Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
1Private Se...ch.eml
windows11-21h2-x64
3attachment-10
windows11-21h2-x64
1attachment-11
windows11-21h2-x64
1attachment-12
windows11-21h2-x64
1attachment-13
windows11-21h2-x64
1attachment-14
windows11-21h2-x64
1attachment-15
windows11-21h2-x64
1attachment-16
windows11-21h2-x64
1attachment-17
windows11-21h2-x64
1attachment-18
windows11-21h2-x64
1attachment-19
windows11-21h2-x64
1attachment-2
windows11-21h2-x64
1attachment-3
windows11-21h2-x64
1attachment-4
windows11-21h2-x64
1attachment-5
windows11-21h2-x64
1attachment-6
windows11-21h2-x64
1attachment-7
windows11-21h2-x64
1attachment-8
windows11-21h2-x64
1attachment-9
windows11-21h2-x64
1email-html-1.html
windows11-21h2-x64
1Analysis
-
max time kernel
299s -
max time network
292s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system -
submitted
29/03/2024, 17:10
Static task
static1
Behavioral task
behavioral1
Sample
Private Search Engine - Brave Search.eml
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral2
Sample
attachment-10
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral3
Sample
attachment-11
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral4
Sample
attachment-12
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral5
Sample
attachment-13
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral6
Sample
attachment-14
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral7
Sample
attachment-15
Resource
win11-20240214-en
windows11-21h2-x64
Behavioral task
behavioral8
Sample
attachment-16
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral9
Sample
attachment-17
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral10
Sample
attachment-18
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral11
Sample
attachment-19
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral12
Sample
attachment-2
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral13
Sample
attachment-3
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral14
Sample
attachment-4
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral15
Sample
attachment-5
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral16
Sample
attachment-6
Resource
win11-20240319-en
windows11-21h2-x64
Behavioral task
behavioral17
Sample
attachment-7
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral18
Sample
attachment-8
Resource
win11-20240221-en
windows11-21h2-x64
Behavioral task
behavioral19
Sample
attachment-9
Resource
win11-20240214-en
windows11-21h2-x64
Behavioral task
behavioral20
Sample
email-html-1.html
Resource
win11-20240221-en
windows11-21h2-x64
General
-
Target
email-html-1.html
-
Size
18KB
-
MD5
f7e0bb81663b79c4955754ecf043f5b3
-
SHA1
71030cac91fbefaf11006fbedeb1407dec143cba
-
SHA256
9ca1223c5a3b76038981d79bea6df1ca22502d0ee3144fe842ff7dab4a8d2f7b
-
SHA512
825520c2bd55c63fb6fe41b00163e111af7503c380d8718ff2b894d15e0779ab46a3afc79979c7fcefcfa92e33f19d83fc5c91dad0880119f5a4d86904051061
-
SSDEEP
384:HvUgMglgighgMgWgZ7gGgdgZgsgXgogWgggNgRg3g2gRgqgdgWgQgFg3gGgsgwgD:HvUgMglgighgMgWg5gGgdgZgsgXgogWf
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133562058559683234" chrome.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 3284 chrome.exe 3284 chrome.exe 1892 chrome.exe 1892 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 3284 chrome.exe 3284 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe Token: SeShutdownPrivilege 3284 chrome.exe Token: SeCreatePagefilePrivilege 3284 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe -
Suspicious use of SendNotifyMessage 12 IoCs
pid Process 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe 3284 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3284 wrote to memory of 3120 3284 chrome.exe 76 PID 3284 wrote to memory of 3120 3284 chrome.exe 76 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 2980 3284 chrome.exe 78 PID 3284 wrote to memory of 4940 3284 chrome.exe 79 PID 3284 wrote to memory of 4940 3284 chrome.exe 79 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80 PID 3284 wrote to memory of 5084 3284 chrome.exe 80
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\email-html-1.html1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3284 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff19619758,0x7fff19619768,0x7fff196197782⤵PID:3120
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1672 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:22⤵PID:2980
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1980 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:82⤵PID:4940
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:82⤵PID:5084
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2816 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:12⤵PID:3452
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2824 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:12⤵PID:3684
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4556 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:82⤵PID:4932
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4848 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:82⤵PID:1168
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2948 --field-trial-handle=1824,i,13199008201745803394,7641680666060217197,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:1892
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:3944
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD555540a230bdab55187a841cfe1aa1545
SHA1363e4734f757bdeb89868efe94907774a327695e
SHA256d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
Filesize230B
MD54acde257fae53cd886ef98b9accf78d4
SHA1f533f76339dcf6cd7b2407d95f5ee4e90098db85
SHA2566eb87a304b4bee7cc6b8095a2310e55d0a21f91db74f29cb5a8a22f209000c16
SHA512a21bd46ba434063795b0dd71caba9c10c9643643d6bc3c5609a8c54d693b87e07f9b21192b1f99bd2f54a2c79c6abf36700486ebb580b03827912070178a6728
-
Filesize
904B
MD571b51803cd0e9dc322a4704406aa44a6
SHA1edb386021645cf447bc691d0d70d2127563c73e1
SHA2564cbcb3055ae650f13be7b37c8fdccd7c98499ecd563de685a42bd4fd24fa29a3
SHA5120ded69a326b4479eb5fc84636249fc87bd5486be9e7e2903452ff192575d3886f0e427bab79240dbf596a279b0ea2dae04287564517e70eecd6c9fbf4e718b43
-
Filesize
6KB
MD56a93a63905fd572c98729270e5517610
SHA10c93444a2a39f77c20bfc3857a3de95419be415f
SHA2569c1462e72047e644121915ff4c76bc5a82c9759e0dfb3764141b5d792bda61a6
SHA5129721279857cc35e8fd002003e4a4f95b48a07e62987ba5d1b8bceb91cb14259f2a64a9ed5472002eec856ca6a7b68ad60d899b424239c13dc0f2f70035553fee
-
Filesize
6KB
MD5833055e3c975a3b293b6af81a3e5a936
SHA16c8f5651124e2131c2ee7e17925f7582a07eb075
SHA256f63a0e218cbbd0474e882728cd550106a324f247ef5ee90e04e1754905a2c1bc
SHA512a5cc2b08637e7d3fa46cf228f10cbb92a0dce01f4b1af21780de931618d65e2953e8b7f106d93306d19ab2f776df9ee8b026a0f980632a022a50f2eef28a8680
-
Filesize
130KB
MD55b1a281d9697581ec769fb0ad68fc1ef
SHA1dd5533f6f1c385145b4add7927633a45675eb84c
SHA2565bc046939b2d10d38694f4cb7078ae3d7c372e2d2a06d3db35f4352730a9fb5f
SHA512938f35a953e9ca4f4a1660abe04733c0bad31feac14675ff8f60932635ab8ae2121d778f7adbbef4efb6cb73e22b7933a0b02eab710de953346b45c8aff9d7d4
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd