Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
154s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
-
submitted
09/04/2024, 14:05
General
-
Target
https://cdn.discordapp.com/attachments/1224057074191958058/1227255792533766235/Peki_old_Soft_Aim_LEAK_BY_killixcic_2024_.zip?ex=6627be06&is=66154906&hm=84fed3a83ec419d4f92f4baa3b76f41eead5fdc335f54e3fd43d735bd0a2207e&
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 3 IoCs
-
Loads dropped DLL 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in Windows directory 36 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks SCSI registry key(s) 3 TTPs 5 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies registry class 32 IoCs
-
NTFS ADS 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 26 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of FindShellTrayWindow 64 IoCs
-
Suspicious use of SendNotifyMessage 16 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
-
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.discordapp.com/attachments/1224057074191958058/1227255792533766235/Peki_old_Soft_Aim_LEAK_BY_killixcic_2024_.zip?ex=6627be06&is=66154906&hm=84fed3a83ec419d4f92f4baa3b76f41eead5fdc335f54e3fd43d735bd0a2207e&1⤵
- Enumerates system info in registry
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffde6643cb8,0x7ffde6643cc8,0x7ffde6643cd82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2504 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5072 /prefetch:82⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2580 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6040 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2580 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5420 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4400 /prefetch:82⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5448 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4580 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6080 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1584 /prefetch:82⤵
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Users\Admin\Downloads\python-3.12.2-amd64.exe"C:\Users\Admin\Downloads\python-3.12.2-amd64.exe"2⤵
- Executes dropped EXE
-
C:\Windows\Temp\{DCB90424-50E9-447A-BC27-0BD463398F5C}\.cr\python-3.12.2-amd64.exe"C:\Windows\Temp\{DCB90424-50E9-447A-BC27-0BD463398F5C}\.cr\python-3.12.2-amd64.exe" -burn.clean.room="C:\Users\Admin\Downloads\python-3.12.2-amd64.exe" -burn.filehandle.attached=760 -burn.filehandle.self=7643⤵
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\Temp\{A57268FE-F751-40FA-9C2B-0C3944DAFE5B}\.be\python-3.12.2-amd64.exe"C:\Windows\Temp\{A57268FE-F751-40FA-9C2B-0C3944DAFE5B}\.be\python-3.12.2-amd64.exe" -q -burn.elevated BurnPipe.{BB599317-978D-4645-BA1C-72AECF911A0E} {F575B512-1794-4C21-8D26-DF18D93DDF9A} 24084⤵
- Executes dropped EXE
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1308 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6988 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6924 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,13922589006177240591,117571022332391299,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\Temp1_Peki_old_Soft_Aim_LEAK_BY_killixcic_2024_.zip\Peki old Soft Aim LEAK BY killixcic 2024 !!!\Setup.bat" "1⤵
-
C:\Users\Admin\Downloads\Peki_old_Soft_Aim_LEAK_BY_killixcic_2024_\Peki old Soft Aim LEAK BY killixcic 2024 !!!\Peki-Soft-Aim.exe"C:\Users\Admin\Downloads\Peki_old_Soft_Aim_LEAK_BY_killixcic_2024_\Peki old Soft Aim LEAK BY killixcic 2024 !!!\Peki-Soft-Aim.exe"1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Peki_old_Soft_Aim_LEAK_BY_killixcic_2024_\Peki old Soft Aim LEAK BY killixcic 2024 !!!\Setup.bat" "1⤵
-
C:\Windows\system32\vssvc.exeC:\Windows\system32\vssvc.exe1⤵
- Checks SCSI registry key(s)
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\srtasks.exeC:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:21⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\msiexec.exeC:\Windows\system32\msiexec.exe /V1⤵
- Enumerates connected drives
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
MD5649e28b4ad0cdadacdacf0bfc1bfb74d
SHA1eb8c3f6938b5273eb150e9c20300e77d8764c145
SHA256a3532cda59d3572f33d3832bd8d4a1ad21da697dcc1118606159cca928a7748f
SHA5129fb9f629997734f23d608a2f4740fd2bf7cf182149fcaa9fbd15a58c711b6cff935d8788acf1a96394ab34c7e433f2c647becb924b1156ca6e1fac9d06379a7b
-
Filesize
12KB
MD5b0c720b0572c82b66f918a98d6ed04d5
SHA14284c08ad820da0ca0ce1165d75edfafec98b990
SHA25622cc680553c94062eaaf7fbee283f198251053fadc48597da75b1973c1470368
SHA512dcd5fd8db0349065dbfd6b91df9687da4aa746d15f932be1d39b7867eb6f77754da6f92858908af1db6cd310679ef41dfbd4f16f6b64148d8aaddfd78eb7b124
-
Filesize
50KB
MD55dce514ed9a7b436a66eea58c3523750
SHA175b0130c609d4657d77b301d27d9f46747c27676
SHA256a15461ab4f3088de3c48681602a586cdc94ba5c459654a1ea3acde481fe75cc0
SHA51269db17d99a0cbf2fb0e432d44b94467686c75592e61b639b9bd49b9f4a5638ef4ebb1daaaefbf8257b819f3885d230cf8544e7530086beffd0dca982f23a6cd9
-
Filesize
471B
MD500b7674074be6c2eb3b9a2f4bae84b2c
SHA1312797177d3417a1b905e269bc7b9f92e8518976
SHA25698b3c3511bca0472d8935b45e3f7c998411002c1a4179e0b08dcfe9628ff8b79
SHA512fc0b7a7916c470db287ddd8b42b93f132284b44d0afa1476f9771ba00c683b4641d643845cc33c45064492194c59231dd2d45e892e589e5bbfa04f4e3c110584
-
Filesize
727B
MD51385f01fe1549503ef6a138d120e1d4a
SHA1d266429e67f9cbe666a8923e568951df736e4f13
SHA256585c99606f30e3920de6b1e53ab94e97ce13ff923bc7f358526b6bc2a4c56b4f
SHA51249917f528aeff2cc49c7326e1c8c3f0d7e4840e850c4268253ca95c0f717fa53fe8f7aca154f0ce2078652b145e7480463a155f05462e17953aca68d1fa4c626
-
Filesize
727B
MD51337d0647fb4821aeeac9a860e993d0c
SHA18cb3398c89bf78dd007afd85c842998cea2f643e
SHA256a5ad431765318006538d0dfd0de7af76041e6e70b84cdb0830a0211e7e37daad
SHA512900f91ce3430ae1c09f4252908f3a128c7456f6c2c920c54bcb6e2eeaffc788892b2c70722d851fb082df4f0519568bf13d1c45f0dc8e8e1a21a347e510d5573
-
Filesize
400B
MD5b6b7b3ccecbc5619a250de111317264d
SHA13c1427e595c6bfed92bd298023aa5663a70a5a90
SHA256bc74366d60451ac4693d7573b7e16ae9ce9ffbca5ba7a38de53714e3a3fac41e
SHA512ee1e76d22a424985098d680f9b1bc6ab9a4e1b7bfebed9e0551d1e97b5214b7dbea229a19a841a2dad7574d92de7e7aa943a0fd48c247924ce4b0008bbd6d359
-
Filesize
404B
MD509a18b0f227581abf86bd432e76af1b7
SHA11224bee88da6b6cb15d2f0579740234f08ec071b
SHA256f70668119eb45fd0d6cd6f5f5a8ada4ec81dc53444c9d67f70e75866aa0b625f
SHA5121bbeff7b3ab930775abb7f2d04e190fa2c80bcc76b9cd7b188bde373ae268d4921a9d40a81b1eee3cbe6213e18f6d1656d7529ef0f3d99eae00306c2ecd48f67
-
Filesize
412B
MD5aa0695faa90948964438423f4b9be5b7
SHA1a624e9df0cf8fcceb50ca8a23675c4e57c1bd3a7
SHA25626334fb8132fb69de7c35b9d3e596f3c93ef3471f8683bd5fc988b3c57b150f2
SHA51226b734ca82b88060682a644eea324d7246cadc2d1f779dcae7040576777d71d99222143ca5438e6e0fedfdcec6181fb17b0b33e940fa90d4513e9f9c289fb2cf
-
Filesize
152B
MD512b71c4e45a845b5f29a54abb695e302
SHA18699ca2c717839c385f13fb26d111e57a9e61d6f
SHA256c353020621fa6cea80eaa45215934d5f44f181ffa1a673cdb7880f20a4e898e0
SHA51209f0d1a739102816c5a29106343d3b5bb54a31d67ddbfcfa21306b1a6d87eaa35a9a2f0358e56cc0f78be15eeb481a7cc2038ce54d552b9b791e7bee78145241
-
Filesize
152B
MD5ce319bd3ed3c89069337a6292042bbe0
SHA17e058bce90e1940293044abffe993adf67d8d888
SHA25634070e3eea41c0e180cb5541de76cea15ef6f9e5c641e922d82a2d97bdce3aa3
SHA512d42f7fc32a337ecd3a24bcbf6cd6155852646cae5fb499003356f713b791881fc2e46825c4ff61d09db2289f25c0992c10d6fadb560a9bea33284bd5acc449f7
-
Filesize
69KB
MD5aac57f6f587f163486628b8860aa3637
SHA1b1b51e14672caae2361f0e2c54b72d1107cfce54
SHA2560cda72f2d9b6f196897f58d5de1fe1b43424ce55701eac625e591a0fd4ce7486
SHA5120622796aab85764434e30cbe78b4e80e129443744dd13bc376f7a124ed04863c86bb1dcd5222bb1814f6599accbd45c9ee2b983da6c461b68670ae59141a6c1a
-
Filesize
65KB
MD556d57bc655526551f217536f19195495
SHA128b430886d1220855a805d78dc5d6414aeee6995
SHA256f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA5127814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb
-
Filesize
19KB
MD52e86a72f4e82614cd4842950d2e0a716
SHA1d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA5127a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1
-
Filesize
35KB
MD5a00ec059636b31e933d573d9eccc88f9
SHA11a1636ea664ca6c86b451c81889e2106d972c446
SHA256afd50b4a126fac0143d8caf48ccd61055fb2379f20bae384ced7b768746c5de5
SHA512735266cb5ff182a88dfd27b8fbec7e3e14fc90cbb48512d60679388d2e6313291bc5d0947b4f9b58a173c055ec5afc704400df4ef029b0a5034edcd419d23c10
-
Filesize
64KB
MD5d6b36c7d4b06f140f860ddc91a4c659c
SHA1ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA25634013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA5122a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487
-
Filesize
88KB
MD5b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1386ba241790252df01a6a028b3238de2f995a559
SHA256b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16
-
Filesize
1.1MB
MD5b36bf0bc042f10f9061a6f5e555b2dca
SHA176a0b3e1af74adbd78d75d93bc7bf38d4caae779
SHA256db2243add96c4820c823ce724ea39b818179f8b3bd35d5f30830300640a5df5a
SHA512742be95e1469fcf9dd4d3c3a68b9be6c90186f05f04bdc61b9bec4bf20469b1cbe2ca7a2909f661f64ee385837ee31789b98cd6a78fd3f3a1d169ab5d20fb1c3
-
Filesize
2KB
MD5eec89d1e29f981c8e474bfb6c3794004
SHA143a55d1069017b73d962ba0c7917fda68038e565
SHA256ce1e0bcfd0df065be5702a740de776bac07577b56a4470e292ad50c1fcfdc7c8
SHA5122219b05ab19e4e22af295e842d42e800ce7c1ad7a26830dae4f7107128b2177a93b264b60c5d32647702ef17140136cabd5139206390bf202a1a3be739ff61d7
-
Filesize
393B
MD5f26039273ed28d0d7474ee80dd5b37b3
SHA124e61c0e94ba9e4baf4de0de9e14e053b5824c8d
SHA2569d3460188bfde3ef979bc775e8947fcffd0e784896b177be9b667814e3e07abd
SHA512c5ba87f913cb51a2b8a9f4f3911c40d9716080615c92c56c4266b34d436dbc8223c01a3893c8e00d2084bf282505140cdb4526579edbe68f222d7ace6fea25da
-
Filesize
1KB
MD56dc03431a5829e7e3be885240ef57ac4
SHA11fcdd7dbf442336bae6bfda4c24678837d3d860b
SHA256d10b5198f7807285b954366834ec86b84c68bb470b7143da891207f5c213d7a6
SHA5122485cf4d26d9dd93ceb6b66c32b9c9dcc6536a4240e69082766e91135ae6bc02645787b13c0f40a11dfd0ece263409e9a677b6a7066b3b2135a07269f8278375
-
Filesize
5KB
MD5ab3659036bc7383b8a0b7dc62f607201
SHA1535d30a3f92b3d77735c29e6c1ea93a1514b4c4b
SHA2560161007d2546c9d23938baad4ef7870aac44aa5b786077741813974390043557
SHA5123f2ae5d9be4751eefe00fff078c565bb42debce05f99d97bbc21168672f12a6c2139fb5ff6dfa6b9f0faf43112c3ac6c23e1757fb61a62bf765b4e392cc6f188
-
Filesize
6KB
MD5661455b307a657dbcd2f536b39e4f694
SHA19122fff0358a48fa8b4649aa982cd533c73d4884
SHA2560bf68f4ef3f6a5446b60e1c6706ed9f78d5dfae3cd58be27d80a888187a062b5
SHA512a9a4a0cfd20abb240002a3f5113a3b4bd6918ebd929b4768913a242f1faea78218d599f77f5b176213bb498cf9e8dbf9fe16dc1723ecb60b1a42a47d43e5074e
-
Filesize
6KB
MD58d9d9400d5dab4d040ec139f76fe650e
SHA1412c7719ef6ce3631c73e076ded5559cfcfd5a8a
SHA2568165325fe9a2372dbfa85a6f2897bbe4bb887af4fc7d05baa1da67564306f96b
SHA512f6d0f13d6388e5fe62b4811ec987c9ca291f75d3ecd34624a9c7d947e2ef99634c0f53094bbc07bffaf481b53c287006b32f40b55b3d2b0c3891449ef29b8528
-
Filesize
5KB
MD55d57da3dbea66eacf8d35e63f6bd6653
SHA199ee283cbe6db34a4f1b3241f2f31c59e3672cd5
SHA256100e931da68fdfc17b61087e7551c5cb6a94e1c8c7866ead3318bf2ee171a2ce
SHA512e802e1a8375a5a9fb3e2bf8e74796529e0df18327bb628db54b15b2f01458d896f7606906e8ffdeffdb09e434f2fa6846f561db71957fdbe72ee6b698456698d
-
Filesize
1KB
MD529bd41a2aa77e03217175f26384fb5c0
SHA1aa5595ea4f3b5576beb0a038f70698acc4a43f85
SHA25658a0803f2a1bec7c6593a13beba20bbebd79f2143c0b1fc837ca55f955e097d3
SHA5128ba4779b475c8ef2080073055324f4e3829e790a937769ac033ff9b20071e99e6821a57d71ed7269d3b79665518037e78c90ca785ae50ef2870a9f47242d3ed9
-
Filesize
368B
MD5f3d1ceff28aba9910868b482b7d9008b
SHA16ddc24d3d965b914f2d69e36de118cb90de3856b
SHA2564579ef5698fb57176a5e198704d014f045a0916d0ae5a6b0dc1417f416563a75
SHA51237fb3e81f5d17602e9b404451cdd921be571775b2368b7bb9f932d465c35430f63d45126806d310eea52756449301ca272249827fa8c3b09539f2d71dae3ce50
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD529e497b878ed17952650d9958905998c
SHA1dac97883cefa6787ca84ef3ab3a3f4300310d9a9
SHA2566f9efaa68f6219e2c0ad5ba3e47945787c72bab0786a01e71bb054a837302ff9
SHA512f83f4d9adda295c405135b33d365a54285ef819e8b3e1d8172f72697b5dd49fdef693dffd4b51ba132c22089a8352d11727212e839184b7d380adfaabad96e7d
-
Filesize
11KB
MD5faef34b6d4b9b4242f06d3066ca0b709
SHA1cc4c0b9d544c40071e28efe8192e2f0b3f3614d1
SHA256d3d48962ca27e02cbe3542e9618558d9ef32e6f4983625ca64987b1b39b1c407
SHA5123127698893756be040d6ca0b1265793e242638bba3b57bf2e8fea51e6201338b1f76d977d2d461ab7c42e23782a24afa822b8c9ebe5901c6f7e162029de6d81c
-
Filesize
11KB
MD556df05ac89591632458f0563941a0163
SHA1f7235e51321df3d065f05a88f1ffed957d99ee72
SHA2566caa9dd50458ef37dd135868df0c835c40a64cc345fcf83ec43cf63888261a25
SHA51227cc0458788f621fc052e4bca56af896c8417bf2485e364395703885dc333291c05e107aeead5ef2a8f4536cb9dcaeb7d7e30639b27b772a6f2eac88b7e16415
-
Filesize
11KB
MD592d2fec1b3931384a7edc8432ce357c2
SHA12b43f111dcf65deb543cc6280b6120101e34a69a
SHA256d915506c4369b254187bb6f372a30acfd2a16cf0318018cc5787ff87799a4dcf
SHA512eb3086bd8b6110562fdac8bb8c795fe5235fe0e06867b4b543525e49b3358af2c589476fcced082c5178a36f595e67e3450c28718dd52a2fb483cd6bf10289eb
-
Filesize
5.4MB
MD55fc6e030f31d0aae7b95068bf17a72fc
SHA11daa17c033f29c122c76409dd5636716351bf7a2
SHA25602cc5a3a1d6c54390d68ee97f6c08c2a061a457780e48919c29462ef95a92b09
SHA5120fc29106e0263815ee7418a32d8f52c258d0a1378fc6b5e59b68ccef2fa34e2164f4dc9f4b1ba0232497f95155d9e71b6571dea4e8e446af1faf11d194bb94ec
-
Filesize
7.3MB
MD5edcbe1500d9c8cef819eda7f46f5b103
SHA1402d32a0b9049a7dfc6f106b101832fa4c3624dc
SHA256af7b6e1b27c6ee7a2e40b947fda039ad26827ac12ed4d0ffa80a6576f5b5fb8b
SHA51201ed6f251e0dbaa7e52e6f995b85e22a70fcec8b0eb65e6a1022c4017306775f4298f9e9c90702bf42324491f32ccffdbbc80efdee3ad158515f82d5e4a0aab6
-
Filesize
3.4MB
MD5cedd6738fae24edddfff69b10e4f46dd
SHA197538a7df13e0354a5eaccee7057192d10466a9f
SHA256f0d5c603ff7d87412f5a1e45e8ab7bd95d6f40bb90fd107125964421d7f06233
SHA5120c75c2d1263eeb6ed638d49b1cf3c3004353fff8452ed7288a8853133dc2ad32fe913cc7020b864aaf362b5b29be55e4ec0b38ef978a811c6462552c8cf32e1b
-
Filesize
712KB
MD59245623543644d494cc7ebe9ba4bdf49
SHA1416d483ececc8a6e5ba092d1ae75e7880fa4be36
SHA25691f05b779c2bbeb7a371c2ca24f600d8c21664ad8d2bc464e5565bb90e9405d2
SHA5124946990d92c6dce2da3c9eaf16cfb7e61a8070af11b8ffd67d75e541b6007e4ea459d3b0e27da9d08e39b407fec9ca9da3ea5cad789cad9722f0408d62d02366
-
Filesize
2.0MB
MD51c1df711824f2575637d68f9e79f0467
SHA128de3cc8ad3d32739a4eb9d93106c18f028aaedd
SHA256e747ceb205400dcdd45cbedc372f9c3cacdd158277e4d27ae1b95d223e323918
SHA5127a9d7d1f5823c36504e645562117cd494f8de79b5c0724326b6cbee7add3c617c7ba1a1a69012646840071ccbc29e8b3ed518875cce8466fb7208fd272de87c5
-
Filesize
384KB
MD5f7a21ea8323d54f6348c08e185d4a429
SHA14a969a5aa49728821e5b0064ab20e36f8d1825c5
SHA256633283cfcc5e870c6ce19404267a5e0509625b6b106d0c68e7133557d5c1bcb6
SHA512161b3d0392cc0626f222a9d525f9af8cae3184c6c71d9c6e90749f1c6a71df0bf4a130234a50648c63e56099b72a0647c647b57b7ff05db3161cd5fac2c5bdd7
-
Filesize
3KB
MD5abf1c208e73a1e32f7916839fe3aa23c
SHA18d52bba4a5d9c3769b52c2ce29a6c28ef82f9ea4
SHA256e004609f250603667cb5683911da35e4443d0a536a7077b8134b6a9a2cbd296a
SHA512e396886bbe682305117164d141b90a392340f045998cec2bada44a87a6ecd9a60cc1fdadbc38dad63c0661e33d9f9b84ae532e4587cc90483cc8b38c726e83ea
-
Filesize
1KB
MD50a1d0f243dd9b12f6862619413d3d243
SHA13eed412a7898d9bdcf4da37fc35cc9a201ed4b3e
SHA2562ffbd4d742213d533a7e15fcd43bca2d5d7eb2406dfd5591dc121d06775e1229
SHA5128df25f86e1b3a0cfb6f920e319d011df7e2b5e76967a8ffbc62419b622a43caa00d40d772d0be4811f10607829700795c7b05071795cb53a439750c0795a1911
-
