Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
209s -
max time network
207s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
29/08/2023, 09:17
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://tracking.parallelsnetwork.com/t?r=5875&c=3685521&l=3215&ctl=9DA62B:7B950240103D45AE94C3C834D6E90EB284F74C559D0FD075&S43743779?s=1692969466&e=1695561466&c=FA712FAFB41D634B90131509635D1FE375239729?utm_source=cleverbridge&utm_medium=email&utm_campaign=pdh-dd-all-renewalreminder&utm_content=30-noaction
Resource
win10v2004-20230703-en
windows10-2004-x64
General
-
Target
http://tracking.parallelsnetwork.com/t?r=5875&c=3685521&l=3215&ctl=9DA62B:7B950240103D45AE94C3C834D6E90EB284F74C559D0FD075&S43743779?s=1692969466&e=1695561466&c=FA712FAFB41D634B90131509635D1FE375239729?utm_source=cleverbridge&utm_medium=email&utm_campaign=pdh-dd-all-renewalreminder&utm_content=30-noaction
Malware Config
Signatures
-
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133377742695691828" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 1488 chrome.exe 1488 chrome.exe 2492 chrome.exe 2492 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
pid Process 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe Token: SeShutdownPrivilege 1488 chrome.exe Token: SeCreatePagefilePrivilege 1488 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe 1488 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1488 wrote to memory of 4692 1488 chrome.exe 71 PID 1488 wrote to memory of 4692 1488 chrome.exe 71 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 4376 1488 chrome.exe 86 PID 1488 wrote to memory of 1480 1488 chrome.exe 87 PID 1488 wrote to memory of 1480 1488 chrome.exe 87 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88 PID 1488 wrote to memory of 2240 1488 chrome.exe 88
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://tracking.parallelsnetwork.com/t?r=5875&c=3685521&l=3215&ctl=9DA62B:7B950240103D45AE94C3C834D6E90EB284F74C559D0FD075&S43743779?s=1692969466&e=1695561466&c=FA712FAFB41D634B90131509635D1FE375239729?utm_source=cleverbridge&utm_medium=email&utm_campaign=pdh-dd-all-renewalreminder&utm_content=30-noaction1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1488 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd32f59758,0x7ffd32f59768,0x7ffd32f597782⤵PID:4692
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:22⤵PID:4376
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:82⤵PID:1480
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:82⤵PID:2240
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2872 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:12⤵PID:1260
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2864 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:12⤵PID:4784
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4048 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:12⤵PID:4616
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4820 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:82⤵PID:3300
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4864 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:82⤵PID:2056
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4692 --field-trial-handle=1828,i,17694746477633740274,3233234965316724787,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:2492
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:2260
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD555540a230bdab55187a841cfe1aa1545
SHA1363e4734f757bdeb89868efe94907774a327695e
SHA256d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54
-
Filesize
61KB
MD5f3441b8572aae8801c04f3060b550443
SHA14ef0a35436125d6821831ef36c28ffaf196cda15
SHA2566720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf
SHA5125ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
Filesize230B
MD5f17efda1a4512c54d9dbe3219d881b57
SHA109cffc738a77b84a192ae111c9226217fffec246
SHA256d0ec24c00051d89e157a53b5072403b081a855edf6654761f5200ed68eccf0f9
SHA512e463404ebf61e79194375044aba7e30e2e26005514c284ee00333c9e3212114cc865511abf9f520ede845cac1f256b5f0b2e633a6ca4a344dd21b9f38accf85d
-
Filesize
912B
MD51d61b65e082d3aa1f4d4d3e7b21eb6b2
SHA140221a175e9a14ee115e2ca61ce3d44c64b31625
SHA2564de36f3ae8cffd9ba3b2959085001c0e2b4e647de0482b2058baf1c260685b1c
SHA5124b0d40505b0cdeb62f79aa0781c6011c8d86b90a95133c1f6c81844692bfdfa148ad95ed93196c17cbd01e22699da31b56aabe6ddc537dbf743a588d4d80726f
-
Filesize
4KB
MD5b3ab610f352a2b35ac00c35ac09c302b
SHA1ef35eb1d2c0a184ab78920eae45d434ab8de92bf
SHA256005f9e261746be681bc76bec6f52c4bac3195e8a9873e681ae6e37d69a9547ab
SHA51217a63f73c263b32963d7ffb50f5beb4454173b9c22c9ff87007137e60eb516f5dad729e5bc7d979bae62e5221089d2527ac4a84a8c7cec75ca059d80bba43719
-
Filesize
2KB
MD51b076f650628c0a4bd4acf5d6e695b1f
SHA1c74bd057b2ff5e90fd363581f1106ddae37ab289
SHA25638ba3aefb559029ffcaed5003accd9b09386395db4694a7aa71521288aa62e39
SHA512c00efe4f596feb9eb88438a30de02ba50d748b6569258a6ac6117a0ce2349b11110006c6a5daad907fc09610154e664a779268f4be4f9eb61050c3183f81d35e
-
Filesize
2KB
MD53b220755c0976df4575fe688c8d0efb3
SHA1b6491f83cc1e7f4158cb5d65dab3ed0d9f226789
SHA25641bbc10dbb85310ba513045c55e2b70bce8db0481df7b288fb06fef9fc7a7c45
SHA512274851380246fda8e9964351d696b1626444bca43772b6e686910c9c758d22cd690c1caddb566932ad7db05e7e21f382538f45038b642ec8d499993e31f0a372
-
Filesize
6KB
MD55e7745310ac4fa278bb406b193c0d25c
SHA1ef200422c2088430dee273c8578a13cc7ef71cb8
SHA256842492b7e46754a9a7a0ac078ff3cd1af57b41a65a66d2be3206c49929dd4247
SHA512aea8549035eb2e1834c64ae3df54c77c9b298225e5d42c14015198efe8a8de7a3bd71b3ac3118c3bc6d19051b8318db015bb4a6e1d92e03e7298a0f6f1e645da
-
Filesize
6KB
MD52321e78931cbc2c573e9cedbad8517fb
SHA1c5608c0c357275a2845acb6b3c5d36d1fbcf8250
SHA2564c18810418aa909929c3b07b7c961596cb687bd0a8061a31a173b87768edeff4
SHA5126d46c02518071e9805f7f3b8da0270c3ce541a7d61d81b776de83c28f009d67640ecf869f228a4d562a0e2493fd8f66920e7e05d980886a44593cfb03ae30d51
-
Filesize
87KB
MD5b9f1737eb41a4f8e7b40ad7d88594ff8
SHA1c1efbebb867ce362b37d49b42899ea35dbb8d832
SHA2561f0cff2ab899cd9a7bd4ed698aea2496c3ed38db7af0f37d121e8d7da43ace61
SHA51240d9c30ee4660002b22b38295cb5f6069715f159b510400e3165d92f6b508daf3a7b7e54b32dc682f478b09feeda262e2b0cf76743ba34d3165c9073e3d4d5e5
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd