Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
1URLScan
urlscan
1http://google.com
windows7-x64
6http://google.com
windows10-2004-x64
1http://google.com
android-10-x64
1http://google.com
android-11-x64
7http://google.com
android-9-x86
1http://google.com
macos-10.15-amd64
1http://google.com
debian-9-armhf
http://google.com
debian-9-mips
http://google.com
debian-9-mipsel
http://google.com
ubuntu-18.04-amd64
Analysis
-
max time kernel
1800s -
max time network
1695s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
16/04/2023, 18:14
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://google.com
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral2
Sample
http://google.com
Resource
win10v2004-20230220-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
http://google.com
Resource
android-x64-20220823-en
android-10-x64
Behavioral task
behavioral4
Sample
http://google.com
Resource
android-x64-arm64-20220823-en
android-11-x64
Behavioral task
behavioral5
Sample
http://google.com
Resource
android-x86-arm-20220823-en
android-9-x86
Behavioral task
behavioral6
Sample
http://google.com
Resource
macos-20220504-en
macos-10.15-amd64
Behavioral task
behavioral7
Sample
http://google.com
Resource
debian9-armhf-20221111-en
debian-9-armhf
Behavioral task
behavioral8
Sample
http://google.com
Resource
debian9-mipsbe-20221111-en
debian-9-mips
Behavioral task
behavioral9
Sample
http://google.com
Resource
debian9-mipsel-20221111-en
debian-9-mipsel
Behavioral task
behavioral10
Sample
http://google.com
Resource
ubuntu1804-amd64-20221111-en
ubuntu-18.04-amd64
General
-
Target
http://google.com
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133261497581291224" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 1644 chrome.exe 1644 chrome.exe 1536 chrome.exe 1536 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
pid Process 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe Token: SeShutdownPrivilege 1644 chrome.exe Token: SeCreatePagefilePrivilege 1644 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe 1644 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1644 wrote to memory of 4104 1644 chrome.exe 84 PID 1644 wrote to memory of 4104 1644 chrome.exe 84 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 3592 1644 chrome.exe 85 PID 1644 wrote to memory of 216 1644 chrome.exe 86 PID 1644 wrote to memory of 216 1644 chrome.exe 86 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87 PID 1644 wrote to memory of 4832 1644 chrome.exe 87
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://google.com1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1644 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffc04d69758,0x7ffc04d69768,0x7ffc04d697782⤵PID:4104
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1808 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:22⤵PID:3592
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:82⤵PID:216
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:82⤵PID:4832
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:12⤵PID:3804
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:12⤵PID:3496
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4488 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:12⤵PID:3404
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4640 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:82⤵PID:2476
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3348 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:82⤵PID:920
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5008 --field-trial-handle=1788,i,5403055291013259500,12518454458124679823,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1536
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:3816
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
199KB
MD5c6369d4711da5067de36e1fcaae156bc
SHA12b701bd36b91d3854c914b35dd59ce8e5227912d
SHA25639b858f675a131bcad3e7271ad82e36599f6f7159c42faa93d111e50d91585e0
SHA5128131cc65f51e514fda057a8756c9a85647859e0c53989881c9385a65278c10bb94579b0f3137c9b2c9825e226c297d21f6a3af6686e275e579259cf414e2cc2a
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5f18ae64-dc99-4335-9b90-430e26e48ffd.tmp
Filesize4KB
MD5a13b2f98e85558d663380395d8144033
SHA185a477b64a20b36171fbbc0191fe06683a075efe
SHA2568ea26e8192e15d7a7886dfe9f26ead09f5e36982e1fdc3e26e961759b71cd19f
SHA51246ea1dee7a40c0bb3ed74485e3eaba228e43c7e16e907a1a26e5395a1b3d03a837bf9de3ffb33f19aefbb4716fcd1975cc654041d4ed533a16920b1a21fefa93
-
Filesize
288B
MD5f0e6cd4e6179a474c18ecf98d484d0a4
SHA1a72b82748cea35b993211b1be998301a14def6b7
SHA2567a72138440a04d2000c30c498cbe069c96e0a4ad24f39da3d4924c24b37b03e8
SHA512615fd3d036b30ed22d208b794d11a9738c9caddf7e89e3edc9bfa2aee89eca8966db4ecd7f95d0b5563cd30fb5ae1844c384cd1d021a0983770338bb227281b2
-
Filesize
2KB
MD54d87cd8df86079fc3ba64df424b7329f
SHA149953cd51ca47623cd23808c0b53564dcc74d543
SHA256e40fea0fb58ae40ce8ac0fc54f67c31b9524629de9cea7e4c992c0445aeb2cb8
SHA512a5b7c2e9f35afe324c85d232bf70d6e418c3134140711c0c3482d38edac7d4bbd6a9b13323104645be60589980551922eaf9de738e6ce3ab2a036c525c941d1a
-
Filesize
2KB
MD55e215f915c06ce95611e33c0481c1e92
SHA12fe69625077e8ed1fd9fd826b617fd3238ca35a1
SHA25624df2ee2c1749e32de3d058a4e536a33de21dba029e0e29d7d9a9dde625050bf
SHA51225698161f559425f2273e3e81186edd0b1d2622151d677fa5da7e3c5bafe14e66e042a992ecdbcb11f5823d6f5c976a5135138a5cef84cf171464d78e8b8fe9c
-
Filesize
2KB
MD54717cf79dcb45cc5d5d73b1e16cd8140
SHA1ac22cb74638509c162c52c13a70414e2a3917c98
SHA2561b84c6c9d6cf0bdb01925b7ca0b77b2b47ab1e626e3f8eaf98546d5e8d79673e
SHA512976d6f753fb5d2e7d8890b1b8c7c8fcde1758d7c7b8fcbc9f33d1f67bf75fdc5e3c8d80a824bc54688cc4ca47d11dafe3cefdbbf6aff5582b50486a88c6b799c
-
Filesize
2KB
MD59499f5d4b1a1cafa04ee6b16a654c789
SHA1f6db15b642eecf393451a5089761642668b92902
SHA256b49289cb69b3c696f46e17ddedd100ab0d96cc583ba7749b25a3d937e83eeff9
SHA5123e8a4da08ea973cdac875214d267aaf52395fd9cc12e273f2006d19101baf6e3bd69b56b293b865cf035ed53496e1238497c309965ede59a208e67f4a45e96d7
-
Filesize
539B
MD52e86c30470f4a067d300b2564f267334
SHA18df1323d6655d0e3e576005062316764db01e7a8
SHA256924abff124fba7a3cba927a0e5bdc2800a109ea53e213f5244865a8a72720269
SHA512474b08ef880e120f44de7eb493693a9971a9aaeb3c81c29cf14d51fdd37646260a2f3487791483bd32ef0967ee794454582bccbb69f08e0b7b9e419b0d730bda
-
Filesize
4KB
MD51f34a36bc679c4e2a9cbcbc92ab28b7d
SHA1f3f77661f63acd188795782e554a8819c8846cf4
SHA256616bbf9915cc2c75ad81a751997cb568d8f65c4a8f8d2472f0227f9b4532a449
SHA512b87e3b1a14ff3f3ad706dcddd06a1e1554596ab47c3728ed3317e535655bd533f6cdf86b01425fecb7aea25d342bddd526d85ca4760672362a45fb3b0b5e6d29
-
Filesize
5KB
MD5b7e178efdf48a8617da016032e430abb
SHA1aef9e6bf572d2b3c693db2400702cbcfb68c4ce9
SHA2560837928e61e3f25aa4c49ae5f8971fe0d6745c432512bb26f4707639d047a25c
SHA5124722fd68516abd625b208569eedc057535f431dcf489afac5f298c24dea40bcbc70921e480825106b05eb7c2c557316777b4469a5bc054949f7c5ab1ae998f9e