Analysis
-
max time kernel
93s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
19/10/2023, 07:33
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://r20.rs6.net/tn.jsp?f=001KyiOQr5NG80Fzn57jM4Ke_HWp6AkxxFaq-QZHr0SB5kGY03_32hvdgVHe-sYdWzsHex71tyd33ZG72ha7b-aLedwopqEjRTpjOeD13CN380CoGPZ3Y2vpDaiht80Y1jEVCId2gvuzBCBUuA_teqHGA==&c=&ch=&__=/asdf/amVubmlmZXIuZmFnZW5zb25AaW9uZ3JvdXAuY29t
Resource
win10v2004-20230915-en
General
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133421744458439635" chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 4792 chrome.exe 4792 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs
pid Process 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe Token: SeShutdownPrivilege 4792 chrome.exe Token: SeCreatePagefilePrivilege 4792 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe 4792 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4792 wrote to memory of 2832 4792 chrome.exe 41 PID 4792 wrote to memory of 2832 4792 chrome.exe 41 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 3400 4792 chrome.exe 84 PID 4792 wrote to memory of 2952 4792 chrome.exe 85 PID 4792 wrote to memory of 2952 4792 chrome.exe 85 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86 PID 4792 wrote to memory of 3452 4792 chrome.exe 86
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://r20.rs6.net/tn.jsp?f=001KyiOQr5NG80Fzn57jM4Ke_HWp6AkxxFaq-QZHr0SB5kGY03_32hvdgVHe-sYdWzsHex71tyd33ZG72ha7b-aLedwopqEjRTpjOeD13CN380CoGPZ3Y2vpDaiht80Y1jEVCId2gvuzBCBUuA_teqHGA==&c=&ch=&__=/asdf/amVubmlmZXIuZmFnZW5zb25AaW9uZ3JvdXAuY29t1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4792 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9e9b9758,0x7ffa9e9b9768,0x7ffa9e9b97782⤵PID:2832
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:22⤵PID:3400
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:82⤵PID:2952
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:82⤵PID:3452
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:232
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:652
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4688 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:3876
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4944 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:4704
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5112 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:2040
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5272 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:1512
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5584 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:82⤵PID:4648
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:82⤵PID:2732
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5820 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:3396
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4664 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:4956
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5876 --field-trial-handle=1872,i,9236442981111049879,9730652208314734418,131072 /prefetch:12⤵PID:2944
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:1440
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
240B
MD52c126110589145d8d5157fd543e2fe95
SHA18512b1ccf19b78efd401ff8c291abac1ab1f658b
SHA256e590862706ed189cfaf87d3faa555aa3b399cfe41f1ab1768a31651f7fc3526a
SHA5122a089f8a3ffa19c30e6370a6ce4a0ae511a7d66364d4b0b5c9bc8f10ae25b47e17def19d44a2bedd0542c364bf1ee21e8595b6f8e68dc534b7d5603e0e98d49a
-
Filesize
2KB
MD57933d2f767c5b6c86f61c549d7f51893
SHA18a85e9818db97af9cc27cea134c38e1c416fe02d
SHA256a036c9afa3e2b1fbd4bb8996fd653f9ea09f343405d4e99f2085f48d00612455
SHA5129154679ed8f4edb5bf96c043fa91d6535cefa0cf0dd0d9ff1c9d14106013fe5727cdca4d0c35614ad3551aeec2ac1cb87f8b0dae0b524e3856394929c6c17e8f
-
Filesize
1KB
MD5a0f52b98fccfedc65d5e83d6eef021f3
SHA1c419870a6ca6f8a28075622077e3674e0d01fc1e
SHA25646910ca1ac25cbd67b94a5c97b914b751494f3818f9e637a95478dd225962362
SHA512983b8cca8c806db131492860efa8698a567bdf6d3bfff7b233e191b22dd38daddd43c92088add9a3c864f995c1932eb9a897bf7cdf203fc01e5710c5c4a35eeb
-
Filesize
7KB
MD5eedbe20e225f47fb51589afb27100bfc
SHA16a222d565062b22052165fe783f702cb416b6838
SHA25600e6a112af3b0e6d2918b2ec979d2745c81bec75454f95227b7a71dace661258
SHA512d6565fc5668ff80729ccb0fecb32fadab831219755c4d5d965d65ec4e6c10e0fa9dbccb5655b936a7f0041713e30a8e320b93406a8b9e90adda55c33b8a0b27b
-
Filesize
6KB
MD55aa82e538b102765ddf217a23e6091b8
SHA15529d7fa0bd1d29b3ddb2c2e1fe01acd2e772ee5
SHA2566b6fee9d2107ae99c5103cb22eb08faee500afb94d70999ae0dc2c61162a093d
SHA512de1dc8b470427d6133741ef0bc10dfc547c7f30659f35eada9a3b8e46f292e00fa71ce70e97a8be05b157186b6ec598d31fc3c45c50e7d09e014c19e95432bee
-
Filesize
101KB
MD50c4b0f6e6da89400762445ed1c603410
SHA191a62eb89fa8893ca5479e6be9ae1d309973002d
SHA256322202d0f7739d1c8b8e847c5bb93b45f22f4f42d1abd7a603bfacaa416de559
SHA5125eadb62602577af932864d6edbfe757f575ff289986a939c6c277794dd19006c23fa55a1953bdacc2e7fba517fcee9cd0586cf2411233746270ff416255fb549
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd