWE0PSPhd9 ESPM0Ea9 MhG/;rud9 MPCsj( :9 EP-eM& tMMJ3R;MuEPEP9 E& u3MEMM9 jEP9 jMljuEjPMEmME"h3Fj 99 9 M30 E;u3];0 ]~S9 MSO9 & t>FPEP9 eEP9 QPV9 `& tEMMJC;]|9 EK:j!d99 ME3P9 0 ];uMM9 :SMlSuEjPME#lM]+g3Cj!89 0 ujze}@9 EmS~l9 EO}EL}d}h30 0 <0 `9 j9 EM"!30 0 0 9 j
Ansi based on Dropped File
(~WRD0000.doc)
QSu`hPu`MTEP>SEPh`EPSVtV)NVJu93MEM EMEEMM@Mh3-0v8MhWE0PSPhdESPM0EMhG/;rudMPCsj( :EP-eMtMMJ3R;MuEPEPEu3MEMMjEPjMljuEjPMEmME"h3Fj 9M3E;u3];]~SMSOt>FPEPeEPQPVtEMMJC;]|EK:j!d9ME3P];uMM:SMlSuEjPME#lM]+g3Cj!8ujze@EmlEOELdh3<`jEM3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QueryPerformanceCounter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
QX)1./&\bP8J@312iQ%? PaaDzRb SNDSN;GIF89a?kqh v_& eb9 yi Cra``" >n |]wao" O| q lx{: n a|Ly!?,xpH,/ciVC jD RFS f^'~B3("W!T H4:?y9 1?;
Ansi based on Dropped File
(~WRD0000.doc)
QX)1./&\bP8J@312iQ%?PaaDzbSNDSN;GIF89a?kqhv_ebyiCra>n|]woO|ql{n|Ly!?,pH,/ciVC jDFf^'B3("W!TH4:?y1?;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qY3UVW3u9~u3.9}tuYE;tF}~SG;sgME<HuWYYuW|GY;r39Et7E9Etu{YEE+ENE9FMPu3^SDYNAE;sxuSEUM+Fu+E+VGOPS'}tuuWu3fsE+ESEuYYuS\CY;]rE[_^UVW}|m;~wh}u3@_uYNQEt@NF+SQ?QMHPquFuP`'3@[3_^]Vt$D$9F~Nt$APYYt+F^VW39~~$WPYPWG;~|_^VW39~~$WlP=YPWmG;~|_^V`uVR4f;D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QY9 0 F9 PV9 D$tVPY9 ^j O9 0 uNeNR" INEF6N,E*N<EfLNPEN`ENpE}E}E}E}E
Ansi based on Dropped File
(~WRD0000.doc)
QYFPVD$tVPY^jOuNeNINEF6N,E*N<EfLNPEN`ENpEEEEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
q}9 0 0 - !" SPL"5;.Z0 |=;%X{S
Ansi based on Dropped File
(~WRD0000.doc)
R }DEC }E9 }E% } Em}PE^}E& }E@}E1NhE& N,]M9 fejhSe9 }EM~EJMM(>3Ze0& tMM(& u3jXESP0 ] CoE P9 ;u3M]MM(9 ~M(W& uM(,PEP S9 jZV jHPu VS0 E 9 E%,0 E`EE`EMEERPEPME :t"}RthEEj Ps]E P M9 EU9 QQf}S9 u3^eVuWEPV9 & u9EPEPu9 juujV5"!d 0 E& t9 PV9 R9 E_^[j b9 ! 8tp9 9 9 R9 & taMK9 eMQ9 P<& t:M& u.9 a9 M& t!9 Q9 Pj& t
Ansi based on Dropped File
(~WRD0000.doc)
r" " $" p(08@HPX`hpx" " @8" \H@$" " MU]emw" pS" " dLv(l3" 4@`V" p" " " (
Ansi based on Dropped File
(~WRD0000.doc)
r""$"p(08@HPX`hpx""@8"\H@$""MU]emw"p""dLv(l3"4@`V"p"""(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
R%@~%a ?-[ g9X5dh"!,: ]v F KE*nk`0mE%
Ansi based on Dropped File
(~WRD0000.doc)
R0 Mh x Sjh$}& 9 u& MfeMfMEf9 MEP9 Ex9 u0 EEP9 9 u9 9 M#u=hSj#3MEpoMEdoMMXo9 "hMk& thSj" #3FEPEPEP9 3;uh` MifPhSjW#EP}9 0; }9~ & 9 N9 Pl& th Wh`thtWv;t.9 9 ;t!M 'VM En<M E'MEhnME\nMMPn3@hthTSj "39j1R0 Mh xSjh"}ul9 u& teMdeEP9 9 u9 & uhHSj$"MMm0EP}}MM m3@h Sj!30 j\[
Ansi based on Dropped File
(~WRD0000.doc)
R3}M 9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& } 9
Ansi based on Dropped File
(~WRD0000.doc)
R6002- floating point support not loaded
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6008- not enough space for arguments
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6009- not enough space for environment
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6016- not enough space for thread data
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6017- unexpected multithread lock error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6018- unexpected heap error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6019- unable to open console device
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6024- not enough space for _onexit/atexit table
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6025- pure virtual function call
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6026- not enough space for stdio initialization
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6027- not enough space for lowio initialization
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6028- unable to initialize heap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6030- CRT not initialized
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6031- Attempt to initialize the CRT more than once.This indicates a bug in your application.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6032- not enough space for locale information
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6034An application has made an attempt to load the C runtime library incorrectly.Please contact the application's support team for more information.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R?9 E80 ETE: ,K$s& & juDeT9 0 & t
Ansi based on Dropped File
(~WRD0000.doc)
R^U9 QeEPu,l#EV9 t$& t & tv9 jj9 R@^|$u)Vt$9 & tvY& t9 V9 R^V9 D$tVNY9 ^|$V9 u3jt$YYP9 H^jUhLu9 & t=M5eEPuMuu"& t
Ansi based on Dropped File
(~WRD0000.doc)
RaiseException
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RDECEE%EmPE^EE@E1NhEN,]MfejhSe}EM~EJMM(>3Ze0tMM(u3jXESP]CoEP;u3M]MM(M(WuM(,PEPSjZVjHPuVSEE%,EEEEMEEPEPME:t"}thEEj Ps]EPMEUQQf}Su3^eVuWEPVu9EPEPujuujV5dEtPVRE_^[jb8tpRtaMKeMQP<t:Mu.aMt!QPjt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
re about to receive a notification that lookslike this.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Ready state: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RealizePalette
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Rectangle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCloseKey
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCreateKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegDeleteValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegisterClassW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegisteredSources
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegMonitor
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RegOpenKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegOpenKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegQueryInfoKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegQueryValueExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegSetValueExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ReleaseCapture
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ReleaseDC
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ReleaseMutex
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RELOAD_INTERVAL_HH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RemoveDirectoryW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ResourceFiles
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ResumeThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
return %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return %d (from LoadW)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE (CoCreateInstance() failed : hRes=0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - file doesn't exist
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - m_pXmlDoc==NULL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - not using helper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ReviewToken
Unicode based on Runtime Data
(WINWORD.EXE
)
RMh Sjh$}uMfeMfMEfMEPEuEEPuM#u=hSj#3MEpoMEdoMMXo"hMkthSj#3FEPEPEP3;uh`MifPhSjW#EP0;9~NPlthWh`thtWv;t.;t!M'VMEn<ME'MEhnME\nMMPn3@hthTSj"39j1RMhSjh"}uluteMdeEPuuhHSj$"MMm0EP}MMm3@h Sj!3j\[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RMS;b} #}V}>dy t[ q~0 Dw~lw+ k@hhhhhhhhhhhhhhhhhhhhhhhZ6hhhhhhhhhh\b8KH]Nhhhhhh F3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]<`chhhhhGD?<4_.hhhhh f5aU
Ansi based on Dropped File
(~WRD0000.doc)
RoundRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RPvj00 UF9 0 ]0F }t9 E`p3[_^9 U9 SVWu9 9 s9 MN & u-4j^0 03PPPPP~ }t9 E`p9 }v }t;uu3;- 0@;-9 u-w9 C3G&
Ansi based on Dropped File
(~WRD0000.doc)
RPvj0UF]0F}tE`p3[_^USVWusMNu-4j^03PPPPP~}tE`p}v}t;uu3;-0@;-u-wC3G
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RQQQQ QxTbTPTXSX XrX\XHX,XP}WtfdfPf~WlW\WJW8WT~T timeGetTimeWINMM.dllwSetDlgItemTextWIsWindowGetDlgItemPostMessageA~SetTimerKillTimer!PostThreadMessageADestroyWindow" DefWindowProcAGetWindowLongA^SendMessageAFindWindowWSetWindowLongWgCreateWindowExAJGetMessageAMsgWaitForMultipleObjectsDispatchMessageAPeekMessageAGetDesktopWindowShowWindowwsprintfWFindWindowExWPostMessageWGetWindowRect
Ansi based on Dropped File
(~WRD0000.doc)
RQQQQ QxTbTPTXSX XrX\XHX,XP}WtfdfPf~WlW\WJW8WT~Tllllmm-m>mOm`mqm m mmmmmmm
Ansi based on Dropped File
(~WRD0000.doc)
RQQQQQxTbTPTXXXrX\XHX,XPWtfdfPf~WlW\WJW8WTTllllmm-m>mOm`mqmmmmmmmmm
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RQQQQQxTbTPTXXXrX\XHX,XPWtfdfPf~WlW\WJW8WTTtimeGetTimeWINMM.dllwSetDlgItemTextWIsWindowGetDlgItemPostMessageASetTimerKillTimer!PostThreadMessageADestroyWindowDefWindowProcAGetWindowLongA^SendMessageAFindWindowWSetWindowLongWgCreateWindowExAJGetMessageAMsgWaitForMultipleObjectsDispatchMessageAPeekMessageAGetDesktopWindowShowWindowwsprintfWFindWindowExWPostMessageWGetWindowRect
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RRRRRS" S".S6S>SFS" "" @#iSqS|S! S" S" R#SSSSSS!T" #DT" #iT" $RT" @$T" l$TT" $UUU'U" $JU" %mUuU" <%U" p%U" S%U" %VVV" %" T&4V<VGVRV]VkV V" &V" &V" &VWW" '6W>W" D'gW" x'`W" 'WW" '" ((WWWWWX" P(>XFXNX" |(" (qXyXX0 X X"!XXX" )XX" @)YY" t)=YEYMY" )@)pY" *)"
Ansi based on Dropped File
(~WRD0000.doc)
RRRRRS"".S6S>SFS"""@#iSqS|SSS"#SSSSSS!T"#DT"#iT"$T"@$T"l$TT"$UUU'U"$JU"%mUuU"<%U"p%U"%U"%VVV"%"T&4V<VGVRV]VkVV"&V"&V"&VWW"'6W>W"D'gW"x'W"'WW"'"((WWWWWX"P(>XFXNX"|("(qXyXXXXXXX")XX"@)YY"t)=YEYMY")@)pY"*)"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
rruN}t0+PVEPMPEPMEwMt3FUVu'Vu+EuhDVP+E^]U$xjh^dP 3xSVWPEdexxxxeExEE~ot3qeeJE>nM4njhuVPWEuYutPe}tu}tu@$YEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RtlUnwind
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
runtime error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Runtime Error!Program:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Ruu(;uE9EG7E9EtM9t3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
R}9<A<I<" X
Ansi based on Dropped File
(~WRD0000.doc)
S & tjP ]Vj9 -T&9 ^U9 Q9 Mejhx& 9 EV9 D$tVDY9 ^j;^Z9 u0 u& tbeS & tjP 9 & u9 & uM!h0hR&j1MA9 u9 9 9 P3RV9 D$tVY9 ^j^^0 9 39} }uuWhWku9 uP<9 9 P89EwT PM`9 F0;F40 }}.9 9 Pt"EPWVhWW(F0PuN89 RMM8jk9 9 M 90 tB3G9~7h Y9 0 Me& t%3MWP9 G;|`9 D$t$0 A49 D$0 {V9 t$& u3%9 D$W9 >&& t
Ansi based on Dropped File
(~WRD0000.doc)
S!sg2F0 <}@HqA&< *n,#` BH;=} aElCd\! Pq r3)&ntL'G8
Ansi based on Dropped File
(~WRD0000.doc)
S0 u0 E 0 ]9]tuu 0 E9]PtVM<[PMajVM9 MEPEPu$Eu EP0 ]M0 ]3 9 0 ejVE{EP0i0E*iM0 E0 ]S39]E0 u}EPV0'k; V0 ]9]PunE<PM0 E;u[M<RPMxtEjE<9 0 eP\V0j0 h0 EEPV0j; 9 MSEPu$Eu P9 ]34;;u(S}Pu& t}t3& t9MPMaMPMP9 E<;}~0 }9 ET& tlhE9 E;E,}sM& tM}uM<: PMM`PMMyPM;]9 ~0 ]}Tt9 ET39 uF;u0 uR Sjh`M9 MjEPu$Eu EPMPM<};}~0 }ME}9 M;M,}A0 M9 ]8;~6& ~29 +& ~'9 M<PM6MPM%Nu0 ]9 E0& t9 MM0 9 M4& t
Ansi based on Dropped File
(~WRD0000.doc)
S0 Y_jhA
Ansi based on Dropped File
(~WRD0000.doc)
S3%>VZ-X
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S3Sj YY;t0 H;t0 H;t0 X!@ [S3SjYY;t0 H;t0 H;t0 X@[Vjj9 YY& t0 030 9 ^U9 EPML uV9 uM?EPM. t^]jjq9 AQ09 L$9 D$9 AV9 pW9 t$FP`tYY t9 v9 9 6 ~-t9 _^V9 N0 @!9 0 @9 0 9 0 If^U9 SVW9 9 G9 p0 E9 1uNR t9 v {t9 MFPq t9 0 u9 6 ~t {t9 G9 p9 39 MFPB t9 9 69 v ~tWuMWSM9 E9 M0 9 M0 H9 M_0 H9 M^0 H[V9 EN0 @9 0 @9 0 9 0 If^U9 QVQ0 e9 0 eC9 ^U9 QuuuuuuAVt$9 9 L$VPu9 D$^Vt$9 9 L$VPV9 D$^Vt$9 )9 L$VP79 D$^SVW9 |$ 9 9 u$v9 9 6j9 bW8 ~Y9 t_^[SVW9 |$ !9 9 u$v9 9 6j9 'W ~!Y9 t_^[U9 Q9 EVQ0 e0 eP9 9 ^U9 VuEP9 VvMwEPMv u9 E9 MPe uMVvMCM9 9 E9 I0 0 H^U9 VuEP9 VvM
Ansi based on Dropped File
(~WRD0000.doc)
S3Sj&YY;t0 H;t0 H;t0 X-@,[V9 D$tV& Y9 ^9 D$V9 t$& t9 FtR-t<Ht*HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
S3Sj&YY;tH;tH;tX-@,[V D$tVY^D$Vt$tFtR-t<Ht*HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S3SjYY;tH;tH;tX!@ [S3SjYY;tH;tH;tX@[VjjYYt03^UEPMLuVuM?EPM.t^]jjqAQ0L$D$AVpWt$FPtYYtv6~-t_^VN@!@If^USVWGpE1uNtv{tMFPqtu6~t{tGp3MFPBt6v~tWuMWSMEMMHM_HM^H[VEN@@If^UQVQeeC^UQuuuuuuAVt$L$VPuD$^Vt$L$VPVD$^Vt$)L$VP7D$^SVW|$u$v6jbW8~Yt_^[SVW|$!u$v6j'W~!Yt_^[UQEVQeeP^UVuEPVvMwEPMvuEMPeuMVvMCMEIH^UVuEPVvM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S9 0 M9 H0 M9 H?W0 M0 Eu'339\& u
Ansi based on Dropped File
(~WRD0000.doc)
S9 0 eWh9 h9 0 eWh9 S9 0 eWh9 S9 0 eWh9 ah9 0 eWh}9 {h9 0 eWh o9 \h9 0 eWh P9 =h9 0 eWhx19 h9 0 eWhl9 h9 0 eWh`9 S9 0 eWhP9 S9 0 eWh@9 h9 0 eWh4"!9 h9 0 eWh z9 gh9 0 eWh[9 Hh9 0 eWh<9 )h9 0 eWh9
Ansi based on Dropped File
(~WRD0000.doc)
s9 M`EPMf& 9 M`Vh8+j@M9 EmMEmud9 Mh;t9 Ml;t9 =E@PE PEPEPM0E m9 E|M;t9 PQ9 ^9 K0;tEPtM6dEP9 0 ePjh+Es9 M`EPMe& t
Ansi based on Dropped File
(~WRD0000.doc)
S:(ML;;NW;;;LW)
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
s[S;7|G;w
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
S[UMw3k$QeY3$seEPMh,EPEUMw3QY3 seEPMVh,EPEXUMw3PY3seEPMh,EPEUlhzjMh}x|VhVhPVh(I3;E@VPEXPVh MX]MXWSEPPMXE9M]VhMX;ElMX`Vh;JMl+HPAQE0PMXzM0EeDVhE0P<D<EM E PS<E;MElEPj<EM;ehZt]lMhEDP<PEPEDhhME&MhEPE PhEPtMEVhMVhhMHEEPMHEEh8MHhMHhMHEPMHhMH9]lMhMHE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S]Au3EfE;}"+]tum]tMmHutE]E_tjYeuEtE tj Y3^[U}t~}S"]S!]UE tjt3@]tjtjX]]U 3;Mtd@|3Et^EEEEEEEVuEE EE$hu(uEEP/uV,YE^hu(uE U=u(uE\$\$E$uj/$]lRhu!JEYY]SQQUkl$3Es CPsu"eCPCPsC sPEPIsp=u+t's C\$\$C$sPr$P$s CYYM3k][UQQE]EUQQEEM]fEEU3}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S]Au9 39 Ef0 E;}"+ ]t& u9 m ]tM mHu& tE]E9 _& tjYe9 uEtE tj Y3& ^ [9 U9 }t~}S"]S!]9 U9 `E tjt3@]tjtjX]]9 U9 39 " ;Mtd@|30 E& t^9 E0 E9 E0 E9 E0 E9 EV9 u0 E9 E 0 E9 E$hu(0 u0 EEP/& uV,YE^9 " : hu(uE 9 U9 =" u(uE\$\$E$uj/$]lRhu!JEYY]9 S9 QQU9 k0 l$9 30 Es CPs & u"eCPCPsC sPE PIsp=" u+& t's C\$\$C$sPr$P$s CYY9 M3k9 ]9 [9 U9 QQE]E9 U9 QQ9 EE9 M] f0 EE9 U9 3}u
Ansi based on Dropped File
(~WRD0000.doc)
s___n__0ut
Ansi based on Image Processing
(screen_5.png)
S___nl_0ut
Ansi based on Image Processing
(screen_9.png)
S_ndung_n
Ansi based on Image Processing
(screen_9.png)
s_ndung_n
Ansi based on Image Processing
(screen_5.png)
SampleAlertName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SampleAlertWasShown
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ScreenToClient
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SelectObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SelectPalette
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SendMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SendMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
sendUsage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SendUsageEnabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
September
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SERVER_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SERVICE_MAP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetBkColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetBkMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetCapture
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
setCheckBoxValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetCursor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetDlgItemTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetEndOfFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetFileAttributesW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetFilePointer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetForegroundWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetHandleCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetHeaders() failed
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetLastError
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetLayeredWindowAttributes
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetLayout
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetParent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetSecurityDescriptorDacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetSecurityDescriptorSacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetStdHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetTextColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetThreadPriority
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Settings...
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetUnhandledExceptionFilter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowLongA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowLongW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowOrgEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowPos
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowsHookExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SeWhheWhSeWhSeWhheWh{heWho\heWhP=heWhx1heWhlheWh`SeWhPSeWh@heWh4heWh zgheWh[HheWh<)heWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Sh M8 & tK& hP9 yPM\EYhE
Ansi based on Dropped File
(~WRD0000.doc)
SHCreateDirectoryExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Shell.Explorer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SHELL32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
shell32.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Shell_NotifyIconW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Shell_TrayWnd
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ShellExecuteW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHGetFolderPathW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHGetKnownFolderPath
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHLWAPI.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ShM8tKhPyPM\EYhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Show icon in system tray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Show notifications from:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SHOW_ALERTS_FROM_THIS_FEED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SHOW_SYS_TRAY_ICON
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowAlerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowIconInSystemTray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowMe(%s)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowMessageAfterUserCloseInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowSampleAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowState
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Si_inl_0ut
Ansi based on Image Processing
(screen_0.png)
Sindungin
Ansi based on Image Processing
(screen_0.png)
SING error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Singleton
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SizeofResource
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Sj0 EEPjjWV0 3;t!3" PhXSAAQ333hf0 EEVPk VVVVEPEPWuED ;u,jEPM9 MEP0 u MMG: u$ h|Sj-3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
SjEEPjjWV03;t!3PhXSAAQ333hfEEVPkVVVVEPEPWuED;u,jEPMMEPu MMGu$h|Sj-3@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SjP 9 [MM,y9 S49 jPThTR9 u9 eV& u3MM69 RS D9 9 0 sPt9 Ej 0 C]LY0 & $E& tjs9 %3E0 & tA& Ps@ E9 0 $P9 9 9 s#9 5 Sjs Wjs0 C;t& u0 C3hPf0 & (& *P \jd& (Ps& t& (P9 3F8VWtt$ t$9 t$ $3_^9 D$VW& u@+8t 3xp R9 p3_^yt4"!3U9 } t}u4])v]Vt$9 9 L$Pvp^9 D$0 89 D$0 ,j@/U`P9 9 x& & 9 y0 EEPv@ 9 E+EP'|YM0 E3M0 ]SSjS9 0 ejhE" SSS@EuSSu9 0 eWEPMEP9 EMEnM]cMMWaPjRU|O9 3GWuu0 E 30 E9^|t$9]t( u EPEP9 0 ]0 ]k0 ]9~ts9^|tZ9~0u9 9 0 eP9 0 ejh|9 0 ]z9 NxMW9 Pu0 E9 },t9 E+E9 }+"!+E9 E0 Et9 E+E0 E9 E9 U0 U9 E+E9 }+"!+E9 E 0 EQEP9 0 }W/P9 M9 = PutAjjEP u 9 ,9 MPEP/9 MPPu}tuuuu uuqNjdj(`M0 M3VVMU0 u9 MuEP0 u
Ansi based on Dropped File
(~WRD0000.doc)
SjP[MM,yS4jPThTRueVu3MM6RS DsPtEj C]LY$Etjs%3EtAPs@E$Ps#5SjsWjsC;tuC3hPf(*P\jd(Pst(P3F8VWtt$ t$t$ $3_^D$VWu@+8t 3xpRp3_^yt43U} t}u4])v]Vt$L$Pvp^D$8D$,j@/U`PyEEPv@E+EP'|YME3M]SSjSejhESSS@EuSSueWEPMEPEMEnM]cMMWaPjRU|O3GWuuE3E9^|t$9]t( uEPEP]]k]9ts9^|tZ90uePejh|]zNxMWPuE,tE+E}++EEEtE+EEEUUE+E}++EEEQEP}W/PM=PutAjjEPu,MPEP/MPPu}tuuuuuuqNjdj(MM3VVMUuMuEPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SJY0 @eEPS@6a9 t3& |&~jE PW@u T & t }u& uE0E'E& P& P& Pu l tu X6 9 EY9 _^3[dJV9 ~t6Y9 N& tPY&3^j.OhLIY9 0 Me& tu9 3uMu9 uuu& t& t9 V\PY3j]IY0 pPt$t$jjt$lU9 9 E& u"8tu9 @u9 uuf]jjt$t$t$W9 |$& u_?tV9 w9 & t9 V OYW9 OY^_jhlN9 0 uehN,Nvr9 Oj2h7N9 0 uNh xNSjE>~,9 j9 PhHSj"9 EnM9 NjBYy$u+Vh x0OVj
Ansi based on Dropped File
(~WRD0000.doc)
SJY@eEPS@6at3|&~jEPW@uTt}uuE0E'EPPPultuX6 EY_^3[dJV~t6YNtPY&3^j.OhLIYMetu3uMuuuuttV\PY3j]IYpPt$t$jjt$lUEu"8tu@uuuf]jjt$t$t$W|$u_?tVwtVOYWOY^_jhlNuehN,NvrOj2h7NuNhNSjE>~,jPhHSj"EnMNjBYy$u+Vh0OVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SM\& & M\PMhp M8& tP& XP9 ~zPM\E
Ansi based on Dropped File
(~WRD0000.doc)
sM`EPMfM`Vh8+j@MEmMEmudMh;tMl;t=E@PE PEPEPM0EmE|M;tPQ^K0;tEPtM6dEPePjh+EsM`EPMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SMHMH?WMEu'339\u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SMQuP4h{M;p;MgMD};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SMQuP9 4h& {9 M;Rp;M! g9 MD } ;t
Ansi based on Dropped File
(~WRD0000.doc)
Software\AppDataLow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\EB_TB_NAME\toolbar\settings
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\EB_TB_NAME\toolbar\settings\Update
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Internet Explorer\International
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SOFTWARE\Microsoft\Windows NT\CurrentVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Windows NT\CurrentVersion\ProfileList
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
sOY9 ujgOY9 U9 =P tK}u'V5T 9 5t & t5P 5T 0 E^j5P 5YuxT tjPp ]9 VWVV0& uVY9 & ^9 5<h<WWh0WWh$WWhWW=9 5p t=t
Ansi based on Dropped File
(~WRD0000.doc)
sOYujgOYU=PtK}u'V5T5tt5P5TE^j5P5YuxTtjPp]VWVV0uVY^5<h<WWh0WWh$WWhWW=5pt=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SpecialBuild
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SPS9 RA9 h_& ~9 S9 P^[U9 9 EV9 & u3T9 M0 FH9 E 0 ND0 FL` jvHjvLuuuuhH@jhUj 0 F8& uP3@0 F@^]V9 9 F8W& t~@tPf@9 |$W& tjjh W0 ~83@f83_^9 D$& |;A<}T$RPhq8j,3l@#9 ej
Ansi based on Dropped File
(~WRD0000.doc)
SPSRAh_~SP^[UEVu3TMFHE NDFL`jvHjvLuuuuhH@jhUjF8uP3@F@^]VF8Wt~@tPf@|$Wtjjh W~83@f83_^D$|;A<}T$RPhq8j,3l@#ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
sS9 9 <& 9 @t58t0=u+tItIuSjSjSj 9 3 "!0 _^[]9 U9 9 Eu} b]V3;|"; s9 9 @u$<0 0"VVVVV#9 ^]jh`FE9 }9 9 4& E39^u6j
Ansi based on Dropped File
(~WRD0000.doc)
sS<@t58t0=u+tItIuSjSjSj3_^[]UEu} b]V3;|";s@u$<0"VVVVV#^]jh`FE}4E39^u6j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSSSS N9]tE9 GF 80t.9 GHy-Fd|
Ansi based on Dropped File
(~WRD0000.doc)
SSSSS9 M & u@u9Et M 9 + tGHt.Ht&d#0 G#j^SSSSS0 00 UtuE@0 }9 EjY+t7+t*+t+t@u9} 0 EEEE0 ]9 E#;;t0;t,;t= =& @E/E&E=t=t`;& E9 EE & t9
Ansi based on Dropped File
(~WRD0000.doc)
SSSSSMu@u9EtM+tGHt.Ht&d#G#j^SSSSS0UtuE@}EjY+t7+t*+t+t@u9}EEEE]E#;;t0;t,;t==@E/E&E=t=t`;EEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSSSSN9]tEGF80t.GHy-Fd|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSV@?'V9 @]"!:jD9a9 MT]& t
Ansi based on Dropped File
(~WRD0000.doc)
SSV@?'V@]:jD9aMT]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Start : hKey=0x%X lpSubKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wStrKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s iType=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s bValue=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s value=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s wStrValue=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s wStrFirstName=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s wStrValName=%s iType=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X path=%s value=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : wStrUrl=%s pwStrInput=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start Time:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start Time: Class Name: ,'M>: mmmxxxm! zCThreadPool::WorkNo JobpJobCThreadPool::ThreadFuncImmediateCThreadPool::OnJobPreProcess \'M>: xgeDummyJobCThreadPool::ThreadFuncStart [%s]
Ansi based on Dropped File
(~WRD0000.doc)
Start Time: Class Name: ,'M>mmmmzCThreadPool::WorkNo JobpJobCThreadPool::ThreadFuncImmediateCThreadPool::OnJobPreProcess\'M>geDummyJobCThreadPool::ThreadFuncStart [%s]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Start. bUseHelper=%d wStrXml=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start. wStrFilePath=%s bUseHelper=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Stop navigation!
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
stream end
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
stream error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
string too long
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
StringFileInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
StringFromGUID2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SuE ]9]tuu E9]PtVM<[PMjVMMEPEPu$Eu EP]M]3ejVE{EP0i0E*iME]S39]EuEPV0'k;V]9]PunE<PME;u[M<PMxtEjE<eP\V0j0hEEPV0j;MSEPu$Eu P]34;;u(}Put}t3t9MPMaMPMPE<;}~}ETtlhEE;E,}sMtM}uM<PMMPMMyPM;]~]}TtET3uF;uuSjh`MMjEPu$Eu EPMPM<};}~}MEM;M,}AM]8;~6~2+~'M<PM6MPM%Nu]E0tMMM4t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SufgucW9~~=]WVYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SunMonTueWedThuFriSat
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SVW9 |$9 u+9 jWY9 9 +0 k<3;x_^[9 jV9 M9eEPu9 3& uMM9 WWMK& v%VM(& tu9 PMF|K;r3Ft$jc(V9 9 }& u3! wV!0 E& u3@rjW+EYV9 0 Ek<9E$WEP9 3M0 uMEPME& u
Ansi based on Dropped File
(~WRD0000.doc)
SVW|$u+jWY+k<3;_^[jVM9eEPu3uMMWWMKv%VM(tuPMF|K;r3Ft$jc(V}u3wV!Eu3@rjW+EYVEk<9E$WEP3MuMEPMEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SysListView32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SystemTimeToFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SysTreeView32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
T QjhB[VV0& uVY0 E9 uF\]3G0 ~& t$hVP9 <0 hWu0 0 ~p C KCFh@0 j
Ansi based on Dropped File
(~WRD0000.doc)
t show me notifications like this
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
t!& u9}& E @& @E & 9 E
Ansi based on Dropped File
(~WRD0000.doc)
t!u9}E@@EE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#:r:w:r:w:uu3:tr9 [^_jDhqM@eEPMf@h\EPjDxhrM@eEPMhEP9 U9 VWh@ @9 & th$rV<& tu9 V89 _^]QRPh$G'ZY "!% "!"!%"!S"!%S"!"!%"!"!%"!"!" %"!"!& %"!"!u%"!"!e%"!"!U%"!"!E%"!"!5%"!"!%%"!"!%"!"!%"!"!%"!"!%"!%D % %$9 U9 DSV9 u9 V9 N9 ^W9 ~0 U9 V9 F0 E9 E0 M30 }0 E3}E$0 u0 M0 M0 M0 MuE0 EEPjQhWm4 39 E9 89 E+9 0 E9 0 E u0 ED3;tURQ9 & & E& & D& tMQj9 & uPu 9 & uAP0 E@& tMQj9 & u!E0 EEPjjh~m4 9 EWup;t&~t'jj@ & t0 p9
Ansi based on Dropped File
(~WRD0000.doc)
t#:r:w:r:w:uu3:tr[^_jDhqM@eEPMf@h\EPjDxhrM@eEPMhEPUVWh@@th$rV<tuV8_^]QRPh$G'ZY%%%%%%%u%e%U%E%5%%%%%%%%D%%$UDSVuVN^W~UVFEEM3}E3}E$uMMMMuEEEPjQhWm43E8E+EEuED3;tURQEDtMQjuPuuAPE@tMQju!EEEPjjh~m4EWup;t&~t'jj@tp
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#EPZPEME5MF)U\j<5HM\EP<3M]SMTEMlECz3;EPM MlVEPEMDEMEPh@M >M4hE4PE e0PEMT;tsM4ugM\E4PEPPMDEME.MDu hhMDMhEDP9]pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#t;t;t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$9 9 9 ^S9 \$VW9 9 ! & t6jhvhujP09 & tS9 a & t
Ansi based on Dropped File
(~WRD0000.doc)
t$^S\$VWt6jhvhujP0tSat
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3[)]MMT$BJ3[P)]M1MT$BJ3V[)w]M8M8M8T$BJ3#[)D]MN]T$BJ3[J3Z *]M!]M]M]M]M]M\M\M\M\M\T$BJ3ZD*\M5M$LT$BJ3ZZ*{\MMMT$BJ3'Z+H\MOMguMBT$BJ3Y@+\MpOM.uT$BJ3Yt+[MMMMT$BJ3Y+[MT$BJ3bY+[MNT$BJ3?Y,`[u_Yu_YT$BJ3YD,1[MNMPtM+T$BJ3X,ZuS_YuI_Yu?_Yu5_YT$BJ3X,Zu_YMu^Yu^Yu^YT$BJ3IX,jZMyM(yMD0{MdxT$BJ3XT-&ZMxyM(5MDzT$BJ3W-YuH^YT$BJ3W-YMM8zMXwMtwMwMgzMYzT$BJ39W-ZYMcM8+zMXwMtwMxwMyMyT$BJ3V<.XM}wu?]YT$BJ3V.XT$BJ3V/XMM-wT$BJ3XV4/yXT$BJ3=V/^XMvT$BJ3V/;XMJ{T$BJ3UJ3U/XM(M T$BJ3U0WT$BJ3Ux3Up0WMMMMT$BJ3_U0WMJ9MB9T$BJ34U0UWM|2M0gM+M+M +M@+Ml8Mh8Md+M'MMMp*MXF2MS+MP62MT$BJ3T1VMG:T$BJ3nT1VMM:MT$BJ3;T1\VM_MhMZMLM>T$BJ3S 2VM}_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3z<3z|MMMPMtT$BJ3Dze|MMMPMtM]T$BJ3y,|MMT$BJ3y{u@Yu6Yu,Yu"YuYT$BJ3wy{M@qM\fMx[MGT$BJ33yT{uYuYuYuYuYu}YT$BJ3x<zMT$BJ3xzM@M\MxT$BJ3}xzMT$BJ3Zx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3|(~M<MMM0MMEeMT$B,3O|Lp~T$BJ34| 3'|H~MbMZMRMT$BJ3{D
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3}&M5M-EeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$Q9 D$V9 && t9 VhP9 ^9 D$V9 && t9 VhP9 ^9 D$V9 && t9 Vh P9 ^Ul$ 30 & j<P'9 5 9 70 }& 73VVVVP7Vj 0 E0 0 uP E0 ueH 9 }39 ;u& & t ? 7 VVuSP7Vj 9 0 ];u'9 & 9& t 9 7S lVVS Vj 0 E0 uPMEL 9 }39uu E& tM& 9& ;uuu Vj ; 9 E9E MMP@jPEP0 u9 ;}-E9EtM#& 9& t
Ansi based on Dropped File
(~WRD0000.doc)
t$QD$V&tVhP^D$V&tVhP^D$V&tVh P^Ul$3j<P'5 7}73VVVVP7VjEuPEueH}3;ut?7 VVuSP7Vj];u'9t7SlVVSVjEuPMEL}39uu EtM9;uuuVj; E9EMMP@jPEPu;}-E9EtM#9t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$s ^UV3PPPPPPPPUI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$s9 ^U9 V3PPPPPPPP9 UI`
Ansi based on Dropped File
(~WRD0000.doc)
t$sF ^9 U9 uM }}3uuuuR }t9 Map9 U9 ,9 EH
Ansi based on Dropped File
(~WRD0000.doc)
t$sF ^UuM}}3uuuu}tMapU,EH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$t$K39 I & tl9 D$& t,y@u&9 @V$9 PR9 & t9 Vy7Y3^3@jHW69 0 ueNeM9 7V9 9 Fd& tPTvdXfd^9 I`& t j@ 5M ej5M& EPEPME~ME0 MM& tEqMMx 3m6EP-ME?EPEPME& uJEPEPM: & u63MEMEMEMM 9 M"!E9 0 ePE MD MEy3F U9 V9 ~@& & 9 NF@& t9 Nj39 Nd9 N & tf WE~$P9 K9 M& t0 M"u5YEPEP9 L& u9 j9 PND9 jP_^j@49 0 u~EB9 N3;t9 j0 ^9 N;t9 j0 ^9 N;t1}0 ^9 0 ^`ND]nQMN$bQ49 T$V9 & t79 D$& t/9 N0 V0 F& tW9 9RP_9 9 )9 3@3^V9 9 FW9 |$;u,~
Ansi based on Dropped File
(~WRD0000.doc)
t$t$K3I tlD$t,y@u&@V$PRtVy7Y3^3@jHW6ueNeM7VFdtPTvdXfd^I`tj@5Mej5MEPEPMEMEMMtEqMMx3m6EP-ME?EPEPMEuJEPEPMu63MEMEMEMMMEePE MDMEy3FUV~@NF@tNj3NdN tf WE~$PKMtM"u5YEPEPLujPNDjP_^j@4uEBN3;tj^N;tj^N;t1^^`ND]nQMN$bQ4T$Vt7D$t/NVFtW9RP_)3@3^VFW|$;u,~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$t$y39 I,& t9 I,& tKzV9 3F<9F,t0 F,9F0t0 F0}9 ^xV9 ~<t3]9 F4W9 |$;uPv9 69 N0& tW/& t9 N0WH9 N,& tW=u& t
Ansi based on Dropped File
(~WRD0000.doc)
t$t$y3I,tI,tKzV3F<9F,tF,9F0tF0}^xV~<t3]F4W|$;uPv6N0tW/tN0WHN,tW=ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$v0 ^V9 & t
Ansi based on Dropped File
(~WRD0000.doc)
t& jjju" f}
Ansi based on Dropped File
(~WRD0000.doc)
T+ij[$ueC+M"2|$t1U$SVWuuu(MN3E;h3FVWPuEuE}tu9}}~ZuM*u;t;WEPt+9}tEMMEMWuuP<3EE;E|uuu_^[VD$tVVY^Vjx<h^j$$%h0YM3E;t@MMFjhMEEPEPEVYYMEjjjjEePNjNhMMNXItVh;D$tV_Y^j/BueNN EN0Ef@FDj`$39}u3EH+pME+p]uE5 E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t3MMMMEMEuMh4APVMMEMEmj}EP)eM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t3MM}tjY}M?MEDME`WhMPVMTMEME|j}lEPeMtMM3MMEMEEPhM;PVMu*3ME}MEcMMujEPeMt3MMemMMEME!uMh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t9 #t;t;t;u
Ansi based on Dropped File
(~WRD0000.doc)
t9 U9 QSV9 3;uGj^SSSSS0 0F9 W9]w}Gj^SSSSS0 0"9 39]" A9MwOGj"9 M"w0 ]9 9]t-NE9 3uv W 0AE3;v9 U9Ur9 E;ErxI``IG;r3_^[9 U9 }
Ansi based on Dropped File
(~WRD0000.doc)
t9]t9 @MED&
Ansi based on Dropped File
(~WRD0000.doc)
t9]t@MED&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t:It2It*It
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
t>uMO3kSWV<t3M(3FVt$Wj3WVH]Wh\;t%VhgP9>u9~u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t@9s|t#9u
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
t`VEPu3u3D343EPE3E3;uO@u55^_[UQVuV3EFYuN /@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ta=D98T AGX4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Tai_,__a__
Ansi based on Image Processing
(screen_0.png)
Target file exists [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tbedrs.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tC9]t>9 @M }ED%
Ansi based on Dropped File
(~WRD0000.doc)
tC9]t>@M}ED%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tCA0 M9 EH;sA 8
Ansi based on Dropped File
(~WRD0000.doc)
tCAMEH;sA8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TCWP5FilesIntl_1031
Unicode based on Runtime Data
(WINWORD.EXE
)
TCWP6FilesIntl_1031
Unicode based on Runtime Data
(WINWORD.EXE
)
tD 0 0 76dv2ew0
Ansi based on Dropped File
(~WRD0000.doc)
tD0076dv2ew0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tD3WE1YEEt3`WEi1YEEt3WEB1YEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TerminateProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TerminateThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Tex_dierung:
Ansi based on Image Processing
(screen_0.png)
text/html
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tf0 CC@@0 E9 M;sHf9
Ansi based on Dropped File
(~WRD0000.doc)
tfCC@@EM;sHf9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tGFU}Vttuuu =xuuut({tf^]UQQVu%W}t}t3@_P}uEtNEtN3@-ejURURPQ EtEFEF3^jtt$sd3U,SV}3uEE3WF ;~9^$~MF$M3@9W9^uV~0r9uH9^uNW8FN;uEE3_^[u}jVW~=uutjEPv(dtYEPju~JE9]u+EMUEN$F 59]tu9]u~u1at&EPjv,tEMUM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
th3PPPPP^UVWEPEP6EP6@EPuuEut3@.tME+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Thanks for adding our Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
This application has requested the Runtime to terminate it in an unusual way.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
This application has requested the Runtime to terminate it in an unusual way.Please contact the application's support team for more information.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
This indicates a bug in your application.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
This is a sample notification.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Thread ID#:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ThreadingModel
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ThreadPool
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tHt39 VW9 h3FWPd39 0 ~0 ~0 ~~@0 F+`@Ou `@Nu_^9 U9 30 ESW& Pv& 3 @;r`& & t.;w+@P
Ansi based on Dropped File
(~WRD0000.doc)
tHt3VWh3FWPd3~~~~@F+@Ou@Nu_^U3ESWPv3@;r t.;w+@P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
timeGetTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
timeout_sec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TimeRecieved
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tjjjuA }
Ansi based on Dropped File
(~WRD0000.doc)
tjP]Vj-T&^UQMejhx&EVD$tVDY^j;^ZuutbetjPu uM!h0h&j1MAuP3VD$tVY^j^^39}}uuWhWkuuP<P89EwTPM`F0;F4}}.Pt"EPWVhWW(F0PuN8RMM8jkM9tB3G9~7hYMet%3MWPG;|`D$t$A4D${Vt$u3%D$W>&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tl9]tg9 @MED
Ansi based on Dropped File
(~WRD0000.doc)
tl9]tg@MED
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TLOSS error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TlsGetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TlsSetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
tMjh|NMPMMEPMuEDEKtj,dseEP3CM]tMjh|]MMEMEMEEPhMPVMMtEPjh|lM]EEME+M]jME^EesUQMejhEj4`ruM&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tML!P & u-Pu"jjM*!P& uPEME)ME )EPu& & ulS& \9 0 eP29 M 9 uF9 ~=}@'~~=_}@p~D$V9 tV:xY9 ^V9 9 F& t9 PQ9 v& tV ^V9 D$tV~Y9 ^U9 Qh|tjjhRt,& & teeME0 E j@B9 39^u3dEP~(S9 0 ]& uK9 F9 URP ;ujPv Y9 0 M0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
tML!Pu-Pu"jjM*!PuPEME)ME)EPuulS\eP2MuF~=}@'~~=_}@p~D$VtV:Y^VFtPQvtV^VD$tVY^UQh|tjjht,teeMEEj@B39^u3dEP~(S]uKFURP;ujPvYM];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tMMM ME%MEAEPh4MPVMu+MEMEMMuVOjG+Y3<^jMeM]MMj,DMeeEPPMEMEtMt@KLMMW_MME!MEPhdMEPVMuE@KLuMEMEjEP^eMNtMM3MeMEM>uMhEPVM]3u(MEMEMMIFjDmeEP3ECP]MEtMjh|]MMEMEMEjEPM"PVMuMjh|{]9MxtjEPMMEPEM]EaMEMEMEM]2ME&E-jFeEPEPMEwt$3ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TMThMSEPMShMSEP9 MEKMEYMEKMMK9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
TMThMSEPMShMSEPMEKMEYMEKMMKMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TN9a&g`MGiIwn>JjZf@;7SG00S$6)WTg#.zfJah]+o*7Z-incomplete dynamic bit lengths treeoversubscribed dynamic bit lengths treeincomplete literal/length treeoversubscribed literal/length treeempty distance tree with lengthsincomplete distance treeoversubscribed distance treeinvalid literal/length codeinvalid distance codeUT/..\/../\../\..\invalid bit length repeattoo many length or distance symbolsinvalid stored block lengthsinvalid block typeincorrect data checkincorrect header checkinvalid window sizeunknown compression method%s%s%s%s%sll'M>>lmmmlmCRegMonitor::~CRegMonitorCRegMonitor::Inits'M>pmPq)omoooKrendCSingletonLogic::OnAboutToClosestartCSingletonLogic::CreateSingletonLogicHWNDCSingletonLogic::~CSingletonLogicWM_QUIT - AfterCSingletonLogic::OnMessageWM_QUIT - BeforeCSingletonLogic::WorkerThreadRunCSingletonLogic::CreateSingletonLogicThreadB)?xxBxxymGau;~{xx|2vwwEI CWindowStyledBorder Class`8,YOUOY_YY_,(O(2Y2Column1LoggerWndCLOGGER_WND_CLASS$TRANSLATIONTRANSLATED_KEY</TRANSLATED_KEY></TRANSLATION><TRANSLATION></KEY_ID><KEY_ID><TRANSLATED_KEY>H6</LANGUAGE_PACK></TRANSLATED_KEYS><TRANSLATED_KEYS></LOCALE><LOCALE><LANGUAGE_PACK>en-usLANGUAGE_PACKtooltips_class32 83MM h(w/NSysListView32X7dUnknown exceptionlXdddcsm Access violation - no RTTI data!Bad dynamic_cast!&??33EncodePointerKERNEL32.DLLDecodePointerFlsFreeFlsSetValueFlsGetValueFlsAllocCorExitProcessmscoree.dll(T&dbad exceptionruntime error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TN9a&g`MGiIwn>JjZf@;7S~G0`0 S$6 )WTg#.zfJah] +o*7}Z-incomplete dynamic bit lengths treeoversubscribed dynamic bit lengths treeincomplete literal/length treeoversubscribed literal/length treeempty distance tree with lengthsincomplete distance treeoversubscribed distance treeinvalid literal/length codeinvalid distance codeUT/..\/../\../\..\invalid bit length repeattoo many length or distance symbolsinvalid stored block lengthsinvalid block typeincorrect data checkincorrect header checkinvalid window sizeunknown compression method%s%s%s%s%sll'M>: >lmmmlxxxmCRegMonitor::~CRegMonitorCRegMonitor::Inits'M>: }pmPq)oxxmxxoooKrxendCSingletonLogic::OnAboutToClosestartCSingletonLogic::CreateSingletonLogicHWNDCSingletonLogic::~CSingletonLogicWM_QUIT - AfterCSingletonLogic::OnMessageWM_QUIT - BeforeCSingletonLogic::WorkerThreadRunCSingletonLogic::CreateSingletonLogicThreadB ) ?xxB xxymG au;~{xxa|2vwwEI CWindowStyledBorder ClassR `8! ! ,YOUOY_YY_,(O(2Yx2Column1LoggerWndCLOGGER_WND_CLASS$ TRANSLATIONTRANSLATED_KEY</TRANSLATED_KEY></TRANSLATION><TRANSLATION></KEY_ID><KEY_ID><TRANSLATED_KEY>H0 `69 </LANGUAGE_PACK></TRANSLATED_KEYS><TRANSLATED_KEYS></LOCALE><LOCALE><LANGUAGE_PACK>en-usLANGUAGE_PACKtooltips_class32} 9 83 M M " h(" aw"!/" N " " SysListView32SX7dUnknown exceptionlXdddcsm Access violation - no RTTI data!Bad dynamic_cast!&xx??33 EncodePointerKERNEL32.DLLDecodePointerFlsFreeFlsSetValueFlsGetValueFlsAllocCorExitProcessmscoree.dll(T&dbad exceptionruntime error
Ansi based on Dropped File
(~WRD0000.doc)
tNIt?It0It
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
too many length or distance symbols
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
tooltips_class32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tPMI9 C"!;|9 MEPxPM0 uEG9 Ej8_H29 0 ]MTeM=9 MhaEPEPMELNMEFM1?9 u& u?EP9 %EPEP9 P9 ENMEmF9 C9 Mh\: EPTPMEMME<FM>& u<EP9 EPEP9 ~hP9 E MMEE9 >C9 MhEPPMEbMMEEMG>9 ]& u;uE~xP9 4M9 B9 MhaEPPMEMMEwEM=& u5MB~x9 =& t;uEP9 LEP}L9 MhEP$P}ELMEE9 Mh9 & M;EP9 0 ejh0 EJ9 IMD=& u9tE^xP9 5L9 AMz;EP9 0 ejhE
Ansi based on Dropped File
(~WRD0000.doc)
tPMIC;|MEPxPMuEGEj8_H2]MTeM=MhEPEPMELNMEFM1?uu?EP%EPEPPENMEmFCMh\EPTPMEMME<FM>u<EPEPEP~hPEMMEE>CMhEPPMEbMMEEMG>]u;uE~xP4MBMhEPPMEMMEwEM=u5MB~x=t;uEPLEPLMhEP$PELMEEMhM;EPejh0EJIMD=u9tE^xP5LAMz;EPejhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TQjhB[VV0uVYEuF\]3G~t$hVP<hWu~pCKCFh@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tr3ME7j"6u3E;t;tm;tZ;tG;t4;t!;t;t;tc;tP<;tPAY@SPl;~SP;t9SjP;tPjEYlESDER]M,6UQMejhEU0SVWEPs@uuuu5PWEE8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TrackPopupMenu
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATED_KEY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATED_KEYS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TranslateMessage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Translation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATION_KEYS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TrayNotifyWnd
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ttjj5(w0^_jH&39u;t9pt,=0Vps0p=0;tptVpMMURuPujEjP9hYEEtdc3ej|VEYejVEEs4usEjg3VVdjejhVVVdh222LdK<jgPjhMVEE)i=PuEPPVuEPuuuMEu=0)EePEPjEPE*jFj+QPvRpMEP5`3tQbjpjpMEH;9q9pu@spMEFUERPTuF+EMURPXuF+FM+EEjPuuupjpEeeEEEHuPMMjdR&}3;u3;tptVp0MmMQuPHEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tu($E$E$]3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tu(9 $E9 $E9 ` $ ]30 t
Ansi based on Dropped File
(~WRD0000.doc)
tu9 E0 G`u9 E0 Gd3<9 U9 9 E]9 U9 9 E]jhF9<euu\0 E/9 E9 9 0 E3= 9 9 e}uj eE9 E+<9 U9 3@}u3]U9 SVWUjjhuZJ]_^[9 ]9 L$At29 D$9 H3"
Ansi based on Dropped File
(~WRD0000.doc)
tu9 O`0 M0 G`u@9 Od0 MGdRu.9
Ansi based on Dropped File
(~WRD0000.doc)
tuEG`uEGd3<UE]UE]jhF9<euu\E/EE3=e}ujeEE+<U3@}u3]USVWUjjhuZJ]_^[]L$At2D$H3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tuO`MG`u@OdMGdu.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tUQSV3;uGj^SSSSS0FW9]w}Gj^SSSSS0"39]A9MwOGj"M"w]9]t-NE3uvW0AE3;vU9UrE;ErIIG;r3_^[U}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tuuY0 uWuu0 EE9 EuYjhAP30 u39 ];" ;ub>VVVVV3{39 };" ;t3f97" ;t 0 E;u
Ansi based on Dropped File
(~WRD0000.doc)
tuuYuWuuEEEuYjhAP3u3];;ub>VVVVV3{3};;t3f97;tE;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tVURPEPQtfEM3^USVu3;t9]t8uE;t3f3^[uM5E9XuE;tff8]tE`p3@EPP\:YYt}E~%9M| 39]RuQVjpEuM;r 8^t8]eMapY*8]tE`p:39]PuEjVjp:Ujuuu]UEu3]V3;|;r~VVVVV"3D@^]USVW3jSSu]]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Type Descriptor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
u 9 ]9 E0 ]0 E;9 Ef f
Ansi based on Dropped File
(~WRD0000.doc)
u 9 ]9 E0 ]0 E;9 M`< <
Ansi based on Dropped File
(~WRD0000.doc)
u 0u`<xt<XuG`G9 3uNt0t1` a w ;MsM9Er'u;v!M}u#9 EOu }t9 }e[9 ]]0 ]`G9 uu=t} w& u+9uv&TE"tMEjX" 0 E9 E& t0 8Et] }t9 E`p9 E9 E& t0 0 }t9 E`p3[_^9 U9 3Puuu9TuhPP]9 U9 V39uu/TVVVVV'uEuEuEBP0 u0 uU^9 U9 ujuhR ]jh@: 9 u& tu=|uCjYeV-Y0 E& tVPNYYE}u7u
Ansi based on Dropped File
(~WRD0000.doc)
u ]E]E;Eff
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u ]E]E;M<<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u M@u Mu6G! 9 9 9 " YY`M L9 9 9 " D$ M eHM& EtrjW630 E;ug 8tN6jEP60 ]& uf}u9 E"!RP6R;tSS6;tE 0@@& }u9 E#uME9 E#;tD=t)=@t"=t)=@t"=t=@uE9 M#;uE]E E@0 ]& 9 E#=@ = tw;& 9 E; yvv0& fE3H &H& REEjSS6tSSS6# jEP6e ttk& }uYE9 E; b! PjSS6W CSSS6B#& 9 E%=u6Y4j^0 09 d=uSj6 EASS6"!EE9 E+PD=P6b 9}9 9 9 D$`2M 09 9 9 D$9 M`
Ansi based on Dropped File
(~WRD0000.doc)
u VYL hh! hP! YY& uBh_OB T& $L! c=YthN!Y& tjjj3]jh@Cj;KYe3C9 0 `E}& 5Y9 0 }& tx5Y9 0 u0 }0 u0 u;rW9t;rJ69 0 5~9 5 9}u9Et0 }0 }0 E9 0 u9 }xhx! l! _Yh ! |! OYE}u(0 jiIYu3C}tjPIY9 U9 jju]jjj9 V9 V$V V"!VVV}VcV
Ansi based on Dropped File
(~WRD0000.doc)
u#~jEP^E~7e~!uZ#tjEE;E|juj;*OE*E"#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u(9 E+EWu$MP9 E+EPuuuSP9 E
Ansi based on Dropped File
(~WRD0000.doc)
u(E+EWu$MPE+EPuuuSPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u0 EmEjEPjEP9 4h& u
Ansi based on Dropped File
(~WRD0000.doc)
u0 EuuuSuSuSW9 =u9 Ex|thhh jj0 Eu0 ESu0 ESj0 EX)E)EEEjjuuuuSuSuSuu9 Mj9 uS4MMBR3EjtaD9 0 u`9 } 30 }$P9 0 ES0 ,9 <E39Lu"39D$u
Ansi based on Dropped File
(~WRD0000.doc)
u0u<xt<XuGG3uNt0t1aw ;MsM9Er'u;v!M}u#EOu }t}e[]]]Guu=t}wu+9uv&TE"tMEjXEEt8Et]}tE`pEEt0}tE`p3[_^U3Puuu9TuhPP]U V39uu/TVVVVV'uEuEuEBPuuU^UujuhR]jh@utu=|uCjYeV-YEtVPNYYE}u7u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u39u3AM]PM9URhjURh,t]P]Q;9]M3]}tr/~g3jZ]Qm3YE~F3MWEPEPMDMEpMjXfG;|MjYUR3URufE}UR3FVjfEh,tuPQ|u~#3EDtPKuuYuEj,5?3SjEPE];t9]tzEPEURP]Qt;|I9]tDjuM_MEnEPEPMEMEWM]LEPQEPE@VtCt:h|hjlGhSh^VWtP0)'F,PF<t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u3@^]j4r*1M3;gHTG9EV9uM]{$+{suus(+s }uVWsE5PuEejhTEQmeejh|9mM3PPPEjzPuh s EssuWjjujuEuT=t8u}j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u3}hV@@PN3jOujvQeNN$EN4ENHEwNXEkNhE_ENDFxEF|EnjOuNhE6NXE*NHEN4EN$ENEMPjOujzPeNN$EN4ENHE{NXEoNhEcEu!Fx!F|NDHxNxH|N|@DFDSjOluujOeNf4N(f,f0j7P%u}tG3PjOe^3E;uN(F,F0GGP*G(F(G,F,G0F04t'hyYEEtw4}3F4gjePuN43@EtPf4NE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u89 R z t7;qu
Ansi based on Dropped File
(~WRD0000.doc)
u89 R z,t7;qu
Ansi based on Dropped File
(~WRD0000.doc)
u89 R zt7;qu
Ansi based on Dropped File
(~WRD0000.doc)
u8Rz t7;qu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u8Rz,t7;qu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u8Rzt7;qu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u9 3@^]j4r*10 M9 3; gHTG9EV9uRM9 ]9 {$+{s0 u0 u9 s(+s 0 }0 u VWs0 E 9 5Pu0 E9 0 ejhTS0 EQme9 0 ejh|9 9mM3PPP9 E9 jzPuh s 0 EssuWjju ju 9 E9 uT=& t8u}j
Ansi based on Dropped File
(~WRD0000.doc)
u9 & 9 EE;t9 PQ9 E];t9 PQ9 EM;t9 PQY9 D$& t|$r|$w
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P uuWuv 9 9 9 _^]^]% V9 D$tV Y9 ^SV9 _9 \$S& tfW39~@uZ9 D$0 ^D0 FH3`& t@WWWWWWWWh WhS 0 F@;u39 = VjPhjv@0 F3@_^[j19 0 u e}Lp$}E W$}EH$$(9 bj1}9 0 u9 }W
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P43^9 }9 79 ]VjS Wu0 ^hS49 & u& u9 u9 SP@& & uuS& u9 9 P0& uuujuv uu& t9 9 Pjuuj9 ]9 & t9 QPu9 R& & 0 S\Ss9 + # tE-"!& & t*u9 uWu9 P& & uuW7uuS9 }9 & t*9 QP9 EPEP9 & & Wuh
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P^]j@#s9 }u
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 R ^V9 9 9D$u
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 R DtAPt$0 /l$: l$U9 9 EV3W9 ; 9 P
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 R9uuMM)z9 h3FV9 D$tVIY9 ^jHj,e}u9 Mjh|9 Iu& u9 Mjh|9 : ,MQ9 9 M3EFP0 u M0 uE y9 Ej uEPm3M0 uq& tMMQy9 YMq9 M30 Fj0sB`9 0 }33M0 uf0 E0 u3rpPMdMEEuq& & " V9 ;tP9 ;t0 uM+pPM9 EE;t9 3Pjw09 9 9 ;t59 9 uSP$9 E9 @$9 UR9 uSPQH9 }0 E9 ME& t 9 5EPEP& t9 SP9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
u9 @9 _[Ul$ 30 & j0N}9 & 9 9 e0 M0 }0 u0 E@0 E& tV9 'B0 EVWh4hj3hPf0 EEP EPVWL & & 9 5P SEPju{Y& uIEPEPuL & u4jEPMejMh9 MPuMMSEPju;u}tu$ uuT 9 & u9Et9 M& tua?jX
Ansi based on Dropped File
(~WRD0000.doc)
u9 ^]U9 SVWujj9 }9 59 SWu 0 EPW0 E u0 EuuuW uWuW9 5Su _^[]|$u3t$ SW9 |$9 & u3#VW9 & tV9 VW9 9 ^_[U9 QQSV9 u9 & tcu& tV9 0 E9 FW9 = 0 EEPu9 E0 9 E0 F9 F0 E9 F0 EEPu}9 E0 F9 E0 F_tV9 ^[U9 QQSV9 u9 & tcu& tV9 0 E9 FW9 = 0 EEPu9 E0 9 E0 F9 F0 E9 F0 EEPu}9 E0 F9 E0 F_tV9 ^[U9 }SVW9 tCu9 5& t4uR 9 W& t"ju9 uu9 uW3@3_^[]U9 }VW9 t<u9 5& t-u& t$ju9 uu9 uup3@3_^]V9 t$& t4jV |$t@u
Ansi based on Dropped File
(~WRD0000.doc)
u9 B0 EVu uhVjuuT & ujY
Ansi based on Dropped File
(~WRD0000.doc)
u9 B3@_^[j}NA9 MhPuuuhhVjHEPj3Wuu0 ;& 9 , EPWEPWu0 }u}0 Eu(u$ 3}h" V@@P=t';t#u$ u3}h" V@@P9 EDjP9 YY& tl9 E0 EEPWEPjuu& u>9 E;Ew63jf0 GWM9 MeEP{!WMYMWY9 Mj}u$ h|Vj3@3" PhVAAQ3"!U9 QeSW@9 & t
Ansi based on Dropped File
(~WRD0000.doc)
u9 D$_9 D$9 U9 ] 9 U9 ] jhH@eMx:9 M+M0 MU9 E0 E9 E9 0 E9 E8csmtE9 E m9 eEjhh@ze9 u9 EEeMx)u9 MUEE}uuuuu@jh@30 E0 E0 E9 E;E}9 u9 Uu0 uEEE}uuuuu! Dn;";[;:C:B:99 U9 }}tt }]=t-U9 $,$=t<$XfftU9 T$|$l$9 T$9 D$& t<& y$9 $ 9 T$,$9 $9 T$9 T$u\$\$=VVthV}Y& tVU9 & t9 FtPXVRWYj0 jh@4(VepXPTY 9 E9 9 0 MPQ7~YY9 eu_]9 U9 TSPS& uuSPT& u(PP0 9 M9 QT0 PT9 QX0 PX9 QQ0 PU= Vth V}Y& t VI9 U9 QSW9 }30 ];u "!kSSSSS=VYShjX9 YY;tJ.UplVS9 EYYVjVh& u0 ~TS0 FX(9 0 ~;tW, u#P0 EVCY9]tu,kY9 ^_[9 U9 9 USVW3;t9 ];wjj^0 0WWWWW9 _^[]9 u;u3f0 9 f0 AAFFf;tKu3;uf0 jj"Y0 9 9 U9 9 EVWu|PL& Y& u3U& ub& ( |}& }cR & | B & |jaYY& ux3;u19=x~
Ansi based on Dropped File
(~WRD0000.doc)
u9 eMQ9 PMMmV9 VD$tV4mY9 ^j.l9 j%fY9 0 M30 E;t
Ansi based on Dropped File
(~WRD0000.doc)
U9 h9 P(R9 P$R]9 D$9 T$0 SVW9 D$UPjhd5 3PD$d9 D$(9 X9 pt:|$,t;t$,v-4v9 0 L$0 H|uh9 DI9 D_9 L$d0
Ansi based on Dropped File
(~WRD0000.doc)
u9 k=MM9 9 U9 SVu$uuhVj30 ]<9 0 M;tuu>0 EWEPjSu0 ]u0 9 ;uuu 9 u$ ;ujX
Ansi based on Dropped File
(~WRD0000.doc)
u9 M0 _[9 U9 ,9 EH
Ansi based on Dropped File
(~WRD0000.doc)
u9 M0 _[9 U9 | 30 E9 ES3V30 E9 EF3W0 E}0 ]R0 u0 ]0 ]0 ]0 ]0 ]S0 ]0 ] 9]$u(kSSSSS3N9 U0 U`< t<t<
Ansi based on Dropped File
(~WRD0000.doc)
u9 Mfu-9 E0 EEPM]e9 MPCMMfuE0 EEPM)Efuf}9 u9 9 MPVkfu'9 E0 EEPMe9 MPEM3=,1+RYVt$9 RY& u
Ansi based on Dropped File
(~WRD0000.doc)
u9 MX39 0 MD;t9 ]|D& 9 0 49 A0 9 MDF;u\r9 D= 9 ]LM@0 E\9 E|0 ED9 EH;E40 U<0 U 0 " X0 U00 UX9 }(HD& 0 M0 E,9 E,9 0 E8; 9 ELM89EH}9 ML9 +9 ML9 UE@0 E 9 E4+0 U0 EX;v0 MX9 MH9 U83+@B;v%9 u,+U8;MXs
Ansi based on Dropped File
(~WRD0000.doc)
U9 QQV9 9 FV0M EPM t/VvMxEPMw t9 iu9 EOEPMT u/SW9 }9 ]MSWEP9 EPM' t_[u9 uu9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^/ijZ9 0 uL"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , }LE}$E hM9 P\j8Y9 h#MD0 E$3P9 0 ]A9 M3SGWM >9h|#M
Ansi based on Dropped File
(~WRD0000.doc)
u9 u9 P9 Ej{j z9 9 MEP3H!}M& u}P9 URP9 }t& t9 j9 u}P9 URPMMz8u39 9 P& t9 9 bDj(Qy9 }u3eEPu|9 2"!& t}um9 9 P9 & tjsY0 Ee& t9 <3uM0 EEP9 }9 MPEMM'u9 u9 Pu9 M: 9 E0 EEPM
Ansi based on Dropped File
(~WRD0000.doc)
u9 u9 uPPju ^u9 Y& u9 uWu9 9 P 9 Vju 9 !uY& u9 9 RuY& xu9 9 R0u Y& 9 M9 QMQ9 R8ujY& 9 M9 QMQ9 R49 ujV9 #]& tVD jeDMQ P9 0 E\& } u9 _u9 V^9 E0 p9 M39ytjV
Ansi based on Dropped File
(~WRD0000.doc)
U9 VE9 Pv< & t9 E+F(9 P9 E+F$P_^V9 9 N8& tDh|$9 N8thjdjj39 N89 N89 jP9 ^j4%e9 }3C9 0 ]G`0 ]h9 2: j
Ansi based on Dropped File
(~WRD0000.doc)
u;q|;skSuuu#DuYPtHE#Uu)
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u@_[Ul$3j0N eM}uE@EtV'BEVWh4hj3hPfEEP EPVWL5PSEPju{YuIEPEPuLu4jEPMejMhMPuMMSEPju;u}tu$uuTu9EtMtua?jX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u^[_3:u~at(:uAtf:t3^[_G^[_^[_Uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u^[_3`:u~`a t(`:u`A t`f:t3^[_`G^[_9 ^[_9 U9 j
Ansi based on Dropped File
(~WRD0000.doc)
u^]USVWujj}5SWu EPWE uEuuuWuWuW5Su _^[]|$u3t$SW|$u3#VWtVVW^_[UQQSVutcutVEFW=EEPuEEFFEFEEPu}EFEF_tV^[UQQSVutcutVEFW=EEPuEEFFEFEEPu}EFEF_tV^[U}SVWtCu5t4uWt"juuuuW3@3_^[]U}VWt<u5t-ut$juuuuup3@3_^]Vt$t4jV|$t@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uB0`B! /$` 1 wjYJ9 M$9 9 0 9 :ujY+tHHt
Ansi based on Dropped File
(~WRD0000.doc)
uB0B/$1wjYJM$:ujY+tHHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uB3@_^[jNAMhPuuuhhVjHEPj3Wuu0;,EPWEPWu}u}Eu(u$3}hV@@P=t';t#u$u3}hV@@PEDjPYYtlEEEPWEPjuuu>E;Ew63jfGWMMeEP{!WMYMWYMj}u$h|Vj3@3PhVAAQ3UQeSW@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ub_rpr__n
Ansi based on Image Processing
(screen_5.png)
Ub_rprM_n
Ansi based on Image Processing
(screen_9.png)
uBEVuuhVjuuTujY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ucMPcMcM+WEPbEPMEduME&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uD$_D$U]U]jhH@eMx:M+MMUEEEEE8csmtEEmeEjhh@zeuEEeMx)uMUEE}uuuuu@jh@3EEEE;E}uUuuEEE}uuuuuDn;";[;:C:B:9U}}tt}]=t-U$,$=t<$XfftU T$|$l$T$D$t<y$$T$,$$T$T$u\$\$=VVthV}YtVUtFtPXVWYj0jh@4(VepXPTYEMPQ7~YYeu_]UTSPSuuSPTu(PP0MQTPTQXPXQQPU=VthV}YtVIUQSW}3];u kSSSSS=VYShjXYY;tJ.UplVSEYYVjVhu~TSFX(~;tW,u#PEVCY9]tu,kY^_[UUSVW3;t];wjj^0WWWWW_^[]u;u3ffAAFFf;tKu3;ufjj"YUEVWu|PLYu3Uub(|}}cR| B|jYYux3;u19=x~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UDR 9 UDRP9}hu<;uUMD%& A9 MTEDPV ; ,MD& & 3C; 9}ht9 Mp& & 9}\u9}huMD& & Wh`ttSWvk;t9 A&; PM4}~9 N9 U4RP<;u
Ansi based on Dropped File
(~WRD0000.doc)
UDRUDRP9}hu<;uUMD%AMTEDPV;,MD3C;9}htMp9}\u9}huMDWh`ttSWvk;tA&;PM4NU4RP<;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uE3B;r9]u9 E x@! G 9 W;u0 ]9 ]9 u+0 E9 D0 tyjju;Eu 9 G9 M 8
Ansi based on Dropped File
(~WRD0000.doc)
uE3B;r9]uEx@GW;u]]u+ED0tyjju;Eu GM8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ue9 U9 QSVW5Hg59 0 }8g9 YY; 9 +CrwWm9 CY;sH;s9 ;rPuTmYY& uG;r@Pu>mYY& t1P4SfYuEf0 V:fY9 EY3_^[9 Vjj l9 Vf& ujX^&3^jhx?,KneuY0 EE9 E-*n9 U9 uYH]9 QUrpY9 U9 V9 EtVY9 ^]9 U9 9 EQPT6YY@]9 U9 QS9 E0 Ed9 9 d9 E9 ]9 m9 c[XY! $9 U9 QQSVWd9 50 uE9 juuu: :9 E9 @9 M0 Ad9 =9 ]0 ;d0 _^[U9 SVW0 E3PPPuuuuu{ 0 E_^[9 E9 ]9 U9 V9 u9 N39 jVvvjuvu { ^]9 U9 8S}#u9 M0 3@eE M30 E9 E0 E9 E0 E9 E0 E9 E 0 Eeee0 e0 md0 EEdE9 E0 E9 E0 Ef9 0 EEP9 E0UYYe}td9 9 9 ]0 d0 9 Ed9 E[9 U9 QS9 E9 H3M9 E9 @ft9 E@$3@ljj9 Ep9 Ep9 Epju9 EpuLz 9 Ex$uuujjjjjEPh#9 E9 ]9 c9 k 3@[9 U9 QSVW9 }9 G9 w0 E9 -u{9 MN9 k9 M9H};H~uM9 ]0 u}}9 EF0 09 E0 ;_w;vz9 kE_^[9 U9 9 EV9 u0 be9 0 FTe0 9 ^]9 U9 ?e9
Ansi based on Dropped File
(~WRD0000.doc)
uE@;rG @juu & }:9Ew9 Ott9 G0 E9 D0tE9 E)E9 E9 M^_[jhhA339u" ;u?VVVVV'uY0 uuY0 EE9 EuY9 U9 V9 u9 Fu ?g}0 FuVEeYV9 FY y0 FttuFuuV
Ansi based on Dropped File
(~WRD0000.doc)
uE@;rG @juu}:9EwOttGED0tEE)EEM^_[jhhA339u;u?VVVVV'uYuuYEEEuYUVuFu?g}FuVEeYVFYyFttuFuuV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEE;tPQE];tPQEM;tPQYD$t|$r|$w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEmEjEPjEP4hu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ueMQPMMmVVD$tV4mY^j.lj%fYM3E;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEuEu9 ^V9 D$tV!HY9 ^V9 D$tVGY9 ^V9 D$tVGY9 ^j`UF9 9 u9 E}$3< 9 E
Ansi based on Dropped File
(~WRD0000.doc)
uEuEu^VD$tV!HY^VD$tVGY^VD$tVGY^j`UFuE}$3<E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ueUQSVW5Hg5}8gYY;+CrwWmCY;sH;s;rPuTmYYuG;r@Pu>mYYt1P4SfYuEfV:fYEY3_^[Vjj lVfujX^&3^jhx?,KneuYEEE-*nUuYH]QUrpYUVEtVY^]UEQPT6YY@]UQSEEddE]mc[XY$UQQSVWd5uEjuuu:E@MAd=];d_^[USVWE3PPPuuuuu{ E_^[E]UVuN3jVvvjuvu{ ^]U8S}#uM3@eEM3EEEEEEEE EeeeemdEEdEEEEEfEEPE0UYYe}td]dEdE[UQSEH3ME@ftE@$3@ljjEpEpEpjuEpuLz Ex$uuujjjjjEPh#E]ck 3@[UQSVW}GwE-u{MNkM9H};H~uM]u}}EF0E;_w;vzkE_^[UEVubeFTe^]U?e
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEuuuSuSuSW=uEx|thhhjjEuESuESjEX)E)EEEjjuuuuSuSuSuuMjuS4MMBR3EjtDu` 3$PE,<E39Lu"39D$u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ue}9 Pu}9 PMM
Ansi based on Dropped File
(~WRD0000.doc)
uFFdF$FFFF F$lFP$FXF\ |GWPME"%MJXtS9YMZGWPMEPMtEvEgEEMl$8l$l$}l$ pl$Pkl$^l$ l$Jl$;PJl$+l$$l$l$l$Xl$Pl$l$l$wl$ jl$l$l$l$?l$ l$\l$Xrl$el$l$$Vl$Gl$Pl$l$l$!l$ l$ l$l$l$l$$l$Xwl$jUEV3u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ufY& tuw-Y& th\u
Ansi based on Dropped File
(~WRD0000.doc)
ufYtuw-Yth\u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uf}uuh<hjMNEPME(MEMM3jP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uHMj$Z.Y9 0 Me& ti3uMH0 Eo9 Mua9 E9 PP9 R4j0j30 M39]u
Ansi based on Dropped File
(~WRD0000.doc)
uHMj$Z.YMeti3uMHEoMuaEPPR4j0j3M39]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UhP(RP$R]D$T$SVWD$UPjhd53PD$dD$(Xpt:|$,t;t$,v-4vL$H|uhDID_L$d
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uhpeN;~$EuEvjX.uN$ENE]DM@\VWPt+tNQIjN<@_^UQeQMRMEj.jD/YMet3Mjh(MIjjEPE> utj3MMC$tt$h,j .39]9]M:M]:MEvwMSEPh EPh#tXMX;uLM=M=MjEPEP#MC;rMEBMMB3@MEwBMMkB3sVD$tVY^|$Vu3(N$th(%tPt$^jP.6Mejh|MGME8MEXhxhhEPMfEePJ5h4AEPtqM9ueEePJht=Pt13FME@ME@MMMtj3VWtV#_^j!/u}^3}DX7MEcN5pMEXjJMX3hfF$-BM~(~0~,MEF45lM~8~<EMEMU(SVE^P@7Pv(xunWj(3EWPF(hWEE}}E}jEE}6EEP|f;fF$_u33@^[jP/uu3HuO0ttnAukjmYEetNQvD3Mj @YEEtj`3MPjHp5(w3@j0/E3+ HHHHHtH9~,j YE};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uiParamsCount != 1
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 3
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 4
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UIsrael10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ujEPeMuTMMEMEuMhPVMMEMEMMjEPZeMJt3MMMNMESMEouMhPVMaME#MEj|~EPeMtj^MM%MMEMEEPhMHPVMjYuMu<}uMEtMEZvj}EPeMt3MMlt~MMEME(uMh$PVMMEMEj5}EP~eMnt3MM}MrMEwMEuMhHPVMMEGME-j|EPeMt3MMBJ}MMEMEEPhHMmPVMu!EuMEMEj|EPMeM=tj<^MM|MBMEGMEcEPhMPVMuE<u,;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uk=MMUSVu$uuhVj3]<M;tuu>EWEPjSu]u0;uuuu$;ujX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM3M& uhavY9 0 ME;t3MQ9 ]0 E;u+;tu9 M;u9 M9 ;tV:}Y0 ]9] ,u9 u9 PU9 ,ESVW3WWWjP5"!d 9 ]j;9 }0 E^u0 3j0 7h EPud& tIEPju & ~6}9 Eu"!+0 E}9 50 9 E0 tu}tu0 30 7uh _^[j|QZ{9 39}u3EPu~9 0 }a;t9 E;& 98t9 9 9 R;t9 9 R@9 ;th
Ansi based on Dropped File
(~WRD0000.doc)
uM3MuhvYME;t3MQ]E;u+;tuM;uM;tV:}Y]9],uuPU,ESVW3WWWjP5d]j;}E^u3j7hEPudtIEPju~6}Eu+E}5Etu}tu37uh_^[j|QZ{39}u3EPu};tE;98tR;tR@;th
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM@uMu6GYYMLD$ MeHMEtrjW63E;ug 8tN6jEP6]uf}uERP6;tSS6;tE0@@}uE#uMEE#;tD=t)=@t"=t)=@t"=t=@uEM#;uE]EE@]E#=@=tw;E;yvv0fE3H&HREEjSS6tSSS6#jEP6ettk}uYEE;bPjSS6WCSSS6B#E%=u6Y4j^0d=uSj6EASS6EEE+PD=P6b9}D$2M0D$M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM_[U,EH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM_[U|3EES3V3EEF3WE}]u]]]]]]]9]$u(kSSSSS3NUU< t<t<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMEEP !EuMEP!EuEP}M#M6M}EPEPEPEFUM~EEPEPFVPM\EPM[tQhSj:ME$MEMEMEMMM%puh||PEPE~u$hSj:|E`V|PEPy|EMEbMEVMEJME>MM23@1h`hHSjx9h4Sjc93UVWhHVj:9t}t9EuhnuEPWwMEPMuh7M|u&MhuhVj83@hVj83_^UVuEPVvMEPM3^j"MzeEPu3t)MH|uEP|MMMM3jDr2hMneEPM-nh\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UMFeWMe^t8MFwDMWEQGPM"BM8MEFQWMYMFO4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMfu-EEEPM]eMPCMMfuEEEPM)Efuf}uMPVkfu'EEEPMeMPEM3=,1+RYVt$RYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UMVuy|QI42^]Uu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMX3MD;t]|D4AMDF;u\rD=]LM@E\E|EDEH;E4U<UXU0UX}(HDME,E,E8;ELM89EHML+MLUE@E E4+UEX;vMXMHU83+@B;v%u,+U8;MXs
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uN3];tj~E~StjC;]|fMF@Vu^Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
unblockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UnhandledExceptionFilter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
UnhookWindowsHookEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
unknown compression method
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Unknown exception
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Unloading
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UNSPECIFIED_ERROR
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
unzip 0.15 Copyright 1998 Gilles Vollant
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
uOY& uV[YFW 9 F9 >H0 9 N+I;0 N~WPu0 EM 0 Fy9 Mtt9 9 " @ tjSSQ4H#t%9 F`M3GWEPu70 E9}tN 9 E%_[^9 U9 @@txtPu [YYf;u]]9 U9 V9 u9 EM>Yt}^]9 U9 G@SV9 9 t7u19 E0MP9 ~CC>Yu8*uj?9 cY}^[]9 U9 t 30 E9 ES9 ]V9 uWu30 & 0 0 0 0 0 0 0 0 9u3oWWWWWm t
Ansi based on Dropped File
(~WRD0000.doc)
uOYuV[YFWF>HN+I;N~WPuEM FyMtt@ tjSSQ4H#t%FM3GWEPu7E9}tN E%_[^U@@txtPu [YYf;u]]UVuEM>Yt}^]UG@SVt7u1E0MP~CC>Yu8*uj?cY}^[]Ut3EES]VuWu39u3oWWWWWmt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP uuWuv_^]^]%VD$tVY^SV_\$StfW39~@uZD$^DFH3`t@WWWWWWWWhWhSF@;u3=VjPhjv@F3@_^[j1ueLp$EW$EH$$(bj1}u}W
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP43^}7]VjSWu^hS4uuuSP@uuSuP0uuujuvuutPjuuj]tQPuRS\Ss+#tE- t*uuWuPuuW7uuS}t*QPEPEPWuh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP^]j@#s}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UpdateAllFeedsLastTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UpdateFeedInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
upon termination. memory size: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uPYY]3]jTh@EK3}EPEj@j ^VYY;50@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uPYY]3]jTh@EKa30 }ESPEj@j ^VYY; 0 5 0@@
Ansi based on Dropped File
(~WRD0000.doc)
UQQVFV0MEPMt/VvMxEPMwtiuEOEPMTu/SW}]MSWEPEPM't_[uuuE^UVVvMFV0MuEuuuPvffY^/ijZuL"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , LE$EhMP\j8Yh#MDE$3P]AM3SGWM>9h|#M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uR ^V9D$u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uR9uuMM)zh3FVD$tVIY^jHj,e}uMjh|IuuMjh|,MQM3EFPuMuEyEjuEPm3MuqtMMQyYMqM3Fj0sB`}33MufEu3rpPMdMEEuqV;tP;tuM+pPMEE;t3Pjw0;t5uSP$E@$URuSPQH}EMEt5EPEPtSPEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uRDtAPt$0/l$l$UEV3W;P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
URLDownloadToFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
urlmon.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
USE SYSTEM CHARSET
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
User is Idle less than a minute :Idle time %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
User is Idle more than minute :Idle time %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
User-Agent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
USER32.DLL
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
USER32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
user32.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
USER_ALERTS_STATUS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
USER_CLOSE_INTERVAL_MM
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uSj0[! g$HfwjY+9 M$9 9 0 9 ;ujY+t+t
Ansi based on Dropped File
(~WRD0000.doc)
uSj0[g$HfwjY+M$;ujY+t+t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uTMMEMEuMh8PVMMEMEMMjEP`eMP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ututM0n|[8PwPM8Er8E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuPEj{jzMEP3H!}MuPURP}ttjuPURPMMz8u3PtbDj(Qy}u3eEPu|2t}umPtjsYEet<3uMEEP}MPEMM'uuPuMEEEPM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuuPPju^uYuuWuP Vju!uYuRuYuR0uYMQMQR8ujYMQMQR4ujV#]tVDjeDMQPE\}u_uV^EpM39ytjV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuuuuPtV9 jjND$tVNY9 ^j;19 0 uQ0 e0 eue9 9 SVW9 |$ -9 9 u$v9 9 6j9 W ~-Y9 t_^[VW9 w9 p9 0 @9 g0 9 6_0 v^j0: 9 0 ued 6YXU9 QVEPEP9 .9 ^V9 j
Ansi based on Dropped File
(~WRD0000.doc)
uuuuuPtVjjND$tVNY^j;1uQeeueSVW|$-u$v6jW~-Yt_^[VWwp@g6_v^j0ued6YXUQVEPEP.^Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uu{XHHty+&HHt0GPhPP3tG1t<Ht5t+PYpeg2itmnt$otaU7 tff@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UVEPv<tE+F(PE+F$P_^VN8tDh|$N8thjdjj3N8N8jP^j4%e}3C]G]h2j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uVYL hhhPYYuBh_OBT$Lc=YthN!Ytjjj3]jh@Cj;KYe3C9E}5Y}tx5Yu}uu;rW9t;rJ6559}u9Et}}Eu}hxl_Yh|OYE}u(jiIYu3C}tjPIYUjju]jjjVV$VVVVV}VcV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uY& uVYFW 9 F9 >H0 9 N++0 N& ~WPu0 EN 0 F=9 Mtt9 9 " @ tSjjQz#t-9 F9 ]f0 jEPu9 9 ]f0 ]u0 E9}tN 9 %_[^U9 WVS9 MtM9 u9 }AZ I`&
Ansi based on Dropped File
(~WRD0000.doc)
uy3MPj5(uEPEP9 & ujX9 M ejEPMSPN(E'9 MEDMM0 F8z jNx9 ee9 u9 4zeh%9 E9 u9
Ansi based on Dropped File
(~WRD0000.doc)
uy3MPj5(uEPEPujXMejEPMPN(E'MEDMMF8zjNeeu4zeh%Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uY9 0 M0 };t3uMu9 u0 EV]& u9 M9 ;t0V{Y0 }9}t
Ansi based on Dropped File
(~WRD0000.doc)
uYM};t3uMuuEV]uM;t0V{Y}9}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uYuVYFWF>HN++N~WPuEN F=Mtt@ tSjjQz#t-F]fjEPu]f]uE9}tN %_[^UWVSMtMu}AZ I&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u{9 F^j,&Mu3uMu0 uS1;uFMM9 fj,&Mu3uMu0 uz;uFMM9 !j,&:Mu3uM0 u};uFMM{9 j,&MKu3M0 u3;uFMM<9 j@,Me9 0 eju@]EPMHMEOPj5pMcME/WMM3+j,&DM 3PP5pM0 EEcMM3j,&MXejj5pMcMMH3j,&MueMq@MM3sj,&RMueM=MM3:V9 9 N& t`9 N^" ! ^j.99 ~u%jLAY9 0 Me& tFP#! 30 F9 FUdh,9 MA9 eVP49M`S%EPMEjd_j[SE@PE9 0 eXPE0 }@^M`^)E PMHj\M E`PM 9 ;VjE0PM 5`M0E M& & 9 0 eXjhZE0P@@E|9 & ~zMKEPNV@E & tMEPM
Ansi based on Dropped File
(~WRD0000.doc)
u{F^j,&Mu3uMuu1;uFMMfj,&Mu3uMuuz;uFMM!j,&:Mu3uMu;uFMM{j,&MKu3Mu3;uFMM<j@,Meeju@]EPMHMEOPj5pMcME/WMM3+j,&DM3PP5pMEEcMM3j,&MXejj5pMcMMH3j,&MueMq@MM3sj,&MueM=MM3:VNtN^^j.9~u%jLAYMetFP#3FFUdh,MAeVP49M`S%EPMEjd_j[SE@PEeXPE}@^M`^)E PMHj\M E`PM ;VjE0PM 5`M0EMeXjhZE0P@@E|~zMKEPNV@EtMEPM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u|_3GWu|PE|hLkYE`et`3We`Sh|]7vWu|P`MP(ShPMd}7EPPEdPEYYMdE1UPRPPMP]1t~MMPEE(ShMdE/7EPPEdPEmYYMdE41EPPcthtMPE1M]M@'M0E'ShMdE6E0PEdPEYYMdE0M@E@PMEVM@)uM@'PM03M0'=PhvM@'Sh(MdE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V ^]9 U9 9 E}P
Ansi based on Dropped File
(~WRD0000.doc)
V#YYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
V,F@ F@@ FpFy dG@MWS@ HECjD\r2hM\meEPMlh\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
v,WWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
V3GPN$]G4PNG$PN4uNGPNHMVEE;EmMM3@}UTj,}h,wYM et3}u3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V3Mj&YME;tVS3MMP2EE;Erj3W3@},U`j,+u`El3;9^@x;@MElnM]G;9^9^hTF%YM,E;tU3ulW]EljM3NnM0EMPEM@ExM0QEP$MPQPM@QPMPuAM@u5M0u)E@PEPPE0PMtEPPM;tG9]lto;ukjd$YMlE;tV3M`PEM@EMPEM0EM]fmMMZm3PjM@EMPEM0EM]mjMMm3@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V8F@ F@@ Fp\Lz uA B IA p,;1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V9 3GPN$]G4PNG$PN4uNGPNHx9 MV"!E9 E;ERmMM 3@}UTj,"!}h,wY9 0 M e& t9 30 }& u39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 3Mj&Y9 0 ME;tVS39 MMP2E9 E;Er 9 j9 3W3@},U`j, +9 0 u`9 El3; 9^@& 9 x; 9 @M0 ElnM0 ]G~; : 9^ 9^ 0 hTF%Y9 0 M,E;tU9 3ul9 W]0 El9 j9 M3NnM0EMPE M@Ex9 M0Q9 EP$9 MPQ9 P9 M@Q9 PMP& uAM@& u5M0& u)E@PEPPE0PM & tEPPM;tG9]lto;ukjd$Y9 0 MlE;tV39 M`PEM@EMPEM0EM]fmMMZm3P9 j9 M@E~MPE M0E M]m9 j9 MMm3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 9 9 MMcSV9 ~W9 >}R?u9 9 0}9 _^[V9 ! D$tVcY9 ^j V9 ~$u5Wh xxWj
Ansi based on Dropped File
(~WRD0000.doc)
V9 d9 M& uDhf0 EESP" EPSSh S@& |EP9 &]V9 dMi3CM0 ] & 9 M& & x9 M& & h9 MEP$MEXS& t!jh|9 9 `M0 ]]ZDEP9 /bhH9 cjWMc`jWMET`MELQ9 ME PEPMEaM ECZMQPMbWMb9 MjE P PMEaaM EZM`QPMaWMaMFQPM=QP9 }R9 MVcM0 ]EYEMYMExYM] YMEg9 E'9 MVhLrPV9 b0 ]ME^g9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 t$& u3 W9 |$& t9 WP9 & t9 PQ0 >9 _^9 D$jh01}fH@1Vj9 Xf0 9 D$0 F& t9 PQ9 ^Vt$9 fF0 & u9D$t
Ansi based on Dropped File
(~WRD0000.doc)
v9 u3_^$ D$V9 $ tV gY9 ^jovf9 0 u&fNeN9 'g Vj9 Kg+FY3;F^9 j,&f9 MkeVMMMafj,&e9 M3veh ~WMvMh W MMvfj,& e9 MeFPh ~WMVh WMMM#f9 9 L$H 0 H?Bj "e yua$ eVW9 |$9 j9 r9 F& tP9 89 *_@^VW9 |$9 j9 >9 F& t
Ansi based on Dropped File
(~WRD0000.doc)
V9 u; xxtvhtajtLqt6t& 9 MWue9 MWT9 MWC9 M9 P@39 M9 P<#9 My@ 9 E jZf0 9 ID0 H9 MW 9 - H " -tst`9 MejjEP& 9 Et1& t7u(9 u$u WuuuVPQ9 9 E& t9 PQ9 p& t9 PQ@ _9 MWQ9 ExPtpLHpH! 369 MW(9 MW9 MW9 MW^_]$V9 " D$tVcY9 ^j80@y9 0 }e< 9 ]9 w& & & }wt9 e& & tS9 R& tS9 T }tjXhf0 E0 E} tV9 9 u<j?w9 uhhJ V9 B jYP9 D 9 V9 Wh9 Zu9 ]+HPWEP9 > jVME jETYPM M\M9 RVP9 ME9 ME9 9 }9 'PM{9 E3E;t9 39 G<9 u9 }#VSSSQPR,9 9]tu9 M3;9 ;t9 z3dj[@}9 9 Whhj ?t& MejEP9 MR PMEu9 }& t9 3v<9 P9 R )9 v<9 9 }& t9 39 Pv<9 R& t9 MM ``9 D$;uP,9 L$I9 Au9 jP3V9 t$& u@ ,hpt$PUYY& t9 D$0 9 PQ3&@ ^A@,@ @ $9 D$@9 @xU9 V9 u& u@ 9hsuTYY& t9 E& tH30 9 PQ3VuuE^]U9 QQ9 ESV3W9 ; 9 ]; a9 URhsP0 u0 u& |}9 E;tvURu0 u9 PQ& |Y9utT9 MQhsW0 u& |?9ut:9 EURu0 u9 PQ& 9 E|0 C9 E0 E9 PQ9 E9 PQ9 E9 PQ9 E3_^[V9 t$& t,9 F& t%9 W6PQ9 9 F9 PQf&3& _3^l$9 ,@D$V9 ,tV" Y9 ^9 @`@@D$V9 F@,tVZY9 ^j@=9 0 ut~$9 E3P& ~ S9 & t9 j9 9 C0;|N<Ez9 ENE! MN" ! xSV9 9 ^8W~$9 ;~S9 9 L$P}F83@3_^[$U9 QeSV9 ^W9 & ~&}<EPW9 & uE9 {9E|3_^[3@V9 D$tV,Y9 ^j
Ansi based on Dropped File
(~WRD0000.doc)
v9 Wt- |$ts9 F;s9 Pj9 N& uW9 3;_^VW9 |$9 v49~s
Ansi based on Dropped File
(~WRD0000.doc)
v9 Wu- |$ts9 F;s9 Pj9 8& uW9 S3;_^V9 jjNR9 ^y$r9 AAV9 D$tVn}Y9 ^U9 9 ESVW9 }9 9Gs9 w9 E+9us9 u9 ;ujVu9 jCjV t7r9 9 Kr9 CC9 UVWQP^V9 Z_^9 []U9 VW9 }W9 e t~r9 FFu+WV9 >:ju9 * t(9 Nr9 FFuWQPu9 9 _^]U9 9 ESVW9 }9 9Gs9 w9 E+9us9 u9 ;ujV6u9 j*DjV t8r9 9 Kr9 CC9 UVWRQP!V9 q_^9 []V9 jF;jjt$9 I9 ^U9 VuEP9 0 VvMT EPMSt u9 EPuYY uMVvM M9 9 E9 I0 0 H^Vt$9 YPt$9 P^V9 jFjjt$9 ~9 ^U9 VW9 }W9 t ~r9 FFu+WV9 f:ju9 t(9 Nr9 FFuWQPu9 '9 _^]VW9 |$W9 X9 G0 F_9 ^j}V`9 0 u9 ueNRq9 9 Vt$9 R9 ^RfV9 RXD$tV`Y9 ^V9 jF]t$9 9 ^Vt$9 -}YPt$9 ^V9 jF:t$9 9 ^j}{0 9 0 u9 }WQ9 eWNR 9 (`Vt$9 R9 ^U9 V9 ~uuvjuX9 Es9 FSWV0MEPMq t%9 E9 }PWZYY Wu9 VvM EPM q9 } t*9 F9 @WPYY 9 FWp9 j9 EPWYY t;9 E0 E9 EM0 E 9 ]CWPYY t9 C x-W9 tSkuk9 EWPYY tg9 EVv0 E9 EM0 E M~EPMp9 ] uCPW^YY t$9 E9 H y-W9 tPjSju9 EWEP9 9 9 M0 9 @0 A9 _[^j0`! 9 uEP& 9 FVPMD EPMCp9 ] uCPuYY t=uM(eeEPSuEP9 9 9 @j0 MjM0 E Mp! Uhl$ 30 Ehj< 9 }tM,eM@LE P9 E_$SME0 ]DM EPM1eHMPMLELPE8 P9 EV5M'EPM8&o uM8Ao9 @0 EHjB! YuHM 0 E<MP9 EPhpSj.}H& 'ELP9 U9 M<0 EPM 9 E[0 EHEHPM~VMEPMPM@9 MD9 E0P9 9 EM09 E658: hSj& uHM58: WVMEMEjjML"!MEM EM@E0 MM]39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9Pt9 ku;rkM^;s9Pt3]5& wYj hF>30 }0 }9 ]Lt9 jY+t"+t+td+uD[y9 0 }& ua`w\9 ]9 9 Z9 t<t+Ht3PPPPPc
Ansi based on Dropped File
(~WRD0000.doc)
V9Ptku;rkM^;s9Pt3]5wYj hF>3}}]LtjY+t"+t+td+uD[y}ua`w\]Zt<t+Ht3PPPPPc
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@P39 _^3[N U9 SVW3jZG0 }Q( 9 3Y;ujXV9 EDPVS W0 } 9 ;uS YuVW^ 9 EMQWPVEPSuu@ 0 E=& S W YYVVVEPVVVVVVVu?0 }8 & t0 }E9 E3j@ZQc 9 Y; 99 EDPVS uA 9 ; >uVW EP9 EWPVEPSuu@ 0 E9uu/9 uj9 9 E@P9 xS9 u9 MW}S W 9 EYY_^[V9 D$tV'! Y9 ^D$V9 tV
Ansi based on Dropped File
(~WRD0000.doc)
V@@P3_^3[NUSVW3jZG}Q(3Y;ujXVEDPVSW};uSYuVW^EMQWPVEPSuu@E=SWYYVVVEPVVVVVVVu?}8t}EE3j@ZQcY;9EDPVSuA;>uVWEPEWPVEPSuu@E9uu/ujE@PxSuMW}SWEYY_^[VD$tV'Y^D$VtV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@Pj O 9 eMPu hTVjeEPMPu9 D& t)h|Vj 3FMM
Ansi based on Dropped File
(~WRD0000.doc)
V@@PjOeMPuhTVjeEPMPuDt)h|Vj3FMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@Pru$ h|VjM]W3CFj(<O] 0 MuuuhVjjEPj3Suu0 ;t3" PhVAAQ73cM9 MeEPSu!9 & u9 E9Eu9 MEPMMC& tu$ h|Vj3@u j$_O}9 9 MPuuhHVj EPj3Wuu0 ;t$3" PhVAAQc3 MEPWu9 0 }Iu9 $ ;u/9 MEPKh|Vj3GMM9 3" h
Ansi based on Dropped File
(~WRD0000.doc)
V@@Pru$h|VjM]W3CFj(<O]MuuuhVjjEPj3Suu0;t3PhVAAQ73cMMeEPSu!uE9EuMEPMMCtu$h|Vj3@uj$_OMPuuhHVjEPj3Wuu0;t$3PhVAAQc3MEPWu}Iu$;u/MEPKh|Vj3GMM3h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@FL" "Q:BAbppo( 0 E6;n}Nc "!IY(Z ! G< |BV" npfF`!R4R jZa6j;GIF89a/$} }}xtxted^~sbZy]} 0 cSrbZ}R9 uk xu ~zfvuu\dql~[o~vkc T `~samrY[i`Q: qxr}~tdRdwyg9 u]nxyU}! 0 " gukvw9 ^RpRSpbvSsowh~sdR^Rgxv{~u~u" naxu}SV 9 !,/$@*\ ! #JSHA2j `IdIDR\e8;6c (opE >G9k'O *]tbc4H" aG?I j)*#P
Ansi based on Dropped File
(~WRD0000.doc)
V@FL" "Q:BAbppo(E6;nNc IY(ZG<|BV"npfF`!4RjZ6j;GIF89a/$tted^sbZy]crbZuku~zfvuu\dql~[ovkcT`samrY[iQqrtdRdwygu]nyU}gukvw^ppbvSsowhsd^gv{uunauV!,/$@*\#JHA2j `IdIDR\e8;6c(opE>G9k'O*]tbc4HG?I j)*#P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
v_iesteu_'opiism
Ansi based on Image Processing
(screen_0.png)
VarFileInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
VdMuDhfEESPEPSShS@|EP&]VdMi3CM]MxMhMEP$MEXSt!jh|`M]]ZDEP/bhHcjWMc`jWMET`MELQMEPEPMEaMECZMQPMbWMbMjEP PMEaMEZM`QPMaWMaMFQPM=QP}RMVcM]EYEMYMEYM]YMEgE'MVhLrPVb]ME^gMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vdr"""t!)19"\dlt|""`BJ""mu}""\$"I"l"""P""-5=`kv~""H""@""Lckss{""" $,44<DNs{"`"""HDLV^fnv""".6","Yaiqy"6.OW"0z"t"""4"*2:BJR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vdr: " " " t!)19" \dlt|" x" `BJ" " mu}& " " " \$" I" l" " " P" R" -5=`kv~" " H" R" @" " Lckss{9 " " " $,44<DNs{S" `" " " HDLV^fnv: " " " .6" ," Yaiqy0 S" 6.OW" 0z" t" " " 4"*2:BJR
Ansi based on Dropped File
(~WRD0000.doc)
vE9 U9 jpQujWVpR $& tuuW9 4Ej*Y0 9 uvY9 e^[9 M39 U9 WuMe9 }EPu_ }YY_t9 Map9 U9 S39TuA9 E;uDSSSSSd3/9 8t)`
Ansi based on Dropped File
(~WRD0000.doc)
veMa}9 }tP?MY9 }P+9 9 ;9 =tDPMv0& t2j b,Y9 0 ME& tjw3Pj5(Ev0M9 }0 E9Et@PMLv0& t.j ,Y9 0 ME& tj&w3Pj5(v0MM&uR2j,&19 Mt30 u9uuN9<tF9 ;t59 0 E& ~'V9 kG& t9 <4PM! F;u|MMt
Ansi based on Dropped File
(~WRD0000.doc)
veM}tP?MYP+;=tDPMv0t2j b,YMEtjw3Pj5(Ev0ME9Et@PMLv0t.j ,YMEtj&w3Pj5(v0MM&u2j,&1Mt3u9uuN9<tF;t5E~'VkGt<4PMF;u|MMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VEPMEM0 EEV9]t,j5M
Ansi based on Dropped File
(~WRD0000.doc)
VEPMEMEEV9]t,j5M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign Trust Network1;09
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VeriSign, Inc.1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0 "0
Ansi based on Dropped File
(~WRD0000.doc)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0"0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA76dv2ew0* H
Ansi based on Dropped File
(~WRD0000.doc)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA76dv2ew0*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.1705
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VeriSign, Inc.1705U.Class 3 Public Primary Certification Authority0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VerQueryValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VerQueryValueWGetFileVersionInfoWGetFileVersionInfoSizeWVERSION.dllRObtainUserAgentStringfURLDownloadToFileWurlmon.dllCCloseHandlewReleaseMutexGetLastErrorCreateMutexW.TerminateThreadGetExitCodeThreadCreateThreadGetModuleFileNameWGetModuleHandleWfGetTickCountLFreeLibrary GetProcAddressLoadLibraryWGetCurrentThreadIdKERNEL32.dllGetStockObjectfSetBkModeDeleteObjectQRoundRect^SelectObjectICreatePenRCreateSolidBrushDeleteDCBitBltFRectangleExcludeClipRect-CreateCompatibleBitmap.CreateCompatibleDCeSetBkColorSetTextColorGetLayoutGetTextColor2FrameRgnMCreateRectRgnGDI32.dllShellExecuteW#Shell_NotifyIconWSHELL32.dllCLSIDFromStringkCoUninitialize=CoInitialize;StringFromGUID2CoCreateGuidIIDFromStringole32.dllOLEAUT32.dllGetProcessMemoryInfoPSAPI.DLLEPathFileExistsWSHLWAPI.dll_TrackMouseEventCOMCTL32.dllsInternetCrackUrlWeInternetCanonicalizeUrlAInternetReadFilejInternetCloseHandleInternetOpenUrlWInternetSetOptionWInternetOpenWWININET.dllLReleaseDCGetDC9GetLastInputInfoJRegisterWindowMessageWOGetMonitorInfoAMonitorFromRectGetClassNameWEnumChildWindowsSystemParametersInfoWlGetSysColor~SetLayeredWindowAttributesEndDialogEnableWindowDialogBoxParamW]CreateDialogParamWSetWindowRgnSetWindowTextW*CharLowerBuffAOCopyRect(GetIconInfoKReleaseCaptureGetCapturegSetCaptureGetWindowTextWDrawFocusRectInflateRectGetAsyncKeyStateIsWindowUnicodeoGetSystemMetricsIsChildDrawIconExDispatchMessageWTranslateMessagecSendMessageWCryptMsgCloseCertCloseStore?CertFreeCertificateContextJCertGetNameStringWICertGetNameStringA5CertFindCertificateInStoreCryptMsgGetParamCryptQueryObjectCRYPT32.dllMultiByteToWideCharzWideCharToMultiByteGetModuleHandleALockResourceLoadResource9FindResourceWLocalFreeLocalAlloc3OpenProcessGetCurrentProcessIdGetCurrentProcessuGetVersionExADeleteFileWSetFileAttributesWGetFileAttributesW-TerminateProcessMulDivlstrcpyWInterlockedDecrementInitializeCriticalSectionDeleteCriticalSectionEnterCriticalSectionLeaveCriticalSectionxGetComputerNameW;OutputDebugStringWGetFileSizeCreateFileWhReadFileFindClose$FindFirstFileWeCopyFileWRemoveDirectoryWMoveFileExW0FindNextFileWOGetSystemTimeAsFileTime SizeofResourceSetThreadPriorityGetCurrentThreadGetLongPathNameWGlobalFreeGlobalUnlockLoadLibraryAGlobalLockGlobalAlloc!Sleep2TlsAlloc4TlsGetValue5TlsSetValueSetFileTimeLocalFileTimeToFileTimeDosDateTimeToFileTimeSetFilePointer*SystemTimeToFileTimeqCreateDirectoryWWriteFileGetLocalTimeHeapFree#GetProcessHeapRtlUnwind>UnhandledExceptionFilterSetUnhandledExceptionFilterIsDebuggerPresentZRaiseExceptionExitThreadResumeThreadoGetCommandLineAHeapAllocHeapReAllocMoveFileWGetConsoleCPGetConsoleModeGetFileType3TlsFreeInterlockedIncrementSetLastErrorHeapSizeExitProcess;GetStdHandleGetModuleFileNameASetHandleCount9GetStartupInfoAJFreeEnvironmentStringsAGetEnvironmentStringsKFreeEnvironmentStringsWGetEnvironmentStringsWHeapCreateHeapDestroyWVirtualFreeTQueryPerformanceCounter[GetCPInfoRGetACPGetOEMCPIsValidCodePageLCMapStringWTVirtualAllocLCMapStringA=GetStringTypeA@GetStringTypeWAFlushFileBuffersSetStdHandleWriteConsoleAGetConsoleOutputCPWriteConsoleWSetEndOfFileInterlockedExchangeInitializeCriticalSectionAndSpinCountGetLocaleInfoAxCreateFileALineTo!MoveToExSetWindowOrgExGetWindowOrgEx>CreateFontIndirectWGetDeviceCapsxSetLayout!CombineRgnGetObjectA$OffsetRgn`GdiFlushCRealizePalette_SelectPalette4PlgBltSetPixelGetPixelGetBkColorGetBkModeSetSecurityDescriptorSaclGGetSecurityDescriptorSaclmConvertStringSecurityDescriptorToSecurityDescriptorASetSecurityDescriptorDaclqInitializeSecurityDescriptorQGetSidSubAuthorityRGetSidSubAuthorityCountTGetTokenInformationOpenProcessToken*RegCloseKey3RegCreateKeyExWhRegQueryValueExW[RegOpenKeyExWxRegSetValueExWbRegQueryInfoKeyW6RegCreateKeyW>RegDeleteKeyWJRegEnumKeyW^RegOpenKeyWBRegDeleteValueWIRegEnumKeyExWLRegEnumValueWADVAPI32.dllSHGetFolderPathWSHCreateDirectoryExWCoCreateInstancegCoTaskMemFreeCreateStreamOnHGlobalKNffff+Bhfgg(g:gAlert.dllDllCanUnloadNowDllGetClassObjectDllOnUpdateFinishDllRegisterServerDllUnregisterServer,U.?AVCAlertAboutBoxDlg@@U.?AVCAlertDialog@@U.?AVCMyDialog@@U.?AVCWebBrowserContainer@@U.?AVCContainer@@U.?AVCUnknown@@U.?AUIUnknown@@U.?AUIOleClientSite@@U.?AUIOleInPlaceSite@@U.?AUIOleWindow@@U.?AUIOleInPlaceFrame@@U.?AUIOleInPlaceUIWindow@@U.?AUIOleControlSite@@U.?AUIDocHostUIHandler@@U.?AUIOleCommandTarget@@U.?AUINewWindowManager@@U.?AUIServiceProvider@@U.?AVCWebBrowserDispatcher@@U.?AVCDispatcher@@U.?AUIDispatch@@U.?AVCSeed@@U.?AUIElementBehavior@@U.?AUIElementBehaviorFactory@@U.?AUIHTMLPainter@@,U.?AVbad_alloc@std@@U.?AVexception@std@@U.?AVCAlertFeedItem@@U.?AVCAlertChannelItem@@U.?AVCMapStringPtrW@@U.?AVCAlertALPResponseObject@@U.?AVCAlertChannelsList@@U.?AVlogic_error@std@@U.?AVlength_error@std@@U.?AVCAlertClient@@U.?AVCAbstractAlert@@U.?AVCAlertExpirationData@@U.?AVCRSSAlert@@U.?AVCInstantAlert@@,U.?AVCAlertDialogChildButton@@U.?AVCDialogChildButton@@U.?AVCChildButton@@U.?AVCMyWnd@@U.?AVCAlertDialogChildButtonCheckBox@@U.?AVCDialogChildButtonCheckBox@@,U.?AVCAlerter@@,U.?AVCAlertGui@@,U.?AVCAlertHTMLDialog@@U.?AVCHTMLDialog@@U.?AVCHTMLDialogBrowserContainer@@U.?AVCAlertHTMLDialogBrowserContainer@@,U.?AVout_of_range@std@@U.?AUIInternetSecurityManager@@,U.?AVCAlertHttpManager@@U.?AVCAlertLogger@@U.?AVCLogger@@U.?AVCSingletonSeed@@U.?AVCReferencedSeed@@U.?AVIDefaultTranslationsLoader@@U.?AVCAlertLP@@,U.?AVCAlertManager@@U.?AVCAppManager@@U.?AVCAlertAppManagerFact@@U.?AVCAppManagerFact@@,U.?AVCAlertOptionsDialog@@,U.?AVCAlertOptionsDialogTitleBar@@U.?AVCAlertTitleBar@@U.?AVCMyTitleBar@@,U.?AVCAlertOptionsDialogWindowStyle@@U.?AVCAlertWindowStyle@@U.?AVCWindowStyle@@,U.?AVCPopUpWindow@@U.?AVCBaseWnd@@U.?AVCAlertResourceBank@@U.?AVCResourceBank@@,U.?AVCAlertSingletonAllocator@@U.?AVCSingletonAllocator@@,U.?AVCAlertTrayIcon@@U.?AVCMyTrayIcon@@,U.?AVCAlertViewRecentPopUpWindow@@,U.?AVCAutoUpdateThread@@,U.?AVCClassFactory@@U.?AUIClassFactory@@,U.?AVIAlertResultEvents@@U.?AVCConduitAlert@@U.?AUIConduitAlert2@@U.?AUIConduitAlert@@U.?AVCEventAlertClient@@U.?AVCEventGeneral@@U.?AVCEventAlertGui@@U.?AVCEventLogic@@U.?AVCEventUsage@@,U.?AVCLogic@@U.?AVCNotificationsItem@@U.?AVCRSSItem@@U.?AVCNotificationsFeed@@U.?AVCRSSFeed@@U.?AVCServiceMapManager@@U.?AVCTrayIconPopUpMenu@@U.?AVCStringBufferW@@U.?AVCSyncMapStringPtrW@@U.?AVCArrayStringW@@U.?AVGdiplusBase@Gdiplus@@U.?AVCUtils@@,U.?AVCSingletonManager@@,U.?AVCEventSingleton@@U.?AVCEventSingletonGeneral@@U.?AVCAtlException@ATL@@U.?AVCStringTokenizerW@@U.?AVCXmlNode@@U.?AVCArrayPtr@@U.?AVCMapPtr@@U.?AVCCritical@@U.?AVCSyncMapPtr@@U.?AVCFileHandler@@'p'U.?AVCCommandId@@U.?AV_com_error@@U.?AVCXmlDocument@@U.?AVCRegValue@@U.?AVCSetupRegW@@U.?AVCEventHttpRequest@@U.?AVCEventHttpReply@@U.?AVCDialogChildButtonStatic@@U.?AVCDialogLineDivider@@,U.?AVCMovingFrame@@,U.?AVCJsonValue@@U.?AVCJson@@U.?AVCJsonObjectPairValue@@U.?AVCJsonObject@@U.?AVCJsonArray@@U.?AVCJsonNull@@U.?AVCJsonString@@U.?AVCJsonNumber@@U.?AVCJsonBoolean@@,U.?AVCJob@@U.?AVCThreadPool@@U.?AVCDummyJob@@,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VerQueryValueWGetFileVersionInfoWGetFileVersionInfoSizeWVERSION.dllRObtainUserAgentStringfURLDownloadToFileWurlmon.dllCCloseHandlewReleaseMutexGetLastError}CreateMutexW.TerminateThreadGetExitCodeThreadCreateThreadGetModuleFileNameWGetModuleHandleWfGetTickCountLFreeLibrary GetProcAddressLoadLibraryWGetCurrentThreadIdKERNEL32.dllGetStockObjectfSetBkModeDeleteObjectQRoundRect^SelectObjectICreatePenRCreateSolidBrushDeleteDCBitBltFRectangleExcludeClipRect-CreateCompatibleBitmap.CreateCompatibleDCeSetBkColorSetTextColorGetLayoutGetTextColor2FrameRgnMCreateRectRgnGDI32.dllShellExecuteW#Shell_NotifyIconWSHELL32.dllCLSIDFromStringkCoUninitialize=CoInitialize;StringFromGUID2CoCreateGuidIIDFromStringole32.dllOLEAUT32.dllGetProcessMemoryInfoPSAPI.DLLEPathFileExistsWSHLWAPI.dll _TrackMouseEventCOMCTL32.dllsInternetCrackUrlWeInternetCanonicalizeUrlA~InternetReadFilejInternetCloseHandleInternetOpenUrlWInternetSetOptionW"!InternetOpenWWININET.dllLReleaseDCGetDC9GetLastInputInfoJRegisterWindowMessageWOGetMonitorInfoAMonitorFromRectGetClassNameWEnumChildWindowsSystemParametersInfoWlGetSysColor~SetLayeredWindowAttributesEndDialogEnableWindowDialogBoxParamW]CreateDialogParamWSetWindowRgnSetWindowTextW*CharLowerBuffAOCopyRect(GetIconInfoKReleaseCaptureGetCapturegSetCaptureGetWindowTextWDrawFocusRectInflateRectGetAsyncKeyStateIsWindowUnicodeoGetSystemMetricsIsChildDrawIconExDispatchMessageWTranslateMessagecSendMessageWCryptMsgCloseCertCloseStore?CertFreeCertificateContextJCertGetNameStringWICertGetNameStringA5CertFindCertificateInStoreCryptMsgGetParamCryptQueryObjectCRYPT32.dllMultiByteToWideCharzWideCharToMultiByteGetModuleHandleALockResourceLoadResource9FindResourceWLocalFreeLocalAlloc3OpenProcessGetCurrentProcessIdGetCurrentProcessuGetVersionExADeleteFileWSetFileAttributesWGetFileAttributesW-TerminateProcessMulDivlstrcpyWInterlockedDecrementInitializeCriticalSectionDeleteCriticalSectionEnterCriticalSectionLeaveCriticalSectionxGetComputerNameW;OutputDebugStringWGetFileSizeCreateFileWhReadFileFindClose$FindFirstFileWeCopyFileW RemoveDirectoryWMoveFileExW0FindNextFileWOGetSystemTimeAsFileTime SizeofResourceSetThreadPriorityGetCurrentThreadGetLongPathNameWRGlobalFree GlobalUnlockLoadLibraryAGlobalLock& GlobalAlloc!Sleep2TlsAlloc4TlsGetValue5TlsSetValueSetFileTimeLocalFileTimeToFileTimeDosDateTimeToFileTimeSetFilePointer*SystemTimeToFileTimeqCreateDirectoryWWriteFileGetLocalTimeHeapFree#GetProcessHeap RtlUnwind>UnhandledExceptionFilterSetUnhandledExceptionFilterIsDebuggerPresentZRaiseExceptionExitThreadResumeThreadoGetCommandLineAHeapAllocHeapReAllocMoveFileWGetConsoleCP" GetConsoleModeGetFileType3TlsFreeInterlockedIncrementSetLastErrorHeapSizeExitProcess;GetStdHandleGetModuleFileNameASetHandleCount9GetStartupInfoAJFreeEnvironmentStringsAGetEnvironmentStringsKFreeEnvironmentStringsWGetEnvironmentStringsWxHeapCreateHeapDestroyWVirtualFreeTQueryPerformanceCounter[GetCPInfoRGetACPGetOEMCPIsValidCodePageLCMapStringWTVirtualAllocLCMapStringA=GetStringTypeA@GetStringTypeWAFlushFileBuffersSetStdHandle WriteConsoleA"!GetConsoleOutputCPRWriteConsoleWSetEndOfFileInterlockedExchangeInitializeCriticalSectionAndSpinCountGetLocaleInfoAxCreateFileALineTo!MoveToEx SetWindowOrgExGetWindowOrgEx>CreateFontIndirectWGetDeviceCapsxSetLayout!CombineRgnGetObjectA$OffsetRgn`GdiFlushCRealizePalette_SelectPalette4PlgBlt SetPixelGetPixel GetBkColor GetBkModeSetSecurityDescriptorSaclGGetSecurityDescriptorSaclmConvertStringSecurityDescriptorToSecurityDescriptorASetSecurityDescriptorDaclqInitializeSecurityDescriptorQGetSidSubAuthorityRGetSidSubAuthorityCountTGetTokenInformationOpenProcessToken*RegCloseKey3RegCreateKeyExWhRegQueryValueExW[RegOpenKeyExWxRegSetValueExWbRegQueryInfoKeyW6RegCreateKeyW>RegDeleteKeyWJRegEnumKeyW^RegOpenKeyWBRegDeleteValueWIRegEnumKeyExWLRegEnumValueWADVAPI32.dllSHGetFolderPathW`SHCreateDirectoryExWCoCreateInstancegCoTaskMemFree& CreateStreamOnHGlobalKNffff+Bhfgg(g:gAlert.dllDllCanUnloadNowDllGetClassObjectDllOnUpdateFinishDllRegisterServerDllUnregisterServer,0 U.?AVCAlertAboutBoxDlg@@U.?AVCAlertDialog@@U.?AVCMyDialog@@U.?AVCWebBrowserContainer@@U.?AVCContainer@@U.?AVCUnknown@@U.?AUIUnknown@@U.?AUIOleClientSite@@U.?AUIOleInPlaceSite@@U.?AUIOleWindow@@U.?AUIOleInPlaceFrame@@U.?AUIOleInPlaceUIWindow@@U.?AUIOleControlSite@@U.?AUIDocHostUIHandler@@U.?AUIOleCommandTarget@@U.?AUINewWindowManager@@U.?AUIServiceProvider@@U.?AVCWebBrowserDispatcher@@U.?AVCDispatcher@@U.?AUIDispatch@@U.?AVCSeed@@U.?AUIElementBehavior@@U.?AUIElementBehaviorFactory@@U.?AUIHTMLPainter@@,0 U.?AVbad_alloc@std@@U.?AVexception@std@@U.?AVCAlertFeedItem@@U.?AVCAlertChannelItem@@U.?AVCMapStringPtrW@@U.?AVCAlertALPResponseObject@@U.?AVCAlertChannelsList@@U.?AVlogic_error@std@@U.?AVlength_error@std@@U.?AVCAlertClient@@U.?AVCAbstractAlert@@U.?AVCAlertExpirationData@@U.?AVCRSSAlert@@U.?AVCInstantAlert@@,0 U.?AVCAlertDialogChildButton@@U.?AVCDialogChildButton@@U.?AVCChildButton@@U.?AVCMyWnd@@U.?AVCAlertDialogChildButtonCheckBox@@U.?AVCDialogChildButtonCheckBox@@,0 U.?AVCAlerter@@,0 U.?AVCAlertGui@@,0 U.?AVCAlertHTMLDialog@@U.?AVCHTMLDialog@@U.?AVCHTMLDialogBrowserContainer@@U.?AVCAlertHTMLDialogBrowserContainer@@,0 U.?AVout_of_range@std@@U.?AUIInternetSecurityManager@@,0 U.?AVCAlertHttpManager@@U.?AVCAlertLogger@@U.?AVCLogger@@U.?AVCSingletonSeed@@U.?AVCReferencedSeed@@U.?AVIDefaultTranslationsLoader@@U.?AVCAlertLP@@,0 U.?AVCAlertManager@@U.?AVCAppManager@@U.?AVCAlertAppManagerFact@@U.?AVCAppManagerFact@@,0 U.?AVCAlertOptionsDialog@@,0 U.?AVCAlertOptionsDialogTitleBar@@U.?AVCAlertTitleBar@@U.?AVCMyTitleBar@@,0 U.?AVCAlertOptionsDialogWindowStyle@@U.?AVCAlertWindowStyle@@U.?AVCWindowStyle@@,0 U.?AVCPopUpWindow@@U.?AVCBaseWnd@@U.?AVCAlertResourceBank@@U.?AVCResourceBank@@,0 U.?AVCAlertSingletonAllocator@@U.?AVCSingletonAllocator@@,0 U.?AVCAlertTrayIcon@@U.?AVCMyTrayIcon@@,0 U.?AVCAlertViewRecentPopUpWindow@@,0 U.?AVCAutoUpdateThread@@,0 U.?AVCClassFactory@@U.?AUIClassFactory@@,0 U.?AVIAlertResultEvents@@U.?AVCConduitAlert@@U.?AUIConduitAlert2@@U.?AUIConduitAlert@@U.?AVCEventAlertClient@@U.?AVCEventGeneral@@U.?AVCEventAlertGui@@U.?AVCEventLogic@@U.?AVCEventUsage@@,0 U.?AVCLogic@@U.?AVCNotificationsItem@@U.?AVCRSSItem@@U.?AVCNotificationsFeed@@U.?AVCRSSFeed@@U.?AVCServiceMapManager@@U.?AVCTrayIconPopUpMenu@@U.?AVCStringBufferW@@U.?AVCSyncMapStringPtrW@@U.?AVCArrayStringW@@U.?AVGdiplusBase@Gdiplus@@U.?AVCUtils@@,0 U.?AVCSingletonManager@@,0 U.?AVCEventSingleton@@U.?AVCEventSingletonGeneral@@U.?AVCAtlException@ATL@@U.?AVCStringTokenizerW@@U.?AVCXmlNode@@U.?AVCArrayPtr@@U.?AVCMapPtr@@U.?AVCCritical@@U.?AVCSyncMapPtr@@U.?AVCFileHandler@@'p'U.?AVCCommandId@@U.?AV_com_error@@U.?AVCXmlDocument@@U.?AVCRegValue@@U.?AVCSetupRegW@@U.?AVCEventHttpRequest@@U.?AVCEventHttpReply@@U.?AVCDialogChildButtonStatic@@U.?AVCDialogLineDivider@@,0 U.?AVCMovingFrame@@,0 U.?AVCJsonValue@@U.?AVCJson@@U.?AVCJsonObjectPairValue@@U.?AVCJsonObject@@U.?AVCJsonArray@@U.?AVCJsonNull@@U.?AVCJsonString@@U.?AVCJsonNumber@@U.?AVCJsonBoolean@@,0 U.?AVCJob@@U.?AVCThreadPool@@U.?AVCDummyJob@@,0
Ansi based on Dropped File
(~WRD0000.doc)
VERSION.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Version:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Version:P>* The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.P Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.H MS Shell DlgP?x2 OKPtx2 Cancel@[SysTreeView32P P P P9 Show icon in system trayP| Alerts enabledP h MS Shell Dlg( !fS
Ansi based on Dropped File
(~WRD0000.doc)
Version:P>*The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.P Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.HMS Shell DlgP?2OKPt2Cancel@[SysTreeView32PPPPShow icon in system trayP|Alerts enabledPhMS Shell Dlg( !f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vEUjpQujWVpR$tuuW4Ej*YuvYe^[M3UWuMe}EPu_}YY_tMapUS39TuAE;uDSSSSSd3/8t)
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VF@F@@Fp)FydG@MWS@EUQVQeeu]^jHM]{t2hMkeEPMYkhEPE41Mzt{CxtEH9;uvsuwMA9Xux9u>~I9utxtEH9Yu}tGBxtQ\B;Cupuw>SKAMI9YuAK9uAKHKQP+YY{;ulFxu@VF^Fxu}yuHythHyuAMP@jFNHMF@V@~xu@VF7xuHyu"yu@vMA;x?7yuHAMP@NHMFV@GjSYMAvHAuuuE=jHVM]{!t2hMUieEPMhhEPE4MDz!t{Cx!tEH9;uv!suwMA9Xux9u>~I9u!tx!tEH9Yu}!tGBx!tQ\B;Cu!puw>SKAMI9YuAK9uAKHK Q PYY{ ;ulFx u@ VF Fx!u}y uHy thHy uA MP@ $FN H MF @V@ ~x u@ VF x!uHy u"y u@ vMA;x?7y uHA MP@ `N H MF V@ G j0SYMAvHAuuuWEUEVuEFENF5fEF,F-^]Vt$g4^USVWGpEMFPD}Et6v~!tWSM}tLGW0MEPMt&uSjEPLEIH@2MfuuN|tuSuEMp@_^[USVWGpEMFP||Et6v~tWSMQ}tLGW0M=EPM<t&uSjEPEIH@2M`uuN{tuSuEMp@_^[UV~uuvjuEgFSWV0MEPMt$E}P{WuVvMWEPMV}t'FHWB{FWpjEP{t8EEEME]WKztCx!WtSgugMWztfEVvEEMEMEPM]uCPzt$EHy!WtPjSjuEWEPM@A_[^j;ZuQeeu9eIj;%uQeeueUQQVFV0MEPMt/VvMEPMtulOEPM{u/SW}]MlSWEPEPMNt_[uuuE^UVVvMFV0MuEuuuPvffY^UQQVFV0MEPMt/VvMEPMturOEPMu/SW}]MSWEPEPMTt_[uuuE^jd}jjSeYYuuEtuuuuuAu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VF@F@@FpLzuABIAp,;1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VirtualAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VirtualFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Vj0 E EPjjSW0 3;t3" PhXVAAQw3hf0 ERE}WPQ WWWWE PERPWuE D u9 $ ;u!9 M ERPh|Vj13@3" Sh@
Ansi based on Dropped File
(~WRD0000.doc)
VjEEPjjSW03;t3PhXVAAQw3hfEEWPQWWWWEPEPWuEDu$;u!MEPh|Vj13@3Sh@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VjM0 }M9}th9 h9 9 MjEPuuu9 Wh
Ansi based on Dropped File
(~WRD0000.doc)
VjM}M9}thhMjEPuuuWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vk35+Eh +0 u0 E0 }0 Ud0 Vy 9 j Yu9 SY9 Y_[^tV9 t$& ujaX^~|tVY6VVYY3^U9 QQSW9 }3;ujaXC9_t9_|tW|YEPEPEPW& tj"!Vh 9 Y;t'h@Y9 M0 ND9 M0 0 NH0 ^L;uV~YjX0 ^@9 O<39_40 NT0 ^P9 O4 0 Nd9 0 N`9 O0 Nh0 ^;uFP0 ^$0 ^(0 ^,aY& uF@9 G@0 FX9 GD0 F\`G0$Fl9 G0t`G9`G? Fl0 F|9 E^pxV4Ft0 gE#FxxV40 E& t9 E tPSEYYu9 Gx9 MfD0 F<0 w|3^_[U9 QQ9 UW30 }0 };t9 E;ujaXV9 p|;uja9>ujSX9 M;u39 E0 F9 F\0 N;v0 FS9~ 9 U~& 9 FX& & @;s
Ansi based on Dropped File
(~WRD0000.doc)
Vk35+Eh+uE}UdVyj YuSYY_[^tVt$ujX^~|tVY6VVYY3^UQQSW}3;ujXC9_t9_|tW|YEPEPEPWtjVhY;t'h@YMNDMNH^L;uV~YjX^@O<39_4NT^PO4NdN`ONh^;uFP^$^(^,YuF@G@FXGDF\G0$FlG0tG9G?FlF|E^pxV4FtgE#FxxV4EtEtPSEYYuGxMfDF<w|3^_[UQQUW3}};tE;ujXVp|;uj9>ujXM;u3EFF\N;vFS9~U~FX@;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vl$Yul$$vl$ul$8ul$.ul$ l$ul$ ul$Xul$tl$tl$Sul$$ ul$ tl$~ul$dul$Pjul$]ul$$Stl$Iul$/ul$ l$(ul$gtl$ul$tl$Xul$Pt9 9 V9 9 }D$tV9Y9 ^|$v9 L$9 D$f9 f;u
Ansi based on Dropped File
(~WRD0000.doc)
vl$Yul$$vl$ul$8ul$.ul$l$ul$ ul$Xul$tl$tl$ul$$ul$ tl$~ul$dul$Pjul$]ul$$tl$Iul$/ul$l$(ul$gtl$ul$tl$Xul$PtV}D$tV9Y^|$vL$D$ff;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VMF@,F@@,FpRFy,dG@MWS@,CE>j`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VMMcSVW>}?u0}_^[VD$tVcY^jV~$u5WhxWj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VP,& t}t& t
Ansi based on Dropped File
(~WRD0000.doc)
VP3@^]L$IAujP3Vrf^j+yuFetPQfMP'j.BH~u%jPEYMet3MF!FtPQFVW39~tG_^VNtc^Vl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VP9 >;tW9 Mh\EPEM0 }!& uEP}0u9 uuuuMM9 )9 3x9 j<2~MdeEPMK9 MPEA0ME(9 M&!& t3MM39 ~9 Mh03FU9 V9 9 M & t3*u9 m9 M & u9 M9 MP03@^]jY9 MeEPu9 & tVM & uJMuMhRE@PMuuMh'PMMEpMM'j(1S9 eM^EPu3C9 0 ]& txM& ulM2MEEPhRME PM9 M& u(jh|9 ,M0 ]EM]&EPG09 Mjh|9 ,0 ]ME&9 ESj9: 9 0*M0 u! eEPu9 "& tIM& u=M;EPhMEPMqEM& u9 u9 uMM9&9 ASj<2Z: MeEPMt9 MPE`-ME%9 Mo& t3MM|9 : 9 Mh9.3FV9 9 L$5& t3%t$9 n& t9 L$9 L$P-3@^ja9 9 M& & 9 M& & M)eEPu9 & txM& ulMMEME9 M9 9 E0^PMUPVMM9 E: MEMM$9 MM$3aj"!9 9 M& & 9 M& & MOeEPu9 & tvM& ujMMEMEu9 M9 PM}PVMM9 EMEMM#9 MM#3"!j19 ejh0M)eEPEPu9 MM`# "!j19 ejh0M=)eEPEPu9 MM9 =#9 E"!D$V9 tV^"!Y9 ^j1A9 jM"!YjhHM0 E(eEPEPu9 YMM9 "9 j1 9 ejhHM{(eEPEPu9 MM9 {"9 #E|j1" 9 jYjhhM0 E(eEPEPu9 MM9 "9 &j1? 9 ejhhM'eEPEPu9 8MM9 !9 #E j`'2 9 eM 9 u3Ch9 0 ]6& t~j9 PMU'hMEB)M EPM EPME(ME7!M" PM~)M EM]!>EPV9 E& u!E9 MEP! ')9 KPMT)hRM(9 MEP*M0 ]E 9 E j1" 9 ujh0M0 E]&eEPEPu9 MM_ i j1 " 9 uEP3M0 u& tMM 9 ( u9 L9 & 3FjF 9 0 u+<Y}39 }W9 & <|9 u+ Q|W9 W9 4& uW9 ;SVWj9 " Yt$9 9 9 & 3+;+Xt$9 H& 3@3;S9 _^[j R2o 9 uEP 9 MeP&MM9 M}& uP9 Mhx& t?uEP9 (9 M3FP0 uc&MM9 E9 E9 3 j0& 2 9 Mu3M0 ]hMEPEPEPEPu9 E0 ];thM& u\M& uPSMOuEuMP9 E0EPEMEoM]MM3@M]MM3 j<2 9 MReEPM~2jhME3" E0 M! MM9 jx3~ eM;9 M3C0 ]& t9 MEP &0 ]|2jSu|E& u9 MEP\&0 ]| 9 & tEP9 ~hMEw& u<h 9 & t$MQ9 PME0$MEM9 MEP%M0 ]Eu|]ME[9 Eb Ul$ 30 & hF3` 9 & 0 EDVh;jj& \3P0 }9 EPE0 }PP 9 ;uKVjj& \PESM39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
VP>;tWMh\EPEM}!uEP0uuuuuMM)3j<2MdeEPMKMPEA0ME(M&!t3MM3Mh03FUVM t3*umM uMMP03@^]jYMeEPutVM uJMuMhE@PMuuMh'PMMEpMM'j(1eM^EPu3C]txMulM2MEEPhMEPMMu(jh|,M]EM]&EPG0Mjh|,]ME&Ej90*MueEPu"tIMu=M;EPhMEPMqEMuuuMM9&Aj<2ZMeEPMtMPE-ME%Mot3MM|Mh9.3FVL$5t3%t$ntL$L$P-3@^jMMM)eEPutxMulMMEMEME0^PMUPVMMEMEMM$MM$3jMMMOeEPutvMujMMEMEuMPM}PVMMEMEMM#MM#3j1ejh0M)eEPEPuMM#j1ejh0M=)eEPEPuMM=#ED$VtV^Y^j1AjMYjhHME(eEPEPuYMM"j1ejhHM{(eEPEPuMM{"#E|j1jYjhhME(eEPEPuMM"&j1?ejhhM'eEPEPu8MM!#Ej`'2eMu3Ch]6t~jPMU'hMEB)MEPMEPME(ME7!MPM)MEM]!>EPVEu!EMEP')KPMT)hM(MEP*M]E Ej1ujh0ME]&eEPEPuMM_ ij1uEP3MutMM (uL3FjFu+<Y}3}W<|u+Q|WW4uW;SVWjYt$3+;+Xt$H3@3;_^[j R2ouEPMeP&MMMuPMht?uEP(M3FPuc&MMEE3j02Mu3M]hMEPEPEPEPuE];thMu\MuPSMOuEuMPE0EPEMEoM]MM3@M]MM3j<2MReEPM2jhME3EMMMjx3eM;M3C]tMEP&]|2jSu|EuMEP\&]|tEPhMEwu<ht$MQPME0$MEMMEP%M]Eu|]ME[EbUl$3hF3`EDVh;jj\3P}EPE}PP;uKVjj\PEM3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vq9 9D$r3t$9 "^U9 QeEPu`" #Et$& tV9 p& u39 9 P#^j %9 }u3,juMSeEP9 MM9 9 SVW9 9 L$h|u~9 9 3& ~1W9 !& tt$9 9 RC;}9 L$h9 7~G;|9 L$hx$~_^[j9[o9 0 uej
Ansi based on Dropped File
(~WRD0000.doc)
Vq9D$r3t$"^UQeEPu#Et$tVpu3P#^j%}u3,juMeEPMMSVWL$h|u3~1W!tt$RC;}L$h7G;|L$hx$_^[j9[ouej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VRF@,F@@,FpMLz,uA,B,IA,p,;1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
VST{TTTU+VU9 0 }0 u9 u9 }9 M: fofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fp Iu9 u9 }9 ]U9 0 }0 u0 ]9 ]9 "!9 9 E3+3+"!9 3+3+9 uJ9 u9 0 M;t+VSP'9 E9 M& tw9 ]9 U+0 U+0 ]9 u9 }9 M9 ES;u50 M9 u9 }9 M9 MM9 UU9 E+EPRQL9 E9 u9 }9 M9 9 9 E9 ]9 u9 }9 ]-t"t
Ansi based on Dropped File
(~WRD0000.doc)
VST{TTTU+VU}uu}MfofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fpIuu}]U}u]]E3+3+3+3+uJuM;t+VSP'EMtw]U+U+]u}MES;u5Mu}MMMUUE+EPRQLEu}ME]u}]-t"t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vt$PtWP_^j[&eEP7EMMFzjE}t@MW[uehX'h&hMv_u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vt$u3 W|$tWPtPQ>_^D$jh01fH@1VjXfD$FtPQ^Vt$fFu9D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vT9 vP~\9 n& u9 E;F<u9 j9 }3?9 Su9 P9 9 E;F<u~pu9 9 P89 EFp& t9 PQ9 W _^[]U9 QQV9 u0 M& 9 F er&9 fx@u9 @H& t9 URhlrP& }e9 9 H3f9S 3W0 U9 H& t9 Y9 @83& tf8u9 @& t9 9 E9 M;A<u9 M9 SWURuP$_[& |}9 9 @t3f0 9 E& t9 PQ3W ^SVWh|9 hj9 IG$P9 _9 9 Nx*UV9 9 & tU9 U YV9 Ny]_^[jL?p
Ansi based on Dropped File
(~WRD0000.doc)
vTvP~\nuE;F<uj3?SuPE;F<u~puP8EFptPQW_^[]UQQVuMFer&fx@u@HtURhlrP}eH3f9S3WUHtY@83tf8u@tEM;A<uMSWURuP$_[|}@t3fEtPQ3W^SVWh|hjIG$P_Nx*UV tUUYV Ny]_^[jL?p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vu3_^$D$V$tVgY^jovfu&fNeN'gVjKg+FY3;F^j,&fMkeVMMMafj,&eM3veh~WMvMhWMMvfj,&eMeFPh~WMVhWMMM#fL$HH?Bj"eyua$eVW|$jrFtP8*_@^VW|$j>Ft
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vu3M0 E;t9 PS9 R9 EU9 SV9 9 F3;t9 PQ0 ^WE~P9 D&9 M;t9 j0 ]EPEP9 +&& u9 S9 PE(P9 /EPEP9 d_9 M;t9 j0 ]EPEP9 B& u9 S9 P3^@[SUV9 t$Wh9 U9 SW9 WS9 Uh9 9 _^3]@[jRM#S9 0 u~9 e^(9 ;9 fj%9 E9 j%9 P9 9 SjRM: 9 0 uEN(E4MN(pSV9 D$tVRSY9 ^jMo: 9 30 }M9=@& & & 9~ `Mj3f0 MPMwpMEOPhRdSj89 F9 9 uP 9 3& VhS& PEPMM9 %3& u@MMv%3~: j4Ma9 3M0 ]H3SEPuM0 ];9 M~{M9 & v9 MSf<tC;r0 ]}9 MER+}EWuP0}Et(uEPMk.PMEU,ME$MPMoo9 E3E;t9 39 F9 }WQP 9 ;t@9 F9 SP 9 9 F9 SP ;u 9 E;t9 39 v9 URPV 9 9 M;tzt0 ]ME'$PMn9 EE& t9 39 F9 }WQP 9 & tB9 F9 jP 9 9 F9 jP & u 9 E& t9 39 v9 URPV 9 9 M& tse0 Ef9EuM 13& u@_!MMk13s"!j R9 9 E& t 9 ]9 PuhVj9 9 a& & & S9 "!& t3@}uh`iSM:,eEP9 EP9 ]9 & t
Ansi based on Dropped File
(~WRD0000.doc)
vu3ME;tPSREUSVF3;tPQ^WE~PD&M;tj]EPEP+&uSPE(P/EPEPd_M;tj]EPEPBuSP3^@[SUVt$WhUSWWSUh_^3]@[jM#u~e^(;fj%Ej%PjMuEN(E4MN(pVD$tVY^jMo3}M9=@9~Mj3fMPMwpMEOPhdSj8FuP3VhSPEPMM%3u@MMv%3~j4M3M]H3SEPuM];M{MvMSf<tC;r]}ME+}EWuP0}Et(uEPMk.PMEU,ME$MPMooE3E;t3F}WQP;t@FSPFSP;u E;t3vURPVM;tzt]ME'$PMnEEt3F}WQPtBFjPFjPu Et3vURPVMtseEf9EuM13u@_!MMk13sjEt ]PuhVjSt3@}uh`iSM:,eEPEP]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vu;xtvhtajtLqt6tMWueMWTMWCMP@3MP<#My@E jZfIDHMW-H-tst`MejjEPEt1t7u(u$u WuuuVPQEtPQptPQ@_MWQExPtpLHpH36MW(MWMWMW^_]$VD$tVcY^j80@y}e<]wwtetStST}tjXhfEE}tVu<j?wuhhJVBjYPDVWhZu]+HPWEP>jVMEjETYPMM\MRVPMEME}'PM{E3E;t3G<u}#VSSSQPR,9]tuM3;;tz3dj[@}Whhj?tMejEPMRPMEu}t3v<PR )v<}t3Pv<RtMMD$;uP,L$IAujP3Vt$u@,hpt$PUYYtD$PQ3&@^A@,@@$D$@@xUVuu@9hsuTYYtEtH3PQ3VuuE^]UQQESV3W;];URhsPuu|}E;tvURuuPQ|Y9utTMQhsWu|?9ut:EURuuPQE|CEEPQEPQEPQE3_^[Vt$t,Ft%W6PQFPQf&3_3^l$,@D$V,tVY^@`@@D$VF@,tVZY^j@=ut~$E3P~ StjC0;|N<EzENEMNSV^8W~$;~SL$PF83@3_^[$UQeSV^W~&}<EPWuE{9E|3_^[3@VD$tV,Y^j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vul 9utup U9 9 E(u VWP3Wh 9 ;u3j(EPV& t9 }VX9 _^U$l `jhD8dPL 30 & SVWPEd0 e9 & 9 S 0 E9 & 0 E9 & 0 E3FVf0 & H3& JWP1k3Vf0 EEWP kj8EWPkEH0 E#0 M$9 E<0 E0 E0 }MQhWP 9 ;tL9 M;tEPt9 M;t& HPa9 E;tf9 Mf0 9}u9}u3
Ansi based on Dropped File
(~WRD0000.doc)
Vul9utupUE(uVWP3Wh;u3j(EPVt}VX_^U$l jhD8dPL3 SVWPEde E E E3FVfH3JWP1k3VfEEWP kj8EWPkEHE#M$E<EE}MQhWP;tLM;tEPtM;tHPaE;tfMf9}u9}u3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVV! 9 E4SW& t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVV! h h\WEp2j9 ;t$tjEP46 YP6ST _^[jkqYtj^qY& u=uh)hYY9 U9 9 E$]U9 0 }9 }9 Mf$ffGfG fG0fG@fGPfG`fGp Iu9 }9 ]U9 0 }9 E"!9 3+3+& u<9 M9 0 U;t+QPs9 E9 U& tEE+0 E39 }9 M9 E.0 }39 }9 M9 E9 M9 U+RjQ~9 E9 }9 ]jhEhef(E#9 E9 9 =t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVC*h\qCjP0 3& t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVC*h\qCjP3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVC3q9 iM9 CkM 3f0 M `0 Ef0 U0 u0 }0 MS& S}
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVC3qiMCkM3fM`EfUu}M}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVE4SWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVh h\WEp2j;t$tjEP46YP6ST_^[jkqYtj^qYu=uh)hYYUE$]U}}Mf$ffGfG fG0fG@fGPfG`fGpIu}]U}E3+3+u<MU;t+QPsEUtEE+E3}ME.}3}MEMU+RjQ~E}]jhEhef(E#E=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVIz^9 U9 h]]`]]EuMm]]z3@3hR] & thp]P<& tj"!9 U9 9 MMZf9t3]9 A<8PEu3f9H 9 ]9 U9 9 E9 H<ASVq3WD& v9 }9 H;r9 X;r
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVIz^Uh]]`]]EuMm]]z3@3h]thp]P<tjUMMZf9t3]A<8PEu3f9H]UEH<ASVq3WDv}H;rX;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVwh!Vj%& u&h ]hV& t3PPPPP3V! @Y<v8V! ;jh]+QP: & t3VVVVV! 3h]SW& t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVwh!Vj%u&h ]hVt3PPPPP3V@Y<v8V;jh]+QPt3VVVVV3h]SWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vWt-|$tsF;sPjNuW3;_^VW|$v49~s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vWu-|$tsF;sPj8uWS3;_^VjjN^y$rAAVD$tVnY^UESVW}9GswE+9usu;ujVujCjVt7rKrCCUVWQP^VZ_^[]UVW}Wet~rFFu+WV>:ju*t(NrFFuWQPu_^]UESVW}9GswE+9usu;ujV6uj*DjVt8rKrCCUVWRQP!Vq_^[]VjF;jjt$I^UVuEPVvMTEPMStuEPuYYuMVvMMEIH^Vt$YPt$P^VjFjjt$^UVW}Wt ~rFFu+WVf:jut(NrFFuWQPu'_^]VW|$WXGF_^jVuueNqVt$^fVXD$tVY^VjF]t$^Vt$-YPt$^VjF:t$^j{u}WQeWN(Vt$^UV~uuvjuXEsFSWV0MEPMqt%E}PWZYYWuVvMEPMq}t*F@WPYYFWpjEPWYYt;EEEME]CWPYYtCx-WtSkukEWPYYtgEVvEEMEMEPMp]uCPW^YYt$EHy-WtPjSjuEWEPM@A_[^j0uEPFVPMDEPMCp]uCPuYYt=uM(eeEPSuEP@jMjMEMpUhl$3Ehj<}tM,eM@LE PE_$SME]DM EPM1eHMPMLELPE8PEV5M'EPM8&ouM8Ao@EHjBYuHM E<MPEPhpSj.}H'ELPUM<EPM E[EHEHPMVMEPMPM@MDE0PEM0E658hSjuHM58WVMEMEjjMLMEM EM@EMM]3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W 0 M0 M0 M9 M;MR4M9 EPEP9 E0 9 9 @0 E9 FV0 MPMEPM uM79 @9 M0 EjjME0 E9 Eu@ }t3WuuPuS
Ansi based on Dropped File
(~WRD0000.doc)
W 9 U` VW! $u 9 Mp0p9 }0O9 R49 ,9 & : 9 }jpO09 R8u 9 Mp0Afp9 M0Tp9 M0iB9 Mu 9 P<2p9 M09 R@ p9 M09 R09 Mu 9 PD9 3& u(u$u PuuuRu_^]$ISSHS\SqSS" SSSSVt$9 t$tjN3^jHX9 u9 }uuW9~<uN3bM(~ee9 MQWEPxuMWuMMEEPME" PMEMEEPMEPMWhRM"!jMQPv<9 EgM9 EaMEME uM0 }n& & @ j X! 9 EPejhM
Ansi based on Dropped File
(~WRD0000.doc)
W H9 U`! $0 p9 M09p9 M0ep9 M0 p9 M01p9 M0qxp9 M0`p9 M0xp9 M0 fp9 M0dTu(9 Mu$u Puuu6p9 M0"p9 M0p9 M09 3& u(u$u PuuuRuS^]$Uj );Mj& .D9 j8RY0 E30 ];t9 N9 MM[9 }EPSW9 E6M& t;D]W9 & t& u#W9 S9 9 EPS9 MM d`j,&9 39~0uk9~u9 E0 9~tR#M3GWM0 ]Y0 09 ;t9 WIY0 ~MM"!U9 QVEPEP9 9 ^j9 0 uue}}}FFdF$FFF F F$lFP$FXF\ |/}E }EN}E?09 V9 D$tVY9 ^j8B9 h xh0j9 ! 3;t9x0uP9 9x0t3jjY0 E0 ];t9 0 E0 ]MM!Y9 F9 VPME19 FVPM$EPM# & 3M6PM{iEP9 ;& MXj8EY0 EE;t9 0 E0 ]ME9 XEPu9 SM& t:Z& tu9 MEP9 lS9 SEPu9 MEFaM9 FVPM=EPM< u9
Ansi based on Dropped File
(~WRD0000.doc)
w$& j9 3*9 W9 j9 `9 & tWM6eE9 0 eP!9 9 j9 MM 9 N& t9 jf9 N& x9 jfiw9 \W9 OW9 BW9 5W9 D(W9 }IV e r R "! ) < Vjjjt$9 t$t$jUS~9 ^jk'9 9 EHu%h8!Y9 0 M30 E;tVN0 ~(jq0 jhvhuj1& u9 RQjhvhuj~1& t9 nOjkS'9 }u6j$X!Y9 0 M30 u;th9 wM9 & u9 D'9 V3;t&VhvhuVP0;t
Ansi based on Dropped File
(~WRD0000.doc)
w$j3*WjtWM6eEeP!jMMNtjfNxjfiw\WOWBW5WD(W}IVer)<Vjjjt$t$t$jU^jk'EHu%h8!YM3E;tVN(jq0jhvhuj1uRQjhvhuj~1tnOjkS'}u6j$X!YM3u;thwMuD'V3;t&VhvhuVP0;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W%71Z!O,X#0G
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
w0ub39 M]0 E;t9 PuRu9 u9 9 E9 PQu3j.9 ~4u-j Y9 0 Me& t>U3M0 F49 j%9 9 F4QjBl9 0 uSE\9 N8& t
Ansi based on Dropped File
(~WRD0000.doc)
w0ub3M]E;tPuRuuEPQu3j.~4u-j YMet>U3MF4j%F4QjBluE\N8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
w0uY9 u9 9 E9 PQu3jA9 q;E}39 0 ]9 0 M;tEPu& t9 Ew(9u9 G$9 VPQ0& & 9 6MQu0 ]9 VP;RR9 E; 0 ]9 URP0 ]Qd;|[hMG tJjP8Y9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
w0uYuEPQu3jAq;E3]M;tEPutEw(9uG$VPQ06MQu]VP;E;]URP]Qd;|[hMGtJjP8YME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W9 haM}& t"ERP9 WP9 EAMR7haMJ& t7& |P9 WP9 E|]q9 haM& tW9 *& t&MM?E9 E;E 3@7LMMj R2?K9 }u39 Mh\: Z& t-MQ9 We~P9 ZMM9 9 Mh, Z& t0MQ9 V~,P9 EMM9 9 Mhh: PZ& eP9 & U3@\Kj0uJ9 9 ]& u
Ansi based on Dropped File
(~WRD0000.doc)
W9 _9 ^jC9 9 }9~t)hWMheEP9 kMMD9 Vt$9 Z9 ^Vt$9 o9 ^j4kC9 30 ]9w9 Mh~~VMVME0 ]0 ]0 ]39E}9 G`E<ar<zv<Ar<Zv
Ansi based on Dropped File
(~WRD0000.doc)
W9 haM: & t
Ansi based on Dropped File
(~WRD0000.doc)
W9 Y9 e& hR: 9 Y& t-MQ9 V~<P9 EVME9 h, 9 }Y& t-MQ9 U~P9 EME9 htaEP9 iZEP9 Eh : 9 0 F/Y& tP9 ,0 EME1}u3MM9 3FjD9a<I9 M3WWuM0 }M;uM83IX;uMM9 9 M0 NLP9 ^9 jH9 0 u9 Ee: 0 FF49 0 S0 & u0 9 NIjgH9 0 u: eS9 & tPT7X'9 & t9 j'M9 4HV9 v& t9 }& t^^9 j.G9 j4AY9 0 M30 E;tPo0 HU9 V9 ~4tJ9 9 Pt9 }& t2uu\j9 0 ejhTS9 }jjj^]t$9 Pxjjt$j9 D$;u|$ujqYY38t9 9 9 bj F9 9 MQ9 P|eM& t3MM|9 GMPjjL9 & tP=uVTVX3F0 V9 D$tV_GY9 ^V9 9 0tS $DDD ,F9 ^j$QF0 M9 E& u@I9 Xp}Mu9 }3VSwM0 u94tjXE)EE)EhhjV9 9 5WS0 Eu0 ESj
Ansi based on Dropped File
(~WRD0000.doc)
W9 YY; 6V5P 5PY& tWVQYYDN0 VxYuWwTY3@_^]jh@9 9 9 ]3@0 E& u9x e;tu.RV& tWVS0 E} WVSr0 E& WVSSD0 Eu$& u WPS?DWjSBRV& tWjS& tu&WVS"& u!E}tRV& tWVS0 EE9 E9 E9 9 PQ{YY9 eE3{9 U9 }uu9 M9 UY]9 U9 9 Ef9 Uf;t@@f& uf9t3]9 U9 9 ES9 ]f;W9 tDf& t:+9 Mf& tf& t++uAAf9uf9tGG@@f& u3_[]9 9 U9 S39]u gSSSSSDV9 uW9 };t$;u pgSSSSS EB0 u0 u?vE?0 EuEuuPU0 E;tU;|BMx
Ansi based on Dropped File
(~WRD0000.doc)
W_^jC}9~t)hWMheEPkMMDVt$Z^Vt$o^j4kC3]9wMhVMVME]]]39EGE<ar<zv<Ar<Zv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
We& u3_^j,&X:9 }ufjhvv3@3M! }eM9 N9 & tS 9 MMp}9 :j$#99 ~u3i|9 N0 EEPMnejh~MWEPEPE" |YYME\9 NEP` MMD3@K:jPf99 M|3M0 ]CM9 jh~MEEPEPE|YYME;t9^t?E9 0 ePh}9^t"E9 0 ePh9 N;u!3M]! MM|9 9S9 >9 jk 89 39~t
Ansi based on Dropped File
(~WRD0000.doc)
WebDispacher
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WebDispatcherRefresh
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Wednesday
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Weu3_^j,&X:}ufjhvv3@3M}eMNtSMMp}:j$#9~u3i|NEEPMnejhMWEPEPE|YYME\NEPMMD3@K:jPf9M|3M]CMjhMEEPEPE|YYME;t9^t?EePh9^t"EePhN;u!3M]MM|9S>jk839~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WFUP5+N\!#8DC 19 @O,?4L9 LNP ;GIF89aR "!x9 } : "!Sx!R, RR
Ansi based on Dropped File
(~WRD0000.doc)
WFUP5+N\!#8DC 1@O,?4LLNP ;GIF89aR!R,RR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Wh Nv4v3@_^[j@0 0n9 9 }& w9 ! g$& +
Ansi based on Dropped File
(~WRD0000.doc)
Wh Nv4v3@_^[j@0n}wg$+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WhH=Lj\9 tLMuH;}?GWjEPM~*PME&M]JVM'9 MEPR(9 Mjh|9 %M0 ]E9 E" U9 Q9 MejhR$9 Ej} EP`eMP& tMM MWME\MEx9 EPhMPVM1& u+ME&MEMMJ9 }9 ujl EPeM& u[Pb YM9 MEMEVhM9 IPWMME MEwMM j EP#eM& uTM/ME4MEPuMh9 PVMBMEMEMM*4 jM EP eM & t3MM9 M`MEMEuMh9 PVMM9 E_MEE j, eEP3CM0 ]& t9 Mjh0/"0 ]M#MEMEME9 EPhMrPVM9 M& ujh0!EP;%M0 ]E"!MEM]ME9 E jEPeM& t3MMt9 | MMEME0uMhx9 ~PVMl
Ansi based on Dropped File
(~WRD0000.doc)
WhH=Lj\tLMuH;}?GWjEPM~*PME&M]JVM'MEP(Mjh|%M]EEUQMejh$Ej}EP`eMPtMMMWME\MExEPhMPVM1u+ME&MEMMJujlEPeMu[PbYMMEMEVhMIPWMMEMEwMMjEP#eMuTM/ME4MEPuMhPVMBMEMEMM*4jMEPeMt3MMMMEMEuMhPVMME_MEEj,eEP3CM]tMjh0/"]M#MEMEMEEPhMrPVMMujh0!EP;%M]EMEM]MEEjEPeMt3MMt|MMEME0uMhxPVMl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WhM}t"EPWPEAM7hMJt7|PWPE|]qhMtW*t&MM?EE;E3@7LMMj R2?K}u3Mh\Zt-MQWe~PZMMMh,Zt0MQV~,PEMMMhhPZePU3@\Kj0uJ]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WHU$pM09pM0epM0 pM01pM0qpM0pM0xpM0 fpM0dTu(Mu$u Puuu6pM0"pM0pM03u(u$u PuuuRuS^]$Uj);Mj.Dj8RYE3];tNMM[}EPSWE6Mt;D]Wtu#WSEPSMMdj,&390uk9uE9tR#M3GWM]Y0;tWIYMMUQVEPEP^juueFFdF$FFFF F$lFP$FXF\ |/E ENE?0VD$tVY^j8Bhh0j3;t90uP90t3jjYE];tE]MM!YFVPME1FVPM$EPM#3M6PM{iEP;MXj8EYEE;tE]MEXEPuSMt:ZtuMEPlSSEPuMEFaMFVPM=EPM<u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WideCharToMultiByte
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
window.external.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
window.external.<script type="text/javascript">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
window_title
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WININET.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WINMM.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
wM?9 T$B9 J3u
Ansi based on Dropped File
(~WRD0000.doc)
wM?T$BJ3u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WM_QUIT - After
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WM_QUIT - Before
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
wMKM9 T$B9 J3vu wMLMM9 T$B9 J3CuLdwM49 T$B9 J3 uxAwMaR9 T$B9 J3twMwRMoRMJ9 T$B9 J3tv9 M{9 M9 M9 M\9 Mt9 T$B9 J3{tSvMMMVX9 T$B9 J3HttivMM+X9 T$B9 J3t>v9 MU9 MJ9 M$O9 M< 9 T$B9 J3suM9 M9 M9 M$9 M< MuzYuzY9 T$B9 J3ks8RuMM~x{M9 uyYuyY9 T$B9 `t3sS7uM(I9 T$B9 J3ruMIugyY9 T$B9 J3r,tMHu:yY9 T$B9 J3"!r`t9 M9 M9 M<9 T$B9 J3]rS~tuxY9 T$B9 J38rYtMsMHMV9 T$B9 J3r&tMUMUM H9 T$B9 J3q@sM
Ansi based on Dropped File
(~WRD0000.doc)
wMKMT$BJ3vuwMLMMT$BJ3CuLdwM4T$BJ3 uxAwMRT$BJ3twMwRMoRMJT$BJ3tvM{MMM\MtT$BJ3{tvMMMVXT$BJ3HttivMM+XT$BJ3t>vMUMJM$OM<T$BJ3suMMMM$M<MuzYuzYT$BJ3ks8uMMx{MuyYuyYT$Bt3s7uM(IT$BJ3ruMIugyYT$BJ3r,tMHu:yYT$BJ3r`tMMM<T$BJ3]r~tuxYT$BJ38rYtMsMHMVT$BJ3r&tMUMUMHT$BJ3q@sM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WMMMM;M4MEPEPE@EFVMPMEPMuM7@MEjjMEEEu@}t3WuuPuS
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Wo9 }j& p9 }EPEPGi9 }jX+EjSWto9 }EPEP+}9 }jSWLo_[^9 & t9 @& t9 9 R 3V9 t$& tHSjhxhxjq8x9 & t'9 W9 Pl9 9 9 P & _u& ujj9 .[^V9 t$W9 & t19 S9 P09 9 9 P49 O$;9 0 O$9 O(;[~9 9 0 G(_^9 & t9 @& t9 9 b39 & t9 @& t9 9 b3j.9 9 v09 x& tfjh`thtjW& tK9 R9 & t>j Y9 0 Me& t9 EPK3Pj0 x5(v0'U9 Q9 & tdS9 ]V9 p9 EW0 3 9 Qe0 E& v-u9 & txu9 E9usE9 E;Er9 9 M;_^[9 S3;u3[V9 pW9 ;r3N;|V9 ;t9XtNy9 9 _^[9 U3& u]SV9 pW9 9 ;r3V9 ]& t9htF;r9 9 _^[]V9 v0jj9 ^^W9 9 ! & tOV9 p& tFw0& t9jh`thtjV
Ansi based on Dropped File
(~WRD0000.doc)
WojpEPEPGijX+EjSWtoEPEP+}jSWLo_[^t@tR 3Vt$tHSjhxhxjq8t'WPlP _uujj.[^Vt$Wt1SP0P4O$;O$O(;[~G(_^t@tb3t@tb3j.v0xtfjh`thtjWtKt>j YMetEPK3Pjx5(v0'UQtdS]VpEW3 QeEv-utxuE9usEE;ErM;_^[S3;u3[VpW;r3N;|V;t9XtNy_^[U3u]SVpW;r3V]t9htF;r_^[]Vv0jj^^WtOVptFw0t9jh`thtjV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WORDFiles
Unicode based on Runtime Data
(WINWORD.EXE
)
WREP<EPuuuuuhWZajjSWjEPWEE@PE@PEHPEHPWuWuWSh 3PPWuuPPuuWuW_^[D$HuV9L$u/&^3UVut"FURPl@StMVP\3^]US]V;PuuuWt_-t9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WriteConsoleA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WriteConsoleW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
writeDebugString
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WriteFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
wsprintfW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WUVW$u Mp0p}0OR4,}jpO0R8u Mp0AfpM0TpM0iBMu P<2pM0R@ pM0R0Mu PD3u(u$u PuuuRu_^]$IH\qVt$t$tjN3^jHXu}uuW9~<uN3bM(eeMQWEPxuMWuMMEEPMEPMEMEEPMEPMWhMjMQPv<EgMEMEMEuM}n@j XEPejhM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WVu^_]=9 D$0 AH@ 3V9 t$v& u@9 F9 L$0 3^U9 SV9 uF3W& tF39 }0 9 E0 EPv@ 9 E9 MPu0 H9 M0 0 X0 Hh9 E0 X9 N0 H0 X0 X9 9 PQ_^3[@ 9 L$& uW 9 D$0 9 PQ3@ U9 30 E9 EVW9 MQP@& w0VhpjjEP,& >tT9 9 URh<sP& |@9 M9 GPQR9 E9 PQ9 69 MQhsV9 & |9 E9 PQ 9 E9 PQ9 9 M_3^PjM>9 9 F030 };u3@! URh<s0 }0 }9 P;|"9 E;t9 jPQ9 E9 WPQ9 E9 PQ9 F09 URh|sP;|9 E;t9 PQ9 E9 PQ9 E9 PQ9 F09 PQ0 ~0yx3U9 QSVWY49 I0u9 & t&9 URh|sQ& |9 E9 SSPQ9 E9 PQ_^[U9 QVW9 39~0td9 F09 URh<sP& |O9 M9 9}t,SF4Pv(^WSWjQR,9 M9 F4Pv(WSWjQR,[Wv(FWPWjQR,9 E9 PQ_^V9 ~0u3^9 F09 PQ9 F0^V9 n9 F,f(& t
Ansi based on Dropped File
(~WRD0000.doc)
WVu^_]=D$AH@3Vt$vu@FL$3^USVuF3WtF3}EEPv@EMPuHMXHhEXNHXXPQ_^3[@L$uWD$PQ3@U3EEVWMQP@w0VhpjjEP,>tTURh<sP|@MGPQREPQ6MQhsV|EPQ EPQM_3^PjM>F03};u3@URh<s}}P;|"E;tjPQEWPQEPQF0URh|sP;|E;tPQEPQEPQF0PQ~0y3UQSVWY4I0ut&URh|sQ|ESSPQEPQ_^[UQVW39~0tdF0URh<sP|OM9}t,SF4Pv(^WSWjQR,MF4Pv(WSWjQR,[Wv(FWPWjQR,EPQ_^V~0u3^F0PQF0^VnF,f(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWq&Y8 |_9 & t~uP8 |^[9 U9 9 E4]jhE6s3G0 }394ujhSYY9 u49t9 nj2Y9 ;u3Qj
Ansi based on Dropped File
(~WRD0000.doc)
WWq&Y8|_t~uP8|^[UE4]jhE6s3G}394ujhSYYu49tnj2Y;u3Qj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWvjPM}zMMV*D$f,F0^D$A,D$A0ItPzU4jP*hEPs@u@u$E4u u@Pu4E(3E9{,tE0]WWMWhM}E0PEPM~ E0u}@jEjEPu4M%MM3E0sHEVEPu4V59{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WWWWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WYehYt-MQV~<PEVMEh,Yt-MQU~PEMEhtEPiZEPEhF/YtP,EME1}u3MM3FjD9a<IM3WWuM}M;uM83IX;uMMMNLP^jHuEeFF4uNIjgHuetPT7X'tj'M4HVvtt^^j.Gj4AYM3E;tPoHUV~4tJPtt2uu\jejhTjjj^]t$Pxjjt$jD$;u|$ujqYY38tbjFMQP|eMt3MM|GMPjjLtP=uVTVX3FVD$tV_GY^V9 0t$DDD,F^j$QFMEu@IXp}Mu}3VSwMu94tjXE)EE)EhhjV5WSEuESj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WYY;6V5P5PYtWVQYYDNVYuWwTY3@_^]jh@]3@Eu9xe;tu.VtWVSE}WVSrEWVSSDEu$u WPS?DWjSBVtWjStu&WVS"u!E}tVtWVSEEEEPQ{YYeE3{U}uuMUY]UEfUf;t@@fuf9t3]UES]f;WtDft:+Mftft++uAAf9uf9tGG@@fu3_[]U S39]u gSSSSSDVuW};t$;u pgSSSSSEBuu?vE?EuEuuPUE;tU;|BMx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W}DE'W}|E
Ansi based on Dropped File
(~WRD0000.doc)
x,M|jV0MPhjV]-8HH"HHHtyu2Yt6;=(uuVuPtj3JuuWPf|teDMQP[tMtuPHSYt3uuVSR$SYtuuVSR(S}YtTuuVSR,S^YJuR}`.S3Ytx<ukj_uHSt9HtYuVSRAYtuVRP$YtuVRL
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x.jhTMWM]hMMFPM]EPNPE;E,;&9u`]URPEQ@Eu;t;t3QPEE;tPQEE;tPQ;9]URPEt;9]wuMEE;OUR]PQ$9]]3]jXfEEEUREuuPEQ,;9]uME;]URPEQ8juMCME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X0 0 F49 2j]M9 0 u<%~t9 E>9 FT;}%f0~89 j9 P~9 j9 P}9 jP}NX9 N,0 M& tf,j19 M& t9 jNX9 E/}E }E NtEvNXEj9 EM9 +y$uA$Vj9 Y& t9 9 Pu3^9 ^U9 QV9 FtPM19 vTMC9 ^j]9 FXPMe~,u+jY9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
X0F}~DCE[F}&}u9]|]}Wj0V}tE`p3_^[U,3EESVW}j^VMQMQp0~+3;u%SSSSS0}ZE;vu3}-+uMQMQP3}-P);tuESVu`M_^3[qU03EESVuWj_WMQMQp0*3;ujSSSSS8}M;vEHE3}-<0u+EPuQW(;tXEH9E|-;E}(:t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X3HHHPHHVNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
x8tP4UM`8jEPKPYt:4+M3@;j@SPCDjS@P3PPjMQj@QPCD\j<PVEP(4T)D09<8 j<PjEP(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x9 5h@H SQ9
Ansi based on Dropped File
(~WRD0000.doc)
x9 @HC9 H yCu`xueSjppj54L 9
Ansi based on Dropped File
(~WRD0000.doc)
x9=u)[9}u{R juYxQhj
Ansi based on Dropped File
(~WRD0000.doc)
x9=u)[9}u{RjuYQhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X: 0 30 H0 H0 H0 P0 H0 HV9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
x@HCHyCu`xueSjppj54L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X\ OX 0K[h Jf eTdpddddde*e>eLe^ere e eefe8deeeW ~[[["[@[V[l[`[V,ddddcccccccac`ctcbcPcDc:cVVVVV VxVfVZVPVDV0V$VVVUUU(U<ULUbUvU U UUUUUTTTbc,c]]bbbb b brb`bNb>b]a].bbbbaa]]]^^aaaaRaraZa@a.aaa``````S```z`n```T`B`2`$``_____a_`_~_j_R_@_(___^^^^^^^ ^^8^J^^^r^[[[ ][\\.\:\H\V\l\ \\~\\\\\\](]@]X]p] ^ : " W$fW8fWW*ZZ
Ansi based on Dropped File
(~WRD0000.doc)
X\OX0K[hJfeTdpddddde*e>eLe^ereeeefe8deeeW[[["[@[V[l[[V,ddddccccccccctcbcPcDc:cVVVVVVxVfVZVPVDV0V$VVVUUU(U<ULUbUvUUUUUUUTTTbc,c]]bbbbbbrb`bNb>b]].bbbbaa]]]^^aaaaaraZa@a.aaa````````z`n```T`B`2`$``_______~_j_R_@_(___^^^^^^^^^8^J^^^r^[[[][\\.\:\H\V\l\\\\\\\\\](]@]X]p]^:W$fW8fWW*ZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X]9 ]DjY;#]Q& u! >& u! 9 U9 V9 MQ0 Y9 0 0^]%9 U9 ( 30 EVtj
Ansi based on Dropped File
(~WRD0000.doc)
X]]DjY;#]Qu>uUVMQY0^]%U(3EVtj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X]u3u`3@N`MMN`H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xB,F1<-uo H0H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xb0 rR ZUTA] q& f& _J j! (VlB}a"!iG/h8I 2!
Ansi based on Dropped File
(~WRD0000.doc)
xBR,RF1<-9 u o H0H
Ansi based on Dropped File
(~WRD0000.doc)
XbrRZUTA]qf_J j(VlB}aiG/h8I 2!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XE0 E9 CE0 E9 CH9M~0 E9 }jEP4\9 }P4KiPu}tuuuu9 D$t$0 9 D$0 "yV9 t$& t(W9 9 +9 +0 Q$0 A(_^V9 3& tjv(v$vS ^U9 SVWjEjPWhjj9 59 Wu9 9 EHQ9 MQRPQu E9 E+ESuW_^[jXf9 9 0 ejhTStve9 0 ejh|9 \v9 }MjjjjsjXf}9 9 0 ejhTSve9 0 ejh|9 v9 }Mjjjj: j*79 39] _9 ! ; QHTE9]R@9E79 uT9 0 u; MS}xVM0 ]0 u" & w0& j Y9 0 ME;tS/*0 E0 ]jH]: Y9 0 ME;t#9 3! PN ]v9 ! PN0Sv9 MEP/PNEvM]nu9 nv9 EPS0 p5(w0)VM2 & tjS9 fPhLh@SDMM |~U9 VS6& t.EP6@ h9 VEPu V^V9 t$W9 & t-~u9 du9 #du9 9 j9 _^U9 9 E;(uu9 u3uuuPW:]39|RRS 3U9 jEjP9 E9 M
Ansi based on Dropped File
(~WRD0000.doc)
XEECEECH9M~EjEP4\P4KiPu}tuuuuD$t$D$"yVt$t(W++Q$A(_^V3tjv(v$v^USVWjEjPWhjj5Wu EHQMQRPQuEE+ESuW_^[jXfejhTtveejh|\vMjjjjsjXfejhTveejh|vMjjjjj*739]_;QHTE9]@9E7uTu;M}xVM]uw0j YME;tS/*E]jH]YME;t#3PN ]vPN0vMEP/PNEvM]nunvEPSp5(w0)VM2tjSfPhLh@SDMM|UV6t.EP6@hVEPuV^Vt$Wt-~udu#duj_^UE;(uuu3uuuPW:]39|RR3UjEjPEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xEMMtj,&t9 Mf30 uM9uu-uM~jVuKVVu;VMR;9 ]Sg;tVjdwwVSMSM jVSMMM]tj,&vs9 u& t?Me(MtjV$VM|MMtVW9 =9 vvvvvvvvvv_^9 A |$V9 uvv9 jh 6vv^j<r0 M39]u39 MS;0 E~u9 Mj lY9 0 M0 ];tj
Ansi based on Dropped File
(~WRD0000.doc)
xEMMtj,&tMf3uM9uu-uM~jVuKVVu;VMR;]Sg;tVjdwwVSMSMjVSMMM]tj,&vsut?Me(MtjV$VM|MMtVW=vvvvvvvvvv_^A |$Vuvvjh6vv^j<rM39]u3MS;E~uMjlYM];tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xf0 P0 Fx9 ^j.h*9 jv$Y9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
Xf0 9 `ML9 `ML%9 D&
Ansi based on Dropped File
(~WRD0000.doc)
Xf0 CC9 E9E 9 t@u f9 f0 CC+]0 ] Pj^;u//0 0im& Y0 ]\3_[^jh0Bo9 Eux/ /3;|; r!v/0 0\/VVVVV9 9 9 L9t;MAu(/0 0/P Y0 u9 D8tuuu~0 E..0 0ME9 EuE Y9 U9 [ 30 E9 EV30 & 40 80 09uu3;u'u.0 0[.VVVVVSW9 }9 4& 9 `X$0 (' t u09 Mu&.30 0-VVVVV C@ tjjju uaY& 9 D m9 @l39H& P9 40 & `39 t P 9 40 & 30 & <9E B0 & D`& ' & g`9 (3
Ansi based on Dropped File
(~WRD0000.doc)
XF42j]Mu<%~tE>FT;%f0~8jPjPjPNXN,Mtf,j1MtjNXE/E ENtEvNXEjEM+y$uA$VjYtPu3^^UQVFtPM1vTMC^j]FXPMe~,u+jYMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XfCCE9Et@uffCC+]]Pj^;u//0imY]\3_[^jh0BoEu/ /3;|;r!v/0\/VVVVVL9t;MAu(/0/PYuD8tuuu~E..0MEEuEYU[3EEV34809uu3;u'u.0[.VVVVVSW}4X$('tu0Mu&.30-VVVVVC@ tjjjuuYDm@l39HP4 `39 tP43<9EBD'g(3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XfMLML%D&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XfPF^j.h*jv$YMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xjt$jv^jhqV9 q& tjv(v$t$t$vS ^VqlW9 `9 & ~,S3& ~S9 & tPC;|jWj9 [_^U9 9 E;u!3@9Eu
Ansi based on Dropped File
(~WRD0000.doc)
xjt$jv^jhqVqtjv(v$t$t$v^VqlW~,S3~StPC;|jWj[_^UE;u!3@9Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xkkkkkkkkkkkkh!N!RkkkkkkkkkO[F
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
XP0 & @" Yf;& @& ;& 8& 09 E9& D '9 `& 8T49 0 D839 @ 9 & 40 @ & 0 & <9M 9 (9 <D+4& H;Ms99 " <& <`A
Ansi based on Dropped File
(~WRD0000.doc)
XP@Yf;@;80E9D'8T4D83@4@<9M (<D+4H;Ms9<<A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xR.jhTM9 WM0 ]hMMFPMa0 ]EPNPE;9 ER,; &9~u`0 ]9 URPEQ@9 E9 u;t;t9 39 QP 9 EE;t9 PQ9 EE;t9 PQ; 9 9~R 0 ]9 URPE t;R 9] wuM9 EE; OUR0 ]9 PQ$9]0 ]}30 ]jXf0 E9 E0 EUR9 9 Eu9 9 uPEQ,;R9] uM9 E; : 0 ]9 URPEQ8juMCME
Ansi based on Dropped File
(~WRD0000.doc)
xt3@3V9 t$38t8FtjPPv` +F^3^9 F^U9 9 E38t?8Ht69MuQQ9 HMQ}uj}ujQup` 0jX]j9Mu9 M}u9 MH}u9 HM0 H3]U9 V9 uW9 }} >t jEPWuvh& uF9 E(9 N9 F9;v+9 9 FWPueR~9 3u_^]U9 QuEjjP! u
Ansi based on Dropped File
(~WRD0000.doc)
xt3@3Vt$38t8FtjPPv`+F^3^F^UE38t?8Ht69MuQQHMQ}uj}ujQup`0jX]j9MuM}uMH}uHMH3]UVuW}}>t jEPWuvhuFE(NF9;v+FWPue~3u_^]UQuEjjPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xt}tE`pE~1]}EPE%PBYYtEjE]EY;J*3]EAEjpUjRQMQVpEP$oEtM}tMap^[U=TuEHw ]juYY]UMS3VW;t};wIj^0SSSSS90u;uBF:tOu;uYIj"Y3_^[]W|$n$L$Wtt=u~3tAt#ttty
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xu%9 M0 B_^[SVW9 T$9 D$9 L$URPQQhR{d5 30 D$d0 %9 D$09 X9 L$,39 pt;9 T$4t;v.4v\9 0 H{uh9 CZ,9 Cl,d_^[9 L$At39 D$9 H38U9 hppp>]9 D$9 T$0 U9 L$9 )qqq(]UVWS9 33333[_^]9 9 9 j+33333U9 SVWjjh3|Qt_^[]U9 l$RQt$]9 U9 f9 Ef0s]f:s0]9 f; `9 f;
Ansi based on Dropped File
(~WRD0000.doc)
xu%MB_^[SVWT$D$L$URPQQh{d53D$d%D$0XL$,3pt;T$4t;v.4v\H{uhCZ,Cl,d_^[L$At3D$H38Uhppp>]D$T$UL$)qqq(]UVWS33333[_^]j+33333USVWjjh3|Qt_^[]Ul$RQt$]UfEf0s]f:s0]f;`f;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y K$FRQ`! Q00 B ! #r0 ;GIF89a : S"!a~!, @> ! 9 RR3 } &RFL~<C\
Ansi based on Dropped File
(~WRD0000.doc)
Y K$FRQ`!Q0B#r;GIF89a!,@>3 &RFL<C\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
y TMS9 T$B9 J3aw9 `3wyMUMTMTM! MMMMM9 T$B9 J3:w[yMTMTMM9 T$B9 J3w(yMT9 T$B9 J3v8yMMZMNTMFTM>TM6TM.TM;MMTMLMMT9 T$B9 JS3iv\`xML9 T$B9 J3Fvgx9 T$B9 J3+v@
Ansi based on Dropped File
(~WRD0000.doc)
Y$-UVuW3;t9}w OjYWWWWW3}fsOj"SEPPEjd[Mj/XfF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y%u @0 tSfzY1e9 E8|=ujVY39 U9 SV9 u9 3W;to= th9 ;t^9uZ9 ;t9uPyOVYY9 ;t9uPyUYYyyYY9 ;tD9u@9 -Py9 +Puy9 +Pgy\y9 = t9uPS75yYY~PEh}t9 ;t9uPyY9_t9 G;t9uPxYMuVxY_^[]9 U9 SV9 5 W9 }W9 ! & tP9 ! & tP9 ! & tP9 ! & tP_PE{h}t9 & tP{t
Ansi based on Dropped File
(~WRD0000.doc)
Y%u @tSfzY1eE8|=ujVY3USVu3W;to=th;t^9uZ;t9uPyOVYY;t9uPyUYYyyYY;tD9u@-Py+Puy+Pgy\y=t9uPS75yYY~PEht;t9uPyY9_tG;t9uPxYMuVxY_^[]USV5W}WtPtPtPtP_PE{httP{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y'u0 Y0 uuY0 EE9 Eu0 YjY9 U9 uu & uP3& tP}8Y]3]9 U9 QeVEPuu: 9 & u9Et 8& t
Ansi based on Dropped File
(~WRD0000.doc)
Y'uYuuYEEEuYjYUuuuP3tP}8Y]3]UQeVEPuuu9Et 8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y)MEP0 M9 M9 uu69 }9 5h jjuuWs ss uuuuuu`U9 9 E0& u3axuX9 Pu9 E0u-9 PVWp,0 Up}EP"9 E_3^u9 E ~3@U9 SW39 9}u3sVW W9 0 E9 0 Em9 5Pu0 EEP9 EWWuP9 9 E"!}~jX9 M;t@0 uuu3@^_[h " *S0 M9 ]& u3EPSH9 uj@& tjPFpj8EjPc9 EjY0 u0 EE u|9 u& tP3Wh2S0 E;tMC8PM0 }80 EChPM89}u;u0 {DCDu}lMM83@ U9 VE9 Pv@ & 9 N8S33;tc9 M9 UWSv4|9 E9 MSvB+P+IQWRh@Ph|9 hS P0 S& 9 =Sjh Sj9 SPhSjS
Ansi based on Dropped File
(~WRD0000.doc)
Y)MEPMMuu6}5h jjuuWs ssuuuuuuUE0u3axuXPuE0u-PVWp,Up}EP"E_3^uE 3@USW39}u3sVWWEEm5PuEEPEWWuPE}~jXM;t@uuu3@^_[h*M]u3EPSHuj@tjPFpj8EjPcEjYuEEu|utP3Wh2E;tMC8PM}8EChPM89}u;u{DCDulMM83@UVEPv@N8S33;tcMUWSv4|EMSvB+P+IQWRh@Ph|hSP=Sjh jSPhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y+x& ~V9 9 Mh[Nu^3@]j$FF0 M9 u9 Q3S9 *K3Gf_9 Eu09 0 8HPWEP9 ^P9 0 ][MMS0 9 L;tHvBVM\M0 }CN9 MEPEP0 ]" Q;t9 ]MM,S9 4jt& FM9 }m9 3;~*3jZQ9 QSP0 9 MTK& & 9 0 ejhXuM M 0 ]F;0 E0 ]}i3CMdIEPM ]M& ;hOM& t0 ^thNM& t0 ^xhNM& t0 ^|hNM& t0 ~ hRN& tm9 N<& u_h 2Y0 EE& t9 R3]0 F<|9 & tpjY0 EE& tj9 }3P9 ] C<9 eMQMQ9 P8& t%}t;9 |9 0 `A;~9 }0 ME@QE9 E;ERE&QMM $V9 t"}_9 L$& |;}9 9 3^V9 ~<t"{& t9 & t5"!9 N<PLR^jG9 0 upy3N,0 },hGN@E\GNPEPGN`EDG} Eq}E&G~9 E)}EO9 j9 EFp@KL0 ~t0 0 ~x0 ~|0 0 0 0 0 ~<9 Vh|9 9 ,h9 h9 h9 h9 h9 h9 h9 h|9 hp9 h`9 hP9 h<9 Sh,9 h9 h9 xh9 lh9 `h9 Th9 Hh9 <hl9 0^U9 }W9 u3>V9 }|'9E}"u9 : N& tu9 EP9 d3^_]V9 9 L$& tyu9 & u9 ^Ul$ 30 & jTRGq9 & 0 E9 & 0 E9 & 3S0 Ex9 Y; K9 ; 6MDj|9 VM0 ]S3hf0 EESPEM[EP9 ED0 EEPM@UuESuhP jVMGSDSME3UjEPM! f9 EDPMUME+M<VMTh0MTMnDPMTVMT t/O,jE& u#SMTO,6DPMTVMT|t149 +hMwTVM Th(MaTMCPMPTh MCT9 E& tf8tPM-ThM Tt(hM
Ansi based on Dropped File
(~WRD0000.doc)
Y+x~VMh[Nu^3@]j$FFMuQ3S*K3Gf_Eu08HPWEP^P][MMSL;tHvBVM\M}CNMEPEP]Q;t]MM,S4jtFMm3;~*3jZQQSPMTKejhXuMM]F;E]i3CMdIEPM]M;hOMt^thNMt^xhNMt^|hNMthNtmN<u_h2YEEt3]F<|tpjYEEtj3P]C<eMQMQP8t%}t;|A;~ME@QEE;EE&QMM$Vt"_L$|;}3^V~<t"{tt5N<PL^jGupy3N,},hGN@E\GNPEPGN`EDGEqE&GE)EOjEFp@KL~t~x~|~<Vh|,h hhhhhhh|hph`hPh<h,hhxhlh`hThHh<hl0^U}Wu3>V}|'9E}"uNtuEPd3^_]VL$tyuu^Ul$3jTRGqEE3SExY;K;6MDj|VM]S3hfEESPEM[EPEDEEPM@UuESuhPjVMGSDSME3UjEPMfEDPMUME+M<VMTh0MTMnDPMTVMTt/O,jEu#SMTO,6DPMTVMT|t14+hMwTVMTh(MaTMCPMPTh MCTEtf8tPM-ThM Tt(hM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y0 ]9 Dt1us
Ansi based on Dropped File
(~WRD0000.doc)
Y0 EEPjh2Eu}_& tP9 E9 @9 PR3@^[jP*z/9 E
Ansi based on Dropped File
(~WRD0000.doc)
Y3C0 ]~uhFP;YY& u0 ]Fe(}u^S FtS@ 9 }9 uj
Ansi based on Dropped File
(~WRD0000.doc)
Y3C]~uhFP;YYu]Fe(}u^SFtS@}uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
y3h9 M\F& t3VMPh M8& tK& P9 ]yPM\EE
Ansi based on Dropped File
(~WRD0000.doc)
y3hM\Ft3VMPhM8tKP]yPM\EE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y9 0 ME;t"vESjuuuPuhS3u9 P]9 9 P3Cj@: 9 MuE3PM0 ]_rMER& t#3M])ZMM9 %9 ;t^hLY9 0 ME;t"vESjSuuPuhSS9 3u} EFaSV9 S9 9 P3Fnjl+
Ansi based on Dropped File
(~WRD0000.doc)
Y9 ^U9 SV9 9 F$W30 ~0;t9 PQ0 ~$9 F(;t9 PQ0 ~(9 F,;t9 PQ0 ~,9 N4;t[EP~9 N4EPEP~& t-9 M;t9 j0 }9 N4EPEP~& u9 N49 WP9 N4;tjB0 ~49 N8;tZEP9 N8EPEP& t-9 M;t9 j0 }9 N8EPEP& u9 N89 WP9 N8;t9 j0 ~8<9 9 ;~.0 }u9
Ansi based on Dropped File
(~WRD0000.doc)
Y9 U9 9 E9 9 DP]jh FEM30 }jY& ubjeY0 }0 }@<9 4& 0 u9 ; Fu\~u9j
Ansi based on Dropped File
(~WRD0000.doc)
Y9 U9 S3SMkr0 8u88]tE9 Map<u8u9 E9 @88]t9 E`p9 [9 U9 30 ES9 ]V9 uWd9 30 };u9 30 u39p E0=r p dP& REPW& 3hCVPZa3B0 {0 s9U } u` FhCVPa9 Mk00 u 0 u*`F t(>9 E` lD;FG;v9 }FF >u9 uE}0 ur9 0 {Cgj0 CC0 tZf9 1Af0 0A@@Ju9 L@;vFF ~& 4C @Iu9 C0 C0 S0 s39 {958& X9 M_^3[ Ojh E }Mp9 0 }9 _h9 uu0 E;C Wh 0 Y9 & F9 wh9 #SuYY0 E& & 9 uvh & u9 Fh=@0 tPU{Y0 ^hS9 = Fp& d}& j
Ansi based on Dropped File
(~WRD0000.doc)
Y9o& tj;oY 0 & 0 0 " 0 0 0 fR" fRfRfR& fRfRS& 9 uE0 & & 00 9 @jP0 & & jPB& 0 & (& 0j& @0 0 & ,< & (P@ j9 U9 9 M9 U#U#0
Ansi based on Dropped File
(~WRD0000.doc)
Y9otj;oYffffffuE0@jPjPB(0j@,<(P@jUMU#U#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y=0&:Q Qa!#V"!" ~(_$! |o/LhXa=-fAvq *0 & qx3x4}
Ansi based on Dropped File
(~WRD0000.doc)
Y=0&:QQa!#V(_$|o/LhXa=-fAvq *q3x4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y^US3W9@t3OV8;tuuuuC9juuuu4tttS8^_[]j(OMu 3M]Puuh VjEPjSuu0;t03PhVAAQQMM]MMEPuEu$;uE 9EuEPM u9M]E;tu$3h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y^USVF$W3~0;tPQ~$F(;tPQ~(F,;tPQ~,N4;t[EP~N4EPEP~t-M;tj}N4EPEP~uN4WPN4;tjB~4N8;tZEPN8EPEPt-M;tj}N8EPEPuN8WPN8;tj~8<;~.}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ 3Y j08M_EMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[03H4t$D$t$ppp0t$AUV3M9u9uS]W3u}EPSuEEuu3}t1}}u8MjEPuMjEPu~MjEPuuEMPdyMEQTyYYMQPV5SjSjuEPuuS_[^U }MuEeS]VW3}EPSuEEut}MjEPuEMPxMEQxYYMQPV5SjSjuEPuuS_^[V?hf$f(^>hD$A(j4:$Luj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3]U$h3SVWSWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3_j03Seh]eMvSSSuEPMEM]MMB\JjScjehoeMeejh|auMuuxMMTj@M@Tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3j,4EEu3;uMjM]}/Ut"EPPEdM]\WMeMETuSh MdEPVSh?SSSMSPh(;u 6M]+\MMjM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3jEbM9ueuMuV=MM9jEM9ueuMuVy;MMe9jEzM79ueuMuV'AMM9njE1M8ueuMuViGMM8%jE>M8E0euMuV;MM8jEMZ8E0euMuVAMM=8VN<tf<^VW?U~jP|$tjdt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3jegud^T3}2 E h|E+~~P~dx!hF<~t~x~|+FFF F0F4F8~h~l~pjeu2Nf<Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3khEPPWEPMdYetEP[j\MN;uj/MxN;MH;}z39]t&VSEPMK^MPEZM]S9]t3Mr+HPFVEPM^MPEwZMER3FM}R3jceMIjEPju3C]8t_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3PSLYE;tPSWPu1uYVjj\PEwM@VWPcVEWPX5hhSdWPhhSEWP@EPEPPu_uEPEPEPuGtu|EuMu=}Dj(3eMD3CM]jhME MEPM"hM"EPhMvPhMMMuEPA#jh|M]EM]xMEEj83eMqM3C]tMEP"]uEPMEtMEP"]jhMMEPM!hM!MEPh|MEQPhMMEP("M]ExMEM]MEEj!4uEPuePMM_t3]SeV!tM&3Gh}|PM*uMM%yuhhh|h|Lt3MM%jMueEPuuu3MMnvEeP M3Fjtd4qMeMEPMEMjjh MjhME3E~YVEPM$ME%PMu"h|MPMJMEP#MEF;|MEsMEgMEMMYUdj04nWhMeWhMWhpMEWhdMEWhLMEMdEM\EM\EMte`EH4u`MtE0P"EPMLEM0EPVMLMLPSMdM ED*E PMEPMLPSMdtEPM Et[M}DuSEPMLM0]PVML
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3Spj,ueEP3CM]tMjh|8]M,MEMEMEEPhM{PVMMtEPRjh|M]EMEM]MEEujtEP$eMt3MM}uMMEME9uMhPVMuMEMEj&FteEP3FMuytMjh|hMJMEPMuEEtj&seEPx3FMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3wVWFPutV%Y_^j8>=$3;u3@]qPEP];9]uME;]URPE;EP;J]URPEQ@Mh|M2uhHM!EPEURPEQ(juM{h0ME5tZME~EPuEE;tPQE];tPQEM;PQM]EPEPME;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3YU}t1j6vYt%umtEPujuu]jGu,hWjEh`hPjjhHWjjELPEEJEN`EJNPEJN@EJN,EJM}sjGjEuYhhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3~T~u3=hu9lu@T~P~u d=hu3@9lt3P~L~u9=h@L~d~u =hr3@9ls3d~UQVWh@3;u3GhW<;t.MQVVuu|9utuMeu3F(W8_^U3EVu3QPPh(P@j}h|PHiM3^U3EVu3QPPh&P@j}h|PhM3^j(5D&eMC3CM]YEPhLhhMEGuMjh|hj\M]uj/M]ta}t(VjEPMmMPEiMENbM+HPFVEPMPmPMEiMEbMEPfkM]]bMEBEU`j(D3WEHP}X3CMH]BZjtMlh|g]XhMqgM`E6BMECaEPMEXPVM`L;uMljh|'g]X#M0XMEXME;ED}\u\EPMGnPM0EhME`M0jYEPM (jM0E+XPM 4iEPhpM XPVM`Et8jMHWPM[E@tMMH+;}@M EY`E\E\;ED5Mljh|f]XME,`M0E `MEjeM`E@M]_MHE_ElMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[8j4#+9 hY0 Ee& t9 33MM0 FhW3jChM0 ]OfEPEPEYYM]U`~0E jjjj9 0 eP0 i9 NSwMWjhMEeEPEPE(YYME_jjjjE9 0 eP-i9 NSwM]_jjjj9 0 ePi9 NS(wMM" _xV9 D$tVY9 ^9 Uhh +3M0 ]W|9 VMEeWVMEdWVM@EdWVM0EdWVMPEdWVM EdME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[8j4#+hYEet33MMFhW3jChM]OfEPEPEYYM]U`~0EjjjjePiNSwMWjhMEeEPEPE(YYME_jjjjEeP-iNSwM]_jjjjePiNS(wMM_VD$tVY^Uhh+3M]W|VMEeWVMEdWVM@EdWVM0EdWVMPEdWVM EdME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[9 3Y j0R8M_9 E9 M`& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 03H4t$9 D$t$ppp0t$AU9 V30 M9u 9u S9 ]W30 u}EPS & u9 E0 E0 u9 u3}& t1}}u89 MjEPu9 MjEPu~9 MjEPuu9 E9 MPdy9 M9 9 EQTyYYMQPV9 5 SjSjuEPuuS_[^U9 }0 M uR 0 E& eS9 ]VW3}EPS & u9 E0 E9 u& t}9 MjEPuS9 E9 MPx9 M9 9 EQ xYYMQPV9 5 SjSjuEPuuS_^[V9 ?hf$f(9 ^>h9 D$0 A(j4:$L9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3"!jegx9 0 ud^T39 0 }2 } E h|9 9 E+0 ~0 ~P0 ~dx!h } 0 F<0 ~t0 ~x0 ~|+0 F0 F0 F 0 F00 F40 F8 0 0 0 0 ~h0 ~l0 0 ~p9 }xje~9 0 u29 Nf<E& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3]U$h 30 & 9 & S9 VW9 SWh
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3_Rj03S9 0 ehS0 ]eMvSSSuEPMEM9 ]MMB\9 JjScj9 0 ehSoeMe9 0 ejh|9 auMuuxMM9 T9 j@ 9 M@T& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3j,4EE9 & u 9 3;uMjM0 ] & 9 }& & 9 & & 9 /U& t"EP9 P9 EdM] \WMeMET& uSh MdEPVSh?SSSMSPh ( ;u 9 6M]+\MMj9 M]
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3jEbM9 9ueuMuV=MM9 99 jEM9 9ueuMuVy;MM9 e99 jEzM9 79ueuMuV'AMM9 99 njE! 1M9 8ueuMuViGMM9 89 %jE>M9 89 E0euMuV;MM9 89 jEM9 Z89 E0euMuVAMM9 =89 V9 9 N<& t f<^V9 W9 ?U& ~9 j9 P|$t9 j9 }d9 & t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3khEP& P WEPMdYe& tEP9 [j\MN9 ;uj/MxN9 ; ! MH;}z39]t&VSEPMK^9 MPEZM]S9]t3Mr+HPFVEPM^9 MPEwZMER3FM0 }R9 3jc9 eMRIjEPju3C9 0 ]8& t_M
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3P9 SLSY0 E;tPSWP& u1u YVjj& \PEwSM@9 V& WPc: VEWPX: 9 5 hShSd& WPhShSEWP@EPEP& Pu_& uEPEPEPuG& tu| Eu9 M u=: 9 }Dj(3eMD3CM0 ]jhSME 9 MEPM"hM"!"EPhMvPh MM9 M& uEPA#jh|9 M0 ]EM]xME9 Ej83}9 eMq9 M3C0 ]& t9 MEP"0 ]uEP9 ME& t9 MEP"0 ]jhMME PM!hM !MEPh|9 MEQPh M9 MEP("M0 ]ExMEM]MEx9 E}j!49 uEP9 ueP9 MM_9 & t3a9 ]S9 0 eV !9 & tM&3GhR9 0 }|PM*& uMM%9 y& uhh9 9 h|9 h9 |9 L& t3MM%9 j R9 MueEPu9 u& u3MMn9 vE9 0 eP 9 M3Fjtd4qRM eMEPM EM& jjh M9 jhME3E& ~YVEPM$ME%PM& u"h|9 MPMJ9 MEP#ME F;|MEsMEgMEMM YRUdj04n9 WhMeWh MWhpMEWhdMEWhLMEMdEM\E M\E9 Mt9 e`0 EH& }4u`9 MtE0P"EPMLEM0EPVMLMLPSMdM 0 ED*E PMEPML PSMd& tEPM E& t[M}DuSEPML9 M0]PVML:
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3Spj,ueEP3CM0 ]& t9 Mjh|9 80 ]M,MEME"!ME9 EPh M{PVM9 M& tEPRjh|9 M0 ]E"!MEM]ME9 EujtEP$eM& t3MM}9 & uMME"!ME9uMh 9 PVMuM9 EME j&FteEP9 3FM0 uy& t9 Mjh|9 hMJ9 MEPM0 uE9 Etj&seEPx3FM0 u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3wV9 WFP 9 & u& t9 V%Y9 _^j8>=$9 3;u3@ 0 ]qPEP9 0 ];R9] uM9 E; 0 ]9 URPE ;9 ERP; J0 ]9 URPEQ@Mh|9 M2 uhHM! EP9 E9 URPEQ(juM{h0ME5& tZME~EPu9 EE;t9 PQ9 E];t9 PQ9 EM; 9 PQM0 ]EPEPME ;u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3YU9 }t1j6vY& t%u9 m& tEPujuu]jG9 0 u,h xWjE h`hPjj9 hHWjj}ELP}E}EJ} EN`EJNPEJN@EJN,E"!JM9 }sj`GjEu9 Y& h xhj
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 ]9 E9 9 3= 9 9 eE39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 ]9 U9 QQVJ9 & F9 V\W9 }9 S99t9 k;rk;s99u9 3& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 Mh3Rl9 E<+EHM=:E }UPuD3& tCjjMLME^M ERM@E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 P3E: T9v& \PM0 ]4j\ME&M9 HhM;u"33EPM: "P0 EuME+WEu$3ME+M\*9 >9 p9 =jE,PM0MEJ#& & hMW'& & hMB'& & EtrjE,PM [0M E"& uO9 & vIH0 & \PM3E,PME2SVE9 0 eP9 39 M-ME *M p& \PMc3E,PMEt2& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 S3~T~u3=hu9lu@T~P~u d=hu3@9lt3P~L~u9=h@L~d~u =hr3@9ls3d~U9 QVWh@9 3;u3Gh W<;t.MQVVu0 u& |9utu9 Meu3F(& W89 _^U9 30 EV9 u3QPPh( P0 & @j9 & }h|9 & PHi9 M9 3^U9 30 EV9 u3QPPh& P0 & @j9 & }h|9 & Ph9 M9 3^j(5D&eMC3CM0 ]YEPhLhh MEG& u9 Mjh|9 hj\M]9 uj/M]9 ta}t(VjEPMm9 MPEiMENbM+HPFVEPMPmPMEiMEb9 MEPfkM0 ]]bMEB9 EU`j(D3WEHP0 }X3CMH0 ]BZj& t9 Mlh|9 g0 ]XhMqgM`E6BMECaEPMEXP VM`L;u9 Mljh|9 'g0 ]X#M0XMEXME! ;0 ED0 }\}u\EPMGnPM0E& hME`M0jY& & EPM (jM0E+XPM 4iEPhpM XPVM`9 E& t8jMHWPM[0 E@tMMH9 +;}@ RM EY`E\9 E\;EDR59 Mljh|9 f0 ]XME,`M0E `MEjeM`E@M]_MHE_9 El9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 x3x9 mj0hP"!'9 30 };u0 ] 3EPhwEPu& & t 9]tu;tWuEjP";& O9 MLmPh(h'j6*59 D$V9 0 & t9 PQ9 ^V9 V& }P|$jXf0 u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[\judM9 MHEPE P0 uM Eh& tM EMM9 xMMXE\MLEavMLE}0 ETjEPM PuTMXHMFM0 EPERh9 ]l3@;E|9 PM79 }h& tl3& ~f9 & tZjPM8M8E& u3j_KY9 0 MlE& tE8PQ3PE8PMEM8EF;|a39uP~}VE8PMM8E9& uNEdPE8PM& uM8PM PuTMXE8PM0 Ed& t9 j9 M8EVF;uP|E0PM349 Md9 & t+j PM PuTMX& t3G9 j9 EdPE0PM & u3VM}M;t9 MHVV5p&ME! mMLE}tMXEcME3Fj O9 EPy~9 }eWE9 0 eP9 & uMMR3ZP9 & uhh9 9 h|9 h9 9 "!3& tMM9 FjN&Oee9 uVQeh9 Ehx9 9 OjN9 & t3@OEP9 eM& tMMe9 MMEsME'|9 EPhM PVM& uE9 uMErME9 j}'N9 EPn" eM^& & MvME{rME {9 EPh8MPVMGEM& t(9 uErME+MMi9 qN rME9 9 SVW9 j9 ~NY9 9 +#3;x_^[9 Vt$9 & u3-9 L$hot$9 & t9 +9 L$0 3@^j&LeEP3FM0 u2& t9 Mjh|9 vDhMhMhMK9 MPM:9 MEPM0 uEE9 ELMj&eLeEP)3FM0 u& t9 Mjh|9 DhMihM\hM9 M5PM9 MEPM0 uE9 ELj&KeEP3FM0 u& t9 Mjh|9 BDhMhMhM9 M: PM9 MEPwM0 uE9 ELV9 & t3@^9 ^SW9 9 & u9 W3VjLY9 9 +3;x^9 _[VW9 {9 9 Gj9 Kk<Y+3;x_^9 j4J9 MHE3P9 0 ]PMEM]@M& tMM(9 MEP9 EM; hMSPMhMM`EPMEM;uMjhMEPEP9 E.MEMEEM]v3C:ME&EP9 9 EP9 wS9 }Jk<+;YM]-MM!3]MM3@Jj(J+IeuEP83CM0 ][& t9 Mjhx0 ]M METMEYmMEuv9 EPhHMPVM\9 M& tEPjh0M0 ]EmMEM].ME"9 E)Ij}BH9 & t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[\judMMHEPE PuM EhtM EMMMMXE\MLEavMLE}ETjEPM PuTMXHMFMEPEh]l3@;E|PM7}htl3~ftZjPM8M8Eu3j_KYMlEtE8PQ3PE8PMEM8EF;|39uP~}VE8PMM8E9uNEdPE8PMuM8PM PuTMXE8PMEdtjM8EVF;uP|E0PM34Mdt+jPM PuTMXt3GjEdPE0PMu3VM}M;tMHVV5p&MEmMLE}tMXEcME3FjOEPy}eWEePuMMR3ZPuhhh|h3tMMFjN&OeeuVQehEhxOjNt3@OEPeMtMMeMMEsME'|EPhMPVMuEuMErMEj}'NEPneM^MvME{rME{EPh8MPVMGEMt(uErME+MMiqN rMESVWj~NY+#3;_^[Vt$u3-L$hot$t+L$3@^j&LeEP3FMu2tMjh|vDhMhMhMKMPM:MEPMuEEELMj&eLeEP)3FMutMjh|DhMihM\hMM5PMMEPMuEELj&KeEP3FMutMjh|BDhMhMhMMPMMEPwMuEELVt3@^^SWuW3VjLY+3;^_[VW{GjKk<Y+3;_^j4JMHE3P]PMEM]@MtMM(MEPEM;hMSPMhMMEPMEM;uMjhMEPEPE.MEMEEM]v3C:ME&EPEPwSJk<+;YM]-MM!3]MM3@Jj(J+IeuEP83CM][tMjh]MMETMEYmMEuvEPhHMPVM\MtEPjh0M]EmMEM].ME"E)Ij}BHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[]E3=eE3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[]UQQVJFV\W}S99tk;rk;s99u3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[`j\69 EPK3M0 ];ME/SMESEPE9 0 ePE M ; \M & & LuEPEP9 R; 2Ml& & "9 M\& & VhPMa9 MEdM9 dM;v4E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[`j\6EPK3M];ME/SMESEPEePEM;\MLuEPEP;2Ml"M\VhPMMEdMdM;v4E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[`MnR9 }lPh9 MVRPh9 qMARPh9 \M4,RPh9 GMRPh9 2Sh9 lM 9 Ph|9 9uhuMD9 Ph\9 9uptSj8Y0 EpE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[`Mn}lPhMVPhqMAPh\M4,PhGMPh2ShlM Ph|9uhuMDPh\9uptSj8YEpE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[d9 MlE0P$iM 0 ]XE_ j$_eEP3CM0 ]X& t9 Mjh|9 ^e0 ]jj\MZ9 u!j/MZ9 u9 MPh|9 )eM+HPFVEPMMj9 MEPExhM0 ]]_ME_9 EUl$ 30 & jHD=H~& 0 W& u!H~zeeM! U3ECPM]EPEPME EPMExb& t80 H~ME[^M]P^MED^M9 MV& uVEPMogVMEeMiUPMeEPMbEM& t0 H~]l]EPEPE& tAEPMgVMEveEPMjeEPMaEM& u t]%H~MEa]M]V]MEJ]MH~9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[dj x)9 9 }& u3@9 $o
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[djx)}u3@$o
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[dMlE0P$iM ]XE_j$_eEP3CM]XtMjh|^e]jj\MZu!j/MZuMPh|)eM+HPFVEPMMjMEPExhM]]_ME_EUl$3jHD=H~Wu!H~zeeMU3ECPM]EPEPMEEPMEbt8H~ME[^M]P^MED^MMVuVEPMogVMEeMiUPMeEPMbEMtH~]l]EPEPEtAEPMgVMEveEPMjeEPMaEMut]%H~MEa]M]V]MEJ]MH~Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hj,9 }& tOW& tD9 uF,PMae~HuN9 j
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hj,}tOWtDuF,PMe~HuNj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[HU9 D 30 EVE9 Pv 9 jP9 RPEPv 9 M33^_jdj(9 9 N3;t{Wjg9 NWjm9 NWji&9}tXWWMu*jjgM0 }n+EPEPM8;t9 E9 N0 E9 E0 EWEP0 }0 }EVMM`* jj5qjdj(%9 9 N3; WS:9 NWhR9 NWhj9}tWWWM)jSM0 }*EPEPML7;t9 E9 N0 E9 E0 EWEP0 }0 }`UMM)ejj5qV9 }D$tVeY9 ^V9 BfPfTh9 ^j(.9 0 uh9 NPe& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hU9 Qe99 Mjthh(9 EU9 Qe99 Mjthh(9 EU9 Qe99 Mjth8hP 9 Ej`%50 M9 M}M0 E]
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[HUD3EVEPvjPRPEPvM33^_jdj(N3;t{WjgNWjmNWji&9}tXWWMu*jjgM}n+EPEPM8;tENEEEWEP}}EVMM* jj5qjdj(%N3;WS:NWhRNWhj9}tWWWM)jSM}*EPEPML7;tENEEEWEP}}UMM)ejj5qVD$tVeY^VBfPfTh^j(.uhNPet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hUlhLulMxMTWedEE@@udMT3}`;YE Ph\M ]3tP/E/tE6EPME4EPGEPEPPN4E,>ME6ME6hM 3EPE.MED6t(EP\$PE=ME6,$Vexjh`;{uj-j. 3hTM k2EX;h]\YExE;t{eh}XEuhE0PM0E-M0h\1EPJME-u7MlEPMlEPdPPKhEs<dM+EPexjhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hUlhxL9 0 ul9 Mx9 0 MT& WedE0 E@& @ud9 MT9 30 }`; YE P9 h\: M 0 ]3& & tP9 /9 E /9 tE6 EP9 ME4EP9 GEPEP9 PN4E,>ME 6ME6 hM 3& E P9 `9 E.9 M ED6 t(E P9 \$P9 E=M E6,$V9 0 exjh`;9 {& uj9 -9 j.& & 9 3hTM k2& 9 S0 EX; h0 ]\Y0 ExE;t9 {9 eh}XE uh9 9 & E0P9 M0E-M0& & h\: 1& EP9 JMES-& u79 MlEP 9 MlEP& dPPKhEs<dM+EP9 0 exjhE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hUQe9Mjthh(EUQe9Mjthh(EUQe9Mjth8hPEj`%5MM}ME]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[lh0hjgD$V9 tV'Y9 ^QjhyjjYU9 V9 u&hpu&YY& uh u&YY& t9 E0 9 6& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[lh0hjgD$VtV'Y^QjhyjjYUVu&hpu&YYuhu&YYtE6t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ljt6` 9 ej8& 9 9 & & u<& 99 3l0 H0 H0 H0 Hl9 I& tQ\ 9 D$V9 ~0 F9 D$0 F9 D$0 FuX 0 F39F^" U9 0V9 ~u3dj0EjP`9 E9 ME0E0 E9 M0 E`}0 EtEveP MQjPvT ^U9 0V9 ~u3>j0EjP2`vE0EEP MQjPvT ^V9 vD vH 9 D$jv(jt$t$PvL ^V9 D$tVY9 ^% % % %L& %H& 9 D$Pt$t$ 9 D$Pt$t$" V9 30 F0 F0 F 9 ^U9 Q`MS3;}=}GV9 5 SSjEPSuM]& 3#W3f0 Ej}fEPjEPSuf9 E_^[9 A9 D$;Ar39 If9 A9 D$;As9 If9 T$f0 AV9 9 F& u!F^PY0 F^VW39 9 F9|$t;tPY0 ~0 ~;t9 NQWPS0 ~_^9 D$V9 W;Fr~@3j0 FZ9Nu%Q9 NQjP0 F
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[ljt6ej8u<93lHHHHlItQ\D$V~FD$FD$FuXF39F^U0V~u3dj0EjPEME0EEME`}EtEvePMQjPvT^U0V~u3>j0EjP2vE0EEPMQjPvT^VvDvHD$jv(jt$t$PvL^VD$tVY^%%%%L%HD$Pt$t$D$Pt$t$V3FFF^UQMS3;}=}GV5SSjEPSuM]3#W3fEj}fEPjEPSufE_^[AD$;Ar3IfAD$;AsIfT$fAVFu!F^PYF^VW3F9|$t;tPY~~;tNQWPS~_^D$VW;Fr~@3jFZ9Nu%QNQjPF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[lV9 0}
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[Mh3RlE<+EHM=:E }UPuD3tCjjMLME^M ERM@E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[p& t9 j9 MM 19 ulEd9 Ed;E@ ~V9 D$tVY9 ^V9 }D$tVY9 ^jXL9 9 M*& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[P3ET9v\PM]4j\ME&MHhM;u"33EPM"PEuME+WEu$3ME+M\*>p=jE,PM0MEJ#hMW'hMB'EtrjE,PM[0ME"uOvIH\PM3E,PME2SVEeP3M-ME *Mp\PMc3E,PMEt2t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[p9 0 exjhaE@Pp!EPjpEp#E PSp`#SVEPPM09 ExPhM`MPERSVEPPM9 ExxPhRM`MPESVEPPM o9 E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pexjhE@Pp!EPjpEp#E PSp`#SVEPPM0EPhM`MPERSVEPPMEPhM`MPESVEPPM oE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pjX49 9 M& :O& -h xhj4OMeMYj0 EY9 0 ME& t9 3u9 hE9 MVMT EPMEMS"aEPMSELEPjhMEMQMSQPjOPEM9 E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pjX4M:O-hhj4OMeMYjEYMEt3uhEMVMTEPMEM"EPMELEPjhMEMQMQPjOPEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pM ME^MERMEFM8E:M ESE P9 EMx0 El; SSEHPM0 ]l; M9 0 Mh; " hxO9 ;u\3M E=M8EMEMEMEM]MMH9 EXP9 PME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pMb+MlE=MdEBMdE^0 E\EPMH"Pu\Ml};u(MdEMlEM]R0jM" 0 E`;u83MdEMlEM]S0MMH*9 1M(!ME!ME*MEER)jME"!(9]`0 ]h}uhEPM7PM(E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pMb+MlE=MdEBMdE^E\EPMH"Pu\Ml;u(MdEMlEM]0jME`;u83MdEMlEM]S0MMH*1M(!ME!ME*MEE)jME(9]`]huhEPM7PM(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pMME^MERMEFM8E:M ESE PEMEl;SSEHPM]l;MMh;hxO;u\3M E=M8EMEMEMEM]MMHEXPPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ptjMM 1ulEdEd;E@~VD$tVY^V}D$tVY^jXLM*t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[t9 D$& txu9 0 9 PR\3U9 Q9 Mejh 9 $59 Ej.l9 j z~Y9 0 Me& tj3Pj5(v0V9 ND$tV%Y9 ^l$vl$9 vl$ul$! vl$mvl$-l$Vvl$ul$ Rvl$8vl$P! ul$zul$Xvl$
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[tD$txuPR\3UQMejh$5Ej.lj zYMetj3Pj5(v0VND$tV%Y^l$vl$vl$ul$vl$mvl$-l$Vvl$ul$ Rvl$8vl$Pul$zul$Xvl$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ThxE P9 ^h\E0P9 EJ9 u`P9 E2M0E*+9 0 "PM "PhWjihM ~'& h9 9 0 M`& e\0 EP& }u\9 M`9 & & hSE0P9 hE@P9 E~hRM0E'& t4M@"& u(E@P}1M@!Ph`Wj: M@E**M0E*E\9 E\;EPRWM E)3FHV9 (D$tVY9 ^V9 TaD$tVxY9 ^j ~9 39} : 9} Wh{h{Wu9 ;tu9 MhK;t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[ThxE P^h\E0PEJu`PE2M0E*+"PM "PhWjihM 'hM`e\EPu\M`hE0PhE@PE~hM0E't4M@"u(E@P1M@!Ph`WjM@E**M0E*E\E\;EPWM E)3FHV(D$tVY^VTD$tVY^j39}9}Wh{h{Wu;tuMhK;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[tu\9 M`h*j>9 E& t9 VP9 5EP9 EXE& t9 PQME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[tu\M`h*j>EtVP5EPEXEtPQME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[x3xmj0hP'3};u]3EPhwEPut 9]tu;tWuEjP";OMLmPh(h'j6*5D$VtPQ^VV}P|$jXfu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XM#ME9 MPSEPE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[XM#MEMPSEPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XM3CM0 ]ZEPu`ME& u3M]VMM9 M$MEM4EWhMDEE$PEDPE.YYMDEWh`MDEPEDPEYYMDEWhMD E4PEDPEYYMDE: MT@MTEDu`N0 h}N$X|9 W}GWNH>EPN
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[XM3CM]ZEPu`MEu3M]VMMM$MEM4EWhMDEE$PEDPE.YYMDEWh`MDEPEDPEYYMDEWhMDE4PEDPEYYMDEMT@MTEDu`NhN$X|WGWNH>EPN
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XMjjE@PMEZMuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XMxjjE@PMEZM& uE
Ansi based on Dropped File
(~WRD0000.doc)
Y__^[9 ]Q9 M3 9 M3w9 U9 ]%9 U9 QQEP 9 E9 Mj *h !NbQPN^& |=v0 E9 M& t0 9 ``U9 U9 S9 ]VW9 U9 & t&P9 FV&YY0 G& t3VPB/gG9 _^[]9 U9 9 9 MU9 `0 H]9 U9 S9 ]V9 U9 C0 F& 9 CWt1& t'P& 9 GW %YY0 F& tsWP.f0 F_9 ^[]yUtq{$Y9 A& uU9 U9 VEP9 V9 ^]9 U9 Vu9 RV9 ^]V 9 U9 VEP9 V9 ^]9 U9 Vu9 V9 ^]9 U9 Vu9 V9 ^]9 U9 Vu9 V9 ^]V9 U9 V9
Ansi based on Dropped File
(~WRD0000.doc)
Y__^[9 ]Q9 U9 S9 ]V9 s35 W9 EE{t
Ansi based on Dropped File
(~WRD0000.doc)
Y__^[]QM3M3wU]%UQQEPEMj*h!NbQPN^|=vEMt``UUS]VWUt&PFV&YYGt3VPB/gG_^[]UMU`H]US]VUCFCWt1t'PGW%YYFtsWP.fF_^[]yUtq{$YAuUUVEPV^]UVuRV^]VUVEPV^]UVuV^]UVu V^]UVu V^]VUV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y__^[]QUS]Vs35WEE{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Ye9 CH9 CL9 CP30 E}f9 LCf0 E<@30 E=}
Ansi based on Dropped File
(~WRD0000.doc)
Ye9 wh0 u;5ht6& tV & u@0 tVy~Yh0 Gh9 5h0 uV E}9 uj
Ansi based on Dropped File
(~WRD0000.doc)
YeCHCLCP3E}fLCfE<@3E=}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YEEPjh2Eu}_tPE@PR3@^[jP*z/E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YEPjh2EEu}_^[U9 hSV39 9uu3fWj@EVP:j(EVP:9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
YEPjh2EEu}_^[UhSV39uu3fWj@EVP:j(EVP:Ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Yewhu;5ht6tVu@tVy~YhGh5huVEuj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Yjj j ! 0 Mh xSj*}up9 u& tiMhleEP9 9 u9 W& uhHSj)MMMu4EPEP}MM,u3@h Sj|)3jL89 9 u3; 9~ 9 N9 Pl& MkEPV9 0 }&; M7m& & WhxthtWv9 & t{9 FVPM EPEP9 MQ9 w tJEPM}0 }EPME>EPEP9 EMEtMEtMMtU9 VuEP9 VvMEPM tuEP9 /^jL9 M~j9 }eEPW9 & Ml& u|EPEP9 9 FVPMaEPM` tJEPM|0 }EPME'EPEP9 EMEsMErMMrj$9 uEPl9 FVPMEPM9 } u9 MGPt t=uM{eeEPWuEP9 9 9 @M0 MM0 E`rM _j0x9 0 ue6mY5U9 VuEP9 zeEPuuuuWuEu9 uuP9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^jD9 r2hRM\eEPM(\h\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
Yjjj MhSj*}uputiMhleEPuWuhHSj)MMMu4EPEPMM,u3@h Sj|)3jL8u3;9~NPlMkEPV}&;M7mWhxthtWvt{FVPMEPEPMQwtJEPM}}EPME>EPEPEMEtMEtMMtUVuEPVvMEPMtuEP/^jLM~j}eEPWMlu|EPEPFVPMaEPM`tJEPM|}EPME'EPEPEMEsMErMMrj$uEPlFVPMEPM}uMGPtt=uM{eeEPWuEP@MMME`rM_j0xue6mY5UVuEPzeEPuuuuWuEuuuPE^UVVvMFV0MuEuuuPvffY^jDr2hM\eEPM(\h\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YM0GP;Y|RLE9u|u>3MEOMEO$Et|}f3Ft$3VD$tVY^UQeVEPvtFE^UQeVEPvtFE^j{duN0h1EE3FE}F~ ~$~,~(~?FF^H~@FD~ah10zNj[3EPN0}~,~(UMM~~@~ ~$=NGD$Vf,jN0F(Ef@f f$F^Vt$N_tP^VjN0ED$f,f(F@D$FFFD^VWN03)Fu9~t!9~,t~t9~(t~t9~@t~u3G_^D$AD$AUQ3;U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YM9 0GP;Y|RLE9u|& u>3MEOME" O$Et|0 }f9 9 3Ft$3& ~9 V9 D$tVY9 ^U9 QeVE9 Pv& t0 F9 E^U9 QeVE9 Pv& t0 F9 E^j{d9 0 uN0h1E9 E30 F9 E0 }0 F0 ~ 0 ~$0 ~,0 ~(0 ~?F0 F^H0 ~@FD0 ~9 ~ah10zNj[9 3EPN00 }0 ~,0 ~(UMM0 ~0 ~@0 ~ 0 ~$=NG9 D$V9 f,jN00 F(Ef@f f$F^Vt$9 9 N_& tP9 ^V9 jN0}E9 D$f,f(0 F@9 D$FF0 FD^V9 WN03)F& u9~t!9~,t~t9~(t~t9~@t~u3G9 _^9 D$0 A9 D$0 AU9 9 Q3;0 U
Ansi based on Dropped File
(~WRD0000.doc)
YM\& uM\PMhx & (P9 (}PM\E(E
Ansi based on Dropped File
(~WRD0000.doc)
YM\uM\PMhx(P(}PM\E(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YME;t"vESjuuuPuh3uP]P3Cj@MuE3PM]_rMERt#3M])ZMM%;t^hLYME;t"vESjSuuPuhS3uEFaSVSP3Fnjl+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YP& uP0 E0 ]9]t9 M0 ME9 ESu5Yjh FbS9 M3;v.jX3;E@uoWWWWW13M9 0 u;u3F30 ]wi=|uK0 u9 E;lw7jnY0 }utY0 EE_9 ];tuWSL5;uaVj54$ 9 ;uL9=St3V]`Y& & r9 E; PE39 ujY;u
Ansi based on Dropped File
(~WRD0000.doc)
YPa3" I9 ^]jhA339u" ;u>VVVVV>9 };t
Ansi based on Dropped File
(~WRD0000.doc)
YPa3I^]jhA339u;u>VVVVV>};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YPuPE]9]tMMEESu5Yjh FbSM3;v.jX3;E@uoWWWWW13Mu;u3F3]wi=|uKuE;lw7jnY}utYEE_];tuWSL5;uaVj54$;uL9=t3V]YrE;PE3ujY;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yTMST$BJ3w3wyMUMTMTMMMMMMT$BJ3:w[yMTMTMMT$BJ3w(yMTT$BJ3v8yMMZMNTMFTM>TM6TM.TM;MMTMLMMTT$BJ3iv\xMLT$BJ3FvgxT$BJ3+v@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YtPuuu@DtjjYY;tVYPXu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yu9 Q9 R9QuSQ SQ 9 L$0 K0 C0 kUQPXY]Y[9 U9 SVWse=9 & }hg 9 & *9 5<hgW& P:s$gWP%s$RgWPs$pgWPrY& thXgWPrY;tO9tGPAs59 4sYY9 & t,& t(& tMQjMQjP& tEuM 9;t0PrY& t%0 E& t;tPrY& tu0 E5rY& tuuuu3_^[9 U9 9 MV3;|~u ( 0
Ansi based on Dropped File
(~WRD0000.doc)
YUEDP]jhFEM3}jYubjeY}}@<4u;Fu\~u9j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yuQR9QuSQSQL$KCkUQPXY]Y[USVWse=hg*5<hgWP:s$gWP%s$gWPs$pgWPrYthXgWPrY;tO9tGPAs54sYYt,t(tMQjMQjPtEuM 9;t0PrYt%Et;tPrYtuE5rYtuuuu3_^[UMV3;|~u(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YUS3SMkr8u88]tEMap<u8uE@88]tE`p[U 3ES]VuWd3};u3u39pE0=rpdPREPW3hCVPZa3B{s9U}uFhCVPaMk0uu*Ft(>ElD;FG;v}FF>uuE}ur{CgjCCtZf1Af0A@@JuL@;vFF~4C@IuCCSs3{958XM_^3[OjhE}Mp}_huuE;CWh YFwh#SuYYEuvhuFh=@tPU{Y^hS=Fpdj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YY0 ]9u,hW 6YY& uWqY0 ]0 >WpYE9 Erj
Ansi based on Dropped File
(~WRD0000.doc)
YY]9u,hW6YYuWqY]>WpYEErj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYH& w& tAJu9 39 9 9 3}9 ! "[9 _^]t$t$YYt$pY9 D$3;t19 H;t*V0 P0 P0 P9 qR0 1P9 @p 3^jXV9 t$& t09 F& t)~$t#9 @& tVPaYYvv(V$fYY3^jX^V9 t$W3;ujX 0 ~9~ u
Ansi based on Dropped File
(~WRD0000.doc)
YYHwtAJu33}"[_^]t$t$YYt$pYD$3;t1H;t*VPPPqR1P@p3^jXVt$t0Ft)~$t#@tVPaYYvv(V$fYY3^jX^Vt$W3;ujX~9~ u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYME/M A'PhvM E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yyy9 L$t` tfu0 ~9 39 t t4 t'tt0 9 D$_f0 9 D$G_f0 9 D$_9 D$_9 T$9 L$u<9 :u.
Ansi based on Dropped File
(~WRD0000.doc)
yyyL$ttfu~3tt4t'ttD$_fD$G_fD$_D$_T$L$u<:u.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYYYYYDQ-)
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYS"
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYYY(0%=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYYYYKE: YYYYYYYYYYYTD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYHYYYYYYYYY(0%=V#YYYYYYYYII GYYYYYYYS"5/WYYYYYY&+YYYYYYDQ-),RP*YYYYYY@9U6G8F1MYYYYYY>?3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y}0f0fV0fF0fV[00fFfV3_^UVuW3;t9}w8OjYWWWWW|3}fsOj"SEPPEj:ZfV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y}9 "!0f0 0f0 V9 "!0f0 F0f0 V9 "![00f0 Ff0 V3_^9 U9 V9 uW3;t9}w8OjYWWWWW9 0 9 |3}f0 sOj"SEPP Ej:Zf0 V
Ansi based on Dropped File
(~WRD0000.doc)
Y}uF+49 0 u}uyG+j@j YY0 E& ta0 9 ;s@@
Ansi based on Dropped File
(~WRD0000.doc)
Y}uF+4u}uyG+j@j YYEta ;s@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z'M>: SmmYxxmWebDispatcherRefreshDebugDownloadWebDispacherRegMonitorThreadPoolSingletonUnloadingLoadingSBrowserProcessSpecialHTTPRegistryInfo_LowInfo_MedInfo_HighGeneralWarningErrorCritical] [Ln:)[TID:][EndLogger--== Logger finished ==--
Ansi based on Dropped File
(~WRD0000.doc)
Z'M>SmmYmWebDispatcherRefreshDebugDownloadWebDispacherRegMonitorThreadPoolSingletonUnloadingLoadingSBrowserProcessSpecialHTTPRegistryInfo_LowInfo_MedInfo_HighGeneralWarningErrorCritical] [Ln:)[TID:][EndLogger--== Logger finished ==--
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z0! l.:gP`b;W39,LA@" 6L AD`Q B& m@AFE H8p`( 0cL R;GIF89a\|}x "!tG ~9 ~ Sx R!\, \\ Y
Ansi based on Dropped File
(~WRD0000.doc)
Z0l.:gP`b;W39,LA@6LAD`Q Bm@AFEH8p`(0cLR;GIF89a\|}tG~!\,\\Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z6hhhhhhhhhh\b8KH]Nhhhhhh F
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Z7EK7E<7}GxPNxE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z7}EK7}E<79 }9 ! 0 GxPNxE
Ansi based on Dropped File
(~WRD0000.doc)
z9 M"!e9 T$B9 J3w
Ansi based on Dropped File
(~WRD0000.doc)
z=s@n'1=E\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ZJ9 M<& uEP}KMEPDMEDD9 MhEP2P9 EKMED9 MhaEPPMEKMECMh<& uEP9 `K^h9 O<& t-9 E8t P9 <K9 .<& thx9 E9 E8uNx<& t& t9 j9 3D9 ;& u!~hh9 GE9 :P9 #K9 }TV9 9 S"!3FME%CMMQ9 !j.I:9 0 uN9eN9N$E9N4E9NHE9NXE 9NhE9NxE|9}Em9}E^9}EO9}E
Ansi based on Dropped File
(~WRD0000.doc)
ZJM<uEPKMEPDMEDDMhEP2PEKMEDMhEPPMEKMECMh<uEP`K^hO<t-E8tP<K.<thxEE8uNx<ttj3D;u!hhGE:P#K}TV3FME%CMMQ!j.I:uN9eN9N$E9N4E9NHE9NXE9NhE9NxE|9Em9E^9EO9E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ZME1SMDJPSMd9;tMDyJPVMd 9MDgJPWMdp9MxMdE"!3MTE
Ansi based on Dropped File
(~WRD0000.doc)
ZME1SMDJPSMd9;tMDyJPVMd9MDgJPWMdp9MxMdE3MTE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
zMeT$BJ3w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ZYYYYYY Y YhYZYBY.YY8ZXXXZXX4PFPRP`PpP|PP~PPPPPYFZhZvZ`ZSZZPQZZQ"Q>QZXZRQbQvQQQQQ.T"TTSSSSSS~S`SxSbSRS@S0SSSSRRRRRR R RrRfRXRLR<R*RR
Ansi based on Dropped File
(~WRD0000.doc)
ZYYYYYYYYhYZYBY.YY8ZXXXZXX4PFPRP`PpP|PPPPPPPYFZhZvZZZZPQZZQ"Q>QZXZRQbQvQQQQQ.T"TTSSSSSSSSxSbSRS@S0SSSSRRRRRRRRrRfRXRLR<R*RR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
{1D3B35E5-93C0-490d-90CA-153E78A17FF2}
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{3c471948-f874-49f5-b338-4f214a2ee0b1}
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{mu-\VKQzt*~NyIK&qK*Xm
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
{r@daa z r"{Sd>]xgY1~ *!!
Ansi based on Dropped File
(~WRD0000.doc)
{r@dzr"{d>]gY1*!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
{window.external.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{zM" MM& 9 T$B9 J3'xp
Ansi based on Dropped File
(~WRD0000.doc)
{zMMMT$BJ3'xp
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
|! Bhn[&wowGZpj;f\~eibkaElx
Ansi based on Dropped File
(~WRD0000.doc)
|!Bhn[&wowGZpj;f\eibkaElx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
|3[_^9 E0 F9 E0 F9 UR0 }9 PQ$& |
Ansi based on Dropped File
(~WRD0000.doc)
|3[_^EFEFUR}PQ$|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
},~FME,MM\9 dVj\}U0 MMeMyME9 Me0 ExJ& Ku9 M0 E& !9 MPEP ~MEb& & M jEPME!PuM}M& J30 E& }eWEPM9 MEPEPE& ufhNY9 0 ME& t:9 3uNEEPN9 MVs& t9 M9 VURP& t9 j9 MEG;}R[ME7ME9 ME.I9E MEyxMM_3@TVt$9 t$& tt$9 t$)^j8NS0 M39]tQ9]tL9]~GjuM&9 MEPEP0 ]ME& t!M]MM3TMMEMEwME 39]9 ~N9 E9 ;t>PMM;& u)SMPMPWM`9 MSEPF;u|ME;wMEkMEM]TMMH3@2UXj(gR0 MH39udu39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
},~FME,MM\dVj\}UMMeMyMEMeExJKuME!MPEPMEbMjEPME!PuM}MJ3EeWEPMMEPEPEufhNYMEt:3uNEEPNMVstMVURPtjMEG;}[ME7MEME.I9EMEyxMM_3@TVt$t$tt$t$)^j8NSM39]tQ9]tL9]~GjuM&MEPEP]MEt!M]MM3TMMEMEwME39]~NE;t>PMM;u)SMPMPWMMSEPF;u|ME;wMEkMEM]TMMH3@2UXj(gRMH39udu3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}0 M EjEPjEP9 4h& u
Ansi based on Dropped File
(~WRD0000.doc)
}0 } N}E,k}},jxXE0 0 S0 0 N$0 F(0 0 0 }0 kj9 0 }9 j)9 0 u }Es}EM9 =B>9 j.9 j4Y9 0 M30 E;tP0 F8`VW9 vR 9 W& tVj5PxW_^|$V9 u9 jP9 9 ^j)/9 9 3; %H4ck& & 9 ];
Ansi based on Dropped File
(~WRD0000.doc)
}3;9^8MM]jh|MEMQEP,;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}9 0 uMExMEqj}M{EP eM & tMM3{M}ME xME9 EPhMPVMh& u*3ME^xMEDMM 9 9 ujzEPeM& u[Pa{YM9 ME~MEVhM9 PWMME~MEMMzjzEP[eMK& t3MM9 zMOMET~MEpuMh9 PVMbM9 E$~ME
Ansi based on Dropped File
(~WRD0000.doc)
}9<A<I<"X
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}</script></head>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
}a: s$!! "!"
Ansi based on Dropped File
(~WRD0000.doc)
}Dhi]Wbgeq6lknv+ZzJgoC`~8ROggW?K6H+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}E aflfp9 aLj 0 :K9 0 uh@aMEfM\afeN0 M,e0 E& ~[u9 Mha9 & t?EP7^9 j& t9 M& t9 P9 j79 PW2LY9 Mju9aE9 E;E|E~P9 pb9 M& t9 PeEPEP9 b& u9 j9 P}E`NtEeNPEe9 Ek9 MMn`hKj:J@aVMe\at& t}tMM" e3RMM& euavhVM9 Pe& uM9 G$3& M9 MLe& t9 9 P9 JjiIh@aMeM=\aMteeuauk! JjiIh@aMdM=\aMtddj0 CY9 M0 P"!e4JU9 Qh@aMmdM\axd a9 `j;I9 9 E HtwHtRHt0H& hBY9 0 ME& " :jdBY9 0 ME& ts4nhBY9 0 ME& tQ\PL~tYhBY9 0 ME& t)v!hjBY9 0 Me& tX 3M& tPu2YYHV9 dD$tVIY9 ^V9 6D$tVHY9 ^D$V9 tVHY9 ^jE;G9 0 u^@9 ,^3N\0 }^NxE^ME0 ~0 ~0 ~,MEM0 F$N\0 F(9 j0 ~0 ~00 ~40 ~8P9 j9 PNx9 jPM0 0 ~0 ~<0 ~E9 GU9 Vq\9 /& ~HEP9 `^e9 M& t9 jP9 M& t9 jEPEP9 t^& u9 j9 P^U9 QeS9 ]EPS\f& tF9 M& t?VW+tNu19 }& t*9 7
Ansi based on Dropped File
(~WRD0000.doc)
}e'EPuuuuhLMmu;hM=Ph|@VjMM3@hxVjMM3j M39=@t3}=;tuuuu>EuXuuuh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}E}E x , ~}E
Ansi based on Dropped File
(~WRD0000.doc)
}E}E9 E0 0 ~0 ~0 ~R0 ~9 ~~j
Ansi based on Dropped File
(~WRD0000.doc)
}K>se7efWlt_jc@uzNPrQj>x]tkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkXkkkkkkkkkkkkh!N!RkkkkkkkkkO[FE4#OkkkkkkkWJVTL!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}K>sSe7xe SRfWlxt`_x" j ac@uxz `0 NPrQj~>x]t SkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkXkkkkkkkkkkkkh!N!RkkkkkkkkkO[FE4#OkkkkkkkWJVTL!
Ansi based on Dropped File
(~WRD0000.doc)
}L& h EP9 #|hREP9 E|MHEHPh9 Er|& t,Mq& u Me& uEHPEPEPMXaMEME
Ansi based on Dropped File
(~WRD0000.doc)
}LhEP#|hEPE|MHEHPhEr|t,Mqu MeuEHPEPEPMXMEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}NE,k,jxXEN$F(kj}j)uEsEM=B>j.j4YM3E;tPF8`VWvWtVj5PW_^|$VujP^j)/3;%H4ck];
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}p9}ht9Whxt
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
}pAtjj9 M`Xu\h*Px9 E`e9 ET@P0 Ep9 ET@PjupY9 EX9 URuTupPQM:u9 KupEUbPM[<ME\E :9 VEPEP9 EXE& t9 PQ39 E\u\hDh,PME
Ansi based on Dropped File
(~WRD0000.doc)
}pAtjjM`Xu\h*PE`eET@PEpET@PjupYEXURuTupPQM:uKupEUbPM[<ME\E:VEPEPEXEtPQ3E\u\hDh,PME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t }tt}tE(E,EPPYEYEPEPUh}EM $]ED;ED;EEhMPE,YYtE|G;ErL$EUt:HPPQ EY$t7HPPQY}t8GOOPvY]tSkYh0VuFP~8_^3[eD$ 3!,fHL$u9t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t"QPuR$WuhWuh}tQPuR ugWuhoWuhEE]Et,EPu<MEQPuSuR(uuuWu_^[UVVu0u,u(u$u uuuuuuFu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}T+9 ij[$ 9 0 ue}C+M9 "2|$t1U9 $SVWu9 uu(}0 MN30 E; h 3FVW9 Pu0 Eu0 E0 } t0 u9}0 }~Zu9 M*9 0 u;t;WEP9 & t+9}t9 E9 M0 M0 E9 9 MW9 uuP<3E9 E;E|uuu_^[V9 D$tVVY9 ^Vj9 x<h9 ^j$$%9 h0Y9 0 M30 E;t@MM0 Fx" jhME& EPEPEVYYME`~jjjjE9 0 eP9 Nj9 NhMMN~X9 I& tV9 h;D$tV_Y9 ^j/B9 0 u eN N E N0E f@FD9 j`$9 39}u39 E9 H+9 p0 ME+p]0 uE5 E
Ansi based on Dropped File
(~WRD0000.doc)
}twtjVetWuSV_^[j;=FE3HHHHHt[Ht0Hh\"@YME3h\?YMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t} }t} t} }t}9 E0 (9 E0 ,9 EPPY0 EYEPEP0 Uh }9 E9 M0 0 }0 0 }0 0 }$ 9 ]`E`D;ED;0 EEhSMPE,~YY& t9 E|G;ErL9 9 $ EUt:HPPQ0 `EY0 $ t7HPPQY0 0 }t8GOOPvY0 0 9 ]& tSkYh0V9 uFP~9 & 0 89 _^3[e9 D$ 3!,f0 H9 L$& u9t
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+0 G9 F8& tSQv<0 F<0 G0& tSuuIS]]9 E0 G9 E_0 F09 E^[U9 9 Ejjp(P & t`M H`MH9 M0 H9 M0 H]t$9 D$p(P$YY9 D$SV9 t$3W;t9 N<0 9 9 |$tuvw(W$YY>uWvYY9 F(0 F40 F09 F80 0 ^0 ^ ;tSSS0 F<0 G0_^[V9 t$Wj@jv(V 9 & u3ohjv(V 0 G$& uWv(V$YYS9 \$Sjv(V 0 G(& uw$v(V$Wv(V$3'j0 G,9 D$VW0 G89 [_^V9 t$W9 |$jVWw(v(V$w$v(V$Wv(V$$_3^Ul$9 MX3VW9 }\0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U9 9 D& Nu9}u9 El0 9 Ep0 39 Ep9 8S3Cj0 }L9 ^9TuA;v0 MH;s0 ML9TuNu0 u49uLv0 uL9 }L0 8
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+0 G9 F8& tSQv<0 F<0 G0& tSuuS]]9 F,9Eub9 N(0 M9F4u0 N49 ^49 G+;v9 & t
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+GF8tSQv<F<G0tSuu]]F,9EubN(M9F4uN4^4G+;vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}ue_+GF8tSQv<F<G0tSuuI]]EGE_F0E^[UEjjp(P tM HMHMHMH]t$D$p(P$YYD$SVt$3W;tN<|$tuvw(W$YY>uWvYYF(F4F0F8^^ ;tSSSF<G0_^[Vt$Wj@jv(V u3ohjv(V G$uWv(V$YYS\$Sjv(V G(uw$v(V$Wv(V$3'jG,D$VWG8[_^Vt$W|$jVWw(v(V$w$v(V$Wv(V$$_3^Ul$MX3VW}\UUUUUUUUUUUUUUUUDNu9}uElEp3Ep8S3Cj}L^9TuA;vMH;sML9TuNuu49uLvuL}L8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}uMEMEqj}M{EPeMtMM3{MMEMEEPhMPVMhu*3ME^MEDMMujzEPeMu[P{YMMEMEVhMPWMMEMEMMzjzEP[eMKt3MMzMOMETMEpuMhPVMbME$ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}WSV^[_D$PPE.D$PPB.t$D$hrPUVu~t*MjEPvMu04M:3^]0D$j@jP73j,f}uNjuMVeMMuMMMQ3@MC3K-f}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}YtPu uu@Dtjj9 YY;tVYPX& u
Ansi based on Dropped File
(~WRD0000.doc)
}|uE|"!39U|t
Ansi based on Dropped File
(~WRD0000.doc)
}|uE|39U|t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}}0EPEP.EYYuuEuuE+EMFEFEF_^3[#U|3EEV3EEW3EGE3Eu}uuuuuuu9u$uVVVVV#/3UjU^f tftf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}~9 E& ~9E0 E9 <EEEEju9 u^9 PV9 v& t9 D$\9 0 P^V9 v& t3 P9 0 Q9 ^LtjSU9 V9 u9 uuuu3^]|$ V9 ut$9 t$]+^|$V9 uLtj/St$9 t$t$"!^U9 QQeeVEPEP9
Ansi based on Dropped File
(~WRD0000.doc)
}~E~9EE<EEEEjuu^PVvtD$\P^Vvt3P9Q^LtjUVuuuuu3^]|$ Vut$t$]+^|$VuLtj/St$t$t$^UQQeeVEPEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~"#x G7{*c';s! 62tn];{Ee=kV! #-3HKk|x 5 &]" w/~8Y: 0 0U00U 0DU=0;0975 3http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0DU =0;09` H E0*0(+https://www.verisign.com/rpa0U%0
Ansi based on Dropped File
(~WRD0000.doc)
~"#xG7{*c';s62tn];{Ee=kV#-3HKk|5&]w/8Y:00U00U0DU=0;09753http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0DU =0;09`HE0*0(+https://www.verisign.com/rpa0U%0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~333u%t%uu^_[3B:t6t:t't:tt:tt^_B[B^_[B^_[B^_[L$WSV|$toqtUL$:tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~9 & l l9 h9 T$B9 `d3{9 J3{p}M9 T$B9 J3{}MMM9 T$B9 J3L{m}DT9 T$B9 `@3#{8D}[9 T$B9 `3z9 J3zd}M+M#9 T$B9 J3z9 J3z|M
Ansi based on Dropped File
(~WRD0000.doc)
~9 9 333u%t%u u^_[39 B:t6 t:t' t:t t:t t ^_B[B^_[B^_[B^_[9 L$WSV`9 |$ to`q tU9 9 L$`:t t
Ansi based on Dropped File
(~WRD0000.doc)
~EPEP]]WF EF$E9]tG+F G+GF$EPEPut59]u0]E++E+Ej+N jGjuS'E+Ej+E+ESSv$+v Gv(PQu"+~uE;FEFEEPEP]]X9]u9]uF EF$E9]tG+F G+GF$EPEPv,uuEt(9]u#]E+h +jN juSE+Eh SSu+uE+Eu+GPQuuuu_^[UQSVuWv6uuuEVuEz~jWuu9Et[MEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~llhT$Bd3{J3{p}MT$BJ3{}MMMT$BJ3L{m}DTT$B@3#{8D}[T$B3zJ3zd}M+M#T$BJ3zJ3z|M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~MEMM9 U\jl
Ansi based on Dropped File
(~WRD0000.doc)
~t9 b3@^V9 D$tVD)Y9 ^:3@U9 V9 ~t|ESWtmEP EPv 9 }+~9 ]+^ WSYSSY~7EPv< 9 E9 M9 Uj+Q9 M+RPQvS _[3@^9 D$V9 0 9 P,FXP9 ! 9 D$& u379 L$jPt$0 }H9 0 Ds& tj9 j9
Ansi based on Dropped File
(~WRD0000.doc)
~tb3@^VD$tVD)Y^:3@UV~t|ESWtmEPEPv}+~]+^ WSYSSY~7EPv<EMUj+QM+RPQv_[3@^D$VP,FXPD$u37L$jPt$HDstjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~}D ! hi]Wbge q6lknv+0 ZzJgo}C}`~ 8ROggW?K6H+
Ansi based on Dropped File
(~WRD0000.doc)
! Y9 ^U9 S3W9 9@t3OV89 ;tu9 uuuC99 ju9 uuu49 & t& t& tS9 89 ^_[]j(O& 0 Mu 3M0 ]xPuRuh Vj EPjSuu0 ;t03" PhVAAQQMM9 & 0 ]M9 MEPuEu$9 ;u9 E 9EuEPM & u9M]E;tu$ 3" h
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ & ! 0 `9 R} " "!a: S~x & ! 0 `9 R} " "!a: S~x
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ & ! 0 `9 R} " "!a: S~xHH:mm:ssdddd, MMMM dd, yyyyMM/dd/yyPMAMDecemberNovemberOctoberSeptemberAugustJulyJuneAprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSun1#QNAN1#INF1#IND1#SNAN_nextafter_logb_yn_y1_y0frexpfmod_hypot_cabsldexpfabssqrtatan2tanhcoshsinhCONOUT$string too longinvalid string positionIEIsProtectedModeURLgdiplus.dll OsC*0[a`>On4! e J M-P0 %P0 )P0 %P0 %D,3&OP0 P0 Lr?RJ{,@Qm6t 4`#?>0 ;FFFFFFF"hN@Gp S40 S4 #N-+. {29 0FP0 P0 B9 P0 O6#\'G7x? Fd8+O]ahXNW#FajS#\'G7x? F3)6{O>`3)6{O>`yR K :?0 OH RSDS8cCE R d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdbp u uuuup@ u$p@uuuu@p@v$vuXp#@Hv$Xv,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(D|p@wwvtwwwPxlxxy4yyyz ztzzz{T{p{{{4|p@wwtwwp@wwwpBwp@x(x4xwp@xpBwp@xxxxwp@xq@xxxwqBxpBw$q@Py`ytyyxw$q@PyDq@yyyxwDq@yqBxpBwhq@<zLzXzwhq@<zpBwq@zzzwq@zpBwq@{,{8{wq@{pBwq @R{S{{wq@R{p Bwq$@{||wq@{p$BwpBwrP@||||tww}Pxl}r@|,r@|}|tww}PxHr@4}D}P}wHr@4}`r@}}}`r@},rP@|pPBwpPBwHrX@4}pXBw`r\@}tr@ ~~S~wtr@ ~pBw r@~w r@~pBwr@`p|wr@`pBwr r@r@ , sH X ` s@H 4s 4s@ Ts Ts@ ts 08ts@ Sshx Ss@hs s@s s@tL \ d t@L t t@ <t <t@ `t$4@ `t@$xtp R xt@p$put L t@t@, < L t@h x L u@ u & L u@ Hu@,& <& & L xud& t& |& xu@d& u& & & u@& u& 0 uu@& u@L \ 0 uLv| R S Lv@| v ( ! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dpv'@ u&@! '! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dplv @RSwlv@Rp Bwv v v v v v v $v Pv Xv \v v v v v v `0`8`v@ `vh`x````(9 }v@h`v@````(9 }v@9 9 `(9 }w@D9 T9 (9 }p9 x9 ,w@`9 Xw9 9 9 x9 Xw@9 tw9 RR8R`(9 }tw@9 w@TRdR8R`(9 }wRRSRRRw@RRw@RRRw,uuw@x\l S x@\Hx@S hx@} x$}4}D}`}}x@$}x@|}R}`}}x@}}}x@}}}y@ 0,yL\t`(9 },y@LPy@`(9 }pypy@y@8HHxyx y@xy@z }z@x|}0z\ l t 0z@\ Tz wTz@ pz@ wz, < D z@, zt S w, z@t z@ wz@ wz@, zt {p }{@p ,{@ }H{ }H{@ h{H X h }h{@H { } {@ { " {@ y{H" X" d" " {@H" {@S" " " {" " " {@" |@ , 4|H X ` 4|@H X| X|@ || }||@ S|$ 4 @ S|@$ |p R }|@p |@ |@ }$}@v9 }hx }@hy8@pvu x},{ D}"!$"!4"! }D}@"!d}d"!t"!"!4"! }d}@d"!XpHvXpHvXpHvXpHvXpHvXpHvXpHv XpHv$XpHvPXpHvXXpHv\XpHvXpHvXpHvXpHv|pw|pw|pw|pw|pw|pw|pw |pw$|pwr|r|r|pw,r|,r|}S S(S}@S}XShSpS}@XS`r}}SSS}}@S}}}@~L\d~@LwD9 ,~},~@v`| {S" h~4~D~L~h~@4~~|~R~ ~~@|~~~~~~@~~xx$x~@x~Txdxpx}~@Txxxx@x,xx },@xL8H\4"! }L@8Pyhxt, l L l@ ,D L @Hu,& th y uL @u! u! u! u! u! u! u! u! $u! Pu! Xu! \u! u! u! u! u! P`h@P@ @0 (8Dh0 @(L t hL @th hh @ (h @S XhthS @X h @ (9 } @ @Pd`(9 } @@ (9 }@ X(9 }X@|<L`(9 }|@<SS@wTRwR@HX`@Hx}@ @< 8HP< @8\ `(9 }\ @ x `(9 }x @S (8D S @( t @t 4"! } @ $, @\lt@\44@LL@l4DPll@4 @lSS@ }@L\h}@L @ @4 4DL4 @4T |RLT @|| | @ $4< @$r S @ @& (8 & @d hx d @hR{}
Ansi based on Dropped File
(~WRD0000.doc)
!: ;x=~`wMi@r8 "!dG@IGGGGG
Ansi based on Dropped File
(~WRD0000.doc)
!GetNotificationId
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!hLE?Y9 0 Me& t39 9 EU9 QeEPu@^d& t9 E& u3U9 Vq@9 & ~GEP9 2\e9 M& t9 PD9 M& t9 jPHEPEP9 G\& u9 j9 P^|$V9 u 9 & tP&t$0 ^j@;BD0 Me3}EPq< EP 9 M9 E0 M0 MM0 E0 Ee9 uEPM59 M9 E+E+M9 }9 u+}+u+"!+9 9 +"!j+VEQ]P9 ESpS MMakDV9 v& t9S3jSSvF ^!^#F"jv0 Sjv(v[^V9 v& t3Pjv$F vF!F#F"^9 D$0 A0U9 QQSV9 u9 & tUs& tH9 0 E9 FW9 = 0 EEPs9 E0 9 E0 F9 F0 E9 F0 EEPs9 E0 F9 E0 F_^[9 D$& t9 P9 T$u9 PR\U9 QEPua#EU9 VW9 }W9 Y& ty~t*9 }WujP 9 9 W9 0 ~PTIu9 9 PT~t$Wacv~t9 j9 uW Wlc_^]SV9 39^ W9 |$;~$u+F"<r,F"EWvv0 ^v.YYZ;~(uU`F"<s,~F"F"F"jPSv"jhSvWvF,_^3[39 Vj9 9 jvP@jvYY^jq YYV9 v& th3PPPPPv ^j<@9 PlM9 AueVM2MM$NeAW9 t3V9 t$9 F+Ft$PmlYP9 F+P`lYPv6wS ^_V9 t$W9 & tN9 JtHHu>v9 & t0j9 %9 F9 vPw9 W& tVW _^39D$ j;?9 0 u, 9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
!hLE?YMet3EUQeEPu@^dtEu3UVq@~GEP2\eMtPDMtjPHEPEPG\ujP^|$VutP&t$^j@;BDMe3}EPq<EPMEMMMEEeuEPM5ME+E+M}u+}+u+++j+VEQ]PESpMMakDVvt9S3jSSvF ^!^#F"jv0Sjv(v[^Vvt3Pjv$F vF!F#F"^D$A0UQQSVutUstHEFW=EEPsEEFFEFEEPsEFEF_^[D$tPT$uPR\UQEPua#EUVW}WYty~t*}WujPW~PTIuPT~t$Wcv~tjuWWlc_^]SV39^W|$;~$u+F"<r,F"EWvv^v.YYZ;~(uUF"<s,~F"F"F"jPSv"jhSvWvF,_^3[3VjjvP@jvYY^jqYYVvth3PPPPPv^j<@PlMAueVM2MM$NeAWt3Vt$F+Ft$PmlYPF+P`lYPv6w^_Vt$WtNJtHHu>vt0j%FvPwWtVW_^39D$j;?u,Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!j.% 9 j 3Y9 0 Me& tjVe3Pj5(v0 V9 D$tV Y9 ^U9 9 EV9 ; uXMEP& u.u9 U& uh0 j P 3@"hthj P 3^]U9 }SVW0 M 9 juu$uu }9 ME0 E9 E0 E9 u9 uV|9 EE0 E9 E0 E9 E0 E9 E49 0 eP9 MEPVL9 MEPVuV_^[$j$#9 9 5 hWZauEEM9 'ejhMEPEPENaYYMEE9 0 eP[EPu9 SuMMj0#9 0 }3} 30 u0 E;u;9 ; 9 9E9uRu9 30 E9 ]9 C$+Cs0 E9 C(+C 0 u0 u0 E u0 Eus 9 5Pu0 E9 0 ejhTS0 Ee9 0 ejh|9 9 SM3PPPjzPuh0 E9 VEPu V}t9 M9 uu2u9 9 9 EN3F;! hP 0 M9 g& te)MEP9 E& u9 E9EuEu9 MuV9 uuu9 }h jjWuus ss u9 5WuWWuVt$9 P9 ^U9 QVWu9 AM9 EP9 t?& uu9 {& u-u9 WR 9 <& tu39 0 9 /_^U9 9 E0xu:9 Puj0X/u%9 PVWp,0 Up}EP;jX_^3U9 Vju 9 & u^]% 9 E `-W9 }t(HtHHu_9 jPQ9 & tHP9 >MSU9 RPQ9 9 U9 h9 0 & |Q9 S9 A[Wuuu _
Ansi based on Dropped File
(~WRD0000.doc)
!j.% j 3YMetjVe3Pj5(v0 VD$tV Y^UEV;uXMEPu.uUuhjP3@"hthjP3^]U}SVWMjuu$uu }MEEEEuuV|EEEEEEEE4ePMEPVLMEPVuV_^[$j$#5hWZauEEM'ejhMEPEPENaYYMEEeP[EPuSuMMj0#}3}3uE;u;;9E9uu3E]C$+CsEC(+C uuEuEus5PuEejhTEeejh|M3PPPjzPuhEVEPuV}tMuu2uEN3F;hPMgte)MEPEuE9EuEuMuVuuu}h jjWuus ssu5WuWWuVt$P^UQVWuAMEPt?uu{u-uWR <tu39/_^UE0xu:Puj0X/u%PVWp,Up}EP;jX_^3UVjuu^]%E -W}t(HtHHu_jPQtHP>MSURPQUh|QSA[Wuuu_
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!pInstantAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!sg2F<@HqA&<*n,#BH;=aElCd\Pq r3)&ntL'G8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!}wk)@ACy<G BrRsG$ C(3|? S qN[B/}0 /~ :~' S& t :` 9p ANe40?JzB@h~d! /d@E& TP3PRbu*Z`a.z9 `;GIF89a?|k"!]! f b9 o" Cra`i ~ r~ >ned`qa9 vg axc}g}LyO|{: q j a! n !?,xpH,y ci: B ZD@J& } 9 & )D~0!@ ?c,#$?/#
Ansi based on Dropped File
(~WRD0000.doc)
" " 0H P X ` h p x : " h " " " (!$!2!@!N!\!d!n!x! !R! !!!" !!!!"*"2"<"" a"" "" L"""" x"" " ####!#)#1#9#\#d#l#t#" D #x#" #" #" " 8$$$ $($0$S$" hv$ $$" $$$$" $$$" " t%'%1%9%A%d%l%t%" S" x% %%%%" H%%%&
Ansi based on Dropped File
(~WRD0000.doc)
" (5" diqy" S" " 4:"*2" dnv~" " " (" x (0S[" ~x" "
Ansi based on Dropped File
(~WRD0000.doc)
" 3@: " e9 "!9 yJBee9 E )U9 M9 |9 #0 M9 9 M}0 |9 }9 ME}0 }|9 jMZ+;|9 10 t" d" J& }3^jY+
Ansi based on Dropped File
(~WRD0000.doc)
" 8?7X`hp" R : " !" " XDLT\d" ! x" >6W" 0" z: " " $,4<" " o_g" " )1" 8T\dl" l" "
Ansi based on Dropped File
(~WRD0000.doc)
" A9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }j3XZ;" 9
Ansi based on Dropped File
(~WRD0000.doc)
" R3}M 9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }" 9
Ansi based on Dropped File
(~WRD0000.doc)
" T8@H" " ks{9 " (" x" &.6>F" iqy0 "!" " 2:Bemu" " 4" " $," $OW_go" p a
Ansi based on Dropped File
(~WRD0000.doc)
" {R~m }"!u- \"!& VK Qzxt*~N yI& K&qK"!*Xm
Ansi based on Dropped File
(~WRD0000.doc)
"!! "![G! $a"f}"!`/s(k eb}7W& ~}70{d ~{ }
Ansi based on Dropped File
(~WRD0000.doc)
"!D$tVY9 ^U9 30 ES9 ]V9 uW9 }'}E@ t UEPh! @& & t3@=EPV2%YY& t'Sa9 & u 9 WSV0 E9 VP9 E9 M_^3[~U9 30 EVWu}9 9 Mxu_l@"!3^3U9 ( 30 ES9 ]V9 uW9 }EPh! @& EPh & hpS0 E^$YY& u/EPSN$YY& u9EuEPS9$YY& u
Ansi based on Dropped File
(~WRD0000.doc)
"!MN{j,&M0ueuMuk9 M9 q& t9 ?& uFMM9 k3j,& Mu3M0 ue%;uFMM9 (Mb#;9 M6j-^9 Me3F0 u& u9 5"!9 & te9 Eh0hjj4Ab0 M9 u3;u
Ansi based on Dropped File
(~WRD0000.doc)
"!tVURPEPQ & tf9 E9 M3^ 9 U9 SV9 u3;t9]t8u9 E;t3f0 3^[uM59 E9Xu9 E;tff0 8]t9 E`p3@EPP\:YY& t}9 E9 ~%9M| 39]" RuQVjp & 9 Eu9 M;r 8^t9 8] e9 MapY *8]t9 E`p:39]" Pu9 EjVjp & & :9 U9 juuu]9 U9 9 EuS 3]V3;|; r~ VVVVV"39 9 D@^]9 U9 SVW3jSSu0 ]0 ]
Ansi based on Dropped File
(~WRD0000.doc)
""0H P X ` h p x "h " ""(!$!2!@!N!\!d!n!x!!!!!!"!!!!"*"2"<""a"" ""L""""x"""####!#)#1#9#\#d#l#t#"D##"#"#""8$$$ $($0$S$"hv$$$"$$$$"$$$""t%'%1%9%A%d%l%t%""%%%%%"H%%%&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"(5"diqy"""4:"*2"dnv~"""("x (0S["~""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"8?7X`hp""!""XDLT\d"">6W"0"z""$,4<" "o_g"")1"8T\dl"l""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"about:blank#EBCmd(
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
"T8@H""ks{"("x"&.6>F"iqy""2:Bemu""4""$,"$OW_go"p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#9 }R0 EjX+E0 E+ES0 E9 0 E0 EEP}9 MjX+E0 }0 E9 }0 ESEP0 }}9 9 9 wj[$9 0 u#ej
Ansi based on Dropped File
(~WRD0000.doc)
#<<<!'5%<<<<<<<6<<<<<<<<<<',.-$*<<<<<<<<<<<8''<<<<<<<<<<<<<1<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<{1h( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
#<<<!'5%<<<<<<<6<<<<<<<<<<',.-$*<<<<<<<<<<<8''<<<<<<<<<<<<<1<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<{1h( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#EjX+EE+ESEEEEP}MjX+E}EESEP}}wj[$u#ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#http://logo.verisign.com/vslogo.gif0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
#M xE@tMMMt} tMEtM`0 u!0 !}9 E9 =SuuEPuuu0 Eum9 M#;u+Et%eSuEuPuuu0 Eu49 69 9 & D0 PPl!Y@!9 uu ;uD9 69 9 & D0 P9 V)!YuX;u
Ansi based on Dropped File
(~WRD0000.doc)
#MxE@tMMMt} tMEtMu!!E=SuuEPuuuEumM#;u+Et%eSuEuPuuuEu46D0 PPl!Y@!uu;uD6D0 PV)!YuX;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$" 09 $I9 r+$& 4$0Dh`F#Gr$" 0I`F#G`FGr$" 0`F#G`FG`FG V$" 0I'9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 09 @HXl9 E^_`FG9 E^_I`FG`FG9 E^_`FG`FG`FG9 E^_U9 WV9 u9 M9 }9 9 ;v; r=tWV;^_u^_]ur*$" 9 r$& $$(Tx#``FG`FGr$" I#``FGr$" #`r$" I9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 (<9 E^_`9 E^_``FG9 E^_I``FG`FG9 E^_t1|9u$r
Ansi based on Dropped File
(~WRD0000.doc)
$" 9 $PI9 r+$& $`F#Gr$" I`F#G`FGr$" `F#G`FG`FG V$" IT\dlt| 9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 9 E^_`FG9 E^_I`FG`FG9 E^_`FG`FG`FG9 E^_9 U9 j
Ansi based on Dropped File
(~WRD0000.doc)
$####,^]UVut5;tP#YF;tP#Yv;5tV#Y^]UVut~F;tPu#YF;tPc#YF;tPQ#YF;tP?#YF;tP-#YF ;tP#Yv$;5tV#Y^]UV3PPPPPPPPUI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$0$Ir+$4$0DhF#Gr$0IF#GFGr$0F#GFGFGV$0I'DDDDDDDDDDDDDD$0@HXlE^_FGE^_IFGFGE^_FGFGFGE^_UWVuM};v;r=tWV;^_u^_]ur*$r$$$(Tx#FGFGr$I#FGr$#r$IDDDDDDDDDDDDDD$(<E^_E^_FGE^_IFGFGE^_t1|9u$r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$E|E|E|L\|L|[B|bU|bZ|E}|bD|L|LD|[D|ED|LD|RichE|PELKN!hpO
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$G@!#9 M)L2+3RH1/&*R=OK"QJR7I'F4B8A(E.D<:>
Ansi based on Dropped File
(~WRD0000.doc)
$G@!#9 M)L2+3RH1/&*R=OK"QJR7I'F4B8A(E.D<:>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$KE%W9\!J40N'#S2>X BVb)8pbC1Dh @
Ansi based on Dropped File
(~WRD0000.doc)
$KE%W9\!J40N'#S2>X BVb)8pbC1Dh@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$O& X`& >, [b\A.! Z
Ansi based on Dropped File
(~WRD0000.doc)
$OX`>, [b\A.!Z
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$S####,^]9 U9 V9 u& t59 ; tP#Y9 F; tP#Y9 v;5 tV #Y^]9 U9 V9 u& t~9 F; tPu#Y9 F; tPc#Y9 F; tPQ#Y9 F; tP?#Y9 F; tP-#Y9 F ; tP#Y9 v$;5 tV#Y^]U9 V3PPPPPPPP9 UI`
Ansi based on Dropped File
(~WRD0000.doc)
$Y0 ]9^uhFPGYY& u0 ]FE09]t9 9 & D8P 9 EE39 }j
Ansi based on Dropped File
(~WRD0000.doc)
$Y]9^uhFPGYYu]FE09]tD8PEE3}j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%& tEEP9 {hDRME$& tF,M 0 FME(h8RM$& 9 e0 E& }u9 H9 & `EP9 sh$RMEf$& uME'\h Y9 0 ME& t~9 3W9 E-& u& t9 j9 9 MV5MET'9 uE9 E;ERSME6'E9 E;ERe3F7V9 NR 9 ^U9 S9 VsW9 U}{9 0 ED 39M0 E~40 Mu9 & t9 j9 E9 E;E|ju9 j1;t-EP9 %
Ansi based on Dropped File
(~WRD0000.doc)
%0 E0 ]9 EMM0 E9 }E;t?9 gg& v4S9 9 & tjVM9 MV9 & u}9 C3g;r39}~59 MW! 9 & t VM& uu9 MFDPVG;}|9 u9 R& & t9 j9 eMM9 ElrjM0 9 MV}j pq9 9 u& u3@79 ,u)EP9 +v,eEP9 MM3qUhhq9 0 ]49 Mt3; P9 ; " EP9 Pyh M0 uD& fMMXE9 M\EUh EP9 E`ME& uMPMYh EP9 /ME& uEPMh E P9 M E}& u|EtPE PMV9 $9utt_j jY9 0 MTE;tj9 9 jEiY9 0 MTE& tE P3Vj0 F5(Es3hEP9 g hDRME& & h 9 &9 0 M0; xM80 EP9uPE
Ansi based on Dropped File
(~WRD0000.doc)
%0;F" p" lt| R " " `5" X" ~ } " <Hdr#r" " #+@: )@
Ansi based on Dropped File
(~WRD0000.doc)
%@~% ?-[g9X5dh,]vFKE*nk`0mE%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%E]EMME}E;t?ggv4StjVMMVu}C3g;r39}~5MWt VMuuMFDPVG;}|uRtjeMMElrjMMVjpquu3@7,u)EP+v,eEPMM3qUhhq]4Mt3;P;EPPyhMuDfMMXEM\EUhEPE`MEuMPMYhEP/MEuEPMhE PM E}u|EtPE PMV$9utt_j jYMTE;tjjEiYMTEtE P3VjF5(Es3hEPghDMEh&M0;xM8EP9uPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%s_%sparamjsonParamscmdIdtopicFrom Html Dialog: API_CMD_CLICKED</head>; return false;'#; onclick='}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%tEEP{hDME$tF,M FME(h8M$eEuHEPsh$MEf$uME'\hYMEt~3WE-utjMV5MET'uEE;ESME6'EE;Ee3F7VN^USVsWU}{ED39ME~4MutjEE;E|juj1;t-EP%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%v,%v0$v4$v$v8$v<$@v@$vD$vH$vL$vP$vT$vX$v\$v`$vd$vh$vlz$vpr$vtj$vxb$v|Z$@L$A$6$+$ $$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%v,%v0$v4$v$v8$v<$@v@$vD$vH$vL$vP$vT$vX$v\a$v` $vd`$vh $vlz$vpr$vtj$vxb$v|Z$@ L$ A$6$R+$ $ $
Ansi based on Dropped File
(~WRD0000.doc)
& ~& EPEP9 0 ]0 ]W9 F 0 E9 F$0 E9]t9 G+0 F 9 G+G0 F$EPEP9 u t59]u09 ]9 E+"!+9 9 E+Ej"!+N jGjuS'9 E+Ej"!+9 9 E+ES"!Sv$+v Gv(PQu 9 "9 +& ~& u 0 E; 9 F0 E9 F0 EEPEP9 0 ]0 ]X9]u9]u9 F 0 E9 F$0 E9]t9 G+0 F 9 G+G0 F$EPEP9 v,uu0 E t(9]u#9 ]9 E+"!h +j9 N juS9 E+Eh S"!Su+u9 9 E+Eu"!+GPQu u9 uu9 9 _^[U9 QS9 V9 uWv9 6uu9 u0 EVu& 0 9 0 Ez9 ~jWuu9Et[9 0 ME0 M
Ansi based on Dropped File
(~WRD0000.doc)
& & 9 MSPMPVMUM& uYuMhHPVMySu9 ME$MEfM]
Ansi based on Dropped File
(~WRD0000.doc)
& & FPM\j0 ]y;Y0 EE;tju9 9 3E9^(tFj K;Y0 EE;tj9 n 39 MP0 H0 x9 N(S5(E/"Pr9 ]& tS& u9 ^<& tjS& t_9 E!9 0 Ejh0 E& t1MQSjJP9 & t9 j9 & uMM[3@MM[37AjiP@9 FPMe[9 N(e& t9 N & t?9 N$& tf0MMJ[@j,&?MKueMvjj5pMMM03@ @j,&?M ueMjj5pMMM 3@G@j,&`?M 3PP5pM0 EaMM
Ansi based on Dropped File
(~WRD0000.doc)
& 9 0 & 9 C0 & & P0 P& VP5Y9 t!u& PV5YYYfgu& u& PV5YYY >-uF0 V& 0 $s g+ `& & '& & jj0Xf0 & 9 & Qf0 & 0 E& & E& t& @0 tCC"!& @9 Ct"!30 & @t& |& s& 9 9 u3}& 9& ~0 & 9 u!& 9 & & 9 t-9 & "!RPSW{090 9 9 ~N& +F& 0 & 0 tY& t9 90tN9 0@6& u 0 & 9 & & Of8t@@& u+& 0 & & e9 & @t+tj-tj+tj Xf0 & & 9 9 ++& u& Sj 9 & a& Yt& uWSj0& Quu& ~q9 0 & P9 & & SWPRB0 & & ~)S9 & Y9 V& Y| & t& Sj tY9 0 & f& t*9 9 9 3PPPPP2 t
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 ER ~eR9 H0 }fv9 M$9 9 0 9 ;uj+t&-t!;tC}pE~S;! `j +jyHf L9 M$9 9 0 9 ; O; ^9 UG0 }#f9w"}s9 ME*EEf;s9 M$9 9 0 9 ; H+ n- eC}0 }0 } u2Mf;t!f9w }sE9 M*EMf;s0 } f! AjeJ0 MHfwjO+t +t& jQMSjYj>0 }f;tfv+(Hfvf;} t@+J0 Mt+t9 }9 E0 jX9Evs }|E0 E9 EHEaj
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 jYER eRjY"!` 10 u v9 M$9 9 0 9 :uj<+t(<-t$:t<C}<<E~<c}0<e(jJjy` 1 R9 M$9 9 0 9 : T: f9 U0 u<9}s
Ansi based on Dropped File
(~WRD0000.doc)
& ^9 G0 & 9 G0 & R& P 0 PS& SP5dY9 t!u& PS5dYYY gu& u& PS5adYYY ;-uC0 S0 0 $s HH 9 & & '& & k`& Q& 0& & G& M t0 @tGG"!9 G@t"!30 @t& |& s& 9 9 u3}& 9& ~0 & 9 u!& u9 & & 9 t-9 & "!RPSWs090 S9 9 ~NE+F& 0 & 0 tb& t9 90tW9 0@?If8t@@& u+& (& u 0 & 9 & I 8t@& u+& 0 & & \9 & @t2t& -t& +t& & 9 ++& u& Sj [9 & a& Yt& uWSj0& 9 & tf& ~b9 0 & SSPjEP& FPFx.& u(9& t & MSYu9 P& Y|& tWSj & mt&Y9 `& t
Ansi based on Dropped File
(~WRD0000.doc)
& t `VEP 9 u3u 3D343EP9 E3E3;uO@& u9 0 5 0 5 ^_[9 U9 QV9 uV30 E9 FY uN /@t
Ansi based on Dropped File
(~WRD0000.doc)
& t3MM9 `}tj`Y9 9 }M?MEDME`WhM9 PVMTM9 EME|j}l0 EPeM& tMM3`MMEME9 EPhM;PVM! & u*3ME}MEcMM9 9 ujEPeM& t3MMe9 m0 MMEME!uMh9
Ansi based on Dropped File
(~WRD0000.doc)
& t9 & tjj5(w0^_jH&9 39u R9 ;t9p & t,9 9 =0 Vps09 p 0 9 =0 9 ;tp & t9 VpM 9 M9 UR0 uP& 9 ujEjP& 9hY0 EE& t9 dc39 0 ej|9 VE0 Y 9 0 ejVEE s4usE9 9 jg9 3VVdj9 0 ejh 9 9 VVVd9 9 h222LdK<9 jgPjhM VE 9 9 0 E)i9 =Pu0 EPPVuEP9 uuuMER9 u9 =0 9 )E9 0 eP" EP9 9 9 jEPE*j9 9 9 9 Fj+QPv9 RpS 9 MEP5`3& tQ9 9 b9 jp9 jpME9 9 9 H; 9q 9p 9 u9 9 @s0 p 9 9 M0 E9 FU0 E9 RPT& u9 F+0 E9 M9 URPX& u9 F+F9 M+0 E9 EjPu9 uupS 9 jp9 Eee0 E9 E0 E9 9 H9 9 uPMM`jdR&9 9 }3;u39 ;tp & t9 Vp0 Mm9 MQ9 0 uPH& 9 9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
& t9 Mjh|9 N9 MPM9 MEPM0 uED9 EKtj,dseEP3CM0 ] & t9 Mjh|9 0 ]MMEME" ME9 EPhMPVM9 M& tEPjh|9 lM0 ]EE ME+M]jME^9 EesU9 Q9 Mejh9 Ej4`r9 9 u9 M&~& t
Ansi based on Dropped File
(~WRD0000.doc)
& t9 r3M0 E9 7j"69 0 uR9 3E;t 0 9 ;tm0 9 ;tZ0 9 ;tG0 S9 ;t40 9 ;t!0 9 ;t0 9 ;t0 9 ;tc0 9 ;tP0 <9 ;tP! AY0 }@9 SPl9 ;~9 S9 P9 ;t9SjP 9 ;tPj 0 0 ~}EY}lES}DER}]"!xM9 ,6U9 Q9 Mejh 9 EU9 0SVWE9 Ps@ u u9 uu 9 5PW0 E0 E8t
Ansi based on Dropped File
(~WRD0000.doc)
& tG9 FU9 }V9 tx& tu9 uu =xu9 uut({& tf^]U9 QQV9 9 & u%W9 }& t`0 9 }& t9 0 3@_P}u9 E& t9 N0 9 E& t9 N0 3@-e9 jURURPQ Et9 E0 F9 E0 F3^j& tt$9 sd3U9 ,SV9 }3& u9 E0 9 E0 3W9 F ;~9^$~9 M0 9 F$9 M0 3@9W9^uV~09 r9& uH9^u9 NW80 F9 N;u9 E0 9 E0 3_^[9 u9 }jVW& & 0 0 ~9 = uu9 & tjEPv(d& tYEPju& ~J9 E9]u"!+0 E9 M9 U0 9 E0 9 0 N$9 0 F 9 59]tu9] u ~u19 a& t&EPjv,& t9 E9 M9 U0 9 M0
Ansi based on Dropped File
(~WRD0000.doc)
& tMM 9 ! M ME%MEA9 EPh4MPVM& u+MEMEMM9 }9 uVOj9 G! +Y3<x^9 j M eM]MM9 9 j,D& 9 M eeEP9 PMEMEtM& t@KLMMW9 _ MME!M9 EPhdME PVM& uE@KL9 uMEME! j& EP^eMN& tMM3& MeMEM9 >uMh EPVM]3& u(MEMEMMI9 }FjDm eEP3ECP0 ]ME& t9 Mjh|9 0 ]MME ME ME9 jEPM"PVM & u9 Mjh|9 {0 ]9Mx& tjEPM9 MEPEM0 ]EaMEMEME M]2ME&9 E- jFeEPEP MEw& t$3ME
Ansi based on Dropped File
(~WRD0000.doc)
& }WSV^[_9 D$PPE.9 D$PPB.t$9 D$9 hSrPU9 V9 u~t*MjEPvMu04M:3^]09 D$j@jP73j ,f}uNjuMVeMM& u9 MM0 MQ3@MC3K-f}u
Ansi based on Dropped File
(~WRD0000.doc)
&0&8&B&J&" p" m&u&}&& &&" &&&" &&&'" <$'" " G'O'W'_'g''" ''''" $'" h(" 1(9(" b(" & (" " p(((((((((((#)-)" R)Z)h)" )"!)" 8)" l)))*" $*" G*" j*" 4*" `*" R*" " *++++@0" x@>+F+N+V+^+f+n+v+~+ +}+ +~+++++" ,
Ansi based on Dropped File
(~WRD0000.doc)
&0&8&B&J&"p"m&u&}&&&&&&"&&&'"<$'""G'O'W'_'g''"''''"$'"h("1(9("b("(" "p(((((((((((#)-)"R)Z)h)"))"8)"l)))*"$*"G*"j*"4*"`*"*""*++++@0"x@>+F+N+V+^+f+n+v+~+++++++++",
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'vm_pXmlDoc->save() returned HRESULT = 0x%XCXmlDocument::Savecalling m_pXmlDoc->save(%s)return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())return %d (from LoadW)return FALSE - not using helperStart. bUseHelper=%d wStrXml=%sCXmlDocument::LoadFromBufferreturn %dfailed to read fileException caught. memory size is %d m_pXmlDoc->load() return HRESULT 0x%Xreturn FALSE - file doesn't existreturn FALSE - m_pXmlDoc==NULLCXmlDocument::LoadFromFileStart. wStrFilePath=%s bUseHelper=%d@33End : return FALSE (RegOpenKeyExW returned 0x%X)End : return TRUEEnd : return FALSE (RegQueryValueExW returned 0x%X)Start : root=0x%X key=%s valueName=%sEnd : return FALSE (RegSetValueExW returned 0x%X)End : return FALSE (RegCreateKeyExW returned 0x%X)Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%sCSetupRegW::SetRegEntryStart : root=0x%X key=%sCSetupRegW::IsKeyInRegistryEnd : return %dEnd : return 0 (RegOpenKeyExW returned 0x%X)CSetupRegW::GetRegNamesCountEnd : return_value=%d rc=0x%XEnd : return FALSE (result pointer is NULL)CSetupRegW::GetIntFromRegistryValueEnd : return FALSE (RegCreateKeyW returned 0x%X)Start : root=0x%X key=%s valueName=%s value=%dCSetupRegW::WriteIntToRegistryEnd : return FALSE (RegQueryValueExW dwordType==REG_BINARY)Start : root=0x%X key=%s valueName=%s wStrValue=%sCSetupRegW::GetStringFromRegistryValueEnd : return %d (RegDeleteKeyW returned 0x%X)CSetupRegW::DeleteKeyEnd : return 0x%X (status)CSetupRegW::RegDeleteKeyAndItsSubkeysStart : hKey=0x%X lpSubKey=%sEnd : return FALSE (wStrValue from registry is empty)End : return FALSE (GetStringFromRegistryValue failed)CSetupRegW::GetBoolFromRegistryValueEnd : return %d (from SetRegEntry)Start : root=0x%X key=%s valueName=%s bValue=%dCSetupRegW::SetBoolRegistryValueEnd : return %d (rc==0x%X)Start : root=0x%X path=%s value=%sCSetupRegW::DeleteValueEnd : return FALSE (RegOpenKeyExW returned ox%X)CSetupRegW::GetRegDirectoryKeyNamesStart : hRoot=0x%X wKey=%sEnd : return FALSE (RegEnumKeyExW returned ox%X)CSetupRegW::GetFirstRegDirectoryNameEnd : return FALSEStart : root=0x%X key=%s wStrValName=%s iType=0x%XCSetupRegW::IsValueInRegistryStart : root=0x%X key=%s iType=0x%XCSetupRegW::GetRegNamesStart : root=0x%X key=%s wStrFirstName=%sCSetupRegW::GetRegFirstNameEnd : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)Start : hRoot=0x%X wStrKey=%sCSetupRegW::DeleteRegEntry;$9;xW'M>XmmmXm↓→↑←‾♦♥♣♠ÿþýüûúùø÷öõôóòñðïîíìëêéèçæåäãâáàßÞÝÜÛÚÙØ×ÖÕÔÓÒÑÐÏÎÍÌËÊÉÈÇÆÅÄÃÂÁÀ¿¾½¼»º¹¸·¶µ´³²±°&hibar;¯®­¬«ª©¨¨§&brkbar;¦¥¤£¢¡ ›™—–”“’‘‹‰‡†„‚⁄"CResourceBank::InitB)dBxxemNaGQdac
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'~vm_pXmlDoc->save() returned HRESULT = 0x%XCXmlDocument::Savecalling m_pXmlDoc->save(%s)return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())return %d (from LoadW)return FALSE - not using helperStart. bUseHelper=%d wStrXml=%sCXmlDocument::LoadFromBufferreturn %dfailed to read fileException caught. memory size is %d m_pXmlDoc->load() return HRESULT 0x%Xreturn FALSE - file doesn't existreturn FALSE - m_pXmlDoc==NULLCXmlDocument::LoadFromFileStart. wStrFilePath=%s bUseHelper=%d@x3Rx3End : return FALSE (RegOpenKeyExW returned 0x%X)End : return TRUEEnd : return FALSE (RegQueryValueExW returned 0x%X)Start : root=0x%X key=%s valueName=%sEnd : return FALSE (RegSetValueExW returned 0x%X)End : return FALSE (RegCreateKeyExW returned 0x%X)Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%sCSetupRegW::SetRegEntryStart : root=0x%X key=%sCSetupRegW::IsKeyInRegistryEnd : return %dEnd : return 0 (RegOpenKeyExW returned 0x%X)CSetupRegW::GetRegNamesCountEnd : return_value=%d rc=0x%XEnd : return FALSE (result pointer is NULL)CSetupRegW::GetIntFromRegistryValueEnd : return FALSE (RegCreateKeyW returned 0x%X)Start : root=0x%X key=%s valueName=%s value=%dCSetupRegW::WriteIntToRegistryEnd : return FALSE (RegQueryValueExW dwordType==REG_BINARY)Start : root=0x%X key=%s valueName=%s wStrValue=%sCSetupRegW::GetStringFromRegistryValueEnd : return %d (RegDeleteKeyW returned 0x%X)CSetupRegW::DeleteKeyEnd : return 0x%X (status)CSetupRegW::RegDeleteKeyAndItsSubkeysStart : hKey=0x%X lpSubKey=%sEnd : return FALSE (wStrValue from registry is empty)End : return FALSE (GetStringFromRegistryValue failed)CSetupRegW::GetBoolFromRegistryValueEnd : return %d (from SetRegEntry)Start : root=0x%X key=%s valueName=%s bValue=%dCSetupRegW::SetBoolRegistryValueEnd : return %d (rc==0x%X)Start : root=0x%X path=%s value=%sCSetupRegW::DeleteValueEnd : return FALSE (RegOpenKeyExW returned ox%X)CSetupRegW::GetRegDirectoryKeyNamesStart : hRoot=0x%X wKey=%sEnd : return FALSE (RegEnumKeyExW returned ox%X)CSetupRegW::GetFirstRegDirectoryNameEnd : return FALSEStart : root=0x%X key=%s wStrValName=%s iType=0x%XCSetupRegW::IsValueInRegistryStart : root=0x%X key=%s iType=0x%XCSetupRegW::GetRegNamesStart : root=0x%X key=%s wStrFirstName=%sCSetupRegW::GetRegFirstNameEnd : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)Start : hRoot=0x%X wStrKey=%sCSetupRegW::DeleteRegEntryx;$9;xW'M>: XmmmXxxm↓→↑←‾♦♥♣♠ÿþýüûúùø÷öõôóòñðïîíìëêéèçæåäãâáàßÞÝÜÛÚÙØ×ÖÕÔÓÒÑÐÏÎÍÌËÊÉÈÇÆÅÄÃÂÁÀ¿¾½¼»º¹¸·¶µ´³²±°&hibar;¯®­¬«ª©¨¨§&brkbar;¦¥¤£¢¡ ›™—–”“’‘‹‰‡†„‚⁄"CResourceBank::InitRB ) dB xx emNaG Qd ac
Ansi based on Dropped File
(~WRD0000.doc)
&M&M%M%M%9 T$B9 JS3" ` M M%M~MM+M%9 T$B9 J 3D" e M5Mw%M3Mg%M_%9 T$B9 J3" " MH<%MX4%M,%MM%M%M%M8%M R*MX$MX$9 T$B9 JR3} L M$xSM$uaY9 T$B9 `t3K l M@ $M0~$Mv$MM f$M^$M0V$9 T$B9 J3 M3$M+$M9 T$B9 J3 " M$9 T$B9 J3 " M#M19 T$B9 J3w " 9 MvP9 M9 M@R9 MlJ9 Mz#M(u"!Yu"!Yu "!Yu"!Yu"!Yuy"!Yuo"!Yue"!Y9 T$B9 J3 9 MO9 M]9 M@9 Ml 9 M"9 T$B9 J3i ` MHuYuY9 T$B9 J32 S Mm"9 T$B9 J3 (0 u9 Y9 T$B9 J3 T MM"M09 T$B9 J3 u3Y9 T$B9 J3 M!M!M!M!M!M!M!M " !9 T$B9 J37 X Mr!Mj!Mb!MZ!9 T$B9 J3d M7!M/!9 T$B9 J3 9 M!9 T$B9 J3 M9 T$B9 J39 MS MR MS MR MS MR~ 9 T$B9 J3@a 9 MD9 T$B9 J3p> u"! YMN MF 9 T$B9 J3 M# u\ YM uJ Y9 T$B9 J3 Mu Y9 M9 T$B9 J3t," Mu" Y9 MM" M-9 T$B9 J3/PP MjMbMZ9 T$B9 J3} M79 E e9 MMMM9 T$B9 J3}Mu" Y9 MMM9 T$B9 J3c}$ M~u YMRM(9 T$B9 JR3&}GMaMYMQMIMM9M19 T$B9 JR3M9 T$B9 J3u, Yu" Yu Y9 M9 T$B9 J3o\M$9 T$B9 J3LmM +MMwMoM"9 T$B9 `|3'MA+9 T$B9 J3RMSMM9 M9 T$B9 J3RD}9 MH9 T$B9 J3& Rp}9 M 29 T$B9 J3bRS}MT9 T$B9 `P31RR}M9 T$B9 JR3R/}9 M 9 T$B9 J39 (}ug YMMMMMMMt& MM9 T$B9 `p3p9 L u Yu Y9 T$B9 J3A9 b9 M9 M~9 M`9 T$B9 J39 #9 M 9 M?9 T$B9 J3`HR9 M9 T$B9 J3`tRM(u" Yu YM9 T$B9 J3o`RM(9 T$B9 J3L`mRM! (9 T$B9 J3)`JR9 Md9 T$B9 J3`<'RM9 T$B9 `p30 hRMw9 T$B9 J30 9 Ml9 T$B9 J3a0 9 uYMMMM9 T$B9 J3U0 v9 M4MM M@xM0pMPhM `MMMHM`SM8M0M(xMh'9 T$B9 `p3T`9 M"9 T$B9 J3 `MpM9 T$B9 J3fD! `MEM`]M M 0 M0@dMnMfM^MVMDNMT
Ansi based on Dropped File
(~WRD0000.doc)
&M&M%M%M%T$BJ3`MM%M~MM+M%T$BJ3DeM5Mw%M3Mg%M_%T$BJ3"MH<%MX4%M,%MM%M%M%M8%M R*MX$MX$T$BJ3LM$xM$uYT$Bt3KlM@$M0~$Mv$MM f$M^$M0V$T$BJ3M3$M+$MT$BJ3M$T$BJ3M#M1T$BJ3wMvPMM@MlJMz#M(uYuYuYuYuYuyYuoYueYT$BJ3MOM]M@MlM"T$BJ3iMHuYuYT$BJ32SMm"T$BJ3(0uYT$BJ3TMM"M0T$BJ3u3YT$BJ3M!M!M!M!M!M!M!M!T$BJ37XMr!Mj!Mb!MZ!T$BJ3dM7!M/!T$BJ3M!T$BJ3MT$BJ3M M M M M M T$BJ3@aMDT$BJ3p>uYMN MF T$BJ3M# u\YM uJYT$BJ3MuYMT$BJ3t,MuYMMM-T$BJ3/PPMjMbMZT$BJ3M7EeMMMMT$BJ3MuYMMMT$BJ3c$MuYMM(T$BJ3&GMaMYMQMIMM9M1T$BJ3MT$BJ3u,Yu"YuYMT$BJ3o\M$T$BJ3LmM+MMwMoM"T$B|3'MA+T$BJ3MMMMT$BJ3DMHT$BJ3pM2T$BJ3bMTT$BP31RMT$BJ3/MT$BJ3(ugYMMMMMMMtMMT$Bp3pLuYuYT$BJ3AbMM~M`T$BJ3#MM?T$BJ3HMT$BJ3tM(u"YuYMT$BJ3oM(T$BJ3LmM(T$BJ3)JMdT$BJ3<'MT$Bp3hMwT$BJ3MlT$BJ3uYMMMMT$BJ3UvM4MMM@xM0pMPhM `MMMHM`M8M0M(xMh'T$Bp3TM"T$BJ3MpMT$BJ3fDMEM`]MM M0@dMnMfM^MVMDNMT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&Oy3 . ! v2f0 x.d %4ku`0 e:Pr~4Ekp!R-U)aR$ $xgL%w,U/$BEjOiI 0 f^$[PT}zhp)SFk ZaJrS}~) XE-)p: wsx -j
Ansi based on Dropped File
(~WRD0000.doc)
&Oy3. v2f.d%4ku`e:Pr4Ekp!-U)aR$$xgL%w,U/$BEjOiI f^$[PTzhp)SFkZJrS}~)XE-)pws -j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&S-`KRkS@4C5|mF.O=30P t.=(DS0n
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&S-`KRRkS@ 4C5|mF& .O=9 30SP t.=(DS0 n
Ansi based on Dropped File
(~WRD0000.doc)
',:_.__...J..i.n...d...a...w....s....(..S..._.....n...d...a...r..d...t..,'_:_
Ansi based on Image Processing
(screen_0.png)
((((( H
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
(((((((((((PSPUBWSP
Unicode based on Runtime Data
(WINWORD.EXE
)
(P`aR00aM/r&@;GIF89ae!e,eG/-3Qe6]@T8Z<OI&;_:75
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
(P`aRS0 0a M! /r0 &9 : @;GIF89ae: R : "!~Sa!e, eG/- ! 3Qe6 ]@T"!a8Z<OI&;_:75
Ansi based on Dropped File
(~WRD0000.doc)
*" 8|(@+@t+" " 0/l|ds(0s( 0" " 19" D\dl" x" " " ,"" X"
Ansi based on Dropped File
(~WRD0000.doc)
*"8|(@+@t+""0/l|ds(0s(0""19"D\dl"x""",""X"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*ug1EujP;EtunY@SEPjPjh}ftf:uf\tf/uGGhMWYYu3hMWYYu"hMWYYuhMWYYtxWFSP|]U$EEEtt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*ug9 10 EujP;EtunY9 9 @S0 EPj& Pjh }f& tf:uf\tf/uGGhMWYY& u3hMWYY& u"hMWYY& uhMWYY& tx WFSP|9 ]9 U9 9 $ EEE& tt
Ansi based on Dropped File
(~WRD0000.doc)
+0u+i0g0$+0 http://ocsp.verisign.com0?+0 3http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0U#0 k&p? -5: 0` H B0
Ansi based on Dropped File
(~WRD0000.doc)
+0u+i0g0$+0http://ocsp.verisign.com0?+03http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0U#0k&p?-50`HB0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+]:0kkkkkkkkk(e\kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk? h( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
+]:0kkkkkkkkk(e\kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk?h( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+CHttpManager::ReturnWithErrorCHttpManager::DownloadFileHelperException was throw while downloading [%s]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+H9 0 E9 N,+0 M9 v8j9 E0 F 9 E0 F9 E0 G9 +0 G9 E0 F4WV_^[9 M9 U$& `\} 9 MeMECE}r9 E9 0 N Ht<Ht*H& [9 EG0N0 F 9 Ej\mjX)EWEPEPEPEPJWuuuu(0 F& mmm9 M9 E)M0 E9 M } eMEC0 M r9 M9 E%;& 0 F30 E0 E9FtjX
Ansi based on Dropped File
(~WRD0000.doc)
+HEN,+Mv8jEF EFEG+GEF4WV_^[MU$`\}MeMECE}rENHt<Ht*H[EG0NF Ej\mjX)EWEPEPEPEPJWuuuu(FmmmME)MEM }eMECM rME%;F3EE9FtjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+j<*u~PFFdF$FFFF F$l$FXF\EgEtPQE$M9*\DP<L$ytAt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+M+ME}3}E}+9}U}u}u}};}}}U9U~U+UU9U~U+UU2E2MuPjEPp)E)EEEjEP{3EttQjs0MM+V3jPFFFP5^aU(WEPW5xufVj(3EVP`5EhVEuuEujEEEPu}|^fu33@_UEVPFu3KtSWEPv<5]}+]+}jvSWuuhh|hh39FSWPPSWjjE}jPWWE3CSWvtW=ujPvjjdjv~WWv^_[^UVf\;Fu`vt0EPv<E+EjPE+EPuuvf^|$Vu,\Pvtv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+M9 N?0 M~j?^; 9 J;Ju\ }&9 9 M|80 ]#\D0 \Du39 M9 ]!,O9 MR|8!0 ]u9 ]9 M!K9 ]}9 J9 z0 y9 J9 z0 y 9 M9 y0 J0 z0 Q9 J0 Q9 J;Ju^`LM L}# }u 9 ;9 9 M|D) }u
Ansi based on Dropped File
(~WRD0000.doc)
+MN?M~j?^;J;Ju\ }&M|8]#\D\Du3M]!,OM|8!]u]M!K]}JzyJzyMyJzQJQJ;Ju^LM L}#}u;M|D)}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+t3& x\9 & & pY+t3& x\9 & & wpY+t3& x\9 3& & R9 p;qt~Yp+t3& x\9 & & )pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & "!pY+t3& x\9 & & xpY+t3& x\9 & & WpY+t3& x\9 3& & 29 p;qt~pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & 9 p;qtrpY+t3& x\9 & u}pY+t3& x\9 & u`pY+t3& x\9 & uCpY+t3& x\9 3& u"+; ! $0 9 9 P;QtqQ+t3& xT9 & upQ+t3& xT9 & upQ+t3& xT9 & u: pQ+t3& xT9 3& & v9 P;Qt}Q+t3& xT9 & & NpQ+t3& xT9 & & -pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & ~pQ+t3& xT9 & & }pQ+t3& xT9 3& & X9 P;Qt}Q+t3& xT9 & & 0pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & ^pQ+t3& xT9 3& & 99 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;QtoQ+t3& xT& u6pQ+t3& xT& upQ+t3& xT& t9 @I+t3& xL9 3& u3[S
Ansi based on Dropped File
(~WRD0000.doc)
+t3\pY+t3\wpY+t3\3Rp;qt~Yp+t3\)pY+t3\pY+t3\pY+t3\3p;qt~pY+t3\pY+t3\xpY+t3\WpY+t3\32p;qt~pY+t3\pY+t3\pY+t3\pY+t3\3p;qtrpY+t3\u}pY+t3\u`pY+t3\uCpY+t3\3u"+;$P;QtqQ+t3TupQ+t3TupQ+t3TupQ+t3T3vP;Qt}Q+t3TNpQ+t3T-pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3T}pQ+t3T3XP;Qt}Q+t3T0pQ+t3TpQ+t3TpQ+t3T3P;Qt~Qp+t3TpQ+t3TpQ+t3T^pQ+t3T39P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;QtoQ+t3Tu6pQ+t3TupQ+t3Tt@I+t3L3u3[S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,,,," ," (---" T7-?-G-" j-r-z- -" -" -" <@h" x..." E.M." s.}." 0.." d..." .///" </F/" k/u//" L///" ///" 00" ;0C0" 4i0q0y00" h0" 0" 001" " d,141<1D1L1T1\1 11! 11" S1" " 021112B2J2" Xm2u2}2" R22" " 22222%303" H0 3q3y33" |" 3333344" " d<4D4L4T4\4"
Ansi based on Dropped File
(~WRD0000.doc)
,,,,","(---"T7-?-G-"j-r-z--"-"-"<@h"x..."E.M."s.}."0.."d...".///"</F/"k/u//"L///"///"00";0C0"4i0q0y00"h0"0"001""d,141<1D1L1T1\11111"1""021112B2J2"Xm2u2}2"22"" 22222%303"H3q3y33"|"3333344""d<4D4L4T4\4"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,.;:|*&/\
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
,D[B'5R)NE%[JPHZ1W4[< 2KG(*"Y;[!FAUS@T$7[C8-O /6I
Ansi based on Dropped File
(~WRD0000.doc)
,D[B'5R)NE%[JPHZ1W4[< 2KG(*"Y;[!FAUS@T$7[C8-O/6I
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,f9 jp0 MEMM9 jd&9 ^9 E0 E9 E@0 EEPM;eMvjh`ME_}EPEPE@YYMEdEPM}ME[EPME[\9 & thj_jVMMEnPMVMjMRPMME=PMM,PM 9 jEP9 e9 (ME"!! ME! MEZMEu! MEi! MM]! gj,& 9 9 ! & tX9 p& tQ & uH9 9 Pp9 u"M?eM}MM9 ?ijVw0j '
Ansi based on Dropped File
(~WRD0000.doc)
,fjp0MEMMjd&^EEE@EEPM;eMvjh`ME_EPEPE@YYMEdEPMME[EPME[\thj_jVMMEnPMVMjMRPMME=PMM,PMjEPe(MEMEMEZMEuMEiMM]gj,&tXptQuHPpu"M?eM}MM?ijVw0j '
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- ]: t: t]: jhGX39tVE@tH9 t@0 EU.9 E9 9 =t
Ansi based on Dropped File
(~WRD0000.doc)
- ]: t: - ]: : t
Ansi based on Dropped File
(~WRD0000.doc)
- Attempt to use MSIL code from this assembly during native code initialization
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- floating point support not loaded
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for locale information
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unexpected heap error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unexpected multithread lock error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
--== Logger finished ==--
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
--== Logger initiated ==--
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
-]t t]jhGX39tVE@tH9t@EU.E=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
-incomplete dynamic bit lengths tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
-N%,9 P;06C59 9 ;GIF89a'!',i)QR2& PP,: B& VkQ(]NA|DR }s <
Ansi based on Dropped File
(~WRD0000.doc)
-N%,P;06C5;GIF89a'!',i)Q2PP,:B&VkQ(]NA|D}s<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
. .~(6Z! UbD{'@! %8I < so #Z0]RB!Rq>=#. 0XR!%& TFD*#qA n@K4X"x' `0 bR0F
Ansi based on Dropped File
(~WRD0000.doc)
. .(6ZUbD{'@%8I<so#Z0]B!q>=#.0XR!%TFD*#qAn@K4X"'`bR0F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.(>?$ &&3?*.?2('?19:!!="7B4'+D F85%%FCA;GIF89a? a {S x"! S: x : "! !?,xpH,Z hnLF C1zH~D (j4,b-: kD
Ansi based on Dropped File
(~WRD0000.doc)
.(>?$&&3?*.?2('?19:!!="7B4'+D F85%%FCA;GIF89a?{x!?,pH,ZhnLFC1zHD(j4,b-kD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
...<program name unknown>Runtime Error!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.9 M9 T$B9 J38M9 T$B9 J3MM@M MMMMLMMMMM0M9 T$B9 J3l9 Jt3bMAMY9 T$B9 J37TXMM.MbM9 T$B9 J3%M#9 T$B9 J3u]YMM
Ansi based on Dropped File
(~WRD0000.doc)
.?AUIOleCommandTarget@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleInPlaceFrame@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIServiceProvider@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AV__non_rtti_object@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AV_com_error@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_cast@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_exception@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_typeid@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVBitmap@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertHttpManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAtlException@ATL@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCCommandId@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDummyJob@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventHttpReply@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventHttpRequest@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCInstantAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJob@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJobDownloadFile@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJobRequestPost@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMovingFrame@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRegMonitor@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRegValue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCServiceMapManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSetupRegW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCTranslatedKey@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCVersion@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVGdiplusBase@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVImage@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVlength_error@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVlogic_error@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVout_of_range@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.MT$BJ38MT$BJ3MM@M MMMMLMMMMM0MT$BJ3lJt3bMAMYT$BJ37TXMM.MbMT$BJ3%M#T$BJ3u]YMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/ehhhhhhhh"PCM0Lhhhhhhhhhf&QOEhhhhhhhhhh@T#*hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhh! h 4VS_VERSION_INFO?StringFileInfo040904b04CommentsAlert ver 1.0:
Ansi based on Dropped File
(~WRD0000.doc)
/ehhhhhhhh"PCM0Lhhhhhhhhhf&QOEhhhhhhhhhh@T#*hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhhh4VS_VERSION_INFO?StringFileInfo040904b04CommentsAlert ver 1.0:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/ME/MEPM0E/M@0 ]" /9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
/ME/MEPM0E/M@]/Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0 }[4 9 RT&L 2RI &"!e;GIF89apx !p, pFO! i?kp_ Tna: Sj(\N=IXG
Ansi based on Dropped File
(~WRD0000.doc)
0 & 9 x8t`P4UM`8jEPKPY& t:9 4+M3@; j& @SP C& DjS& @P 3PPjMQj@QPC& D 9 & \j& <PVEP9 & (9 4T & )9 & D9 09<0 & 8R j& <PjEP9 & (9 E
Ansi based on Dropped File
(~WRD0000.doc)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0.090@0[0`0h0n0u0{0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 012A22;4U4" 4u5 5 5555w6}66666&7v88y::;& ; ;;<<$<< <<<<f=y==0 ===#>P>m> >-?=???0&000J00001A1b19 12/2@2F2222224*4 4455u6R6777A7 7 7777777883898C8R8X8 8a888!909d9k9999::::[;k;;W<! <<7======>Y>b>n>& > >>>>>>>??/?=?k? ?? ???? .00000,1d111111
Ansi based on Dropped File
(~WRD0000.doc)
0 79 VP39 M_^3[: 9 D$"!@9 @
Ansi based on Dropped File
(~WRD0000.doc)
0 9 E0 G 9 E0 G9 E0 F9 E9 +VN0 0 W4CWssPCPI9 W40 E9 0 E9 F0 E9 G 0 E9 G0 E9 G0;s+H9 G,+}0 Et3}" D0 9 EnC0 C9 C0 C&} R9 E9 MeMEEE9 C9Er9 & 4#E9 KHm0 E@)E9 E0 M& u9 @0 Cv9 Mt0 K9 @0 CW@u0 K9 H0 CA -} 9 E9 MeMEEE9 C9Er9 & 4#E9 KCm9 )EC0 C9 C0 C&} {9 E9 MeMEEE9 C9Er9 & 4#E9 KHm0 E@)E9 Mt0 C9 A0 Cb@& 30 C9 A} 9 E9 MeMEEE9 C9Er9 & 4#E9 KCm9 )E9 O(9 +C0 E;s9 G,+0 E9 EE0 E;G(r9 E{ & u}9 G,;u9 G09 O(;t9 ;s+H9 G,+& uXu0 W4VW9 W40 E9 G0;s+H9 G,+9 O,0 E;u9 O(9 G0;t9 ;s+H
Ansi based on Dropped File
(~WRD0000.doc)
0 9] tAPAP_^[]9 U9 juuuuuu]9 U9 9 ESV39 C0 ut ]tS}YtEtjcYv aE jA9 EY#tT=t7=t;ub9 M {LH9 M{, 29 Mz 9 Mzx x E 3t9 W9 }D9 EPQQ$x9 M]}
Ansi based on Dropped File
(~WRD0000.doc)
0 [4RT&L2RI&e;GIF89ap!p,pFOi?kp_Tnj(\N=IXG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0 ];r;u9 0 ]& u3S:Y9 K0 9 C8t0 p9 C9 0 Ut9 R9 |D#M#u)e9 HD9 9#U#uE9 9 U9 iRD0 M9 LD3#u9 R#Mj _G& }9 M9 T9
Ansi based on Dropped File
(~WRD0000.doc)
0 ]f;Lf;Cf;! 5?f;wK30 E0 E9f9 E}f0 E9 E0 E9 E0 Ef0 }V33f9u H% 0 E\3f;uFEu9Eu9Euf0 Ef;uFEu9Eu9E v0 E}E9 E9 M0 M& ~JM0 MD9 Me9 W
Ansi based on Dropped File
(~WRD0000.doc)
0 AX9 Pt}u9 Px3';uu9 uuuuP|q]U9 S9 ]VW& u3;9 CURP<& t$9 M& t9 S9 R9 ssP<3@_^[]U9 ,VE9 Pv@ & SWu u9 uu 9 =PS0 E~80 Et9 N89 SP<EP9 0 uEPEP9 =& t:9 E30 E;tp & t9 MVVSTs9 MEPEP& u3h VVSuuVVu uSuS_[^j9 9 Rj"!Y& uEM?eMRK}9uw9 t!MMz? Vt$9 t$ t t& u'! 9 9 & t9 9 P|^9 D$& t|$t
Ansi based on Dropped File
(~WRD0000.doc)
0 E,0 E9 E0 EEPjh9 EE9 }0 E0 EEPCv09 }v9 vP`9 }9 jP'+j@,@*39]R-; & u9 !@9 ;tuMem9 0 ]+;0 E0 ]~Gu9 ?& t.MQ9 ,uPFPMEtM9 E& t"E9 E;E|MM
Ansi based on Dropped File
(~WRD0000.doc)
0 E0 E9 0 }0 }0 }0 };tp & t9 Wp0 M 9 M9 UR0 }P@& jEWPEG9& xhLBY0 EE;t9 39 0 ejh|9 E0 : s49 9 s9 jp9 u3VVPLj9 0 ejh b9 9 VVj9 9 jpP9 u39 9 9 URPP9 9 EPEP9 E9 M;0 M|0 E9 ;tp & t9 Wp0 M 9 M9 U REPD& jEWPE
Ansi based on Dropped File
(~WRD0000.doc)
0 E;t9 j9 E9]|WSW9 _^[j& A33q(f0 E0 }9>u9 A$9 VPQ0& t9 Eu9 a9 69 MQWVP;u0 }9 E9 URP0 }QdhMc u
Ansi based on Dropped File
(~WRD0000.doc)
0 Ej%Su0 EP0 E& S9 0 ejh|9 v9 }R9 SuP`MS "!jhP9 MREhESPERPEZYYMREm9 }R9 USRPP9 }REPEP9 E9 M;0 M|0 ER}l9 SPMMSjuP0 E& S9 0 ejh|9 v9 }9 juP`MSjhMRE ESPERPEYYYMRE9 }9 USRPP9 }EPEP9 E9 M;0 M|0 E}l9 jPMMSDu& 9 M9 E;~0 M0 E9 E;E~0 E0 EE
Ansi based on Dropped File
(~WRD0000.doc)
0 Em: }9 ]3tjZttt tt9 #t(=t=t;utut0 U9 395 0 }]9 E yj^ttttt9 `#t* t@t;u@ #@t-t
Ansi based on Dropped File
(~WRD0000.doc)
0 Ep u\9 M`h*j9 EP9 EXE;t9 PQME
Ansi based on Dropped File
(~WRD0000.doc)
0 E}9}urE lTtXtCHt/t& uCE9}u:eE09}u%UEu & t3FFf;& 9} FFf> tjVh^lS& & `j XFFf9tf>=& GFFf9tjh^V]O& u
Ansi based on Dropped File
(~WRD0000.doc)
0 F WE,P9 0 ^9 9 vMM,s9 {B4jV A9 9 Ee0 9 E0 9 E0 EP} 9 E$MM0 B U9 V9 ~tWvt<R 9 & tHW& t=EPv< jEPW9 zuEPW& tujv _^9 D$3& ~0 A$j<B0 Q9 T$0 Q*9 D$3& ~0 A(jLB0 Q9 T$0 Q9 D$3& ~0 A,j\B0 Q9 T$0 Q9 D$;Aua|3Vj9 t4PhRhHj0 F?3^U9 V9 9 F& t5~|u/0 EEPEE\ 9 F|0 3^U9 VE9 Pv@ 9 MP}Mj9 O^U9 V9 u& u3}t(9 A8HtHtHtHuGA\Tq ijq pq q,w}t(9 A4HtHtHtHuAL&q;jqBqq(I9 A0Ht=Ht,HtHu}A<9 0 eP9 A{'q9 {jq9 {
Ansi based on Dropped File
(~WRD0000.doc)
0 F0 F0 FP0 E9 E 09 G9 kj7jueeEPu3ECPM0 ] PMERM]J`9 M-9 MhEP0 ]ME"`9 E4kj Mj9 EPM#ue9 MM9 jjHjj9 9 ueu9 s+u9 E9C}9 Mjh|9 ! o& 9 Mjh|9 rZMl3FGPM0 }9 E9 U3f0 p9 KVQQPM9 MEPM0 }E:9 EAjj R2Zi9 j\79 u9 M& tj9 M& tiS a}t*FPjEP9 9 MeP^MM}t+jFVEP9 9 MPE-MM" xijHjh9 ej\ j& }9 v9 MV>.@PEP9 o9 M3EFP0 uM0 uE29 E9iU9 QeVj\9 2Pju9 $9 E^j.+h9 j9bY9 0 M30 E;tu+MPNS hU9 Que}9 M& tPjh|9 m9 EjNgeue~9 Mjh|9 9 6e3@0 E& t9 P9 9 ELhU9 VW9 OH9 VEP9 }MNy_^9 U9 S9 ]V30 u;uVE9 9 MW30 u}9 E
Ansi based on Dropped File
(~WRD0000.doc)
0 H9 F9 M@d9 F0 89 F0 HMF*P9 FhP>j 9 9 FjPM89 MeEP6& u29 M)P9 FhPX9 F@vjLMMU2_V9 9 FW3;u3a9|$t<9~<t9xt@vjL=@vWL;t(F<9~<u3@0 xvjL;t0 ~<_^,SUV9 5` W~S3hPP0 D$,9 =9 U& ShjU9 U0 l$,& ShjU3PPPt$ 9 U0 l$(& D$,PU@ & 0 9 D$,;D$4D$~9 L$40 L$,0 D$49 D$8+D$0j"!Y9 3& " & ~ND$0 D$j]9l$4~.D$0 D$ D$ Pjht$0;l$4|D$L$uSht$t$4P0 D$& & (9 D$_^][,ji9 hMeNL9 FL& 9 j9 P3MM9 [9 U9 QVhMju9 & tFLM9 ^V9 9 F@& tW9 = jjPvjv@_9 F& tPh f9 F& tPfY9 ^&j09 0 ue jdv@9 F@& tPf@MNR VW9 =9 f0jdv@jev@9 F& tP9 Y_^V9 ~0Wu[|$du=~9 }& F,9F,|f,F89 F8;F4|9 v,9 A& t!P9 |$eujv(jdv@_^U9 Vu 9 Y& tbW9 };=uu9 {&uu9 Ru
Ansi based on Dropped File
(~WRD0000.doc)
0 MT39}l P9 uh; E9~ <9 N9 P 9 N0 EX9 0 E0;u0 }\9}XtE\9 N9 Pl0 Eh9}\u;u9 MTVa& & M}M40 }}ME}MDE}9 N9 3CE9}\u9}htupPP
Ansi based on Dropped File
(~WRD0000.doc)
0 N$9 Y~& 9 && 9^uv9 NvDv@9 90 F9 N; l9 }0 9 N9 M0 0 F$9 0 F 3@U9 4S9 9 CV3; 9p WV VP0 E 30 u}EPu u9 E@Pu Pu0 E Wu0 Eu9 Eu@uPVVu uE0 }9 Y; 9u u
Ansi based on Dropped File
(~WRD0000.doc)
0 x,9 M|jV0 9 M9 PhjV9 ]9 - 8H H " H SHHtyu2Y9 & t69 ;=(u9 uVuP& t9 j9 3JuuWPf|teDMQP [& t9 M& tu9 PHSY& t3u9 u9 VSR$SSY& tRu9 u9 VSR(S}Y& tTu9 u9 VSR,S^Y& Ju9 9 RR}`& .S3Y& tx<ukj_9 uHSt9HtY& u9 VS9 RAY& tu9 V9 RP$Y& tu9 V9 RL
Ansi based on Dropped File
(~WRD0000.doc)
0 }0 }0EPEP.EYYuu Euu9 E+E9 M0 F9 E0 F9 E0 F_0 9 ^3[#9 U9 | 30 E9 EV30 E 9 EW30 EGE30 E0 uR0 }S0 u0 u0 u 0 u0 u0 u0 u9u$uVVVVV#/39 Uj0 U^f tftf
Ansi based on Dropped File
(~WRD0000.doc)
0 ~S3A Pjh)hq)hM)h))h-h%h% 3$;" 0 F|9 [^j8g`9 D9 & ~| 9 ]RN0 ~ cN4u~P9 MPeMD9 MEPEPE!!9 k JMk 9Mk (3@N`P0 EWEPM0WEPMES-_N`Dk& F`PMTMEMEjN`ZWEPMWEPMEujSjMExPM Pv| & & r!EME<ME0v9 Rt~tN P MEMM9 EMEMM30 U9 QSV9 u9 N09 ^4W9 }9 G0 E0 M;v9 ^,9 G+;v9 & t
Ansi based on Dropped File
(~WRD0000.doc)
0,`H809:|@T/R>+!\P4.M^%n|)]1ZgX5+!`x^{`W]A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0,`H~8 09 :|@T/R>+!\P4.M^%Rn|)]1! ZR& gX5+!`x^{`W]A
Ansi based on Dropped File
(~WRD0000.doc)
00 RZE!yG"!p! !90
Ansi based on Dropped File
(~WRD0000.doc)
00"0.0:0F0R0^0j0v0 0}0a000000000@1P1111'2222'353u333344_4m44445I5W5 555536A666667+7k7y77788U8c88888?9M99: 999):7:w:& :::;!;a;o;;;;<K<Y<<<<=r= =R====>/>B>>}>: >>???N?! ???0A0~0`00001'171J1b11S111212O2p2}22223-333334H44444[5 55686V6w6" 6666666777#7(757;7I7W7e7s7 7& 7 7 7b8n88899"9H9`9" 9:>:::'; ;;R<<=T==> >>L? ?P(0 01P112x22" 3o44.556x66'7v77"8~88:r: ;:<h<<=r= ==>-?? tJ0
Ansi based on Dropped File
(~WRD0000.doc)
00"0.0:0F0R0^0j0v000000000000@1P1111'2222'353u333344_4m44445I5W5555536A666667+7k7y77788U8c88888?9M99999):7:w::::;!;a;o;;;;<K<Y<<<<=r======>/>B>>>>>???N????0A0~000001'171J1b11111212O2p222223-333334H44444[555686V6w66666666777#7(757;7I7W7e7s77777b8n88899"9H999:>:::';;;R<<=T==>>>L??P(001P112x223o44.556x66'7v77"888:r:;:<h<<=r===>-?? tJ0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0000&0-040:0A0H0R0\0f00/1U1\1c1j1q1x11 11 1a111112222223C3z3R33338444$5H555686^6g6677R777}8888:;;/<d<<<<<="=:=W=t==>;>>>>>>?@?d???
Ansi based on Dropped File
(~WRD0000.doc)
0000&0-040:0A0H0R0\0f00/1U1\1c1j1q1x11111111112222223C3z333338444$5H555686^6g6677R7778888:;;/<d<<<<<="=:=W=t==>;>>>>>>?@?d???
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000000"0&0*0701*191e111[9x9999::R;s;;;;;;K>????T0k0t112z22444#505>5n558888999"9;|>>T?^?{?????????00!0&01060A0F0Q0V0a0f0q0v000000000000000001111!1(1.141B1111202<2D2o2222222333E3R334c444,5O5u556G6b6}666(7S77778>888'9R999:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000000"0&0*0701*191e111[9x9999::R;s;;;;;;K>????T0k0t112z22444#505>5n5: 58x888999"9;|>>T?^?{?R? ???????00!0&01060A0F0Q0V0a0f0q0v00 0 0 00000000000001111!1(1.141B1111202<2D2o22" 22222333E3R334c444,5O5u556G6b6}666(7S7 7778>888'9R999:
Ansi based on Dropped File
(~WRD0000.doc)
0012A22;4U44u555555w666666&7v88y::;;;;<<$<<<<<<f=y=====#>P>m>>-?=???0&000J00001A1b112/2@2F2222224*44455u66777A777777777883898C8R8X88888!909d9k9999::::[;k;;W<<<7======>Y>b>n>>>>>>>>>??/?=?k??????? .00000,1d111111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
09 n9 7o9 D$ppSWj9 9 \$& t-VSrY9 V9 ?30 w& |f9 Wf0 B@;~^_[U9 }tOV9 uj9 lEPu YY0 F@P9 9 F9 NURjuPQuj9 +^]V9 9 FW9 |$;GtjW9 0_9 ^9 D$Vj
Ansi based on Dropped File
(~WRD0000.doc)
09 }9 ^Vt$9 9 ^Vt$9 9 ^j ?m9 EPM ue9 MM9 m9 D$p|$V9 t19 F& ~HPf\tf/tj/9 t$9 #^|$V9 t19 F& ~HPf\tf/tj\9 t$9 ^j tl9 juM
Ansi based on Dropped File
(~WRD0000.doc)
0H 89t >1uA~WwQ@PWV^d3_^[]9 U9 Q9 UBS9 VW% #0 E9 B9 %0 u& t;t<($3;u;u9 Ef9 M0 X0 L<0 ]9 M9 E0 H0 & u9 9 P9 0 P0 & t9 M_^f0 H[9 U9 0 30 E9 ES9 ]V0 EWEPEPYYEPjju9 fa9 u0 CE0 E0 CEPuV~|$& t3PPPPPP9 M_0 s^9 3[F9 VW3H<u0 8h00 7YY& tF$|3@_^$39 S9 VW9 >& t~t
Ansi based on Dropped File
(~WRD0000.doc)
0H89t>1uA~WwQ@PWV^d3_^[]UQUBSVW%#EB%ut;t<($3;u;uEfMXL<]MEHuPPtM_^fH[U03EES]VEWEPEPYYEPjjufauCEECEPuV|$t3PPPPPPM_s^3[FVW3H<u8h07YYtF$|3@_^$3SVW>t~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0L0U1 11L2\2c2j2q2x22 22 2333333444T44445R57L7777^88K99::::(;-;L;d;v;{; ;S;;<<<x=== >4?9? ??xO00000)1"!111112C2h334~44
Ansi based on Dropped File
(~WRD0000.doc)
0L0U111L2\2c2j2q2x22222333333444T44445R57L7777^88K99::::(;-;L;d;v;{;;;;<<<x===>4?9???xO00000)1111112C2h33444
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0n7oD$ppSWj\$t-VSrYV?3w|fWfB@;~^_[U}tOVujlEPuYYF@PFNURjuPQuj+^]VFW|$;GtjW0_^D$Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0w,aQ"!mjp5c" d~2y +L|~- d jHqA }mQ& Vlkdzbe`O\lcc=
Ansi based on Dropped File
(~WRD0000.doc)
0wu< u9]tj+MdjPM}u&SMEEEPM]uMhMuYPMuMF;7VMEP)MEEMEM]EjCueNuEpVD$tVY^ Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0}^Vt$^Vt$^j?mEPMueMMmD$p|$Vt1F~HPf\tf/tj/t$#^|$Vt1F~HPf\tf/tj\t$^jtljuM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1 *\#C ;GIF89aYYY x!,~ ;F! G& }}
Ansi based on Dropped File
(~WRD0000.doc)
1*zA;u@9 AHt$CQ|`9 T%Cu`9 T&C+"!jRPug 9 E+]PuSujh 0 E& u4PP{1YM9 E;EtPqY9 E& 9 9 E9 E9 3;" 0 E0 L0;t9 Mf9
Ansi based on Dropped File
(~WRD0000.doc)
12=3.4444455!5+5>5555K666*7s778L8z888299999:Y::::;;;6<w<<=d===2>>>?`???0l^000A1118222$333#444L555.66e778A8}889m99:f:::T;;;:<<<0=d==>`>>?`???@S00071112T222)3f3u3333334C4q444)55555-6[6667=7778879n99:{:::Y;;<J<<<3===/>c>>>>>?P 00.181O1Y1u12A2233334<4q44455<5H5V5]5z55556C6o666/7@77777L8889S9~9999:d::;B;;;<b<<<"=;=h==>+>8>G>X>y>>>>o???`l*000 191K122222P334b67m89@:::::::;(;;;,<<=3=?=L=Y======9>g>s>>>[???ph00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
12=3.4S444455!5+5>5555K666*7s778L8z88829 9999:Y::::;"!;;6<w<<=d===2> >>?`???0l^000A1118222$3 33#444L5 55.66e778A8}889m99:f:::T;;;:<: <<0=d==>`>>?`???@ S0! 0071112T222)3f3u3333334C4q444)5`5555-6[6667=7 778879n99:{:::Y;;<J<: <<3= ==/>c>>>>>R?P 00.181O1Y1u12A22 33334<4q44455<5H5V5]5z55556C6o666/7@77777L8889S9~9999:d::;B;`;;<b<<<"=;=h==>+>8>G>X>y>>>>o?`??`l*0 00 191K12! 2R222P33! 4b67m89@:a:x:::::;(;S;;,<<=3=?=L=Y=x=====9>g>s> >>[???ph00
Ansi based on Dropped File
(~WRD0000.doc)
171Z1112j223;3 333%4P44%5q5 555667 7778D8 889*9M9v9"!999*:m::;T;;<B<e<<<<==|===0(0t00081c1}11
Ansi based on Dropped File
(~WRD0000.doc)
171Z1112j223;3333%4P44%5q55556677778D8889*9M9v9999*:m::;T;;<B<e<<<<==|===0(0t00081c111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1Au uS9 ]SuuS C;^0 ]RE9 E;FR3@_^[jd9 0 us3N0 }1@-^<9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
1AuuS]SuuC;^]EE;F3@_^[jdus3N}1@-^<Ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1N1y1172222222234w4$6F667)88889h:::::::;<;y;;<j===?>n>>>>!?\?001013&3;4V4d444555F5f5u555555Y66666,7H7777?8_889b::;;; <=<y<<<<m=====>->?>K>>F?t??01|11E2N222233%3E4O4f4555666828<8A88885999::y:::::b;o;;;{<<<<<<======>>x????000%0+0001E111111272222333K4l44455'55556667G7U7778G888A99/::;U;q;;;<t<=O=o===>r>j???p000R1s12k3p324K4V4[4445666?6H6R6w66666E7777898N88E999):=:::;<C<<===u>6??S00001&1@11[2@3I32444`5s555J667*7Q7q77777777m899:d:v::::::;;1;;;;<<<<<<,===>`>p>1?K??00P0r001V1111112!2;2f223333334454M4v4444P556&6+626[6k6v6666 7c777.8D888888'9E9y9999:+:S::::;;;<<%<3<<<)=7===U=p===>0>A>J>>?T?h??h0000001%1+1;111_2k222222X3h3o333333334T44L5m5t555F6R6`6g66677778
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1N1y1172222222234w4$6F667)88889h:~::::::;<;y;;<j=& ==?>n> >~>>!?\? 001013&3;4V4d444555F5f5u5 55555Y6 6666,7H7: 777?8_889b:`: ;;; <=<y<<<<m=====>->?>K>>F?t?? }01|11E2N222233%3E4O4f4555666828<8A8 8885999::y: :~:::b;o; ;;{<< <<<<======>>x? ???000%0+0001E1111112722223 33K4l4 4455'55556667G7U77 78G888A9 9/::;U;q;: ;;<t<=O=o="!==>r>j???p000R1s12k3p324K4V4[4445666?6H6R6w6! 6x666E7777898N88E999):=:::;<C<< ===u>6??S00001&1@1 1[2@3I32444`5s5 5~5J6a67*7Q7q7}7777777m899:d:v::::::;;1;;;;0 < <S<<<<,===>`>p>1?K? ?00P0r001V1111112!2;2f223333334454M4v4R444P556&6+626[6k6v6 666 7c777.8D8 88888'9E9y9999:+:S: :S::;;;<<%<3<<<)=7===U=p===>0>A>J>>?T?h??h0000001%1+1;111_2k2S22222X3h3o33a3333334T44L5m5t55~5F6R6`6g66677778
Ansi based on Dropped File
(~WRD0000.doc)
21222222&3q3}33333^4n4t44444 5j5556%6^6666788.8D8_8k899"949Y9b9t99:2:X:~:::::;&;/;L;i;y;~;;;;;;;.<4<k<|<<<<<<<*=U=]===u>??H0O000r1123334!45567!8o88999999:2:x;;=r>001111111111111112W2_2d222233R3W333w4444444{555555555
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
212~22222&3q3}39 3 333^4n4t4~4444 5j5 556%6^6 666788.8D8_8k899"949Y9b9t99:2:X:~:::::;&;/;L;i;y;~;& ;" ;;;;;.<4<k<|<R<" <: <<<<*=U=]=& =a=u>?? H0O0~00r1123334!455"!67!8o8899}9999:2:x;;=r>R001111111111111112W2_2d20 2}2233R3W333w4444444{5! 5 5 5S55555
Ansi based on Dropped File
(~WRD0000.doc)
2a2223U333.4445;5~55-6q6667V777 8K8888,9`999:e::::J;u;;;/<b<<<=`==>\>>>>>>F??? ?000011!2X2{2222S33333J4m4445[555'6d6667>77778(8Y8|889I9999:>:a:::::5;;;$<<<<.=a====><>j>>>>3?b???0020`0000#1v11192d222313h33434y4475z55 6k66667A777;8c8889>9g9999F:::;W;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2a2223U333.4`445;5~55-6q6667V777 8K8 888,9`9 99:e::::J;u;;;/<b<<<=`==>\>>"!>>>>F?0 ?? S?0 00011!2X2{2222S3}3333J4m4445[5}55'6d6667>7 7778(8Y8|8x89I9999:>:a: ::::5;;;$<<<<.=a=x===><>j> >>>3?b?"!??0020`0: 000#1v11192d2 22313h33434y4475z55 6k6 6667A7& 77;8c8~889>9g9a999F:: ::;W;;;
Ansi based on Dropped File
(~WRD0000.doc)
2MEu*M("& & hM(&0 EX;t9]| EHPM1M(a!PM2jEPM!Pu\MlMm 9 3;~iVE8PM57E9]XuM8{";t*SE8PM((;uSE8PM'9 MxE8P6M8E)F;|;~M^7Eh9 Eh;E`RSM(ME6ME.ME\)M(EP)3F(js~9 9 M!& t
Ansi based on Dropped File
(~WRD0000.doc)
2MEu*M("hM(&EX;t9]|EHPM1M(!PM2jEPM!Pu\MlMm3;~iVE8PM57E9]XuM8{";t*SE8PM((;uSE8PM'MxE8P6M8E)F;|;~M^7EhEh;E`SM(ME6ME.ME\)M(EP)3F(jsM!t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2QYj)QY9 VWP5P 9 t9 & uNhj9 YY& t:V5P 5Y& tjVYYDN0 VoY3W _9 ^9 V9 & ujY9 ^jhB9 u& 9 F$& tP"Y9 F,& tPY9 F4& tPY9 F<& tPY9 F@& tPY9 FD& tPY9 FH& tPY9 F\=]tPYj
Ansi based on Dropped File
(~WRD0000.doc)
2QYj)QYVWP5PtuNhjYYt:V5P5YtjVYYDNVoY3W_^VujY^jhBuF$tP"YF,tPYF4tPYF<tPYF@tPYFDtPYFHtPYF\=]tPYj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2Terms of use at https://www.verisign.com/rpa (c)09100.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2Vt$9 [t$9 g3@^j8139]u3& MJt9 M0 ];0 E0 ]~Y3;0 ]}B9 MSF9 & t& tG4PN4a& }0 ]9 C;]|9 E9Etu9 MPF9 ]9 EC;0 ]|MMs3@E1U9 hSVWj@EjP9 U;j(EjPH;j
Ansi based on Dropped File
(~WRD0000.doc)
2Vt$[t$g3@^j8139]u3MJtM];E]~Y3;]}BMSFttG4PN4}]C;]|E9EtuMPF]EC;]|MMs3@E1UhSVWj@EjPU;j(EjPH;j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3 " H%~t6SY9 9 N;x';x}P=6rY9 9x|EPW9 $& StB rf/tf\tf& tf{:uSjSDV{Y3u0 ] 9 9 f& tf/tf\uyAAf& uS& hPLa;ul3f0 & W& P~DS& hNP & PS3PSjPPh@& P0 E } uy99 +3f0 REf/t%f\tf9 lf:& ^W& P& hNP & PjN_<65@YY@u
Ansi based on Dropped File
(~WRD0000.doc)
3 353C3X3g3 333S4 455P6_68888899%9.949]99999;:K:U:_::: ;;;;B<K<T<R<: <<<<<<==)=9=I=P=W==! ="!=======
Ansi based on Dropped File
(~WRD0000.doc)
3 353C3X3g3333S4455P6_68888899%9.949]99999;:K:U:_:::;;;;B<K<T<<<<<<<<==)=9=I=P=W==========
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3" @@3; W9 ShSVPV_& t}t9 M& tu <^9 [Ul$ 30 & jN0 9 9 9 & WVh
Ansi based on Dropped File
(~WRD0000.doc)
3" @@Vu hSP}9 E 9 S_^3[9 U9 QQS39@t3VWuuuuhHVj70 ])C9 ;tu9 uuuD0 EEPuu< ;t3" PhVAAQ6jEPjSuu4 u9 $ & t3" ShXV@@P3'h|Vj"!}t& t
Ansi based on Dropped File
(~WRD0000.doc)
3"!uEP9 "!eM'& t3MM[/9 eMMEME9 EPVM& &PWM& u!EEuMVe&PWM9 uMEMEnj9 9 MD'& t
Ansi based on Dropped File
(~WRD0000.doc)
3#0tEPeMyPt3MMWKXE{PUMVtjE uMQP}tEPK$_KX}t6MSNEPEPENtEPMEEW3FOj.hj4vYM3u;tuMuPjuuEPj~X$VM`eEPG)MYMVjbuY/eN LMN0EA/fPNTElXV}D$tVtY^j1cWMMLMeEPuu3MMUj4-YMEt3MQEuPtMjuEPmjVW|$NuSSUnX^$SYt-W\WN3=StCu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3#9 0& tEP9 : eMyP& t3MMW9 KXE{P9 U9 0 MV& t S9 j9 9 E 9 u9 MQ9 P}tEPK$_KX}t6MSNEPEP9 EN& tEP9 : MEEW3FOj.h9 j4vY9 0 M30 u;ta9 u9 M9 0 uPj& u9 9 uEP9 j 9 ~X9 $VM`e9 EPG)MYM9 V9 ~jb9 0 uY/eN LMN0EA/fPNTEl9 XV9 }D$tVtY9 ^j1cW0 MML9 MeEPu& u3MMU9 j4-Y9 0 ME& t"!9 39 MQ9 E0 uP9 & t9 MjuEPm9 j9 9 VW9 |$9 9 N& uSSUnX9 ^$S9 Y& t9 -W9 \WN3=S& tC9 & u
Ansi based on Dropped File
(~WRD0000.doc)
3&u9 uP,u9 P\39Ap" ]j\V>0 M3VVMy9 MVVEP0 u0 u0 u33_& t$EPEPM]! & t9u|9 ]9u|9 }9 MjVEP(& t$EPEPM&! & t;]9 ];}9 }9 MVjEP& t$EPEPM & t;]9 ];}9 }9 EM0 9 EM0 8wy
Ansi based on Dropped File
(~WRD0000.doc)
3&uuP,uP\39Ap]j\V>M3VVMyMVVEPuuu33_t$EPEPM]t9u|]9u|}MjVEP(t$EPEPM&t;]];}}MVjEPt$EPEPMt;]];}}EMEM8wy
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3/M|3VjuMuM;uM;uMMP`VF$UtPfFtPtv^j0ik.ej,^VEjP9EKuMEEEu}MC%5$tjjhsMEEPjh2s3uMM[c.$FU0Vj,EjPr8FME,EEEEPjh9v$^t$t$hq$3@t$jhq$3@VD$tV-Y^USVW39}t@WuWuPPPPQWh(UW^;u3DWjhS$hjN,Wj?Wj5EFEF_^[]VW3NWt$$Ut$~~~~~~B~_^jk,uPU3@~PEkIjPNEiIMA,|$u3W|$u3&Vq9D$st$H3@3^_ jkn+uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
30 E0 E3f;uBEu9uu9uu3f0 Ef;u!BCu9su93u0 u0 u0 u0 uS}E9 ES9 M0 M& ~RD0 E C0 E9 E 9 Me9 O4;r;sE}0 wtfE mM}GGESM} f& ~79 }& x+9 u9 Ee9 ?0 u0 Ef& f& Mf& }B9 EtE9 E9 }9 Mm9 EN0 }0 Eu9utfM 9 f9Mw9 M u4}u+e}uef9Muf0 EBfEEEf;r#33f9E0 E 0 EI 0 M;f9 EUf0 E9 E0 E9 E0 Ef0 U3f& eH% e0 E}& <9 EM9 u9 U/E3 3EE33339 } ERf0 f0 G
Ansi based on Dropped File
(~WRD0000.doc)
30 E0 E3f;uBEu9uu9uu3f0 Ef;u!BCu9su93u0 u0 u0 u0 u}E9 E9 M0 MS& ~RD0 EC0 E9 E9 Me9 O4;r;sE}0 wtfEmMS}SGGEM} f& ~79 }& x+9 u9 Ee9 ?0 u0 Ef& f& Mf& }B9 EtE9 E9 }9 Mm9 EN0 }0 Eu9utfM 9 f9Mw9 M u4}u+e}uef9Muf0 EBfEEEf;r#33f9E0 E 0 EI 0 M;f9 EUf0 E9 E0 E9 E0 Ef0 U3f& eH% e0 E}& <9 EM9 u9 U/E 3 3E E 33339 }ERf0 f0 G
Ansi based on Dropped File
(~WRD0000.doc)
30EP9 G8ehUM:& uhM)& uMMrh EP9 _@PN$EMEGhx9 ?& u3MM)9 kP9 \9 jD9aA/9 9 M& & t
Ansi based on Dropped File
(~WRD0000.doc)
30EPG8ehUM:uhM)uMMrhEP_@PN$EMEGhx?u3MM)kP\jD9aA/Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
31MeEPjjEPMEt6euMME6MM3UQQEWt@VpEPeEtHQPEPEPau@^_j ./}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
31MS9 eEP9 jjEPMSE & t69 0 euMS" 9 ME6MMS0 9 3U9 QQ9 EW9 & t@VpEP9 e9 E& tHQP9 EPEP9 a& u@^_j ./9 9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
334444444V5c5}5 555555T6Y6v6}6 66677C7X7t7y77778}8889999: : :;X;{;}<<<>>5>B>U>t>S>>?@01'1A1L1\112222223;3Z3y33333434R4q444445+5J5i50 555556:6Y6x6 66667/7N7m7R77778'8F8e8 888899>9]9|9: 9999:6:U:t: ::::;.;M;l;9 ;;;;<&<E<d<<<<<<===\={=a====>5>T>s> >>>>?-?L?k?`????P0%0D0c0 000001+1F1a1|1 12223h566)656B66677>7*8/8M8b8 888899(9/999::a;;;`<<`=>>>>??g?y? ????` 00000<0b0z0 000000111*131E11h23+3i39 335 5J5p556&6! 66666J7u7`7878D8\88999::S:::,;f;;<<S<_<k<z<z==>5>>@??pp0Y0d011113$3D34o4" 4G5d55X6h667N777)8p8889!9399999/:`:;<<==G==>}>>>>/?;?R?a?j? 50?0f0 0 00"131'2:2k2 20 2222223
Ansi based on Dropped File
(~WRD0000.doc)
334444444V5c5}5555555T6Y6v6666677C7X7t7y77778}8889999:::;X;{;}<<<>>5>B>U>t>>>?@01'1A1L1\112222223;3Z3y33333434R4q444445+5J5i5555556:6Y6x666667/7N7m777778'8F8e8888899>9]9|99999:6:U:t:::::;.;M;l;;;;;<&<E<d<<<<<<===\={=====>5>T>s>>>>>?-?L?k?????P0%0D0c0000001+1F1a1|112223h566)656B66677>7*8/8M8b8888899(9/999::a;;;`<<`=>>>>??g?y?????`00000<0b0z0000000111*131E11h23+3i3335 5J5p556&666666J7u77878D8\88999:::::,;f;;<<S<_<k<z<z==>5>>@??pp0Y0d011113$3D34o44G5d55X6h667N777)8p8889!9399999/:`:;<<==G==>>>>>/?;?R?a?j?50?0f0000"131'2:2k222222223
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
349 MEP5<M0 ]hxM!& u3MMh9 9 MC<;0 E0 ]}u9 M@9 ; 0 EP9 ;PMEM]MXh\SM& tMj$D-Y9 0 ME;tS9 3W9 ]& t9 MV9 VP;t9 j9 E9 E;ERS3F%j j29 30 ]9 }jhT9 0 ]N0 ]ChT9 0 ]9N$P9 )hT9 hRT9 EP9 e.9 M& t'EPD9 0 ]oP9 MEEPEP9 n& uhdT9 h@T9 9 2U9 QeV9 9 M2& u>!EEPuN& t(9 E& t!9 MP9 M& t9 EP9 Mjh|9 89 E^U9 Qe$Q9 M 9 EV9 D$tVe2Y9 ^jkH19 0 u~9 ,T e^$9 9 h9 EhT9 9 1V9 D$tV1Y9 ^jXFk09 9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
34MEP5<M]hxM!u3MMhMC<;E]uM@;EP;PMEM]MXh\SMtMj$D-YME;tS3W]tMVVP;tjEE;ES3F%j j23]}jhT]N]ChT]9N$P)hThTEPe.Mt'EPD]oPMEEPEPnuhdTh@T2UQeVM2u>!EEPuNt(Et!MPMtEPMjh|8E^UQe$QMEVD$tVe2Y^jkH1u~,Te^$hEhT1VD$tV1Y^jXFk0Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
36uEPeM!t3MM(MMEMjuME+ PVMMEcMEej<xeEP;3CM] tMjh|A.]M5MEMEMEEPMPVMyuMjh|-]`M_PMh0MEPME>PVMkMujh|-EP1M]E'MEYME?M]~'MEr'EyjHjMetMjh|-ZEP3FMutMjh|,MhPMq/MEPD0MuE&Ej439]tP9]tK9]~FjuM,EPEP].MEt!M]z&MMn&3vMME0MEME39]~@E;t0PM(MuMnPMePWM\F;u|MEME%MEM]%MM%3@@jEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
36xuEP9 eM!& t3MM(9 MMEM9 juME+ PVM0 M9 EcMEe: j<xeEP;3CM0 ] & t9 Mjh|9 A.0 ]M5MEMEME9 EPM0 PVMy& u9 Mjh|9 -0 ]`M_PMh0MEPME>PVMk9 M& ujh|9 -EP1M0 ]E'MEYME?M]~'MEr'9 EyjHj S9 9 Me& t9 Mjh|9 -ZEP9 3FM0 u& t9 Mjh|9 ,9 MhPMq/9 MEPD0M0 uE&9 ESj4: 9 39]tP9]tK9]~FjuM,EPEP9 0 ].ME& t!M]z&MMn&3vSMME0MEME39]9 ~@9 E9 ;t0PM(M"!& uMnPMePWM\F;u|MEME%MEM]%MM%3@@jaEP
Ansi based on Dropped File
(~WRD0000.doc)
379 MEP ?M0 ] h\SMp& uMM9 MhdF; MQ9 BwP9 EM]}9 & tMMf9 j9 9 MhDS.F;tpMQ9 cBwP9 EM]"9 ehh9 h9 h9 hh9 hT"!hS9 & 3C]jHj59 30 ]9 ujhT9 0 ] 0 ]ChS9 0 ]oOP9 _hS9 ShS9 GWMhhM0 ]hh9 MhhMhShT"!MMtP9 hS9 h|S9 ME9 5jyj59 0 u,TE~P9 E,e
Ansi based on Dropped File
(~WRD0000.doc)
37MEP?M] h\SMpuMMMhdF;MQBwPEM]}tMMfjMhDS.F;tpMQcBwPEM]"ehhhhhhhTh3C]jHj53]ujhT]]ChS]oOP_hSShSGWMhhM]hhMhhMhhTMMtPhSh|SME5jyj5u,TE~PE,e
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
39 e& t9 U& t3@9 0 ej\1VUVW| e9 0 eWV0VS$aW|9 VMEVWVMEV|Ee9 & ~\EP|m9 EP$\& t4& tvMAGP
Ansi based on Dropped File
(~WRD0000.doc)
39 O$9 F$9 ]SQPRP0 EEP9 639 0 ];t9 MQ9 RM9 T0 E& vS9 ;u0 ]C;]r9 3;t
Ansi based on Dropped File
(~WRD0000.doc)
39]0 ]0 ]}9 =<u9 MEP M E ME
Ansi based on Dropped File
(~WRD0000.doc)
39F$PEPeM )& tMM0EP9 }ME ME ME9 EPM%(PM(PVMh& u93ME^MEDME 0MMv09 @9 uj" 9 9 M(& t
Ansi based on Dropped File
(~WRD0000.doc)
39F$PEPeM)tMM0EP}MEMEMEEPM%(PM(PVMhu93ME^MEDME0MMv0@ujM(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3;YNUS3V9@uT9]tO9]tJ9]tE9]t@j0uu;t*WVujuqVV\3;_3^[]ht$t$t$UT3EVu&t3(P%P3PlM3^jM@=@Et"ME-MM-3$EP\u3ME-MM-39E(MP%PM$PuPj[eEPu3FMMQ-YM$P=@Vu+t$t#W3VGTuPVPHt3_3^=@t3 L$I$L$P?$P+YY@j[]e3t*t%u\jWM$PuDP<M#Pu'5PujWM#PuMM>,FD$VtV_Y^VL$q#P^UPl$3Pj`NMlM3\]G$t6M\+3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3;YxNU9 S3V9@uT9]tO9]tJ9]tE9]t@j0uu9 ;t*WVujuqV9 V\3;x_3^[]ht$t$t$U9 T 30 EV9 u9 && t3(& P9 %P3" P9 l9 9 M3^jM@=@Et"ME-MM-3$EP\& u3ME-MM-9 39E(M P%PM$P9 & uPj[eEP& u3FMMQ-9 YM$P 9 =@Vu+9 t$& t#W3VGT& uPVPH& t39 _3^=@t3 9 L$I$9 L$P?$P+YY@j[9 ]e3& t*t%u\jWM$P9 & uDP<M#P9 & u'9 5PujWM#P9 & uMM>,9 FD$V9 tV_Y9 ^V9 9 L$q#P9 ^UPl$ 30 & Pj`NM9 l0 M3\0 ]G$& t6M\+39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3=a~,u3@M#eM~EPVME& u3ME`MM0)9 M2}M9 3E& ~;VEPM0PME,+ME #jjEPMF;|MEs#3Fyj,& 9 M9 Fe& tPMVMt^MM9 9 /"!|$Vt-9 qAr9 9 9T$rr9 9 I;L$v2^9 T$9 V9 p0 29 p ~-u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 BU9 9 M& w3Q Y3seEPM"!h,EPE9 ~U9 9 M& w3k0QR Y30seEPMh,EPE9 U9 9 M& w3P? Y3seEPM}h,EPE9 Vt$9 9 9 ^U9 SVW9 }9 9~sB9 F9 ]+;s9 9 E;s9 ~r9 vPu~Pl& u;]s3;]" _^[]V9 D$tVi Y9 ^V9 pD$tVM Y9 ^j0 9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
3=~,u3@M#eMEPVMEu3MEMM0)M2M3E~;VEPM0PME,+ME#jjEPMF;|MEs#3Fyj,&MFetPMVMt^MM/|$Vt-qAr9T$rrI;L$v2^T$Vp2p~-uVrpI^;QuAJ;QuAPBUMw3QY3seEPMh,EPEUMw3k0QY30seEPMh,EPEUMw3P?Y3seEPM}h,EPEVt$^USVW}9~sBF]+;sE;s~rvPu~Plu;]s3;]_^[]VD$tViY^VpD$tVMY^j0uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@@3;WShVPV_t}tMtu<^[Ul$3jNWVh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@@VuhSPE_^3[UQQS39@t3VWuuuuhHVj7])C;tuuuuDEEPuu<;t3PhVAAQ6jEPjSuu4u$t3ShXV@@P3'h|Vj}tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@eyJBeeE )UM|#MM}|}ME}}|jMZ+;|1tdJ}3^jY+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]EA9 EjppEPQEPEjP & u8Et9 E`p3E#E }t9 Map[9 U9 9 MSV9 u3W9 y;uj^0 0SSSSSS9 & 9]v9 U;~9 3@9Ewj"Y0 9 ;0F~`:tGj0Y@J;9 M;| ?5|
Ansi based on Dropped File
(~WRD0000.doc)
3]EAEjppEPQEPEjP u8EtE`p3E#E}tMap[UMSVu3Wy;uj^0SSSSSS9]vU;~3@9Ewj"Y;0F~:tGj0Y@J;M;|?5|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]MeMfu3MMTu33;|VL$P}^VWhP3@t!h4V<t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]MxeMf& u3MM! 9 9 Tu: 3& 9 3;|" 9 V9 9 L$P9 }^VWhP3@9 & t!h4V<& t
Ansi based on Dropped File
(~WRD0000.doc)
3`M30 }9 MWh9 9 M+PVEPME*M& & jhMtijh9 MtSVh{uM?+PVEPM^PMEME)M& tPME9 MWS#9 & MME3MM9 |9 Vh9 MhVh9 MZMEMuEPME9 M& tEPME3F U9 Q|uMeVh@9 & t.hV<& tMQ& }
Ansi based on Dropped File
(~WRD0000.doc)
3`M3}MWhM+PVEPME*MjhMtijhMtSVh{uM?+PVEPM^PMEME)MtPMEMWS#MME3MM|VhMhVhMZMEMuEPMEMtEPME3FUQ|uMeVh@t.hV<tMQ}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3ajuM@*eEP9 ME& t3ME7$MM+$9 MMEMEjM9 aPMXPVMM9 E~ME 0 j8l9 }u3MVeM[MEwjuM9 ^)EPEP9 EME& uMPWMEP9 ME& uMPM! PWM~
Ansi based on Dropped File
(~WRD0000.doc)
3APjh)hq)hM)h))h-h%h%3$;F|[^j8gD9~|]NcN4u~PMPeMDMEPEPE!!kJMk9Mk(3@N`PEWEPM0WEPMES-_N`DkF`PMTMEMEjN`ZWEPMWEPMEujSjMEPMPv|r!EME<ME0vt~tNPMEMMEMEMM3UQSVuN0^4W}GEM;v^,G+;vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3D9 MEPh$RM0 ]'& u3MM+9 9 M;0 E}9 MSG9 & EP9 rhRMEe'& t EP9 PNE.2MhRM4'& tEP9 PN$E1M_hRM'& t"EP9 wME"0 M,h9 M&& t$EP9 DPN4ES1ME*ME)C;]R3Fj~fx9 0 uN4R ej
Ansi based on Dropped File
(~WRD0000.doc)
3DMEPh$M]'u3MM+M;EMSGEPrhMEe't EPPNE.2MhM4'tEPPN$E1M_hM't"EPwME"M,hM&t$EPDPN4E1ME*ME)C;]3Fj~fuN4 ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3E0 F,9 E& 39 N,Pu MMajiz9 FXPM9 N,e& u3MM 9 $j9 ji29 FXPMG9 N,e& u3FMMJ9 ,9 V9 ~,u3^9 WP89 N,9 ;_@^V9 9 WPL9 9 9 PP& uY& tU9 W9 P@9 %& u%Ph%j3& t$<u9 W9 PD9 9 P9 W9 PH9 9 P3@3_^9 j] 9 }e& t69 & t$<u9 W9 PD9 9 P9 W9 PH9 9 P9 9 Ph0h%j 3ji9 & u< PMeDN89 PR& t
Ansi based on Dropped File
(~WRD0000.doc)
3EE3f;uBEu9uu9uu3fEf;u!BCu9su93uuuuu}EEMM~RDECEEMeO4;r;sE}wtfEmM}GGEM}f~7}x+uEe?uEffMf}BEtEE}MmEN}Eu9utfMf9MwMu4}u+e}uef9MufEBfEEEf;r#33f9EEEIM;fEUfEEEEEfU3feH%eE}<EMuU/E33EE3333}EffG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3EF,E3N,PuMMajizFXPMN,eu3MM$jji2FXPMGN,eu3FMMJ,V~,u3^WP8N,;_@^VWPLPPuYtUWP@%u%Ph%j3t$<uWPDPWPHP3@3_^j]}et6t$<uWPDPWPHPPh0h%j 3jiu<PMeDN8PRt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3etUt3@ej\1VUVW|eeWV0VS$aW|VMEVWVMEV|Ee~\EP|mEP$\t4tvMAGP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3H%~t6YN;x';x}P=6rY9x|EPW$tBrf/tf\tftf{:uSjSDV{Y3u]ftf/tf\uyAAfuShPLa;ul3fWPDShNPPS3PjPPh@PE}uy9+3fEf/t%f\tf9lf:^WPhNPPjN_<65@YY@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0D
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3j0AC 9 M eM9 uE& u"MEMMw3 VM-& t3MErMMF9 3@uV9 9 j80 M9 }& 9 Me9 de0 E& ~[u9 ~"!9 & t@^$9 & t9 EP9 9 MV& u9 j9 u9 "!ME9 E;E|MM& jLt0 My9 (d30 E;u3M:M0 ]X9]E0 ]}~u9 9 ;t9]uFPM&;ujF$PEPMq%ME& u>EPM& t.jSSEPND ;tFPNH9]t9 MV MEE9 E;ERbM]MM|3@ j,&9 jMBueFPFXPM-& u!j9 `3MM"9 }t9 +9 S9 A}tu9 um9 3Fj h9 M0}3M0 }0 ~0 ~M0 FM0 FM0 FM0 FN,MM0 F0 ~ 0 ~$0 ~(|9 j,& 9 9 M& t\9 E& tU0 NM0 F&eM53& uj
Ansi based on Dropped File
(~WRD0000.doc)
3j0ACMeMuEu"MEMMw3VM-t3MErMMF3@uVj8M}MedeE~[u~t@^$tEPMVujuMEE;E|MMjLtMy(d3E;u3M:M]X9]E]u;t9]uFPM&;ujF$PEPMq%MEu>EPMt.jSSEPND;tFPNH9]tMVMEEE;EbM]MM|3@j,&jMBueFPFXPM-u!j3MM"}t+A}tuum3FjhM03M}~~MFMFMFMFN,MMF~ ~$~(|j,&Mt\EtUNMF&eM53uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3juM@*eEPMEt3ME7$MM+$MMEMEjMaPMXPVMMEMEj8l}u3MVeM[MEwjuM^)EPEPEMEuMPWMEPMEuMPMPWM~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3jZ0 FQ9 9 FPvW.v0 ~_^9 A& t99 L$V9 4& t,jhwh`rjV& t9 9 R9 j9 ^9 30 H@0 H0 H0 H0 H39At9At9At@9 A& t.y9 Iu9 D$A`3& v
Ansi based on Dropped File
(~WRD0000.doc)
3jZFQFPvW.v~_^At9L$V4t,jhwh`rjVtRj^3H@HHHH39At9At9At@At.yIuD$A`3v
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M Le9 g& uMMpLh9 E9 0 ]& t9 9M0 E'5h\: EP9 E2PMEEME>M 6& u;MP;EP9 EPEP9 PN4EkEME=hEP9 PMEBEME=M'6& uM.60 FhhEP9 PMEEMEj=M5& uE~$P9 D9 :hEP9 8PMEDME =M5& uEPND Dh8 9 & tAh0 MQ9 PMEgDME<ML5& uEPNCDe}w3F9 ]u9 9 & t'EP9 *Mh9 E9E& uEEEteMN< }t"9 9 P9 9 WMQMQMQS9 P& tE9 E;E re& t9 j9 3ME;MMI9 Jj.hY9 0 M30 E;tUdjpL0 Md9 Mp(9 0 MT& oe`0 EP& u`9 MT9 0 ]X& E P9 eh9 7M 9 0 }6;9 & 0& }dh\: 9 9 & 9 EP9 %9 Eu39 M0 }: t[E P9 M E89 udE P9 <E PEP9 PN4E!BME0 :M 0 }~:9 MXhT9 & EP9 9 E29 M0 };: xEP9 O9 ud$P9 ExAM0 }:9 K7AEP h9 Ev6M9 0 }9& 9 0 E\& hY0 EpE& t9 `9 3ep}\0 } Gup9 MX9 & #E@P9 M@E1M@& & h\: 5& tXE0P9 VM0E1& u59 MdE0P~9 MdE0PE PPNhE
Ansi based on Dropped File
(~WRD0000.doc)
3M7eMyREPuMEMtEPcMSt3ME\[MMM*EPME,ME*jOMSt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M9 0 eju0 FV" 9 NjY9 0 ME& t3M}0 Ft9 0 eju" 9 Nq4jh[M9 }tvjjPY9 0 Me& tb3M9 0 eju0 F 9 Nj Y9 0 ME& t 3uM9 0 Fj.9 }tgjY9 0 Me& t3M9 0 eju0 F 9 NjY& t` $39 M0 F0 Hj.89 }tJUj;Y9 0 Me& tM3M9 0 eju0 F"! 9 N9 E0 F" j[9 0 uej
Ansi based on Dropped File
(~WRD0000.doc)
3M=jju3M0 u7BM;uM=<;uMM=9 3FV9 D$tVY9 ^j@a 9 Mee9 0 } [Ph&.Sjz9 \& & " M3EuWMv53& tEW 9 0 ePmMj9 E[PMxih.MEek9 0 ejh|9 SiEP PM0 E& 9 u
Ansi based on Dropped File
(~WRD0000.doc)
3M=jju3Mu7BM;uM=<;uMM=3FVD$tVY^j@aMee}[Ph&.Sjz\M3EuWMv53tEWePmMjE[PMxih.MEekejh|SiEPPMEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MejuFVNjYMEt3M}FtejuNq4jh[M}tvjjPYMetb3MejuFNj YMEt3uMFj.}tgjYMet3MejuFNjYt`$3MFHj.8}tJUj;YMetM3MejuFNEFj[uej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MLeguMMpLhE]t9ME'5h\EPE2PMEEME>M6u;MP;EPEPEPPN4EkEME=hEPPMEBEME=M'6uM.6FhhEPPMEEMEj=M5uE~$PD:hEP8PMEDME =M5uEPNDDh8tAh0MQPMEgDME<ML5uEPNCDe}w3F]ut'EP*MhE9EuEEEteMN<}t"PWMQMQMQSPtEE;Eretj3ME;MMIJj.hYM3E;tUdjpLMdMp(MToe`EPu`MT]XEPeh7M}6;0dh\EP%Eu3M}:t[E PM E8udE P<E PEPPN4E!BME:M }~:MXhTEPE2M};:xEPOud$PEAM}:K7AEPhEv6M}9E\hYEpEt3ep}\}GupMX#E@PM@E1M@h\5tXE0PVM0E1u5MdE0PMdE0PEPPNhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3N<0 },3CNL]N\E}E}EE0 0 ~0 ~|0 0 Fx0 ~0 0 ^p0 ^t0 " x0 ~l0 0 0 0 0 ~0 ~00 ~40 ~80 ~$0 ~(0 ~,0 ~0 ~0 ~ 0 ~0 ~0 9 DjyVC9 0 ufx9 E& t9 j'}E;}E,N\E NLEN<EM9 DjNT"C9 9 Mf& & s& R9 9 & ufj =Y0 Ee& tjs9 ~3M0 EPs@ 9 0 eu9 9 9 suhu}tu9 9 WFC9 D$0 At39A" jSVLB9 30 }9}$ 9}(t~9 F9 ] ;t9 M+MWQ9 M+MQuuPS Gu(9 E+ESu$9 P9 E+EPu9 Eu
Ansi based on Dropped File
(~WRD0000.doc)
3N<},3CNL]N\EEEE~~|Fx^p^t~l~~0~4~8~$~(~,~~~ DjyVCufxEtj'E;E,N\E NLEN<EMDjNT"CMfsufj =YEetjs~3MEPs@eusuhu}tuWFCD$At39AjVLB3}9}$9}(t~F] ;tM+MWQM+MQuuPGu(E+ESu$PE+EPuEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3O$F$]SQPRPEEP63];tMQRMTEvS;u]C;]r3;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3sEP9 eMy& t3MM9 MEP9 E}PMEFMEM+& u uM& tME! 3F M!ME& MEBxuMh9 PVM~M9 E" MEME'j@quEPQeMv& t3MM9 q}tjrY9 3MfMEk" ME! ~Wh$M9 PVM{M9 E=" ME# j puEPeM& t3MM59 =qMME MEuMhH9 _PVM-M9 E ME9 jo9 9 MUuEP9 eM(& t3MM 9 "!pM,9 MEM9 ' MECVhlM9 PWM7M9 E ME`jRoEP: eeMME MES9 EPhM=PVM0 & u0 M9 u|p~9 0 uMEd MEJMM9 ojnuEPeeMME
Ansi based on Dropped File
(~WRD0000.doc)
3sEPeMyt3MMMEPEPMEFMEM+u uMtME3FM!ME&MEBuMhPVM~MEMEME'j@quEPQeMvt3MMq}tjrY3MfMEkMEWh$MPVM{ME=ME#jpuEPeMt3MM5=qMMEMEuMhH_PVM-MEMEjoMUuEPeM(t3MMpM,MEM'MECVhlMPWM7MEMEjRoEPeeMMEMEEPhM=PVMuMu|p~uMEdMEJMMojnuEPeeMME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEP9 eM'& t3MM& .9 M&ME+MEGjhM9 %PVM:M9 EME"!j}U9 9 M"!&& t
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eM+& tMM! 2M*ME/MEK9 EPh M)PVM& u-3MEMEMM29 ^9 uj$=9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eMq&& tMM-eM{ME MES9 EPhM%PVML& u-3MEKME1MMo-9 Z9 uj}9 9 M%& t
Ansi based on Dropped File
(~WRD0000.doc)
3uEPeMq&tMM-eM{MEMEEPhM%PVMLu-3MEKME1MMo-ZujM%t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3WMXeWMw0 9 EjW0 ~0 F9 0 F & uMMd9 =@ EPvv 9 Fd9 UjvHvhD+RQQhPjvPj9 !P0 F& u3MMc9 IEPv9 E+E+FP~t0 FHt9 EP9 Fp9 E)FHt9 2EP9 Fp9 E)FH9 \3F9 U9 }+SVW9 te9}t}u|3_^[]9 ]9 u& u9Ft9 9 P`9 NuSW?u& u9Ft9 9 Pd9 N9 U9 BHt
Ansi based on Dropped File
(~WRD0000.doc)
3WMXeWMwEjW~FF uMMd=@EPvv FdUjvHvhD+RQQhPjvPj!PFu3MMcIEPvE+E+FP~tFHtEPFpE)FHt2EPFpE)FH\3FU}+SVWte9}t}u|3_^[]]uu9FtP`NuSW?uu9FtPdNUBHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3x9 MESPh RMS0 }" %& u3MMS(9 9 M;0 E0 }}: u9 M9 & wEP9 EhRME8%& tERP9 PNE0MRHh`RM
Ansi based on Dropped File
(~WRD0000.doc)
3XuEP9 XeM(& t3MM09 M}EtjIY9 9 }MMEWh,M9 7'PVMM9 E}MEc& jv9 9 M(& t
Ansi based on Dropped File
(~WRD0000.doc)
3XuEPXeM(t3MM0M}EtjIY}MMEWh,M7'PVMME}MEcjvM(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3YU3EVW}VjPqjPhj)tjY3@M_3^wjWQ!}MEPu3]];tuMM}9u3R;tMQu3FR8Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3YU9 30 EVW9 }V& jPqj& Phj)0 & tjY3@9 M_3^wjWQ!}9 MEPu3 9 0 ]0 ];t9 uMM9 } 9u39 9 9 R;t9 MQu39 FR8M& t
Ansi based on Dropped File
(~WRD0000.doc)
3yVu & tP 9 & tVu M9 '9 MeVWPM& u3MM9 SuM9 j[[x9 Re& t6>t+u9 MQ9 R9 9 juPMM3@MM3xjRw9 j<rY9 0 Me& tjxa30 }0 R& u3Yj8qY9 0 ME& tjx: 30 }0 & tj"9 0 eWhh9 j&9 0 eWh9 j/9 0 eWhX9 j<9 0 eWh9 j>9 0 eWhS9 "!h 9 0 eWhH9 zh 9 0 eWh8n9 [h 9 0 eWh$O9 <h! 9 0 eWh09 h0 9 0 eWh9 h9 9 0 eWh9 h 9 0 eWh9 h 9 0 eWh9 h 9 0 eWh" 9 h 9 0 eWhv9 ch 9 0 eWhW9 Dh 9 0 eWh89 %h"!9 0 eWhx9 h: 9 0 eWhd9 h9 0 eWhT9 h9 0 eWhD9 h9 0 eWh49 `h9 0 eWh$~9 kh9 0 eWh_9 Lh9 0 eWh@9 -S9 0 eWh 9
Ansi based on Dropped File
(~WRD0000.doc)
3yVutPtVuM'MeVWPMu3MMuMj[[xet6>t+uMQRjuPMM3@MM3xjRwj<rYMetjx3}u3Yj8qYMEtjx3}tj"eWhhj&eWhj/eWhXj<eWhj>eWhheWhHzheWh8n[heWh$O<heWh0heWhheWhheWhheWhheWhheWhvcheWhWDheWh8%heWhxheWhdheWhTheWhDheWh4heWh$~kheWh_LheWh@-SeWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Y}9 EME0 EJ0 EEPuhav8u3MM9 #F<3FU$ 30 & PeSV9 \Wj8E jP9 -9 & d9 `h0 EEjPE E0 ] 0 E w-E PShsw8ju 9 9 P_9 ^3[TV9 v8& u^jjhv8^t$q80 U9 uuuuuq8S ]j0Vl!9 ]3VsEPM0 u& & VVj9 =Ps0 EC0 E0 ut09 5Rj
Ansi based on Dropped File
(~WRD0000.doc)
3Y}EMEEJEEPuhav8u3MM#F<3FU$3PeSV\Wj8EjP-d`hEEjPEE]Ew-EPShsw8juP_^3[TVv8u^jjhv8^t$q80Uuuuuuq8]j0Vl!]3VsEPMuVVj=PsECEut05j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Z^SEPeM& tMMfMME~ME*! ~$WhTM0 E PuMF4PhHMyPuM9 MS-9 0 v3& t+ME}ME0 MM9 )FUTjD: X0 MPM( j3hM80 ]jjhMEW9 MPE8PEPE(PEM9 EUM8]J;u#MM(:39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3Z^SEPeMtMMfMME~ME*~$WhTMEPuMF4PhHMyPuMMS-v3t+ME}MEMM)FUTjDXMPM(j3hM8]jjhMEWMPE8PEPE(PEMEUM8]J;u#MM(:3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3}/M| 3VjuM0 u M;uM ;uMM"! 9 P9 `9 V9 9 F$U& tPf9 F& tP& tv^j0ik.9 ej,^VEjP99 E9 K0 u0 ME0 E0 Eu}M0 C%9 5$ & tjjhsM0 EEPjh2s3& uMM[9 c.$FU9 0Vj,EjP9 r89 F9 ME,0 E0 E0 EEPjh9v$ ^t$t$hq$ 3@t$jhq$ 3@V9 "!D$tV-Y9 ^U9 SVW39 9}t@Wu WuPPPPQWh(UW 9 0 ^;u3DWjhS$ hj9 N,Wj9 ?Wj9 59 E0 F9 E0 F9 _^[]VW39 NWt$$Ut$0 ~0 ~0 ~0 ~0 ~0 ~B0 ~_9 ^jak,9 0 uPU3@~P9 0 EkI9 j9 PNEiIM9 A,|$u3W9 |$& u3&Vq9 9D$st$9 H0 3@3^_ jakn+9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
3}MyJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4 434R4^4v4{44444444455p56P66@7V7i77778q8888*9:7:H:g:::9;;;;;;8<<<=R=Y=u===>>>>???0111111g22F3O3s333333344=4U4s4444445G5\556(606=6b6q66667>77778'828f8l888888899K9]9999w::0;<<=*=]=S23333333333333333333333333333334444L4R4Z4g4{4444(5A5j5o555w607H7M799%:X:::/;|;;;;T<l<<<<<<=!=.=b==4?F?0"0/0J0Q0i0000 444440556d666666666666677
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4 434R4^4v4{49 4444444455p56P66@7V7i77 778q8888*9:7:H:g:::9;;;;;;8<<<=R=Y=u===> >>>??`? 0111111g22F3O3s30 3~3333344=4U4s4444445G5\556(606=6b6q66667>77778'828f8l8! 8 8888899K9]9 999w:R:0;<<=*=]=S20 33 3" 3"!333333333333333333333333334444L4R4Z4g4{49 444(5A5j5o5 55w607H7M799%:X:}::/;|;;;;T<l< <<<<<=!=.=b=0 =4?F?0"0/0J0Q0i0000 444440556d666666666666677
Ansi based on Dropped File
(~WRD0000.doc)
4)GZ?C@ JYZA(=K%LXZRT>H/2:ZN".01'6Z-O3+M V5,9 ZP7D!;;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
4)GZ?C@ JYZA(=K%LXZRT>H/2:ZN".01'6Z-O3+MV5,ZP7D!;;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
41'M!:";GIF89a~q!,H A2tP`]8y',@(0! $<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
41R'M!S:0 ";GIF89a` ~ x R} }~ : x 0 }0 9 a q!`,H A2tP`]}8y'},@(& 0! $<
Ansi based on Dropped File
(~WRD0000.doc)
44(444?4E4P4X4b4p4u444 4S4444444444455!5&505<5G5M5\5f5t5y555"!55555555555666%6/696C6M6X6\6a6 X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9 9 99R99 99S9999999999;;;;;0<4< <<S<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S44444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S5555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>S>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3 3 33R33 33S333333333333333333333333344444444 4$4(4,46R6P7T7X7\7`7d7h7l7p7t7x7|7 7 77R77>>>45555555555555566666666(|2 2 25566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8 8 888 88S888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|: :::::::::::d=h=p=t=x=|= = ==R== ==S=============>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S????????????H0L0P0T0X0\0112h7l77 77S7777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|: : ::R:: ::S:::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|= = ==R== ==S===================== > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S4444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|< < <<R<< <<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|: : ::R:: ::S::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|; ; ;;R;; ;;S;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|> > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0 0 00R00 00S000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4 4 44R44 4444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|= = ==>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 222222222233333333 3$3(3,30343R33 33S333p4t4x4|4 4 44R44 4@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????P111111111111111122222222 2$2(2h2l2p2t2x2|2 2 22R22 22S222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555556666666 6$6 6 6666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|5 55 55S5555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7R7S77777777778$8(8,848L8P8h8l8 8 88S8888888888990949L9\9`9d9h9l9t9R9999999999::: :8:H:L:P:X:p:t:R::::::::::;;(;,;0;8;P;T;l;p;;;S;;;;;;;;<<<<0<4<L<P<h<l< < <<S<<<<<<<<<<<======0=@=D=H=P=h=l= = =========>>(>,>D>H>`>d>|>R>> >S>>>>>>>???$?(?@?D?\?l?p?t?|? ?????????? h00(0,0@0D0T0X0`0x00R0S000000000111,10181P1`1d1t1x1 111111111112222242D2H2X2\2d2|2R2222222222233 3034383@3X3h3l3|3 3 3R33333333333344(484<4@4D4L4d4t4x4|4 4S44444444444455(585<5@5D5H5\5`5p5t5|5 55555555566666,606H6X6\6`6t6x66R66 6S666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 7S777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888S888888889999(9,9<9@9P9T9d9h9x9|9R999999999999::::,:0:8:P:`:d:t:x:|: : ::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p< <<<S<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x= ==S========>>>> >0>4>8><>D>\>`>x>>R>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t?R?????????????00040D0H0\0`0p0t0 00R0 000000001111101@1D1T1X1h1l1t1R1S1111111111222$2(282<2D2\2l2p2 2 22R22 2S22222222233 3$3,3D3T3X3h3l3|3 3 333333333334444404@4D4T4X4\4`4h4 44 44444444444455,505@5D5T5X5\5d5|5 5555555555566(6,6@6D6T6X6`6x66R6S666666666677 7074787@7X7h7l7|7 7 7R777777778888$8<8L8P8`8d8t8x8 88888888888899 9$9(9,949L9\9`9p9t9x9|9 99999999999::::(:,:<:@:P:T:d:h:x:|:R::::::::::::;;;;,;0;@;D;T;X;h;l;|; ;; ;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<S<<<<<<<<<<====4=D=H=X=\=d=|=R============>>>>,>0>@>D>L>d>t>x>>R> >>>>>>>>????$?<?L?P?`?d?h?p???S??????????00 00040D0H0L0P0T0\0t0 000S00000000000111(1,1014181<1D1\1l1p1 1 1 11111111111222 20242D2H2X2\2l2p2 2 2 22222222222233 3$34383H3L3\3`3h3 33 33333333334 4$44484<4D4\4l4p4 4 444444444445555 5(5@5P5T5d5h5l5t5R5S55555555556666(686<6L6P6T6X6\6d6|6R66666666666666777$74787H7L7P7T7X7`7x77R7S777777777788808@8D8T8X8`8x88R8S888888888899 90949D9H9P9h9x9|9R99 99S99999999999: :$:4:8:<:D:\:l:p: : :::::::::::::;; ;$;,;D;T;X;h;l;t;R;S;;;;;;;;;;<<,<0<@<D<H<P<h<l< < <<<<<<<<<<=====4=D=H=X=\=`=h= == ============>>,>0>@>D>L>d>t>x>>R>>>>>>>>>>??? ?0?4?<?T?d?h?x?|?R?? ?S????????4000$0(0,00080P0`0d0t0x0|0 0S08889999$9,949<9D9L9T9\9d9l9t9|9 9R99999999::: :D:d:l:t:|: :R: :::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<R<<<<<<=,=4=@=`=h=p=t=x= = =S=====>>> >(>0>8>@>H>P>\>|> >R>>>>>??? ?(?0?<?\?d?p? ???????????t0(00080@0H0P0X0`0l0R0 00000001111$101T1t1|1 1R1 1S11111111111112222$2,242<2H2h2t2 2S222223$3D3L3T3\3d3l3t3|3 3R3 3S3333333333344 4(444X4x4 4444444444445 5(50585D5d5l5t5|5 5R5 55555556666$6,646@6`6l6R66666677 7(747T7\7d7p77S77777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9 999S999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|; ;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x= ========>8>@>H>P>X>`>h>p>x> >>>>>>>>>>>>>?(?0?8?@?H?T?t?|? ?R? ?S????????? 0000D0X0h0|0 0000001 1(10181@1H1T1t1|1 1R1 1S111111122220282D2l2 2222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x4 444S4444445555 5(50585@5H5P5X5d5 5R55555556 6(646T6\6d6p6 66666666667 7,7P7p7x7 777S77777777778888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S88888888888889999$9,949<9D9L9T9\9d9l9t9|9 9R9 9S999999999::,:4:<:H:h:p:x: :::::::;; ;@;H;P;\;|; ;R; ;;;;;;;<<0<8<@<H<P<X<`<h<p<|<S<<<<<<<<<=$=,=4=@=`=h=p=x= =========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t0 0S0000000001$1,141<1H1l1R1 1S1111111111222<2D2P2p2x2 22 22223333$3,343<3H3h3t3 3S33333333484@4H4P4X4`4h4p4x4 4R4444444455,585\5|5 5R5 5S5555555566$6,686X6`6h6p6|6S6666667777$7,787\7|7 7R7 7S7777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|: :R: :S:::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|< <R< <<<<<<<<<<=$=0=P=\=|= =R=====>>> >(>0>8>@>H>P>X>`>l>R> >>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x0 0000000001111 1,1L1T1\1d1l1t1|1 1R11111111222 2@2H2P2X2d2 2222222223(30383@3L3l3x33333334$404T4t4|4 4R4 4S4444444445555<5D5P5p5|5S55555556686D6d6p66S6666777$7,7<7P7\7d7 7R7 7S77777777777778888@8L8p88888888888888899,989X9`9h9t9 9S99999999: :@:L:t::::::::;;;4;<;H;h;p;|;S;;;;;;;;;<$<0<P<X<`<l<R< <S<<<<<<===8=@=L=l=t=|= ======>>>$>H>h>p>x> >>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`0 0000000001111$1H1h1p1x1 11 111111111112(20282@2H2P2X2d2 2R2 2S22222222233343<3D3L3T3\3h3333333333344<4D4P4p4x4 4444444455$505T5t5|5 5R5 5S55555566(60686@6L6l6x666666677747@7`7l7R7 77777778848T8\8d8l8t8|8 888888888999 9D9d9l9t9|9 9R9 9999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l; ;;;;;;;;;;<<<4<@<d< <R< <S<<<<<<<<<<<=<=H=P=h=t= =S======>>>8>@>H>T>t> >>>>>>>?,?4?<?D?L?\?p?|? ???????? 0000@0`0h0p0x0 0000000000001 1(141T1\1h11111111122,242<2H2h2p2x2 222222333 3@3H3T3t3|3 3R333333334(40484@4H4P4X4`4h4t4 4S4444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p6 66666666667 7(70787@7H7P7\7 77777777778888$8,848<8D8L8X8x8 88888888888888899$9,949<9D9L9T9\9d9l9t9 9999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`; ;;;;;;;;;;;;;;;;<<<4<<<H<l<R< <S<<<<<<<<<=,=@=L=T=l=|= =R= =======>>>$>,>8>X>d> >>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1 1R11111120282@2H2P2X2`2h2p2x2 2222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4S444444445 5@5H5T5t5 55555566686X6`6h6p6x6 66 66666777(7H7P7\7|77777778,848<8D8L8T8`8 888S8888889999$9D9L9X9x9 9R999999::(:0:L:l:t:|: :R: :S:::::::::;;,;4;<;H;h;p;|;S;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|= =R=====>>> >(>0>8>D>d>l>t>|> >R> >S>>>>>??(?0?<?d?? ?S?????0(00 0H0l0x0 000000000141<1D1L1T1\1d1l1t1|1 1R1 1S1111111112(2H2P2X2`2h2p2x2 22 222222383@3H3P3X3`3h3p3x3 333S3333334404P4X4`4h4p4x4 44444444455,545<5H5h5p5x5 5555555666$606P6\6|6 6R666666667777(7H7T7t7|7777777778 8(848T8`8 8R888888889(9H9P9X9`9h9p9x9 9R99999999999:$:D:L:X:x: ::::::;;;;$;,;4;@;d; ;R; ;S;;;;;;;<$<0<P<X<`<l<R< <<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>R>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`0 0000001 1@1`1 111122(2H2h2222223383X3x333333334484@4D4\4`4|4 4444S4444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t2 22222343T3t3S33344<4`4x4 444455H5t5x55 555556H6L6l6 666667,7X7p7t77777788H8h8 8888889,9P9l9p999999:,:0:P:T:p:R:::::;,;H;h; ;;;;;;<4<X<|<S<<<== =@=D=d=R=====>,>h>>>>>?,?L?l? ?????? 000L0h0 0S000001 1T1X1x1|1S111112<2X2\2x22S2222343L3h3l3 3S3333444T4|44S444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44444444444444 5S55555555555556666$6,646<6D6L6T6\6d6l6t69 99S999999999999999
Ansi based on Dropped File
(~WRD0002.doc)
44(444?4E4P4X4b4p4u444 4S4444444444455!5&505<5G5M5\5f5t5y555"!55555555555666%6/696C6M6X6\6a6 X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9 9 99R99 99S9999999999;;;;;0<4< <<S<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S44444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S5555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>S>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3 3 33R33 33S333333333333333333333333344444444 4$4(4,46R6P7T7X7\7`7d7h7l7p7t7x7|7 7 77R77>>>45555555555555566666666(|2 2 25566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8 8 888 88S888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|: :::::::::::d=h=p=t=x=|= = ==R== ==S=============>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S????????????H0L0P0T0X0\0112h7l77 77S7777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|: : ::R:: ::S:::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|= = ==R== ==S===================== > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S4444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|< < <<R<< <<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|: : ::R:: ::S::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|; ; ;;R;; ;;S;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|> > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0 0 00R00 00S000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4 4 44R44 4444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|= = ==>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 222222222233333333 3$3(3,30343R33 33S333p4t4x4|4 4 44R44 4@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????P111111111111111122222222 2$2(2h2l2p2t2x2|2 2 22R22 22S222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555556666666 6$6 6 6666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|5 55 55S5555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7R7S77777777778$8(8,848L8P8h8l8 8 88S8888888888990949L9\9`9d9h9l9t9R9999999999::: :8:H:L:P:X:p:t:R::::::::::;;(;,;0;8;P;T;l;p;;;S;;;;;;;;<<<<0<4<L<P<h<l< < <<S<<<<<<<<<<<======0=@=D=H=P=h=l= = =========>>(>,>D>H>`>d>|>R>> >S>>>>>>>???$?(?@?D?\?l?p?t?|? ?????????? h00(0,0@0D0T0X0`0x00R0S000000000111,10181P1`1d1t1x1 111111111112222242D2H2X2\2d2|2R2222222222233 3034383@3X3h3l3|3 3 3R33333333333344(484<4@4D4L4d4t4x4|4 4S44444444444455(585<5@5D5H5\5`5p5t5|5 55555555566666,606H6X6\6`6t6x66R66 6S666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 7S777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888S888888889999(9,9<9@9P9T9d9h9x9|9R999999999999::::,:0:8:P:`:d:t:x:|: : ::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p< <<<S<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x= ==S========>>>> >0>4>8><>D>\>`>x>>R>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t?R?????????????00040D0H0\0`0p0t0 00R0 000000001111101@1D1T1X1h1l1t1R1S1111111111222$2(282<2D2\2l2p2 2 22R22 2S22222222233 3$3,3D3T3X3h3l3|3 3 333333333334444404@4D4T4X4\4`4h4 44 44444444444455,505@5D5T5X5\5d5|5 5555555555566(6,6@6D6T6X6`6x66R6S666666666677 7074787@7X7h7l7|7 7 7R777777778888$8<8L8P8`8d8t8x8 88888888888899 9$9(9,949L9\9`9p9t9x9|9 99999999999::::(:,:<:@:P:T:d:h:x:|:R::::::::::::;;;;,;0;@;D;T;X;h;l;|; ;; ;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<S<<<<<<<<<<====4=D=H=X=\=d=|=R============>>>>,>0>@>D>L>d>t>x>>R> >>>>>>>>????$?<?L?P?`?d?h?p???S??????????00 00040D0H0L0P0T0\0t0 000S00000000000111(1,1014181<1D1\1l1p1 1 1 11111111111222 20242D2H2X2\2l2p2 2 2 22222222222233 3$34383H3L3\3`3h3 33 33333333334 4$44484<4D4\4l4p4 4 444444444445555 5(5@5P5T5d5h5l5t5R5S55555555556666(686<6L6P6T6X6\6d6|6R66666666666666777$74787H7L7P7T7X7`7x77R7S777777777788808@8D8T8X8`8x88R8S888888888899 90949D9H9P9h9x9|9R99 99S99999999999: :$:4:8:<:D:\:l:p: : :::::::::::::;; ;$;,;D;T;X;h;l;t;R;S;;;;;;;;;;<<,<0<@<D<H<P<h<l< < <<<<<<<<<<=====4=D=H=X=\=`=h= == ============>>,>0>@>D>L>d>t>x>>R>>>>>>>>>>??? ?0?4?<?T?d?h?x?|?R?? ?S????????4000$0(0,00080P0`0d0t0x0|0 0S08889999$9,949<9D9L9T9\9d9l9t9|9 9R99999999::: :D:d:l:t:|: :R: :::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<R<<<<<<=,=4=@=`=h=p=t=x= = =S=====>>> >(>0>8>@>H>P>\>|> >R>>>>>??? ?(?0?<?\?d?p? ???????????t0(00080@0H0P0X0`0l0R0 00000001111$101T1t1|1 1R1 1S11111111111112222$2,242<2H2h2t2 2S222223$3D3L3T3\3d3l3t3|3 3R3 3S3333333333344 4(444X4x4 4444444444445 5(50585D5d5l5t5|5 5R5 55555556666$6,646@6`6l6R66666677 7(747T7\7d7p77S77777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9 999S999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|; ;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x= ========>8>@>H>P>X>`>h>p>x> >>>>>>>>>>>>>?(?0?8?@?H?T?t?|? ?R? ?S????????? 0000D0X0h0|0 0000001 1(10181@1H1T1t1|1 1R1 1S111111122220282D2l2 2222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x4 444S4444445555 5(50585@5H5P5X5d5 5R55555556 6(646T6\6d6p6 66666666667 7,7P7p7x7 777S77777777778888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S88888888888889999$9,949<9D9L9T9\9d9l9t9|9 9R9 9S999999999::,:4:<:H:h:p:x: :::::::;; ;@;H;P;\;|; ;R; ;;;;;;;<<0<8<@<H<P<X<`<h<p<|<S<<<<<<<<<=$=,=4=@=`=h=p=x= =========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t0 0S0000000001$1,141<1H1l1R1 1S1111111111222<2D2P2p2x2 22 22223333$3,343<3H3h3t3 3S33333333484@4H4P4X4`4h4p4x4 4R4444444455,585\5|5 5R5 5S5555555566$6,686X6`6h6p6|6S6666667777$7,787\7|7 7R7 7S7777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|: :R: :S:::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|< <R< <<<<<<<<<<=$=0=P=\=|= =R=====>>> >(>0>8>@>H>P>X>`>l>R> >>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x0 0000000001111 1,1L1T1\1d1l1t1|1 1R11111111222 2@2H2P2X2d2 2222222223(30383@3L3l3x33333334$404T4t4|4 4R4 4S4444444445555<5D5P5p5|5S55555556686D6d6p66S6666777$7,7<7P7\7d7 7R7 7S77777777777778888@8L8p88888888888888899,989X9`9h9t9 9S99999999: :@:L:t::::::::;;;4;<;H;h;p;|;S;;;;;;;;;<$<0<P<X<`<l<R< <S<<<<<<===8=@=L=l=t=|= ======>>>$>H>h>p>x> >>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`0 0000000001111$1H1h1p1x1 11 111111111112(20282@2H2P2X2d2 2R2 2S22222222233343<3D3L3T3\3h3333333333344<4D4P4p4x4 4444444455$505T5t5|5 5R5 5S55555566(60686@6L6l6x666666677747@7`7l7R7 77777778848T8\8d8l8t8|8 888888888999 9D9d9l9t9|9 9R9 9999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l; ;;;;;;;;;;<<<4<@<d< <R< <S<<<<<<<<<<<=<=H=P=h=t= =S======>>>8>@>H>T>t> >>>>>>>?,?4?<?D?L?\?p?|? ???????? 0000@0`0h0p0x0 0000000000001 1(141T1\1h11111111122,242<2H2h2p2x2 222222333 3@3H3T3t3|3 3R333333334(40484@4H4P4X4`4h4t4 4S4444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p6 66666666667 7(70787@7H7P7\7 77777777778888$8,848<8D8L8X8x8 88888888888888899$9,949<9D9L9T9\9d9l9t9 9999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`; ;;;;;;;;;;;;;;;;<<<4<<<H<l<R< <S<<<<<<<<<=,=@=L=T=l=|= =R= =======>>>$>,>8>X>d> >>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1 1R11111120282@2H2P2X2`2h2p2x2 2222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4S444444445 5@5H5T5t5 55555566686X6`6h6p6x6 66 66666777(7H7P7\7|77777778,848<8D8L8T8`8 888S8888889999$9D9L9X9x9 9R999999::(:0:L:l:t:|: :R: :S:::::::::;;,;4;<;H;h;p;|;S;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|= =R=====>>> >(>0>8>D>d>l>t>|> >R> >S>>>>>??(?0?<?d?? ?S?????0(00 0H0l0x0 000000000141<1D1L1T1\1d1l1t1|1 1R1 1S1111111112(2H2P2X2`2h2p2x2 22 222222383@3H3P3X3`3h3p3x3 333S3333334404P4X4`4h4p4x4 44444444455,545<5H5h5p5x5 5555555666$606P6\6|6 6R666666667777(7H7T7t7|7777777778 8(848T8`8 8R888888889(9H9P9X9`9h9p9x9 9R99999999999:$:D:L:X:x: ::::::;;;;$;,;4;@;d; ;R; ;S;;;;;;;<$<0<P<X<`<l<R< <<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>R>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`0 0000001 1@1`1 111122(2H2h2222223383X3x333333334484@4D4\4`4|4 4444S4444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t2 22222343T3t3S33344<4`4x4 444455H5t5x55 555556H6L6l6 666667,7X7p7t77777788H8h8 8888889,9P9l9p999999:,:0:P:T:p:R:::::;,;H;h; ;;;;;;<4<X<|<S<<<== =@=D=d=R=====>,>h>>>>>?,?L?l? ?????? 000L0h0 0S000001 1T1X1x1|1S111112<2X2\2x22S2222343L3h3l3 3S3333444T4|44S444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44444444444444 5S55555555555556666$6,646<6D6L6T6\6d6l6t69 99S999999999999999`0 M* H
Ansi based on Dropped File
(~WRD0000.doc)
44(444?4E4P4X4b4p4u44444444444444455!5&505<5G5M5\5f5t5y55555555555555666%6/696C6M6X6\6a6X5\5`5d5h5l5p5t5x5|55555555555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|999999999999999999;;;;;0<4<<<<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4444444444444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|555555555555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|11111111111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|22222222222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|33333333333333333333333333333333344444444 4$4(4,466P7T7X7\7`7d7h7l7p7t7x7|777777>>>45555555555555566666666(|2225566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8888888888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|::::::::::::d=h=p=t=x=|=====================>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|????????????????????H0L0P0T0X0\0112h7l77777777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:::::::::::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=============================>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?????????????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|444444444444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|<<<<<<<<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|::::::::::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|00000000000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|11111111111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|22222222222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4444444444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|55555P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|====>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|222222222222222233333333 3$3(3,303433333333p4t4x4|4444444@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|?????????????P111111111111111122222222 2$2(2h2l2p2t2x2|22222222222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|55555555555555555555556666666 6$666666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|555555555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7777777777778$8(8,848L8P8h8l88888888888888990949L9\9`9d9h9l9t99999999999::: :8:H:L:P:X:p:t:::::::::::;;(;,;0;8;P;T;l;p;;;;;;;;;;;<<<<0<4<L<P<h<l<<<<<<<<<<<<<<<======0=@=D=H=P=h=l===========>>(>,>D>H>`>d>|>>>>>>>>>>>???$?(?@?D?\?l?p?t?|???????????h00(0,0@0D0T0X0`0x000000000000111,10181P1`1d1t1x1111111111112222242D2H2X2\2d2|22222222222233 3034383@3X3h3l3|33333333333333344(484<4@4D4L4d4t4x4|4444444444444455(585<5@5D5H5\5`5p5t5|555555555566666,606H6X6\6`6t6x66666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|77777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888888888889999(9,9<9@9P9T9d9h9x9|9999999999999::::,:0:8:P:`:d:t:x:|::::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p<<<<<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x===========>>>> >0>4>8><>D>\>`>x>>>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t??????????????00040D0H0\0`0p0t0000000000001111101@1D1T1X1h1l1t111111111111222$2(282<2D2\2l2p222222222222222233 3$3,3D3T3X3h3l3|33333333333334444404@4D4T4X4\4`4h44444444444444455,505@5D5T5X5\5d5|55555555555566(6,6@6D6T6X6`6x666666666666677 7074787@7X7h7l7|777777777778888$8<8L8P8`8d8t8x888888888888899 9$9(9,949L9\9`9p9t9x9|999999999999::::(:,:<:@:P:T:d:h:x:|:::::::::::::;;;;,;0;@;D;T;X;h;l;|;;;;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<<<<<<<<<<<====4=D=H=X=\=d=|=============>>>>,>0>@>D>L>d>t>x>>>>>>>>>>>????$?<?L?P?`?d?h?p?????????????00 00040D0H0L0P0T0\0t000000000000000111(1,1014181<1D1\1l1p11111111111111222 20242D2H2X2\2l2p22222222222222233 3$34383H3L3\3`3h33333333333334 4$44484<4D4\4l4p44444444444445555 5(5@5P5T5d5h5l5t5555555555556666(686<6L6P6T6X6\6d6|666666666666666777$74787H7L7P7T7X7`7x777777777777788808@8D8T8X8`8x888888888888899 90949D9H9P9h9x9|9999999999999999: :$:4:8:<:D:\:l:p:::::::::::::::;; ;$;,;D;T;X;h;l;t;;;;;;;;;;;;<<,<0<@<D<H<P<h<l<<<<<<<<<<<<=====4=D=H=X=\=`=h===============>>,>0>@>D>L>d>t>x>>>>>>>>>>>>??? ?0?4?<?T?d?h?x?|????????????4000$0(0,00080P0`0d0t0x0|0008889999$9,949<9D9L9T9\9d9l9t9|9999999999::: :D:d:l:t:|::::::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<<<<<<<=,=4=@=`=h=p=t=x========>>> >(>0>8>@>H>P>\>|>>>>>>>??? ?(?0?<?\?d?p????????????t0(00080@0H0P0X0`0l0000000001111$101T1t1|111111111111111112222$2,242<2H2h2t22222223$3D3L3T3\3d3l3t3|33333333333333344 4(444X4x44444444444445 5(50585D5d5l5t5|55555555556666$6,646@6`6l666666677 7(747T7\7d7p7777777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9999999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|;;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x=========>8>@>H>P>X>`>h>p>x>>>>>>>>>>>>>>?(?0?8?@?H?T?t?|?????????????0000D0X0h0|00000001 1(10181@1H1T1t1|1111111111122220282D2l22222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x44444444445555 5(50585@5H5P5X5d5555555556 6(646T6\6d6p666666666667 7,7P7p7x777777777777778888$8,848<8D8L8T8\8d8l8t8|888888888888888889999$9,949<9D9L9T9\9d9l9t9|9999999999999::,:4:<:H:h:p:x::::::::;; ;@;H;P;\;|;;;;;;;;;;<<0<8<@<H<P<X<`<h<p<|<<<<<<<<<<=$=,=4=@=`=h=p=x==========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t000000000001$1,141<1H1l1111111111111222<2D2P2p2x22222223333$3,343<3H3h3t3333333333484@4H4P4X4`4h4p4x444444444455,585\5|55555555555566$6,686X6`6h6p6|66666667777$7,787\7|77777777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|:::::::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|<<<<<<<<<<<<<=$=0=P=\=|=======>>> >(>0>8>@>H>P>X>`>l>>>>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x00000000001111 1,1L1T1\1d1l1t1|1111111111222 2@2H2P2X2d22222222223(30383@3L3l3x33333334$404T4t4|44444444444445555<5D5P5p5|555555556686D6d6p666666777$7,7<7P7\7d777777777777777778888@8L8p88888888888888899,989X9`9h9t9999999999: :@:L:t::::::::;;;4;<;H;h;p;|;;;;;;;;;;<$<0<P<X<`<l<<<<<<<<<===8=@=L=l=t=|=======>>>$>H>h>p>x>>>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`00000000001111$1H1h1p1x111111111111112(20282@2H2P2X2d222222222222233343<3D3L3T3\3h3333333333344<4D4P4p4x44444444455$505T5t5|555555555566(60686@6L6l6x666666677747@7`7l7777777778848T8\8d8l8t8|8888888888999 9D9d9l9t9|9999999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l;;;;;;;;;;;<<<4<@<d<<<<<<<<<<<<<<<=<=H=P=h=t========>>>8>@>H>T>t>>>>>>>>?,?4?<?D?L?\?p?|?????????0000@0`0h0p0x00000000000001 1(141T1\1h11111111122,242<2H2h2p2x2222222333 3@3H3T3t3|33333333334(40484@4H4P4X4`4h4t444444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p666666666667 7(70787@7H7P7\777777777778888$8,848<8D8L8X8x888888888888888899$9,949<9D9L9T9\9d9l9t99999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`;;;;;;;;;;;;;;;;;<<<4<<<H<l<<<<<<<<<<<<=,=@=L=T=l=|==========>>>$>,>8>X>d>>>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1111111120282@2H2P2X2`2h2p2x22222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4444444445 5@5H5T5t555555566686X6`6h6p6x66666666777(7H7P7\7|77777778,848<8D8L8T8`88888888889999$9D9L9X9x99999999::(:0:L:l:t:|:::::::::::::;;,;4;<;H;h;p;|;;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|=======>>> >(>0>8>D>d>l>t>|>>>>>>>>>??(?0?<?d????????0(00 0H0l0x0000000000141<1D1L1T1\1d1l1t1|11111111111112(2H2P2X2`2h2p2x222222222383@3H3P3X3`3h3p3x33333333334404P4X4`4h4p4x444444444455,545<5H5h5p5x55555555666$606P6\6|66666666667777(7H7T7t7|7777777778 8(848T8`88888888889(9H9P9X9`9h9p9x9999999999999:$:D:L:X:x:::::::;;;;$;,;4;@;d;;;;;;;;;;;<$<0<P<X<`<l<<<<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`00000001 1@1`1111122(2H2h2222223383X3x333333334484@4D4\4`4|444444444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t222222343T3t333344<4`4x4444455H5t5x55555556H6L6l6666667,7X7p7t77777788H8h88888889,9P9l9p999999:,:0:P:T:p::::::;,;H;h;;;;;;;<4<X<|<<<<== =@=D=d======>,>h>>>>>?,?L?l???????000L0h00000001 1T1X1x1|1111112<2X2\2x222222343L3h3l333333444T4|44444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8888888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|444444444444444444555555555555556666$6,646<6D6L6T6\6d6l6t6999999999999999999`0M*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
555" @5H5P5X5`5" 59 5 5: 55555" 0555556" )61696A6I6Q6@9" 6" 66" 866" l7$7" J7c7k7" ~7}7 7" " p
Ansi based on Dropped File
(~WRD0000.doc)
5555"5 5a55*696B6W6! 66%717777888%8*8B8H8W8]8l8r8 80 8888889/9n9u9{99:V::=f=! ===;>>>?HN0l0 00151 4u56,7Q719P;T;X;\;`;d;h;l;=(=:=\=n= = ====: >*?@ 0(001V2\223333n4d5l567a77B8H8X889?99S<<?T00
Ansi based on Dropped File
(~WRD0000.doc)
5555"5555*696B6W666%717777888%8*8B8H8W8]8l8r888888889/9n9u9{99:V::=f====;>>>?HN0l0001514u56,7Q719P;T;X;\;`;d;h;l;=(=:=\=n======>*?@ 0(001V2\223333n4d5l56777B8H8X889?99<<?T00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5>5 5 5555556,6;6D666a7o7777788 8889j:S:::::;'; ;;;<"<1<9<e=>> >6>m>>>>>>??
Ansi based on Dropped File
(~WRD0000.doc)
5>555555556,6;6D666a7o77777888889j::::::;';;;;<"<1<9<e=>> >6>m>>>>>>??
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5?5R5Y5_5578"848V8]88W9u9! 999u::::;{;;`<v< <: <<<<<=>B>?hF1j1}1_222X3d333]555@6N6j6x667+7<77'8=8N88899:::;S;;& <<=[>>>8??????p01 1N1R2W244555 5+5C5Y5a555556!6W6c6r6: 777:;3;k;& <<
Ansi based on Dropped File
(~WRD0000.doc)
5?5R5Y5_5578"848V8]88W9u9999u::::;{;;`<v<<<<<<<=>B>?hF1j1}1_222X3d333]555@6N6j6x667+7<77'8=8N88899:::;S;;<<=[>>>8??????p01 1N1R2W244555 5+5C5Y5a555556!6W6c6r6777:;3;k;<<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5M5Z5 50 5 5"!55C6P6Y6y6~6666789):;D=0`\000}2 33344y4" 444455955
Ansi based on Dropped File
(~WRD0000.doc)
6 (aR6Z*R7n E,S & O<A-6.z1br>+nk4& 9 pM>!j-,p:q4Sp< D ==\ D- ,$ lr2p"A9K\Lq Z4,22 L "D4QAU((L7
Ansi based on Dropped File
(~WRD0000.doc)
6(6:6C6\6j6z6?7q7}7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(6Z*7nE,S& O<A-6.z1br>+nk4pM>!j-,p:q4p<D==\D-,$lr2p"A9K\LqZ4,22L"D4QAU((L7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
66$6M6a6}66667r77 77778$8)8<8{8S888 99:4:9:o::: ;;;<x<3=K=|=9 =>+>@>& >>>>?*?U?j??~???0D00011.1x1111111;2b222~3~3333333144444556S666
Ansi based on Dropped File
(~WRD0000.doc)
66$6M6a6}66667r7777778$8)8<8{8888 99:4:9:o:::;;;<x<3=K=|==>+>@>>>>>?*?U?j?????0D00011.11111111;2b222~33333333144444556S666
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
66-696>6p6|6666607<7R7n7{77E8P888888869]9b9w9999Y:l:q::<l<<<===>:>> ?Q?h???u00I1122244,575{5555555566R667I7N7j7777777
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
66-696>6p6|6}6: 66607<7R7n7{7 7E8P8 88888869]9b9w99 9x9Y:l:q::<l<x<<===>:>> ?Q?h?! ?? u00I1122244,575{5 5a55555566R6 67I7N7j77: 77777
Ansi based on Dropped File
(~WRD0000.doc)
6616N6& 6666666%7*7R7w7S77777$899\<<<@S2345555;5D5K5556-6A6G66A7G7`7f708D8e8k8888<9F9n9! 999
Ansi based on Dropped File
(~WRD0000.doc)
69 9 E"!++0 E+Ej0 EF0 E0 EEP9 v9 jp0 o9}& f3bj,% 9 9 u3;u39 ;tp & t9 Wp0 M9 MQ9 0 }P& & jEWP39& h.Y0 EE;t9 n39 0 ej|9 VE0 ~9 0 ejVEr~s4usE9 9 ji9 3VVpj9 0 ejh 5~9 9 VVV9o9 9 h& xyo9 9 j$9 9 j oK<9 jiP39 9 WEPu9 9 EPEPu9 u9 9 F+9E|0 E9 WuuvQpS 9 E9 MFEPk3;tQ9 9 un9 jp0 3GMMt 9 |
Ansi based on Dropped File
(~WRD0000.doc)
7 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7(77788>8h8888 91:<:r:::C;k;;<+<=Z=|=>&>: >>>????| 000;1V111n23484E4N4f4`4445o556(6:6C6\6j6z6?7q7}7 77%8V8`8 888-9J9}99&:5:}::;;&;;;<S==K>>?0\0f0q0 0" 00:12S222222
Ansi based on Dropped File
(~WRD0000.doc)
7(77788>8h888891:<:r:::C;k;;<+<=Z=|=>&>>>>????|000;1V111n23484E4N4f44445o556(6:6C6\6j6z6?7q7}777%8V88888-9J9}99&:5:}::;;&;;;<==K>>?0\0f0q0000:12S222222
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
73! h39|mQQ Zv9 =& tK& t?9 9 9 }+jR9 +R9 UERPv u9 uS_^[]j,F"29 M
Ansi based on Dropped File
(~WRD0000.doc)
77!7b7o7{7 777778)8U88L9\99-:g:r: :0 ::::;%;V;{;;-<;<B<a< < <2=~=R=0?a?w?R? ?"!?????? 0D0J0q0v0 000000001(131<1M1l11 1122@2c223=3374 44.55.6e77)8F8889<::;;<=======#='=+=R=
Ansi based on Dropped File
(~WRD0000.doc)
77!7b7o7{7777778)8U88L9\99-:g:r::::::;%;V;{;;-<;<B<a<<<2=~==0?a?w?????????0D0J0q0v0000000001(131<1M1l111122@2c223=337444.55.6e77)8F8889<::;;<=======#='=+=R=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7777!7:7R7n778808?8G888888b9r9 99\:a:k:x::::;;,;\;x;;;<>J>>>x>>>>>>?!?(?,?0?4?8?<?@?D?}? ??S??00,03080<0@0a09 0000000000*1014181<1112222 2$2M2s2 22S222222223333v33S3333333-44484<4@4D4H4L4P4a44444@5H5]5h5"8:DR0Y0000A1G1X1n1 1111-2>2& 2223334[445+828:(>?TS1" 2 3445+667Z7s7788808c8: 899]9c9! 999997::;);L;: ;;;<E<! ??\F11222B3O3'41445@5o56{6/7O7?8h88O:/;;)<?< <x<<=p=x=,>i>s>9 >>>?????*0Y0`22K3^3z3R3x333467N7w7 7x77778E:R::& :9 : : ::::::::::::::;;;;$;0;5;E;J;P;V;l;s;;! ; ;~;;;;;;<
Ansi based on Dropped File
(~WRD0000.doc)
7777!7:7R7n778808?8G888888b9r999\:a:k:::::;;,;\;x;;;<>J>>>>>>>>>?!?(?,?0?4?8?<?@?D??????00,03080<0@0a00000000000*1014181<1112222 2$2M2s222222222223333v333333333-44484<4@4D4H4L4P444444@5H5]5h5"8:DR0Y0000A1G1X1n11111-2>22223334[445+828:(>?T123445+667Z7s7788808c8899]9c9999997::;);L;;;;<E<??\F11222B3O3'41445@5o56{6/7O7?8h88O:/;;)<?<<<<=p==,>i>s>>>>?????*0Y0`22K3^3z33333467N7w7777778E:R:::::::::::::::::::;;;;$;0;5;E;J;P;V;l;s;;;;;;;;;;<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7j"Y0 9 3_^[]9 U9 EPjuuu8: ]9 U9 SV9 u3W9]u;u9]u3_^[];t9 };w6j^0 0SSSSSO9 9]u9 U;u}9 u`
Ansi based on Dropped File
(~WRD0000.doc)
7j"Y3_^[]UEPjuuu8]USVu3W9]u;u9]u3_^[];t};w6j^0SSSSSO9]uU;u}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7n5 B1AX0 5!~XK+ >R @h " z! FKaMj;GIF89a/$ : "!RRRPSaS0 v~0 N r/! I a"! aQRa RPv6"!a`P` : S m/ l/hl/a}PR ` Y B" S" ` : ^& }S o0 _U` aa " Sa zpx:& `9 "!~j RT Sr: p1k/w9" ~x"!f: i! }RxSq/!,/$@*\/! #f @0
Ansi based on Dropped File
(~WRD0000.doc)
7P89:-:<C>G>K>O>S>W>[>_>`/0l0012A2N2X2f2o2y22222223S3334(4p444p5|555555556!6'60656D6k6666778N888K9b9s99:V::::;;>>>>>>>??"?6?<?E?X?|?p010?0D0222222222233 3&3+343Q3W3b3g3o3u33333333333334444 8,8_8889:::;;)<>>>>>>>?F??00.1122222222334444455#5*595E5R5v55555566&6J6y66y8888D9g99999::.:>:P:U::::I;~;;;;;;;<$<-<:<`<{<<<<<<<<<<<== =$=(=,=0=4=8=<=@=D=H=N=Y=q==8>d>>>>?u?????=001448
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7P89:-:<C>G>K>O>S>W>[>_>`/0l0012A2N2X2f2o2y22222223S33: 34(4p444p5|555555556!6'60656D6k6 666778N888K9b9s99:V::::;;>> >>>>>??"?6?<?E?X?|?p010?0D0! 2" 2: 2222222233 3&3+343Q3W3b3g3o3u33 3a3333333333444 4 8,8_8& 889:::;;)<~>>>>>>>?F?? 00.11! 2 22222223x34444455#5*595E5R5v55 555566&6J6y66y8888D9g90 9 999::.:>:P:U::::I;~;;;;;;;<$<-<:<`<{< <9 < <<<<<<<<== =$=(=,=0=4=8=<=@=D=H=N=Y=q==8>d>R>>>?u?`???? =00 1448
Ansi based on Dropped File
(~WRD0000.doc)
87777778DX@ Z" l8t8|8 8" $8" h@_ 8" 99$9" G9" 0p9" \99" 9" :::):" " PO:Z:e:p:{:::" x" :::::;';2;=;" " ` ;;~;t;j;`;;" ;;;" <" 4
Ansi based on Dropped File
(~WRD0000.doc)
87777778DX@Z"l8t8|88"$8"h@_8"99$9"G9"0p9"\99"9":::):""PO:Z:e:p:{:::"x":::::;';2;=;""`;;~;t;j;`;;";;;"<"4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
88+8@8n8! 8" 889999D:: ::::-;9;>;;;;<H<x==>L>b>n>z>#????d0'040I0c0000=11,2;2F2W2]2b22222]55~::::::o;.<G<X<}<<<8=E=J= >>#??????H0N0d0r0! 00M1b11`12222 464S4^46666z9<<>?%?*?n???.030%11R2R3g3 33444I5 5 55566 6R6 66667F7b7o7t7
Ansi based on Dropped File
(~WRD0000.doc)
88+8@8n88889999D::::::-;9;>;;;;<H<==>L>b>n>z>#????d0'040I0c0000=11,2;2F2W2]2b22222]55::::::o;.<G<X<}<<<8=E=J=>>#??????H0N0d0r000M1b1112222 464S4^46666z9<<>?%?*?n???.030%112R3g333444I5555566 6666667F7b7o7t7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
88888!8%8)8-81858W9999:S: :;;N;_; ;;;;
Ansi based on Dropped File
(~WRD0000.doc)
88888!8%8)8-81858W9999:S::;;N;_;;;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8888889/99 99X:^:}::::;=;J;a;{;;`;;" ;;<@<& <<=K=====>?>x>>?? l222e344
Ansi based on Dropped File
(~WRD0000.doc)
8888889/999X:^:}::::;=;J;a;{;;;;;;<@<<<=K=====>?>x>>??l222e344
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
89 M0 9 ^9 U9 (SVuM`9 u3;u*7SSSSS}8]t9 E`pBFFEPjP4m& uEPSSVuYPEVP @8]t9 E`p^[9 U9 jueYY]9 U9 9 ES3VW;t9 };wQ7j^0 0SSSSS9 <9 u;u9 8tBOu;t`
Ansi based on Dropped File
(~WRD0000.doc)
8]u!Et9 9 9 D 9 }9 #;u|EtvuXSuEjPuWuu4PP+9 9 9 D 6Y 9 69 9 0 9 _^[jhB0 30 u39 };" ;u: j_0 8VVVVV@9 Y39u" ;t9ut9 E%@t0 uuuuuEP9 i0 EE9 E;tB39 }9ut(9ut9 9 9 D 7 Y9 U9 juuuuu]9 D$9 L$9 L$u9 D$S9 9 D$d$9 D$[9 U9 9 USVW3;t9 ];w}j^0 0WWWWW"9 _^[]9 u;u3f0 9 f99tAAKu;tf0 AAFFf;tKu3;uf0 &j"Y0 9 SV9 D$u9 L$9 D$39 9 D$9 A9 9 \$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN39 ^[QL$+YJQL$+Y49 U9 9 ER]9 U9 5R"!Y& tuY& t3@]3]9 U9 (0
Ansi based on Dropped File
(~WRD0000.doc)
8]u!EtD }#;u|EtvuXSuEjPuWuu4PP+D 6Y6_^[jhB3u3};;uj_8VVVVV@Y39u;t9utE%@tuuuuuEPiEEE;tB3}9ut(9utD 7YUjuuuuu]D$L$L$uD$SD$d$D$[UUSVW3;t];w}j^0WWWWW"_^[]u;u3ff99tAAKu;tfAAFFf;tKu3;uf&j"YSVD$uL$D$3D$A\$T$D$ud$D$r;T$wr;D$vN3^[QL$+YJQL$+Y4UE]U5YtuYt3@]3]U(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8` 0F88Dl wS9@ qH $0<=<q9 % C, `MSQ"! P@ & 01 @ @ "S )T a, $$@)1 @ haP7h0F@<Q
Ansi based on Dropped File
(~WRD0000.doc)
8`0F88DlwS9@qH $0<=<q% C,`MQ"P@&01@@")T a, $$@)1@haP7h0F@<Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8A]ju& YY]U9 W9 }3`E8t39 _9 U9 ( 30 ESV9 uWu9 }M*EP3SSSSWEPEP0 EEVP(Eu+u8]t9 E`pjX/u8]t9 E`pjEuEu8]t9 E`p39 M_^3[ 9 U9 ( 30 ESV9 uWu9 }M)EP3SSSSWEPEP0 EEVP(Eu+u8]t9 E`pjX/u8]t9 E`pjEuEu8]t9 E`p39 M_^3[WVU339 D$}GE9 T$0 D$0 T$9 D$}G9 T$0 D$0 T$u(9 L$9 D$39 9 D$9 9 d$9 9 d$G9 9 L$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN+D$T$3+D$T$My9 9 9 9 9 Ou]^_ @s s9 3 33jvY9 U9 9 E9 M%#Vt1W9 }3;tVV=YY0 ! j_VVVVV0 8v9 _9 uPu& t_=0 V=YY3^]9 U9 htY9 M0 A& t
Ansi based on Dropped File
(~WRD0000.doc)
8A]juYY]UW}3E8t3_U(3ESVuWu}M*EP3SSSSWEPEPEEVP(Eu+u8]tE`pjX/u8]tE`pjEuEu8]tE`p3M_^3[U(3ESVuWu}M)EP3SSSSWEPEPEEVP(Eu+u8]tE`pjX/u8]tE`pjEuEu8]tE`p3M_^3[WVU33D$}GET$D$T$D$}GT$D$T$u(L$D$3D$d$d$GL$T$D$ud$D$r;T$wr;D$vN+D$T$3+D$T$MyOu]^_@s s333jvYUEM%#Vt1W}3;tVV=YYj_VVVVV8v_uPut_=V=YY3^]UhtYMAt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8fME^M UP3GWSL9 ;tP=u#VTVX9 Mt; 9 WMx@MSSM`NEPMECPM@EeME^M@ V;t#VTVX9 Mt; O9 WEE@9 0 tP(gMWEPM" ;tEPME;uEPMPM0E
Ansi based on Dropped File
(~WRD0000.doc)
8fME^M UP3GWSL;tP=u#VTVXMt;WMx@MSSM`NEPMECPM@EeME^M@V;t#VTVXMt;OWEE@tP(gMWEPM;tEPME;uEPMPM0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8L8S8Y8 888888N9X99:;+;2;9;@;G;N;U;\;c;j;q;x; ;R; ;;Q>0 ?? ?" ?"!??????????a01<1C1J1Q1X1_1f1m1t1{1 10 1 11112*2/244P4_4"!444.5a5 555-6`6 667!7a77748<8Q8888
Ansi based on Dropped File
(~WRD0000.doc)
8L8S8Y8888888N9X99:;+;2;9;@;G;N;U;\;c;j;q;x;;;;;Q>??????????????a01<1C1J1Q1X1_1f1m1t1{11111112*2/244P4_4444.5a5555-6`6667!7a77748<8Q8888
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8M^U(SVuM`u3;u*7SSSSS8]tE`pBFFEPjP4muEPSSVuYPEVP@8]tE`p^[UjueYY]UES3VW;t};wQ7j^0SSSSS<u;u8tBOu;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8uB;r9 D$A0 9 D$`0 ySu30yVt&9 q& t9 D$9 ;s9 q9 X; r`B;Qr3^[9 I9 9 9 L9 t$0 @0 3@U9 QSV9 W9 ~3wO0 }9]t\9 F;tQ9 L9 F9 9 |K& t:jhwh`rjW& t9 9 R9 j9 9 F9 M9 d9 }& u9 F49 FY0 ;u& 9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
8uB;rD$AD$`ySu30yVt&qtD$;sqX;r`B;Qr3^[ILt$@3@UQSVW~3wO}9]t\F;tQLF|Kt:jhwh`rjWtRjFMd}uF4FY;uF;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9 EE9 EES9 ]W9 =t9 )PS0 E9 E0 Et }}<~|t }} }}PS }& u=m9EtEEEEhEP}tP}fPS t uS_[^j`U;9 9 E+EM P9 E+EPv9 }3W0 u jW0 E0 E0 u9slt$P0 EEPW us|E u9 P;t@9s|t#9uu9 tEVPWM <EVPWM d0 ;uA9uu9s|t)VVE P9 ;t&EVPWM 10 ;u9sluE+9 L& uuu9 u9 9 }uW uWMM u9 E}:Ul$ 30 El9 ExSVW0 ES9 E|j9 0 E 9 0 E9 =Puj0 EE jPbD~9 & tBhEjP>DjdEPv9 & t<EP9 hE PVEhE P9 *P9 Pu uuu9 ER9 MS0 9 M 9 E0 9 Ml_^3[53pU9 VjEP9 & tEEt9 E+E0 E9 E9 M0 MEt9 E+E0 E9 E9 M0 MjEP9 A^U9 QQeeVEPEP9 uEuEu9 i^U9 QQVEPEP9 u9 uu?^9 30 H0 H0 H0 HV9 ~u9 P9 j9 P^V9 ~uP9 F& t>W9 = jjP9 F& uv& uPjvv_fF^9 A& uP9 A& uP U9 V9 & tEW9 }Wu9 vuuW& t& tV & tV _^]3@VW9 |$9 VjW 0 ~3_@^3@3@3@3@9 D$0 A9 A3+t8HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
9 WWvjPM0 }zMMSV9 *9 D$f,0 F09 ^9 D$0 A,9 D$0 A09 I& tP zU4jP*h9 EPs@ u@ u$0 E4u u@ Pu40 E(30 E9{,tE0]WWMWh0 M0 }E0PEPM~ 9 E0u}@j0 EjEPu4M%MM39 E0sH0 E9 VEPu4 V9 59{t
Ansi based on Dropped File
(~WRD0000.doc)
9 ! 9 uj~EPeM& uTMMEMEuMh9 PVMMEMEMMjEPZeMJ& t3MM9 MNMESMEouMh9 PVMaM9 E#ME j|~EPeM& tj^MM9 %MMEME9 EPhMHPVM jY& u0 M9 u<}9 0 uMEtMEZvj}EPeM& t3MMl9 t~MMEME(uMh$9 PVMM9 EME j5}EP~eMn& t3MM9 }MrMEwME uMhH9 PVMM9 EGME- j|EPeM& t3MMB9 J}MMEME9 EPhHMmPVM& u!E9 uMEME 9 j|EPMeM=& tj<^MM9 |MBMEGMEc9 EPh MPVM& uE<9 u,;
Ansi based on Dropped File
(~WRD0000.doc)
9 & j9 FhF<jPv`]& & Yv`jW6& @~<)~X ~l9 0 ^0 ~t)e& v!9 EPFpP<YY9 ME9}r9 F|9 N;v9 & v%9 V<`W)F\+)F|0 N0 ~u: & ~dua9 F9 ~;s9 3& v9 N`9 V@;r9 ^WSvPu)~\)~)~~~}0 FP9 F\0 ^& uT9EtO9 EG9 F9 ^0 EFjP9 ~+Wu0 EvP)~\}}0 FP9 F\t4& t0}u6~! v}u&9 E$& t3j X9 E& t9 E[^_U9 V9 >uf~u`uy}ujjju` u<EPuuu3& u9 EP 0 %Y^]U9 30 ES9 ]V9 u& tS ujSX f& 9 9 f/tf\u9 BB
Ansi based on Dropped File
(~WRD0000.doc)
9 & t#EP9 ZP9 EME59 M9 F)U\j<5H& 0 M\EP<3M0 ]`SMTE9 MlECz9 3;}EPM 9 MlVEPEMDE`MEPh@M >M4hE4PE 9 0 e0PEMT;tsM4& ug9 M\E4PEPPMDEME.MD& u hhMD9 MhEDP9]pu
Ansi based on Dropped File
(~WRD0000.doc)
9 0 9 @0 F9 ^]9 U9 9 f9M aSuMT9 M9 Q3;u9 EHfw aV9 f9u^s)EPju- & Et99 M9 0 fqMjQjMQPREP & EtE8]t9 Map[9 U9 ju<YY]9 U9 9 f9M aSuMR9 E9 H3;u9 EHxfwaf9Us)EPjui & Et=9 M9 0 fpEjPjEPhQEP & EtE8]t9 Map[9 U9 ju<YY]9 U9 SV33W9u 9 ];u"]]VVVVV9 };tuM 9 E9pu?fArfZw fArfZw CCGGMtBf& t=f;t6EPPEPPCCGGMt
Ansi based on Dropped File
(~WRD0000.doc)
9 0 ejh 7S9 9 VjV:m9 9 j~mK<9 jhP9 u3M9 MQ9 EPM9 E;tEPMg9 9 0 A9 9 @3;" A%RQ9 9 9 9 9 Vl9 9 WEP! s9 }9 w+79 9 EPEPRs9u|0 u9 juVw7pS 9 E9 MGEPri3& tQ9 9 l9 jp0 MEME" 3GMM" 9 j0|%%
Ansi based on Dropped File
(~WRD0000.doc)
9 0 u9 N30 ];t9 j~9 0 E& ~S9 & t9 j9 C;]|fM9 F@V9 ! & u9 ^V9 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
9 0 uFFdF$FFF F F$lFP$FXF\ |9 G9 WPME"%MJ9 X& t9 0 S9YMZ9 GWPMEPM t}Ev}Eg}E9 EM9 "!l$8l$Rl$}l$ pl$Pkl$^l$ l$Jl$;PJl$+l$$l$l$l$Xl$Pl$l$l$wl$ jl$l$l$l$?l$ l$ \ l$Xrl$el$l$$Vl$Gl$Pl$l$l$!l$ l$ l$xl$" l$l$$l$Xwl$jU9 9 EV3& u
Ansi based on Dropped File
(~WRD0000.doc)
9 0 uhp0 eN" ;~$9 Eu9 Ev9 jX.9 0 uN$ENE]DM9 @0 \V9 9 WP9 & t+9 & tNQ9 I9 j9 NS<@_^U9 QeQ9 MRM9 Ej& .jD/Y9 0 Me& t9 3Mjh(M IjjEP9 E> & u& t9 j9 3MMC9 0 $"!& tt$9 h,j .& 39] 9] M:M0 ]:9 ME& vw9 MSx9 & EPh 9 9 EPh9 #tXMX;& uLM=M=9 MjEPEP#9 MC;r0 ME BMMB3@MEwBMMkB3sV9 D$tVY9 ^|$V9 u3(N$ & th(9 %& tPt$9 ^jP.69 M! ejh|9 MGME89 MEX& hx9 "!9 & hh 9 9 & EPMf& E9 0 ePJ9 5h49 A9 & EP9 & tqM9& ueE9 0 ePJ9 h 9 & t=P9 & t13FME@ME@MM 9 9 M& t9 j3VW9 9 & tV9 #_^j!/9 0 u}^39 0 }DX7MEcN5pMEXjJMX3h9 f0 F$-BM0 ~(0 ~00 ~,ME0 F40 5lM0 ~80 ~<EMEM9 U9 (SV9 E^P9 @7Pv(x & unWj(3EWP9 F(hWEE0 }0 }0 E0 } j0 E9 0 E0 }60 EEP| f;f0 F$_u33@^[jP/ 9 9 u& u39 Hu9 O0& ttnA& ukjmY0 Ee& t9 NQv9 D9 3Mj @Y0 EE& tj9 `39 MPj0 H0 p5(w3@j0! /9 9 E3+ H H H H HtH& 9~, j Y0 E0 };t
Ansi based on Dropped File
(~WRD0000.doc)
9 59?4(?%?7$ =?.3))0B&$%+!DF8> -FCA;GIF89aYYYz { x}x~y : ~ w!, *0^ ! ! E5 N[ : 2O`8)<?UW@:=+]&#M19P7
Ansi based on Dropped File
(~WRD0000.doc)
9 9 +9 M+M0 E0 }3}9 E9 }+9}0 U}9 u0 }9 u0 }9 };}0 }0 }9 U9U~0 U+0 U9 U9U~0 U+U0 U20 E20 M9 9 9 9 uPjEP9 9 p9 )E9 )EEEjEP9 {9 9 3Et9 9 & tQjs0 MM +V9 3jP0 F0 FFP59 ^aU9 (WEPW5"!x & ufVj(3EVP`5 0 E"!h VE0 u0 u0 E0 u j0 E0 EEP0 u0 }| ^f& u33@_U9 9 EV9 P0 F& u39 K& tSWEPv< 5"!9 ]9 }+]+}9 jv9 SWuuh h|9 hh39F SWPPR SWjj0 ER 9 }jPWW0 E 3CSWvtW9 =u9 j9 PvSjjdjv~W Wv 0 ^9 _[^U9 V9 f\;Fu`v& t0EPv< 9 E+EjP9 E+EPuuvS f9 ^|$V9 u,\Pv& tvS
Ansi based on Dropped File
(~WRD0000.doc)
9 9 @9 PR,W U9 V9 u~wW 39 9 @3f89 0 UURP0& |}9 9 It3f0 ^]U9 V9 u~wW 39 9 @3f89 0 UURP4& |}9 9 It3f0 ^]U9 QQ9 ES3V9 ; 9^@u9^D 9 URP0 ]QH& R9 E; URhr0 ]9 P& R9] 9^@tCWjY;t0 X0 9 3Whru9 & tWND/;tWY_9^DtY9 E;F<uQ9^(uLhhpjQ9 EUR0 ]9 P & |!9]tF$Phru9 9 E9 PQ9 E9 PQ9 E9 PQ^[U9 Q}u3& eV9 uW3& u9 q<& tk9}u,9 MQVP|& uf}tQ9 MQV& |}u:9 MQVPH& |,9 E& t%u9 hrP& u3G9 E& t9 PQ9 3_^U9 Qy<t9 A<9 URP & |9 E3U9 QVuEj3P0 u'& tB9 E;t;UR0 u9 P & |9utu9 MFu9 E9 PQ9 3^U9 QQVW39}to9y<tj9 A<UR0 }0 }9 PQH9 ;|Q9 E;t9 URhrP9 9 E;t9 PQ;|)9 E;t"9 u9 VPQ$& |9>t3G9 E9 PQ9 3_^U9 V9 u& u@ 9h|ruKfYY& t9 M& tA3Q0 3Vuu!^]U9 V9 9 F<W3; 9 UR0 }9 PQH& |z9 E;tsURhr0 }9 P& |U9 E;tNUR0 }9 P 9 E;t.9 }9 S9 ]9 R9 RP & |0 ^P0 ~T9 E9 PQ[9 E9 PQ9 E9 PQ_^V9 t$9 & t3&jh9 q" uPh9 _" @@^j>59 9 F<& t(PMmvle\VMMM]V9 t6W?t)h|9 hjN7_^U9 QeWEPu0
Ansi based on Dropped File
(~WRD0000.doc)
9 9 W9 REP< EP9 uuuuu hWZajj9 SWj0 EPW0 E9 E@P9 E@P9 EHP9 EHPW uWuWS9 h 3PPWuuPPu uWuW_^[9 D$HuV9 9L$u/&^3U9 V9 u& t"9 FURPl@S& t9 M9 VP\3^]U9 S9 ]V9 ;Pxuuu9 9 Wt_-t9
Ansi based on Dropped File
(~WRD0000.doc)
9 9M}9 Mk9 W\0 DE)v0 EuwdSUY9 ]9 }}tj9YSUYt
Ansi based on Dropped File
(~WRD0000.doc)
9 :"! 2v! /P+pA/M Yd R'<9 gRqt | `r7S Clc|w\sY K0 $B& 'n-?S4o<3
Ansi based on Dropped File
(~WRD0000.doc)
9 ; $SSE(PM3; Mb9 0 MH; hxg0 EL;u*MEM]MM( 9 TM0 ]TL& : uTMf9 ;tv9 ;~k9 ML<`9 MLjh|9 h\9 Nj9 MLV"!d9 ;t>jWhR9 l9 MPWE8PyjE8Ph`R9 ElM8EETMKL9ET eu`9 MH3F_M}
Ansi based on Dropped File
(~WRD0000.doc)
9 ;t9 1C9 9 6VP*Y9 _^V9 D$tV5*Y9 ^VW9 |$9 & u9 ~;wP9 & t9 3_^U9 QeQ9 M9 EU9 QeQ9 M9 EU9 Qe,Q9 M9 EVj9 9 D$0 FhU9 ^V9 hU+D$tVq)Y9 ^jBT(9 0 u=eNpUfff9 (jk(9 0 upU9 N3@0 E& t9 PfNEM9 `=(V9 D$tV(Y9 ^U9 Qe}VE9 Pu Ut}^f^0 F9 E0 F9 ^U9 Qe}VE9 Pu Utc^L^0 F9 E0 F9 ^je]& tt$9 t$r3jG]& tt$9 t$}3|$V9 u3#)jt$0 FYY9 H`3& ^V9 9 F& tPR vf^U9 SVW9 uEPu 9 3; Su 0 E; Su P 9 ; uj 0 F;tP ;thuSPF:EPWv0 }$& & u=WuY0 F9 EY9 PQ9 F;t9 H0 x;u3@'9 N;t9 j0 ~vR v0 ~3_^[]V9 vxUq\D$tV[9 ^U9 ``Ujlt%9 0 uUe! M9 U}"&U9 QeVE9 PvD\& t0 FjF[& t9 v9 MxU0 H0 p3^V9 U'D$tV%Y9 ^V9 ]D$tV%Y9 ^j! l$9 0 u~9 U;3j
Ansi based on Dropped File
(~WRD0000.doc)
9 ;v+A;MXr9 Ex9 3B40 UX! e9 Ut9 U@ " X0 E00 9 Ex0 09 E@& t09 u<9 }00 t& `ELE%M$9 M9 9 J9 U$++0 0 |9 El9 M00 9 E 9EH$3`EH9 M\*E%9 E|9 ED;rE$79 ;E`s= `M$9 +E`9 Mh` PM$9 Md9 <ED9 MH9 E<3+F9 ;EXs9 M09 U$0 9 0 y;EXr39 M9 u<3@3& u33@9 0 u<H#9 9 E@;L& t+]L3F9 HN#u<;t& u0 E@9U8& /EHE,9 EHE;E4}9Ut}4tjjX3[_^PU9 QeV9 ujjv(V 0 E& ujXWSPEPuuujjjjuI9 (uFSLt9 E8u
Ansi based on Dropped File
(~WRD0000.doc)
9 =9 ;}$k9 ~\d99 =9 B;|9 ]9 9 ~d=}uFd^=uFdN= uFd >= uFd& .=uFd =uFd = uFd`vdjY0 ~d`Q9 EY0 F`[_^9 U9 csm9Eu
Ansi based on Dropped File
(~WRD0000.doc)
9 =|PvFj9 & tCvv99 N & t9 W& t9 N 9 WP9 N`& tW& t9 N`9 WP_^jh39 9 Ej Ht\H& MR?veEPMR E9 0 ePE9 M9 EsMMRv9 ~t3@ 9 N& t9 PXh,Y9 0 ME& tf`3vM9 0 F09 Njjjvt:M uME3& QM9 MMfu32jhX19 39^`& NMR)u0 ]3}M0 ]KEPMER; , PMPjhh~M9 %EPEPMREMME)M9 MEa& & 9 MR60 FdM;twEPy& u3j .+Y9 0 ME;tjv3PS5(v-h*Y9 0 ME;tWEPEP"!30 F`9 ME89 MEhM]&>MMRs[1j.v09 f`6j {*Y9 0 Me& tjTu3Pj5(v1j('030 ]9]t0 EM j5M0 ]xEPMEIM]j59]t!MoEPMEE "MNEPMEE"!EEteM?E0 ]tM.MM5 ,0V9 D$tVF0Y9 ^9 D$V& t6y@u09 I & t%9 p& t"vVRVp~99 ~V0Y33@^9 I V& t'9 D$9 p& u3@Vp89 V/Y3^V9 9 N`& tjvjv*^j\R.9 0 }9 u& ~ MqeMR& u9 VW/YMj5MEEPMEK"!M9 E& t9 V/Y"ME~E 9 N9 URP& 9 N9 Pl& eEPMD4P9 M9 M& t9N0 E& 9 MU9 MP9 S9 M& t9 jejj'Y0 EE& t9 N9 Pt9 MPEP39 PME0 EP9 S9 }`u}tV9 E9 O`& tVA& u9 `V-YMEME}MM)p-9 D$V9 & t"~@u9 @N$9 PR& tP9 33@^j)t,0 M9 E3; 9Y@& 9 x; 9Y& 9Y& 9 9 h
Ansi based on Dropped File
(~WRD0000.doc)
9 @& u@]3]9 U9 Ve9 u;ue9 N0 ^]d9 9 H;t9 xu^]&z9 N0 H9 U9 eM39 M0 E9 E0 E9 E@E0 M0 Ed0 EEduQu"z9 9 Ed9 Pd5D$+d$SVW0 (9 3PuEEdPd5D$+d$SVW0 (9 3P0 euEEdPd5D$+d$SVW0 (9 3P0 EuEEdPd5D$+d$SVW0 (9 3P0 E0 euEEd9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 [:&.;GIF89a]}|~9 : Gxt!],& ]] 9VTM 7B;-<]QK'A]>L5/I=S3
Ansi based on Dropped File
(~WRD0000.doc)
9 ]3;u/ [VVVVV; }t9 E`pW9 };u/`[VVVVV }t9 E`p9 E9pu:fArfZw fArfZw CCGGf& t8f;t1MQPMQCPCGGf& tf;t+ }t9 Map_^[9 U9 V3W95Tuo9 };uRZVVVVV0X9 U;tfArfZw fArfZw GGBBf;tf;t+Vuuc_^]9 U9 uMkE9 M9 0 A% }t9 Map9 U9 juYY]9 U9 juYY]9 U9 QSV9 3;uYj^SSSSS0 0H9 W9]wYj^SSSSS0 0$9 39]f0 " @9EwPYj"9 E"w0 ]9 9]t]j-Xf0 NE9 9 E3u0 EvW09 Ef0 AA@30 E9]v;Er;Er3f0 3f0 IIf9 f0 If0 IGG;r3_^[9 U9 }
Ansi based on Dropped File
(~WRD0000.doc)
9 ];GIF89aQ "!x9 } xSx: !Q,~ QQ& '/-#KE< !4H,I=9Q7?+%*Q JPA20Q;>"L61@MO(N
Ansi based on Dropped File
(~WRD0000.doc)
9 C& tPMu9 ! P^[9 _]& t7& t3V9 0;t(W0 8Y& tVE>Yup}tVYY9 ^3jhEy
Ansi based on Dropped File
(~WRD0000.doc)
9 C& tPMu9 ! P_^[]9 U9 W9 }& SV9 5 W9 ! & tP9 ! & tP9 ! & tP9 ! & tP_PE{h}t9 & tP{t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$0 A4V9 9 F& tQS9 Wp9 =& t9 Fjt$jpv& tD$j51N, QPjv_[^9 D$0 A,9 A& tI,jQjPU9 (SVEP9 9 ]PSx & uhWj(3EWPNhWE0 E0 }0 }0 ]0 } j0 E9 0 E0 } 0 EEP| _f& u33@^[W9 w& t5V9 t$& t)Vw< & tG(9 )9 N9 )N9 F3@3^_|$VW9 =0 9 t%jv~$t=9 F& t6p& t)jjv9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$39 9 D$& t9 L$& t9 I;T$t& u3U9 QQSV9 9 ^& 9 F& x9 V& 9 MW9 9 0 ]9 9rY^3jZ9 Q!}Y0 Et!9 N9 QuPu9 E9 NM9 V0 `9 N0 E0 9 F9 9 M9 U0 9 U0 Q9 N@0 F_^[9 30 H0 H0 9 9 D$;r29 I`9 AV9 9 F& tPYff&^9 D$V9 ;FrQ@~0 FuPVv0 FjP.WP<v9 jW6vWv~ 0 ~_^9 A& tPY& t33@V9 ~u3D& u9 SWx3jZ9 Q9 Y& tWSjvjt$$ _9 [^V9 FP 9 ^Q Q Q9 D$V9 0 & t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$3V9 t$& t&~t 9 N9 P & u9 N9 & t3@3^j<M\a9 E9 H9 eURP& tKM: & u?M[EPMEmEMu[MM$3@[MM3j/0 M9 }& j 1Y0 Ee& tj9 ~]0 EeMjtY0 EE& t9 9 39 MV9 P9 N$Q9 P9 9 0 F PNuN49 M3& v8^D9 MWEP& P9 E5MM)9 MG ;rh0N\#9 EP0 p9 Ej5(DV9 9 W9 |$& t;t 9 F+G_@^V9 9 & uf9 & t9 39 N;HuM9 F^SV9 39u69 F8Xt9 @0 F8Xt<^[9 8Yu9 9 A8Xt0 N9 N;u0 F9 @8Xt9 N8Yu0 F^[U9 9 EVu9 0 9 E0 F9 EN0 Fg`EFF9 ^]VW9 |$W9 H9 G0 F_9 ^SV9 39u! 9 F8Xt^[x9 H8Yu9 9 8Xt0 N9 N;Hu0 F9 @8Xt0 F^[SV9 39u89 F8X!t^[)9 H8Y!u9 9 8X!t0 N9 N;Hu0 F9 @8X!t0 F^[9 D$9 L$;t
Ansi based on Dropped File
(~WRD0000.doc)
9 d}& Fpt"~lt9 pl& uj Y9 ,yj`YeFl9 =Hi0 EEj[Y9 u9 U9 uM.k9 E& ~9 M9 Jf9tAA& u+Hu uPuuu }t9 Map9 U9 f9Eueef9EsE9
Ansi based on Dropped File
(~WRD0000.doc)
9 E 0 w0 W9 M_^3[}$z*>"! 9 U9 t 30 ES9 ]VWu}f9 U9 #0 ]EEEEEEEEEEEE?ER0 Mf& tC-C 9 u9 }f& u/& u+& u'3f;" $
Ansi based on Dropped File
(~WRD0000.doc)
9 E& t3& " Wh,V& PMMR"9 hVj3 j4=N 9 0 ]u9 MPh|Vj39{uh<Vj`3ME0 }uME9 ;uhVjNME9 M93f0 MPMFl9 C9 WPE 9 C9 WP 9 C9 UR9 uP f}te& tPhh|jeEPMEMHM5/jMEi5Ph`h|j eME/M#9 ]39u& 9u : MME9 MhEPE$PM;t6EPjEP9 ?0 E;t29ut-9 0 eu)9 9h4h|jME[ MMu39uh " h|& P9 E1 jBJ" 9 0 ueNfff9 " jkN" 9 0 u9 FE& tP" YfNEM9 }" 9 D$VW9 |$9 & wWJ"!YP0 F5Y0 F& t39Fv`89 N@;Fr_^9 U9 QW39=@t3S9 ]V9 ! P9 Puuh(VjbEPEPWh?WWWuu( ;tPhB9 R& u9 *uDP9 Pjh|9 uWuu4 ;tPhX3" VAAQ3u$ h|Vj3@^[_U9 QVuuhVjSEPjjuu0 & uu$ h|Vjk3@3" PhVAAQL3^U9 QQVWuuhVj#EPj3Wu0 }u0 ;t3" PhhVAAQ3:WWWWEPWWWWWWu8 & uu$ uhDVj9 E_^U$` 30 & S9 & 9 SV9 W9 PWVhSj0 E 0 MU30 E 9Euh@Sj;3MRQjPWV0 9 3;urhE"!WPESEPEPE PWu EuR, 9 ;u#} tj
Ansi based on Dropped File
(~WRD0000.doc)
9 E'P9 MEh"!9 {MP9 kW9 cME}9 MC0 ]E; Jh"!9 7h9 +9 YQj~frP9 0 uuN |e9 9 "QV9 D$tV<QY9 ^j~fP9 0 uuN )9 Eej0 F
Ansi based on Dropped File
(~WRD0000.doc)
9 E)EE C(EP[x0 uAj0 EVC0PM9 CU9 H]E]E]P0 E 9 C9 Hf9 K9 IVVUR0 EEj& } 19 E \$E & } 1\$ET$$PQ9 ~70 E`Wdu9uuuVVuuuuuu uuuu39u_ 3^[U9 (SVWu9 0 E9 F3; 9 }; UR0 ]0 ]9 PQ9 F9 URPQEt'9] u"9 MWQu9 MuSuQ9 wMQ9 MWQuuSuuw7u9 v9 VP 3; 9 Z9 F; 9X Et!u 9 uuuuuuYuM_F(E^xP0 ]Ej0 ESF0PME9 F9 H]E]E]E]P9 9 F9 Hg9 N9 ISSUR0 EEj& } 10 }\$E& } 1\$ET$$PQM~u& uu 3@Xun9tE9] u"EtSu9 uuuuu u 9 uuuuuuu3_^[U9 SVW9 }39 ;u39 F;t& & 9 N9^uF0Pt3vvDv@+59 0 F; 0 9 N0 E9]^$t9 G+0 F 9 G+G0 9N 0 9 ESQ9 0 9 F9 ;~
Ansi based on Dropped File
(~WRD0000.doc)
9 E0 w0 W[9 M_3^` : r 0 u x 9 U9 S39]u `SSSSSS("!V9 uW9 };t!;u0SSSSSS'j0 E;w0 }uEuEBu0 uP0 uU0 E;t4;|"Mx9 EEPSYYt9 E39]\>HH_^[9 U9 S39]u : SSSSS;'[V9 u;t9]w
Ansi based on Dropped File
(~WRD0000.doc)
9 E3SV9 u3W3]0 ]t2uKSh jSjh u9 u3 9 }]EjSSW` " Ej s}Y9 t#}t9 E0 F9 EF^0 F0 ^0 ^*`EF`EF0 ~^0 ^:tjSSW` 0 F9 E0 9 _^[V9 t$& u^ ~tvXVlzY3^9 D$ 8t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 PQ9 9 uV9 t$jh29 (& t(jh29 (& tjhS29 r(& t3^3@^|$t|$t33@V3& uhhLtjPhlt,& 9 9 PQ& ^|3@3& t9 PQ& u!!V9 2}9 ^2=tV9 D$tVY9 ^jae eeEPhLtjjhlt,& & 9 EtM& t9 PQ3'9 URuPQM& 9 Eu9 u& t9 PQ9 Vt$9 P9 xP9 ^Ul$ 30 & jRe9 9 3];t0 9 $& t29th9 '& & jh& @SP0 <}h8ESP0 ]k9 "PMu9 E0 ];t9 39 <VQPR9 ;R0 ]9 URh<tPE9 E;t?9 UR<PQ9 ;|;u9 E9 UR@PQ9 ;|;t9 & @0 9 E];t9 PQ;|
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 URPQ 9 E9 PQ9 }uu9 EU9 eVW9 w9 Fw& t9EP9 6f}u9}t3u9 ` ueEP9 MV! 9 E_^9 Mjh|9 ? jAR9 5;E ~w(39u9 G$9 VPQ0& & 9 6MQu0 ]9 VP;|m9 E;tf0 ]9 URP0 ]Qd;|@h$ M> t/jP/Y9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9E(}9 E(0 9 EL& t9 M0 9 EX& t0 8}tuu }tu j9 MEP4MEE0EeMEME3F9 Mjh|9 k0 uME M<Et9 E{cThSh9 30 u0 u30 }0 u0 u0 u0 uVEPEPEPEPEPVjhujh ; EPVVju9 ; uj@ 9 0 }; EPWVju; 9 G0 & l9 G0 & p9 G0 & X9 G0 & \V& TPhVju 0 E;tR0 uVVVVjP| 9 ;t<PJ0 Y0 E;t+SPVVjux & tuuoYY& uEE9 E`39 }9 ];tSt 9utuY;tW ;tSt 9ut
Ansi based on Dropped File
(~WRD0000.doc)
9 E; 9 8X;0 E;|9 E[j@j YY& tV9 M0 *@@
Ansi based on Dropped File
(~WRD0000.doc)
9 E;t0 F3@j d9 }tuuu81<9 & u3Mk;eEPu9 u?& uMMfDMEPME& u^jhx1MJEPEPu9 uER@EM& u&D3MEMMC9 ECMH;P9 j9 Vt$9 jt$jt$ 6" & t0 F3^U9 9 E$V9 & t9 39 M& t9 I3u,Eu(Pu 9 E \$E\$E\$E\$@\$@\$@\$$Q6'& t0 F3^](V9 aD$tVZY9 ^j|=9 {& t9 MY:P9 h9 : MaeM
Ansi based on Dropped File
(~WRD0000.doc)
9 E;t9 R9 U9 $ 30 E9 E9 MSV9 uWP3WWWWQEPEP0 M3q 0 Et
Ansi based on Dropped File
(~WRD0000.doc)
9 E=?sJ9 MsB9 ;r6P9 Y;t)9 UEPWV}9 EH0 53_^[9 U9 0SV9 5W33;u.9 ;t0#Pxu
Ansi based on Dropped File
(~WRD0000.doc)
9 EEEPSYYt"Mx9 EEPS YYt9 E39]f0 D~HH_^[9 U9 uuuuuhR& }]U9 WV9 u9 M9 }9 9 ;v; r=tWV;^_u^_]ur*$" 9 r$& $$(#``FG`FGr$" I#``FGr$" #`r$" I9 xph`XPH9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 9 E^_`9 E^_``FG9 E^_I``FG`FG9 E^_t1|9u$r
Ansi based on Dropped File
(~WRD0000.doc)
9 EEP9 vMM}T9 V9 Q}09 ^0V}@Ul$ 30 & j(co9 & $9 9 0 E9 & (0 E3VPf0 & &
Ansi based on Dropped File
(~WRD0000.doc)
9 EFjHVE0 M9 ]& u3@5Mt9 Ees0 u}jspM9 C$3<9 C j0 EjEP0 Mu}9 u39XtZM;jhxME
Ansi based on Dropped File
(~WRD0000.doc)
9 EH Y]9 E P ]9 U9 9 E8 ;r= w`+PY] P]9 U9 9 M9 E}`QY] P]9 U9 V9 u9 FttvBZf3Y0 0 F0 F^]9 U9 (SV9 uW30 E0 }0 }0 }FFf> tat8rt+wtWWWWW`93S
Ansi based on Dropped File
(~WRD0000.doc)
9 EPEP& } 39& [h0 uE0 uEY0 E0 u;t9 3M9 0 ejh|9 0 .Rs49 9 s9 jf9 u3VVPL9 9 Vh& 9 9 Vha9 9 Vh9 9 V9 9 jK<9 jfPhY0 EE;t9 >3M9 0 ejh|9 0 Sm9 s49 9 Ss9 je9 u3VVPL9 9 SVh9 9 SVh9 9 SVh9 9 SV9 9 Sj_WSK<9 jePhTY0 E0 };t9 Z3M9 0 ej|9 V0 `9 0 ejVE `s49 9 sMh9 u3VV>\j9 0 ejh V`9 9 VVVZ[9 9 h`ada[K<9 hPu9 uf9 9 50 jp9 Sjp9 jpn9 S9 =0 & tp & t
Ansi based on Dropped File
(~WRD0000.doc)
9 EXEt9 EHE t9 EHE t9 EHE}t9 EHE9 u9 9 E3H1H9 9 E3H1H9 9 E3H1H9 9 E3H1H9 9 E3H#1Hv t9 MIt9 MIt9 MIt9 MI t9 EX9 #t5=t"=t;u)9 E!9 E9 0 9 E9 9 E 9 #t =t;u"9 E 9 E9 9 E9 0 9 E9 M319 EX 9} 9 E9 }t&` 9 E9 EX9 EX`9 E``9 EXP49 H 0 H 9 E9 EX9 EX`9 E9 H`0 H`9 EXPOEPSju4 9 MAt&At&At&At& Yt&9 3+t/HtHtHu( 9 %
Ansi based on Dropped File
(~WRD0000.doc)
9 F& tv9 HF0 F9 FH9 F9 9 F& tM9 HF0 F9 FH9 F9 H9 ;H 0 (FDN9 F@9 F9 ; jX_^][9 9 F9 F& t9 NHF0 F9 0 A9 F9 9 F& t9 HF0 F9 FH9 F9 9 F& ta9 HF0 F9 FH9 F9 9 F& m9 HF0 F9 FH9 F9 H0 N0j=9 F0 (9 FF`4`#9 F3@j
Ansi based on Dropped File
(~WRD0000.doc)
9 F0 U} [& & `9 N,;u"9 F09 V(;t0 Us+H0 E+0 M}uau9 EWV0 F49 N00 E9 F40 E;s9 +EH0 E9 V,+0 U9 V,9Uu9 F(;t0 Es+I0 M+0 U} 9 F9 Me0 E;v0 M9 E9Ev0 EuSunv9 E)EE)E)F& t9 M } peMEC0 Mr9 E%?9 0 F! w! hj Pw(W 0 F& 'mmfK9 M } eMEC0 Mr9 N9 E9 F9 Vm0 `Fm9 F
Ansi based on Dropped File
(~WRD0000.doc)
9 F;Eu3GEWWWjPvHd 9 ;t~0 }uWY0 FE9 F& tPh 9 F0 ^& u3 9 MWjP0 NX9 F0 X9 F9 N@0 H9 F9
Ansi based on Dropped File
(~WRD0000.doc)
9 Fjp_uuuuv ^uuuu ji?9 0 uQeUM9 ?jNT>9 9 }W& u3RjW0 ~9 P9 0 FR\3;u0 N0 N0 M3}EP9 OvE & tEv9 ]9 }+]+}jvSWuuuj{Ph9 P0 F& YMMGGCC~u%j-8Y0 Ee& t9 "!3M0 FvjvSWuuuj9 NPhF9 F9 =jhjp9 9 PXF,jPjvVv^h?zjv 0 F3@N>U9 <V9 q& S9 R W3PPPPPv0 E 9 = & u/ueEPv@ & t%uuuu0 E}t9 F(PPu& t+EPv@ 9 F& tMQp@ 33;uu9 E+E9N t3QjjP9 E+EP0 E9 E+EjjjP9 E+EP(#P9 E+EPQQ0 E9 E+EP9 E+EPjjjju0 E9 juuujju9 }& tjWuu9 tjuv9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
9 h xWjMu9 9MueMM@EPMEM"!uME9EPM-EPjhhME~MQMQPjNPEM9 E& uf}uuh<Wj2MEPME
Ansi based on Dropped File
(~WRD0000.doc)
9 h Y9 0 M30 u;tuuj~J9 M~hWFXPu9 & u& 9 j9 : MEPME%lPNHE^MEW9 M|NP9 ^9 & t@hGY9 0 ME& tuVhS}3u9 PEl9 9 PMM[V9 T9 ^V9 h9 h9 h9 h 9 ^j }9 }9 uWVg& 9 & Sj9 SMf_u69 HPjEP9 )aeP9 ]MMU'9 N& tHvPh9 xR& tjX;h9 cR& tjh9 OR& tjh 9 ;R V9 T
Ansi based on Dropped File
(~WRD0000.doc)
9 h$9 9 O(& zP9 `h$9 `w89 `9 j?]"9 0 ue~89 <%?NXENtE}E~9 E}ENtEfTNtf,}9 jP9 j59 P9 j59 Pf0j
Ansi based on Dropped File
(~WRD0000.doc)
9 H9 U\e9 uVPu9 }WFHtHu4jFPwYYPvSFPwRYYPvSE3@9 e9 U9 }tuSVuV} uuVu ^7uuV9 Ghu@u0 Fu9 KVu(& tVP! ]9 U9 QQV9 u> W t? t9t+>MOCt#u$u uuuuV & & 9 9 }u9 uEPEPVu W0 9 9 E;Es[S;7|G;wB9 G9 O9 H& t yu*X@u"u$9 uu juuuu9 uE9 E;Er[_^9 U9 ,9 MS9 ]9 C= VWEI9 I0 M|;|]9 ucsm9>& ~ & 9 F;t=! t=" & ~& 9 0 u9 RjV0 EvYY& u9>u&~u 9 F;t=! t=" u~u] t|O9 Du30 Y uO39~9 G9 Lhd & u
Ansi based on Dropped File
(~WRD0000.doc)
9 hEPMPMPs Wsus MMi3q!|$+ut$9 P3j! ls 9 0 uUEN E)6MN=!U9 <W9 w8& uSV9 9 3;~F9E~9]& `j8ESP*E9]tEE9]u0 u9 E0 E9 E0 E9 E0 E;u%9]t9 E0 E9]uEPShMw8EPShLw8& t9 E^[_V9 D$tV_ Y9 ^j3PPjPt$V9 9 L$\P9 ^9 & t9 jV9 9 F& t9 N0 H9 F& t9 N0 H|$t9 9 ^9 3U0 H0 H0 H9 AV9 9 F& t19 NW9 x9 F;u9 @0 Ft$0 ~& _ufff^V9 9 F& t19 NW9 x9 F;u9 @0 Ft$Q0 ~& _ufff^9 T$9 D$& u0 A0 A0 Azu0 A9 J0 H0 P9 J& t0 A0 BVj9 !Y& t9 L$``0 3Pv9 : ^V9 9 F& tK;Fut$;;Fut$0+W9 x& u9 xt$9 N0 ~& _ufff^V9 9 FW30 F& tt$9 R& tPpYG~uff9 _^jUV9 D$tV6Y9 ^9 U9 9 EjP ]9 U9 9 E9 Mh@?URE0 E0 MEX#9 U9 9 EV9 9 H0 N9 P9 0 VF& t9 9 QP9 ^]9 U9 VW9 }9 H H H IH 9 M9 ESj Zr9 0;1t|0+t3& x\9 & & ipY+t3& x\9 & & HpY+t3& x\9 & & 'pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & r9 p;qt~pY+t3& x\9 & & IpY+t3& x\9 & & (p
Ansi based on Dropped File
(~WRD0000.doc)
9 HMMEMEj9 0 ejh9 MEZPVME}M9 ESME {jEP;eM+& u2MXEPhMEPMME4MMdn j9! EPeM& tMM+3@2 3CM0 ]EPhM]fPMR& uMEMM9 9 ]jt EPFeM6& t3FMM~9 M;ME@ME\j9 0 ejh9 :MEPVMEM9 EME{j}P EP"!eM0 & tMM
Ansi based on Dropped File
(~WRD0000.doc)
9 I;t0 M9 HH3;t9 Y9 HX& tf9u9 I& t9 er$fx`u9 @h& t9 URhlrP& }e9 E;G<u9 ! ;Vuh8hjOL9 uMQu9 uuSVP9 [& |}9 E9 9 @t3f0 9 E& t9 PQ9 W _^U9 SVW9 }9 & 9 efxu9 @& t9 URhlrP& }e9 9 @3& tf8u9 @& t9 9 E;F<uSPh8h`j|K9 u9 ~Xt
Ansi based on Dropped File
(~WRD0000.doc)
9 J0 E9t9 F0 E9 E^[U9 W9 9 & u3uue9 URPQ$& |9 E& t0 G9 E9 MS9 ]V9 5 0 E9 M0 E9 Ejw0 ES0 ES0 E 9 ?9 MQSWP(juS3^@[_U9 SV9 u9 F+WP9 9 F+FPNYY9 N9 9 ~9 v0 M0 M3QQQPSuEu0 Uu0 }Pu0 }0 U0 u0 u _^[U9 S30 M9u3VWu 9 u9 }VWu0 E Pu0 E9 M0 EEPu0 ]u0 ]u0 }u0 u#u 9 MuVWSSu& t*9 E9 M0 E0 EEPu0 MSSu0 M9 Muuuu3_@^[U9 W30 M9}u3SWWjWjh u9 tWSS0 EuSX3VPj 9 ; 9 V 0 };tvWMQuPSh& t[9 E;EuSVR EPjV0 }$& & |?9}t:9 uVhsjuu09 E9 PQSX39>" VR VSX3^[_U9 S9 ]V9 & u3EWhx1PS 9 & WS & P 0 E& }WS 9 Wj P0 F WuPB9 =R v eEPjv $& & u*9Et%^ShsjPu0& }#9 E9 PQ~uv v f 33@_^[]j.9 9 N& t9 jjY9 0 Me& t" 3uM9 0 Fb & u9 N& t9 jf33@'j.@9 9 N& t9 jjAY9 0 Me& t " 3Mhx1u9 u0 FF & u9 N& t9 jf33@V9 >t3@^Vhtjjhs,& & |>u3^U9 V9 9 W3;u& t9 ;u3K9 WuPQ& }9 9 PQ0 >S30 }9 9 WURURPQ j| CEu
Ansi based on Dropped File
(~WRD0000.doc)
9 jf89 N4& tjf4N<ENE{MN{j@B9 9 M@t& & R!E9 9 & tEPu9 y& t9 Eg9 F$e9 89 MEPrPv$ & |B}t<jPY0 Ee& tv09 u3M0 E& t9 Pu9 R 3/j H9 }u3,juM eEP9 MM9 z9 j}N9 9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
9 jf8NlEN<E'NEY5M9 rXV9 ~u3Wvd9 =vvN<9 jP9 rF_^U9 (SWyEP9 Z,9 ]PSx & ugVj(3EVPh VE0 E0 u0 u0 ]0 u V0 E9 0 E0 u+0 EEP| ^f& u33@_[V9 Fh9 F`H9 Nht6Hu&u#vd!Fhv~\u9 j9 ^9 9 ^S9 9 ^V9 9 N8& tt$
Ansi based on Dropped File
(~WRD0000.doc)
9 jf9 N& t&9 F9 PQf9 N& tf^jT9 0 ueNN$E"!N4ENDEgN\E[9 TjS9 0 uN\ENDEN4EUN$EINE=M9 2<Tj,'WS9 30 }9 ujhTa9 0 }hDa9 0 }Eh a9 ha9 h"!9 9 *P9 h"!9 `h"!9 ~h"!9 rKP9 bh"!9 VhS"!9 J{$9 & u'hR"!9 09 P9 !h|"!9 hp"!9 hd"!9 K4P9 hX"!9 eKD_GT"!& 9 E0 EEPMlhH"!9 EaMP9 `W9 uEPKD9 EP9 `MEzh<"!9 HMP9 8W9 0MEJEKDF9E HeK\0 M9 F& 9 ]EPM0 ]h,"!9 EMOP9 W9 9 MSEP
Ansi based on Dropped File
(~WRD0000.doc)
9 jf^j yu3(9 I9 URP9 MePMM="!3@Dj QZ]9 ~tv9 N9 P& u9 N9 URPe9 MP& M>u9 N9 URPEu-9 N9 URP9 MPEEMM3@3V9 ~W9 |$t9 N9 WPh9 U~t9 N9 WP_^j`Z
Ansi based on Dropped File
(~WRD0000.doc)
9 jf^V9 9 D$0 F^V9 ~t9 L$j 9 N9 ^`^U9 Q9 MSVW9 ue9 9>s}69 M" }t'f*uT9 O;sK9 M@Ps f/u;e3S0Y& u(f/u29 O;s)9 M@PA f*uE9>r}t33@_^[9 ``#V9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
9 jfPM9 Ht$t${Ih )9 39~P& jY9 0 M0 };tl3v@vD9 vH0 ]0 FP l;u3~M+nMEnMEnMEnShXME|EPEPE,/YYMEvShM|EPEPE.YYMEvShM |EPEPE.YYME"!vt /tE^SM;thI|EhP9|E
Ansi based on Dropped File
(~WRD0000.doc)
9 jf} E<)NTE0)M9 d/x9 D$0 jV=~9 9 Ee0 Ft9 E0 Fx9 E0 F|EP} k09 E$MM0 (~ 9 D$0 Q09 0 Q40 A89 D$0 ApU9 9 A& u30MQP< & t9 E& t9 M+M0 9 E& t9 M+M0 3@j
Ansi based on Dropped File
(~WRD0000.doc)
9 jgHY9 U9 VEP9 xW9 ^]xW_" 9 U9 V9 xWL" EtV Y9 ^]9 U9 VW9 }9 G& tGP :t?9 u9 N;tQR-YY& t3$tt9 E9 tttt3@_^]9 U9 9 E9 9 =MOCt=csmu+~3]jh C9 }9 ] s9 s0 u e;ute~;w|9 9 O9 10 uEyt0 shS9 Oteu-Y9 ee9 }9 ]9 u0 u E;utV0 sL9 ]9 u~9 8csmu8xu29 H t! t" uxu3A0 9 3jhC 9 M& t*9csmu"9 A& t9 @& tePq?E38E" 9 eG
Ansi based on Dropped File
(~WRD0000.doc)
9 K9 ju4PPWWWWR Ps0 E, & tsjj9 Su,u4 Su,h WWu4u$u WWu@ uu4u(u49 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 L$S& t3^j 9 9 u& t6}u0M!: eEP9 9 M& uM3!p: Phj_XMM3@ u& t
Ansi based on Dropped File
(~WRD0000.doc)
9 M!_^U9 jju & tuY9 0 M0 E;s0 MSWW~9 Y& uMjX9E V9 E9 M0 M;w0 E9 u+u9 E+;w9 jVu & uRujWSu>GH <Pu |Ku |u |t& }0 E}u9 E9E q^S9 EY_[9 T$9 L$V9 9 0 q9 0 A9 0 A9 N?0 q0 A0 ^U9 XSW9 }30 ];ujaX9 GGVSP7& t0 u*EP7YY& tM}PKtE"!EP7 YY& t0 uEP7lYY& t0 uEP7XYY& t0 uEP7DYY& t0 uEP7tYY& t0 uEPuEP7T& t0 uEP7?YY& t0 uEP7+YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7 YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7xYY& t0 u9 u0 u9]& 9 E;t;;us9 9 ]& v}v7jSPytM+}0 uu`}tZ9 u9 ] ;s9 }tju7& u!EM& v} v7jSutM9 E+9 EE}uz9 ]$& tX9 u9 M(;s0 u0 M& tjP7U& tM& v}(v7juStM}u9 }& tjYu9 E& t9 M0 9 E^_[V9 t$W3;ujaX*9 F$WWWWW0 FWFxPF(PV0 ~3$; 0 N_^V9 t$W3;ujaXF9~ujS9 F@;Ft9 NPNL9 VHWWWWW0 FWFxPF(PL.NV: 3$; 0 N_^U9 Q9 ESV9 uW30 89 E0 89 E0 89 FFxWP63:& tfEP6yYY& t}PKtj"![EP6YY& tEP6YY& tEP6YY& t;u9 F49Eu;ttj"![EP6YY& tEP6YY& t;u9 E;F<tEuj"![EP6YY& t;u9 E;F@tEuj"![EP6 YY& t;u9 E;FDtEuj"![EP6(9 }YY& t& u;~Htj"![9 E8EP6YY& t9 Fx9 MD80 9 E9 M0 9 M9 _^[SUW9 |$33;ujaXMV9 w|;ujaX?9^\u9 FP;FTtj ]9 ;tPo Y0 0 9^@t
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 $& u}~9 j9 P}t9 j9 s89 & ~9 j9 P}t9 j9 KX3Kp3_^[U9 V9 WE~P9 $EPEP9 y$& t%89 E9 P$P9 REPEP9 T$& u_^U9 V9 WE~P9 ,$EPEP9 %$& t u9 aEPEP9 $& u_^VWy9 {9 V9 & tH4& tV9 Ny3_@^j4=ga9 Me~X9 |e0 E& v1u9 $9 & tSMQ& tSNp1E9 E;ErMMt3@aApV9 j
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 W& uNXyNxEYM9 j 89 9 Mh|9 ZNX0 M+~$9 bQ& u4WNV& t'uMQ9 : 9 MeP=`MMX9 M"Q& tL~Tu~49 j9 FT9 Nt& t9 WeEPuN4V& t}tu9 M_9 M 9 MP@Bj$#[9 9 E& u
Ansi based on Dropped File
(~WRD0000.doc)
9 M& u0 uE9]rRFuL@uF9 D9 E+E;Ew1A@u}uFu%9 #9 Q9 R9 `@$#At3_^[9 U9 $9 @9 HMMS9 XVW30 }0 }0 }0 M0 }E0 }; 9 E9 M9 4+E;Ev39 9 M;tQPF)YY& uFu0 u9 E0 E9 F9 0 E9 9 M;tQP)YY& & 0 uF)Y;Eux9 E+E;Ewd }tgG@u}u
Ansi based on Dropped File
(~WRD0000.doc)
9 M9 M9 T$B9 J3 SR2UM }@t 9 T$B9 `<3bS2UM9 T$B9 J3?S2`UMKtM6M8Mbu: YYM}9 MHuYYuwYY9 T$B9 J3R3T9 Ms^9 M9 M9 T$B9 J3 R 3TuYYMC89 T$B9 J3jR39 TMMM" 9 T$B9 J37R4XTuXYMhM`u"!XYMNM7uXY9 T$B9 J3Q(4S9 M9 M 9 M09 T$B9 J3QS4S9 M! 9 Mx9 T$B9 J3tQ4" SMuWY9 T$B9 J3GQ5hSM 9 M! 9 Mxl9 T$B9 J3Q@5/SMIMAM99 T$B9 J3P9 `3P|5RMM9 E e9 M9 T$B9 J3`P5RMX9 T$B9 J 3gP5R|X$ XMRM 9 T$B9 ` 3#P(6DR9 M0[9 T$B9 J3OT6RM8MM(9 T$B9 J3O6Q9 Mg9 M9 M<r9 MljM 9 T$B9 J3~O6xQ9 M9 M9 M<er9 Mlj9 T$B9 J3:O 7[QM,9 T$B9 J3OL78QM3M0 ,9 T$B9 J3N9 `3N 7Q9 M9 MT9 M 9 T$B9 J3N7PM<M,u(UY9 T$B9 J3nN7P9 M9 M9 T$B9 J3CN,8dP9 M~9 T$B9 J3 NX8AP9 MX9 T$B9 J3M 8P9 M29 M'9 T$B9 J3M8O9 M9 M49 MP9 M`9 T$B9 J3 M8OM MMMMM" MMI9 T$B9 `|3$M 9EO9 M9 M49 MPF9 M`;9 Mp+t9 T$B9 J3L 9NM
Ansi based on Dropped File
(~WRD0000.doc)
9 M;t9 jEPEP9 & uR9 ;t9 jP0 9 ;t9 j0 9 };t9 j}Eb }ES }|E
Ansi based on Dropped File
(~WRD0000.doc)
9 M_^3[+9 U9 SV9 u3W9 };u;v9 E;t0 39 E;tvMj^SSSSS0 09 VuMS9 E9X& Sf9 Ef;v6;t;vWSV#L*L9 8]t9 Map_^[;t2;w,}Lj"^SSSSS0 038] y9 E`pm9 E;t8] %9 E`pMQSWVjMQS0 ]p ;t9]& ^9 M;t0 Pz& D; g; _WSVLO9 U9 juuuu|]3PPjPjh@hqd "! "!V9 5XttP|"!ttP^3t@tttt t9 #Vt#t;t;u
Ansi based on Dropped File
(~WRD0000.doc)
9 M`EF9 U9 M t2}u t ux& tBe > `< t<uFN > }t9 EE0 3C3FA >\t >"u&u}tF 8"u9
Ansi based on Dropped File
(~WRD0000.doc)
9 MeEP9 & M & & M0 EEPMMREheMEFEPMRE7nEPMEPMPM<Tju5ShMEvME.FMREeMERMMF3@0hHSj `MM%h Sjx`3"j 4!9 h x WjK`jhXMu 9 ]ueSuEPRNP9 & u& tf;ush<Wj_MM& 9 !Vh xhj9 _v(& tjh5(v(3@^j>e M~u3M0 u"M;uM-3!_9 ;uMM9 9 >M9 E& ~2EPV9 M9 & u
Ansi based on Dropped File
(~WRD0000.doc)
9 MEPVM0 ]EM]ME9 EV9 t$& t[~tU9 N9 P & u9 N9 & t3@79 N9 Pl& t9 L$V;9 Nt$9 P& t
Ansi based on Dropped File
(~WRD0000.doc)
9 Mj2rMM([|jH^9 ]9 u9 0 ]0 ur& t& tj9 q3V'}f '}fVEP9 >zeM*9 W9 kS0 ]eYY0 E& tWY& veE}0 }& E3D=Pu'YY& v;s9 0 }Gr}uE9 9 ]+}0 Eu9 }jEP;Pu& & t}]}0 ]& 9 E`\3E}EWPYY& tWh|'EjP1]EEPuuV1EPE9 ]F0 uWY9 M3;t
Ansi based on Dropped File
(~WRD0000.doc)
9 N389 N9 V3:9 E_^[9 ]E9 M9csmu)=pWt hpWb& t9 UjRpW9 M#9 E9Xth W9 9 &9 E9 M0 H9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 N38p9 N9 F38`9 E@f& 9 MU0 S9 [0 E0 Mt_I[9 L D 0 E9 0 E& t9 E& |@G9 E9 u }t$9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & npQ+t3& xT9 & & MpQ+t3& xT9 & & ,pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & x9 P;Qt}Q+t3& xT9 & & PpQ+t3& xT9 & & /pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & Z9 P;Qt~Qp+t3& xT9 & & 1pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & `pQ+t3& xT9 3& & ;I@+ 3& xL9 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & `9 P;Qt}Q+t3& xT9 & & bpQ+t3& xT9 & & ApQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & l9 P;Qt}Q+t3& xT9 & & DpQ+t3& xT9 & & #pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & spQ+t3& xT9 3& & N9 P;Qt~Qp+t3& xT9 & & %Qp+t3& xT9 & & Qp+t3& xT9 & & Qp+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & upQ+t3& xT9 & & TpQ+t3& xT9 3& & /f9 Pf;Q Qp+ 3& xT& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & }pQ+t3& xT9 3& & i9 P;Qt}Q+t3& xT9 & & ApQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & ppQ+t3& xT9 3& & K9 P;Qt}Q+t3& xT9 & & #pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & rpQ+t3& xT9 & & QpQ+t3& xT9 3& & ,9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & upQ+t3& xT9 & & TpQ+t3& xT9 & & 3pQ+t3& xT9 3& & pQ+ 3& xT& 9 9 M9 u+t3& xT9 & & AV+t3& xT9 & & AV+t3& xT9 & & AN+ : 3& xL9 0 9 M9 u+t3& xT9 & uhAV+t3& xT9 & uKAN~9 M9 u+t3& xT9 & u ANp9 E9 M_3_^]*(I"!+}nz: pP\}^2>^9 VjhS 9 9 9 ^9 U9
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe9 M& & -& t3@jB3q,0 ]9u$9 A$9 VPQD;tMMLv3TM0 ]mPM9 }E;t9 39 9 uVQPR;t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe}t3EPMMx9 EPO 3Gj(B9 339u PuM0 u0 uf0 E 9 }0 u;t9 3Pu9 s00 E;u;t9 39 C$9 UR9 uuPQH9 & t9 M& t} uM
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf,^39 D$9 L$@y4u@3@ @ V9 9 F,& t9 PQ9 D$0 F,^& t9 PQ9 D$xtt$9 @9 hsP@ @ U9 V39utZhturnYY& tG9 E(tHtHtHtHtu'9 E9p(9 E9p(t9p,u9 EjYf0 f0 H 9 ^]@ U9 VrVumYY& t2VumYY& t#9 EH& tH39 U0
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf0M9 l$l$l$Vl$l$l$8l$ l$l$l$$l$jl$l$l$ Ll$l$! l$$.l$ l$il$l$$l$Kl$l$ VW9 3jF4WPFF|F<FFFF F$ 0 ~(0 ~00 ~D0 ~H 0 ~,0 ~L_9 ^V9 D$tVY9 ^j>9 0 u"3N0 }:+3Cj
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf9 e9 URPQH& |9 E& t0 F3@3^U9 V9 9 MW0 u9 & t3XS9 & tI39^tB9 M0 ]0 ]0 ]Bt9 EPj@ 9 ;tW & uW3[_^}9 tf0 _9 MPVSZJWR EPjW$& & |X}tR9 E9 @9 URhsP& |19 E& t*9 PQ & |9 Eu9 PQ& |E9 E9 PQ9 E9 PQW9 ERji$:9 0 u.eNRR?NlE9 fF9 :ji99 0 uRRNlENE8M9 :AU9 SVW9 7& & u9 SS9 P3;u3u9 QuVVQQhhRSj9 9 & tw3P5"!_9 VVPP9 RjV9 0 ejhR9 l9 ).9 & ~4e& ~%u9 & t9 P9 E9u|9 Qj9 3@_^[]V9 M& ut$Nl`*~9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf<_^jX?9 9 }& u3`9~<u3@V9 E0 & t.MieM$iP9 0 4MMh0 ~<9 WP}t9 S'U9 Q9 MejjEP& 9 Et.& t49 VuuuuuPQ9 9 E& t9 PQ9 ^& t9 PQ@ U9 QV9 Ruc9 E& tAxv;9 9 @& u33e9 URhRrP& |}t9 9 E9 PQW ^j{?l9 uejEP6& tX9 E& tQe9 eURPQ3& |9}tuEu9 uP9 9 E9 PQ9 EM& t9 PQ9 3j?30 ]uEjP0 ];9 E ; 0 ]9 URPEQ;9 ER; 9 M! PMu9 EM9 URhjUR,tVPEQ;|Y}tSu9 Eu9 uujSVuPQu3;9 9 E];t9 PQ9 EM;t9 PQ9 ,u9 E;]t9 PQ9 EM;t9 PQ3j?9 0 u~,FENtE[N\EONES9 EM9 )7U9 uh,tAZYY& u
Ansi based on Dropped File
(~WRD0000.doc)
9 QP3Vt$Q^ 9 D$3 |$u9 D$ 3$ j %9 9 u& t6}u0M_eEP9 9 QM& uMW3_&P MM53@j W[%9 }& } M9 ueEP9 9 & toM9 MQMQ9 EPH& tDME& u89 ujXMf0 PM0 FE" MM0 3@MExMMl3t%U9 QeEPuL& t9 E& t9 MP3@3j1Q$0 M}uE9 u& t>9 ]& t7MMeEP9 9 u9 M& uM3$#URjjUR0 EFX9 h,tPQjYf0 & |}|3@3MMf0 Cy3@9 9 & tRt
Ansi based on Dropped File
(~WRD0000.doc)
9 rru9 N}t0+PVEP9 9 MPEPMEw9 Mt3F U9 Vu'Vu+9 EuhDVP+9 E^]U$! xjh^dP 30 & xSVWPEd0 e9 & x9 x9 x9 xe0 E9 & x9 0 EE~o& t3qee9 J9 0 E>n9 M9 4njhuVPW& 0 E& uY9 u& tP0 e}tu& }tu@$Y9 E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3[)]MM9 T$B9 J3[P)]M 1M9 T$B9 J3V[ )w]M8M8M89 T$B9 J3#[)D]MN]9 T$B9 J3[9 J3Z *]M!]M]M]M]M]M\M\M\M\M\9 T$B9 J39 ZD*\9 M59 M$L9 T$B9 J3ZZ*{\M" MM& 9 T$B9 J3'Z+H\9 MO9 Mgu9 MB9 T$B9 J3Y@+\9 MpO9 M.u9 T$B9 J3Yt+[MMMM9 T$B9 J3& Y+[M9 T$B9 J3bY+[9 MN9 T$B9 J3?Y,`[u_Yu_Y9 T$B9 J3YD,1[9 M N9 MPt9 M+9 T$B9 J3X ,ZuS_YuI_Yu?_Yu5_Y9 T$B9 J3 X,Zu_YMu^Yu^Yu^Y9 T$B9 J3IX,jZ9 My9 M(y9 MD0{9 Md x9 T$B9 J3XT-&Z9 Mxy9 M(59 MDz9 T$B9 J3W-YuH^Y9 T$B9 J3W-Y9 M9 M8"!z9 MXw9 Mtw9 Mw9 Mgz9 MYz9 T$B9 J39W-ZY9 Mc9 M8+z9 MX w9 Mt w9 Mxw9 My9 My9 T$B9 J3V<.XM}wu?]Y9 T$B9 J3~V.X9 T$B9 J3V/XMM-w9 T$B9 J3XV4/yX9 T$B9 J3=VR/^XMv9 T$B9 J3V/;XMJ{9 T$B9 J3U9 J3U/XM(M 9 T$B9 J3U0W9 T$B9 J3U9 `x3aUp0WMMMM9 T$B9 J3_U0 WMJ9MB99 T$B9 J34U0UWM|2M0gM+M+M +M@: +Ml8Mh8Md+M'MMMp*MXF2MS+MP62M9 T$B9 J3 T1VMG:9 T$B9 J3nT1VMM :M"!9 T$B9 J3;T1\V9 M_9 M h9 MZ9 ML9 M>9 T$B9 J3S 2V9 M}_9 M
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3z9 `<39 z|9 M" 9 M9 MPa9 Mta9 T$B9 J3Dze|9 MR" 9 M9 MP"!a9 Mt}a9 M]" 9 T$B9 J3y,|MaM"!a9 T$B9 J3y{u@ Yu6 Yu, Yu" Yu Y9 T$B9 J3wy{9 M@qS9 M\fS9 Mx[SMG9 T$B9 J33yT{uYuYu: Yu Yu! Yu}Y9 T$B9 J3x<zM9 T$B9 J3xz9 M@: 9 M\: 9 Mx: 9 T$B9 J3}x~zM9 9 T$B9 J3Zx
Ansi based on Dropped File
(~WRD0000.doc)
9 u& 0 9 0 & u 0 & 9 & & {X HHty+ &HH& a& 0 t0GPh& P& P3& t& `G& & & 0 & 19 0 & t<9 H& t5& 0 t"!+& 0 & PYp eRg}2itmnt$o& : & 0 taU9 70 & & tf9 & f0 9 & 0 & @&
Ansi based on Dropped File
(~WRD0000.doc)
9 u39u3A9 M0 ] RPM99 URhjURh,t0 ]9 P0 ]Q;R9] 9 M30 ]}& tr/9 & ~g3jZ0 ]Qm3Y0 E& ~F39 MWEP9 E9 P9 M0 DMEp 9 MjXf0 G;|MjYUR3URuf0 E}UR3FVjf9 E9 9 h,tuPQ& |0 u& ~#39 E9 D& tPKuuYu9 Ej,5?3SjEPE0 ];t9]tzEP9 E9 URP0 ]Qt;|I9]tDjuM_"!MEnEPEPMEMEWM]L 9 E9 PQEP9 E@V9 tCt:h|9 hjlGhSh ^VW9 9 & tP0R)'F,P9 9 9 F<& t
Ansi based on Dropped File
(~WRD0000.doc)
9 u3}h" V@@PN3jO 9 0 ujvQeN: N$EN4ENHEwNXEkNhE_9 END0 Fx9 E0 F|9 E0 9 n jO! 9 0 uNhE6NXE*NHEN4EN$ENEM9 PjO9 0 ujzPeNxN$E N4E! NHE{NXEoNhEc9 E& u!Fx!F|ND} 9 0 } 9 Hx0 Nx9 H|0 N|9 @D0 FD9 SjOl 9 0 uujOeNf4N(f,f09 j7P% 9 0 u9 }& t9 G3PjOe^9 x3E;uN(0 F,0 F0GGP9 *9 G(0 F(9 G,0 F,9 G00 F04t'h yY0 EE& tw49 }30 F49 g jeP 9 0 u9 N43@0 E& t9 Pf4NE
Ansi based on Dropped File
(~WRD0000.doc)
9 u9 M0 EEP 9 !E9 u9 MEP9 !E9 uEP9 9 }9 9 M# M6& & M}EPEPE P9 EF& UM~& & EEPEP9 9 FVPM\EPM[ tQhSj" :ME$ ME ME ME MM & M%9 p& uh~| & & |PEP9 E~& u$hSj:|E``V& |PEP9 y|E`MEb& MEV& MEJ& ME>& MM 2& 3@1h`hHSjx9h4Sjc93U9 VWh xHVj9 :99 ! R& t}t9EuhnuEP9 WwMEPM uh79 M|& u&9 Mh& uhVj83@hVj83_^U9 VuEP9 VvMEPM3 ^9 j "9 MzeEPu9 3& t)MH|& uEP9 |MM9 9 MM 3~jD9 r2hRMneEPM-nh\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 M9 F@,9 F9 @@,9 Fp9 RF9 y, d9 G9 @9 MWS@,C9 E>j`
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 ,9 F@ 9 F9 @@ 9 Fp9 F9 y d9 G9 @9 MWS@ H9 ECjD\9 r2hRM\meEPMlh\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 0 9 F@9 F9 @@9 Fp9 )F9 y d9 G9 @9 MWS@9 EU9 QVQ0 e0 eu9 ]9 ^jH0 M9 ] {t2hMkeEPMYkhEPE41M9 zt9 {9 C xt9 9 EH9 9;uv 9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u t9 9 9 9 9 xt0 9 E9 H9Yu} t9 9 G9 9 9 B xt0 Q\0 B9 0 ;Cu9 9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HKQP+YY {& & 9 ;ul9 F xu@VF^9 F xu}9 yu9 H yth9 H yu9 A9 MP@j9 F`NH9 MF9 @V@~ xu@VF79 xu9 H yu"9 yu@9 9 v9 M9 A;x& ?79 yu9 HA9 MP@9 `NH9 MF9 V@Gj9 S Y9 M9 A& vH0 Auuu9 E=jHV0 M9 ] {!t2hMUieEPMhhEPE4MD9 z!t9 {9 C x!t9 9 EH9 9;uv !9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u !t9 9 9 9 9 x!t0 9 E9 H9Yu} !t9 9 G9 9 9 B x!t0 Q\0 B9 0 ;Cu9 !9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HK Q PYY { & & 9 ;ul9 F x u@ VF 9 F x!u}9 y u9 H y th9 H y u9 A 9 MP@ $9 F`N H 9 MF 9 @V@ ~ x u@ VF 9 x!u9 H y u"9 y u@ 9 9 v9 M9 A;x& ?79 y u9 HA 9 MP@ `9 `N H 9 MF 9 V@ ! G j9 0SY9 M9 A& vH0 AuuuW9 EU9 9 EVu9 0 9 E0 F9 EN0 F5f`EF,F-9 ^]Vt$9 g49 ^U9 SVW9 9 G9 p9 E9 MFP9 D}E t9 69 v ~!tWSM }tL9 GW0MEPM t&uSjEP9 L9 9 9 E9 I0 0 H@2Mf9 uuN| tuSu9 E9 M0 0 p@_^[U9 SVW9 9 G9 p9 E9 MFP9 ||E t9 69 v ~tWSMQ }tL9 GW0M=EPM< t&uSjEP9 9 9 9 E9 I0 0 H@2M`9 uuN{ tuSu9 E9 M0 0 p@_^[U9 V9 ~uuvju9 Eg9 FSWV0M EPM t$9 E9 }P9 { Wu9 VvMWEPMV9 } t'9 F9 HWB{ 9 FWp9 j9 EP9 { t89 E0 E9 EM0 E 9 ]WKz t9 C x!W9 tSgug9 MWz tf9 EVv0 E9 EM0 EMEPM9 ] uCP9 z t$9 E9 H y!W9 tPjSju9 EWEP9 9 9 M0 9 @0 A9 _[^j;Z9 0 uQ0 e0 eu9e9 I9 j;%9 0 uQ0 e0 eue9 9 U9 QQV9 9 FV0MEPM t/VvMxEPM~ t9 u9 lOEPM{ u/SW9 }9 ]MlSWEP9 `EPMN t_[u9 uu9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^U9 QQV9 9 FV0MEPM t/VvMEPM t9 u9 rOEPM u/SW9 }9 ]MSWEP9 EPMT t_[u9 uu9 E^jd}jjSe9 YY0 u0 uE& tu9 uuuuA9 u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 89 F@ 9 F9 @@ 9 Fp9 \L9 z uA B 9 9 IA 9 9 p,;1u
Ansi based on Dropped File
(~WRD0000.doc)
9 VP3@ ^]9 L$I9 Au9 jP3V9 rf9 ^j+y9 0 u9 Fe& t9 PQfM9 P'j.B9 H~u%jPEY9 0 Me& t3M0 F9 !9 F& t9 PQ9 FVW9 39~tG9 9 _^V9 9 N& tc9 ^V9 l
Ansi based on Dropped File
(~WRD0000.doc)
9 VP3WSFPP
Ansi based on Dropped File
(~WRD0000.doc)
9 Vt$P& t9 WP9 _^j[&9 eEP7 9 EMM0 Fz9 jE}t@MW[uehX'h&h Mv_& u
Ansi based on Dropped File
(~WRD0000.doc)
9 X& t9 }t9 E`p9 S9 E~10 ]}EP9 E%PBYY& t`EjE]EY;J*3]EA9 EjpUjRQMQVpEP $& oEtM }t9 Map^[9 U9 =Tu9 EHw ]juYY]9 U9 9 MS3VW;t9 };w Ij^0 0SSSSS99 09 u;u9 `BF:tOu;uYIj"Y0 9 3_^[]W9 |$n$9 9 L$Wt` t=u9 9 ~3t9 A t# ttty
Ansi based on Dropped File
(~WRD0000.doc)
9 x0 E9t9 F0 E9 E^[U9 QQSV39 0 ]9^t=9 FWUR0 ]9 PQS h9 jZW Pu W0 E_9 F;t9 @;t
Ansi based on Dropped File
(~WRD0000.doc)
9 X0F}~D9 C9 E9 9 `9 [F& }& }u9]|0 ]9 }9 Wj0V }t9 E`p3_^[9 U9 , 30 E9 ESVW9 }j^VMQMQp0~+3;u%SSSSS0 0}9 Z9 E;vu3}- +9 uMQ9 MQP3}- P);tuESVu9 `9 M_^3[ q9 U9 0 30 E9 ESV9 uWj_WMQMQp0*3;ujSSSSS0 8}9 9 M;v9 EH0 E3}- <0u+EPuQW(;tX9 EH9ES|-;E}(:t
Ansi based on Dropped File
(~WRD0000.doc)
9 Y 9 0 $-& 9 U9 V9 uW3;t9}w OjYWWWWW9 0 "!9 3}f0 sOj"SEPP E"!jd[Mj/Xf0 F
Ansi based on Dropped File
(~WRD0000.doc)
9 }& t9 w& tjVe& tWuSV_^[jS;=F9 E3H HH H Ht[Ht0H& h\"@Y9 0 ME& 3h\?Y9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
9 }9 & t"9 QPu9 R$& & WuhWuh 9 }9 & t9 QPu9 R & ugWuhoWuhE9 E]0 E& t,EPu< 9 M9 E9 QPu9 SuR(& uuuWu_^[U9 V9 Vu0u,u(u$u uuuuuu 0 F& u
Ansi based on Dropped File
(~WRD0000.doc)
9 }e'EPu9 uu& uhLMm& u;h9 M=Ph|@Vj0 MM3@hxVjMM3" Rj 9 0 M39=@t30 }=9 ;tu9 uuu>0 EuXuuuh
Ansi based on Dropped File
(~WRD0000.doc)
93tRWh(M.;t@EDPexWh``9t[EDsxP:0E\=}\u7EDPexWh`9tEDsxP:h0ME3}`EDsxP:B0MD>hM0/t6EPMEP+uEPD:ME2M0E2EhEh;EXsh+thxf4Kx*up*u!hh74)P:ulTS2r0MM 23@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
94 TUBI->!D2! WJS g[`37V! ]% 5
Ansi based on Dropped File
(~WRD0000.doc)
94 TUBI->!D2WJSg[`37V]%5
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
99 3& tRWh(M.;t@EDP9 0 exWh``99 & t[EDsxP9 :9 0E\=}\u7EDP9 0 exWh`99 & tEDsxP9 :9 h0ME39 }`EDsxP9 9 :9 B0MD>hM0/& t6EP9 MEP+& uEP9 D:ME2M0E2Eh9 Eh;EX sh9 +& thx9 f4Kx*& up9 *& u!hh9 749 )P9 :9 ulTS9 9 R2r0MM 23@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9909T9u9 97:& ::::?;V;n;
Ansi based on Dropped File
(~WRD0000.doc)
9909T9u997:::::?;V;n;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9;:K:U:_:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9] tAPAP_^[]Ujuuuuuu]UESV3Cut]tS}YtEtjcYvEjAEY#tT=t7=t;ubM{LHM{,2MzMzxxE3tW}DEPQQ$xM]}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]~"9 M9 EI8t@;u9 E+H;E}@0 E ; & 0 ]9] u9 9 @0 E 9 5 39]$SSu" uPu 9 ; ~Cj3Xr7D?=wa9 ;tPbY;t0 E0 ]9] >Wuuuju & 9 5SSWuuu9 0 M; Et)9] ;MuuWuuu;~Ej3Xr9D=w"!9 ;tjPUaY;t9 3;tAuVWuuu& t"SS9]uSSuuuVSu 0 EVBmYu9m9 EYY0 ]0 ]9]u9 9 @0 E9] u9 9 @0 E u[XY0 Eu3!;E SSMQuPu yX0 E;t9 5 SSuPuu0 E;u3~=w8=w9 ;tP?`Y;t9 3;tuSWsCuWuuuu0 E;u3%uEuPWu uW9 0 u#uWlYuuuuuu 9 9]tu^Y9 E;t9EtP^Y9 e_^[9 M3Q29 U9 uMRu(Mu$u uuuuu( }t9 Map9 U9 QQ 30 ESV3W9 ;u:EP3FVhVR& t0 54Pxu
Ansi based on Dropped File
(~WRD0000.doc)
9]~"MEI8t@;uE+H;E}@E;]9] u@E 539]$SSuuPu ;~Cj3Xr7D?=w;tPbY;tE]9]>Wuuuju 5SSWuuuM;Et)9];MuuWuuu;~Ej3Xr9D=w;tjPUaY;t3;tAuVWuuut"SS9]uSSuuuVSu EVBmYu9mEYY]]9]u@E9] u@E u[XYEu3!;E SSMQuPu yXE;t5SSuPuuE;u3~=w8=w;tP?`Y;t3;tuSWsCuWuuuuE;u3%uEuPWu uWu#uWlYuuuuuu9]tu^YE;t9EtP^Ye_^[M3Q2UuMRu(Mu$u uuuuu( }tMapUQQ3ESV3W;u:EP3FVhVt54Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9A0 A0 AlV9 u9 ;W9 }0 E~9 A;R]Au]Eu]EEAuzEa0 X0 _^3V9 9|t9D$tjt$FPt$F^3V9 N^(WjdP~0W0 F0 F0 0 F0 F0 F0 F0 F ~jXHu_9 ^V9 9 FW3;t9 PQ0 ~9 N;t9 j0 ~9~t0 ~9 ;t9 PQ0 >9 F ;tPR v 0 ~ _^V9 9 & t9 PQ&^hl1 & uP83@U9 Q=|u2eEPhtjjhs,& & |9 E& t9 PQ3@3U9 W39=|u31Vq9>u%WEPVE0 }0 }0 }& t0 >33@^_U9 QQSV39 0 ]9^t=9 FWUR0 ]9 PQS h9 jXW Pu W0 E_9 F;t9 @;t
Ansi based on Dropped File
(~WRD0000.doc)
9AAAlVu;W}E~A;R]Au]Eu]EEAuzEaX_^3V9|t9D$tjt$FPt$F^3VN^(WjdP~0WFFFFFFF jXHu_^VFW3;tPQ~N;tj~9~t~;tPQ>F ;tPv ~ _^VtPQ&^hl1uP83@UQ=|u2eEPhtjjhs,|EtPQ3@3UW39=|u31Vq9>u%WEPVE}}}t>33@^_UQQSV3]9^t=FWUR]PQShjXWPuWE_F;t@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9Fr9 F9 & F9 N$F~rWv$NFQPv0 E& & !F9 F!} A9 MeMUCE9Er9 & 4#E9 NH9 P0 M0 Usm9 )E9 F9 N0 FujXB3 0 M!} 9 MeMUCE9 M9Urm9 & 4#MM9 m9 M)E9 F9 N9 9 U;! }u 9 F9 D39 V0 `AMu0 N9 F9 9F 9 FfWv$MQMQMQMQv9 AQPEE$0 E& & sWuuuuT& v0 Fw(W$YY9 Eu0 F 9 E0 F9 E0 G9 +WG9 E0 V0 F4& VeWv%9 G9 0 E9 F 0 E9 FYY9 N40 E9 F00 M;s+H9 F,+~0 E& &9 @9 Eu0 F 9 E0 FgjGNjuGM}uvw(W$YYuvw(W$9 EGM0 F 9 E0 F9 E0 G9 +jG9 EW0 V0 F4& } u9 EWV0 F49 N40 M9N0t'9 M0 N 9 M0 N9 M0 O9 +0 O9 M0 N4P*jUVVWXZZ
Ansi based on Dropped File
(~WRD0000.doc)
9FrFFN$F~rWv$NFQPvE!FF!}AMeMUCE9Er4#ENHPMUsm)EFNFujXB3M!}MeMUCEM9Urm4#MMmM)EFNU;}uFD3VAMuNF9FFfWv$MQMQMQMQvAQPEE$EsWuuuuTvFw(W$YYEuF EFEG+WGEVF4VeWv%GEF EFYYN4EF0M;s+HF,+~E&@EuF EFgjGNjuGM}uvw(W$YYuvw(W$EGMF EFEG+jGEWVF4}uEWVF4N4M9N0t'MN MNMO+OMN4P*jUVVWXZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9h:l:p:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9K:X:_:o:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9M}MkW\DE)vEuwdSUY]}}tj9YSUYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9M~39E9 jX_^j$}"Z+9 9 }& t$B;E 9 }0 _'h7%Y9 0 Me& tMA3M}0 & t u9 @uHQ9 }DPCEPv< 9 E
Ansi based on Dropped File
(~WRD0000.doc)
9UujX]9 M#f;ujf;uEu9Utj3]9 U9 UDz3a9 U3ukEu9Mt]]Au3@3eE tMeJEtVf!u^;t fEEQQQ$"QEQQ$9 E0 ]9 U9 Q: }E9 U9 Q}E9 U9 Q: }9 E9 M#M#E0 EmE9 U9 QQ`Mt
Ansi based on Dropped File
(~WRD0000.doc)
9UujX]M#f;ujf;uEu9Utj3]UUDz3U3ukEu9Mt]]Au3@3eEtMeJEtVf!u^;tfEEQQQ$"QEQQ$E]UQ}EUQ}EUQ}EM#M#EEmEUQQMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9Vy#&sJ03@D |<#L @dP& StiSwl0) #c&a@4) ?("!! lx(``ES &B`z=AD&*+'SL \C)]*m*8T&+$\50&
Ansi based on Dropped File
(~WRD0000.doc)
9Vy#&sJ03@D |<#L@dPtiwl0)#c&@4)?(!l(``E&B`z=AD&*+'L \C)]*m*8T&+$\50
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9}ht(h@M ?9}ht9 N9 Pp9 ;|~"MNMERM9 ENMiRMERMER9 N9 UREP$9 N9 9 URP9 MT#EPV3#9uXthM 3G;& R9uh& ME! " ME{" MEo" M Ec" MEW" MDEK" ME?" M4E3" MM'" 39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9}ht(h@M ?9}htNPp;|~"MNMEMENMiMEMENUREP$NURPMT#EPV3#9uXthM3G;9uhMEME{MEoM EcMEWMDEKME?M4E3MM'3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9}u3@O9 N;t9 PXh~2Y9 0 M0 };t`3vM9 0 F*9 NWWWvq39j%89 30 ]9^tMM3@89 N;t9 PX3CMM9 h1Y9 0 ME;t3MQ9 ]0 Fsv9 N! 9 NSSSvj,&79 9 N & tf 9 N& t2 MzeM& u9 NPMMz38V9 t$& tDW9 N9 & ~-S3& ~S9 M& t9 j9 C;|jWj9 S[9 j9 _^V9 ~ tt$9 N t$9 Pd9 N`^& t
Ansi based on Dropped File
(~WRD0000.doc)
9}u3@ON;tPXh~2YM};t`3vMF*NWWWvq39j%83]9^tMM3@8N;tPX3CMMh1YME;t3MQ]FsvNNSSSvj,&7N tf Nt2MzeMuNPMMz38Vt$tDWN~-S3~SMtjC;|jWjS[j_^V~ tt$N t$PdN`^t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
: :$:4:8:<:D:\:l:p:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :8:H:L:P:X:p:t:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :@:L:t:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :D:d:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: MH# PhPM] 9 MxEP/ME : ME9 : MHE: MEs: MEg: ME[: MEO: M EC: <E"M0]): MX0 u: 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
:$:,:4:<:D:L:T:\:d:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:$:D:L:X:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:,:<:@:P:T:d:h:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:0:8:@:H:T:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:0:L:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(;-;L;d;v;{;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:*\R,U&)4H(F 8DE!X%GJ"2.1O6
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:,:0:8:P:`:d:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:,:0:P:T:p:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:,:4:<:H:h:p:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:.:>:P:U:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:/::::;;#;C;j;p;v;|; ;;;@Xq3333%4b4x44445*5:5X5,6g89x999/:?::::;r;a;<==0>O>n>>?7???P"0700L11<2O2q2222/3U3e3333566>7s7777F8]888888
Ansi based on Dropped File
(~WRD0000.doc)
:/::::;;#;C;j;p;v;|;;;;@Xq3333%4b444445*5:5X5,6g89x999/:?::::;r;;<==0>O>n>>?7???P"0700L11<2O2q2222/3U3e3333566>7s7777F8]888888
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:0:8:@:\:d:l:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:2v/P+pA/M YdR'<9gqt |`r7S Clc|w\sY K$B'n-?4o<3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:3M&-uwjh<M/ud!Exg~Vuxt4MD+EPEwM+PKh<ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:4:<:D:L:T:\:h:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:4:B:X;;;4<}<<===>7>>>c???100012m2 2x2224(4E44555'535?5K5W5c5o5{5! 5 5x55555555 6 6657l777 8-8C8a8 8a888w9! 9R9 9999Q:t:y:" :::;;);.;y;R;;<<'<8<d<<<=/=F===t>>9????XK0 0021s1112233556i667D7}777T88(9& 99\::;;;<<<L==T>>? ?0<001+1I111T22B33(494`4" 4S444(5555L6n6: 6666G7S7\7a777778>8J8[8g8 8888~999:/:::;I;Z;! ;}; ;;;;;;<1<:<@<V<g<a=x======8>H>" >>>> ?;?m? Z1x1S111)2O2k2 29 222]3b3z3333\4a4444445! 5}5S55555&666@6a6f666666677,7>7e7r7z777778P8 8x888849F9a9l9~9 9999::9:D:l:z:;;5;v;~;" ;;;<G<L<w<& <<==B=G=R=: ====>.>V>f>: >>>>>I?T? ????00"0@0E0c0w0000E1i1n1R1111122
Ansi based on Dropped File
(~WRD0000.doc)
:4:B:X;;;4<}<<===>7>>>c???100012m222224(4E44555'535?5K5W5c5o5{5555555555566657l777 8-8C8a88888w9999999Q:t:y::::;;);.;y;;;<<'<8<d<<<=/=F===t>>9????XK00021s1112233556i667D7777T88(999\::;;;<<<L==T>>??0<001+1I111T22B33(494`44444(5555L6n66666G7S7\7777778>8J8[8g88888~999:/:::;I;Z;;;;;;;;;<1<:<@<V<g<=======8>H>>>>> ?;?m? Z1x1111)2O2k22222]3b3z3333\4a44444455555555&666@6a6f666666677,7>7e7r7z777778P88888849F9a9l9~99999::9:D:l:z:;;5;v;~;;;;<G<L<w<<<==B=G======>.>V>f>>>>>>I?T?????00"0@0E0c0w0000E1i1n11111122
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:9 3& M&-& uwjh<M/& ud!Ex9 g& ~Vux9 9 & t4MD+EP9 EwM+PKh<ME
Ansi based on Dropped File
(~WRD0000.doc)
:9:D:l:z:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
::1:A:[:& :g;;H<[<j<s<<<=d===??&?5?B?\?c?w??"!?????? 0!0;0O0 011,1@1h1=2F2x2 22213x3N5}5555556#696 6667x77798q8T9b9: 99999<:L:::;-;[; ;;<5<R<<?==[>b>?L?^?n?S???0
Ansi based on Dropped File
(~WRD0000.doc)
::1:A:[::g;;H<[<j<s<<<=d===??&?5?B?\?c?w????????0!0;0O0011,1@1h1=2F2x2222133N5}5555556#6966667x77798q8T9b999999<:L:::;-;[;;;<5<R<<?==[>b>?L?^?n????0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:\:b: :::::;";r;};! ;;;V=g=o=u=z= ===>>*>6>C>J>>>>?.?=?B?c?h?S??????????PL0
Ansi based on Dropped File
(~WRD0000.doc)
:\:b::::::;";r;};;;;V=g=o=u=z====>>*>6>C>J>>>>?.?=?B?c?h???????????PL0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:DX}'e }:H!w"TQ:eg& ,epE6` 0vXa& VX@uE X}@ *!A%zGp@7f! 0 9`p`|#`*H L6d X 0! <8$ 8" @*j# ! RXbFsOd/S 5%+L1& k& lbFx|b!h <$SDJ'C1fB kx! 1 *+F(SDK' &1 O!! $&
Ansi based on Dropped File
(~WRD0000.doc)
;$SSE(PM3;MbMH;hxgEL;u*MEM]MM(TM]TLuTMf;tv;~kML<`MLjh|h\NjMLVd;t>jWhlMPWE8PyjE8Ph`ElM8EETMKL9ETeu`MH3F_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;+Eu9 }"!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }9 5 NN9 "!9 0 EyJBjY+3B\& 0 M& & T& |& u@|f9 "!jY# yNFe3+BL& 9 1<;r;sE0 99 M& tL& 9 r3;rs3G0 19 Hy9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
;+Eu9 }"!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }9 5" NN9 "!9 0 EyJBjY+3B\& 0 M& & T& |& u@|f9 "!jY# yNFe3+BL& 9 1<;r;sE0 99 M& tL& 9 r3;rs3G0 19 Hy9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
;+Eu}yJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}5NNEyJBjY+3B\MT|u@|fjY#yNFe3+BL1<;r;sE9MtLr3;rs3G1HyM!E@}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;9}ul9 PP:Y0 _& & :9}thq& uFVSj54 9 & uV9St4VO Y& tvV? YS:30 :|& u{:9 PP+:0 Y9 9 U9 SV9 u9 F9 3 u@t99 FW9 >+& ~,WPV`YP;u9 F y0 FN _9 Ff0 ^9 []9 U9 V9 u& uV5Y/V|Y& tF@tV0 PJ YY3^]jhA 30 }0 }jtY0 }30 u;5`P98t^9 @tVPVx`YY3B0 UP9 9 Ht/9UuPJYtE9}utP/YuE0 }F 39 uP4V`YYE}9 Et9 Ej[sYjhB39uuV
Ansi based on Dropped File
(~WRD0000.doc)
;9}ulPP:Y_:9}thquFVSj54 uV9t4VO YtvV? Y:3:|u{:PP+:YUSVuF3u@t9FW>+~,WPVYP;uFyFN _Ff^[]UVuuV5Y/V|YtF@tVPJYY3^]jhA3}}jtY}3u;5`P98t^@tVPVYY3BUPHt/9UuPJYtE9}utP/YuE}F3uP4VYYE}EtEj[sYjhB39uuV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;GIF89a'!',i)Q2PP,:B&VkQ(m]NCP}9A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;GIF89a'!',i)QR2& PP,: B& VkQ(9 m]NCPR }9A
Ansi based on Dropped File
(~WRD0000.doc)
;MM:9 M"!ME~ME9 EPhM'2PVM)M9 EmMES& j,OeuEP3CM0 ]2& t9 MeEP@0 ]RM-1MEMEME9 EPhM|1PVM& u
Ansi based on Dropped File
(~WRD0000.doc)
;MM:MMEMEEPhM'2PVM)MEmMESj,OeuEP3CM]2tMeEP@]M-1MEMEMEEPhM|1PVMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;r;sE}0 _tfm@@M}GGEM}"!f& ~79 }& x+9 E9 Me9 0 E?0 Ef& f& Mf& }B9 EtE9 M9 }9 Um9 MH0 }0 Mu9EtfM 9 f9Mw9 M u4}u+e}uef9Muf0 EFfEEEf;r#33f9E0 E 0 EI 0 M;f9 Euf0 E9 E0 E9 E0 Ef0 u3f& eH% e0 EE9 U9 E9 }f0 t2& +3f0 f9EB" $
Ansi based on Dropped File
(~WRD0000.doc)
;r;sE}0 FtfE mM}9 EFFEM}}f& ~;E u-9 E9 Me9 0 E9 E0 Ef& f& Mf& }B9 EtE9 M9 u9 Um9 MH0 u0 Mu9EtfM 9 f9Mw9 M u4}u+e}uef9Muf0 EGfEEEf; 33f9E0 E 0 EI 0 M3;& {9 M?f; E30 U0 U0 U0 U9 U9 3## 9 4
Ansi based on Dropped File
(~WRD0000.doc)
;r;sE}_tfm@@M}GGEM}f~7}x+EMeE?EffMf}BEtEM}UmMH}Mu9EtfMf9MwMu4}u+e}uef9MufEFfEEEf;r#33f9EEEIM;fEufEEEEEfu3feH%eEEUE}ft2+3ff9EB$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;r;sE}FtfEmM}EFFEM}f~;Eu-EMeEEEffMf}BEtEMuUmMHuMu9EtfMf9MwMu4}u+e}uef9MufEGfEEEf;33f9EEEIM3;{M?f;E3UUUUU3##4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t1C6VP*Y_^VD$tV5*Y^VW|$u~;wPt3_^UQeQMEUQeQMEUQe,QMEVjD$FhU^VhU+D$tVq)Y^jBT(u=eNpUfff(jk(upUN3@EtPfNEM=(VD$tV(Y^UQe}VEPuUt}^f^FEF^UQe}VEPuUtc^L^FEF^je]tt$t$r3jG]tt$t$3|$Vu3#)jt$FYYH`3^VFtPvf^USVWuEPu3;SuE;SuP;ujF;tP;thuSPF:EPWv}$u=WuYFEYPQF;tHx;u3@'N;tj~vv~3_^[]VvxUq\D$tV[^U``Ujlt%uUeMU}"&UQeVEPvD\tFjF[tvMxUHp3^VU'D$tV%Y^V]D$tV%Y^jl$u~U;3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t3MEPh@Vh$9ShsMEMEMEM EMEMDEMEM4EMM3@wj$MutU~tOMXeMLNUREPMEPV#u"ME=MM139uMEPEPMEMMj.!j/YM3u;tuM)Vj83+=sCPhhjFM$euWM\MPMKMPM:EPjhMEEPEPEPjNPEMEEPMM#AVpWt$Ntv6~!t_^T$BV0r0~!uVrpI^;QuAJ;uABT$Vp2p~!uVrpI^;QuAJ;QuAPBAVpWt$Ntv6~t_^T$BV0r0~uVrpI^;QuAJ;uABT$Vp2p~uVrpI^;QuAJ;QuAPBSV39uF8X!t@F8X!t<^[8Y!uA8X!tNN;uF@8X!tN8Y!uF^[D$V&W|$Fu_^UEVuEFENFEF F!^]VND$tVY^jjj8eYYuuEtuuuuumCujYjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t9 9 3ME9 Ph@9 Vh$9 9Sh9 sME ME ME M E ME MDE ME M4E MM 3@wj$0 M9 u& tU~tOMX`eML`9 N9 UREP9 M9 EPV#u"ME= MM1 39u9 MEPEPM9 E MM 9 j.!9 j/Y9 0 M30 u;t0 9 uM9 )V9 j89 3& + 9 =sC9 9 PhhjFM$ e& u9 WM\: 9 M0 PMK: 9 M" 0 PM:: EPjh ME EPEPEPjNPEME EPMM# 9 AV9 pW9 t$N t9 v9 9 6 ~!t9 _^9 T$9 BV9 00 r9 0 ~!u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 B9 T$9 V9 p0 29 p ~!u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 B9 AV9 pW9 t$N t9 v9 9 6 ~t9 _^9 T$9 BV9 00 r9 0 ~u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 B9 T$9 V9 p0 29 p ~u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 BSV9 39u9 F8X!t9 @0 F8X!t<^[9 8Y!u9 9 A8X!t0 N9 N;u0 F9 @8X!t9 N8Y!u0 F^[9 D$V9 &W9 |$0 F& u9 9 0 _9 ^U9 9 EVu9 0 9 E0 F9 EN0 F`EF F!9 ^]V9 ND$tVY9 ^jjj8e9 YY0 u0 uE& tu9 uuuum9 CujYjj
Ansi based on Dropped File
(~WRD0000.doc)
;t9 EEP9 E9 URPEQ ;t(EP;t9 MMu9 n9 E9 PQu9 M wEP;t9 3CV9 9 L$n& t3t$9 L$l9 L$PlP9 f^|$V9 u3t$9 L$~lPt$9 ;^9 & t9 j9 T$9 30 H0 H0 P0 HjB9 0 uveY9 D$;Ar39 I9 9 D$;Ar39 I9 T$9 0 9 A9 T$;s"V9 t$;s9 A9 W9 :0 9 A0 <_^9 T$V9 9 F;r3"9 N+W 9 9PAPQN9 _^V9 9 F9 L$;rA9 VW
Ansi based on Dropped File
(~WRD0000.doc)
;tu9 ]9 }EPEPM 3;t,9 C+CMPu& `9 M9 E0 E9 E9 <9 EEVPuM9utxS9 MM0 9 M39D$tPjjP"V9 R0 0 $3@30 00 X0 },0 }L0 }P9 ^Vt$9 Lt9 ^Q9 L$~9 D$0 Pj}U-L9 30 ]9]$ 9]( 9 } & t 9 E+ESP9 E+EPuuvS |MPM hME 9~DtM
Ansi based on Dropped File
(~WRD0000.doc)
;tu]}EPEPM3;t,C+CMPuMEEE<EEVPuM9utMMM39D$tPjjP"VR $3@30X,LP^Vt$Lt^QL$D$Pj}U-L3]9]$9](} t E+ESPE+EPuuv|MPMhME9DtM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;u3PblUM0]&t3!VEPh\tj3Vhlt,t3^MWE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;u: 3PblU9 9 M0]&& t3!VEPh\tj3Vhlt,& & t3^9 MWE
Ansi based on Dropped File
(~WRD0000.doc)
;v+A;MXrEx3B4UXeUtU@XE0Ex0E@t0u<}0tELE%M$MJU$++|ElM0E 9EH$3EHM\*E%E|ED;rE$7;E`s=`M$+E`MhPM$Md<EDMHE<3+F;EXsM0U$y;EXr3Mu<3@3u33@u<H#E@;Lt+]L3FHN#u<;tuE@9U8/EHE,EHE;E49Ut}4tjjX3[_^PUQeVujjv(V EujXWSPEPuuujjjjuI(uFLtE8u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
< 2KG(*"Y;[!FAUS@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
</assembly>l*021R1X1111+262F2z2 2223s33_4x44& 55557788,9<999:=:k:~::;0;@;;;5<g<<<==? D0-0;0 0n1k2v22233(333E4U444M5S55C99:;u<????0X00 000z23(3S33334445S678S889t9:::L;<<==>a>n>>\?u????@)0T00 00000@1C222333}334424e4a444575R5" 55T6}6607J7U7 88*9b9 99K:X:_:o::;a;;#<`< <<:=O=: ==2>m>0 >>>>??P 000f11 111172]22i3x3}333"4=4T4s4444444F6777V8[88899::d::8;! ;;;.<5< <<=T===>>U>>>J?" ???`%0V12=2O2q22222!333333"!4~4,5A5U5u5! 5 55L66666677'737O7[7u77S77778]88*9n9z9 9999I:d:;;<Q<<<=\=m=x===='>o>>>?`????p 0]0|0051_11111
Ansi based on Dropped File
(~WRD0000.doc)
</assembly>l*021R1X1111+262F2z22223s33_4x4455557788,9<999:=:k:::;0;@;;;5<g<<<==? D0-0;00n1k2v22233(333E4U444M555C99:;u<????0X0000z23(333334445S678889t9:::L;<<==>a>n>>\?u????@)0T000000@1C222333}334424e4444575555T66607J7U788*9b999K:X:_:o::;a;;#<`<<<:=O===2>m>>>>>??P000f11111172]22i3x3333"4=4T4s4444444F6777V8[88899::d::8;;;;.<5<<<=T===>>U>>>J????`%0V12=2O2q22222!33333344,5A5U5u5555L66666677'737O7[7u7777778]88*9n9z99999I:d:;;<Q<<<=\=m====='>o>>>?`????p 0]0|0051_11111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</KEY_ID>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</LOCALE>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</script></head>); moveNextwindow.external.);
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</TRANSLATED_KEY>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</TRANSLATED_KEYS>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</trustInfo>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<0<c<<<<P===!>D>_>>>>?G?j???@x0B0m001t1111-2R2222313}333G445F555-6X66!7q777q8@99:;;<<<=m===>O>}>>>?+?N?q???P0I0w0<1i111122%3`334;4`44445A5d55555+66666-7^7777858h888949g9990:c:::;(;K;z;;;A<<<<Q===>2>M>p>>>>+?V??`@0O000(1K111 2S2223C3|334#4g4445P5s5556G6j6667f7778D8g8889w9999:Z::::-;X;{;;;;"<E<h<<<<<<<<<<<==="=.=9=?=J=P=[=a=l=r=}================>>>>'>->8>>>I>O>Z>`>k>q>|>>>>>>>>>>>>>>>>?
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<0<c<x<<<P===!>D>_> >>>?G?j???@x0B0m001t1 111-2R2& 222313}333G445F555-6X6a6!7q7S77q8@99:; ;<<<=m=~==>O>}>>>?+?N?q? ??PS0I0w0<1i1}11122%3`334;4`44445A5d55555+69 6666-7^7777858h888949g9 990:c:S::;(;K;z;;;A<& <<<Q===>2>M>p>>>>+?V??`@0O000(1K111 2S2223C3|334#4g4445P5s5556G6j6667f7778D8g8 889w9a999:Z:9 :::-;X;{;;;;"<E<h<"!<<<<<<<<<<==="=.=9=?=J=P=[=a=l=r=}==}= =x============>>>>'>->8>>>I>O>Z>`>k>q>|> >> >~>>>>>>>>>>>>?
Ansi based on Dropped File
(~WRD0000.doc)
<<1<C<U<g<y<9 <<<<??e??@,0u000-1`1::; <<<<<=6>?Px0012! 2s4 44444445555 5588.99x; ;;`<d<h<l<p<t<x<|< < <<="=o=>???????????????`h@5: 555b6w668 88*91999:[::$;R;p;;;;;;;;
Ansi based on Dropped File
(~WRD0000.doc)
<<1<C<U<g<y<<<<<??e??@,0u000-11::;<<<<<=6>?Px00122s4444444455555588.99x;;;`<d<h<l<p<t<x<|<<<<="=o=>???????????????`h@5555b6w66888*91999:[::$;R;p;;;;;;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<<<w< <R< <~<<<<3=Y=a=l=s======>>>>>>3?H?X?? ?????`0030:0^00000001131<1Y1W2223,3:3C3l3`333333%4Q4Z4l40 4: 44445,5 5566b66666667D7K7" 7777778M8 :::::7<<<=+= = =====O>_>d>|>?9 ?"!??p0!030M0b0l0~00000000142J2_23355555e66666667)7 77788(8.8i8888%9>9G99:
Ansi based on Dropped File
(~WRD0000.doc)
<<<w<<<<<<<<3=Y=a=l=s======>>>>>>3?H?X???????`0030:0^00000001131<1Y1W2223,3:3C3l3333333%4Q4Z4l4444445,55566b66666667D7K77777778M8:::::7<<<=+=======O>_>d>|>????p0!030M0b0l0~00000000142J2_23355555e66666667)777788(8.8i8888%9>9G99:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel> </requestedPrivileges> </security> </trustInfo></assembly>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<`<q<<<#=.=\=j=s==='>4>\>>>>?!?)?6?T?^?g?r??????j00%1R111R2Y222/3444"4'474f4t4445
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<`<q<<<#=.=\=j=s==='>4>\>}> >>?!?)?6?T?^?g?r?! ?}? ???j00%1R111R2Y222/3444"4'474f4t4445
Ansi based on Dropped File
(~WRD0000.doc)
<ALERT_XML><TYPE>ALERT_USAGE</TYPE><MESSAGE><VERSION></VERSION><TYPE></TYPE><DATA></DATA></MESSAGE></ALERT_XML>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<base href="file://%s" />
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<F<K<_</==>|>>,?1?U?Z?t????????pS00011111111Q222222233)313A3J33333333?4L4s4z4425y555555+6>6Q6i6666667=7\7v7778B8Q88888K9a9m9x99999999999:K::::::: ;1;H;;;;<G<s<}<<<<<<<#=7=J===
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<F<K<_</=}=>|>"!>,?1?U?Z?t? ?0 ?a?????pS00011 111111Q2& 2`2 222233)313A3J33333333?4L4s4z4425y59 5 5555+6>6Q6i6}6"!66667=7\7v7: 778B8Q8R8888K9a9m9x9 99a99999999:K: :::::: ;1;H;! ;;;<G<s<}<<<<<<<#=7=J===
Ansi based on Dropped File
(~WRD0000.doc)
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<script type="text/javascript">function
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<TRANSLATED_KEY>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<TRANSLATED_KEYS>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( p ~wp xf ! ]n} 0 2'
Ansi based on Dropped File
(~WRD0000.doc)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( ~n\&xm{ra0\v}r%7h'e;jbkrgp\]e!} jep\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( ~~a~Rn\ &xS mR9 S{ra 0}"!0 \"!v}ar %7h'ex& ;0 jbk rgp& \a]Se!! } jepa\
Ansi based on Dropped File
(~WRD0000.doc)
=0V uX_9 Mp^9 3[:Stj0,9X9 }3;u39 u9 9uS9 f#ujjEP9 QjjEP9 0 ]?jjEP9 E,jSMEgP= jSM0 EPP& jSM0 E9P MMM0 EM]SMM3@ XhR9WD 3D0 urD;uM3PXVuR;uMD9 VuDu=9 j[3W3M0 uUP uMM9 WtPM#P 9 3FjVu9 EeVM9 `WU9 (VWjEPj9 Y3}EPRE(9 Eu9 _^9 U9 SVWujj9 }9 59 SWju0 EuW uuW uWS_^[]9 D$& t9 H9 ;}0 0 PU9 }V9 t uu< & t}t
Ansi based on Dropped File
(~WRD0000.doc)
=0VuX_Mp^3[:Stj0,9X}3;u3u9uSf#ujjEPQjjEP]?jjEPE,jSMEgP=jSMEPP&jSME9PMMMEM]MM3@XhR9WD 3DurD;uM3PXVu;uMDVuDu=j[3W3MuUPuMMWtPM#P3FjVuEeVMWU(VWjEPjY3}EPRE(Eu_^USVWujj}5SWjuEuWuuWuWS_^[]D$tH;}PU}Vt uu<t}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=;}$k~\d9=B;|]~d=uFd^=uFdN=uFd>=uFd.=uFd=uFd=uFdvdjY~d`QEYF`[_^Ucsm9Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=[;V)MY-NSPI T*AD(^H
Ansi based on Dropped File
(~WRD0000.doc)
=[;V)MY-NSPIT*AD(^H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=t& u$t f0 5x T 5P& 5h5X5H58;M& teh 5 YP tHhj9 9 YY& t4V5P 5_Y& tjVyYYDN0 3@$3_^9 U9 VW3u9 Y& u'9vV| ;v9 u9 _^]9 U9 VW3juul9 & u'9vV| ;v9 u9 _^]9 U9 VW3uu9 YY& u,9Et'9vV| ;v9 u9 _^]jh C39 ]3;" ;uWWWWW S=|u8jMY0 }SEMY0 E;t9 s0 u9 uE%9}uSW54 9 9 39 ]9 ujKY9 U9 WW| u0`w& t_]9 U9 eu5X dh]9 U9 hXW0& thHWP<& tu]9 U9 uYujLYj<KY9 U9 V9 9 & t;ur^]9 U9 V9 u3& u9 & t;ur^]9 U9 = Vth V!Y& t
Ansi based on Dropped File
(~WRD0000.doc)
=t33@9 e% eUEeU89 U9 30 E9 ESV3WEN@0 00 p0 p9u F9 9 X9 }9 <9 H9 0 }9 e9 9 ]<0 00 P0 H;r;sE30 89]tr;rs3C0 p& tA0 H9 H9 U3;r;s3F0 X& t@9 MHe?9 <9 P9 9 U0 0 x0 X40 U;r;sE}0 0tO3;rs3B0 H& tC0 XME}! 3&9 H9 0 P9 9 E0 H0 9pt & Xu09 09 xE9 0 04?9 H9 0 p0 H& tf9 Mf0 H
Ansi based on Dropped File
(~WRD0000.doc)
=t33@9 eeE9 Ej9 U9 3S0 E0 E0 ESSX9 5 PSZ+tQ30 E0 ]0 U0 M0 U0 E[Et\& t3@3["!39 U9 VuM3: 9 uPeFPo& YuPYxuFF9 M9 0 9 ``F```F u^8Mt9 E`p9 U9 VuMa9 E`9 u t9 9 `:t@` u`@ t6 et Et@` u9 H 80t9 }9 S`:[uH`
Ansi based on Dropped File
(~WRD0000.doc)
=t33@e%eUEeU8U3EESV3WEN@0pp9uFX}<H}e]<0PH;r;sE389]tr;rs3CptAHHU3;r;s3FXt@MHe?<PUxX4U;r;sE}0tO3;rs3BHtCXME}3&HPEH9ptXu00xE04?HpHtfMfH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=t33@eeEEjU3SEEESX5 PZ+tQ3E]UMUE[Et\t3@3[3UVuM3uPeFPoYuPYxuFFMFFu^8MtE`pUVuMEut:t@u@t6etEt@uH80tS:[uH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=tu$tf5xT5P5h5X5H58;Mteh5YPtHhjYYt4V5P5_YtjVyYYDN3@$3_^UVW3uYu'9vV|;vu_^]UVW3juulu'9vV|;vu_^]UVW3uuYYu,9Et'9vV|;vu_^]jh C3]3;;uWWWWWS=|u8jMY}SEMYE;tsuuE%9}uSW543]ujKYUWW|u0`wt_]Ueu5Xdh]UhXW0thHWP<tu]UuYujLYj<KYUVt;ur^]UVu3ut;ur^]U=VthV!Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=|PvFjtCvv9N tWtN WPN`tWtN`WP_^jh3EjHt\HM?veEPMEePEMEsMMv~t3@NtPXh,YMEtf3vMF0Njjjvt:MuME3QMMMfu32jhX139^`NM)u]3}M]KEPMER;,PMPjhhM%EPEPMEMME)MMEM6FdM;twEPyu3j .+YME;tjv3PS5(v-h*YME;tWEPEP3F`ME8MEhM]&>MMs[1j.v0f`6j {*YMetjTu3Pj5(v1j('03]9]tEMj5M]EPMEIM]j59]t!MoEPMEE"MNEPMEEEEteM?E]tM.MM5,0VD$tVF0Y^D$Vt6y@u0I t%pt"vVRVp9V0Y33@^I Vt'D$pu3@Vp8V/Y3^VN`tjvjv*^j\.}u~MqeMRuVW/YMj5MEEPMEKMEtV/Y"ME~ENURPNPleEPMD4PMMt9NEMUMPSMtjejj'YEEtNPtMPEP3PMEEPS}`u}tVEO`tVAuV-YMEMEMM)p-D$Vt"~@u@N$PRtP33@^j)t,ME3;9Y@x;9Y9Yh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>0 uf93u >jEPh C PuWS0 EE9 Eu(Y9 U9 j@uu(]=H C \$9 D$% = u<$f9 $ffd$& ~D$f(Vf(f(fs4f~fTVfftL=|}f=2fL$D$f.{$0 T$9 0 T$0 T$0 $ D$~D$ff(f=|%=2fTVXfL$D$VfVfTVf\$D$jhAK9 ]& uurY9 u& uS Y=|& 30 }! `j wY0 }SwY0 E; ~;5lwIVSP|& t0 ]5V\Y0 E;t'9 CH;r9 PSuIS[w0 ESPw9}uH;u3F0 u0 uVW54$ 0 E;t 9 CH;r9 PSuSu4wE.}u1& uF0 uVSj54 9 9 u9 ]juY9 }& & 9=St,V Y& &
Ansi based on Dropped File
(~WRD0000.doc)
>>" ?%?-?" 4P?" ps?" S ?~??" " (?????@tP" `@ @(@K@S@" v@@R@ @" " \@@@@@@@A" (A0A8ACAKAUA}A" AA" AA" PABB" 6B" [BcBkB" }B B~B" (BBB" dB" C" :CSC[CcC" C}C" <CCCC" p" DCD%D-D" $XDPDqDyDD0 D D"!DD" DDDDDDE$E,E" " OEhEpExE EEEEE" `@R" SEEEFFF6F>F" aFiFqF{F" H" FFFFFFFFG" *G2G:GBGJGzG G" D" SGGGGG"
Ansi based on Dropped File
(~WRD0000.doc)
>>"?%?-?"4P?"ps?"???""(?????@tP"`@ @(@K@S@"v@@@@""\@@@@@@@A"(A0A8ACAKAUA}A"AA"AA"PABB"6B"[BcBkB"BBB"(BBB"dB"C":CSC[CcC"CC"<CCCC"p"DCD%D-D"$XDPDqDyDDDDDD"DDDDDDE$E,E"" OEhEpExEEEEEE"`@"EEEFFF6F>F"aFiFqF{F"H"FFFFFFFFG"*G2G:GBGJGzGG"D"GGGGG"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>>:>@>\>t>>?7?A?y??????? 00 0.090@0[0`0h0n0u0{000000000000000000111#1(13181E1S1Y1f1111111'202<2u2~22223$3Q3Z333333394A4T4_4d4t4~4444444444
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>>:>@>\>t>a>?7?A?y??????? 00 0.090@0[0`0h0n0u0{0 000 0S0000000000000111#1(13181E1S1Y1f1 1R11111'202<2u2~2`2223$3Q3Z3! 33333394A4T4_4d4t4~4& 44"!4444444
Ansi based on Dropped File
(~WRD0000.doc)
>faarheeUSE SYSTEM CHARSETB)$Bxxwm "EB m_WM_MESAGE_FROM_STATIC_BUTTONCRYPMSCF$\%''4'A'X'FDIDestroyFDIIsCabinetFDICopyFDICreateCabinet.dllincompatible versionbuffer errorinsufficient memorydata errorstream errorfile errorstream endneed dictionary`4T4H484,4443?? unzip 0.15 Copyright 1998 Gilles Vollant `PTsRp0P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>U9 V9 v& u32EPv@ & t9 E& t9 M+M0 9 E& t9 M+M0 3@^9 D$Pq0 jXf<9 ~xu3P 9 0 ePe9 0 ejh|9 *9 NxM4=V9 : D$tVP=Y9 ^U9 QV9 }{& &
Ansi based on Dropped File
(~WRD0000.doc)
>uf93u >jEPhCPuWSEEEu(YUj@uu(]=HC\$D$%=u<$f$ffd$~D$f(Vf(f(fs4f~fTVfftL=|}f=2fL$D$f.{$T$T$T$$D$~D$ff(f=|%=2fTVXfL$D$VfVfTVf\$D$jhAK]uurYuuSY=|3}jwY}SwYE;;5lwIVSP|t]5V\YE;t'CH;rPSuIS[wESPw9}uH;u3FuuVW54$E;t CH;rPSuSu4wE.}u1uFuVSj54 u]juY}9=t,V Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>UVvu32EPv@tEtM+MEtM+M3@^D$Pq0jXf<~xu3PePeejh|*NxM4=VD$tVP=Y^UQV{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>Y>}>>>>>?)???0.0@0Z0x00"11111I45:6J6Q6X6_6f6m6t6{66666666677N7}7778I8|888989?9F9M9T9[9b9i9p9w9~999999:6:2;a;;P<r<<<==2>p>>>>>>0?T?????x(0=0L0c0w0000B1G1S1X1d1 2<2A2j2222233-4Z444444455I66677P78889^99R:;<W<w<<x==%?@???;0K000001I1e11111222444^5g5m556
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>Y>}>}>"!>>>?)???0.0@0Z0x00"11111I45:6J6Q6X6_6f6m6t6{6 60 66 6666677N7}7778I8|888989?9F9M9T9[9b9i9p9w9~9& 99"!999:6:2;a;;P<r< <<==2>p>>" >>>>0?T? ????x(0=0L0c0w0! 0"!00B1G1S1X1d1 2<2A2j2222233-4Z4`44444455I66677P780 889^99R:;<W<w<<x==%?@???;0K0`00001I1e1! 11112224`44^5g5m556
Ansi based on Dropped File
(~WRD0000.doc)
>~faarheeUSE SYSTEM CHARSETB ) $B xxwm "!"EB m_WM_MESAGE_FROM_STATIC_BUTTONCRYPMSCF$\%''4'A'X'FDIDestroyFDIIsCabinetFDICopyFDICreateCabinet.dllincompatible versionbuffer errorinsufficient memorydata errorstream errorfile errorstream endneed dictionary`4T4~H484,4443~?? unzip 0.15 Copyright 1998 Gilles Vollant `PTsRp0P
Ansi based on Dropped File
(~WRD0000.doc)
??0???z?0 ???? 0J0Z001p11112223+3m3364U4l40 445/5A5L5f5 566)666z778M9T9a9g9t99P:v:|:0 : :a:x:::6;U;_;& ; ;;+=/=3=7=;=?=C=G=K=]>w>>i??0/0_0}011b1 112q2222333$373S3344F4R4" 44445$585F5d556_6x6666677=7! 778'8v8 8R8888h9x999994:D:X: :;%;F;K;e;;;;;U<<<=A=" ===>^>>?Z? R4011W1i11112+2o2& 222393^3304F4 4" 55.67)7f778 88889999Q:]:::::.;;;;E<<<<<<.= ===%> >>>>>>6?0d0000 1'1:1l11N2233!3n33744:555Z67Y8999999
Ansi based on Dropped File
(~WRD0000.doc)
??0???z?????0J0Z001p11112223+3m3364U4l4445/5A5L5f5566)666z778M9T9a9g9t99P:v:|:::::::6;U;_;;;;+=/=3=7=;=?=C=G=K=]>w>>i??0/0_0011b1112q2222333$373S3344F4R444445$585F5d556_6x6666677=7778'8v888888h9x999994:D:X::;%;F;K;e;;;;;U<<<=A====>^>>?Z? 4011W1i11112+2o2222393^3304F4455.67)7f77888889999Q:]:::::.;;;;E<<<<<<.====%>>>>>>>6?0d0000 1'1:1l11N2233!3n33744:555Z67Y8999999
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
???&?,?7?=?H?P?U?_?k?v?|?! ???~??????????pt0000%0+060<0G0M0X0^0i0o0z0 09 0 0S0000000000001111$1*151;1F1L1W1]1h1n1y11`11: 1111111111112222#2)242:2E2K2V2\2g2m2x2~20 22a2222222222223333"3(33393C3O3Z3`3j3v33! 3 33333333333334
Ansi based on Dropped File
(~WRD0000.doc)
???&?,?7?=?H?P?U?_?k?v?|??????????????pt0000%0+060<0G0M0X0^0i0o0z00000000000000001111$1*151;1F1L1W1]1h1n1y11111111111111112222#2)242:2E2K2V2\2g2m2x2~2222222222222223333"3(33393C3O3Z3`3j3v33333333333333334
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
???0T0+7C7~7777&848B8O8]8 8: 88839j99:.;a;
Ansi based on Dropped File
(~WRD0000.doc)
?j,Qu40T & t9 & ,@0 & 8P0 & @8ul@t-j^9@u''0 0?@'Y19 (9 D@t9 & 4 8u3$'' 9 & 8+& 0_[9 M3^RjhPB?9 Euo' T'3;|; r!F'0 8,'WWWWW9 9 9 L1tP}Y0 }9 D0tuuu.0 E&&0 8ME9 Eu6Y9 U9 V9 uWV
Ansi based on Dropped File
(~WRD0000.doc)
?j,Qu40Tt,@8P@8ul@t-j^9@u''0?@'Y1(D@t48u3$'' 8+0_[M3^RjhPB?Euo' T'3;|;r!F'8,'WWWWWL1tPY}D0tuuu.E&&8MEEu6YUVuWV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?kkkkkkkf/$&c.kkkkkkHT1PG`8kkkkk%DQ;, )_9kkkk95^2:`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ & Aft#x }u}jPuujxu9 #! rXxtR99u2yr,9Yv'9 Q9 R& tu$Vu uPuuuQ u uu$PuuuQ 3@_^[]jhD9 @x& te3@9 eEM9 @|& tjhD5Y& te3@9 eE}h3lYU9 SQ9 E0 E9 EUu9 M9 m}sVW_^9 ]9 MU9 uQ[s]Y[9 U9 9 E3; tA-rHwj
Ansi based on Dropped File
(~WRD0000.doc)
@ 8~ )9 f8& fx& jpM]Q9 3f9X0 ]" 0 MM ME"KEPE9 0 ePEaTM =M ;0 E0 ]~uuMK9 ;tYMJEPVM E!M[9 3;~$VMJ;t39] QPM `F;|MEPE9 E;E|9 9]uEPM [MEOM ]0MM J3W j-a9 0 ueNif8f<9 Mj-h9 0 u9 F<e& tPf<NAM9
Ansi based on Dropped File
(~WRD0000.doc)
@ 9 U9 SVW: }9 ]3tjZttt tt9 #t$=t=t;u#tut9 }9 M9 ##0 E; 9
Ansi based on Dropped File
(~WRD0000.doc)
@ Aft#x}u}jPuujxu#!rXxtR99u2yr,9Yv'QRtu$Vu uPuuuQ u uu$PuuuQ 3@_^[]jhD@xte3@eEM@|tjhD5Yte3@eE}h3lYUSQEEEUuMm}sVW_^]MUuQ[s]Y[UE3;tA-rHwj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ d~tW 9 39 f9uB|jpML9 ejpMLME0 ?& t!W MEFMMF9 & EPEP9 3V9 FNtFh>fF"!9 ^V9 D$tVY9 ^U9 9 Ewy$& u 9 Mju9 M2]u 9 MzPu9 MCu9 M 6u9 M)9 M@u9 Mu9 M'@ ]$9 q~9 Vh9 ``9 D$ff0 F9 ^V9 |`D$tVY9 ^Vh9 `9 D$ff0 F9 ^V9 2`D$tVxY9 ^Vh9 0 9 D$ff0 F9 ^9 AV9 0 D$tV*Y9 ^j*.
Ansi based on Dropped File
(~WRD0000.doc)
@ h ( #g@ iX mp { | } ~ 0 0 " H ` x "! a : S ~ x8 P h ( @ X p z0 H ` }x 0@P`p 0@P`p 0@P`p
Ansi based on Dropped File
(~WRD0000.doc)
@ JV9 uh,sV sYY& t9 E& HhRsVnsYY& t9 E& HhlsVJsYY& t9 E& Hh\sV&sYY& uhsVsYY& t9 E& H}hSsVrYY& t9 E& ttHqhLsVrYY& t9 E0 [hsVrYY& t9 E& t?H<hsVxrYY& t9 E& t"H$hrV rYY& t9 E& tH 30 9 PQ3
Ansi based on Dropped File
(~WRD0000.doc)
@ ~& 9 39 f9& 9Y B|WpMN9 WpM0 ]N9 Wp(MEMME"!@& umM@& ua9 uEPEP9 M0 ]M?9 60 EjEPM7?PuM9 EGM]GM0 }G9 'ME GM]RGM0 }GW j .x9 9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
@& D@& DDr9 & H+j& ,PS& HP9 4T & B9 & ,& 8;R:9 & <+& 4;E L 0 & D & 9M M9 (9 D<+4& H;MsF9 " D& DAAf
Ansi based on Dropped File
(~WRD0000.doc)
@8u@8u+@P0 E9 Y;uVEuVW~V9 _^[9 VW9 ;s9 & t;r_^9 VW9 ;s9 & t;r_^9 U9 39Ej hP4& u]3@|]=|uWS39dW9 =L ~3V9 5hh jv6j54C;d|^5hj54_[54%49 U9 eeSWN@;t
Ansi based on Dropped File
(~WRD0000.doc)
@8u@8u+@PEY;uVEuVW~V_^[VW;st;r_^VW;st;r_^U39EjhP4u]3@|]=|uWS39dW=L~3V5hhjv6j54C;d|^5hj54_[54%4UeeSWN@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@8~)f8fxjpM]Q3f9X]MMME"KEPEePETM =M;E]~uuMK;tYMJEPVME!M[3;~$VMJ;t39]QPMF;|MEPEE;E|9]uEPM[MEOM]0MMJ3Wj-ueNif8f<Mj-huF<etPf<NAM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@9 tI?uDhM7& u3EPMh MEEM& tjME^MERMMF9 N"j#Xg!9 EM0 EzueM#& u9 uMM'9 "MV& tMQu9 j0|%!9 9 EHw?}t9MpeEuP9 9 |& uMM 3`!MP9 MQMQ9 EPT& u/}tMEG9 uEP9 9 & tM& ujh@M}Ev,9 uEP9 9 & uME 9 MQMQ9 PLM9 EMEMM9 j VX9 u9 & & M2zeVM{& EP9 0EPME{M& j/j\%M HPM5f/t
Ansi based on Dropped File
(~WRD0000.doc)
@:^/2B(.|uBV|j3B"_3B&)2B21ECA;GIF89a$!,$`$$Uq,#%;GIF89aR!,R6#zU%gN!'KOQD@h2biXX~;GIF89a/$zyzz{yzzzzyz{y{{{}~z~yyzzy!,/$@*\#FO&#DBIRhP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@:^/R2B(.|uBV|j3B" _3B&)R2B 21ECA;GIF89a$ !,$` " $$Uq,#R%;GIF89aR!,R6#zU%SgN!' KOQRD0 }` @h2: biXX~`;GIF89a/$ z " "!yz9 z { yz SzS~9 "!: ~zSzyz{~y{{{}~ z& & ~ y}" yz : " zy!,/$@*\ ! #FRO &#DB`IR hP!
Ansi based on Dropped File
(~WRD0000.doc)
@@AAL$u3f;@9 D$Pt$9 D$Pt$u9 D$Pt$9 D$Pt$U9 uuuu9 E]U9 uuuu9 E]U9 uuuu9 E]U9 uuuug9 E]jQ=9 0 uN9 "eN"N$E"N4E"NDEY}9 jQ9 0 u9 NDE/N4E{+N$Eo+NEc+MNW+ajdS|9 39]u
Ansi based on Dropped File
(~WRD0000.doc)
@@AAL$u3f;@D$Pt$D$Pt$uD$Pt$D$Pt$UuuuuE]UuuuuE]UuuuuE]UuuuugE]jQ=uN"eN"N$E"N4E"NDEYjQuNDE/N4E{+N$Eo+NEc+MNW+ajd|39]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@@t%PjV ^hP0h$P<& uh{9eS9 u9 }3hPf0 & & P]h& PVjh@Xe& P
Ansi based on Dropped File
(~WRD0000.doc)
@@t%Pjv@ ^VqW9 `9 & ~,S3& ~S9 & tPh C;|jWj9 [_^D$Vjjjj9 PvHd & tPN^9 D$-t+Ht!HtHt
Ansi based on Dropped File
(~WRD0000.doc)
@@t%Pjv@^VqW~,S3~StPhC;|jWj[_^D$VjjjjPvHdtPN^D$-t+Ht!HtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@@t%PjV^hP0h$P<uh{9eSu}3hPfP]hPVjh@XeP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@B u }^t9 E`p9 U9 9 EAz3@]3]9 U9 QQ}uutEPQo9 M9 E0 9 M0 HEPo9 E9 M0 9 U9 juuu]9 V9 & tVU@PVV: ^9 U9 jueYY]9 U9 juYY]9 U9 SVWuM9 }"!3;u+
Ansi based on Dropped File
(~WRD0000.doc)
@B:tOtMu9]u;u9 }u9 EjP\Xx06j"Y0 9 9 U9 QeS9 ]& u3aWru{& vn9 M9 E` tR:QuM`P t<:Qu7`P t&:Qu!`P t:QuE9}r?@IF@I<@I2@I(9 M9 E` t:u@AE9]r3_[+9 U9 9 UV9 ujX0 E0 U;uY5 >5S3;|;5 r'/50 5SSSSSQ9 W<& 9 `Hu40 4jwP0 ]; & 9]t7`@$EHjYtHu9 t0 U9 E0 E9 u!}40 c4SSSSS49 0 M;r0 EuK!Y0 E;u+434hjSSu9 0 D(9 E0 T,9 AHtt`I
Ansi based on Dropped File
(~WRD0000.doc)
@B:tOtMu9]u;u}uEjP\Xx06j"YUQeS]u3Wru{vnMEtR:QuMPt<:Qu7Pt&:Qu!Pt:QuE9}r?@IF@I<@I2@I(MEt:u@AE9]r3_[+UUVujXEU;uY5 >5S3;|;5r'/55SSSSSQW<Hu44jwP];9]t7@$EHjYtHutUEEu!}4c4SSSSS4M;rEuK!YE;u+434hjSSuD(ET,AHttI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Bu}^tE`pUEAz3@]3]UQQ}uutEPQoMEMHEPoEMUjuuu]VtVU@PVV:^UjueYY]UjuYY]USVWuM}3;u+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@D@DDrH+j,PSHP4TB,8;:<+4;EL D9MM(D<+4H;MsFDDAAf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@d~tW3f9uB|jpMLejpMLME?t!WMEFMMFEPEP3VFNtFh>fF^VD$tVY^UEwy$u MjuM2]u MzPuMCuM6uM)M@uMuM'@]$q~Vh`D$ffF^V|D$tVY^VhD$ffF^V2D$tVxY^VhD$ffF^AVD$tV*Y^j*.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@F^]Uf9MSuMTMQ3;uEHfw aVf9u^s)EPju-Et9MfqMjQjMQPREP EtE8]tMap[Uju<YY]Uf9MSuMEH3;uEHfwaf9Us)EPjuiEt=MfpEjPjEPhQEP EtE8]tMap[Uju<YY]USV33W9u];u"]]VVVVV};tuME9pu?fArfZw fArfZw CCGGMtBft=f;t6EPPEPPCCGGMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@h(#g@iXmp{|}~0H`x 8Ph(@Xpz0H`x 0@P`p 0@P`p 0@P`p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@j%?9 0 ute_9 FD& t4eMQP$& t}ujvDHvDXfDMNY?S9 V9 9 F<W3;tP& tv<Wv,WWWWWWWh~hW P0 F<& t9 = Vjv<h%xjv<3@_^[jlEM>hw(IY3S0 ]8& ;uE9 M;t[MrEPM0 ]MEjjEPEPME0 ]D9 5( 9 = 0 E0 E}t{EPjSSSEP& uhjSEPj t9 uv<& t=Sh5(v<9 5 }tEPESSSEP& uuTuX9]t<& MEM]MMy 3=V9 D$tV=Y9 ^ji<9 FPMW39F0u#9 M0 N,N4QPVh{PP(F00 FDMMW3@f=j<9 0 u^$9 ~S3ND0 }SME0 ~`0 ~d0 ~0 ~0 ~ 0 ~0 ~ME0 F9 j9 0 ~@PND9 jPjX'6Y0 EE;t9 N3M0 FEi9 <V9 9 N& t;h 9 9 Nh , 9 Nh 9 Nh 9 Njdc^jd;0 MMeM~EPMEM0e0 E& uEPMLjEN5Y0 EE& tMQ9 9 3E& t59 & u9 }D9 7SM& P9 9 9 j9 MEaE9 E;E qME#~MM};VW9 |$9 ;~u3@)~ t9 N 9 W& u9 N`& t
Ansi based on Dropped File
(~WRD0000.doc)
@j%?ute_FDt4eMQP$t}ujvDHvDXfDMNY?SVF<W3;tPtv<Wv,WWWWWWWhhWPF<t=Vjv<h%xjv<3@_^[jlEM>hw(IY3S]8;uEM;t[MrEPM]MEjjEPEPME]D5(=EE}t{EPjSSSEPuhjSEPjtuv<t=Sh5(v<5}tEPESSSEPuuTuX9]t<MEM]MMy3=VD$tV=Y^ji<FPMW39F0u#MN,N4QPVh{PP(F0FDMMW3@f=j<u^$S3ND}SME~`~d~~~ ~~MEFj~@PNDjPjX'6YEE;tN3MFEi<VNt;h9Nh,NhNhNjdc^jd;MMeM~EPMEM0eEuEPMLjEN5YEEtMQ3Et5u}D7SMPjMEEE;EqME#~MM};VW|$;~u3@)~ tN WuN`t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@M E8M0 hM@|5& t5EP9 ME?1& uE^xP9 4@9 5M>hM@65& t6EP9 ME0& uEP}?MEU8M@0 }J8Ep9 Ep;E\ ^h9 0& thx9 :Nx~0& uN9 0& u!~hh9 99 Q/P9 ?9 ]dTV9 9 6}2s& t9 j9 E`9 E`;EP 33@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
@ME8M0hM@|5t5EPME?1uE^xP4@5M>hM@65t6EPME0uEP?MEU8M@}J8EpEp;E\^h0thx:Nx0uN0u!hh9Q/P?]dTV62stjE`E`;EP33@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@PR,WUVu~wW3@3f8UURP0|}It3f^]UVu~wW3@3f8UURP4|}It3f^]UQQES3V;9^@u9^DURP]QHE;URhr]P9]9^@tCWjY;tX3WhrutWND/;tWY_9^DtYE;F<uQ9^(uLhhpjQEUR]P|!9]tF$PhruEPQEPQEPQ^[UQ}u3eVuW3uq<tk9}u,MQVP|uf}tQMQV|}u:MQVPH|,Et%uhrPu3GEtPQ3_^UQy<tA<URP|E3UQVuEj3Pu'tBE;t;URuP|9utuMFuEPQ3^UQQVW39}to9y<tjA<UR}}PQH;|QE;tURhrPE;tPQ;|)E;t"uVPQ$|9>t3GEPQ3_^UVuu@9h|ruKfYYtMtA3Q3Vuu!^]UVF<W3;UR}PQH|zE;tsURhr}P|UE;tNUR}PE;t.}S]RRP|^P~TEPQ[EPQEPQ_^Vt$t3&jhquPh_@@^j>5F<t(PMmvle\VMMM]Vt6W?t)h|hjN7_^UQeWEPu0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Rsvu`L2i]18E Px`ShX87Qc?ExQm>W3Y$:O.)D,4qz')Z^J2VF+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Rsv}u`L2}i]18E Px` S hX87Qc?ExQ& }m>W3Y$:O.)D ,49 qaz')Z^Jx2VF+
Ansi based on Dropped File
(~WRD0000.doc)
@tI?uDhM7u3EPMh MEEMtjME^MERMMFN"j#Xg!EMEzueM#uuMM'"MVtMQu j0|%!EHw?}t9MpeEuP|uMM3!MPMQMQEPTu/}tMEGuEPtMujh@M}Ev,uEPuMEMQMQPLMEMEMMj VXuM2zeVM{EP0EPME{Mj/j\%MHPM5f/t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@u@]3]UVeu;ueN^]dH;txu^]&zNHUeM3MEEEE@EMEdEEduQu"zEdPd5D$+d$SVW(3PuEEdPd5D$+d$SVW(3PeuEEdPd5D$+d$SVW(3PEuEEdPd5D$+d$SVW(3PEeuEEdMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@USVW}]3tjZttt tt#t$=t=t;u#tut}M##E;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@|33}jX" eVu}9 5 NN9 "!9 0 ]0 EyJB|& j3Y+@0 M& 9 E& T& |& u@|n9 "!jY# yNFe+3BL& 9 10 u9 19ur"9U& t+eL& 9 r0 u;rsEH9 U0 9 My0 M9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
@|33}jX" eVu}9 5" NN9 "!9 0 ]0 EyJB|& j3Y+@0 M& 9 E& T& |& u@|n9 "!jY# yNFe+3BL& 9 10 u9 19ur"9U& t+eL& 9 r0 u;rsEH9 U0 9 My0 M9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
@|33}jXeVu}5NN]EyJB|j3Y+@MET|u@|njY#yNFe+3BL1u19ur"9Ut+eLru;rsEHUMyMM!E@}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@~3f99YB|WpMNWpM]NWp(MEMME@umM@uauEPEPM]M?6EjEPM7?PuMEGM]GM}G'MEGM]GM}GWj .uu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[:&.;GIF89a]}|~Gt!],]]9VTM7B;-<]QK'A]>L5/I=S3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[[t[P[$[ZZRZTZ,ZZY pY!xX"WxWyWzWWWxxxxxxxxxxx
Ansi based on Dropped File
(~WRD0000.doc)
[[t[P[$[ZZZTZ,ZZY pY!xX"WxWyWzWWWx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[doc]Alert.dll.LNK=0
Ansi based on Runtime Data
(WINWORD.EXE
)
[f0 @@& <& <f0 @@<r9 & H+j& ,PS& HP9 4T & b9 & ,& 8;RZ9 & D+& 4;E ?@9M |9 D<+4j& H^;Ms<9 " DDf
Ansi based on Dropped File
(~WRD0000.doc)
[f@@<<f@@<rH+j,PSHP4Tb,8;ZD+4;E?@9M|D<+4jH^;Ms<DDf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[G$"f}`/s(keb7W70{d{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[MEEPu9 E;Et9 PQ9 E;]t9 PQ9 EM;t9 PQ3 #jq="9 30 ]EPNP0 ];|_9]tZuM9]t:;tFX3PM9 E9 VURSPE |EP9 E];t9 PQ9 EM;t9 PQ"j ="9 & t6PM 9 Ee& t9 PQ9 E9 jPQ9 EM& t9 PQ"9 L$x3V9 9 & t&^V9 t$t$N}k3^jT>v!9 39]u~D9
Ansi based on Dropped File
(~WRD0000.doc)
[MEEPuE;EtPQE;]tPQEM;tPQ3#jq="3]EPNP];|_9]tZuM9]t:;tFX3PMEVURSPE|EPE];tPQEM;tPQ"j="t6PMEetPQEjPQEMtPQ"L$3Vt&^Vt$t$Nk3^jT>v!39]uD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[MS}0f0 0f0 V9 "!YSY[0f0 F0f0 V9 "!00f0 Ff0 V3_^9 U9 9 E& }]9 U9 SWuM9 E9 }3;t0 8;u+dNSSSSS8]t9 E`p39]t}|}$V70 ]7GGEPjV}& uf-uMf+u7GG9]u3V" Y& tE
Ansi based on Dropped File
(~WRD0000.doc)
[MS}0f0fVYSY[0fF0fV00fFfV3_^UE}]USWuME}3;t8;u+dNSSSSS8]tE`p39]t}|}$V7]7GGEPjVuf-uMf+u7GG9]u3VYtE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
\h0 @9 ;t*hW<;tMQ;u9 E;t0 W89 6Ul$ 30 & j`E9 0 M39 0 }0 ]T& u
Ansi based on Dropped File
(~WRD0000.doc)
\h@;t*hW<;tMQ;uE;tW86Ul$3j`EM3}]Tu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
\StringFileInfo\%04X%04X\%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
\X\|[SUV9 t$3W; .9 F; #9 |$j_u9 0 |$0 \$j
Ansi based on Dropped File
(~WRD0000.doc)
\X\|[SUVt$3W;.F;#9|$j_u|$\$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]$& _9 F& 9 NHF0 F9 0 A9 F9 H 9 t0 (FN9 H;Hv0 (FtN 9 F& 9 NHF0 F9 9 @0 9 Aj3]& t9 \$j
Ansi based on Dropped File
(~WRD0000.doc)
]$_FNHFFAFHt(FNH;Hv(FtNFNHFF@Aj3]t\$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
](9 FWVpp9 u9 F0 (9 F`& u9 & 9 FHQVp9 ]9 Fxt9 F& 9 NHF0 F9 0 A9 F9 9 F& x9 HF0 F9 FH9 F9
Ansi based on Dropped File
(~WRD0000.doc)
](FWVppuF(F`uFHQVp]FxtFNHFFAFFHFFFHF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
])F\N9 \$Oj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]0 )F\N9 9 \$& Oj
Ansi based on Dropped File
(~WRD0000.doc)
]3;u/[VVVVV;}tE`pW};u/`[VVVVV}tE`pE9pu:fArfZw fArfZw CCGGft8f;t1MQPMQCPCGGftf;t+}tMap_^[UV3W95Tuo};uZVVVVV0XU;tfArfZw fArfZw GGBBf;tf;t+Vuuc_^]UuMkEMA%}tMapUjuYY]UjuYY]UQSV3;uYj^SSSSS0HW9]wYj^SSSSS0$39]f@9EwPYj"E"w]9]t]j-XfNEE3uEvW0EfAA@3E9]v;Er;Er3f3fIIffIfIGG;r3_^[U}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]9 M0 }0 E;uMM\9 !u9 o9 E3jZQ$39uY0 <~B9 MV[/9 & t-GPMn9 9 <0 9 9 <39u@PVW9 F;u|3GtV9 }P9 |^jh8$9 u:3CtTMSxaejh MRaESPERP][YYMREg9 }ESP MMSLjSSSj9 k 9 }EPv@ 9 E+E9 }0 EE+}]E5{%E
Ansi based on Dropped File
(~WRD0000.doc)
]9 U9 QQS9 ]VW330 };tG0 }rwjrY 4jrY& u
Ansi based on Dropped File
(~WRD0000.doc)
];GIF89aQ!Q,~QQ&'/-#KE<!4H,I=9Q7?+%*Q JPA20Q;>"L61@MO(N
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
];r;u]u3S:YKC8tpCUt|D#M#u)eHD9#U#uEUiDMLD3#u#Mj _G}MT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]]#]1]" `.Z]b]m]x]] ]x]]]" .@." ..^^" $/@#X/" h/x/V^" /y^" /^^" 0@<0" L0\0^___" 04_<_" 0" 01__g_o_w__! __ _x___
Ansi based on Dropped File
(~WRD0000.doc)
]]#]1]"`.Z]b]m]x]]]]]]".@."..^^"$/@#X/"h/x/V^"/y^"/^^"0@<0"L0\0^___"04_<_"0"01__g_o_w________
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]f;Lf;Cf;5?f;wK3EE9fE}fEEEEEf}V33f9uH%E\3f;uFEu9Eu9EufEf;uFEu9Eu9EvE}EEMM~JMMDMeW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]M}E;uMM\!uoE3jZQ$39uY<~BMV[/t-GPMn<<39u@PVWF;u|3GtVP|^jh8$u:3CtTMxejhMaEPEP][YYMEgEPMMLjSSSjk}EPv@E+E}EE+}]E5{%E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]UQQS]VW33};tG}rwjrY4jrYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
^GGPPSP5dYt!uPS5dYYYguuPS5dYYY;-uCS$sHH'kQ0GM t@tGGG@t3@t|su3}9~u!ut-RPSWs09~NE+Ftbt90tW0@?If8t@@u+(uI8t@u+\@t2t-t+t ++uSj [aYtuWSj0tf~bPjEPFPFx.u(9t MYuPY|tWSj mt&Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_.d,$$$H8! <M@ YUO_YY_,i(^Yx2mxR$xxx S
Ansi based on Dropped File
(~WRD0000.doc)
_9 Ft 90ujAPQ }t9 E`p3_^[9 U9 , 30 E9 ESVW9 }j^VMQMQp003;uSSSSS0 0'9 o9 E;v9 uu3}- +3;x+MQNQP3}- 3;xQ.;tuESPu9 Vu9 M_^3[v9 U9 juuuuu]9 U9 $VWuME3E0 9}}0 }9 u;u+" j^WWWWW0 0: }t9 E`p9 9}v9 E9EwWj"9 }9 0 E9 G9 S#3;& & & 9 Euju^PSW& t } 9 Map` ;-u-F0F}je $xFV7kYY& L} p@2% 3t-F9 ]0F& $x9 OF3'3u!09 O9 Fu0 U
Ansi based on Dropped File
(~WRD0000.doc)
_=-_---_=l_l\!x
Ansi based on Image Processing
(screen_9.png)
_______:.__--___._
Ansi based on Image Processing
(screen_0.png)
___`" 1%`-`5`" 1" D2X```n`|```````" l2aa" 21a" 2" 43Ta\adala~a ata}aaaaa" |3ab" 3)b1b9b" 3" L4\bfbnbvb bbbbbb" 4bb" 4c'c" 4LcTc_c" (5& cc" c" d5ccc" 5d" 5,d7dBdJd" 6pd" L6 d~dd" x6" 6dddddee(e3e" 7Ye" D7|e e" p7eee" 7eef" 7%f-f" 8Pf" P8sf" |8"!ff" 8ffff" 8" D9!g)g1g9gAgIggg" 9ogzg& gg: ggggg" 9g" :h'h" @:Mh" t:phxh" :" :: hhhhhhhi" 0;" ;#i+i6iAiLiWi i" ;i" ;ii" <iij" L<'j@j" <cjnj" < jSjj" <jj" ,=kk" `=6k>k" =ak" = kk" =k" (>kk" T>l" >+l" >Nl" >ql|l" ?P?X?~P,? ??d& @(@d Iey,=3k" t2#%&~(@(J(')0)@*C" CCF+**--1---& DDdd |2x3333-9I9{FFRjJnJ9 bYfio`
Ansi based on Dropped File
(~WRD0000.doc)
__qq_|_ x___q_qqqqq"q#q$q%q&|qD0@@@@@P@$@@ @4@N@ p+i@]%O@qC)@D@<Ix@oGAkU'9p|B~QCv)/&D(DJzEeF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_Ft90ujAPQ}tE`p3_^[U,3EESVW}j^VMQMQp003;uSSSSS0'oE;vuu3}-+3;+MQNQP3}-3;Q.;tuESPuVuM_^3[vUjuuuuu]U$VWuME3E09}}}u;u+j^WWWWW0:}tE`p9}vE9EwWj"}EGS#3;Euju^PSWt}Map;-u-F0F}je$xFV7kYYL}p@2%3t-F]0F$xOF3'3u!0OFuU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_jV(^9 9 Ee0 9 E0 9 E0 EP} C9 E$MM0 ^ 9 D$0 AL9 D$0 9 D$0 j)T]9 Ee0 At9 E0 Ax9 E 0 A|9 E$0 9 E(0 EPMM*4^$j)TM]9 Ee0 9 E0 S9 E 0 9 E$0 9 E(0 EPbMM]$9 D$0 9 I& tP U9 V9 9 N& ~EPEPR& 0 EPv@ & txS9 ^xt9 M+N|+M t9 E+E+E"!+9 N|9 N|Mt9 E+ +E$t9 E+E+E"!+ 9 EjPQ9 N[^U9 V9 9 N& EPEP& "!EPv@ & S9 ~St9 M+}+M&t9 E+E+E"!+9 }9 }Mt9 E+ +E$t9 E+E+E"!+ 9 EjPQ9 N[^U9 V9 v& tIt@WEPv@ jjuuq"9 & tjWvtW_^V9 9 FW9 = & tp& t9 Njjt$&9 F& tp& t9 Njjt$&_^U9 (SVE9 P9 Ps x & ukWj(3EWP e0 E9 C h WE0 }0 }0 E0 } j0 E9 0 E0 }g0 EEP| _f& u33@^[U9 V9 \;Fu`& tBEP< 9 E+EjP9 E+EPuuvS ^U9 V9 & & SWEPv< 9 ]9 }+]+}Vv jvSWuuh h|9 vPh SWjj0 R KSOWjj0 ER 9 }j9 SWW jWtW9 =Sj0 vSjjdj_[^U9 V9 9 N& tu9 uP8& u3#9 N& tu9 uP8& tu9 u0 ^]V9 D$tVlYY9 ^jNTOX9 39s& hORY0 E0 u;t9 z3M0 C30 u}9 0 E0 E9 0 ePs 9 Ks9 j9 u3VVPL9 V9 PX9 9 KVM9 KjmXjNTSW9 39s& hSQY0 E0 u;t9 3M0 C30 u}9 0 E0 E9 0 eP]s 9 Ks9 j9 u3VVPL9 V9 P\9 9 KVa9 KjWj0qTV9 9 }9 W& u
Ansi based on Dropped File
(~WRD0000.doc)
_jV(^EeEEEPCE$MM^ D$ALD$D$j)T]EeAtEAxE A|E$E(EPMM*4^$j)TM]EeEE E$E(EPbMM]$D$ItP UVNEPEPEPv@txS^xtM+N|+M tE+E+E+N|N|MtE++E$tE+E+E+EjPQN[^UVNEPEPEPv@StM++M&tE+E+E+MtE++E$tE+E+E+EjPQN[^UVvtIt@WEPv@jjuuq"tjWvtW_^VFW=tptNjjt$&FtptNjjt$&_^U(SVEPPs xukWj(3EWPeEC hWE}}E}jEE}gEEP|_fu33@^[UV\;Fu`tBEP<E+EjPE+EPuuv^UVSWEPv<]}+]+}Vv jvSWuuhh|vPhSWjjKSOWjjE}jSWWjWtW=Sj0vjjdj_[^UVNtuuP8u3#NtuuP8tuu^]VD$tVlYY^jNTOX39shORYEu;tz3MC3u}EEePs Ksju3VVPLVPXKVMKjmXjNTW39shQYEu;t3MC3u}EEeP]s Ksju3VVPLVP\KVKjWj0qTV}Wu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_MGijWv0 F,vMM3@3U9 D$;At;At;At;At;At33@S9 \$& t<V9 sa9 & ~-W3& ~W9 6 & t9 j9 G;|jVj9 _^[jD0 M39u $9 Ma; 9 MV" 9 ; h,yY9 0 M0 u;t9 MGPNGPN0 EHWNHMu3ECPM0 ]\2PNxEM]
Ansi based on Dropped File
(~WRD0000.doc)
_MGijWvF,vMM3@3UD$;At;At;At;At;At33@S\$t<Vsa~-W3~W6tjG;|jVj_^[jDM39u$Ma;MV;h,yYMu;tMGPNGPNEHWNHMu3ECPM]\2PNxEM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_S_qq _|_ x_ _R_q _qqqqSq"q# q$q%q&|q D 0@@@@S@P@$@ @ @}4@N@ ~p+i@]%}O@q " C)~@D @<Ix@oR G A& kU'9p|B}~QCv)/ &D(DJz" Ee F
Ansi based on Dropped File
(~WRD0000.doc)
` 0 wu< u9]tj+MdjPM}u&SMEEEPM0 ]uMhMuYPMuMF;7RV9 MEP)MEEMEM]9 Ej"!C9 0 ueN u9 E9 pV9 D$tV`Y9 ^9 V9 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
`8@4@9 ;rE9= |9 = e& ~m9 E9 tVtQ`tKuQ & t<9 u9 4& 9 E9 0 `FhFPa\YY& FECE9}| 39 59 tt N rF& ujX
Ansi based on Dropped File
(~WRD0000.doc)
`8@4@;rE9=|=e~mEtVtQtKuQt<u4EFhFP\YYFECE9}|35ttNrFujX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`9 ^~^9 D$& }|$tt$0|Y39 T$V9 & ~.W9 k!3:9 ~9 k!3z9 & _9 ie9 X]^qq}YY& t3v9 `V9 9 L$PNh" ^9 9 L$i& uVWt$r9 >P9 W_^Vq9 L$W9 >RP9 W_^V9 9 L$#& t3t$dPN% ^}Z}9 `j 6 v9 0 uSeN x MN Cwji^v9 F PMs ueu9 MMs wjiv9 F PM4 ue9 MM9 5 9 vjiu9 F PMueN9 PMM0 vjiu9 F PMueN9 PMMLvjBeu9 0 u`ej
Ansi based on Dropped File
(~WRD0000.doc)
`9 u|_3GWu|P0 E|& hLkY0 E`e& t9 `3W9 0 e`Sh|9 0 ]0 7v9 }9 Wu|P`MP(ShP9 Md0 }a7EPPEdPEYYMdEx19 }9 UPRPPMP0 ]& 1t~MSMPEE(Sh`MdE/7EPPEdPEmYYMdE419 }EPPct9 }h" ~tMPE1MS0 ]M@'M0E'Sh`MdE6E0PEdPEYYMdE0M@E@PMEVM@)& uM@'PM03M0'9 =PhvM@'Sh(`MdE
Ansi based on Dropped File
(~WRD0000.doc)
`@0 E0 }9 9 9 & DWY& uME9 ECj#Y9 U9 30 EV395 tO= "!uI "!upVMQjMQPx& ug= uPxu0 5 VVjEPjEPV|P 9
Ansi based on Dropped File
(~WRD0000.doc)
`^^D$}|$tt$0|Y3T$V~.Wk!3:~k!3z_ieX]^qqYYt3v`VL$PNh^L$iuVWt$r>PW_^VqL$W>PW_^VL$#t3t$dPN%^Z`j6vueN xMNCwji^vF PMsueuMMswjivF PM4ueMM5vjiuF PMueNPMMvjiuF PMueNPMMLvjBeuuej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
``HVPDjPH^VFtPf^t$t$t$qVvtt$jv^t$t$jqq33j<9M>ueuMvMMGY:j<r9MueuMuLMMF:D$AA3+t8HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`BYnYntancossinmodffloorceilatanexp10acosasinloglog10exppow(null)(null)EEE50P( 8PX700WP `h````xpxxxx Complete Object Locator' Class Hierarchy Descriptor' Base Class Array' Base Class Descriptor at ( Type Descriptor'`local static thread guard'`managed vector copy constructor iterator'`vector vbase copy constructor iterator'`vector copy constructor iterator'`dynamic atexit destructor for '`dynamic initializer for '`eh vector vbase copy constructor iterator'`eh vector copy constructor iterator'`managed vector destructor iterator'`managed vector constructor iterator'`placement delete[] closure'`placement delete closure'`omni callsig' delete[] new[]`local vftable constructor closure'`local vftable'`RTTI`EH`udt returning'`copy constructor closure'`eh vector vbase constructor iterator'`eh vector destructor iterator'`eh vector constructor iterator'`virtual displacement map'`vector vbase constructor iterator'`vector destructor iterator'`vector constructor iterator'`scalar deleting destructor'`default constructor closure'`vector deleting destructor'`vbase destructor'`string'`local static guard'`typeof'`vcall'`vbtable'`vftable'^=|=&=<<=>>=%=/=-=+=*=||&&|^~(),>=><=</->*&+---++*->operator[]!===!<<>> delete new__unaligned__restrict__ptr64__clrcall__fastcall__thiscall__stdcall__pascal__cdecl__based(eeeee ee etehe~` ` ```D``eXe^TePeLeHeDe@e4e0e,e(e$e eeeeeeeeedddddddddddddddddddSddxdldXd8ddccc cxcTc4ccbbbbbbbRb|b`b@bbaaSa a\a8aa``~GetProcessWindowStationGetUserObjectInformationAGetLastActivePopupGetActiveWindowMessageBoxAUSER32.DLL EEE& & & 00 P ('8PW 700PP ( `h`hhhxppwpp ((((( H h(((( H H & ! 0 `9 R} " "!a: S~x
Ansi based on Dropped File
(~WRD0000.doc)
`BYnYntancossinmodffloorceilatanexp10acosasinloglog10exppow(null)(null)EEE50P( 8PX700WP `h````xpxxxx Complete Object Locator' Class Hierarchy Descriptor' Base Class Array' Base Class Descriptor at ( Type Descriptor'`local static thread guard'`managed vector copy constructor iterator'`vector vbase copy constructor iterator'`vector copy constructor iterator'`dynamic atexit destructor for '`dynamic initializer for '`eh vector vbase copy constructor iterator'`eh vector copy constructor iterator'`managed vector destructor iterator'`managed vector constructor iterator'`placement delete[] closure'`placement delete closure'`omni callsig' delete[] new[]`local vftable constructor closure'`local vftable'`RTTI`EH`udt returning'`copy constructor closure'`eh vector vbase constructor iterator'`eh vector destructor iterator'`eh vector constructor iterator'`virtual displacement map'`vector vbase constructor iterator'`vector destructor iterator'`vector constructor iterator'`scalar deleting destructor'`default constructor closure'`vector deleting destructor'`vbase destructor'`string'`local static guard'`typeof'`vcall'`vbtable'`vftable'^=|=&=<<=>>=%=/=-=+=*=||&&|^~(),>=><=</->*&+---++*->operator[]!===!<<>> delete new__unaligned__restrict__ptr64__clrcall__fastcall__thiscall__stdcall__pascal__cdecl__based(eeeeeeeetehe`````D``eXe^TePeLeHeDe@e4e0e,e(e$e eeeeeeeeedddddddddddddddddddddxdldXd8ddccccxcTc4ccbbbbbbbb|b`b@bbaaaa\a8aa``GetProcessWindowStationGetUserObjectInformationAGetLastActivePopupGetActiveWindowMessageBoxAUSER32.DLLEEE00P('8PW700PP (`h`hhhxppwpp ((((( H h(((( H H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`EEBE3NpEN`ENPEN<EN,ENENE$`jD_}Mh,oMQkePMM}Mh Lo?h3EEPMujhMEMEzPMEP/nMQkME3EPMEMEMMF;uk3@3_jH^M3;u3VegE];@uMk;EPfhM]tHEPXjPEM]WhhMtAEPiPERM]2t^hPhM<tFEPiPEM]ith8:MM?EE;E3@7^jhAP]Mu3eeEuMMjEPxeehMkt=EPhMEM&uM-tMFh|Mt=EPhMEMuMtMh`Mt=EP@hMEWMuM|MhDMh8kt@h0kt0MQg,PE!MEh$Ykt]MQgMEMuEP<ME4hMtWxt&MMEE;E3@\MMjX[M3;u3kcE];UuMh;1EP0chM]$t7EPfMEMuM;tGpMFh|Mt?EPMfMEdMuM;tGtM]hMtnh0i;tMQewxPECM0hi;t/MQePEM]zMMgEE;E3@_ZVq,L$V@^QL$L$@QL$L$}@PQL$oL$_@`QL$QL$A@QL$0L$ @L$j<3j<2XMeEPMMPEMEFMM3@AYQL$L$@,QL$L$}@<QL$WL$G@j R2W]jTh5t$jhPMWeESPYYM5ht0jhM#ESPEaYYMM(V@Xj R25W]jht$jhMeESPYYM5hQt0jhMsESPEYYMMxV@lWjV}jh8t-jhHMeEWP8MYYMVs@VxQL$`L$P@QL$?L$/@AtL$3ApL$3A<ALLL$S3W9\$u3VShxthtSt$ q_;tbuQP0t?^,yu1G,Pt"\uWt3@3^_[Vt$hFtjX#h1tjh3@^UQMejh|4EXT$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`G u_uEju9 u uEjPu9 uu 9 M_^3[Rp9 U9 9 Eet_EtZfuu uuuu ]atAtu uuuuu0u uuuuuwu uuuuun]9 U9 juuuuuuZ]9 VW36Y0 (r_^9 Vhh3Vg& t
Ansi based on Dropped File
(~WRD0000.doc)
`L`9 @30 E=}`RhR@5h & uh=@0 tPSzY0 hSE0j
Ansi based on Dropped File
(~WRD0000.doc)
`local static guard'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local static thread guard'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local vftable'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`MTEMd9 c4ED9 0 e\PE\SMdF ;tED9 0 e\P\VMdEED9 0 e\P\ WMdEEPM;PMDE
Ansi based on Dropped File
(~WRD0000.doc)
`S`[U9 9 M& w3k$QeY3$seEPMh,EPE9 U9 9 M& w3QY3 seEPMVh,EPE9 XU9 9 M& w39 PY3seEPMh,EPE9 Ulhzj0 Mh9 }x|9 Vh 9 VhP9 Vh(9 Ia3;0 E@RVPEXP9 Vh MX0 ]a9 MXxWSEPPMXE9M]~VhMX"!;0 ElMXR`Vh"!;RJ9 Ml+HPAQE0PMXzM0E & & 9 0 eDVh9 E0P<D<ERM E PS<E; MEl EPj<E~M; eh9 Za& t0 ]l9 MhEDP& <PEPEDahh9 ME& 9 MhEPE PhEPtME" & & VhMVhhMHEEPMHEEh8MHhMHhMHEPMHhMH9]l M hMHE
Ansi based on Dropped File
(~WRD0000.doc)
`}E}EB}E3NpEN`ENPEN<EN,ENENE$ `jD_9 } 9 Mh, o& MQ9 keP9 MM}9 9 Mh Lo9 & 9 ?h30 E& : EPM0 ujh MEMEzPMEP9 /nMQ9 kME3EP9 MEMEMMF;u k3@3_jH^9 9 M3;u3Veg0 E0 ]; @u9 Mk9 ; EP9 fh M0 ]& tHEP9 XjP9 EM]9 W9 9 & h h M}& tAEP9 iP9 ERM]9 9 2& t^h Ph M<& tFEP9 iP9 EM]i9 9 & th8 9 :MM?E9 E;E 3@7^jhAP]9 9 M& u3ee0 E& u9 MMj9 & EP9 xeeh Mk& t=EP9 hMEM&& uM-& t0 MFh| M& t=EP9 }hMEM& uM& t0 Mh` M& t=EP9 @hMEWM`& uM & |0 MhD M& h8 9 k& t@h0 9 "!k& t0MRQ9 g,P9 E!MRE0 9 h$ 9 Yk& t]MSQ9 }gMSEMS& uESP9 <MSE4h M& tW9 x& t&MME9 E;E 3@\MMjX [9 9 M3;u3kc0 E0 ]; Uu9 Mh9 ; 1EP9 0ch M0 ]$& t7EP9 " fMEM& uM;t0 GpMFh| M& t?EP9 MfMEdM & uM~;t0 GtM]h MR& tnh0 9 i;tMQ9 ewxP9 ECM0h 9 0 i;t/MSQ9 eP9 EMS]z9 MMgE9 E;E 3@_ZVq,9 L$V9 @^Q9 L$9 L$~@Q9 L$9 L$}@PQ9 L$o9 L$_@`Q9 L$Q9 L$A@Q9 L$09 L$ @9 L$j<3j<2XMSeEPM9 MPEMEFMM: 3@AYQ9 L$9 L$~@,Q9 L$9 L$}@9 9 9 <Q9 L$W9 L$G@j R2W9 9 ]j9 Th 9 5& t$jhP9 MWeESPaYYM5h 9 & t0jh M#ESPEaaYYMM(V9 9 S@Xj R25W9 9 ]j9 h 9 & & t$jhMeESP"!YYM5h9 Q& t0jh MsESPE"!YYMMxV9 9 @lWj & V9 9 }j9 h8 9 & t-jhHMeEWP8"!MYYMV9 9 s@VxQ9 L$`9 L$P@Q9 L$?9 L$/@9 At9 L$0 3& x9 9 Ap9 L$0 3& x9 A<9 AL9 L9 L$0 S3W9 9\$u3 VShxthtSt$ q_9 ;tb~9 "!& uQ! P9 0& t?^,9 y& u1G,P9 & t"9 \& uW9 & t3@3^_[V9 t$9 h9 F& tjX#h9 1& tjh9 3@^U9 Q9 Mejh|9 49 EX: 9 T$9 9
Ansi based on Dropped File
(~WRD0000.doc)
A9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }j3XZ; 9
Ansi based on Dropped File
(~WRD0000.doc)
a9 PQ3A9t9 D$V9 && t9 VhP9 ^|$ V9 vt$" F0 9 ^j<(9 0 u 3~P9 0 ]FFdF$FFF F F$l$FXF\ 0 ~~0 ~ 0 ~0 ~0 ~9 (V9 D$tV)Y9 ^9 & t9 PQVjt$9 YYP9 ^Vjt$9 0 YYP9 ^9 ;D$t
Ansi based on Dropped File
(~WRD0000.doc)
A_,_,-.-.----_-
Ansi based on Image Processing
(screen_0.png)
A_AAAAB@BsBBBBCkCCC5DDD4EEEFFFFGRGGG_H.IIJKKLLLMNMMMM=NkNNNNO<O_OOOO7PeP*QWQ|QQQRRSNSST)TNTqTTTT/URU}UUUUVyVVVVWLWoWWWX#XVXXXX"YUYxYYZQZZZZ[9[h[[[/\s\\\?]]]] ^;^^^^^^_D__
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
aB[(kWyobg"~<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +<<<<</::<<<<<)<<<<;4<<<&9<<03
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
aB[S(kRWyob g"~<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +<<<<</::<<<<<)<<<<;4<<<&9<<03
Ansi based on Dropped File
(~WRD0000.doc)
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@0 ` y !x@~ @ A[@~QQ^ _j21~,kCh}h}h}h}h} (im0o p}p}@0 x pPSTPDT``?__ (i*kXqTqPqLqHqDq@q8q0q(qqqqppppppppppppppppppppp p|pppdp`p\pPp<p0p . $$$$$$$$$ .5@ ;Zx 0Nm:Yw /Ml &____qq!q_
Ansi based on Dropped File
(~WRD0000.doc)
aC@AIxC@&B8G4X9D&J,qaM).@N0Z!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
aC@AIxC@S&B8G 4XR9D&J,qaM).@N0Z!
Ansi based on Dropped File
(~WRD0000.doc)
Accept-Encoding:gzip,0 U.?AVCJobDownloadFile@@,0 U.?AVCJobRequestPost@@U.?AVCLPManager@@U.?AVCVersion@@U.?AVCPicture@@,0 U.?AVCInternationalizationHelper@@U.?AVCChildButtonStatic@@U.?AVCCabExtractor@@,0 U.?AVCRegMonitor@@U.?AVCSingletonLogic@@,0 U.?AVCWindowStyledBorder@@U.?AVCLoggerWnd@@U.?AVCEventLogger@@U.?AVCTranslatedKey@@U.?AVCLanguagePack@@U.?AVCTooltip@@U.?AVCDictionary@@,0 U.?AVCQueue@@U.?AVCListBase@@U.?AVCPriorityQueue@@U.?AVCEventQuerySent@@U.?AVCQueryResult@@U.?AVImage@Gdiplus@@U.?AVBitmap@Gdiplus@@U.?AVCGdiPlusBitmap@@U.?AVCGdiPlusBitmapResource@@U.?AVCListViewCtrl@@,0 N@D,0 U.?AVtype_info@@,0 U.?AVbad_cast@std@@U.?AVbad_typeid@std@@U.?AV__non_rtti_object@std@@,0 us%,0 ,0 U.?AVbad_exception@std@@
Ansi based on Dropped File
(~WRD0000.doc)
Accept-Encoding:gzip,U.?AVCJobDownloadFile@@,U.?AVCJobRequestPost@@U.?AVCLPManager@@U.?AVCVersion@@U.?AVCPicture@@,U.?AVCInternationalizationHelper@@U.?AVCChildButtonStatic@@U.?AVCCabExtractor@@,U.?AVCRegMonitor@@U.?AVCSingletonLogic@@,U.?AVCWindowStyledBorder@@U.?AVCLoggerWnd@@U.?AVCEventLogger@@U.?AVCTranslatedKey@@U.?AVCLanguagePack@@U.?AVCTooltip@@U.?AVCDictionary@@,U.?AVCQueue@@U.?AVCListBase@@U.?AVCPriorityQueue@@U.?AVCEventQuerySent@@U.?AVCQueryResult@@U.?AVImage@Gdiplus@@U.?AVBitmap@Gdiplus@@U.?AVCGdiPlusBitmap@@U.?AVCGdiPlusBitmapResource@@U.?AVCListViewCtrl@@,N@D,U.?AVtype_info@@,U.?AVbad_cast@std@@U.?AVbad_typeid@std@@U.?AV__non_rtti_object@std@@,us%,,U.?AVbad_exception@std@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Accept-Language:Accept: */*FIf-None-MatchUser-AgentAccept-LanguagePragmano-cacheAccept*/*Content-Typeapplication/x-www-form-urlencodedGETICOyiICOyipXMLHttpReq->get_responseStream() failed : hRes=0x%XpXMLHttpReq->get_responseText() failed : hRes=0x%Xget response stream failed.Content-LengthGetResponseHeader(Content-Type) failed : hRes=0x%XpXMLHttpReq->send() failed : hRes=0x%XSetHeaders() failedpXMLHttpReq->open() failed : hRes=0x%XPOSTreturn FALSE (CoCreateInstance() failed : hRes=0x%X)CHttpManager::RequestHelperStart : wStrUrl=%s pwStrInput=%sa'M>}zCJobDownloadFileexit [%s]broadcasting [%s]posting singleton event [%s]before posting event [%s]Target file exists [%s]Download succeeded [%s].tmpCJobDownloadFile::Process(R'M>n6ge</EBXML><EBXML>CJobRequestPostafter post - FAILED. Server=%s Form=%safter post. Reply = %sbefore post. Request = %sExit : wStrServer and wStrForm are emptyEnd : m_pQuery==NULLCJobRequestPost::Process|'M>mmmmResourceFiles .4gdiplus.dllBINARY.pngO)\(?333333?zG?333333?o@EI Pop Up Window Class|8<ZYUOY_YY_,((2YY2m$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Accept-Language:Accept: */*FIf-None-MatchUser-AgentAccept-LanguagePragmano-cacheAccept*/*Content-Typeapplication/x-www-form-urlencodedGET}RIC OyiRIC OyipXMLHttpReq->get_responseStream() failed : hRes=0x%XpXMLHttpReq->get_responseText() failed : hRes=0x%Xget response stream failed.Content-LengthGetResponseHeader(Content-Type) failed : hRes=0x%XpXMLHttpReq->send() failed : hRes=0x%XSetHeaders() failedpXMLHttpReq->open() failed : hRes=0x%XPOSTreturn FALSE (CoCreateInstance() failed : hRes=0x%X)CHttpManager::RequestHelperStart : wStrUrl=%s pwStrInput=%sa'M>: }zCJobDownloadFileexit [%s]broadcasting [%s]posting singleton event [%s]before posting event [%s]Target file exists [%s]Download succeeded [%s].tmpCJobDownloadFile::Process(R'M>: n6ge</EBXML><EBXML>CJobRequestPostafter post - FAILED. Server=%s Form=%safter post. Reply = %sbefore post. Request = %sExit : wStrServer and wStrForm are emptyEnd : m_pQuery==NULLCJobRequestPost::Process|}'M>: mmmxxxmResourceFiles .4gdiplus.dllBINARY.png O)\(?333333?zG?333333?o@EI Pop Up Window Class|8! <} ZYUOY_YY_,((2YYx2mxx$xxxx
Ansi based on Dropped File
(~WRD0000.doc)
after post - FAILED. Server=%s Form=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
after post. Reply = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_ABOUT_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_HTML_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_INFO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_OPTIONS_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertInfoRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/AlertLogin
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/GetAlertTranslation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/GetToolbarAlertsInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/SetAlertUsageRequest
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_ABOUT_DIALOG_ALERT_VERSION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_DESCRIPTION__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_SAMPLE_NOTIFICATION_DESCRIPTION__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALP_SERVICES_SERVER_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALPServicesServerName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AM#=Tu%5 }E5t}PjEPjhPYSjuuV9 D$u(9 L$9 D$39 9 D$9 9 d$9 9 d$G9 9 \$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN+D$T$3+D$T$9 9 9 9 9 ^9 U9 SuM=i9 ]C=w9 E9 Xu0 ]}EP9 E%P`nYY& t`EjE]EY
Ansi based on Dropped File
(~WRD0000.doc)
AM#=Tu%5E5tPjEPjhPYSjuuVD$u(L$D$3D$d$d$G\$T$D$ud$D$r;T$wr;D$vN+D$T$3+D$T$^USuM=i]C=wEXu]}EPE%PnYYtEjE]EY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
API_CMD_CLICKED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppData\LocalLow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
application/x-www-form-urlencoded
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
aPQ3A9tD$V&tVhP^|$Vvt$F^j<(u3~P]FFdF$FFFF F$l$FXF\(VD$tV)Y^tPQVjt$YYP^Vjt$YYP^;D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AutoUpdateServerVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AXPt}uPx3';uuuuuuP|q]US]VWu3;CURP<t$MtSRssP<3@_^[]U,VEPv@SWuuuu=PSE~8EtN8SP<EPuEPEP=t:E3E;tptMVVSTsMEPEPu3h VVSuuVVuuSuS_[^jjYuEM?eMK9uwt!MMz?Vt$t$ttu'!tP|^D$t|$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AyJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}j3XZ;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
A}EA}EA}E ANxE& ANhEyANXEmANHEaAN4EUAN$EIANE=AMN1A;jJV9 0 u^9 7eN7N$E7N4E7NHE7NXE7NhE7NxE 7}E! 7}Ex7}Ei7}E
Ansi based on Dropped File
(~WRD0000.doc)
b!np#POX%D% 0@/gJA0R1 ON:4Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
b!n~p #POX a%D%R 0@/ ~gJAR0R1 O N0 :4Q
Ansi based on Dropped File
(~WRD0000.doc)
B(;r3_^[]9 U9 jh EhdPSVW 1E3PEd0 eEh*& tU9 E-PhP& t;9 @$E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
B(;r3_^[]Ujh EhdPSVW1E3PEdeEh*tUE-PhPt;@$EMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
B8uSjuo9 E[]9 U9 SVW39}t$9}t9 u;uTDWWWWW3_^[9 M;t3u9Ew9 }}F0 M0 }9 t9 F0 EE& 9 Nt/9 F& t(R9 ;r9 Wu6>)~>+}O;]rO& tVHY& u}}9 t39 u+WuVx YPta9 ;w9 M+;rP9 })9 EVPm_YYt)E9 FK0 E& E& & A9 EN 9 +3uN 9 Ejh(A39ut)9ut$39u" ;u BVVVVV3u Y0 uuuuu=0 EE9 Eu Y9 U9 SV9 uW3;uzBWWWWWBFt7VV9 V3 PF& }9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
B8uSjuoE[]USVW39}t$9}tu;uTDWWWWW3_^[M;t3u9Ew}}FM}tFEENt/Ft(;rWu6>)~>+}O;]rOtVHYu}}t3u+WuVxYPta;wM+;rP})EVPm_YYt)EFKEEAEN +3uN Ejh(A39ut)9ut$39u;u BVVVVV3uYuuuuu=EEEuYUSVuW3;uzBWWWWWBFt7VV V3PF}F;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
B9 Ej0 G4X_^[9 T$& u39 D$VW9 |$ 9 S3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHBN& f[& t23#3xHBOu_^9 L$9 T$3V#9 " xH39 A0 Qi B0 Q3#3" xH^0 A9 D$9 H9 U9 u0Euu`E]U9 9 MVW9 }& u3@} S9Us9 U)UR" 9 9 kYYYYYYYYYY
Ansi based on Dropped File
(~WRD0000.doc)
Base Class Descriptor at (
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
BB0B^~j_9 u?3f0 EE9 E9 ]9 Me9 EM0 ]0 Eu& }2~(9 E9 ]9 Mm9 EN0 ]0 E& GZ0 ]0 E& }9 U9 Eu}e9 }e9 U9 9 49 U9 E<;r;sF3;rs3B9 & tA9 E00 U;r;sAM4?0 u9 u0 M 09 CM}0 uEKK`K<5}9 MD ;9u0K;]s9 E;]sCf* XD9 ER9 M_^3[v ;0uK;s9 E;s3f0 f9U@"
Ansi based on Dropped File
(~WRD0000.doc)
BB0B^~j_u?3fEEE]MeEM]Eu}2~(E]MmEN]EGZ]EUEu}e}eU4UE<;r;sF3;rs3BtAE0U;r;sAM4?uuM0CM}uEKKK<5}MD;9u0K;]sE;]sCf*XDEM_^3[v;0uK;sE;s3ff9U@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BE9 MH0 E;O,u9 O(0 MKL# & u}9 G,;u9 G09 O(;t9 ;s+H9 G,+& uXu0 W4VWF9 W40 E9 G0;s+H9 G,+9 O,0 E;u9 O(9 G0;t9 ;s+H
Ansi based on Dropped File
(~WRD0000.doc)
before post. Request = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
before posting event [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
BEjG4X_^[T$u3D$VW|$S3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHBNf[t23#3xHBOu_^L$T$3V#xH3AQiBQ3#3xH^AD$HUu0EuuE]UMVW}u3@}S9UsU)UkYYYYYYYYYY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BEMHE;O,uO(MKL#u}G,;uG0O(;t;s+HG,+uXuW4VWFW4EG0;s+HG,+O,E;uO(G0;t;s+H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
blockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
bp/pH*Z0FHN2AppH6Q0(0!,:(P:54
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
bp0 /pH*Z R0FH N 2Ap0 pH 6Q0(0 !,}:(P:54
Ansi based on Dropped File
(~WRD0000.doc)
buffer error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
C4^1Y@MQ</[8+K&E! %
Ansi based on Dropped File
(~WRD0000.doc)
C9 E9E G9 D@u `C9 +E }0 E& & K` xC 3@;]rK@ P& t`0 P& & u
Ansi based on Dropped File
(~WRD0000.doc)
Cabinet.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertChannelsList::ProcessOpenAppMessage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiExecCommand
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiPostMessageToParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CC& D0 @0 <t<uR@" Yf;& @& h& 8 t)j
Ansi based on Dropped File
(~WRD0000.doc)
CCD@ <t<uR@Yf;@h8 t)j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CChildButton::OnMouseLeftKeyDown
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CE9EGD@uC+E}EKxC3@;]rK@PtPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CertFindCertificateInStore
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertGetNameStringA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertGetNameStringW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::DownloadFileHelper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::RequestHelper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::ReturnWithError
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
cj%b9 0 u eN{M9 abAV9 ^D$tVbY9 ^Vjj9 jj9 _^jaEPeM& t3MMZ9 bbMME& MEuMh9 PVMRM9 E& ME j,8#aeEPh3CM0 ]V& t9 Mjha0 ]M[ME MET& MEp}9 EPhMPVMW9 M& tEPjh+M0 ]E& ME4M]ME9 E$aj,8=`eEP 3CM0 ]p& t9 Mjh(0 ]MuMESMEn ME`9 EPhMPVMq9 M& tEPjh(EM0 ]E MENM]ME79 E>`jW_EPeM& t3MM9 `M ME"!MERuMh9 #PVMM9 EiMEO jc^EPeM& tMMf3n_9 MEP9 MhlMuME3& uMEMM9 Fjc2^EP[eMk& tMM3^9 MEPL9 Mh +MfuME& 3& uMENMM~9 Fjc]EPeM& tMMF3N^9 MEP9 Mh: MuME3& uMEMM9 Fj(]9 eEP3CM0 ]C& t9 Mjh|9 ! 0 ]n9 0 ejhnuEP9 @ME& t9 Mjh|9 AMPM9 MEPM0 ]]8ME,9 E3]j4L\9 EPeM& & EP9 "MEd& & M|EPh<ME Ph MhM}h! MljhM_EP|9 WMEP VMShM+EPWMPVMxhMEPhM PVMPMEMEMEMM[j[0 M9 u& 9 M?& & MW9 Me~WEPME& & M8MET9 F$PhTMPSMF4PhHMPSMt9 MW8}t?j9 0 ejhpMEePSME"!& u9 MjWSMEa~MEMMt3@3ZjPY0 M9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
cj%bueN{MbAV^D$tVbY^Vjjjj_^jaEPeMt3MMZbbMMEMEuMhPVMRMEMEj,8#aeEPh3CM]VtMjh]M[MEMETMEpEPhMPVMWMtEPjh+M]EME4M]MEE$aj,8=`eEP3CM]ptMjh(]MuMEMEnMEEPhMPVMqMtEPjh(EM]EMENM]ME7E>`jW_EPeMt3MM`MMEMEuMh#PVMMEiMEOjc^EPeMtMMf3n_MEPMhlMuME3uMEMMFjc2^EP[eMktMM3^MEPLMh+MfuME3uMENMM~Fjc]EPeMtMMF3N^MEPMhMuME3uMEMMFj(]eEP3CM]CtMjh|]nejhnuEP@MEtMjh|AMPMMEPM]]8ME,E3]j4L\EPeMEP"MEdM|EPh<ME PhMhMhMljhM_EP|WMEPVMhM+EPWMPVMxhMEPhMPVMPMEMEMEMM[j[MuM?MWMe~WEPMEM8METF$PhTMPSMF4PhHMPSMtMW8}t?jejhpMEePSMEuMjWME~MEMMt3@3ZjPYMuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CJobDownloadFile
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobDownloadFile::Process
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobRequestPost
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobRequestPost::Process
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ClientToScreen
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CLogger::~CLogger--== Logger initiated ==--.log_THREADID.logCLogger::Init#rdf:rdfrdfrssPosted (no title)dc:dateenclosurefeedItemIdlinkitemlanguagettlchannelcreatedtext/htmlapplicationentryhrefrdf:RDF wb..*h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CLogger::~CLogger--== Logger initiated ==--.log_THREADID.logCLogger::Init#rdf:rdfrdfrssPosted (no title)dc:dateenclosurefeedItemIdlink~itemlanguagettlchannelcreatedtext/htmlapplicationentryhrefrdf:RDFR ~wb..*h~R ~
Ansi based on Dropped File
(~WRD0000.doc)
CLSIDFromString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CoCreateInstance
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CombineRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
COMCTL32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Community Alerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Community Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CompanyName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CompanyNameConduit Ltd.4FileDescriptionAlert0FileVersion1.1.4.1,InternalNameAlertbLegalCopyrightCopyright Conduit Ltd. 2011.fLegalTrademarksCopyright Conduit Ltd. 2011.4OriginalFilenameAlert$PrivateBuild4,ProductNameAlert4ProductVersion1.1.4.1$SpecialBuild4DVarFileInfo$Translation<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Complete Object Locator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Community Alerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit_Alert_Autoupdate_Mutex
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ConvertStringSecurityDescriptorToSecurityDescriptorA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CorExitProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Could not get bShow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CPPVP5Yt!uPV5YYYfguuPV5YYY>-uFV$sg+'jj0XfQfEE t@tCC@Ct3@t|su3}9~u!t-RPSW{09~N+FtYt90tN0@6uOf8t@@u+e@t+tj-tj+tj Xf++uSj YtuWSj0Quu~qPWPB~)YVY| tSj tYft*3PPPPP2t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateMutexW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CRegMonitor::Init
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CRegMonitor::~CRegMonitor
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CryptMsgGetParam
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CSecurityAttributes::GetLowIntegritySecurityAttributes
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteKey
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteRegEntry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetBoolFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetFirstRegDirectoryName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetIntFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegDirectoryKeyNames
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegFirstName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegNames
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegNamesCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetStringFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::IsKeyInRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::IsValueInRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::RegDeleteKeyAndItsSubkeys
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::SetBoolRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::SetRegEntry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::WriteIntToRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
cT`C! 0 0U00pU i0g0e` H E0V0(+https://www.verisign.com/cps0*+0https://www.verisign.com/rpa0U0m+a0_][0Y0W0Uimage/gif0!00+ }k jH,{.0%#http://logo.verisign.com/vslogo.gif0U%0++04+(0&0$+0 http://ocsp.verisign.com01U*0(0&$" http://crl.verisign.com/pca3.crl0)U"0 010UClass3CA2048-1-550U k&p? -5: 0
Ansi based on Dropped File
(~WRD0000.doc)
cT`C!00U00pU i0g0e`HE0V0(+https://www.verisign.com/cps0*+0https://www.verisign.com/rpa0U0m+a0_][0Y0W0Uimage/gif0!00+kjH,{.0%#http://logo.verisign.com/vslogo.gif0U%0++04+(0&0$+0http://ocsp.verisign.com01U*0(0&$" http://crl.verisign.com/pca3.crl0)U"0 010UClass3CA2048-1-550Uk&p?-50
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CThreadPool::OnJobPreProcess
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CtPMuP_^[]UW}SV5WtPtPtPtP_PE{httP{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CurrentVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::OnDocumentComplete
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
D$3D$tL$tI;T$tu3UQQSV^FVMW]9rY^3jZQ!}YEt!NQuPuENMVNEFMUUQN@F_^[3HHD$;r2IAVFtPYff&^D$V;FrQ@~FuPVvFjP.WP<vjW6vWv ~_^AtPYt33@V~u3DuSWx3jZQYtWSjvjt$$_[^VFP^QQQD$Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$3Vt$t&~t NP uNt3@3^j<M\EHeURPtKMu?M[EPMEmEMu[MM$3@[MM3j/M}j 1YEetj]EeMjtYEEt3MVPN$QPF PNuN4M3v8^DMWEPPE5MM)MG;rh0N\#EPpEj5(DVW|$t;tF+G_@^Vuft3N;HuMF^SV39u6F8Xt@F8Xt<^[8YuA8XtNN;uF@8XtN8YuF^[UEVuEFENFgEFF^]VW|$WHGF_^SV39uF8Xt^[xH8Yu8XtNN;HuF@8XtF^[SV39u8F8X!t^[)H8Y!u8X!tNN;HuF@8X!tF^[D$L$;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$9 huBY9 HjT"G0 M} 9 }9 Y& & j.9 9 9 "(+PVEP9 ej|9 VMsMEkjVMEX9 MEPE& tYE9 0 eP9 MWEP PMEME1M9 MPM~9 MP! MEMEMEMMFjl4F9 9 u& ~,& F9 0 eP<~W9 T" M=eWEP9 *ME2jMENsMR0 EER\jME89 &e0 E& } u9 e[u9 WP0 E:& tX9 EjjP9 0 E xju9 }Mn& u9 MPBPM9PuMjuME9 E;E| M,& & M]jEPMEPuMGM99 3& ~_VEPMEPEPME~& uMPM"!PuM}MEF;|& ~MMETjM MREaMEhMEMMz3@3Dj<wC9 ML9 M30 ]PV9 ;u9 M0 EjEPV9 uEP9 yMEhME'qM9 PVM; MEPHWMEmPVMuMw& uuMWHPVMME3FMEgM]MM\9 uEP9 ;RME
Ansi based on Dropped File
(~WRD0000.doc)
D$A4VFtQSWp=tFjt$jpvtD$j51N,QPjv_[^D$A,AtI,jQjPU(SVEP]PSxuhWj(3EWPNhWEE}}]}jEE}EEP|_fu33@^[Wwt5Vt$t)Vw<tG()N)NF3@3^_|$VW=0t%jv~$t=Ft6pt)jjvFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$huBYHjT"GM}}Yj."(+PVEPej|VMsMEkjVMEXMEPEtYEePMWEPPMEME1MMPM~MPMEMEMEMMFjl4Fu~,FeP<~WTM=eWEP*ME2jMENsMEE\jME8&eEue[uWPE:tXEjjPEjuMnuMPBPM9PuMjuMEE;E|M,M]jEPMEPuMGM93~_VEPMEPEPMEuMPMPuMMEF;|~MMETjMMEaMEhMEMMz3@3Dj<wCMLM3]PV;uMEjEPVuEPyMEhME'qMPVM;MEPHWMEmPVMuMwuuMWHPVMME3FMEgM]MM\uEP;ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tV/kY9 ^hj9 M`3M0 ]|; <jSjSj<E<;tr9 <;taPV9 9 ;tGMZ;uV9 j : cY9 0 ME;tS3PS0 p5(w<]MMjjH,i0 M9 u& u3@kMejj~WMi9 t#HtHu/9 MWEP7 9 MEP9 uEP9 f(MM3& ij0I~h9 MT3M0 ]1
Ansi based on Dropped File
(~WRD0000.doc)
D$tV/kY^hjM`3M]|;<jSjSj<E<;tr<;taPV;tGMZ;uVj cYME;tS3PSp5(w<]MMjjH,iMuu3@kMejj~WMit#HtHu/MWEP7 MEPuEPf(MM3ij0IhMT3M]1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVY9 ^Vh~9 e^hX9 Y^h9 M^h9 A^hP9 5^h9 )^hX9 ^h9 ^hP9 9 ^h9 ]h 9 ]h9 ]h9 ]hH9 ]h9 ]hp9 ]h9 ]h`9 "!]h`9 ]h(`9 ]h0 9 u]h8}9 i]h}9 ]]h9 Q]h`9 E]h 9 9]h 9 -]hH9 !]h9 ]h9 ]h`9 \h9 \^j.jY9 0 M30 E;tu]9 M9 MPuRj
Ansi based on Dropped File
(~WRD0000.doc)
D$tVY^U3ES]VuW}'}E@tUEPh@t3@=EPV2%YYt'uWSVEVPEM_^3[~U3EVWu}Mxu_l@3^3U(3ES]VuW}EPh@EPh hpSE^$YYu/EPSN$YYu9EuEPS9$YYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVY^Vhe^hXY^hM^hA^hP5^h)^hX^h^hP^h]h]h]h]hH]h]hp]h]h]h]h(]hu]h8i]h]]hQ]h`E]h9]h-]hH!]h]h]h`\h\^j.jYM3E;tu]MMPuRj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D0 & ItWhtFltw& " f>lu0 xl `f6uf~4u 0 8f3uf~2u0 fd fi fo fu fx fX 9 & R& d/ St~At+tY+t+& & 0 " @0 0 & & & 0& & 0u 9 u& 0 9 [0 & u 0 & 9 & } ` QPRYY& tFF& 9|X + + +& 3F& 0 0 0 & StB& & P9 & & & P& PG& }0 f0 & & 0 & 0 F9 0 & t:9 H& t3& 0 t"!+& 0 & P@fYp eRg}itqnt(o& & & taU9 30 V& 0& tf9 & f0 9 & 0 & @&
Ansi based on Dropped File
(~WRD0000.doc)
d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdb
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
d;vmhp9 E0 =x[_^tV9 5dW3;u4kP5hW54 ;u3xt9 5dhk5hhAj54$ 0 F;tjh hW0 F;uvW54L : N0 >0 ~d9 F9 _^9 U9 QQ9 M9 ASV9 qW3C& }9 i 0Dj?0 EZ0 @0 @Juj9 hyh W& u p0 U;wC9 +GAH0 @0 P Iu9 U9 EO0 H0 AJ0 H0 Ad~D3G0 ~`FC` 9 ENCux 9 !P9 _^[9 U9 9 M9 ASV9 uW9 }9 +Q9 iRD0 M9 OI;|99 0 M0 ]}U& E;;9 MI0 M?vj?Y0 M9 _;_uC s9 ML!\Du&9 M!9 ML!Su9 M!Y9 O9 _0 Y9 O9 0 y9 M+M}}9 }9 MOL1?vj?_9 ]0 ]9 [0 Y9 ]0 Y0 K9 Y0 K9 Y;YuW`LML s }u9 9 MDD9 }uO 9 MY O 9 U9 MD20 0 L9 UF0 B0 D2<38/9 ])uN0 K\39 uN0 ]0 K?vj?^E& 9 uN?vj?^9 O;OuB s9 t!\Du#9 M!NL!Su9 M!Y9 ]9 O9 w0 q9 w9 O0 q9 uu0 uN?vj?^9 M9 y0 K0 {0 Y9 K0 Y9 K;KuW`LML s }u9 9 M9DD9 }uN 9 My N 9 E0 0 D3@_^[9 U9 d9 Mkh0 MSI VW}M
Ansi based on Dropped File
(~WRD0000.doc)
data error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Dc3F 0^2PC0$[Ab8 K19'D`1x<aD&k-*DdaP@F #@$pa2$H;SAFha&L>&C,=pwp0hRA
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DefaultShowIconInSystemTray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
description
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
dhk9 U+Pr;r3]9 U9 9 M9 AV9 uW9 +y9 iRD0 M9 I0 M& S19 0 U9 V0 U9 U0 ]utJ?vj?Z9 K;KuB s9 L!\Du#9 M!JL!Su9 M!Y9 ]9 S9 [9 MM0 Z9 U9 Z9 R0 S0 M9 J?vj?Z9 ]0 ]& +u9 ]j?0 uK^;v9 M9 J0 M;v9 ;t^9 M9 q;qu; s9 !tDLu!9 M!1K!Lu9 M!q9 M9 q9 I0 N9 M9 q9 I0 N9 u9 ]}u; 9 M9 Y0 N0 ^0 q9 N0 q9 N;Nu``LML s% }u9 9 M 9 DD) }uJ 9 MYJ 9 E0 0 D09 E& & 9
Ansi based on Dropped File
(~WRD0000.doc)
dhkU+Pr;r3]UMAVuW+yiDMIMS1UVUU]utJ?vj?ZK;KuB sL!\Du#M!JL!uM!Y]S[MMZUZRSMJ?vj?Z]]+u]j?uK^;vMJM;v;t^Mq;qu; s!tDLu!M!1K!LuM!qMqINMqINu]}u;MYN^qNqN;Nu`LML s%}uMDD)}uJMYJED0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DItWhtFltwf>luxl `f6uf~4u8f3uf~2ufdfifofufxfXRd/St~At+tY+t+ @0 0u u [u QPRYYtFF9|X+++3F tBPPPG}fFt:Ht3t+P@fYpegitqnt(otaU3V0 tff@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Djh^V>O& u%jh^VO& & FFf> tf9>& h uESuP! & & 9 E9 M0 H9 M0 x0 80 x0 x0 H_^[jhEY330 }j! Y0 ]30 u;5`P9t[9 9 @uH uAFwFP Y& "!P4VYYP9 @tPVbYYF 9 0 }hj8 Y9
Ansi based on Dropped File
(~WRD0000.doc)
Djh^V>Ou%jh^VOFFf> tf9>huESuPEMHMx8xxH_^[jhEY33}jY]3u;5`P9t[@uHuAFwFPYP4VYYP@tPVbYYF}hj8Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DllGetClassObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllRegisterServer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllUnregisterServer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
dMEc9 MEP 9 E9 u0 EEP9 9 }9 9 M9 u#3f> #u9hHSj"!MElMElMM"!l%F0 E& 9 u9 PhSj EPEPEP9 & uhEPZ9 & 9 @& jhxthtjP_9 & u
Ansi based on Dropped File
(~WRD0000.doc)
DOMAIN error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DownloadErrorCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DR}c 3F 0^2 P C0R$ ! [Ab8 K 19& 'D`1x<aD&k-*Dd 9 aP@F #@ $pa2$H ;SAFha &L >&C,=pwpaR 0hRA
Ansi based on Dropped File
(~WRD0000.doc)
DW9 0 E EPWEP9 EPWEP9 nEPEPWEP9 =WEP9 W9 9 9 M9 j9 MMVjto'9 39~ z9 Ee Tf 7hto Wqvrt.s& D9 ;u}9 ; PsM :M0 ]xE9 EP9 & "!9 M9 ~xEP9 E& t3;" M PEPQMh;u0jPMZ! ME89 MQMQj9 EME MEBME6M]+MM 95.r;t%P9 lS;tP9 Xj9 A8t-9 VB9 0jsD9 N& t9 F9 PQf^j" '9 9 }& u3S9 & t9 ;EuMl}eWM& t9 jW9 t9 jMM>}3@EV9 9 & u3+9 ;D$ut$9 t$j|$t9 3@^Vt$9 fv9 ^j<2MY8eEPM 99 MPE6! ME~9 Mx& t3MM(89 R9 Mh! 3FV9 D$tV}Y9 ^OjRf9 hqY9 0 Me& ta(3M& t
Ansi based on Dropped File
(~WRD0000.doc)
DWEEPWEPEPWEPnEPEPWEP=WEPWMjMMVjto'39zEeTf7htoWqvrt.sD;u};PsM:M]xE9EPMxEPEt3;MPEPQMh;u0jPMZME8MQMQjEMEMEBME6M]+MM95.r;t%PlS;tPXjA8t-VB0jsDNtFPQf^j'}u3St;EuMleWMtjWtjMM>3@EVu3+;D$ut$t$j|$t3@^Vt$fv^j<2MY8eEPM 9MPE6MEMxt3MM(8Mh3FVD$tVY^OjRfhqYMeta(3Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E PN,Q40 9 9 P<u}Qu9 9 E& |0 FpM9 B& uTE~PP9 Qh9 Q P9 Q^@W9 [Qh9 Qh9 QWN`:QhhPj
Ansi based on Dropped File
(~WRD0000.doc)
e! P}Ls69 ! 0 ! P}EQ6! P}E;69 ! $0 $9 ! (0 (9 j19 0 uL}E"!,}E`,}E{,M9 kzV9 T9 ^Tj.xh,& : Y9 0 M30 E;th-UPjDd1D9 M\EP(j3hM0 u1MEG#PhM$MVjEPMEWM>9 ;u;MEME +MM +9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
e%& EP]: TS}=Rm-
Ansi based on Dropped File
(~WRD0000.doc)
E'PMEh{MPkWcME}MC]E;Jh7h+YQj~frPuuN|e"QVD$tV<QY^j~fPuuN)EejF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E)EE C(EP[xuAjEVC0PMCUH]E]E]PE CHfKIVVUREEj}1E \$E }1\$ET$$PQ~7EWdu9uuuVVuuuuuuuuuu39u_3^[U(SVWuEF3;};UR]]PQFURPQEt'9] u"MWQuMuSuQwMQMWQuuSuuw7uvVP 3;ZF;9XEt!u uuuuuuYuM_F(E^xP]EjESF0PMEFH]E]E]E]PFHgNISSUREEj}1}\$E}1\$ET$$PQM~uuu3@Xun9tE9] u"EtSuuuuuu u uuuuuuu3_^[USVW}3;u3F;tN9^uF0Pt3vvDv@+5F;NE9]^$tG+F G+G9N ESQF;~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E*GE`B:}9 M$9 9 0 9 : ]<+t0 <-t& `}0 u0 uu&M`B:t<9}sE*GM`B:}*0 u<! nj~J0 M` 1 wj! +t HHt& ;j MjY@jo0 u`B:t,1<vJ(` 1 v:} tG+J0 MtHHt9 }9 E0 jX9Ev }|EOE0 E} Yj
Ansi based on Dropped File
(~WRD0000.doc)
E*GEB:}M$:]<+t<-t`}uuu&MB:t<9}sE*GMB:}*u<njJM1wj+t HHt;jMjY@jouB:t,1<vJ(1v:} tG+JMtHHt}EjX9Ev}|EOEE}Yj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E,EEEEPjhEEEEEPCv0vvP`jP'+j@,@*39]-;u!@;tuMem]+;E]~Gu?t.MQ,uPFPMEtMEt"EE;E|MM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E0:+_L.X)AzT&.*\ !R8 C ;H MS Shell Dlg PMv7 OKPj
Ansi based on Dropped File
(~WRD0000.doc)
E0:+_L.X)AzT&.*\!R8C;HMS Shell Dlg PMv7OKPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E1F9 F0 E9Uu9 M9 0 9 `9 O9 0 Mw; 0 UE}~M9 W#U9 M#Elf0f9v9 Mm9 EFMf}0 E0 M}f}|Q9 W#U9 M#E[lfv1F` ft Fu0H;Et` 9u :@}~uj0V u9 E 8u9 }4 $p9 9 WFk3%#+ESYx;r+F
Ansi based on Dropped File
(~WRD0000.doc)
E1FFE9UuMOMw;UE}~MW#UM#Elf0f9vMmEFMf}EM}f}|QW#UM#E[lfv1FftFu0H;Et9u:@}~uj0VuE8u}4$pWFk3%#+ESYx;r+F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E3SVu3W3]]t2uKShjSjhuu3}]EjSSW`Ej s}Yt#}tEFEF^F^^*EFEF~^^:tjSSW`FE_^[Vt$u^~tvXVlzY3^D$8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
e9 u;5lw"jx}YeV Y0 EE9 EjsY9 U9 V9 u! SW9 =$ =4uVjNThAYY|u& t9 3@PuVSY& u& uFVj549 & u.j^9Stu7Y& t9 u{PR0 0IR0 0_9 [V7Y5R3^]hd59 D$0 l$l$+SVW 1E3P0 eu9 EE0 EEd9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
E9E(}E(ELtMEXt8}tuu }tu jMEP4MEE0EeMEME3FMjh|kuMEM<EtE{cThh3uu3}uuuuVEPEPEPEPEPVjhujh;EPVVju;uj@};EPWVju;GlGpGXG\VTPhVjuE;tRuVVVVjP|;t<PJYE;t+SPVVjuxtuuoYYuEEE3}];tSt9utuY;tW;tSt9ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E9tFEE^[UQQSV3]9^t=FWUR]PQShjZWPuWE_F;t@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;8X;E;|E[j@j YYtVM *@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tF3@j d}tuuu81<u3Mk;eEPuu?uMMfDMEPMEu^jhx1MJEPEPuuER@EMu&D3MEMMCECMH;PjVt$jt$jt$ 6tF3^UE$Vt3MtI3u,Eu(Pu E \$E\$E\$E\$@\$@\$@\$$Q6'tF3^](VD$tVZY^j|={tMY:PhMeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tjE9]|WSW_^[jA33q(fE}9>uA$VPQ0tEua6MQWVP;u}EURP}QdhMcu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tRU$3EEMSVuWP3WWWWQEPEPM3q Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E=?sJMsB;r6PY;t)UEPWV}EH53_^[U0SV5W33;u.;t0#Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E@PMGPML>PSMd`& t}@u9 MpE0P!M EMLEM0E E`9 E`;EHRM\E=MdE#MEaMEUMEIME=M0 }29 Md0
Ansi based on Dropped File
(~WRD0000.doc)
E@PMGPML>PSMdt}@uMpE0P!M EMLEM0EE`E`;EHM\E=MdE#MEaMEUMEIME=M}2Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EaflfpLj :Kuh@MEfM\feNM,eE~[uMhat?EP7^jtMtPj7PW2LYMju9aEE;E|E~PpbMtPeEPEPbujPE`NtEeNPEeEkMMn`hKj:J@VMe\tt}tMMe3RMMeuvhVMPeuMG$3MMLetPJjiIh@MeM=\MteeuukJjiIh@MdM=\MtddjCYMPe4JUQh@MmdM\xd`j;IEHtwHtRHt0HhBYME:jdBYMEts4nhBYMEtQ\PL~tYhBYMEt)v!hjBYMetX3MtPu2YYHVdD$tVIY^V6D$tVHY^D$VtVHY^jE;Gu^@,^3N\}^NxE^ME~~~,MEMF$N\F(j~~0~4~8PjPNxjPM~~<~EGUVq\/~HEP`^eMtjPMtjEPEPt^ujP^UQeS]EPS\ftFMt?VW+tNu1}t*7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEEES]W=t)PSEEEt<~|tPSu=m9EtEEEEhEPtPfPStuS_[^j`U;E+EMPE+EPv}3WujWEEu9slt$PEEPWus|EuP;t@9s|t#9uu9tEVPWM<EVPWMd;uA9uu9s|t)VVEP;t&EVPWM1;u9sluE+Luuuu}uWuWMMuE:Ul$3ElExSVWEE|jEE=PujEEjPbDtBhEjP>DjdEPvt<EPhEPVEhEP*P PuuuuEMMEMl_^3[53pUVjEPtEEtE+EEEMMEtE+EEEMMjEPA^UQQeeVEPEPuEuEui^UQQVEPEPuuu?^3HHHHV~uPjP^V~uPFt>W=jjPFuvuPjvv_fF^AuPAuPUVtEW}WuvuuWttVtV_^]3@VW|$VjW~3_@^3@3@3@3@D$AA3+t8HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEEPSYYt"MxEEPSYYtE39]fD~HH_^[UuuuuuhR}]UWVuM};v;r=tWV;^_u^_]ur*$r$$$(#FGFGr$I#FGr$#r$Ixph`XPHDDDDDDDDDDDDDD$E^_E^_FGE^_IFGFGE^_t1|9u$r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EeH}fvM$;uj+t&-t!;tCpE~;`j+jyHfLM$;O;^UG}#f9w"}sME*EEf;sM$;H+n-eC}}}u2Mf;t!f9w }sEM*EMf;s}fAjeJMHfwjO+t +tjQMjYj>}f;tfv+(Hfvf;} t@+JMt+t}EjX9Evs}|EEEHEaj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEPvMMTVQ}0^0V}@Ul$3j(co$ E(E3VPf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EE}}}};tptWp0MMUR}P@jEWPEG9hLBYEE;t3ejh|Es4sjpu3VVPLjejhbVVjjpPu3URPPEPEPEM;M|E;tptWp0MMUREPDjEWPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EFjHVEM]u3@5MtEesu}jspMC$3<CjEjEPMu}u39XtZM;jhxME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY*EeE@jPEYEY#+}u]}vrGGuPFPSjj*u_wCtM3VjVVt$L$e3jjVW|$v9~s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY*EeE@jPEYEY)}u]}vrGGuPFPSjjFu_wM3Vj!VVwUQVW}9~sRF+;EsE}vPNSVr]Ur]+PUUBPE+QxPF+P[_^jk}uvu'3j[OMmU;s+;w4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY9 *9 E0 e0 E@jPE& Y0 EY)9 }9 u9 ]}vr9 GGuPFPSjj9 Fu9 0 _0 w}9 M3Vj!VVw U9 QVW9 }9 9~sR9 F+;Es0 E}vP9 NSVr9 0 ]0 Ur9 9 ]+P0 U9 UBP9 E+QxP9 F+P9 [_9 ^jk 9 0 }9 uv9 u'3j9 [9 O0 Mm9 U;s+;w4
Ansi based on Dropped File
(~WRD0000.doc)
eFjPYY9 *9 E0 e0 E@jPEY0 EY#+9 }9 u9 ]}vr9 GGuPFPSjj9 *u9 0 _0 wCt9 M3VjVV" t$9 L$e3& S`jj VW9 |$9 v" 9~s
Ansi based on Dropped File
(~WRD0000.doc)
EG EGEFE+VNW4CWssPCPIW4EEFEG EGEG0;s+HG,+}Et3}DEnCCCC&}EMeMEEEC9Er4#EKHmE@)EEMu@CvMtK@CW@uKHCA -}EMeMEEEC9Er4#EKCm)ECCCC&}{EMeMEEEC9Er4#EKHmE@)EMtCACb@3CA}EMeMEEEC9Er4#EKCm)EO(+CE;sG,+EEEE;G(rE{u}G,;uG0O(;t;s+HG,+uXuW4VWW4EG0;s+HG,+O,E;uO(G0;t;s+H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EHY]E P]UE8;r=w`+PY] P]UME}`QY] P]UVuFttvBZf3YFF^]U(SVuW3E}}}FFf> tat8rt+wtWWWWW`93S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EI CDialogChildShadowFrame Window Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI CMovingFrame Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
eM& t3MMy%9 : MMEME7M9 PVM]M9 EMESjLaEP eM& & t3MM$9 aMaMEM9 sjuMEPVMyM9 ESMEU" j$)"!9 }u
Ansi based on Dropped File
(~WRD0000.doc)
eME ]EPMN=PMPEdME_]SEPPE0PM`; >& xPM->MhE"kxE TMP9 xTWPMhxo;t.MPbTP@9 ;thTW<;tW8VTVX9 Mt;t9 jMhEjxE\M`EMEME
Ansi based on Dropped File
(~WRD0000.doc)
eME]EPMN=PMPEdME_]SEPPE0PM`;>xPM->MhE"kxETMPxTWPMho;t.MPbTP@;thTW<;tW8VTVXMt;tjMhEjxE\M`EMEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Em}]3tjZttt tt#t(=t=t;ututU395}]Eyj^ttttt`#t* t@t;u@#@t-t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
End : return %d (from SetRegEntry)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d (RegDeleteKeyW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return 0 (RegOpenKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (GetStringFromRegistryValue failed)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegCreateKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegCreateKeyW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegEnumKeyExW returned ox%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegOpenKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegOpenKeyExW returned ox%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegQueryValueExW dwordType==REG_BINARY)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegQueryValueExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegSetValueExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (wStrValue from registry is empty)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EP9 iuEP9 H0 E}tt9 ZPh.SjoWM4& 9 XZPhX.SjF9 0 et*W!lME5WEPM50 E& u0 e9 EPkM5ME0 bMEME529 YPh$.Sjh 0 EE& j9 jJU9 0 }MMEN& tOj9 0 eWTkE9 0 ePE?kME3E9 0 eP"kMF40 E-WEPM40 E& uE9 0 ePjM4MEIe9 } POEh9 0 GD PO$hj8tRY0 EE& t$sY0 EE& tj9 U39 M9 9 EO(0 G49 E0 G,Et)KXPh-Sj99 & tQW9 )G"XPh-SjW9 Tv$& tWj5(v$9 j9 9 MWPh-SjMM&_jaz9 0 uu"e}.W9 EV9 Eu 9 E0 ~g9 ja9 0 u. 9 E& t9 j'9 & t9 j'}E`_}E{_M9 zjb" 9 39x j8" Y0 E0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
EPEPs9 N$9 Fhj"!_9^\t+9 9 } u+Q9 _^[S9 \$VW39 ;u3: 9 S& tt$9 D$W0 F09 D$Pv(0 ^4v$9 WWh WN0 F,}&Ph 9 hWWWWjP0 F h9 9 9 R9 N8;tv,vp9 9 Pp9 9 Pl9 3@_^[y`u9 jjV9 ol& t2W9 |$tu9 9 Pl~`tjj9 ! Wv0 _^U9 QQVEP9 9 M9 U ;u; tR0 Q9 0 P R9 6^9 D$;Adu
Ansi based on Dropped File
(~WRD0000.doc)
EPEPsN$Fhj_9^\t+u+Q_^[S\$VW3;u3Stt$D$WF0D$Pv(^4v$WWhWNF,}&PhhWWWWjPFhN8;tv,vpPpPl3@_^[y`ujjVolt2W|$tuPl~`tjjWv0_^UQQVEPMU;u;tRQP6^D$;Adu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPEPw.YYME>v9 NPWWjoEPak9 NPWWjlEP`k9 NPk9 NPWWjkEPrk9 NPWWjjEPbktE9 .MEuMEuMEuM0 ]u3@U9 QQSVW9 =49 3+FT=v8EP 9 & t/9 NPjuuk9 NP9 & t9 jfP0 FT3& " _^[j7)s9 9 u& u3uj|ml~0oucj gY9 0 M30 u;tV@/3P@oV)j <Y9 0 ME& tj\/3P0 pj5(wD3@3V9 xD$tVY9 ^Ajv)9 0 u=3j
Ansi based on Dropped File
(~WRD0000.doc)
EPEPw.YYME>vNPWWjoEPkNPWWjlEPkNPkNPWWjkEPrkNPWWjjEPbktE.MEuMEuMEuM]u3@UQQSVW=43+FT=v8EPt/NPjuukNPtjfPFT3_^[j7)suu3uj|ml~0oucj gYM3u;tV@/3P@oV)j <YMEtj\/3Ppj5(wD3@3VD$tVY^Ajv)u=3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPEP}39[huEuEYEu;t3Mejh|.s4sjfu3VVPLVhVhVhVjK<jfPhYEE;t>3Mejh|ms4sjeu3VVPLVhVhVhVj_WK<jePhTYE};tZ3Mej|VejVEs4sMhu3VV>\jejhVVVVZ[h`ad[K<hPuuf50jpjpjpn=0tpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPiuEPHE}ttZPh.SjoWM4XZPhX.SjFet*W!lME5WEPM5EueEPkM5MEbMEME52YPh$.SjhEEjjJU}MMENtOjeWTkEePE?kME3EeP"kMF4E-WEPM4EuEePjM4MEIe}POEhGDPO$hj8tYEEt$sYEEtjU3MEO(G4EG,Et)KXPh-Sj9tQW)G"XPh-SjWTv$tWj5(v$jMWPh-SjMM&_jazuu"e.WEVEuE~gjau.Etj'tj'E_E{_Mzjb39j8YE];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ePLs6PEQ6PE;6$$((j1uLE,E,E{,MkzVT^Tj.xh,YM3E;th-UPjDd1DM\EP(j3hMu1MEG#PhM$MVjEPMEWM>;u;MEME+MM+Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPM u9 E9 MPR uMVvMM9 9 E9 I0 0 H^1YVW9 w9 p{9 0 @9 g0 9 6_0 v^VW9 w9 p9 0 @9 g0 9 6_0 v^U9 QVQ0 e0 eu9 9 ^Vt$9 u49 ^4qV9 4qD$tVIY9 ^jP,0 Mh xSjB>}& x9 u& M eM ME 9 MEP9 Ey9 u0 EEP9 9 }9 Y9 M#u>hSj=MEL0 ME@0 MM40 3<EPEPEP9 & tEPEP9 r9 FVPMEPM t9 F9 VPM9 E0 E9 E0 E9 FVPMEPM t
Ansi based on Dropped File
(~WRD0000.doc)
EPMEM03F<|$u3jt$tL$t3@US3W9]u3MVSSjSjhuut*;t&EPVE;tE;uVX3^_[E@PE3]sY;uuuSVSEPuV=9]tE}9]u$EPVYY;tu>SPwSEPu>PuhuuXuMV>5V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEME%uTuXSh 6w6M]: MMyj,&y9 MaeME.& t`PvM1>MMFyhx0 M39Y(& MM0 ]b; ,TSSSjj,Ev,; & j9 0 M;tq`Y3;0 E~S9 MWP}9 ;t>VM";t1SM9 EpFjP$VMEhME(G;}|SyYPMl,]MM@xjH@w9 9 M3;tj9 ;t_MM0 ]~VMECM;t$;tSMSjdwwM]uMMxjk8w9 utj >qYY9 0 Me& tj3Pj5(vwj,&vM:9 Me!& uuMu9 M& uuMuMMnwj .! v9 M33;u3 M9 0 u& }S9 MV~& MQ9 / PME! MEM1hTM& t@h@Mk& t*hDRMU& thM?& tF;RdMM|9 vj|xu9 9 M& i9 & ZEP9 }ehM& *h9 P9 Y& & x0 EPxEh`REP9 E& hEP9 E& EPEPEP9 Etohx9 w & t_MhEP9 E: }EPj nYY0 EE& tj9 #3Pj5(wME1ME%MEME
Ansi based on Dropped File
(~WRD0000.doc)
EPMEME%uTuXSh6w6M]MMyj,&yMaeME.tPvM1>MMFyhxM39Y(MM]b;,TSSSjj,Ev,;jM;tqY3;E~SMWP;t>VM";t1SMEpFjP$VMEhME(G;}|SyYPMl,]MM@xjH@wM3;tj;t_MM]VMECM;t$;tSMSjdwwM]uMMxjk8wutj >qYYMetj3Pj5(vwj,&vM:Me!uuMuMuuMuMMnwj .vM33;u3 MuMV~MQ/PMEMEM1hTMt@h@Mkt*hDMUthM?tF;dMM|vj|uMiZEP}ehM*hPYxEPxEh`EPEhEPEEPEPEPEtohxwt_MhEPE}EPj nYYEEtj#3Pj5(wME1ME%MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEX& t!SEXPE09 0 e\P0 }X]M`l(ME_TMEST@E2M0E8TEPMSE9 0 e\PEm]M`E'EPMjSE9 0 e\PEC]M`'EDPMMTE
Ansi based on Dropped File
(~WRD0000.doc)
EPMEXt!SEXPE0e\P}X]M`l(ME_TMEST@E2M0E8TEPMSEe\PEm]M`E'EPMjSEe\PEC]M`'EDPMMTE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMuEMPuMVvMMEIH^1YVWwp{@g6_v^VWwp@g6_v^UQVQeeu^Vt$u4^4qV4qD$tVIY^jP,MhSjB>}uMeMMEMEPEyuEEP}YM#u>hSj=MELME@MM43<EPEPEPtEPEPrFVPMEPMtFVPMEEEEFVPMEPMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPQuVt$jh2(t(jh2(tjh2r(t3^3@^|$t|$t33@V3uhhLtjPhlt,PQ^|3@3tPQu!!V2^2=tVD$tVY^jaeeeEPhLtjjhlt,EtMtPQ3'URuPQMEuutPQVt$PxP^Ul$3je3];t$t29th'jh@SP<}h8ESP]k"PMuE];t3<VQPR;]URh<tPEE;t?UR<PQ;|;uEUR@PQ;|;t@E];tPQ;|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Epu\M`h*jEPEXE;tPQME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPY9 M39 U9 4 30 E9 E9 M0 E9 ES0 E9 V0 E9 EW30 M0 }0 };E _9 5MQP9 & t^}uXEPu& tK}uE9 uEuu~9 YF;~[wSD6=w/?9 ;t8-WWuuju9 ;u3PHY;t0 E0 }9}t6PWuvVuuuju& t9 ];tWWuSVuWu & t`0 ][9 9}uWWWWVuWu9 ;t<VjGYY0 E;t+WWVPVuWu;uuY0 }}t9 M0 uY9 Ee_^[9 M3<jhF)30 ]j~ Y0 ]j_0 };=`}W9 P9tD9 @tPYtE|(P9 P P4YP0 G~E9 Ej? Y9 U9 }u3]9 U9 MMtf& tf;uAABB
Ansi based on Dropped File
(~WRD0000.doc)
EPYM3U43EEMEESEVEEW3M}};E_5MQPt^}uXEPutK}uEuEuu~YF;~[wSD6=w/?;t8-WWuuju;u3PHY;tE}9}t6PWuvVuuujut];tWWuSVuWut`][9}uWWWWVuWu;t<VjGYYE;t+WWVPVuWu;uuY}}tMuYEe_^[M3<jhF)3]jY]j_};=`}WP9tD@tPYtE|(P PP4YPGEEj?YU}u3]UMMtftf;uAABB
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Error finding notification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Error retrieving notification id
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ERROR_REPLY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ErrorCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ESP9 aMEM03F<9 |$u3jt$St9 L$& t0 3@U9 S3W9 9]u3MVSSjSjh u9 0 ut*;t&EPV9 0 E;t9 E;uVX3^_[0 E@P0 E30 ]s9 Y;uuuSVSEPuV=9]tE}9]u$9 EPV9 YY;tu>SPwSEPu>Puh& uuXu9 MV>& 5V
Ansi based on Dropped File
(~WRD0000.doc)
Et3Wh,VPMM"hVj3j4=N]uMPh|Vj39{uh<Vj3ME}uME;uhVjNMEM93fMPMFlCWPECWPCURuPf}tetPhh|jeEPMEMHM5/jMEi5Ph`h|jeME/M#]39u9uMMEMhEPE$PM;t6EPjEP?E;t29ut-eu)9h4h|jME[ MMu39uh h|PE1jBJueNfffjkNuFEtPYfNEM}D$VW|$wWJYPF5YFt39Fv8N@;Fr_^UQW39=@t3S]VPPuuh(VjbEPEPWh?WWWuu(;tPhBRu*uDPPjh|uWuu4;tPhX3VAAQ3u$h|Vj3@^[_UQVuuhVjEPjjuu0uu$h|Vjk3@3PhVAAQL3^UQQVWuuhVj#EPj3Wu}u0;t3PhhVAAQ3:WWWWEPWWWWWWu8uu$uhDVjE_^U$` 3SVWPWVhSjEMU3E9Euh@Sj;3MQjPWV03;urhEWPEEPEPEPWuEu,;u#}tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EtVY9 ^]9 U9 V9 VEtVY9 ^]9 U9 V9 VEtVyY9 ^]9 U9 V9 uW3;u3e9}uvj^0 0WWWWW9 E9}t9urVuu0uWu9}t9us: vj"Y0 9 jX_^]9 U9 9 EVW3;tG9}uqvj^0 0WWWWW9 )9}t9EsLvj"Y0 9 Puu3_^]9 U9 9 Ef9 @@f& u+EH]9 L$t$` tNu$$9 ~3t9 A t2 t$ttA9 L$+A9 L$+A9 L$+A9 L$+9 U9 9 El]9 U9 ( 30 ESjL& jP& 0 & (& 00 & ,0 & 0 0 " 0 0 0 fR" fRfRfR& fRfRS& 9 EM& 00 & 0 9 I0 & & 0 & 8 j9 < & (P@ & u& ujtYh P 9 M3[)9 U9 5l [Y& t]jvtY]3PPPPP9 U9 9 EVWjY(V}0 E9 E_0 E^& ttE@"!EPuuu4 5$[Y& tj:ujjus9 9 P9 +B9 R& t++9 U9 Q9 @S9 XV3W9 x& v'9 9 M0 E9 ;tDQP+YY& t1F;r3_^[9 @u9 9 M;tQP*YY& tF;r9 E9 U9 9 P3& |9 9 U9 V9 p2^9 ]9 U9 9 @MS9 X3VW9 x0 M0 M0 M0 M; 9 E9 4! +E;Ev29 9 M;tQP_*YY& u9 E& uP9 E0 E9 F0 u0 E9 9 M;tQP-*YY& uuFGY;Eu
Ansi based on Dropped File
(~WRD0000.doc)
EtVY^]UVVEtVY^]UVVEtVyY^]UVuW3;u3e9}uvj^0WWWWWE9}t9urVuu0uWu9}t9usvj"YjX_^]UEVW3;tG9}uqvj^0WWWWW)9}t9EsLvj"YPuu3_^]UEf@@fu+EH]L$t$tNu$$~3tAt2t$ttAL$+AL$+AL$+AL$+UEl]U(3ESjLjP(0,ffffffEM0I8j<(P@uujtYhPM3[)U5l[Yt]jvtY]3PPPPPU EVWjY(V}EE_E^ttE@EPuuu45$[Ytj:ujjusP+BRt++UQ@SXV3Wxv'ME;tDQP+YYt1F;r3_^[@uM;tQP*YYtF;rEUP3|UVp2^]U@MSX3VWxMMMM;E4+E;Ev2M;tQP_*YYuEuPEEFuEM;tQP-*YYuuFGY;Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eu uvHMXB 9;5SM]=];9 ~ Z] TR7a9 Z9 %]0 g" '] nL: `R`%u?q=
Ansi based on Dropped File
(~WRD0000.doc)
eu;5lw"jxYeVYEEEjsYUVuSW=$=4uVjNThAYY|ut3@PuVSYuuFVj54u.j^9tu7Ytu{PR0IR0_[V7Y5R3^]hd5D$l$l$+SVW1E3PeuEEEEdMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EURPQ EPQ}uuEUeVWwFwt9EP6f}u9}t3uueEPMVE_^Mjh|?jA5;Ew(39uG$VPQ06MQu]VP;|mE;tf]URP]Qd;|@h$M>t/jP/YME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
euuvHMXB9;5SM]=];Z] T7aZ%]g']nL R`%u?q=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EVP>YYM_^3[39 A@tyt$IxQPYYuUVMEM>t}^]UG@SVt2u,E+M}C>u&8*u?d}^[]Ux3ES]Vu3W}u%u53PPPPP@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EVPx>YY9 M_^3[ 39 9 A@tyt$Ix9 QPxYYu9 U9 V9 9 M`EM>t}^]9 U9 G@SV9 9 t2u,9 E+`M9 }C>u&& 8*u9 ?d}^[]9 U9 x 30 ES9 ]V9 u3W9 }u0 0 0 & 0 & 0 & 0 & 0 & 0 & 0 & %& u5~ 3PPPPP@ t
Ansi based on Dropped File
(~WRD0000.doc)
EwW[M_3^:r0uU S39]u `SSSSS(VuW};t!;u0SSSSS'jE;w}uEuEBuuPuUE;t4;|"MxEEPSYYtE39]\>HH_^[US39]uSSSSS;'[Vu;t9]w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EwWM_^3[$z*>Ut3ES]VWu}fU#]EEEEEEEEEEEE?EMftC-C u}fu/u+u'3f;$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
execCommand
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EXEtEHEtEHEtEHEtEHEuE3H1HE3H1HE3H1HE3H1HE3H#1HvtMItMItMItMI tEX#t5=t"=t;u)E!EEE #t =t;u"E EEEM31EX 9} E}t&` EEXEX`E``EXP4H H EEXEX`EH`H`EXPOEPSju4MAt&At&At&At&Yt&3+t/HtHtHu( %
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ExitProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
E}9}urE lTtXtCHt/tuCE9}u:eE09}u%UEut3FFf;9}FFf> tjVh^lS`j XFFf9tf>=GFFf9tjh^V]Ou
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E~,P9 9]tu0 ]EPEP9 ~& uEP9 aEPEP9 Z9 =h 9]tuEPEP}5& uE}P@~
Ansi based on Dropped File
(~WRD0000.doc)
E~,P9]tu]EPEP~uEPaEPEPZ=h9]tuEPEP5uEP@~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E~<9 Ejh|9 ME`REP9 E}9 j%9 Pe9 & ~.9 ju9 0 E}P9 E9 E9 S9E|9 M30 ^8`& }! 9 MS{}P9 & tIM~& uRj=Y0 EE& tMQ9 /9 3jMEx}WN$9 MS}PM9 MC;RyM~& u;jY0 EE& tMQ9 }9 3jME}WN$!ME@& MM4& 9 <V9 N$! 9 L$;~t$0 N89 z3^j|_A,9 eM{EPu9 E& u$3ME MM 9 u~$9 D& t9 j9 E9 0 ePEPxMSE9 ue9 & }M/{EPxEjY9 0 ME& tEPu3PV9 EF}t8C9E}0jEY9 0 ME& tEP73PV9 EFMEE9]R_xE" 3FVjXt$9 f0 0 F& u9D$t
Ansi based on Dropped File
(~WRD0000.doc)
E~<Ejh|ME`EPEj%Pe~.juE}PEE9E|M3^8MS{}PtIM~uRj=YEEtMQ/3jMEx}WN$MS}PMMC;yM~u;jYEEtMQ3jME}WN$!ME@MM4<VN$L$;~t$N8z3^j|_A,eM{EPuEu$3MEMMu~$DtjEePEPxMEueM/{EPxEjYMEtEPu3PVEF}t8C9E}0jEYMEtEP73PVEFMEE9]_xE3FVjXt$fFu9D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F :t@ OR2X5k`sPQq}`!";5#NS(sh6.uR:(RSx! SMu0
Ansi based on Dropped File
(~WRD0000.doc)
F T>0 ~(9~$uF$d>jjv(V 0 F;uj0 x9 F0 x9 F@9 F@9 F9 @h %B=PV49 N0 A9 FV9xu'YY3_^U9 Q9 Ettt
Ansi based on Dropped File
(~WRD0000.doc)
F T>~(9~$uF$d>jjv(V F;ujxFxF@F@F@h%B=PV4NAFV9xu'YY3_^UQEttt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f& tf;t+ }t9 Map_^[9 U9 V3W95Tu39u 9 };uo\VVVVV`9 U;tfArfZw fArfZw GGBBMt
Ansi based on Dropped File
(~WRD0000.doc)
f& uW;t0+9 W& VPh3f0 =& PSo3f0 & & tS& WPpcV& WP& P _uj& PX 9 M^3[NU$,T 30 & S9 VW9 t$ 99 F9 ;tEt6<Y9 N;x};x}P6Y9 9x|<PdYY0 ~EPS69 & 6NY }t3& ~
Ansi based on Dropped File
(~WRD0000.doc)
f0 @@BBf;tKtMu9}u3f0 ;& t3}u9 MjPf0 DNX^f0 Vj"Y0 9 d9 U9 VWuM9 E9 u3;t0 0;u,rVWWWWW }t9 E`p39}t}|}$9 MS`0 }~~EPjP-9 M9 B& t`G -uM +u`G9 E& RK B$9& u* 0tE
Ansi based on Dropped File
(~WRD0000.doc)
f0.hMH9 T$B9 J3e\hM%9 T$B9 J3e9 `3egM9 T$B9 J3 e9 `3`egMM9 T$B9 J3_e gM9 T$B9 J3<e]gM 9 T$B9 J3e@:gMT9 T$B9 J3dlg9 M:9 M&9 M$9 M49 MH9 MX9 T$B9 J3Sdf9 M99 T$B9 J3ydaf9 M99 MujY9 T$B9 J3Ad( bf9 Mj99 Mq9 T$B9 J3d\ 4f9 M=9 M,9 Mhy`9 M9 M9 MO`9 MP9 M `9 M%`9 Mn9 MD`9 M|0 9 M9 T$B9 J3Nc oeM0 uiY9 T$B9 J3!c!BeuiY9 T$B9 J3bH!euxiYM-M%9 T$B9 J3b !dM9 T$B9 J3b!du iYuiY9 T$B9 J3ub! d9 Mx9 M,=9 Mh9 M$9 M9 M9 MP9 M 9 M! 9 M9 MDk9 M|]9 MA 9 M3 9 T$B9 J3a"cM(MMG9 T$B9 J3oa9 J3ea" cM(MM9 M9 T$B9 J3*a"Kc9 ML,9 M$Z9 M4O9 MA9 M39 T$B9 J3`#b9 M+9 M$9 M49 M9 M9 M9 T$B9 J3r`h# bM9 T$B9 J3O`#pbufY9 T$B9 J3*`#KbM.s9 T$B9 J3`$(b9 M!9 T$B9 J3_H$bM,9 T$B9 J3_t$aM$2fY9 T$B9 `3}_9 J3 _$aMM9 MM9 T$B9 J3I_$ja9 M 9 T$B9 J3&_%GaM,aMY9 T$B9 J3^L%aMq9 T$B9 J3^x%`Mq9 T$B9 J3^%`M d9 T$B9 J3 ^%`M qMM9 T$B9 J3_^& `9 M)9 M<9 ML 9 M\y9 Mk9 M]9 T$B9 J3]0& `M,:9 T$B9 J3]R&_M9 T$B9 J3]&_Mhx9 T$B9 J 3 ]&_9 M)#9 MMq9 T$B9 J3]] '~_9 M"9 M`9 T$B9 J3,]T'M_M0p9 T$B9 J3] '*_MD9 T$B9 J3\'_M!M9 T$B9 J3\'^MM2MMM9 T$B9 J3x\("!^M\9 T$B9 J3U\X(v^MTMM 9 T$B9 J3"\ (C^M]M,2MMM: M=M59 T$B9 J3[(]Mf2M
Ansi based on Dropped File
(~WRD0000.doc)
f0.hMHT$BJ3e\hM%T$BJ3e3egMT$BJ3e3egMMT$BJ3_egMT$BJ3<e]gMT$BJ3e@:gMTT$BJ3dlgM:M&M$M4MHMXT$BJ3dfM9T$BJ3ydfM9MujYT$BJ3Ad( bfMj9MqT$BJ3d\ 4fM=M,MhyMMMOMPMM%MnMDM|MT$BJ3Nc oeMuiYT$BJ3!c!BeuiYT$BJ3bH!euxiYM-M%T$BJ3b!dMT$BJ3b!du iYuiYT$BJ3ub!dMM,=MhM$MMMPMMMMDkM|]MAM3T$BJ3a"cM(MMGT$BJ3oaJ3ea"cM(MMMT$BJ3*a"KcML,M$ZM4OMAM3T$BJ3`#bM+M$M4MMMT$BJ3r`h#bMT$BJ3O`#pbufYT$BJ3*`#KbM.sT$BJ3`$(bM!T$BJ3_H$bM,T$BJ3_t$aM$2fYT$B3_J3_$aMMMMT$BJ3I_$jaMT$BJ3&_%GaM,aMYT$BJ3^L%aMqT$BJ3^x%`MqT$BJ3^%`MdT$BJ3^%`MqMMT$BJ3_^&`M)M<MLM\yMkM]T$BJ3]0& `M,:T$BJ3]&_MT$BJ3]&_MhT$BJ3]&_M)#MMqT$BJ3]] '~_M"MT$BJ3,]T'M_M0pT$BJ3]'*_MDT$BJ3\'_M!MT$BJ3\'^MM2MMMT$BJ3x\(^M\T$BJ3U\X(v^MTMMT$BJ3"\(C^M]M,2MMMM=M5T$BJ3[(]Mf2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F61 FCA;GIF89a? : x " {Sx"!: a"!!?,xpH,`hV:FC ``2xG$y (SY ! a@"
Ansi based on Dropped File
(~WRD0000.doc)
F61 FCA;GIF89a?{x!?,pH,`hV:FC`2G$y(SYa@"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F61 HA;GIF89a? a {S x"! S: x : "! !?,xpH,kac1Z y"@ aH@l
Ansi based on Dropped File
(~WRD0000.doc)
F61 HA;GIF89a?{x!?,pH,kc1Z y"@H@l
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f8t33@t$t$9 & t3& " I9 & t3@t$t$ YYt$9 AP9 D$p6t$9 z& t3& " I9 & t3@9 It$QYYt$@t$R@t$a@V9 W9 ~& u_^GGP<"!Y& u;~t9 F9 V9 ++BRWP_9 ^: S9 V9 s& t>W3f& t2PY& t& u9 3FFf& u& t3f0 _^9 [S_^[V9 ~t
Ansi based on Dropped File
(~WRD0000.doc)
f8t33@t$t$t3It3@t$t$YYt$APD$p6t$zt3It3@It$QYYt$@t$@t$@VW~u_^GGP<Yu;~tFV++BRWP_^SVst>W3ft2PYtu3FFfut3f_^[S_^[V~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f9 0 fttjfTtdfft^fFtXf, f[ujY9 0 ME;thM_f{& j8Y9 0 ME;t?6jY;t00 x $9 #j Y9 0 ME;t9 M9 VS9 P& t9 MW9 E9 9 j9 f]& E9 ED$V9 #tVY9 ^V9 RD$tVY9 ^V9 D$tVY9 ^V9 #D$tVY9 ^j.9 j8: Y9 0 M30 u;t 9 MV9 9 3jRN9 9 }9 & uaEP3W0 uYY;tLu9 Rf{uCj8&Y9 0 M0 u;t$9 9 MMQW9 P9 & u79 j9 3f[ujY9 0 ME;t59 K& t9 j0 s9 V9 #D$tV0 Y9 ^j/\l9 9 M 9 }0 E9r3@30 u0 u3WuYY; 79 MZ~f"uqj.Y9 0 M0 u;tA9 9 MWu9 P& 9 ~MQ9 P3@}0 Eu9 K0 E& t9 P0 s0 sMM{ #f: f[u/9u "jY9 0 ME; f{u/9u j8oY9 0 ME; e f-tof0rf9vcfttAfTt;fft5fFt/fnt
Ansi based on Dropped File
(~WRD0000.doc)
f9 ^t$0 F& uh j<_a9 0 }30 ]9@tMMEu3Mjh(M{MElEP9 EMM}m& uh(M|MVlPM|Mdm& u+hp(M|M,lPM |h9 M`|EPM}SSSS9 EkP 9 ;u83MEztMEntM]ctMMWt9
Ansi based on Dropped File
(~WRD0000.doc)
f9fttjfTtdfft^fFtXf,f[ujYME;thM_f{j8YME;t?6jY;t0x$#j YME;tMVSPtMWE9jf]EED$V#tVY^VRD$tVY^VD$tVY^V#D$tVY^j.j8YM3u;tMV3jRN}uaEP3WuYY;tLuRf{uCj8&YMu;t$MMQWPu7j3f[ujYME;t5KtjsV#D$tVY^j/\lM}E9r3@3uu3WuYY;7MZ~f"uqj.YMu;tAMWuP~MQP3@}EuKEtPssMM{#f:f[u/9u"jYME;f{u/9uj8oYME;ef-tof0rf9vcfttAfTt;fft5fFt/fnt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F:t@O2X5k`sPQq}`!";5#N(sh6.u:(RxSMu0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f; " 09 f;rf; v]9 U9 uMVE9 M`U Tu}t9 M9 0 A#E3& t3@ }t9 Map9 U9 jjuja]9 U9 30 ESV3W9 9u8SS3GWhhS& t0 =Pxu
Ansi based on Dropped File
(~WRD0000.doc)
f;0f;rf;v]UuMVEMUTu}tMA#E3t3@}tMapUjjuj]U3ESV3W9u8SS3GWhhSt=Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F;7|judYYh WM7h DEP9 ucsm9>& ~& ~9 F;t=! t=" & e9 } EPEPuu W! 9 9 E;E 9 E9;G|9 G0 E9 G0 E& ~l9 F9 @X9 0 E& ~#v9 Pu0 E& uM9EME}(u$9 ]u EuuuuV9 uK9 uE]9 } }t
Ansi based on Dropped File
(~WRD0000.doc)
F;7|judYYhWM7hDEPucsm9>~~F;t=!t="e}EPEPuu WE;EE9;G|GEGE~lF@XE~#vPuEuM9EME}(u$]u EuuuuVuKuE]}}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F;Eu3GEWWWjPvHd;t~}uWYFEFtPhF^u3MWjPNXFXFN@HF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;tf;t+Vuuuw_^]9 U9 9 UV9 uWf& tBBFF+t_^& }]~3@]9 U9 SVuM
Ansi based on Dropped File
(~WRD0000.doc)
f;tf;t+Vuuuw_^]UUVuWftBBFF+t_^}]~3@]USVuM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F=7!!3FCA;GIF89ax0 | ]lr9 r }x! p ia ~" v`B0 St~q}WmV gT x{u " pQ a p{R g s " !x, x & ! 0 5We
Ansi based on Dropped File
(~WRD0000.doc)
F=7!!3FCA;GIF89ax|]lrr}xpi~v`Btq}WmVgT{upQp{Rgs!x,x5We
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F=7!!3HA;GIF89a? : x " {Sx"!: a"!!?,xpH,; cYUD ND )|> vc2<Ng!X 0 40?y9 0?-9 >6?4)?#?8
Ansi based on Dropped File
(~WRD0000.doc)
F=7!!3HA;GIF89a?{x!?,pH,;cYUD ND)|>vc2<Ng!X40?y0?->6?4)?#?8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f@@BBf;tKtMu9}u3f;t3}uMjPfDNX^fVj"YdUVWuMEu3;t0;u,rVWWWWW}tE`p39}t}|}$MS}~~EPjP-MBtG-uM+uGEKB$9u*0tE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f^t$Fuhj<_}3]9@tMMEu3Mjh(M{MElEPEMMmuh(M|MVlPM|Mdmu+hp(M|M,lPM|hM|EPM}SSSSEkP;u83MEztMEntM]ctMMWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
failed to read file
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FakeAutoUpdateInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FDIIsCabinet
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FFFPEE0Gkj7jueeEPu3ECPM]PMEM]JM-MhEP]ME"E4kjMjEPM#ueMMjjHjjueus+uE9C}Mjh|oMjh|rZMl3FGPM}EU3fpKVQQPMMEPM}E:EAjj R2Zij\7uMtjMtiSa}t*FPjEPMeP^MM}t+jFVEPMPE-MMijHjhej\j}vMV>.@PEPoM3EFPuMuE2E9iUQeVj\2Pju$E^j.+hj9bYM3E;tu+MPNhUQue}MtPjh|mEjNgeue~Mjh|6e3@EtPELhUVWOHVEPMNy_^US]V3u;uVEMW3u}E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FfxtfXtE.E}u!VO" Y& ufxtfXuGG7GG3u0 U9 V!" Yu)jAXf;wfZvFxfw1Fxfw ;EsM9]r)u;Ev"M}u$9 EOOu"}t9 }e]9 MM0 M7GGuu=t} w& u+9uv&LE"tMEjX" 0 E9 E^& t0 8Et] }t9 E`p9 E_[9 U9 3Puuu9TuhPP]B[$d$3`D$S9 9 T$t`
Ansi based on Dropped File
(~WRD0000.doc)
FfxtfXtE.E}u!VOYufxtfXuGG7GG3uUV!Yu)jAXf;wfZvFfw1Ffw ;EsM9]r)u;Ev"M}u$EOOu"}t}e]MMM7GGuu=t}wu+9uv&LE"tMEjXEE^t8Et]}tE`pE_[U3Puuu9TuhPP]B[$d$3D$ST$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ff|f%xf-tEEE8jYj<hV@=ujYhPUV5T5tt!PtP5Tt'VV0uV{YthVP<tuEE^]jYUV5T5tt!PtP5Tt'VV0uVYthWP<tuEE^]xUu5Tt]PV5Ttu5EYV5Tp^Uuu5Y]PtP5Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FHPN9 WWPMM 3@ j^^)9 uF,PM=e~Hu@ MM?9 uN9 P3|$u@ *9 L$`& tt$9 t$& %@ j,&x9 u& u@ 7f>tW *MeMd9MMf0 F3-V9 t$& u@ A~u69 f8u.& t9 3f9Q" 9 Q9 %@ W ^j,&9 u& u@ 7f>tW *M)eMwMMf0 F3V9 t$& u@ A~u69 f8u.<& t9 3f9Q" 9 Q9 & %@ W ^j,&CM ejuMWuMuXMM}3j,MNeMMM?3j,&Mu3uM0 u,;uFMM9 kj<- 9 9 FH3;tP& u+9 FH;tPWWWWWWWWWh~hW 0 FH9 ]EP9 pM0 }xG& tMMN9 9 { 0 EF(PM0 }jh aMET9 E& tuW& tjWMEPM*GWMbPMM0 EE0 EEPvHjJu& u ME=NME3G:xWMEPMFWMOE~P9 9 F9 }& t<W& t1;}t,M@M0 E1E0 EEPvHjJW& kNEPEP}& uE~P9 8EPEP9 m& tY9 }& tRW& tG;}tBh0MDPMFMM0 ED0 EEPvHjJW& MEMME& 3jLO-2h xVjK9 }& uhVj4@ shVjW M/9 e9 X9 xMiCME]CEPEPWMEY& thMD& u\MD& uPW;u6h`VjjEPEPMjj5pMdXShVjaMEKMEKMM|3jt`-9 u3;u
Ansi based on Dropped File
(~WRD0000.doc)
FHPNWWPMM3@j^^)uF,PM=e~Hu@MM?uNP3|$u@*L$tt$t$%@j,&uu@7f>tW*MeMd9MMfF3-Vt$u@A~u6f8u.t3f9QQ%@W^j,&uu@7f>tW*M)eMwMMfF3Vt$u@A~u6f8u.<t3f9QQ%@W^j,&CMejuMWuMuXMM}3j,MNeMMM?3j,&Mu3uMu,;uFMMkj<-FH3;tPu+FH;tPWWWWWWWWWhhWFH]EPpM}xGtMMN{ EF(PM}jh METEtuWtjWMEPM*GWMbPMMEEEEPvHjJuu ME=NME3G:xWMEPMFWMOE~PF}t<Wt1;}t,M@ME1EEEPvHjJWkNEPEPuE~P8EPEPmtY}tRWtG;}tBh0MDPMFMMEDEEPvHjJWMEMME3jLO-2hVjK}uhVj4@shVjWM/eXxMiCME]CEPEPWMEYthMDu\MDuPW;u6h`VjjEPEPMjj5pMdXShVjaMEKMEKMM|3jt-u3;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fI@``|p! t@ T$G@.textjfh `.rdataN l@@.dataRp*T@.rsrc}~@@.relocN`@Bjt$t$z@U9 QQ9 EHu9 EM"!MU3@U9 ,MjjM0M3U9 PMM7MEPM3M,& t)EPM2PM;M#4EPMg4VM<(3& uVMR)M&& uVM#'VVM>0EPM0 uj:PM1M3M3MT3^U9 30 E9 ES9 ]#V9 uW0 EEPh! @& & t PEPVYY& tjY& t9 9 |9 3& u 9 SuV9 9 VP9 9 M_^3[="!uVSa9 <& t9 N^39"!" U9 ,MdMSMf3Vj9 _D0 9 ^j}9 0 }D0 e9 & tem&M9 -_sUpjX
Ansi based on Dropped File
(~WRD0000.doc)
fI@``|pt@T$G@.textjfh `.rdataNl@@.dataRp*T@.rsrc~@@.relocN`@Bjt$t$z@UQQEHuEMMU3@U,MjjM0M3UPMM7MEPM3M,t)EPM2PM;M#4EPMg4VM<(3uVM)M&uVM#'VVM>0EPMuj:PM1M3M3MT3^U3EES]#VuWEEPh@tPEPVYYtjYt|3uSuVVPM_^3[=uV<tN^39U,MdMSMf3Vj_D^j}}Detem&M-_sUpjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
file error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FileDescription
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FileVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Fjp_uuuuv^uuuuji?uQeUM?jNT>}Wu3RjW~PFR\3;uNNM3}EPOvEtEv]}+]+}jvSWuuuj{PhPFYMMGGCC~u%j-8YEet3MFvjvSWuuujNPhFF=jhjpPXF,jPjvVv^h?zjvF3@N>U<VqSW3PPPPPvE=u/ueEPv@t%uuuuE}tF(PPut+EPv@FtMQp@33;uuE+E9N t3QjjPE+EPEE+EjjjPE+EP(#PE+EPQQEE+EPE+EPjjjjuEjuuujju}tjWuutjuvFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FL0 M(uv(V$9 E(YY_[^9 D$9 D$9 D$59 D$E3U9 9 U9 SV0 E9 BW9 }9 O49 _ 9 w0 E9 G00 M;s+H9 G,+0 E9 E9 & 40 E9 E9 & 40 E9 EM9 Er9 E9 M#0 M& @& =9 4#H0 M& H `H+9 Mt0 M9 4#H0 M9 M+9 EM9 Er9 E9 M#0 MHH+-E@& ^9 M9 4#H0 MH0 M+E0 ]te9 MM9 ]E;ur9 M9 4#]mX9 E)E+9 M9 +9 _(;s\9 O,+;r9 O,+0 M9Mv$)M9 M`A@Mu9 G(`A@Mu9 ]T`9 MA@`A@m`A@Mu`A@`A@m`A@MuH`@+9 MAM0 ]}0 Mr
Ansi based on Dropped File
(~WRD0000.doc)
FLM(uv(V$E(YY_[^D$D$D$5D$E3UUSVEBW}O4_ wEG0M;s+HG,+EE4EE4EEMErEM#M @=4#HMH`H+MtM4#HMM+EMErEM#MHH+-E@^M4#HMHM+E]teMM]E;urM4#]mXE)E+M+_(;s\O,+;rO,+M9Mv$)MMA@MuG(A@Mu]TMA@A@mA@MuA@A@mA@MuH@+MAM]}Mr
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FlsGetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
fN& : 9u jY;tN$9 D9utijY;t3 $0 p9utMj Y9 0 ME;tD9 M9 Wu9 P& t0 s9 E9 79 EM39 j9 f}uEf,ujs\?9 0 u3N(0 ]${~D9 E0 ^<0 ^@INdE9 E0 F$9 j9 EP0 ^8 0 ^`9 j\9 0 u$NdENDE.N(E` M9 _j\zqDEP9 eDu& t7j8iY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
fN9ujY;tN$D9utijY;t3$p9utMj YME;tDMWuPtsE97EM3jf}uEf,ujs\?u3N(]${~DE^<^@INdEEF$jEP^8^`j\u$NdENDE.N(E`M_j\zqDEPeDut7j8iYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FontInfoCacheW
Unicode based on Runtime Data
(WINWORD.EXE
)
FP-YV0 ^@R Y0 _|9 ^_][9 D$"!j h RP/9 U9 9 Ef9 fff0 M9 f0 E9 Ef0 Mf9 ff0 M9 f0 E3f0 EEPE?Pf0 M\ 9 E9 US9 \$3V9 N}80 0 <0 @;t"WSMt9 GWiSWP0 < _9 ^[VW9 <9 & tPRpY&@9 & tPvpY&_^SVWt$9 DSW~Ws FBf\tf/thSW(_^3[U$ 30 & S9 V9 W9 0 }R19 ;X&tPYO;x8uth0WV 3uE9 9 @0 3f0 F0 0 0 0 0 0 0 $0 (0 ,9 ;X}P+7`Y9 9X|3PPPPSQPEP7EPEPEP7 4& t
Ansi based on Dropped File
(~WRD0000.doc)
FP-YV^@RY_|^_][D$jhRP/UEffffMfEEfMfffMfE3fEEPE?PfM\EUS\$3VN8<@;t"WSMtGWiSWP<_^[VW<tPpY&@tPvpY&_^SVWt$DSW~WsFBf\tf/thSW(_^3[U$3SVW}1;X&tPYO;8uth0WV3uE@3fF $(,;X}P+7`Y9X|3PPPPSQPEP7EPEPEP74t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FPM\j]y;YEE;tju3E9^(tFj K;YEE;tjn3MPHxN(S5(E/"Pr]tSu^<tjSt_E!EjhEt1MQSjJPtjuMM[3@MM[37AjiP@FPMe[N(etN t?N$tf0MMJ[@j,&?MKueMvjj5pMMM03@@j,&?MueMjj5pMMM3@G@j,&`?M3PP5pMEaMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fR fR|fR%xfR-tS9 ES9 EE9 & S 0 & 0 & 8 jYj< hV@ =uj Yh P 9 U9 V5T 9 5t & t!P tP5T & t9 'VV0& uV{Y& thVP<& tu0 E9 E^]j! Y9 U9 V5T 9 5t & t!P tP5T & t9 'VV0& uVY& thWP<& tu0 E9 E^]x 9 U9 u5T t ]P 9 V5T t 9 & u5EY9 V5T p 9 ^9 U9 uu5Y]P tP5Y
Ansi based on Dropped File
(~WRD0000.doc)
FtE9 O9 I9 9 @tE$ }t, t(uG}Yt9Eu70 }0 EFu0 uE9] }t9 E& u}t9 E& u3_^[jh@[9 u& u3 e9 9 9 9 @+u+9 H9 IuuuYYVuWuGH& tWY0 EE 30 E9EthlVMh?EP9 E9 9 3= 9 9 eehHVMh ?9 U9 V Y9 pxxY9 M0 Hx9 ^]9 T$9 L$& ti3`D$ ur=tEsW9 r1t+u9 9 9 t& t
Ansi based on Dropped File
(~WRD0000.doc)
FtEOI@tE$}t,t(uG}Yt9Eu7}EFuuE9]}tEu}tEu3_^[jh@[uu3e@+u+HIuuuYYVuWuGHtWYEE3E9EthlVMh?EPE3=eehHVMh?UVYpxxYMHx^]T$L$ti3D$ur=tEsWr1t+utt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ftf;t+}tMap_^[UV3W95Tu39u};uo\VVVVV`U;tfArfZw fArfZw GGBBMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FtvHFFFHFFtMHFFFHFH;H(FDNF@F;jX_^][FFtNHFFAFFtHFFFHFFtHFFFHFFmHFFFHFHN0j=F(FF`4`#F3@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
function myInjectedOnClickFromAlert()execCommand\")()""about:blank#EBCmd(border:solid 1px #d5d5d5background-color:#FFFFFE;pushNotificationsNotificationsCAlertHTMLDialogBrowserContainer::CallPushNotificationspushHtmlNotificationCAlertHTMLDialogBrowserContainer::CallPushHtmlNotificationcheckboxdefaultValuecheckboxTextnotificationUrlnotificationTypeintervallogoUrlnotificationTitleitemIdfeedIdalertIdinitialNotificationinstantsampleinitialpublisheronLinkNavigationCAlertHTMLDialogBrowserContainer::OnNavigationStoppedbClicked = %sh ,!bGotAlertChannelId!pAlert!pAlertItemempty mapParams errorCAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialoguiParamsCount != 4Error retrieving notification id!ParseParameters!pInstantAlertError finding notificationCAlertHTMLDialogBrowserContainer::OnApiExecCommandfirst navigationStop navigation!about:blankiframe unblockedpWebBrowser == m_pWebBrowserCAlertHTMLDialogBrowserContainer::ShouldStopNavigationinvalid map/set<T> iteratorCAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigationuiParamsCount != 2InstantAlert - no need to mark readNotification id: %sInitial notificationCAlertHTMLDialogBrowserContainer::OnApiOnMessageReadCAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigationuiParamsCount != 3SHOW_ALERTS_FROM_THIS_FEEDDONT_SHOW_ALERTS_FROM_THIS_FEED!GetNotificationIdIs check box checked: %sCAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValue0 k $ , , 0 v =0 9R0 dx0 d 0 l F% 0 xmb /O- xw: l0 8 X0 PD0 M %nv00 Z ~ ~oh~h~A0 /"! ~h~p~Yh~ ~0 W1h~h~h~h~h~h~xFh~h~ ~ ~a ~ ~ ffxO E" x &xMr d 7 aa)CAlertHTMLDialogBrowserContainer::PushNotificationsCAlertHTMLDialogBrowserContainer::AddAlertIgnored notificationsetCheckBoxValueonStartDragopenAppunblockFrameNavigationblockFrameNavigationsendUsageopenAboutDialogopenSettingsDialogonMessageReadshowMeonReadyCommunity Alerts ; `alertInfoRequestXml=alertLoginRequestXml=alertTranslationRequestXml=alertUsageRequestXml=T`Q'M>: SmmYxxms9NotificationsHtmlDialogsAppFromNotificationIdleModeAlertALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIPALLP_STR_ID_ALERT_POP_UP_WINDOW_OFALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGSALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_VIEWALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROMALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLEALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAYALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLEDALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONSALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONSALLP_STR_ID_ALERT_MAIN_MENU_ABOUTALLP_STR_ID_ALERT_MAIN_MENU_SETTINGSALLP_STR_ID_ALERT_MAIN_MENU_REFRESH 9 Thanks for adding our NotificationsNotifications bring our latest news right to your desktop!This is a sample notification.CloseofSettingsYou re about to receive a notification that looks
Ansi based on Dropped File
(~WRD0000.doc)
function myInjectedOnClickFromAlert()execCommand\")()""about:blank#EBCmd(border:solid 1px #d5d5d5background-color:#FFFFFE;pushNotificationsNotificationsCAlertHTMLDialogBrowserContainer::CallPushNotificationspushHtmlNotificationCAlertHTMLDialogBrowserContainer::CallPushHtmlNotificationcheckboxdefaultValuecheckboxTextnotificationUrlnotificationTypeintervallogoUrlnotificationTitleitemIdfeedIdalertIdinitialNotificationinstantsampleinitialpublisheronLinkNavigationCAlertHTMLDialogBrowserContainer::OnNavigationStoppedbClicked = %sh,!bGotAlertChannelId!pAlert!pAlertItemempty mapParams errorCAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialoguiParamsCount != 4Error retrieving notification id!ParseParameters!pInstantAlertError finding notificationCAlertHTMLDialogBrowserContainer::OnApiExecCommandfirst navigationStop navigation!about:blankiframe unblockedpWebBrowser == m_pWebBrowserCAlertHTMLDialogBrowserContainer::ShouldStopNavigationinvalid map/set<T> iteratorCAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigationuiParamsCount != 2InstantAlert - no need to mark readNotification id: %sInitial notificationCAlertHTMLDialogBrowserContainer::OnApiOnMessageReadCAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigationuiParamsCount != 3SHOW_ALERTS_FROM_THIS_FEEDDONT_SHOW_ALERTS_FROM_THIS_FEED!GetNotificationIdIs check box checked: %sCAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValuek$,,v=9dxdlF%xmb/O-wl8XPDM%nv0ZohhA/hpYhW1hhhhhhxFhhaffOEx&Mrd7)CAlertHTMLDialogBrowserContainer::PushNotificationsCAlertHTMLDialogBrowserContainer::AddAlertIgnored notificationsetCheckBoxValueonStartDragopenAppunblockFrameNavigationblockFrameNavigationsendUsageopenAboutDialogopenSettingsDialogonMessageReadshowMeonReadyCommunity Alerts ; alertInfoRequestXml=alertLoginRequestXml=alertTranslationRequestXml=alertUsageRequestXml=TQ'M>SmmYms9NotificationsHtmlDialogsAppFromNotificationIdleModeAlertALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIPALLP_STR_ID_ALERT_POP_UP_WINDOW_OFALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGSALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_VIEWALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROMALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLEALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAYALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLEDALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONSALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONSALLP_STR_ID_ALERT_MAIN_MENU_ABOUTALLP_STR_ID_ALERT_MAIN_MENU_SETTINGSALLP_STR_ID_ALERT_MAIN_MENU_REFRESHThanks for adding our NotificationsNotifications bring our latest news right to your desktop!This is a sample notification.CloseofSettingsYou re about to receive a notification that looks
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fuW;t0+WVPh3f=PSo3ftSWPpcVWPP_ujPXM^3[NU$,T3SVWt$9F;tEt6<YN;x};x}P6Y9x|<PdYY~EPS66NY}t3~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FU}[N,;u"F0V(;tUs+HE+M}uauEWVF4N0EF4E;s+EHEV,+UV,9UuF(;tEs+IM+U}FMeE;vME9EvEuSunvE)EE)E)FtM }peMECMrE%?FwhjPw(W F'mmfKM }eMECMrNEFVmFmF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FWE,P^vMM,s{B4jVAEeEEEPE$MMB UV~tWvt<tHWt=EPv<jEPWzuEPWtujv_^D$3A$j<BQT$Q*D$3A(jLBQT$QD$3A,j\BQT$QD$;Aua|3Vjt4PhhHjF?3^UVFt5~|u/EEPEE\F|3^UVEPv@MPMjO^UVuu3}t(A8HtHtHtHuGA\Tq ijq pq q,w}t(A4HtHtHtHuAL&q;jqBqq(IA0Ht=Ht,HtHuA<ePA{'q{jq{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f}9 9 u$E& }( u(9 Eu +EVP9 E+EPu9 Eu
Ansi based on Dropped File
(~WRD0000.doc)
f}u$E}(u(Eu +EVPE+EPuEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
G-I[k,A8)gMD`* v($8TT1aE%
Ansi based on Dropped File
(~WRD0000.doc)
G-I[k,A8)gMD`*v($8TT1aE%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GAIsProcessorFeaturePresent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromStream
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromStreamICM
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipGetImageHeight
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipGetImageWidth
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
get response stream failed.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetActiveWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetAsyncKeyState
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetBkColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetBkMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCapture
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClassInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClassNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClientRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClientRectSetWindowPosInvalidateRectDrawTextW)PtInRectOffsetRectTScreenToClientEClientToScreenGetCursorPospSetCursorLoadCursorAFillRectCallWindowProcW DefWindowProcW GetWindowLongWhCreateWindowExWIsWindowVisibleMoveWindow0 SetParentEndPaintBeginPaintUGetParentCallWindowProcASetWindowLongA0 GetWindowRgn6RegisterClassWGetClassInfoWUnhookWindowsHookExCallNextHookExSetWindowsHookExADestroyIconLoadImageWFindWindowExA~DestroyMenueCreatePopupMenuInsertMenuItemWBGetMenuItemCountTrackPopupMenuySetFocuszSetForegroundWindowUSER32.dll
Ansi based on Dropped File
(~WRD0000.doc)
GetClientRectSetWindowPosInvalidateRectDrawTextW)PtInRectOffsetRectTScreenToClientEClientToScreenGetCursorPospSetCursorLoadCursorAFillRectCallWindowProcWDefWindowProcWGetWindowLongWhCreateWindowExWIsWindowVisibleMoveWindowSetParentEndPaintBeginPaintUGetParentCallWindowProcASetWindowLongAGetWindowRgn6RegisterClassWGetClassInfoWUnhookWindowsHookExCallNextHookExSetWindowsHookExADestroyIconLoadImageWFindWindowExADestroyMenueCreatePopupMenuInsertMenuItemWBGetMenuItemCountTrackPopupMenuySetFocuszSetForegroundWindowUSER32.dll
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GetCommandLineA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetComputerNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleCP
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleOutputCP
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCPInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCursorPos
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDesktopWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDeviceCaps
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDlgItem
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetEnvironmentStrings
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetExitCodeThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileAttributesW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileSize
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileType
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetIconInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastActivePopup
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastError
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastInputInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLayout
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLocalTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLongPathNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMenuItemCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleFileNameA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleHandleA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleHandleW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMonitorInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetObjectA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetParent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcAddress
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessHeap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessMemoryInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetResponseHeader(Content-Type) failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetSecurityDescriptorSacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSidSubAuthority
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSidSubAuthorityCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStartupInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStdHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStockObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStringTypeA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStringTypeW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSysColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSystemMetrics
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTextColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTickCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTokenInformation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetUserObjectInformationA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
getValueByKey
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetVersionExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowLongA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowLongW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowOrgEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GGhPNhG! P}G9 ! 0 ! P}GGPNGG4PN4uG9 GD0 FD! P}]G! P}KGG$PN$?G! P}-GGP9 "GGHPNHGXWNX
Ansi based on Dropped File
(~WRD0000.doc)
GP 9 @;r6 &Y|_^=uV9 5|W3& u<=tGVsYt` ujGW9 YY0 =& t9 5|SBVqs9 C >=Yt1jSYY0 & tNVSPx& t3PPPPPs >u5|b" %|'3Y[_^5<" %9 U9 Q9 MS3V0 9 9 U9Et9 ]E0 0 E >"u39E" F0 E<& t`B0 U`PFv2Y& t}t
Ansi based on Dropped File
(~WRD0000.doc)
GP@;r6 &Y|_^=uV5|W3u<=tGVsYtujGWYY=t5|SBVqsC>=Yt1jSYYtNVSPt3PPPPPs>u5|b%|'3Y[_^5<%UQMS3VU9Et]EE>"u39E"FE<tBUPFv2Yt}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Gu_uEjuuuEjPuuuM_^3[pUEet_EtZfuu uuuu ]atAtu uuuuu0u uuuuuwu uuuuun]UjuuuuuuZ]VW36Y(r_^Vhh3Vgt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h 39 9}u9 PhlVjc9}t+9 9 ;~9 ;~PQ9 9 4hxV;WhuhuW +.;uhx9 I3@hRxhjc3$j.#9 h xhjbj 9 0 Me& tj
Ansi based on Dropped File
(~WRD0000.doc)
h 9 ^V9 9 & tP9 v& tVc:Y^QU9 W9 Rt3@ 9 Eu0 ! yh 9 5& }3qVj9 9 -9 & tV9 eSMQhlrV9 & |}u9 MQh\rV9 9 VP& [|}tjuOPuk&33@^_]V9 NP&9 ^W9 |$& u
Ansi based on Dropped File
(~WRD0000.doc)
h$`s" " BK'aA;GIF89a[x" `,o7oS9,n&k[RP![, [[X >
Ansi based on Dropped File
(~WRD0000.doc)
h$M|3}9 0 ]PEPEPVuu 9 ;u/}/u&EPMw{9 MSEPEPVuud9 V& ?9 ;D$th(t$Q}jD_uMWueMH9 uE& t9 39 ]& t9 39 E9 8RQPW 9 & t9 & t9 9 Lj We9 9 ]& u37eh)hx)S_3F& |0 uhp)h`)S9 C& |0 uthL)h<)S9 $& |0 uMieEP9 M.k& uMjPh)S9 & |0 u9 k& u9 iPh)S9 & |0 u9 M& tdj& u[j9 VMx9 ME: iPMzVMyMiPh(S9 b& |EMEqMMq9 EV9 9 L$9i9 L$P/iPt$9 ^U9 QeVW9 9 M3X& v79 MEPV& t9 E& tHQPu9 9 MF!;r3_@^UpjH_ 0 M`9 ]|9 K3;th|9 P9 hPh -,Vj{%0 }|E|Ph)jWh)0 },& ;}9tAtjjYPhx,VQ9%9 E|M;t9 PQ3M0 gjXf0 E3f0 E9 5EP9 K4E;ti& u9 K4gPME P9 K8E;th& u9 K8gPM "!E@P9 KE;th& u9 KgPM@nhh9 h9 K;tigPM@Hhh,h)M0qM00 }\AgPMl" 9 E-gPMh9 EhE;t9 0 ET0 }T9 El;t9 39 u 9 9 E|u9 9 uTuQPR& }}tAtjjXjh,9 M`P: 9 Mh9 & t|9 Ml& tp9 5E@PE PEPEPM0Eo9 E|M& t9 PQ9 s$9 u`u|9 & ujh+j9 {9 C,& tPu|9 & t9 E|9 9 u@PQ,& }tAtjjXjh++30 ud9 E|9 UdRPEQ(;|9udt9 K ;tud;pjudMtMEeEP9 0 ePjhx)E
Ansi based on Dropped File
(~WRD0000.doc)
h$M|3}]PEPEPVuu;u/}/u&EPMw{MSEPEPVuudV?;D$th(t$Q}jD_uMWueMHuEt3]t3E8RQPW ttLj We]u37eh)hx)S_3F|uhp)h`)SC|uthL)h<)S$|uMieEPM.kuMjPh)S|ukuiPh)S|uMtdju[jVMxMEiPMzVMyMiPh(Sb|EMEqMMqEVL$9iL$P/iPt$^UQeVWM3Xv7MEPVtEtHQPuMF!;r3_@^UpjH_M`]|K3;th|PhPh -,Vj{%}|E|Ph)jWh)},;}9tAtjjYPhx,VQ9%E|M;tPQ3M0gjXfE3fE5EPK4E;tiuK4gPME PK8E;thuK8gPM E@PKE;thuKgPM@nhhhK;tigPM@Hhh,h)M0qM0}\AgPMlE-gPMhEhE;tET}TEl;t3u E|uuTuQPR}}tAtjjXjh,M`PMht|Mltp5E@PE PEPEPM0EoE|MtPQs$u`u|ujh+j{C,tPu|tE|u@PQ,}tAtjjXjh++3udE|UdRPEQ(;|9udtK ;tud;pjudMtMEeEPePjhx)E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$sBK'A;GIF89a[,o7o9,n&k[P![,[[X>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$sBK'A;GIF89aZ6[[WwFI)bX!Z,ZZ<9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h(((( H
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
H(H<HRHdHHHHHHI,IGdipFreeGdipAllocGdipDeleteGraphicsdGdipCreateFromHDCGdipCreateImageAttributesGdipDisposeImageAttributeslGdipGetImageWidthGdipGetImageHeightdGdiplusStartupGdipSetImageAttributesColorMatrixGdipDrawImageRectRectGdipDisposeImageGdipCreateBitmapFromFile.GdipCreateBitmapFromFileICMGdipCreateBitmapFromStreamlGdipCreateBitmapFromStreamICMGdipCloneImageO*P$NDT\OTPTHKU$TKVN,W@OW MWNW8NWT$K
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
H(H<HRHdHHHHHHI,IGdipFreeGdipAllocGdipDeleteGraphicsdGdipCreateFromHDCGdipCreateImageAttributesGdipDisposeImageAttributeslGdipGetImageWidthGdipGetImageHeightdGdiplusStartupGdipSetImageAttributesColorMatrixGdipDrawImageRectRectGdipDisposeImageGdipCreateBitmapFromFile.GdipCreateBitmapFromFileICMGdipCreateBitmapFromStreamlGdipCreateBitmapFromStreamICMGdipCloneImageO*P& $NDT\O T PTH& KU$TKVR N,W@O~W & MWNW8NWT$K
Ansi based on Dropped File
(~WRD0000.doc)
h*YYYYYYYYYYZZ" *9ZAZIZ" *lZtZZ" (+ZZ" d+ZZZZ" +[" +1[" ,T[^[" 4,[9 [ [" h,[[[[" ," -[\\\%\J\R\]\h\" 4-}\ \\" x-\" -" .\\\
Ansi based on Dropped File
(~WRD0000.doc)
h*YYYYYYYYYYZZ"*9ZAZIZ"*lZtZZ"(+ZZ"d+ZZZZ"+["+1[",T[^["4,[[["h,[[[[","-[\\\%\J\R\]\h\"4-\\\"x-\"-".\\\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h+ y ?>G}1EO(L{xbx}} {" BhXH(V 0
Ansi based on Dropped File
(~WRD0000.doc)
h+y?>G1EO(L{xb}}{BhXH(V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h39}uPhlVjc9}t+;~;~PQ4hV;WhuhuW+.;uhI3@hhjc3$j.#hhjbj Metj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h3Pj5(D3@]$jv#0 Mh x`SjRb}& 9 u& MeEP9 9 u9 & uhHSj@bMMXj,Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
h3Pj5(D3@]$jv#Mh`Sjb}uMeEPuuhHSj@bMMXj,YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h9 $9 s" " BK'aA;GIF89aZa: 6[[RWw"!F! I)bX}!Z, ZZ< 9
Ansi based on Dropped File
(~WRD0000.doc)
h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 }h9 0 eWhS 9 oh9 0 eWhRc9 Ph9 0 eWh|D9 1h9 0 eWhh%9 h9 0 eWhT9 h9 0 eWh@9 h9 0 eWh,9 h9 0 eWh9 h9 0 eWh`9 wh9 0 eWhk9 Xh9 0 eWhL9 9h9 0 eWh-9 h9 0 eWh9 h9 0 eWh9 h9 0 eWhS9 h9 0 eWh9 ~h9 0 eWht 9 h9 0 eWhds9 `h9 0 eWhTT9 Ah9 0 eWh@59 "h9 0 eWh,9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWha9 ! h9 0 eWh{9 hh9 0 eWh\9 Ih9 0 eWh=9 *h9 0 eWh9 h9 0 eWh9 h9 0 eWh 9 h9 0 eWhl9 h9 0 eWhX9 h9 0 eWhD9 ph9 0 eWh4d9 Qh9 0 eWh$E9 2h9 0 eWh&9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 9 xh9 0 eWhl9 Yh9 0 eWh M9 :h9 0 eWh .9 h9 0 eWht9 h9 0 eWh`9 h9 0 eWhL9 h9 0 eWh89 xh9 0 eWh( 9 h9 0 eWht9 ah9 0 eWhU9 Bh9 0 eWh69 #h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWhS: 9 h9 0 eWh|9 ih9 0 eWhx]9 Jh9 0 eWhd>9 +h9 0 eWhT9 h9 0 eWh@9 h9 0 eWh,9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh 9 qh9 0 eWhe9 Rh9 0 eWhF9 3h9 0 eWh'9 h9 0 eWh9 j [S9 0 eWhS9 S9 0 eWhR9 S9 0 eWhx9 S9 0 eWhh"!9 S9 0 eWhX~9 kS9 0 eWhHc9 PS9 0 eWh8H9 5S9 0 eWh(-9 S9 0 eWh9 3@6iU9 SVW9 39 0 ]& ~PEP9 z#9 M;t9]t9 SiY3EPEP9 N& u9]u9 S9 P9 & ~QEP9 ?0 ]!9 M;t9]t9 +WhYEPEP9 N& u9]u9 S9 P_^[jRwg9 0 u3SE
Ansi based on Dropped File
(~WRD0000.doc)
h=}hu0jPMqMEkVEPEP9 EMEqMEkMEkMEakMM}k3@hthSj3wV9 t$W9 & t,~t&V& u9 N9 Pl& tV9 (V9 y_^j S9 MaeEPu9 d& tMyc& uEP9 MMjj09 0 ue6YU9 QVEPEP9 : 9 ^U9 SVW9 9 G9 p9 EFPu9 QYYE t9 69 v ~-tWSMU }tL9 GW0MAEPM@ t&uSjEP9 9 9 9 E9 I0 0 H@5MlL9 uuFP: PYY tuSu9 E9 M0 0 p@_^[j
Ansi based on Dropped File
(~WRD0000.doc)
h=}hu0jPMqMEkVEPEPEMEqMEkMEkMEkMMk3@hthSj3wVt$Wt,~t&VuNPltV(Vy_^jSMaeEPudtMycuEPMMjj0ue6YUQVEPEP^USVWGpEFPuQYYEt6v~-tWSMU}tLGW0MAEPM@t&uSjEPEIH@5MlLuuFPPYYtuSuEMp@_^[j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h^VtPvtVc:Y^QUWt3@Euyh5}3qVj-tVeSMQhlrV|}uMQh\rVVP[|}tjuOPuk&33@^_]VNP&^W|$u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hEPMPMPsWsusMMi3q!|$+ut$P3jls uUEN E)6MN=!U<Ww8uSV3;~F9E~9]j8ESP*E9]tEE9]uuEEEEEE;u%9]tEE9]uEPShMw8EPShLw8tE^[_VD$tV_ Y^j3PPjPt$VL$\P^tjVFtNHFtNH|$t^3UHHHAVFt1NWxF;u@Ft$~_ufff^VFt1NWxF;u@Ft$Q~_ufff^T$D$uAAAzuAJHPJtABVj!YtL$``3Pv^VFtK;Fut$;;Fut$0+Wxuxt$N~_ufff^VFW3Ftt$tPpYG~uff_^jUVD$tV6Y^UEjP]UEMh@?UREEMEX#UEVHNPVFtQP^]UVW}HHHIHMESj Zr0;1t|0+t3\ipY+t3\HpY+t3\'pY+t3\3p;qt~pY+t3\pY+t3\pY+t3\pY+t3\3rp;qt~pY+t3\IpY+t3\(p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
heWhheWhheWhheWhheWhoheWhcPheWh|D1heWhh%heWhTheWh@heWh,heWhheWhwheWhkXheWhL9heWh-heWhheWhheWhheWhheWhtheWhds`heWhTTAheWh@5"heWh,heWhheWhheWhheWhheWh{hheWh\IheWh=*heWhheWhheWhheWhlheWhXheWhDpheWh4dQheWh$E2heWh&heWhheWhheWhheWhheWhxheWhlYheWhM:heWh.heWhtheWh`heWhLheWh8heWh(heWhtaheWhUBheWh6#heWhheWhheWhheWhheWhheWh|iheWhx]JheWhd>+heWhTheWh@heWh,heWhheWhheWhqheWheRheWhF3heWh'heWhj [SeWhSeWhSeWhxSeWhhSeWhX~kSeWhHcPSeWh8H5SeWh(-SeWh3@6iUSVW3]~PEPz#M;t9]tSiY3EPEPNu9]uSP~QEP?]!M;t9]t+WhYEPEPNu9]uSP_^[jRwgu3SE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HFM@dF8FHMF*PFhP>jFjPM8MeEP6u2M)PFhPXF@vjLMMU2_VFW3;u3a9|$t<9~<t9xt@vjL=@vWL;t(F<9~<u3@xvjL;t~<_^,SUV5`WS3hPPD$,=UShjUUl$,ShjU3PPPt$ Ul$(D$,PU@D$,;D$4D$~L$4L$,D$4D$8+D$0jY3~ND$D$j]9l$4~.D$D$ D$ Pjht$0;l$4|D$L$uSht$t$4PD$(D$_^][,jihMeNLFLjP3MM[UQVhMjutFLM^VF@tW=jjPvjv@_FtPhfFtPfY^&j0uejdv@F@tPf@MNVW=f0jdv@jev@FtPY_^V~0Wu[|$du=~F,9F,|f,F8F8;F4|v,At!P|$eujv(jdv@_^UVuYtbW};=uu{&uuRu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hh#MEP9 E`MSWM > h@#MEP9 E`MSWM> h$#MuEP9 Ev`MSWM >q h#MBEP9 EC`MSWM& >> h"MEP9 E`MSWM > h"M! EP9 E0 MSWM! >h"M! EP9 E0 MSWM>h"Mv! EP9 Ew0 SWM0 >vjZ9 0 ue}$L"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , e}LE9 ER 0 9 V9 .D$tVY9 ^#jX3@9 `#V9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
hh#MEPEMSWM>h@#MEPEMSWM>h$#MuEPEvMSWM>qh#MBEPECMSWM>>h"MEPEMSWM>h"MEPEMSWM>h"MEPEMSWM>h"MvEPEwSWM>vjZue$L"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , eLEEV.D$tVY^#jX3@`#VNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM(MMErPMM(aPMSMM9uthhM9uthh M9uthSh xEPEw,P9 & t19 uMEyMEmMM(a9 ia0E(9 0 ePE9 0 ePEu9 uEuS0 E& u3R9 PEP9 RxjS+`9 0 u%3N$0 }N4E}ES}E}E~0 ~0 ~0 ~0 ~ Fh$0 ~t0 ~0 0 ~0 0 0 Fl0 0 0 ~p0 ~D0 ~HFL0 ~P0 ~T0 0 ~\0 ~`0 ~d9 :`jTU_9 0 u9 NE& t$f9 N& t$f}E}E}EN4EN$EM9 $_9 Ah$49 D$0 ADjXf^9 u3Z9 & t 9 0 eP" e9 0 ejh|9 M9 R
Ansi based on Dropped File
(~WRD0000.doc)
hM(MMErPMM(aPMSMM9uthhM9uthhM9uthhxEPEw,Pt1uMEyMEmMM(aia0E(ePEePEuuEuSEu3PEPRxjS+`u%3N$}N4EEEE~~~~~ Fh$~t~~Fl~p~D~HFL~P~T~\~`~d:`jTU_uNEt$fNt$fEEEN4EN$EM$_Ah$4D$ADjXf^u3ZtePeejh|M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM;9 MEPFCM0 ]EME`M]9ME99 EjEPeM2& ug9 }|p~MME"ME>WhM9 0PVM2MEMEMM9$j,=9 M/eeEP9 PMEh@ME8MM1& tMM89 MPMEUMEq9 EPhM/PVM*& u0 M9 u|p~9 0 uMEMEqj[EPReM 0& t3MM79 }tj2Y9 9 }MMEMEWh,M9 /PVMM9 EZME@|j}EPeM/& tMMQ79 YeMMEME9 EPh,Mx.PVMEM& t9 uMEx`MERqj,9 9 M@/& t3M-ueeEP9 PME>MEy6MME#ME?9 EPhHM-PVMjxY& u0 M9 u|~9 0 uMEMEMM59 j9 9 M^.& & uEP9 eMd9 uE|~jx^MVMErVhHM9 ,PWMfME*MEMMN5Xj< q9 M,ueEP9 >PME<ME5M -& t3MM49 M ME+MEME: 9 EPhpM,PVMTEM& t%9 uIMEy4ME#q'MEW4MEMj(q9 M+ueEP9 >PME;ME4M ,& t3MM39 M ME9 MEuMhp9 +PVM"!M9 E[MEA j9 9 M+& t
Ansi based on Dropped File
(~WRD0000.doc)
hM;MEPFCM]EMEM]9ME9EjEPeM2ug}|p~MME"ME>WhM0PVM2MEMEMM9$j,=M/eeEP PMEh@ME8MM1tMM8MPMEUMEqEPhM/PVM*uMu|p~uMEMEqj[EPReM0t3MM7}tj2Y}MMEMEWh,M/PVMMEZME@|j}EPeM/tMMQ7YeMMEMEEPh,Mx.PVMEMtuMEMEqj,M@/t3M-ueeEPPME>MEy6MME#ME?EPhHM-PVMjxYuMu|~uMEMEMM5jM^.uEPeMduE|~jx^MVMErVhHM,PWMfME*MEMMN5Xj<qM,ueEP>PME<ME5M-t3MM4MME+MEMEEPhpM,PVMTEMt%uIMEy4ME#q'MEW4MEMj(qM+ueEP>PME;ME4M,t3MM3MMEMEuMhp+PVMME[MEAjM+t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HMMEMEjejhMEZPVMEMEME{jEP;eM+u2MXEPhMEPMME4MMdnj9EPeMtMM+3@23CM]EPhM]fPMRuMEMM]jtEPFeM6t3FMMM;ME@ME\jejh:MEPVMEMEME{j}PEPeMtMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
http://alert.client.conduit.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://alert.services.conduit.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://crl.verisign.com/pca3.crl0)
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.conduit.com/Alertupdate/update.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.eb.com/Alertupdate/tbedrs.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.eb.com/Alertupdate/update.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://iealert.conduit-download.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://ocsp.verisign.com01
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://ocsp.verisign.com0?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://services.eb.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.qatoolbar.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
https://www.verisign.com/cps0*
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
https://www.verisign.com/rpa0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Hu,h h h0 hQ P 3@3U9 SVWjue9 ]9 & uZ9}u#9 3& tu9 9 P\& SuWuSuuu& t nc9 M;! +wxtitPt?t& & 9 MQ9 EPL9 M0 M9 eMQu9 P@9 9 P 9 PPu9 RT9 S9 PD9 Nt9-t"& 9 M9 SQMQ9 P& 9 Su9 PHu9 MQSu9 PPau9 9 PR9 - (H H HH t[t+-"!t9 URSuQ9 Pu9 9 P$9 39 }QP9 EPEP9 R<9 9 3}QPu9 R49 9 3}QPu9 R09 3}9 0 EEPu< 9 M9 E9 QPu9 WuR8T3}9 0 EEPu< 9 M9 E9 QPu9 WuR,9 9 3}QPu9 R(uSuuu9 G9 E_^[D$V9 tVi4Y9 ^U9 (S9 ]W9 }EPWSx & u\Vj(3EVP.>hVEE0 ]0 }0 u0 u0 u V0 E0 EEP| ^f& u33@_[U9 V9 Vu0u,u(u$u uuuuuu 0 F& u
Ansi based on Dropped File
(~WRD0000.doc)
Hu,h h h0 hQ P 3@3U9 VE9 Pv< & tuEuP & t9 ! 33@^U9 SVu9 5R u3SS0 E9 E;}W9 }9 3+t:It2It*ItItItIu*x%u3Gxtxxx9 0 U9 M+tDIt1ItIuREtk9 E+HQuP9 E+P2EtP9 E+HEt@9 EHEt09 EHQWPR0 Ejuuu u9 E3E}RrC;R"_9 E^[VW9 jw9 9 D$#t$Vjw _9 ^D$V9 tVd8Y9 ^U9 SVWju9 ]9 ;! ! 9 H t|tEat- uD& t
Ansi based on Dropped File
(~WRD0000.doc)
Hu,hhhhQP3@3USVWjue]uZ9}u#3tuP\SuWuSuuutncM;+wxtitPt?t& MQEPLMMeMQuP@P PPuRTSPDNt9-t"MSQMQPSuPHuMQSuPPauPR-(HHHHt[t+-tURSuQPuP$3}QPEPEPR<3}QPuR43}QPuR03}EEPu<MEQPuWuR8T3}EEPu<MEQPuWuR,3}QPuR(uSuuuGE_^[D$VtVi4Y^U(S]W}EPWSxu\Vj(3EVP.>hVEE]}uuuVEEEP|^fu33@_[UVVu0u,u(u$u uuuuuuFu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu,hhhhQP3@3UVEPv<tuEuPt33@^USVu5u3SSEE;W}3+t:It2It*ItItItIu*x%u3GxtxxxUM+tDIt1ItIuREtkE+HQuPE+P2EtPE+HEt@EHEt0EHQWPREjuuuuE3E}rC;"_E^[VWjwD$#t$Vjw_^D$VtVd8Y^USVWju];!Ht|tEat-uDt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu9Ft9 N~t 9 NRuj+9 P@0 U9 SV9 WtwEtlEP EP 9 }+9 ]+~& u& t=EP< 9 E9 M9 Uj+Q9 M+RPQS x_^3[U9 V9 ~ltR9 E0 9 E0 t&EPv@ 9 E+EPG + Y0 9 } u9 uuuu:^j TT9 0 uK3jX3CP9 0 }|0 ~0 40 80 0 $DDD ("!0 ~,0 00 <Rj9 0 ejh"WWW9 W9 @0 ~D0 ~H9 &TV9 |uv& tjjv f9 ^]jTS9 eE,9 0 ePu(uu$9 u 9 uux9 C& t
Ansi based on Dropped File
(~WRD0000.doc)
Hu9FtN~tNRuj+P@USVWtwEtlEPEP}+]+ut=EP<EMUj+QM+RPQx_^3[UV~ltREEt&EPv@E+EPG+Yuuuuu:^jTTuK3jX3CP}|~48 $DDD(,0<Rjejh"WWWW@DH&TV|uvtjjvf^]jTSeE,ePu(uu$u uuxCt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HU\euVPu}WFHtHu4jFPwYYPvSFPwYYPvSE3@eU}tuSVuV} uuVu ^7uuVGhu@uFuKVu(tVP]UQQVu>Wt?t9t+>MOCt#u$u uuuuV}uuEPEPVu WE;Es[S;7|G;wBGOHtyu*X@u"u$uu juuuuuEE;Er[_^U,MS]C=VWEIIM|;|]ucsm9>~ F;t=!t="~ujVEvYYu9>u&~u F;t=!t="u~u]t|ODu3YuO39~GLhdu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HuB;4V,V$9 I,& tVa 9 I0& tV/EV]& t9 j9 ^V9 1N0 @-9 0 @9 0 9 0 If^U9 V9 ~<u'~t!at& t9 E9 ;(uuu+3^];pu
Ansi based on Dropped File
(~WRD0000.doc)
HuB;4V,V$I,tVI0tV/EV]tj^V1N@-@If^UV~<u'~t!attE;(uuu+3^];pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hYM3u;tuujJM~hWFXPuujMEPME%lPNHE^MEWM|NP^t@hGYMEtuVh3uPElPMM[VT^Vhhhh^j}uWVgSjMf_u6HPjEP)aeP]MMU'NtHvPhxRtjX;hcRtjhORtjh;RVT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hZ9]t$EPM9 MPE#`M]RX3FMM!9 & j.~9 MP& ud9 MP& uX=9 3;tKh Y9 0 M0 u;tVVuVuuuuhS3MVP9 9 9 PV9 R9 D$0 F9 ^D$V9 RtVY9 ^j@j
Ansi based on Dropped File
(~WRD0000.doc)
hZ9]t$EPMMPE#`M]X3FMM!j.MPudMPuX=3;tKhYMu;tVVuVuuuuh3MVPPVD$F^D$VtVY^j@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
i.._,.._,
Ansi based on Image Processing
(screen_0.png)
I;tMHH3;tYHXtf9uIter$fx`u@htURhlrP}eE;G<u;Vuh8hjOLuMQuuuSVP[|}E@t3fEtPQW_^USVW}efxu@tURhlrP}e@3tf8u@tE;F<uSPh8h`j|Ku~Xt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
I\1]^_/_X__ ]]&^S^|^__Ul$RRV9 u|& u3Ge|SWV9 Y;u0 ]|jWV& t0 ]|EpPVYY& t0 ]|EpPVYY& t0 ]|ElPVYY& t0 ]|EPV& YY& t0 ]|EhPVrYY& t0 ]|9 Eh;Eu}lu}ptE|"!EPVYY& t0 ]|EPVuYY& t0 ]|EPVYY& t0 ]|9 F9 M9 ]8;s
Ansi based on Dropped File
(~WRD0000.doc)
I\1]^_/_X__]]&^S^|^__Ul$Vu|u3Ge|SWVY;u]|jWVt]|EpPVYYt]|EpPVYYt]|ElPVYYt]|EPVYYt]|EhPVrYYt]|Eh;Eu}lu}ptE|EPVYYt]|EPVuYYt]|EPVYYt]|FM]8;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
IAIA0 AA9 Aa0 ]9 U9 30 ESV9 uF@W& 6VYt.VYt"VV<& YY9 `@$$< VYt.VYt"VV<& YY9 `@$$< xV|Yt.VpYt"VdV<& TYY9 @ t]uEjPEPb:& t]39}~0Nx9 `L=9 A0 D=VPYYtG;}|f9 E Fx
Ansi based on Dropped File
(~WRD0000.doc)
IAIAAAAa]U3ESVuF@W6VYt.VYt"VV<YY@$$<VYt.VYt"VV<YY@$$<V|Yt.VpYt"VdV<TYY@t]uEjPEPb:t]39}~0NxL=AD=VPYYtG;}|fE Fx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ieframe.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IEGetWriteableHKCU
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IEIsProtectedModeProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
iframe unblocked
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IIDFromString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incompatible version
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incomplete distance tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incomplete literal/length tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
inflate 1.1.3 Copyright 1995-1998 Mark Adler
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InflateRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Info_High
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InitializeSecurityDescriptor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InsertMenuItemW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_FORCE_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_TRY_TO_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
instant_alerts_channel
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InstantAlert - no need to mark read
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InstantAlertIds
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
insufficient memory
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
isLocaleRtl
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
isSupportedFunction
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
j R:dC`C ujv& vPW& Pjj8#3Sv& WPW& PWvS!DSv& WPW& PhvS $3REt L`Rt L `RR @;rV & x3)& 9 " Z w L` w L ` A;r9 M_3[Rjh`E& y9 d}& Gptlt9 wh& uj OY9 j
Ansi based on Dropped File
(~WRD0000.doc)
j R:dCCujvvPWPjj8#3SvWPWPWvS!DSvWPWPhvS $3EtLtL @;rV3)Z wL wL A;rM_3[Rjh`EydGptltwhuj OYj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j-=m ld \cQkkbal0e& Nb" l{ WeP9 |bI-|ReLXaMQ:t0AJ" =mjiCn4Fg`s-D3_L
Ansi based on Dropped File
(~WRD0000.doc)
j-=mld\cQkkbal0eNbl{WeP|bI-|eLXaMQ:t0AJ=mjiCn4Fg`s-D3_L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j/M9 }hW9 dPMy& th9 o& u]h|9 59 tJMME%PEhHPVMP9 EM& u'0 ME}MM5y3ybMEVMMy3@ 8t9 9 j9 RTV9 u3^t& + ^=@U9 9 E& u
Ansi based on Dropped File
(~WRD0000.doc)
j/M}hWdPMythou]h|5tJMME%PEhHPVMPEMu'ME}MM5y3ybMEVMMy3@8tjRTVu3^t+^=@UEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j3Mj~YEE;t4EMEEPESj{5(vN,;t(WxN,v,;tiWx_N,;tyv0;tLKCM4WWME(v0;tHMMv0;tJqj/uN0E?=N E3=NE'=M=&`jD/<M3M]G&;tcu;t\P;tQEPMEF5u+SMSwEjPMEMEM]<MMVW|$tYU2HtHtHHuHN0tAWHH9N0tW?;2tHuN,tzN,tw,_^j0 04MeM*MuI"Mt=.tt1jYMEtF3EM[MM4dV5tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
J6`zA`Ugn1yiFafo%6hRwG"/&U;(Z+j\1,[d&cju
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
J6`zA`Ug}n1yiFRafo%6hR" wG"/&U;( Z+j\19 ~,[d: &cSju
Ansi based on Dropped File
(~WRD0000.doc)
j9 9 3Mj~Y0 EE;t9 49 9 EM0 EEP9 ESj0 {5(v 9 N,;t(Wx9 N,9 v,;tiW9 : x_9 N,;ty9 v0;tL9 KCM4WWME(9 v0;t9 SHMM9 v0;t9 Jqj/`9 0 uN0E?=N E3=NE'=M9 =&9 `jD/<9 M3M0 ]G&;tc9 u;t\9 9 P;tQEP9 MEF5& u+SMSwEjPMEMEM]! <MM& VW9 |$9 & tY9 U2HtHtHHuH9 N0& tAWHH99 N0& tW?9 ;2tHu9 N,& tz9 N,& tw,_^j0 04M! eM*M& uI"M& t=.t& t1jY9 0 ME& tF39 EM[MM4adV9 5t & t
Ansi based on Dropped File
(~WRD0000.doc)
j9 c3+9 FPjW! vvWAv}0 ~3@_^ytyt33@& u
Ansi based on Dropped File
(~WRD0000.doc)
j9 Fp_^S9 V9 v& t:9 FW3;t/p& t&9 UUWWWWWv9 FUWWWWWp]_^[U9 VEP9 & ta9 E+EW9 =S jP9 E+EPuuvMEM9 FE& t+p& t9 E+EjP9 E+EPu9 Fup_^S9 VW9 v9 = & tt$jv9 F& tp& tt$9 Fjp_^[SU9 -VW9 v39 = & t9 D$0Cv9 F& tp& t9 D$09 Fp3C_^]9 [SU9 -VW9 v39 =t& tt$9 D$0Cv9 F& tp& tt$9 D$09 Fp3C_^]9 [U9 V9 9 F& tZp& tMSWEP9 Fp@ 9 Fpv09 9 SEPW S9 FWp_[^U9 T 30 ESVWE9 Pv 9 EPv@ v49 WEPS WEPv 9 09 M_^33[t:VW9 =9 v& tv& t3@3_^U9 QEPu#_9 M& t{9 EHHV9 t,Htt$tfuGu9 uP`:u9 uPd-W9 =0 jq9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
j9 ME}ME}MMSr6j'9 0 uel9 0 F^9 9 aV9 D$tVY9 ^j( 9 0 uR ej9 59 G UDhD(P9 EPs@ 9 u9 } uP+u+} WVuP0 ED PuD0 EjjM0 E-ejh M.jjEPuDM@9 CDee$& tjPM.jjEPuDM@}TtEE0Ps< jE0Ps9 9 E0+Eu00 E9 E4+E}9 u89 }<+u0+}40 E$K4Et& & F0 E(jGjT0 E,-C49 0 ePE=& Ta-E@PETPT`:& `9 E@;E,~E,u@MT$9 M(;0 ET|0 MT9 E(9ET~E(uTM@9 M,;0 E@|0 M@9 ET9 M@
Ansi based on Dropped File
(~WRD0000.doc)
j9 S9 39 ! 9 @xM0 F09 ! N(S0 F4! 9 0 ePRhM3Cj0 ]8& S0 E9 ! NQHhQHXQHPM30 F,9]u<& w$& tVS0 x5(w$MMj4AbWh4/M<dW3h /M0 ])dMEU9 MP aM0 E U9 MPa9 9}t_;t[9]u9 MtM9 j+;uE;MV+u9 MPuEPh9 MPEXeME]]M]M0 }]U9 QehD/u9 EV9 : D$tVY9 ^jLab 9 h x0Sj39 u)9uht0Sj9 j YY0 E0 };t9 9 9 } MEP+9 } EPE0MEGU& t!M;U& th 0Sj#9 } 9 P0 E& tP9 p& t=jY0 EE& tu9 3P9 j5(Ep9 } EP}ESPMcj 9 0 ePUeMjE8& M0 EESPh/Sj3jGPEPEPEPM}0 Eu<& }9 0 Gt*ORPh/SjgGP9 )MRPMRPhh/SjG9 30 M0 M;t9 P9 @0 U0 E0 } 9uu& t^39tFG& 9 & tMj$>Y0 EE& t9 x39 M0 H9 O0 HP9 E0 x $`Wwuu9 j9 hHSjMEMEzZMEnZMMbZljb! 9 0 uNTEoN4EN E$ZMN"Vqx9 RR& t38V9 t$9 ah9 a9 L$DQP9 ah9 a3@^jc9 0 u03CNX0 ]E~P9 Xe9 M& t9 SEPEP9 W& u9FTt4E^4P9 We
Ansi based on Dropped File
(~WRD0000.doc)
j@pH$R&B ("!F!R,\(!& a#!<BBGlnT!6$B)/}jBVvj4B#btk4B '*3B0 "!32ECA;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
j@pH$R&B(F!R,\(!a#!<BBGlnT!6$B)/}jBVvj4B#btk4B '*3B32ECA;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j_VVVVV0 8 }t9 E`p9 !9uv9u~9 E39Ewj" }t9 U39ux3:- 9 9 ,9 }?-9 u-s}~F`9 9 E9 9 `38E E}u+]hT]SV 3& t
Ansi based on Dropped File
(~WRD0000.doc)
j_VVVVV8}tE`p!9uv9u~E39Ewj"}tU39u3:-,}?-u-s}~FE38EE}u+]hT]SV3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JE9tFEE^[UWu3uueURPQ$|EtGEMS]V5EMEEjwESESE?MQSWP(juS3^@[_U SVuF+WPF+FPNYYN~vMM3QQQPSuEuUu}Pu}Uuu_^[US3M9u3VWuu}VWuEPuEMEEPu]u]u}uu#u MuVWSSut*EMEEEPuMSSuMMuuuu3_@^[UW3M9}u3SWWjWjhutWSEuSX3VPj;V};tvWMQuPSht[E;EuSVEPjV}$|?9}t:uVhsjuu0EPQSX39>VVSX3^[_US]Vu3EWhx1PSWSPEWSWjPF WuPB=v eEPjv $u*9Et%^ShsjPu0}#EPQ~uv v f 33@_^[]j.NtjjYMet3uMFbuNtjf33@'j.@NtjjAYMet3Mhx1uuFFuNtjf33@V>t3@^Vhtjjhs,|>u3^UVW3;ut;u3KWuPQ}PQ>S3}WURURPQ j|CEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf8N4tjf4N<ENE{MN{j@BM@t!EtEPuytEgF$e8MEPrPv$|B}t<jPYEetv0u3MEtPuR3/jH}u3,juMeEPMMzjN}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf8NlEN<E'NEY5MrXV~u3Wvd=vvN<jPrF_^U(SWyEPZ,]PSxugVj(3EVPhVEEuu]uVEEu+EEP|^fu33@_[VFhF`HNht6Hu&u#vd!Fhv~\uj^^^VN8tt$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf^jyu3(IURPMePMM=3@Dj QZ]~tvNPuNURPeMPM>uNURPEu-NURPMPEEMM3@3V~W|$tNWPhU~tNWP_^jZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf^VD$F^V~tL$jN^`^UQMSVWue9>s}6M}t'f*uTO;sKM@Psf/u;e3S0Yu(f/u2O;s)M@PAf*uE9>r}t33@_^[``#VNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfE<)NTE0)Md/D$jV=EeFtEFxEF|EPk0E$MM( D$Q0Q4A8D$ApUAu30MQP<tEtM+MEtM+M3@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFhF<jPv`]Yv`jW6@~<)~X~l^~t)ev!EPFpP<YYME9}rF|N;vv%V<W)F\+)F|N~u:~duaF~;s3vNV@;r^WSvPu)~\)~)~~~}FPF\^uT9EtOEGF^EFjP~+WuEvP)~\}}FPF\t4t0}u6~v}u&E$t3jXEtE[^_UV>uf~u`uy}ujjju`u<EPuuu3uEP%Y^]U3ES]VutSujSXff/tf\uBB
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfNt&FPQfNtf^jTueNN$EN4ENDEgN\E[TjSuN\ENDEN4EUN$EINE=M2<Tj,'WS3}ujhT}hD}Eh hh*Phh~hrKPbhVhJ{$u'h0P!h|hphdK4PhXeKD_GTEEEPMlhHEMPWuEPKDEP`MEzh<HMP8W0MEJEKDF9EHeK\MF]EPM]h,EMOPWMSEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFp_^SVvt:FW3;t/pt&UUWWWWWvFUWWWWWp]_^[UVEPtaE+EW=jPE+EPuuvMEMFEt+ptE+EjPE+EPuFup_^SVWv=tt$jvFtptt$Fjp_^[SU-VWv3=tD$0CvFtptD$0Fp3C_^][SU-VWv3=ttt$D$0CvFtptt$D$0Fp3C_^][UVFtZptMSWEPFp@Fpv0SEPWSFWp_[^UT3ESVWEPvEPv@v4WEPSWEPv0M_^33[t:VW=vtvt3@3_^UQEPu#_Mt{EHHVt,Htt$tfuGuuP`:uuPd-W=0jqFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfPMHt$t${Ih)39~PjYM};tl3v@vDvH]FPl;u3M+nMEnMEnMEnShXME|EPEPE,/YYMEvShM|EPEPE.YYMEvShM|EPEPE.YYMEvt /tE^SM;thI|EhP9|E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFxL[uv(V$YY9 [^U9 QQeV9 u(jh v(V 0 E& ujXS9 ]WPEPu$uuhGhFWSu(j0 E(Y& & 9 E8 RuEPu$9 Euu hHhGjuPn(j0 E(Y& u9 E8u;w-uv(V$3Q;uFHM8uF,M't%FM;uFLt
Ansi based on Dropped File
(~WRD0000.doc)
jFxL[uv(V$YY[^UQQeVu(jh v(V EujXS]WPEPu$uuhGhFWSu(jE(YE8uEPu$Euu hHhGjuPn(jE(YuE8u;w-uv(V$3Q;uFHM8uF,M't%FM;uFLt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jgHYUVEPxW^]xW_UVxWLEtVY^]UVW}GtGP:t?uN;tQR-YYt3$ttEtttt3@_^]UE=MOCt=csmu+~3]jhC}]ssue;ute~;w|O1uEytshSOteu-Yee}]uuE;utVsL]u~8csmu8xu2H t!t"uxu3A3jhCMt*9csmu"At@tePq?E38EeG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jhMPEPE YYM]jh8MFhPEPEYYM]uM(MVvMM9j8~39}u3MM}_;E~q;}}}\uMt/uFPMVt;|EEEE;E|;}tMWudEG;|MM3@~j4,}39]u3}OT_E;tM/9]]]uOT;ts9ukh,wYME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jHZ^0 M9 }9 9 ]9 ;IQ9 o9 f"t343FP9 N9 f\uFVj"9 P}9 u9 +VPEP9 0 u~9 }eP9 -: MM" hh`$9 2Rh9 h9 !RX$`9 EjPEP9 q~ME 0 EEPMQ"!juEP9 E<~MEz`PMq`P9 9 ME ME MM jV9 }0 E& `9 E3@j[eqEP9 'ahh`$9 89 MM~ S9 \$VW9 9 V9 :aO0 P9 *aV9 "a_^[U9 QeQ9 M& : 9 Ej9[R9 0 ueNl$^9 j9["9 0 ul$eN #j10 M9 ]9 9 u9 ; Q9 0 f-tf0rf9v3x69 j}9 69 j,9 9 ;ta;t;}9 ;t9 +9 WQEP9 ]S9 ]eP9 MM# O>9 PjI9 EXY3@; txD$D$PY" >9 L$PU9 QeQ9 Ma9 EjXj 9 9 u9 Mj6EP: eM89 jh$M9 M& u!GMZ3@ajh$}9 & u@0 G9 MM*9 3y9 L$th$h$ U9 Qey9 Mjth$h$" 9 E#3jh[9 } RjY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
jHZ^M}];IQof"t343FPNf\uFVj"Pu+VPEPu}eP-MMhh`$2hh!X$EjPEPqMEEEPMQjuEPE<MEzPMqPMEMEMMjV E`E3@j[eqEP'hh`$8MM~S\$VWV:OP*V"_^[UQeQMEj9[RueNl$^j9["ul$eN#j1M]u;Qf-tf0rf9v3x6j}6j,;ta;t;};t+WQEP]]ePMM#O>PjIEXY3@;tD$D$PY>L$PUQeQMEjXjuMj6EPeM8jh$MMu!GMZ3@ajh$u@GMM*3yL$th$h$UQeyMjth$h$E#3jh[}jYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jh}M PEPE YYM]jh8}MFhPEPEYYM]u9 M0 ~(}9 MVv: MM9xj8~39}u3aM9 M0 }_;0 E~q;0 }0 }}\u9 M 9 & t/& uFPMV0 t;~|9 E9 ~0 EE9 E;E|;}t9 MWud 9 EG;|MM 3@~j4,}39]u39 }OT_0 E;tM/9]0 ]0 ]} uOT 9 ;ts9~ukh,wY9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
jj!V9 |9 ^jUI9 u& t_9 F(+F "!+9 O3GMeh"!Wv$MWvvhGWv$MWvvMMV3JV9 LP3@0 X0 \ T9 ^x9 D$0 X9 D$0 LU9 VEPEP9 9 T <9 MD
Ansi based on Dropped File
(~WRD0000.doc)
jj!V|^jUIut_F(+F +O3GMehWv$MWvvhGWv$MWvvMMV3JVLP3@X\T^D$XD$LUVEPEPT<MD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjjPhOWj0 _^VW39 9=u^X& uUh|9 hPj0 W5"!N,WWWWWWh 9 Phh 0 ;t9 3@3_^9 & tt$PjiJ9 FDPM!ee~`9 !+& ~p& |V9 _& t9 j9 NyMMe" J=u1x& u(V9 t$& tt$Y& t9 V9 R9 j9 ^=W9 ug8& u^V9 t$& tT~uN9 Fuv 9 v9 vPH4u/9 HHu%S9 ^U9 nPvSOt9 USP][^_U9 Q=V9 u6& u-!EEPuNtGh& tuBY& t
Ansi based on Dropped File
(~WRD0000.doc)
jjjPhOWj_^VW39=u^XuUh|hPjW5N,WWWWWWhPhh;t3@3_^tt$PjiJFDPM!ee~`!+~p|V_tjNyMMeJ=u1xu(Vt$tt$YtVRj^=Wug8u^Vt$tT~uNFuv vvPH4u/HHu%S^UnPvSOtUSP][^_UQ=Vu6u-!EEPuNtGhtuBYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjv ^U9 V9 & u3!EPv< & tuEuP ^8& t9 D$ 39 L$3@0 jW19 0 ]u30 E0 0 S0 9 E9 ,0 9 u9 E0 9 E0 9 E0 9 E ME0 ME M0 30 9t9 09 9 ;~0 10 M0 0 0 0 EM 9 x1jLW09 0 },39 @0 E& t9 PR&ELM9 "!K19 D$S9 \$V9 W0 9 D$3G0 F09 W0 ~0 ^Px9 9 P|WPt$9 Ss0 F& tjP0 9 _^[39 Su9t9 V9 0RRR9 V8^V9 9 9 L$;uPvjvnYY39 ;tQ9 ^U9 VEPq@ h9 VEPu V3@^j<l/9 jv
Ansi based on Dropped File
(~WRD0000.doc)
jjv _^V9 t$W9 & t-w& t t$9 F9 V9 +R9 V+RPQwS _^U9 V9 v& t1EPv@ & t u9 E+EP9 E+EPuuvS ^t$9 T$9 D$RPV9 D$tViY9 ^Vt$9 NT~)|$tj9 ^U9 SV3S9 0 E9^<tqW9 .9 =Pu0 E9
Ansi based on Dropped File
(~WRD0000.doc)
jjv^UVu3!EPv<tuEuP^8tD$ 3L$3@jW1]u3EE,uEEEE MEMEM39t0;~1MEM1jLW0},3@EtPR&ELMK1D$S\$VWD$3GF0W~^PxP|WPt$SsFtjP0_^[39u9tV0RRRV8^VL$;uPvjvnYY3;tQ^UVEPq@hVEPuV3@^j<l/jv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjv_^Vt$Wt-wt t$FV+RV+RPQw_^UVvt1EPv@t uE+EPE+EPuuv^t$T$D$RPVD$tViY^Vt$NT)|$tj^USV3SE9^<tqW.=PuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jl h^jN0\9 0 uDENE:M9 YwU9 9 ESV9 0 F89 EW0 F(v(9 3WWWWWWh WN 1Ph 9 0 F;u3[9 E9 ( WW0 F,9 EW0 F0WEPWWWv& uPjWWvEP9
Ansi based on Dropped File
(~WRD0000.doc)
jlh^jN0\uDENE:MYwUESVF8EWF(v(3WWWWWWhWN 1PhF;u3[E(WWF,EWF0WEPWWWvuPjWWvEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM4a}ME0 }p9}ht9WhxtSWv;t"9 MQ9 RH;tM)& uEp9 N9 URP,jhpM ZSE9}Xth`9}0thP
Ansi based on Dropped File
(~WRD0000.doc)
jM4ME}p9}ht9WhxtSWv;t"MQRH;tM)uEpNURP,jhpM ZE9}Xth`9}0thP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM[9 MEP: F;|ME`3F j,&9 E9 @3Wh`thtWP);u3@69 r99 ;tMbVM0 }x& ~3GMMb9 " 9 D$0 9 D$0 Ulh MpbeE`PMf3CM`]E& & 9 ux& 9F M0|M@EpMEdM EXMEL9 N9 U0REP9 NU@9 9 RP9 NU#9 RP& ujME0M E$MEM@EM0]M`EMMa39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jM[MEPF;|ME3Fj,&E@3Wh`thtWP);u3@6r9;tMbVM}x~3GMMb" D$D$UlhMpbeE`PMf3CM`]Eux9FM0|M@EpMEdM EXMELNU0REPNU@RPNU#RPujME0M E$MEM@EM0]M`EMMa3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jME}ME}MMr6j'uelF^VD$tVY^j(uRej5GUDhD(PEPs@u} uP+u+}WVuPEDPuDEjjME-ejhM.jjEPuDM@CDee$tjPM.jjEPuDM@}TtEE0Ps<jE0PsE0+Eu0EE4+E}u8}<+u0+}4E$K4EtFE(jGjTE,-C4ePE=Ta-E@PETPT:E@;E,~E,u@MT$M(;ET|MTE(9ET~E(uTM@M,;E@|M@ETM@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jMTj)9 LX;|MPSEP9 :hP9 E~dME]h 9 dh\9 dMLTP9 dM]wMM\9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jMTj)LX;|MPSEP:hPEdME]hdh\dMLTPdM]wMM\Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Job's URL:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Job's URL: Software\Microsoft\Internet Explorer\InternationalAcceptLanguage%00%%%02x
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JS error: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
jS3@xMF0N(SF4ePRhM3Cj]8SENQHhQHXQHPM3F,9]u<w$tVS5(w$MMj4AbWh4/M<dW3h /M])dMEUMPaMEUMPa9}t_;t[9]uMtMj+;uE;MV+uMPuEPhMPEXeME]]M]M}]UQehD/uEVD$tVY^jLbh0Sj39u)9uht0Sjj YYE};tMEP+EPE0MEGUt!M;Uth 0Sj#PEtPpt=jYEEtu3Pj5(EpEPESPMcjePUeMjE8MEESPh/Sj3jGPEPEPEPM}Eu<}Gt*ORPh/SjgGP)MRPMRPhh/SjG3MM;tP@UE9uut^39tFGtMj$>YEEt3MHOHPEx $WwuujhHSjMEMEzZMEnZMMbZljbuNTEoN4EN E$ZMN"VqxRt38Vt$ahaL$DQPaha3@^jcu03CNX]E~PXeMtSEPEPWu9FTt4E^4PWe
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jS^(WS%9 9 YP9 "!SvYY& t>_^[U9 30 EVW9 Ku3E}fjEPujEP9 9 M_3^ V9 D$tVY9 ^V9 N9 ^hji9 FPMue9 nM ji"!9 FPMueu9 MEU9 QV9 FPMzu9 ,M9 9 ^V9 0D$tV,Y9 ^V9 ~D$tVY9 ^V9 3jt$0 F0 F0 9 ^Vt$9 30 F0 F0 9 ^9 D$Vj
Ansi based on Dropped File
(~WRD0000.doc)
jSYY3@_^[]V9 ND$tV*<Y9 ^V9 9 Pp& tCDVP Q\N9 D$fjhzt$0 FQP|9 uP9 ^9 D$V9 & t0 FDVP [N9 D$jhzt$0 FQPFx9 & uP9 ^9 9
Ansi based on Dropped File
(~WRD0000.doc)
jSYY3@_^[]VND$tV*<Y^VPptCDVPQ\ND$fjhzt$FQP|uP^D$VtFDVP[ND$jhzt$FQPFxuP^
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jt$9 G & tt$9 V9 9 ^ajx9 M.Ueh |eMYMF$UU9 Q9 MejhHL9 EU9 Q9 MejhpL9 EU9 Q9 MejhL9 EU9 Q9 Mejh zL9 EjbeM=3ECPM0 ]ME>& t9 Mjh|9 *L0 ]_h MNhHMNMEPME9 M& tEP^Ojh|9 KM0 ]EM]EME 9 EjeEP3CM0 ]&>& t9 Mjh|9 jK0 ]QhMMM/EPMEM9 M& tEPNjh|9 "KM0 ]]ME,E9 E3jLeM3ECPM0 ]SMEp=& t9 Mjh|9 Jh MAM9 MEPNM0 ]]DMEg9 EjeM>3ECPM0 ]ME<& t9 Mjh|9 +Jh ML9 MEP9 MM0 ]]&DME9 E!jN:ee9 MjhSI9 Meh ELL9 EjNee9 ujhS9 Ieh 9 ELhH9 K9 0 j&eEP" 3FM0 u;& t9 Mjh|9 IhMK9 MEPyLM0 uEC9 EjN3eeu#9 MehELK9 EjNeeu9 MehE
Ansi based on Dropped File
(~WRD0000.doc)
jt$9 V89 _^U9 VW9 39 EHHtLHt6Hu$L;u9 3& " A9 L0 E9 MjVVcP$9 MjVUPhh9 MjVBPhLh@VD_^]hR8U\9 uelEj P0 h! YYjEP9 ce}& lt'& pj P* YYj 9 "& pP9 &9 h\U9 QQeEPE #EV9 & u^4+3^j8\[9 M3M0 }A& & M& & j^WSejS0 ~0 ^ ; & WWjv ;ttWEPjh ;t_EPEPEPu0 }0 }0 } ;t=WujvH ;t*MM~9 (hhxj}"!_MM~3[U9 $ 30 EV9 u&3W9 }9EtMWuPL9 & u3+P=u}uWTWX9 9 M_3^;TUl$R 30 EpSVj[h3EVP dEPE } u|Vh MQjP & W9 = EPVVju& u`PzuUuV 9 & tEEPuVju& t+6 `P6 9 = r
Ansi based on Dropped File
(~WRD0000.doc)
jt$Gtt$V^ajxM.Ueh |eMYMF$UUQMejhHLEUQMejhpLEUQMejhLEUQMejh zLEjbeM=3ECPM]ME>tMjh|*L]_hMNhHMNMEPMEMtEP^Ojh|KM]EM]EMEEjeEP3CM]&>tMjh|jK]QhMMM/EPMEMMtEPNjh|"KM]]ME,EE3jLeM3ECPM]MEp=tMjh|JhMAMMEPNM]]DMEgEjeM>3ECPM]ME<tMjh|+JhMLMEPMM]]&DMEE!jN:eeMjhIMehELLEjNeeujhIehELhHKj&eEP3FMu;tMjh|IhMKMEPyLMuECEjN3eeu#MehELKEjNeeuMehE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jt$V8_^UVW3EHHtLHt6Hu$L;u3ALEMjVVcP$MjVUPhhMjVBPhLh@VD_^]h8U\uelEj PhYYjEPce}lt'pj P*YYj "pP&h\UQQeEPE #EVu^4+3^j8\[M3M}AMj^WSejS~^;WWjv;ttWEPjh;t_EPEPEPu}}};t=WujvH;t*MM~(hhxj}_MM~3[U$3EVu&3W}9EtMWuPLu3+P=u}uWTWXM_3^;TUl$3EpSVj[h3EVPdEPE}u|VhMQjP W=EPVVjuu`PzuUuVtEEPuVjut+6P6= r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jU9 QQ}SVW9 u`9 u& tYEP9 9 u0 EEP9 9 p9 M& t#3Fj9 0 R}u9 u9 PX9 3_^[9 0 & t{3@0 3@48t9 T$89 pWYY9 D$ 3jDXx"9 M>9 } e& t*e9 MQWEPxuM%uEjuMjuMEWMQMQMs9 Q9 EP\9 }0 & t9 MQMQ9 P`u 9 Wuuuuu
Ansi based on Dropped File
(~WRD0000.doc)
juaMPN ljBk9 0 uku39 0 E 0 F0 F0 FP9 }lj s7 ke9Eu9 IjQ9 MQPEPj3CM0 ]uEPMEu9 MEPaM0 ]]ME`9 EkjBk9 0 u 3j
Ansi based on Dropped File
(~WRD0000.doc)
juMPNljBkuku3EFFFP}lj s7ke9EuIjQMQPEPj3CM]uEPMEuMEPaM]]MEEkjBku3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jUQQ}SVWu`utYEPuEEPpMt#3Fj}uuPX3_^[t{3@3@48tT$8pWYYD$ 3jDX"M>} et*eMQWEPxuM%uEjuMjuMEWMQMQMsQEP\}tMQMQP`u Wuuuuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juu9 Eu]9 U9 QS3V;uXj^0 0SSSSS(9 9]v39]f0 " @9EwOXj"9 E"w9]0 ]9 ]9 tj-Xf0 9 EwE9 E0 u3QuPS }0 ]9 9 vW0f0 9 MFFA0 M& w& v;Mr9 M3;Mrf0 Wj"Y0 9 39f0 NN9 Ef9 f0 Nf0 N@@0 E;r3^[9 U9 W9 }juuuu_]9 U9 SV9 uW39}u;u9}u3_^[];t9 ];w?Wj^0 0WWWWW9 9}u3f0 9 U;u3f0 }9 u
Ansi based on Dropped File
(~WRD0000.doc)
juu9 M]9 U9 9 E& t8uPY]9 U9 30 ES3V;upFj^SSSSS0 05uW YY;Er9 U9 9 H;u 9 8t`<a|<z, A8u3jpSSjWVQR} 9 $0 M;uE*E9 9MsEj"^;~Ej3Xr9A=w+9 ;tPY;t9 M0 E0 ]9]u
Ansi based on Dropped File
(~WRD0000.doc)
juuEu]UQS3V;uXj^0SSSSS(9]v39]f@9EwOXj"E"w9]]]tj-XfEwEEu3QuPS]vW0fMFFAMwv;MrM3;MrfWj"Y39fNNEffNfN@@E;r3^[UW}juuuu_]USVuW39}u;u9}u3_^[];t];w?Wj^0WWWWW9}u3fU;u3f}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juuM]UEt8uPY]U3ES3V;upFj^SSSSS05uWYY;ErUH;u 8t<a|<z, A8u3jpSSjWVQR$M;uE*E9MsEj"^;~Ej3Xr9A=w+;tPY;tME]9]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jV:YY }& 9 %=! S9 & V0 Y & R0 }$9 M0 RVuuu$G 9 ujVuu v9 ]{v& }& )u$u uSuuuV tT_^[9 U9 Vu9 e0 xW9 ^]9 U9 SVW9 E9 Mcsm" u 9 ;t& t9 #;r
Ansi based on Dropped File
(~WRD0000.doc)
jV:YY}%=!VY}$MVuuu$GujVuuv]{v&})u$u uSuuuV tT_^[UVuexW^]USVWEMcsm"u ;t&t#;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jX ; & 0 ]9]u9 9 @0 E9 5 39] SSu" uPu9 ; ~<w4D?=w 9 ;tP[^Y;t9 & ti?PjS AWSuuju& tuPSuR0 ESSj9 EYu39]u9 9 @0 E9]u9 9 @0 Eu|UYu3G;EtSSMQuPuU9 ;t0 uuuuuu9 ;tV\Y9 e_^[9 M3R09 U9 uMPu$Mu uuuuu }t9 Map9 U9 39Ev9 M 9t@A;Er]9 U9 9 EV3;uVVVVV;9 @^]8 `Vj^& u;}9 `jPYYP& ujV0 5`SYYP& ujX^38 P0 |j^3H W9 9 & 9 9 t;t& u0 1 B |_3^xv =tU5P>[Y9 U9 V9 u8 ;r" w9 +Q:N Y
Ansi based on Dropped File
(~WRD0000.doc)
jX00& ;u9 ;u39 f9t@@f9u@@f9u9 5 SSS+S@PWSS0 E0 E;t/PY0 E;t!SSuPuWSS& uu Y0 ]9 ]W9 \t;u 9 ; r8t
Ansi based on Dropped File
(~WRD0000.doc)
jX00;u;u3f9t@@f9u@@f9u5SSS+S@PWSSEE;t/PYE;t!SSuPuWSSuuY]]W\t;u;r8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jX;]9]u@E539] SSuuPu;~<w4D?=w;tP[^Y;tti?PjSAWSuujutuPSuESSjEYu39]u@E9]u@Eu|UYu3G;EtSSMQuPuU;tuuuuuu;tV\Ye_^[M3R0UuMPu$Mu uuuuu}tMapU39EvM9t@A;Er]UEV3;uVVVVV;@^]8`Vj^u;}`jPYYPujV5`YYPujX^38P |j^3HWt;tu1 B|_3^v=tU5P>[YUVu8;r"w+Q:NY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jY+0 M+MV0 M9 0 M0 MjY+9 E0 M0 UE0 M9 MP0 U|n9 9 j;tEPkwEEP]wE9 9 jPLw9 9 50 jp9 jp3FM E"!MM"!9 9}tg9 & t9 E;E~0 EE
Ansi based on Dropped File
(~WRD0000.doc)
Jy^9 U9 W9 /& tS}t}uu7~Y0 E}t9 G;Er9 O+ESV4A9 uuS & tCC;v^[_]9 +G9 D$9 P9 @RPz9 D$& t
Ansi based on Dropped File
(~WRD0000.doc)
Jy^UW/tS}t}uu7~YE}tG;ErO+ESV4AuuStCC;v^[_]+GD$P@RPzD$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jYEejY1uvM$:uj<+t(<-t$:t<C<<E~<c0<e(jJjy1RM$:T:fUu<9}s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j}}yEPeM& tMM9 &zMMEME9 EPhMIPVM" EM& t9 u`MEp}wME]ujxEPeM& t3MMo9 wy}tjyY9 9 }MMESMEWhM9 PVM
Ansi based on Dropped File
(~WRD0000.doc)
j}}yEPeMtMM&zMMEMEEPhMIPVMEMtuMEpwME]ujxEPeMt3MMowy}tjyY}MMEMEWhMPVM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
K ~?`,ZD^0RaX(nb:Me!g KqFSx1H1E#7OASA`+S#ZhKx&h},X (<U0 %! y-y ! %ww+f
Ansi based on Dropped File
(~WRD0000.doc)
K& EE9 E;|^[`EjlW teMqj9 Mjj0 s j,h DR9 9 }9 u0 ]e9 G0 EvEP}YY0 E 9 0 E9 R0 E0 9 M0 Re3@0 E0 EuuSuW0 Eeo9 E9 e9 u9 }~ O9 O9 ^e9 E;Fsk9 P;~@;H;9 F9 LQVjWee9 uEE9 E0 E9 }9 u9 E0 Gu}Y9 M0 9 M0 R>csmuB~u<9 F= t=! t=" u$}u}tvY& tuV%YYjhHD30 U9 E9 H; X8Q O9 H;u <9 9 u& xt10 U3CStA9 }wzYY& SVnzYY& 9 G0 9 MQPYY0 9 }9 Ep tH7zYY& SV&zYY& "!w9 EpV& 9 & t|WS9Wu8yYY& taSVyYY& tTwW9 Ep_YYPV9yYY& t)SVyYY& tw yY& tjX" @0 EE9 E3@9 eF30 jhhD79 E t9 ]
Ansi based on Dropped File
(~WRD0000.doc)
K& uSh,1MZM*"EPMEH&9 M& ujh|9 (XM0 ]]"EP`[9 Mjh|9 W0 ]MER9 E9 L1L1V9 0zD$tVY9 ^D$V9 L1tVY9 ^j~f9 0 u~9 X1xHeh|9 9 wS9 X1rQj[eEPXMMJQTj\dmq9 I& t3@=9 0 ejh\1VVM"3M0 u& uFMM9 hRd9 9 ]& t9 z& t
Ansi based on Dropped File
(~WRD0000.doc)
K9 ESjNeeu9 MehEJ9 E]jNveeu'9 MehEJ9 EjN7eeu9 MehEPJ9 EjHj9 9 Me8:& t9 Mjh|9 |G=EP9 9 M3F0 u8PMI9 MEPJM0 uEaA9 EhjHj9 9 Me9& t9 Mjh|9 G<uEP9 L3FhM0 u~I9 MEPQJM0 uE@9 EjHj9 9 MeK9& t9 Mjh|9 FZEP9 a3FM0 u9& t9 Mjh|9 aF9 M7PMH9 MEPIM0 uEW@9 E^j&wueEPP3FM0 u8& t9 Mjh|9 EhMxH9 MEPKIM0 uE?9 EjQ9 M ueEP9 f3CM])8& t$3ME ?MMJ9 }hMG9 MEP0 ]6PM6PM& t9 ]j|p9 MueEP9 ME 7M& u+hxG9 MEPZ6PMQ6PMME>MM}jNeeu9 Meh$EG9 E" jNeeu9 MehHEF9 EVjoe9 M3C0 ]6& t9 Mjh|9 C0 ]}uMWGh9 hME6h9 hM 6hhMt6hhMb6hT"!hSMP6VhM=6VhM/6Vh M!6VhxM6VhpM6hlhdM5h|9 h\M5M3 & ~`VM 4f:t6f.t0f/t*f?t$f\tf*tf<tf>tf|tf"uj_VMS4MF1 ;|MB5& uM4PM D9 MEPEM0 ]]}<ME <9 E0 j hjhM8Beh! M%DMjME: 3Ph M8#MEMM<U9 30 EV9 uh& jPh& P5"!,j9 & uh|9 & P~A9 M9 3^Hj EPs3M0 u3& tMM_;9 gM2P09 joueEP[ME3& t$3ME
Ansi based on Dropped File
(~WRD0000.doc)
KEEE;|^[EjlWteMqjMjjsj,h DR}u]eGEvEPYYE EEMe3@EEuuSuWEeoEeu}~OO^eE;FskP;~@;H;FLQVjWeeuEEEE}uEGuYMM>csmuB~u<F= t=!t="u$}u}tvYtuV%YYjhHD3UEH;X8QOH;u<uxt1U3CStA}wzYYSVnzYYGMQPYY}EptH7zYYSV&zYYwEpVt|W9Wu8yYYtaSVyYYtTwWEp_YYPV9yYYt)SVyYYtwyYtjX@EEE3@eF3jhhD7Et]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KEjNeeuMehEJE]jNveeu'MehEJEjN7eeuMehEPJEjHjMe8:tMjh||G=EPM3Fu8PMIMEPJMuEaAEhjHjMe9tMjh|G<uEPL3FhMu~IMEPQJMuE@EjHjMeK9tMjh|FZEP3FMu9tMjh|aFM7PMHMEPIMuEW@E^j&wueEPP3FMu8tMjh|EhMxHMEPKIMuE?EjQMueEPf3CM])8t$3ME?MMJhMGMEP]6PM6PMt]j|pMueEPME7Mu+hxGMEPZ6PMQ6PMME>MMjNeeuMeh$EGEjNeeuMehHEFEVjoeM3C]6tMjh|C]}uMWGhhME6hhM6hhMt6hhMb6hThMP6VhM=6VhM/6VhM!6VhxM6VhpM6hlhdM5h|h\M5M3~`VM4f:t6f.t0f/t*f?t$f\tf*tf<tf>tf|tf"uj_VMS4MF1;|MB5uM4PMDMEPEM]]<ME<EjhjhM8BehM%DMjME3PhM8#MEMM<U3EVuhjPhP5,juh|P~AM3^HjEPs3Mu3tMM_;gM2P0joueEP[ME3t$3ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Kju4PPWWWWPsE,tsjjSu,u4Su,h WWu4u$u WWu@uu4u(u4Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
kMEkMEkuduMP}p9 uPER`& VMX}Xu/}pt
Ansi based on Dropped File
(~WRD0000.doc)
kMEkMEkuduMP}puPEVMX}Xu/}pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KS[cks{ "$#&+3(;C*KS,[c.ks0{2468:<>"A19Z"}"("d
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KS[cks{9 : "$#&+3(;C*KS,[c.ks0{29 4: 68:<>" A19Z" & }~" (" d
Ansi based on Dropped File
(~WRD0000.doc)
KuSh,1MZM*"EPMEH&Mujh|(XM]]"EP[Mjh|W]MEREL1L1V0zD$tVY^D$VL1tVY^j~fu~X1xHeh|wSX1rQj[eEPXMMJQTj\dmqIt3@=ejh\1VVM"3MuuFMMhRd]tzt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
K~?`,ZD^0aX(nb:Me!gKqFSx1H1E#7OASA`+#ZhK&h},X (<U%y-y%ww+f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L! LL LLLL" LL" 0" M&M.M6M>MFMvMM" MM" @Y! " h0MMMMM@#" NN%N-N5NXN`N" N" TN" N" OO" 4O" WO" 8zO" d" OOOOOOO" P"P-P" RPZP" L "
Ansi based on Dropped File
(~WRD0000.doc)
L$t3^jut6}u0M!eEPMuM3!pPhj_XMM3@ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L1$ ! & _^[u ]%@]9 U9 9 EV3;uVVVVVhjX
Ansi based on Dropped File
(~WRD0000.doc)
L1$!_^[u]%@]UEV3;uVVVVVhjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L1P`B:}Q0 MS<9[`B:}OMEO ?tEPuEP/9 ES39U}E9UuE9Uu+E=P"=R. `0 E; }
Ansi based on Dropped File
(~WRD0000.doc)
L1PB:}QM<9[B:}OMEO?tEPuEP/E39U}E9UuE9Uu+E=P"=.`E;}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L9Pf;sQ0 Mf9! Yf;sJ9 E} 9 MEH 8tEPuEP$Q9 E39US}E9UuE9U u+E=P"=R. `0 E; }
Ansi based on Dropped File
(~WRD0000.doc)
L9Pf;sQMf9Yf;sJE}MEH8tEPuEP$QE39U}E9UuE9Uu+E=P"=.`E;}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L`@3E=}h@5huh=@tPzYhSE0j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
like this.Introducing a handy new featureThe publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.Version: About NotificationsFeedBackFAQPrivacy PolicyAboutViewShow notifications from:Notification SettingsShow icon in system trayNotifications enabledDisable NotificationsEnable NotificationsAbout...Settings...RefreshCommunity Notifications9 Xx>: 0 mmmxxxmr`NEmConduitAlertMessageCommunity AlertsAlerts/AlertServices.asmx/AlertLoginAlerts/AlertServices.asmx/GetToolbarAlertsInfoAlerts/AlertServices.asmx/SetAlertUsageRequestConduitFeedsSoftwareDataChannelsRegisteredSourcesSourcesHistoryIgnoreNotificationsDataAppsGuids%22%40@%2B%2F%26%2b%2f_><<&&"'CLSID\LastUpdateTime0IntervalLastCheckTimeUpdateFeedIntervalShowStateLastDisplayTimeDownloadErrorCountIsFeedModifiedINSTANT_ALERTConduit_Alert_Autoupdate_MutexAlert1.dllAlert0.dllAlert.dllConduit Ltd.AutoUpdateLastTimeAutoUpdateIntervalInHoursAutoUpdateServerNamehttp://iealert.conduit-download.comAutoUpdateServerVersionFakeAutoUpdateIntervalAutoUpdateEnabledShowAlertsSendUsageEnabledShowIconInSystemTray\StringFileInfo\%04X%04X\%sFileVersionAlertWindowLastUserCloseTimeShowMessageAfterUserCloseIntervalUpdateAllFeedsLastTimeLogMaxFileSizeLogLevelsStringSampleAlertWasShownFirstTimeMessageDisplayedMessageAppearTimeMaxShowedMessagesDefaultShowIconInSystemTrayFirstTimeStampIntervalFirstTimeStampLoginMessageIntervalInMinutesLoginMessageLastCheckTimeLoginMessageLastUpdateTime}{UserIDLocalesLP_CurrentUILocaleAlerts/AlertServices.asmx/GetAlertTranslationLP_LastCheckTimeLP_LastUpdateTimeLP_ReloadIntervalInHoursShowSampleAlertSampleAlertNameLanguagePack.xmlInstantAlertIdsDialogsmain.htmlAlertReformatURLALERT_HTML_DIALOG_MUTEX_NAME<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML><PROTOCOL_ID>%s</PROTOCOL_ID>DisableSourcesxRrXALPClientsServerNamehttp://alert.client.conduit.comALPServicesServerNamehttp://alert.services.conduit.comCacheIconsLanguagePacksLog.xmlThreadingModelApartment\InprocServer32Conduit Community AlertsPathTitleUrlALERT_CHANNELMESSAGEALERT_INFO1 .Update?aid=FaqAlertsPrivacyFeedback\USER_ALERTS_STATUSDISABLEDENABLEDUSER_IDKEY_IDTRANSLATION_KEYSALERT_TRANSLATION_RQEB m_WM_ALERT_BROADCASTR$a~lwM @a;x}~ rrx(("zDyxy"!y0 usU'r#s"! ALERT_OPTIONS_DIALOG_MUTEX_NAMESysTreeView32?@HB ) dB xx emNaG Qdc.}" 0 60 f! ArialTahoma8n'M>: XmmmXxxmLGp: PB ) dB xx emNaG Qd c
Ansi based on Dropped File
(~WRD0000.doc)
like this.Introducing a handy new featureThe publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.Version: About NotificationsFeedBackFAQPrivacy PolicyAboutViewShow notifications from:Notification SettingsShow icon in system trayNotifications enabledDisable NotificationsEnable NotificationsAbout...Settings...RefreshCommunity NotificationsX>mmmmr`NEmConduitAlertMessageCommunity AlertsAlerts/AlertServices.asmx/AlertLoginAlerts/AlertServices.asmx/GetToolbarAlertsInfoAlerts/AlertServices.asmx/SetAlertUsageRequestConduitFeedsSoftwareDataChannelsRegisteredSourcesSourcesHistoryIgnoreNotificationsDataAppsGuids%22%40@%2B%2F%26%2b%2f_><<&&"'CLSID\LastUpdateTime0IntervalLastCheckTimeUpdateFeedIntervalShowStateLastDisplayTimeDownloadErrorCountIsFeedModifiedINSTANT_ALERTConduit_Alert_Autoupdate_MutexAlert1.dllAlert0.dllAlert.dllConduit Ltd.AutoUpdateLastTimeAutoUpdateIntervalInHoursAutoUpdateServerNamehttp://iealert.conduit-download.comAutoUpdateServerVersionFakeAutoUpdateIntervalAutoUpdateEnabledShowAlertsSendUsageEnabledShowIconInSystemTray\StringFileInfo\%04X%04X\%sFileVersionAlertWindowLastUserCloseTimeShowMessageAfterUserCloseIntervalUpdateAllFeedsLastTimeLogMaxFileSizeLogLevelsStringSampleAlertWasShownFirstTimeMessageDisplayedMessageAppearTimeMaxShowedMessagesDefaultShowIconInSystemTrayFirstTimeStampIntervalFirstTimeStampLoginMessageIntervalInMinutesLoginMessageLastCheckTimeLoginMessageLastUpdateTime}{UserIDLocalesLP_CurrentUILocaleAlerts/AlertServices.asmx/GetAlertTranslationLP_LastCheckTimeLP_LastUpdateTimeLP_ReloadIntervalInHoursShowSampleAlertSampleAlertNameLanguagePack.xmlInstantAlertIdsDialogsmain.htmlAlertReformatURLALERT_HTML_DIALOG_MUTEX_NAME<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML><PROTOCOL_ID>%s</PROTOCOL_ID>DisableSourcesxrXALPClientsServerNamehttp://alert.client.conduit.comALPServicesServerNamehttp://alert.services.conduit.comCacheIconsLanguagePacksLog.xmlThreadingModelApartment\InprocServer32Conduit Community AlertsPathTitleUrlALERT_CHANNELMESSAGEALERT_INFO1 .Update?aid=FaqAlertsPrivacyFeedback\USER_ALERTS_STATUSDISABLEDENABLEDUSER_IDKEY_IDTRANSLATION_KEYSALERT_TRANSLATION_RQEB m_WM_ALERT_BROADCAST$~lwM@;x}rrx(("zDyxyyusU'r#sALERT_OPTIONS_DIALOG_MUTEX_NAMESysTreeView32?@HB)dBxxemNaGQdc.6fArialTahoma8n'M>XmmmXmLGpPB)dBxxemNaGQdc
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LLLLLLL"LL"0"M&M.M6M>MFMvMM"MM"@Y! "h0MMMMM@#"NN%N-N5NXN`N" N"TN"N"OO"4O"WO"8zO"d"OOOOOOO"P"P-P" RPZP"L "
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Local Disk (C).LNK=0[doc]Alert.dll.LNK=0
Ansi based on Runtime Data
(WINWORD.EXE
)
LocalAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LOCALE_NOT_SUPPORTED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LocalFileTimeToFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LocalFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LP_CurrentUILocale
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
lPhtM`MPESVEPPM<E9Ph`M`sMPEM|E`P9pEMEM EMEzM@EnM0]cM`EWMM_]UMtMtMj"M{MPrPhu03@]j@eM43CM]lEuMjh|]MQE0gjhMlVMEoM[MEPVE@!MPMMPMEDM]9F;|MEPMEMEPgM]]MEEj,_ejuM3CM]EtMjh|]M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
lxPhtM`MPESVEPPM<9 E9xPh`M`sMPE9 M|E`P9pERME M E MEzM@EnM0]cM`EWMM_9 ]U9 9 Mx& t9 Mx& t9 Mj~"9 M{~9 MPr~Phu03@]j@eM43CM0 ]l0 E& u9 Mjh|9 0 ]9 MQ9 9 E9 0gjhMlVMEoM[9 MEPVE@!MPM9 MPMEDM]9F;|" MEPME9 MEPgM0 ]]ME9 Ej,_ejuM3CM0 ]E~& t9 Mjh|9 0 0 ]M
Ansi based on Dropped File
(~WRD0000.doc)
M Ep\MPEd\M0EX\M@EL\ME@\ME4\M]9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
M Ep\MPEd\M0EX\M@EL\ME@\ME4\M]Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M!_^Ujju tuYME;sMSWWYuMjX9EVEMM;wEu+uE+;wjVuuRujWSu>GH<Pu|Ku|u|t}E}uE9Eq^SEY_[T$L$VqAAN?qA^UXSW}3];ujXGGVSP7tu*EP7YYtM}PKtEEP7YYtuEP7lYYtuEP7XYYtuEP7DYYtuEP7tYYtuEPuEP7TtuEP7?YYtuEP7+YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuuu9]E;t;;us]v}v7jSPytM+}uu`}tZu] ;s}tju7u!EMv} v7jSutME+EE}uz]$tXuM(;suMtjP7UtMv}(v7juStM}u}tjYuEtME^_[Vt$W3;ujX*F$WWWWWFWFxPF(PV~3$;N_^Vt$W3;ujXF9~ujF@;FtNPNLVHWWWWWFWFxPF(PL.NV3$;N_^UQESVuW38E8E8FFxWP63:tfEP6yYYt}PKtj[EP6YYtEP6YYtEP6YYt;uF49Eu;ttj[EP6YYtEP6YYt;uE;F<tEuj[EP6YYt;uE;F@tEuj[EP6YYt;uE;FDtEuj[EP6(}YYtu;~Htj[E8EP6YYtFxMD8EMM_^[SUW|$33;ujXMVw|;ujX?9^\uFP;FTtj];tPoY9^@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M'S9; Z>&XBK\$:[.=\-Q(2/R*<6)GA%"TE
Ansi based on Dropped File
(~WRD0000.doc)
M'S9;Z>&XBK\$:[.=\-Q(2/R*<6)GA%"TE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M)Mb9 T$B9 J3@"!Ta: M{)M79 T$B9 J3"!6: MP)9 E e9 M8)M/)9 T$B9 J3aM)M)MM(9 T$B9 J3 0aM! M(M& 9 M(9 T$B9 J3[t|aM (MDMJ9 T$B9 J3(IaM(c(M8[(MS(MM"!-M8;(9 T$B9 J3 "!Mn-9 T$B9 J3 0"!MMM'M3-M'u~Y9 T$B9 J 3m T}"!M'M'MNM'ML9 T$B9 J3* K"!Me'M ]'M,MXMLM3M85'ulnYM8#'9 T$B9 J3 M'M&M&MM&9 T$B9 J3 `M&9 E e9 M&MS&MJMP9 T$B9 J3. OMi&MM9 T$B9 J3" 9 T$B9 J3" < M
Ansi based on Dropped File
(~WRD0000.doc)
M)MbT$BJ3@TaM{)M7T$BJ36MP)EeM8)M/)T$BJ3M)M)MM(T$BJ30MM(MM(T$BJ3[t|M(MDMJT$BJ3(IM(c(M8[(MS(MM-M8;(T$BJ3Mn-T$BJ30MMM'M3-M'uYT$BJ3mTM'M'MNM'MLT$BJ3*KMe'M ]'M,MXMLM3M85'ulnYM8#'T$BJ3M'M&M&MM&T$BJ3`M&EeM&M&MJMPT$BJ3.OMi&MMT$BJ3T$BJ3<M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M.9 Mb,9 T$B9 J3SR%~M?,9 T$B9 J3: 9 `3: M,M,M+MM9 T$B9 J3 : M+MzM 9 T$B9 J3^: @9 E e9 M0 +9 T$B9 J3*: lKMe+MM9 T$B9 J3aM2+M*+M"+M9 T$B9 J3aSMM*M*M*M*M*9 T$B9 J3qa SM*MhMS*9 E e9 M *9 T$B9 J3%a FSM`*MMP*9 T$B9 J3"!SM-*MM*M*9 T$B9 J3"!: 9 M9 T$B9 J3 "!0: M)9 E e9 M)Md
Ansi based on Dropped File
(~WRD0000.doc)
M.Mb,T$BJ3%M?,T$BJ33M,M,M+MMT$BJ3M+MzMT$BJ3^@EeM+T$BJ3*lKMe+MMT$BJ3M2+M*+M"+MT$BJ3MM*M*M*M*M*T$BJ3qM*MhM*EeM*T$BJ3%FM`*MMP*T$BJ3M-*MM*M*T$BJ3MT$BJ30M)EeM)Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m0uuuuVh;}u;"SSSSS&^[]UQQEVuEEWVEY;uJuMQuP`E;uPtPYD0 EU_^jh@FfHuuEu r3;|;r!c8IWWWWW%L1u&"8WWWWW%[PY}D0tuuuuEU8MMEEUGu YUEVW|Y;sQ<<u5=S]utHtHuSjSjSj3[ _^]UMS3;VW|[;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M1 3$jjZ9 P MM f9 rVW9 jt$9 V{FV9 t$m9 u_^9 D$pt$@U9 T 30 EVj9 [3jNPf0 EEP{uEj(Pua jEP9 u9 M3^kU9 T 30 EVj9 3jNPf0 EEPs{uEj(Puum jEP9 9 M3^jj71p9 0 ueN S`u9 EY9 pV9 VD$tVpY9 ^j/7o9 0 u~9 E3P& v S9 & & t9 j9 9 CP;r9 Ea& M9 '& PpV9 8D$tVlpY9 ^jBOo9 0 u u3u9 0 E 0 F0 F0 F9 ojBo9 0 u 30 E0 F0 F0 F9 E P9 9 oVj9 Kt$9 t$;^Vj9 .t$9 t$^jB n9 0 u) 30 F0 F0 F0 E9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
M13$jjZPMMfrVWjt$V{FVt$mu_^D$pt$@UT3EVj[3jNPfEEP{uEj(PujEPuM3^kUT3EVj3jNPfEEPs{uEj(Puum jEPM3^jj71pueN uEYpVVD$tVpY^j/7ou~E3Pv StjCP;rEaM'PpV8D$tVlpY^jBOouu3uEFFFojBou3EFFFEPoVjKt$t$;^Vj.t$t$^jBnu)3FFFEEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m3@m*MMl3j@"v)9 MleVEPMMEjEPMEMEMEMM l3)j@"(9 MPleVEPMME jEPMEFME}MEqMMl3m)j@"(9 MkeVEPMMEjEPMEMEMEMM k3(j"(9 E-tMHtHt
Ansi based on Dropped File
(~WRD0000.doc)
m3@m*MMl3j@"v)MleVEPMMEjEPMEMEMEMMl3)j@"(MPleVEPMMEjEPMEFME}MEqMMl3m)j@"(MkeVEPMMEjEPMEMEMEMMk3(j"(E-tMHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m3Pj5(v030& (U9 (VW9 }9 & t:j(EjP2EPjh>E0 }& t9 E_^j`A#J'9 EPv@ 9 }33;t0 E9 Ehv0 ]0 E0 ]P0 E& M jhHM0 ]~EPEPEiYYM] 3GWE9 0 ePv9 }9 huP`9 }W9 }j69 S0 9 }h"!`9 }Sh: x9 }Sha9 }EPEP9 E9 M9 E+EW0 EE0 M9 }P9 }jX+EE;tdMM3GhvP0 E& MSjhME9EPEPEwhYYME>WE9 0 ePv9 }9 huP`9 }W9 }j9 S0 9 }hxG9 }Sh\9 }Shq9 }EPEP9 E9 M9 E+EW0 EE0 M9 }PR9 }jX+EE;t!MM]hvP0 E& MjhpMEEPEPE9gYYMEWE9 0 ePEv9 } 9 huP`9 } W}9 } j9 S0 9 } h 9 } Sh9 } Sh 39 } EPEP9 M9 E9 } 0 E9 E+EW0 EEPl9 9 }jX+EE;t MMhvP0 E& MjhM EEPE PEeYYM EWE9 0 ePv9 }S9 huP`9 }SW?9 }Sjw9 SS0 9 }ShS9 }SSh~9 }SSh9 }SEPEPJ9 M9 E9 }S0 E9 E+EW0 EEP.`9 }jX+EE;tSMM9 E9 M& P++MQ9 }."jH|#!9 WvP0 E|9 & j9 0 ejSSv9 }9 WuP`M=ejhXM&EPEPEddYYME+9 }9 URPP9 }j}l9 WPMMWvP0 E& : j9 0 ejSav9 }9 WuP`M jhMEjEPEPEcYYMEo9 }9 URPP9 }j}l9 WPMM5?!j.Z 9 j4hY9 0 M30 E;t0
Ansi based on Dropped File
(~WRD0000.doc)
m3Pj5(v030(U(VW}t:j(EjP2EPjh>E}tE_^j`A#J'EPv@33;tEEhv]E]PEMjhHM]~EPEPEiYYM]3GWEePvhuP`Wj6ShShShEPEPEME+EWEEMPjX+EE;tdMM3GhvPEMSjhME9EPEPEwhYYME>WEePvhuP`WjShGSh\ShqEPEPEME+EWEEMPjX+EE;t!MM]hvPEMjhpMEEPEPE9gYYMEWEePEvhuP`W}jShShSh3EPEPMEEE+EWEEPljX+EE;tMMhvPEMjhMEEPEPEeYYMEWEePvhuP`W?jwShShShEPEPJMEEE+EWEEP.jX+EE;tMMEMP++MQ."jH|#!WvPE|jejSSvWuP`M=ejhXM&EPEPEddYYME+URPPjlWPMMWvPEjejSvWuP`MjhMEjEPEPEcYYMEoURPPjlWPMM5?!j.Z j4hYM3E;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M9 E0hlMI-& uh`M'-& tuESu9 uPh : M-& t
Ansi based on Dropped File
(~WRD0000.doc)
M9 EME j,=eEP 3CM0 ]p& t9 Mjh|9 0 ]MMEiMEnME`9 EPhxMPVMq9 M& ujh|9 P EP#M0 ]EMEM]CME79 E>jWEPeM& uTMMEMEuMh9 ;PVMHMEMEiMMj}EPeM& t3MMl9 tMMEME*9 EPhM PVM& u!E9 uMEME9 j.}EPweMg& t3FMM9 }MlMEqME9 EPhMPVM=& uE9 uME4ME! jEPeM& uTMMEMEuMh9 qPVM~MEMExMMjEPIeM9& t3FMM9 M>MECME_9 EPhMPVM& uE9 uMEME! j_REPeM& uTMMEMEuMh9 CPVMPME9 MEqMMRj9 EPeM& t3FMMs9 {RMMEME19 EPhM~
Ansi based on Dropped File
(~WRD0000.doc)
M9 ESME|j,"xeEPg3CM0 ]U& t9 Mjh"!0 ]MMENMESSMEo9 EPh@MPVMV9 M& tEPjh*M0 ]ESMEM](ME9 E#xj<wEP& eMu& t3MM9 wMyME~: MEauMh@9 PVMM9 EN: ME4 Ul$ 30 & j v9 E3P0 u0& ;uthEVPjhEPEP4& ;tKjEPM0 u|9 Vh|MVhxM EP9 0
Ansi based on Dropped File
(~WRD0000.doc)
M9 kjWM0 ulMEl& tVVEPuM/~MMJk/9 <& t9 T$39 9 U9 QVW9 9 & tM9 }|@9E};ue9 D& t)p9 & uEPV@& t9 E& u3_^j$i"p.eM& & juj0 EEjPD9hEPM^PMSPu 9 ]9 }jEm2PM-PM"Pu 9 E9 ;E|9 Eu0 uMM0 .U9 SVWjEjP8h jj9 =Pu0 E9 u9 0 E9 "!j[FF+A9 N+;0 ~%9 F9 PQRPQu 9 F+uuu_^[U9 V9 }9 0 M& SW%30 E& ~m9 MSB& tZx9 "& uL!EEPW}@& t59 E0 EEPjh& tuEuP & uC;]| 3_[^9 E& t0 9 EU9 9 EV9 & t00 EEPjh& tjEP ^V9
Ansi based on Dropped File
(~WRD0000.doc)
M9 N 9 A0& u9 I4& u9 Ax9 A4& u9 @|U9 Q9 A4e9 M& ujh|9 $P9 EV9 UD$tVY9 ^V9 @D$tVY9 ^j*Q~9 0 u@23WN,0 ]LWNhEW}E/W}EW}EwW}PE
Ansi based on Dropped File
(~WRD0000.doc)
m: 0uuuuVh;}u;: "SSSSS&^[]9 U9 QQ9 EV9 u0 E9 EWV0 E! Y;ua9 9 JuMQuP` 0 E;uP& tPaY9 9 & D0 9 E9 U_^jh@FfH0 u0 u9 Eua ra9 9 3;|; r!ca0 8IaWWWWW%9 9 9 L1u&"a0 8aWWWWW%9 [PY0 }9 D0tuuuu0 E0 U"!"!0 8MME9 E9 UGu Y9 U9 9 EVW& |Y; sQ9 9 <9 <u5=S9 ]utHtHuSjSjSj 9 0 3["!"! _^]9 U9 9 MS3;VW|[;
Ansi based on Dropped File
(~WRD0000.doc)
M;b#}V>dyt[q~Dwlw+k@hhhhhhhhhhhhhhhhhhhhhhhZ6hhhhhhhhhh\b8KH]Nhhhhhh F3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]<`chhhhhGD?<4_.hhhhh f5aU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M= M9 $`Et-FPjEPME~PMEaME EPM}aM9 & uMT`P9 atCMA+HPFVEPMPMEFaME M] :M] ME! 9 U9 V9 39 9 9 S && SWEPv@ 9 }SEPEP$9 ]+]9 }+}9 }SjS
Ansi based on Dropped File
(~WRD0000.doc)
M=M$Et-FPjEPMEPMEMEEPMMuMTPtCMA+HPFVEPMPMEFMEM]:M]MEUV3999&SWEPv@EPEP$]+]}+}jS
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\;& & E\PMh M87& h & HP9 t}PM\EHE
Ansi based on Dropped File
(~WRD0000.doc)
M\;E\PMhM87hHPt}PM\EHE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\W$M\ZPMh M8NtNxPyPM\ExE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\W& & $M\ZPMh M8N& tN& xP9 yPM\ExE
Ansi based on Dropped File
(~WRD0000.doc)
M_^3[+USVu3W};u;vE;t3E;tvMj^SSSSS0VuMSE9XfEf;v6;t;vWSV#L*L8]tMap_^[;t2;w,Lj"^SSSSS038]yE`pmE;t8]%E`pMQSWVjMQS]p;t9]^M;tPzD;g;_WSVLOUjuuuu|]3PPjPjh@hqdV5XttP|ttP^3t@tttt t#Vt#t;t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
main.html
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MdM69 T$B9 `<3! h0 M! 9 T$B9 J3! 0 M0 9 T$B9 J3! 00 MM9M9 T$B9 J3\! l}0 M;MM! 9 T$B9 J3)! J0 MdM MM9 T$B9 `|3 0 9 M9 T$B9 J3 9 M9 T$B9 J3 D9 T$B9 J3! S9 M[9 M9 M$ 9 T$B9 J3N o9 Mw[9 M~9 T$B9 J3 AuSRYMQ9 T$B9 J3& @M.M&9 T$B9 J3& t! MMM9 T$B9 J3" & ! 9 M2S9 MM#Mk9 T$B9 J3W& x! u9 Yu9 Y9 T$B9 J3(& (I! u9 Yua9 YM9 T$B9 J3 d! 9 M,9 M!9 M 9 T$B9 J3 M MM?9 T$B9 J3& Mdu`Y9 T$B9 J3X y 9 MQ9 M9 T$B9 J3* DK Me"M]"MMM9 T$B9 J3 9 Mr0 9 T$B9 J3& 9 Mx9 T$B9 J3& 9 M9 M9 M9 T$B9 J3g& MMaMM `M0 M0zM@r9 T$B9 J3@5& MOMGM9 E e9 M'9 T$B9 J3 M9 T$B9 J3 MMM tM9 E e9 M9 T$B9 J3Q r MRM 9 T$B9 J3& hG MaMYM9 T$B9 J3 MM&9 T$B9 J3M9 E e9 M|>MM9 T$B9 `x3nhDjj& \P 9 T$B9 `X3/9 `3"XCM]MMM9 E e9 M59 T$B9 J3 S M9 E e9 MMMM 9 T$B9 J3 MM9 T$B9 J3W x M 6MM MzMr9 T$B9 `|3 @2 MLMDM<M4M,MdM\M0MLM 9 T$B9 J3RMMM QMMM}9 M9 T$B9 J3StM}MM~MvMn9 T$B9 JR3\1MKMMT M 3M+MD#M4M9 T$B9 J3~ MMMM4MM9 T$B9 J 3j~9 MIMTM<MMM,}9 T$B9 J3~`@ 9 T$B9 J3~% 9 M59 T$B9 J3} 9 E e9 MM9 T$B9 J3}H9 M9 M ~9 T$B9 J3w}|9 M 9 M9 T$B9 J3I}j9 E e9 Mt
Ansi based on Dropped File
(~WRD0000.doc)
MdM6T$B<3hMT$BJ3MT$BJ30MM9MT$BJ3\l}M;MMT$BJ3)JMdMMMT$B|3MT$BJ3MT$BJ3DT$BJ3M[MM$T$BJ3NoMw[M~T$BJ3 AuYMQT$BJ3@M.M&T$BJ3tMMMT$BJ3M2SMM#MkT$BJ3WxuYuYT$BJ3((IuYuYMT$BJ3dM,M!M T$BJ3MMM?T$BJ3MduYT$BJ3XyMQMT$BJ3*DKMe"M]"MMMT$BJ3MrT$BJ3MT$BJ3MMMT$BJ3gMMMM M0M0zM@rT$BJ3@5MOMGMEeM'T$BJ3MT$BJ3MMMtMEeMT$BJ3QrMMT$BJ3&hGMaMYMT$BJ3MM&T$BJ3MEeM|>MMT$Bx3nhDjj\PT$BX3/3"XCM]MMMEeM5T$BJ3MEeMMMMT$BJ3MMT$BJ3WxM6MMMzMrT$B|3@2MLMDM<M4M,MdM\M0MLM T$BJ3MMMQMMM}MT$BJ3StMMM~MvMnT$BJ3\1MKMMTM 3M+MD#M4MT$BJ3~MMMM4MMT$BJ3j~MIMTM<MMM,}T$BJ3~`@T$BJ3~%M5T$BJ3}EeMMT$BJ3}HMM T$BJ3w}|MMT$BJ3I}jEeMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME LM0 uLVhMxRVh`ME"`REPEPS9 E#ME"}LM0 uLVhMQRVh`ME$<REPEPS9 E%qME$@LM0 u5LVh`MRVE&h(`MQEPEPS9 E'#ME&KM0 uKVhMQVh0 ME(QEPEPS9 E)ME(KM0 u"!KVhXMgQVh8}ME*RQEPEPS9 E+! ME*VKM0 uKKVhMQVh}ME,QEPE-EPS9 9ME,KM0 uJVhMPVhME.PEPEPS9 E/ME.JM0 uJVhM}PVh`ME0hPEPEPS9 E1ME0lJM0 uaJVh M/PVh ME2PEPEPS9 E3OE2MJM0 uJVhMOVh ME4OEPEPS9 E5ME4IM0 uIVh8 M OVhHME6~OEPEPS9 E7ME6 IM0 uwIVhMEOVhME80OEPEPS9 E9eME84IM0 u)IVhpMNVhME:NEPEPS9 E;ME:HM0 uHVhMNVh`ME< NEPEPS9 E=ME<HM0 uHVhM[NVhME>FNEPEPS9 E?{ME>JHM0 u?HIj.b9 >u jkY9 0 Me& t30 9 VSW9 289 9 *9 G_^& tt$9 t$9 L$h|9 I& t9 3"!& t
Ansi based on Dropped File
(~WRD0000.doc)
ME LMuLVhMRVhME"REPEPSE#ME"LMuLVhMQRVhME$<REPEPSE%qME$@LMu5LVh`MRVE&h(MQEPEPSE'#ME&KMuKVhMQVhME(QEPEPSE)ME(KMuKVhXMgQVh8ME*RQEPEPSE+ME*VKMuKKVhMQVhME,QEPE-EPS9ME,KMuJVhMPVhME.PEPEPSE/ME.JMuJVhM}PVh`ME0hPEPEPSE1ME0lJMuaJVhM/PVhME2PEPEPSE3OE2MJMuJVhMOVhME4OEPEPSE5ME4IMuIVh8MOVhHME6~OEPEPSE7ME6IMuwIVhMEOVhME80OEPEPSE9eME84IMu)IVhpMNVhME:NEPEPSE;ME:HMuHVhMNVh`ME<NEPEPSE=ME<HMuHVhM[NVhME>FNEPEPSE?{ME>JHMu?HIj.b>u jkYMet3VW28*G_^tt$t$L$h|It3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME#ME"ME"MEMM 3@j4 9 39]tK9]tFjuM& (EPEP9 0 ]0ME& t!M]|"MMp"3xMjuME)(ME& tME1"MESMMEj9 E9 0 ePQ+METPWMEM9 E ME!MEpM]!MM!9 .jP eEP83CM0 ]3MEOM9 ME!EPMEPWMjM" 9 e0 E& ~xuM!9 & t\EPM`*9 EdPMm)j9 0 eu:*ME=PWMEq& ucME E9 E;E|9 Mjh|9 {&0 ]ME%ME:M]=MEm 9 Et 9 MV)M0 ]EJ U9 Q9 Mejh
Ansi based on Dropped File
(~WRD0000.doc)
ME#ME"ME"MEMM3@j439]tK9]tFjuM(EPEP]0MEt!M]|"MMp"3xMjuME)(MEtME1"MEMMEjEePQ+METPWMEMEME!MEpM]!MM!.jPeEP83CM]3MEOMME!EPMEPWMjMeE~xuM!t\EPM`*EdPMm)jeu:*ME=PWMEqucME EE;E|Mjh|{&]ME%ME:M]=MEm EtMV)M]EJ UQMejh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME/9 & u9 Mjh|9 X0 ] u9 h9 M& u9 MSPh9 9 M& u9 M SPh9 M: EPME"!
Ansi based on Dropped File
(~WRD0000.doc)
MeEPMMEEPMMEheMEFEPME7nEPMEPMPM<Tju5hMEvME.FMEeMERMMF3@0hHSj`MM%h Sjx`3"j4!hWjK`jhXMu ]ueSuEPNPutf;ush<Wj_MM!Vhhj_v(tjh5(v(3@^j>e M~u3Mu"M;uM-3!_;uMM>ME~2EPVMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEFUMt2}u tutBe>< t<uFN>}tEE3C3FA>\t>"u&u}tF8"u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEIMM IVD$tVY^jGuN<!@eN@N$E@N4E?NDE?j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEMEj,=eEP3CM]ptMjh| ]MMEiMEnMEEPhxMPVMqMujh|P EP#M]EMEM]CME7E>jWEPeMuTMMEMEuMh;PVMHMEMEiMMjEPeMt3MMltMMEME*EPhMPVMu!EuMEMEj.EPweMgt3FMMMlMEqMEEPhMPVM=uEuME4MEjEPeMuTMMEMEuMhqPVM~MEMEMMjEPIeM9t3FMMM>MECME_EPhMPVMuEuMEMEj_EPeMuTMMEMEuMhCPVMPMEMEqMMjEPeMt3FMMs{MMEME1EPhM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEME|j,"xeEPg3CM]UtMjh]MMENMESMEoEPh@MPVMVMtEPjh*M]EMEM](MEE#xj<wEPeMut3MMwMyME~MEuMh@PVMMENME4Ul$3jvE3Pu0;uthEVPjhEPEP4;tKjEPMu|Vh|MVhxMEP0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEOM0 uOVhMUVhME UEPEPS9 EMEaOM0 uOVh M]UVhP9 MEHUEPEPS9 E}MELOM0 uAOVh MUVhMETEPEEPS9 /MENM0 uNVhxMTVh METEPEPS9 EMENM0 uNVhDMsTVhME^TEPEPS9 E MEbNM0 uWNVh8M%TVhMETEPEPS9 EEMENM0 uNVh,MSVhHMESEPEPS9 EMEMM0 uMVhM0 SVhMEtSEPEPS9 EMExMM0 umMVhM;SVhpME&SEPEPS9 E[ME*MM0 uMVhMRVhME REPEPS9 E!
Ansi based on Dropped File
(~WRD0000.doc)
MEOMuOVhMUVhMEUEPEPSEMEOMuOVhM]UVhPMEHUEPEPSE}MELOMuAOVhMUVhMETEPEEPS/MENMuNVhxMTVhMETEPEPSEMENMuNVhDMsTVhME^TEPEPSEMEbNMuWNVh8M%TVhMETEPEPSEEMENMuNVh,MSVhHMESEPEPSEMEMMuMVhMSVhMEtSEPEPSEMExMMumMVhM;SVhpME&SEPEPSE[ME*MMuMVhMRVhME REPEPSE!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEPVM]EM]MEEVt$t[~tUNP uNt3@7NPltL$V;Nt$Pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME}IMM IRV9 D$tVY9 ^jG9 9 0 uN<!@eN@N$E@N4E?NDE?j
Ansi based on Dropped File
(~WRD0000.doc)
MH#PhPM]MxEP/MEMEMHEMEsMEgME[MEOM EC<E"M0])MXuMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Microsoft Visual C++ Runtime Library
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Mj2rMM([|jH^]u]urttjq3V'}f'}fVEP>zeM*WkS]eYYEtWYveE}}E3D=Pu'YYv;s}Gr}uE]+}Eu}jEP;Put}]}]E\3E}EWPYYtWh|'EjP1]EEPuuV1EPE]FuWYM3;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MkjWMulMEltVVEPuM/~MMJk/<tT$39UQVWtM}|@9E};ueDt)puEPV@tEu3_^j$i"p.eMjujEEjPD9hEPM^PMSPu]}jEm2PM-PM"PuE;E|EuuMM.USVWjEjP8hjj=PuEuEj[FF+AN+;~%FPQRPQuF+uuu_^[UVMSW%3E~mMSBtZx"uL!EEPW@t5EEEPjhtuEuPuC;]|3_[^EtEUEVt0EEPjhtjEP^V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ML2M9 T$B9 J3M!2M2MM9 T$B9 J3tM1M1MRM 9 T$B9 J3p M1M1MQMW9 T$B9 J35VMp1MM$9 T$B9 J38#M=1M51MM9 T$B9 J3|MH1MP6MlMdM(0M0M(6MM0M809 T$B9 J3\}M 09 E e9 M0Mv0M$M*M^09 T$B9 J3!M;0M30MM#0M9 T$B9 J3xhM/MM~9 T$B9 J3`xM/M/MkMq9 T$B9 J3OxpM@MFMz/Mr/Mj/9 T$B9 J3x4-MG/M?/MM//M9 M/9 T$B9 J3~ M.MMM:4M.9 M.9 E e9 M.9 T$B9 J3]~~M.9 E e9 M .Mw.9 T$B9 J3~H:MT.9 E e9 M<.M3.MM9 T$B9 J3lxM.MM9 T$B9 J3 xM 9 T$B9 J3oxM-M-M^MH9 T$B9 J34@UxMo-Mg-9 E e9 MO-MS2M
Ansi based on Dropped File
(~WRD0000.doc)
ML2MT$BJ3M!2M2MMT$BJ3tM1M1MMT$BJ3pM1M1MQMWT$BJ35VMp1MM$T$BJ38#M=1M51MMT$BJ3|MH1MP6MlMdM(0M0M(6MM0M80T$BJ3\}M0EeM0Mv0M$M*M^0T$BJ3!M;0M30MM#0MT$BJ3hM/MMT$BJ3M/M/MkMqT$BJ3OpM@MFMz/Mr/Mj/T$BJ34-MG/M?/MM//MM/T$BJ3M.MMM:4M.M.EeM.T$BJ3]~M.EeM.Mw.T$BJ3H:MT.EeM<.M3.MMT$BJ3lM.MMT$BJ3MT$BJ3oM-M-M^MHT$BJ34@UMo-Mg-EeMO-M2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM.-9 T$B9 J3Sd~M-M-M
Ansi based on Dropped File
(~WRD0000.doc)
MM.-T$BJ3dM-M-M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM0 }: MEMEMEw9 ]C EMthss] EPEPM1%FPPM MPM!EPM M" PM~!MEPME;uTPMMEMEMEMEMEMM{h h!M
Ansi based on Dropped File
(~WRD0000.doc)
MM3@DME3 MEME" fM]MMp3Bj!A9 MzE3P9 0 ];tFM& u:SM tSuESPMEtM]oMME3@MM43<BUljdQA9 MHj3hMX0 ]jh MEEXPEPEHP9 EsM9 EMX];u#MMH39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
MM3@DME3 MEMEfM]MMp3Bj!AMzE3P];tFMu:SMtSuESPMEtM]oMME3@MM43<BUljdQAMHj3hMX]jhMEEXPEPEHPEsMEMX];u#MMH3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMa3@V0t30W|$t$tWIthhj&3_^WWt.:tWu3@j<uhLMKE$3P]MM3SGWM>Ch<MKEP}MMSWM>Ch MKEPEMMSWM>ChM]KEPE^MMSWM>YChM*KEPE+MMSWM>&ChMJEPELMSWM>BhMJEPELMSWM>BhhMJEPELMSWM>BhXM^JEPE_LMSWM>ZBhM+JEPE,LMSWM>'BhMIEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMa3@V9 0t30W9 |$& t$tWI& thhj&3_^W9 W9 & t.:tW9 u3@j<9 0 uhLMKE$3P9 0 ]MM3SGWM>Ch<MKEP9 0 }MMSWM>Ch MKEP9 E MMSWM>RChM]KEP9 E^MMSWM>YChM*KEP9 E+MMSWM>&ChMJEP9 ELMSWM>BhMJEP9 ELMSWM>BhhM JEP9 E LMSWM>BhXM^JEP9 E_LMSWM>ZBhM+JEP9 E,LMSWM>'BhMIEE
Ansi based on Dropped File
(~WRD0000.doc)
MMH9 PnjimuEPYeMx& t3MM9 nMME MEauMh9 2PVM?M9 Ex ME^ jluEPeM& t3MMp9 xmMME ME,auMh9 aPVMM9 EME j9luEP)eMo& t3MM9 lMsMExME "!uMh9 PVMM9 EHME. j kEP9 MePMMH9 M& t39 Mh3@2ljNKkeeu9 MehEd9 EkjkEP9 Me&PM/M\MEaME}uMu9 PVMqM9 E3MEMMW9 _kjxjEP9 Me PM: MME}ME uMu9 YPVMM9 Ex}ME& MM9 jjiEP 9 MePMM4ME9}MEU M9 PVMM9 E}MEMM59 =jjViEPeMMEME uM9 KPVMM9 E MEwMM9 ijhjj4 & tt$t$t$Pj8h9 EPMehM/uM(M0 EEPMNEP9 Eb}EtVM & uJMREPME\PMSPMauuuh8 MERMEMEMMhjDg9 M@ReEP9 EPME~ME7EPMEPMPMM& u7E%MEME
Ansi based on Dropped File
(~WRD0000.doc)
MMHPnjimuEPYeMt3MMnMMEMEuMh2PVM?MExME^jluEPeMt3MMpxmMMEME,uMhPVMMEMEj9luEP)eMot3MMlMsMExMEuMhPVMMEHME.jkEPMePMMHMt3Mh3@2ljNKkeeuMehEdEkjkEPMe&PM/M\MEaME}uMuPVMqME3MEMMW_kjxjEPMePMMMEMEuMuYPVMMEMEMMjjiEPMePMM4ME9MEUMPVMMEMEMM5=jjViEPeMMEMEuMKPVMMEMEwMMijhjj4tt$t$t$Pj8hEPMehM/uM(MEEPMNEPEb}EtVMuJMEPME\PMSPMuuuh8MEMEMEMMhjDgM@eEPEPME~ME7EPMEPMPMMu7E%MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMMML9 T$B9 J3SM{9 T$B9 J3y4aMXuY9 T$B9 J3Lhmu YM!MuLM$mLMeLM4]LMDULMDMLMDELMT"9 T$B9 J3RM-#MLMMLMK9 T$B9 J3SM{,8+M 9 T$B9 `(3cd MBM&9 T$B9 J38YMsKxM`KMXKMPKMHKuY9 T$B9 `t3uYYM9 T$B9 J3(MJM! MX!M\JMJMJM JuTYuTYMxJM8 J8RJJXvJkJx`JUJhJJH?J(4J)JM!JMJ9 T$B9 `3LM <T)u!Y9 T$B9 `83}@~M#9 T$B9 J3Zl{M" WM19 T$B9 J3/P9 MgI9 T$B9 J3*9 MW9 T$B9 J39 MW9 MI9 MI9 M,I9 M<H9 MPH9 M`H9 Mp\9 MH9 MH9 MN9 MSH9 M}H9 M H9 MrH9 MdH9 M,VH9 T$B9 J3M3HM+HM#HMH9 T$B9 J3MGMGMGMG9 T$B9 J3 ,MGMGMGMGMRGMS" G9 T$B9 J37PXMrGMjGMbGMZGMSRG9 T$B9 J39 M/G9 M$G9 M$G9 M4G9 MDYL9 T$B9 J39 E e9 MFMFMFMFMF9 T$B9 J3Q<rMRFM F9 T$B9 J3&GMaFMYFMQFMIFMSAFMR9F|.F9 T$B9 `x3MFMFMEME9 T$B9 J3 89 M%{9 T$B9 J3oduY9 T$B9 J3JkMN9 T$B9 J3'H9 Mq9 T$B9 J3%MuxYunYudY9 T$B9 J3,Muu7Yu-Y9 T$B9 J3Rh9 M9 T$B9 J3f ! MEM"!DM R9 T$B9 J 33T9 M$-9 MD"Mu Y9 T$B9 J3$MIMMDuTY9 T$B9 JR3hM MCMC9 T$B9 J3 MCuY9 T$B9 J3St9 M}C9 T$B9 J30QM~McCM[CMSCMKQM9 T$B9 J3(9 M$9 MD9 T$B9 J3 MR MBu YMy9 T$B9 J3wMRVMsMBMaBMVuYuY9 T$B9 J3 AMnMSB9 E eM;B9 E eM"B9 T$B9 J3 MMMAMAuY9 T$B9 J 3~xuYuY9 T$B9 J3OpM.u,YMM0pAMPhAM@`Aul"!Y9 T$B9 J3$M9 T$B9 J3MAuIY9 T$B9 J3M@M@MRwMM@9 T$B9 J3e MM@9 T$B9 J3:<[MM`m@M0e@M@]@MU@M M@ME@p(MP2@MP*@MP"@MP@9 T$B9 `l3`M9 E e9 M?M?M?M?9 T$B9 J3e M?9 E e9 M?MMw?9 T$B9 J3P:MT?9 T$B9 J3|M1?M9 T$B9 J3uGYu=YM>9 T$B9 J3 MX>M>M0><M >M>MS>M >MR>MH >M|>M t>Ml>Md>M \>9 T$B9 `83M]uoYM$>MSrCMh M>9 T$B9 J3MM=M/CM% M=9 T$B9 J3kRM=M4~=M =MD}=M =M ~=MMn=Mf=M^=up Y9 T$B9 J 3LM1=M)=9 T$B9 J3M\BMRM<9 T$B9 J3uu"!YY9 T$B9 J3otuupYY9 T$B9 J3FgM<My<Mq<Mi<uYuY9 T$B9 J3M 2<M*<M"<M<M<|]A9 T$B9 `x3LM"9 T$B9 J3M"9 T$B9 J3`9 M9 T$B9 J3=<^uu>YY9 T$B9 J3S5MO;9 T$B9 J3M,;MxM 9 T$B9 J3Mt9 T$B9 J3: 0M:M:M:M b9 T$B9 J3`tM: :M :M9 :M:M?9 T$B9 J 3>9 M: 9 M! 9 My9 M9 M9 T$B9 J39 M^: 9 M,9 M9 M9 T$B9 J3uP uYM9M~9uY9 T$B9 J36 WMaMYMQMIMAM9M1M)M!MMMM9 T$B9 J3M8M`M89 T$B9 J3 9 `3s\ M8M!}9 T$B9 J3HiM9 T$B9 J3%FMMX8M9 T$B9 J3M-8ufY9 T$B9 J3,MM7u1Y9 T$B9 J3hMoM7M7M7M79 T$B9 J 3MRnuYM"Mv7uY9 T$B9 J3/9 MV9 T$B9 J3$9 M0M7MSM7uAY9 T$B9 J3HM6M6M6M6M6M6M6M6M: 6M 6M9 6M6M{6Ms6Mk6Mc6M[6MS6MK6MC6M;6M36M+6M#6M6M6M6M6M5M5M5M5M5M5M5M5M5M5M5M5M: 5M 5M9 5M5M{5Ms5Mk5Mc5M[5MS5MK5MC5M;5M35M+5M#5M5M5M5M5M4M4M4M49 T$B9 J3& MB9 T$B9 J3bMaM" 49 E e9 M}4M89 T$B9 J37MQ49 E e9 M94M9 T$B9 J3@MM49 E e9 M39 T$B9 J3}|M39 E e9 M39 T$B9 J3RsMQM& 39 T$B9 J3'HM&MZ39 T$B9 J3M739 E e9 M3M39 T$B9 J3TM2M2M"!Mx9 T$B9 J3}~M29 E e9 M2M 2MEMK9 T$B9 J3)JMd2M\2M
Ansi based on Dropped File
(~WRD0000.doc)
MMMMLT$BJ3M{T$BJ3y4MXuYT$BJ3Lhmu YM!MuLM$mLMeLM4]LMDULMDMLMDELMT"T$BJ3M-#MLMMLMKT$BJ3M{,8+M T$B(3cdMBM&T$BJ38YMsKxM`KMXKMPKMHKuYT$Bt3uYYMT$BJ3(MJMMX!M\JMJMJM JuTYuTYMJM8J8JJXvJkJx`JUJhJJH?J(4J)JM!JMJT$B3LM<T)u!YT$B83}@M#T$BJ3Zl{MWM1T$BJ3/PMgIT$BJ3*MWT$BJ3MWMIMIM,IM<HMPHM`HMp\MHMHMNMHMHMHMrHMdHM,VHT$BJ3M3HM+HM#HMHT$BJ3MGMGMGMGT$BJ3,MGMGMGMGMGMGT$BJ37PXMrGMjGMbGMZGMRGT$BJ3M/GM$GM$GM4GMDYLT$BJ3EeMFMFMFMFMFT$BJ3Q<rMFMFT$BJ3&GMaFMYFMQFMIFMAFM9F|.FT$Bx3MFMFMEMET$BJ38M%{T$BJ3oduYT$BJ3JkMNT$BJ3'HMqT$BJ3%MuxYunYudYT$BJ3,Muu7Yu-YT$BJ3hMT$BJ3fMEMDMRT$BJ33TM$-MD"MuYT$BJ3$MIMMDuTYT$BJ3hMMCMCT$BJ3MCuYT$BJ3StMCT$BJ30QM~McCM[CMSCMKQMT$BJ3(M$MDT$BJ3MMBu YMyT$BJ3wMVMsMBMBMVuYuYT$BJ3 AMnMSBEeM;BEeM"BT$BJ3MMMAMAuYT$BJ3~uYuYT$BJ3OpM.u,YMM0pAMPhAM@`AulYT$BJ3$MT$BJ3MAuIYT$BJ3M@M@MwMM@T$BJ3eMM@T$BJ3:<[MM`m@M0e@M@]@MU@M M@ME@p(MP2@MP*@MP"@MP@T$Bl3`MEeM?M?M?M?T$BJ3eM?EeM?MMw?T$BJ3P:MT?T$BJ3|M1?MT$BJ3uGYu=YM>T$BJ3MX>M>M0><M >M>M>M>M>MH>M|>Mt>Ml>Md>M\>T$B83M]uoYM$>MrCMhM>T$BJ3MM=M/CM%M=T$BJ3kM=M4=M=MD=M=M ~=MMn=Mf=M^=upYT$BJ3LM1=M)=T$BJ3M\BMRM<T$BJ3uuYYT$BJ3otuupYYT$BJ3FgM<My<Mq<Mi<uYuYT$BJ3M2<M*<M"<M<M<|]AT$Bx3LM"T$BJ3M"T$BJ3`MT$BJ3=<^uu>YYT$BJ35MO;T$BJ3M,;MMT$BJ3MtT$BJ30M:M:M:MbT$BJ3`tM:M:M:M:M?T$BJ3>MMMyMMT$BJ3M^M,MMT$BJ3uPuYM9M9uYT$BJ36WMaMYMQMIMAM9M1M)M!MMMMT$BJ3M8MM8T$BJ33s\M8M!T$BJ3HiMT$BJ3%FMMX8MT$BJ3M-8ufYT$BJ3,MM7u1YT$BJ3hMoM7M7M7M7T$BJ3MnuYM"Mv7uYT$BJ3/MVT$BJ3$M0M7MM7uAYT$BJ3HM6M6M6M6M6M6M6M6M6M6M6M6M{6Ms6Mk6Mc6M[6MS6MK6MC6M;6M36M+6M#6M6M6M6M6M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M{5Ms5Mk5Mc5M[5MS5MK5MC5M;5M35M+5M#5M5M5M5M5M4M4M4M4T$BJ3MBT$BJ3bMaM4EeM}4M8T$BJ37MQ4EeM94MT$BJ3@MM4EeM3T$BJ3|M3EeM3T$BJ3RsMQM3T$BJ3'HM&MZ3T$BJ3M73EeM3M3T$BJ3TM2M2MMT$BJ3}M2EeM2M2MEMKT$BJ3)JMd2M\2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMMMMMMMMMMMwT$BJ3l:nMQMFM$;M40MH%MXMhMxMMMMMMM^T$BJ3JkPkmMMwM$lM4aMHVMXKMh@Mx5M'MMMMT$BJ3jlMMM$M4MHMXMhMx|MnM`MRMDM6M(T$BJ3ixkMMM$M4MDMTT$BJ3mikMMMMMMMxMpEeMXT$BJ3h`kM4M,M $MMMMup=oYM@M0MMMT$BJ3thjM tMMMMuxnYM0rMjd_MWMOMDGM?M7T$B`3gXiMMhMT$BJ3giMMT$BJ3xg@i\MMMMMT$BJ3*g\3gd>iMKM(T$BJ3f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMMMMMMxM MM! MMw9 T$B9 J3l:n9 MQ9 MF9 M$;9 M409 MH%9 MX9 Mh9 Mx9 M9 M9 M9 M9 M9 MM^9 T$B9 J3JkPkm9 M 9 Mw9 M$l9 M4a9 MHV9 MXK9 Mh@9 Mx59 M'9 M9 M9 M9 M9 T$B9 J3 jl9 M9 M9 M$9 M49 MH9 MX 9 Mh! 9 Mx|9 Mn9 M`9 MR9 MD9 M69 M(9 T$B9 J3ixk9 M9 M9 M$9 M49 MD9 MT 9 T$B9 J3mi}kMMMMMM MxMp9 E eMX9 T$B9 J3h`kM 4M,M $MMMMup=oYM@M0M MM9 T$B9 J 3th" jM tMSM M RM uxnYM0rMjd_MWMOMDGM?M79 T$B9 ``3gXiMMShM9 T$B9 J3giMM9 T$B9 J3xg@"!i\MMM MM9 T$B9 J3*g9 `\3gd>i9 MK9 M(`9 T$B9 J3f
Ansi based on Dropped File
(~WRD0000.doc)
MMqMq9 T$B9 J3 L9N9 M9 T$B9 J3tL:" N9 M~9 M,r9 T$B9 J3FLP:gNM79 T$B9 J3#L|:DNM^M9 T$B9 J3K:N9 M"9 M,(9 MDPl9 M`"g9 MtHr9 MM9 T$B9 J3 K:MMEl9 T$B9 J3pK8; M9 Ma9 M,9 MDk9 M`af9 Mtq9 Mq9 T$B9 J3K\;4MMl9 T$B9 J3J;M9 M9 T$B9 J3J;L9 Mj9 M/9 T$B9 J3xJ(<LMMM9 T$B9 J3lJd<L9 E e9 M M}9 T$B9 J30J<QL9 M^9 M$]9 T$B9 J3I< LM:M2ukPY9 T$B9 J3I=K9 E e9 MM9 T$B9 J3}I<=K9 M9 M$9 T$B9 J3]Ip=~KMSM9 T$B9 J32I=SKMm9 T$B9 J3I=0K9 MWd9 M29 T$B9 J3H>JuZOY9 T$B9 J3H0>J9 Mc9 M9 T$B9 J39 Hd>J9 Ma(9 T$B9 J3hH>0 JM9 T$B9 J3EH>fJM 9 T$B9 J3"H>CJ9 Mk9 M _c9 T$B9 J3G?J9 T$B9 J3GCIhbY"!h@QYah@Y"!h/YaSam|h}uHY"!hu HYhYah@Y: hYahYahY<: h@YD: hRY8: h{Y@: hjYL: h@YYT: hHYH: h7YP: h&Y`: h@Yh: hY\: hYd: hYSh@YShYShYSh~YPSh@YXSh|YLShkYTShZYSh@IYSh8YSh'YShYSh@YShYShYSjh|9 SThuWFYhYh@Y4h Yh Y0S:ehuEYhuEYhuEYh9Yxh@(Y hYthY|hYphYh@YhYhYhYS~h@Y~h~Y~hmY~h\Y~h@KY~h:Y~h)Y~hY~h@Y~hY~hY~hYxh@YxhY~hYxhYDxh@YLxhnY@xh]YHxhhLYPxh;YRxh@*Y xhYxhYxhYxh@YxhYxhYxhYh@Yh Yh YhoY$h@^Y,hMY h<Y(h+Yth@Y|hYphYx LShusBYhY0 ahuLBYhYh@"!YhYhwYhfYh@UYhDYh3Yh,jhuAYh jhu}AYh(Y(hTY,j0ihuTAYjh|9 4hv7AYjh|9 hvAYtA`hvAYjhh$v@Yh8EYjh `h.v@Y|xjh2h8v @Yh83YhhhBvP@Yjh,R0hLv3@YSas"!S*SS_l8{ "!!_%e e0et^`~ d \9 \EeTdpddddde*e>eLe^ere e eefe8deeeW ~[[["[@[V[l[`[V,ddddcccccccac`ctcbcPcDc:cVVVVV VxVfVZVPVDV0V$VVVUUU(U<ULUbUvU U UUUUUTTTbc,c]]bbbb b brb`bNb>b]a].bbbbaa]]]^^aaaaRaraZa@a.aaa``````S```z`n```T`B`2`$``_____a_`_~_j_R_@_(___^^^^^^^ ^^8^J^^^r^[[[ ][\\.\:\H\V\l\ \\~\\\\\\](]@]X]p] ^ : " W$fW8fWW*ZZ
Ansi based on Dropped File
(~WRD0000.doc)
MMqMqT$BJ3L9NMT$BJ3tL:NMM,rT$BJ3FLP:gNM7T$BJ3#L|:DNM^MT$BJ3K:NM"M,(MDPlM`"gMtHrMMT$BJ3K:MMElT$BJ3pK8;MMM,MDkM`fMtqMqT$BJ3K\;4MMlT$BJ3J;MMT$BJ3J;LMjM/T$BJ3J(<LMMMT$BJ3lJd<LEeMMT$BJ30J<QLM^M$]T$BJ3I< LM:M2ukPYT$BJ3I=KEeMMT$BJ3I<=KMM$T$BJ3]Ip=~KMMT$BJ32I=SKMmT$BJ3I=0KMWdM2T$BJ3H>JuZOYT$BJ3H0>JMcMT$BJ3Hd>JMa(T$BJ3hH>JMT$BJ3EH>fJMT$BJ3"H>CJMkM _cT$BJ3G?JT$BJ3GCIhbYh@QYh@Yh/Ym|huHYhuHYhYh@YhYhYhY<h@YDhY8h{Y@hjYLh@YYThHYHh7YPh&Y`h@YhhY\hYdhYh@YhYhYhYPh@YXh|YLhkYThZYh@IYh8Yh'YhYh@YhYhYjh|ThuWFYhYh@Y4hYhY0:ehuEYhuEYhuEYh9Yxh@(YhYthY|hYphYh@YhYhYhYh@Yh~YhmYh\Yh@KYh:Yh)YhYh@YhYhYhYh@YhYhYhYDh@YLhnY@h]YHhhLYPh;Yh@*YhYhYhYh@YhYhYhYh@YhYhYhoY$h@^Y,hMY h<Y(h+Yth@Y|hYphYxLhusBYhYahuLBYhYh@YhYhwYhfYh@UYhDYh3Yh,jhuAYhjhuAYh(Y(hTY,j0ihuTAYjh|4hv7AYjh|hvAYtA`hvAYjhh$v@Yh8EYjh`h.v@Y|xjh2h8v@Yh83YhhhBvP@Yjh,R0hLv3@Ys*S_l8{!_%ee0et^`d\\EeTdpddddde*e>eLe^ereeeefe8deeeW[[["[@[V[l[[V,ddddccccccccctcbcPcDc:cVVVVVVxVfVZVPVDV0V$VVVUUU(U<ULUbUvUUUUUUUTTTbc,c]]bbbbbbrb`bNb>b]].bbbbaa]]]^^aaaaaraZa@a.aaa````````z`n```T`B`2`$``_______~_j_R_@_(___^^^^^^^^^8^J^^^r^[[[][\\.\:\H\V\l\\\\\\\\\](]@]X]p]^:W$fW8fWW*ZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMT$BJ3S2UM}@tT$B<3bS2UMT$BJ3?S2`UMKtM6M8MbuYYM}MHuYYuwYYT$BJ3R3TMs^MMT$BJ3R3TuYYMC8T$BJ3jR3TMMMT$BJ37R4XTuXYMhM`uXYMNM7uXYT$BJ3Q(4SMM M0T$BJ3Q4SMMxT$BJ3tQ4SMuWYT$BJ3GQ5hSMMMxlT$BJ3Q@5/SMIMAM9T$BJ3P3P|5RMMEeMT$BJ3P5RMXT$BJ3gP5R|X$XMMT$B 3#P(6DRM0[T$BJ3OT6RM8MM(T$BJ3O6QMgMM<rMljMT$BJ3~O6QMMM<erMljT$BJ3:O 7[QM,T$BJ3OL78QM3M,T$BJ3N3N7QMMTMT$BJ3N7PM<M,u(UYT$BJ3nN7PMMT$BJ3CN,8dPM~T$BJ3 NX8APMXT$BJ3M8PM2M'T$BJ3M8OMM4MPM`T$BJ3M8OMMMMMMMMIT$B|3$M 9EOMM4MPFM`;Mp+tT$BJ3L9NM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM}MEMEMEw]CEMthss] EPEPM1%FPPM MPM!EPM MPM!MEPME;uTPMMEMEMEMEMEMM{hh!M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MNA0uI4uAxA4u@|UQA4eMujh|$PEVUD$tVY^V@D$tVY^j*Q~u@23WN,]LWNhEWE/WEWEwWPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MPSUS#s3Qc#CP[ TC{;Rk+9 KPWS3w7Qg'! GP_xTc?Ro/OPWS[QYUA]@PXT!\ RZV`PWS[QYUa]`PXT1\0R
Ansi based on Dropped File
(~WRD0000.doc)
MPSUS#s3Qc#CP[ TC{;Rk+9 KPWS3w7Qg'! GP_~Tc?Ro/O`PTsRp0P
Ansi based on Dropped File
(~WRD0000.doc)
MPSUS#s3Qc#CP[TC{;Rk+KPWS3w7Qg'GP_Tc?Ro/OPWS[QYUA]@PXT!\ RZV`PWS[QYUa]`PXT1\0R
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MpT$BJ3pLsMMMMT$BJ3p3prMMEeMMMT$BJ3CpdrMH~EXeXMlfM]M`MM0EM=M5M -T$BJ3oqMMMMMMT$BJ3o3wolqM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQ3EMEoF;|MSWuE~t3~4>F;Y|WHYxE@MME#>j1<=MeEPSu3MM=EePMEvMmv3@tFVWj=iY+3;_^UTjD <MTM@8ej|VM0 3jChM]MTE0PEPE@PEM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQ9 39 E0 MEoF;| 9 MSWu0 E& ~& t3& ~4& >F;Y|WHYxE@MM9 E#>j1<=9 MeEP9 S& u3MM9 =E9 0 eP9 MEv9 Mmv3@tFVW9 9 9 j9 =iY+3;x_^9 UTjD a<0 MTM@8ej|9 VM0 3jChM]9 MTE0PEPE@PEM9 ]
Ansi based on Dropped File
(~WRD0000.doc)
MQ9 h3Pj5(DMM`3@h Sja3}#jh "0 Mh(Sja}& 9 u& M
Ansi based on Dropped File
(~WRD0000.doc)
MQ9 L 3Vj0 F5(DME! ME! ME! MM! 3@ojx0 Mh x Sj;}& e9 u& ZM @~eM4~ME(~ME~9 ME P09 E
Ansi based on Dropped File
(~WRD0000.doc)
MQh3Pj5(DMM3@h Sja3}#jh"Mh(Sja}uM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQj9 & uE0 EEPjShm4 9 ]9 E0 D& teMQj0 }0 ]9 _^[9 M~9 T$B9 J3u`wYMP,QMd$QMSMPQMdQM@QM0PMdPMMPMdPM PMP9 T$B9 J3n9 MP9 M: P9 M$P9 M4& P9 T$B9 J3'HMbPMZPMRPMJPMBPM:P9 T$B9 JR39 MP9 M9 T$B9 J3MSOMOMROMOMOuY9 T$B9 J3^<M=9 T$B9 J3;\9 M9 T$B9 J36MTMM@OM8O9 T$B9 JR39 M"9 M'9 M8'9 MXGT9 Mp<T9 T$B9 J3 MNMNMNMSNuY9 T$B9 J3Cd9 T$B9 J3(XI9 T$B9 J3
Ansi based on Dropped File
(~WRD0000.doc)
MQjPjNPEM9 EEP9 V9 9 L$u~& u69 L$h& & u$9 L$jhx& u9 & t3@3^jX9 M u3M0 ]0 ;tVWu9 0 ~;tN9 & uCjhM'SNP9 SUREPM9 ],SSuNP9 P9 ;u9 MMj"Y'9 9 u3;tm0 ]M0 ]: 9 MQVEP8;M|9uhMT& uhaMC& u& 0 ! M]u 9 D$V9 && t9 VhP9 ^U9 QQQuML9 M9 E0 9 M0 HjUYY9 39~ 0 ]SjEPNP0 ]; " uMz9 EE;tUR0 ]9 PQ;|^9]tY9 E0 E9 E0 EEPu ;t<0 ]9 E9 URuEuP ;|
Ansi based on Dropped File
(~WRD0000.doc)
MQjPjNPEMEEPVL$uu6L$hu$L$jhxut3@3^jXMu3M];tVWu;tNuCjhM'SNPSUREPM],SSuNPP;uMMj"Y'u3;tm]M]MQVEP8;M|9uhMTuhMCuM]uD$V&tVhP^UQQQuMLMEMHjUYY39]SjEPNP];uMzEE;tUR]PQ;|^9]tYEEEEEPu;t<]EURuEuP;|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQjuEEEPjShm4]EDteMQj}]_^[M~T$BJ3u`wYMP,QMd$QMMPQMdQM@QM0PMdPMMPMdPM PMPT$BJ3nMPMPM$PM4PT$BJ3'HMbPMZPMRPMJPMBPM:PT$BJ3MPMT$BJ3MOMOMOMOMOuYT$BJ3^<M=T$BJ3;\MT$BJ36MTMM@OM8OT$BJ3M"M'M8'MXGTMp<TT$BJ3MNMNMNMNuYT$BJ3CdT$BJ3(XIT$BJ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQL3VjF5(DMEMEMEMM3@ojxMh Sj;}euZM@~eM4~ME(~ME~MEP0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
mscoree.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MSPMPVMUMuYuMhHPVMySuME$MEfM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT$EM4EMEM$Ej,&{M]v,eM#t)vMF(8jjMjj{YF,MM'{j,&z}uvvMeM/tvMAjjMjh'vvMM{jH2zMj53M]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT0 ~$EM4EMEM$E j,&{9 M]v,eM#& t)vMF(8jjMjj{Y0 F,MM'{j,&z9 }uvvMeM~/& tvMAjjMRjh'vvMM{jH2z9 Mj53M0 ]
Ansi based on Dropped File
(~WRD0000.doc)
MT39}lPuh;E9~<NP NEXE0;u}\9}XtE\NPlEh9}\u;uMTVMM4}MEMDEN3CE9}\u9}htupPP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MTEMdc4EDe\PE\SMdF;tEDe\P\VMdEEDe\P\WMdEEPM;PMDE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEP$u}~jP}tjs8~jP}tjKX3Kp3_^[UVWE~P$EPEPy$t%8EP$PREPEPT$u_^UVWE~P,$EPEP%$t uaEPEP$u_^VWy{ VtH4tVNy3_@^j4=gMe~X|eEv1u$tSMQtSNp1EE;ErMMt3@ApVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEPuN$E{MN1Ry5j|Q4MMuy!EEPutEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MuuE9]rRFuL@uFDE+E;Ew1A@u}uFu%#QR@$#At3_^[U$@HMMSXVW3}}}M}E};EM4+E;Ev3M;tQPF)YYuFuuEEFEM;tQP)YYuF)Y;EuxE+E;Ewd}tgG@u}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MXE?jEPhT9 T9 QM8& thDh0jE8Ph9 TEP9 X;tjEPhh 9 Tjh|9 RV9 QV9 N9 ;tIM 34& v)WM a;tjPhR9 <TM G3;rux9 MhEl GM .9 ulmj|* 9 >0 M39}u3*M0 }9}tuM9 0 ejh9 EPx!BxExA9 ;~3jZQ: IY9 3& ~iMEPVxECM& t8j7Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
MXE?jEPhTTQM8thDh0jE8PhTEPX;tjEPhhTjh|VQVN;tIM 34v)WM ;tjPh<TM G3;ruxMhElGM .ulmj|* >M39}u3*M}9}tuMejhEPx!BxEA;~3jZQIY3~iMEPVxECMt8j7YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
myInjectedOnClickFromAlert()
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MZ@!L!This program cannot be run in DOS mode.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N 0 ]U:9 j9 E0 ^<0 ^40 ^80 ^@P9 Q%SV9 39^@t9 F8;t
Ansi based on Dropped File
(~WRD0000.doc)
N ]U:jE^<^4^8^@PQ%SV39^@tF8;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N#!'jXjZ>u#~ES~2e~u!tjE9]|jSj'E #a'SVWL$hDS3~1W tt$RC;}L$hG;|L$h$_^[jM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N#!9 'jXjZ>9 0 u#~9 ES9 & ~2e& ~u9 !& t9 j9 E9]|jSj9 '9 E #a'SVW9 9 L$hDS9 9 3& ~1W9 x & tt$9 9 RC;}9 L$h9 G;|9 L$h$_^[j M
Ansi based on Dropped File
(~WRD0000.doc)
N#p~9 EPf9 j9 E9 kV9 D$tV! Y9 ^U9 QS0 M9 MV 9 u9 9 ;r3@9 MP| f{t3u9 eW;sdVuYY& tg69 ML f"u6j 3Y;t0 x0 x#9 9 Vu9 P& t!9 MWf,u9rS9 E_^[9 j9 3f}uEV3W9 9t$u1jY;t0 p0 p#9 t$9 t$jV9 b_^V3W9 9t$u1jaY;t0 p0 p#9 t$9 t$V9 _^V3W9 9t$u1jY;t0 p0 p#9 t$9 t$V9 _^V3W9 9t$u1jY;t0 p0 p#9 t$9 t$VV9 _^t$& t|$tt$9 3@j \9 }u3/juMueEP9 MM9 `9 t$}& t/W9 |$& u3!V9 p& t9 9 Pt39 F0 3@^_V9 D$tVY9 ^j[0 M9 ]9 9 u0 E9 ;Er3@xP9 f[t3c9 e;EOVS3YY;t69 & f"u"jYY9 0 M0 }; hf- "!f0r
Ansi based on Dropped File
(~WRD0000.doc)
N#p~EPfjEkVD$tVY^UQSMMVu;r3@MP|f{t3ueW;sdVuYYtg6MLf"u6j 3Y;txx#VuPt!MWf,u9rE_^[j3f}uEV3W9t$u1jY;tpp#t$t$jVb_^V3W9t$u1jaY;tpp#t$t$V_^V3W9t$u1jY;tpp#t$t$V_^V3W9t$u1jY;tpp#t$t$VV_^t$t|$tt$3@j\}u3/juMueEPMMt$t/W|$u3!VptPt3F3@^_VD$tVY^j[M]uE;Er3@xPf[t3ce;EOVS3YY;t6f"u"jYYM};hf-f0r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N$Y~&9^uvNvDv@9FN;l}NMF$F 3@U4SCV3;9pWVVPE3u}EPuuE@PuPuE WuEuEu@uPVVuuE}Y;9u u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N,WWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
N30 F0 F0 F@0 F0 FD0 FH0 F,0 F00 F80 F0 F<F(dF4FL9 ^V9 jv@ 9 L$9t@u
Ansi based on Dropped File
(~WRD0000.doc)
N38NV3:E_^[]EM9csmu)=pWt hpWbtUjRpWM#E9XthW&EMHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N38pNF38`E@fMUS[EMt_I[LDEEtE|@GEu}t$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N3FFF@FFDFHF,F0F8FF<F(dF4FL^Vjv@L$9t@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N8m$x9 )CWK& & d mh}H! cADKJ|]1J<c8K0 Wn x@$1@ %`xP?/ .k /h9 ,t@, LB/2dSp;;CC /B-4/~B3!b: .,Y zDJ}$8a - `_@D Ch9 clc`'RR/ #!Faw(@=:
Ansi based on Dropped File
(~WRD0000.doc)
N9 9 v@9 jB+u9 0 u ej M9 `uj6t0 M30 ]9& t9 Mh~ 9 5 SSSSjqSu0 E;w9 Mh~ i@P+ 9 Y;t9 E@PSW 9 ESSuWjpSuM@}3FWM0 u WY9 MEPn M0 u] 9 EuVj9 |$t=W9 |$ut$& xY9 & t"W9 Wt$vv# 0 ~G0 ~_^jCs9 jL}t=uM" ueM?}9 & tjV9 iVtYMMJ _tVWj9 t$9 L$9 & t9 L$9PV9 VXtY_^VW9 |$9 9~tjjW9 _9 ^QU9 SV9 M9 EpMv& MS^`[9 D$9Aw@P V9 9 F@P& t9 F9 Nf9 T$f0 AF9 F9 N3f0 A^S9 \$V9 & tGWSw~Y9 9 uWSE+9 FP)& t9 F9 N+SQ9 NAP~_^[V9 }& t9 Ft$P YY& t+F^V9 a& u,9D$t&9 D$9F~9 Nt$AP{ YY& t+F^V9 "& u 9D$t9 Ft$PH YY& t+F^jCqhEP9 eM9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
N<E(9 E0 F09 E0 F$0 ~(0 ~,0 ~40 ~89 %U9 9 EVW& t4jYURjuf0 M9 M0 M9 9 uP #E_^U9 Q9 A$e9 URPQ& }39 E|$W9 u39Vw9 {& t9 9 W9 i Wt$9 ~^_U9 QeVW9 w9 z& t9 r9 W9 ! W9 MVy9 9 E_^U9 QeVq(>u9 A$9 VPQ0& t39 69 MQVP #E^j19 Mx9 F$e9 eURP & t3MM~9 u9 Mx}tu3Fj.9 ~8u.jY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
N<E(EF0EF$~(~,~4~8%UEVWt4jYURjufMMMuP#E_^UQA$eURPQ}3E|$Wu39Vw{tWiWt$~^_UQeVWwztrW!WMVyE_^UQeVq(>uA$VPQ0t36MQVP #E^j1MxF$eeURPt3MMuMx}tu3Fj.~8u.jYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N],FF1+0 ~(0 ~$0 ~00 ~,N\E0 ~80 ~4 NtE 0 ~<0 ~@0 ^D0 ~H0 ~X0 ~L0 ~P0 ~T0 ~p0 0 0 0 0 0 ~R0 ^l9 A,Ph|rq<53U9 V9 uW9 & th~rb9 efxu9 @& t9 URhlrP& }e9 9 @3& tf8u9 @& t9 u9 Q9 P 9 9 E& t9 PQ9 W _^]U9 V9 u& t;~v59 9 @3f89 0 UURP(& |}9 9 It3f0 W ^] t
Ansi based on Dropped File
(~WRD0000.doc)
N],FF1+~(~$~0~,N\E~8~4NtE~<~@^D~H~X~L~P~T~p^lA,Ph|rq<53UVuWth~rbefxu@tURhlrP}e@3tf8u@tuQP EtPQW_^]UVut;~v5@3f8UURP(|}It3fW^]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NEMNC= V9 yD$tVY Y9 ^jX5<" 0 M39uu3@ 9 MEP! hRM0 u{& uMM9 9 Mx;0 E0 u}_u9 M9 & ;EP9 -hRME & t:EP9 ME& uM9 M0 AME@hRM& 9 e0 E& }u9 i9 & ! ESP9 SPMEp&MSEh RMr& tRj0}Y9 0 ME& t9 3W9 Eo& t9 }V9 DVOX& t9 j9 E9 E;ERVMEZE9 E;ER3Fsy9 D$0 Ar9 Iy9 D$0 Ar9 I3f0 A|$Vt.9 qAr9 9 9T$rr9 9 IH;D$v2^9 T$9 BV9 00 r9 0 ~-u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 BSV9 39u."!9 F8X-t9 @0 F8X-t<^["!9 8Y-u9 9 A8X-t0 N9 N;u0 F9 @8X-t9 N8Y-u0 F^[SV9 39u9 F8X-t^[9 H8Y-u9 9 8X-t0 N9 N;Hu0 F9 @8X-t0 F^[9 D$x9 Pr9 @RPqjV9 D$tV Y9 ^ |$V9 t+~r%|$FW9 8vt$WjP'W Y_t$9 F^ |$V9 t+~r%|$FW9 8vt$WjPW^ Y_t$9 F^U9 VW9 }9 9~s9 F+;Es0 E}v@9 NSVr9 9 r9 +E]PS+QR 9 F+EP9 \[_9 ^]jP9 0 }9 uv9 u%3j9 [9 O0 Mm9 U;sjX+;w4
Ansi based on Dropped File
(~WRD0000.doc)
NEMNC=VyD$tVYY^jX5<M39uu3@MEPhMu{uMMM;Eu_uM;EP-hME t:EPMEuMMAME@hMeEuiEPPMEp&MEhMrtRj0YMEt3WEot}VDVOXtjEE;EVMEZEE;E3FsyD$ArIyD$ArI3fA|$Vt.qAr9T$rrIH;D$v2^T$BV0r0~-uVrpI^;QuAJ;uABSV39u.F8X-t@F8X-t<^[8Y-uA8X-tNN;uF@8X-tN8Y-uF^[SV39uF8X-t^[H8Y-u8X-tNN;HuF@8X-tF^[D$xPr@RPqjVD$tVY^|$Vt+~r%|$FW8vt$WjP'WY_t$F^|$Vt+~r%|$FW8vt$WjPW^Y_t$F^UVW}9~sF+;EsE}v@NSVrr+E]PS+QRF+EP\[_^]jP}uvu%3j[OMmU;sjX+;w4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NP9 SP3S9 0 _^[V9 S~D$tVi'Y9 ^jL&MejuMMM3@&V9 t$Vt$t& t9 P& u@!j9 oVt$hYY9 -@^V9 t$& u3V9 & tjXf0 hf0 F3@^Vj9 h5(Dt$9 t$t$^Vh xh xj9 djh 5(D3@^j0"%9 39tG90t?MahjM0 }9 ;t9 9 V%YMM0 <h9 }& 9 u; E0 }P9 9 & u
Ansi based on Dropped File
(~WRD0000.doc)
NPSP3S_^[VD$tVi'Y^jL&MejuMMM3@&Vt$Vt$ttPu@!joVt$hYY-@^Vt$u3VtjXfhfF3@^Vjh5(Dt$t$t$^Vhh jdjh5(D3@^j0"%39tG90t?MahjM};tV%YMM<h9}u;E}Pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NPUAe~9 }9 j9 E9 ,V9 D$tV,,Y9 ^V9 0XU9 ^jk*9 9 E3A`U0 F;s0 N9 F3jZQV63Y0 F9~v.j$Y9 0 Me& t}39 NM0 G;~r9 f+VW9 3`U9~v9 F8t9 & t9 j9 G;~rv5Y_^9 Q9 D$;v9 s3@9 I9 D9 D$;Ar39 I9 t$& tt$9 VW9 39~vW9 & t9 & uG;~rG_^V9 9F^VW9 39~vW9 ^& tt$9 G;~r_^V9 XU1D$tV}*Y9 ^VW3W
Ansi based on Dropped File
(~WRD0000.doc)
NR9 ^jc"!0 MRq39 0 ]z9 ;~)& ~S9 & t9 j9 C;|jWj9 xM9 ^Xajd~s"!9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
NTEfh9 j "9 M3;u3aEPxh`M0 u[E& u3hXM[E& u"hHMJE& uh : M(E& t3FMMH9 ! jMXVueMlMMFVPSVqTW9 "!~9 3& ~)S9 a& t9 j9 C;|& ~jWj9 F_^[jHj'9 }39 0 ]f@& t9 Mjh|9 Mh9 K9 u9 MWQ hT"!9 Jt;jh|9 M`M3F9 0 u0 u& ~CS9 >f<ue f>u0 u}tf
Ansi based on Dropped File
(~WRD0000.doc)
NTEfhj"M3;u3aEPxh`Mu[Eu3hXM[Eu"hHMJEuhM(Et3FMMHjMXVueMlMMFVPSVqTW3~)SatjC;|~jWjF_^[jHj'}3]f@tMjh|MhKuMWQhTJt;jh|M`M3Fuu~CS>f<ue f>uu}tf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Nv@jB+uuejMuj6tM3]9tMh5SSSSjqSuE;wMhi@P+Y;tE@PSWESSuWjpSuM@3FWMuWYMEPnMu]EuVj|$t=W|$ut$xYt"WWt$vv#~G~_^jCsjL}t=uMueM?tjViVtYMMJ_tVWjt$L$tL$9PVVXtY_^VW|$9~tjjW_^QUSVMEpMvM^[D$9Aw@PVF@PtFNfT$fAFFN3fA^S\$VtGWSw~YuWSE+FP)tFN+SQNAP~_^[VtFt$PYYt+F^Vau,9D$t&D$9F~Nt$AP{YYt+F^V"u 9D$tFt$PHYYt+F^jCqhEPeMMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
oE`,EQ<EBPLYOV^D$tVuOY^j RXN}u3Mh0]t0MQZePpMMMht]3Ft+MQYEPuMMLNjxMM3;u3=LVE];'uMZ;EPUh\M]t"EP?Y~PPEMhDMt+EPYME^uMeFM=hM_t9EPXME"uM)PM]0hMtKhA\;t"MQvX~`PEMh\PFhMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
oj,ESPE: EPM o0 }9]u29 E9 M0 EE P9 M ]+hMMh9 DM^jEPuE 9 ME0 EE P`M9 Egj 9 uMq9 Me_PMouEu9 uPMM9 0 g9 j`9 0 uuRe} h-1^9 E ^~9 E^}E^u9 E~nu9 nu} n9 E0 9 E0 9 E 0 9 E$0 9 E(0 9 $j`9 0 uh-}Eaf}E9 f}E|f} EmfM9 lU9 QeQ9 MSo9 EjHji9 30 }9 ]hR-S0 }0 }Gh&9 0 }m9 MQ9 P9 0 }X]P9 mMEe9 haM{3M0 ];t3GMMa9 @u@Ed";u@]3SY9 jEPEP@b#9]~9]S~+Y~S 9 30 ]}SEPj
Ansi based on Dropped File
(~WRD0000.doc)
oj,ESPEEPMo}9]u2EMEEPM]+hMMhDM^jEPuEMEEEPMEgjuMqMe_PMouEuuPMMgj`uuReh-1^E ^E^E^uEnununEEE E$E($j`uh-EfEfE|fEmfMlUQeQMoEjHji3}]h-S}}Gh&}mMQP}X]PmMEehaM{3M];t3GMMa@u@Ed";u@]3SYjEPEP@b#9]~9]S~+Y~S3]}SEPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
onMessageFromFrame
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onNavigateError
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
OpenProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
OpenProcessToken
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed distance tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed dynamic bit lengths tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed literal/length tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
o}E`},EQ}<EBP L9 YOV9 ^D$tVuOY9 ^j RXN9 }u3 9 Mh0 ]& t0MQ9 ZeP9 pMM9 9 Mhta]3F& t+MQ9 YEP9 0 uMM0 ! L 9 aNjxM9 9 M3;u3=LV0 E0 ]; 'u9 MZ9 ; EP9 Uh\: M0 ]& t"EP9 ?Y~PP9 E" MhD: M: & t+EP9 YME^& uMe0 FM=h: M_& t9EP9 XME"& uM)0 PM] 0h: M& tKha9 A\;t"MSQ9 vX~`P9 EMSha9 \P9 FhaM& t
Ansi based on Dropped File
(~WRD0000.doc)
P$ &^USl$ 30 & Sj(C:htMP30 ]9p& Mp\MEtFEPhthh ME J;tgM!^& u[M(^j.Mhph9 tqM+HPFVEPM|pPMElMEGeM]/SVESPgEP0 u & t9 Eh9 ElMEEM]dMM]9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
P$&^Ul$3j(C:htMP3]9pMp\MEtFEPhthhMEJ;tgM!^u[M(^j.MhphtqM+HPFVEPM|pPMElMEGeM]/VESPgEPutEhElMEEM]dMM]Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P& u[}tU9 DHt(f}
Ansi based on Dropped File
(~WRD0000.doc)
P&Y_^j8Fs9 9 N<3;tu~ 9 MTNP 9^t& .MM0 ]9^xtKF@PMN^D0 EEPMF]MENPhxMAOM]V9 =}@0 FPM ~`9 PSEP9 VaPME]M]"VhM]M]hM]j9 YPEP9 `9 E=MPM]M]UENPPC]M4N& & 9 MhEPU PMEM0 ]ELhpP9 YY0 };tdjSW"W$;Fp|$WYM0 ]: LhlPBYY9 0 E;t%M*M9 8WjVPWE}tuxYE3ME>M]MMTj 9 }u
Ansi based on Dropped File
(~WRD0000.doc)
P&Y_^j8FsN<3;tu~MTNP9^t.MM]9^xtKF@PMN^DEEPMF]MENPhxMAOM]V=}@FPM~`PSEPVaPME]M]"VhM]M]hM]jYPEP`E=MPM]M]UENPPC]M4NMhEPUPMEM]ELhpPYY};tdjSW"W$;Fp|$WYM]LhlPBYYE;t%M*M8WjVPWE}tuYE3ME>M]MMTj}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P'9 F<& tPXf<_^jeibH9 0 u\Oh x`PSjEi! ~t9 j9 P9 9 hHSj?! }E9 EiN`E]NDEbN,ESM9 : H9 D$;,ut$t$At=u5y(u/t$ $VhPPVj hPVj" ^j iWGMbh x QW3j0 ]c 9 u;tj9 ;t_9 9 P8E& uMu9 u9 uPLEP u& EPt 0 ]SSSEP & hHWj& ;t9 9 P<9 MM0b3gGV9 D$tVGY9 ^jidF9 FDPMya30 ]9uc& uZ9^<uUh xhQWjT& F@PSVhrSS(hHWj0 F<.& 39^<M" M9 *a9 MMa3@FjiE9 =uY& uP9 }& tI9 & tWw5,P,FDPM`eWN`b9 MM`4FjiME9 tLFDPMY`e^`9 Y&& ~"x& |W9 [P9 <W9 r[OyMM6`EV9 ~
Ansi based on Dropped File
(~WRD0000.doc)
P'F<tPXf<_^jeibHu\Oh`PSjEi~tjPhHSj?EEiN`E]NDEbN,EMHD$;,ut$t$At=u5y(u/t$$VhPPVjhPVj^j iWGMbh QW3j]cu;tj;t_P8EuMuuuPLEPuEPt]SSSEPhHWj;tP<MM0b3gGVD$tVGY^jidFFDPMya3]9ucuZ9^<uUhhQWjTF@PSVhrSS(hHWjF<.39^<MM*aMMa3@FjiE=uYuP}tItWw5,P,FDPM`eWN`bMM`4FjiMEtLFDPMY`e^`Y&~"x|W[P<Wr[OyMM6`EV~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P'~x9 j9 P9 ! 9 9 F& tPa9 E\N\E\MN@\/@U9 SV9 uW;O l9 8HH tp#t)8& CuuY& au9 u9 R<muU9 Y& ?u9 uW
Ansi based on Dropped File
(~WRD0000.doc)
P'~xjPFtPaE\N\E\MN@\/@USVuW;Ol8HHtp#t)8CuuYauuR<muUY?uuW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
p0 33V9 HD$tV(Y9 ^|$V9 t"9 D$Nh0 F\Qjjvdvvdvh9 w^V9 9 Fhij"!Y;~9 W3;uG~\u+9 P9 <& _t"vdfhv~\u9 j9 ^U9 SVWE9 Pv< 3~l9 0 ]0 ]0 ]s ;0 E~S9 <0 E9^8t}|j9 %j9 0 E0 E9^hu89 E0 9]tuv 9 N8;t9]t9]t
Ansi based on Dropped File
(~WRD0000.doc)
P0 ]0 ]0 ]0 ]E^TP9 xP9 Pu uuu9 E9 M0 9 E9 M0 _^[U9 VW9 vR 9 W& trEPEP9 ?EPv< 9 Et9 M+M0 M9 M9 U0 Ut9 M+M0 M9 M9 U0 U%PEPW9 \jEP9 _^U9 V9 9 FW3;tAMQP< & t2uEuP & t9~luFl9~lt0 ~lW9 8_3^%8%V9 x 9 ^j~f " 9 0 ueN< MN0 : V9 &jNjNf$f(f,^j--" 9 0 u^9 ej9 P9 " V9 9 jP9 j9 P^jt$X|$t|$t9 `U9 QeEPu+& u9 ERV9 D9 t3^9 F|& u@^WP f|YNp9 #9 _^u3|$tt$Pp & t5t M};" VWt$9 t$9 t$PD$ 9 ujWN49 _^U9 SV9 Wu~49 u9 u9 u9 P9 3Pu9 & u@j[;|9S 3Wu*& t#Sh|3u& uSWSuN9 _^[]VW9 |$9 & 3!9 SWPN9 ;9uN49 WP9 [_^U9 VWu9 u9 uPu49 9 %& tWu9 $9 _^]t$t$t$t$t$t$t$tYt$t$t$U9 QEth u uMj uEuP0& t9 EU9 Wjh jjjhu9 t]VEPuud 9 u& t09 E0 E9 E0 EwEPEPh EPjPWl WX'Vu ^_jf 9 0 uNteNh9 ES9 & j- 0 Me 9 MM[ jfv 9 0 uN33N40 }NPEN`ENpE0 ~|0 S0 Dj0 WPS9 R& ujjY3Y@jjpYY& ut$9 t$t$jjLYY& ut$9 t$9 t$Rjj(YY& ut$9 t$t$t$jjYY9 j U9 MehuM|!uMuXP9 MM9 9 jtQg9 39Rtz9 E+0 } IHH Ht,H& W9 ]hsN` 9{$ ;M2M EME69 }G EMthw w!FPPM !MPM `"w9 GPGPGPM WP9 MEEM
Ansi based on Dropped File
(~WRD0000.doc)
P0 P9tIh9 PYY& Pu4VYP0 9 P P9 <0 }0 _;tg 0 _0 _0 0 _OE9 :X9 }j Y9 U9 (3S9 ]V9 uW9 }EEEEEEEE9t5L Y9 M;t [ 9 jY+ J J tqJtE& EE_M]Q]]Y& & >" E_M]QE]]YjEE_"!E_]]"0 ME_rE_0 ME_ZE_ tNIt?It0It t& E_aE_ E_ E_xEEE_! : $E_E_E_ ES_}E _& ER_yE _mE _E|_Ex_M]]M]QEY& u!E_^[RR RaRRR7RR!RRRRR%HH39 U9 QQSVV5 %WEYY9 M9 #QQ$f;uUUYY& ~-~u#ESQQ$jMTrVSVEYYdES\$E$jj?6U]EY]YDzVS VEYY" uES\$E$jj.T^[jhFCT9 Eu`3;|; r?SSSSS19 <9 9 LtP
Ansi based on Dropped File
(~WRD0000.doc)
P0 ~<9 N(;t0 ~(9 N 3C;t9 S0 ~ 9 N$;t9 S0 ~$WWjv40 ~80 ^@MMs^9 DjC9 FPM4^30 ]d0 F89^ u$jh=Y9 0 ME;tZ3]0 F 9^$u$j0<Y9 0 ME;tH3]0 F$9^(uOjD<Y9 0 ME;tR3vH9 v ]v$0 F(v,N ;uMM]9 7Cv,9 N( #9 N$PUv,9 N(p#9 N Pe3Cj%BMejMPhhxj(MMBU9 V9 u;5(u}uju& t9 uuVu^]j"!A9 39] &9 N$;t
Ansi based on Dropped File
(~WRD0000.doc)
p033VHD$tV(Y^|$Vt"D$NhF\Qjjvdvvdvhw^VFhijY;~W3;uG~\u+P<_t"vdfhv~\uj^U SVWEPv<3~l]]]s;E~S<E9^8t}|j%jEE9^hu8E9]tuvN8;t9]t9]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
p0jHI0 M9 ] {-t2hMH}eEPMhEPE4 M& 9 z-t9 {9 C x-t9 9 EH9 9;uv -9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u -t9 9 9 9 9 x-t0 9 E9 H9Yu} -t9 9 G9 9 9 B x-t0 Q\0 B9 0 ;Cu9 -9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HK,Q,PYY {,& ,& 9 ;ul9 F x,u@,VF,9 F x-u}9 y,u9 H y,th9 H y,u9 A,9 MP@, ~9 F`N,H,9 MF,9 @V@,~~ x,u@,VF,Q~9 x-u9 H y,u"9 y,u@,9 9 v9 M9 A;x& ?79 y,u9 HA,9 MP@,9 `N,H,9 MF,9 V@,}G,j9 " jSY9 M9 A& vH0 AuuuJ9 EjLxYZ9 E9 }9 ]0 E9 E30 E;u
Ansi based on Dropped File
(~WRD0000.doc)
p0jHIM]{-t2hMHeEPMhEPE4Mz-t{Cx-tEH9;uv-suwMA9Xux9u>~I9u-tx-tEH9Yu}-tGBx-tQ\B;Cu-puw>SKAMI9YuAK9uAKHK,Q,PYY{,,;ulFx,u@,VF,Fx-u}y,uHy,thHy,uA,MP@,~FN,H,MF,@V@,~~x,u@,VF,Q~x-uHy,u"y,u@,vMA;x?7y,uHA,MP@,N,H,MF,V@,}G,jjSYMAvHAuuuJEjLxYZE}]EE3E;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P33SW9 = VjP Sjv_;0 F[t& u0 F9 F^],U9 SV9 5W9 s& u3@WsR 9 W& tEPs< jEPW9 D9 EEE9 EEE9 j9 uu9 P<_^[9 30 H0 H0 H 0 H0 HA0 H$@(0 H@WZa@j.O39 ~t!j8W-Y9 0 Me& t=30 F3VW9 |$W9 & ta~uX9 D$jW0 F0 ~0 F 9 9 P9 9 P9 N& t9 WPL9 9 P9 N& tv(v$v9 Nv9 PL3@_^U9 VE9 Pv@ & t6~$t0Wjjv(uu9 & tjWvtW_^V9 9 N& tf9 N& tf^9 D$0 A9 I& u3IV9 9 N& t9 N^& t`V9 9 N& t^ ~t9 L$Pvp^9 I& tf9 I& t9 I& tjV 19 e~t%u$E9 0 e$P u9 Nuu.MM)2 9 I& tq9 I& tyt9 I9 `P39 I& t9 I& tV9 ~t9 Nt$9 P~t9 N9 ^`^9 I& tt$9 t$P83@\V9 ND$tVx1Y9 ^V9 'F9 D$0 F30 F0 F0 F9 ^Vt$9 9 D$0 F9 ^EVjj9 30 F0 F0 F $9 ^V9 ED$tV1Y9 ^9 D$d$& wvW 9 L$0 3U9 9 E0 Eh$
Ansi based on Dropped File
(~WRD0000.doc)
P33SW=VjPSjv_;F[tuFF^],USV5Wsu3@WsWtEPs<jEPWDEEEEEEjuuP<_^[3HHH HHAH$@(H@WZa@j.O3~t!j8W-YMet=3F3VW|$Wta~uXD$jWF~F PPNtWPLPNtv(v$vNvPL3@_^UVEPv@t6~$t0Wjjv(uutjWvtW_^VNtfNtf^D$AIu3IVNtN^t`VNt^ ~tL$Pvp^ItfItItjV1e~t%u$Ee$PuNuu.MM)2 ItqItytI`P3ItItV~tNt$P~tN^`^Itt$t$P83@\VND$tV1Y^V'FD$F3FFF^Vt$D$F^EVjj3FFF $^VED$tV1Y^D$d$wvWL$3UEEh$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P3V)YD0tW/&Y3_^]jhpBEu% %3;|;r!%8%WWWWWXL1tPtY}D0tuYEY%MEEVuYUVuVYu%MWujuP`uP3tP%YD0 _^]jhBEu$ $3;|;r!$8r$WWWWWL1tP2Y}D0tuuuE$$8MEEu|YU4S3EVW]]E]t]E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P533@^j5f%: 9 u u u 9 =39^d 0 ^ FFSSjj0 Eu0 Euu0 Euu0 Euuuu uuuuuuSu 3juF8N4N0Pu 9^< 9^ht79^lt2 9 0 eP<.9 0 ejh|9 0 ]*v|j5 9 0 eP
Ansi based on Dropped File
(~WRD0000.doc)
P9 3V)9 9 & YD0& tW/&Y3_^]jhpB9 Eu% %}3;|; r!%0 8%WWWWWX9 9 9 L1tPtY0 }9 D0tuY0 EY%ME9 EVuY9 U9 V9 uVRYu%MWujuP` 9 uP3& tP%Y9 9 & D0 9 _^]jhB& 9 Eu$ a$3;|; r!R$0 8r$WWWWW9 9 9 L1tP2RY0 }9 D0tuuu0 E$$0 8ME9 Eu|RY9 U9 4S3E VW9 0 ]]E0 ]t0 ]E
Ansi based on Dropped File
(~WRD0000.doc)
P9 ;0 E~" ~9 a9 E0 9 0 F(EPN EPN40 F0[`9 n& u9 Ehp9 9 EB}jg[9 0 u3EG9 S& tP89 & tP-}YNpEN`ENPEN4EFMNVU9 V9 D9 t3[~|tWN49 Mhh P9 k9 & 3'}uEPuWv| W9 Y9 _^jjYY& uht$9 t$jjYY& ut$9 t$V9 D9 t3^S3SS YY& & Vj YY& 9^|& }9~S& Wh3@9 =<h3P0 Sh3S0 h3S0 h3S0 0 _9~t9~t9~t;u
Ansi based on Dropped File
(~WRD0000.doc)
P9 d9 V_@^VW9 |$9 j9 j9 F& txP9 09 "_@^j c9 9 Mj/9 N& t"EP9 MePMMR9 M@Od9 I3& t9 (VW9 |$9 j9 9 F& tP9 9 _@^9 `$VW9 |$9 j9 9 F& tHP9 ]9 O_@^,jxXV9 9 L$j\9 F& t!HX& u9 F9 L$XP3@3^9 L$j#9 L$@9 D$9 A& u@9 U9 Q9 Ae9 M& ujh|9 Pm9 EU9 Q9 Ae9 M& ujh|9 P;9 Ejb9 A9 MPLMueMMM9 : 9 b|$W9 u3^jh`thtjt$k& tV9 p9 G& t2& t.N$QH$x& t9 OV_& t3@3^_9 A& u9 $jo=a9 0 ueNMNaj a9 0 uR" }<E},E}ES}E
Ansi based on Dropped File
(~WRD0000.doc)
P9 M0 F ]5SE,P9 0 ~/9 vMM,9 MM,3L4jV(K9 u$eE9 0 e$P.u9 uu`& u3MM9 K D9 9 Pt3FjUJ0 M9 ]& u3@M=es}9 u39~ptWsMvc9~lt9 PPEPsM99Tt0 }9 C3$< 0 M9XtjjEPu9 WWMQs9 Ppu9 M9 su~CtCt
Ansi based on Dropped File
(~WRD0000.doc)
P;E~~aEF(EPN EPN4F0[`nuEhpEBjg[u3EGtP8tP-YNpEN`ENPEN4EFMNVUVD9t3[~|tWN4Mhh Pk3'}uEPuWv|WY_^jjYYuht$t$jjYYut$t$VD9t3^S3SSYYVjYY9^|9Wh3@=<h3Ph3h3h3_9t9t9t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TnpQ+t3TMpQ+t3T,pQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3xP;Qt}Q+t3TPpQ+t3T/pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3ZP;Qt~Qp+t3T1pQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3T`pQ+t3T3;I@+3LP;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TbpQ+t3TApQ+t3T pQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3lP;Qt}Q+t3TDpQ+t3T#pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TspQ+t3T3NP;Qt~Qp+t3T%Qp+t3TQp+t3TQp+t3T3P;Qt}Q+t3TpQ+t3TupQ+t3TTpQ+t3T3/fPf;QQp+3TP;Qt~Qp+t3TpQ+t3TpQ+t3TpQ+t3T3iP;Qt}Q+t3TApQ+t3T pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TppQ+t3T3KP;Qt}Q+t3T#pQ+t3TpQ+t3TpQ+t3T3P;Qt~Qp+t3TpQ+t3TrpQ+t3TQpQ+t3T3,P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TupQ+t3TTpQ+t3T3pQ+t3T3pQ+3TMu+t3TAV+t3TAV+t3TAN+3LMu+t3TuhAV+t3TuKANMu+t3Tu ANpEM_3_^]*(I+nzpP\}^2>^Vjh^U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P<v h h jF ah h j{S9^ t0 ^ TiY0 F$rIi+F$Y=,vbM|vEvM;t!M;t9 9 9 Sh'vvM]4MM }hj,&g9 MeMf,j9 MMKhV9 vvj9 j9 bj9 9 ^j|$ouy39 D$;Au4;Auja&;Auj;Auj;
Ansi based on Dropped File
(~WRD0000.doc)
P]]]]E^TPxPPuuuuEMEM_^[UVWvWtrEPEP?EPv<EtM+MMMUUtM+MMMUU%PEPW\jEP_^UVFW3;tAMQP<t2uEuPt9~luFl9~lt~lW8_3^%8%Vx^j~fueN< MN0 :V&jNjNf$f(f,^j--u^ejPVjPjP^jt$X|$t|$t`UQeEPu+uEVD9t3^F|u@^WPf|YNp#_^u3|$tt$Ppt5tM;VWt$t$t$PD$ujWN4_^USVWu~4uuuP3Puu@j[;|9S3Wu*t#Sh|3uuSWSuN_^[]VW|$3!SWPN;9uN4WP[_^UVWuuuPu4%tWu$_^]t$t$t$t$t$t$t$tYt$t$t$UQEthuuMj uEuP0tEUWjhjjjhut]VEPuudut0EEEEwEPEPhEPjPWlWX'Vu^_jfuNteNhESj-MeMM[jfvuN33N4}NPEN`ENpE~|DjWPRujjY3Y@jjpYYut$t$t$jjLYYut$t$t$Rjj(YYut$t$t$t$jjYY jUMehuM|!uMuXPMMjtQg39tzE+}IHHHt,HW]hsN` 9{$;M2MEME6}GEMthw w!FPPM!MPM"wGPGPGPMWPMEEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Param error
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Params error
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PdV_@^VW|$jjFtxP0"_@^jcMj/Nt"EPMePMMRM@OdI3t(VW|$jFtP_@^`$VW|$jFtHP]O_@^,jxXVL$j\Ft!HXuFL$XP3@3^L$j#L$@D$Au@UQAeMujh|PmEUQAeMujh|P;EjbAMPLMueMMMb|$Wu3^jh`thtjt$ktVpGt2t.N$QH$xtOV_t3@3^_Au$jo=aueNMNajau<E,EEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PEP9 MPdPu 9 E& t9 M0 9 E& t9 M0 U9 SV9 W9 e0 E& ~Iu9 f9 EPjhS0 ]& tuEuP & uE9 E;E|3_^[9 E& t9 M0 9 U9 9 EV9 & t00 EEPjhS& tjEPS ^V9 : D$tVY9 ^U9 V9 9 N8W3& tg9 N8u9 9 PEPv@ EPuG9 0 }%9 E_3^j1C0 M3S 9 M9 9]t7! 9 5PWjhM0 Eq9 MEPSSWEP0 ]uWWMMxk9 Ej(,*0 M9 ]& u3P9 u9 uV/jVV0 E e{D0 EtE9 Mj9 M9 mPVM0 Ey9 EexPMs& thRjV 9 Euu}9 u0 EEhP9 /P9 %b9 5 Pu9 Eu9 =uD0 E9 M0Puju0 E k]u0 ]9 ]EP9 P9 a9 ]PSuSuSuS MM*x3@1jO*J9 EPuu9 & 9 } EPjhS0 ]& `9 E9E~9 E9E}t9 }T& |b;}^Mw9 }eWT& t3xPM}& t#9 E& t0 89 E& t0 MMQw3@MM@w3HU9 QQ9 EVW30 8EP9 & tA9~8tu9 N8u9 P& t=EPS WWu9 u& th0 hW P _3^U9 Vju 9 & u^]% 9 Et-SW9 }t7HtHHuRU9 RPQ9 9 & t7u9 SRS9 "MU9 RPQ9 9 E0 Wuuu _[
Ansi based on Dropped File
(~WRD0000.doc)
PEP9 zP9 Pu uu~Pt9 3a|$VWu3@M|$ uh0 j P |$+u'9 D$9 P;Qu9 p9 V9 ppR<3_^jXf9 ~<u3G 9 0 eP,e9 0 ejh|9 E)v|9 N<vxMvt6X"!U9 }VW9 vt;R 9 & tFW& t;EPv< jEPW9 ^jEPW& t
Ansi based on Dropped File
(~WRD0000.doc)
PEPH9 MPPS 9 E_;t9 M0 9 E;t9 M0 9utSV^[h&8xf0 M30 ]ME& & 9](}x3F9u,R 0 ]9] u
Ansi based on Dropped File
(~WRD0000.doc)
PEPHMPPSE_;tME;tM9utSV^[h&8fM3]ME9](3F9u,]9] u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PEPMPdPuEtMEtMUSVWeE~IufEPjh]tuEuPuEE;E|3_^[EtMUEVt0EEPjhtjEP^VD$tVY^UVN8W3tgN8uPEPv@EPuG}%E_3^j1CM3SM9]t75PWjhMEqMEPSSWEP]uWWMMkEj(,*M]u3PuuV/jVVEe{DEtEMjMmPVMEyEexPMsthRjVEuu}uEEhP/P%b5PuEu=uDEM0PujuEk]u]]EPPa]PSuSuSuSMM*x3@1jO*JEPuu}EPjh]E9E~E9E}tT|b;}^MweWTt3xPMt#Et8EtMMQw3@MM@w3HUQQEVW38EPtA9~8tuN8uPt=EPWWuuthhWP_3^UVjuu^]%Et-SW}t7HtHHuRURPQt7uSRS"MURPQEWuuu_[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Ph0 {@u0 C9 E j 0 C Y0 E(E& tjs9 p3E0 C& t5EPs@ E<9 0 e(P09 K9 sunE,PKT.9 [M,EX'MM<L'9 TDU9 SVWE9 Pv@ vN(9 F,N$Pjj0 ]PS0 E9 = ju0 EuSuuS9 juuuuuujuuuuuujuuuuuuuuuuv_^[U9 V9 v & tGEPv< & t6uEuP & t"Fj
Ansi based on Dropped File
(~WRD0000.doc)
Ph{@uCE j CYE(Etjsp3ECt5EPs@E<e(P0KsunE,PKT.[M,EX'MM<L'TDUSVWEPv@vN(F,N$Pjj]PSE=juEuSuuSjuuuuuujuuuuuujuuuuuuuuuuv_^[UVvtGEPv<t6uEuPt"Fj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pji9 FPMue9 " MRVj9 8& 0 9 ^9|%<& 9 30 0 H0 HV9 9 & tPY&^D$V9 tV,Y9 ^V9 NF9 ^V9 N^U9 QV9 FPMF9 vM9 ^VW9 ~W NWu9 _9 ^`_^V9 eD$tV0 Y9 ^9 D$;Ar3PnV9 9 F@P9 F9 N9 T$0 F9 vF^S9 \$V9 9 F;w6W@P9 N9 F+9 QPP`9 F9 L$ 0 F_^[U9 V9 uW9 9 G;sO9 MS;v9 }t0 u;su9 E9]r9 O9 G+QLQP+w[_^]9 A& tt$Pj! jBi9 0 ueja V9 : & uuW9 |$3jZ?Q0 F3jZ9 Q}0 F9 FYY& t9 QjP9 F& t9 QjP0 ~F_^SV9 9 ^W& t39 ~& t,~t&t$k489 4t$o& t9 @3_^[U9 V9 9 F& tHS9 ^& t?~t9Wu"9 49 F49 u%& uu9 uW;9 M0 H_[^]QSUV9 9 n3W;tI9 ~;tB9^t=t$89 9 <(& t%,0 l$l$J& t9 \$& t9 l$9+t& u3_^][Y9 [9 ~9 8+PAPQ#N9 V9 ~WtC9 ~& t<~t6t$A9 N4849 t$B& t9 L$& t9 @0 3@3_^5V9 -|$t=W9 |$ut$Y9 & t"SW9 !t$_Sv0 ^0 >[_^9 D$0pV9 9 @P9 9 F`T$9 9 N^S9 \$V9 & t8~u
Ansi based on Dropped File
(~WRD0000.doc)
PjiFPMueMRVj8^9|%<3HHVtPY&^D$VtV,Y^VNF^VN^UQVFPMFvM^VW~WNWu_^`_^VeD$tVY^D$;Ar3PnVF@PFNT$FvF^S\$VF;w6W@PNF+QPPFL$ F_^[UVuWG;sOMS;v}tu;suE9]rOG+QLQP+w[_^]Att$PjjBiueja VuuW|$3jZ?QF3jZQFFYYtQjPFtQjP~F_^SV^Wt3~t,~t&t$k484t$ot@3_^[UVFtHS^t?~t9Wu"4F4u%uuuW;MH_[^]QSUVn3W;tI~;tB9^t=t$8<(t%,l$l$Jt\$tl$9+tu3_^][Y[~8+PAPQ#NV~WtC~t<~t6t$AN484t$BtL$t@3@3_^5V-|$t=W|$ut$Yt"SW!t$_Sv^>[_^D$0pV@PFT$N^S\$Vt8~u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjS 9 = VjShjS0 9 ;t+HT9 ;~9 }STSP9 C;|3@_[^j*u9 39 9~8 }j
Ansi based on Dropped File
(~WRD0000.doc)
Pjv MejuMuvMM<3@/|$V9 uAt8~t29 F& t+P& t v & tjvkYYt$9 t$^j(oW.9 9 N& tqe3}EPQ@ & tVMejEPvMq9 E+E9 M+EME"!+++M0 +MM0 }M;(9 =jj9 j30 E9 M0 ~0 .V9 9 }9 9 W9 QPWRR j9 WvtW_^SV9 9 F& t9P& t.|$tjhvv^9 Pt9 0 & tV9 D$tVG.Y9 ^U9 SVWu9 hh9 at~9 9 9 jhs0sP$9 9 j+EPs@ 9 9 9 9 uP9 9 9 RP(9 tijPs_^[j8 Wx,9 M.e9 EPM~9 u3;~0 9 U;~0 9 9 0 };t9 +;E}
Ansi based on Dropped File
(~WRD0000.doc)
PjvMejuMuvMM<3@/|$VuAt8~t2Ft+Pt vtjvkYYt$t$^j(oW.Ntqe3}EPQ@tVMejEPvMqE+EM+EME+++M+MMM;(=jjj3EM.VWQPWRjWvtW_^VFt9Pt.|$tjhvv^PttVD$tVG.Y^USVWuhht~jhs0sP$j+EPs@uPRP(tijPs_^[j8Wx,M.eEPMu3;~U;~};t+;E}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Please contact the application's support team for more information.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMF]5SE,P~/vMM,MM,3L4jV(Ku$eEe$P.uuu`u3MMK DPt3FjUJM]u3@M=es}u39~ptWsMvc9~ltPPEPsM99Tt}C3$<M9XtjjEPuWWMQsPpuMsu~CtCt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMh4M9 MEPM0 uEs9 Ezfj(S eeEP3CM0 ]0 MEEPhHME PM 9 M& ujh|9 EPPM0 ]EM]0 ME9 Eej djhlM0 eMPjjL9 & tP=uVTVX3MMg9 oej `d9 M& t3vM9 Me& u9 M0 PEh PFM}& t|9 M\9 MPSPhuMM3@dj$ cEP9eMbMExEP\VMEPMB" 9 MPMBh9 M5EPVMPM" ME9ME! MM!+dj4DcEPeM! MEEP\VME<PM 9 M+PM & uMh9 MEqh|9 MPM/EPVMPM" ME_3FMEPME! MM89 @c3jUb9 0 u: eN 9
Ansi based on Dropped File
(~WRD0000.doc)
PMh4MMEPMuEsEzfj(SeeEP3CM]MEEPhHMEPMMujh|EPPM]EM]MEEejdjhlMeMPjjLtP=uVTVX3MMgoejdMt3vMMeuMPEh PFMt|M\MPSPhuMM3@dj$cEP9eMbMExEP\VMEPMBMPMBhM5EPVMPMME9MEMM!+dj4DcEPeMMEEP\VME<PMM+PMuMhMEqh|MPM/EPVMPMME_3FMEPMEMM8@c3jUbueN
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Posting is app exists request. MessageId: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
posting singleton event [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PostMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
postMessageToParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
postMessageToParent {
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PostMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PostThreadMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PP9tIh PYYPu4VYP PP<}_;tg___OE:X}jYU(3S]VuW}EEEEEEEE9t5LYM;t[jY+JJtqJtEEE_M]Q]]Y>"E_M]QE]]YjEE_E_]]"ME_rE_ME_ZE_tNIt?It0It tE_E_E_E_xEEE_$E_E_E_E_E_E_yE_mE_E|_Ex_M]]M]QEYu!E_^[7!%HH3UQQSVV5%WEYYM#QQ$f;uUUYY~-~u#ESQQ$jMTrVSVEYYdES\$E$jj?6U]EY]YDzVSVEYY" uES\$E$jj.T^[jhFCTEu`3;|;r?SSSSS1<LtP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PPs0 Ej0 EPs 0 EVs V0 EPs0 E9 C(@Ps$ss 6s ususu9 =}tu}js9 5E
Ansi based on Dropped File
(~WRD0000.doc)
PPsEjEPsEVsVEPsEC(@Ps$ss 6sususu=}tu}js5E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQeM-t3@jB3q,]9u$A$VPQD;tMMLv3TM]mPM}E;t3uVQPR;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQe}t3EPMMxEPO3Gj(B339uPuMuufE}u;t3Pus0E;u;t3C$URuuPQHtMt}uM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf,^3D$L$@y4u@3@@VF,tPQD$F,^tPQD$xtt$@hsP@@ UV39utZhturnYYtGE(tHtHtHtHtu'E9p(E9p(t9p,uEjYffH^]@ UVrVumYYt2VumYYt#EHtH3U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf0Ml$l$l$Vl$l$l$8l$ l$l$l$$l$jl$l$l$ Ll$l$l$$.l$ l$il$l$$l$Kl$l$VW3jF4WPFF|F<FFFF F$~(~0~D~H ~,~L_^VD$tVY^j>u"3N}:+3Cj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf<_^jX?}u3`9~<u3@VEt.MieM$iP4MMh~<WP}tS'UQMejjEPEt.t4VuuuuuPQEtPQ^tPQ@UQVucEtAxv;@u33eURhrP|}tEPQW^j{?luejEP6tXEtQeeURPQ3|9}tuEuuPEPQEMtPQ3j?3]uEjP];E;]URPEQ;E;MPMuEMURhjUR,tVPEQ;|Y}tSuEuuujSVuPQu3;E];tPQEM;tPQ,uE;]tPQEM;tPQ3j?u~,FENtE[N\EONESEM)7Uuh,tAZYYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQfeURPQH|EtF3@3^UVMWut3XStI39^tBM]]]BtEPj@;tWuW3[_^}tf_MPVSZJWEPjW$|X}tRE@URhsP|1Et*PQ |EuPQ|EEPQEPQWERji$:u.eNR?NlEfF:ji9uRNlENE8M:AUSVW7uSSP3;u3uQuVVQQhhRSjtw3P5_VVPPRjVejhRl).~4e~%utPE9u|Qj3@_^[]VMut$Nl`*~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ProductVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Program: e+000~PA GAIsProcessorFeaturePresentKERNEL32 }
Ansi based on Dropped File
(~WRD0000.doc)
Program: e+000~PAGAIsProcessorFeaturePresentKERNEL32
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PROTOCOL_VERSION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PSC;& M hRMEPM%;uME_ EPMMEB WMjE9 0 ePExE9 0 ePEcMEEM;u=MGP@9 ;t#hTV;thV;tV8MEM EM]}E9 E;ERMMs}! jdh5 9 M59 Me& tMM93A! M/jjuMEM& u
Ansi based on Dropped File
(~WRD0000.doc)
PSC;M hMEPM%;uME_ EPMMEB WMjEePExEePEcMEEM;u=MGP@;t#hTV;thV;tV8MEMEM]EE;EMMs}jdh5M5MetMM93AM/jjuMEMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PtEPklM9 ejVMMMf0 3@ " & t9 9 9 & zjVM3EFP9 0 u& u3MM9 Gf0 U9 S0 M9 MW29 3; V3jZGQ:\9 Y0 u; D?PSV: [!]0 ]0 ]& u9 Mf&uj&Xf0 0 uF3FC0 ]kf;uY}S& tO9 ]9 Mj;Xf0 EPuSq& tf9 Ef0 9 E9 +EFFsPjjV[3f0 FF& tEE9} b}tu9 MuJ[Y^_[V9 9 L$& t33PPPt$9 ^Vt$9 t$9 L$jPt$$9 F^HV9 & u P9 H^U0l$ 30 & 0j$92O0 M9 @9 <39 0 }0 }CPW9 :P9 ; EPjV^9 E0 E& ~}EPWVFSMeEPMj\j/MgE9 0 eP9 MT& uEEPWVaMM7G;}|0 }uEV9 Y9 E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
PtEPklMejVMMMf3@tzjVM3EFPuu3MMGfUSMMW23;V3jZGQ:\Yu;D?PSV[!]]]uMf&uj&XfuF3FC]kf;uY}StO]Mj;XfEPuSqtfEfE+EFFsPjjV[3fFFtEE9}b}tuMuJ[Y^_[VL$t33PPPt$^Vt$t$L$jPt$$F^HVuPH^U0l$30j$92OM@<3}}CPW:P;EPjV^EE~}EPWVFSMeEPMj\j/MgEePMTuEEPWVMM7G;}|}uEVYEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pu[}tUDHt(f}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
pXMLHttpReq->get_responseStream() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->get_responseText() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->open() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->send() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PXN0MMlj ^! 9 9 u& t{9 MQ9 PeM uPh&j& 29 9 P 9 ^@S & tSP ! PMO9 VVEPMEOMM}ji9 }t] & u; PM
Ansi based on Dropped File
(~WRD0000.doc)
PXN0MMlj ^ut{MQPeMuPh&j2P ^@tSPPMOVVEPMEOMM}ji}t]u;PM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PYY0 ~0 ~9 _^[]jhHAM39 u3;" ;uAWWWWW: F@t0 ~9 EV Y0 }V*Y0 EE9 uV Y9 U9 SW9 }3;u ASSSSS,fWQ 9_Y0 E}0 _jSP ;0 E|9 Wu+G.9 9 OV9 +0 utA9 U9 u9 " D2 t9 ;s9 :
Ansi based on Dropped File
(~WRD0000.doc)
PYY~~_^[]jhHAM3u3;;uAWWWWWF@t~EVY}V*YEEuVYUSW}3;u ASSSSS,fWQ9_YE}_jSP;E|Wu+G.OV+utAUuD2t;s:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P~<N(;t~(N 3C;tS~ N$;tS~$WWjv4~8^@MMs^DjCFPM4^3]dF89^ u$jh=YME;tZ3]F 9^$u$j0<YME;tH3]F$9^(uOjD<YME;t3vHv ]v$F(v,N;uMM]7Cv,N(#N$PUv,N(p#N Pe3Cj%BMejMPhhxj(MMBUVu;5(u}ujutuuVu^]jA39]&N$;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q !!0 RS6FZ[cgjkpwzz{ ! " "!03:!5,
Ansi based on Dropped File
(~WRD0000.doc)
Q 0 RS6FZ[cgjkpwzz{ ! " "!03:!4,
Ansi based on Dropped File
(~WRD0000.doc)
Q!!6FZ[cgjkpwzz{03:!5,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
q-!PL"5;.Z|=;%X{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q6FZ[cgjkpwzz{03:!4,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QH+"!+P9 PVh 9 ; j& ,P9 +P 5P9 & (9 4T & t,;P0 & @;\9 & D+& 40 & 8;E
Ansi based on Dropped File
(~WRD0000.doc)
QP3Vt$Q^D$3|$uD$ 3$ j%ut6}u0M_eEPQMuMW3_&PMM53@j W[%}}MueEPtoMMQMQEPHtDMEu8ujXMfPMFEMM3@MExMMl3t%UQeEPuLtEtMP3@3j1Q$M}uEut>]t7MMeEPuMuM3$#URjjUREFXh,tPQjYf|}|3@3MMfCy3@tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qq$9 |3@^]9 D$SVW& t%9 P;Qu9 P9 R9 ppS<3_^[U9 9 EtVtJt;-t'u9 E;Quf& u
Ansi based on Dropped File
(~WRD0000.doc)
qq$|3@^]D$SVWt%P;QuPRppS<3_^[UEtVtJt;-t'uE;Qufu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QQEQMQ" !rQ" @! QQQ" l!Q" !QQ" !" ,"R&R1R<RJRXRfRtR RR~R
Ansi based on Dropped File
(~WRD0000.doc)
QQEQMQ"!rQ"@!QQQ"l!Q"!QQ"!","R&R1R<RJRXRfRtRRRR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qR Y3U9 VW9 30 u9~u3.9}tu Y0 E;t9 F0 }9 ~SG;sg9 ME<HuW}YY& uW: |GY;r39Et70 E9Etu{ Y0 E9 E+E9 NE9F0 MP9 & u3"!9 ^SD Y9 NA0 E;sxuSE}U9 M9 +F9 u+9 E+VGOPS'}tuuWu3f0 s9 E+ESE9 u9 YY& uS\CY;]r9 9 E[_^U9 VW9 }9 & |m;~wh}u3@_u! Y9 NQ9 0 E& t@9 N9 F+SQ?Q9 MHPqu9 FuP`9 '3@[3_^]V9 & t$9 D$9F~9 Nt$APRYY& t+F^VW9 39~~$W9 ~P YPW9 xG;~|_^VW9 39~~$W9 lP= YPW9 mG;~|_^V9 `& u9 VR9 4f;D$t
Ansi based on Dropped File
(~WRD0000.doc)
QS=c~5Pk}At ,"!@Io A 'R.QtE%H X) >_ z
Ansi based on Dropped File
(~WRD0000.doc)
QSu`9 h Pu`9 MTEP>SEPh`R9 EPSVtV9 )NV9 J9 & u93MEM EMEExMM@9 9 Mh3-0& v89 MhWE0PSPhd9 ESPM0Ea9 MhG/;rud9 MPCsj( :9 EP-eM& tMMJ3R;MuEPEP9 E& u3MEMM9 jEP9 jMljuEjPMEmME"h3Fj 99 9 M30 E;u3];0 ]~S9 MSO9 & t>FPEP9 eEP9 QPV9 `& tEMMJC;]|9 EK:j!d99 ME3P9 0 ];uMM9 :SMlSuEjPME#lM]+g3Cj!89 0 ujze}@9 EmS~l9 EO}EL}d}h30 0 <0 `9 j9 EM"!30 0 0 9 j
Ansi based on Dropped File
(~WRD0000.doc)
QSu`hPu`MTEP>SEPh`EPSVtV)NVJu93MEM EMEEMM@Mh3-0v8MhWE0PSPhdESPM0EMhG/;rudMPCsj( :EP-eMtMMJ3R;MuEPEPEu3MEMMjEPjMljuEjPMEmME"h3Fj 9M3E;u3];]~SMSOt>FPEPeEPQPVtEMMJC;]|EK:j!d9ME3P];uMM:SMlSuEjPME#lM]+g3Cj!8ujze@EmlEOELdh3<`jEM3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qY3UVW3u9~u3.9}tuYE;tF}~SG;sgME<HuWYYuW|GY;r39Et7E9Etu{YEE+ENE9FMPu3^SDYNAE;sxuSEUM+Fu+E+VGOPS'}tuuWu3fsE+ESEuYYuS\CY;]rE[_^UVW}|m;~wh}u3@_uYNQEt@NF+SQ?QMHPquFuP`'3@[3_^]Vt$D$9F~Nt$APYYt+F^VW39~~$WPYPWG;~|_^VW39~~$WlP=YPWmG;~|_^V`uVR4f;D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QY9 0 F9 PV9 D$tVPY9 ^j O9 0 uNeNR" INEF6N,E*N<EfLNPEN`ENpE}E}E}E}E
Ansi based on Dropped File
(~WRD0000.doc)
q}9 0 0 - !" SPL"5;.Z0 |=;%X{S
Ansi based on Dropped File
(~WRD0000.doc)
R }DEC }E9 }E% } Em}PE^}E& }E@}E1NhE& N,]M9 fejhSe9 }EM~EJMM(>3Ze0& tMM(& u3jXESP0 ] CoE P9 ;u3M]MM(9 ~M(W& uM(,PEP S9 jZV jHPu VS0 E 9 E%,0 E`EE`EMEERPEPME :t"}RthEEj Ps]E P M9 EU9 QQf}S9 u3^eVuWEPV9 & u9EPEPu9 juujV5"!d 0 E& t9 PV9 R9 E_^[j b9 ! 8tp9 9 9 R9 & taMK9 eMQ9 P<& t:M& u.9 a9 M& t!9 Q9 Pj& t
Ansi based on Dropped File
(~WRD0000.doc)
r" " $" p(08@HPX`hpx" " @8" \H@$" " MU]emw" pS" " dLv(l3" 4@`V" p" " " (
Ansi based on Dropped File
(~WRD0000.doc)
r""$"p(08@HPX`hpx""@8"\H@$""MU]emw"p""dLv(l3"4@`V"p"""(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
R%@~%a ?-[ g9X5dh"!,: ]v F KE*nk`0mE%
Ansi based on Dropped File
(~WRD0000.doc)
R0 Mh x Sjh$}& 9 u& MfeMfMEf9 MEP9 Ex9 u0 EEP9 9 u9 9 M#u=hSj#3MEpoMEdoMMXo9 "hMk& thSj" #3FEPEPEP9 3;uh` MifPhSjW#EP}9 0; }9~ & 9 N9 Pl& th Wh`thtWv;t.9 9 ;t!M 'VM En<M E'MEhnME\nMMPn3@hthTSj "39j1R0 Mh xSjh"}ul9 u& teMdeEP9 9 u9 & uhHSj$"MMm0EP}}MM m3@h Sj!30 j\[
Ansi based on Dropped File
(~WRD0000.doc)
R3}M 9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& } 9
Ansi based on Dropped File
(~WRD0000.doc)
R6002- floating point support not loaded
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6017- unexpected multithread lock error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6018- unexpected heap error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6032- not enough space for locale information
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6034An application has made an attempt to load the C runtime library incorrectly.Please contact the application's support team for more information.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RDECEE%EmPE^EE@E1NhEN,]MfejhSe}EM~EJMM(>3Ze0tMM(u3jXESP]CoEP;u3M]MM(M(WuM(,PEPSjZVjHPuVSEE%,EEEEMEEPEPME:t"}thEEj Ps]EPMEUQQf}Su3^eVuWEPVu9EPEPujuujV5dEtPVRE_^[jb8tpRtaMKeMQP<t:Mu.aMt!QPjt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RegCloseKey
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCreateKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegDeleteValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegisterClassW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegisteredSources
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegMonitor
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RegOpenKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegOpenKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegQueryInfoKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegQueryValueExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegSetValueExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ReleaseMutex
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE (CoCreateInstance() failed : hRes=0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RMh Sjh$}uMfeMfMEfMEPEuEEPuM#u=hSj#3MEpoMEdoMMXo"hMkthSj#3FEPEPEP3;uh`MifPhSjW#EP0;9~NPlthWh`thtWv;t.;t!M'VMEn<ME'MEhnME\nMMPn3@hthTSj"39j1RMhSjh"}uluteMdeEPuuhHSj$"MMm0EP}MMm3@h Sj!3j\[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RMS;b} #}V}>dy t[ q~0 Dw~lw+ k@hhhhhhhhhhhhhhhhhhhhhhhZ6hhhhhhhhhh\b8KH]Nhhhhhh F3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]<`chhhhhGD?<4_.hhhhh f5aU
Ansi based on Dropped File
(~WRD0000.doc)
RPvj00 UF9 0 ]0F }t9 E`p3[_^9 U9 SVWu9 9 s9 MN & u-4j^0 03PPPPP~ }t9 E`p9 }v }t;uu3;- 0@;-9 u-w9 C3G&
Ansi based on Dropped File
(~WRD0000.doc)
RPvj0UF]0F}tE`p3[_^USVWusMNu-4j^03PPPPP~}tE`p}v}t;uu3;-0@;-u-wC3G
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RQQQQ QxTbTPTXSX XrX\XHX,XP}WtfdfPf~WlW\WJW8WT~T timeGetTimeWINMM.dllwSetDlgItemTextWIsWindowGetDlgItemPostMessageA~SetTimerKillTimer!PostThreadMessageADestroyWindow" DefWindowProcAGetWindowLongA^SendMessageAFindWindowWSetWindowLongWgCreateWindowExAJGetMessageAMsgWaitForMultipleObjectsDispatchMessageAPeekMessageAGetDesktopWindowShowWindowwsprintfWFindWindowExWPostMessageWGetWindowRect
Ansi based on Dropped File
(~WRD0000.doc)
RQQQQ QxTbTPTXSX XrX\XHX,XP}WtfdfPf~WlW\WJW8WT~Tllllmm-m>mOm`mqm m mmmmmmm
Ansi based on Dropped File
(~WRD0000.doc)
RQQQQQxTbTPTXXXrX\XHX,XPWtfdfPf~WlW\WJW8WTTtimeGetTimeWINMM.dllwSetDlgItemTextWIsWindowGetDlgItemPostMessageASetTimerKillTimer!PostThreadMessageADestroyWindowDefWindowProcAGetWindowLongA^SendMessageAFindWindowWSetWindowLongWgCreateWindowExAJGetMessageAMsgWaitForMultipleObjectsDispatchMessageAPeekMessageAGetDesktopWindowShowWindowwsprintfWFindWindowExWPostMessageWGetWindowRect
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RRRRRS" S".S6S>SFS" "" @#iSqS|S! S" S" R#SSSSSS!T" #DT" #iT" $RT" @$T" l$TT" $UUU'U" $JU" %mUuU" <%U" p%U" S%U" %VVV" %" T&4V<VGVRV]VkV V" &V" &V" &VWW" '6W>W" D'gW" x'`W" 'WW" '" ((WWWWWX" P(>XFXNX" |(" (qXyXX0 X X"!XXX" )XX" @)YY" t)=YEYMY" )@)pY" *)"
Ansi based on Dropped File
(~WRD0000.doc)
RRRRRS"".S6S>SFS"""@#iSqS|SSS"#SSSSSS!T"#DT"#iT"$T"@$T"l$TT"$UUU'U"$JU"%mUuU"<%U"p%U"%U"%VVV"%"T&4V<VGVRV]VkVV"&V"&V"&VWW"'6W>W"D'gW"x'W"'WW"'"((WWWWWX"P(>XFXNX"|("(qXyXXXXXXX")XX"@)YY"t)=YEYMY")@)pY"*)"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
rruN}t0+PVEPMPEPMEwMt3FUVu'Vu+EuhDVP+E^]U$xjh^dP 3xSVWPEdexxxxeExEE~ot3qeeJE>nM4njhuVPWEuYutPe}tu}tu@$YEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
runtime error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Runtime Error!Program:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
S & tjP ]Vj9 -T&9 ^U9 Q9 Mejhx& 9 EV9 D$tVDY9 ^j;^Z9 u0 u& tbeS & tjP 9 & u9 & uM!h0hR&j1MA9 u9 9 9 P3RV9 D$tVY9 ^j^^0 9 39} }uuWhWku9 uP<9 9 P89EwT PM`9 F0;F40 }}.9 9 Pt"EPWVhWW(F0PuN89 RMM8jk9 9 M 90 tB3G9~7h Y9 0 Me& t%3MWP9 G;|`9 D$t$0 A49 D$0 {V9 t$& u3%9 D$W9 >&& t
Ansi based on Dropped File
(~WRD0000.doc)
S!sg2F0 <}@HqA&< *n,#` BH;=} aElCd\! Pq r3)&ntL'G8
Ansi based on Dropped File
(~WRD0000.doc)
S0 u0 E 0 ]9]tuu 0 E9]PtVM<[PMajVM9 MEPEPu$Eu EP0 ]M0 ]3 9 0 ejVE{EP0i0E*iM0 E0 ]S39]E0 u}EPV0'k; V0 ]9]PunE<PM0 E;u[M<RPMxtEjE<9 0 eP\V0j0 h0 EEPV0j; 9 MSEPu$Eu P9 ]34;;u(S}Pu& t}t3& t9MPMaMPMP9 E<;}~0 }9 ET& tlhE9 E;E,}sM& tM}uM<: PMM`PMMyPM;]9 ~0 ]}Tt9 ET39 uF;u0 uR Sjh`M9 MjEPu$Eu EPMPM<};}~0 }ME}9 M;M,}A0 M9 ]8;~6& ~29 +& ~'9 M<PM6MPM%Nu0 ]9 E0& t9 MM0 9 M4& t
Ansi based on Dropped File
(~WRD0000.doc)
S3Sj YY;t0 H;t0 H;t0 X!@ [S3SjYY;t0 H;t0 H;t0 X@[Vjj9 YY& t0 030 9 ^U9 EPML uV9 uM?EPM. t^]jjq9 AQ09 L$9 D$9 AV9 pW9 t$FP`tYY t9 v9 9 6 ~-t9 _^V9 N0 @!9 0 @9 0 9 0 If^U9 SVW9 9 G9 p0 E9 1uNR t9 v {t9 MFPq t9 0 u9 6 ~t {t9 G9 p9 39 MFPB t9 9 69 v ~tWuMWSM9 E9 M0 9 M0 H9 M_0 H9 M^0 H[V9 EN0 @9 0 @9 0 9 0 If^U9 QVQ0 e9 0 eC9 ^U9 QuuuuuuAVt$9 9 L$VPu9 D$^Vt$9 9 L$VPV9 D$^Vt$9 )9 L$VP79 D$^SVW9 |$ 9 9 u$v9 9 6j9 bW8 ~Y9 t_^[SVW9 |$ !9 9 u$v9 9 6j9 'W ~!Y9 t_^[U9 Q9 EVQ0 e0 eP9 9 ^U9 VuEP9 VvMwEPMv u9 E9 MPe uMVvMCM9 9 E9 I0 0 H^U9 VuEP9 VvM
Ansi based on Dropped File
(~WRD0000.doc)
S3Sj&YY;t0 H;t0 H;t0 X-@,[V9 D$tV& Y9 ^9 D$V9 t$& t9 FtR-t<Ht*HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
S3Sj&YY;tH;tH;tX-@,[V D$tVY^D$Vt$tFtR-t<Ht*HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S3SjYY;tH;tH;tX!@ [S3SjYY;tH;tH;tX@[VjjYYt03^UEPMLuVuM?EPM.t^]jjqAQ0L$D$AVpWt$FPtYYtv6~-t_^VN@!@If^USVWGpE1uNtv{tMFPqtu6~t{tGp3MFPBt6v~tWuMWSMEMMHM_HM^H[VEN@@If^UQVQeeC^UQuuuuuuAVt$L$VPuD$^Vt$L$VPVD$^Vt$)L$VP7D$^SVW|$u$v6jbW8~Yt_^[SVW|$!u$v6j'W~!Yt_^[UQEVQeeP^UVuEPVvMwEPMvuEMPeuMVvMCMEIH^UVuEPVvM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S9 0 eWh9 h9 0 eWh9 S9 0 eWh9 S9 0 eWh9 ah9 0 eWh}9 {h9 0 eWh o9 \h9 0 eWh P9 =h9 0 eWhx19 h9 0 eWhl9 h9 0 eWh`9 S9 0 eWhP9 S9 0 eWh@9 h9 0 eWh4"!9 h9 0 eWh z9 gh9 0 eWh[9 Hh9 0 eWh<9 )h9 0 eWh9
Ansi based on Dropped File
(~WRD0000.doc)
S[UMw3k$QeY3$seEPMh,EPEUMw3QY3 seEPMVh,EPEXUMw3PY3seEPMh,EPEUlhzjMh}x|VhVhPVh(I3;E@VPEXPVh MX]MXWSEPPMXE9M]VhMX;ElMX`Vh;JMl+HPAQE0PMXzM0EeDVhE0P<D<EM E PS<E;MElEPj<EM;ehZt]lMhEDP<PEPEDhhME&MhEPE PhEPtMEVhMVhhMHEEPMHEEh8MHhMHhMHEPMHhMH9]lMhMHE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S]Au3EfE;}"+]tum]tMmHutE]E_tjYeuEtE tj Y3^[U}t~}S"]S!]UE tjt3@]tjtjX]]U 3;Mtd@|3Et^EEEEEEEVuEE EE$hu(uEEP/uV,YE^hu(uE U=u(uE\$\$E$uj/$]lRhu!JEYY]SQQUkl$3Es CPsu"eCPCPsC sPEPIsp=u+t's C\$\$C$sPr$P$s CYYM3k][UQQE]EUQQEEM]fEEU3}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S]Au9 39 Ef0 E;}"+ ]t& u9 m ]tM mHu& tE]E9 _& tjYe9 uEtE tj Y3& ^ [9 U9 }t~}S"]S!]9 U9 `E tjt3@]tjtjX]]9 U9 39 " ;Mtd@|30 E& t^9 E0 E9 E0 E9 E0 E9 EV9 u0 E9 E 0 E9 E$hu(0 u0 EEP/& uV,YE^9 " : hu(uE 9 U9 =" u(uE\$\$E$uj/$]lRhu!JEYY]9 S9 QQU9 k0 l$9 30 Es CPs & u"eCPCPsC sPE PIsp=" u+& t's C\$\$C$sPr$P$s CYY9 M3k9 ]9 [9 U9 QQE]E9 U9 QQ9 EE9 M] f0 EE9 U9 3}u
Ansi based on Dropped File
(~WRD0000.doc)
ScreenToClient
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SERVICE_MAP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetForegroundWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetHeaders() failed
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetLastError
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetSecurityDescriptorDacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetSecurityDescriptorSacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SeWhheWhSeWhSeWhheWh{heWho\heWhP=heWhx1heWhlheWh`SeWhPSeWh@heWh4heWh zgheWh[HheWh<)heWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Shell_TrayWnd
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ShellExecuteW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHGetFolderPathW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHGetKnownFolderPath
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ShowIconInSystemTray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SING error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Sj0 EEPjjWV0 3;t!3" PhXSAAQ333hf0 EEVPk VVVVEPEPWuED ;u,jEPM9 MEP0 u MMG: u$ h|Sj-3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
SjP 9 [MM,y9 S49 jPThTR9 u9 eV& u3MM69 RS D9 9 0 sPt9 Ej 0 C]LY0 & $E& tjs9 %3E0 & tA& Ps@ E9 0 $P9 9 9 s#9 5 Sjs Wjs0 C;t& u0 C3hPf0 & (& *P \jd& (Ps& t& (P9 3F8VWtt$ t$9 t$ $3_^9 D$VW& u@+8t 3xp R9 p3_^yt4"!3U9 } t}u4])v]Vt$9 9 L$Pvp^9 D$0 89 D$0 ,j@/U`P9 9 x& & 9 y0 EEPv@ 9 E+EP'|YM0 E3M0 ]SSjS9 0 ejhE" SSS@EuSSu9 0 eWEPMEP9 EMEnM]cMMWaPjRU|O9 3GWuu0 E 30 E9^|t$9]t( u EPEP9 0 ]0 ]k0 ]9~ts9^|tZ9~0u9 9 0 eP9 0 ejh|9 0 ]z9 NxMW9 Pu0 E9 },t9 E+E9 }+"!+E9 E0 Et9 E+E0 E9 E9 U0 U9 E+E9 }+"!+E9 E 0 EQEP9 0 }W/P9 M9 = PutAjjEP u 9 ,9 MPEP/9 MPPu}tuuuu uuqNjdj(`M0 M3VVMU0 u9 MuEP0 u
Ansi based on Dropped File
(~WRD0000.doc)
SjP[MM,yS4jPThTRueVu3MM6RS DsPtEj C]LY$Etjs%3EtAPs@E$Ps#5SjsWjsC;tuC3hPf(*P\jd(Pst(P3F8VWtt$ t$t$ $3_^D$VWu@+8t 3xpRp3_^yt43U} t}u4])v]Vt$L$Pvp^D$8D$,j@/U`PyEEPv@E+EP'|YME3M]SSjSejhESSS@EuSSueWEPMEPEMEnM]cMMWaPjRU|O3GWuuE3E9^|t$9]t( uEPEP]]k]9ts9^|tZ90uePejh|]zNxMWPuE,tE+E}++EEEtE+EEEUUE+E}++EEEQEP}W/PM=PutAjjEPu,MPEP/MPPu}tuuuuuuqNjdj(MM3VVMUuMuEPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SJY0 @eEPS@6a9 t3& |&~jE PW@u T & t }u& uE0E'E& P& P& Pu l tu X6 9 EY9 _^3[dJV9 ~t6Y9 N& tPY&3^j.OhLIY9 0 Me& tu9 3uMu9 uuu& t& t9 V\PY3j]IY0 pPt$t$jjt$lU9 9 E& u"8tu9 @u9 uuf]jjt$t$t$W9 |$& u_?tV9 w9 & t9 V OYW9 OY^_jhlN9 0 uehN,Nvr9 Oj2h7N9 0 uNh xNSjE>~,9 j9 PhHSj"9 EnM9 NjBYy$u+Vh x0OVj
Ansi based on Dropped File
(~WRD0000.doc)
SJY@eEPS@6at3|&~jEPW@uTt}uuE0E'EPPPultuX6 EY_^3[dJV~t6YNtPY&3^j.OhLIYMetu3uMuuuuttV\PY3j]IYpPt$t$jjt$lUEu"8tu@uuuf]jjt$t$t$W|$u_?tVwtVOYWOY^_jhlNuehN,NvrOj2h7NuNhNSjE>~,jPhHSj"EnMNjBYy$u+Vh0OVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Software\EB_TB_NAME\toolbar\settings\Update
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SOFTWARE\Microsoft\Windows NT\CurrentVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Windows NT\CurrentVersion\ProfileList
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SPS9 RA9 h_& ~9 S9 P^[U9 9 EV9 & u3T9 M0 FH9 E 0 ND0 FL` jvHjvLuuuuhH@jhUj 0 F8& uP3@0 F@^]V9 9 F8W& t~@tPf@9 |$W& tjjh W0 ~83@f83_^9 D$& |;A<}T$RPhq8j,3l@#9 ej
Ansi based on Dropped File
(~WRD0000.doc)
SPSRAh_~SP^[UEVu3TMFHE NDFL`jvHjvLuuuuhH@jhUjF8uP3@F@^]VF8Wt~@tPf@|$Wtjjh W~83@f83_^D$|;A<}T$RPhq8j,3l@#ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
sS9 9 <& 9 @t58t0=u+tItIuSjSjSj 9 3 "!0 _^[]9 U9 9 Eu} b]V3;|"; s9 9 @u$<0 0"VVVVV#9 ^]jh`FE9 }9 9 4& E39^u6j
Ansi based on Dropped File
(~WRD0000.doc)
sS<@t58t0=u+tItIuSjSjSj3_^[]UEu} b]V3;|";s@u$<0"VVVVV#^]jh`FE}4E39^u6j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSSSS9 M & u@u9Et M 9 + tGHt.Ht&d#0 G#j^SSSSS0 00 UtuE@0 }9 EjY+t7+t*+t+t@u9} 0 EEEE0 ]9 E#;;t0;t,;t= =& @E/E&E=t=t`;& E9 EE & t9
Ansi based on Dropped File
(~WRD0000.doc)
SSSSSMu@u9EtM+tGHt.Ht&d#G#j^SSSSS0UtuE@}EjY+t7+t*+t+t@u9}EEEE]E#;;t0;t,;t==@E/E&E=t=t`;EEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSV@?'V9 @]"!:jD9a9 MT]& t
Ansi based on Dropped File
(~WRD0000.doc)
SSV@?'V@]:jD9aMT]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Start : hKey=0x%X lpSubKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wStrKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s iType=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s bValue=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s value=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s wStrValue=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s wStrFirstName=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s wStrValName=%s iType=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start Time: Class Name: ,'M>: mmmxxxm! zCThreadPool::WorkNo JobpJobCThreadPool::ThreadFuncImmediateCThreadPool::OnJobPreProcess \'M>: xgeDummyJobCThreadPool::ThreadFuncStart [%s]
Ansi based on Dropped File
(~WRD0000.doc)
Start Time: Class Name: ,'M>mmmmzCThreadPool::WorkNo JobpJobCThreadPool::ThreadFuncImmediateCThreadPool::OnJobPreProcess\'M>geDummyJobCThreadPool::ThreadFuncStart [%s]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
stream error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
StringFileInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SuE ]9]tuu E9]PtVM<[PMjVMMEPEPu$Eu EP]M]3ejVE{EP0i0E*iME]S39]EuEPV0'k;V]9]PunE<PME;u[M<PMxtEjE<eP\V0j0hEEPV0j;MSEPu$Eu P]34;;u(}Put}t3t9MPMaMPMPE<;}~}ETtlhEE;E,}sMtM}uM<PMMPMMyPM;]~]}TtET3uF;uuSjh`MMjEPu$Eu EPMPM<};}~}MEM;M,}AM]8;~6~2+~'M<PM6MPM%Nu]E0tMMM4t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SVW9 |$9 u+9 jWY9 9 +0 k<3;x_^[9 jV9 M9eEPu9 3& uMM9 WWMK& v%VM(& tu9 PMF|K;r3Ft$jc(V9 9 }& u3! wV!0 E& u3@rjW+EYV9 0 Ek<9E$WEP9 3M0 uMEPME& u
Ansi based on Dropped File
(~WRD0000.doc)
SVW|$u+jWY+k<3;_^[jVM9eEPu3uMMWWMKv%VM(tuPMF|K;r3Ft$jc(V}u3wV!Eu3@rjW+EYVEk<9E$WEP3MuMEPMEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
T QjhB[VV0& uVY0 E9 uF\]3G0 ~& t$hVP9 <0 hWu0 0 ~p C KCFh@0 j
Ansi based on Dropped File
(~WRD0000.doc)
t!& u9}& E @& @E & 9 E
Ansi based on Dropped File
(~WRD0000.doc)
t!u9}E@@EE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#:r:w:r:w:uu3:tr9 [^_jDhqM@eEPMf@h\EPjDxhrM@eEPMhEP9 U9 VWh@ @9 & th$rV<& tu9 V89 _^]QRPh$G'ZY "!% "!"!%"!S"!%S"!"!%"!"!%"!"!" %"!"!& %"!"!u%"!"!e%"!"!U%"!"!E%"!"!5%"!"!%%"!"!%"!"!%"!"!%"!"!%"!%D % %$9 U9 DSV9 u9 V9 N9 ^W9 ~0 U9 V9 F0 E9 E0 M30 }0 E3}E$0 u0 M0 M0 M0 MuE0 EEPjQhWm4 39 E9 89 E+9 0 E9 0 E u0 ED3;tURQ9 & & E& & D& tMQj9 & uPu 9 & uAP0 E@& tMQj9 & u!E0 EEPjjh~m4 9 EWup;t&~t'jj@ & t0 p9
Ansi based on Dropped File
(~WRD0000.doc)
t#:r:w:r:w:uu3:tr[^_jDhqM@eEPMf@h\EPjDxhrM@eEPMhEPUVWh@@th$rV<tuV8_^]QRPh$G'ZY%%%%%%%u%e%U%E%5%%%%%%%%D%%$UDSVuVN^W~UVFEEM3}E3}E$uMMMMuEEEPjQhWm43E8E+EEuED3;tURQEDtMQjuPuuAPE@tMQju!EEEPjjh~m4EWup;t&~t'jj@tp
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#EPZPEME5MF)U\j<5HM\EP<3M]SMTEMlECz3;EPM MlVEPEMDEMEPh@M >M4hE4PE e0PEMT;tsM4ugM\E4PEPPMDEME.MDu hhMDMhEDP9]pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3[)]MMT$BJ3[P)]M1MT$BJ3V[)w]M8M8M8T$BJ3#[)D]MN]T$BJ3[J3Z *]M!]M]M]M]M]M\M\M\M\M\T$BJ3ZD*\M5M$LT$BJ3ZZ*{\MMMT$BJ3'Z+H\MOMguMBT$BJ3Y@+\MpOM.uT$BJ3Yt+[MMMMT$BJ3Y+[MT$BJ3bY+[MNT$BJ3?Y,`[u_Yu_YT$BJ3YD,1[MNMPtM+T$BJ3X,ZuS_YuI_Yu?_Yu5_YT$BJ3X,Zu_YMu^Yu^Yu^YT$BJ3IX,jZMyM(yMD0{MdxT$BJ3XT-&ZMxyM(5MDzT$BJ3W-YuH^YT$BJ3W-YMM8zMXwMtwMwMgzMYzT$BJ39W-ZYMcM8+zMXwMtwMxwMyMyT$BJ3V<.XM}wu?]YT$BJ3V.XT$BJ3V/XMM-wT$BJ3XV4/yXT$BJ3=V/^XMvT$BJ3V/;XMJ{T$BJ3UJ3U/XM(M T$BJ3U0WT$BJ3Ux3Up0WMMMMT$BJ3_U0WMJ9MB9T$BJ34U0UWM|2M0gM+M+M +M@+Ml8Mh8Md+M'MMMp*MXF2MS+MP62MT$BJ3T1VMG:T$BJ3nT1VMM:MT$BJ3;T1\VM_MhMZMLM>T$BJ3S 2VM}_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3z<3z|MMMPMtT$BJ3Dze|MMMPMtM]T$BJ3y,|MMT$BJ3y{u@Yu6Yu,Yu"YuYT$BJ3wy{M@qM\fMx[MGT$BJ33yT{uYuYuYuYuYu}YT$BJ3x<zMT$BJ3xzM@M\MxT$BJ3}xzMT$BJ3Zx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$Q9 D$V9 && t9 VhP9 ^9 D$V9 && t9 VhP9 ^9 D$V9 && t9 Vh P9 ^Ul$ 30 & j<P'9 5 9 70 }& 73VVVVP7Vj 0 E0 0 uP E0 ueH 9 }39 ;u& & t ? 7 VVuSP7Vj 9 0 ];u'9 & 9& t 9 7S lVVS Vj 0 E0 uPMEL 9 }39uu E& tM& 9& ;uuu Vj ; 9 E9E MMP@jPEP0 u9 ;}-E9EtM#& 9& t
Ansi based on Dropped File
(~WRD0000.doc)
t$QD$V&tVhP^D$V&tVhP^D$V&tVh P^Ul$3j<P'5 7}73VVVVP7VjEuPEueH}3;ut?7 VVuSP7Vj];u'9t7SlVVSVjEuPMEL}39uu EtM9;uuuVj; E9EMMP@jPEPu;}-E9EtM#9t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$t$K39 I & tl9 D$& t,y@u&9 @V$9 PR9 & t9 Vy7Y3^3@jHW69 0 ueNeM9 7V9 9 Fd& tPTvdXfd^9 I`& t j@ 5M ej5M& EPEPME~ME0 MM& tEqMMx 3m6EP-ME?EPEPME& uJEPEPM: & u63MEMEMEMM 9 M"!E9 0 ePE MD MEy3F U9 V9 ~@& & 9 NF@& t9 Nj39 Nd9 N & tf WE~$P9 K9 M& t0 M"u5YEPEP9 L& u9 j9 PND9 jP_^j@49 0 u~EB9 N3;t9 j0 ^9 N;t9 j0 ^9 N;t1}0 ^9 0 ^`ND]nQMN$bQ49 T$V9 & t79 D$& t/9 N0 V0 F& tW9 9RP_9 9 )9 3@3^V9 9 FW9 |$;u,~
Ansi based on Dropped File
(~WRD0000.doc)
t$t$K3I tlD$t,y@u&@V$PRtVy7Y3^3@jHW6ueNeM7VFdtPTvdXfd^I`tj@5Mej5MEPEPMEMEMMtEqMMx3m6EP-ME?EPEPMEuJEPEPMu63MEMEMEMMMEePE MDMEy3FUV~@NF@tNj3NdN tf WE~$PKMtM"u5YEPEPLujPNDjP_^j@4uEBN3;tj^N;tj^N;t1^^`ND]nQMN$bQ4T$Vt7D$t/NVFtW9RP_)3@3^VFW|$;u,~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T+ij[$ueC+M"2|$t1U$SVWuuu(MN3E;h3FVWPuEuE}tu9}}~ZuM*u;t;WEPt+9}tEMMEMWuuP<3EE;E|uuu_^[VD$tVVY^Vjx<h^j$$%h0YM3E;t@MMFjhMEEPEPEVYYMEjjjjEePNjNhMMNXItVh;D$tV_Y^j/BueNN EN0Ef@FDj`$39}u3EH+pME+p]uE5 E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t3MM}tjY}M?MEDME`WhMPVMTMEME|j}lEPeMtMM3MMEMEEPhM;PVMu*3ME}MEcMMujEPeMt3MMemMMEME!uMh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t9 U9 QSV9 3;uGj^SSSSS0 0F9 W9]w}Gj^SSSSS0 0"9 39]" A9MwOGj"9 M"w0 ]9 9]t-NE9 3uv W 0AE3;v9 U9Ur9 E;ErxI``IG;r3_^[9 U9 }
Ansi based on Dropped File
(~WRD0000.doc)
t`VEPu3u3D343EPE3E3;uO@u55^_[UQVuV3EFYuN /@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Target file exists [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TerminateProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
tGFU}Vttuuu =xuuut({tf^]UQQVu%W}t}t3@_P}uEtNEtN3@-ejURURPQ EtEFEF3^jtt$sd3U,SV}3uEE3WF ;~9^$~MF$M3@9W9^uV~0r9uH9^uNW8FN;uEE3_^[u}jVW~=uutjEPv(dtYEPju~JE9]u+EMUEN$F 59]tu9]u~u1at&EPjv,tEMUM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
This application has requested the Runtime to terminate it in an unusual way.Please contact the application's support team for more information.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tHt39 VW9 h3FWPd39 0 ~0 ~0 ~~@0 F+`@Ou `@Nu_^9 U9 30 ESW& Pv& 3 @;r`& & t.;w+@P
Ansi based on Dropped File
(~WRD0000.doc)
tHt3VWh3FWPd3~~~~@F+@Ou@Nu_^U3ESWPv3@;r t.;w+@P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
timeGetTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
tjP]Vj-T&^UQMejhx&EVD$tVDY^j;^ZuutbetjPu uM!h0h&j1MAuP3VD$tVY^j^^39}}uuWhWkuuP<P89EwTPM`F0;F4}}.Pt"EPWVhWW(F0PuN8RMM8jkM9tB3G9~7hYMet%3MWPG;|`D$t$A4D${Vt$u3%D$W>&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TLOSS error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TlsGetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
tMjh|NMPMMEPMuEDEKtj,dseEP3CM]tMjh|]MMEMEMEEPhMPVMMtEPjh|lM]EEME+M]jME^EesUQMejhEj4`ruM&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tML!P & u-Pu"jjM*!P& uPEME)ME )EPu& & ulS& \9 0 eP29 M 9 uF9 ~=}@'~~=_}@p~D$V9 tV:xY9 ^V9 9 F& t9 PQ9 v& tV ^V9 D$tV~Y9 ^U9 Qh|tjjhRt,& & teeME0 E j@B9 39^u3dEP~(S9 0 ]& uK9 F9 URP ;ujPv Y9 0 M0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
tML!Pu-Pu"jjM*!PuPEME)ME)EPuulS\eP2MuF~=}@'~~=_}@p~D$VtV:Y^VFtPQvtV^VD$tVY^UQh|tjjht,teeMEEj@B39^u3dEP~(S]uKFURP;ujPvYM];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tMMM ME%MEAEPh4MPVMu+MEMEMMuVOjG+Y3<^jMeM]MMj,DMeeEPPMEMEtMt@KLMMW_MME!MEPhdMEPVMuE@KLuMEMEjEP^eMNtMM3MeMEM>uMhEPVM]3u(MEMEMMIFjDmeEP3ECP]MEtMjh|]MMEMEMEjEPM"PVMuMjh|{]9MxtjEPMMEPEM]EaMEMEMEM]2ME&E-jFeEPEPMEwt$3ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TN9a&g`MGiIwn>JjZf@;7SG00S$6)WTg#.zfJah]+o*7Z-incomplete dynamic bit lengths treeoversubscribed dynamic bit lengths treeincomplete literal/length treeoversubscribed literal/length treeempty distance tree with lengthsincomplete distance treeoversubscribed distance treeinvalid literal/length codeinvalid distance codeUT/..\/../\../\..\invalid bit length repeattoo many length or distance symbolsinvalid stored block lengthsinvalid block typeincorrect data checkincorrect header checkinvalid window sizeunknown compression method%s%s%s%s%sll'M>>lmmmlmCRegMonitor::~CRegMonitorCRegMonitor::Inits'M>pmPq)omoooKrendCSingletonLogic::OnAboutToClosestartCSingletonLogic::CreateSingletonLogicHWNDCSingletonLogic::~CSingletonLogicWM_QUIT - AfterCSingletonLogic::OnMessageWM_QUIT - BeforeCSingletonLogic::WorkerThreadRunCSingletonLogic::CreateSingletonLogicThreadB)?xxBxxymGau;~{xx|2vwwEI CWindowStyledBorder Class`8,YOUOY_YY_,(O(2Y2Column1LoggerWndCLOGGER_WND_CLASS$TRANSLATIONTRANSLATED_KEY</TRANSLATED_KEY></TRANSLATION><TRANSLATION></KEY_ID><KEY_ID><TRANSLATED_KEY>H6</LANGUAGE_PACK></TRANSLATED_KEYS><TRANSLATED_KEYS></LOCALE><LOCALE><LANGUAGE_PACK>en-usLANGUAGE_PACKtooltips_class32 83MM h(w/NSysListView32X7dUnknown exceptionlXdddcsm Access violation - no RTTI data!Bad dynamic_cast!&??33EncodePointerKERNEL32.DLLDecodePointerFlsFreeFlsSetValueFlsGetValueFlsAllocCorExitProcessmscoree.dll(T&dbad exceptionruntime error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tPMI9 C"!;|9 MEPxPM0 uEG9 Ej8_H29 0 ]MTeM=9 MhaEPEPMELNMEFM1?9 u& u?EP9 %EPEP9 P9 ENMEmF9 C9 Mh\: EPTPMEMME<FM>& u<EP9 EPEP9 ~hP9 E MMEE9 >C9 MhEPPMEbMMEEMG>9 ]& u;uE~xP9 4M9 B9 MhaEPPMEMMEwEM=& u5MB~x9 =& t;uEP9 LEP}L9 MhEP$P}ELMEE9 Mh9 & M;EP9 0 ejh0 EJ9 IMD=& u9tE^xP9 5L9 AMz;EP9 0 ejhE
Ansi based on Dropped File
(~WRD0000.doc)
TQjhB[VV0uVYEuF\]3G~t$hVP<hWu~pCKCFh@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tr3ME7j"6u3E;t;tm;tZ;tG;t4;t!;t;t;tc;tP<;tPAY@SPl;~SP;t9SjP;tPjEYlESDER]M,6UQMejhEU0SVWEPs@uuuu5PWEE8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TRANSLATED_KEY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATED_KEYS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATION_KEYS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ttjj5(w0^_jH&39u;t9pt,=0Vps0p=0;tptVpMMURuPujEjP9hYEEtdc3ej|VEYejVEEs4usEjg3VVdjejhVVVdh222LdK<jgPjhMVEE)i=PuEPPVuEPuuuMEu=0)EePEPjEPE*jFj+QPvRpMEP5`3tQbjpjpMEH;9q9pu@spMEFUERPTuF+EMURPXuF+FM+EEjPuuupjpEeeEEEHuPMMjdR&}3;u3;tptVp0MmMQuPHEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tu9 E0 G`u9 E0 Gd3<9 U9 9 E]9 U9 9 E]jhF9<euu\0 E/9 E9 9 0 E3= 9 9 e}uj eE9 E+<9 U9 3@}u3]U9 SVWUjjhuZJ]_^[9 ]9 L$At29 D$9 H3"
Ansi based on Dropped File
(~WRD0000.doc)
tuEG`uEGd3<UE]UE]jhF9<euu\E/EE3=e}ujeEE+<U3@}u3]USVWUjjhuZJ]_^[]L$At2D$H3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tUQSV3;uGj^SSSSS0FW9]w}Gj^SSSSS0"39]A9MwOGj"M"w]9]t-NE3uvW0AE3;vU9UrE;ErIIG;r3_^[U}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tVURPEPQtfEM3^USVu3;t9]t8uE;t3f3^[uM5E9XuE;tff8]tE`p3@EPP\:YYt}E~%9M| 39]RuQVjpEuM;r 8^t8]eMapY*8]tE`p:39]PuEjVjp:Ujuuu]UEu3]V3;|;r~VVVVV"3D@^]USVW3jSSu]]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Type Descriptor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
u 0u`<xt<XuG`G9 3uNt0t1` a w ;MsM9Er'u;v!M}u#9 EOu }t9 }e[9 ]]0 ]`G9 uu=t} w& u+9uv&TE"tMEjX" 0 E9 E& t0 8Et] }t9 E`p9 E9 E& t0 0 }t9 E`p3[_^9 U9 3Puuu9TuhPP]9 U9 V39uu/TVVVVV'uEuEuEBP0 u0 uU^9 U9 ujuhR ]jh@: 9 u& tu=|uCjYeV-Y0 E& tVPNYYE}u7u
Ansi based on Dropped File
(~WRD0000.doc)
u M@u Mu6G! 9 9 9 " YY`M L9 9 9 " D$ M eHM& EtrjW630 E;ug 8tN6jEP60 ]& uf}u9 E"!RP6R;tSS6;tE 0@@& }u9 E#uME9 E#;tD=t)=@t"=t)=@t"=t=@uE9 M#;uE]E E@0 ]& 9 E#=@ = tw;& 9 E; yvv0& fE3H &H& REEjSS6tSSS6# jEP6e ttk& }uYE9 E; b! PjSS6W CSSS6B#& 9 E%=u6Y4j^0 09 d=uSj6 EASS6"!EE9 E+PD=P6b 9}9 9 9 D$`2M 09 9 9 D$9 M`
Ansi based on Dropped File
(~WRD0000.doc)
u VYL hh! hP! YY& uBh_OB T& $L! c=YthN!Y& tjjj3]jh@Cj;KYe3C9 0 `E}& 5Y9 0 }& tx5Y9 0 u0 }0 u0 u;rW9t;rJ69 0 5~9 5 9}u9Et0 }0 }0 E9 0 u9 }xhx! l! _Yh ! |! OYE}u(0 jiIYu3C}tjPIY9 U9 jju]jjj9 V9 V$V V"!VVV}VcV
Ansi based on Dropped File
(~WRD0000.doc)
u0 EuuuSuSuSW9 =u9 Ex|thhh jj0 Eu0 ESu0 ESj0 EX)E)EEEjjuuuuSuSuSuu9 Mj9 uS4MMBR3EjtaD9 0 u`9 } 30 }$P9 0 ES0 ,9 <E39Lu"39D$u
Ansi based on Dropped File
(~WRD0000.doc)
u0u<xt<XuGG3uNt0t1aw ;MsM9Er'u;v!M}u#EOu }t}e[]]]Guu=t}wu+9uv&TE"tMEjXEEt8Et]}tE`pEEt0}tE`p3[_^U3Puuu9TuhPP]U V39uu/TVVVVV'uEuEuEBPuuU^UujuhR]jh@utu=|uCjYeV-YEtVPNYYE}u7u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u39u3AM]PM9URhjURh,t]P]Q;9]M3]}tr/~g3jZ]Qm3YE~F3MWEPEPMDMEpMjXfG;|MjYUR3URufE}UR3FVjfEh,tuPQ|u~#3EDtPKuuYuEj,5?3SjEPE];t9]tzEPEURP]Qt;|I9]tDjuM_MEnEPEPMEMEWM]LEPQEPE@VtCt:h|hjlGhSh^VWtP0)'F,PF<t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u3@^]j4r*1M3;gHTG9EV9uM]{$+{suus(+s }uVWsE5PuEejhTEQmeejh|9mM3PPPEjzPuh s EssuWjjujuEuT=t8u}j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u3}hV@@PN3jOujvQeNN$EN4ENHEwNXEkNhE_ENDFxEF|EnjOuNhE6NXE*NHEN4EN$ENEMPjOujzPeNN$EN4ENHE{NXEoNhEcEu!Fx!F|NDHxNxH|N|@DFDSjOluujOeNf4N(f,f0j7P%u}tG3PjOe^3E;uN(F,F0GGP*G(F(G,F,G0F04t'hyYEEtw4}3F4gjePuN43@EtPf4NE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u9 3@^]j4r*10 M9 3; gHTG9EV9uRM9 ]9 {$+{s0 u0 u9 s(+s 0 }0 u VWs0 E 9 5Pu0 E9 0 ejhTS0 EQme9 0 ejh|9 9mM3PPP9 E9 jzPuh s 0 EssuWjju ju 9 E9 uT=& t8u}j
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P uuWuv 9 9 9 _^]^]% V9 D$tV Y9 ^SV9 _9 \$S& tfW39~@uZ9 D$0 ^D0 FH3`& t@WWWWWWWWh WhS 0 F@;u39 = VjPhjv@0 F3@_^[j19 0 u e}Lp$}E W$}EH$$(9 bj1}9 0 u9 }W
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P43^9 }9 79 ]VjS Wu0 ^hS49 & u& u9 u9 SP@& & uuS& u9 9 P0& uuujuv uu& t9 9 Pjuuj9 ]9 & t9 QPu9 R& & 0 S\Ss9 + # tE-"!& & t*u9 uWu9 P& & uuW7uuS9 }9 & t*9 QP9 EPEP9 & & Wuh
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 R9uuMM)z9 h3FV9 D$tVIY9 ^jHj,e}u9 Mjh|9 Iu& u9 Mjh|9 : ,MQ9 9 M3EFP0 u M0 uE y9 Ej uEPm3M0 uq& tMMQy9 YMq9 M30 Fj0sB`9 0 }33M0 uf0 E0 u3rpPMdMEEuq& & " V9 ;tP9 ;t0 uM+pPM9 EE;t9 3Pjw09 9 9 ;t59 9 uSP$9 E9 @$9 UR9 uSPQH9 }0 E9 ME& t 9 5EPEP& t9 SP9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
u9 @9 _[Ul$ 30 & j0N}9 & 9 9 e0 M0 }0 u0 E@0 E& tV9 'B0 EVWh4hj3hPf0 EEP EPVWL & & 9 5P SEPju{Y& uIEPEPuL & u4jEPMejMh9 MPuMMSEPju;u}tu$ uuT 9 & u9Et9 M& tua?jX
Ansi based on Dropped File
(~WRD0000.doc)
u9 ^]U9 SVWujj9 }9 59 SWu 0 EPW0 E u0 EuuuW uWuW9 5Su _^[]|$u3t$ SW9 |$9 & u3#VW9 & tV9 VW9 9 ^_[U9 QQSV9 u9 & tcu& tV9 0 E9 FW9 = 0 EEPu9 E0 9 E0 F9 F0 E9 F0 EEPu}9 E0 F9 E0 F_tV9 ^[U9 QQSV9 u9 & tcu& tV9 0 E9 FW9 = 0 EEPu9 E0 9 E0 F9 F0 E9 F0 EEPu}9 E0 F9 E0 F_tV9 ^[U9 }SVW9 tCu9 5& t4uR 9 W& t"ju9 uu9 uW3@3_^[]U9 }VW9 t<u9 5& t-u& t$ju9 uu9 uup3@3_^]V9 t$& t4jV |$t@u
Ansi based on Dropped File
(~WRD0000.doc)
u9 B3@_^[j}NA9 MhPuuuhhVjHEPj3Wuu0 ;& 9 , EPWEPWu0 }u}0 Eu(u$ 3}h" V@@P=t';t#u$ u3}h" V@@P9 EDjP9 YY& tl9 E0 EEPWEPjuu& u>9 E;Ew63jf0 GWM9 MeEP{!WMYMWY9 Mj}u$ h|Vj3@3" PhVAAQ3"!U9 QeSW@9 & t
Ansi based on Dropped File
(~WRD0000.doc)
u9 D$_9 D$9 U9 ] 9 U9 ] jhH@eMx:9 M+M0 MU9 E0 E9 E9 0 E9 E8csmtE9 E m9 eEjhh@ze9 u9 EEeMx)u9 MUEE}uuuuu@jh@30 E0 E0 E9 E;E}9 u9 Uu0 uEEE}uuuuu! Dn;";[;:C:B:99 U9 }}tt }]=t-U9 $,$=t<$XfftU9 T$|$l$9 T$9 D$& t<& y$9 $ 9 T$,$9 $9 T$9 T$u\$\$=VVthV}Y& tVU9 & t9 FtPXVRWYj0 jh@4(VepXPTY 9 E9 9 0 MPQ7~YY9 eu_]9 U9 TSPS& uuSPT& u(PP0 9 M9 QT0 PT9 QX0 PX9 QQ0 PU= Vth V}Y& t VI9 U9 QSW9 }30 ];u "!kSSSSS=VYShjX9 YY;tJ.UplVS9 EYYVjVh& u0 ~TS0 FX(9 0 ~;tW, u#P0 EVCY9]tu,kY9 ^_[9 U9 9 USVW3;t9 ];wjj^0 0WWWWW9 _^[]9 u;u3f0 9 f0 AAFFf;tKu3;uf0 jj"Y0 9 9 U9 9 EVWu|PL& Y& u3U& ub& ( |}& }cR & | B & |jaYY& ux3;u19=x~
Ansi based on Dropped File
(~WRD0000.doc)
U9 h9 P(R9 P$R]9 D$9 T$0 SVW9 D$UPjhd5 3PD$d9 D$(9 X9 pt:|$,t;t$,v-4v9 0 L$0 H|uh9 DI9 D_9 L$d0
Ansi based on Dropped File
(~WRD0000.doc)
u9 M0 _[9 U9 | 30 E9 ES3V30 E9 EF3W0 E}0 ]R0 u0 ]0 ]0 ]0 ]0 ]S0 ]0 ] 9]$u(kSSSSS3N9 U0 U`< t<t<
Ansi based on Dropped File
(~WRD0000.doc)
u9 Mfu-9 E0 EEPM]e9 MPCMMfuE0 EEPM)Efuf}9 u9 9 MPVkfu'9 E0 EEPMe9 MPEM3=,1+RYVt$9 RY& u
Ansi based on Dropped File
(~WRD0000.doc)
u9 MX39 0 MD;t9 ]|D& 9 0 49 A0 9 MDF;u\r9 D= 9 ]LM@0 E\9 E|0 ED9 EH;E40 U<0 U 0 " X0 U00 UX9 }(HD& 0 M0 E,9 E,9 0 E8; 9 ELM89EH}9 ML9 +9 ML9 UE@0 E 9 E4+0 U0 EX;v0 MX9 MH9 U83+@B;v%9 u,+U8;MXs
Ansi based on Dropped File
(~WRD0000.doc)
U9 QQV9 9 FV0M EPM t/VvMxEPMw t9 iu9 EOEPMT u/SW9 }9 ]MSWEP9 EPM' t_[u9 uu9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^/ijZ9 0 uL"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , }LE}$E hM9 P\j8Y9 h#MD0 E$3P9 0 ]A9 M3SGWM >9h|#M
Ansi based on Dropped File
(~WRD0000.doc)
u9 u9 P9 Ej{j z9 9 MEP3H!}M& u}P9 URP9 }t& t9 j9 u}P9 URPMMz8u39 9 P& t9 9 bDj(Qy9 }u3eEPu|9 2"!& t}um9 9 P9 & tjsY0 Ee& t9 <3uM0 EEP9 }9 MPEMM'u9 u9 Pu9 M: 9 E0 EEPM
Ansi based on Dropped File
(~WRD0000.doc)
u9 u9 uPPju ^u9 Y& u9 uWu9 9 P 9 Vju 9 !uY& u9 9 RuY& xu9 9 R0u Y& 9 M9 QMQ9 R8ujY& 9 M9 QMQ9 R49 ujV9 #]& tVD jeDMQ P9 0 E\& } u9 _u9 V^9 E0 p9 M39ytjV
Ansi based on Dropped File
(~WRD0000.doc)
U9 VE9 Pv< & t9 E+F(9 P9 E+F$P_^V9 9 N8& tDh|$9 N8thjdjj39 N89 N89 jP9 ^j4%e9 }3C9 0 ]G`0 ]h9 2: j
Ansi based on Dropped File
(~WRD0000.doc)
u@_[Ul$3j0N eM}uE@EtV'BEVWh4hj3hPfEEP EPVWL5PSEPju{YuIEPEPuLu4jEPMejMhMPuMMSEPju;u}tu$uuTu9EtMtua?jX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u^[_3:u~at(:uAtf:t3^[_G^[_^[_Uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u^[_3`:u~`a t(`:u`A t`f:t3^[_`G^[_9 ^[_9 U9 j
Ansi based on Dropped File
(~WRD0000.doc)
u^]USVWujj}5SWu EPWE uEuuuWuWuW5Su _^[]|$u3t$SW|$u3#VWtVVW^_[UQQSVutcutVEFW=EEPuEEFFEFEEPu}EFEF_tV^[UQQSVutcutVEFW=EEPuEEFFEFEEPu}EFEF_tV^[U}SVWtCu5t4uWt"juuuuW3@3_^[]U}VWt<u5t-ut$juuuuup3@3_^]Vt$t4jV|$t@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uB3@_^[jNAMhPuuuhhVjHEPj3Wuu0;,EPWEPWu}u}Eu(u$3}hV@@P=t';t#u$u3}hV@@PEDjPYYtlEEEPWEPjuuu>E;Ew63jfGWMMeEP{!WMYMWYMj}u$h|Vj3@3PhVAAQ3UQeSW@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uD$_D$U]U]jhH@eMx:M+MMUEEEEE8csmtEEmeEjhh@zeuEEeMx)uMUEE}uuuuu@jh@3EEEE;E}uUuuEEE}uuuuuDn;";[;:C:B:9U}}tt}]=t-U$,$=t<$XfftU T$|$l$T$D$t<y$$T$,$$T$T$u\$\$=VVthV}YtVUtFtPXVWYj0jh@4(VepXPTYEMPQ7~YYeu_]UTSPSuuSPTu(PP0MQTPTQXPXQQPU=VthV}YtVIUQSW}3];u kSSSSS=VYShjXYY;tJ.UplVSEYYVjVhu~TSFX(~;tW,u#PEVCY9]tu,kY^_[UUSVW3;t];wjj^0WWWWW_^[]u;u3ffAAFFf;tKu3;ufjj"YUEVWu|PLYu3Uub(|}}cR| B|jYYux3;u19=x~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UDR 9 UDRP9}hu<;uUMD%& A9 MTEDPV ; ,MD& & 3C; 9}ht9 Mp& & 9}\u9}huMD& & Wh`ttSWvk;t9 A&; PM4}~9 N9 U4RP<;u
Ansi based on Dropped File
(~WRD0000.doc)
UDRUDRP9}hu<;uUMD%AMTEDPV;,MD3C;9}htMp9}\u9}huMDWh`ttSWvk;tA&;PM4NU4RP<;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uE3B;r9]u9 E x@! G 9 W;u0 ]9 ]9 u+0 E9 D0 tyjju;Eu 9 G9 M 8
Ansi based on Dropped File
(~WRD0000.doc)
uE3B;r9]uEx@GW;u]]u+ED0tyjju;Eu GM8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ue9 U9 QSVW5Hg59 0 }8g9 YY; 9 +CrwWm9 CY;sH;s9 ;rPuTmYY& uG;r@Pu>mYY& t1P4SfYuEf0 V:fY9 EY3_^[9 Vjj l9 Vf& ujX^&3^jhx?,KneuY0 EE9 E-*n9 U9 uYH]9 QUrpY9 U9 V9 EtVY9 ^]9 U9 9 EQPT6YY@]9 U9 QS9 E0 Ed9 9 d9 E9 ]9 m9 c[XY! $9 U9 QQSVWd9 50 uE9 juuu: :9 E9 @9 M0 Ad9 =9 ]0 ;d0 _^[U9 SVW0 E3PPPuuuuu{ 0 E_^[9 E9 ]9 U9 V9 u9 N39 jVvvjuvu { ^]9 U9 8S}#u9 M0 3@eE M30 E9 E0 E9 E0 E9 E0 E9 E 0 Eeee0 e0 md0 EEdE9 E0 E9 E0 Ef9 0 EEP9 E0UYYe}td9 9 9 ]0 d0 9 Ed9 E[9 U9 QS9 E9 H3M9 E9 @ft9 E@$3@ljj9 Ep9 Ep9 Epju9 EpuLz 9 Ex$uuujjjjjEPh#9 E9 ]9 c9 k 3@[9 U9 QSVW9 }9 G9 w0 E9 -u{9 MN9 k9 M9H};H~uM9 ]0 u}}9 EF0 09 E0 ;_w;vz9 kE_^[9 U9 9 EV9 u0 be9 0 FTe0 9 ^]9 U9 ?e9
Ansi based on Dropped File
(~WRD0000.doc)
uE@;rG @juu & }:9Ew9 Ott9 G0 E9 D0tE9 E)E9 E9 M^_[jhhA339u" ;u?VVVVV'uY0 uuY0 EE9 EuY9 U9 V9 u9 Fu ?g}0 FuVEeYV9 FY y0 FttuFuuV
Ansi based on Dropped File
(~WRD0000.doc)
uE@;rG @juu}:9EwOttGED0tEE)EEM^_[jhhA339u;u?VVVVV'uYuuYEEEuYUVuFu?g}FuVEeYVFYyFttuFuuV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ueUQSVW5Hg5}8gYY;+CrwWmCY;sH;s;rPuTmYYuG;r@Pu>mYYt1P4SfYuEfV:fYEY3_^[Vjj lVfujX^&3^jhx?,KneuYEEE-*nUuYH]QUrpYUVEtVY^]UEQPT6YY@]UQSEEddE]mc[XY$UQQSVWd5uEjuuu:E@MAd=];d_^[USVWE3PPPuuuuu{ E_^[E]UVuN3jVvvjuvu{ ^]U8S}#uM3@eEM3EEEEEEEE EeeeemdEEdEEEEEfEEPE0UYYe}td]dEdE[UQSEH3ME@ftE@$3@ljjEpEpEpjuEpuLz Ex$uuujjjjjEPh#E]ck 3@[UQSVW}GwE-u{MNkM9H};H~uM]u}}EF0E;_w;vzkE_^[UEVubeFTe^]U?e
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uFFdF$FFFF F$lFP$FXF\ |GWPME"%MJXtS9YMZGWPMEPMtEvEgEEMl$8l$l$}l$ pl$Pkl$^l$ l$Jl$;PJl$+l$$l$l$l$Xl$Pl$l$l$wl$ jl$l$l$l$?l$ l$\l$Xrl$el$l$$Vl$Gl$Pl$l$l$!l$ l$ l$l$l$l$$l$Xwl$jUEV3u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UhP(RP$R]D$T$SVWD$UPjhd53PD$dD$(Xpt:|$,t;t$,v-4vL$H|uhDID_L$d
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uhpeN;~$EuEvjX.uN$ENE]DM@\VWPt+tNQIjN<@_^UQeQMRMEj.jD/YMet3Mjh(MIjjEPE> utj3MMC$tt$h,j .39]9]M:M]:MEvwMSEPh EPh#tXMX;uLM=M=MjEPEP#MC;rMEBMMB3@MEwBMMkB3sVD$tVY^|$Vu3(N$th(%tPt$^jP.6Mejh|MGME8MEXhxhhEPMfEePJ5h4AEPtqM9ueEePJht=Pt13FME@ME@MMMtj3VWtV#_^j!/u}^3}DX7MEcN5pMEXjJMX3hfF$-BM~(~0~,MEF45lM~8~<EMEMU(SVE^P@7Pv(xunWj(3EWPF(hWEE}}E}jEE}6EEP|f;fF$_u33@^[jP/uu3HuO0ttnAukjmYEetNQvD3Mj @YEEtj`3MPjHp5(w3@j0/E3+ HHHHHtH9~,j YE};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uiParamsCount != 1
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 3
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 4
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ujEPeMuTMMEMEuMhPVMMEMEMMjEPZeMJt3MMMNMESMEouMhPVMaME#MEj|~EPeMtj^MM%MMEMEEPhMHPVMjYuMu<}uMEtMEZvj}EPeMt3MMlt~MMEME(uMh$PVMMEMEj5}EP~eMnt3MM}MrMEwMEuMhHPVMMEGME-j|EPeMt3MMBJ}MMEMEEPhHMmPVMu!EuMEMEj|EPMeM=tj<^MM|MBMEGMEcEPhMPVMuE<u,;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM3M& uhavY9 0 ME;t3MQ9 ]0 E;u+;tu9 M;u9 M9 ;tV:}Y0 ]9] ,u9 u9 PU9 ,ESVW3WWWjP5"!d 9 ]j;9 }0 E^u0 3j0 7h EPud& tIEPju & ~6}9 Eu"!+0 E}9 50 9 E0 tu}tu0 30 7uh _^[j|QZ{9 39}u3EPu~9 0 }a;t9 E;& 98t9 9 9 R;t9 9 R@9 ;th
Ansi based on Dropped File
(~WRD0000.doc)
uM3MuhvYME;t3MQ]E;u+;tuM;uM;tV:}Y]9],uuPU,ESVW3WWWjP5d]j;}E^u3j7hEPudtIEPju~6}Eu+E}5Etu}tu37uh_^[j|QZ{39}u3EPu};tE;98tR;tR@;th
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM@uMu6GYYMLD$ MeHMEtrjW63E;ug 8tN6jEP6]uf}uERP6;tSS6;tE0@@}uE#uMEE#;tD=t)=@t"=t)=@t"=t=@uEM#;uE]EE@]E#=@=tw;E;yvv0fE3H&HREEjSS6tSSS6#jEP6ettk}uYEE;bPjSS6WCSSS6B#E%=u6Y4j^0d=uSj6EASS6EEE+PD=P6b9}D$2M0D$M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM_[U|3EES3V3EEF3WE}]u]]]]]]]9]$u(kSSSSS3NUU< t<t<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMEEP !EuMEP!EuEP}M#M6M}EPEPEPEFUM~EEPEPFVPM\EPM[tQhSj:ME$MEMEMEMMM%puh||PEPE~u$hSj:|E`V|PEPy|EMEbMEVMEJME>MM23@1h`hHSjx9h4Sjc93UVWhHVj:9t}t9EuhnuEPWwMEPMuh7M|u&MhuhVj83@hVj83_^UVuEPVvMEPM3^j"MzeEPu3t)MH|uEP|MMMM3jDr2hMneEPM-nh\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMfu-EEEPM]eMPCMMfuEEEPM)Efuf}uMPVkfu'EEEPMeMPEM3=,1+RYVt$RYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMX3MD;t]|D4AMDF;u\rD=]LM@E\E|EDEH;E4U<UXU0UX}(HDME,E,E8;ELM89EHML+MLUE@E E4+UEX;vMXMHU83+@B;v%u,+U8;MXs
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
unblockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
unknown compression method
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
UNSPECIFIED_ERROR
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uOY& uV[YFW 9 F9 >H0 9 N+I;0 N~WPu0 EM 0 Fy9 Mtt9 9 " @ tjSSQ4H#t%9 F`M3GWEPu70 E9}tN 9 E%_[^9 U9 @@txtPu [YYf;u]]9 U9 V9 u9 EM>Yt}^]9 U9 G@SV9 9 t7u19 E0MP9 ~CC>Yu8*uj?9 cY}^[]9 U9 t 30 E9 ES9 ]V9 uWu30 & 0 0 0 0 0 0 0 0 9u3oWWWWWm t
Ansi based on Dropped File
(~WRD0000.doc)
uOYuV[YFWF>HN+I;N~WPuEM FyMtt@ tjSSQ4H#t%FM3GWEPu7E9}tN E%_[^U@@txtPu [YYf;u]]UVuEM>Yt}^]UG@SVt7u1E0MP~CC>Yu8*uj?cY}^[]Ut3EES]VuWu39u3oWWWWWmt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP uuWuv_^]^]%VD$tVY^SV_\$StfW39~@uZD$^DFH3`t@WWWWWWWWhWhSF@;u3=VjPhjv@F3@_^[j1ueLp$EW$EH$$(bj1}u}W
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP43^}7]VjSWu^hS4uuuSP@uuSuP0uuujuvuutPjuuj]tQPuRS\Ss+#tE- t*uuWuPuuW7uuS}t*QPEPEPWuh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uPYY]3]jTh@EK3}EPEj@j ^VYY;50@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uPYY]3]jTh@EKa30 }ESPEj@j ^VYY; 0 5 0@@
Ansi based on Dropped File
(~WRD0000.doc)
UQQVFV0MEPMt/VvMxEPMwtiuEOEPMTu/SW}]MSWEPEPM't_[uuuE^UVVvMFV0MuEuuuPvffY^/ijZuL"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , LE$EhMP\j8Yh#MDE$3P]AM3SGWM>9h|#M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uR9uuMM)zh3FVD$tVIY^jHj,e}uMjh|IuuMjh|,MQM3EFPuMuEyEjuEPm3MuqtMMQyYMqM3Fj0sB`}33MufEu3rpPMdMEEuqV;tP;tuM+pPMEE;t3Pjw0;t5uSP$E@$URuSPQH}EMEt5EPEPtSPEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
User-Agent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uuPEj{jzMEP3H!}MuPURP}ttjuPURPMMz8u3PtbDj(Qy}u3eEPu|2t}umPtjsYEet<3uMEEP}MPEMM'uuPuMEEEPM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuuPPju^uYuuWuP Vju!uYuRuYuR0uYMQMQR8ujYMQMQR4ujV#]tVDjeDMQPE\}u_uV^EpM39ytjV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuuuuPtV9 jjND$tVNY9 ^j;19 0 uQ0 e0 eue9 9 SVW9 |$ -9 9 u$v9 9 6j9 W ~-Y9 t_^[VW9 w9 p9 0 @9 g0 9 6_0 v^j0: 9 0 ued 6YXU9 QVEPEP9 .9 ^V9 j
Ansi based on Dropped File
(~WRD0000.doc)
uuuuuPtVjjND$tVNY^j;1uQeeueSVW|$-u$v6jW~-Yt_^[VWwp@g6_v^j0ued6YXUQVEPEP.^Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UVEPv<tE+F(PE+F$P_^VN8tDh|$N8thjdjj3N8N8jP^j4%e}3C]G]h2j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uVYL hhhPYYuBh_OBT$Lc=YthN!Ytjjj3]jh@Cj;KYe3C9E}5Y}tx5Yu}uu;rW9t;rJ6559}u9Et}}Eu}hxl_Yh|OYE}u(jiIYu3C}tjPIYUjju]jjjVV$VVVVV}VcV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uY& uVYFW 9 F9 >H0 9 N++0 N& ~WPu0 EN 0 F=9 Mtt9 9 " @ tSjjQz#t-9 F9 ]f0 jEPu9 9 ]f0 ]u0 E9}tN 9 %_[^U9 WVS9 MtM9 u9 }AZ I`&
Ansi based on Dropped File
(~WRD0000.doc)
uy3MPj5(uEPEP9 & ujX9 M ejEPMSPN(E'9 MEDMM0 F8z jNx9 ee9 u9 4zeh%9 E9 u9
Ansi based on Dropped File
(~WRD0000.doc)
uY9 0 M0 };t3uMu9 u0 EV]& u9 M9 ;t0V{Y0 }9}t
Ansi based on Dropped File
(~WRD0000.doc)
uYM};t3uMuuEV]uM;t0V{Y}9}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uYuVYFWF>HN++N~WPuEN F=Mtt@ tSjjQz#t-F]fjEPu]f]uE9}tN %_[^UWVSMtMu}AZ I&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u{9 F^j,&Mu3uMu0 uS1;uFMM9 fj,&Mu3uMu0 uz;uFMM9 !j,&:Mu3uM0 u};uFMM{9 j,&MKu3M0 u3;uFMM<9 j@,Me9 0 eju@]EPMHMEOPj5pMcME/WMM3+j,&DM 3PP5pM0 EEcMM3j,&MXejj5pMcMMH3j,&MueMq@MM3sj,&RMueM=MM3:V9 9 N& t`9 N^" ! ^j.99 ~u%jLAY9 0 Me& tFP#! 30 F9 FUdh,9 MA9 eVP49M`S%EPMEjd_j[SE@PE9 0 eXPE0 }@^M`^)E PMHj\M E`PM 9 ;VjE0PM 5`M0E M& & 9 0 eXjhZE0P@@E|9 & ~zMKEPNV@E & tMEPM
Ansi based on Dropped File
(~WRD0000.doc)
u{F^j,&Mu3uMuu1;uFMMfj,&Mu3uMuuz;uFMM!j,&:Mu3uMu;uFMM{j,&MKu3Mu3;uFMM<j@,Meeju@]EPMHMEOPj5pMcME/WMM3+j,&DM3PP5pMEEcMM3j,&MXejj5pMcMMH3j,&MueMq@MM3sj,&MueM=MM3:VNtN^^j.9~u%jLAYMetFP#3FFUdh,MAeVP49M`S%EPMEjd_j[SE@PEeXPE}@^M`^)E PMHj\M E`PM ;VjE0PM 5`M0EMeXjhZE0P@@E|~zMKEPNV@EtMEPM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u|_3GWu|PE|hLkYE`et`3We`Sh|]7vWu|P`MP(ShPMd}7EPPEdPEYYMdE1UPRPPMP]1t~MMPEE(ShMdE/7EPPEdPEmYYMdE41EPPcthtMPE1M]M@'M0E'ShMdE6E0PEdPEYYMdE0M@E@PMEVM@)uM@'PM03M0'=PhvM@'Sh(MdE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V,F@ F@@ FpFy dG@MWS@ HECjD\r2hM\meEPMlh\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
v,WWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
V3GPN$]G4PNG$PN4uNGPNHMVEE;EmMM3@}UTj,}h,wYM et3}u3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V3Mj&YME;tVS3MMP2EE;Erj3W3@},U`j,+u`El3;9^@x;@MElnM]G;9^9^hTF%YM,E;tU3ulW]EljM3NnM0EMPEM@ExM0QEP$MPQPM@QPMPuAM@u5M0u)E@PEPPE0PMtEPPM;tG9]lto;ukjd$YMlE;tV3M`PEM@EMPEM0EM]fmMMZm3PjM@EMPEM0EM]mjMMm3@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V8F@ F@@ Fp\Lz uA B IA p,;1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V9 3GPN$]G4PNG$PN4uNGPNHx9 MV"!E9 E;ERmMM 3@}UTj,"!}h,wY9 0 M e& t9 30 }& u39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 3Mj&Y9 0 ME;tVS39 MMP2E9 E;Er 9 j9 3W3@},U`j, +9 0 u`9 El3; 9^@& 9 x; 9 @M0 ElnM0 ]G~; : 9^ 9^ 0 hTF%Y9 0 M,E;tU9 3ul9 W]0 El9 j9 M3NnM0EMPE M@Ex9 M0Q9 EP$9 MPQ9 P9 M@Q9 PMP& uAM@& u5M0& u)E@PEPPE0PM & tEPPM;tG9]lto;ukjd$Y9 0 MlE;tV39 M`PEM@EMPEM0EM]fmMMZm3P9 j9 M@E~MPE M0E M]m9 j9 MMm3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 9 9 MMcSV9 ~W9 >}R?u9 9 0}9 _^[V9 ! D$tVcY9 ^j V9 ~$u5Wh xxWj
Ansi based on Dropped File
(~WRD0000.doc)
V9 d9 M& uDhf0 EESP" EPSSh S@& |EP9 &]V9 dMi3CM0 ] & 9 M& & x9 M& & h9 MEP$MEXS& t!jh|9 9 `M0 ]]ZDEP9 /bhH9 cjWMc`jWMET`MELQ9 ME PEPMEaM ECZMQPMbWMb9 MjE P PMEaaM EZM`QPMaWMaMFQPM=QP9 }R9 MVcM0 ]EYEMYMExYM] YMEg9 E'9 MVhLrPV9 b0 ]ME^g9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 u; xxtvhtajtLqt6t& 9 MWue9 MWT9 MWC9 M9 P@39 M9 P<#9 My@ 9 E jZf0 9 ID0 H9 MW 9 - H " -tst`9 MejjEP& 9 Et1& t7u(9 u$u WuuuVPQ9 9 E& t9 PQ9 p& t9 PQ@ _9 MWQ9 ExPtpLHpH! 369 MW(9 MW9 MW9 MW^_]$V9 " D$tVcY9 ^j80@y9 0 }e< 9 ]9 w& & & }wt9 e& & tS9 R& tS9 T }tjXhf0 E0 E} tV9 9 u<j?w9 uhhJ V9 B jYP9 D 9 V9 Wh9 Zu9 ]+HPWEP9 > jVME jETYPM M\M9 RVP9 ME9 ME9 9 }9 'PM{9 E3E;t9 39 G<9 u9 }#VSSSQPR,9 9]tu9 M3;9 ;t9 z3dj[@}9 9 Whhj ?t& MejEP9 MR PMEu9 }& t9 3v<9 P9 R )9 v<9 9 }& t9 39 Pv<9 R& t9 MM ``9 D$;uP,9 L$I9 Au9 jP3V9 t$& u@ ,hpt$PUYY& t9 D$0 9 PQ3&@ ^A@,@ @ $9 D$@9 @xU9 V9 u& u@ 9hsuTYY& t9 E& tH30 9 PQ3VuuE^]U9 QQ9 ESV3W9 ; 9 ]; a9 URhsP0 u0 u& |}9 E;tvURu0 u9 PQ& |Y9utT9 MQhsW0 u& |?9ut:9 EURu0 u9 PQ& 9 E|0 C9 E0 E9 PQ9 E9 PQ9 E9 PQ9 E3_^[V9 t$& t,9 F& t%9 W6PQ9 9 F9 PQf&3& _3^l$9 ,@D$V9 ,tV" Y9 ^9 @`@@D$V9 F@,tVZY9 ^j@=9 0 ut~$9 E3P& ~ S9 & t9 j9 9 C0;|N<Ez9 ENE! MN" ! xSV9 9 ^8W~$9 ;~S9 9 L$P}F83@3_^[$U9 QeSV9 ^W9 & ~&}<EPW9 & uE9 {9E|3_^[3@V9 D$tV,Y9 ^j
Ansi based on Dropped File
(~WRD0000.doc)
v9 Wu- |$ts9 F;s9 Pj9 8& uW9 S3;_^V9 jjNR9 ^y$r9 AAV9 D$tVn}Y9 ^U9 9 ESVW9 }9 9Gs9 w9 E+9us9 u9 ;ujVu9 jCjV t7r9 9 Kr9 CC9 UVWQP^V9 Z_^9 []U9 VW9 }W9 e t~r9 FFu+WV9 >:ju9 * t(9 Nr9 FFuWQPu9 9 _^]U9 9 ESVW9 }9 9Gs9 w9 E+9us9 u9 ;ujV6u9 j*DjV t8r9 9 Kr9 CC9 UVWRQP!V9 q_^9 []V9 jF;jjt$9 I9 ^U9 VuEP9 0 VvMT EPMSt u9 EPuYY uMVvM M9 9 E9 I0 0 H^Vt$9 YPt$9 P^V9 jFjjt$9 ~9 ^U9 VW9 }W9 t ~r9 FFu+WV9 f:ju9 t(9 Nr9 FFuWQPu9 '9 _^]VW9 |$W9 X9 G0 F_9 ^j}V`9 0 u9 ueNRq9 9 Vt$9 R9 ^RfV9 RXD$tV`Y9 ^V9 jF]t$9 9 ^Vt$9 -}YPt$9 ^V9 jF:t$9 9 ^j}{0 9 0 u9 }WQ9 eWNR 9 (`Vt$9 R9 ^U9 V9 ~uuvjuX9 Es9 FSWV0MEPMq t%9 E9 }PWZYY Wu9 VvM EPM q9 } t*9 F9 @WPYY 9 FWp9 j9 EPWYY t;9 E0 E9 EM0 E 9 ]CWPYY t9 C x-W9 tSkuk9 EWPYY tg9 EVv0 E9 EM0 E M~EPMp9 ] uCPW^YY t$9 E9 H y-W9 tPjSju9 EWEP9 9 9 M0 9 @0 A9 _[^j0`! 9 uEP& 9 FVPMD EPMCp9 ] uCPuYY t=uM(eeEPSuEP9 9 9 @j0 MjM0 E Mp! Uhl$ 30 Ehj< 9 }tM,eM@LE P9 E_$SME0 ]DM EPM1eHMPMLELPE8 P9 EV5M'EPM8&o uM8Ao9 @0 EHjB! YuHM 0 E<MP9 EPhpSj.}H& 'ELP9 U9 M<0 EPM 9 E[0 EHEHPM~VMEPMPM@9 MD9 E0P9 9 EM09 E658: hSj& uHM58: WVMEMEjjML"!MEM EM@E0 MM]39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9Pt9 ku;rkM^;s9Pt3]5& wYj hF>30 }0 }9 ]Lt9 jY+t"+t+td+uD[y9 0 }& ua`w\9 ]9 9 Z9 t<t+Ht3PPPPPc
Ansi based on Dropped File
(~WRD0000.doc)
V9Ptku;rkM^;s9Pt3]5wYj hF>3}}]LtjY+t"+t+td+uD[y}ua`w\]Zt<t+Ht3PPPPPc
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@P39 _^3[N U9 SVW3jZG0 }Q( 9 3Y;ujXV9 EDPVS W0 } 9 ;uS YuVW^ 9 EMQWPVEPSuu@ 0 E=& S W YYVVVEPVVVVVVVu?0 }8 & t0 }E9 E3j@ZQc 9 Y; 99 EDPVS uA 9 ; >uVW EP9 EWPVEPSuu@ 0 E9uu/9 uj9 9 E@P9 xS9 u9 MW}S W 9 EYY_^[V9 D$tV'! Y9 ^D$V9 tV
Ansi based on Dropped File
(~WRD0000.doc)
V@@P3_^3[NUSVW3jZG}Q(3Y;ujXVEDPVSW};uSYuVW^EMQWPVEPSuu@E=SWYYVVVEPVVVVVVVu?}8t}EE3j@ZQcY;9EDPVSuA;>uVWEPEWPVEPSuu@E9uu/ujE@PxSuMW}SWEYY_^[VD$tV'Y^D$VtV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@Pru$ h|VjM]W3CFj(<O] 0 MuuuhVjjEPj3Suu0 ;t3" PhVAAQ73cM9 MeEPSu!9 & u9 E9Eu9 MEPMMC& tu$ h|Vj3@u j$_O}9 9 MPuuhHVj EPj3Wuu0 ;t$3" PhVAAQc3 MEPWu9 0 }Iu9 $ ;u/9 MEPKh|Vj3GMM9 3" h
Ansi based on Dropped File
(~WRD0000.doc)
V@@Pru$h|VjM]W3CFj(<O]MuuuhVjjEPj3Suu0;t3PhVAAQ73cMMeEPSu!uE9EuMEPMMCtu$h|Vj3@uj$_OMPuuhHVjEPj3Wuu0;t$3PhVAAQc3MEPWu}Iu$;u/MEPKh|Vj3GMM3h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VarFileInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
VdMuDhfEESPEPSShS@|EP&]VdMi3CM]MxMhMEP$MEXSt!jh|`M]]ZDEP/bhHcjWMc`jWMET`MELQMEPEPMEaMECZMQPMbWMbMjEP PMEaMEZM`QPMaWMaMFQPM=QP}RMVcM]EYEMYMEYM]YMEgE'MVhLrPVb]ME^gMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vdr"""t!)19"\dlt|""`BJ""mu}""\$"I"l"""P""-5=`kv~""H""@""Lckss{""" $,44<DNs{"`"""HDLV^fnv""".6","Yaiqy"6.OW"0z"t"""4"*2:BJR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vdr: " " " t!)19" \dlt|" x" `BJ" " mu}& " " " \$" I" l" " " P" R" -5=`kv~" " H" R" @" " Lckss{9 " " " $,44<DNs{S" `" " " HDLV^fnv: " " " .6" ," Yaiqy0 S" 6.OW" 0z" t" " " 4"*2:BJR
Ansi based on Dropped File
(~WRD0000.doc)
vE9 U9 jpQujWVpR $& tuuW9 4Ej*Y0 9 uvY9 e^[9 M39 U9 WuMe9 }EPu_ }YY_t9 Map9 U9 S39TuA9 E;uDSSSSSd3/9 8t)`
Ansi based on Dropped File
(~WRD0000.doc)
veMa}9 }tP?MY9 }P+9 9 ;9 =tDPMv0& t2j b,Y9 0 ME& tjw3Pj5(Ev0M9 }0 E9Et@PMLv0& t.j ,Y9 0 ME& tj&w3Pj5(v0MM&uR2j,&19 Mt30 u9uuN9<tF9 ;t59 0 E& ~'V9 kG& t9 <4PM! F;u|MMt
Ansi based on Dropped File
(~WRD0000.doc)
veM}tP?MYP+;=tDPMv0t2j b,YMEtjw3Pj5(Ev0ME9Et@PMLv0t.j ,YMEtj&w3Pj5(v0MM&u2j,&1Mt3u9uuN9<tF;t5E~'VkGt<4PMF;u|MMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0 "0
Ansi based on Dropped File
(~WRD0000.doc)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0"0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA76dv2ew0* H
Ansi based on Dropped File
(~WRD0000.doc)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA76dv2ew0*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VerQueryValueWGetFileVersionInfoWGetFileVersionInfoSizeWVERSION.dllRObtainUserAgentStringfURLDownloadToFileWurlmon.dllCCloseHandlewReleaseMutexGetLastErrorCreateMutexW.TerminateThreadGetExitCodeThreadCreateThreadGetModuleFileNameWGetModuleHandleWfGetTickCountLFreeLibrary GetProcAddressLoadLibraryWGetCurrentThreadIdKERNEL32.dllGetStockObjectfSetBkModeDeleteObjectQRoundRect^SelectObjectICreatePenRCreateSolidBrushDeleteDCBitBltFRectangleExcludeClipRect-CreateCompatibleBitmap.CreateCompatibleDCeSetBkColorSetTextColorGetLayoutGetTextColor2FrameRgnMCreateRectRgnGDI32.dllShellExecuteW#Shell_NotifyIconWSHELL32.dllCLSIDFromStringkCoUninitialize=CoInitialize;StringFromGUID2CoCreateGuidIIDFromStringole32.dllOLEAUT32.dllGetProcessMemoryInfoPSAPI.DLLEPathFileExistsWSHLWAPI.dll_TrackMouseEventCOMCTL32.dllsInternetCrackUrlWeInternetCanonicalizeUrlAInternetReadFilejInternetCloseHandleInternetOpenUrlWInternetSetOptionWInternetOpenWWININET.dllLReleaseDCGetDC9GetLastInputInfoJRegisterWindowMessageWOGetMonitorInfoAMonitorFromRectGetClassNameWEnumChildWindowsSystemParametersInfoWlGetSysColor~SetLayeredWindowAttributesEndDialogEnableWindowDialogBoxParamW]CreateDialogParamWSetWindowRgnSetWindowTextW*CharLowerBuffAOCopyRect(GetIconInfoKReleaseCaptureGetCapturegSetCaptureGetWindowTextWDrawFocusRectInflateRectGetAsyncKeyStateIsWindowUnicodeoGetSystemMetricsIsChildDrawIconExDispatchMessageWTranslateMessagecSendMessageWCryptMsgCloseCertCloseStore?CertFreeCertificateContextJCertGetNameStringWICertGetNameStringA5CertFindCertificateInStoreCryptMsgGetParamCryptQueryObjectCRYPT32.dllMultiByteToWideCharzWideCharToMultiByteGetModuleHandleALockResourceLoadResource9FindResourceWLocalFreeLocalAlloc3OpenProcessGetCurrentProcessIdGetCurrentProcessuGetVersionExADeleteFileWSetFileAttributesWGetFileAttributesW-TerminateProcessMulDivlstrcpyWInterlockedDecrementInitializeCriticalSectionDeleteCriticalSectionEnterCriticalSectionLeaveCriticalSectionxGetComputerNameW;OutputDebugStringWGetFileSizeCreateFileWhReadFileFindClose$FindFirstFileWeCopyFileWRemoveDirectoryWMoveFileExW0FindNextFileWOGetSystemTimeAsFileTime SizeofResourceSetThreadPriorityGetCurrentThreadGetLongPathNameWGlobalFreeGlobalUnlockLoadLibraryAGlobalLockGlobalAlloc!Sleep2TlsAlloc4TlsGetValue5TlsSetValueSetFileTimeLocalFileTimeToFileTimeDosDateTimeToFileTimeSetFilePointer*SystemTimeToFileTimeqCreateDirectoryWWriteFileGetLocalTimeHeapFree#GetProcessHeapRtlUnwind>UnhandledExceptionFilterSetUnhandledExceptionFilterIsDebuggerPresentZRaiseExceptionExitThreadResumeThreadoGetCommandLineAHeapAllocHeapReAllocMoveFileWGetConsoleCPGetConsoleModeGetFileType3TlsFreeInterlockedIncrementSetLastErrorHeapSizeExitProcess;GetStdHandleGetModuleFileNameASetHandleCount9GetStartupInfoAJFreeEnvironmentStringsAGetEnvironmentStringsKFreeEnvironmentStringsWGetEnvironmentStringsWHeapCreateHeapDestroyWVirtualFreeTQueryPerformanceCounter[GetCPInfoRGetACPGetOEMCPIsValidCodePageLCMapStringWTVirtualAllocLCMapStringA=GetStringTypeA@GetStringTypeWAFlushFileBuffersSetStdHandleWriteConsoleAGetConsoleOutputCPWriteConsoleWSetEndOfFileInterlockedExchangeInitializeCriticalSectionAndSpinCountGetLocaleInfoAxCreateFileALineTo!MoveToExSetWindowOrgExGetWindowOrgEx>CreateFontIndirectWGetDeviceCapsxSetLayout!CombineRgnGetObjectA$OffsetRgn`GdiFlushCRealizePalette_SelectPalette4PlgBltSetPixelGetPixelGetBkColorGetBkModeSetSecurityDescriptorSaclGGetSecurityDescriptorSaclmConvertStringSecurityDescriptorToSecurityDescriptorASetSecurityDescriptorDaclqInitializeSecurityDescriptorQGetSidSubAuthorityRGetSidSubAuthorityCountTGetTokenInformationOpenProcessToken*RegCloseKey3RegCreateKeyExWhRegQueryValueExW[RegOpenKeyExWxRegSetValueExWbRegQueryInfoKeyW6RegCreateKeyW>RegDeleteKeyWJRegEnumKeyW^RegOpenKeyWBRegDeleteValueWIRegEnumKeyExWLRegEnumValueWADVAPI32.dllSHGetFolderPathWSHCreateDirectoryExWCoCreateInstancegCoTaskMemFreeCreateStreamOnHGlobalKNffff+Bhfgg(g:gAlert.dllDllCanUnloadNowDllGetClassObjectDllOnUpdateFinishDllRegisterServerDllUnregisterServer,U.?AVCAlertAboutBoxDlg@@U.?AVCAlertDialog@@U.?AVCMyDialog@@U.?AVCWebBrowserContainer@@U.?AVCContainer@@U.?AVCUnknown@@U.?AUIUnknown@@U.?AUIOleClientSite@@U.?AUIOleInPlaceSite@@U.?AUIOleWindow@@U.?AUIOleInPlaceFrame@@U.?AUIOleInPlaceUIWindow@@U.?AUIOleControlSite@@U.?AUIDocHostUIHandler@@U.?AUIOleCommandTarget@@U.?AUINewWindowManager@@U.?AUIServiceProvider@@U.?AVCWebBrowserDispatcher@@U.?AVCDispatcher@@U.?AUIDispatch@@U.?AVCSeed@@U.?AUIElementBehavior@@U.?AUIElementBehaviorFactory@@U.?AUIHTMLPainter@@,U.?AVbad_alloc@std@@U.?AVexception@std@@U.?AVCAlertFeedItem@@U.?AVCAlertChannelItem@@U.?AVCMapStringPtrW@@U.?AVCAlertALPResponseObject@@U.?AVCAlertChannelsList@@U.?AVlogic_error@std@@U.?AVlength_error@std@@U.?AVCAlertClient@@U.?AVCAbstractAlert@@U.?AVCAlertExpirationData@@U.?AVCRSSAlert@@U.?AVCInstantAlert@@,U.?AVCAlertDialogChildButton@@U.?AVCDialogChildButton@@U.?AVCChildButton@@U.?AVCMyWnd@@U.?AVCAlertDialogChildButtonCheckBox@@U.?AVCDialogChildButtonCheckBox@@,U.?AVCAlerter@@,U.?AVCAlertGui@@,U.?AVCAlertHTMLDialog@@U.?AVCHTMLDialog@@U.?AVCHTMLDialogBrowserContainer@@U.?AVCAlertHTMLDialogBrowserContainer@@,U.?AVout_of_range@std@@U.?AUIInternetSecurityManager@@,U.?AVCAlertHttpManager@@U.?AVCAlertLogger@@U.?AVCLogger@@U.?AVCSingletonSeed@@U.?AVCReferencedSeed@@U.?AVIDefaultTranslationsLoader@@U.?AVCAlertLP@@,U.?AVCAlertManager@@U.?AVCAppManager@@U.?AVCAlertAppManagerFact@@U.?AVCAppManagerFact@@,U.?AVCAlertOptionsDialog@@,U.?AVCAlertOptionsDialogTitleBar@@U.?AVCAlertTitleBar@@U.?AVCMyTitleBar@@,U.?AVCAlertOptionsDialogWindowStyle@@U.?AVCAlertWindowStyle@@U.?AVCWindowStyle@@,U.?AVCPopUpWindow@@U.?AVCBaseWnd@@U.?AVCAlertResourceBank@@U.?AVCResourceBank@@,U.?AVCAlertSingletonAllocator@@U.?AVCSingletonAllocator@@,U.?AVCAlertTrayIcon@@U.?AVCMyTrayIcon@@,U.?AVCAlertViewRecentPopUpWindow@@,U.?AVCAutoUpdateThread@@,U.?AVCClassFactory@@U.?AUIClassFactory@@,U.?AVIAlertResultEvents@@U.?AVCConduitAlert@@U.?AUIConduitAlert2@@U.?AUIConduitAlert@@U.?AVCEventAlertClient@@U.?AVCEventGeneral@@U.?AVCEventAlertGui@@U.?AVCEventLogic@@U.?AVCEventUsage@@,U.?AVCLogic@@U.?AVCNotificationsItem@@U.?AVCRSSItem@@U.?AVCNotificationsFeed@@U.?AVCRSSFeed@@U.?AVCServiceMapManager@@U.?AVCTrayIconPopUpMenu@@U.?AVCStringBufferW@@U.?AVCSyncMapStringPtrW@@U.?AVCArrayStringW@@U.?AVGdiplusBase@Gdiplus@@U.?AVCUtils@@,U.?AVCSingletonManager@@,U.?AVCEventSingleton@@U.?AVCEventSingletonGeneral@@U.?AVCAtlException@ATL@@U.?AVCStringTokenizerW@@U.?AVCXmlNode@@U.?AVCArrayPtr@@U.?AVCMapPtr@@U.?AVCCritical@@U.?AVCSyncMapPtr@@U.?AVCFileHandler@@'p'U.?AVCCommandId@@U.?AV_com_error@@U.?AVCXmlDocument@@U.?AVCRegValue@@U.?AVCSetupRegW@@U.?AVCEventHttpRequest@@U.?AVCEventHttpReply@@U.?AVCDialogChildButtonStatic@@U.?AVCDialogLineDivider@@,U.?AVCMovingFrame@@,U.?AVCJsonValue@@U.?AVCJson@@U.?AVCJsonObjectPairValue@@U.?AVCJsonObject@@U.?AVCJsonArray@@U.?AVCJsonNull@@U.?AVCJsonString@@U.?AVCJsonNumber@@U.?AVCJsonBoolean@@,U.?AVCJob@@U.?AVCThreadPool@@U.?AVCDummyJob@@,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VerQueryValueWGetFileVersionInfoWGetFileVersionInfoSizeWVERSION.dllRObtainUserAgentStringfURLDownloadToFileWurlmon.dllCCloseHandlewReleaseMutexGetLastError}CreateMutexW.TerminateThreadGetExitCodeThreadCreateThreadGetModuleFileNameWGetModuleHandleWfGetTickCountLFreeLibrary GetProcAddressLoadLibraryWGetCurrentThreadIdKERNEL32.dllGetStockObjectfSetBkModeDeleteObjectQRoundRect^SelectObjectICreatePenRCreateSolidBrushDeleteDCBitBltFRectangleExcludeClipRect-CreateCompatibleBitmap.CreateCompatibleDCeSetBkColorSetTextColorGetLayoutGetTextColor2FrameRgnMCreateRectRgnGDI32.dllShellExecuteW#Shell_NotifyIconWSHELL32.dllCLSIDFromStringkCoUninitialize=CoInitialize;StringFromGUID2CoCreateGuidIIDFromStringole32.dllOLEAUT32.dllGetProcessMemoryInfoPSAPI.DLLEPathFileExistsWSHLWAPI.dll _TrackMouseEventCOMCTL32.dllsInternetCrackUrlWeInternetCanonicalizeUrlA~InternetReadFilejInternetCloseHandleInternetOpenUrlWInternetSetOptionW"!InternetOpenWWININET.dllLReleaseDCGetDC9GetLastInputInfoJRegisterWindowMessageWOGetMonitorInfoAMonitorFromRectGetClassNameWEnumChildWindowsSystemParametersInfoWlGetSysColor~SetLayeredWindowAttributesEndDialogEnableWindowDialogBoxParamW]CreateDialogParamWSetWindowRgnSetWindowTextW*CharLowerBuffAOCopyRect(GetIconInfoKReleaseCaptureGetCapturegSetCaptureGetWindowTextWDrawFocusRectInflateRectGetAsyncKeyStateIsWindowUnicodeoGetSystemMetricsIsChildDrawIconExDispatchMessageWTranslateMessagecSendMessageWCryptMsgCloseCertCloseStore?CertFreeCertificateContextJCertGetNameStringWICertGetNameStringA5CertFindCertificateInStoreCryptMsgGetParamCryptQueryObjectCRYPT32.dllMultiByteToWideCharzWideCharToMultiByteGetModuleHandleALockResourceLoadResource9FindResourceWLocalFreeLocalAlloc3OpenProcessGetCurrentProcessIdGetCurrentProcessuGetVersionExADeleteFileWSetFileAttributesWGetFileAttributesW-TerminateProcessMulDivlstrcpyWInterlockedDecrementInitializeCriticalSectionDeleteCriticalSectionEnterCriticalSectionLeaveCriticalSectionxGetComputerNameW;OutputDebugStringWGetFileSizeCreateFileWhReadFileFindClose$FindFirstFileWeCopyFileW RemoveDirectoryWMoveFileExW0FindNextFileWOGetSystemTimeAsFileTime SizeofResourceSetThreadPriorityGetCurrentThreadGetLongPathNameWRGlobalFree GlobalUnlockLoadLibraryAGlobalLock& GlobalAlloc!Sleep2TlsAlloc4TlsGetValue5TlsSetValueSetFileTimeLocalFileTimeToFileTimeDosDateTimeToFileTimeSetFilePointer*SystemTimeToFileTimeqCreateDirectoryWWriteFileGetLocalTimeHeapFree#GetProcessHeap RtlUnwind>UnhandledExceptionFilterSetUnhandledExceptionFilterIsDebuggerPresentZRaiseExceptionExitThreadResumeThreadoGetCommandLineAHeapAllocHeapReAllocMoveFileWGetConsoleCP" GetConsoleModeGetFileType3TlsFreeInterlockedIncrementSetLastErrorHeapSizeExitProcess;GetStdHandleGetModuleFileNameASetHandleCount9GetStartupInfoAJFreeEnvironmentStringsAGetEnvironmentStringsKFreeEnvironmentStringsWGetEnvironmentStringsWxHeapCreateHeapDestroyWVirtualFreeTQueryPerformanceCounter[GetCPInfoRGetACPGetOEMCPIsValidCodePageLCMapStringWTVirtualAllocLCMapStringA=GetStringTypeA@GetStringTypeWAFlushFileBuffersSetStdHandle WriteConsoleA"!GetConsoleOutputCPRWriteConsoleWSetEndOfFileInterlockedExchangeInitializeCriticalSectionAndSpinCountGetLocaleInfoAxCreateFileALineTo!MoveToEx SetWindowOrgExGetWindowOrgEx>CreateFontIndirectWGetDeviceCapsxSetLayout!CombineRgnGetObjectA$OffsetRgn`GdiFlushCRealizePalette_SelectPalette4PlgBlt SetPixelGetPixel GetBkColor GetBkModeSetSecurityDescriptorSaclGGetSecurityDescriptorSaclmConvertStringSecurityDescriptorToSecurityDescriptorASetSecurityDescriptorDaclqInitializeSecurityDescriptorQGetSidSubAuthorityRGetSidSubAuthorityCountTGetTokenInformationOpenProcessToken*RegCloseKey3RegCreateKeyExWhRegQueryValueExW[RegOpenKeyExWxRegSetValueExWbRegQueryInfoKeyW6RegCreateKeyW>RegDeleteKeyWJRegEnumKeyW^RegOpenKeyWBRegDeleteValueWIRegEnumKeyExWLRegEnumValueWADVAPI32.dllSHGetFolderPathW`SHCreateDirectoryExWCoCreateInstancegCoTaskMemFree& CreateStreamOnHGlobalKNffff+Bhfgg(g:gAlert.dllDllCanUnloadNowDllGetClassObjectDllOnUpdateFinishDllRegisterServerDllUnregisterServer,0 U.?AVCAlertAboutBoxDlg@@U.?AVCAlertDialog@@U.?AVCMyDialog@@U.?AVCWebBrowserContainer@@U.?AVCContainer@@U.?AVCUnknown@@U.?AUIUnknown@@U.?AUIOleClientSite@@U.?AUIOleInPlaceSite@@U.?AUIOleWindow@@U.?AUIOleInPlaceFrame@@U.?AUIOleInPlaceUIWindow@@U.?AUIOleControlSite@@U.?AUIDocHostUIHandler@@U.?AUIOleCommandTarget@@U.?AUINewWindowManager@@U.?AUIServiceProvider@@U.?AVCWebBrowserDispatcher@@U.?AVCDispatcher@@U.?AUIDispatch@@U.?AVCSeed@@U.?AUIElementBehavior@@U.?AUIElementBehaviorFactory@@U.?AUIHTMLPainter@@,0 U.?AVbad_alloc@std@@U.?AVexception@std@@U.?AVCAlertFeedItem@@U.?AVCAlertChannelItem@@U.?AVCMapStringPtrW@@U.?AVCAlertALPResponseObject@@U.?AVCAlertChannelsList@@U.?AVlogic_error@std@@U.?AVlength_error@std@@U.?AVCAlertClient@@U.?AVCAbstractAlert@@U.?AVCAlertExpirationData@@U.?AVCRSSAlert@@U.?AVCInstantAlert@@,0 U.?AVCAlertDialogChildButton@@U.?AVCDialogChildButton@@U.?AVCChildButton@@U.?AVCMyWnd@@U.?AVCAlertDialogChildButtonCheckBox@@U.?AVCDialogChildButtonCheckBox@@,0 U.?AVCAlerter@@,0 U.?AVCAlertGui@@,0 U.?AVCAlertHTMLDialog@@U.?AVCHTMLDialog@@U.?AVCHTMLDialogBrowserContainer@@U.?AVCAlertHTMLDialogBrowserContainer@@,0 U.?AVout_of_range@std@@U.?AUIInternetSecurityManager@@,0 U.?AVCAlertHttpManager@@U.?AVCAlertLogger@@U.?AVCLogger@@U.?AVCSingletonSeed@@U.?AVCReferencedSeed@@U.?AVIDefaultTranslationsLoader@@U.?AVCAlertLP@@,0 U.?AVCAlertManager@@U.?AVCAppManager@@U.?AVCAlertAppManagerFact@@U.?AVCAppManagerFact@@,0 U.?AVCAlertOptionsDialog@@,0 U.?AVCAlertOptionsDialogTitleBar@@U.?AVCAlertTitleBar@@U.?AVCMyTitleBar@@,0 U.?AVCAlertOptionsDialogWindowStyle@@U.?AVCAlertWindowStyle@@U.?AVCWindowStyle@@,0 U.?AVCPopUpWindow@@U.?AVCBaseWnd@@U.?AVCAlertResourceBank@@U.?AVCResourceBank@@,0 U.?AVCAlertSingletonAllocator@@U.?AVCSingletonAllocator@@,0 U.?AVCAlertTrayIcon@@U.?AVCMyTrayIcon@@,0 U.?AVCAlertViewRecentPopUpWindow@@,0 U.?AVCAutoUpdateThread@@,0 U.?AVCClassFactory@@U.?AUIClassFactory@@,0 U.?AVIAlertResultEvents@@U.?AVCConduitAlert@@U.?AUIConduitAlert2@@U.?AUIConduitAlert@@U.?AVCEventAlertClient@@U.?AVCEventGeneral@@U.?AVCEventAlertGui@@U.?AVCEventLogic@@U.?AVCEventUsage@@,0 U.?AVCLogic@@U.?AVCNotificationsItem@@U.?AVCRSSItem@@U.?AVCNotificationsFeed@@U.?AVCRSSFeed@@U.?AVCServiceMapManager@@U.?AVCTrayIconPopUpMenu@@U.?AVCStringBufferW@@U.?AVCSyncMapStringPtrW@@U.?AVCArrayStringW@@U.?AVGdiplusBase@Gdiplus@@U.?AVCUtils@@,0 U.?AVCSingletonManager@@,0 U.?AVCEventSingleton@@U.?AVCEventSingletonGeneral@@U.?AVCAtlException@ATL@@U.?AVCStringTokenizerW@@U.?AVCXmlNode@@U.?AVCArrayPtr@@U.?AVCMapPtr@@U.?AVCCritical@@U.?AVCSyncMapPtr@@U.?AVCFileHandler@@'p'U.?AVCCommandId@@U.?AV_com_error@@U.?AVCXmlDocument@@U.?AVCRegValue@@U.?AVCSetupRegW@@U.?AVCEventHttpRequest@@U.?AVCEventHttpReply@@U.?AVCDialogChildButtonStatic@@U.?AVCDialogLineDivider@@,0 U.?AVCMovingFrame@@,0 U.?AVCJsonValue@@U.?AVCJson@@U.?AVCJsonObjectPairValue@@U.?AVCJsonObject@@U.?AVCJsonArray@@U.?AVCJsonNull@@U.?AVCJsonString@@U.?AVCJsonNumber@@U.?AVCJsonBoolean@@,0 U.?AVCJob@@U.?AVCThreadPool@@U.?AVCDummyJob@@,0
Ansi based on Dropped File
(~WRD0000.doc)
VERSION.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Version:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Version:P>* The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.P Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.H MS Shell DlgP?x2 OKPtx2 Cancel@[SysTreeView32P P P P9 Show icon in system trayP| Alerts enabledP h MS Shell Dlg( !fS
Ansi based on Dropped File
(~WRD0000.doc)
Version:P>*The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.P Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.HMS Shell DlgP?2OKPt2Cancel@[SysTreeView32PPPPShow icon in system trayP|Alerts enabledPhMS Shell Dlg( !f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vEUjpQujWVpR$tuuW4Ej*YuvYe^[M3UWuMe}EPu_}YY_tMapUS39TuAE;uDSSSSSd3/8t)
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VF@F@@Fp)FydG@MWS@EUQVQeeu]^jHM]{t2hMkeEPMYkhEPE41Mzt{CxtEH9;uvsuwMA9Xux9u>~I9utxtEH9Yu}tGBxtQ\B;Cupuw>SKAMI9YuAK9uAKHKQP+YY{;ulFxu@VF^Fxu}yuHythHyuAMP@jFNHMF@V@~xu@VF7xuHyu"yu@vMA;x?7yuHAMP@NHMFV@GjSYMAvHAuuuE=jHVM]{!t2hMUieEPMhhEPE4MDz!t{Cx!tEH9;uv!suwMA9Xux9u>~I9u!tx!tEH9Yu}!tGBx!tQ\B;Cu!puw>SKAMI9YuAK9uAKHK Q PYY{ ;ulFx u@ VF Fx!u}y uHy thHy uA MP@ $FN H MF @V@ ~x u@ VF x!uHy u"y u@ vMA;x?7y uHA MP@ `N H MF V@ G j0SYMAvHAuuuWEUEVuEFENF5fEF,F-^]Vt$g4^USVWGpEMFPD}Et6v~!tWSM}tLGW0MEPMt&uSjEPLEIH@2MfuuN|tuSuEMp@_^[USVWGpEMFP||Et6v~tWSMQ}tLGW0M=EPM<t&uSjEPEIH@2M`uuN{tuSuEMp@_^[UV~uuvjuEgFSWV0MEPMt$E}P{WuVvMWEPMV}t'FHWB{FWpjEP{t8EEEME]WKztCx!WtSgugMWztfEVvEEMEMEPM]uCPzt$EHy!WtPjSjuEWEPM@A_[^j;ZuQeeu9eIj;%uQeeueUQQVFV0MEPMt/VvMEPMtulOEPM{u/SW}]MlSWEPEPMNt_[uuuE^UVVvMFV0MuEuuuPvffY^UQQVFV0MEPMt/VvMEPMturOEPMu/SW}]MSWEPEPMTt_[uuuE^jd}jjSeYYuuEtuuuuuAu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vj0 E EPjjSW0 3;t3" PhXVAAQw3hf0 ERE}WPQ WWWWE PERPWuE D u9 $ ;u!9 M ERPh|Vj13@3" Sh@
Ansi based on Dropped File
(~WRD0000.doc)
VjEEPjjSW03;t3PhXVAAQw3hfEEWPQWWWWEPEPWuEDu$;u!MEPh|Vj13@3Sh@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vk35+Eh +0 u0 E0 }0 Ud0 Vy 9 j Yu9 SY9 Y_[^tV9 t$& ujaX^~|tVY6VVYY3^U9 QQSW9 }3;ujaXC9_t9_|tW|YEPEPEPW& tj"!Vh 9 Y;t'h@Y9 M0 ND9 M0 0 NH0 ^L;uV~YjX0 ^@9 O<39_40 NT0 ^P9 O4 0 Nd9 0 N`9 O0 Nh0 ^;uFP0 ^$0 ^(0 ^,aY& uF@9 G@0 FX9 GD0 F\`G0$Fl9 G0t`G9`G? Fl0 F|9 E^pxV4Ft0 gE#FxxV40 E& t9 E tPSEYYu9 Gx9 MfD0 F<0 w|3^_[U9 QQ9 UW30 }0 };t9 E;ujaXV9 p|;uja9>ujSX9 M;u39 E0 F9 F\0 N;v0 FS9~ 9 U~& 9 FX& & @;s
Ansi based on Dropped File
(~WRD0000.doc)
Vk35+Eh+uE}UdVyj YuSYY_[^tVt$ujX^~|tVY6VVYY3^UQQSW}3;ujXC9_t9_|tW|YEPEPEPWtjVhY;t'h@YMNDMNH^L;uV~YjX^@O<39_4NT^PO4NdN`ONh^;uFP^$^(^,YuF@G@FXGDF\G0$FlG0tG9G?FlF|E^pxV4FtgE#FxxV4EtEtPSEYYuGxMfDF<w|3^_[UQQUW3}};tE;ujXVp|;uj9>ujXM;u3EFF\N;vFS9~U~FX@;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vl$Yul$$vl$ul$8ul$.ul$ l$ul$ ul$Xul$tl$tl$Sul$$ ul$ tl$~ul$dul$Pjul$]ul$$Stl$Iul$/ul$ l$(ul$gtl$ul$tl$Xul$Pt9 9 V9 9 }D$tV9Y9 ^|$v9 L$9 D$f9 f;u
Ansi based on Dropped File
(~WRD0000.doc)
vl$Yul$$vl$ul$8ul$.ul$l$ul$ ul$Xul$tl$tl$ul$$ul$ tl$~ul$dul$Pjul$]ul$$tl$Iul$/ul$l$(ul$gtl$ul$tl$Xul$PtV}D$tV9Y^|$vL$D$ff;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VMF@,F@@,FpRFy,dG@MWS@,CE>j`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VP3@^]L$IAujP3Vrf^j+yuFetPQfMP'j.BH~u%jPEYMet3MF!FtPQFVW39~tG_^VNtc^Vl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VP9 >;tW9 Mh\EPEM0 }!& uEP}0u9 uuuuMM9 )9 3x9 j<2~MdeEPMK9 MPEA0ME(9 M&!& t3MM39 ~9 Mh03FU9 V9 9 M & t3*u9 m9 M & u9 M9 MP03@^]jY9 MeEPu9 & tVM & uJMuMhRE@PMuuMh'PMMEpMM'j(1S9 eM^EPu3C9 0 ]& txM& ulM2MEEPhRME PM9 M& u(jh|9 ,M0 ]EM]&EPG09 Mjh|9 ,0 ]ME&9 ESj9: 9 0*M0 u! eEPu9 "& tIM& u=M;EPhMEPMqEM& u9 u9 uMM9&9 ASj<2Z: MeEPMt9 MPE`-ME%9 Mo& t3MM|9 : 9 Mh9.3FV9 9 L$5& t3%t$9 n& t9 L$9 L$P-3@^ja9 9 M& & 9 M& & M)eEPu9 & txM& ulMMEME9 M9 9 E0^PMUPVMM9 E: MEMM$9 MM$3aj"!9 9 M& & 9 M& & MOeEPu9 & tvM& ujMMEMEu9 M9 PM}PVMM9 EMEMM#9 MM#3"!j19 ejh0M)eEPEPu9 MM`# "!j19 ejh0M=)eEPEPu9 MM9 =#9 E"!D$V9 tV^"!Y9 ^j1A9 jM"!YjhHM0 E(eEPEPu9 YMM9 "9 j1 9 ejhHM{(eEPEPu9 MM9 {"9 #E|j1" 9 jYjhhM0 E(eEPEPu9 MM9 "9 &j1? 9 ejhhM'eEPEPu9 8MM9 !9 #E j`'2 9 eM 9 u3Ch9 0 ]6& t~j9 PMU'hMEB)M EPM EPME(ME7!M" PM~)M EM]!>EPV9 E& u!E9 MEP! ')9 KPMT)hRM(9 MEP*M0 ]E 9 E j1" 9 ujh0M0 E]&eEPEPu9 MM_ i j1 " 9 uEP3M0 u& tMM 9 ( u9 L9 & 3FjF 9 0 u+<Y}39 }W9 & <|9 u+ Q|W9 W9 4& uW9 ;SVWj9 " Yt$9 9 9 & 3+;+Xt$9 H& 3@3;S9 _^[j R2o 9 uEP 9 MeP&MM9 M}& uP9 Mhx& t?uEP9 (9 M3FP0 uc&MM9 E9 E9 3 j0& 2 9 Mu3M0 ]hMEPEPEPEPu9 E0 ];thM& u\M& uPSMOuEuMP9 E0EPEMEoM]MM3@M]MM3 j<2 9 MReEPM~2jhME3" E0 M! MM9 jx3~ eM;9 M3C0 ]& t9 MEP &0 ]|2jSu|E& u9 MEP\&0 ]| 9 & tEP9 ~hMEw& u<h 9 & t$MQ9 PME0$MEM9 MEP%M0 ]Eu|]ME[9 Eb Ul$ 30 & hF3` 9 & 0 EDVh;jj& \3P0 }9 EPE0 }PP 9 ;uKVjj& \PESM39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
VP>;tWMh\EPEM}!uEP0uuuuuMM)3j<2MdeEPMKMPEA0ME(M&!t3MM3Mh03FUVM t3*umM uMMP03@^]jYMeEPutVM uJMuMhE@PMuuMh'PMMEpMM'j(1eM^EPu3C]txMulM2MEEPhMEPMMu(jh|,M]EM]&EPG0Mjh|,]ME&Ej90*MueEPu"tIMu=M;EPhMEPMqEMuuuMM9&Aj<2ZMeEPMtMPE-ME%Mot3MM|Mh9.3FVL$5t3%t$ntL$L$P-3@^jMMM)eEPutxMulMMEMEME0^PMUPVMMEMEMM$MM$3jMMMOeEPutvMujMMEMEuMPM}PVMMEMEMM#MM#3j1ejh0M)eEPEPuMM#j1ejh0M=)eEPEPuMM=#ED$VtV^Y^j1AjMYjhHME(eEPEPuYMM"j1ejhHM{(eEPEPuMM{"#E|j1jYjhhME(eEPEPuMM"&j1?ejhhM'eEPEPu8MM!#Ej`'2eMu3Ch]6t~jPMU'hMEB)MEPMEPME(ME7!MPM)MEM]!>EPVEu!EMEP')KPMT)hM(MEP*M]E Ej1ujh0ME]&eEPEPuMM_ ij1uEP3MutMM (uL3FjFu+<Y}3}W<|u+Q|WW4uW;SVWjYt$3+;+Xt$H3@3;_^[j R2ouEPMeP&MMMuPMht?uEP(M3FPuc&MMEE3j02Mu3M]hMEPEPEPEPuE];thMu\MuPSMOuEuMPE0EPEMEoM]MM3@M]MM3j<2MReEPM2jhME3EMMMjx3eM;M3C]tMEP&]|2jSu|EuMEP\&]|tEPhMEwu<ht$MQPME0$MEMMEP%M]Eu|]ME[EbUl$3hF3`EDVh;jj\3P}EPE}PP;uKVjj\PEM3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vq9 9D$r3t$9 "^U9 QeEPu`" #Et$& tV9 p& u39 9 P#^j %9 }u3,juMSeEP9 MM9 9 SVW9 9 L$h|u~9 9 3& ~1W9 !& tt$9 9 RC;}9 L$h9 7~G;|9 L$hx$~_^[j9[o9 0 uej
Ansi based on Dropped File
(~WRD0000.doc)
Vq9D$r3t$"^UQeEPu#Et$tVpu3P#^j%}u3,juMeEPMMSVWL$h|u3~1W!tt$RC;}L$h7G;|L$hx$_^[j9[ouej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
VST{TTTU+VU9 0 }0 u9 u9 }9 M: fofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fp Iu9 u9 }9 ]U9 0 }0 u0 ]9 ]9 "!9 9 E3+3+"!9 3+3+9 uJ9 u9 0 M;t+VSP'9 E9 M& tw9 ]9 U+0 U+0 ]9 u9 }9 M9 ES;u50 M9 u9 }9 M9 MM9 UU9 E+EPRQL9 E9 u9 }9 M9 9 9 E9 ]9 u9 }9 ]-t"t
Ansi based on Dropped File
(~WRD0000.doc)
VST{TTTU+VU}uu}MfofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fpIuu}]U}u]]E3+3+3+3+uJuM;t+VSP'EMtw]U+U+]u}MES;u5Mu}MMMUUE+EPRQLEu}ME]u}]-t"t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vt$PtWP_^j[&eEP7EMMFzjE}t@MW[uehX'h&hMv_u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vt$u3 W|$tWPtPQ>_^D$jh01fH@1VjXfD$FtPQ^Vt$fFu9D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vT9 vP~\9 n& u9 E;F<u9 j9 }3?9 Su9 P9 9 E;F<u~pu9 9 P89 EFp& t9 PQ9 W _^[]U9 QQV9 u0 M& 9 F er&9 fx@u9 @H& t9 URhlrP& }e9 9 H3f9S 3W0 U9 H& t9 Y9 @83& tf8u9 @& t9 9 E9 M;A<u9 M9 SWURuP$_[& |}9 9 @t3f0 9 E& t9 PQ3W ^SVWh|9 hj9 IG$P9 _9 9 Nx*UV9 9 & tU9 U YV9 Ny]_^[jL?p
Ansi based on Dropped File
(~WRD0000.doc)
vTvP~\nuE;F<uj3?SuPE;F<u~puP8EFptPQW_^[]UQQVuMFer&fx@u@HtURhlrP}eH3f9S3WUHtY@83tf8u@tEM;A<uMSWURuP$_[|}@t3fEtPQ3W^SVWh|hjIG$P_Nx*UV tUUYV Ny]_^[jL?p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vu3_^$D$V$tVgY^jovfu&fNeN'gVjKg+FY3;F^j,&fMkeVMMMafj,&eM3veh~WMvMhWMMvfj,&eMeFPh~WMVhWMMM#fL$HH?Bj"eyua$eVW|$jrFtP8*_@^VW|$j>Ft
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vu3M0 E;t9 PS9 R9 EU9 SV9 9 F3;t9 PQ0 ^WE~P9 D&9 M;t9 j0 ]EPEP9 +&& u9 S9 PE(P9 /EPEP9 d_9 M;t9 j0 ]EPEP9 B& u9 S9 P3^@[SUV9 t$Wh9 U9 SW9 WS9 Uh9 9 _^3]@[jRM#S9 0 u~9 e^(9 ;9 fj%9 E9 j%9 P9 9 SjRM: 9 0 uEN(E4MN(pSV9 D$tVRSY9 ^jMo: 9 30 }M9=@& & & 9~ `Mj3f0 MPMwpMEOPhRdSj89 F9 9 uP 9 3& VhS& PEPMM9 %3& u@MMv%3~: j4Ma9 3M0 ]H3SEPuM0 ];9 M~{M9 & v9 MSf<tC;r0 ]}9 MER+}EWuP0}Et(uEPMk.PMEU,ME$MPMoo9 E3E;t9 39 F9 }WQP 9 ;t@9 F9 SP 9 9 F9 SP ;u 9 E;t9 39 v9 URPV 9 9 M;tzt0 ]ME'$PMn9 EE& t9 39 F9 }WQP 9 & tB9 F9 jP 9 9 F9 jP & u 9 E& t9 39 v9 URPV 9 9 M& tse0 Ef9EuM 13& u@_!MMk13s"!j R9 9 E& t 9 ]9 PuhVj9 9 a& & & S9 "!& t3@}uh`iSM:,eEP9 EP9 ]9 & t
Ansi based on Dropped File
(~WRD0000.doc)
vu3ME;tPSREUSVF3;tPQ^WE~PD&M;tj]EPEP+&uSPE(P/EPEPd_M;tj]EPEPBuSP3^@[SUVt$WhUSWWSUh_^3]@[jM#u~e^(;fj%Ej%PjMuEN(E4MN(pVD$tVY^jMo3}M9=@9~Mj3fMPMwpMEOPhdSj8FuP3VhSPEPMM%3u@MMv%3~j4M3M]H3SEPuM];M{MvMSf<tC;r]}ME+}EWuP0}Et(uEPMk.PMEU,ME$MPMooE3E;t3F}WQP;t@FSPFSP;u E;t3vURPVM;tzt]ME'$PMnEEt3F}WQPtBFjPFjPu Et3vURPVMtseEf9EuM13u@_!MMk13sjEt ]PuhVjSt3@}uh`iSM:,eEPEP]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vu;xtvhtajtLqt6tMWueMWTMWCMP@3MP<#My@E jZfIDHMW-H-tst`MejjEPEt1t7u(u$u WuuuVPQEtPQptPQ@_MWQExPtpLHpH36MW(MWMWMW^_]$VD$tVcY^j80@y}e<]wwtetStST}tjXhfEE}tVu<j?wuhhJVBjYPDVWhZu]+HPWEP>jVMEjETYPMM\MRVPMEME}'PM{E3E;t3G<u}#VSSSQPR,9]tuM3;;tz3dj[@}Whhj?tMejEPMRPMEu}t3v<PR )v<}t3Pv<RtMMD$;uP,L$IAujP3Vt$u@,hpt$PUYYtD$PQ3&@^A@,@@$D$@@xUVuu@9hsuTYYtEtH3PQ3VuuE^]UQQESV3W;];URhsPuu|}E;tvURuuPQ|Y9utTMQhsWu|?9ut:EURuuPQE|CEEPQEPQEPQE3_^[Vt$t,Ft%W6PQFPQf&3_3^l$,@D$V,tVY^@`@@D$VF@,tVZY^j@=ut~$E3P~ StjC0;|N<EzENEMNSV^8W~$;~SL$PF83@3_^[$UQeSV^W~&}<EPWuE{9E|3_^[3@VD$tV,Y^j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vul 9utup U9 9 E(u VWP3Wh 9 ;u3j(EPV& t9 }VX9 _^U$l `jhD8dPL 30 & SVWPEd0 e9 & 9 S 0 E9 & 0 E9 & 0 E3FVf0 & H3& JWP1k3Vf0 EEWP kj8EWPkEH0 E#0 M$9 E<0 E0 E0 }MQhWP 9 ;tL9 M;tEPt9 M;t& HPa9 E;tf9 Mf0 9}u9}u3
Ansi based on Dropped File
(~WRD0000.doc)
Vul9utupUE(uVWP3Wh;u3j(EPVt}VX_^U$l jhD8dPL3 SVWPEde E E E3FVfH3JWP1k3VfEEWP kj8EWPkEHE#M$E<EE}MQhWP;tLM;tEPtM;tHPaE;tfMf9}u9}u3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVV! h h\WEp2j9 ;t$tjEP46 YP6ST _^[jkqYtj^qY& u=uh)hYY9 U9 9 E$]U9 0 }9 }9 Mf$ffGfG fG0fG@fGPfG`fGp Iu9 }9 ]U9 0 }9 E"!9 3+3+& u<9 M9 0 U;t+QPs9 E9 U& tEE+0 E39 }9 M9 E.0 }39 }9 M9 E9 M9 U+RjQ~9 E9 }9 ]jhEhef(E#9 E9 9 =t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVh h\WEp2j;t$tjEP46YP6ST_^[jkqYtj^qYu=uh)hYYUE$]U}}Mf$ffGfG fG0fG@fGPfG`fGpIu}]U}E3+3+u<MU;t+QPsEUtEE+E3}ME.}3}MEMU+RjQ~E}]jhEhef(E#E=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVIz^9 U9 h]]`]]EuMm]]z3@3hR] & thp]P<& tj"!9 U9 9 MMZf9t3]9 A<8PEu3f9H 9 ]9 U9 9 E9 H<ASVq3WD& v9 }9 H;r9 X;r
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVIz^Uh]]`]]EuMm]]z3@3h]thp]P<tjUMMZf9t3]A<8PEu3f9H]UEH<ASVq3WDv}H;rX;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVwh!Vj%& u&h ]hV& t3PPPPP3V! @Y<v8V! ;jh]+QP: & t3VVVVV! 3h]SW& t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVwh!Vj%u&h ]hVt3PPPPP3V@Y<v8V;jh]+QPt3VVVVV3h]SWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vWu-|$tsF;sPj8uWS3;_^VjjN^y$rAAVD$tVnY^UESVW}9GswE+9usu;ujVujCjVt7rKrCCUVWQP^VZ_^[]UVW}Wet~rFFu+WV>:ju*t(NrFFuWQPu_^]UESVW}9GswE+9usu;ujV6uj*DjVt8rKrCCUVWRQP!Vq_^[]VjF;jjt$I^UVuEPVvMTEPMStuEPuYYuMVvMMEIH^Vt$YPt$P^VjFjjt$^UVW}Wt ~rFFu+WVf:jut(NrFFuWQPu'_^]VW|$WXGF_^jVuueNqVt$^fVXD$tVY^VjF]t$^Vt$-YPt$^VjF:t$^j{u}WQeWN(Vt$^UV~uuvjuXEsFSWV0MEPMqt%E}PWZYYWuVvMEPMq}t*F@WPYYFWpjEPWYYt;EEEME]CWPYYtCx-WtSkukEWPYYtgEVvEEMEMEPMp]uCPW^YYt$EHy-WtPjSjuEWEPM@A_[^j0uEPFVPMDEPMCp]uCPuYYt=uM(eeEPSuEP@jMjMEMpUhl$3Ehj<}tM,eM@LE PE_$SME]DM EPM1eHMPMLELPE8PEV5M'EPM8&ouM8Ao@EHjBYuHM E<MPEPhpSj.}H'ELPUM<EPM E[EHEHPMVMEPMPM@MDE0PEM0E658hSjuHM58WVMEMEjjMLMEM EM@EMM]3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W 0 M0 M0 M9 M;MR4M9 EPEP9 E0 9 9 @0 E9 FV0 MPMEPM uM79 @9 M0 EjjME0 E9 Eu@ }t3WuuPuS
Ansi based on Dropped File
(~WRD0000.doc)
W 9 U` VW! $u 9 Mp0p9 }0O9 R49 ,9 & : 9 }jpO09 R8u 9 Mp0Afp9 M0Tp9 M0iB9 Mu 9 P<2p9 M09 R@ p9 M09 R09 Mu 9 PD9 3& u(u$u PuuuRu_^]$ISSHS\SqSS" SSSSVt$9 t$tjN3^jHX9 u9 }uuW9~<uN3bM(~ee9 MQWEPxuMWuMMEEPME" PMEMEEPMEPMWhRM"!jMQPv<9 EgM9 EaMEME uM0 }n& & @ j X! 9 EPejhM
Ansi based on Dropped File
(~WRD0000.doc)
W H9 U`! $0 p9 M09p9 M0ep9 M0 p9 M01p9 M0qxp9 M0`p9 M0xp9 M0 fp9 M0dTu(9 Mu$u Puuu6p9 M0"p9 M0p9 M09 3& u(u$u PuuuRuS^]$Uj );Mj& .D9 j8RY0 E30 ];t9 N9 MM[9 }EPSW9 E6M& t;D]W9 & t& u#W9 S9 9 EPS9 MM d`j,&9 39~0uk9~u9 E0 9~tR#M3GWM0 ]Y0 09 ;t9 WIY0 ~MM"!U9 QVEPEP9 9 ^j9 0 uue}}}FFdF$FFF F F$lFP$FXF\ |/}E }EN}E?09 V9 D$tVY9 ^j8B9 h xh0j9 ! 3;t9x0uP9 9x0t3jjY0 E0 ];t9 0 E0 ]MM!Y9 F9 VPME19 FVPM$EPM# & 3M6PM{iEP9 ;& MXj8EY0 EE;t9 0 E0 ]ME9 XEPu9 SM& t:Z& tu9 MEP9 lS9 SEPu9 MEFaM9 FVPM=EPM< u9
Ansi based on Dropped File
(~WRD0000.doc)
w$& j9 3*9 W9 j9 `9 & tWM6eE9 0 eP!9 9 j9 MM 9 N& t9 jf9 N& x9 jfiw9 \W9 OW9 BW9 5W9 D(W9 }IV e r R "! ) < Vjjjt$9 t$t$jUS~9 ^jk'9 9 EHu%h8!Y9 0 M30 E;tVN0 ~(jq0 jhvhuj1& u9 RQjhvhuj~1& t9 nOjkS'9 }u6j$X!Y9 0 M30 u;th9 wM9 & u9 D'9 V3;t&VhvhuVP0;t
Ansi based on Dropped File
(~WRD0000.doc)
w$j3*WjtWM6eEeP!jMMNtjfNxjfiw\WOWBW5WD(W}IVer)<Vjjjt$t$t$jU^jk'EHu%h8!YM3E;tVN(jq0jhvhuj1uRQjhvhuj~1tnOjkS'}u6j$X!YM3u;thwMuD'V3;t&VhvhuVP0;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
w0ub39 M]0 E;t9 PuRu9 u9 9 E9 PQu3j.9 ~4u-j Y9 0 Me& t>U3M0 F49 j%9 9 F4QjBl9 0 uSE\9 N8& t
Ansi based on Dropped File
(~WRD0000.doc)
w0ub3M]E;tPuRuuEPQu3j.~4u-j YMet>U3MF4j%F4QjBluE\N8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
w0uY9 u9 9 E9 PQu3jA9 q;E}39 0 ]9 0 M;tEPu& t9 Ew(9u9 G$9 VPQ0& & 9 6MQu0 ]9 VP;RR9 E; 0 ]9 URP0 ]Qd;|[hMG tJjP8Y9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
w0uYuEPQu3jAq;E3]M;tEPutEw(9uG$VPQ06MQu]VP;E;]URP]Qd;|[hMGtJjP8YME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W9 haM}& t"ERP9 WP9 EAMR7haMJ& t7& |P9 WP9 E|]q9 haM& tW9 *& t&MM?E9 E;E 3@7LMMj R2?K9 }u39 Mh\: Z& t-MQ9 We~P9 ZMM9 9 Mh, Z& t0MQ9 V~,P9 EMM9 9 Mhh: PZ& eP9 & U3@\Kj0uJ9 9 ]& u
Ansi based on Dropped File
(~WRD0000.doc)
W9 _9 ^jC9 9 }9~t)hWMheEP9 kMMD9 Vt$9 Z9 ^Vt$9 o9 ^j4kC9 30 ]9w9 Mh~~VMVME0 ]0 ]0 ]39E}9 G`E<ar<zv<Ar<Zv
Ansi based on Dropped File
(~WRD0000.doc)
W9 Y9 e& hR: 9 Y& t-MQ9 V~<P9 EVME9 h, 9 }Y& t-MQ9 U~P9 EME9 htaEP9 iZEP9 Eh : 9 0 F/Y& tP9 ,0 EME1}u3MM9 3FjD9a<I9 M3WWuM0 }M;uM83IX;uMM9 9 M0 NLP9 ^9 jH9 0 u9 Ee: 0 FF49 0 S0 & u0 9 NIjgH9 0 u: eS9 & tPT7X'9 & t9 j'M9 4HV9 v& t9 }& t^^9 j.G9 j4AY9 0 M30 E;tPo0 HU9 V9 ~4tJ9 9 Pt9 }& t2uu\j9 0 ejhTS9 }jjj^]t$9 Pxjjt$j9 D$;u|$ujqYY38t9 9 9 bj F9 9 MQ9 P|eM& t3MM|9 GMPjjL9 & tP=uVTVX3F0 V9 D$tV_GY9 ^V9 9 0tS $DDD ,F9 ^j$QF0 M9 E& u@I9 Xp}Mu9 }3VSwM0 u94tjXE)EE)EhhjV9 9 5WS0 Eu0 ESj
Ansi based on Dropped File
(~WRD0000.doc)
W9 YY; 6V5P 5PY& tWVQYYDN0 VxYuWwTY3@_^]jh@9 9 9 ]3@0 E& u9x e;tu.RV& tWVS0 E} WVSr0 E& WVSSD0 Eu$& u WPS?DWjSBRV& tWjS& tu&WVS"& u!E}tRV& tWVS0 EE9 E9 E9 9 PQ{YY9 eE3{9 U9 }uu9 M9 UY]9 U9 9 Ef9 Uf;t@@f& uf9t3]9 U9 9 ES9 ]f;W9 tDf& t:+9 Mf& tf& t++uAAf9uf9tGG@@f& u3_[]9 9 U9 S39]u gSSSSSDV9 uW9 };t$;u pgSSSSS EB0 u0 u?vE?0 EuEuuPU0 E;tU;|BMx
Ansi based on Dropped File
(~WRD0000.doc)
W_^jC}9~t)hWMheEPkMMDVt$Z^Vt$o^j4kC3]9wMhVMVME]]]39EGE<ar<zv<Ar<Zv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
We& u3_^j,&X:9 }ufjhvv3@3M! }eM9 N9 & tS 9 MMp}9 :j$#99 ~u3i|9 N0 EEPMnejh~MWEPEPE" |YYME\9 NEP` MMD3@K:jPf99 M|3M0 ]CM9 jh~MEEPEPE|YYME;t9^t?E9 0 ePh}9^t"E9 0 ePh9 N;u!3M]! MM|9 9S9 >9 jk 89 39~t
Ansi based on Dropped File
(~WRD0000.doc)
Weu3_^j,&X:}ufjhvv3@3M}eMNtSMMp}:j$#9~u3i|NEEPMnejhMWEPEPE|YYME\NEPMMD3@K:jPf9M|3M]CMjhMEEPEPE|YYME;t9^t?EePh9^t"EePhN;u!3M]MM|9S>jk839~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WFUP5+N\!#8DC 19 @O,?4L9 LNP ;GIF89aR "!x9 } : "!Sx!R, RR
Ansi based on Dropped File
(~WRD0000.doc)
WFUP5+N\!#8DC 1@O,?4LLNP ;GIF89aR!R,RR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Wh Nv4v3@_^[j@0 0n9 9 }& w9 ! g$& +
Ansi based on Dropped File
(~WRD0000.doc)
Wh Nv4v3@_^[j@0n}wg$+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WhH=Lj\9 tLMuH;}?GWjEPM~*PME&M]JVM'9 MEPR(9 Mjh|9 %M0 ]E9 E" U9 Q9 MejhR$9 Ej} EP`eMP& tMM MWME\MEx9 EPhMPVM1& u+ME&MEMMJ9 }9 ujl EPeM& u[Pb YM9 MEMEVhM9 IPWMME MEwMM j EP#eM& uTM/ME4MEPuMh9 PVMBMEMEMM*4 jM EP eM & t3MM9 M`MEMEuMh9 PVMM9 E_MEE j, eEP3CM0 ]& t9 Mjh0/"0 ]M#MEMEME9 EPhMrPVM9 M& ujh0!EP;%M0 ]E"!MEM]ME9 E jEPeM& t3MMt9 | MMEME0uMhx9 ~PVMl
Ansi based on Dropped File
(~WRD0000.doc)
WhH=Lj\tLMuH;}?GWjEPM~*PME&M]JVM'MEP(Mjh|%M]EEUQMejh$Ej}EP`eMPtMMMWME\MExEPhMPVM1u+ME&MEMMJujlEPeMu[PbYMMEMEVhMIPWMMEMEwMMjEP#eMuTM/ME4MEPuMhPVMBMEMEMM*4jMEPeMt3MMMMEMEuMhPVMME_MEEj,eEP3CM]tMjh0/"]M#MEMEMEEPhMrPVMMujh0!EP;%M]EMEM]MEEjEPeMt3MMt|MMEME0uMhxPVMl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WhM}t"EPWPEAM7hMJt7|PWPE|]qhMtW*t&MM?EE;E3@7LMMj R2?K}u3Mh\Zt-MQWe~PZMMMh,Zt0MQV~,PEMMMhhPZePU3@\Kj0uJ]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WHU$pM09pM0epM0 pM01pM0qpM0pM0xpM0 fpM0dTu(Mu$u Puuu6pM0"pM0pM03u(u$u PuuuRuS^]$Uj);Mj.Dj8RYE3];tNMM[}EPSWE6Mt;D]Wtu#WSEPSMMdj,&390uk9uE9tR#M3GWM]Y0;tWIYMMUQVEPEP^juueFFdF$FFFF F$lFP$FXF\ |/E ENE?0VD$tVY^j8Bhh0j3;t90uP90t3jjYE];tE]MM!YFVPME1FVPM$EPM#3M6PM{iEP;MXj8EYEE;tE]MEXEPuSMt:ZtuMEPlSSEPuMEFaMFVPM=EPM<u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
window.external.<script type="text/javascript">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
wMKM9 T$B9 J3vu wMLMM9 T$B9 J3CuLdwM49 T$B9 J3 uxAwMaR9 T$B9 J3twMwRMoRMJ9 T$B9 J3tv9 M{9 M9 M9 M\9 Mt9 T$B9 J3{tSvMMMVX9 T$B9 J3HttivMM+X9 T$B9 J3t>v9 MU9 MJ9 M$O9 M< 9 T$B9 J3suM9 M9 M9 M$9 M< MuzYuzY9 T$B9 J3ks8RuMM~x{M9 uyYuyY9 T$B9 `t3sS7uM(I9 T$B9 J3ruMIugyY9 T$B9 J3r,tMHu:yY9 T$B9 J3"!r`t9 M9 M9 M<9 T$B9 J3]rS~tuxY9 T$B9 J38rYtMsMHMV9 T$B9 J3r&tMUMUM H9 T$B9 J3q@sM
Ansi based on Dropped File
(~WRD0000.doc)
wMKMT$BJ3vuwMLMMT$BJ3CuLdwM4T$BJ3 uxAwMRT$BJ3twMwRMoRMJT$BJ3tvM{MMM\MtT$BJ3{tvMMMVXT$BJ3HttivMM+XT$BJ3t>vMUMJM$OM<T$BJ3suMMMM$M<MuzYuzYT$BJ3ks8uMMx{MuyYuyYT$Bt3s7uM(IT$BJ3ruMIugyYT$BJ3r,tMHu:yYT$BJ3r`tMMM<T$BJ3]r~tuxYT$BJ38rYtMsMHMVT$BJ3r&tMUMUMHT$BJ3q@sM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WMMMM;M4MEPEPE@EFVMPMEPMuM7@MEjjMEEEu@}t3WuuPuS
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Wo9 }j& p9 }EPEPGi9 }jX+EjSWto9 }EPEP+}9 }jSWLo_[^9 & t9 @& t9 9 R 3V9 t$& tHSjhxhxjq8x9 & t'9 W9 Pl9 9 9 P & _u& ujj9 .[^V9 t$W9 & t19 S9 P09 9 9 P49 O$;9 0 O$9 O(;[~9 9 0 G(_^9 & t9 @& t9 9 b39 & t9 @& t9 9 b3j.9 9 v09 x& tfjh`thtjW& tK9 R9 & t>j Y9 0 Me& t9 EPK3Pj0 x5(v0'U9 Q9 & tdS9 ]V9 p9 EW0 3 9 Qe0 E& v-u9 & txu9 E9usE9 E;Er9 9 M;_^[9 S3;u3[V9 pW9 ;r3N;|V9 ;t9XtNy9 9 _^[9 U3& u]SV9 pW9 9 ;r3V9 ]& t9htF;r9 9 _^[]V9 v0jj9 ^^W9 9 ! & tOV9 p& tFw0& t9jh`thtjV
Ansi based on Dropped File
(~WRD0000.doc)
WojpEPEPGijX+EjSWtoEPEP+}jSWLo_[^t@tR 3Vt$tHSjhxhxjq8t'WPlP _uujj.[^Vt$Wt1SP0P4O$;O$O(;[~G(_^t@tb3t@tb3j.v0xtfjh`thtjWtKt>j YMetEPK3Pjx5(v0'UQtdS]VpEW3 QeEv-utxuE9usEE;ErM;_^[S3;u3[VpW;r3N;|V;t9XtNy_^[U3u]SVpW;r3V]t9htF;r_^[]Vv0jj^^WtOVptFw0t9jh`thtjV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WREP<EPuuuuuhWZajjSWjEPWEE@PE@PEHPEHPWuWuWSh 3PPWuuPPuuWuW_^[D$HuV9L$u/&^3UVut"FURPl@StMVP\3^]US]V;PuuuWt_-t9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WUVW$u Mp0p}0OR4,}jpO0R8u Mp0AfpM0TpM0iBMu P<2pM0R@ pM0R0Mu PD3u(u$u PuuuRu_^]$IH\qVt$t$tjN3^jHXu}uuW9~<uN3bM(eeMQWEPxuMWuMMEEPMEPMEMEEPMEPMWhMjMQPv<EgMEMEMEuM}n@j XEPejhM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WVu^_]=9 D$0 AH@ 3V9 t$v& u@9 F9 L$0 3^U9 SV9 uF3W& tF39 }0 9 E0 EPv@ 9 E9 MPu0 H9 M0 0 X0 Hh9 E0 X9 N0 H0 X0 X9 9 PQ_^3[@ 9 L$& uW 9 D$0 9 PQ3@ U9 30 E9 EVW9 MQP@& w0VhpjjEP,& >tT9 9 URh<sP& |@9 M9 GPQR9 E9 PQ9 69 MQhsV9 & |9 E9 PQ 9 E9 PQ9 9 M_3^PjM>9 9 F030 };u3@! URh<s0 }0 }9 P;|"9 E;t9 jPQ9 E9 WPQ9 E9 PQ9 F09 URh|sP;|9 E;t9 PQ9 E9 PQ9 E9 PQ9 F09 PQ0 ~0yx3U9 QSVWY49 I0u9 & t&9 URh|sQ& |9 E9 SSPQ9 E9 PQ_^[U9 QVW9 39~0td9 F09 URh<sP& |O9 M9 9}t,SF4Pv(^WSWjQR,9 M9 F4Pv(WSWjQR,[Wv(FWPWjQR,9 E9 PQ_^V9 ~0u3^9 F09 PQ9 F0^V9 n9 F,f(& t
Ansi based on Dropped File
(~WRD0000.doc)
WVu^_]=D$AH@3Vt$vu@FL$3^USVuF3WtF3}EEPv@EMPuHMXHhEXNHXXPQ_^3[@L$uWD$PQ3@U3EEVWMQP@w0VhpjjEP,>tTURh<sP|@MGPQREPQ6MQhsV|EPQ EPQM_3^PjM>F03};u3@URh<s}}P;|"E;tjPQEWPQEPQF0URh|sP;|E;tPQEPQEPQF0PQ~0y3UQSVWY4I0ut&URh|sQ|ESSPQEPQ_^[UQVW39~0tdF0URh<sP|OM9}t,SF4Pv(^WSWjQR,MF4Pv(WSWjQR,[Wv(FWPWjQR,EPQ_^V~0u3^F0PQF0^VnF,f(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWvjPM}zMMV*D$f,F0^D$A,D$A0ItPzU4jP*hEPs@u@u$E4u u@Pu4E(3E9{,tE0]WWMWhM}E0PEPM~ E0u}@jEjEPu4M%MM3E0sHEVEPu4V59{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WWWWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WYehYt-MQV~<PEVMEh,Yt-MQU~PEMEhtEPiZEPEhF/YtP,EME1}u3MM3FjD9a<IM3WWuM}M;uM83IX;uMMMNLP^jHuEeFF4uNIjgHuetPT7X'tj'M4HVvtt^^j.Gj4AYM3E;tPoHUV~4tJPtt2uu\jejhTjjj^]t$Pxjjt$jD$;u|$ujqYY38tbjFMQP|eMt3MM|GMPjjLtP=uVTVX3FVD$tV_GY^V9 0t$DDD,F^j$QFMEu@IXp}Mu}3VSwMu94tjXE)EE)EhhjV5WSEuESj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WYY;6V5P5PYtWVQYYDNVYuWwTY3@_^]jh@]3@Eu9xe;tu.VtWVSE}WVSrEWVSSDEu$u WPS?DWjSBVtWjStu&WVS"u!E}tVtWVSEEEEPQ{YYeE3{U}uuMUY]UEfUf;t@@fuf9t3]UES]f;WtDft:+Mftft++uAAf9uf9tGG@@fu3_[]U S39]u gSSSSSDVuW};t$;u pgSSSSSEBuu?vE?EuEuuPUE;tU;|BMx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x,M|jV0MPhjV]-8HH"HHHtyu2Yt6;=(uuVuPtj3JuuWPf|teDMQP[tMtuPHSYt3uuVSR$SYtuuVSR(S}YtTuuVSR,S^YJuR}`.S3Ytx<ukj_uHSt9HtYuVSRAYtuVRP$YtuVRL
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x.jhTMWM]hMMFPM]EPNPE;E,;&9u`]URPEQ@Eu;t;t3QPEE;tPQEE;tPQ;9]URPEt;9]wuMEE;OUR]PQ$9]]3]jXfEEEUREuuPEQ,;9]uME;]URPEQ8juMCME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X0 0 F49 2j]M9 0 u<%~t9 E>9 FT;}%f0~89 j9 P~9 j9 P}9 jP}NX9 N,0 M& tf,j19 M& t9 jNX9 E/}E }E NtEvNXEj9 EM9 +y$uA$Vj9 Y& t9 9 Pu3^9 ^U9 QV9 FtPM19 vTMC9 ^j]9 FXPMe~,u+jY9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
X0F}~DCE[F}&}u9]|]}Wj0V}tE`p3_^[U,3EESVW}j^VMQMQp0~+3;u%SSSSS0}ZE;vu3}-+uMQMQP3}-P);tuESVu`M_^3[qU03EESVuWj_WMQMQp0*3;ujSSSSS8}M;vEHE3}-<0u+EPuQW(;tXEH9E|-;E}(:t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x8tP4UM`8jEPKPYt:4+M3@;j@SPCDjS@P3PPjMQj@QPCD\j<PVEP(4T)D09<8 j<PjEP(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x9=u)[9}u{R juYxQhj
Ansi based on Dropped File
(~WRD0000.doc)
x9=u)[9}u{RjuYQhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X\ OX 0K[h Jf eTdpddddde*e>eLe^ere e eefe8deeeW ~[[["[@[V[l[`[V,ddddcccccccac`ctcbcPcDc:cVVVVV VxVfVZVPVDV0V$VVVUUU(U<ULUbUvU U UUUUUTTTbc,c]]bbbb b brb`bNb>b]a].bbbbaa]]]^^aaaaRaraZa@a.aaa``````S```z`n```T`B`2`$``_____a_`_~_j_R_@_(___^^^^^^^ ^^8^J^^^r^[[[ ][\\.\:\H\V\l\ \\~\\\\\\](]@]X]p] ^ : " W$fW8fWW*ZZ
Ansi based on Dropped File
(~WRD0000.doc)
X\OX0K[hJfeTdpddddde*e>eLe^ereeeefe8deeeW[[["[@[V[l[[V,ddddccccccccctcbcPcDc:cVVVVVVxVfVZVPVDV0V$VVVUUU(U<ULUbUvUUUUUUUTTTbc,c]]bbbbbbrb`bNb>b]].bbbbaa]]]^^aaaaaraZa@a.aaa````````z`n```T`B`2`$``_______~_j_R_@_(___^^^^^^^^^8^J^^^r^[[[][\\.\:\H\V\l\\\\\\\\\](]@]X]p]^:W$fW8fWW*ZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X]9 ]DjY;#]Q& u! >& u! 9 U9 V9 MQ0 Y9 0 0^]%9 U9 ( 30 EVtj
Ansi based on Dropped File
(~WRD0000.doc)
X]]DjY;#]Qu>uUVMQY0^]%U(3EVtj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xb0 rR ZUTA] q& f& _J j! (VlB}a"!iG/h8I 2!
Ansi based on Dropped File
(~WRD0000.doc)
XbrRZUTA]qf_J j(VlB}aiG/h8I 2!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XE0 E9 CE0 E9 CH9M~0 E9 }jEP4\9 }P4KiPu}tuuuu9 D$t$0 9 D$0 "yV9 t$& t(W9 9 +9 +0 Q$0 A(_^V9 3& tjv(v$vS ^U9 SVWjEjPWhjj9 59 Wu9 9 EHQ9 MQRPQu E9 E+ESuW_^[jXf9 9 0 ejhTStve9 0 ejh|9 \v9 }MjjjjsjXf}9 9 0 ejhTSve9 0 ejh|9 v9 }Mjjjj: j*79 39] _9 ! ; QHTE9]R@9E79 uT9 0 u; MS}xVM0 ]0 u" & w0& j Y9 0 ME;tS/*0 E0 ]jH]: Y9 0 ME;t#9 3! PN ]v9 ! PN0Sv9 MEP/PNEvM]nu9 nv9 EPS0 p5(w0)VM2 & tjS9 fPhLh@SDMM |~U9 VS6& t.EP6@ h9 VEPu V^V9 t$W9 & t-~u9 du9 #du9 9 j9 _^U9 9 E;(uu9 u3uuuPW:]39|RRS 3U9 jEjP9 E9 M
Ansi based on Dropped File
(~WRD0000.doc)
XEECEECH9M~EjEP4\P4KiPu}tuuuuD$t$D$"yVt$t(W++Q$A(_^V3tjv(v$v^USVWjEjPWhjj5Wu EHQMQRPQuEE+ESuW_^[jXfejhTtveejh|\vMjjjjsjXfejhTveejh|vMjjjjj*739]_;QHTE9]@9E7uTu;M}xVM]uw0j YME;tS/*E]jH]YME;t#3PN ]vPN0vMEP/PNEvM]nunvEPSp5(w0)VM2tjSfPhLh@SDMM|UV6t.EP6@hVEPuV^Vt$Wt-~udu#duj_^UE;(uuu3uuuPW:]39|RR3UjEjPEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xEMMtj,&t9 Mf30 uM9uu-uM~jVuKVVu;VMR;9 ]Sg;tVjdwwVSMSM jVSMMM]tj,&vs9 u& t?Me(MtjV$VM|MMtVW9 =9 vvvvvvvvvv_^9 A |$V9 uvv9 jh 6vv^j<r0 M39]u39 MS;0 E~u9 Mj lY9 0 M0 ];tj
Ansi based on Dropped File
(~WRD0000.doc)
xEMMtj,&tMf3uM9uu-uM~jVuKVVu;VMR;]Sg;tVjdwwVSMSMjVSMMM]tj,&vsut?Me(MtjV$VM|MMtVW=vvvvvvvvvv_^A |$Vuvvjh6vv^j<rM39]u3MS;E~uMjlYM];tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xf0 CC9 E9E 9 t@u f9 f0 CC+]0 ] Pj^;u//0 0im& Y0 ]\3_[^jh0Bo9 Eux/ /3;|; r!v/0 0\/VVVVV9 9 9 L9t;MAu(/0 0/P Y0 u9 D8tuuu~0 E..0 0ME9 EuE Y9 U9 [ 30 E9 EV30 & 40 80 09uu3;u'u.0 0[.VVVVVSW9 }9 4& 9 `X$0 (' t u09 Mu&.30 0-VVVVV C@ tjjju uaY& 9 D m9 @l39H& P9 40 & `39 t P 9 40 & 30 & <9E B0 & D`& ' & g`9 (3
Ansi based on Dropped File
(~WRD0000.doc)
XF42j]Mu<%~tE>FT;%f0~8jPjPjPNXN,Mtf,j1MtjNXE/E ENtEvNXEjEM+y$uA$VjYtPu3^^UQVFtPM1vTMC^j]FXPMe~,u+jYMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XfCCE9Et@uffCC+]]Pj^;u//0imY]\3_[^jh0BoEu/ /3;|;r!v/0\/VVVVVL9t;MAu(/0/PYuD8tuuu~E..0MEEuEYU[3EEV34809uu3;u'u.0[.VVVVVSW}4X$('tu0Mu&.30-VVVVVC@ tjjjuuYDm@l39HP4 `39 tP43<9EBD'g(3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xjt$jv^jhqV9 q& tjv(v$t$t$vS ^VqlW9 `9 & ~,S3& ~S9 & tPC;|jWj9 [_^U9 9 E;u!3@9Eu
Ansi based on Dropped File
(~WRD0000.doc)
xjt$jv^jhqVqtjv(v$t$t$v^VqlW~,S3~StPC;|jWj[_^UE;u!3@9Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XP0 & @" Yf;& @& ;& 8& 09 E9& D '9 `& 8T49 0 D839 @ 9 & 40 @ & 0 & <9M 9 (9 <D+4& H;Ms99 " <& <`A
Ansi based on Dropped File
(~WRD0000.doc)
XP@Yf;@;80E9D'8T4D83@4@<9M (<D+4H;Ms9<<A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xR.jhTM9 WM0 ]hMMFPMa0 ]EPNPE;9 ER,; &9~u`0 ]9 URPEQ@9 E9 u;t;t9 39 QP 9 EE;t9 PQ9 EE;t9 PQ; 9 9~R 0 ]9 URPE t;R 9] wuM9 EE; OUR0 ]9 PQ$9]0 ]}30 ]jXf0 E9 E0 EUR9 9 Eu9 9 uPEQ,;R9] uM9 E; : 0 ]9 URPEQ8juMCME
Ansi based on Dropped File
(~WRD0000.doc)
xt3@3V9 t$38t8FtjPPv` +F^3^9 F^U9 9 E38t?8Ht69MuQQ9 HMQ}uj}ujQup` 0jX]j9Mu9 M}u9 MH}u9 HM0 H3]U9 V9 uW9 }} >t jEPWuvh& uF9 E(9 N9 F9;v+9 9 FWPueR~9 3u_^]U9 QuEjjP! u
Ansi based on Dropped File
(~WRD0000.doc)
xt3@3Vt$38t8FtjPPv`+F^3^F^UE38t?8Ht69MuQQHMQ}uj}ujQup`0jX]j9MuM}uMH}uHMH3]UVuW}}>t jEPWuvhuFE(NF9;v+FWPue~3u_^]UQuEjjPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xt}tE`pE~1]}EPE%PBYYtEjE]EY;J*3]EAEjpUjRQMQVpEP$oEtM}tMap^[U=TuEHw ]juYY]UMS3VW;t};wIj^0SSSSS90u;uBF:tOu;uYIj"Y3_^[]W|$n$L$Wtt=u~3tAt#ttty
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xu%9 M0 B_^[SVW9 T$9 D$9 L$URPQQhR{d5 30 D$d0 %9 D$09 X9 L$,39 pt;9 T$4t;v.4v\9 0 H{uh9 CZ,9 Cl,d_^[9 L$At39 D$9 H38U9 hppp>]9 D$9 T$0 U9 L$9 )qqq(]UVWS9 33333[_^]9 9 9 j+33333U9 SVWjjh3|Qt_^[]U9 l$RQt$]9 U9 f9 Ef0s]f:s0]9 f; `9 f;
Ansi based on Dropped File
(~WRD0000.doc)
xu%MB_^[SVWT$D$L$URPQQh{d53D$d%D$0XL$,3pt;T$4t;v.4v\H{uhCZ,Cl,d_^[L$At3D$H38Uhppp>]D$T$UL$)qqq(]UVWS33333[_^]j+33333USVWjjh3|Qt_^[]Ul$RQt$]UfEf0s]f:s0]f;`f;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y K$FRQ`! Q00 B ! #r0 ;GIF89a : S"!a~!, @> ! 9 RR3 } &RFL~<C\
Ansi based on Dropped File
(~WRD0000.doc)
Y K$FRQ`!Q0B#r;GIF89a!,@>3 &RFL<C\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
y TMS9 T$B9 J3aw9 `3wyMUMTMTM! MMMMM9 T$B9 J3:w[yMTMTMM9 T$B9 J3w(yMT9 T$B9 J3v8yMMZMNTMFTM>TM6TM.TM;MMTMLMMT9 T$B9 JS3iv\`xML9 T$B9 J3Fvgx9 T$B9 J3+v@
Ansi based on Dropped File
(~WRD0000.doc)
Y$-UVuW3;t9}w OjYWWWWW3}fsOj"SEPPEjd[Mj/XfF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y%u @0 tSfzY1e9 E8|=ujVY39 U9 SV9 u9 3W;to= th9 ;t^9uZ9 ;t9uPyOVYY9 ;t9uPyUYYyyYY9 ;tD9u@9 -Py9 +Puy9 +Pgy\y9 = t9uPS75yYY~PEh}t9 ;t9uPyY9_t9 G;t9uPxYMuVxY_^[]9 U9 SV9 5 W9 }W9 ! & tP9 ! & tP9 ! & tP9 ! & tP_PE{h}t9 & tP{t
Ansi based on Dropped File
(~WRD0000.doc)
Y%u @tSfzY1eE8|=ujVY3USVu3W;to=th;t^9uZ;t9uPyOVYY;t9uPyUYYyyYY;tD9u@-Py+Puy+Pgy\y=t9uPS75yYY~PEht;t9uPyY9_tG;t9uPxYMuVxY_^[]USV5W}WtPtPtPtP_PE{httP{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y'u0 Y0 uuY0 EE9 Eu0 YjY9 U9 uu & uP3& tP}8Y]3]9 U9 QeVEPuu: 9 & u9Et 8& t
Ansi based on Dropped File
(~WRD0000.doc)
Y)MEP0 M9 M9 uu69 }9 5h jjuuWs ss uuuuuu`U9 9 E0& u3axuX9 Pu9 E0u-9 PVWp,0 Up}EP"9 E_3^u9 E ~3@U9 SW39 9}u3sVW W9 0 E9 0 Em9 5Pu0 EEP9 EWWuP9 9 E"!}~jX9 M;t@0 uuu3@^_[h " *S0 M9 ]& u3EPSH9 uj@& tjPFpj8EjPc9 EjY0 u0 EE u|9 u& tP3Wh2S0 E;tMC8PM0 }80 EChPM89}u;u0 {DCDu}lMM83@ U9 VE9 Pv@ & 9 N8S33;tc9 M9 UWSv4|9 E9 MSvB+P+IQWRh@Ph|9 hS P0 S& 9 =Sjh Sj9 SPhSjS
Ansi based on Dropped File
(~WRD0000.doc)
Y)MEPMMuu6}5h jjuuWs ssuuuuuuUE0u3axuXPuE0u-PVWp,Up}EP"E_3^uE 3@USW39}u3sVWWEEm5PuEEPEWWuPE}~jXM;t@uuu3@^_[h*M]u3EPSHuj@tjPFpj8EjPcEjYuEEu|utP3Wh2E;tMC8PM}8EChPM89}u;u{DCDulMM83@UVEPv@N8S33;tcMUWSv4|EMSvB+P+IQWRh@Ph|hSP=Sjh jSPhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y+x& ~V9 9 Mh[Nu^3@]j$FF0 M9 u9 Q3S9 *K3Gf_9 Eu09 0 8HPWEP9 ^P9 0 ][MMS0 9 L;tHvBVM\M0 }CN9 MEPEP0 ]" Q;t9 ]MM,S9 4jt& FM9 }m9 3;~*3jZQ9 QSP0 9 MTK& & 9 0 ejhXuM M 0 ]F;0 E0 ]}i3CMdIEPM ]M& ;hOM& t0 ^thNM& t0 ^xhNM& t0 ^|hNM& t0 ~ hRN& tm9 N<& u_h 2Y0 EE& t9 R3]0 F<|9 & tpjY0 EE& tj9 }3P9 ] C<9 eMQMQ9 P8& t%}t;9 |9 0 `A;~9 }0 ME@QE9 E;ERE&QMM $V9 t"}_9 L$& |;}9 9 3^V9 ~<t"{& t9 & t5"!9 N<PLR^jG9 0 upy3N,0 },hGN@E\GNPEPGN`EDG} Eq}E&G~9 E)}EO9 j9 EFp@KL0 ~t0 0 ~x0 ~|0 0 0 0 0 ~<9 Vh|9 9 ,h9 h9 h9 h9 h9 h9 h9 h|9 hp9 h`9 hP9 h<9 Sh,9 h9 h9 xh9 lh9 `h9 Th9 Hh9 <hl9 0^U9 }W9 u3>V9 }|'9E}"u9 : N& tu9 EP9 d3^_]V9 9 L$& tyu9 & u9 ^Ul$ 30 & jTRGq9 & 0 E9 & 0 E9 & 3S0 Ex9 Y; K9 ; 6MDj|9 VM0 ]S3hf0 EESPEM[EP9 ED0 EEPM@UuESuhP jVMGSDSME3UjEPM! f9 EDPMUME+M<VMTh0MTMnDPMTVMT t/O,jE& u#SMTO,6DPMTVMT|t149 +hMwTVM Th(MaTMCPMPTh MCT9 E& tf8tPM-ThM Tt(hM
Ansi based on Dropped File
(~WRD0000.doc)
Y+x~VMh[Nu^3@]j$FFMuQ3S*K3Gf_Eu08HPWEP^P][MMSL;tHvBVM\M}CNMEPEP]Q;t]MM,S4jtFMm3;~*3jZQQSPMTKejhXuMM]F;E]i3CMdIEPM]M;hOMt^thNMt^xhNMt^|hNMthNtmN<u_h2YEEt3]F<|tpjYEEtj3P]C<eMQMQP8t%}t;|A;~ME@QEE;EE&QMM$Vt"_L$|;}3^V~<t"{tt5N<PL^jGupy3N,},hGN@E\GNPEPGN`EDGEqE&GE)EOjEFp@KL~t~x~|~<Vh|,h hhhhhhh|hph`hPh<h,hhxhlh`hThHh<hl0^U}Wu3>V}|'9E}"uNtuEPd3^_]VL$tyuu^Ul$3jTRGqEE3SExY;K;6MDj|VM]S3hfEESPEM[EPEDEEPM@UuESuhPjVMGSDSME3UjEPMfEDPMUME+M<VMTh0MTMnDPMTVMTt/O,jEu#SMTO,6DPMTVMT|t14+hMwTVMTh(MaTMCPMPTh MCTEtf8tPM-ThM Tt(hM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y0 EEPjh2Eu}_& tP9 E9 @9 PR3@^[jP*z/9 E
Ansi based on Dropped File
(~WRD0000.doc)
Y3C0 ]~uhFP;YY& u0 ]Fe(}u^S FtS@ 9 }9 uj
Ansi based on Dropped File
(~WRD0000.doc)
Y3C]~uhFP;YYu]Fe(}u^SFtS@}uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y9 0 ME;t"vESjuuuPuhS3u9 P]9 9 P3Cj@: 9 MuE3PM0 ]_rMER& t#3M])ZMM9 %9 ;t^hLY9 0 ME;t"vESjSuuPuhSS9 3u} EFaSV9 S9 9 P3Fnjl+
Ansi based on Dropped File
(~WRD0000.doc)
Y9 ^U9 SV9 9 F$W30 ~0;t9 PQ0 ~$9 F(;t9 PQ0 ~(9 F,;t9 PQ0 ~,9 N4;t[EP~9 N4EPEP~& t-9 M;t9 j0 }9 N4EPEP~& u9 N49 WP9 N4;tjB0 ~49 N8;tZEP9 N8EPEP& t-9 M;t9 j0 }9 N8EPEP& u9 N89 WP9 N8;t9 j0 ~8<9 9 ;~.0 }u9
Ansi based on Dropped File
(~WRD0000.doc)
Y9 U9 9 E9 9 DP]jh FEM30 }jY& ubjeY0 }0 }@<9 4& 0 u9 ; Fu\~u9j
Ansi based on Dropped File
(~WRD0000.doc)
Y9 U9 S3SMkr0 8u88]tE9 Map<u8u9 E9 @88]t9 E`p9 [9 U9 30 ES9 ]V9 uWd9 30 };u9 30 u39p E0=r p dP& REPW& 3hCVPZa3B0 {0 s9U } u` FhCVPa9 Mk00 u 0 u*`F t(>9 E` lD;FG;v9 }FF >u9 uE}0 ur9 0 {Cgj0 CC0 tZf9 1Af0 0A@@Ju9 L@;vFF ~& 4C @Iu9 C0 C0 S0 s39 {958& X9 M_^3[ Ojh E }Mp9 0 }9 _h9 uu0 E;C Wh 0 Y9 & F9 wh9 #SuYY0 E& & 9 uvh & u9 Fh=@0 tPU{Y0 ^hS9 = Fp& d}& j
Ansi based on Dropped File
(~WRD0000.doc)
Y9o& tj;oY 0 & 0 0 " 0 0 0 fR" fRfRfR& fRfRS& 9 uE0 & & 00 9 @jP0 & & jPB& 0 & (& 0j& @0 0 & ,< & (P@ j9 U9 9 M9 U#U#0
Ansi based on Dropped File
(~WRD0000.doc)
Y9otj;oYffffffuE0@jPjPB(0j@,<(P@jUMU#U#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y=0&:Q Qa!#V"!" ~(_$! |o/LhXa=-fAvq *0 & qx3x4}
Ansi based on Dropped File
(~WRD0000.doc)
Y=0&:QQa!#V(_$|o/LhXa=-fAvq *q3x4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y^US3W9@t3OV8;tuuuuC9juuuu4tttS8^_[]j(OMu 3M]Puuh VjEPjSuu0;t03PhVAAQQMM]MMEPuEu$;uE 9EuEPM u9M]E;tu$3h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y^USVF$W3~0;tPQ~$F(;tPQ~(F,;tPQ~,N4;t[EP~N4EPEP~t-M;tj}N4EPEP~uN4WPN4;tjB~4N8;tZEPN8EPEPt-M;tj}N8EPEPuN8WPN8;tj~8<;~.}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[03H4t$D$t$ppp0t$AUV3M9u9uS]W3u}EPSuEEuu3}t1}}u8MjEPuMjEPu~MjEPuuEMPdyMEQTyYYMQPV5SjSjuEPuuS_[^U }MuEeS]VW3}EPSuEEut}MjEPuEMPxMEQxYYMQPV5SjSjuEPuuS_^[V?hf$f(^>hD$A(j4:$Luj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3_j03Seh]eMvSSSuEPMEM]MMB\JjScjehoeMeejh|auMuuxMMTj@M@Tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3j,4EEu3;uMjM]}/Ut"EPPEdM]\WMeMETuSh MdEPVSh?SSSMSPh(;u 6M]+\MMjM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3khEPPWEPMdYetEP[j\MN;uj/MxN;MH;}z39]t&VSEPMK^MPEZM]S9]t3Mr+HPFVEPM^MPEwZMER3FM}R3jceMIjEPju3C]8t_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3PSLYE;tPSWPu1uYVjj\PEwM@VWPcVEWPX5hhSdWPhhSEWP@EPEPPu_uEPEPEPuGtu|EuMu=}Dj(3eMD3CM]jhME MEPM"hM"EPhMvPhMMMuEPA#jh|M]EM]xMEEj83eMqM3C]tMEP"]uEPMEtMEP"]jhMMEPM!hM!MEPh|MEQPhMMEP("M]ExMEM]MEEj!4uEPuePMM_t3]SeV!tM&3Gh}|PM*uMM%yuhhh|h|Lt3MM%jMueEPuuu3MMnvEeP M3Fjtd4qMeMEPMEMjjh MjhME3E~YVEPM$ME%PMu"h|MPMJMEP#MEF;|MEsMEgMEMMYUdj04nWhMeWhMWhpMEWhdMEWhLMEMdEM\EM\EMte`EH4u`MtE0P"EPMLEM0EPVMLMLPSMdM ED*E PMEPMLPSMdtEPM Et[M}DuSEPMLM0]PVML
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3Spj,ueEP3CM]tMjh|8]M,MEMEMEEPhM{PVMMtEPRjh|M]EMEM]MEEujtEP$eMt3MM}uMMEME9uMhPVMuMEMEj&FteEP3FMuytMjh|hMJMEPMuEEtj&seEPx3FMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3wVWFPutV%Y_^j8>=$3;u3@]qPEP];9]uME;]URPE;EP;J]URPEQ@Mh|M2uhHM!EPEURPEQ(juM{h0ME5tZME~EPuEE;tPQE];tPQEM;PQM]EPEPME;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3YU}t1j6vYt%umtEPujuu]jGu,hWjEh`hPjjhHWjjELPEEJEN`EJNPEJN@EJN,EJM}sjGjEuYhhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3~T~u3=hu9lu@T~P~u d=hu3@9lt3P~L~u9=h@L~d~u =hr3@9ls3d~UQVWh@3;u3GhW<;t.MQVVuu|9utuMeu3F(W8_^U3EVu3QPPh(P@j}h|PHiM3^U3EVu3QPPh&P@j}h|PhM3^j(5D&eMC3CM]YEPhLhhMEGuMjh|hj\M]uj/M]ta}t(VjEPMmMPEiMENbM+HPFVEPMPmPMEiMEbMEPfkM]]bMEBEU`j(D3WEHP}X3CMH]BZjtMlh|g]XhMqgM`E6BMECaEPMEXPVM`L;uMljh|'g]X#M0XMEXME;ED}\u\EPMGnPM0EhME`M0jYEPM (jM0E+XPM 4iEPhpM XPVM`Et8jMHWPM[E@tMMH+;}@M EY`E\E\;ED5Mljh|f]XME,`M0E `MEjeM`E@M]_MHE_ElMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[8j4#+9 hY0 Ee& t9 33MM0 FhW3jChM0 ]OfEPEPEYYM]U`~0E jjjj9 0 eP0 i9 NSwMWjhMEeEPEPE(YYME_jjjjE9 0 eP-i9 NSwM]_jjjj9 0 ePi9 NS(wMM" _xV9 D$tVY9 ^9 Uhh +3M0 ]W|9 VMEeWVMEdWVM@EdWVM0EdWVMPEdWVM EdME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[8j4#+hYEet33MMFhW3jChM]OfEPEPEYYM]U`~0EjjjjePiNSwMWjhMEeEPEPE(YYME_jjjjEeP-iNSwM]_jjjjePiNS(wMM_VD$tVY^Uhh+3M]W|VMEeWVMEdWVM@EdWVM0EdWVMPEdWVM EdME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[9 03H4t$9 D$t$ppp0t$AU9 V30 M9u 9u S9 ]W30 u}EPS & u9 E0 E0 u9 u3}& t1}}u89 MjEPu9 MjEPu~9 MjEPuu9 E9 MPdy9 M9 9 EQTyYYMQPV9 5 SjSjuEPuuS_[^U9 }0 M uR 0 E& eS9 ]VW3}EPS & u9 E0 E9 u& t}9 MjEPuS9 E9 MPx9 M9 9 EQ xYYMQPV9 5 SjSjuEPuuS_^[V9 ?hf$f(9 ^>h9 D$0 A(j4:$L9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3"!jegx9 0 ud^T39 0 }2 } E h|9 9 E+0 ~0 ~P0 ~dx!h } 0 F<0 ~t0 ~x0 ~|+0 F0 F0 F 0 F00 F40 F8 0 0 0 0 ~h0 ~l0 0 ~p9 }xje~9 0 u29 Nf<E& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3_Rj03S9 0 ehS0 ]eMvSSSuEPMEM9 ]MMB\9 JjScj9 0 ehSoeMe9 0 ejh|9 auMuuxMM9 T9 j@ 9 M@T& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3j,4EE9 & u 9 3;uMjM0 ] & 9 }& & 9 & & 9 /U& t"EP9 P9 EdM] \WMeMET& uSh MdEPVSh?SSSMSPh ( ;u 9 6M]+\MMj9 M]
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3khEP& P WEPMdYe& tEP9 [j\MN9 ;uj/MxN9 ; ! MH;}z39]t&VSEPMK^9 MPEZM]S9]t3Mr+HPFVEPM^9 MPEwZMER3FM0 }R9 3jc9 eMRIjEPju3C9 0 ]8& t_M
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3P9 SLSY0 E;tPSWP& u1u YVjj& \PEwSM@9 V& WPc: VEWPX: 9 5 hShSd& WPhShSEWP@EPEP& Pu_& uEPEPEPuG& tu| Eu9 M u=: 9 }Dj(3eMD3CM0 ]jhSME 9 MEPM"hM"!"EPhMvPh MM9 M& uEPA#jh|9 M0 ]EM]xME9 Ej83}9 eMq9 M3C0 ]& t9 MEP"0 ]uEP9 ME& t9 MEP"0 ]jhMME PM!hM !MEPh|9 MEQPh M9 MEP("M0 ]ExMEM]MEx9 E}j!49 uEP9 ueP9 MM_9 & t3a9 ]S9 0 eV !9 & tM&3GhR9 0 }|PM*& uMM%9 y& uhh9 9 h|9 h9 |9 L& t3MM%9 j R9 MueEPu9 u& u3MMn9 vE9 0 eP 9 M3Fjtd4qRM eMEPM EM& jjh M9 jhME3E& ~YVEPM$ME%PM& u"h|9 MPMJ9 MEP#ME F;|MEsMEgMEMM YRUdj04n9 WhMeWh MWhpMEWhdMEWhLMEMdEM\E M\E9 Mt9 e`0 EH& }4u`9 MtE0P"EPMLEM0EPVMLMLPSMdM 0 ED*E PMEPML PSMd& tEPM E& t[M}DuSEPML9 M0]PVML:
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3Spj,ueEP3CM0 ]& t9 Mjh|9 80 ]M,MEME"!ME9 EPh M{PVM9 M& tEPRjh|9 M0 ]E"!MEM]ME9 EujtEP$eM& t3MM}9 & uMME"!ME9uMh 9 PVMuM9 EME j&FteEP9 3FM0 uy& t9 Mjh|9 hMJ9 MEPM0 uE9 Etj&seEPx3FM0 u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3wV9 WFP 9 & u& t9 V%Y9 _^j8>=$9 3;u3@ 0 ]qPEP9 0 ];R9] uM9 E; 0 ]9 URPE ;9 ERP; J0 ]9 URPEQ@Mh|9 M2 uhHM! EP9 E9 URPEQ(juM{h0ME5& tZME~EPu9 EE;t9 PQ9 E];t9 PQ9 EM; 9 PQM0 ]EPEPME ;u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3YU9 }t1j6vY& t%u9 m& tEPujuu]jG9 0 u,h xWjE h`hPjj9 hHWjj}ELP}E}EJ} EN`EJNPEJN@EJN,E"!JM9 }sj`GjEu9 Y& h xhj
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 ]9 U9 QQVJ9 & F9 V\W9 }9 S99t9 k;rk;s99u9 3& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 Mh3Rl9 E<+EHM=:E }UPuD3& tCjjMLME^M ERM@E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 P3E: T9v& \PM0 ]4j\ME&M9 HhM;u"33EPM: "P0 EuME+WEu$3ME+M\*9 >9 p9 =jE,PM0MEJ#& & hMW'& & hMB'& & EtrjE,PM [0M E"& uO9 & vIH0 & \PM3E,PME2SVE9 0 eP9 39 M-ME *M p& \PMc3E,PMEt2& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 S3~T~u3=hu9lu@T~P~u d=hu3@9lt3P~L~u9=h@L~d~u =hr3@9ls3d~U9 QVWh@9 3;u3Gh W<;t.MQVVu0 u& |9utu9 Meu3F(& W89 _^U9 30 EV9 u3QPPh( P0 & @j9 & }h|9 & PHi9 M9 3^U9 30 EV9 u3QPPh& P0 & @j9 & }h|9 & Ph9 M9 3^j(5D&eMC3CM0 ]YEPhLhh MEG& u9 Mjh|9 hj\M]9 uj/M]9 ta}t(VjEPMm9 MPEiMENbM+HPFVEPMPmPMEiMEb9 MEPfkM0 ]]bMEB9 EU`j(D3WEHP0 }X3CMH0 ]BZj& t9 Mlh|9 g0 ]XhMqgM`E6BMECaEPMEXP VM`L;u9 Mljh|9 'g0 ]X#M0XMEXME! ;0 ED0 }\}u\EPMGnPM0E& hME`M0jY& & EPM (jM0E+XPM 4iEPhpM XPVM`9 E& t8jMHWPM[0 E@tMMH9 +;}@ RM EY`E\9 E\;EDR59 Mljh|9 f0 ]XME,`M0E `MEjeM`E@M]_MHE_9 El9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 x3x9 mj0hP"!'9 30 };u0 ] 3EPhwEPu& & t 9]tu;tWuEjP";& O9 MLmPh(h'j6*59 D$V9 0 & t9 PQ9 ^V9 V& }P|$jXf0 u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[\judM9 MHEPE P0 uM Eh& tM EMM9 xMMXE\MLEavMLE}0 ETjEPM PuTMXHMFM0 EPERh9 ]l3@;E|9 PM79 }h& tl3& ~f9 & tZjPM8M8E& u3j_KY9 0 MlE& tE8PQ3PE8PMEM8EF;|a39uP~}VE8PMM8E9& uNEdPE8PM& uM8PM PuTMXE8PM0 Ed& t9 j9 M8EVF;uP|E0PM349 Md9 & t+j PM PuTMX& t3G9 j9 EdPE0PM & u3VM}M;t9 MHVV5p&ME! mMLE}tMXEcME3Fj O9 EPy~9 }eWE9 0 eP9 & uMMR3ZP9 & uhh9 9 h|9 h9 9 "!3& tMM9 FjN&Oee9 uVQeh9 Ehx9 9 OjN9 & t3@OEP9 eM& tMMe9 MMEsME'|9 EPhM PVM& uE9 uMErME9 j}'N9 EPn" eM^& & MvME{rME {9 EPh8MPVMGEM& t(9 uErME+MMi9 qN rME9 9 SVW9 j9 ~NY9 9 +#3;x_^[9 Vt$9 & u3-9 L$hot$9 & t9 +9 L$0 3@^j&LeEP3FM0 u2& t9 Mjh|9 vDhMhMhMK9 MPM:9 MEPM0 uEE9 ELMj&eLeEP)3FM0 u& t9 Mjh|9 DhMihM\hM9 M5PM9 MEPM0 uE9 ELj&KeEP3FM0 u& t9 Mjh|9 BDhMhMhM9 M: PM9 MEPwM0 uE9 ELV9 & t3@^9 ^SW9 9 & u9 W3VjLY9 9 +3;x^9 _[VW9 {9 9 Gj9 Kk<Y+3;x_^9 j4J9 MHE3P9 0 ]PMEM]@M& tMM(9 MEP9 EM; hMSPMhMM`EPMEM;uMjhMEPEP9 E.MEMEEM]v3C:ME&EP9 9 EP9 wS9 }Jk<+;YM]-MM!3]MM3@Jj(J+IeuEP83CM0 ][& t9 Mjhx0 ]M METMEYmMEuv9 EPhHMPVM\9 M& tEPjh0M0 ]EmMEM].ME"9 E)Ij}BH9 & t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[\judMMHEPE PuM EhtM EMMMMXE\MLEavMLE}ETjEPM PuTMXHMFMEPEh]l3@;E|PM7}htl3~ftZjPM8M8Eu3j_KYMlEtE8PQ3PE8PMEM8EF;|39uP~}VE8PMM8E9uNEdPE8PMuM8PM PuTMXE8PMEdtjM8EVF;uP|E0PM34Mdt+jPM PuTMXt3GjEdPE0PMu3VM}M;tMHVV5p&MEmMLE}tMXEcME3FjOEPy}eWEePuMMR3ZPuhhh|h3tMMFjN&OeeuVQehEhxOjNt3@OEPeMtMMeMMEsME'|EPhMPVMuEuMErMEj}'NEPneM^MvME{rME{EPh8MPVMGEMt(uErME+MMiqN rMESVWj~NY+#3;_^[Vt$u3-L$hot$t+L$3@^j&LeEP3FMu2tMjh|vDhMhMhMKMPM:MEPMuEEELMj&eLeEP)3FMutMjh|DhMihM\hMM5PMMEPMuEELj&KeEP3FMutMjh|BDhMhMhMMPMMEPwMuEELVt3@^^SWuW3VjLY+3;^_[VW{GjKk<Y+3;_^j4JMHE3P]PMEM]@MtMM(MEPEM;hMSPMhMMEPMEM;uMjhMEPEPE.MEMEEM]v3C:ME&EPEPwSJk<+;YM]-MM!3]MM3@Jj(J+IeuEP83CM][tMjh]MMETMEYmMEuvEPhHMPVM\MtEPjh0M]EmMEM].ME"E)Ij}BHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[]UQQVJFV\W}S99tk;rk;s99u3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[`j\69 EPK3M0 ];ME/SMESEPE9 0 ePE M ; \M & & LuEPEP9 R; 2Ml& & "9 M\& & VhPMa9 MEdM9 dM;v4E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[`j\6EPK3M];ME/SMESEPEePEM;\MLuEPEP;2Ml"M\VhPMMEdMdM;v4E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[`MnR9 }lPh9 MVRPh9 qMARPh9 \M4,RPh9 GMRPh9 2Sh9 lM 9 Ph|9 9uhuMD9 Ph\9 9uptSj8Y0 EpE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[`Mn}lPhMVPhqMAPh\M4,PhGMPh2ShlM Ph|9uhuMDPh\9uptSj8YEpE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[d9 MlE0P$iM 0 ]XE_ j$_eEP3CM0 ]X& t9 Mjh|9 ^e0 ]jj\MZ9 u!j/MZ9 u9 MPh|9 )eM+HPFVEPMMj9 MEPExhM0 ]]_ME_9 EUl$ 30 & jHD=H~& 0 W& u!H~zeeM! U3ECPM]EPEPME EPMExb& t80 H~ME[^M]P^MED^M9 MV& uVEPMogVMEeMiUPMeEPMbEM& t0 H~]l]EPEPE& tAEPMgVMEveEPMjeEPMaEM& u t]%H~MEa]M]V]MEJ]MH~9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[dj x)9 9 }& u3@9 $o
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[djx)}u3@$o
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[dMlE0P$iM ]XE_j$_eEP3CM]XtMjh|^e]jj\MZu!j/MZuMPh|)eM+HPFVEPMMjMEPExhM]]_ME_EUl$3jHD=H~Wu!H~zeeMU3ECPM]EPEPMEEPMEbt8H~ME[^M]P^MED^MMVuVEPMogVMEeMiUPMeEPMbEMtH~]l]EPEPEtAEPMgVMEveEPMjeEPMaEMut]%H~MEa]M]V]MEJ]MH~Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[HU9 D 30 EVE9 Pv 9 jP9 RPEPv 9 M33^_jdj(9 9 N3;t{Wjg9 NWjm9 NWji&9}tXWWMu*jjgM0 }n+EPEPM8;t9 E9 N0 E9 E0 EWEP0 }0 }EVMM`* jj5qjdj(%9 9 N3; WS:9 NWhR9 NWhj9}tWWWM)jSM0 }*EPEPML7;t9 E9 N0 E9 E0 EWEP0 }0 }`UMM)ejj5qV9 }D$tVeY9 ^V9 BfPfTh9 ^j(.9 0 uh9 NPe& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hU9 Qe99 Mjthh(9 EU9 Qe99 Mjthh(9 EU9 Qe99 Mjth8hP 9 Ej`%50 M9 M}M0 E]
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[HUD3EVEPvjPRPEPvM33^_jdj(N3;t{WjgNWjmNWji&9}tXWWMu*jjgM}n+EPEPM8;tENEEEWEP}}EVMM* jj5qjdj(%N3;WS:NWhRNWhj9}tWWWM)jSM}*EPEPML7;tENEEEWEP}}UMM)ejj5qVD$tVeY^VBfPfTh^j(.uhNPet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hUlhLulMxMTWedEE@@udMT3}`;YE Ph\M ]3tP/E/tE6EPME4EPGEPEPPN4E,>ME6ME6hM 3EPE.MED6t(EP\$PE=ME6,$Vexjh`;{uj-j. 3hTM k2EX;h]\YExE;t{eh}XEuhE0PM0E-M0h\1EPJME-u7MlEPMlEPdPPKhEs<dM+EPexjhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hUlhxL9 0 ul9 Mx9 0 MT& WedE0 E@& @ud9 MT9 30 }`; YE P9 h\: M 0 ]3& & tP9 /9 E /9 tE6 EP9 ME4EP9 GEPEP9 PN4E,>ME 6ME6 hM 3& E P9 `9 E.9 M ED6 t(E P9 \$P9 E=M E6,$V9 0 exjh`;9 {& uj9 -9 j.& & 9 3hTM k2& 9 S0 EX; h0 ]\Y0 ExE;t9 {9 eh}XE uh9 9 & E0P9 M0E-M0& & h\: 1& EP9 JMES-& u79 MlEP 9 MlEP& dPPKhEs<dM+EP9 0 exjhE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hUQe9Mjthh(EUQe9Mjthh(EUQe9Mjth8hPEj`%5MM}ME]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ljt6` 9 ej8& 9 9 & & u<& 99 3l0 H0 H0 H0 Hl9 I& tQ\ 9 D$V9 ~0 F9 D$0 F9 D$0 FuX 0 F39F^" U9 0V9 ~u3dj0EjP`9 E9 ME0E0 E9 M0 E`}0 EtEveP MQjPvT ^U9 0V9 ~u3>j0EjP2`vE0EEP MQjPvT ^V9 vD vH 9 D$jv(jt$t$PvL ^V9 D$tVY9 ^% % % %L& %H& 9 D$Pt$t$ 9 D$Pt$t$" V9 30 F0 F0 F 9 ^U9 Q`MS3;}=}GV9 5 SSjEPSuM]& 3#W3f0 Ej}fEPjEPSuf9 E_^[9 A9 D$;Ar39 If9 A9 D$;As9 If9 T$f0 AV9 9 F& u!F^PY0 F^VW39 9 F9|$t;tPY0 ~0 ~;t9 NQWPS0 ~_^9 D$V9 W;Fr~@3j0 FZ9Nu%Q9 NQjP0 F
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[ljt6ej8u<93lHHHHlItQ\D$V~FD$FD$FuXF39F^U0V~u3dj0EjPEME0EEME`}EtEvePMQjPvT^U0V~u3>j0EjP2vE0EEPMQjPvT^VvDvHD$jv(jt$t$PvL^VD$tVY^%%%%L%HD$Pt$t$D$Pt$t$V3FFF^UQMS3;}=}GV5SSjEPSuM]3#W3fEj}fEPjEPSufE_^[AD$;Ar3IfAD$;AsIfT$fAVFu!F^PYF^VW3F9|$t;tPY~~;tNQWPS~_^D$VW;Fr~@3jFZ9Nu%QNQjPF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[Mh3RlE<+EHM=:E }UPuD3tCjjMLME^M ERM@E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[P3ET9v\PM]4j\ME&MHhM;u"33EPM"PEuME+WEu$3ME+M\*>p=jE,PM0MEJ#hMW'hMB'EtrjE,PM[0ME"uOvIH\PM3E,PME2SVEeP3M-ME *Mp\PMc3E,PMEt2t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pM ME^MERMEFM8E:M ESE P9 EMx0 El; SSEHPM0 ]l; M9 0 Mh; " hxO9 ;u\3M E=M8EMEMEMEM]MMH9 EXP9 PME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pMb+MlE=MdEBMdE^0 E\EPMH"Pu\Ml};u(MdEMlEM]R0jM" 0 E`;u83MdEMlEM]S0MMH*9 1M(!ME!ME*MEER)jME"!(9]`0 ]h}uhEPM7PM(E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pMb+MlE=MdEBMdE^E\EPMH"Pu\Ml;u(MdEMlEM]0jME`;u83MdEMlEM]S0MMH*1M(!ME!ME*MEE)jME(9]`]huhEPM7PM(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pMME^MERMEFM8E:M ESE PEMEl;SSEHPM]l;MMh;hxO;u\3M E=M8EMEMEMEM]MMHEXPPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[t9 D$& txu9 0 9 PR\3U9 Q9 Mejh 9 $59 Ej.l9 j z~Y9 0 Me& tj3Pj5(v0V9 ND$tV%Y9 ^l$vl$9 vl$ul$! vl$mvl$-l$Vvl$ul$ Rvl$8vl$P! ul$zul$Xvl$
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[tD$txuPR\3UQMejh$5Ej.lj zYMetj3Pj5(v0VND$tV%Y^l$vl$vl$ul$vl$mvl$-l$Vvl$ul$ Rvl$8vl$Pul$zul$Xvl$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ThxE P9 ^h\E0P9 EJ9 u`P9 E2M0E*+9 0 "PM "PhWjihM ~'& h9 9 0 M`& e\0 EP& }u\9 M`9 & & hSE0P9 hE@P9 E~hRM0E'& t4M@"& u(E@P}1M@!Ph`Wj: M@E**M0E*E\9 E\;EPRWM E)3FHV9 (D$tVY9 ^V9 TaD$tVxY9 ^j ~9 39} : 9} Wh{h{Wu9 ;tu9 MhK;t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[ThxE P^h\E0PEJu`PE2M0E*+"PM "PhWjihM 'hM`e\EPu\M`hE0PhE@PE~hM0E't4M@"u(E@P1M@!Ph`WjM@E**M0E*E\E\;EPWM E)3FHV(D$tVY^VTD$tVY^j39}9}Wh{h{Wu;tuMhK;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[tu\9 M`h*j>9 E& t9 VP9 5EP9 EXE& t9 PQME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[tu\M`h*j>EtVP5EPEXEtPQME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[x3xmj0hP'3};u]3EPhwEPut 9]tu;tWuEjP";OMLmPh(h'j6*5D$VtPQ^VV}P|$jXfu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XM3CM0 ]ZEPu`ME& u3M]VMM9 M$MEM4EWhMDEE$PEDPE.YYMDEWh`MDEPEDPEYYMDEWhMD E4PEDPEYYMDE: MT@MTEDu`N0 h}N$X|9 W}GWNH>EPN
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[XM3CM]ZEPu`MEu3M]VMMM$MEM4EWhMDEE$PEDPE.YYMDEWh`MDEPEDPEYYMDEWhMDE4PEDPEYYMDEMT@MTEDu`NhN$X|WGWNH>EPN
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y__^[9 ]Q9 M3 9 M3w9 U9 ]%9 U9 QQEP 9 E9 Mj *h !NbQPN^& |=v0 E9 M& t0 9 ``U9 U9 S9 ]VW9 U9 & t&P9 FV&YY0 G& t3VPB/gG9 _^[]9 U9 9 9 MU9 `0 H]9 U9 S9 ]V9 U9 C0 F& 9 CWt1& t'P& 9 GW %YY0 F& tsWP.f0 F_9 ^[]yUtq{$Y9 A& uU9 U9 VEP9 V9 ^]9 U9 Vu9 RV9 ^]V 9 U9 VEP9 V9 ^]9 U9 Vu9 V9 ^]9 U9 Vu9 V9 ^]9 U9 Vu9 V9 ^]V9 U9 V9
Ansi based on Dropped File
(~WRD0000.doc)
Y__^[9 ]Q9 U9 S9 ]V9 s35 W9 EE{t
Ansi based on Dropped File
(~WRD0000.doc)
Y__^[]QM3M3wU]%UQQEPEMj*h!NbQPN^|=vEMt``UUS]VWUt&PFV&YYGt3VPB/gG_^[]UMU`H]US]VUCFCWt1t'PGW%YYFtsWP.fF_^[]yUtq{$YAuUUVEPV^]UVuRV^]VUVEPV^]UVuV^]UVu V^]UVu V^]VUV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y__^[]QUS]Vs35WEE{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YEEPjh2Eu}_tPE@PR3@^[jP*z/E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YEPjh2EEu}_^[U9 hSV39 9uu3fWj@EVP:j(EVP:9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
YEPjh2EEu}_^[UhSV39uu3fWj@EVP:j(EVP:Ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Yjj j ! 0 Mh xSj*}up9 u& tiMhleEP9 9 u9 W& uhHSj)MMMu4EPEP}MM,u3@h Sj|)3jL89 9 u3; 9~ 9 N9 Pl& MkEPV9 0 }&; M7m& & WhxthtWv9 & t{9 FVPM EPEP9 MQ9 w tJEPM}0 }EPME>EPEP9 EMEtMEtMMtU9 VuEP9 VvMEPM tuEP9 /^jL9 M~j9 }eEPW9 & Ml& u|EPEP9 9 FVPMaEPM` tJEPM|0 }EPME'EPEP9 EMEsMErMMrj$9 uEPl9 FVPMEPM9 } u9 MGPt t=uM{eeEPWuEP9 9 9 @M0 MM0 E`rM _j0x9 0 ue6mY5U9 VuEP9 zeEPuuuuWuEu9 uuP9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^jD9 r2hRM\eEPM(\h\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
Yjjj MhSj*}uputiMhleEPuWuhHSj)MMMu4EPEPMM,u3@h Sj|)3jL8u3;9~NPlMkEPV}&;M7mWhxthtWvt{FVPMEPEPMQwtJEPM}}EPME>EPEPEMEtMEtMMtUVuEPVvMEPMtuEP/^jLM~j}eEPWMlu|EPEPFVPMaEPM`tJEPM|}EPME'EPEPEMEsMErMMrj$uEPlFVPMEPM}uMGPtt=uM{eeEPWuEP@MMME`rM_j0xue6mY5UVuEPzeEPuuuuWuEuuuPE^UVVvMFV0MuEuuuPvffY^jDr2hM\eEPM(\h\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YM0GP;Y|RLE9u|u>3MEOMEO$Et|}f3Ft$3VD$tVY^UQeVEPvtFE^UQeVEPvtFE^j{duN0h1EE3FE}F~ ~$~,~(~?FF^H~@FD~ah10zNj[3EPN0}~,~(UMM~~@~ ~$=NGD$Vf,jN0F(Ef@f f$F^Vt$N_tP^VjN0ED$f,f(F@D$FFFD^VWN03)Fu9~t!9~,t~t9~(t~t9~@t~u3G_^D$AD$AUQ3;U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YM9 0GP;Y|RLE9u|& u>3MEOME" O$Et|0 }f9 9 3Ft$3& ~9 V9 D$tVY9 ^U9 QeVE9 Pv& t0 F9 E^U9 QeVE9 Pv& t0 F9 E^j{d9 0 uN0h1E9 E30 F9 E0 }0 F0 ~ 0 ~$0 ~,0 ~(0 ~?F0 F^H0 ~@FD0 ~9 ~ah10zNj[9 3EPN00 }0 ~,0 ~(UMM0 ~0 ~@0 ~ 0 ~$=NG9 D$V9 f,jN00 F(Ef@f f$F^Vt$9 9 N_& tP9 ^V9 jN0}E9 D$f,f(0 F@9 D$FF0 FD^V9 WN03)F& u9~t!9~,t~t9~(t~t9~@t~u3G9 _^9 D$0 A9 D$0 AU9 9 Q3;0 U
Ansi based on Dropped File
(~WRD0000.doc)
YM\& uM\PMhx & (P9 (}PM\E(E
Ansi based on Dropped File
(~WRD0000.doc)
YM\uM\PMhx(P(}PM\E(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YME;t"vESjuuuPuh3uP]P3Cj@MuE3PM]_rMERt#3M])ZMM%;t^hLYME;t"vESjSuuPuhS3uEFaSVSP3Fnjl+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YP& uP0 E0 ]9]t9 M0 ME9 ESu5Yjh FbS9 M3;v.jX3;E@uoWWWWW13M9 0 u;u3F30 ]wi=|uK0 u9 E;lw7jnY0 }utY0 EE_9 ];tuWSL5;uaVj54$ 9 ;uL9=St3V]`Y& & r9 E; PE39 ujY;u
Ansi based on Dropped File
(~WRD0000.doc)
YPuPE]9]tMMEESu5Yjh FbSM3;v.jX3;E@uoWWWWW13Mu;u3F3]wi=|uKuE;lw7jnY}utYEE_];tuWSL5;uaVj54$;uL9=t3V]YrE;PE3ujY;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yTMST$BJ3w3wyMUMTMTMMMMMMT$BJ3:w[yMTMTMMT$BJ3w(yMTT$BJ3v8yMMZMNTMFTM>TM6TM.TM;MMTMLMMTT$BJ3iv\xMLT$BJ3FvgxT$BJ3+v@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yu9 Q9 R9QuSQ SQ 9 L$0 K0 C0 kUQPXY]Y[9 U9 SVWse=9 & }hg 9 & *9 5<hgW& P:s$gWP%s$RgWPs$pgWPrY& thXgWPrY;tO9tGPAs59 4sYY9 & t,& t(& tMQjMQjP& tEuM 9;t0PrY& t%0 E& t;tPrY& tu0 E5rY& tuuuu3_^[9 U9 9 MV3;|~u ( 0
Ansi based on Dropped File
(~WRD0000.doc)
YUEDP]jhFEM3}jYubjeY}}@<4u;Fu\~u9j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yuQR9QuSQSQL$KCkUQPXY]Y[USVWse=hg*5<hgWP:s$gWP%s$gWPs$pgWPrYthXgWPrY;tO9tGPAs54sYYt,t(tMQjMQjPtEuM 9;t0PrYt%Et;tPrYtuE5rYtuuuu3_^[UMV3;|~u(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YUS3SMkr8u88]tEMap<u8uE@88]tE`p[U 3ES]VuWd3};u3u39pE0=rpdPREPW3hCVPZa3B{s9U}uFhCVPaMk0uu*Ft(>ElD;FG;v}FF>uuE}ur{CgjCCtZf1Af0A@@JuL@;vFF~4C@IuCCSs3{958XM_^3[OjhE}Mp}_huuE;CWh YFwh#SuYYEuvhuFh=@tPU{Y^hS=Fpdj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYH& w& tAJu9 39 9 9 3}9 ! "[9 _^]t$t$YYt$pY9 D$3;t19 H;t*V0 P0 P0 P9 qR0 1P9 @p 3^jXV9 t$& t09 F& t)~$t#9 @& tVPaYYvv(V$fYY3^jX^V9 t$W3;ujX 0 ~9~ u
Ansi based on Dropped File
(~WRD0000.doc)
YYHwtAJu33}"[_^]t$t$YYt$pYD$3;t1H;t*VPPPqR1P@p3^jXVt$t0Ft)~$t#@tVPaYYvv(V$fYY3^jX^Vt$W3;ujX~9~ u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYHYYYYYYYYY(0%=V#YYYYYYYYII GYYYYYYYS"5/WYYYYYY&+YYYYYYDQ-),RP*YYYYYY@9U6G8F1MYYYYYY>?3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y}0f0fV0fF0fV[00fFfV3_^UVuW3;t9}w8OjYWWWWW|3}fsOj"SEPPEj:ZfV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y}9 "!0f0 0f0 V9 "!0f0 F0f0 V9 "![00f0 Ff0 V3_^9 U9 V9 uW3;t9}w8OjYWWWWW9 0 9 |3}f0 sOj"SEPP Ej:Zf0 V
Ansi based on Dropped File
(~WRD0000.doc)
Y}uF+49 0 u}uyG+j@j YY0 E& ta0 9 ;s@@
Ansi based on Dropped File
(~WRD0000.doc)
Y}uF+4u}uyG+j@j YYEta ;s@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z'M>: SmmYxxmWebDispatcherRefreshDebugDownloadWebDispacherRegMonitorThreadPoolSingletonUnloadingLoadingSBrowserProcessSpecialHTTPRegistryInfo_LowInfo_MedInfo_HighGeneralWarningErrorCritical] [Ln:)[TID:][EndLogger--== Logger finished ==--
Ansi based on Dropped File
(~WRD0000.doc)
Z'M>SmmYmWebDispatcherRefreshDebugDownloadWebDispacherRegMonitorThreadPoolSingletonUnloadingLoadingSBrowserProcessSpecialHTTPRegistryInfo_LowInfo_MedInfo_HighGeneralWarningErrorCritical] [Ln:)[TID:][EndLogger--== Logger finished ==--
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z0! l.:gP`b;W39,LA@" 6L AD`Q B& m@AFE H8p`( 0cL R;GIF89a\|}x "!tG ~9 ~ Sx R!\, \\ Y
Ansi based on Dropped File
(~WRD0000.doc)
Z0l.:gP`b;W39,LA@6LAD`Q Bm@AFEH8p`(0cLR;GIF89a\|}tG~!\,\\Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z7}EK7}E<79 }9 ! 0 GxPNxE
Ansi based on Dropped File
(~WRD0000.doc)
ZJ9 M<& uEP}KMEPDMEDD9 MhEP2P9 EKMED9 MhaEPPMEKMECMh<& uEP9 `K^h9 O<& t-9 E8t P9 <K9 .<& thx9 E9 E8uNx<& t& t9 j9 3D9 ;& u!~hh9 GE9 :P9 #K9 }TV9 9 S"!3FME%CMMQ9 !j.I:9 0 uN9eN9N$E9N4E9NHE9NXE 9NhE9NxE|9}Em9}E^9}EO9}E
Ansi based on Dropped File
(~WRD0000.doc)
ZJM<uEPKMEPDMEDDMhEP2PEKMEDMhEPPMEKMECMh<uEP`K^hO<t-E8tP<K.<thxEE8uNx<ttj3D;u!hhGE:P#K}TV3FME%CMMQ!j.I:uN9eN9N$E9N4E9NHE9NXE9NhE9NxE|9Em9E^9EO9E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
{1D3B35E5-93C0-490d-90CA-153E78A17FF2}
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{3c471948-f874-49f5-b338-4f214a2ee0b1}
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{r@daa z r"{Sd>]xgY1~ *!!