Filesize
1KB
MD5c4302a86578397c079353008b08cb366
SHA1e3b00e63400a5e49938528ba92913f808b132d13
SHA25666257be469783998de3fe079c73d15e389a2440a4176f1902fa9071e7da7d629
SHA512af94470fec77cb41729b2a5c1cd8cbd17aaec3bc63a51f4885f88e41f7c4318e94f273a6eedcaa3457a1f487f660fd76c7e0776c2ad18d7ff2577b422c78f1e5
-
Filesize
1KB
MD5f11092487753409c7fb22d3f4eff0b59
SHA19f08a620409b0dcd26c82811c79dda5bfafb2982
SHA25647f746cc3ef02d56a5ac368d596233409b0f6b7cdb1c35847f630d5e7fac6c0c
SHA51278ca868fa55aeed50ef2c432689da8d7dcb3224c9b2372fa553216b50d1e81f1ceb680bf774baae7a12492961eff8539b8b8feef46cd9d78cf686f72136a826c
-
Filesize
140KB
MD524ea9ae69c9f8481d0fe0e9c776d7e7b
SHA1f045744adab94f417195b71b20521eee3e3a7dbd
SHA2563a2e4c332b11d70a27e1689264c4643b4f20ae12e5b72d820de71e3974c6afce
SHA51203fb75b1191971adc008728475918438215c67628e3a60cc513e7861913de7007524b56d7add875fbd51da3280c4bacdcb53aa0c97f8640fbf65f7887fab87d2
-
Filesize
253B
MD55a11df3a32a35cb77131c490babc3775
SHA13d18deb3e3700c49eba0ea8bf167c12b5611c029
SHA2568041353c8abe72a97f882e1edf36ff03bf593ce771a45d3187fb936a0ad05b61
SHA512a4aba027a69abea0f1356790e1cd4b12a04136b218a7ced19c732735c21f32e695ee522d9f56ad623032b8de1de1fbd6ebff1fa811012b2d14517cdfe8a97e02
-
Filesize
25.4MB
MD544abfae489d87cc005d50a9267b5d58d
SHA1af778548383c17cb154530f1c06344c9cced9272
SHA256b9314802f9efbf0f20a8e2cb4cacc4d5cfb0110dac2818d94e770e1ba5137c65
SHA512e955f0bee350cd8f7e4da6a8e8f02db40e477b7465a77c8ecab46a54338c0a9d8acf3d22d524af2c45c25685df2468970ea1b70b83321c7f8e3fae230f3c7f16
-
Filesize
26B
MD5fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98
-
Filesize
675KB
MD58294dc8850dd596d0ce8455167496832
SHA15c75c685c95bee8c1a39187da8af46b6c7892757
SHA256565f03893da383e5bec8c6eaa7c8fbb3e6db0b9bddd5a1399b0dec66fa44d64d
SHA51221015ca201b64e3316f3d1ee32e4c562d0142111c1ed576f03aa078619fe656c56848b5998313af23aabb97293c5452be0e27d5c44878be5d90ac2d2d2f05851
-
Filesize
50KB
MD5888eb713a0095756252058c9727e088a
SHA1c14f69f2bef6bc3e2162b4dd78e9df702d94cdb4
SHA25679434bd1368f47f08acf6db66638531d386bf15166d78d9bfea4da164c079067
SHA5127c59f4ada242b19c2299b6789a65a1f34565fed78730c22c904db16a9872fe6a07035c6d46a64ee94501fbcd96de586a8a5303ca22f33da357d455c014820ca0
-
Filesize
540KB
MD5787171c1940bc4d251114b07586492e5
SHA1e256a242c1da23ab7cbd5cfa9b70fdd2c65a0233
SHA2566601eff4c1be13cf21106cdd8f041f96e4f1648aa683c73c53dad157ff12676e
SHA5120403d46c69928906f20631041b13aef11f926163e27b16e7e5544c7b85350fa04d796b4e81ff0d7db6a8548af797c2e7879ff480926ec30896c2984e725902d6
-
Filesize
268KB
MD5083842cfa5cb8331820b45599cb883ef
SHA12858179692c35368251f72894a8612db25fecc74
SHA256cfe1f73cd965e2cf1bcb94143fd87b7a6cb0d315977cab1da3002f5029948b98
SHA512e3325c99fc05280dc05d2d458ee942aa406b13b95993d2415817ab3c55752cb66a8d1613514382b092eb55c08c2319b57dd261120db525253398b7a456091229
-
Filesize
858KB
MD5ab21a1bea9e3eaab64a2c062ab613221
SHA1310b1f7921af8edf125eacba71944b6e5356acdf
SHA2561474dbd6a33da8f2f0b50007ba48f0c1ddb3e0e6f8c969722eed1e683a9af68a
SHA512b39b5a24bb7b2d3ead8aed284452c94280398a9e4855f17a8e3593fe718e9b3573e88b15f1dd4659030827e754b17e7f918ba24803e4d522ad9601167fb70df4
