Trends in open-source software supply chain attacks – ones that exploit the public platforms developers rely on for software development – have changed quite a bit in recent years. While the number of malicious packages uploaded to open-source repositories like npm and the Python Package Index (PyPI) has decreased, the stealth and sophistication of threat actors to pull off less obvious attacks on platforms like GitHub is increasing.
This trend can be seen in a new campaign discovered by the ReversingLabs threat research team, where more than 60 GitHub repositories hosting what at first glance appear to be hacking tools written in Python were actually trojanized look-alikes of other identically named repositories. The adversary behind this campaign, Banana Squad, was first spotted by researchers at Checkmarx in October 2023. The group is named after its earliest malicious domain: bananasquad[.]ru.
In Banana Squad’s original campaign, researchers found that, starting in April 2023, the threat actor was relentlessly deploying hundreds of malicious packages using various usernames. The Windows-based final payloads aimed to steal “extensive amounts of sensitive data,” which include the target’s system, applications, browsers and cryptocurrencies, researchers noted. The malicious packages accumulated close to 75,000 downloads before the campaign was identified and the packages removed.
More recently, a single repository from a Banana Squad campaign, dieserbenni[.]ru, was analyzed by researchers at SANS's Internet Storm Center in November 2024. The researchers discovered trojanized Python files that abuse a UI feature on GitHub in which long lines of code do not wrap to a new line. That allowed the attackers to incorporate a long set of spaces to push the malicious backdoor code content off the screen to the right side, and out of the victim’s view, making it harder to detect visually.
Here’s how RL researchers identified the 67 GitHub repositories that contain hundreds of malicious, trojanized Python files.
Discovery
The trojanized repositories were discovered by working backwards from the malicious URL indicators found in RL’s network threat intelligence dataset. The query string in most of the malicious URLs contains the name of the repository where the malicious Python file is located. One example repository name in a query string of a URL is shown in red here:
hxxps[://]dieserbenni[.]ru/paste?repo=file-extension-spoofer
The name alone does not differentiate between the benign repositories and the malicious repositories that have identical names. Therefore, all repositories with the same name were collected and analyzed by RL Spectra Intelligence. The zip archives containing the trojanized Python files were then identified, which in turn identified the trojanized repositories that needed to be addressed and taken down.
GitHub repository analysis
For the majority of the malicious repositories, the owner only has that one repository listed under its GitHub account. This indicates that these kinds of user accounts are almost certainly fake and created for the express purpose of hosting a malicious repository. An example of this can be seen in Figure 1, where the user account “degenerationred” is listed as having only one repository.
In RL's analysis, the team focused on the “degenerationred” example, which is just one out of the total 67 trojanized GitHub repositories identified by RL. However, what is outlined here are commonalities found among all the repositories.
Figure 1: A single repository is listed under the user account.
The repository name is identical to one or more other repositories that are not trojanized. In Figure 2, below, we can see the trojanized repository at the top, and the benign repository that the trojanized repository is masquerading as at the bottom.
Figure 2: Trojanized repository at the top and benign at the bottom.
The "About" text for the trojanized repository is filled with search terms related to the theme of the benign repository and there is at least one emoji, which is typically a flame or rocket ship. At the end of the text is a dynamically generated string, which is highlighted in Figure 3 below.
Figure 3: “About” text with emojis and a dynamically generated string.
A similar dynamically generated string also appears at the end of most other files in the repository. In Figure 4, the string is at the end of the README.md file.
Figure 4: Dynamically generated string in README.
This same flavor of string also appears at the end of the trojanized Python files that live in the repository, but are wrapped in a print statement. An example of this can be seen in Figure 5 below.
Figure 5: Dynamically generated string in Python file.
Python gets trojanized
There are many spaces on the trojanized line of code – making it so that even on a large monitor at 4K with a maximized window, the malicious code is not in view. However, viewing the file in Spectra Analyze’s Preview feature clearly shows what the content is. This can be seen in Figure 6 below.
Figure 6: Trojanized code can be seen on the first line of the Python file in Spectra Analyze’s Preview feature.
The “Hex” view mode also makes the trick obvious, as can be seen in Figure 7.
Figure 7: Trojanized code in the “Hex” view.
There are multiple variations of the trojanized Python files throughout the 67 repositories. All use one or more of the following encoding or encryption processes: Base64, Hex text, and Fernet encryption. The latter, Fernet, utilizes the third-party cryptography Python package. A CyberChef recipe that combines each of these in an order that many of the samples used is provided at the end of the blog. This can be used to extract the next stage payload URL from the trojanized Python files. An example of how this works is in Figure 8.
Figure 8: CyberChef recipe for extracting a next stage URL from a trojanized Python file.
The hostname used primarily in this campaign is dieserbenni[.]ru, and the name of the repository that the trojanized Python file was located in is in the URL as a query string with the key name repo. The start of a new campaign using a different hostname, 1312services[.]ru, was detected on June 6, 2025. This domain is similar to a domain used in an earlier campaign, 1312stealer[.]ru.
All of the trojanized repositories have been reported to GitHub for takedown, and RL received confirmation that all 67 repositories were removed this past weekend. It is not known how many times the malicious repositories were cloned by developers. However, considering the total number of trojanized repositories and the hundreds of malicious files they contained, it is likely that there are several victims of this latest campaign.
Attribution
The payload URL structure of the dieserbenni[.]ru campaign with the repo= query string as well as structure of the trojanized Python files we discovered matches earlier documented campaigns operated by Banana Squad as identified by Checkmarx in October 2023. Specifically, the use of many spaces as well as the sequence and type of encoding and encryption as noted above.
Differential analysis is a differentiator
This pair of repositories from the “degenerationred” example, one benign and one malicious, provides a great example of how essential differential analysis technology is for understanding software supply chain threats.
Spectra Assure can surface malicious changes between package versions that are otherwise hidden from view, which was utilized when analyzing this latest campaign from Banana Squad. Figure 9 shows part of the Spectra Assure report for an archive of one of the benign repositories.
Figure 9: Spectra Assure report summary of a benign repository archive.