Ansi based on Dropped File
(~WRD0000.doc)
{r@dzr"{d>]gY1*!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
},~FME,MM\9 dVj\}U0 MMeMyME9 Me0 ExJ& Ku9 M0 E& !9 MPEP ~MEb& & M jEPME!PuM}M& J30 E& }eWEPM9 MEPEPE& ufhNY9 0 ME& t:9 3uNEEPN9 MVs& t9 M9 VURP& t9 j9 MEG;}R[ME7ME9 ME.I9E MEyxMM_3@TVt$9 t$& tt$9 t$)^j8NS0 M39]tQ9]tL9]~GjuM&9 MEPEP0 ]ME& t!M]MM3TMMEMEwME 39]9 ~N9 E9 ;t>PMM;& u)SMPMPWM`9 MSEPF;u|ME;wMEkMEM]TMMH3@2UXj(gR0 MH39udu39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
},~FME,MM\dVj\}UMMeMyMEMeExJKuME!MPEPMEbMjEPME!PuM}MJ3EeWEPMMEPEPEufhNYMEt:3uNEEPNMVstMVURPtjMEG;}[ME7MEME.I9EMEyxMM_3@TVt$t$tt$t$)^j8NSM39]tQ9]tL9]~GjuM&MEPEP]MEt!M]MM3TMMEMEwME39]~NE;t>PMM;u)SMPMPWMMSEPF;u|ME;wMEkMEM]TMMH3@2UXj(gRMH39udu3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}0 } N}E,k}},jxXE0 0 S0 0 N$0 F(0 0 0 }0 kj9 0 }9 j)9 0 u }Es}EM9 =B>9 j.9 j4Y9 0 M30 E;tP0 F8`VW9 vR 9 W& tVj5PxW_^|$V9 u9 jP9 9 ^j)/9 9 3; %H4ck& & 9 ];
Ansi based on Dropped File
(~WRD0000.doc)
}9 0 uMExMEqj}M{EP eM & tMM3{M}ME xME9 EPhMPVMh& u*3ME^xMEDMM 9 9 ujzEPeM& u[Pa{YM9 ME~MEVhM9 PWMME~MEMMzjzEP[eMK& t3MM9 zMOMET~MEpuMh9 PVMbM9 E$~ME
Ansi based on Dropped File
(~WRD0000.doc)
}</script></head>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
}a: s$!! "!"
Ansi based on Dropped File
(~WRD0000.doc)
}E aflfp9 aLj 0 :K9 0 uh@aMEfM\afeN0 M,e0 E& ~[u9 Mha9 & t?EP7^9 j& t9 M& t9 P9 j79 PW2LY9 Mju9aE9 E;E|E~P9 pb9 M& t9 PeEPEP9 b& u9 j9 P}E`NtEeNPEe9 Ek9 MMn`hKj:J@aVMe\at& t}tMM" e3RMM& euavhVM9 Pe& uM9 G$3& M9 MLe& t9 9 P9 JjiIh@aMeM=\aMteeuauk! JjiIh@aMdM=\aMtddj0 CY9 M0 P"!e4JU9 Qh@aMmdM\axd a9 `j;I9 9 E HtwHtRHt0H& hBY9 0 ME& " :jdBY9 0 ME& ts4nhBY9 0 ME& tQ\PL~tYhBY9 0 ME& t)v!hjBY9 0 Me& tX 3M& tPu2YYHV9 dD$tVIY9 ^V9 6D$tVHY9 ^D$V9 tVHY9 ^jE;G9 0 u^@9 ,^3N\0 }^NxE^ME0 ~0 ~0 ~,MEM0 F$N\0 F(9 j0 ~0 ~00 ~40 ~8P9 j9 PNx9 jPM0 0 ~0 ~<0 ~E9 GU9 Vq\9 /& ~HEP9 `^e9 M& t9 jP9 M& t9 jEPEP9 t^& u9 j9 P^U9 QeS9 ]EPS\f& tF9 M& t?VW+tNu19 }& t*9 7
Ansi based on Dropped File
(~WRD0000.doc)
}e'EPuuuuhLMmu;hM=Ph|@VjMM3@hxVjMM3j M39=@t3}=;tuuuu>EuXuuuh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}K>se7efWlt_jc@uzNPrQj>x]tkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkXkkkkkkkkkkkkh!N!RkkkkkkkkkO[FE4#OkkkkkkkWJVTL!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}K>sSe7xe SRfWlxt`_x" j ac@uxz `0 NPrQj~>x]t SkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkXkkkkkkkkkkkkh!N!RkkkkkkkkkO[FE4#OkkkkkkkWJVTL!
Ansi based on Dropped File
(~WRD0000.doc)
}NE,k,jxXEN$F(kj}j)uEsEM=B>j.j4YM3E;tPF8`VWvWtVj5PW_^|$VujP^j)/3;%H4ck];
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}pAtjj9 M`Xu\h*Px9 E`e9 ET@P0 Ep9 ET@PjupY9 EX9 URuTupPQM:u9 KupEUbPM[<ME\E :9 VEPEP9 EXE& t9 PQ39 E\u\hDh,PME
Ansi based on Dropped File
(~WRD0000.doc)
}pAtjjM`Xu\h*PE`eET@PEpET@PjupYEXURuTupPQM:uKupEUbPM[<ME\E:VEPEPEXEtPQ3E\u\hDh,PME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t }tt}tE(E,EPPYEYEPEPUh}EM $]ED;ED;EEhMPE,YYtE|G;ErL$EUt:HPPQ EY$t7HPPQY}t8GOOPvY]tSkYh0VuFP~8_^3[eD$ 3!,fHL$u9t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t"QPuR$WuhWuh}tQPuR ugWuhoWuhEE]Et,EPu<MEQPuSuR(uuuWu_^[UVVu0u,u(u$u uuuuuuFu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}T+9 ij[$ 9 0 ue}C+M9 "2|$t1U9 $SVWu9 uu(}0 MN30 E; h 3FVW9 Pu0 Eu0 E0 } t0 u9}0 }~Zu9 M*9 0 u;t;WEP9 & t+9}t9 E9 M0 M0 E9 9 MW9 uuP<3E9 E;E|uuu_^[V9 D$tVVY9 ^Vj9 x<h9 ^j$$%9 h0Y9 0 M30 E;t@MM0 Fx" jhME& EPEPEVYYME`~jjjjE9 0 eP9 Nj9 NhMMN~X9 I& tV9 h;D$tV_Y9 ^j/B9 0 u eN N E N0E f@FD9 j`$9 39}u39 E9 H+9 p0 ME+p]0 uE5 E
Ansi based on Dropped File
(~WRD0000.doc)
}twtjVetWuSV_^[j;=FE3HHHHHt[Ht0Hh\"@YME3h\?YMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t} }t} t} }t}9 E0 (9 E0 ,9 EPPY0 EYEPEP0 Uh }9 E9 M0 0 }0 0 }0 0 }$ 9 ]`E`D;ED;0 EEhSMPE,~YY& t9 E|G;ErL9 9 $ EUt:HPPQ0 `EY0 $ t7HPPQY0 0 }t8GOOPvY0 0 9 ]& tSkYh0V9 uFP~9 & 0 89 _^3[e9 D$ 3!,f0 H9 L$& u9t
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+0 G9 F8& tSQv<0 F<0 G0& tSuuIS]]9 E0 G9 E_0 F09 E^[U9 9 Ejjp(P & t`M H`MH9 M0 H9 M0 H]t$9 D$p(P$YY9 D$SV9 t$3W;t9 N<0 9 9 |$tuvw(W$YY>uWvYY9 F(0 F40 F09 F80 0 ^0 ^ ;tSSS0 F<0 G0_^[V9 t$Wj@jv(V 9 & u3ohjv(V 0 G$& uWv(V$YYS9 \$Sjv(V 0 G(& uw$v(V$Wv(V$3'j0 G,9 D$VW0 G89 [_^V9 t$W9 |$jVWw(v(V$w$v(V$Wv(V$$_3^Ul$9 MX3VW9 }\0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U9 9 D& Nu9}u9 El0 9 Ep0 39 Ep9 8S3Cj0 }L9 ^9TuA;v0 MH;s0 ML9TuNu0 u49uLv0 uL9 }L0 8
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+0 G9 F8& tSQv<0 F<0 G0& tSuuS]]9 F,9Eub9 N(0 M9F4u0 N49 ^49 G+;v9 & t
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+GF8tSQv<F<G0tSuu]]F,9EubN(M9F4uN4^4G+;vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}ue_+GF8tSQv<F<G0tSuuI]]EGE_F0E^[UEjjp(P tM HMHMHMH]t$D$p(P$YYD$SVt$3W;tN<|$tuvw(W$YY>uWvYYF(F4F0F8^^ ;tSSSF<G0_^[Vt$Wj@jv(V u3ohjv(V G$uWv(V$YYS\$Sjv(V G(uw$v(V$Wv(V$3'jG,D$VWG8[_^Vt$W|$jVWw(v(V$w$v(V$Wv(V$$_3^Ul$MX3VW}\UUUUUUUUUUUUUUUUDNu9}uElEp3Ep8S3Cj}L^9TuA;vMH;sML9TuNuu49uLvuL}L8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}uMEMEqj}M{EPeMtMM3{MMEMEEPhMPVMhu*3ME^MEDMMujzEPeMu[P{YMMEMEVhMPWMMEMEMMzjzEP[eMKt3MMzMOMETMEpuMhPVMbME$ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}WSV^[_D$PPE.D$PPB.t$D$hrPUVu~t*MjEPvMu04M:3^]0D$j@jP73j,f}uNjuMVeMMuMMMQ3@MC3K-f}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}}0EPEP.EYYuuEuuE+EMFEFEF_^3[#U|3EEV3EEW3EGE3Eu}uuuuuuu9u$uVVVVV#/3UjU^f tftf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}~9 E& ~9E0 E9 <EEEEju9 u^9 PV9 v& t9 D$\9 0 P^V9 v& t3 P9 0 Q9 ^LtjSU9 V9 u9 uuuu3^]|$ V9 ut$9 t$]+^|$V9 uLtj/St$9 t$t$"!^U9 QQeeVEPEP9
Ansi based on Dropped File
(~WRD0000.doc)
}~E~9EE<EEEEjuu^PVvtD$\P^Vvt3P9Q^LtjUVuuuuu3^]|$ Vut$t$]+^|$VuLtj/St$t$t$^UQQeeVEPEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~"#x G7{*c';s! 62tn];{Ee=kV! #-3HKk|x 5 &]" w/~8Y: 0 0U00U 0DU=0;0975 3http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0DU =0;09` H E0*0(+https://www.verisign.com/rpa0U%0
Ansi based on Dropped File
(~WRD0000.doc)
~"#xG7{*c';s62tn];{Ee=kV#-3HKk|5&]w/8Y:00U00U0DU=0;09753http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0DU =0;09`HE0*0(+https://www.verisign.com/rpa0U%0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~333u%t%uu^_[3B:t6t:t't:tt:tt^_B[B^_[B^_[B^_[L$WSV|$toqtUL$:tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~9 & l l9 h9 T$B9 `d3{9 J3{p}M9 T$B9 J3{}MMM9 T$B9 J3L{m}DT9 T$B9 `@3#{8D}[9 T$B9 `3z9 J3zd}M+M#9 T$B9 J3z9 J3z|M
Ansi based on Dropped File
(~WRD0000.doc)
~9 9 333u%t%u u^_[39 B:t6 t:t' t:t t:t t ^_B[B^_[B^_[B^_[9 L$WSV`9 |$ to`q tU9 9 L$`:t t
Ansi based on Dropped File
(~WRD0000.doc)
~EPEP]]WF EF$E9]tG+F G+GF$EPEPut59]u0]E++E+Ej+N jGjuS'E+Ej+E+ESSv$+v Gv(PQu"+~uE;FEFEEPEP]]X9]u9]uF EF$E9]tG+F G+GF$EPEPv,uuEt(9]u#]E+h +jN juSE+Eh SSu+uE+Eu+GPQuuuu_^[UQSVuWv6uuuEVuEz~jWuu9Et[MEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~llhT$Bd3{J3{p}MT$BJ3{}MMMT$BJ3L{m}DTT$B@3#{8D}[T$B3zJ3zd}M+M#T$BJ3zJ3z|M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~t9 b3@^V9 D$tVD)Y9 ^:3@U9 V9 ~t|ESWtmEP EPv 9 }+~9 ]+^ WSYSSY~7EPv< 9 E9 M9 Uj+Q9 M+RPQvS _[3@^9 D$V9 0 9 P,FXP9 ! 9 D$& u379 L$jPt$0 }H9 0 Ds& tj9 j9
Ansi based on Dropped File
(~WRD0000.doc)
~tb3@^VD$tVD)Y^:3@UV~t|ESWtmEPEPv}+~]+^ WSYSSY~7EPv<EMUj+QM+RPQv_[3@^D$VP,FXPD$u37L$jPt$HDstjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~}D ! hi]Wbge q6lknv+0 ZzJgo}C}`~ 8ROggW?K6H+
Ansi based on Dropped File
(~WRD0000.doc)
! j xR9 uX
Ansi based on Dropped File
(~WRD0000.doc)
! Y9 ^U9 S3W9 9@t3OV89 ;tu9 uuuC99 ju9 uuu49 & t& t& tS9 89 ^_[]j(O& 0 Mu 3M0 ]xPuRuh Vj EPjSuu0 ;t03" PhVAAQQMM9 & 0 ]M9 MEPuEu$9 ;u9 E 9EuEPM & u9M]E;tu$ 3" h
Ansi based on Dropped File
(~WRD0000.doc)
!!0?+?>(a,?79
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ & ! 0 `9 R} " "!a: S~x & ! 0 `9 R} " "!a: S~x
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~ & ! 0 `9 R} " "!a: S~xHH:mm:ssdddd, MMMM dd, yyyyMM/dd/yyPMAMDecemberNovemberOctoberSeptemberAugustJulyJuneAprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSun1#QNAN1#INF1#IND1#SNAN_nextafter_logb_yn_y1_y0frexpfmod_hypot_cabsldexpfabssqrtatan2tanhcoshsinhCONOUT$string too longinvalid string positionIEIsProtectedModeURLgdiplus.dll OsC*0[a`>On4! e J M-P0 %P0 )P0 %P0 %D,3&OP0 P0 Lr?RJ{,@Qm6t 4`#?>0 ;FFFFFFF"hN@Gp S40 S4 #N-+. {29 0FP0 P0 B9 P0 O6#\'G7x? Fd8+O]ahXNW#FajS#\'G7x? F3)6{O>`3)6{O>`yR K :?0 OH RSDS8cCE R d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdbp u uuuup@ u$p@uuuu@p@v$vuXp#@Hv$Xv,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(D|p@wwvtwwwPxlxxy4yyyz ztzzz{T{p{{{4|p@wwtwwp@wwwpBwp@x(x4xwp@xpBwp@xxxxwp@xq@xxxwqBxpBw$q@Py`ytyyxw$q@PyDq@yyyxwDq@yqBxpBwhq@<zLzXzwhq@<zpBwq@zzzwq@zpBwq@{,{8{wq@{pBwq @R{S{{wq@R{p Bwq$@{||wq@{p$BwpBwrP@||||tww}Pxl}r@|,r@|}|tww}PxHr@4}D}P}wHr@4}`r@}}}`r@},rP@|pPBwpPBwHrX@4}pXBw`r\@}tr@ ~~S~wtr@ ~pBw r@~w r@~pBwr@`p|wr@`pBwr r@r@ , sH X ` s@H 4s 4s@ Ts Ts@ ts 08ts@ Sshx Ss@hs s@s s@tL \ d t@L t t@ <t <t@ `t$4@ `t@$xtp R xt@p$put L t@t@, < L t@h x L u@ u & L u@ Hu@,& <& & L xud& t& |& xu@d& u& & & u@& u& 0 uu@& u@L \ 0 uLv| R S Lv@| v ( ! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dpv'@ u&@! '! ! ,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dplv @RSwlv@Rp Bwv v v v v v v $v Pv Xv \v v v v v v `0`8`v@ `vh`x````(9 }v@h`v@````(9 }v@9 9 `(9 }w@D9 T9 (9 }p9 x9 ,w@`9 Xw9 9 9 x9 Xw@9 tw9 RR8R`(9 }tw@9 w@TRdR8R`(9 }wRRSRRRw@RRw@RRRw,uuw@x\l S x@\Hx@S hx@} x$}4}D}`}}x@$}x@|}R}`}}x@}}}x@}}}y@ 0,yL\t`(9 },y@LPy@`(9 }pypy@y@8HHxyx y@xy@z }z@x|}0z\ l t 0z@\ Tz wTz@ pz@ wz, < D z@, zt S w, z@t z@ wz@ wz@, zt {p }{@p ,{@ }H{ }H{@ h{H X h }h{@H { } {@ { " {@ y{H" X" d" " {@H" {@S" " " {" " " {@" |@ , 4|H X ` 4|@H X| X|@ || }||@ S|$ 4 @ S|@$ |p R }|@p |@ |@ }$}@v9 }hx }@hy8@pvu x},{ D}"!$"!4"! }D}@"!d}d"!t"!"!4"! }d}@d"!XpHvXpHvXpHvXpHvXpHvXpHvXpHv XpHv$XpHvPXpHvXXpHv\XpHvXpHvXpHvXpHv|pw|pw|pw|pw|pw|pw|pw |pw$|pwr|r|r|pw,r|,r|}S S(S}@S}XShSpS}@XS`r}}SSS}}@S}}}@~L\d~@LwD9 ,~},~@v`| {S" h~4~D~L~h~@4~~|~R~ ~~@|~~~~~~@~~xx$x~@x~Txdxpx}~@Txxxx@x,xx },@xL8H\4"! }L@8Pyhxt, l L l@ ,D L @Hu,& th y uL @u! u! u! u! u! u! u! u! $u! Pu! Xu! \u! u! u! u! u! P`h@P@ @0 (8Dh0 @(L t hL @th hh @ (h @S XhthS @X h @ (9 } @ @Pd`(9 } @@ (9 }@ X(9 }X@|<L`(9 }|@<SS@wTRwR@HX`@Hx}@ @< 8HP< @8\ `(9 }\ @ x `(9 }x @S (8D S @( t @t 4"! } @ $, @\lt@\44@LL@l4DPll@4 @lSS@ }@L\h}@L @ @4 4DL4 @4T |RLT @|| | @ $4< @$r S @ @& (8 & @d hx d @hR{}
Ansi based on Dropped File
(~WRD0000.doc)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~=SunMonTueWedThuFriSatJanFebMarAprMayJunJulAugSepOctNovDecccsUTF-8UTF-16LEUNICODE IqI`B
Ansi based on Dropped File
(~WRD0000.doc)
!9 +tHtHu!9 #
Ansi based on Dropped File
(~WRD0000.doc)
!: ;x=~`wMi@r8 "!dG@IGGGGG
Ansi based on Dropped File
(~WRD0000.doc)
!hLE?Y9 0 Me& t39 9 EU9 QeEPu@^d& t9 E& u3U9 Vq@9 & ~GEP9 2\e9 M& t9 PD9 M& t9 jPHEPEP9 G\& u9 j9 P^|$V9 u 9 & tP&t$0 ^j@;BD0 Me3}EPq< EP 9 M9 E0 M0 MM0 E0 Ee9 uEPM59 M9 E+E+M9 }9 u+}+u+"!+9 9 +"!j+VEQ]P9 ESpS MMakDV9 v& t9S3jSSvF ^!^#F"jv0 Sjv(v[^V9 v& t3Pjv$F vF!F#F"^9 D$0 A0U9 QQSV9 u9 & tUs& tH9 0 E9 FW9 = 0 EEPs9 E0 9 E0 F9 F0 E9 F0 EEPs9 E0 F9 E0 F_^[9 D$& t9 P9 T$u9 PR\U9 QEPua#EU9 VW9 }W9 Y& ty~t*9 }WujP 9 9 W9 0 ~PTIu9 9 PT~t$Wacv~t9 j9 uW Wlc_^]SV9 39^ W9 |$;~$u+F"<r,F"EWvv0 ^v.YYZ;~(uU`F"<s,~F"F"F"jPSv"jhSvWvF,_^3[39 Vj9 9 jvP@jvYY^jq YYV9 v& th3PPPPPv ^j<@9 PlM9 AueVM2MM$NeAW9 t3V9 t$9 F+Ft$PmlYP9 F+P`lYPv6wS ^_V9 t$W9 & tN9 JtHHu>v9 & t0j9 %9 F9 vPw9 W& tVW _^39D$ j;?9 0 u, 9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
!j.% 9 j 3Y9 0 Me& tjVe3Pj5(v0 V9 D$tV Y9 ^U9 9 EV9 ; uXMEP& u.u9 U& uh0 j P 3@"hthj P 3^]U9 }SVW0 M 9 juu$uu }9 ME0 E9 E0 E9 u9 uV|9 EE0 E9 E0 E9 E0 E9 E49 0 eP9 MEPVL9 MEPVuV_^[$j$#9 9 5 hWZauEEM9 'ejhMEPEPENaYYMEE9 0 eP[EPu9 SuMMj0#9 0 }3} 30 u0 E;u;9 ; 9 9E9uRu9 30 E9 ]9 C$+Cs0 E9 C(+C 0 u0 u0 E u0 Eus 9 5Pu0 E9 0 ejhTS0 Ee9 0 ejh|9 9 SM3PPPjzPuh0 E9 VEPu V}t9 M9 uu2u9 9 9 EN3F;! hP 0 M9 g& te)MEP9 E& u9 E9EuEu9 MuV9 uuu9 }h jjWuus ss u9 5WuWWuVt$9 P9 ^U9 QVWu9 AM9 EP9 t?& uu9 {& u-u9 WR 9 <& tu39 0 9 /_^U9 9 E0xu:9 Puj0X/u%9 PVWp,0 Up}EP;jX_^3U9 Vju 9 & u^]% 9 E `-W9 }t(HtHHu_9 jPQ9 & tHP9 >MSU9 RPQ9 9 U9 h9 0 & |Q9 S9 A[Wuuu _
Ansi based on Dropped File
(~WRD0000.doc)
!}wk)@ACy<G BrRsG$ C(3|? S qN[B/}0 /~ :~' S& t :` 9p ANe40?JzB@h~d! /d@E& TP3PRbu*Z`a.z9 `;GIF89a?|k"!]! f b9 o" Cra`i ~ r~ >ned`qa9 vg axc}g}LyO|{: q j a! n !?,xpH,y ci: B ZD@J& } 9 & )D~0!@ ?c,#$?/#
Ansi based on Dropped File
(~WRD0000.doc)
!~_9 ^W,PW(0 F& uh V9 ND$tV
Ansi based on Dropped File
(~WRD0000.doc)
" " 0H P X ` h p x : " h " " " (!$!2!@!N!\!d!n!x! !R! !!!" !!!!"*"2"<"" a"" "" L"""" x"" " ####!#)#1#9#\#d#l#t#" D #x#" #" #" " 8$$$ $($0$S$" hv$ $$" $$$$" $$$" " t%'%1%9%A%d%l%t%" S" x% %%%%" H%%%&
Ansi based on Dropped File
(~WRD0000.doc)
" (" d9A" d" `" " @
Ansi based on Dropped File
(~WRD0000.doc)
" (5" diqy" S" " 4:"*2" dnv~" " " (" x (0S[" ~x" "
Ansi based on Dropped File
(~WRD0000.doc)
" 0(08" t"
Ansi based on Dropped File
(~WRD0000.doc)
" 3@: " e9 "!9 yJBee9 E )U9 M9 |9 #0 M9 9 M}0 |9 }9 ME}0 }|9 jMZ+;|9 10 t" d" J& }3^jY+
Ansi based on Dropped File
(~WRD0000.doc)
" 8?7X`hp" R : " !" " XDLT\d" ! x" >6W" 0" z: " " $,4<" " o_g" " )1" 8T\dl" l" "
Ansi based on Dropped File
(~WRD0000.doc)
" A9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }j3XZ;" 9
Ansi based on Dropped File
(~WRD0000.doc)
" AI" lt" x " <" x" 7?G" ,jrz `" T" #+3;" ^fn" "!" \"
Ansi based on Dropped File
(~WRD0000.doc)
" L08" " [cnv~ }" " p%/7
Ansi based on Dropped File
(~WRD0000.doc)
" R3}M 9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }" 9
Ansi based on Dropped File
(~WRD0000.doc)
" T8@H" " ks{9 " (" x" &.6>F" iqy0 "!" " 2:Bemu" " 4" " $," $OW_go" p a
Ansi based on Dropped File
(~WRD0000.doc)
" {R~m }"!u- \"!& VK Qzxt*~N yI& K&qK"!*Xm
Ansi based on Dropped File
(~WRD0000.doc)
"!! "![G! $a"f}"!`/s(k eb}7W& ~}70{d ~{ }
Ansi based on Dropped File
(~WRD0000.doc)
"!D$tVY9 ^U9 30 ES9 ]V9 uW9 }'}E@ t UEPh! @& & t3@=EPV2%YY& t'Sa9 & u 9 WSV0 E9 VP9 E9 M_^3[~U9 30 EVWu}9 9 Mxu_l@"!3^3U9 ( 30 ES9 ]V9 uW9 }EPh! @& EPh & hpS0 E^$YY& u/EPSN$YY& u9EuEPS9$YY& u
Ansi based on Dropped File
(~WRD0000.doc)
"!jd_9 F
Ansi based on Dropped File
(~WRD0000.doc)
"!MN{j,&M0ueuMuk9 M9 q& t9 ?& uFMM9 k3j,& Mu3M0 ue%;uFMM9 (Mb#;9 M6j-^9 Me3F0 u& u9 5"!9 & te9 Eh0hjj4Ab0 M9 u3;u
Ansi based on Dropped File
(~WRD0000.doc)
"!tVURPEPQ & tf9 E9 M3^ 9 U9 SV9 u3;t9]t8u9 E;t3f0 3^[uM59 E9Xu9 E;tff0 8]t9 E`p3@EPP\:YY& t}9 E9 ~%9M| 39]" RuQVjp & 9 Eu9 M;r 8^t9 8] e9 MapY *8]t9 E`p:39]" Pu9 EjVjp & & :9 U9 juuu]9 U9 9 EuS 3]V3;|; r~ VVVVV"39 9 D@^]9 U9 SVW3jSSu0 ]0 ]
Ansi based on Dropped File
(~WRD0000.doc)
"!V9 t$N9 Fu
Ansi based on Dropped File
(~WRD0000.doc)
"9 E@9 MxVWE P9 E@ PMM E
Ansi based on Dropped File
(~WRD0000.doc)
"S3t0 ^ ! 9 N0 0 F9 F0 F0 ^0 ]u,3 ;t3@;u
Ansi based on Dropped File
(~WRD0000.doc)
#9 }R0 EjX+E0 E+ES0 E9 0 E0 EEP}9 MjX+E0 }0 E9 }0 ESEP0 }}9 9 9 wj[$9 0 u#ej
Ansi based on Dropped File
(~WRD0000.doc)
#<<<!'5%<<<<<<<6<<<<<<<<<<',.-$*<<<<<<<<<<<8''<<<<<<<<<<<<<1<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<{1h( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
#M xE@tMMMt} tMEtM`0 u!0 !}9 E9 =SuuEPuuu0 Eum9 M#;u+Et%eSuEuPuuu0 Eu49 69 9 & D0 PPl!Y@!9 uu ;uD9 69 9 & D0 P9 V)!YuX;u
Ansi based on Dropped File
(~WRD0000.doc)
$" 09 $I9 r+$& 4$0Dh`F#Gr$" 0I`F#G`FGr$" 0`F#G`FG`FG V$" 0I'9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 09 @HXl9 E^_`FG9 E^_I`FG`FG9 E^_`FG`FG`FG9 E^_U9 WV9 u9 M9 }9 9 ;v; r=tWV;^_u^_]ur*$" 9 r$& $$(Tx#``FG`FGr$" I#``FGr$" #`r$" I9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 (<9 E^_`9 E^_``FG9 E^_I``FG`FG9 E^_t1|9u$r
Ansi based on Dropped File
(~WRD0000.doc)
$" 9 $PI9 r+$& $`F#Gr$" I`F#G`FGr$" `F#G`FG`FG V$" IT\dlt| 9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 9 E^_`FG9 E^_I`FG`FG9 E^_`FG`FG`FG9 E^_9 U9 j
Ansi based on Dropped File
(~WRD0000.doc)
$G@!#9 M)L2+3RH1/&*R=OK"QJR7I'F4B8A(E.D<:>
Ansi based on Dropped File
(~WRD0000.doc)
$KE%W9\!J40N'#S2>X BVb)8pbC1Dh @
Ansi based on Dropped File
(~WRD0000.doc)
$O& X`& >, [b\A.! Z
Ansi based on Dropped File
(~WRD0000.doc)
$S####,^]9 U9 V9 u& t59 ; tP#Y9 F; tP#Y9 v;5 tV #Y^]9 U9 V9 u& t~9 F; tPu#Y9 F; tPc#Y9 F; tPQ#Y9 F; tP?#Y9 F; tP-#Y9 F ; tP#Y9 v$;5 tV#Y^]U9 V3PPPPPPPP9 UI`
Ansi based on Dropped File
(~WRD0000.doc)
$Y0 ]9^uhFPGYY& u0 ]FE09]t9 9 & D8P 9 EE39 }j
Ansi based on Dropped File
(~WRD0000.doc)
%& tEEP9 {hDRME$& tF,M 0 FME(h8RM$& 9 e0 E& }u9 H9 & `EP9 sh$RMEf$& uME'\h Y9 0 ME& t~9 3W9 E-& u& t9 j9 9 MV5MET'9 uE9 E;ERSME6'E9 E;ERe3F7V9 NR 9 ^U9 S9 VsW9 U}{9 0 ED 39M0 E~40 Mu9 & t9 j9 E9 E;E|ju9 j1;t-EP9 %
Ansi based on Dropped File
(~WRD0000.doc)
%0 E0 ]9 EMM0 E9 }E;t?9 gg& v4S9 9 & tjVM9 MV9 & u}9 C3g;r39}~59 MW! 9 & t VM& uu9 MFDPVG;}|9 u9 R& & t9 j9 eMM9 ElrjM0 9 MV}j pq9 9 u& u3@79 ,u)EP9 +v,eEP9 MM3qUhhq9 0 ]49 Mt3; P9 ; " EP9 Pyh M0 uD& fMMXE9 M\EUh EP9 E`ME& uMPMYh EP9 /ME& uEPMh E P9 M E}& u|EtPE PMV9 $9utt_j jY9 0 MTE;tj9 9 jEiY9 0 MTE& tE P3Vj0 F5(Es3hEP9 g hDRME& & h 9 &9 0 M0; xM80 EP9uPE
Ansi based on Dropped File
(~WRD0000.doc)
%0;F" p" lt| R " " `5" X" ~ } " <Hdr#r" " #+@: )@
Ansi based on Dropped File
(~WRD0000.doc)
%v,%v0$v4$v$v8$v<$@v@$vD$vH$vL$vP$vT$vX$v\a$v` $vd`$vh $vlz$vpr$vtj$vxb$v|Z$@ L$ A$6$R+$ $ $
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 Sufguc& W9& ~0 & ~=9 ]WV9 " Y0 & & t0 & 0 9
Ansi based on Dropped File
(~WRD0000.doc)
& 0 }3f9w#k
Ansi based on Dropped File
(~WRD0000.doc)
& ~& EPEP9 0 ]0 ]W9 F 0 E9 F$0 E9]t9 G+0 F 9 G+G0 F$EPEP9 u t59]u09 ]9 E+"!+9 9 E+Ej"!+N jGjuS'9 E+Ej"!+9 9 E+ES"!Sv$+v Gv(PQu 9 "9 +& ~& u 0 E; 9 F0 E9 F0 EEPEP9 0 ]0 ]X9]u9]u9 F 0 E9 F$0 E9]t9 G+0 F 9 G+G0 F$EPEP9 v,uu0 E t(9]u#9 ]9 E+"!h +j9 N juS9 E+Eh S"!Su+u9 9 E+Eu"!+GPQu u9 uu9 9 _^[U9 QS9 V9 uWv9 6uu9 u0 EVu& 0 9 0 Ez9 ~jWuu9Et[9 0 ME0 M
Ansi based on Dropped File
(~WRD0000.doc)
& & 9 MSPMPVMUM& uYuMhHPVMySu9 ME$MEfM]
Ansi based on Dropped File
(~WRD0000.doc)
& & FPM\j0 ]y;Y0 EE;tju9 9 3E9^(tFj K;Y0 EE;tj9 n 39 MP0 H0 x9 N(S5(E/"Pr9 ]& tS& u9 ^<& tjS& t_9 E!9 0 Ejh0 E& t1MQSjJP9 & t9 j9 & uMM[3@MM[37AjiP@9 FPMe[9 N(e& t9 N & t?9 N$& tf0MMJ[@j,&?MKueMvjj5pMMM03@ @j,&?M ueMjj5pMMM 3@G@j,&`?M 3PP5pM0 EaMM
Ansi based on Dropped File
(~WRD0000.doc)
& 0 u3<9 k
Ansi based on Dropped File
(~WRD0000.doc)
& 7& uuh
Ansi based on Dropped File
(~WRD0000.doc)
& 9 0 & 9 C0 & & P0 P& VP5Y9 t!u& PV5YYYfgu& u& PV5YYY >-uF0 V& 0 $s g+ `& & '& & jj0Xf0 & 9 & Qf0 & 0 E& & E& t& @0 tCC"!& @9 Ct"!30 & @t& |& s& 9 9 u3}& 9& ~0 & 9 u!& 9 & & 9 t-9 & "!RPSW{090 9 9 ~N& +F& 0 & 0 tY& t9 90tN9 0@6& u 0 & 9 & & Of8t@@& u+& 0 & & e9 & @t+tj-tj+tj Xf0 & & 9 9 ++& u& Sj 9 & a& Yt& uWSj0& Quu& ~q9 0 & P9 & & SWPRB0 & & ~)S9 & Y9 V& Y| & t& Sj tY9 0 & f& t*9 9 9 3PPPPP2 t
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 ER ~eR9 H0 }fv9 M$9 9 0 9 ;uj+t&-t!;tC}pE~S;! `j +jyHf L9 M$9 9 0 9 ; O; ^9 UG0 }#f9w"}s9 ME*EEf;s9 M$9 9 0 9 ; H+ n- eC}0 }0 } u2Mf;t!f9w }sE9 M*EMf;s0 } f! AjeJ0 MHfwjO+t +t& jQMSjYj>0 }f;tfv+(Hfvf;} t@+J0 Mt+t9 }9 E0 jX9Evs }|E0 E9 EHEaj
Ansi based on Dropped File
(~WRD0000.doc)
& 9 9 jYER eRjY"!` 10 u v9 M$9 9 0 9 :uj<+t(<-t$:t<C}<<E~<c}0<e(jJjy` 1 R9 M$9 9 0 9 : T: f9 U0 u<9}s
Ansi based on Dropped File
(~WRD0000.doc)
& ^9 G0 & 9 G0 & R& P 0 PS& SP5dY9 t!u& PS5dYYY gu& u& PS5adYYY ;-uC0 S0 0 $s HH 9 & & '& & k`& Q& 0& & G& M t0 @tGG"!9 G@t"!30 @t& |& s& 9 9 u3}& 9& ~0 & 9 u!& u9 & & 9 t-9 & "!RPSWs090 S9 9 ~NE+F& 0 & 0 tb& t9 90tW9 0@?If8t@@& u+& (& u 0 & 9 & I 8t@& u+& 0 & & \9 & @t2t& -t& +t& & 9 ++& u& Sj [9 & a& Yt& uWSj0& 9 & tf& ~b9 0 & SSPjEP& FPFx.& u(9& t & MSYu9 P& Y|& tWSj & mt&Y9 `& t
Ansi based on Dropped File
(~WRD0000.doc)
& t `VEP 9 u3u 3D343EP9 E3E3;uO@& u9 0 5 0 5 ^_[9 U9 QV9 uV30 E9 FY uN /@t
Ansi based on Dropped File
(~WRD0000.doc)
& t3MM9 `}tj`Y9 9 }M?MEDME`WhM9 PVMTM9 EME|j}l0 EPeM& tMM3`MMEME9 EPhM;PVM! & u*3ME}MEcMM9 9 ujEPeM& t3MMe9 m0 MMEME!uMh9
Ansi based on Dropped File
(~WRD0000.doc)
& t3MM9 MMEMEuMh49 APVMM9 E! MEm j} EP)eM
Ansi based on Dropped File
(~WRD0000.doc)
& t9 & tjj5(w0^_jH&9 39u R9 ;t9p & t,9 9 =0 Vps09 p 0 9 =0 9 ;tp & t9 VpM 9 M9 UR0 uP& 9 ujEjP& 9hY0 EE& t9 dc39 0 ej|9 VE0 Y 9 0 ejVEE s4usE9 9 jg9 3VVdj9 0 ejh 9 9 VVVd9 9 h222LdK<9 jgPjhM VE 9 9 0 E)i9 =Pu0 EPPVuEP9 uuuMER9 u9 =0 9 )E9 0 eP" EP9 9 9 jEPE*j9 9 9 9 Fj+QPv9 RpS 9 MEP5`3& tQ9 9 b9 jp9 jpME9 9 9 H; 9q 9p 9 u9 9 @s0 p 9 9 M0 E9 FU0 E9 RPT& u9 F+0 E9 M9 URPX& u9 F+F9 M+0 E9 EjPu9 uupS 9 jp9 Eee0 E9 E0 E9 9 H9 9 uPMM`jdR&9 9 }3;u39 ;tp & t9 Vp0 Mm9 MQ9 0 uPH& 9 9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
& t9 D3WE0 S" 1Y0 EE& t9 3`WE0 i1Y0 EE& t9 "!3WE0 B1Y0 EE
Ansi based on Dropped File
(~WRD0000.doc)
& t9 Mjh|9 N9 MPM9 MEPM0 uED9 EKtj,dseEP3CM0 ] & t9 Mjh|9 0 ]MMEME" ME9 EPhMPVM9 M& tEPjh|9 lM0 ]EE ME+M]jME^9 EesU9 Q9 Mejh9 Ej4`r9 9 u9 M&~& t
Ansi based on Dropped File
(~WRD0000.doc)
& t9 r3M0 E9 7j"69 0 uR9 3E;t 0 9 ;tm0 9 ;tZ0 9 ;tG0 S9 ;t40 9 ;t!0 9 ;t0 9 ;t0 9 ;tc0 9 ;tP0 <9 ;tP! AY0 }@9 SPl9 ;~9 S9 P9 ;t9SjP 9 ;tPj 0 0 ~}EY}lES}DER}]"!xM9 ,6U9 Q9 Mejh 9 EU9 0SVWE9 Ps@ u u9 uu 9 5PW0 E0 E8t
Ansi based on Dropped File
(~WRD0000.doc)
& t>& uMO3kSWV< & t3M(9 3FV9 t$Wj3WVH]Wh\;t%VhgP 9>u9~u
Ansi based on Dropped File
(~WRD0000.doc)
& tG9 FU9 }V9 tx& tu9 uu =xu9 uut({& tf^]U9 QQV9 9 & u%W9 }& t`0 9 }& t9 0 3@_P}u9 E& t9 N0 9 E& t9 N0 3@-e9 jURURPQ Et9 E0 F9 E0 F3^j& tt$9 sd3U9 ,SV9 }3& u9 E0 9 E0 3W9 F ;~9^$~9 M0 9 F$9 M0 3@9W9^uV~09 r9& uH9^u9 NW80 F9 N;u9 E0 9 E0 3_^[9 u9 }jVW& & 0 0 ~9 = uu9 & tjEPv(d& tYEPju& ~J9 E9]u"!+0 E9 M9 U0 9 E0 9 0 N$9 0 F 9 59]tu9] u ~u19 a& t&EPjv,& t9 E9 M9 U0 9 M0
Ansi based on Dropped File
(~WRD0000.doc)
& th3PPPPP ^U9 VWEP9 EP6 EP6@ EPu9 u & 9 Eu& t3@.& t9 M0 9 E9 +
Ansi based on Dropped File
(~WRD0000.doc)
& tMM 9 ! M ME%MEA9 EPh4MPVM& u+MEMEMM9 }9 uVOj9 G! +Y3<x^9 j M eM]MM9 9 j,D& 9 M eeEP9 PMEMEtM& t@KLMMW9 _ MME!M9 EPhdME PVM& uE@KL9 uMEME! j& EP^eMN& tMM3& MeMEM9 >uMh EPVM]3& u(MEMEMMI9 }FjDm eEP3ECP0 ]ME& t9 Mjh|9 0 ]MME ME ME9 jEPM"PVM & u9 Mjh|9 {0 ]9Mx& tjEPM9 MEPEM0 ]EaMEMEME M]2ME&9 E- jFeEPEP MEw& t$3ME
Ansi based on Dropped File
(~WRD0000.doc)
& uTMMEMEuMh89 PVM" MEMEMM`j`EP`eMP
Ansi based on Dropped File
(~WRD0000.doc)
& z& =s@n '1=E\
Ansi based on Dropped File
(~WRD0000.doc)
& }WSV^[_9 D$PPE.9 D$PPB.t$9 D$9 hSrPU9 V9 u~t*MjEPvMu04M:3^]09 D$j@jP73j ,f}uNjuMVeMM& u9 MM0 MQ3@MC3K-f}u
Ansi based on Dropped File
(~WRD0000.doc)
&0&8&B&J&" p" m&u&}&& &&" &&&" &&&'" <$'" " G'O'W'_'g''" ''''" $'" h(" 1(9(" b(" & (" " p(((((((((((#)-)" R)Z)h)" )"!)" 8)" l)))*" $*" G*" j*" 4*" `*" R*" " *++++@0" x@>+F+N+V+^+f+n+v+~+ +}+ +~+++++" ,
Ansi based on Dropped File
(~WRD0000.doc)
&9 Ej$_U" eEP3CM0 ]& t9 Mjh|9 %jxVM&Mth`V7j`WMthHWjhHMt
Ansi based on Dropped File
(~WRD0000.doc)
'~vm_pXmlDoc->save() returned HRESULT = 0x%XCXmlDocument::Savecalling m_pXmlDoc->save(%s)return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())return %d (from LoadW)return FALSE - not using helperStart. bUseHelper=%d wStrXml=%sCXmlDocument::LoadFromBufferreturn %dfailed to read fileException caught. memory size is %d m_pXmlDoc->load() return HRESULT 0x%Xreturn FALSE - file doesn't existreturn FALSE - m_pXmlDoc==NULLCXmlDocument::LoadFromFileStart. wStrFilePath=%s bUseHelper=%d@x3Rx3End : return FALSE (RegOpenKeyExW returned 0x%X)End : return TRUEEnd : return FALSE (RegQueryValueExW returned 0x%X)Start : root=0x%X key=%s valueName=%sEnd : return FALSE (RegSetValueExW returned 0x%X)End : return FALSE (RegCreateKeyExW returned 0x%X)Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%sCSetupRegW::SetRegEntryStart : root=0x%X key=%sCSetupRegW::IsKeyInRegistryEnd : return %dEnd : return 0 (RegOpenKeyExW returned 0x%X)CSetupRegW::GetRegNamesCountEnd : return_value=%d rc=0x%XEnd : return FALSE (result pointer is NULL)CSetupRegW::GetIntFromRegistryValueEnd : return FALSE (RegCreateKeyW returned 0x%X)Start : root=0x%X key=%s valueName=%s value=%dCSetupRegW::WriteIntToRegistryEnd : return FALSE (RegQueryValueExW dwordType==REG_BINARY)Start : root=0x%X key=%s valueName=%s wStrValue=%sCSetupRegW::GetStringFromRegistryValueEnd : return %d (RegDeleteKeyW returned 0x%X)CSetupRegW::DeleteKeyEnd : return 0x%X (status)CSetupRegW::RegDeleteKeyAndItsSubkeysStart : hKey=0x%X lpSubKey=%sEnd : return FALSE (wStrValue from registry is empty)End : return FALSE (GetStringFromRegistryValue failed)CSetupRegW::GetBoolFromRegistryValueEnd : return %d (from SetRegEntry)Start : root=0x%X key=%s valueName=%s bValue=%dCSetupRegW::SetBoolRegistryValueEnd : return %d (rc==0x%X)Start : root=0x%X path=%s value=%sCSetupRegW::DeleteValueEnd : return FALSE (RegOpenKeyExW returned ox%X)CSetupRegW::GetRegDirectoryKeyNamesStart : hRoot=0x%X wKey=%sEnd : return FALSE (RegEnumKeyExW returned ox%X)CSetupRegW::GetFirstRegDirectoryNameEnd : return FALSEStart : root=0x%X key=%s wStrValName=%s iType=0x%XCSetupRegW::IsValueInRegistryStart : root=0x%X key=%s iType=0x%XCSetupRegW::GetRegNamesStart : root=0x%X key=%s wStrFirstName=%sCSetupRegW::GetRegFirstNameEnd : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)Start : hRoot=0x%X wStrKey=%sCSetupRegW::DeleteRegEntryx;$9;xW'M>: XmmmXxxm↓→↑←‾♦♥♣♠ÿþýüûúùø÷öõôóòñðïîíìëêéèçæåäãâáàßÞÝÜÛÚÙØ×ÖÕÔÓÒÑÐÏÎÍÌËÊÉÈÇÆÅÄÃÂÁÀ¿¾½¼»º¹¸·¶µ´³²±°&hibar;¯®­¬«ª©¨¨§&brkbar;¦¥¤£¢¡ ›™—–”“’‘‹‰‡†„‚⁄"CResourceBank::InitRB ) dB xx emNaG Qd ac
Ansi based on Dropped File
(~WRD0000.doc)
&M&M%M%M%9 T$B9 JS3" ` M M%M~MM+M%9 T$B9 J 3D" e M5Mw%M3Mg%M_%9 T$B9 J3" " MH<%MX4%M,%MM%M%M%M8%M R*MX$MX$9 T$B9 JR3} L M$xSM$uaY9 T$B9 `t3K l M@ $M0~$Mv$MM f$M^$M0V$9 T$B9 J3 M3$M+$M9 T$B9 J3 " M$9 T$B9 J3 " M#M19 T$B9 J3w " 9 MvP9 M9 M@R9 MlJ9 Mz#M(u"!Yu"!Yu "!Yu"!Yu"!Yuy"!Yuo"!Yue"!Y9 T$B9 J3 9 MO9 M]9 M@9 Ml 9 M"9 T$B9 J3i ` MHuYuY9 T$B9 J32 S Mm"9 T$B9 J3 (0 u9 Y9 T$B9 J3 T MM"M09 T$B9 J3 u3Y9 T$B9 J3 M!M!M!M!M!M!M!M " !9 T$B9 J37 X Mr!Mj!Mb!MZ!9 T$B9 J3d M7!M/!9 T$B9 J3 9 M!9 T$B9 J3 M9 T$B9 J39 MS MR MS MR MS MR~ 9 T$B9 J3@a 9 MD9 T$B9 J3p> u"! YMN MF 9 T$B9 J3 M# u\ YM uJ Y9 T$B9 J3 Mu Y9 M9 T$B9 J3t," Mu" Y9 MM" M-9 T$B9 J3/PP MjMbMZ9 T$B9 J3} M79 E e9 MMMM9 T$B9 J3}Mu" Y9 MMM9 T$B9 J3c}$ M~u YMRM(9 T$B9 JR3&}GMaMYMQMIMM9M19 T$B9 JR3M9 T$B9 J3u, Yu" Yu Y9 M9 T$B9 J3o\M$9 T$B9 J3LmM +MMwMoM"9 T$B9 `|3'MA+9 T$B9 J3RMSMM9 M9 T$B9 J3RD}9 MH9 T$B9 J3& Rp}9 M 29 T$B9 J3bRS}MT9 T$B9 `P31RR}M9 T$B9 JR3R/}9 M 9 T$B9 J39 (}ug YMMMMMMMt& MM9 T$B9 `p3p9 L u Yu Y9 T$B9 J3A9 b9 M9 M~9 M`9 T$B9 J39 #9 M 9 M?9 T$B9 J3`HR9 M9 T$B9 J3`tRM(u" Yu YM9 T$B9 J3o`RM(9 T$B9 J3L`mRM! (9 T$B9 J3)`JR9 Md9 T$B9 J3`<'RM9 T$B9 `p30 hRMw9 T$B9 J30 9 Ml9 T$B9 J3a0 9 uYMMMM9 T$B9 J3U0 v9 M4MM M@xM0pMPhM `MMMHM`SM8M0M(xMh'9 T$B9 `p3T`9 M"9 T$B9 J3 `MpM9 T$B9 J3fD! `MEM`]M M 0 M0@dMnMfM^MVMDNMT
Ansi based on Dropped File
(~WRD0000.doc)
&Oy3 . ! v2f0 x.d %4ku`0 e:Pr~4Ekp!R-U)aR$ $xgL%w,U/$BEjOiI 0 f^$[PT}zhp)SFk ZaJrS}~) XE-)p: wsx -j
Ansi based on Dropped File
(~WRD0000.doc)
&S-`KRRkS@ 4C5|mF& .O=9 30SP t.=(DS0 n
Ansi based on Dropped File
(~WRD0000.doc)
'tag'MjaXy'M4+G Df$f`O8TrfujIh8y
Ansi based on Dropped File
(~WRD0000.doc)
(0%+wx%lP("!HNM$;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
(9 VVVVV^]9 U9 uMd+9 E~EPju9 9 MH }t9 Map9 U9 =Tu9 E9
Ansi based on Dropped File
(~WRD0000.doc)
(P`aRS0 0a M! /r0 &9 : @;GIF89ae: R : "!~Sa!e, eG/- ! 3Qe6 ]@T"!a8Z<OI&;_:75
Ansi based on Dropped File
(~WRD0000.doc)
(Y9 U9 9 EV4>uP"Y& ujGY6 ^]9 U9 9
Ansi based on Dropped File
(~WRD0000.doc)
)x9 M?|9 M 9 M= 9 M\"9 T$B9 J3u
Ansi based on Dropped File
(~WRD0000.doc)
*" 8|(@+@t+" " 0/l|ds(0s( 0" " 19" D\dl" x" " " ,"" X"
Ansi based on Dropped File
(~WRD0000.doc)
*F&$W #U8SIEQBZ
Ansi based on Dropped File
(~WRD0000.doc)
*ug9 10 EujP;EtunY9 9 @S0 EPj& Pjh }f& tf:uf\tf/uGGhMWYY& u3hMWYY& u"hMWYY& uhMWYY& tx WFSP|9 ]9 U9 9 $ EEE& tt
Ansi based on Dropped File
(~WRD0000.doc)
+ 70% <<<Obsolete>>>0 0* H
Ansi based on Dropped File
(~WRD0000.doc)
+ 7100* H
Ansi based on Dropped File
(~WRD0000.doc)
+"!+G9 F9 N ;~+"!+uFH9 FWX(39 Nv w7u9
Ansi based on Dropped File
(~WRD0000.doc)
+0u+i0g0$+0 http://ocsp.verisign.com0?+0 3http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0U#0 k&p? -5: 0` H B0
Ansi based on Dropped File
(~WRD0000.doc)
+\A;r9 D=9 +0 ]0 3N0 Ut3D
Ansi based on Dropped File
(~WRD0000.doc)
+]9 U9 9 E`MSVW30 x9 E30 x9 EC0 xt
Ansi based on Dropped File
(~WRD0000.doc)
+]:0kkkkkkkkk(e\kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk? h( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
+H9 0 E9 N,+0 M9 v8j9 E0 F 9 E0 F9 E0 G9 +0 G9 E0 F4WV_^[9 M9 U$& `\} 9 MeMECE}r9 E9 0 N Ht<Ht*H& [9 EG0N0 F 9 Ej\mjX)EWEPEPEPEPJWuuuu(0 F& mmm9 M9 E)M0 E9 M } eMEC0 M r9 M9 E%;& 0 F30 E0 E9FtjX
Ansi based on Dropped File
(~WRD0000.doc)
+M9 N?0 M~j?^; 9 J;Ju\ }&9 9 M|80 ]#\D0 \Du39 M9 ]!,O9 MR|8!0 ]u9 ]9 M!K9 ]}9 J9 z0 y9 J9 z0 y 9 M9 y0 J0 z0 Q9 J0 Q9 J;Ju^`LM L}# }u 9 ;9 9 M|D) }u
Ansi based on Dropped File
(~WRD0000.doc)
+t3& x\9 & & pY+t3& x\9 & & wpY+t3& x\9 3& & R9 p;qt~Yp+t3& x\9 & & )pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & "!pY+t3& x\9 & & xpY+t3& x\9 & & WpY+t3& x\9 3& & 29 p;qt~pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & 9 p;qtrpY+t3& x\9 & u}pY+t3& x\9 & u`pY+t3& x\9 & uCpY+t3& x\9 3& u"+; ! $0 9 9 P;QtqQ+t3& xT9 & upQ+t3& xT9 & upQ+t3& xT9 & u: pQ+t3& xT9 3& & v9 P;Qt}Q+t3& xT9 & & NpQ+t3& xT9 & & -pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & ~pQ+t3& xT9 & & }pQ+t3& xT9 3& & X9 P;Qt}Q+t3& xT9 & & 0pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & ^pQ+t3& xT9 3& & 99 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;QtoQ+t3& xT& u6pQ+t3& xT& upQ+t3& xT& t9 @I+t3& xL9 3& u3[S
Ansi based on Dropped File
(~WRD0000.doc)
+t3& x\9 & & pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & p
Ansi based on Dropped File
(~WRD0000.doc)
, CASRb`*\^L p fbdJ
Ansi based on Dropped File
(~WRD0000.doc)
," 4" R-,5,=,E,M,U,`,h,p,x, ,
Ansi based on Dropped File
(~WRD0000.doc)
,,,," ," (---" T7-?-G-" j-r-z- -" -" -" <@h" x..." E.M." s.}." 0.." d..." .///" </F/" k/u//" L///" ///" 00" ;0C0" 4i0q0y00" h0" 0" 001" " d,141<1D1L1T1\1 11! 11" S1" " 021112B2J2" Xm2u2}2" R22" " 22222%303" H0 3q3y33" |" 3333344" " d<4D4L4T4\4"
Ansi based on Dropped File
(~WRD0000.doc)
,0 %5EUeu& " `
Ansi based on Dropped File
(~WRD0000.doc)
,0 3^]9 U9 9 E]9 U9 9 E9
Ansi based on Dropped File
(~WRD0000.doc)
,D[B'5R)NE%[JPHZ1W4[< 2KG(*"Y;[!FAUS@T$7[C8-O /6I
Ansi based on Dropped File
(~WRD0000.doc)
,f9 jp0 MEMM9 jd&9 ^9 E0 E9 E@0 EEPM;eMvjh`ME_}EPEPE@YYMEdEPM}ME[EPME[\9 & thj_jVMMEnPMVMjMRPMME=PMM,PM 9 jEP9 e9 (ME"!! ME! MEZMEu! MEi! MM]! gj,& 9 9 ! & tX9 p& tQ & uH9 9 Pp9 u"M?eM}MM9 ?ijVw0j '
Ansi based on Dropped File
(~WRD0000.doc)
,g`%^ & vt
Ansi based on Dropped File
(~WRD0000.doc)
- ]: t: t]: jhGX39tVE@tH9 t@0 EU.9 E9 9 =t
Ansi based on Dropped File
(~WRD0000.doc)
- ]: t: - ]: : t
Ansi based on Dropped File
(~WRD0000.doc)
-F;9 0|$;rSQRPj0F0 U9 9 ;u& |drjjdRPSj00 UF9 9 ;u& |
Ansi based on Dropped File
(~WRD0000.doc)
-N%,9 P;06C59 9 ;GIF89a'!',i)QR2& PP,: B& VkQ(]NA|DR }s <
Ansi based on Dropped File
(~WRD0000.doc)
. .~(6Z! UbD{'@! %8I < so #Z0]RB!Rq>=#. 0XR!%& TFD*#qA n@K4X"x' `0 bR0F
Ansi based on Dropped File
(~WRD0000.doc)
.(>?$ &&3?*.?2('?19:!!="7B4'+D F85%%FCA;GIF89a? a {S x"! S: x : "! !?,xpH,Z hnLF C1zH~D (j4,b-: kD
Ansi based on Dropped File
(~WRD0000.doc)
.9 0 ejh|9 Et*v|vxvt9 N<M8Pu^T9 0 E& u4~p9 t
Ansi based on Dropped File
(~WRD0000.doc)
.9 M9 T$B9 J38M9 T$B9 J3MM@M MMMMLMMMMM0M9 T$B9 J3l9 Jt3bMAMY9 T$B9 J37TXMM.MbM9 T$B9 J3%M#9 T$B9 J3u]YMM
Ansi based on Dropped File
(~WRD0000.doc)
.;\l aat9Gw&sc ;d >jm
Ansi based on Dropped File
(~WRD0000.doc)
.pA `@+W`<5
Ansi based on Dropped File
(~WRD0000.doc)
.u9 uhhpjM& _t-}t'jhrh`rjus& t
Ansi based on Dropped File
(~WRD0000.doc)
/0M'PhvM &Sh0 ME5E PEPE
Ansi based on Dropped File
(~WRD0000.doc)
/9 B+E9 ;s9 9 ])E0 _ 9 +0 w9 u0 B9 E9 +20 r0 O439 J+M9 B M;s9 E9 E0 _ 9 ++0 w9 u0 J9 +
Ansi based on Dropped File
(~WRD0000.doc)
/ehhhhhhhh"PCM0Lhhhhhhhhhf&QOEhhhhhhhhhh@T#*hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhh! h 4VS_VERSION_INFO?StringFileInfo040904b04CommentsAlert ver 1.0:
Ansi based on Dropped File
(~WRD0000.doc)
/ME/MEPM0E/M@0 ]" /9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
0 }[4 9 RT&L 2RI &"!e;GIF89apx !p, pFO! i?kp_ Tna: Sj(\N=IXG
Ansi based on Dropped File
(~WRD0000.doc)
0 & 9 x8t`P4UM`8jEPKPY& t:9 4+M3@; j& @SP C& DjS& @P 3PPjMQj@QPC& D 9 & \j& <PVEP9 & (9 4T & )9 & D9 09<0 & 8R j& <PjEP9 & (9 E
Ansi based on Dropped File
(~WRD0000.doc)
0 0 R0 50 = fRfR
Ansi based on Dropped File
(~WRD0000.doc)
0 012A22;4U4" 4u5 5 5555w6}66666&7v88y::;& ; ;;<<$<< <<<<f=y==0 ===#>P>m> >-?=???0&000J00001A1b19 12/2@2F2222224*4 4455u6R6777A7 7 7777777883898C8R8X8 8a888!909d9k9999::::[;k;;W<! <<7======>Y>b>n>& > >>>>>>>??/?=?k? ?? ???? .00000,1d111111
Ansi based on Dropped File
(~WRD0000.doc)
0 79 VP39 M_^3[: 9 D$"!@9 @
Ansi based on Dropped File
(~WRD0000.doc)
0 9 E0 G 9 E0 G9 E0 F9 E9 +VN0 0 W4CWssPCPI9 W40 E9 0 E9 F0 E9 G 0 E9 G0 E9 G0;s+H9 G,+}0 Et3}" D0 9 EnC0 C9 C0 C&} R9 E9 MeMEEE9 C9Er9 & 4#E9 KHm0 E@)E9 E0 M& u9 @0 Cv9 Mt0 K9 @0 CW@u0 K9 H0 CA -} 9 E9 MeMEEE9 C9Er9 & 4#E9 KCm9 )EC0 C9 C0 C&} {9 E9 MeMEEE9 C9Er9 & 4#E9 KHm0 E@)E9 Mt0 C9 A0 Cb@& 30 C9 A} 9 E9 MeMEEE9 C9Er9 & 4#E9 KCm9 )E9 O(9 +C0 E;s9 G,+0 E9 EE0 E;G(r9 E{ & u}9 G,;u9 G09 O(;t9 ;s+H9 G,+& uXu0 W4VW9 W40 E9 G0;s+H9 G,+9 O,0 E;u9 O(9 G0;t9 ;s+H
Ansi based on Dropped File
(~WRD0000.doc)
0 9 EJ0 G49 Ec t9 J+M9 ;s9 E9 B+E9 BhM;s9 9 M0 _ 9 ++0 w9 u0 B9 +0
Ansi based on Dropped File
(~WRD0000.doc)
0 9 G;0u0 0 ^9 G;pu0 X9 C9 9 Q;
Ansi based on Dropped File
(~WRD0000.doc)
0 9] tAPAP_^[]9 U9 juuuuuu]9 U9 9 ESV39 C0 ut ]tS}YtEtjcYv aE jA9 EY#tT=t7=t;ub9 M {LH9 M{, 29 Mz 9 Mzx x E 3t9 W9 }D9 EPQQ$x9 M]}
Ansi based on Dropped File
(~WRD0000.doc)
0 ];r;u19 h{u
Ansi based on Dropped File
(~WRD0000.doc)
0 ];r;u9 0 ]& u3S:Y9 K0 9 C8t0 p9 C9 0 Ut9 R9 |D#M#u)e9 HD9 9#U#uE9 9 U9 iRD0 M9 LD3#u9 R#Mj _G& }9 M9 T9
Ansi based on Dropped File
(~WRD0000.doc)
0 ];r;u9 h9 S9 ;#U#u
Ansi based on Dropped File
(~WRD0000.doc)
0 ];r;u[{u
Ansi based on Dropped File
(~WRD0000.doc)
0 ]f;Lf;Cf;! 5?f;wK30 E0 E9f9 E}f0 E9 E0 E9 E0 Ef0 }V33f9u H% 0 E\3f;uFEu9Eu9Euf0 Ef;uFEu9Eu9E v0 E}E9 E9 M0 M& ~JM0 MD9 Me9 W
Ansi based on Dropped File
(~WRD0000.doc)
0 AX9 Pt}u9 Px3';uu9 uuuuP|q]U9 S9 ]VW& u3;9 CURP<& t$9 M& t9 S9 R9 ssP<3@_^[]U9 ,VE9 Pv@ & SWu u9 uu 9 =PS0 E~80 Et9 N89 SP<EP9 0 uEPEP9 =& t:9 E30 E;tp & t9 MVVSTs9 MEPEP& u3h VVSuuVVu uSuS_[^j9 9 Rj"!Y& uEM?eMRK}9uw9 t!MMz? Vt$9 t$ t t& u'! 9 9 & t9 9 P|^9 D$& t|$t
Ansi based on Dropped File
(~WRD0000.doc)
0 E#0 UtYjSSu9 #tA9 u9 }+; SjH P$ 0 E& u 9 _^[h uYY0 E& |
Ansi based on Dropped File
(~WRD0000.doc)
0 E,0 E9 E0 EEPjh9 EE9 }0 E0 EEPCv09 }v9 vP`9 }9 jP'+j@,@*39]R-; & u9 !@9 ;tuMem9 0 ]+;0 E0 ]~Gu9 ?& t.MQ9 ,uPFPMEtM9 E& t"E9 E;E|MM
Ansi based on Dropped File
(~WRD0000.doc)
0 E0 ];vnu9 ,B9 ;tSj-&Y9 0 M0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
0 E0 E9 0 }0 }0 }0 };tp & t9 Wp0 M 9 M9 UR0 }P@& jEWPEG9& xhLBY0 EE;t9 39 0 ejh|9 E0 : s49 9 s9 jp9 u3VVPLj9 0 ejh b9 9 VVj9 9 jpP9 u39 9 9 URPP9 9 EPEP9 E9 M;0 M|0 E9 ;tp & t9 Wp0 M 9 M9 U REPD& jEWPE
Ansi based on Dropped File
(~WRD0000.doc)
0 E339uu9u " D|
Ansi based on Dropped File
(~WRD0000.doc)
0 E89 E,+"!+0 E4j0 E<jE0PuDTE0
Ansi based on Dropped File
(~WRD0000.doc)
0 E9 E+E0 Mu9 9 Ps|
Ansi based on Dropped File
(~WRD0000.doc)
0 E9 Q9 Px9 3;~Bj
Ansi based on Dropped File
(~WRD0000.doc)
0 E;t9 j9 E9]|WSW9 _^[j& A33q(f0 E0 }9>u9 A$9 VPQ0& t9 Eu9 a9 69 MQWVP;u0 }9 E9 URP0 }QdhMc u
Ansi based on Dropped File
(~WRD0000.doc)
0 E`9Uu3f0 E9U 9 M 39 E}T0 M ; k9 f9r9 }M]K
Ansi based on Dropped File
(~WRD0000.doc)
0 E`9Uu3f0 E9U 9 M39 E}T0 M; k9 f9r9 }M]K
Ansi based on Dropped File
(~WRD0000.doc)
0 EEPEP9 {
Ansi based on Dropped File
(~WRD0000.doc)
0 Ej%Su0 EP0 E& S9 0 ejh|9 v9 }R9 SuP`MS "!jhP9 MREhESPERPEZYYMREm9 }R9 USRPP9 }REPEP9 E9 M;0 M|0 ER}l9 SPMMSjuP0 E& S9 0 ejh|9 v9 }9 juP`MSjhMRE ESPERPEYYYMRE9 }9 USRPP9 }EPEP9 E9 M;0 M|0 E}l9 jPMMSDu& 9 M9 E;~0 M0 E9 E;E~0 E0 EE
Ansi based on Dropped File
(~WRD0000.doc)
0 Em: }9 ]3tjZttt tt9 #t(=t=t;utut0 U9 395 0 }]9 E yj^ttttt9 `#t* t@t;u@ #@t-t
Ansi based on Dropped File
(~WRD0000.doc)
0 Ep u\9 M`h*j9 EP9 EXE;t9 PQME
Ansi based on Dropped File
(~WRD0000.doc)
0 EP9 0 }9 MSWM>
Ansi based on Dropped File
(~WRD0000.doc)
0 E}9}urE lTtXtCHt/t& uCE9}u:eE09}u%UEu & t3FFf;& 9} FFf> tjVh^lS& & `j XFFf9tf>=& GFFf9tjh^V]O& u
Ansi based on Dropped File
(~WRD0000.doc)
0 F WE,P9 0 ^9 9 vMM,s9 {B4jV A9 9 Ee0 9 E0 9 E0 EP} 9 E$MM0 B U9 V9 ~tWvt<R 9 & tHW& t=EPv< jEPW9 zuEPW& tujv _^9 D$3& ~0 A$j<B0 Q9 T$0 Q*9 D$3& ~0 A(jLB0 Q9 T$0 Q9 D$3& ~0 A,j\B0 Q9 T$0 Q9 D$;Aua|3Vj9 t4PhRhHj0 F?3^U9 V9 9 F& t5~|u/0 EEPEE\ 9 F|0 3^U9 VE9 Pv@ 9 MP}Mj9 O^U9 V9 u& u3}t(9 A8HtHtHtHuGA\Tq ijq pq q,w}t(9 A4HtHtHtHuAL&q;jqBqq(I9 A0Ht=Ht,HtHu}A<9 0 eP9 A{'q9 {jq9 {
Ansi based on Dropped File
(~WRD0000.doc)
0 F0 F0 FP0 E9 E 09 G9 kj7jueeEPu3ECPM0 ] PMERM]J`9 M-9 MhEP0 ]ME"`9 E4kj Mj9 EPM#ue9 MM9 jjHjj9 9 ueu9 s+u9 E9C}9 Mjh|9 ! o& 9 Mjh|9 rZMl3FGPM0 }9 E9 U3f0 p9 KVQQPM9 MEPM0 }E:9 EAjj R2Zi9 j\79 u9 M& tj9 M& tiS a}t*FPjEP9 9 MeP^MM}t+jFVEP9 9 MPE-MM" xijHjh9 ej\ j& }9 v9 MV>.@PEP9 o9 M3EFP0 uM0 uE29 E9iU9 QeVj\9 2Pju9 $9 E^j.+h9 j9bY9 0 M30 E;tu+MPNS hU9 Que}9 M& tPjh|9 m9 EjNgeue~9 Mjh|9 9 6e3@0 E& t9 P9 9 ELhU9 VW9 OH9 VEP9 }MNy_^9 U9 S9 ]V30 u;uVE9 9 MW30 u}9 E
Ansi based on Dropped File
(~WRD0000.doc)
0 H9 F9 M@d9 F0 89 F0 HMF*P9 FhP>j 9 9 FjPM89 MeEP6& u29 M)P9 FhPX9 F@vjLMMU2_V9 9 FW3;u3a9|$t<9~<t9xt@vjL=@vWL;t(F<9~<u3@0 xvjL;t0 ~<_^,SUV9 5` W~S3hPP0 D$,9 =9 U& ShjU9 U0 l$,& ShjU3PPPt$ 9 U0 l$(& D$,PU@ & 0 9 D$,;D$4D$~9 L$40 L$,0 D$49 D$8+D$0j"!Y9 3& " & ~ND$0 D$j]9l$4~.D$0 D$ D$ Pjht$0;l$4|D$L$uSht$t$4P0 D$& & (9 D$_^][,ji9 hMeNL9 FL& 9 j9 P3MM9 [9 U9 QVhMju9 & tFLM9 ^V9 9 F@& tW9 = jjPvjv@_9 F& tPh f9 F& tPfY9 ^&j09 0 ue jdv@9 F@& tPf@MNR VW9 =9 f0jdv@jev@9 F& tP9 Y_^V9 ~0Wu[|$du=~9 }& F,9F,|f,F89 F8;F4|9 v,9 A& t!P9 |$eujv(jdv@_^U9 Vu 9 Y& tbW9 };=uu9 {&uu9 Ru
Ansi based on Dropped File
(~WRD0000.doc)
0 L29 u9 y0 >& u;u9 M;
Ansi based on Dropped File
(~WRD0000.doc)
0 L9 M9 uN0
Ansi based on Dropped File
(~WRD0000.doc)
0 M 0 E9 E 9 E9 Ve
Ansi based on Dropped File
(~WRD0000.doc)
0 Mh xSj!}& 9 u& MdeM
Ansi based on Dropped File
(~WRD0000.doc)
0 MT39}l P9 uh; E9~ <9 N9 P 9 N0 EX9 0 E0;u0 }\9}XtE\9 N9 Pl0 Eh9}\u;u9 MTVa& & M}M40 }}ME}MDE}9 N9 3CE9}\u9}htupPP
Ansi based on Dropped File
(~WRD0000.doc)
0 N$9 Y~& 9 && 9^uv9 NvDv@9 90 F9 N; l9 }0 9 N9 M0 0 F$9 0 F 3@U9 4S9 9 CV3; 9p WV VP0 E 30 u}EPu u9 E@Pu Pu0 E Wu0 Eu9 Eu@uPVVu uE0 }9 Y; 9u u
Ansi based on Dropped File
(~WRD0000.doc)
0 u;q|;skSuuu# Du YPtH"!0 E#0 Uu)
Ansi based on Dropped File
(~WRD0000.doc)
0 uc9 MPcM9 c9 M+WEPbEPMEd& uME&
Ansi based on Dropped File
(~WRD0000.doc)
0 ut}ut9 M0n|9 & [& 8P9 wPM8Er8E
Ansi based on Dropped File
(~WRD0000.doc)
0 x,9 M|jV0 9 M9 PhjV9 ]9 - 8H H " H SHHtyu2Y9 & t69 ;=(u9 uVuP& t9 j9 3JuuWPf|teDMQP [& t9 M& tu9 PHSY& t3u9 u9 VSR$SSY& tRu9 u9 VSR(S}Y& tTu9 u9 VSR,S^Y& Ju9 9 RR}`& .S3Y& tx<ukj_9 uHSt9HtY& u9 VS9 RAY& tu9 V9 RP$Y& tu9 V9 RL
Ansi based on Dropped File
(~WRD0000.doc)
0 X9 G0 9 G }t
Ansi based on Dropped File
(~WRD0000.doc)
0 }0 }0EPEP.EYYuu Euu9 E+E9 M0 F9 E0 F9 E0 F_0 9 ^3[#9 U9 | 30 E9 EV30 E 9 EW30 EGE30 E0 uR0 }S0 u0 u0 u 0 u0 u0 u0 u9u$uVVVVV#/39 Uj0 U^f tftf
Ansi based on Dropped File
(~WRD0000.doc)
0 ~S3A Pjh)hq)hM)h))h-h%h% 3$;" 0 F|9 [^j8g`9 D9 & ~| 9 ]RN0 ~ cN4u~P9 MPeMD9 MEPEPE!!9 k JMk 9Mk (3@N`P0 EWEPM0WEPMES-_N`Dk& F`PMTMEMEjN`ZWEPMWEPMEujSjMExPM Pv| & & r!EME<ME0v9 Rt~tN P MEMM9 EMEMM30 U9 QSV9 u9 N09 ^4W9 }9 G0 E0 M;v9 ^,9 G+;v9 & t
Ansi based on Dropped File
(~WRD0000.doc)
0,`H~8 09 :|@T/R>+!\P4.M^%Rn|)]1! ZR& gX5+!`x^{`W]A
Ansi based on Dropped File
(~WRD0000.doc)
00 RZE!yG"!p! !90
Ansi based on Dropped File
(~WRD0000.doc)
00"0.0:0F0R0^0j0v0 0}0a000000000@1P1111'2222'353u333344_4m44445I5W5 555536A666667+7k7y77788U8c88888?9M99: 999):7:w:& :::;!;a;o;;;;<K<Y<<<<=r= =R====>/>B>>}>: >>???N?! ???0A0~0`00001'171J1b11S111212O2p2}22223-333334H44444[5 55686V6w6" 6666666777#7(757;7I7W7e7s7 7& 7 7 7b8n88899"9H9`9" 9:>:::'; ;;R<<=T==> >>L? ?P(0 01P112x22" 3o44.556x66'7v77"8~88:r: ;:<h<<=r= ==>-?? tJ0
Ansi based on Dropped File
(~WRD0000.doc)
000#020U0b0n0v0~0`000112333
Ansi based on Dropped File
(~WRD0000.doc)
0000&0-040:0A0H0R0\0f00/1U1\1c1j1q1x11 11 1a111112222223C3z3R33338444$5H555686^6g6677R777}8888:;;/<d<<<<<="=:=W=t==>;>>>>>>?@?d???
Ansi based on Dropped File
(~WRD0000.doc)
000000"0&0*0701*191e111[9x9999::R;s;;;;;;K>????T0k0t112z22444#505>5n5: 58x888999"9;|>>T?^?{?R? ???????00!0&01060A0F0Q0V0a0f0q0v00 0 0 00000000000001111!1(1.141B1111202<2D2o22" 22222333E3R334c444,5O5u556G6b6}666(7S7 7778>888'9R999:
Ansi based on Dropped File
(~WRD0000.doc)
09 I9 ^V9 9 FW9 |$;Gt
Ansi based on Dropped File
(~WRD0000.doc)
09 n9 7o9 D$ppSWj9 9 \$& t-VSrY9 V9 ?30 w& |f9 Wf0 B@;~^_[U9 }tOV9 uj9 lEPu YY0 F@P9 9 F9 NURjuPQuj9 +^]V9 9 FW9 |$;GtjW9 0_9 ^9 D$Vj
Ansi based on Dropped File
(~WRD0000.doc)
09 }9 ^Vt$9 9 ^Vt$9 9 ^j ?m9 EPM ue9 MM9 m9 D$p|$V9 t19 F& ~HPf\tf/tj/9 t$9 #^|$V9 t19 F& ~HPf\tf/tj\9 t$9 ^j tl9 juM
Ansi based on Dropped File
(~WRD0000.doc)
0H 89t >1uA~WwQ@PWV^d3_^[]9 U9 Q9 UBS9 VW% #0 E9 B9 %0 u& t;t<($3;u;u9 Ef9 M0 X0 L<0 ]9 M9 E0 H0 & u9 9 P9 0 P0 & t9 M_^f0 H[9 U9 0 30 E9 ES9 ]V0 EWEPEPYYEPjju9 fa9 u0 CE0 E0 CEPuV~|$& t3PPPPPP9 M_0 s^9 3[F9 VW3H<u0 8h00 7YY& tF$|3@_^$39 S9 VW9 >& t~t
Ansi based on Dropped File
(~WRD0000.doc)
0L0U1 11L2\2c2j2q2x22 22 2333333444T44445R57L7777^88K99::::(;-;L;d;v;{; ;S;;<<<x=== >4?9? ??xO00000)1"!111112C2h334~44
Ansi based on Dropped File
(~WRD0000.doc)
0w,aQ"!mjp5c" d~2y +L|~- d jHqA }mQ& Vlkdzbe`O\lcc=
Ansi based on Dropped File
(~WRD0000.doc)
1 *\#C ;GIF89aYYY x!,~ ;F! G& }}
Ansi based on Dropped File
(~WRD0000.doc)
1*zA;u@9 AHt$CQ|`9 T%Cu`9 T&C+"!jRPug 9 E+]PuSujh 0 E& u4PP{1YM9 E;EtPqY9 E& 9 9 E9 E9 3;" 0 E0 L0;t9 Mf9
Ansi based on Dropped File
(~WRD0000.doc)
12=3.4S444455!5+5>5555K666*7s778L8z88829 9999:Y::::;"!;;6<w<<=d===2> >>?`???0l^000A1118222$3 33#444L5 55.66e778A8}889m99:f:::T;;;:<: <<0=d==>`>>?`???@ S0! 0071112T222)3f3u3333334C4q444)5`5555-6[6667=7 778879n99:{:::Y;;<J<: <<3= ==/>c>>>>>R?P 00.181O1Y1u12A22 33334<4q44455<5H5V5]5z55556C6o666/7@77777L8889S9~9999:d::;B;`;;<b<<<"=;=h==>+>8>G>X>y>>>>o?`??`l*0 00 191K12! 2R222P33! 4b67m89@:a:x:::::;(;S;;,<<=3=?=L=Y=x=====9>g>s> >>[???ph00
Ansi based on Dropped File
(~WRD0000.doc)
130329235959Z0R10UIL10
Ansi based on Dropped File
(~WRD0000.doc)
171Z1112j223;3 333%4P44%5q5 555667 7778D8 889*9M9v9"!999*:m::;T;;<B<e<<<<==|===0(0t00081c1}11
Ansi based on Dropped File
(~WRD0000.doc)
19 QWuuS G;~| E9 E;F|3@_^[U9 QSV9 uWv9 = 69 uu9 u0 EVu& )9 0 E9 ^Suu9E 0 M9 E0 ME0 EExAu1
Ansi based on Dropped File
(~WRD0000.doc)
1Au uS9 ]SuuS C;^0 ]RE9 E;FR3@_^[jd9 0 us3N0 }1@-^<9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
1b9 ( Ph0
Ansi based on Dropped File
(~WRD0000.doc)
1N1y1172222222234w4$6F667)88889h:~::::::;<;y;;<j=& ==?>n> >~>>!?\? 001013&3;4V4d444555F5f5u5 55555Y6 6666,7H7: 777?8_889b:`: ;;; <=<y<<<<m=====>->?>K>>F?t?? }01|11E2N222233%3E4O4f4555666828<8A8 8885999::y: :~:::b;o; ;;{<< <<<<======>>x? ???000%0+0001E1111112722223 33K4l4 4455'55556667G7U77 78G888A9 9/::;U;q;: ;;<t<=O=o="!==>r>j???p000R1s12k3p324K4V4[4445666?6H6R6w6! 6x666E7777898N88E999):=:::;<C<< ===u>6??S00001&1@1 1[2@3I32444`5s5 5~5J6a67*7Q7q7}7777777m899:d:v::::::;;1;;;;0 < <S<<<<,===>`>p>1?K? ?00P0r001V1111112!2;2f223333334454M4v4R444P556&6+626[6k6v6 666 7c777.8D8 88888'9E9y9999:+:S: :S::;;;<<%<3<<<)=7===U=p===>0>A>J>>?T?h??h0000001%1+1;111_2k2S22222X3h3o33a3333334T44L5m5t55~5F6R6`6g66677778
Ansi based on Dropped File
(~WRD0000.doc)
2''8$3B)=,`*D
Ansi based on Dropped File
(~WRD0000.doc)
2.2E2V2z222>3O3y3 33404`4f4p4u4 44l55555P6f6o7777888,8d8}8889:;o<<<<8==?>E>K>P>^>q> >>>>>>>>
Ansi based on Dropped File
(~WRD0000.doc)
212~22222&3q3}39 3 333^4n4t4~4444 5j5 556%6^6 666788.8D8_8k899"949Y9b9t99:2:X:~:::::;&;/;L;i;y;~;& ;" ;;;;;.<4<k<|<R<" <: <<<<*=U=]=& =a=u>?? H0O0~00r1123334!455"!67!8o8899}9999:2:x;;=r>R001111111111111112W2_2d20 2}2233R3W333w4444444{5! 5 5 5S55555
Ansi based on Dropped File
(~WRD0000.doc)
2a2223U333.4`445;5~55-6q6667V777 8K8 888,9`9 99:e::::J;u;;;/<b<<<=`==>\>>"!>>>>F?0 ?? S?0 00011!2X2{2222S3}3333J4m4445[5}55'6d6667>7 7778(8Y8|8x89I9999:>:a: ::::5;;;$<<<<.=a=x===><>j> >>>3?b?"!??0020`0: 000#1v11192d2 22313h33434y4475z55 6k6 6667A7& 77;8c8~889>9g9a999F:: ::;W;;;
Ansi based on Dropped File
(~WRD0000.doc)
2MEu*M("& & hM(&0 EX;t9]| EHPM1M(a!PM2jEPM!Pu\MlMm 9 3;~iVE8PM57E9]XuM8{";t*SE8PM((;uSE8PM'9 MxE8P6M8E)F;|;~M^7Eh9 Eh;E`RSM(ME6ME.ME\)M(EP)3F(js~9 9 M!& t
Ansi based on Dropped File
(~WRD0000.doc)
2QYj)QY9 VWP5P 9 t9 & uNhj9 YY& t:V5P 5Y& tjVYYDN0 VoY3W _9 ^9 V9 & ujY9 ^jhB9 u& 9 F$& tP"Y9 F,& tPY9 F4& tPY9 F<& tPY9 F@& tPY9 FD& tPY9 FH& tPY9 F\=]tPYj
Ansi based on Dropped File
(~WRD0000.doc)
2VEPEPS9 EgME
Ansi based on Dropped File
(~WRD0000.doc)
2Vt$9 [t$9 g3@^j8139]u3& MJt9 M0 ];0 E0 ]~Y3;0 ]}B9 MSF9 & t& tG4PN4a& }0 ]9 C;]|9 E9Etu9 MPF9 ]9 EC;0 ]|MMs3@E1U9 hSVWj@EjP9 U;j(EjPH;j
Ansi based on Dropped File
(~WRD0000.doc)
2Y0 EE& t9 3WE0 1Y0 EE& t9 k3WE0 1Y0 EE
Ansi based on Dropped File
(~WRD0000.doc)
2~0 EP& uMhx9 oK9 & tM ^9 MTE PESE Phh 9
Ansi based on Dropped File
(~WRD0000.doc)
3 " H%~t6SY9 9 N;x';x}P=6rY9 9x|EPW9 $& StB rf/tf\tf& tf{:uSjSDV{Y3u0 ] 9 9 f& tf/tf\uyAAf& uS& hPLa;ul3f0 & W& P~DS& hNP & PS3PSjPPh@& P0 E } uy99 +3f0 REf/t%f\tf9 lf:& ^W& P& hNP & PjN_<65@YY@u
Ansi based on Dropped File
(~WRD0000.doc)
3 353C3X3g3 333S4 455P6_68888899%9.949]99999;:K:U:_::: ;;;;B<K<T<R<: <<<<<<==)=9=I=P=W==! ="!=======
Ansi based on Dropped File
(~WRD0000.doc)
3" @@3; W9 ShSVPV_& t}t9 M& tu <^9 [Ul$ 30 & jN0 9 9 9 & WVh
Ansi based on Dropped File
(~WRD0000.doc)
3" @@VhhP9 E& t0 03& 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3" @@Vu hSP}9 E 9 S_^3[9 U9 QQS39@t3VWuuuuhHVj70 ])C9 ;tu9 uuuD0 EEPuu< ;t3" PhVAAQ6jEPjSuu4 u9 $ & t3" ShXV@@P3'h|Vj"!}t& t
Ansi based on Dropped File
(~WRD0000.doc)
3" AA3& P9 Wh(VQu^& t}t& t
Ansi based on Dropped File
(~WRD0000.doc)
3"!uEP9 "!eM'& t3MM[/9 eMMEME9 EPVM& &PWM& u!EEuMVe&PWM9 uMEMEnj9 9 MD'& t
Ansi based on Dropped File
(~WRD0000.doc)
3#9 0& tEP9 : eMyP& t3MMW9 KXE{P9 U9 0 MV& t S9 j9 9 E 9 u9 MQ9 P}tEPK$_KX}t6MSNEPEP9 EN& tEP9 : MEEW3FOj.h9 j4vY9 0 M30 u;ta9 u9 M9 0 uPj& u9 9 uEP9 j 9 ~X9 $VM`e9 EPG)MYM9 V9 ~jb9 0 uY/eN LMN0EA/fPNTEl9 XV9 }D$tVtY9 ^j1cW0 MML9 MeEPu& u3MMU9 j4-Y9 0 ME& t"!9 39 MQ9 E0 uP9 & t9 MjuEPm9 j9 9 VW9 |$9 9 N& uSSUnX9 ^$S9 Y& t9 -W9 \WN3=S& tC9 & u
Ansi based on Dropped File
(~WRD0000.doc)
3& M&ueM& uMMMSJ
Ansi based on Dropped File
(~WRD0000.doc)
3&u9 uP,u9 P\39Ap" ]j\V>0 M3VVMy9 MVVEP0 u0 u0 u33_& t$EPEPM]! & t9u|9 ]9u|9 }9 MjVEP(& t$EPEPM&! & t;]9 ];}9 }9 MVjEP& t$EPEPM & t;]9 ];}9 }9 EM0 9 EM0 8wy
Ansi based on Dropped File
(~WRD0000.doc)
30 E0 E0 E0 E9 E9 3## 0 uf;!f;f;!
Ansi based on Dropped File
(~WRD0000.doc)
30 E0 E3f;uBEu9uu9uu3f0 Ef;u!BCu9su93u0 u0 u0 u0 uS}E9 ES9 M0 M& ~RD0 E C0 E9 E 9 Me9 O4;r;sE}0 wtfE mM}GGESM} f& ~79 }& x+9 u9 Ee9 ?0 u0 Ef& f& Mf& }B9 EtE9 E9 }9 Mm9 EN0 }0 Eu9utfM 9 f9Mw9 M u4}u+e}uef9Muf0 EBfEEEf;r#33f9E0 E 0 EI 0 M;f9 EUf0 E9 E0 E9 E0 Ef0 U3f& eH% e0 E}& <9 EM9 u9 U/E3 3EE33339 } ERf0 f0 G
Ansi based on Dropped File
(~WRD0000.doc)
30 E0 E3f;uBEu9uu9uu3f0 Ef;u!BCu9su93u0 u0 u0 u0 u}E9 E9 M0 MS& ~RD0 EC0 E9 E9 Me9 O4;r;sE}0 wtfEmMS}SGGEM} f& ~79 }& x+9 u9 Ee9 ?0 u0 Ef& f& Mf& }B9 EtE9 E9 }9 Mm9 EN0 }0 Eu9utfM 9 f9Mw9 M u4}u+e}uef9Muf0 EBfEEEf;r#33f9E0 E 0 EI 0 M;f9 EUf0 E9 E0 E9 E0 Ef0 U3f& eH% e0 E}& <9 EM9 u9 U/E 3 3E E 33339 }ERf0 f0 G
Ansi based on Dropped File
(~WRD0000.doc)
30 M0 M0 M0 M9 M9 3 0 u##4
Ansi based on Dropped File
(~WRD0000.doc)
30EP9 G8ehUM:& uhM)& uMMrh EP9 _@PN$EMEGhx9 ?& u3MM)9 kP9 \9 jD9aA/9 9 M& & t
Ansi based on Dropped File
(~WRD0000.doc)
30M 3VjuM0 uv M;uM& N ;uMM 9 P9 9 jD9a.9 9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
31MS9 eEP9 jjEPMSE & t69 0 euMS" 9 ME6MMS0 9 3U9 QQ9 EW9 & t@VpEP9 e9 E& tHQP9 EPEP9 a& u@^_j ./9 9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
334444444V5c5}5 555555T6Y6v6}6 66677C7X7t7y77778}8889999: : :;X;{;}<<<>>5>B>U>t>S>>?@01'1A1L1\112222223;3Z3y33333434R4q444445+5J5i50 555556:6Y6x6 66667/7N7m7R77778'8F8e8 888899>9]9|9: 9999:6:U:t: ::::;.;M;l;9 ;;;;<&<E<d<<<<<<===\={=a====>5>T>s> >>>>?-?L?k?`????P0%0D0c0 000001+1F1a1|1 12223h566)656B66677>7*8/8M8b8 888899(9/999::a;;;`<<`=>>>>??g?y? ????` 00000<0b0z0 000000111*131E11h23+3i39 335 5J5p556&6! 66666J7u7`7878D8\88999::S:::,;f;;<<S<_<k<z<z==>5>>@??pp0Y0d011113$3D34o4" 4G5d55X6h667N777)8p8889!9399999/:`:;<<==G==>}>>>>/?;?R?a?j? 50?0f0 0 00"131'2:2k2 20 2222223
Ansi based on Dropped File
(~WRD0000.doc)
339E 0 E& tI& t\B& u0 U` tU}u< tK<tG& t=P& t# 1Y& t
Ansi based on Dropped File
(~WRD0000.doc)
33@0 F 0 F$Q0 N0 N0 N0 NF,3F0 0 N4F(0 N9 ^V9 9 N& tT
Ansi based on Dropped File
(~WRD0000.doc)
349 MEP5<M0 ]hxM!& u3MMh9 9 MC<;0 E0 ]}u9 M@9 ; 0 EP9 ;PMEM]MXh\SM& tMj$D-Y9 0 ME;tS9 3W9 ]& t9 MV9 VP;t9 j9 E9 E;ERS3F%j j29 30 ]9 }jhT9 0 ]N0 ]ChT9 0 ]9N$P9 )hT9 hRT9 EP9 e.9 M& t'EPD9 0 ]oP9 MEEPEP9 n& uhdT9 h@T9 9 2U9 QeV9 9 M2& u>!EEPuN& t(9 E& t!9 MP9 M& t9 EP9 Mjh|9 89 E^U9 Qe$Q9 M 9 EV9 D$tVe2Y9 ^jkH19 0 u~9 ,T e^$9 9 h9 EhT9 9 1V9 D$tV1Y9 ^jXFk09 9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
36xuEP9 eM!& t3MM(9 MMEM9 juME+ PVM0 M9 EcMEe: j<xeEP;3CM0 ] & t9 Mjh|9 A.0 ]M5MEMEME9 EPM0 PVMy& u9 Mjh|9 -0 ]`M_PMh0MEPME>PVMk9 M& ujh|9 -EP1M0 ]E'MEYME?M]~'MEr'9 EyjHj S9 9 Me& t9 Mjh|9 -ZEP9 3FM0 u& t9 Mjh|9 ,9 MhPMq/9 MEPD0M0 uE&9 ESj4: 9 39]tP9]tK9]~FjuM,EPEP9 0 ].ME& t!M]z&MMn&3vSMME0MEME39]9 ~@9 E9 ;t0PM(M"!& uMnPMePWM\F;u|MEME%MEM]%MM%3@@jaEP
Ansi based on Dropped File
(~WRD0000.doc)
379 MEP ?M0 ] h\SMp& uMM9 MhdF; MQ9 BwP9 EM]}9 & tMMf9 j9 9 MhDS.F;tpMQ9 cBwP9 EM]"9 ehh9 h9 h9 hh9 hT"!hS9 & 3C]jHj59 30 ]9 ujhT9 0 ] 0 ]ChS9 0 ]oOP9 _hS9 ShS9 GWMhhM0 ]hh9 MhhMhShT"!MMtP9 hS9 h|S9 ME9 5jyj59 0 u,TE~P9 E,e
Ansi based on Dropped File
(~WRD0000.doc)
39 e& t9 U& t3@9 0 ej\1VUVW| e9 0 eWV0VS$aW|9 VMEVWVMEV|Ee9 & ~\EP|m9 EP$\& t4& tvMAGP
Ansi based on Dropped File
(~WRD0000.doc)
39 MIa& ujh|9 Mn9 MjxV0 ]c;tVM j9 M_PMZpEPM 0 ]
Ansi based on Dropped File
(~WRD0000.doc)
39 O$9 F$9 ]SQPRP0 EEP9 639 0 ];t9 MQ9 RM9 T0 E& vS9 ;u0 ]C;]r9 3;t
Ansi based on Dropped File
(~WRD0000.doc)
39]0 ]0 ]}9 =<u9 MEP M E ME
Ansi based on Dropped File
(~WRD0000.doc)
39F$PEPeM )& tMM0EP9 }ME ME ME9 EPM%(PM(PVMh& u93ME^MEDME 0MMv09 @9 uj" 9 9 M(& t
Ansi based on Dropped File
(~WRD0000.doc)
3;YxNU9 S3V9@uT9]tO9]tJ9]tE9]t@j0uu9 ;t*WVujuqV9 V\3;x_3^[]ht$t$t$U9 T 30 EV9 u9 && t3(& P9 %P3" P9 l9 9 M3^jM@=@Et"ME-MM-3$EP\& u3ME-MM-9 39E(M P%PM$P9 & uPj[eEP& u3FMMQ-9 YM$P 9 =@Vu+9 t$& t#W3VGT& uPVPH& t39 _3^=@t3 9 L$I$9 L$P?$P+YY@j[9 ]e3& t*t%u\jWM$P9 & uDP<M#P9 & u'9 5PujWM#P9 & uMM>,9 FD$V9 tV_Y9 ^V9 9 L$q#P9 ^UPl$ 30 & Pj`NM9 l0 M3\0 ]G$& t6M\+39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3<hsMQP< 9 uP9 %9 E+E3WsWsP9 E+EPuuh h|9 hW 0 ;tWjhP9 5 h~jSj0 9 MM
Ansi based on Dropped File
(~WRD0000.doc)
3= 0 MV89 E|^j2]9 }u
Ansi based on Dropped File
(~WRD0000.doc)
3=a~,u3@M#eM~EPVME& u3ME`MM0)9 M2}M9 3E& ~;VEPM0PME,+ME #jjEPMF;|MEs#3Fyj,& 9 M9 Fe& tPMVMt^MM9 9 /"!|$Vt-9 qAr9 9 9T$rr9 9 I;L$v2^9 T$9 V9 p0 29 p ~-u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 BU9 9 M& w3Q Y3seEPM"!h,EPE9 ~U9 9 M& w3k0QR Y30seEPMh,EPE9 U9 9 M& w3P? Y3seEPM}h,EPE9 Vt$9 9 9 ^U9 SVW9 }9 9~sB9 F9 ]+;s9 9 E;s9 ~r9 vPu~Pl& u;]s3;]" _^[]V9 D$tVi Y9 ^V9 pD$tVM Y9 ^j0 9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
3=KEP9 ReS: WM& u
Ansi based on Dropped File
(~WRD0000.doc)
3@ ME0 ME}ME9 EPhMPVMZ& u+3FMEXME>MM|
Ansi based on Dropped File
(~WRD0000.doc)
3@^! &j<'Mej
Ansi based on Dropped File
(~WRD0000.doc)
3]EA9 EjppEPQEPEjP & u8Et9 E`p3E#E }t9 Map[9 U9 9 MSV9 u3W9 y;uj^0 0SSSSSS9 & 9]v9 U;~9 3@9Ewj"Y0 9 ;0F~`:tGj0Y@J;9 M;| ?5|
Ansi based on Dropped File
(~WRD0000.doc)
3]MxeMf& u3MM! 9 9 Tu: 3& 9 3;|" 9 V9 9 L$P9 }^VWhP3@9 & t!h4V<& t
Ansi based on Dropped File
(~WRD0000.doc)
3`M30 }9 MWh9 9 M+PVEPME*M& & jhMtijh9 MtSVh{uM?+PVEPM^PMEME)M& tPME9 MWS#9 & MME3MM9 |9 Vh9 MhVh9 MZMEMuEPME9 M& tEPME3F U9 Q|uMeVh@9 & t.hV<& tMQ& }
Ansi based on Dropped File
(~WRD0000.doc)
3ajuM@*eEP9 ME& t3ME7$MM+$9 MMEMEjM9 aPMXPVMM9 E~ME 0 j8l9 }u3MVeM[MEwjuM9 ^)EPEP9 EME& uMPWMEP9 ME& uMPM! PWM~
Ansi based on Dropped File
(~WRD0000.doc)
3D9 MEPh$RM0 ]'& u3MM+9 9 M;0 E}9 MSG9 & EP9 rhRMEe'& t EP9 PNE.2MhRM4'& tEP9 PN$E1M_hRM'& t"EP9 wME"0 M,h9 M&& t$EP9 DPN4ES1ME*ME)C;]R3Fj~fx9 0 uN4R ej
Ansi based on Dropped File
(~WRD0000.doc)
3E0 F,9 E& 39 N,Pu MMajiz9 FXPM9 N,e& u3MM 9 $j9 ji29 FXPMG9 N,e& u3FMMJ9 ,9 V9 ~,u3^9 WP89 N,9 ;_@^V9 9 WPL9 9 9 PP& uY& tU9 W9 P@9 %& u%Ph%j3& t$<u9 W9 PD9 9 P9 W9 PH9 9 P3@3_^9 j] 9 }e& t69 & t$<u9 W9 PD9 9 P9 W9 PH9 9 P9 9 Ph0h%j 3ji9 & u< PMeDN89 PR& t
Ansi based on Dropped File
(~WRD0000.doc)
3F$PEPSeMa*& t3MM19 EP9 GjEYM9 RMEWMEsVM9 (PM(PWMcM9 E%MEMEI1nj(Co9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
3IuEP9 eMa& tMMeMkMEplMERu9 EPhMPVM<& u-3ME;lME!MM_9 Z9 uV9 QD$tVHY9 ^jbG u
Ansi based on Dropped File
(~WRD0000.doc)
3j&h\?Y9 0 ME& t3j9 M9 9 Rxzh`S?Y9 0 ME& t?3Mj9 9 }Eh`g?Y9 0 ME& t&
Ansi based on Dropped File
(~WRD0000.doc)
3j0AC 9 M eM9 uE& u"MEMMw3 VM-& t3MErMMF9 3@uV9 9 j80 M9 }& 9 Me9 de0 E& ~[u9 ~"!9 & t@^$9 & t9 EP9 9 MV& u9 j9 u9 "!ME9 E;E|MM& jLt0 My9 (d30 E;u3M:M0 ]X9]E0 ]}~u9 9 ;t9]uFPM&;ujF$PEPMq%ME& u>EPM& t.jSSEPND ;tFPNH9]t9 MV MEE9 E;ERbM]MM|3@ j,&9 jMBueFPFXPM-& u!j9 `3MM"9 }t9 +9 S9 A}tu9 um9 3Fj h9 M0}3M0 }0 ~0 ~M0 FM0 FM0 FM0 FN,MM0 F0 ~ 0 ~$0 ~(|9 j,& 9 9 M& t\9 E& tU0 NM0 F&eM53& uj
Ansi based on Dropped File
(~WRD0000.doc)
3jZ0 FQ9 9 FPvW.v0 ~_^9 A& t99 L$V9 4& t,jhwh`rjV& t9 9 R9 j9 ^9 30 H@0 H0 H0 H0 H39At9At9At@9 A& t.y9 Iu9 D$A`3& v
Ansi based on Dropped File
(~WRD0000.doc)
3M Le9 g& uMMpLh9 E9 0 ]& t9 9M0 E'5h\: EP9 E2PMEEME>M 6& u;MP;EP9 EPEP9 PN4EkEME=hEP9 PMEBEME=M'6& uM.60 FhhEP9 PMEEMEj=M5& uE~$P9 D9 :hEP9 8PMEDME =M5& uEPND Dh8 9 & tAh0 MQ9 PMEgDME<ML5& uEPNCDe}w3F9 ]u9 9 & t'EP9 *Mh9 E9E& uEEEteMN< }t"9 9 P9 9 WMQMQMQS9 P& tE9 E;E re& t9 j9 3ME;MMI9 Jj.hY9 0 M30 E;tUdjpL0 Md9 Mp(9 0 MT& oe`0 EP& u`9 MT9 0 ]X& E P9 eh9 7M 9 0 }6;9 & 0& }dh\: 9 9 & 9 EP9 %9 Eu39 M0 }: t[E P9 M E89 udE P9 <E PEP9 PN4E!BME0 :M 0 }~:9 MXhT9 & EP9 9 E29 M0 };: xEP9 O9 ud$P9 ExAM0 }:9 K7AEP h9 Ev6M9 0 }9& 9 0 E\& hY0 EpE& t9 `9 3ep}\0 } Gup9 MX9 & #E@P9 M@E1M@& & h\: 5& tXE0P9 VM0E1& u59 MdE0P~9 MdE0PE PPNhE
Ansi based on Dropped File
(~WRD0000.doc)
3M0 F89 j%9 R9 F8:VWjX9 f0 9 D$9 & t9 83& u
Ansi based on Dropped File
(~WRD0000.doc)
3M7eMyREPuME0 9 M& tEPcMS& t3ME\[MM9 M*EPME,M9 E*jO9 9 M S& t
Ansi based on Dropped File
(~WRD0000.doc)
3M9 0 eju0 FV" 9 NjY9 0 ME& t3M}0 Ft9 0 eju" 9 Nq4jh[M9 }tvjjPY9 0 Me& tb3M9 0 eju0 F 9 Nj Y9 0 ME& t 3uM9 0 Fj.9 }tgjY9 0 Me& t3M9 0 eju0 F 9 NjY& t` $39 M0 F0 Hj.89 }tJUj;Y9 0 Me& tM3M9 0 eju0 F"! 9 N9 E0 F" j[9 0 uej
Ansi based on Dropped File
(~WRD0000.doc)
3M=jju3M0 u7BM;uM=<;uMM=9 3FV9 D$tVY9 ^j@a 9 Mee9 0 } [Ph&.Sjz9 \& & " M3EuWMv53& tEW 9 0 ePmMj9 E[PMxih.MEek9 0 ejh|9 SiEP PM0 E& 9 u
Ansi based on Dropped File
(~WRD0000.doc)
3MM3AFFf; @; Sa tVHtGt1
Ansi based on Dropped File
(~WRD0000.doc)
3MQEPu39 0 ]& tMMZ9 9 ;tQh
Ansi based on Dropped File
(~WRD0000.doc)
3N<0 },3CNL]N\E}E}EE0 0 ~0 ~|0 0 Fx0 ~0 0 ^p0 ^t0 " x0 ~l0 0 0 0 0 ~0 ~00 ~40 ~80 ~$0 ~(0 ~,0 ~0 ~0 ~ 0 ~0 ~0 9 DjyVC9 0 ufx9 E& t9 j'}E;}E,N\E NLEN<EM9 DjNT"C9 9 Mf& & s& R9 9 & ufj =Y0 Ee& tjs9 ~3M0 EPs@ 9 0 eu9 9 9 suhu}tu9 9 WFC9 D$0 At39A" jSVLB9 30 }9}$ 9}(t~9 F9 ] ;t9 M+MWQ9 M+MQuuPS Gu(9 E+ESu$9 P9 E+EPu9 Eu
Ansi based on Dropped File
(~WRD0000.doc)
3QuEP9 QeM%& t3MM-9 M
Ansi based on Dropped File
(~WRD0000.doc)
3sEP9 eMy& t3MM9 MEP9 E}PMEFMEM+& u uM& tME! 3F M!ME& MEBxuMh9 PVM~M9 E" MEME'j@quEPQeMv& t3MM9 q}tjrY9 3MfMEk" ME! ~Wh$M9 PVM{M9 E=" ME# j puEPeM& t3MM59 =qMME MEuMhH9 _PVM-M9 E ME9 jo9 9 MUuEP9 eM(& t3MM 9 "!pM,9 MEM9 ' MECVhlM9 PWM7M9 E ME`jRoEP: eeMME MES9 EPhM=PVM0 & u0 M9 u|p~9 0 uMEd MEJMM9 ojnuEPeeMME
Ansi based on Dropped File
(~WRD0000.doc)
3SjuMYZeM\OjEP9 R& t3MMLT9 uN]9 PEP9 R3FU9 }u35u9 MV9 Mqj
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eM'& t3MM& .9 M&ME+MEGjhM9 %PVM:M9 EME"!j}U9 9 M"!&& t
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eM+& tMM! 2M*ME/MEK9 EPh M)PVM& u-3MEMEMM29 ^9 uj$=9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
3uEP9 eMq&& tMM-eM{ME MES9 EPhM%PVML& u-3MEKME1MMo-9 Z9 uj}9 9 M%& t
Ansi based on Dropped File
(~WRD0000.doc)
3WMXeWMw0 9 EjW0 ~0 F9 0 F & uMMd9 =@ EPvv 9 Fd9 UjvHvhD+RQQhPjvPj9 !P0 F& u3MMc9 IEPv9 E+E+FP~t0 FHt9 EP9 Fp9 E)FHt9 2EP9 Fp9 E)FH9 \3F9 U9 }+SVW9 te9}t}u|3_^[]9 ]9 u& u9Ft9 9 P`9 NuSW?u& u9Ft9 9 Pd9 N9 U9 BHt
Ansi based on Dropped File
(~WRD0000.doc)
3wuEP9 weM+& t3MM939 jzYM9 MEMEVh M9 a*PWMM9 EMEj}9 9 MD+& t
Ansi based on Dropped File
(~WRD0000.doc)
3x9 MESPh RMS0 }" %& u3MMS(9 9 M;0 E0 }}: u9 M9 & wEP9 EhRME8%& tERP9 PNE0MRHh`RM
Ansi based on Dropped File
(~WRD0000.doc)
3XuEP9 XeM(& t3MM09 M}EtjIY9 9 }MMEWh,M9 7'PVMM9 E}MEc& jv9 9 M(& t
Ansi based on Dropped File
(~WRD0000.doc)
3YU9 30 EVW9 }V& jPqj& Phj)0 & tjY3@9 M_3^wjWQ!}9 MEPu3 9 0 ]0 ];t9 uMM9 } 9u39 9 9 R;t9 MQu39 FR8M& t
Ansi based on Dropped File
(~WRD0000.doc)
3yVu & tP 9 & tVu M9 '9 MeVWPM& u3MM9 SuM9 j[[x9 Re& t6>t+u9 MQ9 R9 9 juPMM3@MM3xjRw9 j<rY9 0 Me& tjxa30 }0 R& u3Yj8qY9 0 ME& tjx: 30 }0 & tj"9 0 eWhh9 j&9 0 eWh9 j/9 0 eWhX9 j<9 0 eWh9 j>9 0 eWhS9 "!h 9 0 eWhH9 zh 9 0 eWh8n9 [h 9 0 eWh$O9 <h! 9 0 eWh09 h0 9 0 eWh9 h9 9 0 eWh9 h 9 0 eWh9 h 9 0 eWh9 h 9 0 eWh" 9 h 9 0 eWhv9 ch 9 0 eWhW9 Dh 9 0 eWh89 %h"!9 0 eWhx9 h: 9 0 eWhd9 h9 0 eWhT9 h9 0 eWhD9 h9 0 eWh49 `h9 0 eWh$~9 kh9 0 eWh_9 Lh9 0 eWh@9 -S9 0 eWh 9
Ansi based on Dropped File
(~WRD0000.doc)
3Y}9 EME0 EJ0 EEPuhav8u3MM9 #F<3FU$ 30 & PeSV9 \Wj8E jP9 -9 & d9 `h0 EEjPE E0 ] 0 E w-E PShsw8ju 9 9 P_9 ^3[TV9 v8& u^jjhv8^t$q80 U9 uuuuuq8S ]j0Vl!9 ]3VsEPM0 u& & VVj9 =Ps0 EC0 E0 ut09 5Rj
Ansi based on Dropped File
(~WRD0000.doc)
3Z^SEPeM& tMMfMME~ME*! ~$WhTM0 E PuMF4PhHMyPuM9 MS-9 0 v3& t+ME}ME0 MM9 )FUTjD: X0 MPM( j3hM80 ]jjhMEW9 MPE8PEPE(PEM9 EUM8]J;u#MM(:39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
3}/M| 3VjuM0 u M;uM ;uMM"! 9 P9 `9 V9 9 F$U& tPf9 F& tP& tv^j0ik.9 ej,^VEjP99 E9 K0 u0 ME0 E0 Eu}M0 C%9 5$ & tjjhsM0 EEPjh2s3& uMM[9 c.$FU9 0Vj,EjP9 r89 F9 ME,0 E0 E0 EEPjh9v$ ^t$t$hq$ 3@t$jhq$ 3@V9 "!D$tV-Y9 ^U9 SVW39 9}t@Wu WuPPPPQWh(UW 9 0 ^;u3DWjhS$ hj9 N,Wj9 ?Wj9 59 E0 F9 E0 F9 _^[]VW39 NWt$$Ut$0 ~0 ~0 ~0 ~0 ~0 ~B0 ~_9 ^jak,9 0 uPU3@~P9 0 EkI9 j9 PNEiIM9 A,|$u3W9 |$& u3&Vq9 9D$st$9 H0 3@3^_ jakn+9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
3}Rf~#u[3f0 E}QVfEj
Ansi based on Dropped File
(~WRD0000.doc)
4 434R4^4v4{49 4444444455p56P66@7V7i77 778q8888*9:7:H:g:::9;;;;;;8<<<=R=Y=u===> >>>??`? 0111111g22F3O3s30 3~3333344=4U4s4444445G5\556(606=6b6q66667>77778'828f8l8! 8 8888899K9]9 999w:R:0;<<=*=]=S20 33 3" 3"!333333333333333333333333334444L4R4Z4g4{49 444(5A5j5o5 55w607H7M799%:X:}::/;|;;;;T<l< <<<<<=!=.=b=0 =4?F?0"0/0J0Q0i0000 444440556d666666666666677
Ansi based on Dropped File
(~WRD0000.doc)
4)GZ?C@ JYZA(=K%LXZRT>H/2:ZN".01'6Z-O3+M V5,9 ZP7D!;;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
41R'M!S:0 ";GIF89a` ~ x R} }~ : x 0 }0 9 a q!`,H A2tP`]}8y'},@(& 0! $<
Ansi based on Dropped File
(~WRD0000.doc)
44(444?4E4P4X4b4p4u444 4S4444444444455!5&505<5G5M5\5f5t5y555"!55555555555666%6/696C6M6X6\6a6 X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9 9 99R99 99S9999999999;;;;;0<4< <<S<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S44444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S5555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>S>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3 3 33R33 33S333333333333333333333333344444444 4$4(4,46R6P7T7X7\7`7d7h7l7p7t7x7|7 7 77R77>>>45555555555555566666666(|2 2 25566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8 8 888 88S888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|: :::::::::::d=h=p=t=x=|= = ==R== ==S=============>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S????????????H0L0P0T0X0\0112h7l77 77S7777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|: : ::R:: ::S:::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|= = ==R== ==S===================== > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S4444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|< < <<R<< <<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|: : ::R:: ::S::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|; ; ;;R;; ;;S;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|> > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0 0 00R00 00S000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4 4 44R44 4444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|= = ==>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 222222222233333333 3$3(3,30343R33 33S333p4t4x4|4 4 44R44 4@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????P111111111111111122222222 2$2(2h2l2p2t2x2|2 2 22R22 22S222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555556666666 6$6 6 6666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|5 55 55S5555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7R7S77777777778$8(8,848L8P8h8l8 8 88S8888888888990949L9\9`9d9h9l9t9R9999999999::: :8:H:L:P:X:p:t:R::::::::::;;(;,;0;8;P;T;l;p;;;S;;;;;;;;<<<<0<4<L<P<h<l< < <<S<<<<<<<<<<<======0=@=D=H=P=h=l= = =========>>(>,>D>H>`>d>|>R>> >S>>>>>>>???$?(?@?D?\?l?p?t?|? ?????????? h00(0,0@0D0T0X0`0x00R0S000000000111,10181P1`1d1t1x1 111111111112222242D2H2X2\2d2|2R2222222222233 3034383@3X3h3l3|3 3 3R33333333333344(484<4@4D4L4d4t4x4|4 4S44444444444455(585<5@5D5H5\5`5p5t5|5 55555555566666,606H6X6\6`6t6x66R66 6S666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 7S777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888S888888889999(9,9<9@9P9T9d9h9x9|9R999999999999::::,:0:8:P:`:d:t:x:|: : ::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p< <<<S<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x= ==S========>>>> >0>4>8><>D>\>`>x>>R>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t?R?????????????00040D0H0\0`0p0t0 00R0 000000001111101@1D1T1X1h1l1t1R1S1111111111222$2(282<2D2\2l2p2 2 22R22 2S22222222233 3$3,3D3T3X3h3l3|3 3 333333333334444404@4D4T4X4\4`4h4 44 44444444444455,505@5D5T5X5\5d5|5 5555555555566(6,6@6D6T6X6`6x66R6S666666666677 7074787@7X7h7l7|7 7 7R777777778888$8<8L8P8`8d8t8x8 88888888888899 9$9(9,949L9\9`9p9t9x9|9 99999999999::::(:,:<:@:P:T:d:h:x:|:R::::::::::::;;;;,;0;@;D;T;X;h;l;|; ;; ;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<S<<<<<<<<<<====4=D=H=X=\=d=|=R============>>>>,>0>@>D>L>d>t>x>>R> >>>>>>>>????$?<?L?P?`?d?h?p???S??????????00 00040D0H0L0P0T0\0t0 000S00000000000111(1,1014181<1D1\1l1p1 1 1 11111111111222 20242D2H2X2\2l2p2 2 2 22222222222233 3$34383H3L3\3`3h3 33 33333333334 4$44484<4D4\4l4p4 4 444444444445555 5(5@5P5T5d5h5l5t5R5S55555555556666(686<6L6P6T6X6\6d6|6R66666666666666777$74787H7L7P7T7X7`7x77R7S777777777788808@8D8T8X8`8x88R8S888888888899 90949D9H9P9h9x9|9R99 99S99999999999: :$:4:8:<:D:\:l:p: : :::::::::::::;; ;$;,;D;T;X;h;l;t;R;S;;;;;;;;;;<<,<0<@<D<H<P<h<l< < <<<<<<<<<<=====4=D=H=X=\=`=h= == ============>>,>0>@>D>L>d>t>x>>R>>>>>>>>>>??? ?0?4?<?T?d?h?x?|?R?? ?S????????4000$0(0,00080P0`0d0t0x0|0 0S08889999$9,949<9D9L9T9\9d9l9t9|9 9R99999999::: :D:d:l:t:|: :R: :::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<R<<<<<<=,=4=@=`=h=p=t=x= = =S=====>>> >(>0>8>@>H>P>\>|> >R>>>>>??? ?(?0?<?\?d?p? ???????????t0(00080@0H0P0X0`0l0R0 00000001111$101T1t1|1 1R1 1S11111111111112222$2,242<2H2h2t2 2S222223$3D3L3T3\3d3l3t3|3 3R3 3S3333333333344 4(444X4x4 4444444444445 5(50585D5d5l5t5|5 5R5 55555556666$6,646@6`6l6R66666677 7(747T7\7d7p77S77777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9 999S999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|; ;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x= ========>8>@>H>P>X>`>h>p>x> >>>>>>>>>>>>>?(?0?8?@?H?T?t?|? ?R? ?S????????? 0000D0X0h0|0 0000001 1(10181@1H1T1t1|1 1R1 1S111111122220282D2l2 2222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x4 444S4444445555 5(50585@5H5P5X5d5 5R55555556 6(646T6\6d6p6 66666666667 7,7P7p7x7 777S77777777778888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S88888888888889999$9,949<9D9L9T9\9d9l9t9|9 9R9 9S999999999::,:4:<:H:h:p:x: :::::::;; ;@;H;P;\;|; ;R; ;;;;;;;<<0<8<@<H<P<X<`<h<p<|<S<<<<<<<<<=$=,=4=@=`=h=p=x= =========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t0 0S0000000001$1,141<1H1l1R1 1S1111111111222<2D2P2p2x2 22 22223333$3,343<3H3h3t3 3S33333333484@4H4P4X4`4h4p4x4 4R4444444455,585\5|5 5R5 5S5555555566$6,686X6`6h6p6|6S6666667777$7,787\7|7 7R7 7S7777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|: :R: :S:::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|< <R< <<<<<<<<<<=$=0=P=\=|= =R=====>>> >(>0>8>@>H>P>X>`>l>R> >>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x0 0000000001111 1,1L1T1\1d1l1t1|1 1R11111111222 2@2H2P2X2d2 2222222223(30383@3L3l3x33333334$404T4t4|4 4R4 4S4444444445555<5D5P5p5|5S55555556686D6d6p66S6666777$7,7<7P7\7d7 7R7 7S77777777777778888@8L8p88888888888888899,989X9`9h9t9 9S99999999: :@:L:t::::::::;;;4;<;H;h;p;|;S;;;;;;;;;<$<0<P<X<`<l<R< <S<<<<<<===8=@=L=l=t=|= ======>>>$>H>h>p>x> >>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`0 0000000001111$1H1h1p1x1 11 111111111112(20282@2H2P2X2d2 2R2 2S22222222233343<3D3L3T3\3h3333333333344<4D4P4p4x4 4444444455$505T5t5|5 5R5 5S55555566(60686@6L6l6x666666677747@7`7l7R7 77777778848T8\8d8l8t8|8 888888888999 9D9d9l9t9|9 9R9 9999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l; ;;;;;;;;;;<<<4<@<d< <R< <S<<<<<<<<<<<=<=H=P=h=t= =S======>>>8>@>H>T>t> >>>>>>>?,?4?<?D?L?\?p?|? ???????? 0000@0`0h0p0x0 0000000000001 1(141T1\1h11111111122,242<2H2h2p2x2 222222333 3@3H3T3t3|3 3R333333334(40484@4H4P4X4`4h4t4 4S4444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p6 66666666667 7(70787@7H7P7\7 77777777778888$8,848<8D8L8X8x8 88888888888888899$9,949<9D9L9T9\9d9l9t9 9999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`; ;;;;;;;;;;;;;;;;<<<4<<<H<l<R< <S<<<<<<<<<=,=@=L=T=l=|= =R= =======>>>$>,>8>X>d> >>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1 1R11111120282@2H2P2X2`2h2p2x2 2222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4S444444445 5@5H5T5t5 55555566686X6`6h6p6x6 66 66666777(7H7P7\7|77777778,848<8D8L8T8`8 888S8888889999$9D9L9X9x9 9R999999::(:0:L:l:t:|: :R: :S:::::::::;;,;4;<;H;h;p;|;S;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|= =R=====>>> >(>0>8>D>d>l>t>|> >R> >S>>>>>??(?0?<?d?? ?S?????0(00 0H0l0x0 000000000141<1D1L1T1\1d1l1t1|1 1R1 1S1111111112(2H2P2X2`2h2p2x2 22 222222383@3H3P3X3`3h3p3x3 333S3333334404P4X4`4h4p4x4 44444444455,545<5H5h5p5x5 5555555666$606P6\6|6 6R666666667777(7H7T7t7|7777777778 8(848T8`8 8R888888889(9H9P9X9`9h9p9x9 9R99999999999:$:D:L:X:x: ::::::;;;;$;,;4;@;d; ;R; ;S;;;;;;;<$<0<P<X<`<l<R< <<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>R>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`0 0000001 1@1`1 111122(2H2h2222223383X3x333333334484@4D4\4`4|4 4444S4444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t2 22222343T3t3S33344<4`4x4 444455H5t5x55 555556H6L6l6 666667,7X7p7t77777788H8h8 8888889,9P9l9p999999:,:0:P:T:p:R:::::;,;H;h; ;;;;;;<4<X<|<S<<<== =@=D=d=R=====>,>h>>>>>?,?L?l? ?????? 000L0h0 0S000001 1T1X1x1|1S111112<2X2\2x22S2222343L3h3l3 3S3333444T4|44S444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44444444444444 5S55555555555556666$6,646<6D6L6T6\6d6l6t69 99S999999999999999`0 M* H
Ansi based on Dropped File
(~WRD0000.doc)
4`4 4a4444444" $4445
Ansi based on Dropped File
(~WRD0000.doc)
4PI8;?D! 1\xq7RG~MEzaLDD 0w" ;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
4T & <R& 0& 8<t<u!33f
Ansi based on Dropped File
(~WRD0000.doc)
555" @5H5P5X5`5" 59 5 5: 55555" 0555556" )61696A6I6Q6@9" 6" 66" 866" l7$7" J7c7k7" ~7}7 7" " p
Ansi based on Dropped File
(~WRD0000.doc)
5555"5 5a55*696B6W6! 66%717777888%8*8B8H8W8]8l8r8 80 8888889/9n9u9{99:V::=f=! ===;>>>?HN0l0 00151 4u56,7Q719P;T;X;\;`;d;h;l;=(=:=\=n= = ====: >*?@ 0(001V2\223333n4d5l567a77B8H8X889?99S<<?T00
Ansi based on Dropped File
(~WRD0000.doc)
5>5 5 5555556,6;6D666a7o7777788 8889j:S:::::;'; ;;;<"<1<9<e=>> >6>m>>>>>>??
Ansi based on Dropped File
(~WRD0000.doc)
5?5R5Y5_5578"848V8]88W9u9! 999u::::;{;;`<v< <: <<<<<=>B>?hF1j1}1_222X3d333]555@6N6j6x667+7<77'8=8N88899:::;S;;& <<=[>>>8??????p01 1N1R2W244555 5+5C5Y5a555556!6W6c6r6: 777:;3;k;& <<
Ansi based on Dropped File
(~WRD0000.doc)
5M5Z5 50 5 5"!55C6P6Y6y6~6666789):;D=0`\000}2 33344y4" 444455955
Ansi based on Dropped File
(~WRD0000.doc)
6 (aR6Z*R7n E,S & O<A-6.z1br>+nk4& 9 pM>!j-,p:q4Sp< D ==\ D- ,$ lr2p"A9K\Lq Z4,22 L "D4QAU((L7
Ansi based on Dropped File
(~WRD0000.doc)
66$6M6a6}66667r77 77778$8)8<8{8S888 99:4:9:o::: ;;;<x<3=K=|=9 =>+>@>& >>>>?*?U?j??~???0D00011.1x1111111;2b222~3~3333333144444556S666
Ansi based on Dropped File
(~WRD0000.doc)
66-696>6p6|6}6: 66607<7R7n7{7 7E8P8 88888869]9b9w99 9x9Y:l:q::<l<x<<===>:>> ?Q?h?! ?? u00I1122244,575{5 5a55555566R6 67I7N7j77: 77777
Ansi based on Dropped File
(~WRD0000.doc)
6616N6& 6666666%7*7R7w7S77777$899\<<<@S2345555;5D5K5556-6A6G66A7G7`7f708D8e8k8888<9F9n9! 999
Ansi based on Dropped File
(~WRD0000.doc)
69 9 E"!++0 E+Ej0 EF0 E0 EEP9 v9 jp0 o9}& f3bj,% 9 9 u3;u39 ;tp & t9 Wp0 M9 MQ9 0 }P& & jEWP39& h.Y0 EE;t9 n39 0 ej|9 VE0 ~9 0 ejVEr~s4usE9 9 ji9 3VVpj9 0 ejh 5~9 9 VVV9o9 9 h& xyo9 9 j$9 9 j oK<9 jiP39 9 WEPu9 9 EPEPu9 u9 9 F+9E|0 E9 WuuvQpS 9 E9 MFEPk3;tQ9 9 un9 jp0 3GMMt 9 |
Ansi based on Dropped File
(~WRD0000.doc)
6PM0 u+PVhMUVhXMEUEPEPS9 E
Ansi based on Dropped File
(~WRD0000.doc)
7(77788>8h8888 91:<:r:::C;k;;<+<=Z=|=>&>: >>>????| 000;1V111n23484E4N4f4`4445o556(6:6C6\6j6z6?7q7}7 77%8V8`8 888-9J9}99&:5:}::;;&;;;<S==K>>?0\0f0q0 0" 00:12S222222
Ansi based on Dropped File
(~WRD0000.doc)
73! h39|mQQ Zv9 =& tK& t?9 9 9 }+jR9 +R9 UERPv u9 uS_^[]j,F"29 M
Ansi based on Dropped File
(~WRD0000.doc)
77!7b7o7{7 777778)8U88L9\99-:g:r: :0 ::::;%;V;{;;-<;<B<a< < <2=~=R=0?a?w?R? ?"!?????? 0D0J0q0v0 000000001(131<1M1l11 1122@2c223=3374 44.55.6e77)8F8889<::;;<=======#='=+=R=
Ansi based on Dropped File
(~WRD0000.doc)
7777!7:7R7n778808?8G888888b9r9 99\:a:k:x::::;;,;\;x;;;<>J>>>x>>>>>>?!?(?,?0?4?8?<?@?D?}? ??S??00,03080<0@0a09 0000000000*1014181<1112222 2$2M2s2 22S222222223333v33S3333333-44484<4@4D4H4L4P4a44444@5H5]5h5"8:DR0Y0000A1G1X1n1 1111-2>2& 2223334[445+828:(>?TS1" 2 3445+667Z7s7788808c8: 899]9c9! 999997::;);L;: ;;;<E<! ??\F11222B3O3'41445@5o56{6/7O7?8h88O:/;;)<?< <x<<=p=x=,>i>s>9 >>>?????*0Y0`22K3^3z3R3x333467N7w7 7x77778E:R::& :9 : : ::::::::::::::;;;;$;0;5;E;J;P;V;l;s;;! ; ;~;;;;;;<
Ansi based on Dropped File
(~WRD0000.doc)
7eMOuMECuEPEPEPMSE2& t<9 0 ejh|9 uEPE9 0 ePEn! E 3(jY& t
Ansi based on Dropped File
(~WRD0000.doc)
7j"Y0 9 3_^[]9 U9 EPjuuu8: ]9 U9 SV9 u3W9]u;u9]u3_^[];t9 };w6j^0 0SSSSSO9 9]u9 U;u}9 u`
Ansi based on Dropped File
(~WRD0000.doc)
7n5 B1AX0 5!~XK+ >R @h " z! FKaMj;GIF89a/$ : "!RRRPSaS0 v~0 N r/! I a"! aQRa RPv6"!a`P` : S m/ l/hl/a}PR ` Y B" S" ` : ^& }S o0 _U` aa " Sa zpx:& `9 "!~j RT Sr: p1k/w9" ~x"!f: i! }RxSq/!,/$@*\/! #f @0
Ansi based on Dropped File
(~WRD0000.doc)
7P89:-:<C>G>K>O>S>W>[>_>`/0l0012A2N2X2f2o2y22222223S33: 34(4p444p5|555555556!6'60656D6k6 666778N888K9b9s99:V::::;;>> >>>>>??"?6?<?E?X?|?p010?0D0! 2" 2: 2222222233 3&3+343Q3W3b3g3o3u33 3a3333333333444 4 8,8_8& 889:::;;)<~>>>>>>>?F?? 00.11! 2 22222223x34444455#5*595E5R5v55 555566&6J6y66y8888D9g90 9 999::.:>:P:U::::I;~;;;;;;;<$<-<:<`<{< <9 < <<<<<<<<== =$=(=,=0=4=8=<=@=D=H=N=Y=q==8>d>R>>>?u?`???? =00 1448
Ansi based on Dropped File
(~WRD0000.doc)
8"!'H@xK$
Ansi based on Dropped File
(~WRD0000.doc)
84Ex9 9Ex|9 }`ME4M]hM00&
Ansi based on Dropped File
(~WRD0000.doc)
87777778DX@ Z" l8t8|8 8" $8" h@_ 8" 99$9" G9" 0p9" \99" 9" :::):" " PO:Z:e:p:{:::" x" :::::;';2;=;" " ` ;;~;t;j;`;;" ;;;" <" 4
Ansi based on Dropped File
(~WRD0000.doc)
88+8@8n8! 8" 889999D:: ::::-;9;>;;;;<H<x==>L>b>n>z>#????d0'040I0c0000=11,2;2F2W2]2b22222]55~::::::o;.<G<X<}<<<8=E=J= >>#??????H0N0d0r0! 00M1b11`12222 464S4^46666z9<<>?%?*?n???.030%11R2R3g3 33444I5 5 55566 6R6 66667F7b7o7t7
Ansi based on Dropped File
(~WRD0000.doc)
88888!8%8)8-81858W9999:S: :;;N;_; ;;;;
Ansi based on Dropped File
(~WRD0000.doc)
8888889/99 99X:^:}::::;=;J;a;{;;`;;" ;;<@<& <<=K=====>?>x>>?? l222e344
Ansi based on Dropped File
(~WRD0000.doc)
89 M0 9 ^9 U9 (SVuM`9 u3;u*7SSSSS}8]t9 E`pBFFEPjP4m& uEPSSVuYPEVP @8]t9 E`p^[9 U9 jueYY]9 U9 9 ES3VW;t9 };wQ7j^0 0SSSSS9 <9 u;u9 8tBOu;t`
Ansi based on Dropped File
(~WRD0000.doc)
8]tN9 `L%
Ansi based on Dropped File
(~WRD0000.doc)
8]u!Et9 9 9 D 9 }9 #;u|EtvuXSuEjPuWuu4PP+9 9 9 D 6Y 9 69 9 0 9 _^[jhB0 30 u39 };" ;u: j_0 8VVVVV@9 Y39u" ;t9ut9 E%@t0 uuuuuEP9 i0 EE9 E;tB39 }9ut(9ut9 9 9 D 7 Y9 U9 juuuuu]9 D$9 L$9 L$u9 D$S9 9 D$d$9 D$[9 U9 9 USVW3;t9 ];w}j^0 0WWWWW"9 _^[]9 u;u3f0 9 f99tAAKu;tf0 AAFFf;tKu3;uf0 &j"Y0 9 SV9 D$u9 L$9 D$39 9 D$9 A9 9 \$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN39 ^[QL$+YJQL$+Y49 U9 9 ER]9 U9 5R"!Y& tuY& t3@]3]9 U9 (0
Ansi based on Dropped File
(~WRD0000.doc)
8` 0F88Dl wS9@ qH $0<=<q9 % C, `MSQ"! P@ & 01 @ @ "S )T a, $$@)1 @ haP7h0F@<Q
Ansi based on Dropped File
(~WRD0000.doc)
8A]ju& YY]U9 W9 }3`E8t39 _9 U9 ( 30 ESV9 uWu9 }M*EP3SSSSWEPEP0 EEVP(Eu+u8]t9 E`pjX/u8]t9 E`pjEuEu8]t9 E`p39 M_^3[ 9 U9 ( 30 ESV9 uWu9 }M)EP3SSSSWEPEP0 EEVP(Eu+u8]t9 E`pjX/u8]t9 E`pjEuEu8]t9 E`p39 M_^3[WVU339 D$}GE9 T$0 D$0 T$9 D$}G9 T$0 D$0 T$u(9 L$9 D$39 9 D$9 9 d$9 9 d$G9 9 L$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN+D$T$3+D$T$My9 9 9 9 9 Ou]^_ @s s9 3 33jvY9 U9 9 E9 M%#Vt1W9 }3;tVV=YY0 ! j_VVVVV0 8v9 _9 uPu& t_=0 V=YY3^]9 U9 htY9 M0 A& t
Ansi based on Dropped File
(~WRD0000.doc)
8fME^M UP3GWSL9 ;tP=u#VTVX9 Mt; 9 WMx@MSSM`NEPMECPM@EeME^M@ V;t#VTVX9 Mt; O9 WEE@9 0 tP(gMWEPM" ;tEPME;uEPMPM0E
Ansi based on Dropped File
(~WRD0000.doc)
8L8S8Y8 888888N9X99:;+;2;9;@;G;N;U;\;c;j;q;x; ;R; ;;Q>0 ?? ?" ?"!??????????a01<1C1J1Q1X1_1f1m1t1{1 10 1 11112*2/244P4_4"!444.5a5 555-6`6 667!7a77748<8Q8888
Ansi based on Dropped File
(~WRD0000.doc)
8uB;r9 D$A0 9 D$`0 ySu30yVt&9 q& t9 D$9 ;s9 q9 X; r`B;Qr3^[9 I9 9 9 L9 t$0 @0 3@U9 QSV9 W9 ~3wO0 }9]t\9 F;tQ9 L9 F9 9 |K& t:jhwh`rjW& t9 9 R9 j9 9 F9 M9 d9 }& u9 F49 FY0 ;u& 9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
9 9 G9 Wu guf& Z9& ~0 & ~@9 ]V4k`" Y0 & j& t0 & 0 S9
Ansi based on Dropped File
(~WRD0000.doc)
9 EE9 EES9 ]W9 =t9 )PS0 E9 E0 Et }}<~|t }} }}PS }& u=m9EtEEEEhEP}tP}fPS t uS_[^j`U;9 9 E+EM P9 E+EPv9 }3W0 u jW0 E0 E0 u9slt$P0 EEPW us|E u9 P;t@9s|t#9uu9 tEVPWM <EVPWM d0 ;uA9uu9s|t)VVE P9 ;t&EVPWM 10 ;u9sluE+9 L& uuu9 u9 9 }uW uWMM u9 E}:Ul$ 30 El9 ExSVW0 ES9 E|j9 0 E 9 0 E9 =Puj0 EE jPbD~9 & tBhEjP>DjdEPv9 & t<EP9 hE PVEhE P9 *P9 Pu uuu9 ER9 MS0 9 M 9 E0 9 Ml_^3[53pU9 VjEP9 & tEEt9 E+E0 E9 E9 M0 MEt9 E+E0 E9 E9 M0 MjEP9 A^U9 QQeeVEPEP9 uEuEu9 i^U9 QQVEPEP9 u9 uu?^9 30 H0 H0 H0 HV9 ~u9 P9 j9 P^V9 ~uP9 F& t>W9 = jjP9 F& uv& uPjvv_fF^9 A& uP9 A& uP U9 V9 & tEW9 }Wu9 vuuW& t& tV & tV _^]3@VW9 |$9 VjW 0 ~3_@^3@3@3@3@9 D$0 A9 A3+t8HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
9 WWvjPM0 }zMMSV9 *9 D$f,0 F09 ^9 D$0 A,9 D$0 A09 I& tP zU4jP*h9 EPs@ u@ u$0 E4u u@ Pu40 E(30 E9{,tE0]WWMWh0 M0 }E0PEPM~ 9 E0u}@j0 EjEPu4M%MM39 E0sH0 E9 VEPu4 V9 59{t
Ansi based on Dropped File
(~WRD0000.doc)
9 Aaix0<~B$sS/DrPU n aQj71-ROM2& NgUejzd8xEv1 z`]9 fv YI8VAwX1 0 0010UUS10U
Ansi based on Dropped File
(~WRD0000.doc)
9 ! 9 uj~EPeM& uTMMEMEuMh9 PVMMEMEMMjEPZeMJ& t3MM9 MNMESMEouMh9 PVMaM9 E#ME j|~EPeM& tj^MM9 %MMEME9 EPhMHPVM jY& u0 M9 u<}9 0 uMEtMEZvj}EPeM& t3MMl9 t~MMEME(uMh$9 PVMM9 EME j5}EP~eMn& t3MM9 }MrMEwME uMhH9 PVMM9 EGME- j|EPeM& t3MMB9 J}MMEME9 EPhHMmPVM& u!E9 uMEME 9 j|EPMeM=& tj<^MM9 |MBMEGMEc9 EPh MPVM& uE<9 u,;
Ansi based on Dropped File
(~WRD0000.doc)
9 & j9 FhF<jPv`]& & Yv`jW6& @~<)~X ~l9 0 ^0 ~t)e& v!9 EPFpP<YY9 ME9}r9 F|9 N;v9 & v%9 V<`W)F\+)F|0 N0 ~u: & ~dua9 F9 ~;s9 3& v9 N`9 V@;r9 ^WSvPu)~\)~)~~~}0 FP9 F\0 ^& uT9EtO9 EG9 F9 ^0 EFjP9 ~+Wu0 EvP)~\}}0 FP9 F\t4& t0}u6~! v}u&9 E$& t3j X9 E& t9 E[^_U9 V9 >uf~u`uy}ujjju` u<EPuuu3& u9 EP 0 %Y^]U9 30 ES9 ]V9 u& tS ujSX f& 9 9 f/tf\u9 BB
Ansi based on Dropped File
(~WRD0000.doc)
9 & UMFeWMe^& t8MFwDMWE QGPM"BM8MEF9 QWMYMF9 & O4
Ansi based on Dropped File
(~WRD0000.doc)
9 & `p9 & 9 M_^3[=9 :9ke" 9 U9 V9 u& vT%vL%vD%v<%v4%v,%6%%v %v$%v(
Ansi based on Dropped File
(~WRD0000.doc)
9 & `p9 & 9 M_^3[KVI
Ansi based on Dropped File
(~WRD0000.doc)
9 & t#EP9 ZP9 EME59 M9 F)U\j<5H& 0 M\EP<3M0 ]`SMTE9 MlECz9 3;}EPM 9 MlVEPEMDE`MEPh@M >M4hE4PE 9 0 e0PEMT;tsM4& ug9 M\E4PEPPMDEME.MD& u hhMD9 MhEDP9]pu
Ansi based on Dropped File
(~WRD0000.doc)
9 &0 EjREM;Eu
Ansi based on Dropped File
(~WRD0000.doc)
9 '`Th[*zDG;GIF89av h& ! a}x" & v" u S `xSt 0 } } y!v, v & ! 0 `9 & e*p2#L$ Vr;fjiZlK+aNoX^OAB(6P-M:D&g>=C m_n%1"[h]k0JT<,8734@GHQtcR/p0 9E"Q01B#;)~Th} ;GIF89av h& ! a}x" & v" u S `xSt 0 } } y!v, v & ! 0 e*p2#L$ Vr~x~;fjiZlK+aNoX^OAB(6P-M:D~&g>=C m_n%1"[h]k0JT<,8734@~GHQtcR/d9\rbN A R.uR PhP`U*1EG;GIF89a~ov r |rl|^! hyR: 9 }dt aqxeynrsku& p hqxvj& `|9 ! 0 }j: M j!,H A,@<@FtPrP ,%>!G9 (v 3 9 `$1\a1\!QxQcYS H1TlLy!" a!0P |"nF#-|!A:]XDa9 *$m(H DSN;GIF89a` ~ x R} }~ : x 0 }0 9 a q!`,H`@ "qO)X P
Ansi based on Dropped File
(~WRD0000.doc)
9 +j<*9 0 u~PFFdF$FFF F F$l$FXF\ Eg9 E& t9 PQ9 E$M9 9*\DP<9 L$yt9 A& t
Ansi based on Dropped File
(~WRD0000.doc)
9 0 9 @0 F9 ^]9 U9 9 f9M aSuMT9 M9 Q3;u9 EHfw aV9 f9u^s)EPju- & Et99 M9 0 fqMjQjMQPREP & EtE8]t9 Map[9 U9 ju<YY]9 U9 9 f9M aSuMR9 E9 H3;u9 EHxfwaf9Us)EPjui & Et=9 M9 0 fpEjPjEPhQEP & EtE8]t9 Map[9 U9 ju<YY]9 U9 SV33W9u 9 ];u"]]VVVVV9 };tuM 9 E9pu?fArfZw fArfZw CCGGMtBf& t=f;t6EPPEPPCCGGMt
Ansi based on Dropped File
(~WRD0000.doc)
9 0 ejh 7S9 9 VjV:m9 9 j~mK<9 jhP9 u3M9 MQ9 EPM9 E;tEPMg9 9 0 A9 9 @3;" A%RQ9 9 9 9 9 Vl9 9 WEP! s9 }9 w+79 9 EPEPRs9u|0 u9 juVw7pS 9 E9 MGEPri3& tQ9 9 l9 jp0 MEME" 3GMM" 9 j0|%%
Ansi based on Dropped File
(~WRD0000.doc)
9 0 ejhTSh9 N8WWj 9 N8h9 N8j& 9 9 N8PO9 }L[& u1WM
Ansi based on Dropped File
(~WRD0000.doc)
9 0 R0 PMEj9 j>e9 0 u19 N8E& t
Ansi based on Dropped File
(~WRD0000.doc)
9 0 u#~9 j9 EP^9 : 0 E& ~7e& ~!u9 Z#& t9 j9 E9 E;E|ju9 j;*OE*9 E"#
Ansi based on Dropped File
(~WRD0000.doc)
9 0 u9 N30 ];t9 j~9 0 E& ~S9 & t9 j9 C;]|fM9 F@V9 ! & u9 ^V9 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
9 0 uFFdF$FFF F F$lFP$FXF\ |9 G9 WPME"%MJ9 X& t9 0 S9YMZ9 GWPMEPM t}Ev}Eg}E9 EM9 "!l$8l$Rl$}l$ pl$Pkl$^l$ l$Jl$;PJl$+l$$l$l$l$Xl$Pl$l$l$wl$ jl$l$l$l$?l$ l$ \ l$Xrl$el$l$$Vl$Gl$Pl$l$l$!l$ l$ l$xl$" l$l$$l$Xwl$jU9 9 EV3& u
Ansi based on Dropped File
(~WRD0000.doc)
9 0 uhp0 eN" ;~$9 Eu9 Ev9 jX.9 0 uN$ENE]DM9 @0 \V9 9 WP9 & t+9 & tNQ9 I9 j9 NS<@_^U9 QeQ9 MRM9 Ej& .jD/Y9 0 Me& t9 3Mjh(M IjjEP9 E> & u& t9 j9 3MMC9 0 $"!& tt$9 h,j .& 39] 9] M:M0 ]:9 ME& vw9 MSx9 & EPh 9 9 EPh9 #tXMX;& uLM=M=9 MjEPEP#9 MC;r0 ME BMMB3@MEwBMMkB3sV9 D$tVY9 ^|$V9 u3(N$ & th(9 %& tPt$9 ^jP.69 M! ejh|9 MGME89 MEX& hx9 "!9 & hh 9 9 & EPMf& E9 0 ePJ9 5h49 A9 & EP9 & tqM9& ueE9 0 ePJ9 h 9 & t=P9 & t13FME@ME@MM 9 9 M& t9 j3VW9 9 & tV9 #_^j!/9 0 u}^39 0 }DX7MEcN5pMEXjJMX3h9 f0 F$-BM0 ~(0 ~00 ~,ME0 F40 5lM0 ~80 ~<EMEM9 U9 (SV9 E^P9 @7Pv(x & unWj(3EWP9 F(hWEE0 }0 }0 E0 } j0 E9 0 E0 }60 EEP| f;f0 F$_u33@^[jP/ 9 9 u& u39 Hu9 O0& ttnA& ukjmY0 Ee& t9 NQv9 D9 3Mj @Y0 EE& tj9 `39 MPj0 H0 p5(w3@j0! /9 9 E3+ H H H H HtH& 9~, j Y0 E0 };t
Ansi based on Dropped File
(~WRD0000.doc)
9 59?4(?%?7$ =?.3))0B&$%+!DF8> -FCA;GIF89aYYYz { x}x~y : ~ w!, *0^ ! ! E5 N[ : 2O`8)<?UW@:=+]&#M19P7
Ansi based on Dropped File
(~WRD0000.doc)
9 9 +9 M+M0 E0 }3}9 E9 }+9}0 U}9 u0 }9 u0 }9 };}0 }0 }9 U9U~0 U+0 U9 U9U~0 U+U0 U20 E20 M9 9 9 9 uPjEP9 9 p9 )E9 )EEEjEP9 {9 9 3Et9 9 & tQjs0 MM +V9 3jP0 F0 FFP59 ^aU9 (WEPW5"!x & ufVj(3EVP`5 0 E"!h VE0 u0 u0 E0 u j0 E0 EEP0 u0 }| ^f& u33@_U9 9 EV9 P0 F& u39 K& tSWEPv< 5"!9 ]9 }+]+}9 jv9 SWuuh h|9 hh39F SWPPR SWjj0 ER 9 }jPWW0 E 3CSWvtW9 =u9 j9 PvSjjdjv~W Wv 0 ^9 _[^U9 V9 f\;Fu`v& t0EPv< 9 E+EjP9 E+EPuuvS f9 ^|$V9 u,\Pv& tvS
Ansi based on Dropped File
(~WRD0000.doc)
9 9 @9 PR,W U9 V9 u~wW 39 9 @3f89 0 UURP0& |}9 9 It3f0 ^]U9 V9 u~wW 39 9 @3f89 0 UURP4& |}9 9 It3f0 ^]U9 QQ9 ES3V9 ; 9^@u9^D 9 URP0 ]QH& R9 E; URhr0 ]9 P& R9] 9^@tCWjY;t0 X0 9 3Whru9 & tWND/;tWY_9^DtY9 E;F<uQ9^(uLhhpjQ9 EUR0 ]9 P & |!9]tF$Phru9 9 E9 PQ9 E9 PQ9 E9 PQ^[U9 Q}u3& eV9 uW3& u9 q<& tk9}u,9 MQVP|& uf}tQ9 MQV& |}u:9 MQVPH& |,9 E& t%u9 hrP& u3G9 E& t9 PQ9 3_^U9 Qy<t9 A<9 URP & |9 E3U9 QVuEj3P0 u'& tB9 E;t;UR0 u9 P & |9utu9 MFu9 E9 PQ9 3^U9 QQVW39}to9y<tj9 A<UR0 }0 }9 PQH9 ;|Q9 E;t9 URhrP9 9 E;t9 PQ;|)9 E;t"9 u9 VPQ$& |9>t3G9 E9 PQ9 3_^U9 V9 u& u@ 9h|ruKfYY& t9 M& tA3Q0 3Vuu!^]U9 V9 9 F<W3; 9 UR0 }9 PQH& |z9 E;tsURhr0 }9 P& |U9 E;tNUR0 }9 P 9 E;t.9 }9 S9 ]9 R9 RP & |0 ^P0 ~T9 E9 PQ[9 E9 PQ9 E9 PQ_^V9 t$9 & t3&jh9 q" uPh9 _" @@^j>59 9 F<& t(PMmvle\VMMM]V9 t6W?t)h|9 hjN7_^U9 QeWEPu0
Ansi based on Dropped File
(~WRD0000.doc)
9 9 HS3f9 0 ]9 H0 M9 H(;t9 I0 M0 u9 H80 u;tf9u
Ansi based on Dropped File
(~WRD0000.doc)
9 9 W9 REP< EP9 uuuuu hWZajj9 SWj0 EPW0 E9 E@P9 E@P9 EHP9 EHPW uWuWS9 h 3PPWuuPPu uWuW_^[9 D$HuV9 9L$u/&^3U9 V9 u& t"9 FURPl@S& t9 M9 VP\3^]U9 S9 ]V9 ;Pxuuu9 9 Wt_-t9
Ansi based on Dropped File
(~WRD0000.doc)
9 9 }3; 9^8 M9 M0 ]9 jh|9 MERa9 MQ9 EP,;u
Ansi based on Dropped File
(~WRD0000.doc)
9 9M}9 Mk9 W\0 DE)v0 EuwdSUY9 ]9 }}tj9YSUYt
Ansi based on Dropped File
(~WRD0000.doc)
9 :"! 2v! /P+pA/M Yd R'<9 gRqt | `r7S Clc|w\sY K0 $B& 'n-?S4o<3
Ansi based on Dropped File
(~WRD0000.doc)
9 ; $SSE(PM3; Mb9 0 MH; hxg0 EL;u*MEM]MM( 9 TM0 ]TL& : uTMf9 ;tv9 ;~k9 ML<`9 MLjh|9 h\9 Nj9 MLV"!d9 ;t>jWhR9 l9 MPWE8PyjE8Ph`R9 ElM8EETMKL9ET eu`9 MH3F_M}
Ansi based on Dropped File
(~WRD0000.doc)
9 ;E~E9t9 0 E0 E9 0 E+0 E3Mu9 2
Ansi based on Dropped File
(~WRD0000.doc)
9 ;t9 1C9 9 6VP*Y9 _^V9 D$tV5*Y9 ^VW9 |$9 & u9 ~;wP9 & t9 3_^U9 QeQ9 M9 EU9 QeQ9 M9 EU9 Qe,Q9 M9 EVj9 9 D$0 FhU9 ^V9 hU+D$tVq)Y9 ^jBT(9 0 u=eNpUfff9 (jk(9 0 upU9 N3@0 E& t9 PfNEM9 `=(V9 D$tV(Y9 ^U9 Qe}VE9 Pu Ut}^f^0 F9 E0 F9 ^U9 Qe}VE9 Pu Utc^L^0 F9 E0 F9 ^je]& tt$9 t$r3jG]& tt$9 t$}3|$V9 u3#)jt$0 FYY9 H`3& ^V9 9 F& tPR vf^U9 SVW9 uEPu 9 3; Su 0 E; Su P 9 ; uj 0 F;tP ;thuSPF:EPWv0 }$& & u=WuY0 F9 EY9 PQ9 F;t9 H0 x;u3@'9 N;t9 j0 ~vR v0 ~3_^[]V9 vxUq\D$tV[9 ^U9 ``Ujlt%9 0 uUe! M9 U}"&U9 QeVE9 PvD\& t0 FjF[& t9 v9 MxU0 H0 p3^V9 U'D$tV%Y9 ^V9 ]D$tV%Y9 ^j! l$9 0 u~9 U;3j
Ansi based on Dropped File
(~WRD0000.doc)
9 ;tSMMTETP9 EMTv; M<WETPE<P9 EM<Wv; 0 ME<PEP9 E0 M,v;tVMM,EE,PEP9 E;tE,PEPEP9 M,EzMEMEM<EMT]MM9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 ;v+A;MXr9 Ex9 3B40 UX! e9 Ut9 U@ " X0 E00 9 Ex0 09 E@& t09 u<9 }00 t& `ELE%M$9 M9 9 J9 U$++0 0 |9 El9 M00 9 E 9EH$3`EH9 M\*E%9 E|9 ED;rE$79 ;E`s= `M$9 +E`9 Mh` PM$9 Md9 <ED9 MH9 E<3+F9 ;EXs9 M09 U$0 9 0 y;EXr39 M9 u<3@3& u33@9 0 u<H#9 9 E@;L& t+]L3F9 HN#u<;t& u0 E@9U8& /EHE,9 EHE;E4}9Ut}4tjjX3[_^PU9 QeV9 ujjv(V 0 E& ujXWSPEPuuujjjjuI9 (uFSLt9 E8u
Ansi based on Dropped File
(~WRD0000.doc)
9 =9 ;}$k9 ~\d99 =9 B;|9 ]9 9 ~d=}uFd^=uFdN= uFd >= uFd& .=uFd =uFd = uFd`vdjY0 ~d`Q9 EY0 F`[_^9 U9 csm9Eu
Ansi based on Dropped File
(~WRD0000.doc)
9 =|PvFj9 & tCvv99 N & t9 W& t9 N 9 WP9 N`& tW& t9 N`9 WP_^jh39 9 Ej Ht\H& MR?veEPMR E9 0 ePE9 M9 EsMMRv9 ~t3@ 9 N& t9 PXh,Y9 0 ME& tf`3vM9 0 F09 Njjjvt:M uME3& QM9 MMfu32jhX19 39^`& NMR)u0 ]3}M0 ]KEPMER; , PMPjhh~M9 %EPEPMREMME)M9 MEa& & 9 MR60 FdM;twEPy& u3j .+Y9 0 ME;tjv3PS5(v-h*Y9 0 ME;tWEPEP"!30 F`9 ME89 MEhM]&>MMRs[1j.v09 f`6j {*Y9 0 Me& tjTu3Pj5(v1j('030 ]9]t0 EM j5M0 ]xEPMEIM]j59]t!MoEPMEE "MNEPMEE"!EEteM?E0 ]tM.MM5 ,0V9 D$tVF0Y9 ^9 D$V& t6y@u09 I & t%9 p& t"vVRVp~99 ~V0Y33@^9 I V& t'9 D$9 p& u3@Vp89 V/Y3^V9 9 N`& tjvjv*^j\R.9 0 }9 u& ~ MqeMR& u9 VW/YMj5MEEPMEK"!M9 E& t9 V/Y"ME~E 9 N9 URP& 9 N9 Pl& eEPMD4P9 M9 M& t9N0 E& 9 MU9 MP9 S9 M& t9 jejj'Y0 EE& t9 N9 Pt9 MPEP39 PME0 EP9 S9 }`u}tV9 E9 O`& tVA& u9 `V-YMEME}MM)p-9 D$V9 & t"~@u9 @N$9 PR& tP9 33@^j)t,0 M9 E3; 9Y@& 9 x; 9Y& 9Y& 9 9 h
Ansi based on Dropped File
(~WRD0000.doc)
9 > >~>>"
Ansi based on Dropped File
(~WRD0000.doc)
9 @& u@]3]9 U9 Ve9 u;ue9 N0 ^]d9 9 H;t9 xu^]&z9 N0 H9 U9 eM39 M0 E9 E0 E9 E@E0 M0 Ed0 EEduQu"z9 9 Ed9 Pd5D$+d$SVW0 (9 3PuEEdPd5D$+d$SVW0 (9 3P0 euEEdPd5D$+d$SVW0 (9 3P0 EuEEdPd5D$+d$SVW0 (9 3P0 E0 euEEd9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 [:&.;GIF89a]}|~9 : Gxt!],& ]] 9VTM 7B;-<]QK'A]>L5/I=S3
Ansi based on Dropped File
(~WRD0000.doc)
9 ]3;u/ [VVVVV; }t9 E`pW9 };u/`[VVVVV }t9 E`p9 E9pu:fArfZw fArfZw CCGGf& t8f;t1MQPMQCPCGGf& tf;t+ }t9 Map_^[9 U9 V3W95Tuo9 };uRZVVVVV0X9 U;tfArfZw fArfZw GGBBf;tf;t+Vuuc_^]9 U9 uMkE9 M9 0 A% }t9 Map9 U9 juYY]9 U9 juYY]9 U9 QSV9 3;uYj^SSSSS0 0H9 W9]wYj^SSSSS0 0$9 39]f0 " @9EwPYj"9 E"w0 ]9 9]t]j-Xf0 NE9 9 E3u0 EvW09 Ef0 AA@30 E9]v;Er;Er3f0 3f0 IIf9 f0 If0 IGG;r3_^[9 U9 }
Ansi based on Dropped File
(~WRD0000.doc)
9 ];GIF89aQ "!x9 } xSx: !Q,~ QQ& '/-#KE< !4H,I=9Q7?+%*Q JPA20Q;>"L61@MO(N
Ansi based on Dropped File
(~WRD0000.doc)
9 `39ttyVVVVV t
Ansi based on Dropped File
(~WRD0000.doc)
9 `ML%;]u }
Ansi based on Dropped File
(~WRD0000.doc)
9 C& tPMu9 ! P^[9 _]& t7& t3V9 0;t(W0 8Y& tVE>Yup}tVYY9 ^3jhEy
Ansi based on Dropped File
(~WRD0000.doc)
9 C& tPMu9 ! P_^[]9 U9 W9 }& SV9 5 W9 ! & tP9 ! & tP9 ! & tP9 ! & tP_PE{h}t9 & tP{t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$0 A4V9 9 F& tQS9 Wp9 =& t9 Fjt$jpv& tD$j51N, QPjv_[^9 D$0 A,9 A& tI,jQjPU9 (SVEP9 9 ]PSx & uhWj(3EWPNhWE0 E0 }0 }0 ]0 } j0 E9 0 E0 } 0 EEP| _f& u33@^[W9 w& t5V9 t$& t)Vw< & tG(9 )9 N9 )N9 F3@3^_|$VW9 =0 9 t%jv~$t=9 F& t6p& t)jjv9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$39 9 D$& t9 L$& t9 I;T$t& u3U9 QQSV9 9 ^& 9 F& x9 V& 9 MW9 9 0 ]9 9rY^3jZ9 Q!}Y0 Et!9 N9 QuPu9 E9 NM9 V0 `9 N0 E0 9 F9 9 M9 U0 9 U0 Q9 N@0 F_^[9 30 H0 H0 9 9 D$;r29 I`9 AV9 9 F& tPYff&^9 D$V9 ;FrQ@~0 FuPVv0 FjP.WP<v9 jW6vWv~ 0 ~_^9 A& tPY& t33@V9 ~u3D& u9 SWx3jZ9 Q9 Y& tWSjvjt$$ _9 [^V9 FP 9 ^Q Q Q9 D$V9 0 & t
Ansi based on Dropped File
(~WRD0000.doc)
9 D$39 D$& txv
Ansi based on Dropped File
(~WRD0000.doc)
9 D$3V9 t$& t&~t 9 N9 P & u9 N9 & t3@3^j<M\a9 E9 H9 eURP& tKM: & u?M[EPMEmEMu[MM$3@[MM3j/0 M9 }& j 1Y0 Ee& tj9 ~]0 EeMjtY0 EE& t9 9 39 MV9 P9 N$Q9 P9 9 0 F PNuN49 M3& v8^D9 MWEP& P9 E5MM)9 MG ;rh0N\#9 EP0 p9 Ej5(DV9 9 W9 |$& t;t 9 F+G_@^V9 9 & uf9 & t9 39 N;HuM9 F^SV9 39u69 F8Xt9 @0 F8Xt<^[9 8Yu9 9 A8Xt0 N9 N;u0 F9 @8Xt9 N8Yu0 F^[U9 9 EVu9 0 9 E0 F9 EN0 Fg`EFF9 ^]VW9 |$W9 H9 G0 F_9 ^SV9 39u! 9 F8Xt^[x9 H8Yu9 9 8Xt0 N9 N;Hu0 F9 @8Xt0 F^[SV9 39u89 F8X!t^[)9 H8Y!u9 9 8X!t0 N9 N;Hu0 F9 @8X!t0 F^[9 D$9 L$;t
Ansi based on Dropped File
(~WRD0000.doc)
9 d}& Fpt"~lt9 pl& uj Y9 ,yj`YeFl9 =Hi0 EEj[Y9 u9 U9 uM.k9 E& ~9 M9 Jf9tAA& u+Hu uPuuu }t9 Map9 U9 f9Eueef9EsE9
Ansi based on Dropped File
(~WRD0000.doc)
9 E 0 w0 W9 M_^3[}$z*>"! 9 U9 t 30 ES9 ]VWu}f9 U9 #0 ]EEEEEEEEEEEE?ER0 Mf& tC-C 9 u9 }f& u/& u+& u'3f;" $
Ansi based on Dropped File
(~WRD0000.doc)
9 E& t3& " Wh,V& PMMR"9 hVj3 j4=N 9 0 ]u9 MPh|Vj39{uh<Vj`3ME0 }uME9 ;uhVjNME9 M93f0 MPMFl9 C9 WPE 9 C9 WP 9 C9 UR9 uP f}te& tPhh|jeEPMEMHM5/jMEi5Ph`h|j eME/M#9 ]39u& 9u : MME9 MhEPE$PM;t6EPjEP9 ?0 E;t29ut-9 0 eu)9 9h4h|jME[ MMu39uh " h|& P9 E1 jBJ" 9 0 ueNfff9 " jkN" 9 0 u9 FE& tP" YfNEM9 }" 9 D$VW9 |$9 & wWJ"!YP0 F5Y0 F& t39Fv`89 N@;Fr_^9 U9 QW39=@t3S9 ]V9 ! P9 Puuh(VjbEPEPWh?WWWuu( ;tPhB9 R& u9 *uDP9 Pjh|9 uWuu4 ;tPhX3" VAAQ3u$ h|Vj3@^[_U9 QVuuhVjSEPjjuu0 & uu$ h|Vjk3@3" PhVAAQL3^U9 QQVWuuhVj#EPj3Wu0 }u0 ;t3" PhhVAAQ3:WWWWEPWWWWWWu8 & uu$ uhDVj9 E_^U$` 30 & S9 & 9 SV9 W9 PWVhSj0 E 0 MU30 E 9Euh@Sj;3MRQjPWV0 9 3;urhE"!WPESEPEPE PWu EuR, 9 ;u#} tj
Ansi based on Dropped File
(~WRD0000.doc)
9 E'P9 MEh"!9 {MP9 kW9 cME}9 MC0 ]E; Jh"!9 7h9 +9 YQj~frP9 0 uuN |e9 9 "QV9 D$tV<QY9 ^j~fP9 0 uuN )9 Eej0 F
Ansi based on Dropped File
(~WRD0000.doc)
9 E)EE C(EP[x0 uAj0 EVC0PM9 CU9 H]E]E]P0 E 9 C9 Hf9 K9 IVVUR0 EEj& } 19 E \$E & } 1\$ET$$PQ9 ~70 E`Wdu9uuuVVuuuuuu uuuu39u_ 3^[U9 (SVWu9 0 E9 F3; 9 }; UR0 ]0 ]9 PQ9 F9 URPQEt'9] u"9 MWQu9 MuSuQ9 wMQ9 MWQuuSuuw7u9 v9 VP 3; 9 Z9 F; 9X Et!u 9 uuuuuuYuM_F(E^xP0 ]Ej0 ESF0PME9 F9 H]E]E]E]P9 9 F9 Hg9 N9 ISSUR0 EEj& } 10 }\$E& } 1\$ET$$PQM~u& uu 3@Xun9tE9] u"EtSu9 uuuuu u 9 uuuuuuu3_^[U9 SVW9 }39 ;u39 F;t& & 9 N9^uF0Pt3vvDv@+59 0 F; 0 9 N0 E9]^$t9 G+0 F 9 G+G0 9N 0 9 ESQ9 0 9 F9 ;~
Ansi based on Dropped File
(~WRD0000.doc)
9 E0 w0 W[9 M_3^` : r 0 u x 9 U9 S39]u `SSSSSS("!V9 uW9 };t!;u0SSSSSS'j0 E;w0 }uEuEBu0 uP0 uU0 E;t4;|"Mx9 EEPSYYt9 E39]\>HH_^[9 U9 S39]u : SSSSS;'[V9 u;t9]w
Ansi based on Dropped File
(~WRD0000.doc)
9 E3SV9 u3W3]0 ]t2uKSh jSjh u9 u3 9 }]EjSSW` " Ej s}Y9 t#}t9 E0 F9 EF^0 F0 ^0 ^*`EF`EF0 ~^0 ^:tjSSW` 0 F9 E0 9 _^[V9 t$& u^ ~tvXVlzY3^9 D$ 8t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 M0 f}uE9 M0 j(Q<A,f9 Ef& u9 Mj3@fu
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 M9 & uKuW<9 & u;P0 E@& t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 PQ9 9 uV9 t$jh29 (& t(jh29 (& tjhS29 r(& t3^3@^|$t|$t33@V3& uhhLtjPhlt,& 9 9 PQ& ^|3@3& t9 PQ& u!!V9 2}9 ^2=tV9 D$tVY9 ^jae eeEPhLtjjhlt,& & 9 EtM& t9 PQ3'9 URuPQM& 9 Eu9 u& t9 PQ9 Vt$9 P9 xP9 ^Ul$ 30 & jRe9 9 3];t0 9 $& t29th9 '& & jh& @SP0 <}h8ESP0 ]k9 "PMu9 E0 ];t9 39 <VQPR9 ;R0 ]9 URh<tPE9 E;t?9 UR<PQ9 ;|;u9 E9 UR@PQ9 ;|;t9 & @0 9 E];t9 PQ;|
Ansi based on Dropped File
(~WRD0000.doc)
9 E9 URPQ 9 E9 PQ9 }uu9 EU9 eVW9 w9 Fw& t9EP9 6f}u9}t3u9 ` ueEP9 MV! 9 E_^9 Mjh|9 ? jAR9 5;E ~w(39u9 G$9 VPQ0& & 9 6MQu0 ]9 VP;|m9 E;tf0 ]9 URP0 ]Qd;|@h$ M> t/jP/Y9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
9 E9E(}9 E(0 9 EL& t9 M0 9 EX& t0 8}tuu }tu j9 MEP4MEE0EeMEME3F9 Mjh|9 k0 uME M<Et9 E{cThSh9 30 u0 u30 }0 u0 u0 u0 uVEPEPEPEPEPVjhujh ; EPVVju9 ; uj@ 9 0 }; EPWVju; 9 G0 & l9 G0 & p9 G0 & X9 G0 & \V& TPhVju 0 E;tR0 uVVVVjP| 9 ;t<PJ0 Y0 E;t+SPVVjux & tuuoYY& uEE9 E`39 }9 ];tSt 9utuY;tW ;tSt 9ut
Ansi based on Dropped File
(~WRD0000.doc)
9 E; 9 8X;0 E;|9 E[j@j YY& tV9 M0 *@@
Ansi based on Dropped File
(~WRD0000.doc)
9 E;Eu3MM.9 Lt$jhK9 0 u3N,0 }\ONDEDfj
Ansi based on Dropped File
(~WRD0000.doc)
9 E;Eu3MM9 ]Mj hvLuf9 & t\MeMEPuMuEu& tuMz& t3ME"!MM9 LjUhKu9 & t=MXeEPuMuuN& t
Ansi based on Dropped File
(~WRD0000.doc)
9 E;t0 F3@j d9 }tuuu81<9 & u3Mk;eEPu9 u?& uMMfDMEPME& u^jhx1MJEPEPu9 uER@EM& u&D3MEMMC9 ECMH;P9 j9 Vt$9 jt$jt$ 6" & t0 F3^U9 9 E$V9 & t9 39 M& t9 I3u,Eu(Pu 9 E \$E\$E\$E\$@\$@\$@\$$Q6'& t0 F3^](V9 aD$tVZY9 ^j|=9 {& t9 MY:P9 h9 : MaeM
Ansi based on Dropped File
(~WRD0000.doc)
9 E;t9 R9 U9 $ 30 E9 E9 MSV9 uWP3WWWWQEPEP0 M3q 0 Et
Ansi based on Dropped File
(~WRD0000.doc)
9 E=?sJ9 MsB9 ;r6P9 Y;t)9 UEPWV}9 EH0 53_^[9 U9 0SV9 5W33;u.9 ;t0#Pxu
Ansi based on Dropped File
(~WRD0000.doc)
9 EEEPSYYt"Mx9 EEPS YYt9 E39]f0 D~HH_^[9 U9 uuuuuhR& }]U9 WV9 u9 M9 }9 9 ;v; r=tWV;^_u^_]ur*$" 9 r$& $$(#``FG`FGr$" I#``FGr$" #`r$" I9 xph`XPH9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D9 D}0 D$" 9 9 E^_`9 E^_``FG9 E^_I``FG`FG9 E^_t1|9u$r
Ansi based on Dropped File
(~WRD0000.doc)
9 EEP9 vMM}T9 V9 Q}09 ^0V}@Ul$ 30 & j(co9 & $9 9 0 E9 & (0 E3VPf0 & &
Ansi based on Dropped File
(~WRD0000.doc)
9 EFjHVE0 M9 ]& u3@5Mt9 Ees0 u}jspM9 C$3<9 C j0 EjEP0 Mu}9 u39XtZM;jhxME
Ansi based on Dropped File
(~WRD0000.doc)
9 EH Y]9 E P ]9 U9 9 E8 ;r= w`+PY] P]9 U9 9 M9 E}`QY] P]9 U9 V9 u9 FttvBZf3Y0 0 F0 F^]9 U9 (SV9 uW30 E0 }0 }0 }FFf> tat8rt+wtWWWWW`93S
Ansi based on Dropped File
(~WRD0000.doc)
9 EPEP& } 39& [h0 uE0 uEY0 E0 u;t9 3M9 0 ejh|9 0 .Rs49 9 s9 jf9 u3VVPL9 9 Vh& 9 9 Vha9 9 Vh9 9 V9 9 jK<9 jfPhY0 EE;t9 >3M9 0 ejh|9 0 Sm9 s49 9 Ss9 je9 u3VVPL9 9 SVh9 9 SVh9 9 SVh9 9 SV9 9 Sj_WSK<9 jePhTY0 E0 };t9 Z3M9 0 ej|9 V0 `9 0 ejVE `s49 9 sMh9 u3VV>\j9 0 ejh V`9 9 VVVZ[9 9 h`ada[K<9 hPu9 uf9 9 50 jp9 Sjp9 jpn9 S9 =0 & tp & t
Ansi based on Dropped File
(~WRD0000.doc)
9 EPLWX2Y0 EE& t9 3WE0 R12Y0 EE& t9 3WE0
Ansi based on Dropped File
(~WRD0000.doc)
9 EXEt9 EHE t9 EHE t9 EHE}t9 EHE9 u9 9 E3H1H9 9 E3H1H9 9 E3H1H9 9 E3H1H9 9 E3H#1Hv t9 MIt9 MIt9 MIt9 MI t9 EX9 #t5=t"=t;u)9 E!9 E9 0 9 E9 9 E 9 #t =t;u"9 E 9 E9 9 E9 0 9 E9 M319 EX 9} 9 E9 }t&` 9 E9 EX9 EX`9 E``9 EXP49 H 0 H 9 E9 EX9 EX`9 E9 H`0 H`9 EXPOEPSju4 9 MAt&At&At&At& Yt&9 3+t/HtHtHu( 9 %
Ansi based on Dropped File
(~WRD0000.doc)
9 F& tv9 HF0 F9 FH9 F9 9 F& tM9 HF0 F9 FH9 F9 H9 ;H 0 (FDN9 F@9 F9 ; jX_^][9 9 F9 F& t9 NHF0 F9 0 A9 F9 9 F& t9 HF0 F9 FH9 F9 9 F& ta9 HF0 F9 FH9 F9 9 F& m9 HF0 F9 FH9 F9 H0 N0j=9 F0 (9 FF`4`#9 F3@j
Ansi based on Dropped File
(~WRD0000.doc)
9 F0 U} [& & `9 N,;u"9 F09 V(;t0 Us+H0 E+0 M}uau9 EWV0 F49 N00 E9 F40 E;s9 +EH0 E9 V,+0 U9 V,9Uu9 F(;t0 Es+I0 M+0 U} 9 F9 Me0 E;v0 M9 E9Ev0 EuSunv9 E)EE)E)F& t9 M } peMEC0 Mr9 E%?9 0 F! w! hj Pw(W 0 F& 'mmfK9 M } eMEC0 Mr9 N9 E9 F9 Vm0 `Fm9 F
Ansi based on Dropped File
(~WRD0000.doc)
9 F;Eu3GEWWWjPvHd 9 ;t~0 }uWY0 FE9 F& tPh 9 F0 ^& u3 9 MWjP0 NX9 F0 X9 F9 N@0 H9 F9
Ansi based on Dropped File
(~WRD0000.doc)
9 fjP1& tt$N2^Vt$qj9 jt$9 t$jjD3^V9 N9 P9 ^sV9 7D$tV9Y9 ^Vjj9 9 D$0 F8S9 ^9 AV9 8S D$tV8Y9 ^jf79 0 u^9 @SOeNC|9 W9 EAWN89 Q8j~fl79 0 u@SeNMN8j j779 39]u
Ansi based on Dropped File
(~WRD0000.doc)
9 Fjp_uuuuv ^uuuu ji?9 0 uQeUM9 ?jNT>9 9 }W& u3RjW0 ~9 P9 0 FR\3;u0 N0 N0 M3}EP9 OvE & tEv9 ]9 }+]+}jvSWuuuj{Ph9 P0 F& YMMGGCC~u%j-8Y0 Ee& t9 "!3M0 FvjvSWuuuj9 NPhF9 F9 =jhjp9 9 PXF,jPjvVv^h?zjv 0 F3@N>U9 <V9 q& S9 R W3PPPPPv0 E 9 = & u/ueEPv@ & t%uuuu0 E}t9 F(PPu& t+EPv@ 9 F& tMQp@ 33;uu9 E+E9N t3QjjP9 E+EP0 E9 E+EjjjP9 E+EP(#P9 E+EPQQ0 E9 E+EP9 E+EPjjjju0 E9 juuujju9 }& tjWuu9 tjuv9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
9 Fjupu9 5u& tW_[^V9 D$tV<Y9 ^9 9 L$`0 yt9 A9 PQU9 QV9 >t49 F& t
Ansi based on Dropped File
(~WRD0000.doc)
9 G,+9 E& 59 Me`
Ansi based on Dropped File
(~WRD0000.doc)
9 G,+9 E& e`K
Ansi based on Dropped File
(~WRD0000.doc)
9 h xWjMu9 9MueMM@EPMEM"!uME9EPM-EPjhhME~MQMQPjNPEM9 E& uf}uuh<Wj2MEPME
Ansi based on Dropped File
(~WRD0000.doc)
9 h Y9 0 M30 u;tuuj~J9 M~hWFXPu9 & u& 9 j9 : MEPME%lPNHE^MEW9 M|NP9 ^9 & t@hGY9 0 ME& tuVhS}3u9 PEl9 9 PMM[V9 T9 ^V9 h9 h9 h9 h 9 ^j }9 }9 uWVg& 9 & Sj9 SMf_u69 HPjEP9 )aeP9 ]MMU'9 N& tHvPh9 xR& tjX;h9 cR& tjh9 OR& tjh 9 ;R V9 T
Ansi based on Dropped File
(~WRD0000.doc)
9 h$9 9 O(& zP9 `h$9 `w89 `9 j?]"9 0 ue~89 <%?NXENtE}E~9 E}ENtEfTNtf,}9 jP9 j59 P9 j59 Pf0j
Ansi based on Dropped File
(~WRD0000.doc)
9 H9 U\e9 uVPu9 }WFHtHu4jFPwYYPvSFPwRYYPvSE3@9 e9 U9 }tuSVuV} uuVu ^7uuV9 Ghu@u0 Fu9 KVu(& tVP! ]9 U9 QQV9 u> W t? t9t+>MOCt#u$u uuuuV & & 9 9 }u9 uEPEPVu W0 9 9 E;Es[S;7|G;wB9 G9 O9 H& t yu*X@u"u$9 uu juuuu9 uE9 E;Er[_^9 U9 ,9 MS9 ]9 C= VWEI9 I0 M|;|]9 ucsm9>& ~ & 9 F;t=! t=" & ~& 9 0 u9 RjV0 EvYY& u9>u&~u 9 F;t=! t=" u~u] t|O9 Du30 Y uO39~9 G9 Lhd & u
Ansi based on Dropped File
(~WRD0000.doc)
9 hEPMPMPs Wsus MMi3q!|$+ut$9 P3j! ls 9 0 uUEN E)6MN=!U9 <W9 w8& uSV9 9 3;~F9E~9]& `j8ESP*E9]tEE9]u0 u9 E0 E9 E0 E9 E0 E;u%9]t9 E0 E9]uEPShMw8EPShLw8& t9 E^[_V9 D$tV_ Y9 ^j3PPjPt$V9 9 L$\P9 ^9 & t9 jV9 9 F& t9 N0 H9 F& t9 N0 H|$t9 9 ^9 3U0 H0 H0 H9 AV9 9 F& t19 NW9 x9 F;u9 @0 Ft$0 ~& _ufff^V9 9 F& t19 NW9 x9 F;u9 @0 Ft$Q0 ~& _ufff^9 T$9 D$& u0 A0 A0 Azu0 A9 J0 H0 P9 J& t0 A0 BVj9 !Y& t9 L$``0 3Pv9 : ^V9 9 F& tK;Fut$;;Fut$0+W9 x& u9 xt$9 N0 ~& _ufff^V9 9 FW30 F& tt$9 R& tPpYG~uff9 _^jUV9 D$tV6Y9 ^9 U9 9 EjP ]9 U9 9 E9 Mh@?URE0 E0 MEX#9 U9 9 EV9 9 H0 N9 P9 0 VF& t9 9 QP9 ^]9 U9 VW9 }9 H H H IH 9 M9 ESj Zr9 0;1t|0+t3& x\9 & & ipY+t3& x\9 & & HpY+t3& x\9 & & 'pY+t3& x\9 3& & 9 p;qt~pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 & & pY+t3& x\9 3& & r9 p;qt~pY+t3& x\9 & & IpY+t3& x\9 & & (p
Ansi based on Dropped File
(~WRD0000.doc)
9 HMMEMEj9 0 ejh9 MEZPVME}M9 ESME {jEP;eM+& u2MXEPhMEPMME4MMdn j9! EPeM& tMM+3@2 3CM0 ]EPhM]fPMR& uMEMM9 9 ]jt EPFeM6& t3FMM~9 M;ME@ME\j9 0 ejh9 :MEPVMEM9 EME{j}P EP"!eM0 & tMM
Ansi based on Dropped File
(~WRD0000.doc)
9 HP9 tC& t?W & t40 >%u N@u NhFP\YY& t7F
Ansi based on Dropped File
(~WRD0000.doc)
9 I;t0 M9 HH3;t9 Y9 HX& tf9u9 I& t9 er$fx`u9 @h& t9 URhlrP& }e9 E;G<u9 ! ;Vuh8hjOL9 uMQu9 uuSVP9 [& |}9 E9 9 @t3f0 9 E& t9 PQ9 W _^U9 SVW9 }9 & 9 efxu9 @& t9 URhlrP& }e9 9 @3& tf8u9 @& t9 9 E;F<uSPh8h`j|K9 u9 ~Xt
Ansi based on Dropped File
(~WRD0000.doc)
9 IPt$=U9 SV9 u9 0 E9 FW9 }9 W49 _0 E9 G 0 E9 G0 E9 G0;s+H9 G,+$T= }
Ansi based on Dropped File
(~WRD0000.doc)
9 ix'@2WuYY& u9 MVu& u9 M~un3YFj^ReMp& tMM9x3A9 }EP9 s9 u3MMx9 MhtVj
Ansi based on Dropped File
(~WRD0000.doc)
9 J0 E9t9 F0 E9 E^[U9 W9 9 & u3uue9 URPQ$& |9 E& t0 G9 E9 MS9 ]V9 5 0 E9 M0 E9 Ejw0 ES0 ES0 E 9 ?9 MQSWP(juS3^@[_U9 SV9 u9 F+WP9 9 F+FPNYY9 N9 9 ~9 v0 M0 M3QQQPSuEu0 Uu0 }Pu0 }0 U0 u0 u _^[U9 S30 M9u3VWu 9 u9 }VWu0 E Pu0 E9 M0 EEPu0 ]u0 ]u0 }u0 u#u 9 MuVWSSu& t*9 E9 M0 E0 EEPu0 MSSu0 M9 Muuuu3_@^[U9 W30 M9}u3SWWjWjh u9 tWSS0 EuSX3VPj 9 ; 9 V 0 };tvWMQuPSh& t[9 E;EuSVR EPjV0 }$& & |?9}t:9 uVhsjuu09 E9 PQSX39>" VR VSX3^[_U9 S9 ]V9 & u3EWhx1PS 9 & WS & P 0 E& }WS 9 Wj P0 F WuPB9 =R v eEPjv $& & u*9Et%^ShsjPu0& }#9 E9 PQ~uv v f 33@_^[]j.9 9 N& t9 jjY9 0 Me& t" 3uM9 0 Fb & u9 N& t9 jf33@'j.@9 9 N& t9 jjAY9 0 Me& t " 3Mhx1u9 u0 FF & u9 N& t9 jf33@V9 >t3@^Vhtjjhs,& & |>u3^U9 V9 9 W3;u& t9 ;u3K9 WuPQ& }9 9 PQ0 >S30 }9 9 WURURPQ j| CEu
Ansi based on Dropped File
(~WRD0000.doc)
9 j9 PT39 N& t
Ansi based on Dropped File
(~WRD0000.doc)
9 jf89 N4& tjf4N<ENE{MN{j@B9 9 M@t& & R!E9 9 & tEPu9 y& t9 Eg9 F$e9 89 MEPrPv$ & |B}t<jPY0 Ee& tv09 u3M0 E& t9 Pu9 R 3/j H9 }u3,juM eEP9 MM9 z9 j}N9 9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
9 jf8NlEN<E'NEY5M9 rXV9 ~u3Wvd9 =vvN<9 jP9 rF_^U9 (SWyEP9 Z,9 ]PSx & ugVj(3EVPh VE0 E0 u0 u0 ]0 u V0 E9 0 E0 u+0 EEP| ^f& u33@_[V9 Fh9 F`H9 Nht6Hu&u#vd!Fhv~\u9 j9 ^9 9 ^S9 9 ^V9 9 N8& tt$
Ansi based on Dropped File
(~WRD0000.doc)
9 jf9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
9 jf9 N& t&9 F9 PQf9 N& tf^jT9 0 ueNN$E"!N4ENDEgN\E[9 TjS9 0 uN\ENDEN4EUN$EINE=M9 2<Tj,'WS9 30 }9 ujhTa9 0 }hDa9 0 }Eh a9 ha9 h"!9 9 *P9 h"!9 `h"!9 ~h"!9 rKP9 bh"!9 VhS"!9 J{$9 & u'hR"!9 09 P9 !h|"!9 hp"!9 hd"!9 K4P9 hX"!9 eKD_GT"!& 9 E0 EEPMlhH"!9 EaMP9 `W9 uEPKD9 EP9 `MEzh<"!9 HMP9 8W9 0MEJEKDF9E HeK\0 M9 F& 9 ]EPM0 ]h,"!9 EMOP9 W9 9 MSEP
Ansi based on Dropped File
(~WRD0000.doc)
9 jf^j yu3(9 I9 URP9 MePMM="!3@Dj QZ]9 ~tv9 N9 P& u9 N9 URPe9 MP& M>u9 N9 URPEu-9 N9 URP9 MPEEMM3@3V9 ~W9 |$t9 N9 WPh9 U~t9 N9 WP_^j`Z
Ansi based on Dropped File
(~WRD0000.doc)
9 jf^V9 9 D$0 F^V9 ~t9 L$j 9 N9 ^`^U9 Q9 MSVW9 ue9 9>s}69 M" }t'f*uT9 O;sK9 M@Ps f/u;e3S0Y& u(f/u29 O;s)9 M@PA f*uE9>r}t33@_^[9 ``#V9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
9 jfPM9 Ht$t${Ih )9 39~P& jY9 0 M0 };tl3v@vD9 vH0 ]0 FP l;u3~M+nMEnMEnMEnShXME|EPEPE,/YYMEvShM|EPEPE.YYMEvShM |EPEPE.YYME"!vt /tE^SM;thI|EhP9|E
Ansi based on Dropped File
(~WRD0000.doc)
9 jf} E<)NTE0)M9 d/x9 D$0 jV=~9 9 Ee0 Ft9 E0 Fx9 E0 F|EP} k09 E$MM0 (~ 9 D$0 Q09 0 Q40 A89 D$0 ApU9 9 A& u30MQP< & t9 E& t9 M+M0 9 E& t9 M+M0 3@j
Ansi based on Dropped File
(~WRD0000.doc)
9 jgHY9 U9 VEP9 xW9 ^]xW_" 9 U9 V9 xWL" EtV Y9 ^]9 U9 VW9 }9 G& tGP :t?9 u9 N;tQR-YY& t3$tt9 E9 tttt3@_^]9 U9 9 E9 9 =MOCt=csmu+~3]jh C9 }9 ] s9 s0 u e;ute~;w|9 9 O9 10 uEyt0 shS9 Oteu-Y9 ee9 }9 ]9 u0 u E;utV0 sL9 ]9 u~9 8csmu8xu29 H t! t" uxu3A0 9 3jhC 9 M& t*9csmu"9 A& t9 @& tePq?E38E" 9 eG
Ansi based on Dropped File
(~WRD0000.doc)
9 jI09 0 u}EA}EA}E
Ansi based on Dropped File
(~WRD0000.doc)
9 K9 ju4PPWWWWR Ps0 E, & tsjj9 Su,u4 Su,h WWu4u$u WWu@ uu4u(u49 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 L$S& t3^j 9 9 u& t6}u0M!: eEP9 9 M& uM3!p: Phj_XMM3@ u& t
Ansi based on Dropped File
(~WRD0000.doc)
9 M!^U9 QV9 uWEPVo9 }YY& uEPV\YY9 M& uEPVDYY9 M& uEPV,YY& u9 M9 U0
Ansi based on Dropped File
(~WRD0000.doc)
9 M!_^U9 jju & tuY9 0 M0 E;s0 MSWW~9 Y& uMjX9E V9 E9 M0 M;w0 E9 u+u9 E+;w9 jVu & uRujWSu>GH <Pu |Ku |u |t& }0 E}u9 E9E q^S9 EY_[9 T$9 L$V9 9 0 q9 0 A9 0 A9 N?0 q0 A0 ^U9 XSW9 }30 ];ujaX9 GGVSP7& t0 u*EP7YY& tM}PKtE"!EP7 YY& t0 uEP7lYY& t0 uEP7XYY& t0 uEP7DYY& t0 uEP7tYY& t0 uEPuEP7T& t0 uEP7?YY& t0 uEP7+YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7 YY& t0 uEP7YY& t0 uEP7YY& t0 uEP7xYY& t0 u9 u0 u9]& 9 E;t;;us9 9 ]& v}v7jSPytM+}0 uu`}tZ9 u9 ] ;s9 }tju7& u!EM& v} v7jSutM9 E+9 EE}uz9 ]$& tX9 u9 M(;s0 u0 M& tjP7U& tM& v}(v7juStM}u9 }& tjYu9 E& t9 M0 9 E^_[V9 t$W3;ujaX*9 F$WWWWW0 FWFxPF(PV0 ~3$; 0 N_^V9 t$W3;ujaXF9~ujS9 F@;Ft9 NPNL9 VHWWWWW0 FWFxPF(PL.NV: 3$; 0 N_^U9 Q9 ESV9 uW30 89 E0 89 E0 89 FFxWP63:& tfEP6yYY& t}PKtj"![EP6YY& tEP6YY& tEP6YY& t;u9 F49Eu;ttj"![EP6YY& tEP6YY& t;u9 E;F<tEuj"![EP6YY& t;u9 E;F@tEuj"![EP6 YY& t;u9 E;FDtEuj"![EP6(9 }YY& t& u;~Htj"![9 E8EP6YY& t9 Fx9 MD80 9 E9 M0 9 M9 _^[SUW9 |$33;ujaXMV9 w|;ujaX?9^\u9 FP;FTtj ]9 ;tPo Y0 0 9^@t
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 $& u}~9 j9 P}t9 j9 s89 & ~9 j9 P}t9 j9 KX3Kp3_^[U9 V9 WE~P9 $EPEP9 y$& t%89 E9 P$P9 REPEP9 T$& u_^U9 V9 WE~P9 ,$EPEP9 %$& t u9 aEPEP9 $& u_^VWy9 {9 V9 & tH4& tV9 Ny3_@^j4=ga9 Me~X9 |e0 E& v1u9 $9 & tSMQ& tSNp1E9 E;ErMMt3@aApV9 j
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 & uN$E{MN1Ry5j|Q 49 9 M& & & 9 M& uy!EEPu9 & t9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
9 M& t9 jEPEP9 W& uNXyNxEYM9 j 89 9 Mh|9 ZNX0 M+~$9 bQ& u4WNV& t'uMQ9 : 9 MeP=`MMX9 M"Q& tL~Tu~49 j9 FT9 Nt& t9 WeEPuN4V& t}tu9 M_9 M 9 MP@Bj$#[9 9 E& u
Ansi based on Dropped File
(~WRD0000.doc)
9 M& u0 uE9]rRFuL@uF9 D9 E+E;Ew1A@u}uFu%9 #9 Q9 R9 `@$#At3_^[9 U9 $9 @9 HMMS9 XVW30 }0 }0 }0 M0 }E0 }; 9 E9 M9 4+E;Ev39 9 M;tQPF)YY& uFu0 u9 E0 E9 F9 0 E9 9 M;tQP)YY& & 0 uF)Y;Eux9 E+E;Ewd }tgG@u}u
Ansi based on Dropped File
(~WRD0000.doc)
9 M9 9hMQMQ9 MVVP$Pj(uWx_& t
Ansi based on Dropped File
(~WRD0000.doc)
9 M9 M9 T$B9 J3 SR2UM }@t 9 T$B9 `<3bS2UM9 T$B9 J3?S2`UMKtM6M8Mbu: YYM}9 MHuYYuwYY9 T$B9 J3R3T9 Ms^9 M9 M9 T$B9 J3 R 3TuYYMC89 T$B9 J3jR39 TMMM" 9 T$B9 J37R4XTuXYMhM`u"!XYMNM7uXY9 T$B9 J3Q(4S9 M9 M 9 M09 T$B9 J3QS4S9 M! 9 Mx9 T$B9 J3tQ4" SMuWY9 T$B9 J3GQ5hSM 9 M! 9 Mxl9 T$B9 J3Q@5/SMIMAM99 T$B9 J3P9 `3P|5RMM9 E e9 M9 T$B9 J3`P5RMX9 T$B9 J 3gP5R|X$ XMRM 9 T$B9 ` 3#P(6DR9 M0[9 T$B9 J3OT6RM8MM(9 T$B9 J3O6Q9 Mg9 M9 M<r9 MljM 9 T$B9 J3~O6xQ9 M9 M9 M<er9 Mlj9 T$B9 J3:O 7[QM,9 T$B9 J3OL78QM3M0 ,9 T$B9 J3N9 `3N 7Q9 M9 MT9 M 9 T$B9 J3N7PM<M,u(UY9 T$B9 J3nN7P9 M9 M9 T$B9 J3CN,8dP9 M~9 T$B9 J3 NX8AP9 MX9 T$B9 J3M 8P9 M29 M'9 T$B9 J3M8O9 M9 M49 MP9 M`9 T$B9 J3 M8OM MMMMM" MMI9 T$B9 `|3$M 9EO9 M9 M49 MPF9 M`;9 Mp+t9 T$B9 J3L 9NM
Ansi based on Dropped File
(~WRD0000.doc)
9 M9 U0 Y0
Ansi based on Dropped File
(~WRD0000.doc)
9 M;t9 jEPEP9 & uR9 ;t9 jP0 9 ;t9 j0 9 };t9 j}Eb }ES }|E
Ansi based on Dropped File
(~WRD0000.doc)
9 M;t9 jEPEP9 : }& uEPP9 0 ]
Ansi based on Dropped File
(~WRD0000.doc)
9 M;t9 jEPEP9 o& uEDP9 0 ]u}
Ansi based on Dropped File
(~WRD0000.doc)
9 M_^3[+9 U9 SV9 u3W9 };u;v9 E;t0 39 E;tvMj^SSSSS0 09 VuMS9 E9X& Sf9 Ef;v6;t;vWSV#L*L9 8]t9 Map_^[;t2;w,}Lj"^SSSSS0 038] y9 E`pm9 E;t8] %9 E`pMQSWVjMQS0 ]p ;t9]& ^9 M;t0 Pz& D; g; _WSVLO9 U9 juuuu|]3PPjPjh@hqd "! "!V9 5XttP|"!ttP^3t@tttt t9 #Vt#t;t;u
Ansi based on Dropped File
(~WRD0000.doc)
9 M`9 M $}9 M9 M9 M9 T$B9 J3imR`oMMSM MRM 9 T$B9 JS3&m9 `3m:oM TML9 T$B9 J3lTo9 M&9 M9 M$9 M49 MD9 T$B9 J3SlxnM
Ansi based on Dropped File
(~WRD0000.doc)
9 M`EF9 U9 M t2}u t ux& tBe > `< t<uFN > }t9 EE0 3C3FA >\t >"u&u}tF 8"u9
Ansi based on Dropped File
(~WRD0000.doc)
9 ME PEPEPE|; nMS& & ^9 ME P: M& & Jjh(7MR2pVA
Ansi based on Dropped File
(~WRD0000.doc)
9 MeEP9 & M & & M0 EEPMMREheMEFEPMRE7nEPMEPMPM<Tju5ShMEvME.FMREeMERMMF3@0hHSj `MM%h Sjx`3"j 4!9 h x WjK`jhXMu 9 ]ueSuEPRNP9 & u& tf;ush<Wj_MM& 9 !Vh xhj9 _v(& tjh5(v(3@^j>e M~u3M0 u"M;uM-3!_9 ;uMM9 9 >M9 E& ~2EPV9 M9 & u
Ansi based on Dropped File
(~WRD0000.doc)
9 MEPVM0 ]EM]ME9 EV9 t$& t[~tU9 N9 P & u9 N9 & t3@79 N9 Pl& t9 L$V;9 Nt$9 P& t
Ansi based on Dropped File
(~WRD0000.doc)
9 Mj2rMM([|jH^9 ]9 u9 0 ]0 ur& t& tj9 q3V'}f '}fVEP9 >zeM*9 W9 kS0 ]eYY0 E& tWY& veE}0 }& E3D=Pu'YY& v;s9 0 }Gr}uE9 9 ]+}0 Eu9 }jEP;Pu& & t}]}0 ]& 9 E`\3E}EWPYY& tWh|'EjP1]EEPuuV1EPE9 ]F0 uWY9 M3;t
Ansi based on Dropped File
(~WRD0000.doc)
9 MoMEtMEjuM9 PVM_MEIME/3Fjtx EPeM& t3FMM@
Ansi based on Dropped File
(~WRD0000.doc)
9 Mp 9 T$B9 J3pLsM MMM9 T$B9 J3p9 `3 prMM9 E e9 MMM9 T$B9 J3CpdrMH~9 EX eX9 MlfM]M`MM0EM=M5M -9 T$B9 J3oqM"!MMMMM9 T$B9 J3 o9 `3wolqM
Ansi based on Dropped File
(~WRD0000.doc)
9 Mv9 u9 ;r3@jQ9 MEPeh($M & u3MM 9 3FU9 Q9 Mejh4$a9 E9 L$h4$jSj9[9 0 ueND$J9 9 r
Ansi based on Dropped File
(~WRD0000.doc)
9 M|9 PQR49stD0 up9 E|9 UpRPEQ@;R9up up9 KnupE\E9 =9s M<e0 ET0 uXEP9 E|9 URPEQHf}
Ansi based on Dropped File
(~WRD0000.doc)
9 N,WK|33@_^U9 }u9
Ansi based on Dropped File
(~WRD0000.doc)
9 N389 N9 V3:9 E_^[9 ]E9 M9csmu)=pWt hpWb& t9 UjRpW9 M#9 E9Xth W9 9 &9 E9 M0 H9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 N38p9 N9 F38`9 E@f& 9 MU0 S9 [0 E0 Mt_I[9 L D 0 E9 0 E& t9 E& |@G9 E9 u }t$9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 N38Z9 N9 V3:J9 E9 H9 9S Rh W9 QL$+#9 %;r
Ansi based on Dropped File
(~WRD0000.doc)
9 P0 9 u#u Suuu# 39 U9 S9 ]V9 u9 & 9 0`A$Wy @tP tBt&tu= I 9
Ansi based on Dropped File
(~WRD0000.doc)
9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & npQ+t3& xT9 & & MpQ+t3& xT9 & & ,pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & x9 P;Qt}Q+t3& xT9 & & PpQ+t3& xT9 & & /pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & Z9 P;Qt~Qp+t3& xT9 & & 1pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & `pQ+t3& xT9 3& & ;I@+ 3& xL9 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & `9 P;Qt}Q+t3& xT9 & & bpQ+t3& xT9 & & ApQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & l9 P;Qt}Q+t3& xT9 & & DpQ+t3& xT9 & & #pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & spQ+t3& xT9 3& & N9 P;Qt~Qp+t3& xT9 & & %Qp+t3& xT9 & & Qp+t3& xT9 & & Qp+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & upQ+t3& xT9 & & TpQ+t3& xT9 3& & /f9 Pf;Q Qp+ 3& xT& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & }pQ+t3& xT9 3& & i9 P;Qt}Q+t3& xT9 & & ApQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & ppQ+t3& xT9 3& & K9 P;Qt}Q+t3& xT9 & & #pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt~Qp+t3& xT9 & & pQ+t3& xT9 & & rpQ+t3& xT9 & & QpQ+t3& xT9 3& & ,9 P;Qt}Q+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 & & pQ+t3& xT9 3& & 9 P;Qt}Q+t3& xT9 & & upQ+t3& xT9 & & TpQ+t3& xT9 & & 3pQ+t3& xT9 3& & pQ+ 3& xT& 9 9 M9 u+t3& xT9 & & AV+t3& xT9 & & AV+t3& xT9 & & AN+ : 3& xL9 0 9 M9 u+t3& xT9 & uhAV+t3& xT9 & uKAN~9 M9 u+t3& xT9 & u ANp9 E9 M_3_^]*(I"!+}nz: pP\}^2>^9 VjhS 9 9 9 ^9 U9
Ansi based on Dropped File
(~WRD0000.doc)
9 PQ39 E @ ^]jp>9 0 uFF|F<FFFF F$ 9 F,e& t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQ3^]^]`V9 t$& u@ E&htt$P|YY9 L$& t& t 30 >t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe9 M& & -& t3@jB3q,0 ]9u$9 A$9 VPQD;tMMLv3TM0 ]mPM9 }E;t9 39 9 uVQPR;t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQe}t3EPMMx9 EPO 3Gj(B9 339u PuM0 u0 uf0 E 9 }0 u;t9 3Pu9 s00 E;u;t9 39 C$9 UR9 uuPQH9 & t9 M& t} uM
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf,9 9 F0& t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf,^39 D$9 L$@y4u@3@ @ V9 9 F,& t9 PQ9 D$0 F,^& t9 PQ9 D$xtt$9 @9 hsP@ @ U9 V39utZhturnYY& tG9 E(tHtHtHtHtu'9 E9p(9 E9p(t9p,u9 EjYf0 f0 H 9 ^]@ U9 VrVumYY& t2VumYY& t#9 EH& tH39 U0
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf0M9 l$l$l$Vl$l$l$8l$ l$l$l$$l$jl$l$l$ Ll$l$! l$$.l$ l$il$l$$l$Kl$l$ VW9 3jF4WPFF|F<FFFF F$ 0 ~(0 ~00 ~D0 ~H 0 ~,0 ~L_9 ^V9 D$tVY9 ^j>9 0 u"3N0 }:+3Cj
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf9 e9 URPQH& |9 E& t0 F3@3^U9 V9 9 MW0 u9 & t3XS9 & tI39^tB9 M0 ]0 ]0 ]Bt9 EPj@ 9 ;tW & uW3[_^}9 tf0 _9 MPVSZJWR EPjW$& & |X}tR9 E9 @9 URhsP& |19 E& t*9 PQ & |9 Eu9 PQ& |E9 E9 PQ9 E9 PQW9 ERji$:9 0 u.eNRR?NlE9 fF9 :ji99 0 uRRNlENE8M9 :AU9 SVW9 7& & u9 SS9 P3;u3u9 QuVVQQhhRSj9 9 & tw3P5"!_9 VVPP9 RjV9 0 ejhR9 l9 ).9 & ~4e& ~%u9 & t9 P9 E9u|9 Qj9 3@_^[]V9 M& ut$Nl`*~9 t
Ansi based on Dropped File
(~WRD0000.doc)
9 PQf<_^jX?9 9 }& u3`9~<u3@V9 E0 & t.MieM$iP9 0 4MMh0 ~<9 WP}t9 S'U9 Q9 MejjEP& 9 Et.& t49 VuuuuuPQ9 9 E& t9 PQ9 ^& t9 PQ@ U9 QV9 Ruc9 E& tAxv;9 9 @& u33e9 URhRrP& |}t9 9 E9 PQW ^j{?l9 uejEP6& tX9 E& tQe9 eURPQ3& |9}tuEu9 uP9 9 E9 PQ9 EM& t9 PQ9 3j?30 ]uEjP0 ];9 E ; 0 ]9 URPEQ;9 ER; 9 M! PMu9 EM9 URhjUR,tVPEQ;|Y}tSu9 Eu9 uujSVuPQu3;9 9 E];t9 PQ9 EM;t9 PQ9 ,u9 E;]t9 PQ9 EM;t9 PQ3j?9 0 u~,FENtE[N\EONES9 EM9 )7U9 uh,tAZYY& u
Ansi based on Dropped File
(~WRD0000.doc)
9 QP3Vt$Q^ 9 D$3 |$u9 D$ 3$ j %9 9 u& t6}u0M_eEP9 9 QM& uMW3_&P MM53@j W[%9 }& } M9 ueEP9 9 & toM9 MQMQ9 EPH& tDME& u89 ujXMf0 PM0 FE" MM0 3@MExMMl3t%U9 QeEPuL& t9 E& t9 MP3@3j1Q$0 M}uE9 u& t>9 ]& t7MMeEP9 9 u9 M& uM3$#URjjUR0 EFX9 h,tPQjYf0 & |}|3@3MMf0 Cy3@9 9 & tRt
Ansi based on Dropped File
(~WRD0000.doc)
9 rru9 N}t0+PVEP9 9 MPEPMEw9 Mt3F U9 Vu'Vu+9 EuhDVP+9 E^]U$! xjh^dP 30 & xSVWPEd0 e9 & x9 x9 x9 xe0 E9 & x9 0 EE~o& t3qee9 J9 0 E>n9 M9 4njhuVPW& 0 E& uY9 u& tP0 e}tu& }tu@$Y9 E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 Ruu(9 ;uE9EG7E0 9EtM& 9& t 39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9 Sjp9 & tp & t9 jp9 & tp & t9 jpj,'9 c& 9 E0 & 9 x& W9 7MVeEPv@ & EPWEP9 _9 N8 (0 E3& t 9 ME
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3[)]MM9 T$B9 J3[P)]M 1M9 T$B9 J3V[ )w]M8M8M89 T$B9 J3#[)D]MN]9 T$B9 J3[9 J3Z *]M!]M]M]M]M]M\M\M\M\M\9 T$B9 J39 ZD*\9 M59 M$L9 T$B9 J3ZZ*{\M" MM& 9 T$B9 J3'Z+H\9 MO9 Mgu9 MB9 T$B9 J3Y@+\9 MpO9 M.u9 T$B9 J3Yt+[MMMM9 T$B9 J3& Y+[M9 T$B9 J3bY+[9 MN9 T$B9 J3?Y,`[u_Yu_Y9 T$B9 J3YD,1[9 M N9 MPt9 M+9 T$B9 J3X ,ZuS_YuI_Yu?_Yu5_Y9 T$B9 J3 X,Zu_YMu^Yu^Yu^Y9 T$B9 J3IX,jZ9 My9 M(y9 MD0{9 Md x9 T$B9 J3XT-&Z9 Mxy9 M(59 MDz9 T$B9 J3W-YuH^Y9 T$B9 J3W-Y9 M9 M8"!z9 MXw9 Mtw9 Mw9 Mgz9 MYz9 T$B9 J39W-ZY9 Mc9 M8+z9 MX w9 Mt w9 Mxw9 My9 My9 T$B9 J3V<.XM}wu?]Y9 T$B9 J3~V.X9 T$B9 J3V/XMM-w9 T$B9 J3XV4/yX9 T$B9 J3=VR/^XMv9 T$B9 J3V/;XMJ{9 T$B9 J3U9 J3U/XM(M 9 T$B9 J3U0W9 T$B9 J3U9 `x3aUp0WMMMM9 T$B9 J3_U0 WMJ9MB99 T$B9 J34U0UWM|2M0gM+M+M +M@: +Ml8Mh8Md+M'MMMp*MXF2MS+MP62M9 T$B9 J3 T1VMG:9 T$B9 J3nT1VMM :M"!9 T$B9 J3;T1\V9 M_9 M h9 MZ9 ML9 M>9 T$B9 J3S 2V9 M}_9 M
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3z9 `<39 z|9 M" 9 M9 MPa9 Mta9 T$B9 J3Dze|9 MR" 9 M9 MP"!a9 Mt}a9 M]" 9 T$B9 J3y,|MaM"!a9 T$B9 J3y{u@ Yu6 Yu, Yu" Yu Y9 T$B9 J3wy{9 M@qS9 M\fS9 Mx[SMG9 T$B9 J33yT{uYuYu: Yu Yu! Yu}Y9 T$B9 J3x<zM9 T$B9 J3xz9 M@: 9 M\: 9 Mx: 9 T$B9 J3}x~zM9 9 T$B9 J3Zx
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3|(~M<MMM0 MM9 E e9 M9 T$B9 `,3O|Lp~9 T$B9 J34|9 `S 3'|H~MbMZMRM9 T$B9 J3{D
Ansi based on Dropped File
(~WRD0000.doc)
9 T$B9 J3}&M5M-9 E e9 M
Ansi based on Dropped File
(~WRD0000.doc)
9 u& 0 9 0 & u 0 & 9 & & {X HHty+ &HH& a& 0 t0GPh& P& P3& t& `G& & & 0 & 19 0 & t<9 H& t5& 0 t"!+& 0 & PYp eRg}2itmnt$o& : & 0 taU9 70 & & tf9 & f0 9 & 0 & @&
Ansi based on Dropped File
(~WRD0000.doc)
9 u39u3A9 M0 ] RPM99 URhjURh,t0 ]9 P0 ]Q;R9] 9 M30 ]}& tr/9 & ~g3jZ0 ]Qm3Y0 E& ~F39 MWEP9 E9 P9 M0 DMEp 9 MjXf0 G;|MjYUR3URuf0 E}UR3FVjf9 E9 9 h,tuPQ& |0 u& ~#39 E9 D& tPKuuYu9 Ej,5?3SjEPE0 ];t9]tzEP9 E9 URP0 ]Qt;|I9]tDjuM_"!MEnEPEPMEMEWM]L 9 E9 PQEP9 E@V9 tCt:h|9 hjlGhSh ^VW9 9 & tP0R)'F,P9 9 9 F<& t
Ansi based on Dropped File
(~WRD0000.doc)
9 u3}h" V@@PN3jO 9 0 ujvQeN: N$EN4ENHEwNXEkNhE_9 END0 Fx9 E0 F|9 E0 9 n jO! 9 0 uNhE6NXE*NHEN4EN$ENEM9 PjO9 0 ujzPeNxN$E N4E! NHE{NXEoNhEc9 E& u!Fx!F|ND} 9 0 } 9 Hx0 Nx9 H|0 N|9 @D0 FD9 SjOl 9 0 uujOeNf4N(f,f09 j7P% 9 0 u9 }& t9 G3PjOe^9 x3E;uN(0 F,0 F0GGP9 *9 G(0 F(9 G,0 F,9 G00 F04t'h yY0 EE& tw49 }30 F49 g jeP 9 0 u9 N43@0 E& t9 Pf4NE
Ansi based on Dropped File
(~WRD0000.doc)
9 U9 9 M9 V9 uy|9 Q9 I9 429 ^]9 U9 & u
Ansi based on Dropped File
(~WRD0000.doc)
9 u9 M0 EEP 9 !E9 u9 MEP9 !E9 uEP9 9 }9 9 M# M6& & M}EPEPE P9 EF& UM~& & EEPEP9 9 FVPM\EPM[ tQhSj" :ME$ ME ME ME MM & M%9 p& uh~| & & |PEP9 E~& u$hSj:|E``V& |PEP9 y|E`MEb& MEV& MEJ& ME>& MM 2& 3@1h`hHSjx9h4Sjc93U9 VWh xHVj9 :99 ! R& t}t9EuhnuEP9 WwMEPM uh79 M|& u&9 Mh& uhVj83@hVj83_^U9 VuEP9 VvMEPM3 ^9 j "9 MzeEPu9 3& t)MH|& uEP9 |MM9 9 MM 3~jD9 r2hRMneEPM-nh\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 M9 F@,9 F9 @@,9 Fp9 RF9 y, d9 G9 @9 MWS@,C9 E>j`
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 " 9 F@9 F9 @@9 Fp9 L9 zuAB9 9 IA9 9 p,;1u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 ,9 F@ 9 F9 @@ 9 Fp9 F9 y d9 G9 @9 MWS@ H9 ECjD\9 r2hRM\meEPMlh\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 0 9 F@9 F9 @@9 Fp9 )F9 y d9 G9 @9 MWS@9 EU9 QVQ0 e0 eu9 ]9 ^jH0 M9 ] {t2hMkeEPMYkhEPE41M9 zt9 {9 C xt9 9 EH9 9;uv 9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u t9 9 9 9 9 xt0 9 E9 H9Yu} t9 9 G9 9 9 B xt0 Q\0 B9 0 ;Cu9 9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HKQP+YY {& & 9 ;ul9 F xu@VF^9 F xu}9 yu9 H yth9 H yu9 A9 MP@j9 F`NH9 MF9 @V@~ xu@VF79 xu9 H yu"9 yu@9 9 v9 M9 A;x& ?79 yu9 HA9 MP@9 `NH9 MF9 V@Gj9 S Y9 M9 A& vH0 Auuu9 E=jHV0 M9 ] {!t2hMUieEPMhhEPE4MD9 z!t9 {9 C x!t9 9 EH9 9;uv !9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u !t9 9 9 9 9 x!t0 9 E9 H9Yu} !t9 9 G9 9 9 B x!t0 Q\0 B9 0 ;Cu9 !9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HK Q PYY { & & 9 ;ul9 F x u@ VF 9 F x!u}9 y u9 H y th9 H y u9 A 9 MP@ $9 F`N H 9 MF 9 @V@ ~ x u@ VF 9 x!u9 H y u"9 y u@ 9 9 v9 M9 A;x& ?79 y u9 HA 9 MP@ `9 `N H 9 MF 9 V@ ! G j9 0SY9 M9 A& vH0 AuuuW9 EU9 9 EVu9 0 9 E0 F9 EN0 F5f`EF,F-9 ^]Vt$9 g49 ^U9 SVW9 9 G9 p9 E9 MFP9 D}E t9 69 v ~!tWSM }tL9 GW0MEPM t&uSjEP9 L9 9 9 E9 I0 0 H@2Mf9 uuN| tuSu9 E9 M0 0 p@_^[U9 SVW9 9 G9 p9 E9 MFP9 ||E t9 69 v ~tWSMQ }tL9 GW0M=EPM< t&uSjEP9 9 9 9 E9 I0 0 H@2M`9 uuN{ tuSu9 E9 M0 0 p@_^[U9 V9 ~uuvju9 Eg9 FSWV0M EPM t$9 E9 }P9 { Wu9 VvMWEPMV9 } t'9 F9 HWB{ 9 FWp9 j9 EP9 { t89 E0 E9 EM0 E 9 ]WKz t9 C x!W9 tSgug9 MWz tf9 EVv0 E9 EM0 EMEPM9 ] uCP9 z t$9 E9 H y!W9 tPjSju9 EWEP9 9 9 M0 9 @0 A9 _[^j;Z9 0 uQ0 e0 eu9e9 I9 j;%9 0 uQ0 e0 eue9 9 U9 QQV9 9 FV0MEPM t/VvMxEPM~ t9 u9 lOEPM{ u/SW9 }9 ]MlSWEP9 `EPMN t_[u9 uu9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^U9 QQV9 9 FV0MEPM t/VvMEPM t9 u9 rOEPM u/SW9 }9 ]MSWEP9 EPMT t_[u9 uu9 E^jd}jjSe9 YY0 u0 uE& tu9 uuuuA9 u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 89 F@ 9 F9 @@ 9 Fp9 \L9 z uA B 9 9 IA 9 9 p,;1u
Ansi based on Dropped File
(~WRD0000.doc)
9 V9 R9 F@,9 F9 @@,9 Fp9 ML9 z,uA,B,9 9 IA,9 9 p,;1u
Ansi based on Dropped File
(~WRD0000.doc)
9 VP3@ ^]9 L$I9 Au9 jP3V9 rf9 ^j+y9 0 u9 Fe& t9 PQfM9 P'j.B9 H~u%jPEY9 0 Me& t3M0 F9 !9 F& t9 PQ9 FVW9 39~tG9 9 _^V9 9 N& tc9 ^V9 l
Ansi based on Dropped File
(~WRD0000.doc)
9 VP3WSFPP
Ansi based on Dropped File
(~WRD0000.doc)
9 Vt$P& t9 WP9 _^j[&9 eEP7 9 EMM0 Fz9 jE}t@MW[uehX'h&h Mv_& u
Ansi based on Dropped File
(~WRD0000.doc)
9 W9 & u!3MSE\
Ansi based on Dropped File
(~WRD0000.doc)
9 X& t9 }t9 E`p9 S9 E~10 ]}EP9 E%PBYY& t`EjE]EY;J*3]EA9 EjpUjRQMQVpEP $& oEtM }t9 Map^[9 U9 =Tu9 EHw ]juYY]9 U9 9 MS3VW;t9 };w Ij^0 0SSSSS99 09 u;u9 `BF:tOu;uYIj"Y0 9 3_^[]W9 |$n$9 9 L$Wt` t=u9 9 ~3t9 A t# ttty
Ansi based on Dropped File
(~WRD0000.doc)
9 X0 ]& u3u`3@ 9 N`0 M9 M0 N`9 H& 9
Ansi based on Dropped File
(~WRD0000.doc)
9 x0 E9t9 F0 E9 E^[U9 QQSV39 0 ]9^t=9 FWUR0 ]9 PQS h9 jZW Pu W0 E_9 F;t9 @;t
Ansi based on Dropped File
(~WRD0000.doc)
9 X0F}~D9 C9 E9 9 `9 [F& }& }u9]|0 ]9 }9 Wj0V }t9 E`p3_^[9 U9 , 30 E9 ESVW9 }j^VMQMQp0~+3;u%SSSSS0 0}9 Z9 E;vu3}- +9 uMQ9 MQP3}- P);tuESVu9 `9 M_^3[ q9 U9 0 30 E9 ESV9 uWj_WMQMQp0*3;ujSSSSS0 8}9 9 M;v9 EH0 E3}- <0u+EPuQW(;tX9 EH9ES|-;E}(:t
Ansi based on Dropped File
(~WRD0000.doc)
9 Y 9 0 $-& 9 U9 V9 uW3;t9}w OjYWWWWW9 0 "!9 3}f0 sOj"SEPP E"!jd[Mj/Xf0 F
Ansi based on Dropped File
(~WRD0000.doc)
9 }& t9 w& tjVe& tWuSV_^[jS;=F9 E3H HH H Ht[Ht0H& h\"@Y9 0 ME& 3h\?Y9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
9 }9 & t"9 QPu9 R$& & WuhWuh 9 }9 & t9 QPu9 R & ugWuhoWuhE9 E]0 E& t,EPu< 9 M9 E9 QPu9 SuR(& uuuWu_^[U9 V9 Vu0u,u(u$u uuuuuu 0 F& u
Ansi based on Dropped File
(~WRD0000.doc)
9 }e'EPu9 uu& uhLMm& u;h9 M=Ph|@Vj0 MM3@hxVjMM3" Rj 9 0 M39=@t30 }=9 ;tu9 uuu>0 EuXuuuh
Ansi based on Dropped File
(~WRD0000.doc)
9& ah` Y0 EE;t9 39 0 ejh|9 E0 s49 9 s9 jr9 uj3VPLj9 0 ejhTS9 9 VVVc9 9 jrPM EP9 E& t<M(BEPME@T;uVuP9 9 PMEB9 9 9 URPP9 9 EPEP9 E9 M0 E9 E9 @0 E9 9 30 EFVEPE
Ansi based on Dropped File
(~WRD0000.doc)
9& xhLY0 EE;t9 39 0 ejh|9 E0 ^s49 9 s9 jq9 u3VVPLj9 0 ejh %9 9 VVj9 9 jqP9 u39 9 9 U RPP9 9 EPEP 9 E9 M;0 M|0 E9} 9 9 9 M9 E;~0 M0 E9 E;E~0 E0 EE
Ansi based on Dropped File
(~WRD0000.doc)
94 TUBI->!D2! WJS g[`37V! ]% 5
Ansi based on Dropped File
(~WRD0000.doc)
99 3& tRWh(M.;t@EDP9 0 exWh``99 & t[EDsxP9 :9 0E\=}\u7EDP9 0 exWh`99 & tEDsxP9 :9 h0ME39 }`EDsxP9 9 :9 B0MD>hM0/& t6EP9 MEP+& uEP9 D:ME2M0E2Eh9 Eh;EX sh9 +& thx9 f4Kx*& up9 *& u!hh9 749 )P9 :9 ulTS9 9 R2r0MM 23@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9909T9u9 97:& ::::?;V;n;
Ansi based on Dropped File
(~WRD0000.doc)
99?:i::7;q;;;<f<<<="==1>B>N>Z>f>v>>?#?7?V?u?z? ? ?~?????????
Ansi based on Dropped File
(~WRD0000.doc)
9]tuEPEPNh~& uEP9 0 ]&
Ansi based on Dropped File
(~WRD0000.doc)
9]tuEPEP}& uENhP}
Ansi based on Dropped File
(~WRD0000.doc)
9]tuEPEP}e~& uE}P
Ansi based on Dropped File
(~WRD0000.doc)
9]~"9 M9 EI8t@;u9 E+H;E}@0 E ; & 0 ]9] u9 9 @0 E 9 5 39]$SSu" uPu 9 ; ~Cj3Xr7D?=wa9 ;tPbY;t0 E0 ]9] >Wuuuju & 9 5SSWuuu9 0 M; Et)9] ;MuuWuuu;~Ej3Xr9D=w"!9 ;tjPUaY;t9 3;tAuVWuuu& t"SS9]uSSuuuVSu 0 EVBmYu9m9 EYY0 ]0 ]9]u9 9 @0 E9] u9 9 @0 E u[XY0 Eu3!;E SSMQuPu yX0 E;t9 5 SSuPuu0 E;u3~=w8=w9 ;tP?`Y;t9 3;tuSWsCuWuuuu0 E;u3%uEuPWu uW9 0 u#uWlYuuuuuu 9 9]tu^Y9 E;t9EtP^Y9 e_^[9 M3Q29 U9 uMRu(Mu$u uuuuu( }t9 Map9 U9 QQ 30 ESV3W9 ;u:EP3FVhVR& t0 54Pxu
Ansi based on Dropped File
(~WRD0000.doc)
9A0 A0 AlV9 u9 ;W9 }0 E~9 A;R]Au]Eu]EEAuzEa0 X0 _^3V9 9|t9D$tjt$FPt$F^3V9 N^(WjdP~0W0 F0 F0 0 F0 F0 F0 F0 F ~jXHu_9 ^V9 9 FW3;t9 PQ0 ~9 N;t9 j0 ~9~t0 ~9 ;t9 PQ0 >9 F ;tPR v 0 ~ _^V9 9 & t9 PQ&^hl1 & uP83@U9 Q=|u2eEPhtjjhs,& & |9 E& t9 PQ3@3U9 W39=|u31Vq9>u%WEPVE0 }0 }0 }& t0 >33@^_U9 QQSV39 0 ]9^t=9 FWUR0 ]9 PQS h9 jXW Pu W0 E_9 F;t9 @;t
Ansi based on Dropped File
(~WRD0000.doc)
9D$" L|9D$ L{9 V9 tSD$tV#EY9 ^V9 S
Ansi based on Dropped File
(~WRD0000.doc)
9F8t9 N89 W9 YWY9 N,& tt9 N0& <F9 & u$MWMEWMMEP9 9 N0E& tW9MM7,9 N,& t%s9 v0& t9 & tW9 59 j9 u
Ansi based on Dropped File
(~WRD0000.doc)
9Fr9 F9 & F9 N$F~rWv$NFQPv0 E& & !F9 F!} A9 MeMUCE9Er9 & 4#E9 NH9 P0 M0 Usm9 )E9 F9 N0 FujXB3 0 M!} 9 MeMUCE9 M9Urm9 & 4#MM9 m9 M)E9 F9 N9 9 U;! }u 9 F9 D39 V0 `AMu0 N9 F9 9F 9 FfWv$MQMQMQMQv9 AQPEE$0 E& & sWuuuuT& v0 Fw(W$YY9 Eu0 F 9 E0 F9 E0 G9 +WG9 E0 V0 F4& VeWv%9 G9 0 E9 F 0 E9 FYY9 N40 E9 F00 M;s+H9 F,+~0 E& &9 @9 Eu0 F 9 E0 FgjGNjuGM}uvw(W$YYuvw(W$9 EGM0 F 9 E0 F9 E0 G9 +jG9 EW0 V0 F4& } u9 EWV0 F49 N40 M9N0t'9 M0 N 9 M0 N9 M0 O9 +0 O9 M0 N4P*jUVVWXZZ
Ansi based on Dropped File
(~WRD0000.doc)
9M~39E9 jX_^j$}"Z+9 9 }& t$B;E 9 }0 _'h7%Y9 0 Me& tMA3M}0 & t u9 @uHQ9 }DPCEPv< 9 E
Ansi based on Dropped File
(~WRD0000.doc)
9P9 M9 EUBMM
Ansi based on Dropped File
(~WRD0000.doc)
9UujX]9 M#f;ujf;uEu9Utj3]9 U9 UDz3a9 U3ukEu9Mt]]Au3@3eE tMeJEtVf!u^;t fEEQQQ$"QEQQ$9 E0 ]9 U9 Q: }E9 U9 Q}E9 U9 Q: }9 E9 M#M#E0 EmE9 U9 QQ`Mt
Ansi based on Dropped File
(~WRD0000.doc)
9Vy#&sJ03@D |<#L @dP& StiSwl0) #c&a@4) ?("!! lx(``ES &B`z=AD&*+'SL \C)]*m*8T&+$\50&
Ansi based on Dropped File
(~WRD0000.doc)
9zb ! 0! !C
Ansi based on Dropped File
(~WRD0000.doc)
9}ht(h@M ?9}ht9 N9 Pp9 ;|~"MNMERM9 ENMiRMERMER9 N9 UREP$9 N9 9 URP9 MT#EPV3#9uXthM 3G;& R9uh& ME! " ME{" MEo" M Ec" MEW" MDEK" ME?" M4E3" MM'" 39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
9}u3@O9 N;t9 PXh~2Y9 0 M0 };t`3vM9 0 F*9 NWWWvq39j%89 30 ]9^tMM3@89 N;t9 PX3CMM9 h1Y9 0 ME;t3MQ9 ]0 Fsv9 N! 9 NSSSvj,&79 9 N & tf 9 N& t2 MzeM& u9 NPMMz38V9 t$& tDW9 N9 & ~-S3& ~S9 M& t9 j9 C;|jWj9 S[9 j9 _^V9 ~ tt$9 N t$9 Pd9 N`^& t
Ansi based on Dropped File
(~WRD0000.doc)
9~u9~t3@3_^U9 QeVEPu9 10 F9 E0 9 ^D$V9 tVRY9 ^j89 R9 M9 u9 ]}
Ansi based on Dropped File
(~WRD0000.doc)
: MDERMERMERM ERME: RM`ES"MM'3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
: MH# PhPM] 9 MxEP/ME : ME9 : MHE: MEs: MEg: ME[: MEO: M EC: <E"M0]): MX0 u: 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
:/::::;;#;C;j;p;v;|; ;;;@Xq3333%4b4x44445*5:5X5,6g89x999/:?::::;r;a;<==0>O>n>>?7???P"0700L11<2O2q2222/3U3e3333566>7s7777F8]888888
Ansi based on Dropped File
(~WRD0000.doc)
:4:B:X;;;4<}<<===>7>>>c???100012m2 2x2224(4E44555'535?5K5W5c5o5{5! 5 5x55555555 6 6657l777 8-8C8a8 8a888w9! 9R9 9999Q:t:y:" :::;;);.;y;R;;<<'<8<d<<<=/=F===t>>9????XK0 0021s1112233556i667D7}777T88(9& 99\::;;;<<<L==T>>? ?0<001+1I111T22B33(494`4" 4S444(5555L6n6: 6666G7S7\7a777778>8J8[8g8 8888~999:/:::;I;Z;! ;}; ;;;;;;<1<:<@<V<g<a=x======8>H>" >>>> ?;?m? Z1x1S111)2O2k2 29 222]3b3z3333\4a4444445! 5}5S55555&666@6a6f666666677,7>7e7r7z777778P8 8x888849F9a9l9~9 9999::9:D:l:z:;;5;v;~;" ;;;<G<L<w<& <<==B=G=R=: ====>.>V>f>: >>>>>I?T? ????00"0@0E0c0w0000E1i1n1R1111122
Ansi based on Dropped File
(~WRD0000.doc)
:9 3& M&-& uwjh<M/& ud!Ex9 g& ~Vux9 9 & t4MD+EP9 EwM+PKh<ME
Ansi based on Dropped File
(~WRD0000.doc)
::1:A:[:& :g;;H<[<j<s<<<=d===??&?5?B?\?c?w??"!?????? 0!0;0O0 011,1@1h1=2F2x2 22213x3N5}5555556#696 6667x77798q8T9b9: 99999<:L:::;-;[; ;;<5<R<<?==[>b>?L?^?n?S???0
Ansi based on Dropped File
(~WRD0000.doc)
:\:b: :::::;";r;};! ;;;V=g=o=u=z= ===>>*>6>C>J>>>>?.?=?B?c?h?S??????????PL0
Ansi based on Dropped File
(~WRD0000.doc)
:DX}'e }:H!w"TQ:eg& ,epE6` 0vXa& VX@uE X}@ *!A%zGp@7f! 0 9`p`|#`*H L6d X 0! <8$ 8" @*j# ! RXbFsOd/S 5%+L1& k& lbFx|b!h <$SDJ'C1fB kx! 1 *+F(SDK' &1 O!! $&
Ansi based on Dropped File
(~WRD0000.doc)
:t tQuW9 V9
Ansi based on Dropped File
(~WRD0000.doc)
;+Eu9 }"!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }9 5 NN9 "!9 0 EyJBjY+3B\& 0 M& & T& |& u@|f9 "!jY# yNFe3+BL& 9 1<;r;sE0 99 M& tL& 9 r3;rs3G0 19 Hy9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
;+Eu9 }"!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }9 5" NN9 "!9 0 EyJBjY+3B\& 0 M& & T& |& u@|f9 "!jY# yNFe3+BL& 9 1<;r;sE0 99 M& tL& 9 r3;rs3G0 19 Hy9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
;0;[;;; <<=S= ==9>d>>>?@?c? ???|$0W0a00
Ansi based on Dropped File
(~WRD0000.doc)
;9}ul9 PP:Y0 _& & :9}thq& uFVSj54 9 & uV9St4VO Y& tvV? YS:30 :|& u{:9 PP+:0 Y9 9 U9 SV9 u9 F9 3 u@t99 FW9 >+& ~,WPV`YP;u9 F y0 FN _9 Ff0 ^9 []9 U9 V9 u& uV5Y/V|Y& tF@tV0 PJ YY3^]jhA 30 }0 }jtY0 }30 u;5`P98t^9 @tVPVx`YY3B0 UP9 9 Ht/9UuPJYtE9}utP/YuE0 }F 39 uP4V`YYE}9 Et9 Ej[sYjhB39uuV
Ansi based on Dropped File
(~WRD0000.doc)
;AuV9 t$W9 & u3@$9 0 tHu9 {
Ansi based on Dropped File
(~WRD0000.doc)
;GIF89a'!',i)QR2& PP,: B& VkQ(9 m]NCPR }9A
Ansi based on Dropped File
(~WRD0000.doc)
;M\& & & M\PM4ohH M8& tP& P9 zPM\EuE
Ansi based on Dropped File
(~WRD0000.doc)
;MM:9 M"!ME~ME9 EPhM'2PVM)M9 EmMES& j,OeuEP3CM0 ]2& t9 MeEP@0 ]RM-1MEMEME9 EPhM|1PVM& u
Ansi based on Dropped File
(~WRD0000.doc)
;r9 9 Puuct6"!+x& w9 uuuYYujH PL 3 X 8u;
Ansi based on Dropped File
(~WRD0000.doc)
;r;sE}0 _tfm@@M}GGEM}"!f& ~79 }& x+9 E9 Me9 0 E?0 Ef& f& Mf& }B9 EtE9 M9 }9 Um9 MH0 }0 Mu9EtfM 9 f9Mw9 M u4}u+e}uef9Muf0 EFfEEEf;r#33f9E0 E 0 EI 0 M;f9 Euf0 E9 E0 E9 E0 Ef0 u3f& eH% e0 EE9 U9 E9 }f0 t2& +3f0 f9EB" $
Ansi based on Dropped File
(~WRD0000.doc)
;r;sE}0 FtfE mM}9 EFFEM}}f& ~;E u-9 E9 Me9 0 E9 E0 Ef& f& Mf& }B9 EtE9 M9 u9 Um9 MH0 u0 Mu9EtfM 9 f9Mw9 M u4}u+e}uef9Muf0 EGfEEEf; 33f9E0 E 0 EI 0 M3;& {9 M?f; E30 U0 U0 U0 U9 U9 3## 9 4
Ansi based on Dropped File
(~WRD0000.doc)
;t30 0 0 0 " f;
Ansi based on Dropped File
(~WRD0000.doc)
;t9 9 3ME9 Ph@9 Vh$9 9Sh9 sME ME ME M E ME MDE ME M4E MM 3@wj$0 M9 u& tU~tOMX`eML`9 N9 UREP9 M9 EPV#u"ME= MM1 39u9 MEPEPM9 E MM 9 j.!9 j/Y9 0 M30 u;t0 9 uM9 )V9 j89 3& + 9 =sC9 9 PhhjFM$ e& u9 WM\: 9 M0 PMK: 9 M" 0 PM:: EPjh ME EPEPEPjNPEME EPMM# 9 AV9 pW9 t$N t9 v9 9 6 ~!t9 _^9 T$9 BV9 00 r9 0 ~!u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 B9 T$9 V9 p0 29 p ~!u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 B9 AV9 pW9 t$N t9 v9 9 6 ~t9 _^9 T$9 BV9 00 r9 0 ~u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 B9 T$9 V9 p0 29 p ~u0 V9 r0 p9 I^;Qu0 A9 J;Qu0 A0 0 P0 BSV9 39u9 F8X!t9 @0 F8X!t<^[9 8Y!u9 9 A8X!t0 N9 N;u0 F9 @8X!t9 N8Y!u0 F^[9 D$V9 &W9 |$0 F& u9 9 0 _9 ^U9 9 EVu9 0 9 E0 F9 EN0 F`EF F!9 ^]V9 ND$tVY9 ^jjj8e9 YY0 u0 uE& tu9 uuuum9 CujYjj
Ansi based on Dropped File
(~WRD0000.doc)
;t9 EEP9 E9 URPEQ ;t(EP;t9 MMu9 n9 E9 PQu9 M wEP;t9 3CV9 9 L$n& t3t$9 L$l9 L$PlP9 f^|$V9 u3t$9 L$~lPt$9 ;^9 & t9 j9 T$9 30 H0 H0 P0 HjB9 0 uveY9 D$;Ar39 I9 9 D$;Ar39 I9 T$9 0 9 A9 T$;s"V9 t$;s9 A9 W9 :0 9 A0 <_^9 T$V9 9 F;r3"9 N+W 9 9PAPQN9 _^V9 9 F9 L$;rA9 VW
Ansi based on Dropped File
(~WRD0000.doc)
;t9 PQMEu9 EE;t9 PQEP9 EE;t9 PQE9 E;ER9 EE;t9 PQ9 EE;t9 PQ9 E;Et9 PQ9 M;tMMgqV9 ~pt/W~9 9 P 0 & tRt9 9 Pj9 _3^j2>N9 9 F<;Euj~9 9 P 30 ;t9~Rt9 9 PS9 " jX0 ~Rf0 EEd9 F<0 ];t9 SURSj?P MEPu9 u& 3~U9 W9 }& u
Ansi based on Dropped File
(~WRD0000.doc)
;t`& 8E9 M;tz`E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
;tu9 ]9 }EPEPM 3;t,9 C+CMPu& `9 M9 E0 E9 E9 <9 EEVPuM9utxS9 MM0 9 M39D$tPjjP"V9 R0 0 $3@30 00 X0 },0 }L0 }P9 ^Vt$9 Lt9 ^Q9 L$~9 D$0 Pj}U-L9 30 ]9]$ 9]( 9 } & t 9 E+ESP9 E+EPuuvS |MPM hME 9~DtM
Ansi based on Dropped File
(~WRD0000.doc)
;u0& u,hdqCjP3& t
Ansi based on Dropped File
(~WRD0000.doc)
;u: 3PblU9 9 M0]&& t3!VEPh\tj3Vhlt,& & t3^9 MWE
Ansi based on Dropped File
(~WRD0000.doc)
;YUOY_YY_,(O(2YYx2 " |SysPagerTrayNotifyWndShell_TrayWndSTATICEB m_WM_MESAGE_FROM_SYSTEM_TRAY4" " 0 "App to Open guid: %sAppGuidnameparamsOpenAppCNotificationsFeed::ParseClickActionAction name: %s, FallBackUrl: %sfallback_urlactionMY_XML<XML>MY_XML</XML>click_actionDynamicDialogs4 !ServicesIntervalSecErrorCountLastRequestTimeLastResponseTime.txt.zip.eb.ERROR_REPLYComIdtoolbarInprocServer32CLSIDIE_TB_IE_TB_CTEB_TB_NAMEAUTOUPDATEAutoTypeSoftware\EB_TB_NAME\toolbar\settingsSoftware\EB_TB_NAME\toolbar\settings\Updatehttp://hosting.conduit.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/tbedrs.dllhttp://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.comhttp://services.eb.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.qatoolbar.comDllOnUpdateFinish.dllPATHEB_CTIDtbedrs.dll| K;FF J _DCMC"DJ\ M?:/ -hencoding=xml ?><?IEIsProtectedModeProcessieframe.dllChangeWindowMessageFilteruser32.dllfirefoxCSecurityAttributes::GetLowIntegritySecurityAttributescatching exceptionS:(ML;;NW;;;LW)#SetLayeredWindowAttributesTrayNotifyWndShell_TrayWndhttp://?-I+I-U+U-B+BUTF-8@q'M>: mmmxxxmTrS*rxp~~lwx;xxxxxx(("zYmDyxymyy0 usUB ) xB xxmG ]0 0 60 f! 0 "!0 P"!0 EI m_WM_GENERAL_EVENTEI m_WM_SINGLETON_EVENTShell.Explorera! R=a;yR apDdx ala}h~Xaf:^: B xw: DaQ~0aRanva\ ~ ~oh~h~A"! '[ ~h~p~Yh~ ~"!Ha&1h~h~h~h~h~h~x"!eh~h~ ~ ~"! 0 ~ ~"!9 ~RR ffxO E" P0 4P0 P0 P0 buttonfacenonealpha(opacity=Y@p: ~v0\: XH: b:nv4: D ~ ~oh~h~A : & ~h~p~Yh~ ~: `1h~h~h~h~h~h~xalh~h~ ~ ~a N ~ ~aJS5ffx: : Nh~ : x^B xCWebBrowserDispatcher::ConnectAllHtmlEventsConnecting to Window Eventsres://CWebBrowserDispatcher::KillRefreshCheckerTimerCWebBrowserDispatcher::TimerProcidEvent: %d ,pSeed: %d CWebBrowserDispatcher::OnBeforeNavigatepWeb: %d , URL: %sCWebBrowserDispatcher::OnDocumentCompleteCWebBrowserDispatcher::DisconnectAllHtmlEventsCWebBrowserDispatcher::SetRefreshCheckerTimerEB_TimeStamp=Pragma:no-cacheCWebBrowserDispatcher::OnRefreshCheckTimerReady state: %d: zl: RNh~: : R DSelementRSSyS 8 'M>: x0h^%SOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionSHGetKnownFolderPathshell32.dllSoftware\Microsoft\Windows\CurrentVersion\Authentication\LogonUILastLoggedOnUserProfileImagePathSoftware\Microsoft\Windows NT\CurrentVersion\ProfileListIEGetWriteableHKCUSoftware\AppDataLowAppData\LocalLowwa+THREADID@LoggerWnd@@ExtraData@@TickCount@@ThreadFile@@DebugOnly@,.;:|*&/\
Ansi based on Dropped File
(~WRD0000.doc)
</assembly>l*021R1X1111+262F2z2 2223s33_4x44& 55557788,9<999:=:k:~::;0;@;;;5<g<<<==? D0-0;0 0n1k2v22233(333E4U444M5S55C99:;u<????0X00 000z23(3S33334445S678S889t9:::L;<<==>a>n>>\?u????@)0T00 00000@1C222333}334424e4a444575R5" 55T6}6607J7U7 88*9b9 99K:X:_:o::;a;;#<`< <<:=O=: ==2>m>0 >>>>??P 000f11 111172]22i3x3}333"4=4T4s4444444F6777V8[88899::d::8;! ;;;.<5< <<=T===>>U>>>J?" ???`%0V12=2O2q22222!333333"!4~4,5A5U5u5! 5 55L66666677'737O7[7u77S77778]88*9n9z9 9999I:d:;;<Q<<<=\=m=x===='>o>>>?`????p 0]0|0051_11111
Ansi based on Dropped File
(~WRD0000.doc)
<0 <W8D0 }& t
Ansi based on Dropped File
(~WRD0000.doc)
<0<c<x<<<P===!>D>_> >>>?G?j???@x0B0m001t1 111-2R2& 222313}333G445F555-6X6a6!7q7S77q8@99:; ;<<<=m=~==>O>}>>>?+?N?q? ??PS0I0w0<1i1}11122%3`334;4`44445A5d55555+69 6666-7^7777858h888949g9 990:c:S::;(;K;z;;;A<& <<<Q===>2>M>p>>>>+?V??`@0O000(1K111 2S2223C3|334#4g4445P5s5556G6j6667f7778D8g8 889w9a999:Z:9 :::-;X;{;;;;"<E<h<"!<<<<<<<<<<==="=.=9=?=J=P=[=a=l=r=}==}= =x============>>>>'>->8>>>I>O>Z>`>k>q>|> >> >~>>>>>>>>>>>>?
Ansi based on Dropped File
(~WRD0000.doc)
<<" ====&=.=6=Y=a=i=" R=" 0" ===========
Ansi based on Dropped File
(~WRD0000.doc)
<<.<5<I<P<h<y<<`< <a<<<<<<<<=
Ansi based on Dropped File
(~WRD0000.doc)
<<1<C<U<g<y<9 <<<<??e??@,0u000-1`1::; <<<<<=6>?Px0012! 2s4 44444445555 5588.99x; ;;`<d<h<l<p<t<x<|< < <<="=o=>???????????????`h@5: 555b6w668 88*91999:[::$;R;p;;;;;;;;
Ansi based on Dropped File
(~WRD0000.doc)
<<<w< <R< <~<<<<3=Y=a=l=s======>>>>>>3?H?X?? ?????`0030:0^00000001131<1Y1W2223,3:3C3l3`333333%4Q4Z4l40 4: 44445,5 5566b66666667D7K7" 7777778M8 :::::7<<<=+= = =====O>_>d>|>?9 ?"!??p0!030M0b0l0~00000000142J2_23355555e66666667)7 77788(8.8i8888%9>9G99:
Ansi based on Dropped File
(~WRD0000.doc)
<`<q<<<#=.=\=j=s==='>4>\>}> >>?!?)?6?T?^?g?r?! ?}? ???j00%1R111R2Y222/3444"4'474f4t4445
Ansi based on Dropped File
(~WRD0000.doc)
<F<K<_</=}=>|>"!>,?1?U?Z?t? ?0 ?a?????pS00011 111111Q2& 2`2 222233)313A3J33333333?4L4s4z4425y59 5 5555+6>6Q6i6}6"!66667=7\7v7: 778B8Q8R8888K9a9m9x9 99a99999999:K: :::::: ;1;H;! ;;;<G<s<}<<<<<<<#=7=J===
Ansi based on Dropped File
(~WRD0000.doc)
<qPA' %hW& o fxa^)"=Y
Ansi based on Dropped File
(~WRD0000.doc)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( f{yK "!"~}R~2w
Ansi based on Dropped File
(~WRD0000.doc)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( p ~wp xf ! ]n} 0 2'
Ansi based on Dropped File
(~WRD0000.doc)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( ~~a~Rn\ &xS mR9 S{ra 0}"!0 \"!v}ar %7h'ex& ;0 jbk rgp& \a]Se!! } jepa\
Ansi based on Dropped File
(~WRD0000.doc)
= Ah8]SWK& t
Ansi based on Dropped File
(~WRD0000.doc)
=0V uX_9 Mp^9 3[:Stj0,9X9 }3;u39 u9 9uS9 f#ujjEP9 QjjEP9 0 ]?jjEP9 E,jSMEgP= jSM0 EPP& jSM0 E9P MMM0 EM]SMM3@ XhR9WD 3D0 urD;uM3PXVuR;uMD9 VuDu=9 j[3W3M0 uUP uMM9 WtPM#P 9 3FjVu9 EeVM9 `WU9 (VWjEPj9 Y3}EPRE(9 Eu9 _^9 U9 SVWujj9 }9 59 SWju0 EuW uuW uWS_^[]9 D$& t9 H9 ;}0 0 PU9 }V9 t uu< & t}t
Ansi based on Dropped File
(~WRD0000.doc)
===;>W>>>>>>>??L????0&0/070=0M0Y0b0h0x00! 0 000000011%1K1X1& 111122*22#353 34 45K5 55566k6667d7" 77!8l8 8888899%989R9
Ansi based on Dropped File
(~WRD0000.doc)
=[;V)MY-NSPI T*AD(^H
Ansi based on Dropped File
(~WRD0000.doc)
=t& u$t f0 5x T 5P& 5h5X5H58;M& teh 5 YP tHhj9 9 YY& t4V5P 5_Y& tjVyYYDN0 3@$3_^9 U9 VW3u9 Y& u'9vV| ;v9 u9 _^]9 U9 VW3juul9 & u'9vV| ;v9 u9 _^]9 U9 VW3uu9 YY& u,9Et'9vV| ;v9 u9 _^]jh C39 ]3;" ;uWWWWW S=|u8jMY0 }SEMY0 E;t9 s0 u9 uE%9}uSW54 9 9 39 ]9 ujKY9 U9 WW| u0`w& t_]9 U9 eu5X dh]9 U9 hXW0& thHWP<& tu]9 U9 uYujLYj<KY9 U9 V9 9 & t;ur^]9 U9 V9 u3& u9 & t;ur^]9 U9 = Vth V!Y& t
Ansi based on Dropped File
(~WRD0000.doc)
=t33@9 e% eUEeU89 U9 30 E9 ESV3WEN@0 00 p0 p9u F9 9 X9 }9 <9 H9 0 }9 e9 9 ]<0 00 P0 H;r;sE30 89]tr;rs3C0 p& tA0 H9 H9 U3;r;s3F0 X& t@9 MHe?9 <9 P9 9 U0 0 x0 X40 U;r;sE}0 0tO3;rs3B0 H& tC0 XME}! 3&9 H9 0 P9 9 E0 H0 9pt & Xu09 09 xE9 0 04?9 H9 0 p0 H& tf9 Mf0 H
Ansi based on Dropped File
(~WRD0000.doc)
=t33@9 eeE9 Ej9 U9 3S0 E0 E0 ESSX9 5 PSZ+tQ30 E0 ]0 U0 M0 U0 E[Et\& t3@3["!39 U9 VuM3: 9 uPeFPo& YuPYxuFF9 M9 0 9 ``F```F u^8Mt9 E`p9 U9 VuMa9 E`9 u t9 9 `:t@` u`@ t6 et Et@` u9 H 80t9 }9 S`:[uH`
Ansi based on Dropped File
(~WRD0000.doc)
=xu9 M%:P9 C9 ^9 uj9 "!PEP9 Mjh19 E=9 t9P9
Ansi based on Dropped File
(~WRD0000.doc)
>$>??)?a?n?0 ???? '070`00002)2I2^2t22223#3 333333333
Ansi based on Dropped File
(~WRD0000.doc)
>0 :10* H
Ansi based on Dropped File
(~WRD0000.doc)
>0 uf93u >jEPh C PuWS0 EE9 Eu(Y9 U9 j@uu(]=H C \$9 D$% = u<$f9 $ffd$& ~D$f(Vf(f(fs4f~fTVfftL=|}f=2fL$D$f.{$0 T$9 0 T$0 T$0 $ D$~D$ff(f=|%=2fTVXfL$D$VfVfTVf\$D$jhAK9 ]& uurY9 u& uS Y=|& 30 }! `j wY0 }SwY0 E; ~;5lwIVSP|& t0 ]5V\Y0 E;t'9 CH;r9 PSuIS[w0 ESPw9}uH;u3F0 u0 uVW54$ 0 E;t 9 CH;r9 PSuSu4wE.}u1& uF0 uVSj54 9 9 u9 ]juY9 }& & 9=St,V Y& &
Ansi based on Dropped File
(~WRD0000.doc)
>>" ?%?-?" 4P?" ps?" S ?~??" " (?????@tP" `@ @(@K@S@" v@@R@ @" " \@@@@@@@A" (A0A8ACAKAUA}A" AA" AA" PABB" 6B" [BcBkB" }B B~B" (BBB" dB" C" :CSC[CcC" C}C" <CCCC" p" DCD%D-D" $XDPDqDyDD0 D D"!DD" DDDDDDE$E,E" " OEhEpExE EEEEE" `@R" SEEEFFF6F>F" aFiFqF{F" H" FFFFFFFFG" *G2G:GBGJGzG G" D" SGGGGG"
Ansi based on Dropped File
(~WRD0000.doc)
>>:>@>\>t>a>?7?A?y??????? 00 0.090@0[0`0h0n0u0{0 000 0S0000000000000111#1(13181E1S1Y1f1 1R11111'202<2u2~2`2223$3Q3Z3! 33333394A4T4_4d4t4~4& 44"!4444444
Ansi based on Dropped File
(~WRD0000.doc)
>lME2lME&lud9 Mh;tU9 Ml; \ERtAtjj9 M`XVhx*P1up9 =9 ME
Ansi based on Dropped File
(~WRD0000.doc)
>U9 V9 v& u32EPv@ & t9 E& t9 M+M0 9 E& t9 M+M0 3@^9 D$Pq0 jXf<9 ~xu3P 9 0 ePe9 0 ejh|9 *9 NxM4=V9 : D$tVP=Y9 ^U9 QV9 }{& &
Ansi based on Dropped File
(~WRD0000.doc)
>Y>}>}>"!>>>?)???0.0@0Z0x00"11111I45:6J6Q6X6_6f6m6t6{6 60 66 6666677N7}7778I8|888989?9F9M9T9[9b9i9p9w9~9& 99"!999:6:2;a;;P<r< <<==2>p>>" >>>>0?T? ????x(0=0L0c0w0! 0"!00B1G1S1X1d1 2<2A2j2222233-4Z4`44444455I66677P780 889^99R:;<W<w<<x==%?@???;0K0`00001I1e1! 11112224`44^5g5m556
Ansi based on Dropped File
(~WRD0000.doc)
>~ openiexplore...EB m_WM_MESAGE_FROM_VIEW_RECENT_WINDOW4 G" 0 60 f! H CAutoUpdateThread::ThreadFuncAutoUpdateexception caught.DllRegisterServer `vh~SDeleteNoRemoveForceRemoveValBDMSR {1D3B35E5-93C0-490d-90CA-153E78A17FF2}INSTANT_ALERT_RESULT_FORCE_HANDLEINSTANT_ALERT_RESULT_TRY_TO_HANDLEINSTANT_ALERT_RESULT_HANDLEMessage not found. Message type: %d, Message Id: %dApp Exists reply, MessageId: %dNumber of params is different from 1No Dspid paramsCConduitAlert::OnPendingNotificationReplyH }` Z$= H<ui';Z>CConduitAlert::RunAlert\ : 4 u`<ALERT_XML><TYPE>ALERT_USAGE</TYPE><MESSAGE><VERSION></VERSION><TYPE></TYPE><DATA></DATA></MESSAGE></ALERT_XML>typevaluekeydataTYPE 8! ! }
Ansi based on Dropped File
(~WRD0000.doc)
>~faarheeUSE SYSTEM CHARSETB ) $B xxwm "!"EB m_WM_MESAGE_FROM_STATIC_BUTTONCRYPMSCF$\%''4'A'X'FDIDestroyFDIIsCabinetFDICopyFDICreateCabinet.dllincompatible versionbuffer errorinsufficient memorydata errorstream errorfile errorstream endneed dictionary`4T4~H484,4443~?? unzip 0.15 Copyright 1998 Gilles Vollant `PTsRp0P
Ansi based on Dropped File
(~WRD0000.doc)
??0???z?0 ???? 0J0Z001p11112223+3m3364U4l40 445/5A5L5f5 566)666z778M9T9a9g9t99P:v:|:0 : :a:x:::6;U;_;& ; ;;+=/=3=7=;=?=C=G=K=]>w>>i??0/0_0}011b1 112q2222333$373S3344F4R4" 44445$585F5d556_6x6666677=7! 778'8v8 8R8888h9x999994:D:X: :;%;F;K;e;;;;;U<<<=A=" ===>^>>?Z? R4011W1i11112+2o2& 222393^3304F4 4" 55.67)7f778 88889999Q:]:::::.;;;;E<<<<<<.= ===%> >>>>>>6?0d0000 1'1:1l11N2233!3n33744:555Z67Y8999999
Ansi based on Dropped File
(~WRD0000.doc)
???&?,?7?=?H?P?U?_?k?v?|?! ???~??????????pt0000%0+060<0G0M0X0^0i0o0z0 09 0 0S0000000000001111$1*151;1F1L1W1]1h1n1y11`11: 1111111111112222#2)242:2E2K2V2\2g2m2x2~20 22a2222222222223333"3(33393C3O3Z3`3j3v33! 3 33333333333334
Ansi based on Dropped File
(~WRD0000.doc)
???0T0+7C7~7777&848B8O8]8 8: 88839j99:.;a;
Ansi based on Dropped File
(~WRD0000.doc)
?j,Qu40T & t9 & ,@0 & 8P0 & @8ul@t-j^9@u''0 0?@'Y19 (9 D@t9 & 4 8u3$'' 9 & 8+& 0_[9 M3^RjhPB?9 Euo' T'3;|; r!F'0 8,'WWWWW9 9 9 L1tP}Y0 }9 D0tuuu.0 E&&0 8ME9 Eu6Y9 U9 V9 uWV
Ansi based on Dropped File
(~WRD0000.doc)
?LV= Q3#M90+[
Ansi based on Dropped File
(~WRD0000.doc)
?Zd;O n?,eX?# GG?@il7 ?3=Bz ?a w?/L[M " ? S;uDa?g 9E ?$#;1a9 z?aUY~S|_?/ & D?$?9'*?}d|FU>c{#Tw = :zc%C1<!0 8 G ;X ; EB"!u7.:3q#2IZ9! W 2hRxDY,%I-64OSk%Y}~ZW <P"NKeb }-x
Ansi based on Dropped File
(~WRD0000.doc)
@ & Aft#x }u}jPuujxu9 #! rXxtR99u2yr,9Yv'9 Q9 R& tu$Vu uPuuuQ u uu$PuuuQ 3@_^[]jhD9 @x& te3@9 eEM9 @|& tjhD5Y& te3@9 eE}h3lYU9 SQ9 E0 E9 EUu9 M9 m}sVW_^9 ]9 MU9 uQ[s]Y[9 U9 9 E3; tA-rHwj
Ansi based on Dropped File
(~WRD0000.doc)
@ 'S9 \$VhSrS9 t$YY& t& tB <hrSYY& t& t% hrSYY& t& t 30 ?t
Ansi based on Dropped File
(~WRD0000.doc)
@ 8~ )9 f8& fx& jpM]Q9 3f9X0 ]" 0 MM ME"KEPE9 0 ePEaTM =M ;0 E0 ]~uuMK9 ;tYMJEPVM E!M[9 3;~$VMJ;t39] QPM `F;|MEPE9 E;E|9 9]uEPM [MEOM ]0MM J3W j-a9 0 ueNif8f<9 Mj-h9 0 u9 F<e& tPf<NAM9
Ansi based on Dropped File
(~WRD0000.doc)
@ 9 U9 SVW: }9 ]3tjZttt tt9 #t$=t=t;u#tut9 }9 M9 ##0 E; 9
Ansi based on Dropped File
(~WRD0000.doc)
@ @> " h@
Ansi based on Dropped File
(~WRD0000.doc)
@ d~tW 9 39 f9uB|jpML9 ejpMLME0 ?& t!W MEFMMF9 & EPEP9 3V9 FNtFh>fF"!9 ^V9 D$tVY9 ^U9 9 Ewy$& u 9 Mju9 M2]u 9 MzPu9 MCu9 M 6u9 M)9 M@u9 Mu9 M'@ ]$9 q~9 Vh9 ``9 D$ff0 F9 ^V9 |`D$tVY9 ^Vh9 `9 D$ff0 F9 ^V9 2`D$tVxY9 ^Vh9 0 9 D$ff0 F9 ^9 AV9 0 D$tV*Y9 ^j*.
Ansi based on Dropped File
(~WRD0000.doc)
@ h ( #g@ iX mp { | } ~ 0 0 " H ` x "! a : S ~ x8 P h ( @ X p z0 H ` }x 0@P`p 0@P`p 0@P`p
Ansi based on Dropped File
(~WRD0000.doc)
@ JV9 uh,sV sYY& t9 E& HhRsVnsYY& t9 E& HhlsVJsYY& t9 E& Hh\sV&sYY& uhsVsYY& t9 E& H}hSsVrYY& t9 E& ttHqhLsVrYY& t9 E0 [hsVrYY& t9 E& t?H<hsVxrYY& t9 E& t"H$hrV rYY& t9 E& tH 30 9 PQ3
Ansi based on Dropped File
(~WRD0000.doc)
@ SRfI0 rR1#Ax$S;AT: A"!0 1
Ansi based on Dropped File
(~WRD0000.doc)
@ ~& 9 39 f9& 9Y B|WpMN9 WpM0 ]N9 Wp(MEMME"!@& umM@& ua9 uEPEP9 M0 ]M?9 60 EjEPM7?PuM9 EGM]GM0 }G9 'ME GM]RGM0 }GW j .x9 9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
@& D@& DDr9 & H+j& ,PS& HP9 4T & B9 & ,& 8;R:9 & <+& 4;E L 0 & D & 9M M9 (9 D<+4& H;MsF9 " D& DAAf
Ansi based on Dropped File
(~WRD0000.doc)
@8u@8u+@P0 E9 Y;uVEuVW~V9 _^[9 VW9 ;s9 & t;r_^9 VW9 ;s9 & t;r_^9 U9 39Ej hP4& u]3@|]=|uWS39dW9 =L ~3V9 5hh jv6j54C;d|^5hj54_[54%49 U9 eeSWN@;t
Ansi based on Dropped File
(~WRD0000.doc)
@9 tI?uDhM7& u3EPMh MEEM& tjME^MERMMF9 N"j#Xg!9 EM0 EzueM#& u9 uMM'9 "MV& tMQu9 j0|%!9 9 EHw?}t9MpeEuP9 9 |& uMM 3`!MP9 MQMQ9 EPT& u/}tMEG9 uEP9 9 & tM& ujh@M}Ev,9 uEP9 9 & uME 9 MQMQ9 PLM9 EMEMM9 j VX9 u9 & & M2zeVM{& EP9 0EPME{M& j/j\%M HPM5f/t
Ansi based on Dropped File
(~WRD0000.doc)
@9}E19}E"9ME
Ansi based on Dropped File
(~WRD0000.doc)
@:^/R2B(.|uBV|j3B" _3B&)R2B 21ECA;GIF89a$ !,$` " $$Uq,#R%;GIF89aR!,R6#zU%SgN!' KOQRD0 }` @h2: biXX~`;GIF89a/$ z " "!yz9 z { yz SzS~9 "!: ~zSzyz{~y{{{}~ z& & ~ y}" yz : " zy!,/$@*\ ! #FRO &#DB`IR hP!
Ansi based on Dropped File
(~WRD0000.doc)
@@AAL$u3f;@9 D$Pt$9 D$Pt$u9 D$Pt$9 D$Pt$U9 uuuu9 E]U9 uuuu9 E]U9 uuuu9 E]U9 uuuug9 E]jQ=9 0 uN9 "eN"N$E"N4E"NDEY}9 jQ9 0 u9 NDE/N4E{+N$Eo+NEc+MNW+ajdS|9 39]u
Ansi based on Dropped File
(~WRD0000.doc)
@@t%PjV ^hP0h$P<& uh{9eS9 u9 }3hPf0 & & P]h& PVjh@Xe& P
Ansi based on Dropped File
(~WRD0000.doc)
@@t%Pjv@ ^VqW9 `9 & ~,S3& ~S9 & tPh C;|jWj9 [_^D$Vjjjj9 PvHd & tPN^9 D$-t+Ht!HtHt
Ansi based on Dropped File
(~WRD0000.doc)
@B u }^t9 E`p9 U9 9 EAz3@]3]9 U9 QQ}uutEPQo9 M9 E0 9 M0 HEPo9 E9 M0 9 U9 juuu]9 V9 & tVU@PVV: ^9 U9 jueYY]9 U9 juYY]9 U9 SVWuM9 }"!3;u+
Ansi based on Dropped File
(~WRD0000.doc)
@B:tOtMu9]u;u9 }u9 EjP\Xx06j"Y0 9 9 U9 QeS9 ]& u3aWru{& vn9 M9 E` tR:QuM`P t<:Qu7`P t&:Qu!`P t:QuE9}r?@IF@I<@I2@I(9 M9 E` t:u@AE9]r3_[+9 U9 9 UV9 ujX0 E0 U;uY5 >5S3;|;5 r'/50 5SSSSSQ9 W<& 9 `Hu40 4jwP0 ]; & 9]t7`@$EHjYtHu9 t0 U9 E0 E9 u!}40 c4SSSSS49 0 M;r0 EuK!Y0 E;u+434hjSSu9 0 D(9 E0 T,9 AHtt`I
Ansi based on Dropped File
(~WRD0000.doc)
@j%?9 0 ute_9 FD& t4eMQP$& t}ujvDHvDXfDMNY?S9 V9 9 F<W3;tP& tv<Wv,WWWWWWWh~hW P0 F<& t9 = Vjv<h%xjv<3@_^[jlEM>hw(IY3S0 ]8& ;uE9 M;t[MrEPM0 ]MEjjEPEPME0 ]D9 5( 9 = 0 E0 E}t{EPjSSSEP& uhjSEPj t9 uv<& t=Sh5(v<9 5 }tEPESSSEP& uuTuX9]t<& MEM]MMy 3=V9 D$tV=Y9 ^ji<9 FPMW39F0u#9 M0 N,N4QPVh{PP(F00 FDMMW3@f=j<9 0 u^$9 ~S3ND0 }SME0 ~`0 ~d0 ~0 ~0 ~ 0 ~0 ~ME0 F9 j9 0 ~@PND9 jPjX'6Y0 EE;t9 N3M0 FEi9 <V9 9 N& t;h 9 9 Nh , 9 Nh 9 Nh 9 Njdc^jd;0 MMeM~EPMEM0e0 E& uEPMLjEN5Y0 EE& tMQ9 9 3E& t59 & u9 }D9 7SM& P9 9 9 j9 MEaE9 E;E qME#~MM};VW9 |$9 ;~u3@)~ t9 N 9 W& u9 N`& t
Ansi based on Dropped File
(~WRD0000.doc)
@M E8M0 hM@|5& t5EP9 ME?1& uE^xP9 4@9 5M>hM@65& t6EP9 ME0& uEP}?MEU8M@0 }J8Ep9 Ep;E\ ^h9 0& thx9 :Nx~0& uN9 0& u!~hh9 99 Q/P9 ?9 ]dTV9 9 6}2s& t9 j9 E`9 E`;EP 33@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
@Rsv}u`L2}i]18E Px` S hX87Qc?ExQ& }m>W3Y$:O.)D ,49 qaz')Z^Jx2VF+
Ansi based on Dropped File
(~WRD0000.doc)
@u9 9 3MEt
Ansi based on Dropped File
(~WRD0000.doc)
@u9 E9 #E#;u9 P0 EjY]9 M3 yjZtttt& t9 #t$= t=@t;u
Ansi based on Dropped File
(~WRD0000.doc)
@|33}jX" eVu}9 5 NN9 "!9 0 ]0 EyJB|& j3Y+@0 M& 9 E& T& |& u@|n9 "!jY# yNFe+3BL& 9 10 u9 19ur"9U& t+eL& 9 r0 u;rsEH9 U0 9 My0 M9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
@|33}jX" eVu}9 5" NN9 "!9 0 ]0 EyJB|& j3Y+@0 M& 9 E& T& |& u@|n9 "!jY# yNFe+3BL& 9 10 u9 19ur"9U& t+eL& 9 r0 u;rsEH9 U0 9 My0 M9 M!9 E@}
Ansi based on Dropped File
(~WRD0000.doc)
[[t[P[$[ZZRZTZ,ZZY pY!xX"WxWyWzWWWxxxxxxxxxxx
Ansi based on Dropped File
(~WRD0000.doc)
[f0 <<f0 <r3VVhU
Ansi based on Dropped File
(~WRD0000.doc)
[f0 @@& <& <f0 @@<r9 & H+j& ,PS& HP9 4T & b9 & ,& 8;RZ9 & D+& 4;E ?@9M |9 D<+4j& H^;Ms<9 " DDf
Ansi based on Dropped File
(~WRD0000.doc)
[MEEPu9 E;Et9 PQ9 E;]t9 PQ9 EM;t9 PQ3 #jq="9 30 ]EPNP0 ];|_9]tZuM9]t:;tFX3PM9 E9 VURSPE |EP9 E];t9 PQ9 EM;t9 PQ"j ="9 & t6PM 9 Ee& t9 PQ9 E9 jPQ9 EM& t9 PQ"9 L$x3V9 9 & t&^V9 t$t$N}k3^jT>v!9 39]u~D9
Ansi based on Dropped File
(~WRD0000.doc)
[MS}0f0 0f0 V9 "!YSY[0f0 F0f0 V9 "!00f0 Ff0 V3_^9 U9 9 E& }]9 U9 SWuM9 E9 }3;t0 8;u+dNSSSSS8]t9 E`p39]t}|}$V70 ]7GGEPjV}& uf-uMf+u7GG9]u3V" Y& tE
Ansi based on Dropped File
(~WRD0000.doc)
\h0 @9 ;t*hW<;tMQ;u9 E;t0 W89 6Ul$ 30 & j`E9 0 M39 0 }0 ]T& u
Ansi based on Dropped File
(~WRD0000.doc)
\X\|[SUV9 t$3W; .9 F; #9 |$j_u9 0 |$0 \$j
Ansi based on Dropped File
(~WRD0000.doc)
]$& _9 F& 9 NHF0 F9 0 A9 F9 H 9 t0 (FN9 H;Hv0 (FtN 9 F& 9 NHF0 F9 9 @0 9 Aj3]& t9 \$j
Ansi based on Dropped File
(~WRD0000.doc)
](9 FWVpp9 u9 F0 (9 F`& u9 & 9 FHQVp9 ]9 Fxt9 F& 9 NHF0 F9 0 A9 F9 9 F& x9 HF0 F9 FH9 F9
Ansi based on Dropped File
(~WRD0000.doc)
]0 )F\N9 9 \$& Oj
Ansi based on Dropped File
(~WRD0000.doc)
]9 M0 }0 E;uMM\9 !u9 o9 E3jZQ$39uY0 <~B9 MV[/9 & t-GPMn9 9 <0 9 9 <39u@PVW9 F;u|3GtV9 }P9 |^jh8$9 u:3CtTMSxaejh MRaESPERP][YYMREg9 }ESP MMSLjSSSj9 k 9 }EPv@ 9 E+E9 }0 EE+}]E5{%E
Ansi based on Dropped File
(~WRD0000.doc)
]9 U9 QQS9 ]VW330 };tG0 }rwjrY 4jrY& u
Ansi based on Dropped File
(~WRD0000.doc)
]]#]1]" `.Z]b]m]x]] ]x]]]" .@." ..^^" $/@#X/" h/x/V^" /y^" /^^" 0@<0" L0\0^___" 04_<_" 0" 01__g_o_w__! __ _x___
Ansi based on Dropped File
(~WRD0000.doc)
]emu}& " " D (" K" nv~" " " P"
Ansi based on Dropped File
(~WRD0000.doc)
]f^vq(I!m~wF)jP2AtgQE&M:ol1cBSNib+.;Y~V*LJT\sZ,hA" P@
Ansi based on Dropped File
(~WRD0000.doc)
^jEPuE uR$ 9} tjX
Ansi based on Dropped File
(~WRD0000.doc)
_.d,$$$H8! <M@ YUO_YY_,i(^Yx2mxR$xxx S
Ansi based on Dropped File
(~WRD0000.doc)
_9 Ft 90ujAPQ }t9 E`p3_^[9 U9 , 30 E9 ESVW9 }j^VMQMQp003;uSSSSS0 0'9 o9 E;v9 uu3}- +3;x+MQNQP3}- 3;xQ.;tuESPu9 Vu9 M_^3[v9 U9 juuuuu]9 U9 $VWuME3E0 9}}0 }9 u;u+" j^WWWWW0 0: }t9 E`p9 9}v9 E9EwWj"9 }9 0 E9 G9 S#3;& & & 9 Euju^PSW& t } 9 Map` ;-u-F0F}je $xFV7kYY& L} p@2% 3t-F9 ]0F& $x9 OF3'3u!09 O9 Fu0 U
Ansi based on Dropped File
(~WRD0000.doc)
_^[9 U9 QV9 uV 0 E9 FY uGN =@t
Ansi based on Dropped File
(~WRD0000.doc)
_^jNSa9 9 ]3E0 u~j[M& t
Ansi based on Dropped File
(~WRD0000.doc)
___`" 1%`-`5`" 1" D2X```n`|```````" l2aa" 21a" 2" 43Ta\adala~a ata}aaaaa" |3ab" 3)b1b9b" 3" L4\bfbnbvb bbbbbb" 4bb" 4c'c" 4LcTc_c" (5& cc" c" d5ccc" 5d" 5,d7dBdJd" 6pd" L6 d~dd" x6" 6dddddee(e3e" 7Ye" D7|e e" p7eee" 7eef" 7%f-f" 8Pf" P8sf" |8"!ff" 8ffff" 8" D9!g)g1g9gAgIggg" 9ogzg& gg: ggggg" 9g" :h'h" @:Mh" t:phxh" :" :: hhhhhhhi" 0;" ;#i+i6iAiLiWi i" ;i" ;ii" <iij" L<'j@j" <cjnj" < jSjj" <jj" ,=kk" `=6k>k" =ak" = kk" =k" (>kk" T>l" >+l" >Nl" >ql|l" ?P?X?~P,? ??d& @(@d Iey,=3k" t2#%&~(@(J(')0)@*C" CCF+**--1---& DDdd |2x3333-9I9{FFRjJnJ9 bYfio`
Ansi based on Dropped File
(~WRD0000.doc)
_EI CMyTitleBar ClassEI m_WM_MESSAGE_FROM_TITLE_BARB ) zyxximh<irfdihogmggwl6mB ) zyxximh<irm m=onmggwl6pmB ) zyxximh<irm mapnmggwl6pm`B ) zyxx"rJrmhlrsfdirtogm;qUwl6mxAEI CDialogChildShadowFrame Window ClasstB ) zyxxym~ {}wNzL{BUTTONCChildButton::OnMouseLeftKeyDownm_iLastMouseDownTime: %d8! ! X ,YOUOY_YY_,(O(2YYx2SR~lwx`xxxxxW`((`YRDyxy0 yy0 usU: R8! ! X ~ YOUO _YY ,(O(2YYx2EI CMovingFrame Classnew<base href="file://%s" /><head>onNavigateErrorinversePointerPositionbodyF(k $ , , v =9R dxl F: x^b /O- xw: S8 PtM %nv`Z ~ ~oh~h~AL/"! ~h~p~Yh~ ~8W1h~h~h~h~h~h~x$Fh~h~ ~ ~a ~ ~ ffxO E" x &x4 t" a ~isLocaleRtlwriteDebugStringlogUrlgetDataonclickLinkonSizeChangeisSupportedFunctiononCancelonAcceptgetValueByKey<$(ge Rs" 8{ ge(`3OgeJ]$8NULLnull `\u\/D6U&*truefalse\'M>: ge
Ansi based on Dropped File
(~WRD0000.doc)
_jV(^9 9 Ee0 9 E0 9 E0 EP} C9 E$MM0 ^ 9 D$0 AL9 D$0 9 D$0 j)T]9 Ee0 At9 E0 Ax9 E 0 A|9 E$0 9 E(0 EPMM*4^$j)TM]9 Ee0 9 E0 S9 E 0 9 E$0 9 E(0 EPbMM]$9 D$0 9 I& tP U9 V9 9 N& ~EPEPR& 0 EPv@ & txS9 ^xt9 M+N|+M t9 E+E+E"!+9 N|9 N|Mt9 E+ +E$t9 E+E+E"!+ 9 EjPQ9 N[^U9 V9 9 N& EPEP& "!EPv@ & S9 ~St9 M+}+M&t9 E+E+E"!+9 }9 }Mt9 E+ +E$t9 E+E+E"!+ 9 EjPQ9 N[^U9 V9 v& tIt@WEPv@ jjuuq"9 & tjWvtW_^V9 9 FW9 = & tp& t9 Njjt$&9 F& tp& t9 Njjt$&_^U9 (SVE9 P9 Ps x & ukWj(3EWP e0 E9 C h WE0 }0 }0 E0 } j0 E9 0 E0 }g0 EEP| _f& u33@^[U9 V9 \;Fu`& tBEP< 9 E+EjP9 E+EPuuvS ^U9 V9 & & SWEPv< 9 ]9 }+]+}Vv jvSWuuh h|9 vPh SWjj0 R KSOWjj0 ER 9 }j9 SWW jWtW9 =Sj0 vSjjdj_[^U9 V9 9 N& tu9 uP8& u3#9 N& tu9 uP8& tu9 u0 ^]V9 D$tVlYY9 ^jNTOX9 39s& hORY0 E0 u;t9 z3M0 C30 u}9 0 E0 E9 0 ePs 9 Ks9 j9 u3VVPL9 V9 PX9 9 KVM9 KjmXjNTSW9 39s& hSQY0 E0 u;t9 3M0 C30 u}9 0 E0 E9 0 eP]s 9 Ks9 j9 u3VVPL9 V9 P\9 9 KVa9 KjWj0qTV9 9 }9 W& u
Ansi based on Dropped File
(~WRD0000.doc)
_MGijWv0 F,vMM3@3U9 D$;At;At;At;At;At33@S9 \$& t<V9 sa9 & ~-W3& ~W9 6 & t9 j9 G;|jVj9 _^[jD0 M39u $9 Ma; 9 MV" 9 ; h,yY9 0 M0 u;t9 MGPNGPN0 EHWNHMu3ECPM0 ]\2PNxEM]
Ansi based on Dropped File
(~WRD0000.doc)
_S_qq _|_ x_ _R_q _qqqqSq"q# q$q%q&|q D 0@@@@S@P@$@ @ @}4@N@ ~p+i@]%}O@q " C)~@D @<Ix@oR G A& kU'9p|B}~QCv)/ &D(DJz" Ee F
Ansi based on Dropped File
(~WRD0000.doc)
` @PX S;x8Qh(HPTUS+t4Q
Ansi based on Dropped File
(~WRD0000.doc)
` @PXS;x8Qh(HPTUS+t4Q
Ansi based on Dropped File
(~WRD0000.doc)
` 0 wu< u9]tj+MdjPM}u&SMEEEPM0 ]uMhMuYPMuMF;7RV9 MEP)MEEMEM]9 Ej"!C9 0 ueN u9 E9 pV9 D$tV`Y9 ^9 V9 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
`"!9 9 u& u3_eEPMoej,EjPnuMp9 E0 E9 E0 E9 E0 EEP9 0 uMM9 h9 j`=`0 M9 }3;u
Ansi based on Dropped File
(~WRD0000.doc)
`0 ES& & EST9 & gkMS9 0 M f9r9 }EM0 EP
Ansi based on Dropped File
(~WRD0000.doc)
`8@4@9 ;rE9= |9 = e& ~m9 E9 tVtQ`tKuQ & t<9 u9 4& 9 E9 0 `FhFPa\YY& FECE9}| 39 59 tt N rF& ujX
Ansi based on Dropped File
(~WRD0000.doc)
`9 ^~^9 D$& }|$tt$0|Y39 T$V9 & ~.W9 k!3:9 ~9 k!3z9 & _9 ie9 X]^qq}YY& t3v9 `V9 9 L$PNh" ^9 9 L$i& uVWt$r9 >P9 W_^Vq9 L$W9 >RP9 W_^V9 9 L$#& t3t$dPN% ^}Z}9 `j 6 v9 0 uSeN x MN Cwji^v9 F PMs ueu9 MMs wjiv9 F PM4 ue9 MM9 5 9 vjiu9 F PMueN9 PMM0 vjiu9 F PMueN9 PMMLvjBeu9 0 u`ej
Ansi based on Dropped File
(~WRD0000.doc)
`9 MEF9 M`E
Ansi based on Dropped File
(~WRD0000.doc)
`9 u|_3GWu|P0 E|& hLkY0 E`e& t9 `3W9 0 e`Sh|9 0 ]0 7v9 }9 Wu|P`MP(ShP9 Md0 }a7EPPEdPEYYMdEx19 }9 UPRPPMP0 ]& 1t~MSMPEE(Sh`MdE/7EPPEdPEmYYMdE419 }EPPct9 }h" ~tMPE1MS0 ]M@'M0E'Sh`MdE6E0PEdPEYYMdE0M@E@PMEVM@)& uM@'PM03M0'9 =PhvM@'Sh(`MdE
Ansi based on Dropped File
(~WRD0000.doc)
`=```a9aaabAbabbc1cjcccdRd{ddd>eaeRee
Ansi based on Dropped File
(~WRD0000.doc)
`@0 E0 }9 9 9 & DWY& uME9 ECj#Y9 U9 30 EV395 tO= "!uI "!upVMQjMQPx& ug= uPxu0 5 VVjEPjEPV|P 9
Ansi based on Dropped File
(~WRD0000.doc)
``0 HV9 9 PD9 j9 PH^V9 9 F& tPf^t$t$t$qV9 v& tt$jv ^t$t$jqq 33j<99 M>ueuMvMM9 G9 Y:j<r9MueuMuLMMF:9 D$0 A9 A3+t8HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
`BYnYntancossinmodffloorceilatanexp10acosasinloglog10exppow(null)(null)EEE50P( 8PX700WP `h````xpxxxx Complete Object Locator' Class Hierarchy Descriptor' Base Class Array' Base Class Descriptor at ( Type Descriptor'`local static thread guard'`managed vector copy constructor iterator'`vector vbase copy constructor iterator'`vector copy constructor iterator'`dynamic atexit destructor for '`dynamic initializer for '`eh vector vbase copy constructor iterator'`eh vector copy constructor iterator'`managed vector destructor iterator'`managed vector constructor iterator'`placement delete[] closure'`placement delete closure'`omni callsig' delete[] new[]`local vftable constructor closure'`local vftable'`RTTI`EH`udt returning'`copy constructor closure'`eh vector vbase constructor iterator'`eh vector destructor iterator'`eh vector constructor iterator'`virtual displacement map'`vector vbase constructor iterator'`vector destructor iterator'`vector constructor iterator'`scalar deleting destructor'`default constructor closure'`vector deleting destructor'`vbase destructor'`string'`local static guard'`typeof'`vcall'`vbtable'`vftable'^=|=&=<<=>>=%=/=-=+=*=||&&|^~(),>=><=</->*&+---++*->operator[]!===!<<>> delete new__unaligned__restrict__ptr64__clrcall__fastcall__thiscall__stdcall__pascal__cdecl__based(eeeee ee etehe~` ` ```D``eXe^TePeLeHeDe@e4e0e,e(e$e eeeeeeeeedddddddddddddddddddSddxdldXd8ddccc cxcTc4ccbbbbbbbRb|b`b@bbaaSa a\a8aa``~GetProcessWindowStationGetUserObjectInformationAGetLastActivePopupGetActiveWindowMessageBoxAUSER32.DLL EEE& & & 00 P ('8PW 700PP ( `h`hhhxppwpp ((((( H h(((( H H & ! 0 `9 R} " "!a: S~x
Ansi based on Dropped File
(~WRD0000.doc)
`G u_uEju9 u uEjPu9 uu 9 M_^3[Rp9 U9 9 Eet_EtZfuu uuuu ]atAtu uuuuu0u uuuuuwu uuuuun]9 U9 juuuuuuZ]9 VW36Y0 (r_^9 Vhh3Vg& t
Ansi based on Dropped File
(~WRD0000.doc)
`JPVS3v6Qf& FP^STc~>Rn.}N`QURq1P
Ansi based on Dropped File
(~WRD0000.doc)
`JPVS3v6Qf& FP^Tc~>Rn.}N`QURq1P
Ansi based on Dropped File
(~WRD0000.doc)
`L`9 @30 E=}`RhR@5h & uh=@0 tPSzY0 hSE0j
Ansi based on Dropped File
(~WRD0000.doc)
`MTEMd9 c4ED9 0 e\PE\SMdF ;tED9 0 e\P\VMdEED9 0 e\P\ WMdEEPM;PMDE
Ansi based on Dropped File
(~WRD0000.doc)
`S`[U9 9 M& w3k$QeY3$seEPMh,EPE9 U9 9 M& w3QY3 seEPMVh,EPE9 XU9 9 M& w39 PY3seEPMh,EPE9 Ulhzj0 Mh9 }x|9 Vh 9 VhP9 Vh(9 Ia3;0 E@RVPEXP9 Vh MX0 ]a9 MXxWSEPPMXE9M]~VhMX"!;0 ElMXR`Vh"!;RJ9 Ml+HPAQE0PMXzM0E & & 9 0 eDVh9 E0P<D<ERM E PS<E; MEl EPj<E~M; eh9 Za& t0 ]l9 MhEDP& <PEPEDahh9 ME& 9 MhEPE PhEPtME" & & VhMVhhMHEEPMHEEh8MHhMHhMHEPMHhMH9]l M hMHE
Ansi based on Dropped File
(~WRD0000.doc)
`XBXb10 & F9b"!` f t!6K
Ansi based on Dropped File
(~WRD0000.doc)
`}E}EB}E3NpEN`ENPEN<EN,ENENE$ `jD_9 } 9 Mh, o& MQ9 keP9 MM}9 9 Mh Lo9 & 9 ?h30 E& : EPM0 ujh MEMEzPMEP9 /nMQ9 kME3EP9 MEMEMMF;u k3@3_jH^9 9 M3;u3Veg0 E0 ]; @u9 Mk9 ; EP9 fh M0 ]& tHEP9 XjP9 EM]9 W9 9 & h h M}& tAEP9 iP9 ERM]9 9 2& t^h Ph M<& tFEP9 iP9 EM]i9 9 & th8 9 :MM?E9 E;E 3@7^jhAP]9 9 M& u3ee0 E& u9 MMj9 & EP9 xeeh Mk& t=EP9 hMEM&& uM-& t0 MFh| M& t=EP9 }hMEM& uM& t0 Mh` M& t=EP9 @hMEWM`& uM & |0 MhD M& h8 9 k& t@h0 9 "!k& t0MRQ9 g,P9 E!MRE0 9 h$ 9 Yk& t]MSQ9 }gMSEMS& uESP9 <MSE4h M& tW9 x& t&MME9 E;E 3@\MMjX [9 9 M3;u3kc0 E0 ]; Uu9 Mh9 ; 1EP9 0ch M0 ]$& t7EP9 " fMEM& uM;t0 GpMFh| M& t?EP9 MfMEdM & uM~;t0 GtM]h MR& tnh0 9 i;tMQ9 ewxP9 ECM0h 9 0 i;t/MSQ9 eP9 EMS]z9 MMgE9 E;E 3@_ZVq,9 L$V9 @^Q9 L$9 L$~@Q9 L$9 L$}@PQ9 L$o9 L$_@`Q9 L$Q9 L$A@Q9 L$09 L$ @9 L$j<3j<2XMSeEPM9 MPEMEFMM: 3@AYQ9 L$9 L$~@,Q9 L$9 L$}@9 9 9 <Q9 L$W9 L$G@j R2W9 9 ]j9 Th 9 5& t$jhP9 MWeESPaYYM5h 9 & t0jh M#ESPEaaYYMM(V9 9 S@Xj R25W9 9 ]j9 h 9 & & t$jhMeESP"!YYM5h9 Q& t0jh MsESPE"!YYMMxV9 9 @lWj & V9 9 }j9 h8 9 & t-jhHMeEWP8"!MYYMV9 9 s@VxQ9 L$`9 L$P@Q9 L$?9 L$/@9 At9 L$0 3& x9 9 Ap9 L$0 3& x9 A<9 AL9 L9 L$0 S3W9 9\$u3 VShxthtSt$ q_9 ;tb~9 "!& uQ! P9 0& t?^,9 y& u1G,P9 & t"9 \& uW9 & t3@3^_[V9 t$9 h9 F& tjX#h9 1& tjh9 3@^U9 Q9 Mejh|9 49 EX: 9 T$9 9
Ansi based on Dropped File
(~WRD0000.doc)
a!APY S;y9Qi)0 IPUPS+u5Q
Ansi based on Dropped File
(~WRD0000.doc)
a& uf}uuh<hjMNEPMSE(xME"!MM9 3jP
Ansi based on Dropped File
(~WRD0000.doc)
A9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& }j3XZ; 9
Ansi based on Dropped File
(~WRD0000.doc)
A9 0 ueNt}^9 E }N$j
Ansi based on Dropped File
(~WRD0000.doc)
a9 PQ3A9t9 D$V9 && t9 VhP9 ^|$ V9 vt$" F0 9 ^j<(9 0 u 3~P9 0 ]FFdF$FFF F F$l$FXF\ 0 ~~0 ~ 0 ~0 ~0 ~9 (V9 D$tV)Y9 ^9 & t9 PQVjt$9 YYP9 ^Vjt$9 0 YYP9 ^9 ;D$t
Ansi based on Dropped File
(~WRD0000.doc)
A_A& AAAB@BsBBBBCkC"!CC5DDD4EEEFFF& FGRG`GG_H.IIJKKLxLLMNMRMMM=NkN}NNNO<O_O OOO7PeP*QWQ|QQQRRSNSST)TNTqT TTT/URU}UUUUVyVSVVVWLWoW WWX#XVXXXX"YUYxYYZQZ`ZZZ[9[h[[[/\s\\\?]]]] ^;^^^^^^_D__
Ansi based on Dropped File
(~WRD0000.doc)
aB[S(kRWyob g"~<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +<<<<</::<<<<<)<<<<;4<<<&9<<03
Ansi based on Dropped File
(~WRD0000.doc)
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@0 ` y !x@~ @ A[@~QQ^ _j21~,kCh}h}h}h}h} (im0o p}p}@0 x pPSTPDT``?__ (i*kXqTqPqLqHqDq@q8q0q(qqqqppppppppppppppppppppp p|pppdp`p\pPp<p0p . $$$$$$$$$ .5@ ;Zx 0Nm:Yw /Ml &____qq!q_
Ansi based on Dropped File
(~WRD0000.doc)
aC@AIxC@S&B8G 4XR9D&J,qaM).@N0Z!
Ansi based on Dropped File
(~WRD0000.doc)
Accept-Encoding:gzip,0 U.?AVCJobDownloadFile@@,0 U.?AVCJobRequestPost@@U.?AVCLPManager@@U.?AVCVersion@@U.?AVCPicture@@,0 U.?AVCInternationalizationHelper@@U.?AVCChildButtonStatic@@U.?AVCCabExtractor@@,0 U.?AVCRegMonitor@@U.?AVCSingletonLogic@@,0 U.?AVCWindowStyledBorder@@U.?AVCLoggerWnd@@U.?AVCEventLogger@@U.?AVCTranslatedKey@@U.?AVCLanguagePack@@U.?AVCTooltip@@U.?AVCDictionary@@,0 U.?AVCQueue@@U.?AVCListBase@@U.?AVCPriorityQueue@@U.?AVCEventQuerySent@@U.?AVCQueryResult@@U.?AVImage@Gdiplus@@U.?AVBitmap@Gdiplus@@U.?AVCGdiPlusBitmap@@U.?AVCGdiPlusBitmapResource@@U.?AVCListViewCtrl@@,0 N@D,0 U.?AVtype_info@@,0 U.?AVbad_cast@std@@U.?AVbad_typeid@std@@U.?AV__non_rtti_object@std@@,0 us%,0 ,0 U.?AVbad_exception@std@@
Ansi based on Dropped File
(~WRD0000.doc)
Accept-Language:Accept: */*FIf-None-MatchUser-AgentAccept-LanguagePragmano-cacheAccept*/*Content-Typeapplication/x-www-form-urlencodedGET}RIC OyiRIC OyipXMLHttpReq->get_responseStream() failed : hRes=0x%XpXMLHttpReq->get_responseText() failed : hRes=0x%Xget response stream failed.Content-LengthGetResponseHeader(Content-Type) failed : hRes=0x%XpXMLHttpReq->send() failed : hRes=0x%XSetHeaders() failedpXMLHttpReq->open() failed : hRes=0x%XPOSTreturn FALSE (CoCreateInstance() failed : hRes=0x%X)CHttpManager::RequestHelperStart : wStrUrl=%s pwStrInput=%sa'M>: }zCJobDownloadFileexit [%s]broadcasting [%s]posting singleton event [%s]before posting event [%s]Target file exists [%s]Download succeeded [%s].tmpCJobDownloadFile::Process(R'M>: n6ge</EBXML><EBXML>CJobRequestPostafter post - FAILED. Server=%s Form=%safter post. Reply = %sbefore post. Request = %sExit : wStrServer and wStrForm are emptyEnd : m_pQuery==NULLCJobRequestPost::Process|}'M>: mmmxxxmResourceFiles .4gdiplus.dllBINARY.png O)\(?333333?zG?333333?o@EI Pop Up Window Class|8! <} ZYUOY_YY_,((2YYx2mxx$xxxx
Ansi based on Dropped File
(~WRD0000.doc)
ajNtEno}EME0 ~<0 ~@0 MEM0 0 Ew9 KjWYVWhOOWj9 0 9 & t
Ansi based on Dropped File
(~WRD0000.doc)
aKKKKKKKKKKKKK" |L'L2L:LBLJLRL\LdLlLwL
Ansi based on Dropped File
(~WRD0000.doc)
AM#=Tu%5 }E5t}PjEPjhPYSjuuV9 D$u(9 L$9 D$39 9 D$9 9 d$9 9 d$G9 9 \$9 T$9 D$u9 d$9 9 D$r;T$wr;D$vN+D$T$3+D$T$9 9 9 9 9 ^9 U9 SuM=i9 ]C=w9 E9 Xu0 ]}EP9 E%P`nYY& t`EjE]EY
Ansi based on Dropped File
(~WRD0000.doc)
azsS-iv*X oSS C`g"B R$zxskbWn$X}
Ansi based on Dropped File
(~WRD0000.doc)
A}EA}EA}E ANxE& ANhEyANXEmANHEaAN4EUAN$EIANE=AMN1A;jJV9 0 u^9 7eN7N$E7N4E7NHE7NXE7NhE7NxE 7}E! 7}Ex7}Ei7}E
Ansi based on Dropped File
(~WRD0000.doc)
b!n~p #POX a%D%R 0@/ ~gJAR0R1 O N0 :4Q
Ansi based on Dropped File
(~WRD0000.doc)
b&Q|O Cvx)l_D9t NS 8cP: NJ}4w* !!"F"i"}"""A#|####8$[$$$%I%|%%&R&&&','o'" '''(D(j(()7)v)))*,*O*r*" ***#+++,,,,-O-`----*.X.& ...!/P/! /// 0N00 0001d111'2R2& 223F333!4d44%5h556Y6t6 667/7s77&8D8R888,9R9{9994:0 ::;E;S;;;<Q<<<<>=q= =>2>M>p>>>?5?X?{???0@[@@
Ansi based on Dropped File
(~WRD0000.doc)
B(;r3_^[]9 U9 jh EhdPSVW 1E3PEd0 eEh*& tU9 E-PhP& t;9 @$E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
B8uSjuo9 E[]9 U9 SVW39}t$9}t9 u;uTDWWWWW3_^[9 M;t3u9Ew9 }}F0 M0 }9 t9 F0 EE& 9 Nt/9 F& t(R9 ;r9 Wu6>)~>+}O;]rO& tVHY& u}}9 t39 u+WuVx YPta9 ;w9 M+;rP9 })9 EVPm_YYt)E9 FK0 E& E& & A9 EN 9 +3uN 9 Ejh(A39ut)9ut$39u" ;u BVVVVV3u Y0 uuuuu=0 EE9 Eu Y9 U9 SV9 uW3;uzBWWWWWBFt7VV9 V3 PF& }9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
B9 Ej0 G4X_^[9 T$& u39 D$VW9 |$ 9 S3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHBN& f[& t23#3xHBOu_^9 L$9 T$3V#9 " xH39 A0 Qi B0 Q3#3" xH^0 A9 D$9 H9 U9 u0Euu`E]U9 9 MVW9 }& u3@} S9Us9 U)UR" 9 9 kYYYYYYYYYY
Ansi based on Dropped File
(~WRD0000.doc)
BB0B^~j_9 u?3f0 EE9 E9 ]9 Me9 EM0 ]0 Eu& }2~(9 E9 ]9 Mm9 EN0 ]0 E& GZ0 ]0 E& }9 U9 Eu}e9 }e9 U9 9 49 U9 E<;r;sF3;rs3B9 & tA9 E00 U;r;sAM4?0 u9 u0 M 09 CM}0 uEKK`K<5}9 MD ;9u0K;]s9 E;]sCf* XD9 ER9 M_^3[v ;0uK;s9 E;s3f0 f9U@"
Ansi based on Dropped File
(~WRD0000.doc)
BE9 MH0 E;O,u9 O(0 MKL# & u}9 G,;u9 G09 O(;t9 ;s+H9 G,+& uXu0 W4VWF9 W40 E9 G0;s+H9 G,+9 O,0 E;u9 O(9 G0;t9 ;s+H
Ansi based on Dropped File
(~WRD0000.doc)
BF$D59 3.:)C9 9
Ansi based on Dropped File
(~WRD0000.doc)
BfXw _3 _jY0 & ;! $& C^30 & 0 & 0 & 0 & 0 & 0 & tJt6t%+t& & y j_f*u,0 9 [0 & ?-9 & k
Ansi based on Dropped File
(~WRD0000.doc)
BH#0 E9 j9 E0 G 9 E0 G9 E0 F9 E9 +0 NVW0 W4_^[9 Eu0 G 9 E0 GfFhMjF Mu }v
Ansi based on Dropped File
(~WRD0000.doc)
bh1h2 xa& FC r2B,4L
Ansi based on Dropped File
(~WRD0000.doc)
bp0 /pH*Z R0FH N 2Ap0 pH 6Q0(0 !,}:(P:54
Ansi based on Dropped File
(~WRD0000.doc)
C4^1Y@MQ</[8+K&E! %
Ansi based on Dropped File
(~WRD0000.doc)
C9 E9E G9 D@u `C9 +E }0 E& & K` xC 3@;]rK@ P& t`0 P& & u
Ansi based on Dropped File
(~WRD0000.doc)
C;]T *Et9 Et;EPR9 M4M8EMEwM EkME_MESM\EGMXENMEMM#9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
CC& D0 @0 <t<uR@" Yf;& @& h& 8 t)j
Ansi based on Dropped File
(~WRD0000.doc)
cj%b9 0 u eN{M9 abAV9 ^D$tVbY9 ^Vjj9 jj9 _^jaEPeM& t3MMZ9 bbMME& MEuMh9 PVMRM9 E& ME j,8#aeEPh3CM0 ]V& t9 Mjha0 ]M[ME MET& MEp}9 EPhMPVMW9 M& tEPjh+M0 ]E& ME4M]ME9 E$aj,8=`eEP 3CM0 ]p& t9 Mjh(0 ]MuMESMEn ME`9 EPhMPVMq9 M& tEPjh(EM0 ]E MENM]ME79 E>`jW_EPeM& t3MM9 `M ME"!MERuMh9 #PVMM9 EiMEO jc^EPeM& tMMf3n_9 MEP9 MhlMuME3& uMEMM9 Fjc2^EP[eMk& tMM3^9 MEPL9 Mh +MfuME& 3& uMENMM~9 Fjc]EPeM& tMMF3N^9 MEP9 Mh: MuME3& uMEMM9 Fj(]9 eEP3CM0 ]C& t9 Mjh|9 ! 0 ]n9 0 ejhnuEP9 @ME& t9 Mjh|9 AMPM9 MEPM0 ]]8ME,9 E3]j4L\9 EPeM& & EP9 "MEd& & M|EPh<ME Ph MhM}h! MljhM_EP|9 WMEP VMShM+EPWMPVMxhMEPhM PVMPMEMEMEMM[j[0 M9 u& 9 M?& & MW9 Me~WEPME& & M8MET9 F$PhTMPSMF4PhHMPSMt9 MW8}t?j9 0 ejhpMEePSME"!& u9 MjWSMEa~MEMMt3@3ZjPY0 M9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
CLogger::~CLogger--== Logger initiated ==--.log_THREADID.logCLogger::Init#rdf:rdfrdfrssPosted (no title)dc:dateenclosurefeedItemIdlink~itemlanguagettlchannelcreatedtext/htmlapplicationentryhrefrdf:RDFR ~wb..*h~R ~
Ansi based on Dropped File
(~WRD0000.doc)
Conduit Ltd.1>0<U5Digital ID Class 3 - Microsoft Software Validation v210UConduit Ltd.0x0
Ansi based on Dropped File
(~WRD0000.doc)
cT`C! 0 0U00pU i0g0e` H E0V0(+https://www.verisign.com/cps0*+0https://www.verisign.com/rpa0U0m+a0_][0Y0W0Uimage/gif0!00+ }k jH,{.0%#http://logo.verisign.com/vslogo.gif0U%0++04+(0&0$+0 http://ocsp.verisign.com01U*0(0&$" http://crl.verisign.com/pca3.crl0)U"0 010UClass3CA2048-1-550U k&p? -5: 0
Ansi based on Dropped File
(~WRD0000.doc)
CZN@#?$" Y[W0P+
Ansi based on Dropped File
(~WRD0000.doc)
d$ DP\"!TS|<Rl,RLPRUS#r2Qb" BPZ" TCz:Rj*
Ansi based on Dropped File
(~WRD0000.doc)
d$ DP\TS|<Rl,RLPRUS#r2Qb" BPZ TCz:Rj*
Ansi based on Dropped File
(~WRD0000.doc)
d$9 huBY9 HjT"G0 M} 9 }9 Y& & j.9 9 9 "(+PVEP9 ej|9 VMsMEkjVMEX9 MEPE& tYE9 0 eP9 MWEP PMEME1M9 MPM~9 MP! MEMEMEMMFjl4F9 9 u& ~,& F9 0 eP<~W9 T" M=eWEP9 *ME2jMENsMR0 EER\jME89 &e0 E& } u9 e[u9 WP0 E:& tX9 EjjP9 0 E xju9 }Mn& u9 MPBPM9PuMjuME9 E;E| M,& & M]jEPMEPuMGM99 3& ~_VEPMEPEPME~& uMPM"!PuM}MEF;|& ~MMETjM MREaMEhMEMMz3@3Dj<wC9 ML9 M30 ]PV9 ;u9 M0 EjEPV9 uEP9 yMEhME'qM9 PVM; MEPHWMEmPVMuMw& uuMWHPVMME3FMEgM]MM\9 uEP9 ;RME
Ansi based on Dropped File
(~WRD0000.doc)
D$tV/kY9 ^hj9 M`3M0 ]|; <jSjSj<E<;tr9 <;taPV9 9 ;tGMZ;uV9 j : cY9 0 ME;tS3PS0 p5(w<]MMjjH,i0 M9 u& u3@kMejj~WMi9 t#HtHu/9 MWEP7 9 MEP9 uEP9 f(MM3& ij0I~h9 MT3M0 ]1
Ansi based on Dropped File
(~WRD0000.doc)
D$tVEY9 ^V9 Nt^30 F<0 F 0 F$0 F(0 F,0 F40 F00 F80 F@0 FD9 D$0 FH9 ^jiC9 FPM^9 F<30 };t
Ansi based on Dropped File
(~WRD0000.doc)
D$tVY9 ^Vh~9 e^hX9 Y^h9 M^h9 A^hP9 5^h9 )^hX9 ^h9 ^hP9 9 ^h9 ]h 9 ]h9 ]h9 ]hH9 ]h9 ]hp9 ]h9 ]h`9 "!]h`9 ]h(`9 ]h0 9 u]h8}9 i]h}9 ]]h9 Q]h`9 E]h 9 9]h 9 -]hH9 !]h9 ]h9 ]h`9 \h9 \^j.jY9 0 M30 E;tu]9 M9 MPuRj
Ansi based on Dropped File
(~WRD0000.doc)
D0 & *u&0 9 0 & " 9 & k
Ansi based on Dropped File
(~WRD0000.doc)
D0 & f*u&0 9 [0 & 9 & k
Ansi based on Dropped File
(~WRD0000.doc)
D0 & ItWhtFltw& " f>lu0 xl `f6uf~4u 0 8f3uf~2u0 fd fi fo fu fx fX 9 & R& d/ St~At+tY+t+& & 0 " @0 0 & & & 0& & 0u 9 u& 0 9 [0 & u 0 & 9 & } ` QPRYY& tFF& 9|X + + +& 3F& 0 0 0 & StB& & P9 & & & P& PG& }0 f0 & & 0 & 0 F9 0 & t:9 H& t3& 0 t"!+& 0 & P@fYp eRg}itqnt(o& & & taU9 30 V& 0& tf9 & f0 9 & 0 & @&
Ansi based on Dropped File
(~WRD0000.doc)
D0 & z ItU htD lt w& bS ;luC0 8, `<6u {4uCC 0 <3u {2uCC0 <d <i <o <u <x <X & PPG'Y& `& Yt"9 R`C0 R9 jJd wS AtHHtYHHtHH& & " @0 0 & SE& & 0& 0 & 0u
Ansi based on Dropped File
(~WRD0000.doc)
d7CRDh?=8~x~%@X#Hk<>r4pGu 69
Ansi based on Dropped File
(~WRD0000.doc)
d;vmhp9 E0 =x[_^tV9 5dW3;u4kP5hW54 ;u3xt9 5dhk5hhAj54$ 0 F;tjh hW0 F;uvW54L : N0 >0 ~d9 F9 _^9 U9 QQ9 M9 ASV9 qW3C& }9 i 0Dj?0 EZ0 @0 @Juj9 hyh W& u p0 U;wC9 +GAH0 @0 P Iu9 U9 EO0 H0 AJ0 H0 Ad~D3G0 ~`FC` 9 ENCux 9 !P9 _^[9 U9 9 M9 ASV9 uW9 }9 +Q9 iRD0 M9 OI;|99 0 M0 ]}U& E;;9 MI0 M?vj?Y0 M9 _;_uC s9 ML!\Du&9 M!9 ML!Su9 M!Y9 O9 _0 Y9 O9 0 y9 M+M}}9 }9 MOL1?vj?_9 ]0 ]9 [0 Y9 ]0 Y0 K9 Y0 K9 Y;YuW`LML s }u9 9 MDD9 }uO 9 MY O 9 U9 MD20 0 L9 UF0 B0 D2<38/9 ])uN0 K\39 uN0 ]0 K?vj?^E& 9 uN?vj?^9 O;OuB s9 t!\Du#9 M!NL!Su9 M!Y9 ]9 O9 w0 q9 w9 O0 q9 uu0 uN?vj?^9 M9 y0 K0 {0 Y9 K0 Y9 K;KuW`LML s }u9 9 M9DD9 }uN 9 My N 9 E0 0 D3@_^[9 U9 d9 Mkh0 MSI VW}M
Ansi based on Dropped File
(~WRD0000.doc)
d@pH$N$ " " D!R$ZC
Ansi based on Dropped File
(~WRD0000.doc)
dhk9 U+Pr;r3]9 U9 9 M9 AV9 uW9 +y9 iRD0 M9 I0 M& S19 0 U9 V0 U9 U0 ]utJ?vj?Z9 K;KuB s9 L!\Du#9 M!JL!Su9 M!Y9 ]9 S9 [9 MM0 Z9 U9 Z9 R0 S0 M9 J?vj?Z9 ]0 ]& +u9 ]j?0 uK^;v9 M9 J0 M;v9 ;t^9 M9 q;qu; s9 !tDLu!9 M!1K!Lu9 M!q9 M9 q9 I0 N9 M9 q9 I0 N9 u9 ]}u; 9 M9 Y0 N0 ^0 q9 N0 q9 N;Nu``LML s% }u9 9 M 9 DD) }uJ 9 MYJ 9 E0 0 D09 E& & 9
Ansi based on Dropped File
(~WRD0000.doc)
Djh^V>O& u%jh^VO& & FFf> tf9>& h uESuP! & & 9 E9 M0 H9 M0 x0 80 x0 x0 H_^[jhEY330 }j! Y0 ]30 u;5`P9t[9 9 @uH uAFwFP Y& "!P4VYYP9 @tPVbYYF 9 0 }hj8 Y9
Ansi based on Dropped File
(~WRD0000.doc)
dk9 h+LQHQPG^9 E
Ansi based on Dropped File
(~WRD0000.doc)
dMEc9 MEP 9 E9 u0 EEP9 9 }9 9 M9 u#3f> #u9hHSj"!MElMElMM"!l%F0 E& 9 u9 PhSj EPEPEP9 & uhEPZ9 & 9 @& jhxthtjP_9 & u
Ansi based on Dropped File
(~WRD0000.doc)
DR}c 3F 0^2 P C0R$ ! [Ab8 K 19& 'D`1x<aD&k-*Dd 9 aP@F #@ $pa2$H ;SAFha &L >&C,=pwpaR 0hRA
Ansi based on Dropped File
(~WRD0000.doc)
DW9 0 E EPWEP9 EPWEP9 nEPEPWEP9 =WEP9 W9 9 9 M9 j9 MMVjto'9 39~ z9 Ee Tf 7hto Wqvrt.s& D9 ;u}9 ; PsM :M0 ]xE9 EP9 & "!9 M9 ~xEP9 E& t3;" M PEPQMh;u0jPMZ! ME89 MQMQj9 EME MEBME6M]+MM 95.r;t%P9 lS;tP9 Xj9 A8t-9 VB9 0jsD9 N& t9 F9 PQf^j" '9 9 }& u3S9 & t9 ;EuMl}eWM& t9 jW9 t9 jMM>}3@EV9 9 & u3+9 ;D$ut$9 t$j|$t9 3@^Vt$9 fv9 ^j<2MY8eEPM 99 MPE6! ME~9 Mx& t3MM(89 R9 Mh! 3FV9 D$tV}Y9 ^OjRf9 hqY9 0 Me& ta(3M& t
Ansi based on Dropped File
(~WRD0000.doc)
d}& Hpu 0 9 F;ht9 F9
Ansi based on Dropped File
(~WRD0000.doc)
d}& Hpu}R0 F9 F@puHpF
Ansi based on Dropped File
(~WRD0000.doc)
E PN,Q40 9 9 P<u}Qu9 9 E& |0 FpM9 B& uTE~PP9 Qh9 Q P9 Q^@W9 [Qh9 Qh9 QWN`:QhhPj
Ansi based on Dropped File
(~WRD0000.doc)
e! P}Ls69 ! 0 ! P}EQ6! P}E;69 ! $0 $9 ! (0 (9 j19 0 uL}E"!,}E`,}E{,M9 kzV9 T9 ^Tj.xh,& : Y9 0 M30 E;th-UPjDd1D9 M\EP(j3hM0 u1MEG#PhM$MVjEPMEWM>9 ;u;MEME +MM +9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
e%& EP]: TS}=Rm-
Ansi based on Dropped File
(~WRD0000.doc)
e%& EP]aTS}=Rm-
Ansi based on Dropped File
(~WRD0000.doc)
E*GE`B:}9 M$9 9 0 9 : ]<+t0 <-t& `}0 u0 uu&M`B:t<9}sE*GM`B:}*0 u<! nj~J0 M` 1 wj! +t HHt& ;j MjY@jo0 u`B:t,1<vJ(` 1 v:} tG+J0 MtHHt9 }9 E0 jX9Ev }|EOE0 E} Yj
Ansi based on Dropped File
(~WRD0000.doc)
E0:+_L.X)AzT&.*\ !R8 C ;H MS Shell Dlg PMv7 OKPj
Ansi based on Dropped File
(~WRD0000.doc)
E1F9 F0 E9Uu9 M9 0 9 `9 O9 0 Mw; 0 UE}~M9 W#U9 M#Elf0f9v9 Mm9 EFMf}0 E0 M}f}|Q9 W#U9 M#E[lfv1F` ft Fu0H;Et` 9u :@}~uj0V u9 E 8u9 }4 $p9 9 WFk3%#+ESYx;r+F
Ansi based on Dropped File
(~WRD0000.doc)
E9 M0 3uU9 QVEPu9 uYY& u!EPuYY& u9 M9 U0
Ansi based on Dropped File
(~WRD0000.doc)
e9 u;5lw"jx}YeV Y0 EE9 EjsY9 U9 V9 u! SW9 =$ =4uVjNThAYY|u& t9 3@PuVSY& u& uFVj549 & u.j^9Stu7Y& t9 u{PR0 0IR0 0_9 [V7Y5R3^]hd59 D$0 l$l$+SVW 1E3P0 eu9 EE0 EEd9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
e?E~SSV9 E9 @9 @9 p& ~39 E0 E9 Mq9 P9 GEP_& u
Ansi based on Dropped File
(~WRD0000.doc)
E@PMGPML>PSMd`& t}@u9 MpE0P!M EMLEM0E E`9 E`;EHRM\E=MdE#MEaMEUMEIME=M0 }29 Md0
Ansi based on Dropped File
(~WRD0000.doc)
E]EP Y& t
Ansi based on Dropped File
(~WRD0000.doc)
e`Z9 u9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
EDP9 MDEk,& M*EP9 0 exWhE
Ansi based on Dropped File
(~WRD0000.doc)
EdR9 & uMEKMM9 hh 9 " & t$MQ9 9 MPE@ME9 M
Ansi based on Dropped File
(~WRD0000.doc)
eFjPYY9 *9 E0 e0 E@jPE& Y0 EY)9 }9 u9 ]}vr9 GGuPFPSjj9 Fu9 0 _0 w}9 M3Vj!VVw U9 QVW9 }9 9~sR9 F+;Es0 E}vP9 NSVr9 0 ]0 Ur9 9 ]+P0 U9 UBP9 E+QxP9 F+P9 [_9 ^jk 9 0 }9 uv9 u'3j9 [9 O0 Mm9 U;s+;w4
Ansi based on Dropped File
(~WRD0000.doc)
eFjPYY9 *9 E0 e0 E@jPEY0 EY#+9 }9 u9 ]}vr9 GGuPFPSjj9 *u9 0 _0 wCt9 M3VjVV" t$9 L$e3& S`jj VW9 |$9 v" 9~s
Ansi based on Dropped File
(~WRD0000.doc)
eM& t3MMy%9 : MMEME7M9 PVM]M9 EMESjLaEP eM& & t3MM$9 aMaMEM9 sjuMEPVMyM9 ESMEU" j$)"!9 }u
Ansi based on Dropped File
(~WRD0000.doc)
eME ]EPMN=PMPEdME_]SEPPE0PM`; >& xPM->MhE"kxE TMP9 xTWPMhxo;t.MPbTP@9 ;thTW<;tW8VTVX9 Mt;t9 jMhEjxE\M`EMEME
Ansi based on Dropped File
(~WRD0000.doc)
EP9 iuEP9 H0 E}tt9 ZPh.SjoWM4& 9 XZPhX.SjF9 0 et*W!lME5WEPM50 E& u0 e9 EPkM5ME0 bMEME529 YPh$.Sjh 0 EE& j9 jJU9 0 }MMEN& tOj9 0 eWTkE9 0 ePE?kME3E9 0 eP"kMF40 E-WEPM40 E& uE9 0 ePjM4MEIe9 } POEh9 0 GD PO$hj8tRY0 EE& t$sY0 EE& tj9 U39 M9 9 EO(0 G49 E0 G,Et)KXPh-Sj99 & tQW9 )G"XPh-SjW9 Tv$& tWj5(v$9 j9 9 MWPh-SjMM&_jaz9 0 uu"e}.W9 EV9 Eu 9 E0 ~g9 ja9 0 u. 9 E& t9 j'9 & t9 j'}E`_}E{_M9 zjb" 9 39x j8" Y0 E0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
EPEPs9 N$9 Fhj"!_9^\t+9 9 } u+Q9 _^[S9 \$VW39 ;u3: 9 S& tt$9 D$W0 F09 D$Pv(0 ^4v$9 WWh WN0 F,}&Ph 9 hWWWWjP0 F h9 9 9 R9 N8;tv,vp9 9 Pp9 9 Pl9 3@_^[y`u9 jjV9 ol& t2W9 |$tu9 9 Pl~`tjj9 ! Wv0 _^U9 QQVEP9 9 M9 U ;u; tR0 Q9 0 P R9 6^9 D$;Adu
Ansi based on Dropped File
(~WRD0000.doc)
EPEPw.YYME>v9 NPWWjoEPak9 NPWWjlEP`k9 NPk9 NPWWjkEPrk9 NPWWjjEPbktE9 .MEuMEuMEuM0 ]u3@U9 QQSVW9 =49 3+FT=v8EP 9 & t/9 NPjuuk9 NP9 & t9 jfP0 FT3& " _^[j7)s9 9 u& u3uj|ml~0oucj gY9 0 M30 u;tV@/3P@oV)j <Y9 0 ME& tj\/3P0 pj5(wD3@3V9 xD$tVY9 ^Ajv)9 0 u=3j
Ansi based on Dropped File
(~WRD0000.doc)
EPM u9 E9 MPR uMVvMM9 9 E9 I0 0 H^1YVW9 w9 p{9 0 @9 g0 9 6_0 v^VW9 w9 p9 0 @9 g0 9 6_0 v^U9 QVQ0 e0 eu9 9 ^Vt$9 u49 ^4qV9 4qD$tVIY9 ^jP,0 Mh xSjB>}& x9 u& M eM ME 9 MEP9 Ey9 u0 EEP9 9 }9 Y9 M#u>hSj=MEL0 ME@0 MM40 3<EPEPEP9 & tEPEP9 r9 FVPMEPM t9 F9 VPM9 E0 E9 E0 E9 FVPMEPM t
Ansi based on Dropped File
(~WRD0000.doc)
EPME9 EE& t9 3Pjs09 9 & t49 9 uSP$9 E9 UR9 uSPQH9 9 SPEP9 ME& t9 E9 PQ9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
EPMEME%uTuXSh 6w6M]: MMyj,&y9 MaeME.& t`PvM1>MMFyhx0 M39Y(& MM0 ]b; ,TSSSjj,Ev,; & j9 0 M;tq`Y3;0 E~S9 MWP}9 ;t>VM";t1SM9 EpFjP$VMEhME(G;}|SyYPMl,]MM@xjH@w9 9 M3;tj9 ;t_MM0 ]~VMECM;t$;tSMSjdwwM]uMMxjk8w9 utj >qYY9 0 Me& tj3Pj5(vwj,&vM:9 Me!& uuMu9 M& uuMuMMnwj .! v9 M33;u3 M9 0 u& }S9 MV~& MQ9 / PME! MEM1hTM& t@h@Mk& t*hDRMU& thM?& tF;RdMM|9 vj|xu9 9 M& i9 & ZEP9 }ehM& *h9 P9 Y& & x0 EPxEh`REP9 E& hEP9 E& EPEPEP9 Etohx9 w & t_MhEP9 E: }EPj nYY0 EE& tj9 #3Pj5(wME1ME%MEME
Ansi based on Dropped File
(~WRD0000.doc)
EPMEuM9 ]; ww6M3ME0 E;uSh'yj5MR
Ansi based on Dropped File
(~WRD0000.doc)
EPMEX& t!SEXPE09 0 e\P0 }X]M`l(ME_TMEST@E2M0E8TEPMSE9 0 e\PEm]M`E'EPMjSE9 0 e\PEC]M`'EDPMMTE
Ansi based on Dropped File
(~WRD0000.doc)
EPPPEPu0MMMq43'0U9 VStVu|YY& t8Vu|YY& t)9 EH& t39 U0
Ansi based on Dropped File
(~WRD0000.doc)
EPv0 EY3} 9Euj 9EtPY30 Et
Ansi based on Dropped File
(~WRD0000.doc)
EPWWuEPME0 }9 E9 M0 MMEMEsEPu9 Lu9 EWWMQu0 E9 9 Ppuu9 u9 u9 [HtCtCtuuMMHR3! EjyVD9 0 u,
Ansi based on Dropped File
(~WRD0000.doc)
EPY9 M39 U9 4 30 E9 E9 M0 E9 ES0 E9 V0 E9 EW30 M0 }0 };E _9 5MQP9 & t^}uXEPu& tK}uE9 uEuu~9 YF;~[wSD6=w/?9 ;t8-WWuuju9 ;u3PHY;t0 E0 }9}t6PWuvVuuuju& t9 ];tWWuSVuWu & t`0 ][9 9}uWWWWVuWu9 ;t<VjGYY0 E;t+WWVPVuWu;uuY0 }}t9 M0 uY9 Ee_^[9 M3<jhF)30 ]j~ Y0 ]j_0 };=`}W9 P9tD9 @tPYtE|(P9 P P4YP0 G~E9 Ej? Y9 U9 }u3]9 U9 MMtf& tf;uAABB
Ansi based on Dropped File
(~WRD0000.doc)
ESP9 aMEM03F<9 |$u3jt$St9 L$& t0 3@U9 S3W9 9]u3MVSSjSjh u9 0 ut*;t&EPV9 0 E;t9 E;uVX3^_[0 E@P0 E30 ]s9 Y;uuuSVSEPuV=9]tE}9]u$9 EPV9 YY;tu>SPwSEPu>Puh& uuXu9 MV>& 5V
Ansi based on Dropped File
(~WRD0000.doc)
EtVY9 ^]9 U9 V9 VEtVY9 ^]9 U9 V9 VEtVyY9 ^]9 U9 V9 uW3;u3e9}uvj^0 0WWWWW9 E9}t9urVuu0uWu9}t9us: vj"Y0 9 jX_^]9 U9 9 EVW3;tG9}uqvj^0 0WWWWW9 )9}t9EsLvj"Y0 9 Puu3_^]9 U9 9 Ef9 @@f& u+EH]9 L$t$` tNu$$9 ~3t9 A t2 t$ttA9 L$+A9 L$+A9 L$+A9 L$+9 U9 9 El]9 U9 ( 30 ESjL& jP& 0 & (& 00 & ,0 & 0 0 " 0 0 0 fR" fRfRfR& fRfRS& 9 EM& 00 & 0 9 I0 & & 0 & 8 j9 < & (P@ & u& ujtYh P 9 M3[)9 U9 5l [Y& t]jvtY]3PPPPP9 U9 9 EVWjY(V}0 E9 E_0 E^& ttE@"!EPuuu4 5$[Y& tj:ujjus9 9 P9 +B9 R& t++9 U9 Q9 @S9 XV3W9 x& v'9 9 M0 E9 ;tDQP+YY& t1F;r3_^[9 @u9 9 M;tQP*YY& tF;r9 E9 U9 9 P3& |9 9 U9 V9 p2^9 ]9 U9 9 @MS9 X3VW9 x0 M0 M0 M0 M; 9 E9 4! +E;Ev29 9 M;tQP_*YY& u9 E& uP9 E0 E9 F0 u0 E9 9 M;tQP-*YY& uuFGY;Eu
Ansi based on Dropped File
(~WRD0000.doc)
eu uvHMXB 9;5SM]=];9 ~ Z] TR7a9 Z9 %]0 g" '] nL: `R`%u?q=
Ansi based on Dropped File
(~WRD0000.doc)
EVPx>YY9 M_^3[ 39 9 A@tyt$Ix9 QPxYYu9 U9 V9 9 M`EM>t}^]9 U9 G@SV9 9 t2u,9 E+`M9 }C>u&& 8*u9 ?d}^[]9 U9 x 30 ES9 ]V9 u3W9 }u0 0 0 & 0 & 0 & 0 & 0 & 0 & 0 & %& u5~ 3PPPPP@ t
Ansi based on Dropped File
(~WRD0000.doc)
ExB0T\E#R<~}
Ansi based on Dropped File
(~WRD0000.doc)
E~,P9 9]tu0 ]EPEP9 ~& uEP9 aEPEP9 Z9 =h 9]tuEPEP}5& uE}P@~
Ansi based on Dropped File
(~WRD0000.doc)
E~<9 Ejh|9 ME`REP9 E}9 j%9 Pe9 & ~.9 ju9 0 E}P9 E9 E9 S9E|9 M30 ^8`& }! 9 MS{}P9 & tIM~& uRj=Y0 EE& tMQ9 /9 3jMEx}WN$9 MS}PM9 MC;RyM~& u;jY0 EE& tMQ9 }9 3jME}WN$!ME@& MM4& 9 <V9 N$! 9 L$;~t$0 N89 z3^j|_A,9 eM{EPu9 E& u$3ME MM 9 u~$9 D& t9 j9 E9 0 ePEPxMSE9 ue9 & }M/{EPxEjY9 0 ME& tEPu3PV9 EF}t8C9E}0jEY9 0 ME& tEP73PV9 EFMEE9]R_xE" 3FVjXt$9 f0 0 F& u9D$t
Ansi based on Dropped File
(~WRD0000.doc)
F :t@ OR2X5k`sPQq}`!";5#NS(sh6.uR:(RSx! SMu0
Ansi based on Dropped File
(~WRD0000.doc)
F T>0 ~(9~$uF$d>jjv(V 0 F;uj0 x9 F0 x9 F@9 F@9 F9 @h %B=PV49 N0 A9 FV9xu'YY3_^U9 Q9 Ettt
Ansi based on Dropped File
(~WRD0000.doc)
F"tf 9 N0 0 F9 FfeSj[0 Fu, ;t @;u
Ansi based on Dropped File
(~WRD0000.doc)
F$9 hHWj
Ansi based on Dropped File
(~WRD0000.doc)
f& tf;t+ }t9 Map_^[9 U9 V3W95Tu39u 9 };uo\VVVVV`9 U;tfArfZw fArfZw GGBBMt
Ansi based on Dropped File
(~WRD0000.doc)
f& uW;t0+9 W& VPh3f0 =& PSo3f0 & & tS& WPpcV& WP& P _uj& PX 9 M^3[NU$,T 30 & S9 VW9 t$ 99 F9 ;tEt6<Y9 N;x};x}P6Y9 9x|<PdYY0 ~EPS69 & 6NY }t3& ~
Ansi based on Dropped File
(~WRD0000.doc)
f0 @@BBf;t&Ku!
Ansi based on Dropped File
(~WRD0000.doc)
f0 @@BBf;tKtMu9}u3f0 ;& t3}u9 MjPf0 DNX^f0 Vj"Y0 9 d9 U9 VWuM9 E9 u3;t0 0;u,rVWWWWW }t9 E`p39}t}|}$9 MS`0 }~~EPjP-9 M9 B& t`G -uM +u`G9 E& RK B$9& u* 0tE
Ansi based on Dropped File
(~WRD0000.doc)
f0 CCC0S3@f;& x3@f0 ;u& t@uhtqQf& tu& u;hlq
Ansi based on Dropped File
(~WRD0000.doc)
f0 F3f0 F9 j
Ansi based on Dropped File
(~WRD0000.doc)
f0 V3f0 V"!j
Ansi based on Dropped File
(~WRD0000.doc)
f0.hMH9 T$B9 J3e\hM%9 T$B9 J3e9 `3egM9 T$B9 J3 e9 `3`egMM9 T$B9 J3_e gM9 T$B9 J3<e]gM 9 T$B9 J3e@:gMT9 T$B9 J3dlg9 M:9 M&9 M$9 M49 MH9 MX9 T$B9 J3Sdf9 M99 T$B9 J3ydaf9 M99 MujY9 T$B9 J3Ad( bf9 Mj99 Mq9 T$B9 J3d\ 4f9 M=9 M,9 Mhy`9 M9 M9 MO`9 MP9 M `9 M%`9 Mn9 MD`9 M|0 9 M9 T$B9 J3Nc oeM0 uiY9 T$B9 J3!c!BeuiY9 T$B9 J3bH!euxiYM-M%9 T$B9 J3b !dM9 T$B9 J3b!du iYuiY9 T$B9 J3ub! d9 Mx9 M,=9 Mh9 M$9 M9 M9 MP9 M 9 M! 9 M9 MDk9 M|]9 MA 9 M3 9 T$B9 J3a"cM(MMG9 T$B9 J3oa9 J3ea" cM(MM9 M9 T$B9 J3*a"Kc9 ML,9 M$Z9 M4O9 MA9 M39 T$B9 J3`#b9 M+9 M$9 M49 M9 M9 M9 T$B9 J3r`h# bM9 T$B9 J3O`#pbufY9 T$B9 J3*`#KbM.s9 T$B9 J3`$(b9 M!9 T$B9 J3_H$bM,9 T$B9 J3_t$aM$2fY9 T$B9 `3}_9 J3 _$aMM9 MM9 T$B9 J3I_$ja9 M 9 T$B9 J3&_%GaM,aMY9 T$B9 J3^L%aMq9 T$B9 J3^x%`Mq9 T$B9 J3^%`M d9 T$B9 J3 ^%`M qMM9 T$B9 J3_^& `9 M)9 M<9 ML 9 M\y9 Mk9 M]9 T$B9 J3]0& `M,:9 T$B9 J3]R&_M9 T$B9 J3]&_Mhx9 T$B9 J 3 ]&_9 M)#9 MMq9 T$B9 J3]] '~_9 M"9 M`9 T$B9 J3,]T'M_M0p9 T$B9 J3] '*_MD9 T$B9 J3\'_M!M9 T$B9 J3\'^MM2MMM9 T$B9 J3x\("!^M\9 T$B9 J3U\X(v^MTMM 9 T$B9 J3"\ (C^M]M,2MMM: M=M59 T$B9 J3[(]Mf2M
Ansi based on Dropped File
(~WRD0000.doc)
f5fXf~fffQgggh2hUh hhieiiiijHjyjjjkFkikakkkl3lVl! llu" "
Ansi based on Dropped File
(~WRD0000.doc)
F61 FCA;GIF89a? : x " {Sx"!: a"!!?,xpH,`hV:FC ``2xG$y (SY ! a@"
Ansi based on Dropped File
(~WRD0000.doc)
F61 HA;GIF89a? a {S x"! S: x : "! !?,xpH,kac1Z y"@ aH@l
Ansi based on Dropped File
(~WRD0000.doc)
f8t33@t$t$9 & t3& " I9 & t3@t$t$ YYt$9 AP9 D$p6t$9 z& t3& " I9 & t3@9 It$QYYt$@t$R@t$a@V9 W9 ~& u_^GGP<"!Y& u;~t9 F9 V9 ++BRWP_9 ^: S9 V9 s& t>W3f& t2PY& t& u9 3FFf& u& t3f0 _^9 [S_^[V9 ~t
Ansi based on Dropped File
(~WRD0000.doc)
f9 0 fttjfTtdfft^fFtXf, f[ujY9 0 ME;thM_f{& j8Y9 0 ME;t?6jY;t00 x $9 #j Y9 0 ME;t9 M9 VS9 P& t9 MW9 E9 9 j9 f]& E9 ED$V9 #tVY9 ^V9 RD$tVY9 ^V9 D$tVY9 ^V9 #D$tVY9 ^j.9 j8: Y9 0 M30 u;t 9 MV9 9 3jRN9 9 }9 & uaEP3W0 uYY;tLu9 Rf{uCj8&Y9 0 M0 u;t$9 9 MMQW9 P9 & u79 j9 3f[ujY9 0 ME;t59 K& t9 j0 s9 V9 #D$tV0 Y9 ^j/\l9 9 M 9 }0 E9r3@30 u0 u3WuYY; 79 MZ~f"uqj.Y9 0 M0 u;tA9 9 MWu9 P& 9 ~MQ9 P3@}0 Eu9 K0 E& t9 P0 s0 sMM{ #f: f[u/9u "jY9 0 ME; f{u/9u j8oY9 0 ME; e f-tof0rf9vcfttAfTt;fft5fFt/fnt
Ansi based on Dropped File
(~WRD0000.doc)
f9 ^t$0 F& uh j<_a9 0 }30 ]9@tMMEu3Mjh(M{MElEP9 EMM}m& uh(M|MVlPM|Mdm& u+hp(M|M,lPM |h9 M`|EPM}SSSS9 EkP 9 ;u83MEztMEntM]ctMMWt9
Ansi based on Dropped File
(~WRD0000.doc)
f9 Af#E0 E@uMj9 EppEPjEPEjPS& u!E }t9 E`pEM#9 U9 Qf9Eu3f9EsE9
Ansi based on Dropped File
(~WRD0000.doc)
f; " 09 f;rf; v]9 U9 uMVE9 M`U Tu}t9 M9 0 A#E3& t3@ }t9 Map9 U9 jjuja]9 U9 30 ESV3W9 9u8SS3GWhhS& t0 =Pxu
Ansi based on Dropped File
(~WRD0000.doc)
f; 9 f;r+
Ansi based on Dropped File
(~WRD0000.doc)
f; 9 f;rs
Ansi based on Dropped File
(~WRD0000.doc)
f; ef9 f;
Ansi based on Dropped File
(~WRD0000.doc)
f; P9 f; 9
Ansi based on Dropped File
(~WRD0000.doc)
f; P9 f;r]*f; @9 f;rC
Ansi based on Dropped File
(~WRD0000.doc)
F;7|judYYh WM7h DEP9 ucsm9>& ~& ~9 F;t=! t=" & e9 } EPEPuu W! 9 9 E;E 9 E9;G|9 G0 E9 G0 E& ~l9 F9 @X9 0 E& ~#v9 Pu0 E& uM9EME}(u$9 ]u EuuuuV9 uK9 uE]9 } }t
Ansi based on Dropped File
(~WRD0000.doc)
f;f;f;! " ?f;w30 u0 u0 u3f;uGEu9uu9uu3f0 Ef;uG@u9pu90t!uuE9 M9 U0 U& ~UL
Ansi based on Dropped File
(~WRD0000.doc)
f;r9 f; C
Ansi based on Dropped File
(~WRD0000.doc)
f;rf9 f; [
Ansi based on Dropped File
(~WRD0000.doc)
f;s+]9 f; s
Ansi based on Dropped File
(~WRD0000.doc)
f;tf;t+Vuuuw_^]9 U9 9 UV9 uWf& tBBFF+t_^& }]~3@]9 U9 SVuM
Ansi based on Dropped File
(~WRD0000.doc)
F=7!!3FCA;GIF89ax0 | ]lr9 r }x! p ia ~" v`B0 St~q}WmV gT x{u " pQ a p{R g s " !x, x & ! 0 5We
Ansi based on Dropped File
(~WRD0000.doc)
F=7!!3HA;GIF89a? : x " {Sx"!: a"!!?,xpH,; cYUD ND )|> vc2<Ng!X 0 40?y9 0?-9 >6?4)?#?8
Ansi based on Dropped File
(~WRD0000.doc)
F@u^VLYtt9 9 9 A$u tt9 9 @$ & g3; ]`0 & 0 & 0 & 0 & " P
Ansi based on Dropped File
(~WRD0000.doc)
FfxtfXtE.E}u!VO" Y& ufxtfXuGG7GG3u0 U9 V!" Yu)jAXf;wfZvFxfw1Fxfw ;EsM9]r)u;Ev"M}u$9 EOOu"}t9 }e]9 MM0 M7GGuu=t} w& u+9uv&LE"tMEjX" 0 E9 E^& t0 8Et] }t9 E`p9 E_[9 U9 3Puuu9TuhPP]B[$d$3`D$S9 9 T$t`
Ansi based on Dropped File
(~WRD0000.doc)
FHPN9 WWPMM 3@ j^^)9 uF,PM=e~Hu@ MM?9 uN9 P3|$u@ *9 L$`& tt$9 t$& %@ j,&x9 u& u@ 7f>tW *MeMd9MMf0 F3-V9 t$& u@ A~u69 f8u.& t9 3f9Q" 9 Q9 %@ W ^j,&9 u& u@ 7f>tW *M)eMwMMf0 F3V9 t$& u@ A~u69 f8u.<& t9 3f9Q" 9 Q9 & %@ W ^j,&CM ejuMWuMuXMM}3j,MNeMMM?3j,&Mu3uM0 u,;uFMM9 kj<- 9 9 FH3;tP& u+9 FH;tPWWWWWWWWWh~hW 0 FH9 ]EP9 pM0 }xG& tMMN9 9 { 0 EF(PM0 }jh aMET9 E& tuW& tjWMEPM*GWMbPMM0 EE0 EEPvHjJu& u ME=NME3G:xWMEPMFWMOE~P9 9 F9 }& t<W& t1;}t,M@M0 E1E0 EEPvHjJW& kNEPEP}& uE~P9 8EPEP9 m& tY9 }& tRW& tG;}tBh0MDPMFMM0 ED0 EEPvHjJW& MEMME& 3jLO-2h xVjK9 }& uhVj4@ shVjW M/9 e9 X9 xMiCME]CEPEPWMEY& thMD& u\MD& uPW;u6h`VjjEPEPMjj5pMdXShVjaMEKMEKMM|3jt`-9 u3;u
Ansi based on Dropped File
(~WRD0000.doc)
fI@``|p! t@ T$G@.textjfh `.rdataN l@@.dataRp*T@.rsrc}~@@.relocN`@Bjt$t$z@U9 QQ9 EHu9 EM"!MU3@U9 ,MjjM0M3U9 PMM7MEPM3M,& t)EPM2PM;M#4EPMg4VM<(3& uVMR)M&& uVM#'VVM>0EPM0 uj:PM1M3M3MT3^U9 30 E9 ES9 ]#V9 uW0 EEPh! @& & t PEPVYY& tjY& t9 9 |9 3& u 9 SuV9 9 VP9 9 M_^3[="!uVSa9 <& t9 N^39"!" U9 ,MdMSMf3Vj9 _D0 9 ^j}9 0 }D0 e9 & tem&M9 -_sUpjX
Ansi based on Dropped File
(~WRD0000.doc)
FL0 M(uv(V$9 E(YY_[^9 D$9 D$9 D$59 D$E3U9 9 U9 SV0 E9 BW9 }9 O49 _ 9 w0 E9 G00 M;s+H9 G,+0 E9 E9 & 40 E9 E9 & 40 E9 EM9 Er9 E9 M#0 M& @& =9 4#H0 M& H `H+9 Mt0 M9 4#H0 M9 M+9 EM9 Er9 E9 M#0 MHH+-E@& ^9 M9 4#H0 MH0 M+E0 ]te9 MM9 ]E;ur9 M9 4#]mX9 E)E+9 M9 +9 _(;s\9 O,+;r9 O,+0 M9Mv$)M9 M`A@Mu9 G(`A@Mu9 ]T`9 MA@`A@m`A@Mu`A@`A@m`A@MuH`@+9 MAM0 ]}0 Mr
Ansi based on Dropped File
(~WRD0000.doc)
fN& : 9u jY;tN$9 D9utijY;t3 $0 p9utMj Y9 0 ME;tD9 M9 Wu9 P& t0 s9 E9 79 EM39 j9 f}uEf,ujs\?9 0 u3N(0 ]${~D9 E0 ^<0 ^@INdE9 E0 F$9 j9 EP0 ^8 0 ^`9 j\9 0 u$NdENDE.N(E` M9 _j\zqDEP9 eDu& t7j8iY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
FP-YV0 ^@R Y0 _|9 ^_][9 D$"!j h RP/9 U9 9 Ef9 fff0 M9 f0 E9 Ef0 Mf9 ff0 M9 f0 E3f0 EEPE?Pf0 M\ 9 E9 US9 \$3V9 N}80 0 <0 @;t"WSMt9 GWiSWP0 < _9 ^[VW9 <9 & tPRpY&@9 & tPvpY&_^SVWt$9 DSW~Ws FBf\tf/thSW(_^3[U$ 30 & S9 V9 W9 0 }R19 ;X&tPYO;x8uth0WV 3uE9 9 @0 3f0 F0 0 0 0 0 0 0 $0 (0 ,9 ;X}P+7`Y9 9X|3PPPPSQPEP7EPEPEP7 4& t
Ansi based on Dropped File
(~WRD0000.doc)
fR fR|fR%xfR-tS9 ES9 EE9 & S 0 & 0 & 8 jYj< hV@ =uj Yh P 9 U9 V5T 9 5t & t!P tP5T & t9 'VV0& uV{Y& thVP<& tu0 E9 E^]j! Y9 U9 V5T 9 5t & t!P tP5T & t9 'VV0& uVY& thWP<& tu0 E9 E^]x 9 U9 u5T t ]P 9 V5T t 9 & u5EY9 V5T p 9 ^9 U9 uu5Y]P tP5Y
Ansi based on Dropped File
(~WRD0000.doc)
FtE9 O9 I9 9 @tE$ }t, t(uG}Yt9Eu70 }0 EFu0 uE9] }t9 E& u}t9 E& u3_^[jh@[9 u& u3 e9 9 9 9 @+u+9 H9 IuuuYYVuWuGH& tWY0 EE 30 E9EthlVMh?EP9 E9 9 3= 9 9 eehHVMh ?9 U9 V Y9 pxxY9 M0 Hx9 ^]9 T$9 L$& ti3`D$ ur=tEsW9 r1t+u9 9 9 t& t
Ansi based on Dropped File
(~WRD0000.doc)
function myInjectedOnClickFromAlert()execCommand\")()""about:blank#EBCmd(border:solid 1px #d5d5d5background-color:#FFFFFE;pushNotificationsNotificationsCAlertHTMLDialogBrowserContainer::CallPushNotificationspushHtmlNotificationCAlertHTMLDialogBrowserContainer::CallPushHtmlNotificationcheckboxdefaultValuecheckboxTextnotificationUrlnotificationTypeintervallogoUrlnotificationTitleitemIdfeedIdalertIdinitialNotificationinstantsampleinitialpublisheronLinkNavigationCAlertHTMLDialogBrowserContainer::OnNavigationStoppedbClicked = %sh ,!bGotAlertChannelId!pAlert!pAlertItemempty mapParams errorCAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialoguiParamsCount != 4Error retrieving notification id!ParseParameters!pInstantAlertError finding notificationCAlertHTMLDialogBrowserContainer::OnApiExecCommandfirst navigationStop navigation!about:blankiframe unblockedpWebBrowser == m_pWebBrowserCAlertHTMLDialogBrowserContainer::ShouldStopNavigationinvalid map/set<T> iteratorCAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigationuiParamsCount != 2InstantAlert - no need to mark readNotification id: %sInitial notificationCAlertHTMLDialogBrowserContainer::OnApiOnMessageReadCAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigationuiParamsCount != 3SHOW_ALERTS_FROM_THIS_FEEDDONT_SHOW_ALERTS_FROM_THIS_FEED!GetNotificationIdIs check box checked: %sCAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValue0 k $ , , 0 v =0 9R0 dx0 d 0 l F% 0 xmb /O- xw: l0 8 X0 PD0 M %nv00 Z ~ ~oh~h~A0 /"! ~h~p~Yh~ ~0 W1h~h~h~h~h~h~xFh~h~ ~ ~a ~ ~ ffxO E" x &xMr d 7 aa)CAlertHTMLDialogBrowserContainer::PushNotificationsCAlertHTMLDialogBrowserContainer::AddAlertIgnored notificationsetCheckBoxValueonStartDragopenAppunblockFrameNavigationblockFrameNavigationsendUsageopenAboutDialogopenSettingsDialogonMessageReadshowMeonReadyCommunity Alerts ; `alertInfoRequestXml=alertLoginRequestXml=alertTranslationRequestXml=alertUsageRequestXml=T`Q'M>: SmmYxxms9NotificationsHtmlDialogsAppFromNotificationIdleModeAlertALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIPALLP_STR_ID_ALERT_POP_UP_WINDOW_OFALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGSALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_VIEWALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROMALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLEALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAYALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLEDALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONSALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONSALLP_STR_ID_ALERT_MAIN_MENU_ABOUTALLP_STR_ID_ALERT_MAIN_MENU_SETTINGSALLP_STR_ID_ALERT_MAIN_MENU_REFRESH 9 Thanks for adding our NotificationsNotifications bring our latest news right to your desktop!This is a sample notification.CloseofSettingsYou re about to receive a notification that looks
Ansi based on Dropped File
(~WRD0000.doc)
fv& tvjv vff9 ^/
Ansi based on Dropped File
(~WRD0000.doc)
f}9 9 u$E& }( u(9 Eu +EVP9 E+EPu9 Eu
Ansi based on Dropped File
(~WRD0000.doc)
G-I[k,A8)gMD`* v($8TT1aE%
Ansi based on Dropped File
(~WRD0000.doc)
G9 U9 QeV9 W9 7& uW9 7& txV9 M}H9 E_^jKY9 0 u<ENTENDE>N4E>N$E>NE>MN>j4K9 9 Me19 & u
Ansi based on Dropped File
(~WRD0000.doc)
g9 k gj^0 & ; jY;! $& P30 & 0 & 0 & 0 & 0 & 0 & t tHt4+t$HHt& VK?3 $ *u,0 9 0 & 9 & k
Ansi based on Dropped File
(~WRD0000.doc)
GetClientRectSetWindowPosInvalidateRectDrawTextW)PtInRectOffsetRectTScreenToClientEClientToScreenGetCursorPospSetCursorLoadCursorAFillRectCallWindowProcW DefWindowProcW GetWindowLongWhCreateWindowExWIsWindowVisibleMoveWindow0 SetParentEndPaintBeginPaintUGetParentCallWindowProcASetWindowLongA0 GetWindowRgn6RegisterClassWGetClassInfoWUnhookWindowsHookExCallNextHookExSetWindowsHookExADestroyIconLoadImageWFindWindowExA~DestroyMenueCreatePopupMenuInsertMenuItemWBGetMenuItemCountTrackPopupMenuySetFocuszSetForegroundWindowUSER32.dll
Ansi based on Dropped File
(~WRD0000.doc)
GGHHHH'H/H7H?HGHOHWH" tzH& HH: HHHHHHHH
Ansi based on Dropped File
(~WRD0000.doc)
GGhPNhG! P}G9 ! 0 ! P}GGPNGG4PN4uG9 GD0 FD! P}]G! P}KGG$PN$?G! P}-GGP9 "GGHPNHGXWNX
Ansi based on Dropped File
(~WRD0000.doc)
GP 9 @;r6 &Y|_^=uV9 5|W3& u<=tGVsYt` ujGW9 YY0 =& t9 5|SBVqs9 C >=Yt1jSYY0 & tNVSPx& t3PPPPPs >u5|b" %|'3Y[_^5<" %9 U9 Q9 MS3V0 9 9 U9Et9 ]E0 0 E >"u39E" F0 E<& t`B0 U`PFv2Y& t}t
Ansi based on Dropped File
(~WRD0000.doc)
GQYaiqy0 " $
Ansi based on Dropped File
(~WRD0000.doc)
h 39 9}u9 PhlVjc9}t+9 9 ;~9 ;~PQ9 9 4hxV;WhuhuW +.;uhx9 I3@hRxhjc3$j.#9 h xhjbj 9 0 Me& tj
Ansi based on Dropped File
(~WRD0000.doc)
h 9 ^jfa9 0 uNS0z3N0 }#zj
Ansi based on Dropped File
(~WRD0000.doc)
h 9 ^V9 9 & tP9 v& tVc:Y^QU9 W9 Rt3@ 9 Eu0 ! yh 9 5& }3qVj9 9 -9 & tV9 eSMQhlrV9 & |}u9 MQh\rV9 9 VP& [|}tjuOPuk&33@^_]V9 NP&9 ^W9 |$& u
Ansi based on Dropped File
(~WRD0000.doc)
h c0 ^U9 QuEuP*& }P=9 E|$V9 u&9 ^t$0 & uh U9 SVu9 MEP9 Ku`^`[]V9 VjXt$f0 0 F& u9D$tj
Ansi based on Dropped File
(~WRD0000.doc)
h K[9] EPM 9 MPE`M~9 M;t
Ansi based on Dropped File
(~WRD0000.doc)
h$`s" " BK'aA;GIF89a[x" `,o7oS9,n&k[RP![, [[X >
Ansi based on Dropped File
(~WRD0000.doc)
h$M|3}9 0 ]PEPEPVuu 9 ;u/}/u&EPMw{9 MSEPEPVuud9 V& ?9 ;D$th(t$Q}jD_uMWueMH9 uE& t9 39 ]& t9 39 E9 8RQPW 9 & t9 & t9 9 Lj We9 9 ]& u37eh)hx)S_3F& |0 uhp)h`)S9 C& |0 uthL)h<)S9 $& |0 uMieEP9 M.k& uMjPh)S9 & |0 u9 k& u9 iPh)S9 & |0 u9 M& tdj& u[j9 VMx9 ME: iPMzVMyMiPh(S9 b& |EMEqMMq9 EV9 9 L$9i9 L$P/iPt$9 ^U9 QeVW9 9 M3X& v79 MEPV& t9 E& tHQPu9 9 MF!;r3_@^UpjH_ 0 M`9 ]|9 K3;th|9 P9 hPh -,Vj{%0 }|E|Ph)jWh)0 },& ;}9tAtjjYPhx,VQ9%9 E|M;t9 PQ3M0 gjXf0 E3f0 E9 5EP9 K4E;ti& u9 K4gPME P9 K8E;th& u9 K8gPM "!E@P9 KE;th& u9 KgPM@nhh9 h9 K;tigPM@Hhh,h)M0qM00 }\AgPMl" 9 E-gPMh9 EhE;t9 0 ET0 }T9 El;t9 39 u 9 9 E|u9 9 uTuQPR& }}tAtjjXjh,9 M`P: 9 Mh9 & t|9 Ml& tp9 5E@PE PEPEPM0Eo9 E|M& t9 PQ9 s$9 u`u|9 & ujh+j9 {9 C,& tPu|9 & t9 E|9 9 u@PQ,& }tAtjjXjh++30 ud9 E|9 UdRPEQ(;|9udt9 K ;tud;pjudMtMEeEP9 0 ePjhx)E
Ansi based on Dropped File
(~WRD0000.doc)
h%-$X ^jh`C"jSIYe9 u9 N& t/0 E& t9u,9 H0 JPDYv;YfE
Ansi based on Dropped File
(~WRD0000.doc)
H(H<HRHdHHHHHHI,IGdipFreeGdipAllocGdipDeleteGraphicsdGdipCreateFromHDCGdipCreateImageAttributesGdipDisposeImageAttributeslGdipGetImageWidthGdipGetImageHeightdGdiplusStartupGdipSetImageAttributesColorMatrixGdipDrawImageRectRectGdipDisposeImageGdipCreateBitmapFromFile.GdipCreateBitmapFromFileICMGdipCreateBitmapFromStreamlGdipCreateBitmapFromStreamICMGdipCloneImageO*P& $NDT\O T PTH& KU$TKVR N,W@O~W & MWNW8NWT$K
Ansi based on Dropped File
(~WRD0000.doc)
h*YYYYYYYYYYZZ" *9ZAZIZ" *lZtZZ" (+ZZ" d+ZZZZ" +[" +1[" ,T[^[" 4,[9 [ [" h,[[[[" ," -[\\\%\J\R\]\h\" 4-}\ \\" x-\" -" .\\\
Ansi based on Dropped File
(~WRD0000.doc)
h+ y ?>G}1EO(L{xbx}} {" BhXH(V 0
Ansi based on Dropped File
(~WRD0000.doc)
h3Pj5(D3@]$jv#0 Mh x`SjRb}& 9 u& MeEP9 9 u9 & uhHSj@bMMXj,Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
h49 w" 9 u& t#MQ9 P9 EMEj9
Ansi based on Dropped File
(~WRD0000.doc)
h9 $9 s" " BK'aA;GIF89aZa: 6[[RWw"!F! I)bX}!Z, ZZ< 9
Ansi based on Dropped File
(~WRD0000.doc)
h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 }h9 0 eWhS 9 oh9 0 eWhRc9 Ph9 0 eWh|D9 1h9 0 eWhh%9 h9 0 eWhT9 h9 0 eWh@9 h9 0 eWh,9 h9 0 eWh9 h9 0 eWh`9 wh9 0 eWhk9 Xh9 0 eWhL9 9h9 0 eWh-9 h9 0 eWh9 h9 0 eWh9 h9 0 eWhS9 h9 0 eWh9 ~h9 0 eWht 9 h9 0 eWhds9 `h9 0 eWhTT9 Ah9 0 eWh@59 "h9 0 eWh,9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWha9 ! h9 0 eWh{9 hh9 0 eWh\9 Ih9 0 eWh=9 *h9 0 eWh9 h9 0 eWh9 h9 0 eWh 9 h9 0 eWhl9 h9 0 eWhX9 h9 0 eWhD9 ph9 0 eWh4d9 Qh9 0 eWh$E9 2h9 0 eWh&9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 9 xh9 0 eWhl9 Yh9 0 eWh M9 :h9 0 eWh .9 h9 0 eWht9 h9 0 eWh`9 h9 0 eWhL9 h9 0 eWh89 xh9 0 eWh( 9 h9 0 eWht9 ah9 0 eWhU9 Bh9 0 eWh69 #h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh9 h9 0 eWhS: 9 h9 0 eWh|9 ih9 0 eWhx]9 Jh9 0 eWhd>9 +h9 0 eWhT9 h9 0 eWh@9 h9 0 eWh,9 h9 0 eWh9 h9 0 eWh9 h9 0 eWh 9 qh9 0 eWhe9 Rh9 0 eWhF9 3h9 0 eWh'9 h9 0 eWh9 j [S9 0 eWhS9 S9 0 eWhR9 S9 0 eWhx9 S9 0 eWhh"!9 S9 0 eWhX~9 kS9 0 eWhHc9 PS9 0 eWh8H9 5S9 0 eWh(-9 S9 0 eWh9 3@6iU9 SVW9 39 0 ]& ~PEP9 z#9 M;t9]t9 SiY3EPEP9 N& u9]u9 S9 P9 & ~QEP9 ?0 ]!9 M;t9]t9 +WhYEPEP9 N& u9]u9 S9 P_^[jRwg9 0 u3SE
Ansi based on Dropped File
(~WRD0000.doc)
h9 hVvOYVMnh,EP;
Ansi based on Dropped File
(~WRD0000.doc)
H9 t`P9 P9 P9 P9 P39 T$& t"A8t9 A9 0 Q0jL3j O9 30 }9~@uMMx39 9~t
Ansi based on Dropped File
(~WRD0000.doc)
h=}hu0jPMqMEkVEPEP9 EMEqMEkMEkMEakMM}k3@hthSj3wV9 t$W9 & t,~t&V& u9 N9 Pl& tV9 (V9 y_^j S9 MaeEPu9 d& tMyc& uEP9 MMjj09 0 ue6YU9 QVEPEP9 : 9 ^U9 SVW9 9 G9 p9 EFPu9 QYYE t9 69 v ~-tWSMU }tL9 GW0MAEPM@ t&uSjEP9 9 9 9 E9 I0 0 H@5MlL9 uuFP: PYY tuSu9 E9 M0 0 p@_^[j
Ansi based on Dropped File
(~WRD0000.doc)
h[9] REPM[9 MPE9 `Mf9 M;t
Ansi based on Dropped File
(~WRD0000.doc)
hdMM9 MQ9 EP(& u!h<Sj<ME>j Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
hh#MEP9 E`MSWM > h@#MEP9 E`MSWM> h$#MuEP9 Ev`MSWM >q h#MBEP9 EC`MSWM& >> h"MEP9 E`MSWM > h"M! EP9 E0 MSWM! >h"M! EP9 E0 MSWM>h"Mv! EP9 Ew0 SWM0 >vjZ9 0 ue}$L"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , e}LE9 ER 0 9 V9 .D$tVY9 ^#jX3@9 `#V9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
hM(MMErPMM(aPMSMM9uthhM9uthh M9uthSh xEPEw,P9 & t19 uMEyMEmMM(a9 ia0E(9 0 ePE9 0 ePEu9 uEuS0 E& u3R9 PEP9 RxjS+`9 0 u%3N$0 }N4E}ES}E}E~0 ~0 ~0 ~0 ~ Fh$0 ~t0 ~0 0 ~0 0 0 Fl0 0 0 ~p0 ~D0 ~HFL0 ~P0 ~T0 0 ~\0 ~`0 ~d9 :`jTU_9 0 u9 NE& t$f9 N& t$f}E}E}EN4EN$EM9 $_9 Ah$49 D$0 ADjXf^9 u3Z9 & t 9 0 eP" e9 0 ejh|9 M9 R
Ansi based on Dropped File
(~WRD0000.doc)
hM;9 MEPFCM0 ]EME`M]9ME99 EjEPeM2& ug9 }|p~MME"ME>WhM9 0PVM2MEMEMM9$j,=9 M/eeEP9 PMEh@ME8MM1& tMM89 MPMEUMEq9 EPhM/PVM*& u0 M9 u|p~9 0 uMEMEqj[EPReM 0& t3MM79 }tj2Y9 9 }MMEMEWh,M9 /PVMM9 EZME@|j}EPeM/& tMMQ79 YeMMEME9 EPh,Mx.PVMEM& t9 uMEx`MERqj,9 9 M@/& t3M-ueeEP9 PME>MEy6MME#ME?9 EPhHM-PVMjxY& u0 M9 u|~9 0 uMEMEMM59 j9 9 M^.& & uEP9 eMd9 uE|~jx^MVMErVhHM9 ,PWMfME*MEMMN5Xj< q9 M,ueEP9 >PME<ME5M -& t3MM49 M ME+MEME: 9 EPhpM,PVMTEM& t%9 uIMEy4ME#q'MEW4MEMj(q9 M+ueEP9 >PME;ME4M ,& t3MM39 M ME9 MEuMhp9 +PVM"!M9 E[MEA j9 9 M+& t
Ansi based on Dropped File
(~WRD0000.doc)
hMH hMHy9 MhEPPhE P~9 E PMHOM E
Ansi based on Dropped File
(~WRD0000.doc)
hMo9 C(;t
Ansi based on Dropped File
(~WRD0000.doc)
hR<M9 @& u
Ansi based on Dropped File
(~WRD0000.doc)
hS M8q& tP& P9 zPM\E7E
Ansi based on Dropped File
(~WRD0000.doc)
ht#9 p& u
Ansi based on Dropped File
(~WRD0000.doc)
Hu,h h h0 hQ P 3@3U9 SVWjue9 ]9 & uZ9}u#9 3& tu9 9 P\& SuWuSuuu& t nc9 M;! +wxtitPt?t& & 9 MQ9 EPL9 M0 M9 eMQu9 P@9 9 P 9 PPu9 RT9 S9 PD9 Nt9-t"& 9 M9 SQMQ9 P& 9 Su9 PHu9 MQSu9 PPau9 9 PR9 - (H H HH t[t+-"!t9 URSuQ9 Pu9 9 P$9 39 }QP9 EPEP9 R<9 9 3}QPu9 R49 9 3}QPu9 R09 3}9 0 EEPu< 9 M9 E9 QPu9 WuR8T3}9 0 EEPu< 9 M9 E9 QPu9 WuR,9 9 3}QPu9 R(uSuuu9 G9 E_^[D$V9 tVi4Y9 ^U9 (S9 ]W9 }EPWSx & u\Vj(3EVP.>hVEE0 ]0 }0 u0 u0 u V0 E0 EEP| ^f& u33@_[U9 V9 Vu0u,u(u$u uuuuuu 0 F& u
Ansi based on Dropped File
(~WRD0000.doc)
Hu,h h h0 hQ P 3@3U9 VE9 Pv< & tuEuP & t9 ! 33@^U9 SVu9 5R u3SS0 E9 E;}W9 }9 3+t:It2It*ItItItIu*x%u3Gxtxxx9 0 U9 M+tDIt1ItIuREtk9 E+HQuP9 E+P2EtP9 E+HEt@9 EHEt09 EHQWPR0 Ejuuu u9 E3E}RrC;R"_9 E^[VW9 jw9 9 D$#t$Vjw _9 ^D$V9 tVd8Y9 ^U9 SVWju9 ]9 ;! ! 9 H t|tEat- uD& t
Ansi based on Dropped File
(~WRD0000.doc)
Hu9Ft9 N~t 9 NRuj+9 P@0 U9 SV9 WtwEtlEP EP 9 }+9 ]+~& u& t=EP< 9 E9 M9 Uj+Q9 M+RPQS x_^3[U9 V9 ~ltR9 E0 9 E0 t&EPv@ 9 E+EPG + Y0 9 } u9 uuuu:^j TT9 0 uK3jX3CP9 0 }|0 ~0 40 80 0 $DDD ("!0 ~,0 00 <Rj9 0 ejh"WWW9 W9 @0 ~D0 ~H9 &TV9 |uv& tjjv f9 ^]jTS9 eE,9 0 ePu(uu$9 u 9 uux9 C& t
Ansi based on Dropped File
(~WRD0000.doc)
Hu@bB;j !Y9 0 Me& tj
Ansi based on Dropped File
(~WRD0000.doc)
HuB;4V,V$9 I,& tVa 9 I0& tV/EV]& t9 j9 ^V9 1N0 @-9 0 @9 0 9 0 If^U9 V9 ~<u'~t!at& t9 E9 ;(uuu+3^];pu
Ansi based on Dropped File
(~WRD0000.doc)
Hz9 Me9 MPx9 MU9 T$B9 J3w
Ansi based on Dropped File
(~WRD0000.doc)
hZ9]t$EPM9 MPE#`M]RX3FMM!9 & j.~9 MP& ud9 MP& uX=9 3;tKh Y9 0 M0 u;tVVuVuuuuhS3MVP9 9 9 PV9 R9 D$0 F9 ^D$V9 RtVY9 ^j@j
Ansi based on Dropped File
(~WRD0000.doc)
hZ9]tXEPM9 MPEW`M29 M;t
Ansi based on Dropped File
(~WRD0000.doc)
h|9 M TEPMS^ThEY0 EE& t E9 0 eP[9 MEPVt3M0 FELRMSE
Ansi based on Dropped File
(~WRD0000.doc)
I9 ju0& t
Ansi based on Dropped File
(~WRD0000.doc)
I\1]^_/_X__ ]]&^S^|^__Ul$RRV9 u|& u3Ge|SWV9 Y;u0 ]|jWV& t0 ]|EpPVYY& t0 ]|EpPVYY& t0 ]|ElPVYY& t0 ]|EPV& YY& t0 ]|EhPVrYY& t0 ]|9 Eh;Eu}lu}ptE|"!EPVYY& t0 ]|EPVuYY& t0 ]|EPVYY& t0 ]|9 F9 M9 ]8;s
Ansi based on Dropped File
(~WRD0000.doc)
IAIA0 AA9 Aa0 ]9 U9 30 ESV9 uF@W& 6VYt.VYt"VV<& YY9 `@$$< VYt.VYt"VV<& YY9 `@$$< xV|Yt.VpYt"VdV<& TYY9 @ t]uEjPEPb:& t]39}~0Nx9 `L=9 A0 D=VPYYtG;}|f9 E Fx
Ansi based on Dropped File
(~WRD0000.doc)
IITI_IjIuI I9 I IIII
Ansi based on Dropped File
(~WRD0000.doc)
iM'Ms=9 T$B9 J3fhMMMM JMRJ9 T$B9 J3~fDxhM}M=MMeM"!9 T$B9 J3;f\h9 MW9 Mk9 T$B9 J3
Ansi based on Dropped File
(~WRD0000.doc)
iMEiMEiud9 Mh& t9 Ml& RHj<
Ansi based on Dropped File
(~WRD0000.doc)
iShMH6MEPShMHVh MEPMEOh`Mu@9 MxSEP$EPME
Ansi based on Dropped File
(~WRD0000.doc)
i}{7 * - Xd ~vRSx$a"ke
Ansi based on Dropped File
(~WRD0000.doc)
J JJ" 0JJJJJK" &K.K6K>KFKNKVK^KfK"
Ansi based on Dropped File
(~WRD0000.doc)
j R:dC`C ujv& vPW& Pjj8#3Sv& WPW& PWvS!DSv& WPW& PhvS $3REt L`Rt L `RR @;rV & x3)& 9 " Z w L` w L ` A;r9 M_3[Rjh`E& y9 d}& Gptlt9 wh& uj OY9 j
Ansi based on Dropped File
(~WRD0000.doc)
j,9 9 M&%& t3Mn#ueeEP9 PME3ME_,M
Ansi based on Dropped File
(~WRD0000.doc)
j-(9 0 utFh9 Ne& t
Ansi based on Dropped File
(~WRD0000.doc)
j-=m ld \cQkkbal0e& Nb" l{ WeP9 |bI-|ReLXaMQ:t0AJ" =mjiCn4Fg`s-D3_L
Ansi based on Dropped File
(~WRD0000.doc)
j/M9 }hW9 dPMy& th9 o& u]h|9 59 tJMME%PEhHPVMP9 EM& u'0 ME}MM5y3ybMEVMMy3@ 8t9 9 j9 RTV9 u3^t& + ^=@U9 9 E& u
Ansi based on Dropped File
(~WRD0000.doc)
j2|jj'e9 YY0 u0 uE& tu9 uuuu9 uYjj
Ansi based on Dropped File
(~WRD0000.doc)
J6`zA`Ug}n1yiFRafo%6hR" wG"/&U;( Z+j\19 ~,[d: &cSju
Ansi based on Dropped File
(~WRD0000.doc)
j9 9 3Mj~Y0 EE;t9 49 9 EM0 EEP9 ESj0 {5(v 9 N,;t(Wx9 N,9 v,;tiW9 : x_9 N,;ty9 v0;tL9 KCM4WWME(9 v0;t9 SHMM9 v0;t9 Jqj/`9 0 uN0E?=N E3=NE'=M9 =&9 `jD/<9 M3M0 ]G&;tc9 u;t\9 9 P;tQEP9 MEF5& u+SMSwEjPMEMEM]! <MM& VW9 |$9 & tY9 U2HtHtHHuH9 N0& tAWHH99 N0& tW?9 ;2tHu9 N,& tz9 N,& tw,_^j0 04M! eM*M& uI"M& t=.t& t1jY9 0 ME& tF39 EM[MM4adV9 5t & t
Ansi based on Dropped File
(~WRD0000.doc)
j9 B9 3jEZY0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
j9 c3+9 FPjW! vvWAv}0 ~3@_^ytyt33@& u
Ansi based on Dropped File
(~WRD0000.doc)
j9 Fp_^S9 V9 v& t:9 FW3;t/p& t&9 UUWWWWWv9 FUWWWWWp]_^[U9 VEP9 & ta9 E+EW9 =S jP9 E+EPuuvMEM9 FE& t+p& t9 E+EjP9 E+EPu9 Fup_^S9 VW9 v9 = & tt$jv9 F& tp& tt$9 Fjp_^[SU9 -VW9 v39 = & t9 D$0Cv9 F& tp& t9 D$09 Fp3C_^]9 [SU9 -VW9 v39 =t& tt$9 D$0Cv9 F& tp& tt$9 D$09 Fp3C_^]9 [U9 V9 9 F& tZp& tMSWEP9 Fp@ 9 Fpv09 9 SEPW S9 FWp_[^U9 T 30 ESVWE9 Pv 9 EPv@ v49 WEPS WEPv 9 09 M_^33[t:VW9 =9 v& tv& t3@3_^U9 QEPu#_9 M& t{9 EHHV9 t,Htt$tfuGu9 uP`:u9 uPd-W9 =0 jq9 F& tp& t
Ansi based on Dropped File
(~WRD0000.doc)
j9 ME}ME}MMSr6j'9 0 uel9 0 F^9 9 aV9 D$tVY9 ^j( 9 0 uR ej9 59 G UDhD(P9 EPs@ 9 u9 } uP+u+} WVuP0 ED PuD0 EjjM0 E-ejh M.jjEPuDM@9 CDee$& tjPM.jjEPuDM@}TtEE0Ps< jE0Ps9 9 E0+Eu00 E9 E4+E}9 u89 }<+u0+}40 E$K4Et& & F0 E(jGjT0 E,-C49 0 ePE=& Ta-E@PETPT`:& `9 E@;E,~E,u@MT$9 M(;0 ET|0 MT9 E(9ET~E(uTM@9 M,;0 E@|0 M@9 ET9 M@
Ansi based on Dropped File
(~WRD0000.doc)
j9 S9 39 ! 9 @xM0 F09 ! N(S0 F4! 9 0 ePRhM3Cj0 ]8& S0 E9 ! NQHhQHXQHPM30 F,9]u<& w$& tVS0 x5(w$MMj4AbWh4/M<dW3h /M0 ])dMEU9 MP aM0 E U9 MPa9 9}t_;t[9]u9 MtM9 j+;uE;MV+u9 MPuEPh9 MPEXeME]]M]M0 }]U9 QehD/u9 EV9 : D$tVY9 ^jLab 9 h x0Sj39 u)9uht0Sj9 j YY0 E0 };t9 9 9 } MEP+9 } EPE0MEGU& t!M;U& th 0Sj#9 } 9 P0 E& tP9 p& t=jY0 EE& tu9 3P9 j5(Ep9 } EP}ESPMcj 9 0 ePUeMjE8& M0 EESPh/Sj3jGPEPEPEPM}0 Eu<& }9 0 Gt*ORPh/SjgGP9 )MRPMRPhh/SjG9 30 M0 M;t9 P9 @0 U0 E0 } 9uu& t^39tFG& 9 & tMj$>Y0 EE& t9 x39 M0 H9 O0 HP9 E0 x $`Wwuu9 j9 hHSjMEMEzZMEnZMMbZljb! 9 0 uNTEoN4EN E$ZMN"Vqx9 RR& t38V9 t$9 ah9 a9 L$DQP9 ah9 a3@^jc9 0 u03CNX0 ]E~P9 Xe9 M& t9 SEPEP9 W& u9FTt4E^4P9 We
Ansi based on Dropped File
(~WRD0000.doc)
j9[9 0 uD$eN? #C
Ansi based on Dropped File
(~WRD0000.doc)
j@pH$R&B ("!F!R,\(!& a#!<BBGlnT!6$B)/}jBVvj4B#btk4B '*3B0 "!32ECA;GIF89a
Ansi based on Dropped File
(~WRD0000.doc)
j_VVVVV0 8 }t9 E`p9 !9uv9u~9 E39Ewj" }t9 U39ux3:- 9 9 ,9 }?-9 u-s}~F`9 9 E9 9 `38E E}u+]hT]SV 3& t
Ansi based on Dropped File
(~WRD0000.doc)
jDI%" 9 9 u3;u3J9 ;tp & t9 Wp0 M9 MQ9 0 }P& jEWP59& h0Y0 EE;t9 l39 0 ej|9 VE0 S9 0 ejVEtSs4usE9 9 jh9 3VVnj
Ansi based on Dropped File
(~WRD0000.doc)
jEPjAVE& ;t
Ansi based on Dropped File
(~WRD0000.doc)
jFxL[uv(V$YY9 [^U9 QQeV9 u(jh v(V 0 E& ujXS9 ]WPEPu$uuhGhFWSu(j0 E(Y& & 9 E8 RuEPu$9 Euu hHhGjuPn(j0 E(Y& u9 E8u;w-uv(V$3Q;uFHM8uF,M't%FM;uFLt
Ansi based on Dropped File
(~WRD0000.doc)
jHZ^0 M9 }9 9 ]9 ;IQ9 o9 f"t343FP9 N9 f\uFVj"9 P}9 u9 +VPEP9 0 u~9 }eP9 -: MM" hh`$9 2Rh9 h9 !RX$`9 EjPEP9 q~ME 0 EEPMQ"!juEP9 E<~MEz`PMq`P9 9 ME ME MM jV9 }0 E& `9 E3@j[eqEP9 'ahh`$9 89 MM~ S9 \$VW9 9 V9 :aO0 P9 *aV9 "a_^[U9 QeQ9 M& : 9 Ej9[R9 0 ueNl$^9 j9["9 0 ul$eN #j10 M9 ]9 9 u9 ; Q9 0 f-tf0rf9v3x69 j}9 69 j,9 9 ;ta;t;}9 ;t9 +9 WQEP9 ]S9 ]eP9 MM# O>9 PjI9 EXY3@; txD$D$PY" >9 L$PU9 QeQ9 Ma9 EjXj 9 9 u9 Mj6EP: eM89 jh$M9 M& u!GMZ3@ajh$}9 & u@0 G9 MM*9 3y9 L$th$h$ U9 Qey9 Mjth$h$" 9 E#3jh[9 } RjY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
jh}M PEPE YYM]jh8}MFhPEPEYYM]u9 M0 ~(}9 MVv: MM9xj8~39}u3aM9 M0 }_;0 E~q;0 }0 }}\u9 M 9 & t/& uFPMV0 t;~|9 E9 ~0 EE9 E;E|;}t9 MWud 9 EG;|MM 3@~j4,}39]u39 }OT_0 E;tM/9]0 ]0 ]} uOT 9 ;ts9~ukh,wY9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
jj!V9 |9 ^jUI9 u& t_9 F(+F "!+9 O3GMeh"!Wv$MWvvhGWv$MWvvMMV3JV9 LP3@0 X0 \ T9 ^x9 D$0 X9 D$0 LU9 VEPEP9 9 T <9 MD
Ansi based on Dropped File
(~WRD0000.doc)
jjjPhOWj0 _^VW39 9=u^X& uUh|9 hPj0 W5"!N,WWWWWWh 9 Phh 0 ;t9 3@3_^9 & tt$PjiJ9 FDPM!ee~`9 !+& ~p& |V9 _& t9 j9 NyMMe" J=u1x& u(V9 t$& tt$Y& t9 V9 R9 j9 ^=W9 ug8& u^V9 t$& tT~uN9 Fuv 9 v9 vPH4u/9 HHu%S9 ^U9 nPvSOt9 USP][^_U9 Q=V9 u6& u-!EEPuNtGh& tuBY& t
Ansi based on Dropped File
(~WRD0000.doc)
jjuMSEMS& u
Ansi based on Dropped File
(~WRD0000.doc)
jjv ^U9 V9 & u3!EPv< & tuEuP ^8& t9 D$ 39 L$3@0 jW19 0 ]u30 E0 0 S0 9 E9 ,0 9 u9 E0 9 E0 9 E0 9 E ME0 ME M0 30 9t9 09 9 ;~0 10 M0 0 0 0 EM 9 x1jLW09 0 },39 @0 E& t9 PR&ELM9 "!K19 D$S9 \$V9 W0 9 D$3G0 F09 W0 ~0 ^Px9 9 P|WPt$9 Ss0 F& tjP0 9 _^[39 Su9t9 V9 0RRR9 V8^V9 9 9 L$;uPvjvnYY39 ;tQ9 ^U9 VEPq@ h9 VEPu V3@^j<l/9 jv
Ansi based on Dropped File
(~WRD0000.doc)
jjv _^V9 t$W9 & t-w& t t$9 F9 V9 +R9 V+RPQwS _^U9 V9 v& t1EPv@ & t u9 E+EP9 E+EPuuvS ^t$9 T$9 D$RPV9 D$tViY9 ^Vt$9 NT~)|$tj9 ^U9 SV3S9 0 E9^<tqW9 .9 =Pu0 E9
Ansi based on Dropped File
(~WRD0000.doc)
jl h^jN0\9 0 uDENE:M9 YwU9 9 ESV9 0 F89 EW0 F(v(9 3WWWWWWh WN 1Ph 9 0 F;u3[9 E9 ( WW0 F,9 EW0 F0WEPWWWv& uPjWWvEP9
Ansi based on Dropped File
(~WRD0000.doc)
jM"R9 N8EPj9 0 ejh(a9 N8SSj9 N8jME* M] MM
Ansi based on Dropped File
(~WRD0000.doc)
jM0 ]pM4EMDEMEM EF;RMTEM]DMM 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jM4a}ME0 }p9}ht9WhxtSWv;t"9 MQ9 RH;tM)& uEp9 N9 URP,jhpM ZSE9}Xth`9}0thP
Ansi based on Dropped File
(~WRD0000.doc)
jM[9 MEP: F;|ME`3F j,&9 E9 @3Wh`thtWP);u3@69 r99 ;tMbVM0 }x& ~3GMMb9 " 9 D$0 9 D$0 Ulh MpbeE`PMf3CM`]E& & 9 ux& 9F M0|M@EpMEdM EXMEL9 N9 U0REP9 NU@9 9 RP9 NU#9 RP& ujME0M E$MEM@EM0]M`EMMa39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jMEujMEijud9 Mh;t9 Ml;tRE@PE PEPEPM0E$j9 E|M;t9 PQ9 E\9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jMGR9 N8EP9 MQ9 P<;u
Ansi based on Dropped File
(~WRD0000.doc)
jMTj)9 LX;|MPSEP9 :hP9 E~dME]h 9 dh\9 dMLTP9 dM]wMM\9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
jS^(WS%9 9 YP9 "!SvYY& t>_^[U9 30 EVW9 Ku3E}fjEPujEP9 9 M_3^ V9 D$tVY9 ^V9 N9 ^hji9 FPMue9 nM ji"!9 FPMueu9 MEU9 QV9 FPMzu9 ,M9 9 ^V9 0D$tV,Y9 ^V9 ~D$tVY9 ^V9 3jt$0 F0 F0 9 ^Vt$9 30 F0 F0 9 ^9 D$Vj
Ansi based on Dropped File
(~WRD0000.doc)
jSYY3@_^[]V9 ND$tV*<Y9 ^V9 9 Pp& tCDVP Q\N9 D$fjhzt$0 FQP|9 uP9 ^9 D$V9 & t0 FDVP [N9 D$jhzt$0 FQPFx9 & uP9 ^9 9
Ansi based on Dropped File
(~WRD0000.doc)
jt$9 G & tt$9 V9 9 ^ajx9 M.Ueh |eMYMF$UU9 Q9 MejhHL9 EU9 Q9 MejhpL9 EU9 Q9 MejhL9 EU9 Q9 Mejh zL9 EjbeM=3ECPM0 ]ME>& t9 Mjh|9 *L0 ]_h MNhHMNMEPME9 M& tEP^Ojh|9 KM0 ]EM]EME 9 EjeEP3CM0 ]&>& t9 Mjh|9 jK0 ]QhMMM/EPMEM9 M& tEPNjh|9 "KM0 ]]ME,E9 E3jLeM3ECPM0 ]SMEp=& t9 Mjh|9 Jh MAM9 MEPNM0 ]]DMEg9 EjeM>3ECPM0 ]ME<& t9 Mjh|9 +Jh ML9 MEP9 MM0 ]]&DME9 E!jN:ee9 MjhSI9 Meh ELL9 EjNee9 ujhS9 Ieh 9 ELhH9 K9 0 j&eEP" 3FM0 u;& t9 Mjh|9 IhMK9 MEPyLM0 uEC9 EjN3eeu#9 MehELK9 EjNeeu9 MehE
Ansi based on Dropped File
(~WRD0000.doc)
jt$9 V89 _^U9 VW9 39 EHHtLHt6Hu$L;u9 3& " A9 L0 E9 MjVVcP$9 MjVUPhh9 MjVBPhLh@VD_^]hR8U\9 uelEj P0 h! YYjEP9 ce}& lt'& pj P* YYj 9 "& pP9 &9 h\U9 QQeEPE #EV9 & u^4+3^j8\[9 M3M0 }A& & M& & j^WSejS0 ~0 ^ ; & WWjv ;ttWEPjh ;t_EPEPEPu0 }0 }0 } ;t=WujvH ;t*MM~9 (hhxj}"!_MM~3[U9 $ 30 EV9 u&3W9 }9EtMWuPL9 & u3+P=u}uWTWX9 9 M_3^;TUl$R 30 EpSVj[h3EVP dEPE } u|Vh MQjP & W9 = EPVVju& u`PzuUuV 9 & tEEPuVju& t+6 `P6 9 = r
Ansi based on Dropped File
(~WRD0000.doc)
ju9 0 ejhTS0 E0 } x9 0 ejh|9 0 }kx9 }MWWjj ;t
Ansi based on Dropped File
(~WRD0000.doc)
jU9 QQ}SVW9 u`9 u& tYEP9 9 u0 EEP9 9 p9 M& t#3Fj9 0 R}u9 u9 PX9 3_^[9 0 & t{3@0 3@48t9 T$89 pWYY9 D$ 3jDXx"9 M>9 } e& t*e9 MQWEPxuM%uEjuMjuMEWMQMQMs9 Q9 EP\9 }0 & t9 MQMQ9 P`u 9 Wuuuuu
Ansi based on Dropped File
(~WRD0000.doc)
ju]9 U9 ]9 U9 9 EV9 F& ucOI0 F9 Hl0 9 Hh0 N9 ;
Ansi based on Dropped File
(~WRD0000.doc)
ju]9 U9 SVuME9 ];sT9 M~EPjS9 M
Ansi based on Dropped File
(~WRD0000.doc)
juaMPN ljBk9 0 uku39 0 E 0 F0 F0 FP9 }lj s7 ke9Eu9 IjQ9 MQPEPj3CM0 ]uEPMEu9 MEPaM0 ]]ME`9 EkjBk9 0 u 3j
Ansi based on Dropped File
(~WRD0000.doc)
juu9 Eu]9 U9 QS3V;uXj^0 0SSSSS(9 9]v39]f0 " @9EwOXj"9 E"w9]0 ]9 ]9 tj-Xf0 9 EwE9 E0 u3QuPS }0 ]9 9 vW0f0 9 MFFA0 M& w& v;Mr9 M3;Mrf0 Wj"Y0 9 39f0 NN9 Ef9 f0 Nf0 N@@0 E;r3^[9 U9 W9 }juuuu_]9 U9 SV9 uW39}u;u9}u3_^[];t9 ];w?Wj^0 0WWWWW9 9}u3f0 9 U;u3f0 }9 u
Ansi based on Dropped File
(~WRD0000.doc)
juu9 M]9 U9 9 E& t8uPY]9 U9 30 ES3V;upFj^SSSSS0 05uW YY;Er9 U9 9 H;u 9 8t`<a|<z, A8u3jpSSjWVQR} 9 $0 M;uE*E9 9MsEj"^;~Ej3Xr9A=w+9 ;tPY;t9 M0 E0 ]9]u
Ansi based on Dropped File
(~WRD0000.doc)
jV:YY }& 9 %=! S9 & V0 Y & R0 }$9 M0 RVuuu$G 9 ujVuu v9 ]{v& }& )u$u uSuuuV tT_^[9 U9 Vu9 e0 xW9 ^]9 U9 SVW9 E9 Mcsm" u 9 ;t& t9 #;r
Ansi based on Dropped File
(~WRD0000.doc)
jW9 ][_^W9 Ox~M& t3"9 L$V3`M& ujt$9 9 9 ^_jjc9 0 ue~9 089 EuNxE0 Ft^9 j
Ansi based on Dropped File
(~WRD0000.doc)
jX ; & 0 ]9]u9 9 @0 E9 5 39] SSu" uPu9 ; ~<w4D?=w 9 ;tP[^Y;t9 & ti?PjS AWSuuju& tuPSuR0 ESSj9 EYu39]u9 9 @0 E9]u9 9 @0 Eu|UYu3G;EtSSMQuPuU9 ;t0 uuuuuu9 ;tV\Y9 e_^[9 M3R09 U9 uMPu$Mu uuuuu }t9 Map9 U9 39Ev9 M 9t@A;Er]9 U9 9 EV3;uVVVVV;9 @^]8 `Vj^& u;}9 `jPYYP& ujV0 5`SYYP& ujX^38 P0 |j^3H W9 9 & 9 9 t;t& u0 1 B |_3^xv =tU5P>[Y9 U9 V9 u8 ;r" w9 +Q:N Y
Ansi based on Dropped File
(~WRD0000.doc)
jX00& ;u9 ;u39 f9t@@f9u@@f9u9 5 SSS+S@PWSS0 E0 E;t/PY0 E;t!SSuPuWSS& uu Y0 ]9 ]W9 \t;u 9 ; r8t
Ansi based on Dropped File
(~WRD0000.doc)
jXj 9 9 }& u=WN )M9 }eEP9 N9 WURPMMy 9
Ansi based on Dropped File
(~WRD0000.doc)
jY+0 M+MV0 M9 0 M0 MjY+9 E0 M0 UE0 M9 MP0 U|n9 9 j;tEPkwEEP]wE9 9 jPLw9 9 50 jp9 jp3FM E"!MM"!9 9}tg9 & t9 E;E~0 EE
Ansi based on Dropped File
(~WRD0000.doc)
Jy^9 U9 W9 /& tS}t}uu7~Y0 E}t9 G;Er9 O+ESV4A9 uuS & tCC;v^[_]9 +G9 D$9 P9 @RPz9 D$& t
Ansi based on Dropped File
(~WRD0000.doc)
jYVj54L & uZS9 PP
Ansi based on Dropped File
(~WRD0000.doc)
jY|& +39
Ansi based on Dropped File
(~WRD0000.doc)
jY|& +3}tC 9 +
Ansi based on Dropped File
(~WRD0000.doc)
jY|& +3}tC" 9 +
Ansi based on Dropped File
(~WRD0000.doc)
j}}yEPeM& tMM9 &zMMEME9 EPhMIPVM" EM& t9 u`MEp}wME]ujxEPeM& t3MMo9 wy}tjyY9 9 }MMESMEWhM9 PVM
Ansi based on Dropped File
(~WRD0000.doc)
K ~?`,ZD^0RaX(nb:Me!g KqFSx1H1E#7OASA`+S#ZhKx&h},X (<U0 %! y-y ! %ww+f
Ansi based on Dropped File
(~WRD0000.doc)
K& EE9 E;|^[`EjlW teMqj9 Mjj0 s j,h DR9 9 }9 u0 ]e9 G0 EvEP}YY0 E 9 0 E9 R0 E0 9 M0 Re3@0 E0 EuuSuW0 Eeo9 E9 e9 u9 }~ O9 O9 ^e9 E;Fsk9 P;~@;H;9 F9 LQVjWee9 uEE9 E0 E9 }9 u9 E0 Gu}Y9 M0 9 M0 R>csmuB~u<9 F= t=! t=" u$}u}tvY& tuV%YYjhHD30 U9 E9 H; X8Q O9 H;u <9 9 u& xt10 U3CStA9 }wzYY& SVnzYY& 9 G0 9 MQPYY0 9 }9 Ep tH7zYY& SV&zYY& "!w9 EpV& 9 & t|WS9Wu8yYY& taSVyYY& tTwW9 Ep_YYPV9yYY& t)SVyYY& tw yY& tjX" @0 EE9 E3@9 eF30 jhhD79 E t9 ]
Ansi based on Dropped File
(~WRD0000.doc)
K& uSh,1MZM*"EPMEH&9 M& ujh|9 (XM0 ]]"EP`[9 Mjh|9 W0 ]MER9 E9 L1L1V9 0zD$tVY9 ^D$V9 L1tVY9 ^j~f9 0 u~9 X1xHeh|9 9 wS9 X1rQj[eEPXMMJQTj\dmq9 I& t3@=9 0 ejh\1VVM"3M0 u& uFMM9 hRd9 9 ]& t9 z& t
Ansi based on Dropped File
(~WRD0000.doc)
K9 ESjNeeu9 MehEJ9 E]jNveeu'9 MehEJ9 EjN7eeu9 MehEPJ9 EjHj9 9 Me8:& t9 Mjh|9 |G=EP9 9 M3F0 u8PMI9 MEPJM0 uEaA9 EhjHj9 9 Me9& t9 Mjh|9 G<uEP9 L3FhM0 u~I9 MEPQJM0 uE@9 EjHj9 9 MeK9& t9 Mjh|9 FZEP9 a3FM0 u9& t9 Mjh|9 aF9 M7PMH9 MEPIM0 uEW@9 E^j&wueEPP3FM0 u8& t9 Mjh|9 EhMxH9 MEPKIM0 uE?9 EjQ9 M ueEP9 f3CM])8& t$3ME ?MMJ9 }hMG9 MEP0 ]6PM6PM& t9 ]j|p9 MueEP9 ME 7M& u+hxG9 MEPZ6PMQ6PMME>MM}jNeeu9 Meh$EG9 E" jNeeu9 MehHEF9 EVjoe9 M3C0 ]6& t9 Mjh|9 C0 ]}uMWGh9 hME6h9 hM 6hhMt6hhMb6hT"!hSMP6VhM=6VhM/6Vh M!6VhxM6VhpM6hlhdM5h|9 h\M5M3 & ~`VM 4f:t6f.t0f/t*f?t$f\tf*tf<tf>tf|tf"uj_VMS4MF1 ;|MB5& uM4PM D9 MEPEM0 ]]}<ME <9 E0 j hjhM8Beh! M%DMjME: 3Ph M8#MEMM<U9 30 EV9 uh& jPh& P5"!,j9 & uh|9 & P~A9 M9 3^Hj EPs3M0 u3& tMM_;9 gM2P09 joueEP[ME3& t$3ME
Ansi based on Dropped File
(~WRD0000.doc)
keL-~5R,jL&RI6}{u-uo]|s<U"!W|?T S-D pA(S=p,="Z,: "!E;M M JVh}"!T ~~6 6~` }wCo*=`Tx}Ux(0 ~YrF" GN"!d "[@ v 9AlE Wm5 0 x. )2SwBXKo6`s0 0 eeR&.Y)& "\0
Ansi based on Dropped File
(~WRD0000.doc)
kMEkMEkuduMP}p9 uPER`& VMX}Xu/}pt
Ansi based on Dropped File
(~WRD0000.doc)
KQ~9 Y& u
Ansi based on Dropped File
(~WRD0000.doc)
kRYevh E>jJRY0 }9 E0 Fl& uH0 Flvl JYE3G9 uj
Ansi based on Dropped File
(~WRD0000.doc)
KS[cks{9 : "$#&+3(;C*KS,[c.ks0{29 4: 68:<>" A19Z" & }~" (" d
Ansi based on Dropped File
(~WRD0000.doc)
L! LL LLLL" LL" 0" M&M.M6M>MFMvMM" MM" @Y! " h0MMMMM@#" NN%N-N5NXN`N" N" TN" N" OO" 4O" WO" 8zO" d" OOOOOOO" P"P-P" RPZP" L "
Ansi based on Dropped File
(~WRD0000.doc)
l& tuu& t3@uuj5hp ]V9 DPv(hE
Ansi based on Dropped File
(~WRD0000.doc)
L1$ ! & _^[u ]%@]9 U9 9 EV3;uVVVVVhjX
Ansi based on Dropped File
(~WRD0000.doc)
L1$` a
Ansi based on Dropped File
(~WRD0000.doc)
L1$` ' I 9
Ansi based on Dropped File
(~WRD0000.doc)
L1P`B:}Q0 MS<9[`B:}OMEO ?tEPuEP/9 ES39U}E9UuE9Uu+E=P"=R. `0 E; }
Ansi based on Dropped File
(~WRD0000.doc)
L9Pf;sQ0 Mf9! Yf;sJ9 E} 9 MEH 8tEPuEP$Q9 E39US}E9UuE9U u+E=P"=R. `0 E; }
Ansi based on Dropped File
(~WRD0000.doc)
like this.Introducing a handy new featureThe publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.Version: About NotificationsFeedBackFAQPrivacy PolicyAboutViewShow notifications from:Notification SettingsShow icon in system trayNotifications enabledDisable NotificationsEnable NotificationsAbout...Settings...RefreshCommunity Notifications9 Xx>: 0 mmmxxxmr`NEmConduitAlertMessageCommunity AlertsAlerts/AlertServices.asmx/AlertLoginAlerts/AlertServices.asmx/GetToolbarAlertsInfoAlerts/AlertServices.asmx/SetAlertUsageRequestConduitFeedsSoftwareDataChannelsRegisteredSourcesSourcesHistoryIgnoreNotificationsDataAppsGuids%22%40@%2B%2F%26%2b%2f_><<&&"'CLSID\LastUpdateTime0IntervalLastCheckTimeUpdateFeedIntervalShowStateLastDisplayTimeDownloadErrorCountIsFeedModifiedINSTANT_ALERTConduit_Alert_Autoupdate_MutexAlert1.dllAlert0.dllAlert.dllConduit Ltd.AutoUpdateLastTimeAutoUpdateIntervalInHoursAutoUpdateServerNamehttp://iealert.conduit-download.comAutoUpdateServerVersionFakeAutoUpdateIntervalAutoUpdateEnabledShowAlertsSendUsageEnabledShowIconInSystemTray\StringFileInfo\%04X%04X\%sFileVersionAlertWindowLastUserCloseTimeShowMessageAfterUserCloseIntervalUpdateAllFeedsLastTimeLogMaxFileSizeLogLevelsStringSampleAlertWasShownFirstTimeMessageDisplayedMessageAppearTimeMaxShowedMessagesDefaultShowIconInSystemTrayFirstTimeStampIntervalFirstTimeStampLoginMessageIntervalInMinutesLoginMessageLastCheckTimeLoginMessageLastUpdateTime}{UserIDLocalesLP_CurrentUILocaleAlerts/AlertServices.asmx/GetAlertTranslationLP_LastCheckTimeLP_LastUpdateTimeLP_ReloadIntervalInHoursShowSampleAlertSampleAlertNameLanguagePack.xmlInstantAlertIdsDialogsmain.htmlAlertReformatURLALERT_HTML_DIALOG_MUTEX_NAME<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML><PROTOCOL_ID>%s</PROTOCOL_ID>DisableSourcesxRrXALPClientsServerNamehttp://alert.client.conduit.comALPServicesServerNamehttp://alert.services.conduit.comCacheIconsLanguagePacksLog.xmlThreadingModelApartment\InprocServer32Conduit Community AlertsPathTitleUrlALERT_CHANNELMESSAGEALERT_INFO1 .Update?aid=FaqAlertsPrivacyFeedback\USER_ALERTS_STATUSDISABLEDENABLEDUSER_IDKEY_IDTRANSLATION_KEYSALERT_TRANSLATION_RQEB m_WM_ALERT_BROADCASTR$a~lwM @a;x}~ rrx(("zDyxy"!y0 usU'r#s"! ALERT_OPTIONS_DIALOG_MUTEX_NAMESysTreeView32?@HB ) dB xx emNaG Qdc.}" 0 60 f! ArialTahoma8n'M>: XmmmXxxmLGp: PB ) dB xx emNaG Qd c
Ansi based on Dropped File
(~WRD0000.doc)
Lx9 M|9 T$B9 J3vl
Ansi based on Dropped File
(~WRD0000.doc)
lxPhtM`MPESVEPPM<9 E9xPh`M`sMPE9 M|E`P9pERME M E MEzM@EnM0]cM`EWMM_9 ]U9 9 Mx& t9 Mx& t9 Mj~"9 M{~9 MPr~Phu03@]j@eM43CM0 ]l0 E& u9 Mjh|9 0 ]9 MQ9 9 E9 0gjhMlVMEoM[9 MEPVE@!MPM9 MPMEDM]9F;|" MEPME9 MEPgM0 ]]ME9 Ej,_ejuM3CM0 ]E~& t9 Mjh|9 0 0 ]M
Ansi based on Dropped File
(~WRD0000.doc)
M 4 WVM 0 }/M \& tWWEPuM F" MM a 9 T9 9 <L
Ansi based on Dropped File
(~WRD0000.doc)
M E9 0 ePg9 M MEMEME@MEM]M0 u3@1ME
Ansi based on Dropped File
(~WRD0000.doc)
M Ep\MPEd\M0EX\M@EL\ME@\ME4\M]9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
M& uUSf/tC0 ]9 E9 URPEQ@9 E;t9 M;t9 39 QP 9 EE
Ansi based on Dropped File
(~WRD0000.doc)
M'S9; Z>&XBK\$:[.=\-Q(2/R*<6)GA%"TE
Ansi based on Dropped File
(~WRD0000.doc)
M)Mb9 T$B9 J3@"!Ta: M{)M79 T$B9 J3"!6: MP)9 E e9 M8)M/)9 T$B9 J3aM)M)MM(9 T$B9 J3 0aM! M(M& 9 M(9 T$B9 J3[t|aM (MDMJ9 T$B9 J3(IaM(c(M8[(MS(MM"!-M8;(9 T$B9 J3 "!Mn-9 T$B9 J3 0"!MMM'M3-M'u~Y9 T$B9 J 3m T}"!M'M'MNM'ML9 T$B9 J3* K"!Me'M ]'M,MXMLM3M85'ulnYM8#'9 T$B9 J3 M'M&M&MM&9 T$B9 J3 `M&9 E e9 M&MS&MJMP9 T$B9 J3. OMi&MM9 T$B9 J3" 9 T$B9 J3" < M
Ansi based on Dropped File
(~WRD0000.doc)
M.9 Mb,9 T$B9 J3SR%~M?,9 T$B9 J3: 9 `3: M,M,M+MM9 T$B9 J3 : M+MzM 9 T$B9 J3^: @9 E e9 M0 +9 T$B9 J3*: lKMe+MM9 T$B9 J3aM2+M*+M"+M9 T$B9 J3aSMM*M*M*M*M*9 T$B9 J3qa SM*MhMS*9 E e9 M *9 T$B9 J3%a FSM`*MMP*9 T$B9 J3"!SM-*MM*M*9 T$B9 J3"!: 9 M9 T$B9 J3 "!0: M)9 E e9 M)Md
Ansi based on Dropped File
(~WRD0000.doc)
M0E& u#MM@39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
M1 3$jjZ9 P MM f9 rVW9 jt$9 V{FV9 t$m9 u_^9 D$pt$@U9 T 30 EVj9 [3jNPf0 EEP{uEj(Pua jEP9 u9 M3^kU9 T 30 EVj9 3jNPf0 EEPs{uEj(Puum jEP9 9 M3^jj71p9 0 ueN S`u9 EY9 pV9 VD$tVpY9 ^j/7o9 0 u~9 E3P& v S9 & & t9 j9 9 CP;r9 Ea& M9 '& PpV9 8D$tVlpY9 ^jBOo9 0 u u3u9 0 E 0 F0 F0 F9 ojBo9 0 u 30 E0 F0 F0 F9 E P9 9 oVj9 Kt$9 t$;^Vj9 .t$9 t$^jB n9 0 u) 30 F0 F0 F0 E9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
M339 E+0 ] HtHtD& 9 M;t
Ansi based on Dropped File
(~WRD0000.doc)
m3@m*MMl3j@"v)9 MleVEPMMEjEPMEMEMEMM l3)j@"(9 MPleVEPMME jEPMEFME}MEqMMl3m)j@"(9 MkeVEPMMEjEPMEMEMEMM k3(j"(9 E-tMHtHt
Ansi based on Dropped File
(~WRD0000.doc)
m3Pj5(v030& (U9 (VW9 }9 & t:j(EjP2EPjh>E0 }& t9 E_^j`A#J'9 EPv@ 9 }33;t0 E9 Ehv0 ]0 E0 ]P0 E& M jhHM0 ]~EPEPEiYYM] 3GWE9 0 ePv9 }9 huP`9 }W9 }j69 S0 9 }h"!`9 }Sh: x9 }Sha9 }EPEP9 E9 M9 E+EW0 EE0 M9 }P9 }jX+EE;tdMM3GhvP0 E& MSjhME9EPEPEwhYYME>WE9 0 ePv9 }9 huP`9 }W9 }j9 S0 9 }hxG9 }Sh\9 }Shq9 }EPEP9 E9 M9 E+EW0 EE0 M9 }PR9 }jX+EE;t!MM]hvP0 E& MjhpMEEPEPE9gYYMEWE9 0 ePEv9 } 9 huP`9 } W}9 } j9 S0 9 } h 9 } Sh9 } Sh 39 } EPEP9 M9 E9 } 0 E9 E+EW0 EEPl9 9 }jX+EE;t MMhvP0 E& MjhM EEPE PEeYYM EWE9 0 ePv9 }S9 huP`9 }SW?9 }Sjw9 SS0 9 }ShS9 }SSh~9 }SSh9 }SEPEPJ9 M9 E9 }S0 E9 E+EW0 EEP.`9 }jX+EE;tSMM9 E9 M& P++MQ9 }."jH|#!9 WvP0 E|9 & j9 0 ejSSv9 }9 WuP`M=ejhXM&EPEPEddYYME+9 }9 URPP9 }j}l9 WPMMWvP0 E& : j9 0 ejSav9 }9 WuP`M jhMEjEPEPEcYYMEo9 }9 URPP9 }j}l9 WPMM5?!j.Z 9 j4hY9 0 M30 E;t0
Ansi based on Dropped File
(~WRD0000.doc)
M9 E0hlMI-& uh`M'-& tuESu9 uPh : M-& t
Ansi based on Dropped File
(~WRD0000.doc)
M9 EME j,=eEP 3CM0 ]p& t9 Mjh|9 0 ]MMEiMEnME`9 EPhxMPVMq9 M& ujh|9 P EP#M0 ]EMEM]CME79 E>jWEPeM& uTMMEMEuMh9 ;PVMHMEMEiMMj}EPeM& t3MMl9 tMMEME*9 EPhM PVM& u!E9 uMEME9 j.}EPweMg& t3FMM9 }MlMEqME9 EPhMPVM=& uE9 uME4ME! jEPeM& uTMMEMEuMh9 qPVM~MEMExMMjEPIeM9& t3FMM9 M>MECME_9 EPhMPVM& uE9 uMEME! j_REPeM& uTMMEMEuMh9 CPVMPME9 MEqMMRj9 EPeM& t3FMMs9 {RMMEME19 EPhM~
Ansi based on Dropped File
(~WRD0000.doc)
M9 ESME|j,"xeEPg3CM0 ]U& t9 Mjh"!0 ]MMENMESSMEo9 EPh@MPVMV9 M& tEPjh*M0 ]ESMEM](ME9 E#xj<wEP& eMu& t3MM9 wMyME~: MEauMh@9 PVMM9 EN: ME4 Ul$ 30 & j v9 E3P0 u0& ;uthEVPjhEPEP4& ;tKjEPM0 u|9 Vh|MVhxM EP9 0
Ansi based on Dropped File
(~WRD0000.doc)
M9 kjWM0 ulMEl& tVVEPuM/~MMJk/9 <& t9 T$39 9 U9 QVW9 9 & tM9 }|@9E};ue9 D& t)p9 & uEPV@& t9 E& u3_^j$i"p.eM& & juj0 EEjPD9hEPM^PMSPu 9 ]9 }jEm2PM-PM"Pu 9 E9 ;E|9 Eu0 uMM0 .U9 SVWjEjP8h jj9 =Pu0 E9 u9 0 E9 "!j[FF+A9 N+;0 ~%9 F9 PQRPQu 9 F+uuu_^[U9 V9 }9 0 M& SW%30 E& ~m9 MSB& tZx9 "& uL!EEPW}@& t59 E0 EEPjh& tuEuP & uC;]| 3_[^9 E& t0 9 EU9 9 EV9 & t00 EEPjh& tjEP ^V9
Ansi based on Dropped File
(~WRD0000.doc)
M9 N 9 A0& u9 I4& u9 Ax9 A4& u9 @|U9 Q9 A4e9 M& ujh|9 $P9 EV9 UD$tVY9 ^V9 @D$tVY9 ^j*Q~9 0 u@23WN,0 ]LWNhEW}E/W}EW}EwW}PE
Ansi based on Dropped File
(~WRD0000.doc)
M9 T$B9 J3" S~M,MR9 T$B9 J3jS9 ~M,Ma9 T$B9 J3?SH`~Mz,M(
Ansi based on Dropped File
(~WRD0000.doc)
m: 0uuuuVh;}u;: "SSSSS&^[]9 U9 QQ9 EV9 u0 E9 EWV0 E! Y;ua9 9 JuMQuP` 0 E;uP& tPaY9 9 & D0 9 E9 U_^jh@FfH0 u0 u9 Eua ra9 9 3;|; r!ca0 8IaWWWWW%9 9 9 L1u&"a0 8aWWWWW%9 [PY0 }9 D0tuuuu0 E0 U"!"!0 8MME9 E9 UGu Y9 U9 9 EVW& |Y; sQ9 9 <9 <u5=S9 ]utHtHuSjSjSj 9 0 3["!"! _^]9 U9 9 MS3;VW|[;
Ansi based on Dropped File
(~WRD0000.doc)
M<& tsSSM
Ansi based on Dropped File
(~WRD0000.doc)
M= M9 $`Et-FPjEPME~PMEaME EPM}aM9 & uMT`P9 atCMA+HPFVEPMPMEFaME M] :M] ME! 9 U9 V9 39 9 9 S && SWEPv@ 9 }SEPEP$9 ]+]9 }+}9 }SjS
Ansi based on Dropped File
(~WRD0000.doc)
M\ & & dE\PM
Ansi based on Dropped File
(~WRD0000.doc)
M\;& & E\PMh M87& h & HP9 t}PM\EHE
Ansi based on Dropped File
(~WRD0000.doc)
M\`& uE\PMhh & P9 |PM\EaE
Ansi based on Dropped File
(~WRD0000.doc)
M\C& & E\PMhP M8?& 9 pt30 ET& S9 x9 & h@ 9 s& MLELPh 9 |& t
Ansi based on Dropped File
(~WRD0000.doc)
M\W& & $M\ZPMh M8N& tN& xP9 yPM\ExE
Ansi based on Dropped File
(~WRD0000.doc)
M^MVMNMFM >M 69 T$B9 J3n9 `3npM9 T$B9 J3nhpMMMMM M29 T$B9 J3]n~pMM9 T$B9 J32n$SpM [vMeu~tYu tY9 T$B9 `|3mhp9 M'9 M, 9 M@9 MP
Ansi based on Dropped File
(~WRD0000.doc)
MdM69 T$B9 `<3! h0 M! 9 T$B9 J3! 0 M0 9 T$B9 J3! 00 MM9M9 T$B9 J3\! l}0 M;MM! 9 T$B9 J3)! J0 MdM MM9 T$B9 `|3 0 9 M9 T$B9 J3 9 M9 T$B9 J3 D9 T$B9 J3! S9 M[9 M9 M$ 9 T$B9 J3N o9 Mw[9 M~9 T$B9 J3 AuSRYMQ9 T$B9 J3& @M.M&9 T$B9 J3& t! MMM9 T$B9 J3" & ! 9 M2S9 MM#Mk9 T$B9 J3W& x! u9 Yu9 Y9 T$B9 J3(& (I! u9 Yua9 YM9 T$B9 J3 d! 9 M,9 M!9 M 9 T$B9 J3 M MM?9 T$B9 J3& Mdu`Y9 T$B9 J3X y 9 MQ9 M9 T$B9 J3* DK Me"M]"MMM9 T$B9 J3 9 Mr0 9 T$B9 J3& 9 Mx9 T$B9 J3& 9 M9 M9 M9 T$B9 J3g& MMaMM `M0 M0zM@r9 T$B9 J3@5& MOMGM9 E e9 M'9 T$B9 J3 M9 T$B9 J3 MMM tM9 E e9 M9 T$B9 J3Q r MRM 9 T$B9 J3& hG MaMYM9 T$B9 J3 MM&9 T$B9 J3M9 E e9 M|>MM9 T$B9 `x3nhDjj& \P 9 T$B9 `X3/9 `3"XCM]MMM9 E e9 M59 T$B9 J3 S M9 E e9 MMMM 9 T$B9 J3 MM9 T$B9 J3W x M 6MM MzMr9 T$B9 `|3 @2 MLMDM<M4M,MdM\M0MLM 9 T$B9 J3RMMM QMMM}9 M9 T$B9 J3StM}MM~MvMn9 T$B9 JR3\1MKMMT M 3M+MD#M4M9 T$B9 J3~ MMMM4MM9 T$B9 J 3j~9 MIMTM<MMM,}9 T$B9 J3~`@ 9 T$B9 J3~% 9 M59 T$B9 J3} 9 E e9 MM9 T$B9 J3}H9 M9 M ~9 T$B9 J3w}|9 M 9 M9 T$B9 J3I}j9 E e9 Mt
Ansi based on Dropped File
(~WRD0000.doc)
ME LM0 uLVhMxRVh`ME"`REPEPS9 E#ME"}LM0 uLVhMQRVh`ME$<REPEPS9 E%qME$@LM0 u5LVh`MRVE&h(`MQEPEPS9 E'#ME&KM0 uKVhMQVh0 ME(QEPEPS9 E)ME(KM0 u"!KVhXMgQVh8}ME*RQEPEPS9 E+! ME*VKM0 uKKVhMQVh}ME,QEPE-EPS9 9ME,KM0 uJVhMPVhME.PEPEPS9 E/ME.JM0 uJVhM}PVh`ME0hPEPEPS9 E1ME0lJM0 uaJVh M/PVh ME2PEPEPS9 E3OE2MJM0 uJVhMOVh ME4OEPEPS9 E5ME4IM0 uIVh8 M OVhHME6~OEPEPS9 E7ME6 IM0 uwIVhMEOVhME80OEPEPS9 E9eME84IM0 u)IVhpMNVhME:NEPEPS9 E;ME:HM0 uHVhMNVh`ME< NEPEPS9 E=ME<HM0 uHVhM[NVhME>FNEPEPS9 E?{ME>JHM0 u?HIj.b9 >u jkY9 0 Me& t30 9 VSW9 289 9 *9 G_^& tt$9 t$9 L$h|9 I& t9 3"!& t
Ansi based on Dropped File
(~WRD0000.doc)
ME#ME"ME"MEMM 3@j4 9 39]tK9]tFjuM& (EPEP9 0 ]0ME& t!M]|"MMp"3xMjuME)(ME& tME1"MESMMEj9 E9 0 ePQ+METPWMEM9 E ME!MEpM]!MM!9 .jP eEP83CM0 ]3MEOM9 ME!EPMEPWMjM" 9 e0 E& ~xuM!9 & t\EPM`*9 EdPMm)j9 0 eu:*ME=PWMEq& ucME E9 E;E|9 Mjh|9 {&0 ]ME%ME:M]=MEm 9 Et 9 MV)M0 ]EJ U9 Q9 Mejh
Ansi based on Dropped File
(~WRD0000.doc)
ME&S9 EPhlM PVM& t9 uk<<0 u|N~0 uME MExMM9 njmuEPeeMXME] MEy: 9 EPh$MPVM2& u!E9 uME$ ME
Ansi based on Dropped File
(~WRD0000.doc)
ME/9 & u9 Mjh|9 X0 ] u9 h9 M& u9 MSPh9 9 M& u9 M SPh9 M: EPME"!
Ansi based on Dropped File
(~WRD0000.doc)
ME4R9 <V9 9 D$tVXY9 ^j@;9 VhMWeVh~MW9 ]EPEPS9 EMEQM0 uQVhMWVhXMEjWEPEPS9 ExMEnQM0 ucQVhpM1WVhMEWEPEPS9 EQME QM0 uQVh\MVVhMEVEPEPS9 EMEPM0 uPVh0M" VVhPME VEPEPS9 EME PM0 uyPVhMGVVhME
Ansi based on Dropped File
(~WRD0000.doc)
MEfDM0 E
Ansi based on Dropped File
(~WRD0000.doc)
MEM]aMM}3 Uhj,Y69 M3M0 ]qM;&
Ansi based on Dropped File
(~WRD0000.doc)
MEME%9 EPh,M #PVM9 uMEMEMM+9 UljHEHP3MH0 ]P$& t#MMH+39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
MEMEuMh9 C$PVMPM9 E0 MEo
Ansi based on Dropped File
(~WRD0000.doc)
mEMu0 W4VWV9 W49W0t$9 M0 O 9 M0 O9 M0 N9 M9 +0 ^Phj=PP: QQ|RR STTwTU9 ,SV9 u9 V4W9 }9 G9 0 E9 F 0 E9 F0 E9 F00 U;s
Ansi based on Dropped File
(~WRD0000.doc)
MEOM0 uOVhMUVhME UEPEPS9 EMEaOM0 uOVh M]UVhP9 MEHUEPEPS9 E}MELOM0 uAOVh MUVhMETEPEEPS9 /MENM0 uNVhxMTVh METEPEPS9 EMENM0 uNVhDMsTVhME^TEPEPS9 E MEbNM0 uWNVh8M%TVhMETEPEPS9 EEMENM0 uNVh,MSVhHMESEPEPS9 EMEMM0 uMVhM0 SVhMEtSEPEPS9 EMExMM0 umMVhM;SVhpME&SEPEPS9 E[ME*MM0 uMVhMRVhME REPEPS9 E!
Ansi based on Dropped File
(~WRD0000.doc)
MET9 MP]MM3@yjQx9 M PEPu 9 & u
Ansi based on Dropped File
(~WRD0000.doc)
ME}IMM IRV9 D$tVY9 ^jG9 9 0 uN<!@eN@N$E@N4E?NDE?j
Ansi based on Dropped File
(~WRD0000.doc)
ML2M9 T$B9 J3M!2M2MM9 T$B9 J3tM1M1MRM 9 T$B9 J3p M1M1MQMW9 T$B9 J35VMp1MM$9 T$B9 J38#M=1M51MM9 T$B9 J3|MH1MP6MlMdM(0M0M(6MM0M809 T$B9 J3\}M 09 E e9 M0Mv0M$M*M^09 T$B9 J3!M;0M30MM#0M9 T$B9 J3xhM/MM~9 T$B9 J3`xM/M/MkMq9 T$B9 J3OxpM@MFMz/Mr/Mj/9 T$B9 J3x4-MG/M?/MM//M9 M/9 T$B9 J3~ M.MMM:4M.9 M.9 E e9 M.9 T$B9 J3]~~M.9 E e9 M .Mw.9 T$B9 J3~H:MT.9 E e9 M<.M3.MM9 T$B9 J3lxM.MM9 T$B9 J3 xM 9 T$B9 J3oxM-M-M^MH9 T$B9 J34@UxMo-Mg-9 E e9 MO-MS2M
Ansi based on Dropped File
(~WRD0000.doc)
MM.-9 T$B9 J3Sd~M-M-M
Ansi based on Dropped File
(~WRD0000.doc)
MM0 }: MEMEMEw9 ]C EMthss] EPEPM1%FPPM MPM!EPM M" PM~!MEPME;uTPMMEMEMEMEMEMM{h h!M
Ansi based on Dropped File
(~WRD0000.doc)
MM3@DME3 MEME" fM]MMp3Bj!A9 MzE3P9 0 ];tFM& u:SM tSuESPMEtM]oMME3@MM43<BUljdQA9 MHj3hMX0 ]jh MEEXPEPEHP9 EsM9 EMX];u#MMH39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
MM9 3hhH9 u63MEMEMEMMx9 9 VjEPM9 MPE MEjFVEPM 9 MPEME_3Fsj& feEP3FM0 u& t9 Mjh|9 h$M 9 MEPYM0 uE9 Efj&feEPx3FM0 uF& t9 Mjh|9 `*9 M
Ansi based on Dropped File
(~WRD0000.doc)
MM9 oEP9 hXMEu-& tESP9
Ansi based on Dropped File
(~WRD0000.doc)
MM9 T$B9 J3Doeq9 E e9 MoMf
Ansi based on Dropped File
(~WRD0000.doc)
MM9 |FjPuDWM
Ansi based on Dropped File
(~WRD0000.doc)
MMa3@V9 0t30W9 |$& t$tWI& thhj&3_^W9 W9 & t.:tW9 u3@j<9 0 uhLMKE$3P9 0 ]MM3SGWM>Ch<MKEP9 0 }MMSWM>Ch MKEP9 E MMSWM>RChM]KEP9 E^MMSWM>YChM*KEP9 E+MMSWM>&ChMJEP9 ELMSWM>BhMJEP9 ELMSWM>BhhM JEP9 E LMSWM>BhXM^JEP9 E_LMSWM>ZBhM+JEP9 E,LMSWM>'BhMIEE
Ansi based on Dropped File
(~WRD0000.doc)
MMH9 PnjimuEPYeMx& t3MM9 nMME MEauMh9 2PVM?M9 Ex ME^ jluEPeM& t3MMp9 xmMME ME,auMh9 aPVMM9 EME j9luEP)eMo& t3MM9 lMsMExME "!uMh9 PVMM9 EHME. j kEP9 MePMMH9 M& t39 Mh3@2ljNKkeeu9 MehEd9 EkjkEP9 Me&PM/M\MEaME}uMu9 PVMqM9 E3MEMMW9 _kjxjEP9 Me PM: MME}ME uMu9 YPVMM9 Ex}ME& MM9 jjiEP 9 MePMM4ME9}MEU M9 PVMM9 E}MEMM59 =jjViEPeMMEME uM9 KPVMM9 E MEwMM9 ijhjj4 & tt$t$t$Pj8h9 EPMehM/uM(M0 EEPMNEP9 Eb}EtVM & uJMREPME\PMSPMauuuh8 MERMEMEMMhjDg9 M@ReEP9 EPME~ME7EPMEPMPMM& u7E%MEME
Ansi based on Dropped File
(~WRD0000.doc)
MMjh|9 9 "!9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
MMMML9 T$B9 J3SM{9 T$B9 J3y4aMXuY9 T$B9 J3Lhmu YM!MuLM$mLMeLM4]LMDULMDMLMDELMT"9 T$B9 J3RM-#MLMMLMK9 T$B9 J3SM{,8+M 9 T$B9 `(3cd MBM&9 T$B9 J38YMsKxM`KMXKMPKMHKuY9 T$B9 `t3uYYM9 T$B9 J3(MJM! MX!M\JMJMJM JuTYuTYMxJM8 J8RJJXvJkJx`JUJhJJH?J(4J)JM!JMJ9 T$B9 `3LM <T)u!Y9 T$B9 `83}@~M#9 T$B9 J3Zl{M" WM19 T$B9 J3/P9 MgI9 T$B9 J3*9 MW9 T$B9 J39 MW9 MI9 MI9 M,I9 M<H9 MPH9 M`H9 Mp\9 MH9 MH9 MN9 MSH9 M}H9 M H9 MrH9 MdH9 M,VH9 T$B9 J3M3HM+HM#HMH9 T$B9 J3MGMGMGMG9 T$B9 J3 ,MGMGMGMGMRGMS" G9 T$B9 J37PXMrGMjGMbGMZGMSRG9 T$B9 J39 M/G9 M$G9 M$G9 M4G9 MDYL9 T$B9 J39 E e9 MFMFMFMFMF9 T$B9 J3Q<rMRFM F9 T$B9 J3&GMaFMYFMQFMIFMSAFMR9F|.F9 T$B9 `x3MFMFMEME9 T$B9 J3 89 M%{9 T$B9 J3oduY9 T$B9 J3JkMN9 T$B9 J3'H9 Mq9 T$B9 J3%MuxYunYudY9 T$B9 J3,Muu7Yu-Y9 T$B9 J3Rh9 M9 T$B9 J3f ! MEM"!DM R9 T$B9 J 33T9 M$-9 MD"Mu Y9 T$B9 J3$MIMMDuTY9 T$B9 JR3hM MCMC9 T$B9 J3 MCuY9 T$B9 J3St9 M}C9 T$B9 J30QM~McCM[CMSCMKQM9 T$B9 J3(9 M$9 MD9 T$B9 J3 MR MBu YMy9 T$B9 J3wMRVMsMBMaBMVuYuY9 T$B9 J3 AMnMSB9 E eM;B9 E eM"B9 T$B9 J3 MMMAMAuY9 T$B9 J 3~xuYuY9 T$B9 J3OpM.u,YMM0pAMPhAM@`Aul"!Y9 T$B9 J3$M9 T$B9 J3MAuIY9 T$B9 J3M@M@MRwMM@9 T$B9 J3e MM@9 T$B9 J3:<[MM`m@M0e@M@]@MU@M M@ME@p(MP2@MP*@MP"@MP@9 T$B9 `l3`M9 E e9 M?M?M?M?9 T$B9 J3e M?9 E e9 M?MMw?9 T$B9 J3P:MT?9 T$B9 J3|M1?M9 T$B9 J3uGYu=YM>9 T$B9 J3 MX>M>M0><M >M>MS>M >MR>MH >M|>M t>Ml>Md>M \>9 T$B9 `83M]uoYM$>MSrCMh M>9 T$B9 J3MM=M/CM% M=9 T$B9 J3kRM=M4~=M =MD}=M =M ~=MMn=Mf=M^=up Y9 T$B9 J 3LM1=M)=9 T$B9 J3M\BMRM<9 T$B9 J3uu"!YY9 T$B9 J3otuupYY9 T$B9 J3FgM<My<Mq<Mi<uYuY9 T$B9 J3M 2<M*<M"<M<M<|]A9 T$B9 `x3LM"9 T$B9 J3M"9 T$B9 J3`9 M9 T$B9 J3=<^uu>YY9 T$B9 J3S5MO;9 T$B9 J3M,;MxM 9 T$B9 J3Mt9 T$B9 J3: 0M:M:M:M b9 T$B9 J3`tM: :M :M9 :M:M?9 T$B9 J 3>9 M: 9 M! 9 My9 M9 M9 T$B9 J39 M^: 9 M,9 M9 M9 T$B9 J3uP uYM9M~9uY9 T$B9 J36 WMaMYMQMIMAM9M1M)M!MMMM9 T$B9 J3M8M`M89 T$B9 J3 9 `3s\ M8M!}9 T$B9 J3HiM9 T$B9 J3%FMMX8M9 T$B9 J3M-8ufY9 T$B9 J3,MM7u1Y9 T$B9 J3hMoM7M7M7M79 T$B9 J 3MRnuYM"Mv7uY9 T$B9 J3/9 MV9 T$B9 J3$9 M0M7MSM7uAY9 T$B9 J3HM6M6M6M6M6M6M6M6M: 6M 6M9 6M6M{6Ms6Mk6Mc6M[6MS6MK6MC6M;6M36M+6M#6M6M6M6M6M5M5M5M5M5M5M5M5M5M5M5M5M: 5M 5M9 5M5M{5Ms5Mk5Mc5M[5MS5MK5MC5M;5M35M+5M#5M5M5M5M5M4M4M4M49 T$B9 J3& MB9 T$B9 J3bMaM" 49 E e9 M}4M89 T$B9 J37MQ49 E e9 M94M9 T$B9 J3@MM49 E e9 M39 T$B9 J3}|M39 E e9 M39 T$B9 J3RsMQM& 39 T$B9 J3'HM&MZ39 T$B9 J3M739 E e9 M3M39 T$B9 J3TM2M2M"!Mx9 T$B9 J3}~M29 E e9 M2M 2MEMK9 T$B9 J3)JMd2M\2M
Ansi based on Dropped File
(~WRD0000.doc)
MMMMMMMxM MM! MMw9 T$B9 J3l:n9 MQ9 MF9 M$;9 M409 MH%9 MX9 Mh9 Mx9 M9 M9 M9 M9 M9 MM^9 T$B9 J3JkPkm9 M 9 Mw9 M$l9 M4a9 MHV9 MXK9 Mh@9 Mx59 M'9 M9 M9 M9 M9 T$B9 J3 jl9 M9 M9 M$9 M49 MH9 MX 9 Mh! 9 Mx|9 Mn9 M`9 MR9 MD9 M69 M(9 T$B9 J3ixk9 M9 M9 M$9 M49 MD9 MT 9 T$B9 J3mi}kMMMMMM MxMp9 E eMX9 T$B9 J3h`kM 4M,M $MMMMup=oYM@M0M MM9 T$B9 J 3th" jM tMSM M RM uxnYM0rMjd_MWMOMDGM?M79 T$B9 ``3gXiMMShM9 T$B9 J3giMM9 T$B9 J3xg@"!i\MMM MM9 T$B9 J3*g9 `\3gd>i9 MK9 M(`9 T$B9 J3f
Ansi based on Dropped File
(~WRD0000.doc)
MMqMq9 T$B9 J3 L9N9 M9 T$B9 J3tL:" N9 M~9 M,r9 T$B9 J3FLP:gNM79 T$B9 J3#L|:DNM^M9 T$B9 J3K:N9 M"9 M,(9 MDPl9 M`"g9 MtHr9 MM9 T$B9 J3 K:MMEl9 T$B9 J3pK8; M9 Ma9 M,9 MDk9 M`af9 Mtq9 Mq9 T$B9 J3K\;4MMl9 T$B9 J3J;M9 M9 T$B9 J3J;L9 Mj9 M/9 T$B9 J3xJ(<LMMM9 T$B9 J3lJd<L9 E e9 M M}9 T$B9 J30J<QL9 M^9 M$]9 T$B9 J3I< LM:M2ukPY9 T$B9 J3I=K9 E e9 MM9 T$B9 J3}I<=K9 M9 M$9 T$B9 J3]Ip=~KMSM9 T$B9 J32I=SKMm9 T$B9 J3I=0K9 MWd9 M29 T$B9 J3H>JuZOY9 T$B9 J3H0>J9 Mc9 M9 T$B9 J39 Hd>J9 Ma(9 T$B9 J3hH>0 JM9 T$B9 J3EH>fJM 9 T$B9 J3"H>CJ9 Mk9 M _c9 T$B9 J3G?J9 T$B9 J3GCIhbY"!h@QYah@Y"!h/YaSam|h}uHY"!hu HYhYah@Y: hYahYahY<: h@YD: hRY8: h{Y@: hjYL: h@YYT: hHYH: h7YP: h&Y`: h@Yh: hY\: hYd: hYSh@YShYShYSh~YPSh@YXSh|YLShkYTShZYSh@IYSh8YSh'YShYSh@YShYShYSjh|9 SThuWFYhYh@Y4h Yh Y0S:ehuEYhuEYhuEYh9Yxh@(Y hYthY|hYphYh@YhYhYhYS~h@Y~h~Y~hmY~h\Y~h@KY~h:Y~h)Y~hY~h@Y~hY~hY~hYxh@YxhY~hYxhYDxh@YLxhnY@xh]YHxhhLYPxh;YRxh@*Y xhYxhYxhYxh@YxhYxhYxhYh@Yh Yh YhoY$h@^Y,hMY h<Y(h+Yth@Y|hYphYx LShusBYhY0 ahuLBYhYh@"!YhYhwYhfYh@UYhDYh3Yh,jhuAYh jhu}AYh(Y(hTY,j0ihuTAYjh|9 4hv7AYjh|9 hvAYtA`hvAYjhh$v@Yh8EYjh `h.v@Y|xjh2h8v @Yh83YhhhBvP@Yjh,R0hLv3@YSas"!S*SS_l8{ "!!_%e e0et^`~ d \9 \EeTdpddddde*e>eLe^ere e eefe8deeeW ~[[["[@[V[l[`[V,ddddcccccccac`ctcbcPcDc:cVVVVV VxVfVZVPVDV0V$VVVUUU(U<ULUbUvU U UUUUUTTTbc,c]]bbbb b brb`bNb>b]a].bbbbaa]]]^^aaaaRaraZa@a.aaa``````S```z`n```T`B`2`$``_____a_`_~_j_R_@_(___^^^^^^^ ^^8^J^^^r^[[[ ][\\.\:\H\V\l\ \\~\\\\\\](]@]X]p] ^ : " W$fW8fWW*ZZ
Ansi based on Dropped File
(~WRD0000.doc)
MPSUS#s3Qc#CP[ TC{;Rk+9 KPWS3w7Qg'! GP_xTc?Ro/OPWS[QYUA]@PXT!\ RZV`PWS[QYUa]`PXT1\0R
Ansi based on Dropped File
(~WRD0000.doc)
MPSUS#s3Qc#CP[ TC{;Rk+9 KPWS3w7Qg'! GP_~Tc?Ro/O`PTsRp0P
Ansi based on Dropped File
(~WRD0000.doc)
MQ9 39 E0 MEoF;| 9 MSWu0 E& ~& t3& ~4& >F;Y|WHYxE@MM9 E#>j1<=9 MeEP9 S& u3MM9 =E9 0 eP9 MEv9 Mmv3@tFVW9 9 9 j9 =iY+3;x_^9 UTjD a<0 MTM@8ej|9 VM0 3jChM]9 MTE0PEPE@PEM9 ]
Ansi based on Dropped File
(~WRD0000.doc)
MQ9 h3Pj5(DMM`3@h Sja3}#jh "0 Mh(Sja}& 9 u& M
Ansi based on Dropped File
(~WRD0000.doc)
MQ9 L 3Vj0 F5(DME! ME! ME! MM! 3@ojx0 Mh x Sj;}& e9 u& ZM @~eM4~ME(~ME~9 ME P09 E
Ansi based on Dropped File
(~WRD0000.doc)
MQj9 & uE0 EEPjShm4 9 ]9 E0 D& teMQj0 }0 ]9 _^[9 M~9 T$B9 J3u`wYMP,QMd$QMSMPQMdQM@QM0PMdPMMPMdPM PMP9 T$B9 J3n9 MP9 M: P9 M$P9 M4& P9 T$B9 J3'HMbPMZPMRPMJPMBPM:P9 T$B9 JR39 MP9 M9 T$B9 J3MSOMOMROMOMOuY9 T$B9 J3^<M=9 T$B9 J3;\9 M9 T$B9 J36MTMM@OM8O9 T$B9 JR39 M"9 M'9 M8'9 MXGT9 Mp<T9 T$B9 J3 MNMNMNMSNuY9 T$B9 J3Cd9 T$B9 J3(XI9 T$B9 J3
Ansi based on Dropped File
(~WRD0000.doc)
MQj9 & u|9^t,9^t'9 G<8PEu9 M9Hu;x4u
Ansi based on Dropped File
(~WRD0000.doc)
MQjPjNPEM9 EEP9 V9 9 L$u~& u69 L$h& & u$9 L$jhx& u9 & t3@3^jX9 M u3M0 ]0 ;tVWu9 0 ~;tN9 & uCjhM'SNP9 SUREPM9 ],SSuNP9 P9 ;u9 MMj"Y'9 9 u3;tm0 ]M0 ]: 9 MQVEP8;M|9uhMT& uhaMC& u& 0 ! M]u 9 D$V9 && t9 VhP9 ^U9 QQQuML9 M9 E0 9 M0 HjUYY9 39~ 0 ]SjEPNP0 ]; " uMz9 EE;tUR0 ]9 PQ;|^9]tY9 E0 E9 E0 EEPu ;t<0 ]9 E9 URuEuP ;|
Ansi based on Dropped File
(~WRD0000.doc)
mS?6& grW J" z+{8: }
Ansi based on Dropped File
(~WRD0000.doc)
MT0 ~$EM4EMEM$E j,&{9 M]v,eM#& t)vMF(8jjMjj{Y0 F,MM'{j,&z9 }uvvMeM~/& tvMAjjMRjh'vvMM{jH2z9 Mj53M0 ]
Ansi based on Dropped File
(~WRD0000.doc)
MUMQH9 T$B9 J3xq|s9 MR9 T$B9 J3|qsM 9 T$B9 J3Yqzs9 E e9 My Mp Mh M` 9 T$B9 J3
Ansi based on Dropped File
(~WRD0000.doc)
MXE?jEPhT9 T9 QM8& thDh0jE8Ph9 TEP9 X;tjEPhh 9 Tjh|9 RV9 QV9 N9 ;tIM 34& v)WM a;tjPhR9 <TM G3;rux9 MhEl GM .9 ulmj|* 9 >0 M39}u3*M0 }9}tuM9 0 ejh9 EPx!BxExA9 ;~3jZQ: IY9 3& ~iMEPVxECM& t8j7Y0 EE& t
Ansi based on Dropped File
(~WRD0000.doc)
MXEujEPh 9 UEXP9 PME
Ansi based on Dropped File
(~WRD0000.doc)
N 0 ]U:9 j9 E0 ^<0 ^40 ^80 ^@P9 Q%SV9 39^@t9 F8;t
Ansi based on Dropped File
(~WRD0000.doc)
N {9 MN 79 M& t0
Ansi based on Dropped File
(~WRD0000.doc)
N#!9 'jXjZ>9 0 u#~9 ES9 & ~2e& ~u9 !& t9 j9 E9]|jSj9 '9 E #a'SVW9 9 L$hDS9 9 3& ~1W9 x & tt$9 9 RC;}9 L$h9 G;|9 L$h$_^[j M
Ansi based on Dropped File
(~WRD0000.doc)
N#p~9 EPf9 j9 E9 kV9 D$tV! Y9 ^U9 QS0 M9 MV 9 u9 9 ;r3@9 MP| f{t3u9 eW;sdVuYY& tg69 ML f"u6j 3Y;t0 x0 x#9 9 Vu9 P& t!9 MWf,u9rS9 E_^[9 j9 3f}uEV3W9 9t$u1jY;t0 p0 p#9 t$9 t$jV9 b_^V3W9 9t$u1jaY;t0 p0 p#9 t$9 t$V9 _^V3W9 9t$u1jY;t0 p0 p#9 t$9 t$V9 _^V3W9 9t$u1jY;t0 p0 p#9 t$9 t$VV9 _^t$& t|$tt$9 3@j \9 }u3/juMueEP9 MM9 `9 t$}& t/W9 |$& u3!V9 p& t9 9 Pt39 F0 3@^_V9 D$tVY9 ^j[0 M9 ]9 9 u0 E9 ;Er3@xP9 f[t3c9 e;EOVS3YY;t69 & f"u"jYY9 0 M0 }; hf- "!f0r
Ansi based on Dropped File
(~WRD0000.doc)
n1Y& tF9 UFV& tB0 U9 M9 E^[& t 9 U9 S3VW9u1h(VS,0 5;t0 E8u0 u9 UEPSS}
Ansi based on Dropped File
(~WRD0000.doc)
N30 F0 F0 F@0 F0 FD0 FH0 F,0 F00 F80 F0 F<F(dF4FL9 ^V9 jv@ 9 L$9t@u
Ansi based on Dropped File
(~WRD0000.doc)
N8m$x9 )CWK& & d mh}H! cADKJ|]1J<c8K0 Wn x@$1@ %`xP?/ .k /h9 ,t@, LB/2dSp;;CC /B-4/~B3!b: .,Y zDJ}$8a - `_@D Ch9 clc`'RR/ #!Faw(@=:
Ansi based on Dropped File
(~WRD0000.doc)
N9 9 v@9 jB+u9 0 u ej M9 `uj6t0 M30 ]9& t9 Mh~ 9 5 SSSSjqSu0 E;w9 Mh~ i@P+ 9 Y;t9 E@PSW 9 ESSuWjpSuM@}3FWM0 u WY9 MEPn M0 u] 9 EuVj9 |$t=W9 |$ut$& xY9 & t"W9 Wt$vv# 0 ~G0 ~_^jCs9 jL}t=uM" ueM?}9 & tjV9 iVtYMMJ _tVWj9 t$9 L$9 & t9 L$9PV9 VXtY_^VW9 |$9 9~tjjW9 _9 ^QU9 SV9 M9 EpMv& MS^`[9 D$9Aw@P V9 9 F@P& t9 F9 Nf9 T$f0 AF9 F9 N3f0 A^S9 \$V9 & tGWSw~Y9 9 uWSE+9 FP)& t9 F9 N+SQ9 NAP~_^[V9 }& t9 Ft$P YY& t+F^V9 a& u,9D$t&9 D$9F~9 Nt$AP{ YY& t+F^V9 "& u 9D$t9 Ft$PH YY& t+F^jCqhEP9 eM9 M& t
Ansi based on Dropped File
(~WRD0000.doc)
n;^iLA`rqg<GK&
Ansi based on Dropped File
(~WRD0000.doc)
N<E(9 E0 F09 E0 F$0 ~(0 ~,0 ~40 ~89 %U9 9 EVW& t4jYURjuf0 M9 M0 M9 9 uP #E_^U9 Q9 A$e9 URPQ& }39 E|$W9 u39Vw9 {& t9 9 W9 i Wt$9 ~^_U9 QeVW9 w9 z& t9 r9 W9 ! W9 MVy9 9 E_^U9 QeVq(>u9 A$9 VPQ0& t39 69 MQVP #E^j19 Mx9 F$e9 eURP & t3MM~9 u9 Mx}tu3Fj.9 ~8u.jY9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
N@CRg5 33@9 eEI9 VW9 >& t1! t
Ansi based on Dropped File
(~WRD0000.doc)
N],FF1+0 ~(0 ~$0 ~00 ~,N\E0 ~80 ~4 NtE 0 ~<0 ~@0 ^D0 ~H0 ~X0 ~L0 ~P0 ~T0 ~p0 0 0 0 0 0 ~R0 ^l9 A,Ph|rq<53U9 V9 uW9 & th~rb9 efxu9 @& t9 URhlrP& }e9 9 @3& tf8u9 @& t9 u9 Q9 P 9 9 E& t9 PQ9 W _^]U9 V9 u& t;~v59 9 @3f89 0 UURP(& |}9 9 It3f0 W ^] t
Ansi based on Dropped File
(~WRD0000.doc)
NeMIMSEVEPMSEi& u
Ansi based on Dropped File
(~WRD0000.doc)
NEMNC= V9 yD$tVY Y9 ^jX5<" 0 M39uu3@ 9 MEP! hRM0 u{& uMM9 9 Mx;0 E0 u}_u9 M9 & ;EP9 -hRME & t:EP9 ME& uM9 M0 AME@hRM& 9 e0 E& }u9 i9 & ! ESP9 SPMEp&MSEh RMr& tRj0}Y9 0 ME& t9 3W9 Eo& t9 }V9 DVOX& t9 j9 E9 E;ERVMEZE9 E;ER3Fsy9 D$0 Ar9 Iy9 D$0 Ar9 I3f0 A|$Vt.9 qAr9 9 9T$rr9 9 IH;D$v2^9 T$9 BV9 00 r9 0 ~-u0 V9 r0 p9 I^;Qu0 A9 J;u0 0 A0 0 BSV9 39u."!9 F8X-t9 @0 F8X-t<^["!9 8Y-u9 9 A8X-t0 N9 N;u0 F9 @8X-t9 N8Y-u0 F^[SV9 39u9 F8X-t^[9 H8Y-u9 9 8X-t0 N9 N;Hu0 F9 @8X-t0 F^[9 D$x9 Pr9 @RPqjV9 D$tV Y9 ^ |$V9 t+~r%|$FW9 8vt$WjP'W Y_t$9 F^ |$V9 t+~r%|$FW9 8vt$WjPW^ Y_t$9 F^U9 VW9 }9 9~s9 F+;Es0 E}v@9 NSVr9 9 r9 +E]PS+QR 9 F+EP9 \[_9 ^]jP9 0 }9 uv9 u%3j9 [9 O0 Mm9 U;sjX+;w4
Ansi based on Dropped File
(~WRD0000.doc)
Nff,9 xj~9 0 u4R~9 E9 & ~2e& ~u9 & t9 j9 E9]|jSj9 9 ENMN2)<xjhW~9 0 u39}u
Ansi based on Dropped File
(~WRD0000.doc)
NlE7h1NE"8M0 ~0 ~40 ~00 ~8MEM0 Fdj0 WP0 ~$0 ~(0 ~`0 ~\0 ~h0 0 ~,0 ~X9 j
Ansi based on Dropped File
(~WRD0000.doc)
nn,n=nNn_npnn nnnnnnnoo+o<oMojo{oRooooooopp*p;pLp]pnpppppppppqq)q:qKq\qmq~qqqqqqqqrr(r9rJr[rlr}r}rxrrrrrrss's8sNs_sus s ssssssst3tDtUtmt`tttttuuu;uLuVuquR9 f L& KNaua{3c471948-f874-49f5-b338-4f214a2ee0b1}EI m_WM_ALERT_COPY_DATA_EVENTEB m_WM_BROADCAST_RELEASE_ALL_ALERTSEB m_WM_BROADCAST_ALERT_IS_APP_EXISTSEB m_WM_BROADCAST_OPEN_APP_FROM_ALERTbad allocationpu~lwr;xxxVrrx(("zYsDyxy" ry0 usU'r#s.rswALLP_STR_ID_ALERT_ABOUT_DIALOG_SECOND_PARAGRAPHALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_FIRST_PARAGRAPHALLP_STR_ID_ALERT_ABOUT_DIALOG_ALERT_VERSIONALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_TITLEALLP_STR_ID_ALERT_OKALERT_ABOUT_DIALOG_MUTEX_NAMEFALSETRUE,"'d4 "!#TITLEINTERVALURLIDFEED| #FEEDSNOT_MODIFIEDLAST_UPDATE_TIMECHANNEL BBMCfC$T(CHANNELSALERTSS , ,0 ,map/set<T> too longPosting is app exists request. MessageId: %dCAlertChannelsList::ProcessOpenAppMessageFeed id: %s, MessageId: %s last request time: %d8 OALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_TITLEALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_DESCRIPTION__2NO_USAGEALLP_STR_ID_SAMPLE_NOTIFICATION_HEADERALLP_STR_ID_SAMPLE_NOTIFICATION_DESCRIPTION__2ALLP_STR_ID_SAMPLE_NOTIFICATION_TITLE__2LOCALE_NOT_SUPPORTEDMODIFIEDUNSPECIFIED_ERRORTRANSLATED_KEYSRELOAD_INTERVAL_HHFLAGSALERT_TRANSLATIONSINTERVAL_SECNAMEPROTOCOL_VERSIONSERVICESERVICE_MAPVERSIONSERVER_URLINTERVAL_HHAUTO_UPDATEALP_CLIENTS_SERVER_URLALP_SERVICES_SERVER_URLSHOW_SYS_TRAY_ICONMAX_SHOWED_MESSAGESMESSAGE_SHOW_TIME_SSUSER_CLOSE_INTERVAL_MMDATALOCALELUTINTERVAL_MMALERT_LOGINUser is Idle less than a minute :Idle time %dCAlertClient::OnTimerUpdateChannelsUser is Idle more than minute :Idle time %d nS>: iExpirationTimeSecTimeRecieved*jU;UqUUUVCV"!VVVVWW W\W\W\W\W\WxWEX>: T& WW" WWX\k``0 ``a"aCaaSaaaaaabb|ccd4dIdfdmdtddU>: qUgegeOargargsidDon t show me notifications like thisdont_show_this_type_check_boxCancelnegative_btnOKpositive_btnelementstexturlimagewindow_titledisplay_timewidthheightrawcodeALLP_STR_ID_ALERT_YESYESALLP_STR_ID_ALERT_NONOALLP_STR_ID_ALERT_CANCELALLP_STR_ID_NOTIFICATION_DONT_SHOW_NOTIFICATIONS_FROM_THIS_TYPEdefaultieff</alert_result></cmd></ui_arg<ui_arg</arg<arg></id><id><cmd></guid><guid></author></name><name><author></feed_id><feed_id></type>ALERT_RESULT_TYPE<type><alert_result>browser_typeguipubDateguidmain_cmdmain_linkhtmldescriptioncontentid_expiration_timeout_sectimeout_sectitlealert_itemfeedauthorinstant_alerts_channels~lwr;xxxrrx(("zYdrDyxymry0 usU'r#s.rsMS Shell DlgB ) zyxximh<iufdisogmggwl6m B ) zyxx"rJrmhlrufdirtogm;qUwl6muP& }MyTerminateupon termination. memory size: %dAlerter Logic ClassSTATIC& `ALLP_STR_ID_NOTIFICATION_TRAY_ICON_TOOLTIPAppNotificationDialog& ~ x< xxxxxW`((`YRDyxy0 yy0 usU : RJ CAlertHTMLDialogBrowserContainer::OnApiOnReadyStart!m_pContainerParent!pAlertHtmlDialogCan not show, size illegalCAlertHTMLDialogBrowserContainer::OnApiShowMeShowMe(%s)Could not get bShowCAlertHTMLDialogBrowserContainer::OnApiOpenAboutDialoguiParamsCount != 1Param errorCAlertHTMLDialogBrowserContainer::OnApiSendUsageCAlertHTMLDialogBrowserContainer::OnApiOpenAppOpen AppJS error: %sonMessageFromFrameCAlertHTMLDialogBrowserContainer::OnApiPostMessageToParentCAlertHTMLDialogBrowserContainer::OnApiOnStartDragALERT_URLALERT_LINE2ALERT_LINE1ALERT_TITLE
Ansi based on Dropped File
(~WRD0000.doc)
NP9 SP3S9 0 _^[V9 S~D$tVi'Y9 ^jL&MejuMMM3@&V9 t$Vt$t& t9 P& u@!j9 oVt$hYY9 -@^V9 t$& u3V9 & tjXf0 hf0 F3@^Vj9 h5(Dt$9 t$t$^Vh xh xj9 djh 5(D3@^j0"%9 39tG90t?MahjM0 }9 ;t9 9 V%YMM0 <h9 }& 9 u; E0 }P9 9 & u
Ansi based on Dropped File
(~WRD0000.doc)
NPUAe~9 }9 j9 E9 ,V9 D$tV,,Y9 ^V9 0XU9 ^jk*9 9 E3A`U0 F;s0 N9 F3jZQV63Y0 F9~v.j$Y9 0 Me& t}39 NM0 G;~r9 f+VW9 3`U9~v9 F8t9 & t9 j9 G;~rv5Y_^9 Q9 D$;v9 s3@9 I9 D9 D$;Ar39 I9 t$& tt$9 VW9 39~vW9 & t9 & uG;~rG_^V9 9F^VW9 39~vW9 ^& tt$9 G;~r_^V9 XU1D$tV}*Y9 ^VW3W
Ansi based on Dropped File
(~WRD0000.doc)
NR9 ^jc"!0 MRq39 0 ]z9 ;~)& ~S9 & t9 j9 C;|jWj9 xM9 ^Xajd~s"!9 u& u
Ansi based on Dropped File
(~WRD0000.doc)
NRe~9 ^89 ENXE NpEv 9 j9 E9 j9 9 j" 9 0 uRjEmNpE%NXE%N<E
Ansi based on Dropped File
(~WRD0000.doc)
NTEfh9 j "9 M3;u3aEPxh`M0 u[E& u3hXM[E& u"hHMJE& uh : M(E& t3FMMH9 ! jMXVueMlMMFVPSVqTW9 "!~9 3& ~)S9 a& t9 j9 C;|& ~jWj9 F_^[jHj'9 }39 0 ]f@& t9 Mjh|9 Mh9 K9 u9 MWQ hT"!9 Jt;jh|9 M`M3F9 0 u0 u& ~CS9 >f<ue f>u0 u}tf
Ansi based on Dropped File
(~WRD0000.doc)
oj,ESPE: EPM o0 }9]u29 E9 M0 EE P9 M ]+hMMh9 DM^jEPuE 9 ME0 EE P`M9 Egj 9 uMq9 Me_PMouEu9 uPMM9 0 g9 j`9 0 uuRe} h-1^9 E ^~9 E^}E^u9 E~nu9 nu} n9 E0 9 E0 9 E 0 9 E$0 9 E(0 9 $j`9 0 uh-}Eaf}E9 f}E|f} EmfM9 lU9 QeQ9 MSo9 EjHji9 30 }9 ]hR-S0 }0 }Gh&9 0 }m9 MQ9 P9 0 }X]P9 mMEe9 haM{3M0 ];t3GMMa9 @u@Ed";u@]3SY9 jEPEP@b#9]~9]S~+Y~S 9 30 ]}SEPj
Ansi based on Dropped File
(~WRD0000.doc)
o}E`},EQ}<EBP L9 YOV9 ^D$tVuOY9 ^j RXN9 }u3 9 Mh0 ]& t0MQ9 ZeP9 pMM9 9 Mhta]3F& t+MQ9 YEP9 0 uMM0 ! L 9 aNjxM9 9 M3;u3=LV0 E0 ]; 'u9 MZ9 ; EP9 Uh\: M0 ]& t"EP9 ?Y~PP9 E" MhD: M: & t+EP9 YME^& uMe0 FM=h: M_& t9EP9 XME"& uM)0 PM] 0h: M& tKha9 A\;t"MSQ9 vX~`P9 EMSha9 \P9 FhaM& t
Ansi based on Dropped File
(~WRD0000.doc)
P 9 ^9 & t
Ansi based on Dropped File
(~WRD0000.doc)
P A"RB& '@L;9L
Ansi based on Dropped File
(~WRD0000.doc)
P$ &^USl$ 30 & Sj(C:htMP30 ]9p& Mp\MEtFEPhthh ME J;tgM!^& u[M(^j.Mhph9 tqM+HPFVEPM|pPMElMEGeM]/SVESPgEP0 u & t9 Eh9 ElMEEM]dMM]9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
P%h^9 I,& t
Ansi based on Dropped File
(~WRD0000.doc)
P& u[}tU9 DHt(f}
Ansi based on Dropped File
(~WRD0000.doc)
P& uE}t?9 DHt }
Ansi based on Dropped File
(~WRD0000.doc)
P&Y_^j8Fs9 9 N<3;tu~ 9 MTNP 9^t& .MM0 ]9^xtKF@PMN^D0 EEPMF]MENPhxMAOM]V9 =}@0 FPM ~`9 PSEP9 VaPME]M]"VhM]M]hM]j9 YPEP9 `9 E=MPM]M]UENPPC]M4N& & 9 MhEPU PMEM0 ]ELhpP9 YY0 };tdjSW"W$;Fp|$WYM0 ]: LhlPBYY9 0 E;t%M*M9 8WjVPWE}tuxYE3ME>M]MMTj 9 }u
Ansi based on Dropped File
(~WRD0000.doc)
P'9 F<& tPXf<_^jeibH9 0 u\Oh x`PSjEi! ~t9 j9 P9 9 hHSj?! }E9 EiN`E]NDEbN,ESM9 : H9 D$;,ut$t$At=u5y(u/t$ $VhPPVj hPVj" ^j iWGMbh x QW3j0 ]c 9 u;tj9 ;t_9 9 P8E& uMu9 u9 uPLEP u& EPt 0 ]SSSEP & hHWj& ;t9 9 P<9 MM0b3gGV9 D$tVGY9 ^jidF9 FDPMya30 ]9uc& uZ9^<uUh xhQWjT& F@PSVhrSS(hHWj0 F<.& 39^<M" M9 *a9 MMa3@FjiE9 =uY& uP9 }& tI9 & tWw5,P,FDPM`eWN`b9 MM`4FjiME9 tLFDPMY`e^`9 Y&& ~"x& |W9 [P9 <W9 r[OyMM6`EV9 ~
Ansi based on Dropped File
(~WRD0000.doc)
P'~x9 j9 P9 ! 9 9 F& tPa9 E\N\E\MN@\/@U9 SV9 uW;O l9 8HH tp#t)8& CuuY& au9 u9 R<muU9 Y& ?u9 uW
Ansi based on Dropped File
(~WRD0000.doc)
p0 33V9 HD$tV(Y9 ^|$V9 t"9 D$Nh0 F\Qjjvdvvdvh9 w^V9 9 Fhij"!Y;~9 W3;uG~\u+9 P9 <& _t"vdfhv~\u9 j9 ^U9 SVWE9 Pv< 3~l9 0 ]0 ]0 ]s ;0 E~S9 <0 E9^8t}|j9 %j9 0 E0 E9^hu89 E0 9]tuv 9 N8;t9]t9]t
Ansi based on Dropped File
(~WRD0000.doc)
P0 ]0 ]0 ]0 ]E^TP9 xP9 Pu uuu9 E9 M0 9 E9 M0 _^[U9 VW9 vR 9 W& trEPEP9 ?EPv< 9 Et9 M+M0 M9 M9 U0 Ut9 M+M0 M9 M9 U0 U%PEPW9 \jEP9 _^U9 V9 9 FW3;tAMQP< & t2uEuP & t9~luFl9~lt0 ~lW9 8_3^%8%V9 x 9 ^j~f " 9 0 ueN< MN0 : V9 &jNjNf$f(f,^j--" 9 0 u^9 ej9 P9 " V9 9 jP9 j9 P^jt$X|$t|$t9 `U9 QeEPu+& u9 ERV9 D9 t3^9 F|& u@^WP f|YNp9 #9 _^u3|$tt$Pp & t5t M};" VWt$9 t$9 t$PD$ 9 ujWN49 _^U9 SV9 Wu~49 u9 u9 u9 P9 3Pu9 & u@j[;|9S 3Wu*& t#Sh|3u& uSWSuN9 _^[]VW9 |$9 & 3!9 SWPN9 ;9uN49 WP9 [_^U9 VWu9 u9 uPu49 9 %& tWu9 $9 _^]t$t$t$t$t$t$t$tYt$t$t$U9 QEth u uMj uEuP0& t9 EU9 Wjh jjjhu9 t]VEPuud 9 u& t09 E0 E9 E0 EwEPEPh EPjPWl WX'Vu ^_jf 9 0 uNteNh9 ES9 & j- 0 Me 9 MM[ jfv 9 0 uN33N40 }NPEN`ENpE0 ~|0 S0 Dj0 WPS9 R& ujjY3Y@jjpYY& ut$9 t$t$jjLYY& ut$9 t$9 t$Rjj(YY& ut$9 t$t$t$jjYY9 j U9 MehuM|!uMuXP9 MM9 9 jtQg9 39Rtz9 E+0 } IHH Ht,H& W9 ]hsN` 9{$ ;M2M EME69 }G EMthw w!FPPM !MPM `"w9 GPGPGPM WP9 MEEM
Ansi based on Dropped File
(~WRD0000.doc)
P0 ^8W~ 9 ;~
Ansi based on Dropped File
(~WRD0000.doc)
P0 P9tIh9 PYY& Pu4VYP0 9 P P9 <0 }0 _;tg 0 _0 _0 0 _OE9 :X9 }j Y9 U9 (3S9 ]V9 uW9 }EEEEEEEE9t5L Y9 M;t [ 9 jY+ J J tqJtE& EE_M]Q]]Y& & >" E_M]QE]]YjEE_"!E_]]"0 ME_rE_0 ME_ZE_ tNIt?It0It t& E_aE_ E_ E_xEEE_! : $E_E_E_ ES_}E _& ER_yE _mE _E|_Ex_M]]M]QEY& u!E_^[RR RaRRR7RR!RRRRR%HH39 U9 QQSVV5 %WEYY9 M9 #QQ$f;uUUYY& ~-~u#ESQQ$jMTrVSVEYYdES\$E$jj?6U]EY]YDzVS VEYY" uES\$E$jj.T^[jhFCT9 Eu`3;|; r?SSSSS19 <9 9 LtP
Ansi based on Dropped File
(~WRD0000.doc)
P0 ~<9 N(;t0 ~(9 N 3C;t9 S0 ~ 9 N$;t9 S0 ~$WWjv40 ~80 ^@MMs^9 DjC9 FPM4^30 ]d0 F89^ u$jh=Y9 0 ME;tZ3]0 F 9^$u$j0<Y9 0 ME;tH3]0 F$9^(uOjD<Y9 0 ME;tR3vH9 v ]v$0 F(v,N ;uMM]9 7Cv,9 N( #9 N$PUv,9 N(p#9 N Pe3Cj%BMejMPhhxj(MMBU9 V9 u;5(u}uju& t9 uuVu^]j"!A9 39] &9 N$;t
Ansi based on Dropped File
(~WRD0000.doc)
P0@}9 U9 30 EjEPhuE`& u
Ansi based on Dropped File
(~WRD0000.doc)
p0jHI0 M9 ] {-t2hMH}eEPMhEPE4 M& 9 z-t9 {9 C x-t9 9 EH9 9;uv -9 su0 w9 M9 A9Xu0 x9u0 >0 ~9 I9u -t9 9 9 9 9 x-t0 9 E9 H9Yu} -t9 9 G9 9 9 B x-t0 Q\0 B9 0 ;Cu9 -9 pu0 w0 >9 S0 9 K0 A9 M9 I9Yu0 A9 K9u0 0 A9 K0 HK,Q,PYY {,& ,& 9 ;ul9 F x,u@,VF,9 F x-u}9 y,u9 H y,th9 H y,u9 A,9 MP@, ~9 F`N,H,9 MF,9 @V@,~~ x,u@,VF,Q~9 x-u9 H y,u"9 y,u@,9 9 v9 M9 A;x& ?79 y,u9 HA,9 MP@,9 `N,H,9 MF,9 V@,}G,j9 " jSY9 M9 A& vH0 AuuuJ9 EjLxYZ9 E9 }9 ]0 E9 E30 E;u
Ansi based on Dropped File
(~WRD0000.doc)
P33SW9 = VjP Sjv_;0 F[t& u0 F9 F^],U9 SV9 5W9 s& u3@WsR 9 W& tEPs< jEPW9 D9 EEE9 EEE9 j9 uu9 P<_^[9 30 H0 H0 H 0 H0 HA0 H$@(0 H@WZa@j.O39 ~t!j8W-Y9 0 Me& t=30 F3VW9 |$W9 & ta~uX9 D$jW0 F0 ~0 F 9 9 P9 9 P9 N& t9 WPL9 9 P9 N& tv(v$v9 Nv9 PL3@_^U9 VE9 Pv@ & t6~$t0Wjjv(uu9 & tjWvtW_^V9 9 N& tf9 N& tf^9 D$0 A9 I& u3IV9 9 N& t9 N^& t`V9 9 N& t^ ~t9 L$Pvp^9 I& tf9 I& t9 I& tjV 19 e~t%u$E9 0 e$P u9 Nuu.MM)2 9 I& tq9 I& tyt9 I9 `P39 I& t9 I& tV9 ~t9 Nt$9 P~t9 N9 ^`^9 I& tt$9 t$P83@\V9 ND$tVx1Y9 ^V9 'F9 D$0 F30 F0 F0 F9 ^Vt$9 9 D$0 F9 ^EVjj9 30 F0 F0 F $9 ^V9 ED$tV1Y9 ^9 D$d$& wvW 9 L$0 3U9 9 E0 Eh$
Ansi based on Dropped File
(~WRD0000.doc)
P3BSW9 = VjPSjv_;0 F[t; t;uf9 9 PX9 F^],V9 & t
Ansi based on Dropped File
(~WRD0000.doc)
P533@^j5f%: 9 u u u 9 =39^d 0 ^ FFSSjj0 Eu0 Euu0 Euu0 Euuuu uuuuuuSu 3juF8N4N0Pu 9^< 9^ht79^lt2 9 0 eP<.9 0 ejh|9 0 ]*v|j5 9 0 eP
Ansi based on Dropped File
(~WRD0000.doc)
P83VPf0 EEP'h& PW,& u%9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
P9 3V)9 9 & YD0& tW/&Y3_^]jhpB9 Eu% %}3;|; r!%0 8%WWWWWX9 9 9 L1tPtY0 }9 D0tuY0 EY%ME9 EVuY9 U9 V9 uVRYu%MWujuP` 9 uP3& tP%Y9 9 & D0 9 _^]jhB& 9 Eu$ a$3;|; r!R$0 8r$WWWWW9 9 9 L1tP2RY0 }9 D0tuuu0 E$$0 8ME9 Eu|RY9 U9 4S3E VW9 0 ]]E0 ]t0 ]E
Ansi based on Dropped File
(~WRD0000.doc)
P9 9 _@^VW9 |$9 j9 9 F& t$P9 9 _@^VW9 |$9 j9 9 F& thP9 a9 R_@^VW9 |$9 j9 9 F& t
Ansi based on Dropped File
(~WRD0000.doc)
p9 9 S9 ;#U#u
Ansi based on Dropped File
(~WRD0000.doc)
P9 ;0 E~" ~9 a9 E0 9 0 F(EPN EPN40 F0[`9 n& u9 Ehp9 9 EB}jg[9 0 u3EG9 S& tP89 & tP-}YNpEN`ENPEN4EFMNVU9 V9 D9 t3[~|tWN49 Mhh P9 k9 & 3'}uEPuWv| W9 Y9 _^jjYY& uht$9 t$jjYY& ut$9 t$V9 D9 t3^S3SS YY& & Vj YY& 9^|& }9~S& Wh3@9 =<h3P0 Sh3S0 h3S0 h3S0 0 _9~t9~t9~t;u
Ansi based on Dropped File
(~WRD0000.doc)
P9 d9 V_@^VW9 |$9 j9 j9 F& txP9 09 "_@^j c9 9 Mj/9 N& t"EP9 MePMMR9 M@Od9 I3& t9 (VW9 |$9 j9 9 F& tP9 9 _@^9 `$VW9 |$9 j9 9 F& tHP9 ]9 O_@^,jxXV9 9 L$j\9 F& t!HX& u9 F9 L$XP3@3^9 L$j#9 L$@9 D$9 A& u@9 U9 Q9 Ae9 M& ujh|9 Pm9 EU9 Q9 Ae9 M& ujh|9 P;9 Ejb9 A9 MPLMueMMM9 : 9 b|$W9 u3^jh`thtjt$k& tV9 p9 G& t2& t.N$QH$x& t9 OV_& t3@3^_9 A& u9 $jo=a9 0 ueNMNaj a9 0 uR" }<E},E}ES}E
Ansi based on Dropped File
(~WRD0000.doc)
P9 KMSWM>Ah@MIEP9 EKMSWM>AhM IEP9 E KMSWM>}A9 MUl$ 30 & jPP0 E3ESPEPEPS*T;& hESP9 cMATM0 ]EPME ;u
Ansi based on Dropped File
(~WRD0000.doc)
P9 M0 F ]5SE,P9 0 ~/9 vMM,9 MM,3L4jV(K9 u$eE9 0 e$P.u9 uu`& u3MM9 K D9 9 Pt3FjUJ0 M9 ]& u3@M=es}9 u39~ptWsMvc9~lt9 PPEPsM99Tt0 }9 C3$< 0 M9XtjjEPu9 WWMQs9 Ppu9 M9 su~CtCt
Ansi based on Dropped File
(~WRD0000.doc)
P<v h h jF ah h j{S9^ t0 ^ TiY0 F$rIi+F$Y=,vbM|vEvM;t!M;t9 9 9 Sh'vvM]4MM }hj,&g9 MeMf,j9 MMKhV9 vvj9 j9 bj9 9 ^j|$ouy39 D$;Au4;Auja&;Auj;Auj;
Ansi based on Dropped File
(~WRD0000.doc)
PEP9 MPdPu 9 E& t9 M0 9 E& t9 M0 U9 SV9 W9 e0 E& ~Iu9 f9 EPjhS0 ]& tuEuP & uE9 E;E|3_^[9 E& t9 M0 9 U9 9 EV9 & t00 EEPjhS& tjEPS ^V9 : D$tVY9 ^U9 V9 9 N8W3& tg9 N8u9 9 PEPv@ EPuG9 0 }%9 E_3^j1C0 M3S 9 M9 9]t7! 9 5PWjhM0 Eq9 MEPSSWEP0 ]uWWMMxk9 Ej(,*0 M9 ]& u3P9 u9 uV/jVV0 E e{D0 EtE9 Mj9 M9 mPVM0 Ey9 EexPMs& thRjV 9 Euu}9 u0 EEhP9 /P9 %b9 5 Pu9 Eu9 =uD0 E9 M0Puju0 E k]u0 ]9 ]EP9 P9 a9 ]PSuSuSuS MM*x3@1jO*J9 EPuu9 & 9 } EPjhS0 ]& `9 E9E~9 E9E}t9 }T& |b;}^Mw9 }eWT& t3xPM}& t#9 E& t0 89 E& t0 MMQw3@MM@w3HU9 QQ9 EVW30 8EP9 & tA9~8tu9 N8u9 P& t=EPS WWu9 u& th0 hW P _3^U9 Vju 9 & u^]% 9 Et-SW9 }t7HtHHuRU9 RPQ9 9 & t7u9 SRS9 "MU9 RPQ9 9 E0 Wuuu _[
Ansi based on Dropped File
(~WRD0000.doc)
PEP9 zP9 Pu uu~Pt9 3a|$VWu3@M|$ uh0 j P |$+u'9 D$9 P;Qu9 p9 V9 ppR<3_^jXf9 ~<u3G 9 0 eP,e9 0 ejh|9 E)v|9 N<vxMvt6X"!U9 }VW9 vt;R 9 & tFW& t;EPv< jEPW9 ^jEPW& t
Ansi based on Dropped File
(~WRD0000.doc)
PEPH9 MPPS 9 E_;t9 M0 9 E;t9 M0 9utSV^[h&8xf0 M30 ]ME& & 9](}x3F9u,R 0 ]9] u
Ansi based on Dropped File
(~WRD0000.doc)
Ph0 {@u0 C9 E j 0 C Y0 E(E& tjs9 p3E0 C& t5EPs@ E<9 0 e(P09 K9 sunE,PKT.9 [M,EX'MM<L'9 TDU9 SVWE9 Pv@ vN(9 F,N$Pjj0 ]PS0 E9 = ju0 EuSuuS9 juuuuuujuuuuuujuuuuuuuuuuv_^[U9 V9 v & tGEPv< & t6uEuP & t"Fj
Ansi based on Dropped File
(~WRD0000.doc)
Pj:YYt9h8Y9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
Pji9 FPMue9 " MRVj9 8& 0 9 ^9|%<& 9 30 0 H0 HV9 9 & tPY&^D$V9 tV,Y9 ^V9 NF9 ^V9 N^U9 QV9 FPMF9 vM9 ^VW9 ~W NWu9 _9 ^`_^V9 eD$tV0 Y9 ^9 D$;Ar3PnV9 9 F@P9 F9 N9 T$0 F9 vF^S9 \$V9 9 F;w6W@P9 N9 F+9 QPP`9 F9 L$ 0 F_^[U9 V9 uW9 9 G;sO9 MS;v9 }t0 u;su9 E9]r9 O9 G+QLQP+w[_^]9 A& tt$Pj! jBi9 0 ueja V9 : & uuW9 |$3jZ?Q0 F3jZ9 Q}0 F9 FYY& t9 QjP9 F& t9 QjP0 ~F_^SV9 9 ^W& t39 ~& t,~t&t$k489 4t$o& t9 @3_^[U9 V9 9 F& tHS9 ^& t?~t9Wu"9 49 F49 u%& uu9 uW;9 M0 H_[^]QSUV9 9 n3W;tI9 ~;tB9^t=t$89 9 <(& t%,0 l$l$J& t9 \$& t9 l$9+t& u3_^][Y9 [9 ~9 8+PAPQ#N9 V9 ~WtC9 ~& t<~t6t$A9 N4849 t$B& t9 L$& t9 @0 3@3_^5V9 -|$t=W9 |$ut$Y9 & t"SW9 !t$_Sv0 ^0 >[_^9 D$0pV9 9 @P9 9 F`T$9 9 N^S9 \$V9 & t8~u
Ansi based on Dropped File
(~WRD0000.doc)
PjS 9 = VjShjS0 9 ;t+HT9 ;~9 }STSP9 C;|3@_[^j*u9 39 9~8 }j
Ansi based on Dropped File
(~WRD0000.doc)
PjV 9 M9 VPD9 M9 WjVP@}t9 E9xt
Ansi based on Dropped File
(~WRD0000.doc)
Pjv MejuMuvMM<3@/|$V9 uAt8~t29 F& t+P& t v & tjvkYYt$9 t$^j(oW.9 9 N& tqe3}EPQ@ & tVMejEPvMq9 E+E9 M+EME"!+++M0 +MM0 }M;(9 =jj9 j30 E9 M0 ~0 .V9 9 }9 9 W9 QPWRR j9 WvtW_^SV9 9 F& t9P& t.|$tjhvv^9 Pt9 0 & tV9 D$tVG.Y9 ^U9 SVWu9 hh9 at~9 9 9 jhs0sP$9 9 j+EPs@ 9 9 9 9 uP9 9 9 RP(9 tijPs_^[j8 Wx,9 M.e9 EPM~9 u3;~0 9 U;~0 9 9 0 };t9 +;E}
Ansi based on Dropped File
(~WRD0000.doc)
PjYYj9 j4j-j&qxjX'MS
Ansi based on Dropped File
(~WRD0000.doc)
pkeHpPMU! Gxh(@@R 0" 8) ` IJ0I h!P%"L(`#!L+(#*;-4H/A7h=hBhHhMhSh1x5P7@<xBGxMRxXX \ BINARYGIF89anz ~ ~x : yw{ x}!n, nd37 ! Qn>l 6S;a: : .C=BE&b?Vi<0^/@9*J%!\jZ4(O
Ansi based on Dropped File
(~WRD0000.doc)
PMh4M9 MEPM0 uEs9 Ezfj(S eeEP3CM0 ]0 MEEPhHME PM 9 M& ujh|9 EPPM0 ]EM]0 ME9 Eej djhlM0 eMPjjL9 & tP=uVTVX3MMg9 oej `d9 M& t3vM9 Me& u9 M0 PEh PFM}& t|9 M\9 MPSPhuMM3@dj$ cEP9eMbMExEP\VMEPMB" 9 MPMBh9 M5EPVMPM" ME9ME! MM!+dj4DcEPeM! MEEP\VME<PM 9 M+PM & uMh9 MEqh|9 MPM/EPVMPM" ME_3FMEPME! MM89 @c3jUb9 0 u: eN 9
Ansi based on Dropped File
(~WRD0000.doc)
PP P~PPPPPPPQ
Ansi based on Dropped File
(~WRD0000.doc)
PPs0 Ej0 EPs 0 EVs V0 EPs0 E9 C(@Ps$ss 6s ususu9 =}tu}js9 5E
Ansi based on Dropped File
(~WRD0000.doc)
Program: e+000~PA GAIsProcessorFeaturePresentKERNEL32 }
Ansi based on Dropped File
(~WRD0000.doc)
PSC;& M hRMEPM%;uME_ EPMMEB WMjE9 0 ePExE9 0 ePEcMEEM;u=MGP@9 ;t#hTV;thV;tV8MEM EM]}E9 E;ERMMs}! jdh5 9 M59 Me& tMM93A! M/jjuMEM& u
Ansi based on Dropped File
(~WRD0000.doc)
PtEPklM9 ejVMMMf0 3@ " & t9 9 9 & zjVM3EFP9 0 u& u3MM9 Gf0 U9 S0 M9 MW29 3; V3jZGQ:\9 Y0 u; D?PSV: [!]0 ]0 ]& u9 Mf&uj&Xf0 0 uF3FC0 ]kf;uY}S& tO9 ]9 Mj;Xf0 EPuSq& tf9 Ef0 9 E9 +EFFsPjjV[3f0 FF& tEE9} b}tu9 MuJ[Y^_[V9 9 L$& t33PPPt$9 ^Vt$9 t$9 L$jPt$$9 F^HV9 & u P9 H^U0l$ 30 & 0j$92O0 M9 @9 <39 0 }0 }CPW9 :P9 ; EPjV^9 E0 E& ~}EPWVFSMeEPMj\j/MgE9 0 eP9 MT& uEEPWVaMM7G;}|0 }uEV9 Y9 E9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Pu0 EjEWP 9 }hEP49 }P4ai9 = Puj
Ansi based on Dropped File
(~WRD0000.doc)
PuD0 ETjE0jPhE0PK$7PK$,rPuD 9 EE80 E09 CH& ~;E8}0 E89 E +CLh +E<K$+E$E<0 E4E0PPK$qPuD }TtuTuDu$9 u9 uDPTh jjuDWVuuuP uuDuuDMMy+9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
PVM"ME]MECMM9 9 j`EPeM
Ansi based on Dropped File
(~WRD0000.doc)
PVM& uE9 uMEME! j19 EPzeMj& uTM ME9 MEuMh9
Ansi based on Dropped File
(~WRD0000.doc)
PVMM9 EME j.EPweMg& t,MM9 MjMEoME9 9 EPhMPVMD,& u0 M9 u<}9 0 uMEMEqju! EPeM
Ansi based on Dropped File
(~WRD0000.doc)
Px9 9 PP^V9 W9 & t
Ansi based on Dropped File
(~WRD0000.doc)
PXN0MMlj ^! 9 9 u& t{9 MQ9 PeM uPh&j& 29 9 P 9 ^@S & tSP ! PMO9 VVEPMEOMM}ji9 }t] & u; PM
Ansi based on Dropped File
(~WRD0000.doc)
PY0 ^9 F;t
Ansi based on Dropped File
(~WRD0000.doc)
PY0 ^_0 ^0 ^0 ^^[9 I& u3
Ansi based on Dropped File
(~WRD0000.doc)
PYe9 ~h& tW & u@0 tWYEWjPYE9 ~l& t#WIY;=Htp}t?uWGYEV8Y9 uj
Ansi based on Dropped File
(~WRD0000.doc)
PYY0 ~0 ~9 _^[]jhHAM39 u3;" ;uAWWWWW: F@t0 ~9 EV Y0 }V*Y0 EE9 uV Y9 U9 SW9 }3;u ASSSSS,fWQ 9_Y0 E}0 _jSP ;0 E|9 Wu+G.9 9 OV9 +0 utA9 U9 u9 " D2 t9 ;s9 :
Ansi based on Dropped File
(~WRD0000.doc)
Q !!0 RS6FZ[cgjkpwzz{ ! " "!03:!5,
Ansi based on Dropped File
(~WRD0000.doc)
Q 0 RS6FZ[cgjkpwzz{ ! " "!03:!4,
Ansi based on Dropped File
(~WRD0000.doc)
q` eNl !fK
Ansi based on Dropped File
(~WRD0000.doc)
QH+"!+P9 PVh 9 ; j& ,P9 +P 5P9 & (9 4T & t,;P0 & @;\9 & D+& 40 & 8;E
Ansi based on Dropped File
(~WRD0000.doc)
qq$9 |3@^]9 D$SVW& t%9 P;Qu9 P9 R9 ppS<3_^[U9 9 EtVtJt;-t'u9 E;Quf& u
Ansi based on Dropped File
(~WRD0000.doc)
QQEQMQ" !rQ" @! QQQ" l!Q" !QQ" !" ,"R&R1R<RJRXRfRtR RR~R
Ansi based on Dropped File
(~WRD0000.doc)
qR Y3U9 VW9 30 u9~u3.9}tu Y0 E;t9 F0 }9 ~SG;sg9 ME<HuW}YY& uW: |GY;r39Et70 E9Etu{ Y0 E9 E+E9 NE9F0 MP9 & u3"!9 ^SD Y9 NA0 E;sxuSE}U9 M9 +F9 u+9 E+VGOPS'}tuuWu3f0 s9 E+ESE9 u9 YY& uS\CY;]r9 9 E[_^U9 VW9 }9 & |m;~wh}u3@_u! Y9 NQ9 0 E& t@9 N9 F+SQ?Q9 MHPqu9 FuP`9 '3@[3_^]V9 & t$9 D$9F~9 Nt$APRYY& t+F^VW9 39~~$W9 ~P YPW9 xG;~|_^VW9 39~~$W9 lP= YPW9 mG;~|_^V9 `& u9 VR9 4f;D$t
Ansi based on Dropped File
(~WRD0000.doc)
QS=c~5Pk}At ,"!@Io A 'R.QtE%H X) >_ z
Ansi based on Dropped File
(~WRD0000.doc)
QSu`9 h Pu`9 MTEP>SEPh`R9 EPSVtV9 )NV9 J9 & u93MEM EMEExMM@9 9 Mh3-0& v89 MhWE0PSPhd9 ESPM0Ea9 MhG/;rud9 MPCsj( :9 EP-eM& tMMJ3R;MuEPEP9 E& u3MEMM9 jEP9 jMljuEjPMEmME"h3Fj 99 9 M30 E;u3];0 ]~S9 MSO9 & t>FPEP9 eEP9 QPV9 `& tEMMJC;]|9 EK:j!d99 ME3P9 0 ];uMM9 :SMlSuEjPME#lM]+g3Cj!89 0 ujze}@9 EmS~l9 EO}EL}d}h30 0 <0 `9 j9 EM"!30 0 0 9 j
Ansi based on Dropped File
(~WRD0000.doc)
QX)1./&\bP8J@312iQ%? PaaDzRb SNDSN;GIF89a?kqh v_& eb9 yi Cra``" >n |]wao" O| q lx{: n a|Ly!?,xpH,/ciVC jD RFS f^'~B3("W!T H4:?y9 1?;
Ansi based on Dropped File
(~WRD0000.doc)
QY9 0 F9 PV9 D$tVPY9 ^j O9 0 uNeNR" INEF6N,E*N<EfLNPEN`ENpE}E}E}E}E
Ansi based on Dropped File
(~WRD0000.doc)
q}9 0 0 - !" SPL"5;.Z0 |=;%X{S
Ansi based on Dropped File
(~WRD0000.doc)
R }DEC }E9 }E% } Em}PE^}E& }E@}E1NhE& N,]M9 fejhSe9 }EM~EJMM(>3Ze0& tMM(& u3jXESP0 ] CoE P9 ;u3M]MM(9 ~M(W& uM(,PEP S9 jZV jHPu VS0 E 9 E%,0 E`EE`EMEERPEPME :t"}RthEEj Ps]E P M9 EU9 QQf}S9 u3^eVuWEPV9 & u9EPEPu9 juujV5"!d 0 E& t9 PV9 R9 E_^[j b9 ! 8tp9 9 9 R9 & taMK9 eMQ9 P<& t:M& u.9 a9 M& t!9 Q9 Pj& t
Ansi based on Dropped File
(~WRD0000.doc)
r" " $" p(08@HPX`hpx" " @8" \H@$" " MU]emw" pS" " dLv(l3" 4@`V" p" " " (
Ansi based on Dropped File
(~WRD0000.doc)
R%@~%a ?-[ g9X5dh"!,: ]v F KE*nk`0mE%
Ansi based on Dropped File
(~WRD0000.doc)
R0 Mh x Sjh$}& 9 u& MfeMfMEf9 MEP9 Ex9 u0 EEP9 9 u9 9 M#u=hSj#3MEpoMEdoMMXo9 "hMk& thSj" #3FEPEPEP9 3;uh` MifPhSjW#EP}9 0; }9~ & 9 N9 Pl& th Wh`thtWv;t.9 9 ;t!M 'VM En<M E'MEhnME\nMMPn3@hthTSj "39j1R0 Mh xSjh"}ul9 u& teMdeEP9 9 u9 & uhHSj$"MMm0EP}}MM m3@h Sj!30 j\[
Ansi based on Dropped File
(~WRD0000.doc)
R3}M 9 "!9 yJBee9 E )U9 ]\9 39 #0 M9 9 Mu0 39 uE}0 u|9 jMZ+;|9 10 t" d" J& } 9
Ansi based on Dropped File
(~WRD0000.doc)
R?9 E80 ETE: ,K$s& & juDeT9 0 & t
Ansi based on Dropped File
(~WRD0000.doc)
R^U9 QeEPu,l#EV9 t$& t & tv9 jj9 R@^|$u)Vt$9 & tvY& t9 V9 R^V9 D$tVNY9 ^|$V9 u3jt$YYP9 H^jUhLu9 & t=M5eEPuMuu"& t
Ansi based on Dropped File
(~WRD0000.doc)
RMS;b} #}V}>dy t[ q~0 Dw~lw+ k@hhhhhhhhhhhhhhhhhhhhhhhZ6hhhhhhhhhh\b8KH]Nhhhhhh F3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]<`chhhhhGD?<4_.hhhhh f5aU
Ansi based on Dropped File
(~WRD0000.doc)
RPvj00 UF9 0 ]0F }t9 E`p3[_^9 U9 SVWu9 9 s9 MN & u-4j^0 03PPPPP~ }t9 E`p9 }v }t;uu3;- 0@;-9 u-w9 C3G&
Ansi based on Dropped File
(~WRD0000.doc)
RQQQQ QxTbTPTXSX XrX\XHX,XP}WtfdfPf~WlW\WJW8WT~T timeGetTimeWINMM.dllwSetDlgItemTextWIsWindowGetDlgItemPostMessageA~SetTimerKillTimer!PostThreadMessageADestroyWindow" DefWindowProcAGetWindowLongA^SendMessageAFindWindowWSetWindowLongWgCreateWindowExAJGetMessageAMsgWaitForMultipleObjectsDispatchMessageAPeekMessageAGetDesktopWindowShowWindowwsprintfWFindWindowExWPostMessageWGetWindowRect
Ansi based on Dropped File
(~WRD0000.doc)
RQQQQ QxTbTPTXSX XrX\XHX,XP}WtfdfPf~WlW\WJW8WT~Tllllmm-m>mOm`mqm m mmmmmmm
Ansi based on Dropped File
(~WRD0000.doc)
RRRRRS" S".S6S>SFS" "" @#iSqS|S! S" S" R#SSSSSS!T" #DT" #iT" $RT" @$T" l$TT" $UUU'U" $JU" %mUuU" <%U" p%U" S%U" %VVV" %" T&4V<VGVRV]VkV V" &V" &V" &VWW" '6W>W" D'gW" x'`W" 'WW" '" ((WWWWWX" P(>XFXNX" |(" (qXyXX0 X X"!XXX" )XX" @)YY" t)=YEYMY" )@)pY" *)"
Ansi based on Dropped File
(~WRD0000.doc)
R}9<A<I<" X
Ansi based on Dropped File
(~WRD0000.doc)
S & tjP ]Vj9 -T&9 ^U9 Q9 Mejhx& 9 EV9 D$tVDY9 ^j;^Z9 u0 u& tbeS & tjP 9 & u9 & uM!h0hR&j1MA9 u9 9 9 P3RV9 D$tVY9 ^j^^0 9 39} }uuWhWku9 uP<9 9 P89EwT PM`9 F0;F40 }}.9 9 Pt"EPWVhWW(F0PuN89 RMM8jk9 9 M 90 tB3G9~7h Y9 0 Me& t%3MWP9 G;|`9 D$t$0 A49 D$0 {V9 t$& u3%9 D$W9 >&& t
Ansi based on Dropped File
(~WRD0000.doc)
S!sg2F0 <}@HqA&< *n,#` BH;=} aElCd\! Pq r3)&ntL'G8
Ansi based on Dropped File
(~WRD0000.doc)
S0 u0 E 0 ]9]tuu 0 E9]PtVM<[PMajVM9 MEPEPu$Eu EP0 ]M0 ]3 9 0 ejVE{EP0i0E*iM0 E0 ]S39]E0 u}EPV0'k; V0 ]9]PunE<PM0 E;u[M<RPMxtEjE<9 0 eP\V0j0 h0 EEPV0j; 9 MSEPu$Eu P9 ]34;;u(S}Pu& t}t3& t9MPMaMPMP9 E<;}~0 }9 ET& tlhE9 E;E,}sM& tM}uM<: PMM`PMMyPM;]9 ~0 ]}Tt9 ET39 uF;u0 uR Sjh`M9 MjEPu$Eu EPMPM<};}~0 }ME}9 M;M,}A0 M9 ]8;~6& ~29 +& ~'9 M<PM6MPM%Nu0 ]9 E0& t9 MM0 9 M4& t
Ansi based on Dropped File
(~WRD0000.doc)
S0 Y_jhA
Ansi based on Dropped File
(~WRD0000.doc)
S3Sj YY;t0 H;t0 H;t0 X!@ [S3SjYY;t0 H;t0 H;t0 X@[Vjj9 YY& t0 030 9 ^U9 EPML uV9 uM?EPM. t^]jjq9 AQ09 L$9 D$9 AV9 pW9 t$FP`tYY t9 v9 9 6 ~-t9 _^V9 N0 @!9 0 @9 0 9 0 If^U9 SVW9 9 G9 p0 E9 1uNR t9 v {t9 MFPq t9 0 u9 6 ~t {t9 G9 p9 39 MFPB t9 9 69 v ~tWuMWSM9 E9 M0 9 M0 H9 M_0 H9 M^0 H[V9 EN0 @9 0 @9 0 9 0 If^U9 QVQ0 e9 0 eC9 ^U9 QuuuuuuAVt$9 9 L$VPu9 D$^Vt$9 9 L$VPV9 D$^Vt$9 )9 L$VP79 D$^SVW9 |$ 9 9 u$v9 9 6j9 bW8 ~Y9 t_^[SVW9 |$ !9 9 u$v9 9 6j9 'W ~!Y9 t_^[U9 Q9 EVQ0 e0 eP9 9 ^U9 VuEP9 VvMwEPMv u9 E9 MPe uMVvMCM9 9 E9 I0 0 H^U9 VuEP9 VvM
Ansi based on Dropped File
(~WRD0000.doc)
S3Sj&YY;t0 H;t0 H;t0 X-@,[V9 D$tV& Y9 ^9 D$V9 t$& t9 FtR-t<Ht*HtHtHt
Ansi based on Dropped File
(~WRD0000.doc)
S9 0 M9 H0 M9 H?W0 M0 Eu'339\& u
Ansi based on Dropped File
(~WRD0000.doc)
S9 0 eWh9 h9 0 eWh9 S9 0 eWh9 S9 0 eWh9 ah9 0 eWh}9 {h9 0 eWh o9 \h9 0 eWh P9 =h9 0 eWhx19 h9 0 eWhl9 h9 0 eWh`9 S9 0 eWhP9 S9 0 eWh@9 h9 0 eWh4"!9 h9 0 eWh z9 gh9 0 eWh[9 Hh9 0 eWh<9 )h9 0 eWh9
Ansi based on Dropped File
(~WRD0000.doc)
s9 M`EPMf& 9 M`Vh8+j@M9 EmMEmud9 Mh;t9 Ml;t9 =E@PE PEPEPM0E m9 E|M;t9 PQ9 ^9 K0;tEPtM6dEP9 0 ePjh+Es9 M`EPMe& t
Ansi based on Dropped File
(~WRD0000.doc)
S]Au9 39 Ef0 E;}"+ ]t& u9 m ]tM mHu& tE]E9 _& tjYe9 uEtE tj Y3& ^ [9 U9 }t~}S"]S!]9 U9 `E tjt3@]tjtjX]]9 U9 39 " ;Mtd@|30 E& t^9 E0 E9 E0 E9 E0 E9 EV9 u0 E9 E 0 E9 E$hu(0 u0 EEP/& uV,YE^9 " : hu(uE 9 U9 =" u(uE\$\$E$uj/$]lRhu!JEYY]9 S9 QQU9 k0 l$9 30 Es CPs & u"eCPCPsC sPE PIsp=" u+& t's C\$\$C$sPr$P$s CYY9 M3k9 ]9 [9 U9 QQE]E9 U9 QQ9 EE9 M] f0 EE9 U9 3}u
Ansi based on Dropped File
(~WRD0000.doc)
Sh M8 & tK& hP9 yPM\EYhE
Ansi based on Dropped File
(~WRD0000.doc)
Sj0 EEPjjWV0 3;t!3" PhXSAAQ333hf0 EEVPk VVVVEPEPWuED ;u,jEPM9 MEP0 u MMG: u$ h|Sj-3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
SjP 9 [MM,y9 S49 jPThTR9 u9 eV& u3MM69 RS D9 9 0 sPt9 Ej 0 C]LY0 & $E& tjs9 %3E0 & tA& Ps@ E9 0 $P9 9 9 s#9 5 Sjs Wjs0 C;t& u0 C3hPf0 & (& *P \jd& (Ps& t& (P9 3F8VWtt$ t$9 t$ $3_^9 D$VW& u@+8t 3xp R9 p3_^yt4"!3U9 } t}u4])v]Vt$9 9 L$Pvp^9 D$0 89 D$0 ,j@/U`P9 9 x& & 9 y0 EEPv@ 9 E+EP'|YM0 E3M0 ]SSjS9 0 ejhE" SSS@EuSSu9 0 eWEPMEP9 EMEnM]cMMWaPjRU|O9 3GWuu0 E 30 E9^|t$9]t( u EPEP9 0 ]0 ]k0 ]9~ts9^|tZ9~0u9 9 0 eP9 0 ejh|9 0 ]z9 NxMW9 Pu0 E9 },t9 E+E9 }+"!+E9 E0 Et9 E+E0 E9 E9 U0 U9 E+E9 }+"!+E9 E 0 EQEP9 0 }W/P9 M9 = PutAjjEP u 9 ,9 MPEP/9 MPPu}tuuuu uuqNjdj(`M0 M3VVMU0 u9 MuEP0 u
Ansi based on Dropped File
(~WRD0000.doc)
SJY0 @eEPS@6a9 t3& |&~jE PW@u T & t }u& uE0E'E& P& P& Pu l tu X6 9 EY9 _^3[dJV9 ~t6Y9 N& tPY&3^j.OhLIY9 0 Me& tu9 3uMu9 uuu& t& t9 V\PY3j]IY0 pPt$t$jjt$lU9 9 E& u"8tu9 @u9 uuf]jjt$t$t$W9 |$& u_?tV9 w9 & t9 V OYW9 OY^_jhlN9 0 uehN,Nvr9 Oj2h7N9 0 uNh xNSjE>~,9 j9 PhHSj"9 EnM9 NjBYy$u+Vh x0OVj
Ansi based on Dropped File
(~WRD0000.doc)
SM\& & M\PMhp M8& tP& XP9 ~zPM\E
Ansi based on Dropped File
(~WRD0000.doc)
SMQuP9 4h& {9 M;Rp;M! g9 MD } ;t
Ansi based on Dropped File
(~WRD0000.doc)
sOY9 ujgOY9 U9 =P tK}u'V5T 9 5t & t5P 5T 0 E^j5P 5YuxT tjPp ]9 VWVV0& uVY9 & ^9 5<h<WWh0WWh$WWhWW=9 5p t=t
Ansi based on Dropped File
(~WRD0000.doc)
SPS9 RA9 h_& ~9 S9 P^[U9 9 EV9 & u3T9 M0 FH9 E 0 ND0 FL` jvHjvLuuuuhH@jhUj 0 F8& uP3@0 F@^]V9 9 F8W& t~@tPf@9 |$W& tjjh W0 ~83@f83_^9 D$& |;A<}T$RPhq8j,3l@#9 ej
Ansi based on Dropped File
(~WRD0000.doc)
sS9 9 <& 9 @t58t0=u+tItIuSjSjSj 9 3 "!0 _^[]9 U9 9 Eu} b]V3;|"; s9 9 @u$<0 0"VVVVV#9 ^]jh`FE9 }9 9 4& E39^u6j
Ansi based on Dropped File
(~WRD0000.doc)
SSSSS N9]tE9 GF 80t.9 GHy-Fd|
Ansi based on Dropped File
(~WRD0000.doc)
SSSSS9 M & u@u9Et M 9 + tGHt.Ht&d#0 G#j^SSSSS0 00 UtuE@0 }9 EjY+t7+t*+t+t@u9} 0 EEEE0 ]9 E#;;t0;t,;t= =& @E/E&E=t=t`;& E9 EE & t9
Ansi based on Dropped File
(~WRD0000.doc)
SSV@?'V9 @]"!:jD9a9 MT]& t
Ansi based on Dropped File
(~WRD0000.doc)
Start Time: Class Name: ,'M>: mmmxxxm! zCThreadPool::WorkNo JobpJobCThreadPool::ThreadFuncImmediateCThreadPool::OnJobPreProcess \'M>: xgeDummyJobCThreadPool::ThreadFuncStart [%s]
Ansi based on Dropped File
(~WRD0000.doc)
SVW9 |$9 u+9 jWY9 9 +0 k<3;x_^[9 jV9 M9eEPu9 3& uMM9 WWMK& v%VM(& tu9 PMF|K;r3Ft$jc(V9 9 }& u3! wV!0 E& u3@rjW+EYV9 0 Ek<9E$WEP9 3M0 uMEPME& u
Ansi based on Dropped File
(~WRD0000.doc)
T QjhB[VV0& uVY0 E9 uF\]3G0 ~& t$hVP9 <0 hWu0 0 ~p C KCFh@0 j
Ansi based on Dropped File
(~WRD0000.doc)
t!& u9}& E @& @E & 9 E
Ansi based on Dropped File
(~WRD0000.doc)
t#:r:w:r:w:uu3:tr9 [^_jDhqM@eEPMf@h\EPjDxhrM@eEPMhEP9 U9 VWh@ @9 & th$rV<& tu9 V89 _^]QRPh$G'ZY "!% "!"!%"!S"!%S"!"!%"!"!%"!"!" %"!"!& %"!"!u%"!"!e%"!"!U%"!"!E%"!"!5%"!"!%%"!"!%"!"!%"!"!%"!"!%"!%D % %$9 U9 DSV9 u9 V9 N9 ^W9 ~0 U9 V9 F0 E9 E0 M30 }0 E3}E$0 u0 M0 M0 M0 MuE0 EEPjQhWm4 39 E9 89 E+9 0 E9 0 E u0 ED3;tURQ9 & & E& & D& tMQj9 & uPu 9 & uAP0 E@& tMQj9 & u!E0 EEPjjh~m4 9 EWup;t&~t'jj@ & t0 p9
Ansi based on Dropped File
(~WRD0000.doc)
t$9 9 9 ^S9 \$VW9 9 ! & t6jhvhujP09 & tS9 a & t
Ansi based on Dropped File
(~WRD0000.doc)
t$Q9 D$V9 && t9 VhP9 ^9 D$V9 && t9 VhP9 ^9 D$V9 && t9 Vh P9 ^Ul$ 30 & j<P'9 5 9 70 }& 73VVVVP7Vj 0 E0 0 uP E0 ueH 9 }39 ;u& & t ? 7 VVuSP7Vj 9 0 ];u'9 & 9& t 9 7S lVVS Vj 0 E0 uPMEL 9 }39uu E& tM& 9& ;uuu Vj ; 9 E9E MMP@jPEP0 u9 ;}-E9EtM#& 9& t
Ansi based on Dropped File
(~WRD0000.doc)
t$s9 ^U9 V3PPPPPPPP9 UI`
Ansi based on Dropped File
(~WRD0000.doc)
t$sF ^9 U9 uM }}3uuuuR }t9 Map9 U9 ,9 EH
Ansi based on Dropped File
(~WRD0000.doc)
t$t$K39 I & tl9 D$& t,y@u&9 @V$9 PR9 & t9 Vy7Y3^3@jHW69 0 ueNeM9 7V9 9 Fd& tPTvdXfd^9 I`& t j@ 5M ej5M& EPEPME~ME0 MM& tEqMMx 3m6EP-ME?EPEPME& uJEPEPM: & u63MEMEMEMM 9 M"!E9 0 ePE MD MEy3F U9 V9 ~@& & 9 NF@& t9 Nj39 Nd9 N & tf WE~$P9 K9 M& t0 M"u5YEPEP9 L& u9 j9 PND9 jP_^j@49 0 u~EB9 N3;t9 j0 ^9 N;t9 j0 ^9 N;t1}0 ^9 0 ^`ND]nQMN$bQ49 T$V9 & t79 D$& t/9 N0 V0 F& tW9 9RP_9 9 )9 3@3^V9 9 FW9 |$;u,~
Ansi based on Dropped File
(~WRD0000.doc)
t$t$y39 I,& t9 I,& tKzV9 3F<9F,t0 F,9F0t0 F0}9 ^xV9 ~<t3]9 F4W9 |$;uPv9 69 N0& tW/& t9 N0WH9 N,& tW=u& t
Ansi based on Dropped File
(~WRD0000.doc)
t$v0 ^V9 & t
Ansi based on Dropped File
(~WRD0000.doc)
t& jjju" f}
Ansi based on Dropped File
(~WRD0000.doc)
t9 #t;t;t;u
Ansi based on Dropped File
(~WRD0000.doc)
t9 U9 QSV9 3;uGj^SSSSS0 0F9 W9]w}Gj^SSSSS0 0"9 39]" A9MwOGj"9 M"w0 ]9 9]t-NE9 3uv W 0AE3;v9 U9Ur9 E;ErxI``IG;r3_^[9 U9 }
Ansi based on Dropped File
(~WRD0000.doc)
t9]t9 @MED&
Ansi based on Dropped File
(~WRD0000.doc)
tC9]t>9 @M }ED%
Ansi based on Dropped File
(~WRD0000.doc)
tCA0 M9 EH;sA 8
Ansi based on Dropped File
(~WRD0000.doc)
tD 0 0 76dv2ew0
Ansi based on Dropped File
(~WRD0000.doc)
tf0 CC@@0 E9 M;sHf9
Ansi based on Dropped File
(~WRD0000.doc)
tHt39 VW9 h3FWPd39 0 ~0 ~0 ~~@0 F+`@Ou `@Nu_^9 U9 30 ESW& Pv& 3 @;r`& & t.;w+@P
Ansi based on Dropped File
(~WRD0000.doc)
tjjjuA }
Ansi based on Dropped File
(~WRD0000.doc)
tl9]tg9 @MED
Ansi based on Dropped File
(~WRD0000.doc)
tML!P & u-Pu"jjM*!P& uPEME)ME )EPu& & ulS& \9 0 eP29 M 9 uF9 ~=}@'~~=_}@p~D$V9 tV:xY9 ^V9 9 F& t9 PQ9 v& tV ^V9 D$tV~Y9 ^U9 Qh|tjjhRt,& & teeME0 E j@B9 39^u3dEP~(S9 0 ]& uK9 F9 URP ;ujPv Y9 0 M0 ];t
Ansi based on Dropped File
(~WRD0000.doc)
TMThMSEPMShMSEP9 MEKMEYMEKMMK9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
TN9a&g`MGiIwn>JjZf@;7S~G0`0 S$6 )WTg#.zfJah] +o*7}Z-incomplete dynamic bit lengths treeoversubscribed dynamic bit lengths treeincomplete literal/length treeoversubscribed literal/length treeempty distance tree with lengthsincomplete distance treeoversubscribed distance treeinvalid literal/length codeinvalid distance codeUT/..\/../\../\..\invalid bit length repeattoo many length or distance symbolsinvalid stored block lengthsinvalid block typeincorrect data checkincorrect header checkinvalid window sizeunknown compression method%s%s%s%s%sll'M>: >lmmmlxxxmCRegMonitor::~CRegMonitorCRegMonitor::Inits'M>: }pmPq)oxxmxxoooKrxendCSingletonLogic::OnAboutToClosestartCSingletonLogic::CreateSingletonLogicHWNDCSingletonLogic::~CSingletonLogicWM_QUIT - AfterCSingletonLogic::OnMessageWM_QUIT - BeforeCSingletonLogic::WorkerThreadRunCSingletonLogic::CreateSingletonLogicThreadB ) ?xxB xxymG au;~{xxa|2vwwEI CWindowStyledBorder ClassR `8! ! ,YOUOY_YY_,(O(2Yx2Column1LoggerWndCLOGGER_WND_CLASS$ TRANSLATIONTRANSLATED_KEY</TRANSLATED_KEY></TRANSLATION><TRANSLATION></KEY_ID><KEY_ID><TRANSLATED_KEY>H0 `69 </LANGUAGE_PACK></TRANSLATED_KEYS><TRANSLATED_KEYS></LOCALE><LOCALE><LANGUAGE_PACK>en-usLANGUAGE_PACKtooltips_class32} 9 83 M M " h(" aw"!/" N " " SysListView32SX7dUnknown exceptionlXdddcsm Access violation - no RTTI data!Bad dynamic_cast!&xx??33 EncodePointerKERNEL32.DLLDecodePointerFlsFreeFlsSetValueFlsGetValueFlsAllocCorExitProcessmscoree.dll(T&dbad exceptionruntime error
Ansi based on Dropped File
(~WRD0000.doc)
tPMI9 C"!;|9 MEPxPM0 uEG9 Ej8_H29 0 ]MTeM=9 MhaEPEPMELNMEFM1?9 u& u?EP9 %EPEP9 P9 ENMEmF9 C9 Mh\: EPTPMEMME<FM>& u<EP9 EPEP9 ~hP9 E MMEE9 >C9 MhEPPMEbMMEEMG>9 ]& u;uE~xP9 4M9 B9 MhaEPPMEMMEwEM=& u5MB~x9 =& t;uEP9 LEP}L9 MhEP$P}ELMEE9 Mh9 & M;EP9 0 ejh0 EJ9 IMD=& u9tE^xP9 5L9 AMz;EP9 0 ejhE
Ansi based on Dropped File
(~WRD0000.doc)
tu(9 $E9 $E9 ` $ ]30 t
Ansi based on Dropped File
(~WRD0000.doc)
tu9 E0 G`u9 E0 Gd3<9 U9 9 E]9 U9 9 E]jhF9<euu\0 E/9 E9 9 0 E3= 9 9 e}uj eE9 E+<9 U9 3@}u3]U9 SVWUjjhuZJ]_^[9 ]9 L$At29 D$9 H3"
Ansi based on Dropped File
(~WRD0000.doc)
tu9 O`0 M0 G`u@9 Od0 MGdRu.9
Ansi based on Dropped File
(~WRD0000.doc)
tuuY0 uWuu0 EE9 EuYjhAP30 u39 ];" ;ub>VVVVV3{39 };" ;t3f97" ;t 0 E;u
Ansi based on Dropped File
(~WRD0000.doc)
u 9 ]9 E0 ]0 E;9 Ef f
Ansi based on Dropped File
(~WRD0000.doc)
u 9 ]9 E0 ]0 E;9 M`< <
Ansi based on Dropped File
(~WRD0000.doc)
u 0u`<xt<XuG`G9 3uNt0t1` a w ;MsM9Er'u;v!M}u#9 EOu }t9 }e[9 ]]0 ]`G9 uu=t} w& u+9uv&TE"tMEjX" 0 E9 E& t0 8Et] }t9 E`p9 E9 E& t0 0 }t9 E`p3[_^9 U9 3Puuu9TuhPP]9 U9 V39uu/TVVVVV'uEuEuEBP0 u0 uU^9 U9 ujuhR ]jh@: 9 u& tu=|uCjYeV-Y0 E& tVPNYYE}u7u
Ansi based on Dropped File
(~WRD0000.doc)
u M@u Mu6G! 9 9 9 " YY`M L9 9 9 " D$ M eHM& EtrjW630 E;ug 8tN6jEP60 ]& uf}u9 E"!RP6R;tSS6;tE 0@@& }u9 E#uME9 E#;tD=t)=@t"=t)=@t"=t=@uE9 M#;uE]E E@0 ]& 9 E#=@ = tw;& 9 E; yvv0& fE3H &H& REEjSS6tSSS6# jEP6e ttk& }uYE9 E; b! PjSS6W CSSS6B#& 9 E%=u6Y4j^0 09 d=uSj6 EASS6"!EE9 E+PD=P6b 9}9 9 9 D$`2M 09 9 9 D$9 M`
Ansi based on Dropped File
(~WRD0000.doc)
u VYL hh! hP! YY& uBh_OB T& $L! c=YthN!Y& tjjj3]jh@Cj;KYe3C9 0 `E}& 5Y9 0 }& tx5Y9 0 u0 }0 u0 u;rW9t;rJ69 0 5~9 5 9}u9Et0 }0 }0 E9 0 u9 }xhx! l! _Yh ! |! OYE}u(0 jiIYu3C}tjPIY9 U9 jju]jjj9 V9 V$V V"!VVV}VcV
Ansi based on Dropped File
(~WRD0000.doc)
u(9 E+EWu$MP9 E+EPuuuSP9 E
Ansi based on Dropped File
(~WRD0000.doc)
u0 EmEjEPjEP9 4h& u
Ansi based on Dropped File
(~WRD0000.doc)
u0 EuuuSuSuSW9 =u9 Ex|thhh jj0 Eu0 ESu0 ESj0 EX)E)EEEjjuuuuSuSuSuu9 Mj9 uS4MMBR3EjtaD9 0 u`9 } 30 }$P9 0 ES0 ,9 <E39Lu"39D$u
Ansi based on Dropped File
(~WRD0000.doc)
u89 R z t7;qu
Ansi based on Dropped File
(~WRD0000.doc)
u89 R z,t7;qu
Ansi based on Dropped File
(~WRD0000.doc)
u89 R zt7;qu
Ansi based on Dropped File
(~WRD0000.doc)
u9 3@^]j4r*10 M9 3; gHTG9EV9uRM9 ]9 {$+{s0 u0 u9 s(+s 0 }0 u VWs0 E 9 5Pu0 E9 0 ejhTS0 EQme9 0 ejh|9 9mM3PPP9 E9 jzPuh s 0 EssuWjju ju 9 E9 uT=& t8u}j
Ansi based on Dropped File
(~WRD0000.doc)
u9 & 9 EE;t9 PQ9 E];t9 PQ9 EM;t9 PQY9 D$& t|$r|$w
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P uuWuv 9 9 9 _^]^]% V9 D$tV Y9 ^SV9 _9 \$S& tfW39~@uZ9 D$0 ^D0 FH3`& t@WWWWWWWWh WhS 0 F@;u39 = VjPhjv@0 F3@_^[j19 0 u e}Lp$}E W$}EH$$(9 bj1}9 0 u9 }W
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P43^9 }9 79 ]VjS Wu0 ^hS49 & u& u9 u9 SP@& & uuS& u9 9 P0& uuujuv uu& t9 9 Pjuuj9 ]9 & t9 QPu9 R& & 0 S\Ss9 + # tE-"!& & t*u9 uWu9 P& & uuW7uuS9 }9 & t*9 QP9 EPEP9 & & Wuh
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 P^]j@#s9 }u
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 R ^V9 9 9D$u
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 R DtAPt$0 /l$: l$U9 9 EV3W9 ; 9 P
Ansi based on Dropped File
(~WRD0000.doc)
u9 9 R9uuMM)z9 h3FV9 D$tVIY9 ^jHj,e}u9 Mjh|9 Iu& u9 Mjh|9 : ,MQ9 9 M3EFP0 u M0 uE y9 Ej uEPm3M0 uq& tMMQy9 YMq9 M30 Fj0sB`9 0 }33M0 uf0 E0 u3rpPMdMEEuq& & " V9 ;tP9 ;t0 uM+pPM9 EE;t9 3Pjw09 9 9 ;t59 9 uSP$9 E9 @$9 UR9 uSPQH9 }0 E9 ME& t 9 5EPEP& t9 SP9 E& t
Ansi based on Dropped File
(~WRD0000.doc)
u9 @9 _[Ul$ 30 & j0N}9 & 9 9 e0 M0 }0 u0 E@0 E& tV9 'B0 EVWh4hj3hPf0 EEP EPVWL & & 9 5P SEPju{Y& uIEPEPuL & u4jEPMejMh9 MPuMMSEPju;u}tu$ uuT 9 & u9Et9 M& tua?jX
Ansi based on Dropped File
(~WRD0000.doc)
u9 ^]U9 SVWujj9 }9 59 SWu 0 EPW0 E u0 EuuuW uWuW9 5Su _^[]|$u3t$ SW9 |$9 & u3#VW9 & tV9 VW9 9 ^_[U9 QQSV9 u9 & tcu& tV9 0 E9 FW9 = 0 EEPu9 E0 9 E0 F9 F0 E9 F0 EEPu}9 E0 F9 E0 F_tV9 ^[U9 QQSV9 u9 & tcu& tV9 0 E9 FW9 = 0 EEPu9 E0 9 E0 F9 F0 E9 F0 EEPu}9 E0 F9 E0 F_tV9 ^[U9 }SVW9 tCu9 5& t4uR 9 W& t"ju9 uu9 uW3@3_^[]U9 }VW9 t<u9 5& t-u& t$ju9 uu9 uup3@3_^]V9 t$& t4jV |$t@u
Ansi based on Dropped File
(~WRD0000.doc)
u9 B0 EVu uhVjuuT & ujY
Ansi based on Dropped File
(~WRD0000.doc)
u9 B3@_^[j}NA9 MhPuuuhhVjHEPj3Wuu0 ;& 9 , EPWEPWu0 }u}0 Eu(u$ 3}h" V@@P=t';t#u$ u3}h" V@@P9 EDjP9 YY& tl9 E0 EEPWEPjuu& u>9 E;Ew63jf0 GWM9 MeEP{!WMYMWY9 Mj}u$ h|Vj3@3" PhVAAQ3"!U9 QeSW@9 & t
Ansi based on Dropped File
(~WRD0000.doc)
u9 D$_9 D$9 U9 ] 9 U9 ] jhH@eMx:9 M+M0 MU9 E0 E9 E9 0 E9 E8csmtE9 E m9 eEjhh@ze9 u9 EEeMx)u9 MUEE}uuuuu@jh@30 E0 E0 E9 E;E}9 u9 Uu0 uEEE}uuuuu! Dn;";[;:C:B:99 U9 }}tt }]=t-U9 $,$=t<$XfftU9 T$|$l$9 T$9 D$& t<& y$9 $ 9 T$,$9 $9 T$9 T$u\$\$=VVthV}Y& tVU9 & t9 FtPXVRWYj0 jh@4(VepXPTY 9 E9 9 0 MPQ7~YY9 eu_]9 U9 TSPS& uuSPT& u(PP0 9 M9 QT0 PT9 QX0 PX9 QQ0 PU= Vth V}Y& t VI9 U9 QSW9 }30 ];u "!kSSSSS=VYShjX9 YY;tJ.UplVS9 EYYVjVh& u0 ~TS0 FX(9 0 ~;tW, u#P0 EVCY9]tu,kY9 ^_[9 U9 9 USVW3;t9 ];wjj^0 0WWWWW9 _^[]9 u;u3f0 9 f0 AAFFf;tKu3;uf0 jj"Y0 9 9 U9 9 EVWu|PL& Y& u3U& ub& ( |}& }cR & | B & |jaYY& ux3;u19=x~
Ansi based on Dropped File
(~WRD0000.doc)
u9 eMQ9 PMMmV9 VD$tV4mY9 ^j.l9 j%fY9 0 M30 E;t
Ansi based on Dropped File
(~WRD0000.doc)
U9 h9 P(R9 P$R]9 D$9 T$0 SVW9 D$UPjhd5 3PD$d9 D$(9 X9 pt:|$,t;t$,v-4v9 0 L$0 H|uh9 DI9 D_9 L$d0
Ansi based on Dropped File
(~WRD0000.doc)
u9 k=MM9 9 U9 SVu$uuhVj30 ]<9 0 M;tuu>0 EWEPjSu0 ]u0 9 ;uuu 9 u$ ;ujX
Ansi based on Dropped File
(~WRD0000.doc)
u9 M0 _[9 U9 ,9 EH
Ansi based on Dropped File
(~WRD0000.doc)
u9 M0 _[9 U9 | 30 E9 ES3V30 E9 EF3W0 E}0 ]R0 u0 ]0 ]0 ]0 ]0 ]S0 ]0 ] 9]$u(kSSSSS3N9 U0 U`< t<t<
Ansi based on Dropped File
(~WRD0000.doc)
u9 Mfu-9 E0 EEPM]e9 MPCMMfuE0 EEPM)Efuf}9 u9 9 MPVkfu'9 E0 EEPMe9 MPEM3=,1+RYVt$9 RY& u
Ansi based on Dropped File
(~WRD0000.doc)
u9 MX39 0 MD;t9 ]|D& 9 0 49 A0 9 MDF;u\r9 D= 9 ]LM@0 E\9 E|0 ED9 EH;E40 U<0 U 0 " X0 U00 UX9 }(HD& 0 M0 E,9 E,9 0 E8; 9 ELM89EH}9 ML9 +9 ML9 UE@0 E 9 E4+0 U0 EX;v0 MX9 MH9 U83+@B;v%9 u,+U8;MXs
Ansi based on Dropped File
(~WRD0000.doc)
U9 QQV9 9 FV0M EPM t/VvMxEPMw t9 iu9 EOEPMT u/SW9 }9 ]MSWEP9 EPM' t_[u9 uu9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^/ijZ9 0 uL"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , }LE}$E hM9 P\j8Y9 h#MD0 E$3P9 0 ]A9 M3SGWM >9h|#M
Ansi based on Dropped File
(~WRD0000.doc)
u9 u9 P9 Ej{j z9 9 MEP3H!}M& u}P9 URP9 }t& t9 j9 u}P9 URPMMz8u39 9 P& t9 9 bDj(Qy9 }u3eEPu|9 2"!& t}um9 9 P9 & tjsY0 Ee& t9 <3uM0 EEP9 }9 MPEMM'u9 u9 Pu9 M: 9 E0 EEPM
Ansi based on Dropped File
(~WRD0000.doc)
u9 u9 uPPju ^u9 Y& u9 uWu9 9 P 9 Vju 9 !uY& u9 9 RuY& xu9 9 R0u Y& 9 M9 QMQ9 R8ujY& 9 M9 QMQ9 R49 ujV9 #]& tVD jeDMQ P9 0 E\& } u9 _u9 V^9 E0 p9 M39ytjV
Ansi based on Dropped File
(~WRD0000.doc)
U9 VE9 Pv< & t9 E+F(9 P9 E+F$P_^V9 9 N8& tDh|$9 N8thjdjj39 N89 N89 jP9 ^j4%e9 }3C9 0 ]G`0 ]h9 2: j
Ansi based on Dropped File
(~WRD0000.doc)
u^[_3`:u~`a t(`:u`A t`f:t3^[_`G^[_9 ^[_9 U9 j
Ansi based on Dropped File
(~WRD0000.doc)
uB0`B! /$` 1 wjYJ9 M$9 9 0 9 :ujY+tHHt
Ansi based on Dropped File
(~WRD0000.doc)
UDR 9 UDRP9}hu<;uUMD%& A9 MTEDPV ; ,MD& & 3C; 9}ht9 Mp& & 9}\u9}huMD& & Wh`ttSWvk;t9 A&; PM4}~9 N9 U4RP<;u
Ansi based on Dropped File
(~WRD0000.doc)
uE3B;r9]u9 E x@! G 9 W;u0 ]9 ]9 u+0 E9 D0 tyjju;Eu 9 G9 M 8
Ansi based on Dropped File
(~WRD0000.doc)
ue9 U9 QSVW5Hg59 0 }8g9 YY; 9 +CrwWm9 CY;sH;s9 ;rPuTmYY& uG;r@Pu>mYY& t1P4SfYuEf0 V:fY9 EY3_^[9 Vjj l9 Vf& ujX^&3^jhx?,KneuY0 EE9 E-*n9 U9 uYH]9 QUrpY9 U9 V9 EtVY9 ^]9 U9 9 EQPT6YY@]9 U9 QS9 E0 Ed9 9 d9 E9 ]9 m9 c[XY! $9 U9 QQSVWd9 50 uE9 juuu: :9 E9 @9 M0 Ad9 =9 ]0 ;d0 _^[U9 SVW0 E3PPPuuuuu{ 0 E_^[9 E9 ]9 U9 V9 u9 N39 jVvvjuvu { ^]9 U9 8S}#u9 M0 3@eE M30 E9 E0 E9 E0 E9 E0 E9 E 0 Eeee0 e0 md0 EEdE9 E0 E9 E0 Ef9 0 EEP9 E0UYYe}td9 9 9 ]0 d0 9 Ed9 E[9 U9 QS9 E9 H3M9 E9 @ft9 E@$3@ljj9 Ep9 Ep9 Epju9 EpuLz 9 Ex$uuujjjjjEPh#9 E9 ]9 c9 k 3@[9 U9 QSVW9 }9 G9 w0 E9 -u{9 MN9 k9 M9H};H~uM9 ]0 u}}9 EF0 09 E0 ;_w;vz9 kE_^[9 U9 9 EV9 u0 be9 0 FTe0 9 ^]9 U9 ?e9
Ansi based on Dropped File
(~WRD0000.doc)
uE@;rG @juu & }:9Ew9 Ott9 G0 E9 D0tE9 E)E9 E9 M^_[jhhA339u" ;u?VVVVV'uY0 uuY0 EE9 EuY9 U9 V9 u9 Fu ?g}0 FuVEeYV9 FY y0 FttuFuuV
Ansi based on Dropped File
(~WRD0000.doc)
uEuEu9 ^V9 D$tV!HY9 ^V9 D$tVGY9 ^V9 D$tVGY9 ^j`UF9 9 u9 E}$3< 9 E
Ansi based on Dropped File
(~WRD0000.doc)
ue}9 Pu}9 PMM
Ansi based on Dropped File
(~WRD0000.doc)
ufY& tuw-Y& th\u
Ansi based on Dropped File
(~WRD0000.doc)
uHMj$Z.Y9 0 Me& ti3uMH0 Eo9 Mua9 E9 PP9 R4j0j30 M39]u
Ansi based on Dropped File
(~WRD0000.doc)
uM3M& uhavY9 0 ME;t3MQ9 ]0 E;u+;tu9 M;u9 M9 ;tV:}Y0 ]9] ,u9 u9 PU9 ,ESVW3WWWjP5"!d 9 ]j;9 }0 E^u0 3j0 7h EPud& tIEPju & ~6}9 Eu"!+0 E}9 50 9 E0 tu}tu0 30 7uh _^[j|QZ{9 39}u3EPu~9 0 }a;t9 E;& 98t9 9 9 R;t9 9 R@9 ;th
Ansi based on Dropped File
(~WRD0000.doc)
uOY& uV[YFW 9 F9 >H0 9 N+I;0 N~WPu0 EM 0 Fy9 Mtt9 9 " @ tjSSQ4H#t%9 F`M3GWEPu70 E9}tN 9 E%_[^9 U9 @@txtPu [YYf;u]]9 U9 V9 u9 EM>Yt}^]9 U9 G@SV9 9 t7u19 E0MP9 ~CC>Yu8*uj?9 cY}^[]9 U9 t 30 E9 ES9 ]V9 uWu30 & 0 0 0 0 0 0 0 0 9u3oWWWWWm t
Ansi based on Dropped File
(~WRD0000.doc)
uPYY]3]jTh@EKa30 }ESPEj@j ^VYY; 0 5 0@@
Ansi based on Dropped File
(~WRD0000.doc)
uSj0[! g$HfwjY+9 M$9 9 0 9 ;ujY+t+t
Ansi based on Dropped File
(~WRD0000.doc)
uuuuuPtV9 jjND$tVNY9 ^j;19 0 uQ0 e0 eue9 9 SVW9 |$ -9 9 u$v9 9 6j9 W ~-Y9 t_^[VW9 w9 p9 0 @9 g0 9 6_0 v^j0: 9 0 ued 6YXU9 QVEPEP9 .9 ^V9 j
Ansi based on Dropped File
(~WRD0000.doc)
uY& uVYFW 9 F9 >H0 9 N++0 N& ~WPu0 EN 0 F=9 Mtt9 9 " @ tSjjQz#t-9 F9 ]f0 jEPu9 9 ]f0 ]u0 E9}tN 9 %_[^U9 WVS9 MtM9 u9 }AZ I`&
Ansi based on Dropped File
(~WRD0000.doc)
uy3MPj5(uEPEP9 & ujX9 M ejEPMSPN(E'9 MEDMM0 F8z jNx9 ee9 u9 4zeh%9 E9 u9
Ansi based on Dropped File
(~WRD0000.doc)
uY9 0 M0 };t3uMu9 u0 EV]& u9 M9 ;t0V{Y0 }9}t
Ansi based on Dropped File
(~WRD0000.doc)
u{9 F^j,&Mu3uMu0 uS1;uFMM9 fj,&Mu3uMu0 uz;uFMM9 !j,&:Mu3uM0 u};uFMM{9 j,&MKu3M0 u3;uFMM<9 j@,Me9 0 eju@]EPMHMEOPj5pMcME/WMM3+j,&DM 3PP5pM0 EEcMM3j,&MXejj5pMcMMH3j,&MueMq@MM3sj,&RMueM=MM3:V9 9 N& t`9 N^" ! ^j.99 ~u%jLAY9 0 Me& tFP#! 30 F9 FUdh,9 MA9 eVP49M`S%EPMEjd_j[SE@PE9 0 eXPE0 }@^M`^)E PMHj\M E`PM 9 ;VjE0PM 5`M0E M& & 9 0 eXjhZE0P@@E|9 & ~zMKEPNV@E & tMEPM
Ansi based on Dropped File
(~WRD0000.doc)
V ^]9 U9 9 E}P
Ansi based on Dropped File
(~WRD0000.doc)
V9 3GPN$]G4PNG$PN4uNGPNHx9 MV"!E9 E;ERmMM 3@}UTj,"!}h,wY9 0 M e& t9 30 }& u39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 3Mj&Y9 0 ME;tVS39 MMP2E9 E;Er 9 j9 3W3@},U`j, +9 0 u`9 El3; 9^@& 9 x; 9 @M0 ElnM0 ]G~; : 9^ 9^ 0 hTF%Y9 0 M,E;tU9 3ul9 W]0 El9 j9 M3NnM0EMPE M@Ex9 M0Q9 EP$9 MPQ9 P9 M@Q9 PMP& uAM@& u5M0& u)E@PEPPE0PM & tEPPM;tG9]lto;ukjd$Y9 0 MlE;tV39 M`PEM@EMPEM0EM]fmMMZm3P9 j9 M@E~MPE M0E M]m9 j9 MMm3@9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 9 9 MMcSV9 ~W9 >}R?u9 9 0}9 _^[V9 ! D$tVcY9 ^j V9 ~$u5Wh xxWj
Ansi based on Dropped File
(~WRD0000.doc)
V9 d9 M& uDhf0 EESP" EPSSh S@& |EP9 &]V9 dMi3CM0 ] & 9 M& & x9 M& & h9 MEP$MEXS& t!jh|9 9 `M0 ]]ZDEP9 /bhH9 cjWMc`jWMET`MELQ9 ME PEPMEaM ECZMQPMbWMb9 MjE P PMEaaM EZM`QPMaWMaMFQPM=QP9 }R9 MVcM0 ]EYEMYMExYM] YMEg9 E'9 MVhLrPV9 b0 ]ME^g9 9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9 t$& u3 W9 |$& t9 WP9 & t9 PQ0 >9 _^9 D$jh01}fH@1Vj9 Xf0 9 D$0 F& t9 PQ9 ^Vt$9 fF0 & u9D$t
Ansi based on Dropped File
(~WRD0000.doc)
v9 u3_^$ D$V9 $ tV gY9 ^jovf9 0 u&fNeN9 'g Vj9 Kg+FY3;F^9 j,&f9 MkeVMMMafj,&e9 M3veh ~WMvMh W MMvfj,& e9 MeFPh ~WMVh WMMM#f9 9 L$H 0 H?Bj "e yua$ eVW9 |$9 j9 r9 F& tP9 89 *_@^VW9 |$9 j9 >9 F& t
Ansi based on Dropped File
(~WRD0000.doc)
V9 u; xxtvhtajtLqt6t& 9 MWue9 MWT9 MWC9 M9 P@39 M9 P<#9 My@ 9 E jZf0 9 ID0 H9 MW 9 - H " -tst`9 MejjEP& 9 Et1& t7u(9 u$u WuuuVPQ9 9 E& t9 PQ9 p& t9 PQ@ _9 MWQ9 ExPtpLHpH! 369 MW(9 MW9 MW9 MW^_]$V9 " D$tVcY9 ^j80@y9 0 }e< 9 ]9 w& & & }wt9 e& & tS9 R& tS9 T }tjXhf0 E0 E} tV9 9 u<j?w9 uhhJ V9 B jYP9 D 9 V9 Wh9 Zu9 ]+HPWEP9 > jVME jETYPM M\M9 RVP9 ME9 ME9 9 }9 'PM{9 E3E;t9 39 G<9 u9 }#VSSSQPR,9 9]tu9 M3;9 ;t9 z3dj[@}9 9 Whhj ?t& MejEP9 MR PMEu9 }& t9 3v<9 P9 R )9 v<9 9 }& t9 39 Pv<9 R& t9 MM ``9 D$;uP,9 L$I9 Au9 jP3V9 t$& u@ ,hpt$PUYY& t9 D$0 9 PQ3&@ ^A@,@ @ $9 D$@9 @xU9 V9 u& u@ 9hsuTYY& t9 E& tH30 9 PQ3VuuE^]U9 QQ9 ESV3W9 ; 9 ]; a9 URhsP0 u0 u& |}9 E;tvURu0 u9 PQ& |Y9utT9 MQhsW0 u& |?9ut:9 EURu0 u9 PQ& 9 E|0 C9 E0 E9 PQ9 E9 PQ9 E9 PQ9 E3_^[V9 t$& t,9 F& t%9 W6PQ9 9 F9 PQf&3& _3^l$9 ,@D$V9 ,tV" Y9 ^9 @`@@D$V9 F@,tVZY9 ^j@=9 0 ut~$9 E3P& ~ S9 & t9 j9 9 C0;|N<Ez9 ENE! MN" ! xSV9 9 ^8W~$9 ;~S9 9 L$P}F83@3_^[$U9 QeSV9 ^W9 & ~&}<EPW9 & uE9 {9E|3_^[3@V9 D$tV,Y9 ^j
Ansi based on Dropped File
(~WRD0000.doc)
v9 Wt- |$ts9 F;s9 Pj9 N& uW9 3;_^VW9 |$9 v49~s
Ansi based on Dropped File
(~WRD0000.doc)
v9 Wu- |$ts9 F;s9 Pj9 8& uW9 S3;_^V9 jjNR9 ^y$r9 AAV9 D$tVn}Y9 ^U9 9 ESVW9 }9 9Gs9 w9 E+9us9 u9 ;ujVu9 jCjV t7r9 9 Kr9 CC9 UVWQP^V9 Z_^9 []U9 VW9 }W9 e t~r9 FFu+WV9 >:ju9 * t(9 Nr9 FFuWQPu9 9 _^]U9 9 ESVW9 }9 9Gs9 w9 E+9us9 u9 ;ujV6u9 j*DjV t8r9 9 Kr9 CC9 UVWRQP!V9 q_^9 []V9 jF;jjt$9 I9 ^U9 VuEP9 0 VvMT EPMSt u9 EPuYY uMVvM M9 9 E9 I0 0 H^Vt$9 YPt$9 P^V9 jFjjt$9 ~9 ^U9 VW9 }W9 t ~r9 FFu+WV9 f:ju9 t(9 Nr9 FFuWQPu9 '9 _^]VW9 |$W9 X9 G0 F_9 ^j}V`9 0 u9 ueNRq9 9 Vt$9 R9 ^RfV9 RXD$tV`Y9 ^V9 jF]t$9 9 ^Vt$9 -}YPt$9 ^V9 jF:t$9 9 ^j}{0 9 0 u9 }WQ9 eWNR 9 (`Vt$9 R9 ^U9 V9 ~uuvjuX9 Es9 FSWV0MEPMq t%9 E9 }PWZYY Wu9 VvM EPM q9 } t*9 F9 @WPYY 9 FWp9 j9 EPWYY t;9 E0 E9 EM0 E 9 ]CWPYY t9 C x-W9 tSkuk9 EWPYY tg9 EVv0 E9 EM0 E M~EPMp9 ] uCPW^YY t$9 E9 H y-W9 tPjSju9 EWEP9 9 9 M0 9 @0 A9 _[^j0`! 9 uEP& 9 FVPMD EPMCp9 ] uCPuYY t=uM(eeEPSuEP9 9 9 @j0 MjM0 E Mp! Uhl$ 30 Ehj< 9 }tM,eM@LE P9 E_$SME0 ]DM EPM1eHMPMLELPE8 P9 EV5M'EPM8&o uM8Ao9 @0 EHjB! YuHM 0 E<MP9 EPhpSj.}H& 'ELP9 U9 M<0 EPM 9 E[0 EHEHPM~VMEPMPM@9 MD9 E0P9 9 EM09 E658: hSj& uHM58: WVMEMEjjML"!MEM EM@E0 MM]39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
V9Pt9 ku;rkM^;s9Pt3]5& wYj hF>30 }0 }9 ]Lt9 jY+t"+t+td+uD[y9 0 }& ua`w\9 ]9 9 Z9 t<t+Ht3PPPPPc
Ansi based on Dropped File
(~WRD0000.doc)
V@@P39 _^3[N U9 SVW3jZG0 }Q( 9 3Y;ujXV9 EDPVS W0 } 9 ;uS YuVW^ 9 EMQWPVEPSuu@ 0 E=& S W YYVVVEPVVVVVVVu?0 }8 & t0 }E9 E3j@ZQc 9 Y; 99 EDPVS uA 9 ; >uVW EP9 EWPVEPSuu@ 0 E9uu/9 uj9 9 E@P9 xS9 u9 MW}S W 9 EYY_^[V9 D$tV'! Y9 ^D$V9 tV
Ansi based on Dropped File
(~WRD0000.doc)
V@@Pj O 9 eMPu hTVjeEPMPu9 D& t)h|Vj 3FMM
Ansi based on Dropped File
(~WRD0000.doc)
V@@Pru$ h|VjM]W3CFj(<O] 0 MuuuhVjjEPj3Suu0 ;t3" PhVAAQ73cM9 MeEPSu!9 & u9 E9Eu9 MEPMMC& tu$ h|Vj3@u j$_O}9 9 MPuuhHVj EPj3Wuu0 ;t$3" PhVAAQc3 MEPWu9 0 }Iu9 $ ;u/9 MEPKh|Vj3GMM9 3" h
Ansi based on Dropped File
(~WRD0000.doc)
V@FL" "Q:BAbppo( 0 E6;n}Nc "!IY(Z ! G< |BV" npfF`!R4R jZa6j;GIF89a/$} }}xtxted^~sbZy]} 0 cSrbZ}R9 uk xu ~zfvuu\dql~[o~vkc T `~samrY[i`Q: qxr}~tdRdwyg9 u]nxyU}! 0 " gukvw9 ^RpRSpbvSsowh~sdR^Rgxv{~u~u" naxu}SV 9 !,/$@*\ ! #JSHA2j `IdIDR\e8;6c (opE >G9k'O *]tbc4H" aG?I j)*#P
Ansi based on Dropped File
(~WRD0000.doc)
Vdr: " " " t!)19" \dlt|" x" `BJ" " mu}& " " " \$" I" l" " " P" R" -5=`kv~" " H" R" @" " Lckss{9 " " " $,44<DNs{S" `" " " HDLV^fnv: " " " .6" ," Yaiqy0 S" 6.OW" 0z" t" " " 4"*2:BJR
Ansi based on Dropped File
(~WRD0000.doc)
vE9 U9 jpQujWVpR $& tuuW9 4Ej*Y0 9 uvY9 e^[9 M39 U9 WuMe9 }EPu_ }YY_t9 Map9 U9 S39TuA9 E;uDSSSSSd3/9 8t)`
Ansi based on Dropped File
(~WRD0000.doc)
veMa}9 }tP?MY9 }P+9 9 ;9 =tDPMv0& t2j b,Y9 0 ME& tjw3Pj5(Ev0M9 }0 E9Et@PMLv0& t.j ,Y9 0 ME& tj&w3Pj5(v0MM&uR2j,&19 Mt30 u9uuN9<tF9 ;t59 0 E& ~'V9 kG& t9 <4PM! F;u|MMt
Ansi based on Dropped File
(~WRD0000.doc)
VEPMEM0 EEV9]t,j5M
Ansi based on Dropped File
(~WRD0000.doc)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0 "0
Ansi based on Dropped File
(~WRD0000.doc)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA76dv2ew0* H
Ansi based on Dropped File
(~WRD0000.doc)
VerQueryValueWGetFileVersionInfoWGetFileVersionInfoSizeWVERSION.dllRObtainUserAgentStringfURLDownloadToFileWurlmon.dllCCloseHandlewReleaseMutexGetLastError}CreateMutexW.TerminateThreadGetExitCodeThreadCreateThreadGetModuleFileNameWGetModuleHandleWfGetTickCountLFreeLibrary GetProcAddressLoadLibraryWGetCurrentThreadIdKERNEL32.dllGetStockObjectfSetBkModeDeleteObjectQRoundRect^SelectObjectICreatePenRCreateSolidBrushDeleteDCBitBltFRectangleExcludeClipRect-CreateCompatibleBitmap.CreateCompatibleDCeSetBkColorSetTextColorGetLayoutGetTextColor2FrameRgnMCreateRectRgnGDI32.dllShellExecuteW#Shell_NotifyIconWSHELL32.dllCLSIDFromStringkCoUninitialize=CoInitialize;StringFromGUID2CoCreateGuidIIDFromStringole32.dllOLEAUT32.dllGetProcessMemoryInfoPSAPI.DLLEPathFileExistsWSHLWAPI.dll _TrackMouseEventCOMCTL32.dllsInternetCrackUrlWeInternetCanonicalizeUrlA~InternetReadFilejInternetCloseHandleInternetOpenUrlWInternetSetOptionW"!InternetOpenWWININET.dllLReleaseDCGetDC9GetLastInputInfoJRegisterWindowMessageWOGetMonitorInfoAMonitorFromRectGetClassNameWEnumChildWindowsSystemParametersInfoWlGetSysColor~SetLayeredWindowAttributesEndDialogEnableWindowDialogBoxParamW]CreateDialogParamWSetWindowRgnSetWindowTextW*CharLowerBuffAOCopyRect(GetIconInfoKReleaseCaptureGetCapturegSetCaptureGetWindowTextWDrawFocusRectInflateRectGetAsyncKeyStateIsWindowUnicodeoGetSystemMetricsIsChildDrawIconExDispatchMessageWTranslateMessagecSendMessageWCryptMsgCloseCertCloseStore?CertFreeCertificateContextJCertGetNameStringWICertGetNameStringA5CertFindCertificateInStoreCryptMsgGetParamCryptQueryObjectCRYPT32.dllMultiByteToWideCharzWideCharToMultiByteGetModuleHandleALockResourceLoadResource9FindResourceWLocalFreeLocalAlloc3OpenProcessGetCurrentProcessIdGetCurrentProcessuGetVersionExADeleteFileWSetFileAttributesWGetFileAttributesW-TerminateProcessMulDivlstrcpyWInterlockedDecrementInitializeCriticalSectionDeleteCriticalSectionEnterCriticalSectionLeaveCriticalSectionxGetComputerNameW;OutputDebugStringWGetFileSizeCreateFileWhReadFileFindClose$FindFirstFileWeCopyFileW RemoveDirectoryWMoveFileExW0FindNextFileWOGetSystemTimeAsFileTime SizeofResourceSetThreadPriorityGetCurrentThreadGetLongPathNameWRGlobalFree GlobalUnlockLoadLibraryAGlobalLock& GlobalAlloc!Sleep2TlsAlloc4TlsGetValue5TlsSetValueSetFileTimeLocalFileTimeToFileTimeDosDateTimeToFileTimeSetFilePointer*SystemTimeToFileTimeqCreateDirectoryWWriteFileGetLocalTimeHeapFree#GetProcessHeap RtlUnwind>UnhandledExceptionFilterSetUnhandledExceptionFilterIsDebuggerPresentZRaiseExceptionExitThreadResumeThreadoGetCommandLineAHeapAllocHeapReAllocMoveFileWGetConsoleCP" GetConsoleModeGetFileType3TlsFreeInterlockedIncrementSetLastErrorHeapSizeExitProcess;GetStdHandleGetModuleFileNameASetHandleCount9GetStartupInfoAJFreeEnvironmentStringsAGetEnvironmentStringsKFreeEnvironmentStringsWGetEnvironmentStringsWxHeapCreateHeapDestroyWVirtualFreeTQueryPerformanceCounter[GetCPInfoRGetACPGetOEMCPIsValidCodePageLCMapStringWTVirtualAllocLCMapStringA=GetStringTypeA@GetStringTypeWAFlushFileBuffersSetStdHandle WriteConsoleA"!GetConsoleOutputCPRWriteConsoleWSetEndOfFileInterlockedExchangeInitializeCriticalSectionAndSpinCountGetLocaleInfoAxCreateFileALineTo!MoveToEx SetWindowOrgExGetWindowOrgEx>CreateFontIndirectWGetDeviceCapsxSetLayout!CombineRgnGetObjectA$OffsetRgn`GdiFlushCRealizePalette_SelectPalette4PlgBlt SetPixelGetPixel GetBkColor GetBkModeSetSecurityDescriptorSaclGGetSecurityDescriptorSaclmConvertStringSecurityDescriptorToSecurityDescriptorASetSecurityDescriptorDaclqInitializeSecurityDescriptorQGetSidSubAuthorityRGetSidSubAuthorityCountTGetTokenInformationOpenProcessToken*RegCloseKey3RegCreateKeyExWhRegQueryValueExW[RegOpenKeyExWxRegSetValueExWbRegQueryInfoKeyW6RegCreateKeyW>RegDeleteKeyWJRegEnumKeyW^RegOpenKeyWBRegDeleteValueWIRegEnumKeyExWLRegEnumValueWADVAPI32.dllSHGetFolderPathW`SHCreateDirectoryExWCoCreateInstancegCoTaskMemFree& CreateStreamOnHGlobalKNffff+Bhfgg(g:gAlert.dllDllCanUnloadNowDllGetClassObjectDllOnUpdateFinishDllRegisterServerDllUnregisterServer,0 U.?AVCAlertAboutBoxDlg@@U.?AVCAlertDialog@@U.?AVCMyDialog@@U.?AVCWebBrowserContainer@@U.?AVCContainer@@U.?AVCUnknown@@U.?AUIUnknown@@U.?AUIOleClientSite@@U.?AUIOleInPlaceSite@@U.?AUIOleWindow@@U.?AUIOleInPlaceFrame@@U.?AUIOleInPlaceUIWindow@@U.?AUIOleControlSite@@U.?AUIDocHostUIHandler@@U.?AUIOleCommandTarget@@U.?AUINewWindowManager@@U.?AUIServiceProvider@@U.?AVCWebBrowserDispatcher@@U.?AVCDispatcher@@U.?AUIDispatch@@U.?AVCSeed@@U.?AUIElementBehavior@@U.?AUIElementBehaviorFactory@@U.?AUIHTMLPainter@@,0 U.?AVbad_alloc@std@@U.?AVexception@std@@U.?AVCAlertFeedItem@@U.?AVCAlertChannelItem@@U.?AVCMapStringPtrW@@U.?AVCAlertALPResponseObject@@U.?AVCAlertChannelsList@@U.?AVlogic_error@std@@U.?AVlength_error@std@@U.?AVCAlertClient@@U.?AVCAbstractAlert@@U.?AVCAlertExpirationData@@U.?AVCRSSAlert@@U.?AVCInstantAlert@@,0 U.?AVCAlertDialogChildButton@@U.?AVCDialogChildButton@@U.?AVCChildButton@@U.?AVCMyWnd@@U.?AVCAlertDialogChildButtonCheckBox@@U.?AVCDialogChildButtonCheckBox@@,0 U.?AVCAlerter@@,0 U.?AVCAlertGui@@,0 U.?AVCAlertHTMLDialog@@U.?AVCHTMLDialog@@U.?AVCHTMLDialogBrowserContainer@@U.?AVCAlertHTMLDialogBrowserContainer@@,0 U.?AVout_of_range@std@@U.?AUIInternetSecurityManager@@,0 U.?AVCAlertHttpManager@@U.?AVCAlertLogger@@U.?AVCLogger@@U.?AVCSingletonSeed@@U.?AVCReferencedSeed@@U.?AVIDefaultTranslationsLoader@@U.?AVCAlertLP@@,0 U.?AVCAlertManager@@U.?AVCAppManager@@U.?AVCAlertAppManagerFact@@U.?AVCAppManagerFact@@,0 U.?AVCAlertOptionsDialog@@,0 U.?AVCAlertOptionsDialogTitleBar@@U.?AVCAlertTitleBar@@U.?AVCMyTitleBar@@,0 U.?AVCAlertOptionsDialogWindowStyle@@U.?AVCAlertWindowStyle@@U.?AVCWindowStyle@@,0 U.?AVCPopUpWindow@@U.?AVCBaseWnd@@U.?AVCAlertResourceBank@@U.?AVCResourceBank@@,0 U.?AVCAlertSingletonAllocator@@U.?AVCSingletonAllocator@@,0 U.?AVCAlertTrayIcon@@U.?AVCMyTrayIcon@@,0 U.?AVCAlertViewRecentPopUpWindow@@,0 U.?AVCAutoUpdateThread@@,0 U.?AVCClassFactory@@U.?AUIClassFactory@@,0 U.?AVIAlertResultEvents@@U.?AVCConduitAlert@@U.?AUIConduitAlert2@@U.?AUIConduitAlert@@U.?AVCEventAlertClient@@U.?AVCEventGeneral@@U.?AVCEventAlertGui@@U.?AVCEventLogic@@U.?AVCEventUsage@@,0 U.?AVCLogic@@U.?AVCNotificationsItem@@U.?AVCRSSItem@@U.?AVCNotificationsFeed@@U.?AVCRSSFeed@@U.?AVCServiceMapManager@@U.?AVCTrayIconPopUpMenu@@U.?AVCStringBufferW@@U.?AVCSyncMapStringPtrW@@U.?AVCArrayStringW@@U.?AVGdiplusBase@Gdiplus@@U.?AVCUtils@@,0 U.?AVCSingletonManager@@,0 U.?AVCEventSingleton@@U.?AVCEventSingletonGeneral@@U.?AVCAtlException@ATL@@U.?AVCStringTokenizerW@@U.?AVCXmlNode@@U.?AVCArrayPtr@@U.?AVCMapPtr@@U.?AVCCritical@@U.?AVCSyncMapPtr@@U.?AVCFileHandler@@'p'U.?AVCCommandId@@U.?AV_com_error@@U.?AVCXmlDocument@@U.?AVCRegValue@@U.?AVCSetupRegW@@U.?AVCEventHttpRequest@@U.?AVCEventHttpReply@@U.?AVCDialogChildButtonStatic@@U.?AVCDialogLineDivider@@,0 U.?AVCMovingFrame@@,0 U.?AVCJsonValue@@U.?AVCJson@@U.?AVCJsonObjectPairValue@@U.?AVCJsonObject@@U.?AVCJsonArray@@U.?AVCJsonNull@@U.?AVCJsonString@@U.?AVCJsonNumber@@U.?AVCJsonBoolean@@,0 U.?AVCJob@@U.?AVCThreadPool@@U.?AVCDummyJob@@,0
Ansi based on Dropped File
(~WRD0000.doc)
Version:P>* The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.P Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.H MS Shell DlgP?x2 OKPtx2 Cancel@[SysTreeView32P P P P9 Show icon in system trayP| Alerts enabledP h MS Shell Dlg( !fS
Ansi based on Dropped File
(~WRD0000.doc)
Vj0 E EPjjSW0 3;t3" PhXVAAQw3hf0 ERE}WPQ WWWWE PERPWuE D u9 $ ;u!9 M ERPh|Vj13@3" Sh@
Ansi based on Dropped File
(~WRD0000.doc)
VjM0 }M9}th9 h9 9 MjEPuuu9 Wh
Ansi based on Dropped File
(~WRD0000.doc)
Vk35+Eh +0 u0 E0 }0 Ud0 Vy 9 j Yu9 SY9 Y_[^tV9 t$& ujaX^~|tVY6VVYY3^U9 QQSW9 }3;ujaXC9_t9_|tW|YEPEPEPW& tj"!Vh 9 Y;t'h@Y9 M0 ND9 M0 0 NH0 ^L;uV~YjX0 ^@9 O<39_40 NT0 ^P9 O4 0 Nd9 0 N`9 O0 Nh0 ^;uFP0 ^$0 ^(0 ^,aY& uF@9 G@0 FX9 GD0 F\`G0$Fl9 G0t`G9`G? Fl0 F|9 E^pxV4Ft0 gE#FxxV40 E& t9 E tPSEYYu9 Gx9 MfD0 F<0 w|3^_[U9 QQ9 UW30 }0 };t9 E;ujaXV9 p|;uja9>ujSX9 M;u39 E0 F9 F\0 N;v0 FS9~ 9 U~& 9 FX& & @;s
Ansi based on Dropped File
(~WRD0000.doc)
vl$Yul$$vl$ul$8ul$.ul$ l$ul$ ul$Xul$tl$tl$Sul$$ ul$ tl$~ul$dul$Pjul$]ul$$Stl$Iul$/ul$ l$(ul$gtl$ul$tl$Xul$Pt9 9 V9 9 }D$tV9Y9 ^|$v9 L$9 D$f9 f;u
Ansi based on Dropped File
(~WRD0000.doc)
VP,& t}t& t
Ansi based on Dropped File
(~WRD0000.doc)
VP9 >;tW9 Mh\EPEM0 }!& uEP}0u9 uuuuMM9 )9 3x9 j<2~MdeEPMK9 MPEA0ME(9 M&!& t3MM39 ~9 Mh03FU9 V9 9 M & t3*u9 m9 M & u9 M9 MP03@^]jY9 MeEPu9 & tVM & uJMuMhRE@PMuuMh'PMMEpMM'j(1S9 eM^EPu3C9 0 ]& txM& ulM2MEEPhRME PM9 M& u(jh|9 ,M0 ]EM]&EPG09 Mjh|9 ,0 ]ME&9 ESj9: 9 0*M0 u! eEPu9 "& tIM& u=M;EPhMEPMqEM& u9 u9 uMM9&9 ASj<2Z: MeEPMt9 MPE`-ME%9 Mo& t3MM|9 : 9 Mh9.3FV9 9 L$5& t3%t$9 n& t9 L$9 L$P-3@^ja9 9 M& & 9 M& & M)eEPu9 & txM& ulMMEME9 M9 9 E0^PMUPVMM9 E: MEMM$9 MM$3aj"!9 9 M& & 9 M& & MOeEPu9 & tvM& ujMMEMEu9 M9 PM}PVMM9 EMEMM#9 MM#3"!j19 ejh0M)eEPEPu9 MM`# "!j19 ejh0M=)eEPEPu9 MM9 =#9 E"!D$V9 tV^"!Y9 ^j1A9 jM"!YjhHM0 E(eEPEPu9 YMM9 "9 j1 9 ejhHM{(eEPEPu9 MM9 {"9 #E|j1" 9 jYjhhM0 E(eEPEPu9 MM9 "9 &j1? 9 ejhhM'eEPEPu9 8MM9 !9 #E j`'2 9 eM 9 u3Ch9 0 ]6& t~j9 PMU'hMEB)M EPM EPME(ME7!M" PM~)M EM]!>EPV9 E& u!E9 MEP! ')9 KPMT)hRM(9 MEP*M0 ]E 9 E j1" 9 ujh0M0 E]&eEPEPu9 MM_ i j1 " 9 uEP3M0 u& tMM 9 ( u9 L9 & 3FjF 9 0 u+<Y}39 }W9 & <|9 u+ Q|W9 W9 4& uW9 ;SVWj9 " Yt$9 9 9 & 3+;+Xt$9 H& 3@3;S9 _^[j R2o 9 uEP 9 MeP&MM9 M}& uP9 Mhx& t?uEP9 (9 M3FP0 uc&MM9 E9 E9 3 j0& 2 9 Mu3M0 ]hMEPEPEPEPu9 E0 ];thM& u\M& uPSMOuEuMP9 E0EPEMEoM]MM3@M]MM3 j<2 9 MReEPM~2jhME3" E0 M! MM9 jx3~ eM;9 M3C0 ]& t9 MEP &0 ]|2jSu|E& u9 MEP\&0 ]| 9 & tEP9 ~hMEw& u<h 9 & t$MQ9 PME0$MEM9 MEP%M0 ]Eu|]ME[9 Eb Ul$ 30 & hF3` 9 & 0 EDVh;jj& \3P0 }9 EPE0 }PP 9 ;uKVjj& \PESM39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Vq9 9D$r3t$9 "^U9 QeEPu`" #Et$& tV9 p& u39 9 P#^j %9 }u3,juMSeEP9 MM9 9 SVW9 9 L$h|u~9 9 3& ~1W9 !& tt$9 9 RC;}9 L$h9 7~G;|9 L$hx$~_^[j9[o9 0 uej
Ansi based on Dropped File
(~WRD0000.doc)
VST{TTTU+VU9 0 }0 u9 u9 }9 M: fofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fp Iu9 u9 }9 ]U9 0 }0 u0 ]9 ]9 "!9 9 E3+3+"!9 3+3+9 uJ9 u9 0 M;t+VSP'9 E9 M& tw9 ]9 U+0 U+0 ]9 u9 }9 M9 ES;u50 M9 u9 }9 M9 MM9 UU9 E+EPRQL9 E9 u9 }9 M9 9 9 E9 ]9 u9 }9 ]-t"t
Ansi based on Dropped File
(~WRD0000.doc)
vT9 vP~\9 n& u9 E;F<u9 j9 }3?9 Su9 P9 9 E;F<u~pu9 9 P89 EFp& t9 PQ9 W _^[]U9 QQV9 u0 M& 9 F er&9 fx@u9 @H& t9 URhlrP& }e9 9 H3f9S 3W0 U9 H& t9 Y9 @83& tf8u9 @& t9 9 E9 M;A<u9 M9 SWURuP$_[& |}9 9 @t3f0 9 E& t9 PQ3W ^SVWh|9 hj9 IG$P9 _9 9 Nx*UV9 9 & tU9 U YV9 Ny]_^[jL?p
Ansi based on Dropped File
(~WRD0000.doc)
vu3M0 E;t9 PS9 R9 EU9 SV9 9 F3;t9 PQ0 ^WE~P9 D&9 M;t9 j0 ]EPEP9 +&& u9 S9 PE(P9 /EPEP9 d_9 M;t9 j0 ]EPEP9 B& u9 S9 P3^@[SUV9 t$Wh9 U9 SW9 WS9 Uh9 9 _^3]@[jRM#S9 0 u~9 e^(9 ;9 fj%9 E9 j%9 P9 9 SjRM: 9 0 uEN(E4MN(pSV9 D$tVRSY9 ^jMo: 9 30 }M9=@& & & 9~ `Mj3f0 MPMwpMEOPhRdSj89 F9 9 uP 9 3& VhS& PEPMM9 %3& u@MMv%3~: j4Ma9 3M0 ]H3SEPuM0 ];9 M~{M9 & v9 MSf<tC;r0 ]}9 MER+}EWuP0}Et(uEPMk.PMEU,ME$MPMoo9 E3E;t9 39 F9 }WQP 9 ;t@9 F9 SP 9 9 F9 SP ;u 9 E;t9 39 v9 URPV 9 9 M;tzt0 ]ME'$PMn9 EE& t9 39 F9 }WQP 9 & tB9 F9 jP 9 9 F9 jP & u 9 E& t9 39 v9 URPV 9 9 M& tse0 Ef9EuM 13& u@_!MMk13s"!j R9 9 E& t 9 ]9 PuhVj9 9 a& & & S9 "!& t3@}uh`iSM:,eEP9 EP9 ]9 & t
Ansi based on Dropped File
(~WRD0000.doc)
Vul 9utup U9 9 E(u VWP3Wh 9 ;u3j(EPV& t9 }VX9 _^U$l `jhD8dPL 30 & SVWPEd0 e9 & 9 S 0 E9 & 0 E9 & 0 E3FVf0 & H3& JWP1k3Vf0 EEWP kj8EWPkEH0 E#0 M$9 E<0 E0 E0 }MQhWP 9 ;tL9 M;tEPt9 M;t& HPa9 E;tf9 Mf0 9}u9}u3
Ansi based on Dropped File
(~WRD0000.doc)
VVVVV! 9 E4SW& t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVV! h h\WEp2j9 ;t$tjEP46 YP6ST _^[jkqYtj^qY& u=uh)hYY9 U9 9 E$]U9 0 }9 }9 Mf$ffGfG fG0fG@fGPfG`fGp Iu9 }9 ]U9 0 }9 E"!9 3+3+& u<9 M9 0 U;t+QPs9 E9 U& tEE+0 E39 }9 M9 E.0 }39 }9 M9 E9 M9 U+RjQ~9 E9 }9 ]jhEhef(E#9 E9 9 =t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVC*h\qCjP0 3& t
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVC3q9 iM9 CkM 3f0 M `0 Ef0 U0 u0 }0 MS& S}
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVIz^9 U9 h]]`]]EuMm]]z3@3hR] & thp]P<& tj"!9 U9 9 MMZf9t3]9 A<8PEu3f9H 9 ]9 U9 9 E9 H<ASVq3WD& v9 }9 H;r9 X;r
Ansi based on Dropped File
(~WRD0000.doc)
VVVVVwh!Vj%& u&h ]hV& t3PPPPP3V! @Y<v8V! ;jh]+QP: & t3VVVVV! 3h]SW& t
Ansi based on Dropped File
(~WRD0000.doc)
W 0 M0 M0 M9 M;MR4M9 EPEP9 E0 9 9 @0 E9 FV0 MPMEPM uM79 @9 M0 EjjME0 E9 Eu@ }t3WuuPuS
Ansi based on Dropped File
(~WRD0000.doc)
W 9 U` VW! $u 9 Mp0p9 }0O9 R49 ,9 & : 9 }jpO09 R8u 9 Mp0Afp9 M0Tp9 M0iB9 Mu 9 P<2p9 M09 R@ p9 M09 R09 Mu 9 PD9 3& u(u$u PuuuRu_^]$ISSHS\SqSS" SSSSVt$9 t$tjN3^jHX9 u9 }uuW9~<uN3bM(~ee9 MQWEPxuMWuMMEEPME" PMEMEEPMEPMWhRM"!jMQPv<9 EgM9 EaMEME uM0 }n& & @ j X! 9 EPejhM
Ansi based on Dropped File
(~WRD0000.doc)
W H9 U`! $0 p9 M09p9 M0ep9 M0 p9 M01p9 M0qxp9 M0`p9 M0xp9 M0 fp9 M0dTu(9 Mu$u Puuu6p9 M0"p9 M0p9 M09 3& u(u$u PuuuRuS^]$Uj );Mj& .D9 j8RY0 E30 ];t9 N9 MM[9 }EPSW9 E6M& t;D]W9 & t& u#W9 S9 9 EPS9 MM d`j,&9 39~0uk9~u9 E0 9~tR#M3GWM0 ]Y0 09 ;t9 WIY0 ~MM"!U9 QVEPEP9 9 ^j9 0 uue}}}FFdF$FFF F F$lFP$FXF\ |/}E }EN}E?09 V9 D$tVY9 ^j8B9 h xh0j9 ! 3;t9x0uP9 9x0t3jjY0 E0 ];t9 0 E0 ]MM!Y9 F9 VPME19 FVPM$EPM# & 3M6PM{iEP9 ;& MXj8EY0 EE;t9 0 E0 ]ME9 XEPu9 SM& t:Z& tu9 MEP9 lS9 SEPu9 MEFaM9 FVPM=EPM< u9
Ansi based on Dropped File
(~WRD0000.doc)
w$& j9 3*9 W9 j9 `9 & tWM6eE9 0 eP!9 9 j9 MM 9 N& t9 jf9 N& x9 jfiw9 \W9 OW9 BW9 5W9 D(W9 }IV e r R "! ) < Vjjjt$9 t$t$jUS~9 ^jk'9 9 EHu%h8!Y9 0 M30 E;tVN0 ~(jq0 jhvhuj1& u9 RQjhvhuj~1& t9 nOjkS'9 }u6j$X!Y9 0 M30 u;th9 wM9 & u9 D'9 V3;t&VhvhuVP0;t
Ansi based on Dropped File
(~WRD0000.doc)
w0ub39 M]0 E;t9 PuRu9 u9 9 E9 PQu3j.9 ~4u-j Y9 0 Me& t>U3M0 F49 j%9 9 F4QjBl9 0 uSE\9 N8& t
Ansi based on Dropped File
(~WRD0000.doc)
w0uY9 u9 9 E9 PQu3jA9 q;E}39 0 ]9 0 M;tEPu& t9 Ew(9u9 G$9 VPQ0& & 9 6MQu0 ]9 VP;RR9 E; 0 ]9 URP0 ]Qd;|[hMG tJjP8Y9 0 ME;t
Ansi based on Dropped File
(~WRD0000.doc)
W9 haM}& t"ERP9 WP9 EAMR7haMJ& t7& |P9 WP9 E|]q9 haM& tW9 *& t&MM?E9 E;E 3@7LMMj R2?K9 }u39 Mh\: Z& t-MQ9 We~P9 ZMM9 9 Mh, Z& t0MQ9 V~,P9 EMM9 9 Mhh: PZ& eP9 & U3@\Kj0uJ9 9 ]& u
Ansi based on Dropped File
(~WRD0000.doc)
W9 _9 ^jC9 9 }9~t)hWMheEP9 kMMD9 Vt$9 Z9 ^Vt$9 o9 ^j4kC9 30 ]9w9 Mh~~VMVME0 ]0 ]0 ]39E}9 G`E<ar<zv<Ar<Zv
Ansi based on Dropped File
(~WRD0000.doc)
W9 haM: & t
Ansi based on Dropped File
(~WRD0000.doc)
W9 Y9 e& hR: 9 Y& t-MQ9 V~<P9 EVME9 h, 9 }Y& t-MQ9 U~P9 EME9 htaEP9 iZEP9 Eh : 9 0 F/Y& tP9 ,0 EME1}u3MM9 3FjD9a<I9 M3WWuM0 }M;uM83IX;uMM9 9 M0 NLP9 ^9 jH9 0 u9 Ee: 0 FF49 0 S0 & u0 9 NIjgH9 0 u: eS9 & tPT7X'9 & t9 j'M9 4HV9 v& t9 }& t^^9 j.G9 j4AY9 0 M30 E;tPo0 HU9 V9 ~4tJ9 9 Pt9 }& t2uu\j9 0 ejhTS9 }jjj^]t$9 Pxjjt$j9 D$;u|$ujqYY38t9 9 9 bj F9 9 MQ9 P|eM& t3MM|9 GMPjjL9 & tP=uVTVX3F0 V9 D$tV_GY9 ^V9 9 0tS $DDD ,F9 ^j$QF0 M9 E& u@I9 Xp}Mu9 }3VSwM0 u94tjXE)EE)EhhjV9 9 5WS0 Eu0 ESj
Ansi based on Dropped File
(~WRD0000.doc)
W9 YY; 6V5P 5PY& tWVQYYDN0 VxYuWwTY3@_^]jh@9 9 9 ]3@0 E& u9x e;tu.RV& tWVS0 E} WVSr0 E& WVSSD0 Eu$& u WPS?DWjSBRV& tWjS& tu&WVS"& u!E}tRV& tWVS0 EE9 E9 E9 9 PQ{YY9 eE3{9 U9 }uu9 M9 UY]9 U9 9 Ef9 Uf;t@@f& uf9t3]9 U9 9 ES9 ]f;W9 tDf& t:+9 Mf& tf& t++uAAf9uf9tGG@@f& u3_[]9 9 U9 S39]u gSSSSSDV9 uW9 };t$;u pgSSSSS EB0 u0 u?vE?0 EuEuuPU0 E;tU;|BMx
Ansi based on Dropped File
(~WRD0000.doc)
We& u3_^j,&X:9 }ufjhvv3@3M! }eM9 N9 & tS 9 MMp}9 :j$#99 ~u3i|9 N0 EEPMnejh~MWEPEPE" |YYME\9 NEP` MMD3@K:jPf99 M|3M0 ]CM9 jh~MEEPEPE|YYME;t9^t?E9 0 ePh}9^t"E9 0 ePh9 N;u!3M]! MM|9 9S9 >9 jk 89 39~t
Ansi based on Dropped File
(~WRD0000.doc)
WFUP5+N\!#8DC 19 @O,?4L9 LNP ;GIF89aR "!x9 } : "!Sx!R, RR
Ansi based on Dropped File
(~WRD0000.doc)
Wh Nv4v3@_^[j@0 0n9 9 }& w9 ! g$& +
Ansi based on Dropped File
(~WRD0000.doc)
WhH=Lj\9 tLMuH;}?GWjEPM~*PME&M]JVM'9 MEPR(9 Mjh|9 %M0 ]E9 E" U9 Q9 MejhR$9 Ej} EP`eMP& tMM MWME\MEx9 EPhMPVM1& u+ME&MEMMJ9 }9 ujl EPeM& u[Pb YM9 MEMEVhM9 IPWMME MEwMM j EP#eM& uTM/ME4MEPuMh9 PVMBMEMEMM*4 jM EP eM & t3MM9 M`MEMEuMh9 PVMM9 E_MEE j, eEP3CM0 ]& t9 Mjh0/"0 ]M#MEMEME9 EPhMrPVM9 M& ujh0!EP;%M0 ]E"!MEM]ME9 E jEPeM& t3MMt9 | MMEME0uMhx9 ~PVMl
Ansi based on Dropped File
(~WRD0000.doc)
wM?9 T$B9 J3u
Ansi based on Dropped File
(~WRD0000.doc)
wMKM9 T$B9 J3vu wMLMM9 T$B9 J3CuLdwM49 T$B9 J3 uxAwMaR9 T$B9 J3twMwRMoRMJ9 T$B9 J3tv9 M{9 M9 M9 M\9 Mt9 T$B9 J3{tSvMMMVX9 T$B9 J3HttivMM+X9 T$B9 J3t>v9 MU9 MJ9 M$O9 M< 9 T$B9 J3suM9 M9 M9 M$9 M< MuzYuzY9 T$B9 J3ks8RuMM~x{M9 uyYuyY9 T$B9 `t3sS7uM(I9 T$B9 J3ruMIugyY9 T$B9 J3r,tMHu:yY9 T$B9 J3"!r`t9 M9 M9 M<9 T$B9 J3]rS~tuxY9 T$B9 J38rYtMsMHMV9 T$B9 J3r&tMUMUM H9 T$B9 J3q@sM
Ansi based on Dropped File
(~WRD0000.doc)
Wo9 }j& p9 }EPEPGi9 }jX+EjSWto9 }EPEP+}9 }jSWLo_[^9 & t9 @& t9 9 R 3V9 t$& tHSjhxhxjq8x9 & t'9 W9 Pl9 9 9 P & _u& ujj9 .[^V9 t$W9 & t19 S9 P09 9 9 P49 O$;9 0 O$9 O(;[~9 9 0 G(_^9 & t9 @& t9 9 b39 & t9 @& t9 9 b3j.9 9 v09 x& tfjh`thtjW& tK9 R9 & t>j Y9 0 Me& t9 EPK3Pj0 x5(v0'U9 Q9 & tdS9 ]V9 p9 EW0 3 9 Qe0 E& v-u9 & txu9 E9usE9 E;Er9 9 M;_^[9 S3;u3[V9 pW9 ;r3N;|V9 ;t9XtNy9 9 _^[9 U3& u]SV9 pW9 9 ;r3V9 ]& t9htF;r9 9 _^[]V9 v0jj9 ^^W9 9 ! & tOV9 p& tFw0& t9jh`thtjV
Ansi based on Dropped File
(~WRD0000.doc)
WVu^_]=9 D$0 AH@ 3V9 t$v& u@9 F9 L$0 3^U9 SV9 uF3W& tF39 }0 9 E0 EPv@ 9 E9 MPu0 H9 M0 0 X0 Hh9 E0 X9 N0 H0 X0 X9 9 PQ_^3[@ 9 L$& uW 9 D$0 9 PQ3@ U9 30 E9 EVW9 MQP@& w0VhpjjEP,& >tT9 9 URh<sP& |@9 M9 GPQR9 E9 PQ9 69 MQhsV9 & |9 E9 PQ 9 E9 PQ9 9 M_3^PjM>9 9 F030 };u3@! URh<s0 }0 }9 P;|"9 E;t9 jPQ9 E9 WPQ9 E9 PQ9 F09 URh|sP;|9 E;t9 PQ9 E9 PQ9 E9 PQ9 F09 PQ0 ~0yx3U9 QSVWY49 I0u9 & t&9 URh|sQ& |9 E9 SSPQ9 E9 PQ_^[U9 QVW9 39~0td9 F09 URh<sP& |O9 M9 9}t,SF4Pv(^WSWjQR,9 M9 F4Pv(WSWjQR,[Wv(FWPWjQR,9 E9 PQ_^V9 ~0u3^9 F09 PQ9 F0^V9 n9 F,f(& t
Ansi based on Dropped File
(~WRD0000.doc)
WWq&Y8 |_9 & t~uP8 |^[9 U9 9 E4]jhE6s3G0 }394ujhSYY9 u49t9 nj2Y9 ;u3Qj
Ansi based on Dropped File
(~WRD0000.doc)
W}DE'W}|E
Ansi based on Dropped File
(~WRD0000.doc)
X0 0 F49 2j]M9 0 u<%~t9 E>9 FT;}%f0~89 j9 P~9 j9 P}9 jP}NX9 N,0 M& tf,j19 M& t9 jNX9 E/}E }E NtEvNXEj9 EM9 +y$uA$Vj9 Y& t9 9 Pu3^9 ^U9 QV9 FtPM19 vTMC9 ^j]9 FXPMe~,u+jY9 0 ME& t
Ansi based on Dropped File
(~WRD0000.doc)
x9 5h@H SQ9
Ansi based on Dropped File
(~WRD0000.doc)
x9 @HC9 H yCu`xueSjppj54L 9
Ansi based on Dropped File
(~WRD0000.doc)
x9=u)[9}u{R juYxQhj
Ansi based on Dropped File
(~WRD0000.doc)
X: 0 30 H0 H0 H0 P0 H0 HV9 9 N& t
Ansi based on Dropped File
(~WRD0000.doc)
X\ OX 0K[h Jf eTdpddddde*e>eLe^ere e eefe8deeeW ~[[["[@[V[l[`[V,ddddcccccccac`ctcbcPcDc:cVVVVV VxVfVZVPVDV0V$VVVUUU(U<ULUbUvU U UUUUUTTTbc,c]]bbbb b brb`bNb>b]a].bbbbaa]]]^^aaaaRaraZa@a.aaa``````S```z`n```T`B`2`$``_____a_`_~_j_R_@_(___^^^^^^^ ^^8^J^^^r^[[[ ][\\.\:\H\V\l\ \\~\\\\\\](]@]X]p] ^ : " W$fW8fWW*ZZ
Ansi based on Dropped File
(~WRD0000.doc)
X]9 ]DjY;#]Q& u! >& u! 9 U9 V9 MQ0 Y9 0 0^]%9 U9 ( 30 EVtj
Ansi based on Dropped File
(~WRD0000.doc)
Xb0 rR ZUTA] q& f& _J j! (VlB}a"!iG/h8I 2!
Ansi based on Dropped File
(~WRD0000.doc)
xBR,RF1<-9 u o H0H
Ansi based on Dropped File
(~WRD0000.doc)
XE0 E9 CE0 E9 CH9M~0 E9 }jEP4\9 }P4KiPu}tuuuu9 D$t$0 9 D$0 "yV9 t$& t(W9 9 +9 +0 Q$0 A(_^V9 3& tjv(v$vS ^U9 SVWjEjPWhjj9 59 Wu9 9 EHQ9 MQRPQu E9 E+ESuW_^[jXf9 9 0 ejhTStve9 0 ejh|9 \v9 }MjjjjsjXf}9 9 0 ejhTSve9 0 ejh|9 v9 }Mjjjj: j*79 39] _9 ! ; QHTE9]R@9E79 uT9 0 u; MS}xVM0 ]0 u" & w0& j Y9 0 ME;tS/*0 E0 ]jH]: Y9 0 ME;t#9 3! PN ]v9 ! PN0Sv9 MEP/PNEvM]nu9 nv9 EPS0 p5(w0)VM2 & tjS9 fPhLh@SDMM |~U9 VS6& t.EP6@ h9 VEPu V^V9 t$W9 & t-~u9 du9 #du9 9 j9 _^U9 9 E;(uu9 u3uuuPW:]39|RRS 3U9 jEjP9 E9 M
Ansi based on Dropped File
(~WRD0000.doc)
xEMMtj,&t9 Mf30 uM9uu-uM~jVuKVVu;VMR;9 ]Sg;tVjdwwVSMSM jVSMMM]tj,&vs9 u& t?Me(MtjV$VM|MMtVW9 =9 vvvvvvvvvv_^9 A |$V9 uvv9 jh 6vv^j<r0 M39]u39 MS;0 E~u9 Mj lY9 0 M0 ];tj
Ansi based on Dropped File
(~WRD0000.doc)
Xf0 P0 Fx9 ^j.h*9 jv$Y9 0 Me& t
Ansi based on Dropped File
(~WRD0000.doc)
Xf0 9 `ML9 `ML%9 D&
Ansi based on Dropped File
(~WRD0000.doc)
Xf0 CC9 E9E 9 t@u f9 f0 CC+]0 ] Pj^;u//0 0im& Y0 ]\3_[^jh0Bo9 Eux/ /3;|; r!v/0 0\/VVVVV9 9 9 L9t;MAu(/0 0/P Y0 u9 D8tuuu~0 E..0 0ME9 EuE Y9 U9 [ 30 E9 EV30 & 40 80 09uu3;u'u.0 0[.VVVVVSW9 }9 4& 9 `X$0 (' t u09 Mu&.30 0-VVVVV C@ tjjju uaY& 9 D m9 @l39H& P9 40 & `39 t P 9 40 & 30 & <9E B0 & D`& ' & g`9 (3
Ansi based on Dropped File
(~WRD0000.doc)
xjt$jv^jhqV9 q& tjv(v$t$t$vS ^VqlW9 `9 & ~,S3& ~S9 & tPC;|jWj9 [_^U9 9 E;u!3@9Eu
Ansi based on Dropped File
(~WRD0000.doc)
XP0 & @" Yf;& @& ;& 8& 09 E9& D '9 `& 8T49 0 D839 @ 9 & 40 @ & 0 & <9M 9 (9 <D+4& H;Ms99 " <& <`A
Ansi based on Dropped File
(~WRD0000.doc)
xR.jhTM9 WM0 ]hMMFPMa0 ]EPNPE;9 ER,; &9~u`0 ]9 URPEQ@9 E9 u;t;t9 39 QP 9 EE;t9 PQ9 EE;t9 PQ; 9 9~R 0 ]9 URPE t;R 9] wuM9 EE; OUR0 ]9 PQ$9]0 ]}30 ]jXf0 E9 E0 EUR9 9 Eu9 9 uPEQ,;R9] uM9 E; : 0 ]9 URPEQ8juMCME
Ansi based on Dropped File
(~WRD0000.doc)
xt3@3V9 t$38t8FtjPPv` +F^3^9 F^U9 9 E38t?8Ht69MuQQ9 HMQ}uj}ujQup` 0jX]j9Mu9 M}u9 MH}u9 HM0 H3]U9 V9 uW9 }} >t jEPWuvh& uF9 E(9 N9 F9;v+9 9 FWPueR~9 3u_^]U9 QuEjjP! u
Ansi based on Dropped File
(~WRD0000.doc)
xu%9 M0 B_^[SVW9 T$9 D$9 L$URPQQhR{d5 30 D$d0 %9 D$09 X9 L$,39 pt;9 T$4t;v.4v\9 0 H{uh9 CZ,9 Cl,d_^[9 L$At39 D$9 H38U9 hppp>]9 D$9 T$0 U9 L$9 )qqq(]UVWS9 33333[_^]9 9 9 j+33333U9 SVWjjh3|Qt_^[]U9 l$RQt$]9 U9 f9 Ef0s]f:s0]9 f; `9 f;
Ansi based on Dropped File
(~WRD0000.doc)
Y K$FRQ`! Q00 B ! #r0 ;GIF89a : S"!a~!, @> ! 9 RR3 } &RFL~<C\
Ansi based on Dropped File
(~WRD0000.doc)
y TMS9 T$B9 J3aw9 `3wyMUMTMTM! MMMMM9 T$B9 J3:w[yMTMTMM9 T$B9 J3w(yMT9 T$B9 J3v8yMMZMNTMFTM>TM6TM.TM;MMTMLMMT9 T$B9 JS3iv\`xML9 T$B9 J3Fvgx9 T$B9 J3+v@
Ansi based on Dropped File
(~WRD0000.doc)
Y%u @0 tSfzY1e9 E8|=ujVY39 U9 SV9 u9 3W;to= th9 ;t^9uZ9 ;t9uPyOVYY9 ;t9uPyUYYyyYY9 ;tD9u@9 -Py9 +Puy9 +Pgy\y9 = t9uPS75yYY~PEh}t9 ;t9uPyY9_t9 G;t9uPxYMuVxY_^[]9 U9 SV9 5 W9 }W9 ! & tP9 ! & tP9 ! & tP9 ! & tP_PE{h}t9 & tP{t
Ansi based on Dropped File
(~WRD0000.doc)
Y'u0 Y0 uuY0 EE9 Eu0 YjY9 U9 uu & uP3& tP}8Y]3]9 U9 QeVEPuu: 9 & u9Et 8& t
Ansi based on Dropped File
(~WRD0000.doc)
Y)MEP0 M9 M9 uu69 }9 5h jjuuWs ss uuuuuu`U9 9 E0& u3axuX9 Pu9 E0u-9 PVWp,0 Up}EP"9 E_3^u9 E ~3@U9 SW39 9}u3sVW W9 0 E9 0 Em9 5Pu0 EEP9 EWWuP9 9 E"!}~jX9 M;t@0 uuu3@^_[h " *S0 M9 ]& u3EPSH9 uj@& tjPFpj8EjPc9 EjY0 u0 EE u|9 u& tP3Wh2S0 E;tMC8PM0 }80 EChPM89}u;u0 {DCDu}lMM83@ U9 VE9 Pv@ & 9 N8S33;tc9 M9 UWSv4|9 E9 MSvB+P+IQWRh@Ph|9 hS P0 S& 9 =Sjh Sj9 SPhSjS
Ansi based on Dropped File
(~WRD0000.doc)
Y+x& ~V9 9 Mh[Nu^3@]j$FF0 M9 u9 Q3S9 *K3Gf_9 Eu09 0 8HPWEP9 ^P9 0 ][MMS0 9 L;tHvBVM\M0 }CN9 MEPEP0 ]" Q;t9 ]MM,S9 4jt& FM9 }m9 3;~*3jZQ9 QSP0 9 MTK& & 9 0 ejhXuM M 0 ]F;0 E0 ]}i3CMdIEPM ]M& ;hOM& t0 ^thNM& t0 ^xhNM& t0 ^|hNM& t0 ~ hRN& tm9 N<& u_h 2Y0 EE& t9 R3]0 F<|9 & tpjY0 EE& tj9 }3P9 ] C<9 eMQMQ9 P8& t%}t;9 |9 0 `A;~9 }0 ME@QE9 E;ERE&QMM $V9 t"}_9 L$& |;}9 9 3^V9 ~<t"{& t9 & t5"!9 N<PLR^jG9 0 upy3N,0 },hGN@E\GNPEPGN`EDG} Eq}E&G~9 E)}EO9 j9 EFp@KL0 ~t0 0 ~x0 ~|0 0 0 0 0 ~<9 Vh|9 9 ,h9 h9 h9 h9 h9 h9 h9 h|9 hp9 h`9 hP9 h<9 Sh,9 h9 h9 xh9 lh9 `h9 Th9 Hh9 <hl9 0^U9 }W9 u3>V9 }|'9E}"u9 : N& tu9 EP9 d3^_]V9 9 L$& tyu9 & u9 ^Ul$ 30 & jTRGq9 & 0 E9 & 0 E9 & 3S0 Ex9 Y; K9 ; 6MDj|9 VM0 ]S3hf0 EESPEM[EP9 ED0 EEPM@UuESuhP jVMGSDSME3UjEPM! f9 EDPMUME+M<VMTh0MTMnDPMTVMT t/O,jE& u#SMTO,6DPMTVMT|t149 +hMwTVM Th(MaTMCPMPTh MCT9 E& tf8tPM-ThM Tt(hM
Ansi based on Dropped File
(~WRD0000.doc)
Y0 ]9 Dt1us
Ansi based on Dropped File
(~WRD0000.doc)
Y0 EEPjh2Eu}_& tP9 E9 @9 PR3@^[jP*z/9 E
Ansi based on Dropped File
(~WRD0000.doc)
Y3C0 ]~uhFP;YY& u0 ]Fe(}u^S FtS@ 9 }9 uj
Ansi based on Dropped File
(~WRD0000.doc)
y3h9 M\F& t3VMPh M8& tK& P9 ]yPM\EE
Ansi based on Dropped File
(~WRD0000.doc)
Y9 0 ME;t"vESjuuuPuhS3u9 P]9 9 P3Cj@: 9 MuE3PM0 ]_rMER& t#3M])ZMM9 %9 ;t^hLY9 0 ME;t"vESjSuuPuhSS9 3u} EFaSV9 S9 9 P3Fnjl+
Ansi based on Dropped File
(~WRD0000.doc)
Y9 ^U9 SV9 9 F$W30 ~0;t9 PQ0 ~$9 F(;t9 PQ0 ~(9 F,;t9 PQ0 ~,9 N4;t[EP~9 N4EPEP~& t-9 M;t9 j0 }9 N4EPEP~& u9 N49 WP9 N4;tjB0 ~49 N8;tZEP9 N8EPEP& t-9 M;t9 j0 }9 N8EPEP& u9 N89 WP9 N8;t9 j0 ~8<9 9 ;~.0 }u9
Ansi based on Dropped File
(~WRD0000.doc)
Y9 U9 9 E9 9 DP]jh FEM30 }jY& ubjeY0 }0 }@<9 4& 0 u9 ; Fu\~u9j
Ansi based on Dropped File
(~WRD0000.doc)
Y9 U9 S3SMkr0 8u88]tE9 Map<u8u9 E9 @88]t9 E`p9 [9 U9 30 ES9 ]V9 uWd9 30 };u9 30 u39p E0=r p dP& REPW& 3hCVPZa3B0 {0 s9U } u` FhCVPa9 Mk00 u 0 u*`F t(>9 E` lD;FG;v9 }FF >u9 uE}0 ur9 0 {Cgj0 CC0 tZf9 1Af0 0A@@Ju9 L@;vFF ~& 4C @Iu9 C0 C0 S0 s39 {958& X9 M_^3[ Ojh E }Mp9 0 }9 _h9 uu0 E;C Wh 0 Y9 & F9 wh9 #SuYY0 E& & 9 uvh & u9 Fh=@0 tPU{Y0 ^hS9 = Fp& d}& j
Ansi based on Dropped File
(~WRD0000.doc)
Y9o& tj;oY 0 & 0 0 " 0 0 0 fR" fRfRfR& fRfRS& 9 uE0 & & 00 9 @jP0 & & jPB& 0 & (& 0j& @0 0 & ,< & (P@ j9 U9 9 M9 U#U#0
Ansi based on Dropped File
(~WRD0000.doc)
Y=0&:Q Qa!#V"!" ~(_$! |o/LhXa=-fAvq *0 & qx3x4}
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[8j4#+9 hY0 Ee& t9 33MM0 FhW3jChM0 ]OfEPEPEYYM]U`~0E jjjj9 0 eP0 i9 NSwMWjhMEeEPEPE(YYME_jjjjE9 0 eP-i9 NSwM]_jjjj9 0 ePi9 NS(wMM" _xV9 D$tVY9 ^9 Uhh +3M0 ]W|9 VMEeWVMEdWVM@EdWVM0EdWVMPEdWVM EdME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3Y j0R8M_9 E9 M`& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 03H4t$9 D$t$ppp0t$AU9 V30 M9u 9u S9 ]W30 u}EPS & u9 E0 E0 u9 u3}& t1}}u89 MjEPu9 MjEPu~9 MjEPuu9 E9 MPdy9 M9 9 EQTyYYMQPV9 5 SjSjuEPuuS_[^U9 }0 M uR 0 E& eS9 ]VW3}EPS & u9 E0 E9 u& t}9 MjEPuS9 E9 MPx9 M9 9 EQ xYYMQPV9 5 SjSjuEPuuS_^[V9 ?hf$f(9 ^>h9 D$0 A(j4:$L9 0 uj
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3"!jegx9 0 ud^T39 0 }2 } E h|9 9 E+0 ~0 ~P0 ~dx!h } 0 F<0 ~t0 ~x0 ~|+0 F0 F0 F 0 F00 F40 F8 0 0 0 0 ~h0 ~l0 0 ~p9 }xje~9 0 u29 Nf<E& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3]U$h 30 & 9 & S9 VW9 SWh
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3_Rj03S9 0 ehS0 ]eMvSSSuEPMEM9 ]MMB\9 JjScj9 0 ehSoeMe9 0 ejh|9 auMuuxMM9 T9 j@ 9 M@T& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3j,4EE9 & u 9 3;uMjM0 ] & 9 }& & 9 & & 9 /U& t"EP9 P9 EdM] \WMeMET& uSh MdEPVSh?SSSMSPh ( ;u 9 6M]+\MMj9 M]
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3jEbM9 9ueuMuV=MM9 99 jEM9 9ueuMuVy;MM9 e99 jEzM9 79ueuMuV'AMM9 99 njE! 1M9 8ueuMuViGMM9 89 %jE>M9 89 E0euMuV;MM9 89 jEM9 Z89 E0euMuVAMM9 =89 V9 9 N<& t f<^V9 W9 ?U& ~9 j9 P|$t9 j9 }d9 & t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3khEP& P WEPMdYe& tEP9 [j\MN9 ;uj/MxN9 ; ! MH;}z39]t&VSEPMK^9 MPEZM]S9]t3Mr+HPFVEPM^9 MPEwZMER3FM0 }R9 3jc9 eMRIjEPju3C9 0 ]8& t_M
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3P9 SLSY0 E;tPSWP& u1u YVjj& \PEwSM@9 V& WPc: VEWPX: 9 5 hShSd& WPhShSEWP@EPEP& Pu_& uEPEPEPuG& tu| Eu9 M u=: 9 }Dj(3eMD3CM0 ]jhSME 9 MEPM"hM"!"EPhMvPh MM9 M& uEPA#jh|9 M0 ]EM]xME9 Ej83}9 eMq9 M3C0 ]& t9 MEP"0 ]uEP9 ME& t9 MEP"0 ]jhMME PM!hM !MEPh|9 MEQPh M9 MEP("M0 ]ExMEM]MEx9 E}j!49 uEP9 ueP9 MM_9 & t3a9 ]S9 0 eV !9 & tM&3GhR9 0 }|PM*& uMM%9 y& uhh9 9 h|9 h9 |9 L& t3MM%9 j R9 MueEPu9 u& u3MMn9 vE9 0 eP 9 M3Fjtd4qRM eMEPM EM& jjh M9 jhME3E& ~YVEPM$ME%PM& u"h|9 MPMJ9 MEP#ME F;|MEsMEgMEMM YRUdj04n9 WhMeWh MWhpMEWhdMEWhLMEMdEM\E M\E9 Mt9 e`0 EH& }4u`9 MtE0P"EPMLEM0EPVMLMLPSMdM 0 ED*E PMEPML PSMd& tEPM E& t[M}DuSEPML9 M0]PVML:
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3Spj,ueEP3CM0 ]& t9 Mjh|9 80 ]M,MEME"!ME9 EPh M{PVM9 M& tEPRjh|9 M0 ]E"!MEM]ME9 EujtEP$eM& t3MM}9 & uMME"!ME9uMh 9 PVMuM9 EME j&FteEP9 3FM0 uy& t9 Mjh|9 hMJ9 MEPM0 uE9 Etj&seEPx3FM0 u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3wV9 WFP 9 & u& t9 V%Y9 _^j8>=$9 3;u3@ 0 ]qPEP9 0 ];R9] uM9 E; 0 ]9 URPE ;9 ERP; J0 ]9 URPEQ@Mh|9 M2 uhHM! EP9 E9 URPEQ(juM{h0ME5& tZME~EPu9 EE;t9 PQ9 E];t9 PQ9 EM; 9 PQM0 ]EPEPME ;u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 3YU9 }t1j6vY& t%u9 m& tEPujuu]jG9 0 u,h xWjE h`hPjj9 hHWjj}ELP}E}EJ} EN`EJNPEJN@EJN,E"!JM9 }sj`GjEu9 Y& h xhj
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 ]9 E9 9 3= 9 9 eE39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 ]9 U9 QQVJ9 & F9 V\W9 }9 S99t9 k;rk;s99u9 3& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 Mh3Rl9 E<+EHM=:E }UPuD3& tCjjMLME^M ERM@E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 P3E: T9v& \PM0 ]4j\ME&M9 HhM;u"33EPM: "P0 EuME+WEu$3ME+M\*9 >9 p9 =jE,PM0MEJ#& & hMW'& & hMB'& & EtrjE,PM [0M E"& uO9 & vIH0 & \PM3E,PME2SVE9 0 eP9 39 M-ME *M p& \PMc3E,PMEt2& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 S3~T~u3=hu9lu@T~P~u d=hu3@9lt3P~L~u9=h@L~d~u =hr3@9ls3d~U9 QVWh@9 3;u3Gh W<;t.MQVVu0 u& |9utu9 Meu3F(& W89 _^U9 30 EV9 u3QPPh( P0 & @j9 & }h|9 & PHi9 M9 3^U9 30 EV9 u3QPPh& P0 & @j9 & }h|9 & Ph9 M9 3^j(5D&eMC3CM0 ]YEPhLhh MEG& u9 Mjh|9 hj\M]9 uj/M]9 ta}t(VjEPMm9 MPEiMENbM+HPFVEPMPmPMEiMEb9 MEPfkM0 ]]bMEB9 EU`j(D3WEHP0 }X3CMH0 ]BZj& t9 Mlh|9 g0 ]XhMqgM`E6BMECaEPMEXP VM`L;u9 Mljh|9 'g0 ]X#M0XMEXME! ;0 ED0 }\}u\EPMGnPM0E& hME`M0jY& & EPM (jM0E+XPM 4iEPhpM XPVM`9 E& t8jMHWPM[0 E@tMMH9 +;}@ RM EY`E\9 E\;EDR59 Mljh|9 f0 ]XME,`M0E `MEjeM`E@M]_MHE_9 El9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[9 x3x9 mj0hP"!'9 30 };u0 ] 3EPhwEPu& & t 9]tu;tWuEjP";& O9 MLmPh(h'j6*59 D$V9 0 & t9 PQ9 ^V9 V& }P|$jXf0 u
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[\judM9 MHEPE P0 uM Eh& tM EMM9 xMMXE\MLEavMLE}0 ETjEPM PuTMXHMFM0 EPERh9 ]l3@;E|9 PM79 }h& tl3& ~f9 & tZjPM8M8E& u3j_KY9 0 MlE& tE8PQ3PE8PMEM8EF;|a39uP~}VE8PMM8E9& uNEdPE8PM& uM8PM PuTMXE8PM0 Ed& t9 j9 M8EVF;uP|E0PM349 Md9 & t+j PM PuTMX& t3G9 j9 EdPE0PM & u3VM}M;t9 MHVV5p&ME! mMLE}tMXEcME3Fj O9 EPy~9 }eWE9 0 eP9 & uMMR3ZP9 & uhh9 9 h|9 h9 9 "!3& tMM9 FjN&Oee9 uVQeh9 Ehx9 9 OjN9 & t3@OEP9 eM& tMMe9 MMEsME'|9 EPhM PVM& uE9 uMErME9 j}'N9 EPn" eM^& & MvME{rME {9 EPh8MPVMGEM& t(9 uErME+MMi9 qN rME9 9 SVW9 j9 ~NY9 9 +#3;x_^[9 Vt$9 & u3-9 L$hot$9 & t9 +9 L$0 3@^j&LeEP3FM0 u2& t9 Mjh|9 vDhMhMhMK9 MPM:9 MEPM0 uEE9 ELMj&eLeEP)3FM0 u& t9 Mjh|9 DhMihM\hM9 M5PM9 MEPM0 uE9 ELj&KeEP3FM0 u& t9 Mjh|9 BDhMhMhM9 M: PM9 MEPwM0 uE9 ELV9 & t3@^9 ^SW9 9 & u9 W3VjLY9 9 +3;x^9 _[VW9 {9 9 Gj9 Kk<Y+3;x_^9 j4J9 MHE3P9 0 ]PMEM]@M& tMM(9 MEP9 EM; hMSPMhMM`EPMEM;uMjhMEPEP9 E.MEMEEM]v3C:ME&EP9 9 EP9 wS9 }Jk<+;YM]-MM!3]MM3@Jj(J+IeuEP83CM0 ][& t9 Mjhx0 ]M METMEYmMEuv9 EPhHMPVM\9 M& tEPjh0M0 ]EmMEM].ME"9 E)Ij}BH9 & t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[`j\69 EPK3M0 ];ME/SMESEPE9 0 ePE M ; \M & & LuEPEP9 R; 2Ml& & "9 M\& & VhPMa9 MEdM9 dM;v4E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[`MnR9 }lPh9 MVRPh9 qMARPh9 \M4,RPh9 GMRPh9 2Sh9 lM 9 Ph|9 9uhuMD9 Ph\9 9uptSj8Y0 EpE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[d9 MlE0P$iM 0 ]XE_ j$_eEP3CM0 ]X& t9 Mjh|9 ^e0 ]jj\MZ9 u!j/MZ9 u9 MPh|9 )eM+HPFVEPMMj9 MEPExhM0 ]]_ME_9 EUl$ 30 & jHD=H~& 0 W& u!H~zeeM! U3ECPM]EPEPME EPMExb& t80 H~ME[^M]P^MED^M9 MV& uVEPMogVMEeMiUPMeEPMbEM& t0 H~]l]EPEPE& tAEPMgVMEveEPMjeEPMaEM& u t]%H~MEa]M]V]MEJ]MH~9 Md0
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[dj x)9 9 }& u3@9 $o
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hj,9 }& tOW& tD9 uF,PMae~HuN9 j
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[HU9 D 30 EVE9 Pv 9 jP9 RPEPv 9 M33^_jdj(9 9 N3;t{Wjg9 NWjm9 NWji&9}tXWWMu*jjgM0 }n+EPEPM8;t9 E9 N0 E9 E0 EWEP0 }0 }EVMM`* jj5qjdj(%9 9 N3; WS:9 NWhR9 NWhj9}tWWWM)jSM0 }*EPEPML7;t9 E9 N0 E9 E0 EWEP0 }0 }`UMM)ejj5qV9 }D$tVeY9 ^V9 BfPfTh9 ^j(.9 0 uh9 NPe& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hU9 Qe99 Mjthh(9 EU9 Qe99 Mjthh(9 EU9 Qe99 Mjth8hP 9 Ej`%50 M9 M}M0 E]
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[hUlhxL9 0 ul9 Mx9 0 MT& WedE0 E@& @ud9 MT9 30 }`; YE P9 h\: M 0 ]3& & tP9 /9 E /9 tE6 EP9 ME4EP9 GEPEP9 PN4E,>ME 6ME6 hM 3& E P9 `9 E.9 M ED6 t(E P9 \$P9 E=M E6,$V9 0 exjh`;9 {& uj9 -9 j.& & 9 3hTM k2& 9 S0 EX; h0 ]\Y0 ExE;t9 {9 eh}XE uh9 9 & E0P9 M0E-M0& & h\: 1& EP9 JMES-& u79 MlEP 9 MlEP& dPPKhEs<dM+EP9 0 exjhE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[lh0hjgD$V9 tV'Y9 ^QjhyjjYU9 V9 u&hpu&YY& uh u&YY& t9 E0 9 6& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[ljt6` 9 ej8& 9 9 & & u<& 99 3l0 H0 H0 H0 Hl9 I& tQ\ 9 D$V9 ~0 F9 D$0 F9 D$0 FuX 0 F39F^" U9 0V9 ~u3dj0EjP`9 E9 ME0E0 E9 M0 E`}0 EtEveP MQjPvT ^U9 0V9 ~u3>j0EjP2`vE0EEP MQjPvT ^V9 vD vH 9 D$jv(jt$t$PvL ^V9 D$tVY9 ^% % % %L& %H& 9 D$Pt$t$ 9 D$Pt$t$" V9 30 F0 F0 F 9 ^U9 Q`MS3;}=}GV9 5 SSjEPSuM]& 3#W3f0 Ej}fEPjEPSuf9 E_^[9 A9 D$;Ar39 If9 A9 D$;As9 If9 T$f0 AV9 9 F& u!F^PY0 F^VW39 9 F9|$t;tPY0 ~0 ~;t9 NQWPS0 ~_^9 D$V9 W;Fr~@3j0 FZ9Nu%Q9 NQjP0 F
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[lV9 0}
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[p& t9 j9 MM 19 ulEd9 Ed;E@ ~V9 D$tVY9 ^V9 }D$tVY9 ^jXL9 9 M*& t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[p9 0 exjhaE@Pp!EPjpEp#E PSp`#SVEPPM09 ExPhM`MPERSVEPPM9 ExxPhRM`MPESVEPPM o9 E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pjX49 9 M& :O& -h xhj4OMeMYj0 EY9 0 ME& t9 3u9 hE9 MVMT EPMEMS"aEPMSELEPjhMEMQMSQPjOPEM9 E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pM ME^MERMEFM8E:M ESE P9 EMx0 El; SSEHPM0 ]l; M9 0 Mh; " hxO9 ;u\3M E=M8EMEMEMEM]MMH9 EXP9 PME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[pMb+MlE=MdEBMdE^0 E\EPMH"Pu\Ml};u(MdEMlEM]R0jM" 0 E`;u83MdEMlEM]S0MMH*9 1M(!ME!ME*MEER)jME"!(9]`0 ]h}uhEPM7PM(E
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[t9 D$& txu9 0 9 PR\3U9 Q9 Mejh 9 $59 Ej.l9 j z~Y9 0 Me& tj3Pj5(v0V9 ND$tV%Y9 ^l$vl$9 vl$ul$! vl$mvl$-l$Vvl$ul$ Rvl$8vl$P! ul$zul$Xvl$
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[ThxE P9 ^h\E0P9 EJ9 u`P9 E2M0E*+9 0 "PM "PhWjihM ~'& h9 9 0 M`& e\0 EP& }u\9 M`9 & & hSE0P9 hE@P9 E~hRM0E'& t4M@"& u(E@P}1M@!Ph`Wj: M@E**M0E*E\9 E\;EPRWM E)3FHV9 (D$tVY9 ^V9 TaD$tVxY9 ^j ~9 39} : 9} Wh{h{Wu9 ;tu9 MhK;t
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[tu\9 M`h*j>9 E& t9 VP9 5EP9 EXE& t9 PQME
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[XM#ME9 MPSEPE
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[XM3CM0 ]ZEPu`ME& u3M]VMM9 M$MEM4EWhMDEE$PEDPE.YYMDEWh`MDEPEDPEYYMDEWhMD E4PEDPEYYMDE: MT@MTEDu`N0 h}N$X|9 W}GWNH>EPN
Ansi based on Dropped File
(~WRD0000.doc)
Y_^[XMxjjE@PMEZM& uE
Ansi based on Dropped File
(~WRD0000.doc)
Y__^[9 ]Q9 M3 9 M3w9 U9 ]%9 U9 QQEP 9 E9 Mj *h !NbQPN^& |=v0 E9 M& t0 9 ``U9 U9 S9 ]VW9 U9 & t&P9 FV&YY0 G& t3VPB/gG9 _^[]9 U9 9 9 MU9 `0 H]9 U9 S9 ]V9 U9 C0 F& 9 CWt1& t'P& 9 GW %YY0 F& tsWP.f0 F_9 ^[]yUtq{$Y9 A& uU9 U9 VEP9 V9 ^]9 U9 Vu9 RV9 ^]V 9 U9 VEP9 V9 ^]9 U9 Vu9 V9 ^]9 U9 Vu9 V9 ^]9 U9 Vu9 V9 ^]V9 U9 V9
Ansi based on Dropped File
(~WRD0000.doc)
Y__^[9 ]Q9 U9 S9 ]V9 s35 W9 EE{t
Ansi based on Dropped File
(~WRD0000.doc)
Ye9 CH9 CL9 CP30 E}f9 LCf0 E<@30 E=}
Ansi based on Dropped File
(~WRD0000.doc)
Ye9 wh0 u;5ht6& tV & u@0 tVy~Yh0 Gh9 5h0 uV E}9 uj
Ansi based on Dropped File
(~WRD0000.doc)
YEPjh2EEu}_^[U9 hSV39 9uu3fWj@EVP:j(EVP:9 Ej
Ansi based on Dropped File
(~WRD0000.doc)
Yjj j ! 0 Mh xSj*}up9 u& tiMhleEP9 9 u9 W& uhHSj)MMMu4EPEP}MM,u3@h Sj|)3jL89 9 u3; 9~ 9 N9 Pl& MkEPV9 0 }&; M7m& & WhxthtWv9 & t{9 FVPM EPEP9 MQ9 w tJEPM}0 }EPME>EPEP9 EMEtMEtMMtU9 VuEP9 VvMEPM tuEP9 /^jL9 M~j9 }eEPW9 & Ml& u|EPEP9 9 FVPMaEPM` tJEPM|0 }EPME'EPEP9 EMEsMErMMrj$9 uEPl9 FVPMEPM9 } u9 MGPt t=uM{eeEPWuEP9 9 9 @M0 MM0 E`rM _j0x9 0 ue6mY5U9 VuEP9 zeEPuuuuWuEu9 uuP9 E^U9 V9 VvM9 FV0MuEu9 uuPvffY^jD9 r2hRM\eEPM(\h\EPER9 G9 ujuPVPG9 9 G;u
Ansi based on Dropped File
(~WRD0000.doc)
YM9 0GP;Y|RLE9u|& u>3MEOME" O$Et|0 }f9 9 3Ft$3& ~9 V9 D$tVY9 ^U9 QeVE9 Pv& t0 F9 E^U9 QeVE9 Pv& t0 F9 E^j{d9 0 uN0h1E9 E30 F9 E0 }0 F0 ~ 0 ~$0 ~,0 ~(0 ~?F0 F^H0 ~@FD0 ~9 ~ah10zNj[9 3EPN00 }0 ~,0 ~(UMM0 ~0 ~@0 ~ 0 ~$=NG9 D$V9 f,jN00 F(Ef@f f$F^Vt$9 9 N_& tP9 ^V9 jN0}E9 D$f,f(0 F@9 D$FF0 FD^V9 WN03)F& u9~t!9~,t~t9~(t~t9~@t~u3G9 _^9 D$0 A9 D$0 AU9 9 Q3;0 U
Ansi based on Dropped File
(~WRD0000.doc)
YM\& uM\PMhx & (P9 (}PM\E(E
Ansi based on Dropped File
(~WRD0000.doc)
YP& uP0 E0 ]9]t9 M0 ME9 ESu5Yjh FbS9 M3;v.jX3;E@uoWWWWW13M9 0 u;u3F30 ]wi=|uK0 u9 E;lw7jnY0 }utY0 EE_9 ];tuWSL5;uaVj54$ 9 ;uL9=St3V]`Y& & r9 E; PE39 ujY;u
Ansi based on Dropped File
(~WRD0000.doc)
YPa3" I9 ^]jhA339u" ;u>VVVVV>9 };t
Ansi based on Dropped File
(~WRD0000.doc)
yu9 Q9 R9QuSQ SQ 9 L$0 K0 C0 kUQPXY]Y[9 U9 SVWse=9 & }hg 9 & *9 5<hgW& P:s$gWP%s$RgWPs$pgWPrY& thXgWPrY;tO9tGPAs59 4sYY9 & t,& t(& tMQjMQjP& tEuM 9;t0PrY& t%0 E& t;tPrY& tu0 E5rY& tuuuu3_^[9 U9 9 MV3;|~u ( 0
Ansi based on Dropped File
(~WRD0000.doc)
YY0 ]9u,hW 6YY& uWqY0 ]0 >WpYE9 Erj
Ansi based on Dropped File
(~WRD0000.doc)
YYH& w& tAJu9 39 9 9 3}9 ! "[9 _^]t$t$YYt$pY9 D$3;t19 H;t*V0 P0 P0 P9 qR0 1P9 @p 3^jXV9 t$& t09 F& t)~$t#9 @& tVPaYYvv(V$fYY3^jX^V9 t$W3;ujX 0 ~9~ u
Ansi based on Dropped File
(~WRD0000.doc)
yyy9 L$t` tfu0 ~9 39 t t4 t'tt0 9 D$_f0 9 D$G_f0 9 D$_9 D$_9 T$9 L$u<9 :u.
Ansi based on Dropped File
(~WRD0000.doc)
Y}9 "!0f0 0f0 V9 "!0f0 F0f0 V9 "![00f0 Ff0 V3_^9 U9 V9 uW3;t9}w8OjYWWWWW9 0 9 |3}f0 sOj"SEPP Ej:Zf0 V
Ansi based on Dropped File
(~WRD0000.doc)
Y}uF+49 0 u}uyG+j@j YY0 E& ta0 9 ;s@@
Ansi based on Dropped File
(~WRD0000.doc)
Z'M>: SmmYxxmWebDispatcherRefreshDebugDownloadWebDispacherRegMonitorThreadPoolSingletonUnloadingLoadingSBrowserProcessSpecialHTTPRegistryInfo_LowInfo_MedInfo_HighGeneralWarningErrorCritical] [Ln:)[TID:][EndLogger--== Logger finished ==--
Ansi based on Dropped File
(~WRD0000.doc)
Z0! l.:gP`b;W39,LA@" 6L AD`Q B& m@AFE H8p`( 0cL R;GIF89a\|}x "!tG ~9 ~ Sx R!\, \\ Y
Ansi based on Dropped File
(~WRD0000.doc)
Z7}EK7}E<79 }9 ! 0 GxPNxE
Ansi based on Dropped File
(~WRD0000.doc)
z9 M"!e9 T$B9 J3w
Ansi based on Dropped File
(~WRD0000.doc)
ZJ9 M<& uEP}KMEPDMEDD9 MhEP2P9 EKMED9 MhaEPPMEKMECMh<& uEP9 `K^h9 O<& t-9 E8t P9 <K9 .<& thx9 E9 E8uNx<& t& t9 j9 3D9 ;& u!~hh9 GE9 :P9 #K9 }TV9 9 S"!3FME%CMMQ9 !j.I:9 0 uN9eN9N$E9N4E9NHE9NXE 9NhE9NxE|9}Em9}E^9}EO9}E
Ansi based on Dropped File
(~WRD0000.doc)
ZME1SMDJPSMd9;tMDyJPVMd 9MDgJPWMdp9MxMdE"!3MTE
Ansi based on Dropped File
(~WRD0000.doc)
ZYYYYYY Y YhYZYBY.YY8ZXXXZXX4PFPRP`PpP|PP~PPPPPYFZhZvZ`ZSZZPQZZQ"Q>QZXZRQbQvQQQQQ.T"TTSSSSSS~S`SxSbSRS@S0SSSSRRRRRR R RrRfRXRLR<R*RR
Ansi based on Dropped File
(~WRD0000.doc)
{r@daa z r"{Sd>]xgY1~ *!!
Ansi based on Dropped File
(~WRD0000.doc)
{zM" MM& 9 T$B9 J3'xp
Ansi based on Dropped File
(~WRD0000.doc)
|! Bhn[&wowGZpj;f\~eibkaElx
Ansi based on Dropped File
(~WRD0000.doc)
|3[_^9 E0 F9 E0 F9 UR0 }9 PQ$& |
Ansi based on Dropped File
(~WRD0000.doc)
},~FME,MM\9 dVj\}U0 MMeMyME9 Me0 ExJ& Ku9 M0 E& !9 MPEP ~MEb& & M jEPME!PuM}M& J30 E& }eWEPM9 MEPEPE& ufhNY9 0 ME& t:9 3uNEEPN9 MVs& t9 M9 VURP& t9 j9 MEG;}R[ME7ME9 ME.I9E MEyxMM_3@TVt$9 t$& tt$9 t$)^j8NS0 M39]tQ9]tL9]~GjuM&9 MEPEP0 ]ME& t!M]MM3TMMEMEwME 39]9 ~N9 E9 ;t>PMM;& u)SMPMPWM`9 MSEPF;u|ME;wMEkMEM]TMMH3@2UXj(gR0 MH39udu39 Md0
Ansi based on Dropped File
(~WRD0000.doc)
}0 M EjEPjEP9 4h& u
Ansi based on Dropped File
(~WRD0000.doc)
}0 } N}E,k}},jxXE0 0 S0 0 N$0 F(0 0 0 }0 kj9 0 }9 j)9 0 u }Es}EM9 =B>9 j.9 j4Y9 0 M30 E;tP0 F8`VW9 vR 9 W& tVj5PxW_^|$V9 u9 jP9 9 ^j)/9 9 3; %H4ck& & 9 ];
Ansi based on Dropped File
(~WRD0000.doc)
}9 0 uMExMEqj}M{EP eM & tMM3{M}ME xME9 EPhMPVMh& u*3ME^xMEDMM 9 9 ujzEPeM& u[Pa{YM9 ME~MEVhM9 PWMME~MEMMzjzEP[eMK& t3MM9 zMOMET~MEpuMh9 PVMbM9 E$~ME
Ansi based on Dropped File
(~WRD0000.doc)
}a: s$!! "!"
Ansi based on Dropped File
(~WRD0000.doc)
}E aflfp9 aLj 0 :K9 0 uh@aMEfM\afeN0 M,e0 E& ~[u9 Mha9 & t?EP7^9 j& t9 M& t9 P9 j79 PW2LY9 Mju9aE9 E;E|E~P9 pb9 M& t9 PeEPEP9 b& u9 j9 P}E`NtEeNPEe9 Ek9 MMn`hKj:J@aVMe\at& t}tMM" e3RMM& euavhVM9 Pe& uM9 G$3& M9 MLe& t9 9 P9 JjiIh@aMeM=\aMteeuauk! JjiIh@aMdM=\aMtddj0 CY9 M0 P"!e4JU9 Qh@aMmdM\axd a9 `j;I9 9 E HtwHtRHt0H& hBY9 0 ME& " :jdBY9 0 ME& ts4nhBY9 0 ME& tQ\PL~tYhBY9 0 ME& t)v!hjBY9 0 Me& tX 3M& tPu2YYHV9 dD$tVIY9 ^V9 6D$tVHY9 ^D$V9 tVHY9 ^jE;G9 0 u^@9 ,^3N\0 }^NxE^ME0 ~0 ~0 ~,MEM0 F$N\0 F(9 j0 ~0 ~00 ~40 ~8P9 j9 PNx9 jPM0 0 ~0 ~<0 ~E9 GU9 Vq\9 /& ~HEP9 `^e9 M& t9 jP9 M& t9 jEPEP9 t^& u9 j9 P^U9 QeS9 ]EPS\f& tF9 M& t?VW+tNu19 }& t*9 7
Ansi based on Dropped File
(~WRD0000.doc)
}E}E x , ~}E
Ansi based on Dropped File
(~WRD0000.doc)
}E}E9 E0 0 ~0 ~0 ~R0 ~9 ~~j
Ansi based on Dropped File
(~WRD0000.doc)
}K>sSe7xe SRfWlxt`_x" j ac@uxz `0 NPrQj~>x]t SkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkXkkkkkkkkkkkkh!N!RkkkkkkkkkO[FE4#OkkkkkkkWJVTL!
Ansi based on Dropped File
(~WRD0000.doc)
}L& h EP9 #|hREP9 E|MHEHPh9 Er|& t,Mq& u Me& uEHPEPEPMXaMEME
Ansi based on Dropped File
(~WRD0000.doc)
}pAtjj9 M`Xu\h*Px9 E`e9 ET@P0 Ep9 ET@PjupY9 EX9 URuTupPQM:u9 KupEUbPM[<ME\E :9 VEPEP9 EXE& t9 PQ39 E\u\hDh,PME
Ansi based on Dropped File
(~WRD0000.doc)
}T+9 ij[$ 9 0 ue}C+M9 "2|$t1U9 $SVWu9 uu(}0 MN30 E; h 3FVW9 Pu0 Eu0 E0 } t0 u9}0 }~Zu9 M*9 0 u;t;WEP9 & t+9}t9 E9 M0 M0 E9 9 MW9 uuP<3E9 E;E|uuu_^[V9 D$tVVY9 ^Vj9 x<h9 ^j$$%9 h0Y9 0 M30 E;t@MM0 Fx" jhME& EPEPEVYYME`~jjjjE9 0 eP9 Nj9 NhMMN~X9 I& tV9 h;D$tV_Y9 ^j/B9 0 u eN N E N0E f@FD9 j`$9 39}u39 E9 H+9 p0 ME+p]0 uE5 E
Ansi based on Dropped File
(~WRD0000.doc)
}t} }t} t} }t}9 E0 (9 E0 ,9 EPPY0 EYEPEP0 Uh }9 E9 M0 0 }0 0 }0 0 }$ 9 ]`E`D;ED;0 EEhSMPE,~YY& t9 E|G;ErL9 9 $ EUt:HPPQ0 `EY0 $ t7HPPQY0 0 }t8GOOPvY0 0 9 ]& tSkYh0V9 uFP~9 & 0 89 _^3[e9 D$ 3!,f0 H9 L$& u9t
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+0 G9 F8& tSQv<0 F<0 G0& tSuuIS]]9 E0 G9 E_0 F09 E^[U9 9 Ejjp(P & t`M H`MH9 M0 H9 M0 H]t$9 D$p(P$YY9 D$SV9 t$3W;t9 N<0 9 9 |$tuvw(W$YY>uWvYY9 F(0 F40 F09 F80 0 ^0 ^ ;tSSS0 F<0 G0_^[V9 t$Wj@jv(V 9 & u3ohjv(V 0 G$& uWv(V$YYS9 \$Sjv(V 0 G(& uw$v(V$Wv(V$3'j0 G,9 D$VW0 G89 [_^V9 t$W9 |$jVWw(v(V$w$v(V$Wv(V$$_3^Ul$9 MX3VW9 }\0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U0 U9 9 D& Nu9}u9 El0 9 Ep0 39 Ep9 8S3Cj0 }L9 ^9TuA;v0 MH;s0 ML9TuNu0 u49uLv0 uL9 }L0 8
Ansi based on Dropped File
(~WRD0000.doc)
}ue_+0 G9 F8& tSQv<0 F<0 G0& tSuuS]]9 F,9Eub9 N(0 M9F4u0 N49 ^49 G+;v9 & t
Ansi based on Dropped File
(~WRD0000.doc)
}YtPu uu@Dtjj9 YY;tVYPX& u
Ansi based on Dropped File
(~WRD0000.doc)
}|uE|"!39U|t
Ansi based on Dropped File
(~WRD0000.doc)
}~9 E& ~9E0 E9 <EEEEju9 u^9 PV9 v& t9 D$\9 0 P^V9 v& t3 P9 0 Q9 ^LtjSU9 V9 u9 uuuu3^]|$ V9 ut$9 t$]+^|$V9 uLtj/St$9 t$t$"!^U9 QQeeVEPEP9
Ansi based on Dropped File
(~WRD0000.doc)
~"#x G7{*c';s! 62tn];{Ee=kV! #-3HKk|x 5 &]" w/~8Y: 0 0U00U 0DU=0;0975 3http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0DU =0;09` H E0*0(+https://www.verisign.com/rpa0U%0
Ansi based on Dropped File
(~WRD0000.doc)
~9 & l l9 h9 T$B9 `d3{9 J3{p}M9 T$B9 J3{}MMM9 T$B9 J3L{m}DT9 T$B9 `@3#{8D}[9 T$B9 `3z9 J3zd}M+M#9 T$B9 J3z9 J3z|M
Ansi based on Dropped File
(~WRD0000.doc)
~9 9 333u%t%u u^_[39 B:t6 t:t' t:t t:t t ^_B[B^_[B^_[B^_[9 L$WSV`9 |$ to`q tU9 9 L$`:t t
Ansi based on Dropped File
(~WRD0000.doc)
~MEMM9 U\jl
Ansi based on Dropped File
(~WRD0000.doc)
~t9 b3@^V9 D$tVD)Y9 ^:3@U9 V9 ~t|ESWtmEP EPv 9 }+~9 ]+^ WSYSSY~7EPv< 9 E9 M9 Uj+Q9 M+RPQvS _[3@^9 D$V9 0 9 P,FXP9 ! 9 D$& u379 L$jPt$0 }H9 0 Ds& tj9 j9
Ansi based on Dropped File
(~WRD0000.doc)
~}D ! hi]Wbge q6lknv+0 ZzJgo}C}`~ 8ROggW?K6H+
Ansi based on Dropped File
(~WRD0000.doc)
!!0?+?>(,?79
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~=SunMonTueWedThuFriSatJanFebMarAprMayJunJulAugSepOctNovDecccsUTF-8UTF-16LEUNICODE IqI`B
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~HH:mm:ssdddd, MMMM dd, yyyyMM/dd/yyPMAMDecemberNovemberOctoberSeptemberAugustJulyJuneAprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSun1#QNAN1#INF1#IND1#SNAN_nextafter_logb_yn_y1_y0frexpfmod_hypot_cabsldexpfabssqrtatan2tanhcoshsinhCONOUT$string too longinvalid string positionIEIsProtectedModeURLgdiplus.dll OsC*0[a>On4eJ M-P0%P0)P0%P0%D,3&OP0P0Lr?RJ{,@Qm6t4`#?>;FFFFFFF"hN@Gp44#N-+.{20FP0P0BPO6#\'G7?Fd8+O]hXNW#Fj#\'G7?F3)6{O>`3)6{O>`yK:?OHRSDS8cCER d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdbpuuuuup@u$p@uuuu@p@v$vuXp#@Hv$Xv,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(D|p@wwvtwwwPxlxxy4yyyz ztzzz{T{p{{{4|p@wwtwwp@wwwpBwp@x(x4xwp@xpBwp@xxxxwp@xq@xxxwqBxpBw$q@Py`ytyyxw$q@PyDq@yyyxwDq@yqBxpBwhq@<zLzXzwhq@<zpBwq@zzzwq@zpBwq@{,{8{wq@{pBwq @{{{wq@{p Bwq$@{||wq@{p$BwpBwrP@||||tww}Pxl}r@|,r@|}|tww}PxHr@4}D}P}wHr@4}`r@}}}`r@},rP@|pPBwpPBwHrX@4}pXBw`r\@}tr@~~~wtr@~pBwr@~wr@~pBwr@`p|wr@`pBwrr@r@,sHX`s@H4s4s@TsTs@ts 08ts@ shxs@hss@ss@tL\dt@Ltt@<t<t@`t$4@`t@$xtpxt@p$putLt@t@,<Lt@hxLu@uLu@Hu@,<Lxudt|xu@duu@u0uu@u@L\0uLv|Lv@|v(,vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dpv'@u&@',vvP|wwPxlxxy4yyyz ztzzz{T{p{{{4|l|}}}~,~H~d~~~(Dplv @wlv@p Bwvvvvvv v$vPvXv\vvvv vv 08v@ vhx(}v@hv@(}v@(}w@DT(}px,w@`XwxXw@tw8(}tw@w@Td8(}ww@w@w,uuw@x\lx@\Hx@hx@x$4D`x@$x@|`x@x@y@ 0,yL\t(},y@LPy@(}pypy@y@8HHxyxy@xy@zz@x|0z\lt0z@\TzwTz@pz@wz,<Dz@,ztw,z@tz@wz@ wz@,zt{p}{@p,{@}H{}H{@h{HXh}h{@H{}{@{{@y{HXd{@H{@{{@|@,4|HX`4|@HX|X|@||}||@|$4@|@$|p}|@p|@|@}$}@v }hx }@hy8@pvux,{D}$4}D}@d}dt4}d}@dXpHvXpHvXpHvXpHvXpHvXpHvXpHv XpHv$XpHvPXpHvXXpHv\XpHvXpHvXpHvXpHv|pw|pw|pw|pw|pw|pw|pw |pw$|pwr|r|r|pw,r|,r|} (}@}Xhp}@X`r}}}}@}}}@~L\d~@LwD,~},~@v|{h~4DLh~@4~|~@|~~@~$~@~Tdp}~@T@,},@L8H\4}L@8Pyhxt,lLl@,DL@Hu,thy uL@uuuuuuu u$uPuXu\uuuu uP`h@P@@0(8Dh0@(LthL@thhh@(h@Xhth@Xh@(}@@Pd(}@@(}@X(}X@|<L`(}|@<@wTw@HX`@Hx@@<8HP<@8\(}\@x(}x@(8D@(t@t4}@$,@\lt@\44@LL@l4DPll@4@l@}@L\h}@L@@44DL4@4T|LT@|||@$4<@$r@@(8@dhxd@h{}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!+tHtHu!#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!1Aa 0@`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!;=`wMi@r8dG@IGGGGG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!bGotAlertChannelId
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!GetNotificationId
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!hLE?YMet3EUQeEPu@^dtEu3UVq@~GEP2\eMtPDMtjPHEPEPG\ujP^|$VutP&t$^j@;BDMe3}EPq<EPMEMMMEEeuEPM5ME+E+M}u+}+u+++j+VEQ]PESpMMakDVvt9S3jSSvF ^!^#F"jv0Sjv(v[^Vvt3Pjv$F vF!F#F"^D$A0UQQSVutUstHEFW=EEPsEEFFEFEEPsEFEF_^[D$tPT$uPR\UQEPua#EUVW}WYty~t*}WujPW~PTIuPT~t$Wcv~tjuWWlc_^]SV39^W|$;~$u+F"<r,F"EWvv^v.YYZ;~(uUF"<s,~F"F"F"jPSv"jhSvWvF,_^3[3VjjvP@jvYY^jqYYVvth3PPPPPv^j<@PlMAueVM2MM$NeAWt3Vt$F+Ft$PmlYPF+P`lYPv6w^_Vt$WtNJtHHu>vt0j%FvPwWtVW_^39D$j;?u,Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!j.% j 3YMetjVe3Pj5(v0 VD$tV Y^UEV;uXMEPu.uUuhjP3@"hthjP3^]U}SVWMjuu$uu }MEEEEuuV|EEEEEEEE4ePMEPVLMEPVuV_^[$j$#5hWZauEEM'ejhMEPEPENaYYMEEeP[EPuSuMMj0#}3}3uE;u;;9E9uu3E]C$+CsEC(+C uuEuEus5PuEejhTEeejh|M3PPPjzPuhEVEPuV}tMuu2uEN3F;hPMgte)MEPEuE9EuEuMuVuuu}h jjWuus ssu5WuWWuVt$P^UQVWuAMEPt?uu{u-uWR <tu39/_^UE0xu:Puj0X/u%PVWp,Up}EP;jX_^3UVjuu^]%E -W}t(HtHHu_jPQtHP>MSURPQUh|QSA[Wuuu_
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!m_pContainerParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!pAlertHtmlDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!pAlertItem
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!ParseParameters
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!pInstantAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
!sg2F<@HqA&<*n,#BH;=aElCd\Pq r3)&ntL'G8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!This program cannot be run in DOS mode.$
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
!}wk)@ACy<GBrsG$ C(3|?SqN[B/}0 /~:'St:`9pANe40?JzB@h~d/d@ETP3Pbu*Za.z`;GIF89a?|k]fboCrair>nedqvgcgLyO|{qjan!?,pH,yciB ZD@J&)D~0!@ ?c,#$?/#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
!~_^W,PW(FuhVND$tV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
""0H P X ` h p x "h " ""(!$!2!@!N!\!d!n!x!!!!!!"!!!!"*"2"<""a"" ""L""""x"""####!#)#1#9#\#d#l#t#"D##"#"#""8$$$ $($0$S$"hv$$$"$$$$"$$$""t%'%1%9%A%d%l%t%""%%%%%"H%%%&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"("d9A"d"""@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"(5"diqy"""4:"*2"dnv~"""("x (0S["~""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"8?7X`hp""!""XDLT\d"">6W"0"z""$,4<" "o_g"")1"8T\dl"l""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"about:blank#EBCmd(
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
"AI"lt""<"x"7?G",jrz"T"#+3;"^fn" "\"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"E@MxVWEPE@PMME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"L08""[cnv~""p%/7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"S3t^NFFF^]u,3 ;t3@;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
"T8@H""ks{"("x"&.6>F"iqy""2:Bemu""4""$,"$OW_go"p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#+3;CScspp
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#; onclick='
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
#<<<!'5%<<<<<<<6<<<<<<<<<<',.-$*<<<<<<<<<<<8''<<<<<<<<<<<<<1<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<{1h( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#EjX+EE+ESEEEEP}MjX+E}EESEP}}wj[$u#ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
#http://logo.verisign.com/vslogo.gif0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
#MxE@tMMMt} tMEtMu!!E=SuuEPuuuEumM#;u+Et%eSuEuPuuuEu46D0 PPl!Y@!uu;uD6D0 PV)!YuX;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$####,^]UVut5;tP#YF;tP#Yv;5tV#Y^]UVut~F;tPu#YF;tPc#YF;tPQ#YF;tP?#YF;tP-#YF ;tP#Yv$;5tV#Y^]UV3PPPPPPPPUI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$$PIr+$$F#Gr$IF#GFGr$F#GFGFGV$IT\dlt|DDDDDDDDDDDDDD$E^_FGE^_IFGFGE^_FGFGFGE^_Uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$0$Ir+$4$0DhF#Gr$0IF#GFGr$0F#GFGFGV$0I'DDDDDDDDDDDDDD$0@HXlE^_FGE^_IFGFGE^_FGFGFGE^_UWVuM};v;r=tWV;^_u^_]ur*$r$$$(Tx#FGFGr$I#FGr$#r$IDDDDDDDDDDDDDD$(<E^_E^_FGE^_IFGFGE^_t1|9u$r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$E|E|E|L\|L|[B|bU|bZ|E}|bD|L|LD|[D|ED|LD|RichE|PELKN!hpO
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$G@!#9 M)L2+3RH1/&*R=OK"QJR7I'F4B8A(E.D<:>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$KE%W9\!J40N'#S2>X BVb)8pbC1Dh@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$OX`>, [b\A.!Z
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
$Y]9^uhFPGYYu]FE09]tD8PEE3}j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%0;F"p"lt|""`5"X"~"<Hdr#r""#+@)@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%@~% ?-[g9X5dh,]vFKE*nk`0mE%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%E]EMME}E;t?ggv4StjVMMVu}C3g;r39}~5MWt VMuuMFDPVG;}|uRtjeMMElrjMMVjpquu3@7,u)EP+v,eEPMM3qUhhq]4Mt3;P;EPPyhMuDfMMXEM\EUhEPE`MEuMPMYhEP/MEuEPMhE PM E}u|EtPE PMV$9utt_j jYMTE;tjjEiYMTEtE P3VjF5(Es3hEPghDMEh&M0;xM8EP9uPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%s_%sparamjsonParamscmdIdtopicFrom Html Dialog: API_CMD_CLICKED</head>; return false;'#; onclick='}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%tEEP{hDME$tF,M FME(h8M$eEuHEPsh$MEf$uME'\hYMEt~3WE-utjMV5MET'uEE;ESME6'EE;Ee3F7VN^USVsWU}{ED39ME~4MutjEE;E|juj1;t-EP%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
%v,%v0$v4$v$v8$v<$@v@$vD$vH$vL$vP$vT$vX$v\$v`$vd$vh$vlz$vpr$vtj$vxb$v|Z$@L$A$6$+$ $$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&0&8&B&J&"p"m&u&}&&&&&&"&&&'"<$'""G'O'W'_'g''"''''"$'"h("1(9("b("(" "p(((((((((((#)-)"R)Z)h)"))"8)"l)))*"$*"G*"j*"4*"`*"*""*++++@0"x@>+F+N+V+^+f+n+v+~+++++++++",
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'vm_pXmlDoc->save() returned HRESULT = 0x%XCXmlDocument::Savecalling m_pXmlDoc->save(%s)return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())return %d (from LoadW)return FALSE - not using helperStart. bUseHelper=%d wStrXml=%sCXmlDocument::LoadFromBufferreturn %dfailed to read fileException caught. memory size is %d m_pXmlDoc->load() return HRESULT 0x%Xreturn FALSE - file doesn't existreturn FALSE - m_pXmlDoc==NULLCXmlDocument::LoadFromFileStart. wStrFilePath=%s bUseHelper=%d@33End : return FALSE (RegOpenKeyExW returned 0x%X)End : return TRUEEnd : return FALSE (RegQueryValueExW returned 0x%X)Start : root=0x%X key=%s valueName=%sEnd : return FALSE (RegSetValueExW returned 0x%X)End : return FALSE (RegCreateKeyExW returned 0x%X)Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%sCSetupRegW::SetRegEntryStart : root=0x%X key=%sCSetupRegW::IsKeyInRegistryEnd : return %dEnd : return 0 (RegOpenKeyExW returned 0x%X)CSetupRegW::GetRegNamesCountEnd : return_value=%d rc=0x%XEnd : return FALSE (result pointer is NULL)CSetupRegW::GetIntFromRegistryValueEnd : return FALSE (RegCreateKeyW returned 0x%X)Start : root=0x%X key=%s valueName=%s value=%dCSetupRegW::WriteIntToRegistryEnd : return FALSE (RegQueryValueExW dwordType==REG_BINARY)Start : root=0x%X key=%s valueName=%s wStrValue=%sCSetupRegW::GetStringFromRegistryValueEnd : return %d (RegDeleteKeyW returned 0x%X)CSetupRegW::DeleteKeyEnd : return 0x%X (status)CSetupRegW::RegDeleteKeyAndItsSubkeysStart : hKey=0x%X lpSubKey=%sEnd : return FALSE (wStrValue from registry is empty)End : return FALSE (GetStringFromRegistryValue failed)CSetupRegW::GetBoolFromRegistryValueEnd : return %d (from SetRegEntry)Start : root=0x%X key=%s valueName=%s bValue=%dCSetupRegW::SetBoolRegistryValueEnd : return %d (rc==0x%X)Start : root=0x%X path=%s value=%sCSetupRegW::DeleteValueEnd : return FALSE (RegOpenKeyExW returned ox%X)CSetupRegW::GetRegDirectoryKeyNamesStart : hRoot=0x%X wKey=%sEnd : return FALSE (RegEnumKeyExW returned ox%X)CSetupRegW::GetFirstRegDirectoryNameEnd : return FALSEStart : root=0x%X key=%s wStrValName=%s iType=0x%XCSetupRegW::IsValueInRegistryStart : root=0x%X key=%s iType=0x%XCSetupRegW::GetRegNamesStart : root=0x%X key=%s wStrFirstName=%sCSetupRegW::GetRegFirstNameEnd : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)Start : hRoot=0x%X wStrKey=%sCSetupRegW::DeleteRegEntry;$9;xW'M>XmmmXm↓→↑←‾♦♥♣♠ÿþýüûúùø÷öõôóòñðïîíìëêéèçæåäãâáàßÞÝÜÛÚÙØ×ÖÕÔÓÒÑÐÏÎÍÌËÊÉÈÇÆÅÄÃÂÁÀ¿¾½¼»º¹¸·¶µ´³²±°&hibar;¯®­¬«ª©¨¨§&brkbar;¦¥¤£¢¡ ›™—–”“’‘‹‰‡†„‚⁄"CResourceBank::InitB)dBxxemNaGQdac
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&Ej$_UeEP3CM]tMjh|%jxVM&Mth`V7j`WMthHWjhHMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&M&M%M%M%T$BJ3`MM%M~MM+M%T$BJ3DeM5Mw%M3Mg%M_%T$BJ3"MH<%MX4%M,%MM%M%M%M8%M R*MX$MX$T$BJ3LM$xM$uYT$Bt3KlM@$M0~$Mv$MM f$M^$M0V$T$BJ3M3$M+$MT$BJ3M$T$BJ3M#M1T$BJ3wMvPMM@MlJMz#M(uYuYuYuYuYuyYuoYueYT$BJ3MOM]M@MlM"T$BJ3iMHuYuYT$BJ32SMm"T$BJ3(0uYT$BJ3TMM"M0T$BJ3u3YT$BJ3M!M!M!M!M!M!M!M!T$BJ37XMr!Mj!Mb!MZ!T$BJ3dM7!M/!T$BJ3M!T$BJ3MT$BJ3M M M M M M T$BJ3@aMDT$BJ3p>uYMN MF T$BJ3M# u\YM uJYT$BJ3MuYMT$BJ3t,MuYMMM-T$BJ3/PPMjMbMZT$BJ3M7EeMMMMT$BJ3MuYMMMT$BJ3c$MuYMM(T$BJ3&GMaMYMQMIMM9M1T$BJ3MT$BJ3u,Yu"YuYMT$BJ3o\M$T$BJ3LmM+MMwMoM"T$B|3'MA+T$BJ3MMMMT$BJ3DMHT$BJ3pM2T$BJ3bMTT$BP31RMT$BJ3/MT$BJ3(ugYMMMMMMMtMMT$Bp3pLuYuYT$BJ3AbMM~M`T$BJ3#MM?T$BJ3HMT$BJ3tM(u"YuYMT$BJ3oM(T$BJ3LmM(T$BJ3)JMdT$BJ3<'MT$Bp3hMwT$BJ3MlT$BJ3uYMMMMT$BJ3UvM4MMM@xM0pMPhM `MMMHM`M8M0M(xMh'T$Bp3TM"T$BJ3MpMT$BJ3fDMEM`]MM M0@dMnMfM^MVMDNMT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&Oy3. v2f.d%4ku`e:Pr4Ekp!-U)aR$$xgL%w,U/$BEjOiI f^$[PTzhp)SFkZJrS}~)XE-)pws -j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
&S-`KRkS@4C5|mF.O=30P t.=(DS0n
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'`Th[*zDG;GIF89avhvuxt}y!v,ve*p2#L$ Vr;fjiZlK+aNoX^OAB(6P-M:D&g>=Cm_n%1"[h]k0JT<,8734@GHQtcR/p9E"Q01B#;)~Th;GIF89avhvuxt}y!v,ve*p2#L$ Vr;fjiZlK+aNoX^OAB(6P-M:D&g>=Cm_n%1"[h]k0JT<,8734@GHQtcR/d9\rbNA.uPhPU*1EG;GIF89aovr|rl|^hy}dtqeynrskuphqvj|}jMj!,H A,@<@FtPrP,%>!G(v 3 9`$1\a1\!QxQcYSH1TlLy!a!0P|"nF#-|!A:]XDa*$m(HDSN;GIF89a~q!,H`@"qO)XP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'tag'MjaXy'M4+G Df$fO8TrfujIh8y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'VeriSign Class 3 Code Signing 2009-2 CA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
'VeriSign Class 3 Code Signing 2009-2 CA0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
((((( H
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
(0%+w%lP(HNM$;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
(0=0L0c0w0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
(no title)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
(P`aR00aM/r&@;GIF89ae!e,eG/-3Qe6]@T8Z<OI&;_:75
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
(VVVVV^]UuMd+E~EPjuMH}tMapU=TuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
(YUEV4>uP"YujGY6^]U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
)xM?|MM=M\"T$BJ3u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*"8|(@+@t+""0/l|ds(0s(0""19"D\dl"x""",""X"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*6EPEdPEhYYMdE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*F&$W#U8SIEQBZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
*ug1EujP;EtunY@SEPjPjh}ftf:uf\tf/uGGhMWYYu3hMWYYu"hMWYYuhMWYYtxWFSP|]U$EEEtt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
++GFN ;~++uFHFWX(3Nv w7u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+0u+i0g0$+0http://ocsp.verisign.com0?+03http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0U#0k&p?-50`HB0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+70% <<<Obsolete>>>0 0*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+\A;rD=+]3NUt3D
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+]:0kkkkkkkkk(e\kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk?h( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+]UEMSVW3xE3xECxt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+CHttpManager::ReturnWithErrorCHttpManager::DownloadFileHelperException was throw while downloading [%s]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+HEN,+Mv8jEF EFEG+GEF4WV_^[MU$`\}MeMECE}rENHt<Ht*H[EG0NF Ej\mjX)EWEPEPEPEPJWuuuu(FmmmME)MEM }eMECM rME%;F3EE9FtjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+j<*u~PFFdF$FFFF F$l$FXF\EgEtPQE$M9*\DP<L$ytAt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+M+ME}3}E}+9}U}u}u}};}}}U9U~U+UU9U~U+UU2E2MuPjEPp)E)EEEjEP{3EttQjs0MM+V3jPFFFP5^aU(WEPW5xufVj(3EVP`5EhVEuuEujEEEPu}|^fu33@_UEVPFu3KtSWEPv<5]}+]+}jvSWuuhh|hh39FSWPPSWjjE}jPWWE3CSWvtW=ujPvjjdjv~WWv^_[^UVf\;Fu`vt0EPv<E+EjPE+EPuuvf^|$Vu,\Pvtv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+MN?M~j?^;J;Ju\ }&M|8]#\D\Du3M]!,OM|8!]u]M!K]}JzyJzyMyJzQJQJ;Ju^LM L}#}u;M|D)}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+t3\pY+t3\3p;qt~pY+t3\p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
+t3\pY+t3\wpY+t3\3Rp;qt~Yp+t3\)pY+t3\pY+t3\pY+t3\3p;qt~pY+t3\pY+t3\xpY+t3\WpY+t3\32p;qt~pY+t3\pY+t3\pY+t3\pY+t3\3p;qtrpY+t3\u}pY+t3\u`pY+t3\uCpY+t3\3u"+;$P;QtqQ+t3TupQ+t3TupQ+t3TupQ+t3T3vP;Qt}Q+t3TNpQ+t3T-pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3T}pQ+t3T3XP;Qt}Q+t3T0pQ+t3TpQ+t3TpQ+t3T3P;Qt~Qp+t3TpQ+t3TpQ+t3T^pQ+t3T39P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;QtoQ+t3Tu6pQ+t3TupQ+t3Tt@I+t3L3u3[S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,"4"-,5,=,E,M,U,`,h,p,x,,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,%5EUeu`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,,,,","(---"T7-?-G-"j-r-z--"-"-"<@h"x..."E.M."s.}."0.."d...".///"</F/"k/u//"L///"///"00";0C0"4i0q0y00"h0"0"001""d,141<1D1L1T1\11111"1""021112B2J2"Xm2u2}2"22"" 22222%303"H3q3y33"|"3333344""d<4D4L4T4\4"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,.;:|*&/\
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
,1XYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
,1XYYYYYYYY4BL;11
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,3^]UE]UE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,CARb`*\^L pfbdJ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,D[B'5R)NE%[JPHZ1W4[< 2KG(*"Y;[!FAUS@T$7[C8-O/6I
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,fjp0MEMMjd&^EEE@EEPM;eMvjh`ME_EPEPE@YYMEdEPMME[EPME[\thj_jVMMEnPMVMjMRPMME=PMM,PMjEPe(MEMEMEZMEuMEiMM]gj,&tXptQuHPpu"M?eM}MM?ijVw0j '
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
,g`%^&vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- Attempt to initialize the CRT more than once.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- Attempt to use MSIL code from this assembly during native code initialization
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- CRT not initialized
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- floating point support not loaded
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for _onexit/atexit table
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for arguments
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for environment
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for locale information
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for lowio initialization
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for stdio initialization
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- not enough space for thread data
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- pure virtual function call
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unable to initialize heap
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unable to open console device
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unexpected heap error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
- unexpected multithread lock error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
--== Logger finished ==--
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
--== Logger initiated ==--
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
-]t t]jhGX39tVE@tH9t@EU.E=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
-F;0|$;rSQRPj0FU;u|drjjdRPj0UF;u|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
-incomplete dynamic bit lengths tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
-N%,P;06C5;GIF89a'!',i)Q2PP,:B&VkQ(]NA|D}s<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
. .(6ZUbD{'@%8I<so#Z0]B!q>=#.0XR!%TFD*#qAn@K4X"'`bR0F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.(>?$&&3?*.?2('?19:!!="7B4'+D F85%%FCA;GIF89a?{x!?,pH,ZhnLFC1zHD(j4,b-kD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
...<program name unknown>Runtime Error!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.;\l t9Gw≻d>jm
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.?AUIClassFactory@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIConduitAlert2@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIConduitAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIDispatch@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIDocHostUIHandler@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIElementBehavior@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIElementBehaviorFactory@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIHTMLPainter@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIInternetSecurityManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUINewWindowManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleClientSite@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleCommandTarget@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleControlSite@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleInPlaceFrame@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleInPlaceSite@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleInPlaceUIWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIOleWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIServiceProvider@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AUIUnknown@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AV__non_rtti_object@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AV_com_error@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_alloc@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_cast@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_exception@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVbad_typeid@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVBitmap@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAbstractAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertAboutBoxDlg@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertALPResponseObject@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertAppManagerFact@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertChannelItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertChannelsList@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertClient@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertDialogChildButton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertDialogChildButtonCheckBox@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlerter@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertExpirationData@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertFeedItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertGui@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertHTMLDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertHTMLDialogBrowserContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertHttpManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertLogger@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertLP@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertOptionsDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertOptionsDialogTitleBar@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertOptionsDialogWindowStyle@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertResourceBank@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertSingletonAllocator@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertTitleBar@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertTrayIcon@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertViewRecentPopUpWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAlertWindowStyle@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAppManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAppManagerFact@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCArrayPtr@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCArrayStringW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAtlException@ATL@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCAutoUpdateThread@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCBaseWnd@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCCabExtractor@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCChildButton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCChildButtonStatic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCClassFactory@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCCommandId@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCConduitAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCCritical@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogChildButton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogChildButtonCheckBox@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogChildButtonStatic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDialogLineDivider@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDictionary@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDispatcher@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCDummyJob@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventAlertClient@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventAlertGui@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventGeneral@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventHttpReply@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventHttpRequest@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventLogger@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventLogic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventQuerySent@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventSingleton@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventSingletonGeneral@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCEventUsage@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCFileHandler@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCGdiPlusBitmap@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCGdiPlusBitmapResource@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCHTMLDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCHTMLDialogBrowserContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCInstantAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCInternationalizationHelper@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJob@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJobDownloadFile@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJobRequestPost@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJson@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonArray@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonBoolean@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonNull@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonNumber@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonObject@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonObjectPairValue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonString@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCJsonValue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLanguagePack@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCListBase@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCListViewCtrl@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLogger@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLoggerWnd@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLogic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCLPManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMapPtr@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMapStringPtrW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMovingFrame@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyDialog@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyTitleBar@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyTrayIcon@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCMyWnd@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCNotificationsFeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCNotificationsItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCPicture@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCPopUpWindow@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCPriorityQueue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCQueryResult@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCQueue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCReferencedSeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRegMonitor@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRegValue@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCResourceBank@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRSSAlert@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRSSFeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCRSSItem@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCServiceMapManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSetupRegW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonAllocator@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonLogic@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonManager@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSingletonSeed@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCStringBufferW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCStringTokenizerW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSyncMapPtr@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCSyncMapStringPtrW@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCThreadPool@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCTooltip@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCTranslatedKey@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCTrayIconPopUpMenu@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCUnknown@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCUtils@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCVersion@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWebBrowserContainer@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWebBrowserDispatcher@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWindowStyle@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCWindowStyledBorder@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCXmlDocument@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVCXmlNode@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVexception@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVGdiplusBase@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVIAlertResultEvents@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVIDefaultTranslationsLoader@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVImage@Gdiplus@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVlength_error@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVlogic_error@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVout_of_range@std@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.?AVtype_info@@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.Class 3 Public Primary Certification Authority0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
.ejh|Et*v|vxvtN<M8Pu^TEu4~pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.MT$BJ38MT$BJ3MM@M MMMMLMMMMM0MT$BJ3lJt3bMAMYT$BJ37TXMM.MbMT$BJ3%M#T$BJ3u]YMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.pA`@+W`<5
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
.uuhhpjM_t-}t'jhrh`rjust
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/0M'PhvM &ShME5E PEPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/B+E;s])E_ +wuBE+2rO43J+MBM;sEE_ ++wuJ+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/ehhhhhhhh"PCM0Lhhhhhhhhhf&QOEhhhhhhhhhh@T#*hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhhh4VS_VERSION_INFO?StringFileInfo040904b04CommentsAlert ver 1.0:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
/ME/MEPM0E/M@]/Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0$0,0@0\0`0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0(040X0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0.090@0[0`0h0n0u0{0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 00040D0H0L0P0T0\0t0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 0H0l0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 1'1:1l1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0 [4RT&L2RI&e;GIF89ap!p,pFOi?kp_Tnj(\N=IXG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0!0&01060A0F0Q0V0a0f0q0v0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0!030M0b0l0~0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0&0*070
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0.0:0F0R0^0j0v0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0/0J0Q0i0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"0@0E0c0w0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0"131'2:2k2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0#020U0b0n0v0~0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0(0,00080P0`0d0t0x0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0,040<0D0L0T0`0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0,040<0D0P0t0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$000P0X0d0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0$0@0X0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0%0+060<0G0M0X0^0i0o0z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0&0-040:0A0H0R0\0f0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0&0/070=0M0Y0b0h0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0'040I0c0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0(0,0@0D0T0X0`0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0(00080@0H0P0X0`0l0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0*1014181<1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0,03080<0@0a0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0,`H809:|@T/R>+!\P4.M^%n|)]1ZgX5+!`x^{`W]A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0.0@0Z0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0.181O1Y1u1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0/1U1\1c1j1q1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
00"0.0:0F0R0^0j0v000000000000@1P1111'2222'353u333344_4m44445I5W5555536A666667+7k7y77788U8c88888?9M99999):7:w::::;!;a;o;;;;<K<Y<<<<=r======>/>B>>>>>???N????0A0~000001'171J1b11111212O2p222223-333334H44444[555686V6w66666666777#7(757;7I7W7e7s77777b8n88899"9H999:>:::';;;R<<=T==>>>L??P(001P112x223o44.556x66'7v77"888:r:;:<h<<=r===>-?? tJ0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000#020U0b0n0v0~0000112333
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0000&0-040:0A0H0R0\0f00/1U1\1c1j1q1x11111111112222223C3z333338444$5H555686^6g6677R7778888:;;/<d<<<<<="=:=W=t==>;>>>>>>?@?d???
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000000"0&0*0701*191e111[9x9999::R;s;;;;;;K>????T0k0t112z22444#505>5n558888999"9;|>>T?^?{?????????00!0&01060A0F0Q0V0a0f0q0v000000000000000001111!1(1.141B1111202<2D2o2222222333E3R334c444,5O5u556G6b6}666(7S77778>888'9R999:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
000<0b0z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0012A22;4U44u555555w666666&7v88y::;;;;<<$<<<<<<f=y=====#>P>m>>-?=???0&000J00001A1b112/2@2F2222224*44455u66777A777777777883898C8R8X88888!909d9k9999::::[;k;;W<<<7======>Y>b>n>>>>>>>>>??/?=?k??????? .00000,1d111111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
01(131<1M1l1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
010UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
040D0H0\0`0p0t0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
090521000000Z
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0@0`0h0p0x0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0_10UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0A1G1X1n1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0B1G1S1X1d1 2<2A2j2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0D0J0q0v0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0D0X0h0|0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0H89t>1uA~WwQ@PWV^d3_^[]UQUBSVW%#EB%ut;t<($3;u;uEfMXL<]MEHuPPtM_^fH[U03EES]VEWEPEPYYEPjjufauCEECEPuV|$t3PPPPPPM_s^3[FVW3H<u8h07YYtF$|3@_^$3SVW>t~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0I0w0<1i1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
0I^VFW|$;Gt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0L0U111L2\2c2j2q2x22222333333444T44445R57L7777^88K99::::(;-;L;d;v;{;;;;<<<x===>4?9???xO00000)1111112C2h33444
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0n7oD$ppSWj\$t-VSrYV?3w|fWfB@;~^_[U}tOVujlEPuYYF@PFNURjuPQuj+^]VFW|$;GtjW0_^D$Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0w,aQmjp5cd2y+L|~-d jHqA}mQVlkdzbeO\lcc=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0wu< u9]tj+MdjPM}u&SMEEEPM]uMhMuYPMuMF;7VMEP)MEEMEM]EjCueNuEpVD$tVY^ Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0ZE!yGp!9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
0}^Vt$^Vt$^j?mEPMueMMmD$p|$Vt1F~HPf\tf/tj/t$#^|$Vt1F~HPf\tf/tj\t$^jtljuM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1 *\#C ;GIF89aYYY!,;FG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1$1(1H1L1P1T1X1d1h1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1(10181@1H1T1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1(141T1\1h1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1,1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1N1R2W2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1 1T1X1x1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1!1(1.141B1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1#1(13181E1S1Y1f1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1*151;1F1L1W1]1h1n1y1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1,141<1H1l1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$101T1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1D1P1p1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1$1H1h1p1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1'171J1b1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1'1A1L1\1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1'202<2u2~2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1(1,1014181<1D1\1l1p1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1*zA;u@AHt$CQ|T%CuT&C+jRPugE+]PuSujhEu4PP{1YME;EtPqYEEE3;EL0;tMf9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1+1F1a1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1+262F2z2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1,10181P1`1d1t1x1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1,1@1h1=2F2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1,2;2F2W2]2b2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
100217000000Z
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
101@1D1T1X1h1l1t1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
12.2E2V2z2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
12=3.4444455!5+5>5555K666*7s778L8z888299999:Y::::;;;6<w<<=d===2>>>?`???0l^000A1118222$333#444L555.66e778A8}889m99:f:::T;;;:<<<0=d==>`>>?`???@S00071112T222)3f3u3333334C4q444)55555-6[6667=7778879n99:{:::Y;;<J<<<3===/>c>>>>>?P 00.181O1Y1u12A2233334<4q44455<5H5V5]5z55556C6o666/7@77777L8889S9~9999:d::;B;;;<b<<<"=;=h==>+>8>G>X>y>>>>o???`l*000 191K122222P334b67m89@:::::::;(;;;,<<=3=?=L=Y======9>g>s>>>[???ph00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
130329235959Z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
130329235959Z010UIL10
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
131<1Y1W2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
141<1D1L1T1\1d1l1t1|1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
171Z1112j223;3333%4P44%5q55556677778D8889*9M9v9999*:m::;T;;<B<e<<<<==|===0(0t00081c111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
190520235959Z0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
190520235959Z010UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1<1C1J1Q1X1_1f1m1t1{1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1[2@3I324
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1AuuS]SuuC;^]EE;F3@_^[jdus3N}1@-^<Ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1I45:6J6Q6X6_6f6m6t6{6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1L2\2c2j2q2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
1N1y1172222222234w4$6F667)88889h:::::::;<;y;;<j===?>n>>>>!?\?001013&3;4V4d444555F5f5u555555Y66666,7H7777?8_889b::;;; <=<y<<<<m=====>->?>K>>F?t??01|11E2N222233%3E4O4f4555666828<8A88885999::y:::::b;o;;;{<<<<<<======>>x????000%0+0001E111111272222333K4l44455'55556667G7U7778G888A99/::;U;q;;;<t<=O=o===>r>j???p000R1s12k3p324K4V4[4445666?6H6R6w66666E7777898N88E999):=:::;<C<<===u>6??S00001&1@11[2@3I32444`5s555J667*7Q7q77777777m899:d:v::::::;;1;;;;<<<<<<,===>`>p>1?K??00P0r001V1111112!2;2f223333334454M4v4444P556&6+626[6k6v6666 7c777.8D888888'9E9y9999:+:S::::;;;<<%<3<<<)=7===U=p===>0>A>J>>?T?h??h0000001%1+1;111_2k222222X3h3o333333334T44L5m5t555F6R6`6g66677778
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
1QWuuG;~|EE;F|3@_^[UQSVuWv=6uuuEVu)E^Suu9EMEMEEExAu1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 2$2(2h2l2p2t2x2|2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 2$2M2s2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 20242D2H2X2\2l2p2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 2@2H2P2X2d2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2 464S4^4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2#2)242:2E2K2V2\2g2m2x2~2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2$2(282<2D2\2l2p2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2$2,242<2H2h2t2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2''8$3B)=,*D
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2(20282@2H2P2X2d2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2(2H2P2X2`2h2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2)2I2^2t2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2,242<2H2h2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2,2H2`2t2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2.2E2V2z222>3O3y333404`4f4p4u444l55555P6f6o7777888,8d88889:;o<<<<8==?>E>K>P>^>q>>>>>>>>>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
20282@2H2P2X2`2h2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
20282D2l2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
202<2D2o2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
21222222&3q3}33333^4n4t44444 5j5556%6^6666788.8D8_8k899"949Y9b9t99:2:X:~:::::;&;/;L;i;y;~;;;;;;;.<4<k<|<<<<<<<*=U=]===u>??H0O000r1123334!45567!8o88999999:2:x;;=r>001111111111111112W2_2d222233R3W333w4444444{555555555
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
23 353C3X3g3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
242D2H2X2\2d2|2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
24383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2<2D2P2p2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2<2X2\2x2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2a2223U333.4445;5~55-6q6667V777 8K8888,9`999:e::::J;u;;;/<b<<<=`==>\>>>>>>F??? ?000011!2X2{2222S33333J4m4445[555'6d6667>77778(8Y8|889I9999:>:a:::::5;;;$<<<<.=a====><>j>>>>3?b???0020`0000#1v11192d222313h33434y4475z55 6k66667A777;8c8889>9g9999F:::;W;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2A2N2X2f2o2y2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2B3O3'414
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2EPuMhxoKtM ^MTE PESE Phh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2k3p324K4V4[4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2MEu*M("hM(&EX;t9]|EHPM1M(!PM2jEPM!Pu\MlMm3;~iVE8PM57E9]XuM8{";t*SE8PM((;uSE8PM'MxE8P6M8E)F;|;~M^7EhEh;E`SM(ME6ME.ME\)M(EP)3F(jsM!t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2p"A9K\Lq
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2QYj)QYVWP5PtuNhjYYt:V5P5YtjVYYDNVoY3W_^VujY^jhBuF$tP"YF,tPYF4tPYF<tPYF@tPYFDtPYFHtPYF\=]tPYj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2Terms of use at https://www.verisign.com/rpa (c)09100.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
2VEPEPSEgME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2Vt$[t$g3@^j8139]u3MJtM];E]~Y3;]}BMSFttG4PN4}]C;]|E9EtuMPF]EC;]|MMs3@E1UhSVWj@EjPU;j(EjPH;j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
2YEEt3WE1YEEtk3WE1YEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3 3$3(3,30343
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3$3,3D3T3X3h3l3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3$34383H3L3\3`3h3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3&3+343Q3W3b3g3o3u3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 3034383@3X3h3l3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3 353C3X3g3333S4455P6_68888899%9.949]99999;:K:U:_:::;;;;B<K<T<<<<<<<<==)=9=I=P=W==========
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3 3@3H3T3t3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3"3(33393C3O3Z3`3j3v3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3"4=4T4s4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3#0tEPeMyPt3MMWKXE{PUMVtjE uMQP}tEPK$_KX}t6MSNEPEPENtEPMEEW3FOj.hj4vYM3u;tuMuPjuuEPj~X$VM`eEPG)MYMVjbuY/eN LMN0EA/fPNTElXV}D$tVtY^j1cWMMLMeEPuu3MMUj4-YMEt3MQEuPtMjuEPmjVW|$NuSSUnX^$SYt-W\WN3=StCu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3$3,343<3H3h3t3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3$3D3L3T3\3d3l3t3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3$3D3L3T3\3d3p3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3%3E4O4f4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3%4Q4Z4l4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3&3;4V4d4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3&uuP,uP\39Ap]j\V>M3VVMyMVVEPuuu33_t$EPEPM]t9u|]9u|}MjVEP(t$EPEPM&t;]];}}MVjEPt$EPEPMt;]];}}EMEM8wy
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3(30383@3L3l3x3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3)313A3J3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3,383X3`3h3p3|3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3,3:3C3l3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3-44484<4@4D4H4L4P4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3/M|3VjuMuM;uM;uMMP`VF$UtPfFtPtv^j0ik.ej,^VEjP9EKuMEEEu}MC%5$tjjhsMEEPjh2s3uMM[c.$FU0Vj,EjPr8FME,EEEEPjh9v$^t$t$hq$3@t$jhq$3@VD$tV-Y^USVW39}t@WuWuPPPPQWh(UW^;u3DWjhS$hjN,Wj?Wj5EFEF_^[]VW3NWt$$Ut$~~~~~~B~_^jk,uPU3@~PEkIjPNEiIMA,|$u3W|$u3&Vq9D$st$H3@3^_ jkn+uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
30EPG8ehUM:uhM)uMMrhEP_@PN$EMEGhx?u3MM)kP\jD9aA/Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
30M3VjuMuvM;uM&N;uMMPjD9a.Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
31MeEPjjEPMEt6euMME6MM3UQQEWt@VpEPeEtHQPEPEPau@^_j ./}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
33"3@333344%46=6666
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
334444444V5c5}5555555T6Y6v6666677C7X7t7y77778}8889999:::;X;{;}<<<>>5>B>U>t>>>?@01'1A1L1\112222223;3Z3y33333434R4q444445+5J5i5555556:6Y6x666667/7N7m777778'8F8e8888899>9]9|99999:6:U:t:::::;.;M;l;;;;;<&<E<d<<<<<<===\={=====>5>T>s>>>>>?-?L?k?????P0%0D0c0000001+1F1a1|112223h566)656B66677>7*8/8M8b8888899(9/999::a;;;`<<`=>>>>??g?y?????`00000<0b0z0000000111*131E11h23+3i3335 5J5p556&666666J7u77878D8\88999:::::,;f;;<<S<_<k<z<z==>5>>@??pp0Y0d011113$3D34o44G5d55X6h667N777)8p8889!9399999/:`:;<<==G==>>>>>/?;?R?a?j?50?0f0000"131'2:2k222222223
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
339EEtIt\BuUtU}u< tK<tGt=Pt#1Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
33@F F$QNNNNF,3F0N4F(N^VNtT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
34 434R4^4v4{4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
343<3D3L3T3\3h3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
343L3h3l3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
344=4U4s4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
34MEP5<M]hxM!u3MMhMC<;E]uM@;EP;PMEM]MXh\SMtMj$D-YME;tS3W]tMVVP;tjEE;ES3F%j j23]}jhT]N]ChT]9N$P)hThTEPe.Mt'EPD]oPMEEPEPnuhdTh@T2UQeVM2u>!EEPuNt(Et!MPMtEPMjh|8E^UQe$QMEVD$tVe2Y^jkH1u~,Te^$hEhT1VD$tV1Y^jXFk0Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
36uEPeM!t3MM(MMEMjuME+ PVMMEcMEej<xeEP;3CM] tMjh|A.]M5MEMEMEEPMPVMyuMjh|-]`M_PMh0MEPME>PVMkMujh|-EP1M]E'MEYME?M]~'MEr'EyjHjMetMjh|-ZEP3FMutMjh|,MhPMq/MEPD0MuE&Ej439]tP9]tK9]~FjuM,EPEP].MEt!M]z&MMn&3vMME0MEME39]~@E;t0PM(MuMnPMePWM\F;u|MEME%MEM]%MM%3@@jEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
37MEP?M] h\SMpuMMMhdF;MQBwPEM]}tMMfjMhDS.F;tpMQcBwPEM]"ehhhhhhhTh3C]jHj53]ujhT]]ChS]oOP_hSShSGWMhhM]hhMhhMhhTMMtPhSh|SME5jyj5u,TE~PE,e
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
383@3H3P3X3`3h3p3x3
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
394A4T4_4d4t4~4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
39]]]=<uMEP MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
39F$PEPeM)tMM0EP}MEMEMEEPM%(PM(PVMhu93ME^MEDME0MMv0@ujM(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
39ttyVVVVVt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3;YNUS3V9@uT9]tO9]tJ9]tE9]t@j0uu;t*WVujuqVV\3;_3^[]ht$t$t$UT3EVu&t3(P%P3PlM3^jM@=@Et"ME-MM-3$EP\u3ME-MM-39E(MP%PM$PuPj[eEPu3FMMQ-YM$P=@Vu+t$t#W3VGTuPVPHt3_3^=@t3 L$I$L$P?$P+YY@j[]e3t*t%u\jWM$PuDP<M#Pu'5PujWM#PuMM>,FD$VtV_Y^VL$q#P^UPl$3Pj`NMlM3\]G$t6M\+3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3<hsMQP<uP%E+E3WsWsPE+EPuuhh|hW;tWjhP5hjSjMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3=KEPReWMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3=MV8E|^j2]}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3=~,u3@M#eMEPVMEu3MEMM0)M2M3E~;VEPM0PME,+ME#jjEPMF;|MEs#3Fyj,&MFetPMVMt^MM/|$Vt-qAr9T$rrI;L$v2^T$Vp2p~-uVrpI^;QuAJ;QuAPBUMw3QY3seEPMh,EPEUMw3k0QY30seEPMh,EPEUMw3P?Y3seEPM}h,EPEVt$^USVW}9~sBF]+;sE;s~rvPu~Plu;]s3;]_^[]VD$tViY^VpD$tVMY^j0uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3?4L4s4z4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3@@3;WShVPV_t}tMtu<^[Ul$3jNWVh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@@VhhPEt03Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@@VuhSPE_^3[UQQS39@t3VWuuuuhHVj7])C;tuuuuDEEPuu<;t3PhVAAQ6jEPjSuu4u$t3ShXV@@P3'h|Vj}tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@^&j<'Mej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@eyJBeeE )UM|#MM}|}ME}}|jMZ+;|1tdJ}3^jY+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3@MEMEMEEPhMPVMZu+3FMEXME>MM|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]EAEjppEPQEPEjP u8EtE`p3E#E}tMap[UMSVu3Wy;uj^0SSSSSS9]vU;~3@9Ewj"Y;0F~:tGj0Y@J;M;|?5|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3]MeMfu3MMTu33;|VL$P}^VWhP3@t!h4V<t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3`M3}MWhM+PVEPME*MjhMtijhMtSVh{uM?+PVEPM^PMEME)MtPMEMWS#MME3MM|VhMhVhMZMEMuEPMEMtEPME3FUQ|uMeVh@t.hV<tMQ}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3AA3PWh(VQu^t}tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3APjh)hq)hM)h))h-h%h%3$;F|[^j8gD9~|]NcN4u~PMPeMDMEPEPE!!kJMk9Mk(3@N`PEWEPM0WEPMES-_N`DkF`PMTMEMEjN`ZWEPMWEPMEujSjMEPMPv|r!EME<ME0vt~tNPMEMMEMEMM3UQSVuN0^4W}GEM;v^,G+;vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3DMEPh$M]'u3MM+M;EMSGEPrhMEe't EPPNE.2MhM4'tEPPN$E1M_hM't"EPwME"M,hM&t$EPDPN4E1ME*ME)C;]3Fj~fuN4 ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3EE3f;uBEu9uu9uu3fEf;u!BCu9su93uuuuu}EEMM~RDECEEMeO4;r;sE}wtfEmM}GGEM}f~7}x+uEe?uEffMf}BEtEE}MmEN}Eu9utfMf9MwMu4}u+e}uef9MufEBfEEEf;r#33f9EEEIM;fEUfEEEEEfU3feH%eE}<EMuU/E33EE3333}EffG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3EEEEE3##uf;!f;f;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3EF,E3N,PuMMajizFXPMN,eu3MM$jji2FXPMGN,eu3FMMJ,V~,u3^WP8N,;_@^VWPLPPuYtUWP@%u%Ph%j3t$<uWPDPWPHP3@3_^j]}et6t$<uWPDPWPHPPh0h%j 3jiu<PMeDN8PRt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3etUt3@ej\1VUVW|eeWV0VS$aW|VMEVWVMEV|Ee~\EP|mEP$\t4tvMAGP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3F$PEPeMa*t3MM1EPGjEYMRMEWMEsVM(PM(PWMcME%MEMEI1nj(Couu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3H%~t6YN;x';x}P=6rY9x|EPW$tBrf/tf\tftf{:uSjSDV{Y3u]ftf/tf\uyAAfuShPLa;ul3fWPDShNPPS3PjPPh@PE}uy9+3fEf/t%f\tf9lf:^WPhNPPjN_<65@YY@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0D
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3ikkkkkM>YU*g'
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3IuEPeMatMMeMkMEplMEuEPhMPVM<u-3ME;lME!MM_ZuVQD$tVHY^jbGu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3j&h\?YMEt3jMRxzh`?YMEt?3Mj}Eh`g?YMEt&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3j0ACMeMuEu"MEMMw3VM-t3MErMMF3@uVj8M}MedeE~[u~t@^$tEPMVujuMEE;E|MMjLtMy(d3E;u3M:M]X9]E]u;t9]uFPM&;ujF$PEPMq%MEu>EPMt.jSSEPND;tFPNH9]tMVMEEE;EbM]MM|3@j,&jMBueFPFXPM-u!j3MM"}t+A}tuum3FjhM03M}~~MFMFMFMFN,MMF~ ~$~(|j,&Mt\EtUNMF&eM53uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3juM@*eEPMEt3ME7$MM+$MMEMEjMaPMXPVMMEMEj8l}u3MVeM[MEwjuM^)EPEPEMEuMPWMEPMEuMPMPWM~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3juMYZeM\OjEPRt3MMLTuN]PEPR3FU}u35uMVMqj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3jZFQFPvW.v~_^At9L$V4t,jhwh`rjVtRj^3H@HHHH39At9At9At@At.yIuD$A`3v
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M&ueMuMMMJ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M7eMyREPuMEMtEPcMSt3ME\[MMM*EPME,ME*jOMSt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3M=jju3Mu7BM;uM=<;uMM=3FVD$tVY^j@aMee}[Ph&.Sjz\M3EuWMv53tEWePmMjE[PMxih.MEekejh|SiEPPMEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MejuFVNjYMEt3M}FtejuNq4jh[M}tvjjPYMetb3MejuFNj YMEt3uMFj.}tgjYMet3MejuFNjYt`$3MFHj.8}tJUj;YMetM3MejuFNEFj[uej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MEPhM}%u3MM(M;E}uMwEPEhME8%tEPPNE0MHh`M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MF8j%RF8:VWjXfD$t83u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MIaujh|MnMjxV]c;tVMjM_PMZpEPM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MLeguMMpLhE]t9ME'5h\EPE2PMEEME>M6u;MP;EPEPEPPN4EkEME=hEPPMEBEME=M'6uM.6FhhEPPMEEMEj=M5uE~$PD:hEP8PMEDME =M5uEPNDDh8tAh0MQPMEgDME<ML5uEPNCDe}w3F]ut'EP*MhE9EuEEEteMN<}t"PWMQMQMQSPtEE;Eretj3ME;MMIJj.hYM3E;tUdjpLMdMp(MToe`EPu`MT]XEPeh7M}6;0dh\EP%Eu3M}:t[E PM E8udE P<E PEPPN4E!BME:M }~:MXhTEPE2M};:xEPOud$PEAM}:K7AEPhEv6M}9E\hYEpEt3ep}\}GupMX#E@PM@E1M@h\5tXE0PVM0E1u5MdE0PMdE0PEPPNhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MM3AFFf;@; S tVHtGt1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MMMMM3u##4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3MQEPu3]tMMZ;tQh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3N<},3CNL]N\EEEE~~|Fx^p^t~l~~0~4~8~$~(~,~~~ DjyVCufxEtj'E;E,N\E NLEN<EMDjNT"CMfsufj =YEetjs~3MEPs@eusuhu}tuWFCD$At39AjVLB3}9}$9}(t~F] ;tM+MWQM+MQuuPGu(E+ESu$PE+EPuEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3O$F$]SQPRPEEP63];tMQRMTEvS;u]C;]r3;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
3QuEPQeM%t3MM-M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Rf~#u[3fE}QVfEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3sEPeMyt3MMMEPEPMEFMEM+u uMtME3FM!ME&MEBuMhPVM~MEMEME'j@quEPQeMvt3MMq}tjrY3MfMEkMEWh$MPVM{ME=ME#jpuEPeMt3MM5=qMMEMEuMhH_PVM-MEMEjoMUuEPeM(t3MMpM,MEM'MECVhlMPWM7MEMEjRoEPeeMMEMEEPhM=PVMuMu|p~uMEdMEJMMojnuEPeeMME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEPeM't3MM.M&ME+MEGjhM%PVM:MEMEj}UM&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEPeM't3MM[/eMMEMEEPVM&PWMu!EEuMVe&PWMuMEMEnjMD't
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEPeM+tMM2M*ME/MEKEPhM)PVMu-3MEMEMM2^uj$=uu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3uEPeMq&tMM-eM{MEMEEPhM%PVMLu-3MEKME1MMo-ZujM%t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3WMXeWMwEjW~FF uMMd=@EPvv FdUjvHvhD+RQQhPjvPj!PFu3MMcIEPvE+E+FP~tFHtEPFpE)FHt2EPFpE)FH\3FU}+SVWte9}t}u|3_^[]]uu9FtP`NuSW?uu9FtPdNUBHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3wuEPweM+t3MM93jzYMMEMEVhMa*PWMMEMEj}MD+t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3XuEPXeM(t3MM0M}EtjIY}MMEWh,M7'PVMME}MEcjvM(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3YU3EVW}VjPqjPhj)tjY3@M_3^wjWQ!}MEPu3]];tuMM}9u3R;tMQu3FR8Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3yVutPtVuM'MeVWPMu3MMuMj[[xet6>t+uMQRjuPMM3@MM3xjRwj<rYMetjx3}u3Yj8qYMEtjx3}tj"eWhhj&eWhj/eWhXj<eWhj>eWhheWhHzheWh8n[heWh$O<heWh0heWhheWhheWhheWhheWhheWhvcheWhWDheWh8%heWhxheWhdheWhTheWhDheWh4heWh$~kheWh_LheWh@-SeWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Y}EMEEJEEPuhav8u3MM#F<3FU$3PeSV\Wj8EjP-d`hEEjPEE]Ew-EPShsw8juP_^3[TVv8u^jjhv8^t$q80Uuuuuuq8]j0Vl!]3VsEPMuVVj=PsECEut05j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3Z^SEPeMtMMfMME~ME*~$WhTMEPuMF4PhHMyPuMMS-v3t+ME}MEMM)FUTjDXMPM(j3hM8]jjhMEWMPE8PEPE(PEMEUM8]J;u#MM(:3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
3}MyJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4 4$4(4,4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4$44484<4D4\4l4p4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4$4@4D4H4L4P4T4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 4(444X4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4 434R4^4v4{44444444455p56P66@7V7i77778q8888*9:7:H:g:::9;;;;;;8<<<=R=Y=u===>>>>???0111111g22F3O3s333333344=4U4s4444445G5\556(606=6b6q66667>77778'828f8l888888899K9]9999w::0;<<=*=]=S23333333333333333333333333333334444L4R4Z4g4{4444(5A5j5o555w607H7M799%:X:::/;|;;;;T<l<<<<<<=!=.=b==4?F?0"0/0J0Q0i0000 444440556d666666666666677
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4"4'474f4t4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4#505>5n5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$4,444<4D4L4X4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$404T4t4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4$4D4P4p4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(40484@4H4P4X4`4h4t4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(444?4E4P4X4b4p4u4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(484<4@4D4L4d4t4x4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4(5A5j5o5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4)GZ?C@ JYZA(=K%LXZRT>H/2:ZN".01'6Z-O3+MV5,ZP7D!;;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4,5A5U5u5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
404@4D4T4X4\4`4h4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
404`4f4p4u4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
404P4X4`4h4p4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
41'M!:";GIF89a~q!,H A2tP`]8y',@(0! $<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
44(444?4E4P4X4b4p4u44444444444444455!5&505<5G5M5\5f5t5y55555555555555666%6/696C6M6X6\6a6X5\5`5d5h5l5p5t5x5|55555555555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|999999999999999999;;;;;0<4<<<<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4444444444444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|555555555555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|11111111111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|22222222222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|33333333333333333333333333333333344444444 4$4(4,466P7T7X7\7`7d7h7l7p7t7x7|777777>>>45555555555555566666666(|2225566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8888888888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|::::::::::::d=h=p=t=x=|=====================>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|????????????????????H0L0P0T0X0\0112h7l77777777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:::::::::::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=============================>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?????????????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|444444444444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|<<<<<<<<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|::::::::::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|00000000000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|11111111111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|22222222222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4444444444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|55555P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|====>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|222222222222222233333333 3$3(3,303433333333p4t4x4|4444444@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|?????????????P111111111111111122222222 2$2(2h2l2p2t2x2|22222222222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|55555555555555555555556666666 6$666666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|555555555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|66666666666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7777777777778$8(8,848L8P8h8l88888888888888990949L9\9`9d9h9l9t99999999999::: :8:H:L:P:X:p:t:::::::::::;;(;,;0;8;P;T;l;p;;;;;;;;;;;<<<<0<4<L<P<h<l<<<<<<<<<<<<<<<======0=@=D=H=P=h=l===========>>(>,>D>H>`>d>|>>>>>>>>>>>???$?(?@?D?\?l?p?t?|???????????h00(0,0@0D0T0X0`0x000000000000111,10181P1`1d1t1x1111111111112222242D2H2X2\2d2|22222222222233 3034383@3X3h3l3|33333333333333344(484<4@4D4L4d4t4x4|4444444444444455(585<5@5D5H5\5`5p5t5|555555555566666,606H6X6\6`6t6x66666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|77777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888888888889999(9,9<9@9P9T9d9h9x9|9999999999999::::,:0:8:P:`:d:t:x:|::::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p<<<<<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x===========>>>> >0>4>8><>D>\>`>x>>>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t??????????????00040D0H0\0`0p0t0000000000001111101@1D1T1X1h1l1t111111111111222$2(282<2D2\2l2p222222222222222233 3$3,3D3T3X3h3l3|33333333333334444404@4D4T4X4\4`4h44444444444444455,505@5D5T5X5\5d5|55555555555566(6,6@6D6T6X6`6x666666666666677 7074787@7X7h7l7|777777777778888$8<8L8P8`8d8t8x888888888888899 9$9(9,949L9\9`9p9t9x9|999999999999::::(:,:<:@:P:T:d:h:x:|:::::::::::::;;;;,;0;@;D;T;X;h;l;|;;;;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<<<<<<<<<<<====4=D=H=X=\=d=|=============>>>>,>0>@>D>L>d>t>x>>>>>>>>>>>????$?<?L?P?`?d?h?p?????????????00 00040D0H0L0P0T0\0t000000000000000111(1,1014181<1D1\1l1p11111111111111222 20242D2H2X2\2l2p22222222222222233 3$34383H3L3\3`3h33333333333334 4$44484<4D4\4l4p44444444444445555 5(5@5P5T5d5h5l5t5555555555556666(686<6L6P6T6X6\6d6|666666666666666777$74787H7L7P7T7X7`7x777777777777788808@8D8T8X8`8x888888888888899 90949D9H9P9h9x9|9999999999999999: :$:4:8:<:D:\:l:p:::::::::::::::;; ;$;,;D;T;X;h;l;t;;;;;;;;;;;;<<,<0<@<D<H<P<h<l<<<<<<<<<<<<=====4=D=H=X=\=`=h===============>>,>0>@>D>L>d>t>x>>>>>>>>>>>>??? ?0?4?<?T?d?h?x?|????????????4000$0(0,00080P0`0d0t0x0|0008889999$9,949<9D9L9T9\9d9l9t9|9999999999::: :D:d:l:t:|::::::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<<<<<<<=,=4=@=`=h=p=t=x========>>> >(>0>8>@>H>P>\>|>>>>>>>??? ?(?0?<?\?d?p????????????t0(00080@0H0P0X0`0l0000000001111$101T1t1|111111111111111112222$2,242<2H2h2t22222223$3D3L3T3\3d3l3t3|33333333333333344 4(444X4x44444444444445 5(50585D5d5l5t5|55555555556666$6,646@6`6l666666677 7(747T7\7d7p7777777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9999999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|;;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x=========>8>@>H>P>X>`>h>p>x>>>>>>>>>>>>>>?(?0?8?@?H?T?t?|?????????????0000D0X0h0|00000001 1(10181@1H1T1t1|1111111111122220282D2l22222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x44444444445555 5(50585@5H5P5X5d5555555556 6(646T6\6d6p666666666667 7,7P7p7x777777777777778888$8,848<8D8L8T8\8d8l8t8|888888888888888889999$9,949<9D9L9T9\9d9l9t9|9999999999999::,:4:<:H:h:p:x::::::::;; ;@;H;P;\;|;;;;;;;;;;<<0<8<@<H<P<X<`<h<p<|<<<<<<<<<<=$=,=4=@=`=h=p=x==========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t000000000001$1,141<1H1l1111111111111222<2D2P2p2x22222223333$3,343<3H3h3t3333333333484@4H4P4X4`4h4p4x444444444455,585\5|55555555555566$6,686X6`6h6p6|66666667777$7,787\7|77777777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|:::::::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|<<<<<<<<<<<<<=$=0=P=\=|=======>>> >(>0>8>@>H>P>X>`>l>>>>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x00000000001111 1,1L1T1\1d1l1t1|1111111111222 2@2H2P2X2d22222222223(30383@3L3l3x33333334$404T4t4|44444444444445555<5D5P5p5|555555556686D6d6p666666777$7,7<7P7\7d777777777777777778888@8L8p88888888888888899,989X9`9h9t9999999999: :@:L:t::::::::;;;4;<;H;h;p;|;;;;;;;;;;<$<0<P<X<`<l<<<<<<<<<===8=@=L=l=t=|=======>>>$>H>h>p>x>>>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`00000000001111$1H1h1p1x111111111111112(20282@2H2P2X2d222222222222233343<3D3L3T3\3h3333333333344<4D4P4p4x44444444455$505T5t5|555555555566(60686@6L6l6x666666677747@7`7l7777777778848T8\8d8l8t8|8888888888999 9D9d9l9t9|9999999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l;;;;;;;;;;;<<<4<@<d<<<<<<<<<<<<<<<=<=H=P=h=t========>>>8>@>H>T>t>>>>>>>>?,?4?<?D?L?\?p?|?????????0000@0`0h0p0x00000000000001 1(141T1\1h11111111122,242<2H2h2p2x2222222333 3@3H3T3t3|33333333334(40484@4H4P4X4`4h4t444444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p666666666667 7(70787@7H7P7\777777777778888$8,848<8D8L8X8x888888888888888899$9,949<9D9L9T9\9d9l9t99999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`;;;;;;;;;;;;;;;;;<<<4<<<H<l<<<<<<<<<<<<=,=@=L=T=l=|==========>>>$>,>8>X>d>>>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1111111120282@2H2P2X2`2h2p2x22222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4444444445 5@5H5T5t555555566686X6`6h6p6x66666666777(7H7P7\7|77777778,848<8D8L8T8`88888888889999$9D9L9X9x99999999::(:0:L:l:t:|:::::::::::::;;,;4;<;H;h;p;|;;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|=======>>> >(>0>8>D>d>l>t>|>>>>>>>>>??(?0?<?d????????0(00 0H0l0x0000000000141<1D1L1T1\1d1l1t1|11111111111112(2H2P2X2`2h2p2x222222222383@3H3P3X3`3h3p3x33333333334404P4X4`4h4p4x444444444455,545<5H5h5p5x55555555666$606P6\6|66666666667777(7H7T7t7|7777777778 8(848T8`88888888889(9H9P9X9`9h9p9x9999999999999:$:D:L:X:x:::::::;;;;$;,;4;@;d;;;;;;;;;;;<$<0<P<X<`<l<<<<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`00000001 1@1`1111122(2H2h2222223383X3x333333334484@4D4\4`4|444444444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t222222343T3t333344<4`4x4444455H5t5x55555556H6L6l6666667,7X7p7t77777788H8h88888889,9P9l9p999999:,:0:P:T:p::::::;,;H;h;;;;;;;<4<X<|<<<<== =@=D=d======>,>h>>>>>?,?L?l???????000L0h00000001 1T1X1x1|1111112<2X2\2x222222343L3h3l333333444T4|44444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8888888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|444444444444444444555555555555556666$6,646<6D6L6T6\6d6l6t6999999999999999999`0M*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4444444444"$4445
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
45?5R5Y5_5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
484@4D4\4`4|4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
484@4H4P4X4`4h4p4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
484E4N4f4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4<4D4P4p4x4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4@5H5]5h5"8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4BL;11YYYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4L4R4Z4g4{4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
4PI8;?D1\q7G~MEzaLDD0w ;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
4T<08<t<u!33f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5(50585@5H5P5X5d5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5(50585D5d5l5t5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5(5@5P5T5d5h5l5t5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5+5C5Y5a5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5 5@5H5T5t5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5!5&505<5G5M5\5f5t5y5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5#5*595E5R5v5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5$5,545<5D5L5T5\5d5p5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5$505T5t5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5$585F5d5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5&666@6a6f6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5'535?5K5W5c5o5{5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5(585<5@5D5H5\5`5p5t5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5*5:5X5,6g8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5*696B6W6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5+6>6Q6i6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5,505@5D5T5X5\5d5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5,545<5H5h5p5x5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5,585\5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5/5A5L5f5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
505X6\6`6d6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
54585T5X5x5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
555"@5H5P5X5`5"55555555"0555556")61696A6I6Q6@9"6"66"866"l7$7"J7c7k7"777""p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5555"5555*696B6W666%717777888%8*8B8H8W8]8l8r888888889/9n9u9{99:V::=f====;>>>?HN0l0001514u56,7Q719P;T;X;\;`;d;h;l;=(=:=\=n======>*?@ 0(001V2\223333n4d5l56777B8H8X889?99<<?T00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5555;5D5K5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
59?4(?%?7$=?.3))0B&$%+!DF8> -FCA;GIF89aYYYz{xy~w!,*0^E5N[2O8)<?UW@:=+]&#M19P7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5<5D5P5p5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5<5H5V5]5z5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5>555555556,6;6D666a7o77777888889j::::::;';;;;<"<1<9<e=>> >6>m>>>>>>??
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5?5R5Y5_5578"848V8]88W9u9999u::::;{;;`<v<<<<<<<=>B>?hF1j1}1_222X3d333]555@6N6j6x667+7<77'8=8N88899:::;S;;<<=[>>>8??????p01 1N1R2W244555 5+5C5Y5a555556!6W6c6r6777:;3;k;<<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5@6N6j6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5C6P6Y6y6~6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5Digital ID Class 3 - Microsoft Software Validation v21
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5F6R6`6g6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5lB@l2u\E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5M5Z555555C6P6Y6y6~6666789):;D=0`\000233344y4444455955
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
5w607H7M7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6(646T6\6d6p6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6 6,6L6T6\6d6p6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6!6'60656D6k6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6!6W6c6r6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6,646<6D6L6T6\6d6l6t6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6,646@6`6l6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6,686X6`6h6p6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$606P6\6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6$6M6a6}6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6%6/696C6M6X6\6a6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6%7*7R7w7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6&6+626[6k6v6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(6,6@6D6T6X6`6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(60686@6L6l6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(606=6b6q6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(686<6L6P6T6X6\6d6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(6:6C6\6j6z6?7q7}7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6(6Z*7nE,S& O<A-6.z1br>+nk4pM>!j-,p:q4p<D==\D-,$lr2p"A9K\LqZ4,22L"D4QAU((L7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
6,606H6X6\6`6t6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6,7Q719P;T;X;\;`;d;h;l;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6-696>6p6|6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
607<7R7n7{7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
66$6M6a6}66667r7777778$8)8<8{8888 99:4:9:o:::;;;<x<3=K=|==>+>@>>>>>?*?U?j?????0D00011.11111111;2b222~33333333144444556S666
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
66-696>6p6|6666607<7R7n7{77E8P888888869]9b9w9999Y:l:q::<l<<<===>:>> ?Q?h???u00I1122244,575{5555555566R667I7N7j7777777
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
6616N66666666%7*7R7w777777$899\<<<@S2345555;5D5K5556-6A6G66A7G7`7f708D8e8k8888<9F9n9999
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
686D6d6p6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
686X6`6h6p6x6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6?6H6R6w6
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6A7G7`7f708D8e8k8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6E++E+EjEFEEEPvjp0o9}f3bj,%u3;u3;tptWp0MMQ}PjEWP39h.YEE;tn3ej|VEejVErs4usEji3VVpjejh5VVV9ohyoj$joK<jiP3WEPuEPEPuuF+9E|EWuuvQpEMFEPk3;tQunjp03GMMt|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
6P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6p7t7x7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
6PMu+PVhMUVhXMEUEPEPSE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
6{6/7O7?8h8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7(70787@7H7P7\7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7(747T7\7d7p7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7,7P7p7x7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 7074787@7X7h7l7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7 8-8C8a8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7!7:7R7n7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7!7b7o7{7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7#7(757;7I7W7e7s7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7$7,787\7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7$7,7<7P7\7d7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7$74787H7L7P7T7X7`7x7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7&848B8O8]8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7'737O7[7u7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7(77788>8h888891:<:r:::C;k;;<+<=Z=|=>&>>>>????|000;1V111n23484E4N4f44445o556(6:6C6\6j6z6?7q7}777%8V88888-9J9}99&:5:}::;;&;;;<==K>>?0\0f0q0000:12S222222
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7(7H7P7\7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7(7H7T7t7|7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7,7X7p7t7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
73h39|mQQZv=tKt?+jR+RUERPvuuS_^[]j,F"2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
747@7`7l7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
77!7b7o7{7777778)8U88L9\99-:g:r::::::;%;V;{;;-<;<B<a<<<2=~==0?a?w?????????0D0J0q0v0000000001(131<1M1l111122@2c223=337444.55.6e77)8F8889<::;;<=======#='=+=R=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
77,7>7e7r7z7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7777!7:7R7n778808?8G888888b9r999\:a:k:::::;;,;\;x;;;<>J>>>>>>>>>?!?(?,?0?4?8?<?@?D??????00,03080<0@0a00000000000*1014181<1112222 2$2M2s222222222223333v333333333-44484<4@4D4H4L4P444444@5H5]5h5"8:DR0Y0000A1G1X1n11111-2>22223334[445+828:(>?T123445+667Z7s7788808c8899]9c9999997::;);L;;;;<E<??\F11222B3O3'41445@5o56{6/7O7?8h88O:/;;)<?<<<<=p==,>i>s>>>>?????*0Y0`22K3^3z33333467N7w7777778E:R:::::::::::::::::::;;;;$;0;5;E;J;P;V;l;s;;;;;;;;;;<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
78'828f8l8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
798q8T9b9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7>7*8/8M8b8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7C7X7t7y7
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7eMOuMECuEPEPEPME2t<ejh|uEPEePEnE3(jYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7F7b7o7t78L8S8Y8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
7j"Y3_^[]UEPjuuu8]USVu3W9]u;u9]u3_^[];t};w6j^0SSSSSO9]uU;u}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7n5B1AX5!~XK+>@h zFKMj;GIF89a/$RPSvNr/IQRPv6Pm/l/hl/PRYBS^So0_Uazpx:jTrp1k/w9fiRq/!,/$@*\/#f@0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7P89:-:<C>G>K>O>S>W>[>_>`/0l0012A2N2X2f2o2y22222223S3334(4p444p5|555555556!6'60656D6k6666778N888K9b9s99:V::::;;>>>>>>>??"?6?<?E?X?|?p010?0D0222222222233 3&3+343Q3W3b3g3o3u33333333333334444 8,8_8889:::;;)<>>>>>>>?F??00.1122222222334444455#5*595E5R5v55555566&6J6y66y8888D9g99999::.:>:P:U::::I;~;;;;;;;<$<-<:<`<{<<<<<<<<<<<== =$=(=,=0=4=8=<=@=D=H=N=Y=q==8>d>>>>?u?????=001448
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
7VP3M_^3[D$@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8 8(848T8`8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8 8,8L8T8\8d8p8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8!8%8)8-81858W9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8!909d9k9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8"848V8]8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8(8,848L8P8h8l8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8)8<8{8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8,848<8D8L8T8\8d8l8t8|8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8,848<8D8L8T8\8h8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8,848<8D8L8X8x8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8$8<8L8P8`8d8t8x8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8%8*8B8H8W8]8l8r8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8,848<8D8L8T8`8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8.8D8_8k8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
808@8D8T8X8`8x8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
83898C8R8X8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
848T8\8d8l8t8|8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
849F9a9l9~9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
84Ex9Ex|}`ME4M]hM00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
869]9b9w9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
87777778DX@Z"l8t8|88"$8"h@_8"99$9"G9"0p9"\99"9":::):""PO:Z:e:p:{:::"x":::::;';2;=;""`;;~;t;j;`;;";;;"<"4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
88+8@8n88889999D::::::-;9;>;;;;<H<==>L>b>n>z>#????d0'040I0c0000=11,2;2F2W2]2b22222]55::::::o;.<G<X<}<<<8=E=J=>>#??????H0N0d0r000M1b1112222 464S4^46666z9<<>?%?*?n???.030%112R3g333444I5555566 6666667F7b7o7t7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
88888!8%8)8-81858W9999:S::;;N;_;;;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8888889/999X:^:}::::;=;J;a;{;;;;;;<@<<<=K=====>?>x>>??l222e344
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
888@8L8p8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8>8J8[8g8
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8]u!EtD }#;u|EtvuXSuEjPuWuu4PP+D 6Y6_^[jhB3u3};;uj_8VVVVV@Y39u;t9utE%@tuuuuuEPiEEE;tB3}9ut(9utD 7YUjuuuuu]D$L$L$uD$SD$d$D$[UUSVW3;t];w}j^0WWWWW"_^[]u;u3ff99tAAKu;tfAAFFf;tKu3;uf&j"YSVD$uL$D$3D$A\$T$D$ud$D$r;T$wr;D$vN3^[QL$+YJQL$+Y4UE]U5YtuYt3@]3]U(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8`0F88DlwS9@qH $0<=<q% C,`MQ"P@&01@@")T a, $$@)1@haP7h0F@<Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8A]juYY]UW}3E8t3_U(3ESVuWu}M*EP3SSSSWEPEPEEVP(Eu+u8]tE`pjX/u8]tE`pjEuEu8]tE`p3M_^3[U(3ESVuWu}M)EP3SSSSWEPEPEEVP(Eu+u8]tE`pjX/u8]tE`pjEuEu8]tE`p3M_^3[WVU33D$}GET$D$T$D$}GT$D$T$u(L$D$3D$d$d$GL$T$D$ud$D$r;T$wr;D$vN+D$T$3+D$T$MyOu]^_@s s333jvYUEM%#Vt1W}3;tVV=YYj_VVVVV8v_uPut_=V=YY3^]UhtYMAt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8fME^M UP3GWSL;tP=u#VTVXMt;WMx@MSSM`NEPMECPM@EeME^M@V;t#VTVXMt;OWEE@tP(gMWEPM;tEPME;uEPMPM0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8K9a9m9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8L8S8Y8888888N9X99:;+;2;9;@;G;N;U;\;c;j;q;x;;;;;Q>??????????????a01<1C1J1Q1X1_1f1m1t1{11111112*2/244P4_4444.5a5555-6`6667!7a77748<8Q8888
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8M9T9a9g9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
8M^U(SVuM`u3;u*7SSSSS8]tE`pBFFEPjP4muEPSSVuYPEVP@8]tE`p^[UjueYY]UES3VW;t};wQ7j^0SSSSS<u;u8tBOu;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
8uB;rD$AD$`ySu30yVt&qtD$;sqX;r`B;Qr3^[ILt$@3@UQSVW~3wO}9]t\F;tQLF|Kt:jhwh`rjWtRjFMd}uF4FY;uF;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9 9$9(9,9094989<9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9 9$9(9,949L9\9`9p9t9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9 90949D9H9P9h9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9 9D9d9l9t9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9"949Y9b9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9$9,949<9D9L9T9\9d9l9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9$9,949<9D9L9T9\9d9l9t9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9$9D9L9X9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9%9.949]9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9(9,9<9@9P9T9d9h9x9|9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9(9H9P9X9`9h9p9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9,989X9`9h9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9,9P9l9p9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9/9n9u9{9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
90949L9\9`9d9h9l9t9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
909P9X9`9h9p9x9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
93tRWh(M.;t@EDPexWh``9t[EDsxP:0E\=}\u7EDPexWh`9tEDsxP:h0ME3}`EDsxP:B0MD>hM0/t6EPMEP+uEPD:ME2M0E2EhEh;EXsh+thxf4Kx*up*u!hh74)P:ulTS2r0MM 23@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
94 TUBI->!D2WJSg[`37V]%5
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
989?9F9M9T9[9b9i9p9w9~9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9909T9u997:::::?;V;n;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
99?:i::7;q;;;<f<<<="==1>B>N>Z>f>v>>?#?7?V?u?z????????????
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9;:K:U:_:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9] tAPAP_^[]Ujuuuuuu]UESV3Cut]tS}YtEtjcYvEjAEY#tT=t7=t;ubM{LHM{,2MzMzxxE3tW}DEPQQ$xM]}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]tuEPEPe~uEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]tuEPEPNh~uEP]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]tuEPEPuENhP}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9]~"MEI8t@;uE+H;E}@E;]9] u@E 539]$SSuuPu ;~Cj3Xr7D?=w;tPbY;tE]9]>Wuuuju 5SSWuuuM;Et)9];MuuWuuu;~Ej3Xr9D=w;tjPUaY;t3;tAuVWuuut"SS9]uSSuuuVSu EVBmYu9mEYY]]9]u@E9] u@E u[XYEu3!;E SSMQuPu yXE;t5SSuPuuE;u3~=w8=w;tP?`Y;t3;tuSWsCuWuuuuE;u3%uEuPWu uWu#uWlYuuuuuu9]tu^YE;t9EtP^Ye_^[M3Q2UuMRu(Mu$u uuuuu( }tMapUQQ3ESV3W;u:EP3FVhVt54Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9^ht79^lt2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9AAAlVu;W}E~A;R]Au]Eu]EEAuzEaX_^3V9|t9D$tjt$FPt$F^3VN^(WjdP~0WFFFFFFF jXHu_^VFW3;tPQ~N;tj~9~t~;tPQ>F ;tPv ~ _^VtPQ&^hl1uP83@UQ=|u2eEPhtjjhs,|EtPQ3@3UW39=|u31Vq9>u%WEPVE}}}t>33@^_UQQSV3]9^t=FWUR]PQShjXWPuWE_F;t@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9D$L|9D$L{VtD$tV#EY^V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9F8tN8WYWYN,ttN0<Fu$MWMEWMMEPN0EtW9MM7,N,t%sv0ttW5ju
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9FrFFN$F~rWv$NFQPvE!FF!}AMeMUCE9Er4#ENHPMUsm)EFNFujXB3M!}MeMUCEM9Urm4#MMmM)EFNU;}uFD3VAMuNF9FFfWv$MQMQMQMQvAQPEE$EsWuuuuTvFw(W$YYEuF EFEG+WGEVF4VeWv%GEF EFYYN4EF0M;s+HF,+~E&@EuF EFgjGNjuGM}uvw(W$YYuvw(W$EGMF EFEG+jGEWVF4}uEWVF4N4M9N0t'MN MNMO+OMN4P*jUVVWXZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9h:l:p:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9h`YEE;t3ejh|Es4sjruj3VPLjejhTVVVcjrPMEPEt<M(BEPME@T;uVuPPMEBURPPEPEPEMEE@E3EFVEPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9hLYEE;t3ejh|E^s4sjqu3VVPLjejh%VVjjqPu3URPPEPEPEM;M|E9}99ME;~MEE;E~EEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9K:X:_:o:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
9M}MkW\DE)vEuwdSUY]}}tj9YSUYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9M~39EjX_^j$"Z+t$B;E_'h7%YMetMA3Mt u@uHQDPCEPv<E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9UujX]M#f;ujf;uEu9Utj3]UUDz3U3ukEu9Mt]]Au3@3eEtMeJEtVf!u^;tfEEQQQ$"QEQQ$E]UQ}EUQ}EUQ}EM#M#EEmEUQQMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9Vy#&sJ03@D |<#L@dPtiwl0)#c&@4)?(!l(``E&B`z=AD&*+'L \C)]*m*8T&+$\50
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9}ht(h@M ?9}htNPp;|~"MNMEMENMiMEMENUREP$NURPMT#EPV3#9uXthM3G;9uhMEME{MEoM EcMEWMDEKME?M4E3MM'3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9}u3@ON;tPXh~2YM};t`3vMF*NWWWvq39j%83]9^tMM3@8N;tPX3CMMh1YME;t3MQ]FsvNNSSSvj,&7N tf Nt2MzeMuNPMMz38Vt$tDWN~-S3~SMtjC;|jWjS[j_^V~ tt$N t$PdN`^t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
9~u9~t3@3_^UQeVEPu1FE^D$VtVRY^j89 RMu]}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
: :$:4:8:<:D:\:l:p:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :8:H:L:P:X:p:t:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :@:L:t:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: :D:d:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
: YYYYYYYYYYYT
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:$:,:4:<:D:L:T:\:d:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:$:D:L:X:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:,:<:@:P:T:d:h:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:0:8:@:H:T:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(:0:L:l:t:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:(;-;L;d;v;{;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:*\R,U&)4H(F 8DE!X%GJ"2.1O6
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:,:0:8:P:`:d:t:x:|:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:,:0:P:T:p:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:,:4:<:H:h:p:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:.:>:P:U:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:/::::;;#;C;j;p;v;|;;;;@Xq3333%4b444445*5:5X5,6g89x999/:?::::;r;;<==0>O>n>>?7???P"0700L11<2O2q2222/3U3e3333566>7s7777F8]888888
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:0:8:@:\:d:l:x:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:2v/P+pA/M YdR'<9gqt |`r7S Clc|w\sY K$B'n-?4o<3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:3M&-uwjh<M/ud!Exg~Vuxt4MD+EPEwM+PKh<ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:4:<:D:L:T:\:h:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:4:B:X;;;4<}<<===>7>>>c???100012m222224(4E44555'535?5K5W5c5o5{5555555555566657l777 8-8C8a88888w9999999Q:t:y::::;;);.;y;;;<<'<8<d<<<=/=F===t>>9????XK00021s1112233556i667D7777T88(999\::;;;<<<L==T>>??0<001+1I111T22B33(494`44444(5555L6n66666G7S7\7777778>8J8[8g88888~999:/:::;I;Z;;;;;;;;;<1<:<@<V<g<=======8>H>>>>> ?;?m? Z1x1111)2O2k22222]3b3z3333\4a44444455555555&666@6a6f666666677,7>7e7r7z777778P88888849F9a9l9~99999::9:D:l:z:;;5;v;~;;;;<G<L<w<<<==B=G======>.>V>f>>>>>>I?T?????00"0@0E0c0w0000E1i1n11111122
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:9:D:l:z:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
::1:A:[::g;;H<[<j<s<<<=d===??&?5?B?\?c?w????????0!0;0O0011,1@1h1=2F2x2222133N5}5555556#6966667x77798q8T9b999999<:L:::;-;[;;;<5<R<<?==[>b>?L?^?n????0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:\:b::::::;";r;};;;;V=g=o=u=z====>>*>6>C>J>>>>?.?=?B?c?h???????????PL0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:d=h=p=t=x=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
:DX}'e}:H!w"TQ:eg,epE6` 0vXaVX@uEX}@ *!A%zGp@7f9p|#*HL6dX 0<8$8@*j#RXbFsOd/ 5%+L1k&lbF|b!h <$DJ'C1fB kx1*+F(DK'&1O!$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
:o;.<G<X<}<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; ;$;,;D;T;X;h;l;t;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; ;(;@;P;T;X;l;p;x;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; ;@;H;P;\;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
; return false;'
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
;#;C;j;p;v;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;,;4;<;D;L;T;`;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;,;4;@;d;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;,;P;d;l;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$;0;5;E;J;P;V;l;s;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;$SSE(PM3;MbMH;hxgEL;u*MEM]MM(TM]TLuTMf;tv;~kML<`MLjh|h\NjMLVd;t>jWhlMPWE8PyjE8Ph`ElM8EETMKL9ETeu`MH3F_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;%;F;K;e;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;&;/;L;i;y;~;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;(;,;0;8;P;T;l;p;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;+;2;9;@;G;N;U;\;c;j;q;x;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;+=/=3=7=;=?=C=G=K=]>w>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;+Eu}yJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}5NNEyJBjY+3B\MT|u@|fjY#yNFe3+BL1<;r;sE9MtLr3;rs3G1HyM!E@}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;, )_9kkkk9
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;,;0;@;D;T;X;h;l;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;,;4;<;H;h;p;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;,;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;-<;<B<a<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;.<4<k<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;0;8;@;D;L;`;h;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;0;[;;;<<=S===9>d>>>?@?c????|$0W000
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;4;<;D;L;T;\;d;l;t;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;4;<;H;h;p;|;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;9}ulPP:Y_:9}thquFVSj54 uV9t4VO YtvV? Y:3:|u{:PP+:YUSVuF3u@t9FW>+~,WPVYP;uFyFN _Ff^[]UVuuV5Y/V|YtF@tVPJYY3^]jhA3}}jtY}3u;5`P98t^@tVPVYY3BUPHt/9UuPJYtE9}utP/YuE}F3uP4VYYE}EtEj[sYjhB39uuV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;;<x<3=K=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;<F<K<_</=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;=;J;a;{;
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;AuVt$Wu3@$tHu{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;E~E9tEEE+E3Mu2
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;F<uQ9^(uLh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;GIF89a'!',i)Q2PP,:B&VkQ(m]NCP}9A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;H<[<j<s<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;kkkkkbBAd6I"ZkkkkkkkK
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;M\M\PM4ohHM8tPPzPM\EuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;MM:MMEMEEPhM'2PVM)MEmMESj,OeuEP3CM]2tMeEP@]M-1MEMEMEEPhM|1PVMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;r;sE}_tfm@@M}GGEM}f~7}x+EMeE?EffMf}BEtEM}UmMH}Mu9EtfMf9MwMu4}u+e}uef9MufEFfEEEf;r#33f9EEEIM;fEufEEEEEfu3feH%eEEUE}ft2+3ff9EB$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;r;sE}FtfEmM}EFFEM}f~;Eu-EMeEEEffMf}BEtEMuUmMHuMu9EtfMf9MwMu4}u+e}uef9MufEGfEEEf;33f9EEEIM3;{M?f;E3UUUUU3##4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;rPuuct6+xwuuuYYujHPL3X8u;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t1C6VP*Y_^VD$tV5*Y^VW|$u~;wPt3_^UQeQMEUQeQMEUQe,QMEVjD$FhU^VhU+D$tVq)Y^jBT(u=eNpUfff(jk(upUN3@EtPfNEM=(VD$tV(Y^UQe}VEPuUt}^f^FEF^UQe}VEPuUtc^L^FEF^je]tt$t$r3jG]tt$t$3|$Vu3#)jt$FYYH`3^VFtPvf^USVWuEPu3;SuE;SuP;ujF;tP;thuSPF:EPWv}$u=WuYFEYPQF;tHx;u3@'N;tj~vv~3_^[]VvxUq\D$tV[^U``Ujlt%uUeMU}"&UQeVEPvD\tFjF[tvMxUHp3^VU'D$tV%Y^V]D$tV%Y^jl$u~U;3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t3MEPh@Vh$9ShsMEMEMEM EMEMDEMEM4EMM3@wj$MutU~tOMXeMLNUREPMEPV#u"ME=MM139uMEPEPMEMMj.!j/YM3u;tuM)Vj83+=sCPhhjFM$euWM\MPMKMPM:EPjhMEEPEPEPjNPEMEEPMM#AVpWt$Ntv6~!t_^T$BV0r0~!uVrpI^;QuAJ;uABT$Vp2p~!uVrpI^;QuAJ;QuAPBAVpWt$Ntv6~t_^T$BV0r0~uVrpI^;QuAJ;uABT$Vp2p~uVrpI^;QuAJ;QuAPBSV39uF8X!t@F8X!t<^[8Y!uA8X!tNN;uF@8X!tN8Y!uF^[D$V&W|$Fu_^UEVuEFENFEF F!^]VND$tVY^jjj8eYYuuEtuuuuumCujYjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;t8EM;tzEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;tEEPEURPEQ ;t(EP;tMMunEPQuMwEP;t3CVL$nt3t$L$lL$PlPf^|$Vu3t$L$lPt$;^tjT$3HHPHjBuveYD$;Ar3ID$;Ar3IT$AT$;s"Vt$;sAW:A<_^T$VF;r3"N+W9PAPQN_^VFL$;rAVW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;tPQMEuEE;tPQEPEE;tPQEE;EEE;tPQEE;tPQE;EtPQM;tMMgqV~pt/W~P ttPj_3^j2>NF<;Euj~P 3;t9tPSjXfEEdF<];tSURSj?PMEPuu3UW}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;tSMMTETPEMTv;M<WETPE<PEM<Wv;ME<PEPEM,v;tVMM,EE,PEPE;tE,PEPEPM,EzMEMEM<EMT]MMMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;tu]}EPEPM3;t,C+CMPuMEEE<EEVPuM9utMMM39D$tPjjP"VR $3@30X,LP^Vt$Lt^QL$D$Pj}U-L3]9]$9](} t E+ESPE+EPuuv|MPMhME9DtM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;u0u,hdqCjP3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;u3PblUM0]&t3!VEPh\tj3Vhlt,t3^MWE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;v+A;MXrEx3B4UXeUtU@XE0Ex0E@t0u<}0tELE%M$MJU$++|ElM0E 9EH$3EHM\*E%E|ED;rE$7;E`s=`M$+E`MhPM$Md<EDMHE<3+F;EXsM0U$y;EXr3Mu<3@3u33@u<H#E@;Lt+]L3FHN#u<;tuE@9U8/EHE,EHE;E49Ut}4tjjX3[_^PUQeVujjv(V EujXWSPEPuuujjjjuI(uFLtE8u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
;V=g=o=u=z=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
;YUOY_YY_,(O(2YY2 |SysPagerTrayNotifyWndShell_TrayWndSTATICEB m_WM_MESAGE_FROM_SYSTEM_TRAY4"App to Open guid: %sAppGuidnameparamsOpenAppCNotificationsFeed::ParseClickActionAction name: %s, FallBackUrl: %sfallback_urlactionMY_XML<XML>MY_XML</XML>click_actionDynamicDialogs4!ServicesIntervalSecErrorCountLastRequestTimeLastResponseTime.txt.zip.eb.ERROR_REPLYComIdtoolbarInprocServer32CLSIDIE_TB_IE_TB_CTEB_TB_NAMEAUTOUPDATEAutoTypeSoftware\EB_TB_NAME\toolbar\settingsSoftware\EB_TB_NAME\toolbar\settings\Updatehttp://hosting.conduit.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/update.xmlhttp://hosting.eb.com/Alertupdate/tbedrs.dllhttp://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.comhttp://services.eb.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.qatoolbar.comDllOnUpdateFinish.dllPATHEB_CTIDtbedrs.dll|K;FFJ_DCMC"DJ\M?:/-hencoding=xml ?><?IEIsProtectedModeProcessieframe.dllChangeWindowMessageFilteruser32.dllfirefoxCSecurityAttributes::GetLowIntegritySecurityAttributescatching exceptionS:(ML;;NW;;;LW)#SetLayeredWindowAttributesTrayNotifyWndShell_TrayWndhttp://?-I+I-U+U-B+BUTF-8@q'M>mmmmTr*rp~~lwx;xxxxxx(("zYmDyxymyyusUB)xBxxmG]6fPEI m_WM_GENERAL_EVENTEI m_WM_SINGLETON_EVENTShell.Explorer=;ypDdxl}hXf:^BwDQ0Rnv\ohhA'[hpYhH&1hhhhhhxehh0ffOEP04P0P0P0buttonfacenonealpha(opacity=Y@pv0\XHb:nv4DohhA &hpYh1hhhhhhxlhhNJ5ffNh^BCWebBrowserDispatcher::ConnectAllHtmlEventsConnecting to Window Eventsres://CWebBrowserDispatcher::KillRefreshCheckerTimerCWebBrowserDispatcher::TimerProcidEvent: %d ,pSeed: %d CWebBrowserDispatcher::OnBeforeNavigatepWeb: %d , URL: %sCWebBrowserDispatcher::OnDocumentCompleteCWebBrowserDispatcher::DisconnectAllHtmlEventsCWebBrowserDispatcher::SetRefreshCheckerTimerEB_TimeStamp=Pragma:no-cacheCWebBrowserDispatcher::OnRefreshCheckTimerReady state: %dzlRNhDelementy8'M>x0h^%SOFTWARE\Microsoft\Windows NT\CurrentVersionCurrentVersionSHGetKnownFolderPathshell32.dllSoftware\Microsoft\Windows\CurrentVersion\Authentication\LogonUILastLoggedOnUserProfileImagePathSoftware\Microsoft\Windows NT\CurrentVersion\ProfileListIEGetWriteableHKCUSoftware\AppDataLowAppData\LocalLowwa+THREADID@LoggerWnd@@ExtraData@@TickCount@@ThreadFile@@DebugOnly@,.;:|*&/\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
< 2KG(*"Y;[!FAUS@
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <(<0<8<D<h<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
< <(<@<P<T<d<h<p<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<"<1<9<e=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<#=.=\=j=s=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<$<-<:<`<{<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<$<0<P<X<`<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<$<4<`<h<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<)=7===U=p=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<+t(<-t$:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<,<0<@<D<H<P<h<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<,<4<<<D<L<T<\<d<l<t<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<.<5<I<P<h<y<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
</alert_result>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</assembly>l*021R1X1111+262F2z22223s33_4x4455557788,9<999:=:k:::;0;@;;;5<g<<<==? D0-0;00n1k2v22233(333E4U444M555C99:;u<????0X0000z23(333334445S678889t9:::L;<<==>a>n>>\?u????@)0T000000@1C222333}334424e4444575555T66607J7U788*9b999K:X:_:o::;a;;#<`<<<:=O===2>m>>>>>??P000f11111172]22i3x3333"4=4T4s4444444F6777V8[88899::d::8;;;;.<5<<<=T===>>U>>>J????`%0V12=2O2q22222!33333344,5A5U5u5555L66666677'737O7[7u7777778]88*9n9z99999I:d:;;<Q<<<=\=m====='>o>>>?`????p 0]0|0051_11111
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</author>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</feed_id>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</KEY_ID>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</LANGUAGE_PACK>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</LOCALE>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</requestedPrivileges>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</script></head>); moveNextwindow.external.);
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</security>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
</TRANSLATED_KEY>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</TRANSLATED_KEYS>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</TRANSLATION>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
</trustInfo>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<0<4<L<P<h<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<0<8<@<H<P<X<`<h<p<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<0<c<<<<P===!>D>_>>>>?G?j???@x0B0m001t1111-2R2222313}333G445F555-6X66!7q777q8@99:;;<<<=m===>O>}>>>?+?N?q???P0I0w0<1i111122%3`334;4`44445A5d55555+66666-7^7777858h888949g9990:c:::;(;K;z;;;A<<<<Q===>2>M>p>>>>+?V??`@0O000(1K111 2S2223C3|334#4g4445P5s5556G6j6667f7778D8g8889w9999:Z::::-;X;{;;;;"<E<h<<<<<<<<<<<==="=.=9=?=J=P=[=a=l=r=}================>>>>'>->8>>>I>O>Z>`>k>q>|>>>>>>>>>>>>>>>>?
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<1<:<@<V<g<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<1<C<U<g<y<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<3=Y=a=l=s=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<4<8<P<`<d<h<l<p<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<4<<<H<l<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<4_.hhhhh f
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<8<@<L<l<t<|<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<"====&=.=6=Y=a=i="="0"===========
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<<.<5<I<P<h<y<<<<<<<<<<<<=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<<1<C<U<g<y<<<<<??e??@,0u000-11::;<<<<<=6>?Px00122s4444444455555588.99x;;;`<d<h<l<p<t<x<|<<<<="=o=>???????????????`h@5555b6w66888*91999:[::$;R;p;;;;;;;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<<<<<<<<<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<<<<<<<<',.-$*<<<<<<<<<<<8''
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<<<<<<<<<<<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<<<Obsolete>>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<<<w<<<<<<<<3=Y=a=l=s======>>>>>>3?H?X???????`0030:0^00000001131<1Y1W2223,3:3C3l3333333%4Q4Z4l4444445,55566b66666667D7K77777778M8:::::7<<<=+=======O>_>d>|>????p0!030M0b0l0~00000000142J2_23355555e66666667)777788(8.8i8888%9>9G99:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"> <security> <requestedPrivileges> <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel> </requestedPrivileges> </security> </trustInfo></assembly>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<`<q<<<#=.=\=j=s==='>4>\>>>>?!?)?6?T?^?g?r??????j00%1R111R2Y222/3444"4'474f4t4445
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<`chhhhhGD?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<alert_result>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<ALERT_XML><TYPE>ALERT_USAGE</TYPE><MESSAGE><VERSION></VERSION><TYPE></TYPE><DATA></DATA></MESSAGE></ALERT_XML>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<base href="file://%s" />
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<C>G>K>O>S>W>[>_>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<F<K<_</==>|>>,?1?U?Z?t????????pS00011111111Q222222233)313A3J33333333?4L4s4z4425y555555+6>6Q6i6666667=7\7v7778B8Q88888K9a9m9x99999999999:K::::::: ;1;H;;;;<G<s<}<<<<<<<#=7=J===
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<feed_id>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<LANGUAGE_PACK>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<program name unknown>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<PROTOCOL_ID>%s</PROTOCOL_ID>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<qPA' %hWo fa^)"=Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<requestedPrivileges>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<S<_<k<z<z=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
<script type="text/javascript">function
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<security>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<TRANSLATED_KEY>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<TRANSLATED_KEYS>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<TRANSLATION>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<XML>MY_XML</XML>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( f{yK"~~2w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( pwpf]n2'
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYh( ~n\&xm{ra0\v}r%7h'e;jbkrgp\]e!} jep\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
= =$=(=,=0=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=(=,=0=4=8=<=@=D=H=N=Y=q=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =$=,=D=T=X=h=l=p=t=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =(=0=8=@=H=P=\=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =*=1=I=X=_=l=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
= =@=D=d=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
="=.=9=?=J=P=[=a=l=r=}=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
="=:=W=t=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=#='=+=R=>Y>}>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=$=,=4=<=D=L=X=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=$=,=4=@=`=h=p=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=$=0=P=\=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=(=:=\=n=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=)=9=I=P=W=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=,=4=@=`=h=p=t=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=,=@=L=T=l=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=0=8=D=d=l=x=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=0=@=D=H=P=h=l=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=0VuX_Mp^3[:Stj0,9X}3;u3u9uSf#ujjEPQjjEP]?jjEPE,jSMEgP=jSMEPP&jSME9PMMMEM]MM3@XhR9WD 3DurD;uM3PXVu;uMDVuDu=j[3W3MuUPuMMWtPM#P3FjVuEeVMWU(VWjEPjY3}EPRE(Eu_^USVWujj}5SWjuEuWuuWuWS_^[]D$tH;}PU}Vt uu<t}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=1>B>N>Z>f>v>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=3=?=L=Y=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=4=D=H=X=\=`=h=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=4=D=H=X=\=d=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=8=@=L=l=t=|=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=;}$k~\d9=B;|]~d=uFd^=uFdN=uFd>=uFd.=uFd=uFd=uFdvdjY~d`QEYF`[_^Ucsm9Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=<=H=P=h=t=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
== =*=1=I=X=_=l====
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
===;>W>>>>>>>??L????0&0/070=0M0Y0b0h0x000000000011%1K1X1111122*22#3533445K555566k6667d777!8l88888899%9899
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=?>E>K>P>^>q>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=[;V)MY-NSPIT*AD(^H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=Ah8]SWKt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=O>_>d>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
=t33@e%eUEeU8U3EESV3WEN@0pp9uFX}<H}e]<0PH;r;sE389]tr;rs3CptAHHU3;r;s3FXt@MHe?<PUxX4U;r;sE}0tO3;rs3BHtCXME}3&HPEH9ptXu00xE04?HpHtfMfH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=t33@eeEEjU3SEEESX5 PZ+tQ3E]UMUE[Et\t3@3[3UVuM3uPeFPoYuPYxuFFMFFu^8MtE`pUVuMEut:t@u@t6etEt@uH80tS:[uH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=tu$tf5xT5P5h5X5H58;Mteh5YPtHhjYYt4V5P5_YtjVyYYDN3@$3_^UVW3uYu'9vV|;vu_^]UVW3juulu'9vV|;vu_^]UVW3uuYYu,9Et'9vV|;vu_^]jh C3]3;;uWWWWWS=|u8jMY}SEMYE;tsuuE%9}uSW543]ujKYUWW|u0`wt_]Ueu5Xdh]UhXW0thHWP<tu]UuYujLYj<KYUVt;ur^]UVu3ut;ur^]U=VthV!Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=xuM%:PC^ujPEPMjh1E=t9P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
=|PvFjtCvv9N tWtN WPN`tWtN`WP_^jh3EjHt\HM?veEPMEePEMEsMMv~t3@NtPXh,YMEtf3vMF0Njjjvt:MuME3QMMMfu32jhX139^`NM)u]3}M]KEPMER;,PMPjhhM%EPEPMEMME)MMEM6FdM;twEPyu3j .+YME;tjv3PS5(v-h*YME;tWEPEP3F`ME8MEhM]&>MMs[1j.v0f`6j {*YMetjTu3Pj5(v1j('03]9]tEMj5M]EPMEIM]j59]t!MoEPMEE"MNEPMEEEEteM?E]tM.MM5,0VD$tVF0Y^D$Vt6y@u0I t%pt"vVRVp9V0Y33@^I Vt'D$pu3@Vp8V/Y3^VN`tjvjv*^j\.}u~MqeMRuVW/YMj5MEEPMEKMEtV/Y"ME~ENURPNPleEPMD4PMMt9NEMUMPSMtjejj'YEEtNPtMPEP3PMEEPS}`u}tVEO`tVAuV-YMEMEMM)p-D$Vt"~@u@N$PRtP33@^j)t,ME3;9Y@x;9Y9Yh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >(>0>8>@>H>P>\>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >(>0>8>@>H>P>X>`>l>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >(>0>8>D>d>l>t>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >0>4>8><>D>\>`>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>$>,>8>X>d>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>$>??)?a?n?????'07000002)2I2^2t22223#3333333333
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>$>H>h>p>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>'>->8>>>I>O>Z>`>k>q>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>(>,>D>H>`>d>|>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>*>6>C>J>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>+>8>G>X>y>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>,>0>@>D>L>d>t>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>,>8>X>`>l>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>,?1?U?Z?t?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>/?;?R?a?j?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>5>B>U>t>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>8>@>H>P>X>`>h>p>x>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>8>@>H>T>t>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>:>@>\>t>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
><>D>L>T>\>d>p>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>>"?%?-?"4P?"ps?"???""(?????@tP"`@ @(@K@S@"v@@@@""\@@@@@@@A"(A0A8ACAKAUA}A"AA"AA"PABB"6B"[BcBkB"BBB"(BBB"dB"C":CSC[CcC"CC"<CCCC"p"DCD%D-D"$XDPDqDyDDDDDD"DDDDDDE$E,E"" OEhEpExEEEEEE"`@"EEEFFF6F>F"aFiFqF{F"H"FFFFFFFFG"*G2G:GBGJGzGG"D"GGGGG"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>>:>@>\>t>>?7?A?y??????? 00 0.090@0[0`0h0n0u0{000000000000000000111#1(13181E1S1Y1f1111111'202<2u2~22223$3Q3Z333333394A4T4_4d4t4~4444444444
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>>=>V>>>F?O?U??p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>`>p>1?K?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>faarheeUSE SYSTEM CHARSETB)$Bxxwm "EB m_WM_MESAGE_FROM_STATIC_BUTTONCRYPMSCF$\%''4'A'X'FDIDestroyFDIIsCabinetFDICopyFDICreateCabinet.dllincompatible versionbuffer errorinsufficient memorydata errorstream errorfile errorstream endneed dictionary`4T4H484,4443?? unzip 0.15 Copyright 1998 Gilles Vollant `PTsRp0P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>L>b>n>z>#?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>lME2lME&ludMh;tUMl;\ERtAtjjM`XVhx*P1up=ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>openiexplore...EB m_WM_MESAGE_FROM_VIEW_RECENT_WINDOW4G6fHCAutoUpdateThread::ThreadFuncAutoUpdateexception caught.DllRegisterServer`vhSDeleteNoRemoveForceRemoveValBDMS{1D3B35E5-93C0-490d-90CA-153E78A17FF2}INSTANT_ALERT_RESULT_FORCE_HANDLEINSTANT_ALERT_RESULT_TRY_TO_HANDLEINSTANT_ALERT_RESULT_HANDLEMessage not found. Message type: %d, Message Id: %dApp Exists reply, MessageId: %dNumber of params is different from 1No Dspid paramsCConduitAlert::OnPendingNotificationReplyH}`Z$=H<ui';Z>CConduitAlert::RunAlert\:4u<ALERT_XML><TYPE>ALERT_USAGE</TYPE><MESSAGE><VERSION></VERSION><TYPE></TYPE><DATA></DATA></MESSAGE></ALERT_XML>typevaluekeydataTYPE8}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>uf93u >jEPhCPuWSEEEu(YUj@uu(]=HC\$D$%=u<$f$ffd$~D$f(Vf(f(fs4f~fTVfftL=|}f=2fL$D$f.{$T$T$T$$D$~D$ff(f=|%=2fTVXfL$D$VfVfTVf\$D$jhAK]uurYuuSY=|3}jwY}SwYE;;5lwIVSP|t]5V\YE;t'CH;rPSuIS[wESPw9}uH;u3FuuVW54$E;t CH;rPSuSu4wE.}u1uFuVSj54 u]juY}9=t,V Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>UVvu32EPv@tEtM+MEtM+M3@^D$Pq0jXf<~xu3PePeejh|*NxM4=VD$tVP=Y^UQV{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
>X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
>Y>}>>>>>?)???0.0@0Z0x00"11111I45:6J6Q6X6_6f6m6t6{66666666677N7}7778I8|888989?9F9M9T9[9b9i9p9w9~999999:6:2;a;;P<r<<<==2>p>>>>>>0?T?????x(0=0L0c0w0000B1G1S1X1d1 2<2A2j2222233-4Z444444455I66677P78889^99R:;<W<w<<x==%?@???;0K000001I1e11111222444^5g5m556
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
? ?(?0?<?\?d?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
? ?0?4?<?T?d?h?x?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?!?(?,?0?4?8?<?@?D?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?!?)?6?T?^?g?r?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?#?7?V?u?z?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?$?(?@?D?\?l?p?t?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?$?<?L?P?`?d?h?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?$?D?L?T?\?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?&?,?7?=?H?P?U?_?k?v?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?&?5?B?\?c?w?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?(?0?8?@?H?T?t?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?(?0?<?d?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?,?0?D?H?X?\?`?d?h?l?t?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?,?4?<?D?L?\?p?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?,?8?<?@?D?H?P?T?`?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?.?=?B?c?h?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?4?<?D?L?T?\?d?p?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?<?\?d?l?t?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?<?D?L?T?\?d?l?x?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
?<?H?h?t?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
??"?6?<?E?X?|?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
??0???z?????0J0Z001p11112223+3m3364U4l4445/5A5L5f5566)666z778M9T9a9g9t99P:v:|:::::::6;U;_;;;;+=/=3=7=;=?=C=G=K=]>w>>i??0/0_0011b1112q2222333$373S3344F4R444445$585F5d556_6x6666677=7778'8v888888h9x999994:D:X::;%;F;K;e;;;;;U<<<=A====>^>>?Z? 4011W1i11112+2o2222393^3304F4455.67)7f77888889999Q:]:::::.;;;;E<<<<<<.====%>>>>>>>6?0d0000 1'1:1l11N2233!3n33744:555Z67Y8999999
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
???&?,?7?=?H?P?U?_?k?v?|??????????????pt0000%0+060<0G0M0X0^0i0o0z00000000000000001111$1*151;1F1L1W1]1h1n1y11111111111111112222#2)242:2E2K2V2\2g2m2x2~2222222222222223333"3(33393C3O3Z3`3j3v33333333333333334
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
???0T0+7C77777&848B8O8]8888839j99:.;;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?E8ETE,K$sjuDeTt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?j,Qu40Tt,@8P@8ul@t-j^9@u''0?@'Y1(D@t48u3$'' 8+0_[M3^RjhPB?Euo' T'3;|;r!F'8,'WWWWWL1tPY}D0tuuu.E&&8MEEu6YUVuWV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?kkkkkkkf/$&c.kkkkkkHT1PG`8kkkkk%DQ;, )_9kkkk95^2:`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?LV=Q3#M90+[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?Zd;On?,eX?#GG?@il7?3=Bz?aw?/L[M?S;uD?g9E?$#;1az?aUY~S|_?/D?$?9'*?}d|FU>c{#Tw=:zc%C1<!8G;X;EBu7.:3q#2IZ9W2hRDY,%I-64OSk%Y}ZW<P"NKeb}-
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
?{0?->6?4)?#?8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ Aft#x}u}jPuujxu#!rXxtR99u2yr,9Yv'QRtu$Vu uPuuuQ u uu$PuuuQ 3@_^[]jhD@xte3@eEM@|tjhD5Yte3@eE}h3lYUSQEEEUuMm}sVW_^]MUuQ[s]Y[UE3;tA-rHwj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@'S\$VhrSt$YYttB<hrSYYtt%hrSYYtt3?t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@8u@8u+@PEY;uVEuVW~V_^[VW;st;r_^VW;st;r_^U39EjhP4u]3@|]=|uWS39dW=L~3V5hhjv6j54C;d|^5hj54_[54%4UeeSWN@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@8~)f8fxjpM]Q3f9X]MMME"KEPEePETM =M;E]~uuMK;tYMJEPVME!M[3;~$VMJ;t39]QPMF;|MEPEE;E|9]uEPM[MEOM]0MMJ3Wj-ueNif8f<Mj-huF<etPf<NAM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@9E19E"9ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@9U6G8F1MYYYYYY>
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
@:^/2B(.|uBV|j3B"_3B&)2B21ECA;GIF89a$!,$`$$Uq,#%;GIF89aR!,R6#zU%gN!'KOQD@h2biXX~;GIF89a/$zyzz{yzzzzyz{y{{{}~z~yyzzy!,/$@*\#FO&#DBIRhP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@@AAL$u3f;@D$Pt$D$Pt$uD$Pt$D$Pt$UuuuuE]UuuuuE]UuuuuE]UuuuugE]jQ=uN"eN"N$E"N4E"NDEYjQuNDE/N4E{+N$Eo+NEc+MNW+ajd|39]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@@t%Pjv@^VqW~,S3~StPhC;|jWj[_^D$VjjjjPvHdtPN^D$-t+Ht!HtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@@t%PjV^hP0h$P<uh{9eSu}3hPfP]hPVjh@XeP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@B:tOtMu9]u;u}uEjP\Xx06j"YUQeS]u3Wru{vnMEtR:QuMPt<:Qu7Pt&:Qu!Pt:QuE9}r?@IF@I<@I2@I(MEt:u@AE9]r3_[+UUVujXEU;uY5 >5S3;|;5r'/55SSSSSQW<Hu44jwP];9]t7@$EHjYtHutUEEu!}4c4SSSSS4M;rEuK!YE;u+434hjSSuD(ET,AHttI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Bu}^tE`pUEAz3@]3]UQQ}uutEPQoMEMHEPoEMUjuuu]VtVU@PVV:^UjueYY]UjuYY]USVWuM}3;u+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@D@DDrH+j,PSHP4TB,8;:<+4;EL D9MM(D<+4H;MsFDDAAf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@DebugOnly@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@d~tW3f9uB|jpMLejpMLME?t!WMEFMMFEPEP3VFNtFh>fF^VD$tVY^UEwy$u MjuM2]u MzPuMCuM6uM)M@uMuM'@]$q~Vh`D$ffF^V|D$tVY^VhD$ffF^V2D$tVxY^VhD$ffF^AVD$tV*Y^j*.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ExtraData@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@F^]Uf9MSuMTMQ3;uEHfw aVf9u^s)EPju-Et9MfqMjQjMQPREP EtE8]tMap[Uju<YY]Uf9MSuMEH3;uEHfwaf9Us)EPjuiEt=MfpEjPjEPhQEP EtE8]tMap[Uju<YY]USV33W9u];u"]]VVVVV};tuME9pu?fArfZw fArfZw CCGGMtBft=f;t6EPPEPPCCGGMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@h(#g@iXmp{|}~0H`x 8Ph(@Xpz0H`x 0@P`p 0@P`p 0@P`p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@j%?ute_FDt4eMQP$t}ujvDHvDXfDMNY?SVF<W3;tPtv<Wv,WWWWWWWhhWPF<t=Vjv<h%xjv<3@_^[jlEM>hw(IY3S]8;uEM;t[MrEPM]MEjjEPEPME]D5(=EE}t{EPjSSSEPuhjSEPjtuv<t=Sh5(v<5}tEPESSSEPuuTuX9]t<MEM]MMy3=VD$tV=Y^ji<FPMW39F0u#MN,N4QPVh{PP(F0FDMMW3@f=j<u^$S3ND}SME~`~d~~~ ~~MEFj~@PNDjPjX'6YEE;tN3MFEi<VNt;h9Nh,NhNhNjdc^jd;MMeM~EPMEM0eEuEPMLjEN5YEEtMQ3Et5u}D7SMPjMEEE;EqME#~MM};VW|$;~u3@)~ tN WuN`t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@JVuh,sVsYYtEHhsVnsYYtEHhlsVJsYYtEHh\sV&sYYuhsVsYYtEHhsVrYYtEttHqhLsVrYYtE[hsVrYYtEt?H<hsVrYYtEt"H$hrVrYYtEtH 3PQ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@LoggerWnd@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@ME8M0hM@|5t5EPME?1uE^xP4@5M>hM@65t6EPME0uEP?MEU8M@}J8EpEp;E\^h0thx:Nx0uN0u!hh9Q/P?]dTV62stjE`E`;EP33@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@PR,WUVu~wW3@3f8UURP0|}It3f^]UVu~wW3@3f8UURP4|}It3f^]UQQES3V;9^@u9^DURP]QHE;URhr]P9]9^@tCWjY;tX3WhrutWND/;tWY_9^DtYE;F<uQ9^(uLhhpjQEUR]P|!9]tF$PhruEPQEPQEPQ^[UQ}u3eVuW3uq<tk9}u,MQVP|uf}tQMQV|}u:MQVPH|,Et%uhrPu3GEtPQ3_^UQy<tA<URP|E3UQVuEj3Pu'tBE;t;URuP|9utuMFuEPQ3^UQQVW39}to9y<tjA<UR}}PQH;|QE;tURhrPE;tPQ;|)E;t"uVPQ$|9>t3GEPQ3_^UVuu@9h|ruKfYYtMtA3Q3Vuu!^]UVF<W3;UR}PQH|zE;tsURhr}P|UE;tNUR}PE;t.}S]RRP|^P~TEPQ[EPQEPQ_^Vt$t3&jhquPh_@@^j>5F<t(PMmvle\VMMM]Vt6W?t)h|hjN7_^UQeWEPu0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@RfIr1#Ax$S;ATA1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@Rsvu`L2i]18E Px`ShX87Qc?ExQm>W3Y$:O.)D,4qz')Z^J2VF+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@ThreadFile@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@tI?uDhM7u3EPMh MEEMtjME^MERMMFN"j#Xg!EMEzueM#uuMM'"MVtMQu j0|%!EHw?}t9MpeEuP|uMM3!MPMQMQEPTu/}tMEGuEPtMujh@M}Ev,uEPuMEMQMQPLMEMEMMj VXuM2zeVM{EP0EPME{Mj/j\%MHPM5f/t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@TickCount@
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
@u@]3]UVeu;ueN^]dH;txu^]&zNHUeM3MEEEE@EMEdEEduQu"zEdPd5D$+d$SVW(3PuEEdPd5D$+d$SVW(3PeuEEdPd5D$+d$SVW(3PEuEEdPd5D$+d$SVW(3PEeuEEdMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@uE#E#;uPEjY]M3yjZttttt#t$= t=@t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@USVW}]3tjZttt tt#t$=t=t;u#tut}M##E;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@|33}jXeVu}5NN]EyJB|j3Y+@MET|u@|njY#yNFe+3BL1u19ur"9Ut+eLru;rsEHUMyMM!E@}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
@~3f99YB|WpMNWpM]NWp(MEMME@umM@uauEPEPM]M?6EjEPM7?PuMEGM]GM}G'MEGM]GM}GWj .uu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[:&.;GIF89a]}|~Gt!],]]9VTM7B;-<]QK'A]>L5/I=S3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[<J hhhhhhY%$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[[t[P[$[ZZZTZ,ZZY pY!xX"WxWyWzWWWx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[f<<f<r3VVhU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[f@@<<f@@<rH+j,PSHP4Tb,8;ZD+4;E?@9M|D<+4jH^;Ms<DDf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[G$"f}`/s(keb7W70{d{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[MEEPuE;EtPQE;]tPQEM;tPQ3#jq="3]EPNP];|_9]tZuM9]t:;tFX3PMEVURSPE|EPE];tPQEM;tPQ"j="t6PMEetPQEjPQEMtPQ"L$3Vt&^Vt$t$Nk3^jT>v!39]uD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
[MS}0f0fVYSY[0fF0fV00fFfV3_^UE}]USWuME}3;t8;u+dNSSSSS8]tE`p39]t}|}$V7]7GGEPjVuf-uMf+u7GG9]u3VYtE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
\h@;t*hW<;tMQ;uE;tW86Ul$3j`EM3}]Tu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
\InprocServer32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
\StringFileInfo\%04X%04X\%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
\X\|[SUVt$3W;.F;#9|$j_u|$\$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]$_FNHFFAFHt(FNH;Hv(FtNFNHFF@Aj3]t\$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
](FWVppuF(F`uFHQVp]FxtFNHFFAFFHFFFHF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
])F\N9 \$Oj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]3;u/[VVVVV;}tE`pW};u/`[VVVVV}tE`pE9pu:fArfZw fArfZw CCGGft8f;t1MQPMQCPCGGftf;t+}tMap_^[UV3W95Tuo};uZVVVVV0XU;tfArfZw fArfZw GGBBf;tf;t+Vuuc_^]UuMkEMA%}tMapUjuYY]UjuYY]UQSV3;uYj^SSSSS0HW9]wYj^SSSSS0$39]f@9EwPYj"E"w]9]t]j-XfNEE3uEvW0EfAA@3E9]v;Er;Er3f3fIIffIfIGG;r3_^[U}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]:0kkkkkkkkk
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
];GIF89aQ!Q,~QQ&'/-#KE<!4H,I=9Q7?+%*Q JPA20Q;>"L61@MO(N
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
];r;u1h{u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
];r;u]u3S:YKC8tpCUt|D#M#u)eHD9#U#uEUiDMLD3#u#Mj _G}MT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
];r;uhS;#U#u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]]#]1]"`.Z]b]m]x]]]]]]".@."..^^"$/@#X/"h/x/V^"/y^"/^^"0@<0"L0\0^___"04_<_"0"01__g_o_w________
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]emu}"D ("K"nv~"""P"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]f;Lf;Cf;5?f;wK3EE9fE}fEEEEEf}V33f9uH%E\3f;uFEu9Eu9EufEf;uFEu9Eu9EvE}EEMM~JMMDMeW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]f^vq(I!mwF)jP2AtgQE&M:ol1cBSNib+.;YV*LJT\sZ,hA"P@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]M}E;uMM\!uoE3jZQ$39uY<~BMV[/t-GPMn<<39u@PVWF;u|3GtVP|^jh8$u:3CtTMxejhMaEPEP][YYMEgEPMMLjSSSjk}EPv@E+E}EE+}]E5{%E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
]UQQS]VW33};tG}rwjrY4jrYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
^2:`3ikkkkkM>Y
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
^GGPPSP5dYt!uPS5dYYYguuPS5dYYY;-uCS$sHH'kQ0GM t@tGGG@t3@t|su3}9~u!ut-RPSWs09~NE+Ftbt90tW0@?If8t@@u+(uI8t@u+\@t2t-t+t ++uSj [aYtuWSj0tf~bPjEPFPFx.u(9t MYuPY|tWSj mt&Yt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
^jEPuEu$9}tjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
^UQeEPu,l#EVt$ttvjjR@^|$u)Vt$tvYtVR^VD$tVNY^|$Vu3jt$YYPH^jUhLut=M5eEPuMuu"t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_.d,$$$H8<M@YUO_YY_,i(^Y2mx$S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_^[UQVuVEFYuGN =@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_^jNSa]3Eu~j[Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
___`"1%`-`5`"1"D2X```n`|``````"l2aa"21a"2"43Ta\adala~aataaaaaa"|3ab"3)b1b9b"3"L4\bfbnbvbbbbbbb"4bb"4c'c"4LcTc_c"(5ccc"d5ccc"5d"5,d7dBdJd"6pd"L6ddd"x6"6dddddee(e3e"7Ye"D7|ee"p7eee"7eef"7%f-f"8Pf"P8sf"|8ff"8ffff"8"D9!g)g1g9gAgIggg"9ogzgggggggg"9g":h'h"@:Mh"t:phxh":":hhhhhhhi"0;";#i+i6iAiLiWii";i";ii"<iij"L<'j@j"<cjnj"<jjj"<jj",=kk"`=6k>k"=ak"=kk"=k"(>kk"T>l">+l">Nl">ql|l"?P?X?~P,???d@(@dIey,=3kt2#%&~(@(J(')0)@*C"CCF+**--1---&DDdd|23333-9I9{FFjJnJbYfio
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
__clrcall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__fastcall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__qq_|_ x___q_qqqqq"q#q$q%q&|qD0@@@@@P@$@@ @4@N@ p+i@]%O@qC)@D@<Ix@oGAkU'9p|B~QCv)/&D(DJzEeF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
__restrict
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__stdcall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__thiscall
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
__unaligned
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
_EI CMyTitleBar ClassEI m_WM_MESSAGE_FROM_TITLE_BARB)zyxximh<irfdihogmggwl6mB)zyxximh<irmm=onmggwl6pmB)zyxximh<irmmapnmggwl6pm`B)zyxx"rJrmhlrsfdirtogm;qUwl6mxAEI CDialogChildShadowFrame Window ClasstB)zyxxym~{}wNzL{BUTTONCChildButton::OnMouseLeftKeyDownm_iLastMouseDownTime: %d8X,YOUOY_YY_,(O(2YY2~lwxxxxxxW((YDyxyyyusU8X~YOUO_YY,(O(2YY2EI CMovingFrame Classnew<base href="file://%s" /><head>onNavigateErrorinversePointerPositionbodyF(k$,,v=9dxlFx^b/O-w8PtM%nv`ZohhAL/hpYh8W1hhhhhhx$FhhaffOEx&4tisLocaleRtlwriteDebugStringlogUrlgetDataonclickLinkonSizeChangeisSupportedFunctiononCancelonAcceptgetValueByKey<$(geRs8{ge(`3OgeJ]$8NULLnull`\u\/D6U&*truefalse\'M>ge
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_Ft90ujAPQ}tE`p3_^[U,3EESVW}j^VMQMQp003;uSSSSS0'oE;vuu3}-+3;+MQNQP3}-3;Q.;tuESPuVuM_^3[vUjuuuuu]U$VWuME3E09}}}u;u+j^WWWWW0:}tE`p9}vE9EwWj"}EGS#3;Euju^PSWt}Map;-u-F0F}je$xFV7kYYL}p@2%3t-F]0F$xOF3'3u!0OFuU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_jV(^EeEEEPCE$MM^ D$ALD$D$j)T]EeAtEAxE A|E$E(EPMM*4^$j)TM]EeEE E$E(EPbMM]$D$ItP UVNEPEPEPv@txS^xtM+N|+M tE+E+E+N|N|MtE++E$tE+E+E+EjPQN[^UVNEPEPEPv@StM++M&tE+E+E+MtE++E$tE+E+E+EjPQN[^UVvtIt@WEPv@jjuuq"tjWvtW_^VFW=tptNjjt$&FtptNjjt$&_^U(SVEPPs xukWj(3EWPeEC hWE}}E}jEE}gEEP|_fu33@^[UV\;Fu`tBEP<E+EjPE+EPuuv^UVSWEPv<]}+]+}Vv jvSWuuhh|vPhSWjjKSOWjjE}jSWWjWtW=Sj0vjjdj_[^UVNtuuP8u3#NtuuP8tuu^]VD$tVlYY^jNTOX39shORYEu;tz3MC3u}EEePs Ksju3VVPLVPXKVMKjmXjNTW39shQYEu;t3MC3u}EEeP]s Ksju3VVPLVP\KVKjWj0qTV}Wu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_MGijWvF,vMM3@3UD$;At;At;At;At;At33@S\$t<Vsa~-W3~W6tjG;|jVj_^[jDM39u$Ma;MV;h,yYMu;tMGPNGPNEHWNHMu3ECPM]\2PNxEM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
_nextafter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
_THREADID.log
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
_TrackMouseEvent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
` @PXS;x8Qh(HPTUS+t4Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`8@4@;rE9=|=e~mEtVtQtKuQt<u4EFhFP\YYFECE9}|35ttNrFujX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`=```a9aaabAbbbc1cjcccdRd{ddd>eaeee
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`@E}DWYuMEECj#YU3EV395tO=uIupVMQjMQPxug=uPxu5VVjEPjEPV|P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`^^D$}|$tt$0|Y3T$V~.Wk!3:~k!3z_ieX]^qqYYt3v`VL$PNh^L$iuVWt$r>PW_^VqL$W>PW_^VL$#t3t$dPN%^Z`j6vueN xMNCwji^vF PMsueuMMswjivF PM4ueMM5vjiuF PMueNPMMvjiuF PMueNPMMLvjBeuuej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
``HVPDjPH^VFtPf^t$t$t$qVvtt$jv^t$t$jqq33j<9M>ueuMvMMGY:j<r9MueuMuLMMF:D$AA3+t8HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`BYnYntancossinmodffloorceilatanexp10acosasinloglog10exppow(null)(null)EEE50P( 8PX700WP `h````xpxxxx Complete Object Locator' Class Hierarchy Descriptor' Base Class Array' Base Class Descriptor at ( Type Descriptor'`local static thread guard'`managed vector copy constructor iterator'`vector vbase copy constructor iterator'`vector copy constructor iterator'`dynamic atexit destructor for '`dynamic initializer for '`eh vector vbase copy constructor iterator'`eh vector copy constructor iterator'`managed vector destructor iterator'`managed vector constructor iterator'`placement delete[] closure'`placement delete closure'`omni callsig' delete[] new[]`local vftable constructor closure'`local vftable'`RTTI`EH`udt returning'`copy constructor closure'`eh vector vbase constructor iterator'`eh vector destructor iterator'`eh vector constructor iterator'`virtual displacement map'`vector vbase constructor iterator'`vector destructor iterator'`vector constructor iterator'`scalar deleting destructor'`default constructor closure'`vector deleting destructor'`vbase destructor'`string'`local static guard'`typeof'`vcall'`vbtable'`vftable'^=|=&=<<=>>=%=/=-=+=*=||&&|^~(),>=><=</->*&+---++*->operator[]!===!<<>> delete new__unaligned__restrict__ptr64__clrcall__fastcall__thiscall__stdcall__pascal__cdecl__based(eeeeeeeetehe`````D``eXe^TePeLeHeDe@e4e0e,e(e$e eeeeeeeeedddddddddddddddddddddxdldXd8ddccccxcTc4ccbbbbbbbb|b`b@bbaaaa\a8aa``GetProcessWindowStationGetUserObjectInformationAGetLastActivePopupGetActiveWindowMessageBoxAUSER32.DLLEEE00P('8PW700PP (`h`hhhxppwpp ((((( H h(((( H H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`copy constructor closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`default constructor closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`dynamic atexit destructor for '
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`dynamic initializer for '
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`EEBE3NpEN`ENPEN<EN,ENENE$`jD_}Mh,oMQkePMM}Mh Lo?h3EEPMujhMEMEzPMEP/nMQkME3EPMEMEMMF;uk3@3_jH^M3;u3VegE];@uMk;EPfhM]tHEPXjPEM]WhhMtAEPiPERM]2t^hPhM<tFEPiPEM]ith8:MM?EE;E3@7^jhAP]Mu3eeEuMMjEPxeehMkt=EPhMEM&uM-tMFh|Mt=EPhMEMuMtMh`Mt=EP@hMEWMuM|MhDMh8kt@h0kt0MQg,PE!MEh$Ykt]MQgMEMuEP<ME4hMtWxt&MMEE;E3@\MMjX[M3;u3kcE];UuMh;1EP0chM]$t7EPfMEMuM;tGpMFh|Mt?EPMfMEdMuM;tGtM]hMtnh0i;tMQewxPECM0hi;t/MQePEM]zMMgEE;E3@_ZVq,L$V@^QL$L$@QL$L$}@PQL$oL$_@`QL$QL$A@QL$0L$ @L$j<3j<2XMeEPMMPEMEFMM3@AYQL$L$@,QL$L$}@<QL$WL$G@j R2W]jTh5t$jhPMWeESPYYM5ht0jhM#ESPEaYYMM(V@Xj R25W]jht$jhMeESPYYM5hQt0jhMsESPEYYMMxV@lWjV}jh8t-jhHMeEWP8MYYMVs@VxQL$`L$P@QL$?L$/@AtL$3ApL$3A<ALLL$S3W9\$u3VShxthtSt$ q_;tbuQP0t?^,yu1G,Pt"\uWt3@3^_[Vt$hFtjX#h1tjh3@^UQMejh|4EXT$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`EETgkMMf9r}EMEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`eh vector constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector destructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector vbase constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`eh vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local static guard'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local static thread guard'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local vftable constructor closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`local vftable'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`managed vector constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`managed vector copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`managed vector destructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`omni callsig'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`placement delete closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`placement delete[] closure'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`pM_^3[=:9keUVuvT%vL%vD%v<%v4%v,%6%%v %v$%v(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`pM_^3[KVI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`scalar deleting destructor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`udt returning'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`uu3_eEPMoej,EjPnuMpEEEEEEEPuMMhj`=`M}3;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
`vbase destructor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vbtable'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector deleting destructor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector destructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector vbase constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vector vbase copy constructor iterator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`vftable'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`virtual displacement map'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
`XBXb1F9b`ft!6K
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
a!APYS;y9Qi)IPUPS+u5Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
A0Ht=Ht,Ht
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
A_AAAAB@BsBBBBCkCCC5DDD4EEEFFFFGRGGG_H.IIJKKLLLMNMMMM=NkNNNNO<O_OOOO7PeP*QWQ|QQQRRSNSST)TNTqTTTT/URU}UUUUVyVVVVWLWoWWWX#XVXXXX"YUYxYYZQZZZZ[9[h[[[/\s\\\?]]]] ^;^^^^^^_D__
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Aaix0<~B$s/DrPU nQj71-OM2NgUejzd8xEv1z`]fvYI8VAwX100010UUS10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
aB[(kWyobg"~<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +<<<<</::<<<<<)<<<<;4<<<&9<<03
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
abcdefghijklmnopqrstuvwxyz
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@`y!@~ @ A[@~QQ^ _j21~,kChhhhh(im0opp@xpPSTPDT``?__ (i*kXqTqPqLqHqDq@q8q0q(qqqqpppppppppppppppppppppp|pppdp`p\pPp<p0p.$$$$$$$$$.5@ ;Zx0Nm:Yw/Ml&____qq!q_
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
About Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
about:blank
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
aC@AIxC@&B8G4X9D&J,qaM).@N0Z!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Accept-Encoding:gzip
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Accept-Encoding:gzip,U.?AVCJobDownloadFile@@,U.?AVCJobRequestPost@@U.?AVCLPManager@@U.?AVCVersion@@U.?AVCPicture@@,U.?AVCInternationalizationHelper@@U.?AVCChildButtonStatic@@U.?AVCCabExtractor@@,U.?AVCRegMonitor@@U.?AVCSingletonLogic@@,U.?AVCWindowStyledBorder@@U.?AVCLoggerWnd@@U.?AVCEventLogger@@U.?AVCTranslatedKey@@U.?AVCLanguagePack@@U.?AVCTooltip@@U.?AVCDictionary@@,U.?AVCQueue@@U.?AVCListBase@@U.?AVCPriorityQueue@@U.?AVCEventQuerySent@@U.?AVCQueryResult@@U.?AVImage@Gdiplus@@U.?AVBitmap@Gdiplus@@U.?AVCGdiPlusBitmap@@U.?AVCGdiPlusBitmapResource@@U.?AVCListViewCtrl@@,N@D,U.?AVtype_info@@,U.?AVbad_cast@std@@U.?AVbad_typeid@std@@U.?AV__non_rtti_object@std@@,us%,,U.?AVbad_exception@std@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Accept-Language
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Accept-Language:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Accept-Language:Accept: */*FIf-None-MatchUser-AgentAccept-LanguagePragmano-cacheAccept*/*Content-Typeapplication/x-www-form-urlencodedGETICOyiICOyipXMLHttpReq->get_responseStream() failed : hRes=0x%XpXMLHttpReq->get_responseText() failed : hRes=0x%Xget response stream failed.Content-LengthGetResponseHeader(Content-Type) failed : hRes=0x%XpXMLHttpReq->send() failed : hRes=0x%XSetHeaders() failedpXMLHttpReq->open() failed : hRes=0x%XPOSTreturn FALSE (CoCreateInstance() failed : hRes=0x%X)CHttpManager::RequestHelperStart : wStrUrl=%s pwStrInput=%sa'M>}zCJobDownloadFileexit [%s]broadcasting [%s]posting singleton event [%s]before posting event [%s]Target file exists [%s]Download succeeded [%s].tmpCJobDownloadFile::Process(R'M>n6ge</EBXML><EBXML>CJobRequestPostafter post - FAILED. Server=%s Form=%safter post. Reply = %sbefore post. Request = %sExit : wStrServer and wStrForm are emptyEnd : m_pQuery==NULLCJobRequestPost::Process|'M>mmmmResourceFiles .4gdiplus.dllBINARY.pngO)\(?333333?zG?333333?o@EI Pop Up Window Class|8<ZYUOY_YY_,((2YY2m$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Accept: */*
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AcceptLanguage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Access violation - no RTTI data!
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Action name: %s, FallBackUrl: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ADVAPI32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
AEAEAEANxEANhEyANXEmANHEaAN4EUAN$EIANE=AMN1A;jJVu^7eN7N$E7N4E7NHE7NXE7NhE7NxE7E7Ex7Ei7E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
after post - FAILED. Server=%s Form=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
after post. Reply = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ajNtEnoEME~<~@MEMEwKjWYVWhOOWjt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Alert ver 1.0
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alert.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Alert0.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alert1.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_ABOUT_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_CHANNEL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_HTML_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_INFO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alert_item
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_LINE1
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_LINE2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_LOGIN
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_OPTIONS_DIALOG_MUTEX_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_RESULT_TYPE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_TRANSLATION_RQ
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_TRANSLATIONS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALERT_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerter Logic Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertInfoRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertLoginRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AlertReformatURL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts enabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/AlertLogin
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/GetAlertTranslation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/GetToolbarAlertsInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Alerts/AlertServices.asmx/SetAlertUsageRequest
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertTranslationRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alertUsageRequestXml=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AlertWindowLastUserCloseTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_ABOUT_DIALOG_ALERT_VERSION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_ABOUT_DIALOG_SECOND_PARAGRAPH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_CANCEL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_DESCRIPTION__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_MAIN_MENU_ABOUT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_MAIN_MENU_REFRESH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_MAIN_MENU_SETTINGS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_NO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_OK
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_POP_UP_WINDOW_OF
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_SETTING_DIALOG_VIEW
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_ALERT_YES
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_FIRST_PARAGRAPH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_DONT_SHOW_NOTIFICATIONS_FROM_THIS_TYPE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROM
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_NOTIFICATION_TRAY_ICON_TOOLTIP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_SAMPLE_NOTIFICATION_DESCRIPTION__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_SAMPLE_NOTIFICATION_HEADER
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALLP_STR_ID_SAMPLE_NOTIFICATION_TITLE__2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALP_CLIENTS_SERVER_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALP_SERVICES_SERVER_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALPClientsServerName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
alpha(opacity=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ALPServicesServerName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AM#=Tu%5E5tPjEPjhPYSjuuVD$u(L$D$3D$d$d$G\$T$D$ud$D$r;T$wr;D$vN+D$T$3+D$T$^USuM=i]C=wEXu]}EPE%PnYYtEjE]EY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
An application has made an attempt to load the C runtime library incorrectly.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Apartment
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
API_CMD_CLICKED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
App Exists reply, MessageId: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
App to Open guid: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppData\LocalLow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppFromNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
application
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
application/x-www-form-urlencoded
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppNotificationDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AppsGuids
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
aPQ3A9tD$V&tVhP^|$Vvt$F^j<(u3~P]FFdF$FFFF F$l$FXF\(VD$tV)Y^tPQVjt$YYP^Vjt$YYP^;D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AueNt}^E}N$j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AUTO_UPDATE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AUTOUPDATE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateEnabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateIntervalInHours
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateLastTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateServerName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AutoUpdateServerVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
AXPt}uPx3';uuuuuuP|q]US]VWu3;CURP<t$MtSRssP<3@_^[]U,VEPv@SWuuuu=PSE~8EtN8SP<EPuEPEP=t:E3E;tptMVVSTsMEPEPu3h VVSuuVVuuSuS_[^jjYuEM?eMK9uwt!MMz?Vt$t$ttu'!tP|^D$t|$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
AyJBeeE )U]\3#MMu3uE}u|jMZ+;|1tdJ}j3XZ;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
azs-iv*XoCg"B$zxskbWn$X
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
b!np#POX%D% 0@/gJA0R1 ON:4Q
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
b&Q|OCvx)l_D9tNS8cPNJ}4w* !!"F"i""""A#|####8$[$$$%I%|%%&R&&&','o''''(D(j(()7)v)))*,*O*r****#+++,,,,-O-----*.X....!/P//// 0N00001d111'2R2223F333!4d44%5h556Y6t6667/7s77&8D8888,9R9{9994:::;E;;;;<Q<<<<>=q==>2>M>p>>>?5?X?{???0@[@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
B(;r3_^[]Ujh EhdPSVW1E3PEdeEh*tUE-PhPt;@$EMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
B8uSjuoE[]USVW39}t$9}tu;uTDWWWWW3_^[M;t3u9Ew}}FM}tFEENt/Ft(;rWu6>)~>+}O;]rOtVHYu}}t3u+WuVxYPta;wM+;rP})EVPm_YYt)EFKEEAEN +3uN Ejh(A39ut)9ut$39u;u BVVVVV3uYuuuuu=EEEuYUSVuW3;uzBWWWWWBFt7VV V3PF}F;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
background-color:#FFFFFE;
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
bad allocation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Bad dynamic_cast!
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
bad exception
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Base Class Array'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Base Class Descriptor at (
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
BB0B^~j_u?3fEEE]MeEM]Eu}2~(E]MmEN]EGZ]EUEu}e}eU4UE<;r;sF3;rs3BtAE0U;r;sAM4?uuM0CM}uEKKK<5}MD;9u0K;]sE;]sCf*XDEM_^3[v;0uK;sE;s3ff9U@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
bClicked = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
before post. Request = %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
before posting event [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
BeginPaint
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
BEjG4X_^[T$u3D$VW|$S3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHB3#3xHBNf[t23#3xHBOu_^L$T$3V#xH3AQiBQ3#3xH^AD$HUu0EuuE]UMVW}u3@}S9UsU)UkYYYYYYYYYY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BEMHE;O,uO(MKL#u}G,;uG0O(;t;s+HG,+uXuW4VWFW4EG0;s+HG,+O,E;uO(G0;t;s+H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BF$D53.:)C
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BfXw_3_jY;$C^3 tJt6t%+tyj_f*u,[?-k
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
BH#EjEG EGEFE+NVWW4_^[EuG EGfFhMjFMu}v
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
bh1h2xaFC r2B,4L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
blockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
border:solid 1px #d5d5d5
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
bp/pH*Z0FHN2AppH6Q0(0!,:(P:54
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
broadcasting [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
browser_type
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
buffer error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
buttonface
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
C4^1Y@MQ</[8+K&E%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
C;]T*EtEt;EPM4M8EMEwM EkME_MESM\EGMXENMEMM#Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Cabinet.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CacheIcons
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertChannelsList::ProcessOpenAppMessage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertClient::OnTimerUpdateChannels
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::AddAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::CallPushHtmlNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::CallPushNotifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiExecCommand
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOnMessageRead
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOnReady
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOnStartDrag
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOpenAboutDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOpenApp
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiPostMessageToParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiSendUsage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiShowMe
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::OnNavigationStopped
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::PushNotifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAlertHTMLDialogBrowserContainer::ShouldStopNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
calling m_pXmlDoc->save(%s)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CallNextHookEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CallWindowProcA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CallWindowProcW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Can not show, size illegal
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
catching exception
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CAutoUpdateThread::ThreadFuncAutoUpdate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CCD@ <t<uR@Yf;@h8 t)j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CChildButton::OnMouseLeftKeyDown
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CConduitAlert::OnPendingNotificationReply
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CConduitAlert::RunAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CE9EGD@uC+E}EKxC3@;]rK@PtPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CertCloseStore
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertFindCertificateInStore
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertFreeCertificateContext
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertGetNameStringA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CertGetNameStringW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ChangeWindowMessageFilter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CharLowerBuffA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
checkboxText
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::DownloadFileHelper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::RequestHelper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CHttpManager::ReturnWithError
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
cj%bueN{MbAV^D$tVbY^Vjjjj_^jaEPeMt3MMZbbMMEMEuMhPVMRMEMEj,8#aeEPh3CM]VtMjh]M[MEMETMEpEPhMPVMWMtEPjh+M]EME4M]MEE$aj,8=`eEP3CM]ptMjh(]MuMEMEnMEEPhMPVMqMtEPjh(EM]EMENM]ME7E>`jW_EPeMt3MM`MMEMEuMh#PVMMEiMEOjc^EPeMtMMf3n_MEPMhlMuME3uMEMMFjc2^EP[eMktMM3^MEPLMh+MfuME3uMENMM~Fjc]EPeMtMMF3N^MEPMhMuME3uMEMMFj(]eEP3CM]CtMjh|]nejhnuEP@MEtMjh|AMPMMEPM]]8ME,E3]j4L\EPeMEP"MEdM|EPh<ME PhMhMhMljhM_EP|WMEPVMhM+EPWMPVMxhMEPhMPVMPMEMEMEMM[j[MuM?MWMe~WEPMEM8METF$PhTMPSMF4PhHMPSMtMW8}t?jejhpMEePSMEuMjWME~MEMMt3@3ZjPYMuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CJobDownloadFile
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobDownloadFile::Process
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobRequestPost
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CJobRequestPost::Process
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Class Hierarchy Descriptor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Class Name:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Class3CA2048-1-550
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
click_action
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ClientToScreen
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CLogger::Init
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CLogger::~CLogger
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CLogger::~CLogger--== Logger initiated ==--.log_THREADID.logCLogger::Init#rdf:rdfrdfrssPosted (no title)dc:dateenclosurefeedItemIdlinkitemlanguagettlchannelcreatedtext/htmlapplicationentryhrefrdf:RDF wb..*h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CLOGGER_WND_CLASS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CloseHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CLSIDFromString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CNotificationsFeed::ParseClickAction
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CoCreateGuid
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CoCreateInstance
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CoInitialize
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CombineRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
COMCTL32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Community Alerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Community Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CompanyName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CompanyNameConduit Ltd.4FileDescriptionAlert0FileVersion1.1.4.1,InternalNameAlertbLegalCopyrightCopyright Conduit Ltd. 2011.fLegalTrademarksCopyright Conduit Ltd. 2011.4OriginalFilenameAlert$PrivateBuild4,ProductNameAlert4ProductVersion1.1.4.1$SpecialBuild4DVarFileInfo$Translation<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Complete Object Locator'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Community Alerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd. 2011.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.1>0<
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Conduit Ltd.1>0<U5Digital ID Class 3 - Microsoft Software Validation v210UConduit Ltd.00
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Conduit_Alert_Autoupdate_Mutex
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ConduitAlertMessage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Connecting to Window Events
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Content-Length
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Content-Type
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ConvertStringSecurityDescriptorToSecurityDescriptorA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CopyFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Copyright
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CorExitProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CoTaskMemFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Could not get bShow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CoUninitialize
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CPPVP5Yt!uPV5YYYfguuPV5YYY>-uFV$sg+'jj0XfQfEE t@tCC@Ct3@t|su3}9~u!t-RPSW{09~N+FtYt90tN0@6uOf8t@@u+e@t+tj-tj+tj Xf++uSj YtuWSj0Quu~qPWPB~)YVY| tSj tYft*3PPPPP2t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CPsMMsW3J|$tjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CreateCompatibleBitmap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateCompatibleDC
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateDialogParamW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateDirectoryW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateFileA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateFontIndirectW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateMutexW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreatePen
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreatePopupMenu
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateRectRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateSolidBrush
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateStreamOnHGlobal
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateWindowExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CreateWindowExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CRegMonitor::Init
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CRegMonitor::~CRegMonitor
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CResourceBank::Init
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CRYPT32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CryptMsgClose
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CryptMsgGetParam
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CryptQueryObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
CSecurityAttributes::GetLowIntegritySecurityAttributes
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteKey
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteRegEntry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::DeleteValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetBoolFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetFirstRegDirectoryName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetIntFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegDirectoryKeyNames
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegFirstName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegNames
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetRegNamesCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::GetStringFromRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::IsKeyInRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::IsValueInRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::RegDeleteKeyAndItsSubkeys
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::SetBoolRegistryValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::SetRegEntry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSetupRegW::WriteIntToRegistry
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::CreateSingletonLogicHWND
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::CreateSingletonLogicThread
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::OnAboutToClose
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::OnMessage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::WorkerThreadRun
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CSingletonLogic::~CSingletonLogic
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
cT`C!00U00pU i0g0e`HE0V0(+https://www.verisign.com/cps0*+0https://www.verisign.com/rpa0U0m+a0_][0Y0W0Uimage/gif0!00+kjH,{.0%#http://logo.verisign.com/vslogo.gif0U%0++04+(0&0$+0http://ocsp.verisign.com01U*0(0&$" http://crl.verisign.com/pca3.crl0)U"0 010UClass3CA2048-1-550Uk&p?-50
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CThreadPool::OnJobPreProcess
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CThreadPool::ThreadFunc
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CThreadPool::ThreadFuncImmediate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CThreadPool::Work
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CtPMuP^[_]t7t3V0;t(W8YtVE>YuptVYY^3jhEy
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CtPMuP_^[]UW}SV5WtPtPtPtP_PE{httP{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
CurrentVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::ConnectAllHtmlEvents
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::DisconnectAllHtmlEvents
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::KillRefreshCheckerTimer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::OnBeforeNavigate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::OnDocumentComplete
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::OnRefreshCheckTimer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::SetRefreshCheckerTimer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CWebBrowserDispatcher::TimerProc
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CXmlDocument::LoadFromBuffer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CXmlDocument::LoadFromFile
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CXmlDocument::Save
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
CZN@#?$Y[W0P+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$3D$tL$tI;T$tu3UQQSV^FVMW]9rY^3jZQ!}YEt!NQuPuENMVNEFMUUQN@F_^[3HHD$;r2IAVFtPYff&^D$V;FrQ@~FuPVvFjP.WP<vjW6vWv ~_^AtPYt33@V~u3DuSWx3jZQYtWSjvjt$$_[^VFP^QQQD$Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$3Vt$t&~t NP uNt3@3^j<M\EHeURPtKMu?M[EPMEmEMu[MM$3@[MM3j/M}j 1YEetj]EeMjtYEEt3MVPN$QPF PNuN4M3v8^DMWEPPE5MM)MG;rh0N\#EPpEj5(DVW|$t;tF+G_@^Vuft3N;HuMF^SV39u6F8Xt@F8Xt<^[8YuA8XtNN;uF@8XtN8YuF^[UEVuEFENFgEFF^]VW|$WHGF_^SV39uF8Xt^[xH8Yu8XtNN;HuF@8XtF^[SV39u8F8X!t^[)H8Y!u8X!tNN;HuF@8X!tF^[D$L$;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$A4VFtQSWp=tFjt$jpvtD$j51N,QPjv_[^D$A,AtI,jQjPU(SVEP]PSxuhWj(3EWPNhWEE}}]}jEE}EEP|_fu33@^[Wwt5Vt$t)Vw<tG()N)NF3@3^_|$VW=0t%jv~$t=Ft6pt)jjvFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$DP\TS|<Rl,LPRUS#r2Qb"BPZTCz:Rj*
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d$huBYHjT"GM}}Yj."(+PVEPej|VMsMEkjVMEXMEPEtYEePMWEPPMEME1MMPM~MPMEMEMEMMFjl4Fu~,FeP<~WTM=eWEP*ME2jMENsMEE\jME8&eEue[uWPE:tXEjjPEjuMnuMPBPM9PuMjuMEE;E|M,M]jEPMEPuMGM93~_VEPMEPEPMEuMPMPuMMEF;|~MMETjMMEaMEhMEMMz3@3Dj<wCMLM3]PV;uMEjEPVuEPyMEhME'qMPVM;MEPHWMEmPVMuMwuuMWHPVMME3FMEgM]MM\uEP;ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tV/kY^hjM`3M]|;<jSjSj<E<;tr<;taPV;tGMZ;uVj cYME;tS3PSp5(w<]MMjjH,iMuu3@kMejj~WMit#HtHu/MWEP7 MEPuEPf(MM3ij0IhMT3M]1
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVEY^VNt^3F<F F$F(F,F4F0F8F@FDD$FH^jiCFPM^F<3};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVY^U3ES]VuW}'}E@tUEPh@t3@=EPV2%YYt'uWSVEVPEM_^3[~U3EVWu}Mxu_l@3^3U(3ES]VuW}EPh@EPh hpSE^$YYu/EPSN$YYu9EuEPS9$YYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D$tVY^Vhe^hXY^hM^hA^hP5^h)^hX^h^hP^h]h]h]h]hH]h]hp]h]h]h]h(]hu]h8i]h]]hQ]h`E]h9]h-]hH!]h]h]h`\h\^j.jYM3E;tu]MMPuRj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d7CRDh?=8%@X#Hk<>r4pGu 69
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
d:\Conduit\RnD\Client\IE\Dev\5.4\SingleComponent\Alert\Release\Alert.pdb
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
d;vmhpE=x[_^tV5dW3;u4kP5hW54 ;u3xt5dhk5hhAj54$F;tjh hWF;uvW54LN>~dF_^UQQMASVqW3C}i0Dj?EZ@@JujhyhWupU;wC+GAH@PIuUEOHAJHAdD3GFCENCux!P_^[UMASVuW}+QiDMOI;|9M]UE;;MIM?vj?YM_;_uC sML!\Du&M!ML!uM!YO_YOyM+M}}MOL1?vj?_]][Y]YKYKY;YuWLML s}uMDD }uOMYOUMD2LUFBD2<38/])uNK\3uN]K?vj?^EuN?vj?^O;OuB st!\Du#M!NL!uM!Y]OwqwOquuuN?vj?^MyK{YKYK;KuWLML s}uM9DD }uNMyNED3@_^[UdMkhMSI VW}M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
D<YYYYYYYYYYYYY.NAYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
d@pH$N$" D!R$ZC
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
data error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Dc3F 0^2PC0$[Ab8 K19'D`1x<aD&k-*DdaP@F #@$pa2$H;SAFha&L>&C,=pwp0hRA
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dddd, MMMM dd, yyyy
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DecodePointer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DefaultShowIconInSystemTray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
defaultValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DefWindowProcA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DefWindowProcW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DeleteCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DeleteFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DeleteObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
description
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DestroyIcon
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DestroyMenu
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DestroyWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
dFpt"~ltpluj Y,yj`YeFl=HiEEj[YuUuM.kE~MJf9tAAu+Hu uPuuu}tMapUf9Eueef9EsE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dhkU+Pr;r3]UMAVuW+yiDMIMS1UVUU]utJ?vj?ZK;KuB sL!\Du#M!JL!uM!Y]S[MMZUZRSMJ?vj?Z]]+u]j?uK^;vMJM;v;t^Mq;qu; s!tDLu!M!1K!LuM!qMqINMqINu]}u;MYN^qNqN;Nu`LML s%}uMDD)}uJMYJED0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dHpuF;htF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dHpu}FF@puHpF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DialogBoxParamW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Disable Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DisableSources
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DispatchMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DispatchMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
display_time
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DItWhtFltwf>luxl `f6uf~4u8f3uf~2ufdfifofufxfXRd/St~At+tY+t+ @0 0u u [u QPRYYtFF9|X+++3F tBPPPG}fFt:Ht3t+P@fYpegitqnt(otaU3V0 tff@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Djh^V>Ou%jh^VOFFf> tf9>huESuPEMHMx8xxH_^[jhEY33}jY]3u;5`P9t[@uHuAFwFPYP4VYYP@tPVbYYF}hj8Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
dkh+LQHQPG^E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DllCanUnloadNow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllGetClassObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllOnUpdateFinish
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllRegisterServer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DllUnregisterServer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
dMEcMEP EuEEP}Mu#3f>#u9hHSj"!MElMElMMl%FEuPhSj EPEPEPuhEPZ@jhxthtjP_u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DOMAIN error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DONT_SHOW_ALERTS_FROM_THIS_FEED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
dont_show_this_type_check_box
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DosDateTimeToFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Download succeeded [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DownloadErrorCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DrawFocusRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DrawIconEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DrawTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
DWEEPWEPEPWEPnEPEPWEP=WEPWMjMMVjto'39zEeTf7htoWqvrt.sD;u};PsM:M]xE9EPMxEPEt3;MPEPQMh;u0jPMZME8MQMQjEMEMEBME6M]+MM95.r;t%PlS;tPXjA8t-VB0jsDNtFPQf^j'}u3St;EuMleWMtjWtjMM>3@EVu3+;D$ut$t$j|$t3@^Vt$fv^j<2MY8eEPM 9MPE6MEMxt3MM(8Mh3FVD$tVY^OjRfhqYMeta(3Mt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
DynamicDialogs
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
DzItUhtDltwbS;luC8, <6u{4uCC<3u{2uCC<d<i<o<u<x<XPPG'YYt"CjJdwSAtHHtYHHtHH @E00u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E PN,Q4P<uQuE|FpMBuTE~PPQhQPQ^@W[QhQhQWN`:QhhPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E#UtYjSSu#tAu}+;SjHP$Eu_^[huYYE|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
e%EP]TS}=Rm-
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E'PMEh{MPkWcME}MC]E;Jh7h+YQj~frPuuN|e"QVD$tV<QY^j~fPuuN)EejF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E)EE C(EP[xuAjEVC0PMCUH]E]E]PE CHfKIVVUREEj}1E \$E }1\$ET$$PQ~7EWdu9uuuVVuuuuuuuuuu39u_3^[U(SVWuEF3;};UR]]PQFURPQEt'9] u"MWQuMuSuQwMQMWQuuSuuw7uvVP 3;ZF;9XEt!u uuuuuuYuM_F(E^xP]EjESF0PMEFH]E]E]E]PFHgNISSUREEj}1}\$E}1\$ET$$PQM~uuu3@Xun9tE9] u"EtSuuuuuu u uuuuuuu3_^[USVW}3;u3F;tN9^uF0Pt3vvDv@+5F;NE9]^$tG+F G+G9N ESQF;~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E*GEB:}M$:]<+t<-t`}uuu&MB:t<9}sE*GMB:}*u<njJM1wj+t HHt;jMjY@jouB:t,1<vJ(1v:} tG+JMtHHt}EjX9Ev}|EOEE}Yj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E,EEEEPjhEEEEEPCv0vvP`jP'+j@,@*39]-;u!@;tuMem]+;E]~Gu?t.MQ,uPFPMEtMEt"EE;E|MM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E0:+_L.X)AzT&.*\!R8C;HMS Shell Dlg PMv7OKPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E1FFE9UuMOMw;UE}~MW#UM#Elf0f9vMmEFMf}EM}f}|QW#UM#E[lfv1FftFu0H;Et9u:@}~uj0VuE8u}4$pWFk3%#+ESYx;r+F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E339uu9u D|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E3SVu3W3]]t2uKShjSjhuu3}]EjSSW`Ej s}Yt#}tEFEF^F^^*EFEF~^^:tjSSW`FE_^[Vt$u^~tvXVlzY3^D$8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E4#OkkkkkkkWJVTL!?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
E8E,++E4jE<jE0PuDTE0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E9E(}E(ELtMEXt8}tuu }tu jMEP4MEE0EeMEME3FMjh|kuMEM<EtE{cThh3uu3}uuuuVEPEPEPEPEPVjhujh;EPVVju;uj@};EPWVju;GlGpGXG\VTPhVjuE;tRuVVVVjP|;t<PJYE;t+SPVVjuxtuuoYYuEEE3}];tSt9utuY;tW;tSt9ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E9tFEE^[UQQSV3]9^t=FWUR]PQShjZWPuWE_F;t@;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;8X;E;|E[j@j YYtVM *@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;Eu3MM.Lt$jhKu3N,}\ONDEDfj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;Eu3MM]MjhvLuft\MeMEPuMuEutuMzt3MEMMLjUhKut=MXeEPuMuuNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tF3@j d}tuuu81<u3Mk;eEPuu?uMMfDMEPMEu^jhx1MJEPEPuuER@EMu&D3MEMMCECMH;PjVt$jt$jt$ 6tF3^UE$Vt3MtI3u,Eu(Pu E \$E\$E\$E\$@\$@\$@\$$Q6'tF3^](VD$tVZY^j|={tMY:PhMeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tjE9]|WSW_^[jA33q(fE}9>uA$VPQ0tEua6MQWVP;u}EURP}QdhMcu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E;tRU$3EEMSVuWP3WWWWQEPEPM3q Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E=?sJMsB;r6PY;t)UEPWV}EH53_^[U0SV5W33;u.;t0#Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
e?E~SSVE@@p~3EEMqPGEP_u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E@PMGPML>PSMdt}@uMpE0P!M EMLEM0EE`E`;EHM\E=MdE#MEaMEUMEIME=M}2Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E];vnu,B;tSj-&YM];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E`9Uu3fE9UM3E}TM;kf9r}M]K
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EaflfpLj :Kuh@MEfM\feNM,eE~[uMhat?EP7^jtMtPj7PW2LYMju9aEE;E|E~PpbMtPeEPEPbujPE`NtEeNPEeEkMMn`hKj:J@VMe\tt}tMMe3RMMeuvhVMPeuMG$3MMLetPJjiIh@MeM=\MteeuukJjiIh@MdM=\MtddjCYMPe4JUQh@MmdM\xd`j;IEHtwHtRHt0HhBYME:jdBYMEts4nhBYMEtQ\PL~tYhBYMEt)v!hjBYMetX3MtPu2YYHVdD$tVIY^V6D$tVHY^D$VtVHY^jE;Gu^@,^3N\}^NxE^ME~~~,MEMF$N\F(j~~0~4~8PjPNxjPM~~<~EGUVq\/~HEP`^eMtjPMtjEPEPt^ujP^UQeS]EPS\ftFMt?VW+tNu1}t*7
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EB m_WM_ALERT_BROADCAST
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_BROADCAST_ALERT_IS_APP_EXISTS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_BROADCAST_OPEN_APP_FROM_ALERT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_BROADCAST_RELEASE_ALL_ALERTS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_MESAGE_FROM_STATIC_BUTTON
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_MESAGE_FROM_SYSTEM_TRAY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB m_WM_MESAGE_FROM_VIEW_RECENT_WINDOW
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB_TB_NAME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EB_TimeStamp=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EDPMDEk,M*EPexWhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EduMEKMMhht$MQMPE@MEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EE+EMuPs|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEEES]W=t)PSEEEt<~|tPSu=m9EtEEEEhEPtPfPStuS_[^j`U;E+EMPE+EPv}3WujWEEu9slt$PEEPWus|EuP;t@9s|t#9uu9tEVPWM<EVPWMd;uA9uu9s|t)VVEP;t&EVPWM1;u9sluE+Luuuu}uWuWMMuE:Ul$3ElExSVWEE|jEE=PujEEjPbDtBhEjP>DjdEPvt<EPhEPVEhEP*P PuuuuEMMEMl_^3[53pUVjEPtEEtE+EEEMMEtE+EEEMMjEPA^UQQeeVEPEPuEuEui^UQQVEPEPuuu?^3HHHHV~uPjP^V~uPFt>W=jjPFuvuPjvv_fF^AuPAuPUVtEW}WuvuuWttVtV_^]3@VW|$VjW~3_@^3@3@3@3@D$AA3+t8HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEEPSYYt"MxEEPSYYtE39]fD~HH_^[UuuuuuhR}]UWVuM};v;r=tWV;^_u^_]ur*$r$$$(#FGFGr$I#FGr$#r$Ixph`XPHDDDDDDDDDDDDDD$E^_E^_FGE^_IFGFGE^_t1|9u$r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EeH}fvM$;uj+t&-t!;tCpE~;`j+jyHfLM$;O;^UG}#f9w"}sME*EEf;sM$;H+n-eC}}}u2Mf;t!f9w }sEM*EMf;s}fAjeJMHfwjO+t +tjQMjYj>}f;tfv+(Hfvf;} t@+JMt+t}EjX9Evs}|EEEHEaj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EEPvMMTVQ}0^0V}@Ul$3j(co$ E(E3VPf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EE}}}};tptWp0MMUR}P@jEWPEG9hLBYEE;t3ejh|Es4sjpu3VVPLjejhbVVjjpPu3URPPEPEPEM;M|E;tptWp0MMUREPDjEWPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EFjHVEM]u3@5MtEesu}jspMC$3<CjEjEPMu}u39XtZM;jhxME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY*EeE@jPEYEY#+}u]}vrGGuPFPSjj*u_wCtM3VjVVt$L$e3jjVW|$v9~s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eFjPYY*EeE@jPEYEY)}u]}vrGGuPFPSjjFu_wM3Vj!VVwUQVW}9~sRF+;EsE}vPNSVr]Ur]+PUUBPE+QxPF+P[_^jk}uvu'3j[OMmU;s+;w4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EG EGEFE+VNW4CWssPCPIW4EEFEG EGEG0;s+HG,+}Et3}DEnCCCC&}EMeMEEEC9Er4#EKHmE@)EEMu@CvMtK@CW@uKHCA -}EMeMEEEC9Er4#EKCm)ECCCC&}{EMeMEEEC9Er4#EKHmE@)EMtCACb@3CA}EMeMEEEC9Er4#EKCm)EO(+CE;sG,+EEEE;G(rE{u}G,;uG0O(;t;s+HG,+uXuW4VWW4EG0;s+HG,+O,E;uO(G0;t;s+H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ehhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Ehhhhhhhhhh@T#*
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EHY]E P]UE8;r=w`+PY] P]UME}`QY] P]UVuFttvBZf3YFF^]U(SVuW3E}}}FFf> tat8rt+wtWWWWW`93S
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EI CDialogChildShadowFrame Window Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI CMovingFrame Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI CMyTitleBar Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI CWindowStyledBorder Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_ALERT_COPY_DATA_EVENT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_GENERAL_EVENT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_MESSAGE_FROM_TITLE_BAR
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI m_WM_SINGLETON_EVENT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EI Pop Up Window Class
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Ej%SuEPESejh|vSuP`MjhPMEhEPEPEZYYMEmURPPEPEPEM;M|ElSPMMjuPESejh|vjuP`MjhMEEPEPEYYYMEURPPEPEPEM;M|EljPMMDuME;~MEE;E~EEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EJG4Ec tJ+M;sEB+EBhM;sM_ ++wuB+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ejh7VjV:mjmK<jhPu3MMQEPME;tEPMgA@3;A%RQVlWEPs}w+7EPEPs9u|ujuVw7pEMGEPri3tQljp0MEME3GMMj0|%%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ejhThN8WWjN8hN8jN8POL[u1WM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EM3uUQVEPuuYYu!EPuYYuMU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eME]EPMN=PMPEdME_]SEPPE0PM`;>xPM->MhE"kxETMPxTWPMho;t.MPbTP@;thTW<;tW8VTVXMt;tjMhEjxE\M`EMEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EMf}uEMj(Q<A,fEfuMj3@fu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
empty distance tree with lengths
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
empty map
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
eMt3MMy%MMEME7MPVM]MEMEjLEPeMt3MM$MMEMsjuMEPVMyMESMEUj$)}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EMuKuW<u;PE@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Em}]3tjZttt tt#t(=t=t;ututU395}]Eyj^ttttt`#t* t@t;u@#@t-t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Enable Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EnableWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
enclosure
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EncodePointer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
encoding=
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : m_pQuery==NULL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d (from SetRegEntry)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d (rc==0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return %d (RegDeleteKeyW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return 0 (RegOpenKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return 0x%X (status)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (GetStringFromRegistryValue failed)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegCreateKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegCreateKeyW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegDeleteKeyAndItsSubkeys returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegEnumKeyExW returned ox%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegOpenKeyExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegOpenKeyExW returned ox%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegQueryValueExW dwordType==REG_BINARY)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegQueryValueExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (RegSetValueExW returned 0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (result pointer is NULL)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return FALSE (wStrValue from registry is empty)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return TRUE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
End : return_value=%d rc=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EndDialog
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EnterCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EnumChildWindows
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
EPEPsN$Fhj_9^\t+u+Q_^[S\$VW3;u3Stt$D$WF0D$Pv(^4v$WWhWNF,}&PhhWWWWjPFhN8;tv,vpPpPl3@_^[y`ujjVolt2W|$tuPl~`tjjWv0_^UQQVEPMU;u;tRQP6^D$;Adu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPEPw.YYME>vNPWWjoEPkNPWWjlEPkNPkNPWWjkEPrkNPWWjjEPbktE.MEuMEuMEuM]u3@UQQSVW=43+FT=v8EPt/NPjuukNPtjfPFT3_^[j7)suu3uj|ml~0oucj gYM3u;tV@/3P@oV)j <YMEtj\/3Ppj5(wD3@3VD$tVY^Ajv)u=3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPEP}39[huEuEYEu;t3Mejh|.s4sjfu3VVPLVhVhVhVjK<jfPhYEE;t>3Mejh|ms4sjeu3VVPLVhVhVhVj_WK<jePhTYE};tZ3Mej|VejVEs4sMhu3VV>\jejhVVVVZ[h`ad[K<hPuuf50jpjpjpn=0tpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPiuEPHE}ttZPh.SjoWM4XZPhX.SjFet*W!lME5WEPM5EueEPkM5MEbMEME52YPh$.SjhEEjjJU}MMENtOjeWTkEePE?kME3EeP"kMF4E-WEPM4EuEePjM4MEIe}POEhGDPO$hj8tYEEt$sYEEtjU3MEO(G4EG,Et)KXPh-Sj9tQW)G"XPh-SjWTv$tWj5(v$jMWPh-SjMM&_jazuu"e.WEVEuE~gjau.Etj'tj'E_E{_Mzjb39j8YE];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ePLs6PEQ6PE;6$$((j1uLE,E,E{,MkzVT^Tj.xh,YM3E;th-UPjDd1DM\EP(j3hMu1MEG#PhM$MVjEPMEWM>;u;MEME+MM+Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPLWX2YEEt3WE12YEEt3WE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEEEt3Pjs0t4uSP$EURuSPQHSPEPMEtEPQEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEM03F<|$u3jt$tL$t3@US3W9]u3MVSSjSjhuut*;t&EPVE;tE;uVX3^_[E@PE3]sY;uuuSVSEPuV=9]tE}9]u$EPVYY;tu>SPwSEPu>PuhuuXuMV>5V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEME%uTuXSh6w6M]MMyj,&yMaeME.tPvM1>MMFyhxM39Y(MM]b;,TSSSjj,Ev,;jM;tqY3;E~SMWP;t>VM";t1SMEpFjP$VMEhME(G;}|SyYPMl,]MM@xjH@wM3;tj;t_MM]VMECM;t$;tSMSjdwwM]uMMxjk8wutj >qYYMetj3Pj5(vwj,&vM:Me!uuMuMuuMuMMnwj .vM33;u3 MuMV~MQ/PMEMEM1hTMt@h@Mkt*hDMUthM?tF;dMM|vj|uMiZEP}ehM*hPYxEPxEh`EPEhEPEEPEPEPEtohxwt_MhEPE}EPj nYYEEtj#3Pj5(wME1ME%MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEq>PM E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEuM];ww6M3MEE;uSh'yj5MR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMEXt!SEXPE0e\P}X]M`l(ME_TMEST@E2M0E8TEPMSEe\PEm]M`E'EPMjSEe\PEC]M`'EDPMMTE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPMuEMPuMVvMMEIH^1YVWwp{@g6_v^VWwp@g6_v^UQVQeeu^Vt$u4^4qV4qD$tVIY^jP,MhSjB>}uMeMMEMEPEyuEEP}YM#u>hSj=MELME@MM43<EPEPEPtEPEPrFVPMEPMtFVPMEEEEFVPMEPMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPPPEPu0MMMq43'0UVtVu|YYt8Vu|YYt)EHt3U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPQuVt$jh2(t(jh2(tjh2r(t3^3@^|$t|$t33@V3uhhLtjPhlt,PQ^|3@3tPQu!!V2^2=tVD$tVY^jaeeeEPhLtjjhlt,EtMtPQ3'URuPQMEuutPQVt$PxP^Ul$3je3];t$t29th'jh@SP<}h8ESP]k"PMuE];t3<VQPR;]URh<tPEE;t?UR<PQ;|;uEUR@PQ;|;t@E];tPQ;|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Epu\M`h*jEPEXE;tPQME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPvEY3}9Euj9EtPY3Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPWWuEPME}EMMMEMEsEPuLuEWWMQuEPpuuuu[HtCtCtuuMMHR3EjyVDu,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EPYM3U43EEMEESEVEEW3M}};E_5MQPt^}uXEPutK}uEuEuu~YF;~[wSD6=w/?;t8-WWuuju;u3PHY;tE}9}t6PWuvVuuujut];tWWuSVuWut`][9}uWWWWVuWu;t<VjGYYE;t+WWVPVuWu;uuY}}tMuYEe_^[M3<jhF)3]jY]j_};=`}WP9tD@tPYtE|(P PP4YPGEEj?YU}u3]UMMtftf;uAABB
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EQPx3;~Bj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Error finding notification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Error retrieving notification id
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ERROR_REPLY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ErrorCount
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Et3Wh,VPMM"hVj3j4=N]uMPh|Vj39{uh<Vj3ME}uME;uhVjNMEM93fMPMFlCWPECWPCURuPf}tetPhh|jeEPMEMHM5/jMEi5Ph`h|jeME/M#]39u9uMMEMhEPE$PM;t6EPjEP?E;t29ut-eu)9h4h|jME[ MMu39uh h|PE1jBJueNfffjkNuFEtPYfNEM}D$VW|$wWJYPF5YFt39Fv8N@;Fr_^UQW39=@t3S]VPPuuh(VjbEPEPWh?WWWuu(;tPhBRu*uDPPjh|uWuu4;tPhX3VAAQ3u$h|Vj3@^[_UQVuuhVjEPjjuu0uu$h|Vjk3@3PhVAAQL3^UQQVWuuhVj#EPj3Wu}u0;t3PhhVAAQ3:WWWWEPWWWWWWu8uu$uhDVjE_^U$` 3SVWPWVhSjEMU3E9Euh@Sj;3MQjPWV03;urhEWPEEPEPEPWuEu,;u#}tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EtVY^]UVVEtVY^]UVVEtVyY^]UVuW3;u3e9}uvj^0WWWWWE9}t9urVuu0uWu9}t9usvj"YjX_^]UEVW3;tG9}uqvj^0WWWWW)9}t9EsLvj"YPuu3_^]UEf@@fu+EH]L$t$tNu$$~3tAt2t$ttAL$+AL$+AL$+AL$+UEl]U(3ESjLjP(0,ffffffEM0I8j<(P@uujtYhPM3[)U5l[Yt]jvtY]3PPPPPU EVWjY(V}EE_E^ttE@EPuuu45$[Ytj:ujjusP+BRt++UQ@SXV3Wxv'ME;tDQP+YYt1F;r3_^[@uM;tQP*YYtF;rEUP3|UVp2^]U@MSX3VWxMMMM;E4+E;Ev2M;tQP_*YYuEuPEEFuEM;tQP-*YYuuFGY;Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
eu;5lw"jxYeVYEEEjsYUVuSW=$=4uVjNThAYY|ut3@PuVSYuuFVj54u.j^9tu7Ytu{PR0IR0_[V7Y5R3^]hd5D$l$l$+SVW1E3PeuEEEEdMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EURPQ EPQ}uuEUeVWwFwt9EP6f}u9}t3uueEPMVE_^Mjh|?jA5;Ew(39uG$VPQ06MQu]VP;|mE;tf]URP]Qd;|@h$M>t/jP/YME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
euuvHMXB9;5SM]=];Z] T7aZ%]g']nL R`%u?q=
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EVP>YYM_^3[39 A@tyt$IxQPYYuUVMEM>t}^]UG@SVt2u,E+M}C>u&8*u?d}^[]Ux3ES]Vu3W}u%u53PPPPP@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EwW[M_3^:r0uU S39]u `SSSSS(VuW};t!;u0SSSSS'jE;w}uEuEBuuPuUE;t4;|"MxEEPSYYtE39]\>HH_^[US39]uSSSSS;'[Vu;t9]w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
EwWM_^3[$z*>Ut3ES]VWu}fU#]EEEEEEEEEEEE?EMftC-C u}fu/u+u'3f;$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ExB0T\E#<~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
exception caught.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Exception caught. memory size is %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Exception was throw while downloading [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ExcludeClipRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
execCommand
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
EXEtEHEtEHEtEHEtEHEuE3H1HE3H1HE3H1HE3H1HE3H#1HvtMItMItMItMI tEX#t5=t"=t;u)E!EEE #t =t;u"E EEEM31EX 9} E}t&` EEXEX`E``EXP4H H EEXEX`EH`H`EXPOEPSju4MAt&At&At&At&Yt&3+t/HtHtHu( %
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Exit : wStrServer and wStrForm are empty
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
exit [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ExitProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ExitThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ExpirationTimeSec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
E}9}urE lTtXtCHt/tuCE9}u:eE09}u%UEut3FFf;9}FFf> tjVh^lS`j XFFf9tf>=GFFf9tjh^V]Ou
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E~,P9]tu]EPEP~uEPaEPEPZ=h9]tuEPEP5uEP@~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
E~<Ejh|ME`EPEj%Pe~.juE}PEE9E|M3^8MS{}PtIM~uRj=YEEtMQ/3jMEx}WN$MS}PMMC;yM~u;jYEEtMQ3jME}WN$!ME@MM4<VN$L$;~t$N8z3^j|_A,eM{EPuEu$3MEMMu~$DtjEePEPxMEueM/{EPxEjYMEtEPu3PVEF}t8C9E}0jEYMEtEP73PVEFMEE9]_xE3FVjXt$fFu9D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F 9^$u$j0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
F T>~(9~$uF$d>jjv(V F;ujxFxF@F@F@h%B=PV4NAFV9xu'YY3_^UQEttt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F"tfNFFfeSj[Fu, ;t@;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F$9^(uOjD
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
f0.hMHT$BJ3e\hM%T$BJ3e3egMT$BJ3e3egMMT$BJ3_egMT$BJ3<e]gMT$BJ3e@:gMTT$BJ3dlgM:M&M$M4MHMXT$BJ3dfM9T$BJ3ydfM9MujYT$BJ3Ad( bfMj9MqT$BJ3d\ 4fM=M,MhyMMMOMPMM%MnMDM|MT$BJ3Nc oeMuiYT$BJ3!c!BeuiYT$BJ3bH!euxiYM-M%T$BJ3b!dMT$BJ3b!du iYuiYT$BJ3ub!dMM,=MhM$MMMPMMMMDkM|]MAM3T$BJ3a"cM(MMGT$BJ3oaJ3ea"cM(MMMT$BJ3*a"KcML,M$ZM4OMAM3T$BJ3`#bM+M$M4MMMT$BJ3r`h#bMT$BJ3O`#pbufYT$BJ3*`#KbM.sT$BJ3`$(bM!T$BJ3_H$bM,T$BJ3_t$aM$2fYT$B3_J3_$aMMMMT$BJ3I_$jaMT$BJ3&_%GaM,aMYT$BJ3^L%aMqT$BJ3^x%`MqT$BJ3^%`MdT$BJ3^%`MqMMT$BJ3_^&`M)M<MLM\yMkM]T$BJ3]0& `M,:T$BJ3]&_MT$BJ3]&_MhT$BJ3]&_M)#MMqT$BJ3]] '~_M"MT$BJ3,]T'M_M0pT$BJ3]'*_MDT$BJ3\'_M!MT$BJ3\'^MM2MMMT$BJ3x\(^M\T$BJ3U\X(v^MTMMT$BJ3"\(C^M]M,2MMMM=M5T$BJ3[(]Mf2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f5fXf~fffQgggh2hUhhhieiiiijHjyjjjkFkikkkkl3lVlllu""
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F61 FCA;GIF89a?{x!?,pH,`hV:FC`2G$y(SYa@"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F61 HA;GIF89a?{x!?,pH,kc1Z y"@H@l
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F89^ u$jh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
f8t33@t$t$t3It3@t$t$YYt$APD$p6t$zt3It3@It$QYYt$@t$@t$@VW~u_^GGP<Yu;~tFV++BRWP_^SVst>W3ft2PYtu3FFfut3f_^[S_^[V~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f9fttjfTtdfft^fFtXf,f[ujYME;thM_f{j8YME;t?6jY;t0x$#j YME;tMVSPtMWE9jf]EED$V#tVY^VRD$tVY^VD$tVY^V#D$tVY^j.j8YM3u;tMV3jRN}uaEP3WuYY;tLuRf{uCj8&YMu;t$MMQWPu7j3f[ujYME;t5KtjsV#D$tVY^j/\lM}E9r3@3uu3WuYY;7MZ~f"uqj.YMu;tAMWuP~MQP3@}EuKEtPssMM{#f:f[u/9u"jYME;f{u/9uj8oYME;ef-tof0rf9vcfttAfTt;fft5fFt/fnt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F:t@O2X5k`sPQq}`!";5#N(sh6.u:(RxSMu0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;0f;rf;v]UuMVEMUTu}tMA#E3t3@}tMapUjjuj]U3ESV3W9u8SS3GWhhSt=Pxu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F;7|judYYhWM7hDEPucsm9>~~F;t=!t="e}EPEPuu WE;EE9;G|GEGE~lF@XE~#vPuEuM9EME}(u$]u EuuuuVuKuE]}}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F;Eu3GEWWWjPvHd;t~}uWYFEFtPhF^u3MWjPNXFXFN@HF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;f;f;?f;w3uuu3f;uGEu9uu9uu3fEf;uG@u9pu90t!uuEMUU~UL
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;Pf;r]*f;@f;rC
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f;tf;t+Vuuuw_^]UUVuWftBBFF+t_^}]~3@]USVuM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F=7!!3FCA;GIF89ax|]lrr}xpi~v`Btq}WmVgT{upQp{Rgs!x,x5We
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F=7!!3HA;GIF89a?{x!?,pH,;cYUD ND)|>vc2<Ng!X40?y0?->6?4)?#?8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f@@BBf;t&Ku!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f@@BBf;tKtMu9}u3f;t3}uMjPfDNX^fVj"YdUVWuMEu3;t0;u,rVWWWWW}tE`p39}t}|}$MS}~~EPjP-MBtG-uM+uGEKB$9u*0tE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
F@u^VLYttA$utt@$g3;]P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f^t$Fuhj<_}3]9@tMMEu3Mjh(M{MElEPEMMmuh(M|MVlPM|Mdmu+hp(M|M,lPM|hM|EPM}SSSSEkP;u83MEztMEntM]ctMMWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fAf#EE@uMjEppEPjEPEjPSu!E}tE`pEM#UQf9Eu3f9EsE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
failed to read file
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FakeAutoUpdateInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
fallback_url
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
fCCC0S3@f;3@f;ut@uhtqQftuu;hlq
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FDICreate
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FDIDestroy
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FDIIsCabinet
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Feed id: %s, MessageId: %s last request time: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
feedItemId
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FFFPEE0Gkj7jueeEPu3ECPM]PMEM]JM-MhEP]ME"E4kjMjEPM#ueMMjjHjjueus+uE9C}Mjh|oMjh|rZMl3FGPM}EU3fpKVQQPMMEPM}E:EAjj R2Zij\7uMtjMtiSa}t*FPjEPMeP^MM}t+jFVEPMPE-MMijHjhej\j}vMV>.@PEPoM3EFPuMuE2E9iUQeVj\2Pju$E^j.+hj9bYM3E;tu+MPNhUQue}MtPjh|mEjNgeue~Mjh|6e3@EtPELhUVWOHVEPMNy_^US]V3u;uVEMW3u}E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FfxtfXtE.E}u!VOYufxtfXuGG7GG3uUV!Yu)jAXf;wfZvFfw1Ffw ;EsM9]r)u;Ev"M}u$EOOu"}t}e]MMM7GGuu=t}wu+9uv&LE"tMEjXEE^t8Et]}tE`pE_[U3Puuu9TuhPP]B[$d$3D$ST$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ff|f%xf-tEEE8jYj<hV@=ujYhPUV5T5tt!PtP5Tt'VV0uV{YthVP<tuEE^]jYUV5T5tt!PtP5Tt'VV0uVYthWP<tuEE^]xUu5Tt]PV5Ttu5EYV5Tp^Uuu5Y]PtP5Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FHPNWWPMM3@j^^)uF,PM=e~Hu@MM?uNP3|$u@*L$tt$t$%@j,&uu@7f>tW*MeMd9MMfF3-Vt$u@A~u6f8u.t3f9QQ%@W^j,&uu@7f>tW*M)eMwMMfF3Vt$u@A~u6f8u.<t3f9QQ%@W^j,&CMejuMWuMuXMM}3j,MNeMMM?3j,&Mu3uMu,;uFMMkj<-FH3;tPu+FH;tPWWWWWWWWWhhWFH]EPpM}xGtMMN{ EF(PM}jh METEtuWtjWMEPM*GWMbPMMEEEEPvHjJuu ME=NME3G:xWMEPMFWMOE~PF}t<Wt1;}t,M@ME1EEEPvHjJWkNEPEPuE~P8EPEPmtY}tRWtG;}tBh0MDPMFMMEDEEPvHjJWMEMME3jLO-2hVjK}uhVj4@shVjWM/eXxMiCME]CEPEPWMEYthMDu\MDuPW;u6h`VjjEPEPMjj5pMdXShVjaMEKMEKMM|3jt-u3;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fI@``|pt@T$G@.textjfh `.rdataNl@@.dataRp*T@.rsrc~@@.relocN`@Bjt$t$z@UQQEHuEMMU3@U,MjjM0M3UPMM7MEPM3M,t)EPM2PM;M#4EPMg4VM<(3uVM)M&uVM#'VVM>0EPMuj:PM1M3M3MT3^U3EES]#VuWEEPh@tPEPVYYtjYt|3uSuVVPM_^3[=uV<tN^39U,MdMSMf3Vj_D^j}}Detem&M-_sUpjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
file error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FileDescription
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FileVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FindClose
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindFirstFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindNextFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindResourceW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindWindowExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindWindowExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FindWindowW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
first navigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FirstTimeMessageDisplayed
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FirstTimeStamp
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FirstTimeStampInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
fjP1tt$N2^Vt$qjjt$t$jjD3^VNP^sV7D$tV9Y^VjjD$F8S^AV8SD$tV8Y^jf7u^@SOeNC|WEAWN8Q8j~fl7u@SeNMN8j j7739]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Fjp_uuuuv^uuuuji?uQeUM?jNT>}Wu3RjW~PFR\3;uNNM3}EPOvEtEv]}+]+}jvSWuuuj{PhPFYMMGGCC~u%j-8YEet3MFvjvSWuuujNPhFF=jhjpPXF,jPjvVv^h?zjvF3@N>U<VqSW3PPPPPvE=u/ueEPv@t%uuuuE}tF(PPut+EPv@FtMQp@33;uuE+E9N t3QjjPE+EPEE+EjjjPE+EP(#PE+EPQQEE+EPE+EPjjjjuEjuuujju}tjWuutjuvFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Fjupu5utW_[^VD$tV<Y^L$`ytAPQUQV>t4Ft
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FLM(uv(V$E(YY_[^D$D$D$5D$E3UUSVEBW}O4_ wEG0M;s+HG,+EE4EE4EEMErEM#M @=4#HMH`H+MtM4#HMM+EMErEM#MHH+-E@^M4#HMHM+E]teMM]E;urM4#]mXE)E+M+_(;s\O,+;rO,+M9Mv$)MMA@MuG(A@Mu]TMA@A@mA@MuA@A@mA@MuH@+MAM]}Mr
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FlsGetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FlsSetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FlushFileBuffers
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
fN9ujY;tN$D9utijY;t3$p9utMj YME;tDMWuPtsE97EM3jf}uEf,ujs\?u3N(]${~DE^<^@INdEEF$jEP^8^`j\u$NdENDE.N(E`M_j\zqDEPeDut7j8iYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ForceRemove
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FP-YV^@RY_|^_][D$jhRP/UEffffMfEEfMfffMfE3fEEPE?PfM\EUS\$3VN8<@;t"WSMtGWiSWP<_^[VW<tPpY&@tPvpY&_^SVWt$DSW~WsFBf\tf/thSW(_^3[U$3SVW}1;X&tPYO;8uth0WV3uE@3fF $(,;X}P+7`Y9X|3PPPPSQPEP7EPEPEP74t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FPM\j]y;YEE;tju3E9^(tFj K;YEE;tjn3MPHxN(S5(E/"Pr]tSu^<tjSt_E!EjhEt1MQSjJPtjuMM[3@MM[37AjiP@FPMe[N(etN t?N$tf0MMJ[@j,&?MKueMvjj5pMMM03@@j,&?MueMjj5pMMM3@G@j,&`?M3PP5pMEaMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FreeEnvironmentStringsA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FreeEnvironmentStringsW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
FreeLibrary
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
From Html Dialog:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
FtEOI@tE$}t,t(uG}Yt9Eu7}EFuuE9]}tEu}tEu3_^[jh@[uu3e@+u+HIuuuYYVuWuGHtWYEE3E9EthlVMh?EPE3=eehHVMh?UVYpxxYMHx^]T$L$ti3D$ur=tEsWr1t+utt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ftf;t+}tMap_^[UV3W95Tu39u};uo\VVVVV`U;tfArfZw fArfZw GGBBMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FtvHFFFHFFtMHFFFHFH;H(FDNF@F;jX_^][FFtNHFFAFFtHFFFHFFtHFFFHFFmHFFFHFHN0j=F(FF`4`#F3@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
function myInjectedOnClickFromAlert()execCommand\")()""about:blank#EBCmd(border:solid 1px #d5d5d5background-color:#FFFFFE;pushNotificationsNotificationsCAlertHTMLDialogBrowserContainer::CallPushNotificationspushHtmlNotificationCAlertHTMLDialogBrowserContainer::CallPushHtmlNotificationcheckboxdefaultValuecheckboxTextnotificationUrlnotificationTypeintervallogoUrlnotificationTitleitemIdfeedIdalertIdinitialNotificationinstantsampleinitialpublisheronLinkNavigationCAlertHTMLDialogBrowserContainer::OnNavigationStoppedbClicked = %sh,!bGotAlertChannelId!pAlert!pAlertItemempty mapParams errorCAlertHTMLDialogBrowserContainer::OnApiOpenSettingsDialoguiParamsCount != 4Error retrieving notification id!ParseParameters!pInstantAlertError finding notificationCAlertHTMLDialogBrowserContainer::OnApiExecCommandfirst navigationStop navigation!about:blankiframe unblockedpWebBrowser == m_pWebBrowserCAlertHTMLDialogBrowserContainer::ShouldStopNavigationinvalid map/set<T> iteratorCAlertHTMLDialogBrowserContainer::OnApiUnblockFrameNavigationuiParamsCount != 2InstantAlert - no need to mark readNotification id: %sInitial notificationCAlertHTMLDialogBrowserContainer::OnApiOnMessageReadCAlertHTMLDialogBrowserContainer::OnApiBlockFrameNavigationuiParamsCount != 3SHOW_ALERTS_FROM_THIS_FEEDDONT_SHOW_ALERTS_FROM_THIS_FEED!GetNotificationIdIs check box checked: %sCAlertHTMLDialogBrowserContainer::OnApiSetCheckboxValuek$,,v=9dxdlF%xmb/O-wl8XPDM%nv0ZohhA/hpYhW1hhhhhhxFhhaffOEx&Mrd7)CAlertHTMLDialogBrowserContainer::PushNotificationsCAlertHTMLDialogBrowserContainer::AddAlertIgnored notificationsetCheckBoxValueonStartDragopenAppunblockFrameNavigationblockFrameNavigationsendUsageopenAboutDialogopenSettingsDialogonMessageReadshowMeonReadyCommunity Alerts ; alertInfoRequestXml=alertLoginRequestXml=alertTranslationRequestXml=alertUsageRequestXml=TQ'M>SmmYms9NotificationsHtmlDialogsAppFromNotificationIdleModeAlertALLP_STR_ID_ALERT_CLOSE_ICON_TOOLTIPALLP_STR_ID_ALERT_POP_UP_WINDOW_OFALLP_STR_ID_ALERT_POP_UP_WINDOW_SETTINGSALLP_STR_ID_ALERT_SETTING_DIALOG_FEEDBACK_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_FAQ_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_PRIVACY_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_ABOUT_ICON_TOOLTIPALLP_STR_ID_ALERT_SETTING_DIALOG_VIEWALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_SHOW_NOTIFICATIONS_FROMALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_TITLEALLP_STR_ID_ALERT_SETTING_DIALOG_SHOW_ICON_IN_SYSTEM_TRAYALLP_STR_ID_NOTIFICATION_SETTING_DIALOG_NOTIFICATIONS_ENABLEDALLP_STR_ID_NOTIFICATION_MAIN_MENU_DISABLE_NOTIFICATIONSALLP_STR_ID_NOTIFICATION_MAIN_MENU_ENABLE_NOTIFICATIONSALLP_STR_ID_ALERT_MAIN_MENU_ABOUTALLP_STR_ID_ALERT_MAIN_MENU_SETTINGSALLP_STR_ID_ALERT_MAIN_MENU_REFRESHThanks for adding our NotificationsNotifications bring our latest news right to your desktop!This is a sample notification.CloseofSettingsYou re about to receive a notification that looks
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fuW;t0+WVPh3f=PSo3ftSWPpcVWPP_ujPXM^3[NU$,T3SVWt$9F;tEt6<YN;x};x}P6Y9x|<PdYY~EPS66NY}t3~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FU}[N,;u"F0V(;tUs+HE+M}uauEWVF4N0EF4E;s+EHEV,+UV,9UuF(;tEs+IM+U}FMeE;vME9EvEuSunvE)EE)E)FtM }peMECMrE%?FwhjPw(W F'mmfKM }eMECMrNEFVmFmF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
fvtvjvvff^/
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
FWE,P^vMM,s{B4jVAEeEEEPE$MMB UV~tWvt<tHWt=EPv<jEPWzuEPWtujv_^D$3A$j<BQT$Q*D$3A(jLBQT$QD$3A,j\BQT$QD$;Aua|3Vjt4PhhHjF?3^UVFt5~|u/EEPEE\F|3^UVEPv@MPMjO^UVuu3}t(A8HtHtHtHuGA\Tq ijq pq q,w}t(A4HtHtHtHuAL&q;jqBqq(IA0Ht=Ht,HtHuA<ePA{'q{jq{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
f}u$E}(u(Eu +EVPE+EPuEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
G-I[k,A8)gMD`*v($8TT1aE%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
G;0u^G;puXCQ;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
g`IoV|f^
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GAIsProcessorFeaturePresent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GDI32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCloneImage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromFileICM
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromStream
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateBitmapFromStreamICM
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateFromHDC
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipCreateImageAttributes
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDeleteGraphics
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDisposeImage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDisposeImageAttributes
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipDrawImageRectRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipGetImageHeight
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipGetImageWidth
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
gdiplus.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdiplusStartup
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GdipSetImageAttributesColorMatrix
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
get response stream failed.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetActiveWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetAsyncKeyState
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetBkColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetBkMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCapture
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClassInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClassNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClientRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetClientRectSetWindowPosInvalidateRectDrawTextW)PtInRectOffsetRectTScreenToClientEClientToScreenGetCursorPospSetCursorLoadCursorAFillRectCallWindowProcWDefWindowProcWGetWindowLongWhCreateWindowExWIsWindowVisibleMoveWindowSetParentEndPaintBeginPaintUGetParentCallWindowProcASetWindowLongAGetWindowRgn6RegisterClassWGetClassInfoWUnhookWindowsHookExCallNextHookExSetWindowsHookExADestroyIconLoadImageWFindWindowExADestroyMenueCreatePopupMenuInsertMenuItemWBGetMenuItemCountTrackPopupMenuySetFocuszSetForegroundWindowUSER32.dll
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GetCommandLineA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetComputerNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleCP
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetConsoleOutputCP
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCPInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentProcessId
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCurrentThreadId
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetCursorPos
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDesktopWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDeviceCaps
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetDlgItem
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetEnvironmentStrings
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetEnvironmentStringsW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetExitCodeThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileAttributesW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileSize
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileType
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileVersionInfoSizeW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetFileVersionInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetIconInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastActivePopup
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastError
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLastInputInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLayout
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLocaleInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLocalTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetLongPathNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMenuItemCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleFileNameA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleFileNameW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleHandleA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetModuleHandleW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetMonitorInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetObjectA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetParent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcAddress
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessHeap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessMemoryInfo
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetProcessWindowStation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetResponseHeader(Content-Type) failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetSecurityDescriptorSacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSidSubAuthority
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSidSubAuthorityCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStartupInfoA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStdHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStockObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStringTypeA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetStringTypeW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSysColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSystemMetrics
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetSystemTimeAsFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTextColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTickCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetTokenInformation
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetUserObjectInformationA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
getValueByKey
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
GetVersionExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowLongA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowLongW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowOrgEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GetWindowTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GGHHHH'H/H7H?HGHOHWH"tzHHHHHHHHHHH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GGhPNhGPGPGGPNGG4PN4uGGDFDP]GPKGG$PN$?GP-GGP"GGHPNHGXWNX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
gkgj^;jY;$P3t tHt4+t$HHtVK?3$*u,k
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GlobalAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GlobalFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GlobalLock
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GlobalUnlock
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
GP@;r6 &Y|_^=uV5|W3u<=tGVsYtujGWYY=t5|SBVqsC>=Yt1jSYYtNVSPt3PPPPPs>u5|b%|'3Y[_^5<%UQMS3VU9Et]EE>"u39E"FE<tBUPFv2Yt}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GQYaiqy"$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Gu_uEjuuuEjPuuuM_^3[pUEet_EtZfuu uuuu ]atAtu uuuuu0u uuuuuwu uuuuun]UjuuuuuuZ]VW36Y(r_^Vhh3Vgt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GUQeVW7uW7txVMHE_^jKYu<ENTENDE>N4E>N$E>NE>MN>j4KMe1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
GWugufZ9~~@]V4kYjt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h K[9]EPMMPE`MM;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$M|3}]PEPEPVuu;u/}/u&EPMw{MSEPEPVuudV?;D$th(t$Q}jD_uMWueMHuEt3]t3E8RQPW ttLj We]u37eh)hx)S_3F|uhp)h`)SC|uthL)h<)S$|uMieEPM.kuMjPh)S|ukuiPh)S|uMtdju[jVMxMEiPMzVMyMiPh(Sb|EMEqMMqEVL$9iL$P/iPt$^UQeVWM3Xv7MEPVtEtHQPuMF!;r3_@^UpjH_M`]|K3;th|PhPh -,Vj{%}|E|Ph)jWh)},;}9tAtjjYPhx,VQ9%E|M;tPQ3M0gjXfE3fE5EPK4E;tiuK4gPME PK8E;thuK8gPM E@PKE;thuKgPM@nhhhK;tigPM@Hhh,h)M0qM0}\AgPMlE-gPMhEhE;tET}TEl;t3u E|uuTuQPR}}tAtjjXjh,M`PMht|Mltp5E@PE PEPEPM0EoE|MtPQs$u`u|ujh+j{C,tPu|tE|u@PQ,}tAtjjXjh++3udE|UdRPEQ(;|9udtK ;tud;pjudMtMEeEPePjhx)E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$O(zPh$w8j?]"ue~8<%?NXENtEEEENtEfTNtf,jPj5Pj5Pf0j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$sBK'A;GIF89a[,o7o9,n&k[P![,[[X>
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h$sBK'A;GIF89aZ6[[WwFI)bX!Z,ZZ<9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h%-$X^jh`C"jIYeuNt/Et9u,HJPDYv;YfE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h(((( H
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
H(H<HRHdHHHHHHI,IGdipFreeGdipAllocGdipDeleteGraphicsdGdipCreateFromHDCGdipCreateImageAttributesGdipDisposeImageAttributeslGdipGetImageWidthGdipGetImageHeightdGdiplusStartupGdipSetImageAttributesColorMatrixGdipDrawImageRectRectGdipDisposeImageGdipCreateBitmapFromFile.GdipCreateBitmapFromFileICMGdipCreateBitmapFromStreamlGdipCreateBitmapFromStreamICMGdipCloneImageO*P$NDT\OTPTHKU$TKVN,W@OW MWNW8NWT$K
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h*YYYYYYYYYYZZ"*9ZAZIZ"*lZtZZ"(+ZZ"d+ZZZZ"+["+1[",T[^["4,[[["h,[[[[","-[\\\%\J\R\]\h\"4-\\\"x-\"-".\\\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h+y?>G1EO(L{xb}}{BhXH(V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
H0L0P0T0X0\0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
h39}uPhlVjc9}t+;~;~PQ4hV;WhuhuW+.;uhI3@hhjc3$j.#hhjbj Metj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h3Pj5(D3@]$jv#Mh`Sjb}uMeEPuuhHSj@bMMXj,YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h4wut#MQPEMEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h=}hu0jPMqMEkVEPEPEMEqMEkMEkMEkMMk3@hthSj3wVt$Wt,~t&VuNPltV(Vy_^jSMaeEPudtMycuEPMMjj0ue6YUQVEPEP^USVWGpEFPuQYYEt6v~-tWSMU}tLGW0MAEPM@t&uSjEPEIH@5MlLuuFPPYYtuSuEMp@_^[j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h[9]EPM[MPE`MfM;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h^jfuN0z3N}#zj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h^VtPvtVc:Y^QUWt3@Euyh5}3qVj-tVeSMQhlrV|}uMQh\rVVP[|}tjuOPuk&33@^_]VNP&^W|$u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hc^UQuEuP*}P=E|$Vu&^t$uhUSVuMEPKu^[]VVjXt$fFu9D$tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hdMMMQEP(u!h<Sj<ME>j YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HeapAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HeapCreate
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HeapDestroy
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HeapReAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hEPMPMPsWsusMMi3q!|$+ut$P3jls uUEN E)6MN=!U<Ww8uSV3;~F9E~9]j8ESP*E9]tEE9]uuEEEEEE;u%9]tEE9]uEPShMw8EPShLw8tE^[_VD$tV_ Y^j3PPjPt$VL$\P^tjVFtNHFtNH|$t^3UHHHAVFt1NWxF;u@Ft$~_ufff^VFt1NWxF;u@Ft$Q~_ufff^T$D$uAAAzuAJHPJtABVj!YtL$``3Pv^VFtK;Fut$;;Fut$0+Wxuxt$N~_ufff^VFW3Ftt$tPpYG~uff_^jUVD$tV6Y^UEjP]UEMh@?UREEMEX#UEVHNPVFtQP^]UVW}HHHIHMESj Zr0;1t|0+t3\ipY+t3\HpY+t3\'pY+t3\3p;qt~pY+t3\pY+t3\pY+t3\pY+t3\3rp;qt~pY+t3\IpY+t3\(p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
heWhheWhheWhheWhheWhoheWhcPheWh|D1heWhh%heWhTheWh@heWh,heWhheWhwheWhkXheWhL9heWh-heWhheWhheWhheWhheWhtheWhds`heWhTTAheWh@5"heWh,heWhheWhheWhheWhheWh{hheWh\IheWh=*heWhheWhheWhheWhlheWhXheWhDpheWh4dQheWh$E2heWh&heWhheWhheWhheWhheWhxheWhlYheWhM:heWh.heWhtheWh`heWhLheWh8heWh(heWhtaheWhUBheWh6#heWhheWhheWhheWhheWhheWh|iheWhx]JheWhd>+heWhTheWh@heWh,heWhheWhheWhqheWheRheWhF3heWh'heWhj [SeWhSeWhSeWhxSeWhhSeWhX~kSeWhHcPSeWh8H5SeWh(-SeWh3@6iUSVW3]~PEPz#M;t9]tSiY3EPEPNu9]uSP~QEP?]!M;t9]t+WhYEPEPNu9]uSP_^[jRwgu3SE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HFM@dF8FHMF*PFhP>jFjPM8MeEP6u2M)PFhPXF@vjLMMU2_VFW3;u3a9|$t<9~<t9xt@vjL=@vWL;t(F<9~<u3@xvjL;t~<_^,SUV5`WS3hPPD$,=UShjUUl$,ShjU3PPPt$ Ul$(D$,PU@D$,;D$4D$~L$4L$,D$4D$8+D$0jY3~ND$D$j]9l$4~.D$D$ D$ Pjht$0;l$4|D$L$uSht$t$4PD$(D$_^][,jihMeNLFLjP3MM[UQVhMjutFLM^VF@tW=jjPvjv@_FtPhfFtPfY^&j0uejdv@F@tPf@MNVW=f0jdv@jev@FtPY_^V~0Wu[|$du=~F,9F,|f,F8F8;F4|v,At!P|$eujv(jdv@_^UVuYtbW};=uu{&uuRu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hh#MEPEMSWM>h@#MEPEMSWM>h$#MuEPEvMSWM>qh#MBEPECMSWM>>h"MEPEMSWM>h"MEPEMSWM>h"MEPEMSWM>h"MvEPEwSWM>vjZue$L"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , eLEEV.D$tVY^#jX3@`#VNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hhhhhhhhhhhh1@X) hhhhhhhhhhhh XJ!hhhhhhhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hhhhhhhhhhhhhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hhhhhhhhhhhhhhhhhhhhhhh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HHtLHt6Hu$
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
hhVvOYVMnh,EP;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM(MMErPMM(aPMSMM9uthhM9uthhM9uthhxEPEw,Pt1uMEyMEmMM(aia0E(ePEePEuuEuSEu3PEPRxjS+`u%3N$}N4EEEE~~~~~ Fh$~t~~Fl~p~D~HFL~P~T~\~`~d:`jTU_uNEt$fNt$fEEEN4EN$EM$_Ah$4D$ADjXf^u3ZtePeejh|M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM8qtPPzPM\E7E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hM;MEPFCM]EMEM]9ME9EjEPeM2ug}|p~MME"ME>WhM0PVM2MEMEMM9$j,=M/eeEP PMEh@ME8MM1tMM8MPMEUMEqEPhM/PVM*uMu|p~uMEMEqj[EPReM0t3MM7}tj2Y}MMEMEWh,M/PVMMEZME@|j}EPeM/tMMQ7YeMMEMEEPh,Mx.PVMEMtuMEMEqj,M@/t3M-ueeEPPME>MEy6MME#ME?EPhHM-PVMjxYuMu|~uMEMEMM5jM^.uEPeMduE|~jx^MVMErVhHM,PWMfME*MEMMN5Xj<qM,ueEP>PME<ME5M-t3MM4MME+MEMEEPhpM,PVMTEMt%uIMEy4ME#q'MEW4MEMj(qM+ueEP>PME;ME4M,t3MM3MMEMEuMhp+PVMME[MEAjM+t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hMHhMHyMhEPPhEPEPMHOME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HMMEMEjejhMEZPVMEMEME{jEP;eM+u2MXEPhMEPMME4MMdnj9EPeMtMM+3@23CM]EPhM]fPMRuMEMM]jtEPFeM6t3FMMM;ME@ME\jejh:MEPVMEMEME{j}PEPeMtMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HPtCt?Wt4>%uN@uNhFP\YYt7F
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HS3f9]HMH(;tIMuH8u;tf9u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Ht`PPPPP3T$t"A8tAQ0jL3jO3}9~@uMM39~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
http://alert.client.conduit.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://alert.services.conduit.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://crl.verisign.com/pca3.crl0)
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.conduit.com/Alertupdate/update.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.eb.com/Alertupdate/tbedrs.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://hosting.eb.com/Alertupdate/update.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://iealert.conduit-download.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://ocsp.verisign.com01
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://ocsp.verisign.com0?
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
http://services.conduit.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.ourtoolbar.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
http://services.eb.com/CommunityRequest.ctp?type=GetCommunity&ct=EB_CTID&CommunityPage=EB_CTID.qatoolbar.com
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
https://www.verisign.com/cps0*
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
https://www.verisign.com/rpa0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
HtwHtRHt0H
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Hu,hhhhQP3@3USVWjue]uZ9}u#3tuP\SuWuSuuutncM;+wxtitPt?t& MQEPLMMeMQuP@P PPuRTSPDNt9-t"MSQMQPSuPHuMQSuPPauPR-(HHHHt[t+-tURSuQPuP$3}QPEPEPR<3}QPuR43}QPuR03}EEPu<MEQPuWuR8T3}EEPu<MEQPuWuR,3}QPuR(uSuuuGE_^[D$VtVi4Y^U(S]W}EPWSxu\Vj(3EVP.>hVEE]}uuuVEEEP|^fu33@_[UVVu0u,u(u$u uuuuuuFu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu,hhhhQP3@3UVEPv<tuEuPt33@^USVu5u3SSEE;W}3+t:It2It*ItItItIu*x%u3GxtxxxUM+tDIt1ItIuREtkE+HQuPE+P2EtPE+HEt@EHEt0EHQWPREjuuuuE3E}rC;"_E^[VWjwD$#t$Vjw_^D$VtVd8Y^USVWju];!Ht|tEat-uDt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu9FtN~tNRuj+P@USVWtwEtlEPEP}+]+ut=EP<EMUj+QM+RPQx_^3[UV~ltREEt&EPv@E+EPG+Yuuuuu:^jTTuK3jX3CP}|~48 $DDD(,0<Rjejh"WWWW@DH&TV|uvtjjvf^]jTSeE,ePu(uu$u uuxCt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Hu@bB;j !YMetj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HU\euVPu}WFHtHu4jFPwYYPvSFPwYYPvSE3@eU}tuSVuV} uuVu ^7uuVGhu@uFuKVu(tVP]UQQVu>Wt?t9t+>MOCt#u$u uuuuV}uuEPEPVu WE;Es[S;7|G;wBGOHtyu*X@u"u$uu juuuuuEE;Er[_^U,MS]C=VWEIIM|;|]ucsm9>~ F;t=!t="~ujVEvYYu9>u&~u F;t=!t="u~u]t|ODu3YuO39~GLhdu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HuB;4V,V$I,tVI0tV/EV]tj^V1N@-@If^UV~<u'~t!attE;(uuu+3^];pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hWjMu9MueMM@EPMEMuME9EPM-EPjhhMEMQMQPjNPEMEuf}uuh<Wj2MEPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hYM3u;tuujJM~hWFXPuujMEPME%lPNHE^MEWM|NP^t@hGYMEtuVh3uPElPMM[VT^Vhhhh^j}uWVgSjMf_u6HPjEP)aeP]MMU'NtHvPhxRtjX;hcRtjhORtjh;RVT
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hZ9]t$EPMMPE#`M]X3FMM!j.MPudMPuX=3;tKhYMu;tVVuVuuuuh3MVPPVD$F^D$VtVY^j@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
hZ9]tXEPMMPEW`M2M;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
HzMeMPxMUT$BJ3w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
h|MTEPM^ThEYEEt EeP[MEPVt3MFELRME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
I;tMHH3;tYHXtf9uIter$fx`u@htURhlrP}eE;G<u;Vuh8hjOLuMQuuuSVP[|}E@t3fEtPQW_^USVW}efxu@tURhlrP}e@3tf8u@tE;F<uSPh8h`j|Ku~Xt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
I\1]^_/_X__]]&^S^|^__Ul$Vu|u3Ge|SWVY;u]|jWVt]|EpPVYYt]|EpPVYYt]|ElPVYYt]|EPVYYt]|EhPVrYYt]|Eh;Eu}lu}ptE|EPVYYt]|EPVuYYt]|EPVYYt]|FM]8;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
IAIAAAAa]U3ESVuF@W6VYt.VYt"VV<YY@$$<VYt.VYt"VV<YY@$$<V|Yt.VpYt"VdV<TYY@t]uEjPEPb:t]39}~0NxL=AD=VPYYtG;}|fE Fx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
id_expiration_timeout_sec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
idEvent: %d ,pSeed: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ieframe.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IEGetWriteableHKCU
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IEIsProtectedModeProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IEIsProtectedModeURL
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
If-None-Match
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
If-None-Match: "
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
iframe unblocked
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Ignored notification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ihMH6MEPhMHVhMEPMEOh`Mu@MxSEP$EPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
IIDFromString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IITI_IjIuIIIIIII
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
iM'Ms=T$BJ3fhMMMMJMJT$BJ3~fDhM}M=MMeMT$BJ3;f\hMWMkT$BJ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
image/gif0!0
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
iMEiMEiudMhtMlRHj<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
incompatible version
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incomplete distance tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incomplete literal/length tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incorrect data check
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
incorrect header check
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
inflate 1.1.3 Copyright 1995-1998 Mark Adler
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InflateRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Info_High
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Initial notification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InitializeCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InitializeCriticalSectionAndSpinCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InitializeSecurityDescriptor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
initialNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InprocServer32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InsertMenuItemW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_FORCE_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INSTANT_ALERT_RESULT_TRY_TO_HANDLE
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
instant_alerts_channel
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InstantAlert - no need to mark read
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InstantAlertIds
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
insufficient memory
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InterlockedDecrement
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InterlockedExchange
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InterlockedIncrement
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternalName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
InternetCanonicalizeUrlA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetCloseHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetCrackUrlW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetOpenUrlW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetOpenW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetReadFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InternetSetOptionW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
INTERVAL_HH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INTERVAL_MM
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
INTERVAL_SEC
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IntervalSec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Introducing a handy new feature
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
invalid bit length repeat
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid block type
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid distance code
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid literal/length code
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid map/set<T> iterator
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid stored block lengths
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid string position
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
invalid window size
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
InvalidateRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
inversePointerPosition
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IPt$=USVuEFW}W4_EG EGEG0;s+HG,+$T=}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Is check box checked: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IsDebuggerPresent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IsFeedModified
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
isLocaleRtl
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
isSupportedFunction
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
IsValidCodePage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IsWindowUnicode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
IsWindowVisible
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ix'@2WuYYuMVuuM~un3YFj^eMptMM9x3A}EPsu3MMxMhtVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
i{7*-Xdvx$"ke
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j R:dCCujvvPWPjj8#3SvWPWPWvS!DSvWPWPhvS $3EtLtL @;rV3)Z wL wL A;rM_3[Rjh`EydGptltwhuj OYj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j,M&%t3Mn#ueeEPPME3ME_,M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j-(utFhNet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j-=mld\cQkkbal0eNbl{WeP|bI-|eLXaMQ:t0AJ=mjiCn4Fg`s-D3_L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j/M}hWdPMythou]h|5tJMME%PEhHPVMPEMu'ME}MM5y3ybMEVMMy3@8tjRTVu3^t+^=@UEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
J012=3.4
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
j2|jj'eYYuuEtuuuuuuYjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j3Mj~YEE;t4EMEEPESj{5(vN,;t(WxN,v,;tiWx_N,;tyv0;tLKCM4WWME(v0;tHMMv0;tJqj/uN0E?=N E3=NE'=M=&`jD/<M3M]G&;tcu;t\P;tQEPMEF5u+SMSwEjPMEMEM]<MMVW|$tYU2HtHtHHuHN0tAWHH9N0tW?;2tHuN,tzN,tw,_^j0 04MeM*MuI"Mt=.tt1jYMEtF3EM[MM4dV5tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
J6`zA`Ugn1yiFafo%6hRwG"/&U;(Z+j\1,[d&cju
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j9[uD$eN?#C
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j@pH$R&B(F!R,\(!a#!<BBGlnT!6$B)/}jBVvj4B#btk4B '*3B32ECA;GIF89a
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j]9l$4~.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
j_VVVVV8}tE`p!9uv9u~E39Ewj"}tU39u3:-,}?-u-s}~FE38EE}u+]hT]SV3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JanFebMarAprMayJunJulAugSepOctNovDec
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
jB3jEZYEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jc3+FPjWvvWAv}~3@_^ytyt33@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jDI%u3;u3J;tptWp0MMQ}PjEWP59h0YEE;tl3ej|VEejVEts4usEjh3VVnj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JE9tFEE^[UWu3uueURPQ$|EtGEMS]V5EMEEjwESESE?MQSWP(juS3^@[_U SVuF+WPF+FPNYYN~vMM3QQQPSuEuUu}Pu}Uuu_^[US3M9u3VWuu}VWuEPuEMEEPu]u]u}uu#u MuVWSSut*EMEEEPuMSSuMMuuuu3_@^[UW3M9}u3SWWjWjhutWSEuSX3VPj;V};tvWMQuPSht[E;EuSVEPjV}$|?9}t:uVhsjuu0EPQSX39>VVSX3^[_US]Vu3EWhx1PSWSPEWSWjPF WuPB=v eEPjv $u*9Et%^ShsjPu0}#EPQ~uv v f 33@_^[]j.NtjjYMet3uMFbuNtjf33@'j.@NtjjAYMet3Mhx1uuFFuNtjf33@V>t3@^Vhtjjhs,|>u3^UVW3;ut;u3KWuPQ}PQ>S3}WURURPQ j|CEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jEPjAVE;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf8N4tjf4N<ENE{MN{j@BM@t!EtEPuytEgF$e8MEPrPv$|B}t<jPYEetv0u3MEtPuR3/jH}u3,juMeEPMMzjN}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf8NlEN<E'NEY5MrXV~u3Wvd=vvN<jPrF_^U(SWyEPZ,]PSxugVj(3EVPhVEEuu]uVEEu+EEP|^fu33@_[VFhF`HNht6Hu&u#vd!Fhv~\uj^^^VN8tt$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf^jyu3(IURPMePMM=3@Dj QZ]~tvNPuNURPeMPM>uNURPEu-NURPMPEEMM3@3V~W|$tNWPhU~tNWP_^jZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jf^VD$F^V~tL$jN^`^UQMSVWue9>s}6M}t'f*uTO;sKM@Psf/u;e3S0Yu(f/u2O;s)M@PAf*uE9>r}t33@_^[``#VNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfE<)NTE0)Md/D$jV=EeFtEFxEF|EPk0E$MM( D$Q0Q4A8D$ApUAu30MQP<tEtM+MEtM+M3@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFhF<jPv`]Yv`jW6@~<)~X~l^~t)ev!EPFpP<YYME9}rF|N;vv%V<W)F\+)F|N~u:~duaF~;s3vNV@;r^WSvPu)~\)~)~~~}FPF\^uT9EtOEGF^EFjP~+WuEvP)~\}}FPF\t4t0}u6~v}u&E$t3jXEtE[^_UV>uf~u`uy}ujjju`u<EPuuu3uEP%Y^]U3ES]VutSujSXff/tf\uBB
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfNt&FPQfNtf^jTueNN$EN4ENDEgN\E[TjSuN\ENDEN4EUN$EINE=M2<Tj,'WS3}ujhT}hD}Eh hh*Phh~hrKPbhVhJ{$u'h0P!h|hphdK4PhXeKD_GTEEEPMlhHEMPWuEPKDEP`MEzh<HMP8W0MEJEKDF9EHeK\MF]EPM]h,EMOPWMSEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFp_^SVvt:FW3;t/pt&UUWWWWWvFUWWWWWp]_^[UVEPtaE+EW=jPE+EPuuvMEMFEt+ptE+EjPE+EPuFup_^SVWv=tt$jvFtptt$Fjp_^[SU-VWv3=tD$0CvFtptD$0Fp3C_^][SU-VWv3=ttt$D$0CvFtptt$D$0Fp3C_^][UVFtZptMSWEPFp@Fpv0SEPWSFWp_[^UT3ESVWEPvEPv@v4WEPSWEPv0M_^33[t:VW=vtvt3@3_^UQEPu#_Mt{EHHVt,Htt$tfuGuuP`:uuPd-W=0jqFtpt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jfPMHt$t${Ih)39~PjYM};tl3v@vDvH]FPl;u3M+nMEnMEnMEnShXME|EPEPE,/YYMEvShM|EPEPE.YYMEvShM|EPEPE.YYMEvt /tE^SM;thI|EhP9|E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jFxL[uv(V$YY[^UQQeVu(jh v(V EujXS]WPEPu$uuhGhFWSu(jE(YE8uEPu$Euu hHhGjuPn(jE(YuE8u;w-uv(V$3Q;uFHM8uF,M't%FM;uFLt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jgHYUVEPxW^]xW_UVxWLEtVY^]UVW}GtGP:t?uN;tQR-YYt3$ttEtttt3@_^]UE=MOCt=csmu+~3]jhC}]ssue;ute~;w|O1uEytshSOteu-Yee}]uuE;utVsL]u~8csmu8xu2H t!t"uxu3A3jhCMt*9csmu"At@tePq?E38EeG
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jhMPEPE YYM]jh8MFhPEPEYYM]uM(MVvMM9j8~39}u3MM}_;E~q;}}}\uMt/uFPMVt;|EEEE;E|;}tMWudEG;|MM3@~j4,}39]u3}OT_E;tM/9]]]uOT;ts9ukh,wYME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jHZ^M}];IQof"t343FPNf\uFVj"Pu+VPEPu}eP-MMhh`$2hh!X$EjPEPqMEEEPMQjuEPE<MEzPMqPMEMEMMjV E`E3@j[eqEP'hh`$8MM~S\$VWV:OP*V"_^[UQeQMEj9[RueNl$^j9["ul$eN#j1M]u;Qf-tf0rf9v3x6j}6j,;ta;t;};t+WQEP]]ePMM#O>PjIEXY3@;tD$D$PY>L$PUQeQMEjXjuMj6EPeM8jh$MMu!GMZ3@ajh$u@GMM*3yL$th$h$UQeyMjth$h$E#3jh[}jYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jI0uEAEAE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jj!V|^jUIut_F(+F +O3GMehWv$MWvvhGWv$MWvvMMV3JVLP3@X\T^D$XD$LUVEPEPT<MD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JJ#J.J9JDJOJZJhJvJ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JJJ"0JJJJJK"&K.K6K>KFKNKVK^KfK"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjjPhOWj_^VW39=u^XuUh|hPjW5N,WWWWWWhPhh;t3@3_^tt$PjiJFDPM!ee~`!+~p|V_tjNyMMeJ=u1xu(Vt$tt$YtVRj^=Wug8u^Vt$tT~uNFuv vvPH4u/HHu%S^UnPvSOtUSP][^_UQ=Vu6u-!EEPuNtGhtuBYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjv^UVu3!EPv<tuEuP^8tD$ 3L$3@jW1]u3EE,uEEEE MEMEM39t0;~1MEM1jLW0},3@EtPR&ELMK1D$S\$VWD$3GF0W~^PxP|WPt$SsFtjP0_^[39u9tV0RRRV8^VL$;uPvjvnYY3;tQ^UVEPq@hVEPuV3@^j<l/jv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jjv_^Vt$Wt-wt t$FV+RV+RPQw_^UVvt1EPv@t uE+EPE+EPuuv^t$T$D$RPVD$tViY^Vt$NT)|$tj^USV3SE9^<tqW.=PuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jlh^jN0\uDENE:MYwUESVF8EWF(v(3WWWWWWhWN 1PhF;u3[E(WWF,EWF0WEPWWWvuPjWWvEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM"N8EPjejh(N8SSjN8jME*M]MM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM4ME}p9}ht9WhxtSWv;t"MQRH;tM)uEpNURP,jhpM ZE9}Xth`9}0thP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM[MEPF;|ME3Fj,&E@3Wh`thtWP);u3@6r9;tMbVM}x~3GMMb" D$D$UlhMpbeE`PMf3CM`]Eux9FM0|M@EpMEdM EXMELNU0REPNU@RPNU#RPujME0M E$MEM@EM0]M`EMMa3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jM]pM4EMDEMEM EF;MTEM]DMMMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jMEujMEijudMh;tMl;tE@PE PEPEPM0E$jE|M;tPQE\Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jME}ME}MMr6j'uelF^VD$tVY^j(uRej5GUDhD(PEPs@u} uP+u+}WVuPEDPuDEjjME-ejhM.jjEPuDM@CDee$tjPM.jjEPuDM@}TtEE0Ps<jE0PsE0+Eu0EE4+E}u8}<+u0+}4E$K4EtFE(jGjTE,-C4ePE=Ta-E@PETPT:E@;E,~E,u@MT$M(;ET|MTE(9ET~E(uTM@M,;E@|M@ETM@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jMGN8EPMQP<;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jMTj)LX;|MPSEP:hPEdME]hdh\dMLTPdM]wMM\Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Job's URL:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Job's URL: Software\Microsoft\Internet Explorer\InternationalAcceptLanguage%00%%%02x
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jptptjptptjpj,'cExW7MVeEPv@EPWEP_N8 (E3t ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JPVS3v6Qf&FP^Tc~>Rn.N`QURq1P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
JS error: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
jS3@xMF0N(SF4ePRhM3Cj]8SENQHhQHXQHPM3F,9]u<w$tVS5(w$MMj4AbWh4/M<dW3h /M])dMEUMPaMEUMPa9}t_;t[9]uMtMj+;uE;MV+uMPuEPhMPEXeME]]M]M}]UQehD/uEVD$tVY^jLbh0Sj39u)9uht0Sjj YYE};tMEP+EPE0MEGUt!M;Uth 0Sj#PEtPpt=jYEEtu3Pj5(EpEPESPMcjePUeMjE8MEESPh/Sj3jGPEPEPEPM}Eu<}Gt*ORPh/SjgGP)MRPMRPhh/SjG3MM;tP@UE9uut^39tFGtMj$>YEEt3MHOHPEx $WwuujhHSjMEMEzZMEnZMMbZljbuNTEoN4EN E$ZMN"VqxRt38Vt$ahaL$DQPaha3@^jcu03CNX]E~PXeMtSEPEPWu9FTt4E^4PWe
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jS^(WS%YPSvYYt>_^[U3EVWKu3E}fjEPujEPM_3^VD$tVY^VN^hjiFPMuenMjiFPMueuMEUQVFPMzu,M^V0D$tV,Y^VD$tVY^V3jt$FF^Vt$3FF^D$Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jsonParams
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
jSYY3@_^[]VND$tV*<Y^VPptCDVPQ\ND$fjhzt$FQP|uP^D$VtFDVP[ND$jhzt$FQPFxuP^
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jt$Gtt$V^ajxM.Ueh |eMYMF$UUQMejhHLEUQMejhpLEUQMejhLEUQMejh zLEjbeM=3ECPM]ME>tMjh|*L]_hMNhHMNMEPMEMtEP^Ojh|KM]EM]EMEEjeEP3CM]&>tMjh|jK]QhMMM/EPMEMMtEPNjh|"KM]]ME,EE3jLeM3ECPM]MEp=tMjh|JhMAMMEPNM]]DMEgEjeM>3ECPM]ME<tMjh|+JhMLMEPMM]]&DMEE!jN:eeMjhIMehELLEjNeeujhIehELhHKj&eEP3FMu;tMjh|IhMKMEPyLMuECEjN3eeu#MehELKEjNeeuMehE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jt$V8_^UVW3EHHtLHt6Hu$L;u3ALEMjVVcP$MjVUPhhMjVBPhLh@VD_^]h8U\uelEj PhYYjEPce}lt'pj P*YYj "pP&h\UQQeEPE #EVu^4+3^j8\[M3M}AMj^WSejS~^;WWjv;ttWEPjh;t_EPEPEPu}}};t=WujvH;t*MM~(hhxj}_MM~3[U$3EVu&3W}9EtMWuPLu3+P=u}uWTWXM_3^;TUl$3EpSVj[h3EVPdEPE}u|VhMQjP W=EPVVjuu`PzuUuVtEEPuVjut+6P6= r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ju]U]UEVFucOIFHlHhN;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ju]USVuME];sTM~EPjSM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juejhTE}xejh|}kxMWWjj;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juMPNljBkuku3EFFFP}lj s7ke9EuIjQMQPEPj3CM]uEPMEuMEPaM]]MEEkjBku3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jUQQ}SVWu`utYEPuEEPpMt#3Fj}uuPX3_^[t{3@3@48tT$8pWYYD$ 3jDX"M>} et*eMQWEPxuM%uEjuMjuMEWMQMQMsQEP\}tMQMQP`u Wuuuuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juuEu]UQS3V;uXj^0SSSSS(9]v39]f@9EwOXj"E"w9]]]tj-XfEwEEu3QuPS]vW0fMFFAMwv;MrM3;MrfWj"Y39fNNEffNfN@@E;r3^[UW}juuuu_]USVuW39}u;u9}u3_^[];t];w?Wj^0WWWWW9}u3fU;u3f}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
juuM]UEt8uPY]U3ES3V;upFj^SSSSS05uWYY;ErUH;u 8t<a|<z, A8u3jpSSjWVQR$M;uE*E9MsEj"^;~Ej3Xr9A=w+;tPY;tME]9]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jV:YY}%=!VY}$MVuuu$GujVuuv]{v&})u$u uSuuuV tT_^[UVuexW^]USVWEMcsm"u ;t&t#;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jW][_^WOxMt3"L$V3Mujt$^_jjcue~08EuNxEFt^j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jX00;u;u3f9t@@f9u@@f9u5SSS+S@PWSSEE;t/PYE;t!SSuPuWSSuuY]]W\t;u;r8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jX;]9]u@E539] SSuuPu;~<w4D?=w;tP[^Y;tti?PjSAWSuujutuPSuESSjEYu39]u@E9]u@Eu|UYu3G;EtSSMQuPuU;tuuuuuu;tV\Ye_^[M3R0UuMPu$Mu uuuuu}tMapU39EvM9t@A;Er]UEV3;uVVVVV;@^]8`Vj^u;}`jPYYPujV5`YYPujX^38P |j^3HWt;tu1 B|_3^v=tU5P>[YUVu8;r"w+Q:NY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jXj}u=WN)MeEPNWURPMMy
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jY+M+MVMMMjY+EMUEMMPU|nj;tEPkwEEP]wEjPLw50jpjp3FMEMM9}tgtE;E~EE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Jy^UW/tS}t}uu7~YE}tG;ErO+ESV4AuuStCC;v^[_]+GD$P@RPzD$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jYEejY1uvM$:uj<+t(<-t$:t<C<<E~<c0<e(jJjy1RM$:T:fUu<9}s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jYVj54LuZSPP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
jY|+3}tC+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
j}}yEPeMtMM&zMMEMEEPhMIPVMEMtuMEpwME]ujxEPeMt3MMowy}tjyY}MMEMEWhMPVM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KEEE;|^[EjlWteMqjMjjsj,h DR}u]eGEvEPYYE EEMe3@EEuuSuWEeoEeu}~OO^eE;FskP;~@;H;FLQVjWeeuEEEE}uEGuYMM>csmuB~u<F= t=!t="u$}u}tvYtuV%YYjhHD3UEH;X8QOH;u<uxt1U3CStA}wzYYSVnzYYGMQPYY}EptH7zYYSV&zYYwEpVt|W9Wu8yYYtaSVyYYtTwWEp_YYPV9yYYt)SVyYYtwyYtjX@EEE3@eF3jhhD7Et]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KEjNeeuMehEJE]jNveeu'MehEJEjN7eeuMehEPJEjHjMe8:tMjh||G=EPM3Fu8PMIMEPJMuEaAEhjHjMe9tMjh|G<uEPL3FhMu~IMEPQJMuE@EjHjMeK9tMjh|FZEP3FMu9tMjh|aFM7PMHMEPIMuEW@E^j&wueEPP3FMu8tMjh|EhMxHMEPKIMuE?EjQMueEPf3CM])8t$3ME?MMJhMGMEP]6PM6PMt]j|pMueEPME7Mu+hxGMEPZ6PMQ6PMME>MMjNeeuMeh$EGEjNeeuMehHEFEVjoeM3C]6tMjh|C]}uMWGhhME6hhM6hhMt6hhMb6hThMP6VhM=6VhM/6VhM!6VhxM6VhpM6hlhdM5h|h\M5M3~`VM4f:t6f.t0f/t*f?t$f\tf*tf<tf>tf|tf"uj_VMS4MF1;|MB5uM4PMDMEPEM]]<ME<EjhjhM8BehM%DMjME3PhM8#MEMM<U3EVuhjPhP5,juh|P~AM3^HjEPs3Mu3tMM_;gM2P0joueEP[ME3t$3ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
keL-~5,jL&RI6{u-uo]|s<UW|?TS-DpA(S=p,="Z,E;MMJVh}T~~66` wCo*=TU(~YrFGNd"[@ v9AlEWm5x.)2wBXKo6s00eeR&.Y)"\0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KERNEL32.DLL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
KERNEL32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
KillTimer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Kju4PPWWWWPsE,tsjjSu,u4Su,h WWu4u$u WWu@uu4u(u4Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
kkkkkkkf/
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
KKKKKKKKKKKKK"|L'L2L:LBLJLRL\LdLlLwL
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
kMEkMEkuduMP}puPEVMX}Xu/}pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
kRYevhE>jJRY}EFluHFlvl JYE3Guj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KS[cks{ "$#&+3(;C*KS,[c.ks0{2468:<>"A19Z"}"("d
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
KuSh,1MZM*"EPMEH&Mujh|(XM]]"EP[Mjh|W]MEREL1L1V0zD$tVY^D$VL1tVY^j~fu~X1xHeh|wSX1rQj[eEPXMMJQTj\dmqIt3@=ejh\1VVM"3MuuFMMhRd]tzt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
K~?`,ZD^0aX(nb:Me!gKqFSx1H1E#7OASA`+#ZhK&h},X (<U%y-y%ww+f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L$t3^jut6}u0M!eEPMuM3!pPhj_XMM3@ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L1$!_^[u]%@]UEV3;uVVVVVhjX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L1PB:}QM<9[B:}OMEO?tEPuEP/E39U}E9UuE9Uu+E=P"=.`E;}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L2uy>u;uM;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L9Pf;sQMf9Yf;sJE}MEH8tEPuEP$QE39U}E9UuE9Uu+E=P"=.`E;}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
L`@3E=}h@5huh=@tPzYhSE0j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LANGUAGE_PACK
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LanguagePack.xml
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LanguagePacks
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LAST_UPDATE_TIME
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastCheckTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastDisplayTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastLoggedOnUser
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastRequestTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastResponseTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LastUpdateTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LCMapStringA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LCMapStringW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LeaveCriticalSection
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LegalCopyright
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LegalTrademarks
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Lhhhhhhhhhf&QO
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
like this.Introducing a handy new featureThe publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.Version: About NotificationsFeedBackFAQPrivacy PolicyAboutViewShow notifications from:Notification SettingsShow icon in system trayNotifications enabledDisable NotificationsEnable NotificationsAbout...Settings...RefreshCommunity NotificationsX>mmmmr`NEmConduitAlertMessageCommunity AlertsAlerts/AlertServices.asmx/AlertLoginAlerts/AlertServices.asmx/GetToolbarAlertsInfoAlerts/AlertServices.asmx/SetAlertUsageRequestConduitFeedsSoftwareDataChannelsRegisteredSourcesSourcesHistoryIgnoreNotificationsDataAppsGuids%22%40@%2B%2F%26%2b%2f_><<&&"'CLSID\LastUpdateTime0IntervalLastCheckTimeUpdateFeedIntervalShowStateLastDisplayTimeDownloadErrorCountIsFeedModifiedINSTANT_ALERTConduit_Alert_Autoupdate_MutexAlert1.dllAlert0.dllAlert.dllConduit Ltd.AutoUpdateLastTimeAutoUpdateIntervalInHoursAutoUpdateServerNamehttp://iealert.conduit-download.comAutoUpdateServerVersionFakeAutoUpdateIntervalAutoUpdateEnabledShowAlertsSendUsageEnabledShowIconInSystemTray\StringFileInfo\%04X%04X\%sFileVersionAlertWindowLastUserCloseTimeShowMessageAfterUserCloseIntervalUpdateAllFeedsLastTimeLogMaxFileSizeLogLevelsStringSampleAlertWasShownFirstTimeMessageDisplayedMessageAppearTimeMaxShowedMessagesDefaultShowIconInSystemTrayFirstTimeStampIntervalFirstTimeStampLoginMessageIntervalInMinutesLoginMessageLastCheckTimeLoginMessageLastUpdateTime}{UserIDLocalesLP_CurrentUILocaleAlerts/AlertServices.asmx/GetAlertTranslationLP_LastCheckTimeLP_LastUpdateTimeLP_ReloadIntervalInHoursShowSampleAlertSampleAlertNameLanguagePack.xmlInstantAlertIdsDialogsmain.htmlAlertReformatURLALERT_HTML_DIALOG_MUTEX_NAME<ALERT_XML><TYPE>%s</TYPE>%s<MESSAGE></MESSAGE></ALERT_XML><PROTOCOL_ID>%s</PROTOCOL_ID>DisableSourcesxrXALPClientsServerNamehttp://alert.client.conduit.comALPServicesServerNamehttp://alert.services.conduit.comCacheIconsLanguagePacksLog.xmlThreadingModelApartment\InprocServer32Conduit Community AlertsPathTitleUrlALERT_CHANNELMESSAGEALERT_INFO1 .Update?aid=FaqAlertsPrivacyFeedback\USER_ALERTS_STATUSDISABLEDENABLEDUSER_IDKEY_IDTRANSLATION_KEYSALERT_TRANSLATION_RQEB m_WM_ALERT_BROADCAST$~lwM@;x}rrx(("zDyxyyusU'r#sALERT_OPTIONS_DIALOG_MUTEX_NAMESysTreeView32?@HB)dBxxemNaGQdc.6fArialTahoma8n'M>XmmmXmLGpPB)dBxxemNaGQdc
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LLLLLLL"LL"0"M&M.M6M>MFMvMM"MM"@Y! "h0MMMMM@#"NN%N-N5NXN`N" N"TN"N"OO"4O"WO"8zO"d"OOOOOOO"P"P-P" RPZP"L "
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LoadCursorA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadImageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadLibraryA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadLibraryW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoadResource
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LocalAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LOCALE_NOT_SUPPORTED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LocalFileTimeToFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LocalFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LockResource
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
LoggerWnd
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LoginMessageIntervalInMinutes
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LoginMessageLastCheckTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LoginMessageLastUpdateTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LogLevelsString
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LogMaxFileSize
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_CurrentUILocale
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_LastCheckTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_LastUpdateTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
LP_ReloadIntervalInHours
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
lPhtM`MPESVEPPM<E9Ph`M`sMPEM|E`P9pEMEM EMEzM@EnM0]cM`EWMM_]UMtMtMj"M{MPrPhu03@]j@eM43CM]lEuMjh|]MQE0gjhMlVMEoM[MEPVE@!MPMMPMEDM]9F;|MEPMEMEPgM]]MEEj,_ejuM3CM]EtMjh|]M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ltuut3@uuj5hp]VDPv(hE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
LxM|T$BJ3vl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M Ep\MPEd\M0EX\M@EL\ME@\ME4\M]Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M!^UQVuWEPVo}YYuEPV\YYMuEPVDYYMuEPV,YYuMU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M!_^Ujju tuYME;sMSWWYuMjX9EVEMM;wEu+uE+;wjVuuRujWSu>GH<Pu|Ku|u|t}E}uE9Eq^SEY_[T$L$VqAAN?qA^UXSW}3];ujXGGVSP7tu*EP7YYtM}PKtEEP7YYtuEP7lYYtuEP7XYYtuEP7DYYtuEP7tYYtuEPuEP7TtuEP7?YYtuEP7+YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuEP7YYtuuu9]E;t;;us]v}v7jSPytM+}uu`}tZu] ;s}tju7u!EMv} v7jSutME+EE}uz]$tXuM(;suMtjP7UtMv}(v7juStM}u}tjYuEtME^_[Vt$W3;ujX*F$WWWWWFWFxPF(PV~3$;N_^Vt$W3;ujXF9~ujF@;FtNPNLVHWWWWWFWFxPF(PL.NV3$;N_^UQESVuW38E8E8FFxWP63:tfEP6yYYt}PKtj[EP6YYtEP6YYtEP6YYt;uF49Eu;ttj[EP6YYtEP6YYt;uE;F<tEuj[EP6YYt;uE;F@tEuj[EP6YYt;uE;FDtEuj[EP6(}YYtu;~Htj[E8EP6YYtFxMD8EMM_^[SUW|$33;ujXMVw|;ujX?9^\uFP;FTtj];tPoY9^@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M'S9;Z>&XBK\$:[.=\-Q(2/R*<6)GA%"TE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M)MbT$BJ3@TaM{)M7T$BJ36MP)EeM8)M/)T$BJ3M)M)MM(T$BJ30MM(MM(T$BJ3[t|M(MDMJT$BJ3(IM(c(M8[(MS(MM-M8;(T$BJ3Mn-T$BJ30MMM'M3-M'uYT$BJ3mTM'M'MNM'MLT$BJ3*KMe'M ]'M,MXMLM3M85'ulnYM8#'T$BJ3M'M&M&MM&T$BJ3`M&EeM&M&MJMPT$BJ3.OMi&MMT$BJ3T$BJ3<M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M.Mb,T$BJ3%M?,T$BJ33M,M,M+MMT$BJ3M+MzMT$BJ3^@EeM+T$BJ3*lKMe+MMT$BJ3M2+M*+M"+MT$BJ3MM*M*M*M*M*T$BJ3qM*MhM*EeM*T$BJ3%FM`*MMP*T$BJ3M-*MM*M*T$BJ3MT$BJ30M)EeM)Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M0Eu#MM@3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m0uuuuVh;}u;"SSSSS&^[]UQQEVuEEWVEY;uJuMQuP`E;uPtPYD0 EU_^jh@FfHuuEu r3;|;r!c8IWWWWW%L1u&"8WWWWW%[PY}D0tuuuuEU8MMEEUGu YUEVW|Y;sQ<<u5=S]utHtHuSjSjSj3[ _^]UMS3;VW|[;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M13$jjZPMMfrVWjt$V{FVt$mu_^D$pt$@UT3EVj[3jNPfEEP{uEj(PujEPuM3^kUT3EVj3jNPfEEPs{uEj(Puum jEPM3^jj71pueN uEYpVVD$tVpY^j/7ou~E3Pv StjCP;rEaM'PpV8D$tVlpY^jBOouu3uEFFFojBou3EFFFEPoVjKt$t$;^Vj.t$t$^jBnu)3FFFEEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M33E+]HtHtDM;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m3@m*MMl3j@"v)MleVEPMMEjEPMEMEMEMMl3)j@"(MPleVEPMMEjEPMEFME}MEqMMl3m)j@"(MkeVEPMMEjEPMEMEMEMMk3(j"(E-tMHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m3Pj5(v030(U(VW}t:j(EjP2EPjh>E}tE_^j`A#J'EPv@33;tEEhv]E]PEMjhHM]~EPEPEiYYM]3GWEePvhuP`Wj6ShShShEPEPEME+EWEEMPjX+EE;tdMM3GhvPEMSjhME9EPEPEwhYYME>WEePvhuP`WjShGSh\ShqEPEPEME+EWEEMPjX+EE;t!MM]hvPEMjhpMEEPEPE9gYYMEWEePEvhuP`W}jShShSh3EPEPMEEE+EWEEPljX+EE;tMMhvPEMjhMEEPEPEeYYMEWEePvhuP`W?jwShShShEPEPJMEEE+EWEEP.jX+EE;tMMEMP++MQ."jH|#!WvPE|jejSSvWuP`M=ejhXM&EPEPEddYYME+URPPjlWPMMWvPEjejSvWuP`MjhMEjEPEPEcYYMEoURPPjlWPMM5?!j.Z j4hYM3E;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M4WVM}/M\tWWEPuMFMMaT<L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M9hMQMQMVVP$Pj(uWx_t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M;b#}V>dyt[q~Dwlw+k@hhhhhhhhhhhhhhhhhhhhhhhZ6hhhhhhhhhh\b8KH]Nhhhhhh F3,-'8]hhhhhhW+^S:I>g(VhhhhhhB?+#9]<`chhhhhGD?<4_.hhhhh f5aU
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M;tjEPEPouEDP]u}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M;tjEPEPu;tjP;tj;tjEbES|E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M;tjEPEP}uEPP]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M=M$Et-FPjEPMEPMEMEEPMMuMTPtCMA+HPFVEPMPMEFMEM]:M]MEUV3999&SWEPv@EPEP$]+]}+}jS
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m?6grWJz+{8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\;E\PMhM87hHPt}PM\EHE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\CE\PMhPM8?pt3ETSxh@sMLELPh|t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\M\PMhpM8tPXP~zPM\E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\uE\PMhhP|PM\EaE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M\W$M\ZPMh M8NtNxPyPM\ExE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M^MVMNMFM>M6T$BJ3n3npMT$BJ3nhpMMMMMM2T$BJ3]n~pMMT$BJ32n$SpM[vMeutYutYT$B|3mhpM'M, M@MP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M_^3[+USVu3W};u;vE;t3E;tvMj^SSSSS0VuMSE9XfEf;v6;t;vWSV#L*L8]tMap_^[;t2;w,Lj"^SSSSS038]yE`pmE;t8]%E`pMQSWVjMQS]p;t9]^M;tPzD;g;_WSVLOUjuuuu|]3PPjPjh@hqdV5XttP|ttP^3t@tttt t#Vt#t;t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
m_iLastMouseDownTime: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
m_pXmlDoc->load() return HRESULT 0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
m_pXmlDoc->save() returned HRESULT = 0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
M`M$MMMT$BJ3imoMMMMMT$BJ3&m3m:oM TMLT$BJ3lToM&MM$M4MDT$BJ3lxnM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
main.html
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
main_link
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
map/set<T> too long
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MAX_SHOWED_MESSAGES
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MaxShowedMessages
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MDERMERMERM ERMERM`ES"MM'3@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MdM6T$B<3hMT$BJ3MT$BJ30MM9MT$BJ3\l}M;MMT$BJ3)JMdMMMT$B|3MT$BJ3MT$BJ3DT$BJ3M[MM$T$BJ3NoMw[M~T$BJ3 AuYMQT$BJ3@M.M&T$BJ3tMMMT$BJ3M2SMM#MkT$BJ3WxuYuYT$BJ3((IuYuYMT$BJ3dM,M!M T$BJ3MMM?T$BJ3MduYT$BJ3XyMQMT$BJ3*DKMe"M]"MMMT$BJ3MrT$BJ3MT$BJ3MMMT$BJ3gMMMM M0M0zM@rT$BJ3@5MOMGMEeM'T$BJ3MT$BJ3MMMtMEeMT$BJ3QrMMT$BJ3&hGMaMYMT$BJ3MM&T$BJ3MEeM|>MMT$Bx3nhDjj\PT$BX3/3"XCM]MMMEeM5T$BJ3MEeMMMMT$BJ3MMT$BJ3WxM6MMMzMrT$B|3@2MLMDM<M4M,MdM\M0MLM T$BJ3MMMQMMM}MT$BJ3StMMM~MvMnT$BJ3\1MKMMTM 3M+MD#M4MT$BJ3~MMMM4MMT$BJ3j~MIMTM<MMM,}T$BJ3~`@T$BJ3~%M5T$BJ3}EeMMT$BJ3}HMM T$BJ3w}|MMT$BJ3I}jEeMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME LMuLVhMRVhME"REPEPSE#ME"LMuLVhMQRVhME$<REPEPSE%qME$@LMu5LVh`MRVE&h(MQEPEPSE'#ME&KMuKVhMQVhME(QEPEPSE)ME(KMuKVhXMgQVh8ME*RQEPEPSE+ME*VKMuKKVhMQVhME,QEPE-EPS9ME,KMuJVhMPVhME.PEPEPSE/ME.JMuJVhM}PVh`ME0hPEPEPSE1ME0lJMuaJVhM/PVhME2PEPEPSE3OE2MJMuJVhMOVhME4OEPEPSE5ME4IMuIVh8MOVhHME6~OEPEPSE7ME6IMuwIVhMEOVhME80OEPEPSE9eME84IMu)IVhpMNVhME:NEPEPSE;ME:HMuHVhMNVh`ME<NEPEPSE=ME<HMuHVhM[NVhME>FNEPEPSE?{ME>JHMu?HIj.b>u jkYMet3VW28*G_^tt$t$L$h|It3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME#ME"ME"MEMM3@j439]tK9]tFjuM(EPEP]0MEt!M]|"MMp"3xMjuME)(MEtME1"MEMMEjEePQ+METPWMEMEME!MEpM]!MM!.jPeEP83CM]3MEOMME!EPMEPWMjMeE~xuM!t\EPM`*EdPMm)jeu:*ME=PWMEqucME EE;E|Mjh|{&]ME%ME:M]=MEm EtMV)M]EJ UQMejh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME&EPhlMPVMtuk<<u|N~uMEMEMMnjmuEPeeMXME]MEyEPh$MPVM2u!EuME$ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME/uMjh|X]uhMuMPhMuMPhMEPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME0hlMI-uh`M'-tuEuuPhM-t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ME4R<VD$tVXY^j@;VhMWeVhMW]EPEPSEMEQMuQVhMWVhXMEjWEPEPSEMEnQMucQVhpM1WVhMEWEPEPSEQME QMuQVh\MVVhMEVEPEPSEMEPMuPVh0MVVhPMEVEPEPSEMEPMuyPVhMGVVhME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEePgMMEMEME@MEM]Mu3@1ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MeEPMMEEPMMEheMEFEPME7nEPMEPMPM<Tju5hMEvME.FMEeMERMMF3@0hHSj`MM%h Sjx`3"j4!hWjK`jhXMu ]ueSuEPNPutf;ush<Wj_MM!Vhhj_v(tjh5(v(3@^j>e M~u3Mu"M;uM-3!_;uMM>ME~2EPVMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEFUMt2}u tutBe>< t<uFN>}tEE3C3FA>\t>"u&u}tF8"u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEIMM IVD$tVY^jGuN<!@eN@N$E@N4E?NDE?j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEjEPjEP4hu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEM]MM3Uhj,Y6M3M]qM;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEME%EPh,M#PVMuMEMEMM+UljHEHP3MH]P$t#MMH+3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEMEj,=eEP3CM]ptMjh| ]MMEiMEnMEEPhxMPVMqMujh|P EP#M]EMEM]CME7E>jWEPeMuTMMEMEuMh;PVMHMEMEiMMjEPeMt3MMltMMEME*EPhMPVMu!EuMEMEj.EPweMgt3FMMMlMEqMEEPhMPVM=uEuME4MEjEPeMuTMMEMEuMhqPVM~MEMEMMjEPIeM9t3FMMM>MECME_EPhMPVMuEuMEMEj_EPeMuTMMEMEuMhCPVMPMEMEqMMjEPeMt3FMMs{MMEME1EPhM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEMEuMhC$PVMPMEMEo
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEME|j,"xeEPg3CM]UtMjh]MMENMESMEoEPh@MPVMVMtEPjh*M]EMEM](MEE#xj<wEPeMut3MMwMyME~MEuMh@PVMMENME4Ul$3jvE3Pu0;uthEVPjhEPEP4;tKjEPMu|Vh|MVhxMEP0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
mEMuW4VWVW49W0t$MO MOMNM+^Phj=PPQQ|RRSTTwTU,SVuV4W}GEF EFEF0U;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEOMuOVhMUVhMEUEPEPSEMEOMuOVhM]UVhPMEHUEPEPSE}MELOMuAOVhMUVhMETEPEEPS/MENMuNVhxMTVhMETEPEPSEMENMuNVhDMsTVhME^TEPEPSEMEbNMuWNVh8M%TVhMETEPEPSEEMENMuNVh,MSVhHMESEPEPSEMEMMuMVhMSVhMEtSEPEPSEMExMMumMVhM;SVhpME&SEPEPSE[ME*MMuMVhMRVhME REPEPSE!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEPEPEPE|;nM^MEPMJjh(7M2pVA
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MEPVM]EM]MEEVt$t[~tUNP uNt3@7NPltL$V;Nt$Pt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Message not found. Message type: %d, Message Id: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MESSAGE_SHOW_TIME_SS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MessageAppearTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MessageBoxA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
METMP]MM3@yjQxM PEPuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Mf1uj0j1V@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MH#PhPM]MxEP/MEMEMHEMEsMEgME[MEOM EC<E"M0])MXuMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MhSj!}uMdeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Microsoft Visual C++ Runtime Library
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Mj2rMM([|jH^]u]urttjq3V'}f'}fVEP>zeM*WkS]eYYEtWYveE}}E3D=Pu'YYv;s}Gr}uE]+}Eu}jEP;Put}]}]E\3E}EWPYYtWh|'EjP1]EEPuuV1EPE]FuWYM3;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MkjWMulMEltVVEPuM/~MMJk/<tT$39UQVWtM}|@9E};ueDt)puEPV@tEu3_^j$i"p.eMjujEEjPD9hEPM^PMSPu]}jEm2PM-PM"PuE;E|EuuMM.USVWjEjP8hjj=PuEuEj[FF+AN+;~%FPQRPQuF+uuu_^[UVMSW%3E~mMSBtZx"uL!EEPW@t5EEEPjhtuEuPuC;]|3_[^EtEUEVt0EEPjhtjEP^V
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ML2MT$BJ3M!2M2MMT$BJ3tM1M1MMT$BJ3pM1M1MQMWT$BJ35VMp1MM$T$BJ38#M=1M51MMT$BJ3|MH1MP6MlMdM(0M0M(6MM0M80T$BJ3\}M0EeM0Mv0M$M*M^0T$BJ3!M;0M30MM#0MT$BJ3hM/MMT$BJ3M/M/MkMqT$BJ3OpM@MFMz/Mr/Mj/T$BJ34-MG/M?/MM//MM/T$BJ3M.MMM:4M.M.EeM.T$BJ3]~M.EeM.Mw.T$BJ3H:MT.EeM<.M3.MMT$BJ3lM.MMT$BJ3MT$BJ3oM-M-M^MHT$BJ34@UMo-Mg-EeMO-M2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM.-T$BJ3dM-M-M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM3@DME3 MEMEfM]MMp3Bj!AMzE3P];tFMu:SMtSuESPMEtM]oMME3@MM43<BUljdQAMHj3hMX]jhMEEXPEPEHPEsMEMX];u#MMH3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM3hhHu63MEMEMEMMxVjEPMMPE MEjFVEPMMPEME_3Fsj&feEP3FMutMjh|h$MMEPYMuEEfj&feEPx3FMuFtMjh|*M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMa3@V0t30W|$t$tWIthhj&3_^WWt.:tWu3@j<uhLMKE$3P]MM3SGWM>Ch<MKEP}MMSWM>Ch MKEPEMMSWM>ChM]KEPE^MMSWM>YChM*KEPE+MMSWM>&ChMJEPELMSWM>BhMJEPELMSWM>BhhMJEPELMSWM>BhXM^JEPE_LMSWM>ZBhM+JEPE,LMSWM>'BhMIEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMHPnjimuEPYeMt3MMnMMEMEuMh2PVM?MExME^jluEPeMt3MMpxmMMEME,uMhPVMMEMEj9luEP)eMot3MMlMsMExMEuMhPVMMEHME.jkEPMePMMHMt3Mh3@2ljNKkeeuMehEdEkjkEPMe&PM/M\MEaME}uMuPVMqME3MEMMW_kjxjEPMePMMMEMEuMuYPVMMEMEMMjjiEPMePMM4ME9MEUMPVMMEMEMM5=jjViEPeMMEMEuMKPVMMEMEwMMijhjj4tt$t$t$Pj8hEPMehM/uM(MEEPMNEPEb}EtVMuJMEPME\PMSPMuuuh8MEMEMEMMhjDgM@eEPEPME~ME7EPMEPMPMMu7E%MEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMMMLT$BJ3M{T$BJ3y4MXuYT$BJ3Lhmu YM!MuLM$mLMeLM4]LMDULMDMLMDELMT"T$BJ3M-#MLMMLMKT$BJ3M{,8+M T$B(3cdMBM&T$BJ38YMsKxM`KMXKMPKMHKuYT$Bt3uYYMT$BJ3(MJMMX!M\JMJMJM JuTYuTYMJM8J8JJXvJkJx`JUJhJJH?J(4J)JM!JMJT$B3LM<T)u!YT$B83}@M#T$BJ3Zl{MWM1T$BJ3/PMgIT$BJ3*MWT$BJ3MWMIMIM,IM<HMPHM`HMp\MHMHMNMHMHMHMrHMdHM,VHT$BJ3M3HM+HM#HMHT$BJ3MGMGMGMGT$BJ3,MGMGMGMGMGMGT$BJ37PXMrGMjGMbGMZGMRGT$BJ3M/GM$GM$GM4GMDYLT$BJ3EeMFMFMFMFMFT$BJ3Q<rMFMFT$BJ3&GMaFMYFMQFMIFMAFM9F|.FT$Bx3MFMFMEMET$BJ38M%{T$BJ3oduYT$BJ3JkMNT$BJ3'HMqT$BJ3%MuxYunYudYT$BJ3,Muu7Yu-YT$BJ3hMT$BJ3fMEMDMRT$BJ33TM$-MD"MuYT$BJ3$MIMMDuTYT$BJ3hMMCMCT$BJ3MCuYT$BJ3StMCT$BJ30QM~McCM[CMSCMKQMT$BJ3(M$MDT$BJ3MMBu YMyT$BJ3wMVMsMBMBMVuYuYT$BJ3 AMnMSBEeM;BEeM"BT$BJ3MMMAMAuYT$BJ3~uYuYT$BJ3OpM.u,YMM0pAMPhAM@`AulYT$BJ3$MT$BJ3MAuIYT$BJ3M@M@MwMM@T$BJ3eMM@T$BJ3:<[MM`m@M0e@M@]@MU@M M@ME@p(MP2@MP*@MP"@MP@T$Bl3`MEeM?M?M?M?T$BJ3eM?EeM?MMw?T$BJ3P:MT?T$BJ3|M1?MT$BJ3uGYu=YM>T$BJ3MX>M>M0><M >M>M>M>M>MH>M|>Mt>Ml>Md>M\>T$B83M]uoYM$>MrCMhM>T$BJ3MM=M/CM%M=T$BJ3kM=M4=M=MD=M=M ~=MMn=Mf=M^=upYT$BJ3LM1=M)=T$BJ3M\BMRM<T$BJ3uuYYT$BJ3otuupYYT$BJ3FgM<My<Mq<Mi<uYuYT$BJ3M2<M*<M"<M<M<|]AT$Bx3LM"T$BJ3M"T$BJ3`MT$BJ3=<^uu>YYT$BJ35MO;T$BJ3M,;MMT$BJ3MtT$BJ30M:M:M:MbT$BJ3`tM:M:M:M:M?T$BJ3>MMMyMMT$BJ3M^M,MMT$BJ3uPuYM9M9uYT$BJ36WMaMYMQMIMAM9M1M)M!MMMMT$BJ3M8MM8T$BJ33s\M8M!T$BJ3HiMT$BJ3%FMMX8MT$BJ3M-8ufYT$BJ3,MM7u1YT$BJ3hMoM7M7M7M7T$BJ3MnuYM"Mv7uYT$BJ3/MVT$BJ3$M0M7MM7uAYT$BJ3HM6M6M6M6M6M6M6M6M6M6M6M6M{6Ms6Mk6Mc6M[6MS6MK6MC6M;6M36M+6M#6M6M6M6M6M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M{5Ms5Mk5Mc5M[5MS5MK5MC5M;5M35M+5M#5M5M5M5M5M4M4M4M4T$BJ3MBT$BJ3bMaM4EeM}4M8T$BJ37MQ4EeM94MT$BJ3@MM4EeM3T$BJ3|M3EeM3T$BJ3RsMQM3T$BJ3'HM&MZ3T$BJ3M73EeM3M3T$BJ3TM2M2MMT$BJ3}M2EeM2M2MEMKT$BJ3)JMd2M\2M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMMMMMMMMMMMwT$BJ3l:nMQMFM$;M40MH%MXMhMxMMMMMMM^T$BJ3JkPkmMMwM$lM4aMHVMXKMh@Mx5M'MMMMT$BJ3jlMMM$M4MHMXMhMx|MnM`MRMDM6M(T$BJ3ixkMMM$M4MDMTT$BJ3mikMMMMMMMxMpEeMXT$BJ3h`kM4M,M $MMMMup=oYM@M0MMMT$BJ3thjM tMMMMuxnYM0rMjd_MWMOMDGM?M7T$B`3gXiMMhMT$BJ3giMMT$BJ3xg@i\MMMMMT$BJ3*g\3gd>iMKM(T$BJ3f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMoEPhXMEu-tEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMqMqT$BJ3L9NMT$BJ3tL:NMM,rT$BJ3FLP:gNM7T$BJ3#L|:DNM^MT$BJ3K:NM"M,(MDPlM`"gMtHrMMT$BJ3K:MMElT$BJ3pK8;MMM,MDkM`fMtqMqT$BJ3K\;4MMlT$BJ3J;MMT$BJ3J;LMjM/T$BJ3J(<LMMMT$BJ3lJd<LEeMMT$BJ30J<QLM^M$]T$BJ3I< LM:M2ukPYT$BJ3I=KEeMMT$BJ3I<=KMM$T$BJ3]Ip=~KMMT$BJ32I=SKMmT$BJ3I=0KMWdM2T$BJ3H>JuZOYT$BJ3H0>JMcMT$BJ3Hd>JMa(T$BJ3hH>JMT$BJ3EH>fJMT$BJ3"H>CJMkM _cT$BJ3G?JT$BJ3GCIhbYh@QYh@Yh/Ym|huHYhuHYhYh@YhYhYhY<h@YDhY8h{Y@hjYLh@YYThHYHh7YPh&Y`h@YhhY\hYdhYh@YhYhYhYPh@YXh|YLhkYThZYh@IYh8Yh'YhYh@YhYhYjh|ThuWFYhYh@Y4hYhY0:ehuEYhuEYhuEYh9Yxh@(YhYthY|hYphYh@YhYhYhYh@Yh~YhmYh\Yh@KYh:Yh)YhYh@YhYhYhYh@YhYhYhYDh@YLhnY@h]YHhhLYPh;Yh@*YhYhYhYh@YhYhYhYh@YhYhYhoY$h@^Y,hMY h<Y(h+Yth@Y|hYphYxLhusBYhYahuLBYhYh@YhYhwYhfYh@UYhDYh3Yh,jhuAYhjhuAYh(Y(hTY,j0ihuTAYjh|4hv7AYjh|hvAYtA`hvAYjhh$v@Yh8EYjh`h.v@Y|xjh2h8v@Yh83YhhhBvP@Yjh,R0hLv3@Ys*S_l8{!_%ee0et^`d\\EeTdpddddde*e>eLe^ereeeefe8deeeW[[["[@[V[l[[V,ddddccccccccctcbcPcDc:cVVVVVVxVfVZVPVDV0V$VVVUUU(U<ULUbUvUUUUUUUTTTbc,c]]bbbbbbrb`bNb>b]].bbbbaa]]]^^aaaaaraZa@a.aaa````````z`n```T`B`2`$``_______~_j_R_@_(___^^^^^^^^^8^J^^^r^[[[][\\.\:\H\V\l\\\\\\\\\](]@]X]p]^:W$fW8fWW*ZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMT$BJ3DoeqEeMoMf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MMT$BJ3S2UM}@tT$B<3bS2UMT$BJ3?S2`UMKtM6M8MbuYYM}MHuYYuwYYT$BJ3R3TMs^MMT$BJ3R3TuYYMC8T$BJ3jR3TMMMT$BJ37R4XTuXYMhM`uXYMNM7uXYT$BJ3Q(4SMM M0T$BJ3Q4SMMxT$BJ3tQ4SMuWYT$BJ3GQ5hSMMMxlT$BJ3Q@5/SMIMAM9T$BJ3P3P|5RMMEeMT$BJ3P5RMXT$BJ3gP5R|X$XMMT$B 3#P(6DRM0[T$BJ3OT6RM8MM(T$BJ3O6QMgMM<rMljMT$BJ3~O6QMMM<erMljT$BJ3:O 7[QM,T$BJ3OL78QM3M,T$BJ3N3N7QMMTMT$BJ3N7PM<M,u(UYT$BJ3nN7PMMT$BJ3CN,8dPM~T$BJ3 NX8APMXT$BJ3M8PM2M'T$BJ3M8OMM4MPM`T$BJ3M8OMMMMMMMMIT$B|3$M 9EOMM4MPFM`;Mp+tT$BJ3L9NM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM|FjPuDWM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MM}MEMEMEw]CEMthss] EPEPM1%FPPM MPM!EPM MPM!MEPME;uTPMMEMEMEMEMEMM{hh!M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MNA0uI4uAxA4u@|UQA4eMujh|$PEVUD$tVY^V@D$tVY^j*Q~u@23WN,]LWNhEWE/WEWEwWPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MN{j,&M0ueuMukMqt?uFMMk3j,&Mu3Mue%;uFMM(Mb#;M6j-^Me3Fuu5teEh0hjj4AbMu3;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MoMEtMEjuMPVM_MEIME/3FjtEPeMt3FMM@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MonitorFromRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MoveFileExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MoveFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MoveWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MPSUS#s3Qc#CP[TC{;Rk+KPWS3w7Qg'GP_Tc?Ro/O`PTsRp0P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MPSUS#s3Qc#CP[TC{;Rk+KPWS3w7Qg'GP_Tc?Ro/OPWS[QYUA]@PXT!\ RZV`PWS[QYUa]`PXT1\0R
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MpT$BJ3pLsMMMMT$BJ3p3prMMEeMMMT$BJ3CpdrMH~EXeXMlfM]M`MM0EM=M5M -T$BJ3oqMMMMMMT$BJ3o3wolqM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQ3EMEoF;|MSWuE~t3~4>F;Y|WHYxE@MME#>j1<=MeEPSu3MM=EePMEvMmv3@tFVWj=iY+3;_^UTjD <MTM@8ej|VM0 3jChM]MTE0PEPE@PEM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQh3Pj5(DMM3@h Sja3}#jh"Mh(Sja}uM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQjPjNPEMEEPVL$uu6L$hu$L$jhxut3@3^jXMu3M];tVWu;tNuCjhM'SNPSUREPM],SSuNPP;uMMj"Y'u3;tm]M]MQVEP8;M|9uhMTuhMCuM]uD$V&tVhP^UQQQuMLMEMHjUYY39]SjEPNP];uMzEE;tUR]PQ;|^9]tYEEEEEPu;t<]EURuEuP;|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQjuEEEPjShm4]EDteMQj}]_^[M~T$BJ3u`wYMP,QMd$QMMPQMdQM@QM0PMdPMMPMdPM PMPT$BJ3nMPMPM$PM4PT$BJ3'HMbPMZPMRPMJPMBPM:PT$BJ3MPMT$BJ3MOMOMOMOMOuYT$BJ3^<M=T$BJ3;\MT$BJ36MTMM@OM8OT$BJ3M"M'M8'MXGTMp<TT$BJ3MNMNMNMNuYT$BJ3CdT$BJ3(XIT$BJ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQju|9^t,9^t'G<8PEuM9Hu;x4u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MQL3VjF5(DMEMEMEMM3@ojxMh Sj;}euZM@~eM4~ME(~ME~MEP0E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MS Shell Dlg
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
mscoree.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MsgWaitForMultipleObjects
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MSPMPVMUMuYuMhHPVMySuME$MEfM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT$BJ3M,MT$BJ3jM,MaT$BJ3?H`Mz,M(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT$EM4EMEM$Ej,&{M]v,eM#t)vMF(8jjMjj{YF,MM'{j,&z}uvvMeM/tvMAjjMjh'vvMM{jH2zMj53M]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MT39}lPuh;E9~<NP NEXE0;u}\9}XtE\NPlEh9}\u;uMTVMM4}MEMDEN3CE9}\u9}htupPP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MTEMdc4EDe\PE\SMdF;tEDe\P\VMdEEDe\P\WMdEEPM;PMDE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEP$u}~jP}tjs8~jP}tjKX3Kp3_^[UVWE~P$EPEPy$t%8EP$PREPEPT$u_^UVWE~P,$EPEP%$t uaEPEP$u_^VWy{ VtH4tVNy3_@^j4=gMe~X|eEv1u$tSMQtSNp1EE;ErMMt3@ApVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEPuN$E{MN1Ry5j|Q4MMuy!EEPutEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MtjEPEPWuNXyNxEYMj 8Mh|ZNXM+~$bQu4WNVt'uMQMeP=`MMXM"QtL~Tu~4jFTNttWeEPuN4Vt}tuM_MMP@Bj$#[Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MultiByteToWideChar
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
MUMQHT$BJ3q|sMT$BJ3|qsMT$BJ3YqzsEeMyMpMhM`T$BJ3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MuuE9]rRFuL@uFDE+E;Ew1A@u}uFu%#QR@$#At3_^[U$@HMMSXVW3}}}M}E};EM4+E;Ev3M;tQPF)YYuFuuEEFEM;tQP)YYuF)Y;EuxE+E;Ewd}tgG@u}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MuUSf/tC]EURPEQ@E;tM;t3QPEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Mvu;r3@jQMEPeh($Mu3MM3FUQMejh4$EL$h4$jj9[ueND$Jr
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MXE?jEPhTTQM8thDh0jE8PhTEPX;tjEPhhTjh|VQVN;tIM 34v)WM ;tjPh<TM G3;ruxMhElGM .ulmj|* >M39}u3*M}9}tuMejhEPx!BxEA;~3jZQIY3~iMEPVxECMt8j7YEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
MXEujEPhUEXPPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
myInjectedOnClickFromAlert()
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MyTerminate
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
MZ@!L!This program cannot be run in DOS mode.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
M|PQR49stDupE|UpRPEQ@;9upupKnupE\E=9sM<eETuXEPE|URPEQHf}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N ]U:jE^<^4^8^@PQ%SV39^@tF8;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N#!'jXjZ>u#~ES~2e~u!tjE9]|jSj'E #a'SVWL$hDS3~1W tt$RC;}L$hG;|L$h$_^[jM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N#p~EPfjEkVD$tVY^UQSMMVu;r3@MP|f{t3ueW;sdVuYYtg6MLf"u6j 3Y;txx#VuPt!MWf,u9rE_^[j3f}uEV3W9t$u1jY;tpp#t$t$jVb_^V3W9t$u1jaY;tpp#t$t$V_^V3W9t$u1jY;tpp#t$t$V_^V3W9t$u1jY;tpp#t$t$VV_^t$t|$tt$3@j\}u3/juMueEPMMt$t/W|$u3!VptPt3F3@^_VD$tVY^j[M]uE;Er3@xPf[t3ce;EOVS3YY;t6f"u"jYYM};hf-f0r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N$Y~&9^uvNvDv@9FN;l}NMF$F 3@U4SCV3;9pWVVPE3u}EPuuE@PuPuE WuEuEu@uPVVuuE}Y;9u u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N,WK|33@_^U}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N,WWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
n1YtFUFVtBUME^[t US3VW9u1h(VS,5;tE8uuUEPSS}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N38NV3:E_^[]EM9csmu)=pWt hpWbtUjRpWM#E9XthW&EMHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N38pNF38`E@fMUS[EMt_I[LDEEtE|@GEu}t$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N38ZNV3:JEH9SRhWQL$+#%;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N3FFF@FFDFHF,F0F8FF<F(dF4FL^Vjv@L$9t@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N8m$x)CWKdmh}H cADKJ|]1J<c8KWn@$1@ %xP?/.k/h,t@,LB/2dp;;CC/B-4/~B3!b:.,YzDJ$8a-`_@D Chclc`'R/#!Faw(@=:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
n;^iLA`rqg<GK
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N<E(EF0EF$~(~,~4~8%UEVWt4jYURjufMMMuP#E_^UQA$eURPQ}3E|$Wu39Vw{tWiWt$~^_UQeVWwztrW!WMVyE_^UQeVq(>uA$VPQ0t36MQVP #E^j1MxF$eeURPt3MMuMx}tu3Fj.~8u.jYMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N@Cg533@eEIVW>t1t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N],FF1+~(~$~0~,N\E~8~4NtE~<~@^D~H~X~L~P~T~p^lA,Ph|rq<53UVuWth~rbefxu@tURhlrP}e@3tf8u@tuQP EtPQW_^]UVut;~v5@3f8UURP(|}It3fW^]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
N^jcMq3]z;~)~StjC;|jWjM^Xjdsuu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NaejN,pNPEfNtEfj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
need dictionary
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
negative_btn
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NeMIMEVEPMEiu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NEMNC=VyD$tVYY^jX5<M39uu3@MEPhMu{uMMM;Eu_uM;EP-hME t:EPMEuMMAME@hMeEuiEPPMEp&MEhMrtRj0YMEt3WEot}VDVOXtjEE;EVMEZEE;E3FsyD$ArIyD$ArI3fA|$Vt.qAr9T$rrIH;D$v2^T$BV0r0~-uVrpI^;QuAJ;uABSV39u.F8X-t@F8X-t<^[8Y-uA8X-tNN;uF@8X-tN8Y-uF^[SV39uF8X-t^[H8Y-u8X-tNN;HuF@8X-tF^[D$xPr@RPqjVD$tVY^|$Vt+~r%|$FW8vt$WjP'WY_t$F^|$Vt+~r%|$FW8vt$WjPW^Y_t$F^UVW}9~sF+;EsE}v@NSVrr+E]PS+QRF+EP\[_^]jP}uvu%3j[OMmU;sjX+;w4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Ne~^8ENXE NpEv jEjjujEmNpE%NXE%N<E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Nff,ju4~E~2e~utjE9]|jSjENMN2)<jhWu39}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NlE7h1NE"8M~~4~0~8MEMFdjWP~$~(~`~\~h~,~Xj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
nn,n=nNn_npnnnnnnnnnoo+o<oMojo{oooooooopp*p;pLp]pnpppppppppqq)q:qKq\qmq~qqqqqqqqrr(r9rJr[rlr}rrrrrrrrss's8sNs_sussssssssst3tDtUtmttttttuuu;uLuVuquR9fLKNaua{3c471948-f874-49f5-b338-4f214a2ee0b1}EI m_WM_ALERT_COPY_DATA_EVENTEB m_WM_BROADCAST_RELEASE_ALL_ALERTSEB m_WM_BROADCAST_ALERT_IS_APP_EXISTSEB m_WM_BROADCAST_OPEN_APP_FROM_ALERTbad allocationpu~lwr;xxxVrrx(("zYsDyxyryusU'r#s.rswALLP_STR_ID_ALERT_ABOUT_DIALOG_SECOND_PARAGRAPHALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_FIRST_PARAGRAPHALLP_STR_ID_ALERT_ABOUT_DIALOG_ALERT_VERSIONALLP_STR_ID_NOTIFICATION_ABOUT_DIALOG_TITLEALLP_STR_ID_ALERT_OKALERT_ABOUT_DIALOG_MUTEX_NAMEFALSETRUE,"'d4#TITLEINTERVALURLIDFEED|#FEEDSNOT_MODIFIEDLAST_UPDATE_TIMECHANNELBBMCfC$T(CHANNELSALERTS,,0,map/set<T> too longPosting is app exists request. MessageId: %dCAlertChannelsList::ProcessOpenAppMessageFeed id: %s, MessageId: %s last request time: %d8OALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_TITLEALLP_STR_ID_ALERT_FIRST_TIME_MESSAGE_DESCRIPTION__2NO_USAGEALLP_STR_ID_SAMPLE_NOTIFICATION_HEADERALLP_STR_ID_SAMPLE_NOTIFICATION_DESCRIPTION__2ALLP_STR_ID_SAMPLE_NOTIFICATION_TITLE__2LOCALE_NOT_SUPPORTEDMODIFIEDUNSPECIFIED_ERRORTRANSLATED_KEYSRELOAD_INTERVAL_HHFLAGSALERT_TRANSLATIONSINTERVAL_SECNAMEPROTOCOL_VERSIONSERVICESERVICE_MAPVERSIONSERVER_URLINTERVAL_HHAUTO_UPDATEALP_CLIENTS_SERVER_URLALP_SERVICES_SERVER_URLSHOW_SYS_TRAY_ICONMAX_SHOWED_MESSAGESMESSAGE_SHOW_TIME_SSUSER_CLOSE_INTERVAL_MMDATALOCALELUTINTERVAL_MMALERT_LOGINUser is Idle less than a minute :Idle time %dCAlertClient::OnTimerUpdateChannelsUser is Idle more than minute :Idle time %dnS>iExpirationTimeSecTimeRecieved*jU;UqUUUVCVVVVVWW W\W\W\W\W\WxWEX>TWWWWX\k````a"aCaaSaaaaaabb|ccd4dIdfdmdtddU>qUgegeOargargsidDon t show me notifications like thisdont_show_this_type_check_boxCancelnegative_btnOKpositive_btnelementstexturlimagewindow_titledisplay_timewidthheightrawcodeALLP_STR_ID_ALERT_YESYESALLP_STR_ID_ALERT_NONOALLP_STR_ID_ALERT_CANCELALLP_STR_ID_NOTIFICATION_DONT_SHOW_NOTIFICATIONS_FROM_THIS_TYPEdefaultieff</alert_result></cmd></ui_arg<ui_arg</arg<arg></id><id><cmd></guid><guid></author></name><name><author></feed_id><feed_id></type>ALERT_RESULT_TYPE<type><alert_result>browser_typeguipubDateguidmain_cmdmain_linkhtmldescriptioncontentid_expiration_timeout_sectimeout_sectitlealert_itemfeedauthorinstant_alerts_channels~lwr;xxxrrx(("zYdrDyxymryusU'r#s.rsMS Shell DlgB)zyxximh<iufdisogmggwl6mB)zyxx"rJrmhlrufdirtogm;qUwl6muP}MyTerminateupon termination. memory size: %dAlerter Logic ClassSTATICALLP_STR_ID_NOTIFICATION_TRAY_ICON_TOOLTIPAppNotificationDialog~x<xxxxxW((YDyxyyyusUJCAlertHTMLDialogBrowserContainer::OnApiOnReadyStart!m_pContainerParent!pAlertHtmlDialogCan not show, size illegalCAlertHTMLDialogBrowserContainer::OnApiShowMeShowMe(%s)Could not get bShowCAlertHTMLDialogBrowserContainer::OnApiOpenAboutDialoguiParamsCount != 1Param errorCAlertHTMLDialogBrowserContainer::OnApiSendUsageCAlertHTMLDialogBrowserContainer::OnApiOpenAppOpen AppJS error: %sonMessageFromFrameCAlertHTMLDialogBrowserContainer::OnApiPostMessageToParentCAlertHTMLDialogBrowserContainer::OnApiOnStartDragALERT_URLALERT_LINE2ALERT_LINE1ALERT_TITLE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
No Dspid params
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NOT_MODIFIED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notification id: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notification Settings
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications are instant announcements that appear right on your desktop. You can receive these notifications because you installed a Community Toolbar or browser app.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications bring our latest news right to your desktop!
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Notifications enabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NotificationsData
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NotificationsHtmlDialogs
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
notificationTitle
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
notificationType
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
notificationUrl
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
NPSP3S_^[VD$tVi'Y^jL&MejuMMM3@&Vt$Vt$ttPu@!joVt$hYY-@^Vt$u3VtjXfhfF3@^Vjh5(Dt$t$t$^Vhh jdjh5(D3@^j0"%39tG90t?MahjM};tV%YMM<h9}u;E}Pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NPUAe~jE,VD$tV,,Y^V0XU^jk*E3A`UF;sNF3jZQV63YF9~v.j$YMet3NMG;~rf+VW3`U9~vF8ttjG;~rv5Y_^QD$;vs3@IDD$;Ar3It$tt$VW39~vWtuG;~rG_^V9F^VW39~vW^tt$G;~r_^VXU1D$tV}*Y^VW3W
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
NTEfhj"M3;u3aEPxh`Mu[Eu3hXM[Eu"hHMJEuhM(Et3FMMHjMXVueMlMMFVPSVqTW3~)SatjC;|~jWjF_^[jHj'}3]f@tMjh|MhKuMWQhTJt;jh|M`M3Fuu~CS>f<ue f>uu}tf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Number of params is different from 1
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Nv@jB+uuejMuj6tM3]9tMh5SSSSjqSuE;wMhi@P+Y;tE@PSWESSuWjpSuM@3FWMuWYMEPnMu]EuVj|$t=W|$ut$xYt"WWt$vv#~G~_^jCsjL}t=uMueM?tjViVtYMMJ_tVWjt$L$tL$9PVVXtY_^VW|$9~tjjW_^QUSVMEpMvM^[D$9Aw@PVF@PtFNfT$fAFFN3fA^S\$VtGWSw~YuWSE+FP)tFN+SQNAP~_^[VtFt$PYYt+F^Vau,9D$t&D$9F~Nt$AP{YYt+F^V"u 9D$tFt$PHYYt+F^jCqhEPeMMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ObtainUserAgentString
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oE`,EQ<EBPLYOV^D$tVuOY^j RXN}u3Mh0]t0MQZePpMMMht]3Ft+MQYEPuMMLNjxMM3;u3=LVE];'uMZ;EPUh\M]t"EP?Y~PPEMhDMt+EPYME^uMeFM=hM_t9EPXME"uM)PM]0hMtKhA\;t"MQvX~`PEMh\PFhMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
OffsetRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
OffsetRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oj,ESPEEPMo}9]u2EMEEPM]+hMMhDM^jEPuEMEEEPMEgjuMqMe_PMouEuuPMMgj`uuReh-1^E ^E^E^uEnununEEE E$E($j`uh-EfEfE|fEmfMlUQeQMoEjHji3}]h-S}}Gh&}mMQP}X]PmMEehaM{3M];t3GMMa@u@Ed";u@]3SYjEPEP@b#9]~9]S~+Y~S3]}SEPj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ol1cBSNib+.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ole32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
OLEAUT32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
onclickLink
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onLinkNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onMessageFromFrame
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onMessageRead
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onNavigateError
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onSizeChange
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
onStartDrag
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
openAboutDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
OpenProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
OpenProcessToken
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
openSettingsDialog
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
OriginalFilename
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
OutputDebugStringW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed distance tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed dynamic bit lengths tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
oversubscribed literal/length tree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
P$&^Ul$3j(C:htMP3]9pMp\MEtFEPhthhMEJ;tgM!^u[M(^j.MhphtqM+HPFVEPM|pPMElMEGeM]/VESPgEPutEhElMEEM]dMM]Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P&Y_^j8FsN<3;tu~MTNP9^t.MM]9^xtKF@PMN^DEEPMF]MENPhxMAOM]V=}@FPM~`PSEPVaPME]M]"VhM]M]hM]jYPEP`E=MPM]M]UENPPC]M4NMhEPUPMEM]ELhpPYY};tdjSW"W$;Fp|$WYM]LhlPBYYE;t%M*M8WjVPWE}tuYE3ME>M]MMTj}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P'F<tPXf<_^jeibHu\Oh`PSjEi~tjPhHSj?EEiN`E]NDEbN,EMHD$;,ut$t$At=u5y(u/t$$VhPPVjhPVj^j iWGMbh QW3j]cu;tj;t_P8EuMuuuPLEPuEPt]SSSEPhHWj;tP<MM0b3gGVD$tVGY^jidFFDPMya3]9ucuZ9^<uUhhQWjTF@PSVhrSS(hHWjF<.39^<MM*aMMa3@FjiE=uYuP}tItWw5,P,FDPM`eWN`bMM`4FjiMEtLFDPMY`e^`Y&~"x|W[P<Wr[OyMM6`EV~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P'~xjPFtPaE\N\E\MN@\/@USVuW;Ol8HHtp#t)8CuuYauuR<muUY?uuW
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
p033VHD$tV(Y^|$Vt"D$NhF\Qjjvdvvdvhw^VFhijY;~W3;uG~\u+P<_t"vdfhv~\uj^U SVWEPv<3~l]]]s;E~S<E9^8t}|j%jEE9^hu8E9]tuvN8;t9]t9]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P0@U3EjEPhuE`u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
p0jHIM]{-t2hMHeEPMhEPE4Mz-t{Cx-tEH9;uv-suwMA9Xux9u>~I9u-tx-tEH9Yu}-tGBx-tQ\B;Cu-puw>SKAMI9YuAK9uAKHK,Q,PYY{,,;ulFx,u@,VF,Fx-u}y,uHy,thHy,uA,MP@,~FN,H,MF,@V@,~~x,u@,VF,Q~x-uHy,u"y,u@,vMA;x?7y,uHA,MP@,N,H,MF,V@,}G,jjSYMAvHAuuuJEjLxYZE}]EE3E;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P33SW=VjPSjv_;F[tuFF^],USV5Wsu3@WsWtEPs<jEPWDEEEEEEjuuP<_^[3HHH HHAH$@(H@WZa@j.O3~t!j8W-YMet=3F3VW|$Wta~uXD$jWF~F PPNtWPLPNtv(v$vNvPL3@_^UVEPv@t6~$t0Wjjv(uutjWvtW_^VNtfNtf^D$AIu3IVNtN^t`VNt^ ~tL$Pvp^ItfItItjV1e~t%u$Ee$PuNuu.MM)2 ItqItytI`P3ItItV~tNt$P~tN^`^Itt$t$P83@\VND$tV1Y^V'FD$F3FFF^Vt$D$F^EVjj3FFF $^VED$tV1Y^D$d$wvWL$3UEEh$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P3BSW=VjPSjv_;F[t;t;ufPXF^],Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P3V)YD0tW/&Y3_^]jhpBEu% %3;|;r!%8%WWWWWXL1tPtY}D0tuYEY%MEEVuYUVuVYu%MWujuP`uP3tP%YD0 _^]jhBEu$ $3;|;r!$8r$WWWWWL1tP2Y}D0tuuuE$$8MEEu|YU4S3EVW]]E]t]E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P533@^j5f%uuu=39^d^ FFSSjjEuEuuEuuEuuuuuuuuuuSu3juF8N4N0Pu9^<9^ht79^lt2eP<.ejh|]*v|j5eP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P83VPfEEP'hPW,u%Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P;E~~aEF(EPN EPN4F0[`nuEhpEBjg[u3EGtP8tP-YNpEN`ENPEN4EFMNVUVD9t3[~|tWN4Mhh Pk3'}uEPuWv|WY_^jjYYuht$t$jjYYut$t$VD9t3^S3SSYYVjYY9^|9Wh3@=<h3Ph3h3h3_9t9t9t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TnpQ+t3TMpQ+t3T,pQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3xP;Qt}Q+t3TPpQ+t3T/pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3ZP;Qt~Qp+t3T1pQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3T`pQ+t3T3;I@+3LP;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TbpQ+t3TApQ+t3T pQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3lP;Qt}Q+t3TDpQ+t3T#pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TspQ+t3T3NP;Qt~Qp+t3T%Qp+t3TQp+t3TQp+t3T3P;Qt}Q+t3TpQ+t3TupQ+t3TTpQ+t3T3/fPf;QQp+3TP;Qt~Qp+t3TpQ+t3TpQ+t3TpQ+t3T3iP;Qt}Q+t3TApQ+t3T pQ+t3TpQ+t3T3P;Qt}Q+t3TpQ+t3TpQ+t3TppQ+t3T3KP;Qt}Q+t3T#pQ+t3TpQ+t3TpQ+t3T3P;Qt~Qp+t3TpQ+t3TrpQ+t3TQpQ+t3T3,P;Qt}Q+t3TpQ+t3TpQ+t3TpQ+t3T3P;Qt}Q+t3TupQ+t3TTpQ+t3T3pQ+t3T3pQ+3TMu+t3TAV+t3TAV+t3TAN+3LMu+t3TuhAV+t3TuKANMu+t3Tu ANpEM_3_^]*(I+nzpP\}^2>^Vjh^U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P<v hhjF h hj{S9^ t^ TiYF$rIi+F$Y=,vbM|vEvM;t!M;tSh'vvM]4MMhj,&gMeMf,jMMKhVvvjjbj^j|$ouy3D$;Au4;Auja&;Auj;Auj;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P]]]]E^TPxPPuuuuEMEM_^[UVWvWtrEPEP?EPv<EtM+MMMUUtM+MMMUU%PEPW\jEP_^UVFW3;tAMQP<t2uEuPt9~luFl9~lt~lW8_3^%8%Vx^j~fueN< MN0 :V&jNjNf$f(f,^j--u^ejPVjPjP^jt$X|$t|$t`UQeEPu+uEVD9t3^F|u@^WPf|YNp#_^u3|$tt$Ppt5tM;VWt$t$t$PD$ujWN4_^USVWu~4uuuP3Puu@j[;|9S3Wu*t#Sh|3uuSWSuN_^[]VW|$3!SWPN;9uN4WP[_^UVWuuuPu4%tWu$_^]t$t$t$t$t$t$t$tYt$t$t$UQEthuuMj uEuP0tEUWjhjjjhut]VEPuudut0EEEEwEPEPhEPjPWlWX'Vu^_jfuNteNhESj-MeMM[jfvuN33N4}NPEN`ENpE~|DjWPRujjY3Y@jjpYYut$t$t$jjLYYut$t$t$Rjj(YYut$t$t$t$jjYY jUMehuM|!uMuXPMMjtQg39tzE+}IHHHt,HW]hsN` 9{$;M2MEME6}GEMthw w!FPPM!MPM"wGPGPGPMWPMEEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P_@^VW|$jFt$P_@^VW|$jFthP_@^VW|$jFt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PA"RB&'@L;9L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Param error
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Params error
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PathFileExistsW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PdV_@^VW|$jjFtxP0"_@^jcMj/Nt"EPMePMMRM@OdI3t(VW|$jFtP_@^`$VW|$jFtHP]O_@^,jxXVL$j\Ft!HXuFL$XP3@3^L$j#L$@D$Au@UQAeMujh|PmEUQAeMujh|P;EjbAMPLMueMMMb|$Wu3^jh`thtjt$ktVpGt2t.N$QH$xtOV_t3@3^_Au$jo=aueNMNajau<E,EEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PeekMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PEPHMPPSE_;tME;tM9utSV^[h&8fM3]ME9](3F9u,]9] u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PEPMPdPuEtMEtMUSVWeE~IufEPjh]tuEuPuEE;E|3_^[EtMUEVt0EEPjhtjEP^VD$tVY^UVN8W3tgN8uPEPv@EPuG}%E_3^j1CM3SM9]t75PWjhMEqMEPSSWEP]uWWMMkEj(,*M]u3PuuV/jVVEe{DEtEMjMmPVMEyEexPMsthRjVEuu}uEEhP/P%b5PuEu=uDEM0PujuEk]u]]EPPa]PSuSuSuSMM*x3@1jO*JEPuu}EPjh]E9E~E9E}tT|b;}^MweWTt3xPMt#Et8EtMMQw3@MM@w3HUQQEVW38EPtA9~8tuN8uPt=EPWWuuthhWP_3^UVjuu^]%Et-SW}t7HtHHuRURPQt7uSRS"MURPQEWuuu_[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PEPzPPuuu~Pt3|$VWu3@M|$ uhjP|$+u'D$P;QupVppR<3_^jXf~<u3GeP,eejh|E)v|N<vxMvt6XU}VWvt;tFWt;EPv<jEPW^jEPWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Ph{@uCE j CYE(Etjsp3ECt5EPs@E<e(P0KsunE,PKT.[M,EX'MM<L'TDUSVWEPv@vN(F,N$Pjj]PSE=juEuSuuSjuuuuuujuuuuuujuuuuuuuuuuv_^[UVvtGEPv<t6uEuPt"Fj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pj:YYt9h8YMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pj=Vjhj;t+HT;~STSPC;|3@_[^j*u399~8j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjiFPMueMRVj8^9|%<3HHVtPY&^D$VtV,Y^VNF^VN^UQVFPMFvM^VW~WNWu_^`_^VeD$tVY^D$;Ar3PnVF@PFNT$FvF^S\$VF;w6W@PNF+QPPFL$ F_^[UVuWG;sOMS;v}tu;suE9]rOG+QLQP+w[_^]Att$PjjBiueja VuuW|$3jZ?QF3jZQFFYYtQjPFtQjP~F_^SV^Wt3~t,~t&t$k484t$ot@3_^[UVFtHS^t?~t9Wu"4F4u%uuuW;MH_[^]QSUVn3W;tI~;tB9^t=t$8<(t%,l$l$Jt\$tl$9+tu3_^][Y[~8+PAPQ#NV~WtC~t<~t6t$AN484t$BtL$t@3@3_^5V-|$t=W|$ut$Yt"SW!t$_Sv^>[_^D$0pV@PFT$N^S\$Vt8~u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjvMejuMuvMM<3@/|$VuAt8~t2Ft+Pt vtjvkYYt$t$^j(oW.Ntqe3}EPQ@tVMejEPvMqE+EM+EME+++M+MMM;(=jjj3EM.VWQPWRjWvtW_^VFt9Pt.|$tjhvv^PttVD$tVG.Y^USVWuhht~jhs0sP$j+EPs@uPRP(tijPs_^[j8Wx,M.eEPMu3;~U;~};t+;E}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjVMVPDMWjVP@}tE9xt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PjYYjj4j-j&qjX'M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
pkeHpPMUGh(@@R08)`IJ0Ih!P%"L(`#!L+(#*;-4H/A7h=hBhHhMhSh1x5P7@<xBGxMRxXX\BINARYGIF89anz~yw{x!n,nd37Qn>l6S;.C=BE&b?Vi<0^/@9*J%!\jZ4(O
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PKMSWM>Ah@MIEPEKMSWM>AhMIEPEKMSWM>AMUl$3jPPE3ESPEPEPS*T;hEPcMATM]EPME;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Please contact the application's support team for more information.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMEjj>eu1N8Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMF]5SE,P~/vMM,MM,3L4jV(Ku$eEe$P.uuu`u3MMK DPt3FjUJM]u3@M=es}u39~ptWsMvc9~ltPPEPsM99Tt}C3$<M9XtjjEPuWWMQsPpuMsu~CtCt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PMh4MMEPMuEsEzfj(SeeEP3CM]MEEPhHMEPMMujh|EPPM]EM]MEEejdjhlMeMPjjLtP=uVTVX3MMgoejdMt3vMMeuMPEh PFMt|M\MPSPhuMM3@dj$cEP9eMbMExEP\VMEPMBMPMBhM5EPVMPMME9MEMM!+dj4DcEPeMMEEP\VME<PMM+PMuMhMEqh|MPM/EPVMPMME_3FMEPMEMM8@c3jUbueN
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
positive_btn
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Posting is app exists request. MessageId: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
posting singleton event [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PostMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
postMessageToParent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
postMessageToParent {
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PostMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PostThreadMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PP9tIh PYYPu4VYP PP<}_;tg___OE:X}jYU(3S]VuW}EEEEEEEE9t5LYM;t[jY+JJtqJtEEE_M]Q]]Y>"E_M]QE]]YjEE_E_]]"ME_rE_ME_ZE_tNIt?It0It tE_E_E_E_xEEE_$E_E_E_E_E_E_yE_mE_E|_Ex_M]]M]QEYu!E_^[7!%HH3UQQSVV5%WEYYM#QQ$f;uUUYY~-~u#ESQQ$jMTrVSVEYYdES\$E$jj?6U]EY]YDzVSVEYY" uES\$E$jj.T^[jhFCTEu`3;|;r?SSSSS1<LtP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PPPPPPPPPPQ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PPPPQWh(U
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PPsEjEPsEVsVEPsEC(@Ps$ss 6sususu=}tu}js5E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQ3^]^]`Vt$u@E&htt$P|YYL$tt 3>t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQ3E @^]jp>uFF|F<FFFF F$F,et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQeM-t3@jB3q,]9u$A$VPQD;tMMLv3TM]mPM}E;t3uVQPR;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQe}t3EPMMxEPO3Gj(B339uPuMuufE}u;t3Pus0E;u;t3C$URuuPQHtMt}uM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf,^3D$L$@y4u@3@@VF,tPQD$F,^tPQD$xtt$@hsP@@ UV39utZhturnYYtGE(tHtHtHtHtu'E9p(E9p(t9p,uEjYffH^]@ UVrVumYYt2VumYYt#EHtH3U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf0Ml$l$l$Vl$l$l$8l$ l$l$l$$l$jl$l$l$ Ll$l$l$$.l$ l$il$l$$l$Kl$l$VW3jF4WPFF|F<FFFF F$~(~0~D~H ~,~L_^VD$tVY^j>u"3N}:+3Cj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQf<_^jX?}u3`9~<u3@VEt.MieM$iP4MMh~<WP}tS'UQMejjEPEt.t4VuuuuuPQEtPQ^tPQ@UQVucEtAxv;@u33eURhrP|}tEPQW^j{?luejEP6tXEtQeeURPQ3|9}tuEuuPEPQEMtPQ3j?3]uEjP];E;]URPEQ;E;MPMuEMURhjUR,tVPEQ;|Y}tSuEuuujSVuPQu3;E];tPQEM;tPQ,uE;]tPQEM;tPQ3j?u~,FENtE[N\EONESEM)7Uuh,tAZYYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PQfeURPQH|EtF3@3^UVMWut3XStI39^tBM]]]BtEPj@;tWuW3[_^}tf_MPVSZJWEPjW$|X}tRE@URhsP|1Et*PQ |EuPQ|EEPQEPQWERji$:u.eNR?NlEfF:ji9uRNlENE8M:AUSVW7uSSP3;u3uQuVVQQhhRSjtw3P5_VVPPRjVejhRl).~4e~%utPE9u|Qj3@_^[]VMut$Nl`*~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pragma:no-cache
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Privacy Policy
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PrivateBuild
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ProductName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ProductVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ProfileImagePath
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Program: e+000~PAGAIsProcessorFeaturePresentKERNEL32
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PROTOCOL_VERSION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PSAPI.DLL
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
PSC;M hMEPM%;uME_ EPMMEB WMjEePExEePEcMEEM;u=MGP@;t#hTV;thV;tV8MEMEM]EE;EMMs}jdh5M5MetMM93AM/jjuMEMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PtEPklMejVMMMf3@tzjVM3EFPuu3MMGfUSMMW23;V3jZGQ:\Yu;D?PSV[!]]]uMf&uj&XfuF3FC]kf;uY}StO]Mj;XfEPuSqtfEfE+EFFsPjjV[3fFFtEE9}b}tuMuJ[Y^_[VL$t33PPPt$^Vt$t$L$jPt$$F^HVuPH^U0l$30j$92OM@<3}}CPW:P;EPjV^EE~}EPWVFSMeEPMj\j/MgEePMTuEEPWVMM7G;}|}uEVYEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pu#uSuuu#3US]Vu0A$Wy@tPtBt&tu=I
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Pu[}tUDHt(f}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
publisher
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PuDETjE0jPhE0PK$7PK$,rPuDEE8E0CH~;E8}E8E +CLh+E<K$+E$E<E4E0PPK$qPuD}TtuTuDu$uuDPTh jjuDWVuuuPuuDuuDMMy+Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PuEjEWPhEP4P4i=Puj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PuE}t?DHt}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
pushHtmlNotification
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pushNotifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PVM"ME]MECMMjEPeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PVMMEMEj.EPweMgt,MMMjMEoMEEPhMPVMD,uMu<}uMEMEqjuEPeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PVMuEuMEMEj1EPzeMjuTMMEMEuMh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
pWeb: %d , URL: %s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pWebBrowser == m_pWebBrowser
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->get_responseStream() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->get_responseText() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->open() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
pXMLHttpReq->send() failed : hRes=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
PXN0MMlj ^ut{MQPeMuPh&j2P ^@tSPPMOVVEPMEOMM}ji}t]u;PM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PY^_^^^^[Iu3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PYe~htWu@tWYEWjPYE~lt#WIY;=Htpt?uWGYEV8Yuj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
PYY~~_^[]jhHAM3u3;;uAWWWWWF@t~EVY}V*YEEuVYUSW}3;u ASSSSS,fWQ9_YE}_jSP;E|Wu+G.OV+utAUuD2t;s:
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
P~<N(;t~(N 3C;tS~ N$;tS~$WWjv4~8^@MMs^DjCFPM4^3]dF89^ u$jh=YME;tZ3]F 9^$u$j0<YME;tH3]F$9^(uOjD<YME;t3vHv ]v$F(v,N;uMM]7Cv,N(#N$PUv,N(p#N Pe3Cj%BMejMPhhxj(MMBUVu;5(u}ujutuuVu^]jA39]&N$;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q!!6FZ[cgjkpwzz{03:!5,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
q-!PL"5;.Z|=;%X{
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q6FZ[cgjkpwzz{03:!4,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Q=c5PkAt,@IoA'R.QtE%HX)>_z
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
q` eNl!fK
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QH++PPVh;j,P+P5P(4Tt,;P@;\D+48;E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QP3Vt$Q^D$3|$uD$ 3$ j%ut6}u0M_eEPQMuMW3_&PMM53@j W[%}}MueEPtoMMQMQEPHtDMEu8ujXMfPMFEMM3@MExMMl3t%UQeEPuLtEtMP3@3j1Q$M}uEut>]t7MMeEPuMuM3$#URjjUREFXh,tPQjYf|}|3@3MMfCy3@tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qq$|3@^]D$SVWt%P;QuPRppS<3_^[UEtVtJt;-t'uE;Qufu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QQEQMQ"!rQ"@!QQQ"l!Q"!QQ"!","R&R1R<RJRXRfRtRRRR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QSu`hPu`MTEP>SEPh`EPSVtV)NVJu93MEM EMEEMM@Mh3-0v8MhWE0PSPhdESPM0EMhG/;rudMPCsj( :EP-eMtMMJ3R;MuEPEPEu3MEMMjEPjMljuEjPMEmME"h3Fj 9M3E;u3];]~SMSOt>FPEPeEPQPVtEMMJC;]|EK:j!d9ME3P];uMM:SMlSuEjPME#lM]+g3Cj!8ujze@EmlEOELdh3<`jEM3j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QueryPerformanceCounter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
QX)1./&\bP8J@312iQ%?PaaDzbSNDSN;GIF89a?kqhv_ebyiCra>n|]woO|ql{n|Ly!?,pH,/ciVC jDFf^'B3("W!TH4:?y1?;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
qY3UVW3u9~u3.9}tuYE;tF}~SG;sgME<HuWYYuW|GY;r39Et7E9Etu{YEE+ENE9FMPu3^SDYNAE;sxuSEUM+Fu+E+VGOPS'}tuuWu3fsE+ESEuYYuS\CY;]rE[_^UVW}|m;~wh}u3@_uYNQEt@NF+SQ?QMHPquFuP`'3@[3_^]Vt$D$9F~Nt$APYYt+F^VW39~~$WPYPWG;~|_^VW39~~$WlP=YPWmG;~|_^V`uVR4f;D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
QYFPVD$tVPY^jOuNeNINEF6N,E*N<EfLNPEN`ENpEEEEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
r""$"p(08@HPX`hpx""@8"\H@$""MU]emw"p""dLv(l3"4@`V"p"""(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
R6002- floating point support not loaded
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6008- not enough space for arguments
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6009- not enough space for environment
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6016- not enough space for thread data
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6017- unexpected multithread lock error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6018- unexpected heap error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6019- unable to open console device
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6024- not enough space for _onexit/atexit table
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6025- pure virtual function call
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6026- not enough space for stdio initialization
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6027- not enough space for lowio initialization
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6028- unable to initialize heap
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6030- CRT not initialized
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6031- Attempt to initialize the CRT more than once.This indicates a bug in your application.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6032- not enough space for locale information
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6033- Attempt to use MSIL code from this assembly during native code initializationThis indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
R6034An application has made an attempt to load the C runtime library incorrectly.Please contact the application's support team for more information.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RaiseException
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RDECEE%EmPE^EE@E1NhEN,]MfejhSe}EM~EJMM(>3Ze0tMM(u3jXESP]CoEP;u3M]MM(M(WuM(,PEPSjZVjHPuVSEE%,EEEEMEEPEPME:t"}thEEj Ps]EPMEUQQf}Su3^eVuWEPVu9EPEPujuujV5dEtPVRE_^[jb8tpRtaMKeMQP<t:Mu.aMt!QPjt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
re about to receive a notification that lookslike this.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Ready state: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RealizePalette
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Rectangle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCloseKey
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCreateKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegCreateKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegDeleteKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegDeleteValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegEnumValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegisterClassW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegisteredSources
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RegisterWindowMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegMonitor
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RegOpenKeyExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegOpenKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegQueryInfoKeyW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegQueryValueExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RegSetValueExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ReleaseCapture
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ReleaseDC
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ReleaseMutex
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RELOAD_INTERVAL_HH
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RemoveDirectoryW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ResourceFiles
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ResumeThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
return %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return %d (from LoadW)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE (CoCreateInstance() failed : hRes=0x%X)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - (!m_pXmlDoc || wStrXml.IsEmpty())
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - file doesn't exist
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - m_pXmlDoc==NULL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
return FALSE - not using helper
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
RMh Sjh$}uMfeMfMEfMEPEuEEPuM#u=hSj#3MEpoMEdoMMXo"hMkthSj#3FEPEPEP3;uh`MifPhSjW#EP0;9~NPlthWh`thtWv;t.;t!M'VMEn<ME'MEhnME\nMMPn3@hthTSj"39j1RMhSjh"}uluteMdeEPuuhHSj$"MMm0EP}MMm3@h Sj!3j\[
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RoundRect
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
RPvj0UF]0F}tE`p3[_^USVWusMNu-4j^03PPPPP~}tE`p}v}t;uu3;-0@;-u-wC3G
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RQQQQQxTbTPTXXXrX\XHX,XPWtfdfPf~WlW\WJW8WTTllllmm-m>mOm`mqmmmmmmmmm
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RQQQQQxTbTPTXXXrX\XHX,XPWtfdfPf~WlW\WJW8WTTtimeGetTimeWINMM.dllwSetDlgItemTextWIsWindowGetDlgItemPostMessageASetTimerKillTimer!PostThreadMessageADestroyWindowDefWindowProcAGetWindowLongA^SendMessageAFindWindowWSetWindowLongWgCreateWindowExAJGetMessageAMsgWaitForMultipleObjectsDispatchMessageAPeekMessageAGetDesktopWindowShowWindowwsprintfWFindWindowExWPostMessageWGetWindowRect
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RRRRRS"".S6S>SFS"""@#iSqS|SSS"#SSSSSS!T"#DT"#iT"$T"@$T"l$TT"$UUU'U"$JU"%mUuU"<%U"p%U"%U"%VVV"%"T&4V<VGVRV]VkVV"&V"&V"&VWW"'6W>W"D'gW"x'W"'WW"'"((WWWWWX"P(>XFXNX"|("(qXyXXXXXXX")XX"@)YY"t)=YEYMY")@)pY"*)"
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
rruN}t0+PVEPMPEPMEwMt3FUVu'Vu+EuhDVP+E^]U$xjh^dP 3xSVWPEdexxxxeExEE~ot3qeeJE>nM4njhuVPWEuYutPe}tu}tu@$YEMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
RtlUnwind
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
runtime error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Runtime Error!Program:
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Ruu(;uE9EG7E9EtM9t3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S3%>VZ-X
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S3Sj&YY;tH;tH;tX-@,[V D$tVY^D$Vt$tFtR-t<Ht*HtHtHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S3SjYY;tH;tH;tX!@ [S3SjYY;tH;tH;tX@[VjjYYt03^UEPMLuVuM?EPM.t^]jjqAQ0L$D$AVpWt$FPtYYtv6~-t_^VN@!@If^USVWGpE1uNtv{tMFPqtu6~t{tGp3MFPBt6v~tWuMWSMEMMHM_HM^H[VEN@@If^UQVQeeC^UQuuuuuuAVt$L$VPuD$^Vt$L$VPVD$^Vt$)L$VP7D$^SVW|$u$v6jbW8~Yt_^[SVW|$!u$v6j'W~!Yt_^[UQEVQeeP^UVuEPVvMwEPMvuEMPeuMVvMCMEIH^UVuEPVvM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S:(ML;;NW;;;LW)
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
s[S;7|G;w
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
S[UMw3k$QeY3$seEPMh,EPEUMw3QY3 seEPMVh,EPEXUMw3PY3seEPMh,EPEUlhzjMh}x|VhVhPVh(I3;E@VPEXPVh MX]MXWSEPPMXE9M]VhMX;ElMX`Vh;JMl+HPAQE0PMXzM0EeDVhE0P<D<EM E PS<E;MElEPj<EM;ehZt]lMhEDP<PEPEDhhME&MhEPE PhEPtMEVhMVhhMHEEPMHEEh8MHhMHhMHEPMHhMH9]lMhMHE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
S]Au3EfE;}"+]tum]tMmHutE]E_tjYeuEtE tj Y3^[U}t~}S"]S!]UE tjt3@]tjtjX]]U 3;Mtd@|3Et^EEEEEEEVuEE EE$hu(uEEP/uV,YE^hu(uE U=u(uE\$\$E$uj/$]lRhu!JEYY]SQQUkl$3Es CPsu"eCPCPsC sPEPIsp=u+t's C\$\$C$sPr$P$s CYYM3k][UQQE]EUQQEEM]fEEU3}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SampleAlertName
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SampleAlertWasShown
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ScreenToClient
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SelectObject
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SelectPalette
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SendMessageA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SendMessageW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
sendUsage
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SendUsageEnabled
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
September
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SERVER_URL
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SERVICE_MAP
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetBkColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetBkMode
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetCapture
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
setCheckBoxValue
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetCursor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetDlgItemTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetEndOfFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetFileAttributesW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetFilePointer
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetForegroundWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetHandleCount
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetHeaders() failed
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetLastError
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetLayeredWindowAttributes
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetLayout
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetParent
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetSecurityDescriptorDacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetSecurityDescriptorSacl
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetStdHandle
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetTextColor
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetThreadPriority
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Settings...
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SetUnhandledExceptionFilter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowLongA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowLongW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowOrgEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowPos
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowRgn
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowsHookExA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SetWindowTextW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SeWhheWhSeWhSeWhheWh{heWho\heWhP=heWhx1heWhlheWh`SeWhPSeWh@heWh4heWh zgheWh[HheWh<)heWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SHCreateDirectoryExW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Shell.Explorer
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SHELL32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
shell32.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Shell_NotifyIconW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Shell_TrayWnd
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ShellExecuteW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHGetFolderPathW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHGetKnownFolderPath
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SHLWAPI.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ShM8tKhPyPM\EYhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Show icon in system tray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Show notifications from:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SHOW_ALERTS_FROM_THIS_FEED
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SHOW_SYS_TRAY_ICON
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowAlerts
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowIconInSystemTray
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowMe(%s)
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowMessageAfterUserCloseInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowSampleAlert
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowState
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ShowWindow
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SING error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Singleton
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SizeofResource
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SjEEPjjWV03;t!3PhXSAAQ333hfEEVPkVVVVEPEPWuED;u,jEPMMEPu MMGu$h|Sj-3@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SjP[MM,yS4jPThTRueVu3MM6RS DsPtEj C]LY$Etjs%3EtAPs@E$Ps#5SjsWjsC;tuC3hPf(*P\jd(Pst(P3F8VWtt$ t$t$ $3_^D$VWu@+8t 3xpRp3_^yt43U} t}u4])v]Vt$L$Pvp^D$8D$,j@/U`PyEEPv@E+EP'|YME3M]SSjSejhESSS@EuSSueWEPMEPEMEnM]cMMWaPjRU|O3GWuuE3E9^|t$9]t( uEPEP]]k]9ts9^|tZ90uePejh|]zNxMWPuE,tE+E}++EEEtE+EEEUUE+E}++EEEQEP}W/PM=PutAjjEPu,MPEP/MPPu}tuuuuuuqNjdj(MM3VVMUuMuEPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SJY@eEPS@6at3|&~jEPW@uTt}uuE0E'EPPPultuX6 EY_^3[dJV~t6YNtPY&3^j.OhLIYMetu3uMuuuuttV\PY3j]IYpPt$t$jjt$lUEu"8tu@uuuf]jjt$t$t$W|$u_?tVwtVOYWOY^_jhlNuehN,NvrOj2h7NuNhNSjE>~,jPhHSj"EnMNjBYy$u+Vh0OVj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
sM`EPMfM`Vh8+j@MEmMEmudMh;tMl;t=E@PE PEPEPM0EmE|M;tPQ^K0;tEPtM6dEPePjh+EsM`EPMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SMHMH?WMEu'339\u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SMQuP4h{M;p;MgMD};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Software\AppDataLow
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\EB_TB_NAME\toolbar\settings
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\EB_TB_NAME\toolbar\settings\Update
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Internet Explorer\International
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SOFTWARE\Microsoft\Windows NT\CurrentVersion
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Windows NT\CurrentVersion\ProfileList
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
sOYujgOYU=PtK}u'V5T5tt5P5TE^j5P5YuxTtjPp]VWVV0uVY^5<h<WWh0WWh$WWhWW=5pt=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SpecialBuild
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SPSRAh_~SP^[UEVu3TMFHE NDFL`jvHjvLuuuuhH@jhUjF8uP3@F@^]VF8Wt~@tPf@|$Wtjjh W~83@f83_^D$|;A<}T$RPhq8j,3l@#ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
sS<@t58t0=u+tItIuSjSjSj3_^[]UEu} b]V3;|";s@u$<0"VVVVV#^]jh`FE}4E39^u6j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSSSSMu@u9EtM+tGHt.Ht&d#G#j^SSSSS0UtuE@}EjY+t7+t*+t+t@u9}EEEE]E#;;t0;t,;t==@E/E&E=t=t`;EEEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSSSSN9]tEGF80t.GHy-Fd|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SSV@?'V@]:jD9aMT]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Start : hKey=0x%X lpSubKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wCharKey=%s wStrValueName=%s wStrValue=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : hRoot=0x%X wStrKey=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s iType=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s bValue=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s value=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s valueName=%s wStrValue=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s wStrFirstName=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X key=%s wStrValName=%s iType=0x%X
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : root=0x%X path=%s value=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start : wStrUrl=%s pwStrInput=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start Time:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start Time: Class Name: ,'M>mmmmzCThreadPool::WorkNo JobpJobCThreadPool::ThreadFuncImmediateCThreadPool::OnJobPreProcess\'M>geDummyJobCThreadPool::ThreadFuncStart [%s]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Start. bUseHelper=%d wStrXml=%s
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Start. wStrFilePath=%s bUseHelper=%d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Stop navigation!
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
stream end
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
stream error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
string too long
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
StringFileInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
StringFromGUID2
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SuE ]9]tuu E9]PtVM<[PMjVMMEPEPu$Eu EP]M]3ejVE{EP0i0E*iME]S39]EuEPV0'k;V]9]PunE<PME;u[M<PMxtEjE<eP\V0j0hEEPV0j;MSEPu$Eu P]34;;u(}Put}t3t9MPMaMPMPE<;}~}ETtlhEE;E,}sMtM}uM<PMMPMMyPM;]~]}TtET3uF;uuSjh`MMjEPu$Eu EPMPM<};}~}MEM;M,}AM]8;~6~2+~'M<PM6MPM%Nu]E0tMMM4t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SufgucW9~~=]WVYt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SunMonTueWedThuFriSat
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SVW|$u+jWY+k<3;_^[jVM9eEPu3uMMWWMKv%VM(tuPMF|K;r3Ft$jc(V}u3wV!Eu3@rjW+EYVEk<9E$WEP3MuMEPMEu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
SysListView32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
SystemParametersInfoW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SystemTimeToFileTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
SysTreeView32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
t show me notifications like this
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
t!u9}E@@EE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#:r:w:r:w:uu3:tr[^_jDhqM@eEPMf@h\EPjDxhrM@eEPMhEPUVWh@@th$rV<tuV8_^]QRPh$G'ZY%%%%%%%u%e%U%E%5%%%%%%%%D%%$UDSVuVN^W~UVFEEM3}E3}E$uMMMMuEEEPjQhWm43E8E+EEuED3;tURQEDtMQjuPuuAPE@tMQju!EEEPjjh~m4EWup;t&~t'jj@tp
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#EPZPEME5MF)U\j<5HM\EP<3M]SMTEMlECz3;EPM MlVEPEMDEMEPh@M >M4hE4PE e0PEMT;tsM4ugM\E4PEPPMDEME.MDu hhMDMhEDP9]pu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t#t;t;t;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$^S\$VWt6jhvhujP0tSat
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3[)]MMT$BJ3[P)]M1MT$BJ3V[)w]M8M8M8T$BJ3#[)D]MN]T$BJ3[J3Z *]M!]M]M]M]M]M\M\M\M\M\T$BJ3ZD*\M5M$LT$BJ3ZZ*{\MMMT$BJ3'Z+H\MOMguMBT$BJ3Y@+\MpOM.uT$BJ3Yt+[MMMMT$BJ3Y+[MT$BJ3bY+[MNT$BJ3?Y,`[u_Yu_YT$BJ3YD,1[MNMPtM+T$BJ3X,ZuS_YuI_Yu?_Yu5_YT$BJ3X,Zu_YMu^Yu^Yu^YT$BJ3IX,jZMyM(yMD0{MdxT$BJ3XT-&ZMxyM(5MDzT$BJ3W-YuH^YT$BJ3W-YMM8zMXwMtwMwMgzMYzT$BJ39W-ZYMcM8+zMXwMtwMxwMyMyT$BJ3V<.XM}wu?]YT$BJ3V.XT$BJ3V/XMM-wT$BJ3XV4/yXT$BJ3=V/^XMvT$BJ3V/;XMJ{T$BJ3UJ3U/XM(M T$BJ3U0WT$BJ3Ux3Up0WMMMMT$BJ3_U0WMJ9MB9T$BJ34U0UWM|2M0gM+M+M +M@+Ml8Mh8Md+M'MMMp*MXF2MS+MP62MT$BJ3T1VMG:T$BJ3nT1VMM:MT$BJ3;T1\VM_MhMZMLM>T$BJ3S 2VM}_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3z<3z|MMMPMtT$BJ3Dze|MMMPMtM]T$BJ3y,|MMT$BJ3y{u@Yu6Yu,Yu"YuYT$BJ3wy{M@qM\fMx[MGT$BJ33yT{uYuYuYuYuYu}YT$BJ3x<zMT$BJ3xzM@M\MxT$BJ3}xzMT$BJ3Zx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3|(~M<MMM0MMEeMT$B,3O|Lp~T$BJ34| 3'|H~MbMZMRMT$BJ3{D
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T$BJ3}&M5M-EeM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$QD$V&tVhP^D$V&tVhP^D$V&tVh P^Ul$3j<P'5 7}73VVVVP7VjEuPEueH}3;ut?7 VVuSP7Vj];u'9t7SlVVSVjEuPMEL}39uu EtM9;uuuVj; E9EMMP@jPEPu;}-E9EtM#9t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$s ^UV3PPPPPPPPUI
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$sF ^UuM}}3uuuu}tMapU,EH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$t$K3I tlD$t,y@u&@V$PRtVy7Y3^3@jHW6ueNeM7VFdtPTvdXfd^I`tj@5Mej5MEPEPMEMEMMtEqMMx3m6EP-ME?EPEPMEuJEPEPMu63MEMEMEMMMEePE MDMEy3FUV~@NF@tNj3NdN tf WE~$PKMtM"u5YEPEPLujPNDjP_^j@4uEBN3;tj^N;tj^N;t1^^`ND]nQMN$bQ4T$Vt7D$t/NVFtW9RP_)3@3^VFW|$;u,~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t$t$y3I,tI,tKzV3F<9F,tF,9F0tF0}^xV~<t3]F4W|$;uPv6N0tW/tN0WHN,tW=ut
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
T+ij[$ueC+M"2|$t1U$SVWuuu(MN3E;h3FVWPuEuE}tu9}}~ZuM*u;t;WEPt+9}tEMMEMWuuP<3EE;E|uuu_^[VD$tVVY^Vjx<h^j$$%h0YM3E;t@MMFjhMEEPEPEVYYMEjjjjEePNjNhMMNXItVh;D$tV_Y^j/BueNN EN0Ef@FDj`$39}u3EH+pME+p]uE5 E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t3MMMMEMEuMh4APVMMEMEmj}EP)eM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t3MM}tjY}M?MEDME`WhMPVMTMEME|j}lEPeMtMM3MMEMEEPhM;PVMu*3ME}MEcMMujEPeMt3MMemMMEME!uMh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t9]t@MED&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t:It2It*It
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
t>uMO3kSWV<t3M(3FVt$Wj3WVH]Wh\;t%VhgP9>u9~u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
t@9s|t#9u
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
t`VEPu3u3D343EPE3E3;uO@u55^_[UQVuV3EFYuN /@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ta=D98T AGX4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Target file exists [%s]
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tbedrs.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tC9]t>@M}ED%
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tCAMEH;sA8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tD0076dv2ew0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tD3WE1YEEt3`WEi1YEEt3WEB1YEE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TerminateProcess
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TerminateThread
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
text/html
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tfCC@@EM;sHf9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tGFU}Vttuuu =xuuut({tf^]UQQVu%W}t}t3@_P}uEtNEtN3@-ejURURPQ EtEFEF3^jtt$sd3U,SV}3uEE3WF ;~9^$~MF$M3@9W9^uV~0r9uH9^uNW8FN;uEE3_^[u}jVW~=uutjEPv(dtYEPju~JE9]u+EMUEN$F 59]tu9]u~u1at&EPjv,tEMUM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
th3PPPPP^UVWEPEP6EP6@EPuuEut3@.tME+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Thanks for adding our Notifications
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
This application has requested the Runtime to terminate it in an unusual way.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
This application has requested the Runtime to terminate it in an unusual way.Please contact the application's support team for more information.
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
This indicates a bug in your application.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
This is a sample notification.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Thread ID#:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ThreadingModel
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
ThreadPool
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tHt3VWh3FWPd3~~~~@F+@Ou@Nu_^U3ESWPv3@;r t.;w+@P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
timeGetTime
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
timeout_sec
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TimeRecieved
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tjP]Vj-T&^UQMejhx&EVD$tVDY^j;^ZuutbetjPu uM!h0h&j1MAuP3VD$tVY^j^^39}}uuWhWkuuP<P89EwTPM`F0;F4}}.Pt"EPWVhWW(F0PuN8RMM8jkM9tB3G9~7hYMet%3MWPG;|`D$t$A4D${Vt$u3%D$W>&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tl9]tg@MED
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TLOSS error
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TlsGetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TlsSetValue
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
tMjh|NMPMMEPMuEDEKtj,dseEP3CM]tMjh|]MMEMEMEEPhMPVMMtEPjh|lM]EEME+M]jME^EesUQMejhEj4`ruM&t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tML!Pu-Pu"jjM*!PuPEME)ME)EPuulS\eP2MuF~=}@'~~=_}@p~D$VtV:Y^VFtPQvtV^VD$tVY^UQh|tjjht,teeMEEj@B39^u3dEP~(S]uKFURP;ujPvYM];t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tMMM ME%MEAEPh4MPVMu+MEMEMMuVOjG+Y3<^jMeM]MMj,DMeeEPPMEMEtMt@KLMMW_MME!MEPhdMEPVMuE@KLuMEMEjEP^eMNtMM3MeMEM>uMhEPVM]3u(MEMEMMIFjDmeEP3ECP]MEtMjh|]MMEMEMEjEPM"PVMuMjh|{]9MxtjEPMMEPEM]EaMEMEMEM]2ME&E-jFeEPEPMEwt$3ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TMThMSEPMShMSEPMEKMEYMEKMMKMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TN9a&g`MGiIwn>JjZf@;7SG00S$6)WTg#.zfJah]+o*7Z-incomplete dynamic bit lengths treeoversubscribed dynamic bit lengths treeincomplete literal/length treeoversubscribed literal/length treeempty distance tree with lengthsincomplete distance treeoversubscribed distance treeinvalid literal/length codeinvalid distance codeUT/..\/../\../\..\invalid bit length repeattoo many length or distance symbolsinvalid stored block lengthsinvalid block typeincorrect data checkincorrect header checkinvalid window sizeunknown compression method%s%s%s%s%sll'M>>lmmmlmCRegMonitor::~CRegMonitorCRegMonitor::Inits'M>pmPq)omoooKrendCSingletonLogic::OnAboutToClosestartCSingletonLogic::CreateSingletonLogicHWNDCSingletonLogic::~CSingletonLogicWM_QUIT - AfterCSingletonLogic::OnMessageWM_QUIT - BeforeCSingletonLogic::WorkerThreadRunCSingletonLogic::CreateSingletonLogicThreadB)?xxBxxymGau;~{xx|2vwwEI CWindowStyledBorder Class`8,YOUOY_YY_,(O(2Y2Column1LoggerWndCLOGGER_WND_CLASS$TRANSLATIONTRANSLATED_KEY</TRANSLATED_KEY></TRANSLATION><TRANSLATION></KEY_ID><KEY_ID><TRANSLATED_KEY>H6</LANGUAGE_PACK></TRANSLATED_KEYS><TRANSLATED_KEYS></LOCALE><LOCALE><LANGUAGE_PACK>en-usLANGUAGE_PACKtooltips_class32 83MM h(w/NSysListView32X7dUnknown exceptionlXdddcsm Access violation - no RTTI data!Bad dynamic_cast!&??33EncodePointerKERNEL32.DLLDecodePointerFlsFreeFlsSetValueFlsGetValueFlsAllocCorExitProcessmscoree.dll(T&dbad exceptionruntime error
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tNIt?It0It
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
too many length or distance symbols
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
tooltips_class32
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
tPMIC;|MEPxPMuEGEj8_H2]MTeM=MhEPEPMELNMEFM1?uu?EP%EPEPPENMEmFCMh\EPTPMEMME<FM>u<EPEPEP~hPEMMEE>CMhEPPMEbMMEEMG>]u;uE~xP4MBMhEPPMEMMEwEM=u5MB~x=t;uEPLEPLMhEP$PELMEEMhM;EPejh0EJIMD=u9tE^xP5LAMz;EPejhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TQjhB[VV0uVYEuF\]3G~t$hVP<hWu~pCKCFh@j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tr3ME7j"6u3E;t;tm;tZ;tG;t4;t!;t;t;tc;tP<;tPAY@SPl;~SP;t9SjP;tPjEYlESDER]M,6UQMejhEU0SVWEPs@uuuu5PWEE8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
TrackPopupMenu
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATED_KEY
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATED_KEYS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TranslateMessage
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATION
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Translation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TRANSLATION_KEYS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
TrayNotifyWnd
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
ttjj5(w0^_jH&39u;t9pt,=0Vps0p=0;tptVpMMURuPujEjP9hYEEtdc3ej|VEYejVEEs4usEjg3VVdjejhVVVdh222LdK<jgPjhMVEE)i=PuEPPVuEPuuuMEu=0)EePEPjEPE*jFj+QPvRpMEP5`3tQbjpjpMEH;9q9pu@spMEFUERPTuF+EMURPXuF+FM+EEjPuuupjpEeeEEEHuPMMjdR&}3;u3;tptVp0MmMQuPHEj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tu($E$E$]3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tuEG`uEGd3<UE]UE]jhF9<euu\E/EE3=e}ujeEE+<U3@}u3]USVWUjjhuZJ]_^[]L$At2D$H3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tuO`MG`u@OdMGdu.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tUQSV3;uGj^SSSSS0FW9]w}Gj^SSSSS0"39]A9MwOGj"M"w]9]t-NE3uvW0AE3;vU9UrE;ErIIG;r3_^[U}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tuuYuWuuEEEuYjhAP3u3];;ub>VVVVV3{3};;t3f97;tE;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
tVURPEPQtfEM3^USVu3;t9]t8uE;t3f3^[uM5E9XuE;tff8]tE`p3@EPP\:YYt}E~%9M| 39]RuQVjpEuM;r 8^t8]eMapY*8]tE`p:39]PuEjVjp:Ujuuu]UEu3]V3;|;r~VVVVV"3D@^]USVW3jSSu]]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Type Descriptor'
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
u ]E]E;Eff
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u ]E]E;M<<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u#~jEP^E~7e~!uZ#tjEE;E|juj;*OE*E"#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u(E+EWu$MPE+EPuuuSPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u0u<xt<XuGG3uNt0t1aw ;MsM9Er'u;v!M}u#EOu }t}e[]]]Guu=t}wu+9uv&TE"tMEjXEEt8Et]}tE`pEEt0}tE`p3[_^U3Puuu9TuhPP]U V39uu/TVVVVV'uEuEuEBPuuU^UujuhR]jh@utu=|uCjYeV-YEtVPNYYE}u7u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u39u3AM]PM9URhjURh,t]P]Q;9]M3]}tr/~g3jZ]Qm3YE~F3MWEPEPMDMEpMjXfG;|MjYUR3URufE}UR3FVjfEh,tuPQ|u~#3EDtPKuuYuEj,5?3SjEPE];t9]tzEPEURP]Qt;|I9]tDjuM_MEnEPEPMEMEWM]LEPQEPE@VtCt:h|hjlGhSh^VWtP0)'F,PF<t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u3@^]j4r*1M3;gHTG9EV9uM]{$+{suus(+s }uVWsE5PuEejhTEQmeejh|9mM3PPPEjzPuh s EssuWjjujuEuT=t8u}j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u3}hV@@PN3jOujvQeNN$EN4ENHEwNXEkNhE_ENDFxEF|EnjOuNhE6NXE*NHEN4EN$ENEMPjOujzPeNN$EN4ENHE{NXEoNhEcEu!Fx!F|NDHxNxH|N|@DFDSjOluujOeNf4N(f,f0j7P%u}tG3PjOe^3E;uN(F,F0GGP*G(F(G,F,G0F04t'hyYEEtw4}3F4gjePuN43@EtPf4NE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u8Rz t7;qu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u8Rz,t7;qu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u8Rzt7;qu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u;q|;skSuuu#DuYPtHE#Uu)
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u@_[Ul$3j0N eM}uE@EtV'BEVWh4hj3hPfEEP EPVWL5PSEPju{YuIEPEPuLu4jEPMejMhMPuMMSEPju;u}tu$uuTu9EtMtua?jX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u^[_3:u~at(:uAtf:t3^[_G^[_^[_Uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u^]USVWujj}5SWu EPWE uEuuuWuWuW5Su _^[]|$u3t$SW|$u3#VWtVVW^_[UQQSVutcutVEFW=EEPuEEFFEFEEPu}EFEF_tV^[UQQSVutcutVEFW=EEPuEEFFEFEEPu}EFEF_tV^[U}SVWtCu5t4uWt"juuuuW3@3_^[]U}VWt<u5t-ut$juuuuup3@3_^]Vt$t4jV|$t@u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uB0B/$1wjYJM$:ujY+tHHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uB3@_^[jNAMhPuuuhhVjHEPj3Wuu0;,EPWEPWu}u}Eu(u$3}hV@@P=t';t#u$u3}hV@@PEDjPYYtlEEEPWEPjuuu>E;Ew63jfGWMMeEP{!WMYMWYMj}u$h|Vj3@3PhVAAQ3UQeSW@t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uBEVuuhVjuuTujY
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ucMPcMcM+WEPbEPMEduME&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uD$_D$U]U]jhH@eMx:M+MMUEEEEE8csmtEEmeEjhh@zeuEEeMx)uMUEE}uuuuu@jh@3EEEE;E}uUuuEEE}uuuuuDn;";[;:C:B:9U}}tt}]=t-U$,$=t<$XfftU T$|$l$T$D$t<y$$T$,$$T$T$u\$\$=VVthV}YtVUtFtPXVWYj0jh@4(VepXPTYEMPQ7~YYeu_]UTSPSuuSPTu(PP0MQTPTQXPXQQPU=VthV}YtVIUQSW}3];u kSSSSS=VYShjXYY;tJ.UplVSEYYVjVhu~TSFX(~;tW,u#PEVCY9]tu,kY^_[UUSVW3;t];wjj^0WWWWW_^[]u;u3ffAAFFf;tKu3;ufjj"YUEVWu|PLYu3Uub(|}}cR| B|jYYux3;u19=x~
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UDRUDRP9}hu<;uUMD%AMTEDPV;,MD3C;9}htMp9}\u9}huMDWh`ttSWvk;tA&;PM4NU4RP<;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uE3B;r9]uEx@GW;u]]u+ED0tyjju;Eu GM8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uE@;rG @juu}:9EwOttGED0tEE)EEM^_[jhhA339u;u?VVVVV'uYuuYEEEuYUVuFu?g}FuVEeYVFYyFttuFuuV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEE;tPQE];tPQEM;tPQYD$t|$r|$w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEmEjEPjEP4hu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ueMQPMMmVVD$tV4mY^j.lj%fYM3E;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEuEu^VD$tV!HY^VD$tVGY^VD$tVGY^j`UFuE}$3<E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ueUQSVW5Hg5}8gYY;+CrwWmCY;sH;s;rPuTmYYuG;r@Pu>mYYt1P4SfYuEfV:fYEY3_^[Vjj lVfujX^&3^jhx?,KneuYEEE-*nUuYH]QUrpYUVEtVY^]UEQPT6YY@]UQSEEddE]mc[XY$UQQSVWd5uEjuuu:E@MAd=];d_^[USVWE3PPPuuuuu{ E_^[E]UVuN3jVvvjuvu{ ^]U8S}#uM3@eEM3EEEEEEEE EeeeemdEEdEEEEEfEEPE0UYYe}td]dEdE[UQSEH3ME@ftE@$3@ljjEpEpEpjuEpuLz Ex$uuujjjjjEPh#E]ck 3@[UQSVW}GwE-u{MNkM9H};H~uM]u}}EF0E;_w;vzkE_^[UEVubeFTe^]U?e
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uEuuuSuSuSW=uEx|thhhjjEuESuESjEX)E)EEEjjuuuuSuSuSuuMjuS4MMBR3EjtDu` 3$PE,<E39Lu"39D$u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uFFdF$FFFF F$lFP$FXF\ |GWPME"%MJXtS9YMZGWPMEPMtEvEgEEMl$8l$l$}l$ pl$Pkl$^l$ l$Jl$;PJl$+l$$l$l$l$Xl$Pl$l$l$wl$ jl$l$l$l$?l$ l$\l$Xrl$el$l$$Vl$Gl$Pl$l$l$!l$ l$ l$l$l$l$$l$Xwl$jUEV3u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ufYtuw-Yth\u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uf}uuh<hjMNEPME(MEMM3jP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uHMj$Z.YMeti3uMHEoMuaEPPR4j0j3M39]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UhP(RP$R]D$T$SVWD$UPjhd53PD$dD$(Xpt:|$,t;t$,v-4vL$H|uhDID_L$d
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uhpeN;~$EuEvjX.uN$ENE]DM@\VWPt+tNQIjN<@_^UQeQMRMEj.jD/YMet3Mjh(MIjjEPE> utj3MMC$tt$h,j .39]9]M:M]:MEvwMSEPh EPh#tXMX;uLM=M=MjEPEP#MC;rMEBMMB3@MEwBMMkB3sVD$tVY^|$Vu3(N$th(%tPt$^jP.6Mejh|MGME8MEXhxhhEPMfEePJ5h4AEPtqM9ueEePJht=Pt13FME@ME@MMMtj3VWtV#_^j!/u}^3}DX7MEcN5pMEXjJMX3hfF$-BM~(~0~,MEF45lM~8~<EMEMU(SVE^P@7Pv(xunWj(3EWPF(hWEE}}E}jEE}6EEP|f;fF$_u33@^[jP/uu3HuO0ttnAukjmYEetNQvD3Mj @YEEtj`3MPjHp5(w3@j0/E3+ HHHHHtH9~,j YE};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uiParamsCount != 1
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 2
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 3
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uiParamsCount != 4
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UIsrael10U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ujEPeMuTMMEMEuMhPVMMEMEMMjEPZeMJt3MMMNMESMEouMhPVMaME#MEj|~EPeMtj^MM%MMEMEEPhMHPVMjYuMu<}uMEtMEZvj}EPeMt3MMlt~MMEME(uMh$PVMMEMEj5}EP~eMnt3MM}MrMEwMEuMhHPVMMEGME-j|EPeMt3MMBJ}MMEMEEPhHMmPVMu!EuMEMEj|EPMeM=tj<^MM|MBMEGMEcEPhMPVMuE<u,;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uk=MMUSVu$uuhVj3]<M;tuu>EWEPjSu]u0;uuuu$;ujX
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM3MuhvYME;t3MQ]E;u+;tuM;uM;tV:}Y]9],uuPU,ESVW3WWWjP5d]j;}E^u3j7hEPudtIEPju~6}Eu+E}5Etu}tu37uh_^[j|QZ{39}u3EPu};tE;98tR;tR@;th
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM@uMu6GYYMLD$ MeHMEtrjW63E;ug 8tN6jEP6]uf}uERP6;tSS6;tE0@@}uE#uMEE#;tD=t)=@t"=t)=@t"=t=@uEM#;uE]EE@]E#=@=tw;E;yvv0fE3H&HREEjSS6tSSS6#jEP6ettk}uYEE;bPjSS6WCSSS6B#E%=u6Y4j^0d=uSj6EASS6EEE+PD=P6b9}D$2M0D$M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM_[U,EH
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uM_[U|3EES3V3EEF3WE}]u]]]]]]]9]$u(kSSSSS3NUU< t<t<
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMEEP !EuMEP!EuEP}M#M6M}EPEPEPEFUM~EEPEPFVPM\EPM[tQhSj:ME$MEMEMEMMM%puh||PEPE~u$hSj:|E`V|PEPy|EMEbMEVMEJME>MM23@1h`hHSjx9h4Sjc93UVWhHVj:9t}t9EuhnuEPWwMEPMuh7M|u&MhuhVj83@hVj83_^UVuEPVvMEPM3^j"MzeEPu3t)MH|uEP|MMMM3jDr2hMneEPM-nh\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UMFeWMe^t8MFwDMWEQGPM"BM8MEFQWMYMFO4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMfu-EEEPM]eMPCMMfuEEEPM)Efuf}uMPVkfu'EEEPMeMPEM3=,1+RYVt$RYu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UMVuy|QI42^]Uu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uMX3MD;t]|D4AMDF;u\rD=]LM@E\E|EDEH;E4U<UXU0UX}(HDME,E,E8;ELM89EHML+MLUE@E E4+UEX;vMXMHU83+@B;v%u,+U8;MXs
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uN3];tj~E~StjC;]|fMF@Vu^Vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
unblockFrameNavigation
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UnhandledExceptionFilter
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
UnhookWindowsHookEx
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
unknown compression method
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Unknown exception
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Unloading
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UNSPECIFIED_ERROR
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
unzip 0.15 Copyright 1998 Gilles Vollant
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
uOYuV[YFWF>HN+I;N~WPuEM FyMtt@ tjSSQ4H#t%FM3GWEPu7E9}tN E%_[^U@@txtPu [YYf;u]]UVuEM>Yt}^]UG@SVt7u1E0MP~CC>Yu8*uj?cY}^[]Ut3EES]VuWu39u3oWWWWWmt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP uuWuv_^]^]%VD$tVY^SV_\$StfW39~@uZD$^DFH3`t@WWWWWWWWhWhSF@;u3=VjPhjv@F3@_^[j1ueLp$EW$EH$$(bj1}u}W
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP43^}7]VjSWu^hS4uuuSP@uuSuP0uuujuvuutPjuuj]tQPuRS\Ss+#tE- t*uuWuPuuW7uuS}t*QPEPEPWuh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uP^]j@#s}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UpdateAllFeedsLastTime
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
UpdateFeedInterval
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
upon termination. memory size: %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uPYY]3]jTh@EK3}EPEj@j ^VYY;50@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UQQVFV0MEPMt/VvMxEPMwtiuEOEPMTu/SW}]MSWEPEPM't_[uuuE^UVVvMFV0MuEuuuPvffY^/ijZuL"F$"F!F!Fx!F,!F!F !F$ FP FX F\| ` L , LE$EhMP\j8Yh#MDE$3P]AM3SGWM>9h|#M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uR ^V9D$u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uR9uuMM)zh3FVD$tVIY^jHj,e}uMjh|IuuMjh|,MQM3EFPuMuEyEjuEPm3MuqtMMQyYMqM3Fj0sB`}33MufEu3rpPMdMEEuqV;tP;tuM+pPMEE;t3Pjw0;t5uSP$E@$URuSPQH}EMEt5EPEPtSPEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uRDtAPt$0/l$l$UEV3W;P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
URLDownloadToFileW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
urlmon.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
USE SYSTEM CHARSET
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
User is Idle less than a minute :Idle time %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
User is Idle more than minute :Idle time %d
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
User-Agent
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
USER32.DLL
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
USER32.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
user32.dll
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
USER_ALERTS_STATUS
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
USER_CLOSE_INTERVAL_MM
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
uSj0[g$HfwjY+M$;ujY+t+t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uTMMEMEuMh8PVMMEMEMMjEP`eMP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ututM0n|[8PwPM8Er8E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuPEj{jzMEP3H!}MuPURP}ttjuPURPMMz8u3PtbDj(Qy}u3eEPu|2t}umPtjsYEet<3uMEEP}MPEMM'uuPuMEEEPM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuuPPju^uYuuWuP Vju!uYuRuYuR0uYMQMQR8ujYMQMQR4ujV#]tVDjeDMQPE\}u_uV^EpM39ytjV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uuuuuPtVjjND$tVNY^j;1uQeeueSVW|$-u$v6jW~-Yt_^[VWwp@g6_v^j0ued6YXUQVEPEP.^Vj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uu{XHHty+&HHt0GPhPP3tG1t<Ht5t+PYpeg2itmnt$otaU7 tff@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
UVEPv<tE+F(PE+F$P_^VN8tDh|$N8thjdjj3N8N8jP^j4%e}3C]G]h2j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uVYL hhhPYYuBh_OBT$Lc=YthN!Ytjjj3]jh@Cj;KYe3C9E}5Y}tx5Yu}uu;rW9t;rJ6559}u9Et}}Eu}hxl_Yh|OYE}u(jiIYu3C}tjPIYUjju]jjjVV$VVVVV}VcV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uy3MPj5(uEPEPujXMejEPMPN(E'MEDMMF8zjNeeu4zeh%Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uYM};t3uMuuEV]uM;t0V{Y}9}t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
uYuVYFWF>HN++N~WPuEN F=Mtt@ tSjjQz#t-F]fjEPu]f]uE9}tN %_[^UWVSMtMu}AZ I&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u{F^j,&Mu3uMuu1;uFMMfj,&Mu3uMuuz;uFMM!j,&:Mu3uMu;uFMM{j,&MKu3Mu3;uFMM<j@,Meeju@]EPMHMEOPj5pMcME/WMM3+j,&DM3PP5pMEEcMM3j,&MXejj5pMcMMH3j,&MueMq@MM3sj,&MueM=MM3:VNtN^^j.9~u%jLAYMetFP#3FFUdh,MAeVP49M`S%EPMEjd_j[SE@PEeXPE}@^M`^)E PMHj\M E`PM ;VjE0PM 5`M0EMeXjhZE0P@@E|~zMKEPNV@EtMEPM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
u|_3GWu|PE|hLkYE`et`3We`Sh|]7vWu|P`MP(ShPMd}7EPPEdPEYYMdE1UPRPPMP]1t~MMPEE(ShMdE/7EPPEdPEmYYMdE41EPPcthtMPE1M]M@'M0E'ShMdE6E0PEdPEYYMdE0M@E@PMEVM@)uM@'PM03M0'=PhvM@'Sh(MdE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V#YYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
V,F@ F@@ FpFy dG@MWS@ HECjD\r2hM\meEPMlh\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
v,WWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
V3GPN$]G4PNG$PN4uNGPNHMVEE;EmMM3@}UTj,}h,wYM et3}u3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V3Mj&YME;tVS3MMP2EE;Erj3W3@},U`j,+u`El3;9^@x;@MElnM]G;9^9^hTF%YM,E;tU3ulW]EljM3NnM0EMPEM@ExM0QEP$MPQPM@QPMPuAM@u5M0u)E@PEPPE0PMtEPPM;tG9]lto;ukjd$YMlE;tV3M`PEM@EMPEM0EM]fmMMZm3PjM@EMPEM0EM]mjMMm3@Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V8F@ F@@ Fp\Lz uA B IA p,;1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V9Ptku;rkM^;s9Pt3]5wYj hF>3}}]LtjY+t"+t+td+uD[y}ua`w\]Zt<t+Ht3PPPPPc
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@P3_^3[NUSVW3jZG}Q(3Y;ujXVEDPVSW};uSYuVW^EMQWPVEPSuu@E=SWYYVVVEPVVVVVVVu?}8t}EE3j@ZQcY;9EDPVSuA;>uVWEPEWPVEPSuu@E9uu/ujE@PxSuMW}SWEYY_^[VD$tV'Y^D$VtV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@PjOeMPuhTVjeEPMPuDt)h|Vj3FMM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@@Pru$h|VjM]W3CFj(<O]MuuuhVjjEPj3Suu0;t3PhVAAQ73cMMeEPSu!uE9EuMEPMMCtu$h|Vj3@uj$_OMPuuhHVjEPj3Wuu0;t$3PhVAAQc3MEPWu}Iu$;u/MEPKh|Vj3GMM3h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
V@FL" "Q:BAbppo(E6;nNc IY(ZG<|BV"npfF`!4RjZ6j;GIF89a/$tted^sbZy]crbZuku~zfvuu\dql~[ovkcT`samrY[iQqrtdRdwygu]nyU}gukvw^ppbvSsowhsd^gv{uunauV!,/$@*\#JHA2j `IdIDR\e8;6c(opE>G9k'O*]tbc4HG?I j)*#P
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VarFileInfo
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
VdMuDhfEESPEPSShS@|EP&]VdMi3CM]MxMhMEP$MEXSt!jh|`M]]ZDEP/bhHcjWMc`jWMET`MELQMEPEPMEaMECZMQPMbWMbMjEP PMEaMEZM`QPMaWMaMFQPM=QP}RMVcM]EYEMYMEYM]YMEgE'MVhLrPVb]ME^gMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vdr"""t!)19"\dlt|""`BJ""mu}""\$"I"l"""P""-5=`kv~""H""@""Lckss{""" $,44<DNs{"`"""HDLV^fnv""".6","Yaiqy"6.OW"0z"t"""4"*2:BJR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
veM}tP?MYP+;=tDPMv0t2j b,YMEtjw3Pj5(Ev0ME9Et@PMLv0t.j ,YMEtj&w3Pj5(v0MM&u2j,&1Mt3u9uuN9<tF;t5E~'VkGt<4PMF;u|MMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VEPMEMEEV9]t,j5M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign Trust Network1;09
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VeriSign, Inc.1
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA0"0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)09100.U'VeriSign Class 3 Code Signing 2009-2 CA76dv2ew0*H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VeriSign, Inc.1705
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VeriSign, Inc.1705U.Class 3 Public Primary Certification Authority0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VerQueryValueW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VerQueryValueWGetFileVersionInfoWGetFileVersionInfoSizeWVERSION.dllRObtainUserAgentStringfURLDownloadToFileWurlmon.dllCCloseHandlewReleaseMutexGetLastErrorCreateMutexW.TerminateThreadGetExitCodeThreadCreateThreadGetModuleFileNameWGetModuleHandleWfGetTickCountLFreeLibrary GetProcAddressLoadLibraryWGetCurrentThreadIdKERNEL32.dllGetStockObjectfSetBkModeDeleteObjectQRoundRect^SelectObjectICreatePenRCreateSolidBrushDeleteDCBitBltFRectangleExcludeClipRect-CreateCompatibleBitmap.CreateCompatibleDCeSetBkColorSetTextColorGetLayoutGetTextColor2FrameRgnMCreateRectRgnGDI32.dllShellExecuteW#Shell_NotifyIconWSHELL32.dllCLSIDFromStringkCoUninitialize=CoInitialize;StringFromGUID2CoCreateGuidIIDFromStringole32.dllOLEAUT32.dllGetProcessMemoryInfoPSAPI.DLLEPathFileExistsWSHLWAPI.dll_TrackMouseEventCOMCTL32.dllsInternetCrackUrlWeInternetCanonicalizeUrlAInternetReadFilejInternetCloseHandleInternetOpenUrlWInternetSetOptionWInternetOpenWWININET.dllLReleaseDCGetDC9GetLastInputInfoJRegisterWindowMessageWOGetMonitorInfoAMonitorFromRectGetClassNameWEnumChildWindowsSystemParametersInfoWlGetSysColor~SetLayeredWindowAttributesEndDialogEnableWindowDialogBoxParamW]CreateDialogParamWSetWindowRgnSetWindowTextW*CharLowerBuffAOCopyRect(GetIconInfoKReleaseCaptureGetCapturegSetCaptureGetWindowTextWDrawFocusRectInflateRectGetAsyncKeyStateIsWindowUnicodeoGetSystemMetricsIsChildDrawIconExDispatchMessageWTranslateMessagecSendMessageWCryptMsgCloseCertCloseStore?CertFreeCertificateContextJCertGetNameStringWICertGetNameStringA5CertFindCertificateInStoreCryptMsgGetParamCryptQueryObjectCRYPT32.dllMultiByteToWideCharzWideCharToMultiByteGetModuleHandleALockResourceLoadResource9FindResourceWLocalFreeLocalAlloc3OpenProcessGetCurrentProcessIdGetCurrentProcessuGetVersionExADeleteFileWSetFileAttributesWGetFileAttributesW-TerminateProcessMulDivlstrcpyWInterlockedDecrementInitializeCriticalSectionDeleteCriticalSectionEnterCriticalSectionLeaveCriticalSectionxGetComputerNameW;OutputDebugStringWGetFileSizeCreateFileWhReadFileFindClose$FindFirstFileWeCopyFileWRemoveDirectoryWMoveFileExW0FindNextFileWOGetSystemTimeAsFileTime SizeofResourceSetThreadPriorityGetCurrentThreadGetLongPathNameWGlobalFreeGlobalUnlockLoadLibraryAGlobalLockGlobalAlloc!Sleep2TlsAlloc4TlsGetValue5TlsSetValueSetFileTimeLocalFileTimeToFileTimeDosDateTimeToFileTimeSetFilePointer*SystemTimeToFileTimeqCreateDirectoryWWriteFileGetLocalTimeHeapFree#GetProcessHeapRtlUnwind>UnhandledExceptionFilterSetUnhandledExceptionFilterIsDebuggerPresentZRaiseExceptionExitThreadResumeThreadoGetCommandLineAHeapAllocHeapReAllocMoveFileWGetConsoleCPGetConsoleModeGetFileType3TlsFreeInterlockedIncrementSetLastErrorHeapSizeExitProcess;GetStdHandleGetModuleFileNameASetHandleCount9GetStartupInfoAJFreeEnvironmentStringsAGetEnvironmentStringsKFreeEnvironmentStringsWGetEnvironmentStringsWHeapCreateHeapDestroyWVirtualFreeTQueryPerformanceCounter[GetCPInfoRGetACPGetOEMCPIsValidCodePageLCMapStringWTVirtualAllocLCMapStringA=GetStringTypeA@GetStringTypeWAFlushFileBuffersSetStdHandleWriteConsoleAGetConsoleOutputCPWriteConsoleWSetEndOfFileInterlockedExchangeInitializeCriticalSectionAndSpinCountGetLocaleInfoAxCreateFileALineTo!MoveToExSetWindowOrgExGetWindowOrgEx>CreateFontIndirectWGetDeviceCapsxSetLayout!CombineRgnGetObjectA$OffsetRgn`GdiFlushCRealizePalette_SelectPalette4PlgBltSetPixelGetPixelGetBkColorGetBkModeSetSecurityDescriptorSaclGGetSecurityDescriptorSaclmConvertStringSecurityDescriptorToSecurityDescriptorASetSecurityDescriptorDaclqInitializeSecurityDescriptorQGetSidSubAuthorityRGetSidSubAuthorityCountTGetTokenInformationOpenProcessToken*RegCloseKey3RegCreateKeyExWhRegQueryValueExW[RegOpenKeyExWxRegSetValueExWbRegQueryInfoKeyW6RegCreateKeyW>RegDeleteKeyWJRegEnumKeyW^RegOpenKeyWBRegDeleteValueWIRegEnumKeyExWLRegEnumValueWADVAPI32.dllSHGetFolderPathWSHCreateDirectoryExWCoCreateInstancegCoTaskMemFreeCreateStreamOnHGlobalKNffff+Bhfgg(g:gAlert.dllDllCanUnloadNowDllGetClassObjectDllOnUpdateFinishDllRegisterServerDllUnregisterServer,U.?AVCAlertAboutBoxDlg@@U.?AVCAlertDialog@@U.?AVCMyDialog@@U.?AVCWebBrowserContainer@@U.?AVCContainer@@U.?AVCUnknown@@U.?AUIUnknown@@U.?AUIOleClientSite@@U.?AUIOleInPlaceSite@@U.?AUIOleWindow@@U.?AUIOleInPlaceFrame@@U.?AUIOleInPlaceUIWindow@@U.?AUIOleControlSite@@U.?AUIDocHostUIHandler@@U.?AUIOleCommandTarget@@U.?AUINewWindowManager@@U.?AUIServiceProvider@@U.?AVCWebBrowserDispatcher@@U.?AVCDispatcher@@U.?AUIDispatch@@U.?AVCSeed@@U.?AUIElementBehavior@@U.?AUIElementBehaviorFactory@@U.?AUIHTMLPainter@@,U.?AVbad_alloc@std@@U.?AVexception@std@@U.?AVCAlertFeedItem@@U.?AVCAlertChannelItem@@U.?AVCMapStringPtrW@@U.?AVCAlertALPResponseObject@@U.?AVCAlertChannelsList@@U.?AVlogic_error@std@@U.?AVlength_error@std@@U.?AVCAlertClient@@U.?AVCAbstractAlert@@U.?AVCAlertExpirationData@@U.?AVCRSSAlert@@U.?AVCInstantAlert@@,U.?AVCAlertDialogChildButton@@U.?AVCDialogChildButton@@U.?AVCChildButton@@U.?AVCMyWnd@@U.?AVCAlertDialogChildButtonCheckBox@@U.?AVCDialogChildButtonCheckBox@@,U.?AVCAlerter@@,U.?AVCAlertGui@@,U.?AVCAlertHTMLDialog@@U.?AVCHTMLDialog@@U.?AVCHTMLDialogBrowserContainer@@U.?AVCAlertHTMLDialogBrowserContainer@@,U.?AVout_of_range@std@@U.?AUIInternetSecurityManager@@,U.?AVCAlertHttpManager@@U.?AVCAlertLogger@@U.?AVCLogger@@U.?AVCSingletonSeed@@U.?AVCReferencedSeed@@U.?AVIDefaultTranslationsLoader@@U.?AVCAlertLP@@,U.?AVCAlertManager@@U.?AVCAppManager@@U.?AVCAlertAppManagerFact@@U.?AVCAppManagerFact@@,U.?AVCAlertOptionsDialog@@,U.?AVCAlertOptionsDialogTitleBar@@U.?AVCAlertTitleBar@@U.?AVCMyTitleBar@@,U.?AVCAlertOptionsDialogWindowStyle@@U.?AVCAlertWindowStyle@@U.?AVCWindowStyle@@,U.?AVCPopUpWindow@@U.?AVCBaseWnd@@U.?AVCAlertResourceBank@@U.?AVCResourceBank@@,U.?AVCAlertSingletonAllocator@@U.?AVCSingletonAllocator@@,U.?AVCAlertTrayIcon@@U.?AVCMyTrayIcon@@,U.?AVCAlertViewRecentPopUpWindow@@,U.?AVCAutoUpdateThread@@,U.?AVCClassFactory@@U.?AUIClassFactory@@,U.?AVIAlertResultEvents@@U.?AVCConduitAlert@@U.?AUIConduitAlert2@@U.?AUIConduitAlert@@U.?AVCEventAlertClient@@U.?AVCEventGeneral@@U.?AVCEventAlertGui@@U.?AVCEventLogic@@U.?AVCEventUsage@@,U.?AVCLogic@@U.?AVCNotificationsItem@@U.?AVCRSSItem@@U.?AVCNotificationsFeed@@U.?AVCRSSFeed@@U.?AVCServiceMapManager@@U.?AVCTrayIconPopUpMenu@@U.?AVCStringBufferW@@U.?AVCSyncMapStringPtrW@@U.?AVCArrayStringW@@U.?AVGdiplusBase@Gdiplus@@U.?AVCUtils@@,U.?AVCSingletonManager@@,U.?AVCEventSingleton@@U.?AVCEventSingletonGeneral@@U.?AVCAtlException@ATL@@U.?AVCStringTokenizerW@@U.?AVCXmlNode@@U.?AVCArrayPtr@@U.?AVCMapPtr@@U.?AVCCritical@@U.?AVCSyncMapPtr@@U.?AVCFileHandler@@'p'U.?AVCCommandId@@U.?AV_com_error@@U.?AVCXmlDocument@@U.?AVCRegValue@@U.?AVCSetupRegW@@U.?AVCEventHttpRequest@@U.?AVCEventHttpReply@@U.?AVCDialogChildButtonStatic@@U.?AVCDialogLineDivider@@,U.?AVCMovingFrame@@,U.?AVCJsonValue@@U.?AVCJson@@U.?AVCJsonObjectPairValue@@U.?AVCJsonObject@@U.?AVCJsonArray@@U.?AVCJsonNull@@U.?AVCJsonString@@U.?AVCJsonNumber@@U.?AVCJsonBoolean@@,U.?AVCJob@@U.?AVCThreadPool@@U.?AVCDummyJob@@,
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VERSION.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Version:
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Version:P>*The publishers of the Community Toolbar or app will occasionally sent out news or other information of importance to the community of users. These notifications appear on your screen near the system tray and keep you in touch.P Notifications are instant announcements that appear right on your desktop. You can reveive these notifications because you installed a Community Toolbar or browser app.HMS Shell DlgP?2OKPt2Cancel@[SysTreeView32PPPPShow icon in system trayP|Alerts enabledPhMS Shell Dlg( !f
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vEUjpQujWVpR$tuuW4Ej*YuvYe^[M3UWuMe}EPu_}YY_tMapUS39TuAE;uDSSSSSd3/8t)
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VF@F@@Fp)FydG@MWS@EUQVQeeu]^jHM]{t2hMkeEPMYkhEPE41Mzt{CxtEH9;uvsuwMA9Xux9u>~I9utxtEH9Yu}tGBxtQ\B;Cupuw>SKAMI9YuAK9uAKHKQP+YY{;ulFxu@VF^Fxu}yuHythHyuAMP@jFNHMF@V@~xu@VF7xuHyu"yu@vMA;x?7yuHAMP@NHMFV@GjSYMAvHAuuuE=jHVM]{!t2hMUieEPMhhEPE4MDz!t{Cx!tEH9;uv!suwMA9Xux9u>~I9u!tx!tEH9Yu}!tGBx!tQ\B;Cu!puw>SKAMI9YuAK9uAKHK Q PYY{ ;ulFx u@ VF Fx!u}y uHy thHy uA MP@ $FN H MF @V@ ~x u@ VF x!uHy u"y u@ vMA;x?7y uHA MP@ `N H MF V@ G j0SYMAvHAuuuWEUEVuEFENF5fEF,F-^]Vt$g4^USVWGpEMFPD}Et6v~!tWSM}tLGW0MEPMt&uSjEPLEIH@2MfuuN|tuSuEMp@_^[USVWGpEMFP||Et6v~tWSMQ}tLGW0M=EPM<t&uSjEPEIH@2M`uuN{tuSuEMp@_^[UV~uuvjuEgFSWV0MEPMt$E}P{WuVvMWEPMV}t'FHWB{FWpjEP{t8EEEME]WKztCx!WtSgugMWztfEVvEEMEMEPM]uCPzt$EHy!WtPjSjuEWEPM@A_[^j;ZuQeeu9eIj;%uQeeueUQQVFV0MEPMt/VvMEPMtulOEPM{u/SW}]MlSWEPEPMNt_[uuuE^UVVvMFV0MuEuuuPvffY^UQQVFV0MEPMt/VvMEPMturOEPMu/SW}]MSWEPEPMTt_[uuuE^jd}jjSeYYuuEtuuuuuAu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VF@F@@FpLzuABIAp,;1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VirtualAlloc
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VirtualFree
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
VjEEPjjSW03;t3PhXVAAQw3hfEEWPQWWWWEPEPWuEDu$;u!MEPh|Vj13@3Sh@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VjM}M9}thhMjEPuuuWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vk35+Eh+uE}UdVyj YuSYY_[^tVt$ujX^~|tVY6VVYY3^UQQSW}3;ujXC9_t9_|tW|YEPEPEPWtjVhY;t'h@YMNDMNH^L;uV~YjX^@O<39_4NT^PO4NdN`ONh^;uFP^$^(^,YuF@G@FXGDF\G0$FlG0tG9G?FlF|E^pxV4FtgE#FxxV4EtEtPSEYYuGxMfDF<w|3^_[UQQUW3}};tE;ujXVp|;uj9>ujXM;u3EFF\N;vFS9~U~FX@;s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vl$Yul$$vl$ul$8ul$.ul$l$ul$ ul$Xul$tl$tl$ul$$ul$ tl$~ul$dul$Pjul$]ul$$tl$Iul$/ul$l$(ul$gtl$ul$tl$Xul$PtV}D$tV9Y^|$vL$D$ff;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VMF@,F@@,FpRFy,dG@MWS@,CE>j`
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VMMcSVW>}?u0}_^[VD$tVcY^jV~$u5WhxWj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VP3@^]L$IAujP3Vrf^j+yuFetPQfMP'j.BH~u%jPEYMet3MF!FtPQFVW39~tG_^VNtc^Vl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VP>;tWMh\EPEM}!uEP0uuuuuMM)3j<2MdeEPMKMPEA0ME(M&!t3MM3Mh03FUVM t3*umM uMMP03@^]jYMeEPutVM uJMuMhE@PMuuMh'PMMEpMM'j(1eM^EPu3C]txMulM2MEEPhMEPMMu(jh|,M]EM]&EPG0Mjh|,]ME&Ej90*MueEPu"tIMu=M;EPhMEPMqEMuuuMM9&Aj<2ZMeEPMtMPE-ME%Mot3MM|Mh9.3FVL$5t3%t$ntL$L$P-3@^jMMM)eEPutxMulMMEMEME0^PMUPVMMEMEMM$MM$3jMMMOeEPutvMujMMEMEuMPM}PVMMEMEMM#MM#3j1ejh0M)eEPEPuMM#j1ejh0M=)eEPEPuMM=#ED$VtV^Y^j1AjMYjhHME(eEPEPuYMM"j1ejhHM{(eEPEPuMM{"#E|j1jYjhhME(eEPEPuMM"&j1?ejhhM'eEPEPu8MM!#Ej`'2eMu3Ch]6t~jPMU'hMEB)MEPMEPME(ME7!MPM)MEM]!>EPVEu!EMEP')KPMT)hM(MEP*M]E Ej1ujh0ME]&eEPEPuMM_ ij1uEP3MutMM (uL3FjFu+<Y}3}W<|u+Q|WW4uW;SVWjYt$3+;+Xt$H3@3;_^[j R2ouEPMeP&MMMuPMht?uEP(M3FPuc&MMEE3j02Mu3M]hMEPEPEPEPuE];thMu\MuPSMOuEuMPE0EPEMEoM]MM3@M]MM3j<2MReEPM2jhME3EMMMjx3eM;M3C]tMEP&]|2jSu|EuMEP\&]|tEPhMEwu<ht$MQPME0$MEMMEP%M]Eu|]ME[EbUl$3hF3`EDVh;jj\3P}EPE}PP;uKVjj\PEM3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vq9D$r3t$"^UQeEPu#Et$tVpu3P#^j%}u3,juMeEPMMSVWL$h|u3~1W!tt$RC;}L$h7G;|L$hx$_^[j9[ouej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VRF@,F@@,FpMLz,uA,B,IA,p,;1u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VS_VERSION_INFO
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
VST{TTTU+VU}uu}MfofoNfoV fo^0ffOfW f_0fof@fonPfov`fo~pfg@foPfw`fpIuu}]U}u]]E3+3+3+3+uJuM;t+VSP'EMtw]U+U+]u}MES;u5Mu}MMMUUE+EPRQLEu}ME]u}]-t"t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vt$PtWP_^j[&eEP7EMMFzjE}t@MW[uehX'h&hMv_u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vt$u3 W|$tWPtPQ>_^D$jh01fH@1VjXfD$FtPQ^Vt$fFu9D$t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vTvP~\nuE;F<uj3?SuPE;F<u~puP8EFptPQW_^[]UQQVuMFer&fx@u@HtURhlrP}eH3f9S3WUHtY@83tf8u@tEM;A<uMSWURuP$_[|}@t3fEtPQ3W^SVWh|hjIG$P_Nx*UV tUUYV Ny]_^[jL?p
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vu3_^$D$V$tVgY^jovfu&fNeN'gVjKg+FY3;F^j,&fMkeVMMMafj,&eM3veh~WMvMhWMMvfj,&eMeFPh~WMVhWMMM#fL$HH?Bj"eyua$eVW|$jrFtP8*_@^VW|$j>Ft
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vu3ME;tPSREUSVF3;tPQ^WE~PD&M;tj]EPEP+&uSPE(P/EPEPd_M;tj]EPEPBuSP3^@[SUVt$WhUSWWSUh_^3]@[jM#u~e^(;fj%Ej%PjMuEN(E4MN(pVD$tVY^jMo3}M9=@9~Mj3fMPMwpMEOPhdSj8FuP3VhSPEPMM%3u@MMv%3~j4M3M]H3SEPuM];M{MvMSf<tC;r]}ME+}EWuP0}Et(uEPMk.PMEU,ME$MPMooE3E;t3F}WQP;t@FSPFSP;u E;t3vURPVM;tzt]ME'$PMnEEt3F}WQPtBFjPFjPu Et3vURPVMtseEf9EuM13u@_!MMk13sjEt ]PuhVjSt3@}uh`iSM:,eEPEP]t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vu;xtvhtajtLqt6tMWueMWTMWCMP@3MP<#My@E jZfIDHMW-H-tst`MejjEPEt1t7u(u$u WuuuVPQEtPQptPQ@_MWQExPtpLHpH36MW(MWMWMW^_]$VD$tVcY^j80@y}e<]wwtetStST}tjXhfEE}tVu<j?wuhhJVBjYPDVWhZu]+HPWEP>jVMEjETYPMM\MRVPMEME}'PM{E3E;t3G<u}#VSSSQPR,9]tuM3;;tz3dj[@}Whhj?tMejEPMRPMEu}t3v<PR )v<}t3Pv<RtMMD$;uP,L$IAujP3Vt$u@,hpt$PUYYtD$PQ3&@^A@,@@$D$@@xUVuu@9hsuTYYtEtH3PQ3VuuE^]UQQESV3W;];URhsPuu|}E;tvURuuPQ|Y9utTMQhsWu|?9ut:EURuuPQE|CEEPQEPQEPQE3_^[Vt$t,Ft%W6PQFPQf&3_3^l$,@D$V,tVY^@`@@D$VF@,tVZY^j@=ut~$E3P~ StjC0;|N<EzENEMNSV^8W~$;~SL$PF83@3_^[$UQeSV^W~&}<EPWuE{9E|3_^[3@VD$tV,Y^j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Vul9utupUE(uVWP3Wh;u3j(EPVt}VX_^U$l jhD8dPL3 SVWPEde E E E3FVfH3JWP1k3VfEEWP kj8EWPkEHE#M$E<EE}MQhWP;tLM;tEPtM;tHPaE;tfMf9}u9}u3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVC*h\qCjP3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVC3qiMCkM3fM`EfUu}M}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVE4SWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVh h\WEp2j;t$tjEP46YP6ST_^[jkqYtj^qYu=uh)hYYUE$]U}}Mf$ffGfG fG0fG@fGPfG`fGpIu}]U}E3+3+u<MU;t+QPsEUtEE+E3}ME.}3}MEMU+RjQ~E}]jhEhef(E#E=t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVIz^Uh]]`]]EuMm]]z3@3h]thp]P<tjUMMZf9t3]A<8PEu3f9H]UEH<ASVq3WDv}H;rX;r
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
VVVVVwh!Vj%u&h ]hVt3PPPPP3V@Y<v8V;jh]+QPt3VVVVV3h]SWt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vWt-|$tsF;sPjNuW3;_^VW|$v49~s
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
vWu-|$tsF;sPj8uWS3;_^VjjN^y$rAAVD$tVnY^UESVW}9GswE+9usu;ujVujCjVt7rKrCCUVWQP^VZ_^[]UVW}Wet~rFFu+WV>:ju*t(NrFFuWQPu_^]UESVW}9GswE+9usu;ujV6uj*DjVt8rKrCCUVWRQP!Vq_^[]VjF;jjt$I^UVuEPVvMTEPMStuEPuYYuMVvMMEIH^Vt$YPt$P^VjFjjt$^UVW}Wt ~rFFu+WVf:jut(NrFFuWQPu'_^]VW|$WXGF_^jVuueNqVt$^fVXD$tVY^VjF]t$^Vt$-YPt$^VjF:t$^j{u}WQeWN(Vt$^UV~uuvjuXEsFSWV0MEPMqt%E}PWZYYWuVvMEPMq}t*F@WPYYFWpjEPWYYt;EEEME]CWPYYtCx-WtSkukEWPYYtgEVvEEMEMEPMp]uCPW^YYt$EHy-WtPjSjuEWEPM@A_[^j0uEPFVPMDEPMCp]uCPuYYt=uM(eeEPSuEP@jMjMEMpUhl$3Ehj<}tM,eM@LE PE_$SME]DM EPM1eHMPMLELPE8PEV5M'EPM8&ouM8Ao@EHjBYuHM E<MPEPhpSj.}H'ELPUM<EPM E[EHEHPMVMEPMPM@MDE0PEM0E658hSjuHM58WVMEMEjjMLMEM EM@EMM]3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
w$j3*WjtWM6eEeP!jMMNtjfNxjfiw\WOWBW5WD(W}IVer)<Vjjjt$t$t$jU^jk'EHu%h8!YM3E;tVN(jq0jhvhuj1uRQjhvhuj~1tnOjkS'}u6j$X!YM3u;thwMuD'V3;t&VhvhuVP0;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W%71Z!O,X#0G
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
w0ub3M]E;tPuRuuEPQu3j.~4u-j YMet>U3MF4j%F4QjBluE\N8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
w0uYuEPQu3jAq;E3]M;tEPutEw(9uG$VPQ06MQu]VP;E;]URP]Qd;|[hMGtJjP8YME;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
W_^jC}9~t)hWMheEPkMMDVt$Z^Vt$o^j4kC3]9wMhVMVME]]]39EGE<ar<zv<Ar<Zv
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WebDispacher
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WebDispatcherRefresh
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
Wednesday
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Weu3_^j,&X:}ufjhvv3@3M}eMNtSMMp}:j$#9~u3i|NEEPMnejhMWEPEPE|YYME\NEPMMD3@K:jPf9M|3M]CMjhMEEPEPE|YYME;t9^t?EePh9^t"EePhN;u!3M]MM|9S>jk839~t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WFUP5+N\!#8DC 1@O,?4LLNP ;GIF89aR!R,RR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Wh Nv4v3@_^[j@0n}wg$+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WhH=Lj\tLMuH;}?GWjEPM~*PME&M]JVM'MEP(Mjh|%M]EEUQMejh$Ej}EP`eMPtMMMWME\MExEPhMPVM1u+ME&MEMMJujlEPeMu[PbYMMEMEVhMIPWMMEMEwMMjEP#eMuTM/ME4MEPuMhPVMBMEMEMM*4jMEPeMt3MMMMEMEuMhPVMME_MEEj,eEP3CM]tMjh0/"]M#MEMEMEEPhMrPVMMujh0!EP;%M]EMEM]MEEjEPeMt3MMt|MMEME0uMhxPVMl
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WhM}t"EPWPEAM7hMJt7|PWPE|]qhMtW*t&MM?EE;E3@7LMMj R2?K}u3Mh\Zt-MQWe~PZMMMh,Zt0MQV~,PEMMMhhPZePU3@\Kj0uJ]u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WHU$pM09pM0epM0 pM01pM0qpM0pM0xpM0 fpM0dTu(Mu$u Puuu6pM0"pM0pM03u(u$u PuuuRuS^]$Uj);Mj.Dj8RYE3];tNMM[}EPSWE6Mt;D]Wtu#WSEPSMMdj,&390uk9uE9tR#M3GWM]Y0;tWIYMMUQVEPEP^juueFFdF$FFFF F$lFP$FXF\ |/E ENE?0VD$tVY^j8Bhh0j3;t90uP90t3jjYE];tE]MM!YFVPME1FVPM$EPM#3M6PM{iEP;MXj8EYEE;tE]MEXEPuSMt:ZtuMEPlSSEPuMEFaMFVPM=EPM<u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WideCharToMultiByte
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
window.external.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
window.external.<script type="text/javascript">
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
window_title
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WININET.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WINMM.dll
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
wM?T$BJ3u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WM_QUIT - After
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WM_QUIT - Before
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
wMKMT$BJ3vuwMLMMT$BJ3CuLdwM4T$BJ3 uxAwMRT$BJ3twMwRMoRMJT$BJ3tvM{MMM\MtT$BJ3{tvMMMVXT$BJ3HttivMM+XT$BJ3t>vMUMJM$OM<T$BJ3suMMMM$M<MuzYuzYT$BJ3ks8uMMx{MuyYuyYT$Bt3s7uM(IT$BJ3ruMIugyYT$BJ3r,tMHu:yYT$BJ3r`tMMM<T$BJ3]r~tuxYT$BJ38rYtMsMHMVT$BJ3r&tMUMUMHT$BJ3q@sM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WMMMM;M4MEPEPE@EFVMPMEPMuM7@MEjjMEEEu@}t3WuuPuS
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WojpEPEPGijX+EjSWtoEPEP+}jSWLo_[^t@tR 3Vt$tHSjhxhxjq8t'WPlP _uujj.[^Vt$Wt1SP0P4O$;O$O(;[~G(_^t@tb3t@tb3j.v0xtfjh`thtjWtKt>j YMetEPK3Pjx5(v0'UQtdS]VpEW3 QeEv-utxuE9usEE;ErM;_^[S3;u3[VpW;r3N;|V;t9XtNy_^[U3u]SVpW;r3V]t9htF;r_^[]Vv0jj^^WtOVptFw0t9jh`thtjV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WREP<EPuuuuuhWZajjSWjEPWEE@PE@PEHPEHPWuWuWSh 3PPWuuPPuuWuW_^[D$HuV9L$u/&^3UVut"FURPl@StMVP\3^]US]V;PuuuWt_-t9
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WriteConsoleA
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WriteConsoleW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
writeDebugString
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
WriteFile
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
wsprintfW
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WUVW$u Mp0p}0OR4,}jpO0R8u Mp0AfpM0TpM0iBMu P<2pM0R@ pM0R0Mu PD3u(u$u PuuuRu_^]$IH\qVt$t$tjN3^jHXu}uuW9~<uN3bM(eeMQWEPxuMWuMMEEPMEPMEMEEPMEPMWhMjMQPv<EgMEMEMEuM}n@j XEPejhM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WVu^_]=D$AH@3Vt$vu@FL$3^USVuF3WtF3}EEPv@EMPuHMXHhEXNHXXPQ_^3[@L$uWD$PQ3@U3EEVWMQP@w0VhpjjEP,>tTURh<sP|@MGPQREPQ6MQhsV|EPQ EPQM_3^PjM>F03};u3@URh<s}}P;|"E;tjPQEWPQEPQF0URh|sP;|E;tPQEPQEPQF0PQ~0y3UQSVWY4I0ut&URh|sQ|ESSPQEPQ_^[UQVW39~0tdF0URh<sP|OM9}t,SF4Pv(^WSWjQR,MF4Pv(WSWjQR,[Wv(FWPWjQR,EPQ_^V~0u3^F0PQF0^VnF,f(t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWq&Y8|_t~uP8|^[UE4]jhE6s3G}394ujhSYYu49tnj2Y;u3Qj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWvjPM}zMMV*D$f,F0^D$A,D$A0ItPzU4jP*hEPs@u@u$E4u u@Pu4E(3E9{,tE0]WWMWhM}E0PEPM~ E0u}@jEjEPu4M%MM3E0sHEVEPu4V59{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WWWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WWWWWWWWWh
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
WYehYt-MQV~<PEVMEh,Yt-MQU~PEMEhtEPiZEPEhF/YtP,EME1}u3MM3FjD9a<IM3WWuM}M;uM83IX;uMMMNLP^jHuEeFF4uNIjgHuetPT7X'tj'M4HVvtt^^j.Gj4AYM3E;tPoHUV~4tJPtt2uu\jejhTjjj^]t$Pxjjt$jD$;u|$ujqYY38tbjFMQP|eMt3MM|GMPjjLtP=uVTVX3FVD$tV_GY^V9 0t$DDD,F^j$QFMEu@IXp}Mu}3VSwMu94tjXE)EE)EhhjV5WSEuESj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
WYY;6V5P5PYtWVQYYDNVYuWwTY3@_^]jh@]3@Eu9xe;tu.VtWVSE}WVSrEWVSSDEu$u WPS?DWjSBVtWjStu&WVS"u!E}tVtWVSEEEEPQ{YYeE3{U}uuMUY]UEfUf;t@@fuf9t3]UES]f;WtDft:+Mftft++uAAf9uf9tGG@@fu3_[]U S39]u gSSSSSDVuW};t$;u pgSSSSSEBuu?vE?EuEuuPUE;tU;|BMx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x,M|jV0MPhjV]-8HH"HHHtyu2Yt6;=(uuVuPtj3JuuWPf|teDMQP[tMtuPHSYt3uuVSR$SYtuuVSR(S}YtTuuVSR,S^YJuR}`.S3Ytx<ukj_uHSt9HtYuVSRAYtuVRP$YtuVRL
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x.jhTMWM]hMMFPM]EPNPE;E,;&9u`]URPEQ@Eu;t;t3QPEE;tPQEE;tPQ;9]URPEt;9]wuMEE;OUR]PQ$9]]3]jXfEEEUREuuPEQ,;9]uME;]URPEQ8juMCME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X0F}~DCE[F}&}u9]|]}Wj0V}tE`p3_^[U,3EESVW}j^VMQMQp0~+3;u%SSSSS0}ZE;vu3}-+uMQMQP3}-P);tuESVu`M_^3[qU03EESVuWj_WMQMQp0*3;ujSSSSS8}M;vEHE3}-<0u+EPuQW(;tXEH9E|-;E}(:t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X3HHHPHHVNt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X5\5`5d5h5l5p5t5x5|5
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
x8tP4UM`8jEPKPYt:4+M3@;j@SPCDjS@P3PPjMQj@QPCD\j<PVEP(4T)D09<8 j<PjEP(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x9=u)[9}u{RjuYQhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
x@HCHyCu`xueSjppj54L
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X\OX0K[hJfeTdpddddde*e>eLe^ereeeefe8deeeW[[["[@[V[l[[V,ddddccccccccctcbcPcDc:cVVVVVVxVfVZVPVDV0V$VVVUUU(U<ULUbUvUUUUUUUTTTbc,c]]bbbbbbrb`bNb>b]].bbbbaa]]]^^aaaaaraZa@a.aaa````````z`n```T`B`2`$``_______~_j_R_@_(___^^^^^^^^^8^J^^^r^[[[][\\.\:\H\V\l\\\\\\\\\](]@]X]p]^:W$fW8fWW*ZZ
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X]]DjY;#]Qu>uUVMQY0^]%U(3EVtj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
X]u3u`3@N`MMN`H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xB,F1<-uo H0H
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XbrRZUTA]qf_J j(VlB}aiG/h8I 2!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XEECEECH9M~EjEP4\P4KiPu}tuuuuD$t$D$"yVt$t(W++Q$A(_^V3tjv(v$v^USVWjEjPWhjj5Wu EHQMQRPQuEE+ESuW_^[jXfejhTtveejh|\vMjjjjsjXfejhTveejh|vMjjjjj*739]_;QHTE9]@9E7uTu;M}xVM]uw0j YME;tS/*E]jH]YME;t#3PN ]vPN0vMEP/PNEvM]nunvEPSp5(w0)VM2tjSfPhLh@SDMM|UV6t.EP6@hVEPuV^Vt$Wt-~udu#duj_^UE;(uuu3uuuPW:]39|RR3UjEjPEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xEMMtj,&tMf3uM9uu-uM~jVuKVVu;VMR;]Sg;tVjdwwVSMSMjVSMMM]tj,&vsut?Me(MtjV$VM|MMtVW=vvvvvvvvvv_^A |$Vuvvjh6vv^j<rM39]u3MS;E~uMjlYM];tj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XF42j]Mu<%~tE>FT;%f0~8jPjPjPNXN,Mtf,j1MtjNXE/E ENtEvNXEjEM+y$uA$VjYtPu3^^UQVFtPM1vTMC^j]FXPMe~,u+jYMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XfCCE9Et@uffCC+]]Pj^;u//0imY]\3_[^jh0BoEu/ /3;|;r!v/0\/VVVVVL9t;MAu(/0/PYuD8tuuu~E..0MEEuEYU[3EEV34809uu3;u'u.0[.VVVVVSW}4X$('tu0Mu&.30-VVVVVC@ tjjjuuYDm@l39HP4 `39 tP43<9EBD'g(3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XfMLML%D&
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
XfPF^j.h*jv$YMet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xjt$jv^jhqVqtjv(v$t$t$v^VqlW~,S3~StPC;|jWj[_^UE;u!3@9Eu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xkkkkkkkkkkkkh!N!RkkkkkkkkkO[F
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
XP@Yf;@;80E9D'8T4D83@4@<9M (<D+4H;Ms9<<A
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xt3@3Vt$38t8FtjPPv`+F^3^F^UE38t?8Ht69MuQQHMQ}uj}ujQup`0jX]j9MuM}uMH}uHMH3]UVuW}}>t jEPWuvhuFE(NF9;v+FWPue~3u_^]UQuEjjPu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Xt}tE`pE~1]}EPE%PBYYtEjE]EY;J*3]EAEjpUjRQMQVpEP$oEtM}tMap^[U=TuEHw ]juYY]UMS3VW;t};wIj^0SSSSS90u;uBF:tOu;uYIj"Y3_^[]W|$n$L$Wtt=u~3tAt#ttty
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
xu%MB_^[SVWT$D$L$URPQQh{d53D$d%D$0XL$,3pt;T$4t;v.4v\H{uhCZ,Cl,d_^[L$At3D$H38Uhppp>]D$T$UL$)qqq(]UVWS33333[_^]j+33333USVWjjh3|Qt_^[]Ul$RQt$]UfEf0s]f:s0]f;`f;
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y K$FRQ`!Q0B#r;GIF89a!,@>3 &RFL<C\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y$-UVuW3;t9}w OjYWWWWW3}fsOj"SEPPEjd[Mj/XfF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y%u @tSfzY1eE8|=ujVY3USVu3W;to=th;t^9uZ;t9uPyOVYY;t9uPyUYYyyYY;tD9u@-Py+Puy+Pgy\y=t9uPS75yYY~PEht;t9uPyY9_tG;t9uPxYMuVxY_^[]USV5W}WtPtPtPtP_PE{httP{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y'uYuuYEEEuYjYUuuuP3tP}8Y]3]UQeVEPuuu9Et 8t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y)MEPMMuu6}5h jjuuWs ssuuuuuuUE0u3axuXPuE0u-PVWp,Up}EP"E_3^uE 3@USW39}u3sVWWEEm5PuEEPEWWuPE}~jXM;t@uuu3@^_[h*M]u3EPSHuj@tjPFpj8EjPcEjYuEEu|utP3Wh2E;tMC8PM}8EChPM89}u;u{DCDulMM83@UVEPv@N8S33;tcMUWSv4|EMSvB+P+IQWRh@Ph|hSP=Sjh jSPhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y+x~VMh[Nu^3@]j$FFMuQ3S*K3Gf_Eu08HPWEP^P][MMSL;tHvBVM\M}CNMEPEP]Q;t]MM,S4jtFMm3;~*3jZQQSPMTKejhXuMM]F;E]i3CMdIEPM]M;hOMt^thNMt^xhNMt^|hNMthNtmN<u_h2YEEt3]F<|tpjYEEtj3P]C<eMQMQP8t%}t;|A;~ME@QEE;EE&QMM$Vt"_L$|;}3^V~<t"{tt5N<PL^jGupy3N,},hGN@E\GNPEPGN`EDGEqE&GE)EOjEFp@KL~t~x~|~<Vh|,h hhhhhhh|hph`hPh<h,hhxhlh`hThHh<hl0^U}Wu3>V}|'9E}"uNtuEPd3^_]VL$tyuu^Ul$3jTRGqEE3SExY;K;6MDj|VM]S3hfEESPEM[EPEDEEPM@UuESuhPjVMGSDSME3UjEPMfEDPMUME+M<VMTh0MTMnDPMTVMTt/O,jEu#SMTO,6DPMTVMT|t14+hMwTVMTh(MaTMCPMPTh MCTEtf8tPM-ThM Tt(hM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y3C]~uhFP;YYu]Fe(}u^SFtS@}uj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
y3hM\Ft3VMPhM8tKP]yPM\EE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y9otj;oYffffffuE0@jPjPB(0j@,<(P@jUMU#U#
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y=0&:QQa!#V(_$|o/LhXa=-fAvq *q3x4
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y^US3W9@t3OV8;tuuuuC9juuuu4tttS8^_[]j(OMu 3M]Puuh VjEPjSuu0;t03PhVAAQQMM]MMEPuEu$;uE 9EuEPM u9M]E;tu$3h
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y^USVF$W3~0;tPQ~$F(;tPQ~(F,;tPQ~,N4;t[EP~N4EPEP~t-M;tj}N4EPEP~uN4WPN4;tjB~4N8;tZEPN8EPEPt-M;tj}N8EPEPuN8WPN8;tj~8<;~.}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ 3Y j08M_EMt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[03H4t$D$t$ppp0t$AUV3M9u9uS]W3u}EPSuEEuu3}t1}}u8MjEPuMjEPu~MjEPuuEMPdyMEQTyYYMQPV5SjSjuEPuuS_[^U }MuEeS]VW3}EPSuEEut}MjEPuEMPxMEQxYYMQPV5SjSjuEPuuS_^[V?hf$f(^>hD$A(j4:$Luj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3]U$h3SVWSWh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3_j03Seh]eMvSSSuEPMEM]MMB\JjScjehoeMeejh|auMuuxMMTj@M@Tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3j,4EEu3;uMjM]}/Ut"EPPEdM]\WMeMETuSh MdEPVSh?SSSMSPh(;u 6M]+\MMjM]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3jEbM9ueuMuV=MM9jEM9ueuMuVy;MMe9jEzM79ueuMuV'AMM9njE1M8ueuMuViGMM8%jE>M8E0euMuV;MM8jEMZ8E0euMuVAMM=8VN<tf<^VW?U~jP|$tjdt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3jegud^T3}2 E h|E+~~P~dx!hF<~t~x~|+FFF F0F4F8~h~l~pjeu2Nf<Et
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3khEPPWEPMdYetEP[j\MN;uj/MxN;MH;}z39]t&VSEPMK^MPEZM]S9]t3Mr+HPFVEPM^MPEwZMER3FM}R3jceMIjEPju3C]8t_M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3PSLYE;tPSWPu1uYVjj\PEwM@VWPcVEWPX5hhSdWPhhSEWP@EPEPPu_uEPEPEPuGtu|EuMu=}Dj(3eMD3CM]jhME MEPM"hM"EPhMvPhMMMuEPA#jh|M]EM]xMEEj83eMqM3C]tMEP"]uEPMEtMEP"]jhMMEPM!hM!MEPh|MEQPhMMEP("M]ExMEM]MEEj!4uEPuePMM_t3]SeV!tM&3Gh}|PM*uMM%yuhhh|h|Lt3MM%jMueEPuuu3MMnvEeP M3Fjtd4qMeMEPMEMjjh MjhME3E~YVEPM$ME%PMu"h|MPMJMEP#MEF;|MEsMEgMEMMYUdj04nWhMeWhMWhpMEWhdMEWhLMEMdEM\EM\EMte`EH4u`MtE0P"EPMLEM0EPVMLMLPSMdM ED*E PMEPMLPSMdtEPM Et[M}DuSEPMLM0]PVML
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3Spj,ueEP3CM]tMjh|8]M,MEMEMEEPhM{PVMMtEPRjh|M]EMEM]MEEujtEP$eMt3MM}uMMEME9uMhPVMuMEMEj&FteEP3FMuytMjh|hMJMEPMuEEtj&seEPx3FMu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3wVWFPutV%Y_^j8>=$3;u3@]qPEP];9]uME;]URPE;EP;J]URPEQ@Mh|M2uhHM!EPEURPEQ(juM{h0ME5tZME~EPuEE;tPQE];tPQEM;PQM]EPEPME;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3YU}t1j6vYt%umtEPujuu]jGu,hWjEh`hPjjhHWjjELPEEJEN`EJNPEJN@EJN,EJM}sjGjEuYhhj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[3~T~u3=hu9lu@T~P~u d=hu3@9lt3P~L~u9=h@L~d~u =hr3@9ls3d~UQVWh@3;u3GhW<;t.MQVVuu|9utuMeu3F(W8_^U3EVu3QPPh(P@j}h|PHiM3^U3EVu3QPPh&P@j}h|PhM3^j(5D&eMC3CM]YEPhLhhMEGuMjh|hj\M]uj/M]ta}t(VjEPMmMPEiMENbM+HPFVEPMPmPMEiMEbMEPfkM]]bMEBEU`j(D3WEHP}X3CMH]BZjtMlh|g]XhMqgM`E6BMECaEPMEXPVM`L;uMljh|'g]X#M0XMEXME;ED}\u\EPMGnPM0EhME`M0jYEPM (jM0E+XPM 4iEPhpM XPVM`Et8jMHWPM[E@tMMH+;}@M EY`E\E\;ED5Mljh|f]XME,`M0E `MEjeM`E@M]_MHE_ElMd
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[8j4#+hYEet33MMFhW3jChM]OfEPEPEYYM]U`~0EjjjjePiNSwMWjhMEeEPEPE(YYME_jjjjEeP-iNSwM]_jjjjePiNS(wMM_VD$tVY^Uhh+3M]W|VMEeWVMEdWVM@EdWVM0EdWVMPEdWVM EdME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[\judMMHEPE PuM EhtM EMMMMXE\MLEavMLE}ETjEPM PuTMXHMFMEPEh]l3@;E|PM7}htl3~ftZjPM8M8Eu3j_KYMlEtE8PQ3PE8PMEM8EF;|39uP~}VE8PMM8E9uNEdPE8PMuM8PM PuTMXE8PMEdtjM8EVF;uP|E0PM34Mdt+jPM PuTMXt3GjEdPE0PMu3VM}M;tMHVV5p&MEmMLE}tMXEcME3FjOEPy}eWEePuMMR3ZPuhhh|h3tMMFjN&OeeuVQehEhxOjNt3@OEPeMtMMeMMEsME'|EPhMPVMuEuMErMEj}'NEPneM^MvME{rME{EPh8MPVMGEMt(uErME+MMiqN rMESVWj~NY+#3;_^[Vt$u3-L$hot$t+L$3@^j&LeEP3FMu2tMjh|vDhMhMhMKMPM:MEPMuEEELMj&eLeEP)3FMutMjh|DhMihM\hMM5PMMEPMuEELj&KeEP3FMutMjh|BDhMhMhMMPMMEPwMuEELVt3@^^SWuW3VjLY+3;^_[VW{GjKk<Y+3;_^j4JMHE3P]PMEM]@MtMM(MEPEM;hMSPMhMMEPMEM;uMjhMEPEPE.MEMEEM]v3C:ME&EPEPwSJk<+;YM]-MM!3]MM3@Jj(J+IeuEP83CM][tMjh]MMETMEYmMEuvEPhHMPVM\MtEPjh0M]EmMEM].ME"E)Ij}BHt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[]E3=eE3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[]UQQVJFV\W}S99tk;rk;s99u3t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[`j\6EPK3M];ME/SMESEPEePEM;\MLuEPEP;2Ml"M\VhPMMEdMdM;v4E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[`Mn}lPhMVPhqMAPh\M4,PhGMPh2ShlM Ph|9uhuMDPh\9uptSj8YEpE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[djx)}u3@$o
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[dMlE0P$iM ]XE_j$_eEP3CM]XtMjh|^e]jj\MZu!j/MZuMPh|)eM+HPFVEPMMjMEPExhM]]_ME_EUl$3jHD=H~Wu!H~zeeMU3ECPM]EPEPMEEPMEbt8H~ME[^M]P^MED^MMVuVEPMogVMEeMiUPMeEPMbEMtH~]l]EPEPEtAEPMgVMEveEPMjeEPMaEMut]%H~MEa]M]V]MEJ]MH~Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hj,}tOWtDuF,PMe~HuNj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[HUD3EVEPvjPRPEPvM33^_jdj(N3;t{WjgNWjmNWji&9}tXWWMu*jjgM}n+EPEPM8;tENEEEWEP}}EVMM* jj5qjdj(%N3;WS:NWhRNWhj9}tWWWM)jSM}*EPEPML7;tENEEEWEP}}UMM)ejj5qVD$tVeY^VBfPfTh^j(.uhNPet
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hUlhLulMxMTWedEE@@udMT3}`;YE Ph\M ]3tP/E/tE6EPME4EPGEPEPPN4E,>ME6ME6hM 3EPE.MED6t(EP\$PE=ME6,$Vexjh`;{uj-j. 3hTM k2EX;h]\YExE;t{eh}XEuhE0PM0E-M0h\1EPJME-u7MlEPMlEPdPPKhEs<dM+EPexjhE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[hUQe9Mjthh(EUQe9Mjthh(EUQe9Mjth8hPEj`%5MM}ME]
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[lh0hjgD$VtV'Y^QjhyjjYUVu&hpu&YYuhu&YYtE6t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ljt6ej8u<93lHHHHlItQ\D$V~FD$FD$FuXF39F^U0V~u3dj0EjPEME0EEME`}EtEvePMQjPvT^U0V~u3>j0EjP2vE0EEPMQjPvT^VvDvHD$jv(jt$t$PvL^VD$tVY^%%%%L%HD$Pt$t$D$Pt$t$V3FFF^UQMS3;}=}GV5SSjEPSuM]3#W3fEj}fEPjEPSufE_^[AD$;Ar3IfAD$;AsIfT$fAVFu!F^PYF^VW3F9|$t;tPY~~;tNQWPS~_^D$VW;Fr~@3jFZ9Nu%QNQjPF
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[Mh3RlE<+EHM=:E }UPuD3tCjjMLME^M ERM@E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[P3ET9v\PM]4j\ME&MHhM;u"33EPM"PEuME+WEu$3ME+M\*>p=jE,PM0MEJ#hMW'hMB'EtrjE,PM[0ME"uOvIH\PM3E,PME2SVEeP3M-ME *Mp\PMc3E,PMEt2t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pexjhE@Pp!EPjpEp#E PSp`#SVEPPM0EPhM`MPERSVEPPMEPhM`MPESVEPPM oE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pjX4M:O-hhj4OMeMYjEYMEt3uhEMVMTEPMEM"EPMELEPjhMEMQMQPjOPEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pMb+MlE=MdEBMdE^E\EPMH"Pu\Ml;u(MdEMlEM]0jME`;u83MdEMlEM]S0MMH*1M(!ME!ME*MEE)jME(9]`]huhEPM7PM(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[pMME^MERMEFM8E:M ESE PEMEl;SSEHPM]l;MMh;hxO;u\3M E=M8EMEMEMEM]MMHEXPPME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ptjMM 1ulEdEd;E@~VD$tVY^V}D$tVY^jXLM*t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[tD$txuPR\3UQMejh$5Ej.lj zYMetj3Pj5(v0VND$tV%Y^l$vl$vl$ul$vl$mvl$-l$Vvl$ul$ Rvl$8vl$Pul$zul$Xvl$
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[ThxE P^h\E0PEJu`PE2M0E*+"PM "PhWjihM 'hM`e\EPu\M`hE0PhE@PE~hM0E't4M@"u(E@P1M@!Ph`WjM@E**M0E*E\E\;EPWM E)3FHV(D$tVY^VTD$tVY^j39}9}Wh{h{Wu;tuMhK;t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[tu\M`h*j>EtVP5EPEXEtPQME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[x3xmj0hP'3};u]3EPhwEPut 9]tu;tWuEjP";OMLmPh(h'j6*5D$VtPQ^VV}P|$jXfu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XM#MEMPSEPE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XM3CM]ZEPu`MEu3M]VMMM$MEM4EWhMDEE$PEDPE.YYMDEWh`MDEPEDPEYYMDEWhMDE4PEDPEYYMDEMT@MTEDu`NhN$X|WGWNH>EPN
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y_^[XMjjE@PMEZMuE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y__^[]QM3M3wU]%UQQEPEMj*h!NbQPN^|=vEMt``UUS]VWUt&PFV&YYGt3VPB/gG_^[]UMU`H]US]VUCFCWt1t'PGW%YYFtsWP.fF_^[]yUtq{$YAuUUVEPV^]UVuRV^]VUVEPV^]UVuV^]UVu V^]UVu V^]VUV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y__^[]QUS]Vs35WEE{t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YeCHCLCP3E}fLCfE<@3E=}
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YEEPjh2Eu}_tPE@PR3@^[jP*z/E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YEPjh2EEu}_^[UhSV39uu3fWj@EVP:j(EVP:Ej
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Yewhu;5ht6tVu@tVy~YhGh5huVEuj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Yjjj MhSj*}uputiMhleEPuWuhHSj)MMMu4EPEPMM,u3@h Sj|)3jL8u3;9~NPlMkEPV}&;M7mWhxthtWvt{FVPMEPEPMQwtJEPM}}EPME>EPEPEMEtMEtMMtUVuEPVvMEPMtuEP/^jLM~j}eEPWMlu|EPEPFVPMaEPM`tJEPM|}EPME'EPEPEMEsMErMMrj$uEPlFVPMEPM}uMGPtt=uM{eeEPWuEP@MMME`rM_j0xue6mY5UVuEPzeEPuuuuWuEuuuPE^UVVvMFV0MuEuuuPvffY^jDr2hM\eEPM(\h\EPEGujuPVPGG;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YM0GP;Y|RLE9u|u>3MEOMEO$Et|}f3Ft$3VD$tVY^UQeVEPvtFE^UQeVEPvtFE^j{duN0h1EE3FE}F~ ~$~,~(~?FF^H~@FD~ah10zNj[3EPN0}~,~(UMM~~@~ ~$=NGD$Vf,jN0F(Ef@f f$F^Vt$N_tP^VjN0ED$f,f(F@D$FFFD^VWN03)Fu9~t!9~,t~t9~(t~t9~@t~u3G_^D$AD$AUQ3;U
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YM\uM\PMhx(P(}PM\E(E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YME;t"vESjuuuPuh3uP]P3Cj@MuE3PM]_rMERt#3M])ZMM%;t^hLYME;t"vESjSuuPuhS3uEFaSVSP3Fnjl+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YPa3I^]jhA339u;u>VVVVV>};t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YPuPE]9]tMMEESu5Yjh FbSM3;v.jX3;E@uoWWWWW13Mu;u3F3]wi=|uKuE;lw7jnY}utYEE_];tuWSL5;uaVj54$;uL9=t3V]YrE;PE3ujY;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yTMST$BJ3w3wyMUMTMTMMMMMMT$BJ3:w[yMTMTMMT$BJ3w(yMTT$BJ3v8yMMZMNTMFTM>TM6TM.TM;MMTMLMMTT$BJ3iv\xMLT$BJ3FvgxT$BJ3+v@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YtPuuu@DtjjYY;tVYPXu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YUEDP]jhFEM3}jYubjeY}}@<4u;Fu\~u9j
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yuQR9QuSQSQL$KCkUQPXY]Y[USVWse=hg*5<hgWP:s$gWP%s$gWPs$pgWPrYthXgWPrY;tO9tGPAs54sYYt,t(tMQjMQjPtEuM 9;t0PrYt%Et;tPrYtuE5rYtuuuu3_^[UMV3;|~u(
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YUS3SMkr8u88]tEMap<u8uE@88]tE`p[U 3ES]VuWd3};u3u39pE0=rpdPREPW3hCVPZa3B{s9U}uFhCVPaMk0uu*Ft(>ElD;FG;v}FF>uuE}ur{CgjCCtZf1Af0A@@JuL@;vFF~4C@IuCCSs3{958XM_^3[OjhE}Mp}_huuE;CWh YFwh#SuYYEuvhuFh=@tPU{Y^hS=Fpdj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YY]9u,hW6YYuWqY]>WpYEErj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYHwtAJu33}"[_^]t$t$YYt$pYD$3;t1H;t*VPPPqR1P@p3^jXVt$t0Ft)~$t#@tVPaYYvv(V$fYY3^jX^Vt$W3;ujX~9~ u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYME/M A'PhvM E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
yyyL$ttfu~3tt4t'ttD$_fD$G_fD$_D$_T$L$u<:u.
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYYYYYDQ-)
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYS"
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYYY(0%=
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYYYYKE: YYYYYYYYYYYTD
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYHYYYYYYYYY(0%=V#YYYYYYYYII GYYYYYYYS"5/WYYYYYY&+YYYYYYDQ-),RP*YYYYYY@9U6G8F1MYYYYYY>?3
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y}0f0fV0fF0fV[00fFfV3_^UVuW3;t9}w8OjYWWWWW|3}fsOj"SEPPEj:ZfV
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Y}uF+4u}uyG+j@j YYEta ;s@@
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z'M>SmmYmWebDispatcherRefreshDebugDownloadWebDispacherRegMonitorThreadPoolSingletonUnloadingLoadingSBrowserProcessSpecialHTTPRegistryInfo_LowInfo_MedInfo_HighGeneralWarningErrorCritical] [Ln:)[TID:][EndLogger--== Logger finished ==--
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z0l.:gP`b;W39,LA@6LAD`Q Bm@AFEH8p`(0cLR;GIF89a\|}tG~!\,\\Y
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
Z6hhhhhhhhhh\b8KH]Nhhhhhh F
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
Z7EK7E<7}GxPNxE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
z=s@n'1=E\
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ZJM<uEPKMEPDMEDDMhEP2PEKMEDMhEPPMEKMECMh<uEP`K^hO<t-E8tP<K.<thxEE8uNx<ttj3D;u!hhGE:P#K}TV3FME%CMMQ!j.I:uN9eN9N$E9N4E9NHE9NXE9NhE9NxE|9Em9E^9EO9E
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ZME1SMDJPSMd9;tMDyJPVMd9MDgJPWMdp9MxMdE3MTE
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
zMeT$BJ3w
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
ZYYYYYYYYhYZYBY.YY8ZXXXZXX4PFPRP`PpP|PPPPPPPYFZhZvZZZZPQZZQ"Q>QZXZRQbQvQQQQQ.T"TTSSSSSSSSxSbSRS@S0SSSSRRRRRRRRrRfRXRLR<R*RR
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
{1D3B35E5-93C0-490d-90CA-153E78A17FF2}
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{3c471948-f874-49f5-b338-4f214a2ee0b1}
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{mu-\VKQzt*~NyIK&qK*Xm
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
{r@dzr"{d>]gY1*!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
{window.external.
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
{zMMMT$BJ3'xp
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
|!Bhn[&wowGZpj;f\eibkaElx
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
|3[_^EFEFUR}PQ$|
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
},~FME,MM\dVj\}UMMeMyMEMeExJKuME!MPEPMEbMjEPME!PuM}MJ3EeWEPMMEPEPEufhNYMEt:3uNEEPNMVstMVURPtjMEG;}[ME7MEME.I9EMEyxMM_3@TVt$t$tt$t$)^j8NSM39]tQ9]tL9]~GjuM&MEPEP]MEt!M]MM3TMMEMEwME39]~NE;t>PMM;u)SMPMPWMMSEPF;u|ME;wMEkMEM]TMMH3@2UXj(gRMH39udu3Md
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}3;9^8MM]jh|MEMQEP,;u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}9<A<I<"X
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}</script></head>
Unicode based on Memory/File Scan
(Alert.dll.doc.bin)
}Dhi]Wbgeq6lknv+ZzJgoC`~8ROggW?K6H+
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}e'EPuuuuhLMmu;hM=Ph|@VjMM3@hxVjMM3j M39=@t3}=;tuuuu>EuXuuuh
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}K>se7efWlt_jc@uzNPrQj>x]tkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkXkkkkkkkkkkkkh!N!RkkkkkkkkkO[FE4#OkkkkkkkWJVTL!
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}LhEP#|hEPE|MHEHPhEr|t,Mqu MeuEHPEPEPMXMEME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}NE,k,jxXEN$F(kj}j)uEsEM=B>j.j4YM3E;tPF8`VWvWtVj5PW_^|$VujP^j)/3;%H4ck];
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}p9}ht9Whxt
Ansi based on Memory/File Scan
(Alert.dll.doc.bin)
}pAtjjM`Xu\h*PE`eET@PEpET@PjupYEXURuTupPQM:uKupEUbPM[<ME\E:VEPEPEXEtPQ3E\u\hDh,PME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t }tt}tE(E,EPPYEYEPEPUh}EM $]ED;ED;EEhMPE,YYtE|G;ErL$EUt:HPPQ EY$t7HPPQY}t8GOOPvY]tSkYh0VuFP~8_^3[eD$ 3!,fHL$u9t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}t"QPuR$WuhWuh}tQPuR ugWuhoWuhEE]Et,EPu<MEQPuSuR(uuuWu_^[UVVu0u,u(u$u uuuuuuFu
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}twtjVetWuSV_^[j;=FE3HHHHHt[Ht0Hh\"@YME3h\?YMEt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}ue_+GF8tSQv<F<G0tSuu]]F,9EubN(M9F4uN4^4G+;vt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}ue_+GF8tSQv<F<G0tSuuI]]EGE_F0E^[UEjjp(P tM HMHMHMH]t$D$p(P$YYD$SVt$3W;tN<|$tuvw(W$YY>uWvYYF(F4F0F8^^ ;tSSSF<G0_^[Vt$Wj@jv(V u3ohjv(V G$uWv(V$YYS\$Sjv(V G(uw$v(V$Wv(V$3'jG,D$VWG8[_^Vt$W|$jVWw(v(V$w$v(V$Wv(V$$_3^Ul$MX3VW}\UUUUUUUUUUUUUUUUDNu9}uElEp3Ep8S3Cj}L^9TuA;vMH;sML9TuNuu49uLvuL}L8
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}uMEMEqj}M{EPeMtMM3{MMEMEEPhMPVMhu*3ME^MEDMMujzEPeMu[P{YMMEMEVhMPWMMEMEMMzjzEP[eMKt3MMzMOMETMEpuMhPVMbME$ME
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}WSV^[_D$PPE.D$PPB.t$D$hrPUVu~t*MjEPvMu04M:3^]0D$j@jP73j,f}uNjuMVeMMuMMMQ3@MC3K-f}u
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}|uE|39U|t
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}}0EPEP.EYYuuEuuE+EMFEFEF_^3[#U|3EEV3EEW3EGE3Eu}uuuuuuu9u$uVVVVV#/3UjU^f tftf
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
}~E~9EE<EEEEjuu^PVvtD$\P^Vvt3P9Q^LtjUVuuuuu3^]|$ Vut$t$]+^|$VuLtj/St$t$t$^UQQeeVEPEP
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~"#xG7{*c';s62tn];{Ee=kV#-3HKk|5&]w/8Y:00U00U0DU=0;09753http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0DU =0;09`HE0*0(+https://www.verisign.com/rpa0U%0
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~333u%t%uu^_[3B:t6t:t't:tt:tt^_B[B^_[B^_[B^_[L$WSV|$toqtUL$:tt
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~EPEP]]WF EF$E9]tG+F G+GF$EPEPut59]u0]E++E+Ej+N jGjuS'E+Ej+E+ESSv$+v Gv(PQu"+~uE;FEFEEPEP]]X9]u9]uF EF$E9]tG+F G+GF$EPEPv,uuEt(9]u#]E+h +jN juSE+Eh SSu+uE+Eu+GPQuuuu_^[UQSVuWv6uuuEVuEz~jWuu9Et[MEM
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~llhT$Bd3{J3{p}MT$BJ3{}MMMT$BJ3L{m}DTT$B@3#{8D}[T$B3zJ3zd}M+M#T$BJ3zJ3z|M
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
~tb3@^VD$tVD)Y^:3@UV~t|ESWtmEPEPv}+~]+^ WSYSSY~7EPv<EMUj+QM+RPQv_[3@^D$VP,FXPD$u37L$jPt$HDstjj
Ansi based on Hybrid Analysis
(Alert.dll.doc.bin)
'''___,,,
Ansi based on Image Processing
(screen_0.png)
',:_.__...J..i.n...d...a...w....s....(..S..._.....n...d...a...r..d...t..,'_:_
Ansi based on Image Processing
(screen_0.png)
'_i__kar:a_
Ansi based on Image Processing
(screen_0.png)
'd____._._.
Ansi based on Image Processing
(screen_0.png)
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,S_l_numbrum,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,_-__
Ansi based on Image Processing
(screen_0.png)
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,Spal_numbrum,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Ansi based on Image Processing
(screen_0.png)
-_lid.dll.d0c
Ansi based on Image Processing
(screen_0.png)
00_,______8__
Ansi based on Image Processing
(screen_0.png)
_.Ia_'t;ia_'an
Ansi based on Image Processing
(screen_0.png)
_____';_;:
Ansi based on Image Processing
(screen_0.png)
_______:.__--___._
Ansi based on Image Processing
(screen_0.png)
_________
Ansi based on Image Processing
(screen_0.png)
__suchanJ
Ansi based on Image Processing
(screen_0.png)
A_,_,-.-.----_-
Ansi based on Image Processing
(screen_0.png)
B_arb_,,t
Ansi based on Image Processing
(screen_0.png)
Cadierung,
Ansi based on Image Processing
(screen_0.png)
Cadierung:
Ansi based on Image Processing
(screen_0.png)
Datii_0midiirung
Ansi based on Image Processing
(screen_0.png)
eingelesen
Ansi based on Image Processing
(screen_0.png)
F___'_!_at_.___11a9an
Ansi based on Image Processing
(screen_0.png)
h_pL0iJtg_tt_l
Ansi based on Image Processing
(screen_0.png)
i,ch_nab_a...
Ansi based on Image Processing
(screen_0.png)
i.._,.._,
Ansi based on Image Processing
(screen_0.png)
iibirprMin
Ansi based on Image Processing
(screen_0.png)
Si_inl_0ut
Ansi based on Image Processing
(screen_0.png)
Sindungin
Ansi based on Image Processing
(screen_0.png)
Tai_,__a__
Ansi based on Image Processing
(screen_0.png)
Tex_dierung:
Ansi based on Image Processing
(screen_0.png)
v_iesteu_'opiism
Ansi based on Image Processing
(screen_0.png)
(((((((((((PSPUBWSP
Unicode based on Runtime Data
(WINWORD.EXE
)
0638C49DBB8B4CD1B191051E8F325736
Unicode based on Runtime Data
(WINWORD.EXE
)
@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2
Unicode based on Runtime Data
(WINWORD.EXE
)
[doc]Alert.dll.LNK=0
Ansi based on Runtime Data
(WINWORD.EXE
)
EXCELFiles
Unicode based on Runtime Data
(WINWORD.EXE
)
Extensions
Unicode based on Runtime Data
(WINWORD.EXE
)
FontInfoCacheW
Unicode based on Runtime Data
(WINWORD.EXE
)
Local Disk (C).LNK=0[doc]Alert.dll.LNK=0
Ansi based on Runtime Data
(WINWORD.EXE
)
Max Display
Unicode based on Runtime Data
(WINWORD.EXE
)
ProductFiles
Unicode based on Runtime Data
(WINWORD.EXE
)
ReviewToken
Unicode based on Runtime Data
(WINWORD.EXE
)
TCWP5FilesIntl_1031
Unicode based on Runtime Data
(WINWORD.EXE
)
TCWP6FilesIntl_1031
Unicode based on Runtime Data
(WINWORD.EXE
)
WORDFiles
Unicode based on Runtime Data
(WINWORD.EXE
)
44(444?4E4P4X4b4p4u444 4S4444444444455!5&505<5G5M5\5f5t5y555"!55555555555666%6/696C6M6X6\6a6 X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555555555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7T7X7\7`7d7p7t7@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|9 9 99R99 99S9999999999;;;;;0<4< <<S<<<<<<<<<<<<<<,>0> 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S44444444455555555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S5555555555555555555555555666666;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=>>>S>>>>>>>>>>>>>>>>>>>>>>>>>???????0:4:8:x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222222222222222222222222233333333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|3 3 33R33 33S333333333333333333333333344444444 4$4(4,46R6P7T7X7\7`7d7h7l7p7t7x7|7 7 77R77>>>45555555555555566666666(|2 2 25566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x66677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 777777777777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|8 8 888 88S888888888888888888888888899999999 9$9(9,9094989<99999999999h:l:p:t:x:|: :::::::::::d=h=p=t=x=|= = ==R== ==S=============>>>>>>>> >@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S????????????H0L0P0T0X0\0112h7l77 77S7777777777999999999999:::::::: :(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|: : ::R:: ::S:::::::::::::::::::::::::;;;;;;;; ;$;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<x<|< < <<R<< <<S<<<<<<<<<<<<<<<<<<<<<<<<<======== =$=(=,=0=4=8=<=@=D=H=L=P=T=X=\=`=d=h=l=p=t=x=|= = ==R== ==S===================== > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>>???????? ?$?(?,?0?4?8?<?@?D?H?L?P?T?X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????????????????????????00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44 44S4444444444444444444445555(8,8084888<8@8D8H8L8P8T8X8\8`8d8h88;<;@;D;;;|< < <<R<< <<<<<<<<<<<<<<<<==1111@0000000000000111111999999999999999999999999:::x:|: : ::R:: ::S::::::::::::::::::::::::;;;;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|; ; ;;R;; ;;S;;;;;;;;;;;;;;;;;;;;;;;;;<<<<<<<< <$<(<,<0<4<8<<<@<D<H<L<P<T<X<\<`<d<h<l<p<t<<<<<<<<<<<<<======== =$=(=,=0=================>>>>>>>> >(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|> > >>R>> >>S>>>>>>>>>>>>>>>>>>>>>>>>??????? <00000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|0 0 00R00 00S000000000000000000000000011111111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|1 1 11R11 11S111111111111111111111111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 22S222223333333333333333333334444444 4$4@4D4H4L4P4T4h4l4p4t4x4|4 4 44R44 4444444444485<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R5P6T6X6\6`6d6h6l6p6t6d=h=l=p=t=x=|= = ==>>????????0000000000011111111 1$1(1H1L1P1T1X1d1h1111122222222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|2 2 22R22 222222222233333333 3$3(3,30343R33 33S333p4t4x4|4 4 44R44 4@T>>>>>>>>>>>>>>>X?\?`?d?h?l?p?t?x?|? ? ??R?? ??S?????P111111111111111122222222 2$2(2h2l2p2t2x2|2 2 22R22 22S222222222222222222224383<3@3(4,4044484<4 5$5L5P5T5X5\5`5d5h5l5p5t5x5|5 5 55R55 55S555555555555556666666 6$6 6 6666p7t7x7|7`555555555566666666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7p 45|5 55 55S5555555556 6$6,6D6T6X6\6`6d6h6l6p6t6x6|6 6 66R66 66S666666666666666666667777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7t7R7S77777777778$8(8,848L8P8h8l8 8 88S8888888888990949L9\9`9d9h9l9t9R9999999999::: :8:H:L:P:X:p:t:R::::::::::;;(;,;0;8;P;T;l;p;;;S;;;;;;;;<<<<0<4<L<P<h<l< < <<S<<<<<<<<<<<======0=@=D=H=P=h=l= = =========>>(>,>D>H>`>d>|>R>> >S>>>>>>>???$?(?@?D?\?l?p?t?|? ?????????? h00(0,0@0D0T0X0`0x00R0S000000000111,10181P1`1d1t1x1 111111111112222242D2H2X2\2d2|2R2222222222233 3034383@3X3h3l3|3 3 3R33333333333344(484<4@4D4L4d4t4x4|4 4S44444444444455(585<5@5D5H5\5`5p5t5|5 55555555566666,606H6X6\6`6t6x66R66 6S666666666666677777777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|7 7S777777777777777788888888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8p888S888888889999(9,9<9@9P9T9d9h9x9|9R999999999999::::,:0:8:P:`:d:t:x:|: : ::::::::::::;;;; ;(;@;P;T;X;l;p;x;;;;;;;;;;;<<<<<<<4<8<P<`<d<h<l<p< <<<S<<<<<<<<==== =$=,=D=T=X=h=l=p=t=x= ==S========>>>> >0>4>8><>D>\>`>x>>R>>>>>>>>>>>??,?0?D?H?X?\?`?d?h?l?t?R?????????????00040D0H0\0`0p0t0 00R0 000000001111101@1D1T1X1h1l1t1R1S1111111111222$2(282<2D2\2l2p2 2 22R22 2S22222222233 3$3,3D3T3X3h3l3|3 3 333333333334444404@4D4T4X4\4`4h4 44 44444444444455,505@5D5T5X5\5d5|5 5555555555566(6,6@6D6T6X6`6x66R6S666666666677 7074787@7X7h7l7|7 7 7R777777778888$8<8L8P8`8d8t8x8 88888888888899 9$9(9,949L9\9`9p9t9x9|9 99999999999::::(:,:<:@:P:T:d:h:x:|:R::::::::::::;;;;,;0;@;D;T;X;h;l;|; ;; ;;;;;;;;;;;<<< <(<@<P<T<d<h<p<<<S<<<<<<<<<<====4=D=H=X=\=d=|=R============>>>>,>0>@>D>L>d>t>x>>R> >>>>>>>>????$?<?L?P?`?d?h?p???S??????????00 00040D0H0L0P0T0\0t0 000S00000000000111(1,1014181<1D1\1l1p1 1 1 11111111111222 20242D2H2X2\2l2p2 2 2 22222222222233 3$34383H3L3\3`3h3 33 33333333334 4$44484<4D4\4l4p4 4 444444444445555 5(5@5P5T5d5h5l5t5R5S55555555556666(686<6L6P6T6X6\6d6|6R66666666666666777$74787H7L7P7T7X7`7x77R7S777777777788808@8D8T8X8`8x88R8S888888888899 90949D9H9P9h9x9|9R99 99S99999999999: :$:4:8:<:D:\:l:p: : :::::::::::::;; ;$;,;D;T;X;h;l;t;R;S;;;;;;;;;;<<,<0<@<D<H<P<h<l< < <<<<<<<<<<=====4=D=H=X=\=`=h= == ============>>,>0>@>D>L>d>t>x>>R>>>>>>>>>>??? ?0?4?<?T?d?h?x?|?R?? ?S????????4000$0(0,00080P0`0d0t0x0|0 0S08889999$9,949<9D9L9T9\9d9l9t9|9 9R99999999::: :D:d:l:t:|: :R: :::::::;;0;8;@;D;L;`;h;|;;;;;;;;;;<<<$<4<`<h<R<<<<<<=,=4=@=`=h=p=t=x= = =S=====>>> >(>0>8>@>H>P>\>|> >R>>>>>??? ?(?0?<?\?d?p? ???????????t0(00080@0H0P0X0`0l0R0 00000001111$101T1t1|1 1R1 1S11111111111112222$2,242<2H2h2t2 2S222223$3D3L3T3\3d3l3t3|3 3R3 3S3333333333344 4(444X4x4 4444444444445 5(50585D5d5l5t5|5 5R5 55555556666$6,646@6`6l6R66666677 7(747T7\7d7p77S77777888 8,8L8T8\8d8p888888889909P9X9`9h9p9x9 999S999999:$:,:4:<:D:L:T:\:d:l:t:|::::::::::;,;L;T;\;d;l;t;|; ;;;;;;<<< <(<0<8<D<h<<<<<<<<<<<<<<===$=,=4=<=D=L=X=x= ========>8>@>H>P>X>`>h>p>x> >>>>>>>>>>>>>?(?0?8?@?H?T?t?|? ?R? ?S????????? 0000D0X0h0|0 0000001 1(10181@1H1T1t1|1 1R1 1S111111122220282D2l2 2222222233,383X3`3h3p3|33333333444$4,444<4D4L4X4x4 444S4444445555 5(50585@5H5P5X5d5 5R55555556 6(646T6\6d6p6 66666666667 7,7P7p7x7 777S77777777778888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S88888888888889999$9,949<9D9L9T9\9d9l9t9|9 9R9 9S999999999::,:4:<:H:h:p:x: :::::::;; ;@;H;P;\;|; ;R; ;;;;;;;<<0<8<@<H<P<X<`<h<p<|<S<<<<<<<<<=$=,=4=@=`=h=p=x= =========>>>><>D>L>T>\>d>p>>>>>>>>>>>>???<?\?d?l?t?|??????????d0000$0,040<0D0P0t0 0S0000000001$1,141<1H1l1R1 1S1111111111222<2D2P2p2x2 22 22223333$3,343<3H3h3t3 3S33333333484@4H4P4X4`4h4p4x4 4R4444444455,585\5|5 5R5 5S5555555566$6,686X6`6h6p6|6S6666667777$7,787\7|7 7R7 7S7777777778$8,848<8D8L8T8\8h888888888888899989D9h9999999999999:(:0:8:@:H:T:t:|: :R: :S:::::::::::;4;<;D;L;T;\;d;l;t;|;;;;;;;<,<4<<<D<L<T<\<d<l<t<|< <R< <<<<<<<<<<=$=0=P=\=|= =R=====>>> >(>0>8>@>H>P>X>`>l>R> >>>>>>?<?D?L?T?\?d?l?x??????????(0 0(040X0x0 0000000001111 1,1L1T1\1d1l1t1|1 1R11111111222 2@2H2P2X2d2 2222222223(30383@3L3l3x33333334$404T4t4|4 4R4 4S4444444445555<5D5P5p5|5S55555556686D6d6p66S6666777$7,7<7P7\7d7 7R7 7S77777777777778888@8L8p88888888888888899,989X9`9h9t9 9S99999999: :@:L:t::::::::;;;4;<;H;h;p;|;S;;;;;;;;;<$<0<P<X<`<l<R< <S<<<<<<===8=@=L=l=t=|= ======>>>$>H>h>p>x> >>>>>>>>>>>?4?<?D?L?T?\?d?p????????,0$0,040<0D0L0T0`0 0000000001111$1H1h1p1x1 11 111111111112(20282@2H2P2X2d2 2R2 2S22222222233343<3D3L3T3\3h3333333333344<4D4P4p4x4 4444444455$505T5t5|5 5R5 5S55555566(60686@6L6l6x666666677747@7`7l7R7 77777778848T8\8d8l8t8|8 888888888999 9D9d9l9t9|9 9R9 9999999:0:8:@:\:d:l:x:::::::;;$;,;P;d;l; ;;;;;;;;;;<<<4<@<d< <R< <S<<<<<<<<<<<=<=H=P=h=t= =S======>>>8>@>H>T>t> >>>>>>>?,?4?<?D?L?\?p?|? ???????? 0000@0`0h0p0x0 0000000000001 1(141T1\1h11111111122,242<2H2h2p2x2 222222333 3@3H3T3t3|3 3R333333334(40484@4H4P4X4`4h4t4 4S4444444445$5,545<5D5L5T5\5d5p555555555566 6,6L6T6\6d6p6 66666666667 7(70787@7H7P7\7 77777777778888$8,848<8D8L8X8x8 88888888888888899$9,949<9D9L9T9\9d9l9t9 9999999999999:::4:<:D:L:T:\:h:::::::::::::;;;;$;,;4;<;D;L;T;`; ;;;;;;;;;;;;;;;;<<<4<<<H<l<R< <S<<<<<<<<<=,=@=L=T=l=|= =R= =======>>>$>,>8>X>d> >>>>>>>??<?H?h?t?????????? 00$000P0X0d00000000000001111$1D1P1p1x1 1R11111120282@2H2P2X2`2h2p2x2 2222222222223$3D3L3T3\3d3p333333333334$4D4P4p4|4S444444445 5@5H5T5t5 55555566686X6`6h6p6x6 66 66666777(7H7P7\7|77777778,848<8D8L8T8`8 888S8888889999$9D9L9X9x9 9R999999::(:0:L:l:t:|: :R: :S:::::::::;;,;4;<;H;h;p;|;S;;;;;;;<<8<@<L<l<t<|<<<<<<<<== =(=0=8=@=H=P=\=|= =R=====>>> >(>0>8>D>d>l>t>|> >R> >S>>>>>??(?0?<?d?? ?S?????0(00 0H0l0x0 000000000141<1D1L1T1\1d1l1t1|1 1R1 1S1111111112(2H2P2X2`2h2p2x2 22 222222383@3H3P3X3`3h3p3x3 333S3333334404P4X4`4h4p4x4 44444444455,545<5H5h5p5x5 5555555666$606P6\6|6 6R666666667777(7H7T7t7|7777777778 8(848T8`8 8R888888889(9H9P9X9`9h9p9x9 9R99999999999:$:D:L:X:x: ::::::;;;;$;,;4;@;d; ;R; ;S;;;;;;;<$<0<P<X<`<l<R< <<<<<<<==0=8=D=d=l=x=======>>,>8>X>`>l>R>>>>>>??$?D?L?T?\?p?????????????@00 0$0,0@0\0`0 0000001 1@1`1 111122(2H2h2222223383X3x333333334484@4D4\4`4|4 4444S4444444554585T5X5x55555686X6x66666677 7p400$0@0X0|000001$1D1h111112,2H2`2t2 22222343T3t3S33344<4`4x4 444455H5t5x55 555556H6L6l6 666667,7X7p7t77777788H8h8 8888889,9P9l9p999999:,:0:P:T:p:R:::::;,;H;h; ;;;;;;<4<X<|<S<<<== =@=D=d=R=====>,>h>>>>>?,?L?l? ?????? 000L0h0 0S000001 1T1X1x1|1S111112<2X2\2x22S2222343L3h3l3 3S3333444T4|44S444444505X6\6`6d6888$8,848<8D8L8T8\8d8l8t8|8 8R8 8S888888888888888h=`>>>>>?,?8?<?@?D?H?P?T?`?0081@1333333333344444444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|4 4 44R44444444444444 5S55555555555556666$6,646<6D6L6T6\6d6l6t69 99S999999999999999
Ansi based on Dropped File
(~WRD0002.doc)
;_,.,,,,;,;,,
Ansi based on Image Processing
(screen_9.png)
_=-_---_=l_l\!x
Ansi based on Image Processing
(screen_9.png)
_yly_L_____e
Ansi based on Image Processing
(screen_9.png)
Alekdll-M_cr0s0ftW0rd
Ansi based on Image Processing
(screen_9.png)
E_n1u_anJ
Ansi based on Image Processing
(screen_9.png)
F_rn,_,a1,v,_,r,_a_an
Ansi based on Image Processing
(screen_9.png)
mx,x'_ll'b_
Ansi based on Image Processing
(screen_9.png)
S___nl_0ut
Ansi based on Image Processing
(screen_9.png)
S_ndung_n
Ansi based on Image Processing
(screen_9.png)
Ub_rprM_n
Ansi based on Image Processing
(screen_9.png)
___r___g__
Ansi based on Image Processing
(screen_5.png)
_Cun_'__C?_,0
Ansi based on Image Processing
(screen_5.png)
_yly_L______e
Ansi based on Image Processing
(screen_5.png)
s___n__0ut
Ansi based on Image Processing
(screen_5.png)
s_ndung_n
Ansi based on Image Processing
(screen_5.png)
ub_rpr__n
Ansi based on Image Processing
(screen_5.png)
Extracted Files
-
Informative 10
-
-
Alert.dll.LNK
- Size
- 458B (458 bytes)
- Type
- MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Mar 2 18:28:59 2016, mtime=Wed Mar 2 18:28:59 2016, atime=Wed Mar 2 20:27:56 2016, length=638560, window=hide
- MD5
-
82096a190640d23185a8cf1ccecd80f9
- SHA256
-
278e931d20ea6cecfef374a02625dd4bf215651034b5a778e1eb126c4cf5757e
-
Local Disk (C).LNK
- Size
- 317B (317 bytes)
- Type
- MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, System, Directory, ctime=Tue Jul 14 09:07:54 2009, mtime=Wed Mar 2 18:33:22 2016, atime=Wed Mar 2 18:33:22 2016, length=8192, window=hide
- MD5
-
efdfe126dc048b0f33d789bc80e8d10a
- SHA256
-
1519e12582bfbf0efca71310dbd24f13d999cd1d78ec07cfbbeaca6decce31a6
-
index.dat
- Size
- 74B (74 bytes)
- Type
- data
- MD5
-
5dfe91459fcd1c5abda0b9442e5d0e34
- SHA1
-
6d346e12262a9c2df2211961615a404cdc9702a2
- SHA256
-
a1f4edba9e4046fda4e9150c5805fd80c3026fefa28e9d5b8a404d4476f1d2cc
-
~WRD0000.doc
- Size
- 1.2MiB (1277120 bytes)
- Type
- data
- MD5
-
c9ee0ed638640cf00ae012ef53e9a772
- SHA1
-
c85d8b1f5868753f9d169a881e749be4f1215a45
- SHA256
-
7e4e625cb93f4ae071bf88f95362bdba627ce670cd8df8a59ecd2213914e060c
-
~WRD0001.doc
- Size
- 1.2MiB (1277120 bytes)
- Type
- data
- MD5
-
c9ee0ed638640cf00ae012ef53e9a772
- SHA1
-
c85d8b1f5868753f9d169a881e749be4f1215a45
- SHA256
-
7e4e625cb93f4ae071bf88f95362bdba627ce670cd8df8a59ecd2213914e060c
-
~WRD0002.doc
- Size
- 1.2MiB (1245184 bytes)
- Type
- data
- MD5
-
e073ab1aee6c767992f931ec9adaf671
- SHA1
-
3d41c3a35b5f4de38bae541cf9621bb5372eb7c7
- SHA256
-
7fd0712cc16eef5a6b37bf61c7df4aacf2dab149f889eddda838bd6738bc7494
-
~WRS{9C98AD0C-DAC3-4C5C-B311-81CD81463030}.tmp
- Size
- 1.5KiB (1536 bytes)
- Type
- data
- MD5
-
53b0b35ef4ba27c8bda910df9a521188
- SHA1
-
f4810a9f45824807022ecb9ecd8ca31dde8e7c9a
- SHA256
-
12d2fe61af1c52f8e8bea34eb0803143aa3b6e5ae8d7278fc64bdf1f016cea4a
-
~WRS{C46BB34F-BEF2-4EF1-BFAA-058F94ECC31A}.tmp
- Size
- 1KiB (1024 bytes)
- Type
- FoxPro FPT, blocks size 0, next free block index 218103808, 1st used item "\375"
- MD5
-
5d4d94ee7e06bbb0af9584119797b23a
- SHA1
-
dbb111419c704f116efa8e72471dd83e86e49677
- SHA256
-
4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1
-
opa12.dat
- Size
- 8.3KiB (8488 bytes)
- Type
- data
- MD5
-
416c9314d146470fd1313250fb4d3b74
- SHA1
-
fa98f00852f32750527560076960cef20d06d1a3
- SHA256
-
bc784978aa01adf5dcd68765efd37ab4e4dbb687a9d87ebc42bd796c81649f9f
-
~$ert.dll.doc
- Size
- 162B (162 bytes)
- Type
- data
- MD5
-
c0d64e8c6fad01aca75733f1a0fc5c56
- SHA1
-
6b0d903b6a88b7612f2912b83b9fdbbcacf32e11
- SHA256
-
55c606246a827f77b64970fba03164f41fb38d57eb94235101095e9733ed5b11
-
Notifications
-
Runtime
- No static analysis parsing on sample was performed
- Not all sources for signature ID "api-55" are available in the report
- Not all sources for signature ID "string-21" are available in the report
- Not all sources for signature ID "string-3" are available in the report
Environment 1
Community
There are no community comments.
You must be logged in to submit a comment.