Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
27/08/2023, 17:50
230827-werk1seb21 127/08/2023, 03:17
230827-dtekwsfb75 122/08/2023, 17:50
230822-we39taeb97 122/08/2023, 05:56
230822-gm8ryaac65 121/08/2023, 22:35
230821-2h4bwagg42 121/08/2023, 06:10
230821-gxjwkabc75 121/08/2023, 04:56
230821-fkp2daba47 121/08/2023, 04:02
230821-el9azaaf93 1Analysis
-
max time kernel
539s -
max time network
543s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
21/08/2023, 04:56
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://send.cm/z1dg0c7dkj8g
Resource
win10v2004-20230703-en
windows10-2004-x64
7 signatures
1800 seconds
General
-
Target
https://send.cm/z1dg0c7dkj8g
Score
1/10
Malware Config
Signatures
-
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133370673848550609" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 3596 chrome.exe 3596 chrome.exe 1816 chrome.exe 1816 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 3596 chrome.exe 3596 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe Token: SeShutdownPrivilege 3596 chrome.exe Token: SeCreatePagefilePrivilege 3596 chrome.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
pid Process 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe 3596 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3596 wrote to memory of 4384 3596 chrome.exe 80 PID 3596 wrote to memory of 4384 3596 chrome.exe 80 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 4976 3596 chrome.exe 82 PID 3596 wrote to memory of 3220 3596 chrome.exe 83 PID 3596 wrote to memory of 3220 3596 chrome.exe 83 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84 PID 3596 wrote to memory of 2384 3596 chrome.exe 84
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://send.cm/z1dg0c7dkj8g1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3596 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa679a9758,0x7ffa679a9768,0x7ffa679a97782⤵PID:4384
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1768 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:22⤵PID:4976
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:82⤵PID:3220
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:82⤵PID:2384
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3024 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:12⤵PID:2608
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:12⤵PID:2232
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:82⤵PID:1380
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:82⤵PID:2008
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2492 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1816
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3900 --field-trial-handle=1864,i,8958225542775500314,18401071574014409488,131072 /prefetch:82⤵PID:4048
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:2064
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
288B
MD564f31500fbc7a2b0425a8d475768ff13
SHA137015fd4a027a0bc7780208a3d3b67a9e208fa38
SHA256d1e353a885ce6f072e82dcad50dc159a0d93733452e0a8e20e78a5a62e64a822
SHA512503a54ab7588aa408795dd4a16f2d9ee664bec3325b0d4d1a4f501b56d9a653ab5ceb1fc4e1171a3f00a64c298f1de1e756fbb16760815303eae158528fa482b
-
Filesize
1KB
MD5434ff9c56525370695180238c3c21167
SHA1211757ff55737bb292275ba51f1fcb4b26f465a3
SHA25610a7a3594a130ce39cee78c880caba617847b796477820d84a0357899bcfefd2
SHA51231d831afdee7604459213a125600e55391c59f2cd613206f10343f0e4f53650cb036b21d32c426e6c04e17ca31489f1454c281cd5ded2101e7c4c54bf910c399
-
Filesize
1KB
MD5930aa8a94fac9070047be634d16b5239
SHA11aa95f8aee59fc5bdc15da3a00b61409c340bc74
SHA2568b6dee1bf060bfe61a6eff9e14fe535e8b0a63aebfbf0d390b8073fc61662cc0
SHA5121d0944a95e4f727e5b3aa08e3713322c2993a6d566dd73c59cd9456f499dd033b17fa176e74000df7ca11d1cc7d30bb8b1cd52e85b59e2fa428f20d014f80228
-
Filesize
706B
MD59253eeb65c8fa31b3e34f2fb8ae6bf56
SHA1d8945d7a943e3fb97233321c94ccc472bad515bb
SHA256043325ccbcceb6abe556eae42279d3f3fc6db2d3302a6c3160b54f7b00911f2b
SHA5121d78fd0136e35145509c392d4737935927285c73cf213980e49f359115fcc95ef2593b136fcaacdb2ccf9ddd699b7409f5ee8fac7c942b88ff8ff4f3679f4278
-
Filesize
6KB
MD53727e537bf89ca5b6e7dbb306ac92633
SHA1152734261bfacef62d6b653fa969ac12d2b84d24
SHA25658f0f7d0370e039d3fdfb9243b18a5349c649e717b9ae69606d81b93e01bceff
SHA5121f5b2df42702b4897786765310cc8f0b98c1995ae25f30e06deeca489b9108ba79cd131c1e30501ad02f7f06297aa2b497134c1234559fe2dff04f91919dcf87
-
Filesize
5KB
MD543d37ec6d9b8bcbe5d1573247b8f644c
SHA1b3347439d1800f26be2eaa4fa2289bcbf8a0d77d
SHA256dcec216afb35a50391604e1cbddda022f505cf0ae6ec567b3afa6b8f4111e0bb
SHA5120e3d3305ff59acf1e30309e9394d0121701410876d3622a5958a576b44a543b085be631a8a966675d8ae43274e708110b743b5b9c6d3be907e8a424e86d84d8e
-
Filesize
6KB
MD590abd9731937c4f3e44cbb9da7deac25
SHA1332278deaca13e145196e59bb0ac187b62ce0d53
SHA2565cf5d6084432289da1c5d8d4a72cab503483a20be8de0be9b11c0688993b1321
SHA512ed67a4ea634120be6a30bedf1dd6a343b9d76107d9221336a75211c99a482ba27cf43e5984c0e43e4c4f1253459df38a6a4d597dc08379be24934d8aacc07286
-
Filesize
87KB
MD5e613d4b7506141a2798a1515342cc81e
SHA14c3695c219ca92063603f4557488809f00268865
SHA25655e3328a3c9d55482a93c8fd1235258332296eb92eba408315f9898e6522a2ff
SHA512af1508128eba322eeead074b1f47fab62fe1008d09f7ed8e4be6e0c2aee9dedd4c8f38e53cb0f1fb5157d957702bba4c725c723cb23575fb1c0343663db30538
-
Filesize
110KB
MD5cc1be7d3a83aa9f5d032735a443f6658
SHA183d7eb7af4fc2b0ba294dd6a646b97c7a035fe15
SHA256edc7901f7595fa7977bf9a6e98f9eecef4ec54c08e894f8f8da8c50d0e7bb917
SHA512f19683d8d3498f7fe2d2b9415a4d48c0de5aad2547473e8a58399865d2b36d1b9fa103580efd8b7cc9bc0f2b1ca030451c1083ae9b66f6f35b44c5c2813903ef
-
Filesize
104KB
MD5f94f4922d0b136c7c037f97024458330
SHA12a0d25759e63db42538b487dedfb51fdfe117daa
SHA256fa6cb5f0eb4ed9bace76bad07d53aa66d016951bb06e42d73315859270b1f256
SHA5124f95024adf9d428edb19b3f65e02bfcba5c36bb5eed20c7fdf1291a3177316d79efb1a228832cbec2bd274c2c18350c62fec9415b1290784f2595f9b7d5585c1
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd