From e37da467ec6e607c24ef49b99e957f02b7f599f6 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 11:44:44 -0500
Subject: [PATCH 01/13] [New Rules] macOS Unified Logs Login Window and
 XProtect Detections

Adds 2 new alerting rules leveraging macOS Unified Logs telemetry for
login item persistence and XProtect malware detection.

New rules:
- Login Item Persistence Execution via Unified Logs (T1547.015)
  com.apple.loginwindow.logging subsystem, performAutolaunch pattern
- XProtect Malware Scan Match Detected (T1036)
  com.apple.XProtectFramework.PluginAPI subsystem, high severity

Also adds message field as keyword in non-ECS schema for the
logs-unified_logs.log-* index pattern to support EQL validation.

Relates to: elastic/ia-trade-team#847

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 detection_rules/etc/non-ecs-schema.json       |   3 +
 ...e_evasion_xprotect_malware_scan_match.toml | 101 +++++++++++++++++
 ...persistence_execution_via_loginwindow.toml | 106 ++++++++++++++++++
 3 files changed, 210 insertions(+)
 create mode 100644 rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
 create mode 100644 rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml

diff --git a/detection_rules/etc/non-ecs-schema.json b/detection_rules/etc/non-ecs-schema.json
index 5722fd0236e..cbadd3c9f5c 100644
--- a/detection_rules/etc/non-ecs-schema.json
+++ b/detection_rules/etc/non-ecs-schema.json
@@ -282,5 +282,8 @@
   "metrics-*": {
     "system.process.cpu.total.norm.pct": "double",
     "system.cpu.total.norm.pct": "double"
+  },
+  "logs-unified_logs.log-*": {
+    "message": "keyword"
   }
 }
diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
new file mode 100644
index 00000000000..d8efd51a500
--- /dev/null
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -0,0 +1,101 @@
+[metadata]
+creation_date = "2026/03/23"
+integration = ["unified_logs"]
+maturity = "development"
+updated_date = "2026/03/23"
+
+[rule]
+author = ["Elastic"]
+description = """
+Detects XProtect malware scan matches via the macOS Unified Logs `com.apple.XProtectFramework.PluginAPI` subsystem.
+XProtect is Apple's built-in malware detection system that scans files using YARA-based signature rules. When a scan
+produces a match, it indicates that a known malware signature was detected on the endpoint. While XProtect events are
+rare, they are extremely high-confidence indicators of malicious software presence. This rule correlates XProtect scan
+results with Elastic Security telemetry to provide additional context for investigation and response. This subsystem
+does not require debug or private data enablement.
+"""
+false_positives = [
+    """
+    XProtect scan matches are high-confidence indicators and false positives are uncommon. However, legitimate
+    security research tools, penetration testing software, or sample files used in security training may trigger
+    XProtect signatures. Verify the detected file and its context before taking remediation action.
+    """,
+]
+from = "now-9m"
+index = ["logs-unified_logs.log-*"]
+language = "eql"
+license = "Elastic License v2"
+name = "XProtect Malware Scan Match Detected"
+note = """## Triage and analysis
+
+### Investigating XProtect Malware Scan Match Detected
+
+This rule detects when Apple's XProtect framework identifies a malware signature match during a file scan. XProtect uses YARA-based rules maintained by Apple and is a strong indicator that known malware is present on the endpoint.
+
+### Possible investigation steps
+
+- Review the `message` field to identify the XProtect signature that matched and the scanned file details.
+- Correlate with Elastic Defend telemetry to determine the full context: which process created or downloaded the flagged file, and what activity followed.
+- Check if XProtect quarantined or blocked the file, or if the malware was able to execute.
+- Look up the XProtect signature name against Apple's published XProtect rules or public malware databases for additional intelligence.
+- Review the host for additional indicators of compromise, including persistence mechanisms, network connections, and other suspicious process activity.
+- Check the file's origin — was it downloaded from the internet, received via email, or transferred from removable media?
+
+### False positive analysis
+
+- XProtect matches are high-confidence and rarely produce false positives.
+- Security research samples or penetration testing tools may trigger legitimate detections.
+- Archived or quarantined malware samples stored on disk could trigger scans.
+
+### Response and remediation
+
+- Immediately isolate the affected host if the malware is confirmed active.
+- Verify XProtect's remediation action (quarantine, block, or allow) and take manual action if needed.
+- Collect the flagged file for further analysis if not already quarantined.
+- Review the infection vector and timeline to determine if other hosts may be affected.
+- Check for post-compromise activity (lateral movement, data exfiltration, persistence).
+"""
+references = [
+    "https://support.apple.com/en-us/102445",
+    "https://www.elastic.co/docs/reference/integrations/unifiedlogs",
+]
+risk_score = 73
+rule_id = "d33b49d6-dd67-4a5d-ad9a-c3437dffc487"
+severity = "high"
+tags = [
+    "Domain: macOS",
+    "Data Source: macOS Unified Logs",
+    "Data Source: Unified Logs",
+    "Use Case: Threat Detection",
+    "Tactic: Defense Evasion",
+]
+timestamp_override = "event.ingested"
+type = "eql"
+
+query = '''
+any where event.dataset == "unified_logs.log" and host.os.type == "macos" and
+  message like "*XProtect*" and message like "*match*"
+'''
+
+[[rule.threat]]
+framework = "MITRE ATT&CK"
+[[rule.threat.technique]]
+id = "T1036"
+name = "Masquerading"
+reference = "https://attack.mitre.org/techniques/T1036/"
+
+[rule.threat.tactic]
+id = "TA0005"
+name = "Defense Evasion"
+reference = "https://attack.mitre.org/tactics/TA0005/"
+
+[rule.investigation_fields]
+field_names = [
+    "host.name",
+    "host.id",
+    "message",
+    "event.dataset",
+    "process.name",
+    "process.executable",
+    "user.name",
+]
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
new file mode 100644
index 00000000000..8e0846a72ef
--- /dev/null
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -0,0 +1,106 @@
+[metadata]
+creation_date = "2026/03/23"
+integration = ["unified_logs"]
+maturity = "development"
+updated_date = "2026/03/23"
+
+[rule]
+author = ["Elastic"]
+description = """
+Detects login item persistence execution via the macOS Unified Logs `com.apple.loginwindow.logging` subsystem. The
+`performAutolaunch` message indicates that a login item was automatically launched during user login. Login items are
+a common persistence mechanism used by macOS malware to ensure execution after system reboot. While many legitimate
+applications register login items for auto-start behavior, unexpected or recently added login items warrant
+investigation. This subsystem produces very low event volume with high signal fidelity, making it an effective
+detection source. This rule operates at default log level and does not require debug or private data enablement.
+"""
+false_positives = [
+    """
+    Many legitimate applications register login items for auto-start behavior, including cloud storage clients
+    (Dropbox, Google Drive), communication tools (Slack, Teams), security software, and system utilities. Review
+    the launched application identity in the message field to determine if the login item is expected.
+    """,
+]
+from = "now-9m"
+index = ["logs-unified_logs.log-*"]
+language = "eql"
+license = "Elastic License v2"
+name = "Login Item Persistence Execution via Unified Logs"
+note = """## Triage and analysis
+
+### Investigating Login Item Persistence Execution via Unified Logs
+
+This rule detects the `performAutolaunch` pattern from the `com.apple.loginwindow.logging` subsystem, which fires when a login item is executed during user login. Login items persist across reboots and are a favored persistence mechanism for macOS malware.
+
+### Possible investigation steps
+
+- Review the `message` field to identify the application or script that was auto-launched at login.
+- Correlate with Elastic Defend telemetry to determine the full process chain and binary details (code signature, path, hash).
+- Check whether the login item was recently added by reviewing Login Items in System Settings or via `sfltool dumpbtm`.
+- Look for other persistence mechanisms on the same host (LaunchAgents, LaunchDaemons, cron jobs) that may be part of the same attack chain.
+- Check if the auto-launched application performs suspicious post-login activity (network connections, credential access, data collection).
+- Review the host for recent software installations or modifications that could explain the new login item.
+
+### False positive analysis
+
+- Cloud storage sync clients (Dropbox, iCloud Drive, Google Drive) commonly register login items.
+- Communication tools (Slack, Microsoft Teams, Discord) use login items for auto-start.
+- Security and IT management software (antivirus, MDM agents) register login items.
+- macOS system services and Apple applications may trigger this pattern during updates.
+
+### Response and remediation
+
+- If the login item is unrecognized, investigate its origin and remove it via System Settings > General > Login Items.
+- Check for associated persistence files in `~/Library/LaunchAgents/`, `/Library/LaunchAgents/`, or the BackgroundTaskManagement database.
+- If the login item is confirmed malicious, remove all associated files and persistence mechanisms.
+- Review the host for additional indicators of compromise.
+"""
+references = [
+    "https://www.elastic.co/docs/reference/integrations/unifiedlogs",
+    "https://developer.apple.com/documentation/servicemanagement/smappservice",
+]
+risk_score = 21
+rule_id = "e360db98-825c-4674-9dbc-0b3d42cc706f"
+severity = "low"
+tags = [
+    "Domain: macOS",
+    "Data Source: macOS Unified Logs",
+    "Data Source: Unified Logs",
+    "Use Case: Threat Detection",
+    "Tactic: Persistence",
+    "Rule Type: BBR",
+]
+timestamp_override = "event.ingested"
+type = "eql"
+
+query = '''
+any where event.dataset == "unified_logs.log" and host.os.type == "macos" and
+  message like "*performAutolaunch*"
+'''
+
+[[rule.threat]]
+framework = "MITRE ATT&CK"
+[[rule.threat.technique]]
+id = "T1547"
+name = "Boot or Logon Autostart Execution"
+reference = "https://attack.mitre.org/techniques/T1547/"
+[[rule.threat.technique.subtechnique]]
+id = "T1547.015"
+name = "Login Items"
+reference = "https://attack.mitre.org/techniques/T1547/015/"
+
+[rule.threat.tactic]
+id = "TA0003"
+name = "Persistence"
+reference = "https://attack.mitre.org/tactics/TA0003/"
+
+[rule.investigation_fields]
+field_names = [
+    "host.name",
+    "host.id",
+    "message",
+    "event.dataset",
+    "process.name",
+    "process.executable",
+    "user.name",
+]

From eb5ab52973f44956de70cbb55ab8585c3bfe3ac2 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 14:11:30 -0500
Subject: [PATCH 02/13] Update Login Window and XProtect rules to use
 structured fields and KQL

Switch from EQL to KQL since message is match_only_text. Use
unified_log.subsystem keyword field for efficient filtering. Update
index pattern and event.dataset to match actual integration naming.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../defense_evasion_xprotect_malware_scan_match.toml  | 11 ++++++-----
 ...in_item_persistence_execution_via_loginwindow.toml | 11 ++++++-----
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index d8efd51a500..f767eccd10b 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -22,8 +22,8 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unified_logs.log-*"]
-language = "eql"
+index = ["logs-unifiedlogs.unifiedlogs-*"]
+language = "kuery"
 license = "Elastic License v2"
 name = "XProtect Malware Scan Match Detected"
 note = """## Triage and analysis
@@ -70,11 +70,11 @@ tags = [
     "Tactic: Defense Evasion",
 ]
 timestamp_override = "event.ingested"
-type = "eql"
+type = "query"
 
 query = '''
-any where event.dataset == "unified_logs.log" and host.os.type == "macos" and
-  message like "*XProtect*" and message like "*match*"
+event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
+  message: "match"
 '''
 
 [[rule.threat]]
@@ -94,6 +94,7 @@ field_names = [
     "host.name",
     "host.id",
     "message",
+    "unified_log.subsystem",
     "event.dataset",
     "process.name",
     "process.executable",
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index 8e0846a72ef..360da9fc28a 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -22,8 +22,8 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unified_logs.log-*"]
-language = "eql"
+index = ["logs-unifiedlogs.unifiedlogs-*"]
+language = "kuery"
 license = "Elastic License v2"
 name = "Login Item Persistence Execution via Unified Logs"
 note = """## Triage and analysis
@@ -71,11 +71,11 @@ tags = [
     "Rule Type: BBR",
 ]
 timestamp_override = "event.ingested"
-type = "eql"
+type = "query"
 
 query = '''
-any where event.dataset == "unified_logs.log" and host.os.type == "macos" and
-  message like "*performAutolaunch*"
+event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
+  message: "performAutolaunch"
 '''
 
 [[rule.threat]]
@@ -99,6 +99,7 @@ field_names = [
     "host.name",
     "host.id",
     "message",
+    "unified_log.subsystem",
     "event.dataset",
     "process.name",
     "process.executable",

From 562ec3f879cd3c8e1b3324d4ec60642043035dd3 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 14:33:58 -0500
Subject: [PATCH 03/13] Fix event.dataset to match pipeline output:
 unifiedlogs.log

The ingest pipeline normalizes event.dataset to "unifiedlogs.log"
regardless of the data stream name. Update all rules and index
patterns accordingly.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../defense_evasion_xprotect_malware_scan_match.toml          | 4 ++--
 ...ence_login_item_persistence_execution_via_loginwindow.toml | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index f767eccd10b..f91433e3be6 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -22,7 +22,7 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unifiedlogs.unifiedlogs-*"]
+index = ["logs-unifiedlogs.log-*"]
 language = "kuery"
 license = "Elastic License v2"
 name = "XProtect Malware Scan Match Detected"
@@ -73,7 +73,7 @@ timestamp_override = "event.ingested"
 type = "query"
 
 query = '''
-event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
+event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
   message: "match"
 '''
 
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index 360da9fc28a..88c3c7f10e8 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -22,7 +22,7 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unifiedlogs.unifiedlogs-*"]
+index = ["logs-unifiedlogs.log-*"]
 language = "kuery"
 license = "Elastic License v2"
 name = "Login Item Persistence Execution via Unified Logs"
@@ -74,7 +74,7 @@ timestamp_override = "event.ingested"
 type = "query"
 
 query = '''
-event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
+event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
   message: "performAutolaunch"
 '''
 

From 4eb2b803a3339a817af1fed32ae4c4aa98f69490 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 16:31:36 -0500
Subject: [PATCH 04/13] Add unifiedlogs integration schema and fix data stream
 references

- Pull unifiedlogs integration manifest and schema via CLI
- Fix integration tag: unified_logs -> unifiedlogs (matches EPR package)
- Fix index pattern: logs-unifiedlogs.log-* -> logs-unifiedlogs.unifiedlogs-*
- Fix event.dataset: unifiedlogs.log -> unifiedlogs.unifiedlogs
- All rules pass local validation with updated schemas

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../etc/integration-manifests.json.gz         | Bin 27004 -> 27103 bytes
 .../etc/integration-schemas.json.gz           | Bin 7974839 -> 7975251 bytes
 ...e_evasion_xprotect_malware_scan_match.toml |   6 +++---
 ...persistence_execution_via_loginwindow.toml |   6 +++---
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/detection_rules/etc/integration-manifests.json.gz b/detection_rules/etc/integration-manifests.json.gz
index 7e812ab2871df31e03c1e06e490bfc054c29fdcb..82f2815fda0e4f16bbdf2f8da33030ec7e5b08d8 100644
GIT binary patch
delta 131
zcmV-}0DS-a(gEMo0S6z82ng-4!LbKuX>hb3dpjAw8`qc1Ma$d6(&jt%(xlCP-Hc}Q
zdPAM-(Z!#C8mu3=`uAN`+9=27&+)P9)#_}LiQK#Yc|2*p==`jG>bvRe`l)(>FT&|7
l%K_yuIyo$5IUJoFE@e49og6+<IsW<2{~!DNSQSIe5C9SkNOAxG

delta 32
qcmV+*0N?-L(*gX_0S6z82nZ#Yxv>XmX$}1IpZ`Cj)6dXx#1H`Wb`Ny`

diff --git a/detection_rules/etc/integration-schemas.json.gz b/detection_rules/etc/integration-schemas.json.gz
index 19403ba053311ed05946cc4b20f218479a332891..80df6526022a4a774c41747d14e3c70f33ec9e04 100644
GIT binary patch
delta 13072
zcmcJ#cRZE<|399>B{NxN79p}_?<7e?8QElI?{Qg2<4Pzpud-Ljv3Is4n~;^2Eu&-a
z@jWNit9rfOzuV`Z-#^!5JRi^d^D&;|I@j}*j832E9-lq|Fa+Y^p>k^<01$u$0mmWW
z1O#A101gD;LI7Hc2LUG`03QMfAb=18h#-I%0!Sd>6a<h$z-b5|g8*^}pnw2M2%v(1
zGZ1hV0;nN?1_EdyfDQuaA%Fn_&OyL=2w;Q&CJ49y0n8A<0s*WLa1jF7Ab=eLE<peX
z1aLwC7X)xa01pK4LI58G@I%052oQh(K?o3n0AUCafdEkm5Q6}52#|mPNeGaF0BH!2
zfq*LzAPWIkAwUiSu0eo21YCyz1qiqS0g4cC69SYVKp6sVL4XPbs6xPP2)F|QY7n3f
z0U8jX2?2K@Knnu2AwUNLbRj?w0`wuk00Imlzz72FL4Yv?m_UFj1eig9IRxB?01F7P
zga9iDu!aB|2(X0!I|#6c00#(gga9W9aE1UE2yle}HwbVq0zl4tlJNBVB5tLL(KN<@
zC1&oKXXPvcv)`!IK83%Kam^sX#h000_D@HR=$!7?Ew(l6>OW9AfK3#q8Q*Jr&}UJ>
z3HLy9IO`q=;Nw1*G5+|{sp};T9Cr_-#3=C)Gh-{`geE5jqy=9PnK%)fgk4ZrjabaS
z$x0%BY3an?F)84Se3bZiu7(6n){aS8fHrJuCdiM$<TI0UZ2?OkZYD6z;)#05I<M(Q
zWadQ4`7{|z_4<;1!4}3+9`?QCu(-Tb!*M9EqSk`oJ}}nfL`jh&785AbaV#IeCB`5T
z_M%J{4J=~<vf*>85PT~0N@wOd39FibXJKv=@Fc8)e&Ckbr@PE6!{<#vDvW{xXMQCy
zQVb?F0a-CJ4o+5}pSBR3XAE9|YmC8@fXjf&eBkn<Um5_>J0;6G0mxv+I9|ksXX%op
zh6?m`>F*QwdK0QZBE69zoOM^r$&|rGc34H|6A^}#R5B}3w0}!VT}d@F-Ib&vh@Smi
z?A;rASq%Ak<F-NT0*6($$vwrv1N%1cG_#z76fd)laXhSeCwfx_5hX(K!bZ4Oy7&dB
z3BkarD@XK7@r+Ed!LT15oL~xa0h}hg8jTz1nwWw-KLoMg1rm776dlu&DM*a7vG`(9
z;P*ycc-a&r$Dz!(G0lcm%s^U1gVTVNlGF!N2Q6Jnxc>i4Bv|1}-mx>0kg1W@-Hp)P
zh23*mGrq|v$YaAOGX1>eR@Iv^tL5r~M<OSz4QLv%#8Eg)g?bP72o0xKd|T!_LtE~h
z=V@U5z)!1!8;)hVCVf^<0S6E3N(B>M=dm*Z1zv&8TILTW3r;4B=bf}Z9$mwd`-Auw
zz{_UfIqWCKy02ggb5IPseZZ{*Rx<~A0fNfv1&t>paH2U#2FII&6u4B)yj7(PaIHCb
zKJq>Y;5-YQI`a+wW)3pK9p-3x;<m^K&VTGr2!DWJ>H8oj78PuJAEY&*Yp7w*#m_vB
zbjQ(9ZIN{#q&?A4!)s4Sn|z{S>xuD~Gs3t*4}K%p_!}<nWcCyaXZ3~Rrk|Me6-^-i
zi%f8&8&d?$DXfwXWBGZ}>DIzn7U<=5$^rzA9?}*dF19tTBN4oOA7nXck4L)_;?OAM
z_Fcroh<Of;Zg8#zcpm;{0pj7l2!1Ym;0uphfal<93-Bb)cE9lCt$z%F7r{ZYSKrkA
zH4qC1s@9>Ai1xT&&3UwdAu~1SZRi%;$IFOasd6uu<Qo#g%9bDvq7~=e%fZ?RRXsz(
zGbcXy^1|50qMZ?&a<-xiR`gYBO({S>s7|PsnfW$#pWZ@MTmJ<<#RR*vXnpX9Br`ep
zLl$?kk;g)n=j}YWqI>%$7++t@jFNsc^7OX1AbF44hXpRn3?oa8VpKt%hkv%spt;R(
zenEx}_c}#Od;YW|GorX~k)$t%FtN_fk2p}V&5t#7#enHn(cb2`RIfzuf$VbMf!2}<
zjdO+Wvw;e~o$gkx>-XzUPBUtK-Kd*-eMg!?1xF1_U3#5XT0kMx?Axb^(&@4L=-E3E
z*pMI1T-WAOy#&RXB&YRyOWLWdQPm|K(`#j^TQNCP>E3Te(uPRu-dIegnwi^Na?~=r
z>ok_+IyfhU9Gx?&h<GzPH<eQ0T~xSb;el7F*qu6IA^D8r)^i%QnUrEOU6X=!fv;6G
zTyR)>4y!?Lj6NfQkd%_1tFGR~xg{rtQLa?{Pd2x8-z{v@u?c|(*>0f36s3zMc67<y
z>eMBnS+@@tg_;m`sOI4Xl#xqY>1b-6;s|GSW{!=U&%_RG?dCv|aBp*v-5L7m#e0FD
z7Xt!k>Q>(EBu;haE3He+?*zC8#Bm`^(*ouSYu6g>I?U=M4dSh%I15ZfbO=efDxCYx
zko>5X5hYpwUer>YU-0GV$D4_puKPaj8BFG)_@=VPq;7~@Er+FN-IA!07D0*8$|ZH8
znS@-2xOEYNsa0oQG0VF8^uZk2yxfi)*|=K){2T1A*2EpCXo9-x`O3NRpA~kPeH~r3
zU*XDlH-cF9;oI$5{iJQ(i}K|xp4H2wpi$SPXfBz0%KCPs?2sXgIzP1q@YCTeSjil*
zOOET&>o<`udRgdJ;~AaB*)$%$;q^f)lP;BO(C={A`)f)=*GNuEzgbATW=l$k1N|7$
zb1P(^g<i>4#0b&6#bUH}7E5*koM?ky^U^jTJMQR+B}GgFJZ1w5U=&n1-k!+yNcf`-
zcnu@tiF+F(*FEg(ElrE^wY9P`H8d_E*Y&isvgD08<t{XyHaVG(t@V&YCi0x(3+5wn
z;MVy@K{}oyIx;xX7G%SYF!F4J$814a*w7ArV3iOK(!dXFL1o-XqjJ;!5jeyN6ow6*
zKnl{c#e{=YbsLuUa(S=&Z(Fk!!#;K(D`G!AV6nG_>$>4V?!sR4U~hrjK>4yC!Y7dP
zItmq7vSBXjrJHS8bwVr7Pa<==z9@FD-ds$#iDDYx33~f3euP3fExEp1T)gt~-aR)D
z-i3RvyyY+TTDi=q3IYe}7sgu(0uk+L64h>c-jk<kZiQ|r(%PNpG9ZKfTi%<F^TFNr
z;0>IWxAjvraHl<Zhp42~OHr4F>!=;0Qox&`fO7!N_of(0?Dkam`>A1u<*_X`+J^)8
z&s6aTF4*?yof{nKSd}#;aNMDPl4$&uO^qzizyGQ=qaf*S*wcP>GKV4VTh0@bQlbK4
zv&#~Up=3?|lUE%Xw^bRpiC|Sn^s9)EBPfFnU-wajmmNSF_@e_TjI+|g5^4ZDID$%W
zf+Gk3du0BTLb#!Dt0TxPArc%T-_A4>g3t|)Sy0+YHR#Uy+P5|z*q4Jy&b}$h!VnhR
z)G#@r2?sZoPwK63ftw~^2{K?8_eqvQ8{Fvx-UM`>EEXGi*8Nk!6X*iMV@{wryo9b9
z4!VRsM(_hC@H(c3c-UxrO-y;YNEhV=tV{G=v5v3$na*gA6vx4X&L9Ke`MAPUtdtQR
zbp~&oW=4g&NxiPnxzel9<s<Wjh+`BUa{+JTs79iw3g8eo@Ft#C6~|~`fma)h<p%P=
z39jHd9PYN2N+WpL4U~ZmT|p9TDzk0$G;#$M;TjhZ2X~a9z^gj<dvAj8z4N`QiL>v*
zGOp-Jo#29gAwtP%RgM0pz(Lh(RrSHDuAm^sfEsr*iDMLH1}D0J{H&wh9HUwP-_y+#
zJ>B3ccaR2mi%>bQsTMW>K~Y#51j%ui&0PZydEgLqBWwqP?C_F1NPu(jNqIT`yA{7k
zeayJqBzanQ=ePxZoIbTro>=7>N<M;DQ0o=5^93)o8aYfTSEjTYrDnS0M$3c0a2mj4
z9-t)5<AHvAS$S27o|af1AT|8L0~En7DDi56J3K%Y0BkYeh^$_Mmpwo(j4cyl<!!~(
z72Sh~{X28beUFf}>f6<!J;FMXhx3ohLnV5;@GSA{MiRWr$9p>u>c;$>N%ft!R92Lz
zK>Hwz&#B@UR~`{yDMeomN=Tiu+Kb-ozpys%eQ-sXZ^j~izwZjv``n|lq@Hqhz`ASA
z|FU>t@AIf){nZhpMNX`BMH;DkM5F0a7GPXm$W0<&O~p-8Qu*A)*~G1WOr%tJ*#xY*
z5o=Z!XVzR|HNi+6Hgy1KNJ#3xE((UIRQ7DA65lo<S_9_qP7%>A(_m=}=@2}rt7A{}
z={{b?m8#I@#!;md{8|9GH$1-b*=o}G&FJ*D+@|~OPEYfw$eikSbu9Z<gqX%|M2=Qf
zS&Mw2wSESp{C?#k-P#VJYw-~6CLm?AY_rQ{w-ZC7zu-*yd8#)@uP9?e%hNOLc7e72
zZPi!B)x*v#l6N&Xt+Y9HN4wOAvck-}$3>Nl?25VV+^ORGE=$(Us0VT!B1@kdP#1J`
zFnSWQE)#b!UDhBeLI$Av5R>M0gKxJ_A?bNgYtQ>fQ<v4haodVMu$}K;#_4HFDr|i+
z)s(qyXU9338|kpKN4HR@*S(utl)1WkQ7S}TD~O_Xe3>^kD6G9>`Yj#7OsEn;6vb%2
zi;(tpiC_zhX;+_XS-axkt+AoY7X7l|afW9;7rOmYnToVG_+MqtZ6YW{Jjv_(I(kf^
zxO#=+*x!{=8j0Br8j{cXP1|)G?ATLUZQVd+XOC3Q8D@xl*$|vvR{QXkZx8$NMAAeY
zY~_45>NP`w!#wWSic@agOP}gG?AO5{b7Z-~=Rz;ua!-+SgMDs3Ox@KpVOqsQL#A}p
zALZuxGiH_7%aRRh_oomDKlSBHzJ5r=g>C!rDFtCm1aV)7E$Yd@)-}C8v&DFo4IUyp
zSuhg6+M)YG1=+;L{x|EjO>rG(cRN?Xx!qP#x;S;CkBg6DFL+D#DXfrZ?Aw22tuJxd
z&$5u>U9jmLlSA2skf7d)*xo&Gns4B1N<|bMLIc-=gey*bwRb_JZB|ONCGrGN@pvkh
z_l65ZySNh!TDC^@NLaN+Ret&uQ;wwiYOJmEd4YSFJ%Ew=W*eoH7;SfK6-$xC<hOhk
zPZM?T5Qvr9BQDcpo`$4vPBP@1)MLF{$mm1O`;_38gk5z_r_Jv4B|6UCi^_vx3%tmY
z<fMq}a6RZ1nd67Jb-7wSZ+IWSV_IONXH3kcw9TuuHwtN0$_>*D3by)1Ohix|x>moG
zAU11Z7}FcB!hON8%s98P>r}?l%ZftHczs4l#VTI`blR@8kt?6-_A@#N=k8_-8i12s
zqV_l0>F8I__vz<b4rI?OOc<7b(@fY|_&P~PyLpx}t1gcu`dbkzbHb&XApsts70U@u
zM1W+++1|nD5g-MAJJEFZFz>(g3_ie1rv}>Z9cun2X?Q2#a|n=}RZQ$<xkH1lalw;!
ziS`$1@i#xukT()JJ{meF^ph+OQBcA5zUVFMGr0Yk6Hf32>EIk+koe@2oG~kjt*F{i
z_=PXXiQ5~SGyKKsI}h}R<aqNkoQ8RQK^9oW7X+|HSBr9BLtl^*_{_Xg^kJ1A{({Ct
z&}_LTE-lh*;Z{Ac`!aa;i;mU=VV&lxq~~4E4B|1#=%6~g7yNCtugo4XY>Z4k5psC(
zcr-r^k>mn)o6#_m9}bDx476s6E+$PU%oW<$P;^?%M_qbJ7w<wgIbRrPsVY1F(Slp7
z=e-9!Pco(MI-q-LeRPzRVUrgD3TSN%Aue)`6j&_3&7=$*2X?nt-2A(C7S69J_7ufW
zxaI9GO?%up9KK3v!!_kRtR)d`G0c9*tHa^fVB^^eCidH+PP^o2YUxWfWdQm1J_ecB
zIwU5{<k!vHQtxPYE12&F@;#HHC!SeKe3H!OYB96DTztYEVYKhyk=yd2ZrRYq?_6@W
zSG6XxPKei|u!oLRDSqpKl^R@-)FZzooP(I%CWU1lf@~)xv*gxd<=!*igHJsKFT&Ih
zK?){sjllcWmuQ~(2uRWU6dv55?~1x(=4Eqd(StU^VtBQH&ZP}reh7-ehYvwK9EPr-
zG9y^#5y%g}cm$H*rIXy3-#@Pv45J=`68QB&_vF1*#BSu%!;23=DZKiiotLiRCK7PS
zBarE&%U4&m%&m*`3Gk`MARW$*QdAEoy!;4#a``?6=`jx??5N8~ZrI^5$cYip02$qx
zwz!&);0KREs*|G0W<{(rHdI7#`(yO4y)TbJe8fmv7x`$Ce_TcWu9~y)*e3HQ>tu)Y
z;C!!{+t;#{7VojDA-ue`oIU$`NOZHX3wG@%SCN!gZ&8(3$94jJeZBX@vdg8ZVMCwR
zmDz5j{$}mUT>N2k>M~%4oVu@3kkeL_F#9MZ_`a)VMdMNoGRjZj9ktQ(+-rB4GD+(|
z4+Qbd0K(n;WBb^nqLF3|iMM(qW^XK4a-+nJq5h9bYZk_H!J&~>;~~g<kH(X%rr26T
zO^1`XIx?omHS}I<AMA2446z0eOujMZt?*ezund^g2_C#s3cjdor8pMFhle9utHMK0
z_!kjd#rCx#J9hIJ4>eW|_Av}s<Cv$*LDf=^Cf^&dYGAA<Ai3Z-vQ7Wp_uk`@4)LY8
zhFE`yd_TJx{s^TP&+7dV5D%sa?u0-xCY4;F_+$1GrN6AdxBVCeO$3exIfL~Deh~<g
za}2Tm7#jN+8t?IsOrgER`eIFXjJid70!y;h-FL&0O8Nwx_Y}Qq#ZXJWm%2~fB;k>$
zSv!VdY92Tk(w+f6pvfQlUk2Zq6|!yry{kTqQX%n;w<cMCh<ryNTt*(!Te++DTU3WT
zFFE9;o)mnYv?v|3`+CvtqIW-wHCge=!N)f51bJN$HJ`BV02w75oQlnlq};W-@#ctS
z_z8kuX{i`o?7Ms{gwi5}(g3w=I5=d-)uD9b7(wlo+*2Ibe-N(;g_A<K%xA(4RUXQm
z#4yM7Wcxk}I1{1CANpSg-x+i<)c&J5CPyf`?-H<oOCq5-&r(gzBLX^WLz7yoi1K69
zzPJfk_x~cFwfuk~csLMzc-#Q}rNSTd!QNc*MQ@kSK$ZJv=xct>+}@{SSWkd6^oH)f
zV_1KI93i8;-D`?|GkOBl)bQ{S5}v55;mQ3&{{!U+?%1Y3Y#0QRi=REhegYgVmG7b4
z!;JRB?myl4q^Do9u{VWv0zn^~I6uHk2)_Old~p1L2Sa_ZQFSM>VI_YMfe8!!^T!`l
zL5%pg|KF<ZT=Nl2_P1i!VT#Q}5Ofw(Y<Z7FIc=}thDSDX)o+P~NU<oc;;71~o%(|;
zJ!fUy6Dj2*t-Xp(Mtbuq51Jvweny@AA)VI}O$1@-=O85xrs-%!XrNcb4?FB1lg=nQ
zSLvwd4~YLBX`F>oH~Og|<3oQu7RHxo=J>Ves>Ywr2%t$c+!=)aqSx^p^NH*kNTv46
z=KHk9jL^?=)ayrgU;Lzp>F3y={z2Rw$VhGfbmeCtAJUaz$>-pi<7A|8!V{3{&d+!s
zpqI@NzBSpe$S{obzq56UqN3CvujEfhe#T(@32qNUf9FF7fusIwTl!;{GWi*N&95Pg
z{eOn~J+Op-2lW(R|I^jSgS9<hV2&X03}VNIh4HeNM%`|Y313Xdim8k0H5>;^oV?W_
zdM)LJZ^^~fixqwcqld$b!P&N!u1?Nx?i5sOdU`jI%LtUu8MJ?@DrIU(j@pmCeW_<*
zr3XKaYgei)U@m|4PH;+C{2kOiD>o8WO?`oKu`)uWr$^c+6PI1_O6kE};h;CYjOC|=
zvz-GMW+zvNmgV$J<k`jfbKoz*;Mps#V&$>J?Y8D61%m^N3$8yzq1EQrOZ+*K-L01d
zPtiOjdXIbWMBambY3p<RP0lCHLSHGkg8WUE)R&W+YvA0M=nYirU3$J%a`Q8G{*2ai
zzP}j4GC_>ikx?Wh=DP9)R?G(lcJaTAe(&}_y!r`k{KJ{=zL}`KQZ+?fi#V%phT#mk
zUJ^_{eES!%wN@J_QZ@Z$^#_BiM}zKr_BZDyuTsSQFKe{rzf*P*lR^v%+JkEmN2&Ue
zIliA>f6ok@_Yx#S)avqV8mbNSd}+?)D`;+I=SQ~w#nffDp|#Iq8<kC1^T`JM7p}S{
z;iClDD;zxHBj1JYEG}s~txpqvqte>SX}S|DSE#SyLwo49{NiQ-A|pCC1F;jl!%(=x
zDO9a~DEX~OtA#%^_OMX@<AR0+_h-cY+YV|K`jG<Ss|_5qWQSV16!cRz$ga-d&}9LR
z81DQAljX~VVlh1i6+zs#nJ1H?oec)|EEaNX*n82uPPt~4O}0Y`rPHu$_xwI`pn){H
zxF6qzhGEm%lk>pJMU$GqLXuWVV>>@v^J|`WN!`U_zZs`*ogHJQB&_0r1Bk81tSZ(+
zt9G0EBNIrs{s2KXJQte2;y@RgPsJ-PG?%NRa4%UDBn>I;Pqa9!KF|{%DGO$(C%L_9
zo5B3tV0C<^iq=Xn{l=?)?!lI*C1tM2BILMJqaX=)zMr47DrH_<hli)pYG<j|=N<j5
zJ^@7byt>?gUc`+aZn<Sengaw|6F?W|vi~7gU!i-NuF5>iQ^ayrne`ybCb)kxU1%=6
zB(0+<-HfVXZ}<fMNO74n0%)=niEgJiM|yGk5~U#<$}_G6eHyLY6dcU(4|Z4Rv2FQm
zvh2LJp(RNep&ljizOc-;{O;%=>D;<0-;R}pV#%JI<c=0+*GHV#jSq;5g?s&P3}&m!
zgJx=AiJl?<?ox$@vJ%@mWoV}MLqnzN6oOc&*kNIF&M+{!-KmmtQ@o_@os@~U{#xq8
zreN#4qNt_P%?w*R*2T%j<T+EJw5muZq4|M@wZS_bCpgP;Y>8Axy(^pft*in(7N%!s
zoZdZY_{7dV7_XL7v5<<$dT!ZYn3afrppe<NXU=BZA=&jkjYde|z{1k;-L0258*)m@
zEw=hBJgn;n9cIi2W{g)}5O?erwn#YyNo?*j3M>lji_xiXUR~dwvKyKTzHqp#eG9cd
zQWd4M7W7#&Za>V`hJo5mjk+*rlR9vCU0m2hv$pb<>GoW9X*?%t`<`lbpJ%B{2@B6&
zK2=25YT5;Md9|Q)T2+xG$E#CMn@J;>juhPya85XS1AW~WolQP}4*H7MO`6Jdvte=0
zR@1G#Y_MlI`<tsv39?*I?`04VossA}=f`N92cBd4rBvUb-^k{$-`B#4FTvC$PMo&#
zLqVl<4r1f3?-!pAl9n(XDV%jM>H|hZNOhyZB=-u{b|Aa>cPrQ|0%V3gB0y5ig9st%
zGNkO#I`t65Ud5Z{ebbb}5*BsSlJ74D(@5IN^irND*pObRxIAz8`J%10n{heK;BY_J
zk-AnK15#6I&pkx2`R+Gz>E#R)&g#%_2uG$E#TllTz%V5m+3%O5dvXU!__tuyNc4rP
zRwUZbpASMr+$e49oyGLB4CaBEO4i+qh4U!z!t|p!2Coq>!BMTZ2T~G({azAccAbkn
zt-$bTa2WCX3f1)aT$jEHVX1}(G1Vg>F$8Z;-!`>;^~N+c@|CvPzZjO38`mRVu%B1I
zl0gXaOxC^tWa)n}EEwfuwUcN7<`n!tYI0N|OnaOxtP6u@&f?g%q=%}?8KiJ`QGE?u
zliOkRR)tuTZ(M_k(ao?e3{t=<Fi1t!gKAGN%Y6EV<SZ?-jr`}JWyKHNXRA%%a|s~%
z6%INr(R^o<ucc>)+h%RAx$&1pcMd=MX67uE+|m{Dnn_VUG6-Yy*D-N)c2L3LPMq+A
z7?6r$R{M5P3hiG97n~T4{?)k@1>(cLF(8>igFSOy1feFMZqvUQh1)^VF!R*)W{2NA
zC_i!v4o_Bm5zfRWf1CKfjx4U1o*z<T(3g8K?@RP;xotF9g?%>6u?jx_3N7x%f{3ex
znxWwn)20d{p^igG!To^#9xwCM?CA^Wp+mw?{QE$}L>ec+HiP^J9p_b;V>UC)`wIO!
zq!0sE0Ua;HS8eQ>|L>X5`~Nc&D0nOiq@sL~jY;SE@9z+pO9}L;o&GKiHi|`mM#zoE
zT(L)i*n0n6jqmljFjWd_VX7*W{Cl>(&khBVGHgsXFHHIV{RVL~HO!Tow`E~fOhK4p
zK_BHc8NW;QqSucmTVt2Q9~;szW{-mZnQZyaU;f^csJ?k`YKbliZ#_y~++%|e;?cn2
z31Ah@h|K5qB6t}sQ`Fd4h;_Nn9<7Cts_W>bk+B4ykH`E)A_3&on}DAg@cA@tG5^IV
zd=4t4!*oqqEY<t&%kTT8;$TQI6K36DZ2q<P5NzHUe7jW`i@s+<yFlqXh(Y=Ib3tO9
zP#aT#YZK7-Wv3EA5|}sveZT$B`n&#f;Om3`m6Cr3?sEN)ltdIeby|oSpg*@<`aca%
zBo2;Rh=CoYv0fkf=~?X#PA_Ka9>&wtSdT=s>o^n4H+|pJ#ywW91;4559edePUZt5s
zPZ(aU&!@r#<0XOm2#QYWdMIY;#H;5%%wbJD<liiorJ4zZ`#M5o!Ujy=yT8wQU-21=
z`=BVg8CJ(4;`1g=SMQT-h<2X4^*)$|I7yt{H#tVA5h+5aF(ko>Gze`Q9r3Xj_q>^J
zQP)fI)tZMrs;n{5Dc6>=In2VLr?7k6v8;`!#k{W5ddLOzLrB=oE#1@FI;`8~*b8r<
z)G!~*?l7z@n>uN2KrnEy*<kW1SA8qzGiP8!fMmiqCXT9_d4}=XI?w1{gRSj6-FBh3
z*B;H9J{@n2d7RUfLd8#FdIdCYtbI@lo?F3>W6*AmEa<d8B(bH}=L)r`0wLb_@si}D
zK{8q`!>r5vUl0f5jrAon%!&51d39}bsS=bhA<br<%U$t9<8Ivf>p5k9bqLe3l0(xG
zb!$~SD@Io~`&GMomyWPwauZGV`(J8niw-ttPulL^?S5<HsnBg<W3D%GmNP#eL=?^B
zWeK#U<<>##2#4J;ox|=ik@<Rwr&+<VZv-tH#x%WF8xbS8A@i+?oX-$J^(SzAIS#fp
z1<wYD!iby?lFXeAf>LF>hjGC^DX~RqGXeK=-#o=VyyW8|na}r@gkfg#3(YAVk$5-l
zHH4@{U9NpNhgjD9+GId$2?CYN<6%#qN!?LUDan(c9;Ki$jFg<)dm`oRF)$#GDzmL>
z{M^^ZGJ!Y@7!o+6^{S!W+7DUgb+JBpd{j>|yirRsKSTK7&@C;P`$`fM@=AdL?M`wU
zz2YIK0ewn@K1p^Fy*5dfU$5+Z;`&FA`x1pm;)GBkeXie#EGlvHqvx!|8odWe<&n5W
zR|$Okm-Ztb+R8^B<&X?_q<~b|iJPT8aAyig&gT(4`q9&?^E*g<+2+OI{<Mm%9Qzw_
zHrJ502PwT*t&#*fqwXsevS^cKHKDAOvSG#7AT<^ZZ1x(wVCAwmBWK5#Rb|jIn8^V8
z*N%waR%;jQ@Jg$G8~r?<I9Q7F1?6>u6r8T(77q%gwG-S%k9&6?@#p?(>gYc1-S<D6
z_7maS*C07iC>@`MvvUWoehpF~?hu$fE&Lt-C+5yo&KE{K+CRk~qhrL`f<kE_abda_
z#ItuA)_*1RD8GBzy%RUS=QM$PHt=`g1hjX0R+tcuFxL`w5>{@ECRgWZGi8PJUbjjS
z=%TJHyjCL06dTh1^kph@XJ`W7uhMPNW%<?K|0VuaN!(BiI3x`uXDBG4H^9^UPqV$O
z22EHp4Wz<F%r7g=C&Ejq=nIDSQ4g;^I5-WY#9l3-N5C)8C<v0QhHaf-ssAx^GPC46
zJs<bI8Zk#i=rybxhE>EpyVj$#J*E@lV<R0(qVKb64BflSqa%Kydm&zFc;N1=&s=+A
zU6qfy({hx+L3@ClM?4oLFg56*lwOerevYxK(kCMxnPNxyu)0##$0IE6_*JkS$`>>=
zp#Ko{fmm7GhVDwo!y?6#)ca2=#d|lV=Cro;?8iKMlh!_Y<P~#evaJRn7@kZQ3p1oi
z6}UH)6s2!>E>`OoFe11ttf&h2o|kbS_C{?zT<4xk*dgMq2F9W(dd)WnYBlfKE$@W$
za*%|?lH7M2-e;tZNQ4m2yyrX>Q30vvGYJ`V{8-Dt<@zp@P-bv`s;sibQBG-@Nr`3Z
z>vWwa$$B-ZT)cr(j2(T32uU`>^NQhUl1vW-fCQJvuXKt9(6P<Sbx6?{`F%QgH#t+6
zJG9J>%J-U=XJgn?%&TAccKAAZYPxG<U9>_*;Z2I#ZFaVZ@EeF5%&$Xlqh;~@lnRFk
z4ELkur~$N80JHv7VJzY_ZXX}L@w4xb9?fAlnsvVD{0GEIuS=N0ez(8H&Q@J|;|=0(
zZ1JKL=l^iyp2F7++8?g|a&St4c}nv?2GmyAR{Glubc97IlSe`S<_Cfe<4F09zrsda
zXQk}P{wD}_)nB1RgtJD3Bg+297}(OyD4G9KArjT9F){AVDf!{EANnfc!rK;>dXd@q
zfy>Xco0}0*+FpSZp0Bvgr0P10o=V=0rQTq`_fy`|@Z+AV<)ZOfG2706Bd#G*eg^5N
zA%cuiZ)Z1;C}`H2%0!E9=`lGuy3QJ+mtrH@Z<xO>=+gR{`CTjzZ}0m<@uU5%&exm$
zD*xCces&nVF%vEGzHfH5Xh1Am>Wijn+68=+t+1KfXyYTtG_%eT3*-*(MMP>K!&mWL
zRvTf5Y|UWJz?shpplJ@P>YW4ut~itKNd7GjFXq6s&fJ#lYMQ{pi{hbEeBLqKtEo^y
z58uI^s*>Do9sPpRy1{BKZJj5VGpiBt5ViT4k&ya3d7Z=7f(l_4gVzEl$9QA8$`4-+
zh@V6xH|)3%bmhvWSlZp)-+NfjX>g(X$^L<K9(t~aqR+r!3G`hqo`uvbwI%y{LqnES
zG0m$L2KulN(bopCj#<j8Y3X-9vCWaY1c=JTIwra_KS$G~pXzYL#9VkWd-C>$)$BP)
zXZ@jvOl5+;3U@lyCxSVs*JDik9}x%LnwY1*HNNwwRiwul^7n2y>sJ&jmz4hM_*#D}
z`zJ64Nv2Z8fScS8ao=@Qcn>AVr%X9z<gqReFn+?Z=s)=K#k=iM{yd!2eZGI{ZV-aN
zqgTG5e4Gc*Pf2+415$O7%tN0luHU^lU1wwEBw;UV`&`rNf>BhEU(3J<e*gzPq`7=b
z`K!eUxY#|0a<X1FiA<YHEM7IMr!qrdPjAt#-s77pts~Py*quI$ORZCRy+O<6;eD`u
z>>LAU{`Sh!AiY7w*%eXUTbJ9)t<__Wi&j2Tul)Fxh%I<TS*)^yGO;F#%I(!m%lH|K
zL*H+#1qQ<#64B&}nyZzL%=v{af%tac?!Vf<Ik+jPuv3-l7}!&Bx6@|dI{fC7L5A&}
z3-pq4#PK_0(|U-J4*TP0HNw<amF@aBb{acwwNTcdweH{S2&Zw`)d_B@yR4J#>KV{j
zwvNa-yt?ZnG|y!IrEzZCI`sLwvzZ-lIAY$wV?x|?B@F(7&Y=e!_|GHtxVjp0J4WQ+
zGwz8_jR}bpsrv}~Ul^Oo+t1Xnai;Rw59&`!Hx;F$=n;%YNbx*7RO_{+R6dxBR>@w-
zmlIX`#u6(T;s|bPs)*ewaSi;qb3oC~SbunSV^lPp)@VO{rUkVTf$Y^F(wXV0P92W-
z+KwvsUd|vY%Oa9PS*p^?RaT{fTNJv53`0HO>(On`N~JV&RZcxkY&zG<o0KhFQZnjn
zBUN=uC~ym5EgK!K{Ejq^q@`(ov!H&WS8F4oY%kt1%+x{VnuvjByJnV^D0emq$2+^d
zTL0A4k}SIG`VyzMca`dD=UIW*f%VqBcscwegH*v1EG?bEW7eW4XJ*$>Q!UZzagUJv
zbGDBd%3IYXPK$=sP5Bu=&p^aUrhv|e2-EH@mOO6dwVjZ0MW@oV#`501X5+TIP9&86
zY)_rf*EiX|$c&US>y#HvE9y4}><qSZ1nx|U9T3mrxjYuVLYEk%BA?FmiF6Jv%DX(4
zQ@kr3X9Zu&0eP`(VfP%64<UD}G>X!1RXApCwQ}1=CwOnZrCPG1`O>wTp66XH?}BBt
z`N>h>ef^D&+RbuZ9)h$~bwPhyTKY@VALXj(sf6hrf|C}j;)O;!m_|DWXLrH*eesq3
zz0=-O)$UTkUQ*T9Mmut-4t!Wv!L2OB+m#jZowsIf!a9$s?E4i^3kX&%@sva-oz`o9
z1<EB<TwPO^q!v&~Uu&40dvD7}96<?Wq5J2FF>x@eHPoTItD(oSdcEQ!X?YQRq9IHn
z^EStU2p{p=hWffKimXRgML=+m{+{PsSI;Gtw*KMIR=&{_TasWa%Pj$tUfpG)HXYHg
zE=msG3&dU3vTbD?9*EG&HX#DW_`2ytu$X_zYqbOY?~(K~B(4m)EF|DU*OyvNV{g~9
zl-!pLhNo_A^Lbm}y|entmitXMpWH~<qTGB5(nd?wi=}0}vEv;9(m+%HIJ@?P;SwWH
zg{^U_4rE=k%0>`lpRjA3&uPiA*c>fu`LUQ>+H8&Ip6srtUkR{RuD15YJGaEGI8z55
i1|i=`GQ9K8%{V~XDQ)9l5jd1OWSI08zD6Vb6!?FMC^BOJ

delta 12814
zcmc(FcRW@9AAe;WB_y+m6v|#1nUy4DX3uQ0cgH%3qa-8ih>$1=*&{REM9AJ-vNsvm
z{M}3Y)A#rI{rCIBd9COBwcf9@?$P>X45x5#3<sbOBp_fx-ueJAa1aI#!2k{n;KBeN
z4B*26Mo9nzhhg9d3=qP=Q5YbC0b&>+fq`Q%KnerLVSo$<$YFp21}I^G3I?cQ-~<eu
zgaH~DpoM``FhB<b^e}K51{h%A3=Euw0Y(^Lf&pe2I0pmgVSoh&SYdz-2H0VM0|q!@
zfC~n=VSon)cwvAK1}?w=KMV-KfFKMA!N5fr5QYH}7!ZX4F&Ges0SOqm1Ou00;0g>#
z!oXD+kb;40Fdz*B*I_^g24rDC4hC+(fIJK+z<?qQD8Ya-45+}sO&Cyx0W}y<hXD;3
z(1Zak7|@0R9T?Ds0X-PdhXDf^xCH}-Fkl1&#xP(41Ew%w1_S0WU;zV`FmM|NtYE+z
z25ex!76$BKz#ax1V89UuoM6Bi23%mk6$ad3;7&dOau|t+kA29u(L?QyUm&2;N^dVu
zaXMLO(O0B*$hbQ-m;26H`!~9zn-zmBhpiv7SRT1?vRBcZ>QlrGh7Z*420<jqGb4~3
z$uI(eBltm=jhmuxwnVcb@kSseR!IO&4^MqLYJ$^!Ng$NS#Oa6$-^rk!OzRZhxHGgF
z??@JKwq|_jEtmGV0}>e0inC?Xp8rDWF^8mtN__Y@5!-tjKA+%cXD23znwy=}a*A(L
zqM1UrHE|T~k`3Vsy*QY%)HAZ<qqS}IHC26Af2aDj_JG&<ou11aN`!5PNb@i4(S6e6
zqpg9QHUX&-B@>VW-(^Qh?$&YSvI)pSK>5mLOli6&4k0xG&tc7YcpYd-4mU*E1U!Lo
znSh6}N<v(7lKeM_vN6bjG#P_<$U9>YAeb&q?4TL}E+dP^AO&*E7(5Og%D<Gcd|&$`
z$vy37l&|n^$C0+lK3AO&yvsB*&EuJREu8M|jGBY?+nnKA@hSh}MB7(1dqhO8hxO^K
zl+CC-s&>w+fKs42UvJZz-LgR4W%k9}=x*%}{ZAjFT(^h)ml<UrhIt#w_Ed>CA}<T(
z6VVr(j-T#zyys)hphH$enFC|!9#QnQt|%rUMdD3C9^8!3SwSS*6g-8zGX;sU2LNvs
zqjdY1k{)p|1(}frQ}8I>Y%fEv+`m8+h>s~qiPQT@7f~<+X(5vF94N;7QQeoEB6iNe
z|7YSM%jseIo`;>V?tM<y%tgcQwaeOy2c-uIS7uP`%93phUN=#lU!Ze<6Mk2@Kq$_g
z0m7llVqElzclGFlNM{n$c-56#!HSRgE<QVY9;bG~hgU@gkKo{y(z683hp20FJ@40c
zo7@x6J)9((ec1X?>^tVH?<61`Su_Jr<Hi{4Mk5sFpa^blw_7KoY7X)Md}S3g+WsU+
zqB%&0B$#7{#=MrNyoesDGzS@?EHKS`lsig2hs>FSXOKp7j69-y@gx5)JdV)EC&(oW
zkmH~^Vrv1?8k1GOW6e5}ekkn@o_ceQq{C5Koa%Qx_D5;Y`WSnnu*`S)J4uQ&j_~Sm
z)Q<0<k-=#@=yK_l67UysINp|hRC*<O`+>qc1_OW!nYRGX1Me8<Y3}R3N9HU*Ry-5h
zrO*9Xmi^GuDP+(RJdIRXf`{?G8jplZAX%1}d7i_{;sV5IvR`)muSp}vl&7!`Sx(#2
zI^x}b$6!xDdk9NvSnRKBNSEXnrTX^cv(IL*BTBbH8t5pslRx*EyS<?*6*bPsyF9n*
zFIGk~7B7|8$iFYALm{^>OdfRAr@)D1qj_UlA*~&uMwNV}s_1B(0y>GuPLp(?;_!f<
z;IO=1O>BJK%l4I`>#3w^%u25XpQ|PiN##fK^al3aj`ol2-?Yxqe{NN>+O1h=oiWuT
z=Tw!GpI!#(25`)7poq>%PAv2%qLx&acLI_(I%{rb?38VVsD<QjDsAOMl%m~ury8k@
zzn?b8dmQgwlv6K8+q+DXE8(dgRJ%l>B!;JSD(Kp5A4_Br<*)^8YS^7yoiojZT5+jZ
zfaAZ87{qOQ4m_LT@;5ywoFMPt{)yXtF{=}z>rqVU@0I3i;GZ8J&8g2CelImruwtiP
z(T=*q)>_(LCu6>R+Y;UCOz(~q$lIk<ajT2w+bSi57c1C5{;b}aylGpcc_Yj~G223@
z>?-9OC`QFq*WkSD`r8mYs+)K*0xVpHt6RaUv7%7tO?}0DsaA^0)r<{K^lPGxIG)##
z{KJJ3N4`xDO#{BULd%&jw`%4ztKLs`x(R33ITMg-?e;|?lyR<&b#sv(xag^=r#V<C
zDqN6SVV;_4kv1WNX46qqZNYEFsSukc+Vu2VvMjHW4(#?UavNqcj16iK9W9IXKb|o-
zyiG0M;(2`F{y^`_=5T7r(@CKSq6{ghZ@_G{(kXTYT+=U@M9;yQw}k*WD6q6q>(!n5
zv0Pt)ry;H0r)ps@?^6$rRN}LdB$-Asx3|MWv0O_fIqzyVtfRKKsTBrH)w(vh2IS2o
zJmR(MK5v}L8l@}?%y&%McztE1fOdgVLuYL_$wjim6@3dzlhTiC-?VAVEhfAi%RU}H
zM|{UTH<C#!z9qg<XgLxUk>j;KI4O5dENa!8X;ff&#^EjX%EgAWrHL*!UOXHwfeGE8
zvz~O6r?%hzB8(*3fM*dU8_WqkXafTHE3+Bul^`-~0}5cZlz1J5h1!`&lMN`1l>xC1
z!2)eAfGS;Goh>c0z4o?gevbCwi}oInTtMaOJ@(5{r{zMKYL1&6&cW6CE^d?Gv+h0E
z+Qq|zC_90Sh`lX{i>pIZfFM3jpbTQ~1mXc4C|6WgnGwR{1YX4gj^fhz&+;QpPN2fE
zx-2gqYc6~$a-D}9RZ&KA2xJE`L%kudyKGBm!f+|q0>5eu<j0rQ4FpMSed8!NT~fj}
z*pp(to~0?^2`oJ)@X!>G>U4cbm0$xgX+*QtQ;Z#f+%<$^gU2iAP_1?Exm;TU4XJVi
zyQ^l5TzN{O_3Amzs1g$Nw!R6?qRZq~9<y1Co^Ubva);0X9aeNhmzk3cK?EH@ZbaAt
zq`_0<;4~mb4DB(uLs18i4XY%@TS~1OwL;h(KoP7=1&C)9d0s3!ja;?|`LQqp75a0W
zcDoNq>>yZ@o1O&aW)?rl-inv=d0SLMHUD(=ydkx4RQwfw(%1*`ADE5EvLyl@=n0bE
z-(I>ZIJcbCn&nG3c=pW2$4{>-FrEveXAHySQ0V~PK!zMJ7v?RefUlj%q60{al{v5n
zLcCq;GiWBn#}O1mo;iY4_!5t=dz+p{>K#F5vE>@@tEeL#x_YJN(}0QH2LE=9w|s@T
z$M%NcRP9&eB_4FN=M8ah7j$%~+yK*jm|IAc+fB7TL2hgL+h#wv?Fg<QQ7;>k=mfIt
z?d#rFA`7;dK`Jrq(&zg*07tP(dc0mD)GFcLF5}l_^>bTSAc?jh*D;CLh9!$Ra>q3L
zxWWv;PIu&>3rJ5mcW`NLW#}F@KGNq5%93nHEZO2|olBY{JY;tZt&b?XfI?BOAT|DA
zZjNU~G-BwAdAiAR0a<Y4<1m}?*bUR2cdj5Vo`-GJJOy&u6*JTr^I<$OzPh!TUvRwm
zC!?G2FByoB9Nl!WuSAsHKtZgB6L^iaOWPlRmm8MKOpwbi;B`y_1bF7AXm3GmfD6oY
z=4e~d|La)JW5yD>1%fpAU&w^2m;r<s1Z4=v$ekWutV-x+*+C%;Am((ey91uYU%x3*
z1vw%WcR(@j!N)hB%2zKNgbYub4pWItR%L~1)v%jT@)ACQ>#vwG<c2mjUh#H+y1F&s
zg=>cnLl!}h72$RV&*Lf1a2PBi4ep={Za^8PHH+>bC)UD<C!Srn1^+@qilZFJm!-z7
z1X+!8THT|ZuXp*i2gU-YATN83oD}Vomx+cy)2P~M^a=NP32lWopsa}LWwYnbtTpi1
z^r`|<*=`KaY{F|u+X_5kD3C7J&%3PAfIxc8xWjxmNGZ`NNq^qvZPkdifaT^@Z947A
zYc@KWcjmJeqwbEq$Vf1PzVfbr^vyQtLGC9F1|s)M20k(i=ad=k((1<FS$eK%rofk)
z@?>gOyW|0?*=P+XjlM$9EGPt~QrfYlNPNrUU0*w`*-k{eNOMqFQ0K5eYMV6?Y&~Ay
zkdov-ujv^}Cr3m4;bm2OerHW}OX=t3z`4cb=W7jl90p!-(}#vaA-D8Jw!th<@aCg&
zwDF6FwBObQ+?uBOx_TVF`sTOustRXIN@tyH!R%Ho3q+*Cb>;Pk+|@DWNVD$p<d?j9
zP|56#(!w{Boq762#V^uIby8|lMqOfB24?gJmN>;TExr63)5gF>4Un{g*DN7HYUh~3
zm&1)`FQ~5trPa=NLSIuyXLX?mE+m?aUT0kkExjU30(%vn#R|K6UiQj)#hz>E!fUnL
zOH<dGJ}Tg`L(FW`xhihWF6T|xel91yHakp9RMe!kS9vKHw5@*s)};U5*r=dudr*{0
zqon$ix1SncIVDKXvpkJu=J0r>Fyy-!()_J__Id^)7Q|dP<^@SL(3vi-<UPHSi=O&;
zQ%dtTX~9YX(Z@t@i`~_kHzelSQJLRXr#AZ2NM8Em*qZy&DUJ&0_$A!6*JYdov#%hD
zS{pnivwf#M*sJ>4MOPO1bfNgd+|kdBRyyJd{iU>_{nO!tH8b<opV$r3=W~dOCQ6r2
zv^%GG_cvz_%`HI{sMqTh@3z||u2tDTrAo4I6DQJWv>o^FUcZ)VwLGVIz9PZDFi}_z
z9xR$XUrJWkzuDh2F<<Q&zc65J)3)}6=~TRnVd!e5!Zk1P&QB8>uU1i)C0Hwh((L5d
z0u0S_{iw=Hq<BgXj~5xPG{(`_F(&M^Z&R6BT{PMyPTp>ZWad2rRIV73bKP={df5>{
z6w6c!>+zeRrsDI>Q2HltH_Wy#&oEfA+qfdO<Wi(WFAW1z{EUSsty;PyZMg{ZrS&_h
zz&p<q$3IOMmao`n%#+FNGTac$c(ZGeszpA$R=Rmex@UD(Ls)oKIlkZ=T2jA4+LY}v
zNA2=@x+YNqWC5iam294f|7<nGHY}1~@p;7l1%GF!y#c47tBvMSt7<l`-C0|459)eK
ziT5SNAkj0SA*l<qYnH`lI;7|4Cmnhq37K<=Wf^9PW=GCFnB2}<S7Xn?3GPOcTw->u
zo)D3sLut6QT&xlImabmT?IWrQVyDV{QR1i^7a`}?BXO(Ahn$(BOK`^!I|!t}y?arL
z8exDya-c7@vhRh+-)e%s`2$XK(Kz4r<c9BPv2e0Wn0FbCxo9h!4kaOSVpwumfAi^~
zx0h{0X};qBAaTWC-ghqWdlDI-{vaY81|=Vn*t?i#hu3$(BX}8r0iP!F_%6ta+k)=F
zyoBBb*^c;U4qF9y&IY1G5z@PuTk)m4AT?f8eP{U>gy$|uNibg1som%?M1u_71<9e_
zC+`dGhG^FD%YE$5-L+E-;yY^axn#@xVy1{+iKjb_x9?NS)rJdJTUpD@g{1+$%Ih4P
zD~frXcD>f}eqRziTB2tASS_iD0JWBaAhoM49Yh-3WC<=bU*&qF%3i&2x!zN!&Y#^g
zIwc84>J@a#Zm+q$tM;lf&{v=o6RfR;)~vO?IqT4+Tb17BTY8Ck;vNLsDqgeW3wqWP
zrRDK0kl<sfX}OE3B35R6aXJ(dX3JFzSvDjWxgvUJb)V0zu%@M*1Gg{HHOw!MuD><c
zoqvT+?{<~75}CC2R`y@4Mh(-7x7lB);+z$g7;rf-&uJ~Lu;$wBE;N^+AT;%wZq4Iu
zA4HZUt<y@{yc#g?{rqwDTn>o#3mm&2Pj85vyazH6X<lVNLrEGq(W-rQPz#~Ehk1==
zzXy`+9a#2^&F1+JTuX8)*UdLahNY)7o4q>hYaeCWr0J0)@y2<07bJ0ZBMbLHapagU
z=C(T}*`ut1EZ)OBe_&*MVCCTKD+$JFWcD5?iFaFCro$LX^u<JZ<_pqc5BT`>t-)dG
z)rgNTc$T1{KlmX9{U{D{$`7Q&tB}bpeu*q#;XA&Vq<$O@<Eh1(tzd56exL+aiBBLO
z)80O0WPcg)@dGIjpKD8ZWqkGdxexN$4`hPQ%SSNFwr;A%e9_5k4%cu^sI_I^D))=A
z@uZnbD(xzcP`0>vbH;BYB$G4HcCL8G$137h0e!Hi_sYGANu$j|zKx-&9&PJtd8+Fp
z$LmA1NWI)wrU!KNcb5&&7k1uRzol+Gxtd>2N$$nHMEcpbmg+>jliqUHHO;f>q#XoS
zkRQL1kYeMoXbFiOQBOCN)vVL~>YQL*ujozrIgRjh>Bn@61H^4^EGxG-$cs9vSu5!~
zXNbYw7R`C*N45BM`)<EhO@k6Bd`p@o#nF+PM>7YuQk2EDa)ThVR-7Z9A61GHk6x)%
z;wC?eC;1mq5Is0_y9M_E*?}7exDUR=GFiIpRCQI3*}CkVf9QV#u*}`f4_;ry9TJKZ
z`_9dgtp$7+e`3Cu=Ewj3B+tHEtmy#K1cT(lGoQ~L&?V;l3Eng9hr~vf|B=ZbfW6!h
z!(fmK`jOUMjCaGJ{XSv~5bDOg+ris(=Pn5!-LsNDyru&e4iH_!`HLushz`B~cAypK
z1_`&=J1k>=i<TPr=;LsUw(Af5PXLy=yLHw3jKt%F8b#>qxg|1mz;}5cbk`}G?wI(@
z8QPuE3h_sjBlM_l=OwG6F}v;}3l^^~W^1y7!@Yhs?*({V-nAXP2}~8Tr^(iqN!-zI
zC5R!u%tuK4M5{^nyx@fck0~wVBMs(zD__1H)Q^viI6!$1zQv$P@Qa9G#PyHi$KM>4
z<vw5e4A=KKmN{7L|0dCD;v|L;{jUEB*kkq@czJ(~(EZDY_XZHVONK$zcWw>&_yFd@
zUGHk{b+Wo0{8#f1<b@NH6bT@DfuJ|uAPT3P8j*bf-a`fhK?rwq;jSEF^axavKT2}z
z`@Uf2`@_Nk6wXl+ZqauO2mY}i2lCcLMTdHa-v0(e;oQ1KO^xsGV|a_Y3-Ngbl8f!T
z_#bok-8%~B_qoHy+h2768TJRs@n^+INY-r;jfa@r%kKkQhI=gTz<od$k-=1PPy<m6
z0F|K9?S;DwhE&4~T)QiVdDOeq4KKqDQ2bEcM=7~Ulz?Gumi*q11|;J66H^N-RhVk2
zsmyIxE}y*C<V<i<%f6=O-q@9kErg$QmpnX0x>UdQPTP}_DqU7RMsXES`42L9=gj*A
zUqUj{8&|nWE3e{Wn4?$Uz2dq3=w#AI3_&gjVcwheObDGnNM-vSboJJcEDra6*jx5v
z{XfGr+Map;B7lJTO!R|WXYOH{TW!?**MgLd+o<#Z(EkKrnM25FOyktQh(GzU?0f0h
zVK&-#^nJmr)2t7UJiqrRF&88quKgoB?jMCc>OmxeKx!LqQlI~EE%{N<?`O}C>h~J*
zk9I0o=Egp-xA`NpA9eCyvq74IK}rDIg?C<GkkCMoT;gX-ex9O+v48g9A9cMN(vrVg
zM2C45LO6p#YG}~x%#}KG{!$$UW>mFS_A9R1SEqwBP8SR`<J1MrdR<UY`s6XOyFECt
zGc@(mP!K?bi8ej*JKe66wq>R5jNTXt6v-03-8IOQuY%$<$gr2~-mO$qt!)Sq3k&vE
zC=1M(6{FPy`Df;ac+)2*Pu&dXpIu%*WHUY@l&l>%^99Ok;mAo!YIM3!<?{Gc>Oy@f
z?{aND8(-#snXcIxS67jexc&xP^TOQT?tQU;AG~pcFSF~C^=W})G!KYA;2Ys&`_wbG
zGDXXnF?XXePwN&<k63Y>Ds{Q3>hXRjQ2jPRQY~i?E8pw-SG-BJkN#pNda&A>fUj2_
zfBabSdf{)-Z_EBil0RHO`kvcfs-eoJ*PzG~YG$fWFkGb1+gqH`gk$&qBH7BO$hBXn
zpKvU5!r2D9_P6B1$kguqFEj@EpAI5fp&%Y)yPv@cwU2w9``*Z!A6f5p=G}jKhwWrv
znX)OBFJW$NJu6>YeLC-7%+V47tk(66$m6&g1(S0*WZeO*rJb)9Y;#M}k4LrHZFa^?
z3qt1hf{iFh-kV?RYMN<#^<u^NT9W0Cq8FL^w&HFI8pr_aR_xlL{?(rJkrM(9kT!>f
zTUtC-27js$t3F4aPCQzYE;wLUN1uX@N-r&EG34Q5KD+1Bagro-reW7`I{J%?r-POJ
zv3^D`)6JCZl7bA)K-;ha*A!13gONFQXspGxb$Z*XtNLK9Yu6EZ8v0dh4~`ux@a73Z
zEgo9MsH*3w8k5;xJ%;4HsO5`mL*olM_s_;x&8$8+r)1l=Y`3OAFp^d{_^^P5K%Pdh
zAW)v>Lcx+eO<qL|C7Wg0^B(!-k-*+noD$DcCwhrm`sCIAHaYEzvC&2^{tjy;1mev$
zC_wm!<DPPz)TkN{&7hATUt8-gWi{$eSQ&f2n&eQHw_K*3VYREPkye{i!WlVb@Nfwc
z*lK-6%_urO78I^8(>r!}Ft?$MHV<qGs4(os5x6)JBs?}d>BM`xtBL_~3%Tc(@uqLE
z(&BBjyg5m(Y4-7V{;i`Zc|8W{DQJGcBi5$v15ldmUZ`fnyX&&B3i2F{RErv{&MVH-
zOP`x1SlKYTuw%t9SGXZ1zOMB-w+Zjm+Q-rvqv$rS<ay3T+Vz|ie-Q_5L78-qSb-a?
zqH6-;GeNI+oQev9j4L!ebZDL9r}K-(-`Y^_Fw8GM@1(fla0?Yyib4&fy@bk6<%i>h
zyhi$IH?@iT(#>;Q?G(jG@+Qh#PChH&bdNOeXeVFk`dryK{(y)iRZYJ@;<Y~5Ew4e-
zo@1#Yi8%~v=nZo7>h`Ovm9Msx(sPb!fmLh6h8N1b%KGI|6$-hMYy%(S5=;_Ek~XdH
z^rYx*2i%-_J5QBrli5AkZCO-)?sX#<G|dS;dPtwS@=bq!)~ZNq{+SmAT0-mgW>axe
z?K7{kPR+SD<CV=NN9Md(*`fqTw>=xF0yoMAwli8|-YwMWtIIYfguS9wzWChn>ga=7
z(#W%{(yGDxiW?fddY_z`kn9M|+nc^!u}Zox`OC96q@#nmPZg$>==IM|*=o3z6!*6G
zznOD&F%*99>^Di!N{Yb%bFjy-ei7AgWWbI7WowYH#O=O@7e%KWM83Fwn0?SoT6or0
zx-WQN(PV>FuLo{P?VN!gSJW7M<$Arak3t+GF~6&NMuMb!2MDW0w>gN6@@No@k=CD$
zu1;nSkGXN1H}%tB%yEoSnmgncU8U$fu&-<GqpM&+Np^qGtgW@1aml_KcNyyhXYGBN
zJy##$ZzS_pd<c2H6Vopb`%v2NKAm;2o_}V$M1>Ay6-8vDFrT}$qcFK*571s@ZzpcW
zGR((?D3gS>_?hLL`_IQ8YaVs?UXa@C_Ou$E+WppbYkTF!z?oTYcKpftYGuHvnYE3{
zI?kPzDn%$Xuu~+AkU{Or>l++=`SoqQH|ze(_^BRFJ+8u(EPFkYfy7^wdg)e;FNR^o
zaHp}#P*$u1Kh?^=tK{lq!`R!Mt|ONbkecG1%?UN$*As!?q&CiYJubg)kc`;|gcJd(
z5PJmknoom(L|Bf*W~2Xv+BgNz3WIM_^6d3q9`8@<Oe4r61K$5IVK2_gNk;{<pAt+e
zInn=l!uFaQUvX@6|D!oGXD#6zXOqdAmd6+j@aL^=Us{_9bL3<~9>-!n`rF5X<$z*z
zgp*iND8lmuq@*Nv=3tRlA^!2RJlQAAjgKN8xf}<|A`3AfzMgSW*s!cW+le<O|6v$e
zsz29-IWmqG{hgFxl3Z;w)AicN5ocNcnG{vMn4wAo6`~vsQc+&&#5xJxi~aqkt2!)$
zG{=DK$fanIQSaa3_Yw+o>?>u*R1o~V9lv)dnO5&!GOf(TFvtIKD+^~H^^E-g-3JGi
zh8Kv>Q_OrIF<?3V;c&-tB2FYR7CSJQ?ZU%s*RmdB7>AK}<3R7Ln6i^;1-axf%^fjw
z{=Hso3piP%k<-|IB-8%=<nw(Tl4UMJ$Z!nCUD*>5QV^f8f1wGm?9Z2$@bA~8@0Y1x
z^CcZc{KpBtf4a|$%cal&P*Yx<#0!Kg0W(xMwsO6X3nVe4-$FIHe<moy=a9;0n2$?C
z2_VHmYGn5rNGZK2*W!vD{l^7oZL0sg9%5tb^#tdgvJ~0J`22lI)GyNLX%M;I`!)h0
z#RerV;;@nKA^v{O?FYt8@=gNC81)Q1gZVph&=@(G2$IVz%6;UL*^4TT4e^i5@sFt3
z%>HpX*0&TfPbhF=!j?pZe2E9k4>t(gjMrg)wqf|G(-D~$u}PUYQF!yH`^ORTS%c>p
zk!icF#=a{hVWm>qnu<KvA&KCJ(=6IzFa0u5JO;_-8kuxQRZI1Gl^77h=b%0m*?egf
ze!773Bm@d(4mUjCm%9Y1QrUARob_eSU4F3mz#st3Clt#-oadM~<sG+F6!VMI@1Myx
zLU&CqYi}Q)(aU6ce<GdL>9~5|mUdeO<8(zCdT4gWFhWtMpuEw{*P**jia4&!C08l_
zMqS!VnZUG30aR%;QFU%_+vs7)L%$RAnS5dQen{@ZO*$RT1o&n`<!zU0vaV9f9P~U%
zl0%*PaK*_&c6zqWyDvkswhm=_KS&~(x9;&A9<Mf9ENb9Cd6i2tLVAqRQ=Yjj8az+-
znnrS!_`?d$V~vHaCeMQCAoCK)etW@4Jce>wgIaQ{+Y3EQt(xE0f8HA(>eHiryS`e=
zNKP!~TBP4!P`wmpIF0!)h`@2ky7v~vWcxS!^-R&N)r$I(ha6Kj@*g<y-t1<S&Vl65
zEW}Q{q3aVVQs1Q$tIVLY5-GIdv=qs($*>Yjl2R|2&s-EO$bPv^UQm&R=Cbv6OoMtP
z%*%>^?3HZ3cJ0}&-G`a<P<Quf$GD4m@M2@O=QG^UQHkC9bA=<#brqe)3D=sdJ0yxr
zcJ&`YCZBp*oun>kYFzc*C9M#q*Sc6tNIz~ePjgHMy&j!60Wpc8vg}2*88hVE9Zko2
zAtv@mbWc6fZ0VQd#JO``#mlG<rim+fqvpf)U3WB--*`M7@1HgchkAFZ-db_z<UEM$
zUe$Qvd44qH%ODHA>{oVrEj7B`UB1bYz|e`B*G)6X{hf7<kQcjJ?5i!ZTmYg?l5xL7
zayoIP$=yOMkM6s;NTW^CB{`qC*5olE_KnV+r0o8{zPJ@Ufb(DNZ7ixHX|1T`Z~Wf!
zkijMo-RVCaefL{!Hz8KO4^r&+P?es^e7==wFB_jBo%Uuox#OzUbN=QS3;8@|ZL*9{
z^H%bli2Mui<UuyX;swYEd2Lad+VN&o7&P{#(}4k%`VuPY4LXgUX%%mu^zZaY?Bre2
zKFtwId7UsBujP=X&wv-<H~H`UUnX%y!f$&2+jRe@kKfioEr-0~DJK+vi}0Iu;|514
zL(3oWzgs8B@-O+TS^4}1#%6~RpEb4|(pwyIz9jri@l<EhU%OJG9YVOb6F%k7xG;|8
ze^rJ_-#K-!#yzJ^_icS%Lm@lmw}bMoX`jt_+;QFNTgyqk=||4jgwGnqL|v7;SNn6r
zN8Ix0@RN|mmmtOI!6tX=>o5NdygwZZ1MZ#-x_c<x)<QZ1Bs2x2qW_jrE%>hyN?Z~0
znqJgHE~S8!xC(>rTgc@UkOIo1OR*E%Y5RTHe$HM<cmbX1JgL69E3&KRatiTvS=z7=
zeKS}~GWhVD70$J)p;18z_4EFCx#(?+nBCkrB07Zqiv1TEXQtf*s4}%i>@uRw-MT%?
zHOezO{AxY4O=jPYrST6B>9GfnyBS$2Z#{tuTxzD5AW@GynhJHs*7F})+Zn#GYu=P?
znh=~B&3?nB(O5hGh_Ex9@<nw=V33QU<P(jZP3{YYqi7+I+L2R(AD^#E3+}q39)5Y7
zY@^$>C>T?|MPv1aP`%=n?}lLB2A!Xsx@N-QsE0v7Tvgi5k6FT33&fwzy0|UdtNK&&
zLaV9s>}4#m{#m@9)`u0Hx4+cANRkm}73S)k)s14adPv`Gp%P~+?zz&mMWeimCaOkn
zB>FE8O*Pl_mhHToT64?tWH-<~?_QmK)--<tU7fTT+M_4rUQDkpqEE?EC+HpVuo8;U
zskhw`q2cO43b-_eiDYG&UWBR0q$aDXK&&j05g2*YhiNo24a@zo>=|l}<!a^rRACWI
zMPbL+)m6T){jq{hO+_DP@E<N@hjjLW{e}lsWzbb>vP{sA#Xs`MW_t0DG|tM&7LK3a
zPxaS|5LT9oL;nppB3o<scNUlmvzeHX{i1)%1HvZKk4fa0*ZqDtFpbjx+sQ%(rf<Kw
zNKF=foxIihw~yM6ag_=^kMYloCIzJ&gPlvp)}HH@5sKFY(aEB~Heak+vl_SpN!Qsq
zcyfg-ci$8$9%}}sZ=&WThno%$PAy3F_nOuz4y0@5MOL$#QyHr@u$o8a)@qHWJE~ty
zdx{aq{c6!m@1@LN<hE!{raP+(v&BU=$YRBdFPzI&e~G`WmM{1WC4a+0-`CEu#%1D@
z8YDG#nvECj+%<^I2s>X|G92CSeRi!j&R<F-C1a!d*~Sx2C^>K|A$|12TWznBrxKm`
zvuqw>0se<FToxG<T%T5&53^~B2Sw?<+_A0C%~_!4pzKDCJh#vh(&79fF)BjXTQN!$
zNH(yu((;iv*>t-fVs8^dEd<v?ku?4FX5rQsW_v8ei=mpAf!`$fJZRyHW@E2XYs>C4
zD*1)!-rkj#b>m41C~xRl-}7;LmX8uS_vz-9wfvmvojLd;H%3M}=wpL!tdNi-WedMB
zh;vL;P)>PuvyEkn+~uLLRGi~Wm)b}Sef~oo0imWM-moTZGcLcGf~{8WxnC}Ormw{H
zimHup3T|*8R{163VXTSy`s-gd{zL`452yXU3~%L%blHOZUkj7;*WdhbjP-Q6tVx$E
z;yz^Iz0AGU>FF#Iqj7(-YMJ(d5|xSJW|{9AKS^yHmsATwv?F_U1)kV+Qnx%v?T2Ef
zbu6rN7$I}lr;6{IwI0Zu86~4mA6Tw@b$)5n(p5ya-Zfs?WKpQ};ikQ8<HN7{6{}E!
zap1Y!Gik*68G>x(+zA6DsBz7Ra27kV_!{VTcnx<`*A(a)+j;Im@Hj2;(xND&I|KEO
z1a?a5-%ks8DOIaJ%5r-0RQfcWESN0p9`5RnG)nrcXbza_v)39YZ{ifk)_cF4^$=h|
zIO*MLBWqeBs3->d7SBMn#cKj5R=nifDeI~orFu5H?_4-x>-{w?{LcEF<KipZpKn3~
zjrNC5bcCw~CJS0Sd3_yEF%DchDloHY{yL~-rvo+N9m5sXD<);qKUJXtJ@=@XUU|%C
zZ?ZCC9TtK*k=~ff{xp?pSdgn^R{Z#QH=_qDVNkGML+<^o#sTRMqFcfg!-ArOYTiNt
zkKQ*LuW4lrOfYX@{^?LktB&y$#frc*B*Fb?S5?54Qeme(Rw?5~_nFvWTV|Pr>-nPF
z6c-xWZ2HdRl|yjubu{F^T}aF%ttl~wUTQ6OT<Iw`l+)jKirM*^*7<a`DoyaZ4$Z@X
z(NfWe?q2eN3v5F3;ziTTvK7l~w_}sdmAUlPa1WR0KN<^+NO)FEK0h#Ayw(R5K#B6T
z%)<m+{_S5^O1ifUN7zd=^ma;mOqBIQl^X;jmtCe~#G*QZv0*{)`Kzr>y#mCHne-2~
zwhM-bK8O3}pgjfX{W`V$X6vfyt_3cJ3|k8y9-o+*ud0hxi}Ri4n{xG~FR53PI4&H%
zJ-TTeGzG;Em`geDLZhwg%-LMu<fk4l$>mn0)Rc7W)Ea-*^dO-OV0qxoF#5@sTbt9n
z{&`5cqE&YF>OlFF0nN+Wb34Qn1TKEUS574cD@ngP+eSKt5djxJQ#s8m@p8!ZOpxc`
Y8^k>m<R#kOS=$AoF4;88vp)d-57(lALjV8(

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index f91433e3be6..8bf5378a770 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -1,6 +1,6 @@
 [metadata]
 creation_date = "2026/03/23"
-integration = ["unified_logs"]
+integration = ["unifiedlogs"]
 maturity = "development"
 updated_date = "2026/03/23"
 
@@ -22,7 +22,7 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unifiedlogs.log-*"]
+index = ["logs-unifiedlogs.unifiedlogs-*"]
 language = "kuery"
 license = "Elastic License v2"
 name = "XProtect Malware Scan Match Detected"
@@ -73,7 +73,7 @@ timestamp_override = "event.ingested"
 type = "query"
 
 query = '''
-event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
+event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
   message: "match"
 '''
 
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index 88c3c7f10e8..ff4b7954295 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -1,6 +1,6 @@
 [metadata]
 creation_date = "2026/03/23"
-integration = ["unified_logs"]
+integration = ["unifiedlogs"]
 maturity = "development"
 updated_date = "2026/03/23"
 
@@ -22,7 +22,7 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unifiedlogs.log-*"]
+index = ["logs-unifiedlogs.unifiedlogs-*"]
 language = "kuery"
 license = "Elastic License v2"
 name = "Login Item Persistence Execution via Unified Logs"
@@ -74,7 +74,7 @@ timestamp_override = "event.ingested"
 type = "query"
 
 query = '''
-event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
+event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
   message: "performAutolaunch"
 '''
 

From 6bb7c6f3c300ebc1cb02d1b8cdae56b3b62eab0c Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 16:39:50 -0500
Subject: [PATCH 05/13] Fix unifiedlogs schema dataset keys (remove version
 suffix)

The unifiedlogs integration package names its data streams with
version suffixes (e.g. unifiedlogs-0.5.0) which breaks the
schema lookup. Renamed dataset keys to match expected format.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../etc/integration-schemas.json.gz           | Bin 7975251 -> 7975237 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/detection_rules/etc/integration-schemas.json.gz b/detection_rules/etc/integration-schemas.json.gz
index 80df6526022a4a774c41747d14e3c70f33ec9e04..667f20c9c76befa566ed0bf48e2c075c2252aa12 100644
GIT binary patch
delta 13190
zcmc(_cQ}=A{5am=(c&aRSw$sV_EsUItjgY5$=*HIAs&hl;wdvDgzUXXA|qta)3Nv7
z^Lq}}yL!Jrzw7h6uJ3hy|8T$dxL@~t?xSsJ?060451{rvaiT5D9e{wN5O53vjza(r
z1mHpdhJyzICm`S?1e}6^(-3e50`MV#00IyYa25gxA>bSY5J3Pj1e}Ke5(prL05S-;
z009>vfE)rSAb=7As33qE0xm(oWeA{w09pvR0s&Vc;2H$bLBMqgpoahk2w;Q&CJ11L
z02T;fg#b1PxB&s|5WoQeoDjeT0o)M40|C4czy|^R5Fh{nf)F4C0m2X<0s%K6;1&ej
zh5%6r5Q6}52)F|Q5)dE>0a6ek4FPu{;2s3XK!7X+$U%TS1SmkjeF%5}0S_TS5dxGT
zKp6s5AV3uY)F40|0yH2%69Tj#KpO&dAV3!a9zlQ}1n5J60R$LAfDr^dh5%y-cme??
z5MT-cW)NTw0TvKo2?16RU=0B_5MT=db`W3>0S*xGG#3Dw9wB>*gU8x4(`2gm69Lcg
zHhuq;Yg|c&@(K@b13eNUWE*FB+b%5buJ;C2B=k&GQ0Q%kl{D$zO(1;4Jdoe%@%i12
z$7e47&!CadxDo&VLw*K%F?-n(v;wl+O)rtx0a<)_SyDmqoAvg}3BlfR=QobJx<wyf
zpp~J*V$|R9Fu>6*I;SL$m?2AXLc+&pDb`T@sou2~LR%clQd)k;57M2=O*G{rnbal~
zCoPXf97!~<_)xI+^r=qh{zWi(w48K5Gc9zT+Na!J{&f2>I9Cru;H<st#D{O`gY>6J
zl5n4B3b&tog99t*gBM^{eefhKk7)o+-u5E9MEJ5kNQz~g$F<v(Z-|5m^+7r;jf>k^
zBl?jX&eQ|1z!iGnNxUM{q}8U4TfaDX$myk+&_$1T*ck3=q&T_!3dsTD75p<MRAmpp
z#N%CZdJv(Mnp&6@P!waHL_Xz(1$~1-38#!46dr&Nva?*G{U8}zvp!*yyJ3-vW=<bi
z4edj@l-V=in;{Fv1YZQj#%sR`%FAqSc>kfvDM_R$0=JGkLg$it9Z42sdiL@myxg~Z
zsc(Kx)DwPZ0J7kbWVx{FZy$%F3_!LY1kvvV9*j1?^l8BWB*5Kvty{bJo6zYvyl4Ot
z<DTxxV^@ad4MB2b&v4;PbOQBoRsj=>Z^O|48bk#*48E~E(@>R_!NlYwrLv~?s?(;T
zHQ=_;Hrw6yvs^pf?F%0_P(76qNAoQ3M~*}V9DCZ!a?2H$%?7L(oqhbpAoJ{-;nPSx
zg6qfY-Pj%9y-bTg=6U3@@LA8tN6yr!mWhw1a@^AH_Ed=K#^H9C(INT?KJ|2eGAiUb
zdCdLhrL!k+{sNl=C-kdtq&1cuXLmbu>3AL6_SYGK?D@trQJ+^dSjch6u)K9Z$YUw7
z_8Ea3VrDKZ-gw?dXndwvU4<kRGSF33>D)D#W3@qEc=G&WQF$Yls1EGc9@}GIhhymH
zSVixhC0d7dDOGBrL2Y}+YCL$(2&93VjX+$ym#0U`Q2hb0pAkq0@P4kbKC=${8-dqO
z@B;o;A1H=Ne(B=j4&Ubc%mY_oY(pP|c))?F6<lrvlIq9#>*<_V!BuisEIFEzG#Z1k
zcGvq(h5@badOH<2EYDCJul*gwz11Uj>3pIV(P<)ey#1)%O-gyZzkn4<d*&&L)%eZl
zb8ez#h%`9E7`zP68G|Qrg?R`Hy<oI4NClT0gQtPbM&1$c;(r*poBg~abnxP1Oh+m%
zTh@(#zKn!*jX|PNV~`BToMP!vb_y#qs=XZBj)pUh!An@@c*xBW-VuPnUG)1|UK}iV
zW%K=2p1-}3l_p;CX_YW_RW{(|QN0SX{{~~nbQ@>C*C(+Yir?IQb|Z44zLtiEa*Ye2
zovi=u_)G~sz@XHr(YE(I=Q=a1B;;dto<DL(LQf%^rUXfZEIDaW6+RfqQ~FwFdfF=R
zKCP0>yNB~)AIdKJJYmqYC*|s3<6`Vv?@=ig>&lzW&NJ^(?Z|_-d<=|KZ3@q+_pW)H
z$a=M)y+yri-j7uiNo}SFCaUc@EmBWYne4}GnCvq=&BEu`V)<-3D7tGr#&jhIjbjs-
zYP*eI`bPim6f)^pvKzxYM}l`@SEM)`rld8NEpsp{Xr@N5rzr?MR;0agTP~~BW?ERA
z`}&rzu7VqjVX!X9{!&YDCf9qc&3JpQ)z@a#>1inwM{1#^Lb2Iuc!$L*+hBdW#j4}C
zo-#GH9Zn(7!S}{(i=5P-eG)(8C)?cbJIRvOvlV8G!bidlQsZ60tR}LoflzpK0*gQz
z3$fisVSokc1KcTYdKTTa9sk$iCC**NB~jMCMU2my)K@o`LdaJH^j?RLpdCid*P1hm
z4ErtGy06ZM%5-++36xv8_<!FvRiH32sO32m&}5$}K5Ji7v#bm1?zSvF?n&5+vU3p^
z5SN3?vyczO?Rs?_NAiubb)(bexSK*%vm%(i@JO}zO|v`RI)L*DF=EpWPn)YH!epwp
zTbznrMFcwnIVhp5n9Sz_-Ko4!KO09o%-e-W&1-EWd)df$^EPiqKuciJ8_HbtqxRXZ
z7?tkvuFK7IH5Z&h?m0#k_~J`UK6*PqihHNmC>ya74f2Adin{aVPetDD4#4@Qpx{w!
zc*PXFc1EC-ytA#>Ay-XC!w6O|!>k9C8OR8fm3J`k2EeRlpeUAc5_fA)X_^_1F#~B~
zc{9vf$1(-CzA8<xe)s99e`1iErKb8ZRY_^uJ4a1Dpi0e0^3~P4bNVN<a8#c$-3q;Q
z_Xnwc`;{5L&J%%aaEuK|kHc8K76zkjKp|Mi0wlsQzmUfRyW4<Lu%!)%3ouvPH)NE;
z?&hG}sSA1OUb7wFeIDI~krp5ma$EI$-$z*URmF~O&t^#eN2B>Hhhc=s?sI0z`FY>`
zHF`>67G*A!J5zHtmD2K1uk7AbHf7q#DI2J;N(0S0e=4!9bqJ)2(z@uHDNssgf1~(~
zW+RIsX|``q&CDbF#nGM`xn<+#c}->N!cU)r<9E;1Iz4ab`eZP~ZuPd{9?Wh9a>4vo
zm^0Sd+-lPcX0rl$urxVtGcyb79IR^zo`(gkKt?Q+5N`>r8J(^?53^W-d`eg!o19kQ
zx`Z>YD}lET_eHPyMw()EJJPzm_2nh`o@Wtd-ntVij;A`rOli0Y!=KB1+M}Vd?+~L{
zZy*{dXbzBVB5-sLcs?R#O~V%$A?f;B(p40`Yz>ORuGSy|SW3Sdgvp`O3cLq@w*v8S
zcT!%Abis>OAO)6Y#x|#c{o6E~e(rFcHORoXTnCOschS;01(!~Ct(a_a?QRXNPNR|-
zg9E<Qj_57j*xYCu)mvf#;gY+9LaKwa$wOrxx+eEI;1(ND4#%u}kPTL_!5qPs=HMB4
z!5pN<>0_>5gIjGt8SL2N;9|xWMFzXsfYR8(1#m)jw<F<O79b1Zwkke$DBXSzB^}&v
z3sU1zU7jB#NUMXt+k(<WUy4TtSn20OU)craXrFzG*RUQ2>)K<kH5qmwJ+9X4(d{O9
z(E+>#>)3+`-1Q+Q?QD3_9=r)x*kS5{x|{86p#lfmfiig7q4SVxS^n?ZRZJ+0e`vh*
zSSHlG2O}KlfGJ;vJtlW2h0uA#@3d9uJQsY+9+bewKZ#p<y<t5OKI#CnVdLRkTjy+W
zm_{d3XW~xox-51Izpt(xO&$|?H41iDKhe_Y`=VW%UmXIsJ_RXoo4*r>Q^4*ZNCw{o
zG55BHr{E=Aq(R~a0ww@KsWW55Ha>hc5ksuA#QSg{#sankK^nHbo3d8?l+01%=*jnJ
z(&9E>-OJgpRO^`ZN!U-ng&J=gUe=C+b~vNgb_QJli_I{25d;}vHb?L}PV)>i3T|=)
zAK<(#9aV=H9YGeX;0msAcK(jvKZ?laQD)MiB~(xO`!r{vf{Pj<`;4l7*#?{C!i9`I
z519Slc`c0L*XJ{uQ_hM|xJr_uxx5iqQMQ42<8Kno>OE*g3eL9VNR6C$qE_~~91M`T
zT|PL@>Pc%8wbp}Ve)xDGsmn>-^hR{kHJND1YEhGcB;#qWdCJbgbMoamiw|BRH2{<&
z+uGgjEz1?B#VyOeJ{1WGdu56!4__j=(D9UZ<AiDB1m|LImLWFPIiya<@UWuVw#w6^
zHS<bTVc|PnsRjOugB673gzxOKb9HzHQ_oHDFn^zZ6xQxsJJh$LqGofclbI#G^p0@o
zmYJ58Z2;Z*QilZN&8=yT^G9k+kb1e=n_;6V#m+f(WA7QP+fjXkx6+$+j2fD(kPB@j
zsJ!{5gyuqYjjU0OrulBKVhVp$Zaxn^SHsxV^C8CDeKJNv9(H!+2_03d%$hX={2(`T
zS{w12;r5c3!=i!AFo&~hZrxJ3kMG9&8{11vS+$nu<`)ES>#fQcCvUjQAfql0er@tr
zS#<*wEk5mW`=whWt=dl7s@M9nCdrb#H{fQHGi*XSnQVIHzHEc%brNU82E9KTL`F+&
zzDTXNPSqg^2$-~uuyy5TomJt5P1RabH$JBox89xt@7?9dU*>o+F#g5q)OdnaHB~*)
zhRzD(TVYPh4;@*F`dP^+W#q_=0<pGS$`?+}R0}~xPdnx+`@y`*>+OgpRMhS&nyGUk
zWKdJH)TyKLp-siCS<CQ;mu&_cCr{Lh*9x(AO|Wy`EjJwQ#Qz3fo=ZS~@Qy}LEmJfr
zIRxhzZ$7eLcf6UGKEHD(VZV_s+qAH-fuHl8Z>Q12*2pP4iSlRL4g2R#rVJ?`K`8G_
zFQKnD1Y5QX<HH|aK$@e?aEl9g;V1<><pMrJ%2E1H%4!GqQdv8wCJALFm(^7f;S0$r
zm9F}Eo7hE5u2WZ~C3ZCJGjjS0?nLElf1k*6Sq||Jbs<iim0EkFIIqwu9p5k{DBRFh
zO&5kr?w;EtXdYu;>p%<G6*M^)bcUsv6r{uCecX-SA;Tf(_wCEy2oV@IXrna;%79nu
z)QdDzYulWfMAO0R>zD<Hl1mJ3sZ`3A=YWVlt?0fH8E;s5uD7=OIMQ%GQ`)=Mxh@w@
zRm+=p{KngzwtYTH*ohy+t99`bpSGMyaGI4mIdO{30l)F6O$7yf83_^{^I?OnFz}39
zp^ZnOiNn7ofLkHz=vY6jhy+>bz7mX?_uuI1PK~j=PI1b+s&thP*V?215>FlePaxn>
z1BJR_K8ftL%ItkH*fsd38+ZaxLzEe2T!D4mFgF0Nbh~jA9+=P#bBtkxWG69<5ffCS
z_a`{q4ZMQCz~zjuUEQ^i`_*|?0Bb^mw146Jaj^ui%-!NU`3CS8(7f)vee{rL4{RuP
z@>VZ&lr&Q*`6i1NG$#x%kdNH6u}tXs?p?}Lh?b$ag3h1WL_O9V%<1tuQ6sW0tIlnc
zB3qoqm&9+Tt}brdTQqjcu-0e*XOn+6R;|5--?kUoAj_3GIJzYY25WM6N$;*Ze5!S6
z)Yg&-72=WhT{l&8W=W}u-Kcae+|i895q3JUd*5z$d_!|axTG-Z8<HnbJp3-7rh`(m
zp;~@DvWcVtZPiC*qjf#6uUKqgS}{~vE^Er2DFQ{B(t5YKphsa>HGA@Pr|q|%z1TCu
z0p8UDe9lSe$3B|9AXqYcWKdfL89_CZwP-1*GJsBEM9p_hEy%p2GP9EqYojaMe{qMZ
zSdO%Y=<77KBj^d=d<I?zVp&ZHclF_m&oI|8re`4Hpt-6drrkl)J6{jPm4{O!MAVR1
z5ynmQ9A$YQ?1lX6bLKW{{EH0X7!QyVe&>PtfWb6)K$4uX#6Si-_YAyw>biY9T~6HI
ztJGT9-2-#g!YJSX!XGHFss_NB&p_@_56or2MOHvMiwf5D07>ATXCVH`B3l6lC1+wp
z3w+TNq{Q95)-)9g>w1DB@SX?e_?8Ll;DM<<L0*`_6U4{sFjnI6NU4M`d4i-TBNeiH
zgWu)(0`M14kREwmhWdfAk43AP++ep0Ls90!_PHl{t-S3Ls%19xv|S1InMBDVWo1l7
zrPEV*X-dy}TzHo@6;H<|`VOGJPIye4m}F9RX<qWX%T{g(u1qSXZ|i`o%}9f`jpNxJ
z)|@FlU1MtUE0uK;oW+b<`cJ<qHdSBL^~<=ULYqq1`5cWD6!Ko45h>w#Jibt=W?_&L
z)z4y){g4Y(k%`K@Z8~vnE9b_lgj569Vx3~<EvwetC1S%bS>_6`k)n-NO4@zqeV0(g
zTyU-FQhz3yR{5r!6n9UCAJV9e_EcBz{epxuw=3n@h|l1P{sq1Y9{t{nbA-t7$h{+M
zM=LPckqiwc(uNxAObw<kEcuK72jaH<$z@2`D!M?fpKgw5{lyRRm(D@APMCOdRb9Ms
z=oTwF0=GaQG5^c}-4P8$+Ark;(P2nzWSO6t{Go7=8?5UOk|KYm<%aS8vxeA2dHZnO
zKC`zxb(7<udRN+y+j4~S2>#9Ee}S(8g5T>`j<g-WhhP(`z#^796l8dx-K}&ey8qz+
zQotf^J7TUhB7xC$a>x<7C8Et2Kj=dxx4Uns&I->6QtZ`~3tww!O-GyZgH+}l>iqTO
z($sk;`#jC6xOKxbWbRS2*;TZ=Pch$Z2wM7%(CXxTRwUZe_)O1`q@A>$3;$-kxLSNo
zmy=*O_j-7PP4Kyj+Zkt>a86hL0|YQ63cO$Cck3i@mF%^S{4*?av#W*67GG1et0ngj
z{x1bAatyxY1rlE$625R~2D4pv|E-9}5oZM17QWxcBPUZ`P#VSDxSoT=co*I5JJCn;
zVYwHeD=xLu(+VE=(MwRC;|xOQ=L9}s@@e5n_3<+ZHo=O8BmYtKBRK&=g5QhbZ&)7^
z)Kr#cu(A*6iWlgOw?n3J0hWFay5PEuppS~cC|}SO5MEnw6FCEa_r<V<w-($?4np4j
z{~z-6Z+TT8*U=#(1H9aIb;!D5_m?0s@-XNBVKyIj$8DYZe>b#eDA{Z)T7DZ^Htf*W
zJ=42`9oj&x$AKiM;YA(wR*ST18L^wV3b!7To;@#yg};FF_=^)rf;5=LAM`xh1!wz%
z?iBrEp5#P?_r%x;E5&fINJY|(CoeC?eZ~OzmLEuhdmw?Syg*X(pE^32xz>Hnln68R
zJ{?;9Fqi)=+OOEG<}_6wU!1r`^X9n@%`+^b(@w^9$4^18oh<hc{x1bAayXrkL&9%=
zn*9puY4+&Q(GP>9OAOCX#XkEJka7{C?Jc<q*nehykmHZ8VSsD&ixc?K9Sg2pZ_kWp
zJF9BGR=5?Rc59|2P9l`3csuFi9fA3nedIdQVLL7*JZykMbE<u2zDWypLtMToZ42he
zWu2>AN-{(ywo7vrJ7-sYXxIx#i!GYjX{VhW8E-G{?j5N95~AER=g(3-6*WlDr8*!i
z$J(+c?5~%cTgT$hI6x!7zbWY8tU%fmc&fRPkt4magnhaG4+Iy>@_}y!V&+qJU(<m+
zC7pBG2mcfB=y;}k_f6AF+-J$_?y+k=d#i64q&avmD-38#VrL_5#I>o^_yhDevn9{;
zCb7rWzhvM@Zu|@JNb|#RUq(pEUZD#j`tkzvZ5?~6`5z_1zwKTgq;)O34{LYe?MF7x
z50bl}X!!80g29~-EOG(Pc!Rkik&`RhoBhN6B|boIbzyby{1cvrPXRLepR_M1el|DC
z&+hA)ow2tUD2^QX`hz?Si1Bz(nZsN%-4A+<{Mnl`|1J);R6=Bm_Lv!y(wNGgUEj#S
z@fVU|g5~PbWfAqfm=Uw55eSS-s&eu@Wf3u$_&y`vRiLC(qm<8MTbyLiWJ$w_@FN^T
zUAwO)c%^LyHFYg@DjK=xu!~UJ4Gl*n?+ef6sy1+>M(*cmwah4$GW9;bZ}qT5E0jxc
zxt587Xg{%lL9o70>3y8`)nOAAUTyt=FGC=iJ#R|+Q%dcA6(TX7$+E1?wr=gdhpFN`
zlX>>(&V3rg=FDS7vk6_>%Gm+5+-8~Qr?`dZde+o-x~9@NNxmVSdBakd3^dcf>1~^P
zE0`i!$NS@=tEZ`CpOR!Ro|JpnT`-QCD=n#2p3gXMcK_@YcbXaLG<TBO=rs3ZS1x>|
zZ-(N9;aj!v@YwO<rzLjO<v!H$V*?NGUMwH0X?Ef3G?fow&(zNA;zCDiFqtUVjK4CY
z($YsDCS#c%g-5R<*Q&<itg>@fOV!d%_B6Uue6oreLXx$8hG6cU2SEsa!RakOfzqIa
zCIRPWwRP+Eu}Ik+u0E>FFA5gz^cHf_!3s?*{+q>k#3g2SlY0a~9oF2DLSL0O)sB$M
zDhD_yLKGj$o#xH*6p5%8gOUeAbH5C2PRwRIlQE=lIz2Z=+6~xemgUp7PdDhVbUB8a
zZ~8i~WUIx;oaUeP0|#m{9+bDZI8Zjbr#mGV5+zy%``cLzctxIS_V5dEimTtJFgG3U
zp6{q6k%%03WS#@f!y#ndR>_16ZZLIEhV3BQYF=?*P`39=phU;CxvUGbgn4In&t!gL
z6rP%`_P|BtyRvP^V581X;??e^*5+|f{D2RNTKOU$w7>xwb@Gl3V|7tXgHqNUU}M)n
zDJhn$Rh3Y)kQ!UntS{bp>yI*bXj@2cTj}=6AO6~$)m%GrnKEkK7)B0JIL&Q~Kj}5u
zlH*UFdoi`#fGTLvmfD;C7&X{e>cW*jL7AH_xQ*nQ?G@&nOX7Ttn&ToVo(3&f(w;d*
z*DrNwT8W?<YGPf}*Da^bWpp+SSQ*~Ka#9cdlPDDUVy(qSpVt$H&@xCIG7=cyrs)?2
zO-lb8vEb39@4R)YjWB`sp2QpfzK(&kIeWYOlw!?+*(nWkWryM-HcDOoDqGLV6BwoA
z>s6(eto^5d1M}X9HsjjLXfE?{wSNBsN-KdO`%kma`v~)C%_R;Q6M0znj`$u8GO)Z(
zdxUj~RPiZn9D;d%a}EIs4;s@?v(A$Rkwb49aF<Vv5jN`G50;X-#`U&c|1abuMo9Zc
zf-OLYs#4J0)IqP9yl<d;?z25lUU8=8A^RDKgK^^Sgw`q`or8V@%52R>r^X85TcIE+
z38IJ@;|K98r%m4-@$*rzWGLp*SS=Kj7q&rSqLlN!N$gdyQ@oqiEFrfB4u}peOE%&O
ziENZ?nwDi-?;;&dGd3OV2V?tm-yn+0sp%-6gK_d*y3=X3R<8cX`H;o5e5CiU#@DyA
zKWMne%#qvpFXWzN$Sa1+ino(JA6{6}sq?su@De1$B1)GLSmwzO=P(YWCC~p+`@@mI
z%1b>Ten|>axEd#YC*&o=1x5B`{U3}|{h=7PPno24JnJ{oN#7Omt=Lm?umTKn!sIZB
z4_m?@a3&cQsbHr{_#m2{R~n{z2U3WC*|@68pJl5*S@+F~qbR&};N_g5El*tWg@L9C
z^E>c++Pe~={!Eluor*uttwV~Hg??NO){VqG5$;EVu6Ohcg5oK7Snt*cz8?O~k;9>H
z7J3Qz61~KI|9FZ&&cI)u*I!EU<zpT>72aS*?q*kz^_9_Aho|1bi?ZxPv=rPL1~S1n
z-+)&%y%;Z~VFIG1|BVD$_m?nXBmLbaOeXOZn$O}Xr1*lY|FcV#{T$auorB>UZ$T0g
z0$XN`7Xs{a_OBxlGkb1DVjhea!azV%@4w??GrB@w+th&VLcw7*e-z=Mz<29guS#Ny
zL`#qNKb(3d_rE&)zpew_sK#Avy-DEGw_rJNgMPgByYxS!E&hLDv_-DMf#H|{mf>JI
zPT1>ZZ`eHoGnwEp&{cLam_XUb?$zP+417QQYs)&=v9P-s%Rkdof3o85O^daE8=Y<2
zYqdZp)3^Bmj)?(D&wtO$p)?l2EDsu&z#ppxvr8>TgEvCoVSXA7fk86yD`pbC{#dnd
z_Wi$Yls}@rpOx$j%%eTj`D^FF?nCcqo!xRGO)&0AVN6qwvuG^9gN;B+ax@=n9P@L9
zVpB+}3Wf=zL2me640uuZr8c`OW=Rgie<Rpj;tvA<R~7!rH-7d%s=#PA9@}PLhMxu~
z|F7~uAeS@S?3bdf1UBCp3Ca%cT<ujY+!GPv?k-`B%%33X3_jTZYF0=5s2+HKtiBQL
z;F3NlNOm1rtp84f^VQ=^*|Cj2?2PrP*Z+;Q-i&n@JN^PVhd(mtxZYWuKUlgt_tC+k
z)M;A$fPLknBogc6KT3;LV2E}1In9U0V<+E@ymzfyz96w?|2pe;jdC$S#t<ePCM-X<
zY)I;Ok#(|Pjv#zw<9(F1odQDqNzG8^>Ui$nRo()vU~di;)iGNYtM!spS1E3!({|<J
z%#AMz`066@*_BC;r;s$>Un`4LugfLWD7MM^HcWC?GezS|WLtHOQm&PJsP;8L?<2;u
z7amZlt3*P@!XB$rp>!E8%=+6X>R^RxC3N|dd?qT!Ew`e8jE!UI$mem0c{4R6dc4b;
z4>fWTKNi01Lu+%c>{_r^qu}e4qkfn1@P@|R>lmMck8h}dy@Sl&6)6Cp7D^^;j-CH}
z7P%$wEC3iVJ4AnKcH8!)B}Hk4dRE2M67Zyiuc>IToA%ds>Mkw?$dISfmQGO-?1w<8
zy)IBWQ@r%!i|+RoP37migyfD9`_Waedf?%8ZK2}m3Rd-G#`9*c$|UAS+W8sf)YXse
zc0|?Yb#g{m5g<uB_iJY5%y;Fy$5WNpFXai_C-f#!dTTE>(K?ZfrEz%YvF-7ZAc&7-
zZH$*^e|h@4WY39fjsAsj-e&8-{<`xD<7}!>=|eFO8F9{y^u?6rz>qI48@zOQD7WtV
z&62j*{hrASUQnEVkFjPVow9z}?mEHgIK1)7<VC^0>ElRR-{iOY9i>xoUoAF76XD3F
z<+SNB-&B_YQ}(^`z+!-wak=~LtfeB1c)y{rli1*Wj;}#N>3r?}{=~|nxTLMV;^Q@6
zQRGU$-XyXC#xs83<ze#CyHj*JX0^rfu}}_`8sZ1Jf&US2CT6|GX+mg)$`MiOJt#UK
zgFK*JCFb4#VE@z#K(#vc|E~X2fGDlCm=H2w{pIK%f%o7r&k7alAVw`bCsa?n#>cwH
z7!hO?-kKaP@`0;0?6FMFH8rA-FFM7LCQI9D!6sPLB=!#ph6MLJNACQajkO;v=Gv5<
z_=drRZ<*Yu+y`63@1@LlHE>T$Xz69}1Q3TTf8{_;TFe;^k5>=NosP%-cFfp4=cd{v
z=2s*W)%iC?4)J>=l7Gpjb8d>{9_syv2>JM@lRtzlUB>Qv?QrFL%tvN=`>_i&AAgVc
zQ?*R~w7yF2-x0CWEe7Tme1t4s{PC@CRzkmq>~I9jQ&tPU9SqOJ>8;q`9Zz7A?K<ev
zVF;Hgk|gP!^@;hEPDzt^u5TBO{c`T4e{B8uRnjP)gC@aPD(6bl%U_ejRbpC~E$kQh
z=Unl2*N3Cy!SmEJA8UE4LjFsO7dgGC3ExZvFC5!xfz>e(4oC#akUJl1ssHN357KI{
zb6D=brzfw;w89D%+Ad+eN86ywN~rrvI$fN?s*>xLQoJ_#s}YYb)Q(CF8A&4v;tS`t
z!vhCyk|OOQn~98cRF6i9fnRy{qrkyL-<n&S$UH3~hI!*C?(wknE>91K!g}q&7m?zN
zM!oHqE$a7MXBMrvnEf+7h~(70Te5X#??1a!uA3f^>r&{b<Vvbh5S4pfC|4`><7t!n
zk|C6LOd<2v+Q|nb^BZ|2Tp~rgT_#E+tXIuupM{nytdFA9h_o~I#3>(^$BeFD!o0(5
z%^-yZHl$~mwW8U*MlWYAADvAr*7l5J&v}(8=VCFb*~;k|g4UZ}5aVGjQwh75b;Y7o
zBi}(aEs5Us{g-&b0q3o$m_44@iDeW2<t9<C@ygY>z<j4=cg6X69WGWajq8pQnY0F_
z6Qi|pYp;5>-v|nwX`oDBVrj^CeZ5qPq|ZaX8Q3ki&FR<ZEz|PmxlSMQT3Y(*`=I+$
zAL1Y0XTXpWp|5$;4zNE2a?JGU|I(GNZ<Ch(uKvsRhXr_F3Ow!1__uG23wH}R^8@C&
zh)4NvVaV&m(AWPJmx+ELD(**azcLd15Whq49}yTaKWO}?XN^BP3738VPax&~D~XWT
z|AU8${NIXnkjPSe(9*wskVoHLwWo~WkqGX2qEV7wQ>(JQ@E}MgsMz#=gvVZ_Oxr|q
z>P}ouJ}<Hi-h8x1?4KsSQaRP0u`kbSTb0l6tbnlZSqSE7fMrHA>w9WcLbB^sM^mkp
z_);PizcLtM$U@OkXP42~>~E@*skTb|jFBN<rH$TW$^Q4YWq&Y!$_J#4s=WTvM`8_>
z_)%wQ%I-v`Hw{|to-Ah&xT^5fq54Mg_8qF%0$jdpvg#cHw>CL6cO=Jq%8jdE*pxb!
zsFkz>O^i-LFT##}v|79po)=MRgl1F~^z+iR-yKki7e@y&!IQ(zZ+Vy_K87wvFO@<~
zsHLzP%E7&+Z@ujCy1Tnf?Yz~<1%IX}U%xrSY^kt&ecWnS5SZV?dv==}$D}sMg*s~+
zLcN%26rHN4VA6iGO`1)o?s){U`pORN=7jQA_plIy&#N_$w3vkZNaw*Vz2ZRnee{hB
zA0BLV(05G{+xhT|N5;x3Bqlv*rzcfQ?8m}iY`!#E;}j%&m>fHGvQ~j2YZ7Vu=_%aR
zXO6c@-)TMmNSfC14=In4UYv$3(*Dx=Kw6gayO}&|PWx$*-~3<=)uy26UyiYi_S37Y
zx2>KVIs{ZB_f@V8>nl(tD6`sJx~=)jYZgH;m@jy}*p;52@|mXp=tllKBNxoiW&|FV
z-JYW6B^Nt{V_-Y<3qK>@B7^kk3Z303M37)JRl?-cf{0n6xVj;Qr{@vq*HL4UUBc9R
z!nGuFhM*eN69Ee)XI*X=GOy+vtk)j+3kU|TUJKNHhs^BowT)1udmcJYL9o<H6V8e#
zpIxj8znosZD%Mugpj1Quu1!Ft<8<WUtEGwAoVIOK!c(cB6%3X!`3J5cCS2LKi~Guq
zf*(yjDN{}p3$+Io&`p%g*@-zW7QylJCJgy1O}^&`I-Bo&(J$ByOqUx%4^J+9pf(>I
z-91D13aQJb$~C{@WtJYWvy)@05K-ynvVX5oA-{a}jo`iP(I@$d&r{X+*SF+y<{h$y
ztpWeksOD=u*CQ&oBI>K&I$m&H{${luSRhF^`9R@u&Wv@Su$Rl4FbxU1iyl#qHcncq
zmb!9MBw*Gk_eosw!nDID5^?6X$)u#bo*j4HokV1oeYWKiE6UT_0A~JXY|S&d^5S(v
zarv{}w?(<?o}KIImL&9h%^CZhF(W6YC4{tH^V2nQ^PY6`r|&uS?tX#O3;RgZd*Ai-
z%CDr6)F`x1n}m65SBh^}YDOw=MV5E<**cPRe6tg8(d}x`&zxBzdKfY^E6~3Z<=xDk
zBQ=S<LV@1Qh$wLtQ5Q6iG(aRb>@)GGl91}ZUbY)`?kGxF9@?s)+4)Qz@%V{jU$6T}
z$ML{&6emTAtF?TQN+XHK0{?P`%VM`)7RBzxuL;4H{<8b3Wo4?Pd<Fb*bKD!54H_M^
zF&umvuDqQ|TjP_WVG`^6%G`by=eBRBQ`46rIlY~HN=%y41v_7It?LB7c_vAEKVk;>
z@?_J5#6{mm%~!~NVJ&1|jYF|)c;3xlULuLMop9=eohSco$`}m!^r3`GjwkL&ApqW_
zx>_2fC6ykp{EcxkWJTKXs!-kWB{#uKh`P8xjgn}09={s@94UAS8Stk?X%N-OQH-Zo
zcq6U9hrvd5y<YcV#WTg&iZ`HIN(2>-%G<ANcwO>nLw(?EDbvoGc&_0Et<R$d`&7=^
z4Y=8s_tgx7CqAPyA05*i@wIaIAY9*g>#)@Bu+%BAd1rovXMTjd6d8;X=@xj~IF9bx
zS?#TFupAHL8a5@=s?bd@$&S`veC0K0dV`!&mSaGxKoU+7kM9}K;*cXjtFnqlcdev;
z8!`^?ULFD2?|zoKORe0nJGOM&d!kcofn4rdrdr0vcwNOX6^u9Bl}eEInMzQ}37lV@
znyD1!@~|^WUo!I_MsAPX2p8-URI!oa$uXLY?^3K@%@mN_KdCsGHNn5ejbeK4Oc3rp
z*7H?zxk-c-3B^4U>~^tyD>#zri^S9RTLleNN>ZKeVC?^}Wa`Q^85Nbr7x@!|(|M#H
zQE7Pw;^12*Us{pVtf{V=U|{0)H3yW}>{Ya{wqQB|qo}TofR9E^H@GFW;ptFjm`MrQ
zR9P3Oam{_`meLPf`O2Y<{Ko85-)79aCy;h(+xY}tRdQK+8P_P|iPbIS9`eYMBm4Wu
OkIV<B5%2Om$NN8<k#q$B

delta 13075
zcmcJ#cRZHu8$X`nLPV00S%k7FdnZXEva-p_-gH^F(v?tzxI$J6*_&+Lk8DEr%9hb>
z@A18E_4HKF^ZC8Luh;MQ`-As!9Otpl<2<hOyvAKSHg&8M`2!e(2naAa4*&?jfq<hB
za0~))Apj2o5D7j65I_JS1RRF|A_yRcfD;fv0s*8Da1sK@Am9`PkVC*}2%vxfN(i8W
z0BQ(00|7J;KnnqM5I_$B3=qHw0cRoL90V{y05b%fhX57`V1)oS2)F<N7a@Qh0yrRm
z69Tv(fExmMAb=MF_#l8E0xm(oWe5;}06_>4f&gI%5P<+u2oQq+aR`ur07(dtf&gg<
zkb!_J5FiTyS0O+S0<J-TJOo^a00juR0Rf5-a1#QQAV3)cZb5(w1gJv5Z3s|<0Cfn^
zfB;Ph(1L(F5TFeKIuM`>0eTRi4*>=cU<d(55MT@ecOk$80!$&m3<As{zybp9L4YL$
zSV4d_1lT};Ed<y>fIS2_K!76zI6;6j1h_zeD+IVffI9@-F9bl&yQqOOc<Qf09;NY-
z6sEvM7M|&+Wvl`--)Pi7zj!X=mPQI3mzi1$NW~26p6b;rvNP)F-B;R&O%<n@{?hSa
z$fSBEWAcgmGVnj)rE|wi+W$R{LX6F)N0-NlO^@|S3qC(#>P%u9eqLcEVj=4$8>u|U
z;<4Q$Qutrwqs0%YYElGNk4Ra9wine+(?5lro}Q3v30(YmGl6-AK-5FlWmPXCBRg8o
zr@=(3+n4+ct}u@BkguBK!qQ?j=YhbodJ~Fg-$b7aBXt_JkU&Y1if8peCxP-GSdhu2
zg-@D-tT2x$NPy>+%EC(spEU(3u{{3Ie*}0AsjhR%u&OCY1v8q06nJyXiIHNkj48;5
z<?-+`gZy=b;4dcNc{s!bB*b^^Q<)1|^7|>lM|Dria*gB5aH$Y|K3d34VCDK+9TVj1
z+S?=U^)5_-RC+y4IP;FSvl*kS?2wAk=Mz{cu3%B3X#Ms&c{$nKY)6uoC}yU=$h$l8
zvRHcm`fbDJc~0vr)4PfT`wlJODHb^eDLxiklXzHBEoMUn6)i&a+*Y_oy68EVDN*0a
zE8p=-(X>pF;gCN8oNETs!Z~KhWOg*`*J<HIGmrzz;~(;3fAFL*pBcynpEW}!yT0&z
zLEw*Z046g7DUaEjWx>YgAUSMk4iX-(bMBK;lKN=os12VpN1}0?gCr<zJxW-D4X)rD
zrH+KmjJ5Bqhvm%goXwo}O~ODP>&B6(=d3m>-;G)?RptAM9J4W`t;Z3^;4K#DKinlY
znp*a4nrjbhx_gedj_o6z3h)BQY*qS<z5*Tr&Xsazg7zcSf%#rRjoKCuCG!cB#B&L4
zj>c58=KO$wd{k~gh?D&(+@lYq&z>as1D4Ck>K~ivMS0_!9yucoJU3pC?Q=IDiSqV8
zeNGOG7T*P<4}UUGQv2NRUDUC{4!q=;@@VaIFV5lQBx?GQmy@y6G-x=r&;R+PfD0-L
z%RFYLdtcSOXZDRpRt@1^o@M>UgBHyRCaS2K*L+M0FIj-}k@r9%fU1$NvV;+SZULTy
zmG2>o@-%3Y`WqZ-0iMP3gm~k(MLu%<txt^i5psIU17j>eMyxp=)_e^9W&u)}U8Aq7
zX3sgEaWwrto~CM(tRpeqvASwL2V%OUV|AO4O}<bI1Hlh|foqrQE^KFX6$oecgaN6?
zW_?8yNdACv&QueM;8}$gvLPIQFM7Qic*GK9fH9UxXfGQ&rxUQRC6Xw@69UVjj`c$B
z{|NAwa~<p5;e~tP1^h41L!Qa*`@&22!1IxoNNa8N3QycR93w!+f@QD1L;rM5h+3|3
ztUp0_)W7<i1HmCoSD&+`UuYdGC2^z5xm=uQL`;3`qc7ioLo?oomjg8ss`@{MVO$f@
z_J|ERJJES-hD!B@H~77v2C;fZ#{1+w21`{PgXhO7#@Ss&YePQ1HkZ49z>2z0KKw|i
z;+(w)cT9KBIMdr}8PU@3hM(N_7Chah{&Ak$D$UqRvj~%)>k*J;J78ful$W1o%d<w&
z)S5Tt#8OnSK-%+)I1%mcPZFfq;?EYgY{-18aCc)&s#~IaUv{ZyUwhG%)}>tUX<xbj
zc4xEp^?PW-DJJc&>*&e1YSI)a6+Cqu4e2#HX#s^W^KYLcN~T8dA(v2JP+eXO3%bR%
zY7vSvO-kwZmb6z{r9!_xqTkGlUN)t!xZi6{+LF?_zK}#UJ-e~!q-}o3dGxj0z^qXE
z$gFXB#JiE%$v64lg$0|I9t0JNoyp^tl20jaJ)>2hep5uQXPUnz@U@Z_#SMqIX0sV~
zzcOGV5|UEVchl3qFuUl?IKrKL{Il(Cy$|zS^cRJ|{VaD-Vv^ET3pb{Cc4d-7XvY2H
z1)&Bsrg3N<W9-^eGLoFDILsB3k!|blGrmn%v(fijxVtgfo|++M;cig>LSWD|dile4
z;$(ZC(wfBFcA#5e95>1gl@d5xP_tTZ-)4@MG>o^2=E^q}(IqD3E_dlQPrrm&9#)bK
z=*BF@`G;JNd9;zZ;kM^<KaJT!^thR<37LD2w&UW{PD#vglc2;%#iGWE>4Y4|xHS=?
z$rTqqF)MU!>Oi(^ZcbaaY}~EDOY7`WtKyDSw80&<{AE1HpBA*4lYSjpaaiU~`!I}J
z^5Ng<f(vaxaU3sr*#=}Kju<{MXSooglgXNu54YKZ*I+4I5CBGottejA!F;x$6g*@L
zp1||=OkazHd2B(MLtfn5Bz?`pq1MW*Fi%H2Gec98BYjO@Co@ytm`m<_{V7wzJY4OE
zoHCJT6`!+wXZvoQs~4o_Eu<%hdF{cAxDm#lEpVbUa)?PggY3A)!~?Xjj5Ej&Cpd!)
zxMgO&!*IJZs0ioSfq3`>ROodp2RRsJ4|1XubN5mM7rL9cuN&>>%<nc1bmzPGl`Z+B
ze1f>HV=zI*>lUJ3dRbPL$F$@8B{HUJ3uAX{EyVO1D5j1(L+?Mt4^t?oB-M6`i&tFU
zz3cA5H-FcSuk59MGq*Waeo$ZS{8&?d5UMprqRL(0d*T%Bt*~`PI{S0nhU9QS(_dzA
zmjkGT`@VLP7FKltnc;p1kcUvRxWr3QkCmGo{^S5E1Je|6Hog|j=KxCFp6vW<a)@zh
zbn_zJ!@hgem6w9%?Yi{O4h*-g$eIy3Z8JPhH2Hc_ojf<7_o@w(AlXj%lU@yS$3dQ3
zF5{9?q5@(wOA<_B<P8B6SDl!)RGGF;!0nEp2(03S99WBv$PIuLeBDP8c5ni3!oE((
zrn}t68fFNGIw2<`!e7MSB@dVo0>a={Cy+^6+=)RX<du9Y^K>XmFXYv{(t5ICXZF{g
z)w!UaY*bR#O-WY9@Q{YOiE%ABq@ip=f0-NHFa?X#19yPOnF=lNs2$P-()LJGEEE}g
zqW@XLW5^o9e9qt%*vK9v#Y2|R#~2Q^10}F)NRF%fctH!h!rWvF@&Y!+25vY<SNzSU
zwT6r0;87Qlk;wB=xu;kO6DG{P0q%DJZ;(p8E!Vx$t<d2k^W_BRh&4Rw1}fvjlb))P
z7%KRSE2xSal<(C7hq{9|;A&S8z~gCIt}upW+`y}_gDXgkOJ%+_46C|<mm}RlI$(q-
z->WJI9(4s(@PqQasz|c#z^d+`0M?cUz{qJ=j{G9P!_;b5_Q1yOAPbz}hLn=W9mK;i
z$9liSHqyyClKKDKaGprR!MXQAT40k{Ik%w(HU>dK_|tumnsCX&E%1Oh<)s>&b01W~
z+yAV*6#sJ=pLfiC;&e)9`<Nv|oB@qbu2=;%B|lLV)O^MKT>f+IdQMZy<w@;&sp-zR
zk+P64T!!!`4^RnS^gs@x<){jzEk{967|YY(N#+-OHNh<&$c(`zi}lE=MY!DqX%nn6
zYWaQn<Q2XBh&{F0#vZ@)8jY>0ur6WU$b&h*vM`CR4gxCz`{4wyva#;=ee|fm3z>oQ
zrpmGs73dIb*`F+aVcCxeM=9oNa6<B=^=`~Y@A=g^@BJ&n{L_~4dp%d6?q?nq#kG_x
zeKsAd0hh%Kx}QZC8LSK&FL2?kDbh;SqUy~SGx1HT3V2B6tEhNLiz}YFx|q7xj*65B
zFPVasH)738<IEe2t;d;2!YB9fH6<hs-WG;HR4Ti6lZo#eP|bmJcP3BJEz#oW2<Z|%
zMx)sieL9a;awjXaxN}x2g}fEOzdJOx+;2T$@@`~mOK#)-?RHO#=*aA<Rt+47W|Wxb
zPDHkLWoeUqkc~kall)%A0{!YXv0Kp~-3Gpt?UL;dxBd1jT7!8P%KpjjZ2iKtacxh}
z@Z0$|2DeqCimHZOSS9ahZCLAY>5X(~3}%K~bdHHC8QT}}*x#p$@3}0Ap4JHBJV-Bj
zVn~zU*2d&X%(g_*#(Y_mv@kso(}S9@Ko7j%I+@PEi&=fvJCeMl@r}n$^nu-6?-E{D
z!|Q_P$CC{iTlV%`BRP?d+q?Ah1^S&kIfWT3D;K0fHMD~%n#Y#-VuQn5+os;r6HSLH
z5k*ss^tuY^T$c#3w48GDxt6&j4&E9aylmMk3m#>B>T|x+Kbg5uXZ=!C#_R@)Ld5fQ
zZBJX5X*74YP#pV*Qc7bn`vIfVv;I@|ZTs5}l-8R!Fj-l{6|+WZB45@8XO`4Ie&yfA
zeKh`hJPx*YITQVsG2d|x_*#C_y>sz1y3Jt?47NxwQ|K@7;w$qMIXlqf?!(+!H65;9
zG&pERPxDD`?o!%}@>*$<Va?toIm%ySiNn`F9d&-o;l-qauoa2~PV)wta5mr;Z}1Gx
zX?WTjyo-_&qw9>VWG$4K_?D;QX{zBJ3bE06#ASHQ(USJeN``)udZd3VJ?22`9woRb
zVP93<Zo4zZLC>{wL3tp2o-chk>2<_)xEAz^%=W)^xk@8<XzzI2l)!q|sF-U>i&sf^
zbh>p34@^5C*z6xM9zk*7R`pVX#Jq`dRDY-vcz%a*iD`Cy$GMcXn+=1R_UcDT#VTLH
z*KN7da$5Ohr@!(33!YBq;66CXHF|G@ot|OkT#rGXRbSSe!nje{H?4&2`L7f7bQ@<V
zGts#*-wN4S5;&>{1$gmc1{Ctd7K;L@ffG|%Lwx@TsC0brUpm*(@!~h*I9LA(DFnx+
zd_{~%Uj7bZVlT@a>-0?WAAd-6xIlM&qksBz{Rt<(!Lvet!@?j1RirO?8m}MR>gPfz
zCfME=*~cX|qie!oBVX_WEbWWzBHgjsLtkJSL=($X9101$L$kg47*83Z;SgVt16OpV
zFdJ(^iRx!rF8sK{unAN?u>V5)2e>6JF8q)UocW@wJx+|)T9Nd;!<9xdDj5@uwts%9
zr6$VUk8yo?;<1q9^G73jDX7=3V5d1P)9HgjG26c8OwoncQwg&Lwzd@QmUGb@FX`i5
z$tUItf~-_!=RR4Yc*MH?@_^?^CpFyq^f=Z=M#va9_)wsL_WIxjuHk&krS}<>L1Xwk
zTg&bN9ozHgRu#Jn<Hy}|cNV8SZX66<rL^UqbQ#i?h_M`EKj72l^slq^Yz7m1?J%cY
zv$eDhBpTB2^BjB(Gp@BsjGN1^S+pdp>2xYs>;&;Ym0}=~nqEwNoOIF6a(Zj2=-7Rf
z@t&hcPSZ#9l98)_QkGYhRytaU&!eD=o=hozbDxa{oR`!;eM>kSHM2!VNfz`3CVdF9
z;7Ml6t;S->3$VjOkOVe*2of=SYX;q`;-G!%BOt}#Q?P%7p(9$&+{;#N!GkWsa%d%=
z-n9i*^+Rq!p8J7k@fbUTOO4^ghoCGz={@<qbJ`&=jvvSlxA}n-xOe5fRp1Ig<iX#;
z55&b9&=73DbbDbc;dUCX@dM8hx_)(2&)B@ckO1>N0_pL$m7=@2S^{CxN1!Zj^yPFO
zcoDII9Ug%k_-UOPc7T>2yyOQ`5sD_67qZFNQXzLGkC2C{FOR?zsNs~3(<83~;>z=O
z)Ll$QH&{N~Bsr#r<atfszLur5aF<OT<>jsI;@Q(hs+WnIzvD2ml1_Q`7FAhQY&(8W
zPxoE1tTJgD*vO}Od8RYnV54SvHvXV7c?sV<ee#}Wes)V?!i-;N$UQf$^7_SB>CyfI
zA83r9<y^bNoI!>LJq$^v`%w2SKDCbe6%IFQO1#$}Hh*WeoD(f>0`-1UTD3Hp4GD|1
z9t%ys>o@k=dh%j(nAy;4?zXh4F-`rqI{Q1EjDu_;eG~6Y_{x1&P^^8XXu<s`rH~7H
z){3Li`~<M-WAHR9F`n28uCF!uk()<&ajJ2TV2Ns{Ts=;zrdkAk$RiO|nDi+~rSZ3p
z(T_yC39SG6ZgpsWnix;EMuqn`$PtP^;viAN|F`L(;t&4_2;fvB?x|5<Bpu^RZVj@1
zBi{(v`OACk2m3QKB+{cF6~gBF#fJO{O_TIEj%4$F-*qP{>0_UcTt0H*4-msF`f_w0
zyGhC`QN4NuOH@B_G@_%%|A@eEa+t~=c|o#Fz7?>0)rUzcG`{}U1ltdm|GP1_v4`|#
z&Wgh()xq{lPI;-v`Clh2OGfR#Ua-I5-OFl2UPL(X$o7LEpKJAJ95wv3Vool_Mn9?h
z+MNWmBr=zXf}^xm3@`LtJ`zf48A@r0Suz?JwC8S9x^aZ4=1R^<PF$j^KkyK|#uW&K
z02b;OMk)_w2(iQwec7H*0xl;I_)Y#(;gEn6k=42ouw(k&Oz%Si?k}|?7Ux~8uJ$9M
zw=puUv5qK%v!8$z_(%G+{qYBBVD&)I8?OR0iem_C2Z26#!yAjf+3>X|2#N8&UtI{_
z3;=!bJsB7lZ5_<uHiV&%^T+oR60cr7f<8t}%8Mnase#82jExWwgqH$AYHMQB|FO6~
zO@2-AyA$ltk^fp!&k^*o{lhpvt^W+D_Wx}_4Ek8s30NlxDGjzBwD4dMsDc{yx&MFH
z4KCH6aAbe!1~j%Cn2CbVV7o!yBT-JrE2PfPR<7zji4YkM#Z^328TFID!QwMErd^Q|
zezKaYxa4Fvuks=UG44~Eq>rh5RtN~f;?F>8+nZPaN16Y&!Tr&o#xXfc-@W{B_uo;+
zSef)<o)|Gb3?N`-dWjH6uRT*W`AjW<Knz@igj8o`a`>-{_FMQ*lfx?l8?cx4yOST@
ze2>3=n0l7|$!~Dqk(|s9KKBfKgi{PBKLa12K3{z_P}B9L@t=t!Df40{eK_}RTUMsa
zUYh8gE>r$jZOdk^s@L!wt?+VJf*G`x=f5Qt(JYkv?~fb|Erev*S-Cm8yi?1s((?4K
zJ1rwnHfz}Wxw3@0DJgm{_BKb?{Bqav6z(0V(!klg6}6Bz;qhu1p1aoWq-<IS0%c;Q
z#Oa<MDW6SUcf>2C2X=&m-*q#U31_(k&Cg7%3@*v(o656`!=oX{R@T_e;U-oVJJf1t
zQJg=}w=nPagB4mqhAw4Gb~bYeo}_(p;xFLtvD^o}(l%!=HMkI(heatM&t(l(G?$Ya
ztMz!Pn(>@#egmlwsd?5(jZfJxr8TGW|3MI!3Sy;BOem4iSJ#!#vtb{%*~S0R`ql1#
zB>A^*lOMSqrfRAlrD}F9;*5qlmN4ReNi_BF{U2awquy7jYIf<T+HVA)Pm36z`6aoD
zs}ylRoWkcqL2|J(|5Y@LVyxX^^zXI$Q9Ay=^E@mDy!Z;FLK&&|A<dG(pWoQbekr~A
z4+5Rlf=Hjn)+?K`<&pOV%wKhTeH<geUhe1-ANe6{dtp(>d2NdL8<qBEc7s~1T!De6
z58Z+L(({}7sI-`zG}Ly;He<mymr#|)f#kPB?WRi^u?GbPpXN0sc>3?%c2q}|8$=3-
zuhenUksoO5Q7}x}rgyZ5ge?hhzT(NNGhMn&EcU9)usoQ@E`#uOjEiC4uH}5TEqgaY
z>y~L%+GaTxQ#ud1b<XXj_tlZb6!ji=rDfc(@#NaKcGaRGvXrD#(%j0+()ya~U5vg^
z<Uj5Ft-Wp3jFe40sBiNTn+nQiaK(PZV0b*;y*E(sB7rMyPf?I7?dPIpSK7-}(Ex{K
z{_8=dz40c;l?VFb!=)jNwWPOK?9y1C8Lo^?SJGJvrrwC^<r!#-UR36eEKDDBt`{Wb
z$@BMjQKignY4h+jUTH7U?%y`Z>=8g^&1uN>=||k?;*ncYq}{*RfKQK#bKUzGYoO3M
zMPF%==_z8hqRh4*Z5z@%kt#I%qBy0kA=R9!Zg=R|@!_IU7ZiSjl}Jo0gGIU*m+y&`
z^t!UNE5V;fDmDZM(gH&6D|Fd4^_woatgdTI5=Ur6OZ-((YFBn=WPogT&5VEBT0*gS
zS59(Uo2%m!UhMkE^7*^HsCR}lm1V)x)v!d@U_fVyLS1RG9a<ThuK8G3p*o2o5h`+=
z-<UNDN@{hkpxh8IZuuZ(>TR%^{IDU!=8h<4v1B97&Yo>yqCRQXOem!?l38f3Z+>+^
zt?d|BX|~-7l@afX#!J@LfgbZyGt<r=9@l+l=NX7s&n}-&&U|Loiz>)WwCXLuq-WVt
zpUJXMXE*RP9wvo@3QERyHecSX%Puan-0ZRRu&EtzoVMtjHd%g7(za93B;^<^v9ZS_
zupqD}Mz67Pb!}_XesD76{K1mWEzH_*Wwh>UaKBdEUbverBaOQ{O+oesP0-MqxUh#-
zO~oy<t=X)Sc+A#aRa8}vXNhYuEAMU|RYb>1%6WEq_25)GRgu?DS0|q|l0`6o7j#D4
z)Z*7~aAElu@wO)>>-5}N=qo`dSu*p@x`kOgE%&n0fv%yfZ*H!|>1F!*FN1mMjYU7W
zJVJCHc#ayBP<?}bz)37_4EcX882=JNQ|!zI+eUy?6fU}h!6o$jOsLSRdcz5xWvZ<p
zWUEw-K;Hj>5g;i_(sfYTv3c?#h`T~C#rLk^4QqJxO)LIC2<#wPGxJM%-Vh@Op`x<f
zp=S$rHtr^6v;#xE+~37D;#eou6%IUuL>nJ|0gji`%y=t<zj*kriWN{Zzr-J+L_GWd
zOmA0i|Ml@(uuLTKD03$gB*XqALB);GHLES8mZq`vO;@n(l+T~Tfaj<D;uyV#y#z<J
z-|tIF2=;nOh}pL<@HXQQjf8}g{8g@+I+x?xGcGJu_uy64aOf+dcc*TfSw+1wOOA}v
zG5;6A`sT*<i0AC*G_Ir(gS-<p&+%m$eh}(d;UjfI!~x5j<3Ef3&k|tA<7CrJ)f-a7
zR9TX4T#I<henx};hXBv62@%T~zTxSh`Wmz<x6S0O3bDbuF!DTQ1cPUZyD+V(r5R7&
zk)EMrfo0-BIyuwbFiv`H(L5K^uO(-OT4wC7xnC-cX&-v}&D=#Osi`CMEwiG0WH46e
zkE7uG`9KA~Kzd*_8tH)<o!h~0=$x2-+5V9pz==X$*89E!j~muGu%IJ|wfOZK{zWL<
z4vv9YCa*U-{t~?Gdp_`sB*o`1m@mrTCi$-uiTkDJ$2YH#FHi8fDCGO`ZY=0?6$zjq
zVrLMESk?VGrLr^nw}ZK5u&FAD{O6R6zMTnos)S`;BJONsz$#pUi__`<c$fQs>pd#m
zDT@VGeTlqPVTuK-fR`^;Y#mtsuWG3O|7Q&`a42%XQa;GSF2uRRdkgHVd}KLOKZL`H
zG1zY&F(8Bfe=p(TqMn~D0kyHE6-xTCdjE8jf=DT@f=HOt`AOeD?<&5xl7&*^mMn~e
zv=XfF3iMH4mGS4O6}|qwIqN$df7_#mu-g{=PjlwEeED^o`hLZDZ)l4y2ygl&FYI1~
zdE-F}ssefk-TvSLdgRIot-Su@LP5GTHvzm3pG*J=4C*#n#^I-i{5}nT5Mf2kw(?k8
zOR+yUOeC2Ow>Jyd2SN{ZNdDNFu=`Yp+ptW3Yaxsik6bC$ww7WYZZqGn(C>MqEy4%!
z$VXk01Y|4v`yVMB27}ac3g4q*LzL(rPW;#XTJcBJ!_5A*D-vzo7<j)~5KD`lA{G2T
z9;_m0w-hr(-ivVj6zQVC5lb<!tt8g#(<KHr`~6c38F~lt474`G5v{r|L~{*?Tiuw)
z^0kn6=<d;%ZDo~O*$l)lstov5xM{9mey*)*E*C{%rupLE#J#ia(yt#}Jr)2s*;jbZ
z4e4TrJvO?_iia!KzKc(tIFCYnocxcfVHGIarE8&Ai^rm#`LKjH@Sgr=xg^y{B;3;$
zDihvk_SgNtvi~aYhvGgeif)9XSw(!_rReE@mJQX(y>GJzW}*m5vU(;)i8Uid=rso=
zxY7;7T1JL_9K=0u=2@b<Nx$0gvPYMq>Jy!F>?j+<EgicGI>($!TX>r+(Cs#ZuAsk!
z{p{jh?ac%97U%AZI!aB8(X2M3iqc6!8$+VL{f#=)&p8^K+5KEWb%Bxz-<UZotLGTU
zX3(B7-G-Z6xq7Wa@2~mIm^~S*fAuK4;SJR#QnM?dNqx<O67cNu@i<1E=E(eZl+6LD
z9fJXPm}Mmh@%<Gqd3q#RM!RW<ZRygN{jvJm;%SydhnZY-%WSd)B}`1ak?VR#{J^9W
zn7f``>W@a5jTRr64Qtq_+FLWZU36HnuXSw;KO#5Y;IQ|lrlxRzV}{Uf?@s4?TTg{f
zOIr*5@iSa`c_6BAIyY0GB_#)qg4R%uJK?$qoueXiwGvM<Lt@_vTGfqed9BnB1EF)x
ziCj-n!L`Tmd^z{Gv;@zDgu$rnkCH6yb%Ii*I|p$gK5t?RQ>Fv&<-B_W9B}x!O6Kvu
zCuN+T_(FS9S0vtDXB8zXfzEMw!6}wGw>lBnT#Ulx@On5fWYDzbS4i?|<fTR{Xbz=I
z&h9>za`EWv6UUU=Ro3_Sw6KmJ1P%&NYe&_!+W4oJdR?du85_};d{M70nU^NKf8d@H
z!gJ*{bNZEhL%Qvx6b8iuE<=Vl5eB4Lg~%@^l0gbJp#p{+|6y57;>IV>8HrT}57LV7
z>?VB${<nWgu}VJj7{{bP)xTR;C2o{-!EJAlCy`H{UhRh-<4ZR#g!HDAZ)Q8(h_k(x
zZnyuY`>OS8f%fQoN(HPs<e3c^Yo)A0EEVwkKtT7zf^InNzr|Q{aISlTBT*5dwvJ>f
zxb9BN+4E;s8nz8&FoFR!!{^0stG9}^d8Jgnk9ihP5+cR*obo!+8@!IAmJbS~brRf1
zj(T^(CzC-+ytdAx-aUsTK0@v#;&ot|(_--{c-w0Kn4JB^gQOaf>63zA9sWJKeU<CE
zaTi?u7NkJs7f1_<3)4R*nNh1-yC+e=phKGJ-z__rxc13oH>-R6#$nYHcxHlr^^|}l
zp>K^%^1IK~MBRktk)*0@9p=o??(5cX1UhIc3a%B4GRKCtK6#nU(jJz;|I_m(eWriS
zy+amWO$JW_$N~dlmaudRcpAtrW-uhsI$U_%-OM^II5-8QVnod?DIMnYM~e3(T1Py*
zdSJ;E@C*a$UxSC!soT;Gk^0d~sEkbccF#vWQNtFf2>rS>qww;$r`Ni4w?=hCeQc$}
zNDX{eOrX1Wcy-0kch1Kv4fWlb@tJK+L|6J)I4?yD?6(HWdBk&5;!h5ED5aLCfc>wm
zD-Fm=h9}ukK5TB3wegl}{^b`B<n!z5kY5OWBvBT(rN7eluuzeZX76!@II4Sna#njw
z-(l3F`}OK)kK7{ejEgIQD8|QAMZ%0JQu+7miVIV>+83$}@|jTFmey1SyU$8_4!WZ^
zAFlDtCTySJs=^<Qq3E{Q=&RAXYrnMpf{&9lG?w(9`_LW}T|^@E)O*%b5fhkvE`yj+
z*PpEvT&nFb4Pyc4CQB=toKSK~OUz2FlV7LMTBK`LWODI_&adnl(nLtJ7@w67#gJxr
zpzzbdrLimRVuAD*=j7U?7z+JA?|+z>M&}GJv19VQ=HxFj?keWi&VM_2n>0DqvA!l+
zE~D`7jrwi&ixDqw++cYdb{k>E^WKy@MqsI52T%&2l>(Ugo9s{}PV@HBk)OstOd7*)
zH0plQ{lf>=1)&$mufeeTx7aUMmE8C}95#=_H!lCAq4IZv;9Z5U>vTVI{h8sU0?VY<
ze+1M~*i!m4i$m8FFxfkh9EF4~`;X9>Z+2z>(+s!rmr8w)&KB_kRr;rozD>Qf;<+#7
zBGJv7<73`jk{|p1k*@^j-#4+=ip<3KU4E9;*eIog@(LRFjN&nuLbn$_k-QU2v(9+j
zUwKp0pJ%p)o7QL9d@JvrxTZ)Mb-I(LNct;{R(6Ys{6_7`41{%0eU+W9=b|af5gXBZ
z!{TjzhxXTuL$>TiYtL_jALH+JzuxRs`BfkF-C*Fxbd1bjJu@qXePUTsU$o3p&L79v
z37fl*)cZN5n70pGrf>6IKqUt;eih$gvlVvC(hAWEn(j{k&9d24)e;1_<4ijvFKu#q
zu>_^G=QL$i(FPS<5D%N=_kP8*k__c{@$aiu7Uyi~8swLt2dcDnbRS>NsEUVBG#1pu
zp|xtc?L#(#3gMOm*McTS`C_@t4x;+R2~kOP+xPoAa^&7v+27gQeOSh2c)sfK-oA7$
z(%oUm!51Qde7PmCl$xQjVqdGP%akgjjap`82oDu~YZ&X4sjQlks`mNf>}l6PQMp*B
zMAyb=2)_PX{9=3-^`eM9Y3uw-)-0sE_RvG7BEdj~Cza|m(Ja*MF{<+qi-(LR<{E5{
zZU3$n=`ouAs~O(f6~&50r9TYc8f<3$?HKDxrb5M#=d}MlH`IpkE=G=DnR3$DV@({N
z=`)^X@BWuB-YtH4bMWiVbG?&yf>A^s-SYWmW4r|ZO2QK#(^VJ9Jq)PgdhZvd>aH&n
z5_e;^&Ni&f8%GEGH}wr)3gl#fw3bdPf3+M27dl5V&NfS?ktvgjMJwjDROZOX=uNtn
zyZn<SXmV})Q>Zfljc&#DI&Ig7_rTWCvy5DMTg!_B42I=rmPPe$U2Z9}(Rg)Kw8BrL
z;?vg?7ej`X#VXn;6RV@C+@q$O#;7e1e7~{f8xE~Y#GF>tTB&ei$t!3II&S~%Uew;r
zfek^0?aE}Qpsw;e?Y4V1FK#{_VBFe1&mb8`62Cn<r9a$;ayWWMGhAau*}ivuyT0vK
z6J_lgo8FDK7qqTBx*-kd%eq-^o`LnHYpCplt2;hIbIcZB>SwoX!k&FNlhO8$^VK_e
zREUSZm@y#8C2XJb__IiT?vA>gwqg0dn07@cM}@>sX!r;RoFARe-OJFlb)oXv3+{cL
zY9>lg(Ipro#fy4+px$jqsk}cKqmnhBCnu`(jWt#h`B~J4mWr5Kv0Kom?R|<?rrLuu
z>m#Bs=#2MLr<*YA5$WBUCv>N~s*;D|y|$vuyqD5WlxCig!&s@($yHP)gPRn31&o7T
z;M<Wc&kCg!3so+CEnIrHikp;8+)^?c7l$j+N*Hj{Miv$GLiqz(9BEU-+(v%wc(?X?
zLg{Y2Q@EL<%ry~1tyZl}Yf+voQqB+dyEOsH$;FxU*9|02ZtW<cYv$PS-v-s%@DXHR
zA|0R#kzj3V4;i%)C7hmF#Y{HEXvF!YUz)Y^V=QadkT@k8j-K>4d6tHXlY9fZ9H7iP
zH(7IeR<}{1V~WltDfMODyNxC-cbrKn11>&sIak|Y_dFv~%Di1(Fr~291mE6pD_cNq
zQf!}OhQRfa=oR|JU={gP=Feoa2rKXUNKWyNbe#2b{0Y?#j;|4`H#}G>!VDC$-)MFC
ziJv8{Kep^E{)dt1hYbL<8$>l6TfXqS1;<wz2E-E%D9!L&7{tM7*+X%;TP4wy{wu<-
zR#z&vY;{9+=bEY{+Zs8pRd+q>X!;N$qjTvr2E1pm-d3|wrpHT^lB^*ZU`NNmG4)BV
zl7UK?!7=3ZLS?+ra2xYT+W=~22b|jzU*6k2<t<fpUn;~)s_NQETQ=3c59<oJnTdM8
zyez)`-n>Ov_YsvtuL5SCO<Vj;qO)%EHUE6&Vk+*ANh>l-sJN#&T<(5%(<eMZiS&Z|
z{o|wJV03esV`oQQms8bR`6sfnLiku+xI)Hl&V3PnlJ|AB=uL`DKWkJWen^+WuIGC<
z&qbA%-l2YL-<a`DNwAsqmH=tD-qMK{UD2<uN{-(1Bpp?<Ev1|uVHGVxL`?DMsYI~o
z(xTT&8}cKRRBBQ;Mm<(iaK7V9jh2bG+Zjq84#T0zTU-3zHh0ukqU?CyW%0`mmoCW7
z6{p*3t9r3Ejn%h(AWGLY)G|2AuJd51*w|BHbBwAj9o?w19?aAu>=x&9N^&$dTiZr{
z^i>XBmgX~0cDGYe0u?LGJ@GD0amy|=!3V+VA0!z+1mvXcr`s!S9ls)QAa%ev;VpcP
JR`?12{{h)69~b}t


From 10bfa5d1831df28a52ead518d1a59a27636c9ec2 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 16:58:38 -0500
Subject: [PATCH 06/13] Bump version to 1.6.8

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 6e030095472..73358dd11a9 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "detection_rules"
-version = "1.6.7"
+version = "1.6.8"
 description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
 readme = "README.md"
 requires-python = ">=3.12"

From d886ec68093b2df1796d205a1709453bc622242f Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 17:17:30 -0500
Subject: [PATCH 07/13] Fix event.dataset to match actual field value
 (unifiedlogs.log)

data_stream.dataset is "unifiedlogs.unifiedlogs" but event.dataset
is set to "unifiedlogs.log" by the integration. Rules query on
event.dataset so must use the correct value.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../defense_evasion_xprotect_malware_scan_match.toml            | 2 +-
 ...stence_login_item_persistence_execution_via_loginwindow.toml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index 8bf5378a770..33982de887c 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -73,7 +73,7 @@ timestamp_override = "event.ingested"
 type = "query"
 
 query = '''
-event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
+event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
   message: "match"
 '''
 
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index ff4b7954295..fd0296d9ffc 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -74,7 +74,7 @@ timestamp_override = "event.ingested"
 type = "query"
 
 query = '''
-event.dataset: "unifiedlogs.unifiedlogs" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
+event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
   message: "performAutolaunch"
 '''
 

From fbab6d261c21a2fa50b67277288164dbdf13ebe0 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 17:35:46 -0500
Subject: [PATCH 08/13] Convert loginwindow and XProtect rules from KQL to
 ES|QL

KQL cannot query the message field (match_only_text type with no
keyword sub-field). ES|QL's LIKE operator works correctly on text
fields. Converted both rules to ES|QL with METADATA and KEEP.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../defense_evasion_xprotect_malware_scan_match.toml  | 11 ++++++-----
 ...in_item_persistence_execution_via_loginwindow.toml | 11 ++++++-----
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index 33982de887c..e51401e50fe 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -22,8 +22,7 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unifiedlogs.unifiedlogs-*"]
-language = "kuery"
+language = "esql"
 license = "Elastic License v2"
 name = "XProtect Malware Scan Match Detected"
 note = """## Triage and analysis
@@ -70,11 +69,13 @@ tags = [
     "Tactic: Defense Evasion",
 ]
 timestamp_override = "event.ingested"
-type = "query"
+type = "esql"
 
 query = '''
-event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.XProtectFramework.PluginAPI" and
-  message: "match"
+FROM logs-unifiedlogs.unifiedlogs-* METADATA _id, _version, _index
+| WHERE event.dataset == "unifiedlogs.log" AND host.os.type == "macos" AND unified_log.subsystem == "com.apple.XProtectFramework.PluginAPI"
+  AND message LIKE "*match*"
+| KEEP @timestamp, _id, _version, _index, host.name, host.id, host.os.type, event.dataset, unified_log.subsystem, unified_log.category, message, user.name, process.name, process.executable
 '''
 
 [[rule.threat]]
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index fd0296d9ffc..00e417b59c9 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -22,8 +22,7 @@ false_positives = [
     """,
 ]
 from = "now-9m"
-index = ["logs-unifiedlogs.unifiedlogs-*"]
-language = "kuery"
+language = "esql"
 license = "Elastic License v2"
 name = "Login Item Persistence Execution via Unified Logs"
 note = """## Triage and analysis
@@ -71,11 +70,13 @@ tags = [
     "Rule Type: BBR",
 ]
 timestamp_override = "event.ingested"
-type = "query"
+type = "esql"
 
 query = '''
-event.dataset: "unifiedlogs.log" and host.os.type: "macos" and unified_log.subsystem: "com.apple.loginwindow.logging" and
-  message: "performAutolaunch"
+FROM logs-unifiedlogs.unifiedlogs-* METADATA _id, _version, _index
+| WHERE event.dataset == "unifiedlogs.log" AND host.os.type == "macos" AND unified_log.subsystem == "com.apple.loginwindow.logging"
+  AND message LIKE "*performAutolaunch*"
+| KEEP @timestamp, _id, _version, _index, host.name, host.id, host.os.type, event.dataset, unified_log.subsystem, unified_log.category, message, user.name, process.name, process.executable
 '''
 
 [[rule.threat]]

From 06aa300a356abb4a692cb352f8ad88de037df2b7 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 17:39:53 -0500
Subject: [PATCH 09/13] Remove non-existent fields from ES|QL KEEP clause

user.name, process.name, process.executable don't exist in
the unifiedlogs index. Removed from KEEP to prevent query errors.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../defense_evasion_xprotect_malware_scan_match.toml            | 2 +-
 ...stence_login_item_persistence_execution_via_loginwindow.toml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index e51401e50fe..5584a87b0cc 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -75,7 +75,7 @@ query = '''
 FROM logs-unifiedlogs.unifiedlogs-* METADATA _id, _version, _index
 | WHERE event.dataset == "unifiedlogs.log" AND host.os.type == "macos" AND unified_log.subsystem == "com.apple.XProtectFramework.PluginAPI"
   AND message LIKE "*match*"
-| KEEP @timestamp, _id, _version, _index, host.name, host.id, host.os.type, event.dataset, unified_log.subsystem, unified_log.category, message, user.name, process.name, process.executable
+| KEEP @timestamp, _id, _version, _index, host.name, host.id, host.os.type, event.dataset, unified_log.subsystem, unified_log.category, message
 '''
 
 [[rule.threat]]
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index 00e417b59c9..b3a049e69c6 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -76,7 +76,7 @@ query = '''
 FROM logs-unifiedlogs.unifiedlogs-* METADATA _id, _version, _index
 | WHERE event.dataset == "unifiedlogs.log" AND host.os.type == "macos" AND unified_log.subsystem == "com.apple.loginwindow.logging"
   AND message LIKE "*performAutolaunch*"
-| KEEP @timestamp, _id, _version, _index, host.name, host.id, host.os.type, event.dataset, unified_log.subsystem, unified_log.category, message, user.name, process.name, process.executable
+| KEEP @timestamp, _id, _version, _index, host.name, host.id, host.os.type, event.dataset, unified_log.subsystem, unified_log.category, message
 '''
 
 [[rule.threat]]

From 496e0710ab80d157d05e3ca6a405dbbb6dbf8945 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Mon, 23 Mar 2026 17:45:08 -0500
Subject: [PATCH 10/13] Add log dataset alias in schema for event.dataset
 mapping

event.dataset is unifiedlogs.log which maps to package=unifiedlogs,
integration=log. Schema needs a 'log' dataset key.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../etc/integration-schemas.json.gz           | Bin 7975237 -> 7975266 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/detection_rules/etc/integration-schemas.json.gz b/detection_rules/etc/integration-schemas.json.gz
index 667f20c9c76befa566ed0bf48e2c075c2252aa12..36e49d8aed2a7e4cc3ba6500ea086c3256b8e23f 100644
GIT binary patch
delta 13265
zcmb_?cRW>p_;`|oh-7CKq3mRYYb8lSva+-Hp2xb1Lq&u*Mv@5Go2(l`b_m&#z4so!
zd)xKt`+I#~uix*Fd!Iet&-0x3`<!!c?dSydDEb311mfY@SKk9501E<+LI5@d9D@KH
z2tadiApj2o@FCzh1Q0*~Aq1R&03rw=hJce0Kmq}$Ab=DC$RL0m0w^GW5(20ofEof$
zLjVl~&_Vzm1kghO0|cCbfU^+52mwqGa1H{PA%Fz}SRvp%1YCdsHV9yc01gP?ga9rG
z;D!Jm2)GCVyby2+0{9?+9|8m*Ko9~hLx2zj2t$Af1Rx+l6avH`KpX-jAV3lVu0Vhk
z1YCsxX$ZIm0WuJ99Rg$_;06T9LBLH2kcR*T2vCH8TM(cG0k<JQ83I%wKotViAV3`g
z?m&PB1ZYBl76fQRfDQ!cLVz9w+=T#r2rz&ELkKW}0AmO+fdEqoFoOVd2(W+vO9-%n
z0BZ=afdE?wu!8`52ylP^M+k6&0A~nrfdE$sa4Q5rZUfPUkGa<JHHWM;gp_3u%uHSK
zLZz8xT&Q{94>i7hEBzU-o@x^{8Foyd_BM_QO@Ev9fMctPZ1PD1g^KKn0NBm|EMTzJ
z;an6aL(adTNX4<Zr};aWm&~MrPa1(NFt-tihvS*b%!3b~F#;(tH15wYJRG}J=UD|<
z$q1x`8H_-3oY|FxND)}l2xP_3I5?Ss0h)sFXG8ED9AXIK<2v`=nvGrd{mH>ac8^PO
ze!-RGyhZTwXdxG#h4V`lhCm<ZPdy0F*I}~65*x{vGw*0P8Z$Uc4c-#`cme~8E12cU
zTNhp?uOyoo?~2h7#7^}Ud38tfiKO>!+}3NJ<FL#!GLY*(uxkNNF-yy$c$lpX<6$}F
z*v(tW7$Jfu)|aa!ik@&95%iwC@(o@onv^UW9t^;PbB#e7IL8>hm|flX8@O<SG02Xg
zalg{6f6>J7MPrZ?K4Xkt?8g3+dH%oT08C;GQeayfXTka=AStY80^%R9ckC6H7q2t6
z*MQHOprdh_fJ8_QZ3<YF6|T5ALKO)a>ucQE2+NtPKa)A>lgI$MZ|Fy+p0(J@eLbSJ
zjLP>F!nPVd{T>U!fU{JfbARvn-H8>SrvCP@CWEs)^^|qAw}7Wu#%mJPI<h!;SXVsH
z;I$v2dX(=O*r;K8zcL3u5s`~;bu{)ZOU`%jFdv!wu+72t)Ul)YB+i_~`wOg;k-Yae
z)Q<MTH9A5q0X)&)i0gGV8IJY}AUi9Kfu`RWBlmw24^n$w%`RwKU<6U@6Yj0OuEjYV
z90X0(c{v%oO#^xp2fQCo@;f1;F@!%8?Hg3{zVQOLlrox%I>WNST_c<mOi+QEQ}ZW=
zmrX&sNHdTCplrNY`Gx_0VhWyx70l302?`viT7W}M!7~^dALq+$p*qeV`h+-jkVB9y
zyl4tCV9aqa=3n3iQ;^d58eRQcww&V`N7LP~)s&i~><MYH>)&3qBcx5luHU+6_?hZ5
z5d1s1cB%gSPDWS3<;<QiAQgMYNB9NNU*HQzsv&vsjO;4OAXb1UgLV}>Y!1@Hi{|Li
zo;I`&Ctx3QbfRb)A6SXDe^2cCi-EK9#{Rt`JZ}b`$Nl`I?XlE>54>y!o{Ka`kJk3U
z<*{!vJhUuW>gwy7pRVzdD-HJVPtYC>czf0k?<<&md)At6zIC*e$b~Y8uQ=~6Ar*F=
z&&7X(W}ND%{;CKio$q4!n4xfcM2NJF@SG)mrAk8*?k7;0P$eVdP4Yg8xss;tljG!H
z*qnrGL+W0dNV^@fAl*oZ`~)kQY~3%!cK3W?e041&M&k9*!`oi`WL+wCb6gf_`W9+M
zi}|_k53{WMO|1v>^3$xj*U6h&^Cldaiwfq6d!7*{)DQ;{1<JJqu!gPZF)0@AZH^vh
zdSvVejArkre{K+%a(hFS4-&7ZMCU*G;7{5to!2oR&?J}Q!-jluJoRXr&y0|dMcBEP
zf!FNzEj8`O(St@AVk{`<A3N(kLLl03tu1rcv-iamx4$%2X_UPGcmt37a!wC@jAF`s
zzYKS4*W$=}UUSYwwe);Zm#rGAtHzC88Pzo_Yr1P;zTCNX(j88gukZAvVt;;GFtt_I
znziJ;$*g6EmmpG`i#1M9u`)xb;wpuWcTDMAN$IVRBa>p4IycEv`;$uidRIkm+pMhU
zEUvgWa?WJo3D|Z`HmTcuSPW9K2@4pGDC-rknTfGS$s5AuS^^q+{R?|_>q7Sz^QG-G
zBIt&B5CZ+R6ovidlx+dy(7IGpqH*kuNB27UJejD@K_gOuyvy8oI&}DXi@#T;STCQJ
zNrOWX6}`6GbWV$!>CkvZtpBOZ;So_{26F-YMXAO4o&6;hnN}yVM*lj-g}eEqpQ%&4
zhAMij-77st(oeTa>VHAZI#M)FP8+y<^bb@j)(bGukJk%8#FLrMsq#*Pqg(>CuL6x-
z^vI~p<6Dp&$cd3L9TlkJaCF~j!?jJ>GFJnIUG(XtYp$A=ijL~};Yg<EWA3vD$O4P^
zF<cC^HigZN`R=I4?rN_3;avtDLs*N}MMdWVmHV2gO><qMO05_UJT_m2)603F!VF@i
zh4nbY#p*#nLB6a^u4L!I(Zw~JJBpUWT^9WIaa}NvH7EfOTBEmzoddP>&j|RQH7E&-
zqZv4}yIPsW@Q5|YhoMg+W<|6zdwki|*wZ7r8ZC?q^E5Rw89FSiMUPuvV3dqJBlm>)
z{V5~-yki>oIlhzL_>x7_KCkDa;4@C(g=3k7{g$w#BghNCa0Kab%8Wk^@xUXFpa`5}
z1Cqh@j-cxC%F{*azU+@UYa?MVTaXPoZ>nlltm`6qbTz<uQhliCc}3IEWAVK;rlK<y
zDDI)Y6sN5c?JiH;JOr`Fot8jLk?r(0my$5{X7Y*Sju5Jx{h5MH;3VkgZoXB!ux9Y7
zcFw@%Vp)_<GnWZveqe7cY)UEKk|K(7)$tlTMWYzDAxFD-mP?Nme%SQRc$63Ju><9f
zy{R3iftBn)Cb-WI<i-~(F7cGpX5k`*KiGi^z$7`GjjIk{v;#$Nk9WQsA7oe_*%G3?
z-)lxyc`0ztrc38c|4>_#lre$B4!wVZ;q(O+(%griu39k)kn9FN_@qi|KftZ%^hHcu
zm|tXSS(Gu1wBg~{RR_jxCC2R&aJxMy1mAK%pMXpD=sOBj<aKX3*v<jG3Hvypckz{M
zmM}dy)B%0eqUj5`djt>11c5NP)d6IbKse9~g*=mKWtt2{>V`a<lix_z>&%|+S(^>)
z$wnq--4tVC2oGtfANwK*hcuLp>8x;pn?_)9`lDSU|4i8yc*F)h4idKD37q*NeUBPA
z!4Z9DBjE_LVHXqj!xtUFEAU-gkQmcTZ$miL1{B5glJuCC|GX=v)m$X=ru>)&V*P9&
zJmLg05P0~Ndx(@UE{3@_z<o~O4PsPMxz?3#*$!{X&vYEamhgxRsDKNPdniRNqHlwo
zL8W7X`JOFss4I8_e(MYZINU8O75cEG3wRZ_a|Q{IQJQQI!AdS5U!*HY3k(zFd!lmT
z5ohogZeX4#ia6^ItmF#vV{A_Yi_#jE;=eI)7Hc&sdtiN6kQsjA0<r^}FFA(eO)%as
zu?}}~3}*(!d%vSd+T5(w+I>pI0H?<+N<>cT6Q_gr)~v|&AtH4LSQ13{$Oi=R@Wp(U
ztsHn#qLkqrH&6~|FCuPK9D^zzcYK5@P~KzxE)wS1!WOEXb}Ddt9*_e2>&+=}`$NrF
zOwQ&%(Rj~cM8QiC4S9kTE1jNws~(%w<>TnGfZ%0#$sIh6BbHz6Sp&DYgSP;%$#f&q
z79Md25f~W-&UW+Air_C@q!?VR{h$eHdKg){vi{k^PW7PJh`%**9JxD|Wu#chcmH&C
ztl;_KtP<yfL%XfBI(|L0VoyCgrRkp;#uQy3ezf=bibN+%C{wEW_UXe3Q33pY_juIF
z;AXJT^sw+&f^(woqIGVqr$8*97vl-yOy|Vp%${=BJ05Zp`yF+P7m*Isp0ib-xaVhU
z+81kQYpiVz>F9cO?A?gC6c8HEvu~$FXQf21%=eW%s4;qTcuzGXMBRMea0G`8r3ISV
ztmx&B3af$GGJDs2x?8&Mk1XZfNF6Tl$qqEXy-F8o+i7Uta_>%YN%_X<?K?BYAlNSY
zTxD%2I(d9H+fnrh?J6?3%X{21GJ9dAoiP?pd#{AF^}wwV^Nr&atlzIv)bi}FY>E||
z^rsYwgIwOMTdHTyxOEQ=C4J<Gg;i9N=WPY!9ujwV?Z>DQ^b|XhyUvdF7L+I`e~O)N
zq8X}%`5(6}8Fw)@9kOwa!gX^^`S0m#WXo$-@g8?c&8Lm-@*_bDHxWSwgD&iexJr`U
ze!j}a{aSg}57u-dl`n)fo<{cOAfovX=QGD?x_K4!Dt+UMEZrH3BAvbI$652(nsV=J
zAjFb8?K`%6%L@!gwDZg*^G9jQ7OoMzp1jD}GSJ$V>KxCyc;Q(r%L$M3il2SkvyFB>
zI3=kyJr8S0^VUO#=F2E~ie|EOI^|X_tB`aT;`M|5K;kWNKBUJ+PeA^i8g+M9=k*0u
zT;&$5;$q2=6kY{*g!K$9CEaGZc4E^9j{TU&T7uUnp^{kt6nby}^fpI?)}VYx@_1nH
z;4D^eW#uYO^ueY0=DhI<uGtShT$=Gp(ynPebo<8_xDS!68ISa^5Ze3f4FQQ9iq%TH
zeA?n=6*MMaXq<Io3z1iPYxv4fjBBv%)yao1DFpRzmgTpLuUfT_RP^?yE?$~-a#MpO
zi-}#r*0!}-8yr(NY9!;yhU?agllR}{6l(-fR-mNC$_XY*^tanG8Jf<;9&{a0n$QT1
zE)gZwbj2ZuHjlpYt3I#$c8+siQ@Pu!dxX;}{i3DXW(L3I#%*QCg)H5q5OZtue3VoA
z`A23v{8|X-%gG{M@)jQN2aOXp-ly#_5-9SmAvD&z1?jW8ych?OcxBJk1P{|caI7qO
z40+#6?B8fn7uMWRdRD~RYp7NsBh4Pl6}Y;^p+_8#H1ke3DBBf5#1?;24_N#-BCtB5
zX_=KZQmJcW)z8DA7Obwe*S~MDaXE?;3AsA&o|f=_7ns_=*y$vnp*S>*zW$NoaSB&(
zwOX#UkSUz(4A4J##@)#j+}o4r9J61~Mn}JTwnsP5qBm<+_RHO}1@#v@bJJsVw42lv
znKikw1Pg_%%rDsA4)F8f!t_Y=!)P25qykP%WDQ>Y#h}#m#*K2Ur{%$I#&Uf7H%P(5
zp70U6OBD4d5D|$gv#-}S%=fQOusctCe6xF!?EMJ`-+?oNKfwF|Ic1~|NQTn~ZufDb
zF-F+d2YsT5ZpBoE!FPSY^RR>u`cAz&E_?7ZEQ!{{(Bxm4_}!t|UY8h7>D9m?J|O!s
z;nl)Lj0pv@k9noAZk2uusJv(UndUFxlCU(7`;FI6{aH)n3t^4=s+h+e&NQMCvDn}m
z+b5S=s-jJN88(K-`~~fw_zmYxA`_j#P7@kNvcmxp>)z%};rW*nFJ=m?t;yTXXJgo-
z=;ED8$7TxxEtI5YKbRxAMY`U(!?VQW@-DsF?CZnBBn+Duks!au#=v>bp?ve@HyIRx
zqqw`{E3OYacIM8m$#oURe{s#-U7B#eaX5ID!kTN`X;4En)_jodkY9@<px)Y}8BF+O
zvv|rmTU|p}v>^>Q&(2#f;~KZ<7ZaIv)0Sjq%}(?!bs%q$I6aa0<Whov;sqD;$?@eP
zY&WF-zP)=+Q(evSUFU$rEKihrdX3;k_ku1u68ZS81J={voR|)o;^l1Q)Hn$RN#FyR
z_&&&tQ<)*X7LGyB!*=&UBKYookbuccHP8&jP7`!s<Bixe+mApb@uxIz^(FVMUuNqp
zoum|*iGi_vK{mL}7u_X0Ul8ZmD>~;ISjiWCgY?7~JcASeA$Ug$M){&oQ?&RPhItxq
zC&}fhk*Et9T!qp5!KVV&h33yUxWfr(9r*2i5FdZ0V?OoHvJyf9Ch-I5@YiGc(zRm9
zTOPs0exT$resi^9_?{m~3)}gD7w}Y5GzJN?0CjlD7o@;<zSd%)c)yS9G~DKgep>wO
z2NEE?ZoaxuDNQO08g9Oxs;gd<OYOb(<rahScI&Gk?byCrh17$soxG`ytaOGFO?;Eh
zk@u78oDZIJxgbRniL<gZYhAQm@9}X}?Zu3@r>Ivf_>OmpA4bT3A#PS{YR@pyi?x(&
z$7Nz@pUZL!9T8IJC${wCuRg8+IOp0OCjZqnJ=)g%!==_2aW%M>6%m>44rS#nx4Xvl
z`N6v5xe2jTopm1>m^pjiF{#%AwbDI}%2CWsrP4ajRa<H^OK+f`<ut@f6zTID9P16-
z_9w)ddyQ%Y4&vlP&TCuBjl}Tc!Akxh84Dqf$m%g4OVT4ZkMLl<J$3|xymiRc=Adk<
zMT77BNVF<U90XFT{?NJmHO&l?Zam9(->klxlM&)bRo&wG1LU~IAF&fH;r(IyRq?xj
zG~ma2i*`?i{48c4U!pj`x<I=5aQB_p=y&pGX6Q&i>VwJkvlZ!)(@hdzu*6#2d^Q{?
zC9ppn;X88TFCenG<ip;HeUq3+^zGUa4D$A#{asor+&VP)gAY>%px+3skZwQRyXws-
z9vc5%ag6ml$@|TiOW$2$D`(Yii}G+MibDqFpFceYmW<d=pSL~l^@+ubv<Sc7&$?RR
zqVwC2SjxC*#T=Y+jlSY;8l8AEM3R>Xf}=HV>7DQ4I}%D^9!jCNxO}&Nz?Q2`{>Bl4
zsw+7sIgSxr{SLnZ&q-N)L4cX+>D^oRCGj!H5gn<X5ByFi(BKdLPlc}toPh4u`G>nk
z-^{eDUmW|bc7zC?rMGW=3Fxfu8dYgUl)>2#Kyut8eHsC{1E*n?N1*qyxe=^kSR)Wb
z9@|**S%j}WKx1BRZwuj@4?!eAPrqbnXAHMJ1n*PxA>J+>slg^B=D{FTRDl0I{kv!&
z053lRsVoVJ|A(gjH2FQTZ%#0xBmZjU?xz~;gRgOZTK^qT`TuXgsT%C86R>6=x+LgA
z(7*$M;4S13((QjY1Ws>1U`hQp1T~l;U?K>n#teasdxEs4XGp!TwKVDtkst{c`BfYx
zNtKg-fTcKA#yz1DUXrS-$4E(TUgbd}gvWwTC)TB2v_Jy^81WdSvc7rsf2i^gn`7VS
zQa?6F{+pNY?*1Khl!Z|{_Q74o`w#J07^Be0(QA*D3_nuwqd_cOg$}90!f5xeYjq*~
zr^(j~0Tb{O%Qq+Az4;t}c|Y|G+k-!Vn>{Is4Se=7=!aDdCqD-7AwORA>#yqi-1uwZ
z=#+Udi~hRy9WNF}K2Nop-7X{EXKgFS&PvyC>@9F|SA*#_6y_EZi%!p%2OJC^4$g;U
z*;u$ZI=xoTM+tg()sso`m(A$4eyl8EYD$dRkGsv@HMi1oJcVmly!6pb-l}p)Qh2=b
zBDaC1D>19OE`OOwDPg*Yd&);6=UqgFME~yP;Md)ZWtX#@0_Ud2RtJ`)b&O=#5b#I{
zdIxK4W_J-OiyLgUF)hyT@137>`A!P1qD7aoD?6Im1y0gDIPnfJz|Ot*Ny6&Pr3NQ_
zldx!6^y6ZK#c968#<$u$l+8GfReu2Sn$$eY#Ks`DOKHuiyni8tr2-hP10zx>^x1WV
zbF7%R0BnfAw0^hyACmmx+wgmCUsE+wiB>Yc7D26Qf<f+bMG;KgfAbfxu~O+RR5HHw
zQ|%7~(4j#aQ~#FS*j4i9-<`r|LqSpz>VFl@v>0ReHTt(&eJ>sFk37E?173OtQX=oF
z^rD9)gEzmine9?~^Iu3!RtuUN6!%`ih&7M2_u<@CmzT#EIoZnX-Qy#x!*=GEG#%F`
z2p1?dwn7>l<D?68)x2pBEtj9%%txlj=A<EahS$Z-*0pTB(+_q_dQ3Rma$F8N-6iw2
z*7M8~Wowm?%kCQ8OU(@Vb~pFpN7I(h+iFDwdq)Ii>yLPbin0Vw>VF!^I2d*Iv^SJL
zIheHDIH72Wv{ufg7)<K#t5~sid|Xx-HCq&`yQtS97W}E8RxP!EtHiY5a#=6EtmDr0
z)e*D2M%cOHM#y{_-L+iN@@I}A-bC3Rmq#?3>sS%@kOp6#Bg-~d==CaU)Cy!JQ~OJb
zbTay16h&nBzu4~LyCWM*K5jF^pcfoVJU6=B?X}0|{UpX!nbUkPhEjZU{7$~4YU4Za
zUfmu)SBKmT9rAdoBG4^V6p<8|_rTh_yPqI7q^_l-d()yKYuiyLo2_vnO(o6y!Xv%D
zB}G}WDdbYdtl+}hjTnK&B~i=4CZ$+c;pHAHk9RCG6-p`PqFxHu_{%O&EYjavD(ZT*
zD{@_}sn==avevjImepk)(IHiGhopmrisD{1dCzxpX)apb=$a)Kx2@=>W^~M*P405;
zuiY66zLm`#-mW*RQ991O(%xnf>d!S*AUNSnS%XyAzp^>#jKHm2cs-%;tWI9IyTX~q
zg$+S0Ahz(B?eNgfkfz={o2cmW45G)<zRj_pV^6AkQrea+YVW=Ot5u>9kL;NZmkxzs
zM4GOv<BX+{L;mv?1(fJI;={|`neHR&gFUf`{G#O4dYfQxF;*+Lo0%)6`?Bkevo?Kw
zss2d${?lpx^1GEYGyb6?J4I=ug_INfc5ki+vR8(LG&t?Kl*RfZ<C5#u%IRFaBfZ2}
zh^Lpz70dQWCqFq3bKmaN?L>AcIV-Bf>mAhT9NbvZvt3^sT9{9NBfXgFHQtLd@7YMO
zmw6?*>yn-ONvF*>(Up8)R|WlE;?eH5E*AxI-J>Ev%hmE|4Y!BVg$mCbFCDIqKWHS0
zU}BR|2~MR|68grtsMFxY+!=9Go%cV8d)f4jT%y}i!8~;O!qrX#Sqm=C#pz`_gYz>s
z>aJy_{aw&BUMER1(@hzSP6_1#<T0ZA9f*E~;+|0oB18un_98u_F7M_a^pg}b*~kn8
zm(baZd}Bx!*P_`Y+$)sZfqT*ijL1+_YBecr838iDU<63=^$YpUa8j;*o~&M*D@ukZ
z<Su=9%uNg4*9}Q5e<89MVHM&&cx)AK!rriqrho9$LY<3XQCaTb<N0rFl4d5f6XF4a
z&FTs}?%%<EP)wPp?eQ-U7*&`%62vF}V2$y*^&`#qdSl#aOR#Jt`r+VCBsx>f7xJ6`
z?UpJ;S8!UoW|)_ldtTct{mOG01F@;?s>v49)wqb+!*)a8mY)1oib0|p&ky_im!~C~
zX`oUfEmzUtRY%(Q+x>J6Z=SH7RZWhJ)-<t*er^0;<Vu>K3jXU;x0#a~pWsT-6M{Tr
zRZlp+Vkgne8`mQ+4z8qq{?U?O4I)R&XPA><Z5X5?|6CNrMy<Lgy~F4gT6tYBiMxYR
z)eV+}(JyQ7!XU2I{z6b%)1#=Jr&UTFE=luLD5JfwWw|<T>i-}O9igw7<YXd)W7`LV
z7EGK36U(RvTc&KTxn3&epwke}b26HKkJiEd?|H!$<zX)?)B}g2w{D7iS<K_t8_#|{
zwJ`6l(dR^JbvT?5i+S503)1Tms`F|$*fG~c{1-VlUIJ>|4o;%|J^1&0WQ9tP$qI!z
zoE!J~`@H&gh?(AOd_$)#3tx;vzt*sh1*@@Q;j_``U)A^GKyPVuL|Gvl-N>g*7wW&S
z>bHgJ+z#fF!~~WV`s*zGen2j0ggaEq{q&7GCUjv^6UK@`yO(_iRv$$_cmA(duk+tU
z|K$9?u73LhJc3S$d`c6ulCPEjb^8EgMT6I1pJ(84o%(+lACrgd?ci7#(?9!5rN5Qu
z>m0yO6Xl+u%O`W2=wCMt=ppD%dL|CrqlW-yj02JK@lGYTGkl+Zn<@^vKX;!&%!c%9
zs+i<(f8T(<P5TgW{HxAjUvcxk)_6EH0qr;Z1&G4IPMX)2gO}q$3JTnT$RZ}|fbWw(
z9f-aVULIG3&&H$wEb;aQ$f0x5yJ3s@3ml}!`xlZlf4x5xZ7b6k+~4&zncwp(pfeZ2
zTrU_M?Eh>tcG(4Sfr|Za;E{Orz!Q~lqP-CPy#6p*kUxj9;?ciHpmQKJF#Mk`IoTf>
z6#T0=zcOI5{zq|i%|$5VidL=d_)Egzc1$t;FNq)v;zHtz!Z(BZ8*oLx*sn}*x3@N~
zA5P^~P3TOQOBd%n|GJS~$YQl!ixRe?3*IiD^;n;%lGyHN#vXrp?<#gQxv|<)4J8xl
z{~`~8Qzy=yzRvf=?966&S@BTC`a-6wZH33|pceNxb~{o6<D=@Y?Hav#v!fMmk(^M`
zevdEyq<3o3h?m;GT9orZ4#b+=VdgdCEeoOw*@}n~Ec?*uCOhfv@abGV_xjWHK=<>v
z*(pLY#k1GBtE$#x5YMU_c~fd0l}#G2%jIqN_Y()3hR6z7f7&@4cjB5fQkhc7iKx5f
z3dqZu72~3*tx!yDvTb!a=5ZO<V$P&Ioh}E#p~vNTD1PNr^$f?rI(3G6G2-65<=Otj
zgQ%d>MaK`7%8ZxqwBvsC@~fqE+n1vCa<lE+ArMDJHf^)?n4PR3RHBUzU*eBmGnh!Y
zdES;#=<-QH;;Xt<O;Ulq4oHER`NOJ~nkH%97Qt*D|E<n|(f*6)E#K^(^9Ba=Xy0sY
z<eeiU5_Kuj7%ZqC4b%T3RzwsCBdz-G(oL&w+HHk!>}{Z0%N}vgSj)fT!m&BXELi|g
zy)Z*iXE7iymvkS}i&kYaSPB<gbDIli&SzL65~bAy7PB`HMTN=RWJs5ioC9tfq{A#y
z7-3pbikrKhd#UT%{N=qzw)DOIXB^^$3ZUh-T(=iTp45sT#>v+uj;#-;=PJss<+g+@
z9H1r>^~_D@r(ZFiwqko(g?y|R7m{&vp{8C)XbX6!);bwSvEQc9#=}9&+@vroEc%9V
zbspt<hf4G^vD)LwUR@*um4-^ox%359250XY2H}c1tLLsdf_g^tvnJuohmQyNsWhVN
zTde}pOFhrmhK!2qh&_F;A(oeR`QT6{C4~FROQ!TI`FgZFiIenlhgy}0>+BWu+LodP
z^qRz(0o_uw3F{x+&AyTKwq~Mti7Ntzq!tr4KX^=uuF<<AztPJg?!*JXv43gp1rL3>
z_DlblU`o_mYSBLZhoj#GYxJmu&8_6GqDrSlCHmYpaG7D`DWX3}ZE#OE^I`W@%a{D^
zF=p}wNEXfT;hq?6OZfs8P14^b7_wovm__ivY>fTNP-cVc6&QozYlhEkwFM3tX?me_
zi!{VnPWx7XNvY3VpKmK59R+E`8R(IkXE>iwTqj7v={RbBuRwyK5@#m?gTtqi!Be<;
zDL6Z?aXR3W$sidLLrDG9{KK$PfnY7=H#ffty<SngKWY9)knhqpNb^ihTA{>m%9s?;
z<Og;0dp2%%!e{6{z`?Wa-};37(YGy~%=(D0y^_%TK>3Gfbc&_jUl;P#>6CJ@#5hU@
zsaJSSlPNQ_`?_Tkzq|Eg8|Q1nOmQR^<>g*7OB(;2h-DE?V&C?k<X;0qsCcgP$H4qP
zKc=>#l_XjJwA$7RS^V#`VT|n$y1&37DIodT5AM%U>szmX4dd^=Cv8O!V9^xtG!kj?
z@5$BB3VFGSmwl<C?SQQ;c(#fK6s3NgR=m<#%(&m@bB>|>V50tbZO+{yx9iEhsMyl{
z+z<O5aZ&+Z`>hkBoR)iW<bi8qIvhle#p^M*K*iMpp&ri)7TWSA)q@p<IgUr-oykO?
z@&Pi$BqSu=+&+lznOmQ*-*X&G_!QsH2@kJ~`KGS?m9o#(>lxD1uh$K%b?zunkROT>
zwpiPXDa7Zw)fX40Znw{)bn_XJ7tAdw3-%tDavyfbY~5eyo_Vozf)j;15=-7~y4hQ$
zZeY8-^YkJIacCT|nd{&_BW*+i6y!DIA-9NplzcXWkU=YewG>>g?Jx>s24}}hE1Ddn
z<(JvzS;nU)I@O8SQ6$pwdXCR*>C=RWvlt$i55^K_xFd1X!R65_?IMrpF3d`Ei_;ed
zd_1Tgo7TUx;1=PkQMsP@l=wg{w{~vf@KxgYM90RuaJi)H>m-%iY!@P)-nha1D(to_
z@^um-FR9!<;`ZMX&_Wi>{8JfY`&{kz(c$mLKYcZZ-)PkOto08U_@3;)f_>9hWV?WR
zbK|?M*^flfc@!o&{UZ$n+35}1uetsVcY}FcmU-Ou9|1LGx268h;;ZK|nB+A`ie$Th
zEd3Gsx5$}Ed;c~&R{671KccfnJpHea-YxC4;@QvTLNU#1Uq-z+#p?P3;=`=M28_c;
zY1bC5Vy>whk27#0D{Gf4nkn;B?3_4X604>7?*~*TkXCk$1fqYZ@{cdqsI+1WQEla_
zOM9l;%4Qmo->5O3;h-jzjwb2YCTH0x<04vbn7+#I(3s9}QWIv!kds`mRttY;{E#oG
z36lyu{aqjV&7i1b+vMaj|Bk2iM)0iSmTK>Xht*{?!M%fmD=!9KYZSQlrFj!J#!rvR
z2)7-`(<nTf?fTL+`bxk|w|7?dBbnLbK-S)ZaY8Wyy@pY9zPY^F#X3gL;~_?GZZb?Z
zm79-P6$TwXUF5Vni0t85SlY0S?2bHpVs_Cq0a-`w?`pKHZRI2wE8k(%SJci3y4_4^
zT0oizC{_<o<%;PR@mZ0)?xRsdm4CKrqHGwh@kYM*^m3A+K?c=PPrs<7<X6Dpbb>!(
z=gVq0L;vHO+r%La*W)^}72c?&q$+>BFhl12NLV`VrNWyJ!sFM_Q0WJ|(cT$(Lo1@)
zGi>|TdUd9|WW@{JTimIX9|>k~)~{Gr*k%4A@1vz3?r?iLdi|*-SFxn?yV-sBgjc#-
z34a;h=H65J;TYrTg>Gs#<s&J+GNcFXK|LciYv2k`g?ltM$;^E|E2Q00<+x<;x?KD8
z$vFp(dK8Z6Y$E!9AXI)eEVK?^x>7grD>4Watq@utIX(7|0kfN)PsYFv9{Kv3ajQjY
zX^N2QbT_<|HNM62jqRmPp&~clrp}dH{b2qmLH=|Nk7qD=G1_5Z<Y9*3LnI;g<4oP8
zFB!s;1&B$zCm|HQp5T^s2=@>nNSDPLGoe$&rhpYURF$SXwdVg+#x^Bx$TaZQ-Il<z
z=2c_+paP`CW_a)L;D%@{nVkA+g#&Y5K~vyy+Xb^|(O2^xvFE(>l;6}^=w?h6c?;ZN
zshJP)^g2b%pctUIZ@0>|Xo|dik1)L<4NMWV^6(m)Ofe1|B@~$3HEn!cx}RA;rXRzp
zUM4DSG`J()gM8_Qid_%AWM{PQDbR3jgs^*3g`)Li(^4!P+#m8zT39yz(UnAFIB@Oa
zT>d6WE*?q&+&ZBs6~UmuD7yt(iKna53_^M+rlRu}(F!usg)I}rgvc-A5rwf(IC7ii
zDSMe!s6u#|Y>Hx%_Rv20$JURTgNy~0NGSjMvbg_#F%h%O9r2m%l`^mKv_jRIZg73L
zb3w7vvt_W-tqU0J_J8SGcs}^0u3jf%?>JW<@xn}b$KqbaP;zH}YGfAseWEg5mOx`T
z{zV#@?eIwQCc?8Q0V#ijbp#LnugkIZ-QH3ASq_g|ItQk28uCicBtFY#pG@!OkE86t
zr5F)B_<U8lv%j0@TsHlKz5V2o&+Fm79km8URDM0t0rP?N^x@-EJ$3?devVE%Z7b_7
zY;9Ft)Xv3KAvzOj^!RZNBP%tz*Sf?N89ET9hp0Sr&+t!_?)%8=%ddn6l*e=|y~lG+
zGTz_@z9YL@`ef8d5dGRxFMo<Dwo`L1*S9!(uP5g93LO&H$xrwST|)3JnN+5aBr|x<
ze!|s>!qqRCInK24zsFuVKOM1l!=1SzOjkBLNxg%8T9W<=?idy*LI0=G6}k}_UxeTS
z5-ofBr$xlt8Dg|2AH<oE-@{;{E=fr~f61yXA6Ns@D(q|z?G^3I=q8Vm*9_12PZ^Jx
zp2?&R*yQEn-rf8htHTuqg?F&UUKJz?At#+;)C(e@4cdxV4Vbo`-7cCpkimU{y`+OA
zdaH#&M2X+p5=r2G_MrC}7XO45)jXM?3|83e@s?DYv|QHmqqK9QvojTM7(J^)R1-)?
zr(iLpTXG#vmma$^v=Ia5;kCI(bH%vuDFmj7(zk|BHgHf2a(ZcVZgM}<netiEjJo*z
zrh%8ua$BhWg6IdCJ@-8<b78j(3ZzbXSc-3eg};B#sh}2n&v=AM_+$*OrCZmzIp>bR
z2N@xQk~@l1C2%cyL`91r0b_j4L;_eu+LN<AIi78&5`<eu%oQGh00f9CPtUG4=D2BW
z&u}4I;c3H~n3y&v4_W8Oh?Q<@ZcUVqb<?A6Aq@%{Zvii}JL<Y`xwwqxEGkd*%T-gN
z+;r*G{FA-N-drhLT?=2rU-WD-5IH{SH*QyGF`%3q{yu3h&b0C%No(V2N~hhPt2X(@
z_DKc5uEM|>E#=DlAxoC?f_1h*!&In?-iBgRwl}v>hr~yY93EmHxxJ&oC@S>;_x}Lb
CO`P5U

delta 13255
zcmc(FWmr_*7q5yOR0Kp6R7ycb8bLx*1q4(|rCUlQhxAZG9Z--Kj*=n>NOw0PNQg)b
zJr3PNcib6KU-f<e&vWmm`@y|>t>4~zoqY~_92y!UsKfmO=>3iyY0q&7AmAVb9D)D>
z2sjJ@gb;w!5JA8Z2sjD>#~^?h0**rf2?UTr02u_FfB<p`I0*q15O4|tPD21C1W-Z1
z83;HF0p}oq8Ukn_fEEJiAb=hM&O^Wj2w;E!MhLhF0hb`)G6XO|z!eB!h5!}_V1)oS
z2w;Z*4hZ0c04@l)3IW^@zykr-Ab=MF_#l8E0t6u7Is^zpfDi--Lx2bbh(drE1l)jt
zn-Fjd0>mLe0s<r<;5GzEL4Y&_$Uwjy2)GLY_aHzP0^}e-9s(2~KoJ7&L%;(FcnASX
z5TFbJDiELw0csGS4gnevpa}t55TFeKIuM`>0eTSd2m<sWzyJaaA;1U%j3MAL1eid;
z69_Pc05b?MhX4x*u!I0B2tYu9H3Zl|fGq^rL4Z93I6%PDd;sKpBskWQogrJhmjrl4
zwi^VbUgk|UQc!$w3+RywJF|X5p#AK^&RTCsRbtOn6^;H@L|Kd8-9++7>;r{eaO@-S
zG@SkjB!c}Pfv=BbXN0fO`&Qb++4>;G;ng=?B=AiGkog#8GT{>~(T<a^4#SED;8~c{
z06YpS;08cTprgbt3BF(eQsEV+3GFr%nxbKH1CR+X6B2gSiKkQJ^Ie3i^ueP<C1%Mh
zE$cUbX^4>1i*ex#o^S9q+|{WL=L;&P1WHy3&Y03wJp7bEbl&MflyX{HaZX@KoJBJA
zlsBIA4TdBhGj>pX06xggaf$VZWNpp+L{0BTL@Sv)z2`Kt59d|k&VFZ(EE*Gj9`ZIp
z=T%5Sc5BnS_bpDzVl7dG4SZ3$=QSEAb0D)57xw9ezNPbh*g0`8_>CdRK}4D3!fCKY
z0LK`DTt5Vg-vuHVV~Cs6ydg+RxaHcgdhR!)69K$n2%aJ&?kV6_ffbBEYGluF@l0$Y
z{cuhZ8;4)h(El}w32hpDWp%u%CMS!H%}GXeRX?c9rm8LQmdF;@-HsEy+ua@W>Fem8
z>ZpSSmLwwwVge66?d7=XO2}mcR*lX+{$!Ya;?*!QQlIn+L8BYD<C_;535UE6To66s
z_4vT?I<*SP(KMc$I^AB1G2Msx++}qsev%J8-5-pL`HvoQzj6M=k;8wHje#QuwO2Em
zD+svVj-MxJ;M)2;Bb1A6t`PSPV!%_LeTCJ{?}7qelIWNb$~(o*i|3n9+lY+MlxnC_
zhC_yWYN}m3hI5=Y$g@wLohzwq#tXH<{W@d2+-q<g^Bkx6y%Q8`upX^yJv69e&ss|a
z&l!UZaH}y$Nc4hu^bEQ`5cW3)nE-*0b=Jq%-~eOr@(}?b0P&t?nDUn|5#jKy>mT{y
zDqL*%V~_~=9*Te~jX^4d_yB#~)2f8Z?n-3`Q<F#IaMAAi-_GDjo4fvY)m5wGGz9g(
zlla&Ar(C+8s7G~~$`EuMw7Ws8K=c<uP<CV=lUhmGcsA!IUO|=tXPJN(;5ifUD4{4n
zX|XqqF#+k|N)wP6*k~3Q@hSaBLAcQ`Fv0{cJjP9=>Vj3n_{R%KSkDBc2sZ)G9a`MC
z9K&0T>o2_Rz`)ri;CXy%BIL%1zz9I<F8=L=z+pTIviTNN5MXbN&>|`&R*le5;{skB
z)UP`8-(>8NUi0j?#$=9t^Q*faSEDBy>lyfIS9!^FQVhNl%#<+$EXrM)?YqzNuCQ}T
zL%xX9g3&`#`ii*>Wk?ES*-^`y$iZO#@|UvH(}>{vjLNca9%3clSDf>G!lG|a#oNin
z%i6crqgpP3DwxeJu;@|iEPywC4UN@oicf0vuKJkDd4Iw9i2KyN8>^*|*~kn|Qr~r2
zpr58Q-HTf{-D7#0Ln5fn@zHEhe8*&r?P4D0uuX89?G|S7EAyLU$mByQZY*ycN#8_V
zl;Lrhx}&*dm4|zNX6p2NT0$^mB|7W3<a63=rbTu5u59}0DY|hOh3bLaFSLbc@_okI
zO}19s{A^a7o|d!mq!n8!mYT0bc3Q4*4K{XIt~h?}sZdwnz9!-|_|Bw#;Tru%-=vQu
zDK_`}j&kJmY)06kNsw@p%s48P(^QT#7>bNd<Pgf>IAyn99B4`PfN+YBnL}@NJK$wx
znKP=iEXLZegw>-(V`XD8jCxr}|7GL|#$nWAwKc26sNb@^`w})>whL7tREcm2__k%H
zNMmYP&wo6y#Xehd*1oQ8Ne|T9`Lg)9Cvh{z&P7s4QXa0%K|YYQ>(zA}DKyU2i_Mhh
zYYA7&iDLIAqS6*L%k6ya0Ads4B&Hpnw$@5T$kuFqaVm8c6YdP=p@nkdvY!ccrwKg$
zXcFsywTq0wYOkkw+bDDkv~EU0i(tts+I-BTj#*TkYWFzmLMv0<S*Ngjjxj}kBvO-)
zUJp<a-tINdMJ~sJ0w9%=9=7tS*z28vr4DtoF031S!Gu=YX=){v(~X6r&zOn_OZMo~
z&*daG5&3Aa=PsrVTE@q8YIPgrzshr{a*9l6|1|V+)%v4a8f_v+pU>Wa%Va|R*TKw$
zZlmDODoqKk2s#XjziFzUiB{pdP&sv1d#^*jx~!&gKD=lSUV;_OL55?EPYm-bDmz&O
z0^wG3P#Uj1Ot`tLJk1U(n&X~Cv^mHwy!lyqdgYsMC*C<nT`fILS$WzgPhBIhM%`CB
z=u*Q;gQGcz)jZg4hM&LtL)5tyWG<-tMCdXcX9F@HX02U~fH5|pNVqNTwP|s-fFE|Z
z0cBt-8;}rSueEQ=Du*!^pg62+36hd$de3%#^L=zT`(5{aGv<O*8ZgolWJGSMo$gDA
zwSua)^?EkK3e%0TIS#{QVmr^+rLkDQ!c}HkQ4SSev^!gCEuHexP_NwXR4#4C$T1tJ
zxJDDhi9MFo-Zli%#b}>%%@!&@V}G^ul~yx{5ml~VPu<KT`-Rb-I{77&R;-o^ees8n
zp$R)D>z$r8p*|Q6aU)(A-GjLiATKP4z`eqqEf5>tFc$*k$IH}&t?V4=ldzr@?o&Y+
z0kYzi<V1^L-RN}nX_x~6URTEF*tmuO*QA^UTuFU&`ObM`n;A+q?5G+F)|M6(dOV^k
zeDo$%9glTNm@)8?M?RDNu*<+;-zh<})<iK-)EX$)Lh9%o_-sVNn&EnIl(g$hX;*Rh
zf;A`syIO-}z+&d55FCbT1b7erh5(5Ow^N^wpx^}rNQ0Nz@dGiicZ*@e-yLqS23f8z
zHGm_rC`Kly(DF&tvgs!8&gRg{G&-3zH1JdXi2mZ$jrEpM{Y4HCF1tG@qBc02GF0KI
zXL_Fp4z>Wra2rWRSZdxq$OS9f;9m1V7Pxs|v;>t1al4B?17Eeob<+t;9FW;?y{%~c
z=5vs5sgdA!(Cz0AGQs_}AUzS?1?(VcMg#oK7Q938sdQw3lNlQxWEYaBbK)sc(^>?q
zXOH_>%CZBQ3AJC2ZneM*4&Y5#*B*ypZHP@L7hbRjZ@^V{xMe`!&2_d^g@f%tSt6Zq
zETmRZ_`7!v8`|<8nP}}T8yf4$3I{vjR;|h&*ZNM1;aIZYWkfiZ7rto^O5y7tB`m+v
zw3Y-PbO5>V^$uTNyVm3|jY*=<CY;=HS?CgdS6e@tGA0x>3U=2%(bnwyq*Gp48wOWA
z1!)LdznzMtfptJo5WWH8x(I2Qv`z-QgWwswOa(VR1up<YoU^C)KEb*mcpaX93LfU#
zy&;DXq-Bp8$4tJ%P?fg(>0QVTQfpu{pyVcg4K?2~x}XySZC{IB-5zuSEH@(HHb+nn
z=5oYMrgerLJr6H{APZh*B3yi3KB@t?ID!uj=N4}J|Ko{l9c8B)T159$zRPeHDLSVa
zw#TaGpKG{LDO$|h^MKv|jraT*Nn;_a1?{XDjjJ>jhS!Je652MHX#7>8d7~$TSkZ|u
zc`_qMo~T!RtONsPZ&ePCb9yn_#H{up*&jY0NJcqnm|cx+xhxwiT`O)nkZdx|i>2)v
zJgHEbxA5QvQWHQsa;@Io+O%4BTG+Je>r<7IvR9#r@${pR4<AqMFiD&?Npvpd;~3&n
zn?ve$4i77-Z>c^#Scg@ni-_Dtr4<Dz4OWp?lE1Ob&DRwWPCGfp&;D)tQACGx{ZQYs
zs=CejE_RO0^4p@}o95cuwt-Bi%N-I;Ha4d<Pami+L+a=2Y($KvmOAG(jJ;#A?m+hq
z-pp*(HEwD_Am`gD(FNGW#MWX=ot$x;mc>r5QmSA~ejz_IZ`0VN(_toCeX_<wo_2PX
ziJdho>{@jLf*>DzM*FE%qpd}6hXq5~VIF6-{D#F!U%&NtSGN|~a_X&4V&{c#>8~i1
zrmVZlB4f@Ces1wmU2y}GEI;h>`Da=q5$#89HR=O6ljSJi8S=5o8?_*vOgFsqU$nzm
z-K5!wL7#NP=vb+Z=V^`BX}Xkwfs?jTwyu1fv#J8HnfjNs^^X~)ZMUYtdv|#Xmw28G
zjDK=EHl8R`OV>!TuDi_oTJ#$2`_7ysgPat!3UXvd@sy5y>Zfa3X_mrDUUuv?_Jal0
zS31aA&@nqJ7`CqYut6=Ya;MJfhc;ES=3j>2zi2mHKYFBIvR;G}HNk!DZl%$17s*%f
z!dxQey-zG=YKf***&#H~WaE+jn&XXvOzigU#Jy&wT(jchCc$fO{JM-Ewnb0bNmY7m
zHSHmfrVgnbAXC}9vxvFU6l&EWN`h*&z<T$r-_}AI&BiLMa*<eygW<<25$zYtD27*e
z=FFB`g*9xSTH5nXZ8Zzh#wh81ne~jm=pu@eS)@tXvHHSPSBTh2Hxau!W8Q_4#99WE
zVQa2isP5WK*K>bLMCR{7J+}h{$_OT{?2?dc<u{n)xO}O&obHx(z2uFwdrI8*q&cEf
z#Iz-%yrUzkG?i*nUtObjhI4?$m*L#K7D{>AfJr%>&|W%g2eo98oRo@&8VV8-dFApI
ze;-r3Sm`zTnvA5*mOa*Me!|-^g*x9R3S5@L0>WKRCC$pLzEZ*}w%ti+8WI+5Le(-M
zBhV?`bGxLiW9+M)7$Li&7U!a_h*Z;}OqjZluh}PTIPCPEedQ|=QllmvjMhK}5JbPg
zFtxgMO^aeWbZrgy^rPjILcdfi=PK|(6d#uLUWtu2EkDy=U3naBw3mIyr{1|CA5K#*
zn0EXs(4Db$I$6|75G1O1@s^ynnn^@D&B`2|IL75b(tOaSiiV5mU&NP7m-H3EnA`O~
zNU@D)v8ltqoPT8aA2H~IWBphEtN?Q&!3&p3$1M7<qPo-Ktgg@;^QkFcxlU;9*?*qD
zf#fF<a;Sq~JvZDRj`rFW_I`Ml8CGz^eM6{|RTyPmgm1cmlz0WvKLg;MX*X`l4_|cy
zFMrn_#VJNi(ak;|;5avs7S3`5NrCzN&(5<#-{XnwpF5{7l;Qq-#T7yV6<SxEw+>dg
zTYjTnw+Gghy98?IJIh+>l>Jh~i&_(h=cz~T*;pm^eDf*iFUH8yT*MU4Y@i=&4d(TD
zAE^^tlhfd{NtG*2zMd>-uAw1m+gmbr%&6XY;P8gv>|6DYFM_tcO>(^1gQJ_`V5k-!
z>dwxZ!-sm8W*u$Wa1nmw9ltd*b!U#$y0`1quEpD0Z}UW*j_lmGn;l=*nh`B4j`@n@
z50;F)dtJ*xxz$L$uo2lp*@Qv#(b;HUDd;Pe7?@THSCP+|a%YP|Q>C`uZ7u3i+)>M&
zeA#9DwP*M3@!>$9+Uw5An8&_ay&zaNdtgvU6&Xc0le1tYtU7=>pUjHJc23R9zMwO=
zlagp>s@Qveo32!zs*d9GG`%C}1&eurSAe&irsO*Yu$~7<51;b@&tFoN(CK98#Wn)*
zm67yhV(Q3CWF{@lJQW4+?L`6_^X4|{0!obFSr70g(M+<uiPS(AjP(G;h-a?YcQEC}
z?*^sS!@-^)8yw^bo(4qU(_T^wgsVMppRIcyAPwLmCv+!=4$krb8A(fQg;<oGPmz5|
zd#rqo6(;ur&k*ihZkY;)5ndn%9OMO(;fEuKWg|NI@n%V)P7`H*&(v!8f)_}2G+HsY
zH}p+`9{@LcflNrnh%2)64@`V5+a%-%yIojHvgfx>J}GDu=#WyYuwiCICE90Gq=;2i
zu$7cgPZ4D(d-S*nEN&<fzfJNRK!2X_oHjMhrbTI;_rJ?kX#_4$DrIizf-9{^!}fK8
z+)nFjsXeGMb%o{X2B~YMtl9=oKP$D=p40Qsx~<BXM&70W3?nS!vos@C#`Ac5zFOVV
zFg2#1!!q|FFQ_UTlYPr<;__zR)fFk3Cf<bxrR<xCw*19YMxSyl6k%f}8$@cxefB+<
zaI(43db7p;>@(Vx8}c%IJz4%p<95blsNVZUiN|ljZ4j=r#j8IHAN<yP_yEO$dk44<
zR^gc}O*X2gI_qprHq;;bUk-T2ZR>-}kSHRyNWPzGj$-Zk5Am1J_jw#K_2R8LcXdB4
z-gJOayjp?l)bXE0?7KKKz;r;9EaO+~ch7wUcp$Prf&Jm|9V$%z0;EFzMCpbr_HzyK
z^AYGf?DmoS%TqUb9=bQ>{e)i*TsuH=gWxanSxER><MM%af_r3KB2{?CN|)vg(MNZL
zE=~6z`d<!s#%)`|l|d{xwm}{_!n8=S@%)Fp@8ov(72OHZ8DW~;x=PW@O>LPNGeMBf
zVqHV9k@^mO!O=c1^BO+A$Sm1=v|M&o9qv=?cbh^MzmaKoUGpdr|I+NCZ$#Na)yPY7
zBSBI<p$_FF+|9QZ*<=%Xvg%gW3AV$;)&CGAPDF$EYy58>1umU=sjJ|DXKtXr@Y<4S
ziKD*c|DpfofM*W<+PFXV@$7yQnCpuBZ%ax*c3hZi{@X1g>N9Hd%A*`^z?*}Q51ezO
z_(6XV`!3AELRjuOh&=4{w2B|rdjTr&94FKL+1y7=Kg=JfB{)vTC0sRs;6FCxKwhAT
z@V8R94WELZ&dMBC_60o%&S;*6WuAeqhet36#o$3d(BqKUaTx7~(`?SWnSQTx_y4`l
z$KSxz66orlIRkjR>*=29hTUF(r{G;*5J3KqX5XKJ+Zz4<-Bur`<+82%^4nH(;kUZM
zL;p5@tAn*42UDVl7j!k+EHi3lC2kNZ-h6oCv;>Zj|DZVHJpTL$k~9Nm4*<OmqTrkW
z(4D4V!i$=M{GJ3Cd9}o0JX4i?^~sBK@gH#nzTpp25`MS9wB8`qgP%USxZdl&Y({}=
z#Si;YKf)D$R{f`_1R<vdLrwbgBbOOoJ=10Iz%#lXXLxV>E9!Tg$%oqla0~UtAGc8d
zqn}>?jQUm6%ly%Po*xO5&$B!`_SWN1Ld8ptvA5za;{FNxJH#I|!x7im=SN6lJLg?_
zUmqXObym|tzEr#!rG9g!EM6*{qI4@c{k9M`Zf_0guoa&g88JYkHPtbLZP7+wl~icS
z*o1lVIp-P{lZ}u`9d~$3opWp6H|+*yye*m8?qHl88Sg0V?j5N86sFQL7r;?F6*I`p
zt2Q7i&-rClG(bNkzkwrwb$~%ga6{O^S&^zI_*iT6K~@+O2%b6U3*QLF9j>{3EoIzG
zjm@c<*Oq)qJ^+shvfaCHn4RZ4LEUhVTg&6Mfl-Lo;Jus(pe31`i>jH>rdsn4(%;IJ
zGSi#P9pCtZg(s!?FUB*&AE$j0B`tT6DTLzFbKI@K+heW&IFbJy_u?lkeBAeJKhQk;
z4(_ay(Zkn@hPT7;%-L7OV;;r29DfmNY9)K~f4qLVe`ju@@Ugf5fx~cJ5i<VU8~IO}
zj~2#-xqUseGxqjErO^YQe~9}Ca4Ekp)jqgv_dk~4_`eqmzjPvJl<aZ+lG>cco!i*V
z!t)oCWs1`xS@fB5D0-gHNZ2z71xF{>IQbp3j2cXOmzCfuRMw?ge%*6Rl5*E{QPY?_
z9S)<f-%}U9*gk`vx|}u@yX&w+roIy%iB8!Qoy%8i;z^6%%hUccqg>9``}jWMVVQO~
zukcbm8x6%?QW1-AW1sT7c%4hbrm6xu27#Z3z%%v&$kfWGv^xE&6cYTC6*(L2-8y{_
z(<J#P3+ywU`!t6w*vCp{6H!|#xq*y)=GmvG_(bP=R@JvrQyJGNzd8#<q%9h1Wq#G)
zvhYzfBjX(JkB_aLrjvV0nY(aQ{!Mq$IC`$UtX>71b=v&?i7CDebE;{+Wb@H!zQ?Y-
zB+6fnB$36DoAvPU7(waNGCTT8U;2cxfrod`RgTrQx?JxvQwZbE)+s>oVxl$KOjYW}
zgUso)4amqQ-?BZ5j9po+8H-2c=B<>gXPWM6qEdZxN?F2EbbN<kzU>DgWP-xeoBl%O
zA&D(Q&aLWe)*WNfa@)LpblIO2EjySk<zqt?TaX+98>K|2%FOL1cS%D!t@)xwJ}Ymi
zAE1^~33O0`Xx>*kVa*GaDCieLQU=2FKMie6%;q|uVM)E_^vuL=z&^X8kg;RB$zU1f
z7;drQ=e(S&o)AYYIO`7%)MY)W{Nmz3+v=X_lu}HQga{3=vmEe_KGy2#ALta{xJP4Q
zHjM1Xc2-kLMUOkO&w&<^5VB#jY(kbWl)fj+b`XQWDh&+E^?nML>YTQab77aV=*sPx
zEKG_aQn%F^IQOPv%Q4irtLxNCcS~FAxED#_dnN5cvG>~GfUE{}XO@YEIBr0zXbo_2
zYoe8v%2sR2=sBoN5Or${S6>I9EgagB^O^0--M)pxpIdWU>qjoo#;lpZ$RQf1xh=^j
zy{4P;f+=&)r<R(~MNK*~yVL10gMH;LyoD3A`I*97{Ik8H*XEM1Jx0&*QkG7GR?8V4
zPO*)PomvPnbW`11*UUAmX$x81bwf^;cd)$7!+>NO#p`daB}Sh$l7}&}NIeWd;x&n^
zuQLovLMHG0o3Z5AV(z+mterfO@t)MHfWFRwj5&L|!qif&f!Qew6^GIiE?Pao8e6Z)
zBRC&|wVHA(&VJ(G2-b(J-K4%cme*ojy+5Fc79lib|6%r7A9*38g;amQS-fVV06%U^
z?lK^QD;so1I2Wmup2CPQkQ#Oh1Id34#7O7KqUfPlO@vEF#>kuX?}y6BUgmw>Vel7o
z6lY|7CB+q}OIIyyVdkJ;O5HcmJ@?U`zo0Z*YhUdF9>yhccfx2FQO!ZW5f!dh<6~pR
zzh&5W#VgK8agmj<<1&-|0=nV1EqOWyRtU#|RS(C3{W%aLE3dyw>Q%H;x|`D~CBF&|
zhz~AFHxr47t(R?>RpeUlARW!JHXQ8--}dRfA}gt+XQF)u#w(!orZeght^owsk)@2+
zsqSA&XzbvA&~%TTC%^e$%suI_AeIYCw^F<wo?X;!@Vr3gEqrF5xpfJrJo^45F2Nn?
z(|_#A{tn@T%DrGk7(7FHtUp}wQoL`4v`zx&SE@<BWy#IA$K+vh7<UP21>-KUsbP==
z&ykv^praM-)W{#iatqw)4alP%hF|D#yM9`~^lwH@Fvr$lvf(R&rzEm%;KiJgEq{FJ
z*@2b`i`(!!#=BDC0c^B*pQ=A!bo&w~2lKc(92bd45D8Wj6yk1W4@Q7gls8Zz))z;E
z_TO>eZ@%RoVr1Z((YRj^-b8{#THdT@GYpDCFn9jVgjn~Nu`x^C5BM9815Zf;jh06O
zjm-5B>;J@4-OqD*)HxJZd<9ZclG?K4vXJ7h-G9B{a9x0jz;%JbE8Opsy3rt&mi~W(
zz{9%8T;I}!pGVRDdf@8+f^@gB?UHn3@JmK!qW|$?Grj-W;s5tyFpX;7h25iYw=3Zh
zU?p&sdA$DHonQM^bMO+Z7mYLSMuSKRZ&sN`#8M7^buDiHKGpBt5Mph66u%VGjR*h!
z=GkwB)`*u&KKR9@g3Dinu5y#1q$<94LHo@W{BHQq0||ddas1O<29s5PpGlnkTbNwi
zUc@|;Y~RKMxGff>I{mF6kJdy8*Y^xA!9N}Y+!=H*7Q79=i35q@-8Uem)Y;05=2G~k
zHxc@3-~abX*w^`PR=O{^fN|gFuX6=|%DkI(cFT)4g)iVLQo8khwNIG+vj4R0SH<`7
zZY;<MpLl~iNq!E*;c?(8nX{D!+addv6L4h^r6qqK#_-R|cy!<XKG&$`!U}8_OoaIH
zlcIt#F<|A9x9#>7BpHCpFO>#zDZAZ%F$N*D@y1wKZgBfjuUhf0m<V5Y8EbUm1Z7v~
z_k*f#WyGKEflqqv)mR6Y%t7HZSCFL!Z#1t3JwBiNw%M1PwK46=znQihZ`~ybo&zUI
zMg|?%x=ITN%U9;o9W2Y8rX|0tFP@V|;&c4R%HbVY-n#n|U&jz}Q}0CIyIiYKlvKBO
zh4Y(cr34^r1d|VwSDsulqH;XPIoU5y8acB5F2>qUkxcSQ-B9+*c>eAsfg<ftA0Ab;
zF<Vu{T3MQ_3?I^It9oJP>Ze2!4Y7pW>g2~$NCuzJ)g@|I<P+<Z+U5M3Ci!aFVo9WO
z5vWnx)w1`seukJmvhm#c2Xq>$(NL+V=gL$#Q<e+6!4{f6RIyeWQ~9KjjgEEGtt2pO
z{ZJ<ISv(omTpfuSM_FG-kDMcU3t#YMv^iOEIaIq@_~p@2{|iJ!Lu2j@tWUwmS2aH0
zM&|B_6@gESr4u*CPJcXs+*EKD0u0$5Vn4LHZTT@$p|!)kYU1ii`BNiTRW-TI`s=&&
z78V0#snZzCr|3xc!XWf63RKCKEKh&l{jRE|@-#|B{?I9ZrrH%xA|li#I-aR$MPGKj
zVD^%1Qhv0Zzj0ne<JeATOnpJuwb&X`Bvsd5-K@ODj=ax!n#$Vw0#W<K-eg)IorM-g
zCu)fd9-jiP-RqQOrw-(-k5}e?dit_#*NJzP`MGGpM%%#Nn)5R2Y??^<LkUk=$!qJG
z3#m)NVV_*q1(=A?ZrzO=W$kbGdM3|$L-7VZCR#~MDh3rhYox^SMB~*d3&MTV1WJs4
zDX$GW%ctT$Tds>I!O<;C8Pj8aX)Xh1+`E;*r2r%AQupgwD<zoh-MZp-Qj^cg>rGP1
zr|b9jCYBc@rELwA9<Ta|BbWR2Cy`Ask;yxhr)fGYmIR(gu9Kt_&BU#JahecWrgJ1K
z_Zbw&?u)KcSoeQxaZZ8gHmCl7xqpwYx112MSot&0kF>-5%XH{{CwNYzk#Y4p=Pqj$
zGQ>EtEhSRyJ#SmYW7)jR>J;hEyCh5(x70&TzjJT@G`!^n_qs-IoBm6U4<9V$-H@C3
zisM9Yn%<|~1KT3+rD9P{eA80e`dR#er^1##^Pnd!=ZuEOYlr2D69~T|51F{<-B3Tz
z9z;1&TX;k42QQ7c{briZyCIgp@Ae-i<l~<?{xE()nYizE{FCK3<D1NmLuVP%3BSU%
z@4%DD3I$>V)qKj|9Pohf;wB6G7ZNf#q6C7?uLu!!vUHy=@#(mgFOH8z^5`m4SBk!V
z-=YcP&9{F8Mtz^veomJu%H-{}32bVYv}pqG*K;QRdABpu+tNQv8z=BEP$rtl<XudD
z@hi2f)U+N~1bib2JaqxrAU^H}e^vf24$q|5^VfuZcViGhPA_QvLiUIIXSCxs4lo>?
z1X2hGE)~*=<<tG)khd=mZ>QJO|Cd308nN3oEdQfp1x%+Em+3HeiEBMNhA4zc_r*-6
zc*PZE*G=UF9qOPFPZWAvHSP>$GbP!lYg-Nv9QY_pbV_U{vNF*<nq`LmmAQ|C2b28j
zZf+E4Q?Ou7V)(`*GErWh4#kZ+gU_QS7mRy5E?741waqLbc-aH8Jt^che7@xB&ffR9
zU8$Fe49s^ac2sty(kzO}zao;aot92)+E_M(_K7QI|6D)$fD*f2K*=jsvV$^J9^t%X
zKI;))skk<ZR;SR(+LfezSQ$6Eb{=<?vN<Cvw0>uXT|1WBd-Oui(!tq`QXQ{&?!2IE
zc^At`t+s1kVHo}Cc?o{b3e|{vITtO<H47cokQvF$uJ1l22oE@KPQ~r=znxez4OnUs
z=N+$Ji4QJxT5?yyVs&{rwKcCeN@X(|mQRe<$FBzU>bw#bIo?E@xyaE}==yT88p&Mn
zYG9|*Hm_f^w?f;8{|a;1%R6^2y$iW7^FHC>eHNT375<Vx<2(18;SLM4JUesdznt$h
zw%@t)P2*Saj}Y*_3`p$E`gd|%3U^C5`#tUsh+pMzW7x~2@R$E8jH}DWJP;HA1Kcl2
z!tWEdN&lk)D>L#x=7h_v`Nu5b^7r5or2Kz@2z&WIGE^1*wo2cDEGC33{yPVC?A;Z6
z+9-ah(4HrnWtnyLs$269LS#cq&F)8e?ncYDPo$)6$JZ4KAS>XFN2{j-G9;I)r#iCs
z6a;K*3I&}N$?SXPL;0Iv+0pFAo;uaA+(xz0G;8JSsZmOwS&VUFvG}O7%jnzOuWFNN
zw#tI6(P5wO7{9}d{qJlm{!sk158N@X@&3yni4RZ~L?36UxE-6>GKknYTFD}GN%5&e
z?bXt)+jK95c>Px8G&%!sZt!SrOON+dn$$kGDR(SWFY5qWSe-<kM;uB=EL@B%h^jWm
zu&N3Bdu!S645%hZVuIP=$zkW${OnQb;R~^g<xmTHF`|xkaJS`aFL#38&JJ6LKrM1U
zfGx()f6gdZCgNTnpZY~I-0$=~JFU%QGV9bLUG+`j-s}uYPPJ1oRloTL!-i8gmh6<q
z@;2kfgvw_3un3E9(5h!fT;hGC^Wdg_X)yC1=IYt^4>miQQB$Yvd<7+=-^wW_B|qq3
zrczJp$J1Zx>ltz;sYvb!d2ad??II=4WU3D0DZ&*G$D8GEv>&HaWpw@{D&VZ=rXkCW
zzr5a4RiyqNrofrkK`i!L9(<ts6cqa_F<#L@ys~l&@yy5}uok(edU4o5kuFh%)8_mw
ztsw7NGSb09;VY%C%!0HYS^=Z$g>Q^qa6g2RdRldRiCdJN>lBTH?J&>%jr~dtGh?fC
zcVfswgj?wnC!ZEY&5Fb~3@JW6O@?_HGZu{!rQa2;r<6AW)#;uHSt>j0@wuGwZoSHR
z`9Xk?aPZ3IV7)iU>`p)1C?%$6;o~%<i){>%oMe@=3w4nfGHX{P+RK`h>zLoP3#oPz
zM-K)qPR!=DZ<&!FO9K%wSiu$$yh=9V%Dq+ES799bX!1#gN`^$ZJ*bFjp=Hla%5$*{
zO~9J66sorPogV0Fz5U6cXeT&Reh4!>IscyCVsLclI8zW(k5`QsyX<YA8MwWjXQmic
z?d`I6uUN6La^;oqz1-0!g-OrSH1^gu<@2x(xuVuUKw3=e<(?~1)tga`HLo4dx-NZ1
zYy}rdGfh5Fe4IC99W3hYvMS0zi9s=wRbot%7i(oM9u*6mHO_w$UphbS@PSg2y?rt{
zxu9p;U2i)HnPZ=8waAI~vNnX-znWO{PcA=y*;HET(fhh2U&E_wEz^pUdABuduPbik
z$h4G*j%#72W`4nwZo$l5r{0}UaAt8IRc7y-zFvjp49Ysij%m{fADwE+t!k}kmCfi%
zRG+OQW#?Br$uD}SCWGvmMT&=EL$gBt%P~H!e0egH$cr?XjjX6LS1}D?i)cf#l%_p4
zel<!egO^Koqt2ZriAzJ9RSer7>7yP$aqR1LAL%3ru0&s>DRZ?}C{b;u^qd!5%5qug
z*3Y5YIrlj+)G9!3PpzUtZS;DPVEi24dUlg$Cu1DXbxl`+uH?<}N%07&wLKL+f6J3w
zw=(IOE0EWGoP5hnTQY^aUhuBz2EX!<rn(<B1AKb2VM^&@V59CQVn4qcwx`acR56To
z3s8_sX6zuJI%4M~c#Ad;Cq8{BrJCnOI8qFNH|Q>vhiJ=WCa8R6oeW#P<9JD=fnd>1
z_&ixd{GUO|jN6Zc#y>_2pGOA%8BrcWH*ye{DTrvK?e{YHs;*ZW9xQvMnji!MYh}dH
zk?4ZGhNhQgkJdE?PL#84A5Y*Np4a|3YPd(|oZCd0Yjt1UFm&Q0Ci~GLtr0(jyC?bD
z`fG>94u{1qp^e+v5q|6lbvZH=E!Hjcx_KOf+Ft2xY_b}U;2kz2*RImbEX$2GSP1eS
zG`mVoE5|dST_g>sN+$FSX!FQZV$?XrV^Pa#Ux!QreU?T*?z<ml@6xL@?Tjtn@|oz;
zo~M?-oUNX<KHg9@Oa~JUqtZw-KGF#*JAv4hshMhVUQavI%tiBnVdU1x)ktBKu&RwL
zf1dGV0!pcNC0j^(@2Jvb&V=A9ADZo%GijvHSkGtar4}(xBozNhxZB0*weU!`ACgGN
ze+4vDElYE@gYo~LC0kFn#kizAp(NlGI9))Mj?O4BlmuV1`7w$SbEdg!fx$^vRvpmZ
zvzIV_I>MQxtm1mILcW@H-QcFox|c(RQ8q1PQ)6AE&O7(MTgD(_`7@6W@+-SjW4npK
ru29CYE$1UlH7OOD6}+RYM^-kGyT}6v4(#m_9KeQVoZ8`kM)ZFGJ94M;


From 947d1497ad9d4ebf51ed8686ef098cd22512f1d8 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Tue, 24 Mar 2026 09:15:32 -0500
Subject: [PATCH 11/13] Update loginwindow rule to match actual log pattern

The performAutolaunch pattern doesn't exist in the actual unified
logs on current macOS versions. The real login item execution
pattern is LoginItemsLauncher, which fires during user login
when login items are launched. Updated rule query and description.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 ..._login_item_persistence_execution_via_loginwindow.toml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index b3a049e69c6..628aaab5c20 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -8,8 +8,8 @@ updated_date = "2026/03/23"
 author = ["Elastic"]
 description = """
 Detects login item persistence execution via the macOS Unified Logs `com.apple.loginwindow.logging` subsystem. The
-`performAutolaunch` message indicates that a login item was automatically launched during user login. Login items are
-a common persistence mechanism used by macOS malware to ensure execution after system reboot. While many legitimate
+`LoginItemsLauncher` message indicates that login items were launched during user login. Login items are a common
+persistence mechanism used by macOS malware to ensure execution after system reboot. While many legitimate
 applications register login items for auto-start behavior, unexpected or recently added login items warrant
 investigation. This subsystem produces very low event volume with high signal fidelity, making it an effective
 detection source. This rule operates at default log level and does not require debug or private data enablement.
@@ -29,7 +29,7 @@ note = """## Triage and analysis
 
 ### Investigating Login Item Persistence Execution via Unified Logs
 
-This rule detects the `performAutolaunch` pattern from the `com.apple.loginwindow.logging` subsystem, which fires when a login item is executed during user login. Login items persist across reboots and are a favored persistence mechanism for macOS malware.
+This rule detects the `LoginItemsLauncher` pattern from the `com.apple.loginwindow.logging` subsystem, which fires when login items are launched during user login. Login items persist across reboots and are a favored persistence mechanism for macOS malware.
 
 ### Possible investigation steps
 
@@ -75,7 +75,7 @@ type = "esql"
 query = '''
 FROM logs-unifiedlogs.unifiedlogs-* METADATA _id, _version, _index
 | WHERE event.dataset == "unifiedlogs.log" AND host.os.type == "macos" AND unified_log.subsystem == "com.apple.loginwindow.logging"
-  AND message LIKE "*performAutolaunch*"
+  AND message LIKE "*LoginItemsLauncher*"
 | KEEP @timestamp, _id, _version, _index, host.name, host.id, host.os.type, event.dataset, unified_log.subsystem, unified_log.category, message
 '''
 

From 495066c42175213f41f51e816cf29a69b877808f Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Tue, 24 Mar 2026 10:41:00 -0500
Subject: [PATCH 12/13] Promote rules from development to production

Unified Logs integration is now GA. Rules are validated and
ready for production use.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../defense_evasion_xprotect_malware_scan_match.toml            | 2 +-
 ...stence_login_item_persistence_execution_via_loginwindow.toml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index 5584a87b0cc..eb1bed74609 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2026/03/23"
 integration = ["unifiedlogs"]
-maturity = "development"
+maturity = "production"
 updated_date = "2026/03/23"
 
 [rule]
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index 628aaab5c20..bcc6fda1154 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2026/03/23"
 integration = ["unifiedlogs"]
-maturity = "development"
+maturity = "production"
 updated_date = "2026/03/23"
 
 [rule]

From 4b3d3b817a9e61947fa308b696f125b47e8686c7 Mon Sep 17 00:00:00 2001
From: Colson Wilhoit <defsecsentinel@protonmail.ch>
Date: Tue, 24 Mar 2026 12:23:17 -0500
Subject: [PATCH 13/13] Add "Resources: Investigation Guide" tag to
 loginwindow/xprotect rules

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../defense_evasion_xprotect_malware_scan_match.toml             | 1 +
 ...istence_login_item_persistence_execution_via_loginwindow.toml | 1 +
 2 files changed, 2 insertions(+)

diff --git a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
index eb1bed74609..dd6f5aa3221 100644
--- a/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
+++ b/rules/integrations/unified_logs/defense_evasion_xprotect_malware_scan_match.toml
@@ -66,6 +66,7 @@ tags = [
     "Data Source: macOS Unified Logs",
     "Data Source: Unified Logs",
     "Use Case: Threat Detection",
+    "Resources: Investigation Guide",
     "Tactic: Defense Evasion",
 ]
 timestamp_override = "event.ingested"
diff --git a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
index bcc6fda1154..4c89998c867 100644
--- a/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
+++ b/rules/integrations/unified_logs/persistence_login_item_persistence_execution_via_loginwindow.toml
@@ -66,6 +66,7 @@ tags = [
     "Data Source: macOS Unified Logs",
     "Data Source: Unified Logs",
     "Use Case: Threat Detection",
+    "Resources: Investigation Guide",
     "Tactic: Persistence",
     "Rule Type: BBR",
 ]