Overview
overview
7Static
static
7ChromeUpdate.apk
windows10-2004-x64
3ad.html
windows10-2004-x64
1aps-mraid.js
windows10-2004-x64
1assign_lab...l.html
windows10-2004-x64
1blood_gluc...l.html
windows10-2004-x64
1blood_gluc...l.html
windows10-2004-x64
1blood_pres...l.html
windows10-2004-x64
1diabetes_r...l.html
windows10-2004-x64
1dpr_report.html
windows10-2004-x64
1dtb-m.js
windows10-2004-x64
1edit_insul...l.html
windows10-2004-x64
1edit_label...l.html
windows10-2004-x64
1edit_medic...l.html
windows10-2004-x64
1edit_track...l.html
windows10-2004-x64
1fyb_iframe...l.html
windows10-2004-x64
1fyb_static...l.html
windows10-2004-x64
1mraid.js
windows10-2004-x64
1mraid3.js
windows10-2004-x64
1omsdk-v1.js
windows10-2004-x64
1target_ran...l.html
windows10-2004-x64
1tracker_en...l.html
windows10-2004-x64
1trackers_local.html
windows10-2004-x64
1trackers_s...l.html
windows10-2004-x64
1ui.js
windows10-2004-x64
1vpaid_html...e.html
windows10-2004-x64
1Resubmissions
25-09-2023 22:51
230925-2ssm5adg99 1025-09-2023 22:50
230925-2skyaacf3s 725-09-2023 22:49
230925-2rsxhacf2v 725-09-2023 19:47
230925-yhh46ace26 10Analysis
-
max time kernel
600s -
max time network
497s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-es -
resource tags
arch:x64arch:x86image:win10v2004-20230915-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
25-09-2023 22:49
Static task
static1
Behavioral task
behavioral1
Sample
ChromeUpdate.apk
Resource
win10v2004-20230915-es
Behavioral task
behavioral2
Sample
ad.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral3
Sample
aps-mraid.js
Resource
win10v2004-20230915-es
Behavioral task
behavioral4
Sample
assign_labels_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral5
Sample
blood_glucose_entry_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral6
Sample
blood_glucose_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral7
Sample
blood_pressure_entry_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral8
Sample
diabetes_reports_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral9
Sample
dpr_report.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral10
Sample
dtb-m.js
Resource
win10v2004-20230915-es
Behavioral task
behavioral11
Sample
edit_insulin_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral12
Sample
edit_labels_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral13
Sample
edit_medication_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral14
Sample
edit_tracker_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral15
Sample
fyb_iframe_endcard_tmpl.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral16
Sample
fyb_static_endcard_tmpl.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral17
Sample
mraid.js
Resource
win10v2004-20230915-es
Behavioral task
behavioral18
Sample
mraid3.js
Resource
win10v2004-20230915-es
Behavioral task
behavioral19
Sample
omsdk-v1.js
Resource
win10v2004-20230915-es
Behavioral task
behavioral20
Sample
target_range_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral21
Sample
tracker_entry_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral22
Sample
trackers_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral23
Sample
trackers_settings_local.html
Resource
win10v2004-20230915-es
Behavioral task
behavioral24
Sample
ui.js
Resource
win10v2004-20230915-es
Behavioral task
behavioral25
Sample
vpaid_html_template.html
Resource
win10v2004-20230915-es
General
-
Target
target_range_local.html
-
Size
1KB
-
MD5
ae07c20cd147719fcf98e46f51244539
-
SHA1
18bbd5bad5529fae7d02b5c8e074322c6e4d1d21
-
SHA256
058c4cfa3d53a9adf5a259f9f44ec6e87148d49d37ca254346b1afc6999a5193
-
SHA512
5533136db1b16756fcf16f8a6ed7dce9d1cec1472883b46c4f8e9ca909c53c4476261cde83e94cbff1f37d23a8b4b2ff69b669fc94d8a0af45da3d9f4be23f3a
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes:
chrome.exedescription ioc process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
Processes:
chrome.exedescription ioc process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133401558043186375" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
Processes:
chrome.exechrome.exepid process 348 chrome.exe 348 chrome.exe 1112 chrome.exe 1112 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
Processes:
chrome.exepid process 348 chrome.exe 348 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
Processes:
chrome.exedescription pid process Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe Token: SeShutdownPrivilege 348 chrome.exe Token: SeCreatePagefilePrivilege 348 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
Processes:
chrome.exepid process 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
Processes:
chrome.exepid process 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe 348 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
chrome.exedescription pid process target process PID 348 wrote to memory of 32 348 chrome.exe chrome.exe PID 348 wrote to memory of 32 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 988 348 chrome.exe chrome.exe PID 348 wrote to memory of 3388 348 chrome.exe chrome.exe PID 348 wrote to memory of 3388 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe PID 348 wrote to memory of 2632 348 chrome.exe chrome.exe
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\target_range_local.html1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:348 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff5b9b9758,0x7fff5b9b9768,0x7fff5b9b97782⤵PID:32
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1916 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:82⤵PID:3388
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1856 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:82⤵PID:2632
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:22⤵PID:988
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2836 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:12⤵PID:1772
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2844 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:12⤵PID:3400
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4864 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:82⤵PID:1164
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:82⤵PID:1460
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1976,i,14392159418595389333,8636982054397913744,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1112
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:3048
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\83a872fb-26ed-479c-8ec6-7f6948cf8fdd.tmp
Filesize6KB
MD5db7d9c63fe9e706b9d794560dfc173fa
SHA1d0d28ef4c17c3e7fc8d82147fe9acdbdecf22dd4
SHA25682bd4902be04ee5c1738d8bb19566bd0ad233f965380ca02ce96429f6180bb9f
SHA512518ac6f839ff3c422d8277a1dff7da801b436699cf64ca4bfe45454f99f6d71d110f15e3f5e8eb4c7d92d139234844fd2d931cecc03c567c98d959776fe677ba
-
Filesize
6KB
MD517e91736f2193e2e4e4e72ddc6974ecb
SHA11e881261dd7518a02c91e3d968e02ff75d5211fb
SHA256bb3400fd068608ee5fcfe330037ea1e100d81f957725cecf854734060dbc19f8
SHA512ac725800870c7955cad565abd596d0b6eea8a98e761eea27ed32ae7f956a507727fdf8a6657063bac04f62c71dcaf98c810bad28f6a9f239b56bd7360a842535
-
Filesize
101KB
MD52ef2d7d7c048506ffcbea0e142d89d21
SHA1bb5276d66f2cea1bbcdbf64efc2ff040c277c44c
SHA256b2860588f824d7e596e3f4a70228aa96d34f6ac861327be4ed6ac2861627c21d
SHA512566d4b1b98694ed536bd1146faf290f00244decdd17f9d815397ee565295a2436463e95178c180caec71394b0b615e5e13654157519725adf092ecb955080e9a
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e