In Spectra Assure, versions of a package can be concisely compared side-by-side. Figure 10 shows this type of comparison with the newer, trojanized repository archive shown on the left and the benign version on the right.
Figure 10: Side by side comparison of Spectra Assure analyses (trojanized on left, benign on right).
The Spectra Assure report below highlights the malicious version — and what issues have been introduced since the original, benign version. Notice in Figure 11 that the platform has highlighted the method of subterfuge, which involves the many spaces used in the code as we referenced before, and was used to hide the trojanized code: "Detected presence of software components that have code outside of the common screen width."
Figure 11: Differential analysis of the malicious version versus the benign, original version.
Recommendations
Backdoors and trojanized code in publicly available source code repositories like GitHub are becoming more prevalent and represent a growing software supply chain attack vector. For developers relying on these open-source platforms, it’s essential to always double check that the repository you're using actually contains what you expect. However, the best way to avoid running into this threat is to compare the desired repository to a previous, known good version of the software or source code.
Additionally, security teams can utilize the domain, URL, and file indicators, as well as a list of the trojanized GitHub repositories, for detecting the specific threats detailed in this campaign, below.
CyberChef Recipe
[
{ "op": "Regular expression",
"args": ["User defined", ";exec\\(b'(.+)'\\)", true, true, false, false, false, false, "List capture groups"] },
{ "op": "From Hex",
"args": ["Auto"] },
{ "op": "Register",
"args": ["Fernet\\(b'(.+?)'\\)", true, false, false] },
{ "op": "Regular expression",
"args": ["User defined", "decrypt\\(b'(.+?)'\\)", true, true, false, false, false, false, "List capture groups"] },
{ "op": "Fernet Decrypt",
"args": ["$R0"] },
{ "op": "Regular expression",
"args": ["User defined", "get\\('(.+?)'\\)", true, true, false, false, false, false, "List capture groups"] }
]
Domain Indicators
bananasquad[.]ru
dieserbenni[.]ru
1312services[.]ru
URL Indicators
hxxps[://]1312services[.]ru/paste?userid=7
hxxps[://]bananasquad[.]ru/paste
hxxps[://]dieserbenni[.]ru/paste?repo=Apex_Legends_External_Cheat
hxxps[://]dieserbenni[.]ru/paste?repo=Bitcoin-wallet-finder
hxxps[://]dieserbenni[.]ru/paste?repo=BlackCap-Grabber-NoDualHook
hxxps[://]dieserbenni[.]ru/paste?repo=Blank-Grabber
hxxps[://]dieserbenni[.]ru/paste?repo=Combolist-generator
hxxps[://]dieserbenni[.]ru/paste?repo=Creal2-Stealer
hxxps[://]dieserbenni[.]ru/paste?repo=Crypto-Faucet-Bot
hxxps[://]dieserbenni[.]ru/paste?repo=Discord-Account-Cleaner
hxxps[://]dieserbenni[.]ru/paste?repo=Discord-Nitro-Generator
hxxps[://]dieserbenni[.]ru/paste?repo=Discord-image-logger
hxxps[://]dieserbenni[.]ru/paste?repo=Discord-mass-report
hxxps[://]dieserbenni[.]ru/paste?repo=Email-spammer
hxxps[://]dieserbenni[.]ru/paste?repo=Fortnite_External_Cheat
hxxps[://]dieserbenni[.]ru/paste?repo=Hyperion-deobfuscator
hxxps[://]dieserbenni[.]ru/paste?repo=Office-365-Key-generator
hxxps[://]dieserbenni[.]ru/paste?repo=PyPhisher
hxxps[://]dieserbenni[.]ru/paste?repo=SelfDiscord
hxxps[://]dieserbenni[.]ru/paste?repo=SpotifyStreamingBot
hxxps[://]dieserbenni[.]ru/paste?repo=TikTok-viewbot
hxxps[://]dieserbenni[.]ru/paste?repo=TikTokUsernameChecker
hxxps[://]dieserbenni[.]ru/paste?repo=Tiktok-Report-bot
hxxps[://]dieserbenni[.]ru/paste?repo=Twitch-Follow-Bot
hxxps[://]dieserbenni[.]ru/paste?repo=VCC-Generator
hxxps[://]dieserbenni[.]ru/paste?repo=W4SP-Stealer
hxxps[://]dieserbenni[.]ru/paste?repo=YouTube-Report-bot
hxxps[://]dieserbenni[.]ru/paste?repo=YouTube-viewbot
hxxps[://]dieserbenni[.]ru/paste?repo=ZPhisher-Python
hxxps[://]dieserbenni[.]ru/paste?repo=amazon-gc-gen
hxxps[://]dieserbenni[.]ru/paste?repo=blum-claimer
hxxps[://]dieserbenni[.]ru/paste?repo=chess-v2
hxxps[://]dieserbenni[.]ru/paste?repo=crypter
hxxps[://]dieserbenni[.]ru/paste?repo=crypto-clipper
hxxps[://]dieserbenni[.]ru/paste?repo=ddos-bot
hxxps[://]dieserbenni[.]ru/paste?repo=discord-Pass-Changer
hxxps[://]dieserbenni[.]ru/paste?repo=discord-advertising-tool
hxxps[://]dieserbenni[.]ru/paste?repo=discord-booster-tool
hxxps[://]dieserbenni[.]ru/paste?repo=discord-checker-for-accounts
hxxps[://]dieserbenni[.]ru/paste?repo=discord-invite-joiner
hxxps[://]dieserbenni[.]ru/paste?repo=discord-nuker
hxxps[://]dieserbenni[.]ru/paste?repo=discord-promo-redeemer
hxxps[://]dieserbenni[.]ru/paste?repo=discord-status-rotator
hxxps[://]dieserbenni[.]ru/paste?repo=discord-username-sniper
hxxps[://]dieserbenni[.]ru/paste?repo=discord-vanity-sniper
hxxps[://]dieserbenni[.]ru/paste?repo=exodus-wallet-cracker
hxxps[://]dieserbenni[.]ru/paste?repo=fake-usdt-sender
hxxps[://]dieserbenni[.]ru/paste?repo=file-extension-spoofer
hxxps[://]dieserbenni[.]ru/paste?repo=gmail-gen
hxxps[://]dieserbenni[.]ru/paste?repo=hayday2-farming
hxxps[://]dieserbenni[.]ru/paste?repo=leagueoflegends-cheat-bot
hxxps[://]dieserbenni[.]ru/paste?repo=minecraft-name-sniper
hxxps[://]dieserbenni[.]ru/paste?repo=nodepay-farmer
hxxps[://]dieserbenni[.]ru/paste?repo=paypal-bulk-account-checking
hxxps[://]dieserbenni[.]ru/paste?repo=python-keylogger
hxxps[://]dieserbenni[.]ru/paste?repo=ransomware-builder
hxxps[://]dieserbenni[.]ru/paste?repo=redpocket-claimer
hxxps[://]dieserbenni[.]ru/paste?repo=spoofer-hwid
hxxps[://]dieserbenni[.]ru/paste?repo=steam-account-checker
hxxps[://]dieserbenni[.]ru/paste?repo=steam-key-generator
hxxps[://]dieserbenni[.]ru/paste?repo=telegram-mass-advertiser
hxxps[://]dieserbenni[.]ru/paste?repo=tiktok-bot
hxxps[://]dieserbenni[.]ru/paste?repo=tiktok-comment-bot
hxxps[://]dieserbenni[.]ru/paste?repo=tiktok-pull-bot
hxxps[://]dieserbenni[.]ru/paste?repo=tiktok-sharing-automation
hxxps[://]dieserbenni[.]ru/paste?repo=tomarket-claimer
hxxps[://]dieserbenni[.]ru/paste?repo=twitter-mass-follow-bot
hxxps[://]dieserbenni[.]ru/paste?repo=webhook-spammer
hxxps[://]dieserbenni[.]ru/paste?repo=youtube-cookie-uploading-bot
GitHub Repositories
hxxps[://]github[.]com/AaronOrazi/Creal-Stealer
hxxps[://]github[.]com/Amansinha110/Discord-image-logger
hxxps[://]github[.]com/AyoubZrour/Discord-image-logger
hxxps[://]github[.]com/EdwinRojas2024/Blank-Grabber
hxxps[://]github[.]com/Enrique202318/python-keylogger
hxxps[://]github[.]com/Htbgayedward/discord-Pass-Changer
hxxps[://]github[.]com/NaimXbz/ddos-bot
hxxps[://]github[.]com/NavdeepYadavskylight/discord-status-rotator
hxxps[://]github[.]com/Prem12345678910/discord-nuker
hxxps[://]github[.]com/Ruangruo/Discord-image-logger
hxxps[://]github[.]com/Sytamylkor/VCC-Generator
hxxps[://]github[.]com/adodpumi0m/Hyperion-deobfuscator
hxxps[://]github[.]com/avingbeewulf775/discord-checker-for-accounts
hxxps[://]github[.]com/battery0288/youtube-cookie-uploading-bot
hxxps[://]github[.]com/beepbeepbloodmoney/gmail-gen
hxxps[://]github[.]com/biowarrior-288/fake-usdt-sender
hxxps[://]github[.]com/bowthinker212/TikTokUsernameChecker
hxxps[://]github[.]com/bree80matteoward/discord-advertising-tool
hxxps[://]github[.]com/brolyksocuteboy/Fortnite_External_Cheat
hxxps[://]github[.]com/daddydeadmoroz7/discord-username-sniper
hxxps[://]github[.]com/ddejnn/Creal-Stealer
hxxps[://]github[.]com/degenerationred/Discord-Account-Cleaner
hxxps[://]github[.]com/edingmatteopowell/YouTube-viewbot
hxxps[://]github[.]com/framp1932/crypter
hxxps[://]github[.]com/goobers4316/discord-invite-joiner
hxxps[://]github[.]com/gravelshaper7339/ddos-bot
hxxps[://]github[.]com/guiscaliente5109/crypto-clipper
hxxps[://]github[.]com/happyboy227/discord-status-rotator
hxxps[://]github[.]com/hardskill7881/tiktok-bot
hxxps[://]github[.]com/hungryxoreoxx8848/Office-365-Key-generator
hxxps[://]github[.]com/kennyborough/Discord-mass-report
hxxps[://]github[.]com/killer2373/python-keylogger
hxxps[://]github[.]com/koshakiard84/TikTok-viewbot
hxxps[://]github[.]com/lellmankomap77/tomarket-claimer
hxxps[://]github[.]com/leobloodfire7/Crypto-Faucet-Bot
hxxps[://]github[.]com/liatagihaii/tiktok-pull-bot
hxxps[://]github[.]com/lotsoporte14/webhook-spammer
hxxps[://]github[.]com/mainkrafter895/VCC-Generator
hxxps[://]github[.]com/minchin85derzkuu/BlackCap-Grabber-NoDualHook
hxxps[://]github[.]com/mowbeetleg855/leagueoflegends-cheat-bot
hxxps[://]github[.]com/mowicebaer821/blum-claimer
hxxps[://]github[.]com/mpsqk/file-extension-spoofer
hxxps[://]github[.]com/nibern928/tiktok-comment-bot
hxxps[://]github[.]com/nutpyverigi/ransomware-builder
hxxps[://]github[.]com/owerfanblond/tiktok-sharing-automation
hxxps[://]github[.]com/pedrodavila35/Tiktok-Report-bot
hxxps[://]github[.]com/penfantasy3790/W4SP-Stealer
hxxps[://]github[.]com/pharofigytebe1038/Tiktok-Report-bot
hxxps[://]github[.]com/pharoserial34/chess-v2
hxxps[://]github[.]com/pootiebourn8000/discord-Pass-Changer
hxxps[://]github[.]com/pops-1529/Discord-Nitro-Generator
hxxps[://]github[.]com/rebeccam8arFshalBl/file-extension-spoofer
hxxps[://]github[.]com/rockbeznika20/discord-booster-tool
hxxps[://]github[.]com/sakaenwent761/steam-account-checker
hxxps[://]github[.]com/sandstormvampir65/Creal-Stealer
hxxps[://]github[.]com/sant10203/discord-username-sniper
hxxps[://]github[.]com/scoutpanzerjora613/minecraft-name-sniper
hxxps[://]github[.]com/shugar449/redpocket-claimer
hxxps[://]github[.]com/slipersunez870/PyPhisher
hxxps[://]github[.]com/totannymars271/SpotifyStreamingBot
hxxps[://]github[.]com/tractor-1103/discord-status-rotator
hxxps[://]github[.]com/trx51/tiktok-comment-bot
hxxps[://]github[.]com/wiTllia4mspatriciQa/tiktok-pull-bot
hxxps[://]github[.]com/woodyzbagoc/SelfDiscord
hxxps[://]github[.]com/yourbat5931/hayday-farming
hxxps[://]github[.]com/zondergamer/Twitch-Follow-Bot
hxxps[://]github[.]com/zvenaiii/Crypto-Faucet-Bot
File Indicators
eb6c431ecf7e04d8c166b93e0dae1426001def08859ab0cf544eba072ed8a579
0051e9ef07a06771cedc1599d0d1e6b904ea93984a9fd3ea9e8996abfe36e9cb
4175e56cb4a7e2c4da780cb85667f9444428f72bc4700e988486ab3c505c08a7
537893b214cb4b377cb0f8e936560baec6d96eaa2552b60bf6df9b4dd1cf6d45
4bdbecdd22917c4bff624347403a33547a787e3b60535f88c97e63296ab78ad4
6202e1d0b9d4f9cc467612c3a41dc304592ce20a46469419a69bdf26295e7a63
fb19d39ef1f8cea3dbd3812bc5e2a127128afd5c40d5e605b5656f56efe5a099
59baeea023628f2a2641e6f3a2bf368e5626944482c0a139bb809d0cda3e33e5
ab4a8ce83f7936a7a3350980a2aa2da9778e27c66e51956bb700f5f1fae18cb3
b921a098a2ebee48cf1cfb73ecb356e79cd3ec48e2cc46a7e669f17491e931c9
73d6ccf483f7a5d31705555541c205097c42856c611bb4648686ccfeeeaafcc3
a4312577897f38c5330df315e4b24192c4309040cb4266a0d166dea2d7b0334a
dd6d54ef42c63214021861ddae545764e499a295b736999f9d8a947a3e0173b0
7629c7e26bb3a33ebc3d0dbf26dd528e8a697413915d2722eb828309f04f60be
49c59d5497a68550a58f326932f4a1302a6e5b71220ac249a37f10191e2d319b
d9dc488b938deb0f8af528fcecc5696f1486e8d807c3e2ec21665203226f9d7e
cd3e78bdacb91a8f6af1b8158886c0f17c694f032a83f16300cf9bd97b842296
26ed0ab1341b9ae7abdc66dd6f429bd4c5ad06a7b99c90b584dda873d0d591b3
d70b089c33f1c8b45c0dcd062e62d77bc2b297b1da22dd3521eaa9ebdab9a3bf
a4bffc80371863a17d41210a009448797ddb79c052abe5bff5d9b7c53aac3e15
e3470d1d70642f8790523b623826d98bb357483cee019ac550abb348ee832159
da74128cd51562bc0a72251d4d6f905b634b851dc8ea461a6ad99354a12daf69
99ffacd06f6b4b765e3f47e50a69d3f068b172345b35fe3e68a1bad898e62385
f92a52c5165a77828a7eeab01c2dedd86fd154ebfbeff314c76237e529024c6e
95390187a277c2f4f71e72f060e3669a828cd3eacc3f4763928cf5c58054e0ad
ccbd7e7768661f916783ba1ca38a073b34bcfdc16e2c4baac8e7fdcd7bf527e1
1f9550d25430a46dc71501687507af4d813c445e5f2133a2093dce780eb43416
15e67a4e034ca0033ac69ba6db608a3049c635679142f337f5535da09b6135f2
df4aea58af28d57f917a0abdd8fe6b2a7f7be813e5b823514c59df1acbec2c77
5aa29dfdd25870150c8b97a2bd95c2c6289e23b0ec50b22d613e5ac13cf4a0b1
1f092e9d691c0743b28e846fb247ff8a1ea9b4d6d2e508d227a69107eb96776a
c09b33dcd75c85a518ef8628f17a223bf60c9d482ab43531803822675a083711
51d66a2c534e8238c64cf2df622cbc6030ac97f6ae24323a664787724c1a7505
31659b20bd5512ac19ab529c59eab5e055d93aa8891fdb814843c4ec9c7d2986
64a6230835b9d42be6879cb6e7d9fcbcec31491b96bc596aea9f0d70b164d315
e6eb6c347449657e1c4dc8ce1029c1543aaa323ba18f51123c05f1fc4ddbf792
be63d2d2afc08627c2d24cf23183974fc0e842df56d3d63fcd0ac58feebe46d6
39abf291ffdeb98a35412f74b202da0db8ecb24bcc995c49d7386ee39b073a6e
328f87e4ff28f0179ab159c85a56987d65cf5d957d9b0544d616148adbcde3da
9b840413614cf3ee4a24bfe83671e0bfd6cff10bea97951fade74c8044e4972d
cc96ca573ade4125a1eae3e09df7533aa5057c06348a9c2ef3b49a0678a2c7c0
8ac4551ade7c9be8b272c31062cc06c5b0f767667b680bf81c714d5d42911756
40a17984bc35f9ceea62787f5a9f40050b69cbf0fac11f662fcc8020679bdc8e
f470da2e04c1b7f51d7981d69e05e3ed80b743523329af5aeb887a15ec34b6db
bde88b7cddbb10ac3bfe03500ae65b2a40fc28a8271744bf2bec695794ea35ab
786b6d84bcdc34fc46c90f221b9d185e394660e6f29a633a2a3da8db731a2f24
1c37a1c32674faa327e7f932289a21e5471460a503e48ab1fac9fbe0ec90e28a
f20dce1849c2cc2c9ca79808831b8b1d660dc4a295ef5272b8cda3ee75547e39
15a8108458f0d3a6c9bd86fd13d17e49133b98fecc4619f79cea2ed629be3b94
414db3d3637b9346a39ed8104d24c1d201d4f36b5f81017cce51b2de29e5e84f
2011f4fc58c8d6c32371b7c706a08fe8a858620d1e2a3fd092bb0bb166bfafe1
c01f26fc6e31bc5b03783975f34a11a502a02339e340a4a334c39f7416c74fae
204abd1ea0ff7c079a17a9172fa1f772b3f177e72c43ab23b01a86272ebe984d
61ffeb53b7b6ee7684e703915ec616c2980d92bea7c7bc9e0da1e04ef8b3f6c7
f2fb617e2288cf5bc34a35d4ac518c0506d1d0b3c23c91180a269922ee99ea33
753f7e8ac73426581c05a7ef79b5110ff4156741b47ed12405b80511d267b714
79de00373b412cfa4186a3b155164752fbfea4ee8af1f3ac17667719eca35707
9378fc5ef232754b23541254c5b2d1429c9821fa9df3622f2cbede4b40cb851b
c9295e5a87e0bff96136871c922946645907c359826a88eb65236a5b5ac99569
62c9d8fe7d320b424998361599ccfd48a1cf8696fefeb6250ff10cde88da177f
ab670f92a7cfed1f2830eaa8df073b57dcc212e47d068d914a06ab3c630d5baf
40b4c224a0acfcb40232f200ce8c8e011ed6e33da260afc25a4db3e964998aa6
0d6b6531e9826bb25affc3dcf2f2f3b00c214748b37c79eef012b570533b09da
b5b1ada7b8c4ac1b85833e7457b41976b57d3ab4f376c8206a3fe0daa5663fdf
3214169c1dd9577f7e870ae3eee92ee96c9446e9554a6092b877f1022e399da7
4af4643f1ed29d8383007b67b764f9762579c2b574077b06dc6ce8dee1c681e0
697308bf72f54168fca249cf24949da3a23e5d9b1c2a089923091c556f75c809
49b556c5425239d0d2e9d0e3c0ab0deeed5348a02f808b54d08461c824a83b37
298af6faf050db38463e43710d26c57a1ab02f0db48106eacc9c8e9ab704ebd8
640be033604953aa01064846b3cabb7f9831d23794401f66436748548c89aaea
5273a5bfc3a8e04b036d9844832f073c29b614040b98c863f249f3c4fdff5cbe
0776f861f4cf9aea359d937c377d99829d479ae0cc89eda340b7d89869145934
f7e40b7bb8db7a5ee5e50ea056c61bc9e4edb987986059a94f90e1f2cea0e4b5
576d094de394cff90060cbd6e7d6e656173d8ca6c2af53ded915faa541e7cd5f
30d7020b1dc5e41667d6b0e8504461ec67a4b1dd0e59fd73d4801edee1da4633
c136d7beddeaff3056107cd212debeaf410f92e56cbc82b55c3c36947a942e9f
67207acc8d5369336287724e92f312f09482c72e3ca615404781f9d62df16a41
9dcc48e9885fbae67db0ccbb38b2d69992ab037adfc5d29c4f71f77a3fdadcd9
ac584f4bf9d332c8f2a29062a18435776a3607c039f5a190e341c4b739842616
3afaed45390c9ecf247586a701e19e7da7764cd15699b127a60885a78bea9a98
ef500c31ac0dbfd87107f4a3b0815cf0e646af6c85860461264eb8de06fbba29
dca323570a30629f330eb1a16457d6c695b15022556e9f61de2a50f3bd931a4c
44db08256991d763c2851301036eb0e4757ab1b81c02b0e26ba040d6dfe05907
9a27da20a8ab9fd873ef52671358f84d231d795f0b601b7459a8b42a66d45759
b2021b92db1c276f998e6c0c8c013e74f6367e8e43c3e9446a78e3de5fa61e92
6eeec26ae16f365896e611a95358aaeb7bfa061d272a372fcbee5b60d523d44f
578d77adf1d4aab9959f500c8fac78c7d2c7cd791d8a972389bf647611a9cf82
e6afbe6fef2365d89a4dbb0e9552b41f795b4752e5032f5bdc92e781dbb25cd7
cea9b158ed5aa388ab7da667f343f7345b2453c6ea7269a71b6569a10b6e7df8
49d3e213f0a509af9c251f7dc7717333e492e31df868dcf2523a5e4fa2b2fd6e
6b23f3bf6ab8545b13f72ebe526f6b9eebf880ce53cc22d7fe39206e53edd081
76b7c41800672f646a3f79f7389bafc2752fc3f194bda63a77e6345ac4659612
7bd8050dab0f9f23593ccbc3a758d77eda7e8776caf4466b48c7a79a1535facb
a3beb775a42a4f2411101589a145f2214da30585977f786c099a6ceafe688f67
c3fa491b373b82de8547f1813ef5f06a57f120e42ef3e304194321eb0612e3a0
79ad2921194c8a860ebb36f9ae2868d1ba28a80cc99415251e0fb92838a537c7
4b224bf7e30b7dc236905f287f1e3b7429da52655b50c26a6e7502d72c75f808
288f29ec854aa6b09f463498d9292f3e5d2926318cf05a4ca76a24381e5d6283
2d35edcc5d553671ce24c95ecf4f3370af70687d779533ea79a620f2ad4fba34
5d2c393f7b21ef318319b28d3f6f876d2ec0acb6fcdfa72aef3948f702d2f7f6
70d2269a968d9b9ce2ef1083b8b51680d1358df7de6ca1a217ab245e2c8acd6b
27610b73244798454ac56562a34a1ed7b33288ca2f41cb4c88137e93ef16b576
e24ec87a2ca75e23a585c0695eddc1c825481093bbc3cbe54409ead37e527f6f
f9ef3b5d4ca512b5afb2d7a98222166543a8b06aeef4d50492a560b4575eb37c
0f378c9ed80673785cf4bb34012ed6e14d522fd0b3742492c573255d21e0d93e
5aef27475754bcb12c7a47bf6c4eab519ba0782de623e90cd5ac1b3e44f60309
34a4d4923c6997c4dc4f69b676b0e1f8e8b955a17defe43cf52d4e5fb1f03393
aca9c0a1de95f4f7880e39b74fcd22a9931fe18663c1aca462460e2eaafb670c
7726f7c0260132bdefdb43c4b67cdcc6c1d773f312b6e5a38fb2da3076b33dcc
6419a9f1d5d142246ad1527fc5848f8bf57982165833cdde0606489a8a793362
902f5662944fd86e30a691fdbcfb18a0e8579649f5ed57b6201981fa027cbf79
3a1c6d13c44a25ff9b1302e2fb003ad2df9d77dc4fec60ccdb187bb8fabfef16
2ec498b8e1bf0a5abbe8bd57cbb7571fe755060b5ac5a2d11f56c2c79115f818
392e2eee37396d9059c5e5756860d2213a3606b185cb0e3f2680b7f26035bf8b
c91f9ef587e4cce1cf97dbc8a62f7e734f0eb3611b8d474a6531a5aa11de3cb0
df6c70ac65628a9d448abcf596b1af3a775771d3ba121a424400a24f433f56bf
7666496d011d1f5e535bad91a3bc1cbd767f0ccf1d2390a2a9fca52b40c84bb0
058392b82ffc1a857e461df3f411149848b41af358a2c6dea250bf196b641bfc
000fe2a6c7d9bcec61e52dc751dd867c622ed9ef2fc434210707628f04bed041
f859144e977d02ce38eb00d579f3bc8e824af15d0a379bd6e305c09ab3a7fac4
7437d570332d30bea94d9422177566b3d5b82d4f556e56636863c722c72b4b8b
1dc6a2ebbb1f2346a9a2da7f0a3f3b871c5fa3937b25b3c332db340eae219a7b
7253d28215385400e7007a06b72c2a6fbe46574c7ea56de63a74133eb60ec617
14ff32f1763c1035a1641a36a100b2c089c2b57cfa0e98e59da445bb824175cd
f1a000807fabe0ec21adbc3729e40f6a8c1a2e999237392da854fba559cb0ece
69ce8069af624404008d9e8840fd99f572c4877b4394fc4f519e45806fe91a63
66be7f342ad97b66e46d3671f8cfc8e75ee22776ee3435e4939a284d8e1765af
77205dd9643fc4b5ff4a2b535dce9ab373253a40e3bdd71e25e919d4d0705428
8192cdd6249d9a8ce4270985c97845e0fe5034650f3bcef99be71586a5309711
2955bf6cd3aef2e4dcacbaa1dfc7bd0b62c21b0b9710a1a4bcaaaf83fc0b6c70
a3b840cd59234ca370014455a8890677982cb8d8cd19a4457775db49206b400a
76da61f2737738689331b2fcc600b948d92317a985e3187d27d4e603674bdf64
9d17a532056220054433850c92b21a163de0ca6592701142fbb0546465f8e267
0b9c64996c74c5dcb5ae78ace2c1b244a1bf3345c619125fcb22b35adee08481
b4c854ca0a600214474d5f766fbdb80a3af24fb3a413e363420975404b7dc726
15c3c1959f5ca2cc097c884fd9133dbd1239395e6b065154b9118e3bd1d9b5ce
40877d8cc62f0d000f1687629a6d60ad5ce0fface1c4418dd6033f4e43c18093
27a631c5f28eaae7cf01b05833cb8627f37a149e9f3797c43f1d261901f69599
b20e9af3c4b11446afbe8d3de36604e74563541d0480a0a2e0f8c694eb7e3b6a
e26b1dee15ab0e8d70594d049140879a96979960f9b5d97f9a468a39b6f1265c
575591f2aca1326c15c4a907e4261713795ead1d87fbaa92d3fa997b32e5845b
61a04ebe05b0615a79ae435a340ece1cd20655a14c34c307ab8fb638ef66a11d
1b397b7c6783739947837d79cdd1f9e4d0297431d21f77041d6eb6f12dea33b9
a9e80d4112d10199949a57eec9aaf44e24be69cd7eab6ba516aff8be32d6ce49
ad9d82221d420824037a47664831364344c59e284d3ba797989b806078b3bb73
6f50d1abdcca48186f5532e6673e8fa1877437bc8eeae08b2fd9d1abb12b9c54
7d22402044b7ddf94ae9e8d7a91174ddfd8c161358cddd7e0b7dab412df1cf72
3ca17964c580a5d8a6729ffa4285e39bb7141aa4e950c5595695b1d4d98343b8
d5cc3caaf32b7c9dffa90c00030c1e3a3a66fe9cfcdea78f6b16b3fa70f50ffe
37b1f28d60f6bb30920e0d5a3bfed9ad35cdf0360ce17a64c70f0ddfe1595cde
8d196ddb6b4927a002d3c10260f8968e2c5e7bcc4b3368a6392f38512fc0bb33
ccdaf74c2eb1508d09f23b86f79546ae6ab8ffb03a7b47fe9d6a546d4e25fc9f
aa1e8d44297a00fa5c1a3037b6ffc2eb622a0361128bfb39fc133604631712b6
15c6a38110ef1da0ba9600e7a5aae221bbad7230f3d0b82218f033fc2103fb86
edc45d37c67a26ee1a6e3e020e7df3ce0200e85f861c9eb2bf881c21a61cd8f3
973182e088867a18792d19e3d6dd3e3fb40a9cbed8009bf68a63d41cebe9828e
2e348dae0d33154eb9a982eaa5e733324c3791d4733d5b32b8d20352f4f3798a
bfcfc4dd196a0d1135bfb33fabee1eb45546287dbb1380b6cb73370194206d1e
f5e1bc6ef70eb4b4b8c93a2d8e77d584c35f7a04a511c7390feda87f13054c52
1a060f020a0acfbf42a27f74393028dec5d4319ab8deb4c6105d6840870181b7
95ca5425f0795ac1f3b6b430c0f9bf1a50ef478d6d6785445745217d2d4fc393
a3d8c295bb63ace25f1953a87a2e2472041222f6081348f2feb9a8b62fa1ce07
6b6c60ba3bff4b608c51464009464226c097a203c84216788e612a352b8b1cdc
090aa58379fe014b49b96ac8178c2c7f3e7d10edd11e1a3002a1549c506d62f2
2575a051143d8a82a7b96b7b46858d786d4f5ea84e100eb3be62201c992c28bf
5399e99a9969a420fc7946ec00eec5daf3a4f3a78e3a46304179d7d1989784e1
5e9051f791455d1917a4896f893407840c3272f2d9d23745aff25e1cf3df00b0
1d4f584724958c2e2d04cdf678075cab50a04b1bae0e1f951bd0205e0350a181
9323ac7d4636441bd6f79ed9540009e9dfde6b15a8576847d9c24b89ef4ff85e
292087dc389a6b439d26a10ba1d1982c5ad745a5193b64fb85fa9a259f634f6f
82af1f2e8466b568ac431b3157ea432c5a73ec8d70c0d145f074527cb4abfd49
79002775e72f3fc405b972671c7d8c3b8bf1944d3281a646a3e4e8baeef958ee
6e4a1bcb789c0e578b3ed560d3329476cead062844cf2e8b4a064215f56ea720
f832173317e88a6ae9a12a54b97761fe733c5431e7b10315a029716f8e26aba2
b8160fddfbadbd11f8205d65be49687eb6e6a7fa74e09f5fc7be25e3b3fea79e
6b5db31be7db9bf022a6894a560ad9e79a383eb79a3f63aa25483a6a715c856a
1b1cdf83eabae9376c866fe7ab051e8f0c136f1e8dc3b6baed9e512bc60fe7ec
929f42356f717fa25b814af198f20e47bb0e0e992a19059ca6201a8d1cdf9554
39b8644762ee6b60d686102efd8a31335b358fed816301894808ebe83a28245c
460bf1412a3809e0dbc1b48926361cbf6efb5e73286f2b716de1707752db7b8f
941d3c2b72d87e090d84d47c22a141c799a101ef0ac31a91e66b44185132bf69
ef14f781fe133f0622c1a83ba9e10cded62a8a1ec10f44f5340ee28d5e2934f3
4abfeb569bbe7419e0593d9a38b1c2310156718381e676ac0e2bedf8fd3ef4c1
277b08cf2c0002dde67e4655c5a3e41315cc1efbfeb84786a0255df733f93da6
2568dcefce76520f78792bf2055b8aea8a97a7c6631df37552662b6c9848afc5
1105948bb8db90023e80641e5720fd8117a52e2cedf08e1a16bdd16efe0db13e
ba35cd7a6b5ad342a65fa74b7e2e8c020c77b91b906a93a15bf02a5820f6a334
6cb00b5b8848c3c29dba432d3058ff5c36b3b679e38fd591f06bacfb608d384a
7489e1edfdfe837efc7f23dca23b75624bab1ba34b87873feb5c98e78dd9952c
592724f1e7582b81360b5851b2433dabd3000575a26d6cb3ee74cbcedc972694
c3de8817e345bf165eb4ef895b53b1fb81332454e6e67336adf4dab74581f056
6db63a1217115a72f1b23de5004de88c5920fec5877033b176dbdd3018c59754
f68228ac4d325bcca13f8821bcd9fb207c36697bf9a097a80de063e08f4ff940
85c35dd82a067eb237a2c9e5e02fc8003b93983c961455d9f56adc0395294135
e84346e77a69588a1c7258e007f6e719176426bd7c0d0a46784f7fb8db665026
ea9b5b5bcb249fa4c2f9b58381414b2df886a25413597902deb8e90903178ec4
076e7d15d82ccc588cd5efff50fc31b69ef6246b7612ac65c79fc1c0118f95a3
a622d9ff0c2df4e84fe5c40e764bd4fdacc1eaae787c09037a8c3fd1d862a884
8f3de3b44f166e5ed78ba0a78960af9c2953dd97af0c71a5f21599bca39753e0
40698bfd7774640419083543bd39b5d08e97abc6e0e39c69f951b473f6beee0f
d6246aedf5c17acbab371c3d15832cd14fee10e13f265912113d5b4e4362a911
b60ab07de49f01e03d04e233b9d296c532f869ef5c55c455201d186d2bd8f2dd
42ac9b15c8c6b245cde35f012ca9c887ad1f9dfe531ec5e1867725f44728721b
e9dff07fc4a368078f9d2f631d6d73a836db0e2784082fcb7dc5b61fdca1b0e6
679eff9afd6e7216ad398c64e44719355bff3c9eaa902c6533d19603ac6830a2
89fd8c8fa8a426c7823c7fe1154a378f8802a06035f434196a46f64122b3a18c
89304b6060ffe6c9c68ca40e8d5bcca36314053a118a74d2e8c8013da946c279
d6f0227a7c4dc8493b5f6c417ebac7a30f0bf92f7e2088f77e70c313de41ef15
b720af85cb166b7d554b2ad24a6f32c45da4cfc5a4c524030eca76a1f790ff26
73efe5220e533e48a090b6f822e5887e7912c67e05f77fad3eb8eba3c4b5cec1
41d26632a69d7ba7b5b6b9b5ea53af7e194ce53d1146e30a706f356d49c0c069
87e31f2329269ac4299fbe6fffb6fb5959be1ce26e6fe675679cef0d3e2cea71
485ff44a45d84490c7b1bc9e71b176ba314b9fff515dd76aeba0b2b09583e9a5
412d52189c9dc6ca584b591bd7b239e8f724a3e559ab0410bafa21e70e30a889
ac8dea96712251093c24b114403ebed3fe8759951d2a08f537d73c711facf6ab
ce6d5b11e3dc186154059bbbe1d7ba525c2b35bcdba1f153cad45994cb2d9b98
13237cd6e490801015ba0fda3251fe6c5c6900ca827ec691f6ad77518c37ebd7
74c6089ec0c2c53a5bff9363371d09022fe057b5a8928896fdcc95049c9e56f4
c145fa884087cce8618d365c33ebaedc289b87627c0db60aa345442ba1d68f44
bdda7c7040f9790274f549e5b29ee3bf2120ec473bd1e74276b7d22efff06ee5
553f222d4419b6d10fbc61526ffa0e604ee381b17e5c5dc55fcc2d6f69a90a34
8222733d044fdc7ffe9caffc8fa58df1955de843b4e4e39818fb2877575082c5
d6ccbedaee92fe82e96007c9170830df32d5673390ce50d54c98e69b5d28857d
54982b11957d94c819ab93d6bbb50145450f57c67e384016ec62a8c7e1ba1532
658890ddc4ed28a6ac8e416a9ad5550354f49e1395271ec56096c46af1762a6f
b295724bd106811d13f0f51035e1ac1dcf1a253453caf50ddd4167b14b663081
9b69b8090bfcc47051547c4aff61c47c8263679f5c2908a5a159665f8a465d15
c7aa72d3e835b5fabef5130ee316eb8708bbdccfd3b7d44eba5871c0d5c56a95
62d02474cc769d3cab2aa12a093a07776972223b914f999e3051ff34d00b3ada
bf157f7f230ade23f395d15e96c447a9f92c23705511e3a70dfd9ce5d67c9bce
4a1089e50691a19f12b701eda7e9eef71bb5ebce632a275512105fd27b790bea
aa8f97e39870a52413a67b359c464dff836f079139014265d43cd3eba66a2ee9
f3e402d6ab871ca9aafe77d5521103581f3e471f1106646023692f7a7e615bde
7ce0eaf5db4d5dcdc261e459cc679a628b847b73f94ac2fc6cd2f79eb2da347b
efbc993f028c4501596462969f22995e3c6ba19278d5cd226bade5d831cfe354
13e6c4948c92d90733fdb86e2c741a6a0878b06582acf2c72cac2f1493e84796
91e52f1430ef150538228210f53e61d1b583008177ddb019602e6e4f4c6a0255
75188a71a976730c0b3001422423f81fc9839819eab5fec8927c441dd509581d
40c67f10599697fe2133df5b29bfb135c77c29136089d34fef57fa32cf7743de
2201c7b74d1892ec22e433c5460d783e0a794418932a2d5be7667d1103f204a1
45e2862b9c7fe5ba17641b9c8690950a921fe7f3f08d8bb496e260e62c8e1f99
16c872ce461707e3a774d4d9f90d63d2900484f9211d2d323a5415bcba431230
9e34808a9841949bfcabd93d76e0a72a0f321126df1f48e067e5145d7e9e3616
00e28ac8c58a7ac50bc116c1811f6ca8aa9cae7656bb7c22a6f80ce734daa3f7
027191e6cdd24ae8a5c0fa0d6b07aee7de4c0b030b21cf87b2f2096aa058148e
53817fea6baf657b3fb8f96ed23de6742709d785cbcd8f20fcbb1e8d724ae77d
79dfde57d55ed3ca0b1f45b91f1093d38dfeade35f3ffa25baf3e8fa648f52ca
6d7f1e57cf613a9549b137102445ab25399606976498bb79f61b8d18e8a89c74
8bc6e1a6513f251fce92add10f222ba5bf9c6b8bc9373ec1cc19c45051c66335
e41c7eae55b42be4697853e6c67031a7bfbf5c0f35bd120e7f28fb4eb345b251
c4eacc1f979512a7a952d00962fabc90ed91b70d63c16370164478b46d19752d
945cd9cac37159d3a80aa909bc8c93563328de044248d4a0e6ae390f7f81fc6c
7410d9c0d77d0bcdbfe5130d95bc35a832ccb793d1cd3a6a632c7b18280a386b
ac476322fceda06aee00a239e13308d1447b2b37ce76638951ffe1886ff26c09
3bf5d484396fdac3ad6462e9c40cca346187813e92cc456b18271c98097f0899
4a0e7c48eb7541e70111b932ba5d71420d3c5ee7c5cdbeffce78058025730573
83296b28eb5ac220c69d36a070467cb5edc740e5f0e8543269f29f4fa45d7ed6
f2efa0cc09aca10e8189fe4afb477d428f53eef2bd053de1bfb2c84f4231d930
4e822aa2c33d218ee6a740b8aa42f7e202922abaca34ec789e9006f8be7199f1
7b40e382d014381f557981cc4052f9a8f5305bbdd7bac2ee1ef890383da162fb
e37e0edd405a348899281092cd4b969fd67ea7b7425a9eabbbedb42f7dae5046
8c70356eed9df897263a58526146756a7a55a8d2cc06dd0896838a066d920fc9
e00a5642240e0cdb42127cfc2284d21c51099b40b58d09e14fed9fafa51423c4
15ad414a060d1e740c1dc4558936af0bcd0ca07b1e84a7ad99cc3b7ca5ec4cbb
b44c4a59061ad57d5a0445e20d0cc29d09420c9967ddc2917447a4b628a9ca60
85c3c8cc416b561600580e8d11b87a797a9f8d33cb2cc7feab8247dbe79ad2ac
9a5d029e72b639dd0f456fb8f7557ff297f0dc4d1efb4d2b485de46c23968b6b
62e985c1800955332d2f81a05b731c5eb5082ffa80d99e32a622baaff3386866
4b12ad9764f186332017598f7c24e71916bc829723338e1c9207d2c73170bcdc
d45fbf98509c60b65d339796f9cb9bdcbb7858346bdd38b6313095b6bfe5a474
d0c31c3e8200a47a874c9215ee93bfed61299fb58d830f986e9dd71fcc3cdf3b
2 d45fbf98509c60b65d339796f9cb9bdcbb7858346bdd38b6313095b6bfe5a474
